f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * CDDL HEADER START
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * The contents of this file are subject to the terms of the
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * Common Development and Distribution License (the "License").
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * You may not use this file except in compliance with the License.
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * See the License for the specific language governing permissions
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * and limitations under the License.
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * When distributing Covered Code, include this CDDL HEADER in each
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * If applicable, add the following below this CDDL HEADER, with the
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * fields enclosed by brackets "[]" replaced with your own identifying
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * information: Portions Copyright [yyyy] [name of copyright owner]
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * CDDL HEADER END
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * Copyright (c) 2009, 2010, Oracle and/or its affiliates. All rights reserved.
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel/* auditd smf(5)/libscf(3LIB) interface - set and display audit parameters */
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel/* propvec array must be NULL terminated */
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * prt_error() - prt_error_va() wrapper; see prt_error_va() for more contextual
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * information. Note, that the function disregards errno; if you need to print
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * out strerror()/errno use directly prt_error_va().
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * Inputs - program error format and message.
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel/*PRINTFLIKE1*/
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * prt_error_va() - prints an error message along with corresponding system
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * error number. Inputs - program error format and the va_list already prepared
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * by the preceding functions.
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel/*PRINTFLIKE1*/
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * prt_scf_err() - scf_error()/scf_strerror() wrapper.
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel (void) fprintf(stderr, "error: %s\n", scf_strerror(scf_error()));
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * add_prop_vect_scf() - adds vector to the array of vectors later passed to
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * get_/set_val_scf(). The first argument (vector) points to particular position
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * in the vector of properties.
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedeladd_prop_vect_scf(scf_propvec_t *vector, const char *prop_str,
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * get_val_scf() - get a property values from the audit service
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * Arguments: vector = pointers to the head end of array of property vectors
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * pgroup_str = property group of property in AUDITD_FMRI
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedelget_val_scf(scf_propvec_t *vector, char *pgroup_str)
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * Get the property vector from the editing snapshot (B_FALSE).
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * For documentation on property vectors see <libscf_priv.h>.
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel if (scf_read_propvec(AUDITD_FMRI, pgroup_str, B_FALSE, vector,
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel prt_error(gettext("Reading the %s property in the %s "
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel "property group failed.\n"), bad_prop_vec->pv_prop,
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * set_val_scf() - set property values of the audit service.
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * arguments: vector = pointers to the head end of array of property vectors
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * pgroup_str = property group of property in AUDITD_FMRI
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedelset_val_scf(scf_propvec_t *vector, char *pgroup_str)
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel /* for documentation on property vectors see <libscf_priv.h> */
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel if (scf_write_propvec(AUDITD_FMRI, pgroup_str, vector,
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel prt_error(gettext("Setting the %s property in the %s "
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel "property group failed.\n"), bad_prop_vec->pv_prop,
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * free_prop_vect() - deallocate heap memory used for propvect values.
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel if (stack_inbounds(prop_vect_ptr->pv_ptr) == 0) {
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * chk_prop_vect() - check for prop_vect boundaries and possibly process
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * (typically) full prop_vect.
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedelchk_prop_vect(scf_propvec_t **prop_vect_ptr, char *pgrp_str)
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel DPRINT((dbfp, "prop_vect is full; flushing\n"));
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * get_props_kva_all() - get all properties and fill in the plugin_kva.
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedelget_props_kva_all(asi_scfhandle_t *handle, asi_scfhandle_iter_t *handle_iter,
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel while (scf_iter_next_property(handle_iter->prop, handle->prop) == 1) {
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel if (scf_property_get_name(handle->prop, key_buf,
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * We do not fully support multi-valued properties.
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * scf_property_get_value() only supports single-valued
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * properties. It returns SCF_ERROR_CONSTRAINT_VIOLATED and one
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * of the property values. The audit service configuration
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * values are all single-valued properties. The authorizations
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * to configure and read the audit service properties may be
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * multi-valued, these may safely be ignored here as not an
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel if (scf_property_type(handle->prop, &prop_type) == -1) {
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel if (scf_value_get_boolean(handle_iter->prop_val,
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel len = snprintf(attr_buf, PLUGIN_MAXATT, "%s=%d;",
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel if (strlcat(attr_string, attr_buf, PLUGIN_MAXATT) >=
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel if (scf_value_get_as_string(handle_iter->prop_val,
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel len = snprintf(attr_buf, PLUGIN_MAXATT, "%s=%s;",
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel if (strlcat(attr_string, attr_buf, PLUGIN_MAXATT) >=
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel len = snprintf(attr_buf, PLUGIN_MAXATT, "%s=%llu;",
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel if (strlcat(attr_string, attr_buf, PLUGIN_MAXATT) >=
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel (void) printf("Unsupported value type %s [%d]\n",
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel (*plugin_kva = _str2kva(attr_string, "=", ";")) == NULL) {
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel prt_error(gettext("Empty or invalid attribute string."));
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * get_plugin_kva() - get and save config attributes of given plugin plugin_str
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * (or all plugins in case plugin_str == NULL) into scf_plugin_kva_node_t.
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedelget_plugin_kva(asi_scfhandle_t *handle, asi_scfhandle_iter_t *handle_iter,
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel scf_plugin_kva_node_t **plugin_kva_ll, char *plugin_str)
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel if (scf_iter_instance_pgs_typed(handle_iter->pgrp, handle->inst,
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel while (scf_iter_next_pg(handle_iter->pgrp, handle->pgrp) == 1) {
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel if (scf_pg_get_name(handle->pgrp, plugin_str_tmp,
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel calloc(1, sizeof (scf_plugin_kva_node_t))) == NULL) {
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel (void) strlcat((char *)&(node->plugin_name), plugin_str_tmp,
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel if (_kva2str(node_debug->plugin_kva, attr_string,
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * scf_free() - free scf handles
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * scf_init() - initiate scf handles
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel if ((handle->hndl = scf_handle_create(SCF_VERSION)) == NULL ||
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel if ((handle->inst = scf_instance_create(handle->hndl)) == NULL) {
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel if ((handle->pgrp = scf_pg_create(handle->hndl)) == NULL) {
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel if ((handle->prop = scf_property_create(handle->hndl)) == NULL) {
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * scf_free_iter() - free scf iter handles
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * scf_init_iter() - initiate scf iter handles
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel bzero(handle_iter, sizeof (asi_scfhandle_iter_t));
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel if ((handle_iter->pgrp = scf_iter_create(handle->hndl)) == NULL) {
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel if ((handle_iter->prop = scf_iter_create(handle->hndl)) == NULL) {
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel if ((handle_iter->prop_val = scf_value_create(handle->hndl)) == NULL) {
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * chk_policy_context() - does some policy based checks, checks the context
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * (zone, smf) in which the policy could make some sense.
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * "all" and "none" policy flags, since they represent
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * sub/set of auditing policies, are not stored in the
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * AUDITD_FMRI service instance configuration.
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel DPRINT((dbfp, "Walking policy - %s: ", policy_str));
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * In the local zone (!= GLOBAL_ZONEID) we do not touch
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * "ahlt" and "perzone" policy flags, since these are
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * relevant only in the global zone.
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * free_static_att_kva() - free hardcoded/static plugin attributes (key/value
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * pairs) from the kva plugin structure.
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel _kva_free_value(plugin_kva, "read_authorization");
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel _kva_free_value(plugin_kva, "value_authorization");
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * do_getqctrl_scf() - get the values of qctrl properties of the audit service
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel add_prop_vect_scf(prop_vect_ptr++, QUEUECTRL_QHIWATER,
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel add_prop_vect_scf(prop_vect_ptr++, QUEUECTRL_QLOWATER,
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel add_prop_vect_scf(prop_vect_ptr++, QUEUECTRL_QBUFSZ,
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel add_prop_vect_scf(prop_vect_ptr, QUEUECTRL_QDELAY,
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel if (!get_val_scf(prop_vect, ASI_PGROUP_QUEUECTRL)) {
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel cval->aq_hiwater = (size_t)cval_scf.scf_qhiwater;
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel cval->aq_lowater = (size_t)cval_scf.scf_qlowater;
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * do_getqbufsz_scf() - get the qbufsz audit service property value
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel add_prop_vect_scf(prop_vect, QUEUECTRL_QBUFSZ, SCF_TYPE_COUNT, &cval_l);
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel if (!get_val_scf(prop_vect, ASI_PGROUP_QUEUECTRL)) {
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * do_getqdelay_scf() - get the qdelay audit service property value
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel add_prop_vect_scf(prop_vect, QUEUECTRL_QDELAY, SCF_TYPE_COUNT, &cval_l);
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel if (!get_val_scf(prop_vect, ASI_PGROUP_QUEUECTRL)) {
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * do_getqhiwater_scf() - get the qhiwater audit service property value
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel add_prop_vect_scf(prop_vect, QUEUECTRL_QHIWATER, SCF_TYPE_COUNT,
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel if (!get_val_scf(prop_vect, ASI_PGROUP_QUEUECTRL)) {
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * do_getqlowater_scf() - get the qlowater audit service property value
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel add_prop_vect_scf(prop_vect, QUEUECTRL_QLOWATER, SCF_TYPE_COUNT,
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel if (!get_val_scf(prop_vect, ASI_PGROUP_QUEUECTRL)) {
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * do_getpolicy_scf() - get the audit policy flags from service
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel /* prepare the smf(5) query */
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel for (i = 0; i < POLICY_TBL_SZ; i++) {
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel /* Do some basic policy dependent checks */
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel add_prop_vect_scf(prop_vect_ptr++, cur_policy_str,
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel if (!get_val_scf(prop_vect, ASI_PGROUP_POLICY)) {
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel /* set the policy mask */
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel *policy_mask |= get_policy(policy_arr_ptr->policy);
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * do_setpolicy_scf() - sets the policy flags in audit service configuration
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel for (i = 0; i < POLICY_TBL_SZ; i++) {
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel /* Do some basic policy dependent checks */
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel DPRINT((dbfp, "%s%s\n", (*bool_arr_ptr == B_TRUE ? "+" : "-"),
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel add_prop_vect_scf(prop_vect_ptr++, cur_policy_str,
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel return (set_val_scf(prop_vect, ASI_PGROUP_POLICY));
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * do_setqctrl_scf() - set the values of qctrl properties of the audit service
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel if (!CHK_BDRY_QHIWATER(cval->aq_lowater, cval->aq_hiwater) &&
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel (void) printf(gettext("Specified audit queue hiwater mark is "
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel "outside of allowed boundaries.\n"));
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel if (!CHK_BDRY_QLOWATER(cval->aq_lowater, cval->aq_hiwater) &&
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel (void) printf(gettext("Specified audit queue lowater mark is "
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel "outside of allowed boundaries.\n"));
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel if (!CHK_BDRY_QBUFSZ(cval->aq_bufsz) && cval->aq_bufsz != 0) {
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel (void) printf(gettext("Specified audit queue buffer size is "
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel "outside of allowed boundaries.\n"));
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel if (!CHK_BDRY_QDELAY(cval->aq_delay) && cval->aq_delay != 0) {
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel (void) printf(gettext("Specified audit queue delay is "
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel "outside of allowed boundaries.\n"));
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel cval_scf.scf_qhiwater = (uint64_t)cval->aq_hiwater;
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel cval_scf.scf_qlowater = (uint64_t)cval->aq_lowater;
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel add_prop_vect_scf(prop_vect_ptr++, QUEUECTRL_QHIWATER, SCF_TYPE_COUNT,
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel add_prop_vect_scf(prop_vect_ptr++, QUEUECTRL_QLOWATER, SCF_TYPE_COUNT,
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel add_prop_vect_scf(prop_vect_ptr++, QUEUECTRL_QBUFSZ, SCF_TYPE_COUNT,
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel add_prop_vect_scf(prop_vect_ptr, QUEUECTRL_QDELAY, SCF_TYPE_COUNT,
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel return (set_val_scf(prop_vect, ASI_PGROUP_QUEUECTRL));
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * do_setqbufsz_scf() - set the qbufsz property value of the audit service
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel (void) printf(gettext("Specified audit queue buffer size is "
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel "outside of allowed boundaries.\n"));
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel add_prop_vect_scf(prop_vect, QUEUECTRL_QBUFSZ, SCF_TYPE_COUNT, &cval_l);
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel return (set_val_scf(prop_vect, ASI_PGROUP_QUEUECTRL));
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * do_setqdelay_scf() - set the qdelay property value of the audit service
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel (void) printf(gettext("Specified audit queue delay is "
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel "outside of allowed boundaries.\n"));
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel add_prop_vect_scf(prop_vect, QUEUECTRL_QDELAY, SCF_TYPE_COUNT, &cval_l);
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel return (set_val_scf(prop_vect, ASI_PGROUP_QUEUECTRL));
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * do_setqhiwater_scf() - set the qhiwater property value of the audit service
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel (void) printf(gettext("Could not get configured value of "
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel "queue lowater mark.\n"));
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel if (!CHK_BDRY_QHIWATER(cval_lowater, *cval) && *cval != 0) {
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel (void) printf(gettext("Specified audit queue hiwater mark is "
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel "outside of allowed boundaries.\n"));
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel add_prop_vect_scf(prop_vect, QUEUECTRL_QHIWATER, SCF_TYPE_COUNT,
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel return (set_val_scf(prop_vect, ASI_PGROUP_QUEUECTRL));
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * do_setqlowater_scf() - set the qlowater property value of the audit service
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel (void) printf(gettext("Could not get configured value of "
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel "queue hiwater mark.\n"));
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel if (!CHK_BDRY_QLOWATER(*cval, cval_hiwater) && *cval != 0) {
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel (void) printf(gettext("Specified audit queue lowater mark is "
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel "outside of allowed boundaries.\n"));
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel add_prop_vect_scf(prop_vect, QUEUECTRL_QLOWATER, SCF_TYPE_COUNT,
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel return (set_val_scf(prop_vect, ASI_PGROUP_QUEUECTRL));
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * do_getflags_scf() - get the audit attributable flags from service
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel add_prop_vect_scf(prop_vect, PRESELECTION_FLAGS, SCF_TYPE_ASTRING,
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel if (!get_val_scf(prop_vect, ASI_PGROUP_PRESELECTION)) {
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * do_getnaflags_scf() - get the audit non-attributable flags from service
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel add_prop_vect_scf(prop_vect, PRESELECTION_NAFLAGS, SCF_TYPE_ASTRING,
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel if (!get_val_scf(prop_vect, ASI_PGROUP_PRESELECTION)) {
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * do_setflags_scf() - set the attributable mask property value of the audit
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel add_prop_vect_scf(prop_vect, PRESELECTION_FLAGS, SCF_TYPE_ASTRING,
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel return (set_val_scf(prop_vect, ASI_PGROUP_PRESELECTION));
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * do_setnaflags_scf() - set the attributable mask property value of the audit
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel add_prop_vect_scf(prop_vect, PRESELECTION_NAFLAGS, SCF_TYPE_ASTRING,
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel return (set_val_scf(prop_vect, ASI_PGROUP_PRESELECTION));
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * plugin_avail_scf() - look for the plugin in the audit service configuration
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel if (plugin_str == NULL || *plugin_str == '\0') {
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel if ((sh = scf_general_pg_setup(AUDITD_FMRI, plugin_str)) == NULL) {
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel DPRINT((dbfp, "No such plugin found: %s (%s)\n", plugin_str,
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * do_getpluginconfig_scf() - get plugin configuration from the audit service
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * configuration.
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedeldo_getpluginconfig_scf(char *plugin_str, scf_plugin_kva_node_t **plugin_kva_ll)
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel if (plugin_str == NULL || *plugin_str == '\0') {
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel if (asprintf(&asi_fmri, "%s", AUDITD_FMRI) == -1) {
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel SCF_FMRI_PROPERTYGRP_PREFIX, plugin_str) == -1) {
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel DPRINT((dbfp, "%s will be decoded\n", asi_fmri));
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel prt_error(gettext("Unable to initialize scf handles."));
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel if (scf_handle_decode_fmri(handle.hndl, asi_fmri, NULL, NULL,
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel handle.inst, plugin_all ? NULL : handle.pgrp, NULL,
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel prt_error(gettext("Unable to initialize scf iter handles."));
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel rv = get_plugin_kva(&handle, &handle_iter, plugin_kva_ll, NULL);
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel rv = get_plugin_kva(&handle, &handle_iter, plugin_kva_ll,
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * do_setpluginconfig_scf() - set plugin configuration in the audit service
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * configuration.
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedeldo_setpluginconfig_scf(char *plugin_str, boolean_t plugin_state,
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel uint64_t plugin_qsize_l = (uint64_t)plugin_qsize;
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel DPRINT((dbfp, "Auditd plugin configuration to be set:\n\tplugin=%s\n\t"
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel "state=%d (%s)\n\tattributes=%s\n\tqsize=%d%s\n", plugin_str,
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel plugin_state, plugin_state == B_TRUE ? "active" : "inactive",
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel plugin_att == NULL ? " (unspecified)" : plugin_att,
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel plugin_qsize, plugin_qsize == -1 ? " (unspecified)" : ""));
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel /* get rid of white-space chars */
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel DPRINT((dbfp, "attributes (no white-space): %s\n", plugin_att));
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel /* allow empty plugin_att */
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel plugin_att_kva = _str2kva(plugin_att, "=", ";");
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel "attributes."));
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel /* set state */
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel add_prop_vect_scf(prop_vect_ptr++, PLUGIN_ACTIVE, SCF_TYPE_BOOLEAN,
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel DPRINT((dbfp, "Prepared active -> %d\n", plugin_state));
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel /* set attributes */
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel if (!chk_prop_vect(&prop_vect_ptr, plugin_str)) {
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel prt_error(gettext("Could not get configuration for "
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel if ((plugin_prop_type = scf_simple_prop_type(plugin_prop))
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel prt_error(gettext("Could not get property type: %s"),
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel pval_bool = (uint8_t *)malloc(sizeof (uint8_t));
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel prt_error(gettext("No free memory available."));
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel prt_error(gettext("No free memory available."));
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel pval_count = (uint64_t *)malloc(sizeof (uint64_t));
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel prt_error(gettext("No free memory available."));
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel prt_error(gettext("Unsupported property type: %s (%d)"),
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel DPRINT((dbfp, "Prepared %s -> %s\n", data->key, data->value));
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel if (!chk_prop_vect(&prop_vect_ptr, plugin_str)) {
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel /* set qsize */
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel add_prop_vect_scf(prop_vect_ptr, PLUGIN_QSIZE, SCF_TYPE_COUNT,
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel DPRINT((dbfp, "Prepared qsize -> %d\n", plugin_qsize));
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * plugin_kva_ll_free() - free the memory used by plugin kva linked list.
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel * get_policy() - get policy mask entry
f89940742f5d14dde79b69b98a414dd7b7f585c7Jan Friedel for (i = 0; i < POLICY_TBL_SZ; i++) {