svc-auditset.c revision 12918:32a41a5f8110
1/* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21/* 22 * Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved. 23 */ 24 25/* 26 * svc-auditset - auditset transient service (AUDITSET_FMRI) startup method; 27 * sets non-/attributable mask in the kernel context. 28 */ 29 30#include <audit_scf.h> 31#include <bsm/adt.h> 32#include <bsm/libbsm.h> 33#include <errno.h> 34#include <locale.h> 35#include <stdio.h> 36 37#if !defined(SMF_EXIT_ERR_OTHER) 38#define SMF_EXIT_ERR_OTHER 1 39#endif 40 41/* 42 * update_kcontext() - updates the non-/attributable preselection masks in 43 * the kernel context. Returns B_TRUE on success, B_FALSE otherwise. 44 */ 45boolean_t 46update_kcontext(int cmd, char *cmask) 47{ 48 au_mask_t bmask; 49 50 (void) getauditflagsbin(cmask, &bmask); 51 if (auditon(cmd, (caddr_t)&bmask, sizeof (bmask)) == -1) { 52 (void) printf("Could not update kernel context (%s).\n", 53 cmd == A_SETAMASK ? "A_SETAMASK" : "A_SETKMASK"); 54 return (B_FALSE); 55 } 56 57#ifdef DEBUG 58 (void) printf("svc-auditset: %s mask set to %s", 59 cmd == A_SETAMASK ? "Attributable" : "Non-Attributable", cmask); 60#endif 61 62 return (B_TRUE); 63} 64 65int 66main(void) 67{ 68 char *auditset_fmri; 69 char *mask_cfg; 70 71 (void) setlocale(LC_ALL, ""); 72 (void) textdomain(TEXT_DOMAIN); 73 74 /* allow execution only inside the SMF facility */ 75 if ((auditset_fmri = getenv("SMF_FMRI")) == NULL || 76 strcmp(auditset_fmri, AUDITSET_FMRI) != 0) { 77 (void) printf(gettext("svc-auditset can be executed only " 78 "inside the SMF facility.\n")); 79 return (SMF_EXIT_ERR_NOSMF); 80 } 81 82 /* check the c2audit module state */ 83 if (adt_audit_state(AUC_DISABLED)) { 84#ifdef DEBUG 85 if (errno == ENOTSUP) { 86 (void) printf("c2audit module is excluded from " 87 "the system(4); kernel won't be updated.\n"); 88 } else { 89 (void) printf("%s\n", strerror(errno)); 90 } 91#endif 92 return (SMF_EXIT_OK); 93 } 94 95 /* update attributable mask */ 96 if (!do_getflags_scf(&mask_cfg) || mask_cfg == NULL) { 97 (void) printf("Could not get configured attributable audit " 98 "flags.\n"); 99 return (SMF_EXIT_ERR_OTHER); 100 } 101 if (!update_kcontext(A_SETAMASK, mask_cfg)) { 102 free(mask_cfg); 103 return (SMF_EXIT_ERR_OTHER); 104 } 105 free(mask_cfg); 106 107 /* update non-attributable mask */ 108 if (!do_getnaflags_scf(&mask_cfg) || mask_cfg == NULL) { 109 (void) printf("Could not get configured non-attributable " 110 "audit flags.\n"); 111 return (SMF_EXIT_ERR_OTHER); 112 } 113 if (!update_kcontext(A_SETKMASK, mask_cfg)) { 114 free(mask_cfg); 115 return (SMF_EXIT_ERR_OTHER); 116 } 117 free(mask_cfg); 118 119 return (SMF_EXIT_OK); 120} 121