diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 14:54:37 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 14:54:37 +0000 |
commit | 97c26c1924b076ef23ebe4381558e8aa025712b2 (patch) | |
tree | 109724175f07436696f51b14b5abbd3f4d704d6d /libmisc/audit_help.c | |
parent | Initial commit. (diff) | |
download | shadow-97c26c1924b076ef23ebe4381558e8aa025712b2.tar.xz shadow-97c26c1924b076ef23ebe4381558e8aa025712b2.zip |
Adding upstream version 1:4.13+dfsg1.upstream/1%4.13+dfsg1upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'libmisc/audit_help.c')
-rw-r--r-- | libmisc/audit_help.c | 87 |
1 files changed, 87 insertions, 0 deletions
diff --git a/libmisc/audit_help.c b/libmisc/audit_help.c new file mode 100644 index 0000000..e6c2006 --- /dev/null +++ b/libmisc/audit_help.c @@ -0,0 +1,87 @@ +/* + * SPDX-FileCopyrightText: 2005 , Red Hat, Inc. + * SPDX-FileCopyrightText: 2005 , Tomasz Kłoczko + * SPDX-FileCopyrightText: 2008 , Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +/* + * Audit helper functions used throughout shadow + * + */ + +#include <config.h> + +#ifdef WITH_AUDIT + +#include <stdlib.h> +#include <syslog.h> +#include <stdarg.h> +#include <libaudit.h> +#include <errno.h> +#include <stdio.h> +#include "prototypes.h" +#include "shadowlog.h" +int audit_fd; + +void audit_help_open (void) +{ + audit_fd = audit_open (); + if (audit_fd < 0) { + /* You get these only when the kernel doesn't have + * audit compiled in. */ + if ( (errno == EINVAL) + || (errno == EPROTONOSUPPORT) + || (errno == EAFNOSUPPORT)) { + return; + } + (void) fputs (_("Cannot open audit interface - aborting.\n"), + log_get_logfd()); + exit (EXIT_FAILURE); + } +} + +/* + * This function will log a message to the audit system using a predefined + * message format. Parameter usage is as follows: + * + * type - type of message: AUDIT_USER_CHAUTHTOK for changing any account + * attributes. + * pgname - program's name + * op - operation. "adding user", "changing finger info", "deleting group" + * name - user's account or group name. If not available use NULL. + * id - uid or gid that the operation is being performed on. This is used + * only when user is NULL. + */ +void audit_logger (int type, unused const char *pgname, const char *op, + const char *name, unsigned int id, + shadow_audit_result result) +{ + if (audit_fd < 0) { + return; + } else { + audit_log_acct_message (audit_fd, type, NULL, op, name, id, + NULL, NULL, NULL, (int) result); + } +} + +void audit_logger_message (const char *message, shadow_audit_result result) +{ + if (audit_fd < 0) { + return; + } else { + audit_log_user_message (audit_fd, + AUDIT_USYS_CONFIG, + message, + NULL, /* hostname */ + NULL, /* addr */ + NULL, /* tty */ + (int) result); + } +} + +#else /* WITH_AUDIT */ +extern int errno; /* warning: ANSI C forbids an empty source file */ +#endif /* WITH_AUDIT */ + |