1155131Srwatson/*- 2196031Srwatson * Copyright (c) 2005-2009 Robert N. M. Watson 3155131Srwatson * All rights reserved. 4155131Srwatson * 5155131Srwatson * Redistribution and use in source and binary forms, with or without 6155131Srwatson * modification, are permitted provided that the following conditions 7155131Srwatson * are met: 8155131Srwatson * 1. Redistributions of source code must retain the above copyright 9155131Srwatson * notice, this list of conditions and the following disclaimer. 10155131Srwatson * 2. Redistributions in binary form must reproduce the above copyright 11155131Srwatson * notice, this list of conditions and the following disclaimer in the 12155131Srwatson * documentation and/or other materials provided with the distribution. 13155131Srwatson * 14155131Srwatson * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 15155131Srwatson * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16155131Srwatson * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17155131Srwatson * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 18155131Srwatson * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19155131Srwatson * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20155131Srwatson * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21155131Srwatson * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22155131Srwatson * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23155131Srwatson * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24155131Srwatson * SUCH DAMAGE. 25155131Srwatson * 26196031Srwatson * $P4: //depot/projects/trustedbsd/openbsm/tools/audump.c#9 $ 27155131Srwatson */ 28155131Srwatson 29155131Srwatson#include <bsm/libbsm.h> 30155131Srwatson#include <string.h> 31155131Srwatson#include <err.h> 32155131Srwatson#include <limits.h> 33155131Srwatson#include <stdio.h> 34155131Srwatson#include <stdlib.h> 35155131Srwatson 36155131Srwatson/* 37155131Srwatson * Simple tool to dump various /etc/security databases using the defined APIs. 38155131Srwatson */ 39155131Srwatson 40155131Srwatsonstatic void 41155131Srwatsonusage(void) 42155131Srwatson{ 43155131Srwatson 44155518Srwatson fprintf(stderr, "usage: audump [class|class_r|control|event|event_r|" 45155131Srwatson "user|user_r]\n"); 46155131Srwatson exit(-1); 47155131Srwatson} 48155131Srwatson 49155131Srwatsonstatic void 50155131Srwatsonaudump_class(void) 51155131Srwatson{ 52155131Srwatson au_class_ent_t *cp; 53155131Srwatson 54155131Srwatson while ((cp = getauclassent()) != NULL) 55155131Srwatson printf("0x%08x:%s:%s\n", cp->ac_class, cp->ac_name, 56155131Srwatson cp->ac_desc); 57155131Srwatson} 58155131Srwatson 59155131Srwatsonstatic void 60155131Srwatsonaudump_class_r(void) 61155131Srwatson{ 62155131Srwatson char class_ent_name[AU_CLASS_NAME_MAX]; 63155131Srwatson char class_ent_desc[AU_CLASS_DESC_MAX]; 64155131Srwatson au_class_ent_t c, *cp; 65155131Srwatson 66155131Srwatson bzero(&c, sizeof(c)); 67155131Srwatson bzero(class_ent_name, sizeof(class_ent_name)); 68155131Srwatson bzero(class_ent_desc, sizeof(class_ent_desc)); 69155131Srwatson c.ac_name = class_ent_name; 70155131Srwatson c.ac_desc = class_ent_desc; 71155131Srwatson 72155131Srwatson while ((cp = getauclassent_r(&c)) != NULL) 73155131Srwatson printf("0x%08x:%s:%s\n", cp->ac_class, cp->ac_name, 74155131Srwatson cp->ac_desc); 75155131Srwatson} 76155131Srwatson 77155131Srwatsonstatic void 78155131Srwatsonaudump_control(void) 79155131Srwatson{ 80162503Srwatson char string[PATH_MAX], string2[PATH_MAX]; 81155131Srwatson int ret, val; 82162503Srwatson long policy; 83189279Srwatson time_t age; 84189279Srwatson size_t size; 85155131Srwatson 86155131Srwatson ret = getacflg(string, PATH_MAX); 87155131Srwatson if (ret == -2) 88155131Srwatson err(-1, "getacflg"); 89155131Srwatson if (ret != 0) 90155131Srwatson errx(-1, "getacflg: %d", ret); 91155131Srwatson 92155131Srwatson printf("flags:%s\n", string); 93155131Srwatson 94155131Srwatson ret = getacmin(&val); 95155131Srwatson if (ret == -2) 96155131Srwatson err(-1, "getacmin"); 97155131Srwatson if (ret != 0) 98155131Srwatson errx(-1, "getacmin: %d", ret); 99155131Srwatson 100155131Srwatson printf("min:%d\n", val); 101155131Srwatson 102155131Srwatson ret = getacna(string, PATH_MAX); 103155131Srwatson if (ret == -2) 104155131Srwatson err(-1, "getacna"); 105155131Srwatson if (ret != 0) 106155131Srwatson errx(-1, "getacna: %d", ret); 107155131Srwatson 108155131Srwatson printf("naflags:%s\n", string); 109155131Srwatson 110155131Srwatson setac(); 111155131Srwatson do { 112155131Srwatson ret = getacdir(string, PATH_MAX); 113155131Srwatson if (ret == -1) 114155131Srwatson break; 115155131Srwatson if (ret == -2) 116155131Srwatson err(-1, "getacdir"); 117155131Srwatson if (ret != 0) 118155131Srwatson errx(-1, "getacdir: %d", ret); 119155131Srwatson printf("dir:%s\n", string); 120155131Srwatson 121155131Srwatson } while (ret == 0); 122162503Srwatson 123162503Srwatson ret = getacpol(string, PATH_MAX); 124162503Srwatson if (ret != 0) 125162503Srwatson err(-1, "getacpol"); 126162503Srwatson if (au_strtopol(string, &policy) < 0) 127162503Srwatson err(-1, "au_strtopol"); 128168777Srwatson if (au_poltostr(policy, PATH_MAX, string2) < 0) 129162503Srwatson err(-1, "au_poltostr"); 130162503Srwatson printf("policy:%s\n", string2); 131189279Srwatson 132189279Srwatson ret = getacfilesz(&size); 133189279Srwatson if (ret == -2) 134189279Srwatson err(-1, "getacfilesz"); 135189279Srwatson if (ret != 0) 136189279Srwatson err(-1, "getacfilesz: %d", ret); 137189279Srwatson 138189279Srwatson printf("filesz:%ldB\n", size); 139189279Srwatson 140189279Srwatson 141189279Srwatson ret = getachost(string, PATH_MAX); 142189279Srwatson if (ret == -2) 143189279Srwatson err(-1, "getachost"); 144189279Srwatson if (ret == -3) 145189279Srwatson err(-1, "getachost: %d", ret); 146189279Srwatson if (ret == 0 && ret != 1) 147189279Srwatson printf("host:%s\n", string); 148189279Srwatson 149189279Srwatson ret = getacexpire(&val, &age, &size); 150189279Srwatson if (ret == -2) 151189279Srwatson err(-1, "getacexpire"); 152189279Srwatson if (ret == -1) 153189279Srwatson err(-1, "getacexpire: %d", ret); 154189279Srwatson if (ret == 0 && ret != 1) 155189279Srwatson printf("expire-after:%ldB %s %lds\n", size, 156189279Srwatson val ? "AND" : "OR", age); 157155131Srwatson} 158155131Srwatson 159155131Srwatsonstatic void 160155131Srwatsonprintf_classmask(au_class_t classmask) 161155131Srwatson{ 162155131Srwatson au_class_ent_t *c; 163155131Srwatson u_int32_t i; 164155131Srwatson int first; 165155131Srwatson 166155131Srwatson first = 1; 167155131Srwatson for (i = 0; i < 32; i++) { 168196031Srwatson if (classmask & (1 << i)) { 169155131Srwatson if (first) 170155131Srwatson first = 0; 171155131Srwatson else 172155131Srwatson printf(","); 173196031Srwatson c = getauclassnum(1 << i); 174155131Srwatson if (c != NULL) 175155131Srwatson printf("%s", c->ac_name); 176155131Srwatson else 177196031Srwatson printf("0x%x", 1 << i); 178155131Srwatson } 179155131Srwatson } 180155131Srwatson} 181155131Srwatson 182155131Srwatsonstatic void 183155131Srwatsonaudump_event(void) 184155131Srwatson{ 185155131Srwatson au_event_ent_t *ep; 186155131Srwatson 187155131Srwatson while ((ep = getauevent()) != NULL) { 188155131Srwatson printf("%d:%s:%s:", ep->ae_number, ep->ae_name, ep->ae_desc); 189155131Srwatson printf_classmask(ep->ae_class); 190155131Srwatson printf("\n"); 191155131Srwatson } 192155131Srwatson} 193155131Srwatson 194155131Srwatsonstatic void 195155131Srwatsonaudump_event_r(void) 196155131Srwatson{ 197155131Srwatson char event_ent_name[AU_EVENT_NAME_MAX]; 198155131Srwatson char event_ent_desc[AU_EVENT_DESC_MAX]; 199155131Srwatson au_event_ent_t e, *ep; 200155131Srwatson 201155131Srwatson bzero(&e, sizeof(e)); 202155131Srwatson bzero(event_ent_name, sizeof(event_ent_name)); 203155131Srwatson bzero(event_ent_desc, sizeof(event_ent_desc)); 204155131Srwatson e.ae_name = event_ent_name; 205155131Srwatson e.ae_desc = event_ent_desc; 206155131Srwatson 207155131Srwatson while ((ep = getauevent_r(&e)) != NULL) { 208155131Srwatson printf("%d:%s:%s:", ep->ae_number, ep->ae_name, ep->ae_desc); 209155131Srwatson printf_classmask(ep->ae_class); 210155131Srwatson printf("\n"); 211155131Srwatson } 212155131Srwatson} 213155131Srwatson 214155131Srwatsonstatic void 215155131Srwatsonaudump_user(void) 216155131Srwatson{ 217155131Srwatson au_user_ent_t *up; 218155131Srwatson 219155131Srwatson while ((up = getauuserent()) != NULL) { 220155131Srwatson printf("%s:", up->au_name); 221155131Srwatson // printf_classmask(up->au_always); 222155131Srwatson printf(":"); 223155131Srwatson // printf_classmask(up->au_never); 224155131Srwatson printf("\n"); 225155131Srwatson } 226155131Srwatson} 227155131Srwatson 228155131Srwatsonstatic void 229155131Srwatsonaudump_user_r(void) 230155131Srwatson{ 231155131Srwatson char user_ent_name[AU_USER_NAME_MAX]; 232155131Srwatson au_user_ent_t u, *up; 233155131Srwatson 234155131Srwatson bzero(&u, sizeof(u)); 235155131Srwatson bzero(user_ent_name, sizeof(user_ent_name)); 236155131Srwatson u.au_name = user_ent_name; 237155131Srwatson 238155131Srwatson while ((up = getauuserent_r(&u)) != NULL) { 239155131Srwatson printf("%s:", up->au_name); 240155131Srwatson // printf_classmask(up->au_always); 241155131Srwatson printf(":"); 242155131Srwatson // printf_classmask(up->au_never); 243155131Srwatson printf("\n"); 244155131Srwatson } 245155131Srwatson} 246155131Srwatson 247155131Srwatsonint 248155131Srwatsonmain(int argc, char *argv[]) 249155131Srwatson{ 250155131Srwatson 251155131Srwatson if (argc != 2) 252155131Srwatson usage(); 253155131Srwatson 254155131Srwatson if (strcmp(argv[1], "class") == 0) 255155131Srwatson audump_class(); 256155131Srwatson else if (strcmp(argv[1], "class_r") == 0) 257155131Srwatson audump_class_r(); 258155131Srwatson else if (strcmp(argv[1], "control") == 0) 259155131Srwatson audump_control(); 260155131Srwatson else if (strcmp(argv[1], "event") == 0) 261155131Srwatson audump_event(); 262155131Srwatson else if (strcmp(argv[1], "event_r") == 0) 263155131Srwatson audump_event_r(); 264155131Srwatson else if (strcmp(argv[1], "user") == 0) 265155131Srwatson audump_user(); 266155131Srwatson else if (strcmp(argv[1], "user_r") == 0) 267155131Srwatson audump_user_r(); 268155131Srwatson else 269155131Srwatson usage(); 270155131Srwatson 271155131Srwatson return (0); 272155131Srwatson} 273