2 * Copyright 2004-2009,2014 Red Hat Inc., Durham, North Carolina.
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 * Steve Grubb <sgrubb@redhat.com>
24 #ifndef AUDITD_CONFIG_H
25 #define AUDITD_CONFIG_H
29 #define CONFIG_FILE "/etc/audit/auditd.conf"
30 #define MEGABYTE 1048576UL
32 typedef enum { D_FOREGROUND, D_BACKGROUND } daemon_t;
33 typedef enum { LF_RAW, LF_NOLOG } logging_formats;
34 typedef enum { FT_NONE, FT_INCREMENTAL, FT_DATA, FT_SYNC } flush_technique;
35 typedef enum { FA_IGNORE, FA_SYSLOG, FA_ROTATE, FA_EMAIL, FA_EXEC, FA_SUSPEND,
36 FA_SINGLE, FA_HALT } failure_action_t;
37 typedef enum { SZ_IGNORE, SZ_SYSLOG, SZ_SUSPEND, SZ_ROTATE,
38 SZ_KEEP_LOGS } size_action;
39 typedef enum { QOS_NON_BLOCKING, QOS_BLOCKING } qos_t;
40 typedef enum { TEST_AUDITD, TEST_SEARCH } log_test_t;
41 typedef enum { N_NONE, N_HOSTNAME, N_FQD, N_NUMERIC, N_USER } node_t;
46 qos_t qos; /* use blocking/non-blocking sockets */
47 uid_t sender_uid; /* the uid for sender of sighup */
48 pid_t sender_pid; /* the pid for sender of sighup */
49 const char *sender_ctx; /* the context for the sender of sighup */
51 logging_formats log_format;
53 unsigned int priority_boost;
54 flush_technique flush;
56 unsigned int num_logs;
57 const char *dispatcher;
58 node_t node_name_format;
59 const char *node_name;
60 unsigned long max_log_size;
61 size_action max_log_size_action;
62 unsigned long space_left;
63 failure_action_t space_left_action;
64 const char *space_left_exe;
65 const char *action_mail_acct;
66 unsigned long admin_space_left;
67 failure_action_t admin_space_left_action;
68 const char *admin_space_left_exe;
69 failure_action_t disk_full_action;
70 const char *disk_full_exe;
71 failure_action_t disk_error_action;
72 const char *disk_error_exe;
73 unsigned long tcp_listen_port;
74 unsigned long tcp_listen_queue;
75 unsigned long tcp_max_per_addr;
77 unsigned long tcp_client_min_port;
78 unsigned long tcp_client_max_port;
79 unsigned long tcp_client_max_idle;
81 const char *krb5_principal;
82 const char *krb5_key_file;
85 void set_allow_links(int allow);
86 int load_config(struct daemon_conf *config, log_test_t lt);
87 void clear_config(struct daemon_conf *config);
88 const char *audit_lookup_format(int fmt);
89 int create_log_file(const char *val);
90 int resolve_node(struct daemon_conf *config);
92 void init_config_manager(void);
94 int start_config_manager(struct auditd_reply_list *rep);
96 void shutdown_config(void);
97 void free_config(struct daemon_conf *config);