diff options
| author | gww <none@none> | 2006-04-10 14:36:15 -0700 |
|---|---|---|
| committer | gww <none@none> | 2006-04-10 14:36:15 -0700 |
| commit | 103b2b152ab1f30e081cd8f98b88e71e6cd6d2fc (patch) | |
| tree | 4a6f2677f2e1147ea65e271d17bcb13462716239 /usr/src | |
| parent | 69bbc66400b6af121ee9f95667811cc0acd84d6e (diff) | |
| download | illumos-joyent-103b2b152ab1f30e081cd8f98b88e71e6cd6d2fc.tar.gz | |
PSARC/2006/213 FMRI Audit Token
6401913 add FMRI audit token type to the adt_* infrastructure
Diffstat (limited to 'usr/src')
22 files changed, 226 insertions, 45 deletions
diff --git a/usr/src/cmd/auditreduce/Makefile b/usr/src/cmd/auditreduce/Makefile index b63b6c9f35..3b5c54b5e9 100644 --- a/usr/src/cmd/auditreduce/Makefile +++ b/usr/src/cmd/auditreduce/Makefile @@ -42,7 +42,7 @@ POFILES=main.po option.po proc.po time.po token.po CPPFLAGS += -I$(TABLEDIR) -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 LAZYLIBS = $(ZLAZYLOAD) -ltsol $(ZNOLAZYLOAD) lint := LAZYLIBS = -ltsol -LDLIBS += -lnsl -lbsm $(LAZYLIBS) +LDLIBS += -lnsl -lbsm -lscf $(LAZYLIBS) .KEEP_STATE: diff --git a/usr/src/cmd/auditreduce/auditr.h b/usr/src/cmd/auditreduce/auditr.h index de5e26bc90..4f6d999ff6 100644 --- a/usr/src/cmd/auditreduce/auditr.h +++ b/usr/src/cmd/auditreduce/auditr.h @@ -56,6 +56,7 @@ extern "C" { #include <unistd.h> #include <libgen.h> #include <stdlib.h> +#include <libscf_priv.h> #include <bsm/audit.h> #include <bsm/audit_record.h> diff --git a/usr/src/cmd/auditreduce/auditrd.h b/usr/src/cmd/auditreduce/auditrd.h index bcd498c7b8..a0aab95635 100644 --- a/usr/src/cmd/auditreduce/auditrd.h +++ b/usr/src/cmd/auditreduce/auditrd.h @@ -62,6 +62,7 @@ gid_t obj_group; /* object group */ uid_t obj_owner; /* object owner */ int subj_id; /* subject identifier */ char ipc_type; /* 'o' object type - tell what type of IPC */ +scf_pattern_t fmri; /* 'o' fmri value */ /* * File selection options diff --git a/usr/src/cmd/auditreduce/auditrt.h b/usr/src/cmd/auditreduce/auditrt.h index f013cbfb99..df27b8016f 100644 --- a/usr/src/cmd/auditreduce/auditrt.h +++ b/usr/src/cmd/auditreduce/auditrt.h @@ -155,6 +155,7 @@ typedef struct audit_pcb audit_pcb_t; #define OBJ_SEMOWNER 0x04000 /* 'o' semaphore [c]owner */ #define OBJ_SHMGROUP 0x08000 /* 'o' shared memory [c]group */ #define OBJ_SHMOWNER 0x10000 /* 'o' shared memory [c]owner */ +#define OBJ_FMRI 0x20000 /* 'o' fmri object */ #define SOCKFLG_MACHINE 0 /* search socket token by machine name */ #define SOCKFLG_PORT 1 /* search socket token by port number */ @@ -186,6 +187,7 @@ extern gid_t obj_group; /* object group */ extern uid_t obj_owner; /* object owner */ extern int subj_id; /* subject identifier */ extern char ipc_type; /* 'o' object type - tell what type of IPC */ +extern scf_pattern_t fmri; /* 'o' fmri value */ /* * File selection options diff --git a/usr/src/cmd/auditreduce/option.c b/usr/src/cmd/auditreduce/option.c index f4aaa9d726..e71b57822f 100644 --- a/usr/src/cmd/auditreduce/option.c +++ b/usr/src/cmd/auditreduce/option.c @@ -55,6 +55,7 @@ static obj_ent_t obj_tbl[] = { { "file", OBJ_PATH }, { "filegroup", OBJ_FGROUP }, { "fileowner", OBJ_FOWNER }, + { "fmri", OBJ_FMRI }, { "lp", OBJ_LP }, { "msgqid", OBJ_MSG }, { "msgqgroup", OBJ_MSGGROUP }, @@ -95,6 +96,7 @@ static int proc_sid(char *); static int proc_type(char *); static int proc_user(char *, uid_t *); static int proc_zonename(char *); +static int proc_fmri(char *); /* * .func process_options - process command line options. @@ -409,6 +411,9 @@ proc_object(char *optarg) case OBJ_POWNER: return (proc_user(obj_val, &obj_owner)); /* NOTREACHED */ + case OBJ_FMRI: + return (proc_fmri(obj_val)); + /* NOTREACHED */ case OBJ_LP: /* lp objects have not yet been defined */ default: /* impossible */ (void) sprintf(errbuf, gettext("invalid object type (%s)"), @@ -1271,3 +1276,35 @@ proc_zonename(char *optstr) flags |= M_ZONENAME; return (0); } + +/* + * proc_frmi - set up frmi for pattern matching. + * Logic ripped off of scf_walk_fmri() + * Thanks to the smf team. + * + * ret 0: OK + * ret -1: error + */ +static int +proc_fmri(char *optstr) +{ + if (strpbrk(optstr, "*?[") != NULL) { + /* have a pattern to glob for */ + + fmri.sp_type = PATTERN_GLOB; + if (optstr[0] == '*' || + (strlen(optstr) >= 4 && optstr[3] == ':')) { + fmri.sp_arg = strdup(optstr); + } else if ((fmri.sp_arg = malloc(strlen(optstr) + 6)) != NULL) { + (void) snprintf(fmri.sp_arg, strlen(optstr) + 6, + "svc:/%s", optstr); + } + } else { + fmri.sp_type = PATTERN_PARTIAL; + fmri.sp_arg = strdup(optstr); + } + if (fmri.sp_arg == NULL) + return (-1); + + return (0); +} diff --git a/usr/src/cmd/auditreduce/token.c b/usr/src/cmd/auditreduce/token.c index f47c1e4cf0..b6d52645a1 100644 --- a/usr/src/cmd/auditreduce/token.c +++ b/usr/src/cmd/auditreduce/token.c @@ -1592,6 +1592,31 @@ zonename_token(adr_t *adr) } /* + * fmri_token(): + * + * Format of fmri token: + * fmri adr_string + */ +int +fmri_token(adr_t *adr) +{ + if ((flags & M_OBJECT) && (obj_flag == OBJ_FMRI)) { + char *fmri_name; + + get_string(adr, &fmri_name); + + /* match token against service instance */ + if (scf_cmp_pattern(fmri_name, &fmri) == 1) { + checkflags |= M_OBJECT; + } + free(fmri_name); + } else { + skip_string(adr); + } + return (-1); +} + +/* * Format of xatom token: */ int diff --git a/usr/src/cmd/bsmrecord/audit_record_attr.txt b/usr/src/cmd/bsmrecord/audit_record_attr.txt index 5eb025eaea..06e2e259de 100644 --- a/usr/src/cmd/bsmrecord/audit_record_attr.txt +++ b/usr/src/cmd/bsmrecord/audit_record_attr.txt @@ -57,6 +57,7 @@ token=text:text token=tid:terminal_adr token=uauth:use_of_privilege token=zone:zonename +token=fmri:service_instance token=head:header token=subj:subject diff --git a/usr/src/cmd/praudit/praudit.xcl b/usr/src/cmd/praudit/praudit.xcl index d4ef34f509..6d1f33bc8c 100644 --- a/usr/src/cmd/praudit/praudit.xcl +++ b/usr/src/cmd/praudit/praudit.xcl @@ -2,9 +2,8 @@ # CDDL HEADER START # # The contents of this file are subject to the terms of the -# Common Development and Distribution License, Version 1.0 only -# (the "License"). You may not use this file except in compliance -# with the License. +# Common Development and Distribution License (the "License"). +# You may not use this file except in compliance with the License. # # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE # or http://www.opensolaris.org/os/licensing. @@ -19,6 +18,12 @@ # # CDDL HEADER END # +# +# Copyright 2006 Sun Microsystems, Inc. All rights reserved. +# Use is subject to license terms. +# +# ident "%Z%%M% %I% %E% SMI" +# msgid "," msgstr msgid "" @@ -282,3 +287,5 @@ msgid "print" msgstr msgid "count" msgstr +msgid "fmri" +msgstr diff --git a/usr/src/cmd/praudit/token.c b/usr/src/cmd/praudit/token.c index 09fdf0d6a2..ef3f6528de 100644 --- a/usr/src/cmd/praudit/token.c +++ b/usr/src/cmd/praudit/token.c @@ -2006,6 +2006,24 @@ zonename_token(pr_context_t *context) /* * ----------------------------------------------------------------------- + * fmri_token(): Process fmri token and display contents + * return codes : -1 - error + * : 0 - successful + * NOTE: At the time of call, the fmri token id has been retrieved + * + * Format of fmri token: + * fmri token id adr_char + * service instance name adr_string + * ----------------------------------------------------------------------- + */ +int +fmri_token(pr_context_t *context) +{ + return (pa_adr_string(context, 0, 1)); +} + +/* + * ----------------------------------------------------------------------- * xatom_token() : Process Xatom token and display contents in hex. * return codes : -1 - error * : 0 - successful diff --git a/usr/src/cmd/praudit/toktable.c b/usr/src/cmd/praudit/toktable.c index dd0f07a9eb..22f4503f58 100644 --- a/usr/src/cmd/praudit/toktable.c +++ b/usr/src/cmd/praudit/toktable.c @@ -89,6 +89,7 @@ init_tokens(void) */ table_init(AUT_DATA, "arbitrary", arbitrary_data_token, T_EXTENDED); + table_init(AUT_FMRI, "fmri", fmri_token, T_ELEMENT); table_init(AUT_IPC, "IPC", s5_IPC_token, T_ENCLOSED); table_init(AUT_PATH, "path", path_token, T_ELEMENT); table_init(AUT_XATPATH, "path_attr", path_attr_token, T_ELEMENT); diff --git a/usr/src/cmd/praudit/toktable.h b/usr/src/cmd/praudit/toktable.h index 2764b678da..ebc89754a6 100644 --- a/usr/src/cmd/praudit/toktable.h +++ b/usr/src/cmd/praudit/toktable.h @@ -175,6 +175,7 @@ extern int header32_ex_token(); */ extern int arbitrary_data_token(); +extern int fmri_token(); extern int s5_IPC_token(); extern int path_token(); extern int path_attr_token(); diff --git a/usr/src/lib/auditd_plugins/syslog/systoken.c b/usr/src/lib/auditd_plugins/syslog/systoken.c index ae251a67bd..2d5a161ae6 100644 --- a/usr/src/lib/auditd_plugins/syslog/systoken.c +++ b/usr/src/lib/auditd_plugins/syslog/systoken.c @@ -1308,6 +1308,19 @@ zonename_token(parse_context_t *ctx) return (0); } +/* + * Format of fmri token: + * fmri token id adr_char + * fmri adr_string + */ +int +fmri_token(parse_context_t *ctx) +{ + skip_bytes(ctx); + + return (0); +} + int xcolormap_token(parse_context_t *ctx) { diff --git a/usr/src/lib/auditd_plugins/syslog/systoken.h b/usr/src/lib/auditd_plugins/syslog/systoken.h index af6517845a..764196a0d6 100644 --- a/usr/src/lib/auditd_plugins/syslog/systoken.h +++ b/usr/src/lib/auditd_plugins/syslog/systoken.h @@ -74,6 +74,7 @@ extern void header32_ex_token(adr_t *, parse_context_t *); */ extern void arbitrary_data_token(adr_t *, parse_context_t *); +extern void fmri_token(adr_t *, parse_context_t *); extern void s5_IPC_token(adr_t *, parse_context_t *); extern void path_token(adr_t *, parse_context_t *); extern void subject32_token(); diff --git a/usr/src/lib/libbsm/adt_record.dtd.1 b/usr/src/lib/libbsm/adt_record.dtd.1 index 3254d8e077..d56c68335f 100644 --- a/usr/src/lib/libbsm/adt_record.dtd.1 +++ b/usr/src/lib/libbsm/adt_record.dtd.1 @@ -1,15 +1,14 @@ <?xml version="1.0" encoding="UTF-8" ?> <!-- - Copyright 2005 Sun Microsystems, Inc. All rights reserved. + Copyright 2006 Sun Microsystems, Inc. All rights reserved. Use is subject to license terms. CDDL HEADER START The contents of this file are subject to the terms of the - Common Development and Distribution License, Version 1.0 only - (the "License"). You may not use this file except in compliance - with the License. + Common Development and Distribution License (the "License"). + You may not use this file except in compliance with the License. You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. @@ -85,6 +84,7 @@ tokens. exit | exec_args | exec_env | + fmri | group | information_label | ip | @@ -216,6 +216,9 @@ first token (which is the record token): seq-num CDATA #REQUIRED > +<!-- fmri token --> +<!ELEMENT fmri (#PCDATA)> + <!-- group token --> <!ELEMENT group (gid)*> <!ELEMENT gid (#PCDATA)> diff --git a/usr/src/lib/libbsm/adt_record.xsl.1 b/usr/src/lib/libbsm/adt_record.xsl.1 index 40619f132d..d1e2c8726d 100644 --- a/usr/src/lib/libbsm/adt_record.xsl.1 +++ b/usr/src/lib/libbsm/adt_record.xsl.1 @@ -1,15 +1,14 @@ <?xml version="1.0" encoding="UTF-8" ?> <!-- - Copyright 2005 Sun Microsystems, Inc. All rights reserved. + Copyright 2006 Sun Microsystems, Inc. All rights reserved. Use is subject to license terms. CDDL HEADER START The contents of this file are subject to the terms of the - Common Development and Distribution License, Version 1.0 only - (the "License"). You may not use this file except in compliance - with the License. + Common Development and Distribution License (the "License"). + You may not use this file except in compliance with the License. You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. @@ -170,6 +169,11 @@ <I> seq-num: </I><xsl:value-of select="@seq-num"/> </xsl:template> +<xsl:template match="fmri"> + <BR/> + <I>FMRI: </I> <xsl:value-of select="."/> +</xsl:template> + <xsl:template match="group"> <BR/> <I>GROUP </I> diff --git a/usr/src/lib/libbsm/common/adt_token.c b/usr/src/lib/libbsm/common/adt_token.c index 1c6aec718b..981049dbbc 100644 --- a/usr/src/lib/libbsm/common/adt_token.c +++ b/usr/src/lib/libbsm/common/adt_token.c @@ -248,6 +248,30 @@ adt_to_tid(datadef *def, void *p_data, int required, } /* + * au_to_frmi takes a char * that is the fmri. + */ +/* ARGSUSED */ +static void +adt_to_frmi(datadef *def, void *p_data, int required, + struct adt_event_state *event, char *notUsed) +{ + char *fmri; + + DPRINTF((" adt_to_fmri dd_datatype=%d\n", def->dd_datatype)); + + fmri = ((union convert *)p_data)->tcharstar; + + if (fmri == NULL) { + if (required) + fmri = empty; + else + return; + } + DPRINTF((" fmri=%s\n", fmri)); + (void) au_write(event->ae_event_handle, au_to_fmri(fmri)); +} + +/* * au_to_newgroups takes a length and an array of gids * as input. The input to adt_to_newgroups is a length * and a pointer to an array of gids. @@ -760,23 +784,24 @@ adt_to_zonename(datadef *def, void *p_data, int required, * no function for trailer -- the trailer is generated by au_close() */ -#define MAX_TOKEN_JMP 15 +#define MAX_TOKEN_JMP 16 static struct token_jmp token_table[MAX_TOKEN_JMP] = { {AUT_CMD, adt_to_cmd}, {ADT_CMD_ALT, adt_to_cmd1}, - {AUT_TID, adt_to_tid}, - {AUT_NEWGROUPS, adt_to_newgroups}, - {AUT_PATH, adt_to_path}, - {-AUT_PATH, adt_to_pathlist}, /* private extension of token values */ {ADT_AUT_PRIV_L, adt_to_priv_limit}, {ADT_AUT_PRIV_I, adt_to_priv_inherit}, {ADT_AUT_PRIV_E, adt_to_priv_effective}, + {AUT_NEWGROUPS, adt_to_newgroups}, + {AUT_FMRI, adt_to_frmi}, + {AUT_PATH, adt_to_path}, + {-AUT_PATH, adt_to_pathlist}, /* private extension of token values */ {AUT_PROCESS, adt_to_process}, {AUT_RETURN, adt_to_return}, {AUT_SUBJECT, adt_to_subject}, {AUT_TEXT, adt_to_text}, + {AUT_TID, adt_to_tid}, {AUT_UAUTH, adt_to_uauth}, {AUT_ZONENAME, adt_to_zonename} }; diff --git a/usr/src/lib/libbsm/common/au_to.c b/usr/src/lib/libbsm/common/au_to.c index 3747994d76..d3574bfe70 100644 --- a/usr/src/lib/libbsm/common/au_to.c +++ b/usr/src/lib/libbsm/common/au_to.c @@ -1314,3 +1314,31 @@ au_to_zonename(char *name) return (token); } + +/* + * au_to_fmri + * return s: + * pointer to a fmri token. + */ +token_t * +au_to_fmri(char *fmri) +{ + token_t *token; /* local token */ + adr_t adr; /* adr memory stream header */ + char data_header = AUT_FMRI; /* header for this token */ + short bytes; /* length of string */ + + if (fmri == NULL) + return (NULL); + + bytes = strlen(fmri) + 1; + token = get_token((int)(sizeof (char) + sizeof (short) + bytes)); + if (token == NULL) + return (NULL); + adr_start(&adr, token->tt_data); + adr_char(&adr, &data_header, 1); + adr_short(&adr, &bytes, 1); + adr_char(&adr, fmri, bytes); + + return (token); +} diff --git a/usr/src/lib/libbsm/spec/private.spec b/usr/src/lib/libbsm/spec/private.spec index 95cc9e1795..10b81b957d 100644 --- a/usr/src/lib/libbsm/spec/private.spec +++ b/usr/src/lib/libbsm/spec/private.spec @@ -1046,3 +1046,9 @@ include <sys/types.h>, <bsm/audit.h>, <bsm/libbsm.h>, <bsm/audit_record.h>, <bs declaration token_t *au_to_uauth(char *text) version SUNWprivate_1.1 end + +function au_to_fmri +include <sys/types.h>, <bsm/audit.h>, <bsm/libbsm.h>, <bsm/audit_record.h>, <bsm/devices.h>, <pwd.h> +declaration token_t *au_to_fmri(char *fmri) +version SUNWprivate_1.1 +end diff --git a/usr/src/lib/libscf/common/lowlevel.c b/usr/src/lib/libscf/common/lowlevel.c index 16c375d5e2..3223c05d7a 100644 --- a/usr/src/lib/libscf/common/lowlevel.c +++ b/usr/src/lib/libscf/common/lowlevel.c @@ -2,9 +2,8 @@ * CDDL HEADER START * * The contents of this file are subject to the terms of the - * Common Development and Distribution License, Version 1.0 only - * (the "License"). You may not use this file except in compliance - * with the License. + * Common Development and Distribution License (the "License"). + * You may not use this file except in compliance with the License. * * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE * or http://www.opensolaris.org/os/licensing. @@ -20,7 +19,7 @@ * CDDL HEADER END */ /* - * Copyright 2005 Sun Microsystems, Inc. All rights reserved. + * Copyright 2006 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ @@ -5773,21 +5772,6 @@ struct scf_matchkey; struct scf_match; /* - * scf_pattern_t - */ -typedef struct scf_pattern { - enum { - PATTERN_INVALID, /* Uninitialized state */ - PATTERN_EXACT, - PATTERN_GLOB, - PATTERN_PARTIAL - } sp_type; - char *sp_arg; /* Original argument */ - struct scf_match *sp_matches; /* List of matches */ - int sp_matchcount; /* # of matches */ -} scf_pattern_t; - -/* * scf_matchkey_t */ typedef struct scf_matchkey { @@ -5940,7 +5924,7 @@ scf_add_match(scf_matchkey_t **htable, const char *fmri, const char *legacy, /* * Returns 1 if the fmri matches the given pattern, 0 otherwise. */ -static int +int scf_cmp_pattern(char *fmri, scf_pattern_t *pattern) { char *tmp; diff --git a/usr/src/lib/libscf/inc/libscf_priv.h b/usr/src/lib/libscf/inc/libscf_priv.h index e075d10ad2..8af94d6d71 100644 --- a/usr/src/lib/libscf/inc/libscf_priv.h +++ b/usr/src/lib/libscf/inc/libscf_priv.h @@ -2,9 +2,8 @@ * CDDL HEADER START * * The contents of this file are subject to the terms of the - * Common Development and Distribution License, Version 1.0 only - * (the "License"). You may not use this file except in compliance - * with the License. + * Common Development and Distribution License (the "License"). + * You may not use this file except in compliance with the License. * * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE * or http://www.opensolaris.org/os/licensing. @@ -20,7 +19,7 @@ * CDDL HEADER END */ /* - * Copyright 2004 Sun Microsystems, Inc. All rights reserved. + * Copyright 2006 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ @@ -277,6 +276,23 @@ scf_error_t scf_walk_fmri(scf_handle_t *, int, char **, int, */ int _scf_request_backup(scf_handle_t *, const char *); +/* + * scf_pattern_t + */ +typedef struct scf_pattern { + enum { + PATTERN_INVALID, /* Uninitialized state */ + PATTERN_EXACT, + PATTERN_GLOB, + PATTERN_PARTIAL + } sp_type; + char *sp_arg; /* Original argument */ + struct scf_match *sp_matches; /* List of matches */ + int sp_matchcount; /* # of matches */ +} scf_pattern_t; + +int scf_cmp_pattern(char *, scf_pattern_t *); + #ifdef __cplusplus } #endif diff --git a/usr/src/lib/libscf/spec/lowlevel.spec b/usr/src/lib/libscf/spec/lowlevel.spec index f54cc90220..c45db23bbb 100644 --- a/usr/src/lib/libscf/spec/lowlevel.spec +++ b/usr/src/lib/libscf/spec/lowlevel.spec @@ -1,13 +1,12 @@ # -# Copyright 2005 Sun Microsystems, Inc. All rights reserved. +# Copyright 2006 Sun Microsystems, Inc. All rights reserved. # Use is subject to license terms. # # CDDL HEADER START # # The contents of this file are subject to the terms of the -# Common Development and Distribution License, Version 1.0 only -# (the "License"). You may not use this file except in compliance -# with the License. +# Common Development and Distribution License (the "License"). +# You may not use this file except in compliance with the License. # # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE # or http://www.opensolaris.org/os/licensing. @@ -93,6 +92,12 @@ declaration int _scf_snapshot_delete(scf_snapshot_t *) version SUNWprivate_1.1 end +function scf_cmp_pattern +include <libscf.h> +declaration int scf_cmp_pattern(char *, scf_pattern_t *) +version SUNWprivate_1.1 +end + function scf_parse_fmri include <libscf.h> declaration int scf_parse_fmri(char *, int *, const char **, const char **, const char **, const char **, const char **) diff --git a/usr/src/uts/common/c2/audit_record.h b/usr/src/uts/common/c2/audit_record.h index 50ac50d689..2f1e1c31be 100644 --- a/usr/src/uts/common/c2/audit_record.h +++ b/usr/src/uts/common/c2/audit_record.h @@ -83,6 +83,7 @@ extern "C" { * Data token types */ +#define AUT_FMRI ((char)0x20) #define AUT_DATA ((char)0x21) #define AUT_IPC ((char)0x22) #define AUT_PATH ((char)0x23) @@ -714,6 +715,7 @@ extern token_t *au_to_data(char, char, char, char *); extern token_t *au_to_exec_args(char **); extern token_t *au_to_exec_env(char **); extern token_t *au_to_exit(int, int); +extern token_t *au_to_fmri(char *); extern token_t *au_to_groups(int *); extern token_t *au_to_newgroups(int, gid_t *); extern token_t *au_to_header(au_event_t, au_emod_t); |