From a97f4fc0adda2f59659a9e3510d73de9214b2d7e Mon Sep 17 00:00:00 2001 From: Alejandro Colomar Date: Fri, 21 Feb 2025 06:37:24 +0100 Subject: [PATCH] lib/, src/: Remove unused parameter $2 of audit_logger() Signed-off-by: Alejandro Colomar --- lib/audit_help.c | 3 +-- lib/cleanup_group.c | 16 ++++++++-------- lib/cleanup_user.c | 8 ++++---- lib/prototypes.h | 2 +- src/chage.c | 16 ++++++++-------- src/groupadd.c | 6 +++--- src/groupdel.c | 6 +++--- src/groupmod.c | 10 +++++----- src/lastlog.c | 4 ++-- src/newgrp.c | 20 ++++++++++---------- src/useradd.c | 30 +++++++++++++++--------------- src/userdel.c | 26 +++++++++++++------------- src/usermod.c | 39 +++++++++++++++++++-------------------- 13 files changed, 92 insertions(+), 94 deletions(-) diff --git a/lib/audit_help.c b/lib/audit_help.c index 109ad9712..68835091e 100644 --- a/lib/audit_help.c +++ b/lib/audit_help.c @@ -56,13 +56,12 @@ void audit_help_open (void) * * type - type of message. A list of possible values is available in * "audit-records.h" file. - * pgname - program's name * op - operation. "adding user", "changing finger info", "deleting group" * name - user's account or group name. If not available use NULL. * id - uid or gid that the operation is being performed on. This is used * only when user is NULL. */ -void audit_logger (int type, MAYBE_UNUSED const char *pgname, const char *op, +void audit_logger (int type, const char *op, const char *name, unsigned int id, shadow_audit_result result) { diff --git a/lib/cleanup_group.c b/lib/cleanup_group.c index 781141374..248fe0c24 100644 --- a/lib/cleanup_group.c +++ b/lib/cleanup_group.c @@ -27,7 +27,7 @@ void cleanup_report_add_group (void *group_name) SYSLOG ((LOG_ERR, "failed to add group %s", name)); #ifdef WITH_AUDIT - audit_logger (AUDIT_ADD_GROUP, log_get_progname(), + audit_logger (AUDIT_ADD_GROUP, "", name, AUDIT_NO_ID, SHADOW_AUDIT_FAILURE); @@ -45,7 +45,7 @@ void cleanup_report_del_group (void *group_name) SYSLOG ((LOG_ERR, "failed to remove group %s", name)); #ifdef WITH_AUDIT - audit_logger (AUDIT_DEL_GROUP, log_get_progname(), + audit_logger (AUDIT_DEL_GROUP, "", name, AUDIT_NO_ID, SHADOW_AUDIT_FAILURE); @@ -62,7 +62,7 @@ void cleanup_report_mod_group (void *cleanup_info) gr_dbname (), info->action)); #ifdef WITH_AUDIT - audit_logger (AUDIT_GRP_MGMT, log_get_progname(), + audit_logger (AUDIT_GRP_MGMT, info->audit_msg, info->name, AUDIT_NO_ID, SHADOW_AUDIT_FAILURE); @@ -80,7 +80,7 @@ void cleanup_report_mod_gshadow (void *cleanup_info) sgr_dbname (), info->action)); #ifdef WITH_AUDIT - audit_logger (AUDIT_GRP_MGMT, log_get_progname(), + audit_logger (AUDIT_GRP_MGMT, info->audit_msg, info->name, AUDIT_NO_ID, SHADOW_AUDIT_FAILURE); @@ -100,7 +100,7 @@ void cleanup_report_add_group_group (void *group_name) SYSLOG ((LOG_ERR, "failed to add group %s to %s", name, gr_dbname ())); #ifdef WITH_AUDIT - audit_logger (AUDIT_ADD_GROUP, log_get_progname(), + audit_logger (AUDIT_ADD_GROUP, "adding-group", name, AUDIT_NO_ID, SHADOW_AUDIT_FAILURE); @@ -120,7 +120,7 @@ void cleanup_report_add_group_gshadow (void *group_name) SYSLOG ((LOG_ERR, "failed to add group %s to %s", name, sgr_dbname ())); #ifdef WITH_AUDIT - audit_logger (AUDIT_GRP_MGMT, log_get_progname(), + audit_logger (AUDIT_GRP_MGMT, "adding-shadow-group", name, AUDIT_NO_ID, SHADOW_AUDIT_FAILURE); @@ -143,7 +143,7 @@ void cleanup_report_del_group_group (void *group_name) "failed to remove group %s from %s", name, gr_dbname ())); #ifdef WITH_AUDIT - audit_logger (AUDIT_DEL_GROUP, log_get_progname(), + audit_logger (AUDIT_DEL_GROUP, "removing-group", name, AUDIT_NO_ID, SHADOW_AUDIT_FAILURE); @@ -166,7 +166,7 @@ void cleanup_report_del_group_gshadow (void *group_name) "failed to remove group %s from %s", name, sgr_dbname ())); #ifdef WITH_AUDIT - audit_logger (AUDIT_GRP_MGMT, log_get_progname(), + audit_logger (AUDIT_GRP_MGMT, "removing-shadow-group", name, AUDIT_NO_ID, SHADOW_AUDIT_FAILURE); diff --git a/lib/cleanup_user.c b/lib/cleanup_user.c index 38eb8279a..00554d89c 100644 --- a/lib/cleanup_user.c +++ b/lib/cleanup_user.c @@ -27,7 +27,7 @@ void cleanup_report_add_user (void *user_name) SYSLOG ((LOG_ERR, "failed to add user %s", name)); #ifdef WITH_AUDIT - audit_logger (AUDIT_ADD_USER, log_get_progname(), + audit_logger (AUDIT_ADD_USER, "", name, AUDIT_NO_ID, SHADOW_AUDIT_FAILURE); @@ -44,7 +44,7 @@ void cleanup_report_mod_passwd (void *cleanup_info) pw_dbname (), info->action)); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_MGMT, log_get_progname(), + audit_logger (AUDIT_USER_MGMT, info->audit_msg, info->name, AUDIT_NO_ID, SHADOW_AUDIT_FAILURE); @@ -64,7 +64,7 @@ void cleanup_report_add_user_passwd (void *user_name) SYSLOG ((LOG_ERR, "failed to add user %s to %s", name, pw_dbname ())); #ifdef WITH_AUDIT - audit_logger (AUDIT_ADD_USER, log_get_progname(), + audit_logger (AUDIT_ADD_USER, "adding-user", name, AUDIT_NO_ID, SHADOW_AUDIT_FAILURE); @@ -84,7 +84,7 @@ void cleanup_report_add_user_shadow (void *user_name) SYSLOG ((LOG_ERR, "failed to add user %s to %s", name, spw_dbname ())); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_MGMT, log_get_progname(), + audit_logger (AUDIT_USER_MGMT, "adding-shadow-user", name, AUDIT_NO_ID, SHADOW_AUDIT_FAILURE); diff --git a/lib/prototypes.h b/lib/prototypes.h index cae518082..760225767 100644 --- a/lib/prototypes.h +++ b/lib/prototypes.h @@ -183,7 +183,7 @@ extern void audit_help_open (void); typedef enum { SHADOW_AUDIT_FAILURE = 0, SHADOW_AUDIT_SUCCESS = 1} shadow_audit_result; -extern void audit_logger (int type, const char *pgname, const char *op, +extern void audit_logger (int type, const char *op, const char *name, unsigned int id, shadow_audit_result result); void audit_logger_message (const char *message, shadow_audit_result result); diff --git a/src/chage.c b/src/chage.c index 1cc0c6824..2563a498d 100644 --- a/src/chage.c +++ b/src/chage.c @@ -116,7 +116,7 @@ fail_exit (int code, bool process_selinux) #ifdef WITH_AUDIT if (E_SUCCESS != code) { - audit_logger (AUDIT_USER_MGMT, Prog, + audit_logger (AUDIT_USER_MGMT, "change-age", user_name, user_uid, SHADOW_AUDIT_FAILURE); } #endif @@ -832,7 +832,7 @@ int main (int argc, char **argv) } #ifdef WITH_AUDIT else { - audit_logger (AUDIT_USER_MGMT, Prog, + audit_logger (AUDIT_USER_MGMT, "change-all-aging-information", user_name, user_uid, SHADOW_AUDIT_SUCCESS); } @@ -840,30 +840,30 @@ int main (int argc, char **argv) } else { #ifdef WITH_AUDIT if (Mflg) { - audit_logger (AUDIT_USER_MGMT, Prog, + audit_logger (AUDIT_USER_MGMT, "change-max-age", user_name, user_uid, SHADOW_AUDIT_SUCCESS); } if (mflg) { - audit_logger (AUDIT_USER_MGMT, Prog, + audit_logger (AUDIT_USER_MGMT, "change-min-age", user_name, user_uid, 1); } if (dflg) { - audit_logger (AUDIT_USER_MGMT, Prog, + audit_logger (AUDIT_USER_MGMT, "change-last-change-date", user_name, user_uid, 1); } if (Wflg) { - audit_logger (AUDIT_USER_MGMT, Prog, + audit_logger (AUDIT_USER_MGMT, "change-passwd-warning", user_name, user_uid, 1); } if (Iflg) { - audit_logger (AUDIT_USER_MGMT, Prog, + audit_logger (AUDIT_USER_MGMT, "change-inactive-days", user_name, user_uid, 1); } if (Eflg) { - audit_logger (AUDIT_USER_MGMT, Prog, + audit_logger (AUDIT_USER_MGMT, "change-passwd-expiration", user_name, user_uid, 1); } diff --git a/src/groupadd.c b/src/groupadd.c index af8109dff..c7421e59f 100644 --- a/src/groupadd.c +++ b/src/groupadd.c @@ -133,7 +133,7 @@ usage (int status) static void fail_exit(int status) { #ifdef WITH_AUDIT - audit_logger(AUDIT_ADD_GROUP, Prog, "add-group", group_name, + audit_logger(AUDIT_ADD_GROUP, "add-group", group_name, AUDIT_NO_ID, SHADOW_AUDIT_FAILURE); #endif exit (status); @@ -295,7 +295,7 @@ static void close_files (struct option_flags *flags) fail_exit (E_GRP_UPDATE); } #ifdef WITH_AUDIT - audit_logger (AUDIT_ADD_GROUP, Prog, + audit_logger (AUDIT_ADD_GROUP, "add-group", group_name, group_id, SHADOW_AUDIT_SUCCESS); #endif @@ -316,7 +316,7 @@ static void close_files (struct option_flags *flags) fail_exit (E_GRP_UPDATE); } #ifdef WITH_AUDIT - audit_logger (AUDIT_GRP_MGMT, Prog, + audit_logger (AUDIT_GRP_MGMT, "add-shadow-group", group_name, group_id, SHADOW_AUDIT_SUCCESS); #endif diff --git a/src/groupdel.c b/src/groupdel.c index f030eccc4..572539140 100644 --- a/src/groupdel.c +++ b/src/groupdel.c @@ -96,7 +96,7 @@ usage (int status) static void fail_exit(int status) { #ifdef WITH_AUDIT - audit_logger(AUDIT_GRP_MGMT, Prog, "delete-group", group_name, + audit_logger(AUDIT_GRP_MGMT, "delete-group", group_name, AUDIT_NO_ID, SHADOW_AUDIT_FAILURE); #endif exit (status); @@ -167,7 +167,7 @@ static void close_files (struct option_flags *flags) } #ifdef WITH_AUDIT - audit_logger (AUDIT_DEL_GROUP, Prog, + audit_logger (AUDIT_DEL_GROUP, "delete-group", group_name, group_id, SHADOW_AUDIT_SUCCESS); #endif @@ -191,7 +191,7 @@ static void close_files (struct option_flags *flags) } #ifdef WITH_AUDIT - audit_logger (AUDIT_GRP_MGMT, Prog, + audit_logger (AUDIT_GRP_MGMT, "delete-shadow-group", group_name, group_id, SHADOW_AUDIT_SUCCESS); #endif diff --git a/src/groupmod.c b/src/groupmod.c index 0fb21ccf5..a508c197f 100644 --- a/src/groupmod.c +++ b/src/groupmod.c @@ -500,7 +500,7 @@ static void close_files (struct option_flags *flags) exit (E_GRP_UPDATE); } #ifdef WITH_AUDIT - audit_logger (AUDIT_GRP_MGMT, Prog, + audit_logger (AUDIT_GRP_MGMT, info_group.audit_msg, group_name, AUDIT_NO_ID, SHADOW_AUDIT_SUCCESS); @@ -525,12 +525,12 @@ static void close_files (struct option_flags *flags) #ifdef WITH_AUDIT /* If both happened, log password change as its more important */ if (pflg) - audit_logger (AUDIT_GRP_CHAUTHTOK, Prog, + audit_logger (AUDIT_GRP_CHAUTHTOK, info_gshadow.audit_msg, group_name, AUDIT_NO_ID, SHADOW_AUDIT_SUCCESS); else - audit_logger (AUDIT_GRP_MGMT, Prog, + audit_logger (AUDIT_GRP_MGMT, info_gshadow.audit_msg, group_name, AUDIT_NO_ID, SHADOW_AUDIT_SUCCESS); @@ -553,7 +553,7 @@ static void close_files (struct option_flags *flags) exit (E_GRP_UPDATE); } #ifdef WITH_AUDIT - audit_logger (AUDIT_GRP_MGMT, Prog, + audit_logger (AUDIT_GRP_MGMT, info_passwd.audit_msg, group_name, AUDIT_NO_ID, SHADOW_AUDIT_SUCCESS); @@ -568,7 +568,7 @@ static void close_files (struct option_flags *flags) } #ifdef WITH_AUDIT - audit_logger (AUDIT_GRP_MGMT, Prog, + audit_logger (AUDIT_GRP_MGMT, "modify-group", group_name, AUDIT_NO_ID, SHADOW_AUDIT_SUCCESS); diff --git a/src/lastlog.c b/src/lastlog.c index e513936c7..6fafc90b0 100644 --- a/src/lastlog.c +++ b/src/lastlog.c @@ -231,14 +231,14 @@ static void update_one (/*@null@*/const struct passwd *pw) #endif strcpy (ll.ll_line, "lastlog"); #ifdef WITH_AUDIT - audit_logger (AUDIT_ACCT_UNLOCK, Prog, + audit_logger (AUDIT_ACCT_UNLOCK, "clearing-lastlog", pw->pw_name, pw->pw_uid, SHADOW_AUDIT_SUCCESS); #endif } #ifdef WITH_AUDIT else { - audit_logger (AUDIT_ACCT_UNLOCK, Prog, + audit_logger (AUDIT_ACCT_UNLOCK, "refreshing-lastlog", pw->pw_name, pw->pw_uid, SHADOW_AUDIT_SUCCESS); } diff --git a/src/newgrp.c b/src/newgrp.c index 66f4e9cba..13b6ac17b 100644 --- a/src/newgrp.c +++ b/src/newgrp.c @@ -201,7 +201,7 @@ static void check_perms (const struct group *grp, #ifdef WITH_AUDIT SNPRINTF(audit_buf, "authentication new_gid=%lu", (unsigned long) grp->gr_gid); - audit_logger (AUDIT_GRP_AUTH, Prog, + audit_logger (AUDIT_GRP_AUTH, audit_buf, NULL, getuid (), SHADOW_AUDIT_FAILURE); #endif SYSLOG ((LOG_INFO, @@ -214,7 +214,7 @@ static void check_perms (const struct group *grp, #ifdef WITH_AUDIT SNPRINTF(audit_buf, "authentication new_gid=%lu", (unsigned long) grp->gr_gid); - audit_logger (AUDIT_GRP_AUTH, Prog, + audit_logger (AUDIT_GRP_AUTH, audit_buf, NULL, getuid (), SHADOW_AUDIT_SUCCESS); #endif } @@ -303,7 +303,7 @@ static void syslog_sg (const char *name, const char *group) getuid(), "new_group", group, SHADOW_AUDIT_FAILURE); } else { - audit_logger (AUDIT_CHGRP_ID, Prog, + audit_logger (AUDIT_CHGRP_ID, "changing", NULL, getuid(), SHADOW_AUDIT_FAILURE); } @@ -442,7 +442,7 @@ int main (int argc, char **argv) fprintf (stderr, _("%s: Cannot determine your user name.\n"), Prog); #ifdef WITH_AUDIT - audit_logger (AUDIT_CHGRP_ID, Prog, + audit_logger (AUDIT_CHGRP_ID, "changing", NULL, getuid (), SHADOW_AUDIT_FAILURE); #endif SYSLOG ((LOG_WARN, "Cannot determine the user name of the caller (UID %lu)", @@ -562,7 +562,7 @@ int main (int argc, char **argv) audit_logger_with_group(AUDIT_CHGRP_ID, "changing", NULL, getuid(), "new_group", group, SHADOW_AUDIT_FAILURE); } else { - audit_logger(AUDIT_CHGRP_ID, Prog, + audit_logger(AUDIT_CHGRP_ID, "changing", NULL, getuid(), SHADOW_AUDIT_FAILURE); } #endif @@ -700,7 +700,7 @@ int main (int argc, char **argv) perror ("setgid"); #ifdef WITH_AUDIT SNPRINTF(audit_buf, "changing new_gid=%lu", (unsigned long) gid); - audit_logger (AUDIT_CHGRP_ID, Prog, + audit_logger (AUDIT_CHGRP_ID, audit_buf, NULL, getuid (), SHADOW_AUDIT_FAILURE); #endif exit (EXIT_FAILURE); @@ -710,7 +710,7 @@ int main (int argc, char **argv) perror ("setuid"); #ifdef WITH_AUDIT SNPRINTF(audit_buf, "changing new_gid=%lu", (unsigned long) gid); - audit_logger (AUDIT_CHGRP_ID, Prog, + audit_logger (AUDIT_CHGRP_ID, audit_buf, NULL, getuid (), SHADOW_AUDIT_FAILURE); #endif exit (EXIT_FAILURE); @@ -725,7 +725,7 @@ int main (int argc, char **argv) execl (SHELL, "sh", "-c", command, (char *) NULL); #ifdef WITH_AUDIT SNPRINTF(audit_buf, "changing new_gid=%lu", (unsigned long) gid); - audit_logger (AUDIT_CHGRP_ID, Prog, + audit_logger (AUDIT_CHGRP_ID, audit_buf, NULL, getuid (), SHADOW_AUDIT_FAILURE); #endif perror (SHELL); @@ -793,7 +793,7 @@ int main (int argc, char **argv) #ifdef WITH_AUDIT SNPRINTF(audit_buf, "changing new_gid=%lu", (unsigned long) gid); - audit_logger (AUDIT_CHGRP_ID, Prog, + audit_logger (AUDIT_CHGRP_ID, audit_buf, NULL, getuid (), SHADOW_AUDIT_SUCCESS); #endif /* @@ -822,7 +822,7 @@ int main (int argc, char **argv) getuid(), "new_group", group, SHADOW_AUDIT_FAILURE); } else { - audit_logger (AUDIT_CHGRP_ID, Prog, + audit_logger (AUDIT_CHGRP_ID, "changing", NULL, getuid (), 0); } #endif diff --git a/src/useradd.c b/src/useradd.c index 60d2332ca..f7e46d6b6 100644 --- a/src/useradd.c +++ b/src/useradd.c @@ -312,7 +312,7 @@ static void fail_exit (int code, bool process_selinux) else type = AUDIT_ADD_USER; - audit_logger (type, Prog, + audit_logger (type, "add-user", user_name, AUDIT_NO_ID, SHADOW_AUDIT_FAILURE); #endif @@ -710,7 +710,7 @@ set_defaults(void) goto err_free_def; } #ifdef WITH_AUDIT - audit_logger (AUDIT_USYS_CONFIG, Prog, + audit_logger (AUDIT_USYS_CONFIG, "changing-useradd-defaults", NULL, AUDIT_NO_ID, SHADOW_AUDIT_SUCCESS); @@ -1511,7 +1511,7 @@ static void process_flags (int argc, char **argv, struct option_flags *flags) Prog, user_name); } #ifdef WITH_AUDIT - audit_logger (AUDIT_ADD_USER, Prog, + audit_logger (AUDIT_ADD_USER, "add-user", user_name, AUDIT_NO_ID, SHADOW_AUDIT_FAILURE); @@ -1609,7 +1609,7 @@ static void close_files (struct option_flags *flags) fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ()); SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ())); #ifdef WITH_AUDIT - audit_logger (AUDIT_ADD_USER, Prog, + audit_logger (AUDIT_ADD_USER, "unlocking-shadow-file", user_name, AUDIT_NO_ID, SHADOW_AUDIT_FAILURE); @@ -1622,7 +1622,7 @@ static void close_files (struct option_flags *flags) fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ()); SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ())); #ifdef WITH_AUDIT - audit_logger (AUDIT_ADD_USER, Prog, + audit_logger (AUDIT_ADD_USER, "unlocking-passwd-file", user_name, AUDIT_NO_ID, SHADOW_AUDIT_FAILURE); @@ -1639,7 +1639,7 @@ static void close_files (struct option_flags *flags) fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_uid_dbname ()); SYSLOG ((LOG_ERR, "failed to unlock %s", sub_uid_dbname ())); #ifdef WITH_AUDIT - audit_logger (AUDIT_ADD_USER, Prog, + audit_logger (AUDIT_ADD_USER, "unlocking-subordinate-user-file", user_name, AUDIT_NO_ID, SHADOW_AUDIT_FAILURE); @@ -1653,7 +1653,7 @@ static void close_files (struct option_flags *flags) fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_gid_dbname ()); SYSLOG ((LOG_ERR, "failed to unlock %s", sub_gid_dbname ())); #ifdef WITH_AUDIT - audit_logger (AUDIT_ADD_USER, Prog, + audit_logger (AUDIT_ADD_USER, "unlocking-subordinate-group-file", user_name, AUDIT_NO_ID, SHADOW_AUDIT_FAILURE); @@ -1706,7 +1706,7 @@ static void unlock_group_files (bool process_selinux) fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ()); SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ())); #ifdef WITH_AUDIT - audit_logger (AUDIT_ADD_USER, Prog, + audit_logger (AUDIT_ADD_USER, "unlocking-group-file", user_name, AUDIT_NO_ID, SHADOW_AUDIT_FAILURE); @@ -1720,7 +1720,7 @@ static void unlock_group_files (bool process_selinux) fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ()); SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ())); #ifdef WITH_AUDIT - audit_logger (AUDIT_ADD_USER, Prog, + audit_logger (AUDIT_ADD_USER, "unlocking-gshadow-file", user_name, AUDIT_NO_ID, SHADOW_AUDIT_FAILURE); @@ -1916,7 +1916,7 @@ static void grp_add (bool process_selinux) _("%s: failed to prepare the new %s entry '%s'\n"), Prog, gr_dbname (), grp.gr_name); #ifdef WITH_AUDIT - audit_logger (AUDIT_ADD_GROUP, Prog, + audit_logger (AUDIT_ADD_GROUP, "add-group", grp.gr_name, AUDIT_NO_ID, SHADOW_AUDIT_FAILURE); @@ -1932,7 +1932,7 @@ static void grp_add (bool process_selinux) _("%s: failed to prepare the new %s entry '%s'\n"), Prog, sgr_dbname (), sgrp.sg_namp); #ifdef WITH_AUDIT - audit_logger (AUDIT_ADD_GROUP, Prog, + audit_logger (AUDIT_ADD_GROUP, "add-group", grp.gr_name, AUDIT_NO_ID, SHADOW_AUDIT_FAILURE); @@ -1942,7 +1942,7 @@ static void grp_add (bool process_selinux) #endif /* SHADOWGRP */ SYSLOG ((LOG_INFO, "new group: name=%s, GID=%u", user_name, user_gid)); #ifdef WITH_AUDIT - audit_logger (AUDIT_ADD_GROUP, Prog, + audit_logger (AUDIT_ADD_GROUP, "add-group", grp.gr_name, AUDIT_NO_ID, SHADOW_AUDIT_SUCCESS); @@ -2171,7 +2171,7 @@ usr_update (unsigned long subuid_count, unsigned long subgid_count, * because its not written to disk yet. After close_files it is * and we can use the real ID thereafter. */ - audit_logger (AUDIT_ADD_USER, Prog, + audit_logger (AUDIT_ADD_USER, "add-user", user_name, AUDIT_NO_ID, SHADOW_AUDIT_SUCCESS); @@ -2296,7 +2296,7 @@ static void create_home (struct option_flags *flags) } home_added = true; #ifdef WITH_AUDIT - audit_logger(AUDIT_USER_MGMT, Prog, "add-home-dir", + audit_logger(AUDIT_USER_MGMT, "add-home-dir", user_name, user_id, SHADOW_AUDIT_SUCCESS); #endif #ifdef WITH_SELINUX @@ -2669,7 +2669,7 @@ int main (int argc, char **argv) _("%s: warning: the user name %s to %s SELinux user mapping failed.\n"), Prog, user_name, user_selinux); #ifdef WITH_AUDIT - audit_logger (AUDIT_ROLE_ASSIGN, Prog, + audit_logger (AUDIT_ROLE_ASSIGN, "add-selinux-user-mapping", user_name, user_id, SHADOW_AUDIT_FAILURE); #endif /* WITH_AUDIT */ diff --git a/src/userdel.c b/src/userdel.c index 474977247..d2bb770d5 100644 --- a/src/userdel.c +++ b/src/userdel.c @@ -543,7 +543,7 @@ static void fail_exit (int code, bool process_selinux) #endif /* ENABLE_SUBIDS */ #ifdef WITH_AUDIT - audit_logger (AUDIT_DEL_USER, Prog, + audit_logger (AUDIT_DEL_USER, "delete-user", user_name, user_id, SHADOW_AUDIT_FAILURE); #endif /* WITH_AUDIT */ @@ -682,7 +682,7 @@ static void update_user (bool process_selinux) } #endif /* ENABLE_SUBIDS */ #ifdef WITH_AUDIT - audit_logger (AUDIT_DEL_USER, Prog, + audit_logger (AUDIT_DEL_USER, "delete-user", user_name, user_id, SHADOW_AUDIT_SUCCESS); #endif /* WITH_AUDIT */ @@ -781,7 +781,7 @@ static bool remove_mailbox (void) Prog, mailfile, strerrno()); SYSLOG((LOG_ERR, "Cannot remove %s: %s", mailfile, strerrno())); #ifdef WITH_AUDIT - audit_logger (AUDIT_DEL_USER, Prog, + audit_logger (AUDIT_DEL_USER, "delete-mail-file", user_name, user_id, SHADOW_AUDIT_FAILURE); #endif /* WITH_AUDIT */ @@ -797,7 +797,7 @@ static bool remove_mailbox (void) Prog, mailfile, strerrno()); SYSLOG((LOG_ERR, "Cannot remove %s: %s", mailfile, strerrno())); #ifdef WITH_AUDIT - audit_logger (AUDIT_DEL_USER, Prog, + audit_logger (AUDIT_DEL_USER, "delete-mail-file", user_name, user_id, SHADOW_AUDIT_FAILURE); #endif /* WITH_AUDIT */ @@ -807,7 +807,7 @@ static bool remove_mailbox (void) #ifdef WITH_AUDIT else { - audit_logger (AUDIT_USER_MGMT, Prog, + audit_logger (AUDIT_USER_MGMT, "delete-mail-file", user_name, user_id, SHADOW_AUDIT_SUCCESS); } @@ -822,7 +822,7 @@ static bool remove_mailbox (void) Prog, mailfile, user_name); SYSLOG((LOG_ERR, "%s not owned by %s, not removed", mailfile, strerrno())); #ifdef WITH_AUDIT - audit_logger (AUDIT_DEL_USER, Prog, + audit_logger (AUDIT_DEL_USER, "delete-mail-file", user_name, user_id, SHADOW_AUDIT_FAILURE); #endif /* WITH_AUDIT */ @@ -838,7 +838,7 @@ static bool remove_mailbox (void) Prog, mailfile, strerrno()); SYSLOG((LOG_ERR, "Cannot remove %s: %s", mailfile, strerrno())); #ifdef WITH_AUDIT - audit_logger (AUDIT_DEL_USER, Prog, + audit_logger (AUDIT_DEL_USER, "delete-mail-file", user_name, user_id, SHADOW_AUDIT_FAILURE); #endif /* WITH_AUDIT */ @@ -848,7 +848,7 @@ static bool remove_mailbox (void) #ifdef WITH_AUDIT else { - audit_logger (AUDIT_USER_MGMT, Prog, + audit_logger (AUDIT_USER_MGMT, "delete-mail-file", user_name, user_id, SHADOW_AUDIT_SUCCESS); } @@ -1064,7 +1064,7 @@ int main (int argc, char **argv) fprintf (stderr, _("%s: user '%s' does not exist\n"), Prog, user_name); #ifdef WITH_AUDIT - audit_logger (AUDIT_DEL_USER, Prog, + audit_logger (AUDIT_DEL_USER, "deleting-user-not-found", user_name, AUDIT_NO_ID, SHADOW_AUDIT_FAILURE); @@ -1094,7 +1094,7 @@ int main (int argc, char **argv) if (streq(prefix, "") && !flags.chroot && user_busy(user_name, user_id) != 0) { if (!fflg) { #ifdef WITH_AUDIT - audit_logger (AUDIT_DEL_USER, Prog, + audit_logger (AUDIT_DEL_USER, "deleting-user-logged-in", user_name, AUDIT_NO_ID, SHADOW_AUDIT_FAILURE); @@ -1191,7 +1191,7 @@ int main (int argc, char **argv) #ifdef WITH_AUDIT else { - audit_logger (AUDIT_USER_MGMT, Prog, + audit_logger (AUDIT_USER_MGMT, "deleting-home-directory", user_name, user_id, SHADOW_AUDIT_SUCCESS); } @@ -1199,7 +1199,7 @@ int main (int argc, char **argv) } #ifdef WITH_AUDIT if (errors) { - audit_logger (AUDIT_DEL_USER, Prog, + audit_logger (AUDIT_DEL_USER, "deleting-home-directory", user_name, AUDIT_NO_ID, SHADOW_AUDIT_FAILURE); @@ -1213,7 +1213,7 @@ int main (int argc, char **argv) _("%s: warning: the user name %s to SELinux user mapping removal failed.\n"), Prog, user_name); #ifdef WITH_AUDIT - audit_logger (AUDIT_ROLE_REMOVE, Prog, + audit_logger (AUDIT_ROLE_REMOVE, "delete-selinux-user-mapping", user_name, user_id, SHADOW_AUDIT_FAILURE); #endif /* WITH_AUDIT */ diff --git a/src/usermod.c b/src/usermod.c index fc1a8361e..4cd931a02 100644 --- a/src/usermod.c +++ b/src/usermod.c @@ -440,7 +440,7 @@ static char *new_pw_passwd (char *pw_pass) { if (Lflg && ('!' != pw_pass[0])) { #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_USER_CHAUTHTOK, "updating-passwd", user_newname, user_newid, 1); #endif SYSLOG ((LOG_INFO, "lock user '%s' password", user_newname)); @@ -455,14 +455,14 @@ static char *new_pw_passwd (char *pw_pass) } #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_USER_CHAUTHTOK, "updating-password", user_newname, user_newid, 1); #endif SYSLOG ((LOG_INFO, "unlock user '%s' password", user_newname)); memmove(pw_pass, pw_pass + 1, strlen(pw_pass)); } else if (pflg) { #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_USER_CHAUTHTOK, "updating-password", user_newname, user_newid, 1); #endif SYSLOG ((LOG_INFO, "change user '%s' password", user_newname)); @@ -491,7 +491,7 @@ static void new_pwent (struct passwd *pwent, bool process_selinux) fail_exit (E_NAME_IN_USE, process_selinux); } #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_MGMT, Prog, + audit_logger (AUDIT_USER_MGMT, "changing-name", user_newname, user_newid, 1); #endif SYSLOG ((LOG_INFO, @@ -511,7 +511,7 @@ static void new_pwent (struct passwd *pwent, bool process_selinux) if (uflg) { #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_MGMT, Prog, + audit_logger (AUDIT_USER_MGMT, "changing-uid", user_newname, user_newid, 1); #endif SYSLOG ((LOG_INFO, @@ -521,7 +521,7 @@ static void new_pwent (struct passwd *pwent, bool process_selinux) } if (gflg) { #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_MGMT, Prog, + audit_logger (AUDIT_USER_MGMT, "changing-primary-group", user_newname, user_newid, 1); #endif @@ -532,7 +532,7 @@ static void new_pwent (struct passwd *pwent, bool process_selinux) } if (cflg) { #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_MGMT, Prog, + audit_logger (AUDIT_USER_MGMT, "changing-comment", user_newname, user_newid, 1); #endif pwent->pw_gecos = user_newcomment; @@ -540,7 +540,7 @@ static void new_pwent (struct passwd *pwent, bool process_selinux) if (dflg) { #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_MGMT, Prog, + audit_logger (AUDIT_USER_MGMT, "changing-home-dir", user_newname, user_newid, 1); #endif @@ -557,7 +557,7 @@ static void new_pwent (struct passwd *pwent, bool process_selinux) } if (sflg) { #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_MGMT, Prog, + audit_logger (AUDIT_USER_MGMT, "changing-shell", user_newname, user_newid, 1); #endif @@ -588,7 +588,7 @@ static void new_spent (struct spwd *spent, bool process_selinux) if (fflg) { #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_MGMT, Prog, + audit_logger (AUDIT_USER_MGMT, "changing-inactive-days", user_newname, user_newid, 1); #endif @@ -604,7 +604,7 @@ static void new_spent (struct spwd *spent, bool process_selinux) DAY_TO_STR(new_exp, user_newexpire); DAY_TO_STR(old_exp, user_expire); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_MGMT, Prog, + audit_logger (AUDIT_USER_MGMT, "changing-expiration-date", user_newname, user_newid, 1); #endif @@ -690,7 +690,7 @@ fail_exit (int code, bool process_selinux) #endif /* ENABLE_SUBIDS */ #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_MGMT, Prog, + audit_logger (AUDIT_USER_MGMT, "modify-account", user_name, AUDIT_NO_ID, SHADOW_AUDIT_FAILURE); #endif @@ -1815,7 +1815,7 @@ static void move_home (bool process_selinux) #ifdef WITH_AUDIT if (uflg || gflg) { - audit_logger (AUDIT_USER_MGMT, Prog, + audit_logger (AUDIT_USER_MGMT, "updating-home-dir-owner", user_newname, user_newid, 1); } @@ -1834,7 +1834,7 @@ static void move_home (bool process_selinux) fail_exit (E_HOMEDIR, process_selinux); } #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_MGMT, Prog, + audit_logger (AUDIT_USER_MGMT, "moving-home-dir", user_newname, user_newid, 1); #endif @@ -1863,7 +1863,6 @@ static void move_home (bool process_selinux) } #ifdef WITH_AUDIT audit_logger (AUDIT_USER_MGMT, - Prog, "moving-home-dir", user_newname, user_newid, @@ -2088,7 +2087,7 @@ static void move_mailbox (void) } #ifdef WITH_AUDIT else { - audit_logger (AUDIT_USER_MGMT, Prog, + audit_logger (AUDIT_USER_MGMT, "updating-mail-file-owner", user_newname, user_newid, 1); } @@ -2112,7 +2111,7 @@ static void move_mailbox (void) } #ifdef WITH_AUDIT else { - audit_logger (AUDIT_USER_MGMT, Prog, + audit_logger (AUDIT_USER_MGMT, "updating-mail-file-name", user_newname, user_newid, 1); } @@ -2329,7 +2328,7 @@ int main (int argc, char **argv) _("%s: warning: the user name %s to %s SELinux user mapping failed.\n"), Prog, user_name, user_selinux); #ifdef WITH_AUDIT - audit_logger (AUDIT_ROLE_ASSIGN, Prog, + audit_logger (AUDIT_ROLE_ASSIGN, "changing-selinux-user-mapping ", user_name, user_id, SHADOW_AUDIT_FAILURE); @@ -2342,7 +2341,7 @@ int main (int argc, char **argv) _("%s: warning: the user name %s to SELinux user mapping removal failed.\n"), Prog, user_name); #ifdef WITH_AUDIT - audit_logger (AUDIT_ROLE_REMOVE, Prog, + audit_logger (AUDIT_ROLE_REMOVE, "delete-selinux-user-mapping", user_name, user_id, SHADOW_AUDIT_FAILURE); @@ -2386,7 +2385,7 @@ int main (int argc, char **argv) */ #ifdef WITH_AUDIT if (uflg || gflg) { - audit_logger (AUDIT_USER_MGMT, Prog, + audit_logger (AUDIT_USER_MGMT, "updating-home-dir-owner", user_newname, user_newid, 1); } -- 2.47.3