File upstart-audit-events.patch of Package upstart
Index: upstart-0.6.5/util/Makefile.in
===================================================================
--- upstart-0.6.5.orig/util/Makefile.in 2010-03-11 18:10:15.000000000 +0100
+++ upstart-0.6.5/util/Makefile.in 2010-03-12 10:01:59.000000000 +0100
@@ -1,4 +1,4 @@
-# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# Makefile.in generated by automake 1.11 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
@@ -308,7 +308,6 @@ PACKAGE_COPYRIGHT = @PACKAGE_COPYRIGHT@
PACKAGE_NAME = @PACKAGE_NAME@
PACKAGE_STRING = @PACKAGE_STRING@
PACKAGE_TARNAME = @PACKAGE_TARNAME@
-PACKAGE_URL = @PACKAGE_URL@
PACKAGE_VERSION = @PACKAGE_VERSION@
PATH_SEPARATOR = @PATH_SEPARATOR@
PKG_CONFIG = @PKG_CONFIG@
@@ -419,7 +418,7 @@ reboot_SOURCES = \
reboot_LDADD = \
$(LTLIBINTL) \
- $(NIH_LIBS)
+ $(NIH_LIBS) -laudit
runlevel_SOURCES = \
runlevel.c \
@@ -441,7 +440,7 @@ shutdown_LDADD = \
$(LTLIBINTL) \
$(NIH_LIBS) \
$(NIH_DBUS_LIBS) \
- $(DBUS_LIBS)
+ $(DBUS_LIBS) -laudit
telinit_SOURCES = \
telinit.c \
@@ -455,7 +454,7 @@ telinit_LDADD = \
$(LTLIBINTL) \
$(NIH_LIBS) \
$(NIH_DBUS_LIBS) \
- $(DBUS_LIBS)
+ $(DBUS_LIBS) -laudit
com_ubuntu_Upstart_OUTPUTS = \
com.ubuntu.Upstart.c \
@@ -515,7 +514,7 @@ test_sysv_LDADD = \
$(LTLIBINTL) \
$(NIH_LIBS) \
$(NIH_DBUS_LIBS) \
- $(DBUS_LIBS)
+ $(DBUS_LIBS) -laudit
test_telinit_SOURCES = tests/test_telinit.c telinit.c
test_telinit_CFLAGS = $(AM_CFLAGS) -DTEST
@@ -525,7 +524,7 @@ test_telinit_LDADD = \
com.ubuntu.Upstart.Job.o com.ubuntu.Upstart.Instance.o \
$(NIH_LIBS) \
$(NIH_DBUS_LIBS) \
- $(DBUS_LIBS)
+ $(DBUS_LIBS) -laudit
all: $(BUILT_SOURCES)
$(MAKE) $(AM_MAKEFLAGS) all-am
Index: upstart-0.6.5/util/reboot.c
===================================================================
--- upstart-0.6.5.orig/util/reboot.c 2010-03-11 18:10:15.000000000 +0100
+++ upstart-0.6.5/util/reboot.c 2010-03-11 18:10:21.000000000 +0100
@@ -36,6 +36,10 @@
#include <nih/logging.h>
#include <nih/error.h>
+#if 1 /* HAVE_LIBAUDIT */
+#include <libaudit.h>
+#endif
+
#include "utmp.h"
@@ -103,7 +107,6 @@ static int poweroff = FALSE;
**/
static int exit_only = FALSE;
-
/**
* options:
*
@@ -127,6 +130,7 @@ static NihOption options[] = {
NIH_OPTION_LAST
};
+static void send_audit_event(void);
int
main (int argc,
@@ -227,6 +231,8 @@ main (int argc,
/* Re-enable Control-Alt-Delete in case it breaks */
reboot (RB_ENABLE_CAD);
+ send_audit_event ();
+
/* Do the syscall */
switch (mode) {
case REBOOT:
@@ -248,3 +254,21 @@ main (int argc,
return 0;
}
+
+/**
+ * send_audit_event
+ *
+ * Send system shutdown audit event
+ **/
+static void
+send_audit_event (void)
+{
+#if 1 /* HAVE_LIBAUDIT */
+ int fd = audit_open ();
+ if (fd < 0)
+ return;
+ audit_log_user_message (fd, AUDIT_SYSTEM_SHUTDOWN, "init",
+ NULL, NULL, NULL, 1);
+ close (fd);
+#endif
+}
Index: upstart-0.6.5/util/sysv.c
===================================================================
--- upstart-0.6.5.orig/util/sysv.c 2010-03-11 18:10:15.000000000 +0100
+++ upstart-0.6.5/util/sysv.c 2010-03-11 18:10:21.000000000 +0100
@@ -36,6 +36,9 @@
#include <nih/logging.h>
#include <nih/error.h>
+#include <unistd.h>
+#include <libaudit.h>
+
#include "dbus/upstart.h"
#include "utmp.h"
@@ -54,6 +57,7 @@
/* Prototypes for static functions */
static void error_handler (NihError **err, NihDBusMessage *message);
+static void send_audit_event (int old, int level);
/**
@@ -161,6 +165,8 @@ sysv_change_runlevel (int runl
runlevel, prevlevel) < 0)
nih_free (nih_error_get ());
+ send_audit_event(prevlevel, runlevel);
+
/* Make the EmitEvent call, we don't wait for the event to finish
* because sysvinit never did.
*/
@@ -199,3 +205,41 @@ error_handler (NihError ** err,
{
*err = nih_error_steal ();
}
+
+/**
+ * send_audit_event
+ * @old: current run level
+ * @level: new run level
+ *
+ * Send system runlevel change audit event. If level is 0, then
+ * we consider this to be a reboot event.
+ **/
+static void
+send_audit_event (int old, int level)
+{
+#if 1 /* HAVE_LIBAUDIT */
+ int fd = audit_open ();
+
+ if (fd < 0)
+ return;
+
+ /* first runlevel change after boot */
+ if (old == 'N')
+ audit_log_user_message (fd, AUDIT_SYSTEM_BOOT, "init",
+ NULL, NULL, NULL, 1);
+
+ char buf[64];
+
+ snprintf (buf, sizeof (buf),
+ "old-level=%c new-level=%c", old, level);
+ audit_log_user_message (fd, AUDIT_SYSTEM_RUNLEVEL, buf,
+ NULL, NULL, NULL, 1);
+
+ /* shutdown or reboot */
+ if (level == '0' || level == '6')
+ audit_log_user_message (fd, AUDIT_SYSTEM_SHUTDOWN, "init",
+ NULL, NULL, NULL, 1);
+
+ close (fd);
+#endif
+}
Index: upstart-0.6.5/util/Makefile.am
===================================================================
--- upstart-0.6.5.orig/util/Makefile.am 2010-03-11 18:10:15.000000000 +0100
+++ upstart-0.6.5/util/Makefile.am 2010-03-12 10:01:51.000000000 +0100
@@ -45,7 +45,7 @@ reboot_SOURCES = \
utmp.c utmp.h
reboot_LDADD = \
$(LTLIBINTL) \
- $(NIH_LIBS)
+ $(NIH_LIBS) -laudit
runlevel_SOURCES = \
runlevel.c \
@@ -64,7 +64,7 @@ shutdown_LDADD = \
$(LTLIBINTL) \
$(NIH_LIBS) \
$(NIH_DBUS_LIBS) \
- $(DBUS_LIBS)
+ $(DBUS_LIBS) -laudit
telinit_SOURCES = \
telinit.c \
@@ -76,7 +76,7 @@ telinit_LDADD = \
$(LTLIBINTL) \
$(NIH_LIBS) \
$(NIH_DBUS_LIBS) \
- $(DBUS_LIBS)
+ $(DBUS_LIBS) -laudit
com_ubuntu_Upstart_OUTPUTS = \
@@ -201,7 +201,7 @@ test_sysv_LDADD = \
$(LTLIBINTL) \
$(NIH_LIBS) \
$(NIH_DBUS_LIBS) \
- $(DBUS_LIBS)
+ $(DBUS_LIBS) -laudit
test_telinit_SOURCES = tests/test_telinit.c telinit.c
test_telinit_CFLAGS = $(AM_CFLAGS) -DTEST
@@ -211,7 +211,7 @@ test_telinit_LDADD = \
com.ubuntu.Upstart.Job.o com.ubuntu.Upstart.Instance.o \
$(NIH_LIBS) \
$(NIH_DBUS_LIBS) \
- $(DBUS_LIBS)
+ $(DBUS_LIBS) -laudit
.PHONY: tests
