Print this page
NEX-13644 File access audit logging
Reviewed by: Gordon Ross <gordon.ross@nexenta.com>
Reviewed by: Roman Strashkin <roman.strashkin@nexenta.com>
Reviewed by: Saso Kiselkov <saso.kiselkov@nexenta.com>
Reviewed by: Rick McNeal <rick.mcneal@nexenta.com>
Reviewed by: Yuri Pankov <yuri.pankov@nexenta.com>
@@ -19,10 +19,12 @@
* CDDL HEADER END
*/
/*
* Copyright 2008 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
+ *
+ * Copyright 2018 Nexenta Systems, Inc. All rights reserved.
*/
/*
* Support routines for building audit records.
*/
@@ -50,10 +52,11 @@
#include <sys/vmparam.h> /* for USRSTACK/USRSTACK32 */
#include <sys/vfs.h> /* for sonode */
#include <sys/socketvar.h> /* for sonode */
#include <sys/zone.h>
#include <sys/tsol/label.h>
+#include <sys/cmn_err.h>
/*
* These are the control tokens
*/
@@ -603,10 +606,40 @@
return (token);
}
/*
+ * au_to_path_string
+ * returns:
+ * pointer to au_membuf chain containing a path token.
+ */
+token_t *
+au_to_path_string(const char *path)
+{
+ token_t *token; /* local au_membuf */
+ adr_t adr; /* adr memory stream header */
+ char data_header = AUT_PATH; /* header for this token */
+ short bytes; /* length of string */
+
+ bytes = strlen(path) + 1;
+
+ /*
+ * generate path token header
+ */
+ token = au_getclr();
+ adr_start(&adr, memtod(token, char *));
+ adr_char(&adr, &data_header, 1);
+ adr_short(&adr, &bytes, 1);
+ token->len = adr_count(&adr);
+
+ /* append path string */
+ (void) au_append_buf(path, bytes, token);
+
+ return (token);
+}
+
+/*
* au_to_ipc
* returns:
* pointer to au_membuf chain containing a System V IPC token.
*/
token_t *
@@ -1202,6 +1235,50 @@
adr_char(&adr, (char *)label, sizeof (_mac_label_impl_t));
m->len = adr_count(&adr);
return (m);
+}
+
+token_t *
+au_to_access_mask(uint32_t access)
+{
+ token_t *m; /* local au_membuf */
+ adr_t adr; /* adr memory stream header */
+ char data_header = AUT_ACCESS_MASK; /* header for this token */
+
+ m = au_getclr();
+
+ adr_start(&adr, memtod(m, char *));
+ adr_char(&adr, &data_header, 1);
+
+ adr_uint32(&adr, &access, 1);
+
+ m->len = adr_count(&adr);
+ return (m);
+}
+
+token_t *
+au_to_wsid(ksid_t *ks)
+{
+ token_t *token; /* local au_membuf */
+ adr_t adr; /* adr memory stream header */
+ char data_header = AUT_WSID; /* header for this token */
+ short bytes; /* length of string */
+ char sidbuf[256]; /* SMB_SID_STRSZ */
+
+ sidbuf[0] = '\0';
+ (void) snprintf(sidbuf, sizeof (sidbuf), "%s-%u",
+ ksid_getdomain(ks), ksid_getrid(ks));
+
+ token = au_getclr();
+
+ bytes = (short)strlen(sidbuf) + 1;
+ adr_start(&adr, memtod(token, char *));
+ adr_char(&adr, &data_header, 1);
+ adr_short(&adr, &bytes, 1);
+
+ token->len = (char)adr_count(&adr);
+ (void) au_append_buf(sidbuf, bytes, token);
+
+ return (token);
}