PERFORCE change 96045 for review
Christian S.J. Peron
csjp at FreeBSD.org
Tue Apr 25 01:10:48 UTC 2006
http://perforce.freebsd.org/chv.cgi?CH=96045
Change 96045 by csjp at csjp_xor on 2006/04/25 01:10:40
Switch to use openbsm's audit_submit(3) instead of rolling our own.
- Remove enums for audit success and failure
- drop audit_su
- drop prototype for audit_su
Affected files ...
.. //depot/projects/trustedbsd/audit3/usr.bin/su/su.c#14 edit
Differences ...
==== //depot/projects/trustedbsd/audit3/usr.bin/su/su.c#14 (text+ko) ====
@@ -137,7 +137,6 @@
} while (0)
enum tristate { UNSET, YES, NO };
-enum auditevents { AUDIT_SU_FAILURE, AUDIT_SU_SUCCESS };
static pam_handle_t *pamh = NULL;
static char **environ_pam;
@@ -147,9 +146,6 @@
static void usage(void) __dead2;
static void export_pam_environment(void);
static int ok_to_export(const char *);
-#ifdef USE_BSM_AUDIT
-static void audit_su(au_id_t, int, const char *, ...);
-#endif
extern char **environ;
@@ -224,7 +220,9 @@
if (strlen(user) > MAXLOGNAME - 1) {
#ifdef USE_BSM_AUDIT
- audit_su(getuid(), AUDIT_SU_FAILURE, "username too long");
+ if (audit_submit(AUE_su, getuid(),
+ 1, EPERM, "username too long"))
+ errx(1, "Permission denied");
#endif
errx(1, "username too long");
}
@@ -257,8 +255,9 @@
pwd = getpwuid(ruid);
if (pwd == NULL) {
#ifdef USE_BSM_AUDIT
- audit_su(getuid(), AUDIT_SU_FAILURE,
- "unable to determain invoking subject");
+ if (audit_submit(AUE_su, getuid(), 1, EPERM,
+ "unable to determain invoking subject"))
+ errx(1, "Permission denied");
#endif
errx(1, "who are you?");
}
@@ -298,15 +297,17 @@
retcode = pam_authenticate(pamh, 0);
if (retcode != PAM_SUCCESS) {
#ifdef USE_BSM_AUDIT
- audit_su(ruid, AUDIT_SU_FAILURE, "bad su %s to %s on %s",
- username, user, mytty);
+ if (audit_submit(AUE_su, ruid, 1, EPERM, "bad su %s to %s on %s",
+ username, user, mytty))
+ errx(1, "Permission denied");
#endif
syslog(LOG_AUTH|LOG_WARNING, "BAD SU %s to %s on %s",
username, user, mytty);
errx(1, "Sorry");
}
#ifdef USE_BSM_AUDIT
- audit_su(ruid, AUDIT_SU_SUCCESS, "successful authentication");
+ if (audit_submit(AUE_su, ruid, 0, 0, "successful authentication"))
+ errx(1, "Permission denied");
#endif
retcode = pam_get_item(pamh, PAM_USER, (const void **)&p);
if (retcode == PAM_SUCCESS)
@@ -317,8 +318,9 @@
pwd = getpwnam(user);
if (pwd == NULL) {
#ifdef USE_BSM_AUDIT
- audit_su(getuid(), AUDIT_SU_FAILURE,
- "unknown subject: %s", user);
+ if (audit_submit(AUE_su, getuid(), 1, EPERM,
+ "unknown subject: %s", user))
+ errx(1, "Permission denied");
#endif
errx(1, "unknown login: %s", user);
}
@@ -329,9 +331,10 @@
PAM_CHANGE_EXPIRED_AUTHTOK);
if (retcode != PAM_SUCCESS) {
#ifdef USE_BSM_AUDIT
- audit_su(getuid(), AUDIT_SU_FAILURE,
+ if (audit_submit(AUE_su, getuid(), 1, EPERM,
"pam_chauthtok: %s",
- pam_strerror(pamh, retcode));
+ pam_strerror(pamh, retcode)))
+ errx(1, "Permission denied");
#endif
syslog(LOG_ERR, "pam_chauthtok: %s",
pam_strerror(pamh, retcode));
@@ -340,8 +343,9 @@
}
if (retcode != PAM_SUCCESS) {
#ifdef USE_BSM_AUDIT
- audit_su(getuid(), AUDIT_SU_FAILURE, "pam_acct_mgmt: %s",
- pam_strerror(pamh, retcode));
+ if (audit_submit(AUE_su, getuid(), 1, EPERM, "pam_acct_mgmt: %s",
+ pam_strerror(pamh, retcode)))
+ errx(1, "Permission denied");
#endif
syslog(LOG_ERR, "pam_acct_mgmt: %s",
pam_strerror(pamh, retcode));
@@ -354,8 +358,9 @@
else {
if (ruid != 0) {
#ifdef USE_BSM_AUDIT
- audit_su(getuid(), AUDIT_SU_FAILURE,
- "only root may use -c");
+ if (audit_submit(AUE_su, getuid(), 1, EPERM,
+ "only root may use -c"))
+ errx(1, "Permission denied");
#endif
errx(1, "only root may use -c");
}
@@ -632,90 +637,3 @@
snprintf(buf, sizeof(buf), " on %s", p);
return buf;
}
-
-#ifdef USE_BSM_AUDIT
-static void
-audit_su(au_id_t au_ctx, int what, const char *fmt, ...)
-{
- token_t *token;
- long acond;
- int afd;
- au_tid_t termid;
- pid_t pid;
- char text[1024];
- va_list ap;
-
- if (auditon(A_GETCOND, &acond, sizeof(long)) < 0) {
- /*
- * If auditon(2) returns ENOSYS, then audit has not been
- * compiled into the kernel, so just return.
- */
- if (errno == ENOSYS)
- return;
- syslog(LOG_AUTH | LOG_ERR, "audit: auditon failed: %s",
- strerror(errno));
- errx(1, "Permission denied");
- }
- if (acond == AUC_NOAUDIT)
- return;
- afd = au_open();
- if (afd < 0) {
- syslog(LOG_AUTH | LOG_ERR, "audit: au_open failed: %s",
- strerror(errno));
- errx(1, "Permission denied");
- }
- /* XXX what should we do for termid? */
- bzero(&termid, sizeof(termid));
- pid = getpid();
- token = au_to_subject32(au_ctx, geteuid(), getegid(),
- getuid(), getgid(), pid, pid, &termid);
- if (token == NULL) {
- syslog(LOG_AUTH | LOG_ERR,
- "audit: unable to build subject token");
- errx(1, "Permission denied");
- }
- if (au_write(afd, token) < 0) {
- syslog(LOG_AUTH | LOG_ERR,
- "audit: au_write failed: %s", strerror(errno));
- errx(1, "Permission denied");
- }
- if (fmt != NULL) {
- va_start(ap, fmt);
- (void) vsnprintf(&text[0], sizeof(text) - 1, fmt, ap);
- va_end(ap);
- token = au_to_text(&text[0]);
- if (token == NULL) {
- syslog(LOG_AUTH | LOG_ERR,
- "audit: failed to generate text token");
- errx(1, "Permission denied");
- }
- if (au_write(afd, token) < 0) {
- syslog(LOG_AUTH | LOG_ERR,
- "audit: au_write failed: %s", strerror(errno));
- errx(1, "Permission denied");
- }
- }
- switch (what) {
- case AUDIT_SU_FAILURE:
- token = au_to_return32(1, EPERM);
- break;
- case AUDIT_SU_SUCCESS:
- token = au_to_return32(0, 0);
- break;
- }
- if (token == NULL) {
- syslog(LOG_AUTH | LOG_ERR,
- "audit: enable to build return token");
- errx(1, "Permission denied");
- }
- if (au_write(afd, token) < 0) {
- syslog(LOG_AUTH | LOG_ERR,
- "audit: au_write failed: %s", strerror(errno));
- errx(1, "Permission denied");
- }
- if (au_close(afd, 1, AUE_su) < 0) {
- syslog(LOG_AUTH | LOG_ERR, "audit: record not committed");
- errx(1, "Permission denied");
- }
-}
-#endif
More information about the p4-projects
mailing list