auditconfig.c revision ace1a5f11236a072fca1b5e0ea1416a083a9f2aa
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License, Version 1.0 only
* (the "License"). You may not use this file except in compliance
* with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2005 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#pragma ident "%Z%%M% %I% %E% SMI"
/*
* auditconfig - set and display audit parameters
*/
#include <locale.h>
#include <ctype.h>
#include <stdlib.h>
#include <stdarg.h>
#include <unistd.h>
#include <errno.h>
#include <stdio.h>
#include <string.h>
#include <strings.h>
#include <nlist.h>
#include <fcntl.h>
#include <netdb.h>
#include <pwd.h>
#include <libintl.h>
#include <zone.h>
#include <bsm/audit_record.h>
#if !defined(TEXT_DOMAIN)
#define TEXT_DOMAIN "SUNW_OST_OSCMD"
#endif
#define AC_ARG_AUDIT 0
#define AC_ARG_CHKCONF 1
#define AC_ARG_CONF 2
#define AC_ARG_GETAUDIT 4
#define AC_ARG_GETAUID 5
#define AC_ARG_GETCAR 6
#define AC_ARG_GETCOND 8
#define AC_ARG_GETCWD 9
#define AC_ARG_GETESTATE 10
#define AC_ARG_GETKERNSTATE 11
#define AC_ARG_GETPINFO 13
#define AC_ARG_GETPOLICY 14
#define AC_ARG_GETQBUFSZ 15
#define AC_ARG_GETQCTRL 16
#define AC_ARG_GETQDELAY 17
#define AC_ARG_GETQHIWATER 18
#define AC_ARG_GETQLOWATER 19
#define AC_ARG_GETSID 20
#define AC_ARG_GETSTAT 21
#define AC_ARG_GETTERMID 22
#define AC_ARG_LSEVENT 24
#define AC_ARG_LSPOLICY 25
#define AC_ARG_SETASID 26
#define AC_ARG_SETAUDIT 27
#define AC_ARG_SETAUID 28
/* AC_ARG_SETCOND 30 */
#define AC_ARG_SETESTATE 31
#define AC_ARG_SETKERNSTATE 32
#define AC_ARG_SETPMASK 34
#define AC_ARG_SETSMASK 35
#define AC_ARG_SETSTAT 36
#define AC_ARG_SETPOLICY 37
#define AC_ARG_SETQBUFSZ 38
#define AC_ARG_SETQCTRL 39
#define AC_ARG_SETQDELAY 40
#define AC_ARG_SETQHIWATER 41
#define AC_ARG_SETQLOWATER 42
#define AC_ARG_SETTERMID 43
#define AC_ARG_SETUMASK 44
#define AC_ARG_SETUSERAUDIT 45
#define AC_ARG_GETFSIZE 46
#define AC_ARG_SETFSIZE 47
#define AC_ARG_GETKAUDIT 48
#define AC_ARG_SETKAUDIT 49
#define AC_ARG_ACONF 50
#define AC_ARG_CHKACONF 51
#define AC_KERN_EVENT 0
#define AC_USER_EVENT 1
#define ALL_POLICIES (AUDIT_AHLT|\
#define NO_POLICIES (0)
#define ONEK 1024
/* This should be defined in <string.h>, but it is not */
extern int strncasecmp();
/*
* remove this after the audit.h is fixed
*/
struct arg_entry {
char *arg_str;
char *arg_opts;
int auditconfig_cmd;
};
struct policy_entry {
char *policy_str;
char *policy_desc;
};
{ "-setaudit", "auid audit_flags termid sid [cmd]",
};
static struct arg_entry arg2_table[] = {
};
static struct policy_entry policy_table[] = {
"async event"},
"zone"},
};
static char *progname;
static au_event_ent_t *egetauevnam();
static au_event_ent_t *egetauevnum();
static char *strtolower();
static int arg_ent_compare();
static int cond2str();
static int policy2str();
static int str2type();
static int str2policy();
static int str2ipaddr();
static int strisflags();
static int strisipaddr();
static int strisnum();
static struct arg_entry *get_arg_ent();
static struct policy_entry *get_policy_ent();
static uid_t get_user_id();
static void chk_event_num();
static void chk_event_str();
static void chk_retval();
static void chk_sorf();
static void chk_tid();
static void do_aconf();
static void do_args();
static void do_audit();
static void do_chkaconf();
static void do_chkconf();
static void do_conf();
static void do_getasid();
static void do_getaudit();
static void do_getkaudit();
static void do_setkaudit();
static void do_getauid();
static void do_getcar();
static void do_getclass();
static void do_getcond();
static void do_getcwd();
static void do_getkmask();
static void do_getpinfo();
static void do_getpolicy();
static void do_getqbufsz();
static void do_getqctrl();
static void do_getqdelay();
static void do_getqhiwater();
static void do_getqlowater();
static void do_getstat();
static void do_gettermid();
static void do_getuseraudit();
static void do_lsevent();
static void do_lspolicy();
static void do_setasid();
static void do_setaudit();
static void do_setauid();
static void do_setclass();
static void do_setkmask();
static void do_setpmask();
static void do_setsmask();
static void do_setumask();
static void do_setpolicy();
static void do_setqbufsz();
static void do_setqctrl();
static void do_setqdelay();
static void do_setqhiwater();
static void do_setqlowater();
static void do_setstat();
static void do_settid();
static void do_setuseraudit();
static void do_getfsize();
static void do_setfsize();
static void str2mask();
static void str2tid();
static void strsplit();
static void eauditon();
static void egetaudit();
static void egetkaudit();
static void esetkaudit();
static void egetauditflagsbin();
static void egetauid();
static void esetaudit();
static void esetauid();
static void execit();
static void exit_error(char *, ...);
static void exit_usage();
static void parse_args();
static void print_asid();
static void print_auid();
static void print_mask();
static void print_mask1();
static void print_stats();
static void print_tid_ex();
int
int argc;
char **argv;
{
progname = "auditconfig";
(void) textdomain(TEXT_DOMAIN);
if (argc == 1) {
exit_usage(0);
exit(0);
}
if (argc == 2 &&
exit_usage(0);
return (0);
}
/*
* parse_args()
* Desc: Checks command line argument syntax.
* Inputs: Command line argv;
* Returns: If a syntax error is detected, a usage message is printed
* and exit() is called. If a syntax error is not detected,
* parse_args() returns without a value.
*/
static void
parse_args(char **argv)
{
exit_usage(1);
}
switch (ae->auditconfig_cmd) {
case AC_ARG_AUDIT:
++argv;
if (!*argv)
exit_usage(1);
} else
++argv;
if (!*argv)
exit_usage(1);
++argv;
if (!*argv)
exit_usage(1);
chk_retval(*argv);
++argv;
if (!*argv)
exit_usage(1);
break;
case AC_ARG_CHKCONF:
break;
case AC_ARG_CONF:
break;
case AC_ARG_ACONF:
break;
case AC_ARG_CHKACONF:
break;
case AC_ARG_GETASID:
case AC_ARG_GETSID:
break;
case AC_ARG_GETAUID:
break;
case AC_ARG_GETAUDIT:
break;
case AC_ARG_GETKAUDIT:
break;
case AC_ARG_GETCLASS:
case AC_ARG_GETESTATE:
++argv;
if (!*argv)
exit_usage(1);
else
break;
case AC_ARG_GETCAR:
break;
case AC_ARG_GETCOND:
break;
case AC_ARG_GETCWD:
break;
case AC_ARG_GETKERNSTATE:
case AC_ARG_GETKMASK:
break;
case AC_ARG_GETPOLICY:
break;
case AC_ARG_GETQBUFSZ:
break;
case AC_ARG_GETQCTRL:
break;
case AC_ARG_GETQDELAY:
break;
case AC_ARG_GETQHIWATER:
break;
case AC_ARG_GETQLOWATER:
break;
case AC_ARG_GETSTAT:
break;
case AC_ARG_GETTERMID:
break;
case AC_ARG_GETUSERAUDIT:
++argv;
if (!*argv)
exit_usage(1);
break;
case AC_ARG_LSEVENT:
break;
case AC_ARG_LSPOLICY:
break;
case AC_ARG_SETASID:
++argv;
if (!*argv)
exit_usage(1);
while (*argv)
++argv;
--argv;
break;
case AC_ARG_SETAUID:
++argv;
if (!*argv)
exit_usage(1);
while (*argv)
++argv;
--argv;
break;
case AC_ARG_SETAUDIT:
++argv;
if (!*argv)
exit_usage(1);
while (*argv)
++argv;
--argv;
break;
case AC_ARG_SETKAUDIT:
++argv;
if (!*argv)
exit_usage(1);
"Invalid IP address type specified."));
++argv;
if (!*argv)
exit_usage(1);
"Invalid IP address specified."));
break;
case AC_ARG_SETCLASS:
case AC_ARG_SETESTATE:
++argv;
if (!*argv)
exit_usage(1);
else
++argv;
if (!*argv)
exit_usage(1);
break;
case AC_ARG_SETKERNSTATE:
case AC_ARG_SETKMASK:
++argv;
if (!*argv)
exit_usage(1);
break;
case AC_ARG_SETPOLICY:
++argv;
if (!*argv)
exit_usage(1);
break;
case AC_ARG_SETSTAT:
break;
case AC_ARG_GETPINFO:
++argv;
if (!*argv)
exit_usage(1);
break;
case AC_ARG_SETPMASK:
++argv;
if (!*argv)
exit_usage(1);
++argv;
if (!*argv)
exit_usage(1);
break;
case AC_ARG_SETQBUFSZ:
++argv;
if (!*argv)
exit_usage(1);
break;
case AC_ARG_SETQCTRL:
++argv;
if (!*argv)
exit_usage(1);
"Invalid hiwater specified."));
++argv;
if (!*argv)
exit_usage(1);
gettext("Invalid lowater specified.")));
++argv;
if (!*argv)
exit_usage(1);
++argv;
if (!*argv)
exit_usage(1);
break;
case AC_ARG_SETQDELAY:
++argv;
if (!*argv)
exit_usage(1);
break;
case AC_ARG_SETQHIWATER:
++argv;
if (!*argv)
exit_usage(1);
"Invalid hiwater specified."));
break;
case AC_ARG_SETQLOWATER:
++argv;
if (!*argv)
exit_usage(1);
"Invalid lowater specified."));
break;
case AC_ARG_SETTERMID:
++argv;
if (!*argv)
exit_usage(1);
break;
case AC_ARG_SETUSERAUDIT:
++argv;
if (!*argv)
exit_usage(1);
++argv;
if (!*argv)
exit_usage(1);
break;
case AC_ARG_SETSMASK:
++argv;
if (!*argv)
exit_usage(1);
++argv;
if (!*argv)
exit_usage(1);
break;
case AC_ARG_SETUMASK:
++argv;
if (!*argv)
exit_usage(1);
++argv;
if (!*argv)
exit_usage(1);
break;
case AC_ARG_GETFSIZE:
break;
case AC_ARG_SETFSIZE:
++argv;
if (!*argv)
exit_usage(1);
"Invalid hiwater specified."));
break;
default:
break;
}
}
}
/*
* do_args()
* Desc: Do command line arguments in the order in which they appear.
*/
static void
char **argv;
{
switch (ae->auditconfig_cmd) {
case AC_ARG_AUDIT:
{
char sorf;
int retval;
char *event_name;
char *audit_str;
++argv;
event_name = *argv;
++argv;
++argv;
++argv;
}
break;
case AC_ARG_CHKCONF:
do_chkconf();
break;
case AC_ARG_CONF:
do_conf();
break;
case AC_ARG_CHKACONF:
do_chkaconf();
break;
case AC_ARG_ACONF:
do_aconf();
break;
case AC_ARG_GETASID:
case AC_ARG_GETSID:
do_getasid();
break;
case AC_ARG_GETAUID:
do_getauid();
break;
case AC_ARG_GETAUDIT:
do_getaudit();
break;
case AC_ARG_GETKAUDIT:
do_getkaudit();
break;
case AC_ARG_GETCLASS:
case AC_ARG_GETESTATE:
++argv;
do_getclass(*argv);
break;
case AC_ARG_GETCAR:
do_getcar();
break;
case AC_ARG_GETCOND:
do_getcond();
break;
case AC_ARG_GETCWD:
do_getcwd();
break;
case AC_ARG_GETKERNSTATE:
case AC_ARG_GETKMASK:
do_getkmask();
break;
case AC_ARG_GETPOLICY:
do_getpolicy();
break;
case AC_ARG_GETQBUFSZ:
do_getqbufsz();
break;
case AC_ARG_GETQCTRL:
do_getqctrl();
break;
case AC_ARG_GETQDELAY:
do_getqdelay();
break;
case AC_ARG_GETQHIWATER:
break;
case AC_ARG_GETQLOWATER:
break;
case AC_ARG_GETSTAT:
do_getstat();
break;
case AC_ARG_GETTERMID:
do_gettermid();
break;
case AC_ARG_GETUSERAUDIT:
++argv;
break;
case AC_ARG_LSEVENT:
do_lsevent();
break;
case AC_ARG_LSPOLICY:
do_lspolicy();
break;
case AC_ARG_SETASID:
{
char *sid_str;
++argv;
++argv;
}
break;
case AC_ARG_SETAUID:
{
char *user;
++argv;
++argv;
}
break;
case AC_ARG_SETAUDIT:
{
char *user_str;
char *mask_str;
char *tid_str;
char *sid_str;
++argv;
++argv;
++argv;
++argv;
++argv;
}
break;
case AC_ARG_SETKAUDIT:
{
char *address_type, *address;
}
break;
case AC_ARG_SETCLASS:
case AC_ARG_SETESTATE:
{
char *event_str, *audit_flags;
}
break;
case AC_ARG_SETKERNSTATE:
case AC_ARG_SETKMASK:
++argv;
do_setkmask(*argv);
break;
case AC_ARG_SETPOLICY:
++argv;
do_setpolicy(*argv);
break;
case AC_ARG_GETPINFO:
{
char *pid_str;
++argv;
}
break;
case AC_ARG_SETPMASK:
{
char *pid_str;
char *audit_flags;
++argv;
++argv;
audit_flags = *argv;
}
break;
case AC_ARG_SETSTAT:
do_setstat();
break;
case AC_ARG_SETQBUFSZ:
++argv;
do_setqbufsz(*argv);
break;
case AC_ARG_SETQCTRL:
{
}
break;
case AC_ARG_SETQDELAY:
++argv;
do_setqdelay(*argv);
break;
case AC_ARG_SETQHIWATER:
++argv;
break;
case AC_ARG_SETQLOWATER:
++argv;
break;
case AC_ARG_SETTERMID:
++argv;
break;
case AC_ARG_SETUSERAUDIT:
{
char *user;
char *aflags;
++argv;
++argv;
}
break;
case AC_ARG_SETSMASK:
{
char *asid_str;
char *audit_flags;
++argv;
++argv;
audit_flags = *argv;
}
break;
case AC_ARG_SETUMASK:
{
char *auid_str;
char *audit_flags;
++argv;
++argv;
audit_flags = *argv;
}
break;
case AC_ARG_GETFSIZE:
do_getfsize();
break;
case AC_ARG_SETFSIZE:
++argv;
do_setfsize(*argv);
break;
default:
break;
}
}
}
/*
* The returned value is for the global zone unless AUDIT_PERZONE is
* set.
*/
static void
{
register au_event_ent_t *evp;
char conf_aflags[256];
char run_aflags[256];
int class;
int len;
struct au_evclass_map cmap;
setauevent();
(void) exit_error(gettext(
"NO AUDIT EVENTS: Could not read %s\n."),
}
setauevent();
len = sizeof (struct au_evclass_map);
(void) printf("%s(%d):%s",
"UNKNOWN EVENT: Could not get class for event. Configuration may be bad.\n"));
} else {
(void) getauditflagschar(run_aflags,
&pmask, 0);
(void) getauditflagschar(conf_aflags,
&pmask, 0);
"%s(%d): CLASS MISMATCH: runtime class (%s) != configured class (%s)\n"),
}
}
}
endauevent();
}
/*
* The returned value is for the global zone unless AUDIT_PERZONE is
* set.
*/
static void
do_conf()
{
register au_event_ent_t *evp;
register int i;
i = 0;
setauevent();
++i;
}
}
endauevent();
}
/*
* The returned value is for the global zone unless AUDIT_PERZONE is
* set.
*/
static void
{
char buf[1024];
gettext("bad non-attributable flags in audit_control\n"));
exit(1);
}
gettext("bad audit flag value encountered\n"));
exit(1);
}
char kbuf[2048];
gettext("bad kernel non-attributable mask\n"));
exit(1);
}
}
}
/*
* The returned value is for the global zone unless AUDIT_PERZONE is
* set.
*/
static void
do_aconf()
{
char buf[2048];
gettext("bad non-attributable flags in audit_control\n"));
exit(1);
}
gettext("bad audit flag value encountered\n"));
exit(1);
}
}
static void
char *event;
char sorf;
int retval;
char *audit_str;
{
int rtn;
int rd;
} else
if (rtn == -1)
exit_error("%s\n%s %d\n",
gettext("Check audit event configuration."),
gettext("Could not get audit class for event number"),
/* record is preselected */
if (rtn == 1) {
"Could not get and audit record descriptor\n"));
"Could not allocate subject token\n"));
#ifdef _LP64
#else
#endif
"Could not allocate return token\n"));
"Could not construct return token of audit record\n"));
"Could not write audit record: %s\n"),
}
}
static void
{
}
static void
{
}
static void
{
}
/*
* per zone if AUDIT_PERZONE set, else only in global zone.
*/
static void
do_setkaudit(t, s)
char *t;
char *s;
{
}
/*
* returns zone-relative root
*/
static void
{
char path[MAXPATHLEN];
}
/*
* The returned value is for the global zone unless AUDIT_PERZONE is
* set.
*/
static void
char *event_str;
{
char *event_name;
char desc[256];
(au_event_ent_t *)NULL) {
} else
} else {
}
}
/*
* The returned value is for the global zone unless AUDIT_PERZONE is
* set. (AUC_DISABLED is always global, the other states are per zone
* if AUDIT_PERZONE is set)
*/
static void
{
char cond_str[16];
}
/*
* returned path is relative to zone root
*/
static void
{
char path[MAXPATHLEN];
}
/*
* The returned value is for the global zone unless AUDIT_PERZONE is
* set.
*/
static void
{
}
/*
* The returned value is for the global zone unless AUDIT_PERZONE is
* set. (some policies can only be set from the global zone, but all
* can be read from anywhere.)
*/
static void
{
char policy_str[1024];
}
static void
char *pid_str;
{
struct auditpinfo_addr ap;
else
exit_usage(1);
}
/*
* The returned value is for the global zone unless AUDIT_PERZONE is
* set.
*/
static void
{
}
/*
* The returned value is for the global zone unless AUDIT_PERZONE is
* set.
*/
static void
{
}
/*
* The returned value is for the global zone unless AUDIT_PERZONE is
* set.
*/
static void
{
}
/*
* The returned value is for the global zone unless AUDIT_PERZONE is
* set.
*/
static void
{
}
/*
* The returned value is for the global zone unless AUDIT_PERZONE is
* set.
*/
static void
{
}
static void
{
}
}
/*
* The stats are for the entire system unless AUDIT_PERZONE is set.
*/
static void
{
print_stats(&as);
}
static void
{
}
}
/*
* The returned value is for the global zone unless AUDIT_PERZONE is
* set.
*/
static void
{
}
/*ARGSUSED*/
static void
char *user;
{
}
/*
* The returned value is for the global zone unless AUDIT_PERZONE is
* set.
*/
static void
{
register au_event_ent_t *evp;
char auflags[256];
setauevent();
(void) exit_error(gettext(
"NO AUDIT EVENTS: Could not read %s\n."),
}
setauevent();
(void) printf("%-30s %5d %s %s\n",
}
endauevent();
}
/*
* The returned value is for the global zone unless AUDIT_PERZONE is
* set.
*/
static void
{
int i;
/*
* TRANSLATION_NOTE
* Print a properly aligned header.
*/
for (i = 0; i < POLICY_TBL_SZ; i++)
(void) printf("%-17s%s\n",
}
static void
char *sid_str;
char **argv;
{
struct auditinfo_addr ai;
}
}
}
static void
char *user_str;
char *mask_str;
char *tid_str;
char *sid_str;
char **argv;
{
}
static void
char *user;
char **argv;
{
}
static void
char *pid_str;
char *audit_flags;
{
struct auditpinfo ap;
else
exit_usage(1);
}
static void
char *asid_str;
char *audit_flags;
{
else
exit_usage(1);
}
static void
char *auid_str;
char *audit_flags;
{
else
exit_usage(1);
}
/*
* local zone use is valid if AUDIT_PERZONE is set, otherwise the
* syscall returns EPERM.
*/
static void
{
}
/*ARGSUSED*/
static void
char *user;
char *auditflags;
{
}
/*
* AUDIT_PERZONE set: valid in all zones
* AUDIT_PERZONE not set: valid in global zone only
*/
static void
char *event_str;
char *audit_flags;
{
int mask;
else {
}
if (strisnum(audit_flags))
else {
}
}
/*
* AUDIT_PERZONE set: valid in all zones
* AUDIT_PERZONE not set: valid in global zone only
*/
static void
char *audit_flags;
{
}
/*
* ahlt and perzone are global zone only; the other policies are valid
* in a local zone if AUDIT_PERZONE is set. The kernel insures that
* a local zone can't change ahlt and perzone (EINVAL).
*/
static void
char *policy_str;
{
case 2:
"policy (%s) invalid in a local zone."),
break;
default:
"Invalid policy (%s) specified."),
break;
case 0:
break;
}
}
/*
* AUDIT_PERZONE set: valid in all zones
* AUDIT_PERZONE not set: valid in global zone only
*/
static void
char *bufsz;
{
}
/*
* AUDIT_PERZONE set: valid in all zones
* AUDIT_PERZONE not set: valid in global zone only
*/
static void
char *hiwater;
char *lowater;
char *bufsz;
char *delay;
{
}
/*
* AUDIT_PERZONE set: valid in all zones
* AUDIT_PERZONE not set: valid in global zone only
*/
static void
char *delay;
{
}
/*
* AUDIT_PERZONE set: valid in all zones
* AUDIT_PERZONE not set: valid in global zone only
*/
static void
char *hiwater;
{
}
/*
* AUDIT_PERZONE set: valid in all zones
* AUDIT_PERZONE not set: valid in global zone only
*/
static void
char *lowater;
{
}
/*
* AUDIT_PERZONE set: valid in all zones
* AUDIT_PERZONE not set: valid in global zone only
*/
static void
{
struct auditinfo_addr ai;
}
}
}
/*
* AUDIT_PERZONE set: valid in all zones
* AUDIT_PERZONE not set: valid in global zone only
*/
static void
char *size;
{
}
static void
int cmd;
int length;
{
}
static void
{
}
static void
int size;
{
}
static void
int size;
{
}
static void
int size;
{
}
static void
char *auditflags;
{
return;
}
}
static au_event_ent_t *
{
return (evp);
}
static au_event_ent_t *
char *event_name;
{
register au_event_ent_t *evp;
return (evp);
}
static void
{
}
static void
int size;
{
}
static uid_t
char *user;
{
setpwent();
}
} else {
}
}
endpwent();
}
/*
* get_arg_ent()
* Inputs: command line argument string
* Returns ptr to policy_entry if found; null, if not found
*/
static struct arg_entry *
char *arg_str;
{
}
/*
* arg_ent_compare()
* Compares two command line arguments to determine which is
* lexicographically greater.
* Inputs: two argument map table entry pointers
* Returns: > 1: aep1->arg_str > aep2->arg_str
* < 1: aep1->arg_str < aep2->arg_str
* 0: aep1->arg_str = aep->arg_str2
*/
static int
{
}
/*
* Convert mask of the following forms:
*
* audit_flags (ie. +lo,-ad,pc)
* 0xffffffff,0xffffffff
* ffffffff,ffffffff
* 20,20
*/
static void
char *mask_str;
{
char sp[256];
char fp[256];
mp->am_success = 0;
mp->am_failure = 0;
/*
* a mask of the form +aa,bb,cc,-dd
*/
if (strisflags(mask_str)) {
/*
* a mask of the form 0xffffffff,0xffffffff or 1,1
*/
} else {
else
else
}
}
/*
* tid_str is major,minor,host -- host is a name or an ip address
*/
static void
{
int err;
*minor_str = '\0';
minor_str++;
}
if (minor_str)
*host_str = '\0';
host_str++;
}
if (major_str)
if (minor_str)
if (host_str) {
if (strisipaddr(host_str)) {
}
} else {
if (phe == 0) {
}
/* address is IPv6 (128 bits) */
} else {
/* address is IPv4 (32 bits) */
}
}
}
}
}
static int
char *cond_str;
{
*cond_str = '\0';
if (cond == AUC_AUDITING) {
return (0);
}
return (0);
}
return (0);
}
if (cond == AUC_NOSPACE) {
return (0);
}
return (1);
}
static struct policy_entry *
char *policy;
{
int i;
for (i = 0; i < POLICY_TBL_SZ; i++)
policy_table[i].policy_str) == 0)
return (&policy_table[i]);
return ((struct policy_entry *)NULL);
}
static int
{
char *buf;
char *tok;
char pfix;
struct policy_entry *pep;
pfix = *policy_str;
++policy_str;
return (1);
return (1);
} else {
is_all = 1;
}
}
if (pfix == '-') {
(pm & ~AUDIT_LOCAL))
return (2);
if (getzoneid() != GLOBAL_ZONEID)
curp &= AUDIT_LOCAL;
} else if (pfix == '+') {
/*
* if the user is in a local zone and tries ahlt or
* perzone, that's an error. But if the user uses "all"
* then make it work
*/
(pm & ~AUDIT_LOCAL))
return (2);
if (getzoneid() != GLOBAL_ZONEID) {
curp &= AUDIT_LOCAL;
if (is_all)
pm &= AUDIT_LOCAL;
}
} else {
pm &= AUDIT_LOCAL;
*policy_mask = pm;
}
return (0);
}
static int
char *policy_str;
{
int i, j;
if (policy == ALL_POLICIES) {
return (1);
}
if (policy == NO_POLICIES) {
return (1);
}
*policy_str = '\0';
for (i = 0, j = 0; i < POLICY_TBL_SZ; i++)
if (j++)
(void) strlcat(policy_str,
}
if (*policy_str)
return (0);
return (1);
}
static int
strisnum(s)
char *s;
{
if (s == (char *)NULL || !*s)
return (0);
for (; *s == '-' || *s == '+'; s++)
if (!*s)
return (0);
for (; *s; s++)
if (!isdigit(*s))
return (0);
return (1);
}
static int
strisflags(s)
char *s;
{
if (s == (char *)NULL || !*s)
return (0);
for (; *s; s++) {
if (!isalpha(*s) &&
(*s != '+' && *s != '-' && *s != '^' && *s != ','))
return (0);
}
return (1);
}
static int
strisipaddr(s)
char *s;
{
int dot = 0;
int colon = 0;
/* no string */
if ((s == (char *)NULL) || (!*s))
return (0);
for (; *s; s++) {
return (0);
if (*s == '.') dot++;
if (*s == ':') colon++;
}
return (0);
return (0);
return (1);
}
static void
char *s;
char *p1;
char *p2;
char c;
{
while (*s != '\0' && *s != c)
*p1++ = *s++;
*p1 = '\0';
s++;
while (*s != '\0')
*p2++ = *s++;
*p2 = '\0';
}
static char *
strtolower(s)
char *s;
{
char *save;
for (save = s; *s; s++)
(void) tolower(*s);
return (save);
}
static void
int etype;
{
if (etype == AC_KERN_EVENT) {
"specified.\n\t%d is outside allowable range 0-%d."),
}
} else { /* user event */
"Invalid user level audit event number specified %d."),
event);
}
}
}
static void
int etype;
char *event_str;
{
gettext("Invalid kernel audit event string specified.\n"
"\t\"%s\" appears to be a user level event. "
"Check configuration."),
} else if (etype == AC_USER_EVENT &&
gettext("Invalid user audit event string specified.\n"
"\t\"%s\" appears to be a kernel event. "
"Check configuration."),
}
}
static void
char *sorf_str;
{
}
static void
char *retval_str;
{
if (!strisnum(retval_str))
}
static void
char *tid_str;
{
int c;
char *p;
/* need two commas (maj,min,hostname) */
for (p = tid_str, c = 0; *p; p++)
if (*p == ',')
++c;
if (c != 2)
}
static void
char **argv;
{
char *shell;
if (*argv)
else {
*shell != '/')
}
}
/*
* exit_error()
* Desc: Prints an error message along with corresponding system
* error number and error message, then exits.
* Inputs: Program name, program error message.
*/
/*PRINTFLIKE1*/
static void
exit_error(char *fmt, ...)
{
if (errno)
exit(1);
}
static void
int status;
{
int i;
for (i = 0; i < ARG2_TBL_SZ; i++)
}
static void
{
}
static void
{
char *username;
setpwent();
else
endpwent();
}
static void
char *desc;
{
char auflags[512];
(void) printf("%s = %s(0x%x,0x%x)\n",
}
static void
char *desc;
{
}
static void
print_stats(s)
au_stat_t *s;
{
char buf[512];
"%n%4lu %n%4lu %n%4lu %n%4lu %n%4lu%n",
/*
* TRANSLATION_NOTE
* Print a properly aligned header.
*/
(void) printf("%*s %*s %*s %*s %*s %*s %*s %*s %*s %*s %*s %*s\n",
}
static void
{
char *hostname;
int err;
char buf[256];
char *bufp;
/* IPV6 or IPV4 address */
else
"terminal id (maj,min,host) = %u,%u,%s(%s)\n"),
} else {
sizeof (buf));
} else
"terminal id (maj,min,host) = %u,%u,%s(%s)\n"),
if (phe)
}
}
static int
char *s;
{
int j, sl;
char *ss;
unsigned int v;
if (strisipaddr(s)) {
return (0);
return (1);
}
return (0);
return (1);
}
return (1);
} else {
return (0);
}
ss = s;
for (j = 3; j >= 0; j--) {
if ((sl - 8) <= 0) {
(void) sscanf(s, "%x", &v);
addr[j] = v;
return (0);
}
addr[j] = v;
sl -= 8;
*ss = '\0';
}
}
return (0);
}
}
static int
char *s;
{
if (strcmp(s, "ipv6") == 0) {
return (0);
}
if (strcmp(s, "ipv4") == 0) {
return (0);
}
return (1);
}