]>
Commit | Line | Data |
---|---|---|
5545a732 JR |
1 | - util-linux updates for new audit system |
2 | ||
3 | diff -urN util-linux-2.13-pre5.orig/hwclock/audit.c util-linux-2.13-pre5/hwclock/audit.c | |
4 | --- util-linux-2.13-pre5.orig/hwclock/audit.c 1969-12-31 19:00:00.000000000 -0500 | |
5 | +++ util-linux-2.13-pre5/hwclock/audit.c 2005-10-25 17:14:46.000000000 -0400 | |
6 | @@ -0,0 +1,50 @@ | |
7 | +/* audit.c -- This file contains the audit system extensions | |
8 | + * | |
9 | + * Copyright 2005 Red Hat Inc., Durham, North Carolina. | |
10 | + * All Rights Reserved. | |
11 | + * | |
12 | + * This program is free software; you can redistribute it and/or modify | |
13 | + * it under the terms of the GNU General Public License as published by | |
14 | + * the Free Software Foundation; either version 2 of the License, or | |
15 | + * (at your option) any later version. | |
16 | + * | |
17 | + * This program is distributed in the hope that it will be useful, | |
18 | + * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
19 | + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
20 | + * GNU General Public License for more details. | |
21 | + * | |
22 | + * You should have received a copy of the GNU General Public License | |
23 | + * along with this program; if not, write to the Free Software | |
24 | + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA | |
25 | + * | |
26 | + * Authors: | |
27 | + * Steve Grubb <sgrubb@redhat.com> | |
28 | + */ | |
29 | + | |
30 | +#include <stdio.h> | |
31 | +#include <string.h> | |
32 | +#include <stdlib.h> | |
33 | +#include <unistd.h> | |
34 | +#include <libaudit.h> | |
35 | +#include "audit.h" | |
36 | + | |
37 | +int audit_fd = -1; | |
38 | +static int audit_this = 0; | |
39 | + | |
40 | + | |
41 | +void auditable_event(int i) | |
42 | +{ | |
43 | + audit_this = i; | |
44 | +} | |
45 | + | |
46 | + | |
47 | +void audit_exit(int status) | |
48 | +{ | |
49 | + if (audit_this) { | |
50 | + audit_log_user_message(audit_fd, AUDIT_USYS_CONFIG, | |
51 | + "changing system time", NULL, NULL, NULL, status ? 0 : 1); | |
52 | + close(audit_fd); | |
53 | + } | |
54 | + exit(status); | |
55 | +} | |
56 | + | |
57 | diff -urN util-linux-2.13-pre5.orig/hwclock/audit.h util-linux-2.13-pre5/hwclock/audit.h | |
58 | --- util-linux-2.13-pre5.orig/hwclock/audit.h 1969-12-31 19:00:00.000000000 -0500 | |
59 | +++ util-linux-2.13-pre5/hwclock/audit.h 2005-10-25 17:09:40.000000000 -0400 | |
60 | @@ -0,0 +1,34 @@ | |
61 | +/* audit.h -- This file contains the function prototypes for audit calls | |
62 | + * Copyright 2005 Red Hat Inc., Durham, North Carolina. | |
63 | + * All Rights Reserved. | |
64 | + * | |
65 | + * This program is free software; you can redistribute it and/or modify | |
66 | + * it under the terms of the GNU General Public License as published by | |
67 | + * the Free Software Foundation; either version 2 of the License, or | |
68 | + * (at your option) any later version. | |
69 | + * | |
70 | + * This program is distributed in the hope that it will be useful, | |
71 | + * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
72 | + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
73 | + * GNU General Public License for more details. | |
74 | + * | |
75 | + * You should have received a copy of the GNU General Public License | |
76 | + * along with this program; if not, write to the Free Software | |
77 | + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA | |
78 | + * | |
79 | + * Author: | |
80 | + * Steve Grubb <sgrubb@redhat.com> | |
81 | + * | |
82 | + */ | |
83 | + | |
84 | +#ifndef HW_AUDIT_H | |
85 | +#define HW_AUDIT_H | |
86 | + | |
87 | +/* This is the file descriptor used by the audit system */ | |
88 | +extern int audit_fd; | |
89 | + | |
90 | +/* This is the logging functions */ | |
91 | +void auditable_event(int i); | |
92 | +void audit_exit(int status); | |
93 | + | |
94 | +#endif | |
95 | diff -urN util-linux-2.13-pre5.orig/hwclock/clock.h util-linux-2.13-pre5/hwclock/clock.h | |
96 | --- util-linux-2.13-pre5.orig/hwclock/clock.h 2005-10-25 17:08:26.000000000 -0400 | |
97 | +++ util-linux-2.13-pre5/hwclock/clock.h 2005-10-25 17:09:40.000000000 -0400 | |
98 | @@ -24,7 +24,12 @@ | |
99 | extern char *progname; | |
100 | extern int debug; | |
101 | extern int epoch_option; | |
102 | -extern void outsyserr(char *msg, ...); | |
103 | +extern void outsyserr(char *msg, ...) | |
104 | +#ifdef __GNUC__ | |
105 | + __attribute__ ((format (printf, 1, 2))); | |
106 | +#else | |
107 | + ; | |
108 | +#endif | |
109 | ||
110 | /* cmos.c */ | |
111 | extern void set_cmos_epoch(int ARCconsole, int SRM); | |
112 | diff -urN util-linux-2.13-pre5.orig/hwclock/hwclock.c util-linux-2.13-pre5/hwclock/hwclock.c | |
113 | --- util-linux-2.13-pre5.orig/hwclock/hwclock.c 2005-10-25 17:08:26.000000000 -0400 | |
114 | +++ util-linux-2.13-pre5/hwclock/hwclock.c 2005-10-25 17:09:40.000000000 -0400 | |
115 | @@ -81,9 +81,11 @@ | |
116 | #include <stdarg.h> | |
117 | #include <getopt.h> | |
118 | #include <sysexits.h> | |
119 | +#include <libaudit.h> | |
120 | ||
121 | #include "clock.h" | |
122 | #include "nls.h" | |
123 | +#include "audit.h" | |
124 | ||
125 | #define MYNAME "hwclock" | |
126 | ||
127 | @@ -1234,7 +1236,7 @@ | |
128 | va_end(ap); | |
129 | } | |
130 | ||
131 | - exit(fmt ? EX_USAGE : 0); | |
132 | + audit_exit(fmt ? EX_USAGE : 0); | |
133 | } | |
134 | ||
135 | static const struct option longopts[] = { | |
136 | @@ -1298,6 +1300,15 @@ | |
137 | /* Remember what time we were invoked */ | |
138 | gettimeofday(&startup_time, NULL); | |
139 | ||
140 | + audit_fd = audit_open(); | |
141 | + if (audit_fd < 0 && !(errno == EINVAL || errno == EPROTONOSUPPORT || | |
142 | + errno == EAFNOSUPPORT)) { | |
143 | + /* You get these error codes only when the kernel doesn't have | |
144 | + * audit compiled in. */ | |
145 | + fprintf(stderr, "Error - unable to connect to audit system\n"); | |
146 | + return EX_NOPERM; | |
147 | + } | |
148 | + | |
149 | setlocale(LC_ALL, ""); | |
150 | #ifdef LC_NUMERIC | |
151 | /* We need LC_CTYPE and LC_TIME and LC_MESSAGES, but must avoid | |
152 | @@ -1393,6 +1404,13 @@ | |
153 | argc -= optind; | |
154 | argv += optind; | |
155 | ||
156 | + if (testing != TRUE) { | |
157 | + if (adjust == TRUE || hctosys == TRUE || systohc == TRUE || | |
158 | + set == TRUE || setepoch == TRUE) { | |
159 | + auditable_event(1); | |
160 | + } | |
161 | + } | |
162 | + | |
163 | if (argc > 0) { | |
164 | usage(_("%s takes no non-option arguments. " | |
165 | "You supplied %d.\n"), | |
166 | @@ -1403,27 +1421,27 @@ | |
167 | fprintf(stderr, _("You have specified multiple functions.\n" | |
168 | "You can only perform one function " | |
169 | "at a time.\n")); | |
170 | - exit(EX_USAGE); | |
171 | + audit_exit(EX_USAGE); | |
172 | } | |
173 | ||
174 | if (utc && local_opt) { | |
175 | fprintf(stderr, _("%s: The --utc and --localtime options " | |
176 | "are mutually exclusive. You specified " | |
177 | "both.\n"), MYNAME); | |
178 | - exit(EX_USAGE); | |
179 | + audit_exit(EX_USAGE); | |
180 | } | |
181 | ||
182 | if (adjust && noadjfile) { | |
183 | fprintf(stderr, _("%s: The --adjust and --noadjfile options " | |
184 | "are mutually exclusive. You specified " | |
185 | "both.\n"), MYNAME); | |
186 | - exit(EX_USAGE); | |
187 | + audit_exit(EX_USAGE); | |
188 | } | |
189 | ||
190 | if (noadjfile && !(utc || local_opt)) { | |
191 | fprintf(stderr, _("%s: With --noadjfile, you must specify " | |
192 | "either --utc or --localtime\n"), MYNAME); | |
193 | - exit(EX_USAGE); | |
194 | + audit_exit(EX_USAGE); | |
195 | } | |
196 | ||
197 | #ifdef __alpha__ | |
198 | @@ -1437,7 +1455,7 @@ | |
199 | if (rc != 0) { | |
200 | fprintf(stderr, _("No usable set-to time. " | |
201 | "Cannot set clock.\n")); | |
202 | - exit(EX_USAGE); | |
203 | + audit_exit(EX_USAGE); | |
204 | } | |
205 | } | |
206 | ||
207 | @@ -1469,11 +1487,11 @@ | |
208 | } | |
209 | ||
210 | if (!permitted) | |
211 | - exit(EX_NOPERM); | |
212 | + audit_exit(EX_NOPERM); | |
213 | ||
214 | if (getepoch || setepoch) { | |
215 | manipulate_epoch(getepoch, setepoch, epoch_option, testing); | |
216 | - return 0; | |
217 | + audit_exit(0); | |
218 | } | |
219 | ||
220 | if (debug) | |
221 | @@ -1487,12 +1505,14 @@ | |
222 | fprintf(stderr, | |
223 | _("Use the --debug option to see the details " | |
224 | "of our search for an access method.\n")); | |
225 | - exit(1); | |
226 | + audit_exit(1); | |
227 | } | |
228 | ||
229 | - return manipulate_clock(show, adjust, noadjfile, set, set_time, | |
230 | + rc = manipulate_clock(show, adjust, noadjfile, set, set_time, | |
231 | hctosys, systohc, startup_time, utc, | |
232 | local_opt, testing); | |
233 | + audit_exit(rc); | |
234 | + return rc; /* Not reached */ | |
235 | } | |
236 | ||
237 | /* A single routine for greater uniformity */ | |
238 | diff -urN util-linux-2.13-pre5.orig/hwclock/kd.c util-linux-2.13-pre5/hwclock/kd.c | |
239 | --- util-linux-2.13-pre5.orig/hwclock/kd.c 2005-10-25 17:08:26.000000000 -0400 | |
240 | +++ util-linux-2.13-pre5/hwclock/kd.c 2005-10-25 17:09:40.000000000 -0400 | |
241 | @@ -19,6 +19,7 @@ | |
242 | ||
243 | #include "clock.h" | |
244 | #include "nls.h" | |
245 | +#include "audit.h" | |
246 | ||
247 | static int con_fd = -1; /* opened by probe_for_kd_clock() */ | |
248 | /* never closed */ | |
249 | @@ -103,7 +104,7 @@ | |
250 | ||
251 | if (ioctl(con_fd, KDGHWCLK, &t) == -1) { | |
252 | outsyserr(_("ioctl() failed to read time from %s"), con_fd_filename); | |
253 | - exit(EX_IOERR); | |
254 | + audit_exit(EX_IOERR); | |
255 | } | |
256 | ||
257 | tm->tm_sec = t.sec; | |
258 | @@ -139,7 +140,7 @@ | |
259 | ||
260 | if (ioctl(con_fd, KDSHWCLK, &t ) == -1) { | |
261 | outsyserr(_("ioctl KDSHWCLK failed")); | |
262 | - exit(1); | |
263 | + audit_exit(1); | |
264 | } | |
265 | return 0; | |
266 | } | |
267 | diff -urN util-linux-2.13-pre5.orig/hwclock/Makefile.am util-linux-2.13-pre5/hwclock/Makefile.am | |
268 | --- util-linux-2.13-pre5.orig/hwclock/Makefile.am 2005-10-25 17:08:26.000000000 -0400 | |
269 | +++ util-linux-2.13-pre5/hwclock/Makefile.am 2005-10-25 17:09:40.000000000 -0400 | |
270 | @@ -4,4 +4,5 @@ | |
271 | ||
272 | sbin_PROGRAMS = hwclock | |
273 | ||
274 | -hwclock_SOURCES = hwclock.c cmos.c rtc.c kd.c | |
275 | \ No newline at end of file | |
276 | +hwclock_SOURCES = hwclock.c cmos.c rtc.c kd.c audit.c | |
277 | +hwclock_LDADD = -laudit | |
278 | \ No newline at end of file | |
279 | diff -urN util-linux-2.13-pre5.orig/hwclock/rtc.c util-linux-2.13-pre5/hwclock/rtc.c | |
280 | --- util-linux-2.13-pre5.orig/hwclock/rtc.c 2005-10-25 17:08:26.000000000 -0400 | |
281 | +++ util-linux-2.13-pre5/hwclock/rtc.c 2005-10-25 17:09:40.000000000 -0400 | |
282 | @@ -8,6 +8,7 @@ | |
283 | ||
284 | #include "clock.h" | |
285 | #include "nls.h" | |
286 | +#include "audit.h" | |
287 | ||
288 | /* | |
289 | * Get defines for rtc stuff. | |
290 | @@ -114,7 +115,7 @@ | |
291 | ||
292 | if (rtc_fd < 0) { | |
293 | outsyserr(_("open() of %s failed"), rtc_dev_name); | |
294 | - exit(EX_OSFILE); | |
295 | + audit_exit(EX_OSFILE); | |
296 | } | |
297 | return rtc_fd; | |
298 | } | |
299 | @@ -149,7 +150,7 @@ | |
300 | perror(ioctlname); | |
301 | fprintf(stderr, _("ioctl() to %s to read the time failed.\n"), | |
302 | rtc_dev_name); | |
303 | - exit(EX_IOERR); | |
304 | + audit_exit(EX_IOERR); | |
305 | } | |
306 | ||
307 | tm->tm_isdst = -1; /* don't know whether it's dst */ | |
308 | @@ -329,7 +330,7 @@ | |
309 | perror(ioctlname); | |
310 | fprintf(stderr, _("ioctl() to %s to set the time failed.\n"), | |
311 | rtc_dev_name); | |
312 | - exit(EX_IOERR); | |
313 | + audit_exit(EX_IOERR); | |
314 | } | |
315 | ||
316 | if (debug) |