2 * Copyright 2007,2014 Red Hat Inc., Durham, North Carolina.
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2.1 of the License, or (at your option) any later version.
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
15 * You should have received a copy of the GNU Lesser General Public
16 * License along with this library; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 * Steve Grubb <sgrubb@redhat.com>
36 /* Local prototypes */
46 int (*parser)(const char *, int, struct daemon_conf *);
55 static char *get_line(FILE *f, char *buf, unsigned size, int *lineno,
57 static int nv_split(char *buf, struct _pair *nv);
58 static const struct kw_pair *kw_lookup(const char *val);
59 static int log_file_parser(const char *val, int line,
60 struct daemon_conf *config);
61 static int num_logs_parser(const char *val, int line,
62 struct daemon_conf *config);
63 static int log_format_parser(const char *val, int line,
64 struct daemon_conf *config);
66 static const struct kw_pair keywords[] =
68 {"log_file", log_file_parser },
69 {"log_format", log_format_parser },
70 {"num_logs", num_logs_parser },
74 static const struct nv_list log_formats[] =
83 * Set everything to its default value
85 void clear_config(struct daemon_conf *config)
87 config->qos = QOS_NON_BLOCKING;
88 config->sender_uid = 0;
89 config->sender_pid = 0;
90 config->sender_ctx = NULL;
91 config->log_file = strdup("/var/log/audit/audit.log");
92 config->log_format = LF_RAW;
93 config->log_group = 0;
94 config->priority_boost = 3;
95 config->flush = FT_NONE;
97 config->num_logs = 0L;
98 config->dispatcher = NULL;
99 config->node_name_format = N_NONE;
100 config->node_name = NULL;
101 config->max_log_size = 0L;
102 config->max_log_size_action = SZ_IGNORE;
103 config->space_left = 0L;
104 config->space_left_action = FA_IGNORE;
105 config->space_left_exe = NULL;
106 config->action_mail_acct = strdup("root");
107 config->admin_space_left= 0L;
108 config->admin_space_left_action = FA_IGNORE;
109 config->admin_space_left_exe = NULL;
110 config->disk_full_action = FA_IGNORE;
111 config->disk_full_exe = NULL;
112 config->disk_error_action = FA_SYSLOG;
113 config->disk_error_exe = NULL;
116 int load_config(struct daemon_conf *config, log_test_t lt)
118 int fd, rc, lineno = 1;
123 clear_config(config);
127 rc = open(CONFIG_FILE, O_RDONLY|O_NOFOLLOW);
129 if (errno != ENOENT) {
130 audit_msg(LOG_ERR, "Error opening config file (%s)",
134 audit_msg(LOG_WARNING,
135 "Config file %s doesn't exist, skipping", CONFIG_FILE);
140 /* check the file's permissions: owned by root, not world writable,
143 if (fstat(fd, &st) < 0) {
144 audit_msg(LOG_ERR, "Error fstat'ing config file (%s)",
149 if (st.st_uid != 0) {
150 audit_msg(LOG_ERR, "Error - %s isn't owned by root",
155 if (!S_ISREG(st.st_mode)) {
156 audit_msg(LOG_ERR, "Error - %s is not a regular file",
162 /* it's ok, read line by line */
163 f = fdopen(fd, "rm");
165 audit_msg(LOG_ERR, "Error - fdopen failed (%s)",
171 while (get_line(f, buf, sizeof(buf), &lineno, CONFIG_FILE)) {
172 // convert line into name-value pair
173 const struct kw_pair *kw;
175 rc = nv_split(buf, &nv);
179 case 1: // not the right number of tokens.
181 "Wrong number of arguments for line %d in %s",
182 lineno, CONFIG_FILE);
184 case 2: // no '=' sign
186 "Missing equal sign for line %d in %s",
187 lineno, CONFIG_FILE);
189 default: // something else went wrong...
191 "Unknown error for line %d in %s",
192 lineno, CONFIG_FILE);
195 if (nv.name == NULL) {
199 if (nv.value == NULL) {
202 "Not processing any more lines in %s",
207 /* identify keyword or error */
208 kw = kw_lookup(nv.name);
210 /* dispatch to keyword's local parser */
211 rc = kw->parser(nv.value, lineno, config);
214 return 1; // local parser puts message out
225 static char *get_line(FILE *f, char *buf, unsigned size, int *lineno,
230 while (fgets_unlocked(buf, size, f)) {
232 char *ptr = strchr(buf, 0x0a);
238 // Reset and start with the next line
240 *lineno = *lineno + 1;
242 // If a line is too long skip it.
243 // Only output 1 warning
246 "Skipping line %d in %s: too long",
254 static int nv_split(char *buf, struct _pair *nv)
256 /* Get the name part */
261 ptr = audit_strsplit(buf);
263 return 0; /* If there's nothing, go to next line */
265 return 0; /* If there's a comment, go to next line */
268 /* Check for a '=' */
269 ptr = audit_strsplit(NULL);
272 if (strcmp(ptr, "=") != 0)
276 ptr = audit_strsplit(NULL);
281 /* Make sure there's nothing else */
282 ptr = audit_strsplit(NULL);
284 /* Allow one option, but check that there's not 2 */
285 ptr = audit_strsplit(NULL);
290 /* Everything is OK */
294 static const struct kw_pair *kw_lookup(const char *val)
297 while (keywords[i].name != NULL) {
298 if (strcasecmp(keywords[i].name, val) == 0)
305 static int log_file_parser(const char *val, int line,struct daemon_conf *config)
307 char *dir = NULL, *tdir, *base;
312 /* split name into dir and basename. */
316 if (dir == NULL || strlen(dir) < 4) { // '/var' is shortest dirname
318 "The directory name: %s is too short - line %d",
324 base = basename((char *)val);
325 if (base == 0 || strlen(base) == 0) {
326 audit_msg(LOG_ERR, "The file name: %s is too short - line %d",
332 /* verify the directory path exists */
335 audit_msg(LOG_ERR, "Could not open dir %s (%s)", dir,
343 /* if the file exists, see that its regular, owned by root,
344 * and not world anything */
347 fd = open(val, mode);
349 audit_msg(LOG_ERR, "Unable to open %s (%s)", val,
353 if (fstat(fd, &buf) < 0) {
354 audit_msg(LOG_ERR, "Unable to stat %s (%s)",
355 val, strerror(errno));
360 if (!S_ISREG(buf.st_mode)) {
361 audit_msg(LOG_ERR, "%s is not a regular file", val);
364 if (buf.st_uid != 0) {
365 audit_msg(LOG_ERR, "%s is not owned by root", val);
368 if ( (buf.st_mode & (S_IXUSR|S_IWGRP|S_IXGRP|S_IRWXO)) ) {
369 audit_msg(LOG_ERR, "%s permissions should be 0600 or 0640",
373 if ( !(buf.st_mode & S_IWUSR) ) {
374 audit_msg(LOG_ERR, "audit log is not writable by owner");
378 free((void *)config->log_file);
379 config->log_file = strdup(val);
380 if (config->log_file == NULL)
385 static int num_logs_parser(const char *val, int line,
386 struct daemon_conf *config)
388 const char *ptr = val;
391 /* check that all chars are numbers */
392 for (i=0; ptr[i]; i++) {
393 if (!isdigit(ptr[i])) {
395 "Value %s should only be numbers - line %d",
401 /* convert to unsigned long */
403 i = strtoul(val, NULL, 10);
406 "Error converting string to a number (%s) - line %d",
407 strerror(errno), line);
411 audit_msg(LOG_ERR, "num_logs must be 99 or less");
414 config->num_logs = i;
418 static int log_format_parser(const char *val, int line,
419 struct daemon_conf *config)
423 for (i=0; log_formats[i].name != NULL; i++) {
424 if (strcasecmp(val, log_formats[i].name) == 0) {
425 config->log_format = log_formats[i].option;
429 audit_msg(LOG_ERR, "Option %s not found - line %d", val, line);
433 void free_config(struct daemon_conf *config)
435 free((void*)config->sender_ctx);
436 free((void*)config->log_file);
437 free((void*)config->dispatcher);
438 free((void *)config->node_name);
439 free((void *)config->action_mail_acct);
440 free((void *)config->space_left_exe);
441 free((void *)config->admin_space_left_exe);
442 free((void *)config->disk_full_exe);
443 free((void *)config->disk_error_exe);