1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License, Version 1.0 only 6 * (the "License"). You may not use this file except in compliance 7 * with the License. 8 * 9 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10 * or http://www.opensolaris.org/os/licensing. 11 * See the License for the specific language governing permissions 12 * and limitations under the License. 13 * 14 * When distributing Covered Code, include this CDDL HEADER in each 15 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16 * If applicable, add the following below this CDDL HEADER, with the 17 * fields enclosed by brackets "[]" replaced with your own identifying 18 * information: Portions Copyright [yyyy] [name of copyright owner] 19 * 20 * CDDL HEADER END 21 */ 22 /* 23 * Copyright 2003 Sun Microsystems, Inc. All rights reserved. 24 * Use is subject to license terms. 25 */ 26 27 #pragma ident "%Z%%M% %I% %E% SMI" 28 29 #include <sys/types.h> 30 #include <bsm/audit.h> 31 #include <bsm/libbsm.h> 32 #include <bsm/audit_private.h> 33 #include <unistd.h> 34 #include <string.h> 35 #include <bsm/audit_uevents.h> 36 #include <generic.h> 37 38 static int s_audit; /* successful audit event */ 39 static int f_audit; /* failure audit event */ 40 41 static int ad; /* audit descriptor */ 42 43 void 44 audit_allocate_argv(flg, argc, argv) 45 int flg; 46 int argc; 47 char *argv[]; 48 { 49 int i; 50 51 if (cannot_audit(0)) { 52 return; 53 } 54 55 switch (flg) { 56 case 0: 57 s_audit = AUE_allocate_succ; 58 f_audit = AUE_allocate_fail; 59 break; 60 case 1: 61 s_audit = AUE_deallocate_succ; 62 f_audit = AUE_deallocate_fail; 63 break; 64 case 2: 65 s_audit = AUE_listdevice_succ; 66 f_audit = AUE_listdevice_fail; 67 break; 68 } 69 70 ad = au_open(); 71 72 for (i = 0; i < argc; i++) 73 (void) au_write(ad, au_to_text(argv[i])); 74 } 75 76 void 77 audit_allocate_device(path) 78 char *path; 79 { 80 if (cannot_audit(0)) { 81 return; 82 } 83 (void) au_write(ad, au_to_path(path)); 84 } 85 86 int 87 audit_allocate_record(status) 88 char status; /* success failure of operation */ 89 { 90 auditinfo_addr_t mask; /* audit ID */ 91 au_event_t event; /* audit event number */ 92 int policy; /* audit policy */ 93 int ng; /* number of groups in process */ 94 gid_t grplst[NGROUPS_UMAX]; 95 96 #ifdef DEBUG 97 printf(("audit_allocate_record(%d)\n", status)); 98 #endif 99 100 if (cannot_audit(0)) { 101 return (0); 102 } 103 104 if (getaudit_addr(&mask, sizeof (mask)) < 0) { 105 if (!status) 106 return (1); 107 return (0); 108 } 109 110 if (auditon(A_GETPOLICY, (caddr_t)&policy, 0) < 0) { 111 if (!status) 112 return (1); 113 return (0); 114 } 115 116 117 /* determine if we're preselected */ 118 if (status) 119 event = f_audit; 120 else 121 event = s_audit; 122 123 if (au_preselect(event, &mask.ai_mask, AU_PRS_BOTH, AU_PRS_REREAD) 124 == NULL) 125 return (0); 126 127 (void) au_write(ad, au_to_me()); /* add subject token */ 128 129 if (policy & AUDIT_GROUP) { /* add optional group token */ 130 (void) memset(grplst, 0, sizeof (grplst)); 131 if ((ng = getgroups(NGROUPS_UMAX, grplst)) < 0) { 132 (void) au_close(ad, 0, 0); 133 if (!status) 134 return (1); 135 return (0); 136 } 137 (void) au_write(ad, au_to_newgroups(ng, grplst)); 138 } 139 140 if (status) 141 (void) au_write(ad, au_to_exit(status, -1)); 142 else 143 (void) au_write(ad, au_to_exit(0, 0)); 144 145 /* write audit record */ 146 if (au_close(ad, 1, event) < 0) { 147 (void) au_close(ad, 0, 0); 148 if (!status) 149 return (1); 150 } 151 152 return (0); 153 } 154 155 void 156 audit_allocate_list(list) 157 char *list; 158 { 159 char buf[1024]; 160 char *file; 161 char *last; 162 163 if (cannot_audit(0)) { 164 return; 165 } 166 167 (void) strcpy(buf, list); 168 169 for (file = strtok_r(buf, " ", &last); file; 170 file = strtok_r(NULL, " ", &last)) 171 (void) au_write(ad, au_to_path(file)); 172 } 173