arosen@swan.ulowell.edu (MFHorn) (03/30/89)
Submitted for your approval, patches to the 4.3BSD kernel that implement
file access auditing. Two commands and man pages are also included.
You'll need source to the kernel in order to install the patches. All
the code was written by me and is completely original, so no one should
have to worry about getting sued.
I can make the source available via anony-ftp if desired.
I've also put together a spec for capability lists (modeled after VMS
privileges), but the only machine we have here that I can use for OS
development died on me. If anyone cares to donate a Unix box to me,
with full source, I'll happily implement it..
The idea for both file auditing and capability lists was conceived LONG
before the recent sendmail, ftp and finger scares and the Internet worm.
It just took many months to get a machine to work on..
Enjoy..
Andy Rosen | arosen@hawk.ulowell.edu | "I got this guitar and I
ULowell, Box #3031 | ulowell!arosen | learned how to make it
Lowell, Ma 01854 | | talk" -Thunder Road
RD in '88 - The way it should've been
--
#! /bin/sh
# This is a shell archive. Remove anything before this line, then unpack
# it by saving it into a file and typing "sh file". To overwrite existing
# files, type "sh file -c". You can also feed this as standard input via
# unshar, or by typing "sh <file", e.g.. If this archive is complete, you
# will see the following message at the end:
# "End of shell archive."
# Contents: Files Notes README README.install TODO man man/getfalog.l
# man/getfalog.l.man man/lfa.l man/lfa.l.man man/setfalog.l
# man/setfalog.l.man man/sfa.l man/sfa.l.man src src/bin src/h
# src/libc src/sys src/bin/Makefile src/bin/README src/bin/lfa.c
# src/bin/sfa.c src/h/syscall.h.diff src/h/sys src/h/sys/file.h.diff
# src/h/sys/inode.h.diff src/libc src/libc/Makefile.diff
# src/libc/getfalog.c src/libc/setfalog.c src/sys src/sys/README
# src/sys/init_sysent.c.diff src/sys/sec_file.c
# src/sys/syscalls.c.diff src/sys/ufs_fio.c.diff
# src/sys/ufs_syscalls.c.diff
# Wrapped by arosen@swan on Thu Mar 16 05:48:28 1989
PATH=/bin:/usr/bin:/usr/ucb ; export PATH
if test -f 'Files' -a "${1}" != "-c" ; then
echo shar: Will not clobber existing file \"'Files'\"
else
echo shar: Extracting \"'Files'\" \(1217 characters\)
sed "s/^X//" >'Files' <<'END_OF_FILE'
Xbin/Makefile:
X - Makes and installs lfa and sfa programs
X
Xbin/lfa.c:
X - Program to use getfalog system call
X
Xbin/sfa.c:
X - Program to use setfalog system call
X
Xh/syscall.h:
X - Add defines for getfalog and setfalog system calls
X
Xh/sys/file.h:
X - Add defines for arguments to getfalog and setfalog calls
X
Xh/sys/inode.h:
X - Add define "i_log" (logging info) for "i_ic.ic_spare[1]"
X - Add defines "SUCCESS" and "FAILURE" (type of logging to
X perform)
X - Add defines for logging modes (all/success/failure
X read/write/del)
X
Xlibc/Makefile:
X - Patches to make getfalog and setfalog library routines
X
Xlibc/getfalog.c:
X - C library code for getfalog system call
X
Xlibc/setfalog.c:
X - C library code for setfalog system call
X
Xsys/sec_file.c:
X - Code for getfalog, setfalog and flog (send a 'file access'
X message to the syslog daemon)
X
Xsys/init_sysent.c:
X - Add declarations for getfalog and setfalog (with number of
X parameters
X
Xsys/syscalls.c:
X - Add names of getfalog and setfalog calls
X
Xsys/ufs_fio.c:
X - Add code in access() to check for read, write or execute
X logging
X
Xsys/ufs_syscalls.c:
X - Add code in unlink() and rmdir() to check for logging
X - Add code in makenode() and mkdir() to initialize logging bits
END_OF_FILE
if test 1217 -ne `wc -c <'Files'`; then
echo shar: \"'Files'\" unpacked with wrong size!
fi
# end of 'Files'
fi
if test -f 'Notes' -a "${1}" != "-c" ; then
echo shar: Will not clobber existing file \"'Notes'\"
else
echo shar: Extracting \"'Notes'\" \(525 characters\)
sed "s/^X//" >'Notes' <<'END_OF_FILE'
X- One of the most logical files to have auditing enabled on is the password
X file. Because of the way the password file is updated, however, it is
X almost useless to audit the file.
X
X Most commands create a temporary file (/etc/ptmp) and rename this to
X /etc/passwd when they're done. So every time a user changes his/her
X password, or login shell, etc., any auditing set on /etc/passwd is lost.
X
X Becuase of this, the only way to audit access to the password file is
X to audit write attempts to the /etc directory.
END_OF_FILE
if test 525 -ne `wc -c <'Notes'`; then
echo shar: \"'Notes'\" unpacked with wrong size!
fi
# end of 'Notes'
fi
if test -f 'README' -a "${1}" != "-c" ; then
echo shar: Will not clobber existing file \"'README'\"
else
echo shar: Extracting \"'README'\" \(5231 characters\)
sed "s/^X//" >'README' <<'END_OF_FILE'
X
X
X
X
X FILE ACCESS AUDITING
X IN UNIX(TM)
X
X Andrew J. Rosen
X Mar. 16, 1989
X
X
X Over the past few years, system security in the Unix operating system
X has become a more and more important issue. This demand for a more secure
X Unix system can be expected to continue for several more years.
X
X
X In the motion picture "Wall Street", Gordon Gekko said "The most val-
X uable commodity that I can think of, is information." This holds true in
X the area of computer security. If a system administrator is to success-
X fully detect a breakin, and then close the security hole exploited, s/he
X must naturally know that such a breakin has occured and at least some
X information about the security hole used.
X
X
X This paper describes an implementation of file access auditing in the
X Unix operating system. The implemenation was done on a VAX 11/730 running
X version 4.3 of the Berkeley Software Distribution. Modifications were
X made to the original sources. The actual software that was added is
X fairly simple, so there should be no difficulties in porting it to other
X versions of Unix, especially BSD derivatives.
X
X
X Any file or directory can be audited, including special files and
X sockets. Each file can audited for four different types of access: read,
X write, execute and delete. For each type of access, either all attempts,
X only successful attempts or only failed attempts can be audited. For
X example, one could log all write attempts, failed read attempts and
X succesful delete attempts on a file. Auditing cannot be set on a symbolic
X link, only on the file the link references.
X
X
X Two new system calls were added to set and examine the file access
X audting on a particular file. They are "getfalog" and "setfalog". The
X syntax of these system calls is as follows:
X
X #include <sys/file.h>
X
X char *file;
X long info;
X
X getfalog(file, &info);
X setfalog(file, &info);
X
X
X New defines were added to /usr/include/sys/file.h for user with the new
X syscalls:
X
X #define L_AREAD 0x1 /* All read attempts */
X #define L_AWRITE 0x2 /* All write attempts */
X #define L_AEXEC 0x4 /* All exec attempts */
X #define L_ADELETE 0x8 /* All delete attempts */
X #define L_SREAD 0x10 /* Successful read attempts */
X #define L_SWRITE 0x20 /* Successful write attempts */
X #define L_SEXEC 0x40 /* Successful exec attempts */
X #define L_SDELETE 0x80 /* Successful delete attempts */
X #define L_FREAD 0x100 /* Failed read attempts */
X #define L_FWRITE 0x200 /* Failed write attempts */
X #define L_FEXEC 0x400 /* Failed exec attempts */
X #define L_FDELETE 0x800 /* Failed delete attempts */
X
X
X To check if a type of auditing is set 'and' the proper define with the
X value returned by getfalog. If that type of auditing is enabled, the
X result will be true (non-zero). To set auditing for more than one type of
X access, the defines should be 'or'ed together and then passes to setfalog.
X
X
X Two new user-level programs are included to make use of the system
X calls easier. They are 'lfa' and 'sfa' ("list file access" and "set file
X access").
X
X
X The syntax of lfa is simply "lfa file1 file2 ...". It will generate a
X message like "file1: all read failed write", or simply "file1:" if
X auditing is disabled for that file.
X
X
X The sysntax of sfa is a little bit more involved:
X
X sfa file all|success|failure|none read|write|exec|delete
X
X The leve/type pair can be repeated to specify multiple types of access for
X the file. The order of the pairs is irrelevant. If a level/type pair is
X omitted, no access auditing for that type is assumed. The shorthand "sfa
X file none" is allowed, which turns off all auditing for a file.
X
X
X When a user attempts to access a file that has the auditing feature
X enabled, a message is sent by the kernel to the syslog daemon at priority
X LOG_INFO (syslogd recieves the message as 'kern.info'). The message
X contains the pathname of the file accessed (as passed to the system call
X used to access the file), the full path of the filesystem on which the
X target file resides, the inode number of the target file, the last
X component of the program used to access the file and the real user-id of
X the user who accessed the file.
X
X
X The auditing information for each file is stored in one of the spare
X fields of the inode struct for the file, i_ic.ic_spare[1]. There is a
X define in the kernel for this called 'i_log'. A front end to the kernel
X routine 'log', called 'flog', is provided. It takes as its parameters a
X pointer to the inode struct of the file being accessed, the type of access
X being requested (read, write, execute or delete) and whether the attempt
X succeeded or failed. 'Flog' puts together a full message from this and
X other information and passes it along to 'log', which either prints the
X message on the console, or sends it to the syslog daemon if it is running.
X
X
X--
XUnix is a trademark of AT&T Bell Labs.
XVAX is a trademark of Digital Equipment Corporation.
END_OF_FILE
if test 5231 -ne `wc -c <'README'`; then
echo shar: \"'README'\" unpacked with wrong size!
fi
# end of 'README'
fi
if test -f 'README.install' -a "${1}" != "-c" ; then
echo shar: Will not clobber existing file \"'README.install'\"
else
echo shar: Extracting \"'README.install'\" \(2005 characters\)
sed "s/^X//" >'README.install' <<'END_OF_FILE'
XHere's the layout of the directories:
X
Xman - Manual pages for the added system calls and commands
Xsrc/bin - Source to the new commands (and a makefile)
Xsrc/h - Diffs to syscall.h
Xsrc/h/sys - Diffs to file.h and inode.h
Xsrc/libc - Source to the C libraries for the new system calls
Xsrc/sys - Diffs to four source files, one new source file and a makefile
X
XThere are several diffs to be fed to patch (patch < file.diff). Each
Xdiff file has the complete path of the file to be patched. Patch will
Xnot automatically patch the file, but will first ask which file you want
Xto patch. The full path listed (preceded by '***') is the one you want
Xto patch.
X
XInstallation instructions:
X
X1 (src/h):
X Go to src/h and run patch on syscall.h.diff, then go into src/h/sys
X and run patch on file.h.diff and inode.h.diff. You'll need to patch
X syscall.h.diff twice. First patch /usr/include/syscall.h and then
X patch /usr/src/include/syscall.h.
X
X2 (src/libc):
X Go to src/libc and run patch on Makefile.diff. Then execute the
X following commands:
X
X make getfalog.o
X make setfalog.o
X ar qv /lib/libc.a *falog.o
X ranlib /lib/libc.a
X
X3 (src/sys):
X Go to src/sys and run patch on all the .diff files.
X Copy sec_file.c to /sys/sys
X Edit /sys/conf/files and add the line "sys/sec_file.c standard".
X Edit /sys/conf/SYSTEM, where SYSTEM is the ident of your machine (usually
X the hostname, but all uppercase), and add the line "options SECURITY".
X Reconfig, recompile and install your new kernel:
X
X cd /sys/conf
X reconfig SYSTEM
X cd /sys/SYSTEM
X make
X cp vmunix /
X reboot
X
X4 (bin):
X Go to src/bin and run make. It'll compile and install the commands
X lfa and sfa in /bin.
X
X5 (man):
X Put the new man pages in /usr/man/manl. Both nroff and 'cat'able
X formats are included.
X
X6:
X Send mail to arosen@hawk.ulowell.edu (or ulowell!arosen). I'd like
X to know how many people actually are using the software. Feel free
X to include any comments, suggestions, etc.
END_OF_FILE
if test 2005 -ne `wc -c <'README.install'`; then
echo shar: \"'README.install'\" unpacked with wrong size!
fi
# end of 'README.install'
fi
if test -f 'TODO' -a "${1}" != "-c" ; then
echo shar: Will not clobber existing file \"'TODO'\"
else
echo shar: Extracting \"'TODO'\" \(586 characters\)
sed "s/^X//" >'TODO' <<'END_OF_FILE'
X- Allow logging of control access. This would include use of the chgrp,
X chmod, chown and utimes system calls.
X
X- Messages should be logged to a binary file as well as to the syslog
X daemon. This file should be in binary format and read-only, regardless
X of access or privileges.
X
X- Messages should include the full, absolute pathname of the file in
X question, as well as the full pathname of the image being executed.
X
X- Messages should include the word "FILE".
X
X- Rewrite sfa with a better user interface.
X
X- Make a list of files which should have file access auditing enabled.
END_OF_FILE
if test 586 -ne `wc -c <'TODO'`; then
echo shar: \"'TODO'\" unpacked with wrong size!
fi
# end of 'TODO'
fi
if test ! -d 'man' ; then
echo shar: Creating directory \"'man'\"
mkdir 'man'
fi
if test -f 'man/getfalog.l' -a "${1}" != "-c" ; then
echo shar: Will not clobber existing file \"'man/getfalog.l'\"
else
echo shar: Extracting \"'man/getfalog.l'\" \(2810 characters\)
sed "s/^X//" >'man/getfalog.l' <<'END_OF_FILE'
X.\" Copyright (c) 1988, Andrew Rosen.
X.\" All rights reserved.
X.\"
X.\" This software is supplied free of charge. This software, or any part
X.\" of it, may not be redistributed or otherwise made available to, or
X.\" used by, any other person without the inclusion of this copyright
X.\" notice. This software may not be used to make a profit in any way.
X.\"
X.\" This software is provided with absolutely no warranty, to the extent
X.\" permitted by applicable state law. In no event, unless required by
X.\" applicable law, will the author(s) of this this software be liable for
X.\" any damages caused by this software.
X.\"
X.\" @(#)getfalog.2 1.0 (ULowell) 12/9/88
X.\"
X.TH GETFALOG 2 "December 9, 1988"
X.UC 4
X.SH NAME
Xgetfalog \- get file access auditing bits
X.SH SYNOPSIS
X.nf
X.ft B
X#include <sys/file.h>
X.PP
X.ft B
Xgetfalog(file, info);
X.PP
X.ft B
Xchar *file;
Xlong *info;
X.fi
X.ft R
X.SH DESCRIPTION
X.I Getfalog
Xreturns the file access auditing bits that are set on a file.
X.PP
X.I File
Xis a pointer to a string containing the path of the file.
X.PP
X.I Info
Xis a pointer to a buffer into which the information is stored.
X.PP
XThe information bits are defined as follows:
X
X.nf
X.in +5n
X.ta 1.6i 2.5i 3i
X#define L_AREAD 0x1 /* All read attempts */
X#define L_AWRITE 0x2 /* All write attempts */
X#define L_AEXEC 0x4 /* All exec attempts */
X#define L_ADELETE 0x8 /* All delete attempts */
X#define L_SREAD 0x10 /* Successful read attempts */
X#define L_SWRITE 0x20 /* Successful write attempts */
X#define L_SEXEC 0x40 /* Successful exec attempts */
X#define L_SDELETE 0x80 /* Successful delete attempts */
X#define L_FREAD 0x100 /* Failed read attempts */
X#define L_FWRITE 0x200 /* Failed write attempts */
X#define L_FEXEC 0x400 /* Failed exec attempts */
X#define L_FDELETE 0x800 /* Failed delete attempts */
X.fi
X.SH AUTHOR
XAndrew Rosen
X.SH "RETURN VALUE
XUpon successful completion a value of 0 is returned.
XOtherwise, a value of \-1 is returned and
X.I errno
Xis set to indicate the error.
X.SH "ERRORS
X.I Getfalog
Xwill fail if one or more of the following are true:
X.TP 15
X[ENOTDIR]
XA component of the path prefix is not a directory.
X.TP 15
X[EINVAL]
XThe pathname contains a character with the high-order bit set.
X.TP 15
X[ENAMETOOLONG]
XA component of a pathname exceeded 255 characters,
Xor an entire path name exceeded 1023 characters.
X.TP 15
X[ENOENT]
XThe named file does not exist.
X.TP 15
X[EACCES]
XSearch permission is denied for a component of the path prefix.
X.TP 15
X[ELOOP]
XToo many symbolic links were encountered in translating the pathname.
X.TP 15
X[EIO]
XAn I/O error occurred while reading from or writing to the file system.
X
X.SH "SEE ALSO"
Xlfa(1), sfa(1), ls(1), chmod(1), setfalog(2)
END_OF_FILE
if test 2810 -ne `wc -c <'man/getfalog.l'`; then
echo shar: \"'man/getfalog.l'\" unpacked with wrong size!
fi
# end of 'man/getfalog.l'
fi
if test -f 'man/getfalog.l.man' -a "${1}" != "-c" ; then
echo shar: Will not clobber existing file \"'man/getfalog.l.man'\"
else
echo shar: Extracting \"'man/getfalog.l.man'\" \(2733 characters\)
sed "s/^X//" >'man/getfalog.l.man' <<'END_OF_FILE'
X
X
X
XGETFALOG(2) UNIX Programmer's Manual GETFALOG(2)
X
X
X
XNAME
X getfalog - get file access auditing bits
X
XSYNOPSIS
X #include <sys/file.h>
X
X getfalog(file, info);
X
X char *file;
X long *info;
X
XDESCRIPTION
X _G_e_t_f_a_l_o_g returns the file access auditing bits that are set
X on a file.
X
X _F_i_l_e is a pointer to a string containing the path of the
X file.
X
X _I_n_f_o is a pointer to a buffer into which the information is
X stored.
X
X The information bits are defined as follows:
X
X #define L_AREAD 0x1 /* All read attempts */
X #define L_AWRITE 0x2 /* All write attempts */
X #define L_AEXEC 0x4 /* All exec attempts */
X #define L_ADELETE 0x8 /* All delete attempts */
X #define L_SREAD 0x10 /* Successful read attempts */
X #define L_SWRITE 0x20 /* Successful write attempts */
X #define L_SEXEC 0x40 /* Successful exec attempts */
X #define L_SDELETE 0x80 /* Successful delete attempts */
X #define L_FREAD 0x100 /* Failed read attempts */
X #define L_FWRITE 0x200 /* Failed write attempts */
X #define L_FEXEC 0x400 /* Failed exec attempts */
X #define L_FDELETE 0x800 /* Failed delete attempts */
X
XAUTHOR
X Andrew Rosen
X
XRETURN VALUE
X Upon successful completion a value of 0 is returned. Other-
X wise, a value of -1 is returned and _e_r_r_n_o is set to indicate
X the error.
X
XERRORS
X _G_e_t_f_a_l_o_g will fail if one or more of the following are true:
X
X [ENOTDIR] A component of the path prefix is not a
X directory.
X
X [EINVAL] The pathname contains a character with the
X high-order bit set.
X
X
X
XPrinted 12/28/88 December 9, 1988 1
X
X
X
X
X
X
XGETFALOG(2) UNIX Programmer's Manual GETFALOG(2)
X
X
X
X [ENAMETOOLONG] A component of a pathname exceeded 255 char-
X acters, or an entire path name exceeded 1023
X characters.
X
X [ENOENT] The named file does not exist.
X
X [EACCES] Search permission is denied for a component
X of the path prefix.
X
X [ELOOP] Too many symbolic links were encountered in
X translating the pathname.
X
X [EIO] An I/O error occurred while reading from or
X writing to the file system.
X
X
XSEE ALSO
X lfa(1), sfa(1), ls(1), chmod(1), setfalog(2)
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
XPrinted 12/28/88 December 9, 1988 2
X
X
X
END_OF_FILE
echo shar: 29 control characters may be missing from \"'man/getfalog.l.man'\"
if test 2733 -ne `wc -c <'man/getfalog.l.man'`; then
echo shar: \"'man/getfalog.l.man'\" unpacked with wrong size!
fi
# end of 'man/getfalog.l.man'
fi
if test -f 'man/lfa.l' -a "${1}" != "-c" ; then
echo shar: Will not clobber existing file \"'man/lfa.l'\"
else
echo shar: Extracting \"'man/lfa.l'\" \(989 characters\)
sed "s/^X//" >'man/lfa.l' <<'END_OF_FILE'
X.\" Copyright (c) 1988, Andrew Rosen.
X.\" All rights reserved.
X.\"
X.\" This software is supplied free of charge. This software, or any part
X.\" of it, may not be redistributed or otherwise made available to, or
X.\" used by, any other person without the inclusion of this copyright
X.\" notice. This software may not be used to make a profit in any way.
X.\"
X.\" This software is provided with absolutely no warranty, to the extent
X.\" permitted by applicable state law. In no event, unless required by
X.\" applicable law, will the author(s) of this this software be liable for
X.\" any damages caused by this software.
X.\"
X.\" @(#)lfa.1 1.0 (ULowell) 12/9/88
X.\"
X.TH LFA 1 "December 9, 1988"
X.UC 4
X.SH NAME
Xlfa \- list file access auditing information
X.SH SYNOPSIS
X.B lfa file [ file ]
X.SH DESCRIPTION
XThis command displays the file access auditing bits that
Xare set on the listed files.
X.SH AUTHOR
XAndrew Rosen
X.SH "SEE ALSO"
Xsfa(1), ls(1), chmod(1), getfalog(2), setfalog(2)
END_OF_FILE
if test 989 -ne `wc -c <'man/lfa.l'`; then
echo shar: \"'man/lfa.l'\" unpacked with wrong size!
fi
# end of 'man/lfa.l'
fi
if test -f 'man/lfa.l.man' -a "${1}" != "-c" ; then
echo shar: Will not clobber existing file \"'man/lfa.l.man'\"
else
echo shar: Extracting \"'man/lfa.l.man'\" \(468 characters\)
sed "s/^X//" >'man/lfa.l.man' <<'END_OF_FILE'
X
X
X
XLFA(1) UNIX Programmer's Manual LFA(1)
X
X
X
XNAME
X lfa - list file access auditing information
X
XSYNOPSIS
X lfa file [ file ]
X
XDESCRIPTION
X This command displays the file access auditing bits that are
X set on the listed files.
X
XAUTHOR
X Andrew Rosen
X
XSEE ALSO
X sfa(1), ls(1), chmod(1), getfalog(2), setfalog(2)
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
XPrinted 12/28/88 December 9, 1988 1
X
X
X
END_OF_FILE
if test 468 -ne `wc -c <'man/lfa.l.man'`; then
echo shar: \"'man/lfa.l.man'\" unpacked with wrong size!
fi
# end of 'man/lfa.l.man'
fi
if test -f 'man/setfalog.l' -a "${1}" != "-c" ; then
echo shar: Will not clobber existing file \"'man/setfalog.l'\"
else
echo shar: Extracting \"'man/setfalog.l'\" \(2862 characters\)
sed "s/^X//" >'man/setfalog.l' <<'END_OF_FILE'
X.\" Copyright (c) 1988, Andrew Rosen.
X.\" All rights reserved.
X.\"
X.\" This software is supplied free of charge. This software, or any part
X.\" of it, may not be redistributed or otherwise made available to, or
X.\" used by, any other person without the inclusion of this copyright
X.\" notice. This software may not be used to make a profit in any way.
X.\"
X.\" This software is provided with absolutely no warranty, to the extent
X.\" permitted by applicable state law. In no event, unless required by
X.\" applicable law, will the author(s) of this this software be liable for
X.\" any damages caused by this software.
X.\"
X.\" @(#)setfalog.2 1.0 (ULowell) 12/9/88
X.\"
X.TH SETFALOG 2 "December 9, 1988"
X.UC 4
X.SH NAME
Xsetfalog \- set file access auditing bits
X.SH SYNOPSIS
X.nf
X.ft B
X#include <sys/file.h>
X.PP
X.ft B
Xsetfalog(file, info);
X.PP
X.ft B
Xchar *file;
Xlong info;
X.fi
X.ft R
X.SH DESCRIPTION
X.I Setfalog
Xset the file access auditing bits on a file.
X.PP
X.I File
Xis a pointer to a string containing the path of the file.
X.PP
X.I Info
Xis a long that contains the bits to be set.
X.PP
XThe information bits are defined as follows:
X
X.nf
X.in +5n
X.ta 1.6i 2.5i 3i
X#define L_AREAD 0x1 /* All read attempts */
X#define L_AWRITE 0x2 /* All write attempts */
X#define L_AEXEC 0x4 /* All exec attempts */
X#define L_ADELETE 0x8 /* All delete attempts */
X#define L_SREAD 0x10 /* Successful read attempts */
X#define L_SWRITE 0x20 /* Successful write attempts */
X#define L_SEXEC 0x40 /* Successful exec attempts */
X#define L_SDELETE 0x80 /* Successful delete attempts */
X#define L_FREAD 0x100 /* Failed read attempts */
X#define L_FWRITE 0x200 /* Failed write attempts */
X#define L_FEXEC 0x400 /* Failed exec attempts */
X#define L_FDELETE 0x800 /* Failed delete attempts */
X.fi
X.SH AUTHOR
XAndrew Rosen
X.SH "RETURN VALUE
XUpon successful completion a value of 0 is returned.
XOtherwise, a value of \-1 is returned and
X.I errno
Xis set to indicate the error.
X.SH "ERRORS
X.I Setfalog
Xwill fail if one or more of the following are true:
X.TP 15
X[EPERM]
XThe caller is not the super-user.
X.TP 15
X[ENOTDIR]
XA component of the path prefix is not a directory.
X.TP 15
X[EINVAL]
XThe pathname contains a character with the high-order bit set.
X.TP 15
X[EINVAL]
XInfo is less than zero.
X.TP 15
X[ENAMETOOLONG]
XA component of a pathname exceeded 255 characters,
Xor an entire path name exceeded 1023 characters.
X.TP 15
X[ENOENT]
XThe named file does not exist.
X.TP 15
X[EACCES]
XSearch permission is denied for a component of the path prefix.
X.TP 15
X[ELOOP]
XToo many symbolic links were encountered in translating the pathname.
X.TP 15
X[EIO]
XAn I/O error occurred while reading from or writing to the file system.
X
X.SH "SEE ALSO"
Xlfa(1), sfa(1), ls(1), chmod(1), getfalog(2)
END_OF_FILE
if test 2862 -ne `wc -c <'man/setfalog.l'`; then
echo shar: \"'man/setfalog.l'\" unpacked with wrong size!
fi
# end of 'man/setfalog.l'
fi
if test -f 'man/setfalog.l.man' -a "${1}" != "-c" ; then
echo shar: Will not clobber existing file \"'man/setfalog.l.man'\"
else
echo shar: Extracting \"'man/setfalog.l.man'\" \(2784 characters\)
sed "s/^X//" >'man/setfalog.l.man' <<'END_OF_FILE'
X
X
X
XSETFALOG(2) UNIX Programmer's Manual SETFALOG(2)
X
X
X
XNAME
X setfalog - set file access auditing bits
X
XSYNOPSIS
X #include <sys/file.h>
X
X setfalog(file, info);
X
X char *file;
X long info;
X
XDESCRIPTION
X _S_e_t_f_a_l_o_g set the file access auditing bits on a file.
X
X _F_i_l_e is a pointer to a string containing the path of the
X file.
X
X _I_n_f_o is a long that contains the bits to be set.
X
X The information bits are defined as follows:
X
X #define L_AREAD 0x1 /* All read attempts */
X #define L_AWRITE 0x2 /* All write attempts */
X #define L_AEXEC 0x4 /* All exec attempts */
X #define L_ADELETE 0x8 /* All delete attempts */
X #define L_SREAD 0x10 /* Successful read attempts */
X #define L_SWRITE 0x20 /* Successful write attempts */
X #define L_SEXEC 0x40 /* Successful exec attempts */
X #define L_SDELETE 0x80 /* Successful delete attempts */
X #define L_FREAD 0x100 /* Failed read attempts */
X #define L_FWRITE 0x200 /* Failed write attempts */
X #define L_FEXEC 0x400 /* Failed exec attempts */
X #define L_FDELETE 0x800 /* Failed delete attempts */
X
XAUTHOR
X Andrew Rosen
X
XRETURN VALUE
X Upon successful completion a value of 0 is returned. Other-
X wise, a value of -1 is returned and _e_r_r_n_o is set to indicate
X the error.
X
XERRORS
X _S_e_t_f_a_l_o_g will fail if one or more of the following are true:
X
X [EPERM] The caller is not the super-user.
X
X [ENOTDIR] A component of the path prefix is not a
X directory.
X
X [EINVAL] The pathname contains a character with the
X high-order bit set.
X
X
X
XPrinted 12/28/88 December 9, 1988 1
X
X
X
X
X
X
XSETFALOG(2) UNIX Programmer's Manual SETFALOG(2)
X
X
X
X [EINVAL] Info is less than zero.
X
X [ENAMETOOLONG] A component of a pathname exceeded 255 char-
X acters, or an entire path name exceeded 1023
X characters.
X
X [ENOENT] The named file does not exist.
X
X [EACCES] Search permission is denied for a component
X of the path prefix.
X
X [ELOOP] Too many symbolic links were encountered in
X translating the pathname.
X
X [EIO] An I/O error occurred while reading from or
X writing to the file system.
X
X
XSEE ALSO
X lfa(1), sfa(1), ls(1), chmod(1), getfalog(2)
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
XPrinted 12/28/88 December 9, 1988 2
X
X
X
END_OF_FILE
echo shar: 29 control characters may be missing from \"'man/setfalog.l.man'\"
if test 2784 -ne `wc -c <'man/setfalog.l.man'`; then
echo shar: \"'man/setfalog.l.man'\" unpacked with wrong size!
fi
# end of 'man/setfalog.l.man'
fi
if test -f 'man/sfa.l' -a "${1}" != "-c" ; then
echo shar: Will not clobber existing file \"'man/sfa.l'\"
else
echo shar: Extracting \"'man/sfa.l'\" \(1160 characters\)
sed "s/^X//" >'man/sfa.l' <<'END_OF_FILE'
X.\" Copyright (c) 1988, Andrew Rosen.
X.\" All rights reserved.
X.\"
X.\" This software is supplied free of charge. This software, or any part
X.\" of it, may not be redistributed or otherwise made available to, or
X.\" used by, any other person without the inclusion of this copyright
X.\" notice. This software may not be used to make a profit in any way.
X.\"
X.\" This software is provided with absolutely no warranty, to the extent
X.\" permitted by applicable state law. In no event, unless required by
X.\" applicable law, will the author(s) of this this software be liable for
X.\" any damages caused by this software.
X.\"
X.\" @(#)sfa.1 1.0 (ULowell) 12/9/88
X.\"
X.TH SFA 1 "December 9, 1988"
X.UC 4
X.SH NAME
Xsfa \- set file access auditing bits
X.SH SYNOPSIS
X.B sfa file all|success|failure read|write|exec|delete ...
X.SH DESCRIPTION
XThis command sets the file access auditing bits on the selected
Xfile.
X.PP Either all attempts, only succesful attempts or only failed
Xattempts can be logged seperately for each type of access: read,
Xwrite, execute and delete.
X.SH AUTHOR
XAndrew Rosen
X.SH "SEE ALSO"
Xlfa(1), ls(1), chmod(1), getfalog(2), setfalog(2)
END_OF_FILE
if test 1160 -ne `wc -c <'man/sfa.l'`; then
echo shar: \"'man/sfa.l'\" unpacked with wrong size!
fi
# end of 'man/sfa.l'
fi
if test -f 'man/sfa.l.man' -a "${1}" != "-c" ; then
echo shar: Will not clobber existing file \"'man/sfa.l.man'\"
else
echo shar: Extracting \"'man/sfa.l.man'\" \(582 characters\)
sed "s/^X//" >'man/sfa.l.man' <<'END_OF_FILE'
X
X
X
XSFA(1) UNIX Programmer's Manual SFA(1)
X
X
X
XNAME
X sfa - set file access auditing bits
X
XSYNOPSIS
X sfa file all|success|failure read|write|exec|delete ...
X
XDESCRIPTION
X This command sets the file access auditing bits on the
X selected file.
X
X attempts can be logged seperately for each type of access:
X read, write, execute and delete.
X
XAUTHOR
X Andrew Rosen
X
XSEE ALSO
X lfa(1), ls(1), chmod(1), getfalog(2), setfalog(2)
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
XPrinted 12/28/88 December 9, 1988 1
X
X
X
END_OF_FILE
if test 582 -ne `wc -c <'man/sfa.l.man'`; then
echo shar: \"'man/sfa.l.man'\" unpacked with wrong size!
fi
# end of 'man/sfa.l.man'
fi
if test ! -d 'src' ; then
echo shar: Creating directory \"'src'\"
mkdir 'src'
fi
if test ! -d 'src/bin' ; then
echo shar: Creating directory \"'src/bin'\"
mkdir 'src/bin'
fi
if test ! -d 'src/h' ; then
echo shar: Creating directory \"'src/h'\"
mkdir 'src/h'
fi
if test ! -d 'src/libc' ; then
echo shar: Creating directory \"'src/libc'\"
mkdir 'src/libc'
fi
if test ! -d 'src/sys' ; then
echo shar: Creating directory \"'src/sys'\"
mkdir 'src/sys'
fi
if test -f 'src/bin/Makefile' -a "${1}" != "-c" ; then
echo shar: Will not clobber existing file \"'src/bin/Makefile'\"
else
echo shar: Extracting \"'src/bin/Makefile'\" \(822 characters\)
sed "s/^X//" >'src/bin/Makefile' <<'END_OF_FILE'
X# Copyright (c) 1988, Andrew Rosen.
X# All rights reserved.
X#
X# This software is supplied free of charge. This software, or any part
X# of it, may not be redistributed or otherwise made available to, or
X# used by, any other person without the inclusion of this copyright
X# notice. This software may not be used to make a profit in any way.
X#
X# This software is provided with absolutely no warranty, to the extent
X# permitted by applicable state law. In no event, unless required by
X# applicable law, will the author(s) of this this software be liable for
X# any damages caused by this software.
X
XSRCS= lfa.c sfa.c
XCFLAGS= -OALL -s -x
X
Xall: lfa sfa install
X
Xlfa:
X cc $(CFLAGS) lfa.c -o lfa
X
Xsfa:
X cc $(CFLAGS) sfa.c -o sfa
X
Xinstall:
X cp lfa sfa /bin
X chmod 755 /bin/lfa /bin/sfa
X
Xclean:
X rm -f *.o core lfa sfa
END_OF_FILE
if test 822 -ne `wc -c <'src/bin/Makefile'`; then
echo shar: \"'src/bin/Makefile'\" unpacked with wrong size!
fi
# end of 'src/bin/Makefile'
fi
if test -f 'src/bin/README' -a "${1}" != "-c" ; then
echo shar: Will not clobber existing file \"'src/bin/README'\"
else
echo shar: Extracting \"'src/bin/README'\" \(147 characters\)
sed "s/^X//" >'src/bin/README' <<'END_OF_FILE'
XThe makefile in this directory will compile and install lfa and
Xsfa. Just type 'make'. It'll also install them in /bin, owned
Xby root, mode 755.
END_OF_FILE
if test 147 -ne `wc -c <'src/bin/README'`; then
echo shar: \"'src/bin/README'\" unpacked with wrong size!
fi
# end of 'src/bin/README'
fi
if test -f 'src/bin/lfa.c' -a "${1}" != "-c" ; then
echo shar: Will not clobber existing file \"'src/bin/lfa.c'\"
else
echo shar: Extracting \"'src/bin/lfa.c'\" \(1675 characters\)
sed "s/^X//" >'src/bin/lfa.c' <<'END_OF_FILE'
X/*
X * Copyright (c) 1988, Andrew Rosen.
X * All rights reserved.
X *
X * This software is supplied free of charge. This software, or any part
X * of it, may not be redistributed or otherwise made available to, or
X * used by, any other person without the inclusion of this copyright
X * notice. This software may not be used to make a profit in any way.
X *
X * This software is provided with absolutely no warranty, to the extent
X * permitted by applicable state law. In no event, unless required by
X * applicable law, will the author(s) of this this software be liable for
X * any damages caused by this software.
X*/
X
X
X#include <stdio.h>
X#include <sys/file.h>
X
X
Xlong log;
X
X
Xmain(argc, argv)
X
Xint argc;
Xchar **argv;
X
X{
X int i;
X
X if (argc == 1) {
X fprintf(stderr, "Usage: %s file [ file... ]\n", argv[0]);
X exit(-1);
X }
X
X for (i = 1; i < argc; i++) {
X if (getfalog(argv[i], &log) != 0) {
X perror(argv[i]);
X break;
X }
X
X printf("%s: ", argv[i]);
X
X if (log & L_AREAD)
X printf("all read ");
X if (log & L_AWRITE)
X printf("all write ");
X if (log & L_AEXEC)
X printf("all execute ");
X if (log & L_ADELETE)
X printf("all delete ");
X
X if (log & L_SREAD)
X printf("successful read ");
X if (log & L_SWRITE)
X printf("successful write ");
X if (log & L_SEXEC)
X printf("successful execute ");
X if (log & L_SDELETE)
X printf("successful delete ");
X
X if (log & L_FREAD)
X printf("failed read ");
X if (log & L_FWRITE)
X printf("failed write ");
X if (log & L_FEXEC)
X printf("failed execute ");
X if (log & L_FDELETE)
X printf("failed delete ");
X
X printf("\n");
X }
X}
END_OF_FILE
if test 1675 -ne `wc -c <'src/bin/lfa.c'`; then
echo shar: \"'src/bin/lfa.c'\" unpacked with wrong size!
fi
# end of 'src/bin/lfa.c'
fi
if test -f 'src/bin/sfa.c' -a "${1}" != "-c" ; then
echo shar: Will not clobber existing file \"'src/bin/sfa.c'\"
else
echo shar: Extracting \"'src/bin/sfa.c'\" \(2325 characters\)
sed "s/^X//" >'src/bin/sfa.c' <<'END_OF_FILE'
X/*
X * Copyright (c) 1988, Andrew Rosen.
X * All rights reserved.
X *
X * This software is supplied free of charge. This software, or any part
X * of it, may not be redistributed or otherwise made available to, or
X * used by, any other person without the inclusion of this copyright
X * notice. This software may not be used to make a profit in any way.
X *
X * This software is provided with absolutely no warranty, to the extent
X * permitted by applicable state law. In no event, unless required by
X * applicable law, will the author(s) of this this software be liable for
X * any damages caused by this software.
X*/
X
X
X#include <stdio.h>
X#include <sys/file.h>
X
X
Xint level;
X
X
Xmain(argc, argv)
X
Xint argc;
Xchar **argv;
X
X{
X long log = 0;
X int i, j;
X
X if (argc < 3) {
X fprintf(stderr, "Usage: %s file level perms [ level perms ]\n", argv[0]);
X fprintf(stderr, " %s file none\n", argv[0]);
X exit(-1);
X }
X
X for (i = 2; i < argc; i += 2) {
X level = -1;
X
X /* Get level */
X if (strcmp(argv[i], "none") == 0) {
X level = 0;
X if (argc == 3)
X goto out;
X }
X if (strcmp(argv[i], "all") == 0)
X level = 1;
X if (strcmp(argv[i], "success") == 0)
X level = 2;
X if (strcmp(argv[i], "failure") == 0)
X level = 3;
X
X if (level == -1) {
X fprintf(stderr, "Unknown level: %s\n", argv[2]);
X exit(-1);
X }
X
X /* Get permissions */
X if (strcmp(argv[i + 1], "read") == 0)
X log |= lread();
X
X if (strcmp(argv[i + 1], "write") == 0)
X log |= lwrite();
X
X if (strcmp(argv[i + 1], "exec") == 0)
X log |= lexec();
X
X if (strcmp(argv[i + 1], "delete") == 0)
X log |= ldelete();
X
Xout:
X if (setfalog(argv[1], log) != 0)
X perror(argv[1]);
X }
X}
X
X
Xlread()
X
X{
X switch (level) {
X case 0: return 0;
X case 1: return L_AREAD;
X case 2: return L_SREAD;
X case 3: return L_FREAD;
X }
X}
X
X
Xlwrite()
X
X{
X switch (level) {
X case 0: return 0;
X case 1: return L_AWRITE;
X case 2: return L_SWRITE;
X case 3: return L_FWRITE;
X }
X}
X
X
Xlexec()
X
X{
X switch (level) {
X case 0: return 0;
X case 1: return L_AEXEC;
X case 2: return L_SEXEC;
X case 3: return L_FEXEC;
X }
X}
X
X
Xldelete()
X
X{
X switch (level) {
X case 0: return 0;
X case 1: return L_ADELETE;
X case 2: return L_SDELETE;
X case 3: return L_FDELETE;
X }
X}
END_OF_FILE
if test 2325 -ne `wc -c <'src/bin/sfa.c'`; then
echo shar: \"'src/bin/sfa.c'\" unpacked with wrong size!
fi
# end of 'src/bin/sfa.c'
fi
if test -f 'src/h/syscall.h.diff' -a "${1}" != "-c" ; then
echo shar: Will not clobber existing file \"'src/h/syscall.h.diff'\"
else
echo shar: Extracting \"'src/h/syscall.h.diff'\" \(311 characters\)
sed "s/^X//" >'src/h/syscall.h.diff' <<'END_OF_FILE'
X*** /usr/include/syscall.h Mon Apr 14 14:33:06 1986
X--- syscall.h Sun Dec 11 00:27:05 1988
X***************
X*** 156,158 ****
X--- 156,162 ----
X #define SYS_setquota 148
X #define SYS_quota 149
X #define SYS_getsockname 150
X+
X+ /* Begin security syscalls */
X+ #define SYS_getfalog 151
X+ #define SYS_setfalog 152
END_OF_FILE
if test 311 -ne `wc -c <'src/h/syscall.h.diff'`; then
echo shar: \"'src/h/syscall.h.diff'\" unpacked with wrong size!
fi
# end of 'src/h/syscall.h.diff'
fi
if test ! -d 'src/h/sys' ; then
echo shar: Creating directory \"'src/h/sys'\"
mkdir 'src/h/sys'
fi
if test -f 'src/h/sys/file.h.diff' -a "${1}" != "-c" ; then
echo shar: Will not clobber existing file \"'src/h/sys/file.h.diff'\"
else
echo shar: Extracting \"'src/h/sys/file.h.diff'\" \(1028 characters\)
sed "s/^X//" >'src/h/sys/file.h.diff' <<'END_OF_FILE'
X*** /usr/include/sys/file.h Thu Jun 5 02:22:46 1986
X--- file.h Sun Dec 11 00:26:49 1988
X***************
X*** 109,114 ****
X--- 109,130 ----
X #define L_INCR 1 /* relative to current offset */
X #define L_XTND 2 /* relative to end of file */
X
X+ /*
X+ * Getflog/setflog call.
X+ */
X+ #define L_AREAD 0x1 /* All read attempts */
X+ #define L_AWRITE 0x2 /* All write attempts */
X+ #define L_AEXEC 0x4 /* All exec attempts */
X+ #define L_ADELETE 0x8 /* All delete attempts */
X+ #define L_SREAD 0x10 /* Successful read attempts */
X+ #define L_SWRITE 0x20 /* Successful write attempts */
X+ #define L_SEXEC 0x40 /* Successful exec attempts */
X+ #define L_SDELETE 0x80 /* Successful delete attempts */
X+ #define L_FREAD 0x100 /* Failed read attempts */
X+ #define L_FWRITE 0x200 /* Failed write attempts */
X+ #define L_FEXEC 0x400 /* Failed exec attempts */
X+ #define L_FDELETE 0x800 /* Failed delete attempts */
X+
X #ifdef KERNEL
X #define GETF(fp, fd) { \
X if ((unsigned)(fd) >= NOFILE || ((fp) = u.u_ofile[fd]) == NULL) { \
END_OF_FILE
if test 1028 -ne `wc -c <'src/h/sys/file.h.diff'`; then
echo shar: \"'src/h/sys/file.h.diff'\" unpacked with wrong size!
fi
# end of 'src/h/sys/file.h.diff'
fi
if test -f 'src/h/sys/inode.h.diff' -a "${1}" != "-c" ; then
echo shar: Will not clobber existing file \"'src/h/sys/inode.h.diff'\"
else
echo shar: Extracting \"'src/h/sys/inode.h.diff'\" \(1350 characters\)
sed "s/^X//" >'src/h/sys/inode.h.diff' <<'END_OF_FILE'
X*** /usr/include/sys/inode.h Thu Jun 5 02:23:53 1986
X--- inode.h Sun Dec 11 00:27:10 1988
X***************
X*** 69,74 ****
X--- 69,78 ----
X #define i_nlink i_ic.ic_nlink
X #define i_uid i_ic.ic_uid
X #define i_gid i_ic.ic_gid
X+ #define i_log i_ic.ic_spare[1] /* File access logging bits */
X+ #define SUCCESS 0 /* Successful access */
X+ #define FAILURE 1 /* Failed access */
X+
X /* ugh! -- must be fixed */
X #ifdef vax
X #define i_size i_ic.ic_size.val[0]
X***************
X*** 162,167 ****
X--- 166,185 ----
X #define IREAD 0400 /* read, write, execute permissions */
X #define IWRITE 0200
X #define IEXEC 0100
X+
X+ /* log modes */
X+ #define ILAREAD 0x1 /* All read attempts */
X+ #define ILAWRITE 0x2 /* All write attempts */
X+ #define ILAEXEC 0x4 /* All exec attempts */
X+ #define ILADELETE 0x8 /* All delete attempts */
X+ #define ILSREAD 0x10 /* Successful read attempts */
X+ #define ILSWRITE 0x20 /* Successful write attempts */
X+ #define ILSEXEC 0x40 /* Successful exec attempts */
X+ #define ILSDELETE 0x80 /* Successful delete attempts */
X+ #define ILFREAD 0x100 /* Failed read attempts */
X+ #define ILFWRITE 0x200 /* Failed write attempts */
X+ #define ILFEXEC 0x400 /* Failed exec attempts */
X+ #define ILFDELETE 0x800 /* Failed delete attempts */
X
X #define ILOCK(ip) { \
X while ((ip)->i_flag & ILOCKED) { \
END_OF_FILE
if test 1350 -ne `wc -c <'src/h/sys/inode.h.diff'`; then
echo shar: \"'src/h/sys/inode.h.diff'\" unpacked with wrong size!
fi
# end of 'src/h/sys/inode.h.diff'
fi
if test ! -d 'src/libc' ; then
echo shar: Creating directory \"'src/libc'\"
mkdir 'src/libc'
fi
if test -f 'src/libc/Makefile.diff' -a "${1}" != "-c" ; then
echo shar: Will not clobber existing file \"'src/libc/Makefile.diff'\"
else
echo shar: Extracting \"'src/libc/Makefile.diff'\" \(2650 characters\)
sed "s/^X//" >'src/libc/Makefile.diff' <<'END_OF_FILE'
X*** /usr/src/lib/libc/vax/sys/Makefile Tue Apr 19 18:00:19 1988
X--- Makefile Sun Dec 11 00:25:34 1988
X***************
X*** 15,20 ****
X--- 15,21 ----
X execl.c execle.c exect.c execv.c execve.c _exit.c \
X fchmod.c fchown.c fcntl.c flock.c fork.c fstat.c fsync.c ftruncate.c \
X getdtablesize.c getegid.c geteuid.c getgid.c \
X+ getfalog.c \
X getgroups.c gethostid.c gethostname.c getitimer.c getrlimit.c \
X getpagesize.c getpeername.c getpgrp.c getpid.c getppid.c \
X getpriority.c getrusage.c getsockname.c getsockopt.c \
X***************
X*** 29,34 ****
X--- 30,36 ----
X read.c readlink.c readv.c reboot.c recv.c recvfrom.c \
X recvmsg.c rename.c rmdir.c \
X sbrk.c select.c send.c sendmsg.c sendto.c setregid.c setgroups.c \
X+ setfalog.c \
X sethostid.c sethostname.c setitimer.c setquota.c setrlimit.c \
X setpgrp.c setpriority.c setsockopt.c settimeofday.c setreuid.c \
X shutdown.c sigblock.c sigpause.c sigreturn.c \
X***************
X*** 47,52 ****
X--- 49,55 ----
X execl.o execle.o exect.o execv.o execve.o _exit.o \
X fchmod.o fchown.o fcntl.o flock.o fork.o fstat.o fsync.o ftruncate.o \
X getdtablesize.o getegid.o geteuid.o getgid.o \
X+ getfalog.o \
X getgroups.o gethostid.o gethostname.o getitimer.o getrlimit.o \
X getpagesize.o getpeername.o getpgrp.o getpid.o getppid.o \
X getpriority.o getrusage.o getsockname.o getsockopt.o \
X***************
X*** 61,66 ****
X--- 64,70 ----
X read.o readlink.o readv.o reboot.o recv.o recvfrom.o \
X recvmsg.o rename.o rmdir.o \
X sbrk.o select.o send.o sendmsg.o sendto.o setregid.o setgroups.o \
X+ setfalog.o \
X sethostid.o sethostname.o setitimer.o setquota.o setrlimit.o \
X setpgrp.o setpriority.o setsockopt.o settimeofday.o setreuid.o \
X shutdown.o sigblock.o sigpause.o sigreturn.o \
X***************
X*** 145,150 ****
X--- 149,155 ----
X getdtablesize.o: getdtablesize.c ./SYS.h /usr/include/syscall.h
X getegid.o: getegid.c ./SYS.h /usr/include/syscall.h
X geteuid.o: geteuid.c ./SYS.h /usr/include/syscall.h
X+ getfalog.o: getfalog.c ./SYS.h /usr/include/syscall.h
X getgid.o: getgid.c ./SYS.h /usr/include/syscall.h
X getgroups.o: getgroups.c ./SYS.h /usr/include/syscall.h
X gethostid.o: gethostid.c ./SYS.h /usr/include/syscall.h
X***************
X*** 191,196 ****
X--- 196,202 ----
X send.o: send.c ./SYS.h /usr/include/syscall.h
X sendmsg.o: sendmsg.c ./SYS.h /usr/include/syscall.h
X sendto.o: sendto.c ./SYS.h /usr/include/syscall.h
X+ setfalog.o: setfalog.c ./SYS.h /usr/include/syscall.h
X setregid.o: setregid.c ./SYS.h /usr/include/syscall.h
X setgroups.o: setgroups.c ./SYS.h /usr/include/syscall.h
X sethostid.o: sethostid.c ./SYS.h /usr/include/syscall.h
END_OF_FILE
if test 2650 -ne `wc -c <'src/libc/Makefile.diff'`; then
echo shar: \"'src/libc/Makefile.diff'\" unpacked with wrong size!
fi
# end of 'src/libc/Makefile.diff'
fi
if test -f 'src/libc/getfalog.c' -a "${1}" != "-c" ; then
echo shar: Will not clobber existing file \"'src/libc/getfalog.c'\"
else
echo shar: Extracting \"'src/libc/getfalog.c'\" \(699 characters\)
sed "s/^X//" >'src/libc/getfalog.c' <<'END_OF_FILE'
X/*
X * Copyright (c) 1988, Andrew Rosen.
X * All rights reserved.
X *
X * This software is supplied free of charge. This software, or any part
X * of it, may not be redistributed or otherwise made available to, or
X * used by, any other person without the inclusion of this copyright
X * notice. This software may not be used to make a profit in any way.
X *
X * This software is provided with absolutely no warranty, to the extent
X * permitted by applicable state law. In no event, unless required by
X * applicable law, will the author(s) of this this software be liable for
X * any damages caused by this software.
X*/
X
X
X/*
X * setfalog system call
X*/
X
X#include "SYS.h"
X
XSYSCALL(getfalog)
X ret
END_OF_FILE
if test 699 -ne `wc -c <'src/libc/getfalog.c'`; then
echo shar: \"'src/libc/getfalog.c'\" unpacked with wrong size!
fi
# end of 'src/libc/getfalog.c'
fi
if test -f 'src/libc/setfalog.c' -a "${1}" != "-c" ; then
echo shar: Will not clobber existing file \"'src/libc/setfalog.c'\"
else
echo shar: Extracting \"'src/libc/setfalog.c'\" \(699 characters\)
sed "s/^X//" >'src/libc/setfalog.c' <<'END_OF_FILE'
X/*
X * Copyright (c) 1988, Andrew Rosen.
X * All rights reserved.
X *
X * This software is supplied free of charge. This software, or any part
X * of it, may not be redistributed or otherwise made available to, or
X * used by, any other person without the inclusion of this copyright
X * notice. This software may not be used to make a profit in any way.
X *
X * This software is provided with absolutely no warranty, to the extent
X * permitted by applicable state law. In no event, unless required by
X * applicable law, will the author(s) of this this software be liable for
X * any damages caused by this software.
X*/
X
X
X/*
X * setfalog system call
X*/
X
X#include "SYS.h"
X
XSYSCALL(setfalog)
X ret
END_OF_FILE
if test 699 -ne `wc -c <'src/libc/setfalog.c'`; then
echo shar: \"'src/libc/setfalog.c'\" unpacked with wrong size!
fi
# end of 'src/libc/setfalog.c'
fi
if test ! -d 'src/sys' ; then
echo shar: Creating directory \"'src/sys'\"
mkdir 'src/sys'
fi
if test -f 'src/sys/README' -a "${1}" != "-c" ; then
echo shar: Will not clobber existing file \"'src/sys/README'\"
else
echo shar: Extracting \"'src/sys/README'\" \(65 characters\)
sed "s/^X//" >'src/sys/README' <<'END_OF_FILE'
XThis directory contains sources and diffs for files in /sys/sys.
END_OF_FILE
if test 65 -ne `wc -c <'src/sys/README'`; then
echo shar: \"'src/sys/README'\" unpacked with wrong size!
fi
# end of 'src/sys/README'
fi
if test -f 'src/sys/init_sysent.c.diff' -a "${1}" != "-c" ; then
echo shar: Will not clobber existing file \"'src/sys/init_sysent.c.diff'\"
else
echo shar: Extracting \"'src/sys/init_sysent.c.diff'\" \(623 characters\)
sed "s/^X//" >'src/sys/init_sysent.c.diff' <<'END_OF_FILE'
X*** /sys/sys/init_sysent.c Thu Jun 5 03:01:14 1986
X--- init_sysent.c Sun Dec 11 00:25:03 1988
X***************
X*** 70,75 ****
X--- 70,78 ----
X
X /* 2.5 terminals */
X
X+ /* 3.0 security */
X+ int getfalog(),setfalog();
X+
X #ifdef COMPAT
X /* emulations for backwards compatibility */
X #define compat(n, name) n, o/**/name
X***************
X*** 281,285 ****
X--- 284,290 ----
X * system calls. (This includes various calls added for compatibity
X * with other Unix variants.)
X */
X+ 2, getfalog, /* 151 = getfalog */
X+ 2, setfalog, /* 152 = setfalog */
X };
X int nsysent = sizeof (sysent) / sizeof (sysent[0]);
END_OF_FILE
if test 623 -ne `wc -c <'src/sys/init_sysent.c.diff'`; then
echo shar: \"'src/sys/init_sysent.c.diff'\" unpacked with wrong size!
fi
# end of 'src/sys/init_sysent.c.diff'
fi
if test -f 'src/sys/sec_file.c' -a "${1}" != "-c" ; then
echo shar: Will not clobber existing file \"'src/sys/sec_file.c'\"
else
echo shar: Extracting \"'src/sys/sec_file.c'\" \(2358 characters\)
sed "s/^X//" >'src/sys/sec_file.c' <<'END_OF_FILE'
X/*
X * Copyright (c) 1988, Andrew Rosen.
X * All rights reserved.
X *
X * This software is supplied free of charge. This software, or any part
X * of it, may not be redistributed or otherwise made available to, or
X * used by, any other person without the inclusion of this copyright
X * notice. This software may not be used to make a profit in any way.
X *
X * This software is provided with absolutely no warranty, to the extent
X * permitted by applicable state law. In no event, unless required by
X * applicable law, will the author(s) of this this software be liable for
X * any damages caused by this software.
X*/
X
X
X#ifdef SECURITY
X/*
X * System calls and routines related to file access auditing
X*/
X
X
X#include "errno.h"
X#include "types.h"
X#include "stdio.h"
X#include "param.h"
X#include "fs.h"
X#include "dir.h"
X#include "inode.h"
X#include "namei.h"
X#include "syslog.h"
X#include "user.h"
X
X
X/*
X * Get file access logging bits
X*/
X
Xgetfalog()
X
X{
X register struct inode *ip;
X struct a {
X char *fname;
X long *lb;
X } *uap = (struct a *)u.u_ap;
X register struct nameidata *ndp = &u.u_nd;
X
X ndp->ni_nameiop = LOOKUP | FOLLOW;
X ndp->ni_segflg = UIO_USERSPACE;
X ndp->ni_dirp = uap->fname;
X ip = namei(ndp);
X if (ip == NULL)
X return;
X
X u.u_error = copyout((caddr_t)&ip->i_log, (caddr_t)uap->lb,
X sizeof (long));
X
X iput(ip);
X}
X
X
X/*
X * Set file access logging bits
X*/
X
Xsetfalog()
X
X{
X register struct inode *ip;
X struct a {
X char *fname;
X long lb;
X } *uap = (struct a *)u.u_ap;
X register struct nameidata *ndp = &u.u_nd;
X
X if (!suser())
X return;
X
X ndp->ni_nameiop = LOOKUP | FOLLOW;
X ndp->ni_segflg = UIO_USERSPACE;
X ndp->ni_dirp = uap->fname;
X ip = namei(ndp);
X if (ip == NULL)
X return;
X
X if (uap->lb < 0) {
X u.u_error = EINVAL;
X return;
X }
X
X ip->i_log = uap->lb;
X iput(ip);
X}
X
X
X/*
X * Log file access attempt
X*/
X
Xflog(ip, mode, success)
X
Xstruct inode *ip;
Xlong mode;
Xint success;
X
X{
X char *ssuccess;
X char *smode;
X
X ssuccess = (success)? "FAILED" : "SUCCESSFUL";
X switch (mode) {
X case ILAREAD: smode = "READ"; break;
X case ILAWRITE: smode = "WRITE"; break;
X case ILAEXEC: smode = "EXEC"; break;
X case ILADELETE: smode = "DELETE"; break;
X }
X
X log(LOG_INFO, "%s %s ACCESS: path = %s; fs = %s; inum = %d; image = %s; uid = %d\n",
X ssuccess, smode, u.u_nd.ni_dirp, ip->i_fs->fs_fsmnt,
X ip->i_number, u.u_comm, u.u_uid);
X}
X
X#endif SECURITY
END_OF_FILE
if test 2358 -ne `wc -c <'src/sys/sec_file.c'`; then
echo shar: \"'src/sys/sec_file.c'\" unpacked with wrong size!
fi
# end of 'src/sys/sec_file.c'
fi
if test -f 'src/sys/syscalls.c.diff' -a "${1}" != "-c" ; then
echo shar: Will not clobber existing file \"'src/sys/syscalls.c.diff'\"
else
echo shar: Extracting \"'src/sys/syscalls.c.diff'\" \(329 characters\)
sed "s/^X//" >'src/sys/syscalls.c.diff' <<'END_OF_FILE'
X*** /sys/sys/syscalls.c Thu Jun 5 03:08:43 1986
X--- syscalls.c Sun Dec 11 00:25:04 1988
X***************
X*** 169,172 ****
X--- 169,174 ----
X "setquota", /* 148 = setquota */
X "quota", /* 149 = quota */
X "getsockname", /* 150 = getsockname */
X+ "getfalog", /* 151 = getfalog */
X+ "setfalog", /* 152 = setfalog */
X };
END_OF_FILE
if test 329 -ne `wc -c <'src/sys/syscalls.c.diff'`; then
echo shar: \"'src/sys/syscalls.c.diff'\" unpacked with wrong size!
fi
# end of 'src/sys/syscalls.c.diff'
fi
if test -f 'src/sys/ufs_fio.c.diff' -a "${1}" != "-c" ; then
echo shar: Will not clobber existing file \"'src/sys/ufs_fio.c.diff'\"
else
echo shar: Extracting \"'src/sys/ufs_fio.c.diff'\" \(1584 characters\)
sed "s/^X//" >'src/sys/ufs_fio.c.diff' <<'END_OF_FILE'
X*** /sys/sys/ufs_fio.c Thu Jun 5 03:12:46 1986
X--- ufs_fio.c Sun Dec 11 00:55:55 1988
X***************
X*** 41,47 ****
X--- 41,51 ----
X {
X register m;
X register gid_t *gp;
X+ #ifdef SECURITY
X+ register log;
X
X+ log = (int)ip->i_log;
X+ #endif SECURITY
X m = mode;
X if (m == IWRITE) {
X /*
X***************
X*** 74,80 ****
X * you always get access.
X */
X if (u.u_uid == 0)
X! return (0);
X /*
X * Access check is based on only
X * one of owner, group, public.
X--- 78,88 ----
X * you always get access.
X */
X if (u.u_uid == 0)
X! #ifndef SECURITY
X! return (0);
X! #else
X! goto success;
X! #endif
X /*
X * Access check is based on only
X * one of owner, group, public.
X***************
X*** 95,101 ****
X--- 103,144 ----
X ;
X }
X if ((ip->i_mode&m) != 0)
X+ #ifdef SECURITY
X+ {
X+ success:
X+ switch (mode) {
X+ case IREAD:
X+ if (log & ILAREAD || log & ILSREAD)
X+ flog(ip, ILAREAD, SUCCESS);
X+ break;
X+ case IWRITE:
X+ if (log & ILAWRITE || log & ILSWRITE)
X+ flog(ip, ILAWRITE, SUCCESS);
X+ break;
X+ case IEXEC:
X+ if (log & ILAEXEC || log & ILSEXEC)
X+ flog(ip, ILAEXEC, SUCCESS);
X+ break;
X+ }
X+ #endif
X return (0);
X+ #ifdef SECURITY
X+ }
X+ switch (mode) {
X+ case IREAD:
X+ if (log & ILAREAD || log & ILFREAD)
X+ flog(ip, ILAREAD, FAILURE);
X+ break;
X+ case IWRITE:
X+ if (log & ILAWRITE || log & ILFWRITE)
X+ flog(ip, ILAWRITE, FAILURE);
X+ break;
X+ case IEXEC:
X+ if (log & ILAEXEC || log & ILFEXEC)
X+ flog(ip, ILAEXEC, FAILURE);
X+ break;
X+ }
X+ #endif
X u.u_error = EACCES;
X return (1);
X }
END_OF_FILE
if test 1584 -ne `wc -c <'src/sys/ufs_fio.c.diff'`; then
echo shar: \"'src/sys/ufs_fio.c.diff'\" unpacked with wrong size!
fi
# end of 'src/sys/ufs_fio.c.diff'
fi
if test -f 'src/sys/ufs_syscalls.c.diff' -a "${1}" != "-c" ; then
echo shar: Will not clobber existing file \"'src/sys/ufs_syscalls.c.diff'\"
else
echo shar: Extracting \"'src/sys/ufs_syscalls.c.diff'\" \(2034 characters\)
sed "s/^X//" >'src/sys/ufs_syscalls.c.diff' <<'END_OF_FILE'
X*** /sys/sys/ufs_syscalls.c Thu Jun 5 03:15:16 1986
X--- ufs_syscalls.c Sun Dec 11 00:59:22 1988
X***************
X*** 349,354 ****
X--- 349,357 ----
X } *uap = (struct a *)u.u_ap;
X register struct inode *ip, *dp;
X register struct nameidata *ndp = &u.u_nd;
X+ #ifdef SECURITY
X+ register log;
X+ #endif SECURITY
X
X ndp->ni_nameiop = DELETE | LOCKPARENT;
X ndp->ni_segflg = UIO_USERSPACE;
X***************
X*** 371,377 ****
X--- 374,389 ----
X if (dirremove(ndp)) {
X ip->i_nlink--;
X ip->i_flag |= ICHG;
X+ #ifdef SECURITY
X+ log = (int)ip->i_log;
X+ if (log & ILADELETE || log & ILSDELETE)
X+ flog(ip, ILADELETE, SUCCESS);
X }
X+ else {
X+ if (log & ILADELETE || log & ILFDELETE)
X+ flog(ip, ILADELETE, FAILURE);
X+ #endif SECURITY
X+ }
X out:
X if (dp == ip)
X irele(ip);
X***************
X*** 1113,1118 ****
X--- 1125,1133 ----
X ip->i_gid = pdir->i_gid;
X if (ip->i_mode & ISGID && !groupmember(ip->i_gid))
X ip->i_mode &= ~ISGID;
X+ #ifdef SECURITY
X+ ip->i_log = 0;
X+ #endif
X #ifdef QUOTA
X ip->i_dquot = inoquota(ip);
X #endif
X***************
X*** 1191,1196 ****
X--- 1206,1214 ----
X ip->i_nlink = 2;
X ip->i_uid = u.u_uid;
X ip->i_gid = dp->i_gid;
X+ #ifdef SECURITY
X+ ip->i_log = 0;
X+ #endif
X #ifdef QUOTA
X ip->i_dquot = inoquota(ip);
X #endif
X***************
X*** 1264,1269 ****
X--- 1282,1290 ----
X struct a {
X char *name;
X } *uap = (struct a *)u.u_ap;
X+ #ifdef SECURITY
X+ register log;
X+ #endif SECURITY
X register struct inode *ip, *dp;
X register struct nameidata *ndp = &u.u_nd;
X
X***************
X*** 1311,1317 ****
X--- 1332,1351 ----
X * will be reattached to lost+found,
X */
X if (dirremove(ndp) == 0)
X+ #ifdef SECURITY
X+ {
X+ log = (int)ip->i_log;
X+ if (log & ILADELETE || log & ILSDELETE)
X+ flog(ip, ILADELETE, FAILURE);
X+ #endif SECURITY
X goto out;
X+ #ifdef SECURITY
X+ } else {
X+ log = (int)ip->i_log;
X+ if (log & ILADELETE || log & ILSDELETE)
X+ flog(ip, ILADELETE, SUCCESS);
X+ }
X+ #endif SECURITY
X dp->i_nlink--;
X dp->i_flag |= ICHG;
X cacheinval(dp);
END_OF_FILE
if test 2034 -ne `wc -c <'src/sys/ufs_syscalls.c.diff'`; then
echo shar: \"'src/sys/ufs_syscalls.c.diff'\" unpacked with wrong size!
fi
# end of 'src/sys/ufs_syscalls.c.diff'
fi
echo shar: End of shell archive.
exit 0