|
Lines 51-56
Link Here
|
| 51 |
*/ |
51 |
*/ |
| 52 |
static au_tid_t tid; |
52 |
static au_tid_t tid; |
| 53 |
|
53 |
|
|
|
54 |
/* returns -1 on failure, 0 on success */ |
| 55 |
static int |
| 56 |
get_pwd(uid_t *uid, gid_t *gid) |
| 57 |
{ |
| 58 |
if (pwd == NULL) |
| 59 |
return(-1); |
| 60 |
*uid = pwd->pw_uid; |
| 61 |
*gid = pwd->pw_gid; |
| 62 |
return(0); |
| 63 |
} |
| 64 |
|
| 54 |
/* |
65 |
/* |
| 55 |
* The following tokens are included in the audit record for a successful |
66 |
* The following tokens are included in the audit record for a successful |
| 56 |
* login: header, subject, return. |
67 |
* login: header, subject, return. |
|
Lines 62-72
Link Here
|
| 62 |
int aufd; |
73 |
int aufd; |
| 63 |
au_mask_t aumask; |
74 |
au_mask_t aumask; |
| 64 |
auditinfo_t auinfo; |
75 |
auditinfo_t auinfo; |
| 65 |
uid_t uid = pwd->pw_uid; |
76 |
uid_t uid; |
| 66 |
gid_t gid = pwd->pw_gid; |
77 |
gid_t gid; |
| 67 |
pid_t pid = getpid(); |
78 |
pid_t pid = getpid(); |
| 68 |
long au_cond; |
79 |
long au_cond; |
| 69 |
|
80 |
|
|
|
81 |
if (get_pwd(&uid, &gid) == -1) |
| 82 |
return; |
| 83 |
|
| 70 |
/* If we are not auditing, don't cut an audit record; just return. */ |
84 |
/* If we are not auditing, don't cut an audit record; just return. */ |
| 71 |
if (auditon(A_GETCOND, &au_cond, sizeof(long)) < 0) { |
85 |
if (auditon(A_GETCOND, &au_cond, sizeof(long)) < 0) { |
| 72 |
if (errno == ENOSYS) |
86 |
if (errno == ENOSYS) |
|
Lines 140-147
Link Here
|
| 140 |
errx(1, "login: Audit Error: au_to_subject32() failed"); |
154 |
errx(1, "login: Audit Error: au_to_subject32() failed"); |
| 141 |
} else { |
155 |
} else { |
| 142 |
/* We know the subject -- so use its value instead. */ |
156 |
/* We know the subject -- so use its value instead. */ |
| 143 |
uid = pwd->pw_uid; |
157 |
if (get_pwd(&uid, &gid) == -1) |
| 144 |
gid = pwd->pw_gid; |
158 |
errx(1, "login: Audit Error: au_to_subject32() failed"); |
| 145 |
if ((tok = au_to_subject32(uid, geteuid(), getegid(), uid, |
159 |
if ((tok = au_to_subject32(uid, geteuid(), getegid(), uid, |
| 146 |
gid, pid, pid, &tid)) == NULL) |
160 |
gid, pid, pid, &tid)) == NULL) |
| 147 |
errx(1, "login: Audit Error: au_to_subject32() failed"); |
161 |
errx(1, "login: Audit Error: au_to_subject32() failed"); |
|
Lines 172-181
Link Here
|
| 172 |
int aufd; |
186 |
int aufd; |
| 173 |
au_mask_t aumask; |
187 |
au_mask_t aumask; |
| 174 |
auditinfo_t auinfo; |
188 |
auditinfo_t auinfo; |
| 175 |
uid_t uid = pwd->pw_uid; |
189 |
uid_t uid; |
| 176 |
gid_t gid = pwd->pw_gid; |
190 |
gid_t gid; |
| 177 |
pid_t pid = getpid(); |
191 |
pid_t pid = getpid(); |
| 178 |
long au_cond; |
192 |
long au_cond; |
|
|
193 |
|
| 194 |
if (get_pwd(&uid, &gid) == -1) |
| 195 |
return; |
| 179 |
|
196 |
|
| 180 |
/* If we are not auditing, don't cut an audit record; just return. */ |
197 |
/* If we are not auditing, don't cut an audit record; just return. */ |
| 181 |
if (auditon(A_GETCOND, &au_cond, sizeof(long)) < 0) { |
198 |
if (auditon(A_GETCOND, &au_cond, sizeof(long)) < 0) { |