d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

This commit was generated by cvs2svn to compensate for changes in r159248,

Browse Source 
which included commits to RCS files with non-trunk default branches.
This commit is contained in:
Robert Watson 2006-06-05 10:52:12 +00:00
commit 0127a4bb1b
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=159249
47 changed files with 5280 additions and 279 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
contrib/openbsm/HISTORY
View File

@ -1,3 +1,44 @@
OpenBSM 1.0 alpha 6
- Use AU_TO_WRITE and AU_NO_TO_WRITE for the 'keep' argument to au_close();
previously we used hard-coded 0 and 1 values.
- Add man page for au_open(), au_write(), au_close(), and
au_close_buffer().
- Support a more complete range of data types for the arbitrary data token:
add AUR_CHAR (alias to AUR_BYTE), remove AUR_LONG, add AUR_INT32 (alias
to AUR_INT), add AUR_INT64.
- Add au_close_token(), which allows writing a single token_t to a memory
buffer. Not likely to be used much by applications, but useful for
writing test tools.
- Modify au_to_file() so that it accepts a timeval in user space, not just
kernel -- this is not a Solaris BSM API so can be modified without
causing compatibility issues.
- Define a new API, au_to_header32_tm(), which adds a struct timeval
argument to the ordinary au_to_header32(), which is now implemented by
wrapping au_to_header32_tm() and calling gettimeofday(). #ifndef KERNEL
the APIs that invoke gettimeofday(), rather than having a variable
definition. Don't try to retrieve time zone information using
gettimeofday(), as it's not needed, and introduces possible failure
modes.
- Don't perform byte order transformations on the addr/machine fields of
the terminal ID that appears in the process32/subject32 tokens. These
are assumed to be IP addresses, and as such, to be in network byte
order.
- Universally, APIs now assume that IP addresses and ports are provided
in network byte order. APIs now generally provide these types in
network byte order when decoding.
- Beginnings of an OpenBSM test framework can now be found in openbsm/test.
This code is not built or installed by default.
- auditd now assigns more appropriate syslog levels to its debugging and
error information.
- Support for audit filters introduced: audit filters are dynamically
loaded shared objects that run in the context of a new daemon,
auditfilterd. The daemon reads from an audit pipe and feeds both BSM and
parsed versions of records to shared objects using a module API. This
will provide a framework for the writing of intrusion detection services.
- New utility API, audit_submit(), added to capture common elements of audit
record submission for many applications.
OpenBSM 1.0 alpha 5
- Update install notes to indicate /etc files are to be installed manually.
@ -124,4 +165,4 @@ OpenBSM 1.0 alpha 1
to support reloading of kernel event table.
- Allow comments in /etc/security configuration files.
$P4: //depot/projects/trustedbsd/openbsm/HISTORY#2 $
$P4: //depot/projects/trustedbsd/openbsm/HISTORY#12 $

5
contrib/openbsm/Makefile.am
View File

@ -1,12 +1,13 @@
#
# $P4: //depot/projects/trustedbsd/openbsm/Makefile.am#1 $
# $P4: //depot/projects/trustedbsd/openbsm/Makefile.am#2 $
#
SUBDIRS = \
bsm \
libbsm \
bin \
man
man \
modules
EXTRA_DIST = \
CHANGELOG \

5
contrib/openbsm/Makefile.in
View File

@ -15,7 +15,7 @@
@SET_MAKE@
#
# $P4: //depot/projects/trustedbsd/openbsm/Makefile.in#3 $
# $P4: //depot/projects/trustedbsd/openbsm/Makefile.in#4 $
#
srcdir = @srcdir@
top_srcdir = @top_srcdir@
@ -181,7 +181,8 @@ SUBDIRS = \
bsm \
libbsm \
bin \
man
man \
modules
EXTRA_DIST = \
CHANGELOG \

4
contrib/openbsm/README
View File

@ -27,7 +27,7 @@ POSIX-like systems.
OpenBSM is currently built using autoconf and automake, which should allow
for building on a range of operating systems, including FreeBSD, Mac OS X,
and Linux. Depending on the availability of audit facailities in the
and Linux. Depending on the availability of audit facilities in the
underlying operating system, some components that depend on kernel audit
support are built conditionally. Typically, build will be performed using
@ -95,4 +95,4 @@ Information on TrustedBSD may be found on the TrustedBSD home page:
http://www.TrustedBSD.org/
$P4: //depot/projects/trustedbsd/openbsm/README#16 $
$P4: //depot/projects/trustedbsd/openbsm/README#17 $

6
contrib/openbsm/TODO
View File

@ -13,5 +13,9 @@
- It might be desirable to be able to provide EOPNOTSUPP system call stubs
on systems that don't have the necessary audit system calls; that would
allow the full libbsm and tool set to build, just not run.
- Teach praudit how to begin printing at any point in a token stream, not
just at the beginning of a record. This will make it easier to use
praudit in test suites processing single-token files without header and
trailer context.
$P4: //depot/projects/trustedbsd/openbsm/TODO#5 $
$P4: //depot/projects/trustedbsd/openbsm/TODO#6 $

2
contrib/openbsm/VERSION
View File

@ -1 +1 @@
OPENBSM_1_0_ALPHA_3
OPENBSM_1_0_ALPHA_6

3
contrib/openbsm/bin/Makefile.am
View File

@ -1,8 +1,9 @@
#
# $P4: //depot/projects/trustedbsd/openbsm/bin/Makefile.am#2 $
# $P4: //depot/projects/trustedbsd/openbsm/bin/Makefile.am#3 $
#
SUBDIRS = \
auditfilterd \
auditreduce \
praudit

6
contrib/openbsm/bin/Makefile.in
View File

@ -15,7 +15,7 @@
@SET_MAKE@
#
# $P4: //depot/projects/trustedbsd/openbsm/bin/Makefile.in#3 $
# $P4: //depot/projects/trustedbsd/openbsm/bin/Makefile.in#4 $
#
srcdir = @srcdir@
top_srcdir = @top_srcdir@
@ -62,7 +62,7 @@ RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \
uninstall-recursive
ETAGS = etags
CTAGS = ctags
DIST_SUBDIRS = auditreduce praudit audit auditd
DIST_SUBDIRS = auditfilterd auditreduce praudit audit auditd
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
AMDEP_FALSE = @AMDEP_FALSE@
@ -165,7 +165,7 @@ sbindir = @sbindir@
sharedstatedir = @sharedstatedir@
sysconfdir = @sysconfdir@
target_alias = @target_alias@
SUBDIRS = auditreduce praudit $(am__append_1)
SUBDIRS = auditfilterd auditreduce praudit $(am__append_1)
all: all-recursive
.SUFFIXES:

206
contrib/openbsm/bin/auditd/auditd.c
View File

@ -30,7 +30,7 @@
*
* @APPLE_BSD_LICENSE_HEADER_END@
*
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#13 $
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#16 $
*/
#include <sys/types.h>
@ -44,6 +44,7 @@
#include <bsm/audit_uevents.h>
#include <bsm/libbsm.h>
#include <err.h>
#include <errno.h>
#include <fcntl.h>
#include <grp.h>
@ -63,6 +64,7 @@ static int ret, minval;
static char *lastfile = NULL;
static int allhardcount = 0;
static int triggerfd = 0;
static int sigchlds, sigchlds_handled;
static int sighups, sighups_handled;
static int sigterms, sigterms_handled;
static long global_flags;
@ -127,7 +129,7 @@ affixdir(char *name, struct dir_ent *dirent)
const char *sep = "/";
curdir = dirent->dirname;
syslog(LOG_INFO, "dir = %s\n", dirent->dirname);
syslog(LOG_DEBUG, "dir = %s", dirent->dirname);
fn = malloc(strlen(curdir) + strlen(sep) + (2 * POSTFIX_LEN) + 1);
if (fn == NULL)
@ -158,10 +160,10 @@ close_lastfile(char *TS)
*ptr = '.';
strcpy(ptr+1, TS);
if (rename(oldname, lastfile) != 0)
syslog(LOG_ERR, "Could not rename %s to %s \n",
syslog(LOG_ERR, "Could not rename %s to %s",
oldname, lastfile);
else
syslog(LOG_INFO, "renamed %s to %s \n",
syslog(LOG_INFO, "renamed %s to %s",
oldname, lastfile);
}
free(lastfile);
@ -241,7 +243,7 @@ swap_audit_file(void)
/* Try until we succeed. */
while ((dirent = TAILQ_FIRST(&dir_q))) {
if ((fn = affixdir(timestr, dirent)) == NULL) {
syslog(LOG_INFO, "Failed to swap log at time %s\n",
syslog(LOG_INFO, "Failed to swap log at time %s",
timestr);
return (-1);
}
@ -250,7 +252,7 @@ swap_audit_file(void)
* Create and open the file; then close and pass to the
* kernel if all went well.
*/
syslog(LOG_INFO, "New audit file is %s\n", fn);
syslog(LOG_INFO, "New audit file is %s", fn);
#ifdef AUDIT_REVIEW_GROUP
fd = open_trail(fn, uid, gid);
#else
@ -262,7 +264,7 @@ swap_audit_file(void)
error = auditctl(fn);
if (error) {
syslog(LOG_ERR,
"auditctl failed setting log file! : %s\n",
"auditctl failed setting log file! : %s",
strerror(errno));
close(fd);
} else {
@ -284,7 +286,7 @@ swap_audit_file(void)
free(dirent->dirname);
free(dirent);
}
syslog(LOG_INFO, "Log directories exhausted\n");
syslog(LOG_ERR, "Log directories exhausted\n");
return (-1);
}
@ -326,7 +328,7 @@ read_control_file(void)
allhardcount = 0;
if (swap_audit_file() == -1) {
syslog(LOG_ERR, "Could not swap audit file\n");
syslog(LOG_ERR, "Could not swap audit file");
/*
* XXX Faulty directory listing? - user should be given
* XXX an opportunity to change the audit_control file
@ -341,16 +343,16 @@ read_control_file(void)
* XXX is generated here?
*/
if (0 == (ret = getacmin(&minval))) {
syslog(LOG_INFO, "min free = %d\n", minval);
syslog(LOG_DEBUG, "min free = %d\n", minval);
if (auditon(A_GETQCTRL, &qctrl, sizeof(qctrl)) != 0) {
syslog(LOG_ERR,
"could not get audit queue settings\n");
"could not get audit queue settings");
return (-1);
}
qctrl.aq_minfree = minval;
if (auditon(A_SETQCTRL, &qctrl, sizeof(qctrl)) != 0) {
syslog(LOG_ERR,
"could not set audit queue settings\n");
"could not set audit queue settings");
return (-1);
}
}
@ -372,20 +374,20 @@ close_all(void)
/* Generate an audit record. */
if ((aufd = au_open()) == -1)
syslog(LOG_ERR, "Could not create audit shutdown event.\n");
syslog(LOG_ERR, "Could not create audit shutdown event.");
else {
if ((tok = au_to_text("auditd::Audit shutdown")) != NULL)
au_write(aufd, tok);
if (au_close(aufd, 1, AUE_audit_shutdown) == -1)
syslog(LOG_ERR,
"Could not close audit shutdown event.\n");
"Could not close audit shutdown event.");
}
/* Flush contents. */
cond = AUC_DISABLED;
err_ret = auditon(A_SETCOND, &cond, sizeof(cond));
if (err_ret != 0) {
syslog(LOG_ERR, "Disabling audit failed! : %s\n",
syslog(LOG_ERR, "Disabling audit failed! : %s",
strerror(errno));
err_ret = 1;
}
@ -396,15 +398,15 @@ close_all(void)
free_dir_q();
if ((remove(AUDITD_PIDFILE) == -1) || err_ret) {
syslog(LOG_ERR, "Could not unregister\n");
syslog(LOG_ERR, "Could not unregister");
audit_warn_postsigterm();
return (1);
}
endac();
if (close(triggerfd) != 0)
syslog(LOG_ERR, "Error closing control file\n");
syslog(LOG_INFO, "Finished.\n");
syslog(LOG_ERR, "Error closing control file");
syslog(LOG_INFO, "Finished");
return (0);
}
@ -422,6 +424,8 @@ relay_signal(int signal)
sighups++;
if (signal == SIGTERM)
sigterms++;
if (signal == SIGCHLD)
sigchlds++;
}
/*
@ -437,23 +441,22 @@ register_daemon(void)
/* Set up the signal hander. */
if (signal(SIGTERM, relay_signal) == SIG_ERR) {
syslog(LOG_ERR,
"Could not set signal handler for SIGTERM\n");
"Could not set signal handler for SIGTERM");
fail_exit();
}
if (signal(SIGCHLD, relay_signal) == SIG_ERR) {
syslog(LOG_ERR,
"Could not set signal handler for SIGCHLD\n");
"Could not set signal handler for SIGCHLD");
fail_exit();
}
if (signal(SIGHUP, relay_signal) == SIG_ERR) {
syslog(LOG_ERR,
"Could not set signal handler for SIGHUP\n");
"Could not set signal handler for SIGHUP");
fail_exit();
}
if ((pidfile = fopen(AUDITD_PIDFILE, "a")) == NULL) {
syslog(LOG_ERR,
"Could not open PID file\n");
syslog(LOG_ERR, "Could not open PID file");
audit_warn_tmpfile();
return (-1);
}
@ -462,7 +465,7 @@ register_daemon(void)
fd = fileno(pidfile);
if (flock(fd, LOCK_EX | LOCK_NB) < 0) {
syslog(LOG_ERR,
"PID file is locked (is another auditd running?).\n");
"PID file is locked (is another auditd running?).");
audit_warn_ebusy();
return (-1);
}
@ -490,7 +493,6 @@ handle_audit_trigger(int trigger)
static int last_trigger;
static time_t last_time;
struct dir_ent *dirent;
int rc;
/*
* Suppres duplicate messages from the kernel within the specified
@ -516,7 +518,7 @@ handle_audit_trigger(int trigger)
switch(trigger) {
case AUDIT_TRIGGER_LOW_SPACE:
syslog(LOG_INFO, "Got low space trigger\n");
syslog(LOG_INFO, "Got low space trigger");
if (dirent && (dirent->softlim != 1)) {
TAILQ_REMOVE(&dir_q, dirent, dirs);
/* Add this node to the end of the list. */
@ -526,7 +528,7 @@ handle_audit_trigger(int trigger)
if (TAILQ_NEXT(TAILQ_FIRST(&dir_q), dirs) != NULL &&
swap_audit_file() == -1)
syslog(LOG_ERR, "Error swapping audit file\n");
syslog(LOG_ERR, "Error swapping audit file");
/*
* Check if the next dir has already reached its soft
@ -548,7 +550,7 @@ handle_audit_trigger(int trigger)
break;
case AUDIT_TRIGGER_NO_SPACE:
syslog(LOG_INFO, "Got no space trigger\n");
syslog(LOG_INFO, "Got no space trigger");
/* Delete current dir, go on to next. */
TAILQ_REMOVE(&dir_q, dirent, dirs);
@ -557,7 +559,7 @@ handle_audit_trigger(int trigger)
free(dirent);
if (swap_audit_file() == -1)
syslog(LOG_ERR, "Error swapping audit file\n");
syslog(LOG_ERR, "Error swapping audit file");
/* We are out of log directories. */
audit_warn_allhard(++allhardcount);
@ -568,21 +570,21 @@ handle_audit_trigger(int trigger)
* Create a new file and swap with the one being used in
* kernel
*/
syslog(LOG_INFO, "Got open new trigger\n");
syslog(LOG_INFO, "Got open new trigger");
if (swap_audit_file() == -1)
syslog(LOG_ERR, "Error swapping audit file\n");
syslog(LOG_ERR, "Error swapping audit file");
break;
case AUDIT_TRIGGER_READ_FILE:
syslog(LOG_INFO, "Got read file trigger\n");
syslog(LOG_INFO, "Got read file trigger");
if (read_control_file() == -1)
syslog(LOG_ERR, "Error in audit control file\n");
syslog(LOG_ERR, "Error in audit control file");
if (config_audit_controls() == -1)
syslog(LOG_ERR, "Error setting audit controls\n");
syslog(LOG_ERR, "Error setting audit controls");
break;
default:
syslog(LOG_ERR, "Got unknown trigger %d\n", trigger);
syslog(LOG_ERR, "Got unknown trigger %d", trigger);
break;
}
}
@ -595,44 +597,6 @@ handle_sighup(void)
config_audit_controls();
}
/*
* Read the control file for triggers and handle appropriately.
*/
static int
wait_for_triggers(void)
{
int num;
unsigned int trigger;
for (;;) {
num = read(triggerfd, &trigger, sizeof(trigger));
if ((num == -1) && (errno != EINTR)) {
syslog(LOG_ERR, "%s: error %d\n", __FUNCTION__, errno);
return (-1);
}
if (sigterms != sigterms_handled) {
syslog(LOG_INFO, "%s: SIGTERM", __FUNCTION__);
break;
}
if (sighups != sighups_handled) {
syslog(LOG_INFO, "%s: SIGHUP", __FUNCTION__);
handle_sighup();
}
if ((num == -1) && (errno == EINTR))
continue;
if (num == 0) {
syslog(LOG_INFO, "%s: read EOF\n", __FUNCTION__);
return (-1);
}
syslog(LOG_INFO, "%s: read %d\n", __FUNCTION__, trigger);
if (trigger == AUDIT_TRIGGER_CLOSE_AND_DIE)
break;
else
handle_audit_trigger(trigger);
}
return (close_all());
}
/*
* Reap our children.
*/
@ -645,7 +609,7 @@ reap_children(void)
while ((child = waitpid(-1, &wstatus, WNOHANG)) > 0) {
if (!wstatus)
continue;
syslog(LOG_INFO, "warn process [pid=%d] %s %d.\n", child,
syslog(LOG_INFO, "warn process [pid=%d] %s %d.", child,
((WIFEXITED(wstatus)) ? "exited with non-zero status" :
"exited as a result of signal"),
((WIFEXITED(wstatus)) ? WEXITSTATUS(wstatus) :
@ -653,6 +617,56 @@ reap_children(void)
}
}
static void
handle_sigchld(void)
{
sigchlds_handled = sigchlds;
reap_children();
}
/*
* Read the control file for triggers/signals and handle appropriately.
*/
static int
wait_for_events(void)
{
int num;
unsigned int trigger;
for (;;) {
num = read(triggerfd, &trigger, sizeof(trigger));
if ((num == -1) && (errno != EINTR)) {
syslog(LOG_ERR, "%s: error %d", __FUNCTION__, errno);
return (-1);
}
if (sigterms != sigterms_handled) {
syslog(LOG_DEBUG, "%s: SIGTERM", __FUNCTION__);
break;
}
if (sigchlds != sigchlds_handled) {
syslog(LOG_DEBUG, "%s: SIGCHLD", __FUNCTION__);
handle_sigchld();
}
if (sighups != sighups_handled) {
syslog(LOG_DEBUG, "%s: SIGHUP", __FUNCTION__);
handle_sighup();
}
if ((num == -1) && (errno == EINTR))
continue;
if (num == 0) {
syslog(LOG_ERR, "%s: read EOF", __FUNCTION__);
return (-1);
}
syslog(LOG_DEBUG, "%s: read %d", __FUNCTION__, trigger);
if (trigger == AUDIT_TRIGGER_CLOSE_AND_DIE)
break;
else
handle_audit_trigger(trigger);
}
return (close_all());
}
/*
* Configure the audit controls in the kernel: the event to class mapping,
* kernel preselection mask, etc.
@ -700,7 +714,7 @@ config_audit_controls(void)
if (ctr == 0)
syslog(LOG_ERR, "No events to class mappings registered.");
else
syslog(LOG_INFO, "Registered %d event to class mappings.",
syslog(LOG_DEBUG, "Registered %d event to class mappings.",
ctr);
/*
@ -713,7 +727,7 @@ config_audit_controls(void)
syslog(LOG_ERR,
"Failed to register non-attributable event mask.");
else
syslog(LOG_INFO,
syslog(LOG_DEBUG,
"Registered non-attributable event mask.");
} else
syslog(LOG_ERR,
@ -731,35 +745,53 @@ config_audit_controls(void)
static void
setup(void)
{
auditinfo_t auinfo;
int aufd;
token_t *tok;
if ((triggerfd = open(AUDIT_TRIGGER_FILE, O_RDONLY, 0)) < 0) {
syslog(LOG_ERR, "Error opening trigger file\n");
syslog(LOG_ERR, "Error opening trigger file");
fail_exit();
}
/*
* To provide event feedback cycles and avoid auditd becoming
* stalled if auditing is suspended, auditd and its children run
* without their events being audited. We allow the uid, tid, and
* mask fields to be implicitly set to zero, but do set the pid. We
* run this after opening the trigger device to avoid configuring
* audit state without audit present in the system.
*
* XXXRW: Is there more to it than this?
*/
bzero(&auinfo, sizeof(auinfo));
auinfo.ai_asid = getpid();
if (setaudit(&auinfo) == -1) {
syslog(LOG_ERR, "Error setting audit stat");
fail_exit();
}
TAILQ_INIT(&dir_q);
if (read_control_file() == -1) {
syslog(LOG_ERR, "Error reading control file\n");
syslog(LOG_ERR, "Error reading control file");
fail_exit();
}
/* Generate an audit record. */
if ((aufd = au_open()) == -1)
syslog(LOG_ERR, "Could not create audit startup event.\n");
syslog(LOG_ERR, "Could not create audit startup event.");
else {
if ((tok = au_to_text("auditd::Audit startup")) != NULL)
au_write(aufd, tok);
if (au_close(aufd, 1, AUE_audit_startup) == -1)
syslog(LOG_ERR,
"Could not close audit startup event.\n");
"Could not close audit startup event.");
}
if (config_audit_controls() == 0)
syslog(LOG_INFO, "Audit controls init successful\n");
syslog(LOG_INFO, "Audit controls init successful");
else
syslog(LOG_INFO, "Audit controls init failed\n");
syslog(LOG_ERR, "Audit controls init failed");
}
int
@ -800,22 +832,22 @@ main(int argc, char **argv)
#else
openlog("auditd", LOG_CONS | LOG_PID, LOG_AUTH);
#endif
syslog(LOG_INFO, "starting...\n");
syslog(LOG_INFO, "starting...");
if (debug == 0 && daemon(0, 0) == -1) {
syslog(LOG_ERR, "Failed to daemonize\n");
syslog(LOG_ERR, "Failed to daemonize");
exit(1);
}
if (register_daemon() == -1) {
syslog(LOG_ERR, "Could not register as daemon\n");
syslog(LOG_ERR, "Could not register as daemon");
exit(1);
}
setup();
rc = wait_for_triggers();
syslog(LOG_INFO, "auditd exiting.\n");
rc = wait_for_events();
syslog(LOG_INFO, "auditd exiting.");
exit(rc);
}

10
contrib/openbsm/bin/auditfilterd/Makefile.am Normal file
View File

@ -0,0 +1,10 @@
#
# $P4: //depot/projects/trustedbsd/openbsm/bin/auditfilterd/Makefile.am#1 $
#
INCLUDES = -I$(top_srcdir)
sbin_PROGRAMS = auditfilterd
auditfilterd_SOURCES = auditfilterd_conf.c auditfilterd.c
auditfilterd_LDADD = $(top_builddir)/libbsm/libbsm.la
man8_MANS = auditfilterd.8

508
contrib/openbsm/bin/auditfilterd/Makefile.in Normal file
View File

@ -0,0 +1,508 @@
# Makefile.in generated by automake 1.9.6 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
# 2003, 2004, 2005 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE.
@SET_MAKE@
#
# $P4: //depot/projects/trustedbsd/openbsm/bin/auditfilterd/Makefile.in#1 $
#
srcdir = @srcdir@
top_srcdir = @top_srcdir@
VPATH = @srcdir@
pkgdatadir = $(datadir)/@PACKAGE@
pkglibdir = $(libdir)/@PACKAGE@
pkgincludedir = $(includedir)/@PACKAGE@
top_builddir = ../..
am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
INSTALL = @INSTALL@
install_sh_DATA = $(install_sh) -c -m 644
install_sh_PROGRAM = $(install_sh) -c
install_sh_SCRIPT = $(install_sh) -c
INSTALL_HEADER = $(INSTALL_DATA)
transform = $(program_transform_name)
NORMAL_INSTALL = :
PRE_INSTALL = :
POST_INSTALL = :
NORMAL_UNINSTALL = :
PRE_UNINSTALL = :
POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
sbin_PROGRAMS = auditfilterd$(EXEEXT)
subdir = bin/auditfilterd
DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config/config.h
CONFIG_CLEAN_FILES =
am__installdirs = "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(man8dir)"
sbinPROGRAMS_INSTALL = $(INSTALL_PROGRAM)
PROGRAMS = $(sbin_PROGRAMS)
am_auditfilterd_OBJECTS = auditfilterd_conf.$(OBJEXT) \
auditfilterd.$(OBJEXT)
auditfilterd_OBJECTS = $(am_auditfilterd_OBJECTS)
auditfilterd_DEPENDENCIES = $(top_builddir)/libbsm/libbsm.la
DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/config
depcomp = $(SHELL) $(top_srcdir)/config/depcomp
am__depfiles_maybe = depfiles
COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
LTCOMPILE = $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) \
$(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \
$(AM_CFLAGS) $(CFLAGS)
CCLD = $(CC)
LINK = $(LIBTOOL) --tag=CC --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
$(AM_LDFLAGS) $(LDFLAGS) -o $@
SOURCES = $(auditfilterd_SOURCES)
DIST_SOURCES = $(auditfilterd_SOURCES)
man8dir = $(mandir)/man8
NROFF = nroff
MANS = $(man8_MANS)
ETAGS = etags
CTAGS = ctags
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
AMDEP_FALSE = @AMDEP_FALSE@
AMDEP_TRUE = @AMDEP_TRUE@
AMTAR = @AMTAR@
AR = @AR@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
AWK = @AWK@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
CPP = @CPP@
CPPFLAGS = @CPPFLAGS@
CXX = @CXX@
CXXCPP = @CXXCPP@
CXXDEPMODE = @CXXDEPMODE@
CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
ECHO = @ECHO@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
EXEEXT = @EXEEXT@
F77 = @F77@
FFLAGS = @FFLAGS@
HAVE_AUDIT_SYSCALLS_FALSE = @HAVE_AUDIT_SYSCALLS_FALSE@
HAVE_AUDIT_SYSCALLS_TRUE = @HAVE_AUDIT_SYSCALLS_TRUE@
INSTALL_DATA = @INSTALL_DATA@
INSTALL_PROGRAM = @INSTALL_PROGRAM@
INSTALL_SCRIPT = @INSTALL_SCRIPT@
INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
LDFLAGS = @LDFLAGS@
LIBOBJS = @LIBOBJS@
LIBS = @LIBS@
LIBTOOL = @LIBTOOL@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAINT = @MAINT@
MAINTAINER_MODE_FALSE = @MAINTAINER_MODE_FALSE@
MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@
MAKEINFO = @MAKEINFO@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
PACKAGE_NAME = @PACKAGE_NAME@
PACKAGE_STRING = @PACKAGE_STRING@
PACKAGE_TARNAME = @PACKAGE_TARNAME@
PACKAGE_VERSION = @PACKAGE_VERSION@
PATH_SEPARATOR = @PATH_SEPARATOR@
RANLIB = @RANLIB@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
STRIP = @STRIP@
VERSION = @VERSION@
ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_CXX = @ac_ct_CXX@
ac_ct_F77 = @ac_ct_F77@
ac_ct_RANLIB = @ac_ct_RANLIB@
ac_ct_STRIP = @ac_ct_STRIP@
am__fastdepCC_FALSE = @am__fastdepCC_FALSE@
am__fastdepCC_TRUE = @am__fastdepCC_TRUE@
am__fastdepCXX_FALSE = @am__fastdepCXX_FALSE@
am__fastdepCXX_TRUE = @am__fastdepCXX_TRUE@
am__include = @am__include@
am__leading_dot = @am__leading_dot@
am__quote = @am__quote@
am__tar = @am__tar@
am__untar = @am__untar@
bindir = @bindir@
build = @build@
build_alias = @build_alias@
build_cpu = @build_cpu@
build_os = @build_os@
build_vendor = @build_vendor@
datadir = @datadir@
exec_prefix = @exec_prefix@
host = @host@
host_alias = @host_alias@
host_cpu = @host_cpu@
host_os = @host_os@
host_vendor = @host_vendor@
includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
libdir = @libdir@
libexecdir = @libexecdir@
localstatedir = @localstatedir@
mandir = @mandir@
mkdir_p = @mkdir_p@
oldincludedir = @oldincludedir@
prefix = @prefix@
program_transform_name = @program_transform_name@
sbindir = @sbindir@
sharedstatedir = @sharedstatedir@
sysconfdir = @sysconfdir@
target_alias = @target_alias@
INCLUDES = -I$(top_srcdir)
auditfilterd_SOURCES = auditfilterd_conf.c auditfilterd.c
auditfilterd_LDADD = $(top_builddir)/libbsm/libbsm.la
man8_MANS = auditfilterd.8
all: all-am
.SUFFIXES:
.SUFFIXES: .c .lo .o .obj
$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps)
@for dep in $?; do \
case '$(am__configure_deps)' in \
*$$dep*) \
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
&& exit 0; \
exit 1;; \
esac; \
done; \
echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign bin/auditfilterd/Makefile'; \
cd $(top_srcdir) && \
$(AUTOMAKE) --foreign bin/auditfilterd/Makefile
.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
*) \
echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
esac;
$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
install-sbinPROGRAMS: $(sbin_PROGRAMS)
@$(NORMAL_INSTALL)
test -z "$(sbindir)" || $(mkdir_p) "$(DESTDIR)$(sbindir)"
@list='$(sbin_PROGRAMS)'; for p in $$list; do \
p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \
if test -f $$p \
|| test -f $$p1 \
; then \
f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \
echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(sbindir)/$$f'"; \
$(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(sbindir)/$$f" || exit 1; \
else :; fi; \
done
uninstall-sbinPROGRAMS:
@$(NORMAL_UNINSTALL)
@list='$(sbin_PROGRAMS)'; for p in $$list; do \
f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \
echo " rm -f '$(DESTDIR)$(sbindir)/$$f'"; \
rm -f "$(DESTDIR)$(sbindir)/$$f"; \
done
clean-sbinPROGRAMS:
@list='$(sbin_PROGRAMS)'; for p in $$list; do \
f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \
echo " rm -f $$p $$f"; \
rm -f $$p $$f ; \
done
auditfilterd$(EXEEXT): $(auditfilterd_OBJECTS) $(auditfilterd_DEPENDENCIES)
@rm -f auditfilterd$(EXEEXT)
$(LINK) $(auditfilterd_LDFLAGS) $(auditfilterd_OBJECTS) $(auditfilterd_LDADD) $(LIBS)
mostlyclean-compile:
-rm -f *.$(OBJEXT)
distclean-compile:
-rm -f *.tab.c
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/auditfilterd.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/auditfilterd_conf.Po@am__quote@
.c.o:
@am__fastdepCC_TRUE@ if $(COMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ $<; \
@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Po"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi
@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@ $(COMPILE) -c $<
.c.obj:
@am__fastdepCC_TRUE@ if $(COMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ `$(CYGPATH_W) '$<'`; \
@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Po"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi
@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
.c.lo:
@am__fastdepCC_TRUE@ if $(LTCOMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ $<; \
@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Plo"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi
@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
mostlyclean-libtool:
-rm -f *.lo
clean-libtool:
-rm -rf .libs _libs
distclean-libtool:
-rm -f libtool
uninstall-info-am:
install-man8: $(man8_MANS) $(man_MANS)
@$(NORMAL_INSTALL)
test -z "$(man8dir)" || $(mkdir_p) "$(DESTDIR)$(man8dir)"
@list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
for i in $$l2; do \
case "$$i" in \
*.8*) list="$$list $$i" ;; \
esac; \
done; \
for i in $$list; do \
if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
else file=$$i; fi; \
ext=`echo $$i | sed -e 's/^.*\\.//'`; \
case "$$ext" in \
8*) ;; \
*) ext='8' ;; \
esac; \
inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
inst=`echo $$inst | sed -e 's/^.*\///'`; \
inst=`echo $$inst | sed '$(transform)'`.$$ext; \
echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \
$(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \
done
uninstall-man8:
@$(NORMAL_UNINSTALL)
@list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
for i in $$l2; do \
case "$$i" in \
*.8*) list="$$list $$i" ;; \
esac; \
done; \
for i in $$list; do \
ext=`echo $$i | sed -e 's/^.*\\.//'`; \
case "$$ext" in \
8*) ;; \
*) ext='8' ;; \
esac; \
inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
inst=`echo $$inst | sed -e 's/^.*\///'`; \
inst=`echo $$inst | sed '$(transform)'`.$$ext; \
echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \
rm -f "$(DESTDIR)$(man8dir)/$$inst"; \
done
ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
mkid -fID $$unique
tags: TAGS
TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
$(TAGS_FILES) $(LISP)
tags=; \
here=`pwd`; \
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
test -n "$$unique" || unique=$$empty_fix; \
$(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
$$tags $$unique; \
fi
ctags: CTAGS
CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
$(TAGS_FILES) $(LISP)
tags=; \
here=`pwd`; \
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
test -z "$(CTAGS_ARGS)$$tags$$unique" \
|| $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
$$tags $$unique
GTAGS:
here=`$(am__cd) $(top_builddir) && pwd` \
&& cd $(top_srcdir) \
&& gtags -i $(GTAGS_ARGS) $$here
distclean-tags:
-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
distdir: $(DISTFILES)
@srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \
topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \
list='$(DISTFILES)'; for file in $$list; do \
case $$file in \
$(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \
$(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \
esac; \
if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \
if test "$$dir" != "$$file" && test "$$dir" != "."; then \
dir="/$$dir"; \
$(mkdir_p) "$(distdir)$$dir"; \
else \
dir=''; \
fi; \
if test -d $$d/$$file; then \
if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
fi; \
cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
else \
test -f $(distdir)/$$file \
|| cp -p $$d/$$file $(distdir)/$$file \
|| exit 1; \
fi; \
done
check-am: all-am
check: check-am
all-am: Makefile $(PROGRAMS) $(MANS)
installdirs:
for dir in "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(man8dir)"; do \
test -z "$$dir" || $(mkdir_p) "$$dir"; \
done
install: install-am
install-exec: install-exec-am
install-data: install-data-am
uninstall: uninstall-am
install-am: all-am
@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
installcheck: installcheck-am
install-strip:
$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
`test -z '$(STRIP)' || \
echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
mostlyclean-generic:
clean-generic:
distclean-generic:
-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
maintainer-clean-generic:
@echo "This command is intended for maintainers to use"
@echo "it deletes files that may require special tools to rebuild."
clean: clean-am
clean-am: clean-generic clean-libtool clean-sbinPROGRAMS \
mostlyclean-am
distclean: distclean-am
-rm -rf ./$(DEPDIR)
-rm -f Makefile
distclean-am: clean-am distclean-compile distclean-generic \
distclean-libtool distclean-tags
dvi: dvi-am
dvi-am:
html: html-am
info: info-am
info-am:
install-data-am: install-man
install-exec-am: install-sbinPROGRAMS
install-info: install-info-am
install-man: install-man8
installcheck-am:
maintainer-clean: maintainer-clean-am
-rm -rf ./$(DEPDIR)
-rm -f Makefile
maintainer-clean-am: distclean-am maintainer-clean-generic
mostlyclean: mostlyclean-am
mostlyclean-am: mostlyclean-compile mostlyclean-generic \
mostlyclean-libtool
pdf: pdf-am
pdf-am:
ps: ps-am
ps-am:
uninstall-am: uninstall-info-am uninstall-man uninstall-sbinPROGRAMS
uninstall-man: uninstall-man8
.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
clean-libtool clean-sbinPROGRAMS ctags distclean \
distclean-compile distclean-generic distclean-libtool \
distclean-tags distdir dvi dvi-am html html-am info info-am \
install install-am install-data install-data-am install-exec \
install-exec-am install-info install-info-am install-man \
install-man8 install-sbinPROGRAMS install-strip installcheck \
installcheck-am installdirs maintainer-clean \
maintainer-clean-generic mostlyclean mostlyclean-compile \
mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
tags uninstall uninstall-am uninstall-info-am uninstall-man \
uninstall-man8 uninstall-sbinPROGRAMS
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
.NOEXPORT:

77
contrib/openbsm/bin/auditfilterd/auditfilterd.8 Normal file
View File

@ -0,0 +1,77 @@
.\"-
.\" Copyright (c) 2006 Robert N. M. Watson
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $P4: //depot/projects/trustedbsd/openbsm/bin/auditfilterd/auditfilterd.8#2 $
.\"
.Dd March 27, 2006
.Dt AUDITFILTERD 8
.Os
.Sh NAME
.Nm auditfilterd
.Nd audit filter daemon
.Sh SYNOPSIS
.Nm auditfilterd
.Op Fl d
.Op Fl c Ar conffile
.Op Fl t Ar trailfile
.Sh DESCRIPTION
The
.Nm
daemon is an extensible audit event monitoring daemon, allowing pluggable
modules to track audit events from a live audit source.
It is configured using the
.Xr audit_filter 5
configuration file.
.Pp
The options are as follows:
.Bl -tag -width Ds
.It Fl d
Starts the daemon in debug mode - it will not daemonize.
.It Fl c Ar conffile
Specify an alternative configuration file.
.It Fl t Ar trailfile
Specify an alternative source of audit event records.
.El
.Sh FILES
.Bl -tag -width "/etc/security/audit_filterd" -compact
.It Pa /etc/security/audit_filterd
Default configuration file for
.Nm .
.It Pa /dev/auditpipe
Default audit record source for
.Nm .
.El
.Sh SEE ALSO
.Xr audit 8 ,
.Xr auditd 8
.Sh AUTHORS
The
.Nm
daemon and audit filter APIs were created by Robert Watson.
.Sh HISTORY
The OpenBSM implementation was created by McAfee Research, the security
division of McAfee Inc., under contract to Apple Computer Inc. in 2004.
It was subsequently adopted by the TrustedBSD Project as the foundation for
the OpenBSM distribution.

341
contrib/openbsm/bin/auditfilterd/auditfilterd.c Normal file
View File

@ -0,0 +1,341 @@
/*-
* Copyright (c) 2006 Robert N. M. Watson
* All rights reserved.
*
* This software was developed by Robert Watson for the TrustedBSD Project.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditfilterd/auditfilterd.c#6 $
*/
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/time.h>
#include <config/config.h>
#ifdef HAVE_FULL_QUEUE_H
#include <sys/queue.h>
#else
#include <compat/queue.h>
#endif
#include <bsm/libbsm.h>
#include <bsm/audit_filter.h>
#include <err.h>
#include <fcntl.h>
#include <signal.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include "auditfilterd.h"
/*
* Global list of registered filters.
*/
struct auditfilter_module_list filter_list;
/*
* Configuration and signal->main flags.
*/
int debug; /* Debugging mode requested, don't detach. */
int reread_config; /* SIGHUP has been received. */
int quit; /* SIGQUIT/TERM/INT has been received. */
static void
usage(void)
{
fprintf(stderr, "auditfilterd [-c conffile] [-d] [-p pipefile]"
" [-t trailfile]\n");
fprintf(stderr, " -c Specify configuration file (default: %s)\n",
AUDITFILTERD_CONFFILE);
fprintf(stderr, " -d Debugging mode, don't daemonize\n");
fprintf(stderr, " -p Specify pipe file (default: %s)\n",
AUDITFILTERD_PIPEFILE);
fprintf(stderr, " -t Specify audit trail file (default: none)\n");
exit(-1);
}
static void
auditfilterd_init(void)
{
TAILQ_INIT(&filter_list);
}
static void
signal_handler(int signum)
{
switch (signum) {
case SIGHUP:
reread_config++;
break;
case SIGINT:
case SIGTERM:
case SIGQUIT:
quit++;
break;
}
}
/*
* Present raw BSM to a set of registered and interested filters.
*/
static void
present_bsmrecord(struct timespec *ts, u_char *data, u_int len)
{
struct auditfilter_module *am;
TAILQ_FOREACH(am, &filter_list, am_list) {
if (am->am_bsmrecord != NULL)
(am->am_bsmrecord)(am->am_instance, ts, data, len);
}
}
/*
* Parse the BSM into a set of tokens, which will be pased to registered
* and interested filters.
*/
#define MAX_TOKENS 128 /* Maximum tokens we handle per record. */
static void
present_tokens(struct timespec *ts, u_char *data, u_int len)
{
struct auditfilter_module *am;
tokenstr_t tokens[MAX_TOKENS];
u_int bytesread;
int tokencount;
tokencount = 0;
while (bytesread < len) {
if (au_fetch_tok(&tokens[tokencount], data + bytesread,
len - bytesread) == -1)
break;
bytesread += tokens[tokencount].len;
tokencount++;
}
TAILQ_FOREACH(am, &filter_list, am_list) {
if (am->am_record != NULL)
(am->am_record)(am->am_instance, ts, tokencount,
tokens);
}
}
/*
* The main loop spins pulling records out of the record source and passing
* them to modules for processing.
*/
static void
mainloop_file(const char *conffile, const char *trailfile, FILE *trail_fp)
{
struct timespec ts;
FILE *conf_fp;
u_char *buf;
int reclen;
while (1) {
/*
* On SIGHUP, we reread the configuration file and reopen
* the trail file.
*/
if (reread_config) {
reread_config = 0;
warnx("rereading configuration");
conf_fp = fopen(conffile, "r");
if (conf_fp == NULL)
err(-1, "%s", conffile);
auditfilterd_conf(conffile, conf_fp);
fclose(conf_fp);
fclose(trail_fp);
trail_fp = fopen(trailfile, "r");
if (trail_fp == NULL)
err(-1, "%s", trailfile);
}
if (quit) {
warnx("quitting");
break;
}
/*
* For now, be relatively unrobust about incomplete records,
* but in the future will want to do better. Need to look
* more at the right blocking and signal behavior here.
*/
reclen = au_read_rec(trail_fp, &buf);
if (reclen == -1)
continue;
if (clock_gettime(CLOCK_REALTIME, &ts) < 0)
err(-1, "clock_gettime");
present_bsmrecord(&ts, buf, reclen);
present_tokens(&ts, buf, reclen);
free(buf);
}
}
/*
* The main loop spins pulling records out of the record source and passing
* them to modules for processing. This version of the function accepts
* discrete record input from a file descriptor, as opposed to buffered input
* from a file stream.
*/
static void
mainloop_pipe(const char *conffile, const char *pipefile, int pipe_fd)
{
u_char record[MAX_AUDIT_RECORD_SIZE];
struct timespec ts;
FILE *conf_fp;
int reclen;
while (1) {
/*
* On SIGHUP, we reread the configuration file. Unlike with
* a trail file, we don't reopen the pipe, as we don't want
* to miss records which will be flushed if we do.
*/
if (reread_config) {
reread_config = 0;
warnx("rereading configuration");
conf_fp = fopen(conffile, "r");
if (conf_fp == NULL)
err(-1, "%s", conffile);
auditfilterd_conf(conffile, conf_fp);
fclose(conf_fp);
}
if (quit) {
warnx("quitting");
break;
}
/*
* For now, be relatively unrobust about incomplete records,
* but in the future will want to do better. Need to look
* more at the right blocking and signal behavior here.
*/
reclen = read(pipe_fd, record, MAX_AUDIT_RECORD_SIZE);
if (reclen < 0)
continue;
if (clock_gettime(CLOCK_REALTIME, &ts) < 0)
err(-1, "clock_gettime");
present_bsmrecord(&ts, record, reclen);
present_tokens(&ts, record, reclen);
}
}
int
main(int argc, char *argv[])
{
const char *pipefile, *trailfile, *conffile;
FILE *trail_fp, *conf_fp;
struct stat sb;
int pipe_fd;
int ch;
conffile = AUDITFILTERD_CONFFILE;
trailfile = NULL;
pipefile = NULL;
while ((ch = getopt(argc, argv, "c:dp:t:")) != -1) {
switch (ch) {
case 'c':
conffile = optarg;
break;
case 'd':
debug++;
break;
case 't':
if (trailfile != NULL || pipefile != NULL)
usage();
trailfile = optarg;
break;
case 'p':
if (pipefile != NULL || trailfile != NULL)
usage();
pipefile = optarg;
break;
default:
usage();
}
}
argc -= optind;
argv += optind;
if (argc != 0)
usage();
/*
* We allow only one of a pipe or a trail to be used. If none is
* specified, we provide a default pipe path.
*/
if (pipefile == NULL && trailfile == NULL)
pipefile = AUDITFILTERD_PIPEFILE;
if (pipefile != NULL) {
pipe_fd = open(pipefile, O_RDONLY);
if (pipe_fd < 0)
err(-1, "open:%s", pipefile);
if (fstat(pipe_fd, &sb) < 0)
err(-1, "stat: %s", pipefile);
if (!S_ISCHR(sb.st_mode))
errx(-1, "fstat: %s not device", pipefile);
} else {
trail_fp = fopen(trailfile, "r");
if (trail_fp == NULL)
err(-1, "%s", trailfile);
}
conf_fp = fopen(conffile, "r");
if (conf_fp == NULL)
err(-1, "%s", conffile);
auditfilterd_init();
if (auditfilterd_conf(conffile, conf_fp) < 0)
exit(-1);
fclose(conf_fp);
if (!debug) {
if (daemon(0, 0) < 0)
err(-1, "daemon");
}
signal(SIGHUP, signal_handler);
signal(SIGINT, signal_handler);
signal(SIGQUIT, signal_handler);
signal(SIGTERM, signal_handler);
if (pipefile != NULL)
mainloop_pipe(conffile, pipefile, pipe_fd);
else
mainloop_file(conffile, trailfile, trail_fp);
auditfilterd_conf_shutdown();
return (0);
}

79
contrib/openbsm/bin/auditfilterd/auditfilterd.h Normal file
View File

@ -0,0 +1,79 @@
/*-
* Copyright (c) 2006 Robert N. M. Watson
* All rights reserved.
*
* This software was developed by Robert Watson for the TrustedBSD Project.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditfilterd/auditfilterd.h#3 $
*/
#define AUDITFILTERD_CONFFILE "/etc/security/audit_filter"
#define AUDITFILTERD_PIPEFILE "/dev/auditpipe"
/*
* Limit on the number of arguments that can appear in an audit_filterd
* configuration line.
*/
#define AUDITFILTERD_CONF_MAXARGS 256
/*
* Data structure description each instantiated module.
*/
struct auditfilter_module {
/*
* Fields from configuration file and dynamic linker.
*/
char *am_modulename;
char *am_arg_buffer;
int am_argc;
char **am_argv;
void *am_dlhandle;
/*
* Fields provided by or extracted from the module.
*/
void *am_instance;
audit_filter_attach_t am_attach;
audit_filter_reinit_t am_reinit;
audit_filter_record_t am_record;
audit_filter_bsmrecord_t am_bsmrecord;
audit_filter_detach_t am_detach;
/*
* Fields for maintaining the list of modules.
*/
TAILQ_ENTRY(auditfilter_module) am_list;
};
TAILQ_HEAD(auditfilter_module_list, auditfilter_module);
/*
* List of currently registered modules.
*/
extern struct auditfilter_module_list filter_list;
/*
* Function definitions.
*/
int auditfilterd_conf(const char *filename, FILE *fp);
void auditfilterd_conf_shutdown(void);

485
contrib/openbsm/bin/auditfilterd/auditfilterd_conf.c Normal file
View File

@ -0,0 +1,485 @@
/*-
* Copyright (c) 2006 Robert N. M. Watson
* All rights reserved.
*
* This software was developed by Robert Watson for the TrustedBSD Project.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditfilterd/auditfilterd_conf.c#3 $
*/
/*
* Configuration file parser for auditfilterd. The configuration file is a
* very simple format, similar to other BSM configuration files, consisting
* of configuration entries of one line each. The configuration function is
* aware of previous runs, and will update the current configuration as
* needed.
*
* Modules are in one of two states: attached, or detached. If attach fails,
* detach is not called because it was not attached. If a module is attached
* and a call to its reinit method fails, we will detach it.
*/
#include <sys/types.h>
#include <config/config.h>
#ifdef HAVE_FULL_QUEUE_H
#include <sys/queue.h>
#else
#include <compat/queue.h>
#endif
#include <bsm/libbsm.h>
#include <bsm/audit_filter.h>
#include <dlfcn.h>
#include <err.h>
#include <errno.h>
#include <limits.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "auditfilterd.h"
/*
* Free an individual auditfilter_module structure. Will not shut down the
* module, just frees the memory. Does so conditional on pointers being
* non-NULL so that it can be used on partially allocated structures.
*/
static void
auditfilter_module_free(struct auditfilter_module *am)
{
if (am->am_modulename != NULL)
free(am->am_modulename);
if (am->am_arg_buffer != NULL)
free(am->am_arg_buffer);
if (am->am_argv != NULL)
free(am->am_argv);
}
/*
* Free all memory associated with an auditfilter_module list. Does not
* dlclose() or shut down the modules, just free the memory. Use
* auditfilter_module_list_detach() for that, if required.
*/
static void
auditfilter_module_list_free(struct auditfilter_module_list *list)
{
struct auditfilter_module *am;
while (!(TAILQ_EMPTY(list))) {
am = TAILQ_FIRST(list);
TAILQ_REMOVE(list, am, am_list);
auditfilter_module_free(am);
}
}
/*
* Detach an attached module from an auditfilter_module structure. Does not
* free the data structure itself.
*/
static void
auditfilter_module_detach(struct auditfilter_module *am)
{
if (am->am_detach != NULL)
am->am_detach(am->am_instance);
am->am_instance = NULL;
(void)dlclose(am->am_dlhandle);
am->am_dlhandle = NULL;
}
/*
* Walk an auditfilter_module list, detaching each module. Intended to be
* combined with auditfilter_module_list_free().
*/
static void
auditfilter_module_list_detach(struct auditfilter_module_list *list)
{
struct auditfilter_module *am;
TAILQ_FOREACH(am, list, am_list)
auditfilter_module_detach(am);
}
/*
* Given a filled out auditfilter_module, use dlopen() and dlsym() to attach
* the module. If we fail, leave fields in the state we found them.
*
* XXXRW: Need a better way to report errors.
*/
static int
auditfilter_module_attach(struct auditfilter_module *am)
{
am->am_dlhandle = dlopen(am->am_modulename, RTLD_NOW);
if (am->am_dlhandle == NULL) {
warnx("auditfilter_module_attach: %s: %s", am->am_modulename,
dlerror());
return (-1);
}
/*
* Not implementing these is not considered a failure condition,
* although we might want to consider warning if obvious stuff is
* not implemented, such as am_record.
*/
am->am_attach = dlsym(am->am_dlhandle, AUDIT_FILTER_ATTACH_STRING);
am->am_reinit = dlsym(am->am_dlhandle, AUDIT_FILTER_REINIT_STRING);
am->am_record = dlsym(am->am_dlhandle, AUDIT_FILTER_RECORD_STRING);
am->am_bsmrecord = dlsym(am->am_dlhandle,
AUDIT_FILTER_BSMRECORD_STRING);
am->am_detach = dlsym(am->am_dlhandle, AUDIT_FILTER_DETACH_STRING);
if (am->am_attach != NULL) {
if (am->am_attach(&am->am_instance, am->am_argc, am->am_argv)
!= AUDIT_FILTER_SUCCESS) {
warnx("auditfilter_module_attach: %s: failed",
am->am_modulename);
dlclose(am->am_dlhandle);
am->am_dlhandle = NULL;
am->am_attach = NULL;
am->am_reinit = NULL;
am->am_record = NULL;
am->am_bsmrecord = NULL;
am->am_detach = NULL;
return (-1);
}
}
return (0);
}
/*
* When the arguments for a module are changed, we notify the module through
* a call to its reinit method, if any. Return 0 on success, or -1 on
* failure.
*/
static int
auditfilter_module_reinit(struct auditfilter_module *am)
{
if (am->am_reinit == NULL)
return (0);
if (am->am_reinit(&am->am_instance, am->am_argc, am->am_argv) !=
AUDIT_FILTER_SUCCESS) {
warnx("auditfilter_module_reinit: %s: failed",
am->am_modulename);
return (-1);
}
return (0);
}
/*
* Given a configuration line, generate an auditfilter_module structure that
* describes it; caller will not pass comments in, so they are not looked
* for. Do not attempt to instantiate it. Will destroy the contents of
* 'buffer'.
*
* Configuration lines consist of two parts: the module name and arguments
* separated by a ':', and then a ','-delimited list of arguments.
*
* XXXRW: Need to decide where to send the warning output -- stderr for now.
*/
struct auditfilter_module *
auditfilter_module_parse(const char *filename, int linenumber, char *buffer)
{
char *arguments, *module, **ap;
struct auditfilter_module *am;
am = malloc(sizeof(*am));
if (am == NULL) {
warn("auditfilter_module_parse: %s:%d", filename, linenumber);
return (NULL);
}
bzero(am, sizeof(*am));
/*
* First, break out the module and arguments strings. We look for
* one extra argument to make sure there are no more :'s in the line.
* That way, we prevent modules from using argument strings that, in
* the future, may cause problems for adding additional columns.
*/
arguments = buffer;
module = strsep(&arguments, ":");
if (module == NULL || arguments == NULL) {
warnx("auditfilter_module_parse: %s:%d: parse error",
filename, linenumber);
return (NULL);
}
am->am_modulename = strdup(module);
if (am->am_modulename == NULL) {
warn("auditfilter_module_parse: %s:%d", filename, linenumber);
auditfilter_module_free(am);
return (NULL);
}
am->am_arg_buffer = strdup(buffer);
if (am->am_arg_buffer == NULL) {
warn("auditfilter_module_parse: %s:%d", filename, linenumber);
auditfilter_module_free(am);
return (NULL);
}
/*
* Now, break out the arguments string into a series of arguments.
* This is a bit more complicated, and requires cleanup if things go
* wrong.
*/
am->am_argv = malloc(sizeof(char *) * AUDITFILTERD_CONF_MAXARGS);
if (am->am_argv == NULL) {
warn("auditfilter_module_parse: %s:%d", filename, linenumber);
auditfilter_module_free(am);
return (NULL);
}
bzero(am->am_argv, sizeof(char *) * AUDITFILTERD_CONF_MAXARGS);
am->am_argc = 0;
for (ap = am->am_argv; (*ap = strsep(&arguments, " \t")) != NULL;) {
if (**ap != '\0') {
am->am_argc++;
if (++ap >= &am->am_argv[AUDITFILTERD_CONF_MAXARGS])
break;
}
}
if (ap >= &am->am_argv[AUDITFILTERD_CONF_MAXARGS]) {
warnx("auditfilter_module_parse: %s:%d: too many arguments",
filename, linenumber);
auditfilter_module_free(am);
return (NULL);
}
return (am);
}
/*
* Read a configuration file, and populate 'list' with the configuration
* lines. Does not attempt to instantiate the configuration, just read it
* into a useful set of data structures.
*/
static int
auditfilterd_conf_read(const char *filename, FILE *fp,
struct auditfilter_module_list *list)
{
int error, linenumber, syntaxerror;
struct auditfilter_module *am;
char buffer[LINE_MAX];
syntaxerror = 0;
linenumber = 0;
while (!feof(fp) && !ferror(fp)) {
if (fgets(buffer, LINE_MAX, fp) == NULL)
break;
linenumber++;
if (buffer[0] == '#' || strlen(buffer) < 1)
continue;
buffer[strlen(buffer)-1] = '\0';
am = auditfilter_module_parse(filename, linenumber, buffer);
if (am == NULL) {
syntaxerror = 1;
break;
}
TAILQ_INSERT_HEAD(list, am, am_list);
}
/*
* File I/O error.
*/
if (ferror(fp)) {
error = errno;
auditfilter_module_list_free(list);
errno = error;
return (-1);
}
/*
* Syntax error.
*/
if (syntaxerror) {
auditfilter_module_list_free(list);
errno = EINVAL;
return (-1);
}
return (0);
}
/*
* Apply changes necessary to bring a new configuration into force. The new
* configuration data is passed in, and the current configuration is updated
* to match it. The contents of 'list' are freed or otherwise disposed of
* before return.
*
* The algorithms here are not very efficient, but this is an infrequent
* operation on very short lists.
*/
static void
auditfilterd_conf_apply(struct auditfilter_module_list *list)
{
struct auditfilter_module *am1, *am2, *am_tmp;
int argc_tmp, found;
char **argv_tmp;
/*
* First, remove remove and detach any entries that appear in the
* current configuration, but not the new configuration.
*/
TAILQ_FOREACH_SAFE(am1, &filter_list, am_list, am_tmp) {
found = 0;
TAILQ_FOREACH(am2, list, am_list) {
if (strcmp(am1->am_modulename, am2->am_modulename)
== 0) {
found = 1;
break;
}
}
if (found)
continue;
/*
* am1 appears in filter_list, but not the new list, detach
* and free the module.
*/
warnx("detaching module %s", am1->am_modulename);
TAILQ_REMOVE(&filter_list, am1, am_list);
auditfilter_module_detach(am1);
auditfilter_module_free(am1);
}
/*
* Next, update the configuration of any modules that appear in both
* lists. We do this by swapping the two argc and argv values and
* freeing the new one, rather than detaching the old one and
* attaching the new one. That way module state is preserved.
*/
TAILQ_FOREACH(am1, &filter_list, am_list) {
found = 0;
TAILQ_FOREACH(am2, list, am_list) {
if (strcmp(am1->am_modulename, am2->am_modulename)
== 0) {
found = 1;
break;
}
}
if (!found)
continue;
/*
* Swap the arguments.
*/
argc_tmp = am1->am_argc;
argv_tmp = am1->am_argv;
am1->am_argc = am2->am_argc;
am1->am_argv = am2->am_argv;
am2->am_argc = argc_tmp;
am2->am_argv = argv_tmp;
/*
* The reinit is a bit tricky: if reinit fails, we actually
* remove the old entry and detach that, as we don't allow
* running modules to be out of sync with the configuration
* file.
*/
warnx("reiniting module %s", am1->am_modulename);
if (auditfilter_module_reinit(am1) != 0) {
warnx("reinit failed for module %s, detaching",
am1->am_modulename);
TAILQ_REMOVE(&filter_list, am1, am_list);
auditfilter_module_detach(am1);
auditfilter_module_free(am1);
}
/*
* Free the entry from the new list, which will discard the
* old arguments. No need to detach, as it was never
* attached in the first place.
*/
TAILQ_REMOVE(list, am2, am_list);
auditfilter_module_free(am2);
}
/*
* Finally, attach any new entries that don't appear in the old
* configuration, and if they attach successfully, move them to the
* real configuration list.
*/
TAILQ_FOREACH(am1, list, am_list) {
found = 0;
TAILQ_FOREACH(am2, &filter_list, am_list) {
if (strcmp(am1->am_modulename, am2->am_modulename)
== 0) {
found = 1;
break;
}
}
if (found)
continue;
/*
* Attach the entry. If it succeeds, add to filter_list,
* otherwise, free. No need to detach if attach failed.
*/
warnx("attaching module %s", am1->am_modulename);
TAILQ_REMOVE(list, am1, am_list);
if (auditfilter_module_attach(am1) != 0) {
warnx("attaching module %s failed",
am1->am_modulename);
auditfilter_module_free(am1);
} else
TAILQ_INSERT_HEAD(&filter_list, am1, am_list);
}
if (TAILQ_FIRST(list) != NULL)
warnx("auditfilterd_conf_apply: new list not empty\n");
}
/*
* Read the new configuration file into a local list. If the configuration
* file is parsed OK, then apply the changes.
*/
int
auditfilterd_conf(const char *filename, FILE *fp)
{
struct auditfilter_module_list list;
TAILQ_INIT(&list);
if (auditfilterd_conf_read(filename, fp, &list) < 0)
return (-1);
auditfilterd_conf_apply(&list);
return (0);
}
/*
* Detach and free all active filter modules for daemon shutdown.
*/
void
auditfilterd_conf_shutdown(void)
{
auditfilter_module_list_detach(&filter_list);
auditfilter_module_list_free(&filter_list);
}

7
contrib/openbsm/bin/auditreduce/auditreduce.c
View File

@ -26,7 +26,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditreduce/auditreduce.c#13 $
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditreduce/auditreduce.c#14 $
*/
/*
@ -42,11 +42,12 @@
#include <bsm/libbsm.h>
#include <err.h>
#include <grp.h>
#include <pwd.h>
#include <stdio.h>
#include <stdlib.h>
#include <sysexits.h>
#include <grp.h>
#include <pwd.h>
#include <string.h>
#include <time.h>
#include <unistd.h>

3
contrib/openbsm/bsm/Makefile.am
View File

@ -1,11 +1,12 @@
#
# $P4: //depot/projects/trustedbsd/openbsm/bsm/Makefile.am#1 $
# $P4: //depot/projects/trustedbsd/openbsm/bsm/Makefile.am#2 $
#
openbsmdir = $(includedir)/bsm
openbsm_HEADERS = \
audit.h \
audit_filter.h \
audit_internal.h \
audit_kevents.h \
audit_record.h \

3
contrib/openbsm/bsm/Makefile.in
View File

@ -15,7 +15,7 @@
@SET_MAKE@
#
# $P4: //depot/projects/trustedbsd/openbsm/bsm/Makefile.in#3 $
# $P4: //depot/projects/trustedbsd/openbsm/bsm/Makefile.in#4 $
#
srcdir = @srcdir@
@ -168,6 +168,7 @@ target_alias = @target_alias@
openbsmdir = $(includedir)/bsm
openbsm_HEADERS = \
audit.h \
audit_filter.h \
audit_internal.h \
audit_kevents.h \
audit_record.h \

6
contrib/openbsm/bsm/audit.h
View File

@ -30,7 +30,7 @@
*
* @APPLE_BSD_LICENSE_HEADER_END@
*
* $P4: //depot/projects/trustedbsd/openbsm/bsm/audit.h#15 $
* $P4: //depot/projects/trustedbsd/openbsm/bsm/audit.h#16 $
*/
#ifndef _BSM_AUDIT_H
@ -264,11 +264,11 @@ struct audit_stat {
unsigned int as_version;
unsigned int as_numevent;
int as_generated;
int as_nonattring;
int as_nonattrib;
int as_kernel;
int as_audit;
int as_auditctl;
int as_enqueu;
int as_enqueue;
int as_written;
int as_wblocked;
int as_rblocked;

77
contrib/openbsm/bsm/audit_filter.h Normal file
View File

@ -0,0 +1,77 @@
/*-
* Copyright (c) 2006 Robert N. M. Watson
* All rights reserved.
*
* This software was developed by Robert Watson for the TrustedBSD Project.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $P4: //depot/projects/trustedbsd/openbsm/bsm/audit_filter.h#2 $
*/
#ifndef _BSM_AUDIT_FILTER_H_
#define _BSM_AUDIT_FILTER_H_
/*
* Module interface for audit filter modules.
*
* audit_filter_attach_t - filter module is being attached with arguments
* audit_filter_reinit_t - arguments to module have changed
* audit_filter_record_t - present parsed record to filter module, with
* receipt time
* audit_filter_bsmrecord_t - present bsm format record to filter module,
* with receipt time
* audit_filter_destach_t - filter module is being detached
*
* There may be many instances of the same filter, identified by the instance
* void pointer maintained by the filter instance.
*/
typedef int (*audit_filter_attach_t)(void **instance, int argc, char *argv[]);
typedef int (*audit_filter_reinit_t)(void *instance, int argc, char *argv[]);
typedef void (*audit_filter_record_t)(void *instance, struct timespec *ts,
int token_count, const tokenstr_t tok[]);
typedef void (*audit_filter_bsmrecord_t)(void *instance, struct timespec *ts,
void *data, u_int len);
typedef void (*audit_filter_detach_t)(void *instance);
/*
* Values to be returned by audit_filter_init_t.
*/
#define AUDIT_FILTER_SUCCESS (0)
#define AUDIT_FILTER_FAILURE (-1)
/*
* Standard name for filter module initialization functions, which will be
* found using dlsym().
*/
#define AUDIT_FILTER_ATTACH audit_filter_attach
#define AUDIT_FILTER_REINIT audit_filter_reinit
#define AUDIT_FILTER_RECORD audit_filter_record
#define AUDIT_FILTER_BSMRECORD audit_filter_bsmrecord
#define AUDIT_FILTER_DETACH audit_filter_detach
#define AUDIT_FILTER_ATTACH_STRING "audit_filter_attach"
#define AUDIT_FILTER_REINIT_STRING "audit_filter_reinit"
#define AUDIT_FILTER_RECORD_STRING "audit_filter_record"
#define AUDIT_FILTER_BSMRECORD_STRING "audit_filter_bsmrecord"
#define AUDIT_FILTER_DETACH_STRING "audit_filter_detach"
#endif /* !_BSM_AUDIT_FILTER_H_ */

36
contrib/openbsm/bsm/audit_record.h
View File

@ -30,23 +30,15 @@
*
* @APPLE_BSD_LICENSE_HEADER_END@
*
* $P4: //depot/projects/trustedbsd/openbsm/bsm/audit_record.h#14 $
* $P4: //depot/projects/trustedbsd/openbsm/bsm/audit_record.h#17 $
*/
#ifndef _BSM_AUDIT_RECORD_H_
#define _BSM_AUDIT_RECORD_H_
/* Various token id types */
/*
* Values inside the comments are not documented in the BSM pages and
* have been picked up from the header files
* Token type identifiers.
*/
/*
* Values marked as XXX do not have a value defined in the BSM header files
*/
#define AUT_INVALID 0x00
#define AUT_OTHER_FILE32 0x11
#define AUT_OHEADER 0x12
@ -187,13 +179,19 @@
/* data-types for the arbitrary token */
#define AUR_BYTE 0
#define AUR_CHAR AUR_BYTE
#define AUR_SHORT 1
#define AUR_LONG 2
#define AUR_INT32 2
#define AUR_INT AUR_INT
#define AUR_INT64 3
/* ... and their sizes */
#define AUR_BYTE_SIZE sizeof(u_char)
#define AUR_CHAR_SIZE AUR_BYTE_SIZE
#define AUR_SHORT_SIZE sizeof(uint16_t)
#define AUR_LONG_SIZE sizeof(uint32_t)
#define AUR_INT32_SIZE sizeof(uint32_t)
#define AUR_INT_SIZE AUR_INT32_SIZE
#define AUR_INT64_SIZE sizeof(uint64_t)
/* Modifiers for the header token */
#define PAD_NOTATTR 0x4000 /* nonattributable event */
@ -230,24 +228,18 @@ int au_open(void);
int au_write(int d, token_t *m);
int au_close(int d, int keep, short event);
int au_close_buffer(int d, short event, u_char *buffer, size_t *buflen);
int au_close_token(token_t *tok, u_char *buffer, size_t *buflen);
#if defined(KERNEL) || defined(_KERNEL)
token_t *au_to_file(char *file, struct timeval tm);
#else
token_t *au_to_file(char *file);
#endif
#if defined(KERNEL) || defined(_KERNEL)
token_t *au_to_header(int rec_size, au_event_t e_type, au_emod_t e_mod,
token_t *au_to_header32_tm(int rec_size, au_event_t e_type, au_emod_t e_mod,
struct timeval tm);
token_t *au_to_header32(int rec_size, au_event_t e_type, au_emod_t e_mod,
struct timeval tm);
#else
#if !defined(KERNEL) && !defined(_KERNEL)
token_t *au_to_header(int rec_size, au_event_t e_type, au_emod_t e_mod);
token_t *au_to_header32(int rec_size, au_event_t e_type, au_emod_t e_mod);
token_t *au_to_header64(int rec_size, au_event_t e_type, au_emod_t e_mod);
#endif
token_t *au_to_header64(int rec_size, au_event_t e_type, au_emod_t e_mod);
token_t *au_to_me(void);
token_t *au_to_arg(char n, char *text, uint32_t v);
token_t *au_to_arg32(char n, char *text, uint32_t v);

5
contrib/openbsm/bsm/libbsm.h
View File

@ -26,7 +26,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
* $P4: //depot/projects/trustedbsd/openbsm/bsm/libbsm.h#18 $
* $P4: //depot/projects/trustedbsd/openbsm/bsm/libbsm.h#20 $
*/
#ifndef _LIBBSM_H_
@ -695,6 +695,9 @@ struct tokenstr {
typedef struct tokenstr tokenstr_t;
int audit_submit(short au_event, au_id_t auid,
char status, int reterr, const char *fmt, ...);
/*
* Functions relating to querying audit class information.
*/

3
contrib/openbsm/config/config.h.in
View File

@ -42,9 +42,6 @@
/* Define if ipc_perm.__seq instead of seq */
#undef HAVE_IPC_PERM___SEQ
/* Define to 1 if you have the `bsm' library (-lbsm). */
#undef HAVE_LIBBSM
/* Define to 1 if you have the <machine/endian.h> header file. */
#undef HAVE_MACHINE_ENDIAN_H

251
contrib/openbsm/configure vendored
View File

@ -1,7 +1,7 @@
#! /bin/sh
# From configure.ac P4: //depot/projects/trustedbsd/openbsm/configure.ac#15 .
# From configure.ac P4: //depot/projects/trustedbsd/openbsm/configure.ac#22 .
# Guess values for system-dependent variables and create Makefiles.
# Generated by GNU Autoconf 2.59 for OpenBSM 1.0a5.
# Generated by GNU Autoconf 2.59 for OpenBSM 1.0a6.
#
# Report bugs to <trustedbsd-audit@TrustesdBSD.org>.
#
@ -424,8 +424,8 @@ SHELL=${CONFIG_SHELL-/bin/sh}
# Identity of this package.
PACKAGE_NAME='OpenBSM'
PACKAGE_TARNAME='openbsm'
PACKAGE_VERSION='1.0a5'
PACKAGE_STRING='OpenBSM 1.0a5'
PACKAGE_VERSION='1.0a6'
PACKAGE_STRING='OpenBSM 1.0a6'
PACKAGE_BUGREPORT='trustedbsd-audit@TrustesdBSD.org'
ac_unique_file="bin/auditreduce/auditreduce.c"
@ -955,7 +955,7 @@ if test "$ac_init_help" = "long"; then
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
\`configure' configures OpenBSM 1.0a5 to adapt to many kinds of systems.
\`configure' configures OpenBSM 1.0a6 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@ -1021,7 +1021,7 @@ fi
if test -n "$ac_init_help"; then
case $ac_init_help in
short | recursive ) echo "Configuration of OpenBSM 1.0a5:";;
short | recursive ) echo "Configuration of OpenBSM 1.0a6:";;
esac
cat <<\_ACEOF
@ -1162,7 +1162,7 @@ fi
test -n "$ac_init_help" && exit 0
if $ac_init_version; then
cat <<\_ACEOF
OpenBSM configure 1.0a5
OpenBSM configure 1.0a6
generated by GNU Autoconf 2.59
Copyright (C) 2003 Free Software Foundation, Inc.
@ -1176,7 +1176,7 @@ cat >&5 <<_ACEOF
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
It was created by OpenBSM $as_me 1.0a5, which was
It was created by OpenBSM $as_me 1.0a6, which was
generated by GNU Autoconf 2.59. Invocation command line was
$ $0 $@
@ -19278,7 +19278,7 @@ fi
# Define the identity of the package.
PACKAGE=OpenBSM
VERSION=1.0a5
VERSION=1.0a6
cat >>confdefs.h <<_ACEOF
@ -19627,16 +19627,13 @@ fi
# Checks for libraries.
# FIXME: Replace `main' with a function in `-lbsm':
echo "$as_me:$LINENO: checking for main in -lbsm" >&5
echo $ECHO_N "checking for main in -lbsm... $ECHO_C" >&6
if test "${ac_cv_lib_bsm_main+set}" = set; then
echo "$as_me:$LINENO: checking for library containing dlsym" >&5
echo $ECHO_N "checking for library containing dlsym... $ECHO_C" >&6
if test "${ac_cv_search_dlsym+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
ac_check_lib_save_LIBS=$LIBS
LIBS="-lbsm $LIBS"
ac_func_search_save_LIBS=$LIBS
ac_cv_search_dlsym=no
cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
@ -19644,11 +19641,17 @@ cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
/* Override any gcc2 internal prototype to avoid an error. */
#ifdef __cplusplus
extern "C"
#endif
/* We use char because int might match the return type of a gcc2
builtin and then its argument prototype would still apply. */
char dlsym ();
int
main ()
{
main ();
dlsym ();
;
return 0;
}
@ -19675,25 +19678,204 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; }; then
ac_cv_lib_bsm_main=yes
ac_cv_search_dlsym="none required"
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
ac_cv_lib_bsm_main=no
fi
rm -f conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
LIBS=$ac_check_lib_save_LIBS
fi
echo "$as_me:$LINENO: result: $ac_cv_lib_bsm_main" >&5
echo "${ECHO_T}$ac_cv_lib_bsm_main" >&6
if test $ac_cv_lib_bsm_main = yes; then
cat >>confdefs.h <<_ACEOF
#define HAVE_LIBBSM 1
if test "$ac_cv_search_dlsym" = no; then
for ac_lib in dl; do
LIBS="-l$ac_lib $ac_func_search_save_LIBS"
cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
LIBS="-lbsm $LIBS"
/* Override any gcc2 internal prototype to avoid an error. */
#ifdef __cplusplus
extern "C"
#endif
/* We use char because int might match the return type of a gcc2
builtin and then its argument prototype would still apply. */
char dlsym ();
int
main ()
{
dlsym ();
;
return 0;
}
_ACEOF
rm -f conftest.$ac_objext conftest$ac_exeext
if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
(eval $ac_link) 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); } &&
{ ac_try='test -z "$ac_c_werror_flag"
|| test ! -s conftest.err'
{ (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
(eval $ac_try) 2>&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; } &&
{ ac_try='test -s conftest$ac_exeext'
{ (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
(eval $ac_try) 2>&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; }; then
ac_cv_search_dlsym="-l$ac_lib"
break
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
fi
rm -f conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
done
fi
LIBS=$ac_func_search_save_LIBS
fi
echo "$as_me:$LINENO: result: $ac_cv_search_dlsym" >&5
echo "${ECHO_T}$ac_cv_search_dlsym" >&6
if test "$ac_cv_search_dlsym" != no; then
test "$ac_cv_search_dlsym" = "none required" || LIBS="$ac_cv_search_dlsym $LIBS"
fi
echo "$as_me:$LINENO: checking for library containing clock_gettime" >&5
echo $ECHO_N "checking for library containing clock_gettime... $ECHO_C" >&6
if test "${ac_cv_search_clock_gettime+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
ac_func_search_save_LIBS=$LIBS
ac_cv_search_clock_gettime=no
cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
/* Override any gcc2 internal prototype to avoid an error. */
#ifdef __cplusplus
extern "C"
#endif
/* We use char because int might match the return type of a gcc2
builtin and then its argument prototype would still apply. */
char clock_gettime ();
int
main ()
{
clock_gettime ();
;
return 0;
}
_ACEOF
rm -f conftest.$ac_objext conftest$ac_exeext
if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
(eval $ac_link) 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); } &&
{ ac_try='test -z "$ac_c_werror_flag"
|| test ! -s conftest.err'
{ (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
(eval $ac_try) 2>&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; } &&
{ ac_try='test -s conftest$ac_exeext'
{ (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
(eval $ac_try) 2>&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; }; then
ac_cv_search_clock_gettime="none required"
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
fi
rm -f conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
if test "$ac_cv_search_clock_gettime" = no; then
for ac_lib in rt; do
LIBS="-l$ac_lib $ac_func_search_save_LIBS"
cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
/* Override any gcc2 internal prototype to avoid an error. */
#ifdef __cplusplus
extern "C"
#endif
/* We use char because int might match the return type of a gcc2
builtin and then its argument prototype would still apply. */
char clock_gettime ();
int
main ()
{
clock_gettime ();
;
return 0;
}
_ACEOF
rm -f conftest.$ac_objext conftest$ac_exeext
if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
(eval $ac_link) 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); } &&
{ ac_try='test -z "$ac_c_werror_flag"
|| test ! -s conftest.err'
{ (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
(eval $ac_try) 2>&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; } &&
{ ac_try='test -s conftest$ac_exeext'
{ (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
(eval $ac_try) 2>&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; }; then
ac_cv_search_clock_gettime="-l$ac_lib"
break
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
fi
rm -f conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
done
fi
LIBS=$ac_func_search_save_LIBS
fi
echo "$as_me:$LINENO: result: $ac_cv_search_clock_gettime" >&5
echo "${ECHO_T}$ac_cv_search_clock_gettime" >&6
if test "$ac_cv_search_clock_gettime" != no; then
test "$ac_cv_search_clock_gettime" = "none required" || LIBS="$ac_cv_search_clock_gettime $LIBS"
fi
@ -22895,7 +23077,7 @@ else
fi
ac_config_files="$ac_config_files Makefile bin/Makefile bin/audit/Makefile bin/auditd/Makefile bin/auditreduce/Makefile bin/praudit/Makefile bsm/Makefile libbsm/Makefile man/Makefile tools/Makefile"
ac_config_files="$ac_config_files Makefile bin/Makefile bin/audit/Makefile bin/auditd/Makefile bin/auditfilterd/Makefile bin/auditreduce/Makefile bin/praudit/Makefile bsm/Makefile libbsm/Makefile modules/Makefile modules/auditfilter_noop/Makefile man/Makefile test/Makefile test/bsm/Makefile tools/Makefile"
cat >confcache <<\_ACEOF
@ -23295,7 +23477,7 @@ _ASBOX
} >&5
cat >&5 <<_CSEOF
This file was extended by OpenBSM $as_me 1.0a5, which was
This file was extended by OpenBSM $as_me 1.0a6, which was
generated by GNU Autoconf 2.59. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@ -23358,7 +23540,7 @@ _ACEOF
cat >>$CONFIG_STATUS <<_ACEOF
ac_cs_version="\\
OpenBSM config.status 1.0a5
OpenBSM config.status 1.0a6
configured by $0, generated by GNU Autoconf 2.59,
with options \\"`echo "$ac_configure_args" | sed 's/[\\""\`\$]/\\\\&/g'`\\"
@ -23472,11 +23654,16 @@ do
"bin/Makefile" ) CONFIG_FILES="$CONFIG_FILES bin/Makefile" ;;
"bin/audit/Makefile" ) CONFIG_FILES="$CONFIG_FILES bin/audit/Makefile" ;;
"bin/auditd/Makefile" ) CONFIG_FILES="$CONFIG_FILES bin/auditd/Makefile" ;;
"bin/auditfilterd/Makefile" ) CONFIG_FILES="$CONFIG_FILES bin/auditfilterd/Makefile" ;;
"bin/auditreduce/Makefile" ) CONFIG_FILES="$CONFIG_FILES bin/auditreduce/Makefile" ;;
"bin/praudit/Makefile" ) CONFIG_FILES="$CONFIG_FILES bin/praudit/Makefile" ;;
"bsm/Makefile" ) CONFIG_FILES="$CONFIG_FILES bsm/Makefile" ;;
"libbsm/Makefile" ) CONFIG_FILES="$CONFIG_FILES libbsm/Makefile" ;;
"modules/Makefile" ) CONFIG_FILES="$CONFIG_FILES modules/Makefile" ;;
"modules/auditfilter_noop/Makefile" ) CONFIG_FILES="$CONFIG_FILES modules/auditfilter_noop/Makefile" ;;
"man/Makefile" ) CONFIG_FILES="$CONFIG_FILES man/Makefile" ;;
"test/Makefile" ) CONFIG_FILES="$CONFIG_FILES test/Makefile" ;;
"test/bsm/Makefile" ) CONFIG_FILES="$CONFIG_FILES test/bsm/Makefile" ;;
"tools/Makefile" ) CONFIG_FILES="$CONFIG_FILES tools/Makefile" ;;
"depfiles" ) CONFIG_COMMANDS="$CONFIG_COMMANDS depfiles" ;;
"config/config.h" ) CONFIG_HEADERS="$CONFIG_HEADERS config/config.h" ;;

14
contrib/openbsm/configure.ac
View File

@ -2,8 +2,8 @@
# Process this file with autoconf to produce a configure script.
AC_PREREQ(2.59)
AC_INIT([OpenBSM], [1.0a5], [trustedbsd-audit@TrustesdBSD.org],[openbsm])
AC_REVISION([$P4: //depot/projects/trustedbsd/openbsm/configure.ac#16 $])
AC_INIT([OpenBSM], [1.0a6], [trustedbsd-audit@TrustesdBSD.org],[openbsm])
AC_REVISION([$P4: //depot/projects/trustedbsd/openbsm/configure.ac#22 $])
AC_CONFIG_SRCDIR([bin/auditreduce/auditreduce.c])
AC_CONFIG_AUX_DIR(config)
AC_CONFIG_HEADER([config/config.h])
@ -16,9 +16,8 @@ AC_PROG_LIBTOOL
AM_INIT_AUTOMAKE(AC_PACKAGE_NAME, AC_PACKAGE_VERSION)
# Checks for libraries.
# FIXME: Replace `main' with a function in `-lbsm':
AC_CHECK_LIB([bsm], [main])
AC_SEARCH_LIBS(dlsym, dl)
AC_SEARCH_LIBS(clock_gettime, rt)
# Checks for header files.
AC_HEADER_STDC
@ -99,11 +98,16 @@ AC_CONFIG_FILES([Makefile
bin/Makefile
bin/audit/Makefile
bin/auditd/Makefile
bin/auditfilterd/Makefile
bin/auditreduce/Makefile
bin/praudit/Makefile
bsm/Makefile
libbsm/Makefile
modules/Makefile
modules/auditfilter_noop/Makefile
man/Makefile
test/Makefile
test/bsm/Makefile
tools/Makefile])
AC_OUTPUT

5
contrib/openbsm/etc/audit_filter Normal file
View File

@ -0,0 +1,5 @@
#
# $P4: //depot/projects/trustedbsd/openbsm/etc/audit_filter#1 $
#
# modulename:various arguments here
#

3
contrib/openbsm/libbsm/Makefile.am
View File

@ -1,5 +1,5 @@
#
# $P4: //depot/projects/trustedbsd/openbsm/libbsm/Makefile.am#2 $
# $P4: //depot/projects/trustedbsd/openbsm/libbsm/Makefile.am#3 $
#
INCLUDES = -I$(top_srcdir)
@ -30,6 +30,7 @@ man3_MANS = \
au_free_token.3 \
au_io.3 \
au_mask.3 \
au_open.3 \
au_token.3 \
au_user.3 \
libbsm.3

3
contrib/openbsm/libbsm/Makefile.in
View File

@ -15,7 +15,7 @@
@SET_MAKE@
#
# $P4: //depot/projects/trustedbsd/openbsm/libbsm/Makefile.in#3 $
# $P4: //depot/projects/trustedbsd/openbsm/libbsm/Makefile.in#4 $
#
srcdir = @srcdir@
@ -204,6 +204,7 @@ man3_MANS = \
au_free_token.3 \
au_io.3 \
au_mask.3 \
au_open.3 \
au_token.3 \
au_user.3 \
libbsm.3

149
contrib/openbsm/libbsm/au_open.3 Normal file
View File

@ -0,0 +1,149 @@
.\"-
.\" Copyright (c) 2006 Robert N. M. Watson
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_open.3#4 $
.\"
.Dd March 4, 2006
.Dt AU_OPEN 3
.Os
.Sh NAME
.Nm au_open ,
.Nm au_write ,
.Nm au_close ,
.Nm au_close_buffer
.Nd "Create and commit audit records"
.Sh LIBRARY
.Lb libbsm
.Sh SYNOPSIS
.In libbsm.h
.Ft int
.Fn au_open "void"
.Ft int
.Fn au_write "int d" "token_t *tok"
.Ft int
.Fn au_close "int d" "int keep" "short event"
.Ft int
.Fn au_close_buffer "int d" "short event" "u_char *buffer" "size_t *buflen"
.Ft int
.Fn au_close_token "token_t *tok" "u_char *buffer" "size_t *buflen"
.Sh DESCRIPTION
These interfaces allow applications to allocate audit records, construct a
record using a series of tokens, and commit the audit record to the system
event log.
An extension API is also provided to commit the record to an in-memory
buffer rather than the system audit log.
.Pp
The
.Fn au_open
interface allocates a new audit record descriptor.
.Pp
The
.Fn au_write
interface adds a token to an allocated audit descriptor.
When a token has been successfully added to a record, the caller no longer
owns the token memory, and does not need to free it directly via a call to
.Xr au_free_token 3 .
.Pp
The
.Fn au_close
function is used to commit an audit record to the system audit log, or
abandon the record.
In either cases, all resources associated with the record will be released.
The
.Va keep
argument determines the behavior: a value of
.Dv AU_TO_WRITE
causes the record to be committed; a value of
.Dv AU_TO_NO_WRITE
causes it to be abandoned.
When the audit record is committed, a BSM header will be inserted before
tokens added to the record, using the event identifier passed via
.Va event ,
and a trailer added to the end.
Committing a record to the system audit log requires privilege.
.Pp
The
.Fn au_close_buffer
function writes the resulting record to an in-memory buffer of size
.Va *buflen ;
it will write back the filled buffer length into the same variable.
The argument
.Va short
is the event identifier to use in the record header.
.Pp
The
.Fn au_close_token
function generates the BSM stream output for a single token,
.Va tok ,
in the passed buffer
.Va buffer .
The initial buffer size and resulting data size are passed via
.Va *buflen .
.Fn au_close_token
will free the token before returning.
.Sh RETURN VALUES
The function
.Fn au_open
returns a non-negative audit record descriptor number on success, or a
negative value on failure, along with error information in
.Va errno .
.Pp
The functions
.Fn au_write ,
.Fn au_close ,
.Fn au_close_buffer ,
and
.Fn au_close_token
return 0 on success, or a negative value on failure, along with error
information in
.Va errno .
.Sh SEE ALSO
.Xr libbsm 3
.Sh AUTHORS
This software was created by Robert Watson, Wayne Salamon, and Suresh
Krishnaswamy for McAfee Research, the security research division of McAfee,
Inc., under contract to Apple Computer, Inc.
.Pp
The Basic Security Module (BSM) interface to audit records and audit event
stream format were defined by Sun Microsystems.
.Sh HISTORY
The OpenBSM implementation was created by McAfee Research, the security
division of McAfee Inc., under contract to Apple Computer, Inc., in 2004.
It was subsequently adopted by the TrustedBSD Project as the foundation for
the OpenBSM distribution.
.Sh BUGS
Currently,
.Fn au_open
does not reserve kernel resources necessary to commit the record to the
trail; on systems supporting
.Fn au_close ,
the call will block until resources are available to commit the record.
However, this leads to the possibility of an action being permitted without
the record being guaranteed to go to disk.
Ideally,
.Fn au_open
would reserve resources necessary to commit any submitted record, releasing
them on
.Fn au_close .

15
contrib/openbsm/libbsm/au_token.3
View File

@ -23,7 +23,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_token.3#5 $
.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_token.3#7 $
.\"
.Dd April 19, 2005
.Dt AU_TOKEN 3
@ -57,9 +57,6 @@
.Nm au_to_return64 ,
.Nm au_to_return ,
.Nm au_to_seq ,
.Nm au_to_socket ,
.Nm au_to_socket_ex_32 ,
.Nm au_to_socket_ex_128 ,
.Nm au_to_sock_inet32 ,
.Nm au_to_sock_inet128 ,
.Nm au_to_sock_inet ,
@ -116,9 +113,7 @@
.Ft token_t *
.Fn au_to_opaque "char *data" "u_int64_t bytes"
.Ft token_t *
.Fn au_to_file "char *file"
.Ft token_t *
.Fn au_to_file "char *file"
.Fn au_to_file "char *file" "struct timeval tm"
.Ft token_t *
.Fn au_to_text "char *text"
.Ft token_t *
@ -140,12 +135,6 @@
.Ft token_t *
.Fn au_to_seq "long audit_count"
.Ft token_t *
.Fn au_to_socket "struct socket *so"
.Ft token_t *
.Fn au_to_socket_ex_32 "struct socket *so"
.Ft token_t *
.Fn au_to_socket_ex_128 "struct socket *so"
.Ft token_t *
.Fn au_to_sock_inet32 "struct sockaddr_in *so"
.Ft token_t *
.Fn au_to_sock_inet128 "struct sockaddr_in6 *so"

126
contrib/openbsm/libbsm/audit_submit.3 Normal file
View File

@ -0,0 +1,126 @@
.\"
.\" Copyright (c) 2006 Christian S.J. Peron
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\"
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of Apple Computer, Inc. ("Apple") nor the names of
.\" its contributors may be used to endorse or promote products derived
.\" from this software without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR
.\" ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
.\" IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
.\" POSSIBILITY OF SUCH DAMAGE.
.\"
.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/audit_submit.3#8 $
.\"
.Dd May 29, 2006
.Dt audit_submit 3
.Os
.Sh NAME
.Nm audit_submit
.Nd general purpose audit record submission
.Sh LIBRARY
.Lb libbsm
.Sh SYNOPSIS
.In stdio.h
.Ft int
.Fn audit_submit "short au_event" "au_id_t auid" "char status" "int reterr" "const char * restrict format" ...
.Sh DESCRIPTION
The
.Nm
function provides a generic programming interface for audit record submission.
This audit record will contain a header, subject token, an optional text token,
return token, and a trailer.
The header will contain the event class specified by
.Fa au_event .
The subject token will be generated based on
.Fa au_ctx .
The return token is dependant on the
.Fa status
and
.Fa reterr
arguments.
Optionally, a text token will be created as a part of this record.
.Pp
Text token output is under the control of a
.Fa format
string that specifies how subsequent arguments (or arguments accessed via the
variable-length argument facilities of
.Xr stdarg 3 )
are converted for output.
If
.Fa format
is NULL, then no text token is created in the audit record.
.Pp
It should be noted that
.Nm
assumes that
.Xr setaudit 2 ,
or
.Xr setaudit_addr 2
has already been called.
As a direct result, the terminal ID for the
subject will be retrieved from the kernel via
.Xr getaudit 2 ,
or
.Xr getaudit_addr 2 .
.Sh EXAMPLES
.Bd -literal -offset indent
#include <bsm/audit.h>
#include <bsm/libbsm.h>
#include <bsm/audit_uevents.h>
#include <stdio.h>
#include <stdarg.h>
#include <errno.h>
int
audit_bad_su(char *from_login, char *to_login)
{
int error;
error = audit_submit(AUE_su, getuid(), 1, EPERM,
"bad su from %s to %s", from_login, to_login);
return (error);
}
.Ed
.Pp
Will generate the following audit record:
.Bd -literal -offset indent
header,94,1,su(1),0,Mon Apr 17 23:23:59 2006, + 271 msec
subject,root,root,wheel,root,wheel,652,652,0,0.0.0.0
text,bad su from from csjp to root
return,failure : Operation not permitted,1
trailer,94
.Ed
.Sh SEE ALSO
.Xr auditon 2 ,
.Xr getaudit 2 ,
.Xr libbsm 3 ,
.Xr stdarg 3
.Sh HISTORY
The
.Nm
function first appeared in OpenBSM version 1.0.
OpenBSM 1.0 was introduced in FreeBSD 7.0.
.Sh AUTHORS
The
.Nm
function was written by
.An Christian S.J. Peron Aq csjp@FreeBSD.org .

26
contrib/openbsm/libbsm/bsm_audit.c
View File

@ -30,7 +30,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
* $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_audit.c#22 $
* $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_audit.c#26 $
*/
#include <sys/types.h>
@ -280,12 +280,11 @@ au_close(int d, int keep, short event)
return (-1); /* Invalid descriptor */
}
if (!keep) {
if (keep == AU_TO_NO_WRITE) {
retval = 0;
goto cleanup;
}
tot_rec_size = rec->len + BSM_HEADER_SIZE + BSM_TRAILER_SIZE;
if (tot_rec_size > MAX_AUDIT_RECORD_SIZE) {
@ -361,3 +360,24 @@ au_close_buffer(int d, short event, u_char *buffer, size_t *buflen)
au_teardown(rec);
return (retval);
}
/*
* au_close_token() returns the byte format of a token_t. This won't
* generally be used by applications, but is quite useful for writing test
* tools. Will free the token on either success or failure.
*/
int
au_close_token(token_t *tok, u_char *buffer, size_t *buflen)
{
if (tok->len > *buflen) {
au_free_token(tok);
errno = ENOMEM;
return (EINVAL);
}
memcpy(buffer, tok->t_data, tok->len);
*buflen = tok->len;
au_free_token(tok);
return (0);
}

98
contrib/openbsm/libbsm/bsm_io.c
View File

@ -31,7 +31,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
* $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_io.c#34 $
* $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_io.c#37 $
*/
#include <sys/types.h>
@ -893,6 +893,7 @@ fetch_arb_tok(tokenstr_t *tok, char *buf, int len)
*/
switch(tok->tt.arb.bu) {
case AUR_BYTE:
/* case AUR_CHAR: */
datasize = AUR_BYTE_SIZE;
break;
@ -900,8 +901,13 @@ fetch_arb_tok(tokenstr_t *tok, char *buf, int len)
datasize = AUR_SHORT_SIZE;
break;
case AUR_LONG:
datasize = AUR_LONG_SIZE;
case AUR_INT32:
/* case AUR_INT: */
datasize = AUR_INT32_SIZE;
break;
case AUR_INT64:
datasize = AUR_INT64_SIZE;
break;
default:
@ -962,6 +968,7 @@ print_arb_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
print_delim(fp, del);
switch(tok->tt.arb.bu) {
case AUR_BYTE:
/* case AUR_CHAR: */
str = "byte";
size = AUR_BYTE_SIZE;
print_string(fp, str, strlen(str));
@ -979,23 +986,36 @@ print_arb_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
print_delim(fp, del);
print_1_byte(fp, tok->tt.arb.uc, "%u");
print_delim(fp, del);
for (i = 0; i<tok->tt.arb.uc; i++)
for (i = 0; i < tok->tt.arb.uc; i++)
fprintf(fp, format, *((u_int16_t *)(tok->tt.arb.data +
(size * i))));
break;
case AUR_LONG:
case AUR_INT32:
/* case AUR_INT: */
str = "int";
size = AUR_LONG_SIZE;
size = AUR_INT32_SIZE;
print_string(fp, str, strlen(str));
print_delim(fp, del);
print_1_byte(fp, tok->tt.arb.uc, "%u");
print_delim(fp, del);
for (i = 0; i<tok->tt.arb.uc; i++)
for (i = 0; i < tok->tt.arb.uc; i++)
fprintf(fp, format, *((u_int32_t *)(tok->tt.arb.data +
(size * i))));
break;
case AUR_INT64:
str = "int64";
size = AUR_INT64_SIZE;
print_string(fp, str, strlen(str));
print_delim(fp, del);
print_1_byte(fp, tok->tt.arb.uc, "%u");
print_delim(fp, del);
for (i = 0; i < tok->tt.arb.uc; i++)
fprintf(fp, format, *((u_int64_t *)(tok->tt.arb.data +
(size * i))));
break;
default:
return;
}
@ -1336,7 +1356,8 @@ fetch_inaddr_tok(tokenstr_t *tok, char *buf, int len)
{
int err = 0;
READ_TOKEN_U_INT32(buf, len, tok->tt.inaddr.addr, tok->len, err);
READ_TOKEN_BYTES(buf, len, &tok->tt.inaddr.addr, sizeof(uint32_t),
tok->len, err);
if (err)
return (-1);
@ -1410,15 +1431,18 @@ fetch_ip_tok(tokenstr_t *tok, char *buf, int len)
if (err)
return (-1);
READ_TOKEN_U_INT16(buf, len, tok->tt.ip.len, tok->len, err);
READ_TOKEN_BYTES(buf, len, &tok->tt.ip.len, sizeof(uint16_t),
tok->len, err);
if (err)
return (-1);
READ_TOKEN_U_INT16(buf, len, tok->tt.ip.id, tok->len, err);
READ_TOKEN_BYTES(buf, len, &tok->tt.ip.id, sizeof(uint16_t),
tok->len, err);
if (err)
return (-1);
READ_TOKEN_U_INT16(buf, len, tok->tt.ip.offset, tok->len, err);
READ_TOKEN_BYTES(buf, len, &tok->tt.ip.offset, sizeof(uint16_t),
tok->len, err);
if (err)
return (-1);
@ -1430,7 +1454,8 @@ fetch_ip_tok(tokenstr_t *tok, char *buf, int len)
if (err)
return (-1);
READ_TOKEN_U_INT16(buf, len, tok->tt.ip.chksm, tok->len, err);
READ_TOKEN_BYTES(buf, len, &tok->tt.ip.chksm, sizeof(uint16_t),
tok->len, err);
if (err)
return (-1);
@ -1458,17 +1483,17 @@ print_ip_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
print_delim(fp, del);
print_mem(fp, (u_char *)(&tok->tt.ip.tos), sizeof(u_char));
print_delim(fp, del);
print_2_bytes(fp, tok->tt.ip.len, "%u");
print_2_bytes(fp, ntohs(tok->tt.ip.len), "%u");
print_delim(fp, del);
print_2_bytes(fp, tok->tt.ip.id, "%u");
print_2_bytes(fp, ntohs(tok->tt.ip.id), "%u");
print_delim(fp, del);
print_2_bytes(fp, tok->tt.ip.offset, "%u");
print_2_bytes(fp, ntohs(tok->tt.ip.offset), "%u");
print_delim(fp, del);
print_mem(fp, (u_char *)(&tok->tt.ip.ttl), sizeof(u_char));
print_delim(fp, del);
print_mem(fp, (u_char *)(&tok->tt.ip.prot), sizeof(u_char));
print_delim(fp, del);
print_2_bytes(fp, tok->tt.ip.chksm, "%u");
print_2_bytes(fp, ntohs(tok->tt.ip.chksm), "%u");
print_delim(fp, del);
print_ip_address(fp, tok->tt.ip.src);
print_delim(fp, del);
@ -1582,7 +1607,8 @@ fetch_iport_tok(tokenstr_t *tok, char *buf, int len)
{
int err = 0;
READ_TOKEN_U_INT16(buf, len, tok->tt.iport.port, tok->len, err);
READ_TOKEN_BYTES(buf, len, &tok->tt.iport.port, sizeof(uint16_t),
tok->len, err);
if (err)
return (-1);
@ -1596,7 +1622,7 @@ print_iport_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
print_tok_type(fp, tok->id, "ip port", raw);
print_delim(fp, del);
print_2_bytes(fp, tok->tt.iport.port, "%#x");
print_2_bytes(fp, ntohs(tok->tt.iport.port), "%#x");
}
/*
@ -1712,7 +1738,8 @@ fetch_process32_tok(tokenstr_t *tok, char *buf, int len)
if (err)
return (-1);
READ_TOKEN_U_INT32(buf, len, tok->tt.proc32.tid.addr, tok->len, err);
READ_TOKEN_BYTES(buf, len, &tok->tt.proc32.tid.addr,
sizeof(tok->tt.proc32.tid.addr), tok->len, err);
if (err)
return (-1);
@ -1931,7 +1958,8 @@ fetch_sock_inet32_tok(tokenstr_t *tok, char *buf, int len)
if (err)
return (-1);
READ_TOKEN_U_INT16(buf, len, tok->tt.sockinet32.port, tok->len, err);
READ_TOKEN_BYTES(buf, len, &tok->tt.sockinet32.port,
sizeof(uint16_t), tok->len, err);
if (err)
return (-1);
@ -1952,7 +1980,7 @@ print_sock_inet32_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
print_delim(fp, del);
print_2_bytes(fp, tok->tt.sockinet32.family, "%u");
print_delim(fp, del);
print_2_bytes(fp, tok->tt.sockinet32.port, "%u");
print_2_bytes(fp, ntohs(tok->tt.sockinet32.port), "%u");
print_delim(fp, del);
print_ip_address(fp, tok->tt.sockinet32.addr);
}
@ -1961,7 +1989,8 @@ print_sock_inet32_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
* socket family 2 bytes
* path 104 bytes
*/
static int fetch_sock_unix_tok(tokenstr_t *tok, char *buf, int len)
static int
fetch_sock_unix_tok(tokenstr_t *tok, char *buf, int len)
{
int err = 0;
@ -1997,7 +2026,8 @@ print_sock_unix_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
* remote port 2 bytes
* remote address 4 bytes
*/
static int fetch_socket_tok(tokenstr_t *tok, char *buf, int len)
static int
fetch_socket_tok(tokenstr_t *tok, char *buf, int len)
{
int err = 0;
@ -2005,7 +2035,8 @@ static int fetch_socket_tok(tokenstr_t *tok, char *buf, int len)
if (err)
return (-1);
READ_TOKEN_U_INT16(buf, len, tok->tt.socket.l_port, tok->len, err);
READ_TOKEN_BYTES(buf, len, &tok->tt.socket.l_port, sizeof(uint16_t),
tok->len, err);
if (err)
return (-1);
@ -2014,7 +2045,8 @@ static int fetch_socket_tok(tokenstr_t *tok, char *buf, int len)
if (err)
return (-1);
READ_TOKEN_U_INT16(buf, len, tok->tt.socket.r_port, tok->len, err);
READ_TOKEN_BYTES(buf, len, &tok->tt.socket.r_port, sizeof(uint16_t),
tok->len, err);
if (err)
return (-1);
@ -2035,11 +2067,11 @@ print_socket_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
print_delim(fp, del);
print_2_bytes(fp, tok->tt.socket.type, "%u");
print_delim(fp, del);
print_2_bytes(fp, tok->tt.socket.l_port, "%u");
print_2_bytes(fp, ntohs(tok->tt.socket.l_port), "%u");
print_delim(fp, del);
print_ip_address(fp, tok->tt.socket.l_addr);
print_delim(fp, del);
print_2_bytes(fp, tok->tt.socket.r_port, "%u");
print_2_bytes(fp, ntohs(tok->tt.socket.r_port), "%u");
print_delim(fp, del);
print_ip_address(fp, tok->tt.socket.r_addr);
}
@ -2359,8 +2391,8 @@ fetch_socketex32_tok(tokenstr_t *tok, char *buf, int len)
if (err)
return (-1);
READ_TOKEN_U_INT16(buf, len, tok->tt.socket_ex32.l_port, tok->len,
err);
READ_TOKEN_BYTES(buf, len, &tok->tt.socket_ex32.l_port,
sizeof(uint16_t), tok->len, err);
if (err)
return (-1);
@ -2374,8 +2406,8 @@ fetch_socketex32_tok(tokenstr_t *tok, char *buf, int len)
if (err)
return (-1);
READ_TOKEN_U_INT32(buf, len, tok->tt.socket_ex32.r_port, tok->len,
err);
READ_TOKEN_BYTES(buf, len, &tok->tt.socket_ex32.r_port,
sizeof(uint16_t), tok->len, err);
if (err)
return (-1);
@ -2401,11 +2433,11 @@ print_socketex32_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
print_delim(fp, del);
print_2_bytes(fp, tok->tt.socket_ex32.type, "%#x");
print_delim(fp, del);
print_2_bytes(fp, tok->tt.socket_ex32.l_port, "%#x");
print_2_bytes(fp, ntohs(tok->tt.socket_ex32.l_port), "%#x");
print_delim(fp, del);
print_ip_address(fp, tok->tt.socket_ex32.l_addr);
print_delim(fp, del);
print_4_bytes(fp, tok->tt.socket_ex32.r_port, "%#x");
print_4_bytes(fp, ntohs(tok->tt.socket_ex32.r_port), "%#x");
print_delim(fp, del);
print_ip_address(fp, tok->tt.socket_ex32.r_addr);
}

87
contrib/openbsm/libbsm/bsm_token.c
View File

@ -30,7 +30,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
* $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#43 $
* $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#47 $
*/
#include <sys/types.h>
@ -243,6 +243,7 @@ au_to_data(char unit_print, char unit_type, char unit_count, char *p)
/* Determine the size of the basic unit. */
switch (unit_type) {
case AUR_BYTE:
/* case AUR_CHAR: */
datasize = AUR_BYTE_SIZE;
break;
@ -250,8 +251,13 @@ au_to_data(char unit_print, char unit_type, char unit_count, char *p)
datasize = AUR_SHORT_SIZE;
break;
case AUR_LONG:
datasize = AUR_LONG_SIZE;
case AUR_INT32:
/* case AUR_INT: */
datasize = AUR_INT32_SIZE;
break;
case AUR_INT64:
datasize = AUR_INT64_SIZE;
break;
default:
@ -261,7 +267,7 @@ au_to_data(char unit_print, char unit_type, char unit_count, char *p)
totdata = datasize * unit_count;
GET_TOKEN_AREA(t, dptr, totdata + 4 * sizeof(u_char));
GET_TOKEN_AREA(t, dptr, 4 * sizeof(u_char) + totdata);
if (t == NULL)
return (NULL);
@ -341,12 +347,12 @@ au_to_in_addr(struct in_addr *internet_addr)
token_t *t;
u_char *dptr = NULL;
GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(u_int32_t));
GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(uint32_t));
if (t == NULL)
return (NULL);
ADD_U_CHAR(dptr, AUT_IN_ADDR);
ADD_U_INT32(dptr, internet_addr->s_addr);
ADD_MEM(dptr, &internet_addr->s_addr, sizeof(uint32_t));
return (t);
}
@ -363,13 +369,13 @@ au_to_in_addr_ex(struct in6_addr *internet_addr)
u_char *dptr = NULL;
u_int32_t type = AF_INET6;
GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 5 * sizeof(u_int32_t));
GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 5 * sizeof(uint32_t));
if (t == NULL)
return (NULL);
ADD_U_CHAR(dptr, AUT_IN_ADDR_EX);
ADD_U_INT32(dptr, type);
ADD_MEM(dptr, internet_addr, sizeof(*internet_addr));
ADD_MEM(dptr, internet_addr, 5 * sizeof(uint32_t));
return (t);
}
@ -528,23 +534,12 @@ au_to_opaque(char *data, u_int16_t bytes)
* file pathname N bytes + 1 terminating NULL byte
*/
token_t *
#if defined(KERNEL) || defined(_KERNEL)
au_to_file(char *file, struct timeval tm)
#else
au_to_file(char *file)
#endif
{
token_t *t;
u_char *dptr = NULL;
u_int16_t filelen;
u_int32_t timems;
#if !defined(KERNEL) && !defined(_KERNEL)
struct timeval tm;
struct timezone tzp;
if (gettimeofday(&tm, &tzp) == -1)
return (NULL);
#endif
filelen = strlen(file);
filelen += 1;
@ -650,7 +645,7 @@ au_to_process32(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, gid_t rgid,
ADD_U_INT32(dptr, pid);
ADD_U_INT32(dptr, sid);
ADD_U_INT32(dptr, tid->port);
ADD_U_INT32(dptr, tid->machine);
ADD_MEM(dptr, &tid->machine, sizeof(u_int32_t));
return (t);
}
@ -837,21 +832,28 @@ au_to_sock_inet32(struct sockaddr_in *so)
{
token_t *t;
u_char *dptr = NULL;
uint16_t family;
GET_TOKEN_AREA(t, dptr, 3 * sizeof(u_char) + sizeof(u_int16_t) +
sizeof(u_int32_t));
GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 2 * sizeof(uint16_t) +
sizeof(uint32_t));
if (t == NULL)
return (NULL);
ADD_U_CHAR(dptr, AUT_SOCKINET32);
/*
* In Darwin, sin_family is one octet, but BSM defines the token
* to store two. So we copy in a 0 first.
* BSM defines the family field as 16 bits, but many operating
* systems have an 8-bit sin_family field. Extend to 16 bits before
* writing into the token. Assume that both the port and the address
* in the sockaddr_in are already in network byte order, but family
* is in local byte order.
*
* XXXRW: Should a name space conversion be taking place on the value
* of sin_family?
*/
ADD_U_CHAR(dptr, 0);
ADD_U_CHAR(dptr, so->sin_family);
ADD_U_INT16(dptr, so->sin_port);
ADD_U_INT32(dptr, so->sin_addr.s_addr);
family = so->sin_family;
ADD_U_INT16(dptr, family);
ADD_MEM(dptr, &so->sin_port, sizeof(uint16_t));
ADD_MEM(dptr, &so->sin_addr.s_addr, sizeof(uint32_t));
return (t);
@ -877,7 +879,7 @@ au_to_sock_inet128(struct sockaddr_in6 *so)
ADD_U_CHAR(dptr, so->sin6_family);
ADD_U_INT16(dptr, so->sin6_port);
ADD_MEM(dptr, &so->sin6_addr, sizeof(so->sin6_addr));
ADD_MEM(dptr, &so->sin6_addr, 4 * sizeof(uint32_t));
return (t);
@ -923,7 +925,7 @@ au_to_subject32(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, gid_t rgid,
ADD_U_INT32(dptr, pid);
ADD_U_INT32(dptr, sid);
ADD_U_INT32(dptr, tid->port);
ADD_U_INT32(dptr, tid->machine);
ADD_MEM(dptr, &tid->machine, sizeof(u_int32_t));
return (t);
}
@ -1117,23 +1119,12 @@ au_to_exec_env(const char **env)
* milliseconds of time 4 bytes/8 bytes (32-bit/64-bit value)
*/
token_t *
#if defined(KERNEL) || defined(_KERNEL)
au_to_header32(int rec_size, au_event_t e_type, au_emod_t e_mod,
au_to_header32_tm(int rec_size, au_event_t e_type, au_emod_t e_mod,
struct timeval tm)
#else
au_to_header32(int rec_size, au_event_t e_type, au_emod_t e_mod)
#endif
{
token_t *t;
u_char *dptr = NULL;
u_int32_t timems;
#if !defined(KERNEL) && !defined(_KERNEL)
struct timeval tm;
struct timezone tzp;
if (gettimeofday(&tm, &tzp) == -1)
return (NULL);
#endif
GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(u_int32_t) +
sizeof(u_char) + 2 * sizeof(u_int16_t) + 2 * sizeof(u_int32_t));
@ -1154,6 +1145,17 @@ au_to_header32(int rec_size, au_event_t e_type, au_emod_t e_mod)
return (t);
}
#if !defined(KERNEL) && !defined(_KERNEL)
token_t *
au_to_header32(int rec_size, au_event_t e_type, au_emod_t e_mod)
{
struct timeval tm;
if (gettimeofday(&tm, NULL) == -1)
return (NULL);
return (au_to_header32_tm(rec_size, e_type, e_mod, tm));
}
token_t *
au_to_header64(__unused int rec_size, __unused au_event_t e_type,
__unused au_emod_t e_mod)
@ -1169,6 +1171,7 @@ au_to_header(int rec_size, au_event_t e_type, au_emod_t e_mod)
return (au_to_header32(rec_size, e_type, e_mod));
}
#endif
/*
* token ID 1 byte

127
contrib/openbsm/libbsm/bsm_wrappers.c
View File

@ -26,7 +26,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
* $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_wrappers.c#18 $
* $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_wrappers.c#23 $
*/
#ifdef __APPLE__
@ -46,6 +46,7 @@
#include <unistd.h>
#include <syslog.h>
#include <stdarg.h>
#include <string.h>
#include <errno.h>
@ -53,6 +54,115 @@
int audit_set_terminal_port(dev_t *p);
int audit_set_terminal_host(uint32_t *m);
/*
* General purpose audit submission mechanism for userspace.
*/
int
audit_submit(short au_event, au_id_t auid, char status,
int reterr, const char *fmt, ...)
{
char text[MAX_AUDITSTRING_LEN];
token_t *token;
long acond;
va_list ap;
pid_t pid;
int error, afd;
struct auditinfo ai;
if (auditon(A_GETCOND, &acond, sizeof(acond)) < 0) {
/*
* If auditon(2) returns ENOSYS, then audit has not been
* compiled into the kernel, so just return.
*/
if (errno == ENOSYS)
return (0);
error = errno;
syslog(LOG_AUTH | LOG_ERR, "audit: auditon failed: %s",
strerror(errno));
errno = error;
return (-1);
}
if (acond == AUC_NOAUDIT)
return (0);
afd = au_open();
if (afd < 0) {
error = errno;
syslog(LOG_AUTH | LOG_ERR, "audit: au_open failed: %s",
strerror(errno));
errno = error;
return (-1);
}
if (getaudit(&ai) < 0) {
error = errno;
syslog(LOG_AUTH | LOG_ERR, "audit: getaudit failed: %s",
strerror(errno));
errno = error;
return (-1);
}
pid = getpid();
token = au_to_subject32(auid, geteuid(), getegid(),
getuid(), getgid(), pid, pid, &ai.ai_termid);
if (token == NULL) {
syslog(LOG_AUTH | LOG_ERR,
"audit: unable to build subject token");
(void) au_close(afd, AU_TO_NO_WRITE, au_event);
errno = EPERM;
return (-1);
}
if (au_write(afd, token) < 0) {
error = errno;
syslog(LOG_AUTH | LOG_ERR,
"audit: au_write failed: %s", strerror(errno));
(void) au_close(afd, AU_TO_NO_WRITE, au_event);
errno = error;
return (-1);
}
if (fmt != NULL) {
va_start(ap, fmt);
(void) vsnprintf(text, MAX_AUDITSTRING_LEN, fmt, ap);
va_end(ap);
token = au_to_text(text);
if (token == NULL) {
syslog(LOG_AUTH | LOG_ERR,
"audit: failed to generate text token");
(void) au_close(afd, AU_TO_NO_WRITE, au_event);
errno = EPERM;
return (-1);
}
if (au_write(afd, token) < 0) {
error = errno;
syslog(LOG_AUTH | LOG_ERR,
"audit: au_write failed: %s", strerror(errno));
(void) au_close(afd, AU_TO_NO_WRITE, au_event);
errno = error;
return (-1);
}
}
token = au_to_return32(status, reterr);
if (token == NULL) {
syslog(LOG_AUTH | LOG_ERR,
"audit: enable to build return token");
(void) au_close(afd, AU_TO_NO_WRITE, au_event);
errno = EPERM;
return (-1);
}
if (au_write(afd, token) < 0) {
error = errno;
syslog(LOG_AUTH | LOG_ERR,
"audit: au_write failed: %s", strerror(errno));
(void) au_close(afd, AU_TO_NO_WRITE, au_event);
errno = error;
return (-1);
}
if (au_close(afd, AU_TO_WRITE, au_event) < 0) {
error = errno;
syslog(LOG_AUTH | LOG_ERR, "audit: record not committed");
errno = error;
return (-1);
}
return (0);
}
int
audit_set_terminal_port(dev_t *p)
{
@ -130,7 +240,7 @@ audit_set_terminal_id(au_tid_t *tid)
* tok = au_to_random_token_2(...);
* au_write(aufd, tok);
* ...
* au_close(aufd, 1, AUE_your_event_type);
* au_close(aufd, AU_TO_WRITE, AUE_your_event_type);
*
* Assumes, like all wrapper calls, that the caller has previously checked
* that auditing is enabled via the audit_get_state() call.
@ -156,7 +266,7 @@ audit_write(short event_code, token_t *subject, token_t *misctok, char retval,
if (subject && au_write(aufd, subject) == -1) {
au_free_token(subject);
au_free_token(misctok);
(void)au_close(aufd, 0, event_code);
(void)au_close(aufd, AU_TO_WRITE, event_code);
syslog(LOG_ERR, "%s: write of subject failed", func);
return (kAUWriteSubjectTokErr);
}
@ -164,31 +274,30 @@ audit_write(short event_code, token_t *subject, token_t *misctok, char retval,
/* Save the event-specific token. */
if (misctok && au_write(aufd, misctok) == -1) {
au_free_token(misctok);
(void)au_close(aufd, 0, event_code);
(void)au_close(aufd, AU_TO_NO_WRITE, event_code);
syslog(LOG_ERR, "%s: write of caller token failed", func);
return (kAUWriteCallerTokErr);
}
/* Tokenize and save the return value. */
if ((rettok = au_to_return32(retval, errcode)) == NULL) {
(void)au_close(aufd, 0, event_code);
(void)au_close(aufd, AU_TO_NO_WRITE, event_code);
syslog(LOG_ERR, "%s: au_to_return32() failed", func);
return (kAUMakeReturnTokErr);
}
if (au_write(aufd, rettok) == -1) {
au_free_token(rettok);
(void)au_close(aufd, 0, event_code);
(void)au_close(aufd, AU_TO_NO_WRITE, event_code);
syslog(LOG_ERR, "%s: write of return code failed", func);
return (kAUWriteReturnTokErr);
}
/*
* au_close()'s second argument is "keep": if keep == 0, the record is
* discarded. We assume the caller wouldn't have bothered with this
* We assume the caller wouldn't have bothered with this
* function if it hadn't already decided to keep the record.
*/
if (au_close(aufd, 1, event_code) < 0) {
if (au_close(aufd, AU_TO_WRITE, event_code) < 0) {
syslog(LOG_ERR, "%s: au_close() failed", func);
return (kAUCloseErr);
}

5
contrib/openbsm/libbsm/libbsm.3
View File

@ -23,7 +23,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/libbsm.3#4 $
.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/libbsm.3#5 $
.\"
.Dd April 19, 2005
.Dt LIBBSM 3
@ -158,9 +158,6 @@ representation.
.Xr au_to_return32 3 ,
.Xr au_to_return64 3 ,
.Xr au_to_seq 3 ,
.Xr au_to_socket 3 ,
.Xr au_to_socket_ex_32 3 ,
.Xr au_to_socket_ex_128 3 ,
.Xr au_to_sock_inet 3 ,
.Xr au_to_sock_inet32 3 ,
.Xr au_to_sock_inet128 3 ,

4
contrib/openbsm/man/auditctl.2
View File

@ -23,7 +23,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $P4: //depot/projects/trustedbsd/openbsm/man/auditctl.2#4 $
.\" $P4: //depot/projects/trustedbsd/openbsm/man/auditctl.2#5 $
.\"
.Dd April 19, 2005
.Dt AUDITCTL 2
@ -34,7 +34,7 @@
.Sh SYNOPSIS
.In bsm/audit.h
.Ft int
.Fn auditon "const char *path"
.Fn auditctl "const char *path"
.Sh DESCRIPTION
The
.Fn auditctl

7
contrib/openbsm/modules/Makefile.am Normal file
View File

@ -0,0 +1,7 @@
#
# $P4: //depot/projects/trustedbsd/openbsm/modules/Makefile.am#1 $
#
SUBDIRS = \
auditfilter_noop

477
contrib/openbsm/modules/Makefile.in Normal file
View File

@ -0,0 +1,477 @@
# Makefile.in generated by automake 1.9.6 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
# 2003, 2004, 2005 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE.
@SET_MAKE@
#
# $P4: //depot/projects/trustedbsd/openbsm/modules/Makefile.in#1 $
#
srcdir = @srcdir@
top_srcdir = @top_srcdir@
VPATH = @srcdir@
pkgdatadir = $(datadir)/@PACKAGE@
pkglibdir = $(libdir)/@PACKAGE@
pkgincludedir = $(includedir)/@PACKAGE@
top_builddir = ..
am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
INSTALL = @INSTALL@
install_sh_DATA = $(install_sh) -c -m 644
install_sh_PROGRAM = $(install_sh) -c
install_sh_SCRIPT = $(install_sh) -c
INSTALL_HEADER = $(INSTALL_DATA)
transform = $(program_transform_name)
NORMAL_INSTALL = :
PRE_INSTALL = :
POST_INSTALL = :
NORMAL_UNINSTALL = :
PRE_UNINSTALL = :
POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = modules
DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config/config.h
CONFIG_CLEAN_FILES =
SOURCES =
DIST_SOURCES =
RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \
html-recursive info-recursive install-data-recursive \
install-exec-recursive install-info-recursive \
install-recursive installcheck-recursive installdirs-recursive \
pdf-recursive ps-recursive uninstall-info-recursive \
uninstall-recursive
ETAGS = etags
CTAGS = ctags
DIST_SUBDIRS = $(SUBDIRS)
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
AMDEP_FALSE = @AMDEP_FALSE@
AMDEP_TRUE = @AMDEP_TRUE@
AMTAR = @AMTAR@
AR = @AR@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
AWK = @AWK@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
CPP = @CPP@
CPPFLAGS = @CPPFLAGS@
CXX = @CXX@
CXXCPP = @CXXCPP@
CXXDEPMODE = @CXXDEPMODE@
CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
ECHO = @ECHO@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
EXEEXT = @EXEEXT@
F77 = @F77@
FFLAGS = @FFLAGS@
HAVE_AUDIT_SYSCALLS_FALSE = @HAVE_AUDIT_SYSCALLS_FALSE@
HAVE_AUDIT_SYSCALLS_TRUE = @HAVE_AUDIT_SYSCALLS_TRUE@
INSTALL_DATA = @INSTALL_DATA@
INSTALL_PROGRAM = @INSTALL_PROGRAM@
INSTALL_SCRIPT = @INSTALL_SCRIPT@
INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
LDFLAGS = @LDFLAGS@
LIBOBJS = @LIBOBJS@
LIBS = @LIBS@
LIBTOOL = @LIBTOOL@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAINT = @MAINT@
MAINTAINER_MODE_FALSE = @MAINTAINER_MODE_FALSE@
MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@
MAKEINFO = @MAKEINFO@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
PACKAGE_NAME = @PACKAGE_NAME@
PACKAGE_STRING = @PACKAGE_STRING@
PACKAGE_TARNAME = @PACKAGE_TARNAME@
PACKAGE_VERSION = @PACKAGE_VERSION@
PATH_SEPARATOR = @PATH_SEPARATOR@
RANLIB = @RANLIB@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
STRIP = @STRIP@
VERSION = @VERSION@
ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_CXX = @ac_ct_CXX@
ac_ct_F77 = @ac_ct_F77@
ac_ct_RANLIB = @ac_ct_RANLIB@
ac_ct_STRIP = @ac_ct_STRIP@
am__fastdepCC_FALSE = @am__fastdepCC_FALSE@
am__fastdepCC_TRUE = @am__fastdepCC_TRUE@
am__fastdepCXX_FALSE = @am__fastdepCXX_FALSE@
am__fastdepCXX_TRUE = @am__fastdepCXX_TRUE@
am__include = @am__include@
am__leading_dot = @am__leading_dot@
am__quote = @am__quote@
am__tar = @am__tar@
am__untar = @am__untar@
bindir = @bindir@
build = @build@
build_alias = @build_alias@
build_cpu = @build_cpu@
build_os = @build_os@
build_vendor = @build_vendor@
datadir = @datadir@
exec_prefix = @exec_prefix@
host = @host@
host_alias = @host_alias@
host_cpu = @host_cpu@
host_os = @host_os@
host_vendor = @host_vendor@
includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
libdir = @libdir@
libexecdir = @libexecdir@
localstatedir = @localstatedir@
mandir = @mandir@
mkdir_p = @mkdir_p@
oldincludedir = @oldincludedir@
prefix = @prefix@
program_transform_name = @program_transform_name@
sbindir = @sbindir@
sharedstatedir = @sharedstatedir@
sysconfdir = @sysconfdir@
target_alias = @target_alias@
SUBDIRS = \
auditfilter_noop
all: all-recursive
.SUFFIXES:
$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps)
@for dep in $?; do \
case '$(am__configure_deps)' in \
*$$dep*) \
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
&& exit 0; \
exit 1;; \
esac; \
done; \
echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign modules/Makefile'; \
cd $(top_srcdir) && \
$(AUTOMAKE) --foreign modules/Makefile
.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
*) \
echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
esac;
$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
mostlyclean-libtool:
-rm -f *.lo
clean-libtool:
-rm -rf .libs _libs
distclean-libtool:
-rm -f libtool
uninstall-info-am:
# This directory's subdirectories are mostly independent; you can cd
# into them and run `make' without going through this Makefile.
# To change the values of `make' variables: instead of editing Makefiles,
# (1) if the variable is set in `config.status', edit `config.status'
# (which will cause the Makefiles to be regenerated when you run `make');
# (2) otherwise, pass the desired values on the `make' command line.
$(RECURSIVE_TARGETS):
@failcom='exit 1'; \
for f in x $$MAKEFLAGS; do \
case $$f in \
*=* | --[!k]*);; \
*k*) failcom='fail=yes';; \
esac; \
done; \
dot_seen=no; \
target=`echo $@ | sed s/-recursive//`; \
list='$(SUBDIRS)'; for subdir in $$list; do \
echo "Making $$target in $$subdir"; \
if test "$$subdir" = "."; then \
dot_seen=yes; \
local_target="$$target-am"; \
else \
local_target="$$target"; \
fi; \
(cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \
|| eval $$failcom; \
done; \
if test "$$dot_seen" = "no"; then \
$(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \
fi; test -z "$$fail"
mostlyclean-recursive clean-recursive distclean-recursive \
maintainer-clean-recursive:
@failcom='exit 1'; \
for f in x $$MAKEFLAGS; do \
case $$f in \
*=* | --[!k]*);; \
*k*) failcom='fail=yes';; \
esac; \
done; \
dot_seen=no; \
case "$@" in \
distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \
*) list='$(SUBDIRS)' ;; \
esac; \
rev=''; for subdir in $$list; do \
if test "$$subdir" = "."; then :; else \
rev="$$subdir $$rev"; \
fi; \
done; \
rev="$$rev ."; \
target=`echo $@ | sed s/-recursive//`; \
for subdir in $$rev; do \
echo "Making $$target in $$subdir"; \
if test "$$subdir" = "."; then \
local_target="$$target-am"; \
else \
local_target="$$target"; \
fi; \
(cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \
|| eval $$failcom; \
done && test -z "$$fail"
tags-recursive:
list='$(SUBDIRS)'; for subdir in $$list; do \
test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \
done
ctags-recursive:
list='$(SUBDIRS)'; for subdir in $$list; do \
test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \
done
ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
mkid -fID $$unique
tags: TAGS
TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
$(TAGS_FILES) $(LISP)
tags=; \
here=`pwd`; \
if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \
include_option=--etags-include; \
empty_fix=.; \
else \
include_option=--include; \
empty_fix=; \
fi; \
list='$(SUBDIRS)'; for subdir in $$list; do \
if test "$$subdir" = .; then :; else \
test ! -f $$subdir/TAGS || \
tags="$$tags $$include_option=$$here/$$subdir/TAGS"; \
fi; \
done; \
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
test -n "$$unique" || unique=$$empty_fix; \
$(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
$$tags $$unique; \
fi
ctags: CTAGS
CTAGS: ctags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
$(TAGS_FILES) $(LISP)
tags=; \
here=`pwd`; \
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
test -z "$(CTAGS_ARGS)$$tags$$unique" \
|| $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
$$tags $$unique
GTAGS:
here=`$(am__cd) $(top_builddir) && pwd` \
&& cd $(top_srcdir) \
&& gtags -i $(GTAGS_ARGS) $$here
distclean-tags:
-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
distdir: $(DISTFILES)
@srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \
topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \
list='$(DISTFILES)'; for file in $$list; do \
case $$file in \
$(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \
$(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \
esac; \
if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \
if test "$$dir" != "$$file" && test "$$dir" != "."; then \
dir="/$$dir"; \
$(mkdir_p) "$(distdir)$$dir"; \
else \
dir=''; \
fi; \
if test -d $$d/$$file; then \
if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
fi; \
cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
else \
test -f $(distdir)/$$file \
|| cp -p $$d/$$file $(distdir)/$$file \
|| exit 1; \
fi; \
done
list='$(DIST_SUBDIRS)'; for subdir in $$list; do \
if test "$$subdir" = .; then :; else \
test -d "$(distdir)/$$subdir" \
|| $(mkdir_p) "$(distdir)/$$subdir" \
|| exit 1; \
distdir=`$(am__cd) $(distdir) && pwd`; \
top_distdir=`$(am__cd) $(top_distdir) && pwd`; \
(cd $$subdir && \
$(MAKE) $(AM_MAKEFLAGS) \
top_distdir="$$top_distdir" \
distdir="$$distdir/$$subdir" \
distdir) \
|| exit 1; \
fi; \
done
check-am: all-am
check: check-recursive
all-am: Makefile
installdirs: installdirs-recursive
installdirs-am:
install: install-recursive
install-exec: install-exec-recursive
install-data: install-data-recursive
uninstall: uninstall-recursive
install-am: all-am
@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
installcheck: installcheck-recursive
install-strip:
$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
`test -z '$(STRIP)' || \
echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
mostlyclean-generic:
clean-generic:
distclean-generic:
-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
maintainer-clean-generic:
@echo "This command is intended for maintainers to use"
@echo "it deletes files that may require special tools to rebuild."
clean: clean-recursive
clean-am: clean-generic clean-libtool mostlyclean-am
distclean: distclean-recursive
-rm -f Makefile
distclean-am: clean-am distclean-generic distclean-libtool \
distclean-tags
dvi: dvi-recursive
dvi-am:
html: html-recursive
info: info-recursive
info-am:
install-data-am:
install-exec-am:
install-info: install-info-recursive
install-man:
installcheck-am:
maintainer-clean: maintainer-clean-recursive
-rm -f Makefile
maintainer-clean-am: distclean-am maintainer-clean-generic
mostlyclean: mostlyclean-recursive
mostlyclean-am: mostlyclean-generic mostlyclean-libtool
pdf: pdf-recursive
pdf-am:
ps: ps-recursive
ps-am:
uninstall-am: uninstall-info-am
uninstall-info: uninstall-info-recursive
.PHONY: $(RECURSIVE_TARGETS) CTAGS GTAGS all all-am check check-am \
clean clean-generic clean-libtool clean-recursive ctags \
ctags-recursive distclean distclean-generic distclean-libtool \
distclean-recursive distclean-tags distdir dvi dvi-am html \
html-am info info-am install install-am install-data \
install-data-am install-exec install-exec-am install-info \
install-info-am install-man install-strip installcheck \
installcheck-am installdirs installdirs-am maintainer-clean \
maintainer-clean-generic maintainer-clean-recursive \
mostlyclean mostlyclean-generic mostlyclean-libtool \
mostlyclean-recursive pdf pdf-am ps ps-am tags tags-recursive \
uninstall uninstall-am uninstall-info-am
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
.NOEXPORT:

10
contrib/openbsm/modules/auditfilter_noop/Makefile.am Normal file
View File

@ -0,0 +1,10 @@
#
# $P4: //depot/projects/trustedbsd/openbsm/modules/auditfilter_noop/Makefile.am#1 $
#
INCLUDES = -I$(top_srcdir)
lib_LTLIBRARIES = auditfilter_noop.la
auditfilter_noop_la_SOURCE = auditfilter_noop.c
auditfilter_noop_la_LDFLAGS = -module

459
contrib/openbsm/modules/auditfilter_noop/Makefile.in Normal file
View File

@ -0,0 +1,459 @@
# Makefile.in generated by automake 1.9.6 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
# 2003, 2004, 2005 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE.
@SET_MAKE@
#
# $P4: //depot/projects/trustedbsd/openbsm/modules/auditfilter_noop/Makefile.in#1 $
#
srcdir = @srcdir@
top_srcdir = @top_srcdir@
VPATH = @srcdir@
pkgdatadir = $(datadir)/@PACKAGE@
pkglibdir = $(libdir)/@PACKAGE@
pkgincludedir = $(includedir)/@PACKAGE@
top_builddir = ../..
am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
INSTALL = @INSTALL@
install_sh_DATA = $(install_sh) -c -m 644
install_sh_PROGRAM = $(install_sh) -c
install_sh_SCRIPT = $(install_sh) -c
INSTALL_HEADER = $(INSTALL_DATA)
transform = $(program_transform_name)
NORMAL_INSTALL = :
PRE_INSTALL = :
POST_INSTALL = :
NORMAL_UNINSTALL = :
PRE_UNINSTALL = :
POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = modules/auditfilter_noop
DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config/config.h
CONFIG_CLEAN_FILES =
am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
am__vpath_adj = case $$p in \
$(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
*) f=$$p;; \
esac;
am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
am__installdirs = "$(DESTDIR)$(libdir)"
libLTLIBRARIES_INSTALL = $(INSTALL)
LTLIBRARIES = $(lib_LTLIBRARIES)
auditfilter_noop_la_LIBADD =
auditfilter_noop_la_SOURCES = auditfilter_noop.c
auditfilter_noop_la_OBJECTS = auditfilter_noop.lo
DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/config
depcomp = $(SHELL) $(top_srcdir)/config/depcomp
am__depfiles_maybe = depfiles
COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
LTCOMPILE = $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) \
$(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \
$(AM_CFLAGS) $(CFLAGS)
CCLD = $(CC)
LINK = $(LIBTOOL) --tag=CC --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
$(AM_LDFLAGS) $(LDFLAGS) -o $@
SOURCES = auditfilter_noop.c
DIST_SOURCES = auditfilter_noop.c
ETAGS = etags
CTAGS = ctags
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
AMDEP_FALSE = @AMDEP_FALSE@
AMDEP_TRUE = @AMDEP_TRUE@
AMTAR = @AMTAR@
AR = @AR@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
AWK = @AWK@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
CPP = @CPP@
CPPFLAGS = @CPPFLAGS@
CXX = @CXX@
CXXCPP = @CXXCPP@
CXXDEPMODE = @CXXDEPMODE@
CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
ECHO = @ECHO@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
EXEEXT = @EXEEXT@
F77 = @F77@
FFLAGS = @FFLAGS@
HAVE_AUDIT_SYSCALLS_FALSE = @HAVE_AUDIT_SYSCALLS_FALSE@
HAVE_AUDIT_SYSCALLS_TRUE = @HAVE_AUDIT_SYSCALLS_TRUE@
INSTALL_DATA = @INSTALL_DATA@
INSTALL_PROGRAM = @INSTALL_PROGRAM@
INSTALL_SCRIPT = @INSTALL_SCRIPT@
INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
LDFLAGS = @LDFLAGS@
LIBOBJS = @LIBOBJS@
LIBS = @LIBS@
LIBTOOL = @LIBTOOL@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAINT = @MAINT@
MAINTAINER_MODE_FALSE = @MAINTAINER_MODE_FALSE@
MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@
MAKEINFO = @MAKEINFO@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
PACKAGE_NAME = @PACKAGE_NAME@
PACKAGE_STRING = @PACKAGE_STRING@
PACKAGE_TARNAME = @PACKAGE_TARNAME@
PACKAGE_VERSION = @PACKAGE_VERSION@
PATH_SEPARATOR = @PATH_SEPARATOR@
RANLIB = @RANLIB@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
STRIP = @STRIP@
VERSION = @VERSION@
ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_CXX = @ac_ct_CXX@
ac_ct_F77 = @ac_ct_F77@
ac_ct_RANLIB = @ac_ct_RANLIB@
ac_ct_STRIP = @ac_ct_STRIP@
am__fastdepCC_FALSE = @am__fastdepCC_FALSE@
am__fastdepCC_TRUE = @am__fastdepCC_TRUE@
am__fastdepCXX_FALSE = @am__fastdepCXX_FALSE@
am__fastdepCXX_TRUE = @am__fastdepCXX_TRUE@
am__include = @am__include@
am__leading_dot = @am__leading_dot@
am__quote = @am__quote@
am__tar = @am__tar@
am__untar = @am__untar@
bindir = @bindir@
build = @build@
build_alias = @build_alias@
build_cpu = @build_cpu@
build_os = @build_os@
build_vendor = @build_vendor@
datadir = @datadir@
exec_prefix = @exec_prefix@
host = @host@
host_alias = @host_alias@
host_cpu = @host_cpu@
host_os = @host_os@
host_vendor = @host_vendor@
includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
libdir = @libdir@
libexecdir = @libexecdir@
localstatedir = @localstatedir@
mandir = @mandir@
mkdir_p = @mkdir_p@
oldincludedir = @oldincludedir@
prefix = @prefix@
program_transform_name = @program_transform_name@
sbindir = @sbindir@
sharedstatedir = @sharedstatedir@
sysconfdir = @sysconfdir@
target_alias = @target_alias@
INCLUDES = -I$(top_srcdir)
lib_LTLIBRARIES = auditfilter_noop.la
auditfilter_noop_la_SOURCE = auditfilter_noop.c
auditfilter_noop_la_LDFLAGS = -module
all: all-am
.SUFFIXES:
.SUFFIXES: .c .lo .o .obj
$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps)
@for dep in $?; do \
case '$(am__configure_deps)' in \
*$$dep*) \
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
&& exit 0; \
exit 1;; \
esac; \
done; \
echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign modules/auditfilter_noop/Makefile'; \
cd $(top_srcdir) && \
$(AUTOMAKE) --foreign modules/auditfilter_noop/Makefile
.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
*) \
echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
esac;
$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
install-libLTLIBRARIES: $(lib_LTLIBRARIES)
@$(NORMAL_INSTALL)
test -z "$(libdir)" || $(mkdir_p) "$(DESTDIR)$(libdir)"
@list='$(lib_LTLIBRARIES)'; for p in $$list; do \
if test -f $$p; then \
f=$(am__strip_dir) \
echo " $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \
$(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \
else :; fi; \
done
uninstall-libLTLIBRARIES:
@$(NORMAL_UNINSTALL)
@set -x; list='$(lib_LTLIBRARIES)'; for p in $$list; do \
p=$(am__strip_dir) \
echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \
$(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \
done
clean-libLTLIBRARIES:
-test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES)
@list='$(lib_LTLIBRARIES)'; for p in $$list; do \
dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
test "$$dir" != "$$p" || dir=.; \
echo "rm -f \"$${dir}/so_locations\""; \
rm -f "$${dir}/so_locations"; \
done
auditfilter_noop.la: $(auditfilter_noop_la_OBJECTS) $(auditfilter_noop_la_DEPENDENCIES)
$(LINK) -rpath $(libdir) $(auditfilter_noop_la_LDFLAGS) $(auditfilter_noop_la_OBJECTS) $(auditfilter_noop_la_LIBADD) $(LIBS)
mostlyclean-compile:
-rm -f *.$(OBJEXT)
distclean-compile:
-rm -f *.tab.c
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/auditfilter_noop.Plo@am__quote@
.c.o:
@am__fastdepCC_TRUE@ if $(COMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ $<; \
@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Po"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi
@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@ $(COMPILE) -c $<
.c.obj:
@am__fastdepCC_TRUE@ if $(COMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ `$(CYGPATH_W) '$<'`; \
@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Po"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi
@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
.c.lo:
@am__fastdepCC_TRUE@ if $(LTCOMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ $<; \
@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Plo"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi
@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
mostlyclean-libtool:
-rm -f *.lo
clean-libtool:
-rm -rf .libs _libs
distclean-libtool:
-rm -f libtool
uninstall-info-am:
ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
mkid -fID $$unique
tags: TAGS
TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
$(TAGS_FILES) $(LISP)
tags=; \
here=`pwd`; \
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
test -n "$$unique" || unique=$$empty_fix; \
$(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
$$tags $$unique; \
fi
ctags: CTAGS
CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
$(TAGS_FILES) $(LISP)
tags=; \
here=`pwd`; \
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
test -z "$(CTAGS_ARGS)$$tags$$unique" \
|| $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
$$tags $$unique
GTAGS:
here=`$(am__cd) $(top_builddir) && pwd` \
&& cd $(top_srcdir) \
&& gtags -i $(GTAGS_ARGS) $$here
distclean-tags:
-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
distdir: $(DISTFILES)
@srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \
topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \
list='$(DISTFILES)'; for file in $$list; do \
case $$file in \
$(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \
$(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \
esac; \
if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \
if test "$$dir" != "$$file" && test "$$dir" != "."; then \
dir="/$$dir"; \
$(mkdir_p) "$(distdir)$$dir"; \
else \
dir=''; \
fi; \
if test -d $$d/$$file; then \
if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
fi; \
cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
else \
test -f $(distdir)/$$file \
|| cp -p $$d/$$file $(distdir)/$$file \
|| exit 1; \
fi; \
done
check-am: all-am
check: check-am
all-am: Makefile $(LTLIBRARIES)
installdirs:
for dir in "$(DESTDIR)$(libdir)"; do \
test -z "$$dir" || $(mkdir_p) "$$dir"; \
done
install: install-am
install-exec: install-exec-am
install-data: install-data-am
uninstall: uninstall-am
install-am: all-am
@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
installcheck: installcheck-am
install-strip:
$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
`test -z '$(STRIP)' || \
echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
mostlyclean-generic:
clean-generic:
distclean-generic:
-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
maintainer-clean-generic:
@echo "This command is intended for maintainers to use"
@echo "it deletes files that may require special tools to rebuild."
clean: clean-am
clean-am: clean-generic clean-libLTLIBRARIES clean-libtool \
mostlyclean-am
distclean: distclean-am
-rm -rf ./$(DEPDIR)
-rm -f Makefile
distclean-am: clean-am distclean-compile distclean-generic \
distclean-libtool distclean-tags
dvi: dvi-am
dvi-am:
html: html-am
info: info-am
info-am:
install-data-am:
install-exec-am: install-libLTLIBRARIES
install-info: install-info-am
install-man:
installcheck-am:
maintainer-clean: maintainer-clean-am
-rm -rf ./$(DEPDIR)
-rm -f Makefile
maintainer-clean-am: distclean-am maintainer-clean-generic
mostlyclean: mostlyclean-am
mostlyclean-am: mostlyclean-compile mostlyclean-generic \
mostlyclean-libtool
pdf: pdf-am
pdf-am:
ps: ps-am
ps-am:
uninstall-am: uninstall-info-am uninstall-libLTLIBRARIES
.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
clean-libLTLIBRARIES clean-libtool ctags distclean \
distclean-compile distclean-generic distclean-libtool \
distclean-tags distdir dvi dvi-am html html-am info info-am \
install install-am install-data install-data-am install-exec \
install-exec-am install-info install-info-am \
install-libLTLIBRARIES install-man install-strip installcheck \
installcheck-am installdirs maintainer-clean \
maintainer-clean-generic mostlyclean mostlyclean-compile \
mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
tags uninstall uninstall-am uninstall-info-am \
uninstall-libLTLIBRARIES
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
.NOEXPORT:

73
contrib/openbsm/modules/auditfilter_noop/auditfilter_noop.c Normal file
View File

@ -0,0 +1,73 @@
/*-
* Copyright (c) 2006 Robert N. M. Watson
* All rights reserved.
*
* This software was developed by Robert Watson for the TrustedBSD Project.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $P4: //depot/projects/trustedbsd/openbsm/modules/auditfilter_noop/auditfilter_noop.c#2 $
*/
/*
* Sample audit filter: no-op which sinks audit records in both BSM and
* parsed formats, but does nothing with them.
*/
#include <bsm/libbsm.h>
#include <bsm/libbsm.h>
#include <bsm/audit_filter.h>
int
AUDIT_FILTER_ATTACH(void **instance, int argc, char *argv[])
{
return (0);
}
int
AUDIT_FILTER_REINIT(void *instance, int argc, char *argv[])
{
return (0);
}
void
AUDIT_FILTER_RECORD(void *instance, struct timespec *ts, int token_count,
const tokenstr_t *tok[])
{
}
void
AUDIT_FILTER_BSMRECORD(void *instance, struct timespec *ts, u_char *data,
u_int len)
{
}
void
AUDIT_FILTER_DETACH(void *instance)
{
}

6
contrib/openbsm/test/Makefile.am Normal file
View File

@ -0,0 +1,6 @@
#
# $P4: //depot/projects/trustedbsd/openbsm/test/Makefile.am#1 $
#
SUBDIRS = \
bsm

477
contrib/openbsm/test/Makefile.in Normal file
View File

@ -0,0 +1,477 @@
# Makefile.in generated by automake 1.9.6 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
# 2003, 2004, 2005 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE.
@SET_MAKE@
#
# $P4: //depot/projects/trustedbsd/openbsm/test/Makefile.in#1 $
#
srcdir = @srcdir@
top_srcdir = @top_srcdir@
VPATH = @srcdir@
pkgdatadir = $(datadir)/@PACKAGE@
pkglibdir = $(libdir)/@PACKAGE@
pkgincludedir = $(includedir)/@PACKAGE@
top_builddir = ..
am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
INSTALL = @INSTALL@
install_sh_DATA = $(install_sh) -c -m 644
install_sh_PROGRAM = $(install_sh) -c
install_sh_SCRIPT = $(install_sh) -c
INSTALL_HEADER = $(INSTALL_DATA)
transform = $(program_transform_name)
NORMAL_INSTALL = :
PRE_INSTALL = :
POST_INSTALL = :
NORMAL_UNINSTALL = :
PRE_UNINSTALL = :
POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = test
DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config/config.h
CONFIG_CLEAN_FILES =
SOURCES =
DIST_SOURCES =
RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \
html-recursive info-recursive install-data-recursive \
install-exec-recursive install-info-recursive \
install-recursive installcheck-recursive installdirs-recursive \
pdf-recursive ps-recursive uninstall-info-recursive \
uninstall-recursive
ETAGS = etags
CTAGS = ctags
DIST_SUBDIRS = $(SUBDIRS)
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
AMDEP_FALSE = @AMDEP_FALSE@
AMDEP_TRUE = @AMDEP_TRUE@
AMTAR = @AMTAR@
AR = @AR@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
AWK = @AWK@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
CPP = @CPP@
CPPFLAGS = @CPPFLAGS@
CXX = @CXX@
CXXCPP = @CXXCPP@
CXXDEPMODE = @CXXDEPMODE@
CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
ECHO = @ECHO@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
EXEEXT = @EXEEXT@
F77 = @F77@
FFLAGS = @FFLAGS@
HAVE_AUDIT_SYSCALLS_FALSE = @HAVE_AUDIT_SYSCALLS_FALSE@
HAVE_AUDIT_SYSCALLS_TRUE = @HAVE_AUDIT_SYSCALLS_TRUE@
INSTALL_DATA = @INSTALL_DATA@
INSTALL_PROGRAM = @INSTALL_PROGRAM@
INSTALL_SCRIPT = @INSTALL_SCRIPT@
INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
LDFLAGS = @LDFLAGS@
LIBOBJS = @LIBOBJS@
LIBS = @LIBS@
LIBTOOL = @LIBTOOL@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAINT = @MAINT@
MAINTAINER_MODE_FALSE = @MAINTAINER_MODE_FALSE@
MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@
MAKEINFO = @MAKEINFO@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
PACKAGE_NAME = @PACKAGE_NAME@
PACKAGE_STRING = @PACKAGE_STRING@
PACKAGE_TARNAME = @PACKAGE_TARNAME@
PACKAGE_VERSION = @PACKAGE_VERSION@
PATH_SEPARATOR = @PATH_SEPARATOR@
RANLIB = @RANLIB@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
STRIP = @STRIP@
VERSION = @VERSION@
ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_CXX = @ac_ct_CXX@
ac_ct_F77 = @ac_ct_F77@
ac_ct_RANLIB = @ac_ct_RANLIB@
ac_ct_STRIP = @ac_ct_STRIP@
am__fastdepCC_FALSE = @am__fastdepCC_FALSE@
am__fastdepCC_TRUE = @am__fastdepCC_TRUE@
am__fastdepCXX_FALSE = @am__fastdepCXX_FALSE@
am__fastdepCXX_TRUE = @am__fastdepCXX_TRUE@
am__include = @am__include@
am__leading_dot = @am__leading_dot@
am__quote = @am__quote@
am__tar = @am__tar@
am__untar = @am__untar@
bindir = @bindir@
build = @build@
build_alias = @build_alias@
build_cpu = @build_cpu@
build_os = @build_os@
build_vendor = @build_vendor@
datadir = @datadir@
exec_prefix = @exec_prefix@
host = @host@
host_alias = @host_alias@
host_cpu = @host_cpu@
host_os = @host_os@
host_vendor = @host_vendor@
includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
libdir = @libdir@
libexecdir = @libexecdir@
localstatedir = @localstatedir@
mandir = @mandir@
mkdir_p = @mkdir_p@
oldincludedir = @oldincludedir@
prefix = @prefix@
program_transform_name = @program_transform_name@
sbindir = @sbindir@
sharedstatedir = @sharedstatedir@
sysconfdir = @sysconfdir@
target_alias = @target_alias@
SUBDIRS = \
bsm
all: all-recursive
.SUFFIXES:
$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps)
@for dep in $?; do \
case '$(am__configure_deps)' in \
*$$dep*) \
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
&& exit 0; \
exit 1;; \
esac; \
done; \
echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign test/Makefile'; \
cd $(top_srcdir) && \
$(AUTOMAKE) --foreign test/Makefile
.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
*) \
echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
esac;
$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
mostlyclean-libtool:
-rm -f *.lo
clean-libtool:
-rm -rf .libs _libs
distclean-libtool:
-rm -f libtool
uninstall-info-am:
# This directory's subdirectories are mostly independent; you can cd
# into them and run `make' without going through this Makefile.
# To change the values of `make' variables: instead of editing Makefiles,
# (1) if the variable is set in `config.status', edit `config.status'
# (which will cause the Makefiles to be regenerated when you run `make');
# (2) otherwise, pass the desired values on the `make' command line.
$(RECURSIVE_TARGETS):
@failcom='exit 1'; \
for f in x $$MAKEFLAGS; do \
case $$f in \
*=* | --[!k]*);; \
*k*) failcom='fail=yes';; \
esac; \
done; \
dot_seen=no; \
target=`echo $@ | sed s/-recursive//`; \
list='$(SUBDIRS)'; for subdir in $$list; do \
echo "Making $$target in $$subdir"; \
if test "$$subdir" = "."; then \
dot_seen=yes; \
local_target="$$target-am"; \
else \
local_target="$$target"; \
fi; \
(cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \
|| eval $$failcom; \
done; \
if test "$$dot_seen" = "no"; then \
$(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \
fi; test -z "$$fail"
mostlyclean-recursive clean-recursive distclean-recursive \
maintainer-clean-recursive:
@failcom='exit 1'; \
for f in x $$MAKEFLAGS; do \
case $$f in \
*=* | --[!k]*);; \
*k*) failcom='fail=yes';; \
esac; \
done; \
dot_seen=no; \
case "$@" in \
distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \
*) list='$(SUBDIRS)' ;; \
esac; \
rev=''; for subdir in $$list; do \
if test "$$subdir" = "."; then :; else \
rev="$$subdir $$rev"; \
fi; \
done; \
rev="$$rev ."; \
target=`echo $@ | sed s/-recursive//`; \
for subdir in $$rev; do \
echo "Making $$target in $$subdir"; \
if test "$$subdir" = "."; then \
local_target="$$target-am"; \
else \
local_target="$$target"; \
fi; \
(cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \
|| eval $$failcom; \
done && test -z "$$fail"
tags-recursive:
list='$(SUBDIRS)'; for subdir in $$list; do \
test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \
done
ctags-recursive:
list='$(SUBDIRS)'; for subdir in $$list; do \
test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \
done
ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
mkid -fID $$unique
tags: TAGS
TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
$(TAGS_FILES) $(LISP)
tags=; \
here=`pwd`; \
if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \
include_option=--etags-include; \
empty_fix=.; \
else \
include_option=--include; \
empty_fix=; \
fi; \
list='$(SUBDIRS)'; for subdir in $$list; do \
if test "$$subdir" = .; then :; else \
test ! -f $$subdir/TAGS || \
tags="$$tags $$include_option=$$here/$$subdir/TAGS"; \
fi; \
done; \
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
test -n "$$unique" || unique=$$empty_fix; \
$(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
$$tags $$unique; \
fi
ctags: CTAGS
CTAGS: ctags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
$(TAGS_FILES) $(LISP)
tags=; \
here=`pwd`; \
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
test -z "$(CTAGS_ARGS)$$tags$$unique" \
|| $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
$$tags $$unique
GTAGS:
here=`$(am__cd) $(top_builddir) && pwd` \
&& cd $(top_srcdir) \
&& gtags -i $(GTAGS_ARGS) $$here
distclean-tags:
-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
distdir: $(DISTFILES)
@srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \
topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \
list='$(DISTFILES)'; for file in $$list; do \
case $$file in \
$(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \
$(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \
esac; \
if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \
if test "$$dir" != "$$file" && test "$$dir" != "."; then \
dir="/$$dir"; \
$(mkdir_p) "$(distdir)$$dir"; \
else \
dir=''; \
fi; \
if test -d $$d/$$file; then \
if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
fi; \
cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
else \
test -f $(distdir)/$$file \
|| cp -p $$d/$$file $(distdir)/$$file \
|| exit 1; \
fi; \
done
list='$(DIST_SUBDIRS)'; for subdir in $$list; do \
if test "$$subdir" = .; then :; else \
test -d "$(distdir)/$$subdir" \
|| $(mkdir_p) "$(distdir)/$$subdir" \
|| exit 1; \
distdir=`$(am__cd) $(distdir) && pwd`; \
top_distdir=`$(am__cd) $(top_distdir) && pwd`; \
(cd $$subdir && \
$(MAKE) $(AM_MAKEFLAGS) \
top_distdir="$$top_distdir" \
distdir="$$distdir/$$subdir" \
distdir) \
|| exit 1; \
fi; \
done
check-am: all-am
check: check-recursive
all-am: Makefile
installdirs: installdirs-recursive
installdirs-am:
install: install-recursive
install-exec: install-exec-recursive
install-data: install-data-recursive
uninstall: uninstall-recursive
install-am: all-am
@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
installcheck: installcheck-recursive
install-strip:
$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
`test -z '$(STRIP)' || \
echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
mostlyclean-generic:
clean-generic:
distclean-generic:
-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
maintainer-clean-generic:
@echo "This command is intended for maintainers to use"
@echo "it deletes files that may require special tools to rebuild."
clean: clean-recursive
clean-am: clean-generic clean-libtool mostlyclean-am
distclean: distclean-recursive
-rm -f Makefile
distclean-am: clean-am distclean-generic distclean-libtool \
distclean-tags
dvi: dvi-recursive
dvi-am:
html: html-recursive
info: info-recursive
info-am:
install-data-am:
install-exec-am:
install-info: install-info-recursive
install-man:
installcheck-am:
maintainer-clean: maintainer-clean-recursive
-rm -f Makefile
maintainer-clean-am: distclean-am maintainer-clean-generic
mostlyclean: mostlyclean-recursive
mostlyclean-am: mostlyclean-generic mostlyclean-libtool
pdf: pdf-recursive
pdf-am:
ps: ps-recursive
ps-am:
uninstall-am: uninstall-info-am
uninstall-info: uninstall-info-recursive
.PHONY: $(RECURSIVE_TARGETS) CTAGS GTAGS all all-am check check-am \
clean clean-generic clean-libtool clean-recursive ctags \
ctags-recursive distclean distclean-generic distclean-libtool \
distclean-recursive distclean-tags distdir dvi dvi-am html \
html-am info info-am install install-am install-data \
install-data-am install-exec install-exec-am install-info \
install-info-am install-man install-strip installcheck \
installcheck-am installdirs installdirs-am maintainer-clean \
maintainer-clean-generic maintainer-clean-recursive \
mostlyclean mostlyclean-generic mostlyclean-libtool \
mostlyclean-recursive pdf pdf-am ps ps-am tags tags-recursive \
uninstall uninstall-am uninstall-info-am
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
.NOEXPORT:

9
contrib/openbsm/test/bsm/Makefile.am Normal file
View File

@ -0,0 +1,9 @@
#
# $P4: //depot/projects/trustedbsd/openbsm/test/bsm/Makefile.am#1 $
#
INCLUDES = -I$(top_srcdir)
bin_PROGRAMS = generate
generate_SOURCES = generate.c
generate_LDADD = $(top_builddir)/libbsm/libbsm.la

453
contrib/openbsm/test/bsm/Makefile.in Normal file
View File

@ -0,0 +1,453 @@
# Makefile.in generated by automake 1.9.6 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
# 2003, 2004, 2005 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE.
@SET_MAKE@
#
# $P4: //depot/projects/trustedbsd/openbsm/test/bsm/Makefile.in#1 $
#
srcdir = @srcdir@
top_srcdir = @top_srcdir@
VPATH = @srcdir@
pkgdatadir = $(datadir)/@PACKAGE@
pkglibdir = $(libdir)/@PACKAGE@
pkgincludedir = $(includedir)/@PACKAGE@
top_builddir = ../..
am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
INSTALL = @INSTALL@
install_sh_DATA = $(install_sh) -c -m 644
install_sh_PROGRAM = $(install_sh) -c
install_sh_SCRIPT = $(install_sh) -c
INSTALL_HEADER = $(INSTALL_DATA)
transform = $(program_transform_name)
NORMAL_INSTALL = :
PRE_INSTALL = :
POST_INSTALL = :
NORMAL_UNINSTALL = :
PRE_UNINSTALL = :
POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
bin_PROGRAMS = generate$(EXEEXT)
subdir = test/bsm
DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config/config.h
CONFIG_CLEAN_FILES =
am__installdirs = "$(DESTDIR)$(bindir)"
binPROGRAMS_INSTALL = $(INSTALL_PROGRAM)
PROGRAMS = $(bin_PROGRAMS)
am_generate_OBJECTS = generate.$(OBJEXT)
generate_OBJECTS = $(am_generate_OBJECTS)
generate_DEPENDENCIES = $(top_builddir)/libbsm/libbsm.la
DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/config
depcomp = $(SHELL) $(top_srcdir)/config/depcomp
am__depfiles_maybe = depfiles
COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
LTCOMPILE = $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) \
$(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \
$(AM_CFLAGS) $(CFLAGS)
CCLD = $(CC)
LINK = $(LIBTOOL) --tag=CC --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
$(AM_LDFLAGS) $(LDFLAGS) -o $@
SOURCES = $(generate_SOURCES)
DIST_SOURCES = $(generate_SOURCES)
ETAGS = etags
CTAGS = ctags
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
AMDEP_FALSE = @AMDEP_FALSE@
AMDEP_TRUE = @AMDEP_TRUE@
AMTAR = @AMTAR@
AR = @AR@
AUTOCONF = @AUTOCONF@
AUTOHEADER = @AUTOHEADER@
AUTOMAKE = @AUTOMAKE@
AWK = @AWK@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
CPP = @CPP@
CPPFLAGS = @CPPFLAGS@
CXX = @CXX@
CXXCPP = @CXXCPP@
CXXDEPMODE = @CXXDEPMODE@
CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
ECHO = @ECHO@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
EXEEXT = @EXEEXT@
F77 = @F77@
FFLAGS = @FFLAGS@
HAVE_AUDIT_SYSCALLS_FALSE = @HAVE_AUDIT_SYSCALLS_FALSE@
HAVE_AUDIT_SYSCALLS_TRUE = @HAVE_AUDIT_SYSCALLS_TRUE@
INSTALL_DATA = @INSTALL_DATA@
INSTALL_PROGRAM = @INSTALL_PROGRAM@
INSTALL_SCRIPT = @INSTALL_SCRIPT@
INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
LDFLAGS = @LDFLAGS@
LIBOBJS = @LIBOBJS@
LIBS = @LIBS@
LIBTOOL = @LIBTOOL@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAINT = @MAINT@
MAINTAINER_MODE_FALSE = @MAINTAINER_MODE_FALSE@
MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@
MAKEINFO = @MAKEINFO@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
PACKAGE_NAME = @PACKAGE_NAME@
PACKAGE_STRING = @PACKAGE_STRING@
PACKAGE_TARNAME = @PACKAGE_TARNAME@
PACKAGE_VERSION = @PACKAGE_VERSION@
PATH_SEPARATOR = @PATH_SEPARATOR@
RANLIB = @RANLIB@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
STRIP = @STRIP@
VERSION = @VERSION@
ac_ct_AR = @ac_ct_AR@
ac_ct_CC = @ac_ct_CC@
ac_ct_CXX = @ac_ct_CXX@
ac_ct_F77 = @ac_ct_F77@
ac_ct_RANLIB = @ac_ct_RANLIB@
ac_ct_STRIP = @ac_ct_STRIP@
am__fastdepCC_FALSE = @am__fastdepCC_FALSE@
am__fastdepCC_TRUE = @am__fastdepCC_TRUE@
am__fastdepCXX_FALSE = @am__fastdepCXX_FALSE@
am__fastdepCXX_TRUE = @am__fastdepCXX_TRUE@
am__include = @am__include@
am__leading_dot = @am__leading_dot@
am__quote = @am__quote@
am__tar = @am__tar@
am__untar = @am__untar@
bindir = @bindir@
build = @build@
build_alias = @build_alias@
build_cpu = @build_cpu@
build_os = @build_os@
build_vendor = @build_vendor@
datadir = @datadir@
exec_prefix = @exec_prefix@
host = @host@
host_alias = @host_alias@
host_cpu = @host_cpu@
host_os = @host_os@
host_vendor = @host_vendor@
includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
libdir = @libdir@
libexecdir = @libexecdir@
localstatedir = @localstatedir@
mandir = @mandir@
mkdir_p = @mkdir_p@
oldincludedir = @oldincludedir@
prefix = @prefix@
program_transform_name = @program_transform_name@
sbindir = @sbindir@
sharedstatedir = @sharedstatedir@
sysconfdir = @sysconfdir@
target_alias = @target_alias@
INCLUDES = -I$(top_srcdir)
generate_SOURCES = generate.c
generate_LDADD = $(top_builddir)/libbsm/libbsm.la
all: all-am
.SUFFIXES:
.SUFFIXES: .c .lo .o .obj
$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps)
@for dep in $?; do \
case '$(am__configure_deps)' in \
*$$dep*) \
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
&& exit 0; \
exit 1;; \
esac; \
done; \
echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign test/bsm/Makefile'; \
cd $(top_srcdir) && \
$(AUTOMAKE) --foreign test/bsm/Makefile
.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
*) \
echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
esac;
$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
install-binPROGRAMS: $(bin_PROGRAMS)
@$(NORMAL_INSTALL)
test -z "$(bindir)" || $(mkdir_p) "$(DESTDIR)$(bindir)"
@list='$(bin_PROGRAMS)'; for p in $$list; do \
p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \
if test -f $$p \
|| test -f $$p1 \
; then \
f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \
echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(bindir)/$$f'"; \
$(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(bindir)/$$f" || exit 1; \
else :; fi; \
done
uninstall-binPROGRAMS:
@$(NORMAL_UNINSTALL)
@list='$(bin_PROGRAMS)'; for p in $$list; do \
f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \
echo " rm -f '$(DESTDIR)$(bindir)/$$f'"; \
rm -f "$(DESTDIR)$(bindir)/$$f"; \
done
clean-binPROGRAMS:
@list='$(bin_PROGRAMS)'; for p in $$list; do \
f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \
echo " rm -f $$p $$f"; \
rm -f $$p $$f ; \
done
generate$(EXEEXT): $(generate_OBJECTS) $(generate_DEPENDENCIES)
@rm -f generate$(EXEEXT)
$(LINK) $(generate_LDFLAGS) $(generate_OBJECTS) $(generate_LDADD) $(LIBS)
mostlyclean-compile:
-rm -f *.$(OBJEXT)
distclean-compile:
-rm -f *.tab.c
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/generate.Po@am__quote@
.c.o:
@am__fastdepCC_TRUE@ if $(COMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ $<; \
@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Po"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi
@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@ $(COMPILE) -c $<
.c.obj:
@am__fastdepCC_TRUE@ if $(COMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ `$(CYGPATH_W) '$<'`; \
@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Po"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi
@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
.c.lo:
@am__fastdepCC_TRUE@ if $(LTCOMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ $<; \
@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Plo"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi
@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
mostlyclean-libtool:
-rm -f *.lo
clean-libtool:
-rm -rf .libs _libs
distclean-libtool:
-rm -f libtool
uninstall-info-am:
ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
mkid -fID $$unique
tags: TAGS
TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
$(TAGS_FILES) $(LISP)
tags=; \
here=`pwd`; \
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
test -n "$$unique" || unique=$$empty_fix; \
$(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
$$tags $$unique; \
fi
ctags: CTAGS
CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
$(TAGS_FILES) $(LISP)
tags=; \
here=`pwd`; \
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
test -z "$(CTAGS_ARGS)$$tags$$unique" \
|| $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
$$tags $$unique
GTAGS:
here=`$(am__cd) $(top_builddir) && pwd` \
&& cd $(top_srcdir) \
&& gtags -i $(GTAGS_ARGS) $$here
distclean-tags:
-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
distdir: $(DISTFILES)
@srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \
topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \
list='$(DISTFILES)'; for file in $$list; do \
case $$file in \
$(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \
$(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \
esac; \
if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \
if test "$$dir" != "$$file" && test "$$dir" != "."; then \
dir="/$$dir"; \
$(mkdir_p) "$(distdir)$$dir"; \
else \
dir=''; \
fi; \
if test -d $$d/$$file; then \
if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
fi; \
cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
else \
test -f $(distdir)/$$file \
|| cp -p $$d/$$file $(distdir)/$$file \
|| exit 1; \
fi; \
done
check-am: all-am
check: check-am
all-am: Makefile $(PROGRAMS)
installdirs:
for dir in "$(DESTDIR)$(bindir)"; do \
test -z "$$dir" || $(mkdir_p) "$$dir"; \
done
install: install-am
install-exec: install-exec-am
install-data: install-data-am
uninstall: uninstall-am
install-am: all-am
@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
installcheck: installcheck-am
install-strip:
$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
`test -z '$(STRIP)' || \
echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
mostlyclean-generic:
clean-generic:
distclean-generic:
-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
maintainer-clean-generic:
@echo "This command is intended for maintainers to use"
@echo "it deletes files that may require special tools to rebuild."
clean: clean-am
clean-am: clean-binPROGRAMS clean-generic clean-libtool mostlyclean-am
distclean: distclean-am
-rm -rf ./$(DEPDIR)
-rm -f Makefile
distclean-am: clean-am distclean-compile distclean-generic \
distclean-libtool distclean-tags
dvi: dvi-am
dvi-am:
html: html-am
info: info-am
info-am:
install-data-am:
install-exec-am: install-binPROGRAMS
install-info: install-info-am
install-man:
installcheck-am:
maintainer-clean: maintainer-clean-am
-rm -rf ./$(DEPDIR)
-rm -f Makefile
maintainer-clean-am: distclean-am maintainer-clean-generic
mostlyclean: mostlyclean-am
mostlyclean-am: mostlyclean-compile mostlyclean-generic \
mostlyclean-libtool
pdf: pdf-am
pdf-am:
ps: ps-am
ps-am:
uninstall-am: uninstall-binPROGRAMS uninstall-info-am
.PHONY: CTAGS GTAGS all all-am check check-am clean clean-binPROGRAMS \
clean-generic clean-libtool ctags distclean distclean-compile \
distclean-generic distclean-libtool distclean-tags distdir dvi \
dvi-am html html-am info info-am install install-am \
install-binPROGRAMS install-data install-data-am install-exec \
install-exec-am install-info install-info-am install-man \
install-strip installcheck installcheck-am installdirs \
maintainer-clean maintainer-clean-generic mostlyclean \
mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
pdf pdf-am ps ps-am tags uninstall uninstall-am \
uninstall-binPROGRAMS uninstall-info-am
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
.NOEXPORT:

755
contrib/openbsm/test/bsm/generate.c Normal file
View File

@ -0,0 +1,755 @@
/*-
* Copyright (c) 2006 Robert N. M. Watson
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $P4: //depot/projects/trustedbsd/openbsm/test/bsm/generate.c#3 $
*/
/*
* Generate a series of BSM token samples in the requested directory.
*/
#include <sys/types.h>
#include <sys/stat.h>
#include <netinet/in.h>
#include <netinet/in_systm.h>
#include <netinet/ip.h>
#include <arpa/inet.h>
#include <bsm/audit_kevents.h>
#include <bsm/libbsm.h>
#include <err.h>
#include <errno.h>
#include <fcntl.h>
#include <limits.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sysexits.h>
#include <unistd.h>
static int do_records, do_tokens;
static void
usage(void)
{
fprintf(stderr, "generate [-rt] path\n");
exit(EX_USAGE);
}
static int
open_file(const char *directory, const char *name)
{
char pathname[PATH_MAX];
int fd;
snprintf(pathname, PATH_MAX, "%s/%s", directory, name);
(void)unlink(pathname);
fd = open(pathname, O_WRONLY | O_CREAT | O_EXCL, 0600);
if (fd < 0)
err(EX_CANTCREAT, "open: %s", name);
return (fd);
}
static void
write_file(int fd, void *buffer, size_t buflen, const char *filename)
{
ssize_t len;
len = write(fd, buffer, buflen);
if (len < 0)
err(EX_OSERR, "write_file: %s", filename);
if (len < buflen)
err(EX_OSERR, "write_file: short write: %s", filename);
}
/*
* Write a single token to a file.
*/
static void
write_token(const char *directory, const char *filename, token_t *tok)
{
u_char buffer[MAX_AUDIT_RECORD_SIZE];
size_t buflen;
int fd;
buflen = MAX_AUDIT_RECORD_SIZE;
if (au_close_token(tok, buffer, &buflen) < 0)
err(EX_UNAVAILABLE, "au_close_token");
fd = open_file(directory, filename);
write_file(fd, buffer, buflen, filename);
close(fd);
}
/*
* Write a token to a file, wrapped in audit record header and trailer.
*/
static void
write_record(const char *directory, const char *filename, token_t *tok,
short event)
{
u_char buffer[MAX_AUDIT_RECORD_SIZE];
size_t buflen;
int au, fd;
au = au_open();
if (au < 0)
err(EX_UNAVAILABLE, "au_open");
if (au_write(au, tok) < 0)
err(EX_UNAVAILABLE, "au_write");
buflen = MAX_AUDIT_RECORD_SIZE;
if (au_close_buffer(au, event, buffer, &buflen) < 0)
err(EX_UNAVAILABLE, "au_close_buffer");
fd = open_file(directory, filename);
write_file(fd, buffer, buflen, filename);
close(fd);
}
static struct timeval file_token_timeval = { 0x12345, 0x67890} ;
static void
generate_file_token(const char *directory, const char *token_filename)
{
token_t *file_token;
file_token = au_to_file("test", file_token_timeval);
if (file_token == NULL)
err(EX_UNAVAILABLE, "au_to_file");
write_token(directory, token_filename, file_token);
}
/*
* AUT_OHEADER
*/
static int trailer_token_len = 0x12345678;
static void
generate_trailer_token(const char *directory, const char *token_filename)
{
token_t *trailer_token;
trailer_token = au_to_trailer(trailer_token_len);
if (trailer_token == NULL)
err(EX_UNAVAILABLE, "au_to_trailer");
write_token(directory, token_filename, trailer_token);
}
static int header32_token_len = 0x12345678;
static au_event_t header32_e_type = AUE_OPEN;
static au_emod_t header32_e_mod = 0x4567;
static struct timeval header32_tm = { 0x12345, 0x67890 };
static void
generate_header32_token(const char *directory, const char *token_filename)
{
token_t *header32_token;
header32_token = au_to_header32_tm(header32_token_len,
header32_e_type, header32_e_mod, header32_tm);
if (header32_token == NULL)
err(EX_UNAVAILABLE, "au_to_header32");
write_token(directory, token_filename, header32_token);
}
/*
* AUT_HEADER32_EX
*/
static char data_token_unit_print = AUP_STRING;
static char data_token_unit_type = AUR_CHAR;
static char *data_token_data = "SomeData";
static char data_token_unit_count = sizeof("SomeData") + 1;
static void
generate_data_token(const char *directory, const char *token_filename)
{
token_t *data_token;
data_token = au_to_data(data_token_unit_print, data_token_unit_type,
data_token_unit_count, data_token_data);
if (data_token == NULL)
err(EX_UNAVAILABLE, "au_to_data");
write_token(directory, token_filename, data_token);
}
static void
generate_data_record(const char *directory, const char *record_filename)
{
token_t *data_token;
data_token = au_to_data(data_token_unit_print, data_token_unit_type,
data_token_unit_count, data_token_data);
if (data_token == NULL)
err(EX_UNAVAILABLE, "au_to_data");
write_record(directory, record_filename, data_token, AUE_NULL);
}
static char ipc_type = AT_IPC_MSG;
static int ipc_id = 0x12345678;
static void
generate_ipc_token(const char *directory, const char *token_filename)
{
token_t *ipc_token;
ipc_token = au_to_ipc(ipc_type, ipc_id);
if (ipc_token == NULL)
err(EX_UNAVAILABLE, "au_to_ipc");
write_token(directory, token_filename, ipc_token);
}
static void
generate_ipc_record(const char *directory, const char *record_filename)
{
token_t *ipc_token;
ipc_token = au_to_ipc(ipc_type, ipc_id);
if (ipc_token == NULL)
err(EX_UNAVAILABLE, "au_to_ipc");
write_record(directory, record_filename, ipc_token, AUE_NULL);
}
static char *path_token_path = "/test/this/is/a/test";
static void
generate_path_token(const char *directory, const char *token_filename)
{
token_t *path_token;
path_token = au_to_path(path_token_path);
if (path_token == NULL)
err(EX_UNAVAILABLE, "au_to_path");
write_token(directory, token_filename, path_token);
}
static void
generate_path_record(const char *directory, const char *record_filename)
{
token_t *path_token;
path_token = au_to_path(path_token_path);
if (path_token == NULL)
err(EX_UNAVAILABLE, "au_to_path");
write_record(directory, record_filename, path_token, AUE_NULL);
}
static au_id_t subject32_auid = 0x12345678;
static uid_t subject32_euid = 0x01234567;
static gid_t subject32_egid = 0x23456789;
static uid_t subject32_ruid = 0x98765432;
static gid_t subject32_rgid = 0x09876543;
static pid_t subject32_pid = 0x13243546;
static au_asid_t subject32_sid = 0x97867564;
static au_tid_t subject32_tid = { 0x16593746 };
static void
generate_subject32_token(const char *directory, const char *token_filename)
{
token_t *subject32_token;
subject32_tid.machine = inet_addr("127.0.0.1");
subject32_token = au_to_subject32(subject32_auid, subject32_euid,
subject32_egid, subject32_ruid, subject32_rgid, subject32_pid,
subject32_sid, &subject32_tid);
if (subject32_token == NULL)
err(EX_UNAVAILABLE, "au_to_subject32");
write_token(directory, token_filename, subject32_token);
}
static void
generate_subject32_record(const char *directory, const char *record_filename)
{
token_t *subject32_token;
subject32_tid.machine = inet_addr("127.0.0.1");
subject32_token = au_to_subject32(subject32_auid, subject32_euid,
subject32_egid, subject32_ruid, subject32_rgid, subject32_pid,
subject32_sid, &subject32_tid);
if (subject32_token == NULL)
err(EX_UNAVAILABLE, "au_to_subject32");
write_record(directory, record_filename, subject32_token, AUE_NULL);
}
static au_id_t process32_auid = 0x12345678;
static uid_t process32_euid = 0x01234567;
static gid_t process32_egid = 0x23456789;
static uid_t process32_ruid = 0x98765432;
static gid_t process32_rgid = 0x09876543;
static pid_t process32_pid = 0x13243546;
static au_asid_t process32_sid = 0x97867564;
static au_tid_t process32_tid = { 0x16593746 };
static void
generate_process32_token(const char *directory, const char *token_filename)
{
token_t *process32_token;
process32_tid.machine = inet_addr("127.0.0.1");
process32_token = au_to_process32(process32_auid, process32_euid,
process32_egid, process32_ruid, process32_rgid, process32_pid,
process32_sid, &process32_tid);
if (process32_token == NULL)
err(EX_UNAVAILABLE, "au_to_process32");
write_token(directory, token_filename, process32_token);
}
static void
generate_process32_record(const char *directory, const char *record_filename)
{
token_t *process32_token;
process32_tid.machine = inet_addr("127.0.0.1");
process32_token = au_to_process32(process32_auid, process32_euid,
process32_egid, process32_ruid, process32_rgid, process32_pid,
process32_sid, &process32_tid);
if (process32_token == NULL)
err(EX_UNAVAILABLE, "au_ti_process32");
write_record(directory, record_filename, process32_token, AUE_NULL);
}
static char return32_status = 0xd7;
static uint32_t return32_ret = 0x12345678;
static void
generate_return32_token(const char *directory, const char *token_filename)
{
token_t *return32_token;
return32_token = au_to_return32(return32_status, return32_ret);
if (return32_token == NULL)
err(EX_UNAVAILABLE, "au_to_return32");
write_token(directory, token_filename, return32_token);
}
static void
generate_return32_record(const char *directory, const char *record_filename)
{
token_t *return32_token;
return32_token = au_to_return32(return32_status, return32_ret);
if (return32_token == NULL)
err(EX_UNAVAILABLE, "au_to_return32");
write_record(directory, record_filename, return32_token, AUE_NULL);
}
static char *text_token_text = "This is a test.";
static void
generate_text_token(const char *directory, const char *token_filename)
{
token_t *text_token;
text_token = au_to_text(text_token_text);
if (text_token == NULL)
err(EX_UNAVAILABLE, "au_to_text");
write_token(directory, token_filename, text_token);
}
static void
generate_text_record(const char *directory, const char *record_filename)
{
token_t *text_token;
text_token = au_to_text(text_token_text);
if (text_token == NULL)
err(EX_UNAVAILABLE, "au_to_text");
write_record(directory, record_filename, text_token, AUE_NULL);
}
static char opaque_token_data[] = {0xaa, 0xbb, 0xcc, 0xdd};
static int opaque_token_bytes = sizeof(opaque_token_data);
static void
generate_opaque_token(const char *directory, const char *token_filename)
{
token_t *opaque_token;
opaque_token = au_to_opaque(opaque_token_data, opaque_token_bytes);
if (opaque_token == NULL)
err(EX_UNAVAILABLE, "au_to_opaque");
write_token(directory, token_filename, opaque_token);
}
static void
generate_opaque_record(const char *directory, const char *record_filename)
{
token_t *opaque_token;
opaque_token = au_to_opaque(opaque_token_data, opaque_token_bytes);
if (opaque_token == NULL)
err(EX_UNAVAILABLE, "au_to_opaque");
write_record(directory, record_filename, opaque_token, AUE_NULL);
}
static struct in_addr in_addr_token_addr;
static void
generate_in_addr_token(const char *directory, const char *token_filename)
{
token_t *in_addr_token;
in_addr_token_addr.s_addr = inet_addr("192.168.100.15");
in_addr_token = au_to_in_addr(&in_addr_token_addr);
if (in_addr_token == NULL)
err(EX_UNAVAILABLE, "au_to_in_addr");
write_token(directory, token_filename, in_addr_token);
}
static void
generate_in_addr_record(const char *directory, const char *record_filename)
{
token_t *in_addr_token;
in_addr_token_addr.s_addr = inet_addr("192.168.100.15");
in_addr_token = au_to_in_addr(&in_addr_token_addr);
if (in_addr_token == NULL)
err(EX_UNAVAILABLE, "au_to_in_addr");
write_record(directory, record_filename, in_addr_token, AUE_NULL);
}
static struct ip ip_token_ip;
static u_char ip_token_ip_v = 4;
static uint16_t ip_token_ip_id = 0x5478;
static u_char ip_token_ip_ttl = 64;
static u_char ip_token_ip_p = IPPROTO_ICMP;
static struct in_addr ip_token_ip_src;
static struct in_addr ip_token_ip_dst;
static void
generate_ip_token(const char *directory, const char *token_filename)
{
token_t *ip_token;
ip_token_ip_src.s_addr = inet_addr("192.168.100.155");
ip_token_ip_dst.s_addr = inet_addr("192.168.110.48");
memset(&ip_token_ip, 0, sizeof(ip_token_ip));
ip_token_ip.ip_v = ip_token_ip_v;
ip_token_ip.ip_len = htons(sizeof(ip_token_ip));
ip_token_ip.ip_id = htons(ip_token_ip_id);
ip_token_ip.ip_ttl = ip_token_ip_ttl;
ip_token_ip.ip_p = ip_token_ip_p;
ip_token_ip.ip_src = ip_token_ip_src;
ip_token_ip.ip_dst = ip_token_ip_dst;
ip_token = au_to_ip(&ip_token_ip);
if (ip_token == NULL)
err(EX_UNAVAILABLE, "au_to_ip");
write_token(directory, token_filename, ip_token);
}
static void
generate_ip_record(const char *directory, const char *record_filename)
{
token_t *ip_token;
ip_token_ip_src.s_addr = inet_addr("192.168.100.155");
ip_token_ip_dst.s_addr = inet_addr("192.168.110.48");
memset(&ip_token_ip, 0, sizeof(ip_token_ip));
ip_token_ip.ip_v = ip_token_ip_v;
ip_token_ip.ip_len = htons(sizeof(ip_token_ip));
ip_token_ip.ip_id = htons(ip_token_ip_id);
ip_token_ip.ip_ttl = ip_token_ip_ttl;
ip_token_ip.ip_p = ip_token_ip_p;
ip_token_ip.ip_src = ip_token_ip_src;
ip_token_ip.ip_dst = ip_token_ip_dst;
ip_token = au_to_ip(&ip_token_ip);
if (ip_token == NULL)
err(EX_UNAVAILABLE, "au_to_ip");
write_record(directory, record_filename, ip_token, AUE_NULL);
}
static u_int16_t iport_token_iport;
static void
generate_iport_token(const char *directory, const char *token_filename)
{
token_t *iport_token;
iport_token_iport = htons(80);
iport_token = au_to_iport(iport_token_iport);
if (iport_token == NULL)
err(EX_UNAVAILABLE, "au_to_iport");
write_token(directory, token_filename, iport_token);
}
static void
generate_iport_record(const char *directory, const char *record_filename)
{
token_t *iport_token;
iport_token_iport = htons(80);
iport_token = au_to_iport(iport_token_iport);
if (iport_token == NULL)
err(EX_UNAVAILABLE, "au_to_iport");
write_record(directory, record_filename, iport_token, AUE_NULL);
}
static char arg32_token_n = 3;
static char *arg32_token_text = "test_arg32_token";
static uint32_t arg32_token_v = 0xabcdef00;
static void
generate_arg32_token(const char *directory, const char *token_filename)
{
token_t *arg32_token;
arg32_token = au_to_arg32(arg32_token_n, arg32_token_text,
arg32_token_v);
if (arg32_token == NULL)
err(EX_UNAVAILABLE, "au_to_arg32");
write_token(directory, token_filename, arg32_token);
}
static void
generate_arg32_record(const char *directory, const char *record_filename)
{
token_t *arg32_token;
arg32_token = au_to_arg32(arg32_token_n, arg32_token_text,
arg32_token_v);
if (arg32_token == NULL)
err(EX_UNAVAILABLE, "au_to_arg32");
write_record(directory, record_filename, arg32_token, AUE_NULL);
}
static long seq_audit_count = 0x12345678;
static void
generate_seq_token(const char *directory, const char *token_filename)
{
token_t *seq_token;
seq_token = au_to_seq(seq_audit_count);
if (seq_token == NULL)
err(EX_UNAVAILABLE, "au_to_seq");
write_token(directory, token_filename, seq_token);
}
static void
generate_seq_record(const char *directory, const char *record_filename)
{
token_t *seq_token;
seq_token = au_to_seq(seq_audit_count);
if (seq_token == NULL)
err(EX_UNAVAILABLE, "au_to_seq");
write_record(directory, record_filename, seq_token, AUE_NULL);
}
/*
* AUT_ACL
*/
static void
generate_attr_token(const char *directory, const char *token_filename)
{
token_t *attr_token;
}
static void
generate_attr_record(const char *directory, const char *record_filename)
{
token_t *attr_token;
}
static void
generate_ipc_perm_token(const char *directory, const char *token_filename)
{
token_t *ipc_perm_token;
}
static void
generate_ipc_perm_record(const char *directory, const char *record_filename)
{
token_t *ipc_perm_token;
}
/*
* AUT_LABEL
*/
static void
generate_groups_token(const char *directory, const char *token_filename)
{
token_t *groups_token;
}
static void
generate_groups_record(const char *directory, const char *record_filename)
{
token_t *groups_token;
}
/*
* AUT_ILABEL
*/
/*
* AUT_SLABEL
*/
/*
* AUT_CLEAR
*/
/*
* AUT_PRIV
*/
/*
* AUT_UPRIV
*/
/*
* AUT_LIAISON
*/
/*
* AUT_NEWGROUPS
*/
/*
* AUT_EXEC_ARGS
*/
/*
* AUT_EXEC_ENV
*/
static void
generate_attr32_token(const char *directory, const char *token_filename)
{
token_t *attr32_token;
}
static void
generate_attr32_record(const char *directory, const char *record_filename)
{
token_t *attr32_token;
}
int
main(int argc, char *argv[])
{
const char *directory;
int ch;
while ((ch = getopt(argc, argv, "rt")) != -1) {
switch (ch) {
case 'r':
do_records++;
break;
case 't':
do_tokens++;
break;
default:
usage();
}
}
argc -= optind;
argv += optind;
if (argc != 1)
usage();
directory = argv[0];
if (mkdir(directory, 0755) < 0 && errno != EEXIST)
err(EX_OSERR, "mkdir: %s", directory);
if (do_tokens) {
generate_file_token(directory, "file_token");
generate_trailer_token(directory, "trailer_token");
generate_header32_token(directory, "header32_token");
generate_data_token(directory, "data_token");
generate_ipc_token(directory, "ipc_token");
generate_path_token(directory, "path_token");
generate_subject32_token(directory, "subject32_token");
generate_process32_token(directory, "process32_token");
generate_return32_token(directory, "return32_token");
generate_text_token(directory, "text_token");
generate_opaque_token(directory, "opaque_token");
generate_in_addr_token(directory, "in_addr_token");
generate_ip_token(directory, "ip_token");
generate_iport_token(directory, "iport_token");
generate_arg32_token(directory, "arg32_token");
generate_seq_token(directory, "seq_token");
generate_attr_token(directory, "attr_token");
generate_ipc_perm_token(directory, "ipc_perm_token");
generate_groups_token(directory, "groups_token");
generate_attr32_token(directory, "attr32_token");
}
if (do_records) {
generate_file_token(directory, "file_token");
generate_trailer_token(directory, "trailer_token");
generate_header32_token(directory, "header32_token");
generate_data_token(directory, "data_record");
generate_ipc_token(directory, "ipc_record");
generate_path_token(directory, "path_record");
generate_subject32_token(directory, "subject32_record");
generate_process32_token(directory, "process32_record");
generate_return32_token(directory, "return32_record");
generate_text_token(directory, "text_record");
generate_opaque_token(directory, "opaque_record");
generate_in_addr_token(directory, "in_addr_record");
generate_ip_token(directory, "ip_record");
generate_iport_token(directory, "iport_record");
generate_arg32_token(directory, "arg32_record");
generate_seq_token(directory, "seq_record");
generate_attr_token(directory, "attr_record");
generate_ipc_perm_token(directory, "ipc_perm_record");
generate_groups_token(directory, "groups_record");
generate_attr32_token(directory, "attr32_record");
}
return (0);
}