summaryrefslogtreecommitdiffstats
path: root/usr.bin
diff options
context:
space:
mode:
Diffstat (limited to 'usr.bin')
-rw-r--r--usr.bin/id/Makefile8
-rw-r--r--usr.bin/id/id.15
-rw-r--r--usr.bin/id/id.c47
3 files changed, 57 insertions, 3 deletions
diff --git a/usr.bin/id/Makefile b/usr.bin/id/Makefile
index 7154568..96c162f 100644
--- a/usr.bin/id/Makefile
+++ b/usr.bin/id/Makefile
@@ -1,10 +1,18 @@
# @(#)Makefile 8.1 (Berkeley) 6/6/93
# $FreeBSD$
+.include <bsd.own.mk>
+
PROG= id
WARNS?= 6
LINKS= ${BINDIR}/id ${BINDIR}/groups
LINKS+= ${BINDIR}/id ${BINDIR}/whoami
MAN= id.1 groups.1 whoami.1
+.if ${MK_AUDIT} != "no"
+CFLAGS+= -DUSE_BSM_AUDIT
+DPADD+= ${LIBBSM}
+LDADD+= -lbsm
+.endif
+
.include <bsd.prog.mk>
diff --git a/usr.bin/id/id.1 b/usr.bin/id/id.1
index 14b990d..47e2b29 100644
--- a/usr.bin/id/id.1
+++ b/usr.bin/id/id.1
@@ -53,6 +53,8 @@
.Fl P
.Op Ar user
.Nm
+.Fl a
+.Nm
.Fl g Op Fl nr
.Op Ar user
.Nm
@@ -84,6 +86,9 @@ as white-space separated numbers, in no particular order.
Display the MAC label of the current process.
.It Fl P
Display the id as a password file entry.
+.It Fl a
+Display the process audit user ID and other process audit properties, which
+requires privilege.
.It Fl g
Display the effective group ID as a number.
.It Fl n
diff --git a/usr.bin/id/id.c b/usr.bin/id/id.c
index a5662cf..1e43252 100644
--- a/usr.bin/id/id.c
+++ b/usr.bin/id/id.c
@@ -48,6 +48,10 @@ __FBSDID("$FreeBSD$");
#include <sys/param.h>
#include <sys/mac.h>
+#ifdef USE_BSM_AUDIT
+#include <bsm/audit.h>
+#endif
+
#include <err.h>
#include <errno.h>
#include <grp.h>
@@ -60,6 +64,7 @@ __FBSDID("$FreeBSD$");
void id_print(struct passwd *, int, int, int);
void pline(struct passwd *);
void pretty(struct passwd *);
+void auditid(void);
void group(struct passwd *, int);
void maclabel(void);
void usage(void);
@@ -73,9 +78,11 @@ main(int argc, char *argv[])
struct group *gr;
struct passwd *pw;
int Gflag, Mflag, Pflag, ch, gflag, id, nflag, pflag, rflag, uflag;
+ int aflag;
const char *myname;
Gflag = Mflag = Pflag = gflag = nflag = pflag = rflag = uflag = 0;
+ aflag = 0;
myname = strrchr(argv[0], '/');
myname = (myname != NULL) ? myname + 1 : argv[0];
@@ -89,7 +96,7 @@ main(int argc, char *argv[])
}
while ((ch = getopt(argc, argv,
- (isgroups || iswhoami) ? "" : "PGMgnpru")) != -1)
+ (isgroups || iswhoami) ? "" : "PGMagnpru")) != -1)
switch(ch) {
case 'G':
Gflag = 1;
@@ -100,6 +107,9 @@ main(int argc, char *argv[])
case 'P':
Pflag = 1;
break;
+ case 'a':
+ aflag = 1;
+ break;
case 'g':
gflag = 1;
break;
@@ -125,7 +135,7 @@ main(int argc, char *argv[])
if (iswhoami && argc > 0)
usage();
- switch(Gflag + Pflag + gflag + pflag + uflag) {
+ switch(Gflag + Mflag + Pflag + aflag + gflag + pflag + uflag) {
case 1:
break;
case 0:
@@ -141,6 +151,16 @@ main(int argc, char *argv[])
if (Mflag && pw != NULL)
usage();
+#ifdef USE_BSM_AUDIT
+ if (aflag) {
+ auditid();
+ exit(0);
+ }
+#else
+ if (aflag)
+ usage();
+#endif
+
if (gflag) {
id = pw ? pw->pw_gid : rflag ? getgid() : getegid();
if (nflag && (gr = getgrgid(id)))
@@ -278,6 +298,22 @@ id_print(struct passwd *pw, int use_ggl, int p_euid, int p_egid)
printf("\n");
}
+#ifdef USE_BSM_AUDIT
+void
+auditid(void)
+{
+ auditinfo_t auditinfo;
+
+ if (getaudit(&auditinfo) < 0)
+ err(-1, "getauditinfo");
+ printf("auid=%d\n", auditinfo.ai_auid);
+ printf("mask.success=0x%08x\n", auditinfo.ai_mask.am_success);
+ printf("mask.failure=0x%08x\n", auditinfo.ai_mask.am_failure);
+ printf("termid.port=0x%08x\n", auditinfo.ai_termid.port);
+ printf("asid=%d\n", auditinfo.ai_asid);
+}
+#endif
+
void
group(struct passwd *pw, int nflag)
{
@@ -382,11 +418,16 @@ usage(void)
else if (iswhoami)
(void)fprintf(stderr, "usage: whoami\n");
else
- (void)fprintf(stderr, "%s\n%s\n%s\n%s\n%s\n%s\n%s\n",
+ (void)fprintf(stderr, "%s\n%s\n%s\n%s%s\n%s\n%s\n%s\n",
"usage: id [user]",
" id -G [-n] [user]",
" id -M",
" id -P [user]",
+#ifdef USE_BSM_AUDIT
+ " id -a\n",
+#else
+ "",
+#endif
" id -g [-nr] [user]",
" id -p [user]",
" id -u [-nr] [user]");
OpenPOWER on IntegriCloud