Print this page
NEX-13644 File access audit logging
Reviewed by: Gordon Ross <gordon.ross@nexenta.com>
Reviewed by: Roman Strashkin <roman.strashkin@nexenta.com>
Reviewed by: Saso Kiselkov <saso.kiselkov@nexenta.com>
Reviewed by: Rick McNeal <rick.mcneal@nexenta.com>
Reviewed by: Yuri Pankov <yuri.pankov@nexenta.com>
@@ -19,10 +19,12 @@
* CDDL HEADER END
*/
/*
* Copyright 2010 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
+ *
+ * Copyright 2018 Nexenta Systems, Inc. All rights reserved.
*/
/*
* Command line option processing for auditreduce.
* The entry point is process_options(), which is called by main().
@@ -67,11 +69,12 @@
{ "semowner", OBJ_SEMOWNER },
{ "shmid", OBJ_SHM },
{ "shmgroup", OBJ_SHMGROUP },
{ "shmowner", OBJ_SHMOWNER },
{ "sock", OBJ_SOCK },
- { "user", OBJ_USER } };
+ { "user", OBJ_USER },
+ { "wsid", OBJ_WSID } };
extern int derive_date(char *, struct tm *);
extern int parse_time(char *, int);
extern char *re_comp2(char *);
extern time_t tm_to_secs(struct tm *);
@@ -94,10 +97,11 @@
static int proc_sid(char *);
static int proc_type(char *);
static int proc_user(char *, uid_t *);
static int proc_zonename(char *);
static int proc_fmri(char *);
+static int proc_wsid(char *);
/*
* .func process_options - process command line options.
* .desc Process the user's command line options. These are of two types:
* single letter flags that are denoted by '-', and filenames. Some
@@ -122,10 +126,11 @@
static char *options = "ACD:M:NQR:S:VO:"
"a:b:c:d:e:g:j:l:m:o:r:s:t:u:z:";
error_str = gettext("general error");
+ wsid = NULL;
zonename = NULL;
/*
* Big switch to process the flags.
* Start_over: is for handling the '-' for standard input. Getopt()
* doesn't recognize it.
@@ -408,10 +413,12 @@
return (proc_user(obj_val, &obj_owner));
case OBJ_FMRI:
return (proc_fmri(obj_val));
case OBJ_USER:
return (proc_user(obj_val, &obj_user));
+ case OBJ_WSID:
+ return (proc_wsid(obj_val));
case OBJ_LP: /* lp objects have not yet been defined */
default: /* impossible */
(void) sprintf(errbuf, gettext("invalid object type (%s)"),
obj_str);
error_str = errbuf;
@@ -1290,5 +1297,26 @@
if (fmri.sp_arg == NULL)
return (-1);
return (0);
}
+
+/*
+ * proc_wsid - pick up Windows SID.
+ *
+ * ret 0: non-empty string
+ * ret -1: empty string or string is too long.
+ */
+static int
+proc_wsid(char *optstr)
+{
+ size_t length = strlen(optstr);
+ if ((length < 1) || (length > 256) ||
+ strncmp(optstr, "S-1-", 4) != 0) { /* SMB_SID_STRSZ */
+ (void) snprintf(errbuf, ERRBUF_SZ,
+ gettext("bad Windows SID: %s"), optstr);
+ error_str = errbuf;
+ return (-1);
+ }
+ wsid = strdup(optstr);
+ return (0);
+}