331 lines
9.0 KiB
Diff
331 lines
9.0 KiB
Diff
--- util-linux-2.13-pre2/hwclock/hwclock.c.audit 2005-07-31 22:15:18.000000000 +0200
|
|
+++ util-linux-2.13-pre2/hwclock/hwclock.c 2005-08-30 11:11:11.000000000 +0200
|
|
@@ -81,9 +81,11 @@
|
|
#include <stdarg.h>
|
|
#include <getopt.h>
|
|
#include <sysexits.h>
|
|
+#include <libaudit.h>
|
|
|
|
#include "clock.h"
|
|
#include "nls.h"
|
|
+#include "audit.h"
|
|
|
|
#define MYNAME "hwclock"
|
|
|
|
@@ -1234,7 +1236,7 @@
|
|
va_end(ap);
|
|
}
|
|
|
|
- exit(fmt ? EX_USAGE : 0);
|
|
+ audit_exit(fmt ? EX_USAGE : 0);
|
|
}
|
|
|
|
static const struct option longopts[] = {
|
|
@@ -1298,6 +1300,15 @@
|
|
/* Remember what time we were invoked */
|
|
gettimeofday(&startup_time, NULL);
|
|
|
|
+ audit_fd = audit_open();
|
|
+ if (audit_fd < 0 && !(errno == EINVAL || errno == EPROTONOSUPPORT ||
|
|
+ errno == EAFNOSUPPORT)) {
|
|
+ /* You get these error codes only when the kernel doesn't have
|
|
+ * audit compiled in. */
|
|
+ fprintf(stderr, "Error - unable to connect to audit system\n");
|
|
+ return EX_NOPERM;
|
|
+ }
|
|
+
|
|
setlocale(LC_ALL, "");
|
|
#ifdef LC_NUMERIC
|
|
/* We need LC_CTYPE and LC_TIME and LC_MESSAGES, but must avoid
|
|
@@ -1393,6 +1404,13 @@
|
|
argc -= optind;
|
|
argv += optind;
|
|
|
|
+ if (testing != TRUE) {
|
|
+ if (adjust == TRUE || hctosys == TRUE || systohc == TRUE ||
|
|
+ set == TRUE || setepoch == TRUE) {
|
|
+ auditable_event(1);
|
|
+ }
|
|
+ }
|
|
+
|
|
if (argc > 0) {
|
|
usage(_("%s takes no non-option arguments. "
|
|
"You supplied %d.\n"),
|
|
@@ -1403,27 +1421,27 @@
|
|
fprintf(stderr, _("You have specified multiple functions.\n"
|
|
"You can only perform one function "
|
|
"at a time.\n"));
|
|
- exit(EX_USAGE);
|
|
+ audit_exit(EX_USAGE);
|
|
}
|
|
|
|
if (utc && local_opt) {
|
|
fprintf(stderr, _("%s: The --utc and --localtime options "
|
|
"are mutually exclusive. You specified "
|
|
"both.\n"), MYNAME);
|
|
- exit(EX_USAGE);
|
|
+ audit_exit(EX_USAGE);
|
|
}
|
|
|
|
if (adjust && noadjfile) {
|
|
fprintf(stderr, _("%s: The --adjust and --noadjfile options "
|
|
"are mutually exclusive. You specified "
|
|
"both.\n"), MYNAME);
|
|
- exit(EX_USAGE);
|
|
+ audit_exit(EX_USAGE);
|
|
}
|
|
|
|
if (noadjfile && !(utc || local_opt)) {
|
|
fprintf(stderr, _("%s: With --noadjfile, you must specify "
|
|
"either --utc or --localtime\n"), MYNAME);
|
|
- exit(EX_USAGE);
|
|
+ audit_exit(EX_USAGE);
|
|
}
|
|
|
|
#ifdef __alpha__
|
|
@@ -1437,7 +1455,7 @@
|
|
if (rc != 0) {
|
|
fprintf(stderr, _("No usable set-to time. "
|
|
"Cannot set clock.\n"));
|
|
- exit(EX_USAGE);
|
|
+ audit_exit(EX_USAGE);
|
|
}
|
|
}
|
|
|
|
@@ -1469,11 +1487,11 @@
|
|
}
|
|
|
|
if (!permitted)
|
|
- exit(EX_NOPERM);
|
|
+ audit_exit(EX_NOPERM);
|
|
|
|
if (getepoch || setepoch) {
|
|
manipulate_epoch(getepoch, setepoch, epoch_option, testing);
|
|
- return 0;
|
|
+ audit_exit(0);
|
|
}
|
|
|
|
if (debug)
|
|
@@ -1487,12 +1505,14 @@
|
|
fprintf(stderr,
|
|
_("Use the --debug option to see the details "
|
|
"of our search for an access method.\n"));
|
|
- exit(1);
|
|
+ audit_exit(1);
|
|
}
|
|
|
|
- return manipulate_clock(show, adjust, noadjfile, set, set_time,
|
|
+ rc = manipulate_clock(show, adjust, noadjfile, set, set_time,
|
|
hctosys, systohc, startup_time, utc,
|
|
local_opt, testing);
|
|
+ audit_exit(rc);
|
|
+ return rc; /* Not reached */
|
|
}
|
|
|
|
/* A single routine for greater uniformity */
|
|
--- /dev/null 2005-08-29 11:11:19.415613608 +0200
|
|
+++ util-linux-2.13-pre2/hwclock/audit.c 2005-08-30 11:10:38.000000000 +0200
|
|
@@ -0,0 +1,73 @@
|
|
+/* audit.c -- This file contains the audit system extensions
|
|
+ *
|
|
+ * Copyright 2005 Red Hat Inc., Durham, North Carolina.
|
|
+ * All Rights Reserved.
|
|
+ *
|
|
+ * This program is free software; you can redistribute it and/or modify
|
|
+ * it under the terms of the GNU General Public License as published by
|
|
+ * the Free Software Foundation; either version 2 of the License, or
|
|
+ * (at your option) any later version.
|
|
+ *
|
|
+ * This program is distributed in the hope that it will be useful,
|
|
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+ * GNU General Public License for more details.
|
|
+ *
|
|
+ * You should have received a copy of the GNU General Public License
|
|
+ * along with this program; if not, write to the Free Software
|
|
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|
+ *
|
|
+ * Authors:
|
|
+ * Steve Grubb <sgrubb@redhat.com>
|
|
+ */
|
|
+
|
|
+#include <stdio.h>
|
|
+#include <string.h>
|
|
+#include <stdlib.h>
|
|
+#include <unistd.h>
|
|
+#include <libaudit.h>
|
|
+#include "audit.h"
|
|
+
|
|
+int audit_fd = -1;
|
|
+
|
|
+/*
|
|
+ * This function will log a message to the audit system using a predefined
|
|
+ * message format. Parameter usage is as follows:
|
|
+ *
|
|
+ * op - operation. "adding user", "changing finger info", "deleting group"
|
|
+ * result - 0 = "success" or 1 = "failed"
|
|
+ */
|
|
+static void audit_logger(const char *op, int result)
|
|
+{
|
|
+ char msg_buf[256]; /* Common buffer for messaging */
|
|
+ const char *success;
|
|
+ extern char *progname;
|
|
+
|
|
+ if (audit_fd < 0)
|
|
+ return; /* kernel without audit support */
|
|
+
|
|
+ if (!result)
|
|
+ success = "success";
|
|
+ else
|
|
+ success = "failed";
|
|
+
|
|
+ /* Add some audit info & log it. */
|
|
+ snprintf(msg_buf, sizeof(msg_buf),
|
|
+ "%s: op=%s id=%u res=%s", progname, op, getuid(), success);
|
|
+ audit_send_user_message(audit_fd, AUDIT_USYS_CONFIG, msg_buf);
|
|
+ close(audit_fd);
|
|
+}
|
|
+
|
|
+static int audit_this = 0;
|
|
+void auditable_event(int i)
|
|
+{
|
|
+ audit_this = i;
|
|
+}
|
|
+
|
|
+void audit_exit(int status)
|
|
+{
|
|
+ if (audit_this)
|
|
+ audit_logger("changing system time", status);
|
|
+ exit(status);
|
|
+}
|
|
+
|
|
--- util-linux-2.13-pre2/hwclock/kd.c.audit 2005-07-31 18:01:20.000000000 +0200
|
|
+++ util-linux-2.13-pre2/hwclock/kd.c 2005-08-30 11:06:38.000000000 +0200
|
|
@@ -19,6 +19,7 @@
|
|
|
|
#include "clock.h"
|
|
#include "nls.h"
|
|
+#include "audit.h"
|
|
|
|
static int con_fd = -1; /* opened by probe_for_kd_clock() */
|
|
/* never closed */
|
|
@@ -103,7 +104,7 @@
|
|
|
|
if (ioctl(con_fd, KDGHWCLK, &t) == -1) {
|
|
outsyserr(_("ioctl() failed to read time from %s"), con_fd_filename);
|
|
- exit(EX_IOERR);
|
|
+ audit_exit(EX_IOERR);
|
|
}
|
|
|
|
tm->tm_sec = t.sec;
|
|
@@ -139,7 +140,7 @@
|
|
|
|
if (ioctl(con_fd, KDSHWCLK, &t ) == -1) {
|
|
outsyserr(_("ioctl KDSHWCLK failed"));
|
|
- exit(1);
|
|
+ audit_exit(1);
|
|
}
|
|
return 0;
|
|
}
|
|
--- util-linux-2.13-pre2/hwclock/Makefile.am.audit 2005-01-30 00:18:46.000000000 +0100
|
|
+++ util-linux-2.13-pre2/hwclock/Makefile.am 2005-08-30 11:06:38.000000000 +0200
|
|
@@ -4,4 +4,5 @@
|
|
|
|
sbin_PROGRAMS = hwclock
|
|
|
|
-hwclock_SOURCES = hwclock.c cmos.c rtc.c kd.c
|
|
\ Chybí znak konce řádku na konci souboru
|
|
+hwclock_SOURCES = hwclock.c cmos.c rtc.c kd.c audit.c
|
|
+hwclock_LDADD = -laudit
|
|
\ Chybí znak konce řádku na konci souboru
|
|
--- /dev/null 2005-08-29 11:11:19.415613608 +0200
|
|
+++ util-linux-2.13-pre2/hwclock/audit.h 2005-08-30 11:06:38.000000000 +0200
|
|
@@ -0,0 +1,34 @@
|
|
+/* audit.h -- This file contains the function prototypes for audit calls
|
|
+ * Copyright 2005 Red Hat Inc., Durham, North Carolina.
|
|
+ * All Rights Reserved.
|
|
+ *
|
|
+ * This program is free software; you can redistribute it and/or modify
|
|
+ * it under the terms of the GNU General Public License as published by
|
|
+ * the Free Software Foundation; either version 2 of the License, or
|
|
+ * (at your option) any later version.
|
|
+ *
|
|
+ * This program is distributed in the hope that it will be useful,
|
|
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
+ * GNU General Public License for more details.
|
|
+ *
|
|
+ * You should have received a copy of the GNU General Public License
|
|
+ * along with this program; if not, write to the Free Software
|
|
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|
+ *
|
|
+ * Author:
|
|
+ * Steve Grubb <sgrubb@redhat.com>
|
|
+ *
|
|
+ */
|
|
+
|
|
+#ifndef HW_AUDIT_H
|
|
+#define HW_AUDIT_H
|
|
+
|
|
+/* This is the file descriptor used by the audit system */
|
|
+extern int audit_fd;
|
|
+
|
|
+/* This is the logging functions */
|
|
+void auditable_event(int i);
|
|
+void audit_exit(int status);
|
|
+
|
|
+#endif
|
|
--- util-linux-2.13-pre2/hwclock/clock.h.audit 2000-12-07 17:39:53.000000000 +0100
|
|
+++ util-linux-2.13-pre2/hwclock/clock.h 2005-08-30 11:06:38.000000000 +0200
|
|
@@ -24,7 +24,12 @@
|
|
extern char *progname;
|
|
extern int debug;
|
|
extern int epoch_option;
|
|
-extern void outsyserr(char *msg, ...);
|
|
+extern void outsyserr(char *msg, ...)
|
|
+#ifdef __GNUC__
|
|
+ __attribute__ ((format (printf, 1, 2)));
|
|
+#else
|
|
+ ;
|
|
+#endif
|
|
|
|
/* cmos.c */
|
|
extern void set_cmos_epoch(int ARCconsole, int SRM);
|
|
--- util-linux-2.13-pre2/hwclock/rtc.c.audit 2005-07-31 22:15:45.000000000 +0200
|
|
+++ util-linux-2.13-pre2/hwclock/rtc.c 2005-08-30 11:06:38.000000000 +0200
|
|
@@ -8,6 +8,7 @@
|
|
|
|
#include "clock.h"
|
|
#include "nls.h"
|
|
+#include "audit.h"
|
|
|
|
/*
|
|
* Get defines for rtc stuff.
|
|
@@ -114,7 +115,7 @@
|
|
|
|
if (rtc_fd < 0) {
|
|
outsyserr(_("open() of %s failed"), rtc_dev_name);
|
|
- exit(EX_OSFILE);
|
|
+ audit_exit(EX_OSFILE);
|
|
}
|
|
return rtc_fd;
|
|
}
|
|
@@ -149,7 +150,7 @@
|
|
perror(ioctlname);
|
|
fprintf(stderr, _("ioctl() to %s to read the time failed.\n"),
|
|
rtc_dev_name);
|
|
- exit(EX_IOERR);
|
|
+ audit_exit(EX_IOERR);
|
|
}
|
|
|
|
tm->tm_isdst = -1; /* don't know whether it's dst */
|
|
@@ -329,7 +330,7 @@
|
|
perror(ioctlname);
|
|
fprintf(stderr, _("ioctl() to %s to set the time failed.\n"),
|
|
rtc_dev_name);
|
|
- exit(EX_IOERR);
|
|
+ audit_exit(EX_IOERR);
|
|
}
|
|
|
|
if (debug)
|