1*f8994074SJan Friedel /* 2*f8994074SJan Friedel * CDDL HEADER START 3*f8994074SJan Friedel * 4*f8994074SJan Friedel * The contents of this file are subject to the terms of the 5*f8994074SJan Friedel * Common Development and Distribution License (the "License"). 6*f8994074SJan Friedel * You may not use this file except in compliance with the License. 7*f8994074SJan Friedel * 8*f8994074SJan Friedel * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9*f8994074SJan Friedel * or http://www.opensolaris.org/os/licensing. 10*f8994074SJan Friedel * See the License for the specific language governing permissions 11*f8994074SJan Friedel * and limitations under the License. 12*f8994074SJan Friedel * 13*f8994074SJan Friedel * When distributing Covered Code, include this CDDL HEADER in each 14*f8994074SJan Friedel * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15*f8994074SJan Friedel * If applicable, add the following below this CDDL HEADER, with the 16*f8994074SJan Friedel * fields enclosed by brackets "[]" replaced with your own identifying 17*f8994074SJan Friedel * information: Portions Copyright [yyyy] [name of copyright owner] 18*f8994074SJan Friedel * 19*f8994074SJan Friedel * CDDL HEADER END 20*f8994074SJan Friedel */ 21*f8994074SJan Friedel /* 22*f8994074SJan Friedel * Copyright (c) 2009, 2010, Oracle and/or its affiliates. All rights reserved. 23*f8994074SJan Friedel */ 24*f8994074SJan Friedel 25*f8994074SJan Friedel #ifndef _AUDIT_POLICY_H 26*f8994074SJan Friedel #define _AUDIT_POLICY_H 27*f8994074SJan Friedel 28*f8994074SJan Friedel #ifdef __cplusplus 29*f8994074SJan Friedel extern "C" { 30*f8994074SJan Friedel #endif 31*f8994074SJan Friedel 32*f8994074SJan Friedel #include <bsm/audit.h> 33*f8994074SJan Friedel #include <bsm/libbsm.h> 34*f8994074SJan Friedel 35*f8994074SJan Friedel #define ALL_POLICIES (AUDIT_AHLT|\ 36*f8994074SJan Friedel AUDIT_ARGE|\ 37*f8994074SJan Friedel AUDIT_ARGV|\ 38*f8994074SJan Friedel AUDIT_CNT|\ 39*f8994074SJan Friedel AUDIT_GROUP|\ 40*f8994074SJan Friedel AUDIT_SEQ|\ 41*f8994074SJan Friedel AUDIT_TRAIL|\ 42*f8994074SJan Friedel AUDIT_PATH|\ 43*f8994074SJan Friedel AUDIT_PUBLIC|\ 44*f8994074SJan Friedel AUDIT_ZONENAME|\ 45*f8994074SJan Friedel AUDIT_PERZONE|\ 46*f8994074SJan Friedel AUDIT_WINDATA_DOWN|\ 47*f8994074SJan Friedel AUDIT_WINDATA_UP) 48*f8994074SJan Friedel 49*f8994074SJan Friedel #define NO_POLICIES (0) 50*f8994074SJan Friedel 51*f8994074SJan Friedel struct policy_entry { 52*f8994074SJan Friedel char *policy_str; 53*f8994074SJan Friedel uint32_t policy_mask; 54*f8994074SJan Friedel char *policy_desc; 55*f8994074SJan Friedel }; 56*f8994074SJan Friedel typedef struct policy_entry policy_entry_t; 57*f8994074SJan Friedel 58*f8994074SJan Friedel static policy_entry_t policy_table[] = { 59*f8994074SJan Friedel {"ahlt", AUDIT_AHLT, "halt machine if it can not record an " 60*f8994074SJan Friedel "async event"}, 61*f8994074SJan Friedel {"all", ALL_POLICIES, "all policies"}, 62*f8994074SJan Friedel {"arge", AUDIT_ARGE, "include exec environment args in audit recs"}, 63*f8994074SJan Friedel {"argv", AUDIT_ARGV, "include exec command line args in audit recs"}, 64*f8994074SJan Friedel {"cnt", AUDIT_CNT, "when no more space, drop recs and keep a cnt"}, 65*f8994074SJan Friedel {"group", AUDIT_GROUP, "include supplementary groups in audit recs"}, 66*f8994074SJan Friedel {"none", NO_POLICIES, "no policies"}, 67*f8994074SJan Friedel {"path", AUDIT_PATH, "allow multiple paths per event"}, 68*f8994074SJan Friedel {"perzone", AUDIT_PERZONE, "use a separate queue and auditd per " 69*f8994074SJan Friedel "zone"}, 70*f8994074SJan Friedel {"public", AUDIT_PUBLIC, "audit public files"}, 71*f8994074SJan Friedel {"seq", AUDIT_SEQ, "include a sequence number in audit recs"}, 72*f8994074SJan Friedel {"trail", AUDIT_TRAIL, "include trailer token in audit recs"}, 73*f8994074SJan Friedel {"windata_down", AUDIT_WINDATA_DOWN, "include downgraded window " 74*f8994074SJan Friedel "information in audit recs"}, 75*f8994074SJan Friedel {"windata_up", AUDIT_WINDATA_UP, "include upgraded window " 76*f8994074SJan Friedel "information in audit recs"}, 77*f8994074SJan Friedel {"zonename", AUDIT_ZONENAME, "include zonename token in audit recs"} 78*f8994074SJan Friedel }; 79*f8994074SJan Friedel 80*f8994074SJan Friedel #define POLICY_TBL_SZ (sizeof (policy_table) / sizeof (policy_entry_t)) 81*f8994074SJan Friedel 82*f8994074SJan Friedel #ifdef __cplusplus 83*f8994074SJan Friedel } 84*f8994074SJan Friedel #endif 85*f8994074SJan Friedel 86*f8994074SJan Friedel #endif /* _AUDIT_POLICY_H */ 87