PERFORCE change 92112 for review
Christian S.J. Peron
csjp at FreeBSD.org
Mon Feb 20 21:11:44 PST 2006
http://perforce.freebsd.org/chv.cgi?CH=92112
Change 92112 by csjp at csjp_xor on 2006/02/21 05:10:49
Overhaul error handling logic here. The subject shouldn't know anything about
the auditing configuration concerning them. So, instead of printing errors
to stderr which gives away information about auditing config, print a vague
message to stderr and log the details to syslog (LOG_AUTH|LOG_ERR).
This is a CAPP requirement.
Affected files ...
.. //depot/projects/trustedbsd/audit3/usr.bin/login/login_audit.c#12 edit
Differences ...
==== //depot/projects/trustedbsd/audit3/usr.bin/login/login_audit.c#12 (text+ko) ====
@@ -43,6 +43,7 @@
#include <errno.h>
#include <pwd.h>
#include <stdio.h>
+#include <syslog.h>
#include "login.h"
@@ -72,37 +73,55 @@
if (auditon(A_GETCOND, &au_cond, sizeof(long)) < 0) {
if (errno == ENOSYS)
return;
- err(1, "login: Could not determine audit condition");
+ syslog(LOG_AUTH | LOG_ERR,
+ "Could not determine audit condition: %s",
+ strerror(errno));
+ errx(1, "Permission denied");
}
if (au_cond == AUC_NOAUDIT)
return;
/* Compute and set the user's preselection mask. */
- if (au_user_mask(pwd->pw_name, &aumask) == -1)
- errx(1, "login: Could not set audit mask\n");
+ if (au_user_mask(pwd->pw_name, &aumask) == -1) {
+ syslog(LOG_AUTH | LOG_ERR,
+ "Could not set audit mask: %s", strerror(errno));
+ errx(1, "Permission denied");
+ }
/* Set the audit info for the user. */
auinfo.ai_auid = uid;
auinfo.ai_asid = pid;
bcopy(&tid, &auinfo.ai_termid, sizeof(auinfo.ai_termid));
bcopy(&aumask, &auinfo.ai_mask, sizeof(auinfo.ai_mask));
- if (setaudit(&auinfo) != 0)
- err(1, "login: setaudit failed");
+ if (setaudit(&auinfo) != 0) {
+ syslog(LOG_AUTH | LOG_ERR, "setaudit failed: %s",
+ strerror(errno));
+ errx(1, "Permission denied");
+ }
- if ((aufd = au_open()) == -1)
- errx(1,"login: Audit Error: au_open() failed");
+ if ((aufd = au_open()) == -1) {
+ syslog(LOG_AUTH | LOG_ERR, "au_open failed: %s",
+ strerror(errno));
+ errx(1,"Permission denied");
+ }
if ((tok = au_to_subject32(uid, geteuid(), getegid(), uid, gid, pid,
- pid, &tid)) == NULL)
- errx(1, "login: Audit Error: au_to_subject32() failed");
+ pid, &tid)) == NULL) {
+ syslog(LOG_AUTH | LOG_ERR, "au_to_subject32 failed");
+ errx(1, "Permission denied");
+ }
au_write(aufd, tok);
- if ((tok = au_to_return32(0, 0)) == NULL)
- errx(1, "login: Audit Error: au_to_return32() failed");
+ if ((tok = au_to_return32(0, 0)) == NULL) {
+ syslog(LOG_AUTH | LOG_ERR, "au_to_return32 failed");
+ errx(1, "Permission denied");
+ }
au_write(aufd, tok);
- if (au_close(aufd, 1, AUE_login) == -1)
- errx(1, "login: Audit Record was not committed.");
+ if (au_close(aufd, 1, AUE_login) == -1) {
+ syslog(LOG_AUTH | LOG_ERR, "audit record not committed");
+ errx(1, "Permission denied");
+ }
}
/*
@@ -123,13 +142,19 @@
if (auditon(A_GETCOND, &au_cond, sizeof(long)) < 0) {
if (errno == ENOSYS)
return;
- err(1, "login: Could not determine audit condition");
+ syslog(LOG_AUTH | LOG_ERR,
+ "could not determine audit condition: %s",
+ strerror(errno));
+ errx(1, "Permission denied");
}
if (au_cond == AUC_NOAUDIT)
return;
- if ((aufd = au_open()) == -1)
- errx(1, "login: Audit Error: au_open() failed");
+ if ((aufd = au_open()) == -1) {
+ syslog(LOG_AUTH | LOG_ERR, "au_open failed: %s",
+ strerror(errno));
+ errx(1, "Permission denied");
+ }
if (na) {
/*
@@ -137,29 +162,41 @@
* within a user's session => auid,asid == -1.
*/
if ((tok = au_to_subject32(-1, geteuid(), getegid(), -1, -1,
- pid, -1, &tid)) == NULL)
- errx(1, "login: Audit Error: au_to_subject32() failed");
+ pid, -1, &tid)) == NULL) {
+ syslog(LOG_AUTH | LOG_ERR, "au_to_subject32 failed");
+ errx(1, "Permission denied");
+ }
} else {
/* We know the subject -- so use its value instead. */
uid = pwd->pw_uid;
gid = pwd->pw_gid;
if ((tok = au_to_subject32(uid, geteuid(), getegid(), uid,
- gid, pid, pid, &tid)) == NULL)
- errx(1, "login: Audit Error: au_to_subject32() failed");
+ gid, pid, pid, &tid)) == NULL) {
+ syslog(LOG_AUTH | LOG_ERR, "au_to_subject32 failed");
+ errx(1, "Permission denied");
+ }
}
au_write(aufd, tok);
/* Include the error message. */
- if ((tok = au_to_text(errmsg)) == NULL)
- errx(1, "login: Audit Error: au_to_text() failed");
+ if ((tok = au_to_text(errmsg)) == NULL) {
+ syslog(LOG_AUTH | LOG_ERR, "au_to_text failed");
+ errx(1, "Permission denied");
+ }
au_write(aufd, tok);
- if ((tok = au_to_return32(1, errno)) == NULL)
- errx(1, "login: Audit Error: au_to_return32() failed");
+ if ((tok = au_to_return32(1, errno)) == NULL) {
+ syslog(LOG_AUTH | LOG_ERR,
+ "login: Audit Error: au_to_return32() failed");
+ errx(1, "Permission denied");
+ }
au_write(aufd, tok);
- if (au_close(aufd, 1, AUE_login) == -1)
- errx(1, "login: Audit Error: au_close() was not committed");
+ if (au_close(aufd, 1, AUE_login) == -1) {
+ syslog(LOG_AUTH | LOG_ERR,
+ "login: Audit Error: au_close() was not committed");
+ errx(1, "Permission denied");
+ }
}
/*
@@ -182,25 +219,39 @@
if (auditon(A_GETCOND, &au_cond, sizeof(long)) < 0) {
if (errno == ENOSYS)
return;
- errx(1, "login: Could not determine audit condition");
+ syslog(LOG_AUTH | LOG_ERR,
+ "login: Could not determine audit condition: %s",
+ strerror(errno));
+ errx(1, "Permission denied");
}
if (au_cond == AUC_NOAUDIT)
return;
- if ((aufd = au_open()) == -1)
- errx(1, "login: Audit Error: au_open() failed");
+ if ((aufd = au_open()) == -1) {
+ syslog(LOG_AUTH | LOG_ERR,
+ "login: Audit Error: au_open() failed");
+ errx(1, "Permission denied");
+ }
/* The subject that is created (euid, egid of the current process). */
if ((tok = au_to_subject32(uid, geteuid(), getegid(), uid, gid, pid,
- pid, &tid)) == NULL)
- errx(1, "login: Audit Error: au_to_subject32() failed");
+ pid, &tid)) == NULL) {
+ syslog(LOG_AUTH | LOG_ERR,
+ "login: Audit Error: au_to_subject32() failed");
+ errx(1, "Permission denied");
+ }
au_write(aufd, tok);
- if ((tok = au_to_return32(0, 0)) == NULL)
- errx(1, "login: Audit Error: au_to_return32() failed");
+ if ((tok = au_to_return32(0, 0)) == NULL) {
+ syslog(LOG_AUTH | LOG_ERR,
+ "login: Audit Error: au_to_return32() failed");
+ errx(1, "Permission denied");
+ }
au_write(aufd, tok);
- if (au_close(aufd, 1, AUE_logout) == -1)
- errx(1, "login: Audit Record was not committed.");
+ if (au_close(aufd, 1, AUE_logout) == -1) {
+ syslog(LOG_AUTH | LOG_ERR, "Audit Record was not committed.");
+ errx(1, "Permission denied");
+ }
}
#endif /* USE_BSM_AUDIT */
More information about the trustedbsd-cvs
mailing list