summaryrefslogtreecommitdiffstats
path: root/tools/audump.c
diff options
context:
space:
mode:
Diffstat (limited to 'tools/audump.c')
-rw-r--r--tools/audump.c244
1 files changed, 244 insertions, 0 deletions
diff --git a/tools/audump.c b/tools/audump.c
new file mode 100644
index 0000000..65dc87a
--- /dev/null
+++ b/tools/audump.c
@@ -0,0 +1,244 @@
+/*-
+ * Copyright (c) 2005-2006 Robert N. M. Watson
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * $P4: //depot/projects/trustedbsd/openbsm/tools/audump.c#7 $
+ */
+
+#include <bsm/libbsm.h>
+#include <string.h>
+#include <err.h>
+#include <limits.h>
+#include <stdio.h>
+#include <stdlib.h>
+
+/*
+ * Simple tool to dump various /etc/security databases using the defined APIs.
+ */
+
+static void
+usage(void)
+{
+
+ fprintf(stderr, "usage: audump [class|class_r|control|event|event_r|"
+ "user|user_r]\n");
+ exit(-1);
+}
+
+static void
+audump_class(void)
+{
+ au_class_ent_t *cp;
+
+ while ((cp = getauclassent()) != NULL)
+ printf("0x%08x:%s:%s\n", cp->ac_class, cp->ac_name,
+ cp->ac_desc);
+}
+
+static void
+audump_class_r(void)
+{
+ char class_ent_name[AU_CLASS_NAME_MAX];
+ char class_ent_desc[AU_CLASS_DESC_MAX];
+ au_class_ent_t c, *cp;
+
+ bzero(&c, sizeof(c));
+ bzero(class_ent_name, sizeof(class_ent_name));
+ bzero(class_ent_desc, sizeof(class_ent_desc));
+ c.ac_name = class_ent_name;
+ c.ac_desc = class_ent_desc;
+
+ while ((cp = getauclassent_r(&c)) != NULL)
+ printf("0x%08x:%s:%s\n", cp->ac_class, cp->ac_name,
+ cp->ac_desc);
+}
+
+static void
+audump_control(void)
+{
+ char string[PATH_MAX], string2[PATH_MAX];
+ int ret, val;
+ long policy;
+
+ ret = getacflg(string, PATH_MAX);
+ if (ret == -2)
+ err(-1, "getacflg");
+ if (ret != 0)
+ errx(-1, "getacflg: %d", ret);
+
+ printf("flags:%s\n", string);
+
+ ret = getacmin(&val);
+ if (ret == -2)
+ err(-1, "getacmin");
+ if (ret != 0)
+ errx(-1, "getacmin: %d", ret);
+
+ printf("min:%d\n", val);
+
+ ret = getacna(string, PATH_MAX);
+ if (ret == -2)
+ err(-1, "getacna");
+ if (ret != 0)
+ errx(-1, "getacna: %d", ret);
+
+ printf("naflags:%s\n", string);
+
+ setac();
+ do {
+ ret = getacdir(string, PATH_MAX);
+ if (ret == -1)
+ break;
+ if (ret == -2)
+ err(-1, "getacdir");
+ if (ret != 0)
+ errx(-1, "getacdir: %d", ret);
+ printf("dir:%s\n", string);
+
+ } while (ret == 0);
+
+ ret = getacpol(string, PATH_MAX);
+ if (ret != 0)
+ err(-1, "getacpol");
+ if (au_strtopol(string, &policy) < 0)
+ err(-1, "au_strtopol");
+ if (au_poltostr(policy, PATH_MAX, string2) < 0)
+ err(-1, "au_poltostr");
+ printf("policy:%s\n", string2);
+}
+
+static void
+printf_classmask(au_class_t classmask)
+{
+ au_class_ent_t *c;
+ u_int32_t i;
+ int first;
+
+ first = 1;
+ for (i = 0; i < 32; i++) {
+ if (classmask & (2 << i)) {
+ if (first)
+ first = 0;
+ else
+ printf(",");
+ c = getauclassnum(2 << i);
+ if (c != NULL)
+ printf("%s", c->ac_name);
+ else
+ printf("0x%x", 2 << i);
+ }
+ }
+}
+
+static void
+audump_event(void)
+{
+ au_event_ent_t *ep;
+
+ while ((ep = getauevent()) != NULL) {
+ printf("%d:%s:%s:", ep->ae_number, ep->ae_name, ep->ae_desc);
+ printf_classmask(ep->ae_class);
+ printf("\n");
+ }
+}
+
+static void
+audump_event_r(void)
+{
+ char event_ent_name[AU_EVENT_NAME_MAX];
+ char event_ent_desc[AU_EVENT_DESC_MAX];
+ au_event_ent_t e, *ep;
+
+ bzero(&e, sizeof(e));
+ bzero(event_ent_name, sizeof(event_ent_name));
+ bzero(event_ent_desc, sizeof(event_ent_desc));
+ e.ae_name = event_ent_name;
+ e.ae_desc = event_ent_desc;
+
+ while ((ep = getauevent_r(&e)) != NULL) {
+ printf("%d:%s:%s:", ep->ae_number, ep->ae_name, ep->ae_desc);
+ printf_classmask(ep->ae_class);
+ printf("\n");
+ }
+}
+
+static void
+audump_user(void)
+{
+ au_user_ent_t *up;
+
+ while ((up = getauuserent()) != NULL) {
+ printf("%s:", up->au_name);
+ // printf_classmask(up->au_always);
+ printf(":");
+ // printf_classmask(up->au_never);
+ printf("\n");
+ }
+}
+
+static void
+audump_user_r(void)
+{
+ char user_ent_name[AU_USER_NAME_MAX];
+ au_user_ent_t u, *up;
+
+ bzero(&u, sizeof(u));
+ bzero(user_ent_name, sizeof(user_ent_name));
+ u.au_name = user_ent_name;
+
+ while ((up = getauuserent_r(&u)) != NULL) {
+ printf("%s:", up->au_name);
+ // printf_classmask(up->au_always);
+ printf(":");
+ // printf_classmask(up->au_never);
+ printf("\n");
+ }
+}
+
+int
+main(int argc, char *argv[])
+{
+
+ if (argc != 2)
+ usage();
+
+ if (strcmp(argv[1], "class") == 0)
+ audump_class();
+ else if (strcmp(argv[1], "class_r") == 0)
+ audump_class_r();
+ else if (strcmp(argv[1], "control") == 0)
+ audump_control();
+ else if (strcmp(argv[1], "event") == 0)
+ audump_event();
+ else if (strcmp(argv[1], "event_r") == 0)
+ audump_event_r();
+ else if (strcmp(argv[1], "user") == 0)
+ audump_user();
+ else if (strcmp(argv[1], "user_r") == 0)
+ audump_user_r();
+ else
+ usage();
+
+ return (0);
+}
OpenPOWER on IntegriCloud