static int change_audit_file(void) { pid_t pid; if (!adt_audit_state(AUC_AUDITING)) { /* auditd not running, just return */ return (0); } if ((pid = fork()) == 0) { (void) execl("/usr/sbin/audit", "audit", "-n", NULL); (void) fprintf(stderr, gettext("error changing audit files: " "%s\n"), strerror(errno)); _exit(-1); } else if (pid == -1) { (void) fprintf(stderr, gettext("error changing audit files: " "%s\n"), strerror(errno)); return (-1); } else { pid_t rc; int retries = RETRY_COUNT; /* * Wait for audit(1M) -n process to complete * */ do { if ((rc = waitpid(pid, NULL, WNOHANG)) == pid) { return (0); } else if (rc == -1) { return (-1); } else { (void) sleep(1); retries--; } } while (retries != 0); } return (-1); }
int main(void) { char *auditset_fmri; char *mask_cfg; (void) setlocale(LC_ALL, ""); (void) textdomain(TEXT_DOMAIN); /* allow execution only inside the SMF facility */ if ((auditset_fmri = getenv("SMF_FMRI")) == NULL || strcmp(auditset_fmri, AUDITSET_FMRI) != 0) { (void) printf(gettext("svc-auditset can be executed only " "inside the SMF facility.\n")); return (SMF_EXIT_ERR_NOSMF); } /* check the c2audit module state */ if (adt_audit_state(AUC_DISABLED)) { #ifdef DEBUG if (errno == ENOTSUP) { (void) printf("c2audit module is excluded from " "the system(4); kernel won't be updated.\n"); } else { (void) printf("%s\n", strerror(errno)); } #endif return (SMF_EXIT_OK); } if (getzoneid() != 0) { #ifdef DEBUG (void) printf("auditset service is disabled within zones.\n"); #endif return (SMF_EXIT_OK); } /* update attributable mask */ if (!do_getflags_scf(&mask_cfg) || mask_cfg == NULL) { (void) printf("Could not get configured attributable audit " "flags.\n"); return (SMF_EXIT_ERR_OTHER); } if (!update_kcontext(A_SETAMASK, mask_cfg)) { free(mask_cfg); return (SMF_EXIT_ERR_OTHER); } free(mask_cfg); /* update non-attributable mask */ if (!do_getnaflags_scf(&mask_cfg) || mask_cfg == NULL) { (void) printf("Could not get configured non-attributable " "audit flags.\n"); return (SMF_EXIT_ERR_OTHER); } if (!update_kcontext(A_SETKMASK, mask_cfg)) { free(mask_cfg); return (SMF_EXIT_ERR_OTHER); } free(mask_cfg); return (SMF_EXIT_OK); }