diff options
author | rwatson <rwatson@FreeBSD.org> | 2006-08-26 08:04:15 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2006-08-26 08:04:15 +0000 |
commit | 3dabba580bd939eae90efba54984d0c4de64eb3e (patch) | |
tree | 9d401b2c636de718f11aeab3de77ee3078b8e5b6 /contrib/openbsm/bsm/libbsm.h | |
parent | 02d6c5b525eb33f2cb80e79944dc5182be119e2c (diff) | |
download | FreeBSD-src-3dabba580bd939eae90efba54984d0c4de64eb3e.zip FreeBSD-src-3dabba580bd939eae90efba54984d0c4de64eb3e.tar.gz |
Vendor import of OpenBSM 1.0 alpha 9, with the following change history
notes since the last import:
OpenBSM 1.0 alpha 9
- Rename many OpenBSM-specific constants and API elements containing the
strings "BSM" and "bsm" to "AUDIT" and "audit", observing that this is true
for almost all existing constants and APIs.
- Instead of passing a per-instance cookie directly into all audit filter
APIs, pass in the audit filter daemon state pointer, which is then used by
the module using an audit_filter_{get,set}cookie() API. This will allow
future service APIs provided by the filter daemon to maintain their own
state -- for example, per-module preselection state.
OpenBSM 1.0 alpha 8
- Correct typo in definition of AUR_INT.
- Adopt OpenSolaris constant values for AUDIT_* configuration flags.
- Arguments to au_to_exec_args() and au_to_exec_env() no longer const.
- Add kernel versions of au_to_exec_args() and au_to_exec_env().
- Fix exec argument type that is printed for env strings from 'arg' to 'env'.
- New OpenBSM token version number assigned, constants added for other
commonly seen version numbers.
- OpenBSM-specific events assigned numbers in the 43xxx range to avoid future
collisions with Solaris. Darwin events renamed to AUE_DARWIN_foo, as they
are now deprecated numberings.
- autoconf now detects clock_gettime(), which is not available on Darwin.
- praudit output fixes relating to arg32 and arg64 tokens.
- Maximum record size updated to 64k-1 to match Solaris record size limit.
- Various style and comment cleanups in include files.
This is an MFC candidate to RELENG_6.
Obtained from: TrustedBSD Project
Diffstat (limited to 'contrib/openbsm/bsm/libbsm.h')
-rw-r--r-- | contrib/openbsm/bsm/libbsm.h | 35 |
1 files changed, 14 insertions, 21 deletions
diff --git a/contrib/openbsm/bsm/libbsm.h b/contrib/openbsm/bsm/libbsm.h index 2efdace..5fea48c 100644 --- a/contrib/openbsm/bsm/libbsm.h +++ b/contrib/openbsm/bsm/libbsm.h @@ -26,7 +26,7 @@ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/bsm/libbsm.h#21 $ + * $P4: //depot/projects/trustedbsd/openbsm/bsm/libbsm.h#27 $ */ #ifndef _LIBBSM_H_ @@ -37,8 +37,8 @@ * solely to allow OpenSSH to compile; Darwin/Apple code should not use them. */ -#define MAX_ARGS 10 -#define MAX_ENV 10 +#define AUDIT_MAX_ARGS 10 +#define AUDIT_MAX_ENV 10 #include <sys/types.h> #include <sys/cdefs.h> @@ -82,11 +82,10 @@ #define BSM_TEXTBUFSZ MAX_AUDITSTRING_LEN /* OpenSSH compatibility */ /* - * These are referenced in Solaris 9 au_open(3BSM); values are guesses. - * Provided for OpenSSH compatibility. + * Arguments to au_close(3). */ -#define AU_TO_NO_WRITE 0 -#define AU_TO_WRITE 1 +#define AU_TO_NO_WRITE 0 /* Abandon audit record. */ +#define AU_TO_WRITE 1 /* Commit audit record. */ __BEGIN_DECLS struct au_event_ent { @@ -138,15 +137,6 @@ __END_DECLS __BEGIN_DECLS -/* - * Internal representation of audit user in libnsl. - */ -typedef struct au_user_str_s { - char *au_name; - char *au_always; - char *au_never; -} au_user_str_t; - typedef struct au_tid32 { u_int32_t port; u_int32_t addr; @@ -228,7 +218,7 @@ typedef struct { */ typedef struct { u_int32_t count; - char *text[MAX_ARGS]; + char *text[AUDIT_MAX_ARGS]; } au_execarg_t; /* @@ -237,7 +227,7 @@ typedef struct { */ typedef struct { u_int32_t count; - char *text[MAX_ENV]; + char *text[AUDIT_MAX_ENV]; } au_execenv_t; /* @@ -269,7 +259,7 @@ typedef struct { */ typedef struct { u_int16_t no; - u_int32_t list[BSM_MAX_GROUPS]; + u_int32_t list[AUDIT_MAX_GROUPS]; } au_groups_t; /* @@ -729,8 +719,6 @@ int au_preselect(au_event_t event, au_mask_t *mask_p, /* * Functions relating to querying audit event information. - * - * XXXRW: getauevnonam() has no _r version? */ void setauevent(void); void endauevent(void); @@ -770,6 +758,11 @@ void au_print_tok(FILE *outfp, tokenstr_t *tok, char *del, char raw, char sfrm); __END_DECLS +/* + * The remaining APIs are associated with Apple's BSM implementation, in + * particular as relates to Mach IPC auditing and triggers passed via Mach + * IPC. + */ #ifdef __APPLE__ #include <sys/appleapiopts.h> |