|
|
#include <sys/audit.h>
/* return >1 if event e is to be audited in emask E, 0 otherwise. */ #define EVENTCHK(e,E) (((unsigned int)0x80000000 >> ((e)&0x1F)) & (E)[(e)>>5])/* set the event in the event vector to 1 (= to be audited) */ #define EVENTADD(e,E) (E)[(e)>>5] |= ((unsigned int)0x80000000 >> ((e)&0x1F))
/* set the event in the event vector to 0 (= NOT to be audited) */ #define EVENTDEL(e,E) (E)[(e)>>5] &= ~((unsigned int)0x80000000 >> ((e)&0x1F))
/* Audit event mask bit positions */ /* SVR4.1 ES */ #define ADT_NULL 0 #define ADT_ACCESS 1 /* access(2) */ #define ADT_ACCT_OFF 2 /* sysacct(2) */ #define ADT_ACCT_ON 3 /* sysacct(2) */ #define ADT_ACCT_SW 4 /* sysacct(2) */ #define ADT_ADD_GRP 5 /* groupadd(1M) */ #define ADT_ADD_USR 6 /* useradd(1M) */ #define ADT_ADD_USR_GRP 7 /* addgrpmem(1M) */ #define ADT_ASSIGN_LID 8 /* lvlname(1M) */ #define ADT_ASSIGN_NM 9 /* lvlname(1M) */ #define ADT_AUDIT_BUF 10 /* auditbuf(2) */ #define ADT_AUDIT_CTL 11 /* auditctl(2) */ #define ADT_AUDIT_DMP 12 /* auditdmp(2) */ #define ADT_AUDIT_EVT 13 /* auditevt(2) */ #define ADT_AUDIT_LOG 14 /* auditlog(2) */ #define ADT_AUDIT_MAP 15 /* auditmap(1M) */ #define ADT_BAD_AUTH 16 /* bad passwd */ #define ADT_BAD_LVL 17 /* bad login lvl */ #define ADT_CANCEL_JOB 18 /* lp */ #define ADT_CHG_DIR 19 /* chg_dir */ #define ADT_CHG_NM 20 /* rename(2) */ #define ADT_CHG_ROOT 21 /* chroot(2) */ #define ADT_CHG_TIMES 22 /* utime(2) */ #define ADT_COV_CHAN_1 23 /* covert channel */ #define ADT_COV_CHAN_2 24 /* covert channel */ #define ADT_COV_CHAN_3 25 /* covert channel */ #define ADT_COV_CHAN_4 26 /* covert channel */ #define ADT_COV_CHAN_5 27 /* covert channel */ #define ADT_COV_CHAN_6 28 /* covert channel */ #define ADT_COV_CHAN_7 29 /* covert channel */ #define ADT_COV_CHAN_8 30 /* covert channel */ #define ADT_CREATE 31 /* creat(2) */ #define ADT_CRON 32 /* cron(1M) */ #define ADT_DAC_MODE 33 /* chmod(2) */ #define ADT_DAC_OWN_GRP 34 /* chown(2) */ #define ADT_DATE 35 /* stime(2) adj_time(2) */ #define ADT_DEACTIVATE_LID 36 /* lvldelete(1M) */ #define ADT_DEF_LVL 37 /* login level */ #define ADT_DEL_NM 38 /* lvldelete(1M) */ #define ADT_DISP_ATTR 39 /* devstat(2) fdevstat(2) */ #define ADT_EXEC 40 /* exec(2) */ #define ADT_EXIT 41 /* exit(2) */ #define ADT_FCNTL 42 /* fcntl(2) */ #define ADT_FILE_ACL 43 /* acl(2) */ #define ADT_FILE_LVL 44 /* lvl_file(2) */ #define ADT_FILE_PRIV 45 /* filepriv(2) */ #define ADT_FORK 46 /* fork(2) */ #define ADT_INIT 47 /* init(1M) */ #define ADT_IOCNTL 48 /* ioctl(2) */ #define ADT_IPC_ACL 49 /* aclipc(2) */ #define ADT_KILL 50 /* kill(2) */ #define ADT_LINK 51 /* link(2) */ #define ADT_LOGIN 52 /* success login */ #define ADT_LP_ADMIN 53 /* lp */ #define ADT_LP_MISC 54 /* lp misc */ #define ADT_MISC 55 /* miscellaneous */ #define ADT_MK_DIR 56 /* mkdir(2) */ #define ADT_MK_MLD 57 /* mkmld(2) */ #define ADT_MK_NODE 58 /* mknod(2) */ #define ADT_MOD_GRP 59 /* groupmod(1M) */ #define ADT_MOD_USR 60 /* usermod(1M) */ #define ADT_MOUNT 61 /* mount(2) umount(2) */ #define ADT_MSG_CTL 62 /* IPC message controls */ #define ADT_MSG_GET 63 /* IPC message gets */ #define ADT_MSG_OP 64 /* IPC message operations */ #define ADT_OPEN_RD 65 /* open(2) RD_ONLY */ #define ADT_OPEN_WR 66 /* open(2) WR_ONLY or RDWR*/ #define ADT_PAGE_LVL 67 /* printer page level */ #define ADT_PASSWD 68 /* passwd(1) */ #define ADT_PIPE 69 /* pipe(2) */ #define ADT_PM_DENIED 70 /* adt_priv() */ #define ADT_PROC_LVL 71 /* lvlproc(2) */ #define ADT_PRT_JOB 72 /* printer job */ #define ADT_PRT_LVL 73 /* printer level*/ #define ADT_RECVFD 74 /* receive FD */ #define ADT_RM_DIR 75 /* rmdir(2) */ #define ADT_SCHED_LK 76 /* priocntl(2) */ #define ADT_SCHED_RT 77 /* priocntl(2) */ #define ADT_SCHED_TS 78 /* priocntl(2) */ #define ADT_SEM_CTL 79 /* IPC semaphore controls */ #define ADT_SEM_GET 80 /* IPC semaphore gets */ #define ADT_SEM_OP 81 /* IPC semaphore operations */ #define ADT_SET_ATTR 82 /* devstat(2) fdevstat(2) */ #define ADT_SET_GID 83 /* setgid(2) */ #define ADT_SET_GRPS 84 /* setgroups(2) */ #define ADT_SET_LVL_RNG 85 /* lvlvfs(2) */ #define ADT_SET_PGRPS 86 /* setpgrp(2),setpgid(2) */ #define ADT_SET_SID 87 /* setsid(2) */ #define ADT_SET_UID 88 /* setuid(2) */ #define ADT_SETRLIMIT 89 /* setrlimit(2) */ #define ADT_SHM_CTL 90 /* IPC shared-memory controls */ #define ADT_SHM_GET 91 /* IPC shared-memory gets */ #define ADT_SHM_OP 92 /* IPC shared-memory operations */ #define ADT_STATUS 93 /* stat(2) */ #define ADT_SYM_CREATE 94 /* symlink(2) */ #define ADT_SYM_STATUS 95 /* symlink(2) */ #define ADT_TFADMIN 96 /* tfadmin(1M) */ #define ADT_TRUNC_LVL 97 /* lp */ #define ADT_ULIMIT 98 /* ulimit(2) */ #define ADT_UMOUNT 99 /* umount(2) */ #define ADT_UNLINK 100 /* unlink(2) */ /* SVR4.2 */ #define ADT_MODPATH 101 /* modpath(2) */ #define ADT_MODADM 102 /* modadm(2) */ #define ADT_MODLOAD 103 /* adt_modload()*/ #define ADT_MODULOAD 104 /* adt_moduload()*/ /* SVR4.2MP */ #define ADT_LWP_CREATE 105 /* _lwp_create(2) */ #define ADT_LWP_BIND 106 /* processor_bind(2) */ #define ADT_LWP_UNBIND 107 /* processor_bind(1) */ #define ADT_ONLINE 108 /* online(2) */ #define ADT_LOGOFF 109 /* ttymon(1) */ #define ADT_SCHED_FC 110 /* priocntl(2) */ #define ADT_LWP_EXIT 111 /* _lwp_exit(2) */ #define ADT_LWP_KILL 112 /* _lwp_kill(2) */ #define ADT_KEYCTL 113 /* keyctl(2) */ #define ADT_FD_ACL 116 /* acl(2) */
#define ADT_SCHED_FP ADT_SCHED_RT