17c478bd9Sstevel@tonic-gate /* 27c478bd9Sstevel@tonic-gate * CDDL HEADER START 37c478bd9Sstevel@tonic-gate * 47c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the 545916cd2Sjpk * Common Development and Distribution License (the "License"). 645916cd2Sjpk * You may not use this file except in compliance with the License. 77c478bd9Sstevel@tonic-gate * 87c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 97c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 107c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions 117c478bd9Sstevel@tonic-gate * and limitations under the License. 127c478bd9Sstevel@tonic-gate * 137c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 147c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 157c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 167c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 177c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 187c478bd9Sstevel@tonic-gate * 197c478bd9Sstevel@tonic-gate * CDDL HEADER END 207c478bd9Sstevel@tonic-gate */ 217c478bd9Sstevel@tonic-gate /* 22*be61b9faSJan Friedel * Copyright 2010 Sun Microsystems, Inc. All rights reserved. 237c478bd9Sstevel@tonic-gate * Use is subject to license terms. 247c478bd9Sstevel@tonic-gate */ 257c478bd9Sstevel@tonic-gate 267c478bd9Sstevel@tonic-gate /* 277c478bd9Sstevel@tonic-gate * auditconfig - set and display audit parameters 287c478bd9Sstevel@tonic-gate */ 297c478bd9Sstevel@tonic-gate 307c478bd9Sstevel@tonic-gate #include <locale.h> 317c478bd9Sstevel@tonic-gate #include <sys/types.h> 327c478bd9Sstevel@tonic-gate #include <ctype.h> 337c478bd9Sstevel@tonic-gate #include <stdlib.h> 347c478bd9Sstevel@tonic-gate #include <stdarg.h> 357c478bd9Sstevel@tonic-gate #include <unistd.h> 367c478bd9Sstevel@tonic-gate #include <errno.h> 377c478bd9Sstevel@tonic-gate #include <sys/param.h> 387c478bd9Sstevel@tonic-gate #include <stdio.h> 397c478bd9Sstevel@tonic-gate #include <string.h> 407c478bd9Sstevel@tonic-gate #include <strings.h> 417c478bd9Sstevel@tonic-gate #include <nlist.h> 427c478bd9Sstevel@tonic-gate #include <fcntl.h> 437c478bd9Sstevel@tonic-gate #include <sys/socket.h> 447c478bd9Sstevel@tonic-gate #include <netdb.h> 457c478bd9Sstevel@tonic-gate #include <netinet/in.h> 467c478bd9Sstevel@tonic-gate #include <arpa/inet.h> 477c478bd9Sstevel@tonic-gate #include <sys/mkdev.h> 487c478bd9Sstevel@tonic-gate #include <sys/param.h> 497c478bd9Sstevel@tonic-gate #include <pwd.h> 507c478bd9Sstevel@tonic-gate #include <libintl.h> 517c478bd9Sstevel@tonic-gate #include <zone.h> 528523fda3SJan Friedel #include <libscf_priv.h> 539e3700dfSgww #include <tsol/label.h> 547c478bd9Sstevel@tonic-gate #include <bsm/libbsm.h> 558523fda3SJan Friedel #include "auditconfig_impl.h" 568523fda3SJan Friedel #include "audit_scf.h" 577c478bd9Sstevel@tonic-gate 589e3700dfSgww enum commands { 599e3700dfSgww AC_ARG_ACONF, 608523fda3SJan Friedel AC_ARG_AUDIT, 619e3700dfSgww AC_ARG_CHKACONF, 628523fda3SJan Friedel AC_ARG_CHKCONF, 639e3700dfSgww AC_ARG_CONF, 649e3700dfSgww AC_ARG_GETASID, 659e3700dfSgww AC_ARG_GETAUDIT, 669e3700dfSgww AC_ARG_GETAUID, 679e3700dfSgww AC_ARG_GETCAR, 689e3700dfSgww AC_ARG_GETCLASS, 699e3700dfSgww AC_ARG_GETCOND, 709e3700dfSgww AC_ARG_GETCWD, 719e3700dfSgww AC_ARG_GETESTATE, 729e3700dfSgww AC_ARG_GETKAUDIT, 739e3700dfSgww AC_ARG_GETKMASK, 749e3700dfSgww AC_ARG_GETPINFO, 759e3700dfSgww AC_ARG_GETPOLICY, 769e3700dfSgww AC_ARG_GETQBUFSZ, 779e3700dfSgww AC_ARG_GETQCTRL, 789e3700dfSgww AC_ARG_GETQDELAY, 799e3700dfSgww AC_ARG_GETQHIWATER, 809e3700dfSgww AC_ARG_GETQLOWATER, 819e3700dfSgww AC_ARG_GETSTAT, 829e3700dfSgww AC_ARG_GETTERMID, 839e3700dfSgww AC_ARG_LSEVENT, 849e3700dfSgww AC_ARG_LSPOLICY, 859e3700dfSgww AC_ARG_SETASID, 869e3700dfSgww AC_ARG_SETAUDIT, 879e3700dfSgww AC_ARG_SETAUID, 889e3700dfSgww AC_ARG_SETCLASS, 899e3700dfSgww AC_ARG_SETKAUDIT, 909e3700dfSgww AC_ARG_SETKMASK, 919e3700dfSgww AC_ARG_SETPMASK, 929e3700dfSgww AC_ARG_SETPOLICY, 939e3700dfSgww AC_ARG_SETQBUFSZ, 949e3700dfSgww AC_ARG_SETQCTRL, 959e3700dfSgww AC_ARG_SETQDELAY, 969e3700dfSgww AC_ARG_SETQHIWATER, 979e3700dfSgww AC_ARG_SETQLOWATER, 988523fda3SJan Friedel AC_ARG_SETSMASK, 998523fda3SJan Friedel AC_ARG_SETSTAT, 1008523fda3SJan Friedel AC_ARG_SETUMASK, 1018523fda3SJan Friedel AC_ARG_SET_TEMPORARY 1029e3700dfSgww }; 1037c478bd9Sstevel@tonic-gate 1047c478bd9Sstevel@tonic-gate #define AC_KERN_EVENT 0 1057c478bd9Sstevel@tonic-gate #define AC_USER_EVENT 1 1067c478bd9Sstevel@tonic-gate 1077c478bd9Sstevel@tonic-gate #define NONE(s) (!strlen(s) ? gettext("none") : s) 1087c478bd9Sstevel@tonic-gate 1097c478bd9Sstevel@tonic-gate #define ONEK 1024 1107c478bd9Sstevel@tonic-gate 1117c478bd9Sstevel@tonic-gate /* 1127c478bd9Sstevel@tonic-gate * remove this after the audit.h is fixed 1137c478bd9Sstevel@tonic-gate */ 1147c478bd9Sstevel@tonic-gate struct arg_entry { 1157c478bd9Sstevel@tonic-gate char *arg_str; 1167c478bd9Sstevel@tonic-gate char *arg_opts; 1179e3700dfSgww enum commands auditconfig_cmd; 1188523fda3SJan Friedel boolean_t temporary_allowed; /* -t allowed for the option */ 1197c478bd9Sstevel@tonic-gate }; 1208523fda3SJan Friedel typedef struct arg_entry arg_entry_t; 1217c478bd9Sstevel@tonic-gate 1228523fda3SJan Friedel /* arg_table - command option and usage message table */ 1238523fda3SJan Friedel static arg_entry_t arg_table[] = { 1248523fda3SJan Friedel { "-aconf", "", AC_ARG_ACONF, B_FALSE}, 1258523fda3SJan Friedel { "-audit", " event sorf retval string", AC_ARG_AUDIT, B_FALSE}, 1268523fda3SJan Friedel { "-chkaconf", "", AC_ARG_CHKACONF, B_FALSE}, 1278523fda3SJan Friedel { "-chkconf", "", AC_ARG_CHKCONF, B_FALSE}, 1288523fda3SJan Friedel { "-conf", "", AC_ARG_CONF, B_FALSE}, 1298523fda3SJan Friedel { "-getasid", "", AC_ARG_GETASID, B_FALSE}, 1308523fda3SJan Friedel { "-getaudit", "", AC_ARG_GETAUDIT, B_FALSE}, 1318523fda3SJan Friedel { "-getauid", "", AC_ARG_GETAUID, B_FALSE}, 1328523fda3SJan Friedel { "-getcar", "", AC_ARG_GETCAR, B_FALSE}, 1338523fda3SJan Friedel { "-getclass", " event", AC_ARG_GETCLASS, B_FALSE}, 1348523fda3SJan Friedel { "-getcond", "", AC_ARG_GETCOND, B_FALSE}, 1358523fda3SJan Friedel { "-getcwd", "", AC_ARG_GETCWD, B_FALSE}, 1368523fda3SJan Friedel { "-getestate", " event", AC_ARG_GETESTATE, B_FALSE}, 1378523fda3SJan Friedel { "-getkaudit", "", AC_ARG_GETKAUDIT, B_FALSE}, 1388523fda3SJan Friedel { "-getkmask", "", AC_ARG_GETKMASK, B_FALSE}, 1398523fda3SJan Friedel { "-getpinfo", " pid", AC_ARG_GETPINFO, B_FALSE}, 1408523fda3SJan Friedel { "-getpolicy", "", AC_ARG_GETPOLICY, B_TRUE}, 1418523fda3SJan Friedel { "-getqbufsz", "", AC_ARG_GETQBUFSZ, B_TRUE}, 1428523fda3SJan Friedel { "-getqctrl", "", AC_ARG_GETQCTRL, B_TRUE}, 1438523fda3SJan Friedel { "-getqdelay", "", AC_ARG_GETQDELAY, B_TRUE}, 1448523fda3SJan Friedel { "-getqhiwater", "", AC_ARG_GETQHIWATER, B_TRUE}, 1458523fda3SJan Friedel { "-getqlowater", "", AC_ARG_GETQLOWATER, B_TRUE}, 1468523fda3SJan Friedel { "-getstat", "", AC_ARG_GETSTAT, B_FALSE}, 1478523fda3SJan Friedel { "-gettid", "", AC_ARG_GETTERMID, B_FALSE}, 1488523fda3SJan Friedel { "-lsevent", "", AC_ARG_LSEVENT, B_FALSE}, 1498523fda3SJan Friedel { "-lspolicy", "", AC_ARG_LSPOLICY, B_FALSE}, 1508523fda3SJan Friedel { "-setasid", " asid [cmd]", AC_ARG_SETASID, B_FALSE}, 1519e3700dfSgww { "-setaudit", " auid audit_flags termid asid [cmd]", 1528523fda3SJan Friedel AC_ARG_SETAUDIT, B_FALSE}, 1538523fda3SJan Friedel { "-setauid", " auid [cmd]", AC_ARG_SETAUID, B_FALSE}, 1548523fda3SJan Friedel { "-setclass", " event audit_flags", AC_ARG_SETCLASS, B_FALSE}, 1558523fda3SJan Friedel { "-setkaudit", " type IP_address", AC_ARG_SETKAUDIT, B_FALSE}, 1568523fda3SJan Friedel { "-setkmask", " audit_flags", AC_ARG_SETKMASK, B_FALSE}, 1578523fda3SJan Friedel { "-setpmask", " pid audit_flags", AC_ARG_SETPMASK, B_FALSE}, 1588523fda3SJan Friedel { "-setpolicy", " [+|-]policy_flags", AC_ARG_SETPOLICY, B_TRUE}, 1598523fda3SJan Friedel { "-setqbufsz", " bufsz", AC_ARG_SETQBUFSZ, B_TRUE}, 1608523fda3SJan Friedel { "-setqctrl", " hiwater lowater bufsz delay", 1618523fda3SJan Friedel AC_ARG_SETQCTRL, B_TRUE}, 1628523fda3SJan Friedel { "-setqdelay", " delay", AC_ARG_SETQDELAY, B_TRUE}, 1638523fda3SJan Friedel { "-setqhiwater", " hiwater", AC_ARG_SETQHIWATER, B_TRUE}, 1648523fda3SJan Friedel { "-setqlowater", " lowater", AC_ARG_SETQLOWATER, B_TRUE}, 1658523fda3SJan Friedel { "-setsmask", " asid audit_flags", AC_ARG_SETSMASK, B_FALSE}, 1668523fda3SJan Friedel { "-setstat", "", AC_ARG_SETSTAT, B_FALSE}, 1678523fda3SJan Friedel { "-setumask", " user audit_flags", AC_ARG_SETUMASK, B_FALSE}, 1688523fda3SJan Friedel { "-t", "", AC_ARG_SET_TEMPORARY, B_FALSE}, 1697c478bd9Sstevel@tonic-gate }; 1707c478bd9Sstevel@tonic-gate 1718523fda3SJan Friedel #define ARG_TBL_SZ (sizeof (arg_table) / sizeof (arg_entry_t)) 1727c478bd9Sstevel@tonic-gate 1738523fda3SJan Friedel char *progname = "auditconfig"; 1747c478bd9Sstevel@tonic-gate 1758523fda3SJan Friedel /* 1768523fda3SJan Friedel * temporary_set true to get/set only kernel settings, 1778523fda3SJan Friedel * false to get/set kernel settings and service properties 1788523fda3SJan Friedel */ 1798523fda3SJan Friedel static boolean_t temporary_set = B_FALSE; 1807c478bd9Sstevel@tonic-gate 1819e3700dfSgww static au_event_ent_t *egetauevnam(char *event_name); 1829e3700dfSgww static au_event_ent_t *egetauevnum(au_event_t event_number); 1839e3700dfSgww static int arg_ent_compare(const void *aep1, const void *aep2); 1849e3700dfSgww static char *cond2str(void); 1858523fda3SJan Friedel static int policy2str(uint32_t policy, char *policy_str, size_t len); 1869e3700dfSgww static int str2type(char *s, uint_t *type); 1878523fda3SJan Friedel static int str2policy(char *policy_str, uint32_t *policy_mask); 1889e3700dfSgww static int str2ipaddr(char *s, uint32_t *addr, uint32_t type); 1899e3700dfSgww static int strisflags(char *s); 1909e3700dfSgww static int strisipaddr(char *s); 1919e3700dfSgww static int strisnum(char *s); 1928523fda3SJan Friedel static arg_entry_t *get_arg_ent(char *arg_str); 1939e3700dfSgww static uid_t get_user_id(char *user); 1949e3700dfSgww static void chk_event_num(int etype, au_event_t event); 1959e3700dfSgww static void chk_event_str(int etype, char *event_str); 1969e3700dfSgww static void chk_retval(char *retval_str); 1979e3700dfSgww static void chk_sorf(char *sorf_str); 1989e3700dfSgww static void do_aconf(void); 1999e3700dfSgww static void do_args(char **argv); 2009e3700dfSgww static void do_audit(char *, char, int, char *); 2019e3700dfSgww static void do_chkaconf(void); 2029e3700dfSgww static void do_chkconf(void); 2039e3700dfSgww static void do_conf(void); 2049e3700dfSgww static void do_getasid(void); 2059e3700dfSgww static void do_getaudit(void); 2069e3700dfSgww static void do_getkaudit(void); 2079e3700dfSgww static void do_setkaudit(char *t, char *s); 2089e3700dfSgww static void do_getauid(void); 2099e3700dfSgww static void do_getcar(void); 2109e3700dfSgww static void do_getclass(char *event_str); 2119e3700dfSgww static void do_getcond(void); 2129e3700dfSgww static void do_getcwd(void); 2139e3700dfSgww static void do_getkmask(void); 2149e3700dfSgww static void do_getpinfo(char *pid_str); 2159e3700dfSgww static void do_getpolicy(void); 2169e3700dfSgww static void do_getqbufsz(void); 2179e3700dfSgww static void do_getqctrl(void); 2189e3700dfSgww static void do_getqdelay(void); 2199e3700dfSgww static void do_getqhiwater(void); 2209e3700dfSgww static void do_getqlowater(void); 2219e3700dfSgww static void do_getstat(void); 2229e3700dfSgww static void do_gettermid(void); 2239e3700dfSgww static void do_lsevent(void); 2249e3700dfSgww static void do_lspolicy(void); 2259e3700dfSgww static void do_setasid(char *sid_str, char **argv); 2269e3700dfSgww static void do_setaudit(char *user_str, char *mask_str, char *tid_str, 2279e3700dfSgww char *sid_str, char **argv); 2289e3700dfSgww static void do_setauid(char *user, char **argv); 2299e3700dfSgww static void do_setclass(char *event_str, char *audit_flags); 2309e3700dfSgww static void do_setkmask(char *audit_flags); 2319e3700dfSgww static void do_setpmask(char *pid_str, char *audit_flags); 2329e3700dfSgww static void do_setsmask(char *asid_str, char *audit_flags); 2339e3700dfSgww static void do_setumask(char *auid_str, char *audit_flags); 2349e3700dfSgww static void do_setpolicy(char *policy_str); 2359e3700dfSgww static void do_setqbufsz(char *bufsz); 2369e3700dfSgww static void do_setqctrl(char *hiwater, char *lowater, char *bufsz, char *delay); 2379e3700dfSgww static void do_setqdelay(char *delay); 2389e3700dfSgww static void do_setqhiwater(char *hiwater); 2399e3700dfSgww static void do_setqlowater(char *lowater); 2409e3700dfSgww static void do_setstat(void); 2419e3700dfSgww static void str2mask(char *mask_str, au_mask_t *mp); 2429e3700dfSgww static void str2tid(char *tid_str, au_tid_addr_t *tp); 2439e3700dfSgww static void strsplit(char *s, char *p1, char *p2, char c); 24445916cd2Sjpk 2459e3700dfSgww static void eauditon(int cmd, caddr_t data, int length); 2469e3700dfSgww static void egetaudit(auditinfo_addr_t *ai, int size); 2479e3700dfSgww static void egetkaudit(auditinfo_addr_t *ai, int size); 2489e3700dfSgww static void esetkaudit(auditinfo_addr_t *ai, int size); 2499e3700dfSgww static void egetauditflagsbin(char *auditflags, au_mask_t *pmask); 2509e3700dfSgww static void egetauid(au_id_t *auid); 2519e3700dfSgww static void esetaudit(auditinfo_addr_t *ai, int size); 2529e3700dfSgww static void esetauid(au_id_t *auid); 2539e3700dfSgww static void execit(char **argv); 2549e3700dfSgww static void exit_error(char *fmt, ...); 2559e3700dfSgww static void exit_usage(int status); 2568523fda3SJan Friedel static void parse_args(int argc, char **argv); 2579e3700dfSgww static void print_asid(au_asid_t asid); 2589e3700dfSgww static void print_auid(au_id_t auid); 2599e3700dfSgww static void print_mask(char *desc, au_mask_t *pmp); 2609e3700dfSgww static void print_tid_ex(au_tid_addr_t *tidp); 2617c478bd9Sstevel@tonic-gate 2628523fda3SJan Friedel #if !defined(TEXT_DOMAIN) 2638523fda3SJan Friedel #define TEXT_DOMAIN "SUNW_OST_OSCMD" 2648523fda3SJan Friedel #endif 2658523fda3SJan Friedel 2667c478bd9Sstevel@tonic-gate int 2679e3700dfSgww main(int argc, char **argv) 2687c478bd9Sstevel@tonic-gate { 2697c478bd9Sstevel@tonic-gate (void) setlocale(LC_ALL, ""); 2707c478bd9Sstevel@tonic-gate (void) textdomain(TEXT_DOMAIN); 2717c478bd9Sstevel@tonic-gate 2727c478bd9Sstevel@tonic-gate if (argc == 1) { 2737c478bd9Sstevel@tonic-gate exit_usage(0); 2747c478bd9Sstevel@tonic-gate } 2757c478bd9Sstevel@tonic-gate 2767c478bd9Sstevel@tonic-gate if (argc == 2 && 2777c478bd9Sstevel@tonic-gate (argv[1][0] == '?' || 2787c478bd9Sstevel@tonic-gate strcmp(argv[1], "-h") == 0 || 2798523fda3SJan Friedel strcmp(argv[1], "-?") == 0)) { 2807c478bd9Sstevel@tonic-gate exit_usage(0); 2818523fda3SJan Friedel } 2827c478bd9Sstevel@tonic-gate 2838523fda3SJan Friedel parse_args(argc, argv); 2847c478bd9Sstevel@tonic-gate do_args(argv); 2857c478bd9Sstevel@tonic-gate 2867c478bd9Sstevel@tonic-gate return (0); 2877c478bd9Sstevel@tonic-gate } 2887c478bd9Sstevel@tonic-gate 2897c478bd9Sstevel@tonic-gate /* 2907c478bd9Sstevel@tonic-gate * parse_args() 2917c478bd9Sstevel@tonic-gate * Desc: Checks command line argument syntax. 2927c478bd9Sstevel@tonic-gate * Inputs: Command line argv; 2937c478bd9Sstevel@tonic-gate * Returns: If a syntax error is detected, a usage message is printed 2947c478bd9Sstevel@tonic-gate * and exit() is called. If a syntax error is not detected, 2957c478bd9Sstevel@tonic-gate * parse_args() returns without a value. 2967c478bd9Sstevel@tonic-gate */ 2977c478bd9Sstevel@tonic-gate static void 2988523fda3SJan Friedel parse_args(int argc, char **argv) 2997c478bd9Sstevel@tonic-gate { 3008523fda3SJan Friedel arg_entry_t *ae; 3017c478bd9Sstevel@tonic-gate 3029e3700dfSgww au_mask_t mask; 3037c478bd9Sstevel@tonic-gate uint_t type; 3047c478bd9Sstevel@tonic-gate uint_t addr[4]; 3057c478bd9Sstevel@tonic-gate 3067c478bd9Sstevel@tonic-gate for (++argv; *argv; argv++) { 3079e3700dfSgww if ((ae = get_arg_ent(*argv)) == NULL) { 3087c478bd9Sstevel@tonic-gate exit_usage(1); 3097c478bd9Sstevel@tonic-gate } 3107c478bd9Sstevel@tonic-gate 3117c478bd9Sstevel@tonic-gate switch (ae->auditconfig_cmd) { 3127c478bd9Sstevel@tonic-gate 3137c478bd9Sstevel@tonic-gate case AC_ARG_AUDIT: 3147c478bd9Sstevel@tonic-gate ++argv; 3157c478bd9Sstevel@tonic-gate if (!*argv) 3167c478bd9Sstevel@tonic-gate exit_usage(1); 3177c478bd9Sstevel@tonic-gate if (strisnum(*argv)) { 3187c478bd9Sstevel@tonic-gate chk_event_num(AC_USER_EVENT, 3197c478bd9Sstevel@tonic-gate (au_event_t)atol(*argv)); 3209e3700dfSgww } else { 3217c478bd9Sstevel@tonic-gate chk_event_str(AC_USER_EVENT, *argv); 3229e3700dfSgww } 3237c478bd9Sstevel@tonic-gate ++argv; 3247c478bd9Sstevel@tonic-gate if (!*argv) 3257c478bd9Sstevel@tonic-gate exit_usage(1); 3267c478bd9Sstevel@tonic-gate chk_sorf(*argv); 3277c478bd9Sstevel@tonic-gate ++argv; 3287c478bd9Sstevel@tonic-gate if (!*argv) 3297c478bd9Sstevel@tonic-gate exit_usage(1); 3307c478bd9Sstevel@tonic-gate chk_retval(*argv); 3317c478bd9Sstevel@tonic-gate ++argv; 3327c478bd9Sstevel@tonic-gate if (!*argv) 3337c478bd9Sstevel@tonic-gate exit_usage(1); 3347c478bd9Sstevel@tonic-gate break; 3357c478bd9Sstevel@tonic-gate 3367c478bd9Sstevel@tonic-gate case AC_ARG_CHKCONF: 3377c478bd9Sstevel@tonic-gate case AC_ARG_CONF: 3387c478bd9Sstevel@tonic-gate case AC_ARG_ACONF: 3397c478bd9Sstevel@tonic-gate case AC_ARG_CHKACONF: 3407c478bd9Sstevel@tonic-gate case AC_ARG_GETASID: 3417c478bd9Sstevel@tonic-gate case AC_ARG_GETAUID: 3427c478bd9Sstevel@tonic-gate case AC_ARG_GETAUDIT: 3437c478bd9Sstevel@tonic-gate case AC_ARG_GETKAUDIT: 3447c478bd9Sstevel@tonic-gate break; 3457c478bd9Sstevel@tonic-gate 3467c478bd9Sstevel@tonic-gate case AC_ARG_GETCLASS: 3477c478bd9Sstevel@tonic-gate case AC_ARG_GETESTATE: 3487c478bd9Sstevel@tonic-gate ++argv; 3497c478bd9Sstevel@tonic-gate if (!*argv) 3507c478bd9Sstevel@tonic-gate exit_usage(1); 3519e3700dfSgww if (strisnum(*argv)) { 3527c478bd9Sstevel@tonic-gate chk_event_num(AC_KERN_EVENT, 3537c478bd9Sstevel@tonic-gate (au_event_t)atol(*argv)); 3549e3700dfSgww } else { 3557c478bd9Sstevel@tonic-gate chk_event_str(AC_KERN_EVENT, *argv); 3569e3700dfSgww } 3577c478bd9Sstevel@tonic-gate break; 3587c478bd9Sstevel@tonic-gate 3597c478bd9Sstevel@tonic-gate case AC_ARG_GETCAR: 3607c478bd9Sstevel@tonic-gate case AC_ARG_GETCOND: 3617c478bd9Sstevel@tonic-gate case AC_ARG_GETCWD: 3627c478bd9Sstevel@tonic-gate case AC_ARG_GETKMASK: 3637c478bd9Sstevel@tonic-gate case AC_ARG_GETPOLICY: 3647c478bd9Sstevel@tonic-gate case AC_ARG_GETQBUFSZ: 3657c478bd9Sstevel@tonic-gate case AC_ARG_GETQCTRL: 3667c478bd9Sstevel@tonic-gate case AC_ARG_GETQDELAY: 3677c478bd9Sstevel@tonic-gate case AC_ARG_GETQHIWATER: 3687c478bd9Sstevel@tonic-gate case AC_ARG_GETQLOWATER: 3697c478bd9Sstevel@tonic-gate case AC_ARG_GETSTAT: 3707c478bd9Sstevel@tonic-gate case AC_ARG_GETTERMID: 3717c478bd9Sstevel@tonic-gate case AC_ARG_LSEVENT: 3727c478bd9Sstevel@tonic-gate case AC_ARG_LSPOLICY: 3737c478bd9Sstevel@tonic-gate break; 3747c478bd9Sstevel@tonic-gate 3757c478bd9Sstevel@tonic-gate case AC_ARG_SETASID: 3767c478bd9Sstevel@tonic-gate case AC_ARG_SETAUID: 3777c478bd9Sstevel@tonic-gate case AC_ARG_SETAUDIT: 3787c478bd9Sstevel@tonic-gate ++argv; 3797c478bd9Sstevel@tonic-gate if (!*argv) 3807c478bd9Sstevel@tonic-gate exit_usage(1); 3817c478bd9Sstevel@tonic-gate 3827c478bd9Sstevel@tonic-gate while (*argv) 3837c478bd9Sstevel@tonic-gate ++argv; 3847c478bd9Sstevel@tonic-gate --argv; 3857c478bd9Sstevel@tonic-gate 3867c478bd9Sstevel@tonic-gate break; 3877c478bd9Sstevel@tonic-gate 3887c478bd9Sstevel@tonic-gate case AC_ARG_SETKAUDIT: 3897c478bd9Sstevel@tonic-gate ++argv; 3907c478bd9Sstevel@tonic-gate if (!*argv) 3917c478bd9Sstevel@tonic-gate exit_usage(1); 3927c478bd9Sstevel@tonic-gate if (str2type (*argv, &type)) 3937c478bd9Sstevel@tonic-gate exit_error(gettext( 3947c478bd9Sstevel@tonic-gate "Invalid IP address type specified.")); 3957c478bd9Sstevel@tonic-gate ++argv; 3967c478bd9Sstevel@tonic-gate if (!*argv) 3977c478bd9Sstevel@tonic-gate exit_usage(1); 3987c478bd9Sstevel@tonic-gate 3997c478bd9Sstevel@tonic-gate if (str2ipaddr(*argv, addr, type)) 4008523fda3SJan Friedel exit_error( 4018523fda3SJan Friedel gettext("Invalid IP address specified.")); 4027c478bd9Sstevel@tonic-gate break; 4037c478bd9Sstevel@tonic-gate 4047c478bd9Sstevel@tonic-gate case AC_ARG_SETCLASS: 4057c478bd9Sstevel@tonic-gate ++argv; 4067c478bd9Sstevel@tonic-gate if (!*argv) 4077c478bd9Sstevel@tonic-gate exit_usage(1); 4087c478bd9Sstevel@tonic-gate if (strisnum(*argv)) 4097c478bd9Sstevel@tonic-gate chk_event_num(AC_KERN_EVENT, 4107c478bd9Sstevel@tonic-gate (au_event_t)atol(*argv)); 4117c478bd9Sstevel@tonic-gate else 4127c478bd9Sstevel@tonic-gate chk_event_str(AC_KERN_EVENT, *argv); 4137c478bd9Sstevel@tonic-gate ++argv; 4147c478bd9Sstevel@tonic-gate if (!*argv) 4157c478bd9Sstevel@tonic-gate exit_usage(1); 4169e3700dfSgww str2mask(*argv, &mask); 4177c478bd9Sstevel@tonic-gate break; 4187c478bd9Sstevel@tonic-gate 4197c478bd9Sstevel@tonic-gate case AC_ARG_SETKMASK: 4207c478bd9Sstevel@tonic-gate ++argv; 4217c478bd9Sstevel@tonic-gate if (!*argv) 4227c478bd9Sstevel@tonic-gate exit_usage(1); 4239e3700dfSgww str2mask(*argv, &mask); 4247c478bd9Sstevel@tonic-gate break; 4257c478bd9Sstevel@tonic-gate 4267c478bd9Sstevel@tonic-gate case AC_ARG_SETPOLICY: 4277c478bd9Sstevel@tonic-gate ++argv; 4287c478bd9Sstevel@tonic-gate if (!*argv) 4297c478bd9Sstevel@tonic-gate exit_usage(1); 4307c478bd9Sstevel@tonic-gate break; 4317c478bd9Sstevel@tonic-gate 4327c478bd9Sstevel@tonic-gate case AC_ARG_SETSTAT: 4337c478bd9Sstevel@tonic-gate break; 4347c478bd9Sstevel@tonic-gate 4357c478bd9Sstevel@tonic-gate case AC_ARG_GETPINFO: 4367c478bd9Sstevel@tonic-gate ++argv; 4377c478bd9Sstevel@tonic-gate if (!*argv) 4387c478bd9Sstevel@tonic-gate exit_usage(1); 4397c478bd9Sstevel@tonic-gate break; 4407c478bd9Sstevel@tonic-gate 4417c478bd9Sstevel@tonic-gate case AC_ARG_SETPMASK: 4427c478bd9Sstevel@tonic-gate ++argv; 4437c478bd9Sstevel@tonic-gate if (!*argv) 4447c478bd9Sstevel@tonic-gate exit_usage(1); 4457c478bd9Sstevel@tonic-gate ++argv; 4467c478bd9Sstevel@tonic-gate if (!*argv) 4477c478bd9Sstevel@tonic-gate exit_usage(1); 4489e3700dfSgww str2mask(*argv, &mask); 4497c478bd9Sstevel@tonic-gate break; 4507c478bd9Sstevel@tonic-gate 4517c478bd9Sstevel@tonic-gate case AC_ARG_SETQBUFSZ: 4527c478bd9Sstevel@tonic-gate ++argv; 4537c478bd9Sstevel@tonic-gate if (!*argv) 4547c478bd9Sstevel@tonic-gate exit_usage(1); 4557c478bd9Sstevel@tonic-gate if (!strisnum(*argv)) 4567c478bd9Sstevel@tonic-gate exit_error(gettext("Invalid bufsz specified.")); 4577c478bd9Sstevel@tonic-gate break; 4587c478bd9Sstevel@tonic-gate 4597c478bd9Sstevel@tonic-gate case AC_ARG_SETQCTRL: 4607c478bd9Sstevel@tonic-gate ++argv; 4617c478bd9Sstevel@tonic-gate if (!*argv) 4627c478bd9Sstevel@tonic-gate exit_usage(1); 4637c478bd9Sstevel@tonic-gate if (!strisnum(*argv)) 4648523fda3SJan Friedel exit_error( 4658523fda3SJan Friedel gettext("Invalid hiwater specified.")); 4667c478bd9Sstevel@tonic-gate ++argv; 4677c478bd9Sstevel@tonic-gate if (!*argv) 4687c478bd9Sstevel@tonic-gate exit_usage(1); 4697c478bd9Sstevel@tonic-gate if (!strisnum(*argv)) 4708523fda3SJan Friedel exit_error( 4718523fda3SJan Friedel gettext("Invalid lowater specified.")); 4727c478bd9Sstevel@tonic-gate ++argv; 4737c478bd9Sstevel@tonic-gate if (!*argv) 4747c478bd9Sstevel@tonic-gate exit_usage(1); 4757c478bd9Sstevel@tonic-gate if (!strisnum(*argv)) 4767c478bd9Sstevel@tonic-gate exit_error(gettext("Invalid bufsz specified.")); 4777c478bd9Sstevel@tonic-gate ++argv; 4787c478bd9Sstevel@tonic-gate if (!*argv) 4797c478bd9Sstevel@tonic-gate exit_usage(1); 4807c478bd9Sstevel@tonic-gate if (!strisnum(*argv)) 4817c478bd9Sstevel@tonic-gate exit_error(gettext("Invalid delay specified.")); 4827c478bd9Sstevel@tonic-gate break; 4837c478bd9Sstevel@tonic-gate 4847c478bd9Sstevel@tonic-gate case AC_ARG_SETQDELAY: 4857c478bd9Sstevel@tonic-gate ++argv; 4867c478bd9Sstevel@tonic-gate if (!*argv) 4877c478bd9Sstevel@tonic-gate exit_usage(1); 4887c478bd9Sstevel@tonic-gate if (!strisnum(*argv)) 4897c478bd9Sstevel@tonic-gate exit_error(gettext("Invalid delay specified.")); 4907c478bd9Sstevel@tonic-gate break; 4917c478bd9Sstevel@tonic-gate 4927c478bd9Sstevel@tonic-gate case AC_ARG_SETQHIWATER: 4937c478bd9Sstevel@tonic-gate ++argv; 4947c478bd9Sstevel@tonic-gate if (!*argv) 4957c478bd9Sstevel@tonic-gate exit_usage(1); 4969e3700dfSgww if (!strisnum(*argv)) { 4978523fda3SJan Friedel exit_error( 4988523fda3SJan Friedel gettext("Invalid hiwater specified.")); 4999e3700dfSgww } 5007c478bd9Sstevel@tonic-gate break; 5017c478bd9Sstevel@tonic-gate 5027c478bd9Sstevel@tonic-gate case AC_ARG_SETQLOWATER: 5037c478bd9Sstevel@tonic-gate ++argv; 5047c478bd9Sstevel@tonic-gate if (!*argv) 5057c478bd9Sstevel@tonic-gate exit_usage(1); 5069e3700dfSgww if (!strisnum(*argv)) { 5078523fda3SJan Friedel exit_error( 5088523fda3SJan Friedel gettext("Invalid lowater specified.")); 5099e3700dfSgww } 5107c478bd9Sstevel@tonic-gate break; 5117c478bd9Sstevel@tonic-gate 5127c478bd9Sstevel@tonic-gate case AC_ARG_SETSMASK: 5137c478bd9Sstevel@tonic-gate case AC_ARG_SETUMASK: 5147c478bd9Sstevel@tonic-gate ++argv; 5157c478bd9Sstevel@tonic-gate if (!*argv) 5167c478bd9Sstevel@tonic-gate exit_usage(1); 5177c478bd9Sstevel@tonic-gate ++argv; 5187c478bd9Sstevel@tonic-gate if (!*argv) 5197c478bd9Sstevel@tonic-gate exit_usage(1); 5209e3700dfSgww str2mask(*argv, &mask); 5217c478bd9Sstevel@tonic-gate break; 5227c478bd9Sstevel@tonic-gate 5238523fda3SJan Friedel case AC_ARG_SET_TEMPORARY: 5248523fda3SJan Friedel /* Do not accept single -t option. */ 5258523fda3SJan Friedel if (argc == 2) { 5268523fda3SJan Friedel exit_error( 5278523fda3SJan Friedel gettext("Only the -t option specified " 5288523fda3SJan Friedel "(it is not a standalone option).")); 5298523fda3SJan Friedel } 5308523fda3SJan Friedel temporary_set = B_TRUE; 5318523fda3SJan Friedel break; 5328523fda3SJan Friedel 5337c478bd9Sstevel@tonic-gate default: 5347c478bd9Sstevel@tonic-gate exit_error(gettext("Internal error #1.")); 5357c478bd9Sstevel@tonic-gate break; 5367c478bd9Sstevel@tonic-gate } 5377c478bd9Sstevel@tonic-gate } 5387c478bd9Sstevel@tonic-gate } 5397c478bd9Sstevel@tonic-gate 5407c478bd9Sstevel@tonic-gate 5417c478bd9Sstevel@tonic-gate /* 5428523fda3SJan Friedel * do_args() - do command line arguments in the order in which they appear. 5438523fda3SJan Friedel * Function return values returned by the underlying functions; the semantics 5448523fda3SJan Friedel * they should follow is to return B_TRUE on successful execution, B_FALSE 5458523fda3SJan Friedel * otherwise. 5467c478bd9Sstevel@tonic-gate */ 5477c478bd9Sstevel@tonic-gate static void 5489e3700dfSgww do_args(char **argv) 5497c478bd9Sstevel@tonic-gate { 5508523fda3SJan Friedel arg_entry_t *ae; 5517c478bd9Sstevel@tonic-gate 5527c478bd9Sstevel@tonic-gate for (++argv; *argv; argv++) { 5537c478bd9Sstevel@tonic-gate ae = get_arg_ent(*argv); 5547c478bd9Sstevel@tonic-gate 5557c478bd9Sstevel@tonic-gate switch (ae->auditconfig_cmd) { 5567c478bd9Sstevel@tonic-gate 5577c478bd9Sstevel@tonic-gate case AC_ARG_AUDIT: 5587c478bd9Sstevel@tonic-gate { 5597c478bd9Sstevel@tonic-gate char sorf; 5607c478bd9Sstevel@tonic-gate int retval; 5617c478bd9Sstevel@tonic-gate char *event_name; 5627c478bd9Sstevel@tonic-gate char *audit_str; 5637c478bd9Sstevel@tonic-gate 5647c478bd9Sstevel@tonic-gate ++argv; 5657c478bd9Sstevel@tonic-gate event_name = *argv; 5667c478bd9Sstevel@tonic-gate ++argv; 5677c478bd9Sstevel@tonic-gate sorf = (char)atoi(*argv); 5687c478bd9Sstevel@tonic-gate ++argv; 5697c478bd9Sstevel@tonic-gate retval = atoi(*argv); 5707c478bd9Sstevel@tonic-gate ++argv; 5717c478bd9Sstevel@tonic-gate audit_str = *argv; 5727c478bd9Sstevel@tonic-gate do_audit(event_name, sorf, retval, audit_str); 5737c478bd9Sstevel@tonic-gate } 5747c478bd9Sstevel@tonic-gate break; 5757c478bd9Sstevel@tonic-gate 5767c478bd9Sstevel@tonic-gate case AC_ARG_CHKCONF: 5777c478bd9Sstevel@tonic-gate do_chkconf(); 5787c478bd9Sstevel@tonic-gate break; 5797c478bd9Sstevel@tonic-gate 5807c478bd9Sstevel@tonic-gate case AC_ARG_CONF: 5817c478bd9Sstevel@tonic-gate do_conf(); 5827c478bd9Sstevel@tonic-gate break; 5837c478bd9Sstevel@tonic-gate 5847c478bd9Sstevel@tonic-gate case AC_ARG_CHKACONF: 5857c478bd9Sstevel@tonic-gate do_chkaconf(); 5867c478bd9Sstevel@tonic-gate break; 5877c478bd9Sstevel@tonic-gate 5887c478bd9Sstevel@tonic-gate case AC_ARG_ACONF: 5897c478bd9Sstevel@tonic-gate do_aconf(); 5907c478bd9Sstevel@tonic-gate break; 5917c478bd9Sstevel@tonic-gate 5927c478bd9Sstevel@tonic-gate case AC_ARG_GETASID: 5937c478bd9Sstevel@tonic-gate do_getasid(); 5947c478bd9Sstevel@tonic-gate break; 5957c478bd9Sstevel@tonic-gate 5967c478bd9Sstevel@tonic-gate case AC_ARG_GETAUID: 5977c478bd9Sstevel@tonic-gate do_getauid(); 5987c478bd9Sstevel@tonic-gate break; 5997c478bd9Sstevel@tonic-gate 6007c478bd9Sstevel@tonic-gate case AC_ARG_GETAUDIT: 6017c478bd9Sstevel@tonic-gate do_getaudit(); 6027c478bd9Sstevel@tonic-gate break; 6037c478bd9Sstevel@tonic-gate 6047c478bd9Sstevel@tonic-gate case AC_ARG_GETKAUDIT: 6057c478bd9Sstevel@tonic-gate do_getkaudit(); 6067c478bd9Sstevel@tonic-gate break; 6077c478bd9Sstevel@tonic-gate 6087c478bd9Sstevel@tonic-gate case AC_ARG_GETCLASS: 6097c478bd9Sstevel@tonic-gate case AC_ARG_GETESTATE: 6107c478bd9Sstevel@tonic-gate ++argv; 6117c478bd9Sstevel@tonic-gate do_getclass(*argv); 6127c478bd9Sstevel@tonic-gate break; 6137c478bd9Sstevel@tonic-gate 6147c478bd9Sstevel@tonic-gate case AC_ARG_GETCAR: 6157c478bd9Sstevel@tonic-gate do_getcar(); 6167c478bd9Sstevel@tonic-gate break; 6177c478bd9Sstevel@tonic-gate 6187c478bd9Sstevel@tonic-gate case AC_ARG_GETCOND: 6197c478bd9Sstevel@tonic-gate do_getcond(); 6207c478bd9Sstevel@tonic-gate break; 6217c478bd9Sstevel@tonic-gate 6227c478bd9Sstevel@tonic-gate case AC_ARG_GETCWD: 6237c478bd9Sstevel@tonic-gate do_getcwd(); 6247c478bd9Sstevel@tonic-gate break; 6257c478bd9Sstevel@tonic-gate 6267c478bd9Sstevel@tonic-gate case AC_ARG_GETKMASK: 6277c478bd9Sstevel@tonic-gate do_getkmask(); 6287c478bd9Sstevel@tonic-gate break; 6297c478bd9Sstevel@tonic-gate 6307c478bd9Sstevel@tonic-gate case AC_ARG_GETPOLICY: 6317c478bd9Sstevel@tonic-gate do_getpolicy(); 6327c478bd9Sstevel@tonic-gate break; 6337c478bd9Sstevel@tonic-gate 6347c478bd9Sstevel@tonic-gate case AC_ARG_GETQBUFSZ: 6357c478bd9Sstevel@tonic-gate do_getqbufsz(); 6367c478bd9Sstevel@tonic-gate break; 6377c478bd9Sstevel@tonic-gate 6387c478bd9Sstevel@tonic-gate case AC_ARG_GETQCTRL: 6397c478bd9Sstevel@tonic-gate do_getqctrl(); 6407c478bd9Sstevel@tonic-gate break; 6417c478bd9Sstevel@tonic-gate 6427c478bd9Sstevel@tonic-gate case AC_ARG_GETQDELAY: 6437c478bd9Sstevel@tonic-gate do_getqdelay(); 6447c478bd9Sstevel@tonic-gate break; 6457c478bd9Sstevel@tonic-gate 6467c478bd9Sstevel@tonic-gate case AC_ARG_GETQHIWATER: 6477c478bd9Sstevel@tonic-gate do_getqhiwater(); 6487c478bd9Sstevel@tonic-gate break; 6497c478bd9Sstevel@tonic-gate 6507c478bd9Sstevel@tonic-gate case AC_ARG_GETQLOWATER: 6517c478bd9Sstevel@tonic-gate do_getqlowater(); 6527c478bd9Sstevel@tonic-gate break; 6537c478bd9Sstevel@tonic-gate 6547c478bd9Sstevel@tonic-gate case AC_ARG_GETSTAT: 6557c478bd9Sstevel@tonic-gate do_getstat(); 6567c478bd9Sstevel@tonic-gate break; 6577c478bd9Sstevel@tonic-gate 6587c478bd9Sstevel@tonic-gate case AC_ARG_GETTERMID: 6597c478bd9Sstevel@tonic-gate do_gettermid(); 6607c478bd9Sstevel@tonic-gate break; 6617c478bd9Sstevel@tonic-gate 6627c478bd9Sstevel@tonic-gate case AC_ARG_LSEVENT: 6637c478bd9Sstevel@tonic-gate do_lsevent(); 6647c478bd9Sstevel@tonic-gate break; 6657c478bd9Sstevel@tonic-gate 6667c478bd9Sstevel@tonic-gate case AC_ARG_LSPOLICY: 6677c478bd9Sstevel@tonic-gate do_lspolicy(); 6687c478bd9Sstevel@tonic-gate break; 6697c478bd9Sstevel@tonic-gate 6707c478bd9Sstevel@tonic-gate case AC_ARG_SETASID: 6717c478bd9Sstevel@tonic-gate { 6727c478bd9Sstevel@tonic-gate char *sid_str; 6737c478bd9Sstevel@tonic-gate 6747c478bd9Sstevel@tonic-gate ++argv; 6757c478bd9Sstevel@tonic-gate sid_str = *argv; 6767c478bd9Sstevel@tonic-gate ++argv; 6777c478bd9Sstevel@tonic-gate do_setasid(sid_str, argv); 6787c478bd9Sstevel@tonic-gate } 6797c478bd9Sstevel@tonic-gate break; 6807c478bd9Sstevel@tonic-gate 6817c478bd9Sstevel@tonic-gate case AC_ARG_SETAUID: 6827c478bd9Sstevel@tonic-gate { 6837c478bd9Sstevel@tonic-gate char *user; 6847c478bd9Sstevel@tonic-gate 6857c478bd9Sstevel@tonic-gate ++argv; 6867c478bd9Sstevel@tonic-gate user = *argv; 6877c478bd9Sstevel@tonic-gate ++argv; 6887c478bd9Sstevel@tonic-gate do_setauid(user, argv); 6897c478bd9Sstevel@tonic-gate } 6907c478bd9Sstevel@tonic-gate break; 6917c478bd9Sstevel@tonic-gate 6927c478bd9Sstevel@tonic-gate case AC_ARG_SETAUDIT: 6937c478bd9Sstevel@tonic-gate { 6947c478bd9Sstevel@tonic-gate char *user_str; 6957c478bd9Sstevel@tonic-gate char *mask_str; 6967c478bd9Sstevel@tonic-gate char *tid_str; 6977c478bd9Sstevel@tonic-gate char *sid_str; 6987c478bd9Sstevel@tonic-gate 6997c478bd9Sstevel@tonic-gate ++argv; 7007c478bd9Sstevel@tonic-gate user_str = *argv; 7017c478bd9Sstevel@tonic-gate ++argv; 7027c478bd9Sstevel@tonic-gate mask_str = *argv; 7037c478bd9Sstevel@tonic-gate ++argv; 7047c478bd9Sstevel@tonic-gate tid_str = *argv; 7057c478bd9Sstevel@tonic-gate ++argv; 7067c478bd9Sstevel@tonic-gate sid_str = *argv; 7077c478bd9Sstevel@tonic-gate ++argv; 7088523fda3SJan Friedel do_setaudit(user_str, mask_str, tid_str, 7098523fda3SJan Friedel sid_str, argv); 7107c478bd9Sstevel@tonic-gate } 7117c478bd9Sstevel@tonic-gate break; 7127c478bd9Sstevel@tonic-gate 7137c478bd9Sstevel@tonic-gate case AC_ARG_SETKAUDIT: 7147c478bd9Sstevel@tonic-gate { 7157c478bd9Sstevel@tonic-gate char *address_type, *address; 7167c478bd9Sstevel@tonic-gate 7177c478bd9Sstevel@tonic-gate ++argv; address_type = *argv; 7187c478bd9Sstevel@tonic-gate ++argv; address = *argv; 7197c478bd9Sstevel@tonic-gate do_setkaudit(address_type, address); 7207c478bd9Sstevel@tonic-gate } 7217c478bd9Sstevel@tonic-gate break; 7227c478bd9Sstevel@tonic-gate 7237c478bd9Sstevel@tonic-gate case AC_ARG_SETCLASS: 7247c478bd9Sstevel@tonic-gate { 7257c478bd9Sstevel@tonic-gate char *event_str, *audit_flags; 7267c478bd9Sstevel@tonic-gate 7277c478bd9Sstevel@tonic-gate ++argv; event_str = *argv; 7287c478bd9Sstevel@tonic-gate ++argv; audit_flags = *argv; 7297c478bd9Sstevel@tonic-gate do_setclass(event_str, audit_flags); 7307c478bd9Sstevel@tonic-gate } 7317c478bd9Sstevel@tonic-gate break; 7327c478bd9Sstevel@tonic-gate 7337c478bd9Sstevel@tonic-gate case AC_ARG_SETKMASK: 7347c478bd9Sstevel@tonic-gate ++argv; 7357c478bd9Sstevel@tonic-gate do_setkmask(*argv); 7367c478bd9Sstevel@tonic-gate break; 7377c478bd9Sstevel@tonic-gate 7387c478bd9Sstevel@tonic-gate case AC_ARG_SETPOLICY: 7397c478bd9Sstevel@tonic-gate ++argv; 7407c478bd9Sstevel@tonic-gate do_setpolicy(*argv); 7417c478bd9Sstevel@tonic-gate break; 7427c478bd9Sstevel@tonic-gate 7437c478bd9Sstevel@tonic-gate case AC_ARG_GETPINFO: 7447c478bd9Sstevel@tonic-gate { 7457c478bd9Sstevel@tonic-gate char *pid_str; 7467c478bd9Sstevel@tonic-gate 7477c478bd9Sstevel@tonic-gate ++argv; 7487c478bd9Sstevel@tonic-gate pid_str = *argv; 7497c478bd9Sstevel@tonic-gate do_getpinfo(pid_str); 7507c478bd9Sstevel@tonic-gate } 7517c478bd9Sstevel@tonic-gate break; 7527c478bd9Sstevel@tonic-gate 7537c478bd9Sstevel@tonic-gate case AC_ARG_SETPMASK: 7547c478bd9Sstevel@tonic-gate { 7557c478bd9Sstevel@tonic-gate char *pid_str; 7567c478bd9Sstevel@tonic-gate char *audit_flags; 7577c478bd9Sstevel@tonic-gate 7587c478bd9Sstevel@tonic-gate ++argv; 7597c478bd9Sstevel@tonic-gate pid_str = *argv; 7607c478bd9Sstevel@tonic-gate ++argv; 7617c478bd9Sstevel@tonic-gate audit_flags = *argv; 7627c478bd9Sstevel@tonic-gate do_setpmask(pid_str, audit_flags); 7637c478bd9Sstevel@tonic-gate } 7647c478bd9Sstevel@tonic-gate break; 7657c478bd9Sstevel@tonic-gate 7667c478bd9Sstevel@tonic-gate case AC_ARG_SETSTAT: 7677c478bd9Sstevel@tonic-gate do_setstat(); 7687c478bd9Sstevel@tonic-gate break; 7697c478bd9Sstevel@tonic-gate 7707c478bd9Sstevel@tonic-gate case AC_ARG_SETQBUFSZ: 7717c478bd9Sstevel@tonic-gate ++argv; 7727c478bd9Sstevel@tonic-gate do_setqbufsz(*argv); 7737c478bd9Sstevel@tonic-gate break; 7747c478bd9Sstevel@tonic-gate 7757c478bd9Sstevel@tonic-gate case AC_ARG_SETQCTRL: 7767c478bd9Sstevel@tonic-gate { 7777c478bd9Sstevel@tonic-gate char *hiwater, *lowater, *bufsz, *delay; 7787c478bd9Sstevel@tonic-gate 7797c478bd9Sstevel@tonic-gate ++argv; hiwater = *argv; 7807c478bd9Sstevel@tonic-gate ++argv; lowater = *argv; 7817c478bd9Sstevel@tonic-gate ++argv; bufsz = *argv; 7827c478bd9Sstevel@tonic-gate ++argv; delay = *argv; 7837c478bd9Sstevel@tonic-gate do_setqctrl(hiwater, lowater, bufsz, delay); 7847c478bd9Sstevel@tonic-gate } 7857c478bd9Sstevel@tonic-gate break; 7867c478bd9Sstevel@tonic-gate case AC_ARG_SETQDELAY: 7877c478bd9Sstevel@tonic-gate ++argv; 7887c478bd9Sstevel@tonic-gate do_setqdelay(*argv); 7897c478bd9Sstevel@tonic-gate break; 7907c478bd9Sstevel@tonic-gate 7917c478bd9Sstevel@tonic-gate case AC_ARG_SETQHIWATER: 7927c478bd9Sstevel@tonic-gate ++argv; 7937c478bd9Sstevel@tonic-gate do_setqhiwater(*argv); 7947c478bd9Sstevel@tonic-gate break; 7957c478bd9Sstevel@tonic-gate 7967c478bd9Sstevel@tonic-gate case AC_ARG_SETQLOWATER: 7977c478bd9Sstevel@tonic-gate ++argv; 7987c478bd9Sstevel@tonic-gate do_setqlowater(*argv); 7997c478bd9Sstevel@tonic-gate break; 8007c478bd9Sstevel@tonic-gate 8017c478bd9Sstevel@tonic-gate case AC_ARG_SETSMASK: 8027c478bd9Sstevel@tonic-gate { 8037c478bd9Sstevel@tonic-gate char *asid_str; 8047c478bd9Sstevel@tonic-gate char *audit_flags; 8057c478bd9Sstevel@tonic-gate 8067c478bd9Sstevel@tonic-gate ++argv; 8077c478bd9Sstevel@tonic-gate asid_str = *argv; 8087c478bd9Sstevel@tonic-gate ++argv; 8097c478bd9Sstevel@tonic-gate audit_flags = *argv; 8107c478bd9Sstevel@tonic-gate do_setsmask(asid_str, audit_flags); 8117c478bd9Sstevel@tonic-gate } 8127c478bd9Sstevel@tonic-gate break; 8137c478bd9Sstevel@tonic-gate case AC_ARG_SETUMASK: 8147c478bd9Sstevel@tonic-gate { 8157c478bd9Sstevel@tonic-gate char *auid_str; 8167c478bd9Sstevel@tonic-gate char *audit_flags; 8177c478bd9Sstevel@tonic-gate 8187c478bd9Sstevel@tonic-gate ++argv; 8197c478bd9Sstevel@tonic-gate auid_str = *argv; 8207c478bd9Sstevel@tonic-gate ++argv; 8217c478bd9Sstevel@tonic-gate audit_flags = *argv; 8227c478bd9Sstevel@tonic-gate do_setumask(auid_str, audit_flags); 8237c478bd9Sstevel@tonic-gate } 8247c478bd9Sstevel@tonic-gate break; 8258523fda3SJan Friedel case AC_ARG_SET_TEMPORARY: 8268523fda3SJan Friedel break; 8277c478bd9Sstevel@tonic-gate 8287c478bd9Sstevel@tonic-gate default: 8297c478bd9Sstevel@tonic-gate exit_error(gettext("Internal error #2.")); 8307c478bd9Sstevel@tonic-gate break; 8317c478bd9Sstevel@tonic-gate } 8327c478bd9Sstevel@tonic-gate } 8337c478bd9Sstevel@tonic-gate } 8347c478bd9Sstevel@tonic-gate 8357c478bd9Sstevel@tonic-gate /* 8368523fda3SJan Friedel * do_chkconf() - the returned value is for the global zone unless AUDIT_PERZONE 8378523fda3SJan Friedel * is set. 8387c478bd9Sstevel@tonic-gate */ 8397c478bd9Sstevel@tonic-gate static void 8409e3700dfSgww do_chkconf(void) 8417c478bd9Sstevel@tonic-gate { 8427c478bd9Sstevel@tonic-gate register au_event_ent_t *evp; 8437c478bd9Sstevel@tonic-gate au_mask_t pmask; 8447c478bd9Sstevel@tonic-gate char conf_aflags[256]; 8457c478bd9Sstevel@tonic-gate char run_aflags[256]; 8467c478bd9Sstevel@tonic-gate au_stat_t as; 8477c478bd9Sstevel@tonic-gate int class; 8487c478bd9Sstevel@tonic-gate int len; 8497c478bd9Sstevel@tonic-gate struct au_evclass_map cmap; 8507c478bd9Sstevel@tonic-gate 8517c478bd9Sstevel@tonic-gate pmask.am_success = pmask.am_failure = 0; 8527c478bd9Sstevel@tonic-gate eauditon(A_GETSTAT, (caddr_t)&as, 0); 8537c478bd9Sstevel@tonic-gate 8547c478bd9Sstevel@tonic-gate setauevent(); 8559e3700dfSgww if (getauevent() == NULL) { 8568523fda3SJan Friedel exit_error(gettext("NO AUDIT EVENTS: Could not read %s\n."), 8578523fda3SJan Friedel AUDITEVENTFILE); 8587c478bd9Sstevel@tonic-gate } 8597c478bd9Sstevel@tonic-gate 8607c478bd9Sstevel@tonic-gate setauevent(); 8619e3700dfSgww while ((evp = getauevent()) != NULL) { 8627c478bd9Sstevel@tonic-gate cmap.ec_number = evp->ae_number; 8637c478bd9Sstevel@tonic-gate len = sizeof (struct au_evclass_map); 8649e3700dfSgww if (evp->ae_number <= as.as_numevent) { 8657c478bd9Sstevel@tonic-gate if (auditon(A_GETCLASS, (caddr_t)&cmap, len) == -1) { 866d0fa49b7STony Nguyen (void) printf("%s(%hu):%s", 8679e3700dfSgww evp->ae_name, evp->ae_number, 8689e3700dfSgww gettext("UNKNOWN EVENT: Could not get " 8699e3700dfSgww "class for event. Configuration may " 8709e3700dfSgww "be bad.\n")); 8717c478bd9Sstevel@tonic-gate } else { 8727c478bd9Sstevel@tonic-gate class = cmap.ec_class; 8737c478bd9Sstevel@tonic-gate if (class != evp->ae_class) { 8747c478bd9Sstevel@tonic-gate conf_aflags[0] = run_aflags[0] = '\0'; 8757c478bd9Sstevel@tonic-gate pmask.am_success = class; 8767c478bd9Sstevel@tonic-gate pmask.am_failure = class; 8777c478bd9Sstevel@tonic-gate (void) getauditflagschar(run_aflags, 8787c478bd9Sstevel@tonic-gate &pmask, 0); 8797c478bd9Sstevel@tonic-gate pmask.am_success = evp->ae_class; 8807c478bd9Sstevel@tonic-gate pmask.am_failure = evp->ae_class; 8817c478bd9Sstevel@tonic-gate (void) getauditflagschar(conf_aflags, 8827c478bd9Sstevel@tonic-gate &pmask, 0); 8837c478bd9Sstevel@tonic-gate 8847c478bd9Sstevel@tonic-gate (void) printf(gettext( 885d0fa49b7STony Nguyen "%s(%hu): CLASS MISMATCH: " 8869e3700dfSgww "runtime class (%s) != " 8879e3700dfSgww "configured class (%s)\n"), 8887c478bd9Sstevel@tonic-gate evp->ae_name, evp->ae_number, 8899e3700dfSgww NONE(run_aflags), 8909e3700dfSgww NONE(conf_aflags)); 8919e3700dfSgww } 8927c478bd9Sstevel@tonic-gate } 8937c478bd9Sstevel@tonic-gate } 8947c478bd9Sstevel@tonic-gate } 8957c478bd9Sstevel@tonic-gate endauevent(); 8967c478bd9Sstevel@tonic-gate } 8977c478bd9Sstevel@tonic-gate 8987c478bd9Sstevel@tonic-gate /* 8998523fda3SJan Friedel * do_conf() - configure the kernel events. The value returned to the user is 9008523fda3SJan Friedel * for the global zone unless AUDIT_PERZONE is set. 9017c478bd9Sstevel@tonic-gate */ 9027c478bd9Sstevel@tonic-gate static void 9039e3700dfSgww do_conf(void) 9047c478bd9Sstevel@tonic-gate { 9057c478bd9Sstevel@tonic-gate register au_event_ent_t *evp; 9067c478bd9Sstevel@tonic-gate register int i; 9077c478bd9Sstevel@tonic-gate au_evclass_map_t ec; 9087c478bd9Sstevel@tonic-gate au_stat_t as; 9097c478bd9Sstevel@tonic-gate 9107c478bd9Sstevel@tonic-gate eauditon(A_GETSTAT, (caddr_t)&as, 0); 9117c478bd9Sstevel@tonic-gate 9127c478bd9Sstevel@tonic-gate i = 0; 9137c478bd9Sstevel@tonic-gate setauevent(); 9149e3700dfSgww while ((evp = getauevent()) != NULL) { 9157c478bd9Sstevel@tonic-gate if (evp->ae_number <= as.as_numevent) { 9167c478bd9Sstevel@tonic-gate ++i; 9177c478bd9Sstevel@tonic-gate ec.ec_number = evp->ae_number; 9187c478bd9Sstevel@tonic-gate ec.ec_class = evp->ae_class; 9197c478bd9Sstevel@tonic-gate eauditon(A_SETCLASS, (caddr_t)&ec, (int)sizeof (ec)); 9207c478bd9Sstevel@tonic-gate } 9217c478bd9Sstevel@tonic-gate } 9227c478bd9Sstevel@tonic-gate endauevent(); 9237c478bd9Sstevel@tonic-gate (void) printf(gettext("Configured %d kernel events.\n"), i); 9247c478bd9Sstevel@tonic-gate 9257c478bd9Sstevel@tonic-gate } 9267c478bd9Sstevel@tonic-gate 9277c478bd9Sstevel@tonic-gate /* 9288523fda3SJan Friedel * do_chkaconf() - report a mismatch if the runtime class mask of a kernel audit 9298523fda3SJan Friedel * event does not match the configured class mask. The value returned to the 9308523fda3SJan Friedel * user is for the global zone unless AUDIT_PERZONE is set. 9317c478bd9Sstevel@tonic-gate */ 9327c478bd9Sstevel@tonic-gate static void 9339e3700dfSgww do_chkaconf(void) 9347c478bd9Sstevel@tonic-gate { 9357c478bd9Sstevel@tonic-gate char buf[1024]; 9367c478bd9Sstevel@tonic-gate au_mask_t pmask, kmask; 9377c478bd9Sstevel@tonic-gate 9387c478bd9Sstevel@tonic-gate if (getacna(buf, sizeof (buf)) < 0) { 9397c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 9407c478bd9Sstevel@tonic-gate gettext("bad non-attributable flags in audit_control\n")); 9417c478bd9Sstevel@tonic-gate exit(1); 9427c478bd9Sstevel@tonic-gate } 9437c478bd9Sstevel@tonic-gate 9447c478bd9Sstevel@tonic-gate if (getauditflagsbin(buf, &pmask) < 0) { 9457c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 9467c478bd9Sstevel@tonic-gate gettext("bad audit flag value encountered\n")); 9477c478bd9Sstevel@tonic-gate exit(1); 9487c478bd9Sstevel@tonic-gate } 9497c478bd9Sstevel@tonic-gate 9507c478bd9Sstevel@tonic-gate eauditon(A_GETKMASK, (caddr_t)&kmask, (int)sizeof (kmask)); 9517c478bd9Sstevel@tonic-gate 9527c478bd9Sstevel@tonic-gate if ((pmask.am_success != kmask.am_success) || 9537c478bd9Sstevel@tonic-gate (pmask.am_failure != kmask.am_failure)) { 9547c478bd9Sstevel@tonic-gate char kbuf[2048]; 9557c478bd9Sstevel@tonic-gate if (getauditflagschar(kbuf, &kmask, 0) < 0) { 9567c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 9577c478bd9Sstevel@tonic-gate gettext("bad kernel non-attributable mask\n")); 9587c478bd9Sstevel@tonic-gate exit(1); 9597c478bd9Sstevel@tonic-gate } 9607c478bd9Sstevel@tonic-gate (void) printf(gettext("non-attributable event mismatch ")); 9617c478bd9Sstevel@tonic-gate (void) printf(gettext("audit_control(%s) kernel(%s)\n"), 9627c478bd9Sstevel@tonic-gate buf, kbuf); 9637c478bd9Sstevel@tonic-gate } 9647c478bd9Sstevel@tonic-gate } 9657c478bd9Sstevel@tonic-gate 9667c478bd9Sstevel@tonic-gate /* 9678523fda3SJan Friedel * do_aconf - configures the non-attributable events. The value returned to the 9688523fda3SJan Friedel * user is for the global zone unless AUDIT_PERZONE is set. 9697c478bd9Sstevel@tonic-gate */ 9707c478bd9Sstevel@tonic-gate static void 9719e3700dfSgww do_aconf(void) 9727c478bd9Sstevel@tonic-gate { 9737c478bd9Sstevel@tonic-gate char buf[2048]; 9747c478bd9Sstevel@tonic-gate au_mask_t pmask; 9757c478bd9Sstevel@tonic-gate 9767c478bd9Sstevel@tonic-gate if (getacna(buf, sizeof (buf)) < 0) { 9777c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 9787c478bd9Sstevel@tonic-gate gettext("bad non-attributable flags in audit_control\n")); 9797c478bd9Sstevel@tonic-gate exit(1); 9807c478bd9Sstevel@tonic-gate } 9817c478bd9Sstevel@tonic-gate 9827c478bd9Sstevel@tonic-gate if (getauditflagsbin(buf, &pmask) < 0) { 9837c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 9847c478bd9Sstevel@tonic-gate gettext("bad audit flag value encountered\n")); 9857c478bd9Sstevel@tonic-gate exit(1); 9867c478bd9Sstevel@tonic-gate } 9877c478bd9Sstevel@tonic-gate 9887c478bd9Sstevel@tonic-gate eauditon(A_SETKMASK, (caddr_t)&pmask, (int)sizeof (pmask)); 9897c478bd9Sstevel@tonic-gate (void) printf(gettext("Configured non-attributable events.\n")); 9907c478bd9Sstevel@tonic-gate } 9917c478bd9Sstevel@tonic-gate 9928523fda3SJan Friedel /* 9938523fda3SJan Friedel * do_audit() - construct an audit record for audit event event using the 9948523fda3SJan Friedel * process's audit characteristics containing a text token string audit_str. The 9958523fda3SJan Friedel * return token is constructed from the success/failure flag sort. Returned 9968523fda3SJan Friedel * value retval is an errno value. 9978523fda3SJan Friedel */ 9987c478bd9Sstevel@tonic-gate static void 9999e3700dfSgww do_audit(char *event, char sorf, int retval, char *audit_str) 10007c478bd9Sstevel@tonic-gate { 10017c478bd9Sstevel@tonic-gate int rtn; 10027c478bd9Sstevel@tonic-gate int rd; 10037c478bd9Sstevel@tonic-gate au_event_t event_num; 10047c478bd9Sstevel@tonic-gate au_event_ent_t *evp; 10057c478bd9Sstevel@tonic-gate auditinfo_addr_t ai; 10067c478bd9Sstevel@tonic-gate token_t *tokp; 10077c478bd9Sstevel@tonic-gate 10087c478bd9Sstevel@tonic-gate egetaudit(&ai, sizeof (ai)); 10097c478bd9Sstevel@tonic-gate 10107c478bd9Sstevel@tonic-gate if (strisnum(event)) { 10117c478bd9Sstevel@tonic-gate event_num = (au_event_t)atoi(event); 10127c478bd9Sstevel@tonic-gate evp = egetauevnum(event_num); 10139e3700dfSgww } else { 10147c478bd9Sstevel@tonic-gate evp = egetauevnam(event); 10159e3700dfSgww } 10167c478bd9Sstevel@tonic-gate 10177c478bd9Sstevel@tonic-gate rtn = au_preselect(evp->ae_number, &ai.ai_mask, (int)sorf, 10187c478bd9Sstevel@tonic-gate AU_PRS_USECACHE); 10197c478bd9Sstevel@tonic-gate 10209e3700dfSgww if (rtn == -1) { 1021d0fa49b7STony Nguyen exit_error("%s\n%s %hu\n", 10227c478bd9Sstevel@tonic-gate gettext("Check audit event configuration."), 10237c478bd9Sstevel@tonic-gate gettext("Could not get audit class for event number"), 10247c478bd9Sstevel@tonic-gate evp->ae_number); 10259e3700dfSgww } 10267c478bd9Sstevel@tonic-gate 10277c478bd9Sstevel@tonic-gate /* record is preselected */ 10287c478bd9Sstevel@tonic-gate if (rtn == 1) { 10299e3700dfSgww if ((rd = au_open()) == -1) { 10308523fda3SJan Friedel exit_error(gettext( 10318523fda3SJan Friedel "Could not get and audit record descriptor\n")); 10329e3700dfSgww } 10339e3700dfSgww if ((tokp = au_to_me()) == NULL) { 10348523fda3SJan Friedel exit_error( 10358523fda3SJan Friedel gettext("Could not allocate subject token\n")); 10369e3700dfSgww } 10379e3700dfSgww if (au_write(rd, tokp) == -1) { 10388523fda3SJan Friedel exit_error(gettext("Could not construct subject token " 10398523fda3SJan Friedel "of audit record\n")); 10409e3700dfSgww } 10419e3700dfSgww if (is_system_labeled()) { 10429e3700dfSgww if ((tokp = au_to_mylabel()) == NULL) { 10438523fda3SJan Friedel exit_error(gettext( 10448523fda3SJan Friedel "Could not allocate label token\n")); 10459e3700dfSgww } 10469e3700dfSgww if (au_write(rd, tokp) == -1) { 10478523fda3SJan Friedel exit_error(gettext("Could not " 10488523fda3SJan Friedel "construct label token of audit record\n")); 10499e3700dfSgww } 105045916cd2Sjpk } 105145916cd2Sjpk 10529e3700dfSgww if ((tokp = au_to_text(audit_str)) == NULL) 10537c478bd9Sstevel@tonic-gate exit_error(gettext("Could not allocate text token\n")); 10547c478bd9Sstevel@tonic-gate if (au_write(rd, tokp) == -1) 10559e3700dfSgww exit_error(gettext("Could not construct text token of " 10569e3700dfSgww "audit record\n")); 10577c478bd9Sstevel@tonic-gate #ifdef _LP64 10589e3700dfSgww if ((tokp = au_to_return64(sorf, retval)) == NULL) 10597c478bd9Sstevel@tonic-gate #else 10609e3700dfSgww if ((tokp = au_to_return32(sorf, retval)) == NULL) 10617c478bd9Sstevel@tonic-gate #endif 10628523fda3SJan Friedel exit_error( 10638523fda3SJan Friedel gettext("Could not allocate return token\n")); 10649e3700dfSgww if (au_write(rd, tokp) == -1) { 10659e3700dfSgww exit_error(gettext("Could not construct return token " 10669e3700dfSgww "of audit record\n")); 10679e3700dfSgww } 10689e3700dfSgww if (au_close(rd, 1, evp->ae_number) == -1) { 10698523fda3SJan Friedel exit_error( 10708523fda3SJan Friedel gettext("Could not write audit record: %s\n"), 10718523fda3SJan Friedel strerror(errno)); 10729e3700dfSgww } 10737c478bd9Sstevel@tonic-gate } 10747c478bd9Sstevel@tonic-gate } 10757c478bd9Sstevel@tonic-gate 10768523fda3SJan Friedel /* 10778523fda3SJan Friedel * do_getauid() - print the audit id of the current process. 10788523fda3SJan Friedel */ 10797c478bd9Sstevel@tonic-gate static void 10809e3700dfSgww do_getauid(void) 10817c478bd9Sstevel@tonic-gate { 10827c478bd9Sstevel@tonic-gate au_id_t auid; 10837c478bd9Sstevel@tonic-gate 10847c478bd9Sstevel@tonic-gate egetauid(&auid); 10857c478bd9Sstevel@tonic-gate print_auid(auid); 10867c478bd9Sstevel@tonic-gate } 10877c478bd9Sstevel@tonic-gate 10888523fda3SJan Friedel /* 10898523fda3SJan Friedel * do_getaudit() - print the audit characteristics of the current process. 10908523fda3SJan Friedel */ 10917c478bd9Sstevel@tonic-gate static void 10929e3700dfSgww do_getaudit(void) 10937c478bd9Sstevel@tonic-gate { 10947c478bd9Sstevel@tonic-gate auditinfo_addr_t ai; 10957c478bd9Sstevel@tonic-gate 10967c478bd9Sstevel@tonic-gate egetaudit(&ai, sizeof (ai)); 10977c478bd9Sstevel@tonic-gate print_auid(ai.ai_auid); 10987c478bd9Sstevel@tonic-gate print_mask(gettext("process preselection mask"), &ai.ai_mask); 10997c478bd9Sstevel@tonic-gate print_tid_ex(&ai.ai_termid); 11007c478bd9Sstevel@tonic-gate print_asid(ai.ai_asid); 11017c478bd9Sstevel@tonic-gate } 11027c478bd9Sstevel@tonic-gate 11038523fda3SJan Friedel /* 11048523fda3SJan Friedel * do_getkaudit() - print the audit characteristics of the current zone. 11058523fda3SJan Friedel */ 11067c478bd9Sstevel@tonic-gate static void 11079e3700dfSgww do_getkaudit(void) 11087c478bd9Sstevel@tonic-gate { 11097c478bd9Sstevel@tonic-gate auditinfo_addr_t ai; 11107c478bd9Sstevel@tonic-gate 11117c478bd9Sstevel@tonic-gate egetkaudit(&ai, sizeof (ai)); 11127c478bd9Sstevel@tonic-gate print_auid(ai.ai_auid); 11137c478bd9Sstevel@tonic-gate print_mask(gettext("process preselection mask"), &ai.ai_mask); 11147c478bd9Sstevel@tonic-gate print_tid_ex(&ai.ai_termid); 11157c478bd9Sstevel@tonic-gate print_asid(ai.ai_asid); 11167c478bd9Sstevel@tonic-gate } 11177c478bd9Sstevel@tonic-gate 11187c478bd9Sstevel@tonic-gate /* 11198523fda3SJan Friedel * do_setkaudit() - set IP address_type/address of machine to specified values; 11208523fda3SJan Friedel * valid per zone if AUDIT_PERZONE is set, else only in global zone. 11217c478bd9Sstevel@tonic-gate */ 11227c478bd9Sstevel@tonic-gate static void 11239e3700dfSgww do_setkaudit(char *t, char *s) 11247c478bd9Sstevel@tonic-gate { 11257c478bd9Sstevel@tonic-gate uint_t type; 11267c478bd9Sstevel@tonic-gate auditinfo_addr_t ai; 11277c478bd9Sstevel@tonic-gate 11287c478bd9Sstevel@tonic-gate egetkaudit(&ai, sizeof (ai)); 11297c478bd9Sstevel@tonic-gate (void) str2type(t, &type); 11307c478bd9Sstevel@tonic-gate (void) str2ipaddr(s, &ai.ai_termid.at_addr[0], type); 11317c478bd9Sstevel@tonic-gate ai.ai_termid.at_type = type; 11327c478bd9Sstevel@tonic-gate esetkaudit(&ai, sizeof (ai)); 11337c478bd9Sstevel@tonic-gate } 11347c478bd9Sstevel@tonic-gate 11357c478bd9Sstevel@tonic-gate /* 11368523fda3SJan Friedel * do_getcar() - print the zone-relative root 11377c478bd9Sstevel@tonic-gate */ 11387c478bd9Sstevel@tonic-gate static void 11399e3700dfSgww do_getcar(void) 11407c478bd9Sstevel@tonic-gate { 11417c478bd9Sstevel@tonic-gate char path[MAXPATHLEN]; 11427c478bd9Sstevel@tonic-gate 11437c478bd9Sstevel@tonic-gate eauditon(A_GETCAR, (caddr_t)path, (int)sizeof (path)); 11447c478bd9Sstevel@tonic-gate (void) printf(gettext("current active root = %s\n"), path); 11457c478bd9Sstevel@tonic-gate } 11467c478bd9Sstevel@tonic-gate 11477c478bd9Sstevel@tonic-gate /* 11488523fda3SJan Friedel * do_getclass() - print the preselection mask associated with the specified 11498523fda3SJan Friedel * kernel audit event. The displayed value is for the global zone unless 11508523fda3SJan Friedel * AUDIT_PERZONE is set. 11517c478bd9Sstevel@tonic-gate */ 11527c478bd9Sstevel@tonic-gate static void 11539e3700dfSgww do_getclass(char *event_str) 11547c478bd9Sstevel@tonic-gate { 11557c478bd9Sstevel@tonic-gate au_evclass_map_t ec; 11567c478bd9Sstevel@tonic-gate au_event_ent_t *evp; 11577c478bd9Sstevel@tonic-gate au_event_t event_number; 11587c478bd9Sstevel@tonic-gate char *event_name; 11597c478bd9Sstevel@tonic-gate 11607c478bd9Sstevel@tonic-gate if (strisnum(event_str)) { 11617c478bd9Sstevel@tonic-gate event_number = atol(event_str); 11629e3700dfSgww if ((evp = egetauevnum(event_number)) != NULL) { 11637c478bd9Sstevel@tonic-gate event_number = evp->ae_number; 11647c478bd9Sstevel@tonic-gate event_name = evp->ae_name; 11659e3700dfSgww } else { 11667c478bd9Sstevel@tonic-gate event_name = gettext("unknown"); 11679e3700dfSgww } 11687c478bd9Sstevel@tonic-gate } else { 11697c478bd9Sstevel@tonic-gate event_name = event_str; 11709e3700dfSgww if ((evp = egetauevnam(event_str)) != NULL) { 11717c478bd9Sstevel@tonic-gate event_number = evp->ae_number; 11727c478bd9Sstevel@tonic-gate } 11739e3700dfSgww } 11747c478bd9Sstevel@tonic-gate 11757c478bd9Sstevel@tonic-gate ec.ec_number = event_number; 11767c478bd9Sstevel@tonic-gate eauditon(A_GETCLASS, (caddr_t)&ec, 0); 11777c478bd9Sstevel@tonic-gate 1178d0fa49b7STony Nguyen (void) printf(gettext("audit class mask for event %s(%hu) = 0x%x\n"), 11799e3700dfSgww event_name, event_number, ec.ec_class); 11807c478bd9Sstevel@tonic-gate } 11817c478bd9Sstevel@tonic-gate 11827c478bd9Sstevel@tonic-gate /* 11838523fda3SJan Friedel * do_getcond() - the printed value is for the global zone unless 11848523fda3SJan Friedel * AUDIT_PERZONE is set. (AUC_DISABLED is always global, the other states are 11858523fda3SJan Friedel * per zone if AUDIT_PERZONE is set) 11867c478bd9Sstevel@tonic-gate */ 11877c478bd9Sstevel@tonic-gate static void 11889e3700dfSgww do_getcond(void) 11897c478bd9Sstevel@tonic-gate { 11909e3700dfSgww (void) printf(gettext("audit condition = %s\n"), cond2str()); 11917c478bd9Sstevel@tonic-gate } 11927c478bd9Sstevel@tonic-gate 11937c478bd9Sstevel@tonic-gate /* 11948523fda3SJan Friedel * do_getcwd() - the printed path is relative to the current zone root 11957c478bd9Sstevel@tonic-gate */ 11967c478bd9Sstevel@tonic-gate static void 11979e3700dfSgww do_getcwd(void) 11987c478bd9Sstevel@tonic-gate { 11997c478bd9Sstevel@tonic-gate char path[MAXPATHLEN]; 12007c478bd9Sstevel@tonic-gate 12017c478bd9Sstevel@tonic-gate eauditon(A_GETCWD, (caddr_t)path, (int)sizeof (path)); 12027c478bd9Sstevel@tonic-gate (void) printf(gettext("current working directory = %s\n"), path); 12037c478bd9Sstevel@tonic-gate } 12047c478bd9Sstevel@tonic-gate 12057c478bd9Sstevel@tonic-gate /* 12068523fda3SJan Friedel * do_getkmask() - the printed value is for the global zone unless AUDIT_PERZONE 12078523fda3SJan Friedel * is set. 12087c478bd9Sstevel@tonic-gate */ 12097c478bd9Sstevel@tonic-gate static void 12109e3700dfSgww do_getkmask(void) 12117c478bd9Sstevel@tonic-gate { 12127c478bd9Sstevel@tonic-gate au_mask_t pmask; 12137c478bd9Sstevel@tonic-gate 12147c478bd9Sstevel@tonic-gate eauditon(A_GETKMASK, (caddr_t)&pmask, (int)sizeof (pmask)); 12157c478bd9Sstevel@tonic-gate print_mask(gettext("audit flags for non-attributable events"), &pmask); 12167c478bd9Sstevel@tonic-gate } 12177c478bd9Sstevel@tonic-gate 12187c478bd9Sstevel@tonic-gate /* 12198523fda3SJan Friedel * do_getpolicy() - print active and configured kernel audit policy relative to 12208523fda3SJan Friedel * the current zone. 12217c478bd9Sstevel@tonic-gate */ 12227c478bd9Sstevel@tonic-gate static void 12239e3700dfSgww do_getpolicy(void) 12247c478bd9Sstevel@tonic-gate { 12257c478bd9Sstevel@tonic-gate char policy_str[1024]; 12268523fda3SJan Friedel uint32_t policy; 12278523fda3SJan Friedel 12288523fda3SJan Friedel if (!temporary_set) { 12298523fda3SJan Friedel if (!do_getpolicy_scf(&policy)) { 12308523fda3SJan Friedel exit_error(gettext("Could not get configured values.")); 12318523fda3SJan Friedel } 12328523fda3SJan Friedel (void) policy2str(policy, policy_str, sizeof (policy_str)); 12338523fda3SJan Friedel (void) printf(gettext("configured audit policies = %s\n"), 12348523fda3SJan Friedel policy_str); 12358523fda3SJan Friedel } 12367c478bd9Sstevel@tonic-gate 12377c478bd9Sstevel@tonic-gate eauditon(A_GETPOLICY, (caddr_t)&policy, 0); 12387c478bd9Sstevel@tonic-gate (void) policy2str(policy, policy_str, sizeof (policy_str)); 12398523fda3SJan Friedel (void) printf(gettext("active audit policies = %s\n"), policy_str); 12407c478bd9Sstevel@tonic-gate } 12417c478bd9Sstevel@tonic-gate 12428523fda3SJan Friedel 12438523fda3SJan Friedel /* 12448523fda3SJan Friedel * do_getpinfo() - print the audit ID, preselection mask, terminal ID, and 12458523fda3SJan Friedel * audit session ID for the specified process. 12468523fda3SJan Friedel */ 12477c478bd9Sstevel@tonic-gate static void 12489e3700dfSgww do_getpinfo(char *pid_str) 12497c478bd9Sstevel@tonic-gate { 12507c478bd9Sstevel@tonic-gate struct auditpinfo_addr ap; 12517c478bd9Sstevel@tonic-gate 12527c478bd9Sstevel@tonic-gate if (strisnum(pid_str)) 12537c478bd9Sstevel@tonic-gate ap.ap_pid = (pid_t)atoi(pid_str); 12547c478bd9Sstevel@tonic-gate else 12557c478bd9Sstevel@tonic-gate exit_usage(1); 12567c478bd9Sstevel@tonic-gate 12577c478bd9Sstevel@tonic-gate eauditon(A_GETPINFO_ADDR, (caddr_t)&ap, sizeof (ap)); 12587c478bd9Sstevel@tonic-gate 12597c478bd9Sstevel@tonic-gate print_auid(ap.ap_auid); 12607c478bd9Sstevel@tonic-gate print_mask(gettext("process preselection mask"), &(ap.ap_mask)); 12617c478bd9Sstevel@tonic-gate print_tid_ex(&(ap.ap_termid)); 12627c478bd9Sstevel@tonic-gate print_asid(ap.ap_asid); 12637c478bd9Sstevel@tonic-gate } 12647c478bd9Sstevel@tonic-gate 12657c478bd9Sstevel@tonic-gate /* 12668523fda3SJan Friedel * do_getqbufsz() - print the active and configured audit queue write buffer 12678523fda3SJan Friedel * size relative to the current zone. 12687c478bd9Sstevel@tonic-gate */ 12697c478bd9Sstevel@tonic-gate static void 12709e3700dfSgww do_getqbufsz(void) 12717c478bd9Sstevel@tonic-gate { 12727c478bd9Sstevel@tonic-gate struct au_qctrl qctrl; 12737c478bd9Sstevel@tonic-gate 12748523fda3SJan Friedel if (!temporary_set) { 12758523fda3SJan Friedel if (!do_getqbufsz_scf(&qctrl.aq_bufsz)) { 12768523fda3SJan Friedel exit_error(gettext("Could not get configured value.")); 12778523fda3SJan Friedel } 12788523fda3SJan Friedel 12798523fda3SJan Friedel if (qctrl.aq_bufsz == 0) { 12808523fda3SJan Friedel (void) printf(gettext( 12818523fda3SJan Friedel "no configured audit queue buffer size\n")); 12828523fda3SJan Friedel } else { 12838523fda3SJan Friedel (void) printf(gettext("configured audit queue " 12848523fda3SJan Friedel "buffer size (bytes) = %d\n"), qctrl.aq_bufsz); 12858523fda3SJan Friedel } 12868523fda3SJan Friedel } 12878523fda3SJan Friedel 12887c478bd9Sstevel@tonic-gate eauditon(A_GETQCTRL, (caddr_t)&qctrl, 0); 12898523fda3SJan Friedel (void) printf(gettext("active audit queue buffer size (bytes) = %d\n"), 12907c478bd9Sstevel@tonic-gate qctrl.aq_bufsz); 12917c478bd9Sstevel@tonic-gate } 12927c478bd9Sstevel@tonic-gate 12937c478bd9Sstevel@tonic-gate /* 12948523fda3SJan Friedel * do_getqctrl() - print the configured and active audit queue write buffer 12958523fda3SJan Friedel * size, audit queue hiwater mark, audit queue lowater mark, audit queue prod 12968523fda3SJan Friedel * interval (ticks) relative to the current zone. 12977c478bd9Sstevel@tonic-gate */ 12987c478bd9Sstevel@tonic-gate static void 12999e3700dfSgww do_getqctrl(void) 13007c478bd9Sstevel@tonic-gate { 13017c478bd9Sstevel@tonic-gate struct au_qctrl qctrl; 13027c478bd9Sstevel@tonic-gate 13038523fda3SJan Friedel if (!temporary_set) { 13048523fda3SJan Friedel if (!do_getqctrl_scf(&qctrl)) { 13058523fda3SJan Friedel exit_error(gettext("Could not get configured values.")); 13068523fda3SJan Friedel } 13078523fda3SJan Friedel 13088523fda3SJan Friedel if (qctrl.aq_hiwater == 0) { 13098523fda3SJan Friedel (void) printf(gettext( 13108523fda3SJan Friedel "no configured audit queue hiwater mark\n")); 13118523fda3SJan Friedel } else { 13128523fda3SJan Friedel (void) printf(gettext("configured audit queue " 13138523fda3SJan Friedel "hiwater mark (records) = %d\n"), qctrl.aq_hiwater); 13148523fda3SJan Friedel } 13158523fda3SJan Friedel if (qctrl.aq_lowater == 0) { 13168523fda3SJan Friedel (void) printf(gettext( 13178523fda3SJan Friedel "no configured audit queue lowater mark\n")); 13188523fda3SJan Friedel } else { 13198523fda3SJan Friedel (void) printf(gettext("configured audit queue " 13208523fda3SJan Friedel "lowater mark (records) = %d\n"), qctrl.aq_lowater); 13218523fda3SJan Friedel } 13228523fda3SJan Friedel if (qctrl.aq_bufsz == 0) { 13238523fda3SJan Friedel (void) printf(gettext( 13248523fda3SJan Friedel "no configured audit queue buffer size\n")); 13258523fda3SJan Friedel } else { 13268523fda3SJan Friedel (void) printf(gettext("configured audit queue " 13278523fda3SJan Friedel "buffer size (bytes) = %d\n"), qctrl.aq_bufsz); 13288523fda3SJan Friedel } 13298523fda3SJan Friedel if (qctrl.aq_delay == 0) { 13308523fda3SJan Friedel (void) printf(gettext( 13318523fda3SJan Friedel "no configured audit queue delay\n")); 13328523fda3SJan Friedel } else { 13338523fda3SJan Friedel (void) printf(gettext("configured audit queue " 13348523fda3SJan Friedel "delay (ticks) = %ld\n"), qctrl.aq_delay); 13358523fda3SJan Friedel } 13368523fda3SJan Friedel } 13378523fda3SJan Friedel 13387c478bd9Sstevel@tonic-gate eauditon(A_GETQCTRL, (caddr_t)&qctrl, 0); 13398523fda3SJan Friedel (void) printf(gettext("active audit queue hiwater mark " 13408523fda3SJan Friedel "(records) = %d\n"), qctrl.aq_hiwater); 13418523fda3SJan Friedel (void) printf(gettext("active audit queue lowater mark " 13428523fda3SJan Friedel "(records) = %d\n"), qctrl.aq_lowater); 13438523fda3SJan Friedel (void) printf(gettext("active audit queue buffer size (bytes) = %d\n"), 13447c478bd9Sstevel@tonic-gate qctrl.aq_bufsz); 13458523fda3SJan Friedel (void) printf(gettext("active audit queue delay (ticks) = %ld\n"), 13467c478bd9Sstevel@tonic-gate qctrl.aq_delay); 13477c478bd9Sstevel@tonic-gate } 13487c478bd9Sstevel@tonic-gate 13497c478bd9Sstevel@tonic-gate /* 13508523fda3SJan Friedel * do_getqdelay() - print, relative to the current zone, the configured and 13518523fda3SJan Friedel * active interval at which audit queue is prodded to start output. 13527c478bd9Sstevel@tonic-gate */ 13537c478bd9Sstevel@tonic-gate static void 13549e3700dfSgww do_getqdelay(void) 13557c478bd9Sstevel@tonic-gate { 13567c478bd9Sstevel@tonic-gate struct au_qctrl qctrl; 13577c478bd9Sstevel@tonic-gate 13588523fda3SJan Friedel if (!temporary_set) { 13598523fda3SJan Friedel if (!do_getqdelay_scf(&qctrl.aq_delay)) { 13608523fda3SJan Friedel exit_error(gettext("Could not get configured value.")); 13618523fda3SJan Friedel } 13628523fda3SJan Friedel 13638523fda3SJan Friedel if (qctrl.aq_delay == 0) { 13648523fda3SJan Friedel (void) printf(gettext( 13658523fda3SJan Friedel "no configured audit queue delay\n")); 13668523fda3SJan Friedel } else { 13678523fda3SJan Friedel (void) printf(gettext("configured audit queue " 13688523fda3SJan Friedel "delay (ticks) = %ld\n"), qctrl.aq_delay); 13698523fda3SJan Friedel } 13708523fda3SJan Friedel } 13718523fda3SJan Friedel 13727c478bd9Sstevel@tonic-gate eauditon(A_GETQCTRL, (caddr_t)&qctrl, 0); 13738523fda3SJan Friedel (void) printf(gettext("active audit queue delay (ticks) = %ld\n"), 13747c478bd9Sstevel@tonic-gate qctrl.aq_delay); 13757c478bd9Sstevel@tonic-gate } 13767c478bd9Sstevel@tonic-gate 13777c478bd9Sstevel@tonic-gate /* 13788523fda3SJan Friedel * do_getqhiwater() - print, relative to the current zone, the high water 13798523fda3SJan Friedel * point in undelivered audit records when audit generation will block. 13807c478bd9Sstevel@tonic-gate */ 13817c478bd9Sstevel@tonic-gate static void 13829e3700dfSgww do_getqhiwater(void) 13837c478bd9Sstevel@tonic-gate { 13847c478bd9Sstevel@tonic-gate struct au_qctrl qctrl; 13857c478bd9Sstevel@tonic-gate 13868523fda3SJan Friedel if (!temporary_set) { 13878523fda3SJan Friedel if (!do_getqhiwater_scf(&qctrl.aq_hiwater)) { 13888523fda3SJan Friedel exit_error(gettext("Could not get configured value.")); 13898523fda3SJan Friedel } 13908523fda3SJan Friedel 13918523fda3SJan Friedel if (qctrl.aq_hiwater == 0) { 13928523fda3SJan Friedel (void) printf(gettext( 13938523fda3SJan Friedel "no configured audit queue hiwater mark\n")); 13948523fda3SJan Friedel } else { 13958523fda3SJan Friedel (void) printf(gettext("configured audit queue " 13968523fda3SJan Friedel "hiwater mark (records) = %d\n"), qctrl.aq_hiwater); 13978523fda3SJan Friedel } 13988523fda3SJan Friedel } 13998523fda3SJan Friedel 14007c478bd9Sstevel@tonic-gate eauditon(A_GETQCTRL, (caddr_t)&qctrl, 0); 14018523fda3SJan Friedel (void) printf(gettext("active audit queue hiwater mark " 14028523fda3SJan Friedel "(records) = %d\n"), qctrl.aq_hiwater); 14037c478bd9Sstevel@tonic-gate } 14047c478bd9Sstevel@tonic-gate 14057c478bd9Sstevel@tonic-gate /* 14068523fda3SJan Friedel * do_getqlowater() - print, relative to the current zone, the low water point 14078523fda3SJan Friedel * in undelivered audit records where blocked processes will resume. 14087c478bd9Sstevel@tonic-gate */ 14097c478bd9Sstevel@tonic-gate static void 14109e3700dfSgww do_getqlowater(void) 14117c478bd9Sstevel@tonic-gate { 14127c478bd9Sstevel@tonic-gate struct au_qctrl qctrl; 14137c478bd9Sstevel@tonic-gate 14148523fda3SJan Friedel if (!temporary_set) { 14158523fda3SJan Friedel if (!do_getqlowater_scf(&qctrl.aq_lowater)) { 14168523fda3SJan Friedel exit_error(gettext("Could not get configured value.")); 14177c478bd9Sstevel@tonic-gate } 14187c478bd9Sstevel@tonic-gate 14198523fda3SJan Friedel if (qctrl.aq_lowater == 0) { 14208523fda3SJan Friedel (void) printf(gettext( 14218523fda3SJan Friedel "no configured audit queue lowater mark\n")); 14228523fda3SJan Friedel } else { 14238523fda3SJan Friedel (void) printf(gettext("configured audit queue " 14248523fda3SJan Friedel "lowater mark (records) = %d\n"), qctrl.aq_lowater); 14258523fda3SJan Friedel } 14268523fda3SJan Friedel } 14278523fda3SJan Friedel 14288523fda3SJan Friedel eauditon(A_GETQCTRL, (caddr_t)&qctrl, 0); 14298523fda3SJan Friedel (void) printf(gettext("active audit queue lowater mark " 14308523fda3SJan Friedel "(records) = %d\n"), qctrl.aq_lowater); 14318523fda3SJan Friedel } 14328523fda3SJan Friedel 14338523fda3SJan Friedel /* 14348523fda3SJan Friedel * do_getasid() - print out the audit session-ID. 14358523fda3SJan Friedel */ 14367c478bd9Sstevel@tonic-gate static void 14379e3700dfSgww do_getasid(void) 14387c478bd9Sstevel@tonic-gate { 14397c478bd9Sstevel@tonic-gate auditinfo_addr_t ai; 14407c478bd9Sstevel@tonic-gate 14417c478bd9Sstevel@tonic-gate if (getaudit_addr(&ai, sizeof (ai))) { 14427c478bd9Sstevel@tonic-gate exit_error(gettext("getaudit_addr(2) failed")); 14437c478bd9Sstevel@tonic-gate } 14447c478bd9Sstevel@tonic-gate print_asid(ai.ai_asid); 14457c478bd9Sstevel@tonic-gate } 14467c478bd9Sstevel@tonic-gate 14477c478bd9Sstevel@tonic-gate /* 14488523fda3SJan Friedel * do_getstat() - the printed statistics are for the entire system unless 14498523fda3SJan Friedel * AUDIT_PERZONE is set. 14507c478bd9Sstevel@tonic-gate */ 14517c478bd9Sstevel@tonic-gate static void 14529e3700dfSgww do_getstat(void) 14537c478bd9Sstevel@tonic-gate { 14547c478bd9Sstevel@tonic-gate au_stat_t as; 14559e3700dfSgww int offset[12]; /* used to line the header up correctly */ 14569e3700dfSgww char buf[512]; 14577c478bd9Sstevel@tonic-gate 14587c478bd9Sstevel@tonic-gate eauditon(A_GETSTAT, (caddr_t)&as, 0); 14599e3700dfSgww (void) sprintf(buf, "%4lu %n%4lu %n%4lu %n%4lu %n%4lu %n%4lu %n%4lu " 14609e3700dfSgww "%n%4lu %n%4lu %n%4lu %n%4lu %n%4lu%n", 14619e3700dfSgww (ulong_t)as.as_generated, &(offset[0]), 14629e3700dfSgww (ulong_t)as.as_nonattrib, &(offset[1]), 14639e3700dfSgww (ulong_t)as.as_kernel, &(offset[2]), 14649e3700dfSgww (ulong_t)as.as_audit, &(offset[3]), 14659e3700dfSgww (ulong_t)as.as_auditctl, &(offset[4]), 14669e3700dfSgww (ulong_t)as.as_enqueue, &(offset[5]), 14679e3700dfSgww (ulong_t)as.as_written, &(offset[6]), 14689e3700dfSgww (ulong_t)as.as_wblocked, &(offset[7]), 14699e3700dfSgww (ulong_t)as.as_rblocked, &(offset[8]), 14709e3700dfSgww (ulong_t)as.as_dropped, &(offset[9]), 14719e3700dfSgww (ulong_t)as.as_totalsize / ONEK, &(offset[10]), 14729e3700dfSgww (ulong_t)as.as_memused / ONEK, &(offset[11])); 14739e3700dfSgww 14749e3700dfSgww /* 14759e3700dfSgww * TRANSLATION_NOTE 14769e3700dfSgww * Print a properly aligned header. 14779e3700dfSgww */ 14789e3700dfSgww (void) printf("%*s %*s %*s %*s %*s %*s %*s %*s %*s %*s %*s %*s\n", 14799e3700dfSgww offset[0] - 1, gettext("gen"), 14809e3700dfSgww offset[1] - offset[0] -1, gettext("nona"), 14819e3700dfSgww offset[2] - offset[1] -1, gettext("kern"), 14829e3700dfSgww offset[3] - offset[2] -1, gettext("aud"), 14839e3700dfSgww offset[4] - offset[3] -1, gettext("ctl"), 14849e3700dfSgww offset[5] - offset[4] -1, gettext("enq"), 14859e3700dfSgww offset[6] - offset[5] -1, gettext("wrtn"), 14869e3700dfSgww offset[7] - offset[6] -1, gettext("wblk"), 14879e3700dfSgww offset[8] - offset[7] -1, gettext("rblk"), 14889e3700dfSgww offset[9] - offset[8] -1, gettext("drop"), 14899e3700dfSgww offset[10] - offset[9] -1, gettext("tot"), 14909e3700dfSgww offset[11] - offset[10], gettext("mem")); 14919e3700dfSgww 14929e3700dfSgww (void) printf("%s\n", buf); 14937c478bd9Sstevel@tonic-gate } 14947c478bd9Sstevel@tonic-gate 14958523fda3SJan Friedel /* 14968523fda3SJan Friedel * do_gettermid() - print audit terminal ID for current process. 14978523fda3SJan Friedel */ 14987c478bd9Sstevel@tonic-gate static void 14999e3700dfSgww do_gettermid(void) 15007c478bd9Sstevel@tonic-gate { 15017c478bd9Sstevel@tonic-gate auditinfo_addr_t ai; 15027c478bd9Sstevel@tonic-gate 15037c478bd9Sstevel@tonic-gate if (getaudit_addr(&ai, sizeof (ai))) { 15047c478bd9Sstevel@tonic-gate exit_error(gettext("getaudit_addr(2) failed")); 15057c478bd9Sstevel@tonic-gate } 15067c478bd9Sstevel@tonic-gate print_tid_ex(&ai.ai_termid); 15077c478bd9Sstevel@tonic-gate } 15087c478bd9Sstevel@tonic-gate 15097c478bd9Sstevel@tonic-gate /* 15108523fda3SJan Friedel * do_lsevent() - display the active kernel and user level audit event 15118523fda3SJan Friedel * information. The printed events are for the global zone unless AUDIT_PERZONE 15128523fda3SJan Friedel * is set. 15137c478bd9Sstevel@tonic-gate */ 15147c478bd9Sstevel@tonic-gate static void 15159e3700dfSgww do_lsevent(void) 15167c478bd9Sstevel@tonic-gate { 15177c478bd9Sstevel@tonic-gate register au_event_ent_t *evp; 15187c478bd9Sstevel@tonic-gate au_mask_t pmask; 15197c478bd9Sstevel@tonic-gate char auflags[256]; 15207c478bd9Sstevel@tonic-gate 15217c478bd9Sstevel@tonic-gate setauevent(); 15229e3700dfSgww if (getauevent() == NULL) { 15238523fda3SJan Friedel exit_error(gettext("NO AUDIT EVENTS: Could not read %s\n."), 15248523fda3SJan Friedel AUDITEVENTFILE); 15257c478bd9Sstevel@tonic-gate } 15267c478bd9Sstevel@tonic-gate 15277c478bd9Sstevel@tonic-gate setauevent(); 15289e3700dfSgww while ((evp = getauevent()) != NULL) { 15297c478bd9Sstevel@tonic-gate pmask.am_success = pmask.am_failure = evp->ae_class; 15307c478bd9Sstevel@tonic-gate if (getauditflagschar(auflags, &pmask, 0) == -1) 15317c478bd9Sstevel@tonic-gate (void) strcpy(auflags, "unknown"); 1532d0fa49b7STony Nguyen (void) printf("%-30s %5hu %s %s\n", 15337c478bd9Sstevel@tonic-gate evp->ae_name, evp->ae_number, auflags, evp->ae_desc); 15347c478bd9Sstevel@tonic-gate } 15357c478bd9Sstevel@tonic-gate endauevent(); 15367c478bd9Sstevel@tonic-gate } 15377c478bd9Sstevel@tonic-gate 15387c478bd9Sstevel@tonic-gate /* 15398523fda3SJan Friedel * do_lspolicy() - display the kernel audit policies with a description of each 15408523fda3SJan Friedel * policy. The printed value is for the global zone unless AUDIT_PERZONE is set. 15417c478bd9Sstevel@tonic-gate */ 15427c478bd9Sstevel@tonic-gate static void 15439e3700dfSgww do_lspolicy(void) 15447c478bd9Sstevel@tonic-gate { 15457c478bd9Sstevel@tonic-gate int i; 15467c478bd9Sstevel@tonic-gate 15477c478bd9Sstevel@tonic-gate /* 15487c478bd9Sstevel@tonic-gate * TRANSLATION_NOTE 15497c478bd9Sstevel@tonic-gate * Print a properly aligned header. 15507c478bd9Sstevel@tonic-gate */ 15517c478bd9Sstevel@tonic-gate (void) printf(gettext("policy string description:\n")); 155245916cd2Sjpk for (i = 0; i < POLICY_TBL_SZ; i++) { 155345916cd2Sjpk (void) printf("%-17s%s\n", policy_table[i].policy_str, 15547c478bd9Sstevel@tonic-gate gettext(policy_table[i].policy_desc)); 15557c478bd9Sstevel@tonic-gate } 155645916cd2Sjpk } 15577c478bd9Sstevel@tonic-gate 15588523fda3SJan Friedel /* 15598523fda3SJan Friedel * do_setasid() - execute shell or cmd with specified session-ID. 15608523fda3SJan Friedel */ 15617c478bd9Sstevel@tonic-gate static void 15629e3700dfSgww do_setasid(char *sid_str, char **argv) 15637c478bd9Sstevel@tonic-gate { 15647c478bd9Sstevel@tonic-gate struct auditinfo_addr ai; 15657c478bd9Sstevel@tonic-gate 15667c478bd9Sstevel@tonic-gate if (getaudit_addr(&ai, sizeof (ai))) { 15677c478bd9Sstevel@tonic-gate exit_error(gettext("getaudit_addr(2) failed")); 15687c478bd9Sstevel@tonic-gate } 15697c478bd9Sstevel@tonic-gate ai.ai_asid = (au_asid_t)atol(sid_str); 15707c478bd9Sstevel@tonic-gate if (setaudit_addr(&ai, sizeof (ai))) { 15717c478bd9Sstevel@tonic-gate exit_error(gettext("setaudit_addr(2) failed")); 15727c478bd9Sstevel@tonic-gate } 15737c478bd9Sstevel@tonic-gate execit(argv); 15747c478bd9Sstevel@tonic-gate } 15757c478bd9Sstevel@tonic-gate 15768523fda3SJan Friedel /* 15778523fda3SJan Friedel * do_setaudit() - execute shell or cmd with specified audit characteristics. 15788523fda3SJan Friedel */ 15797c478bd9Sstevel@tonic-gate static void 15809e3700dfSgww do_setaudit(char *user_str, char *mask_str, char *tid_str, char *sid_str, 15819e3700dfSgww char **argv) 15827c478bd9Sstevel@tonic-gate { 15837c478bd9Sstevel@tonic-gate auditinfo_addr_t ai; 15847c478bd9Sstevel@tonic-gate 15857c478bd9Sstevel@tonic-gate ai.ai_auid = (au_id_t)get_user_id(user_str); 15867c478bd9Sstevel@tonic-gate str2mask(mask_str, &ai.ai_mask), 15877c478bd9Sstevel@tonic-gate str2tid(tid_str, &ai.ai_termid); 15887c478bd9Sstevel@tonic-gate ai.ai_asid = (au_asid_t)atol(sid_str); 15897c478bd9Sstevel@tonic-gate 15907c478bd9Sstevel@tonic-gate esetaudit(&ai, sizeof (ai)); 15917c478bd9Sstevel@tonic-gate execit(argv); 15927c478bd9Sstevel@tonic-gate } 15937c478bd9Sstevel@tonic-gate 15948523fda3SJan Friedel /* 15958523fda3SJan Friedel * do_setauid() - execute shell or cmd with specified audit-ID. 15968523fda3SJan Friedel */ 15977c478bd9Sstevel@tonic-gate static void 15989e3700dfSgww do_setauid(char *user, char **argv) 15997c478bd9Sstevel@tonic-gate { 16007c478bd9Sstevel@tonic-gate au_id_t auid; 16017c478bd9Sstevel@tonic-gate 16027c478bd9Sstevel@tonic-gate auid = get_user_id(user); 16037c478bd9Sstevel@tonic-gate esetauid(&auid); 16047c478bd9Sstevel@tonic-gate execit(argv); 16057c478bd9Sstevel@tonic-gate } 16067c478bd9Sstevel@tonic-gate 16078523fda3SJan Friedel /* 16088523fda3SJan Friedel * do_setpmask() - set the preselection mask of the specified process; valid 16098523fda3SJan Friedel * per zone if AUDIT_PERZONE is set, else only in global zone. 16108523fda3SJan Friedel */ 16117c478bd9Sstevel@tonic-gate static void 16129e3700dfSgww do_setpmask(char *pid_str, char *audit_flags) 16137c478bd9Sstevel@tonic-gate { 16147c478bd9Sstevel@tonic-gate struct auditpinfo ap; 16157c478bd9Sstevel@tonic-gate 16167c478bd9Sstevel@tonic-gate if (strisnum(pid_str)) 16177c478bd9Sstevel@tonic-gate ap.ap_pid = (pid_t)atoi(pid_str); 16187c478bd9Sstevel@tonic-gate else 16197c478bd9Sstevel@tonic-gate exit_usage(1); 16207c478bd9Sstevel@tonic-gate 16217c478bd9Sstevel@tonic-gate str2mask(audit_flags, &ap.ap_mask); 16227c478bd9Sstevel@tonic-gate 16237c478bd9Sstevel@tonic-gate eauditon(A_SETPMASK, (caddr_t)&ap, (int)sizeof (ap)); 16247c478bd9Sstevel@tonic-gate } 16257c478bd9Sstevel@tonic-gate 16268523fda3SJan Friedel /* 16278523fda3SJan Friedel * do_setsmask() - set the preselection mask of all processes with the specified 16288523fda3SJan Friedel * audit session-ID; valid per zone if AUDIT_PERZONE is set, else only in global 16298523fda3SJan Friedel * zone. 16308523fda3SJan Friedel */ 16317c478bd9Sstevel@tonic-gate static void 16329e3700dfSgww do_setsmask(char *asid_str, char *audit_flags) 16337c478bd9Sstevel@tonic-gate { 16347c478bd9Sstevel@tonic-gate struct auditinfo ainfo; 16357c478bd9Sstevel@tonic-gate 16367c478bd9Sstevel@tonic-gate if (strisnum(asid_str)) 1637d0fa49b7STony Nguyen ainfo.ai_asid = (au_asid_t)atoi(asid_str); 16387c478bd9Sstevel@tonic-gate else 16397c478bd9Sstevel@tonic-gate exit_usage(1); 16407c478bd9Sstevel@tonic-gate 16417c478bd9Sstevel@tonic-gate str2mask(audit_flags, &ainfo.ai_mask); 16427c478bd9Sstevel@tonic-gate 16437c478bd9Sstevel@tonic-gate eauditon(A_SETSMASK, (caddr_t)&ainfo, (int)sizeof (ainfo)); 16447c478bd9Sstevel@tonic-gate } 16457c478bd9Sstevel@tonic-gate 16468523fda3SJan Friedel /* 16478523fda3SJan Friedel * do_setumask() - set the preselection mask of all processes with the 16488523fda3SJan Friedel * specified audit-ID; valid per zone if AUDIT_PERZONE is set, else only in 16498523fda3SJan Friedel * global zone. 16508523fda3SJan Friedel */ 16517c478bd9Sstevel@tonic-gate static void 16529e3700dfSgww do_setumask(char *auid_str, char *audit_flags) 16537c478bd9Sstevel@tonic-gate { 16547c478bd9Sstevel@tonic-gate struct auditinfo ainfo; 16557c478bd9Sstevel@tonic-gate 16567c478bd9Sstevel@tonic-gate if (strisnum(auid_str)) 1657d0fa49b7STony Nguyen ainfo.ai_auid = (au_id_t)atoi(auid_str); 16587c478bd9Sstevel@tonic-gate else 16597c478bd9Sstevel@tonic-gate exit_usage(1); 16607c478bd9Sstevel@tonic-gate 16617c478bd9Sstevel@tonic-gate str2mask(audit_flags, &ainfo.ai_mask); 16627c478bd9Sstevel@tonic-gate 16637c478bd9Sstevel@tonic-gate eauditon(A_SETUMASK, (caddr_t)&ainfo, (int)sizeof (ainfo)); 16647c478bd9Sstevel@tonic-gate } 16657c478bd9Sstevel@tonic-gate 16667c478bd9Sstevel@tonic-gate /* 16678523fda3SJan Friedel * do_setstat() - reset audit statistics counters; local zone use is valid if 16688523fda3SJan Friedel * AUDIT_PERZONE is set, otherwise the syscall returns EPERM. 16697c478bd9Sstevel@tonic-gate */ 16707c478bd9Sstevel@tonic-gate static void 16719e3700dfSgww do_setstat(void) 16727c478bd9Sstevel@tonic-gate { 16737c478bd9Sstevel@tonic-gate au_stat_t as; 16747c478bd9Sstevel@tonic-gate 16757c478bd9Sstevel@tonic-gate as.as_audit = (uint_t)-1; 16767c478bd9Sstevel@tonic-gate as.as_auditctl = (uint_t)-1; 16777c478bd9Sstevel@tonic-gate as.as_dropped = (uint_t)-1; 16787c478bd9Sstevel@tonic-gate as.as_enqueue = (uint_t)-1; 16797c478bd9Sstevel@tonic-gate as.as_generated = (uint_t)-1; 16807c478bd9Sstevel@tonic-gate as.as_kernel = (uint_t)-1; 16817c478bd9Sstevel@tonic-gate as.as_nonattrib = (uint_t)-1; 16827c478bd9Sstevel@tonic-gate as.as_rblocked = (uint_t)-1; 16837c478bd9Sstevel@tonic-gate as.as_totalsize = (uint_t)-1; 16847c478bd9Sstevel@tonic-gate as.as_wblocked = (uint_t)-1; 16857c478bd9Sstevel@tonic-gate as.as_written = (uint_t)-1; 16867c478bd9Sstevel@tonic-gate 16877c478bd9Sstevel@tonic-gate eauditon(A_SETSTAT, (caddr_t)&as, (int)sizeof (as)); 16889e3700dfSgww (void) printf("%s\n", gettext("audit stats reset")); 16897c478bd9Sstevel@tonic-gate } 16907c478bd9Sstevel@tonic-gate 16917c478bd9Sstevel@tonic-gate /* 16928523fda3SJan Friedel * do_setclass() - map the kernel event event_str to the classes specified by 16938523fda3SJan Friedel * audit flags audit_flags; valid per zone if AUDIT_PERZONE is set, else only in 16948523fda3SJan Friedel * global zone. 16957c478bd9Sstevel@tonic-gate */ 16967c478bd9Sstevel@tonic-gate static void 16979e3700dfSgww do_setclass(char *event_str, char *audit_flags) 16987c478bd9Sstevel@tonic-gate { 16997c478bd9Sstevel@tonic-gate au_event_t event; 17007c478bd9Sstevel@tonic-gate int mask; 17017c478bd9Sstevel@tonic-gate au_mask_t pmask; 17027c478bd9Sstevel@tonic-gate au_evclass_map_t ec; 17037c478bd9Sstevel@tonic-gate au_event_ent_t *evp; 17047c478bd9Sstevel@tonic-gate 17057c478bd9Sstevel@tonic-gate if (strisnum(event_str)) 17067c478bd9Sstevel@tonic-gate event = (uint_t)atol(event_str); 17077c478bd9Sstevel@tonic-gate else { 17089e3700dfSgww if ((evp = egetauevnam(event_str)) != NULL) 17097c478bd9Sstevel@tonic-gate event = evp->ae_number; 17107c478bd9Sstevel@tonic-gate } 17117c478bd9Sstevel@tonic-gate 17127c478bd9Sstevel@tonic-gate if (strisnum(audit_flags)) 17137c478bd9Sstevel@tonic-gate mask = atoi(audit_flags); 17147c478bd9Sstevel@tonic-gate else { 17157c478bd9Sstevel@tonic-gate str2mask(audit_flags, &pmask); 17167c478bd9Sstevel@tonic-gate mask = pmask.am_success | pmask.am_failure; 17177c478bd9Sstevel@tonic-gate } 17187c478bd9Sstevel@tonic-gate 17197c478bd9Sstevel@tonic-gate ec.ec_number = event; 17207c478bd9Sstevel@tonic-gate ec.ec_class = mask; 17217c478bd9Sstevel@tonic-gate eauditon(A_SETCLASS, (caddr_t)&ec, (int)sizeof (ec)); 17227c478bd9Sstevel@tonic-gate } 17237c478bd9Sstevel@tonic-gate 17247c478bd9Sstevel@tonic-gate /* 17258523fda3SJan Friedel * do_setkmask() - set non-attributes selection flags of machine; valid per zone 17268523fda3SJan Friedel * if AUDIT_PERZONE is set, else only in global zone. 17277c478bd9Sstevel@tonic-gate */ 17287c478bd9Sstevel@tonic-gate static void 17299e3700dfSgww do_setkmask(char *audit_flags) 17307c478bd9Sstevel@tonic-gate { 17317c478bd9Sstevel@tonic-gate au_mask_t pmask; 17327c478bd9Sstevel@tonic-gate 17337c478bd9Sstevel@tonic-gate str2mask(audit_flags, &pmask); 17347c478bd9Sstevel@tonic-gate eauditon(A_SETKMASK, (caddr_t)&pmask, (int)sizeof (pmask)); 17357c478bd9Sstevel@tonic-gate print_mask(gettext("audit flags for non-attributable events"), &pmask); 17367c478bd9Sstevel@tonic-gate } 17377c478bd9Sstevel@tonic-gate 17387c478bd9Sstevel@tonic-gate /* 17398523fda3SJan Friedel * do_setpolicy() - set the active and configured kernel audit policy; active 17408523fda3SJan Friedel * values can be changed per zone if AUDIT_PERZONE is set, else only in global 17418523fda3SJan Friedel * zone. 17428523fda3SJan Friedel * 17438523fda3SJan Friedel * ahlt and perzone are global zone only. The kernel ensures that a local zone 17448523fda3SJan Friedel * can't change ahlt and perzone (EINVAL). 17457c478bd9Sstevel@tonic-gate */ 17467c478bd9Sstevel@tonic-gate static void 17479e3700dfSgww do_setpolicy(char *policy_str) 17487c478bd9Sstevel@tonic-gate { 17498523fda3SJan Friedel uint32_t policy = 0; 17507c478bd9Sstevel@tonic-gate 17517c478bd9Sstevel@tonic-gate switch (str2policy(policy_str, &policy)) { 17528523fda3SJan Friedel case 0: 17538523fda3SJan Friedel if (!temporary_set) { 17548523fda3SJan Friedel if (!do_getpolicy_scf(&policy)) { 17558523fda3SJan Friedel exit_error(gettext("Unable to get current " 17568523fda3SJan Friedel "policy values from the SMF repository")); 17578523fda3SJan Friedel } 17588523fda3SJan Friedel (void) str2policy(policy_str, &policy); 17598523fda3SJan Friedel 17608523fda3SJan Friedel if (!do_setpolicy_scf(policy)) { 17618523fda3SJan Friedel exit_error(gettext("Could not store " 17628523fda3SJan Friedel "configuration values.")); 17638523fda3SJan Friedel } 17648523fda3SJan Friedel } 17658523fda3SJan Friedel eauditon(A_SETPOLICY, (caddr_t)&policy, 0); 17668523fda3SJan Friedel break; 17677c478bd9Sstevel@tonic-gate case 2: 17688523fda3SJan Friedel exit_error(gettext("policy (%s) invalid in a local zone."), 17697c478bd9Sstevel@tonic-gate policy_str); 17707c478bd9Sstevel@tonic-gate break; 17717c478bd9Sstevel@tonic-gate default: 17728523fda3SJan Friedel exit_error(gettext("Invalid policy (%s) specified."), 17737c478bd9Sstevel@tonic-gate policy_str); 17747c478bd9Sstevel@tonic-gate break; 17757c478bd9Sstevel@tonic-gate } 17767c478bd9Sstevel@tonic-gate } 17777c478bd9Sstevel@tonic-gate 17787c478bd9Sstevel@tonic-gate /* 17798523fda3SJan Friedel * do_setqbufsz() - set the active and configured audit queue write buffer size 17808523fda3SJan Friedel * (bytes); active values can be changed per zone if AUDIT_PERZONE is set, else 17818523fda3SJan Friedel * only in global zone. 17827c478bd9Sstevel@tonic-gate */ 17837c478bd9Sstevel@tonic-gate static void 17849e3700dfSgww do_setqbufsz(char *bufsz) 17857c478bd9Sstevel@tonic-gate { 17867c478bd9Sstevel@tonic-gate struct au_qctrl qctrl; 17877c478bd9Sstevel@tonic-gate 17888523fda3SJan Friedel if (!temporary_set) { 17898523fda3SJan Friedel qctrl.aq_bufsz = (size_t)atol(bufsz); 17908523fda3SJan Friedel if (!do_setqbufsz_scf(&qctrl.aq_bufsz)) { 17918523fda3SJan Friedel exit_error(gettext( 17928523fda3SJan Friedel "Could not store configuration value.")); 17938523fda3SJan Friedel } 1794*be61b9faSJan Friedel if (qctrl.aq_bufsz == 0) { 1795*be61b9faSJan Friedel return; 1796*be61b9faSJan Friedel } 17978523fda3SJan Friedel } 17988523fda3SJan Friedel 17997c478bd9Sstevel@tonic-gate eauditon(A_GETQCTRL, (caddr_t)&qctrl, 0); 18008523fda3SJan Friedel qctrl.aq_bufsz = (size_t)atol(bufsz); 18017c478bd9Sstevel@tonic-gate eauditon(A_SETQCTRL, (caddr_t)&qctrl, 0); 18027c478bd9Sstevel@tonic-gate } 18037c478bd9Sstevel@tonic-gate 18047c478bd9Sstevel@tonic-gate /* 18058523fda3SJan Friedel * do_setqctrl() - set the active and configured audit queue write buffer size 18068523fda3SJan Friedel * (bytes), hiwater audit record count, lowater audit record count, and wakeup 18078523fda3SJan Friedel * interval (ticks); active values can be changed per zone if AUDIT_PERZONE is 18088523fda3SJan Friedel * set, else only in global zone. 18097c478bd9Sstevel@tonic-gate */ 18107c478bd9Sstevel@tonic-gate static void 18119e3700dfSgww do_setqctrl(char *hiwater, char *lowater, char *bufsz, char *delay) 18127c478bd9Sstevel@tonic-gate { 18137c478bd9Sstevel@tonic-gate struct au_qctrl qctrl; 18147c478bd9Sstevel@tonic-gate 18158523fda3SJan Friedel qctrl.aq_hiwater = (size_t)atol(hiwater); 18168523fda3SJan Friedel qctrl.aq_lowater = (size_t)atol(lowater); 18178523fda3SJan Friedel qctrl.aq_bufsz = (size_t)atol(bufsz); 18188523fda3SJan Friedel qctrl.aq_delay = (clock_t)atol(delay); 18198523fda3SJan Friedel 18208523fda3SJan Friedel if (!temporary_set) { 1821*be61b9faSJan Friedel struct au_qctrl qctrl_act; 1822*be61b9faSJan Friedel 18238523fda3SJan Friedel if (!do_setqctrl_scf(&qctrl)) { 18248523fda3SJan Friedel exit_error(gettext( 18258523fda3SJan Friedel "Could not store configuration values.")); 18268523fda3SJan Friedel } 1827*be61b9faSJan Friedel 1828*be61b9faSJan Friedel eauditon(A_GETQCTRL, (caddr_t)&qctrl_act, 0); 1829*be61b9faSJan Friedel if (qctrl.aq_hiwater == 0) { 1830*be61b9faSJan Friedel qctrl.aq_hiwater = qctrl_act.aq_hiwater; 1831*be61b9faSJan Friedel } 1832*be61b9faSJan Friedel if (qctrl.aq_lowater == 0) { 1833*be61b9faSJan Friedel qctrl.aq_lowater = qctrl_act.aq_lowater; 1834*be61b9faSJan Friedel } 1835*be61b9faSJan Friedel if (qctrl.aq_bufsz == 0) { 1836*be61b9faSJan Friedel qctrl.aq_bufsz = qctrl_act.aq_bufsz; 1837*be61b9faSJan Friedel } 1838*be61b9faSJan Friedel if (qctrl.aq_delay == 0) { 1839*be61b9faSJan Friedel qctrl.aq_delay = qctrl_act.aq_delay; 1840*be61b9faSJan Friedel } 18418523fda3SJan Friedel } 18428523fda3SJan Friedel 18437c478bd9Sstevel@tonic-gate eauditon(A_SETQCTRL, (caddr_t)&qctrl, 0); 18447c478bd9Sstevel@tonic-gate } 18457c478bd9Sstevel@tonic-gate 18467c478bd9Sstevel@tonic-gate /* 18478523fda3SJan Friedel * do_setqdelay() - set the active and configured audit queue wakeup interval 18488523fda3SJan Friedel * (ticks); active values can be changed per zone if AUDIT_PERZONE is set, else 18498523fda3SJan Friedel * only in global zone. 18507c478bd9Sstevel@tonic-gate */ 18517c478bd9Sstevel@tonic-gate static void 18529e3700dfSgww do_setqdelay(char *delay) 18537c478bd9Sstevel@tonic-gate { 18547c478bd9Sstevel@tonic-gate struct au_qctrl qctrl; 18557c478bd9Sstevel@tonic-gate 18568523fda3SJan Friedel if (!temporary_set) { 18578523fda3SJan Friedel qctrl.aq_delay = (clock_t)atol(delay); 18588523fda3SJan Friedel if (!do_setqdelay_scf(&qctrl.aq_delay)) { 18598523fda3SJan Friedel exit_error(gettext( 18608523fda3SJan Friedel "Could not store configuration value.")); 18618523fda3SJan Friedel } 1862*be61b9faSJan Friedel if (qctrl.aq_delay == 0) { 1863*be61b9faSJan Friedel return; 1864*be61b9faSJan Friedel } 18658523fda3SJan Friedel } 18668523fda3SJan Friedel 18677c478bd9Sstevel@tonic-gate eauditon(A_GETQCTRL, (caddr_t)&qctrl, 0); 18688523fda3SJan Friedel qctrl.aq_delay = (clock_t)atol(delay); 18697c478bd9Sstevel@tonic-gate eauditon(A_SETQCTRL, (caddr_t)&qctrl, 0); 18707c478bd9Sstevel@tonic-gate } 18717c478bd9Sstevel@tonic-gate 18727c478bd9Sstevel@tonic-gate /* 18738523fda3SJan Friedel * do_setqhiwater() - sets the active and configured number of undelivered audit 18748523fda3SJan Friedel * records in the audit queue at which audit record generation blocks; active 18758523fda3SJan Friedel * values can be changed per zone if AUDIT_PERZONE is set, else only in global 18768523fda3SJan Friedel * zone. 18777c478bd9Sstevel@tonic-gate */ 18787c478bd9Sstevel@tonic-gate static void 18799e3700dfSgww do_setqhiwater(char *hiwater) 18807c478bd9Sstevel@tonic-gate { 18817c478bd9Sstevel@tonic-gate struct au_qctrl qctrl; 18827c478bd9Sstevel@tonic-gate 18838523fda3SJan Friedel if (!temporary_set) { 18848523fda3SJan Friedel qctrl.aq_hiwater = (size_t)atol(hiwater); 18858523fda3SJan Friedel if (!do_setqhiwater_scf(&qctrl.aq_hiwater)) { 18868523fda3SJan Friedel exit_error(gettext( 18878523fda3SJan Friedel "Could not store configuration value.")); 18888523fda3SJan Friedel } 1889*be61b9faSJan Friedel if (qctrl.aq_hiwater == 0) { 1890*be61b9faSJan Friedel return; 1891*be61b9faSJan Friedel } 18928523fda3SJan Friedel } 18938523fda3SJan Friedel 18947c478bd9Sstevel@tonic-gate eauditon(A_GETQCTRL, (caddr_t)&qctrl, 0); 18958523fda3SJan Friedel qctrl.aq_hiwater = (size_t)atol(hiwater); 18967c478bd9Sstevel@tonic-gate eauditon(A_SETQCTRL, (caddr_t)&qctrl, 0); 18977c478bd9Sstevel@tonic-gate } 18987c478bd9Sstevel@tonic-gate 18997c478bd9Sstevel@tonic-gate /* 19008523fda3SJan Friedel * do_setqlowater() - set the active and configured number of undelivered audit 19018523fda3SJan Friedel * records in the audit queue at which blocked auditing processes unblock; 19028523fda3SJan Friedel * active values can be changed per zone if AUDIT_PERZONE is set, else only in 19038523fda3SJan Friedel * global zone. 19047c478bd9Sstevel@tonic-gate */ 19057c478bd9Sstevel@tonic-gate static void 19069e3700dfSgww do_setqlowater(char *lowater) 19077c478bd9Sstevel@tonic-gate { 19087c478bd9Sstevel@tonic-gate struct au_qctrl qctrl; 19097c478bd9Sstevel@tonic-gate 19108523fda3SJan Friedel if (!temporary_set) { 19118523fda3SJan Friedel qctrl.aq_lowater = (size_t)atol(lowater); 19128523fda3SJan Friedel if (!do_setqlowater_scf(&qctrl.aq_lowater)) { 19138523fda3SJan Friedel exit_error(gettext( 19148523fda3SJan Friedel "Could not store configuration value.")); 19158523fda3SJan Friedel } 1916*be61b9faSJan Friedel if (qctrl.aq_lowater == 0) { 1917*be61b9faSJan Friedel return; 1918*be61b9faSJan Friedel } 19198523fda3SJan Friedel } 19208523fda3SJan Friedel 19217c478bd9Sstevel@tonic-gate eauditon(A_GETQCTRL, (caddr_t)&qctrl, 0); 19228523fda3SJan Friedel qctrl.aq_lowater = (size_t)atol(lowater); 19237c478bd9Sstevel@tonic-gate eauditon(A_SETQCTRL, (caddr_t)&qctrl, 0); 19247c478bd9Sstevel@tonic-gate } 19257c478bd9Sstevel@tonic-gate 19267c478bd9Sstevel@tonic-gate static void 19279e3700dfSgww eauditon(int cmd, caddr_t data, int length) 19287c478bd9Sstevel@tonic-gate { 19297c478bd9Sstevel@tonic-gate if (auditon(cmd, data, length) == -1) 19307c478bd9Sstevel@tonic-gate exit_error(gettext("auditon(2) failed.")); 19317c478bd9Sstevel@tonic-gate } 19327c478bd9Sstevel@tonic-gate 19337c478bd9Sstevel@tonic-gate static void 19349e3700dfSgww egetauid(au_id_t *auid) 19357c478bd9Sstevel@tonic-gate { 19367c478bd9Sstevel@tonic-gate if (getauid(auid) == -1) 19377c478bd9Sstevel@tonic-gate exit_error(gettext("getauid(2) failed.")); 19387c478bd9Sstevel@tonic-gate } 19397c478bd9Sstevel@tonic-gate 19407c478bd9Sstevel@tonic-gate static void 19419e3700dfSgww egetaudit(auditinfo_addr_t *ai, int size) 19427c478bd9Sstevel@tonic-gate { 19437c478bd9Sstevel@tonic-gate if (getaudit_addr(ai, size) == -1) 19447c478bd9Sstevel@tonic-gate exit_error(gettext("getaudit_addr(2) failed.")); 19457c478bd9Sstevel@tonic-gate } 19467c478bd9Sstevel@tonic-gate 19477c478bd9Sstevel@tonic-gate static void 19489e3700dfSgww egetkaudit(auditinfo_addr_t *ai, int size) 19497c478bd9Sstevel@tonic-gate { 19507c478bd9Sstevel@tonic-gate if (auditon(A_GETKAUDIT, (char *)ai, size) < 0) 19517c478bd9Sstevel@tonic-gate exit_error(gettext("auditon: A_GETKAUDIT failed.")); 19527c478bd9Sstevel@tonic-gate } 19537c478bd9Sstevel@tonic-gate 19547c478bd9Sstevel@tonic-gate static void 19559e3700dfSgww esetkaudit(auditinfo_addr_t *ai, int size) 19567c478bd9Sstevel@tonic-gate { 19577c478bd9Sstevel@tonic-gate if (auditon(A_SETKAUDIT, (char *)ai, size) < 0) 19587c478bd9Sstevel@tonic-gate exit_error(gettext("auditon: A_SETKAUDIT failed.")); 19597c478bd9Sstevel@tonic-gate } 19607c478bd9Sstevel@tonic-gate 19617c478bd9Sstevel@tonic-gate static void 19629e3700dfSgww egetauditflagsbin(char *auditflags, au_mask_t *pmask) 19637c478bd9Sstevel@tonic-gate { 19647c478bd9Sstevel@tonic-gate pmask->am_success = pmask->am_failure = 0; 19657c478bd9Sstevel@tonic-gate 19667c478bd9Sstevel@tonic-gate if (strcmp(auditflags, "none") == 0) 19677c478bd9Sstevel@tonic-gate return; 19687c478bd9Sstevel@tonic-gate 19697c478bd9Sstevel@tonic-gate if (getauditflagsbin(auditflags, pmask) < 0) { 19707c478bd9Sstevel@tonic-gate exit_error(gettext("Could not get audit flags (%s)"), 19717c478bd9Sstevel@tonic-gate auditflags); 19727c478bd9Sstevel@tonic-gate } 19737c478bd9Sstevel@tonic-gate } 19747c478bd9Sstevel@tonic-gate 19757c478bd9Sstevel@tonic-gate static au_event_ent_t * 19769e3700dfSgww egetauevnum(au_event_t event_number) 19777c478bd9Sstevel@tonic-gate { 19787c478bd9Sstevel@tonic-gate au_event_ent_t *evp; 19797c478bd9Sstevel@tonic-gate 19809e3700dfSgww if ((evp = getauevnum(event_number)) == NULL) { 1981d0fa49b7STony Nguyen exit_error(gettext("Could not get audit event %hu"), 19827c478bd9Sstevel@tonic-gate event_number); 19839e3700dfSgww } 19847c478bd9Sstevel@tonic-gate 19857c478bd9Sstevel@tonic-gate return (evp); 19867c478bd9Sstevel@tonic-gate } 19877c478bd9Sstevel@tonic-gate 19887c478bd9Sstevel@tonic-gate static au_event_ent_t * 19899e3700dfSgww egetauevnam(char *event_name) 19907c478bd9Sstevel@tonic-gate { 19917c478bd9Sstevel@tonic-gate register au_event_ent_t *evp; 19927c478bd9Sstevel@tonic-gate 19939e3700dfSgww if ((evp = getauevnam(event_name)) == NULL) 19947c478bd9Sstevel@tonic-gate exit_error(gettext("Could not get audit event %s"), event_name); 19957c478bd9Sstevel@tonic-gate 19967c478bd9Sstevel@tonic-gate return (evp); 19977c478bd9Sstevel@tonic-gate } 19987c478bd9Sstevel@tonic-gate 19997c478bd9Sstevel@tonic-gate static void 20009e3700dfSgww esetauid(au_id_t *auid) 20017c478bd9Sstevel@tonic-gate { 20027c478bd9Sstevel@tonic-gate if (setauid(auid) == -1) 20037c478bd9Sstevel@tonic-gate exit_error(gettext("setauid(2) failed.")); 20047c478bd9Sstevel@tonic-gate } 20057c478bd9Sstevel@tonic-gate 20067c478bd9Sstevel@tonic-gate static void 20079e3700dfSgww esetaudit(auditinfo_addr_t *ai, int size) 20087c478bd9Sstevel@tonic-gate { 20097c478bd9Sstevel@tonic-gate if (setaudit_addr(ai, size) == -1) 20107c478bd9Sstevel@tonic-gate exit_error(gettext("setaudit_addr(2) failed.")); 20117c478bd9Sstevel@tonic-gate } 20127c478bd9Sstevel@tonic-gate 20137c478bd9Sstevel@tonic-gate static uid_t 20149e3700dfSgww get_user_id(char *user) 20157c478bd9Sstevel@tonic-gate { 20167c478bd9Sstevel@tonic-gate struct passwd *pwd; 20177c478bd9Sstevel@tonic-gate uid_t uid; 20187c478bd9Sstevel@tonic-gate 20197c478bd9Sstevel@tonic-gate if (isdigit(*user)) { 20207c478bd9Sstevel@tonic-gate uid = atoi(user); 20219e3700dfSgww if ((pwd = getpwuid(uid)) == NULL) { 20227c478bd9Sstevel@tonic-gate exit_error(gettext("Invalid user: %s"), user); 20237c478bd9Sstevel@tonic-gate } 20247c478bd9Sstevel@tonic-gate } else { 20259e3700dfSgww if ((pwd = getpwnam(user)) == NULL) { 20267c478bd9Sstevel@tonic-gate exit_error(gettext("Invalid user: %s"), user); 20277c478bd9Sstevel@tonic-gate } 20287c478bd9Sstevel@tonic-gate } 20297c478bd9Sstevel@tonic-gate 20307c478bd9Sstevel@tonic-gate return (pwd->pw_uid); 20317c478bd9Sstevel@tonic-gate } 20327c478bd9Sstevel@tonic-gate 20337c478bd9Sstevel@tonic-gate /* 20347c478bd9Sstevel@tonic-gate * get_arg_ent() 20357c478bd9Sstevel@tonic-gate * Inputs: command line argument string 20368523fda3SJan Friedel * Returns ptr to struct arg_entry if found; null, if not found 20377c478bd9Sstevel@tonic-gate */ 20388523fda3SJan Friedel static arg_entry_t * 20399e3700dfSgww get_arg_ent(char *arg_str) 20407c478bd9Sstevel@tonic-gate { 20418523fda3SJan Friedel arg_entry_t key; 20427c478bd9Sstevel@tonic-gate 20437c478bd9Sstevel@tonic-gate key.arg_str = arg_str; 20447c478bd9Sstevel@tonic-gate 20458523fda3SJan Friedel return ((arg_entry_t *)bsearch((char *)&key, (char *)arg_table, 20468523fda3SJan Friedel ARG_TBL_SZ, sizeof (arg_entry_t), arg_ent_compare)); 20477c478bd9Sstevel@tonic-gate } 20487c478bd9Sstevel@tonic-gate 20497c478bd9Sstevel@tonic-gate /* 20507c478bd9Sstevel@tonic-gate * arg_ent_compare() 20517c478bd9Sstevel@tonic-gate * Compares two command line arguments to determine which is 20527c478bd9Sstevel@tonic-gate * lexicographically greater. 20537c478bd9Sstevel@tonic-gate * Inputs: two argument map table entry pointers 20547c478bd9Sstevel@tonic-gate * Returns: > 1: aep1->arg_str > aep2->arg_str 20557c478bd9Sstevel@tonic-gate * < 1: aep1->arg_str < aep2->arg_str 20567c478bd9Sstevel@tonic-gate * 0: aep1->arg_str = aep->arg_str2 20577c478bd9Sstevel@tonic-gate */ 20587c478bd9Sstevel@tonic-gate static int 20599e3700dfSgww arg_ent_compare(const void *aep1, const void *aep2) 20607c478bd9Sstevel@tonic-gate { 20618523fda3SJan Friedel return (strcmp(((arg_entry_t *)aep1)->arg_str, 20628523fda3SJan Friedel ((arg_entry_t *)aep2)->arg_str)); 20637c478bd9Sstevel@tonic-gate } 20647c478bd9Sstevel@tonic-gate 20657c478bd9Sstevel@tonic-gate /* 20667c478bd9Sstevel@tonic-gate * Convert mask of the following forms: 20677c478bd9Sstevel@tonic-gate * 20687c478bd9Sstevel@tonic-gate * audit_flags (ie. +lo,-ad,pc) 20697c478bd9Sstevel@tonic-gate * 0xffffffff,0xffffffff 20707c478bd9Sstevel@tonic-gate * ffffffff,ffffffff 20717c478bd9Sstevel@tonic-gate * 20,20 20727c478bd9Sstevel@tonic-gate */ 20737c478bd9Sstevel@tonic-gate static void 20749e3700dfSgww str2mask(char *mask_str, au_mask_t *mp) 20757c478bd9Sstevel@tonic-gate { 20767c478bd9Sstevel@tonic-gate 20777c478bd9Sstevel@tonic-gate char sp[256]; 20787c478bd9Sstevel@tonic-gate char fp[256]; 20797c478bd9Sstevel@tonic-gate 20807c478bd9Sstevel@tonic-gate mp->am_success = 0; 20817c478bd9Sstevel@tonic-gate mp->am_failure = 0; 20827c478bd9Sstevel@tonic-gate 20837c478bd9Sstevel@tonic-gate /* 20849e3700dfSgww * a mask of the form +aa,bb,cc,-dd or 20859e3700dfSgww * a mask of the form 0xffffffff,0xffffffff or 1,1 20867c478bd9Sstevel@tonic-gate */ 20877c478bd9Sstevel@tonic-gate if (strisflags(mask_str)) { 20887c478bd9Sstevel@tonic-gate egetauditflagsbin(mask_str, mp); 20897c478bd9Sstevel@tonic-gate } else { 20907c478bd9Sstevel@tonic-gate strsplit(mask_str, sp, fp, ','); 20917c478bd9Sstevel@tonic-gate 20929e3700dfSgww if (strlen(sp) > (size_t)2 && !strncasecmp(sp, "0x", 2)) { 20937c478bd9Sstevel@tonic-gate (void) sscanf(sp + 2, "%x", &mp->am_success); 20949e3700dfSgww } else { 20957c478bd9Sstevel@tonic-gate (void) sscanf(sp, "%u", &mp->am_success); 20969e3700dfSgww } 20977c478bd9Sstevel@tonic-gate 20989e3700dfSgww if (strlen(fp) > (size_t)2 && !strncasecmp(fp, "0x", 2)) { 20997c478bd9Sstevel@tonic-gate (void) sscanf(fp + 2, "%x", &mp->am_failure); 21009e3700dfSgww } else { 21017c478bd9Sstevel@tonic-gate (void) sscanf(fp, "%u", &mp->am_failure); 21027c478bd9Sstevel@tonic-gate } 21037c478bd9Sstevel@tonic-gate } 21049e3700dfSgww } 21057c478bd9Sstevel@tonic-gate 21067c478bd9Sstevel@tonic-gate /* 21077c478bd9Sstevel@tonic-gate * tid_str is major,minor,host -- host is a name or an ip address 21087c478bd9Sstevel@tonic-gate */ 21097c478bd9Sstevel@tonic-gate static void 21107c478bd9Sstevel@tonic-gate str2tid(char *tid_str, au_tid_addr_t *tp) 21117c478bd9Sstevel@tonic-gate { 21129e3700dfSgww char *major_str; 21139e3700dfSgww char *minor_str; 21149e3700dfSgww char *host_str = NULL; 21157c478bd9Sstevel@tonic-gate major_t major = 0; 21167c478bd9Sstevel@tonic-gate major_t minor = 0; 21177c478bd9Sstevel@tonic-gate dev_t dev = 0; 21187c478bd9Sstevel@tonic-gate struct hostent *phe; 21197c478bd9Sstevel@tonic-gate int err; 21207c478bd9Sstevel@tonic-gate uint32_t ibuf; 21217c478bd9Sstevel@tonic-gate uint32_t ibuf6[4]; 21227c478bd9Sstevel@tonic-gate 21237c478bd9Sstevel@tonic-gate tp->at_port = 0; 21247c478bd9Sstevel@tonic-gate tp->at_type = 0; 21257c478bd9Sstevel@tonic-gate bzero(tp->at_addr, 16); 21267c478bd9Sstevel@tonic-gate 21277c478bd9Sstevel@tonic-gate major_str = tid_str; 21287c478bd9Sstevel@tonic-gate if ((minor_str = strchr(tid_str, ',')) != NULL) { 21297c478bd9Sstevel@tonic-gate *minor_str = '\0'; 21307c478bd9Sstevel@tonic-gate minor_str++; 21317c478bd9Sstevel@tonic-gate } 21327c478bd9Sstevel@tonic-gate 21339e3700dfSgww if (minor_str) { 21347c478bd9Sstevel@tonic-gate if ((host_str = strchr(minor_str, ',')) != NULL) { 21357c478bd9Sstevel@tonic-gate *host_str = '\0'; 21367c478bd9Sstevel@tonic-gate host_str++; 21377c478bd9Sstevel@tonic-gate } 21389e3700dfSgww } 21397c478bd9Sstevel@tonic-gate 21407c478bd9Sstevel@tonic-gate if (major_str) 21417c478bd9Sstevel@tonic-gate major = (major_t)atoi(major_str); 21427c478bd9Sstevel@tonic-gate 21437c478bd9Sstevel@tonic-gate if (minor_str) 21447c478bd9Sstevel@tonic-gate minor = (minor_t)atoi(minor_str); 21457c478bd9Sstevel@tonic-gate 21467c478bd9Sstevel@tonic-gate if ((dev = makedev(major, minor)) != NODEV) 21477c478bd9Sstevel@tonic-gate tp->at_port = dev; 21487c478bd9Sstevel@tonic-gate 21497c478bd9Sstevel@tonic-gate if (host_str) { 21507c478bd9Sstevel@tonic-gate if (strisipaddr(host_str)) { 21517c478bd9Sstevel@tonic-gate if (inet_pton(AF_INET, host_str, &ibuf)) { 21527c478bd9Sstevel@tonic-gate tp->at_addr[0] = ibuf; 21537c478bd9Sstevel@tonic-gate tp->at_type = AU_IPv4; 21547c478bd9Sstevel@tonic-gate } else if (inet_pton(AF_INET6, host_str, ibuf6)) { 21557c478bd9Sstevel@tonic-gate tp->at_addr[0] = ibuf6[0]; 21567c478bd9Sstevel@tonic-gate tp->at_addr[1] = ibuf6[1]; 21577c478bd9Sstevel@tonic-gate tp->at_addr[2] = ibuf6[2]; 21587c478bd9Sstevel@tonic-gate tp->at_addr[3] = ibuf6[3]; 21597c478bd9Sstevel@tonic-gate tp->at_type = AU_IPv6; 21607c478bd9Sstevel@tonic-gate } 21617c478bd9Sstevel@tonic-gate } else { 21627c478bd9Sstevel@tonic-gate phe = getipnodebyname((const void *)host_str, 21637c478bd9Sstevel@tonic-gate AF_INET, 0, &err); 21647c478bd9Sstevel@tonic-gate if (phe == 0) { 21657c478bd9Sstevel@tonic-gate phe = getipnodebyname((const void *)host_str, 21667c478bd9Sstevel@tonic-gate AF_INET6, 0, &err); 21677c478bd9Sstevel@tonic-gate } 21687c478bd9Sstevel@tonic-gate 21697c478bd9Sstevel@tonic-gate if (phe != NULL) { 21707c478bd9Sstevel@tonic-gate if (phe->h_addrtype == AF_INET6) { 21717c478bd9Sstevel@tonic-gate /* address is IPv6 (128 bits) */ 21727c478bd9Sstevel@tonic-gate (void) memcpy(&tp->at_addr[0], 21737c478bd9Sstevel@tonic-gate phe->h_addr_list[0], 16); 21747c478bd9Sstevel@tonic-gate tp->at_type = AU_IPv6; 21757c478bd9Sstevel@tonic-gate } else { 21767c478bd9Sstevel@tonic-gate /* address is IPv4 (32 bits) */ 21777c478bd9Sstevel@tonic-gate (void) memcpy(&tp->at_addr[0], 21787c478bd9Sstevel@tonic-gate phe->h_addr_list[0], 4); 21797c478bd9Sstevel@tonic-gate tp->at_type = AU_IPv4; 21807c478bd9Sstevel@tonic-gate } 21817c478bd9Sstevel@tonic-gate freehostent(phe); 21827c478bd9Sstevel@tonic-gate } 21837c478bd9Sstevel@tonic-gate } 21847c478bd9Sstevel@tonic-gate } 21857c478bd9Sstevel@tonic-gate } 21867c478bd9Sstevel@tonic-gate 21879e3700dfSgww static char * 21889e3700dfSgww cond2str(void) 21897c478bd9Sstevel@tonic-gate { 21909e3700dfSgww uint_t cond; 21917c478bd9Sstevel@tonic-gate 21929e3700dfSgww eauditon(A_GETCOND, (caddr_t)&cond, (int)sizeof (cond)); 21939e3700dfSgww 21949e3700dfSgww switch (cond) { 21959e3700dfSgww 21969e3700dfSgww case AUC_AUDITING: 21979e3700dfSgww return ("auditing"); 21989e3700dfSgww 21999e3700dfSgww case AUC_NOAUDIT: 22009e3700dfSgww case AUC_INIT_AUDIT: 22019e3700dfSgww return ("noaudit"); 22029e3700dfSgww 22039e3700dfSgww case AUC_UNSET: 22049e3700dfSgww return ("unset"); 22059e3700dfSgww 22069e3700dfSgww case AUC_NOSPACE: 22079e3700dfSgww return ("nospace"); 22089e3700dfSgww 22099e3700dfSgww default: 22109e3700dfSgww return (""); 22117c478bd9Sstevel@tonic-gate } 22127c478bd9Sstevel@tonic-gate } 22137c478bd9Sstevel@tonic-gate 22149e3700dfSgww /* 22159e3700dfSgww * exit = 0, success 22169e3700dfSgww * 1, error 22179e3700dfSgww * 2, bad zone 22189e3700dfSgww */ 22197c478bd9Sstevel@tonic-gate static int 22208523fda3SJan Friedel str2policy(char *policy_str, uint32_t *policy_mask) 22217c478bd9Sstevel@tonic-gate { 22227c478bd9Sstevel@tonic-gate char *buf; 22237c478bd9Sstevel@tonic-gate char *tok; 22247c478bd9Sstevel@tonic-gate char pfix; 22258523fda3SJan Friedel boolean_t is_all = B_FALSE; 22268523fda3SJan Friedel uint32_t pm = 0; 22278523fda3SJan Friedel uint32_t curp; 22287c478bd9Sstevel@tonic-gate 22297c478bd9Sstevel@tonic-gate pfix = *policy_str; 22307c478bd9Sstevel@tonic-gate 22317c478bd9Sstevel@tonic-gate if (pfix == '-' || pfix == '+' || pfix == '=') 22327c478bd9Sstevel@tonic-gate ++policy_str; 22337c478bd9Sstevel@tonic-gate 22347c478bd9Sstevel@tonic-gate if ((buf = strdup(policy_str)) == NULL) 22357c478bd9Sstevel@tonic-gate return (1); 22367c478bd9Sstevel@tonic-gate 22379e3700dfSgww for (tok = strtok(buf, ","); tok != NULL; tok = strtok(NULL, ",")) { 22388523fda3SJan Friedel uint32_t tok_pm; 22398523fda3SJan Friedel if (((tok_pm = get_policy(tok)) == 0) && 22408523fda3SJan Friedel ((strcasecmp(tok, "none") != 0))) { 22418523fda3SJan Friedel free(buf); 22427c478bd9Sstevel@tonic-gate return (1); 22437c478bd9Sstevel@tonic-gate } else { 22448523fda3SJan Friedel pm |= tok_pm; 22458523fda3SJan Friedel if (tok_pm == ALL_POLICIES) { 22468523fda3SJan Friedel is_all = B_TRUE; 22477c478bd9Sstevel@tonic-gate } 22487c478bd9Sstevel@tonic-gate } 22499e3700dfSgww } 22507c478bd9Sstevel@tonic-gate free(buf); 22517c478bd9Sstevel@tonic-gate 22528523fda3SJan Friedel /* reuse policy mask if already set to some value */ 22538523fda3SJan Friedel if (*policy_mask != 0) { 22548523fda3SJan Friedel curp = *policy_mask; 22558523fda3SJan Friedel } else { 22568523fda3SJan Friedel (void) auditon(A_GETPOLICY, (caddr_t)&curp, 0); 22578523fda3SJan Friedel } 22588523fda3SJan Friedel 22597c478bd9Sstevel@tonic-gate if (pfix == '-') { 22609e3700dfSgww if (!is_all && 22619e3700dfSgww (getzoneid() != GLOBAL_ZONEID) && 22629e3700dfSgww (pm & ~AUDIT_LOCAL)) { 22637c478bd9Sstevel@tonic-gate return (2); 22649e3700dfSgww } 22658523fda3SJan Friedel 22667c478bd9Sstevel@tonic-gate if (getzoneid() != GLOBAL_ZONEID) 22677c478bd9Sstevel@tonic-gate curp &= AUDIT_LOCAL; 22687c478bd9Sstevel@tonic-gate *policy_mask = curp & ~pm; 22698523fda3SJan Friedel 22707c478bd9Sstevel@tonic-gate } else if (pfix == '+') { 22717c478bd9Sstevel@tonic-gate /* 22729e3700dfSgww * In a local zone, accept specifying "all", but not 22739e3700dfSgww * individually specifying global-zone only policies. 22749e3700dfSgww * Limit to all locally allowed, so system call doesn't 22759e3700dfSgww * fail. 22767c478bd9Sstevel@tonic-gate */ 22779e3700dfSgww if (!is_all && 22789e3700dfSgww (getzoneid() != GLOBAL_ZONEID) && 22799e3700dfSgww (pm & ~AUDIT_LOCAL)) { 22807c478bd9Sstevel@tonic-gate return (2); 22819e3700dfSgww } 22828523fda3SJan Friedel 22837c478bd9Sstevel@tonic-gate if (getzoneid() != GLOBAL_ZONEID) { 22847c478bd9Sstevel@tonic-gate curp &= AUDIT_LOCAL; 22859e3700dfSgww if (is_all) { 22867c478bd9Sstevel@tonic-gate pm &= AUDIT_LOCAL; 22877c478bd9Sstevel@tonic-gate } 22889e3700dfSgww } 22897c478bd9Sstevel@tonic-gate *policy_mask = curp | pm; 22908523fda3SJan Friedel 22917c478bd9Sstevel@tonic-gate } else { 22928523fda3SJan Friedel /* 22938523fda3SJan Friedel * In a local zone, accept specifying "all", but not 22948523fda3SJan Friedel * individually specifying global-zone only policies. 22958523fda3SJan Friedel * Limit to all locally allowed, so system call doesn't 22968523fda3SJan Friedel * fail. 22978523fda3SJan Friedel */ 22988523fda3SJan Friedel if (!is_all && 22998523fda3SJan Friedel (getzoneid() != GLOBAL_ZONEID) && 23008523fda3SJan Friedel (pm & ~AUDIT_LOCAL)) { 23018523fda3SJan Friedel return (2); 23028523fda3SJan Friedel } 23038523fda3SJan Friedel 23049e3700dfSgww if (is_all && (getzoneid() != GLOBAL_ZONEID)) { 23057c478bd9Sstevel@tonic-gate pm &= AUDIT_LOCAL; 23069e3700dfSgww } 23077c478bd9Sstevel@tonic-gate *policy_mask = pm; 23087c478bd9Sstevel@tonic-gate } 23097c478bd9Sstevel@tonic-gate return (0); 23107c478bd9Sstevel@tonic-gate } 23117c478bd9Sstevel@tonic-gate 23127c478bd9Sstevel@tonic-gate static int 23138523fda3SJan Friedel policy2str(uint32_t policy, char *policy_str, size_t len) 23147c478bd9Sstevel@tonic-gate { 23157c478bd9Sstevel@tonic-gate int i, j; 23167c478bd9Sstevel@tonic-gate 23177c478bd9Sstevel@tonic-gate if (policy == ALL_POLICIES) { 23187c478bd9Sstevel@tonic-gate (void) strcpy(policy_str, "all"); 23197c478bd9Sstevel@tonic-gate return (1); 23207c478bd9Sstevel@tonic-gate } 23217c478bd9Sstevel@tonic-gate 23227c478bd9Sstevel@tonic-gate if (policy == NO_POLICIES) { 23237c478bd9Sstevel@tonic-gate (void) strcpy(policy_str, "none"); 23247c478bd9Sstevel@tonic-gate return (1); 23257c478bd9Sstevel@tonic-gate } 23267c478bd9Sstevel@tonic-gate 23277c478bd9Sstevel@tonic-gate *policy_str = '\0'; 23287c478bd9Sstevel@tonic-gate 232945916cd2Sjpk for (i = 0, j = 0; i < POLICY_TBL_SZ; i++) { 23307c478bd9Sstevel@tonic-gate if (policy & policy_table[i].policy_mask && 23317c478bd9Sstevel@tonic-gate policy_table[i].policy_mask != ALL_POLICIES) { 23329e3700dfSgww if (j++) { 23337c478bd9Sstevel@tonic-gate (void) strcat(policy_str, ","); 23349e3700dfSgww } 23359e3700dfSgww (void) strlcat(policy_str, policy_table[i].policy_str, 23369e3700dfSgww len); 23377c478bd9Sstevel@tonic-gate } 233845916cd2Sjpk } 23397c478bd9Sstevel@tonic-gate 23407c478bd9Sstevel@tonic-gate if (*policy_str) 23417c478bd9Sstevel@tonic-gate return (0); 23427c478bd9Sstevel@tonic-gate 23437c478bd9Sstevel@tonic-gate return (1); 23447c478bd9Sstevel@tonic-gate } 23457c478bd9Sstevel@tonic-gate 23467c478bd9Sstevel@tonic-gate 23477c478bd9Sstevel@tonic-gate static int 23489e3700dfSgww strisnum(char *s) 23497c478bd9Sstevel@tonic-gate { 23509e3700dfSgww if (s == NULL || !*s) 23517c478bd9Sstevel@tonic-gate return (0); 23527c478bd9Sstevel@tonic-gate 23537c478bd9Sstevel@tonic-gate for (; *s == '-' || *s == '+'; s++) 23547c478bd9Sstevel@tonic-gate 23557c478bd9Sstevel@tonic-gate if (!*s) 23567c478bd9Sstevel@tonic-gate return (0); 23577c478bd9Sstevel@tonic-gate 23587c478bd9Sstevel@tonic-gate for (; *s; s++) 23597c478bd9Sstevel@tonic-gate if (!isdigit(*s)) 23607c478bd9Sstevel@tonic-gate return (0); 23617c478bd9Sstevel@tonic-gate 23627c478bd9Sstevel@tonic-gate return (1); 23637c478bd9Sstevel@tonic-gate } 23647c478bd9Sstevel@tonic-gate 23657c478bd9Sstevel@tonic-gate static int 23669e3700dfSgww strisflags(char *s) 23677c478bd9Sstevel@tonic-gate { 23689e3700dfSgww if (s == NULL || !*s) 23697c478bd9Sstevel@tonic-gate return (0); 23707c478bd9Sstevel@tonic-gate 23717c478bd9Sstevel@tonic-gate for (; *s; s++) { 23727c478bd9Sstevel@tonic-gate if (!isalpha(*s) && 23737c478bd9Sstevel@tonic-gate (*s != '+' && *s != '-' && *s != '^' && *s != ',')) 23747c478bd9Sstevel@tonic-gate return (0); 23757c478bd9Sstevel@tonic-gate } 23767c478bd9Sstevel@tonic-gate 23777c478bd9Sstevel@tonic-gate return (1); 23787c478bd9Sstevel@tonic-gate } 23797c478bd9Sstevel@tonic-gate 23807c478bd9Sstevel@tonic-gate static int 23819e3700dfSgww strisipaddr(char *s) 23827c478bd9Sstevel@tonic-gate { 23837c478bd9Sstevel@tonic-gate int dot = 0; 23847c478bd9Sstevel@tonic-gate int colon = 0; 23857c478bd9Sstevel@tonic-gate 23867c478bd9Sstevel@tonic-gate /* no string */ 23879e3700dfSgww if ((s == NULL) || (!*s)) 23887c478bd9Sstevel@tonic-gate return (0); 23897c478bd9Sstevel@tonic-gate 23907c478bd9Sstevel@tonic-gate for (; *s; s++) { 23917c478bd9Sstevel@tonic-gate if (!(isxdigit(*s) || *s != '.' || *s != ':')) 23927c478bd9Sstevel@tonic-gate return (0); 23939e3700dfSgww if (*s == '.') 23949e3700dfSgww dot++; 23959e3700dfSgww if (*s == ':') 23969e3700dfSgww colon++; 23977c478bd9Sstevel@tonic-gate } 23987c478bd9Sstevel@tonic-gate 23997c478bd9Sstevel@tonic-gate if (dot && colon) 24007c478bd9Sstevel@tonic-gate return (0); 24017c478bd9Sstevel@tonic-gate 24027c478bd9Sstevel@tonic-gate if (!dot && !colon) 24037c478bd9Sstevel@tonic-gate return (0); 24047c478bd9Sstevel@tonic-gate 24057c478bd9Sstevel@tonic-gate return (1); 24067c478bd9Sstevel@tonic-gate } 24077c478bd9Sstevel@tonic-gate 24087c478bd9Sstevel@tonic-gate static void 24099e3700dfSgww strsplit(char *s, char *p1, char *p2, char c) 24107c478bd9Sstevel@tonic-gate { 24117c478bd9Sstevel@tonic-gate *p1 = *p2 = '\0'; 24127c478bd9Sstevel@tonic-gate 24137c478bd9Sstevel@tonic-gate while (*s != '\0' && *s != c) 24147c478bd9Sstevel@tonic-gate *p1++ = *s++; 24157c478bd9Sstevel@tonic-gate *p1 = '\0'; 24167c478bd9Sstevel@tonic-gate s++; 24177c478bd9Sstevel@tonic-gate 24187c478bd9Sstevel@tonic-gate while (*s != '\0') 24197c478bd9Sstevel@tonic-gate *p2++ = *s++; 24207c478bd9Sstevel@tonic-gate *p2 = '\0'; 24217c478bd9Sstevel@tonic-gate } 24227c478bd9Sstevel@tonic-gate 24237c478bd9Sstevel@tonic-gate static void 24249e3700dfSgww chk_event_num(int etype, au_event_t event) 24257c478bd9Sstevel@tonic-gate { 24267c478bd9Sstevel@tonic-gate au_stat_t as; 24277c478bd9Sstevel@tonic-gate 24287c478bd9Sstevel@tonic-gate eauditon(A_GETSTAT, (caddr_t)&as, 0); 24297c478bd9Sstevel@tonic-gate 24307c478bd9Sstevel@tonic-gate if (etype == AC_KERN_EVENT) { 24317c478bd9Sstevel@tonic-gate if (event > as.as_numevent) { 24328523fda3SJan Friedel exit_error(gettext( 24338523fda3SJan Friedel "Invalid kernel audit event number specified.\n" 2434d0fa49b7STony Nguyen "\t%hu is outside allowable range 0-%d."), 24357c478bd9Sstevel@tonic-gate event, as.as_numevent); 24367c478bd9Sstevel@tonic-gate } 24379e3700dfSgww } else { 24389e3700dfSgww /* user event */ 24397c478bd9Sstevel@tonic-gate if (event <= as.as_numevent) { 24409e3700dfSgww exit_error(gettext("Invalid user level audit event " 2441d0fa49b7STony Nguyen "number specified %hu."), event); 24427c478bd9Sstevel@tonic-gate } 24437c478bd9Sstevel@tonic-gate } 24447c478bd9Sstevel@tonic-gate } 24457c478bd9Sstevel@tonic-gate 24467c478bd9Sstevel@tonic-gate static void 24479e3700dfSgww chk_event_str(int etype, char *event_str) 24487c478bd9Sstevel@tonic-gate { 24497c478bd9Sstevel@tonic-gate au_event_ent_t *evp; 24507c478bd9Sstevel@tonic-gate au_stat_t as; 24517c478bd9Sstevel@tonic-gate 24527c478bd9Sstevel@tonic-gate eauditon(A_GETSTAT, (caddr_t)&as, 0); 24537c478bd9Sstevel@tonic-gate 24547c478bd9Sstevel@tonic-gate evp = egetauevnam(event_str); 24557c478bd9Sstevel@tonic-gate if (etype == AC_KERN_EVENT && (evp->ae_number > as.as_numevent)) { 24568523fda3SJan Friedel exit_error(gettext( 24578523fda3SJan Friedel "Invalid kernel audit event string specified.\n" 24587c478bd9Sstevel@tonic-gate "\t\"%s\" appears to be a user level event. " 24599e3700dfSgww "Check configuration."), event_str); 24607c478bd9Sstevel@tonic-gate } else if (etype == AC_USER_EVENT && 24617c478bd9Sstevel@tonic-gate (evp->ae_number < as.as_numevent)) { 24628523fda3SJan Friedel exit_error(gettext( 24638523fda3SJan Friedel "Invalid user audit event string specified.\n" 24647c478bd9Sstevel@tonic-gate "\t\"%s\" appears to be a kernel event. " 24659e3700dfSgww "Check configuration."), event_str); 24667c478bd9Sstevel@tonic-gate } 24677c478bd9Sstevel@tonic-gate } 24687c478bd9Sstevel@tonic-gate 24697c478bd9Sstevel@tonic-gate static void 24709e3700dfSgww chk_sorf(char *sorf_str) 24717c478bd9Sstevel@tonic-gate { 24727c478bd9Sstevel@tonic-gate if (!strisnum(sorf_str)) 24737c478bd9Sstevel@tonic-gate exit_error(gettext("Invalid sorf specified: %s"), sorf_str); 24747c478bd9Sstevel@tonic-gate } 24757c478bd9Sstevel@tonic-gate 24767c478bd9Sstevel@tonic-gate static void 24779e3700dfSgww chk_retval(char *retval_str) 24787c478bd9Sstevel@tonic-gate { 24797c478bd9Sstevel@tonic-gate if (!strisnum(retval_str)) 24807c478bd9Sstevel@tonic-gate exit_error(gettext("Invalid retval specified: %s"), retval_str); 24817c478bd9Sstevel@tonic-gate } 24827c478bd9Sstevel@tonic-gate 24837c478bd9Sstevel@tonic-gate static void 24849e3700dfSgww execit(char **argv) 24857c478bd9Sstevel@tonic-gate { 24864e5fbfedStz204579 char *args, *args_pos; 24874e5fbfedStz204579 size_t len = 0; 24884e5fbfedStz204579 size_t n = 0; 24894e5fbfedStz204579 char **argv_pos; 24907c478bd9Sstevel@tonic-gate 24919e3700dfSgww if (*argv) { 24924e5fbfedStz204579 /* concatenate argument array to be passed to sh -c "..." */ 24934e5fbfedStz204579 for (argv_pos = argv; *argv_pos; argv_pos++) 24944e5fbfedStz204579 len += strlen(*argv_pos) + 1; 24957c478bd9Sstevel@tonic-gate 24964e5fbfedStz204579 if ((args = malloc(len + 1)) == NULL) 24974e5fbfedStz204579 exit_error( 24988523fda3SJan Friedel gettext("Allocation for command/arguments failed")); 24994e5fbfedStz204579 25004e5fbfedStz204579 args_pos = args; 25014e5fbfedStz204579 for (argv_pos = argv; *argv_pos; argv_pos++) { 25024e5fbfedStz204579 n += snprintf(args_pos, len - n, "%s ", *argv_pos); 25034e5fbfedStz204579 args_pos = args + n; 25044e5fbfedStz204579 } 25054e5fbfedStz204579 /* strip the last space */ 25064e5fbfedStz204579 args[strlen(args)] = '\0'; 25074e5fbfedStz204579 25084e5fbfedStz204579 (void) execl("/bin/sh", "sh", "-c", args, NULL); 25094e5fbfedStz204579 } else { 25104e5fbfedStz204579 (void) execl("/bin/sh", "sh", NULL); 25117c478bd9Sstevel@tonic-gate } 25127c478bd9Sstevel@tonic-gate 25137c478bd9Sstevel@tonic-gate exit_error(gettext("exec(2) failed")); 25147c478bd9Sstevel@tonic-gate } 25157c478bd9Sstevel@tonic-gate 25167c478bd9Sstevel@tonic-gate static void 25179e3700dfSgww exit_usage(int status) 25187c478bd9Sstevel@tonic-gate { 25197c478bd9Sstevel@tonic-gate FILE *fp; 25207c478bd9Sstevel@tonic-gate int i; 25217c478bd9Sstevel@tonic-gate 25227c478bd9Sstevel@tonic-gate fp = (status ? stderr : stdout); 25237c478bd9Sstevel@tonic-gate (void) fprintf(fp, gettext("usage: %s option ...\n"), progname); 25247c478bd9Sstevel@tonic-gate 25258523fda3SJan Friedel for (i = 0; i < ARG_TBL_SZ; i++) { 25268523fda3SJan Friedel /* skip the -t option; it's not a standalone option */ 25278523fda3SJan Friedel if (arg_table[i].auditconfig_cmd == AC_ARG_SET_TEMPORARY) { 25288523fda3SJan Friedel continue; 25298523fda3SJan Friedel } 25308523fda3SJan Friedel 25318523fda3SJan Friedel (void) fprintf(fp, " %s%s%s\n", 25328523fda3SJan Friedel arg_table[i].arg_str, arg_table[i].arg_opts, 25338523fda3SJan Friedel (arg_table[i].temporary_allowed ? " [-t]" : "")); 25348523fda3SJan Friedel } 25357c478bd9Sstevel@tonic-gate 25367c478bd9Sstevel@tonic-gate exit(status); 25377c478bd9Sstevel@tonic-gate } 25387c478bd9Sstevel@tonic-gate 25397c478bd9Sstevel@tonic-gate static void 25409e3700dfSgww print_asid(au_asid_t asid) 25417c478bd9Sstevel@tonic-gate { 25427c478bd9Sstevel@tonic-gate (void) printf(gettext("audit session id = %u\n"), asid); 25437c478bd9Sstevel@tonic-gate } 25447c478bd9Sstevel@tonic-gate 25457c478bd9Sstevel@tonic-gate static void 25469e3700dfSgww print_auid(au_id_t auid) 25477c478bd9Sstevel@tonic-gate { 25487c478bd9Sstevel@tonic-gate struct passwd *pwd; 25497c478bd9Sstevel@tonic-gate char *username; 25507c478bd9Sstevel@tonic-gate 25519e3700dfSgww if ((pwd = getpwuid((uid_t)auid)) != NULL) 25527c478bd9Sstevel@tonic-gate username = pwd->pw_name; 25537c478bd9Sstevel@tonic-gate else 25547c478bd9Sstevel@tonic-gate username = gettext("unknown"); 25557c478bd9Sstevel@tonic-gate 25567c478bd9Sstevel@tonic-gate (void) printf(gettext("audit id = %s(%d)\n"), username, auid); 25577c478bd9Sstevel@tonic-gate } 25587c478bd9Sstevel@tonic-gate 25597c478bd9Sstevel@tonic-gate static void 25609e3700dfSgww print_mask(char *desc, au_mask_t *pmp) 25617c478bd9Sstevel@tonic-gate { 25627c478bd9Sstevel@tonic-gate char auflags[512]; 25637c478bd9Sstevel@tonic-gate 25647c478bd9Sstevel@tonic-gate if (getauditflagschar(auflags, pmp, NULL) < 0) 25657c478bd9Sstevel@tonic-gate (void) strlcpy(auflags, gettext("unknown"), sizeof (auflags)); 25667c478bd9Sstevel@tonic-gate 25677c478bd9Sstevel@tonic-gate (void) printf("%s = %s(0x%x,0x%x)\n", 25687c478bd9Sstevel@tonic-gate desc, auflags, pmp->am_success, pmp->am_failure); 25697c478bd9Sstevel@tonic-gate } 25707c478bd9Sstevel@tonic-gate 25717c478bd9Sstevel@tonic-gate static void 25729e3700dfSgww print_tid_ex(au_tid_addr_t *tidp) 25737c478bd9Sstevel@tonic-gate { 25747c478bd9Sstevel@tonic-gate struct hostent *phe; 25757c478bd9Sstevel@tonic-gate char *hostname; 25767c478bd9Sstevel@tonic-gate struct in_addr ia; 25777c478bd9Sstevel@tonic-gate uint32_t *addr; 25787c478bd9Sstevel@tonic-gate int err; 25799e3700dfSgww char buf[INET6_ADDRSTRLEN]; 25807c478bd9Sstevel@tonic-gate char *bufp; 25817c478bd9Sstevel@tonic-gate 25827c478bd9Sstevel@tonic-gate 25837c478bd9Sstevel@tonic-gate /* IPV6 or IPV4 address */ 25847c478bd9Sstevel@tonic-gate if (tidp->at_type == AU_IPv4) { 25857c478bd9Sstevel@tonic-gate if ((phe = gethostbyaddr((char *)&tidp->at_addr[0], 25869e3700dfSgww sizeof (tidp->at_addr[0]), AF_INET)) != NULL) { 25877c478bd9Sstevel@tonic-gate hostname = phe->h_name; 25889e3700dfSgww } else { 25897c478bd9Sstevel@tonic-gate hostname = gettext("unknown"); 25909e3700dfSgww } 25917c478bd9Sstevel@tonic-gate 25927c478bd9Sstevel@tonic-gate ia.s_addr = tidp->at_addr[0]; 25937c478bd9Sstevel@tonic-gate 25947c478bd9Sstevel@tonic-gate (void) printf(gettext( 25958523fda3SJan Friedel "terminal id (maj,min,host) = %lu,%lu,%s(%s)\n"), 25967c478bd9Sstevel@tonic-gate major(tidp->at_port), minor(tidp->at_port), 25977c478bd9Sstevel@tonic-gate hostname, inet_ntoa(ia)); 25987c478bd9Sstevel@tonic-gate } else { 25997c478bd9Sstevel@tonic-gate addr = &tidp->at_addr[0]; 26007c478bd9Sstevel@tonic-gate phe = getipnodebyaddr((const void *)addr, 16, AF_INET6, &err); 26017c478bd9Sstevel@tonic-gate 26027c478bd9Sstevel@tonic-gate bzero(buf, sizeof (buf)); 26037c478bd9Sstevel@tonic-gate 26049e3700dfSgww (void) inet_ntop(AF_INET6, (void *)addr, buf, sizeof (buf)); 26059e3700dfSgww if (phe == NULL) { 26067c478bd9Sstevel@tonic-gate bufp = gettext("unknown"); 26079e3700dfSgww } else { 26087c478bd9Sstevel@tonic-gate bufp = phe->h_name; 26099e3700dfSgww } 26107c478bd9Sstevel@tonic-gate 26117c478bd9Sstevel@tonic-gate (void) printf(gettext( 26128523fda3SJan Friedel "terminal id (maj,min,host) = %lu,%lu,%s(%s)\n"), 26137c478bd9Sstevel@tonic-gate major(tidp->at_port), minor(tidp->at_port), 26147c478bd9Sstevel@tonic-gate bufp, buf); 26159e3700dfSgww if (phe) { 26167c478bd9Sstevel@tonic-gate freehostent(phe); 26177c478bd9Sstevel@tonic-gate } 26187c478bd9Sstevel@tonic-gate } 26199e3700dfSgww } 26207c478bd9Sstevel@tonic-gate 26217c478bd9Sstevel@tonic-gate static int 26229e3700dfSgww str2ipaddr(char *s, uint32_t *addr, uint32_t type) 26237c478bd9Sstevel@tonic-gate { 26247c478bd9Sstevel@tonic-gate int j, sl; 26257c478bd9Sstevel@tonic-gate char *ss; 26267c478bd9Sstevel@tonic-gate unsigned int v; 26277c478bd9Sstevel@tonic-gate 26287c478bd9Sstevel@tonic-gate bzero(addr, 16); 26297c478bd9Sstevel@tonic-gate if (strisipaddr(s)) { 26307c478bd9Sstevel@tonic-gate if (type == AU_IPv4) { 26319e3700dfSgww if (inet_pton(AF_INET, s, addr)) { 26327c478bd9Sstevel@tonic-gate return (0); 26337c478bd9Sstevel@tonic-gate } 26349e3700dfSgww return (1); 26359e3700dfSgww } else if (type == AU_IPv6) { 26367c478bd9Sstevel@tonic-gate if (inet_pton(AF_INET6, s, addr)) 26377c478bd9Sstevel@tonic-gate return (0); 26387c478bd9Sstevel@tonic-gate return (1); 26397c478bd9Sstevel@tonic-gate } 26407c478bd9Sstevel@tonic-gate return (1); 26417c478bd9Sstevel@tonic-gate } else { 26427c478bd9Sstevel@tonic-gate if (type == AU_IPv4) { 26437c478bd9Sstevel@tonic-gate (void) sscanf(s, "%x", &addr[0]); 26447c478bd9Sstevel@tonic-gate return (0); 26459e3700dfSgww } else if (type == AU_IPv6) { 26467c478bd9Sstevel@tonic-gate sl = strlen(s); 26477c478bd9Sstevel@tonic-gate ss = s; 26487c478bd9Sstevel@tonic-gate for (j = 3; j >= 0; j--) { 26497c478bd9Sstevel@tonic-gate if ((sl - 8) <= 0) { 26507c478bd9Sstevel@tonic-gate (void) sscanf(s, "%x", &v); 26517c478bd9Sstevel@tonic-gate addr[j] = v; 26527c478bd9Sstevel@tonic-gate return (0); 26537c478bd9Sstevel@tonic-gate } 26547c478bd9Sstevel@tonic-gate ss = &s[sl-8]; 26557c478bd9Sstevel@tonic-gate (void) sscanf(ss, "%x", &v); 26567c478bd9Sstevel@tonic-gate addr[j] = v; 26577c478bd9Sstevel@tonic-gate sl -= 8; 26587c478bd9Sstevel@tonic-gate *ss = '\0'; 26597c478bd9Sstevel@tonic-gate } 26607c478bd9Sstevel@tonic-gate } 26617c478bd9Sstevel@tonic-gate return (0); 26627c478bd9Sstevel@tonic-gate } 26637c478bd9Sstevel@tonic-gate } 26647c478bd9Sstevel@tonic-gate 26657c478bd9Sstevel@tonic-gate static int 26669e3700dfSgww str2type(char *s, uint_t *type) 26677c478bd9Sstevel@tonic-gate { 26687c478bd9Sstevel@tonic-gate if (strcmp(s, "ipv6") == 0) { 26697c478bd9Sstevel@tonic-gate *type = AU_IPv6; 26707c478bd9Sstevel@tonic-gate return (0); 26717c478bd9Sstevel@tonic-gate } 26727c478bd9Sstevel@tonic-gate if (strcmp(s, "ipv4") == 0) { 26737c478bd9Sstevel@tonic-gate *type = AU_IPv4; 26747c478bd9Sstevel@tonic-gate return (0); 26757c478bd9Sstevel@tonic-gate } 26767c478bd9Sstevel@tonic-gate 26777c478bd9Sstevel@tonic-gate return (1); 26787c478bd9Sstevel@tonic-gate } 26798523fda3SJan Friedel 26808523fda3SJan Friedel /* 26818523fda3SJan Friedel * exit_error() - print an error message along with corresponding system error 26828523fda3SJan Friedel * number and error message, then exit. Inputs - program error format and 26838523fda3SJan Friedel * message. 26848523fda3SJan Friedel */ 26858523fda3SJan Friedel /*PRINTFLIKE1*/ 26868523fda3SJan Friedel static void 26878523fda3SJan Friedel exit_error(char *fmt, ...) 26888523fda3SJan Friedel { 26898523fda3SJan Friedel va_list args; 26908523fda3SJan Friedel 26918523fda3SJan Friedel va_start(args, fmt); 26928523fda3SJan Friedel prt_error_va(fmt, args); 26938523fda3SJan Friedel va_end(args); 26948523fda3SJan Friedel 26958523fda3SJan Friedel exit(1); 26968523fda3SJan Friedel } 2697