Date: Wed, 14 Jan 2009 02:03:00 GMT From: Stacey Son <sson@FreeBSD.org> To: Perforce Change Reviews <perforce@FreeBSD.org> Subject: PERFORCE change 156129 for review Message-ID: <200901140203.n0E230Rc050401@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=156129 Change 156129 by sson@sson_amd64 on 2009/01/14 02:02:06 Append the hostname to the audit trail filename if the "host" field is set in audit_control(5). Affected files ... .. //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#42 edit .. //depot/projects/trustedbsd/openbsm/libauditd/auditd_lib.c#3 edit .. //depot/projects/trustedbsd/openbsm/libbsm/bsm_control.c#25 edit Differences ... ==== //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#42 (text+ko) ==== @@ -26,7 +26,7 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#41 $ + * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#42 $ */ #include <sys/types.h> @@ -166,7 +166,7 @@ /* Rename the last file -- append timestamp. */ if ((ptr = strstr(lastfile, NOT_TERMINATED)) != NULL) { - strlcpy(ptr, TS, TIMESTAMP_LEN); + memcpy(ptr, TS, POSTFIX_LEN); if (rename(oldname, lastfile) != 0) auditd_log_err( "Could not rename %s to %s: %m", oldname, ==== //depot/projects/trustedbsd/openbsm/libauditd/auditd_lib.c#3 (text+ko) ==== @@ -26,7 +26,7 @@ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/libauditd/auditd_lib.c#2 $ + * $P4: //depot/projects/trustedbsd/openbsm/libauditd/auditd_lib.c#3 $ */ #include <sys/param.h> @@ -85,7 +85,10 @@ }; static TAILQ_HEAD(, dir_ent) dir_q; -static int minval = -1; +static int auditd_minval = -1; + +static char auditd_host[MAXHOSTNAMELEN]; +static int auditd_hostlen = -1; static char *auditd_errmsg[] = { "no error", /* ADE_NOERR ( 0) */ @@ -165,7 +168,13 @@ return (NULL); } - asprintf(&fn, "%s/%s", dirent->dirname, name); + /* + * If the host is set then also add the hostname to the filename. + */ + if (auditd_hostlen != -1) + asprintf(&fn, "%s/%s.%s", dirent->dirname, name, auditd_host); + else + asprintf(&fn, "%s/%s", dirent->dirname, name); return (fn); } @@ -204,16 +213,14 @@ int auditd_set_host(void) { - char hoststr[MAXHOSTNAMELEN]; struct sockaddr_in6 *sin6; struct sockaddr_in *sin; struct addrinfo *res; struct auditinfo_addr aia; int error, ret = ADE_NOERR; - if (getachost(hoststr, MAXHOSTNAMELEN) != 0) { - - ret = ADE_PARSE; + if (getachost(auditd_host, sizeof(auditd_host)) != 0) { + ret = ADE_PARSE; /* * To maintain reverse compatability with older audit_control @@ -229,7 +236,8 @@ ret = ADE_AUDITON; return (ret); } - error = getaddrinfo(hoststr, NULL, NULL, &res); + auditd_hostlen = strlen(auditd_host); + error = getaddrinfo(auditd_host, NULL, NULL, &res); if (error) return (ADE_GETADDR); switch (res->ai_family) { @@ -271,14 +279,14 @@ { au_qctrl_t qctrl; - if (getacmin(&minval) != 0) + if (getacmin(&auditd_minval) != 0) return (ADE_PARSE); if (auditon(A_GETQCTRL, &qctrl, sizeof(qctrl)) != 0) return (ADE_AUDITON); - if (qctrl.aq_minfree != minval) { - qctrl.aq_minfree = minval; + if (qctrl.aq_minfree != auditd_minval) { + qctrl.aq_minfree = auditd_minval; if (auditon(A_SETQCTRL, &qctrl, sizeof(qctrl)) != 0) return (ADE_AUDITON); } @@ -288,8 +296,8 @@ /* * Parses the "dir" entry in audit_control(5) into an ordered list. Also, will - * set the minfree value if not already set. Arguments include function - * pointers to audit_warn functions for soft and hard limits. Returns: + * set the minfree and host values if not already set. Arguments include + * function pointers to audit_warn functions for soft and hard limits. Returns: * ADE_NOERR on success, * ADE_PARSE error parsing audit_control(5), * ADE_AUDITON error getting/setting auditon(2) value, @@ -309,9 +317,12 @@ int scnt = 0; int hcnt = 0; - if (minval == -1 && (err = auditd_set_minfree()) != 0) + if (auditd_minval == -1 && (err = auditd_set_minfree()) != 0) return (err); + if (auditd_hostlen == -1) + auditd_set_host(); + /* * Init directory q. Force a re-read of the file the next time. */ @@ -329,7 +340,8 @@ while (getacdir(cur_dir, MAXNAMLEN) >= 0) { if (statfs(cur_dir, &sfs) < 0) continue; /* XXX should warn */ - soft = (sfs.f_bfree < (sfs.f_blocks / (100 / minval))) ? 1 : 0; + soft = (sfs.f_bfree < (sfs.f_blocks / (100 / auditd_minval))) ? + 1 : 0; hard = (sfs.f_bfree < AUDIT_HARD_LIMIT_FREE_BLOCKS) ? 1 : 0; if (soft) { if (warn_soft) @@ -367,7 +379,8 @@ auditd_close_dirs(void) { free_dir_q(); - minval = -1; + auditd_minval = -1; + auditd_hostlen = -1; } @@ -713,7 +726,7 @@ strlcpy(newname, recoveredname, MAXPATHLEN); if ((ptr = strstr(newname, NOT_TERMINATED)) != NULL) { - strlcpy(ptr, CRASH_RECOVERY, TIMESTAMP_LEN); + memcpy(ptr, CRASH_RECOVERY, POSTFIX_LEN); if (rename(recoveredname, newname) != 0) return (ADE_RENAME); } else @@ -750,9 +763,10 @@ audit_quick_start(void) { int err; - char *newfile; + char *newfile = NULL; time_t tt; char TS[TIMESTAMP_LEN]; + int ret = 0; /* * Mask auditing of this process. @@ -773,20 +787,26 @@ if (getTSstr(tt, TS, TIMESTAMP_LEN) != 0) return (-1); err = auditd_swap_trail(TS, &newfile, getgid(), NULL); - if (err != ADE_NOERR && err != ADE_ACTL) - return (-1); + if (err != ADE_NOERR && err != ADE_ACTL) { + ret = -1; + goto out; + } /* * Add the current symlink and recover from crash, if needed. */ - if (auditd_new_curlink(newfile) != 0) - return(-1); + if (auditd_new_curlink(newfile) != 0) { + ret = -1; + goto out; + } /* * At this point auditing has started so generate audit start-up record. */ - if (auditd_gen_record(AUE_audit_startup, NULL) != 0) - return (-1); + if (auditd_gen_record(AUE_audit_startup, NULL) != 0) { + ret = -1; + goto out; + } /* * Configure the audit controls. @@ -798,7 +818,11 @@ (void) auditd_set_minfree(); (void) auditd_set_host(); - return (0); +out: + if (newfile != NULL) + free(newfile); + + return (ret); } /* @@ -855,7 +879,7 @@ strlcpy(newname, oldname, len); if ((ptr = strstr(newname, NOT_TERMINATED)) != NULL) { - strlcpy(ptr, TS, TIMESTAMP_LEN); + memcpy(ptr, TS, POSTFIX_LEN); if (rename(oldname, newname) != 0) return (-1); } else ==== //depot/projects/trustedbsd/openbsm/libbsm/bsm_control.c#25 (text+ko) ==== @@ -27,7 +27,7 @@ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_control.c#24 $ + * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_control.c#25 $ */ #include <config/config.h> @@ -619,7 +619,7 @@ #endif return (-3); } - strcpy(auditstr, str); + strlcpy(auditstr, str, len); #ifdef HAVE_PTHREAD_MUTEX_LOCK pthread_mutex_unlock(&mutex); #endif
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200901140203.n0E230Rc050401>