contrib/openbsm/tools/audump.c

   1 /*-
   2  * Copyright (c) 2005-2009 Robert N. M. Watson
   3  * All rights reserved.
   4  *
   5  * Redistribution and use in source and binary forms, with or without
   6  * modification, are permitted provided that the following conditions
   7  * are met:
   8  * 1. Redistributions of source code must retain the above copyright
   9  *    notice, this list of conditions and the following disclaimer.
  10  * 2. Redistributions in binary form must reproduce the above copyright
  11  *    notice, this list of conditions and the following disclaimer in the
  12  *    documentation and/or other materials provided with the distribution.
  13  *
  14  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
  15  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  16  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  17  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
  18  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  19  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  20  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  21  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  22  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  23  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  24  * SUCH DAMAGE.
  25  *
  26  * $P4: //depot/projects/trustedbsd/openbsm/tools/audump.c#9 $
  27  */
  28
  29 #include <bsm/libbsm.h>
  30 #include <string.h>
  31 #include <err.h>
  32 #include <limits.h>
  33 #include <stdio.h>
  34 #include <stdlib.h>
  35
  36 /*
  37  * Simple tool to dump various /etc/security databases using the defined APIs.
  38  */
  39
  40 static void
  41 usage(void)
  42 {
  43
  44         fprintf(stderr, "usage: audump [class|class_r|control|event|event_r|"
  45             "user|user_r]\n");
  46         exit(-1);
  47 }
  48
  49 static void
  50 audump_class(void)
  51 {
  52         au_class_ent_t *cp;
  53
  54         while ((cp = getauclassent()) != NULL)
  55                 printf("0x%08x:%s:%s\n", cp->ac_class, cp->ac_name,
  56                     cp->ac_desc);
  57 }
  58
  59 static void
  60 audump_class_r(void)
  61 {
  62         char class_ent_name[AU_CLASS_NAME_MAX];
  63         char class_ent_desc[AU_CLASS_DESC_MAX];
  64         au_class_ent_t c, *cp;
  65
  66         bzero(&c, sizeof(c));
  67         bzero(class_ent_name, sizeof(class_ent_name));
  68         bzero(class_ent_desc, sizeof(class_ent_desc));
  69         c.ac_name = class_ent_name;
  70         c.ac_desc = class_ent_desc;
  71
  72         while ((cp = getauclassent_r(&c)) != NULL)
  73                 printf("0x%08x:%s:%s\n", cp->ac_class, cp->ac_name,
  74                     cp->ac_desc);
  75 }
  76
  77 static void
  78 audump_control(void)
  79 {
  80         char string[PATH_MAX], string2[PATH_MAX];
  81         int ret, val;
  82         long policy;
  83         time_t age;
  84         size_t size;
  85
  86         ret = getacflg(string, PATH_MAX);
  87         if (ret == -2)
  88                 err(-1, "getacflg");
  89         if (ret != 0)
  90                 errx(-1, "getacflg: %d", ret);
  91
  92         printf("flags:%s\n", string);
  93
  94         ret = getacmin(&val);
  95         if (ret == -2)
  96                 err(-1, "getacmin");
  97         if (ret != 0)
  98                 errx(-1, "getacmin: %d", ret);
  99
 100         printf("min:%d\n", val);
 101
 102         ret = getacna(string, PATH_MAX);
 103         if (ret == -2)
 104                 err(-1, "getacna");
 105         if (ret != 0)
 106                 errx(-1, "getacna: %d", ret);
 107
 108         printf("naflags:%s\n", string);
 109
 110         setac();
 111         do {
 112                 ret = getacdir(string, PATH_MAX);
 113                 if (ret == -1)
 114                         break;
 115                 if (ret == -2)
 116                         err(-1, "getacdir");
 117                 if (ret != 0)
 118                         errx(-1, "getacdir: %d", ret);
 119                 printf("dir:%s\n", string);
 120
 121         } while (ret == 0);
 122
 123         ret = getacpol(string, PATH_MAX);
 124         if (ret != 0)
 125                 err(-1, "getacpol");
 126         if (au_strtopol(string, &policy) < 0)
 127                 err(-1, "au_strtopol");
 128         if (au_poltostr(policy, PATH_MAX, string2) < 0)
 129                 err(-1, "au_poltostr");
 130         printf("policy:%s\n", string2);
 131
 132         ret = getacfilesz(&size);
 133         if (ret == -2)
 134                 err(-1, "getacfilesz");
 135         if (ret != 0)
 136                 err(-1, "getacfilesz: %d", ret);
 137
 138         printf("filesz:%ldB\n", size);
 139
 140
 141         ret = getachost(string, PATH_MAX);
 142         if (ret == -2)
 143                 err(-1, "getachost");
 144         if (ret == -3)
 145                 err(-1, "getachost: %d", ret);
 146         if (ret == 0 && ret != 1)
 147                 printf("host:%s\n", string);
 148
 149         ret = getacexpire(&val, &age, &size);
 150         if (ret == -2)
 151                 err(-1, "getacexpire");
 152         if (ret == -1)
 153                 err(-1, "getacexpire: %d", ret);
 154         if (ret == 0 && ret != 1)
 155                 printf("expire-after:%ldB  %s %lds\n", size,
 156                     val ? "AND" : "OR", age);
 157 }
 158
 159 static void
 160 printf_classmask(au_class_t classmask)
 161 {
 162         au_class_ent_t *c;
 163         u_int32_t i;
 164         int first;
 165
 166         first = 1;
 167         for (i = 0; i < 32; i++) {
 168                 if (classmask & (1 << i)) {
 169                         if (first)
 170                                 first = 0;
 171                         else
 172                                 printf(",");
 173                         c = getauclassnum(1 << i);
 174                         if (c != NULL)
 175                                 printf("%s", c->ac_name);
 176                         else
 177                                 printf("0x%x", 1 << i);
 178                 }
 179         }
 180 }
 181
 182 static void
 183 audump_event(void)
 184 {
 185         au_event_ent_t *ep;
 186
 187         while ((ep = getauevent()) != NULL) {
 188                 printf("%d:%s:%s:", ep->ae_number, ep->ae_name, ep->ae_desc);
 189                 printf_classmask(ep->ae_class);
 190                 printf("\n");
 191         }
 192 }
 193
 194 static void
 195 audump_event_r(void)
 196 {
 197         char event_ent_name[AU_EVENT_NAME_MAX];
 198         char event_ent_desc[AU_EVENT_DESC_MAX];
 199         au_event_ent_t e, *ep;
 200
 201         bzero(&e, sizeof(e));
 202         bzero(event_ent_name, sizeof(event_ent_name));
 203         bzero(event_ent_desc, sizeof(event_ent_desc));
 204         e.ae_name = event_ent_name;
 205         e.ae_desc = event_ent_desc;
 206
 207         while ((ep = getauevent_r(&e)) != NULL) {
 208                 printf("%d:%s:%s:", ep->ae_number, ep->ae_name, ep->ae_desc);
 209                 printf_classmask(ep->ae_class);
 210                 printf("\n");
 211         }
 212 }
 213
 214 static void
 215 audump_user(void)
 216 {
 217         au_user_ent_t *up;
 218
 219         while ((up = getauuserent()) != NULL) {
 220                 printf("%s:", up->au_name);
 221                 // printf_classmask(up->au_always);
 222                 printf(":");
 223                 // printf_classmask(up->au_never);
 224                 printf("\n");
 225         }
 226 }
 227
 228 static void
 229 audump_user_r(void)
 230 {
 231         char user_ent_name[AU_USER_NAME_MAX];
 232         au_user_ent_t u, *up;
 233
 234         bzero(&u, sizeof(u));
 235         bzero(user_ent_name, sizeof(user_ent_name));
 236         u.au_name = user_ent_name;
 237
 238         while ((up = getauuserent_r(&u)) != NULL) {
 239                 printf("%s:", up->au_name);
 240                 // printf_classmask(up->au_always);
 241                 printf(":");
 242                 // printf_classmask(up->au_never);
 243                 printf("\n");
 244         }
 245 }
 246
 247 int
 248 main(int argc, char *argv[])
 249 {
 250
 251         if (argc != 2)
 252                 usage();
 253
 254         if (strcmp(argv[1], "class") == 0)
 255                 audump_class();
 256         else if (strcmp(argv[1], "class_r") == 0)
 257                 audump_class_r();
 258         else if (strcmp(argv[1], "control") == 0)
 259                 audump_control();
 260         else if (strcmp(argv[1], "event") == 0)
 261                 audump_event();
 262         else if (strcmp(argv[1], "event_r") == 0)
 263                 audump_event_r();
 264         else if (strcmp(argv[1], "user") == 0)
 265                 audump_user();
 266         else if (strcmp(argv[1], "user_r") == 0)
 267                 audump_user_r();
 268         else
 269                 usage();
 270
 271         return (0);
 272 }