discretionary-access-control.cpp
mandatory-access-control.cpp
system-call.cpp
+ user.cpp
audit-trail/dac.cpp
audit-trail/mac.cpp
+ audit-trail/user.cpp
audit-trail/syscall.cpp
audit-trail/audit-trail.cpp
)
SET(CAPI_INCLUDE_FILES audit-trail/common.h
audit-trail/dac.h
audit-trail/mac.h
+ audit-trail/user.h
audit-trail/syscall.h
audit-trail/audit-trail.h
)
/*
- * Copyright (c) 2075 Samsung Electronics Co., Ltd All Rights Reserved
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+#include <cstring>
+
+#include "debug.h"
+#include "user.h"
+
+#include "client.h"
+#include "rmi/user.h"
+
+using namespace AuditTrail;
+
+int audit_trail_foreach_user(audit_trail_h handle, audit_trail_user_cb callback, void *user_data)
+{
+ RET_ON_FAILURE(handle, AUDIT_TRAIL_ERROR_INVALID_PARAMETER);
+ RET_ON_FAILURE(callback, AUDIT_TRAIL_ERROR_INVALID_PARAMETER);
+
+ AuditTrailContext &client = GetAuditTrailContext(handle);
+ User user = client.createInterface<User>();
+
+ int end = user.size();
+ for (int i = 0; i < end; i++) {
+ auto log(user.get(i));
+ if (log.log.type == 0)
+ callback(&log, user_data);
+ }
+
+ return AUDIT_TRAIL_ERROR_NONE;
+}
+
+int audit_trail_clear_user(audit_trail_h handle)
+{
+ RET_ON_FAILURE(handle, AUDIT_TRAIL_ERROR_INVALID_PARAMETER);
+
+ AuditTrailContext &client = GetAuditTrailContext(handle);
+ User user = client.createInterface<User>();
+ user.clear();
+
+ return AUDIT_TRAIL_ERROR_NONE;
+}
+
+int audit_trail_add_user_cb(audit_trail_h handle, audit_trail_user_cb callback, void* user_data, int *id)
+{
+ RET_ON_FAILURE(handle, AUDIT_TRAIL_ERROR_INVALID_PARAMETER);
+ RET_ON_FAILURE(callback, AUDIT_TRAIL_ERROR_INVALID_PARAMETER);
+ RET_ON_FAILURE(id, AUDIT_TRAIL_ERROR_INVALID_PARAMETER);
+
+ AuditTrailContext &client = GetAuditTrailContext(handle);
+ int ret = client.subscribeNotification("User",
+ [callback, user_data, &client] (std::string name, int position)
+ {
+ auto user = client.createInterface<User>();
+ auto log(user.get(position));
+ callback(&log, user_data);
+ });
+ if (ret < 0)
+ return AUDIT_TRAIL_ERROR_INVALID_PARAMETER;
+
+ *id = ret;
+ return AUDIT_TRAIL_ERROR_NONE;
+}
+
+int audit_trail_remove_user_cb(audit_trail_h handle, int callback_id)
+{
+ RET_ON_FAILURE(handle, AUDIT_TRAIL_ERROR_INVALID_PARAMETER);
+ RET_ON_FAILURE(callback_id >= 0, AUDIT_TRAIL_ERROR_INVALID_PARAMETER);
+
+ AuditTrailContext &client = GetAuditTrailContext(handle);
+ int ret = client.unsubscribeNotification(callback_id);
+ if (ret)
+ return AUDIT_TRAIL_ERROR_INVALID_PARAMETER;
+
+ return AUDIT_TRAIL_ERROR_NONE;
+}
+
+int audit_trail_enable_user(audit_trail_h handle, bool en)
+{
+ RET_ON_FAILURE(handle, AUDIT_TRAIL_ERROR_INVALID_PARAMETER);
+
+ AuditTrailContext &client = GetAuditTrailContext(handle);
+ auto user = client.createInterface<User>();
+
+ int ret = user.enable(en);
+ if (ret)
+ return AUDIT_TRAIL_ERROR_INVALID_PARAMETER;
+
+ return AUDIT_TRAIL_ERROR_NONE;
+}
+
+int audit_trail_is_enabled_user(audit_trail_h handle, bool *en)
+{
+ RET_ON_FAILURE(handle, AUDIT_TRAIL_ERROR_INVALID_PARAMETER);
+ RET_ON_FAILURE(en, AUDIT_TRAIL_ERROR_INVALID_PARAMETER);
+
+ AuditTrailContext &client = GetAuditTrailContext(handle);
+ auto user = client.createInterface<User>();
+ *en = user.isEnabled();
+
+ return AUDIT_TRAIL_ERROR_NONE;
+}
+
+int audit_trail_get_user_time(audit_trail_user_h handle, time_t *time, unsigned short *ms)
+{
+ RET_ON_FAILURE(handle, AUDIT_TRAIL_ERROR_INVALID_PARAMETER);
+ RET_ON_FAILURE(time, AUDIT_TRAIL_ERROR_INVALID_PARAMETER);
+ RET_ON_FAILURE(ms, AUDIT_TRAIL_ERROR_INVALID_PARAMETER);
+
+ const auto *pAudit = (User::AuditTrail*)handle;
+ *time = pAudit->time.time;
+ *ms = pAudit->time.millisec;
+
+ return AUDIT_TRAIL_ERROR_NONE;
+}
+
+int audit_trail_get_user_log_type(audit_trail_user_h handle, int *type)
+{
+ RET_ON_FAILURE(handle, AUDIT_TRAIL_ERROR_INVALID_PARAMETER);
+ RET_ON_FAILURE(type, AUDIT_TRAIL_ERROR_INVALID_PARAMETER);
+
+ const auto *pAudit = (User::AuditTrail*)handle;
+ *type = pAudit->log.type;
+
+ return AUDIT_TRAIL_ERROR_NONE;
+}
+
+int audit_trail_get_user_log_text(audit_trail_user_h handle, const char **text)
+{
+ RET_ON_FAILURE(handle, AUDIT_TRAIL_ERROR_INVALID_PARAMETER);
+ RET_ON_FAILURE(text, AUDIT_TRAIL_ERROR_INVALID_PARAMETER);
+
+ const auto *pAudit = (User::AuditTrail*)handle;
+ *text = pAudit->log.text.c_str();
+
+ return AUDIT_TRAIL_ERROR_NONE;
+}
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+#ifndef __CAPI_AUDIT_TRAIL_USER_H__
+#define __CAPI_AUDIT_TRAIL_USER_H__
+
+#include <time.h>
+#include <unistd.h>
+
+#include <audit-trail/audit-trail.h>
+
+/**
+ * @file user.h
+ * @brief This file provides APIs to get user space logs
+ */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * @addtogroup User-space
+ * @{
+ */
+
+/**
+ * @brief The audit-trail user space log handle
+ * @details The audit-trail user space log handle is an abstraction of the user space log
+ * data. This can be used to get information of each log.
+ * This must be used in audit_trail_user_cb() and not be freed,
+ * because this will be freed internally.
+ * internally.
+ * @since_tizen 5.0
+ * @see audit_trail_user_cb()
+ */
+typedef void* audit_trail_user_h;
+
+/**
+ * @brief Called to get all user space logs in an array
+ * @since_tizen 5.0
+ * @param[in] handle The handle of each user space logs
+ * @param[in] user_data The user data passed from the function
+ * @see audit_trail_add_user_cb
+ * @see audit_trail_remove_user_cb
+ * @see audit_trail_foreach_user
+ */
+typedef void (*audit_trail_user_cb)(audit_trail_user_h handle, void* user_data);
+
+/**
+ * @brief Retrieves all user space logs that occured in system.
+ * @details This API calls audit_trail_user_cb() once for each system
+ * call logs collected by audit-trail when user auditing
+ * is enabled.
+ * @since_tizen 5.0
+ * @param[in] handle The audit-trail handle
+ * @param[in] callback The iteration callback function
+ * @param[in] user_data The user data passed to the callback function
+ * @return #AUDIT_TRAIL_ERROR_NONE on success, otherwise a negative value
+ * @retval #AUDIT_TRAIL_ERROR_NONE Successful
+ * @retval #AUDIT_TRAIL_ERROR_TIMED_OUT Time out
+ * @retval #AUDIT_TRAIL_ERROR_INVALID_PARAMETER Invalid parameter
+ * @pre The handle must be created by audit_trail_create().
+ * @see audit_trail_create()
+ * @see audit_trail_destroy()
+ * @see audit_trail_enable_user()
+ */
+AUDIT_TRAIL_API int audit_trail_foreach_user(audit_trail_h handle, audit_trail_user_cb callback, void *user_data);
+
+/**
+ * @brief Clears all user space logs saved in audit-trail.
+ * @details This API removes all user space logs
+ * collected by audit-trail.
+ * @since_tizen 5.0
+ * @param[in] handle The audit-trail handle
+ * @return #AUDIT_TRAIL_ERROR_NONE on success, otherwise a negative value
+ * @retval #AUDIT_TRAIL_ERROR_NONE Successful
+ * @retval #AUDIT_TRAIL_ERROR_TIMED_OUT Time out
+ * @retval #AUDIT_TRAIL_ERROR_INVALID_PARAMETER Invalid parameter
+ * @pre The handle must be created by audit_trail_create().
+ * @see audit_trail_create()
+ * @see audit_trail_destroy()
+ * @see audit_trail_foreach_user()
+ */
+AUDIT_TRAIL_API int audit_trail_clear_user(audit_trail_h handle);
+
+/**
+ * @brief Adds a user space log callback.
+ * @details This API can be used to receive user space logs of system.
+ * The callback specified to this function is automatically called
+ * when a new log occurs.
+ * @since_tizen 5.0
+ * @param[in] context The audit_trail handle
+ * @param[in] callback The callback to get user space logs
+ * @param[in] user_data The user data passed to the callback function
+ * @param[out] id Callback identifier
+ * @return #AUDIT_TRAIL_ERROR_NONE on success, otherwise a negative value
+ * @retval #AUDIT_TRAIL_ERROR_NONE Successful
+ * @retval #AUDIT_TRAIL_ERROR_INVALID_PARAMETER Invalid parameter
+ * @retval #AUDIT_TRAIL_ERROR_TIMED_OUT Time out
+ * @pre The handle must be created by audit_trail_create().
+ * @pre System call auditing must be enabled by
+ * audit_trail_enable_user().
+ * @see audit_trail_create()
+ * @see audit_trail_destroy()
+ * @see audit_trail_enable_user()
+ * @see audit_trail_remove_user_cb()
+ */
+AUDIT_TRAIL_API int audit_trail_add_user_cb(audit_trail_h handle,
+ audit_trail_user_cb callback, void* user_data,
+ int* id);
+
+/**
+ * @brief Removes the user space log callback.
+ * @details This API can be used to remove the user space logs callback.
+ * @since_tizen 5.0
+ * @param[in] context The audit trail handle
+ * @param[in] id Callback identifier
+ * @return #AUDIT_TRAIL_ERROR_NONE on success, otherwise a negative value
+ * @retval #AUDIT_TRAIL_ERROR_NONE Successful
+ * @retval #AUDIT_TRAIL_ERROR_INVALID_PARAMETER Invalid parameter
+ * @retval #AUDIT_TRAIL_ERROR_TIMED_OUT Time out
+ * @pre The context must be created by audit_trail_create().
+ * @see audit_trail_create()
+ * @see audit_trail_destroy()
+ * @see audit_trail_add_user_cb()
+ */
+AUDIT_TRAIL_API int audit_trail_remove_user_cb(audit_trail_h handle, int id);
+
+/**
+ * @brief Enables user auditing.
+ * @details This API can be used to enable to collect the user space logs.
+ * Any user space log will not be collected until auditing is
+ * enabled
+ * @since_tizen 5.0
+ * @param[in] handle The audit-trail handle
+ * @param[in] en True enables user auditing, Otherwise disables
+ * @return #AUDIT_TRAIL_ERROR_NONE on success, otherwise a negative value
+ * @retval #AUDIT_TRAIL_ERROR_NONE Successful
+ * @retval #AUDIT_TRAIL_ERROR_TIMED_OUT Time out
+ * @retval #AUDIT_TRAIL_ERROR_INVALID_PARAMETER Invalid parameter
+ * @pre The handle must be created by audit_trail_create().
+ * @see audit_trail_create()
+ * @see audit_trail_destroy()
+ * @see audit_trail_foreach_user()
+ * @see audit_trail_add_user_cb()
+ */
+AUDIT_TRAIL_API int audit_trail_enable_user(audit_trail_h handle, bool en);
+
+/**
+ * @brief Retrieves if user auditing is enabled.
+ * @details This API can be used to know if user auditing is
+ * enabled now.
+ * @since_tizen 5.0
+ * @param[in] handle The audit-trail handle
+ * @param[out] en If true, user auditing was enabled, Otherwise disabled
+ * @return #AUDIT_TRAIL_ERROR_NONE on success, otherwise a negative value
+ * @retval #AUDIT_TRAIL_ERROR_NONE Successful
+ * @retval #AUDIT_TRAIL_ERROR_TIMED_OUT Time out
+ * @retval #AUDIT_TRAIL_ERROR_INVALID_PARAMETER Invalid parameter
+ * @pre The handle must be created by audit_trail_create().
+ * @see audit_trail_create()
+ * @see audit_trail_destroy()
+ */
+AUDIT_TRAIL_API int audit_trail_is_enabled_user(audit_trail_h handle, bool *en);
+
+/**
+ * @brief Get the time of the user space log
+ * @details This API can be used to get when the user space log occured.
+ * @since_tizen 5.0
+ * @param[in] handle The audit-trail user space log handle
+ * @param[out] time The time as UNIX epoch timestamp
+ * @param[out] ms milliseconds of the time
+ * @return #AUDIT_TRAIL_ERROR_NONE on success, otherwise a negative value
+ * @retval #AUDIT_TRAIL_ERROR_NONE Successful
+ * @retval #AUDIT_TRAIL_ERROR_TIMED_OUT Time out
+ * @retval #AUDIT_TRAIL_ERROR_INVALID_PARAMETER Invalid parameter
+ */
+AUDIT_TRAIL_API int audit_trail_get_user_time(audit_trail_user_h handle, time_t *time, unsigned short *ms);
+
+/**
+ * @brief Get the type number of the user space log
+ * @details This API can be used to get the exit codes returned by each
+ * user logs.
+ * @since_tizen 5.0
+ * @param[in] handle The audit-trail user space log handle
+ * @param[out] type The type number
+ * @return #AUDIT_TRAIL_ERROR_NONE on success, otherwise a negative value
+ * @retval #AUDIT_TRAIL_ERROR_NONE Successful
+ * @retval #AUDIT_TRAIL_ERROR_TIMED_OUT Time out
+ * @retval #AUDIT_TRAIL_ERROR_INVALID_PARAMETER Invalid parameter
+ */
+AUDIT_TRAIL_API int audit_trail_get_user_log_type(audit_trail_user_h handle, int *type);
+
+/**
+ * @brief Get the text of the user space log
+ * @details This API can be used to get the text data in each user space
+ * logs, which was not parsed.
+ * @since_tizen 5.0
+ * @param[in] handle The audit-trail user space log handle
+ * @param[out] text The text data of log
+ * @return #AUDIT_TRAIL_ERROR_NONE on success, otherwise a negative value
+ * @retval #AUDIT_TRAIL_ERROR_NONE Successful
+ * @retval #AUDIT_TRAIL_ERROR_TIMED_OUT Time out
+ * @retval #AUDIT_TRAIL_ERROR_INVALID_PARAMETER Invalid parameter
+ * @post The subject name must not be freed.
+ */
+AUDIT_TRAIL_API int audit_trail_get_user_log_text(audit_trail_user_h handle, const char **text);
+
+/**
+ * @}
+ */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __CAPI_AUDIT_TRAIL_USER_H__ */
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+#include "rmi/user.h"
+
+namespace AuditTrail {
+
+User::User(AuditTrailControlContext& ctx) :
+ context(ctx)
+{
+}
+
+User::~User()
+{
+}
+
+User::AuditTrail User::get(unsigned int pos)
+{
+ try {
+ return context->methodCall<AuditTrail>("User::get", pos);
+ } catch (runtime::Exception& e) {}
+ return AuditTrail();
+}
+
+unsigned int User::size()
+{
+ try {
+ return context->methodCall<unsigned int>("User::size");
+ } catch (runtime::Exception& e) {}
+ return 0;
+}
+
+int User::clear()
+{
+ try {
+ return context->methodCall<int>("User::clear");
+ } catch (runtime::Exception& e) {}
+ return -1;
+}
+
+int User::enable(bool en)
+{
+ try {
+ return context->methodCall<int>("User::enable", en);
+ } catch (runtime::Exception& e) {}
+ return -1;
+}
+
+bool User::isEnabled()
+{
+ try {
+ return context->methodCall<bool>("User::isEnabled");
+ } catch (runtime::Exception& e) {}
+ return false;
+}
+
+} // namespace AuditTrail
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+#ifndef __AUDIT_TRAIL_USER_H__
+#define __AUDIT_TRAIL_USER_H__
+
+#include "context.h"
+
+namespace AuditTrail {
+
+/**
+ * This class provides APIs to receive the logs
+ */
+
+class User final {
+public:
+ struct AuditTrail {
+ struct {
+ time_t time;
+ unsigned short millisec;
+ REFLECTABLE(time, millisec);
+ } time;
+ struct {
+ int type;
+ std::string text;
+ REFLECTABLE(type, text);
+ } log;
+ REFLECTABLE(time, log);
+ };
+
+ User(AuditTrailControlContext& ctxt);
+ ~User();
+
+ AuditTrail get(unsigned int pos);
+ unsigned int size();
+
+ int clear();
+
+ int enable(bool en);
+ bool isEnabled();
+
+private:
+ AuditTrailControlContext& context;
+};
+
+} // namespace AuditTrail
+#endif // __AUDIT_TRAIL_USER_H__
#
SET(SERVER_SRCS main.cpp
server.cpp
+ user.cpp
system-call.cpp
mandatory-access-control.cpp
discretionary-access-control.cpp
#include "rmi/discretionary-access-control.h"
#include "rmi/mandatory-access-control.h"
#include "rmi/system-call.h"
+#include "rmi/user.h"
#include "server.h"
std::unique_ptr<AuditTrail::DiscretionaryAccessControl> dac;
std::unique_ptr<AuditTrail::MandatoryAccessControl> mac;
std::unique_ptr<AuditTrail::SystemCall> systemCall;
+std::unique_ptr<AuditTrail::User> user;
} // namespace
dac.reset(new AuditTrail::DiscretionaryAccessControl(*this));
mac.reset(new AuditTrail::MandatoryAccessControl(*this));
systemCall.reset(new AuditTrail::SystemCall(*this));
+ user.reset(new AuditTrail::User(*this));
}
Server::~Server()
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+#include <fstream>
+
+#include <unistd.h>
+
+#include "rmi/user.h"
+
+#define PRIVILEGE_PLATFORM "http://tizen.org/privilege/internal/default/platform"
+
+namespace AuditTrail {
+
+namespace {
+
+std::vector<User::AuditTrail> logs;
+bool enabled;
+
+User::AuditTrail convertLog(int type, const std::string &log)
+{
+ User::AuditTrail ret;
+ std::stringstream tok(log);
+ std::string word, msg;
+
+ getline(tok, word, ' ');
+ word = word.substr(sizeof("audit(") - 1);
+ size_t dot = word.find_first_of('.');
+ ret.time.time = std::stoll(word.substr(0, dot));
+ ret.time.millisec = std::stoi(word.substr(dot + 1, 3));
+
+ while (getline(tok, word, ' ')) {
+ size_t equal = word.find_first_of('=');
+ std::string item = word.substr(0, equal);
+ std::string value = word.substr(equal + 1);
+
+ if (item == "msg")
+ msg = value.substr(1, value.size() - 2);
+ }
+
+ // TODO : If the format given by user access control is specified,
+ // Following code will be replaced by parsing a message.
+ ret.log.type = type;
+ ret.log.text = msg;
+
+ return ret;
+}
+
+} // namespace
+
+
+User::User(AuditTrailControlContext &ctx) :
+ context(ctx)
+{
+ context.expose(this, "", (AuditTrail)(User::get)(unsigned int));
+ context.expose(this, "", (unsigned int)(User::size)());
+ context.expose(this, PRIVILEGE_PLATFORM, (int)(User::clear)());
+ context.expose(this, PRIVILEGE_PLATFORM, (int)(User::enable)(bool));
+ context.expose(this, "", (bool)(User::isEnabled)());
+
+ context.createNotification("User");
+
+ enabled = false;
+
+ context.setAuditHandler([&ctx] (int type, std::vector<char> &buf) {
+ if (!enabled)
+ return;
+
+ if ((type >= AUDIT_FIRST_USER_MSG && type <= AUDIT_LAST_USER_MSG) ||
+ (type >= AUDIT_FIRST_USER_MSG2 && type <= AUDIT_LAST_USER_MSG2)) {
+ std::string log(buf.begin(), buf.end());
+ logs.push_back(convertLog(type, log));
+ ctx.notify("User", logs.size() - 1);
+ }
+ });
+}
+
+User::~User()
+{
+}
+
+User::AuditTrail User::get(unsigned int pos)
+{
+ if (pos >= logs.size()) {
+ AuditTrail empty;
+ empty.log.type = 0;
+ return empty;
+ }
+
+ return logs[pos];
+}
+
+unsigned int User::size()
+{
+ return logs.size();
+}
+
+int User::clear()
+{
+ logs.clear();
+ return 0;
+}
+
+bool User::isEnabled()
+{
+ return enabled;
+}
+
+int User::enable(bool en)
+{
+ enabled = en;
+ return 0;
+}
+
+} // namespace AuditTrail
#
-# Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
+# Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
#include <audit-trail/dac.h>
#include <audit-trail/mac.h>
+#include <audit-trail/user.h>
#include <audit-trail/syscall.h>
#include <audit-trail/audit-trail.h>
enum {
LOG_TYPE_DAC,
LOG_TYPE_MAC,
+ LOG_TYPE_USER,
LOG_TYPE_SYSCALL,
};
std::cout << "Usage: " << name << " [Option]" << std::endl
<< std::endl
<< "Options :" << std::endl
- << " -s, --show=[dac|mac|syscall] show the audit logs" << std::endl
- << " -c, --clear=[dac|mac|syscall] clear the audit logs" << std::endl
- << " -d, --disable=[dac|mac|syscall] disable to collect logs" << std::endl
- << " -e, --enable=[dac|mac|syscall] enable to collect logs" << std::endl
- << " -m, --monitor monitor for all audit logs" << std::endl
- << " -h, --help show this" << std::endl
+ << " -s, --show=[dac|mac|syscall|user] show the audit logs" << std::endl
+ << " -c, --clear=[dac|mac|syscall|user] clear the audit logs" << std::endl
+ << " -d, --disable=[dac|mac|syscall|user] disable to collect logs" << std::endl
+ << " -e, --enable=[dac|mac|syscall|user] enable to collect logs" << std::endl
+ << " -m, --monitor monitor for all audit logs" << std::endl
+ << " -h, --help show this" << std::endl
<< std::endl;
return -1;
return str.str();
}
+std::string printUserLog(audit_trail_dac_h log)
+{
+ std::stringstream str;
+ const char *text;
+ int type;
+
+ time_t time;
+ unsigned short millisec;
+ audit_trail_get_user_time(log, &time, &millisec);
+ struct tm *local = localtime(&time);
+
+ str << "time={"
+ << local->tm_hour << ":" << local->tm_min << ":" << local->tm_sec
+ << "." << millisec;
+
+ str << "},log={";
+ audit_trail_get_user_log_type(log, &type);
+ str << "type=" << type;
+ audit_trail_get_user_log_text(log, &text);
+ str << ",text=" << text;
+
+ str << "}";
+
+ return str.str();
+}
+
std::string printSyscallLog(audit_trail_syscall_h log)
{
std::stringstream str;
case LOG_TYPE_MAC:
std::cout << printDACLog(log);
break;
+ case LOG_TYPE_USER:
+ std::cout << printUserLog(log);
+ break;
case LOG_TYPE_SYSCALL:
std::cout << printSyscallLog(log);
break;
} else if (word == "mac") {
std::cout << "MAC logs" << std::endl;
audit_trail_foreach_mac(auditTrail, foreachLog, (void*)LOG_TYPE_MAC);
+ } else if (word == "user") {
+ std::cout << "User logs" << std::endl;
+ audit_trail_foreach_user(auditTrail, foreachLog, (void*)LOG_TYPE_USER);
} else if (word == "syscall") {
std::cout << "System call logs" << std::endl;
audit_trail_foreach_syscall(auditTrail, foreachLog, (void*)LOG_TYPE_SYSCALL);
audit_trail_clear_dac(auditTrail);
} else if (word == "mac") {
audit_trail_clear_mac(auditTrail);
+ } else if (word == "user") {
+ audit_trail_clear_user(auditTrail);
} else if (word == "syscall") {
audit_trail_clear_syscall(auditTrail);
}
audit_trail_enable_dac(auditTrail, en);
} else if (word == "mac") {
audit_trail_enable_mac(auditTrail, en);
+ } else if (word == "user") {
+ audit_trail_enable_user(auditTrail, en);
} else if (word == "syscall") {
audit_trail_enable_syscall(auditTrail, en);
}
if (en) {
std::cout << "dac ";
}
-
- en = false;
audit_trail_is_enabled_mac(auditTrail, &en);
if (en) {
std::cout << "mac ";
}
-
- en = false;
+ audit_trail_is_enabled_user(auditTrail, &en);
+ if (en) {
+ std::cout << "user ";
+ }
audit_trail_is_enabled_syscall(auditTrail, &en);
if (en) {
std::cout << "syscall ";
}
+
std::cout << std::endl;
audit_trail_destroy(auditTrail);
std::cout << printMACLog(log);
std::cout << "}";
break;
+ case LOG_TYPE_USER:
+ std::cout << "[User] ";
+ std::cout << "{";
+ std::cout << printUserLog(log);
+ std::cout << "}";
+ break;
case LOG_TYPE_SYSCALL:
std::cout << "[SystemCall] ";
std::cout << "{";
int monitorLog()
{
- int macCbId, dacCbId, syscallCbId;
+ int macCbId, dacCbId, syscallCbId, userCbId;
audit_trail_h auditTrail;
audit_trail_create(&auditTrail);
audit_trail_add_dac_cb(auditTrail, logCallback, (void*)LOG_TYPE_DAC, &dacCbId);
audit_trail_add_mac_cb(auditTrail, logCallback, (void*)LOG_TYPE_MAC, &macCbId);
+ audit_trail_add_user_cb(auditTrail, logCallback, (void*)LOG_TYPE_USER, &userCbId);
audit_trail_add_syscall_cb(auditTrail, logCallback, (void*)LOG_TYPE_SYSCALL, &syscallCbId);
std::cout << "=== Monitoring start ===" << std::endl << std::endl;
audit_trail_remove_dac_cb(auditTrail, dacCbId);
audit_trail_remove_mac_cb(auditTrail, macCbId);
+ audit_trail_remove_user_cb(auditTrail, userCbId);
audit_trail_remove_syscall_cb(auditTrail, syscallCbId);
std::cout << std::endl << "=== Monitoring end ===" << std::endl;
projects / platform / core / security / audit-trail.git / commitdiff