bool TextWriter::visitValueMetric(const AbstractValueMetric& m, bool) { if (writeCommon(m)) { m.print(_out, _verbose, " ", _period); } return true; }
void AuditLogger::logSuccess() { if (false == open()) return; writeCommon(); writeReturn(0, 0); close(); }
void RightAuthenticationLogger::logLeastPrivilege(uid_t userId, bool isAuthorizingUser) { if (false == open()) return; writeCommon(); writeToken(au_to_text(leastPrivStr), leastPrivStr); writeReturn(0, 0); close(); }
void AuthMechLogger::logInterrupt(const char *msg) { if (false == open()) return; writeCommon(); if (msg) writeToken(au_to_text(msg), "interrupt"); writeReturn(0, 0); close(); }
void AuditLogger::logFailure(const char *errMsg, int errcode) { if (false == open()) return; writeCommon(); if (errMsg) writeToken(au_to_text(errMsg), "evaluation error"); writeReturn(EPERM, errcode); close(); }
bool TextWriter::visitCountMetric(const AbstractCountMetric& m, bool) { if (writeCommon(m)) { if (_verbose || m.used()) { MetricValueClass::UP values(m.getValues()); _out << m.getMangledName() << (m.sumOnAdd() ? " count=" : " value="); values->output("count", _out); } } return true; }
void RightAuthenticationLogger::logFailure(uid_t authenticator, const char *targetName) { if (false == open()) return; writeCommon(); writeToken(au_to_arg32(1, authenticatorStr, authenticator), "authenticator"); if (NULL == targetName) writeToken(au_to_text(unknownUserStr), "target username"); else writeToken(au_to_text(targetName), "target username"); // @@@ EAUTH more appropriate, but !defined for _POSIX_C_SOURCE writeReturn(EPERM, errAuthorizationDenied); close(); }
void RightAuthenticationLogger::logSuccess(uid_t authenticator, uid_t target, const char *targetName) { if (false == open()) return; writeCommon(); // au_to_arg32() is really meant for auditing syscall arguments; // we're slightly abusing it to get descriptive strings for free. writeToken(au_to_arg32(1, authenticatorStr, authenticator), "authenticator"); string tmpStr(authenticatedAsStr); // targetName shouldn't be NULL on a successful authentication, but allow // for programmer screwups tmpStr += targetName ? targetName : unknownUserStr; writeToken(au_to_arg32(2, tmpStr.c_str(), target), "target"); writeReturn(0, 0); close(); }
void RightAuthenticationLogger::logAuthorizationResult(const char *client, const char *authCreator, int errcode) { if (false == open()) return; writeCommon(); string tmpStr(clientStr); tmpStr += client ? client : unknownClientStr; writeToken(au_to_text(tmpStr.c_str()), "Authorization client"); tmpStr.clear(); tmpStr = authCreatorStr; tmpStr += authCreator ? authCreator : unknownAuthCreatorStr; writeToken(au_to_text(tmpStr.c_str()), "Authorization creator"); if (errAuthorizationSuccess == errcode) writeReturn(0, 0); else writeReturn(EPERM, errcode); close(); }