Print this page
NEX-13644 File access audit logging
Reviewed by: Gordon Ross <gordon.ross@nexenta.com>
Reviewed by: Roman Strashkin <roman.strashkin@nexenta.com>
Reviewed by: Saso Kiselkov <saso.kiselkov@nexenta.com>
Reviewed by: Rick McNeal <rick.mcneal@nexenta.com>
Reviewed by: Yuri Pankov <yuri.pankov@nexenta.com>
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/cmd/praudit/toktable.h
+++ new/usr/src/cmd/praudit/toktable.h
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * The contents of this file are subject to the terms of the
5 5 * Common Development and Distribution License (the "License").
6 6 * You may not use this file except in compliance with the License.
7 7 *
8 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 9 * or http://www.opensolaris.org/os/licensing.
10 10 * See the License for the specific language governing permissions
11 11 * and limitations under the License.
12 12 *
13 13 * When distributing Covered Code, include this CDDL HEADER in each
|
↓ open down ↓ |
13 lines elided |
↑ open up ↑ |
14 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 15 * If applicable, add the following below this CDDL HEADER, with the
16 16 * fields enclosed by brackets "[]" replaced with your own identifying
17 17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 18 *
19 19 * CDDL HEADER END
20 20 */
21 21 /*
22 22 * Copyright 2010 Sun Microsystems, Inc. All rights reserved.
23 23 * Use is subject to license terms.
24 + *
25 + * Copyright 2018 Nexenta Systems, Inc. All rights reserved.
24 26 */
25 27
26 28 #ifndef _TOKTABLE_H
27 29 #define _TOKTABLE_H
28 30
29 31 #ifdef __cplusplus
30 32 extern "C" {
31 33 #endif
32 34
33 35 /*
34 36 * Solaris Audit Token Table.
35 37 */
36 38
37 39 typedef struct token_desc {
38 40 char *t_name; /* name of the token */
39 41 char *t_tagname; /* tag name */
40 42 int (*func)(); /* token processing function */
41 43 short t_type; /* token or tag type */
42 44 } token_desc_t;
43 45
44 46
45 47 #define NOFUNC (int (*)())0
46 48
47 49 #define MAXTOKEN 0xff
48 50
49 51 extern token_desc_t tokentable[];
50 52
51 53 /*
52 54 * Tag types -
53 55 *
54 56 * attribute: an attribute:
55 57 * xxx="..."
56 58 *
57 59 * element: a simple element:
58 60 * <xxx> ... </xxx>
59 61 *
60 62 * enclosed: a self contained element, optionally with attributes:
61 63 * <xxx a="" b="" ... />
62 64 *
63 65 * extended: an element with attributes:
64 66 * <xxx a="" b="" ...> ... </xxx>
65 67 */
66 68 #define T_ATTRIBUTE 1 /* attribute */
67 69 #define T_ELEMENT 2 /* element */
68 70 #define T_ENCLOSED 3 /* enclosed element */
69 71 #define T_EXTENDED 4 /* extended element */
70 72 #define T_UNKNOWN 99 /* huh... */
71 73
72 74 /*
73 75 * Define the kinds of tags
74 76 */
75 77 enum tagnum_t { TAG_INVALID = MAXTOKEN,
76 78 TAG_UID,
77 79 TAG_GID,
78 80 TAG_RUID,
79 81 TAG_RGID,
80 82 TAG_AUID,
81 83 TAG_PID,
82 84 TAG_SID,
83 85 TAG_TID32,
84 86 TAG_TID64,
85 87 TAG_TID32_EX,
86 88 TAG_TID64_EX,
87 89 TAG_EVMOD,
88 90 TAG_TOKVERS,
89 91 TAG_EVTYPE,
90 92 TAG_ISO,
91 93 TAG_ERRVAL,
92 94 TAG_RETVAL,
93 95 TAG_SETTYPE,
94 96 TAG_GROUPID,
95 97 TAG_XID,
96 98 TAG_XCUID,
97 99 TAG_XSELTEXT,
98 100 TAG_XSELTYPE,
99 101 TAG_XSELDATA,
100 102 TAG_ARGNUM,
101 103 TAG_ARGVAL32,
102 104 TAG_ARGVAL64,
103 105 TAG_ARGDESC,
104 106 TAG_MODE,
105 107 TAG_FSID,
106 108 TAG_NODEID32,
107 109 TAG_NODEID64,
108 110 TAG_DEVICE32,
109 111 TAG_DEVICE64,
110 112 TAG_SEQNUM, /* with sequence token */
111 113 TAG_ARGV, /* with cmd token */
112 114 TAG_ARGE, /* with cmd token */
113 115 TAG_ARG, /* with exec_args token */
114 116 TAG_ENV, /* with exec_env token */
115 117 TAG_XAT, /* with attr_path token */
116 118 TAG_RESULT, /* with use_of_privilege token */
117 119 TAG_CUID, /* with IPC_perm token */
118 120 TAG_CGID, /* with IPC_perm token */
119 121 TAG_SEQ, /* with IPC_perm token */
120 122 TAG_KEY, /* with IPC_perm token */
121 123 TAG_IPVERS, /* with ip token */
122 124 TAG_IPSERV, /* with ip token */
123 125 TAG_IPLEN, /* with ip token */
124 126 TAG_IPID, /* with ip token */
125 127 TAG_IPOFFS, /* with ip token */
126 128 TAG_IPTTL, /* with ip token */
127 129 TAG_IPPROTO, /* with ip token */
128 130 TAG_IPCKSUM, /* with ip token */
129 131 TAG_IPSRC, /* with ip token */
130 132 TAG_IPDEST, /* with ip token */
131 133 TAG_ACLTYPE, /* with acl token */
132 134 TAG_ACLVAL, /* with acl token */
133 135 TAG_SOCKTYPE, /* with socket token */
134 136 TAG_SOCKPORT, /* with socket token */
135 137 TAG_SOCKADDR, /* with socket token */
136 138 TAG_SOCKEXDOM, /* with socket_ex token */
137 139 TAG_SOCKEXTYPE, /* with socket_ex token */
138 140 TAG_SOCKEXLPORT, /* with socket_ex token */
139 141 TAG_SOCKEXLADDR, /* with socket_ex token */
140 142 TAG_SOCKEXFPORT, /* with socket_ex token */
141 143 TAG_SOCKEXFADDR, /* with socket_ex token */
142 144 TAG_IPCTYPE, /* with IPC token */
143 145 TAG_IPCID, /* with IPC token */
144 146 TAG_ARBPRINT, /* with arbitrary (data) token */
145 147 TAG_ARBTYPE, /* with arbitrary (data) token */
146 148 TAG_ARBCOUNT, /* with arbitrary (data) token */
147 149 TAG_HOSTID, /* with extended header token */
148 150 TAG_ZONENAME, /* with zonename token */
|
↓ open down ↓ |
115 lines elided |
↑ open up ↑ |
149 151 TAG_TID_TYPE, /* with tid token */
150 152 TAG_IP, /* with tid token, type=ip */
151 153 TAG_IP_LOCAL, /* with tid token, type=ip */
152 154 TAG_IP_REMOTE, /* with tid token, type=ip */
153 155 TAG_IP_ADR, /* with tid token, type=ip */
154 156 TAG_ACEMASK, /* with ace token */
155 157 TAG_ACEFLAGS, /* with ace token */
156 158 TAG_ACETYPE, /* with ace token */
157 159 TAG_ACEID, /* with ace token */
158 160 TAG_USERNAME, /* with user token */
161 + TAG_WSID, /* with wsid token */
159 162 MAXTAG
160 163 };
161 164
162 165
163 166 /*
164 167 * These tokens are the same for all versions of Solaris
165 168 */
166 169
167 170 /*
168 171 * Control tokens
169 172 */
170 173
171 174 extern int file_token();
172 175 extern int trailer_token();
173 176 extern int header_token();
174 177 extern int header32_ex_token();
175 178
176 179 /*
177 180 * Data tokens
178 181 */
179 182
180 183 extern int arbitrary_data_token();
181 184 extern int fmri_token();
182 185 extern int s5_IPC_token();
183 186 extern int path_token();
184 187 extern int path_attr_token();
185 188 extern int subject32_token();
186 189 extern int process32_token();
187 190 extern int return_value32_token();
188 191 extern int text_token();
189 192 extern int opaque_token();
190 193 extern int ip_addr_token();
191 194 extern int ip_token();
192 195 extern int iport_token();
193 196 extern int argument32_token();
194 197 extern int socket_token();
195 198 extern int sequence_token();
196 199
197 200 /*
198 201 * Modifier tokens
199 202 */
200 203
201 204 extern int acl_token();
202 205 extern int ace_token();
203 206 extern int attribute_token();
204 207 extern int s5_IPC_perm_token();
205 208 extern int group_token();
206 209 extern int label_token();
207 210 extern int privilege_token();
208 211 extern int useofpriv_token();
209 212 extern int liaison_token();
210 213 extern int newgroup_token();
211 214 extern int exec_args_token();
212 215 extern int exec_env_token();
213 216 extern int attribute32_token();
214 217 extern int useofauth_token();
215 218 extern int user_token();
216 219 extern int zonename_token();
217 220 extern int secflags_token();
218 221
219 222 /*
220 223 * X windows tokens
221 224 */
222 225
223 226 extern int xatom_token();
224 227 extern int xselect_token();
225 228 extern int xcolormap_token();
226 229 extern int xcursor_token();
227 230 extern int xfont_token();
228 231 extern int xgc_token();
229 232 extern int xpixmap_token();
230 233 extern int xproperty_token();
231 234 extern int xwindow_token();
232 235 extern int xclient_token();
233 236
234 237 /*
235 238 * Command tokens
236 239 */
237 240
238 241 extern int cmd_token();
239 242 extern int exit_token();
240 243
241 244 /*
242 245 * Miscellaneous tokens
243 246 */
244 247
245 248 extern int host_token();
246 249
247 250 /*
248 251 * Solaris64 tokens
249 252 */
250 253
251 254 extern int argument64_token();
252 255 extern int return_value64_token();
253 256 extern int attribute64_token();
254 257 extern int header64_token();
255 258 extern int subject64_token();
256 259 extern int process64_token();
257 260 extern int file64_token();
258 261
259 262 /*
260 263 * Extended network address tokens
261 264 */
|
↓ open down ↓ |
93 lines elided |
↑ open up ↑ |
262 265
263 266 extern int header64_ex_token();
264 267 extern int subject32_ex_token();
265 268 extern int process32_ex_token();
266 269 extern int subject64_ex_token();
267 270 extern int process64_ex_token();
268 271 extern int ip_addr_ex_token();
269 272 extern int socket_ex_token();
270 273 extern int tid_token();
271 274
275 +extern int access_mask_token();
276 +extern int wsid_token();
272 277 #ifdef __cplusplus
273 278 }
274 279 #endif
275 280
276 281 #endif /* _TOKTABLE_H */
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX