static void mdm_session_solaris_auditor_report_logout (MdmSessionAuditor *auditor) { MdmSessionSolarisAuditor *solaris_auditor; adt_session_data_t *adt_ah; /* Audit session handle */ adt_event_data_t *event; /* Event to generate */ solaris_auditor = MDM_SESSION_SOLARIS_AUDITOR (auditor); adt_ah = solaris_auditor->priv->audit_session_handle; event = adt_alloc_event (adt_ah, ADT_logout); if (event == NULL) { syslog (LOG_AUTH | LOG_ALERT, "adt_alloc_event (ADT_logout): %m"); } else if (adt_put_event (event, ADT_SUCCESS, ADT_SUCCESS) != 0) { syslog (LOG_AUTH | LOG_ALERT, "adt_put_event (ADT_logout, ADT_SUCCESS): %m"); } adt_free_event (event); /* Reset process audit state. this process is being reused. */ if ((adt_set_user (adt_ah, ADT_NO_AUDIT, ADT_NO_AUDIT, ADT_NO_AUDIT, ADT_NO_AUDIT, NULL, ADT_NEW) != 0) || (adt_set_proc (adt_ah) != 0)) { syslog (LOG_AUTH | LOG_ALERT, "adt_set_proc (ADT_logout reset): %m"); } (void) adt_end_session (adt_ah); solaris_auditor->priv->audit_session_handle = NULL; }
static void mdm_session_solaris_auditor_report_login (MdmSessionAuditor *auditor) { MdmSessionSolarisAuditor *solaris_auditor; adt_session_data_t *adt_ah; /* Audit session handle */ adt_event_data_t *event; /* Event to generate */ solaris_auditor = MDM_SESSION_SOLARIS_AUDITOR (auditor); g_return_if_fail (solaris_auditor->priv->username != NULL); adt_ah = NULL; if (adt_start_session (&adt_ah, NULL, ADT_USE_PROC_DATA) != 0) { syslog (LOG_AUTH | LOG_ALERT, "adt_start_session (ADT_login): %m"); goto cleanup; } if (adt_set_user (adt_ah, solaris_auditor->priv->uid, solaris_auditor->priv->gid, solaris_auditor->priv->uid, solaris_auditor->priv->gid, NULL, ADT_USER) != 0) { syslog (LOG_AUTH | LOG_ALERT, "adt_set_user (ADT_login, %s): %m", solaris_auditor->priv->username); } event = adt_alloc_event (adt_ah, ADT_login); if (event == NULL) { syslog (LOG_AUTH | LOG_ALERT, "adt_alloc_event (ADT_login): %m"); } else if (adt_put_event (event, ADT_SUCCESS, ADT_SUCCESS) != 0) { syslog (LOG_AUTH | LOG_ALERT, "adt_put_event (ADT_login, ADT_SUCCESS): %m"); } if (solaris_auditor->priv->password_changed) { g_assert (solaris_auditor->priv->password_change_initiated); /* Also audit password change */ adt_free_event (event); event = adt_alloc_event (adt_ah, ADT_passwd); if (event == NULL) { syslog (LOG_AUTH | LOG_ALERT, "adt_alloc_event (ADT_passwd): %m"); } else if (adt_put_event (event, ADT_SUCCESS, ADT_SUCCESS) != 0) { syslog (LOG_AUTH | LOG_ALERT, "adt_put_event (ADT_passwd, ADT_SUCCESS): %m"); } } adt_free_event (event); cleanup: solaris_auditor->priv->audit_session_handle = adt_ah; }
/* * audit_rlogin_settid stores the terminal id while it is still * available. Subsequent calls to adt_load_hostname() return * the id which is stored here. */ static int audit_rlogin_settid(int fd) { adt_session_data_t *ah; adt_termid_t *termid; int rc; if ((rc = adt_start_session(&ah, NULL, 0)) == 0) { if ((rc = adt_load_termid(fd, &termid)) == 0) { if ((rc = adt_set_user(ah, ADT_NO_AUDIT, ADT_NO_AUDIT, 0, ADT_NO_AUDIT, termid, ADT_SETTID)) == 0) (void) adt_set_proc(ah); free(termid); } (void) adt_end_session(ah); } return (rc); }
static void mdm_session_solaris_auditor_report_login_failure (MdmSessionAuditor *auditor, int pam_error_code, const char *pam_error_string) { MdmSessionSolarisAuditor *solaris_auditor; char *hostname; char *display_device; adt_session_data_t *ah; /* Audit session handle */ adt_event_data_t *event; /* Event to generate */ adt_termid_t *tid; /* Terminal ID for failures */ solaris_auditor = MDM_SESSION_SOLARIS_AUDITOR (auditor); g_object_get (G_OBJECT (auditor), "hostname", &hostname, "display-device", &display_device, NULL); if (solaris_auditor->priv->user_accredited) { if (adt_start_session (&ah, NULL, ADT_USE_PROC_DATA) != 0) { syslog (LOG_AUTH | LOG_ALERT, "adt_start_session (ADT_login, ADT_FAILURE): %m"); goto cleanup; } } else { if (adt_start_session (&ah, NULL, 0) != 0) { syslog (LOG_AUTH | LOG_ALERT, "adt_start_session (ADT_login, ADT_FAILURE): %m"); goto cleanup; } /* If display is on console or VT */ if (hostname != NULL && hostname[0] != '\0') { /* Login from a remote host */ if (adt_load_hostname (hostname, &tid) != 0) { syslog (LOG_AUTH | LOG_ALERT, "adt_loadhostname (%s): %m", hostname); } } else { /* login from the local host */ if (adt_load_ttyname (display_device, &tid) != 0) { syslog (LOG_AUTH | LOG_ALERT, "adt_loadhostname (localhost): %m"); } } if (adt_set_user (ah, solaris_auditor->priv->username != NULL ? solaris_auditor->priv->uid : ADT_NO_ATTRIB, solaris_auditor->priv->username != NULL ? solaris_auditor->priv->gid : ADT_NO_ATTRIB, solaris_auditor->priv->username != NULL ? solaris_auditor->priv->uid : ADT_NO_ATTRIB, solaris_auditor->priv->username != NULL ? solaris_auditor->priv->gid : ADT_NO_ATTRIB, tid, ADT_NEW) != 0) { syslog (LOG_AUTH | LOG_ALERT, "adt_set_user (%s): %m", solaris_auditor->priv->username != NULL ? solaris_auditor->priv->username : "******"); } } event = adt_alloc_event (ah, ADT_login); if (event == NULL) { syslog (LOG_AUTH | LOG_ALERT, "adt_alloc_event (ADT_login, ADT_FAILURE): %m"); goto done; } else if (adt_put_event (event, ADT_FAILURE, ADT_FAIL_PAM + pam_error_code) != 0) { syslog (LOG_AUTH | LOG_ALERT, "adt_put_event (ADT_login (ADT_FAIL, %s): %m", pam_error_string); } if (solaris_auditor->priv->password_change_initiated) { /* Also audit password change */ adt_free_event (event); event = adt_alloc_event (ah, ADT_passwd); if (event == NULL) { syslog (LOG_AUTH | LOG_ALERT, "adt_alloc_event (ADT_passwd): %m"); goto done; } if (solaris_auditor->priv->password_changed) { if (adt_put_event (event, ADT_SUCCESS, ADT_SUCCESS) != 0) { syslog (LOG_AUTH | LOG_ALERT, "adt_put_event (ADT_passwd, ADT_SUCCESS): " "%m"); } } else { if (adt_put_event (event, ADT_FAILURE, ADT_FAIL_PAM + pam_error_code) != 0) { syslog (LOG_AUTH | LOG_ALERT, "adt_put_event (ADT_passwd, ADT_FAILURE): " "%m"); } } } adt_free_event (event); done: /* Reset process audit state. this process is being reused.*/ if ((adt_set_user (ah, ADT_NO_AUDIT, ADT_NO_AUDIT, ADT_NO_AUDIT, ADT_NO_AUDIT, NULL, ADT_NEW) != 0) || (adt_set_proc (ah) != 0)) { syslog (LOG_AUTH | LOG_ALERT, "adt_put_event (ADT_login (ADT_FAILURE reset, %m)"); } (void) adt_end_session (ah); cleanup: g_free (hostname); g_free (display_device); }