PERFORCE change 98514 for review
Robert Watson
rwatson at FreeBSD.org
Sun Jun 4 16:36:09 PDT 2006
http://perforce.freebsd.org/chv.cgi?CH=98514
Change 98514 by rwatson at rwatson_zoo on 2006/06/04 23:34:06
Integrate OpenBSM 1.0 alpha 6 changes from OpenBSM work branch to
TrustedBSD audit3 branch.
Affected files ...
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/auditfilterd/auditfilterd.c#2 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/auditfilterd/auditfilterd.h#2 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/bsm/audit.h#11 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/bsm/audit_filter.h#2 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/bsm/audit_record.h#8 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/configure#4 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/configure.ac#4 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/audit_submit.3#2 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_wrappers.c#12 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/man/auditctl.2#5 integrate
Differences ...
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/auditfilterd/auditfilterd.c#2 (text+ko) ====
@@ -25,10 +25,11 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/auditfilterd/auditfilterd.c#1 $
+ * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/auditfilterd/auditfilterd.c#2 $
*/
#include <sys/types.h>
+#include <sys/stat.h>
#include <sys/time.h>
#include <config/config.h>
@@ -66,12 +67,14 @@
usage(void)
{
- fprintf(stderr, "auditfilterd [-c conffile] [-d] [-t trailfile]\n");
+ fprintf(stderr, "auditfilterd [-c conffile] [-d] [-p pipefile]"
+ " [-t trailfile]\n");
fprintf(stderr, " -c Specify configuration file (default: %s)\n",
AUDITFILTERD_CONFFILE);
fprintf(stderr, " -d Debugging mode, don't daemonize\n");
- fprintf(stderr, " -t Specify audit trail file (default: %s)",
- AUDITFILTERD_TRAILFILE);
+ fprintf(stderr, " -p Specify pipe file (default: %s)\n",
+ AUDITFILTERD_PIPEFILE);
+ fprintf(stderr, " -t Specify audit trail file (default: none)\n");
exit(-1);
}
@@ -147,7 +150,7 @@
* them to modules for processing.
*/
static void
-mainloop(const char *conffile, const char *trailfile, FILE *trail_fp)
+mainloop_file(const char *conffile, const char *trailfile, FILE *trail_fp)
{
struct timespec ts;
FILE *conf_fp;
@@ -184,10 +187,8 @@
* more at the right blocking and signal behavior here.
*/
reclen = au_read_rec(trail_fp, &buf);
- if (reclen == -1) {
- sleep(1);
+ if (reclen == -1)
continue;
- }
if (clock_gettime(CLOCK_REALTIME, &ts) < 0)
err(-1, "clock_gettime");
present_bsmrecord(&ts, buf, reclen);
@@ -196,16 +197,68 @@
}
}
+/*
+ * The main loop spins pulling records out of the record source and passing
+ * them to modules for processing. This version of the function accepts
+ * discrete record input from a file descriptor, as opposed to buffered input
+ * from a file stream.
+ */
+static void
+mainloop_pipe(const char *conffile, const char *pipefile, int pipe_fd)
+{
+ u_char record[MAX_AUDIT_RECORD_SIZE];
+ struct timespec ts;
+ FILE *conf_fp;
+ int reclen;
+
+ while (1) {
+ /*
+ * On SIGHUP, we reread the configuration file. Unlike with
+ * a trail file, we don't reopen the pipe, as we don't want
+ * to miss records which will be flushed if we do.
+ */
+ if (reread_config) {
+ reread_config = 0;
+ warnx("rereading configuration");
+ conf_fp = fopen(conffile, "r");
+ if (conf_fp == NULL)
+ err(-1, "%s", conffile);
+ auditfilterd_conf(conffile, conf_fp);
+ fclose(conf_fp);
+ }
+ if (quit) {
+ warnx("quitting");
+ break;
+ }
+
+ /*
+ * For now, be relatively unrobust about incomplete records,
+ * but in the future will want to do better. Need to look
+ * more at the right blocking and signal behavior here.
+ */
+ reclen = read(pipe_fd, record, MAX_AUDIT_RECORD_SIZE);
+ if (reclen < 0)
+ continue;
+ if (clock_gettime(CLOCK_REALTIME, &ts) < 0)
+ err(-1, "clock_gettime");
+ present_bsmrecord(&ts, record, reclen);
+ present_tokens(&ts, record, reclen);
+ }
+}
+
int
main(int argc, char *argv[])
{
- const char *trailfile, *conffile;
+ const char *pipefile, *trailfile, *conffile;
FILE *trail_fp, *conf_fp;
+ struct stat sb;
+ int pipe_fd;
int ch;
conffile = AUDITFILTERD_CONFFILE;
- trailfile = AUDITFILTERD_TRAILFILE;
- while ((ch = getopt(argc, argv, "c:dt:")) != -1) {
+ trailfile = NULL;
+ pipefile = NULL;
+ while ((ch = getopt(argc, argv, "c:dp:t:")) != -1) {
switch (ch) {
case 'c':
conffile = optarg;
@@ -216,9 +269,17 @@
break;
case 't':
+ if (trailfile != NULL || pipefile != NULL)
+ usage();
trailfile = optarg;
break;
+ case 'p':
+ if (pipefile != NULL || trailfile != NULL)
+ usage();
+ pipefile = optarg;
+ break;
+
default:
usage();
}
@@ -230,9 +291,26 @@
if (argc != 0)
usage();
- trail_fp = fopen(trailfile, "r");
- if (trail_fp == NULL)
- err(-1, "%s", trailfile);
+ /*
+ * We allow only one of a pipe or a trail to be used. If none is
+ * specified, we provide a default pipe path.
+ */
+ if (pipefile == NULL && trailfile == NULL)
+ pipefile = AUDITFILTERD_PIPEFILE;
+
+ if (pipefile != NULL) {
+ pipe_fd = open(pipefile, O_RDONLY);
+ if (pipe_fd < 0)
+ err(-1, "open:%s", pipefile);
+ if (fstat(pipe_fd, &sb) < 0)
+ err(-1, "stat: %s", pipefile);
+ if (!S_ISCHR(sb.st_mode))
+ errx(-1, "fstat: %s not device", pipefile);
+ } else {
+ trail_fp = fopen(trailfile, "r");
+ if (trail_fp == NULL)
+ err(-1, "%s", trailfile);
+ }
conf_fp = fopen(conffile, "r");
if (conf_fp == NULL)
@@ -253,7 +331,10 @@
signal(SIGQUIT, signal_handler);
signal(SIGTERM, signal_handler);
- mainloop(conffile, trailfile, trail_fp);
+ if (pipefile != NULL)
+ mainloop_pipe(conffile, pipefile, pipe_fd);
+ else
+ mainloop_file(conffile, trailfile, trail_fp);
auditfilterd_conf_shutdown();
return (0);
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/auditfilterd/auditfilterd.h#2 (text+ko) ====
@@ -25,11 +25,11 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/auditfilterd/auditfilterd.h#1 $
+ * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/auditfilterd/auditfilterd.h#2 $
*/
#define AUDITFILTERD_CONFFILE "/etc/security/audit_filter"
-#define AUDITFILTERD_TRAILFILE "/dev/auditpipe"
+#define AUDITFILTERD_PIPEFILE "/dev/auditpipe"
/*
* Limit on the number of arguments that can appear in an audit_filterd
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/bsm/audit.h#11 (text+ko) ====
@@ -30,7 +30,7 @@
*
* @APPLE_BSD_LICENSE_HEADER_END@
*
- * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/bsm/audit.h#10 $
+ * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/bsm/audit.h#11 $
*/
#ifndef _BSM_AUDIT_H
@@ -264,11 +264,11 @@
unsigned int as_version;
unsigned int as_numevent;
int as_generated;
- int as_nonattring;
+ int as_nonattrib;
int as_kernel;
int as_audit;
int as_auditctl;
- int as_enqueu;
+ int as_enqueue;
int as_written;
int as_wblocked;
int as_rblocked;
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/bsm/audit_filter.h#2 (text+ko) ====
@@ -25,7 +25,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/bsm/audit_filter.h#1 $
+ * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/bsm/audit_filter.h#2 $
*/
#ifndef _BSM_AUDIT_FILTER_H_
@@ -48,7 +48,7 @@
typedef int (*audit_filter_attach_t)(void **instance, int argc, char *argv[]);
typedef int (*audit_filter_reinit_t)(void *instance, int argc, char *argv[]);
typedef void (*audit_filter_record_t)(void *instance, struct timespec *ts,
- int token_count, const tokenstr_t *tok[]);
+ int token_count, const tokenstr_t tok[]);
typedef void (*audit_filter_bsmrecord_t)(void *instance, struct timespec *ts,
void *data, u_int len);
typedef void (*audit_filter_detach_t)(void *instance);
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/bsm/audit_record.h#8 (text+ko) ====
@@ -30,23 +30,15 @@
*
* @APPLE_BSD_LICENSE_HEADER_END@
*
- * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/bsm/audit_record.h#7 $
+ * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/bsm/audit_record.h#8 $
*/
#ifndef _BSM_AUDIT_RECORD_H_
#define _BSM_AUDIT_RECORD_H_
-/* Various token id types */
-
/*
- * Values inside the comments are not documented in the BSM pages and
- * have been picked up from the header files
- */
-
-/*
- * Values marked as XXX do not have a value defined in the BSM header files
+ * Token type identifiers.
*/
-
#define AUT_INVALID 0x00
#define AUT_OTHER_FILE32 0x11
#define AUT_OHEADER 0x12
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/configure#4 (xtext) ====
@@ -1,7 +1,7 @@
#! /bin/sh
-# From configure.ac P4: //depot/projects/trustedbsd/openbsm/configure.ac#20 .
+# From configure.ac P4: //depot/projects/trustedbsd/openbsm/configure.ac#22 .
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.59 for OpenBSM 1.0a5.
+# Generated by GNU Autoconf 2.59 for OpenBSM 1.0a6.
#
# Report bugs to <trustedbsd-audit at TrustesdBSD.org>.
#
@@ -424,8 +424,8 @@
# Identity of this package.
PACKAGE_NAME='OpenBSM'
PACKAGE_TARNAME='openbsm'
-PACKAGE_VERSION='1.0a5'
-PACKAGE_STRING='OpenBSM 1.0a5'
+PACKAGE_VERSION='1.0a6'
+PACKAGE_STRING='OpenBSM 1.0a6'
PACKAGE_BUGREPORT='trustedbsd-audit at TrustesdBSD.org'
ac_unique_file="bin/auditreduce/auditreduce.c"
@@ -955,7 +955,7 @@
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures OpenBSM 1.0a5 to adapt to many kinds of systems.
+\`configure' configures OpenBSM 1.0a6 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1021,7 +1021,7 @@
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of OpenBSM 1.0a5:";;
+ short | recursive ) echo "Configuration of OpenBSM 1.0a6:";;
esac
cat <<\_ACEOF
@@ -1162,7 +1162,7 @@
test -n "$ac_init_help" && exit 0
if $ac_init_version; then
cat <<\_ACEOF
-OpenBSM configure 1.0a5
+OpenBSM configure 1.0a6
generated by GNU Autoconf 2.59
Copyright (C) 2003 Free Software Foundation, Inc.
@@ -1176,7 +1176,7 @@
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by OpenBSM $as_me 1.0a5, which was
+It was created by OpenBSM $as_me 1.0a6, which was
generated by GNU Autoconf 2.59. Invocation command line was
$ $0 $@
@@ -19278,7 +19278,7 @@
# Define the identity of the package.
PACKAGE=OpenBSM
- VERSION=1.0a5
+ VERSION=1.0a6
cat >>confdefs.h <<_ACEOF
@@ -23477,7 +23477,7 @@
} >&5
cat >&5 <<_CSEOF
-This file was extended by OpenBSM $as_me 1.0a5, which was
+This file was extended by OpenBSM $as_me 1.0a6, which was
generated by GNU Autoconf 2.59. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -23540,7 +23540,7 @@
cat >>$CONFIG_STATUS <<_ACEOF
ac_cs_version="\\
-OpenBSM config.status 1.0a5
+OpenBSM config.status 1.0a6
configured by $0, generated by GNU Autoconf 2.59,
with options \\"`echo "$ac_configure_args" | sed 's/[\\""\`\$]/\\\\&/g'`\\"
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/configure.ac#4 (text+ko) ====
@@ -2,8 +2,8 @@
# Process this file with autoconf to produce a configure script.
AC_PREREQ(2.59)
-AC_INIT([OpenBSM], [1.0a5], [trustedbsd-audit at TrustesdBSD.org],[openbsm])
-AC_REVISION([$P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/configure.ac#3 $])
+AC_INIT([OpenBSM], [1.0a6], [trustedbsd-audit at TrustesdBSD.org],[openbsm])
+AC_REVISION([$P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/configure.ac#4 $])
AC_CONFIG_SRCDIR([bin/auditreduce/auditreduce.c])
AC_CONFIG_AUX_DIR(config)
AC_CONFIG_HEADER([config/config.h])
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/audit_submit.3#2 (text+ko) ====
@@ -26,8 +26,10 @@
.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
.\" IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
.\" POSSIBILITY OF SUCH DAMAGE.
-.\" $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/audit_submit.3#1 $
-.Dd April 11, 2006
+.\"
+.\" $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/audit_submit.3#2 $
+.\"
+.Dd May 29, 2006
.Dt audit_submit 3
.Os
.Sh NAME
@@ -44,12 +46,12 @@
.Nm
function provides a generic programming interface for audit record submission.
This audit record will contain a header, subject token, an optional text token,
-return token, and a trailer. The header will contain the event class specified
-by
+return token, and a trailer.
+The header will contain the event class specified by
.Fa au_event .
The subject token will be generated based on
.Fa au_ctx .
-The return token of is dependant on the
+The return token is dependant on the
.Fa status
and
.Fa reterr
@@ -65,6 +67,19 @@
If
.Fa format
is NULL, then no text token is created in the audit record.
+.Pp
+It should be noted that
+.Nm
+assumes that
+.Xr setaudit 2 ,
+or
+.Xr setaudit_addr 2
+has already been called.
+As a direct result, the terminal ID for the
+subject will be retrieved from the kernel via
+.Xr getaudit 2 ,
+or
+.Xr getaudit_addr 2 .
.Sh EXAMPLES
.Bd -literal -offset indent
#include <bsm/audit.h>
@@ -96,12 +111,13 @@
.Ed
.Sh SEE ALSO
.Xr auditon 2 ,
+.Xr getaudit 2 ,
.Xr libbsm 3 ,
.Xr stdarg 3
.Sh HISTORY
The
.Nm
-first appeared in OpenBSM version 1.0.
+function first appeared in OpenBSM version 1.0.
OpenBSM 1.0 was introduced in FreeBSD 7.0.
.Sh AUTHORS
The
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_wrappers.c#12 (text+ko) ====
@@ -26,7 +26,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_wrappers.c#11 $
+ * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_wrappers.c#12 $
*/
#ifdef __APPLE__
@@ -62,12 +62,12 @@
int reterr, const char *fmt, ...)
{
char text[MAX_AUDITSTRING_LEN];
- au_tid_t termid;
token_t *token;
long acond;
va_list ap;
pid_t pid;
int error, afd;
+ struct auditinfo ai;
if (auditon(A_GETCOND, &acond, sizeof(acond)) < 0) {
/*
@@ -92,11 +92,16 @@
errno = error;
return (-1);
}
- /* XXX what should we do for termid? */
- bzero(&termid, sizeof(termid));
+ if (getaudit(&ai) < 0) {
+ error = errno;
+ syslog(LOG_AUTH | LOG_ERR, "audit: getaudit failed: %s",
+ strerror(errno));
+ errno = error;
+ return (-1);
+ }
pid = getpid();
token = au_to_subject32(auid, geteuid(), getegid(),
- getuid(), getgid(), pid, pid, &termid);
+ getuid(), getgid(), pid, pid, &ai.ai_termid);
if (token == NULL) {
syslog(LOG_AUTH | LOG_ERR,
"audit: unable to build subject token");
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/man/auditctl.2#5 (text+ko) ====
@@ -23,7 +23,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.\" $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/man/auditctl.2#4 $
+.\" $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/man/auditctl.2#5 $
.\"
.Dd April 19, 2005
.Dt AUDITCTL 2
@@ -34,7 +34,7 @@
.Sh SYNOPSIS
.In bsm/audit.h
.Ft int
-.Fn auditon "const char *path"
+.Fn auditctl "const char *path"
.Sh DESCRIPTION
The
.Fn auditctl
More information about the trustedbsd-cvs
mailing list