libbsm/common/audit_crontab.c

/*
 * CDDL HEADER START
 *
 * The contents of this file are subject to the terms of the
 * Common Development and Distribution License, Version 1.0 only
 * (the "License").  You may not use this file except in compliance
 * with the License.
 *
 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
 * or http://www.opensolaris.org/os/licensing.
 * See the License for the specific language governing permissions
 * and limitations under the License.
 *
 * When distributing Covered Code, include this CDDL HEADER in each
 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
 * If applicable, add the following below this CDDL HEADER, with the
 * fields enclosed by brackets "[]" replaced with your own identifying
 * information: Portions Copyright [yyyy] [name of copyright owner]
 *
 * CDDL HEADER END
 */
/*
 * Copyright 2003 Sun Microsystems, Inc.  All rights reserved.
 * Use is subject to license terms.
 */
#pragma ident   "%Z%%M% %I% %E% SMI"

#include <sys/types.h>
#include <sys/stat.h>
#include <sys/systeminfo.h>
#include <bsm/audit.h>
#include <bsm/libbsm.h>
#include <bsm/audit_uevents.h>
#include <bsm/audit_private.h>
#include <unistd.h>
#include <stdlib.h>
#include <string.h>
#include <pwd.h>

#include <locale.h>
#include "generic.h"

#define AUDIT_GET_DIFFS_NO_CRONTAB  1
#define AUDIT_GET_DIFFS_CRONTAB     0
#define AUDIT_GET_DIFFS_ERR     -1
#define AUDIT_GET_DIFFS_NO_DIFFS    -2

static int  audit_crontab_get_diffs(char *cf, char *tmp_name,
            char **bufptr);

int
audit_crontab_modify(char *path, char *tmp_path, int sorf)
{
    int r, create = 0;
    char *diffs = NULL;

    if (cannot_audit(0)) {
        return (0);
    } else {
        au_event_t event;
        char *anc_name;
        auditinfo_addr_t ai;

        if (getaudit_addr(&ai, sizeof (ai))) {
            return (-1);
        }

        r = audit_crontab_get_diffs(path, tmp_path, &diffs);

        if (r == AUDIT_GET_DIFFS_NO_DIFFS) {
            return (0);
        }
        if (diffs != NULL && r != AUDIT_GET_DIFFS_ERR) {
            aug_save_text(diffs);
            free(diffs);
        }

        if (r == AUDIT_GET_DIFFS_NO_CRONTAB) {
            create = 1;
            if (diffs == NULL)
                aug_save_text("");
        }

        /*
         * create an ancilary file if audit characteristics exist
         * else delete an ancilary if if one exists
         */

        anc_name = audit_cron_make_anc_name(path);
        if (anc_name == NULL)
            r = -1;
        else if (audit_crontab_process_not_audited()) {
            (void) unlink(anc_name);
            free(anc_name);
        } else {
            r = audit_cron_setinfo(anc_name, &ai);
            free(anc_name);
        }
        aug_init();
        aug_save_auid(ai.ai_auid);
        aug_save_euid(geteuid());
        aug_save_egid(getegid());
        aug_save_uid(getuid());
        aug_save_gid(getgid());
        aug_save_pid(getpid());
        aug_save_asid(ai.ai_asid);
        aug_save_tid_ex(ai.ai_termid.at_port, ai.ai_termid.at_addr,
            ai.ai_termid.at_type);


        aug_save_path(path);
        event = (create) ? AUE_crontab_create : AUE_crontab_mod;
        aug_save_event(event);
        aug_save_sorf(sorf);

        if (aug_audit() != 0)
            return (-1);
        return (r);
    }
}

int
audit_crontab_delete(char *path, int sorf)
{
    int r = 0;

    if (cannot_audit(0)) {
        return (0);
    } else {
        char *anc_name;
        anc_name = audit_cron_make_anc_name(path);
        if (anc_name != NULL) {
            r = unlink(anc_name);
            free(anc_name);
        } else
            r = -1;

        aug_init();
        (void) aug_save_me();

        aug_save_path(path);
        aug_save_event(AUE_crontab_delete);
        aug_save_sorf(sorf);
        if (aug_audit() != 0)
            return (-1);
        return (r);
    }
}

/*
 * gets differences between old and new crontab files.
 * arguments:
 * cf        - name of crontab file
 * tmp_name  - name of new crontab file
 * bufptr    - pointer to an array of characters with
 *             either an error message or an output of "diff" command.
 *
 * results:
 * AUDIT_GET_DIFFS_ERR       - errors;
 *          file not exists (do not free *bufptr in this case)
 * AUDIT_GET_DIFFS_NO_DIFFS  - errors;
 *          file exists (do not free *bufptr in this case)
 * AUDIT_GET_DIFFS_CRONTAB      - OK, old crontab file exists.
 * AUDIT_GET_DIFFS_NO_CRONTAB   - OK. there is no crontab file.
 */
static int
audit_crontab_get_diffs(char *cf, char *tmp_name, char **bufptr)
{
    struct stat st, st_tmp;
    uid_t   euid;
    int len, r = AUDIT_GET_DIFFS_CRONTAB;
    char    *buf = NULL, err_buf[128];

    (void) memset(err_buf, 0, 128);
    euid = geteuid();
    if (seteuid(0) == -1) {
        r = AUDIT_GET_DIFFS_ERR;
        (void) snprintf(err_buf, sizeof (err_buf),
            "crontab: seteuid: %s\n", strerror(errno));
        goto exit_diff;
    }
    if (stat(cf, &st) == -1) {
        if (errno == ENOENT) {
            r = AUDIT_GET_DIFFS_NO_CRONTAB;
        } else {
            r = AUDIT_GET_DIFFS_ERR;
            (void) snprintf(err_buf, sizeof (err_buf),
                "crontab: %s: stat: %s\n",
                cf, strerror(errno));
            goto exit_diff;
        }
        len = 0;
    } else
        len = st.st_size;

    if (stat(tmp_name, &st_tmp) == -1) {
        r = AUDIT_GET_DIFFS_ERR;
        (void) snprintf(err_buf, sizeof (err_buf),
            "crontab: %s: stat: %s\n",
            tmp_name, strerror(errno));
        goto exit_diff;
    }

    if (st_tmp.st_size == 0 && len == 0) {
    /* there is no difference */
        r = AUDIT_GET_DIFFS_NO_DIFFS;
        *bufptr = NULL;
        goto exit_diff;
    }

exit_diff:
    /* return information on create or update crontab */
    (void) seteuid(euid);
    switch (r) {
    case AUDIT_GET_DIFFS_ERR:
        if (buf != NULL)
            free(buf);
        *bufptr = err_buf;
        break;
    case AUDIT_GET_DIFFS_NO_DIFFS:
        if (buf != NULL)
            free(buf);
        *bufptr = NULL;
        break;
    case AUDIT_GET_DIFFS_CRONTAB:
        if (buf != NULL) {
            if (strlen(buf) != 0) {
                *bufptr = buf;
            } else {
                r = AUDIT_GET_DIFFS_NO_DIFFS;
                *bufptr = NULL;
            }
        }
        break;
    case AUDIT_GET_DIFFS_NO_CRONTAB:
        if (buf != NULL) {
            if (strlen(buf) != 0) {
                *bufptr = buf;
            } else {
                *bufptr = NULL;
                free(buf);
            }
        }
        break;
    }

    return (r);
}

/*
 * audit_crontab_not_allowed determines if we have a case that should be audited
 * but we can't.  If auditing is enabled but the current process is not
 * audited, then the ruid of the user doing the editing must be the owner
 * id of the file to be edited.
 *
 * When audit_crontab_not_allowed is called, ruid is for the crontab file
 * to be modified or created.
 */

#define PWD_BUFFER_SIZE 512

int
audit_crontab_not_allowed(uid_t ruid, char *user) {
    struct passwd       pwd;
    char            buffer[PWD_BUFFER_SIZE];
    int         rc = 0;     /* 0 == allow */

    if (!cannot_audit(0)) {         /* allow access if audit off */
        if (getpwnam_r(user, &pwd, buffer, PWD_BUFFER_SIZE) == NULL) {
            rc = 1;         /* deny access if invalid */
        } else if (ruid == pwd.pw_uid)
            rc = 0;         /* editing his own crontab */
        else
            rc = audit_crontab_process_not_audited();
    }
    return (rc);
}

int
audit_crontab_process_not_audited() {
    struct auditpinfo_addr  info;
    int rc;

    info.ap_pid = getpid();
    if (auditon(A_GETPINFO_ADDR, (caddr_t)&info, sizeof (info)) != 0)
        rc = 0;         /* audit failure: not enabled */
    else
        rc = (info.ap_auid == AU_NOAUDITID);

    return (rc);
}