17c478bd9Sstevel@tonic-gate /* 27c478bd9Sstevel@tonic-gate * CDDL HEADER START 37c478bd9Sstevel@tonic-gate * 47c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the 558091fd8Ssetje * Common Development and Distribution License (the "License"). 658091fd8Ssetje * You may not use this file except in compliance with the License. 77c478bd9Sstevel@tonic-gate * 87c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 97c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 107c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions 117c478bd9Sstevel@tonic-gate * and limitations under the License. 127c478bd9Sstevel@tonic-gate * 137c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 147c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 157c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 167c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 177c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 187c478bd9Sstevel@tonic-gate * 197c478bd9Sstevel@tonic-gate * CDDL HEADER END 207c478bd9Sstevel@tonic-gate */ 217c478bd9Sstevel@tonic-gate /* 22753a6d45SSherry Moore * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 237c478bd9Sstevel@tonic-gate * Use is subject to license terms. 247c478bd9Sstevel@tonic-gate */ 257c478bd9Sstevel@tonic-gate 267c478bd9Sstevel@tonic-gate /* Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T */ 277c478bd9Sstevel@tonic-gate /* All Rights Reserved */ 287c478bd9Sstevel@tonic-gate 297c478bd9Sstevel@tonic-gate 307c478bd9Sstevel@tonic-gate 316dcd8691Sgww #include <errno.h> 327c478bd9Sstevel@tonic-gate #include <fcntl.h> 337c478bd9Sstevel@tonic-gate #include <stdio.h> 347c478bd9Sstevel@tonic-gate #include <stdlib.h> 356dcd8691Sgww #include <string.h> 366dcd8691Sgww #include <strings.h> 377c478bd9Sstevel@tonic-gate #include <signal.h> 386dcd8691Sgww #include <unistd.h> 39753a6d45SSherry Moore #ifdef __i386 40753a6d45SSherry Moore #include <libscf_priv.h> 41753a6d45SSherry Moore #endif /* __i386 */ 426dcd8691Sgww 436a3b10dbStz204579 #include <bsm/adt.h> 446a3b10dbStz204579 #include <bsm/adt_event.h> 456dcd8691Sgww 46b08d8a12Sgww #include <sys/types.h> 476dcd8691Sgww #include <sys/uadmin.h> 48b08d8a12Sgww #include <sys/wait.h> 497c478bd9Sstevel@tonic-gate 5058091fd8Ssetje #define SMF_RST "/etc/svc/volatile/resetting" 51b08d8a12Sgww #define RETRY_COUNT 15 /* number of 1 sec retries for audit(1M) to complete */ 5258091fd8Ssetje 537c478bd9Sstevel@tonic-gate static const char *Usage = "Usage: %s cmd fcn [mdep]\n"; 547c478bd9Sstevel@tonic-gate 55b08d8a12Sgww static int closeout_audit(int, int); 56b08d8a12Sgww static int turnoff_auditd(void); 576a3b10dbStz204579 static void wait_for_auqueue(); 58b08d8a12Sgww static int change_audit_file(void); 597c478bd9Sstevel@tonic-gate 607c478bd9Sstevel@tonic-gate int 617c478bd9Sstevel@tonic-gate main(int argc, char *argv[]) 627c478bd9Sstevel@tonic-gate { 637c478bd9Sstevel@tonic-gate int cmd, fcn; 647c478bd9Sstevel@tonic-gate uintptr_t mdep = NULL; 657c478bd9Sstevel@tonic-gate sigset_t set; 666a3b10dbStz204579 adt_session_data_t *ah; /* audit session handle */ 676a3b10dbStz204579 adt_event_data_t *event = NULL; /* event to be generated */ 686a3b10dbStz204579 au_event_t event_id; 696a3b10dbStz204579 enum adt_uadmin_fcn fcn_id; 707c478bd9Sstevel@tonic-gate 717c478bd9Sstevel@tonic-gate if (argc < 3 || argc > 4) { 727c478bd9Sstevel@tonic-gate (void) fprintf(stderr, Usage, argv[0]); 737c478bd9Sstevel@tonic-gate return (1); 747c478bd9Sstevel@tonic-gate } 757c478bd9Sstevel@tonic-gate 767c478bd9Sstevel@tonic-gate (void) sigfillset(&set); 777c478bd9Sstevel@tonic-gate (void) sigprocmask(SIG_BLOCK, &set, NULL); 787c478bd9Sstevel@tonic-gate 797c478bd9Sstevel@tonic-gate cmd = atoi(argv[1]); 807c478bd9Sstevel@tonic-gate fcn = atoi(argv[2]); 817c478bd9Sstevel@tonic-gate if (argc == 4) { /* mdep argument given */ 822df1fe9cSrandyf if (cmd != A_REBOOT && cmd != A_SHUTDOWN && cmd != A_DUMP && 832df1fe9cSrandyf cmd != A_FREEZE) { 847c478bd9Sstevel@tonic-gate (void) fprintf(stderr, "%s: mdep argument not " 857c478bd9Sstevel@tonic-gate "allowed for this cmd value\n", argv[0]); 867c478bd9Sstevel@tonic-gate (void) fprintf(stderr, Usage, argv[0]); 877c478bd9Sstevel@tonic-gate return (1); 887c478bd9Sstevel@tonic-gate } else { 897c478bd9Sstevel@tonic-gate mdep = (uintptr_t)argv[3]; 907c478bd9Sstevel@tonic-gate } 917c478bd9Sstevel@tonic-gate } 927c478bd9Sstevel@tonic-gate 936a3b10dbStz204579 /* set up audit session and event */ 946a3b10dbStz204579 if (adt_start_session(&ah, NULL, ADT_USE_PROC_DATA) != 0) { 956a3b10dbStz204579 (void) fprintf(stderr, "%s: can't start audit session\n", 966a3b10dbStz204579 argv[0]); 976a3b10dbStz204579 } 986a3b10dbStz204579 switch (cmd) { 996a3b10dbStz204579 case A_SHUTDOWN: 1006a3b10dbStz204579 event_id = ADT_uadmin_shutdown; 1016a3b10dbStz204579 break; 1026a3b10dbStz204579 case A_REBOOT: 1036a3b10dbStz204579 event_id = ADT_uadmin_reboot; 1046a3b10dbStz204579 break; 1056a3b10dbStz204579 case A_DUMP: 1066a3b10dbStz204579 event_id = ADT_uadmin_dump; 1076a3b10dbStz204579 break; 1086a3b10dbStz204579 case A_REMOUNT: 1096a3b10dbStz204579 event_id = ADT_uadmin_remount; 1106a3b10dbStz204579 break; 1116a3b10dbStz204579 case A_FREEZE: 1126a3b10dbStz204579 event_id = ADT_uadmin_freeze; 1136a3b10dbStz204579 break; 1146a3b10dbStz204579 case A_FTRACE: 1156a3b10dbStz204579 event_id = ADT_uadmin_ftrace; 1166a3b10dbStz204579 break; 117753a6d45SSherry Moore case A_CONFIG: 118753a6d45SSherry Moore event_id = ADT_uadmin_config; 119753a6d45SSherry Moore break; 1206a3b10dbStz204579 case A_SWAPCTL: 1216a3b10dbStz204579 event_id = ADT_uadmin_swapctl; 1226a3b10dbStz204579 break; 1236a3b10dbStz204579 default: 1246a3b10dbStz204579 event_id = 0; 1256a3b10dbStz204579 } 1266a3b10dbStz204579 if ((event_id != 0) && 1276a3b10dbStz204579 (event = adt_alloc_event(ah, event_id)) == NULL) { 1286a3b10dbStz204579 (void) fprintf(stderr, "%s: can't allocate audit event\n", 1296a3b10dbStz204579 argv[0]); 1306a3b10dbStz204579 } 1316a3b10dbStz204579 switch (fcn) { 1326a3b10dbStz204579 case AD_HALT: 1336a3b10dbStz204579 fcn_id = ADT_UADMIN_FCN_AD_HALT; 1346a3b10dbStz204579 break; 1356a3b10dbStz204579 case AD_POWEROFF: 1366a3b10dbStz204579 fcn_id = ADT_UADMIN_FCN_AD_POWEROFF; 1376a3b10dbStz204579 break; 1386a3b10dbStz204579 case AD_BOOT: 1396a3b10dbStz204579 fcn_id = ADT_UADMIN_FCN_AD_BOOT; 1406a3b10dbStz204579 break; 1416a3b10dbStz204579 case AD_IBOOT: 1426a3b10dbStz204579 fcn_id = ADT_UADMIN_FCN_AD_IBOOT; 1436a3b10dbStz204579 break; 1446a3b10dbStz204579 case AD_SBOOT: 1456a3b10dbStz204579 fcn_id = ADT_UADMIN_FCN_AD_SBOOT; 1466a3b10dbStz204579 break; 1476a3b10dbStz204579 case AD_SIBOOT: 1486a3b10dbStz204579 fcn_id = ADT_UADMIN_FCN_AD_SIBOOT; 1496a3b10dbStz204579 break; 1506a3b10dbStz204579 case AD_NOSYNC: 1516a3b10dbStz204579 fcn_id = ADT_UADMIN_FCN_AD_NOSYNC; 1526a3b10dbStz204579 break; 15319397407SSherry Moore case AD_FASTREBOOT: 15419397407SSherry Moore #ifdef __i386 15519397407SSherry Moore fcn_id = ADT_UADMIN_FCN_AD_FASTREBOOT; 15619397407SSherry Moore mdep = NULL; /* Ignore all arguments */ 157753a6d45SSherry Moore #else /* __i386 */ 15819397407SSherry Moore fcn = AD_BOOT; 15919397407SSherry Moore fcn_id = ADT_UADMIN_FCN_AD_BOOT; 16019397407SSherry Moore #endif /* __i386 */ 16119397407SSherry Moore break; 16219397407SSherry Moore case AD_FASTREBOOT_DRYRUN: 16319397407SSherry Moore fcn_id = ADT_UADMIN_FCN_AD_FASTREBOOT_DRYRUN; 16419397407SSherry Moore mdep = NULL; /* Ignore all arguments */ 16519397407SSherry Moore break; 1666a3b10dbStz204579 default: 1676a3b10dbStz204579 fcn_id = 0; 1686a3b10dbStz204579 } 1696a3b10dbStz204579 if (cmd == A_FREEZE) { 1706a3b10dbStz204579 switch (fcn) { 1716a3b10dbStz204579 case AD_SUSPEND_TO_DISK: 1726a3b10dbStz204579 fcn_id = ADT_UADMIN_FCN_AD_SUSPEND_TO_DISK; 1736a3b10dbStz204579 break; 1746a3b10dbStz204579 case AD_CHECK_SUSPEND_TO_DISK: 1756a3b10dbStz204579 fcn_id = ADT_UADMIN_FCN_AD_CHECK_SUSPEND_TO_DISK; 1766a3b10dbStz204579 break; 1776a3b10dbStz204579 case AD_FORCE: 1786a3b10dbStz204579 fcn_id = ADT_UADMIN_FCN_AD_FORCE; 1796a3b10dbStz204579 break; 1806a3b10dbStz204579 case AD_SUSPEND_TO_RAM: 1816a3b10dbStz204579 fcn_id = ADT_UADMIN_FCN_AD_SUSPEND_TO_RAM; 1826a3b10dbStz204579 break; 1836a3b10dbStz204579 case AD_CHECK_SUSPEND_TO_RAM: 1846a3b10dbStz204579 fcn_id = ADT_UADMIN_FCN_AD_CHECK_SUSPEND_TO_RAM; 1856a3b10dbStz204579 break; 1866a3b10dbStz204579 case AD_REUSEINIT: 1876a3b10dbStz204579 fcn_id = ADT_UADMIN_FCN_AD_REUSEINIT; 1886a3b10dbStz204579 break; 1896a3b10dbStz204579 case AD_REUSABLE: 1906a3b10dbStz204579 fcn_id = ADT_UADMIN_FCN_AD_REUSABLE; 1916a3b10dbStz204579 break; 1926a3b10dbStz204579 case AD_REUSEFINI: 1936a3b10dbStz204579 fcn_id = ADT_UADMIN_FCN_AD_REUSEFINI; 1946a3b10dbStz204579 break; 1956a3b10dbStz204579 } 1966a3b10dbStz204579 } else if (cmd == A_FTRACE) { 1976a3b10dbStz204579 switch (fcn) { 1986a3b10dbStz204579 case AD_FTRACE_START: 1996a3b10dbStz204579 fcn_id = ADT_UADMIN_FCN_AD_FTRACE_START; 2006a3b10dbStz204579 break; 2016a3b10dbStz204579 case AD_FTRACE_STOP: 2026a3b10dbStz204579 fcn_id = ADT_UADMIN_FCN_AD_FTRACE_STOP; 2036a3b10dbStz204579 break; 2046a3b10dbStz204579 } 205753a6d45SSherry Moore #ifdef __i386 206753a6d45SSherry Moore } else if (cmd == A_CONFIG) { 207*c90a5fbeSSherry Moore uint8_t boot_config = 0; 208*c90a5fbeSSherry Moore uint8_t boot_config_ovr = 0; 209*c90a5fbeSSherry Moore 210753a6d45SSherry Moore switch (fcn) { 211753a6d45SSherry Moore case AD_UPDATE_BOOT_CONFIG: 212753a6d45SSherry Moore fcn_id = ADT_UADMIN_FCN_AD_UPDATE_BOOT_CONFIG; 213753a6d45SSherry Moore scf_get_boot_config(&boot_config); 214*c90a5fbeSSherry Moore boot_config_ovr = boot_config; 215*c90a5fbeSSherry Moore scf_get_boot_config_ovr(&boot_config_ovr); 216*c90a5fbeSSherry Moore boot_config &= boot_config_ovr; 217753a6d45SSherry Moore mdep = (uintptr_t)(&boot_config); 218753a6d45SSherry Moore break; 219753a6d45SSherry Moore } 220753a6d45SSherry Moore #endif /* __i386 */ 2216a3b10dbStz204579 } 2226a3b10dbStz204579 2237c478bd9Sstevel@tonic-gate if (geteuid() == 0) { 2246a3b10dbStz204579 if (event != NULL) { 2256a3b10dbStz204579 switch (cmd) { 2266a3b10dbStz204579 case A_SHUTDOWN: 2276a3b10dbStz204579 event->adt_uadmin_shutdown.fcn = fcn_id; 2286a3b10dbStz204579 event->adt_uadmin_shutdown.mdep = (char *)mdep; 2296a3b10dbStz204579 break; 2306a3b10dbStz204579 case A_REBOOT: 2316a3b10dbStz204579 event->adt_uadmin_reboot.fcn = fcn_id; 2326a3b10dbStz204579 event->adt_uadmin_reboot.mdep = (char *)mdep; 2336a3b10dbStz204579 break; 2346a3b10dbStz204579 case A_DUMP: 2356a3b10dbStz204579 event->adt_uadmin_dump.fcn = fcn_id; 2366a3b10dbStz204579 event->adt_uadmin_dump.mdep = (char *)mdep; 2376a3b10dbStz204579 break; 2386a3b10dbStz204579 case A_REMOUNT: 2396a3b10dbStz204579 /* no parameters */ 2406a3b10dbStz204579 break; 2416a3b10dbStz204579 case A_FREEZE: 2426a3b10dbStz204579 event->adt_uadmin_freeze.fcn = fcn_id; 2436a3b10dbStz204579 event->adt_uadmin_freeze.mdep = (char *)mdep; 2446a3b10dbStz204579 break; 2456a3b10dbStz204579 case A_FTRACE: 2466a3b10dbStz204579 event->adt_uadmin_ftrace.fcn = fcn_id; 247753a6d45SSherry Moore event->adt_uadmin_ftrace.mdep = (char *)mdep; 248753a6d45SSherry Moore break; 249753a6d45SSherry Moore case A_CONFIG: 250753a6d45SSherry Moore event->adt_uadmin_config.fcn = fcn_id; 251753a6d45SSherry Moore event->adt_uadmin_config.mdep = (char *)mdep; 2526a3b10dbStz204579 break; 2536a3b10dbStz204579 case A_SWAPCTL: 2546a3b10dbStz204579 event->adt_uadmin_swapctl.fcn = fcn_id; 2556a3b10dbStz204579 break; 2566a3b10dbStz204579 } 2576a3b10dbStz204579 2586a3b10dbStz204579 if (adt_put_event(event, ADT_SUCCESS, 0) != 0) { 2596a3b10dbStz204579 (void) fprintf(stderr, 2606a3b10dbStz204579 "%s: can't put audit event\n", argv[0]); 2616a3b10dbStz204579 } 2626a3b10dbStz204579 /* 2636a3b10dbStz204579 * allow audit record to be processed in the kernel 2646a3b10dbStz204579 * audit queue 2656a3b10dbStz204579 */ 2666a3b10dbStz204579 wait_for_auqueue(); 2676a3b10dbStz204579 } 2686a3b10dbStz204579 269b08d8a12Sgww if (closeout_audit(cmd, fcn) == -1) 2707c478bd9Sstevel@tonic-gate (void) fprintf(stderr, "%s: can't turn off auditd\n", 2717c478bd9Sstevel@tonic-gate argv[0]); 2727c478bd9Sstevel@tonic-gate 2737c478bd9Sstevel@tonic-gate if (cmd == A_SHUTDOWN || cmd == A_REBOOT) 27458091fd8Ssetje (void) creat(SMF_RST, 0777); 2757c478bd9Sstevel@tonic-gate } 2767c478bd9Sstevel@tonic-gate 2776a3b10dbStz204579 (void) adt_free_event(event); 2787c478bd9Sstevel@tonic-gate if (uadmin(cmd, fcn, mdep) < 0) { 2797c478bd9Sstevel@tonic-gate perror("uadmin"); 2807c478bd9Sstevel@tonic-gate 28158091fd8Ssetje (void) unlink(SMF_RST); 28258091fd8Ssetje 2837c478bd9Sstevel@tonic-gate return (1); 2847c478bd9Sstevel@tonic-gate } 2857c478bd9Sstevel@tonic-gate 286b08d8a12Sgww /* If returning from a suspend, audit thaw */ 287b08d8a12Sgww if ((cmd == A_FREEZE) && 288b08d8a12Sgww ((fcn == AD_FORCE) || 289b08d8a12Sgww (fcn == AD_REUSABLE) || 290b08d8a12Sgww (fcn == AD_SUSPEND_TO_DISK) || 291b08d8a12Sgww (fcn == AD_SUSPEND_TO_RAM))) { 292b08d8a12Sgww if ((event = adt_alloc_event(ah, ADT_uadmin_thaw)) == NULL) { 293b08d8a12Sgww (void) fprintf(stderr, "%s: can't allocate thaw audit " 294b08d8a12Sgww "event\n", argv[0]); 295b08d8a12Sgww } 296b08d8a12Sgww event->adt_uadmin_thaw.fcn = fcn_id; 297b08d8a12Sgww if (adt_put_event(event, ADT_SUCCESS, 0) != 0) { 298b08d8a12Sgww (void) fprintf(stderr, "%s: can't put thaw audit " 299b08d8a12Sgww "event\n", argv[0]); 300b08d8a12Sgww } 301b08d8a12Sgww (void) adt_free_event(event); 302b08d8a12Sgww } 303b08d8a12Sgww (void) adt_end_session(ah); 304b08d8a12Sgww 3057c478bd9Sstevel@tonic-gate return (0); 3067c478bd9Sstevel@tonic-gate } 3076a3b10dbStz204579 3086a3b10dbStz204579 static int 309b08d8a12Sgww closeout_audit(int cmd, int fcn) 3106a3b10dbStz204579 { 311b08d8a12Sgww if (!adt_audit_state(AUC_AUDITING)) { 312b08d8a12Sgww /* auditd not running, just return */ 313b08d8a12Sgww return (0); 314b08d8a12Sgww } 315e333042dSgww switch (cmd) { 316e333042dSgww case A_SHUTDOWN: 31719397407SSherry Moore switch (fcn) { 31819397407SSherry Moore case AD_FASTREBOOT_DRYRUN: 31919397407SSherry Moore /* No system discontinuity, don't turn off auditd */ 32019397407SSherry Moore return (0); 32119397407SSherry Moore default: 32219397407SSherry Moore break; /* For all the other shutdown functions */ 32319397407SSherry Moore } 32419397407SSherry Moore /* FALLTHROUGH */ 325e333042dSgww case A_REBOOT: 326e333042dSgww case A_DUMP: 327e333042dSgww /* system shutting down, turn off auditd */ 328b08d8a12Sgww return (turnoff_auditd()); 329e333042dSgww case A_REMOUNT: 330e333042dSgww case A_SWAPCTL: 331e333042dSgww case A_FTRACE: 332753a6d45SSherry Moore case A_CONFIG: 333e333042dSgww /* No system discontinuity, don't turn off auditd */ 334e333042dSgww return (0); 335e333042dSgww case A_FREEZE: 336e333042dSgww switch (fcn) { 337e333042dSgww case AD_CHECK_SUSPEND_TO_DISK: /* AD_CHECK */ 338e333042dSgww case AD_CHECK_SUSPEND_TO_RAM: 339e333042dSgww case AD_REUSEINIT: 340e333042dSgww case AD_REUSEFINI: 341e333042dSgww /* No system discontinuity, don't turn off auditd */ 342e333042dSgww return (0); 343e333042dSgww case AD_REUSABLE: 344e333042dSgww case AD_SUSPEND_TO_DISK: /* AD_COMPRESS */ 345e333042dSgww case AD_SUSPEND_TO_RAM: 346e333042dSgww case AD_FORCE: 347e333042dSgww /* suspend the system, change audit files */ 348b08d8a12Sgww return (change_audit_file()); 349e333042dSgww default: 350b08d8a12Sgww return (0); /* not an audit error */ 351e333042dSgww } 352e333042dSgww default: 353b08d8a12Sgww return (0); /* not an audit error */ 354b08d8a12Sgww } 355e333042dSgww } 356e333042dSgww 357b08d8a12Sgww static int 358b08d8a12Sgww turnoff_auditd(void) 359b08d8a12Sgww { 360b08d8a12Sgww int rc; 361b08d8a12Sgww int retries = RETRY_COUNT; 362b08d8a12Sgww 363b08d8a12Sgww if ((rc = (int)fork()) == 0) { 3646dcd8691Sgww (void) execl("/usr/sbin/audit", "audit", "-t", NULL); 3656a3b10dbStz204579 (void) fprintf(stderr, "error disabling auditd: %s\n", 3666dcd8691Sgww strerror(errno)); 3676dcd8691Sgww _exit(-1); 3686dcd8691Sgww } else if (rc == -1) { 3696dcd8691Sgww (void) fprintf(stderr, "error disabling auditd: %s\n", 3706dcd8691Sgww strerror(errno)); 3716a3b10dbStz204579 return (-1); 3726a3b10dbStz204579 } 3736a3b10dbStz204579 3746dcd8691Sgww /* 3756dcd8691Sgww * wait for auditd to finish its work. auditd will change the 3766dcd8691Sgww * auditstart from AUC_AUDITING (auditd up and running) to 3776dcd8691Sgww * AUC_NOAUDIT. Other states are errors, so we're done as well. 3786dcd8691Sgww */ 3796a3b10dbStz204579 do { 3806dcd8691Sgww int auditstate; 3816a3b10dbStz204579 3826dcd8691Sgww rc = -1; 3836dcd8691Sgww if ((auditon(A_GETCOND, (caddr_t)&auditstate, 3846dcd8691Sgww sizeof (auditstate)) == 0) && 3856dcd8691Sgww (auditstate == AUC_AUDITING)) { 3866a3b10dbStz204579 retries--; 3876a3b10dbStz204579 (void) sleep(1); 3886a3b10dbStz204579 } else { 3896a3b10dbStz204579 rc = 0; 3906a3b10dbStz204579 } 3916dcd8691Sgww } while ((rc != 0) && (retries != 0)); 3926a3b10dbStz204579 3936a3b10dbStz204579 return (rc); 3946a3b10dbStz204579 } 3956a3b10dbStz204579 396b08d8a12Sgww static int 397b08d8a12Sgww change_audit_file(void) 398b08d8a12Sgww { 399b08d8a12Sgww pid_t pid; 400b08d8a12Sgww 401b08d8a12Sgww if ((pid = fork()) == 0) { 402b08d8a12Sgww (void) execl("/usr/sbin/audit", "audit", "-n", NULL); 403b08d8a12Sgww (void) fprintf(stderr, "error changing audit files: %s\n", 404b08d8a12Sgww strerror(errno)); 405b08d8a12Sgww _exit(-1); 406b08d8a12Sgww } else if (pid == -1) { 407b08d8a12Sgww (void) fprintf(stderr, "error changing audit files: %s\n", 408b08d8a12Sgww strerror(errno)); 409b08d8a12Sgww return (-1); 410b08d8a12Sgww } else { 411b08d8a12Sgww pid_t rc; 412b08d8a12Sgww int retries = RETRY_COUNT; 413b08d8a12Sgww 414b08d8a12Sgww /* 415b08d8a12Sgww * Wait for audit(1M) -n process to complete 416b08d8a12Sgww * 417b08d8a12Sgww */ 418b08d8a12Sgww do { 419b08d8a12Sgww if ((rc = waitpid(pid, NULL, WNOHANG)) == pid) { 420b08d8a12Sgww return (0); 421b08d8a12Sgww } else if (rc == -1) { 422b08d8a12Sgww return (-1); 423b08d8a12Sgww } else { 424b08d8a12Sgww (void) sleep(1); 425b08d8a12Sgww retries--; 426b08d8a12Sgww } 427b08d8a12Sgww 428b08d8a12Sgww } while (retries != 0); 429b08d8a12Sgww } 430b08d8a12Sgww return (-1); 431b08d8a12Sgww } 432b08d8a12Sgww 4336a3b10dbStz204579 static void 4346a3b10dbStz204579 wait_for_auqueue() 4356a3b10dbStz204579 { 4366a3b10dbStz204579 au_stat_t au_stat; 4376a3b10dbStz204579 int retries = 10; 4386a3b10dbStz204579 4396a3b10dbStz204579 while (retries-- && auditon(A_GETSTAT, (caddr_t)&au_stat, NULL) == 0) { 4406a3b10dbStz204579 if (au_stat.as_enqueue == au_stat.as_written) { 4416a3b10dbStz204579 break; 4426a3b10dbStz204579 } 4436a3b10dbStz204579 (void) sleep(1); 4446a3b10dbStz204579 } 4456a3b10dbStz204579 } 446