Date: Tue, 25 Apr 2006 01:10:47 GMT From: "Christian S.J. Peron" <csjp@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 96045 for review Message-ID: <200604250110.k3P1AlnH070726@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=96045 Change 96045 by csjp@csjp_xor on 2006/04/25 01:10:40 Switch to use openbsm's audit_submit(3) instead of rolling our own. - Remove enums for audit success and failure - drop audit_su - drop prototype for audit_su Affected files ... .. //depot/projects/trustedbsd/audit3/usr.bin/su/su.c#14 edit Differences ... ==== //depot/projects/trustedbsd/audit3/usr.bin/su/su.c#14 (text+ko) ==== @@ -137,7 +137,6 @@ } while (0) enum tristate { UNSET, YES, NO }; -enum auditevents { AUDIT_SU_FAILURE, AUDIT_SU_SUCCESS }; static pam_handle_t *pamh = NULL; static char **environ_pam; @@ -147,9 +146,6 @@ static void usage(void) __dead2; static void export_pam_environment(void); static int ok_to_export(const char *); -#ifdef USE_BSM_AUDIT -static void audit_su(au_id_t, int, const char *, ...); -#endif extern char **environ; @@ -224,7 +220,9 @@ if (strlen(user) > MAXLOGNAME - 1) { #ifdef USE_BSM_AUDIT - audit_su(getuid(), AUDIT_SU_FAILURE, "username too long"); + if (audit_submit(AUE_su, getuid(), + 1, EPERM, "username too long")) + errx(1, "Permission denied"); #endif errx(1, "username too long"); } @@ -257,8 +255,9 @@ pwd = getpwuid(ruid); if (pwd == NULL) { #ifdef USE_BSM_AUDIT - audit_su(getuid(), AUDIT_SU_FAILURE, - "unable to determain invoking subject"); + if (audit_submit(AUE_su, getuid(), 1, EPERM, + "unable to determain invoking subject")) + errx(1, "Permission denied"); #endif errx(1, "who are you?"); } @@ -298,15 +297,17 @@ retcode = pam_authenticate(pamh, 0); if (retcode != PAM_SUCCESS) { #ifdef USE_BSM_AUDIT - audit_su(ruid, AUDIT_SU_FAILURE, "bad su %s to %s on %s", - username, user, mytty); + if (audit_submit(AUE_su, ruid, 1, EPERM, "bad su %s to %s on %s", + username, user, mytty)) + errx(1, "Permission denied"); #endif syslog(LOG_AUTH|LOG_WARNING, "BAD SU %s to %s on %s", username, user, mytty); errx(1, "Sorry"); } #ifdef USE_BSM_AUDIT - audit_su(ruid, AUDIT_SU_SUCCESS, "successful authentication"); + if (audit_submit(AUE_su, ruid, 0, 0, "successful authentication")) + errx(1, "Permission denied"); #endif retcode = pam_get_item(pamh, PAM_USER, (const void **)&p); if (retcode == PAM_SUCCESS) @@ -317,8 +318,9 @@ pwd = getpwnam(user); if (pwd == NULL) { #ifdef USE_BSM_AUDIT - audit_su(getuid(), AUDIT_SU_FAILURE, - "unknown subject: %s", user); + if (audit_submit(AUE_su, getuid(), 1, EPERM, + "unknown subject: %s", user)) + errx(1, "Permission denied"); #endif errx(1, "unknown login: %s", user); } @@ -329,9 +331,10 @@ PAM_CHANGE_EXPIRED_AUTHTOK); if (retcode != PAM_SUCCESS) { #ifdef USE_BSM_AUDIT - audit_su(getuid(), AUDIT_SU_FAILURE, + if (audit_submit(AUE_su, getuid(), 1, EPERM, "pam_chauthtok: %s", - pam_strerror(pamh, retcode)); + pam_strerror(pamh, retcode))) + errx(1, "Permission denied"); #endif syslog(LOG_ERR, "pam_chauthtok: %s", pam_strerror(pamh, retcode)); @@ -340,8 +343,9 @@ } if (retcode != PAM_SUCCESS) { #ifdef USE_BSM_AUDIT - audit_su(getuid(), AUDIT_SU_FAILURE, "pam_acct_mgmt: %s", - pam_strerror(pamh, retcode)); + if (audit_submit(AUE_su, getuid(), 1, EPERM, "pam_acct_mgmt: %s", + pam_strerror(pamh, retcode))) + errx(1, "Permission denied"); #endif syslog(LOG_ERR, "pam_acct_mgmt: %s", pam_strerror(pamh, retcode)); @@ -354,8 +358,9 @@ else { if (ruid != 0) { #ifdef USE_BSM_AUDIT - audit_su(getuid(), AUDIT_SU_FAILURE, - "only root may use -c"); + if (audit_submit(AUE_su, getuid(), 1, EPERM, + "only root may use -c")) + errx(1, "Permission denied"); #endif errx(1, "only root may use -c"); } @@ -632,90 +637,3 @@ snprintf(buf, sizeof(buf), " on %s", p); return buf; } - -#ifdef USE_BSM_AUDIT -static void -audit_su(au_id_t au_ctx, int what, const char *fmt, ...) -{ - token_t *token; - long acond; - int afd; - au_tid_t termid; - pid_t pid; - char text[1024]; - va_list ap; - - if (auditon(A_GETCOND, &acond, sizeof(long)) < 0) { - /* - * If auditon(2) returns ENOSYS, then audit has not been - * compiled into the kernel, so just return. - */ - if (errno == ENOSYS) - return; - syslog(LOG_AUTH | LOG_ERR, "audit: auditon failed: %s", - strerror(errno)); - errx(1, "Permission denied"); - } - if (acond == AUC_NOAUDIT) - return; - afd = au_open(); - if (afd < 0) { - syslog(LOG_AUTH | LOG_ERR, "audit: au_open failed: %s", - strerror(errno)); - errx(1, "Permission denied"); - } - /* XXX what should we do for termid? */ - bzero(&termid, sizeof(termid)); - pid = getpid(); - token = au_to_subject32(au_ctx, geteuid(), getegid(), - getuid(), getgid(), pid, pid, &termid); - if (token == NULL) { - syslog(LOG_AUTH | LOG_ERR, - "audit: unable to build subject token"); - errx(1, "Permission denied"); - } - if (au_write(afd, token) < 0) { - syslog(LOG_AUTH | LOG_ERR, - "audit: au_write failed: %s", strerror(errno)); - errx(1, "Permission denied"); - } - if (fmt != NULL) { - va_start(ap, fmt); - (void) vsnprintf(&text[0], sizeof(text) - 1, fmt, ap); - va_end(ap); - token = au_to_text(&text[0]); - if (token == NULL) { - syslog(LOG_AUTH | LOG_ERR, - "audit: failed to generate text token"); - errx(1, "Permission denied"); - } - if (au_write(afd, token) < 0) { - syslog(LOG_AUTH | LOG_ERR, - "audit: au_write failed: %s", strerror(errno)); - errx(1, "Permission denied"); - } - } - switch (what) { - case AUDIT_SU_FAILURE: - token = au_to_return32(1, EPERM); - break; - case AUDIT_SU_SUCCESS: - token = au_to_return32(0, 0); - break; - } - if (token == NULL) { - syslog(LOG_AUTH | LOG_ERR, - "audit: enable to build return token"); - errx(1, "Permission denied"); - } - if (au_write(afd, token) < 0) { - syslog(LOG_AUTH | LOG_ERR, - "audit: au_write failed: %s", strerror(errno)); - errx(1, "Permission denied"); - } - if (au_close(afd, 1, AUE_su) < 0) { - syslog(LOG_AUTH | LOG_ERR, "audit: record not committed"); - errx(1, "Permission denied"); - } -} -#endif
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200604250110.k3P1AlnH070726>