17c478bd9Sstevel@tonic-gate /* 27c478bd9Sstevel@tonic-gate * CDDL HEADER START 37c478bd9Sstevel@tonic-gate * 47c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the 545916cd2Sjpk * Common Development and Distribution License (the "License"). 645916cd2Sjpk * You may not use this file except in compliance with the License. 77c478bd9Sstevel@tonic-gate * 87c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 97c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 107c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions 117c478bd9Sstevel@tonic-gate * and limitations under the License. 127c478bd9Sstevel@tonic-gate * 137c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 147c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 157c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 167c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 177c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 187c478bd9Sstevel@tonic-gate * 197c478bd9Sstevel@tonic-gate * CDDL HEADER END 207c478bd9Sstevel@tonic-gate */ 217c478bd9Sstevel@tonic-gate /* 228780f632SPaul M Roberts * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 237c478bd9Sstevel@tonic-gate * Use is subject to license terms. 247c478bd9Sstevel@tonic-gate */ 257c478bd9Sstevel@tonic-gate 267c478bd9Sstevel@tonic-gate /* 277c478bd9Sstevel@tonic-gate * auditconfig - set and display audit parameters 287c478bd9Sstevel@tonic-gate */ 297c478bd9Sstevel@tonic-gate 307c478bd9Sstevel@tonic-gate #include <locale.h> 317c478bd9Sstevel@tonic-gate #include <sys/types.h> 327c478bd9Sstevel@tonic-gate #include <ctype.h> 337c478bd9Sstevel@tonic-gate #include <stdlib.h> 347c478bd9Sstevel@tonic-gate #include <stdarg.h> 357c478bd9Sstevel@tonic-gate #include <unistd.h> 367c478bd9Sstevel@tonic-gate #include <errno.h> 377c478bd9Sstevel@tonic-gate #include <sys/param.h> 387c478bd9Sstevel@tonic-gate #include <stdio.h> 397c478bd9Sstevel@tonic-gate #include <string.h> 407c478bd9Sstevel@tonic-gate #include <strings.h> 417c478bd9Sstevel@tonic-gate #include <nlist.h> 427c478bd9Sstevel@tonic-gate #include <fcntl.h> 437c478bd9Sstevel@tonic-gate #include <sys/socket.h> 447c478bd9Sstevel@tonic-gate #include <netdb.h> 457c478bd9Sstevel@tonic-gate #include <netinet/in.h> 467c478bd9Sstevel@tonic-gate #include <arpa/inet.h> 477c478bd9Sstevel@tonic-gate #include <sys/mkdev.h> 487c478bd9Sstevel@tonic-gate #include <sys/param.h> 497c478bd9Sstevel@tonic-gate #include <pwd.h> 507c478bd9Sstevel@tonic-gate #include <libintl.h> 517c478bd9Sstevel@tonic-gate #include <zone.h> 52*8523fda3SJan Friedel #include <libscf_priv.h> 539e3700dfSgww #include <tsol/label.h> 547c478bd9Sstevel@tonic-gate #include <bsm/libbsm.h> 55*8523fda3SJan Friedel #include "auditconfig_impl.h" 56*8523fda3SJan Friedel #include "audit_scf.h" 577c478bd9Sstevel@tonic-gate 589e3700dfSgww enum commands { 599e3700dfSgww AC_ARG_ACONF, 60*8523fda3SJan Friedel AC_ARG_AUDIT, 619e3700dfSgww AC_ARG_CHKACONF, 62*8523fda3SJan Friedel AC_ARG_CHKCONF, 639e3700dfSgww AC_ARG_CONF, 649e3700dfSgww AC_ARG_GETASID, 659e3700dfSgww AC_ARG_GETAUDIT, 669e3700dfSgww AC_ARG_GETAUID, 679e3700dfSgww AC_ARG_GETCAR, 689e3700dfSgww AC_ARG_GETCLASS, 699e3700dfSgww AC_ARG_GETCOND, 709e3700dfSgww AC_ARG_GETCWD, 719e3700dfSgww AC_ARG_GETESTATE, 729e3700dfSgww AC_ARG_GETKAUDIT, 739e3700dfSgww AC_ARG_GETKMASK, 749e3700dfSgww AC_ARG_GETPINFO, 759e3700dfSgww AC_ARG_GETPOLICY, 769e3700dfSgww AC_ARG_GETQBUFSZ, 779e3700dfSgww AC_ARG_GETQCTRL, 789e3700dfSgww AC_ARG_GETQDELAY, 799e3700dfSgww AC_ARG_GETQHIWATER, 809e3700dfSgww AC_ARG_GETQLOWATER, 819e3700dfSgww AC_ARG_GETSTAT, 829e3700dfSgww AC_ARG_GETTERMID, 839e3700dfSgww AC_ARG_LSEVENT, 849e3700dfSgww AC_ARG_LSPOLICY, 859e3700dfSgww AC_ARG_SETASID, 869e3700dfSgww AC_ARG_SETAUDIT, 879e3700dfSgww AC_ARG_SETAUID, 889e3700dfSgww AC_ARG_SETCLASS, 899e3700dfSgww AC_ARG_SETKAUDIT, 909e3700dfSgww AC_ARG_SETKMASK, 919e3700dfSgww AC_ARG_SETPMASK, 929e3700dfSgww AC_ARG_SETPOLICY, 939e3700dfSgww AC_ARG_SETQBUFSZ, 949e3700dfSgww AC_ARG_SETQCTRL, 959e3700dfSgww AC_ARG_SETQDELAY, 969e3700dfSgww AC_ARG_SETQHIWATER, 979e3700dfSgww AC_ARG_SETQLOWATER, 98*8523fda3SJan Friedel AC_ARG_SETSMASK, 99*8523fda3SJan Friedel AC_ARG_SETSTAT, 100*8523fda3SJan Friedel AC_ARG_SETUMASK, 101*8523fda3SJan Friedel AC_ARG_SET_TEMPORARY 1029e3700dfSgww }; 1037c478bd9Sstevel@tonic-gate 1047c478bd9Sstevel@tonic-gate #define AC_KERN_EVENT 0 1057c478bd9Sstevel@tonic-gate #define AC_USER_EVENT 1 1067c478bd9Sstevel@tonic-gate 1077c478bd9Sstevel@tonic-gate #define NONE(s) (!strlen(s) ? gettext("none") : s) 1087c478bd9Sstevel@tonic-gate 1097c478bd9Sstevel@tonic-gate #define ONEK 1024 1107c478bd9Sstevel@tonic-gate 1117c478bd9Sstevel@tonic-gate /* 1127c478bd9Sstevel@tonic-gate * remove this after the audit.h is fixed 1137c478bd9Sstevel@tonic-gate */ 1147c478bd9Sstevel@tonic-gate struct arg_entry { 1159e3700dfSgww char *arg_str; 1169e3700dfSgww char *arg_opts; 1179e3700dfSgww enum commands auditconfig_cmd; 118*8523fda3SJan Friedel boolean_t temporary_allowed; /* -t allowed for the option */ 1197c478bd9Sstevel@tonic-gate }; 120*8523fda3SJan Friedel typedef struct arg_entry arg_entry_t; 121*8523fda3SJan Friedel 122*8523fda3SJan Friedel /* arg_table - command option and usage message table */ 123*8523fda3SJan Friedel static arg_entry_t arg_table[] = { 124*8523fda3SJan Friedel { "-aconf", "", AC_ARG_ACONF, B_FALSE}, 125*8523fda3SJan Friedel { "-audit", " event sorf retval string", AC_ARG_AUDIT, B_FALSE}, 126*8523fda3SJan Friedel { "-chkaconf", "", AC_ARG_CHKACONF, B_FALSE}, 127*8523fda3SJan Friedel { "-chkconf", "", AC_ARG_CHKCONF, B_FALSE}, 128*8523fda3SJan Friedel { "-conf", "", AC_ARG_CONF, B_FALSE}, 129*8523fda3SJan Friedel { "-getasid", "", AC_ARG_GETASID, B_FALSE}, 130*8523fda3SJan Friedel { "-getaudit", "", AC_ARG_GETAUDIT, B_FALSE}, 131*8523fda3SJan Friedel { "-getauid", "", AC_ARG_GETAUID, B_FALSE}, 132*8523fda3SJan Friedel { "-getcar", "", AC_ARG_GETCAR, B_FALSE}, 133*8523fda3SJan Friedel { "-getclass", " event", AC_ARG_GETCLASS, B_FALSE}, 134*8523fda3SJan Friedel { "-getcond", "", AC_ARG_GETCOND, B_FALSE}, 135*8523fda3SJan Friedel { "-getcwd", "", AC_ARG_GETCWD, B_FALSE}, 136*8523fda3SJan Friedel { "-getestate", " event", AC_ARG_GETESTATE, B_FALSE}, 137*8523fda3SJan Friedel { "-getkaudit", "", AC_ARG_GETKAUDIT, B_FALSE}, 138*8523fda3SJan Friedel { "-getkmask", "", AC_ARG_GETKMASK, B_FALSE}, 139*8523fda3SJan Friedel { "-getpinfo", " pid", AC_ARG_GETPINFO, B_FALSE}, 140*8523fda3SJan Friedel { "-getpolicy", "", AC_ARG_GETPOLICY, B_TRUE}, 141*8523fda3SJan Friedel { "-getqbufsz", "", AC_ARG_GETQBUFSZ, B_TRUE}, 142*8523fda3SJan Friedel { "-getqctrl", "", AC_ARG_GETQCTRL, B_TRUE}, 143*8523fda3SJan Friedel { "-getqdelay", "", AC_ARG_GETQDELAY, B_TRUE}, 144*8523fda3SJan Friedel { "-getqhiwater", "", AC_ARG_GETQHIWATER, B_TRUE}, 145*8523fda3SJan Friedel { "-getqlowater", "", AC_ARG_GETQLOWATER, B_TRUE}, 146*8523fda3SJan Friedel { "-getstat", "", AC_ARG_GETSTAT, B_FALSE}, 147*8523fda3SJan Friedel { "-gettid", "", AC_ARG_GETTERMID, B_FALSE}, 148*8523fda3SJan Friedel { "-lsevent", "", AC_ARG_LSEVENT, B_FALSE}, 149*8523fda3SJan Friedel { "-lspolicy", "", AC_ARG_LSPOLICY, B_FALSE}, 150*8523fda3SJan Friedel { "-setasid", " asid [cmd]", AC_ARG_SETASID, B_FALSE}, 151*8523fda3SJan Friedel { "-setaudit", " auid audit_flags termid asid [cmd]", 152*8523fda3SJan Friedel AC_ARG_SETAUDIT, B_FALSE}, 153*8523fda3SJan Friedel { "-setauid", " auid [cmd]", AC_ARG_SETAUID, B_FALSE}, 154*8523fda3SJan Friedel { "-setclass", " event audit_flags", AC_ARG_SETCLASS, B_FALSE}, 155*8523fda3SJan Friedel { "-setkaudit", " type IP_address", AC_ARG_SETKAUDIT, B_FALSE}, 156*8523fda3SJan Friedel { "-setkmask", " audit_flags", AC_ARG_SETKMASK, B_FALSE}, 157*8523fda3SJan Friedel { "-setpmask", " pid audit_flags", AC_ARG_SETPMASK, B_FALSE}, 158*8523fda3SJan Friedel { "-setpolicy", " [+|-]policy_flags", AC_ARG_SETPOLICY, B_TRUE}, 159*8523fda3SJan Friedel { "-setqbufsz", " bufsz", AC_ARG_SETQBUFSZ, B_TRUE}, 160*8523fda3SJan Friedel { "-setqctrl", " hiwater lowater bufsz delay", 161*8523fda3SJan Friedel AC_ARG_SETQCTRL, B_TRUE}, 162*8523fda3SJan Friedel { "-setqdelay", " delay", AC_ARG_SETQDELAY, B_TRUE}, 163*8523fda3SJan Friedel { "-setqhiwater", " hiwater", AC_ARG_SETQHIWATER, B_TRUE}, 164*8523fda3SJan Friedel { "-setqlowater", " lowater", AC_ARG_SETQLOWATER, B_TRUE}, 165*8523fda3SJan Friedel { "-setsmask", " asid audit_flags", AC_ARG_SETSMASK, B_FALSE}, 166*8523fda3SJan Friedel { "-setstat", "", AC_ARG_SETSTAT, B_FALSE}, 167*8523fda3SJan Friedel { "-setumask", " user audit_flags", AC_ARG_SETUMASK, B_FALSE}, 168*8523fda3SJan Friedel { "-t", "", AC_ARG_SET_TEMPORARY, B_FALSE}, 1697c478bd9Sstevel@tonic-gate }; 1707c478bd9Sstevel@tonic-gate 171*8523fda3SJan Friedel #define ARG_TBL_SZ (sizeof (arg_table) / sizeof (arg_entry_t)) 1727c478bd9Sstevel@tonic-gate 173*8523fda3SJan Friedel char *progname = "auditconfig"; 1747c478bd9Sstevel@tonic-gate 175*8523fda3SJan Friedel /* 176*8523fda3SJan Friedel * temporary_set true to get/set only kernel settings, 177*8523fda3SJan Friedel * false to get/set kernel settings and service properties 178*8523fda3SJan Friedel */ 179*8523fda3SJan Friedel static boolean_t temporary_set = B_FALSE; 1809e3700dfSgww 1819e3700dfSgww static au_event_ent_t *egetauevnam(char *event_name); 1829e3700dfSgww static au_event_ent_t *egetauevnum(au_event_t event_number); 1839e3700dfSgww static int arg_ent_compare(const void *aep1, const void *aep2); 1849e3700dfSgww static char *cond2str(void); 185*8523fda3SJan Friedel static int policy2str(uint32_t policy, char *policy_str, size_t len); 1869e3700dfSgww static int str2type(char *s, uint_t *type); 187*8523fda3SJan Friedel static int str2policy(char *policy_str, uint32_t *policy_mask); 1889e3700dfSgww static int str2ipaddr(char *s, uint32_t *addr, uint32_t type); 1899e3700dfSgww static int strisflags(char *s); 1909e3700dfSgww static int strisipaddr(char *s); 1919e3700dfSgww static int strisnum(char *s); 192*8523fda3SJan Friedel static arg_entry_t *get_arg_ent(char *arg_str); 1939e3700dfSgww static uid_t get_user_id(char *user); 1949e3700dfSgww static void chk_event_num(int etype, au_event_t event); 1959e3700dfSgww static void chk_event_str(int etype, char *event_str); 1969e3700dfSgww static void chk_retval(char *retval_str); 1979e3700dfSgww static void chk_sorf(char *sorf_str); 1989e3700dfSgww static void do_aconf(void); 1999e3700dfSgww static void do_args(char **argv); 2009e3700dfSgww static void do_audit(char *, char, int, char *); 2019e3700dfSgww static void do_chkaconf(void); 2029e3700dfSgww static void do_chkconf(void); 2039e3700dfSgww static void do_conf(void); 2049e3700dfSgww static void do_getasid(void); 2059e3700dfSgww static void do_getaudit(void); 2069e3700dfSgww static void do_getkaudit(void); 2079e3700dfSgww static void do_setkaudit(char *t, char *s); 2089e3700dfSgww static void do_getauid(void); 2099e3700dfSgww static void do_getcar(void); 2109e3700dfSgww static void do_getclass(char *event_str); 2119e3700dfSgww static void do_getcond(void); 2129e3700dfSgww static void do_getcwd(void); 2139e3700dfSgww static void do_getkmask(void); 2149e3700dfSgww static void do_getpinfo(char *pid_str); 2159e3700dfSgww static void do_getpolicy(void); 2169e3700dfSgww static void do_getqbufsz(void); 2179e3700dfSgww static void do_getqctrl(void); 2189e3700dfSgww static void do_getqdelay(void); 2199e3700dfSgww static void do_getqhiwater(void); 2209e3700dfSgww static void do_getqlowater(void); 2219e3700dfSgww static void do_getstat(void); 2229e3700dfSgww static void do_gettermid(void); 2239e3700dfSgww static void do_lsevent(void); 2249e3700dfSgww static void do_lspolicy(void); 2259e3700dfSgww static void do_setasid(char *sid_str, char **argv); 2269e3700dfSgww static void do_setaudit(char *user_str, char *mask_str, char *tid_str, 2279e3700dfSgww char *sid_str, char **argv); 2289e3700dfSgww static void do_setauid(char *user, char **argv); 2299e3700dfSgww static void do_setclass(char *event_str, char *audit_flags); 2309e3700dfSgww static void do_setkmask(char *audit_flags); 2319e3700dfSgww static void do_setpmask(char *pid_str, char *audit_flags); 2329e3700dfSgww static void do_setsmask(char *asid_str, char *audit_flags); 2339e3700dfSgww static void do_setumask(char *auid_str, char *audit_flags); 2349e3700dfSgww static void do_setpolicy(char *policy_str); 2359e3700dfSgww static void do_setqbufsz(char *bufsz); 2369e3700dfSgww static void do_setqctrl(char *hiwater, char *lowater, char *bufsz, char *delay); 2379e3700dfSgww static void do_setqdelay(char *delay); 2389e3700dfSgww static void do_setqhiwater(char *hiwater); 2399e3700dfSgww static void do_setqlowater(char *lowater); 2409e3700dfSgww static void do_setstat(void); 2419e3700dfSgww static void str2mask(char *mask_str, au_mask_t *mp); 2429e3700dfSgww static void str2tid(char *tid_str, au_tid_addr_t *tp); 2439e3700dfSgww static void strsplit(char *s, char *p1, char *p2, char c); 2449e3700dfSgww 2459e3700dfSgww static void eauditon(int cmd, caddr_t data, int length); 2469e3700dfSgww static void egetaudit(auditinfo_addr_t *ai, int size); 2479e3700dfSgww static void egetkaudit(auditinfo_addr_t *ai, int size); 2489e3700dfSgww static void esetkaudit(auditinfo_addr_t *ai, int size); 2499e3700dfSgww static void egetauditflagsbin(char *auditflags, au_mask_t *pmask); 2509e3700dfSgww static void egetauid(au_id_t *auid); 2519e3700dfSgww static void esetaudit(auditinfo_addr_t *ai, int size); 2529e3700dfSgww static void esetauid(au_id_t *auid); 2539e3700dfSgww static void execit(char **argv); 2549e3700dfSgww static void exit_error(char *fmt, ...); 2559e3700dfSgww static void exit_usage(int status); 256*8523fda3SJan Friedel static void parse_args(int argc, char **argv); 2579e3700dfSgww static void print_asid(au_asid_t asid); 2589e3700dfSgww static void print_auid(au_id_t auid); 2599e3700dfSgww static void print_mask(char *desc, au_mask_t *pmp); 2609e3700dfSgww static void print_tid_ex(au_tid_addr_t *tidp); 2617c478bd9Sstevel@tonic-gate 262*8523fda3SJan Friedel #if !defined(TEXT_DOMAIN) 263*8523fda3SJan Friedel #define TEXT_DOMAIN "SUNW_OST_OSCMD" 264*8523fda3SJan Friedel #endif 265*8523fda3SJan Friedel 2667c478bd9Sstevel@tonic-gate int 2679e3700dfSgww main(int argc, char **argv) 2687c478bd9Sstevel@tonic-gate { 2697c478bd9Sstevel@tonic-gate (void) setlocale(LC_ALL, ""); 2707c478bd9Sstevel@tonic-gate (void) textdomain(TEXT_DOMAIN); 2717c478bd9Sstevel@tonic-gate 2727c478bd9Sstevel@tonic-gate if (argc == 1) { 2737c478bd9Sstevel@tonic-gate exit_usage(0); 2747c478bd9Sstevel@tonic-gate } 2757c478bd9Sstevel@tonic-gate 2767c478bd9Sstevel@tonic-gate if (argc == 2 && 277*8523fda3SJan Friedel (argv[1][0] == '?' || 278*8523fda3SJan Friedel strcmp(argv[1], "-h") == 0 || 279*8523fda3SJan Friedel strcmp(argv[1], "-?") == 0)) { 2807c478bd9Sstevel@tonic-gate exit_usage(0); 281*8523fda3SJan Friedel } 2827c478bd9Sstevel@tonic-gate 283*8523fda3SJan Friedel parse_args(argc, argv); 2847c478bd9Sstevel@tonic-gate do_args(argv); 2857c478bd9Sstevel@tonic-gate 2867c478bd9Sstevel@tonic-gate return (0); 2877c478bd9Sstevel@tonic-gate } 2887c478bd9Sstevel@tonic-gate 2897c478bd9Sstevel@tonic-gate /* 2907c478bd9Sstevel@tonic-gate * parse_args() 2917c478bd9Sstevel@tonic-gate * Desc: Checks command line argument syntax. 2927c478bd9Sstevel@tonic-gate * Inputs: Command line argv; 2937c478bd9Sstevel@tonic-gate * Returns: If a syntax error is detected, a usage message is printed 2947c478bd9Sstevel@tonic-gate * and exit() is called. If a syntax error is not detected, 2957c478bd9Sstevel@tonic-gate * parse_args() returns without a value. 2967c478bd9Sstevel@tonic-gate */ 2977c478bd9Sstevel@tonic-gate static void 298*8523fda3SJan Friedel parse_args(int argc, char **argv) 2997c478bd9Sstevel@tonic-gate { 300*8523fda3SJan Friedel arg_entry_t *ae; 3017c478bd9Sstevel@tonic-gate 3029e3700dfSgww au_mask_t mask; 3037c478bd9Sstevel@tonic-gate uint_t type; 3047c478bd9Sstevel@tonic-gate uint_t addr[4]; 3057c478bd9Sstevel@tonic-gate 3067c478bd9Sstevel@tonic-gate for (++argv; *argv; argv++) { 3079e3700dfSgww if ((ae = get_arg_ent(*argv)) == NULL) { 3087c478bd9Sstevel@tonic-gate exit_usage(1); 3097c478bd9Sstevel@tonic-gate } 3107c478bd9Sstevel@tonic-gate 3117c478bd9Sstevel@tonic-gate switch (ae->auditconfig_cmd) { 3127c478bd9Sstevel@tonic-gate 3137c478bd9Sstevel@tonic-gate case AC_ARG_AUDIT: 3147c478bd9Sstevel@tonic-gate ++argv; 3157c478bd9Sstevel@tonic-gate if (!*argv) 3167c478bd9Sstevel@tonic-gate exit_usage(1); 3177c478bd9Sstevel@tonic-gate if (strisnum(*argv)) { 3187c478bd9Sstevel@tonic-gate chk_event_num(AC_USER_EVENT, 319*8523fda3SJan Friedel (au_event_t)atol(*argv)); 3209e3700dfSgww } else { 3217c478bd9Sstevel@tonic-gate chk_event_str(AC_USER_EVENT, *argv); 3229e3700dfSgww } 3237c478bd9Sstevel@tonic-gate ++argv; 3247c478bd9Sstevel@tonic-gate if (!*argv) 3257c478bd9Sstevel@tonic-gate exit_usage(1); 3267c478bd9Sstevel@tonic-gate chk_sorf(*argv); 3277c478bd9Sstevel@tonic-gate ++argv; 3287c478bd9Sstevel@tonic-gate if (!*argv) 3297c478bd9Sstevel@tonic-gate exit_usage(1); 3307c478bd9Sstevel@tonic-gate chk_retval(*argv); 3317c478bd9Sstevel@tonic-gate ++argv; 3327c478bd9Sstevel@tonic-gate if (!*argv) 3337c478bd9Sstevel@tonic-gate exit_usage(1); 3347c478bd9Sstevel@tonic-gate break; 3357c478bd9Sstevel@tonic-gate 3367c478bd9Sstevel@tonic-gate case AC_ARG_CHKCONF: 3377c478bd9Sstevel@tonic-gate case AC_ARG_CONF: 3387c478bd9Sstevel@tonic-gate case AC_ARG_ACONF: 3397c478bd9Sstevel@tonic-gate case AC_ARG_CHKACONF: 3407c478bd9Sstevel@tonic-gate case AC_ARG_GETASID: 3417c478bd9Sstevel@tonic-gate case AC_ARG_GETAUID: 3427c478bd9Sstevel@tonic-gate case AC_ARG_GETAUDIT: 3437c478bd9Sstevel@tonic-gate case AC_ARG_GETKAUDIT: 3447c478bd9Sstevel@tonic-gate break; 3457c478bd9Sstevel@tonic-gate 3467c478bd9Sstevel@tonic-gate case AC_ARG_GETCLASS: 3477c478bd9Sstevel@tonic-gate case AC_ARG_GETESTATE: 3487c478bd9Sstevel@tonic-gate ++argv; 3497c478bd9Sstevel@tonic-gate if (!*argv) 3507c478bd9Sstevel@tonic-gate exit_usage(1); 3519e3700dfSgww if (strisnum(*argv)) { 3527c478bd9Sstevel@tonic-gate chk_event_num(AC_KERN_EVENT, 3539e3700dfSgww (au_event_t)atol(*argv)); 3549e3700dfSgww } else { 3557c478bd9Sstevel@tonic-gate chk_event_str(AC_KERN_EVENT, *argv); 3569e3700dfSgww } 3577c478bd9Sstevel@tonic-gate break; 3587c478bd9Sstevel@tonic-gate 3597c478bd9Sstevel@tonic-gate case AC_ARG_GETCAR: 3607c478bd9Sstevel@tonic-gate case AC_ARG_GETCOND: 3617c478bd9Sstevel@tonic-gate case AC_ARG_GETCWD: 3627c478bd9Sstevel@tonic-gate case AC_ARG_GETKMASK: 3637c478bd9Sstevel@tonic-gate case AC_ARG_GETPOLICY: 3647c478bd9Sstevel@tonic-gate case AC_ARG_GETQBUFSZ: 3657c478bd9Sstevel@tonic-gate case AC_ARG_GETQCTRL: 3667c478bd9Sstevel@tonic-gate case AC_ARG_GETQDELAY: 3677c478bd9Sstevel@tonic-gate case AC_ARG_GETQHIWATER: 3687c478bd9Sstevel@tonic-gate case AC_ARG_GETQLOWATER: 3697c478bd9Sstevel@tonic-gate case AC_ARG_GETSTAT: 3707c478bd9Sstevel@tonic-gate case AC_ARG_GETTERMID: 3717c478bd9Sstevel@tonic-gate case AC_ARG_LSEVENT: 3727c478bd9Sstevel@tonic-gate case AC_ARG_LSPOLICY: 3737c478bd9Sstevel@tonic-gate break; 3747c478bd9Sstevel@tonic-gate 3757c478bd9Sstevel@tonic-gate case AC_ARG_SETASID: 3767c478bd9Sstevel@tonic-gate case AC_ARG_SETAUID: 3777c478bd9Sstevel@tonic-gate case AC_ARG_SETAUDIT: 3787c478bd9Sstevel@tonic-gate ++argv; 3797c478bd9Sstevel@tonic-gate if (!*argv) 3807c478bd9Sstevel@tonic-gate exit_usage(1); 3817c478bd9Sstevel@tonic-gate 3827c478bd9Sstevel@tonic-gate while (*argv) 3837c478bd9Sstevel@tonic-gate ++argv; 3847c478bd9Sstevel@tonic-gate --argv; 3857c478bd9Sstevel@tonic-gate 3867c478bd9Sstevel@tonic-gate break; 3877c478bd9Sstevel@tonic-gate 3887c478bd9Sstevel@tonic-gate case AC_ARG_SETKAUDIT: 3897c478bd9Sstevel@tonic-gate ++argv; 3907c478bd9Sstevel@tonic-gate if (!*argv) 3917c478bd9Sstevel@tonic-gate exit_usage(1); 3927c478bd9Sstevel@tonic-gate if (str2type (*argv, &type)) 3937c478bd9Sstevel@tonic-gate exit_error(gettext( 394*8523fda3SJan Friedel "Invalid IP address type specified.")); 3957c478bd9Sstevel@tonic-gate ++argv; 3967c478bd9Sstevel@tonic-gate if (!*argv) 3977c478bd9Sstevel@tonic-gate exit_usage(1); 3987c478bd9Sstevel@tonic-gate 3997c478bd9Sstevel@tonic-gate if (str2ipaddr(*argv, addr, type)) 400*8523fda3SJan Friedel exit_error( 401*8523fda3SJan Friedel gettext("Invalid IP address specified.")); 4027c478bd9Sstevel@tonic-gate break; 4037c478bd9Sstevel@tonic-gate 4047c478bd9Sstevel@tonic-gate case AC_ARG_SETCLASS: 4057c478bd9Sstevel@tonic-gate ++argv; 4067c478bd9Sstevel@tonic-gate if (!*argv) 4077c478bd9Sstevel@tonic-gate exit_usage(1); 4087c478bd9Sstevel@tonic-gate if (strisnum(*argv)) 4097c478bd9Sstevel@tonic-gate chk_event_num(AC_KERN_EVENT, 410*8523fda3SJan Friedel (au_event_t)atol(*argv)); 4117c478bd9Sstevel@tonic-gate else 4127c478bd9Sstevel@tonic-gate chk_event_str(AC_KERN_EVENT, *argv); 4137c478bd9Sstevel@tonic-gate ++argv; 4147c478bd9Sstevel@tonic-gate if (!*argv) 4157c478bd9Sstevel@tonic-gate exit_usage(1); 4169e3700dfSgww str2mask(*argv, &mask); 4177c478bd9Sstevel@tonic-gate break; 4187c478bd9Sstevel@tonic-gate 4197c478bd9Sstevel@tonic-gate case AC_ARG_SETKMASK: 4207c478bd9Sstevel@tonic-gate ++argv; 4217c478bd9Sstevel@tonic-gate if (!*argv) 4227c478bd9Sstevel@tonic-gate exit_usage(1); 4239e3700dfSgww str2mask(*argv, &mask); 4247c478bd9Sstevel@tonic-gate break; 4257c478bd9Sstevel@tonic-gate 4267c478bd9Sstevel@tonic-gate case AC_ARG_SETPOLICY: 4277c478bd9Sstevel@tonic-gate ++argv; 4287c478bd9Sstevel@tonic-gate if (!*argv) 4297c478bd9Sstevel@tonic-gate exit_usage(1); 4307c478bd9Sstevel@tonic-gate break; 4317c478bd9Sstevel@tonic-gate 4327c478bd9Sstevel@tonic-gate case AC_ARG_SETSTAT: 4337c478bd9Sstevel@tonic-gate break; 4347c478bd9Sstevel@tonic-gate 4357c478bd9Sstevel@tonic-gate case AC_ARG_GETPINFO: 4367c478bd9Sstevel@tonic-gate ++argv; 4377c478bd9Sstevel@tonic-gate if (!*argv) 4387c478bd9Sstevel@tonic-gate exit_usage(1); 4397c478bd9Sstevel@tonic-gate break; 4407c478bd9Sstevel@tonic-gate 4417c478bd9Sstevel@tonic-gate case AC_ARG_SETPMASK: 4427c478bd9Sstevel@tonic-gate ++argv; 4437c478bd9Sstevel@tonic-gate if (!*argv) 4447c478bd9Sstevel@tonic-gate exit_usage(1); 4457c478bd9Sstevel@tonic-gate ++argv; 4467c478bd9Sstevel@tonic-gate if (!*argv) 4477c478bd9Sstevel@tonic-gate exit_usage(1); 4489e3700dfSgww str2mask(*argv, &mask); 4497c478bd9Sstevel@tonic-gate break; 4507c478bd9Sstevel@tonic-gate 4517c478bd9Sstevel@tonic-gate case AC_ARG_SETQBUFSZ: 4527c478bd9Sstevel@tonic-gate ++argv; 4537c478bd9Sstevel@tonic-gate if (!*argv) 4547c478bd9Sstevel@tonic-gate exit_usage(1); 4557c478bd9Sstevel@tonic-gate if (!strisnum(*argv)) 4567c478bd9Sstevel@tonic-gate exit_error(gettext("Invalid bufsz specified.")); 4577c478bd9Sstevel@tonic-gate break; 4587c478bd9Sstevel@tonic-gate 4597c478bd9Sstevel@tonic-gate case AC_ARG_SETQCTRL: 4607c478bd9Sstevel@tonic-gate ++argv; 4617c478bd9Sstevel@tonic-gate if (!*argv) 4627c478bd9Sstevel@tonic-gate exit_usage(1); 4637c478bd9Sstevel@tonic-gate if (!strisnum(*argv)) 464*8523fda3SJan Friedel exit_error( 465*8523fda3SJan Friedel gettext("Invalid hiwater specified.")); 4667c478bd9Sstevel@tonic-gate ++argv; 4677c478bd9Sstevel@tonic-gate if (!*argv) 4687c478bd9Sstevel@tonic-gate exit_usage(1); 4697c478bd9Sstevel@tonic-gate if (!strisnum(*argv)) 470*8523fda3SJan Friedel exit_error( 471*8523fda3SJan Friedel gettext("Invalid lowater specified.")); 4727c478bd9Sstevel@tonic-gate ++argv; 4737c478bd9Sstevel@tonic-gate if (!*argv) 4747c478bd9Sstevel@tonic-gate exit_usage(1); 4757c478bd9Sstevel@tonic-gate if (!strisnum(*argv)) 4767c478bd9Sstevel@tonic-gate exit_error(gettext("Invalid bufsz specified.")); 4777c478bd9Sstevel@tonic-gate ++argv; 4787c478bd9Sstevel@tonic-gate if (!*argv) 4797c478bd9Sstevel@tonic-gate exit_usage(1); 4807c478bd9Sstevel@tonic-gate if (!strisnum(*argv)) 4817c478bd9Sstevel@tonic-gate exit_error(gettext("Invalid delay specified.")); 4827c478bd9Sstevel@tonic-gate break; 4837c478bd9Sstevel@tonic-gate 4847c478bd9Sstevel@tonic-gate case AC_ARG_SETQDELAY: 4857c478bd9Sstevel@tonic-gate ++argv; 4867c478bd9Sstevel@tonic-gate if (!*argv) 4877c478bd9Sstevel@tonic-gate exit_usage(1); 4887c478bd9Sstevel@tonic-gate if (!strisnum(*argv)) 4897c478bd9Sstevel@tonic-gate exit_error(gettext("Invalid delay specified.")); 4907c478bd9Sstevel@tonic-gate break; 4917c478bd9Sstevel@tonic-gate 4927c478bd9Sstevel@tonic-gate case AC_ARG_SETQHIWATER: 4937c478bd9Sstevel@tonic-gate ++argv; 4947c478bd9Sstevel@tonic-gate if (!*argv) 4957c478bd9Sstevel@tonic-gate exit_usage(1); 4969e3700dfSgww if (!strisnum(*argv)) { 497*8523fda3SJan Friedel exit_error( 498*8523fda3SJan Friedel gettext("Invalid hiwater specified.")); 4999e3700dfSgww } 5007c478bd9Sstevel@tonic-gate break; 5017c478bd9Sstevel@tonic-gate 5027c478bd9Sstevel@tonic-gate case AC_ARG_SETQLOWATER: 5037c478bd9Sstevel@tonic-gate ++argv; 5047c478bd9Sstevel@tonic-gate if (!*argv) 5057c478bd9Sstevel@tonic-gate exit_usage(1); 5069e3700dfSgww if (!strisnum(*argv)) { 507*8523fda3SJan Friedel exit_error( 508*8523fda3SJan Friedel gettext("Invalid lowater specified.")); 5099e3700dfSgww } 5107c478bd9Sstevel@tonic-gate break; 5117c478bd9Sstevel@tonic-gate 5127c478bd9Sstevel@tonic-gate case AC_ARG_SETSMASK: 5137c478bd9Sstevel@tonic-gate case AC_ARG_SETUMASK: 5147c478bd9Sstevel@tonic-gate ++argv; 5157c478bd9Sstevel@tonic-gate if (!*argv) 5167c478bd9Sstevel@tonic-gate exit_usage(1); 5177c478bd9Sstevel@tonic-gate ++argv; 5187c478bd9Sstevel@tonic-gate if (!*argv) 5197c478bd9Sstevel@tonic-gate exit_usage(1); 5209e3700dfSgww str2mask(*argv, &mask); 5217c478bd9Sstevel@tonic-gate break; 5227c478bd9Sstevel@tonic-gate 523*8523fda3SJan Friedel case AC_ARG_SET_TEMPORARY: 524*8523fda3SJan Friedel /* Do not accept single -t option. */ 525*8523fda3SJan Friedel if (argc == 2) { 526*8523fda3SJan Friedel exit_error( 527*8523fda3SJan Friedel gettext("Only the -t option specified " 528*8523fda3SJan Friedel "(it is not a standalone option).")); 529*8523fda3SJan Friedel } 530*8523fda3SJan Friedel temporary_set = B_TRUE; 531*8523fda3SJan Friedel break; 532*8523fda3SJan Friedel 5337c478bd9Sstevel@tonic-gate default: 5347c478bd9Sstevel@tonic-gate exit_error(gettext("Internal error #1.")); 5357c478bd9Sstevel@tonic-gate break; 5367c478bd9Sstevel@tonic-gate } 5377c478bd9Sstevel@tonic-gate } 5387c478bd9Sstevel@tonic-gate } 5397c478bd9Sstevel@tonic-gate 5407c478bd9Sstevel@tonic-gate 5417c478bd9Sstevel@tonic-gate /* 542*8523fda3SJan Friedel * do_args() - do command line arguments in the order in which they appear. 543*8523fda3SJan Friedel * Function return values returned by the underlying functions; the semantics 544*8523fda3SJan Friedel * they should follow is to return B_TRUE on successful execution, B_FALSE 545*8523fda3SJan Friedel * otherwise. 5467c478bd9Sstevel@tonic-gate */ 5477c478bd9Sstevel@tonic-gate static void 5489e3700dfSgww do_args(char **argv) 5497c478bd9Sstevel@tonic-gate { 550*8523fda3SJan Friedel arg_entry_t *ae; 5517c478bd9Sstevel@tonic-gate 5527c478bd9Sstevel@tonic-gate for (++argv; *argv; argv++) { 5537c478bd9Sstevel@tonic-gate ae = get_arg_ent(*argv); 5547c478bd9Sstevel@tonic-gate 5557c478bd9Sstevel@tonic-gate switch (ae->auditconfig_cmd) { 5567c478bd9Sstevel@tonic-gate 5577c478bd9Sstevel@tonic-gate case AC_ARG_AUDIT: 5587c478bd9Sstevel@tonic-gate { 5597c478bd9Sstevel@tonic-gate char sorf; 5607c478bd9Sstevel@tonic-gate int retval; 5617c478bd9Sstevel@tonic-gate char *event_name; 5627c478bd9Sstevel@tonic-gate char *audit_str; 5637c478bd9Sstevel@tonic-gate 5647c478bd9Sstevel@tonic-gate ++argv; 5657c478bd9Sstevel@tonic-gate event_name = *argv; 5667c478bd9Sstevel@tonic-gate ++argv; 5677c478bd9Sstevel@tonic-gate sorf = (char)atoi(*argv); 5687c478bd9Sstevel@tonic-gate ++argv; 5697c478bd9Sstevel@tonic-gate retval = atoi(*argv); 5707c478bd9Sstevel@tonic-gate ++argv; 5717c478bd9Sstevel@tonic-gate audit_str = *argv; 5727c478bd9Sstevel@tonic-gate do_audit(event_name, sorf, retval, audit_str); 5737c478bd9Sstevel@tonic-gate } 5747c478bd9Sstevel@tonic-gate break; 5757c478bd9Sstevel@tonic-gate 5767c478bd9Sstevel@tonic-gate case AC_ARG_CHKCONF: 5777c478bd9Sstevel@tonic-gate do_chkconf(); 5787c478bd9Sstevel@tonic-gate break; 5797c478bd9Sstevel@tonic-gate 5807c478bd9Sstevel@tonic-gate case AC_ARG_CONF: 5817c478bd9Sstevel@tonic-gate do_conf(); 5827c478bd9Sstevel@tonic-gate break; 5837c478bd9Sstevel@tonic-gate 5847c478bd9Sstevel@tonic-gate case AC_ARG_CHKACONF: 5857c478bd9Sstevel@tonic-gate do_chkaconf(); 5867c478bd9Sstevel@tonic-gate break; 5877c478bd9Sstevel@tonic-gate 5887c478bd9Sstevel@tonic-gate case AC_ARG_ACONF: 5897c478bd9Sstevel@tonic-gate do_aconf(); 5907c478bd9Sstevel@tonic-gate break; 5917c478bd9Sstevel@tonic-gate 5927c478bd9Sstevel@tonic-gate case AC_ARG_GETASID: 5937c478bd9Sstevel@tonic-gate do_getasid(); 5947c478bd9Sstevel@tonic-gate break; 5957c478bd9Sstevel@tonic-gate 5967c478bd9Sstevel@tonic-gate case AC_ARG_GETAUID: 5977c478bd9Sstevel@tonic-gate do_getauid(); 5987c478bd9Sstevel@tonic-gate break; 5997c478bd9Sstevel@tonic-gate 6007c478bd9Sstevel@tonic-gate case AC_ARG_GETAUDIT: 6017c478bd9Sstevel@tonic-gate do_getaudit(); 6027c478bd9Sstevel@tonic-gate break; 6037c478bd9Sstevel@tonic-gate 6047c478bd9Sstevel@tonic-gate case AC_ARG_GETKAUDIT: 6057c478bd9Sstevel@tonic-gate do_getkaudit(); 6067c478bd9Sstevel@tonic-gate break; 6077c478bd9Sstevel@tonic-gate 6087c478bd9Sstevel@tonic-gate case AC_ARG_GETCLASS: 6097c478bd9Sstevel@tonic-gate case AC_ARG_GETESTATE: 6107c478bd9Sstevel@tonic-gate ++argv; 6117c478bd9Sstevel@tonic-gate do_getclass(*argv); 6127c478bd9Sstevel@tonic-gate break; 6137c478bd9Sstevel@tonic-gate 6147c478bd9Sstevel@tonic-gate case AC_ARG_GETCAR: 6157c478bd9Sstevel@tonic-gate do_getcar(); 6167c478bd9Sstevel@tonic-gate break; 6177c478bd9Sstevel@tonic-gate 6187c478bd9Sstevel@tonic-gate case AC_ARG_GETCOND: 6197c478bd9Sstevel@tonic-gate do_getcond(); 6207c478bd9Sstevel@tonic-gate break; 6217c478bd9Sstevel@tonic-gate 6227c478bd9Sstevel@tonic-gate case AC_ARG_GETCWD: 6237c478bd9Sstevel@tonic-gate do_getcwd(); 6247c478bd9Sstevel@tonic-gate break; 6257c478bd9Sstevel@tonic-gate 6267c478bd9Sstevel@tonic-gate case AC_ARG_GETKMASK: 6277c478bd9Sstevel@tonic-gate do_getkmask(); 6287c478bd9Sstevel@tonic-gate break; 6297c478bd9Sstevel@tonic-gate 6307c478bd9Sstevel@tonic-gate case AC_ARG_GETPOLICY: 6317c478bd9Sstevel@tonic-gate do_getpolicy(); 6327c478bd9Sstevel@tonic-gate break; 6337c478bd9Sstevel@tonic-gate 6347c478bd9Sstevel@tonic-gate case AC_ARG_GETQBUFSZ: 6357c478bd9Sstevel@tonic-gate do_getqbufsz(); 6367c478bd9Sstevel@tonic-gate break; 6377c478bd9Sstevel@tonic-gate 6387c478bd9Sstevel@tonic-gate case AC_ARG_GETQCTRL: 6397c478bd9Sstevel@tonic-gate do_getqctrl(); 6407c478bd9Sstevel@tonic-gate break; 6417c478bd9Sstevel@tonic-gate 6427c478bd9Sstevel@tonic-gate case AC_ARG_GETQDELAY: 6437c478bd9Sstevel@tonic-gate do_getqdelay(); 6447c478bd9Sstevel@tonic-gate break; 6457c478bd9Sstevel@tonic-gate 6467c478bd9Sstevel@tonic-gate case AC_ARG_GETQHIWATER: 6477c478bd9Sstevel@tonic-gate do_getqhiwater(); 6487c478bd9Sstevel@tonic-gate break; 6497c478bd9Sstevel@tonic-gate 6507c478bd9Sstevel@tonic-gate case AC_ARG_GETQLOWATER: 6517c478bd9Sstevel@tonic-gate do_getqlowater(); 6527c478bd9Sstevel@tonic-gate break; 6537c478bd9Sstevel@tonic-gate 6547c478bd9Sstevel@tonic-gate case AC_ARG_GETSTAT: 6557c478bd9Sstevel@tonic-gate do_getstat(); 6567c478bd9Sstevel@tonic-gate break; 6577c478bd9Sstevel@tonic-gate 6587c478bd9Sstevel@tonic-gate case AC_ARG_GETTERMID: 6597c478bd9Sstevel@tonic-gate do_gettermid(); 6607c478bd9Sstevel@tonic-gate break; 6617c478bd9Sstevel@tonic-gate 6627c478bd9Sstevel@tonic-gate case AC_ARG_LSEVENT: 6637c478bd9Sstevel@tonic-gate do_lsevent(); 6647c478bd9Sstevel@tonic-gate break; 6657c478bd9Sstevel@tonic-gate 6667c478bd9Sstevel@tonic-gate case AC_ARG_LSPOLICY: 6677c478bd9Sstevel@tonic-gate do_lspolicy(); 6687c478bd9Sstevel@tonic-gate break; 6697c478bd9Sstevel@tonic-gate 6707c478bd9Sstevel@tonic-gate case AC_ARG_SETASID: 6717c478bd9Sstevel@tonic-gate { 6727c478bd9Sstevel@tonic-gate char *sid_str; 6737c478bd9Sstevel@tonic-gate 6747c478bd9Sstevel@tonic-gate ++argv; 6757c478bd9Sstevel@tonic-gate sid_str = *argv; 6767c478bd9Sstevel@tonic-gate ++argv; 6777c478bd9Sstevel@tonic-gate do_setasid(sid_str, argv); 6787c478bd9Sstevel@tonic-gate } 6797c478bd9Sstevel@tonic-gate break; 6807c478bd9Sstevel@tonic-gate 6817c478bd9Sstevel@tonic-gate case AC_ARG_SETAUID: 6827c478bd9Sstevel@tonic-gate { 6837c478bd9Sstevel@tonic-gate char *user; 6847c478bd9Sstevel@tonic-gate 6857c478bd9Sstevel@tonic-gate ++argv; 6867c478bd9Sstevel@tonic-gate user = *argv; 6877c478bd9Sstevel@tonic-gate ++argv; 6887c478bd9Sstevel@tonic-gate do_setauid(user, argv); 6897c478bd9Sstevel@tonic-gate } 6907c478bd9Sstevel@tonic-gate break; 6917c478bd9Sstevel@tonic-gate 6927c478bd9Sstevel@tonic-gate case AC_ARG_SETAUDIT: 6937c478bd9Sstevel@tonic-gate { 6947c478bd9Sstevel@tonic-gate char *user_str; 6957c478bd9Sstevel@tonic-gate char *mask_str; 6967c478bd9Sstevel@tonic-gate char *tid_str; 6977c478bd9Sstevel@tonic-gate char *sid_str; 6987c478bd9Sstevel@tonic-gate 6997c478bd9Sstevel@tonic-gate ++argv; 7007c478bd9Sstevel@tonic-gate user_str = *argv; 7017c478bd9Sstevel@tonic-gate ++argv; 7027c478bd9Sstevel@tonic-gate mask_str = *argv; 7037c478bd9Sstevel@tonic-gate ++argv; 7047c478bd9Sstevel@tonic-gate tid_str = *argv; 7057c478bd9Sstevel@tonic-gate ++argv; 7067c478bd9Sstevel@tonic-gate sid_str = *argv; 7077c478bd9Sstevel@tonic-gate ++argv; 708*8523fda3SJan Friedel do_setaudit(user_str, mask_str, tid_str, 709*8523fda3SJan Friedel sid_str, argv); 7107c478bd9Sstevel@tonic-gate } 7117c478bd9Sstevel@tonic-gate break; 7127c478bd9Sstevel@tonic-gate 7137c478bd9Sstevel@tonic-gate case AC_ARG_SETKAUDIT: 7147c478bd9Sstevel@tonic-gate { 7157c478bd9Sstevel@tonic-gate char *address_type, *address; 7167c478bd9Sstevel@tonic-gate 7177c478bd9Sstevel@tonic-gate ++argv; address_type = *argv; 7187c478bd9Sstevel@tonic-gate ++argv; address = *argv; 7197c478bd9Sstevel@tonic-gate do_setkaudit(address_type, address); 7207c478bd9Sstevel@tonic-gate } 7217c478bd9Sstevel@tonic-gate break; 7227c478bd9Sstevel@tonic-gate 7237c478bd9Sstevel@tonic-gate case AC_ARG_SETCLASS: 7247c478bd9Sstevel@tonic-gate { 7257c478bd9Sstevel@tonic-gate char *event_str, *audit_flags; 7267c478bd9Sstevel@tonic-gate 7277c478bd9Sstevel@tonic-gate ++argv; event_str = *argv; 7287c478bd9Sstevel@tonic-gate ++argv; audit_flags = *argv; 7297c478bd9Sstevel@tonic-gate do_setclass(event_str, audit_flags); 7307c478bd9Sstevel@tonic-gate } 7317c478bd9Sstevel@tonic-gate break; 7327c478bd9Sstevel@tonic-gate 7337c478bd9Sstevel@tonic-gate case AC_ARG_SETKMASK: 7347c478bd9Sstevel@tonic-gate ++argv; 7357c478bd9Sstevel@tonic-gate do_setkmask(*argv); 7367c478bd9Sstevel@tonic-gate break; 7377c478bd9Sstevel@tonic-gate 7387c478bd9Sstevel@tonic-gate case AC_ARG_SETPOLICY: 7397c478bd9Sstevel@tonic-gate ++argv; 7407c478bd9Sstevel@tonic-gate do_setpolicy(*argv); 7417c478bd9Sstevel@tonic-gate break; 7427c478bd9Sstevel@tonic-gate 7437c478bd9Sstevel@tonic-gate case AC_ARG_GETPINFO: 7447c478bd9Sstevel@tonic-gate { 7457c478bd9Sstevel@tonic-gate char *pid_str; 7467c478bd9Sstevel@tonic-gate 7477c478bd9Sstevel@tonic-gate ++argv; 7487c478bd9Sstevel@tonic-gate pid_str = *argv; 7497c478bd9Sstevel@tonic-gate do_getpinfo(pid_str); 7507c478bd9Sstevel@tonic-gate } 7517c478bd9Sstevel@tonic-gate break; 7527c478bd9Sstevel@tonic-gate 7537c478bd9Sstevel@tonic-gate case AC_ARG_SETPMASK: 7547c478bd9Sstevel@tonic-gate { 7557c478bd9Sstevel@tonic-gate char *pid_str; 7567c478bd9Sstevel@tonic-gate char *audit_flags; 7577c478bd9Sstevel@tonic-gate 7587c478bd9Sstevel@tonic-gate ++argv; 7597c478bd9Sstevel@tonic-gate pid_str = *argv; 7607c478bd9Sstevel@tonic-gate ++argv; 7617c478bd9Sstevel@tonic-gate audit_flags = *argv; 7627c478bd9Sstevel@tonic-gate do_setpmask(pid_str, audit_flags); 7637c478bd9Sstevel@tonic-gate } 7647c478bd9Sstevel@tonic-gate break; 7657c478bd9Sstevel@tonic-gate 7667c478bd9Sstevel@tonic-gate case AC_ARG_SETSTAT: 7677c478bd9Sstevel@tonic-gate do_setstat(); 7687c478bd9Sstevel@tonic-gate break; 7697c478bd9Sstevel@tonic-gate 7707c478bd9Sstevel@tonic-gate case AC_ARG_SETQBUFSZ: 7717c478bd9Sstevel@tonic-gate ++argv; 7727c478bd9Sstevel@tonic-gate do_setqbufsz(*argv); 7737c478bd9Sstevel@tonic-gate break; 7747c478bd9Sstevel@tonic-gate 7757c478bd9Sstevel@tonic-gate case AC_ARG_SETQCTRL: 7767c478bd9Sstevel@tonic-gate { 7777c478bd9Sstevel@tonic-gate char *hiwater, *lowater, *bufsz, *delay; 7787c478bd9Sstevel@tonic-gate 7797c478bd9Sstevel@tonic-gate ++argv; hiwater = *argv; 7807c478bd9Sstevel@tonic-gate ++argv; lowater = *argv; 7817c478bd9Sstevel@tonic-gate ++argv; bufsz = *argv; 7827c478bd9Sstevel@tonic-gate ++argv; delay = *argv; 7837c478bd9Sstevel@tonic-gate do_setqctrl(hiwater, lowater, bufsz, delay); 7847c478bd9Sstevel@tonic-gate } 7857c478bd9Sstevel@tonic-gate break; 7867c478bd9Sstevel@tonic-gate case AC_ARG_SETQDELAY: 7877c478bd9Sstevel@tonic-gate ++argv; 7887c478bd9Sstevel@tonic-gate do_setqdelay(*argv); 7897c478bd9Sstevel@tonic-gate break; 7907c478bd9Sstevel@tonic-gate 7917c478bd9Sstevel@tonic-gate case AC_ARG_SETQHIWATER: 7927c478bd9Sstevel@tonic-gate ++argv; 7937c478bd9Sstevel@tonic-gate do_setqhiwater(*argv); 7947c478bd9Sstevel@tonic-gate break; 7957c478bd9Sstevel@tonic-gate 7967c478bd9Sstevel@tonic-gate case AC_ARG_SETQLOWATER: 7977c478bd9Sstevel@tonic-gate ++argv; 7987c478bd9Sstevel@tonic-gate do_setqlowater(*argv); 7997c478bd9Sstevel@tonic-gate break; 8007c478bd9Sstevel@tonic-gate 8017c478bd9Sstevel@tonic-gate case AC_ARG_SETSMASK: 8027c478bd9Sstevel@tonic-gate { 8037c478bd9Sstevel@tonic-gate char *asid_str; 8047c478bd9Sstevel@tonic-gate char *audit_flags; 8057c478bd9Sstevel@tonic-gate 8067c478bd9Sstevel@tonic-gate ++argv; 8077c478bd9Sstevel@tonic-gate asid_str = *argv; 8087c478bd9Sstevel@tonic-gate ++argv; 8097c478bd9Sstevel@tonic-gate audit_flags = *argv; 8107c478bd9Sstevel@tonic-gate do_setsmask(asid_str, audit_flags); 8117c478bd9Sstevel@tonic-gate } 8127c478bd9Sstevel@tonic-gate break; 8137c478bd9Sstevel@tonic-gate case AC_ARG_SETUMASK: 8147c478bd9Sstevel@tonic-gate { 8157c478bd9Sstevel@tonic-gate char *auid_str; 8167c478bd9Sstevel@tonic-gate char *audit_flags; 8177c478bd9Sstevel@tonic-gate 8187c478bd9Sstevel@tonic-gate ++argv; 8197c478bd9Sstevel@tonic-gate auid_str = *argv; 8207c478bd9Sstevel@tonic-gate ++argv; 8217c478bd9Sstevel@tonic-gate audit_flags = *argv; 8227c478bd9Sstevel@tonic-gate do_setumask(auid_str, audit_flags); 8237c478bd9Sstevel@tonic-gate } 8247c478bd9Sstevel@tonic-gate break; 825*8523fda3SJan Friedel case AC_ARG_SET_TEMPORARY: 826*8523fda3SJan Friedel break; 8277c478bd9Sstevel@tonic-gate 8287c478bd9Sstevel@tonic-gate default: 8297c478bd9Sstevel@tonic-gate exit_error(gettext("Internal error #2.")); 8307c478bd9Sstevel@tonic-gate break; 8317c478bd9Sstevel@tonic-gate } 8327c478bd9Sstevel@tonic-gate } 8337c478bd9Sstevel@tonic-gate } 8347c478bd9Sstevel@tonic-gate 8357c478bd9Sstevel@tonic-gate /* 836*8523fda3SJan Friedel * do_chkconf() - the returned value is for the global zone unless AUDIT_PERZONE 837*8523fda3SJan Friedel * is set. 8387c478bd9Sstevel@tonic-gate */ 8397c478bd9Sstevel@tonic-gate static void 8409e3700dfSgww do_chkconf(void) 8417c478bd9Sstevel@tonic-gate { 8427c478bd9Sstevel@tonic-gate register au_event_ent_t *evp; 8437c478bd9Sstevel@tonic-gate au_mask_t pmask; 8447c478bd9Sstevel@tonic-gate char conf_aflags[256]; 8457c478bd9Sstevel@tonic-gate char run_aflags[256]; 8467c478bd9Sstevel@tonic-gate au_stat_t as; 8477c478bd9Sstevel@tonic-gate int class; 8487c478bd9Sstevel@tonic-gate int len; 8497c478bd9Sstevel@tonic-gate struct au_evclass_map cmap; 8507c478bd9Sstevel@tonic-gate 8517c478bd9Sstevel@tonic-gate pmask.am_success = pmask.am_failure = 0; 8527c478bd9Sstevel@tonic-gate eauditon(A_GETSTAT, (caddr_t)&as, 0); 8537c478bd9Sstevel@tonic-gate 8547c478bd9Sstevel@tonic-gate setauevent(); 8559e3700dfSgww if (getauevent() == NULL) { 856*8523fda3SJan Friedel exit_error(gettext("NO AUDIT EVENTS: Could not read %s\n."), 857*8523fda3SJan Friedel AUDITEVENTFILE); 8587c478bd9Sstevel@tonic-gate } 8597c478bd9Sstevel@tonic-gate 8607c478bd9Sstevel@tonic-gate setauevent(); 8619e3700dfSgww while ((evp = getauevent()) != NULL) { 8627c478bd9Sstevel@tonic-gate cmap.ec_number = evp->ae_number; 8637c478bd9Sstevel@tonic-gate len = sizeof (struct au_evclass_map); 8649e3700dfSgww if (evp->ae_number <= as.as_numevent) { 8657c478bd9Sstevel@tonic-gate if (auditon(A_GETCLASS, (caddr_t)&cmap, len) == -1) { 866d0fa49b7STony Nguyen (void) printf("%s(%hu):%s", 8679e3700dfSgww evp->ae_name, evp->ae_number, 8689e3700dfSgww gettext("UNKNOWN EVENT: Could not get " 8699e3700dfSgww "class for event. Configuration may " 8709e3700dfSgww "be bad.\n")); 8717c478bd9Sstevel@tonic-gate } else { 8727c478bd9Sstevel@tonic-gate class = cmap.ec_class; 8737c478bd9Sstevel@tonic-gate if (class != evp->ae_class) { 8747c478bd9Sstevel@tonic-gate conf_aflags[0] = run_aflags[0] = '\0'; 8757c478bd9Sstevel@tonic-gate pmask.am_success = class; 8767c478bd9Sstevel@tonic-gate pmask.am_failure = class; 8777c478bd9Sstevel@tonic-gate (void) getauditflagschar(run_aflags, 878*8523fda3SJan Friedel &pmask, 0); 8797c478bd9Sstevel@tonic-gate pmask.am_success = evp->ae_class; 8807c478bd9Sstevel@tonic-gate pmask.am_failure = evp->ae_class; 8817c478bd9Sstevel@tonic-gate (void) getauditflagschar(conf_aflags, 882*8523fda3SJan Friedel &pmask, 0); 8837c478bd9Sstevel@tonic-gate 8847c478bd9Sstevel@tonic-gate (void) printf(gettext( 885d0fa49b7STony Nguyen "%s(%hu): CLASS MISMATCH: " 8869e3700dfSgww "runtime class (%s) != " 8879e3700dfSgww "configured class (%s)\n"), 8889e3700dfSgww evp->ae_name, evp->ae_number, 8899e3700dfSgww NONE(run_aflags), 8909e3700dfSgww NONE(conf_aflags)); 8917c478bd9Sstevel@tonic-gate } 8927c478bd9Sstevel@tonic-gate } 8939e3700dfSgww } 8947c478bd9Sstevel@tonic-gate } 8957c478bd9Sstevel@tonic-gate endauevent(); 8967c478bd9Sstevel@tonic-gate } 8977c478bd9Sstevel@tonic-gate 8987c478bd9Sstevel@tonic-gate /* 899*8523fda3SJan Friedel * do_conf() - configure the kernel events. The value returned to the user is 900*8523fda3SJan Friedel * for the global zone unless AUDIT_PERZONE is set. 9017c478bd9Sstevel@tonic-gate */ 9027c478bd9Sstevel@tonic-gate static void 9039e3700dfSgww do_conf(void) 9047c478bd9Sstevel@tonic-gate { 9057c478bd9Sstevel@tonic-gate register au_event_ent_t *evp; 9067c478bd9Sstevel@tonic-gate register int i; 9077c478bd9Sstevel@tonic-gate au_evclass_map_t ec; 9087c478bd9Sstevel@tonic-gate au_stat_t as; 9097c478bd9Sstevel@tonic-gate 9107c478bd9Sstevel@tonic-gate eauditon(A_GETSTAT, (caddr_t)&as, 0); 9117c478bd9Sstevel@tonic-gate 9127c478bd9Sstevel@tonic-gate i = 0; 9137c478bd9Sstevel@tonic-gate setauevent(); 9149e3700dfSgww while ((evp = getauevent()) != NULL) { 9157c478bd9Sstevel@tonic-gate if (evp->ae_number <= as.as_numevent) { 9167c478bd9Sstevel@tonic-gate ++i; 9177c478bd9Sstevel@tonic-gate ec.ec_number = evp->ae_number; 9187c478bd9Sstevel@tonic-gate ec.ec_class = evp->ae_class; 9197c478bd9Sstevel@tonic-gate eauditon(A_SETCLASS, (caddr_t)&ec, (int)sizeof (ec)); 9207c478bd9Sstevel@tonic-gate } 9217c478bd9Sstevel@tonic-gate } 9227c478bd9Sstevel@tonic-gate endauevent(); 9237c478bd9Sstevel@tonic-gate (void) printf(gettext("Configured %d kernel events.\n"), i); 9247c478bd9Sstevel@tonic-gate 9257c478bd9Sstevel@tonic-gate } 9267c478bd9Sstevel@tonic-gate 9277c478bd9Sstevel@tonic-gate /* 928*8523fda3SJan Friedel * do_chkaconf() - report a mismatch if the runtime class mask of a kernel audit 929*8523fda3SJan Friedel * event does not match the configured class mask. The value returned to the 930*8523fda3SJan Friedel * user is for the global zone unless AUDIT_PERZONE is set. 9317c478bd9Sstevel@tonic-gate */ 9327c478bd9Sstevel@tonic-gate static void 9339e3700dfSgww do_chkaconf(void) 9347c478bd9Sstevel@tonic-gate { 935*8523fda3SJan Friedel char buf[1024]; 936*8523fda3SJan Friedel au_mask_t pmask, kmask; 9377c478bd9Sstevel@tonic-gate 9387c478bd9Sstevel@tonic-gate if (getacna(buf, sizeof (buf)) < 0) { 9397c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 9407c478bd9Sstevel@tonic-gate gettext("bad non-attributable flags in audit_control\n")); 9417c478bd9Sstevel@tonic-gate exit(1); 9427c478bd9Sstevel@tonic-gate } 9437c478bd9Sstevel@tonic-gate 9447c478bd9Sstevel@tonic-gate if (getauditflagsbin(buf, &pmask) < 0) { 9457c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 9467c478bd9Sstevel@tonic-gate gettext("bad audit flag value encountered\n")); 9477c478bd9Sstevel@tonic-gate exit(1); 9487c478bd9Sstevel@tonic-gate } 9497c478bd9Sstevel@tonic-gate 9507c478bd9Sstevel@tonic-gate eauditon(A_GETKMASK, (caddr_t)&kmask, (int)sizeof (kmask)); 9517c478bd9Sstevel@tonic-gate 9527c478bd9Sstevel@tonic-gate if ((pmask.am_success != kmask.am_success) || 9537c478bd9Sstevel@tonic-gate (pmask.am_failure != kmask.am_failure)) { 9547c478bd9Sstevel@tonic-gate char kbuf[2048]; 9557c478bd9Sstevel@tonic-gate if (getauditflagschar(kbuf, &kmask, 0) < 0) { 9567c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 9577c478bd9Sstevel@tonic-gate gettext("bad kernel non-attributable mask\n")); 9587c478bd9Sstevel@tonic-gate exit(1); 9597c478bd9Sstevel@tonic-gate } 9607c478bd9Sstevel@tonic-gate (void) printf(gettext("non-attributable event mismatch ")); 9617c478bd9Sstevel@tonic-gate (void) printf(gettext("audit_control(%s) kernel(%s)\n"), 9629e3700dfSgww buf, kbuf); 9637c478bd9Sstevel@tonic-gate } 9647c478bd9Sstevel@tonic-gate } 9657c478bd9Sstevel@tonic-gate 9667c478bd9Sstevel@tonic-gate /* 967*8523fda3SJan Friedel * do_aconf - configures the non-attributable events. The value returned to the 968*8523fda3SJan Friedel * user is for the global zone unless AUDIT_PERZONE is set. 9697c478bd9Sstevel@tonic-gate */ 9707c478bd9Sstevel@tonic-gate static void 9719e3700dfSgww do_aconf(void) 9727c478bd9Sstevel@tonic-gate { 9737c478bd9Sstevel@tonic-gate char buf[2048]; 9747c478bd9Sstevel@tonic-gate au_mask_t pmask; 9757c478bd9Sstevel@tonic-gate 9767c478bd9Sstevel@tonic-gate if (getacna(buf, sizeof (buf)) < 0) { 9777c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 9787c478bd9Sstevel@tonic-gate gettext("bad non-attributable flags in audit_control\n")); 9797c478bd9Sstevel@tonic-gate exit(1); 9807c478bd9Sstevel@tonic-gate } 9817c478bd9Sstevel@tonic-gate 9827c478bd9Sstevel@tonic-gate if (getauditflagsbin(buf, &pmask) < 0) { 9837c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 9847c478bd9Sstevel@tonic-gate gettext("bad audit flag value encountered\n")); 9857c478bd9Sstevel@tonic-gate exit(1); 9867c478bd9Sstevel@tonic-gate } 9877c478bd9Sstevel@tonic-gate 9887c478bd9Sstevel@tonic-gate eauditon(A_SETKMASK, (caddr_t)&pmask, (int)sizeof (pmask)); 9897c478bd9Sstevel@tonic-gate (void) printf(gettext("Configured non-attributable events.\n")); 9907c478bd9Sstevel@tonic-gate } 9917c478bd9Sstevel@tonic-gate 992*8523fda3SJan Friedel /* 993*8523fda3SJan Friedel * do_audit() - construct an audit record for audit event event using the 994*8523fda3SJan Friedel * process's audit characteristics containing a text token string audit_str. The 995*8523fda3SJan Friedel * return token is constructed from the success/failure flag sort. Returned 996*8523fda3SJan Friedel * value retval is an errno value. 997*8523fda3SJan Friedel */ 9987c478bd9Sstevel@tonic-gate static void 9999e3700dfSgww do_audit(char *event, char sorf, int retval, char *audit_str) 10007c478bd9Sstevel@tonic-gate { 10017c478bd9Sstevel@tonic-gate int rtn; 10027c478bd9Sstevel@tonic-gate int rd; 10037c478bd9Sstevel@tonic-gate au_event_t event_num; 10047c478bd9Sstevel@tonic-gate au_event_ent_t *evp; 10057c478bd9Sstevel@tonic-gate auditinfo_addr_t ai; 10067c478bd9Sstevel@tonic-gate token_t *tokp; 10077c478bd9Sstevel@tonic-gate 10087c478bd9Sstevel@tonic-gate egetaudit(&ai, sizeof (ai)); 10097c478bd9Sstevel@tonic-gate 10107c478bd9Sstevel@tonic-gate if (strisnum(event)) { 10117c478bd9Sstevel@tonic-gate event_num = (au_event_t)atoi(event); 10127c478bd9Sstevel@tonic-gate evp = egetauevnum(event_num); 10139e3700dfSgww } else { 10147c478bd9Sstevel@tonic-gate evp = egetauevnam(event); 10159e3700dfSgww } 10167c478bd9Sstevel@tonic-gate 10177c478bd9Sstevel@tonic-gate rtn = au_preselect(evp->ae_number, &ai.ai_mask, (int)sorf, 10189e3700dfSgww AU_PRS_USECACHE); 10197c478bd9Sstevel@tonic-gate 10209e3700dfSgww if (rtn == -1) { 1021d0fa49b7STony Nguyen exit_error("%s\n%s %hu\n", 10229e3700dfSgww gettext("Check audit event configuration."), 10239e3700dfSgww gettext("Could not get audit class for event number"), 10249e3700dfSgww evp->ae_number); 10259e3700dfSgww } 10267c478bd9Sstevel@tonic-gate 10277c478bd9Sstevel@tonic-gate /* record is preselected */ 10287c478bd9Sstevel@tonic-gate if (rtn == 1) { 10299e3700dfSgww if ((rd = au_open()) == -1) { 1030*8523fda3SJan Friedel exit_error(gettext( 1031*8523fda3SJan Friedel "Could not get and audit record descriptor\n")); 10329e3700dfSgww } 10339e3700dfSgww if ((tokp = au_to_me()) == NULL) { 1034*8523fda3SJan Friedel exit_error( 1035*8523fda3SJan Friedel gettext("Could not allocate subject token\n")); 10369e3700dfSgww } 10379e3700dfSgww if (au_write(rd, tokp) == -1) { 1038*8523fda3SJan Friedel exit_error(gettext("Could not construct subject token " 1039*8523fda3SJan Friedel "of audit record\n")); 10409e3700dfSgww } 10419e3700dfSgww if (is_system_labeled()) { 10429e3700dfSgww if ((tokp = au_to_mylabel()) == NULL) { 1043*8523fda3SJan Friedel exit_error(gettext( 1044*8523fda3SJan Friedel "Could not allocate label token\n")); 10459e3700dfSgww } 10469e3700dfSgww if (au_write(rd, tokp) == -1) { 1047*8523fda3SJan Friedel exit_error(gettext("Could not " 1048*8523fda3SJan Friedel "construct label token of audit record\n")); 10499e3700dfSgww } 105045916cd2Sjpk } 105145916cd2Sjpk 10529e3700dfSgww if ((tokp = au_to_text(audit_str)) == NULL) 10537c478bd9Sstevel@tonic-gate exit_error(gettext("Could not allocate text token\n")); 10547c478bd9Sstevel@tonic-gate if (au_write(rd, tokp) == -1) 10559e3700dfSgww exit_error(gettext("Could not construct text token of " 10569e3700dfSgww "audit record\n")); 10577c478bd9Sstevel@tonic-gate #ifdef _LP64 10589e3700dfSgww if ((tokp = au_to_return64(sorf, retval)) == NULL) 10597c478bd9Sstevel@tonic-gate #else 10609e3700dfSgww if ((tokp = au_to_return32(sorf, retval)) == NULL) 10617c478bd9Sstevel@tonic-gate #endif 1062*8523fda3SJan Friedel exit_error( 1063*8523fda3SJan Friedel gettext("Could not allocate return token\n")); 10649e3700dfSgww if (au_write(rd, tokp) == -1) { 10659e3700dfSgww exit_error(gettext("Could not construct return token " 10669e3700dfSgww "of audit record\n")); 10679e3700dfSgww } 10689e3700dfSgww if (au_close(rd, 1, evp->ae_number) == -1) { 1069*8523fda3SJan Friedel exit_error( 1070*8523fda3SJan Friedel gettext("Could not write audit record: %s\n"), 1071*8523fda3SJan Friedel strerror(errno)); 10729e3700dfSgww } 10737c478bd9Sstevel@tonic-gate } 10747c478bd9Sstevel@tonic-gate } 10757c478bd9Sstevel@tonic-gate 1076*8523fda3SJan Friedel /* 1077*8523fda3SJan Friedel * do_getauid() - print the audit id of the current process. 1078*8523fda3SJan Friedel */ 10797c478bd9Sstevel@tonic-gate static void 10809e3700dfSgww do_getauid(void) 10817c478bd9Sstevel@tonic-gate { 10827c478bd9Sstevel@tonic-gate au_id_t auid; 10837c478bd9Sstevel@tonic-gate 10847c478bd9Sstevel@tonic-gate egetauid(&auid); 10857c478bd9Sstevel@tonic-gate print_auid(auid); 10867c478bd9Sstevel@tonic-gate } 10877c478bd9Sstevel@tonic-gate 1088*8523fda3SJan Friedel /* 1089*8523fda3SJan Friedel * do_getaudit() - print the audit characteristics of the current process. 1090*8523fda3SJan Friedel */ 10917c478bd9Sstevel@tonic-gate static void 10929e3700dfSgww do_getaudit(void) 10937c478bd9Sstevel@tonic-gate { 10947c478bd9Sstevel@tonic-gate auditinfo_addr_t ai; 10957c478bd9Sstevel@tonic-gate 10967c478bd9Sstevel@tonic-gate egetaudit(&ai, sizeof (ai)); 10977c478bd9Sstevel@tonic-gate print_auid(ai.ai_auid); 10987c478bd9Sstevel@tonic-gate print_mask(gettext("process preselection mask"), &ai.ai_mask); 10997c478bd9Sstevel@tonic-gate print_tid_ex(&ai.ai_termid); 11007c478bd9Sstevel@tonic-gate print_asid(ai.ai_asid); 11017c478bd9Sstevel@tonic-gate } 11027c478bd9Sstevel@tonic-gate 1103*8523fda3SJan Friedel /* 1104*8523fda3SJan Friedel * do_getkaudit() - print the audit characteristics of the current zone. 1105*8523fda3SJan Friedel */ 11067c478bd9Sstevel@tonic-gate static void 11079e3700dfSgww do_getkaudit(void) 11087c478bd9Sstevel@tonic-gate { 11097c478bd9Sstevel@tonic-gate auditinfo_addr_t ai; 11107c478bd9Sstevel@tonic-gate 11117c478bd9Sstevel@tonic-gate egetkaudit(&ai, sizeof (ai)); 11127c478bd9Sstevel@tonic-gate print_auid(ai.ai_auid); 11137c478bd9Sstevel@tonic-gate print_mask(gettext("process preselection mask"), &ai.ai_mask); 11147c478bd9Sstevel@tonic-gate print_tid_ex(&ai.ai_termid); 11157c478bd9Sstevel@tonic-gate print_asid(ai.ai_asid); 11167c478bd9Sstevel@tonic-gate } 11177c478bd9Sstevel@tonic-gate 11187c478bd9Sstevel@tonic-gate /* 1119*8523fda3SJan Friedel * do_setkaudit() - set IP address_type/address of machine to specified values; 1120*8523fda3SJan Friedel * valid per zone if AUDIT_PERZONE is set, else only in global zone. 11217c478bd9Sstevel@tonic-gate */ 11227c478bd9Sstevel@tonic-gate static void 11239e3700dfSgww do_setkaudit(char *t, char *s) 11247c478bd9Sstevel@tonic-gate { 11257c478bd9Sstevel@tonic-gate uint_t type; 11267c478bd9Sstevel@tonic-gate auditinfo_addr_t ai; 11277c478bd9Sstevel@tonic-gate 11287c478bd9Sstevel@tonic-gate egetkaudit(&ai, sizeof (ai)); 11297c478bd9Sstevel@tonic-gate (void) str2type(t, &type); 11307c478bd9Sstevel@tonic-gate (void) str2ipaddr(s, &ai.ai_termid.at_addr[0], type); 11317c478bd9Sstevel@tonic-gate ai.ai_termid.at_type = type; 11327c478bd9Sstevel@tonic-gate esetkaudit(&ai, sizeof (ai)); 11337c478bd9Sstevel@tonic-gate } 11347c478bd9Sstevel@tonic-gate 11357c478bd9Sstevel@tonic-gate /* 1136*8523fda3SJan Friedel * do_getcar() - print the zone-relative root 11377c478bd9Sstevel@tonic-gate */ 11387c478bd9Sstevel@tonic-gate static void 11399e3700dfSgww do_getcar(void) 11407c478bd9Sstevel@tonic-gate { 11417c478bd9Sstevel@tonic-gate char path[MAXPATHLEN]; 11427c478bd9Sstevel@tonic-gate 11437c478bd9Sstevel@tonic-gate eauditon(A_GETCAR, (caddr_t)path, (int)sizeof (path)); 11447c478bd9Sstevel@tonic-gate (void) printf(gettext("current active root = %s\n"), path); 11457c478bd9Sstevel@tonic-gate } 11467c478bd9Sstevel@tonic-gate 11477c478bd9Sstevel@tonic-gate /* 1148*8523fda3SJan Friedel * do_getclass() - print the preselection mask associated with the specified 1149*8523fda3SJan Friedel * kernel audit event. The displayed value is for the global zone unless 1150*8523fda3SJan Friedel * AUDIT_PERZONE is set. 11517c478bd9Sstevel@tonic-gate */ 11527c478bd9Sstevel@tonic-gate static void 11539e3700dfSgww do_getclass(char *event_str) 11547c478bd9Sstevel@tonic-gate { 11557c478bd9Sstevel@tonic-gate au_evclass_map_t ec; 11567c478bd9Sstevel@tonic-gate au_event_ent_t *evp; 11577c478bd9Sstevel@tonic-gate au_event_t event_number; 11587c478bd9Sstevel@tonic-gate char *event_name; 11597c478bd9Sstevel@tonic-gate 11607c478bd9Sstevel@tonic-gate if (strisnum(event_str)) { 11617c478bd9Sstevel@tonic-gate event_number = atol(event_str); 11629e3700dfSgww if ((evp = egetauevnum(event_number)) != NULL) { 11637c478bd9Sstevel@tonic-gate event_number = evp->ae_number; 11647c478bd9Sstevel@tonic-gate event_name = evp->ae_name; 11659e3700dfSgww } else { 11667c478bd9Sstevel@tonic-gate event_name = gettext("unknown"); 11679e3700dfSgww } 11687c478bd9Sstevel@tonic-gate } else { 11697c478bd9Sstevel@tonic-gate event_name = event_str; 11709e3700dfSgww if ((evp = egetauevnam(event_str)) != NULL) { 11717c478bd9Sstevel@tonic-gate event_number = evp->ae_number; 11729e3700dfSgww } 11737c478bd9Sstevel@tonic-gate } 11747c478bd9Sstevel@tonic-gate 11757c478bd9Sstevel@tonic-gate ec.ec_number = event_number; 11767c478bd9Sstevel@tonic-gate eauditon(A_GETCLASS, (caddr_t)&ec, 0); 11777c478bd9Sstevel@tonic-gate 1178d0fa49b7STony Nguyen (void) printf(gettext("audit class mask for event %s(%hu) = 0x%x\n"), 11799e3700dfSgww event_name, event_number, ec.ec_class); 11807c478bd9Sstevel@tonic-gate } 11817c478bd9Sstevel@tonic-gate 11827c478bd9Sstevel@tonic-gate /* 1183*8523fda3SJan Friedel * do_getcond() - the printed value is for the global zone unless 1184*8523fda3SJan Friedel * AUDIT_PERZONE is set. (AUC_DISABLED is always global, the other states are 1185*8523fda3SJan Friedel * per zone if AUDIT_PERZONE is set) 11867c478bd9Sstevel@tonic-gate */ 11877c478bd9Sstevel@tonic-gate static void 11889e3700dfSgww do_getcond(void) 11897c478bd9Sstevel@tonic-gate { 11909e3700dfSgww (void) printf(gettext("audit condition = %s\n"), cond2str()); 11917c478bd9Sstevel@tonic-gate } 11927c478bd9Sstevel@tonic-gate 11937c478bd9Sstevel@tonic-gate /* 1194*8523fda3SJan Friedel * do_getcwd() - the printed path is relative to the current zone root 11957c478bd9Sstevel@tonic-gate */ 11967c478bd9Sstevel@tonic-gate static void 11979e3700dfSgww do_getcwd(void) 11987c478bd9Sstevel@tonic-gate { 11997c478bd9Sstevel@tonic-gate char path[MAXPATHLEN]; 12007c478bd9Sstevel@tonic-gate 12017c478bd9Sstevel@tonic-gate eauditon(A_GETCWD, (caddr_t)path, (int)sizeof (path)); 12027c478bd9Sstevel@tonic-gate (void) printf(gettext("current working directory = %s\n"), path); 12037c478bd9Sstevel@tonic-gate } 12047c478bd9Sstevel@tonic-gate 12057c478bd9Sstevel@tonic-gate /* 1206*8523fda3SJan Friedel * do_getkmask() - the printed value is for the global zone unless AUDIT_PERZONE 1207*8523fda3SJan Friedel * is set. 12087c478bd9Sstevel@tonic-gate */ 12097c478bd9Sstevel@tonic-gate static void 12109e3700dfSgww do_getkmask(void) 12117c478bd9Sstevel@tonic-gate { 12127c478bd9Sstevel@tonic-gate au_mask_t pmask; 12137c478bd9Sstevel@tonic-gate 12147c478bd9Sstevel@tonic-gate eauditon(A_GETKMASK, (caddr_t)&pmask, (int)sizeof (pmask)); 12157c478bd9Sstevel@tonic-gate print_mask(gettext("audit flags for non-attributable events"), &pmask); 12167c478bd9Sstevel@tonic-gate } 12177c478bd9Sstevel@tonic-gate 12187c478bd9Sstevel@tonic-gate /* 1219*8523fda3SJan Friedel * do_getpolicy() - print active and configured kernel audit policy relative to 1220*8523fda3SJan Friedel * the current zone. 12217c478bd9Sstevel@tonic-gate */ 12227c478bd9Sstevel@tonic-gate static void 12239e3700dfSgww do_getpolicy(void) 12247c478bd9Sstevel@tonic-gate { 1225*8523fda3SJan Friedel char policy_str[1024]; 1226*8523fda3SJan Friedel uint32_t policy; 1227*8523fda3SJan Friedel 1228*8523fda3SJan Friedel if (!temporary_set) { 1229*8523fda3SJan Friedel if (!do_getpolicy_scf(&policy)) { 1230*8523fda3SJan Friedel exit_error(gettext("Could not get configured values.")); 1231*8523fda3SJan Friedel } 1232*8523fda3SJan Friedel (void) policy2str(policy, policy_str, sizeof (policy_str)); 1233*8523fda3SJan Friedel (void) printf(gettext("configured audit policies = %s\n"), 1234*8523fda3SJan Friedel policy_str); 1235*8523fda3SJan Friedel } 12367c478bd9Sstevel@tonic-gate 12377c478bd9Sstevel@tonic-gate eauditon(A_GETPOLICY, (caddr_t)&policy, 0); 12387c478bd9Sstevel@tonic-gate (void) policy2str(policy, policy_str, sizeof (policy_str)); 1239*8523fda3SJan Friedel (void) printf(gettext("active audit policies = %s\n"), policy_str); 12407c478bd9Sstevel@tonic-gate } 12417c478bd9Sstevel@tonic-gate 1242*8523fda3SJan Friedel 1243*8523fda3SJan Friedel /* 1244*8523fda3SJan Friedel * do_getpinfo() - print the audit ID, preselection mask, terminal ID, and 1245*8523fda3SJan Friedel * audit session ID for the specified process. 1246*8523fda3SJan Friedel */ 12477c478bd9Sstevel@tonic-gate static void 12489e3700dfSgww do_getpinfo(char *pid_str) 12497c478bd9Sstevel@tonic-gate { 12507c478bd9Sstevel@tonic-gate struct auditpinfo_addr ap; 12517c478bd9Sstevel@tonic-gate 12527c478bd9Sstevel@tonic-gate if (strisnum(pid_str)) 12537c478bd9Sstevel@tonic-gate ap.ap_pid = (pid_t)atoi(pid_str); 12547c478bd9Sstevel@tonic-gate else 12557c478bd9Sstevel@tonic-gate exit_usage(1); 12567c478bd9Sstevel@tonic-gate 12577c478bd9Sstevel@tonic-gate eauditon(A_GETPINFO_ADDR, (caddr_t)&ap, sizeof (ap)); 12587c478bd9Sstevel@tonic-gate 12597c478bd9Sstevel@tonic-gate print_auid(ap.ap_auid); 12607c478bd9Sstevel@tonic-gate print_mask(gettext("process preselection mask"), &(ap.ap_mask)); 12617c478bd9Sstevel@tonic-gate print_tid_ex(&(ap.ap_termid)); 12627c478bd9Sstevel@tonic-gate print_asid(ap.ap_asid); 12637c478bd9Sstevel@tonic-gate } 12647c478bd9Sstevel@tonic-gate 12657c478bd9Sstevel@tonic-gate /* 1266*8523fda3SJan Friedel * do_getqbufsz() - print the active and configured audit queue write buffer 1267*8523fda3SJan Friedel * size relative to the current zone. 12687c478bd9Sstevel@tonic-gate */ 12697c478bd9Sstevel@tonic-gate static void 12709e3700dfSgww do_getqbufsz(void) 12717c478bd9Sstevel@tonic-gate { 12727c478bd9Sstevel@tonic-gate struct au_qctrl qctrl; 12737c478bd9Sstevel@tonic-gate 1274*8523fda3SJan Friedel if (!temporary_set) { 1275*8523fda3SJan Friedel if (!do_getqbufsz_scf(&qctrl.aq_bufsz)) { 1276*8523fda3SJan Friedel exit_error(gettext("Could not get configured value.")); 1277*8523fda3SJan Friedel } 1278*8523fda3SJan Friedel 1279*8523fda3SJan Friedel if (qctrl.aq_bufsz == 0) { 1280*8523fda3SJan Friedel (void) printf(gettext( 1281*8523fda3SJan Friedel "no configured audit queue buffer size\n")); 1282*8523fda3SJan Friedel } else { 1283*8523fda3SJan Friedel (void) printf(gettext("configured audit queue " 1284*8523fda3SJan Friedel "buffer size (bytes) = %d\n"), qctrl.aq_bufsz); 1285*8523fda3SJan Friedel } 1286*8523fda3SJan Friedel } 1287*8523fda3SJan Friedel 12887c478bd9Sstevel@tonic-gate eauditon(A_GETQCTRL, (caddr_t)&qctrl, 0); 1289*8523fda3SJan Friedel (void) printf(gettext("active audit queue buffer size (bytes) = %d\n"), 1290*8523fda3SJan Friedel qctrl.aq_bufsz); 12917c478bd9Sstevel@tonic-gate } 12927c478bd9Sstevel@tonic-gate 12937c478bd9Sstevel@tonic-gate /* 1294*8523fda3SJan Friedel * do_getqctrl() - print the configured and active audit queue write buffer 1295*8523fda3SJan Friedel * size, audit queue hiwater mark, audit queue lowater mark, audit queue prod 1296*8523fda3SJan Friedel * interval (ticks) relative to the current zone. 12977c478bd9Sstevel@tonic-gate */ 12987c478bd9Sstevel@tonic-gate static void 12999e3700dfSgww do_getqctrl(void) 13007c478bd9Sstevel@tonic-gate { 1301*8523fda3SJan Friedel struct au_qctrl qctrl; 1302*8523fda3SJan Friedel 1303*8523fda3SJan Friedel if (!temporary_set) { 1304*8523fda3SJan Friedel if (!do_getqctrl_scf(&qctrl)) { 1305*8523fda3SJan Friedel exit_error(gettext("Could not get configured values.")); 1306*8523fda3SJan Friedel } 1307*8523fda3SJan Friedel 1308*8523fda3SJan Friedel if (qctrl.aq_hiwater == 0) { 1309*8523fda3SJan Friedel (void) printf(gettext( 1310*8523fda3SJan Friedel "no configured audit queue hiwater mark\n")); 1311*8523fda3SJan Friedel } else { 1312*8523fda3SJan Friedel (void) printf(gettext("configured audit queue " 1313*8523fda3SJan Friedel "hiwater mark (records) = %d\n"), qctrl.aq_hiwater); 1314*8523fda3SJan Friedel } 1315*8523fda3SJan Friedel if (qctrl.aq_lowater == 0) { 1316*8523fda3SJan Friedel (void) printf(gettext( 1317*8523fda3SJan Friedel "no configured audit queue lowater mark\n")); 1318*8523fda3SJan Friedel } else { 1319*8523fda3SJan Friedel (void) printf(gettext("configured audit queue " 1320*8523fda3SJan Friedel "lowater mark (records) = %d\n"), qctrl.aq_lowater); 1321*8523fda3SJan Friedel } 1322*8523fda3SJan Friedel if (qctrl.aq_bufsz == 0) { 1323*8523fda3SJan Friedel (void) printf(gettext( 1324*8523fda3SJan Friedel "no configured audit queue buffer size\n")); 1325*8523fda3SJan Friedel } else { 1326*8523fda3SJan Friedel (void) printf(gettext("configured audit queue " 1327*8523fda3SJan Friedel "buffer size (bytes) = %d\n"), qctrl.aq_bufsz); 1328*8523fda3SJan Friedel } 1329*8523fda3SJan Friedel if (qctrl.aq_delay == 0) { 1330*8523fda3SJan Friedel (void) printf(gettext( 1331*8523fda3SJan Friedel "no configured audit queue delay\n")); 1332*8523fda3SJan Friedel } else { 1333*8523fda3SJan Friedel (void) printf(gettext("configured audit queue " 1334*8523fda3SJan Friedel "delay (ticks) = %ld\n"), qctrl.aq_delay); 1335*8523fda3SJan Friedel } 1336*8523fda3SJan Friedel } 13377c478bd9Sstevel@tonic-gate 13387c478bd9Sstevel@tonic-gate eauditon(A_GETQCTRL, (caddr_t)&qctrl, 0); 1339*8523fda3SJan Friedel (void) printf(gettext("active audit queue hiwater mark " 1340*8523fda3SJan Friedel "(records) = %d\n"), qctrl.aq_hiwater); 1341*8523fda3SJan Friedel (void) printf(gettext("active audit queue lowater mark " 1342*8523fda3SJan Friedel "(records) = %d\n"), qctrl.aq_lowater); 1343*8523fda3SJan Friedel (void) printf(gettext("active audit queue buffer size (bytes) = %d\n"), 13449e3700dfSgww qctrl.aq_bufsz); 1345*8523fda3SJan Friedel (void) printf(gettext("active audit queue delay (ticks) = %ld\n"), 13469e3700dfSgww qctrl.aq_delay); 13477c478bd9Sstevel@tonic-gate } 13487c478bd9Sstevel@tonic-gate 13497c478bd9Sstevel@tonic-gate /* 1350*8523fda3SJan Friedel * do_getqdelay() - print, relative to the current zone, the configured and 1351*8523fda3SJan Friedel * active interval at which audit queue is prodded to start output. 13527c478bd9Sstevel@tonic-gate */ 13537c478bd9Sstevel@tonic-gate static void 13549e3700dfSgww do_getqdelay(void) 13557c478bd9Sstevel@tonic-gate { 13567c478bd9Sstevel@tonic-gate struct au_qctrl qctrl; 13577c478bd9Sstevel@tonic-gate 1358*8523fda3SJan Friedel if (!temporary_set) { 1359*8523fda3SJan Friedel if (!do_getqdelay_scf(&qctrl.aq_delay)) { 1360*8523fda3SJan Friedel exit_error(gettext("Could not get configured value.")); 1361*8523fda3SJan Friedel } 1362*8523fda3SJan Friedel 1363*8523fda3SJan Friedel if (qctrl.aq_delay == 0) { 1364*8523fda3SJan Friedel (void) printf(gettext( 1365*8523fda3SJan Friedel "no configured audit queue delay\n")); 1366*8523fda3SJan Friedel } else { 1367*8523fda3SJan Friedel (void) printf(gettext("configured audit queue " 1368*8523fda3SJan Friedel "delay (ticks) = %ld\n"), qctrl.aq_delay); 1369*8523fda3SJan Friedel } 1370*8523fda3SJan Friedel } 1371*8523fda3SJan Friedel 13727c478bd9Sstevel@tonic-gate eauditon(A_GETQCTRL, (caddr_t)&qctrl, 0); 1373*8523fda3SJan Friedel (void) printf(gettext("active audit queue delay (ticks) = %ld\n"), 13749e3700dfSgww qctrl.aq_delay); 13757c478bd9Sstevel@tonic-gate } 13767c478bd9Sstevel@tonic-gate 13777c478bd9Sstevel@tonic-gate /* 1378*8523fda3SJan Friedel * do_getqhiwater() - print, relative to the current zone, the high water 1379*8523fda3SJan Friedel * point in undelivered audit records when audit generation will block. 13807c478bd9Sstevel@tonic-gate */ 13817c478bd9Sstevel@tonic-gate static void 13829e3700dfSgww do_getqhiwater(void) 13837c478bd9Sstevel@tonic-gate { 13847c478bd9Sstevel@tonic-gate struct au_qctrl qctrl; 13857c478bd9Sstevel@tonic-gate 1386*8523fda3SJan Friedel if (!temporary_set) { 1387*8523fda3SJan Friedel if (!do_getqhiwater_scf(&qctrl.aq_hiwater)) { 1388*8523fda3SJan Friedel exit_error(gettext("Could not get configured value.")); 1389*8523fda3SJan Friedel } 1390*8523fda3SJan Friedel 1391*8523fda3SJan Friedel if (qctrl.aq_hiwater == 0) { 1392*8523fda3SJan Friedel (void) printf(gettext( 1393*8523fda3SJan Friedel "no configured audit queue hiwater mark\n")); 1394*8523fda3SJan Friedel } else { 1395*8523fda3SJan Friedel (void) printf(gettext("configured audit queue " 1396*8523fda3SJan Friedel "hiwater mark (records) = %d\n"), qctrl.aq_hiwater); 1397*8523fda3SJan Friedel } 1398*8523fda3SJan Friedel } 1399*8523fda3SJan Friedel 14007c478bd9Sstevel@tonic-gate eauditon(A_GETQCTRL, (caddr_t)&qctrl, 0); 1401*8523fda3SJan Friedel (void) printf(gettext("active audit queue hiwater mark " 1402*8523fda3SJan Friedel "(records) = %d\n"), qctrl.aq_hiwater); 14037c478bd9Sstevel@tonic-gate } 14047c478bd9Sstevel@tonic-gate 14057c478bd9Sstevel@tonic-gate /* 1406*8523fda3SJan Friedel * do_getqlowater() - print, relative to the current zone, the low water point 1407*8523fda3SJan Friedel * in undelivered audit records where blocked processes will resume. 14087c478bd9Sstevel@tonic-gate */ 14097c478bd9Sstevel@tonic-gate static void 14109e3700dfSgww do_getqlowater(void) 14117c478bd9Sstevel@tonic-gate { 14127c478bd9Sstevel@tonic-gate struct au_qctrl qctrl; 14137c478bd9Sstevel@tonic-gate 1414*8523fda3SJan Friedel if (!temporary_set) { 1415*8523fda3SJan Friedel if (!do_getqlowater_scf(&qctrl.aq_lowater)) { 1416*8523fda3SJan Friedel exit_error(gettext("Could not get configured value.")); 1417*8523fda3SJan Friedel } 1418*8523fda3SJan Friedel 1419*8523fda3SJan Friedel if (qctrl.aq_lowater == 0) { 1420*8523fda3SJan Friedel (void) printf(gettext( 1421*8523fda3SJan Friedel "no configured audit queue lowater mark\n")); 1422*8523fda3SJan Friedel } else { 1423*8523fda3SJan Friedel (void) printf(gettext("configured audit queue " 1424*8523fda3SJan Friedel "lowater mark (records) = %d\n"), qctrl.aq_lowater); 1425*8523fda3SJan Friedel } 1426*8523fda3SJan Friedel } 1427*8523fda3SJan Friedel 14287c478bd9Sstevel@tonic-gate eauditon(A_GETQCTRL, (caddr_t)&qctrl, 0); 1429*8523fda3SJan Friedel (void) printf(gettext("active audit queue lowater mark " 1430*8523fda3SJan Friedel "(records) = %d\n"), qctrl.aq_lowater); 14317c478bd9Sstevel@tonic-gate } 14327c478bd9Sstevel@tonic-gate 1433*8523fda3SJan Friedel /* 1434*8523fda3SJan Friedel * do_getasid() - print out the audit session-ID. 1435*8523fda3SJan Friedel */ 14367c478bd9Sstevel@tonic-gate static void 14379e3700dfSgww do_getasid(void) 14387c478bd9Sstevel@tonic-gate { 14397c478bd9Sstevel@tonic-gate auditinfo_addr_t ai; 14407c478bd9Sstevel@tonic-gate 14417c478bd9Sstevel@tonic-gate if (getaudit_addr(&ai, sizeof (ai))) { 14427c478bd9Sstevel@tonic-gate exit_error(gettext("getaudit_addr(2) failed")); 14437c478bd9Sstevel@tonic-gate } 14447c478bd9Sstevel@tonic-gate print_asid(ai.ai_asid); 14457c478bd9Sstevel@tonic-gate } 14467c478bd9Sstevel@tonic-gate 14477c478bd9Sstevel@tonic-gate /* 1448*8523fda3SJan Friedel * do_getstat() - the printed statistics are for the entire system unless 1449*8523fda3SJan Friedel * AUDIT_PERZONE is set. 14507c478bd9Sstevel@tonic-gate */ 14517c478bd9Sstevel@tonic-gate static void 14529e3700dfSgww do_getstat(void) 14537c478bd9Sstevel@tonic-gate { 14547c478bd9Sstevel@tonic-gate au_stat_t as; 14559e3700dfSgww int offset[12]; /* used to line the header up correctly */ 14569e3700dfSgww char buf[512]; 14577c478bd9Sstevel@tonic-gate 14587c478bd9Sstevel@tonic-gate eauditon(A_GETSTAT, (caddr_t)&as, 0); 14599e3700dfSgww (void) sprintf(buf, "%4lu %n%4lu %n%4lu %n%4lu %n%4lu %n%4lu %n%4lu " 14609e3700dfSgww "%n%4lu %n%4lu %n%4lu %n%4lu %n%4lu%n", 14619e3700dfSgww (ulong_t)as.as_generated, &(offset[0]), 14629e3700dfSgww (ulong_t)as.as_nonattrib, &(offset[1]), 14639e3700dfSgww (ulong_t)as.as_kernel, &(offset[2]), 14649e3700dfSgww (ulong_t)as.as_audit, &(offset[3]), 14659e3700dfSgww (ulong_t)as.as_auditctl, &(offset[4]), 14669e3700dfSgww (ulong_t)as.as_enqueue, &(offset[5]), 14679e3700dfSgww (ulong_t)as.as_written, &(offset[6]), 14689e3700dfSgww (ulong_t)as.as_wblocked, &(offset[7]), 14699e3700dfSgww (ulong_t)as.as_rblocked, &(offset[8]), 14709e3700dfSgww (ulong_t)as.as_dropped, &(offset[9]), 14719e3700dfSgww (ulong_t)as.as_totalsize / ONEK, &(offset[10]), 14729e3700dfSgww (ulong_t)as.as_memused / ONEK, &(offset[11])); 14739e3700dfSgww 14749e3700dfSgww /* 14759e3700dfSgww * TRANSLATION_NOTE 14769e3700dfSgww * Print a properly aligned header. 14779e3700dfSgww */ 14789e3700dfSgww (void) printf("%*s %*s %*s %*s %*s %*s %*s %*s %*s %*s %*s %*s\n", 1479*8523fda3SJan Friedel offset[0] - 1, gettext("gen"), 1480*8523fda3SJan Friedel offset[1] - offset[0] -1, gettext("nona"), 1481*8523fda3SJan Friedel offset[2] - offset[1] -1, gettext("kern"), 1482*8523fda3SJan Friedel offset[3] - offset[2] -1, gettext("aud"), 1483*8523fda3SJan Friedel offset[4] - offset[3] -1, gettext("ctl"), 1484*8523fda3SJan Friedel offset[5] - offset[4] -1, gettext("enq"), 1485*8523fda3SJan Friedel offset[6] - offset[5] -1, gettext("wrtn"), 1486*8523fda3SJan Friedel offset[7] - offset[6] -1, gettext("wblk"), 1487*8523fda3SJan Friedel offset[8] - offset[7] -1, gettext("rblk"), 1488*8523fda3SJan Friedel offset[9] - offset[8] -1, gettext("drop"), 1489*8523fda3SJan Friedel offset[10] - offset[9] -1, gettext("tot"), 1490*8523fda3SJan Friedel offset[11] - offset[10], gettext("mem")); 14919e3700dfSgww 14929e3700dfSgww (void) printf("%s\n", buf); 14937c478bd9Sstevel@tonic-gate } 14947c478bd9Sstevel@tonic-gate 1495*8523fda3SJan Friedel /* 1496*8523fda3SJan Friedel * do_gettermid() - print audit terminal ID for current process. 1497*8523fda3SJan Friedel */ 14987c478bd9Sstevel@tonic-gate static void 14999e3700dfSgww do_gettermid(void) 15007c478bd9Sstevel@tonic-gate { 15017c478bd9Sstevel@tonic-gate auditinfo_addr_t ai; 15027c478bd9Sstevel@tonic-gate 15037c478bd9Sstevel@tonic-gate if (getaudit_addr(&ai, sizeof (ai))) { 15047c478bd9Sstevel@tonic-gate exit_error(gettext("getaudit_addr(2) failed")); 15057c478bd9Sstevel@tonic-gate } 15067c478bd9Sstevel@tonic-gate print_tid_ex(&ai.ai_termid); 15077c478bd9Sstevel@tonic-gate } 15087c478bd9Sstevel@tonic-gate 15097c478bd9Sstevel@tonic-gate /* 1510*8523fda3SJan Friedel * do_lsevent() - display the active kernel and user level audit event 1511*8523fda3SJan Friedel * information. The printed events are for the global zone unless AUDIT_PERZONE 1512*8523fda3SJan Friedel * is set. 15137c478bd9Sstevel@tonic-gate */ 15147c478bd9Sstevel@tonic-gate static void 15159e3700dfSgww do_lsevent(void) 15167c478bd9Sstevel@tonic-gate { 15177c478bd9Sstevel@tonic-gate register au_event_ent_t *evp; 15187c478bd9Sstevel@tonic-gate au_mask_t pmask; 15197c478bd9Sstevel@tonic-gate char auflags[256]; 15207c478bd9Sstevel@tonic-gate 15217c478bd9Sstevel@tonic-gate setauevent(); 15229e3700dfSgww if (getauevent() == NULL) { 1523*8523fda3SJan Friedel exit_error(gettext("NO AUDIT EVENTS: Could not read %s\n."), 1524*8523fda3SJan Friedel AUDITEVENTFILE); 15257c478bd9Sstevel@tonic-gate } 15267c478bd9Sstevel@tonic-gate 15277c478bd9Sstevel@tonic-gate setauevent(); 15289e3700dfSgww while ((evp = getauevent()) != NULL) { 15297c478bd9Sstevel@tonic-gate pmask.am_success = pmask.am_failure = evp->ae_class; 15307c478bd9Sstevel@tonic-gate if (getauditflagschar(auflags, &pmask, 0) == -1) 15317c478bd9Sstevel@tonic-gate (void) strcpy(auflags, "unknown"); 1532d0fa49b7STony Nguyen (void) printf("%-30s %5hu %s %s\n", 15339e3700dfSgww evp->ae_name, evp->ae_number, auflags, evp->ae_desc); 15347c478bd9Sstevel@tonic-gate } 15357c478bd9Sstevel@tonic-gate endauevent(); 15367c478bd9Sstevel@tonic-gate } 15377c478bd9Sstevel@tonic-gate 15387c478bd9Sstevel@tonic-gate /* 1539*8523fda3SJan Friedel * do_lspolicy() - display the kernel audit policies with a description of each 1540*8523fda3SJan Friedel * policy. The printed value is for the global zone unless AUDIT_PERZONE is set. 15417c478bd9Sstevel@tonic-gate */ 15427c478bd9Sstevel@tonic-gate static void 15439e3700dfSgww do_lspolicy(void) 15447c478bd9Sstevel@tonic-gate { 15457c478bd9Sstevel@tonic-gate int i; 15467c478bd9Sstevel@tonic-gate 15477c478bd9Sstevel@tonic-gate /* 15487c478bd9Sstevel@tonic-gate * TRANSLATION_NOTE 15497c478bd9Sstevel@tonic-gate * Print a properly aligned header. 15507c478bd9Sstevel@tonic-gate */ 15517c478bd9Sstevel@tonic-gate (void) printf(gettext("policy string description:\n")); 155245916cd2Sjpk for (i = 0; i < POLICY_TBL_SZ; i++) { 155345916cd2Sjpk (void) printf("%-17s%s\n", policy_table[i].policy_str, 155445916cd2Sjpk gettext(policy_table[i].policy_desc)); 155545916cd2Sjpk } 15567c478bd9Sstevel@tonic-gate } 15577c478bd9Sstevel@tonic-gate 1558*8523fda3SJan Friedel /* 1559*8523fda3SJan Friedel * do_setasid() - execute shell or cmd with specified session-ID. 1560*8523fda3SJan Friedel */ 15617c478bd9Sstevel@tonic-gate static void 15629e3700dfSgww do_setasid(char *sid_str, char **argv) 15637c478bd9Sstevel@tonic-gate { 15647c478bd9Sstevel@tonic-gate struct auditinfo_addr ai; 15657c478bd9Sstevel@tonic-gate 15667c478bd9Sstevel@tonic-gate if (getaudit_addr(&ai, sizeof (ai))) { 15677c478bd9Sstevel@tonic-gate exit_error(gettext("getaudit_addr(2) failed")); 15687c478bd9Sstevel@tonic-gate } 15697c478bd9Sstevel@tonic-gate ai.ai_asid = (au_asid_t)atol(sid_str); 15707c478bd9Sstevel@tonic-gate if (setaudit_addr(&ai, sizeof (ai))) { 15717c478bd9Sstevel@tonic-gate exit_error(gettext("setaudit_addr(2) failed")); 15727c478bd9Sstevel@tonic-gate } 15737c478bd9Sstevel@tonic-gate execit(argv); 15747c478bd9Sstevel@tonic-gate } 15757c478bd9Sstevel@tonic-gate 1576*8523fda3SJan Friedel /* 1577*8523fda3SJan Friedel * do_setaudit() - execute shell or cmd with specified audit characteristics. 1578*8523fda3SJan Friedel */ 15797c478bd9Sstevel@tonic-gate static void 15809e3700dfSgww do_setaudit(char *user_str, char *mask_str, char *tid_str, char *sid_str, 15819e3700dfSgww char **argv) 15827c478bd9Sstevel@tonic-gate { 15837c478bd9Sstevel@tonic-gate auditinfo_addr_t ai; 15847c478bd9Sstevel@tonic-gate 15857c478bd9Sstevel@tonic-gate ai.ai_auid = (au_id_t)get_user_id(user_str); 15867c478bd9Sstevel@tonic-gate str2mask(mask_str, &ai.ai_mask), 1587*8523fda3SJan Friedel str2tid(tid_str, &ai.ai_termid); 15887c478bd9Sstevel@tonic-gate ai.ai_asid = (au_asid_t)atol(sid_str); 15897c478bd9Sstevel@tonic-gate 15907c478bd9Sstevel@tonic-gate esetaudit(&ai, sizeof (ai)); 15917c478bd9Sstevel@tonic-gate execit(argv); 15927c478bd9Sstevel@tonic-gate } 15937c478bd9Sstevel@tonic-gate 1594*8523fda3SJan Friedel /* 1595*8523fda3SJan Friedel * do_setauid() - execute shell or cmd with specified audit-ID. 1596*8523fda3SJan Friedel */ 15977c478bd9Sstevel@tonic-gate static void 15989e3700dfSgww do_setauid(char *user, char **argv) 15997c478bd9Sstevel@tonic-gate { 16007c478bd9Sstevel@tonic-gate au_id_t auid; 16017c478bd9Sstevel@tonic-gate 16027c478bd9Sstevel@tonic-gate auid = get_user_id(user); 16037c478bd9Sstevel@tonic-gate esetauid(&auid); 16047c478bd9Sstevel@tonic-gate execit(argv); 16057c478bd9Sstevel@tonic-gate } 16067c478bd9Sstevel@tonic-gate 1607*8523fda3SJan Friedel /* 1608*8523fda3SJan Friedel * do_setpmask() - set the preselection mask of the specified process; valid 1609*8523fda3SJan Friedel * per zone if AUDIT_PERZONE is set, else only in global zone. 1610*8523fda3SJan Friedel */ 16117c478bd9Sstevel@tonic-gate static void 16129e3700dfSgww do_setpmask(char *pid_str, char *audit_flags) 16137c478bd9Sstevel@tonic-gate { 16147c478bd9Sstevel@tonic-gate struct auditpinfo ap; 16157c478bd9Sstevel@tonic-gate 16167c478bd9Sstevel@tonic-gate if (strisnum(pid_str)) 16177c478bd9Sstevel@tonic-gate ap.ap_pid = (pid_t)atoi(pid_str); 16187c478bd9Sstevel@tonic-gate else 16197c478bd9Sstevel@tonic-gate exit_usage(1); 16207c478bd9Sstevel@tonic-gate 16217c478bd9Sstevel@tonic-gate str2mask(audit_flags, &ap.ap_mask); 16227c478bd9Sstevel@tonic-gate 16237c478bd9Sstevel@tonic-gate eauditon(A_SETPMASK, (caddr_t)&ap, (int)sizeof (ap)); 16247c478bd9Sstevel@tonic-gate } 16257c478bd9Sstevel@tonic-gate 1626*8523fda3SJan Friedel /* 1627*8523fda3SJan Friedel * do_setsmask() - set the preselection mask of all processes with the specified 1628*8523fda3SJan Friedel * audit session-ID; valid per zone if AUDIT_PERZONE is set, else only in global 1629*8523fda3SJan Friedel * zone. 1630*8523fda3SJan Friedel */ 16317c478bd9Sstevel@tonic-gate static void 16329e3700dfSgww do_setsmask(char *asid_str, char *audit_flags) 16337c478bd9Sstevel@tonic-gate { 16347c478bd9Sstevel@tonic-gate struct auditinfo ainfo; 16357c478bd9Sstevel@tonic-gate 16367c478bd9Sstevel@tonic-gate if (strisnum(asid_str)) 1637d0fa49b7STony Nguyen ainfo.ai_asid = (au_asid_t)atoi(asid_str); 16387c478bd9Sstevel@tonic-gate else 16397c478bd9Sstevel@tonic-gate exit_usage(1); 16407c478bd9Sstevel@tonic-gate 16417c478bd9Sstevel@tonic-gate str2mask(audit_flags, &ainfo.ai_mask); 16427c478bd9Sstevel@tonic-gate 16437c478bd9Sstevel@tonic-gate eauditon(A_SETSMASK, (caddr_t)&ainfo, (int)sizeof (ainfo)); 16447c478bd9Sstevel@tonic-gate } 16457c478bd9Sstevel@tonic-gate 1646*8523fda3SJan Friedel /* 1647*8523fda3SJan Friedel * do_setumask() - set the preselection mask of all processes with the 1648*8523fda3SJan Friedel * specified audit-ID; valid per zone if AUDIT_PERZONE is set, else only in 1649*8523fda3SJan Friedel * global zone. 1650*8523fda3SJan Friedel */ 16517c478bd9Sstevel@tonic-gate static void 16529e3700dfSgww do_setumask(char *auid_str, char *audit_flags) 16537c478bd9Sstevel@tonic-gate { 16547c478bd9Sstevel@tonic-gate struct auditinfo ainfo; 16557c478bd9Sstevel@tonic-gate 16567c478bd9Sstevel@tonic-gate if (strisnum(auid_str)) 1657d0fa49b7STony Nguyen ainfo.ai_auid = (au_id_t)atoi(auid_str); 16587c478bd9Sstevel@tonic-gate else 16597c478bd9Sstevel@tonic-gate exit_usage(1); 16607c478bd9Sstevel@tonic-gate 16617c478bd9Sstevel@tonic-gate str2mask(audit_flags, &ainfo.ai_mask); 16627c478bd9Sstevel@tonic-gate 16637c478bd9Sstevel@tonic-gate eauditon(A_SETUMASK, (caddr_t)&ainfo, (int)sizeof (ainfo)); 16647c478bd9Sstevel@tonic-gate } 16657c478bd9Sstevel@tonic-gate 16667c478bd9Sstevel@tonic-gate /* 1667*8523fda3SJan Friedel * do_setstat() - reset audit statistics counters; local zone use is valid if 1668*8523fda3SJan Friedel * AUDIT_PERZONE is set, otherwise the syscall returns EPERM. 16697c478bd9Sstevel@tonic-gate */ 16707c478bd9Sstevel@tonic-gate static void 16719e3700dfSgww do_setstat(void) 16727c478bd9Sstevel@tonic-gate { 16737c478bd9Sstevel@tonic-gate au_stat_t as; 16747c478bd9Sstevel@tonic-gate 16757c478bd9Sstevel@tonic-gate as.as_audit = (uint_t)-1; 16767c478bd9Sstevel@tonic-gate as.as_auditctl = (uint_t)-1; 16777c478bd9Sstevel@tonic-gate as.as_dropped = (uint_t)-1; 16787c478bd9Sstevel@tonic-gate as.as_enqueue = (uint_t)-1; 16797c478bd9Sstevel@tonic-gate as.as_generated = (uint_t)-1; 16807c478bd9Sstevel@tonic-gate as.as_kernel = (uint_t)-1; 16817c478bd9Sstevel@tonic-gate as.as_nonattrib = (uint_t)-1; 16827c478bd9Sstevel@tonic-gate as.as_rblocked = (uint_t)-1; 16837c478bd9Sstevel@tonic-gate as.as_totalsize = (uint_t)-1; 16847c478bd9Sstevel@tonic-gate as.as_wblocked = (uint_t)-1; 16857c478bd9Sstevel@tonic-gate as.as_written = (uint_t)-1; 16867c478bd9Sstevel@tonic-gate 16877c478bd9Sstevel@tonic-gate eauditon(A_SETSTAT, (caddr_t)&as, (int)sizeof (as)); 16889e3700dfSgww (void) printf("%s\n", gettext("audit stats reset")); 16897c478bd9Sstevel@tonic-gate } 16907c478bd9Sstevel@tonic-gate 16917c478bd9Sstevel@tonic-gate /* 1692*8523fda3SJan Friedel * do_setclass() - map the kernel event event_str to the classes specified by 1693*8523fda3SJan Friedel * audit flags audit_flags; valid per zone if AUDIT_PERZONE is set, else only in 1694*8523fda3SJan Friedel * global zone. 16957c478bd9Sstevel@tonic-gate */ 16967c478bd9Sstevel@tonic-gate static void 16979e3700dfSgww do_setclass(char *event_str, char *audit_flags) 16987c478bd9Sstevel@tonic-gate { 16997c478bd9Sstevel@tonic-gate au_event_t event; 17007c478bd9Sstevel@tonic-gate int mask; 17017c478bd9Sstevel@tonic-gate au_mask_t pmask; 17027c478bd9Sstevel@tonic-gate au_evclass_map_t ec; 17037c478bd9Sstevel@tonic-gate au_event_ent_t *evp; 17047c478bd9Sstevel@tonic-gate 17057c478bd9Sstevel@tonic-gate if (strisnum(event_str)) 17067c478bd9Sstevel@tonic-gate event = (uint_t)atol(event_str); 17077c478bd9Sstevel@tonic-gate else { 17089e3700dfSgww if ((evp = egetauevnam(event_str)) != NULL) 17097c478bd9Sstevel@tonic-gate event = evp->ae_number; 17107c478bd9Sstevel@tonic-gate } 17117c478bd9Sstevel@tonic-gate 17127c478bd9Sstevel@tonic-gate if (strisnum(audit_flags)) 17137c478bd9Sstevel@tonic-gate mask = atoi(audit_flags); 17147c478bd9Sstevel@tonic-gate else { 17157c478bd9Sstevel@tonic-gate str2mask(audit_flags, &pmask); 17167c478bd9Sstevel@tonic-gate mask = pmask.am_success | pmask.am_failure; 17177c478bd9Sstevel@tonic-gate } 17187c478bd9Sstevel@tonic-gate 17197c478bd9Sstevel@tonic-gate ec.ec_number = event; 17207c478bd9Sstevel@tonic-gate ec.ec_class = mask; 17217c478bd9Sstevel@tonic-gate eauditon(A_SETCLASS, (caddr_t)&ec, (int)sizeof (ec)); 17227c478bd9Sstevel@tonic-gate } 17237c478bd9Sstevel@tonic-gate 17247c478bd9Sstevel@tonic-gate /* 1725*8523fda3SJan Friedel * do_setkmask() - set non-attributes selection flags of machine; valid per zone 1726*8523fda3SJan Friedel * if AUDIT_PERZONE is set, else only in global zone. 17277c478bd9Sstevel@tonic-gate */ 17287c478bd9Sstevel@tonic-gate static void 17299e3700dfSgww do_setkmask(char *audit_flags) 17307c478bd9Sstevel@tonic-gate { 17317c478bd9Sstevel@tonic-gate au_mask_t pmask; 17327c478bd9Sstevel@tonic-gate 17337c478bd9Sstevel@tonic-gate str2mask(audit_flags, &pmask); 17347c478bd9Sstevel@tonic-gate eauditon(A_SETKMASK, (caddr_t)&pmask, (int)sizeof (pmask)); 17357c478bd9Sstevel@tonic-gate print_mask(gettext("audit flags for non-attributable events"), &pmask); 17367c478bd9Sstevel@tonic-gate } 17377c478bd9Sstevel@tonic-gate 17387c478bd9Sstevel@tonic-gate /* 1739*8523fda3SJan Friedel * do_setpolicy() - set the active and configured kernel audit policy; active 1740*8523fda3SJan Friedel * values can be changed per zone if AUDIT_PERZONE is set, else only in global 1741*8523fda3SJan Friedel * zone. 1742*8523fda3SJan Friedel * 1743*8523fda3SJan Friedel * ahlt and perzone are global zone only. The kernel ensures that a local zone 1744*8523fda3SJan Friedel * can't change ahlt and perzone (EINVAL). 17457c478bd9Sstevel@tonic-gate */ 17467c478bd9Sstevel@tonic-gate static void 17479e3700dfSgww do_setpolicy(char *policy_str) 17487c478bd9Sstevel@tonic-gate { 1749*8523fda3SJan Friedel uint32_t policy = 0; 17507c478bd9Sstevel@tonic-gate 17517c478bd9Sstevel@tonic-gate switch (str2policy(policy_str, &policy)) { 1752*8523fda3SJan Friedel case 0: 1753*8523fda3SJan Friedel if (!temporary_set) { 1754*8523fda3SJan Friedel if (!do_getpolicy_scf(&policy)) { 1755*8523fda3SJan Friedel exit_error(gettext("Unable to get current " 1756*8523fda3SJan Friedel "policy values from the SMF repository")); 1757*8523fda3SJan Friedel } 1758*8523fda3SJan Friedel (void) str2policy(policy_str, &policy); 1759*8523fda3SJan Friedel 1760*8523fda3SJan Friedel if (!do_setpolicy_scf(policy)) { 1761*8523fda3SJan Friedel exit_error(gettext("Could not store " 1762*8523fda3SJan Friedel "configuration values.")); 1763*8523fda3SJan Friedel } 1764*8523fda3SJan Friedel } 1765*8523fda3SJan Friedel eauditon(A_SETPOLICY, (caddr_t)&policy, 0); 1766*8523fda3SJan Friedel break; 17677c478bd9Sstevel@tonic-gate case 2: 1768*8523fda3SJan Friedel exit_error(gettext("policy (%s) invalid in a local zone."), 1769*8523fda3SJan Friedel policy_str); 17707c478bd9Sstevel@tonic-gate break; 17717c478bd9Sstevel@tonic-gate default: 1772*8523fda3SJan Friedel exit_error(gettext("Invalid policy (%s) specified."), 17737c478bd9Sstevel@tonic-gate policy_str); 17747c478bd9Sstevel@tonic-gate break; 17757c478bd9Sstevel@tonic-gate } 17767c478bd9Sstevel@tonic-gate } 17777c478bd9Sstevel@tonic-gate 17787c478bd9Sstevel@tonic-gate /* 1779*8523fda3SJan Friedel * do_setqbufsz() - set the active and configured audit queue write buffer size 1780*8523fda3SJan Friedel * (bytes); active values can be changed per zone if AUDIT_PERZONE is set, else 1781*8523fda3SJan Friedel * only in global zone. 17827c478bd9Sstevel@tonic-gate */ 17837c478bd9Sstevel@tonic-gate static void 17849e3700dfSgww do_setqbufsz(char *bufsz) 17857c478bd9Sstevel@tonic-gate { 17867c478bd9Sstevel@tonic-gate struct au_qctrl qctrl; 17877c478bd9Sstevel@tonic-gate 1788*8523fda3SJan Friedel if (!temporary_set) { 1789*8523fda3SJan Friedel qctrl.aq_bufsz = (size_t)atol(bufsz); 1790*8523fda3SJan Friedel if (!do_setqbufsz_scf(&qctrl.aq_bufsz)) { 1791*8523fda3SJan Friedel exit_error(gettext( 1792*8523fda3SJan Friedel "Could not store configuration value.")); 1793*8523fda3SJan Friedel } 1794*8523fda3SJan Friedel } 1795*8523fda3SJan Friedel 17967c478bd9Sstevel@tonic-gate eauditon(A_GETQCTRL, (caddr_t)&qctrl, 0); 1797*8523fda3SJan Friedel qctrl.aq_bufsz = (size_t)atol(bufsz); 17987c478bd9Sstevel@tonic-gate eauditon(A_SETQCTRL, (caddr_t)&qctrl, 0); 17997c478bd9Sstevel@tonic-gate } 18007c478bd9Sstevel@tonic-gate 18017c478bd9Sstevel@tonic-gate /* 1802*8523fda3SJan Friedel * do_setqctrl() - set the active and configured audit queue write buffer size 1803*8523fda3SJan Friedel * (bytes), hiwater audit record count, lowater audit record count, and wakeup 1804*8523fda3SJan Friedel * interval (ticks); active values can be changed per zone if AUDIT_PERZONE is 1805*8523fda3SJan Friedel * set, else only in global zone. 18067c478bd9Sstevel@tonic-gate */ 18077c478bd9Sstevel@tonic-gate static void 18089e3700dfSgww do_setqctrl(char *hiwater, char *lowater, char *bufsz, char *delay) 18097c478bd9Sstevel@tonic-gate { 1810*8523fda3SJan Friedel struct au_qctrl qctrl; 1811*8523fda3SJan Friedel 1812*8523fda3SJan Friedel qctrl.aq_hiwater = (size_t)atol(hiwater); 1813*8523fda3SJan Friedel qctrl.aq_lowater = (size_t)atol(lowater); 1814*8523fda3SJan Friedel qctrl.aq_bufsz = (size_t)atol(bufsz); 1815*8523fda3SJan Friedel qctrl.aq_delay = (clock_t)atol(delay); 1816*8523fda3SJan Friedel 1817*8523fda3SJan Friedel if (!temporary_set) { 1818*8523fda3SJan Friedel if (!do_setqctrl_scf(&qctrl)) { 1819*8523fda3SJan Friedel exit_error(gettext( 1820*8523fda3SJan Friedel "Could not store configuration values.")); 1821*8523fda3SJan Friedel } 1822*8523fda3SJan Friedel } 18237c478bd9Sstevel@tonic-gate 18247c478bd9Sstevel@tonic-gate eauditon(A_SETQCTRL, (caddr_t)&qctrl, 0); 18257c478bd9Sstevel@tonic-gate } 18267c478bd9Sstevel@tonic-gate 18277c478bd9Sstevel@tonic-gate /* 1828*8523fda3SJan Friedel * do_setqdelay() - set the active and configured audit queue wakeup interval 1829*8523fda3SJan Friedel * (ticks); active values can be changed per zone if AUDIT_PERZONE is set, else 1830*8523fda3SJan Friedel * only in global zone. 18317c478bd9Sstevel@tonic-gate */ 18327c478bd9Sstevel@tonic-gate static void 18339e3700dfSgww do_setqdelay(char *delay) 18347c478bd9Sstevel@tonic-gate { 18357c478bd9Sstevel@tonic-gate struct au_qctrl qctrl; 18367c478bd9Sstevel@tonic-gate 1837*8523fda3SJan Friedel if (!temporary_set) { 1838*8523fda3SJan Friedel qctrl.aq_delay = (clock_t)atol(delay); 1839*8523fda3SJan Friedel if (!do_setqdelay_scf(&qctrl.aq_delay)) { 1840*8523fda3SJan Friedel exit_error(gettext( 1841*8523fda3SJan Friedel "Could not store configuration value.")); 1842*8523fda3SJan Friedel } 1843*8523fda3SJan Friedel } 1844*8523fda3SJan Friedel 18457c478bd9Sstevel@tonic-gate eauditon(A_GETQCTRL, (caddr_t)&qctrl, 0); 1846*8523fda3SJan Friedel qctrl.aq_delay = (clock_t)atol(delay); 18477c478bd9Sstevel@tonic-gate eauditon(A_SETQCTRL, (caddr_t)&qctrl, 0); 18487c478bd9Sstevel@tonic-gate } 18497c478bd9Sstevel@tonic-gate 18507c478bd9Sstevel@tonic-gate /* 1851*8523fda3SJan Friedel * do_setqhiwater() - sets the active and configured number of undelivered audit 1852*8523fda3SJan Friedel * records in the audit queue at which audit record generation blocks; active 1853*8523fda3SJan Friedel * values can be changed per zone if AUDIT_PERZONE is set, else only in global 1854*8523fda3SJan Friedel * zone. 18557c478bd9Sstevel@tonic-gate */ 18567c478bd9Sstevel@tonic-gate static void 18579e3700dfSgww do_setqhiwater(char *hiwater) 18587c478bd9Sstevel@tonic-gate { 18597c478bd9Sstevel@tonic-gate struct au_qctrl qctrl; 18607c478bd9Sstevel@tonic-gate 1861*8523fda3SJan Friedel if (!temporary_set) { 1862*8523fda3SJan Friedel qctrl.aq_hiwater = (size_t)atol(hiwater); 1863*8523fda3SJan Friedel if (!do_setqhiwater_scf(&qctrl.aq_hiwater)) { 1864*8523fda3SJan Friedel exit_error(gettext( 1865*8523fda3SJan Friedel "Could not store configuration value.")); 1866*8523fda3SJan Friedel } 1867*8523fda3SJan Friedel } 1868*8523fda3SJan Friedel 18697c478bd9Sstevel@tonic-gate eauditon(A_GETQCTRL, (caddr_t)&qctrl, 0); 1870*8523fda3SJan Friedel qctrl.aq_hiwater = (size_t)atol(hiwater); 18717c478bd9Sstevel@tonic-gate eauditon(A_SETQCTRL, (caddr_t)&qctrl, 0); 18727c478bd9Sstevel@tonic-gate } 18737c478bd9Sstevel@tonic-gate 18747c478bd9Sstevel@tonic-gate /* 1875*8523fda3SJan Friedel * do_setqlowater() - set the active and configured number of undelivered audit 1876*8523fda3SJan Friedel * records in the audit queue at which blocked auditing processes unblock; 1877*8523fda3SJan Friedel * active values can be changed per zone if AUDIT_PERZONE is set, else only in 1878*8523fda3SJan Friedel * global zone. 18797c478bd9Sstevel@tonic-gate */ 18807c478bd9Sstevel@tonic-gate static void 18819e3700dfSgww do_setqlowater(char *lowater) 18827c478bd9Sstevel@tonic-gate { 18837c478bd9Sstevel@tonic-gate struct au_qctrl qctrl; 18847c478bd9Sstevel@tonic-gate 1885*8523fda3SJan Friedel if (!temporary_set) { 1886*8523fda3SJan Friedel qctrl.aq_lowater = (size_t)atol(lowater); 1887*8523fda3SJan Friedel if (!do_setqlowater_scf(&qctrl.aq_lowater)) { 1888*8523fda3SJan Friedel exit_error(gettext( 1889*8523fda3SJan Friedel "Could not store configuration value.")); 1890*8523fda3SJan Friedel } 1891*8523fda3SJan Friedel } 1892*8523fda3SJan Friedel 18937c478bd9Sstevel@tonic-gate eauditon(A_GETQCTRL, (caddr_t)&qctrl, 0); 1894*8523fda3SJan Friedel qctrl.aq_lowater = (size_t)atol(lowater); 18957c478bd9Sstevel@tonic-gate eauditon(A_SETQCTRL, (caddr_t)&qctrl, 0); 18967c478bd9Sstevel@tonic-gate } 18977c478bd9Sstevel@tonic-gate 18987c478bd9Sstevel@tonic-gate static void 18999e3700dfSgww eauditon(int cmd, caddr_t data, int length) 19007c478bd9Sstevel@tonic-gate { 19017c478bd9Sstevel@tonic-gate if (auditon(cmd, data, length) == -1) 19027c478bd9Sstevel@tonic-gate exit_error(gettext("auditon(2) failed.")); 19037c478bd9Sstevel@tonic-gate } 19047c478bd9Sstevel@tonic-gate 19057c478bd9Sstevel@tonic-gate static void 19069e3700dfSgww egetauid(au_id_t *auid) 19077c478bd9Sstevel@tonic-gate { 19087c478bd9Sstevel@tonic-gate if (getauid(auid) == -1) 19097c478bd9Sstevel@tonic-gate exit_error(gettext("getauid(2) failed.")); 19107c478bd9Sstevel@tonic-gate } 19117c478bd9Sstevel@tonic-gate 19127c478bd9Sstevel@tonic-gate static void 19139e3700dfSgww egetaudit(auditinfo_addr_t *ai, int size) 19147c478bd9Sstevel@tonic-gate { 19157c478bd9Sstevel@tonic-gate if (getaudit_addr(ai, size) == -1) 19167c478bd9Sstevel@tonic-gate exit_error(gettext("getaudit_addr(2) failed.")); 19177c478bd9Sstevel@tonic-gate } 19187c478bd9Sstevel@tonic-gate 19197c478bd9Sstevel@tonic-gate static void 19209e3700dfSgww egetkaudit(auditinfo_addr_t *ai, int size) 19217c478bd9Sstevel@tonic-gate { 19227c478bd9Sstevel@tonic-gate if (auditon(A_GETKAUDIT, (char *)ai, size) < 0) 19237c478bd9Sstevel@tonic-gate exit_error(gettext("auditon: A_GETKAUDIT failed.")); 19247c478bd9Sstevel@tonic-gate } 19257c478bd9Sstevel@tonic-gate 19267c478bd9Sstevel@tonic-gate static void 19279e3700dfSgww esetkaudit(auditinfo_addr_t *ai, int size) 19287c478bd9Sstevel@tonic-gate { 19297c478bd9Sstevel@tonic-gate if (auditon(A_SETKAUDIT, (char *)ai, size) < 0) 19307c478bd9Sstevel@tonic-gate exit_error(gettext("auditon: A_SETKAUDIT failed.")); 19317c478bd9Sstevel@tonic-gate } 19327c478bd9Sstevel@tonic-gate 19337c478bd9Sstevel@tonic-gate static void 19349e3700dfSgww egetauditflagsbin(char *auditflags, au_mask_t *pmask) 19357c478bd9Sstevel@tonic-gate { 19367c478bd9Sstevel@tonic-gate pmask->am_success = pmask->am_failure = 0; 19377c478bd9Sstevel@tonic-gate 19387c478bd9Sstevel@tonic-gate if (strcmp(auditflags, "none") == 0) 19397c478bd9Sstevel@tonic-gate return; 19407c478bd9Sstevel@tonic-gate 19417c478bd9Sstevel@tonic-gate if (getauditflagsbin(auditflags, pmask) < 0) { 19427c478bd9Sstevel@tonic-gate exit_error(gettext("Could not get audit flags (%s)"), 19439e3700dfSgww auditflags); 19447c478bd9Sstevel@tonic-gate } 19457c478bd9Sstevel@tonic-gate } 19467c478bd9Sstevel@tonic-gate 19477c478bd9Sstevel@tonic-gate static au_event_ent_t * 19489e3700dfSgww egetauevnum(au_event_t event_number) 19497c478bd9Sstevel@tonic-gate { 19507c478bd9Sstevel@tonic-gate au_event_ent_t *evp; 19517c478bd9Sstevel@tonic-gate 19529e3700dfSgww if ((evp = getauevnum(event_number)) == NULL) { 1953d0fa49b7STony Nguyen exit_error(gettext("Could not get audit event %hu"), 19549e3700dfSgww event_number); 19559e3700dfSgww } 19567c478bd9Sstevel@tonic-gate 19577c478bd9Sstevel@tonic-gate return (evp); 19587c478bd9Sstevel@tonic-gate } 19597c478bd9Sstevel@tonic-gate 19607c478bd9Sstevel@tonic-gate static au_event_ent_t * 19619e3700dfSgww egetauevnam(char *event_name) 19627c478bd9Sstevel@tonic-gate { 19637c478bd9Sstevel@tonic-gate register au_event_ent_t *evp; 19647c478bd9Sstevel@tonic-gate 19659e3700dfSgww if ((evp = getauevnam(event_name)) == NULL) 19667c478bd9Sstevel@tonic-gate exit_error(gettext("Could not get audit event %s"), event_name); 19677c478bd9Sstevel@tonic-gate 19687c478bd9Sstevel@tonic-gate return (evp); 19697c478bd9Sstevel@tonic-gate } 19707c478bd9Sstevel@tonic-gate 19717c478bd9Sstevel@tonic-gate static void 19729e3700dfSgww esetauid(au_id_t *auid) 19737c478bd9Sstevel@tonic-gate { 19747c478bd9Sstevel@tonic-gate if (setauid(auid) == -1) 19757c478bd9Sstevel@tonic-gate exit_error(gettext("setauid(2) failed.")); 19767c478bd9Sstevel@tonic-gate } 19777c478bd9Sstevel@tonic-gate 19787c478bd9Sstevel@tonic-gate static void 19799e3700dfSgww esetaudit(auditinfo_addr_t *ai, int size) 19807c478bd9Sstevel@tonic-gate { 19817c478bd9Sstevel@tonic-gate if (setaudit_addr(ai, size) == -1) 19827c478bd9Sstevel@tonic-gate exit_error(gettext("setaudit_addr(2) failed.")); 19837c478bd9Sstevel@tonic-gate } 19847c478bd9Sstevel@tonic-gate 19857c478bd9Sstevel@tonic-gate static uid_t 19869e3700dfSgww get_user_id(char *user) 19877c478bd9Sstevel@tonic-gate { 19887c478bd9Sstevel@tonic-gate struct passwd *pwd; 19897c478bd9Sstevel@tonic-gate uid_t uid; 19907c478bd9Sstevel@tonic-gate 19917c478bd9Sstevel@tonic-gate if (isdigit(*user)) { 19927c478bd9Sstevel@tonic-gate uid = atoi(user); 19939e3700dfSgww if ((pwd = getpwuid(uid)) == NULL) { 19947c478bd9Sstevel@tonic-gate exit_error(gettext("Invalid user: %s"), user); 19957c478bd9Sstevel@tonic-gate } 19967c478bd9Sstevel@tonic-gate } else { 19979e3700dfSgww if ((pwd = getpwnam(user)) == NULL) { 19987c478bd9Sstevel@tonic-gate exit_error(gettext("Invalid user: %s"), user); 19997c478bd9Sstevel@tonic-gate } 20007c478bd9Sstevel@tonic-gate } 20017c478bd9Sstevel@tonic-gate 20027c478bd9Sstevel@tonic-gate return (pwd->pw_uid); 20037c478bd9Sstevel@tonic-gate } 20047c478bd9Sstevel@tonic-gate 20057c478bd9Sstevel@tonic-gate /* 20067c478bd9Sstevel@tonic-gate * get_arg_ent() 20077c478bd9Sstevel@tonic-gate * Inputs: command line argument string 2008*8523fda3SJan Friedel * Returns ptr to struct arg_entry if found; null, if not found 20097c478bd9Sstevel@tonic-gate */ 2010*8523fda3SJan Friedel static arg_entry_t * 20119e3700dfSgww get_arg_ent(char *arg_str) 20127c478bd9Sstevel@tonic-gate { 2013*8523fda3SJan Friedel arg_entry_t key; 20147c478bd9Sstevel@tonic-gate 20157c478bd9Sstevel@tonic-gate key.arg_str = arg_str; 20167c478bd9Sstevel@tonic-gate 2017*8523fda3SJan Friedel return ((arg_entry_t *)bsearch((char *)&key, (char *)arg_table, 2018*8523fda3SJan Friedel ARG_TBL_SZ, sizeof (arg_entry_t), arg_ent_compare)); 20197c478bd9Sstevel@tonic-gate } 20207c478bd9Sstevel@tonic-gate 20217c478bd9Sstevel@tonic-gate /* 20227c478bd9Sstevel@tonic-gate * arg_ent_compare() 20237c478bd9Sstevel@tonic-gate * Compares two command line arguments to determine which is 20247c478bd9Sstevel@tonic-gate * lexicographically greater. 20257c478bd9Sstevel@tonic-gate * Inputs: two argument map table entry pointers 20267c478bd9Sstevel@tonic-gate * Returns: > 1: aep1->arg_str > aep2->arg_str 20277c478bd9Sstevel@tonic-gate * < 1: aep1->arg_str < aep2->arg_str 20287c478bd9Sstevel@tonic-gate * 0: aep1->arg_str = aep->arg_str2 20297c478bd9Sstevel@tonic-gate */ 20307c478bd9Sstevel@tonic-gate static int 20319e3700dfSgww arg_ent_compare(const void *aep1, const void *aep2) 20327c478bd9Sstevel@tonic-gate { 2033*8523fda3SJan Friedel return (strcmp(((arg_entry_t *)aep1)->arg_str, 2034*8523fda3SJan Friedel ((arg_entry_t *)aep2)->arg_str)); 20357c478bd9Sstevel@tonic-gate } 20367c478bd9Sstevel@tonic-gate 20377c478bd9Sstevel@tonic-gate /* 20387c478bd9Sstevel@tonic-gate * Convert mask of the following forms: 20397c478bd9Sstevel@tonic-gate * 20407c478bd9Sstevel@tonic-gate * audit_flags (ie. +lo,-ad,pc) 20417c478bd9Sstevel@tonic-gate * 0xffffffff,0xffffffff 20427c478bd9Sstevel@tonic-gate * ffffffff,ffffffff 20437c478bd9Sstevel@tonic-gate * 20,20 20447c478bd9Sstevel@tonic-gate */ 20457c478bd9Sstevel@tonic-gate static void 20469e3700dfSgww str2mask(char *mask_str, au_mask_t *mp) 20477c478bd9Sstevel@tonic-gate { 20487c478bd9Sstevel@tonic-gate 20497c478bd9Sstevel@tonic-gate char sp[256]; 20507c478bd9Sstevel@tonic-gate char fp[256]; 20517c478bd9Sstevel@tonic-gate 20527c478bd9Sstevel@tonic-gate mp->am_success = 0; 20537c478bd9Sstevel@tonic-gate mp->am_failure = 0; 20547c478bd9Sstevel@tonic-gate 20557c478bd9Sstevel@tonic-gate /* 20569e3700dfSgww * a mask of the form +aa,bb,cc,-dd or 20579e3700dfSgww * a mask of the form 0xffffffff,0xffffffff or 1,1 20587c478bd9Sstevel@tonic-gate */ 20597c478bd9Sstevel@tonic-gate if (strisflags(mask_str)) { 20607c478bd9Sstevel@tonic-gate egetauditflagsbin(mask_str, mp); 20617c478bd9Sstevel@tonic-gate } else { 20627c478bd9Sstevel@tonic-gate strsplit(mask_str, sp, fp, ','); 20637c478bd9Sstevel@tonic-gate 20649e3700dfSgww if (strlen(sp) > (size_t)2 && !strncasecmp(sp, "0x", 2)) { 20657c478bd9Sstevel@tonic-gate (void) sscanf(sp + 2, "%x", &mp->am_success); 20669e3700dfSgww } else { 20677c478bd9Sstevel@tonic-gate (void) sscanf(sp, "%u", &mp->am_success); 20689e3700dfSgww } 20697c478bd9Sstevel@tonic-gate 20709e3700dfSgww if (strlen(fp) > (size_t)2 && !strncasecmp(fp, "0x", 2)) { 20717c478bd9Sstevel@tonic-gate (void) sscanf(fp + 2, "%x", &mp->am_failure); 20729e3700dfSgww } else { 20737c478bd9Sstevel@tonic-gate (void) sscanf(fp, "%u", &mp->am_failure); 20749e3700dfSgww } 20757c478bd9Sstevel@tonic-gate } 20767c478bd9Sstevel@tonic-gate } 20777c478bd9Sstevel@tonic-gate 20787c478bd9Sstevel@tonic-gate /* 20797c478bd9Sstevel@tonic-gate * tid_str is major,minor,host -- host is a name or an ip address 20807c478bd9Sstevel@tonic-gate */ 20817c478bd9Sstevel@tonic-gate static void 20827c478bd9Sstevel@tonic-gate str2tid(char *tid_str, au_tid_addr_t *tp) 20837c478bd9Sstevel@tonic-gate { 20849e3700dfSgww char *major_str; 20859e3700dfSgww char *minor_str; 20869e3700dfSgww char *host_str = NULL; 20877c478bd9Sstevel@tonic-gate major_t major = 0; 20887c478bd9Sstevel@tonic-gate major_t minor = 0; 20897c478bd9Sstevel@tonic-gate dev_t dev = 0; 20907c478bd9Sstevel@tonic-gate struct hostent *phe; 20917c478bd9Sstevel@tonic-gate int err; 20927c478bd9Sstevel@tonic-gate uint32_t ibuf; 20937c478bd9Sstevel@tonic-gate uint32_t ibuf6[4]; 20947c478bd9Sstevel@tonic-gate 20957c478bd9Sstevel@tonic-gate tp->at_port = 0; 20967c478bd9Sstevel@tonic-gate tp->at_type = 0; 20977c478bd9Sstevel@tonic-gate bzero(tp->at_addr, 16); 20987c478bd9Sstevel@tonic-gate 20997c478bd9Sstevel@tonic-gate major_str = tid_str; 21007c478bd9Sstevel@tonic-gate if ((minor_str = strchr(tid_str, ',')) != NULL) { 21017c478bd9Sstevel@tonic-gate *minor_str = '\0'; 21027c478bd9Sstevel@tonic-gate minor_str++; 21037c478bd9Sstevel@tonic-gate } 21047c478bd9Sstevel@tonic-gate 21059e3700dfSgww if (minor_str) { 21067c478bd9Sstevel@tonic-gate if ((host_str = strchr(minor_str, ',')) != NULL) { 21077c478bd9Sstevel@tonic-gate *host_str = '\0'; 21087c478bd9Sstevel@tonic-gate host_str++; 21097c478bd9Sstevel@tonic-gate } 21109e3700dfSgww } 21117c478bd9Sstevel@tonic-gate 21127c478bd9Sstevel@tonic-gate if (major_str) 21137c478bd9Sstevel@tonic-gate major = (major_t)atoi(major_str); 21147c478bd9Sstevel@tonic-gate 21157c478bd9Sstevel@tonic-gate if (minor_str) 21167c478bd9Sstevel@tonic-gate minor = (minor_t)atoi(minor_str); 21177c478bd9Sstevel@tonic-gate 21187c478bd9Sstevel@tonic-gate if ((dev = makedev(major, minor)) != NODEV) 21197c478bd9Sstevel@tonic-gate tp->at_port = dev; 21207c478bd9Sstevel@tonic-gate 21217c478bd9Sstevel@tonic-gate if (host_str) { 21227c478bd9Sstevel@tonic-gate if (strisipaddr(host_str)) { 21239e3700dfSgww if (inet_pton(AF_INET, host_str, &ibuf)) { 21249e3700dfSgww tp->at_addr[0] = ibuf; 21259e3700dfSgww tp->at_type = AU_IPv4; 21269e3700dfSgww } else if (inet_pton(AF_INET6, host_str, ibuf6)) { 21279e3700dfSgww tp->at_addr[0] = ibuf6[0]; 21289e3700dfSgww tp->at_addr[1] = ibuf6[1]; 21299e3700dfSgww tp->at_addr[2] = ibuf6[2]; 21309e3700dfSgww tp->at_addr[3] = ibuf6[3]; 21319e3700dfSgww tp->at_type = AU_IPv6; 21329e3700dfSgww } 21337c478bd9Sstevel@tonic-gate } else { 21347c478bd9Sstevel@tonic-gate phe = getipnodebyname((const void *)host_str, 21359e3700dfSgww AF_INET, 0, &err); 21367c478bd9Sstevel@tonic-gate if (phe == 0) { 21377c478bd9Sstevel@tonic-gate phe = getipnodebyname((const void *)host_str, 21389e3700dfSgww AF_INET6, 0, &err); 21397c478bd9Sstevel@tonic-gate } 21407c478bd9Sstevel@tonic-gate 21417c478bd9Sstevel@tonic-gate if (phe != NULL) { 21427c478bd9Sstevel@tonic-gate if (phe->h_addrtype == AF_INET6) { 21437c478bd9Sstevel@tonic-gate /* address is IPv6 (128 bits) */ 21447c478bd9Sstevel@tonic-gate (void) memcpy(&tp->at_addr[0], 21459e3700dfSgww phe->h_addr_list[0], 16); 21467c478bd9Sstevel@tonic-gate tp->at_type = AU_IPv6; 21477c478bd9Sstevel@tonic-gate } else { 21487c478bd9Sstevel@tonic-gate /* address is IPv4 (32 bits) */ 21497c478bd9Sstevel@tonic-gate (void) memcpy(&tp->at_addr[0], 21509e3700dfSgww phe->h_addr_list[0], 4); 21517c478bd9Sstevel@tonic-gate tp->at_type = AU_IPv4; 21527c478bd9Sstevel@tonic-gate } 21537c478bd9Sstevel@tonic-gate freehostent(phe); 21547c478bd9Sstevel@tonic-gate } 21557c478bd9Sstevel@tonic-gate } 21567c478bd9Sstevel@tonic-gate } 21577c478bd9Sstevel@tonic-gate } 21587c478bd9Sstevel@tonic-gate 21599e3700dfSgww static char * 21609e3700dfSgww cond2str(void) 21617c478bd9Sstevel@tonic-gate { 21629e3700dfSgww uint_t cond; 21637c478bd9Sstevel@tonic-gate 21649e3700dfSgww eauditon(A_GETCOND, (caddr_t)&cond, (int)sizeof (cond)); 21657c478bd9Sstevel@tonic-gate 21669e3700dfSgww switch (cond) { 21677c478bd9Sstevel@tonic-gate 21689e3700dfSgww case AUC_AUDITING: 21699e3700dfSgww return ("auditing"); 21707c478bd9Sstevel@tonic-gate 21719e3700dfSgww case AUC_NOAUDIT: 21729e3700dfSgww case AUC_INIT_AUDIT: 21739e3700dfSgww return ("noaudit"); 21747c478bd9Sstevel@tonic-gate 21759e3700dfSgww case AUC_UNSET: 21769e3700dfSgww return ("unset"); 21779e3700dfSgww 21789e3700dfSgww case AUC_NOSPACE: 21799e3700dfSgww return ("nospace"); 21809e3700dfSgww 21819e3700dfSgww default: 21829e3700dfSgww return (""); 21839e3700dfSgww } 21847c478bd9Sstevel@tonic-gate } 21857c478bd9Sstevel@tonic-gate 21869e3700dfSgww /* 21879e3700dfSgww * exit = 0, success 21889e3700dfSgww * 1, error 21899e3700dfSgww * 2, bad zone 21909e3700dfSgww */ 21917c478bd9Sstevel@tonic-gate static int 2192*8523fda3SJan Friedel str2policy(char *policy_str, uint32_t *policy_mask) 21937c478bd9Sstevel@tonic-gate { 21947c478bd9Sstevel@tonic-gate char *buf; 21957c478bd9Sstevel@tonic-gate char *tok; 21967c478bd9Sstevel@tonic-gate char pfix; 2197*8523fda3SJan Friedel boolean_t is_all = B_FALSE; 2198*8523fda3SJan Friedel uint32_t pm = 0; 2199*8523fda3SJan Friedel uint32_t curp; 22007c478bd9Sstevel@tonic-gate 22017c478bd9Sstevel@tonic-gate pfix = *policy_str; 22027c478bd9Sstevel@tonic-gate 22037c478bd9Sstevel@tonic-gate if (pfix == '-' || pfix == '+' || pfix == '=') 22047c478bd9Sstevel@tonic-gate ++policy_str; 22057c478bd9Sstevel@tonic-gate 22067c478bd9Sstevel@tonic-gate if ((buf = strdup(policy_str)) == NULL) 22077c478bd9Sstevel@tonic-gate return (1); 22087c478bd9Sstevel@tonic-gate 22099e3700dfSgww for (tok = strtok(buf, ","); tok != NULL; tok = strtok(NULL, ",")) { 2210*8523fda3SJan Friedel uint32_t tok_pm; 2211*8523fda3SJan Friedel if (((tok_pm = get_policy(tok)) == 0) && 2212*8523fda3SJan Friedel ((strcasecmp(tok, "none") != 0))) { 2213*8523fda3SJan Friedel free(buf); 22147c478bd9Sstevel@tonic-gate return (1); 22157c478bd9Sstevel@tonic-gate } else { 2216*8523fda3SJan Friedel pm |= tok_pm; 2217*8523fda3SJan Friedel if (tok_pm == ALL_POLICIES) { 2218*8523fda3SJan Friedel is_all = B_TRUE; 22199e3700dfSgww } 22207c478bd9Sstevel@tonic-gate } 22217c478bd9Sstevel@tonic-gate } 22227c478bd9Sstevel@tonic-gate free(buf); 22237c478bd9Sstevel@tonic-gate 2224*8523fda3SJan Friedel /* reuse policy mask if already set to some value */ 2225*8523fda3SJan Friedel if (*policy_mask != 0) { 2226*8523fda3SJan Friedel curp = *policy_mask; 2227*8523fda3SJan Friedel } else { 2228*8523fda3SJan Friedel (void) auditon(A_GETPOLICY, (caddr_t)&curp, 0); 2229*8523fda3SJan Friedel } 2230*8523fda3SJan Friedel 22317c478bd9Sstevel@tonic-gate if (pfix == '-') { 22329e3700dfSgww if (!is_all && 22339e3700dfSgww (getzoneid() != GLOBAL_ZONEID) && 22349e3700dfSgww (pm & ~AUDIT_LOCAL)) { 22357c478bd9Sstevel@tonic-gate return (2); 22369e3700dfSgww } 2237*8523fda3SJan Friedel 22387c478bd9Sstevel@tonic-gate if (getzoneid() != GLOBAL_ZONEID) 22397c478bd9Sstevel@tonic-gate curp &= AUDIT_LOCAL; 22407c478bd9Sstevel@tonic-gate *policy_mask = curp & ~pm; 2241*8523fda3SJan Friedel 22427c478bd9Sstevel@tonic-gate } else if (pfix == '+') { 22437c478bd9Sstevel@tonic-gate /* 22449e3700dfSgww * In a local zone, accept specifying "all", but not 22459e3700dfSgww * individually specifying global-zone only policies. 22469e3700dfSgww * Limit to all locally allowed, so system call doesn't 22479e3700dfSgww * fail. 22487c478bd9Sstevel@tonic-gate */ 22499e3700dfSgww if (!is_all && 22509e3700dfSgww (getzoneid() != GLOBAL_ZONEID) && 22519e3700dfSgww (pm & ~AUDIT_LOCAL)) { 22527c478bd9Sstevel@tonic-gate return (2); 22539e3700dfSgww } 2254*8523fda3SJan Friedel 22557c478bd9Sstevel@tonic-gate if (getzoneid() != GLOBAL_ZONEID) { 22567c478bd9Sstevel@tonic-gate curp &= AUDIT_LOCAL; 22579e3700dfSgww if (is_all) { 22587c478bd9Sstevel@tonic-gate pm &= AUDIT_LOCAL; 22599e3700dfSgww } 22607c478bd9Sstevel@tonic-gate } 22617c478bd9Sstevel@tonic-gate *policy_mask = curp | pm; 2262*8523fda3SJan Friedel 22637c478bd9Sstevel@tonic-gate } else { 2264*8523fda3SJan Friedel /* 2265*8523fda3SJan Friedel * In a local zone, accept specifying "all", but not 2266*8523fda3SJan Friedel * individually specifying global-zone only policies. 2267*8523fda3SJan Friedel * Limit to all locally allowed, so system call doesn't 2268*8523fda3SJan Friedel * fail. 2269*8523fda3SJan Friedel */ 2270*8523fda3SJan Friedel if (!is_all && 2271*8523fda3SJan Friedel (getzoneid() != GLOBAL_ZONEID) && 2272*8523fda3SJan Friedel (pm & ~AUDIT_LOCAL)) { 2273*8523fda3SJan Friedel return (2); 2274*8523fda3SJan Friedel } 2275*8523fda3SJan Friedel 22769e3700dfSgww if (is_all && (getzoneid() != GLOBAL_ZONEID)) { 22777c478bd9Sstevel@tonic-gate pm &= AUDIT_LOCAL; 22789e3700dfSgww } 22797c478bd9Sstevel@tonic-gate *policy_mask = pm; 22807c478bd9Sstevel@tonic-gate } 22817c478bd9Sstevel@tonic-gate return (0); 22827c478bd9Sstevel@tonic-gate } 22837c478bd9Sstevel@tonic-gate 22847c478bd9Sstevel@tonic-gate static int 2285*8523fda3SJan Friedel policy2str(uint32_t policy, char *policy_str, size_t len) 22867c478bd9Sstevel@tonic-gate { 22877c478bd9Sstevel@tonic-gate int i, j; 22887c478bd9Sstevel@tonic-gate 22897c478bd9Sstevel@tonic-gate if (policy == ALL_POLICIES) { 22907c478bd9Sstevel@tonic-gate (void) strcpy(policy_str, "all"); 22917c478bd9Sstevel@tonic-gate return (1); 22927c478bd9Sstevel@tonic-gate } 22937c478bd9Sstevel@tonic-gate 22947c478bd9Sstevel@tonic-gate if (policy == NO_POLICIES) { 22957c478bd9Sstevel@tonic-gate (void) strcpy(policy_str, "none"); 22967c478bd9Sstevel@tonic-gate return (1); 22977c478bd9Sstevel@tonic-gate } 22987c478bd9Sstevel@tonic-gate 22997c478bd9Sstevel@tonic-gate *policy_str = '\0'; 23007c478bd9Sstevel@tonic-gate 230145916cd2Sjpk for (i = 0, j = 0; i < POLICY_TBL_SZ; i++) { 23027c478bd9Sstevel@tonic-gate if (policy & policy_table[i].policy_mask && 23037c478bd9Sstevel@tonic-gate policy_table[i].policy_mask != ALL_POLICIES) { 23049e3700dfSgww if (j++) { 23057c478bd9Sstevel@tonic-gate (void) strcat(policy_str, ","); 23069e3700dfSgww } 23079e3700dfSgww (void) strlcat(policy_str, policy_table[i].policy_str, 23089e3700dfSgww len); 23097c478bd9Sstevel@tonic-gate } 231045916cd2Sjpk } 23117c478bd9Sstevel@tonic-gate 23127c478bd9Sstevel@tonic-gate if (*policy_str) 23137c478bd9Sstevel@tonic-gate return (0); 23147c478bd9Sstevel@tonic-gate 23157c478bd9Sstevel@tonic-gate return (1); 23167c478bd9Sstevel@tonic-gate } 23177c478bd9Sstevel@tonic-gate 23187c478bd9Sstevel@tonic-gate 23197c478bd9Sstevel@tonic-gate static int 23209e3700dfSgww strisnum(char *s) 23217c478bd9Sstevel@tonic-gate { 23229e3700dfSgww if (s == NULL || !*s) 23237c478bd9Sstevel@tonic-gate return (0); 23247c478bd9Sstevel@tonic-gate 23257c478bd9Sstevel@tonic-gate for (; *s == '-' || *s == '+'; s++) 23267c478bd9Sstevel@tonic-gate 23277c478bd9Sstevel@tonic-gate if (!*s) 23287c478bd9Sstevel@tonic-gate return (0); 23297c478bd9Sstevel@tonic-gate 23307c478bd9Sstevel@tonic-gate for (; *s; s++) 23317c478bd9Sstevel@tonic-gate if (!isdigit(*s)) 23327c478bd9Sstevel@tonic-gate return (0); 23337c478bd9Sstevel@tonic-gate 23347c478bd9Sstevel@tonic-gate return (1); 23357c478bd9Sstevel@tonic-gate } 23367c478bd9Sstevel@tonic-gate 23377c478bd9Sstevel@tonic-gate static int 23389e3700dfSgww strisflags(char *s) 23397c478bd9Sstevel@tonic-gate { 23409e3700dfSgww if (s == NULL || !*s) 23417c478bd9Sstevel@tonic-gate return (0); 23427c478bd9Sstevel@tonic-gate 23437c478bd9Sstevel@tonic-gate for (; *s; s++) { 23447c478bd9Sstevel@tonic-gate if (!isalpha(*s) && 23459e3700dfSgww (*s != '+' && *s != '-' && *s != '^' && *s != ',')) 23467c478bd9Sstevel@tonic-gate return (0); 23477c478bd9Sstevel@tonic-gate } 23487c478bd9Sstevel@tonic-gate 23497c478bd9Sstevel@tonic-gate return (1); 23507c478bd9Sstevel@tonic-gate } 23517c478bd9Sstevel@tonic-gate 23527c478bd9Sstevel@tonic-gate static int 23539e3700dfSgww strisipaddr(char *s) 23547c478bd9Sstevel@tonic-gate { 23557c478bd9Sstevel@tonic-gate int dot = 0; 23567c478bd9Sstevel@tonic-gate int colon = 0; 23577c478bd9Sstevel@tonic-gate 23587c478bd9Sstevel@tonic-gate /* no string */ 23599e3700dfSgww if ((s == NULL) || (!*s)) 23607c478bd9Sstevel@tonic-gate return (0); 23617c478bd9Sstevel@tonic-gate 23627c478bd9Sstevel@tonic-gate for (; *s; s++) { 23637c478bd9Sstevel@tonic-gate if (!(isxdigit(*s) || *s != '.' || *s != ':')) 23647c478bd9Sstevel@tonic-gate return (0); 23659e3700dfSgww if (*s == '.') 23669e3700dfSgww dot++; 23679e3700dfSgww if (*s == ':') 23689e3700dfSgww colon++; 23697c478bd9Sstevel@tonic-gate } 23707c478bd9Sstevel@tonic-gate 23717c478bd9Sstevel@tonic-gate if (dot && colon) 23727c478bd9Sstevel@tonic-gate return (0); 23737c478bd9Sstevel@tonic-gate 23747c478bd9Sstevel@tonic-gate if (!dot && !colon) 23757c478bd9Sstevel@tonic-gate return (0); 23767c478bd9Sstevel@tonic-gate 23777c478bd9Sstevel@tonic-gate return (1); 23787c478bd9Sstevel@tonic-gate } 23797c478bd9Sstevel@tonic-gate 23807c478bd9Sstevel@tonic-gate static void 23819e3700dfSgww strsplit(char *s, char *p1, char *p2, char c) 23827c478bd9Sstevel@tonic-gate { 23837c478bd9Sstevel@tonic-gate *p1 = *p2 = '\0'; 23847c478bd9Sstevel@tonic-gate 23857c478bd9Sstevel@tonic-gate while (*s != '\0' && *s != c) 23867c478bd9Sstevel@tonic-gate *p1++ = *s++; 23877c478bd9Sstevel@tonic-gate *p1 = '\0'; 23887c478bd9Sstevel@tonic-gate s++; 23897c478bd9Sstevel@tonic-gate 23907c478bd9Sstevel@tonic-gate while (*s != '\0') 23917c478bd9Sstevel@tonic-gate *p2++ = *s++; 23927c478bd9Sstevel@tonic-gate *p2 = '\0'; 23937c478bd9Sstevel@tonic-gate } 23947c478bd9Sstevel@tonic-gate 23957c478bd9Sstevel@tonic-gate static void 23969e3700dfSgww chk_event_num(int etype, au_event_t event) 23977c478bd9Sstevel@tonic-gate { 23987c478bd9Sstevel@tonic-gate au_stat_t as; 23997c478bd9Sstevel@tonic-gate 24007c478bd9Sstevel@tonic-gate eauditon(A_GETSTAT, (caddr_t)&as, 0); 24017c478bd9Sstevel@tonic-gate 24027c478bd9Sstevel@tonic-gate if (etype == AC_KERN_EVENT) { 24037c478bd9Sstevel@tonic-gate if (event > as.as_numevent) { 2404*8523fda3SJan Friedel exit_error(gettext( 2405*8523fda3SJan Friedel "Invalid kernel audit event number specified.\n" 2406d0fa49b7STony Nguyen "\t%hu is outside allowable range 0-%d."), 24077c478bd9Sstevel@tonic-gate event, as.as_numevent); 24087c478bd9Sstevel@tonic-gate } 24099e3700dfSgww } else { 24109e3700dfSgww /* user event */ 24117c478bd9Sstevel@tonic-gate if (event <= as.as_numevent) { 24129e3700dfSgww exit_error(gettext("Invalid user level audit event " 2413d0fa49b7STony Nguyen "number specified %hu."), event); 24147c478bd9Sstevel@tonic-gate } 24157c478bd9Sstevel@tonic-gate } 24167c478bd9Sstevel@tonic-gate } 24177c478bd9Sstevel@tonic-gate 24187c478bd9Sstevel@tonic-gate static void 24199e3700dfSgww chk_event_str(int etype, char *event_str) 24207c478bd9Sstevel@tonic-gate { 24217c478bd9Sstevel@tonic-gate au_event_ent_t *evp; 24227c478bd9Sstevel@tonic-gate au_stat_t as; 24237c478bd9Sstevel@tonic-gate 24247c478bd9Sstevel@tonic-gate eauditon(A_GETSTAT, (caddr_t)&as, 0); 24257c478bd9Sstevel@tonic-gate 24267c478bd9Sstevel@tonic-gate evp = egetauevnam(event_str); 24277c478bd9Sstevel@tonic-gate if (etype == AC_KERN_EVENT && (evp->ae_number > as.as_numevent)) { 2428*8523fda3SJan Friedel exit_error(gettext( 2429*8523fda3SJan Friedel "Invalid kernel audit event string specified.\n" 24309e3700dfSgww "\t\"%s\" appears to be a user level event. " 24319e3700dfSgww "Check configuration."), event_str); 24327c478bd9Sstevel@tonic-gate } else if (etype == AC_USER_EVENT && 24339e3700dfSgww (evp->ae_number < as.as_numevent)) { 2434*8523fda3SJan Friedel exit_error(gettext( 2435*8523fda3SJan Friedel "Invalid user audit event string specified.\n" 24369e3700dfSgww "\t\"%s\" appears to be a kernel event. " 24379e3700dfSgww "Check configuration."), event_str); 24387c478bd9Sstevel@tonic-gate } 24397c478bd9Sstevel@tonic-gate } 24407c478bd9Sstevel@tonic-gate 24417c478bd9Sstevel@tonic-gate static void 24429e3700dfSgww chk_sorf(char *sorf_str) 24437c478bd9Sstevel@tonic-gate { 24447c478bd9Sstevel@tonic-gate if (!strisnum(sorf_str)) 24457c478bd9Sstevel@tonic-gate exit_error(gettext("Invalid sorf specified: %s"), sorf_str); 24467c478bd9Sstevel@tonic-gate } 24477c478bd9Sstevel@tonic-gate 24487c478bd9Sstevel@tonic-gate static void 24499e3700dfSgww chk_retval(char *retval_str) 24507c478bd9Sstevel@tonic-gate { 24517c478bd9Sstevel@tonic-gate if (!strisnum(retval_str)) 24527c478bd9Sstevel@tonic-gate exit_error(gettext("Invalid retval specified: %s"), retval_str); 24537c478bd9Sstevel@tonic-gate } 24547c478bd9Sstevel@tonic-gate 24557c478bd9Sstevel@tonic-gate static void 24569e3700dfSgww execit(char **argv) 24577c478bd9Sstevel@tonic-gate { 24584e5fbfedStz char *args, *args_pos; 24594e5fbfedStz size_t len = 0; 24604e5fbfedStz size_t n = 0; 24614e5fbfedStz char **argv_pos; 24627c478bd9Sstevel@tonic-gate 24639e3700dfSgww if (*argv) { 24644e5fbfedStz /* concatenate argument array to be passed to sh -c "..." */ 24654e5fbfedStz for (argv_pos = argv; *argv_pos; argv_pos++) 24664e5fbfedStz len += strlen(*argv_pos) + 1; 24674e5fbfedStz 24684e5fbfedStz if ((args = malloc(len + 1)) == NULL) 24694e5fbfedStz exit_error( 2470*8523fda3SJan Friedel gettext("Allocation for command/arguments failed")); 24714e5fbfedStz 24724e5fbfedStz args_pos = args; 24734e5fbfedStz for (argv_pos = argv; *argv_pos; argv_pos++) { 24744e5fbfedStz n += snprintf(args_pos, len - n, "%s ", *argv_pos); 24754e5fbfedStz args_pos = args + n; 24764e5fbfedStz } 24774e5fbfedStz /* strip the last space */ 24784e5fbfedStz args[strlen(args)] = '\0'; 24797c478bd9Sstevel@tonic-gate 24804e5fbfedStz (void) execl("/bin/sh", "sh", "-c", args, NULL); 24814e5fbfedStz } else { 24824e5fbfedStz (void) execl("/bin/sh", "sh", NULL); 24837c478bd9Sstevel@tonic-gate } 24847c478bd9Sstevel@tonic-gate 24857c478bd9Sstevel@tonic-gate exit_error(gettext("exec(2) failed")); 24867c478bd9Sstevel@tonic-gate } 24877c478bd9Sstevel@tonic-gate 24887c478bd9Sstevel@tonic-gate static void 24899e3700dfSgww exit_usage(int status) 24907c478bd9Sstevel@tonic-gate { 24917c478bd9Sstevel@tonic-gate FILE *fp; 24927c478bd9Sstevel@tonic-gate int i; 24937c478bd9Sstevel@tonic-gate 24947c478bd9Sstevel@tonic-gate fp = (status ? stderr : stdout); 24957c478bd9Sstevel@tonic-gate (void) fprintf(fp, gettext("usage: %s option ...\n"), progname); 24967c478bd9Sstevel@tonic-gate 2497*8523fda3SJan Friedel for (i = 0; i < ARG_TBL_SZ; i++) { 2498*8523fda3SJan Friedel /* skip the -t option; it's not a standalone option */ 2499*8523fda3SJan Friedel if (arg_table[i].auditconfig_cmd == AC_ARG_SET_TEMPORARY) { 2500*8523fda3SJan Friedel continue; 2501*8523fda3SJan Friedel } 2502*8523fda3SJan Friedel 2503*8523fda3SJan Friedel (void) fprintf(fp, " %s%s%s\n", 2504*8523fda3SJan Friedel arg_table[i].arg_str, arg_table[i].arg_opts, 2505*8523fda3SJan Friedel (arg_table[i].temporary_allowed ? " [-t]" : "")); 2506*8523fda3SJan Friedel } 25077c478bd9Sstevel@tonic-gate 25087c478bd9Sstevel@tonic-gate exit(status); 25097c478bd9Sstevel@tonic-gate } 25107c478bd9Sstevel@tonic-gate 25117c478bd9Sstevel@tonic-gate static void 25129e3700dfSgww print_asid(au_asid_t asid) 25137c478bd9Sstevel@tonic-gate { 25147c478bd9Sstevel@tonic-gate (void) printf(gettext("audit session id = %u\n"), asid); 25157c478bd9Sstevel@tonic-gate } 25167c478bd9Sstevel@tonic-gate 25177c478bd9Sstevel@tonic-gate static void 25189e3700dfSgww print_auid(au_id_t auid) 25197c478bd9Sstevel@tonic-gate { 25207c478bd9Sstevel@tonic-gate struct passwd *pwd; 25217c478bd9Sstevel@tonic-gate char *username; 25227c478bd9Sstevel@tonic-gate 25239e3700dfSgww if ((pwd = getpwuid((uid_t)auid)) != NULL) 25247c478bd9Sstevel@tonic-gate username = pwd->pw_name; 25257c478bd9Sstevel@tonic-gate else 25267c478bd9Sstevel@tonic-gate username = gettext("unknown"); 25277c478bd9Sstevel@tonic-gate 25287c478bd9Sstevel@tonic-gate (void) printf(gettext("audit id = %s(%d)\n"), username, auid); 25297c478bd9Sstevel@tonic-gate } 25307c478bd9Sstevel@tonic-gate 25317c478bd9Sstevel@tonic-gate static void 25329e3700dfSgww print_mask(char *desc, au_mask_t *pmp) 25337c478bd9Sstevel@tonic-gate { 25347c478bd9Sstevel@tonic-gate char auflags[512]; 25357c478bd9Sstevel@tonic-gate 25367c478bd9Sstevel@tonic-gate if (getauditflagschar(auflags, pmp, NULL) < 0) 25377c478bd9Sstevel@tonic-gate (void) strlcpy(auflags, gettext("unknown"), sizeof (auflags)); 25387c478bd9Sstevel@tonic-gate 25397c478bd9Sstevel@tonic-gate (void) printf("%s = %s(0x%x,0x%x)\n", 25409e3700dfSgww desc, auflags, pmp->am_success, pmp->am_failure); 25417c478bd9Sstevel@tonic-gate } 25427c478bd9Sstevel@tonic-gate 25437c478bd9Sstevel@tonic-gate static void 25449e3700dfSgww print_tid_ex(au_tid_addr_t *tidp) 25457c478bd9Sstevel@tonic-gate { 25467c478bd9Sstevel@tonic-gate struct hostent *phe; 25477c478bd9Sstevel@tonic-gate char *hostname; 25487c478bd9Sstevel@tonic-gate struct in_addr ia; 25497c478bd9Sstevel@tonic-gate uint32_t *addr; 25507c478bd9Sstevel@tonic-gate int err; 25519e3700dfSgww char buf[INET6_ADDRSTRLEN]; 25527c478bd9Sstevel@tonic-gate char *bufp; 25537c478bd9Sstevel@tonic-gate 25547c478bd9Sstevel@tonic-gate 25557c478bd9Sstevel@tonic-gate /* IPV6 or IPV4 address */ 25567c478bd9Sstevel@tonic-gate if (tidp->at_type == AU_IPv4) { 25577c478bd9Sstevel@tonic-gate if ((phe = gethostbyaddr((char *)&tidp->at_addr[0], 25589e3700dfSgww sizeof (tidp->at_addr[0]), AF_INET)) != NULL) { 25597c478bd9Sstevel@tonic-gate hostname = phe->h_name; 25609e3700dfSgww } else { 25617c478bd9Sstevel@tonic-gate hostname = gettext("unknown"); 25629e3700dfSgww } 25637c478bd9Sstevel@tonic-gate 25647c478bd9Sstevel@tonic-gate ia.s_addr = tidp->at_addr[0]; 25657c478bd9Sstevel@tonic-gate 25667c478bd9Sstevel@tonic-gate (void) printf(gettext( 2567*8523fda3SJan Friedel "terminal id (maj,min,host) = %lu,%lu,%s(%s)\n"), 25689e3700dfSgww major(tidp->at_port), minor(tidp->at_port), 25699e3700dfSgww hostname, inet_ntoa(ia)); 25707c478bd9Sstevel@tonic-gate } else { 25717c478bd9Sstevel@tonic-gate addr = &tidp->at_addr[0]; 25727c478bd9Sstevel@tonic-gate phe = getipnodebyaddr((const void *)addr, 16, AF_INET6, &err); 25737c478bd9Sstevel@tonic-gate 25747c478bd9Sstevel@tonic-gate bzero(buf, sizeof (buf)); 25757c478bd9Sstevel@tonic-gate 25769e3700dfSgww (void) inet_ntop(AF_INET6, (void *)addr, buf, sizeof (buf)); 25779e3700dfSgww if (phe == NULL) { 25787c478bd9Sstevel@tonic-gate bufp = gettext("unknown"); 25799e3700dfSgww } else { 25807c478bd9Sstevel@tonic-gate bufp = phe->h_name; 25819e3700dfSgww } 25827c478bd9Sstevel@tonic-gate 25837c478bd9Sstevel@tonic-gate (void) printf(gettext( 2584*8523fda3SJan Friedel "terminal id (maj,min,host) = %lu,%lu,%s(%s)\n"), 25859e3700dfSgww major(tidp->at_port), minor(tidp->at_port), 25869e3700dfSgww bufp, buf); 25879e3700dfSgww if (phe) { 25887c478bd9Sstevel@tonic-gate freehostent(phe); 25899e3700dfSgww } 25907c478bd9Sstevel@tonic-gate } 25917c478bd9Sstevel@tonic-gate } 25927c478bd9Sstevel@tonic-gate 25937c478bd9Sstevel@tonic-gate static int 25949e3700dfSgww str2ipaddr(char *s, uint32_t *addr, uint32_t type) 25957c478bd9Sstevel@tonic-gate { 25967c478bd9Sstevel@tonic-gate int j, sl; 25977c478bd9Sstevel@tonic-gate char *ss; 25987c478bd9Sstevel@tonic-gate unsigned int v; 25997c478bd9Sstevel@tonic-gate 26007c478bd9Sstevel@tonic-gate bzero(addr, 16); 26017c478bd9Sstevel@tonic-gate if (strisipaddr(s)) { 26027c478bd9Sstevel@tonic-gate if (type == AU_IPv4) { 26039e3700dfSgww if (inet_pton(AF_INET, s, addr)) { 26047c478bd9Sstevel@tonic-gate return (0); 26059e3700dfSgww } 26067c478bd9Sstevel@tonic-gate return (1); 26079e3700dfSgww } else if (type == AU_IPv6) { 26087c478bd9Sstevel@tonic-gate if (inet_pton(AF_INET6, s, addr)) 26097c478bd9Sstevel@tonic-gate return (0); 26107c478bd9Sstevel@tonic-gate return (1); 26117c478bd9Sstevel@tonic-gate } 26127c478bd9Sstevel@tonic-gate return (1); 26137c478bd9Sstevel@tonic-gate } else { 26147c478bd9Sstevel@tonic-gate if (type == AU_IPv4) { 26157c478bd9Sstevel@tonic-gate (void) sscanf(s, "%x", &addr[0]); 26167c478bd9Sstevel@tonic-gate return (0); 26179e3700dfSgww } else if (type == AU_IPv6) { 26187c478bd9Sstevel@tonic-gate sl = strlen(s); 26197c478bd9Sstevel@tonic-gate ss = s; 26207c478bd9Sstevel@tonic-gate for (j = 3; j >= 0; j--) { 26217c478bd9Sstevel@tonic-gate if ((sl - 8) <= 0) { 26227c478bd9Sstevel@tonic-gate (void) sscanf(s, "%x", &v); 26237c478bd9Sstevel@tonic-gate addr[j] = v; 26247c478bd9Sstevel@tonic-gate return (0); 26257c478bd9Sstevel@tonic-gate } 26267c478bd9Sstevel@tonic-gate ss = &s[sl-8]; 26277c478bd9Sstevel@tonic-gate (void) sscanf(ss, "%x", &v); 26287c478bd9Sstevel@tonic-gate addr[j] = v; 26297c478bd9Sstevel@tonic-gate sl -= 8; 26307c478bd9Sstevel@tonic-gate *ss = '\0'; 26317c478bd9Sstevel@tonic-gate } 26327c478bd9Sstevel@tonic-gate } 26337c478bd9Sstevel@tonic-gate return (0); 26347c478bd9Sstevel@tonic-gate } 26357c478bd9Sstevel@tonic-gate } 26367c478bd9Sstevel@tonic-gate 26377c478bd9Sstevel@tonic-gate static int 26389e3700dfSgww str2type(char *s, uint_t *type) 26397c478bd9Sstevel@tonic-gate { 26407c478bd9Sstevel@tonic-gate if (strcmp(s, "ipv6") == 0) { 26417c478bd9Sstevel@tonic-gate *type = AU_IPv6; 26427c478bd9Sstevel@tonic-gate return (0); 26437c478bd9Sstevel@tonic-gate } 26447c478bd9Sstevel@tonic-gate if (strcmp(s, "ipv4") == 0) { 26457c478bd9Sstevel@tonic-gate *type = AU_IPv4; 26467c478bd9Sstevel@tonic-gate return (0); 26477c478bd9Sstevel@tonic-gate } 26487c478bd9Sstevel@tonic-gate 26497c478bd9Sstevel@tonic-gate return (1); 26507c478bd9Sstevel@tonic-gate } 2651*8523fda3SJan Friedel 2652*8523fda3SJan Friedel /* 2653*8523fda3SJan Friedel * exit_error() - print an error message along with corresponding system error 2654*8523fda3SJan Friedel * number and error message, then exit. Inputs - program error format and 2655*8523fda3SJan Friedel * message. 2656*8523fda3SJan Friedel */ 2657*8523fda3SJan Friedel /*PRINTFLIKE1*/ 2658*8523fda3SJan Friedel static void 2659*8523fda3SJan Friedel exit_error(char *fmt, ...) 2660*8523fda3SJan Friedel { 2661*8523fda3SJan Friedel va_list args; 2662*8523fda3SJan Friedel 2663*8523fda3SJan Friedel va_start(args, fmt); 2664*8523fda3SJan Friedel prt_error_va(fmt, args); 2665*8523fda3SJan Friedel va_end(args); 2666*8523fda3SJan Friedel 2667*8523fda3SJan Friedel exit(1); 2668*8523fda3SJan Friedel } 2669