xref: /titanic_44/usr/src/lib/libbsm/common/libbsm.h (revision 1ae0874509b6811fdde1dfd46f0d93fd09867a3f) 
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License, Version 1.0 only
6  * (the "License").  You may not use this file except in compliance
7  * with the License.
8  *
9  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10  * or http://www.opensolaris.org/os/licensing.
11  * See the License for the specific language governing permissions
12  * and limitations under the License.
13  *
14  * When distributing Covered Code, include this CDDL HEADER in each
15  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16  * If applicable, add the following below this CDDL HEADER, with the
17  * fields enclosed by brackets "[]" replaced with your own identifying
18  * information: Portions Copyright [yyyy] [name of copyright owner]
19  *
20  * CDDL HEADER END
21  */
22 /*
23  * Copyright 2004 Sun Microsystems, Inc.  All rights reserved.
24  * Use is subject to license terms.
25  */
26 
27 #ifndef _BSM_LIBBSM_H
28 #define	_BSM_LIBBSM_H
29 
30 #pragma ident	"%Z%%M%	%I%	%E% SMI"
31 
32 #include <secdb.h>
33 #include <stdio.h>
34 #include <errno.h>
35 #include <sys/types.h>
36 #include <bsm/audit.h>
37 #include <bsm/audit_record.h>
38 
39 #ifdef	__cplusplus
40 extern "C" {
41 #endif
42 
43 #ifndef TEXT_DOMAIN
44 #define	TEXT_DOMAIN	"SUNW_OST_OSLIB"
45 #endif
46 
47 extern const char *bsm_dom;
48 
49 /*
50  * For audit_event(5)
51  */
52 struct au_event_ent {
53 	au_event_t ae_number;
54 	char	*ae_name;
55 	char	*ae_desc;
56 	au_class_t ae_class;
57 };
58 typedef struct au_event_ent au_event_ent_t;
59 
60 /*
61  * For audit_class(5)
62  */
63 struct au_class_ent {
64 	char	*ac_name;
65 	au_class_t ac_class;
66 	char	*ac_desc;
67 };
68 typedef struct au_class_ent au_class_ent_t;
69 
70 /*
71  * For audit_user(5)
72  */
73 struct au_user_ent {
74 	char	*au_name;
75 	au_mask_t au_always;
76 	au_mask_t au_never;
77 };
78 typedef struct au_user_ent au_user_ent_t;
79 
80 /*
81  * Internal representation of audit user in libnsl
82  */
83 typedef struct au_user_str_s {
84 	char	*au_name;
85 	char	*au_always;
86 	char	*au_never;
87 } au_user_str_t;
88 
89 /*
90  * opaque context value for getacval.c
91  */
92 typedef struct au_acinfo au_acinfo_t;
93 
94 /*
95  * adrf's version of adr_t
96  */
97 typedef struct adrf_s {
98 	adr_t	*adrf_adr;
99 	FILE	*adrf_fp;
100 } adrf_t;
101 
102 /*
103  * Functions that manipulate bytes from an audit file
104  */
105 
106 extern void	adr_char(adr_t *, char *, int);
107 extern int	adr_count(adr_t *);
108 extern void	adr_int32(adr_t *, int32_t *, int);
109 extern void	adr_int64(adr_t *, int64_t *, int);
110 extern void	adr_short(adr_t *, short *, int);
111 extern void	adr_start(adr_t *, char *);
112 
113 extern int	adrf_char(adrf_t *, char *, int);
114 extern int	adrf_int32(adrf_t *, int32_t *, int);
115 extern int	adrf_int64(adrf_t *, int64_t *, int);
116 extern int	adrf_short(adrf_t *, short *, int);
117 extern void	adrf_start(adrf_t *, adr_t *, FILE *);
118 extern int	adrf_u_char(adrf_t *, uchar_t *, int);
119 extern int	adrf_u_int32(adrf_t *, uint32_t *, int);
120 extern int	adrf_u_int64(adrf_t *, uint64_t *, int);
121 extern int	adrf_u_short(adrf_t *, ushort_t *, int);
122 
123 /*
124  * Functions that manipulate bytes from an audit character stream.
125  */
126 
127 extern void	adrm_start(adr_t *, char *);
128 extern void	adrm_char(adr_t *, char *, int);
129 extern void	adrm_short(adr_t *, short *, int);
130 extern void	adrm_int64(adr_t *, int64_t *, int);
131 extern void	adrm_int32(adr_t *, int32_t *, int);
132 extern void	adrm_u_int32(adr_t *, uint32_t *, int);
133 extern void	adrm_u_char(adr_t *, uchar_t *, int);
134 extern void	adrm_u_int64(adr_t *, uint64_t *, int);
135 extern void	adrm_u_short(adr_t *, ushort_t *, int);
136 extern void	adrm_putint32(adr_t *, int32_t *, int);
137 
138 /*
139  * Functions that do I/O for audit files
140  */
141 
142 extern int	au_close(int, int, short);
143 extern int	au_open(void);
144 extern int	au_write(int, token_t *);
145 extern int	au_read_rec(FILE *, char **);
146 extern int	au_fetch_tok(au_token_t *, char *, int);
147 extern int	au_print_tok(FILE *, au_token_t *, char *, char *, char *, int);
148 
149 /*
150  * Functions than manipulate audit events
151  */
152 
153 extern void	setauevent(void);
154 extern void	endauevent(void);
155 extern int	setaueventfile(char *);
156 
157 extern au_event_ent_t	*getauevent(void);
158 extern au_event_ent_t	*getauevent_r(au_event_ent_t *);
159 extern au_event_ent_t	*getauevnam(char *);
160 extern au_event_ent_t	*getauevnam_r(au_event_ent_t *, char *);
161 extern au_event_ent_t	*getauevnum(au_event_t);
162 extern au_event_ent_t	*getauevnum_r(au_event_ent_t *, au_event_t);
163 extern au_event_t	getauevnonam(char *);
164 extern int		au_preselect(au_event_t, au_mask_t *, int, int);
165 extern int		cacheauevent(au_event_ent_t **, au_event_t);
166 
167 /*
168  * Functions that manipulate audit classes
169  */
170 
171 extern void	setauclass(void);
172 extern void	endauclass(void);
173 extern int	setauclassfile(char *);
174 
175 extern int	cacheauclass(au_class_ent_t **, au_class_t);
176 extern int	cacheauclassnam(au_class_ent_t **, char *);
177 extern au_class_ent_t *getauclassent(void);
178 extern au_class_ent_t *getauclassent_r(au_class_ent_t *);
179 extern au_class_ent_t *getauclassnam(char *);
180 extern au_class_ent_t *getauclassnam_r(au_class_ent_t *, char *);
181 
182 /*
183  * Functions that manipulate audit attributes of users
184  */
185 
186 void	setauuser(void);
187 void	endauuser(void);
188 int	setauuserfile(char *);
189 
190 au_user_ent_t *getauuserent(void);
191 au_user_ent_t *getauuserent_r(au_user_ent_t *);
192 au_user_ent_t *getauusernam(char *);
193 au_user_ent_t *getauusernam_r(au_user_ent_t *, char *);
194 
195 /*
196  * Functions that manipulate the audit control file
197  */
198 
199 void	endac(void);
200 void	setac(void);
201 int	testac(void);
202 
203 int	getacdir(char *, int);
204 int	getacmin(int *);
205 int	getacna(char *, int);
206 int	getacflg(char *, int);
207 
208 /*
209  * Functions that manipulate the audit control file
210  */
211 
212 
213 au_acinfo_t	*_openac(char *);
214 void		_endac(au_acinfo_t *);
215 void		_rewindac(au_acinfo_t *);
216 
217 int		_getacdir(au_acinfo_t *, char *, int);
218 int		_getaclib(au_acinfo_t *, kva_t **);
219 int		_getacmin(au_acinfo_t *, int *);
220 int		_getacna(au_acinfo_t *, char *, int);
221 int		_getacflg(au_acinfo_t *, char *, int);
222 int		_getacplug(au_acinfo_t *, kva_t **);
223 
224 /*
225  * Functions that manipulate audit masks
226  */
227 
228 extern int	au_user_mask(char *, au_mask_t *);
229 extern int	getauditflagsbin(char *, au_mask_t *);
230 extern int	getauditflagschar(char *, au_mask_t *, int);
231 extern int	getfauditflags(au_mask_t *, au_mask_t *, au_mask_t *);
232 
233 /*
234  * Functions that do system calls
235  */
236 
237 extern int	audit(char *, int);
238 extern int	auditon(int, caddr_t, int);
239 extern int	auditstat(au_stat_t *);
240 extern int	auditsvc(int, int);
241 extern int	auditdoor(int);
242 extern int	audituser(char *);
243 extern int	getaudit(auditinfo_t *);
244 extern int	getaudit_addr(auditinfo_addr_t *, int);
245 extern int	getauid(au_id_t *);
246 extern int	getkernstate(au_mask_t *);
247 extern int	getuseraudit(au_id_t, au_mask_t *);
248 extern int	setaudit(auditinfo_t *);
249 extern int	setaudit_addr(auditinfo_addr_t *, int);
250 extern int	setauid(au_id_t *);
251 extern int	setkernstate(au_mask_t *);
252 extern int	setuseraudit(au_id_t, au_mask_t *);
253 
254 #define	BSM_TEXTBUFSZ	256 /* size of string for generic text token */
255 
256 /*
257  * Defines for au_preselect(3)
258  */
259 #define	AU_PRS_SUCCESS	1
260 #define	AU_PRS_FAILURE	2
261 #define	AU_PRS_BOTH	(AU_PRS_SUCCESS|AU_PRS_FAILURE)
262 
263 #define	AU_PRS_USECACHE	0
264 #define	AU_PRS_REREAD	1
265 
266 /*
267  * Defines for cacheauclass and cacheauevent
268  */
269 #define	AU_CACHE_FREE	0x0000
270 #define	AU_CACHE_NAME	0x0001
271 #define	AU_CACHE_NUMBER	0x0002
272 
273 /* Flags for user-level audit routines: au_open, au_close, au_to_ */
274 #define	AU_TO_NO_WRITE	0
275 #define	AU_TO_WRITE	1
276 
277 /* Flags for user-level audit routine: au_fetch_tok */
278 #define	AUF_NOOP	0x0000
279 #define	AUF_POINT	0x0001
280 #define	AUF_DUP		0x0002
281 #define	AUF_COPY_IN	0x0004
282 #define	AUF_SKIP	0x0008
283 
284 /* system audit files for auditd */
285 #define	AUDITCLASSFILE		"/etc/security/audit_class"
286 #define	AUDITCONTROLFILE	"/etc/security/audit_control"
287 #define	AUDITDATAFILE		"/etc/security/audit_data"
288 #define	AUDITEVENTFILE		"/etc/security/audit_event"
289 #define	AUDITUSERFILE		"/etc/security/audit_user"
290 
291 /* array sizes for audit library structures */
292 #define	AU_CLASS_NAME_MAX	8
293 #define	AU_CLASS_DESC_MAX	72
294 #define	AU_EVENT_NAME_MAX	30
295 #define	AU_EVENT_DESC_MAX	50
296 #define	AU_EVENT_LINE_MAX	256
297 
298 /*
299  * Some macros used internally by the nsswitch code
300  */
301 #define	AUDITUSER_FILENAME		"/etc/security/audit_user"
302 #define	AUDITUSER_DB_NAME		"audit_user.org_dir"
303 #define	AUDITUSER_DB_NCOL		3	/* total columns */
304 #define	AUDITUSER_DB_NKEYCOL		1	/* total searchable columns */
305 #define	AUDITUSER_DB_TBLT		"audit_user_tbl"
306 #define	AUDITUSER_SUCCESS		0
307 #define	AUDITUSER_PARSE_ERANGE		1
308 #define	AUDITUSER_NOT_FOUND		2
309 
310 #define	AUDITUSER_COL0_KW		"name"
311 #define	AUDITUSER_COL1_KW		"always"
312 #define	AUDITUSER_COL2_KW		"never"
313 
314 /*
315  * indices of searchable columns
316  */
317 #define	AUDITUSER_KEYCOL0		0	/* name */
318 
319 
320 #ifdef	__cplusplus
321 }
322 #endif
323 
324 #endif	/* _BSM_LIBBSM_H */
325