2 * Copyright (c) 2005-2009 Robert N. M. Watson
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27 #include <bsm/libbsm.h>
35 * Simple tool to dump various /etc/security databases using the defined APIs.
42 fprintf(stderr, "usage: audump [class|class_r|control|event|event_r|"
52 while ((cp = getauclassent()) != NULL)
53 printf("0x%08x:%s:%s\n", cp->ac_class, cp->ac_name,
60 char class_ent_name[AU_CLASS_NAME_MAX];
61 char class_ent_desc[AU_CLASS_DESC_MAX];
62 au_class_ent_t c, *cp;
65 bzero(class_ent_name, sizeof(class_ent_name));
66 bzero(class_ent_desc, sizeof(class_ent_desc));
67 c.ac_name = class_ent_name;
68 c.ac_desc = class_ent_desc;
70 while ((cp = getauclassent_r(&c)) != NULL)
71 printf("0x%08x:%s:%s\n", cp->ac_class, cp->ac_name,
78 char string[PATH_MAX], string2[PATH_MAX];
84 ret = getacflg(string, PATH_MAX);
88 errx(-1, "getacflg: %d", ret);
90 printf("flags:%s\n", string);
96 errx(-1, "getacmin: %d", ret);
98 printf("min:%d\n", val);
100 ret = getacna(string, PATH_MAX);
104 errx(-1, "getacna: %d", ret);
106 printf("naflags:%s\n", string);
110 ret = getacdir(string, PATH_MAX);
116 errx(-1, "getacdir: %d", ret);
117 printf("dir:%s\n", string);
121 ret = getacpol(string, PATH_MAX);
124 if (au_strtopol(string, &policy) < 0)
125 err(-1, "au_strtopol");
126 if (au_poltostr(policy, PATH_MAX, string2) < 0)
127 err(-1, "au_poltostr");
128 printf("policy:%s\n", string2);
130 ret = getacfilesz(&size);
132 err(-1, "getacfilesz");
134 err(-1, "getacfilesz: %d", ret);
136 printf("filesz:%ldB\n", size);
139 ret = getachost(string, PATH_MAX);
141 err(-1, "getachost");
143 err(-1, "getachost: %d", ret);
144 if (ret == 0 && ret != 1)
145 printf("host:%s\n", string);
147 ret = getacexpire(&val, &age, &size);
149 err(-1, "getacexpire");
151 err(-1, "getacexpire: %d", ret);
152 if (ret == 0 && ret != 1)
153 printf("expire-after:%ldB %s %lds\n", size,
154 val ? "AND" : "OR", age);
158 printf_classmask(au_class_t classmask)
165 for (i = 0; i < 32; i++) {
166 if (classmask & (1 << i)) {
171 c = getauclassnum(1 << i);
173 printf("%s", c->ac_name);
175 printf("0x%x", 1 << i);
185 while ((ep = getauevent()) != NULL) {
186 printf("%d:%s:%s:", ep->ae_number, ep->ae_name, ep->ae_desc);
187 printf_classmask(ep->ae_class);
195 char event_ent_name[AU_EVENT_NAME_MAX];
196 char event_ent_desc[AU_EVENT_DESC_MAX];
197 au_event_ent_t e, *ep;
199 bzero(&e, sizeof(e));
200 bzero(event_ent_name, sizeof(event_ent_name));
201 bzero(event_ent_desc, sizeof(event_ent_desc));
202 e.ae_name = event_ent_name;
203 e.ae_desc = event_ent_desc;
205 while ((ep = getauevent_r(&e)) != NULL) {
206 printf("%d:%s:%s:", ep->ae_number, ep->ae_name, ep->ae_desc);
207 printf_classmask(ep->ae_class);
217 while ((up = getauuserent()) != NULL) {
218 printf("%s:", up->au_name);
219 // printf_classmask(up->au_always);
221 // printf_classmask(up->au_never);
229 char user_ent_name[AU_USER_NAME_MAX];
230 au_user_ent_t u, *up;
232 bzero(&u, sizeof(u));
233 bzero(user_ent_name, sizeof(user_ent_name));
234 u.au_name = user_ent_name;
236 while ((up = getauuserent_r(&u)) != NULL) {
237 printf("%s:", up->au_name);
238 // printf_classmask(up->au_always);
240 // printf_classmask(up->au_never);
246 main(int argc, char *argv[])
252 if (strcmp(argv[1], "class") == 0)
254 else if (strcmp(argv[1], "class_r") == 0)
256 else if (strcmp(argv[1], "control") == 0)
258 else if (strcmp(argv[1], "event") == 0)
260 else if (strcmp(argv[1], "event_r") == 0)
262 else if (strcmp(argv[1], "user") == 0)
264 else if (strcmp(argv[1], "user_r") == 0)