bsm_wrappers.c (159248) | bsm_wrappers.c (168777) |
---|---|
1/* 2 * Copyright (c) 2004 Apple Computer, Inc. 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright --- 12 unchanged lines hidden (view full) --- 21 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 25 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING 26 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 27 * POSSIBILITY OF SUCH DAMAGE. 28 * | 1/* 2 * Copyright (c) 2004 Apple Computer, Inc. 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright --- 12 unchanged lines hidden (view full) --- 21 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 25 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING 26 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 27 * POSSIBILITY OF SUCH DAMAGE. 28 * |
29 * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_wrappers.c#23 $ | 29 * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_wrappers.c#24 $ |
30 */ 31 32#ifdef __APPLE__ 33#define _SYS_AUDIT_H /* Prevent include of sys/audit.h. */ 34#endif 35 36#include <sys/param.h> 37#include <sys/stat.h> --- 23 unchanged lines hidden (view full) --- 61audit_submit(short au_event, au_id_t auid, char status, 62 int reterr, const char *fmt, ...) 63{ 64 char text[MAX_AUDITSTRING_LEN]; 65 token_t *token; 66 long acond; 67 va_list ap; 68 pid_t pid; | 30 */ 31 32#ifdef __APPLE__ 33#define _SYS_AUDIT_H /* Prevent include of sys/audit.h. */ 34#endif 35 36#include <sys/param.h> 37#include <sys/stat.h> --- 23 unchanged lines hidden (view full) --- 61audit_submit(short au_event, au_id_t auid, char status, 62 int reterr, const char *fmt, ...) 63{ 64 char text[MAX_AUDITSTRING_LEN]; 65 token_t *token; 66 long acond; 67 va_list ap; 68 pid_t pid; |
69 int error, afd; | 69 int error, afd, subj_ex; |
70 struct auditinfo ai; | 70 struct auditinfo ai; |
71 struct auditinfo_addr aia; |
|
71 72 if (auditon(A_GETCOND, &acond, sizeof(acond)) < 0) { 73 /* 74 * If auditon(2) returns ENOSYS, then audit has not been 75 * compiled into the kernel, so just return. 76 */ 77 if (errno == ENOSYS) 78 return (0); 79 error = errno; 80 syslog(LOG_AUTH | LOG_ERR, "audit: auditon failed: %s", 81 strerror(errno)); 82 errno = error; 83 return (-1); 84 } 85 if (acond == AUC_NOAUDIT) 86 return (0); | 72 73 if (auditon(A_GETCOND, &acond, sizeof(acond)) < 0) { 74 /* 75 * If auditon(2) returns ENOSYS, then audit has not been 76 * compiled into the kernel, so just return. 77 */ 78 if (errno == ENOSYS) 79 return (0); 80 error = errno; 81 syslog(LOG_AUTH | LOG_ERR, "audit: auditon failed: %s", 82 strerror(errno)); 83 errno = error; 84 return (-1); 85 } 86 if (acond == AUC_NOAUDIT) 87 return (0); |
88 /* XXXCSJP we should be doing a pre-select here */ |
|
87 afd = au_open(); 88 if (afd < 0) { 89 error = errno; 90 syslog(LOG_AUTH | LOG_ERR, "audit: au_open failed: %s", 91 strerror(errno)); 92 errno = error; 93 return (-1); 94 } | 89 afd = au_open(); 90 if (afd < 0) { 91 error = errno; 92 syslog(LOG_AUTH | LOG_ERR, "audit: au_open failed: %s", 93 strerror(errno)); 94 errno = error; 95 return (-1); 96 } |
95 if (getaudit(&ai) < 0) { | 97 /* 98 * Some operating systems do not have getaudit_addr(2) implemented 99 * yet. So we try to use getaudit(2) first, if the subject is 100 * using IPv6, then we will have to try getaudit_addr(2). Failing 101 * this, we return error. 102 */ 103 subj_ex = 0; 104 error = getaudit(&ai); 105 if (error < 0 && errno == E2BIG) { 106 error = getaudit_addr(&aia, sizeof(aia)); 107 if (error == 0) 108 subj_ex = 1; 109 } 110 if (error < 0) { |
96 error = errno; 97 syslog(LOG_AUTH | LOG_ERR, "audit: getaudit failed: %s", 98 strerror(errno)); 99 errno = error; 100 return (-1); 101 } 102 pid = getpid(); | 111 error = errno; 112 syslog(LOG_AUTH | LOG_ERR, "audit: getaudit failed: %s", 113 strerror(errno)); 114 errno = error; 115 return (-1); 116 } 117 pid = getpid(); |
103 token = au_to_subject32(auid, geteuid(), getegid(), 104 getuid(), getgid(), pid, pid, &ai.ai_termid); | 118 if (subj_ex == 0) 119 token = au_to_subject32(auid, geteuid(), getegid(), 120 getuid(), getgid(), pid, pid, &ai.ai_termid); 121 else 122 token = au_to_subject_ex(auid, geteuid(), getegid(), 123 getuid(), getgid(), pid, pid, &aia.ai_termid); |
105 if (token == NULL) { 106 syslog(LOG_AUTH | LOG_ERR, 107 "audit: unable to build subject token"); 108 (void) au_close(afd, AU_TO_NO_WRITE, au_event); 109 errno = EPERM; 110 return (-1); 111 } 112 if (au_write(afd, token) < 0) { --- 338 unchanged lines hidden --- | 124 if (token == NULL) { 125 syslog(LOG_AUTH | LOG_ERR, 126 "audit: unable to build subject token"); 127 (void) au_close(afd, AU_TO_NO_WRITE, au_event); 128 errno = EPERM; 129 return (-1); 130 } 131 if (au_write(afd, token) < 0) { --- 338 unchanged lines hidden --- |