17c478bd9Sstevel@tonic-gate /*
27c478bd9Sstevel@tonic-gate  * CDDL HEADER START
37c478bd9Sstevel@tonic-gate  *
47c478bd9Sstevel@tonic-gate  * The contents of this file are subject to the terms of the
545916cd2Sjpk  * Common Development and Distribution License (the "License").
645916cd2Sjpk  * You may not use this file except in compliance with the License.
77c478bd9Sstevel@tonic-gate  *
87c478bd9Sstevel@tonic-gate  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
97c478bd9Sstevel@tonic-gate  * or http://www.opensolaris.org/os/licensing.
107c478bd9Sstevel@tonic-gate  * See the License for the specific language governing permissions
117c478bd9Sstevel@tonic-gate  * and limitations under the License.
127c478bd9Sstevel@tonic-gate  *
137c478bd9Sstevel@tonic-gate  * When distributing Covered Code, include this CDDL HEADER in each
147c478bd9Sstevel@tonic-gate  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
157c478bd9Sstevel@tonic-gate  * If applicable, add the following below this CDDL HEADER, with the
167c478bd9Sstevel@tonic-gate  * fields enclosed by brackets "[]" replaced with your own identifying
177c478bd9Sstevel@tonic-gate  * information: Portions Copyright [yyyy] [name of copyright owner]
187c478bd9Sstevel@tonic-gate  *
197c478bd9Sstevel@tonic-gate  * CDDL HEADER END
207c478bd9Sstevel@tonic-gate  */
217c478bd9Sstevel@tonic-gate /*
22f8994074SJan Friedel  * Copyright (c) 1992, 2010, Oracle and/or its affiliates. All rights reserved.
237c478bd9Sstevel@tonic-gate  */
247c478bd9Sstevel@tonic-gate 
25*bc54f855SJohn Levon /*
26*bc54f855SJohn Levon  * Copyright (c) 2019, Joyent, Inc.
27*bc54f855SJohn Levon  */
28*bc54f855SJohn Levon 
297c478bd9Sstevel@tonic-gate /*
307c478bd9Sstevel@tonic-gate  * auditconfig - set and display audit parameters
317c478bd9Sstevel@tonic-gate  */
327c478bd9Sstevel@tonic-gate 
337c478bd9Sstevel@tonic-gate #include <locale.h>
347c478bd9Sstevel@tonic-gate #include <sys/types.h>
357c478bd9Sstevel@tonic-gate #include <ctype.h>
367c478bd9Sstevel@tonic-gate #include <stdlib.h>
377c478bd9Sstevel@tonic-gate #include <stdarg.h>
387c478bd9Sstevel@tonic-gate #include <unistd.h>
397c478bd9Sstevel@tonic-gate #include <errno.h>
407c478bd9Sstevel@tonic-gate #include <sys/param.h>
417c478bd9Sstevel@tonic-gate #include <stdio.h>
427c478bd9Sstevel@tonic-gate #include <string.h>
437c478bd9Sstevel@tonic-gate #include <strings.h>
447c478bd9Sstevel@tonic-gate #include <nlist.h>
457c478bd9Sstevel@tonic-gate #include <fcntl.h>
467c478bd9Sstevel@tonic-gate #include <sys/socket.h>
477c478bd9Sstevel@tonic-gate #include <netdb.h>
487c478bd9Sstevel@tonic-gate #include <netinet/in.h>
497c478bd9Sstevel@tonic-gate #include <arpa/inet.h>
507c478bd9Sstevel@tonic-gate #include <sys/mkdev.h>
517c478bd9Sstevel@tonic-gate #include <sys/param.h>
527c478bd9Sstevel@tonic-gate #include <pwd.h>
537c478bd9Sstevel@tonic-gate #include <libintl.h>
547c478bd9Sstevel@tonic-gate #include <zone.h>
558523fda3SJan Friedel #include <libscf_priv.h>
569e3700dfSgww #include <tsol/label.h>
577c478bd9Sstevel@tonic-gate #include <bsm/libbsm.h>
58f8994074SJan Friedel #include <audit_policy.h>
59f8994074SJan Friedel #include <audit_scf.h>
607c478bd9Sstevel@tonic-gate 
619e3700dfSgww enum	commands {
629e3700dfSgww 	AC_ARG_ACONF,
638523fda3SJan Friedel 	AC_ARG_AUDIT,
649e3700dfSgww 	AC_ARG_CHKACONF,
658523fda3SJan Friedel 	AC_ARG_CHKCONF,
669e3700dfSgww 	AC_ARG_CONF,
679e3700dfSgww 	AC_ARG_GETASID,
689e3700dfSgww 	AC_ARG_GETAUDIT,
699e3700dfSgww 	AC_ARG_GETAUID,
709e3700dfSgww 	AC_ARG_GETCAR,
719e3700dfSgww 	AC_ARG_GETCLASS,
729e3700dfSgww 	AC_ARG_GETCOND,
739e3700dfSgww 	AC_ARG_GETCWD,
749e3700dfSgww 	AC_ARG_GETESTATE,
75f8994074SJan Friedel 	AC_ARG_GETFLAGS,
769e3700dfSgww 	AC_ARG_GETKAUDIT,
779e3700dfSgww 	AC_ARG_GETKMASK,
78f8994074SJan Friedel 	AC_ARG_GETNAFLAGS,
799e3700dfSgww 	AC_ARG_GETPINFO,
80f8994074SJan Friedel 	AC_ARG_GETPLUGIN,
819e3700dfSgww 	AC_ARG_GETPOLICY,
829e3700dfSgww 	AC_ARG_GETQBUFSZ,
839e3700dfSgww 	AC_ARG_GETQCTRL,
849e3700dfSgww 	AC_ARG_GETQDELAY,
859e3700dfSgww 	AC_ARG_GETQHIWATER,
869e3700dfSgww 	AC_ARG_GETQLOWATER,
879e3700dfSgww 	AC_ARG_GETSTAT,
889e3700dfSgww 	AC_ARG_GETTERMID,
899e3700dfSgww 	AC_ARG_LSEVENT,
909e3700dfSgww 	AC_ARG_LSPOLICY,
919e3700dfSgww 	AC_ARG_SETASID,
929e3700dfSgww 	AC_ARG_SETAUDIT,
939e3700dfSgww 	AC_ARG_SETAUID,
949e3700dfSgww 	AC_ARG_SETCLASS,
95f8994074SJan Friedel 	AC_ARG_SETFLAGS,
969e3700dfSgww 	AC_ARG_SETKAUDIT,
979e3700dfSgww 	AC_ARG_SETKMASK,
98f8994074SJan Friedel 	AC_ARG_SETNAFLAGS,
99f8994074SJan Friedel 	AC_ARG_SETPLUGIN,
1009e3700dfSgww 	AC_ARG_SETPMASK,
1019e3700dfSgww 	AC_ARG_SETPOLICY,
1029e3700dfSgww 	AC_ARG_SETQBUFSZ,
1039e3700dfSgww 	AC_ARG_SETQCTRL,
1049e3700dfSgww 	AC_ARG_SETQDELAY,
1059e3700dfSgww 	AC_ARG_SETQHIWATER,
1069e3700dfSgww 	AC_ARG_SETQLOWATER,
1078523fda3SJan Friedel 	AC_ARG_SETSMASK,
1088523fda3SJan Friedel 	AC_ARG_SETSTAT,
1098523fda3SJan Friedel 	AC_ARG_SETUMASK,
1108523fda3SJan Friedel 	AC_ARG_SET_TEMPORARY
1119e3700dfSgww };
1127c478bd9Sstevel@tonic-gate 
113de4cec48SToomas Soome #define	AC_KERN_EVENT		0
114de4cec48SToomas Soome #define	AC_USER_EVENT		1
1157c478bd9Sstevel@tonic-gate 
1167c478bd9Sstevel@tonic-gate #define	NONE(s) (!strlen(s) ? gettext("none") : s)
1177c478bd9Sstevel@tonic-gate 
1187c478bd9Sstevel@tonic-gate #define	ONEK 1024
1197c478bd9Sstevel@tonic-gate 
1207c478bd9Sstevel@tonic-gate /*
1217c478bd9Sstevel@tonic-gate  * remove this after the audit.h is fixed
1227c478bd9Sstevel@tonic-gate  */
1237c478bd9Sstevel@tonic-gate struct arg_entry {
1249e3700dfSgww 	char		*arg_str;
1259e3700dfSgww 	char		*arg_opts;
1269e3700dfSgww 	enum commands	auditconfig_cmd;
1278523fda3SJan Friedel 	boolean_t	temporary_allowed;	/* -t allowed for the option */
1287c478bd9Sstevel@tonic-gate };
1298523fda3SJan Friedel typedef struct arg_entry arg_entry_t;
1308523fda3SJan Friedel 
1318523fda3SJan Friedel /* arg_table - command option and usage message table */
1328523fda3SJan Friedel static arg_entry_t arg_table[] = {
1338523fda3SJan Friedel 	{ "-aconf",	"",			AC_ARG_ACONF,	B_FALSE},
1348523fda3SJan Friedel 	{ "-audit",	" event sorf retval string", AC_ARG_AUDIT, B_FALSE},
1358523fda3SJan Friedel 	{ "-chkaconf",	"",			AC_ARG_CHKACONF, B_FALSE},
1368523fda3SJan Friedel 	{ "-chkconf",	"",			AC_ARG_CHKCONF,	B_FALSE},
1378523fda3SJan Friedel 	{ "-conf",	"",			AC_ARG_CONF,	B_FALSE},
1388523fda3SJan Friedel 	{ "-getasid",	"",			AC_ARG_GETASID,	B_FALSE},
1398523fda3SJan Friedel 	{ "-getaudit",	"",			AC_ARG_GETAUDIT, B_FALSE},
1408523fda3SJan Friedel 	{ "-getauid",	"",			AC_ARG_GETAUID, B_FALSE},
1418523fda3SJan Friedel 	{ "-getcar",	"",			AC_ARG_GETCAR,	B_FALSE},
1428523fda3SJan Friedel 	{ "-getclass",	" event",		AC_ARG_GETCLASS, B_FALSE},
1438523fda3SJan Friedel 	{ "-getcond",	"",			AC_ARG_GETCOND,	B_FALSE},
1448523fda3SJan Friedel 	{ "-getcwd",	"",			AC_ARG_GETCWD,	B_FALSE},
1458523fda3SJan Friedel 	{ "-getestate",	" event",		AC_ARG_GETESTATE, B_FALSE},
146f8994074SJan Friedel 	{ "-getflags",	"",			AC_ARG_GETFLAGS, B_FALSE},
1478523fda3SJan Friedel 	{ "-getkaudit",	"",			AC_ARG_GETKAUDIT, B_FALSE},
1488523fda3SJan Friedel 	{ "-getkmask",	"",			AC_ARG_GETKMASK, B_FALSE},
149f8994074SJan Friedel 	{ "-getnaflags", "",			AC_ARG_GETNAFLAGS, B_FALSE},
1508523fda3SJan Friedel 	{ "-getpinfo",	" pid",			AC_ARG_GETPINFO, B_FALSE},
151f8994074SJan Friedel 	{ "-getplugin",	" [plugin]",		AC_ARG_GETPLUGIN, B_FALSE},
1528523fda3SJan Friedel 	{ "-getpolicy",	"",			AC_ARG_GETPOLICY, B_TRUE},
1538523fda3SJan Friedel 	{ "-getqbufsz",	"",			AC_ARG_GETQBUFSZ, B_TRUE},
1548523fda3SJan Friedel 	{ "-getqctrl",	"",			AC_ARG_GETQCTRL, B_TRUE},
1558523fda3SJan Friedel 	{ "-getqdelay",	"",			AC_ARG_GETQDELAY, B_TRUE},
1568523fda3SJan Friedel 	{ "-getqhiwater", "",			AC_ARG_GETQHIWATER, B_TRUE},
1578523fda3SJan Friedel 	{ "-getqlowater", "",			AC_ARG_GETQLOWATER, B_TRUE},
1588523fda3SJan Friedel 	{ "-getstat",	"",			AC_ARG_GETSTAT,	B_FALSE},
1598523fda3SJan Friedel 	{ "-gettid",	"",			AC_ARG_GETTERMID, B_FALSE},
1608523fda3SJan Friedel 	{ "-lsevent",	"",			AC_ARG_LSEVENT,	B_FALSE},
1618523fda3SJan Friedel 	{ "-lspolicy",	"",			AC_ARG_LSPOLICY, B_FALSE},
1628523fda3SJan Friedel 	{ "-setasid",	" asid [cmd]",		AC_ARG_SETASID,	B_FALSE},
1638523fda3SJan Friedel 	{ "-setaudit",	" auid audit_flags termid asid [cmd]",
1648523fda3SJan Friedel 						AC_ARG_SETAUDIT, B_FALSE},
1658523fda3SJan Friedel 	{ "-setauid",	" auid [cmd]",		AC_ARG_SETAUID,	B_FALSE},
1668523fda3SJan Friedel 	{ "-setclass",	" event audit_flags",	AC_ARG_SETCLASS, B_FALSE},
167f8994074SJan Friedel 	{ "-setflags",	" audit_flags",		AC_ARG_SETFLAGS, B_FALSE},
1688523fda3SJan Friedel 	{ "-setkaudit",	" type IP_address",	AC_ARG_SETKAUDIT, B_FALSE},
1698523fda3SJan Friedel 	{ "-setkmask",	" audit_flags",		AC_ARG_SETKMASK, B_FALSE},
170f8994074SJan Friedel 	{ "-setnaflags", " audit_naflags",	AC_ARG_SETNAFLAGS, B_FALSE},
171f8994074SJan Friedel 	{ "-setplugin",	" name active|inactive [attributes [qsize]]",
172f8994074SJan Friedel 						AC_ARG_SETPLUGIN, B_FALSE},
1738523fda3SJan Friedel 	{ "-setpmask",	" pid audit_flags",	AC_ARG_SETPMASK, B_FALSE},
1748523fda3SJan Friedel 	{ "-setpolicy",	" [+|-]policy_flags",	AC_ARG_SETPOLICY, B_TRUE},
1758523fda3SJan Friedel 	{ "-setqbufsz",	" bufsz",		AC_ARG_SETQBUFSZ, B_TRUE},
1768523fda3SJan Friedel 	{ "-setqctrl",	" hiwater lowater bufsz delay",
1778523fda3SJan Friedel 						AC_ARG_SETQCTRL, B_TRUE},
1788523fda3SJan Friedel 	{ "-setqdelay",	" delay",		AC_ARG_SETQDELAY, B_TRUE},
1798523fda3SJan Friedel 	{ "-setqhiwater", " hiwater",		AC_ARG_SETQHIWATER, B_TRUE},
1808523fda3SJan Friedel 	{ "-setqlowater", " lowater",		AC_ARG_SETQLOWATER, B_TRUE},
1818523fda3SJan Friedel 	{ "-setsmask",	" asid audit_flags",	AC_ARG_SETSMASK, B_FALSE},
1828523fda3SJan Friedel 	{ "-setstat",	"",			AC_ARG_SETSTAT, B_FALSE},
1838523fda3SJan Friedel 	{ "-setumask",	" user audit_flags",	AC_ARG_SETUMASK, B_FALSE},
1848523fda3SJan Friedel 	{ "-t",		"",			AC_ARG_SET_TEMPORARY, B_FALSE},
1857c478bd9Sstevel@tonic-gate };
1867c478bd9Sstevel@tonic-gate 
1878523fda3SJan Friedel #define	ARG_TBL_SZ (sizeof (arg_table) / sizeof (arg_entry_t))
1887c478bd9Sstevel@tonic-gate 
1898523fda3SJan Friedel char	*progname = "auditconfig";
1907c478bd9Sstevel@tonic-gate 
1918523fda3SJan Friedel /*
1928523fda3SJan Friedel  * temporary_set true to get/set only kernel settings,
1938523fda3SJan Friedel  *		 false to get/set kernel settings and service properties
1948523fda3SJan Friedel  */
1958523fda3SJan Friedel static boolean_t temporary_set = B_FALSE;
1969e3700dfSgww 
1979e3700dfSgww static au_event_ent_t *egetauevnam(char *event_name);
1989e3700dfSgww static au_event_ent_t *egetauevnum(au_event_t event_number);
1999e3700dfSgww static int arg_ent_compare(const void *aep1, const void *aep2);
2009e3700dfSgww static char *cond2str(void);
2018523fda3SJan Friedel static int policy2str(uint32_t policy, char *policy_str, size_t len);
2029e3700dfSgww static int str2type(char *s, uint_t *type);
2038523fda3SJan Friedel static int str2policy(char *policy_str, uint32_t *policy_mask);
2049e3700dfSgww static int str2ipaddr(char *s, uint32_t *addr, uint32_t type);
2059e3700dfSgww static int strisipaddr(char *s);
2069e3700dfSgww static int strisnum(char *s);
2078523fda3SJan Friedel static arg_entry_t *get_arg_ent(char *arg_str);
2089e3700dfSgww static uid_t get_user_id(char *user);
209f8994074SJan Friedel static void chk_arg_len(char *argv, uint_t len);
2109e3700dfSgww static void chk_event_num(int etype, au_event_t event);
2119e3700dfSgww static void chk_event_str(int etype, char *event_str);
212f8994074SJan Friedel static void chk_known_plugin(char *plugin_str);
2139e3700dfSgww static void chk_retval(char *retval_str);
2149e3700dfSgww static void chk_sorf(char *sorf_str);
2159e3700dfSgww static void do_aconf(void);
216f8994074SJan Friedel static void do_args(char **argv, au_mask_t *mask);
2179e3700dfSgww static void do_audit(char *, char, int, char *);
2189e3700dfSgww static void do_chkaconf(void);
2199e3700dfSgww static void do_chkconf(void);
2209e3700dfSgww static void do_conf(void);
2219e3700dfSgww static void do_getasid(void);
2229e3700dfSgww static void do_getaudit(void);
2239e3700dfSgww static void do_getkaudit(void);
2249e3700dfSgww static void do_setkaudit(char *t, char *s);
2259e3700dfSgww static void do_getauid(void);
2269e3700dfSgww static void do_getcar(void);
2279e3700dfSgww static void do_getclass(char *event_str);
2289e3700dfSgww static void do_getcond(void);
2299e3700dfSgww static void do_getcwd(void);
230f8994074SJan Friedel static void do_getflags(void);
2319e3700dfSgww static void do_getkmask(void);
232f8994074SJan Friedel static void do_getnaflags(void);
2339e3700dfSgww static void do_getpinfo(char *pid_str);
234f8994074SJan Friedel static void do_getplugin(char *plugin_str);
2359e3700dfSgww static void do_getpolicy(void);
2369e3700dfSgww static void do_getqbufsz(void);
2379e3700dfSgww static void do_getqctrl(void);
2389e3700dfSgww static void do_getqdelay(void);
2399e3700dfSgww static void do_getqhiwater(void);
2409e3700dfSgww static void do_getqlowater(void);
2419e3700dfSgww static void do_getstat(void);
2429e3700dfSgww static void do_gettermid(void);
2439e3700dfSgww static void do_lsevent(void);
2449e3700dfSgww static void do_lspolicy(void);
2459e3700dfSgww static void do_setasid(char *sid_str, char **argv);
2469e3700dfSgww static void do_setaudit(char *user_str, char *mask_str, char *tid_str,
2479e3700dfSgww     char *sid_str, char **argv);
2489e3700dfSgww static void do_setauid(char *user, char **argv);
249f8994074SJan Friedel static void do_setclass(char *event_str, au_mask_t *mask);
250f8994074SJan Friedel static void do_setflags(char *audit_flags, au_mask_t *amask);
251f8994074SJan Friedel static void do_setkmask(au_mask_t *pmask);
252f8994074SJan Friedel static void do_setnaflags(char *audit_naflags, au_mask_t *namask);
253f8994074SJan Friedel static void do_setpmask(char *pid_str, au_mask_t *mask);
254f8994074SJan Friedel static void do_setsmask(char *asid_str, au_mask_t *mask);
255f8994074SJan Friedel static void do_setumask(char *auid_str, au_mask_t *mask);
256f8994074SJan Friedel static void do_setplugin(char *plugin_str, boolean_t plugin_state,
257f8994074SJan Friedel     char *plugin_attr, int plugin_qsize);
2589e3700dfSgww static void do_setpolicy(char *policy_str);
2599e3700dfSgww static void do_setqbufsz(char *bufsz);
2609e3700dfSgww static void do_setqctrl(char *hiwater, char *lowater, char *bufsz, char *delay);
2619e3700dfSgww static void do_setqdelay(char *delay);
2629e3700dfSgww static void do_setqhiwater(char *hiwater);
2639e3700dfSgww static void do_setqlowater(char *lowater);
2649e3700dfSgww static void do_setstat(void);
2659e3700dfSgww static void str2tid(char *tid_str, au_tid_addr_t *tp);
2669e3700dfSgww 
2679e3700dfSgww static void eauditon(int cmd, caddr_t data, int length);
268f8994074SJan Friedel static void echkflags(char *auditflags, au_mask_t *mask);
2699e3700dfSgww static void egetaudit(auditinfo_addr_t *ai, int size);
2709e3700dfSgww static void egetauditflagsbin(char *auditflags, au_mask_t *pmask);
2719e3700dfSgww static void egetauid(au_id_t *auid);
272f8994074SJan Friedel static void egetkaudit(auditinfo_addr_t *ai, int size);
2739e3700dfSgww static void esetaudit(auditinfo_addr_t *ai, int size);
2749e3700dfSgww static void esetauid(au_id_t *auid);
275f8994074SJan Friedel static void esetkaudit(auditinfo_addr_t *ai, int size);
2769e3700dfSgww static void execit(char **argv);
2779e3700dfSgww static void exit_error(char *fmt, ...);
2789e3700dfSgww static void exit_usage(int status);
279f8994074SJan Friedel static void parse_args(int argc, char **argv, au_mask_t *mask);
2809e3700dfSgww static void print_asid(au_asid_t asid);
2819e3700dfSgww static void print_auid(au_id_t auid);
2829e3700dfSgww static void print_mask(char *desc, au_mask_t *pmp);
283f8994074SJan Friedel static void print_plugin(char *plugin_name, kva_t *plugin_kva);
2849e3700dfSgww static void print_tid_ex(au_tid_addr_t *tidp);
2857c478bd9Sstevel@tonic-gate 
2868523fda3SJan Friedel #if !defined(TEXT_DOMAIN)
2878523fda3SJan Friedel #define	TEXT_DOMAIN	"SUNW_OST_OSCMD"
2888523fda3SJan Friedel #endif
2898523fda3SJan Friedel 
2907c478bd9Sstevel@tonic-gate int
main(int argc,char ** argv)2919e3700dfSgww main(int argc, char **argv)
2927c478bd9Sstevel@tonic-gate {
293f8994074SJan Friedel 	au_mask_t mask;			/* for options manipulating flags */
294f8994074SJan Friedel 
2957c478bd9Sstevel@tonic-gate 	(void) setlocale(LC_ALL, "");
2967c478bd9Sstevel@tonic-gate 	(void) textdomain(TEXT_DOMAIN);
2977c478bd9Sstevel@tonic-gate 
2987c478bd9Sstevel@tonic-gate 	if (argc == 1) {
2997c478bd9Sstevel@tonic-gate 		exit_usage(0);
3007c478bd9Sstevel@tonic-gate 	}
3017c478bd9Sstevel@tonic-gate 
3027c478bd9Sstevel@tonic-gate 	if (argc == 2 &&
3038523fda3SJan Friedel 	    (argv[1][0] == '?' ||
3048523fda3SJan Friedel 	    strcmp(argv[1], "-h") == 0 ||
3058523fda3SJan Friedel 	    strcmp(argv[1], "-?") == 0)) {
3067c478bd9Sstevel@tonic-gate 		exit_usage(0);
3078523fda3SJan Friedel 	}
3087c478bd9Sstevel@tonic-gate 
309f8994074SJan Friedel 	parse_args(argc, argv, &mask);
310f8994074SJan Friedel 	do_args(argv, &mask);
3117c478bd9Sstevel@tonic-gate 
3127c478bd9Sstevel@tonic-gate 	return (0);
3137c478bd9Sstevel@tonic-gate }
3147c478bd9Sstevel@tonic-gate 
3157c478bd9Sstevel@tonic-gate /*
3167c478bd9Sstevel@tonic-gate  * parse_args()
3177c478bd9Sstevel@tonic-gate  *     Desc: Checks command line argument syntax.
3187c478bd9Sstevel@tonic-gate  *     Inputs: Command line argv;
3197c478bd9Sstevel@tonic-gate  *     Returns: If a syntax error is detected, a usage message is printed
3207c478bd9Sstevel@tonic-gate  *              and exit() is called. If a syntax error is not detected,
3217c478bd9Sstevel@tonic-gate  *              parse_args() returns without a value.
3227c478bd9Sstevel@tonic-gate  */
3237c478bd9Sstevel@tonic-gate static void
parse_args(int argc,char ** argv,au_mask_t * mask)324f8994074SJan Friedel parse_args(int argc, char **argv, au_mask_t *mask)
3257c478bd9Sstevel@tonic-gate {
3268523fda3SJan Friedel 	arg_entry_t *ae;
3277c478bd9Sstevel@tonic-gate 
3287c478bd9Sstevel@tonic-gate 	uint_t type;
3297c478bd9Sstevel@tonic-gate 	uint_t addr[4];
3307c478bd9Sstevel@tonic-gate 
3317c478bd9Sstevel@tonic-gate 	for (++argv; *argv; argv++) {
3329e3700dfSgww 		if ((ae = get_arg_ent(*argv)) == NULL) {
3337c478bd9Sstevel@tonic-gate 			exit_usage(1);
3347c478bd9Sstevel@tonic-gate 		}
3357c478bd9Sstevel@tonic-gate 
3367c478bd9Sstevel@tonic-gate 		switch (ae->auditconfig_cmd) {
3377c478bd9Sstevel@tonic-gate 
3387c478bd9Sstevel@tonic-gate 		case AC_ARG_AUDIT:
3397c478bd9Sstevel@tonic-gate 			++argv;
3407c478bd9Sstevel@tonic-gate 			if (!*argv)
3417c478bd9Sstevel@tonic-gate 				exit_usage(1);
3427c478bd9Sstevel@tonic-gate 			if (strisnum(*argv)) {
3437c478bd9Sstevel@tonic-gate 				chk_event_num(AC_USER_EVENT,
3448523fda3SJan Friedel 				    (au_event_t)atol(*argv));
3459e3700dfSgww 			} else {
3467c478bd9Sstevel@tonic-gate 				chk_event_str(AC_USER_EVENT, *argv);
3479e3700dfSgww 			}
3487c478bd9Sstevel@tonic-gate 			++argv;
3497c478bd9Sstevel@tonic-gate 			if (!*argv)
3507c478bd9Sstevel@tonic-gate 				exit_usage(1);
3517c478bd9Sstevel@tonic-gate 			chk_sorf(*argv);
3527c478bd9Sstevel@tonic-gate 			++argv;
3537c478bd9Sstevel@tonic-gate 			if (!*argv)
3547c478bd9Sstevel@tonic-gate 				exit_usage(1);
3557c478bd9Sstevel@tonic-gate 			chk_retval(*argv);
3567c478bd9Sstevel@tonic-gate 			++argv;
3577c478bd9Sstevel@tonic-gate 			if (!*argv)
3587c478bd9Sstevel@tonic-gate 				exit_usage(1);
3597c478bd9Sstevel@tonic-gate 			break;
3607c478bd9Sstevel@tonic-gate 
3617c478bd9Sstevel@tonic-gate 		case AC_ARG_CHKCONF:
3627c478bd9Sstevel@tonic-gate 		case AC_ARG_CONF:
3637c478bd9Sstevel@tonic-gate 		case AC_ARG_ACONF:
3647c478bd9Sstevel@tonic-gate 		case AC_ARG_CHKACONF:
3657c478bd9Sstevel@tonic-gate 		case AC_ARG_GETASID:
3667c478bd9Sstevel@tonic-gate 		case AC_ARG_GETAUID:
3677c478bd9Sstevel@tonic-gate 		case AC_ARG_GETAUDIT:
3687c478bd9Sstevel@tonic-gate 		case AC_ARG_GETKAUDIT:
3697c478bd9Sstevel@tonic-gate 			break;
3707c478bd9Sstevel@tonic-gate 
3717c478bd9Sstevel@tonic-gate 		case AC_ARG_GETCLASS:
3727c478bd9Sstevel@tonic-gate 		case AC_ARG_GETESTATE:
3737c478bd9Sstevel@tonic-gate 			++argv;
3747c478bd9Sstevel@tonic-gate 			if (!*argv)
3757c478bd9Sstevel@tonic-gate 				exit_usage(1);
3769e3700dfSgww 			if (strisnum(*argv)) {
3777c478bd9Sstevel@tonic-gate 				chk_event_num(AC_KERN_EVENT,
3789e3700dfSgww 				    (au_event_t)atol(*argv));
3799e3700dfSgww 			} else {
3807c478bd9Sstevel@tonic-gate 				chk_event_str(AC_KERN_EVENT, *argv);
3819e3700dfSgww 			}
3827c478bd9Sstevel@tonic-gate 			break;
3837c478bd9Sstevel@tonic-gate 
3847c478bd9Sstevel@tonic-gate 		case AC_ARG_GETCAR:
3857c478bd9Sstevel@tonic-gate 		case AC_ARG_GETCOND:
3867c478bd9Sstevel@tonic-gate 		case AC_ARG_GETCWD:
387f8994074SJan Friedel 		case AC_ARG_GETFLAGS:
3887c478bd9Sstevel@tonic-gate 		case AC_ARG_GETKMASK:
389f8994074SJan Friedel 		case AC_ARG_GETNAFLAGS:
390f8994074SJan Friedel 			break;
391f8994074SJan Friedel 
392f8994074SJan Friedel 		case AC_ARG_GETPLUGIN:
393f8994074SJan Friedel 			if (*++argv == NULL) {
394f8994074SJan Friedel 				--argv;
395f8994074SJan Friedel 				break;
396f8994074SJan Friedel 			}
397f8994074SJan Friedel 			if (get_arg_ent(*argv) != NULL) {
398f8994074SJan Friedel 				--argv;
399f8994074SJan Friedel 			} else {
400f8994074SJan Friedel 				chk_arg_len(*argv, PLUGIN_MAXBUF);
401f8994074SJan Friedel 				chk_known_plugin(*argv);
402f8994074SJan Friedel 			}
403f8994074SJan Friedel 			break;
404f8994074SJan Friedel 
4057c478bd9Sstevel@tonic-gate 		case AC_ARG_GETPOLICY:
4067c478bd9Sstevel@tonic-gate 		case AC_ARG_GETQBUFSZ:
4077c478bd9Sstevel@tonic-gate 		case AC_ARG_GETQCTRL:
4087c478bd9Sstevel@tonic-gate 		case AC_ARG_GETQDELAY:
4097c478bd9Sstevel@tonic-gate 		case AC_ARG_GETQHIWATER:
4107c478bd9Sstevel@tonic-gate 		case AC_ARG_GETQLOWATER:
4117c478bd9Sstevel@tonic-gate 		case AC_ARG_GETSTAT:
4127c478bd9Sstevel@tonic-gate 		case AC_ARG_GETTERMID:
4137c478bd9Sstevel@tonic-gate 		case AC_ARG_LSEVENT:
4147c478bd9Sstevel@tonic-gate 		case AC_ARG_LSPOLICY:
4157c478bd9Sstevel@tonic-gate 			break;
4167c478bd9Sstevel@tonic-gate 
4177c478bd9Sstevel@tonic-gate 		case AC_ARG_SETASID:
4187c478bd9Sstevel@tonic-gate 		case AC_ARG_SETAUID:
4197c478bd9Sstevel@tonic-gate 		case AC_ARG_SETAUDIT:
4207c478bd9Sstevel@tonic-gate 			++argv;
4217c478bd9Sstevel@tonic-gate 			if (!*argv)
4227c478bd9Sstevel@tonic-gate 				exit_usage(1);
4237c478bd9Sstevel@tonic-gate 
4247c478bd9Sstevel@tonic-gate 			while (*argv)
4257c478bd9Sstevel@tonic-gate 				++argv;
4267c478bd9Sstevel@tonic-gate 			--argv;
4277c478bd9Sstevel@tonic-gate 
4287c478bd9Sstevel@tonic-gate 			break;
4297c478bd9Sstevel@tonic-gate 
4307c478bd9Sstevel@tonic-gate 		case AC_ARG_SETKAUDIT:
4317c478bd9Sstevel@tonic-gate 			++argv;
4327c478bd9Sstevel@tonic-gate 			if (!*argv)
4337c478bd9Sstevel@tonic-gate 				exit_usage(1);
4347c478bd9Sstevel@tonic-gate 			if (str2type (*argv, &type))
4357c478bd9Sstevel@tonic-gate 				exit_error(gettext(
4368523fda3SJan Friedel 				    "Invalid IP address type specified."));
4377c478bd9Sstevel@tonic-gate 			++argv;
4387c478bd9Sstevel@tonic-gate 			if (!*argv)
4397c478bd9Sstevel@tonic-gate 				exit_usage(1);
4407c478bd9Sstevel@tonic-gate 
4417c478bd9Sstevel@tonic-gate 			if (str2ipaddr(*argv, addr, type))
4428523fda3SJan Friedel 				exit_error(
4438523fda3SJan Friedel 				    gettext("Invalid IP address specified."));
4447c478bd9Sstevel@tonic-gate 			break;
4457c478bd9Sstevel@tonic-gate 
4467c478bd9Sstevel@tonic-gate 		case AC_ARG_SETCLASS:
4477c478bd9Sstevel@tonic-gate 			++argv;
4487c478bd9Sstevel@tonic-gate 			if (!*argv)
4497c478bd9Sstevel@tonic-gate 				exit_usage(1);
4507c478bd9Sstevel@tonic-gate 			if (strisnum(*argv))
4517c478bd9Sstevel@tonic-gate 				chk_event_num(AC_KERN_EVENT,
4528523fda3SJan Friedel 				    (au_event_t)atol(*argv));
4537c478bd9Sstevel@tonic-gate 			else
4547c478bd9Sstevel@tonic-gate 				chk_event_str(AC_KERN_EVENT, *argv);
4557c478bd9Sstevel@tonic-gate 			++argv;
4567c478bd9Sstevel@tonic-gate 			if (!*argv)
4577c478bd9Sstevel@tonic-gate 				exit_usage(1);
458f8994074SJan Friedel 			echkflags(*argv, mask);
459f8994074SJan Friedel 			break;
460f8994074SJan Friedel 
461f8994074SJan Friedel 		case AC_ARG_SETFLAGS:
462f8994074SJan Friedel 			++argv;
463f8994074SJan Friedel 			if (!*argv)
464f8994074SJan Friedel 				exit_usage(1);
465f8994074SJan Friedel 			chk_arg_len(*argv, PRESELECTION_MAXBUF);
466f8994074SJan Friedel 			echkflags(*argv, mask);
4677c478bd9Sstevel@tonic-gate 			break;
4687c478bd9Sstevel@tonic-gate 
4697c478bd9Sstevel@tonic-gate 		case AC_ARG_SETKMASK:
4707c478bd9Sstevel@tonic-gate 			++argv;
4717c478bd9Sstevel@tonic-gate 			if (!*argv)
4727c478bd9Sstevel@tonic-gate 				exit_usage(1);
473f8994074SJan Friedel 			echkflags(*argv, mask);
474f8994074SJan Friedel 			break;
475f8994074SJan Friedel 
476f8994074SJan Friedel 		case AC_ARG_SETNAFLAGS:
477f8994074SJan Friedel 			++argv;
478f8994074SJan Friedel 			if (!*argv)
479f8994074SJan Friedel 				exit_usage(1);
480f8994074SJan Friedel 			chk_arg_len(*argv, PRESELECTION_MAXBUF);
481f8994074SJan Friedel 			echkflags(*argv, mask);
482f8994074SJan Friedel 			break;
483f8994074SJan Friedel 
484f8994074SJan Friedel 		case AC_ARG_SETPLUGIN:
485f8994074SJan Friedel 			if (*++argv == NULL || get_arg_ent(*argv) != NULL) {
486f8994074SJan Friedel 				exit_usage(1);
487f8994074SJan Friedel 			}
488f8994074SJan Friedel 			chk_known_plugin(*argv);
489f8994074SJan Friedel 			chk_arg_len(*argv, PLUGIN_MAXBUF);
490f8994074SJan Friedel 			if (*++argv == NULL || strcmp(*argv, "active") != 0 &&
491f8994074SJan Friedel 			    strcmp(*argv, "inactive") != 0) {
492f8994074SJan Friedel 				exit_usage(1);
493f8994074SJan Friedel 			}
494f8994074SJan Friedel 			if (*++argv == NULL || get_arg_ent(*argv) != NULL) {
495f8994074SJan Friedel 				--argv;
496f8994074SJan Friedel 				break;
497f8994074SJan Friedel 			}
498f8994074SJan Friedel 			chk_arg_len(*argv, PLUGIN_MAXATT);
499f8994074SJan Friedel 			if (*++argv == NULL || get_arg_ent(*argv) != NULL) {
500f8994074SJan Friedel 				--argv;
501f8994074SJan Friedel 				break;
502f8994074SJan Friedel 			}
503f8994074SJan Friedel 			if (atoi(*argv) < 0) {
504f8994074SJan Friedel 				exit_error(gettext("Incorrect qsize specified "
505f8994074SJan Friedel 				    "(%s)."), *argv);
506f8994074SJan Friedel 			}
5077c478bd9Sstevel@tonic-gate 			break;
5087c478bd9Sstevel@tonic-gate 
5097c478bd9Sstevel@tonic-gate 		case AC_ARG_SETPOLICY:
5107c478bd9Sstevel@tonic-gate 			++argv;
5117c478bd9Sstevel@tonic-gate 			if (!*argv)
5127c478bd9Sstevel@tonic-gate 				exit_usage(1);
5137c478bd9Sstevel@tonic-gate 			break;
5147c478bd9Sstevel@tonic-gate 
5157c478bd9Sstevel@tonic-gate 		case AC_ARG_SETSTAT:
5167c478bd9Sstevel@tonic-gate 			break;
5177c478bd9Sstevel@tonic-gate 
5187c478bd9Sstevel@tonic-gate 		case AC_ARG_GETPINFO:
5197c478bd9Sstevel@tonic-gate 			++argv;
5207c478bd9Sstevel@tonic-gate 			if (!*argv)
5217c478bd9Sstevel@tonic-gate 				exit_usage(1);
5227c478bd9Sstevel@tonic-gate 			break;
5237c478bd9Sstevel@tonic-gate 
5247c478bd9Sstevel@tonic-gate 		case AC_ARG_SETPMASK:
5257c478bd9Sstevel@tonic-gate 			++argv;
5267c478bd9Sstevel@tonic-gate 			if (!*argv)
5277c478bd9Sstevel@tonic-gate 				exit_usage(1);
5287c478bd9Sstevel@tonic-gate 			++argv;
5297c478bd9Sstevel@tonic-gate 			if (!*argv)
5307c478bd9Sstevel@tonic-gate 				exit_usage(1);
531f8994074SJan Friedel 			echkflags(*argv, mask);
5327c478bd9Sstevel@tonic-gate 			break;
5337c478bd9Sstevel@tonic-gate 
5347c478bd9Sstevel@tonic-gate 		case AC_ARG_SETQBUFSZ:
5357c478bd9Sstevel@tonic-gate 			++argv;
5367c478bd9Sstevel@tonic-gate 			if (!*argv)
5377c478bd9Sstevel@tonic-gate 				exit_usage(1);
5387c478bd9Sstevel@tonic-gate 			if (!strisnum(*argv))
5397c478bd9Sstevel@tonic-gate 				exit_error(gettext("Invalid bufsz specified."));
5407c478bd9Sstevel@tonic-gate 			break;
5417c478bd9Sstevel@tonic-gate 
5427c478bd9Sstevel@tonic-gate 		case AC_ARG_SETQCTRL:
5437c478bd9Sstevel@tonic-gate 			++argv;
5447c478bd9Sstevel@tonic-gate 			if (!*argv)
5457c478bd9Sstevel@tonic-gate 				exit_usage(1);
5467c478bd9Sstevel@tonic-gate 			if (!strisnum(*argv))
5478523fda3SJan Friedel 				exit_error(
5488523fda3SJan Friedel 				    gettext("Invalid hiwater specified."));
5497c478bd9Sstevel@tonic-gate 			++argv;
5507c478bd9Sstevel@tonic-gate 			if (!*argv)
5517c478bd9Sstevel@tonic-gate 				exit_usage(1);
5527c478bd9Sstevel@tonic-gate 			if (!strisnum(*argv))
5538523fda3SJan Friedel 				exit_error(
5548523fda3SJan Friedel 				    gettext("Invalid lowater specified."));
5557c478bd9Sstevel@tonic-gate 			++argv;
5567c478bd9Sstevel@tonic-gate 			if (!*argv)
5577c478bd9Sstevel@tonic-gate 				exit_usage(1);
5587c478bd9Sstevel@tonic-gate 			if (!strisnum(*argv))
5597c478bd9Sstevel@tonic-gate 				exit_error(gettext("Invalid bufsz specified."));
5607c478bd9Sstevel@tonic-gate 			++argv;
5617c478bd9Sstevel@tonic-gate 			if (!*argv)
5627c478bd9Sstevel@tonic-gate 				exit_usage(1);
5637c478bd9Sstevel@tonic-gate 			if (!strisnum(*argv))
5647c478bd9Sstevel@tonic-gate 				exit_error(gettext("Invalid delay specified."));
5657c478bd9Sstevel@tonic-gate 			break;
5667c478bd9Sstevel@tonic-gate 
5677c478bd9Sstevel@tonic-gate 		case AC_ARG_SETQDELAY:
5687c478bd9Sstevel@tonic-gate 			++argv;
5697c478bd9Sstevel@tonic-gate 			if (!*argv)
5707c478bd9Sstevel@tonic-gate 				exit_usage(1);
5717c478bd9Sstevel@tonic-gate 			if (!strisnum(*argv))
5727c478bd9Sstevel@tonic-gate 				exit_error(gettext("Invalid delay specified."));
5737c478bd9Sstevel@tonic-gate 			break;
5747c478bd9Sstevel@tonic-gate 
5757c478bd9Sstevel@tonic-gate 		case AC_ARG_SETQHIWATER:
5767c478bd9Sstevel@tonic-gate 			++argv;
5777c478bd9Sstevel@tonic-gate 			if (!*argv)
5787c478bd9Sstevel@tonic-gate 				exit_usage(1);
5799e3700dfSgww 			if (!strisnum(*argv)) {
5808523fda3SJan Friedel 				exit_error(
5818523fda3SJan Friedel 				    gettext("Invalid hiwater specified."));
5829e3700dfSgww 			}
5837c478bd9Sstevel@tonic-gate 			break;
5847c478bd9Sstevel@tonic-gate 
5857c478bd9Sstevel@tonic-gate 		case AC_ARG_SETQLOWATER:
5867c478bd9Sstevel@tonic-gate 			++argv;
5877c478bd9Sstevel@tonic-gate 			if (!*argv)
5887c478bd9Sstevel@tonic-gate 				exit_usage(1);
5899e3700dfSgww 			if (!strisnum(*argv)) {
5908523fda3SJan Friedel 				exit_error(
5918523fda3SJan Friedel 				    gettext("Invalid lowater specified."));
5929e3700dfSgww 			}
5937c478bd9Sstevel@tonic-gate 			break;
5947c478bd9Sstevel@tonic-gate 
5957c478bd9Sstevel@tonic-gate 		case AC_ARG_SETSMASK:
5967c478bd9Sstevel@tonic-gate 		case AC_ARG_SETUMASK:
5977c478bd9Sstevel@tonic-gate 			++argv;
5987c478bd9Sstevel@tonic-gate 			if (!*argv)
5997c478bd9Sstevel@tonic-gate 				exit_usage(1);
6007c478bd9Sstevel@tonic-gate 			++argv;
6017c478bd9Sstevel@tonic-gate 			if (!*argv)
6027c478bd9Sstevel@tonic-gate 				exit_usage(1);
603f8994074SJan Friedel 			echkflags(*argv, mask);
6047c478bd9Sstevel@tonic-gate 			break;
6057c478bd9Sstevel@tonic-gate 
6068523fda3SJan Friedel 		case AC_ARG_SET_TEMPORARY:
6078523fda3SJan Friedel 			/* Do not accept single -t option. */
6088523fda3SJan Friedel 			if (argc == 2) {
6098523fda3SJan Friedel 				exit_error(
6108523fda3SJan Friedel 				    gettext("Only the -t option specified "
6118523fda3SJan Friedel 				    "(it is not a standalone option)."));
6128523fda3SJan Friedel 			}
6138523fda3SJan Friedel 			temporary_set = B_TRUE;
6148523fda3SJan Friedel 			break;
6158523fda3SJan Friedel 
6167c478bd9Sstevel@tonic-gate 		default:
6177c478bd9Sstevel@tonic-gate 			exit_error(gettext("Internal error #1."));
6187c478bd9Sstevel@tonic-gate 			break;
6197c478bd9Sstevel@tonic-gate 		}
6207c478bd9Sstevel@tonic-gate 	}
6217c478bd9Sstevel@tonic-gate }
6227c478bd9Sstevel@tonic-gate 
6237c478bd9Sstevel@tonic-gate 
6247c478bd9Sstevel@tonic-gate /*
6258523fda3SJan Friedel  * do_args() - do command line arguments in the order in which they appear.
6268523fda3SJan Friedel  * Function return values returned by the underlying functions; the semantics
6278523fda3SJan Friedel  * they should follow is to return B_TRUE on successful execution, B_FALSE
6288523fda3SJan Friedel  * otherwise.
6297c478bd9Sstevel@tonic-gate  */
6307c478bd9Sstevel@tonic-gate static void
do_args(char ** argv,au_mask_t * mask)631f8994074SJan Friedel do_args(char **argv, au_mask_t *mask)
6327c478bd9Sstevel@tonic-gate {
6338523fda3SJan Friedel 	arg_entry_t	*ae;
6347c478bd9Sstevel@tonic-gate 
6357c478bd9Sstevel@tonic-gate 	for (++argv; *argv; argv++) {
6367c478bd9Sstevel@tonic-gate 		ae = get_arg_ent(*argv);
6377c478bd9Sstevel@tonic-gate 
6387c478bd9Sstevel@tonic-gate 		switch (ae->auditconfig_cmd) {
6397c478bd9Sstevel@tonic-gate 
6407c478bd9Sstevel@tonic-gate 		case AC_ARG_AUDIT:
6417c478bd9Sstevel@tonic-gate 			{
6427c478bd9Sstevel@tonic-gate 				char sorf;
6437c478bd9Sstevel@tonic-gate 				int  retval;
6447c478bd9Sstevel@tonic-gate 				char *event_name;
6457c478bd9Sstevel@tonic-gate 				char *audit_str;
6467c478bd9Sstevel@tonic-gate 
6477c478bd9Sstevel@tonic-gate 				++argv;
6487c478bd9Sstevel@tonic-gate 				event_name = *argv;
6497c478bd9Sstevel@tonic-gate 				++argv;
6507c478bd9Sstevel@tonic-gate 				sorf = (char)atoi(*argv);
6517c478bd9Sstevel@tonic-gate 				++argv;
6527c478bd9Sstevel@tonic-gate 				retval = atoi(*argv);
6537c478bd9Sstevel@tonic-gate 				++argv;
6547c478bd9Sstevel@tonic-gate 				audit_str = *argv;
6557c478bd9Sstevel@tonic-gate 				do_audit(event_name, sorf, retval, audit_str);
6567c478bd9Sstevel@tonic-gate 			}
6577c478bd9Sstevel@tonic-gate 			break;
6587c478bd9Sstevel@tonic-gate 
6597c478bd9Sstevel@tonic-gate 		case AC_ARG_CHKCONF:
6607c478bd9Sstevel@tonic-gate 			do_chkconf();
6617c478bd9Sstevel@tonic-gate 			break;
6627c478bd9Sstevel@tonic-gate 
6637c478bd9Sstevel@tonic-gate 		case AC_ARG_CONF:
6647c478bd9Sstevel@tonic-gate 			do_conf();
6657c478bd9Sstevel@tonic-gate 			break;
6667c478bd9Sstevel@tonic-gate 
6677c478bd9Sstevel@tonic-gate 		case AC_ARG_CHKACONF:
6687c478bd9Sstevel@tonic-gate 			do_chkaconf();
6697c478bd9Sstevel@tonic-gate 			break;
6707c478bd9Sstevel@tonic-gate 
6717c478bd9Sstevel@tonic-gate 		case AC_ARG_ACONF:
6727c478bd9Sstevel@tonic-gate 			do_aconf();
6737c478bd9Sstevel@tonic-gate 			break;
6747c478bd9Sstevel@tonic-gate 
6757c478bd9Sstevel@tonic-gate 		case AC_ARG_GETASID:
6767c478bd9Sstevel@tonic-gate 			do_getasid();
6777c478bd9Sstevel@tonic-gate 			break;
6787c478bd9Sstevel@tonic-gate 
6797c478bd9Sstevel@tonic-gate 		case AC_ARG_GETAUID:
6807c478bd9Sstevel@tonic-gate 			do_getauid();
6817c478bd9Sstevel@tonic-gate 			break;
6827c478bd9Sstevel@tonic-gate 
6837c478bd9Sstevel@tonic-gate 		case AC_ARG_GETAUDIT:
6847c478bd9Sstevel@tonic-gate 			do_getaudit();
6857c478bd9Sstevel@tonic-gate 			break;
6867c478bd9Sstevel@tonic-gate 
6877c478bd9Sstevel@tonic-gate 		case AC_ARG_GETKAUDIT:
6887c478bd9Sstevel@tonic-gate 			do_getkaudit();
6897c478bd9Sstevel@tonic-gate 			break;
6907c478bd9Sstevel@tonic-gate 
6917c478bd9Sstevel@tonic-gate 		case AC_ARG_GETCLASS:
6927c478bd9Sstevel@tonic-gate 		case AC_ARG_GETESTATE:
6937c478bd9Sstevel@tonic-gate 			++argv;
6947c478bd9Sstevel@tonic-gate 			do_getclass(*argv);
6957c478bd9Sstevel@tonic-gate 			break;
6967c478bd9Sstevel@tonic-gate 
6977c478bd9Sstevel@tonic-gate 		case AC_ARG_GETCAR:
6987c478bd9Sstevel@tonic-gate 			do_getcar();
6997c478bd9Sstevel@tonic-gate 			break;
7007c478bd9Sstevel@tonic-gate 
7017c478bd9Sstevel@tonic-gate 		case AC_ARG_GETCOND:
7027c478bd9Sstevel@tonic-gate 			do_getcond();
7037c478bd9Sstevel@tonic-gate 			break;
7047c478bd9Sstevel@tonic-gate 
7057c478bd9Sstevel@tonic-gate 		case AC_ARG_GETCWD:
7067c478bd9Sstevel@tonic-gate 			do_getcwd();
7077c478bd9Sstevel@tonic-gate 			break;
7087c478bd9Sstevel@tonic-gate 
709f8994074SJan Friedel 		case AC_ARG_GETFLAGS:
710f8994074SJan Friedel 			do_getflags();
711f8994074SJan Friedel 			break;
712f8994074SJan Friedel 
7137c478bd9Sstevel@tonic-gate 		case AC_ARG_GETKMASK:
7147c478bd9Sstevel@tonic-gate 			do_getkmask();
7157c478bd9Sstevel@tonic-gate 			break;
7167c478bd9Sstevel@tonic-gate 
717f8994074SJan Friedel 		case AC_ARG_GETNAFLAGS:
718f8994074SJan Friedel 			do_getnaflags();
719f8994074SJan Friedel 			break;
720f8994074SJan Friedel 
721f8994074SJan Friedel 		case AC_ARG_GETPLUGIN:
722f8994074SJan Friedel 			{
723f8994074SJan Friedel 				char	*plugin_str = NULL;
724f8994074SJan Friedel 
725f8994074SJan Friedel 				++argv;
726f8994074SJan Friedel 				if (*argv != NULL) {
727f8994074SJan Friedel 					if (get_arg_ent(*argv) != NULL) {
728f8994074SJan Friedel 						--argv;
729f8994074SJan Friedel 					} else {
730f8994074SJan Friedel 						plugin_str = *argv;
731f8994074SJan Friedel 					}
732f8994074SJan Friedel 				} else {
733f8994074SJan Friedel 					--argv;
734f8994074SJan Friedel 				}
735f8994074SJan Friedel 
736f8994074SJan Friedel 				do_getplugin(plugin_str);
737f8994074SJan Friedel 			}
738f8994074SJan Friedel 			break;
739f8994074SJan Friedel 
7407c478bd9Sstevel@tonic-gate 		case AC_ARG_GETPOLICY:
7417c478bd9Sstevel@tonic-gate 			do_getpolicy();
7427c478bd9Sstevel@tonic-gate 			break;
7437c478bd9Sstevel@tonic-gate 
7447c478bd9Sstevel@tonic-gate 		case AC_ARG_GETQBUFSZ:
7457c478bd9Sstevel@tonic-gate 			do_getqbufsz();
7467c478bd9Sstevel@tonic-gate 			break;
7477c478bd9Sstevel@tonic-gate 
7487c478bd9Sstevel@tonic-gate 		case AC_ARG_GETQCTRL:
7497c478bd9Sstevel@tonic-gate 			do_getqctrl();
7507c478bd9Sstevel@tonic-gate 			break;
7517c478bd9Sstevel@tonic-gate 
7527c478bd9Sstevel@tonic-gate 		case AC_ARG_GETQDELAY:
7537c478bd9Sstevel@tonic-gate 			do_getqdelay();
7547c478bd9Sstevel@tonic-gate 			break;
7557c478bd9Sstevel@tonic-gate 
7567c478bd9Sstevel@tonic-gate 		case AC_ARG_GETQHIWATER:
7577c478bd9Sstevel@tonic-gate 			do_getqhiwater();
7587c478bd9Sstevel@tonic-gate 			break;
7597c478bd9Sstevel@tonic-gate 
7607c478bd9Sstevel@tonic-gate 		case AC_ARG_GETQLOWATER:
7617c478bd9Sstevel@tonic-gate 			do_getqlowater();
7627c478bd9Sstevel@tonic-gate 			break;
7637c478bd9Sstevel@tonic-gate 
7647c478bd9Sstevel@tonic-gate 		case AC_ARG_GETSTAT:
7657c478bd9Sstevel@tonic-gate 			do_getstat();
7667c478bd9Sstevel@tonic-gate 			break;
7677c478bd9Sstevel@tonic-gate 
7687c478bd9Sstevel@tonic-gate 		case AC_ARG_GETTERMID:
7697c478bd9Sstevel@tonic-gate 			do_gettermid();
7707c478bd9Sstevel@tonic-gate 			break;
7717c478bd9Sstevel@tonic-gate 
7727c478bd9Sstevel@tonic-gate 		case AC_ARG_LSEVENT:
7737c478bd9Sstevel@tonic-gate 			do_lsevent();
7747c478bd9Sstevel@tonic-gate 			break;
7757c478bd9Sstevel@tonic-gate 
7767c478bd9Sstevel@tonic-gate 		case AC_ARG_LSPOLICY:
7777c478bd9Sstevel@tonic-gate 			do_lspolicy();
7787c478bd9Sstevel@tonic-gate 			break;
7797c478bd9Sstevel@tonic-gate 
7807c478bd9Sstevel@tonic-gate 		case AC_ARG_SETASID:
7817c478bd9Sstevel@tonic-gate 			{
7827c478bd9Sstevel@tonic-gate 				char *sid_str;
7837c478bd9Sstevel@tonic-gate 
7847c478bd9Sstevel@tonic-gate 				++argv;
7857c478bd9Sstevel@tonic-gate 				sid_str = *argv;
7867c478bd9Sstevel@tonic-gate 				++argv;
7877c478bd9Sstevel@tonic-gate 				do_setasid(sid_str, argv);
7887c478bd9Sstevel@tonic-gate 			}
7897c478bd9Sstevel@tonic-gate 			break;
7907c478bd9Sstevel@tonic-gate 
7917c478bd9Sstevel@tonic-gate 		case AC_ARG_SETAUID:
7927c478bd9Sstevel@tonic-gate 			{
7937c478bd9Sstevel@tonic-gate 				char *user;
7947c478bd9Sstevel@tonic-gate 
7957c478bd9Sstevel@tonic-gate 				++argv;
7967c478bd9Sstevel@tonic-gate 				user = *argv;
7977c478bd9Sstevel@tonic-gate 				++argv;
7987c478bd9Sstevel@tonic-gate 				do_setauid(user, argv);
7997c478bd9Sstevel@tonic-gate 			}
8007c478bd9Sstevel@tonic-gate 			break;
8017c478bd9Sstevel@tonic-gate 
8027c478bd9Sstevel@tonic-gate 		case AC_ARG_SETAUDIT:
8037c478bd9Sstevel@tonic-gate 			{
8047c478bd9Sstevel@tonic-gate 				char *user_str;
8057c478bd9Sstevel@tonic-gate 				char *mask_str;
8067c478bd9Sstevel@tonic-gate 				char *tid_str;
8077c478bd9Sstevel@tonic-gate 				char *sid_str;
8087c478bd9Sstevel@tonic-gate 
8097c478bd9Sstevel@tonic-gate 				++argv;
8107c478bd9Sstevel@tonic-gate 				user_str = *argv;
8117c478bd9Sstevel@tonic-gate 				++argv;
8127c478bd9Sstevel@tonic-gate 				mask_str = *argv;
8137c478bd9Sstevel@tonic-gate 				++argv;
8147c478bd9Sstevel@tonic-gate 				tid_str = *argv;
8157c478bd9Sstevel@tonic-gate 				++argv;
8167c478bd9Sstevel@tonic-gate 				sid_str = *argv;
8177c478bd9Sstevel@tonic-gate 				++argv;
8188523fda3SJan Friedel 				do_setaudit(user_str, mask_str, tid_str,
8198523fda3SJan Friedel 				    sid_str, argv);
8207c478bd9Sstevel@tonic-gate 			}
8217c478bd9Sstevel@tonic-gate 			break;
8227c478bd9Sstevel@tonic-gate 
8237c478bd9Sstevel@tonic-gate 		case AC_ARG_SETKAUDIT:
8247c478bd9Sstevel@tonic-gate 			{
8257c478bd9Sstevel@tonic-gate 				char *address_type, *address;
8267c478bd9Sstevel@tonic-gate 
8277c478bd9Sstevel@tonic-gate 				++argv; address_type = *argv;
8287c478bd9Sstevel@tonic-gate 				++argv; address = *argv;
8297c478bd9Sstevel@tonic-gate 				do_setkaudit(address_type, address);
8307c478bd9Sstevel@tonic-gate 			}
8317c478bd9Sstevel@tonic-gate 			break;
8327c478bd9Sstevel@tonic-gate 
8337c478bd9Sstevel@tonic-gate 		case AC_ARG_SETCLASS:
8347c478bd9Sstevel@tonic-gate 			{
835f8994074SJan Friedel 				char *event_str;
8367c478bd9Sstevel@tonic-gate 
837f8994074SJan Friedel 				++argv;
838f8994074SJan Friedel 				event_str = *argv;
839f8994074SJan Friedel 				do_setclass(event_str, mask);
840f8994074SJan Friedel 
841f8994074SJan Friedel 				++argv;
8427c478bd9Sstevel@tonic-gate 			}
8437c478bd9Sstevel@tonic-gate 			break;
8447c478bd9Sstevel@tonic-gate 
845f8994074SJan Friedel 		case AC_ARG_SETFLAGS:
846f8994074SJan Friedel 			++argv;
847f8994074SJan Friedel 			do_setflags(*argv, mask);
848f8994074SJan Friedel 			break;
849f8994074SJan Friedel 
8507c478bd9Sstevel@tonic-gate 		case AC_ARG_SETKMASK:
8517c478bd9Sstevel@tonic-gate 			++argv;
852f8994074SJan Friedel 			do_setkmask(mask);
853