Print this page
NEX-13644 File access audit logging
Reviewed by: Gordon Ross <gordon.ross@nexenta.com>
Reviewed by: Roman Strashkin <roman.strashkin@nexenta.com>
Reviewed by: Saso Kiselkov <saso.kiselkov@nexenta.com>
Reviewed by: Rick McNeal <rick.mcneal@nexenta.com>
Reviewed by: Yuri Pankov <yuri.pankov@nexenta.com>
@@ -18,10 +18,11 @@
*
* CDDL HEADER END
*/
/*
* Copyright (c) 1992, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright 2018 Nexenta Systems, Inc. All rights reserved.
*/
/*
* This file contains the declarations of the various data structures
* used by the auditing module(s).
@@ -488,10 +489,11 @@
extern "C" {
#endif
struct fcntla;
struct t_audit_data;
+struct t_audit_sacl;
struct audit_path;
struct priv_set;
struct devplcysys;
struct auditcalls {
@@ -545,10 +547,12 @@
int audit_async_start(label_t *, au_event_t, int);
void audit_async_finish(caddr_t *, au_event_t, au_emod_t, timestruc_t *);
void audit_async_discard_backend(void *);
void audit_async_done(caddr_t *, int);
void audit_async_drop(caddr_t *, int);
+void audit_sacl(char *, cred_t *, uint32_t, boolean_t,
+ struct t_audit_sacl *);
#ifndef AUK_CONTEXT_T
#define AUK_CONTEXT_T
typedef struct au_kcontext au_kcontext_t;
#endif
@@ -575,17 +579,21 @@
*/
#define AU_ZONE_AUDITING(zcontext) \
(audit_active == C2AUDIT_LOADED && \
((AU_AUDIT_MASK) & au_zone_getstate((zcontext))))
+#define AU_AUDIT_PERZONE() \
+ ((audit_policy & AUDIT_PERZONE) != 0)
+
/*
* Get auditing status
*/
#define AU_AUDITING() (audit_getstate())
int audit_success(au_kcontext_t *, struct t_audit_data *, int, cred_t *);
int auditme(au_kcontext_t *, struct t_audit_data *, au_state_t);
+int auditev(au_event_t, cred_t *);
void audit_fixpath(struct audit_path *, int);
void audit_ipc(int, int, void *);
void audit_ipcget(int, void *);
void audit_fdsend(int, struct file *, int);
void audit_fdrecv(int, struct file *);