Context Navigation

← Previous Change
Next Change →

Changeset 183 for trunk/src

Timestamp:

Oct 26, 2008, 12:59:48 PM (16 years ago)

Author:

katerina

Message:

Support for logfile monitoring (ticket #122). Also improved some configure error messages.

Location:

trunk/src

Files:

: 5 added
: 8 edited

sh_cat.c (modified) (4 diffs)
sh_getopt.c (modified) (1 diff)
sh_log_check.c (added)
sh_log_evalrule.c (added)
sh_log_parse_apache.c (added)
sh_log_parse_pacct.c (added)
sh_log_parse_syslog.c (added)
sh_modules.c (modified) (2 diffs)
sh_processcheck.c (modified) (1 diff)
sh_string.c (modified) (6 diffs)
sh_unix.c (modified) (2 diffs)
slib.c (modified) (4 diffs)
trustfile.c (modified) (2 diffs)

Legend:

: Unmodified
: Added
: Removed

trunk/src/sh_cat.c

-              r180
+              r183
 #ifdef SH_USE_KERN
   /* FreeBSD */
   { MSG_KERN_POLICY, SH_ERR_SEVERE,  EVENT, N_("msg=\"POLICY KERNEL BSD syscall table: new: %#lx old: %#lx\" syscall=\"%03d %s\"") },
   { MSG_KERN_POL_CO, SH_ERR_SEVERE,  EVENT, N_("msg=\"POLICY KERNEL BSD syscall code: new: %#x,%#x old: %#x,%#x\" syscall=\"%03d %s\"") },
+  { MSG_KERN_POLICY, SH_ERR_SEVERE,  EVENT, N_("msg=\"POLICY [Kernel] BSD syscall table: new: %#lx old: %#lx\" syscall=\"%03d %s\"") },
+  { MSG_KERN_POL_CO, SH_ERR_SEVERE,  EVENT, N_("msg=\"POLICY [Kernel] BSD syscall code: new: %#x,%#x old: %#x,%#x\" syscall=\"%03d %s\"") },
   /* Linux */
 …
   { MSG_MNT_CHECK,   SH_ERR_INFO,    RUN,   N_("msg=\"Checking mounts\"")},
   { MSG_MNT_MEMLIST, SH_ERR_ERR,     RUN,   N_("msg=\"Cannot read mount list from memory\"")},
   { MSG_MNT_MNTMISS, SH_ERR_WARN,    EVENT, N_("msg=\"Mount missing\" path=\"%s\"")},
   { MSG_MNT_OPTMISS, SH_ERR_WARN,    EVENT, N_("msg=\"Mount option missing\" path=\"%s\" option=\"%s\"")},
+  { MSG_MNT_MNTMISS, SH_ERR_WARN,    EVENT, N_("msg=\"POLICY [Mounts] Mount missing\" path=\"%s\"")},
+  { MSG_MNT_OPTMISS, SH_ERR_WARN,    EVENT, N_("msg=\"POLICY [Mounts] Mount option missing\" path=\"%s\" option=\"%s\"")},
 #endif
 #ifdef SH_USE_USERFILES
   { MSG_USERFILES_SUMMARY,SH_ERR_INFO,    RUN,   N_("msg=\"Checked for users files\"") },
+#endif
+#ifdef USE_LOGFILE_MONITOR
+  { MSG_LOGMON_CHKS, SH_ERR_INFO,    RUN,   N_("msg=\"Checking logfile %s\"") },
+  { MSG_LOGMON_CHKE, SH_ERR_INFO,    RUN,   N_("msg=\"Finished logfile %s, %lu new records processed\"") },
+  { MSG_LOGMON_MISS, SH_ERR_ERR,     RUN,   N_("msg=\"Missing logfile %s\"") },
+  { MSG_LOGMON_EOPEN,SH_ERR_ERR,     RUN,   N_("msg=\"Cannot open logfile %s\"") },
+  { MSG_LOGMON_EREAD,SH_ERR_ERR,     RUN,   N_("msg=\"Error while reading logfile %s\"") },
+  { MSG_LOGMON_REP,  SH_ERR_SEVERE,  EVENT, N_("msg=\"POLICY [Logfile] %s\" time=\"%s\" host=\"%s\" path=\"%s\"") },
+  { MSG_LOGMON_SUM,  SH_ERR_SEVERE,  EVENT, N_("msg=\"POLICY [Logfile] %s\" host=\"%s\" path=\"%s\"") },
 #endif
 …
 #ifdef SH_USE_KERN
   { MSG_KERN_POLICY, SH_ERR_SEVERE,  EVENT, N_("msg=<POLICY KERNEL BSD syscall table: new: %#lx old: %#lx>, syscall=<%03d %s>") },
   { MSG_KERN_POL_CO, SH_ERR_SEVERE,  EVENT, N_("msg=<POLICY KERNEL BSD syscall code: new: %#x,%#x old: %#x,%#x>, syscall=<%03d %s>") },
+  { MSG_KERN_POLICY, SH_ERR_SEVERE,  EVENT, N_("msg=<POLICY [Kernel] BSD syscall table: new: %#lx old: %#lx>, syscall=<%03d %s>") },
+  { MSG_KERN_POL_CO, SH_ERR_SEVERE,  EVENT, N_("msg=<POLICY [Kernel] BSD syscall code: new: %#x,%#x old: %#x,%#x>, syscall=<%03d %s>") },
   { MSG_KERN_SYSCALL,SH_ERR_SEVERE,  EVENT, N_("msg=<POLICY [Kernel] SYSCALL modified> syscall=<%03d %s>, %s") },
 …
   { MSG_MNT_CHECK,   SH_ERR_INFO,    RUN,   N_("msg=<Checking mounts>")},
   { MSG_MNT_MEMLIST, SH_ERR_ERR,     RUN,   N_("msg=<Cannot read mount list from memory>")},
   { MSG_MNT_MNTMISS, SH_ERR_WARN,    EVENT, N_("msg=<Mount missing>, path=<%s>")},
   { MSG_MNT_OPTMISS, SH_ERR_WARN,    EVENT, N_("msg=<Mount option missing>, path=<%s>, option=<%s>")},
+  { MSG_MNT_MNTMISS, SH_ERR_WARN,    EVENT, N_("msg=<POLICY [Mounts] Mount missing>, path=<%s>")},
+  { MSG_MNT_OPTMISS, SH_ERR_WARN,    EVENT, N_("msg=<POLICY [Mounts] Mount option missing>, path=<%s>, option=<%s>")},
 #endif
 #ifdef SH_USE_USERFILES
   { MSG_USERFILES_SUMMARY,SH_ERR_INFO,    RUN,   N_("msg=<Checked for users files>") },
+#endif
+#ifdef USE_LOGFILE_MONITOR
+  { MSG_LOGMON_CHKS, SH_ERR_INFO,    RUN,   N_("msg=<Checking logfile %s>") },
+  { MSG_LOGMON_CHKE, SH_ERR_INFO,    RUN,   N_("msg=<Finished logfile %s, %lu new records processed>") },
+  { MSG_LOGMON_MISS, SH_ERR_ERR,     RUN,   N_("msg=<Missing logfile %s>") },
+  { MSG_LOGMON_EOPEN,SH_ERR_ERR,     RUN,   N_("msg=<Cannot open logfile %s>") },
+  { MSG_LOGMON_EREAD,SH_ERR_ERR,     RUN,   N_("msg=<Error while reading logfile %s>") },
+  { MSG_LOGMON_REP,  SH_ERR_SEVERE,  EVENT, N_("msg=<POLICY [Logfile] %s> time=<%s> host=<%s> path=<%s>") },
+  { MSG_LOGMON_SUM,  SH_ERR_SEVERE,  EVENT, N_("msg=<POLICY [Logfile] %s> host=<%s> path=<%s>") },
 #endif

trunk/src/sh_getopt.c

-              r182
+              r183
   if (num > 0) fputc (',', stdout);
   fputs (_(" ports"), stdout); ++num;
+#endif
+#ifdef USE_LOGFILE_MONITOR
+  if (num > 0) fputc (',', stdout);
+  fputs (_(" logfile monitor"), stdout); ++num;
 #endif
   if (num == 0)

trunk/src/sh_modules.c

-              r149
+              r183
 #include "sh_processcheck.h"
 #include "sh_portcheck.h"
+#include "sh_logmon.h"
 sh_mtype modList[] = {
 …
 #endif
+#ifdef USE_LOGFILE_MONITOR
+  {
+    N_("LOGMON"),
+    -1,
+    sh_log_check_init,
+    sh_log_check_timer,
+    sh_log_check_check,
+    sh_log_check_cleanup,
+    sh_log_check_reconf,
+    N_("[LogMon]"),
+    sh_log_check_table,
+    PTHREAD_MUTEX_INITIALIZER,
+  },
+#endif
+  {
     NULL,

trunk/src/sh_processcheck.c

r170	r183
1311	1311	clean_list (&list_fake);
1312	1312	}
	1313
1313	1314	SH_MUTEX_UNLOCK(mutex_proc_check);
1314	1315

trunk/src/sh_string.c

-              r171
+              r183
     setnext:
       lengths[i] = (a-s);
+      lengths[i] = (size_t) (a-s); /* a >= s always */
       arr[i] = s;
       ++i;
 …
+                }
+            }
           lengths[i] = (a-s);
+          lengths[i] = (size_t)(a-s); /* a >= s always */
           arr[i]     = s;
           ++i;
 …
+}
 sh_string * sh_string_cat_lchar(sh_string * s, char * str, size_t len)
+sh_string * sh_string_cat_lchar(sh_string * s, const char * str, size_t len)
+{
   if (sl_ok_adds(len, s->siz) == SL_TRUE)
 …
+}
 sh_string * sh_string_set_from_char(sh_string * s, char * str)
+sh_string * sh_string_set_from_char(sh_string * s, const char * str)
+{
   size_t len = strlen(str);
 …
+}
+sh_string * sh_string_new_from_lchar(char * str, size_t len)
+sh_string * sh_string_add_from_char(sh_string * s, const char * str)
+{
+  size_t len   = strlen(str);
+  size_t avail = (s->siz - s->len);
+  if ((len+1) > avail)
+    {
+      (void) sh_string_grow(s, ((len+1) - avail) );
+    }
+  memcpy(&(s->str[s->len]), str, (len+1));
+  s->len += len;
+  return s;
+}
+sh_string * sh_string_new_from_lchar(const char * str, size_t len)
+{
   sh_string * s;
 …
+}
 sh_string * sh_string_new_from_lchar3(char * str1, size_t len1,
                                       char * str2, size_t len2,
                                       char * str3, size_t len3)
+sh_string * sh_string_new_from_lchar3(const char * str1, size_t len1,
+                                      const char * str2, size_t len2,
+                                      const char * str3, size_t len3)
+{
   sh_string * s;

trunk/src/sh_unix.c

r175	r183
1064	1064
1065	1065	#if defined(HOST_IS_CYGWIN) \|\| defined(__cygwin__) \|\| defined(__CYGWIN32__) \|\| defined(__CYGWIN__)
1066		int tf_trust_check (char * file, int mode)
	1066	int tf_trust_check (const char * file, int mode)
1067	1067	{
1068	1068	(void) file;
…	…
1071	1071	}
1072	1072	#else
1073		int tf_trust_check (char * file, int mode)
	1073	int tf_trust_check (const char * file, int mode)
1074	1074	{
1075	1075	char * tmp;

trunk/src/slib.c

r174	r183
2652	2652	static struct sl_trustfile_store * sl_trusted_files = NULL;
2653	2653
2654		~~void sl_add_trusted_file(~~char * filename, uid_t teuid)
	2654	static void sl_add_trusted_file(const char * filename, uid_t teuid)
2655	2655	{
2656	2656	struct sl_trustfile_store *new = SH_ALLOC(sizeof(struct sl_trustfile_store));
…	…
2664	2664	}
2665	2665
2666		~~char * sl_check_trusted_file(~~char * filename, uid_t teuid)
	2666	static const char * sl_check_trusted_file(const char * filename, uid_t teuid)
2667	2667	{
2668	2668	struct sl_trustfile_store *new = sl_trusted_files;
…	…
2678	2678	}
2679	2679
2680		void sl_clear_trusted_file(struct sl_trustfile_store * file)
	2680	static void sl_clear_trusted_file(struct sl_trustfile_store * file)
2681	2681	{
2682	2682	if (file)
…	…
2690	2690	}
2691	2691
2692		int sl_trustfile_euid(char * filename, uid_t teuid)
	2692	int sl_trustfile_euid(const char * filename, uid_t teuid)
2693	2693	{
2694	2694	long status;

trunk/src/trustfile.c

r171	r183
319	319
320	320	/* not static to circumvent stupid gcc 4 bug */
321		int getfname(char fname, char rbuf, int rsz)
	321	int getfname(const char fname, char rbuf, int rsz)
322	322	{
323	323	#ifndef TRUST_MAIN
…	…
678	678	}
679	679
680		int sl_trustfile(char fname, uid_t okusers, uid_t *badusers)
	680	int sl_trustfile(const char fname, uid_t okusers, uid_t *badusers)
681	681	{
682	682	char fexp[MAXFILENAME]; /* file name fully expanded */

Note: See TracChangeset for help on using the changeset viewer.

Context Navigation

Changeset 183 for trunk/src

Legend:

Download in other formats: