audit.tproj/audit.c

   1 /*
   2  * Program to trigger the audit daemon with a message that is either:
   3  *    - Open a new audit log file
   4  *    - Read the audit control file and take action on it
   5  *    - Close the audit log file and exit
   6  *
   7  */
   8
   9 #include <mach/mach.h>
  10 #include <servers/netname.h>
  11 #include <mach/message.h>
  12 #include <mach/port.h>
  13 #include <mach/mach_error.h>
  14 #include <mach/host_special_ports.h>
  15 #include <servers/bootstrap.h>
  16
  17 #include <auditd_control.h>
  18 #include <auditd.h>
  19
  20 #include <stdlib.h>
  21 #include <unistd.h>
  22 #include <stdio.h>
  23
  24 mach_port_t     serverPort;
  25 mach_port_t     bootstrapPort;
  26
  27 void init();
  28 void process(int flags);
  29
  30 /*
  31  * Main routine to process command line options.
  32  */
  33 int main(int argc, char **argv)
  34 {
  35         char ch;
  36         int flags = 0;
  37         while ((ch = getopt(argc, argv, "nst")) != -1) {
  38                 switch(ch) {
  39
  40                 case 'n':
  41                         flags = OPEN_NEW;
  42                         break;
  43
  44                 case 's':
  45                         flags = READ_FILE;
  46                         break;
  47
  48                 case 't':
  49                         flags = CLOSE_AND_DIE;
  50                         break;
  51
  52                 case '?':
  53                 default:
  54                         (void)fprintf(stderr,
  55                                 "usage: audit -n | -s | -t \n");
  56                         exit(1);
  57                 }
  58         }
  59         init();
  60         process(flags);
  61         return 0;
  62 }
  63
  64 /*
  65  * Program initialization:
  66  *   Look up the server port and store it away.
  67  */
  68 void init()
  69 {
  70         if(host_get_audit_control_port(mach_host_self(), &serverPort) != KERN_SUCCESS) {
  71                 fprintf(stderr, "Cannot get auditd_control\n");
  72                 exit(1);
  73         }
  74
  75         printf("Server port is %d\n", serverPort);
  76 }
  77
  78 /*
  79  * Do all the real work.
  80  * Send a message to the audit daemon and check the return code.
  81  */
  82 void process(int flags)
  83 {
  84         kern_return_t retcode;
  85         retcode = auditd_control(serverPort, flags);
  86         if(retcode != KERN_SUCCESS) {
  87                 mach_error("error doing IPC: ", retcode);
  88                 exit(1);
  89         }
  90         printf("Client call successful\n");
  91 }