Date: Fri, 20 Jun 2008 15:03:56 GMT From: Stacey Son <sson@FreeBSD.org> To: Perforce Change Reviews <perforce@FreeBSD.org> Subject: PERFORCE change 143821 for review Message-ID: <200806201503.m5KF3ub6027158@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=143821 Change 143821 by sson@sson_amd64 on 2008/06/20 15:03:20 - For darwin, added Mach IPC support for audit trigger messages. - Added LOG_PERROR flag to openlog when -d option is used with auditd. - Fixed minor autoconf bugs in audit and auditd dealing with queue.h. - Updated the HISTORY file. Affected files ... .. //depot/projects/trustedbsd/openbsm/HISTORY#67 edit .. //depot/projects/trustedbsd/openbsm/bin/audit/Makefile.am#2 edit .. //depot/projects/trustedbsd/openbsm/bin/audit/Makefile.in#5 edit .. //depot/projects/trustedbsd/openbsm/bin/audit/audit.c#9 edit .. //depot/projects/trustedbsd/openbsm/bin/audit/auditd_control.defs#1 add .. //depot/projects/trustedbsd/openbsm/bin/auditd/Makefile.am#2 edit .. //depot/projects/trustedbsd/openbsm/bin/auditd/Makefile.in#5 edit .. //depot/projects/trustedbsd/openbsm/bin/auditd/audit_triggers.defs#1 add .. //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#27 edit .. //depot/projects/trustedbsd/openbsm/bin/auditd/auditd_control.defs#1 add .. //depot/projects/trustedbsd/openbsm/config/config.h.in#12 edit .. //depot/projects/trustedbsd/openbsm/configure#36 edit .. //depot/projects/trustedbsd/openbsm/configure.ac#39 edit Differences ... ==== //depot/projects/trustedbsd/openbsm/HISTORY#67 (text+ko) ==== @@ -1,4 +1,7 @@ - Modify the -m option so users can select more then one audit event. +- For darwin, added Mach IPC support for audit trigger messages. +- Fixed a bug in getacna() which resulted in a locking problem on darwin. +- Added LOG_PERROR flag to openlog when -d option is used with auditd. OpenBSM 1.1 alpha 1 @@ -318,4 +321,4 @@ to support reloading of kernel event table. - Allow comments in /etc/security configuration files. -$P4: //depot/projects/trustedbsd/openbsm/HISTORY#66 $ +$P4: //depot/projects/trustedbsd/openbsm/HISTORY#67 $ ==== //depot/projects/trustedbsd/openbsm/bin/audit/Makefile.am#2 (text+ko) ==== @@ -1,10 +1,19 @@ # -# $P4: //depot/projects/trustedbsd/openbsm/bin/audit/Makefile.am#1 $ +# $P4: //depot/projects/trustedbsd/openbsm/bin/audit/Makefile.am#2 $ # INCLUDES = -I$(top_srcdir) sbin_PROGRAMS = audit -audit_SOURCES = audit.c audit_LDADD = $(top_builddir)/libbsm/libbsm.la man8_MANS = audit.8 + +if USE_MACH_IPC +audit_SOURCES = auditd_control_user.c audit.c +CLEANFILES = auditd_control_user.c auditd_control_user.h + +auditd_control_user.c: auditd_control.defs + $(MIG) -user auditd_control_user.c -header auditd_control_user.h -server /dev/null -sheader /dev/null auditd_control.defs +else +audit_SOURCES = audit.c +endif ==== //depot/projects/trustedbsd/openbsm/bin/audit/Makefile.in#5 (text+ko) ==== @@ -15,7 +15,7 @@ @SET_MAKE@ # -# $P4: //depot/projects/trustedbsd/openbsm/bin/audit/Makefile.in#4 $ +# $P4: //depot/projects/trustedbsd/openbsm/bin/audit/Makefile.in#5 $ # VPATH = @srcdir@ @@ -49,7 +49,10 @@ am__installdirs = "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(man8dir)" sbinPROGRAMS_INSTALL = $(INSTALL_PROGRAM) PROGRAMS = $(sbin_PROGRAMS) -am_audit_OBJECTS = audit.$(OBJEXT) +am__audit_SOURCES_DIST = audit.c auditd_control_user.c +@USE_MACH_IPC_FALSE@am_audit_OBJECTS = audit.$(OBJEXT) +@USE_MACH_IPC_TRUE@am_audit_OBJECTS = auditd_control_user.$(OBJEXT) \ +@USE_MACH_IPC_TRUE@ audit.$(OBJEXT) audit_OBJECTS = $(am_audit_OBJECTS) audit_DEPENDENCIES = $(top_builddir)/libbsm/libbsm.la DEFAULT_INCLUDES = -I. -I$(top_builddir)/config@am__isrc@ @@ -65,7 +68,7 @@ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ $(LDFLAGS) -o $@ SOURCES = $(audit_SOURCES) -DIST_SOURCES = $(audit_SOURCES) +DIST_SOURCES = $(am__audit_SOURCES_DIST) man8dir = $(mandir)/man8 NROFF = nroff MANS = $(man8_MANS) @@ -113,6 +116,7 @@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MIG = @MIG@ MKDIR_P = @MKDIR_P@ OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ @@ -123,7 +127,6 @@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ RANLIB = @RANLIB@ -SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ STRIP = @STRIP@ @@ -180,9 +183,11 @@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ INCLUDES = -I$(top_srcdir) -audit_SOURCES = audit.c audit_LDADD = $(top_builddir)/libbsm/libbsm.la man8_MANS = audit.8 +@USE_MACH_IPC_FALSE@audit_SOURCES = audit.c +@USE_MACH_IPC_TRUE@audit_SOURCES = auditd_control_user.c audit.c +@USE_MACH_IPC_TRUE@CLEANFILES = auditd_control_user.c auditd_control_user.h all: all-am .SUFFIXES: @@ -196,9 +201,9 @@ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign bin/audit/Makefile'; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu bin/audit/Makefile'; \ cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign bin/audit/Makefile + $(AUTOMAKE) --gnu bin/audit/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -255,6 +260,7 @@ -rm -f *.tab.c @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/audit.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/auditd_control_user.Po@am__quote@ .c.o: @am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< @@ -426,6 +432,7 @@ mostlyclean-generic: clean-generic: + -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) @@ -511,6 +518,9 @@ tags uninstall uninstall-am uninstall-man uninstall-man8 \ uninstall-sbinPROGRAMS + +@USE_MACH_IPC_TRUE@auditd_control_user.c: auditd_control.defs +@USE_MACH_IPC_TRUE@ $(MIG) -user auditd_control_user.c -header auditd_control_user.h -server /dev/null -sheader /dev/null auditd_control.defs # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: ==== //depot/projects/trustedbsd/openbsm/bin/audit/audit.c#9 (text+ko) ==== @@ -26,7 +26,7 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/bin/audit/audit.c#8 $ + * $P4: //depot/projects/trustedbsd/openbsm/bin/audit/audit.c#9 $ */ /* * Program to trigger the audit daemon with a message that is either: @@ -37,7 +37,12 @@ */ #include <sys/types.h> +#include <config/config.h> +#ifdef HAVE_FULL_QUEUE_H #include <sys/queue.h> +#else /* !HAVE_FULL_QUEUE_H */ +#include <compat/queue.h> +#endif /* !HAVE_FULL_QUEUE_H */ #include <sys/uio.h> #include <bsm/libbsm.h> @@ -47,6 +52,58 @@ #include <stdlib.h> #include <unistd.h> + +static int send_trigger(unsigned int); + +#ifdef USE_MACH_IPC +#include <mach/mach.h> +#include <servers/netname.h> +#include <mach/message.h> +#include <mach/port.h> +#include <mach/mach_error.h> +#include <mach/host_special_ports.h> +#include <servers/bootstrap.h> + +#include "auditd_control_user.h" + +static int +send_trigger(unsigned int trigger) +{ + mach_port_t serverPort; + kern_return_t error; + + error = host_get_audit_control_port(mach_host_self(), &serverPort); + if (error != KERN_SUCCESS) { + mach_error("Cannot get auditd_control Mach port: ", error); + return (-1); + } + + error = auditd_control(serverPort, trigger); + if (error != KERN_SUCCESS) { + mach_error("Error sending trigger: ", error); + return (-1); + } + + return (0); +} + +#else /* ! USE_MACH_IPC */ + +static int +send_trigger(unsigned int trigger) +{ + int error; + + error = auditon(A_SENDTRIGGER, &trigger, sizeof(trigger)); + if (error != 0) { + perror("Error sending trigger"); + return (-1); + } + + return (0); +} +#endif /* ! USE_MACH_IPC */ + static void usage(void) { @@ -88,11 +145,9 @@ break; } } - if (auditon(A_SENDTRIGGER, &trigger, sizeof(trigger)) < 0) { - perror("Error sending trigger"); + if (send_trigger(trigger) < 0) exit(-1); - } else { - printf("Trigger sent.\n"); - exit (0); - } + + printf("Trigger sent.\n"); + exit (0); } ==== //depot/projects/trustedbsd/openbsm/bin/auditd/Makefile.am#2 (text+ko) ==== @@ -1,10 +1,22 @@ # -# $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/Makefile.am#1 $ +# $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/Makefile.am#2 $ # INCLUDES = -I$(top_srcdir) sbin_PROGRAMS = auditd -auditd_SOURCES = audit_warn.c auditd.c auditd_LDADD = $(top_builddir)/libbsm/libbsm.la man8_MANS = auditd.8 + +if USE_MACH_IPC +auditd_SOURCES = auditd_control_server.c audit_triggers_server.c audit_warn.c auditd.c +CLEANFILES = auditd_control_server.c auditd_control_server.h audit_triggers_server.c audit_triggers_server.h + +auditd_control_server.c: auditd_control.defs + $(MIG) -user /dev/null -header /dev/null -server auditd_control_server.c -sheader auditd_control_server.h auditd_control.defs + +audit_triggers_server.c: audit_triggers.defs + $(MIG) -user /dev/null -header /dev/null -server audit_triggers_server.c -sheader audit_triggers_server.h audit_triggers.defs +else +auditd_SOURCES = audit_warn.c auditd.c +endif ==== //depot/projects/trustedbsd/openbsm/bin/auditd/Makefile.in#5 (text+ko) ==== @@ -15,7 +15,7 @@ @SET_MAKE@ # -# $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/Makefile.in#4 $ +# $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/Makefile.in#5 $ # VPATH = @srcdir@ @@ -49,7 +49,14 @@ am__installdirs = "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(man8dir)" sbinPROGRAMS_INSTALL = $(INSTALL_PROGRAM) PROGRAMS = $(sbin_PROGRAMS) -am_auditd_OBJECTS = audit_warn.$(OBJEXT) auditd.$(OBJEXT) +am__auditd_SOURCES_DIST = audit_warn.c auditd.c \ + auditd_control_server.c audit_triggers_server.c +@USE_MACH_IPC_FALSE@am_auditd_OBJECTS = audit_warn.$(OBJEXT) \ +@USE_MACH_IPC_FALSE@ auditd.$(OBJEXT) +@USE_MACH_IPC_TRUE@am_auditd_OBJECTS = \ +@USE_MACH_IPC_TRUE@ auditd_control_server.$(OBJEXT) \ +@USE_MACH_IPC_TRUE@ audit_triggers_server.$(OBJEXT) \ +@USE_MACH_IPC_TRUE@ audit_warn.$(OBJEXT) auditd.$(OBJEXT) auditd_OBJECTS = $(am_auditd_OBJECTS) auditd_DEPENDENCIES = $(top_builddir)/libbsm/libbsm.la DEFAULT_INCLUDES = -I. -I$(top_builddir)/config@am__isrc@ @@ -65,7 +72,7 @@ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ $(LDFLAGS) -o $@ SOURCES = $(auditd_SOURCES) -DIST_SOURCES = $(auditd_SOURCES) +DIST_SOURCES = $(am__auditd_SOURCES_DIST) man8dir = $(mandir)/man8 NROFF = nroff MANS = $(man8_MANS) @@ -113,6 +120,7 @@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ +MIG = @MIG@ MKDIR_P = @MKDIR_P@ OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ @@ -123,7 +131,6 @@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ RANLIB = @RANLIB@ -SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ STRIP = @STRIP@ @@ -180,9 +187,11 @@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ INCLUDES = -I$(top_srcdir) -auditd_SOURCES = audit_warn.c auditd.c auditd_LDADD = $(top_builddir)/libbsm/libbsm.la man8_MANS = auditd.8 +@USE_MACH_IPC_FALSE@auditd_SOURCES = audit_warn.c auditd.c +@USE_MACH_IPC_TRUE@auditd_SOURCES = auditd_control_server.c audit_triggers_server.c audit_warn.c auditd.c +@USE_MACH_IPC_TRUE@CLEANFILES = auditd_control_server.c auditd_control_server.h audit_triggers_server.c audit_triggers_server.h all: all-am .SUFFIXES: @@ -196,9 +205,9 @@ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign bin/auditd/Makefile'; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu bin/auditd/Makefile'; \ cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign bin/auditd/Makefile + $(AUTOMAKE) --gnu bin/auditd/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -254,8 +263,10 @@ distclean-compile: -rm -f *.tab.c +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/audit_triggers_server.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/audit_warn.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/auditd.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/auditd_control_server.Po@am__quote@ .c.o: @am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< @@ -427,6 +438,7 @@ mostlyclean-generic: clean-generic: + -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) @@ -512,6 +524,12 @@ tags uninstall uninstall-am uninstall-man uninstall-man8 \ uninstall-sbinPROGRAMS + +@USE_MACH_IPC_TRUE@auditd_control_server.c: auditd_control.defs +@USE_MACH_IPC_TRUE@ $(MIG) -user /dev/null -header /dev/null -server auditd_control_server.c -sheader auditd_control_server.h auditd_control.defs + +@USE_MACH_IPC_TRUE@audit_triggers_server.c: audit_triggers.defs +@USE_MACH_IPC_TRUE@ $(MIG) -user /dev/null -header /dev/null -server audit_triggers_server.c -sheader audit_triggers_server.h audit_triggers.defs # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: ==== //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#27 (text+ko) ==== @@ -26,13 +26,20 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#26 $ + * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#27 $ */ #include <sys/types.h> + +#include <config/config.h> + #include <sys/dirent.h> #include <sys/mman.h> +#ifdef HAVE_FULL_QUEUE_H #include <sys/queue.h> +#else /* !HAVE_FULL_QUEUE_H */ +#include <compat/queue.h> +#endif /* !HAVE_FULL_QUEUE_H */ #include <sys/stat.h> #include <sys/wait.h> @@ -53,18 +60,40 @@ #include <syslog.h> #include "auditd.h" +#ifdef USE_MACH_IPC +#include <notify.h> +#include <mach/port.h> +#include <mach/mach_error.h> +#include <mach/mach_traps.h> +#include <mach/mach.h> +#include <mach/host_special_ports.h> +#include "auditd_control_server.h" +#include "audit_triggers_server.h" +#endif /* USE_MACH_IPC */ + #define NA_EVENT_STR_SIZE 25 #define POL_STR_SIZE 128 - static int ret, minval; static char *lastfile = NULL; static int allhardcount = 0; static int triggerfd = 0; static int sigchlds, sigchlds_handled; static int sighups, sighups_handled; +#ifndef USE_MACH_IPC static int sigterms, sigterms_handled; +#else /* USE_MACH_IPC */ + +static mach_port_t control_port = MACH_PORT_NULL; +static mach_port_t signal_port = MACH_PORT_NULL; +static mach_port_t port_set = MACH_PORT_NULL; + +#ifndef __BSM_INTERNAL_NOTIFY_KEY +#define __BSM_INTERNAL_NOTIFY_KEY "com.apple.audit.change" +#endif /* __BSM_INTERNAL_NOTIFY_KEY */ +#endif /* USE_MACH_IPC */ + static TAILQ_HEAD(, dir_ent) dir_q; static int config_audit_controls(void); @@ -305,6 +334,11 @@ free_dir_q(); endac(); +#ifdef USE_MACH_IPC + /* Post that the audit config changed. */ + notify_post(__BSM_INTERNAL_NOTIFY_KEY); +#endif + /* * Read the list of directories into a local linked list. * @@ -415,8 +449,10 @@ } endac(); +#ifdef USE_MACH_IPC if (close(triggerfd) != 0) syslog(LOG_ERR, "Error closing control file"); +#endif syslog(LOG_INFO, "Finished"); return (0); } @@ -427,6 +463,22 @@ * main servicing loop to do proper handling from a non-signal-handler * context. */ +#ifdef USE_MACH_IPC +static void +relay_signal(int signal) +{ + mach_msg_empty_send_t msg; + + msg.header.msgh_id = signal; + msg.header.msgh_remote_port = signal_port; + msg.header.msgh_local_port = MACH_PORT_NULL; + msg.header.msgh_bits = MACH_MSGH_BITS(MACH_MSG_TYPE_MAKE_SEND, 0); + mach_msg(&(msg.header), MACH_SEND_MSG|MACH_SEND_TIMEOUT, sizeof(msg), + 0, MACH_PORT_NULL, MACH_MSG_TIMEOUT_NONE, MACH_PORT_NULL); +} + +#else /* ! USE_MACH_IPC */ + static void relay_signal(int signal) { @@ -438,6 +490,7 @@ if (signal == SIGCHLD) sigchlds++; } +#endif /* ! USE_MACH_IPC */ /* * Registering the daemon. @@ -492,6 +545,48 @@ return (0); } +#ifdef USE_MACH_IPC +/* + * Implementation of the auditd_control() MIG simpleroutine. + * + * React to input from the audit(1) tool. + */ + +/* ARGSUSED */ +kern_return_t +auditd_control(mach_port_t __unused auditd_port, int trigger) +{ + int err_ret = 0; + + switch (trigger) { + + case AUDIT_TRIGGER_ROTATE_USER: + /* + * Create a new file and swap with the one + * being used in kernel. + */ + if (swap_audit_file() == -1) + syslog(LOG_ERR, "Error swapping audit file"); + break; + + case AUDIT_TRIGGER_READ_FILE: + if (read_control_file() == -1) + syslog(LOG_ERR, "Error in audit control file"); + break; + + case AUDIT_TRIGGER_CLOSE_AND_DIE: + err_ret = close_all(); + exit (err_ret); + break; + + default: + break; + } + + return (KERN_SUCCESS); +} +#endif /* USE_MACH_IPC */ + /* * Handle the audit trigger event. * @@ -503,8 +598,18 @@ * not be retransmitted, and the log file will grow in an unbounded fashion. */ #define DUPLICATE_INTERVAL 30 -static void +#ifdef USE_MACH_IPC +#define AT_SUCCESS KERN_SUCCESS + +/* ARGSUSED */ +kern_return_t +audit_triggers(mach_port_t __unused audit_port, int trigger) +#else +#define AT_SUCCESS 0 + +static int handle_audit_trigger(int trigger) +#endif { static int last_trigger, last_warning; static time_t last_time; @@ -533,7 +638,7 @@ syslog(LOG_INFO, "Suppressing duplicate trigger %d", trigger); - return; + return (AT_SUCCESS); } last_warning = tt; break; @@ -634,8 +739,12 @@ syslog(LOG_ERR, "Got unknown trigger %d", trigger); break; } + + return (AT_SUCCESS); } +#undef AT_SUCCESS + static void handle_sighup(void) { @@ -675,6 +784,60 @@ /* * Read the control file for triggers/signals and handle appropriately. */ +#ifdef USE_MACH_IPC +#define MAX_MSG_SIZE 4096 + +static boolean_t +auditd_combined_server(mach_msg_header_t *InHeadP, mach_msg_header_t *OutHeadP) +{ + mach_port_t local_port = InHeadP->msgh_local_port; + + if (local_port == signal_port) { + int signo = InHeadP->msgh_id; + int ret; + + switch(signo) { + case SIGTERM: + ret = close_all(); + exit(ret); + + case SIGCHLD: + handle_sigchld(); + return (TRUE); + + case SIGHUP: + handle_sighup(); + return (TRUE); + + default: + syslog(LOG_INFO, "Received signal %d", signo); + return (TRUE); + } + } else if (local_port == control_port) { + boolean_t result; + + result = audit_triggers_server(InHeadP, OutHeadP); + if (!result) + result = auditd_control_server(InHeadP, OutHeadP); + return (result); + } + syslog(LOG_INFO, "Recevied msg on bad port 0x%x.", local_port); + return (FALSE); +} + +static int +wait_for_events(void) +{ + kern_return_t result; + + result = mach_msg_server(auditd_combined_server, MAX_MSG_SIZE, + port_set, MACH_MSG_OPTION_NONE); + syslog(LOG_ERR, "abnormal exit\n"); + return (close_all()); +} + +#else /* ! USE_MACH_IPC */ + static int wait_for_events(void) { @@ -706,10 +869,11 @@ if (trigger == AUDIT_TRIGGER_CLOSE_AND_DIE) break; else - handle_audit_trigger(trigger); + (void)handle_audit_trigger(trigger); } return (close_all()); } +#endif /* ! USE_MACH_IPC */ /* * Configure the audit controls in the kernel: the event to class mapping, @@ -820,6 +984,62 @@ return (0); } +#ifdef USE_MACH_IPC +static void +mach_setup(void) +{ + mach_msg_type_name_t poly; + + /* + * Allocate a port set + */ + if (mach_port_allocate(mach_task_self(), + MACH_PORT_RIGHT_PORT_SET, + &port_set) != KERN_SUCCESS) { + syslog(LOG_ERR, "Allocation of port set failed"); + fail_exit(); + } + + /* + * Allocate a signal reflection port + */ + if (mach_port_allocate(mach_task_self(), + MACH_PORT_RIGHT_RECEIVE, + &signal_port) != KERN_SUCCESS || + mach_port_move_member(mach_task_self(), + signal_port, + port_set) != KERN_SUCCESS) { + syslog(LOG_ERR, "Allocation of signal port failed"); + fail_exit(); + } + + /* + *Allocate a trigger port + */ + if (mach_port_allocate(mach_task_self(), + MACH_PORT_RIGHT_RECEIVE, + &control_port) != KERN_SUCCESS || + mach_port_move_member(mach_task_self(), + control_port, + port_set) != KERN_SUCCESS) { + syslog(LOG_ERR, "Allocation of trigger port failed"); + fail_exit(); + } + /* create a send right on our trigger port */ + mach_port_extract_right(mach_task_self(), control_port, + MACH_MSG_TYPE_MAKE_SEND, &control_port, &poly); + + /* register the trigger port with the kernel */ + if (host_set_audit_control_port(mach_host_self(), control_port) != + KERN_SUCCESS) { + syslog(LOG_ERR, "Cannot set Mach control port"); + fail_exit(); + } + else + syslog(LOG_DEBUG, "Mach control port registered"); +} +#endif /* USE_MACH_IPC */ + static void setup(void) { @@ -828,6 +1048,10 @@ int aufd; token_t *tok; +#ifdef USE_MACH_IPC + mach_setup(); +#endif + if ((triggerfd = open(AUDIT_TRIGGER_FILE, O_RDONLY, 0)) < 0) { syslog(LOG_ERR, "Error opening trigger file"); fail_exit(); @@ -890,7 +1114,7 @@ { int ch; int debug = 0; - int rc; + int rc, logopts; while ((ch = getopt(argc, argv, "d")) != -1) { switch(ch) { @@ -907,10 +1131,14 @@ } } + logopts = LOG_CONS | LOG_PID; + if (debug != 0) + logopts |= LOG_PERROR; + #ifdef LOG_SECURITY - openlog("auditd", LOG_CONS | LOG_PID, LOG_SECURITY); + openlog("auditd", logopts, LOG_SECURITY); #else - openlog("auditd", LOG_CONS | LOG_PID, LOG_AUTH); + openlog("auditd", logopts, LOG_AUTH); #endif syslog(LOG_INFO, "starting..."); ==== //depot/projects/trustedbsd/openbsm/config/config.h.in#12 (text+ko) ==== @@ -174,6 +174,9 @@ /* Define to 1 if your <sys/time.h> declares `struct tm'. */ #undef TM_IN_SYS_TIME +/* Define if uses Mach IPC for Triggers messages */ +#undef USE_MACH_IPC + /* Version number of package */ #undef VERSION ==== //depot/projects/trustedbsd/openbsm/configure#36 (xtext) ==== @@ -1,5 +1,5 @@ #! /bin/sh -# From configure.ac P4: //depot/projects/trustedbsd/openbsm/configure.ac#37 . +# From configure.ac P4: //depot/projects/trustedbsd/openbsm/configure.ac#38 . # Guess values for system-dependent variables and create Makefiles. # Generated by GNU Autoconf 2.61 for OpenBSM 1.1alpha1. # @@ -812,6 +812,7 @@ MAINTAINER_MODE_TRUE MAINTAINER_MODE_FALSE MAINT +MIG CC CFLAGS LDFLAGS @@ -830,7 +831,6 @@ host_cpu host_vendor host_os -SED GREP EGREP LN_S @@ -880,6 +880,8 @@ LIBOBJS HAVE_AUDIT_SYSCALLS_TRUE HAVE_AUDIT_SYSCALLS_FALSE +USE_MACH_IPC_TRUE +USE_MACH_IPC_FALSE LTLIBOBJS' ac_subst_files='' ac_precious_vars='build_alias @@ -2001,6 +2003,52 @@ +for ac_prog in mig +do + # Extract the first word of "$ac_prog", so it can be a program name with args. +set dummy $ac_prog; ac_word=$2 +{ echo "$as_me:$LINENO: checking for $ac_word" >&5 +echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } +if test "${ac_cv_path_MIG+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + case $MIG in + [\\/]* | ?:[\\/]*) + ac_cv_path_MIG="$MIG" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_path_MIG="$as_dir/$ac_word$ac_exec_ext" + echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done +done +IFS=$as_save_IFS + + ;; +esac +fi +MIG=$ac_cv_path_MIG +if test -n "$MIG"; then + { echo "$as_me:$LINENO: result: $MIG" >&5 +echo "${ECHO_T}$MIG" >&6; } +else + { echo "$as_me:$LINENO: result: no" >&5 +echo "${ECHO_T}no" >&6; } +fi + + + test -n "$MIG" && break +done + + # Checks for programs. ac_ext=c ac_cpp='$CPP $CPPFLAGS' @@ -3170,13 +3218,12 @@ test -z "$as_dir" && as_dir=. for lt_ac_prog in sed gsed; do for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$lt_ac_prog$ac_exec_ext" && $as_test_x "$as_dir/$lt_ac_prog$ac_exec_ext"; }; then + if $as_executable_p "$as_dir/$lt_ac_prog$ac_exec_ext"; then lt_ac_sed_list="$lt_ac_sed_list $as_dir/$lt_ac_prog$ac_exec_ext" fi done done done -IFS=$as_save_IFS lt_ac_max=0 lt_ac_count=0 # Add /usr/xpg4/bin/sed as it is typically found on Solaris @@ -3211,7 +3258,6 @@ fi SED=$lt_cv_path_SED - { echo "$as_me:$LINENO: result: $SED" >&5 echo "${ECHO_T}$SED" >&6; } @@ -3573,8 +3619,8 @@ echo "${ECHO_T}no, using $LN_S" >&6; } fi -{ echo "$as_me:$LINENO: checking how to recognize dependent libraries" >&5 -echo $ECHO_N "checking how to recognize dependent libraries... $ECHO_C" >&6; } +{ echo "$as_me:$LINENO: checking how to recognise dependent libraries" >&5 +echo $ECHO_N "checking how to recognise dependent libraries... $ECHO_C" >&6; } if test "${lt_cv_deplibs_check_method+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else @@ -3615,22 +3661,16 @@ mingw* | pw32*) # Base MSYS/MinGW do not provide the 'file' command needed by - # func_win32_libid shell function, so use a weaker test based on 'objdump', - # unless we find 'file', for example because we are cross-compiling. - if ( file / ) >/dev/null 2>&1; then - lt_cv_deplibs_check_method='file_magic ^x86 archive import|^x86 DLL' - lt_cv_file_magic_cmd='func_win32_libid' - else - lt_cv_deplibs_check_method='file_magic file format pei*-i386(.*architecture: i386)?' - lt_cv_file_magic_cmd='$OBJDUMP -f' - fi + # func_win32_libid shell function, so use a weaker test based on 'objdump'. + lt_cv_deplibs_check_method='file_magic file format pei*-i386(.*architecture: i386)?' + lt_cv_file_magic_cmd='$OBJDUMP -f' ;; darwin* | rhapsody*) lt_cv_deplibs_check_method=pass_all ;; -freebsd* | dragonfly*) +freebsd* | kfreebsd*-gnu | dragonfly*) if echo __ELF__ | $CC -E - | grep __ELF__ > /dev/null; then case $host_cpu in i*86 ) @@ -3668,7 +3708,7 @@ esac ;; -interix[3-9]*) +interix3*) # PIC code is broken on Interix 3.x, that's why |\.a not |_pic\.a here lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so|\.a)$' ;; @@ -3684,7 +3724,7 @@ ;; # This must be Linux ELF. -linux* | k*bsd*-gnu) +linux*) lt_cv_deplibs_check_method=pass_all ;; @@ -3718,10 +3758,6 @@ lt_cv_deplibs_check_method=pass_all ;; -rdos*) - lt_cv_deplibs_check_method=pass_all - ;; - solaris*) lt_cv_deplibs_check_method=pass_all ;; @@ -3809,7 +3845,7 @@ ;; *-*-irix6*) # Find out which ABI we are using. - echo '#line 3812 "configure"' > conftest.$ac_ext + echo '#line 3848 "configure"' > conftest.$ac_ext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? @@ -3844,8 +3880,7 @@ rm -rf conftest* ;; -x86_64-*kfreebsd*-gnu|x86_64-*linux*|ppc*-*linux*|powerpc*-*linux*| \ -s390*-*linux*|sparc*-*linux*) +x86_64-*linux*|ppc*-*linux*|powerpc*-*linux*|s390*-*linux*|sparc*-*linux*) # Find out which ABI we are using. echo 'int i;' > conftest.$ac_ext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 >>> TRUNCATED FOR MAIL (1000 lines) <<<
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200806201503.m5KF3ub6027158>