[launchd-changes] [23646] branches/SULeopard/launchd/src/launchd_core_logic.c
source_changes at macosforge.org
source_changes at macosforge.org
Tue Aug 5 18:28:02 PDT 2008
Revision: 23646
http://trac.macosforge.org/projects/launchd/changeset/23646
Author: zarzycki at apple.com
Date: 2008-08-05 18:28:01 -0700 (Tue, 05 Aug 2008)
Log Message:
-----------
<rdar://problem/6120462> gSULeoGaia: Add Common Criteria (a.k.a. BSM a.k.a. audit) support to launchd
Modified Paths:
--------------
branches/SULeopard/launchd/src/launchd_core_logic.c
Modified: branches/SULeopard/launchd/src/launchd_core_logic.c
===================================================================
--- branches/SULeopard/launchd/src/launchd_core_logic.c 2008-07-28 18:12:23 UTC (rev 23645)
+++ branches/SULeopard/launchd/src/launchd_core_logic.c 2008-08-06 01:28:01 UTC (rev 23646)
@@ -420,6 +420,7 @@
static bool job_setup_machport(job_t j);
static void job_setup_fd(job_t j, int target_fd, const char *path, int flags);
static void job_postfork_become_user(job_t j);
+static void job_enable_audit_for_user(job_t j, uid_t u, char *name);
static void job_find_and_blame_pids_with_weird_uids(job_t j);
static void job_force_sampletool(job_t j);
static void job_setup_exception_port(job_t j, task_t target_task);
@@ -2925,6 +2926,28 @@
}
void
+job_enable_audit_for_user(job_t j, uid_t u, char *name)
+{
+ auditinfo_t auinfo = {
+ .ai_auid = u,
+ .ai_asid = j->p,
+ };
+ long au_cond;
+
+ if (!job_assumes(j, auditon(A_GETCOND, &au_cond, sizeof(long)) == 0)) {
+ _exit(EXIT_FAILURE);
+ }
+
+ if (au_cond != AUC_NOAUDIT) {
+ if (!job_assumes(j, au_user_mask(name, &auinfo.ai_mask) == 0)) {
+ _exit(EXIT_FAILURE);
+ } else if (!job_assumes(j, setaudit(&auinfo) == 0)) {
+ _exit(EXIT_FAILURE);
+ }
+ }
+}
+
+void
job_postfork_become_user(job_t j)
{
char loginname[2000];
@@ -3001,6 +3024,8 @@
desired_gid = gre->gr_gid;
}
+ job_enable_audit_for_user(j, desired_uid, loginname);
+
if (!job_assumes(j, setlogin(loginname) != -1)) {
_exit(EXIT_FAILURE);
}
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.macosforge.org/pipermail/launchd-changes/attachments/20080805/9287de29/attachment.html
More information about the launchd-changes
mailing list