PERFORCE change 64266 for review

Andrew R. Reiter arr at FreeBSD.org
Thu Nov 4 22:36:37 GMT 2004 

http://perforce.freebsd.org/chv.cgi?CH=64266

Change 64266 by arr at arr_audit3_d400laptop on 2004/11/04 22:36:02

	- Roll back auditon.c change to use Audit API instead of
	   syscall(2) hack.  Robert pointed out that the stubs are auto-
	   generated.
	- Modify auditd code to use the Audit API instead of syscall(2).

Affected files ...

.. //depot/projects/trustedbsd/audit3/contrib/audit_supt/auditd/auditd.c#7 edit
.. //depot/projects/trustedbsd/audit3/usr.sbin/auditon/auditon.c#3 edit

Differences ...

==== //depot/projects/trustedbsd/audit3/contrib/audit_supt/auditd/auditd.c#7 (text+ko) ====

@@ -26,7 +26,6 @@
 #include <sys/mman.h>
 #include <sys/queue.h>
 #include <sys/stat.h>
-#include <sys/syscall.h>
 #include <sys/types.h>
 #include <sys/wait.h>
 
@@ -187,8 +186,7 @@
 		if (open(fn, O_RDONLY | O_CREAT, S_IRUSR | S_IRGRP) < 0) {
 			perror("File open");
 		}
-		/* else if (auditctl(AC_SETLOGFILE, fn)) != 0) { */
-		else if (syscall(SYS_auditctl, AC_SETLOGFILE, fn) != 0) {
+		else if (auditctl(AC_SETLOGFILE, fn) != 0) {
 			syslog(LOG_ERR, 
 				"auditctl failed setting log file! : %s\n", 
 				strerror(errno));
@@ -265,15 +263,13 @@
 
 		syslog(LOG_INFO, "min free = %d\n", minval);
 
-		/* if (auditon(A_GETQCTRL, &qctrl, sizeof(qctrl)) != 0) { */
-		if (syscall(SYS_auditon, A_GETQCTRL, &qctrl, sizeof(qctrl)) != 0) {
+		if (auditon(A_GETQCTRL, &qctrl, sizeof(qctrl)) != 0) {
 				syslog(LOG_ERR, 
 					"could not get audit queue settings\n");
 				return -1;
 		}
 		qctrl.aq_minfree = minval;
-		/* if (auditon(A_SETQCTRL, &qctrl, sizeof(qctrl)) != 0) { */
-		if (syscall(SYS_auditon, A_SETQCTRL, &qctrl, sizeof(qctrl)) != 0) {
+		if (auditon(A_SETQCTRL, &qctrl, sizeof(qctrl)) != 0) { 
 				syslog(LOG_ERR, 
 					"could not set audit queue settings\n");
 				return -1;
@@ -308,8 +304,7 @@
 	}
 
 	/* flush contents */
-	/* err_ret = auditctl(NULL); */
-	err_ret = syscall(SYS_auditctl, AC_SETLOGFILE, NULL);
+	err_ret = auditctl(AC_SETLOGFILE, NULL);
 	if (err_ret != 0) {
 		syslog(LOG_ERR, "auditctl failed! : %s\n", 
 			strerror(errno));
@@ -563,9 +558,8 @@
 	while((ev = getauevent()) != NULL) {
 		evc_map.ec_number = ev->ae_number;
 		evc_map.ec_class = ev->ae_class;
-		/* if (auditon(A_SETCLASS, &evc_map, sizeof(au_evclass_map_t)) != 0) { */
-		if (syscall(SYS_auditon, A_SETCLASS, &evc_map, 
-			    sizeof(au_evclass_map_t)) != 0) {
+		if (auditon(A_SETCLASS, &evc_map,
+		    sizeof(au_evclass_map_t)) != 0) {
 			syslog(LOG_ERR, 
 				"Failed to register class mapping for event %s",
 				 ev->ae_name);
@@ -588,8 +582,7 @@
 	if ((getacna(naeventstr, NA_EVENT_STR_SIZE) == 0)	
                 && ( getauditflagsbin(naeventstr, &aumask) == 0)) {
 
-		/* if (auditon(A_SETKMASK, &aumask, sizeof(au_mask_t))){ */
-		if (syscall(SYS_auditon,A_SETKMASK, &aumask, sizeof(au_mask_t))){
+		if (auditon(A_SETKMASK, &aumask, sizeof(au_mask_t))){ 
 			syslog(LOG_ERR,
 				"Failed to register non-attributable event mask.");
 		} else {
@@ -603,8 +596,7 @@
 	/*
 	 * Set the audit policy flags based on passed in parameter values.
 	 */
-	/* if (auditon(A_SETPOLICY, &flags, sizeof(flags))) { */
-	if (syscall(SYS_auditon,A_SETPOLICY, &flags, sizeof(flags))) {
+	if (auditon(A_SETPOLICY, &flags, sizeof(flags))) {
 		syslog(LOG_ERR,
 		       "Failed to set audit policy.");
 	}
@@ -660,8 +652,7 @@
 		return -1;
 	} 
 	/* Tell the kernel the name of the auditd control file */
-	/*if (auditctl(AC_SETCTLFILE, fn) != 0) { */
-	if (syscall(SYS_auditctl, AC_SETCTLFILE, AUDITD_CTL_FILE) != 0) {
+	if (auditctl(AC_SETCTLFILE, AUDITD_CTL_FILE) != 0) {
 		syslog(LOG_ERR, 
 			"config_auditd_ipc() : failed sending control file "
 			"name to the kernel: %s\n", 

==== //depot/projects/trustedbsd/audit3/usr.sbin/auditon/auditon.c#3 (text+ko) ====

@@ -38,8 +38,6 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
-#include <sys/syscall.h>
-#include <unistd.h>
 
 static void
 usage(void)
@@ -61,8 +59,7 @@
 		path = NULL;
 	else
 		path = argv[1];
-	/* if (auditctl(AC_SETLOGFILE, path) == -1) */
-	if (syscall(SYS_auditctl, AC_SETLOGFILE, path) == -1)
+	if (auditctl(AC_SETLOGFILE, path) == -1) 
 		errx(-1, "%s: %s", path, strerror(errno));
 	exit(0);
 }
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message

More information about the trustedbsd-cvs mailing list