From owner-p4-projects@FreeBSD.ORG Sat Apr 4 21:22:57 2009 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 484A71065673; Sat, 4 Apr 2009 21:22:57 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id F413D106564A for ; Sat, 4 Apr 2009 21:22:56 +0000 (UTC) (envelope-from csjp@freebsd.org) Received: from repoman.freebsd.org (repoman.freebsd.org [IPv6:2001:4f8:fff6::29]) by mx1.freebsd.org (Postfix) with ESMTP id E111B8FC0A for ; Sat, 4 Apr 2009 21:22:56 +0000 (UTC) (envelope-from csjp@freebsd.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.14.3/8.14.3) with ESMTP id n34LMuSN029650 for ; Sat, 4 Apr 2009 21:22:56 GMT (envelope-from csjp@freebsd.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.14.3/8.14.3/Submit) id n34LMuc6029648 for perforce@freebsd.org; Sat, 4 Apr 2009 21:22:56 GMT (envelope-from csjp@freebsd.org) Date: Sat, 4 Apr 2009 21:22:56 GMT Message-Id: <200904042122.n34LMuc6029648@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to csjp@freebsd.org using -f From: "Christian S.J. Peron" To: Perforce Change Reviews Cc: Subject: PERFORCE change 160214 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 04 Apr 2009 21:22:58 -0000 http://perforce.freebsd.org/chv.cgi?CH=160214 Change 160214 by csjp@hvm02 on 2009/04/04 21:22:55 Further refine example: - Make the example return void and in the case of failure, exit. This should re-enforce to users that audit errors should be fatal. - Add a return value section - Show users how to handle ENOSYS on older kernels Affected files ... .. //depot/projects/trustedbsd/openbsm/libbsm/audit_submit.3#17 edit Differences ... ==== //depot/projects/trustedbsd/openbsm/libbsm/audit_submit.3#17 (text+ko) ==== @@ -27,7 +27,7 @@ .\" IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE .\" POSSIBILITY OF SUCH DAMAGE. .\" -.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/audit_submit.3#16 $ +.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/audit_submit.3#17 $ .\" .Dd January 18, 2008 .Dt audit_submit 3 @@ -98,17 +98,28 @@ #include #include -int +void audit_bad_su(char *from_login, char *to_login) { struct auditinfo_addr aia; + struct auditinfo ai; + au_id_t aid; int error; - if (getaudit_addr(&aia, sizeof(aia) < 0) + error = getaudit_addr(&aia, sizeof(aia)); + if (error < 0 && errno == ENOSYS) { + error = getaudit(&ai); + if (error < 0) + err(1, "getaudit"); + aid = ai.ai_auid; + } else if (error < 0) err(1, "getaudit_addr"); - error = audit_submit(AUE_su, aia.ai_auid, EPERM, 1, + else + aid = aia.ai_auid; + error = audit_submit(AUE_su, aid, EPERM, 1, "bad su from %s to %s", from_login, to_login); - return (error); + if (error != 0) + err(1, "audit_submit"); } .Ed .Pp @@ -120,6 +131,13 @@ return,failure : Operation not permitted,1 trailer,94 .Ed +.Sh RETURN VALUES +If successful, +.Nm +will return zero. +Otherwise a -1 is returned and the global variable +.Va errno +is set to indicate the error. .Sh SEE ALSO .Xr auditon 2 , .Xr getaudit 2 ,