/* * Collects audit information for the current process and creates a subject * token from it. */ token_t * au_to_me(void) { auditinfo_t auinfo; auditinfo_addr_t aia; /* * Try to use getaudit_addr(2) first. If this kernel does not support * it, then fall back on to getaudit(2). */ if (getaudit_addr(&aia, sizeof(aia)) != 0) { if (errno == ENOSYS) { if (getaudit(&auinfo) != 0) return (NULL); return (au_to_subject32(auinfo.ai_auid, geteuid(), getegid(), getuid(), getgid(), getpid(), auinfo.ai_asid, &auinfo.ai_termid)); } else { /* getaudit_addr(2) failed for some other reason. */ return (NULL); } } return (au_to_subject32_ex(aia.ai_auid, geteuid(), getegid(), getuid(), getgid(), getpid(), aia.ai_asid, &aia.ai_termid)); }
static void generate_subject32ex_record(const char *directory, const char *record_filename, u_int32_t type) { token_t *subject32ex_token; char *buf; buf = (char *)malloc(strlen(record_filename) + 6); if (type == AU_IPv6) { inet_pton(AF_INET6, "fe80::1", subject32_tid_addr.at_addr); subject32_tid_addr.at_type = AU_IPv6; sprintf(buf, "%s%s", record_filename, "-IPv6"); } else { subject32_tid_addr.at_addr[0] = inet_addr("127.0.0.1"); subject32_tid_addr.at_type = AU_IPv4; sprintf(buf, "%s%s", record_filename, "-IPv4"); } subject32ex_token = au_to_subject32_ex(subject32_auid, subject32_euid, subject32_egid, subject32_ruid, subject32_rgid, subject32_pid, subject32_sid, &subject32_tid_addr); if (subject32ex_token == NULL) err(EX_UNAVAILABLE, "au_to_subject32_ex"); write_record(directory, record_filename, subject32ex_token, AUE_NULL); free(buf); }
token_t * au_to_subject_ex(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, gid_t rgid, pid_t pid, au_asid_t sid, au_tid_addr_t *tid) { return (au_to_subject32_ex(auid, euid, egid, ruid, rgid, pid, sid, tid)); }