[23646] branches/SULeopard/launchd/src/launchd_core

Revision: 23646
Author: zarzycki@apple.com
Date: 2008-08-05 18:28:01 -0700 (Tue, 05 Aug 2008)

Log Message

<rdar://problem/6120462> gSULeoGaia: Add Common Criteria (a.k.a. BSM a.k.a. audit) support to launchd

Modified Paths

branches/SULeopard/launchd/src/launchd_core_logic.c

Diff

Modified: branches/SULeopard/launchd/src/launchd_core_logic.c (23645 => 23646)


--- branches/SULeopard/launchd/src/launchd_core_logic.c	2008-07-28 18:12:23 UTC (rev 23645)
+++ branches/SULeopard/launchd/src/launchd_core_logic.c	2008-08-06 01:28:01 UTC (rev 23646)
@@ -420,6 +420,7 @@
 static bool job_setup_machport(job_t j);
 static void job_setup_fd(job_t j, int target_fd, const char *path, int flags);
 static void job_postfork_become_user(job_t j);
+static void job_enable_audit_for_user(job_t j, uid_t u, char *name);
 static void job_find_and_blame_pids_with_weird_uids(job_t j);
 static void job_force_sampletool(job_t j);
 static void job_setup_exception_port(job_t j, task_t target_task);
@@ -2925,6 +2926,28 @@
 }
 
 void
+job_enable_audit_for_user(job_t j, uid_t u, char *name)
+{
+	auditinfo_t auinfo = {
+		.ai_auid = u,
+		.ai_asid = j->p,
+	};
+	long au_cond;
+
+	if (!job_assumes(j, auditon(A_GETCOND, &au_cond, sizeof(long)) == 0)) {
+		_exit(EXIT_FAILURE);
+	}
+
+	if (au_cond != AUC_NOAUDIT) {
+		if (!job_assumes(j, au_user_mask(name, &auinfo.ai_mask) == 0)) {
+			_exit(EXIT_FAILURE);
+		} else if (!job_assumes(j, setaudit(&auinfo) == 0)) {
+			_exit(EXIT_FAILURE);
+		}
+	}
+}
+
+void
 job_postfork_become_user(job_t j)
 {
 	char loginname[2000];
@@ -3001,6 +3024,8 @@
 		desired_gid = gre->gr_gid;
 	}
 
+	job_enable_audit_for_user(j, desired_uid, loginname);
+
 	if (!job_assumes(j, setlogin(loginname) != -1)) {
 		_exit(EXIT_FAILURE);
 	}