xref: /titanic_41/usr/src/cmd/acctadm/utils.c (revision fcf3ce441efd61da9bb2884968af01cb7c1452cc) 
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  */
25 
26 #pragma ident	"%Z%%M%	%I%	%E% SMI"
27 
28 #include <assert.h>
29 #include <sys/types.h>
30 #include <sys/acctctl.h>
31 #include <sys/param.h>
32 #include <sys/stat.h>
33 #include <libintl.h>
34 #include <string.h>
35 #include <stdlib.h>
36 #include <stdarg.h>
37 #include <stdio.h>
38 #include <strings.h>
39 #include <unistd.h>
40 #include <errno.h>
41 #include <exacct.h>
42 #include <fcntl.h>
43 #include <priv.h>
44 
45 #include "utils.h"
46 
47 static char PNAME_FMT[] = "%s: ";
48 static char ERRNO_FMT[] = ": %s\n";
49 
50 static char *pname;
51 
52 /*PRINTFLIKE1*/
53 void
54 warn(const char *format, ...)
55 {
56 	int err = errno;
57 	va_list alist;
58 	if (pname != NULL)
59 		(void) fprintf(stderr, gettext(PNAME_FMT), pname);
60 	va_start(alist, format);
61 	(void) vfprintf(stderr, format, alist);
62 	va_end(alist);
63 	if (strchr(format, '\n') == NULL)
64 		(void) fprintf(stderr, gettext(ERRNO_FMT), strerror(err));
65 }
66 
67 /*PRINTFLIKE1*/
68 void
69 die(char *format, ...)
70 {
71 	int err = errno;
72 	va_list alist;
73 
74 	if (pname != NULL)
75 		(void) fprintf(stderr, gettext(PNAME_FMT), pname);
76 	va_start(alist, format);
77 	(void) vfprintf(stderr, format, alist);
78 	va_end(alist);
79 	if (strchr(format, '\n') == NULL)
80 		(void) fprintf(stderr, gettext(ERRNO_FMT), strerror(err));
81 	exit(E_ERROR);
82 }
83 
84 char *
85 setprogname(char *arg0)
86 {
87 	char *p = strrchr(arg0, '/');
88 
89 	if (p == NULL)
90 		p = arg0;
91 	else
92 		p++;
93 	pname = p;
94 	return (pname);
95 }
96 
97 /*
98  * Return the localized name of an accounting type.
99  */
100 const char *
101 ac_type_name(int type)
102 {
103 	switch (type) {
104 	case AC_PROC:
105 		return (gettext("process"));
106 	case AC_FLOW:
107 		return (gettext("flow"));
108 	case AC_TASK:
109 		return (gettext("task"));
110 	default:
111 		die(gettext("invalid type %d\n"), type);
112 	}
113 	/* NOTREACHED */
114 	return (NULL);
115 }
116 
117 /*
118  * Open an accounting file.  The filename specified must be an absolute
119  * pathname and the existing contents of the file (if any) must be of the
120  * requested type.  Needs euid 0 to open the root-owned accounting file.
121  * file_dac_write is required to create a new file in a directory not owned
122  * by root (/var/adm/exacct is owned by 'adm').  Assumes sys_acct privilege is
123  * already asserted by caller.
124  */
125 int
126 open_exacct_file(const char *file, int type)
127 {
128 	int rc;
129 	int err;
130 
131 	if (file[0] != '/') {
132 		warn(gettext("%s is not an absolute pathname\n"), file);
133 		return (-1);
134 	}
135 	if (!verify_exacct_file(file, type)) {
136 		warn(gettext("%s is not a %s accounting file\n"), file,
137 		    ac_type_name(type));
138 		return (-1);
139 	}
140 	if (seteuid(0) == -1 || setegid(0) == -1) {
141 		warn(gettext("seteuid()/setegid() failed"));
142 		return (-1);
143 	}
144 	assert(priv_ineffect(PRIV_SYS_ACCT));
145 	(void) priv_set(PRIV_ON, PRIV_EFFECTIVE, PRIV_FILE_DAC_WRITE, NULL);
146 	rc = acctctl(type | AC_FILE_SET, (void *) file, strlen(file) + 1);
147 	if (rc == -1 && (err = errno) == EBUSY) {
148 		char name[MAXPATHLEN];
149 		struct stat cur;
150 		struct stat new;
151 
152 		/*
153 		 * The file is already open as an accounting file somewhere.
154 		 * If the file we're trying to open is the same as we have
155 		 * currently open then we're ok.
156 		 */
157 		if (acctctl(type | AC_FILE_GET, name, sizeof (name)) == 0 &&
158 		    stat(file, &new) != -1 && stat(name, &cur) != -1 &&
159 		    new.st_dev == cur.st_dev && new.st_ino == cur.st_ino)
160 			rc = 0;
161 	}
162 
163 	/*
164 	 * euid 0, egid 0 and the file_dac_write privilege are no longer
165 	 * required; give them up permanently.
166 	 */
167 	(void) priv_set(PRIV_OFF, PRIV_PERMITTED, PRIV_FILE_DAC_WRITE, NULL);
168 	if (setreuid(getuid(), getuid()) == -1 ||
169 	    setregid(getgid(), getgid()) == -1)
170 		die(gettext("setreuid()/setregid() failed"));
171 	if (rc == 0)
172 		return (0);
173 
174 	warn(gettext("cannot open %s accounting file %s: %s\n"),
175 	    ac_type_name(type), file, strerror(err));
176 	return (-1);
177 }
178 
179 /*
180  * Verify that the file contents (if any) are extended accounting records
181  * of the desired type.
182  */
183 boolean_t
184 verify_exacct_file(const char *file, int type)
185 {
186 	ea_file_t ef;
187 	ea_object_t eo;
188 	struct stat st;
189 	int err;
190 
191 	if (stat(file, &st) != -1 && st.st_size != 0) {
192 		if (seteuid(0) == -1)
193 			return (B_FALSE);
194 		err = ea_open(&ef, file, "SunOS", EO_TAIL, O_RDONLY, 0);
195 		if (seteuid(getuid()) == 1)
196 			die(gettext("seteuid() failed"));
197 		if (err == -1)
198 			return (B_FALSE);
199 
200 		bzero(&eo, sizeof (eo));
201 		if (ea_previous_object(&ef, &eo) == EO_ERROR) {
202 			/*
203 			 * EXR_EOF indicates there are no non-header objects
204 			 * in the file.  It can't be determined that this
205 			 * file is or is not the proper type of extended
206 			 * accounting file, which isn't necessarily an error.
207 			 * Since it is a proper (albeit empty) extended
208 			 * accounting file, it matches any desired type.
209 			 *
210 			 * if ea_previous_object() failed for any other reason
211 			 * than EXR_EOF, the file must be corrupt.
212 			 */
213 			if (ea_error() != EXR_EOF) {
214 				(void) ea_close(&ef);
215 				return (B_FALSE);
216 			}
217 		} else {
218 			/*
219 			 * A non-header object exists.  Insist that it be
220 			 * either a process, task, or flow accounting record,
221 			 * the same type as is desired.
222 			 */
223 			uint_t c = eo.eo_catalog & EXD_DATA_MASK;
224 
225 			if (eo.eo_type != EO_GROUP ||
226 			    (eo.eo_catalog & EXC_CATALOG_MASK) != EXC_NONE ||
227 			    (!(c == EXD_GROUP_PROC && type == AC_PROC ||
228 			    c == EXD_GROUP_TASK && type == AC_TASK ||
229 			    c == EXD_GROUP_FLOW && type == AC_FLOW))) {
230 				(void) ea_close(&ef);
231 				return (B_FALSE);
232 			}
233 		}
234 		(void) ea_close(&ef);
235 	}
236 	return (B_TRUE);
237 }
238