xref: /titanic_41/usr/src/lib/libbsm/common/audit_halt.c (revision cd3e933325e68e23516a196a8fea7f49b1e497c3) 
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved.
23  */
24 
25 #include <sys/types.h>
26 #include <stdio.h>
27 #include <unistd.h>
28 #include <sys/fcntl.h>
29 #include <bsm/audit.h>
30 #include <bsm/audit_record.h>
31 #include <bsm/audit_uevents.h>
32 #include <bsm/libbsm.h>
33 #include <bsm/audit_private.h>
34 #include <stdlib.h>
35 #include <string.h>
36 #include <syslog.h>
37 #include <netinet/in.h>
38 #include <libgen.h>
39 #include <generic.h>
40 
41 #ifdef C2_DEBUG
42 #define	dprintf(x) { (void) printf x; }
43 #else
44 #define	dprintf(x)
45 #endif
46 
47 static int audit_halt_generic(int);
48 
49 /* ARGSUSED */
50 int
51 audit_halt_setup(int argc, char **argv)
52 {
53 	char *cmdname;
54 
55 	dprintf(("audit_halt_setup()\n"));
56 
57 	if (cannot_audit(0)) {
58 		return (0);
59 	}
60 
61 	cmdname = basename(*argv);
62 
63 	aug_init();
64 
65 	if (strcmp(cmdname, "halt") == 0)
66 		aug_save_event(AUE_halt_solaris);
67 	else if (strcmp(cmdname, "poweroff") == 0)
68 		aug_save_event(AUE_poweroff_solaris);
69 	else
70 		exit(1);
71 	(void) aug_save_me();
72 	return (0);
73 }
74 
75 int
76 audit_halt_fail()
77 {
78 	return (audit_halt_generic(-1));
79 }
80 
81 int
82 audit_halt_success()
83 {
84 	int res = 0;
85 
86 	(void) audit_halt_generic(0);
87 
88 	/* wait for audit daemon to put halt message onto audit trail */
89 	if (!cannot_audit(0)) {
90 		int cond = AUC_NOAUDIT;
91 		int canaudit;
92 
93 		(void) sleep(1);
94 
95 		/* find out if audit daemon is running */
96 		(void) auditon(A_GETCOND, (caddr_t)&cond, sizeof (cond));
97 		canaudit = ((cond == AUC_AUDITING) || (cond == AUC_NOSPACE));
98 
99 		/* turn off audit daemon and try to flush audit queue */
100 		if (canaudit && system("/usr/sbin/audit -T"))
101 			res = -1;
102 		else
103 		/* give a chance for syslogd to do the job */
104 			(void) sleep(5);
105 	}
106 
107 	return (res);
108 }
109 
110 int
111 audit_halt_generic(sorf)
112 	int sorf;
113 {
114 	int r;
115 
116 	dprintf(("audit_halt_generic(%d)\n", sorf));
117 
118 	if (cannot_audit(0)) {
119 		return (0);
120 	}
121 
122 	aug_save_sorf(sorf);
123 	r = aug_audit();
124 
125 	return (r);
126 }
127