/* * Read the default system wide audit classes from audit_control, combine with * the per-user audit class and update the binary preselection mask. */ int au_user_mask(char *username, au_mask_t *mask_p) { char auditstring[MAX_AUDITSTRING_LEN + 1]; char user_ent_name[AU_USER_NAME_MAX]; struct au_user_ent u, *up; bzero(&u, sizeof(u)); bzero(user_ent_name, sizeof(user_ent_name)); u.au_name = user_ent_name; /* Get user mask. */ if ((up = getauusernam_r(&u, username)) != NULL) { if (-1 == getfauditflags(&up->au_always, &up->au_never, mask_p)) return (-1); return (0); } /* Read the default system mask. */ if (getacflg(auditstring, MAX_AUDITSTRING_LEN) == 0) { if (-1 == getauditflagsbin(auditstring, mask_p)) return (-1); return (0); } /* No masks defined. */ return (-1); }
/* * Generate the process audit state by combining the audit masks passed as * parameters with the system audit masks. */ int getfauditflags(au_mask_t *usremask, au_mask_t *usrdmask, au_mask_t *lastmask) { char auditstring[MAX_AUDITSTRING_LEN + 1]; if ((usremask == NULL) || (usrdmask == NULL) || (lastmask == NULL)) return (-1); lastmask->am_success = 0; lastmask->am_failure = 0; /* Get the system mask. */ if (getacflg(auditstring, MAX_AUDITSTRING_LEN) == 0) { if (getauditflagsbin(auditstring, lastmask) != 0) return (-1); } ADDMASK(lastmask, usremask); SUBMASK(lastmask, usrdmask); return (0); }
static void audump_control(void) { char string[PATH_MAX], string2[PATH_MAX]; int ret, val; long policy; time_t age; size_t size; ret = getacflg(string, PATH_MAX); if (ret == -2) err(-1, "getacflg"); if (ret != 0) errx(-1, "getacflg: %d", ret); printf("flags:%s\n", string); ret = getacmin(&val); if (ret == -2) err(-1, "getacmin"); if (ret != 0) errx(-1, "getacmin: %d", ret); printf("min:%d\n", val); ret = getacna(string, PATH_MAX); if (ret == -2) err(-1, "getacna"); if (ret != 0) errx(-1, "getacna: %d", ret); printf("naflags:%s\n", string); setac(); do { ret = getacdir(string, PATH_MAX); if (ret == -1) break; if (ret == -2) err(-1, "getacdir"); if (ret != 0) errx(-1, "getacdir: %d", ret); printf("dir:%s\n", string); } while (ret == 0); ret = getacpol(string, PATH_MAX); if (ret != 0) err(-1, "getacpol"); if (au_strtopol(string, &policy) < 0) err(-1, "au_strtopol"); if (au_poltostr(policy, PATH_MAX, string2) < 0) err(-1, "au_poltostr"); printf("policy:%s\n", string2); ret = getacfilesz(&size); if (ret == -2) err(-1, "getacfilesz"); if (ret != 0) err(-1, "getacfilesz: %d", ret); printf("filesz:%ldB\n", size); ret = getachost(string, PATH_MAX); if (ret == -2) err(-1, "getachost"); if (ret == -3) err(-1, "getachost: %d", ret); if (ret == 0 && ret != 1) printf("host:%s\n", string); ret = getacexpire(&val, &age, &size); if (ret == -2) err(-1, "getacexpire"); if (ret == -1) err(-1, "getacexpire: %d", ret); if (ret == 0 && ret != 1) printf("expire-after:%ldB %s %lds\n", size, val ? "AND" : "OR", age); }