[apple/system_cmds.git] / login.tproj / login_audit.c

/*
 * Copyright (c) 2005-2016 Apple Inc. All rights reserved.
 *
 * @APPLE_BSD_LICENSE_HEADER_START@
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 *
 * 1.  Redistributions of source code must retain the above copyright
 *     notice, this list of conditions and the following disclaimer.
 * 2.  Redistributions in binary form must reproduce the above copyright
 *     notice, this list of conditions and the following disclaimer in the
 *     documentation and/or other materials provided with the distribution.
 * 3.  Neither the name of Apple Computer, Inc. ("Apple") nor the names of
 *     its contributors may be used to endorse or promote products derived
 *     from this software without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND ANY
 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
 * DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR ANY
 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 *
 * @APPLE_BSD_LICENSE_HEADER_END@
 */

#ifdef USE_BSM_AUDIT

#include <sys/cdefs.h>
__FBSDID("$FreeBSD: src/usr.bin/login/login_audit.c,v 1.2 2007/05/07 11:01:36 dwmalone Exp $");

#include <sys/types.h>

#include <bsm/libbsm.h>
#include <bsm/audit_uevents.h>
#include <bsm/audit_session.h>

#include <err.h>
#include <errno.h>
#include <pwd.h>
#include <stdio.h>
#include <stdlib.h>
#include <strings.h>
#include <unistd.h>

#include "login.h"

/*
 * Audit data
 */
au_tid_addr_t tid;

/*
 * The following tokens are included in the audit record for a successful
 * login: header, subject, return.
 */
void
au_login_success(int fflag)
{
	token_t *tok;
	int aufd;
	auditinfo_addr_t auinfo;
	uid_t uid = pwd->pw_uid;
	gid_t gid = pwd->pw_gid;
	pid_t pid = getpid();
	long au_cond;

	/* Determine whether auditing is enabled. */
	if (auditon(A_GETCOND, &au_cond, sizeof(long)) < 0) {
		if (errno == ENOSYS)
			return;
		errx(1, "login: Could not determine audit condition");
	}

	/* Initialize with the current audit info. */
	if (getaudit_addr(&auinfo, sizeof(auinfo)) < 0) {
		err(1, "getaudit_addr");
	}
	auinfo.ai_auid = pwd->pw_uid;
	memcpy(&auinfo.ai_termid, &tid, sizeof(auinfo.ai_termid));

	/* Do the SessionCreate() equivalent. */
	if (!fflag) {
		auinfo.ai_asid = AU_ASSIGN_ASID;
		auinfo.ai_flags |= AU_SESSION_FLAG_HAS_TTY;
		auinfo.ai_flags |= AU_SESSION_FLAG_HAS_AUTHENTICATED;
	}

	if (au_cond != AUC_NOAUDIT) {
		/* Compute and set the user's preselection mask. */
		if (au_user_mask(pwd->pw_name, &auinfo.ai_mask) < 0) {
			errx(1, "login: Could not set audit mask\n");
		}
	}

	if (setaudit_addr(&auinfo, sizeof(auinfo)) < 0)
		err(1, "login: setaudit_addr failed");

	char *session = NULL;
	asprintf(&session, "%x", auinfo.ai_asid);
	if (NULL == session) {
		errx(1, "asprintf failed");
	}
	setenv("SECURITYSESSIONID", session, 1);
	free(session);

	/* If we are not auditing, don't cut an audit record; just return. */
	if (au_cond == AUC_NOAUDIT)
		return;

	if ((aufd = au_open()) == -1)
		errx(1,"login: Audit Error: au_open() failed");

	if ((tok = au_to_subject32_ex(uid, geteuid(), getegid(), uid, gid, pid,
	    pid, &tid)) == NULL)
		errx(1, "login: Audit Error: au_to_subject32() failed");
	au_write(aufd, tok);

	if ((tok = au_to_return32(0, 0)) == NULL)
		errx(1, "login: Audit Error: au_to_return32() failed");
	au_write(aufd, tok);

	if (au_close(aufd, 1, AUE_login) == -1)
		errx(1, "login: Audit Record was not committed.");
}

/*
 * The following tokens are included in the audit record for failed
 * login attempts: header, subject, text, return.
 */
void
au_login_fail(const char *errmsg, int na)
{
	token_t *tok;
	int aufd;
	long au_cond;
	uid_t uid;
	gid_t gid;
	pid_t pid = getpid();

	/* If we are not auditing, don't cut an audit record; just return. */
	if (auditon(A_GETCOND, &au_cond, sizeof(long)) < 0) {
		if (errno == ENOSYS)
			return;
		errx(1, "login: Could not determine audit condition");
	}
	if (au_cond == AUC_NOAUDIT)
		return;

	if ((aufd = au_open()) == -1)
		errx(1, "login: Audit Error: au_open() failed");

	if (na) {
		/*
		 * Non attributable event.  Assuming that login is not called
		 * within a user's session => auid,asid == -1.
		 */
		if ((tok = au_to_subject32_ex(-1, geteuid(), getegid(), -1, -1,
		    pid, -1, &tid)) == NULL)
			errx(1, "login: Audit Error: au_to_subject32() failed");
	} else {
		/* We know the subject -- so use its value instead. */
		uid = pwd->pw_uid;
		gid = pwd->pw_gid;
		if ((tok = au_to_subject32_ex(uid, geteuid(), getegid(), uid,
		    gid, pid, pid, &tid)) == NULL)
			errx(1, "login: Audit Error: au_to_subject32() failed");
	}
	au_write(aufd, tok);

	/* Include the error message. */
	if ((tok = au_to_text(errmsg)) == NULL)
		errx(1, "login: Audit Error: au_to_text() failed");
	au_write(aufd, tok);

	if ((tok = au_to_return32(1, errno)) == NULL)
		errx(1, "login: Audit Error: au_to_return32() failed");
	au_write(aufd, tok);

	if (au_close(aufd, 1, AUE_login) == -1)
		errx(1, "login: Audit Error: au_close() was not committed");
}

/*
 * The following tokens are included in the audit record for a logout:
 * header, subject, return.
 */
void
audit_logout(void)
{
	token_t *tok;
	int aufd;
	uid_t uid = pwd->pw_uid;
	gid_t gid = pwd->pw_gid;
	pid_t pid = getpid();
	long au_cond;

	/* If we are not auditing, don't cut an audit record; just return. */
	if (auditon(A_GETCOND, &au_cond, sizeof(long)) < 0) {
		if (errno == ENOSYS)
			return;
		errx(1, "login: Could not determine audit condition");
	}
	if (au_cond == AUC_NOAUDIT)
		return;

	if ((aufd = au_open()) == -1)
		errx(1, "login: Audit Error: au_open() failed");

	/* The subject that is created (euid, egid of the current process). */
	if ((tok = au_to_subject32_ex(uid, geteuid(), getegid(), uid, gid, pid,
	    pid, &tid)) == NULL)
		errx(1, "login: Audit Error: au_to_subject32() failed");
	au_write(aufd, tok);

	if ((tok = au_to_return32(0, 0)) == NULL)
		errx(1, "login: Audit Error: au_to_return32() failed");
	au_write(aufd, tok);

	if (au_close(aufd, 1, AUE_logout) == -1)
		errx(1, "login: Audit Record was not committed.");
}

#endif /* USE_BSM_AUDIT */
Commit	Line	Data
ef8ad44b	1	/*
cf37c299	2	* Copyright (c) 2005-2016 Apple Inc. All rights reserved.
ef8ad44b A	3	*
	4	* @APPLE_BSD_LICENSE_HEADER_START@
	5	*
	6	* Redistribution and use in source and binary forms, with or without
	7	* modification, are permitted provided that the following conditions
	8	* are met:
	9	*
	10	* 1. Redistributions of source code must retain the above copyright
	11	* notice, this list of conditions and the following disclaimer.
	12	* 2. Redistributions in binary form must reproduce the above copyright
	13	* notice, this list of conditions and the following disclaimer in the
	14	* documentation and/or other materials provided with the distribution.
	15	* 3. Neither the name of Apple Computer, Inc. ("Apple") nor the names of
	16	* its contributors may be used to endorse or promote products derived
	17	* from this software without specific prior written permission.
	18	*
	19	* THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND ANY
	20	* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
	21	* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
	22	* DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR ANY
	23	* DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
	24	* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
	25	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
	26	* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
	27	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
	28	* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	29	*
	30	* @APPLE_BSD_LICENSE_HEADER_END@
	31	*/
	32
aaff5f01 A	33	#ifdef USE_BSM_AUDIT
aaff5f01 A	34
ef8ad44b A	35	#include <sys/cdefs.h>
	36	__FBSDID("$FreeBSD: src/usr.bin/login/login_audit.c,v 1.2 2007/05/07 11:01:36 dwmalone Exp $");
	37
	38	#include <sys/types.h>
	39
	40	#include <bsm/libbsm.h>
	41	#include <bsm/audit_uevents.h>
8459d725	42	#include <bsm/audit_session.h>
ef8ad44b A	43
	44	#include <err.h>
	45	#include <errno.h>
	46	#include <pwd.h>
	47	#include <stdio.h>
8459d725	48	#include <stdlib.h>
ef8ad44b A	49	#include <strings.h>
	50	#include <unistd.h>
	51
	52	#include "login.h"
	53
	54	/*
	55	* Audit data
	56	*/
8459d725	57	au_tid_addr_t tid;
ef8ad44b A	58
	59	/*
	60	* The following tokens are included in the audit record for a successful
	61	* login: header, subject, return.
	62	*/
	63	void
8459d725	64	au_login_success(int fflag)
ef8ad44b A	65	{
	66	token_t *tok;
	67	int aufd;
8459d725	68	auditinfo_addr_t auinfo;
ef8ad44b A	69	uid_t uid = pwd->pw_uid;
	70	gid_t gid = pwd->pw_gid;
	71	pid_t pid = getpid();
	72	long au_cond;
	73
8459d725	74	/* Determine whether auditing is enabled. */
cf37c299	75	if (auditon(A_GETCOND, &au_cond, sizeof(long)) < 0) {
ef8ad44b A	76	if (errno == ENOSYS)
	77	return;
	78	errx(1, "login: Could not determine audit condition");
	79	}
ef8ad44b	80
8459d725 A	81	/* Initialize with the current audit info. */
	82	if (getaudit_addr(&auinfo, sizeof(auinfo)) < 0) {
	83	err(1, "getaudit_addr");
	84	}
	85	auinfo.ai_auid = pwd->pw_uid;
	86	memcpy(&auinfo.ai_termid, &tid, sizeof(auinfo.ai_termid));
	87
	88	/* Do the SessionCreate() equivalent. */
	89	if (!fflag) {
	90	auinfo.ai_asid = AU_ASSIGN_ASID;
	91	auinfo.ai_flags \|= AU_SESSION_FLAG_HAS_TTY;
	92	auinfo.ai_flags \|= AU_SESSION_FLAG_HAS_AUTHENTICATED;
	93	}
ef8ad44b	94
8459d725 A	95	if (au_cond != AUC_NOAUDIT) {
	96	/* Compute and set the user's preselection mask. */
	97	if (au_user_mask(pwd->pw_name, &auinfo.ai_mask) < 0) {
	98	errx(1, "login: Could not set audit mask\n");
	99	}
	100	}
	101
	102	if (setaudit_addr(&auinfo, sizeof(auinfo)) < 0)
	103	err(1, "login: setaudit_addr failed");
cf37c299	104
8459d725 A	105	char *session = NULL;
	106	asprintf(&session, "%x", auinfo.ai_asid);
	107	if (NULL == session) {
	108	errx(1, "asprintf failed");
	109	}
	110	setenv("SECURITYSESSIONID", session, 1);
	111	free(session);
cf37c299	112
8459d725 A	113	/* If we are not auditing, don't cut an audit record; just return. */
	114	if (au_cond == AUC_NOAUDIT)
	115	return;
ef8ad44b A	116
	117	if ((aufd = au_open()) == -1)
	118	errx(1,"login: Audit Error: au_open() failed");
	119
8459d725	120	if ((tok = au_to_subject32_ex(uid, geteuid(), getegid(), uid, gid, pid,
ef8ad44b A	121	pid, &tid)) == NULL)
	122	errx(1, "login: Audit Error: au_to_subject32() failed");
	123	au_write(aufd, tok);
	124
	125	if ((tok = au_to_return32(0, 0)) == NULL)
	126	errx(1, "login: Audit Error: au_to_return32() failed");
	127	au_write(aufd, tok);
	128
	129	if (au_close(aufd, 1, AUE_login) == -1)
	130	errx(1, "login: Audit Record was not committed.");
	131	}
	132
	133	/*
	134	* The following tokens are included in the audit record for failed
	135	* login attempts: header, subject, text, return.
	136	*/
	137	void
	138	au_login_fail(const char *errmsg, int na)
	139	{
	140	token_t *tok;
	141	int aufd;
	142	long au_cond;
	143	uid_t uid;
	144	gid_t gid;
	145	pid_t pid = getpid();
	146
	147	/* If we are not auditing, don't cut an audit record; just return. */
cf37c299	148	if (auditon(A_GETCOND, &au_cond, sizeof(long)) < 0) {
ef8ad44b A	149	if (errno == ENOSYS)
	150	return;
	151	errx(1, "login: Could not determine audit condition");
	152	}
	153	if (au_cond == AUC_NOAUDIT)
	154	return;
	155
	156	if ((aufd = au_open()) == -1)
	157	errx(1, "login: Audit Error: au_open() failed");
	158
	159	if (na) {
	160	/*
	161	* Non attributable event. Assuming that login is not called
	162	* within a user's session => auid,asid == -1.
	163	*/
8459d725	164	if ((tok = au_to_subject32_ex(-1, geteuid(), getegid(), -1, -1,
ef8ad44b A	165	pid, -1, &tid)) == NULL)
	166	errx(1, "login: Audit Error: au_to_subject32() failed");
	167	} else {
	168	/* We know the subject -- so use its value instead. */
	169	uid = pwd->pw_uid;
	170	gid = pwd->pw_gid;
8459d725	171	if ((tok = au_to_subject32_ex(uid, geteuid(), getegid(), uid,
ef8ad44b A	172	gid, pid, pid, &tid)) == NULL)
	173	errx(1, "login: Audit Error: au_to_subject32() failed");
	174	}
	175	au_write(aufd, tok);
	176
	177	/* Include the error message. */
	178	if ((tok = au_to_text(errmsg)) == NULL)
	179	errx(1, "login: Audit Error: au_to_text() failed");
	180	au_write(aufd, tok);
	181
	182	if ((tok = au_to_return32(1, errno)) == NULL)
	183	errx(1, "login: Audit Error: au_to_return32() failed");
	184	au_write(aufd, tok);
	185
	186	if (au_close(aufd, 1, AUE_login) == -1)
	187	errx(1, "login: Audit Error: au_close() was not committed");
	188	}
	189
	190	/*
	191	* The following tokens are included in the audit record for a logout:
	192	* header, subject, return.
	193	*/
	194	void
	195	audit_logout(void)
	196	{
	197	token_t *tok;
	198	int aufd;
	199	uid_t uid = pwd->pw_uid;
	200	gid_t gid = pwd->pw_gid;
	201	pid_t pid = getpid();
	202	long au_cond;
	203
	204	/* If we are not auditing, don't cut an audit record; just return. */
cf37c299	205	if (auditon(A_GETCOND, &au_cond, sizeof(long)) < 0) {
ef8ad44b A	206	if (errno == ENOSYS)
	207	return;
	208	errx(1, "login: Could not determine audit condition");
	209	}
	210	if (au_cond == AUC_NOAUDIT)
	211	return;
	212
	213	if ((aufd = au_open()) == -1)
	214	errx(1, "login: Audit Error: au_open() failed");
	215
	216	/* The subject that is created (euid, egid of the current process). */
8459d725	217	if ((tok = au_to_subject32_ex(uid, geteuid(), getegid(), uid, gid, pid,
ef8ad44b A	218	pid, &tid)) == NULL)
	219	errx(1, "login: Audit Error: au_to_subject32() failed");
	220	au_write(aufd, tok);
	221
	222	if ((tok = au_to_return32(0, 0)) == NULL)
	223	errx(1, "login: Audit Error: au_to_return32() failed");
	224	au_write(aufd, tok);
	225
	226	if (au_close(aufd, 1, AUE_logout) == -1)
	227	errx(1, "login: Audit Record was not committed.");
	228	}
aaff5f01 A	229
aaff5f01 A	230	#endif /* USE_BSM_AUDIT */