Home | History | Annotate | Download | only in common
      1 /*
      2  * CDDL HEADER START
      3  *
      4  * The contents of this file are subject to the terms of the
      5  * Common Development and Distribution License (the "License").
      6  * You may not use this file except in compliance with the License.
      7  *
      8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
      9  * or http://www.opensolaris.org/os/licensing.
     10  * See the License for the specific language governing permissions
     11  * and limitations under the License.
     12  *
     13  * When distributing Covered Code, include this CDDL HEADER in each
     14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
     15  * If applicable, add the following below this CDDL HEADER, with the
     16  * fields enclosed by brackets "[]" replaced with your own identifying
     17  * information: Portions Copyright [yyyy] [name of copyright owner]
     18  *
     19  * CDDL HEADER END
     20  */
     21 /*
     22  * adt.h
     23  *
     24  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
     25  * Use is subject to license terms.
     26  *
     27  * This is a contract private interface and is subject to change
     28  */
     29 
     30 #ifndef _ADT_H
     31 #define	_ADT_H
     32 
     33 #include <bsm/audit.h>
     34 #include <bsm/libbsm.h>
     35 #include <bsm/audit_record.h>
     36 #include <bsm/audit_uevents.h>
     37 #include <door.h>
     38 
     39 #ifdef	__cplusplus
     40 extern "C" {
     41 #endif
     42 
     43 #define	ADT_STRING_MAX	511		/* max non-null characters */
     44 #define	ADT_NO_ATTRIB	(uid_t)-1	/* unattributed user */
     45 #define	ADT_NO_CHANGE	(uid_t)-2	/* no update for this parameter */
     46 #define	ADT_NO_AUDIT	(uid_t)-3	/* unaudited user */
     47 
     48 /*
     49  * terminal id types
     50  */
     51 #define	ADT_IPv4	1
     52 #define	ADT_IPv6	2
     53 
     54 /*
     55  * for adt_set_user(): ADT_NEW if creating a session for a newly
     56  * authenticated user -- login -- and ADT_UPDATE if an authenticated
     57  * user is changing uid/gid -- e.g., su.  ADT_USER changes only the
     58  * ruid / euid / rgid / egid values and is appropriate for login-like
     59  * operations where PAM has already set the audit context in the cred.
     60  * ADT_SETTID is for the special case where it is necessary to store
     61  * the terminal id in the credential before forking to the login or
     62  * login-like process.
     63  */
     64 enum adt_user_context {ADT_NEW, ADT_UPDATE, ADT_USER, ADT_SETTID};
     65 
     66 typedef ulong_t			adt_session_flags_t;
     67 typedef struct adt_session_data	adt_session_data_t;
     68 typedef struct adt_export_data	adt_export_data_t;
     69 typedef union adt_event_data	adt_event_data_t;
     70 typedef struct adt_termid	adt_termid_t;
     71 typedef struct translation	adt_translation_t;
     72 
     73 /*
     74  * flag defs for the flags argument of adt_start_session()
     75  */
     76 
     77 #define	ADT_BUFFER_RECORDS	0x2	/* server buffering */
     78 #define	ADT_USE_PROC_DATA	0x1	/* copy audit char's from proc */
     79 	/* | all of above = ADT_FLAGS_ALL  */
     80 #define	ADT_FLAGS_ALL		ADT_BUFFER_RECORDS | \
     81     ADT_USE_PROC_DATA
     82 
     83 /*
     84  * Functions
     85  */
     86 
     87 extern	int	adt_start_session(adt_session_data_t **,
     88 		    const adt_export_data_t *,
     89 		    adt_session_flags_t);
     90 extern	int	adt_end_session(adt_session_data_t *);
     91 extern	int	adt_dup_session(const adt_session_data_t *,
     92     adt_session_data_t **);
     93 
     94 extern	int	adt_set_proc(const adt_session_data_t *);
     95 extern	int	adt_set_user(const adt_session_data_t *, uid_t, gid_t,
     96 		    uid_t, gid_t, const adt_termid_t *,
     97 		    enum adt_user_context);
     98 extern	int	adt_set_from_ucred(const adt_session_data_t *,
     99 		    const ucred_t *,
    100 		    enum adt_user_context);
    101 
    102 extern	size_t	adt_get_session_id(const adt_session_data_t *, char **);
    103 
    104 extern	size_t	adt_export_session_data(const adt_session_data_t *,
    105 		    adt_export_data_t **);
    106 extern	size_t	adt_import_proc(pid_t pid,
    107 		    uid_t euid,
    108 		    gid_t egid,
    109 		    uid_t ruid,
    110 		    gid_t rgid,
    111 		    adt_export_data_t **external);
    112 
    113 extern	adt_event_data_t
    114 		*adt_alloc_event(const adt_session_data_t *, au_event_t);
    115 
    116 extern	int	adt_put_event(const adt_event_data_t *, int, int);
    117 extern	void	adt_free_event(adt_event_data_t *);
    118 
    119 extern	int	adt_load_termid(int, adt_termid_t **);
    120 extern	int	adt_load_hostname(const char *, adt_termid_t **);
    121 extern	int	adt_load_ttyname(const char *, adt_termid_t **);
    122 
    123 extern	boolean_t	adt_audit_enabled(void);
    124 extern	boolean_t	adt_audit_state(int);
    125 
    126 /*
    127  * Special typedefs for translations.
    128  */
    129 
    130 typedef	int	fd_t;		/* file descriptor */
    131 
    132 #ifdef	__cplusplus
    133 }
    134 #endif
    135 
    136 #endif	/* _ADT_H */
    137