usr/src/lib/libbsm/common/audit_policy.h

   1 /*
   2  * CDDL HEADER START
   3  *
   4  * The contents of this file are subject to the terms of the
   5  * Common Development and Distribution License (the "License").
   6  * You may not use this file except in compliance with the License.
   7  *
   8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
   9  * or http://www.opensolaris.org/os/licensing.
  10  * See the License for the specific language governing permissions
  11  * and limitations under the License.
  12  *
  13  * When distributing Covered Code, include this CDDL HEADER in each
  14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  15  * If applicable, add the following below this CDDL HEADER, with the
  16  * fields enclosed by brackets "[]" replaced with your own identifying
  17  * information: Portions Copyright [yyyy] [name of copyright owner]
  18  *
  19  * CDDL HEADER END
  20  */
  21 /*
  22  * Copyright (c) 2009, 2010, Oracle and/or its affiliates. All rights reserved.
  23  */
  24
  25 #ifndef _AUDIT_POLICY_H
  26 #define _AUDIT_POLICY_H
  27
  28 #ifdef __cplusplus
  29 extern "C" {
  30 #endif
  31
  32 #include <bsm/audit.h>
  33 #include <bsm/libbsm.h>
  34
  35 #define ALL_POLICIES   (AUDIT_AHLT|\
  36                         AUDIT_ARGE|\
  37                         AUDIT_ARGV|\
  38                         AUDIT_CNT|\
  39                         AUDIT_GROUP|\
  40                         AUDIT_SEQ|\
  41                         AUDIT_TRAIL|\
  42                         AUDIT_PATH|\
  43                         AUDIT_PUBLIC|\
  44                         AUDIT_ZONENAME|\
  45                         AUDIT_PERZONE|\
  46                         AUDIT_WINDATA_DOWN|\
  47                         AUDIT_WINDATA_UP)
  48
  49 #define NO_POLICIES  (0)
  50
  51 struct policy_entry {
  52         char *policy_str;
  53         uint32_t policy_mask;
  54         char *policy_desc;
  55 };
  56 typedef struct policy_entry policy_entry_t;
  57
  58 static policy_entry_t policy_table[] = {
  59         {"ahlt",  AUDIT_AHLT,   "halt machine if it can not record an "
  60             "async event"},
  61         {"all",   ALL_POLICIES, "all policies"},
  62         {"arge",  AUDIT_ARGE,   "include exec environment args in audit recs"},
  63         {"argv",  AUDIT_ARGV,   "include exec command line args in audit recs"},
  64         {"cnt",   AUDIT_CNT,    "when no more space, drop recs and keep a cnt"},
  65         {"group", AUDIT_GROUP,  "include supplementary groups in audit recs"},
  66         {"none",  NO_POLICIES,  "no policies"},
  67         {"path",  AUDIT_PATH,   "allow multiple paths per event"},
  68         {"perzone", AUDIT_PERZONE,      "use a separate queue and auditd per "
  69             "zone"},
  70         {"public",  AUDIT_PUBLIC,    "audit public files"},
  71         {"seq",   AUDIT_SEQ,    "include a sequence number in audit recs"},
  72         {"trail", AUDIT_TRAIL,  "include trailer token in audit recs"},
  73         {"windata_down", AUDIT_WINDATA_DOWN,  "include downgraded window "
  74             "information in audit recs"},
  75         {"windata_up",  AUDIT_WINDATA_UP,     "include upgraded window "
  76             "information in audit recs"},
  77         {"zonename", AUDIT_ZONENAME,    "include zonename token in audit recs"}
  78 };
  79
  80 #define POLICY_TBL_SZ (sizeof (policy_table) / sizeof (policy_entry_t))
  81
  82 #ifdef __cplusplus
  83 }
  84 #endif
  85
  86 #endif  /* _AUDIT_POLICY_H */