PERFORCE change 96045 for review

Christian S.J. Peron csjp at FreeBSD.org
Tue Apr 25 01:11:51 UTC 2006


http://perforce.freebsd.org/chv.cgi?CH=96045

Change 96045 by csjp at csjp_xor on 2006/04/25 01:10:40

	Switch to use openbsm's audit_submit(3) instead of rolling our own.
	
	- Remove enums for audit success and failure
	- drop audit_su
	- drop prototype for audit_su

Affected files ...

.. //depot/projects/trustedbsd/audit3/usr.bin/su/su.c#14 edit

Differences ...

==== //depot/projects/trustedbsd/audit3/usr.bin/su/su.c#14 (text+ko) ====

@@ -137,7 +137,6 @@
 } while (0)
 
 enum tristate { UNSET, YES, NO };
-enum auditevents { AUDIT_SU_FAILURE, AUDIT_SU_SUCCESS };
 
 static pam_handle_t *pamh = NULL;
 static char	**environ_pam;
@@ -147,9 +146,6 @@
 static void	usage(void) __dead2;
 static void	export_pam_environment(void);
 static int	ok_to_export(const char *);
-#ifdef USE_BSM_AUDIT
-static void	audit_su(au_id_t, int, const char *, ...);
-#endif
 
 extern char	**environ;
 
@@ -224,7 +220,9 @@
 
 	if (strlen(user) > MAXLOGNAME - 1) {
 #ifdef USE_BSM_AUDIT
-		audit_su(getuid(), AUDIT_SU_FAILURE, "username too long");
+		if (audit_submit(AUE_su, getuid(),
+		    1, EPERM, "username too long"))
+			errx(1, "Permission denied");
 #endif
 		errx(1, "username too long");
 	}
@@ -257,8 +255,9 @@
 		pwd = getpwuid(ruid);
 	if (pwd == NULL) {
 #ifdef USE_BSM_AUDIT
-		audit_su(getuid(), AUDIT_SU_FAILURE,
-		    "unable to determain invoking subject");
+		if (audit_submit(AUE_su, getuid(), 1, EPERM,
+		    "unable to determain invoking subject"))
+			errx(1, "Permission denied");
 #endif
 		errx(1, "who are you?");
 	}
@@ -298,15 +297,17 @@
 	retcode = pam_authenticate(pamh, 0);
 	if (retcode != PAM_SUCCESS) {
 #ifdef USE_BSM_AUDIT
-		audit_su(ruid, AUDIT_SU_FAILURE, "bad su %s to %s on %s",
-		    username, user, mytty);
+		if (audit_submit(AUE_su, ruid, 1, EPERM, "bad su %s to %s on %s",
+		    username, user, mytty))
+			errx(1, "Permission denied");
 #endif
 		syslog(LOG_AUTH|LOG_WARNING, "BAD SU %s to %s on %s",
 		    username, user, mytty);
 		errx(1, "Sorry");
 	}
 #ifdef USE_BSM_AUDIT
-	audit_su(ruid, AUDIT_SU_SUCCESS, "successful authentication");
+	if (audit_submit(AUE_su, ruid, 0, 0, "successful authentication"))
+		errx(1, "Permission denied");
 #endif
 	retcode = pam_get_item(pamh, PAM_USER, (const void **)&p);
 	if (retcode == PAM_SUCCESS)
@@ -317,8 +318,9 @@
 	pwd = getpwnam(user);
 	if (pwd == NULL) {
 #ifdef USE_BSM_AUDIT
-		audit_su(getuid(), AUDIT_SU_FAILURE,
-		    "unknown subject: %s", user);
+		if (audit_submit(AUE_su, getuid(), 1, EPERM,
+		    "unknown subject: %s", user))
+			errx(1, "Permission denied");
 #endif
 		errx(1, "unknown login: %s", user);
 	}
@@ -329,9 +331,10 @@
 			PAM_CHANGE_EXPIRED_AUTHTOK);
 		if (retcode != PAM_SUCCESS) {
 #ifdef USE_BSM_AUDIT
-			audit_su(getuid(), AUDIT_SU_FAILURE,
+			if (audit_submit(AUE_su, getuid(), 1, EPERM,
 			    "pam_chauthtok: %s",
-			    pam_strerror(pamh, retcode));
+			    pam_strerror(pamh, retcode)))
+				errx(1, "Permission denied");
 #endif
 			syslog(LOG_ERR, "pam_chauthtok: %s",
 			    pam_strerror(pamh, retcode));
@@ -340,8 +343,9 @@
 	}
 	if (retcode != PAM_SUCCESS) {
 #ifdef USE_BSM_AUDIT
-		audit_su(getuid(), AUDIT_SU_FAILURE, "pam_acct_mgmt: %s",
-		    pam_strerror(pamh, retcode));
+		if (audit_submit(AUE_su, getuid(), 1, EPERM, "pam_acct_mgmt: %s",
+		    pam_strerror(pamh, retcode)))
+			errx(1, "Permission denied");
 #endif
 		syslog(LOG_ERR, "pam_acct_mgmt: %s",
 			pam_strerror(pamh, retcode));
@@ -354,8 +358,9 @@
 	else {
 		if (ruid != 0) {
 #ifdef USE_BSM_AUDIT
-			audit_su(getuid(), AUDIT_SU_FAILURE,
-			    "only root may use -c");
+			if (audit_submit(AUE_su, getuid(), 1, EPERM,
+			    "only root may use -c"))
+				errx(1, "Permission denied");
 #endif
 			errx(1, "only root may use -c");
 		}
@@ -632,90 +637,3 @@
 		snprintf(buf, sizeof(buf), " on %s", p);
 	return buf;
 }
-
-#ifdef USE_BSM_AUDIT
-static void
-audit_su(au_id_t au_ctx, int what, const char *fmt, ...)
-{
-	token_t *token;
-	long acond;
-	int afd;
-	au_tid_t termid;
-	pid_t pid;
-	char text[1024];
-	va_list ap;
-
-	if (auditon(A_GETCOND, &acond, sizeof(long)) < 0) {
-		/*
-		 * If auditon(2) returns ENOSYS, then audit has not been
-		 * compiled into the kernel, so just return.
-		 */
-		if (errno == ENOSYS)
-			return;
-		syslog(LOG_AUTH | LOG_ERR, "audit: auditon failed: %s",
-		    strerror(errno));
-		errx(1, "Permission denied");
-	}
-	if (acond == AUC_NOAUDIT)
-		return;
-	afd = au_open();
-	if (afd < 0) {
-		syslog(LOG_AUTH | LOG_ERR, "audit: au_open failed: %s",
-		    strerror(errno));
-		errx(1, "Permission denied");
-	}
-	/* XXX what should we do for termid? */
-	bzero(&termid, sizeof(termid));
-	pid = getpid();
-	token = au_to_subject32(au_ctx, geteuid(), getegid(),
-	    getuid(), getgid(), pid, pid, &termid);
-	if (token == NULL) {
-		syslog(LOG_AUTH | LOG_ERR,
-		    "audit: unable to build subject token");
-		errx(1, "Permission denied");
-	}
-	if (au_write(afd, token) < 0) {
-		syslog(LOG_AUTH | LOG_ERR,
-		    "audit: au_write failed: %s", strerror(errno));
-		errx(1, "Permission denied");
-	}
-	if (fmt != NULL) {
-		va_start(ap, fmt);
-		(void) vsnprintf(&text[0], sizeof(text) - 1, fmt, ap);
-		va_end(ap);
-		token = au_to_text(&text[0]);
-		if (token == NULL) {
-			syslog(LOG_AUTH | LOG_ERR,
-			    "audit: failed to generate text token");
-			errx(1, "Permission denied");
-		}
-		if (au_write(afd, token) < 0) {
-			syslog(LOG_AUTH | LOG_ERR,
-			    "audit: au_write failed: %s", strerror(errno));
-			errx(1, "Permission denied");
-		}
-	}
-	switch (what) {
-	case AUDIT_SU_FAILURE:
-		token = au_to_return32(1, EPERM);
-		break;
-	case AUDIT_SU_SUCCESS:
-		token = au_to_return32(0, 0);
-		break;
-	}
-	if (token == NULL) {
-		syslog(LOG_AUTH | LOG_ERR,
-		    "audit: enable to build return token");
-		errx(1, "Permission denied");
-	}
-	if (au_write(afd, token) < 0) {
-		syslog(LOG_AUTH | LOG_ERR,
-		    "audit: au_write failed: %s", strerror(errno));
-		errx(1, "Permission denied");
-	}
-	if (au_close(afd, 1, AUE_su) < 0) {
-		syslog(LOG_AUTH | LOG_ERR, "audit: record not committed");
-		errx(1, "Permission denied");
-	}
-}
-#endif


More information about the trustedbsd-cvs mailing list