audit_cron.c revision ec923578dda4b00379ef69992f7046a207e57328
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2008 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#pragma ident "%Z%%M% %I% %E% SMI"
#include <sys/systeminfo.h>
#include <bsm/audit_uevents.h>
#include <bsm/audit_private.h>
#include <unistd.h>
#include <wait.h>
#include <fcntl.h>
#include <pwd.h>
#include <string.h>
#include <stdlib.h>
#include <errno.h>
#include <syslog.h>
#include <libgen.h>
#include <locale.h>
#include "generic.h"
#define F_AUID "%d\n"
#define F_SMASK "%x\n"
#define F_FMASK "%x\n"
#define F_PORT "%lx\n"
#define F_TYPE "%x\n"
#define F_MACH "%x %x %x %x\n"
#define F_ASID "%u\n"
#define AU_SUFFIX ".au"
#define ANC_BAD_FILE -1
#define ANC_BAD_FORMAT -2
#define AUDIT_CRON_TEXTBUF 256
static char textbuf[AUDIT_CRON_TEXTBUF];
int
{
return (!cannot_audit(0));
}
static void
audit_cron_syslog(const char *message) {
static int is_open = 0;
if (!is_open) {
is_open = 1;
}
}
/*
* audit_cron_getinfo returns the audit characteristics from the relevant
* auxiliary file, it if exists. If not, it creates them from the crontab
* or atjob uid.
*/
static int
{
int fd;
char pwd_buff[1024];
static char *msg =
"Used defaults instead of ancilary audit file";
/* no syslog here; common case */
goto make_it_up;
}
/* no syslog here either; common case */
goto delete_first;
}
goto delete_first;
}
goto delete_first;
}
return (0);
"Failed to remove invalid ancilary audit file");
}
/* intentionally falls through */
return (-1);
/* port and IP are zero */
/* the caller is the child of cron which will run the job. */
return (-1); /* getpwnam_r sets errno */
} else {
NULL)
return (-1); /* getpwuid_r sets errno */
}
return (-1);
}
return (0);
}
int
{
int save_err;
return (-1);
return (-1);
goto audit_setinfo_clean;
goto audit_setinfo_clean;
return (0);
return (-1);
}
char *
audit_cron_make_anc_name(char *fname)
{
char *anc_name;
return (NULL);
return (anc_name);
}
int
audit_cron_is_anc_name(char *name)
{
int pos;
if (pos <= 0)
return (0);
return (1);
return (0);
}
static void
{
const char *mess;
if (type == 0)
"at-job session for user %s failed: ancillary file: %s");
else
"crontab job session for user %s failed: ancillary file: %s");
aug_save_sorf(4);
(void) aug_audit();
}
int
char *name,
char *path,
char *at_jobname)
{
struct auditinfo_addr info;
int r = 0;
if (cannot_audit(0)) {
return (0);
}
/* get auditinfo from ancillary file */
if (at_jobname == NULL) {
/*
* this is a cron-event, so we can get
* filename from "name" arg
*/
r = -1;
}
fname);
}
} else {
/* this is an at-event, use "at_jobname" */
fname = at_jobname;
}
if (r == 0) {
r = -1;
} else {
}
}
if (r != 0) {
char *err_str;
if (r == ANC_BAD_FORMAT)
else
at_jobname == NULL,
err_str);
return (r);
}
aug_init();
/* get current audit masks */
}
/* save audit attributes for further use in current process */
aug_save_pid(getpid());
/* set mixed audit masks */
}
/*
* audit_cron_new_job - create audit record with an information
* about new job started by cron.
* args:
* cmd - command being run by cron daemon.
* type - type of job (0 - at-job, 1 - crontab job).
* event - not used. pointer to cron event structure.
*/
/*ARGSUSED*/
void
{
if (cannot_audit(0))
return;
if (type == 0) {
} else if (type == 1) {
} else if (type == 2) {
} else {
}
aug_save_sorf(0);
(void) aug_audit();
}
void
audit_cron_bad_user(char *name)
{
if (cannot_audit(0))
return;
aug_save_sorf(2);
(void) aug_audit();
}
void
audit_cron_user_acct_expired(char *name)
{
if (cannot_audit(0))
return;
"user %s account expired"), name);
aug_save_sorf(3);
(void) aug_audit();
}
int
{
int pid;
char *anc_name;
if (cannot_audit(0))
return (0);
return (0);
return (-1);
}
return (-1);
}
/* generate new pid to use it as asid */
if (pid == -1) {
return (-1);
}
if (pid == 0)
exit(0);
else {
/*
* we need to clear status of children for
* wait() call in "cron"
*/
int lock;
}
return (-1);
}
}
return (0);
}
int
{
char *anc_name;
int r;
return (0);
return (-1);
}
return (r);
}