Mercurial > illumos > illumos-gate
changeset 5319:9240c6b7b6bd
6549682 uadmin audit records are no longer generated for the global zone
6608684 $SRC/lib/libbsm/common/audit_private.h has definitions for removed interfaces.
6611462 libbsm's adt_to_text() incorrectly handles message lists
6617501 auditxml may produce too long lines in adt_event.h for message lists
6617877 adt.xml should explain how to add a msg list
author | tz204579 |
---|---|
date | Wed, 24 Oct 2007 13:35:35 -0700 |
parents | 277236bdbcdc |
children | 43bde2b01a59 |
files | deleted_files/usr/src/lib/libbsm/common/audit_uadmin.c usr/src/cmd/bsmrecord/audit_record_attr.txt usr/src/cmd/uadmin/Makefile usr/src/cmd/uadmin/uadmin.c usr/src/lib/auditd_plugins/binfile/binfile.c usr/src/lib/libbsm/Makefile.com usr/src/lib/libbsm/audit_event.txt usr/src/lib/libbsm/auditxml usr/src/lib/libbsm/common/adt.xml usr/src/lib/libbsm/common/adt_token.c usr/src/lib/libbsm/common/adt_xlate.h usr/src/lib/libbsm/common/audit_private.h usr/src/lib/libbsm/common/audit_uadmin.c usr/src/lib/libbsm/common/mapfile-vers usr/src/tools/abi/etc/ABI_i386.db usr/src/tools/abi/etc/ABI_sparc.db |
diffstat | 16 files changed, 509 insertions(+), 250 deletions(-) [+] |
line wrap: on
line diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/deleted_files/usr/src/lib/libbsm/common/audit_uadmin.c Wed Oct 24 13:35:35 2007 -0700 @@ -0,0 +1,136 @@ +/* + * CDDL HEADER START + * + * The contents of this file are subject to the terms of the + * Common Development and Distribution License, Version 1.0 only + * (the "License"). You may not use this file except in compliance + * with the License. + * + * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE + * or http://www.opensolaris.org/os/licensing. + * See the License for the specific language governing permissions + * and limitations under the License. + * + * When distributing Covered Code, include this CDDL HEADER in each + * file and include the License file at usr/src/OPENSOLARIS.LICENSE. + * If applicable, add the following below this CDDL HEADER, with the + * fields enclosed by brackets "[]" replaced with your own identifying + * information: Portions Copyright [yyyy] [name of copyright owner] + * + * CDDL HEADER END + */ +/* + * Copyright 2003 Sun Microsystems, Inc. All rights reserved. + * Use is subject to license terms. + */ +#pragma ident "%Z%%M% %I% %E% SMI" + +#include <sys/types.h> +#include <stdio.h> +#include <unistd.h> +#include <sys/fcntl.h> +#include <bsm/audit.h> +#include <bsm/audit_record.h> +#include <bsm/audit_uevents.h> +#include <bsm/libbsm.h> +#include <bsm/audit_private.h> +#include <stdlib.h> +#include <string.h> +#include <syslog.h> +#include <netinet/in.h> +#include <generic.h> + +#ifdef C2_DEBUG +#define dprintf(x) {printf x; } +#else +#define dprintf(x) +#endif + +static char **gargv; +static int save_afunc(); + +static int audit_uadmin_generic(int); + +/* ARGSUSED */ +int +audit_uadmin_setup(int argc, char **argv) +{ + dprintf(("audit_uadmin_setup()\n")); + + if (cannot_audit(0)) { + return (0); + } + gargv = argv; + + (void) aug_init(); + aug_save_event(AUE_uadmin_solaris); + (void) aug_save_me(); + aug_save_afunc(save_afunc); + return (0); +} + +static int +save_afunc(int ad) +{ + if (gargv && gargv[1]) + (void) au_write(ad, au_to_text(gargv[1])); + if (gargv && gargv[2]) + (void) au_write(ad, au_to_text(gargv[2])); + return (0); +} + +int +audit_uadmin_fail() +{ + return (audit_uadmin_generic(-1)); +} + +int +audit_uadmin_success() +{ + int res = 0; + + (void) audit_uadmin_generic(0); + + /* + * wait for audit daemon to put halt message onto audit trail + */ + if (!cannot_audit(0)) { + int cond = AUC_NOAUDIT; + int canaudit; + + (void) sleep(1); + + /* find out if audit daemon is running */ + (void) auditon(A_GETCOND, (caddr_t)&cond, + sizeof (cond)); + canaudit = ((cond == AUC_AUDITING) || (cond == AUC_NOSPACE)); + + /* turn off audit daemon and try to flush audit queue */ + if (canaudit && system("/usr/sbin/audit -t")) + res = -1; + + /* give a chance for syslogd to do the job */ + (void) sleep(5); + } + + return (res); +} + +int +audit_uadmin_generic(sorf) + int sorf; +{ + int r; + + dprintf(("audit_uadmin_generic(%d)\n", sorf)); + + if (cannot_audit(0)) { + return (0); + } + + aug_save_sorf(sorf); + r = aug_audit(); + + return (r); +}
--- a/usr/src/cmd/bsmrecord/audit_record_attr.txt Wed Oct 24 12:59:16 2007 -0700 +++ b/usr/src/cmd/bsmrecord/audit_record_attr.txt Wed Oct 24 13:35:35 2007 -0700 @@ -2301,9 +2301,10 @@ # code shows a third token, path, but it isn't implemented. label=AUE_uadmin_solaris - title=uadmin - program=/sbin/uadmin;/usr/sbin/uadmin + title=uadmin (obsolete) + program= + see= format=text1:text2 comment=function code:argument code -# See audit_uadmin.c +# not used. Replaced by AUE_uadmin_* events, see uadmin.c, adt.xml
--- a/usr/src/cmd/uadmin/Makefile Wed Oct 24 12:59:16 2007 -0700 +++ b/usr/src/cmd/uadmin/Makefile Wed Oct 24 13:35:35 2007 -0700 @@ -2,9 +2,8 @@ # CDDL HEADER START # # The contents of this file are subject to the terms of the -# Common Development and Distribution License, Version 1.0 only -# (the "License"). You may not use this file except in compliance -# with the License. +# Common Development and Distribution License (the "License"). +# You may not use this file except in compliance with the License. # # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE # or http://www.opensolaris.org/os/licensing. @@ -20,7 +19,7 @@ # CDDL HEADER END # # -# Copyright 1989,1999-2003 Sun Microsystems, Inc. All rights reserved. +# Copyright 2007 Sun Microsystems, Inc. All rights reserved. # Use is subject to license terms. # # ident "%Z%%M% %I% %E% SMI" @@ -33,7 +32,7 @@ OWNER = root GROUP = sys -LDLIBS += -lbsm +LDLIBS += -lbsm -lscf LINTFLAGS = -ux .KEEP_STATE:
--- a/usr/src/cmd/uadmin/uadmin.c Wed Oct 24 12:59:16 2007 -0700 +++ b/usr/src/cmd/uadmin/uadmin.c Wed Oct 24 13:35:35 2007 -0700 @@ -35,14 +35,18 @@ #include <unistd.h> #include <signal.h> #include <sys/uadmin.h> -#include <bsm/libbsm.h> +#include <bsm/adt.h> +#include <bsm/adt_event.h> +#include <libscf.h> +#include <strings.h> -#define SMF_RST "/etc/svc/volatile/resetting" +#define SMF_RST "/etc/svc/volatile/resetting" +#define AUDITD_FMRI "svc:/system/auditd:default" static const char *Usage = "Usage: %s cmd fcn [mdep]\n"; -extern int audit_uadmin_setup(int, char **); -extern int audit_uadmin_success(); +static int turnoff_auditd(); +static void wait_for_auqueue(); int main(int argc, char *argv[]) @@ -50,14 +54,16 @@ int cmd, fcn; uintptr_t mdep = NULL; sigset_t set; + adt_session_data_t *ah; /* audit session handle */ + adt_event_data_t *event = NULL; /* event to be generated */ + au_event_t event_id; + enum adt_uadmin_fcn fcn_id; if (argc < 3 || argc > 4) { (void) fprintf(stderr, Usage, argv[0]); return (1); } - (void) audit_uadmin_setup(argc, argv); - (void) sigfillset(&set); (void) sigprocmask(SIG_BLOCK, &set, NULL); @@ -75,8 +81,146 @@ } } + /* set up audit session and event */ + if (adt_start_session(&ah, NULL, ADT_USE_PROC_DATA) != 0) { + (void) fprintf(stderr, "%s: can't start audit session\n", + argv[0]); + } + switch (cmd) { + case A_SHUTDOWN: + event_id = ADT_uadmin_shutdown; + break; + case A_REBOOT: + event_id = ADT_uadmin_reboot; + break; + case A_DUMP: + event_id = ADT_uadmin_dump; + break; + case A_REMOUNT: + event_id = ADT_uadmin_remount; + break; + case A_FREEZE: + event_id = ADT_uadmin_freeze; + break; + case A_FTRACE: + event_id = ADT_uadmin_ftrace; + break; + case A_SWAPCTL: + event_id = ADT_uadmin_swapctl; + break; + default: + event_id = 0; + } + if ((event_id != 0) && + (event = adt_alloc_event(ah, event_id)) == NULL) { + (void) fprintf(stderr, "%s: can't allocate audit event\n", + argv[0]); + } + switch (fcn) { + case AD_HALT: + fcn_id = ADT_UADMIN_FCN_AD_HALT; + break; + case AD_POWEROFF: + fcn_id = ADT_UADMIN_FCN_AD_POWEROFF; + break; + case AD_BOOT: + fcn_id = ADT_UADMIN_FCN_AD_BOOT; + break; + case AD_IBOOT: + fcn_id = ADT_UADMIN_FCN_AD_IBOOT; + break; + case AD_SBOOT: + fcn_id = ADT_UADMIN_FCN_AD_SBOOT; + break; + case AD_SIBOOT: + fcn_id = ADT_UADMIN_FCN_AD_SIBOOT; + break; + case AD_NOSYNC: + fcn_id = ADT_UADMIN_FCN_AD_NOSYNC; + break; + default: + fcn_id = 0; + } + if (cmd == A_FREEZE) { + switch (fcn) { + case AD_SUSPEND_TO_DISK: + fcn_id = ADT_UADMIN_FCN_AD_SUSPEND_TO_DISK; + break; + case AD_CHECK_SUSPEND_TO_DISK: + fcn_id = ADT_UADMIN_FCN_AD_CHECK_SUSPEND_TO_DISK; + break; + case AD_FORCE: + fcn_id = ADT_UADMIN_FCN_AD_FORCE; + break; + case AD_SUSPEND_TO_RAM: + fcn_id = ADT_UADMIN_FCN_AD_SUSPEND_TO_RAM; + break; + case AD_CHECK_SUSPEND_TO_RAM: + fcn_id = ADT_UADMIN_FCN_AD_CHECK_SUSPEND_TO_RAM; + break; + case AD_REUSEINIT: + fcn_id = ADT_UADMIN_FCN_AD_REUSEINIT; + break; + case AD_REUSABLE: + fcn_id = ADT_UADMIN_FCN_AD_REUSABLE; + break; + case AD_REUSEFINI: + fcn_id = ADT_UADMIN_FCN_AD_REUSEFINI; + break; + } + } else if (cmd == A_FTRACE) { + switch (fcn) { + case AD_FTRACE_START: + fcn_id = ADT_UADMIN_FCN_AD_FTRACE_START; + break; + case AD_FTRACE_STOP: + fcn_id = ADT_UADMIN_FCN_AD_FTRACE_STOP; + break; + } + } + if (geteuid() == 0) { - if (audit_uadmin_success() == -1) + if (event != NULL) { + switch (cmd) { + case A_SHUTDOWN: + event->adt_uadmin_shutdown.fcn = fcn_id; + event->adt_uadmin_shutdown.mdep = (char *)mdep; + break; + case A_REBOOT: + event->adt_uadmin_reboot.fcn = fcn_id; + event->adt_uadmin_reboot.mdep = (char *)mdep; + break; + case A_DUMP: + event->adt_uadmin_dump.fcn = fcn_id; + event->adt_uadmin_dump.mdep = (char *)mdep; + break; + case A_REMOUNT: + /* no parameters */ + break; + case A_FREEZE: + event->adt_uadmin_freeze.fcn = fcn_id; + event->adt_uadmin_freeze.mdep = (char *)mdep; + break; + case A_FTRACE: + event->adt_uadmin_ftrace.fcn = fcn_id; + break; + case A_SWAPCTL: + event->adt_uadmin_swapctl.fcn = fcn_id; + break; + } + + if (adt_put_event(event, ADT_SUCCESS, 0) != 0) { + (void) fprintf(stderr, + "%s: can't put audit event\n", argv[0]); + } + /* + * allow audit record to be processed in the kernel + * audit queue + */ + wait_for_auqueue(); + } + + if (turnoff_auditd() == -1) (void) fprintf(stderr, "%s: can't turn off auditd\n", argv[0]); @@ -84,6 +228,9 @@ (void) creat(SMF_RST, 0777); } + (void) adt_free_event(event); + (void) adt_end_session(ah); + if (uadmin(cmd, fcn, mdep) < 0) { perror("uadmin"); @@ -94,3 +241,51 @@ return (0); } + +static int +turnoff_auditd() +{ + char *smf_state; + int rc = -1; + int retries = 15; + + if (smf_disable_instance(AUDITD_FMRI, SMF_TEMPORARY) != 0) { + (void) fprintf(stderr, "error disabling auditd: %s\n", + scf_strerror(scf_error())); + return (-1); + } + + /* wait for auditd to finish its work */ + do { + if ((smf_state = smf_get_state(AUDITD_FMRI)) == NULL) { + (void) fprintf(stderr, + "getting state of auditd failed: %s\n", + scf_strerror(scf_error())); + return (-1); + } + + if (strcmp(smf_state, SCF_STATE_STRING_DISABLED)) { + retries--; + (void) sleep(1); + } else { + rc = 0; + } + free(smf_state); + } while (rc && retries); + + return (rc); +} + +static void +wait_for_auqueue() +{ + au_stat_t au_stat; + int retries = 10; + + while (retries-- && auditon(A_GETSTAT, (caddr_t)&au_stat, NULL) == 0) { + if (au_stat.as_enqueue == au_stat.as_written) { + break; + } + (void) sleep(1); + } +}
--- a/usr/src/lib/auditd_plugins/binfile/binfile.c Wed Oct 24 12:59:16 2007 -0700 +++ b/usr/src/lib/auditd_plugins/binfile/binfile.c Wed Oct 24 13:35:35 2007 -0700 @@ -517,8 +517,10 @@ * newname is "" if binfile is being closed down. */ (void) write_file_token(currentdir->dl_fd, newname); - if (currentdir->dl_fd >= 0) + if (currentdir->dl_fd >= 0) { + (void) fsync(currentdir->dl_fd); (void) close(currentdir->dl_fd); + } currentdir->dl_fd = -1; (void) rename(currentdir->dl_filename, oldname);
--- a/usr/src/lib/libbsm/Makefile.com Wed Oct 24 12:59:16 2007 -0700 +++ b/usr/src/lib/libbsm/Makefile.com Wed Oct 24 13:35:35 2007 -0700 @@ -19,7 +19,7 @@ # CDDL HEADER END # # -# Copyright 2006 Sun Microsystems, Inc. All rights reserved. +# Copyright 2007 Sun Microsystems, Inc. All rights reserved. # Use is subject to license terms. # # ident "%Z%%M% %I% %E% SMI" @@ -55,7 +55,6 @@ audit_rshd.o \ audit_settid.o \ audit_shutdown.o \ - audit_uadmin.o \ audit_user.o \ bsm.o \ generic.o \
--- a/usr/src/lib/libbsm/audit_event.txt Wed Oct 24 12:59:16 2007 -0700 +++ b/usr/src/lib/libbsm/audit_event.txt Wed Oct 24 13:35:35 2007 -0700 @@ -374,7 +374,7 @@ 6164:AUE_rexd:rexd:lo 6165:AUE_ftpd:ftp access:lo 6166:AUE_init_solaris:init(1m):ss -6167:AUE_uadmin_solaris:uadmin(1m):ss +6167:AUE_uadmin_solaris:uadmin(1m):no 6168:AUE_shutdown_solaris:shutdown(1b):ss 6169:AUE_poweroff_solaris:poweroff(1m):ss 6170:AUE_crontab_mod:crontab-modify:ua @@ -437,6 +437,13 @@ 6234:AUE_pool_export:export device from pool:ot 6235:AUE_dladm_create_secobj:create network security object:as,cy 6236:AUE_dladm_delete_secobj:delete network security object:as,cy +6237:AUE_uadmin_shutdown:uadmin(1m) - shutdown:ss +6238:AUE_uadmin_reboot:uadmin(1m) - reboot:ss +6239:AUE_uadmin_dump:uadmin(1m) - dump:ss +6240:AUE_uadmin_freeze:uadmin(1m) - freeze:ss +6241:AUE_uadmin_remount:uadmin(1m) - remount:ss +6242:AUE_uadmin_ftrace:uadmin(1m) - ftrace:ss +6243:AUE_uadmin_swapctl:uadmin(1m) - swapctl:ss # # Trusted Extensions events: #
--- a/usr/src/lib/libbsm/auditxml Wed Oct 24 12:59:16 2007 -0700 +++ b/usr/src/lib/libbsm/auditxml Wed Oct 24 13:35:35 2007 -0700 @@ -387,7 +387,30 @@ $start = "$comma\t"; } $text = "(no token will be generated)" unless $text; - print Hfile "\tADT_$shortName", "_$id$start\t/* $text */\n"; + my $line = "\tADT_$shortName"."_$id$start\t/* "; + # ensure whole line does not exceed 80 chars + my $eline = $line.$text; + #expand tabs + 1 while $eline =~ s/\t+/' ' x (length($&) * 8 - length($`) % 8)/e; + if ((length($eline) > 77) && ($line =~ /\t\t/)) { + # 77 = 80 - length(" */") + # strip off double tab so that comment can be longer + $line =~ s/\t\t/\t/; + # shorten eline; don't mind where the spaces are removed, it is + # only $eline length which matters + $eline =~ s/ {8}//; + } + if (length($eline) > 77) { # 80 - length(" */") + # here we use negative length in substr to leave off from the + # right side; 74 = 77 - length("...") + $line .= substr($text, 0, 74 - length($eline)); + # strip off part of last word (already cut) + $line =~ s/\s(\S+)$/ /; + $line .= "..."; + } else { + $line .= $text; + } + print Hfile "$line */\n"; $start = ''; } print Hfile "};\n";
--- a/usr/src/lib/libbsm/common/adt.xml Wed Oct 24 12:59:16 2007 -0700 +++ b/usr/src/lib/libbsm/common/adt.xml Wed Oct 24 13:35:35 2007 -0700 @@ -179,9 +179,12 @@ - id is the name to be used for this group of text strings in adt_event.h - header is as defined for <event> + - start is a number where produced enum type begins; + ensure msg lists do not overlap Within a msg_list block, <msg> and <debug> are defined. The order of <msg> tags in a msg_list is reflected - directly in adt_event.h + directly in adt_event.h. Also add ADT_LIST_<<id>> to + enum adt_msg_list in adt_xlate.h. msg Define one string. - id is the name to be used in the enum describing @@ -1134,8 +1137,102 @@ </entry> </event> + <!-- uadmin(1m) events --> + <event id="AUE_uadmin_generic" type="generic" omit="always"> + <entry id="subject"> + <internal token="subject"/> + <external opt="none"/> + </entry> + <entry id="fcn"> + <internal token="text"/> + <external opt="required" type="msg uadmin_fcn"/> + <comment>next action</comment> + </entry> + <entry id="mdep"> + <internal token="text"/> + <external opt="optional" type="char *"/> + <comment>machine dependent argument</comment> + </entry> + <entry id="return"> + <internal token="return"/> + <external opt="none"/> + </entry> + </event> + <event id="AUE_uadmin_generic_fcn" type="generic" omit="always"> + <entry id="subject"> + <internal token="subject"/> + <external opt="none"/> + </entry> + <entry id="fcn"> + <internal token="text"/> + <external opt="required" type="msg uadmin_fcn"/> + <comment>next action</comment> + </entry> + <entry id="return"> + <internal token="return"/> + <external opt="none"/> + </entry> + </event> + <event id="AUE_uadmin_shutdown" instance_of="AUE_uadmin_generic" + header="0" idNo="51" omit="JNI"> + <title>uadmin shutdown</title> + <program>/sbin/uadmin</program> + <program>/usr/sbin/uadmin</program> + <see>uadmin(1M)</see> + </event> + <event id="AUE_uadmin_reboot" instance_of="AUE_uadmin_generic" + header="0" idNo="52" omit="JNI"> + <title>uadmin reboot</title> + <program>/sbin/uadmin</program> + <program>/usr/sbin/uadmin</program> + <see>uadmin(1M)</see> + </event> + <event id="AUE_uadmin_dump" instance_of="AUE_uadmin_generic" + header="0" idNo="53" omit="JNI"> + <title>uadmin dump</title> + <program>/sbin/uadmin</program> + <program>/usr/sbin/uadmin</program> + <see>uadmin(1M)</see> + </event> + <event id="AUE_uadmin_freeze" instance_of="AUE_uadmin_generic" + header="0" idNo="54" omit="JNI"> + <title>uadmin freeze</title> + <program>/sbin/uadmin</program> + <program>/usr/sbin/uadmin</program> + <see>uadmin(1M)</see> + </event> + <event id="AUE_uadmin_remount" header="0" idNo="55" omit="JNI"> + <title>uadmin remount</title> + <program>/sbin/uadmin</program> + <program>/usr/sbin/uadmin</program> + <see>uadmin(1M)</see> + <entry id="subject"> + <internal token="subject"/> + <external opt="none"/> + </entry> + <entry id="return"> + <internal token="return"/> + <external opt="none"/> + </entry> + </event> + <!-- uadmin ftrace and swapctl are not documented in uadmin(2) --> + <event id="AUE_uadmin_ftrace" instance_of="AUE_uadmin_generic_fcn" + header="0" idNo="56" omit="JNI"> + <title>uadmin ftrace</title> + <program>/sbin/uadmin</program> + <program>/usr/sbin/uadmin</program> + <see>uadmin(1M)</see> + </event> + <event id="AUE_uadmin_swapctl" instance_of="AUE_uadmin_generic_fcn" + header="0" idNo="57" omit="JNI"> + <title>uadmin swapctl</title> + <program>/sbin/uadmin</program> + <program>/usr/sbin/uadmin</program> + <see>uadmin(1M)</see> + </event> + <!-- add new events here with the next higher idNo --> -<!-- Highest idNo is 50, so next is 51, then fix this comment --> +<!-- Highest idNo is 57, so next is 58, then fix this comment --> <!-- end of C Only events --> @@ -1306,4 +1403,25 @@ <msg id="ANON_USER">No anonymous</msg> </msg_list> +<!-- msg list for uadmin(1m) fcn argument (next action, see uadmin(2)) --> + <msg_list id="uadmin_fcn" header="0" start="3000" public="true"> + <msg id="AD_HALT">Halt the processor(s)</msg> + <msg id="AD_POWEROFF">Halt the processor(s) and turn off the power</msg> + <msg id="AD_BOOT">Reboot the system using the kernel file</msg> + <msg id="AD_IBOOT">Interactive reboot</msg> + <msg id="AD_SUSPEND_TO_DISK">Save the system state to the state file</msg> + <msg id="AD_CHECK_SUSPEND_TO_DISK">Check if system supports suspend to disk</msg> + <msg id="AD_FORCE">Force suspend to disk even when threads of user + applications are not suspendable</msg> + <msg id="AD_SUSPEND_TO_RAM">Save the system state to memory</msg> + <msg id="AD_CHECK_SUSPEND_TO_RAM">Check if system supports suspend to memory</msg> + <msg id="AD_SBOOT">Single-user reboot</msg> + <msg id="AD_SIBOOT">Single-user interactive reboot</msg> + <msg id="AD_NOSYNC">Do not sync filesystems on next A_DUMP</msg> + <msg id="AD_REUSEINIT">Prepare for AD_REUSABLE</msg> + <msg id="AD_REUSABLE">Create reusable statefile</msg> + <msg id="AD_REUSEFINI">Revert to normal CPR mode (not reusable)</msg> + <msg id="AD_FTRACE_START">ftrace start</msg> + <msg id="AD_FTRACE_STOP">ftrace stop</msg> + </msg_list> </specification>
--- a/usr/src/lib/libbsm/common/adt_token.c Wed Oct 24 12:59:16 2007 -0700 +++ b/usr/src/lib/libbsm/common/adt_token.c Wed Oct 24 13:35:35 2007 -0700 @@ -670,8 +670,8 @@ list = &adt_msg_text[(enum adt_login_text)def->dd_input_size]; list_index = ((union convert *)p_data)->msg_selector; - if ((list_index < list->ml_min_index) | - (list_index > list->ml_max_index)) + if ((list_index + list->ml_offset < list->ml_min_index) || + (list_index + list->ml_offset > list->ml_max_index)) string = "Invalid message index"; else string = list->ml_msg_list[list_index +
--- a/usr/src/lib/libbsm/common/adt_xlate.h Wed Oct 24 12:59:16 2007 -0700 +++ b/usr/src/lib/libbsm/common/adt_xlate.h Wed Oct 24 13:35:35 2007 -0700 @@ -21,7 +21,7 @@ /* * adt_xlate.h * - * Copyright 2006 Sun Microsystems, Inc. All rights reserved. + * Copyright 2007 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. * */ @@ -81,7 +81,8 @@ enum adt_msg_list { ADT_LIST_FAIL_PAM, ADT_LIST_FAIL_VALUE, - ADT_LIST_LOGIN_TEXT}; + ADT_LIST_LOGIN_TEXT, + ADT_LIST_UADMIN_FCN}; enum datatype {ADT_UNDEFINED = 0, ADT_DATE,
--- a/usr/src/lib/libbsm/common/audit_private.h Wed Oct 24 12:59:16 2007 -0700 +++ b/usr/src/lib/libbsm/common/audit_private.h Wed Oct 24 13:35:35 2007 -0700 @@ -19,7 +19,7 @@ * CDDL HEADER END */ /* - * Copyright 2006 Sun Microsystems, Inc. All rights reserved. + * Copyright 2007 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. * * Do not add to this file unless it is to cover an existing private @@ -179,27 +179,6 @@ char *, char **); extern void audit_rexd_setup(void); -/* - * audit_uadmin.c - * interface user - * uadmin - */ -extern int audit_uadmin_setup(int, char **); -extern int audit_uadmin_success(void); - -/* - * audit_su.c - * interface user - * su - */ -extern void audit_su_bad_authentication(void); -extern void audit_su_bad_uid(uid_t); -extern void audit_su_bad_username(void); -extern void audit_su_init_info(char *, char *); -extern void audit_su_reset_ai(void); -extern void audit_su_success(void); -extern void audit_su_unknown_failure(void); - #ifdef __cplusplus } #endif
--- a/usr/src/lib/libbsm/common/audit_uadmin.c Wed Oct 24 12:59:16 2007 -0700 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,136 +0,0 @@ -/* - * CDDL HEADER START - * - * The contents of this file are subject to the terms of the - * Common Development and Distribution License, Version 1.0 only - * (the "License"). You may not use this file except in compliance - * with the License. - * - * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE - * or http://www.opensolaris.org/os/licensing. - * See the License for the specific language governing permissions - * and limitations under the License. - * - * When distributing Covered Code, include this CDDL HEADER in each - * file and include the License file at usr/src/OPENSOLARIS.LICENSE. - * If applicable, add the following below this CDDL HEADER, with the - * fields enclosed by brackets "[]" replaced with your own identifying - * information: Portions Copyright [yyyy] [name of copyright owner] - * - * CDDL HEADER END - */ -/* - * Copyright 2003 Sun Microsystems, Inc. All rights reserved. - * Use is subject to license terms. - */ -#pragma ident "%Z%%M% %I% %E% SMI" - -#include <sys/types.h> -#include <stdio.h> -#include <unistd.h> -#include <sys/fcntl.h> -#include <bsm/audit.h> -#include <bsm/audit_record.h> -#include <bsm/audit_uevents.h> -#include <bsm/libbsm.h> -#include <bsm/audit_private.h> -#include <stdlib.h> -#include <string.h> -#include <syslog.h> -#include <netinet/in.h> -#include <generic.h> - -#ifdef C2_DEBUG -#define dprintf(x) {printf x; } -#else -#define dprintf(x) -#endif - -static char **gargv; -static int save_afunc(); - -static int audit_uadmin_generic(int); - -/* ARGSUSED */ -int -audit_uadmin_setup(int argc, char **argv) -{ - dprintf(("audit_uadmin_setup()\n")); - - if (cannot_audit(0)) { - return (0); - } - gargv = argv; - - (void) aug_init(); - aug_save_event(AUE_uadmin_solaris); - (void) aug_save_me(); - aug_save_afunc(save_afunc); - return (0); -} - -static int -save_afunc(int ad) -{ - if (gargv && gargv[1]) - (void) au_write(ad, au_to_text(gargv[1])); - if (gargv && gargv[2]) - (void) au_write(ad, au_to_text(gargv[2])); - return (0); -} - -int -audit_uadmin_fail() -{ - return (audit_uadmin_generic(-1)); -} - -int -audit_uadmin_success() -{ - int res = 0; - - (void) audit_uadmin_generic(0); - - /* - * wait for audit daemon to put halt message onto audit trail - */ - if (!cannot_audit(0)) { - int cond = AUC_NOAUDIT; - int canaudit; - - (void) sleep(1); - - /* find out if audit daemon is running */ - (void) auditon(A_GETCOND, (caddr_t)&cond, - sizeof (cond)); - canaudit = ((cond == AUC_AUDITING) || (cond == AUC_NOSPACE)); - - /* turn off audit daemon and try to flush audit queue */ - if (canaudit && system("/usr/sbin/audit -t")) - res = -1; - - /* give a chance for syslogd to do the job */ - (void) sleep(5); - } - - return (res); -} - -int -audit_uadmin_generic(sorf) - int sorf; -{ - int r; - - dprintf(("audit_uadmin_generic(%d)\n", sorf)); - - if (cannot_audit(0)) { - return (0); - } - - aug_save_sorf(sorf); - r = aug_audit(); - - return (r); -}
--- a/usr/src/lib/libbsm/common/mapfile-vers Wed Oct 24 12:59:16 2007 -0700 +++ b/usr/src/lib/libbsm/common/mapfile-vers Wed Oct 24 13:35:35 2007 -0700 @@ -224,8 +224,6 @@ audit_shutdown_setup; audit_shutdown_success; __audit_syslog; - audit_uadmin_setup; - audit_uadmin_success; aug_audit; aug_get_machine; aug_get_port;
--- a/usr/src/tools/abi/etc/ABI_i386.db Wed Oct 24 12:59:16 2007 -0700 +++ b/usr/src/tools/abi/etc/ABI_i386.db Wed Oct 24 13:35:35 2007 -0700 @@ -17934,33 +17934,6 @@ audit_shutdown_success usr/lib/libbsm.so.1 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 0 0 0011111 0 0011110 0000001 0 0 0 0 audit_shutdown_success lib/amd64/libbsm.so.1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 0000001 0 0000001 0 0 0 0 0 audit_shutdown_success lib/libbsm.so.1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 0000001 0 0000001 0 0 0 0 0 -audit_su_bad_authentication usr/lib/libbsm.so.1 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 0 0 0011111 0 0011110 0000001 0 0 0 0 -audit_su_bad_authentication lib/amd64/libbsm.so.1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 0000001 0 0000001 0 0 0 0 0 -audit_su_bad_authentication lib/libbsm.so.1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 0000001 0 0000001 0 0 0 0 0 -audit_su_bad_uid usr/lib/libbsm.so.1 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 0 0 0011111 0 0011110 0000001 0 0 0 0 -audit_su_bad_uid lib/amd64/libbsm.so.1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 0000001 0 0000001 0 0 0 0 0 -audit_su_bad_uid lib/libbsm.so.1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 0000001 0 0000001 0 0 0 0 0 -audit_su_bad_username usr/lib/libbsm.so.1 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 0 0 0011111 0 0011110 0000001 0 0 0 0 -audit_su_bad_username lib/amd64/libbsm.so.1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 0000001 0 0000001 0 0 0 0 0 -audit_su_bad_username lib/libbsm.so.1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 0000001 0 0000001 0 0 0 0 0 -audit_su_init_info usr/lib/libbsm.so.1 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 0 0 0011111 0 0011110 0000001 0 0 0 0 -audit_su_init_info lib/amd64/libbsm.so.1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 0000001 0 0000001 0 0 0 0 0 -audit_su_init_info lib/libbsm.so.1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 0000001 0 0000001 0 0 0 0 0 -audit_su_reset_ai usr/lib/libbsm.so.1 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 0 0 0011111 0 0011110 0000001 0 0 0 0 -audit_su_reset_ai lib/amd64/libbsm.so.1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 0000001 0 0000001 0 0 0 0 0 -audit_su_reset_ai lib/libbsm.so.1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 0000001 0 0000001 0 0 0 0 0 -audit_su_success usr/lib/libbsm.so.1 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 0 0 0011111 0 0011110 0000001 0 0 0 0 -audit_su_success lib/amd64/libbsm.so.1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 0000001 0 0000001 0 0 0 0 0 -audit_su_success lib/libbsm.so.1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 0000001 0 0000001 0 0 0 0 0 -audit_su_unknown_failure usr/lib/libbsm.so.1 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 0 0 0011111 0 0011110 0000001 0 0 0 0 -audit_su_unknown_failure lib/amd64/libbsm.so.1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 0000001 0 0000001 0 0 0 0 0 -audit_su_unknown_failure lib/libbsm.so.1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 0000001 0 0000001 0 0 0 0 0 -audit_uadmin_setup usr/lib/libbsm.so.1 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 0 0 0011111 0 0011110 0000001 0 0 0 0 -audit_uadmin_setup lib/amd64/libbsm.so.1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 0000001 0 0000001 0 0 0 0 0 -audit_uadmin_setup lib/libbsm.so.1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 0000001 0 0000001 0 0 0 0 0 -audit_uadmin_success usr/lib/libbsm.so.1 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 0 0 0011111 0 0011110 0000001 0 0 0 0 -audit_uadmin_success lib/amd64/libbsm.so.1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 0000001 0 0000001 0 0 0 0 0 -audit_uadmin_success lib/libbsm.so.1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 0000001 0 0000001 0 0 0 0 0 audit_user_create_event usr/lib/libbsm.so.1 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 0 0 0011111 0 0011110 0000001 0 0 0 0 audit_user_create_event lib/amd64/libbsm.so.1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 0000001 0 0000001 0 0 0 0 0 audit_user_create_event lib/libbsm.so.1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 0000001 0 0000001 0 0 0 0 0
--- a/usr/src/tools/abi/etc/ABI_sparc.db Wed Oct 24 12:59:16 2007 -0700 +++ b/usr/src/tools/abi/etc/ABI_sparc.db Wed Oct 24 13:35:35 2007 -0700 @@ -1,5 +1,5 @@ # -# Copyright 2006 Sun Microsystems, Inc. All rights reserved. +# Copyright 2007 Sun Microsystems, Inc. All rights reserved. # Use is subject to license terms. # # CDDL HEADER START @@ -19190,42 +19190,6 @@ audit_shutdown_success usr/lib/libbsm.so.1 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 0 0 0011111 0 0011110 0000001 0 0 0 0 audit_shutdown_success lib/sparcv9/libbsm.so.1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 0000001 0 0000001 0 0 0 0 0 audit_shutdown_success lib/libbsm.so.1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 0000001 0 0000001 0 0 0 0 0 -audit_su_bad_authentication usr/lib/sparcv9/libbsm.so.1 0 0 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 0 0 1111111 0 1111110 0000001 0 0 0 0 -audit_su_bad_authentication usr/lib/libbsm.so.1 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 0 0 0011111 0 0011110 0000001 0 0 0 0 -audit_su_bad_authentication lib/sparcv9/libbsm.so.1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 0000001 0 0000001 0 0 0 0 0 -audit_su_bad_authentication lib/libbsm.so.1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 0000001 0 0000001 0 0 0 0 0 -audit_su_bad_uid usr/lib/sparcv9/libbsm.so.1 0 0 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 0 0 1111111 0 1111110 0000001 0 0 0 0 -audit_su_bad_uid usr/lib/libbsm.so.1 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 0 0 0011111 0 0011110 0000001 0 0 0 0 -audit_su_bad_uid lib/sparcv9/libbsm.so.1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 0000001 0 0000001 0 0 0 0 0 -audit_su_bad_uid lib/libbsm.so.1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 0000001 0 0000001 0 0 0 0 0 -audit_su_bad_username usr/lib/sparcv9/libbsm.so.1 0 0 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 0 0 1111111 0 1111110 0000001 0 0 0 0 -audit_su_bad_username usr/lib/libbsm.so.1 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 0 0 0011111 0 0011110 0000001 0 0 0 0 -audit_su_bad_username lib/sparcv9/libbsm.so.1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 0000001 0 0000001 0 0 0 0 0 -audit_su_bad_username lib/libbsm.so.1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 0000001 0 0000001 0 0 0 0 0 -audit_su_init_info usr/lib/sparcv9/libbsm.so.1 0 0 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 0 0 1111111 0 1111110 0000001 0 0 0 0 -audit_su_init_info usr/lib/libbsm.so.1 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 0 0 0011111 0 0011110 0000001 0 0 0 0 -audit_su_init_info lib/sparcv9/libbsm.so.1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 0000001 0 0000001 0 0 0 0 0 -audit_su_init_info lib/libbsm.so.1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 0000001 0 0000001 0 0 0 0 0 -audit_su_reset_ai usr/lib/sparcv9/libbsm.so.1 0 0 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 0 0 1111111 0 1111110 0000001 0 0 0 0 -audit_su_reset_ai usr/lib/libbsm.so.1 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 0 0 0011111 0 0011110 0000001 0 0 0 0 -audit_su_reset_ai lib/sparcv9/libbsm.so.1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 0000001 0 0000001 0 0 0 0 0 -audit_su_reset_ai lib/libbsm.so.1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 0000001 0 0000001 0 0 0 0 0 -audit_su_success usr/lib/sparcv9/libbsm.so.1 0 0 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 0 0 1111111 0 1111110 0000001 0 0 0 0 -audit_su_success usr/lib/libbsm.so.1 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 0 0 0011111 0 0011110 0000001 0 0 0 0 -audit_su_success lib/sparcv9/libbsm.so.1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 0000001 0 0000001 0 0 0 0 0 -audit_su_success lib/libbsm.so.1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 0000001 0 0000001 0 0 0 0 0 -audit_su_unknown_failure usr/lib/sparcv9/libbsm.so.1 0 0 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 0 0 1111111 0 1111110 0000001 0 0 0 0 -audit_su_unknown_failure usr/lib/libbsm.so.1 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 0 0 0011111 0 0011110 0000001 0 0 0 0 -audit_su_unknown_failure lib/sparcv9/libbsm.so.1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 0000001 0 0000001 0 0 0 0 0 -audit_su_unknown_failure lib/libbsm.so.1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 0000001 0 0000001 0 0 0 0 0 -audit_uadmin_setup usr/lib/sparcv9/libbsm.so.1 0 0 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 0 0 1111111 0 1111110 0000001 0 0 0 0 -audit_uadmin_setup usr/lib/libbsm.so.1 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 0 0 0011111 0 0011110 0000001 0 0 0 0 -audit_uadmin_setup lib/sparcv9/libbsm.so.1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 0000001 0 0000001 0 0 0 0 0 -audit_uadmin_setup lib/libbsm.so.1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 0000001 0 0000001 0 0 0 0 0 -audit_uadmin_success usr/lib/sparcv9/libbsm.so.1 0 0 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 0 0 1111111 0 1111110 0000001 0 0 0 0 -audit_uadmin_success usr/lib/libbsm.so.1 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 0 0 0011111 0 0011110 0000001 0 0 0 0 -audit_uadmin_success lib/sparcv9/libbsm.so.1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 0000001 0 0000001 0 0 0 0 0 -audit_uadmin_success lib/libbsm.so.1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 0000001 0 0000001 0 0 0 0 0 audit_user_create_event usr/lib/sparcv9/libbsm.so.1 0 0 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 0 0 1111111 0 1111110 0000001 0 0 0 0 audit_user_create_event usr/lib/libbsm.so.1 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 SUNWprivate_1.1 0 0 0011111 0 0011110 0000001 0 0 0 0 audit_user_create_event lib/sparcv9/libbsm.so.1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 SUNWprivate_1.1 SUNWprivate_1.1 0000001 0 0000001 0 0 0 0 0