Date: Tue, 18 Apr 2006 04:44:23 GMT From: "Christian S.J. Peron" <csjp@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 95476 for review Message-ID: <200604180444.k3I4iNNS029684@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=95476 Change 95476 by csjp@csjp_xor on 2006/04/18 04:43:39 - Add to the openbsm programming API and introduce the audit_submit(3) in raw form. This is the first stab at things, so it's possible that things might change from here. - A sample implementation might be as follows: int audit_bad_su(char *from_login, char *to_login) { int error; error = audit_submit(AUE_su, getuid(), 1, EPERM, "bad su from %s to %s", from_login, to_login); return (error); } Will generate the followng audit record: header,94,1,su(1),0,Mon Apr 17 23:23:59 2006, + 271 msec subject,root,root,wheel,root,wheel,652,652,0,0.0.0.0 text,bad su from from csjp to root return,failure : Operation not permitted,1 trailer,94 This function will be very useful for the on-going userspace integration of the audit code, and hopefully this little helper function can be used to prevent a lot of code replication. Discussed with: rwatson, wsalamon Affected files ... .. //depot/projects/trustedbsd/openbsm/bsm/libbsm.h#19 edit .. //depot/projects/trustedbsd/openbsm/libbsm/audit_submit.3#1 add .. //depot/projects/trustedbsd/openbsm/libbsm/bsm_wrappers.c#21 edit Differences ... ==== //depot/projects/trustedbsd/openbsm/bsm/libbsm.h#19 (text+ko) ==== @@ -26,7 +26,7 @@ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/bsm/libbsm.h#18 $ + * $P4: //depot/projects/trustedbsd/openbsm/bsm/libbsm.h#19 $ */ #ifndef _LIBBSM_H_ @@ -695,6 +695,9 @@ typedef struct tokenstr tokenstr_t; +int audit_submit(short au_event, au_id_t au_ctx, + char status, int reterr, const char *fmt, ...); + /* * Functions relating to querying audit class information. */ ==== //depot/projects/trustedbsd/openbsm/libbsm/bsm_wrappers.c#21 (text+ko) ==== @@ -26,7 +26,7 @@ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_wrappers.c#20 $ + * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_wrappers.c#21 $ */ #ifdef __APPLE__ @@ -46,6 +46,7 @@ #include <unistd.h> #include <syslog.h> +#include <stdarg.h> #include <string.h> #include <errno.h> @@ -53,6 +54,110 @@ int audit_set_terminal_port(dev_t *p); int audit_set_terminal_host(uint32_t *m); +/* + * General purpose audit submission mechanism for userspace. + */ +int +audit_submit(short au_event, au_id_t au_ctx, char status, + int reterr, const char *fmt, ...) +{ + char text[MAX_AUDITSTRING_LEN]; + au_tid_t termid; + token_t *token; + long acond; + va_list ap; + pid_t pid; + int error, afd; + + if (auditon(A_GETCOND, &acond, sizeof(acond)) < 0) { + /* + * If auditon(2) returns ENOSYS, then audit has not been + * compiled into the kernel, so just return. + */ + if (errno == ENOSYS) + return (0); + error = errno; + syslog(LOG_AUTH | LOG_ERR, "audit: auditon failed: %s", + strerror(errno)); + errno = error; + return (-1); + } + if (acond == AUC_NOAUDIT) + return (0); + afd = au_open(); + if (afd < 0) { + error = errno; + syslog(LOG_AUTH | LOG_ERR, "audit: au_open failed: %s", + strerror(errno)); + errno = error; + return (-1); + } + /* XXX what should we do for termid? */ + bzero(&termid, sizeof(termid)); + pid = getpid(); + token = au_to_subject32(au_ctx, geteuid(), getegid(), + getuid(), getgid(), pid, pid, &termid); + if (token == NULL) { + syslog(LOG_AUTH | LOG_ERR, + "audit: unable to build subject token"); + (void) au_close(afd, AU_TO_NO_WRITE, au_event); + errno = EPERM; + return (-1); + } + if (au_write(afd, token) < 0) { + error = errno; + syslog(LOG_AUTH | LOG_ERR, + "audit: au_write failed: %s", strerror(errno)); + (void) au_close(afd, AU_TO_NO_WRITE, au_event); + errno = error; + return (-1); + } + if (fmt != NULL) { + va_start(ap, fmt); + (void) vsnprintf(text, MAX_AUDITSTRING_LEN, fmt, ap); + va_end(ap); + token = au_to_text(text); + if (token == NULL) { + syslog(LOG_AUTH | LOG_ERR, + "audit: failed to generate text token"); + (void) au_close(afd, AU_TO_NO_WRITE, au_event); + errno = EPERM; + return (-1); + } + if (au_write(afd, token) < 0) { + error = errno; + syslog(LOG_AUTH | LOG_ERR, + "audit: au_write failed: %s", strerror(errno)); + (void) au_close(afd, AU_TO_NO_WRITE, au_event); + errno = error; + return (-1); + } + } + token = au_to_return32(status, reterr); + if (token == NULL) { + syslog(LOG_AUTH | LOG_ERR, + "audit: enable to build return token"); + (void) au_close(afd, AU_TO_NO_WRITE, au_event); + errno = EPERM; + return (-1); + } + if (au_write(afd, token) < 0) { + error = errno; + syslog(LOG_AUTH | LOG_ERR, + "audit: au_write failed: %s", strerror(errno)); + (void) au_close(afd, AU_TO_NO_WRITE, au_event); + errno = error; + return (-1); + } + if (au_close(afd, AU_TO_WRITE, au_event) < 0) { + error = errno; + syslog(LOG_AUTH | LOG_ERR, "audit: record not committed"); + errno = error; + return (-1); + } + return (0); +} + int audit_set_terminal_port(dev_t *p) {
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200604180444.k3I4iNNS029684>