xref: /titanic_44/usr/src/lib/libbsm/common/adt.h (revision 0a44ef6d9afbfe052a7e975f55ea0d2954b62a82)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * adt.h
23  *
24  * Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
25  * Use is subject to license terms.
26  *
27  * This is a contract private interface and is subject to change
28  */
29 
30 #ifndef _ADT_H
31 #define	_ADT_H
32 
33 #pragma ident	"%Z%%M%	%I%	%E% SMI"
34 
35 #include <bsm/audit.h>
36 #include <bsm/libbsm.h>
37 #include <bsm/audit_record.h>
38 #include <bsm/audit_uevents.h>
39 #include <door.h>
40 
41 #ifdef	__cplusplus
42 extern "C" {
43 #endif
44 
45 #define	ADT_STRING_MAX	511		/* max non-null characters */
46 #define	ADT_NO_ATTRIB	(uid_t)-1	/* unattributed user */
47 #define	ADT_NO_CHANGE	(uid_t)-2	/* no update for this parameter */
48 #define	ADT_NO_AUDIT	(uid_t)-3	/* unaudited user */
49 
50 /*
51  * terminal id types
52  */
53 #define	ADT_IPv4	0
54 #define	ADT_IPv6	1
55 
56 /*
57  * for adt_set_user(): ADT_NEW if creating a session for a newly
58  * authenticated user -- login -- and ADT_UPDATE if an authenticated
59  * user is changing uid/gid -- e.g., su.  ADT_USER changes only the
60  * ruid / euid / rgid / egid values and is appropriate for login-like
61  * operations where PAM has already set the audit context in the cred.
62  * ADT_SETTID is for the special case where it is necessary to store
63  * the terminal id in the credential before forking to the login or
64  * login-like process.
65  */
66 enum adt_user_context {ADT_NEW, ADT_UPDATE, ADT_USER, ADT_SETTID};
67 
68 typedef ulong_t			adt_session_flags_t;
69 typedef struct adt_session_data	adt_session_data_t;
70 typedef struct adt_export_data	adt_export_data_t;
71 typedef union adt_event_data	adt_event_data_t;
72 typedef struct adt_termid	adt_termid_t;
73 
74 /*
75  * flag defs for the flags argument of adt_start_session()
76  */
77 
78 #define	ADT_BUFFER_RECORDS	0x2	/* server buffering */
79 #define	ADT_USE_PROC_DATA	0x1	/* copy audit char's from proc */
80 	/* | all of above = ADT_FLAGS_ALL  */
81 #define	ADT_FLAGS_ALL		ADT_BUFFER_RECORDS | \
82     ADT_USE_PROC_DATA
83 
84 /*
85  * Functions
86  */
87 
88 extern	int	adt_start_session(adt_session_data_t **,
89 		    const adt_export_data_t *,
90 		    adt_session_flags_t);
91 extern	int	adt_end_session(adt_session_data_t *);
92 extern	int	adt_dup_session(const adt_session_data_t *,
93     adt_session_data_t **);
94 
95 extern	int	adt_set_proc(const adt_session_data_t *);
96 extern	int	adt_set_user(const adt_session_data_t *, uid_t, gid_t,
97 		    uid_t, gid_t, const adt_termid_t *,
98 		    enum adt_user_context);
99 extern	int	adt_set_from_ucred(const adt_session_data_t *,
100 		    const ucred_t *,
101 		    enum adt_user_context);
102 
103 extern	size_t	adt_get_session_id(const adt_session_data_t *, char **);
104 
105 extern	size_t	adt_export_session_data(const adt_session_data_t *,
106 		    adt_export_data_t **);
107 extern	size_t	adt_import_proc(pid_t pid,
108 		    uid_t euid,
109 		    gid_t egid,
110 		    uid_t ruid,
111 		    gid_t rgid,
112 		    adt_export_data_t **external);
113 
114 extern	adt_event_data_t
115 		*adt_alloc_event(const adt_session_data_t *, au_event_t);
116 
117 extern	int	adt_put_event(const adt_event_data_t *, int, int);
118 extern	void	adt_free_event(adt_event_data_t *);
119 
120 extern	int	adt_load_termid(int, adt_termid_t **);
121 extern	int	adt_load_hostname(const char *, adt_termid_t **);
122 extern	int	adt_load_ttyname(const char *, adt_termid_t **);
123 
124 extern	boolean_t	adt_audit_enabled(void);
125 
126 #ifdef	__cplusplus
127 }
128 #endif
129 
130 #endif	/* _ADT_H */
131