[23659] branches/PR-5923864/launchd/src/launchd_core_logic.c
Revision: 23659 http://trac.macosforge.org/projects/launchd/changeset/23659 Author: dsorresso@apple.com Date: 2008-08-14 14:03:13 -0700 (Thu, 14 Aug 2008) Log Message: ----------- Enabling auditing on all jobs. Modified Paths: -------------- branches/PR-5923864/launchd/src/launchd_core_logic.c Modified: branches/PR-5923864/launchd/src/launchd_core_logic.c =================================================================== --- branches/PR-5923864/launchd/src/launchd_core_logic.c 2008-08-14 19:17:25 UTC (rev 23658) +++ branches/PR-5923864/launchd/src/launchd_core_logic.c 2008-08-14 21:03:13 UTC (rev 23659) @@ -475,6 +475,7 @@ static bool job_setup_machport(job_t j); static void job_setup_fd(job_t j, int target_fd, const char *path, int flags); static void job_postfork_become_user(job_t j); +static void job_enable_audit_for_user(job_t j, uid_t u, char *name); static void job_postfork_test_user(job_t j); static void job_log_pids_with_weird_uids(job_t j); static void job_force_sampletool(job_t j); @@ -3355,6 +3356,8 @@ desired_gid = gre->gr_gid; } + job_enable_audit_for_user(j, desired_uid, loginname); + if (!job_assumes(j, setlogin(loginname) != -1)) { _exit(EXIT_FAILURE); } @@ -3391,6 +3394,28 @@ } void +job_enable_audit_for_user(job_t j, uid_t u, char *name) +{ + auditinfo_t auinfo = { + .ai_auid = u, + .ai_asid = j->p, + }; + long au_cond; + + if (!job_assumes(j, auditon(A_GETCOND, &au_cond, sizeof(long)) == 0)) { + _exit(EXIT_FAILURE); + } + + if (au_cond != AUC_NOAUDIT) { + if (!job_assumes(j, au_user_mask(name, &auinfo.ai_mask) == 0)) { + _exit(EXIT_FAILURE); + } else if (!job_assumes(j, setaudit(&auinfo) == 0)) { + _exit(EXIT_FAILURE); + } + } +} + +void job_setup_attributes(job_t j) { struct limititem *li;
participants (1)
-
source_changes@macosforge.org