/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
*/
/*
* auditconfig - set and display audit parameters
*/
#include <locale.h>
#include <ctype.h>
#include <stdlib.h>
#include <stdarg.h>
#include <unistd.h>
#include <errno.h>
#include <stdio.h>
#include <string.h>
#include <strings.h>
#include <nlist.h>
#include <fcntl.h>
#include <netdb.h>
#include <pwd.h>
#include <libintl.h>
#include <zone.h>
#include <libscf_priv.h>
#include <audit_policy.h>
#include <audit_scf.h>
enum commands {
};
#define AC_KERN_EVENT 0
/*
* remove this after the audit.h is fixed
*/
struct arg_entry {
char *arg_str;
char *arg_opts;
};
/* arg_table - command option and usage message table */
{ "-setaudit", " auid audit_flags termid asid [cmd]",
{ "-setplugin", " name active|inactive [attributes [qsize]]",
{ "-setqctrl", " hiwater lowater bufsz delay",
};
/*
*/
static char *cond2str(void);
static int strisipaddr(char *s);
static int strisnum(char *s);
static void chk_known_plugin(char *plugin_str);
static void chk_retval(char *retval_str);
static void do_aconf(void);
static void do_audit(char *, char, int, char *);
static void do_chkaconf(void);
static void do_chkconf(void);
static void do_conf(void);
static void do_getasid(void);
static void do_getaudit(void);
static void do_getkaudit(void);
static void do_setkaudit(char *t, char *s);
static void do_getauid(void);
static void do_getcar(void);
static void do_getclass(char *event_str);
static void do_getcond(void);
static void do_getcwd(void);
static void do_getflags(void);
static void do_getkmask(void);
static void do_getnaflags(void);
static void do_getpinfo(char *pid_str);
static void do_getplugin(char *plugin_str);
static void do_getpolicy(void);
static void do_getqbufsz(void);
static void do_getqctrl(void);
static void do_getqdelay(void);
static void do_getqhiwater(void);
static void do_getqlowater(void);
static void do_getstat(void);
static void do_gettermid(void);
static void do_lsevent(void);
static void do_lspolicy(void);
char *plugin_attr, int plugin_qsize);
static void do_setpolicy(char *policy_str);
static void do_setqbufsz(char *bufsz);
static void do_setqdelay(char *delay);
static void do_setqhiwater(char *hiwater);
static void do_setqlowater(char *lowater);
static void do_setstat(void);
static void exit_error(char *fmt, ...);
static void exit_usage(int status);
#if !defined(TEXT_DOMAIN)
#endif
int
{
(void) textdomain(TEXT_DOMAIN);
if (argc == 1) {
exit_usage(0);
}
if (argc == 2 &&
exit_usage(0);
}
return (0);
}
/*
* parse_args()
* Desc: Checks command line argument syntax.
* Inputs: Command line argv;
* Returns: If a syntax error is detected, a usage message is printed
* and exit() is called. If a syntax error is not detected,
* parse_args() returns without a value.
*/
static void
{
exit_usage(1);
}
switch (ae->auditconfig_cmd) {
case AC_ARG_AUDIT:
++argv;
if (!*argv)
exit_usage(1);
} else {
}
++argv;
if (!*argv)
exit_usage(1);
++argv;
if (!*argv)
exit_usage(1);
chk_retval(*argv);
++argv;
if (!*argv)
exit_usage(1);
break;
case AC_ARG_CHKCONF:
case AC_ARG_CONF:
case AC_ARG_ACONF:
case AC_ARG_CHKACONF:
case AC_ARG_GETASID:
case AC_ARG_GETAUID:
case AC_ARG_GETAUDIT:
case AC_ARG_GETKAUDIT:
break;
case AC_ARG_GETCLASS:
case AC_ARG_GETESTATE:
++argv;
if (!*argv)
exit_usage(1);
} else {
}
break;
case AC_ARG_GETCAR:
case AC_ARG_GETCOND:
case AC_ARG_GETCWD:
case AC_ARG_GETFLAGS:
case AC_ARG_GETKMASK:
case AC_ARG_GETNAFLAGS:
break;
case AC_ARG_GETPLUGIN:
--argv;
break;
}
--argv;
} else {
}
break;
case AC_ARG_GETPOLICY:
case AC_ARG_GETQBUFSZ:
case AC_ARG_GETQCTRL:
case AC_ARG_GETQDELAY:
case AC_ARG_GETQHIWATER:
case AC_ARG_GETQLOWATER:
case AC_ARG_GETSTAT:
case AC_ARG_GETTERMID:
case AC_ARG_LSEVENT:
case AC_ARG_LSPOLICY:
break;
case AC_ARG_SETASID:
case AC_ARG_SETAUID:
case AC_ARG_SETAUDIT:
++argv;
if (!*argv)
exit_usage(1);
while (*argv)
++argv;
--argv;
break;
case AC_ARG_SETKAUDIT:
++argv;
if (!*argv)
exit_usage(1);
"Invalid IP address type specified."));
++argv;
if (!*argv)
exit_usage(1);
gettext("Invalid IP address specified."));
break;
case AC_ARG_SETCLASS:
++argv;
if (!*argv)
exit_usage(1);
else
++argv;
if (!*argv)
exit_usage(1);
break;
case AC_ARG_SETFLAGS:
++argv;
if (!*argv)
exit_usage(1);
break;
case AC_ARG_SETKMASK:
++argv;
if (!*argv)
exit_usage(1);
break;
case AC_ARG_SETNAFLAGS:
++argv;
if (!*argv)
exit_usage(1);
break;
case AC_ARG_SETPLUGIN:
exit_usage(1);
}
exit_usage(1);
}
--argv;
break;
}
--argv;
break;
}
"(%s)."), *argv);
}
break;
case AC_ARG_SETPOLICY:
++argv;
if (!*argv)
exit_usage(1);
break;
case AC_ARG_SETSTAT:
break;
case AC_ARG_GETPINFO:
++argv;
if (!*argv)
exit_usage(1);
break;
case AC_ARG_SETPMASK:
++argv;
if (!*argv)
exit_usage(1);
++argv;
if (!*argv)
exit_usage(1);
break;
case AC_ARG_SETQBUFSZ:
++argv;
if (!*argv)
exit_usage(1);
break;
case AC_ARG_SETQCTRL:
++argv;
if (!*argv)
exit_usage(1);
gettext("Invalid hiwater specified."));
++argv;
if (!*argv)
exit_usage(1);
gettext("Invalid lowater specified."));
++argv;
if (!*argv)
exit_usage(1);
++argv;
if (!*argv)
exit_usage(1);
break;
case AC_ARG_SETQDELAY:
++argv;
if (!*argv)
exit_usage(1);
break;
case AC_ARG_SETQHIWATER:
++argv;
if (!*argv)
exit_usage(1);
gettext("Invalid hiwater specified."));
}
break;
case AC_ARG_SETQLOWATER:
++argv;
if (!*argv)
exit_usage(1);
gettext("Invalid lowater specified."));
}
break;
case AC_ARG_SETSMASK:
case AC_ARG_SETUMASK:
++argv;
if (!*argv)
exit_usage(1);
++argv;
if (!*argv)
exit_usage(1);
break;
case AC_ARG_SET_TEMPORARY:
/* Do not accept single -t option. */
if (argc == 2) {
gettext("Only the -t option specified "
"(it is not a standalone option)."));
}
break;
default:
break;
}
}
}
/*
* do_args() - do command line arguments in the order in which they appear.
* Function return values returned by the underlying functions; the semantics
* they should follow is to return B_TRUE on successful execution, B_FALSE
* otherwise.
*/
static void
{
switch (ae->auditconfig_cmd) {
case AC_ARG_AUDIT:
{
char sorf;
int retval;
char *event_name;
char *audit_str;
++argv;
event_name = *argv;
++argv;
++argv;
++argv;
}
break;
case AC_ARG_CHKCONF:
do_chkconf();
break;
case AC_ARG_CONF:
do_conf();
break;
case AC_ARG_CHKACONF:
do_chkaconf();
break;
case AC_ARG_ACONF:
do_aconf();
break;
case AC_ARG_GETASID:
do_getasid();
break;
case AC_ARG_GETAUID:
do_getauid();
break;
case AC_ARG_GETAUDIT:
do_getaudit();
break;
case AC_ARG_GETKAUDIT:
do_getkaudit();
break;
case AC_ARG_GETCLASS:
case AC_ARG_GETESTATE:
++argv;
do_getclass(*argv);
break;
case AC_ARG_GETCAR:
do_getcar();
break;
case AC_ARG_GETCOND:
do_getcond();
break;
case AC_ARG_GETCWD:
do_getcwd();
break;
case AC_ARG_GETFLAGS:
do_getflags();
break;
case AC_ARG_GETKMASK:
do_getkmask();
break;
case AC_ARG_GETNAFLAGS:
break;
case AC_ARG_GETPLUGIN:
{
++argv;
--argv;
} else {
plugin_str = *argv;
}
} else {
--argv;
}
}
break;
case AC_ARG_GETPOLICY:
do_getpolicy();
break;
case AC_ARG_GETQBUFSZ:
do_getqbufsz();
break;
case AC_ARG_GETQCTRL:
do_getqctrl();
break;
case AC_ARG_GETQDELAY:
do_getqdelay();
break;
case AC_ARG_GETQHIWATER:
break;
case AC_ARG_GETQLOWATER:
break;
case AC_ARG_GETSTAT:
do_getstat();
break;
case AC_ARG_GETTERMID:
do_gettermid();
break;
case AC_ARG_LSEVENT:
do_lsevent();
break;
case AC_ARG_LSPOLICY:
do_lspolicy();
break;
case AC_ARG_SETASID:
{
char *sid_str;
++argv;
++argv;
}
break;
case AC_ARG_SETAUID:
{
char *user;
++argv;
++argv;
}
break;
case AC_ARG_SETAUDIT:
{
char *user_str;
char *mask_str;
char *tid_str;
char *sid_str;
++argv;
++argv;
++argv;
++argv;
++argv;
}
break;
case AC_ARG_SETKAUDIT:
{
}
break;
case AC_ARG_SETCLASS:
{
char *event_str;
++argv;
++argv;
}
break;
case AC_ARG_SETFLAGS:
++argv;
break;
case AC_ARG_SETKMASK:
++argv;
break;
case AC_ARG_SETNAFLAGS:
++argv;
break;
case AC_ARG_SETPLUGIN:
{
plugin_str = *++argv;
}
plugin_att = *argv;
} else {
--argv;
}
} else {
--argv;
}
}
break;
case AC_ARG_SETPOLICY:
++argv;
do_setpolicy(*argv);
break;
case AC_ARG_GETPINFO:
{
char *pid_str;
++argv;
}
break;
case AC_ARG_SETPMASK:
{
char *pid_str;
++argv;
++argv;
}
break;
case AC_ARG_SETSTAT:
do_setstat();
break;
case AC_ARG_SETQBUFSZ:
++argv;
do_setqbufsz(*argv);
break;
case AC_ARG_SETQCTRL:
{
}
break;
case AC_ARG_SETQDELAY:
++argv;
do_setqdelay(*argv);
break;
case AC_ARG_SETQHIWATER:
++argv;
break;
case AC_ARG_SETQLOWATER:
++argv;
break;
case AC_ARG_SETSMASK:
{
char *asid_str;
++argv;
++argv;
}
break;
case AC_ARG_SETUMASK:
{
char *auid_str;
++argv;
++argv;
}
break;
case AC_ARG_SET_TEMPORARY:
break;
default:
break;
}
}
}
/*
* do_chkconf() - the returned value is for the global zone unless AUDIT_PERZONE
* is set.
*/
static void
do_chkconf(void)
{
int class;
int len;
setauevent();
if (getauevent() == NULL) {
}
setauevent();
len = sizeof (struct au_evclass_map);
(void) printf("%s(%hu):%s",
gettext("UNKNOWN EVENT: Could not get "
"class for event. Configuration may "
"be bad.\n"));
} else {
(void) getauditflagschar(run_aflags,
&pmask, 0);
(void) getauditflagschar(conf_aflags,
&pmask, 0);
"%s(%hu): CLASS MISMATCH: "
"runtime class (%s) != "
"configured class (%s)\n"),
NONE(conf_aflags));
}
}
}
}
endauevent();
}
/*
* do_conf() - configure the kernel events. The value returned to the user is
* for the global zone unless AUDIT_PERZONE is set.
*/
static void
do_conf(void)
{
register int i;
i = 0;
setauevent();
++i;
}
}
endauevent();
}
/*
* do_chkaconf() - report a mismatch if the runtime class mask of a kernel audit
* event does not match the configured class mask. The value returned to the
* user is for the global zone unless AUDIT_PERZONE is set.
*/
static void
do_chkaconf(void)
{
char *namask_cfg;
}
gettext("bad kernel non-attributable mask\n"));
exit(1);
}
(void) printf(
gettext("non-attributable event flags mismatch:\n"));
"= %s\n"), kbuf);
"= %s\n"), namask_cfg);
}
}
/*
* do_aconf - configures the non-attributable events. The value returned to the
* user is for the global zone unless AUDIT_PERZONE is set.
*/
static void
do_aconf(void)
{
char *namask_cfg;
}
}
/*
* do_audit() - construct an audit record for audit event event using the
* process's audit characteristics containing a text token string audit_str. The
* value retval is an errno value.
*/
static void
{
int rtn;
int rd;
} else {
}
if (rtn == -1) {
exit_error("%s\n%s %hu\n",
gettext("Check audit event configuration."),
gettext("Could not get audit class for event number"),
}
/* record is preselected */
if (rtn == 1) {
"Could not get and audit record descriptor\n"));
}
gettext("Could not allocate subject token\n"));
}
"of audit record\n"));
}
if (is_system_labeled()) {
"Could not allocate label token\n"));
}
"construct label token of audit record\n"));
}
}
"audit record\n"));
#ifdef _LP64
#else
#endif
gettext("Could not allocate return token\n"));
"of audit record\n"));
}
gettext("Could not write audit record: %s\n"),
}
}
}
/*
* do_getauid() - print the audit id of the current process.
*/
static void
do_getauid(void)
{
}
/*
* do_getaudit() - print the audit characteristics of the current process.
*/
static void
do_getaudit(void)
{
}
/*
* do_getkaudit() - print the audit characteristics of the current zone.
*/
static void
do_getkaudit(void)
{
}
/*
* do_setkaudit() - set IP address_type/address of machine to specified values;
* valid per zone if AUDIT_PERZONE is set, else only in global zone.
*/
static void
do_setkaudit(char *t, char *s)
{
}
/*
* do_getcar() - print the zone-relative root
*/
static void
do_getcar(void)
{
}
/*
* do_getclass() - print the preselection mask associated with the specified
* kernel audit event. The displayed value is for the global zone unless
* AUDIT_PERZONE is set.
*/
static void
{
char *event_name;
} else {
}
} else {
}
}
}
/*
* do_getcond() - the printed value is for the global zone unless
* AUDIT_PERZONE is set. (AUC_DISABLED is always global, the other states are
* per zone if AUDIT_PERZONE is set)
*/
static void
do_getcond(void)
{
}
/*
* do_getcwd() - the printed path is relative to the current zone root
*/
static void
do_getcwd(void)
{
}
/*
* do_getflags() - the printed value is for the global zone unless AUDIT_PERZONE
* is set.
*/
static void
do_getflags(void)
{
char *amask_cfg;
}
}
/*
* do_getkmask() - the printed value is for the global zone unless AUDIT_PERZONE
* is set.
*/
static void
do_getkmask(void)
{
}
/*
* do_getnaflags() - the printed value is for the global zone unless
* AUDIT_PERZONE is set.
*/
static void
do_getnaflags(void)
{
char *namask_cfg;
}
}
/*
* do_getpolicy() - print active and configured kernel audit policy relative to
* the current zone.
*/
static void
do_getpolicy(void)
{
if (!temporary_set) {
if (!do_getpolicy_scf(&policy)) {
}
}
}
/*
* do_getpinfo() - print the audit ID, preselection mask, terminal ID, and
* audit session ID for the specified process.
*/
static void
{
else
exit_usage(1);
}
/*
* do_getplugin() - print plugin configuration.
*/
static void
{
}
while (plugin_kva_ll != NULL) {
if (plugin_kva_ll != NULL) {
(void) printf("\n");
}
}
}
/*
* do_getqbufsz() - print the active and configured audit queue write buffer
* size relative to the current zone.
*/
static void
do_getqbufsz(void)
{
if (!temporary_set) {
}
"no configured audit queue buffer size\n"));
} else {
}
}
}
/*
* do_getqctrl() - print the configured and active audit queue write buffer
* size, audit queue hiwater mark, audit queue lowater mark, audit queue prod
* interval (ticks) relative to the current zone.
*/
static void
do_getqctrl(void)
{
if (!temporary_set) {
if (!do_getqctrl_scf(&qctrl)) {
}
if (qctrl.aq_hiwater == 0) {
"no configured audit queue hiwater mark\n"));
} else {
}
if (qctrl.aq_lowater == 0) {
"no configured audit queue lowater mark\n"));
} else {
}
"no configured audit queue buffer size\n"));
} else {
}
"no configured audit queue delay\n"));
} else {
}
}
}
/*
* do_getqdelay() - print, relative to the current zone, the configured and
* active interval at which audit queue is prodded to start output.
*/
static void
do_getqdelay(void)
{
if (!temporary_set) {
}
"no configured audit queue delay\n"));
} else {
}
}
}
/*
* do_getqhiwater() - print, relative to the current zone, the high water
* point in undelivered audit records when audit generation will block.
*/
static void
do_getqhiwater(void)
{
if (!temporary_set) {
}
if (qctrl.aq_hiwater == 0) {
"no configured audit queue hiwater mark\n"));
} else {
}
}
}
/*
* do_getqlowater() - print, relative to the current zone, the low water point
* in undelivered audit records where blocked processes will resume.
*/
static void
do_getqlowater(void)
{
if (!temporary_set) {
}
if (qctrl.aq_lowater == 0) {
"no configured audit queue lowater mark\n"));
} else {
}
}
}
/*
* do_getasid() - print out the audit session-ID.
*/
static void
do_getasid(void)
{
}
}
/*
* do_getstat() - the printed statistics are for the entire system unless
* AUDIT_PERZONE is set.
*/
static void
do_getstat(void)
{
"%n%4lu %n%4lu %n%4lu %n%4lu %n%4lu%n",
/*
* TRANSLATION_NOTE
* Print a properly aligned header.
*/
(void) printf("%*s %*s %*s %*s %*s %*s %*s %*s %*s %*s %*s %*s\n",
}
/*
* do_gettermid() - print audit terminal ID for current process.
*/
static void
do_gettermid(void)
{
}
}
/*
* do_lsevent() - display the active kernel and user level audit event
* information. The printed events are for the global zone unless AUDIT_PERZONE
* is set.
*/
static void
do_lsevent(void)
{
setauevent();
if (getauevent() == NULL) {
}
setauevent();
(void) printf("%-30s %5hu %s %s\n",
}
endauevent();
}
/*
* do_lspolicy() - display the kernel audit policies with a description of each
* policy. The printed value is for the global zone unless AUDIT_PERZONE is set.
*/
static void
do_lspolicy(void)
{
int i;
/*
* TRANSLATION_NOTE
* Print a properly aligned header.
*/
for (i = 0; i < POLICY_TBL_SZ; i++) {
}
}
/*
* do_setasid() - execute shell or cmd with specified session-ID.
*/
static void
{
}
}
}
/*
* do_setaudit() - execute shell or cmd with specified audit characteristics.
*/
static void
char **argv)
{
}
/*
* do_setauid() - execute shell or cmd with specified audit-ID.
*/
static void
{
}
/*
* do_setpmask() - set the preselection mask of the specified process; valid
* per zone if AUDIT_PERZONE is set, else only in global zone.
*/
static void
{
} else {
exit_usage(1);
}
}
/*
* do_setsmask() - set the preselection mask of all processes with the specified
* audit session-ID; valid per zone if AUDIT_PERZONE is set, else only in global
* zone.
*/
static void
{
} else {
exit_usage(1);
}
}
/*
* do_setumask() - set the preselection mask of all processes with the
* specified audit-ID; valid per zone if AUDIT_PERZONE is set, else only in
* global zone.
*/
static void
{
} else {
exit_usage(1);
}
}
/*
* do_setstat() - reset audit statistics counters; local zone use is valid if
* AUDIT_PERZONE is set, otherwise the syscall returns EPERM.
*/
static void
do_setstat(void)
{
}
/*
* do_setclass() - map the kernel event event_str to the classes specified by
* audit flags (mask); valid per zone if AUDIT_PERZONE is set, else only in
* global zone.
*/
static void
{
} else {
}
}
}
/*
* do_setflags() - set configured and active default user preselection masks;
* valid per zone if AUDIT_PERZONE is set, else only in global zone.
*/
static void
{
if (!do_setflags_scf(audit_flags)) {
}
}
/*
* do_setkmask() - set non-attributable audit flags of machine; valid per zone
* if AUDIT_PERZONE is set, else only in global zone.
*/
static void
{
}
/*
* do_setnaflags() - set configured and active non-attributable selection flags
* of machine; valid per zone if AUDIT_PERZONE is set, else only in global zone.
*/
static void
{
if (!do_setnaflags_scf(audit_naflags)) {
}
}
/*
* do_setplugin() - set the given plugin plugin_str configuration values.
*/
static void
int plugin_qsize)
{
plugin_qsize)) {
}
}
/*
* do_setpolicy() - set the active and configured kernel audit policy; active
* values can be changed per zone if AUDIT_PERZONE is set, else only in global
* zone.
*
* ahlt and perzone are global zone only. The kernel ensures that a local zone
* can't change ahlt and perzone (EINVAL).
*/
static void
{
case 0:
if (!temporary_set) {
if (!do_getpolicy_scf(&policy)) {
"policy values from the SMF repository"));
}
if (!do_setpolicy_scf(policy)) {
"configuration values."));
}
}
break;
case 2:
break;
default:
break;
}
}
/*
* do_setqbufsz() - set the active and configured audit queue write buffer size
* (bytes); active values can be changed per zone if AUDIT_PERZONE is set, else
* only in global zone.
*/
static void
{
if (!temporary_set) {
"Could not store configuration value."));
}
return;
}
}
}
/*
* do_setqctrl() - set the active and configured audit queue write buffer size
* (bytes), hiwater audit record count, lowater audit record count, and wakeup
* interval (ticks); active values can be changed per zone if AUDIT_PERZONE is
* set, else only in global zone.
*/
static void
{
if (!temporary_set) {
if (!do_setqctrl_scf(&qctrl)) {
"Could not store configuration values."));
}
if (qctrl.aq_hiwater == 0) {
}
if (qctrl.aq_lowater == 0) {
}
}
}
}
}
/*
* do_setqdelay() - set the active and configured audit queue wakeup interval
* (ticks); active values can be changed per zone if AUDIT_PERZONE is set, else
* only in global zone.
*/
static void
{
if (!temporary_set) {
"Could not store configuration value."));
}
return;
}
}
}
/*
* do_setqhiwater() - sets the active and configured number of undelivered audit
* records in the audit queue at which audit record generation blocks; active
* values can be changed per zone if AUDIT_PERZONE is set, else only in global
* zone.
*/
static void
{
if (!temporary_set) {
"Could not store configuration value."));
}
if (qctrl.aq_hiwater == 0) {
return;
}
}
}
/*
* do_setqlowater() - set the active and configured number of undelivered audit
* records in the audit queue at which blocked auditing processes unblock;
* active values can be changed per zone if AUDIT_PERZONE is set, else only in
* global zone.
*/
static void
{
if (!temporary_set) {
"Could not store configuration value."));
}
if (qctrl.aq_lowater == 0) {
return;
}
}
}
static void
{
}
static void
{
}
static void
{
}
static void
{
}
static void
{
}
static void
{
return;
}
}
}
static void
{
char *err_ptr;
err_ptr++;
}
*err_ptr = '\0';
"encountered: %s"), err);
}
}
static au_event_ent_t *
{
}
return (evp);
}
static au_event_ent_t *
{
return (evp);
}
static void
{
}
static void
{
}
static uid_t
{
}
} else {
}
}
}
/*
* get_arg_ent()
* Inputs: command line argument string
* Returns ptr to struct arg_entry if found; null, if not found
*/
static arg_entry_t *
{
}
/*
* arg_ent_compare()
* Compares two command line arguments to determine which is
* lexicographically greater.
* Inputs: two argument map table entry pointers
* Returns: > 1: aep1->arg_str > aep2->arg_str
* < 1: aep1->arg_str < aep2->arg_str
* 0: aep1->arg_str = aep->arg_str2
*/
static int
{
}
/*
* tid_str is major,minor,host -- host is a name or an ip address
*/
static void
{
char *major_str;
char *minor_str;
int err;
*minor_str = '\0';
minor_str++;
}
if (minor_str) {
*host_str = '\0';
host_str++;
}
}
if (major_str)
if (minor_str)
if (host_str) {
if (strisipaddr(host_str)) {
}
} else {
if (phe == 0) {
}
/* address is IPv6 (128 bits) */
} else {
/* address is IPv4 (32 bits) */
}
}
}
}
}
static char *
cond2str(void)
{
switch (cond) {
case AUC_AUDITING:
return ("auditing");
case AUC_NOAUDIT:
case AUC_INIT_AUDIT:
return ("noaudit");
case AUC_UNSET:
return ("unset");
case AUC_NOSPACE:
return ("nospace");
default:
return ("");
}
}
/*
* exit = 0, success
* 1, error
* 2, bad zone
*/
static int
{
char *buf;
char *tok;
char pfix;
pfix = *policy_str;
++policy_str;
return (1);
return (1);
} else {
if (tok_pm == ALL_POLICIES) {
}
}
}
/* reuse policy mask if already set to some value */
if (*policy_mask != 0) {
curp = *policy_mask;
} else {
}
if (pfix == '-') {
if (!is_all &&
(getzoneid() != GLOBAL_ZONEID) &&
(pm & ~AUDIT_LOCAL)) {
return (2);
}
if (getzoneid() != GLOBAL_ZONEID)
curp &= AUDIT_LOCAL;
} else if (pfix == '+') {
/*
* In a local zone, accept specifying "all", but not
* individually specifying global-zone only policies.
* Limit to all locally allowed, so system call doesn't
* fail.
*/
if (!is_all &&
(getzoneid() != GLOBAL_ZONEID) &&
(pm & ~AUDIT_LOCAL)) {
return (2);
}
if (getzoneid() != GLOBAL_ZONEID) {
curp &= AUDIT_LOCAL;
if (is_all) {
pm &= AUDIT_LOCAL;
}
}
} else {
/*
* In a local zone, accept specifying "all", but not
* individually specifying global-zone only policies.
* Limit to all locally allowed, so system call doesn't
* fail.
*/
if (!is_all &&
(getzoneid() != GLOBAL_ZONEID) &&
(pm & ~AUDIT_LOCAL)) {
return (2);
}
pm &= AUDIT_LOCAL;
}
*policy_mask = pm;
}
return (0);
}
static int
{
int i, j;
if (policy == ALL_POLICIES) {
return (1);
}
if (policy == NO_POLICIES) {
return (1);
}
*policy_str = '\0';
for (i = 0, j = 0; i < POLICY_TBL_SZ; i++) {
if (j++) {
}
len);
}
}
if (*policy_str)
return (0);
return (1);
}
static int
strisnum(char *s)
{
if (s == NULL || !*s)
return (0);
for (; *s == '-' || *s == '+'; s++)
if (!*s)
return (0);
for (; *s; s++)
if (!isdigit(*s))
return (0);
return (1);
}
static int
strisipaddr(char *s)
{
int dot = 0;
int colon = 0;
/* no string */
if ((s == NULL) || (!*s))
return (0);
for (; *s; s++) {
return (0);
if (*s == '.')
dot++;
if (*s == ':')
colon++;
}
return (0);
return (0);
return (1);
}
static void
{
}
}
static void
{
if (etype == AC_KERN_EVENT) {
"Invalid kernel audit event number specified.\n"
"\t%hu is outside allowable range 0-%d."),
}
} else {
/* user event */
"number specified %hu."), event);
}
}
}
static void
{
"Invalid kernel audit event string specified.\n"
"\t\"%s\" appears to be a user level event. "
"Check configuration."), event_str);
} else if (etype == AC_USER_EVENT &&
"Invalid user audit event string specified.\n"
"\t\"%s\" appears to be a kernel event. "
"Check configuration."), event_str);
}
}
static void
{
}
if (!plugin_avail_scf(plugin_str)) {
}
}
static void
{
}
static void
{
if (!strisnum(retval_str))
}
static void
{
size_t n = 0;
char **argv_pos;
if (*argv) {
/* concatenate argument array to be passed to sh -c "..." */
}
/* strip the last space */
} else {
}
}
static void
{
int i;
for (i = 0; i < ARG_TBL_SZ; i++) {
/* skip the -t option; it's not a standalone option */
continue;
}
}
}
static void
{
}
static void
{
char *username;
else
}
static void
{
(void) printf("%s = %s(0x%x,0x%x)\n",
}
static void
{
char *active_str;
char *qsize_ptr;
int qsize;
"\"active\" property not found\n"));
return;
}
case 0:
break;
case 1:
break;
default:
break;
}
if (qsize != 0) {
}
}
static void
{
char *hostname;
int err;
char *bufp;
/* IPV6 or IPV4 address */
} else {
}
"terminal id (maj,min,host) = %lu,%lu,%s(%s)\n"),
} else {
} else {
}
"terminal id (maj,min,host) = %lu,%lu,%s(%s)\n"),
if (phe) {
}
}
}
static int
{
int j, sl;
char *ss;
unsigned int v;
if (strisipaddr(s)) {
return (0);
}
return (1);
return (0);
return (1);
}
return (1);
} else {
return (0);
ss = s;
for (j = 3; j >= 0; j--) {
if ((sl - 8) <= 0) {
(void) sscanf(s, "%x", &v);
addr[j] = v;
return (0);
}
addr[j] = v;
sl -= 8;
*ss = '\0';
}
}
return (0);
}
}
static int
{
if (strcmp(s, "ipv6") == 0) {
return (0);
}
if (strcmp(s, "ipv4") == 0) {
return (0);
}
return (1);
}
/*
* exit_error() - print an error message along with corresponding system error
* number and error message, then exit. Inputs - program error format and
* message.
*/
/*PRINTFLIKE1*/
static void
{
exit(1);
}