audit_reboot.c revision 11706:cd830a066051
1/* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21/* 22 * Copyright 2010 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 26#include <sys/types.h> 27#include <unistd.h> 28#include <stdlib.h> 29#include <bsm/audit.h> 30#include <bsm/audit_record.h> 31#include <bsm/audit_uevents.h> 32#include <bsm/libbsm.h> 33#include <bsm/audit_private.h> 34#include <generic.h> 35 36#ifdef C2_DEBUG 37#define dprintf(x) { (void) printf x; } 38#else 39#define dprintf(x) 40#endif 41 42static int audit_reboot_generic(int); 43 44int 45audit_reboot_setup() 46{ 47 dprintf(("audit_reboot_setup()\n")); 48 49 if (cannot_audit(0)) { 50 return (0); 51 } 52 53 (void) aug_init(); 54 aug_save_event(AUE_reboot_solaris); 55 (void) aug_save_me(); 56 return (0); 57} 58 59int 60audit_reboot_fail() 61{ 62 return (audit_reboot_generic(-1)); 63} 64 65int 66audit_reboot_success() 67{ 68 int res = 0; 69 70 (void) audit_reboot_generic(0); 71 /* 72 * wait for audit daemon 73 * to put reboot message onto audit trail 74 */ 75 if (!cannot_audit(0)) { 76 int cond = AUC_NOAUDIT; 77 int canaudit; 78 79 (void) sleep(1); 80 81 /* find out if audit daemon is running */ 82 (void) auditon(A_GETCOND, (caddr_t)&cond, sizeof (cond)); 83 canaudit = ((cond == AUC_AUDITING) || (cond == AUC_NOSPACE)); 84 85 /* turn off audit daemon and try to flush audit queue */ 86 if (canaudit && system("/usr/sbin/audit -t")) 87 res = -1; 88 89 (void) sleep(5); 90 } 91 92 return (res); 93} 94 95int 96audit_reboot_generic(int sorf) 97{ 98 dprintf(("audit_reboot_generic(%d)\n", sorf)); 99 100 if (cannot_audit(0)) { 101 return (0); 102 } 103 104 aug_save_sorf(sorf); 105 (void) aug_audit(); 106 107 return (0); 108} 109