1/* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21/* 22 * Copyright 2010 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 26#include <sys/types.h> 27#include <tsol/label.h> 28#include <bsm/audit.h> 29#include <bsm/libbsm.h> 30#include <bsm/audit_private.h> 31#include <unistd.h> 32#include <string.h> 33#include <bsm/audit_uevents.h> 34#include <generic.h> 35#include <stdlib.h> 36#include <alloca.h> 37 38static int s_audit; /* successful audit event */ 39static int f_audit; /* failure audit event */ 40 41static int ad; /* audit descriptor */ 42 43void 44audit_allocate_argv(flg, argc, argv) 45 int flg; 46 int argc; 47 char *argv[]; 48{ 49 int i; 50 51 if (cannot_audit(0)) { 52 return; 53 } 54 55 switch (flg) { 56 case 0: 57 s_audit = AUE_allocate_succ; 58 f_audit = AUE_allocate_fail; 59 break; 60 case 1: 61 s_audit = AUE_deallocate_succ; 62 f_audit = AUE_deallocate_fail; 63 break; 64 case 2: 65 s_audit = AUE_listdevice_succ; 66 f_audit = AUE_listdevice_fail; 67 break; 68 } 69 70 ad = au_open(); 71 72 for (i = 0; i < argc; i++) 73 (void) au_write(ad, au_to_text(argv[i])); 74} 75 76void 77audit_allocate_device(path) 78 char *path; 79{ 80 if (cannot_audit(0)) { 81 return; 82 } 83 (void) au_write(ad, au_to_path(path)); 84} 85 86int 87audit_allocate_record(status) 88 char status; /* success failure of operation */ 89{ 90 auditinfo_addr_t mask; /* audit ID */ 91 au_event_t event; /* audit event number */ 92 uint32_t policy; /* audit policy */ 93 int ng; /* number of groups in process */ 94 95#ifdef DEBUG 96 (void) printf("audit_allocate_record(%d)\n", status); 97#endif 98 99 if (cannot_audit(0)) { 100 return (0); 101 } 102 103 if (getaudit_addr(&mask, sizeof (mask)) < 0) { 104 if (!status) 105 return (1); 106 return (0); 107 } 108 109 if (auditon(A_GETPOLICY, (caddr_t)&policy, 0) < 0) { 110 if (!status) 111 return (1); 112 return (0); 113 } 114 115 116 /* determine if we're preselected */ 117 if (status) 118 event = f_audit; 119 else 120 event = s_audit; 121 122 if (au_preselect(event, &mask.ai_mask, AU_PRS_BOTH, AU_PRS_REREAD) 123 == NULL) 124 return (0); 125 126 (void) au_write(ad, au_to_me()); /* add subject token */ 127 if (is_system_labeled()) 128 (void) au_write(ad, au_to_mylabel()); 129 130 if (policy & AUDIT_GROUP) { /* add optional group token */ 131 gid_t *grplst; 132 int maxgrp = getgroups(0, NULL); 133 134 grplst = alloca(maxgrp * sizeof (gid_t)); 135 136 if ((ng = getgroups(maxgrp, grplst)) < 0) { 137 (void) au_close(ad, 0, 0); 138 if (!status) 139 return (1); 140 return (0); 141 } 142 (void) au_write(ad, au_to_newgroups(ng, grplst)); 143 } 144 145 if (status) 146 (void) au_write(ad, au_to_exit(status, -1)); 147 else 148 (void) au_write(ad, au_to_exit(0, 0)); 149 150 /* write audit record */ 151 if (au_close(ad, 1, event) < 0) { 152 (void) au_close(ad, 0, 0); 153 if (!status) 154 return (1); 155 } 156 157 return (0); 158} 159 160void 161audit_allocate_list(list) 162 char *list; 163{ 164 char *buf; 165 char *file; 166 char *last; 167 168 if (cannot_audit(0)) { 169 return; 170 } 171 172 if ((buf = strdup(list)) == NULL) 173 return; 174 175 for (file = strtok_r(buf, " ", &last); file; 176 file = strtok_r(NULL, " ", &last)) 177 (void) au_write(ad, au_to_path(file)); 178 179 free(buf); 180} 181