diff options
Diffstat (limited to 'usr/src/cmd/auditconfig/audit_scf_shared.c')
| -rw-r--r-- | usr/src/cmd/auditconfig/audit_scf_shared.c | 256 |
1 files changed, 0 insertions, 256 deletions
diff --git a/usr/src/cmd/auditconfig/audit_scf_shared.c b/usr/src/cmd/auditconfig/audit_scf_shared.c deleted file mode 100644 index c79ea22925..0000000000 --- a/usr/src/cmd/auditconfig/audit_scf_shared.c +++ /dev/null @@ -1,256 +0,0 @@ -/* - * CDDL HEADER START - * - * The contents of this file are subject to the terms of the - * Common Development and Distribution License (the "License"). - * You may not use this file except in compliance with the License. - * - * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE - * or http://www.opensolaris.org/os/licensing. - * See the License for the specific language governing permissions - * and limitations under the License. - * - * When distributing Covered Code, include this CDDL HEADER in each - * file and include the License file at usr/src/OPENSOLARIS.LICENSE. - * If applicable, add the following below this CDDL HEADER, with the - * fields enclosed by brackets "[]" replaced with your own identifying - * information: Portions Copyright [yyyy] [name of copyright owner] - * - * CDDL HEADER END - */ -/* - * Copyright 2009 Sun Microsystems, Inc. All rights reserved. - * Use is subject to license terms. - */ - -/* auditd smf(5)/libscf(3LIB) interface - set and display audit parameters */ -#include <audit_scf.h> -#include <auditconfig_impl.h> - -/* propvec array must be NULL terminated */ -scf_propvec_t prop_vect[MAX_PROPVECS + 1]; - -/* - * do_getqctrl_scf() - get the values of qctrl properties of the audit service - */ -boolean_t -do_getqctrl_scf(struct au_qctrl *cval) -{ - scf_propvec_t *prop_vect_ptr; - scf_qctrl_t cval_scf; - - bzero(prop_vect, sizeof (prop_vect)); - - prop_vect_ptr = prop_vect; - add_prop_vect_scf(prop_vect_ptr++, QUEUECTRL_QHIWATER, - SCF_TYPE_COUNT, (void *)&cval_scf.scf_qhiwater); - add_prop_vect_scf(prop_vect_ptr++, QUEUECTRL_QLOWATER, - SCF_TYPE_COUNT, (void *)&cval_scf.scf_qlowater); - add_prop_vect_scf(prop_vect_ptr++, QUEUECTRL_QBUFSZ, - SCF_TYPE_COUNT, (void *)&cval_scf.scf_qbufsz); - add_prop_vect_scf(prop_vect_ptr, QUEUECTRL_QDELAY, - SCF_TYPE_COUNT, (void *)&cval_scf.scf_qdelay); - - if (!get_val_scf(prop_vect, ASI_PGROUP_QUEUECTRL)) { - return (B_FALSE); - } - - cval->aq_hiwater = (size_t)cval_scf.scf_qhiwater; - cval->aq_lowater = (size_t)cval_scf.scf_qlowater; - cval->aq_bufsz = (size_t)cval_scf.scf_qbufsz; - cval->aq_delay = (clock_t)cval_scf.scf_qdelay; - - return (B_TRUE); -} - -/* - * do_getpolicy_scf() - get the audit policy flags from service - */ -boolean_t -do_getpolicy_scf(uint32_t *policy_mask) -{ - int i; - scf_propvec_t *prop_vect_ptr; - char *cur_policy_str; - policy_sw_t policy_arr[POLICY_TBL_SZ + 1]; - policy_sw_t *policy_arr_ptr; - - prop_vect_ptr = prop_vect; - policy_arr_ptr = policy_arr; - - bzero(prop_vect, sizeof (prop_vect)); - bzero(policy_arr, sizeof (policy_arr)); - - /* prepare the smf(5) query */ - for (i = 0; i < POLICY_TBL_SZ; i++) { - - cur_policy_str = policy_table[i].policy_str; - - /* Do some basic policy dependent checks */ - if (!chk_policy_context(cur_policy_str)) { - continue; - } - DPRINT((dbfp, "will be queried\n")); - - add_prop_vect_scf(prop_vect_ptr++, cur_policy_str, - SCF_TYPE_BOOLEAN, (void *)&policy_arr_ptr->flag); - - policy_arr_ptr->policy = cur_policy_str; - policy_arr_ptr++; - - } - if (!get_val_scf(prop_vect, ASI_PGROUP_POLICY)) { - return (B_FALSE); - } - - /* set the policy mask */ - policy_arr_ptr = policy_arr; - *policy_mask = 0; - while (policy_arr_ptr->policy != NULL) { - if (policy_arr_ptr->flag) { - *policy_mask |= get_policy(policy_arr_ptr->policy); - } - policy_arr_ptr++; - } - - return (B_TRUE); -} - -/* - * get_policy() - get policy mask entry - */ -uint32_t -get_policy(char *policy) -{ - int i; - - for (i = 0; i < POLICY_TBL_SZ; i++) { - if (strcasecmp(policy, policy_table[i].policy_str) == 0) { - return (policy_table[i].policy_mask); - } - } - - return (0); -} - -/* - * chk_policy_context() - does some policy based checks, checks the context - * (zone, smf) in which the policy could make some sense. - */ -boolean_t -chk_policy_context(char *policy_str) -{ - - /* - * "all" and "none" policy flags, since they represent - * sub/set of auditing policies, are not stored in the - * AUDITD_FMRI service instance configuration. - */ - DPRINT((dbfp, "Walking policy - %s: ", policy_str)); - if (strcmp("all", policy_str) == 0 || - strcmp("none", policy_str) == 0) { - DPRINT((dbfp, "skipped\n")); - return (B_FALSE); - } - /* - * In the local zone (!= GLOBAL_ZONEID) we do not touch - * "ahlt" and "perzone" policy flags, since these are - * relevant only in the global zone. - */ - if ((getzoneid() != GLOBAL_ZONEID) && - (strcmp("ahlt", policy_str) == 0 || - strcmp("perzone", policy_str) == 0)) { - DPRINT((dbfp, "skipped\n")); - return (B_FALSE); - } - - return (B_TRUE); -} - -/* - * prt_error() - prt_error_va() wrapper; see prt_error_va() for more contextual - * information. Inputs - program error format and message. - * - */ -/*PRINTFLIKE1*/ -void -prt_error(char *fmt, ...) -{ - va_list args; - - va_start(args, fmt); - prt_error_va(fmt, args); - va_end(args); -} - -/* - * prt_error_va() - prints an error message along with corresponding system - * error number. Inputs - program error format and the va_list already prepared - * by the preceding functions. - * - */ -/*PRINTFLIKE1*/ -void -prt_error_va(char *fmt, va_list args) -{ - (void) vfprintf(stderr, fmt, args); - (void) fputc('\n', stderr); - if (errno) - (void) fprintf(stderr, gettext("error: %s(%d)\n"), - strerror(errno), errno); - (void) fflush(stderr); -} - -/* - * add_prop_vect_scf() - adds vector to the array of vectors later passed to - * get_/set_val_scf(). The first argument (vector) points to particular position - * in the vector of properties. - */ -void -add_prop_vect_scf(scf_propvec_t *vector, const char *prop_str, - scf_type_t prop_type, void *prop_val_ptr) -{ - vector->pv_prop = prop_str; - vector->pv_type = prop_type; - vector->pv_ptr = prop_val_ptr; -} - -/* - * get_val_scf() - get a property values from the audit service - * - * Arguments: vector = pointers to the head end of array of property vectors - * pgroup_str = property group of property in AUDITD_FMRI - * - */ -boolean_t -get_val_scf(scf_propvec_t *vector, char *pgroup_str) -{ - scf_propvec_t *bad_prop_vec = NULL; - - /* - * Get the property vector from the editing snapshot (B_FALSE). - * For documentation on property vectors see <libscf_priv.h>. - */ - if (scf_read_propvec(AUDITD_FMRI, pgroup_str, B_FALSE, - vector, (scf_propvec_t **)&bad_prop_vec) != SCF_SUCCESS) { - prt_scf_err(); - if (bad_prop_vec != NULL) { - prt_error(gettext("Reading the %s property in the %s " - "property group failed.\n"), bad_prop_vec->pv_prop, - pgroup_str); - } - prt_error(gettext("Unable to get property value.")); - return (B_FALSE); - } - - return (B_TRUE); -} - -/* - * prt_scf_err() - scf_error()/scf_strerror() wrapper. - */ -void -prt_scf_err(void) -{ - (void) fprintf(stderr, "error: %s\n", scf_strerror(scf_error())); -} |