diff options
| author | dm120769 <none@none> | 2007-11-19 17:44:01 -0800 |
|---|---|---|
| committer | dm120769 <none@none> | 2007-11-19 17:44:01 -0800 |
| commit | 273264cdcd36b34067f5b77d1af696eff72d46f3 (patch) | |
| tree | e8361f2987df5d76132e14dac8fee9a9fdd98a61 | |
| parent | c9b6d37c673213b7ad91d849a105790cb469f95b (diff) | |
| download | illumos-joyent-273264cdcd36b34067f5b77d1af696eff72d46f3.tar.gz | |
backout 5079356/6405683: causes 6630372
22 files changed, 164 insertions, 2873 deletions
diff --git a/usr/src/cmd/svc/configd/Makefile b/usr/src/cmd/svc/configd/Makefile index 2bde7ca267..910651f997 100644 --- a/usr/src/cmd/svc/configd/Makefile +++ b/usr/src/cmd/svc/configd/Makefile @@ -53,7 +53,7 @@ ROOTCMDDIR= $(ROOT)/lib/svc/bin MYCPPFLAGS = -I. -I../common -I../../../common/svc -I$(ROOT)/usr/include/sqlite -D_REENTRANT CPPFLAGS += $(MYCPPFLAGS) CFLAGS += -v -MYLDLIBS = -lumem -luutil -lbsm +MYLDLIBS = -lumem -luutil LDLIBS += -lsecdb $(MYLDLIBS) LINTFLAGS += -errtags -erroff=E_BAD_FORMAT_ARG_TYPE2 diff --git a/usr/src/cmd/svc/configd/backend.c b/usr/src/cmd/svc/configd/backend.c index a28293d1c8..50bb3052c5 100644 --- a/usr/src/cmd/svc/configd/backend.c +++ b/usr/src/cmd/svc/configd/backend.c @@ -18,7 +18,6 @@ * * CDDL HEADER END */ - /* * Copyright 2007 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. @@ -1892,9 +1891,6 @@ backend_init(const char *db_file, const char *npdb_file, int have_np) } if (db_file == NULL) db_file = REPOSITORY_DB; - if (strcmp(db_file, REPOSITORY_DB) != 0) { - is_main_repository = 0; - } r = backend_create(BACKEND_TYPE_NORMAL, db_file, &be); switch (r) { diff --git a/usr/src/cmd/svc/configd/client.c b/usr/src/cmd/svc/configd/client.c index 4e67f85eec..840e36f64a 100644 --- a/usr/src/cmd/svc/configd/client.c +++ b/usr/src/cmd/svc/configd/client.c @@ -18,9 +18,8 @@ * * CDDL HEADER END */ - /* - * Copyright 2007 Sun Microsystems, Inc. All rights reserved. + * Copyright 2006 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ @@ -37,17 +36,13 @@ #include <alloca.h> #include <assert.h> -#include <bsm/adt_event.h> #include <door.h> #include <errno.h> -#include <libintl.h> #include <limits.h> #include <pthread.h> #include <stdio.h> #include <stdlib.h> #include <string.h> -#include <syslog.h> -#include <ucred.h> #include <unistd.h> #include <libuutil.h> @@ -284,7 +279,6 @@ client_alloc(void) cp->rc_doorid = INVALID_DOORID; (void) pthread_mutex_init(&cp->rc_lock, NULL); - (void) pthread_mutex_init(&cp->rc_annotate_lock, NULL); rc_node_ptr_init(&cp->rc_notify_ptr); @@ -312,8 +306,6 @@ client_free(repcache_client_t *cp) uu_avl_destroy(cp->rc_iters); uu_list_node_fini(cp, &cp->rc_link, client_pool); (void) pthread_mutex_destroy(&cp->rc_lock); - (void) pthread_mutex_destroy(&cp->rc_annotate_lock); - rc_node_ptr_free_mem(&cp->rc_notify_ptr); uu_free(cp); } @@ -505,7 +497,6 @@ entity_destroy(repcache_entity_t *entity) uu_avl_node_fini(entity, &entity->re_link, entity_pool); (void) pthread_mutex_destroy(&entity->re_lock); - rc_node_ptr_free_mem(&entity->re_node); uu_free(entity); } @@ -724,19 +715,6 @@ client_destroy(uint32_t id) */ rc_pg_notify_fini(&cp->rc_pg_notify); - /* - * clean up annotations - */ - if (cp->rc_operation != NULL) - free((void *)cp->rc_operation); - if (cp->rc_file != NULL) - free((void *)cp->rc_file); - - /* - * End audit session. - */ - (void) adt_end_session(cp->rc_adt_session); - client_free(cp); } @@ -1792,207 +1770,6 @@ backup_repository(repcache_client_t *cp, return (result); } -/* - * This function captures the information that will be used for an - * annotation audit event. Specifically, it captures the operation to be - * performed and the name of the file that is being used. These values are - * copied from the rep_protocol_annotation request at rpr to the client - * structure. If both these values are null, the client is turning - * annotation off. - * - * Fails with - * _NO_RESOURCES - unable to allocate memory - */ -static rep_protocol_responseid_t -set_annotation(repcache_client_t *cp, struct rep_protocol_annotation *rpr) -{ - au_id_t audit_uid; - const char *file = NULL; - const char *old_ptrs[2]; - const char *operation = NULL; - rep_protocol_responseid_t rc = REP_PROTOCOL_FAIL_NO_RESOURCES; - au_asid_t sessionid; - - (void) memset((void *)old_ptrs, 0, sizeof (old_ptrs)); - - /* Copy rpr_operation and rpr_file if they are not empty strings. */ - if (rpr->rpr_operation[0] != 0) { - /* - * Make sure that client did not send us an unterminated buffer. - */ - rpr->rpr_operation[sizeof (rpr->rpr_operation) - 1] = 0; - if ((operation = strdup(rpr->rpr_operation)) == NULL) - goto out; - } - if (rpr->rpr_file[0] != 0) { - /* - * Make sure that client did not send us an unterminated buffer. - */ - rpr->rpr_file[sizeof (rpr->rpr_file) - 1] = 0; - if ((file = strdup(rpr->rpr_file)) == NULL) - goto out; - } - - (void) pthread_mutex_lock(&cp->rc_annotate_lock); - /* Save addresses of memory to free when not locked */ - old_ptrs[0] = cp->rc_operation; - old_ptrs[1] = cp->rc_file; - - /* Save pointers to annotation strings. */ - cp->rc_operation = operation; - cp->rc_file = file; - - /* - * Set annotation flag. Annotations should be turned on if either - * operation or file are not NULL. - */ - cp->rc_annotate = (operation != NULL) || (file != NULL); - (void) pthread_mutex_unlock(&cp->rc_annotate_lock); - - /* - * operation and file pointers are saved in cp, so don't free them - * during cleanup. - */ - operation = NULL; - file = NULL; - rc = REP_PROTOCOL_SUCCESS; - - /* - * Native builds are done to create svc.configd-native. This - * program runs only on the Open Solaris build machines to create - * the seed repository. Until the SMF auditing code is distributed - * to the Open Solaris build machines, adt_get_unique_id() in the - * following code is not a global function in libbsm. Hence the - * following conditional compilation. - */ -#ifndef NATIVE_BUILD - /* - * Set the appropriate audit session id. - */ - if (cp->rc_annotate) { - /* - * We're starting a group of annotated audit events, so - * create and set an audit session ID for this annotation. - */ - adt_get_auid(cp->rc_adt_session, &audit_uid); - sessionid = adt_get_unique_id(audit_uid); - } else { - /* - * Annotation is done so restore our client audit session - * id. - */ - sessionid = cp->rc_adt_sessionid; - } - adt_set_asid(cp->rc_adt_session, sessionid); -#endif /* NATIVE_BUILD */ - -out: - if (operation != NULL) - free((void *)operation); - if (file != NULL) - free((void *)file); - free((void *)old_ptrs[0]); - free((void *)old_ptrs[1]); - return (rc); -} - -/* - * Determine if an annotation event needs to be generated. If it does - * provide the operation and file name that should be used in the event. - * - * Can return: - * 0 No annotation event needed or buffers are not large - * enough. Either way an event should not be - * generated. - * 1 Generate annotation event. - */ -int -client_annotation_needed(char *operation, size_t oper_sz, - char *file, size_t file_sz) -{ - thread_info_t *ti = thread_self(); - repcache_client_t *cp = ti->ti_active_client; - int rc = 0; - - (void) pthread_mutex_lock(&cp->rc_annotate_lock); - if (cp->rc_annotate) { - rc = 1; - if (cp->rc_operation == NULL) { - if (oper_sz > 0) - operation[0] = 0; - } else { - if (strlcpy(operation, cp->rc_operation, oper_sz) >= - oper_sz) { - /* Buffer overflow, so do not generate event */ - rc = 0; - } - } - if (cp->rc_file == NULL) { - if (file_sz > 0) - file[0] = 0; - } else if (rc == 1) { - if (strlcpy(file, cp->rc_file, file_sz) >= file_sz) { - /* Buffer overflow, so do not generate event */ - rc = 0; - } - } - } - (void) pthread_mutex_unlock(&cp->rc_annotate_lock); - return (rc); -} - -void -client_annotation_finished() -{ - thread_info_t *ti = thread_self(); - repcache_client_t *cp = ti->ti_active_client; - - (void) pthread_mutex_lock(&cp->rc_annotate_lock); - cp->rc_annotate = 0; - (void) pthread_mutex_unlock(&cp->rc_annotate_lock); -} - -static void -start_audit_session(repcache_client_t *cp) -{ - ucred_t *cred = NULL; - int adt_rc = 0; - adt_session_data_t *session; - - if ((adt_rc = door_ucred(&cred)) != 0) { - syslog(LOG_ERR, gettext("start_audit_session(): cannot " - "get ucred. %m\n")); - } - if ((adt_rc == 0) && - (adt_rc = adt_start_session(&session, NULL, 0)) != 0) { - /* - * Log the failure, but don't quit because of inability to - * audit. - */ - syslog(LOG_ERR, gettext("start_audit_session(): could not " - "start audit session.\n")); - } - if ((adt_rc == 0) && - ((adt_rc = adt_set_from_ucred(session, cred, ADT_NEW)) != 0)) { - syslog(LOG_ERR, gettext("start_audit_session(): cannot set " - "audit session data from ucred\n")); - } - if (adt_rc == 0) { - /* All went well. Save the session data and session ID */ - cp->rc_adt_session = session; - adt_get_asid(session, &cp->rc_adt_sessionid); - } else { - /* - * Something went wrong. End the session. A NULL session - * pointer value can legally be used in all subsequent - * calls to adt_ functions. - */ - (void) adt_end_session(session); - cp->rc_adt_session = NULL; - } - - ucred_free(cred); -} typedef rep_protocol_responseid_t protocol_simple_f(repcache_client_t *cp, const void *rpr); @@ -2165,9 +1942,6 @@ static struct protocol_entry { PROTO(REP_PROTOCOL_BACKUP, backup_repository, struct rep_protocol_backup_request), - PROTO(REP_PROTOCOL_SET_AUDIT_ANNOTATION, set_annotation, - struct rep_protocol_annotation), - PROTO_END() }; #undef PROTO @@ -2402,8 +2176,6 @@ create_client(pid_t pid, uint32_t debugflags, int privileged, int *out_fd) cp->rc_pid = pid; cp->rc_debug = debugflags; - start_audit_session(cp); - cp->rc_doorfd = door_create(client_switcher, (void *)cp->rc_id, door_flags); diff --git a/usr/src/cmd/svc/configd/configd.c b/usr/src/cmd/svc/configd/configd.c index f7ac0f66a3..8aa37492f1 100644 --- a/usr/src/cmd/svc/configd/configd.c +++ b/usr/src/cmd/svc/configd/configd.c @@ -19,7 +19,7 @@ * CDDL HEADER END */ /* - * Copyright 2007 Sun Microsystems, Inc. All rights reserved. + * Copyright 2006 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ @@ -201,10 +201,6 @@ thread_self(void) return (pthread_getspecific(thread_info_key)); } -/* - * get_ucred() returns NULL if it was unable to get the credential - * information. - */ ucred_t * get_ucred(void) { @@ -238,21 +234,6 @@ ucred_is_privileged(ucred_t *uc) return (0); } -/* - * The purpose of this function is to get the audit session data for use in - * generating SMF audit events. We use a single audit session per client. - * - * get_audit_session() may return NULL. It is legal to use a NULL pointer - * in subsequent calls to adt_* functions. - */ -adt_session_data_t * -get_audit_session(void) -{ - thread_info_t *ti = thread_self(); - - return (ti->ti_active_client->rc_adt_session); -} - static void * thread_start(void *arg) { @@ -553,10 +534,12 @@ main(int argc, char *argv[]) break; case 'd': doorpath = regularize_path(curdir, optarg, doortmp); + is_main_repository = 0; have_npdb = 0; /* default to no non-persist */ break; case 'p': log_to_syslog = 0; /* don't use syslog */ + is_main_repository = 0; /* * If our parent exits while we're opening its /proc diff --git a/usr/src/cmd/svc/configd/configd.h b/usr/src/cmd/svc/configd/configd.h index c50046ec39..dc170fc2d7 100644 --- a/usr/src/cmd/svc/configd/configd.h +++ b/usr/src/cmd/svc/configd/configd.h @@ -2,8 +2,9 @@ * CDDL HEADER START * * The contents of this file are subject to the terms of the - * Common Development and Distribution License (the "License"). - * You may not use this file except in compliance with the License. + * Common Development and Distribution License, Version 1.0 only + * (the "License"). You may not use this file except in compliance + * with the License. * * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE * or http://www.opensolaris.org/os/licensing. @@ -19,7 +20,7 @@ * CDDL HEADER END */ /* - * Copyright 2007 Sun Microsystems, Inc. All rights reserved. + * Copyright 2005 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ @@ -28,7 +29,6 @@ #pragma ident "%Z%%M% %I% %E% SMI" -#include <bsm/adt.h> #include <door.h> #include <pthread.h> #include <string.h> @@ -62,7 +62,6 @@ extern "C" { * * leaf locks: (no other locks may be aquired while holding one) * rc_pg_notify_lock - * rc_annotate_lock */ /* @@ -252,7 +251,6 @@ struct rc_node { rc_node_t *rn_parent; /* set if on child list */ rc_node_t *rn_former; /* next former node */ rc_node_t *rn_parent_ref; /* reference count target */ - const char *rn_fmri; /* * external state (protected by hash chain lock) @@ -309,30 +307,9 @@ struct rc_node { (RC_NODE_DYING_FLAGS | RC_NODE_USING_PARENT) -typedef enum rc_auth_state { - RC_AUTH_UNKNOWN = 0, /* No checks done yet. */ - RC_AUTH_FAILED, /* Authorization checked & failed. */ - RC_AUTH_PASSED /* Authorization succeeded. */ -} rc_auth_state_t; - -/* - * Some authorization checks are performed in rc_node_setup_tx() in - * response to the REP_PROTOCOL_PROPERTYGRP_TX_START message. Other checks - * must wait until the actual transaction operations are received in the - * REP_PROTOCOL_PROPERTYGRP_TX_COMMIT message. This second set of checks - * is performed in rc_tx_commit(). rnp_auth_string and rnp_authorized in - * the following structure are used to hold the results of the - * authorization checking done in rc_node_setup_tx() for later use by - * rc_tx_commit(). - * - * In client.c transactions are represented by rc_node_ptr structures which - * point to a property group rc_node_t. Thus, this is an appropriate place - * to hold authorization state. - */ typedef struct rc_node_ptr { rc_node_t *rnp_node; - const char *rnp_auth_string; /* authorization string */ - rc_auth_state_t rnp_authorized; /* transaction pre-auth rslt. */ + char rnp_authorized; /* transaction pre-authed */ char rnp_deleted; /* object was deleted */ } rc_node_ptr_t; @@ -376,14 +353,6 @@ typedef struct cache_bucket { } cache_bucket_t; /* - * tx_commit_data_tx is an opaque structure which is defined in object.c. - * It contains the data of the transaction that is to be committed. - * Accessor functions in object.c allow other modules to retrieve - * information. - */ -typedef struct tx_commit_data tx_commit_data_t; - -/* * Snapshots */ struct rc_snapshot { @@ -467,21 +436,6 @@ typedef struct repcache_client { int rc_doorfd; /* our door's FD */ /* - * Constants used for security auditing - * - * rc_adt_session points to the audit session data that is used for - * the life of the client. rc_adt_sessionid is the session ID that - * is initially assigned when the audit session is started. See - * start_audit_session() in client.c. This session id is used for - * audit events except when we are processing a set of annotated - * events. Annotated events use a separate session id so that they - * can be grouped. See set_annotation() in client.c. - */ - adt_session_data_t *rc_adt_session; /* Session data. */ - au_asid_t rc_adt_sessionid; /* Main session ID for */ - /* auditing */ - - /* * client list linkage, protected by hash chain lock */ uu_list_node_t rc_link; @@ -507,26 +461,13 @@ typedef struct repcache_client { * Variables, protected by rc_lock */ int rc_refcnt; /* in-progress door calls */ - int rc_flags; /* see RC_CLIENT_* symbols below */ + int rc_flags; /* state */ uint32_t rc_changeid; /* used to make backups idempotent */ pthread_t rc_insert_thr; /* single thread trying to insert */ pthread_t rc_notify_thr; /* single thread waiting for notify */ pthread_cond_t rc_cv; pthread_mutex_t rc_lock; - - /* - * Per-client audit information. These fields must be protected by - * rc_annotate_lock separately from rc_lock because they may need - * to be accessed from rc_node.c with an entity or iterator lock - * held, and those must be taken after rc_lock. - */ - int rc_annotate; /* generate annotation event if set */ - const char *rc_operation; /* operation for audit annotation */ - const char *rc_file; /* file name for audit annotation */ - pthread_mutex_t rc_annotate_lock; } repcache_client_t; - -/* Bit definitions for rc_flags. */ #define RC_CLIENT_DEAD 0x00000001 typedef struct client_bucket { @@ -618,8 +559,6 @@ void thread_newstate(thread_info_t *, thread_state_t); ucred_t *get_ucred(void); int ucred_is_privileged(ucred_t *); -adt_session_data_t *get_audit_session(void); - void configd_critical(const char *, ...); void configd_vcritical(const char *, va_list); @@ -634,8 +573,6 @@ int setup_main_door(const char *); /* * client.c */ -int client_annotation_needed(char *, size_t, char *, size_t); -void client_annotation_finished(void); int create_client(pid_t, uint32_t, int, int *); int client_init(void); int client_is_privileged(void); @@ -647,7 +584,6 @@ void log_enter(request_log_entry_t *); int rc_node_init(); int rc_check_type_name(uint32_t, const char *); -void rc_node_ptr_free_mem(rc_node_ptr_t *); void rc_node_rele(rc_node_t *); rc_node_t *rc_node_setup(rc_node_t *, rc_node_lookup_t *, const char *, rc_node_t *); @@ -733,18 +669,7 @@ int object_snapshot_attach(rc_node_lookup_t *, uint32_t *, int); /* * object.c */ -int object_tx_commit(rc_node_lookup_t *, tx_commit_data_t *, uint32_t *); - -/* Functions to access transaction commands. */ -int tx_cmd_action(tx_commit_data_t *, size_t, - enum rep_protocol_transaction_action *); -size_t tx_cmd_count(tx_commit_data_t *); -int tx_cmd_nvalues(tx_commit_data_t *, size_t, uint32_t *); -int tx_cmd_prop(tx_commit_data_t *, size_t, const char **); -int tx_cmd_prop_type(tx_commit_data_t *, size_t, uint32_t *); -int tx_cmd_value(tx_commit_data_t *, size_t, uint32_t, const char **); -void tx_commit_data_free(tx_commit_data_t *); -int tx_commit_data_new(const void *, size_t, tx_commit_data_t **); +int object_tx_commit(rc_node_lookup_t *, const void *, size_t, uint32_t *); /* * snapshot.c diff --git a/usr/src/cmd/svc/configd/object.c b/usr/src/cmd/svc/configd/object.c index 223c42610f..7bc4155033 100644 --- a/usr/src/cmd/svc/configd/object.c +++ b/usr/src/cmd/svc/configd/object.c @@ -2,8 +2,9 @@ * CDDL HEADER START * * The contents of this file are subject to the terms of the - * Common Development and Distribution License (the "License"). - * You may not use this file except in compliance with the License. + * Common Development and Distribution License, Version 1.0 only + * (the "License"). You may not use this file except in compliance + * with the License. * * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE * or http://www.opensolaris.org/os/licensing. @@ -18,9 +19,8 @@ * * CDDL HEADER END */ - /* - * Copyright 2007 Sun Microsystems, Inc. All rights reserved. + * Copyright 2004 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ @@ -79,7 +79,7 @@ struct tx_commit_data { static int tx_check_genid(void *data_arg, int columns, char **vals, char **names) { - tx_commit_data_t *data = data_arg; + struct tx_commit_data *data = data_arg; assert(columns == 1); if (atoi(vals[0]) != data->txc_oldgen) data->txc_result = REP_PROTOCOL_FAIL_NOT_LATEST; @@ -104,7 +104,7 @@ tx_check_genid(void *data_arg, int columns, char **vals, char **names) static int tx_process_property(void *data_arg, int columns, char **vals, char **names) { - tx_commit_data_t *data = data_arg; + struct tx_commit_data *data = data_arg; struct tx_cmd *elem; const char *prop_name = vals[0]; @@ -183,7 +183,7 @@ tx_process_property(void *data_arg, int columns, char **vals, char **names) * Finally, we check all of the commands, and fail if anything was marked bad. */ static int -tx_process_cmds(tx_commit_data_t *data) +tx_process_cmds(struct tx_commit_data *data) { int idx; int r; @@ -194,7 +194,6 @@ tx_process_cmds(tx_commit_data_t *data) backend_query_t *q; int do_delete; - uint32_t nvalues; /* * For persistent pgs, we use backend_fail_if_seen to abort the @@ -299,9 +298,8 @@ tx_process_cmds(tx_commit_data_t *data) v = elem->tx_values; - nvalues = elem->tx_nvalues; while (r == REP_PROTOCOL_SUCCESS && - nvalues--) { + elem->tx_nvalues--) { str = (const char *)&v[1]; r = backend_tx_run_update(data->txc_tx, @@ -339,7 +337,7 @@ check_string(uintptr_t loc, uint32_t len, uint32_t sz) } static int -tx_check_and_setup(tx_commit_data_t *data, const void *cmds_arg, +tx_check_and_setup(struct tx_commit_data *data, const void *cmds_arg, uint32_t count) { const struct rep_protocol_transaction_cmd *cmds; @@ -411,46 +409,26 @@ tx_check_and_setup(tx_commit_data_t *data, const void *cmds_arg, return (REP_PROTOCOL_SUCCESS); } -/* - * Free the memory associated with a tx_commit_data structure. - */ -void -tx_commit_data_free(tx_commit_data_t *tx_data) -{ - uu_free(tx_data); -} - -/* - * Parse the data of a REP_PROTOCOL_PROPERTYGRP_TX_COMMIT message into a - * more useful form. The data in the message will be represented by a - * tx_commit_data_t structure which is allocated by this function. The - * address of the allocated structure is returned to *tx_data and must be - * freed by calling tx_commit_data_free(). - * - * Parameters: - * cmds_arg Address of the commands in the - * REP_PROTOCOL_PROPERTYGRP_TX_COMMIT message. - * - * cmds_sz Number of message bytes at cmds_arg. - * - * tx_data Points to the place to receive the address of the - * allocated memory. - * - * Fails with - * _BAD_REQUEST - * _NO_RESOURCES - */ int -tx_commit_data_new(const void *cmds_arg, size_t cmds_sz, - tx_commit_data_t **tx_data) +object_tx_commit(rc_node_lookup_t *lp, const void *cmds_arg, size_t cmds_sz, + uint32_t *gen) { const struct rep_protocol_transaction_cmd *cmds; - tx_commit_data_t *data; uintptr_t loc; - uint32_t count; - uint32_t sz; + + struct tx_commit_data *data; + uint32_t count, sz; + uint32_t new_gen; + int ret; + rep_protocol_responseid_t r; + + backend_tx_t *tx; + backend_query_t *q; + + int backend = lp->rl_backend; + /* * First, verify that the reported sizes make sense, and count * the number of commands. @@ -477,175 +455,16 @@ tx_commit_data_new(const void *cmds_arg, size_t cmds_sz, count++; } - data = uu_zalloc(TX_COMMIT_DATA_SIZE(count)); - if (data == NULL) - return (REP_PROTOCOL_FAIL_NO_RESOURCES); + data = alloca(TX_COMMIT_DATA_SIZE(count)); + (void) memset(data, 0, TX_COMMIT_DATA_SIZE(count)); /* * verify that everything looks okay, and set up our command * datastructures. */ - data->txc_count = count; ret = tx_check_and_setup(data, cmds_arg, count); - if (ret == REP_PROTOCOL_SUCCESS) { - *tx_data = data; - } else { - *tx_data = NULL; - uu_free(data); - } - return (ret); -} - -/* - * The following are a set of accessor functions to retrieve data from a - * tx_commit_data_t that has been allocated by tx_commit_data_new(). - */ - -/* - * Return the action of the transaction command whose command number is - * cmd_no. The action is placed at *action. - * - * Returns: - * _FAIL_BAD_REQUEST cmd_no is out of range. - */ -int -tx_cmd_action(tx_commit_data_t *tx_data, size_t cmd_no, - enum rep_protocol_transaction_action *action) -{ - struct tx_cmd *cur; - - assert(cmd_no < tx_data->txc_count); - if (cmd_no >= tx_data->txc_count) - return (REP_PROTOCOL_FAIL_BAD_REQUEST); - - cur = &tx_data->txc_cmds[cmd_no]; - *action = cur->tx_cmd->rptc_action; - return (REP_PROTOCOL_SUCCESS); -} - -/* - * Return the number of transaction commands held in tx_data. - */ -size_t -tx_cmd_count(tx_commit_data_t *tx_data) -{ - return (tx_data->txc_count); -} - -/* - * Return the number of property values that are associated with the - * transaction command whose number is cmd_no. The number of values is - * returned to *nvalues. - * - * Returns: - * _FAIL_BAD_REQUEST cmd_no is out of range. - */ -int -tx_cmd_nvalues(tx_commit_data_t *tx_data, size_t cmd_no, uint32_t *nvalues) -{ - struct tx_cmd *cur; - - assert(cmd_no < tx_data->txc_count); - if (cmd_no >= tx_data->txc_count) - return (REP_PROTOCOL_FAIL_BAD_REQUEST); - - cur = &tx_data->txc_cmds[cmd_no]; - *nvalues = cur->tx_nvalues; - return (REP_PROTOCOL_SUCCESS); -} - -/* - * Return a pointer to the property name of the command whose number is - * cmd_no. The property name pointer is returned to *pname. - * - * Returns: - * _FAIL_BAD_REQUEST cmd_no is out of range. - */ -int -tx_cmd_prop(tx_commit_data_t *tx_data, size_t cmd_no, const char **pname) -{ - struct tx_cmd *cur; - - assert(cmd_no < tx_data->txc_count); - if (cmd_no >= tx_data->txc_count) - return (REP_PROTOCOL_FAIL_BAD_REQUEST); - - cur = &tx_data->txc_cmds[cmd_no]; - *pname = cur->tx_prop; - return (REP_PROTOCOL_SUCCESS); -} - -/* - * Return the property type of the property whose command number is - * cmd_no. The property type is returned to *ptype. - * - * Returns: - * _FAIL_BAD_REQUEST cmd_no is out of range. - */ -int -tx_cmd_prop_type(tx_commit_data_t *tx_data, size_t cmd_no, uint32_t *ptype) -{ - struct tx_cmd *cur; - - assert(cmd_no < tx_data->txc_count); - if (cmd_no >= tx_data->txc_count) - return (REP_PROTOCOL_FAIL_BAD_REQUEST); - - cur = &tx_data->txc_cmds[cmd_no]; - *ptype = cur->tx_cmd->rptc_type; - return (REP_PROTOCOL_SUCCESS); -} - -/* - * This function is used to retrieve a property value from the transaction - * data. val_no specifies which value is to be retrieved from the - * transaction command whose number is cmd_no. A pointer to the specified - * value is placed in *val. - * - * Returns: - * _FAIL_BAD_REQUEST cmd_no or val_no is out of range. - */ -int -tx_cmd_value(tx_commit_data_t *tx_data, size_t cmd_no, uint32_t val_no, - const char **val) -{ - const char *bp; - struct tx_cmd *cur; - uint32_t i; - uint32_t value_len; - - assert(cmd_no < tx_data->txc_count); - if (cmd_no >= tx_data->txc_count) - return (REP_PROTOCOL_FAIL_BAD_REQUEST); - - cur = &tx_data->txc_cmds[cmd_no]; - assert(val_no < cur->tx_nvalues); - if (val_no >= cur->tx_nvalues) - return (REP_PROTOCOL_FAIL_BAD_REQUEST); - - /* Find the correct value */ - bp = (char *)cur->tx_values; - for (i = 0; i < val_no; i++) { - /* LINTED alignment */ - value_len = *(uint32_t *)bp; - bp += sizeof (uint32_t) + TX_SIZE(value_len); - } - - /* Bypass the count & return pointer to value. */ - bp += sizeof (uint32_t); - *val = bp; - return (REP_PROTOCOL_SUCCESS); -} - -int -object_tx_commit(rc_node_lookup_t *lp, tx_commit_data_t *data, uint32_t *gen) -{ - uint32_t new_gen; - int ret; - rep_protocol_responseid_t r; - backend_tx_t *tx; - backend_query_t *q; - int backend = lp->rl_backend; + if (ret != REP_PROTOCOL_SUCCESS) + return (ret); ret = backend_tx_begin(backend, &tx); if (ret != REP_PROTOCOL_SUCCESS) @@ -669,7 +488,7 @@ object_tx_commit(rc_node_lookup_t *lp, tx_commit_data_t *data, uint32_t *gen) } /* If the transaction is empty, cut out early. */ - if (data->txc_count == 0) { + if (count == 0) { backend_tx_rollback(tx); r = REP_PROTOCOL_DONE; goto end; @@ -684,6 +503,7 @@ object_tx_commit(rc_node_lookup_t *lp, tx_commit_data_t *data, uint32_t *gen) data->txc_pg_id = lp->rl_main_id; data->txc_gen = new_gen; data->txc_tx = tx; + data->txc_count = count; r = backend_tx_run_update(tx, "UPDATE pg_tbl SET pg_gen_id = %d " diff --git a/usr/src/cmd/svc/configd/rc_node.c b/usr/src/cmd/svc/configd/rc_node.c index 4c728e0846..bed6c9ed3f 100644 --- a/usr/src/cmd/svc/configd/rc_node.c +++ b/usr/src/cmd/svc/configd/rc_node.c @@ -128,11 +128,6 @@ * current door call client possesses any of them (perm_granted()). * * At some point, a generic version of this should move to libsecdb. - * - * While entering the enabling strings into the hash table, we keep track - * of which is the most specific for use in generating auditing events. - * See the "Collecting the Authorization String" section of the "SMF Audit - * Events" block comment below. */ /* @@ -164,187 +159,9 @@ * iterator carries an index into rn_cchain[]. Thus most of the magic ends up * int the rc_iter_*() code. */ -/* - * SMF Audit Events: - * ================ - * - * To maintain security, SMF generates audit events whenever - * privileged operations are attempted. See the System Administration - * Guide:Security Services answerbook for a discussion of the Solaris - * audit system. - * - * The SMF audit event codes are defined in adt_event.h by symbols - * starting with ADT_smf_ and are described in audit_event.txt. The - * audit record structures are defined in the SMF section of adt.xml. - * adt.xml is used to automatically generate adt_event.h which - * contains the definitions that we code to in this file. For the - * most part the audit events map closely to actions that you would - * perform with svcadm or svccfg, but there are some special cases - * which we'll discuss later. - * - * The software associated with SMF audit events falls into three - * categories: - * - collecting information to be written to the audit - * records - * - using the adt_* functions in - * usr/src/lib/libbsm/common/adt.c to generate the audit - * records. - * - handling special cases - * - * Collecting Information: - * ---------------------- - * - * Most all of the audit events require the FMRI of the affected - * object and the authorization string that was used. The one - * exception is ADT_smf_annotation which we'll talk about later. - * - * Collecting the FMRI: - * - * The rc_node structure has a member called rn_fmri which points to - * its FMRI. This is initialized by a call to rc_node_build_fmri() - * when the node's parent is established. The reason for doing it - * at this time is that a node's FMRI is basically the concatenation - * of the parent's FMRI and the node's name with the appropriate - * decoration. rc_node_build_fmri() does this concatenation and - * decorating. It is called from rc_node_link_child() and - * rc_node_relink_child() where a node is linked to its parent. - * - * rc_node_get_fmri_or_fragment() is called to retrieve a node's FMRI - * when it is needed. It returns rn_fmri if it is set. If the node - * is at the top level, however, rn_fmri won't be set because it was - * never linked to a parent. In this case, - * rc_node_get_fmri_or_fragment() constructs an FMRI fragment based on - * its node type and its name, rn_name. - * - * Collecting the Authorization String: - * - * Naturally, the authorization string is captured during the - * authorization checking process. Acceptable authorization strings - * are added to a permcheck_t hash table as noted in the section on - * permission checking above. Once all entries have been added to the - * hash table, perm_granted() is called. If the client is authorized, - * perm_granted() returns with pc_auth_string of the permcheck_t - * structure pointing to the authorization string. - * - * This works fine if the client is authorized, but what happens if - * the client is not authorized? We need to report the required - * authorization string. This is the authorization that would have - * been used if permission had been granted. perm_granted() will - * find no match, so it needs to decide which string in the hash - * table to use as the required authorization string. It needs to do - * this, because configd is still going to generate an event. A - * design decision was made to use the most specific authorization - * in the hash table. The pc_auth_type enum designates the - * specificity of an authorization string. For example, an - * authorization string that is declared in an instance PG is more - * specific than one that is declared in a service PG. - * - * The pc_add() function keeps track of the most specific - * authorization in the hash table. It does this using the - * pc_specific and pc_specific_type members of the permcheck - * structure. pc_add() updates these members whenever a more - * specific authorization string is added to the hash table. Thus, if - * an authorization match is not found, perm_granted() will return - * with pc_auth_string in the permcheck_t pointing to the string that - * is referenced by pc_specific. - * - * Generating the Audit Events: - * =========================== - * - * As the functions in this file process requests for clients of - * configd, they gather the information that is required for an audit - * event. Eventually, the request processing gets to the point where - * the authorization is rejected or to the point where the requested - * action was attempted. At these two points smf_audit_event() is - * called. - * - * smf_audit_event() takes 4 parameters: - * - the event ID which is one of the ADT_smf_* symbols from - * adt_event.h. - * - status to pass to adt_put_event() - * - return value to pass to adt_put_event() - * - the event data (see audit_event_data structure) - * - * All interactions with the auditing software require an audit - * session. We use one audit session per configd client. We keep - * track of the audit session in the repcache_client structure. - * smf_audit_event() calls get_audit_session() to get the session - * pointer. - * - * smf_audit_event() then calls adt_alloc_event() to allocate an - * adt_event_data union which is defined in adt_event.h, copies the - * data into the appropriate members of the union and calls - * adt_put_event() to generate the event. - * - * Special Cases: - * ============= - * - * There are three major types of special cases: - * - * - gathering event information for each action in a - * transaction - * - Higher level events represented by special property - * group/property name combinations. Many of these are - * restarter actions. - * - ADT_smf_annotation event - * - * Processing Transaction Actions: - * ------------------------------ - * - * A transaction can contain multiple actions to modify, create or - * delete one or more properties. We need to capture information so - * that we can generate an event for each property action. The - * transaction information is stored in a tx_commmit_data_t, and - * object.c provides accessor functions to retrieve data from this - * structure. rc_tx_commit() obtains a tx_commit_data_t by calling - * tx_commit_data_new() and passes this to object_tx_commit() to - * commit the transaction. Then we call generate_property_events() to - * generate an audit event for each property action. - * - * Special Properties: - * ------------------ - * - * There are combinations of property group/property name that are special. - * They are special because they have specific meaning to startd. startd - * interprets them in a service-independent fashion. - * restarter_actions/refresh and general/enabled are two examples of these. - * A special event is generated for these properties in addition to the - * regular property event described in the previous section. The special - * properties are declared as an array of audit_special_prop_item - * structures at special_props_list in rc_node.c. - * - * In the previous section, we mentioned the - * generate_property_event() function that generates an event for - * every property action. Before generating the event, - * generate_property_event() calls special_property_event(). - * special_property_event() checks to see if the action involves a - * special property. If it does, it generates a special audit - * event. - * - * ADT_smf_annotation event: - * ------------------------ - * - * This is a special event unlike any other. It allows the svccfg - * program to store an annotation in the event log before a series - * of transactions is processed. It is used with the import and - * apply svccfg commands. svccfg uses the rep_protocol_annotation - * message to pass the operation (import or apply) and the file name - * to configd. The set_annotation() function in client.c stores - * these away in the a repcache_client structure. The address of - * this structure is saved in the thread_info structure. - * - * Before it generates any events, smf_audit_event() calls - * smf_annotation_event(). smf_annotation_event() calls - * client_annotation_needed() which is defined in client.c. If an - * annotation is needed client_annotation_needed() returns the - * operation and filename strings that were saved from the - * rep_protocol_annotation message. smf_annotation_event() then - * generates the ADT_smf_annotation event. - */ #include <assert.h> #include <atomic.h> -#include <bsm/adt_event.h> #include <errno.h> #include <libuutil.h> #include <libscf.h> @@ -355,7 +172,6 @@ #include <stdlib.h> #include <strings.h> #include <sys/types.h> -#include <syslog.h> #include <unistd.h> #include <user_attr.h> @@ -381,17 +197,6 @@ #define MAX_VALID_CHILDREN 3 -/* - * The ADT_smf_* symbols may not be defined on the build machine. Because - * of this, we do not want to compile the _smf_aud_event() function when - * doing native builds. - */ -#ifdef NATIVE_BUILD -#define smf_audit_event(i, s, r, d) -#else -#define smf_audit_event(i, s, r, d) _smf_audit_event(i, s, r, d) -#endif /* NATIVE_BUILD */ - typedef struct rc_type_info { uint32_t rt_type; /* matches array index */ uint32_t rt_num_ids; @@ -428,58 +233,13 @@ struct pc_elt { char pce_auth[1]; }; -/* - * If an authorization fails, we must decide which of the elements in the - * permcheck hash table to use in the audit event. That is to say of all - * the strings in the hash table, we must choose one and use it in the audit - * event. It is desirable to use the most specific string in the audit - * event. - * - * The pc_auth_type specifies the types (sources) of authorization - * strings. The enum is ordered in increasing specificity. - */ -typedef enum pc_auth_type { - PC_AUTH_NONE = 0, /* no auth string available. */ - PC_AUTH_SMF, /* strings coded into SMF. */ - PC_AUTH_SVC, /* strings specified in PG of a service. */ - PC_AUTH_INST /* strings specified in PG of an instance. */ -} pc_auth_type_t; - /* An authorization set hash table. */ typedef struct { struct pc_elt **pc_buckets; uint_t pc_bnum; /* number of buckets */ uint_t pc_enum; /* number of elements */ - struct pc_elt *pc_specific; /* most specific element */ - pc_auth_type_t pc_specific_type; /* type of pc_specific */ - char *pc_auth_string; /* authorization string */ - /* for audit events */ } permcheck_t; -/* - * Structure for holding audit event data. Not all events use all members - * of the structure. - */ -typedef struct audit_event_data { - char *ed_auth; /* authorization string. */ - char *ed_fmri; /* affected FMRI. */ - char *ed_snapname; /* name of snapshot. */ - char *ed_old_fmri; /* old fmri in attach case. */ - char *ed_old_name; /* old snapshot in attach case. */ - char *ed_type; /* prop. group or prop. type. */ - char *ed_prop_value; /* property value. */ -} audit_event_data_t; - -/* - * Pointer to function to do special processing to get audit event ID. - * Audit event IDs are defined in /usr/include/bsm/adt_event.h. Function - * returns 0 if ID successfully retrieved. Otherwise it returns -1. - */ -typedef int (*spc_getid_fn_t)(tx_commit_data_t *, size_t, const char *, - au_event_t *); -static int general_enable_id(tx_commit_data_t *, size_t, const char *, - au_event_t *); - static uu_list_pool_t *rc_children_pool; static uu_list_pool_t *rc_pg_notify_pool; static uu_list_pool_t *rc_notify_pool; @@ -493,61 +253,6 @@ static uint_t rc_notify_in_use; /* blocks removals */ static pthread_mutex_t perm_lock = PTHREAD_MUTEX_INITIALIZER; -/* - * Some combinations of property group/property name require a special - * audit event to be generated when there is a change. - * audit_special_prop_item_t is used to specify these special cases. The - * special_props_list array defines a list of these special properties. - */ -typedef struct audit_special_prop_item { - const char *api_pg_name; /* property group name. */ - const char *api_prop_name; /* property name. */ - au_event_t api_event_id; /* event id or 0. */ - spc_getid_fn_t api_event_func; /* function to get event id. */ -} audit_special_prop_item_t; - -/* - * Native builds are done using the build machine's standard include - * files. These files may not yet have the definitions for the ADT_smf_* - * symbols. Thus, we do not compile this table when doing native builds. - */ -#ifndef NATIVE_BUILD -/* - * The following special_props_list array specifies property group/property - * name combinations that have specific meaning to startd. A special event - * is generated for these combinations in addition to the regular property - * event. - * - * At run time this array gets sorted. See the call to qsort(3C) in - * rc_node_init(). The array is sorted, so that bsearch(3C) can be used - * to do lookups. - */ -static audit_special_prop_item_t special_props_list[] = { - {SCF_PG_RESTARTER_ACTIONS, SCF_PROPERTY_DEGRADED, ADT_smf_degrade, - NULL}, - {SCF_PG_RESTARTER_ACTIONS, SCF_PROPERTY_DEGRADE_IMMEDIATE, - ADT_smf_immediate_degrade, NULL}, - {SCF_PG_RESTARTER_ACTIONS, SCF_PROPERTY_MAINT_OFF, ADT_smf_clear, NULL}, - {SCF_PG_RESTARTER_ACTIONS, SCF_PROPERTY_MAINT_ON, - ADT_smf_maintenance, NULL}, - {SCF_PG_RESTARTER_ACTIONS, SCF_PROPERTY_MAINT_ON_IMMEDIATE, - ADT_smf_immediate_maintenance, NULL}, - {SCF_PG_RESTARTER_ACTIONS, SCF_PROPERTY_MAINT_ON_IMMTEMP, - ADT_smf_immtmp_maintenance, NULL}, - {SCF_PG_RESTARTER_ACTIONS, SCF_PROPERTY_MAINT_ON_TEMPORARY, - ADT_smf_tmp_maintenance, NULL}, - {SCF_PG_RESTARTER_ACTIONS, SCF_PROPERTY_REFRESH, ADT_smf_refresh, NULL}, - {SCF_PG_RESTARTER_ACTIONS, SCF_PROPERTY_RESTART, ADT_smf_restart, NULL}, - {SCF_PG_RESTARTER_ACTIONS, SCF_PROPERTY_RESTORE, ADT_smf_clear, NULL}, - {SCF_PG_OPTIONS, SCF_PROPERTY_MILESTONE, ADT_smf_milestone, NULL}, - {SCF_PG_OPTIONS_OVR, SCF_PROPERTY_MILESTONE, ADT_smf_milestone, NULL}, - {SCF_PG_GENERAL, SCF_PROPERTY_ENABLED, 0, general_enable_id}, - {SCF_PG_GENERAL_OVR, SCF_PROPERTY_ENABLED, 0, general_enable_id} -}; -#define SPECIAL_PROP_COUNT (sizeof (special_props_list) /\ - sizeof (audit_special_prop_item_t)) -#endif /* NATIVE_BUILD */ - static void rc_node_unrefed(rc_node_t *np); /* @@ -883,233 +588,6 @@ rc_check_pgtype_name(const char *name) return (REP_PROTOCOL_SUCCESS); } -/* - * rc_node_free_fmri should be called whenever a node loses its parent. - * The reason is that the node's fmri string is built up by concatenating - * its name to the parent's fmri. Thus, when the node no longer has a - * parent, its fmri is no longer valid. - */ -static void -rc_node_free_fmri(rc_node_t *np) -{ - if (np->rn_fmri != NULL) { - free((void *)np->rn_fmri); - np->rn_fmri = NULL; - } -} - -/* - * Concatenate the appropriate separator and the FMRI element to the base - * FMRI string at fmri. - * - * Fails with - * _TRUNCATED Not enough room in buffer at fmri. - */ -static int -rc_concat_fmri_element( - char *fmri, /* base fmri */ - size_t bufsize, /* size of buf at fmri */ - size_t *sz_out, /* receives result size. */ - const char *element, /* element name to concat */ - rep_protocol_entity_t type) /* type of element */ -{ - size_t actual; - const char *name = element; - int rc; - const char *separator; - - if (bufsize > 0) - *sz_out = strlen(fmri); - else - *sz_out = 0; - - switch (type) { - case REP_PROTOCOL_ENTITY_SCOPE: - if (strcmp(element, SCF_FMRI_LOCAL_SCOPE) == 0) { - /* - * No need to display scope information if we are - * in the local scope. - */ - separator = SCF_FMRI_SVC_PREFIX; - name = NULL; - } else { - /* - * Need to display scope information, because it is - * not the local scope. - */ - separator = SCF_FMRI_SVC_PREFIX SCF_FMRI_SCOPE_PREFIX; - } - break; - case REP_PROTOCOL_ENTITY_SERVICE: - separator = SCF_FMRI_SERVICE_PREFIX; - break; - case REP_PROTOCOL_ENTITY_INSTANCE: - separator = SCF_FMRI_INSTANCE_PREFIX; - break; - case REP_PROTOCOL_ENTITY_PROPERTYGRP: - case REP_PROTOCOL_ENTITY_CPROPERTYGRP: - separator = SCF_FMRI_PROPERTYGRP_PREFIX; - break; - case REP_PROTOCOL_ENTITY_PROPERTY: - separator = SCF_FMRI_PROPERTY_PREFIX; - break; - case REP_PROTOCOL_ENTITY_VALUE: - /* - * A value does not have a separate FMRI from its property, - * so there is nothing to concat. - */ - return (REP_PROTOCOL_SUCCESS); - case REP_PROTOCOL_ENTITY_SNAPSHOT: - case REP_PROTOCOL_ENTITY_SNAPLEVEL: - /* Snapshots do not have FMRIs, so there is nothing to do. */ - return (REP_PROTOCOL_SUCCESS); - default: - (void) fprintf(stderr, "%s:%d: Unknown protocol type %d.\n", - __FILE__, __LINE__, type); - abort(); /* Missing a case in switch if we get here. */ - } - - /* Concatenate separator and element to the fmri buffer. */ - - actual = strlcat(fmri, separator, bufsize); - if (name != NULL) { - if (actual < bufsize) { - actual = strlcat(fmri, name, bufsize); - } else { - actual += strlen(name); - } - } - if (actual < bufsize) { - rc = REP_PROTOCOL_SUCCESS; - } else { - rc = REP_PROTOCOL_FAIL_TRUNCATED; - } - *sz_out = actual; - return (rc); -} - -/* - * Get the FMRI for the node at np. The fmri will be placed in buf. On - * success sz_out will be set to the size of the fmri in buf. If - * REP_PROTOCOL_FAIL_TRUNCATED is returned, sz_out will be set to the size - * of the buffer that would be required to avoid truncation. - * - * Fails with - * _TRUNCATED not enough room in buf for the FMRI. - */ -static int -rc_node_get_fmri_or_fragment(rc_node_t *np, char *buf, size_t bufsize, - size_t *sz_out) -{ - size_t fmri_len = 0; - int r; - - if (bufsize > 0) - *buf = 0; - *sz_out = 0; - - if (np->rn_fmri == NULL) { - /* - * A NULL rn_fmri implies that this is a top level scope. - * Child nodes will always have an rn_fmri established - * because both rc_node_link_child() and - * rc_node_relink_child() call rc_node_build_fmri(). In - * this case, we'll just return our name preceded by the - * appropriate FMRI decorations. - */ - assert(np->rn_parent == NULL); - r = rc_concat_fmri_element(buf, bufsize, &fmri_len, np->rn_name, - np->rn_id.rl_type); - if (r != REP_PROTOCOL_SUCCESS) - return (r); - } else { - /* We have an fmri, so return it. */ - fmri_len = strlcpy(buf, np->rn_fmri, bufsize); - } - - *sz_out = fmri_len; - - if (fmri_len >= bufsize) - return (REP_PROTOCOL_FAIL_TRUNCATED); - - return (REP_PROTOCOL_SUCCESS); -} - -/* - * Build an FMRI string for this node and save it in rn_fmri. - * - * The basic strategy here is to get the fmri of our parent and then - * concatenate the appropriate separator followed by our name. If our name - * is null, the resulting fmri will just be a copy of the parent fmri. - * rc_node_build_fmri() should be called with the RC_NODE_USING_PARENT flag - * set. Also the rn_lock for this node should be held. - * - * Fails with - * _NO_RESOURCES Could not allocate memory. - */ -static int -rc_node_build_fmri(rc_node_t *np) -{ - size_t actual; - char fmri[REP_PROTOCOL_FMRI_LEN]; - int rc; - size_t sz = REP_PROTOCOL_FMRI_LEN; - - assert(MUTEX_HELD(&np->rn_lock)); - assert(np->rn_flags & RC_NODE_USING_PARENT); - - rc_node_free_fmri(np); - - rc = rc_node_get_fmri_or_fragment(np->rn_parent, fmri, sz, &actual); - assert(rc == REP_PROTOCOL_SUCCESS); - - if (np->rn_name != NULL) { - rc = rc_concat_fmri_element(fmri, sz, &actual, np->rn_name, - np->rn_id.rl_type); - assert(rc == REP_PROTOCOL_SUCCESS); - np->rn_fmri = strdup(fmri); - } else { - np->rn_fmri = strdup(fmri); - } - if (np->rn_fmri == NULL) { - rc = REP_PROTOCOL_FAIL_NO_RESOURCES; - } else { - rc = REP_PROTOCOL_SUCCESS; - } - - return (rc); -} - -/* - * Get the FMRI of the node at np placing the result in fmri. Then - * concatenate the additional element to fmri. The type variable indicates - * the type of element, so that the appropriate separator can be - * generated. size is the number of bytes in the buffer at fmri, and - * sz_out receives the size of the generated string. If the result is - * truncated, sz_out will receive the size of the buffer that would be - * required to avoid truncation. - * - * Fails with - * _TRUNCATED Not enough room in buffer at fmri. - */ -static int -rc_get_fmri_and_concat(rc_node_t *np, char *fmri, size_t size, size_t *sz_out, - const char *element, rep_protocol_entity_t type) -{ - int rc; - - if ((rc = rc_node_get_fmri_or_fragment(np, fmri, size, sz_out)) != - REP_PROTOCOL_SUCCESS) { - return (rc); - } - if ((rc = rc_concat_fmri_element(fmri, size, sz_out, element, type)) != - REP_PROTOCOL_SUCCESS) { - return (rc); - } - - return (REP_PROTOCOL_SUCCESS); -} - static int rc_notify_info_interested(rc_notify_info_t *rnip, rc_notify_t *np) { @@ -1296,7 +774,7 @@ pc_hash(const char *auth) } static int -pc_exists(permcheck_t *pcp, const char *auth) +pc_exists(const permcheck_t *pcp, const char *auth) { uint32_t h; struct pc_elt *ep; @@ -1305,27 +783,23 @@ pc_exists(permcheck_t *pcp, const char *auth) for (ep = pcp->pc_buckets[h & (pcp->pc_bnum - 1)]; ep != NULL; ep = ep->pce_next) { - if (strcmp(auth, ep->pce_auth) == 0) { - pcp->pc_auth_string = ep->pce_auth; + if (strcmp(auth, ep->pce_auth) == 0) return (1); - } } return (0); } static int -pc_match(permcheck_t *pcp, const char *pattern) +pc_match(const permcheck_t *pcp, const char *pattern) { uint_t i; struct pc_elt *ep; for (i = 0; i < pcp->pc_bnum; ++i) { for (ep = pcp->pc_buckets[i]; ep != NULL; ep = ep->pce_next) { - if (_auth_match(pattern, ep->pce_auth)) { - pcp->pc_auth_string = ep->pce_auth; + if (_auth_match(pattern, ep->pce_auth)) return (1); - } } } @@ -1365,7 +839,7 @@ pc_grow(permcheck_t *pcp) } static int -pc_add(permcheck_t *pcp, const char *auth, pc_auth_type_t auth_type) +pc_add(permcheck_t *pcp, const char *auth) { struct pc_elt *ep; uint_t i; @@ -1385,11 +859,6 @@ pc_add(permcheck_t *pcp, const char *auth, pc_auth_type_t auth_type) ep->pce_next = pcp->pc_buckets[i]; pcp->pc_buckets[i] = ep; - if (auth_type > pcp->pc_specific_type) { - pcp->pc_specific_type = auth_type; - pcp->pc_specific = ep; - } - ++pcp->pc_enum; return (0); @@ -1419,21 +888,10 @@ perm_auth_for_pgtype(const char *pgtype) * _NO_RESOURCES - out of memory */ static int -perm_add_enabling_type(permcheck_t *pcp, const char *auth, - pc_auth_type_t auth_type) -{ - return (pc_add(pcp, auth, auth_type) == 0 ? REP_PROTOCOL_SUCCESS : - REP_PROTOCOL_FAIL_NO_RESOURCES); -} - -/* - * Fails with - * _NO_RESOURCES - out of memory - */ -static int perm_add_enabling(permcheck_t *pcp, const char *auth) { - return (perm_add_enabling_type(pcp, auth, PC_AUTH_SMF)); + return (pc_add(pcp, auth) == 0 ? REP_PROTOCOL_SUCCESS : + REP_PROTOCOL_FAIL_NO_RESOURCES); } /* Note that perm_add_enabling_values() is defined below. */ @@ -1446,7 +904,7 @@ perm_add_enabling(permcheck_t *pcp, const char *auth) * authorizations granted to an RBAC_AUTH_SEP-separated list of profiles. */ static int -check_auth_list(permcheck_t *pcp, char *authlist) +check_auth_list(const permcheck_t *pcp, char *authlist) { char *auth, *lasts; int ret; @@ -1463,18 +921,11 @@ check_auth_list(permcheck_t *pcp, char *authlist) return (ret); } - /* - * If we failed, choose the most specific auth string for use in - * the audit event. - */ - assert(pcp->pc_specific != NULL); - pcp->pc_auth_string = pcp->pc_specific->pce_auth; - return (0); } static int -check_prof_list(permcheck_t *pcp, char *proflist) +check_prof_list(const permcheck_t *pcp, char *proflist) { char *prof, *lasts, *authlist, *subproflist; profattr_t *pap; @@ -1494,7 +945,7 @@ check_prof_list(permcheck_t *pcp, char *proflist) if (!ret) { subproflist = kva_match(pap->attr, PROFATTR_PROFS_KW); if (subproflist != NULL) - /* depth check to avoid infinite recursion? */ + /* depth check to avoid invinite recursion? */ ret = check_prof_list(pcp, subproflist); } @@ -1507,7 +958,7 @@ check_prof_list(permcheck_t *pcp, char *proflist) } static int -perm_granted(permcheck_t *pcp) +perm_granted(const permcheck_t *pcp) { ucred_t *uc; @@ -1573,9 +1024,8 @@ perm_granted(permcheck_t *pcp) if (uap != NULL) { /* Get the authorizations from user_attr. */ userattr_authlist = kva_match(uap->attr, USERATTR_AUTHS_KW); - if (userattr_authlist != NULL) { + if (userattr_authlist != NULL) ret = check_auth_list(pcp, userattr_authlist); - } } if (!ret && def_prof != NULL) { @@ -1750,7 +1200,6 @@ rc_node_destroy(rc_node_t *np) object_free_values(np->rn_values, np->rn_valtype, np->rn_values_count, np->rn_values_size); np->rn_values = NULL; - rc_node_free_fmri(np); if (np->rn_snaplevel != NULL) rc_snaplevel_rele(np->rn_snaplevel); @@ -1796,7 +1245,6 @@ rc_node_link_child(rc_node_t *np, rc_node_t *cp) cp->rn_parent = np; cp->rn_flags |= RC_NODE_IN_PARENT; (void) uu_list_insert_before(np->rn_children, NULL, cp); - (void) rc_node_build_fmri(cp); (void) pthread_mutex_unlock(&np->rn_lock); @@ -1890,7 +1338,6 @@ rc_node_relink_child(rc_node_t *pp, rc_node_t *np, rc_node_t *newp) * keeps iterators on the list from missing us. */ (void) uu_list_insert_after(pp->rn_children, np, newp); - (void) rc_node_build_fmri(newp); (void) uu_list_remove(pp->rn_children, np); /* @@ -2260,92 +1707,6 @@ rc_node_create_property(rc_node_t *pp, rc_node_lookup_t *nip, return (REP_PROTOCOL_SUCCESS); } -/* - * This function implements a decision table to determine the event ID for - * changes to the enabled (SCF_PROPERTY_ENABLED) property. The event ID is - * determined by the value of the first property in the command specified - * by cmd_no and the name of the property group. Here is the decision - * table: - * - * Property Group Name - * Property ------------------------------------------ - * Value SCF_PG_GENERAL SCF_PG_GENERAL_OVR - * -------- -------------- ------------------ - * "0" ADT_smf_disable ADT_smf_tmp_disable - * "1" ADT_smf_enable ADT_smf_tmp_enable - * - * This function is called by special_property_event through a function - * pointer in the special_props_list array. - * - * Since the ADT_smf_* symbols may not be defined in the build machine's - * include files, this function is not compiled when doing native builds. - */ -#ifndef NATIVE_BUILD -static int -general_enable_id(tx_commit_data_t *tx_data, size_t cmd_no, const char *pg, - au_event_t *event_id) -{ - const char *value; - uint32_t nvalues; - int enable; - - /* - * First, check property value. - */ - if (tx_cmd_nvalues(tx_data, cmd_no, &nvalues) != REP_PROTOCOL_SUCCESS) - return (-1); - if (nvalues == 0) - return (-1); - if (tx_cmd_value(tx_data, cmd_no, 0, &value) != REP_PROTOCOL_SUCCESS) - return (-1); - if (strcmp(value, "0") == 0) { - enable = 0; - } else if (strcmp(value, "1") == 0) { - enable = 1; - } else { - return (-1); - } - - /* - * Now check property group name. - */ - if (strcmp(pg, SCF_PG_GENERAL) == 0) { - *event_id = enable ? ADT_smf_enable : ADT_smf_disable; - return (0); - } else if (strcmp(pg, SCF_PG_GENERAL_OVR) == 0) { - *event_id = enable ? ADT_smf_tmp_enable : ADT_smf_tmp_disable; - return (0); - } - return (-1); -} -#endif /* NATIVE_BUILD */ - -/* - * This function compares two audit_special_prop_item_t structures - * represented by item1 and item2. It returns an integer greater than 0 if - * item1 is greater than item2. It returns 0 if they are equal and an - * integer less than 0 if item1 is less than item2. api_prop_name and - * api_pg_name are the key fields for sorting. - * - * This function is suitable for calls to bsearch(3C) and qsort(3C). - */ -static int -special_prop_compare(const void *item1, const void *item2) -{ - const audit_special_prop_item_t *a = (audit_special_prop_item_t *)item1; - const audit_special_prop_item_t *b = (audit_special_prop_item_t *)item2; - int r; - - r = strcmp(a->api_prop_name, b->api_prop_name); - if (r == 0) { - /* - * Primary keys are the same, so check the secondary key. - */ - r = strcmp(a->api_pg_name, b->api_pg_name); - } - return (r); -} - int rc_node_init(void) { @@ -2383,19 +1744,6 @@ rc_node_init(void) if (rc_notify_list == NULL || rc_notify_info_list == NULL) uu_die("out of memory"); - /* - * Sort the special_props_list array so that it can be searched - * with bsearch(3C). - * - * The special_props_list array is not compiled into the native - * build code, so there is no need to call qsort if NATIVE_BUILD is - * defined. - */ -#ifndef NATIVE_BUILD - qsort(special_props_list, SPECIAL_PROP_COUNT, - sizeof (special_props_list[0]), special_prop_compare); -#endif /* NATIVE_BUILD */ - if ((np = rc_node_alloc()) == NULL) uu_die("out of memory"); @@ -2576,9 +1924,7 @@ perm_add_pg_prop_values(permcheck_t *pcp, rc_node_t *pg, const char *propname) for (count = prop->rn_values_count, cp = prop->rn_values; count > 0; --count) { - result = perm_add_enabling_type(pcp, cp, - (pg->rn_id.rl_ids[ID_INSTANCE]) ? PC_AUTH_INST : - PC_AUTH_SVC); + result = perm_add_enabling(pcp, cp); if (result != REP_PROTOCOL_SUCCESS) break; @@ -2742,20 +2088,10 @@ void rc_node_ptr_init(rc_node_ptr_t *out) { out->rnp_node = NULL; - out->rnp_auth_string = NULL; - out->rnp_authorized = RC_AUTH_UNKNOWN; + out->rnp_authorized = 0; out->rnp_deleted = 0; } -void -rc_node_ptr_free_mem(rc_node_ptr_t *npp) -{ - if (npp->rnp_auth_string != NULL) { - free((void *)npp->rnp_auth_string); - npp->rnp_auth_string = NULL; - } -} - static void rc_node_assign(rc_node_ptr_t *out, rc_node_t *val) { @@ -2765,8 +2101,7 @@ rc_node_assign(rc_node_ptr_t *out, rc_node_t *val) out->rnp_node = val; if (cur != NULL) rc_node_rele(cur); - out->rnp_authorized = RC_AUTH_UNKNOWN; - rc_node_ptr_free_mem(out); + out->rnp_authorized = 0; out->rnp_deleted = 0; } @@ -2888,19 +2223,6 @@ rc_node_ptr_check_and_lock(rc_node_ptr_t *npp, int *res) } \ } -#define HOLD_PTR_FLAG_OR_FREE_AND_RETURN(np, npp, flag, mem) { \ - assert(MUTEX_HELD(&(np)->rn_lock)); \ - assert(!((np)->rn_flags & RC_NODE_DEAD)); \ - if (!rc_node_hold_flag((np), flag)) { \ - (void) pthread_mutex_unlock(&(np)->rn_lock); \ - assert((np) == (npp)->rnp_node); \ - rc_node_clear(npp, 1); \ - if ((mem) != NULL) \ - free((mem)); \ - return (REP_PROTOCOL_FAIL_DELETED); \ - } \ -} - int rc_local_scope(uint32_t type, rc_node_ptr_t *out) { @@ -3316,534 +2638,39 @@ rc_node_update(rc_node_ptr_t *npp) /* * does a generic modification check, for creation, deletion, and snapshot * management only. Property group transactions have different checks. - * - * The string returned to *match_auth must be freed. */ int -rc_node_modify_permission_check(char **match_auth) +rc_node_modify_permission_check(void) { int rc = REP_PROTOCOL_SUCCESS; permcheck_t *pcp; int granted; - *match_auth = NULL; -#ifdef NATIVE_BUILD if (!client_is_privileged()) { +#ifdef NATIVE_BUILD rc = REP_PROTOCOL_FAIL_PERMISSION_DENIED; - } - return (rc); #else - if (is_main_repository == 0) - return (REP_PROTOCOL_SUCCESS); - pcp = pc_create(); - if (pcp != NULL) { - rc = perm_add_enabling(pcp, AUTH_MODIFY); + pcp = pc_create(); + if (pcp != NULL) { + rc = perm_add_enabling(pcp, AUTH_MODIFY); - if (rc == REP_PROTOCOL_SUCCESS) { - granted = perm_granted(pcp); + if (rc == REP_PROTOCOL_SUCCESS) { + granted = perm_granted(pcp); - if (granted < 0) { - rc = REP_PROTOCOL_FAIL_NO_RESOURCES; - } else { - /* - * Copy off the authorization - * string before freeing pcp. - */ - *match_auth = - strdup(pcp->pc_auth_string); - if (*match_auth == NULL) + if (granted < 0) rc = REP_PROTOCOL_FAIL_NO_RESOURCES; } - } - - pc_free(pcp); - } else { - rc = REP_PROTOCOL_FAIL_NO_RESOURCES; - } - if (rc == REP_PROTOCOL_SUCCESS && !granted) - rc = REP_PROTOCOL_FAIL_PERMISSION_DENIED; - - return (rc); -#endif /* NATIVE_BUILD */ -} - -/* - * Native builds are done to create svc.configd-native. This program runs - * only on the Solaris build machines to create the seed repository, and it - * is compiled against the build machine's header files. The ADT_smf_* - * symbols may not be defined in these header files. For this reason - * smf_annotation_event(), _smf_audit_event() and special_property_event() - * are not compiled for native builds. - */ -#ifndef NATIVE_BUILD - -/* - * This function generates an annotation audit event if one has been setup. - * Annotation events should only be generated immediately before the audit - * record from the first attempt to modify the repository from a client - * which has requested an annotation. - */ -static void -smf_annotation_event(int status, int return_val) -{ - adt_session_data_t *session; - adt_event_data_t *event = NULL; - char file[MAXPATHLEN]; - char operation[REP_PROTOCOL_NAME_LEN]; - - /* Don't audit if we're using an alternate repository. */ - if (is_main_repository == 0) - return; - - if (client_annotation_needed(operation, sizeof (operation), file, - sizeof (file)) == 0) { - return; - } - if (file[0] == 0) { - (void) strlcpy(file, "NO FILE", sizeof (file)); - } - if (operation[0] == 0) { - (void) strlcpy(operation, "NO OPERATION", - sizeof (operation)); - } - if ((session = get_audit_session()) == NULL) - return; - if ((event = adt_alloc_event(session, ADT_smf_annotation)) == NULL) { - uu_warn("smf_annotation_event cannot allocate event " - "data. %s\n", strerror(errno)); - return; - } - event->adt_smf_annotation.operation = operation; - event->adt_smf_annotation.file = file; - if (adt_put_event(event, status, return_val) == 0) { - client_annotation_finished(); - } else { - uu_warn("smf_annotation_event failed to put event. " - "%s\n", strerror(errno)); - } - adt_free_event(event); -} - -/* - * _smf_audit_event interacts with the security auditing system to generate - * an audit event structure. It establishes an audit session and allocates - * an audit event. The event is filled in from the audit data, and - * adt_put_event is called to generate the event. - */ -static void -_smf_audit_event(au_event_t event_id, int status, int return_val, - audit_event_data_t *data) -{ - char *auth_used; - char *fmri; - char *prop_value; - adt_session_data_t *session; - adt_event_data_t *event = NULL; - - /* Don't audit if we're using an alternate repository */ - if (is_main_repository == 0) - return; - - smf_annotation_event(status, return_val); - if ((session = get_audit_session()) == NULL) - return; - if ((event = adt_alloc_event(session, event_id)) == NULL) { - uu_warn("_smf_audit_event cannot allocate event " - "data. %s\n", strerror(errno)); - return; - } - - /* - * Handle possibility of NULL authorization strings, FMRIs and - * property values. - */ - if (data->ed_auth == NULL) { - auth_used = "PRIVILEGED"; - } else { - auth_used = data->ed_auth; - } - if (data->ed_fmri == NULL) { - syslog(LOG_WARNING, "_smf_audit_event called with " - "empty FMRI string"); - fmri = "UNKNOWN FMRI"; - } else { - fmri = data->ed_fmri; - } - if (data->ed_prop_value == NULL) { - prop_value = ""; - } else { - prop_value = data->ed_prop_value; - } - - /* Fill in the event data. */ - switch (event_id) { - case ADT_smf_attach_snap: - event->adt_smf_attach_snap.auth_used = auth_used; - event->adt_smf_attach_snap.old_fmri = data->ed_old_fmri; - event->adt_smf_attach_snap.old_name = data->ed_old_name; - event->adt_smf_attach_snap.new_fmri = fmri; - event->adt_smf_attach_snap.new_name = data->ed_snapname; - break; - case ADT_smf_change_prop: - event->adt_smf_change_prop.auth_used = auth_used; - event->adt_smf_change_prop.fmri = fmri; - event->adt_smf_change_prop.type = data->ed_type; - event->adt_smf_change_prop.value = prop_value; - break; - case ADT_smf_clear: - event->adt_smf_clear.auth_used = auth_used; - event->adt_smf_clear.fmri = fmri; - break; - case ADT_smf_create: - event->adt_smf_create.fmri = fmri; - event->adt_smf_create.auth_used = auth_used; - break; - case ADT_smf_create_npg: - event->adt_smf_create_npg.auth_used = auth_used; - event->adt_smf_create_npg.fmri = fmri; - event->adt_smf_create_npg.type = data->ed_type; - break; - case ADT_smf_create_pg: - event->adt_smf_create_pg.auth_used = auth_used; - event->adt_smf_create_pg.fmri = fmri; - event->adt_smf_create_pg.type = data->ed_type; - break; - case ADT_smf_create_prop: - event->adt_smf_create_prop.auth_used = auth_used; - event->adt_smf_create_prop.fmri = fmri; - event->adt_smf_create_prop.type = data->ed_type; - event->adt_smf_create_prop.value = prop_value; - break; - case ADT_smf_create_snap: - event->adt_smf_create_snap.auth_used = auth_used; - event->adt_smf_create_snap.fmri = fmri; - event->adt_smf_create_snap.name = data->ed_snapname; - break; - case ADT_smf_degrade: - event->adt_smf_degrade.auth_used = auth_used; - event->adt_smf_degrade.fmri = fmri; - break; - case ADT_smf_delete: - event->adt_smf_delete.fmri = fmri; - event->adt_smf_delete.auth_used = auth_used; - break; - case ADT_smf_delete_npg: - event->adt_smf_delete_npg.auth_used = auth_used; - event->adt_smf_delete_npg.fmri = fmri; - event->adt_smf_delete_npg.type = data->ed_type; - break; - case ADT_smf_delete_pg: - event->adt_smf_delete_pg.auth_used = auth_used; - event->adt_smf_delete_pg.fmri = fmri; - event->adt_smf_delete_pg.type = data->ed_type; - break; - case ADT_smf_delete_prop: - event->adt_smf_delete_prop.auth_used = auth_used; - event->adt_smf_delete_prop.fmri = fmri; - break; - case ADT_smf_delete_snap: - event->adt_smf_delete_snap.auth_used = auth_used; - event->adt_smf_delete_snap.fmri = fmri; - event->adt_smf_delete_snap.name = data->ed_snapname; - break; - case ADT_smf_disable: - event->adt_smf_disable.auth_used = auth_used; - event->adt_smf_disable.fmri = fmri; - break; - case ADT_smf_enable: - event->adt_smf_enable.auth_used = auth_used; - event->adt_smf_enable.fmri = fmri; - break; - case ADT_smf_immediate_degrade: - event->adt_smf_immediate_degrade.auth_used = auth_used; - event->adt_smf_immediate_degrade.fmri = fmri; - break; - case ADT_smf_immediate_maintenance: - event->adt_smf_immediate_maintenance.auth_used = auth_used; - event->adt_smf_immediate_maintenance.fmri = fmri; - break; - case ADT_smf_immtmp_maintenance: - event->adt_smf_immtmp_maintenance.auth_used = auth_used; - event->adt_smf_immtmp_maintenance.fmri = fmri; - break; - case ADT_smf_maintenance: - event->adt_smf_maintenance.auth_used = auth_used; - event->adt_smf_maintenance.fmri = fmri; - break; - case ADT_smf_milestone: - event->adt_smf_milestone.auth_used = auth_used; - event->adt_smf_milestone.fmri = fmri; - break; - case ADT_smf_read_prop: - event->adt_smf_read_prop.auth_used = auth_used; - event->adt_smf_read_prop.fmri = fmri; - break; - case ADT_smf_refresh: - event->adt_smf_refresh.auth_used = auth_used; - event->adt_smf_refresh.fmri = fmri; - break; - case ADT_smf_restart: - event->adt_smf_restart.auth_used = auth_used; - event->adt_smf_restart.fmri = fmri; - break; - case ADT_smf_tmp_disable: - event->adt_smf_tmp_disable.auth_used = auth_used; - event->adt_smf_tmp_disable.fmri = fmri; - break; - case ADT_smf_tmp_enable: - event->adt_smf_tmp_enable.auth_used = auth_used; - event->adt_smf_tmp_enable.fmri = fmri; - break; - case ADT_smf_tmp_maintenance: - event->adt_smf_tmp_maintenance.auth_used = auth_used; - event->adt_smf_tmp_maintenance.fmri = fmri; - break; - default: - abort(); /* Need to cover all SMF event IDs */ - } - - if (adt_put_event(event, status, return_val) != 0) { - uu_warn("_smf_audit_event failed to put event. %s\n", - strerror(errno)); - } - adt_free_event(event); -} - -/* - * Determine if the combination of the property group at pg_name and the - * property at prop_name are in the set of special startd properties. If - * they are, a special audit event will be generated. - */ -static void -special_property_event(audit_event_data_t *evdp, const char *prop_name, - char *pg_name, int status, int return_val, tx_commit_data_t *tx_data, - size_t cmd_no) -{ - au_event_t event_id; - audit_special_prop_item_t search_key; - audit_special_prop_item_t *found; - - /* Use bsearch to find the special property information. */ - search_key.api_prop_name = prop_name; - search_key.api_pg_name = pg_name; - found = (audit_special_prop_item_t *)bsearch(&search_key, - special_props_list, SPECIAL_PROP_COUNT, - sizeof (special_props_list[0]), special_prop_compare); - if (found == NULL) { - /* Not a special property. */ - return; - } - - /* Get the event id */ - if (found->api_event_func == NULL) { - event_id = found->api_event_id; - } else { - if ((*found->api_event_func)(tx_data, cmd_no, - found->api_pg_name, &event_id) < 0) - return; - } - - /* Generate the event. */ - smf_audit_event(event_id, status, return_val, evdp); -} -#endif /* NATIVE_BUILD */ - -/* - * Return a pointer to a string containing all the values of the command - * specified by cmd_no with each value enclosed in quotes. It is up to the - * caller to free the memory at the returned pointer. - */ -static char * -generate_value_list(tx_commit_data_t *tx_data, size_t cmd_no) -{ - const char *cp; - const char *cur_value; - size_t byte_count = 0; - uint32_t i; - uint32_t nvalues; - size_t str_size = 0; - char *values = NULL; - char *vp; - - if (tx_cmd_nvalues(tx_data, cmd_no, &nvalues) != REP_PROTOCOL_SUCCESS) - return (NULL); - /* - * First determine the size of the buffer that we will need. We - * will represent each property value surrounded by quotes with a - * space separating the values. Thus, we need to find the total - * size of all the value strings and add 3 for each value. - * - * There is one catch, though. We need to escape any internal - * quote marks in the values. So for each quote in the value we - * need to add another byte to the buffer size. - */ - for (i = 0; i < nvalues; i++) { - if (tx_cmd_value(tx_data, cmd_no, i, &cur_value) != - REP_PROTOCOL_SUCCESS) - return (NULL); - for (cp = cur_value; *cp != 0; cp++) { - byte_count += (*cp == '"') ? 2 : 1; - } - byte_count += 3; /* surrounding quotes & space */ - } - byte_count++; /* nul terminator */ - values = malloc(byte_count); - if (values == NULL) - return (NULL); - *values = 0; - - /* Now build up the string of values. */ - for (i = 0; i < nvalues; i++) { - if (tx_cmd_value(tx_data, cmd_no, i, &cur_value) != - REP_PROTOCOL_SUCCESS) { - free(values); - return (NULL); - } - (void) strlcat(values, "\"", byte_count); - for (cp = cur_value, vp = values + strlen(values); - *cp != 0; cp++) { - if (*cp == '"') { - *vp++ = '\\'; - *vp++ = '"'; - } else { - *vp++ = *cp; - } - } - *vp = 0; - str_size = strlcat(values, "\" ", byte_count); - assert(str_size < byte_count); - } - if (str_size > 0) - values[str_size - 1] = 0; /* get rid of trailing space */ - return (values); -} - -/* - * generate_property_events takes the transaction commit data at tx_data - * and generates an audit event for each command. - * - * Native builds are done to create svc.configd-native. This program runs - * only on the Solaris build machines to create the seed repository. Thus, - * no audit events should be generated when running svc.configd-native. - */ -static void -generate_property_events( - tx_commit_data_t *tx_data, - char *pg_fmri, /* FMRI of property group */ - char *auth_string, - int auth_status, - int auth_ret_value) -{ -#ifndef NATIVE_BUILD - enum rep_protocol_transaction_action action; - audit_event_data_t audit_data; - size_t count; - size_t cmd_no; - char *cp; - au_event_t event_id; - char fmri[REP_PROTOCOL_FMRI_LEN]; - char pg_name[REP_PROTOCOL_NAME_LEN]; - char *pg_end; /* End of prop. group fmri */ - const char *prop_name; - uint32_t ptype; - char prop_type[3]; - enum rep_protocol_responseid rc; - size_t sz_out; - - /* Make sure we have something to do. */ - if (tx_data == NULL) - return; - if ((count = tx_cmd_count(tx_data)) == 0) - return; - - /* Copy the property group fmri */ - pg_end = fmri; - pg_end += strlcpy(fmri, pg_fmri, sizeof (fmri)); - - /* - * Get the property group name. It is the first component after - * the last occurance of SCF_FMRI_PROPERTYGRP_PREFIX in the fmri. - */ - cp = strstr(pg_fmri, SCF_FMRI_PROPERTYGRP_PREFIX); - if (cp == NULL) { - pg_name[0] = 0; - } else { - cp += strlen(SCF_FMRI_PROPERTYGRP_PREFIX); - (void) strlcpy(pg_name, cp, sizeof (pg_name)); - } - - audit_data.ed_auth = auth_string; - audit_data.ed_fmri = fmri; - audit_data.ed_type = prop_type; - - /* - * Property type is two characters (see - * rep_protocol_value_type_t), so terminate the string. - */ - prop_type[2] = 0; - - for (cmd_no = 0; cmd_no < count; cmd_no++) { - /* Construct FMRI of the property */ - *pg_end = 0; - if (tx_cmd_prop(tx_data, cmd_no, &prop_name) != - REP_PROTOCOL_SUCCESS) { - continue; - } - rc = rc_concat_fmri_element(fmri, sizeof (fmri), &sz_out, - prop_name, REP_PROTOCOL_ENTITY_PROPERTY); - if (rc != REP_PROTOCOL_SUCCESS) { - /* - * If we can't get the FMRI, we'll abandon this - * command - */ - continue; - } - - /* Generate special property event if necessary. */ - special_property_event(&audit_data, prop_name, pg_name, - auth_status, auth_ret_value, tx_data, cmd_no); - - /* Capture rest of audit data. */ - if (tx_cmd_prop_type(tx_data, cmd_no, &ptype) != - REP_PROTOCOL_SUCCESS) { - continue; - } - prop_type[0] = REP_PROTOCOL_BASE_TYPE(ptype); - prop_type[1] = REP_PROTOCOL_SUBTYPE(ptype); - audit_data.ed_prop_value = generate_value_list(tx_data, cmd_no); - - /* Determine the event type. */ - if (tx_cmd_action(tx_data, cmd_no, &action) != - REP_PROTOCOL_SUCCESS) { - free(audit_data.ed_prop_value); - continue; - } - switch (action) { - case REP_PROTOCOL_TX_ENTRY_NEW: - event_id = ADT_smf_create_prop; - break; - case REP_PROTOCOL_TX_ENTRY_CLEAR: - event_id = ADT_smf_change_prop; - break; - case REP_PROTOCOL_TX_ENTRY_REPLACE: - event_id = ADT_smf_change_prop; - break; - case REP_PROTOCOL_TX_ENTRY_DELETE: - event_id = ADT_smf_delete_prop; - break; - default: - assert(0); /* Missing a case */ - free(audit_data.ed_prop_value); - continue; + pc_free(pcp); + } else { + rc = REP_PROTOCOL_FAIL_NO_RESOURCES; } - /* Generate the event. */ - smf_audit_event(event_id, auth_status, auth_ret_value, - &audit_data); - free(audit_data.ed_prop_value); - } + if (rc == REP_PROTOCOL_SUCCESS && !granted) + rc = REP_PROTOCOL_FAIL_PERMISSION_DENIED; #endif /* NATIVE_BUILD */ + } + return (rc); } /* @@ -3860,7 +2687,6 @@ generate_property_events( * _BACKEND_ACCESS * _BACKEND_READONLY * _EXISTS - child already exists - * _TRUNCATED - truncated FMRI for the audit record */ int rc_node_create_child(rc_node_ptr_t *npp, uint32_t type, const char *name, @@ -3868,26 +2694,19 @@ rc_node_create_child(rc_node_ptr_t *npp, uint32_t type, const char *name, { rc_node_t *np; rc_node_t *cp = NULL; - int rc, perm_rc; - size_t sz_out; - char fmri[REP_PROTOCOL_FMRI_LEN]; - audit_event_data_t audit_data; + int rc, perm_rc; rc_node_clear(cpp, 0); - perm_rc = rc_node_modify_permission_check(&audit_data.ed_auth); + perm_rc = rc_node_modify_permission_check(); RC_NODE_PTR_GET_CHECK_AND_LOCK(np, npp); - audit_data.ed_fmri = fmri; - audit_data.ed_auth = NULL; - /* * there is a separate interface for creating property groups */ if (type == REP_PROTOCOL_ENTITY_PROPERTYGRP) { (void) pthread_mutex_unlock(&np->rn_lock); - free(audit_data.ed_auth); return (REP_PROTOCOL_FAIL_NOT_APPLICABLE); } @@ -3900,31 +2719,19 @@ rc_node_create_child(rc_node_ptr_t *npp, uint32_t type, const char *name, if ((rc = rc_check_parent_child(np->rn_id.rl_type, type)) != REP_PROTOCOL_SUCCESS) { (void) pthread_mutex_unlock(&np->rn_lock); - free(audit_data.ed_auth); return (rc); } if ((rc = rc_check_type_name(type, name)) != REP_PROTOCOL_SUCCESS) { (void) pthread_mutex_unlock(&np->rn_lock); - free(audit_data.ed_auth); return (rc); } - if ((rc = rc_get_fmri_and_concat(np, fmri, sizeof (fmri), &sz_out, - name, type)) != REP_PROTOCOL_SUCCESS) { - (void) pthread_mutex_unlock(&np->rn_lock); - free(audit_data.ed_auth); - return (rc); - } if (perm_rc != REP_PROTOCOL_SUCCESS) { (void) pthread_mutex_unlock(&np->rn_lock); - smf_audit_event(ADT_smf_create, ADT_FAILURE, - ADT_FAIL_VALUE_AUTH, &audit_data); - free(audit_data.ed_auth); return (perm_rc); } - HOLD_PTR_FLAG_OR_FREE_AND_RETURN(np, npp, RC_NODE_CREATING_CHILD, - audit_data.ed_auth); + HOLD_PTR_FLAG_OR_RETURN(np, npp, RC_NODE_CREATING_CHILD); (void) pthread_mutex_unlock(&np->rn_lock); rc = object_create(np, type, name, &cp); @@ -3939,13 +2746,6 @@ rc_node_create_child(rc_node_ptr_t *npp, uint32_t type, const char *name, rc_node_rele_flag(np, RC_NODE_CREATING_CHILD); (void) pthread_mutex_unlock(&np->rn_lock); - if (rc == REP_PROTOCOL_SUCCESS) { - smf_audit_event(ADT_smf_create, ADT_SUCCESS, ADT_SUCCESS, - &audit_data); - } - - free(audit_data.ed_auth); - return (rc); } @@ -3958,14 +2758,6 @@ rc_node_create_child_pg(rc_node_ptr_t *npp, uint32_t type, const char *name, int rc; permcheck_t *pcp; int granted; - char fmri[REP_PROTOCOL_FMRI_LEN]; - audit_event_data_t audit_data; - au_event_t event_id; - size_t sz_out; - - audit_data.ed_auth = NULL; - audit_data.ed_fmri = fmri; - audit_data.ed_type = (char *)pgtype; rc_node_clear(cpp, 0); @@ -3991,23 +2783,10 @@ rc_node_create_child_pg(rc_node_ptr_t *npp, uint32_t type, const char *name, return (rc); } -#ifdef NATIVE_BUILD if (!client_is_privileged()) { +#ifdef NATIVE_BUILD rc = REP_PROTOCOL_FAIL_PERMISSION_DENIED; - } #else - if (flags & SCF_PG_FLAG_NONPERSISTENT) { - event_id = ADT_smf_create_npg; - } else { - event_id = ADT_smf_create_pg; - } - if ((rc = rc_get_fmri_and_concat(np, fmri, sizeof (fmri), &sz_out, - name, REP_PROTOCOL_ENTITY_PROPERTYGRP)) != REP_PROTOCOL_SUCCESS) { - rc_node_rele(np); - return (rc); - } - - if (is_main_repository) { /* Must have .smf.modify or smf.modify.<type> authorization */ pcp = pc_create(); if (pcp != NULL) { @@ -4041,28 +2820,8 @@ rc_node_create_child_pg(rc_node_ptr_t *npp, uint32_t type, const char *name, if (rc == REP_PROTOCOL_SUCCESS) { granted = perm_granted(pcp); - if (granted < 0) { + if (granted < 0) rc = REP_PROTOCOL_FAIL_NO_RESOURCES; - } else { - /* - * Copy out the authorization - * string before freeing pcp. - */ - audit_data.ed_auth = - strdup(pcp->pc_auth_string); - if (audit_data.ed_auth == NULL) { - /* - * Following code line - * cannot meet both the - * indentation and the line - * length requirements of - * cstyle. Indendation has - * been sacrificed. - */ - /* CSTYLED */ - rc = REP_PROTOCOL_FAIL_NO_RESOURCES; - } - } } pc_free(pcp); @@ -4072,23 +2831,16 @@ rc_node_create_child_pg(rc_node_ptr_t *npp, uint32_t type, const char *name, if (rc == REP_PROTOCOL_SUCCESS && !granted) rc = REP_PROTOCOL_FAIL_PERMISSION_DENIED; - } else { - rc = REP_PROTOCOL_SUCCESS; - } #endif /* NATIVE_BUILD */ - if (rc != REP_PROTOCOL_SUCCESS) { - rc_node_rele(np); - smf_audit_event(event_id, ADT_FAILURE, - ADT_FAIL_VALUE_AUTH, &audit_data); - if (audit_data.ed_auth != NULL) - free(audit_data.ed_auth); - return (rc); + if (rc != REP_PROTOCOL_SUCCESS) { + rc_node_rele(np); + return (rc); + } } (void) pthread_mutex_lock(&np->rn_lock); - HOLD_PTR_FLAG_OR_FREE_AND_RETURN(np, npp, RC_NODE_CREATING_CHILD, - audit_data.ed_auth); + HOLD_PTR_FLAG_OR_RETURN(np, npp, RC_NODE_CREATING_CHILD); (void) pthread_mutex_unlock(&np->rn_lock); rc = object_create_pg(np, type, name, pgtype, flags, &cp); @@ -4102,13 +2854,6 @@ rc_node_create_child_pg(rc_node_ptr_t *npp, uint32_t type, const char *name, rc_node_rele_flag(np, RC_NODE_CREATING_CHILD); (void) pthread_mutex_unlock(&np->rn_lock); - if (rc == REP_PROTOCOL_SUCCESS) { - smf_audit_event(event_id, ADT_SUCCESS, ADT_SUCCESS, - &audit_data); - } - if (audit_data.ed_auth != NULL) - free(audit_data.ed_auth); - return (rc); } @@ -4287,7 +3032,6 @@ rc_node_finish_delete(rc_node_t *cp) } cp->rn_flags &= ~RC_NODE_IN_PARENT; cp->rn_parent = NULL; - rc_node_free_fmri(cp); } cp->rn_flags |= RC_NODE_DEAD; @@ -4501,35 +3245,6 @@ died: rc_node_destroy(np); } -static au_event_t -get_delete_event_id(rep_protocol_entity_t entity, uint32_t pgflags) -{ - au_event_t id = 0; - -#ifndef NATIVE_BUILD - switch (entity) { - case REP_PROTOCOL_ENTITY_SERVICE: - case REP_PROTOCOL_ENTITY_INSTANCE: - id = ADT_smf_delete; - break; - case REP_PROTOCOL_ENTITY_SNAPSHOT: - id = ADT_smf_delete_snap; - break; - case REP_PROTOCOL_ENTITY_PROPERTYGRP: - case REP_PROTOCOL_ENTITY_CPROPERTYGRP: - if (pgflags & SCF_PG_FLAG_NONPERSISTENT) { - id = ADT_smf_delete_npg; - } else { - id = ADT_smf_delete_pg; - } - break; - default: - abort(); - } -#endif /* NATIVE_BUILD */ - return (id); -} - /* * Fails with * _NOT_SET @@ -4537,7 +3252,6 @@ get_delete_event_id(rep_protocol_entity_t entity, uint32_t pgflags) * _BAD_REQUEST * _PERMISSION_DENIED * _NO_RESOURCES - * _TRUNCATED * and whatever object_delete() fails with. */ int @@ -4551,35 +3265,13 @@ rc_node_delete(rc_node_ptr_t *npp) rc_notify_delete_t *ndp; permcheck_t *pcp; int granted; - au_event_t event_id = 0; - size_t sz_out; - audit_event_data_t audit_data; - int audit_failure = 0; RC_NODE_PTR_GET_CHECK_AND_LOCK(np, npp); - audit_data.ed_fmri = NULL; - audit_data.ed_auth = NULL; - audit_data.ed_snapname = NULL; - audit_data.ed_type = NULL; - switch (np->rn_id.rl_type) { case REP_PROTOCOL_ENTITY_SERVICE: - event_id = get_delete_event_id(REP_PROTOCOL_ENTITY_SERVICE, - np->rn_pgflags); - break; case REP_PROTOCOL_ENTITY_INSTANCE: - event_id = get_delete_event_id(REP_PROTOCOL_ENTITY_INSTANCE, - np->rn_pgflags); - break; case REP_PROTOCOL_ENTITY_SNAPSHOT: - event_id = get_delete_event_id(REP_PROTOCOL_ENTITY_SNAPSHOT, - np->rn_pgflags); - audit_data.ed_snapname = strdup(np->rn_name); - if (audit_data.ed_snapname == NULL) { - (void) pthread_mutex_unlock(&np->rn_lock); - return (REP_PROTOCOL_FAIL_NO_RESOURCES); - } break; /* deletable */ case REP_PROTOCOL_ENTITY_SCOPE: @@ -4592,22 +3284,11 @@ rc_node_delete(rc_node_ptr_t *npp) (void) pthread_mutex_unlock(&np->rn_lock); np = np->rn_cchain[0]; RC_NODE_CHECK_AND_LOCK(np); - event_id = get_delete_event_id(REP_PROTOCOL_ENTITY_CPROPERTYGRP, - np->rn_pgflags); break; case REP_PROTOCOL_ENTITY_PROPERTYGRP: - if (np->rn_id.rl_ids[ID_SNAPSHOT] == 0) { - event_id = - get_delete_event_id(REP_PROTOCOL_ENTITY_PROPERTYGRP, - np->rn_pgflags); - audit_data.ed_type = strdup(np->rn_type); - if (audit_data.ed_type == NULL) { - (void) pthread_mutex_unlock(&np->rn_lock); - return (REP_PROTOCOL_FAIL_NO_RESOURCES); - } + if (np->rn_id.rl_ids[ID_SNAPSHOT] == 0) break; - } /* Snapshot property groups are indelible. */ (void) pthread_mutex_unlock(&np->rn_lock); @@ -4623,11 +3304,6 @@ rc_node_delete(rc_node_ptr_t *npp) break; } - audit_data.ed_fmri = malloc(REP_PROTOCOL_FMRI_LEN); - if (audit_data.ed_fmri == NULL) { - rc = REP_PROTOCOL_FAIL_NO_RESOURCES; - goto cleanout; - } np_orig = np; rc_node_hold_locked(np); /* simplifies rest of the code */ @@ -4642,8 +3318,7 @@ again: if (!rc_node_wait_flag(np, RC_NODE_IN_TX | RC_NODE_USING_PARENT)) { rc_node_rele_locked(np); - rc = REP_PROTOCOL_FAIL_DELETED; - goto cleanout; + return (REP_PROTOCOL_FAIL_DELETED); } if (np->rn_flags & RC_NODE_OLD) { @@ -4662,7 +3337,7 @@ again: if (!rc_node_hold_flag(np, RC_NODE_USING_PARENT)) { rc_node_rele_locked(np); rc_node_clear(npp, 1); - rc = REP_PROTOCOL_FAIL_DELETED; + return (REP_PROTOCOL_FAIL_DELETED); } /* @@ -4676,8 +3351,7 @@ again: rc_node_rele(np); rc_node_clear(npp, 1); - rc = REP_PROTOCOL_FAIL_DELETED; - goto cleanout; + return (REP_PROTOCOL_FAIL_DELETED); } rc_node_hold_locked(pp); /* hold for later */ @@ -4708,21 +3382,13 @@ again: assert(!(np->rn_flags & RC_NODE_OLD)); - if ((rc = rc_node_get_fmri_or_fragment(np, audit_data.ed_fmri, - REP_PROTOCOL_FMRI_LEN, &sz_out)) != REP_PROTOCOL_SUCCESS) { - rc_node_rele_flag(np, RC_NODE_DYING_FLAGS); + if (!client_is_privileged()) { + /* permission check */ (void) pthread_mutex_unlock(&np->rn_lock); - goto fail; - } #ifdef NATIVE_BUILD - if (!client_is_privileged()) { rc = REP_PROTOCOL_FAIL_PERMISSION_DENIED; - } #else - if (is_main_repository) { - /* permission check */ - (void) pthread_mutex_unlock(&np->rn_lock); pcp = pc_create(); if (pcp != NULL) { rc = perm_add_enabling(pcp, AUTH_MODIFY); @@ -4740,28 +3406,8 @@ again: if (rc == REP_PROTOCOL_SUCCESS) { granted = perm_granted(pcp); - if (granted < 0) { + if (granted < 0) rc = REP_PROTOCOL_FAIL_NO_RESOURCES; - } else { - /* - * Copy out the authorization - * string before freeing pcp. - */ - audit_data.ed_auth = - strdup(pcp->pc_auth_string); - if (audit_data.ed_auth == NULL) { - /* - * Following code line - * cannot meet both the - * indentation and the line - * length requirements of - * cstyle. Indendation has - * been sacrificed. - */ - /* CSTYLED */ - rc = REP_PROTOCOL_FAIL_NO_RESOURCES; - } - } } pc_free(pcp); @@ -4769,20 +3415,18 @@ again: rc = REP_PROTOCOL_FAIL_NO_RESOURCES; } - if (rc == REP_PROTOCOL_SUCCESS && !granted) { + if (rc == REP_PROTOCOL_SUCCESS && !granted) rc = REP_PROTOCOL_FAIL_PERMISSION_DENIED; - audit_failure = 1; - } - (void) pthread_mutex_lock(&np->rn_lock); - } else { - rc = REP_PROTOCOL_SUCCESS; - } #endif /* NATIVE_BUILD */ - if (rc != REP_PROTOCOL_SUCCESS) { - rc_node_rele_flag(np, RC_NODE_DYING_FLAGS); - (void) pthread_mutex_unlock(&np->rn_lock); - goto fail; + if (rc != REP_PROTOCOL_SUCCESS) { + (void) pthread_mutex_lock(&np->rn_lock); + rc_node_rele_flag(np, RC_NODE_DYING_FLAGS); + (void) pthread_mutex_unlock(&np->rn_lock); + goto fail; + } + + (void) pthread_mutex_lock(&np->rn_lock); } ndp = uu_zalloc(sizeof (*ndp)); @@ -4847,12 +3491,6 @@ again: rc_node_rele(np); - smf_audit_event(event_id, ADT_SUCCESS, ADT_SUCCESS, - &audit_data); - free(audit_data.ed_auth); - free(audit_data.ed_snapname); - free(audit_data.ed_type); - free(audit_data.ed_fmri); return (rc); fail: @@ -4864,15 +3502,6 @@ fail: rc_node_rele_flag(pp, RC_NODE_CHILDREN_CHANGING); rc_node_rele_locked(pp); /* drop ref and lock */ } - if (audit_failure) { - smf_audit_event(event_id, ADT_FAILURE, - ADT_FAIL_VALUE_AUTH, &audit_data); - } -cleanout: - free(audit_data.ed_auth); - free(audit_data.ed_snapname); - free(audit_data.ed_type); - free(audit_data.ed_fmri); return (rc); } @@ -4965,107 +3594,26 @@ rc_node_next_snaplevel(rc_node_ptr_t *npp, rc_node_ptr_t *cpp) * represent the new snapid, and np is replaced with the new rc_node_t on * np's parent's child list. np is placed on the new node's rn_former list, * and replaces np in cache_hash (so rc_node_update() will find the new one). - * - * old_fmri and old_name point to the original snap shot's FMRI and name. - * These values are used when generating audit events. - * - * Fails with - * _BAD_REQUEST - * _BACKEND_READONLY - * _DELETED - * _NO_RESOURCES - * _TRUNCATED - * _TYPE_MISMATCH */ static int -rc_attach_snapshot( - rc_node_t *np, - uint32_t snapid, - rc_node_t *parentp, - char *old_fmri, - char *old_name) +rc_attach_snapshot(rc_node_t *np, uint32_t snapid, rc_node_t *parentp) { rc_node_t *np_orig; rc_node_t *nnp, *prev; rc_node_t *pp; int rc; - size_t sz_out; - au_event_t event_id; - audit_event_data_t audit_data; - if (parentp == NULL) { - assert(old_fmri != NULL); - } else { + if (parentp != NULL) assert(snapid == 0); - } - assert(MUTEX_HELD(&np->rn_lock)); - /* Gather the audit data. */ - /* - * ADT_smf_* symbols may not be defined in the /usr/include header - * files on the build machine. Thus, the following if-else will - * not be compiled when doing native builds. - */ -#ifndef NATIVE_BUILD - if (parentp == NULL) { - event_id = ADT_smf_attach_snap; - } else { - event_id = ADT_smf_create_snap; - } -#endif /* NATIVE_BUILD */ - audit_data.ed_fmri = malloc(REP_PROTOCOL_FMRI_LEN); - audit_data.ed_snapname = malloc(REP_PROTOCOL_NAME_LEN); - if ((audit_data.ed_fmri == NULL) || (audit_data.ed_snapname == NULL)) { - (void) pthread_mutex_unlock(&np->rn_lock); - free(audit_data.ed_fmri); - free(audit_data.ed_snapname); - return (REP_PROTOCOL_FAIL_NO_RESOURCES); - } - audit_data.ed_auth = NULL; - if (strlcpy(audit_data.ed_snapname, np->rn_name, - REP_PROTOCOL_NAME_LEN) >= REP_PROTOCOL_NAME_LEN) { - abort(); - } - audit_data.ed_old_fmri = old_fmri; - audit_data.ed_old_name = old_name ? old_name : "NO NAME"; - - if (parentp == NULL) { - /* - * In the attach case, get the instance FMRIs of the - * snapshots. - */ - if ((rc = rc_node_get_fmri_or_fragment(np, audit_data.ed_fmri, - REP_PROTOCOL_FMRI_LEN, &sz_out)) != REP_PROTOCOL_SUCCESS) { - (void) pthread_mutex_unlock(&np->rn_lock); - free(audit_data.ed_fmri); - free(audit_data.ed_snapname); - return (rc); - } - } else { - /* - * Capture the FMRI of the parent if we're actually going - * to take the snapshot. - */ - if ((rc = rc_node_get_fmri_or_fragment(parentp, - audit_data.ed_fmri, REP_PROTOCOL_FMRI_LEN, &sz_out)) != - REP_PROTOCOL_SUCCESS) { - (void) pthread_mutex_unlock(&np->rn_lock); - free(audit_data.ed_fmri); - free(audit_data.ed_snapname); - return (rc); - } - } + assert(MUTEX_HELD(&np->rn_lock)); np_orig = np; rc_node_hold_locked(np); /* simplifies the remainder */ (void) pthread_mutex_unlock(&np->rn_lock); - if ((rc = rc_node_modify_permission_check(&audit_data.ed_auth)) != - REP_PROTOCOL_SUCCESS) { - smf_audit_event(event_id, ADT_FAILURE, ADT_FAIL_VALUE_AUTH, - &audit_data); - goto cleanout; - } + if ((rc = rc_node_modify_permission_check()) != REP_PROTOCOL_SUCCESS) + return (rc); (void) pthread_mutex_lock(&np->rn_lock); /* @@ -5105,10 +3653,8 @@ again: rc_node_rele_locked(np); np = cache_lookup(&np_orig->rn_id); - if (np == NULL) { - rc = REP_PROTOCOL_FAIL_DELETED; - goto cleanout; - } + if (np == NULL) + return (REP_PROTOCOL_FAIL_DELETED); (void) pthread_mutex_lock(&np->rn_lock); } @@ -5130,8 +3676,7 @@ again: (void) pthread_mutex_lock(&pp->rn_lock); rc_node_rele_flag(pp, RC_NODE_CHILDREN_CHANGING); (void) pthread_mutex_unlock(&pp->rn_lock); - rc = REP_PROTOCOL_SUCCESS; /* nothing to do */ - goto cleanout; + return (REP_PROTOCOL_SUCCESS); /* nothing to do */ } prev = np; @@ -5196,14 +3741,8 @@ again: rc_node_relink_child(pp, np, nnp); rc_node_rele(np); - smf_audit_event(event_id, ADT_SUCCESS, ADT_SUCCESS, &audit_data); - rc = REP_PROTOCOL_SUCCESS; -cleanout: - free(audit_data.ed_auth); - free(audit_data.ed_fmri); - free(audit_data.ed_snapname); - return (rc); + return (REP_PROTOCOL_SUCCESS); fail: rc_node_rele_flag(np, RC_NODE_IN_TX); @@ -5219,9 +3758,6 @@ fail: rc_node_rele(nnp); } - free(audit_data.ed_auth); - free(audit_data.ed_fmri); - free(audit_data.ed_snapname); return (rc); } @@ -5232,25 +3768,20 @@ rc_snapshot_take_new(rc_node_ptr_t *npp, const char *svcname, rc_node_t *np; rc_node_t *outp = NULL; int rc, perm_rc; - char fmri[REP_PROTOCOL_FMRI_LEN]; - audit_event_data_t audit_data; - size_t sz_out; rc_node_clear(outpp, 0); - perm_rc = rc_node_modify_permission_check(&audit_data.ed_auth); + perm_rc = rc_node_modify_permission_check(); RC_NODE_PTR_GET_CHECK_AND_LOCK(np, npp); if (np->rn_id.rl_type != REP_PROTOCOL_ENTITY_INSTANCE) { (void) pthread_mutex_unlock(&np->rn_lock); - free(audit_data.ed_auth); return (REP_PROTOCOL_FAIL_TYPE_MISMATCH); } rc = rc_check_type_name(REP_PROTOCOL_ENTITY_SNAPSHOT, name); if (rc != REP_PROTOCOL_SUCCESS) { (void) pthread_mutex_unlock(&np->rn_lock); - free(audit_data.ed_auth); return (rc); } @@ -5258,7 +3789,6 @@ rc_snapshot_take_new(rc_node_ptr_t *npp, const char *svcname, rc_check_type_name(REP_PROTOCOL_ENTITY_SERVICE, svcname)) != REP_PROTOCOL_SUCCESS) { (void) pthread_mutex_unlock(&np->rn_lock); - free(audit_data.ed_auth); return (rc); } @@ -5266,30 +3796,15 @@ rc_snapshot_take_new(rc_node_ptr_t *npp, const char *svcname, rc_check_type_name(REP_PROTOCOL_ENTITY_INSTANCE, instname)) != REP_PROTOCOL_SUCCESS) { (void) pthread_mutex_unlock(&np->rn_lock); - free(audit_data.ed_auth); return (rc); } - audit_data.ed_auth = NULL; - audit_data.ed_fmri = fmri; - audit_data.ed_snapname = (char *)name; - - if ((rc = rc_node_get_fmri_or_fragment(np, fmri, sizeof (fmri), - &sz_out)) != REP_PROTOCOL_SUCCESS) { - (void) pthread_mutex_unlock(&np->rn_lock); - free(audit_data.ed_auth); - return (rc); - } if (perm_rc != REP_PROTOCOL_SUCCESS) { (void) pthread_mutex_unlock(&np->rn_lock); - smf_audit_event(ADT_smf_create_snap, ADT_FAILURE, - ADT_FAIL_VALUE_AUTH, &audit_data); - free(audit_data.ed_auth); return (perm_rc); } - HOLD_PTR_FLAG_OR_FREE_AND_RETURN(np, npp, RC_NODE_CREATING_CHILD, - audit_data.ed_auth); + HOLD_PTR_FLAG_OR_RETURN(np, npp, RC_NODE_CREATING_CHILD); (void) pthread_mutex_unlock(&np->rn_lock); rc = object_snapshot_take_new(np, svcname, instname, name, &outp); @@ -5303,12 +3818,6 @@ rc_snapshot_take_new(rc_node_ptr_t *npp, const char *svcname, rc_node_rele_flag(np, RC_NODE_CREATING_CHILD); (void) pthread_mutex_unlock(&np->rn_lock); - if (rc == REP_PROTOCOL_SUCCESS) { - smf_audit_event(ADT_smf_create_snap, ADT_SUCCESS, ADT_SUCCESS, - &audit_data); - } - if (audit_data.ed_auth != NULL) - free(audit_data.ed_auth); return (rc); } @@ -5328,8 +3837,7 @@ rc_snapshot_take_attach(rc_node_ptr_t *npp, rc_node_ptr_t *outpp) return (REP_PROTOCOL_FAIL_BAD_REQUEST); } - return (rc_attach_snapshot(outp, 0, np, NULL, - NULL)); /* drops outp's lock */ + return (rc_attach_snapshot(outp, 0, np)); /* drops outp's lock */ } int @@ -5338,10 +3846,6 @@ rc_snapshot_attach(rc_node_ptr_t *npp, rc_node_ptr_t *cpp) rc_node_t *np; rc_node_t *cp; uint32_t snapid; - char old_name[REP_PROTOCOL_NAME_LEN]; - int rc; - size_t sz_out; - char old_fmri[REP_PROTOCOL_FMRI_LEN]; RC_NODE_PTR_GET_CHECK_AND_LOCK(np, npp); if (np->rn_id.rl_type != REP_PROTOCOL_ENTITY_SNAPSHOT) { @@ -5349,17 +3853,7 @@ rc_snapshot_attach(rc_node_ptr_t *npp, rc_node_ptr_t *cpp) return (REP_PROTOCOL_FAIL_BAD_REQUEST); } snapid = np->rn_snapshot_id; - rc = rc_node_get_fmri_or_fragment(np, old_fmri, sizeof (old_fmri), - &sz_out); (void) pthread_mutex_unlock(&np->rn_lock); - if (rc != REP_PROTOCOL_SUCCESS) - return (rc); - if (np->rn_name != NULL) { - if (strlcpy(old_name, np->rn_name, sizeof (old_name)) >= - sizeof (old_name)) { - return (REP_PROTOCOL_FAIL_TRUNCATED); - } - } RC_NODE_PTR_GET_CHECK_AND_LOCK(cp, cpp); if (cp->rn_id.rl_type != REP_PROTOCOL_ENTITY_SNAPSHOT) { @@ -5367,9 +3861,7 @@ rc_snapshot_attach(rc_node_ptr_t *npp, rc_node_ptr_t *cpp) return (REP_PROTOCOL_FAIL_BAD_REQUEST); } - rc = rc_attach_snapshot(cp, snapid, NULL, - old_fmri, old_name); /* drops cp's lock */ - return (rc); + return (rc_attach_snapshot(cp, snapid, NULL)); /* drops cp's lock */ } /* @@ -5598,8 +4090,6 @@ rc_node_property_may_read(rc_node_t *np) int ret, granted = 0; rc_node_t *pgp; permcheck_t *pcp; - audit_event_data_t audit_data; - size_t sz_out; if (np->rn_id.rl_type != REP_PROTOCOL_ENTITY_PROPERTY) return (REP_PROTOCOL_FAIL_TYPE_MISMATCH); @@ -5672,31 +4162,6 @@ rc_node_property_may_read(rc_node_t *np) if (granted < 0) ret = REP_PROTOCOL_FAIL_NO_RESOURCES; } - if (ret == REP_PROTOCOL_SUCCESS) { - /* Generate a read_prop audit event. */ - audit_data.ed_fmri = malloc(REP_PROTOCOL_FMRI_LEN); - if (audit_data.ed_fmri == NULL) - ret = REP_PROTOCOL_FAIL_NO_RESOURCES; - } - ret = rc_node_get_fmri_or_fragment(np, audit_data.ed_fmri, - REP_PROTOCOL_FMRI_LEN, &sz_out); - assert(ret == REP_PROTOCOL_SUCCESS); - if (ret == REP_PROTOCOL_SUCCESS) { - int status; - int ret_value; - - if (granted == 0) { - status = ADT_FAILURE; - ret_value = ADT_FAIL_VALUE_AUTH; - } else { - status = ADT_SUCCESS; - ret_value = ADT_SUCCESS; - } - audit_data.ed_auth = pcp->pc_auth_string; - smf_audit_event(ADT_smf_read_prop, - status, ret_value, &audit_data); - } - free(audit_data.ed_fmri); pc_free(pcp); @@ -6433,8 +4898,7 @@ rc_node_setup_tx(rc_node_ptr_t *npp, rc_node_ptr_t *txp) rc_node_t *np; permcheck_t *pcp; int ret; - rc_auth_state_t authorized = RC_AUTH_UNKNOWN; - char *auth_string = NULL; + int authorized = 0; RC_NODE_PTR_GET_CHECK_AND_HOLD(np, npp); @@ -6454,15 +4918,13 @@ rc_node_setup_tx(rc_node_ptr_t *npp, rc_node_ptr_t *txp) return (REP_PROTOCOL_FAIL_PERMISSION_DENIED); } -#ifdef NATIVE_BUILD if (client_is_privileged()) goto skip_checks; + +#ifdef NATIVE_BUILD rc_node_rele(np); return (REP_PROTOCOL_FAIL_PERMISSION_DENIED); #else - if (is_main_repository == 0) - goto skip_checks; - /* permission check */ pcp = pc_create(); if (pcp == NULL) { @@ -6514,7 +4976,7 @@ rc_node_setup_tx(rc_node_ptr_t *npp, rc_node_ptr_t *txp) } if (strcmp(np->rn_name, AUTH_PG_ACTIONS) == 0) - authorized = RC_AUTH_PASSED; /* No check on commit. */ + authorized = 1; /* Don't check on commit. */ } else { ret = perm_add_enabling(pcp, AUTH_MODIFY); @@ -6551,45 +5013,21 @@ rc_node_setup_tx(rc_node_ptr_t *npp, rc_node_ptr_t *txp) } ret = perm_granted(pcp); - /* - * Copy out the authorization string before freeing pcp. - */ - if (ret >= 0) { - auth_string = strdup(pcp->pc_auth_string); - } - pc_free(pcp); - if ((auth_string == NULL) || (ret < 0)) { + if (ret != 1) { + pc_free(pcp); rc_node_rele(np); - return (REP_PROTOCOL_FAIL_NO_RESOURCES); + return (ret == 0 ? REP_PROTOCOL_FAIL_PERMISSION_DENIED : + REP_PROTOCOL_FAIL_NO_RESOURCES); } - if (ret == 0) { - /* - * If we get here, the authorization failed. - * Unfortunately, we don't have enough information at this - * point to generate the security audit events. We'll only - * get that information when the client tries to commit the - * event. Thus, we'll remember the failed authorization, - * so that we can generate the audit events later. - */ - authorized = RC_AUTH_FAILED; - } + pc_free(pcp); #endif /* NATIVE_BUILD */ skip_checks: rc_node_assign(txp, np); txp->rnp_authorized = authorized; - if (authorized != RC_AUTH_UNKNOWN) { - /* Save the authorization string. */ - if (txp->rnp_auth_string != NULL) - free((void *)txp->rnp_auth_string); - txp->rnp_auth_string = auth_string; - auth_string = NULL; /* Don't free until done with txp. */ - } rc_node_rele(np); - if (auth_string != NULL) - free(auth_string); return (REP_PROTOCOL_SUCCESS); } @@ -6749,29 +5187,12 @@ rc_tx_commit(rc_node_ptr_t *txp, const void *cmds, size_t cmds_sz) int rc; permcheck_t *pcp; int granted, normal; - char *pg_fmri = NULL; - char *auth_string = NULL; - int auth_status = ADT_SUCCESS; - int auth_ret_value = ADT_SUCCESS; - size_t sz_out; - int tx_flag = 1; - tx_commit_data_t *tx_data = NULL; RC_NODE_CHECK(np); - if ((txp->rnp_authorized != RC_AUTH_UNKNOWN) && - (txp->rnp_auth_string != NULL)) { - auth_string = strdup(txp->rnp_auth_string); - if (auth_string == NULL) - return (REP_PROTOCOL_FAIL_NO_RESOURCES); - } - - if ((txp->rnp_authorized == RC_AUTH_UNKNOWN) && - is_main_repository) { + if (!client_is_privileged() && !txp->rnp_authorized) { #ifdef NATIVE_BUILD - if (!client_is_privileged()) { - return (REP_PROTOCOL_FAIL_PERMISSION_DENIED); - } + return (REP_PROTOCOL_FAIL_PERMISSION_DENIED); #else /* permission check: depends on contents of transaction */ pcp = pc_create(); @@ -6870,67 +5291,23 @@ rc_tx_commit(rc_node_ptr_t *txp, const void *cmds, size_t cmds_sz) if (rc == REP_PROTOCOL_SUCCESS) { granted = perm_granted(pcp); - if (granted < 0) { + if (granted < 0) rc = REP_PROTOCOL_FAIL_NO_RESOURCES; - } else { - /* - * Copy out the authorization string before - * freeing pcp. - */ - auth_string = strdup(pcp->pc_auth_string); - if (auth_string == NULL) - rc = REP_PROTOCOL_FAIL_NO_RESOURCES; - } } pc_free(pcp); if (rc != REP_PROTOCOL_SUCCESS) - goto cleanout; + return (rc); - if (!granted) { - auth_status = ADT_FAILURE; - auth_ret_value = ADT_FAIL_VALUE_AUTH; - tx_flag = 0; - } + if (!granted) + return (REP_PROTOCOL_FAIL_PERMISSION_DENIED); #endif /* NATIVE_BUILD */ - } else if (txp->rnp_authorized == RC_AUTH_FAILED) { - auth_status = ADT_FAILURE; - auth_ret_value = ADT_FAIL_VALUE_AUTH; - tx_flag = 0; - } - - pg_fmri = malloc(REP_PROTOCOL_FMRI_LEN); - if (pg_fmri == NULL) { - rc = REP_PROTOCOL_FAIL_NO_RESOURCES; - goto cleanout; - } - if ((rc = rc_node_get_fmri_or_fragment(np, pg_fmri, - REP_PROTOCOL_FMRI_LEN, &sz_out)) != REP_PROTOCOL_SUCCESS) { - goto cleanout; - } - - /* - * Parse the transaction commands into a useful form. - */ - if ((rc = tx_commit_data_new(cmds, cmds_sz, &tx_data)) != - REP_PROTOCOL_SUCCESS) { - goto cleanout; - } - - if (tx_flag == 0) { - /* Authorization failed. Generate audit events. */ - generate_property_events(tx_data, pg_fmri, auth_string, - auth_status, auth_ret_value); - rc = REP_PROTOCOL_FAIL_PERMISSION_DENIED; - goto cleanout; } nnp = rc_node_alloc(); - if (nnp == NULL) { - rc = REP_PROTOCOL_FAIL_NO_RESOURCES; - goto cleanout; - } + if (nnp == NULL) + return (REP_PROTOCOL_FAIL_NO_RESOURCES); nnp->rn_id = np->rn_id; /* structure assignment */ nnp->rn_hash = np->rn_hash; @@ -6942,12 +5319,10 @@ rc_tx_commit(rc_node_ptr_t *txp, const void *cmds, size_t cmds_sz) if (nnp->rn_name == NULL || nnp->rn_type == NULL) { rc_node_destroy(nnp); - rc = REP_PROTOCOL_FAIL_NO_RESOURCES; - goto cleanout; + return (REP_PROTOCOL_FAIL_NO_RESOURCES); } (void) pthread_mutex_lock(&np->rn_lock); - /* * We must have all of the old properties in the cache, or the * database deletions could cause inconsistencies. @@ -6956,22 +5331,20 @@ rc_tx_commit(rc_node_ptr_t *txp, const void *cmds, size_t cmds_sz) REP_PROTOCOL_SUCCESS) { (void) pthread_mutex_unlock(&np->rn_lock); rc_node_destroy(nnp); - goto cleanout; + return (rc); } if (!rc_node_hold_flag(np, RC_NODE_USING_PARENT)) { (void) pthread_mutex_unlock(&np->rn_lock); rc_node_destroy(nnp); - rc = REP_PROTOCOL_FAIL_DELETED; - goto cleanout; + return (REP_PROTOCOL_FAIL_DELETED); } if (np->rn_flags & RC_NODE_OLD) { rc_node_rele_flag(np, RC_NODE_USING_PARENT); (void) pthread_mutex_unlock(&np->rn_lock); rc_node_destroy(nnp); - rc = REP_PROTOCOL_FAIL_NOT_LATEST; - goto cleanout; + return (REP_PROTOCOL_FAIL_NOT_LATEST); } pp = rc_node_hold_parent_flag(np, RC_NODE_CHILDREN_CHANGING); @@ -6981,12 +5354,10 @@ rc_tx_commit(rc_node_ptr_t *txp, const void *cmds, size_t cmds_sz) (void) pthread_mutex_lock(&np->rn_lock); if (np->rn_flags & RC_NODE_OLD) { (void) pthread_mutex_unlock(&np->rn_lock); - rc = REP_PROTOCOL_FAIL_NOT_LATEST; - goto cleanout; + return (REP_PROTOCOL_FAIL_NOT_LATEST); } (void) pthread_mutex_unlock(&np->rn_lock); - rc = REP_PROTOCOL_FAIL_DELETED; - goto cleanout; + return (REP_PROTOCOL_FAIL_DELETED); } (void) pthread_mutex_unlock(&pp->rn_lock); @@ -7000,14 +5371,13 @@ rc_tx_commit(rc_node_ptr_t *txp, const void *cmds, size_t cmds_sz) rc_node_rele_flag(pp, RC_NODE_CHILDREN_CHANGING); (void) pthread_mutex_unlock(&pp->rn_lock); rc_node_destroy(nnp); - rc = REP_PROTOCOL_FAIL_DELETED; - goto cleanout; + return (REP_PROTOCOL_FAIL_DELETED); } nnp->rn_gen_id = np->rn_gen_id; (void) pthread_mutex_unlock(&np->rn_lock); /* Sets nnp->rn_gen_id on success. */ - rc = object_tx_commit(&np->rn_id, tx_data, &nnp->rn_gen_id); + rc = object_tx_commit(&np->rn_id, cmds, cmds_sz, &nnp->rn_gen_id); (void) pthread_mutex_lock(&np->rn_lock); if (rc != REP_PROTOCOL_SUCCESS) { @@ -7020,7 +5390,7 @@ rc_tx_commit(rc_node_ptr_t *txp, const void *cmds, size_t cmds_sz) rc_node_clear(txp, 0); if (rc == REP_PROTOCOL_DONE) rc = REP_PROTOCOL_SUCCESS; /* successful empty tx */ - goto cleanout; + return (rc); } /* @@ -7045,16 +5415,8 @@ rc_tx_commit(rc_node_ptr_t *txp, const void *cmds, size_t cmds_sz) * all done -- clear the transaction. */ rc_node_clear(txp, 0); - generate_property_events(tx_data, pg_fmri, auth_string, - auth_status, auth_ret_value); - - rc = REP_PROTOCOL_SUCCESS; -cleanout: - free(auth_string); - free(pg_fmri); - tx_commit_data_free(tx_data); - return (rc); + return (REP_PROTOCOL_SUCCESS); } void diff --git a/usr/src/cmd/svc/startd/libscf.c b/usr/src/cmd/svc/startd/libscf.c index 731ee59aa3..c94080325b 100644 --- a/usr/src/cmd/svc/startd/libscf.c +++ b/usr/src/cmd/svc/startd/libscf.c @@ -257,7 +257,6 @@ lookup: goto out; case SCF_ERROR_HANDLE_MISMATCH: - case SCF_ERROR_INTERNAL: case SCF_ERROR_INVALID_ARGUMENT: case SCF_ERROR_NOT_SET: bad_error("_scf_snapshot_take_new", diff --git a/usr/src/cmd/svc/startd/startd.c b/usr/src/cmd/svc/startd/startd.c index 28d8f5da88..19adda1373 100644 --- a/usr/src/cmd/svc/startd/startd.c +++ b/usr/src/cmd/svc/startd/startd.c @@ -56,14 +56,6 @@ * all libscf state associated with that handle, so functions which do this * should communicate the event to their callers (usually by returning * ECONNRESET) so they may reset their state appropriately. - * - * External references - * - * svc.configd generates special security audit events for changes to some - * restarter related properties. See the special_props_list array in - * usr/src/cmd/svc/configd/rc_node.c for the properties that cause these audit - * events. If you change the semantics of these propereties within startd, you - * will probably need to update rc_node.c */ #include <stdio.h> diff --git a/usr/src/cmd/svc/svccfg/svccfg.h b/usr/src/cmd/svc/svccfg/svccfg.h index ec44ade786..e15fc47afa 100644 --- a/usr/src/cmd/svc/svccfg/svccfg.h +++ b/usr/src/cmd/svc/svccfg/svccfg.h @@ -327,7 +327,7 @@ void lscf_cleanup(void); void lscf_prep_hndl(void); void lscf_init(void); int lscf_bundle_import(bundle_t *, const char *, uint_t); -int lscf_bundle_apply(bundle_t *, const char *); +int lscf_bundle_apply(bundle_t *); void lscf_delete(const char *, int); void lscf_list(const char *); void lscf_select(const char *); diff --git a/usr/src/cmd/svc/svccfg/svccfg_engine.c b/usr/src/cmd/svc/svccfg/svccfg_engine.c index 446dfa4893..4d69b7941f 100644 --- a/usr/src/cmd/svc/svccfg/svccfg_engine.c +++ b/usr/src/cmd/svc/svccfg/svccfg_engine.c @@ -629,7 +629,7 @@ engine_apply(const char *file) return (-1); } - if (lscf_bundle_apply(b, file) != 0) { + if (lscf_bundle_apply(b) != 0) { internal_bundle_free(b); return (-1); } diff --git a/usr/src/cmd/svc/svccfg/svccfg_libscf.c b/usr/src/cmd/svc/svccfg/svccfg_libscf.c index 0e71dc0c67..0397af151c 100644 --- a/usr/src/cmd/svc/svccfg/svccfg_libscf.c +++ b/usr/src/cmd/svc/svccfg/svccfg_libscf.c @@ -5044,7 +5044,6 @@ again: return (-1); case SCF_ERROR_NOT_SET: - case SCF_ERROR_INTERNAL: case SCF_ERROR_INVALID_ARGUMENT: case SCF_ERROR_HANDLE_MISMATCH: bad_error("_scf_snapshot_take_new", @@ -5526,7 +5525,6 @@ nosnap: goto deltemp; case SCF_ERROR_NOT_SET: - case SCF_ERROR_INTERNAL: case SCF_ERROR_INVALID_ARGUMENT: case SCF_ERROR_HANDLE_MISMATCH: bad_error("_scf_snapshot_take_new", @@ -6719,7 +6717,6 @@ lscf_bundle_import(bundle_t *bndl, const char *filename, uint_t flags) int r; pgroup_t *old_dpt; void *cookie; - int annotation_set = 0; const char * const emsg_nomem = gettext("Out of memory.\n"); const char * const emsg_nores = @@ -6806,35 +6803,6 @@ lscf_bundle_import(bundle_t *bndl, const char *filename, uint_t flags) } } - /* Set up the auditing annotation. */ - if (_scf_set_annotation(g_hndl, "svccfg import", filename) == 0) { - annotation_set = 1; - } else { - switch (scf_error()) { - case SCF_ERROR_CONNECTION_BROKEN: - warn(gettext("Repository connection broken.\n")); - repository_teardown(); - result = -1; - goto out; - - case SCF_ERROR_INVALID_ARGUMENT: - case SCF_ERROR_NOT_BOUND: - case SCF_ERROR_NO_RESOURCES: - case SCF_ERROR_INTERNAL: - bad_error("_scf_set_annotation", scf_error()); - /* NOTREACHED */ - - default: - /* - * Do not terminate import because of inability to - * generate annotation audit event. - */ - warn(gettext("_scf_set_annotation() unexpectedly " - "failed with return code of %d\n"), scf_error()); - break; - } - } - /* * Clear the sc_import_state's of all services & instances so we can * report how far we got if we fail. @@ -6986,10 +6954,6 @@ progress: result = -1; out: - if (annotation_set != 0) { - /* Turn off annotation. It is no longer needed. */ - (void) _scf_set_annotation(g_hndl, NULL, NULL); - } load_fini(); free(ud_ctarg); @@ -7069,13 +7033,12 @@ out: * -1 - lscf_import_instance_pgs() failed. */ int -lscf_bundle_apply(bundle_t *bndl, const char *file) +lscf_bundle_apply(bundle_t *bndl) { entity_t *svc, *inst; scf_scope_t *rscope; scf_service_t *rsvc; scf_instance_t *rinst; - int annotation_set = 0; int r; lscf_prep_hndl(); @@ -7090,36 +7053,6 @@ lscf_bundle_apply(bundle_t *bndl, const char *file) if (scf_handle_get_scope(g_hndl, SCF_SCOPE_LOCAL, rscope) != 0) scfdie(); - /* - * Set the strings to be used for the security audit annotation - * event. - */ - if (_scf_set_annotation(g_hndl, "svccfg apply", file) == 0) { - annotation_set = 1; - } else { - switch (scf_error()) { - case SCF_ERROR_CONNECTION_BROKEN: - warn(gettext("Repository connection broken.\n")); - goto out; - - case SCF_ERROR_INVALID_ARGUMENT: - case SCF_ERROR_NOT_BOUND: - case SCF_ERROR_NO_RESOURCES: - case SCF_ERROR_INTERNAL: - bad_error("_scf_set_annotation", scf_error()); - /* NOTREACHED */ - - default: - /* - * Do not abort apply operation because of - * inability to create annotation audit event. - */ - warn(gettext("_scf_set_annotation() unexpectedly " - "failed with return code of %d\n"), scf_error()); - break; - } - } - for (svc = uu_list_first(bndl->sc_bundle_services); svc != NULL; svc = uu_list_next(bndl->sc_bundle_services, svc)) { @@ -7215,11 +7148,6 @@ lscf_bundle_apply(bundle_t *bndl, const char *file) } out: - if (annotation_set) { - /* Remove security audit annotation strings. */ - (void) _scf_set_annotation(g_hndl, NULL, NULL); - } - scf_transaction_destroy(imp_tx); imp_tx = NULL; scf_pg_destroy(imp_pg); diff --git a/usr/src/common/svc/repcache_protocol.h b/usr/src/common/svc/repcache_protocol.h index f64357e795..cdceb76456 100644 --- a/usr/src/common/svc/repcache_protocol.h +++ b/usr/src/common/svc/repcache_protocol.h @@ -353,12 +353,6 @@ * * BACKUP(name) -> result * Backs up the persistant repository with a particular name. - * - * SET_ANNOTATION(operation, file) - * Set up a security audit annotation event. operation is the name of - * the operation that is being annotated, and file is the file being - * processed. This will be used to mark operations which comprise - * multiple primitive operations such as svccfg import. */ #include <door.h> @@ -382,7 +376,7 @@ extern "C" { * This value should be incremented any time the protocol changes. When in * doubt, bump it. */ -#define REPOSITORY_DOOR_VERSION (20 + REPOSITORY_DOOR_BASEVER) +#define REPOSITORY_DOOR_VERSION (19 + REPOSITORY_DOOR_BASEVER) /* * flags for rdr_flags @@ -476,8 +470,6 @@ enum rep_protocol_requestid { REP_PROTOCOL_BACKUP, - REP_PROTOCOL_SET_AUDIT_ANNOTATION, - REP_PROTOCOL_MAX_REQUEST }; @@ -816,12 +808,6 @@ struct rep_protocol_backup_request { char rpr_name[REP_PROTOCOL_NAME_LEN]; }; -struct rep_protocol_annotation { - enum rep_protocol_requestid rpr_request; /* SET_ANNOTATION */ - char rpr_operation[REP_PROTOCOL_NAME_LEN]; - char rpr_file[MAXPATHLEN]; -}; - /* * Response structures */ diff --git a/usr/src/lib/libbsm/audit_event.txt b/usr/src/lib/libbsm/audit_event.txt index a7b6e2a7fa..64c88e3676 100644 --- a/usr/src/lib/libbsm/audit_event.txt +++ b/usr/src/lib/libbsm/audit_event.txt @@ -448,43 +448,6 @@ 6245:AUE_smbd_logoff:smbd(1m) session logoff:lo 6246:AUE_vscan_quarantine:vscand(1m) quarantine infected file:na # -# SMF(5) svc.configd events (svcadm(1M) related) -# -6250:AUE_smf_enable:persistently enable service instance:ss -6251:AUE_smf_tmp_enable:temporarily enable service instance:ss -6252:AUE_smf_disable:persistently disable service instance:ss -6253:AUE_smf_tmp_disable:temporarily disable service instance:ss -6254:AUE_smf_restart:restart service instance:ss -6255:AUE_smf_refresh:refresh service instance:ss -6256:AUE_smf_clear:clear service instance state:ss -6257:AUE_smf_degrade:set service instance degraded state:ss -6258:AUE_smf_immediate_degrade:immediately set service instance degraded state:ss -6259:AUE_smf_maintenance:set service instance persistent maintenance state:ss -6260:AUE_smf_immediate_maintenance:immediately set service instance persistent maintenance state:ss -6261:AUE_smf_immtmp_maintenance:immediately set service instance temporary maintenance state:ss -6262:AUE_smf_tmp_maintenance:set service instance maintenance temporary state:ss -6263:AUE_smf_milestone:set service management facility milestone:ss -# -# SMF(5) svc.configd miscellaneous events -# -6265:AUE_smf_read_prop:read restricted access property value:as -# -# SMF(5) svc.configd events (svccfg(1M) related) -# -6270:AUE_smf_create:create service instance object:as -6271:AUE_smf_delete:delete service instance object:as -6272:AUE_smf_create_pg:create persistent service property group:as -6273:AUE_smf_create_npg:create non-persistent service property group:as -6274:AUE_smf_delete_pg:delete persistent service property group:as -6275:AUE_smf_delete_npg:delete non-persistent service property group:as -6276:AUE_smf_create_snap:create repository snapshot:as -6277:AUE_smf_delete_snap:delete repository snapshot:as -6278:AUE_smf_attach_snap:attach repository snapshot:as -6279:AUE_smf_annotation:annotate transaction:as,ss -6280:AUE_smf_create_prop:create service instance property:as -6281:AUE_smf_change_prop:change service instance property:as -6282:AUE_smf_delete_prop:delete service instance property:as -# # Trusted Extensions events: # 9035:AUE_sl_change:Workspace label change:ap diff --git a/usr/src/lib/libbsm/auditxml b/usr/src/lib/libbsm/auditxml index 40c8a059bc..6392ecb631 100644 --- a/usr/src/lib/libbsm/auditxml +++ b/usr/src/lib/libbsm/auditxml @@ -534,7 +534,6 @@ extern void adt_set_termid(const adt_session_data_t *, extern void adt_get_asid(const adt_session_data_t *, au_asid_t *); extern void adt_set_asid(const adt_session_data_t *, const au_asid_t); -extern au_id_t adt_get_unique_id(au_id_t); #endif diff --git a/usr/src/lib/libbsm/common/adt.c b/usr/src/lib/libbsm/common/adt.c index 656c32eecd..473ecbcc51 100644 --- a/usr/src/lib/libbsm/common/adt.c +++ b/usr/src/lib/libbsm/common/adt.c @@ -192,8 +192,8 @@ adt_get_mask_from_user(uid_t uid, au_mask_t *mask) * see a need to put a lock around it. */ -au_id_t -adt_get_unique_id(au_id_t uid) +static au_id_t +adt_get_unique_id(uid_t uid) { char hostname[MAXHOSTNAMELEN]; union { @@ -480,10 +480,10 @@ adt_set_termid(const adt_session_data_t *session_data, ADT_VALID); ((adt_internal_state_t *)session_data)->as_info.ai_termid = - *termid; + *termid; ((adt_internal_state_t *)session_data)->as_have_user_data |= - ADT_HAVE_TID; + ADT_HAVE_TID; } } @@ -649,7 +649,7 @@ adt_get_hostIP(const char *hostname, au_tid_addr_t *p_term) case AF_INET6: /* LINTED */ p = &((struct sockaddr_in6 *)ai->ai_addr)->sin6_addr, - (void) memcpy(p_term->at_addr, p, + (void) memcpy(p_term->at_addr, p, sizeof (((struct sockaddr_in6 *)NULL)->sin6_addr)); p_term->at_type = AU_IPv6; break; @@ -1515,9 +1515,9 @@ adt_changeuser(adt_internal_state_t *state, uid_t ruid) state->as_info.ai_mask.am_failure |= mask.am_failure; } DPRINTF(("changed mask to %08X/%08X for ruid=%d\n", - state->as_info.ai_mask.am_success, - state->as_info.ai_mask.am_failure, - ruid)); + state->as_info.ai_mask.am_success, + state->as_info.ai_mask.am_failure, + ruid)); return (0); } diff --git a/usr/src/lib/libbsm/common/adt.xml b/usr/src/lib/libbsm/common/adt.xml index 4451af0abc..b0d2ccfb69 100644 --- a/usr/src/lib/libbsm/common/adt.xml +++ b/usr/src/lib/libbsm/common/adt.xml @@ -1284,378 +1284,8 @@ Use is subject to license terms. </entry> </event> -<!-- SMF related events --> - <event id="AUE_smf_generic" type="generic" omit="always"> - <!-- - This is a template for the event types that have no tokens - other than the header and return. There is no allowed_type - list because the template is not externally visible due to the - omit="always". - --> - <entry id="subject"> - <internal token="subject"/> - <external opt="none"/> - </entry> - <entry id="auth_used"> - <internal token="uauth"/> - <external opt="required" type="char *"/> - <comment>authorization used</comment> - </entry> - <entry id="fmri"> - <internal token="fmri"/> - <external opt="required" type="char *"/> - <comment>name</comment> - </entry> - <entry id="return"> - <internal token="return"/> - <external opt="none"/> - </entry> - </event> - - <event id="AUE_smf_generic_pg" type="generic" omit="always"> - <!-- - This is a template for the event types related to property groups. - There is no allowed_type list because the template is not externally - visible due to the omit="always". - --> - <entry id="subject"> - <internal token="subject"/> - <external opt="none"/> - </entry> - <entry id="auth_used"> - <internal token="uauth"/> - <external opt="required" type="char *"/> - <comment>authorization used</comment> - </entry> - <entry id="fmri"> - <internal token="fmri"/> - <external opt="required" type="char *"/> - </entry> - <entry id="type"> - <internal token="text"/> - <external opt="required" type="char *"/> - <comment>property group type</comment> - </entry> - <entry id="return"> - <internal token="return"/> - <external opt="none"/> - </entry> - </event> - - <event id="AUE_smf_enable" instance_of="AUE_smf_generic" header="0" - idNo="60" omit="JNI"> - <program>svc.configd(1M)</program> - <see>svcadm(1M)</see> - </event> - <event id="AUE_smf_tmp_enable" instance_of="AUE_smf_generic" header="0" - idNo="61" omit="JNI"> - <program>svc.configd(1M)</program> - <see>svcadm(1M)</see> - </event> - <event id="AUE_smf_disable" instance_of="AUE_smf_generic" header="0" - idNo="62" omit="JNI"> - <program>svc.configd(1M)</program> - <see>svcadm(1M)</see> - </event> - <event id="AUE_smf_tmp_disable" instance_of="AUE_smf_generic" header="0" - idNo="63" omit="JNI"> - <program>svc.configd(1M)</program> - <see>svcadm(1M)</see> - </event> - <event id="AUE_smf_restart" instance_of="AUE_smf_generic" header="0" - idNo="64" omit="JNI"> - <program>svc.configd(1M)</program> - <see>svcadm(1M)</see> - </event> - <event id="AUE_smf_refresh" instance_of="AUE_smf_generic" header="0" - idNo="65" omit="JNI"> - <program>svc.configd(1M)</program> - <see>svcadm(1M)</see> - </event> - <event id="AUE_smf_clear" instance_of="AUE_smf_generic" header="0" - idNo="66" omit="JNI"> - <program>svc.configd(1M)</program> - <see>svcadm(1M)</see> - </event> - <event id="AUE_smf_degrade" instance_of="AUE_smf_generic" header="0" - idNo="67" omit="JNI"> - <program>svc.configd(1M)</program> - <see>svcadm(1M)</see> - </event> - <event id="AUE_smf_immediate_degrade" instance_of="AUE_smf_generic" - header="0" idNo="68" omit="JNI"> - <program>svc.configd(1M)</program> - <see>svcadm(1M)</see> - </event> - <event id="AUE_smf_maintenance" instance_of="AUE_smf_generic" header="0" - idNo="69" omit="JNI"> - <program>svc.configd(1M)</program> - <see>svcadm(1M)</see> - </event> - <event id="AUE_smf_immediate_maintenance" instance_of="AUE_smf_generic" - header="0" idNo="70" omit="JNI"> - <program>svc.configd(1M)</program> - <see>svcadm(1M)</see> - </event> - <event id="AUE_smf_immtmp_maintenance" instance_of="AUE_smf_generic" - header="0" idNo="71" omit="JNI"> - <program>svc.configd(1M)</program> - <see>svcadm(1M)</see> - </event> - <event id="AUE_smf_tmp_maintenance" instance_of="AUE_smf_generic" header="0" - idNo="72" omit="JNI"> - <program>svc.configd(1M)</program> - <see>svcadm(1M)</see> - </event> - <event id="AUE_smf_milestone" instance_of="AUE_smf_generic" header="0" - idNo="73" omit="JNI"> - <program>svc.configd(1M)</program> - <see>svcadm(1M)</see> - </event> - - <event id="AUE_smf_create" instance_of="AUE_smf_generic" header="0" - idNo="74" omit="JNI"> - <program>svc.configd(1M)</program> - <see>svccfg(1M)</see> - </event> - <event id="AUE_smf_delete" instance_of="AUE_smf_generic" header="0" - idNo="75" omit="JNI"> - <program>svc.configd(1M)</program> - <see>svccfg(1M)</see> - </event> - - <event id="AUE_smf_create_pg" instance_of="AUE_smf_generic_pg" header="0" - idNo="76" omit="JNI"> - <program>svc.configd(1M)</program> - <see>svccfg(1M)</see> - </event> - <event id="AUE_smf_create_npg" instance_of="AUE_smf_generic_pg" header="0" - idNo="77" omit="JNI"> - <program>svc.configd(1M)</program> - <see>svccfg(1M)</see> - </event> - <event id="AUE_smf_delete_pg" instance_of="AUE_smf_generic_pg" header="0" - idNo="78" omit="JNI"> - <program>svc.configd(1M)</program> - <see>svccfg(1M)</see> - </event> - <event id="AUE_smf_delete_npg" instance_of="AUE_smf_generic_pg" header="0" - idNo="79" omit="JNI"> - <program>svc.configd(1M)</program> - <see>svccfg(1M)</see> - </event> - - <event id="AUE_smf_create_snap" header="0" idNo="80" omit="JNI"> - <program>svc.configd(1M)</program> - <see>svccfg(1M)</see> - <entry id="subject"> - <internal token="subject"/> - <external opt="none"/> - </entry> - <entry id="auth_used"> - <internal token="uauth"/> - <external opt="required" type="char *"/> - <comment>authorization used</comment> - </entry> - <entry id="fmri"> - <internal token="fmri"/> - <external opt="required" type="char *"/> - <comment>name</comment> - </entry> - <entry id="name"> - <internal token="text"/> - <external opt="required" type="char *"/> - <comment>snapshot name</comment> - </entry> - <entry id="return"> - <internal token="return"/> - <external opt="none"/> - </entry> - </event> - <event id="AUE_smf_delete_snap" header="0" idNo="81" omit="JNI"> - <program>svc.configd(1M)</program> - <see>svccfg(1M)</see> - <entry id="subject"> - <internal token="subject"/> - <external opt="none"/> - </entry> - <entry id="auth_used"> - <internal token="uauth"/> - <external opt="required" type="char *"/> - <comment>authorization used</comment> - </entry> - <entry id="fmri"> - <internal token="fmri"/> - <external opt="required" type="char *"/> - <comment>name</comment> - </entry> - <entry id="name"> - <internal token="text"/> - <external opt="required" type="char *"/> - <comment>snapshot name</comment> - </entry> - <entry id="return"> - <internal token="return"/> - <external opt="none"/> - </entry> - </event> - <event id="AUE_smf_attach_snap" header="0" idNo="82" omit="JNI"> - <program>svc.configd(1M)</program> - <see>svccfg(1M)</see> - <entry id="subject"> - <internal token="subject"/> - <external opt="none"/> - </entry> - <entry id="auth_used"> - <internal token="uauth"/> - <external opt="required" type="char *"/> - <comment>authorization used</comment> - </entry> - <entry id="old_fmri"> - <internal token="fmri"/> - <external opt="required" type="char *"/> - <comment>old name</comment> - </entry> - <entry id="old_name"> - <internal token="text"/> - <external opt="required" type="char *"/> - <comment>old snapshot</comment> - </entry> - <entry id="new_fmri"> - <internal token="fmri"/> - <external opt="required" type="char *"/> - <comment>new name</comment> - </entry> - <entry id="new_name"> - <internal token="text"/> - <external opt="required" type="char *"/> - <comment>new snapshot</comment> - </entry> - <entry id="return"> - <internal token="return"/> - <external opt="none"/> - </entry> - </event> - - <event id="AUE_smf_annotation" header="0" idNo="83" omit="JNI"> - <program>svc.configd(1M)</program> - <see>svccfg(1M)</see> - <entry id="subject"> - <internal token="subject"/> - <external opt="none"/> - </entry> - <entry id="operation"> - <internal token="text"/> - <external opt="required" type="char *"/> - <comment>operation</comment> - </entry> - <entry id="file"> - <internal token="path"/> - <external opt="required" type="char *"/> - <comment>imported file</comment> - </entry> - <entry id="return"> - <internal token="return"/> - <external opt="none"/> - </entry> - </event> - - <event id="AUE_smf_create_prop" header="0" idNo="84" omit="JNI"> - <program>svc.configd(1M)</program> - <see>svccfg(1M)</see> - <entry id="subject"> - <internal token="subject"/> - <external opt="none"/> - </entry> - <entry id="auth_used"> - <internal token="uauth"/> - <external opt="required" type="char *"/> - <comment>authorization used</comment> - </entry> - <entry id="fmri"> - <internal token="fmri"/> - <external opt="required" type="char *"/> - <comment>name</comment> - </entry> - <entry id="type"> - <internal token="text"/> - <external opt="required" type="char *"/> - <comment>type</comment> - </entry> - <entry id="value"> - <internal token="text"/> - <external opt="optional" type="char *"/> - <comment>value</comment> - </entry> - <entry id="return"> - <internal token="return"/> - <external opt="none"/> - </entry> - </event> - - <event id="AUE_smf_change_prop" header="0" idNo="85" omit="JNI"> - <program>svc.configd(1M)</program> - <see>svccfg(1M)</see> - <entry id="subject"> - <internal token="subject"/> - <external opt="none"/> - </entry> - <entry id="auth_used"> - <internal token="uauth"/> - <external opt="required" type="char *"/> - <comment>authorization used</comment> - </entry> - <entry id="fmri"> - <internal token="fmri"/> - <external opt="required" type="char *"/> - <comment>name</comment> - </entry> - <entry id="type"> - <internal token="text"/> - <external opt="required" type="char *"/> - <comment>type</comment> - </entry> - <entry id="value"> - <internal token="text"/> - <external opt="optional" type="char *"/> - <comment>value</comment> - </entry> - <entry id="return"> - <internal token="return"/> - <external opt="none"/> - </entry> - </event> - <event id="AUE_smf_delete_prop" header="0" idNo="86" omit="JNI"> - <program>svc.configd(1M)</program> - <see>svccfg(1M)</see> - <entry id="subject"> - <internal token="subject"/> - <external opt="none"/> - </entry> - <entry id="auth_used"> - <internal token="uauth"/> - <external opt="required" type="char *"/> - <comment>authorization used</comment> - </entry> - <entry id="fmri"> - <internal token="fmri"/> - <external opt="required" type="char *"/> - <comment>name</comment> - </entry> - <entry id="return"> - <internal token="return"/> - <external opt="none"/> - </entry> - </event> - - <event id="AUE_smf_read_prop" instance_of="AUE_smf_generic" header="0" - idNo="87" omit="JNI"> - <program>svc.configd(1M)</program> - <see>svccfg(1M)</see> - </event> - <!-- vscan service event; infected file detected --> - <event id="AUE_vscan_quarantine" header="0" idNo="88" omit="JNI"> + <event id="AUE_vscan_quarantine" header="0" idNo="60" omit="JNI"> <title>VSCAN: quarantine infected file</title> <program>/usr/lib/vscan/vscand</program> <see>vscand(1M), ICAP RFC 3507 (Extensions)</see> @@ -1681,7 +1311,7 @@ Use is subject to license terms. <!-- add new events here with the next higher idNo --> -<!-- Highest idNo is 88, so next is 89, then fix this comment --> +<!-- Highest idNo is 60, so next is 61, then fix this comment --> <!-- end of C Only events --> diff --git a/usr/src/lib/libbsm/common/mapfile-vers b/usr/src/lib/libbsm/common/mapfile-vers index 20a7faffe9..1efd828b2c 100644 --- a/usr/src/lib/libbsm/common/mapfile-vers +++ b/usr/src/lib/libbsm/common/mapfile-vers @@ -153,7 +153,6 @@ SUNWprivate_1.1 { adt_get_mask; adt_get_session_id; adt_get_termid; - adt_get_unique_id; adt_import_proc; adt_load_hostname; adt_load_termid; diff --git a/usr/src/lib/libscf/common/libscf_impl.h b/usr/src/lib/libscf/common/libscf_impl.h index b6efa98acd..6dfef8577c 100644 --- a/usr/src/lib/libscf/common/libscf_impl.h +++ b/usr/src/lib/libscf/common/libscf_impl.h @@ -2,8 +2,9 @@ * CDDL HEADER START * * The contents of this file are subject to the terms of the - * Common Development and Distribution License (the "License"). - * You may not use this file except in compliance with the License. + * Common Development and Distribution License, Version 1.0 only + * (the "License"). You may not use this file except in compliance + * with the License. * * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE * or http://www.opensolaris.org/os/licensing. @@ -20,7 +21,7 @@ */ /* - * Copyright 2007 Sun Microsystems, Inc. All rights reserved. + * Copyright 2006 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ @@ -40,6 +41,15 @@ extern "C" { #endif +#define SCF_FMRI_SVC_PREFIX "svc:" +#define SCF_FMRI_FILE_PREFIX "file:" +#define SCF_FMRI_SCOPE_PREFIX "//" +#define SCF_FMRI_LOCAL_SCOPE "localhost" +#define SCF_FMRI_SCOPE_SUFFIX "@localhost" +#define SCF_FMRI_SERVICE_PREFIX "/" +#define SCF_FMRI_INSTANCE_PREFIX ":" +#define SCF_FMRI_PROPERTYGRP_PREFIX "/:properties/" +#define SCF_FMRI_PROPERTY_PREFIX "/" /* * This macro must be extended if additional FMRI prefixes are defined */ diff --git a/usr/src/lib/libscf/common/lowlevel.c b/usr/src/lib/libscf/common/lowlevel.c index a31ff5205e..2e31aa6e1f 100644 --- a/usr/src/lib/libscf/common/lowlevel.c +++ b/usr/src/lib/libscf/common/lowlevel.c @@ -6871,49 +6871,3 @@ _scf_pg_is_read_protected(const scf_propertygroup_t *pg, boolean_t *out) return (scf_set_error(SCF_ERROR_INTERNAL)); return (SCF_SUCCESS); } - -/* - * _scf_set_annotation: a wrapper to set the annotation fields for SMF - * security auditing. - * - * Fails with following in scf_error_key thread specific data: - * _INVALID_ARGUMENT - operation or file too large - * _NOT_BOUND - * _CONNECTION_BROKEN - * _INTERNAL - * _NO_RESOURCES - */ -int -_scf_set_annotation(scf_handle_t *h, const char *operation, const char *file) -{ - struct rep_protocol_annotation request; - struct rep_protocol_response response; - size_t copied; - int r; - - request.rpr_request = REP_PROTOCOL_SET_AUDIT_ANNOTATION; - copied = strlcpy(request.rpr_operation, - (operation == NULL) ? "" : operation, - sizeof (request.rpr_operation)); - if (copied >= sizeof (request.rpr_operation)) - return (scf_set_error(SCF_ERROR_INVALID_ARGUMENT)); - - copied = strlcpy(request.rpr_file, - (file == NULL) ? "" : file, - sizeof (request.rpr_file)); - if (copied >= sizeof (request.rpr_operation)) - return (scf_set_error(SCF_ERROR_INVALID_ARGUMENT)); - - (void) pthread_mutex_lock(&h->rh_lock); - r = make_door_call(h, &request, sizeof (request), - &response, sizeof (response)); - (void) pthread_mutex_unlock(&h->rh_lock); - - if (r < 0) { - DOOR_ERRORS_BLOCK(r); - } - - if (response.rpr_response != REP_PROTOCOL_SUCCESS) - return (scf_set_error(proto_error(response.rpr_response))); - return (0); -} diff --git a/usr/src/lib/libscf/common/mapfile-vers b/usr/src/lib/libscf/common/mapfile-vers index f625f15896..d64e43b026 100644 --- a/usr/src/lib/libscf/common/mapfile-vers +++ b/usr/src/lib/libscf/common/mapfile-vers @@ -216,7 +216,6 @@ SUNWprivate_1.1 { scf_parse_svc_fmri; _scf_pg_wait; _scf_request_backup; - _scf_set_annotation; _scf_snapshot_attach; _scf_snapshot_delete; _scf_snapshot_take_attach; diff --git a/usr/src/lib/libscf/inc/libscf_priv.h b/usr/src/lib/libscf/inc/libscf_priv.h index 87f609a719..acffe5b5d8 100644 --- a/usr/src/lib/libscf/inc/libscf_priv.h +++ b/usr/src/lib/libscf/inc/libscf_priv.h @@ -60,9 +60,6 @@ extern "C" { #define SCF_PG_RESTARTER_ACTIONS_TYPE SCF_GROUP_FRAMEWORK #define SCF_PG_RESTARTER_ACTIONS_FLAGS SCF_PG_FLAG_NONPERSISTENT -#define SCF_PROPERTY_CLEAR ((const char *)"maint_off") -#define SCF_PROPERTY_MAINTENANCE ((const char *)"maint_on") - #define SCF_PROPERTY_LOGFILE ((const char *)"logfile") #define SCF_PROPERTY_ALT_LOGFILE ((const char *)"alt_logfile") @@ -75,19 +72,6 @@ extern "C" { #define SCF_FMRI_TYPE_SVC 0x1 #define SCF_FMRI_TYPE_FILE 0x2 -/* - * Strings for use in constructing FMRIs - */ -#define SCF_FMRI_SVC_PREFIX "svc:" -#define SCF_FMRI_FILE_PREFIX "file:" -#define SCF_FMRI_SCOPE_PREFIX "//" -#define SCF_FMRI_LOCAL_SCOPE "localhost" -#define SCF_FMRI_SCOPE_SUFFIX "@localhost" -#define SCF_FMRI_SERVICE_PREFIX "/" -#define SCF_FMRI_INSTANCE_PREFIX ":" -#define SCF_FMRI_PROPERTYGRP_PREFIX "/:properties/" -#define SCF_FMRI_PROPERTY_PREFIX "/" - typedef struct scf_decoration_info { const char *sdi_name; scf_type_t sdi_type; @@ -320,16 +304,6 @@ int _scf_request_backup(scf_handle_t *, const char *); int _scf_pg_is_read_protected(const scf_propertygroup_t *, boolean_t *); /* - * Sets annotation data for SMF audit logging. Once this function has been - * set, the next audit record will be preceded by an ADT_smf_annotation - * with the information provided in this function. This function is used - * to mark operations which comprise multiple primitive operations such as - * svccfg import. - */ -int _scf_set_annotation(scf_handle_t *h, const char *operation, - const char *file); - -/* * scf_pattern_t */ typedef struct scf_pattern { |