1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 26 #ifndef _BSM_LIBBSM_H 27 #define _BSM_LIBBSM_H 28 29 30 #include <secdb.h> 31 #include <stdio.h> 32 #include <errno.h> 33 #include <sys/types.h> 34 #include <bsm/audit.h> 35 #include <bsm/audit_record.h> 36 37 #ifdef __cplusplus 38 extern "C" { 39 #endif 40 41 #ifndef TEXT_DOMAIN 42 #define TEXT_DOMAIN "SUNW_OST_OSLIB" 43 #endif 44 45 extern const char *bsm_dom; 46 47 /* 48 * For audit_event(5) 49 */ 50 struct au_event_ent { 51 au_event_t ae_number; 52 char *ae_name; 53 char *ae_desc; 54 au_class_t ae_class; 55 }; 56 typedef struct au_event_ent au_event_ent_t; 57 58 /* 59 * For audit_class(5) 60 */ 61 struct au_class_ent { 62 char *ac_name; 63 au_class_t ac_class; 64 char *ac_desc; 65 }; 66 typedef struct au_class_ent au_class_ent_t; 67 68 /* 69 * For audit_user(5) 70 */ 71 struct au_user_ent { 72 char *au_name; 73 au_mask_t au_always; 74 au_mask_t au_never; 75 }; 76 typedef struct au_user_ent au_user_ent_t; 77 78 /* 79 * Internal representation of audit user in libnsl 80 */ 81 typedef struct au_user_str_s { 82 char *au_name; 83 char *au_always; 84 char *au_never; 85 } au_user_str_t; 86 87 /* 88 * opaque context value for getacval.c 89 */ 90 typedef struct au_acinfo au_acinfo_t; 91 92 /* 93 * adrf's version of adr_t 94 */ 95 typedef struct adrf_s { 96 adr_t *adrf_adr; 97 FILE *adrf_fp; 98 } adrf_t; 99 100 /* 101 * Functions that manipulate bytes from an audit file 102 */ 103 104 extern void adr_char(adr_t *, char *, int); 105 extern int adr_count(adr_t *); 106 extern void adr_int32(adr_t *, int32_t *, int); 107 extern void adr_uid(adr_t *, uid_t *, int); 108 extern void adr_int64(adr_t *, int64_t *, int); 109 extern void adr_short(adr_t *, short *, int); 110 extern void adr_ushort(adr_t *, ushort_t *, int); 111 extern void adr_start(adr_t *, char *); 112 113 extern int adrf_char(adrf_t *, char *, int); 114 extern int adrf_int32(adrf_t *, int32_t *, int); 115 extern int adrf_int64(adrf_t *, int64_t *, int); 116 extern int adrf_short(adrf_t *, short *, int); 117 extern void adrf_start(adrf_t *, adr_t *, FILE *); 118 extern int adrf_u_char(adrf_t *, uchar_t *, int); 119 extern int adrf_u_int32(adrf_t *, uint32_t *, int); 120 extern int adrf_u_int64(adrf_t *, uint64_t *, int); 121 extern int adrf_u_short(adrf_t *, ushort_t *, int); 122 123 /* 124 * Functions that manipulate bytes from an audit character stream. 125 */ 126 127 extern void adrm_start(adr_t *, char *); 128 extern void adrm_char(adr_t *, char *, int); 129 extern void adrm_short(adr_t *, short *, int); 130 extern void adrm_int64(adr_t *, int64_t *, int); 131 extern void adrm_int32(adr_t *, int32_t *, int); 132 extern void adrm_uid(adr_t *, uid_t *, int); 133 extern void adrm_u_int32(adr_t *, uint32_t *, int); 134 extern void adrm_u_char(adr_t *, uchar_t *, int); 135 extern void adrm_u_int64(adr_t *, uint64_t *, int); 136 extern void adrm_u_short(adr_t *, ushort_t *, int); 137 extern void adrm_putint32(adr_t *, int32_t *, int); 138 139 /* 140 * Functions that do I/O for audit files 141 */ 142 143 extern int au_close(int, int, au_event_t); 144 extern int au_open(void); 145 extern int au_write(int, token_t *); 146 147 /* 148 * Functions than manipulate audit events 149 */ 150 151 extern void setauevent(void); 152 extern void endauevent(void); 153 154 extern au_event_ent_t *getauevent(void); 155 extern au_event_ent_t *getauevent_r(au_event_ent_t *); 156 extern au_event_ent_t *getauevnam(char *); 157 extern au_event_ent_t *getauevnam_r(au_event_ent_t *, char *); 158 extern au_event_ent_t *getauevnum(au_event_t); 159 extern au_event_ent_t *getauevnum_r(au_event_ent_t *, au_event_t); 160 extern au_event_t getauevnonam(char *); 161 extern int au_preselect(au_event_t, au_mask_t *, int, int); 162 extern int cacheauevent(au_event_ent_t **, au_event_t); 163 164 /* 165 * Functions that manipulate audit classes 166 */ 167 168 extern void setauclass(void); 169 extern void endauclass(void); 170 171 extern int cacheauclass(au_class_ent_t **, au_class_t); 172 extern int cacheauclassnam(au_class_ent_t **, char *); 173 extern au_class_ent_t *getauclassent(void); 174 extern au_class_ent_t *getauclassent_r(au_class_ent_t *); 175 extern au_class_ent_t *getauclassnam(char *); 176 extern au_class_ent_t *getauclassnam_r(au_class_ent_t *, char *); 177 178 /* 179 * Functions that manipulate audit attributes of users 180 */ 181 182 void setauuser(void); 183 void endauuser(void); 184 185 au_user_ent_t *getauuserent(void); 186 au_user_ent_t *getauuserent_r(au_user_ent_t *); 187 au_user_ent_t *getauusernam(char *); 188 au_user_ent_t *getauusernam_r(au_user_ent_t *, char *); 189 190 /* 191 * Functions that manipulate the audit control file 192 */ 193 194 void endac(void); 195 void setac(void); 196 197 int getacdir(char *, int); 198 int getacmin(int *); 199 int getacna(char *, int); 200 int getacflg(char *, int); 201 202 /* 203 * Functions that manipulate the audit control file 204 */ 205 206 207 au_acinfo_t *_openac(char *); 208 void _endac(au_acinfo_t *); 209 void _rewindac(au_acinfo_t *); 210 211 int _getacdir(au_acinfo_t *, char *, int); 212 int _getaclib(au_acinfo_t *, kva_t **); 213 int _getacmin(au_acinfo_t *, int *); 214 int _getacna(au_acinfo_t *, char *, int); 215 int _getacflg(au_acinfo_t *, char *, int); 216 int _getacplug(au_acinfo_t *, kva_t **); 217 218 /* 219 * Functions that manipulate audit masks 220 */ 221 222 extern int au_user_mask(char *, au_mask_t *); 223 extern int getauditflagsbin(char *, au_mask_t *); 224 extern int getauditflagschar(char *, au_mask_t *, int); 225 extern int getfauditflags(au_mask_t *, au_mask_t *, au_mask_t *); 226 227 /* 228 * Functions that do system calls 229 */ 230 231 extern int audit(char *, int); 232 extern int auditon(int, caddr_t, int); 233 extern int auditdoor(int); 234 extern int getaudit(auditinfo_t *); 235 extern int getaudit_addr(auditinfo_addr_t *, int); 236 extern int getauid(au_id_t *); 237 extern int setaudit(auditinfo_t *); 238 extern int setaudit_addr(auditinfo_addr_t *, int); 239 extern int setauid(au_id_t *); 240 241 #define BSM_TEXTBUFSZ 256 /* size of string for generic text token */ 242 243 /* 244 * Defines for au_preselect(3) 245 */ 246 #define AU_PRS_SUCCESS 1 247 #define AU_PRS_FAILURE 2 248 #define AU_PRS_BOTH (AU_PRS_SUCCESS|AU_PRS_FAILURE) 249 250 #define AU_PRS_USECACHE 0 251 #define AU_PRS_REREAD 1 252 253 /* 254 * Defines for cacheauclass and cacheauevent 255 */ 256 #define AU_CACHE_FREE 0x0000 257 #define AU_CACHE_NAME 0x0001 258 #define AU_CACHE_NUMBER 0x0002 259 260 /* Flags for user-level audit routines: au_open, au_close, au_to_ */ 261 #define AU_TO_NO_WRITE 0 262 #define AU_TO_WRITE 1 263 264 /* system audit files for auditd */ 265 #define AUDITCLASSFILE "/etc/security/audit_class" 266 #define AUDITCONTROLFILE "/etc/security/audit_control" 267 #define AUDITDATAFILE "/etc/security/audit_data" 268 #define AUDITEVENTFILE "/etc/security/audit_event" 269 #define AUDITUSERFILE "/etc/security/audit_user" 270 271 /* array sizes for audit library structures */ 272 #define AU_CLASS_NAME_MAX 8 273 #define AU_CLASS_DESC_MAX 72 274 #define AU_EVENT_NAME_MAX 30 275 #define AU_EVENT_DESC_MAX 50 276 #define AU_EVENT_LINE_MAX 256 277 278 /* 279 * Some macros used internally by the nsswitch code 280 */ 281 #define AUDITUSER_FILENAME "/etc/security/audit_user" 282 #define AUDITUSER_DB_NAME "audit_user.org_dir" 283 #define AUDITUSER_DB_NCOL 3 /* total columns */ 284 #define AUDITUSER_DB_NKEYCOL 1 /* total searchable columns */ 285 #define AUDITUSER_DB_TBLT "audit_user_tbl" 286 #define AUDITUSER_SUCCESS 0 287 #define AUDITUSER_PARSE_ERANGE 1 288 #define AUDITUSER_NOT_FOUND 2 289 290 #define AUDITUSER_COL0_KW "name" 291 #define AUDITUSER_COL1_KW "always" 292 #define AUDITUSER_COL2_KW "never" 293 294 /* 295 * indices of searchable columns 296 */ 297 #define AUDITUSER_KEYCOL0 0 /* name */ 298 299 300 #ifdef __cplusplus 301 } 302 #endif 303 304 #endif /* _BSM_LIBBSM_H */ 305
Indexes created Tue Nov 24 09:02:24 UTC 2009
Terms of Use |
Privacy |
Trademarks |
Copyright Policy |
Site Guidelines |
Help
Your use of this web site or any of its content or software indicates your agreement to be bound by these Terms of Use.
Copyright © 1995-2008 Sun Microsystems, Inc.