From owner-p4-projects@FreeBSD.ORG Sun Feb 5 19:20:19 2006 Return-Path: X-Original-To: p4-projects@freebsd.org Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 8F44216A422; Sun, 5 Feb 2006 19:20:18 +0000 (GMT) X-Original-To: perforce@freebsd.org Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 39F1516A423 for ; Sun, 5 Feb 2006 19:20:18 +0000 (GMT) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id ECE4E43D48 for ; Sun, 5 Feb 2006 19:20:17 +0000 (GMT) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.13.1/8.13.1) with ESMTP id k15JKHGt062383 for ; Sun, 5 Feb 2006 19:20:17 GMT (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.13.1/8.13.1/Submit) id k15JKHcB062380 for perforce@freebsd.org; Sun, 5 Feb 2006 19:20:17 GMT (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Date: Sun, 5 Feb 2006 19:20:17 GMT Message-Id: <200602051920.k15JKHcB062380@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to bb+lists.freebsd.perforce@cyrus.watson.org using -f From: Robert Watson To: Perforce Change Reviews Cc: Subject: PERFORCE change 91177 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 05 Feb 2006 19:20:19 -0000 http://perforce.freebsd.org/chv.cgi?CH=91177 Change 91177 by rwatson@rwatson_peppercorn on 2006/02/05 19:19:17 Support for chowning an audit trail to a specific group, if configured. Affected files ... .. //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#11 edit .. //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.h#5 edit Differences ... ==== //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#11 (text+ko) ==== @@ -30,7 +30,7 @@ * * @APPLE_BSD_LICENSE_HEADER_END@ * - * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#10 $ + * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#11 $ */ #include @@ -46,6 +46,7 @@ #include #include +#include #include #include #include @@ -171,6 +172,34 @@ } /* + * Create the new audit file with appropriate permissions and ownership. Try + * to clean up if something goes wrong. + */ +static int +#ifdef AUDIT_REVIEW_GROUP +open_trail(const char *fname, uid_t uid, gid_t gid) +#else +open_trail(const char *fname) +#endif +{ + int error, fd; + + fd = open(fname, O_RDONLY | O_CREAT, S_IRUSR | S_IRGRP); + if (fd < 0) + return (-1); +#ifdef AUDIT_REVIEW_GROUP + if (fchown(fd, uid, gid) < 0) { + error = errno; + close(fd); + (void)unlink(fname); + errno = error; + return (-1); + } +#endif + return (fd); +} + +/* * Create the new file name, swap with existing audit file. */ static int @@ -180,7 +209,12 @@ char *fn; char TS[POSTFIX_LEN]; struct dir_ent *dirent; - int fd; +#ifdef AUDIT_REVIEW_GROUP + struct group *grp; + gid_t gid; + uid_t uid; +#endif + int error, fd; if (getTSstr(TS, POSTFIX_LEN) != 0) return (-1); @@ -188,6 +222,22 @@ strcpy(timestr, TS); strcat(timestr, NOT_TERMINATED); +#ifdef AUDIT_REVIEW_GROUP + /* + * XXXRW: Currently, this code falls back to the daemon gid, which is + * likely the wheel group. Is there a better way to deal with this? + */ + grp = getgrnam(AUDIT_REVIEW_GROUP); + if (grp == NULL) { + syslog(LOG_INFO, + "Audit review group '%s' not available, using daemon gid", + AUDIT_REVIEW_GROUP); + gid = -1; + } else + gid = grp->gr_gid; + uid = getuid(); +#endif + /* Try until we succeed. */ while ((dirent = TAILQ_FIRST(&dir_q))) { if ((fn = affixdir(timestr, dirent)) == NULL) { @@ -201,20 +251,27 @@ * kernel if all went well. */ syslog(LOG_INFO, "New audit file is %s\n", fn); - fd = open(fn, O_RDONLY | O_CREAT, S_IRUSR | S_IRGRP); +#ifdef AUDIT_REVIEW_GROUP + fd = open_trail(fn, uid, gid); +#else + fd = open_trail(fn); +#endif if (fd < 0) - perror("File open"); - else if (auditctl(fn) != 0) { - syslog(LOG_ERR, - "auditctl failed setting log file! : %s\n", - strerror(errno)); - close(fd); - } else { - /* Success. */ - close_lastfile(TS); - lastfile = fn; - close(fd); - return (0); + warn("open(%s)", fn); + if (fd >= 0) { + error = auditctl(fn); + if (error) { + syslog(LOG_ERR, + "auditctl failed setting log file! : %s\n", + strerror(errno)); + close(fd); + } else { + /* Success. */ + close_lastfile(TS); + lastfile = fn; + close(fd); + return (0); + } } /* ==== //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.h#5 (text+ko) ==== @@ -30,7 +30,7 @@ * * @APPLE_BSD_LICENSE_HEADER_END@ * - * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.h#4 $ + * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.h#5 $ */ #ifndef _AUDITD_H_ @@ -43,6 +43,13 @@ #define MAX_DIR_SIZE 255 #define AUDITD_NAME "auditd" +/* + * If defined, then the audit daemon will attempt to chown newly created logs + * to this group. Otherwise, they will be the default for the user running + * auditd, likely the audit group. + */ +#define AUDIT_REVIEW_GROUP "audit" + #define POSTFIX_LEN 16 #define NOT_TERMINATED ".not_terminated"