1/* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21/* 22 * Copyright (c) 2009, 2010, Oracle and/or its affiliates. All rights reserved. 23 */ 24 25#ifndef _AUDIT_POLICY_H 26#define _AUDIT_POLICY_H 27 28#ifdef __cplusplus 29extern "C" { 30#endif 31 32#include <bsm/audit.h> 33#include <bsm/libbsm.h> 34 35#define ALL_POLICIES (AUDIT_AHLT|\ 36 AUDIT_ARGE|\ 37 AUDIT_ARGV|\ 38 AUDIT_CNT|\ 39 AUDIT_GROUP|\ 40 AUDIT_SEQ|\ 41 AUDIT_TRAIL|\ 42 AUDIT_PATH|\ 43 AUDIT_PUBLIC|\ 44 AUDIT_ZONENAME|\ 45 AUDIT_PERZONE|\ 46 AUDIT_WINDATA_DOWN|\ 47 AUDIT_WINDATA_UP) 48 49#define NO_POLICIES (0) 50 51struct policy_entry { 52 char *policy_str; 53 uint32_t policy_mask; 54 char *policy_desc; 55}; 56typedef struct policy_entry policy_entry_t; 57 58static policy_entry_t policy_table[] = { 59 {"ahlt", AUDIT_AHLT, "halt machine if it can not record an " 60 "async event"}, 61 {"all", ALL_POLICIES, "all policies"}, 62 {"arge", AUDIT_ARGE, "include exec environment args in audit recs"}, 63 {"argv", AUDIT_ARGV, "include exec command line args in audit recs"}, 64 {"cnt", AUDIT_CNT, "when no more space, drop recs and keep a cnt"}, 65 {"group", AUDIT_GROUP, "include supplementary groups in audit recs"}, 66 {"none", NO_POLICIES, "no policies"}, 67 {"path", AUDIT_PATH, "allow multiple paths per event"}, 68 {"perzone", AUDIT_PERZONE, "use a separate queue and auditd per " 69 "zone"}, 70 {"public", AUDIT_PUBLIC, "audit public files"}, 71 {"seq", AUDIT_SEQ, "include a sequence number in audit recs"}, 72 {"trail", AUDIT_TRAIL, "include trailer token in audit recs"}, 73 {"windata_down", AUDIT_WINDATA_DOWN, "include downgraded window " 74 "information in audit recs"}, 75 {"windata_up", AUDIT_WINDATA_UP, "include upgraded window " 76 "information in audit recs"}, 77 {"zonename", AUDIT_ZONENAME, "include zonename token in audit recs"} 78}; 79 80#define POLICY_TBL_SZ (sizeof (policy_table) / sizeof (policy_entry_t)) 81 82#ifdef __cplusplus 83} 84#endif 85 86#endif /* _AUDIT_POLICY_H */ 87