| libbsm.h (161630) | libbsm.h (162503) |
|---|---|
| 1/* 2 * Copyright (c) 2004 Apple Computer, Inc. 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright --- 12 unchanged lines hidden (view full) --- 21 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 25 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING 26 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 27 * POSSIBILITY OF SUCH DAMAGE. 28 * | 1/* 2 * Copyright (c) 2004 Apple Computer, Inc. 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright --- 12 unchanged lines hidden (view full) --- 21 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 25 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING 26 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 27 * POSSIBILITY OF SUCH DAMAGE. 28 * |
| 29 * $P4: //depot/projects/trustedbsd/openbsm/bsm/libbsm.h#27 $ | 29 * $P4: //depot/projects/trustedbsd/openbsm/bsm/libbsm.h#29 $ |
| 30 */ 31 32#ifndef _LIBBSM_H_ 33#define _LIBBSM_H_ 34 35/* 36 * NB: definitions, etc., marked with "OpenSSH compatibility" were introduced 37 * solely to allow OpenSSH to compile; Darwin/Apple code should not use them. 38 */ 39 | 30 */ 31 32#ifndef _LIBBSM_H_ 33#define _LIBBSM_H_ 34 35/* 36 * NB: definitions, etc., marked with "OpenSSH compatibility" were introduced 37 * solely to allow OpenSSH to compile; Darwin/Apple code should not use them. 38 */ 39 |
| 40#define AUDIT_MAX_ARGS 10 41#define AUDIT_MAX_ENV 10 42 | |
| 43#include <sys/types.h> 44#include <sys/cdefs.h> 45 46#include <inttypes.h> /* Required for audit.h. */ 47#include <time.h> /* Required for clock_t on Linux. */ 48 49#include <bsm/audit.h> 50#include <bsm/audit_record.h> 51 52#include <stdio.h> 53 54#ifdef __APPLE__ 55#include <mach/mach.h> /* audit_token_t */ 56#endif 57 | 40#include <sys/types.h> 41#include <sys/cdefs.h> 42 43#include <inttypes.h> /* Required for audit.h. */ 44#include <time.h> /* Required for clock_t on Linux. */ 45 46#include <bsm/audit.h> 47#include <bsm/audit_record.h> 48 49#include <stdio.h> 50 51#ifdef __APPLE__ 52#include <mach/mach.h> /* audit_token_t */ 53#endif 54 |
| 58#define AU_PRS_SUCCESS 1 59#define AU_PRS_FAILURE 2 60#define AU_PRS_BOTH (AU_PRS_SUCCESS|AU_PRS_FAILURE) | 55/* 56 * Size parsed token vectors for execve(2) arguments and environmental 57 * variables. Note: changing these sizes affects the ABI of the token 58 * structure, and as the token structure is often placed in the caller stack, 59 * this is undesirable. 60 */ 61#define AUDIT_MAX_ARGS 128 62#define AUDIT_MAX_ENV 128 |
| 61 | 63 |
| 64/* 65 * Arguments to au_preselect(3). 66 */ |
|
| 62#define AU_PRS_USECACHE 0 63#define AU_PRS_REREAD 1 64 | 67#define AU_PRS_USECACHE 0 68#define AU_PRS_REREAD 1 69 |
| 70#define AU_PRS_SUCCESS 1 71#define AU_PRS_FAILURE 2 72#define AU_PRS_BOTH (AU_PRS_SUCCESS|AU_PRS_FAILURE) 73 |
|
| 65#define AUDIT_EVENT_FILE "/etc/security/audit_event" 66#define AUDIT_CLASS_FILE "/etc/security/audit_class" 67#define AUDIT_CONTROL_FILE "/etc/security/audit_control" 68#define AUDIT_USER_FILE "/etc/security/audit_user" 69 70#define DIR_CONTROL_ENTRY "dir" 71#define MINFREE_CONTROL_ENTRY "minfree" 72#define FLAGS_CONTROL_ENTRY "flags" 73#define NA_CONTROL_ENTRY "naflags" | 74#define AUDIT_EVENT_FILE "/etc/security/audit_event" 75#define AUDIT_CLASS_FILE "/etc/security/audit_class" 76#define AUDIT_CONTROL_FILE "/etc/security/audit_control" 77#define AUDIT_USER_FILE "/etc/security/audit_user" 78 79#define DIR_CONTROL_ENTRY "dir" 80#define MINFREE_CONTROL_ENTRY "minfree" 81#define FLAGS_CONTROL_ENTRY "flags" 82#define NA_CONTROL_ENTRY "naflags" |
| 83#define POLICY_CONTROL_ENTRY "policy" |
|
| 74 75#define AU_CLASS_NAME_MAX 8 76#define AU_CLASS_DESC_MAX 72 77#define AU_EVENT_NAME_MAX 30 78#define AU_EVENT_DESC_MAX 50 79#define AU_USER_NAME_MAX 50 80#define AU_LINE_MAX 256 81#define MAX_AUDITSTRING_LEN 256 --- 624 unchanged lines hidden (view full) --- 706 * Functions relating to querying audit control information. 707 */ 708void setac(void); 709void endac(void); 710int getacdir(char *name, int len); 711int getacmin(int *min_val); 712int getacflg(char *auditstr, int len); 713int getacna(char *auditstr, int len); | 84 85#define AU_CLASS_NAME_MAX 8 86#define AU_CLASS_DESC_MAX 72 87#define AU_EVENT_NAME_MAX 30 88#define AU_EVENT_DESC_MAX 50 89#define AU_USER_NAME_MAX 50 90#define AU_LINE_MAX 256 91#define MAX_AUDITSTRING_LEN 256 --- 624 unchanged lines hidden (view full) --- 716 * Functions relating to querying audit control information. 717 */ 718void setac(void); 719void endac(void); 720int getacdir(char *name, int len); 721int getacmin(int *min_val); 722int getacflg(char *auditstr, int len); 723int getacna(char *auditstr, int len); |
| 724int getacpol(char *auditstr, size_t len); |
|
| 714int getauditflagsbin(char *auditstr, au_mask_t *masks); 715int getauditflagschar(char *auditstr, au_mask_t *masks, 716 int verbose); 717int au_preselect(au_event_t event, au_mask_t *mask_p, 718 int sorf, int flag); | 725int getauditflagsbin(char *auditstr, au_mask_t *masks); 726int getauditflagschar(char *auditstr, au_mask_t *masks, 727 int verbose); 728int au_preselect(au_event_t event, au_mask_t *mask_p, 729 int sorf, int flag); |
| 730ssize_t au_poltostr(long policy, size_t maxsize, char *buf); 731int au_strtopol(const char *polstr, long *policy); |
|
| 719 720/* 721 * Functions relating to querying audit event information. 722 */ 723void setauevent(void); 724void endauevent(void); 725struct au_event_ent *getauevent(void); 726struct au_event_ent *getauevent_r(struct au_event_ent *e); --- 446 unchanged lines hidden --- | 732 733/* 734 * Functions relating to querying audit event information. 735 */ 736void setauevent(void); 737void endauevent(void); 738struct au_event_ent *getauevent(void); 739struct au_event_ent *getauevent_r(struct au_event_ent *e); --- 446 unchanged lines hidden --- |