1*0Sstevel@tonic-gate /* 2*0Sstevel@tonic-gate * CDDL HEADER START 3*0Sstevel@tonic-gate * 4*0Sstevel@tonic-gate * The contents of this file are subject to the terms of the 5*0Sstevel@tonic-gate * Common Development and Distribution License, Version 1.0 only 6*0Sstevel@tonic-gate * (the "License"). You may not use this file except in compliance 7*0Sstevel@tonic-gate * with the License. 8*0Sstevel@tonic-gate * 9*0Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10*0Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 11*0Sstevel@tonic-gate * See the License for the specific language governing permissions 12*0Sstevel@tonic-gate * and limitations under the License. 13*0Sstevel@tonic-gate * 14*0Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 15*0Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16*0Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 17*0Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 18*0Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 19*0Sstevel@tonic-gate * 20*0Sstevel@tonic-gate * CDDL HEADER END 21*0Sstevel@tonic-gate */ 22*0Sstevel@tonic-gate /* 23*0Sstevel@tonic-gate * Copyright 2003 Sun Microsystems, Inc. All rights reserved. 24*0Sstevel@tonic-gate * Use is subject to license terms. 25*0Sstevel@tonic-gate */ 26*0Sstevel@tonic-gate 27*0Sstevel@tonic-gate #pragma ident "%Z%%M% %I% %E% SMI" 28*0Sstevel@tonic-gate 29*0Sstevel@tonic-gate #include <sys/types.h> 30*0Sstevel@tonic-gate #include <stdio.h> 31*0Sstevel@tonic-gate #include <sys/fcntl.h> 32*0Sstevel@tonic-gate #include <bsm/audit.h> 33*0Sstevel@tonic-gate #include <bsm/audit_record.h> 34*0Sstevel@tonic-gate #include <bsm/audit_uevents.h> 35*0Sstevel@tonic-gate #include <bsm/libbsm.h> 36*0Sstevel@tonic-gate #include <bsm/audit_private.h> 37*0Sstevel@tonic-gate #include <stdlib.h> 38*0Sstevel@tonic-gate #include <string.h> 39*0Sstevel@tonic-gate #include <syslog.h> 40*0Sstevel@tonic-gate #include <netinet/in.h> 41*0Sstevel@tonic-gate #include <unistd.h> 42*0Sstevel@tonic-gate #include <synch.h> 43*0Sstevel@tonic-gate #include <generic.h> 44*0Sstevel@tonic-gate 45*0Sstevel@tonic-gate #ifdef C2_DEBUG2 46*0Sstevel@tonic-gate #define dprintf(x) { printf x; } 47*0Sstevel@tonic-gate #else 48*0Sstevel@tonic-gate #define dprintf(x) 49*0Sstevel@tonic-gate #endif 50*0Sstevel@tonic-gate 51*0Sstevel@tonic-gate static mutex_t audit_mountd_lock = DEFAULTMUTEX; 52*0Sstevel@tonic-gate static int cannotaudit = 0; 53*0Sstevel@tonic-gate 54*0Sstevel@tonic-gate extern int _mutex_lock(mutex_t *); 55*0Sstevel@tonic-gate extern int _mutex_unlock(mutex_t *); 56*0Sstevel@tonic-gate 57*0Sstevel@tonic-gate /* 58*0Sstevel@tonic-gate * This setup call is made only once at the start of mountd. 59*0Sstevel@tonic-gate * The call sets the auditing state off if appropriate, and is 60*0Sstevel@tonic-gate * made in single threaded code, hence no locking is required. 61*0Sstevel@tonic-gate */ 62*0Sstevel@tonic-gate void 63*0Sstevel@tonic-gate audit_mountd_setup() 64*0Sstevel@tonic-gate { 65*0Sstevel@tonic-gate dprintf(("audit_mountd_setup()\n")); 66*0Sstevel@tonic-gate 67*0Sstevel@tonic-gate 68*0Sstevel@tonic-gate if (cannot_audit(0)) 69*0Sstevel@tonic-gate cannotaudit = 1; 70*0Sstevel@tonic-gate } 71*0Sstevel@tonic-gate 72*0Sstevel@tonic-gate void 73*0Sstevel@tonic-gate audit_mountd_mount(clname, path, sorf) 74*0Sstevel@tonic-gate char *clname; /* client name */ 75*0Sstevel@tonic-gate char *path; /* mount path */ 76*0Sstevel@tonic-gate int sorf; /* flag for success or failure */ 77*0Sstevel@tonic-gate { 78*0Sstevel@tonic-gate uint32_t buf[4], type; 79*0Sstevel@tonic-gate dprintf(("audit_mountd_mount()\n")); 80*0Sstevel@tonic-gate 81*0Sstevel@tonic-gate if (cannotaudit) 82*0Sstevel@tonic-gate return; 83*0Sstevel@tonic-gate 84*0Sstevel@tonic-gate (void) _mutex_lock(&audit_mountd_lock); 85*0Sstevel@tonic-gate 86*0Sstevel@tonic-gate (void) aug_save_namask(); 87*0Sstevel@tonic-gate 88*0Sstevel@tonic-gate (void) aug_save_me(); 89*0Sstevel@tonic-gate aug_save_event(AUE_mountd_mount); 90*0Sstevel@tonic-gate aug_save_sorf(sorf); 91*0Sstevel@tonic-gate aug_save_text(clname); 92*0Sstevel@tonic-gate aug_save_path(path); 93*0Sstevel@tonic-gate (void) aug_get_machine(clname, buf, &type); 94*0Sstevel@tonic-gate aug_save_tid_ex(aug_get_port(), buf, type); 95*0Sstevel@tonic-gate (void) aug_audit(); 96*0Sstevel@tonic-gate (void) _mutex_unlock(&audit_mountd_lock); 97*0Sstevel@tonic-gate } 98*0Sstevel@tonic-gate 99*0Sstevel@tonic-gate void 100*0Sstevel@tonic-gate audit_mountd_umount(clname, path) 101*0Sstevel@tonic-gate char *clname; /* client name */ 102*0Sstevel@tonic-gate char *path; /* mount path */ 103*0Sstevel@tonic-gate { 104*0Sstevel@tonic-gate uint32_t buf[4], type; 105*0Sstevel@tonic-gate 106*0Sstevel@tonic-gate dprintf(("audit_mountd_mount()\n")); 107*0Sstevel@tonic-gate 108*0Sstevel@tonic-gate if (cannotaudit) 109*0Sstevel@tonic-gate return; 110*0Sstevel@tonic-gate 111*0Sstevel@tonic-gate (void) _mutex_lock(&audit_mountd_lock); 112*0Sstevel@tonic-gate 113*0Sstevel@tonic-gate (void) aug_save_namask(); 114*0Sstevel@tonic-gate 115*0Sstevel@tonic-gate (void) aug_save_me(); 116*0Sstevel@tonic-gate aug_save_event(AUE_mountd_umount); 117*0Sstevel@tonic-gate aug_save_sorf(0); 118*0Sstevel@tonic-gate aug_save_text(clname); 119*0Sstevel@tonic-gate aug_save_path(path); 120*0Sstevel@tonic-gate (void) aug_get_machine(clname, buf, &type); 121*0Sstevel@tonic-gate aug_save_tid_ex(aug_get_port(), buf, type); 122*0Sstevel@tonic-gate (void) aug_audit(); 123*0Sstevel@tonic-gate (void) _mutex_unlock(&audit_mountd_lock); 124*0Sstevel@tonic-gate } 125