17c478bd9Sstevel@tonic-gate /* 27c478bd9Sstevel@tonic-gate * CDDL HEADER START 37c478bd9Sstevel@tonic-gate * 47c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the 558091fd8Ssetje * Common Development and Distribution License (the "License"). 658091fd8Ssetje * You may not use this file except in compliance with the License. 77c478bd9Sstevel@tonic-gate * 87c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 97c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 107c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions 117c478bd9Sstevel@tonic-gate * and limitations under the License. 127c478bd9Sstevel@tonic-gate * 137c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 147c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 157c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 167c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 177c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 187c478bd9Sstevel@tonic-gate * 197c478bd9Sstevel@tonic-gate * CDDL HEADER END 207c478bd9Sstevel@tonic-gate */ 217c478bd9Sstevel@tonic-gate /* 22*753a6d45SSherry Moore * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 237c478bd9Sstevel@tonic-gate * Use is subject to license terms. 247c478bd9Sstevel@tonic-gate */ 257c478bd9Sstevel@tonic-gate 267c478bd9Sstevel@tonic-gate /* Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T */ 277c478bd9Sstevel@tonic-gate /* All Rights Reserved */ 287c478bd9Sstevel@tonic-gate 297c478bd9Sstevel@tonic-gate 307c478bd9Sstevel@tonic-gate 316dcd8691Sgww #include <errno.h> 327c478bd9Sstevel@tonic-gate #include <fcntl.h> 337c478bd9Sstevel@tonic-gate #include <stdio.h> 347c478bd9Sstevel@tonic-gate #include <stdlib.h> 356dcd8691Sgww #include <string.h> 366dcd8691Sgww #include <strings.h> 377c478bd9Sstevel@tonic-gate #include <signal.h> 386dcd8691Sgww #include <unistd.h> 39*753a6d45SSherry Moore #ifdef __i386 40*753a6d45SSherry Moore #include <libscf_priv.h> 41*753a6d45SSherry Moore #endif /* __i386 */ 426dcd8691Sgww 436a3b10dbStz204579 #include <bsm/adt.h> 446a3b10dbStz204579 #include <bsm/adt_event.h> 456dcd8691Sgww 46b08d8a12Sgww #include <sys/types.h> 476dcd8691Sgww #include <sys/uadmin.h> 48b08d8a12Sgww #include <sys/wait.h> 497c478bd9Sstevel@tonic-gate 5058091fd8Ssetje #define SMF_RST "/etc/svc/volatile/resetting" 51b08d8a12Sgww #define RETRY_COUNT 15 /* number of 1 sec retries for audit(1M) to complete */ 5258091fd8Ssetje 537c478bd9Sstevel@tonic-gate static const char *Usage = "Usage: %s cmd fcn [mdep]\n"; 547c478bd9Sstevel@tonic-gate 55b08d8a12Sgww static int closeout_audit(int, int); 56b08d8a12Sgww static int turnoff_auditd(void); 576a3b10dbStz204579 static void wait_for_auqueue(); 58b08d8a12Sgww static int change_audit_file(void); 597c478bd9Sstevel@tonic-gate 607c478bd9Sstevel@tonic-gate int 617c478bd9Sstevel@tonic-gate main(int argc, char *argv[]) 627c478bd9Sstevel@tonic-gate { 637c478bd9Sstevel@tonic-gate int cmd, fcn; 647c478bd9Sstevel@tonic-gate uintptr_t mdep = NULL; 657c478bd9Sstevel@tonic-gate sigset_t set; 666a3b10dbStz204579 adt_session_data_t *ah; /* audit session handle */ 676a3b10dbStz204579 adt_event_data_t *event = NULL; /* event to be generated */ 686a3b10dbStz204579 au_event_t event_id; 696a3b10dbStz204579 enum adt_uadmin_fcn fcn_id; 70*753a6d45SSherry Moore #ifdef __i386 71*753a6d45SSherry Moore uint8_t boot_config = 0; 72*753a6d45SSherry Moore #endif /* __i386 */ 73*753a6d45SSherry Moore 747c478bd9Sstevel@tonic-gate 757c478bd9Sstevel@tonic-gate if (argc < 3 || argc > 4) { 767c478bd9Sstevel@tonic-gate (void) fprintf(stderr, Usage, argv[0]); 777c478bd9Sstevel@tonic-gate return (1); 787c478bd9Sstevel@tonic-gate } 797c478bd9Sstevel@tonic-gate 807c478bd9Sstevel@tonic-gate (void) sigfillset(&set); 817c478bd9Sstevel@tonic-gate (void) sigprocmask(SIG_BLOCK, &set, NULL); 827c478bd9Sstevel@tonic-gate 837c478bd9Sstevel@tonic-gate cmd = atoi(argv[1]); 847c478bd9Sstevel@tonic-gate fcn = atoi(argv[2]); 857c478bd9Sstevel@tonic-gate if (argc == 4) { /* mdep argument given */ 862df1fe9cSrandyf if (cmd != A_REBOOT && cmd != A_SHUTDOWN && cmd != A_DUMP && 872df1fe9cSrandyf cmd != A_FREEZE) { 887c478bd9Sstevel@tonic-gate (void) fprintf(stderr, "%s: mdep argument not " 897c478bd9Sstevel@tonic-gate "allowed for this cmd value\n", argv[0]); 907c478bd9Sstevel@tonic-gate (void) fprintf(stderr, Usage, argv[0]); 917c478bd9Sstevel@tonic-gate return (1); 927c478bd9Sstevel@tonic-gate } else { 937c478bd9Sstevel@tonic-gate mdep = (uintptr_t)argv[3]; 947c478bd9Sstevel@tonic-gate } 957c478bd9Sstevel@tonic-gate } 967c478bd9Sstevel@tonic-gate 976a3b10dbStz204579 /* set up audit session and event */ 986a3b10dbStz204579 if (adt_start_session(&ah, NULL, ADT_USE_PROC_DATA) != 0) { 996a3b10dbStz204579 (void) fprintf(stderr, "%s: can't start audit session\n", 1006a3b10dbStz204579 argv[0]); 1016a3b10dbStz204579 } 1026a3b10dbStz204579 switch (cmd) { 1036a3b10dbStz204579 case A_SHUTDOWN: 1046a3b10dbStz204579 event_id = ADT_uadmin_shutdown; 1056a3b10dbStz204579 break; 1066a3b10dbStz204579 case A_REBOOT: 1076a3b10dbStz204579 event_id = ADT_uadmin_reboot; 1086a3b10dbStz204579 break; 1096a3b10dbStz204579 case A_DUMP: 1106a3b10dbStz204579 event_id = ADT_uadmin_dump; 1116a3b10dbStz204579 break; 1126a3b10dbStz204579 case A_REMOUNT: 1136a3b10dbStz204579 event_id = ADT_uadmin_remount; 1146a3b10dbStz204579 break; 1156a3b10dbStz204579 case A_FREEZE: 1166a3b10dbStz204579 event_id = ADT_uadmin_freeze; 1176a3b10dbStz204579 break; 1186a3b10dbStz204579 case A_FTRACE: 1196a3b10dbStz204579 event_id = ADT_uadmin_ftrace; 1206a3b10dbStz204579 break; 121*753a6d45SSherry Moore case A_CONFIG: 122*753a6d45SSherry Moore event_id = ADT_uadmin_config; 123*753a6d45SSherry Moore break; 1246a3b10dbStz204579 case A_SWAPCTL: 1256a3b10dbStz204579 event_id = ADT_uadmin_swapctl; 1266a3b10dbStz204579 break; 1276a3b10dbStz204579 default: 1286a3b10dbStz204579 event_id = 0; 1296a3b10dbStz204579 } 1306a3b10dbStz204579 if ((event_id != 0) && 1316a3b10dbStz204579 (event = adt_alloc_event(ah, event_id)) == NULL) { 1326a3b10dbStz204579 (void) fprintf(stderr, "%s: can't allocate audit event\n", 1336a3b10dbStz204579 argv[0]); 1346a3b10dbStz204579 } 1356a3b10dbStz204579 switch (fcn) { 1366a3b10dbStz204579 case AD_HALT: 1376a3b10dbStz204579 fcn_id = ADT_UADMIN_FCN_AD_HALT; 1386a3b10dbStz204579 break; 1396a3b10dbStz204579 case AD_POWEROFF: 1406a3b10dbStz204579 fcn_id = ADT_UADMIN_FCN_AD_POWEROFF; 1416a3b10dbStz204579 break; 1426a3b10dbStz204579 case AD_BOOT: 1436a3b10dbStz204579 fcn_id = ADT_UADMIN_FCN_AD_BOOT; 1446a3b10dbStz204579 break; 1456a3b10dbStz204579 case AD_IBOOT: 1466a3b10dbStz204579 fcn_id = ADT_UADMIN_FCN_AD_IBOOT; 1476a3b10dbStz204579 break; 1486a3b10dbStz204579 case AD_SBOOT: 1496a3b10dbStz204579 fcn_id = ADT_UADMIN_FCN_AD_SBOOT; 1506a3b10dbStz204579 break; 1516a3b10dbStz204579 case AD_SIBOOT: 1526a3b10dbStz204579 fcn_id = ADT_UADMIN_FCN_AD_SIBOOT; 1536a3b10dbStz204579 break; 1546a3b10dbStz204579 case AD_NOSYNC: 1556a3b10dbStz204579 fcn_id = ADT_UADMIN_FCN_AD_NOSYNC; 1566a3b10dbStz204579 break; 15719397407SSherry Moore case AD_FASTREBOOT: 15819397407SSherry Moore #ifdef __i386 15919397407SSherry Moore fcn_id = ADT_UADMIN_FCN_AD_FASTREBOOT; 16019397407SSherry Moore mdep = NULL; /* Ignore all arguments */ 161*753a6d45SSherry Moore #else /* __i386 */ 16219397407SSherry Moore fcn = AD_BOOT; 16319397407SSherry Moore fcn_id = ADT_UADMIN_FCN_AD_BOOT; 16419397407SSherry Moore #endif /* __i386 */ 16519397407SSherry Moore break; 16619397407SSherry Moore case AD_FASTREBOOT_DRYRUN: 16719397407SSherry Moore fcn_id = ADT_UADMIN_FCN_AD_FASTREBOOT_DRYRUN; 16819397407SSherry Moore mdep = NULL; /* Ignore all arguments */ 16919397407SSherry Moore break; 1706a3b10dbStz204579 default: 1716a3b10dbStz204579 fcn_id = 0; 1726a3b10dbStz204579 } 1736a3b10dbStz204579 if (cmd == A_FREEZE) { 1746a3b10dbStz204579 switch (fcn) { 1756a3b10dbStz204579 case AD_SUSPEND_TO_DISK: 1766a3b10dbStz204579 fcn_id = ADT_UADMIN_FCN_AD_SUSPEND_TO_DISK; 1776a3b10dbStz204579 break; 1786a3b10dbStz204579 case AD_CHECK_SUSPEND_TO_DISK: 1796a3b10dbStz204579 fcn_id = ADT_UADMIN_FCN_AD_CHECK_SUSPEND_TO_DISK; 1806a3b10dbStz204579 break; 1816a3b10dbStz204579 case AD_FORCE: 1826a3b10dbStz204579 fcn_id = ADT_UADMIN_FCN_AD_FORCE; 1836a3b10dbStz204579 break; 1846a3b10dbStz204579 case AD_SUSPEND_TO_RAM: 1856a3b10dbStz204579 fcn_id = ADT_UADMIN_FCN_AD_SUSPEND_TO_RAM; 1866a3b10dbStz204579 break; 1876a3b10dbStz204579 case AD_CHECK_SUSPEND_TO_RAM: 1886a3b10dbStz204579 fcn_id = ADT_UADMIN_FCN_AD_CHECK_SUSPEND_TO_RAM; 1896a3b10dbStz204579 break; 1906a3b10dbStz204579 case AD_REUSEINIT: 1916a3b10dbStz204579 fcn_id = ADT_UADMIN_FCN_AD_REUSEINIT; 1926a3b10dbStz204579 break; 1936a3b10dbStz204579 case AD_REUSABLE: 1946a3b10dbStz204579 fcn_id = ADT_UADMIN_FCN_AD_REUSABLE; 1956a3b10dbStz204579 break; 1966a3b10dbStz204579 case AD_REUSEFINI: 1976a3b10dbStz204579 fcn_id = ADT_UADMIN_FCN_AD_REUSEFINI; 1986a3b10dbStz204579 break; 1996a3b10dbStz204579 } 2006a3b10dbStz204579 } else if (cmd == A_FTRACE) { 2016a3b10dbStz204579 switch (fcn) { 2026a3b10dbStz204579 case AD_FTRACE_START: 2036a3b10dbStz204579 fcn_id = ADT_UADMIN_FCN_AD_FTRACE_START; 2046a3b10dbStz204579 break; 2056a3b10dbStz204579 case AD_FTRACE_STOP: 2066a3b10dbStz204579 fcn_id = ADT_UADMIN_FCN_AD_FTRACE_STOP; 2076a3b10dbStz204579 break; 2086a3b10dbStz204579 } 209*753a6d45SSherry Moore #ifdef __i386 210*753a6d45SSherry Moore } else if (cmd == A_CONFIG) { 211*753a6d45SSherry Moore switch (fcn) { 212*753a6d45SSherry Moore case AD_UPDATE_BOOT_CONFIG: 213*753a6d45SSherry Moore fcn_id = ADT_UADMIN_FCN_AD_UPDATE_BOOT_CONFIG; 214*753a6d45SSherry Moore scf_get_boot_config(&boot_config); 215*753a6d45SSherry Moore mdep = (uintptr_t)(&boot_config); 216*753a6d45SSherry Moore break; 217*753a6d45SSherry Moore } 218*753a6d45SSherry Moore #endif /* __i386 */ 2196a3b10dbStz204579 } 2206a3b10dbStz204579 2217c478bd9Sstevel@tonic-gate if (geteuid() == 0) { 2226a3b10dbStz204579 if (event != NULL) { 2236a3b10dbStz204579 switch (cmd) { 2246a3b10dbStz204579 case A_SHUTDOWN: 2256a3b10dbStz204579 event->adt_uadmin_shutdown.fcn = fcn_id; 2266a3b10dbStz204579 event->adt_uadmin_shutdown.mdep = (char *)mdep; 2276a3b10dbStz204579 break; 2286a3b10dbStz204579 case A_REBOOT: 2296a3b10dbStz204579 event->adt_uadmin_reboot.fcn = fcn_id; 2306a3b10dbStz204579 event->adt_uadmin_reboot.mdep = (char *)mdep; 2316a3b10dbStz204579 break; 2326a3b10dbStz204579 case A_DUMP: 2336a3b10dbStz204579 event->adt_uadmin_dump.fcn = fcn_id; 2346a3b10dbStz204579 event->adt_uadmin_dump.mdep = (char *)mdep; 2356a3b10dbStz204579 break; 2366a3b10dbStz204579 case A_REMOUNT: 2376a3b10dbStz204579 /* no parameters */ 2386a3b10dbStz204579 break; 2396a3b10dbStz204579 case A_FREEZE: 2406a3b10dbStz204579 event->adt_uadmin_freeze.fcn = fcn_id; 2416a3b10dbStz204579 event->adt_uadmin_freeze.mdep = (char *)mdep; 2426a3b10dbStz204579 break; 2436a3b10dbStz204579 case A_FTRACE: 2446a3b10dbStz204579 event->adt_uadmin_ftrace.fcn = fcn_id; 245*753a6d45SSherry Moore event->adt_uadmin_ftrace.mdep = (char *)mdep; 246*753a6d45SSherry Moore break; 247*753a6d45SSherry Moore case A_CONFIG: 248*753a6d45SSherry Moore event->adt_uadmin_config.fcn = fcn_id; 249*753a6d45SSherry Moore event->adt_uadmin_config.mdep = (char *)mdep; 2506a3b10dbStz204579 break; 2516a3b10dbStz204579 case A_SWAPCTL: 2526a3b10dbStz204579 event->adt_uadmin_swapctl.fcn = fcn_id; 2536a3b10dbStz204579 break; 2546a3b10dbStz204579 } 2556a3b10dbStz204579 2566a3b10dbStz204579 if (adt_put_event(event, ADT_SUCCESS, 0) != 0) { 2576a3b10dbStz204579 (void) fprintf(stderr, 2586a3b10dbStz204579 "%s: can't put audit event\n", argv[0]); 2596a3b10dbStz204579 } 2606a3b10dbStz204579 /* 2616a3b10dbStz204579 * allow audit record to be processed in the kernel 2626a3b10dbStz204579 * audit queue 2636a3b10dbStz204579 */ 2646a3b10dbStz204579 wait_for_auqueue(); 2656a3b10dbStz204579 } 2666a3b10dbStz204579 267b08d8a12Sgww if (closeout_audit(cmd, fcn) == -1) 2687c478bd9Sstevel@tonic-gate (void) fprintf(stderr, "%s: can't turn off auditd\n", 2697c478bd9Sstevel@tonic-gate argv[0]); 2707c478bd9Sstevel@tonic-gate 2717c478bd9Sstevel@tonic-gate if (cmd == A_SHUTDOWN || cmd == A_REBOOT) 27258091fd8Ssetje (void) creat(SMF_RST, 0777); 2737c478bd9Sstevel@tonic-gate } 2747c478bd9Sstevel@tonic-gate 2756a3b10dbStz204579 (void) adt_free_event(event); 2767c478bd9Sstevel@tonic-gate if (uadmin(cmd, fcn, mdep) < 0) { 2777c478bd9Sstevel@tonic-gate perror("uadmin"); 2787c478bd9Sstevel@tonic-gate 27958091fd8Ssetje (void) unlink(SMF_RST); 28058091fd8Ssetje 2817c478bd9Sstevel@tonic-gate return (1); 2827c478bd9Sstevel@tonic-gate } 2837c478bd9Sstevel@tonic-gate 284b08d8a12Sgww /* If returning from a suspend, audit thaw */ 285b08d8a12Sgww if ((cmd == A_FREEZE) && 286b08d8a12Sgww ((fcn == AD_FORCE) || 287b08d8a12Sgww (fcn == AD_REUSABLE) || 288b08d8a12Sgww (fcn == AD_SUSPEND_TO_DISK) || 289b08d8a12Sgww (fcn == AD_SUSPEND_TO_RAM))) { 290b08d8a12Sgww if ((event = adt_alloc_event(ah, ADT_uadmin_thaw)) == NULL) { 291b08d8a12Sgww (void) fprintf(stderr, "%s: can't allocate thaw audit " 292b08d8a12Sgww "event\n", argv[0]); 293b08d8a12Sgww } 294b08d8a12Sgww event->adt_uadmin_thaw.fcn = fcn_id; 295b08d8a12Sgww if (adt_put_event(event, ADT_SUCCESS, 0) != 0) { 296b08d8a12Sgww (void) fprintf(stderr, "%s: can't put thaw audit " 297b08d8a12Sgww "event\n", argv[0]); 298b08d8a12Sgww } 299b08d8a12Sgww (void) adt_free_event(event); 300b08d8a12Sgww } 301b08d8a12Sgww (void) adt_end_session(ah); 302b08d8a12Sgww 3037c478bd9Sstevel@tonic-gate return (0); 3047c478bd9Sstevel@tonic-gate } 3056a3b10dbStz204579 3066a3b10dbStz204579 static int 307b08d8a12Sgww closeout_audit(int cmd, int fcn) 3086a3b10dbStz204579 { 309b08d8a12Sgww if (!adt_audit_state(AUC_AUDITING)) { 310b08d8a12Sgww /* auditd not running, just return */ 311b08d8a12Sgww return (0); 312b08d8a12Sgww } 313e333042dSgww switch (cmd) { 314e333042dSgww case A_SHUTDOWN: 31519397407SSherry Moore switch (fcn) { 31619397407SSherry Moore case AD_FASTREBOOT_DRYRUN: 31719397407SSherry Moore /* No system discontinuity, don't turn off auditd */ 31819397407SSherry Moore return (0); 31919397407SSherry Moore default: 32019397407SSherry Moore break; /* For all the other shutdown functions */ 32119397407SSherry Moore } 32219397407SSherry Moore /* FALLTHROUGH */ 323e333042dSgww case A_REBOOT: 324e333042dSgww case A_DUMP: 325e333042dSgww /* system shutting down, turn off auditd */ 326b08d8a12Sgww return (turnoff_auditd()); 327e333042dSgww case A_REMOUNT: 328e333042dSgww case A_SWAPCTL: 329e333042dSgww case A_FTRACE: 330*753a6d45SSherry Moore case A_CONFIG: 331e333042dSgww /* No system discontinuity, don't turn off auditd */ 332e333042dSgww return (0); 333e333042dSgww case A_FREEZE: 334e333042dSgww switch (fcn) { 335e333042dSgww case AD_CHECK_SUSPEND_TO_DISK: /* AD_CHECK */ 336e333042dSgww case AD_CHECK_SUSPEND_TO_RAM: 337e333042dSgww case AD_REUSEINIT: 338e333042dSgww case AD_REUSEFINI: 339e333042dSgww /* No system discontinuity, don't turn off auditd */ 340e333042dSgww return (0); 341e333042dSgww case AD_REUSABLE: 342e333042dSgww case AD_SUSPEND_TO_DISK: /* AD_COMPRESS */ 343e333042dSgww case AD_SUSPEND_TO_RAM: 344e333042dSgww case AD_FORCE: 345e333042dSgww /* suspend the system, change audit files */ 346b08d8a12Sgww return (change_audit_file()); 347e333042dSgww default: 348b08d8a12Sgww return (0); /* not an audit error */ 349e333042dSgww } 350e333042dSgww default: 351b08d8a12Sgww return (0); /* not an audit error */ 352b08d8a12Sgww } 353e333042dSgww } 354e333042dSgww 355b08d8a12Sgww static int 356b08d8a12Sgww turnoff_auditd(void) 357b08d8a12Sgww { 358b08d8a12Sgww int rc; 359b08d8a12Sgww int retries = RETRY_COUNT; 360b08d8a12Sgww 361b08d8a12Sgww if ((rc = (int)fork()) == 0) { 3626dcd8691Sgww (void) execl("/usr/sbin/audit", "audit", "-t", NULL); 3636a3b10dbStz204579 (void) fprintf(stderr, "error disabling auditd: %s\n", 3646dcd8691Sgww strerror(errno)); 3656dcd8691Sgww _exit(-1); 3666dcd8691Sgww } else if (rc == -1) { 3676dcd8691Sgww (void) fprintf(stderr, "error disabling auditd: %s\n", 3686dcd8691Sgww strerror(errno)); 3696a3b10dbStz204579 return (-1); 3706a3b10dbStz204579 } 3716a3b10dbStz204579 3726dcd8691Sgww /* 3736dcd8691Sgww * wait for auditd to finish its work. auditd will change the 3746dcd8691Sgww * auditstart from AUC_AUDITING (auditd up and running) to 3756dcd8691Sgww * AUC_NOAUDIT. Other states are errors, so we're done as well. 3766dcd8691Sgww */ 3776a3b10dbStz204579 do { 3786dcd8691Sgww int auditstate; 3796a3b10dbStz204579 3806dcd8691Sgww rc = -1; 3816dcd8691Sgww if ((auditon(A_GETCOND, (caddr_t)&auditstate, 3826dcd8691Sgww sizeof (auditstate)) == 0) && 3836dcd8691Sgww (auditstate == AUC_AUDITING)) { 3846a3b10dbStz204579 retries--; 3856a3b10dbStz204579 (void) sleep(1); 3866a3b10dbStz204579 } else { 3876a3b10dbStz204579 rc = 0; 3886a3b10dbStz204579 } 3896dcd8691Sgww } while ((rc != 0) && (retries != 0)); 3906a3b10dbStz204579 3916a3b10dbStz204579 return (rc); 3926a3b10dbStz204579 } 3936a3b10dbStz204579 394b08d8a12Sgww static int 395b08d8a12Sgww change_audit_file(void) 396b08d8a12Sgww { 397b08d8a12Sgww pid_t pid; 398b08d8a12Sgww 399b08d8a12Sgww if ((pid = fork()) == 0) { 400b08d8a12Sgww (void) execl("/usr/sbin/audit", "audit", "-n", NULL); 401b08d8a12Sgww (void) fprintf(stderr, "error changing audit files: %s\n", 402b08d8a12Sgww strerror(errno)); 403b08d8a12Sgww _exit(-1); 404b08d8a12Sgww } else if (pid == -1) { 405b08d8a12Sgww (void) fprintf(stderr, "error changing audit files: %s\n", 406b08d8a12Sgww strerror(errno)); 407b08d8a12Sgww return (-1); 408b08d8a12Sgww } else { 409b08d8a12Sgww pid_t rc; 410b08d8a12Sgww int retries = RETRY_COUNT; 411b08d8a12Sgww 412b08d8a12Sgww /* 413b08d8a12Sgww * Wait for audit(1M) -n process to complete 414b08d8a12Sgww * 415b08d8a12Sgww */ 416b08d8a12Sgww do { 417b08d8a12Sgww if ((rc = waitpid(pid, NULL, WNOHANG)) == pid) { 418b08d8a12Sgww return (0); 419b08d8a12Sgww } else if (rc == -1) { 420b08d8a12Sgww return (-1); 421b08d8a12Sgww } else { 422b08d8a12Sgww (void) sleep(1); 423b08d8a12Sgww retries--; 424b08d8a12Sgww } 425b08d8a12Sgww 426b08d8a12Sgww } while (retries != 0); 427b08d8a12Sgww } 428b08d8a12Sgww return (-1); 429b08d8a12Sgww } 430b08d8a12Sgww 4316a3b10dbStz204579 static void 4326a3b10dbStz204579 wait_for_auqueue() 4336a3b10dbStz204579 { 4346a3b10dbStz204579 au_stat_t au_stat; 4356a3b10dbStz204579 int retries = 10; 4366a3b10dbStz204579 4376a3b10dbStz204579 while (retries-- && auditon(A_GETSTAT, (caddr_t)&au_stat, NULL) == 0) { 4386a3b10dbStz204579 if (au_stat.as_enqueue == au_stat.as_written) { 4396a3b10dbStz204579 break; 4406a3b10dbStz204579 } 4416a3b10dbStz204579 (void) sleep(1); 4426a3b10dbStz204579 } 4436a3b10dbStz204579 } 444