Date: Sun, 19 Jun 2005 13:49:30 GMT From: Wayne Salamon <wsalamon@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 78719 for review Message-ID: <200506191349.j5JDnU0Y039017@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=78719 Change 78719 by wsalamon@rickenbacker on 2005/06/19 13:48:50 Update auditd and audit command to use the new triggering facility in auditon() syscall. Affected files ... .. //depot/projects/trustedbsd/audit3/contrib/audit_supt/audit/audit.c#5 edit .. //depot/projects/trustedbsd/audit3/contrib/audit_supt/auditd/auditd.c#11 edit Differences ... ==== //depot/projects/trustedbsd/audit3/contrib/audit_supt/audit/audit.c#5 (text+ko) ==== @@ -6,13 +6,16 @@ * */ +#include <sys/queue.h> +#include <sys/types.h> +#include <sys/uio.h> + +#include <bsm/audit.h> + #include <fcntl.h> +#include <stdio.h> #include <stdlib.h> -#include <stdio.h> #include <unistd.h> -#include <bsm/audit.h> -#include <sys/types.h> -#include <sys/uio.h> void usage() { @@ -35,15 +38,15 @@ switch(ch) { case 'n': - trigger = AUDITD_TRIGGER_OPEN_NEW; + trigger = AUDIT_TRIGGER_OPEN_NEW; break; case 's': - trigger = AUDITD_TRIGGER_READ_FILE; + trigger = AUDIT_TRIGGER_READ_FILE; break; case 't': - trigger = AUDITD_TRIGGER_CLOSE_AND_DIE; + trigger = AUDIT_TRIGGER_CLOSE_AND_DIE; break; case '?': @@ -52,7 +55,7 @@ break; } } - if (auditctl(AC_SENDTRIGGER, &trigger, sizeof(trigger)) < 0) { + if (auditon(A_SENDTRIGGER, &trigger, sizeof(trigger)) < 0) { perror("Error sending trigger"); exit(-1); } else { ==== //depot/projects/trustedbsd/audit3/contrib/audit_supt/auditd/auditd.c#11 (text+ko) ==== @@ -29,19 +29,19 @@ #include <sys/types.h> #include <sys/wait.h> +#include <bsm/audit.h> +#include <bsm/audit_uevents.h> +#include <bsm/libbsm.h> + +#include <errno.h> #include <fcntl.h> -#include <time.h> #include <stdio.h> #include <stdlib.h> +#include <time.h> #include <unistd.h> -#include <errno.h> -#include <syslog.h> #include <signal.h> #include <string.h> - -#include <bsm/audit.h> -#include <bsm/audit_uevents.h> -#include <bsm/libbsm.h> +#include <syslog.h> #include "auditd.h" #define NA_EVENT_STR_SIZE 25 @@ -186,7 +186,7 @@ if (open(fn, O_RDONLY | O_CREAT, S_IRUSR | S_IRGRP) < 0) { perror("File open"); } - else if (auditctl(AC_SETLOGFILE, &fn, sizeof(fn)) != 0) { + else if (auditctl(fn) != 0) { syslog(LOG_ERR, "auditctl failed setting log file! : %s\n", strerror(errno)); @@ -288,6 +288,7 @@ char TS[POSTFIX_LEN]; int aufd; token_t *tok; + long cond; /* Generate an audit record */ if((aufd = au_open()) == -1) { @@ -304,9 +305,10 @@ } /* flush contents */ - err_ret = auditctl(AC_SHUTDOWN, NULL, 0); + cond = AUC_DISABLED; + err_ret = auditon(A_SETCOND, &cond, sizeof(cond)); if (err_ret != 0) { - syslog(LOG_ERR, "auditctl failed! : %s\n", + syslog(LOG_ERR, "Disabling audit failed! : %s\n", strerror(errno)); err_ret = 1; }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200506191349.j5JDnU0Y039017>