source: trunk/include/sh_unix.h@ 160

Last change on this file since 160 was 156, checked in by katerina, 17 years ago

Put result vector of rng in skey struct, fix HP-UX compile error.

File size: 9.5 KB
Line 
1/* SAMHAIN file system integrity testing */
2/* Copyright (C) 1999 Rainer Wichmann */
3/* */
4/* This program is free software; you can redistribute it */
5/* and/or modify */
6/* it under the terms of the GNU General Public License as */
7/* published by */
8/* the Free Software Foundation; either version 2 of the License, or */
9/* (at your option) any later version. */
10/* */
11/* This program is distributed in the hope that it will be useful, */
12/* but WITHOUT ANY WARRANTY; without even the implied warranty of */
13/* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the */
14/* GNU General Public License for more details. */
15/* */
16/* You should have received a copy of the GNU General Public License */
17/* along with this program; if not, write to the Free Software */
18/* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */
19
20
21
22#ifndef SH_UNIX_H
23#define SH_UNIX_H
24
25/* For PATH_MAX */
26#include <limits.h>
27#if !defined(PATH_MAX)
28#define PATH_MAX 1024
29#endif
30
31#include <unistd.h>
32#include "samhain.h"
33#include "sh_error.h"
34
35
36typedef enum {
37 SH_ISLOG,
38 SH_ISFILE,
39 SH_ISDIR,
40 SH_ISDATA
41} ShOpenType;
42
43typedef enum {
44 SH_DATA_RAW,
45 SH_DATA_LINE
46} ShDataType;
47
48typedef enum {
49 SH_FILE_REGULAR,
50 SH_FILE_SYMLINK,
51 SH_FILE_DIRECTORY,
52 SH_FILE_CDEV,
53 SH_FILE_BDEV,
54 SH_FILE_FIFO,
55 SH_FILE_SOCKET,
56 SH_FILE_DOOR,
57 SH_FILE_PORT,
58 SH_FILE_UNKNOWN
59} ShFileType;
60
61/* -- Attributes to check. --
62 */
63
64/* checksum */
65#define MODI_CHK (1 << 0)
66/* link */
67#define MODI_LNK (1 << 1)
68/* inode */
69#define MODI_INO (1 << 2)
70/* user */
71#define MODI_USR (1 << 3)
72/* group */
73#define MODI_GRP (1 << 4)
74/* mtime */
75#define MODI_MTM (1 << 5)
76/* ctime */
77#define MODI_CTM (1 << 6)
78/* atime */
79#define MODI_ATM (1 << 7)
80/* size */
81#define MODI_SIZ (1 << 8)
82/* file mode */
83#define MODI_MOD (1 << 9)
84/* hardlinks */
85#define MODI_HLN (1 << 10)
86/* device type */
87#define MODI_RDEV (1 << 11)
88/* size may grow */
89#define MODI_SGROW (1 << 12)
90/* use prelink */
91#define MODI_PREL (1 << 13)
92
93#define MASK_ALLIGNORE_ 0
94extern unsigned long mask_ALLIGNORE;
95#define MASK_ATTRIBUTES_ (MODI_MOD|MODI_USR|MODI_GRP|MODI_RDEV)
96extern unsigned long mask_ATTRIBUTES;
97#define MASK_LOGFILES_ (MASK_ATTRIBUTES_|MODI_HLN|MODI_LNK|MODI_INO)
98extern unsigned long mask_LOGFILES;
99#define MASK_LOGGROW_ (MASK_LOGFILES_|MODI_SIZ|MODI_SGROW|MODI_CHK)
100extern unsigned long mask_LOGGROW;
101#define MASK_READONLY_ (MASK_LOGFILES_|MODI_CHK|MODI_SIZ|MODI_MTM|MODI_CTM)
102extern unsigned long mask_READONLY;
103#define MASK_NOIGNORE_ (MASK_LOGFILES_|MODI_CHK|MODI_SIZ|MODI_ATM|MODI_MTM)
104extern unsigned long mask_NOIGNORE;
105#define MASK_USER_ (MASK_READONLY_|MODI_ATM)
106extern unsigned long mask_USER0;
107extern unsigned long mask_USER1;
108extern unsigned long mask_USER2;
109extern unsigned long mask_USER3;
110extern unsigned long mask_USER4;
111/* like READONLY, but without MTM,CTM,SIZ,INO, abd with PREL)
112 */
113#define MASK_PRELINK_ (MASK_ATTRIBUTES_|MODI_HLN|MODI_LNK|MODI_CHK|MODI_PREL)
114extern unsigned long mask_PRELINK;
115
116typedef struct file_struct {
117 unsigned long check_mask;
118 int file_reported;
119 char fullpath[PATH_MAX];
120 ShFileType type;
121 dev_t dev;
122 ino_t ino;
123 mode_t mode;
124 nlink_t hardlinks;
125#if defined(__linux__) || defined(HAVE_STAT_FLAGS)
126 unsigned long attributes;
127 char c_attributes[ATTRBUF_SIZE];
128#endif
129 char c_mode[CMODE_SIZE];
130 uid_t owner;
131 char c_owner[USER_MAX+2];
132 gid_t group;
133 char c_group[GROUP_MAX+2];
134 dev_t rdev;
135 off_t size;
136 unsigned long blksize;
137 unsigned long blocks;
138 time_t atime;
139 time_t mtime;
140 time_t ctime;
141
142 char linkpath[PATH_MAX];
143 mode_t linkmode;
144 char link_c_mode[11];
145 int linkisok;
146 char * attr_string;
147} file_type;
148
149extern int sh_unix_check_selinux;
150extern int sh_unix_check_acl;
151
152/* mlock utilities
153 */
154int sh_unix_mlock(char * file, int line, void * addr, size_t len);
155int sh_unix_munlock(void * addr, size_t len);
156int sh_unix_count_mlock();
157/* public for unit tests */
158int sh_unix_pagesize();
159unsigned long sh_unix_lookup_page(void * in_addr, size_t len, int * num_pages);
160
161/* chroot directory
162 */
163int sh_unix_set_chroot(const char * str);
164
165/* whether to use localtime for file timesatams in logs
166 */
167int sh_unix_uselocaltime (const char * c);
168
169/* whether to perform selinux/acl checks
170 */
171#ifdef USE_XATTR
172int sh_unix_setcheckselinux (const char * c);
173#endif
174#ifdef USE_ACL
175int sh_unix_setcheckacl (const char * c);
176#endif
177
178/* set I/O limit
179 */
180int sh_unix_set_io_limit (const char * c);
181void sh_unix_io_pause ();
182
183/* get file type
184 */
185int sh_unix_get_ftype(char * fullpath);
186
187/* reset masks for policies
188 */
189int sh_unix_maskreset();
190
191/* return true if database is remote
192 */
193int file_is_remote ();
194
195/* return the path to the configuration/database file
196 */
197char * file_path(char what, char flag);
198
199/* return current time as unsigned long
200 */
201unsigned long sh_unix_longtime (void);
202
203/* close all files >= fd, except possibly one
204 */
205void sh_unix_closeall (int fd, int except);
206
207
208/* write lock for filename
209 */
210int sh_unix_write_lock_file(char * filename);
211
212/* rm lock(s) for log file(s)
213 */
214int sh_unix_rm_lock_file(char * filename);
215
216/* write the PID file
217 */
218int sh_unix_write_pid_file();
219
220/* rm the PID file
221 */
222int sh_unix_rm_pid_file();
223
224
225/* checksum of own binary
226 */
227int sh_unix_self_hash (const char * c);
228
229/* return BAD on failure
230 */
231int sh_unix_self_check (void);
232
233/* add a trusted user to the list
234 */
235int tf_add_trusted_user(const char *);
236
237/* check a file
238 */
239int tf_trust_check (char * file, int mode);
240
241/* initialize group vector
242 */
243#ifdef HOST_IS_OSF
244int sh_unix_initgroups ( char * in_user, gid_t in_gid);
245#else
246int sh_unix_initgroups (const char * in_user, gid_t in_gid);
247#endif
248int sh_unix_initgroups2 (uid_t in_pid, gid_t in_gid);
249
250/* set the timeserver address
251 */
252int sh_unix_settimeserver (const char * address);
253void reset_count_dev_time(void);
254
255/* lock the key
256 */
257void sh_unix_memlock(void);
258
259/* deamon mode
260 */
261int sh_unix_setdeamon (const char * dummy);
262int sh_unix_setnodeamon(const char * dummy);
263
264/* Test whether file exists
265 */
266int sh_unix_file_exists(char * path);
267
268/* test whether file exists with proper attributes
269 */
270int sh_unix_device_readable(int fd);
271
272/* local host
273 */
274void sh_unix_localhost(void);
275
276/* check whether /proc exists and is a proc filesystem
277 */
278int sh_unix_test_proc(void);
279
280/* check whether a directory is secure
281 * (no symlink in path, not world-writeable)
282 */
283/* int sh_unix_is_secure_dir (ShErrLevel level, char * tmp); */
284
285/* obtain file info
286 */
287int sh_unix_getinfo (int level, char * filename, file_type * theFile,
288 char * fileHash, int flagrel);
289
290/* read file, return length read
291 */
292int sh_unix_getline (SL_TICKET fd, char * line, int sizeofline);
293
294/* call with goDaemon == 1 to make daemon process
295 */
296int sh_unix_init(int goDaemon);
297
298/* for local time use thetime = 0, returns pointer to buffer
299 */
300char * sh_unix_time (time_t thetime, char * buffer, size_t len);
301
302/* convert to GMT time, returns pointer to buffer
303 */
304char * sh_unix_gmttime (time_t thetime, char * buffer, size_t len);
305
306/* effective user info
307 */
308int sh_unix_getUser (void);
309
310/* get home directory, , returns pointer to out
311 */
312char * sh_unix_getUIDdir (int level, uid_t uid, char * out, size_t len);
313
314
315#ifdef HAVE_GETTIMEOFDAY
316unsigned long sh_unix_notime (void);
317#endif
318
319/* check whether a directory
320 */
321int sh_unix_isdir (char * dirName, int level);
322
323#ifdef SH_STEALTH
324int sh_unix_getline_stealth (SL_TICKET fd, char * str, int len);
325void sh_unix_xor_code (char * str, int len);
326#endif
327
328#if defined(SCREW_IT_UP)
329/* for raise()
330 */
331#include <signal.h>
332#include <errno.h>
333
334void sh_sigtrap_handler (int signum);
335extern volatile int sh_not_traced;
336
337#ifdef HAVE_GETTIMEOFDAY
338#if TIME_WITH_SYS_TIME
339#include <sys/time.h>
340#include <time.h>
341#else
342#if HAVE_SYS_TIME_H
343#include <sys/time.h>
344#else
345#include <time.h>
346#endif
347#endif
348extern struct timeval save_tv;
349#endif
350
351static inline
352int sh_sigtrap_prepare()
353{
354 struct sigaction act_trap;
355 int val_retry;
356 act_trap.sa_handler = &sh_sigtrap_handler; /* signal action */
357 act_trap.sa_flags = 0; /* init sa_flags */
358 sigemptyset ( &act_trap.sa_mask ); /* set an empty mask */
359 do {
360 val_retry = sigaction(SIGTRAP, &act_trap, NULL);
361 } while (val_retry < 0 && errno == EINTR);
362 return 0;
363}
364
365/*@unused@*/ static inline
366int sh_derr(void)
367{
368 sh_not_traced = 0;
369
370#ifdef HAVE_GETTIMEOFDAY
371 gettimeofday(&save_tv, NULL);
372#endif
373
374#if defined(__linux__) && defined(__GNUC__) && defined(__i386__)
375 __asm__ __volatile__ (".byte 0xf1");
376#else
377 raise(SIGTRAP);
378#endif
379
380 if (sh_not_traced == 0)
381 _exit(5);
382 sh_not_traced = 0;
383 return (0);
384}
385
386#else
387
388/*@unused@*/ static inline
389int sh_derr(void)
390{
391 return 0;
392}
393/* #if defined(SCREW_IT_UP) */
394#endif
395
396#endif
397
398
Note: See TracBrowser for help on using the repository browser.