Date: Wed, 8 Feb 2006 02:58:53 GMT From: "Christian S.J. Peron" <csjp@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 91365 for review Message-ID: <200602080258.k182wr5k040255@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=91365 Change 91365 by csjp@csjp_xor on 2006/02/08 02:58:51 Add neccessary bits for OpenSSH support: - Covert the cannot_audit() macro into a function prototype - Re-arrange the ifdefs a bit in bsm_notify so the cannot_audit() can utilize the included header files, too. - make cannot_audit() a function, which will in the Apple case, wrap au_get_state, and for everything else, call auditon(2) system call. This function will log the fact that the audit status check failed, but only if ENOSYS was not returned by the system call. Reviewed by: rwatson Affected files ... .. //depot/projects/trustedbsd/openbsm/bsm/libbsm.h#16 edit .. //depot/projects/trustedbsd/openbsm/libbsm/bsm_notify.c#9 edit Differences ... ==== //depot/projects/trustedbsd/openbsm/bsm/libbsm.h#16 (text+ko) ==== @@ -26,7 +26,7 @@ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/bsm/libbsm.h#15 $ + * $P4: //depot/projects/trustedbsd/openbsm/bsm/libbsm.h#16 $ */ #ifndef _LIBBSM_H_ @@ -872,7 +872,7 @@ __END_DECLS /* OpenSSH compatibility */ -#define cannot_audit(x) (!(au_get_state() == AUC_AUDITING)) +int cannot_audit(int); __BEGIN_DECLS /* ==== //depot/projects/trustedbsd/openbsm/libbsm/bsm_notify.c#9 (text+ko) ==== @@ -26,15 +26,12 @@ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_notify.c#8 $ + * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_notify.c#9 $ */ -#ifdef __APPLE__ - /* * Based on sample code from Marc Majka. */ -#include <notify.h> #include <string.h> /* strerror() */ #include <sys/errno.h> /* errno */ #include <bsm/libbsm.h> @@ -42,6 +39,8 @@ #include <syslog.h> /* syslog() */ #include <stdarg.h> /* syslog() */ +#ifdef __APPLE__ +#include <notify.h> /* If 1, assumes a kernel that sends the right notification. */ #define AUDIT_NOTIFICATION_ENABLED 1 @@ -145,5 +144,25 @@ return (AUC_AUDITING); } } +#endif /* !__APPLE__ */ -#endif /* !__APPLE__ */ +int +cannot_audit(int val __unused) +{ +#ifdef __APPLE__ + return (!(au_get_state() == AUC_AUDITING)); +#else + unsigned long au_cond; + + if (auditon(A_GETCOND, &au_cond, sizeof(long)) < 0) { + if (errno != ENOSYS) { + syslog(LOG_ERR, "Audit status check failed (%s)", + strerror(errno)); + } + return (1); + } + if (au_cond == AUC_NOAUDIT || au_cond == AUC_DISABLED) + return (1); + return (0); +#endif /* !__APPLE__ */ +}
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200602080258.k182wr5k040255>