From: Iker Pedrosa Date: Fri, 24 Jan 2025 13:09:02 +0000 (+0100) Subject: lib/: audit function for groups X-Git-Tag: 4.17.4~9 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=9987db9b52d911d815016f9839c3fed85d3b4292;p=thirdparty%2Fshadow.git lib/: audit function for groups Link: https://github.com/linux-audit/audit-documentation/wiki/SPEC-User-Account-Lifecycle-Events Signed-off-by: Iker Pedrosa Reviewed-by: Alejandro Colomar --- diff --git a/lib/audit_help.c b/lib/audit_help.c index 54109f04f..8b2402552 100644 --- a/lib/audit_help.c +++ b/lib/audit_help.c @@ -25,6 +25,8 @@ #include "attr.h" #include "prototypes.h" #include "shadowlog.h" +#include "string/sprintf/snprintf.h" + int audit_fd; void audit_help_open (void) @@ -46,10 +48,14 @@ void audit_help_open (void) /* * This function will log a message to the audit system using a predefined - * message format. Parameter usage is as follows: + * message format. For additional information on the user account lifecycle + * events check + * + * + * Parameter usage is as follows: * - * type - type of message: AUDIT_USER_CHAUTHTOK for changing any account - * attributes. + * type - type of message. A list of possible values is available in + * "audit-records.h" file. * pgname - program's name * op - operation. "adding user", "changing finger info", "deleting group" * name - user's account or group name. If not available use NULL. @@ -68,6 +74,47 @@ void audit_logger (int type, MAYBE_UNUSED const char *pgname, const char *op, } } +/* + * This function will log a message to the audit system using a predefined + * message format. For additional information on the group account lifecycle + * events check + * + * + * Parameter usage is as follows: + * + * type - type of message. A list of possible values is available in + * "audit-records.h" file. + * op - operation. "adding-user", "modify-group", "deleting-user-from-group" + * name - user's account or group name. If not available use NULL. + * id - uid or gid that the operation is being performed on. This is used + * only when user is NULL. + * grp_type - type of group: "grp" or "new_group" + * grp - group name associated with event + */ +void +audit_logger_with_group(int type, const char *op, const char *name, + id_t id, const char *grp_type, const char *grp, + shadow_audit_result result) +{ + int len; + char enc_group[GROUP_NAME_MAX_LENGTH * 2 + 1]; + char buf[NITEMS(enc_group) + 100]; + + if (audit_fd < 0) + return; + + len = strnlen(grp, sizeof(enc_group)/2); + if (audit_value_needs_encoding(grp, len)) { + SNPRINTF(buf, "%s %s=%s", op, grp_type, + audit_encode_value(enc_group, grp, len)); + } else { + SNPRINTF(buf, "%s %s=\"%s\"", op, grp_type, grp); + } + + audit_log_acct_message(audit_fd, type, NULL, buf, name, id, + NULL, NULL, NULL, result); +} + void audit_logger_message (const char *message, shadow_audit_result result) { if (audit_fd < 0) { diff --git a/lib/prototypes.h b/lib/prototypes.h index 79bd0fdd6..003fef049 100644 --- a/lib/prototypes.h +++ b/lib/prototypes.h @@ -189,6 +189,9 @@ extern void audit_logger (int type, const char *pgname, const char *op, const char *name, unsigned int id, shadow_audit_result result); void audit_logger_message (const char *message, shadow_audit_result result); +void audit_logger_with_group(int type, const char *op, const char *name, + id_t id, const char *grp_type, const char *grp, + shadow_audit_result result); #endif /* limits.c */