summaryrefslogtreecommitdiffstats
path: root/plugins/sudoers/solaris_audit.c
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/sudoers/solaris_audit.c')
-rw-r--r--plugins/sudoers/solaris_audit.c134
1 files changed, 134 insertions, 0 deletions
diff --git a/plugins/sudoers/solaris_audit.c b/plugins/sudoers/solaris_audit.c
new file mode 100644
index 0000000..650595a
--- /dev/null
+++ b/plugins/sudoers/solaris_audit.c
@@ -0,0 +1,134 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates.
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This is an open source non-commercial project. Dear PVS-Studio, please check it.
+ * PVS-Studio Static Code Analyzer for C, C++ and C#: http://www.viva64.com
+ */
+
+#include <config.h>
+
+#ifdef HAVE_SOLARIS_AUDIT
+
+#include <sys/types.h>
+#include <stdarg.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include <bsm/adt.h>
+#include <bsm/adt_event.h>
+
+#include "sudoers.h"
+#include "solaris_audit.h"
+
+static adt_session_data_t *ah; /* audit session handle */
+static adt_event_data_t *event; /* event to be generated */
+static char cwd[PATH_MAX];
+static char cmdpath[PATH_MAX];
+
+static int
+adt_sudo_common(int argc, char *argv[])
+{
+ if (adt_start_session(&ah, NULL, ADT_USE_PROC_DATA) != 0) {
+ log_warning(SLOG_NO_STDERR, "adt_start_session");
+ return -1;
+ }
+ if ((event = adt_alloc_event(ah, ADT_sudo)) == NULL) {
+ log_warning(SLOG_NO_STDERR, "alloc_event");
+ (void) adt_end_session(ah);
+ return -1;
+ }
+ if ((event->adt_sudo.cwdpath = getcwd(cwd, sizeof(cwd))) == NULL) {
+ log_warning(SLOG_NO_STDERR, _("unable to get current working directory"));
+ }
+
+ /* get the real executable name */
+ if (user_cmnd != NULL) {
+ if (strlcpy(cmdpath, (const char *)user_cmnd,
+ sizeof(cmdpath)) >= sizeof(cmdpath)) {
+ log_warningx(SLOG_NO_STDERR,
+ _("truncated audit path user_cmnd: %s"),
+ user_cmnd);
+ }
+ } else {
+ if (strlcpy(cmdpath, (const char *)argv[0],
+ sizeof(cmdpath)) >= sizeof(cmdpath)) {
+ log_warningx(SLOG_NO_STDERR,
+ _("truncated audit path argv[0]: %s"),
+ argv[0]);
+ }
+ }
+
+ event->adt_sudo.cmdpath = cmdpath;
+ event->adt_sudo.argc = argc - 1;
+ event->adt_sudo.argv = &argv[1];
+ event->adt_sudo.envp = env_get();
+
+ return 0;
+}
+
+
+/*
+ * Returns 0 on success or -1 on error.
+ */
+int
+solaris_audit_success(int argc, char *argv[])
+{
+ int rc = -1;
+
+ if (adt_sudo_common(argc, argv) != 0) {
+ return -1;
+ }
+ if (adt_put_event(event, ADT_SUCCESS, ADT_SUCCESS) != 0) {
+ log_warning(SLOG_NO_STDERR, "adt_put_event(ADT_SUCCESS)");
+ } else {
+ rc = 0;
+ }
+ adt_free_event(event);
+ (void) adt_end_session(ah);
+
+ return rc;
+}
+
+/*
+ * Returns 0 on success or -1 on error.
+ */
+int
+solaris_audit_failure(int argc, char *argv[], char const *const fmt, va_list ap)
+{
+ int rc = -1;
+
+ if (adt_sudo_common(argc, argv) != 0) {
+ return -1;
+ }
+ if (vasprintf(&event->adt_sudo.errmsg, fmt, ap) == -1) {
+ log_warning(SLOG_NO_STDERR,
+ _("audit_failure message too long"));
+ }
+ if (adt_put_event(event, ADT_FAILURE, ADT_FAIL_VALUE_PROGRAM) != 0) {
+ log_warning(SLOG_NO_STDERR, "adt_put_event(ADT_FAILURE)");
+ } else {
+ rc = 0;
+ }
+ free(event->adt_sudo.errmsg);
+ adt_free_event(event);
+ (void) adt_end_session(ah);
+
+ return 0;
+}
+
+#endif /* HAVE_SOLARIS_AUDIT */