PERFORCE change 78718 for review

Wayne Salamon wsalamon at FreeBSD.org
Sun Jun 19 13:45:24 GMT 2005 

http://perforce.freebsd.org/chv.cgi?CH=78718

Change 78718 by wsalamon at rickenbacker on 2005/06/19 13:45:07

	Move the audit triggering into the auditon() syscall. Note that the
	audit.h file is still maintained outside of the OpenBSM project. This
	will change in the future.

Affected files ...

.. //depot/projects/trustedbsd/audit3/sys/bsm/audit.h#13 edit
.. //depot/projects/trustedbsd/audit3/sys/bsm/audit_kernel.h#15 edit
.. //depot/projects/trustedbsd/audit3/sys/security/audit/kern_audit.c#23 edit

Differences ...

==== //depot/projects/trustedbsd/audit3/sys/bsm/audit.h#13 (text+ko) ====

@@ -54,11 +54,13 @@
 /* 
  * Triggers for the audit daemon
  */
+#define AUDIT_TRIGGER_MIN		1
 #define AUDIT_TRIGGER_LOW_SPACE		1
 #define AUDIT_TRIGGER_OPEN_NEW 		2
 #define AUDIT_TRIGGER_READ_FILE 	3
 #define AUDIT_TRIGGER_CLOSE_AND_DIE 	4
 #define AUDIT_TRIGGER_NO_SPACE		5
+#define AUDIT_TRIGGER_MAX		5
 
 /*
  * Pre-defined audit IDs
@@ -144,6 +146,7 @@
 #define A_GETPINFO_ADDR	28
 #define A_GETKAUDIT	29
 #define A_SETKAUDIT	30
+#define A_SENDTRIGGER	31
 
 /*
  * Audit policy controls.
@@ -171,13 +174,6 @@
 
 #define	AU_FS_MINFREE	20   /* default min filesystem freespace, in percent */
 
-/*
- * auditctl(2) commands
- */
-#define AC_SETLOGFILE	1
-#define AC_SHUTDOWN	2
-#define AC_SENDTRIGGER	3
-
 __BEGIN_DECLS
 
 typedef uid_t au_id_t;

==== //depot/projects/trustedbsd/audit3/sys/bsm/audit_kernel.h#15 (text+ko) ====

@@ -136,6 +136,7 @@
 	long			au_cond;
 	long			au_flags;
 	long			au_policy;
+	int			au_trigger;
 	au_evclass_map_t	au_evclass;
 	au_mask_t		au_mask;
 	auditinfo_t		au_auinfo;

==== //depot/projects/trustedbsd/audit3/sys/security/audit/kern_audit.c#23 (text+ko) ====

@@ -911,6 +911,7 @@
 	case A_GETCLASS:
 	case A_GETPINFO:
 	case A_GETPINFO_ADDR:
+	case A_SENDTRIGGER:
 		error = copyin(uap->data, (void *)&udata, uap->length);
 		if (error)
 			return (error);
@@ -1049,6 +1050,14 @@
 	case A_SETKAUDIT:
 		return (ENOSYS);
 		break;
+	case A_SENDTRIGGER:
+		if ((udata.au_trigger < AUDIT_TRIGGER_MIN) ||
+		    (udata.au_trigger > AUDIT_TRIGGER_MAX))
+			return (EINVAL);
+		error = send_trigger(udata.au_trigger);
+		if (error)
+			return (error);
+		break;
 	}
 	/* Copy data back to userspace for the GET comands */
 	switch (uap->cmd) {
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message

More information about the trustedbsd-cvs mailing list