From d8e1580e33349d93b1bdd767524d45299b702255 Mon Sep 17 00:00:00 2001 From: Jeffrey Altman Date: Mon, 11 Jul 2005 20:08:35 +0000 Subject: [PATCH] STABLE14-auditlogs-for-everyone-20050702 Windows build dependency changes to support the audit logs (cherry picked from commit 16d67791dce45e5d4ee9b854c796492ffcde2113) --- src/audit/audit.c | 169 +++++++++++++++++------------- src/audit/audit.h | 1 + src/bozo/bosserver.c | 32 ++++++ src/budb/server.c | 48 ++++++++- src/kauth/kaserver.c | 32 ++++++ src/libadmin/adminutil/NTMakefile | 4 +- src/libadmin/client/NTMakefile | 3 +- src/libadmin/test/NTMakefile | 1 + src/libafsauthent/NTMakefile | 4 +- src/libafsrpc/afsrpc.def | 2 +- src/ptserver/ptserver.c | 37 +++++++ src/util/afsutil.h | 2 +- src/util/afsutil_prototypes.h | 1 + src/util/serverLog.c | 29 +++-- src/viced/viced.c | 44 ++++++-- src/vlserver/vlserver.c | 32 ++++++ src/volser/volmain.c | 45 ++++++++ 17 files changed, 388 insertions(+), 98 deletions(-) diff --git a/src/audit/audit.c b/src/audit/audit.c index 177c1a867..11476ed64 100644 --- a/src/audit/audit.c +++ b/src/audit/audit.c @@ -15,8 +15,15 @@ RCSID #include #include +#include #ifdef AFS_AIX32_ENV #include +#else +#define AUDIT_OK 0 +#define AUDIT_FAIL 1 +#define AUDIT_FAIL_AUTH 2 +#define AUDIT_FAIL_ACCESS 3 +#define AUDIT_FAIL_PRIV 4 #endif /* AFS_AIX32_ENV */ #include @@ -35,26 +42,21 @@ int bufferLen; int osi_audit_all = (-1); /* Not determined yet */ int osi_echo_trail = (-1); -#ifdef AFS_AIX_ENV /** all these functions are only defined for AIX */ +FILE *auditout = NULL; + +int osi_audit_check(); -#ifndef AFS_OSF_ENV -/* - * These variadic functions work under AIX, and not all systems (osf1) - */ -/* ************************************************************************** */ -/* AIX requires a buffer filled with values to record with each audit event. - * aixmakebuf creates that buffer from the variable list of values we are given. - * ************************************************************************** */ static void -aixmakebuf(char *audEvent, char *vaList) +audmakebuf(char *audEvent, va_list vaList) { +#ifdef AFS_AIX32_ENV int code; +#endif int vaEntry; int vaInt; afs_int32 vaLong; char *vaStr; char *vaLst; - char hname[20]; struct AFSFid *vaFid; vaEntry = va_arg(vaList, int); @@ -84,7 +86,7 @@ aixmakebuf(char *audEvent, char *vaList) break; case AUD_LST: /* Ptr to another list */ vaLst = (char *)va_arg(vaList, int); - aixmakebuf(audEvent, vaLst); + audmakebuf(audEvent, vaLst); break; case AUD_FID: /* AFSFid - contains 3 entries */ vaFid = (struct AFSFid *)va_arg(vaList, int); @@ -110,7 +112,6 @@ aixmakebuf(char *audEvent, char *vaList) memcpy(bufferPtr, Fids->AFSCBFids_val, sizeof(struct AFSFid)); } else { - struct AFSFid dummy; *((u_int *) bufferPtr) = 0; bufferPtr += sizeof(u_int); memset(bufferPtr, 0, sizeof(struct AFSFid)); @@ -133,24 +134,23 @@ aixmakebuf(char *audEvent, char *vaList) } static void -printbuf(char *audEvent, afs_int32 errCode, char *vaList) +printbuf(FILE *out, int rec, char *audEvent, afs_int32 errCode, va_list vaList) { int vaEntry; int vaInt; afs_int32 vaLong; char *vaStr; char *vaLst; - char hname[20]; struct AFSFid *vaFid; struct AFSCBFids *vaFids; + int num = LogThreadNum(); - if (osi_echo_trail < 0) - osi_audit_check(); - if (!osi_echo_trail) - return; - + /* Don't print the thread id if we recursed */ + if ((num > -1) && (rec == 0)) + fprintf(out, "[%d]:", num); + if (strcmp(audEvent, "VALST") != 0) - printf("%s %d ", audEvent, errCode); + fprintf(out, "%s %d ", audEvent, errCode); vaEntry = va_arg(vaList, int); while (vaEntry != AUD_END) { @@ -158,34 +158,34 @@ printbuf(char *audEvent, afs_int32 errCode, char *vaList) case AUD_STR: /* String */ vaStr = (char *)va_arg(vaList, int); if (vaStr) - printf("%s ", vaStr); + fprintf(out, "%s ", vaStr); else - printf("", vaStr); + fprintf(out, ""); break; case AUD_INT: /* Integer */ vaInt = va_arg(vaList, int); - printf("%d ", vaInt); + fprintf(out, "%d ", vaInt); break; case AUD_DATE: /* Date */ case AUD_HOST: /* Host ID */ vaLong = va_arg(vaList, afs_int32); - printf("%u ", vaLong); + fprintf(out, "%u ", vaLong); break; case AUD_LONG: /* afs_int32 */ vaLong = va_arg(vaList, afs_int32); - printf("%d ", vaLong); + fprintf(out, "%d ", vaLong); break; case AUD_LST: /* Ptr to another list */ vaLst = (char *)va_arg(vaList, int); - printbuf("VALST", 0, vaLst); + printbuf(out, 1, "VALST", 0, vaLst); break; case AUD_FID: /* AFSFid - contains 3 entries */ vaFid = (struct AFSFid *)va_arg(vaList, int); if (vaFid) - printf("%u:%u:%u ", vaFid->Volume, vaFid->Vnode, + fprintf(out, "%u:%u:%u ", vaFid->Volume, vaFid->Vnode, vaFid->Unique); else - printf("%u:%u:%u ", 0, 0, 0); + fprintf(out, "%u:%u:%u ", 0, 0, 0); break; case AUD_FIDS: /* array of Fids */ vaFids = (struct AFSCBFids *)va_arg(vaList, int); @@ -194,38 +194,21 @@ printbuf(char *audEvent, afs_int32 errCode, char *vaList) if (vaFids) vaFid = vaFids->AFSCBFids_val; if (vaFid) - printf("%u %u:%u:%u ", vaFids->AFSCBFids_len, vaFid->Volume, + fprintf(out, "%u %u:%u:%u ", vaFids->AFSCBFids_len, vaFid->Volume, vaFid->Vnode, vaFid->Unique); else - printf("0 0:0:0 "); + fprintf(out, "0 0:0:0 "); break; default: - printf("--badval-- "); + fprintf(out, "--badval-- "); break; } /* end switch */ vaEntry = va_arg(vaList, int); } /* end while */ if (strcmp(audEvent, "VALST") != 0) - printf("\n"); + fprintf(out, "\n"); } -#else -static void -aixmakebuf(audEvent, vaList) - char *audEvent; - va_list vaList; -{ - return; -} - -static void -printbuf(char *audEvent, long errCode, va_list vaList) -{ - return; -} - -#endif - /* ************************************************************************** */ /* The routine that acually does the audit call. @@ -238,9 +221,11 @@ osi_audit(char *audEvent, /* Event name (15 chars or less) */ #ifdef AFS_AIX32_ENV afs_int32 code; afs_int32 err; +#endif int result; va_list vaList; +#ifdef AFS_AIX32_ENV static struct Lock audbuflock = { 0, 0, 0, 0, #ifdef AFS_PTHREAD_ENV PTHREAD_MUTEX_INITIALIZER, @@ -249,11 +234,12 @@ osi_audit(char *audEvent, /* Event name (15 chars or less) */ #endif /* AFS_PTHREAD_ENV */ }; static char BUFFER[32768]; +#endif - if (osi_audit_all < 0) + if ((osi_audit_all < 0) || (osi_echo_trail < 0)) osi_audit_check(); - if (!osi_audit_all) - return; + if (!osi_audit_all && !auditout) + return 0; switch (errCode) { case 0: @@ -270,7 +256,6 @@ osi_audit(char *audEvent, /* Event name (15 chars or less) */ break; case VL_PERM: /* vlserver.h */ case BUDB_NOTPERMITTED: /* budb_errs.h */ -/* case KRB_RD_AP_UNAUTHOR : */ case BZACCESS: /* bnode.h */ case VOLSERBAD_ACCESS: /* volser.h */ result = AUDIT_FAIL_PRIV; @@ -280,6 +265,7 @@ osi_audit(char *audEvent, /* Event name (15 chars or less) */ break; } +#ifdef AFS_AIX32_ENV ObtainWriteLock(&audbuflock); bufferPtr = BUFFER; @@ -288,11 +274,15 @@ osi_audit(char *audEvent, /* Event name (15 chars or less) */ bufferPtr += sizeof(errCode); va_start(vaList, errCode); - aixmakebuf(audEvent, vaList); + audmakebuf(audEvent, vaList); +#endif - va_start(vaList, errCode); - printbuf(audEvent, errCode, vaList); + if (osi_echo_trail) { + va_start(vaList, errCode); + printbuf(stdout, 0, audEvent, errCode, vaList); + } +#ifdef AFS_AIX32_ENV bufferLen = (int)((afs_int32) bufferPtr - (afs_int32) & BUFFER[0]); code = auditlog(audEvent, result, BUFFER, bufferLen); #ifdef notdef @@ -304,7 +294,15 @@ osi_audit(char *audEvent, /* Event name (15 chars or less) */ } #endif /* notdef */ ReleaseWriteLock(&audbuflock); +#else + if (auditout) { + va_start(vaList, errCode); + printbuf(auditout, 0, audEvent, errCode, vaList); + fflush(auditout); + } #endif + + return 0; } /* ************************************************************************** */ @@ -322,11 +320,10 @@ osi_auditU(struct rx_call *call, char *audEvent, int errCode, ...) afs_int32 hostId; va_list vaList; - if (osi_audit_all < 0) osi_audit_check(); - if (!osi_audit_all) - return; + if (!osi_audit_all && !auditout) + return 0; strcpy(afsName, "--Unknown--"); hostId = 0; @@ -339,20 +336,50 @@ osi_auditU(struct rx_call *call, char *audEvent, int errCode, ...) osi_audit("AFS_Aud_Unauth", (-1), AUD_STR, audEvent, AUD_END); strcpy(afsName, "--UnAuth--"); } else if (secClass == 2) { /* authenticated */ - code = - rxkad_GetServerInfo(conn, NULL, NULL, afsName, NULL, NULL, + char tcell[MAXKTCREALMLEN]; + char name[MAXKTCNAMELEN]; + char inst[MAXKTCNAMELEN]; + char vname[256]; + int ilen, clen; + + code = + rxkad_GetServerInfo(conn, NULL, NULL, name, inst, tcell, NULL); if (code) { osi_audit("AFS_Aud_NoAFSId", (-1), AUD_STR, audEvent, AUD_END); strcpy(afsName, "--NoName--"); - } + } else { + strncpy(vname, name, sizeof(vname)); + if ((ilen = strlen(inst))) { + if (strlen(vname) + 1 + ilen >= sizeof(vname)) + goto done; + strcat(vname, "."); + strcat(vname, inst); + } + if ((clen = strlen(tcell))) { +#if defined(AFS_ATHENA_STDENV) || defined(AFS_KERBREALM_ENV) + static char local_realm[AFS_REALM_SZ] = ""; + if (!local_realm[0]) { + if (afs_krb_get_lrealm(local_realm, 0) != 0 /*KSUCCESS*/) + strncpy(local_realm, "UNKNOWN.LOCAL.REALM", AFS_REALM_SZ); + } + if (strcasecmp(local_realm, tcell)) { + if (strlen(vname) + 1 + clen >= sizeof(vname)) + goto done; + strcat(vname, "@"); + strcat(vname, tcell); + } +#endif + strcpy(afsName, vname); + } + } } else { /* Unauthenticated & unknown */ osi_audit("AFS_Aud_UnknSec", (-1), AUD_STR, audEvent, AUD_END); } - + done: peer = rx_PeerOf(conn); /* conn -> peer */ if (peer) hostId = rx_HostOf(peer); /* peer -> host */ @@ -370,6 +397,8 @@ osi_auditU(struct rx_call *call, char *audEvent, int errCode, ...) va_start(vaList, errCode); osi_audit(audEvent, errCode, AUD_STR, afsName, AUD_HOST, hostId, AUD_LST, vaList, AUD_END); + + return 0; } /* ************************************************************************** */ @@ -410,21 +439,13 @@ osi_audit_check() /* Now set whether we audit all events from here on out */ osi_audit_all = onoff; -} - -#else /* ! AFS_AIX_ENV */ - -int -osi_audit(char *audEvent, afs_int32 errCode, ...) -{ return 0; } int -osi_auditU(struct rx_call *call, char *audEvent, int errCode, ...) +osi_audit_file(FILE *out) { + auditout = out; return 0; } - -#endif diff --git a/src/audit/audit.h b/src/audit/audit.h index cea04dcc2..af318ee9e 100644 --- a/src/audit/audit.h +++ b/src/audit/audit.h @@ -284,3 +284,4 @@ /* prototypes for audit functions */ int osi_audit(char *audEvent, afs_int32 errCode, ...); int osi_auditU(struct rx_call *call, char *audEvent, int errCode, ...); +int osi_audit_file(FILE *out); diff --git a/src/bozo/bosserver.c b/src/bozo/bosserver.c index 90a8bcab3..6162dbb9f 100644 --- a/src/bozo/bosserver.c +++ b/src/bozo/bosserver.c @@ -811,17 +811,49 @@ main(int argc, char **argv, char **envp) bozo_isrestricted = 1; } #endif + else if (strcmp(argv[code], "-auditlog") == 0) { + int tempfd, flags; + FILE *auditout; + char oldName[MAXPATHLEN]; + char *fileName = argv[++code]; + +#ifndef AFS_NT40_ENV + struct stat statbuf; + + if ((lstat(fileName, &statbuf) == 0) + && (S_ISFIFO(statbuf.st_mode))) { + flags = O_WRONLY | O_NONBLOCK; + } else +#endif + { + strcpy(oldName, fileName); + strcat(oldName, ".old"); + renamefile(fileName, oldName); + flags = O_WRONLY | O_TRUNC | O_CREAT; + } + tempfd = open(fileName, flags, 0666); + if (tempfd > -1) { + auditout = fdopen(tempfd, "a"); + if (auditout) { + osi_audit_file(auditout); + } else + printf("Warning: auditlog %s not writable, ignored.\n", fileName); + } else + printf("Warning: auditlog %s not writable, ignored.\n", fileName); + } else { /* hack to support help flag */ #ifndef AFS_NT40_ENV printf("Usage: bosserver [-noauth] [-log] " + "[-auditlog ] " "[-syslog[=FACILITY]] " "[-enable_peer_stats] [-enable_process_stats] " "[-nofork] " "[-help]\n"); #else printf("Usage: bosserver [-noauth] [-log] " + "[-auditlog ] " "[-enable_peer_stats] [-enable_process_stats] " "[-help]\n"); #endif diff --git a/src/budb/server.c b/src/budb/server.c index a9cdcbfd2..6dddc8ac1 100644 --- a/src/budb/server.c +++ b/src/budb/server.c @@ -13,9 +13,10 @@ RCSID ("$Header$"); +#include +#include #ifdef AFS_NT40_ENV #include -#include #include #else #include @@ -75,6 +76,14 @@ char dbDir[AFSDIR_PATH_MAX], cellConfDir[AFSDIR_PATH_MAX]; /* debugging control */ int debugging = 0; +#if defined(AFS_PTHREAD_ENV) +char * +threadNum(void) +{ + return pthread_getspecific(rx_thread_id_key); +} +#endif + /* check whether caller is authorized to manage RX statistics */ int BU_rxstat_userok(call) @@ -159,6 +168,9 @@ initializeArgHandler() cmd_AddParm(cptr, "-ubikbuffers", CMD_SINGLE, CMD_OPTIONAL, "the number of ubik buffers"); + cmd_AddParm(cptr, "-auditlog", CMD_SINGLE, CMD_OPTIONAL, + "audit log path"); + } int @@ -212,6 +224,36 @@ argHandler(as, arock) else ubik_nBuffers = 0; + if (as->parms[7].items != 0) { + int tempfd, flags; + FILE *auditout; + char oldName[MAXPATHLEN]; + char *fileName = as->parms[7].items->data; +#ifndef AFS_NT40_ENV + struct stat statbuf; + + if ((lstat(fileName, &statbuf) == 0) + && (S_ISFIFO(statbuf.st_mode))) { + flags = O_WRONLY | O_NONBLOCK; + } else +#endif + { + strcpy(oldName, fileName); + strcat(oldName, ".old"); + renamefile(fileName, oldName); + flags = O_WRONLY | O_TRUNC | O_CREAT; + } + tempfd = open(fileName, flags, 0666); + if (tempfd > -1) { + auditout = fdopen(tempfd, "a"); + if (auditout) { + osi_audit_file(auditout); + } else + printf("Warning: auditlog %s not writable, ignored.\n", fileName); + } else + printf("Warning: auditlog %s not writable, ignored.\n", fileName); + } + return 0; } @@ -389,6 +431,10 @@ main(argc, argv) srandom(1); +#ifdef AFS_PTHREAD_ENV + SetLogThreadNumProgram( threadNum ); +#endif + /* process the user supplied args */ helpOption = 1; code = cmd_Dispatch(argc, argv); diff --git a/src/kauth/kaserver.c b/src/kauth/kaserver.c index fb7fa725e..e350d4fc6 100644 --- a/src/kauth/kaserver.c +++ b/src/kauth/kaserver.c @@ -48,6 +48,7 @@ RCSID #include #include #include +#include #include "kauth.h" #include "kautils.h" #include "kaserver.h" @@ -200,6 +201,7 @@ main(argc, argv) if (argc == 0) { usage: printf("Usage: kaserver [-noAuth] [-fastKeys] [-database ] " + "[-auditlog ] " "[-localfiles ] [-minhours ] [-servers ] " "[-crossrealm]" /*" [-enable_peer_stats] [-enable_process_stats] " */ @@ -243,6 +245,36 @@ main(argc, argv) dbpath = argv[++a]; if (strcmp(lclpath, default_lclpath) == 0) lclpath = dbpath; + } + else if (strncmp(arg, "-auditlog", arglen) == 0) { + int tempfd, flags; + FILE *auditout; + char oldName[MAXPATHLEN]; + char *fileName = argv[++a]; + +#ifndef AFS_NT40_ENV + struct stat statbuf; + + if ((lstat(fileName, &statbuf) == 0) + && (S_ISFIFO(statbuf.st_mode))) { + flags = O_WRONLY | O_NONBLOCK; + } else +#endif + { + strcpy(oldName, fileName); + strcat(oldName, ".old"); + renamefile(fileName, oldName); + flags = O_WRONLY | O_TRUNC | O_CREAT; + } + tempfd = open(fileName, flags, 0666); + if (tempfd > -1) { + auditout = fdopen(tempfd, "a"); + if (auditout) { + osi_audit_file(auditout); + } else + printf("Warning: auditlog %s not writable, ignored.\n", fileName); + } else + printf("Warning: auditlog %s not writable, ignored.\n", fileName); } else if (strcmp(arg, "-localfiles") == 0) lclpath = argv[++a]; else if (strcmp(arg, "-servers") == 0) diff --git a/src/libadmin/adminutil/NTMakefile b/src/libadmin/adminutil/NTMakefile index 6561511f8..9cd71b5ae 100644 --- a/src/libadmin/adminutil/NTMakefile +++ b/src/libadmin/adminutil/NTMakefile @@ -138,7 +138,9 @@ ILIBDIR = $(DESTDIR)\lib\afs DLLLIBS =\ $(DESTDIR)\lib\afspthread.lib \ $(DESTDIR)\lib\afsrpc.lib \ - $(DESTDIR)\lib\afsauthent.lib + $(DESTDIR)\lib\afs\afsutil.lib \ + $(DESTDIR)\lib\afsauthent.lib \ + $(DESTDIR)\lib\afs\afsreg.lib $(DLLFILE): $(DLLOBJS) $(DLLLIBS) $(DLLCONLINK) /DEF:afsadminutil.def diff --git a/src/libadmin/client/NTMakefile b/src/libadmin/client/NTMakefile index acd89367f..1cc338216 100644 --- a/src/libadmin/client/NTMakefile +++ b/src/libadmin/client/NTMakefile @@ -26,7 +26,8 @@ DLLLIBS =\ $(DESTDIR)\lib\afs\afsadminutil.lib \ $(DESTDIR)\lib\afsauthent.lib \ $(DESTDIR)\lib\afsrpc.lib \ - $(DESTDIR)\lib\afspthread.lib + $(DESTDIR)\lib\afspthread.lib \ + $(DESTDIR)\lib\afs\afsutil.lib $(DLLFILE): $(DLLOBJS) $(DLLLIBS) $(DLLCONLINK) /DEF:clientadmin.def diff --git a/src/libadmin/test/NTMakefile b/src/libadmin/test/NTMakefile index 4e30f2575..762158fa0 100644 --- a/src/libadmin/test/NTMakefile +++ b/src/libadmin/test/NTMakefile @@ -22,6 +22,7 @@ AFSCP_EXELIBS =\ $(DESTDIR)\lib\afs\afsptsadmin.lib \ $(DESTDIR)\lib\afsauthent.lib \ $(DESTDIR)\lib\afsrpc.lib \ + $(DESTDIR)\lib\afs\afsutil.lib \ $(DESTDIR)\lib\afs\afscmd.lib # static library AFSCP_EXEOBJS =\ diff --git a/src/libafsauthent/NTMakefile b/src/libafsauthent/NTMakefile index e5e0b5b12..af1b33789 100644 --- a/src/libafsauthent/NTMakefile +++ b/src/libafsauthent/NTMakefile @@ -139,7 +139,9 @@ DLLLIBS =\ $(DESTDIR)\lib\afs\afsutil.lib \ $(DESTDIR)\lib\afs\afsreg.lib \ $(DESTDIR)\lib\afs\afseventlog.lib \ - $(DESTDIR)\lib\lanahelper.lib + $(DESTDIR)\lib\afs\afsprocmgmt.lib \ + $(DESTDIR)\lib\afslwp.lib \ + $(DESTDIR)\lib\lanahelper.lib $(LIBFILE): $(DLLOBJS) $(DLLLIBS) $(RXOBJS) $(DLLCONLINK) /DEF:afsauthent.def rpcrt4.lib dnsapi.lib mpr.lib secur32.lib diff --git a/src/libafsrpc/afsrpc.def b/src/libafsrpc/afsrpc.def index e84db8339..54d9e33ff 100644 --- a/src/libafsrpc/afsrpc.def +++ b/src/libafsrpc/afsrpc.def @@ -71,7 +71,7 @@ EXPORTS com_err @75 error_message @76 rx_socket @77 DATA - AssertionFailed @79 +; AssertionFailed @79 afs_winsockInit @80 rxevent_debugFile @81 DATA rx_debugFile @82 DATA diff --git a/src/ptserver/ptserver.c b/src/ptserver/ptserver.c index 7ddea76d6..69418a754 100644 --- a/src/ptserver/ptserver.c +++ b/src/ptserver/ptserver.c @@ -120,6 +120,8 @@ RCSID #endif #include #include +#include +#include #ifdef AFS_NT40_ENV #include #include @@ -315,12 +317,44 @@ main(int argc, char **argv) serverLogSyslogFacility = atoi(arg + 8); } #endif + else if (strncmp(arg, "-auditlog", alen) == 0) { + int tempfd, flags; + FILE *auditout; + char oldName[MAXPATHLEN]; + char *fileName = argv[++a]; + +#ifndef AFS_NT40_ENV + struct stat statbuf; + + if ((lstat(fileName, &statbuf) == 0) + && (S_ISFIFO(statbuf.st_mode))) { + flags = O_WRONLY | O_NONBLOCK; + } else +#endif + { + strcpy(oldName, fileName); + strcat(oldName, ".old"); + renamefile(fileName, oldName); + flags = O_WRONLY | O_TRUNC | O_CREAT; + } + tempfd = open(fileName, flags, 0666); + if (tempfd > -1) { + auditout = fdopen(tempfd, "a"); + if (auditout) { + osi_audit_file(auditout); + osi_audit(PTS_StartEvent, 0, AUD_END); + } else + printf("Warning: auditlog %s not writable, ignored.\n", fileName); + } else + printf("Warning: auditlog %s not writable, ignored.\n", fileName); + } else if (*arg == '-') { /* hack in help flag support */ #if defined(SUPERGROUPS) #ifndef AFS_NT40_ENV printf("Usage: ptserver [-database ] " + "[-auditlog ] " "[-syslog[=FACILITY]] " "[-p ] [-rebuild] " "[-groupdepth ] " @@ -330,6 +364,7 @@ main(int argc, char **argv) "[-help]\n"); #else /* AFS_NT40_ENV */ printf("Usage: ptserver [-database ] " + "[-auditlog ] " "[-p ] [-rebuild] " "[-default_access default_user_access default_group_access] " "[-restricted] " @@ -338,6 +373,7 @@ main(int argc, char **argv) #else #ifndef AFS_NT40_ENV printf("Usage: ptserver [-database ] " + "[-auditlog ] " "[-syslog[=FACILITY]] " "[-p ] [-rebuild] " "[-enable_peer_stats] [-enable_process_stats] " @@ -346,6 +382,7 @@ main(int argc, char **argv) "[-help]\n"); #else /* AFS_NT40_ENV */ printf("Usage: ptserver [-database ] " + "[-auditlog ] " "[-default_access default_user_access default_group_access] " "[-restricted] " "[-p ] [-rebuild] " "[-help]\n"); diff --git a/src/util/afsutil.h b/src/util/afsutil.h index 335fd5e71..2520bac22 100644 --- a/src/util/afsutil.h +++ b/src/util/afsutil.h @@ -32,7 +32,7 @@ extern int serverLogSyslogFacility; extern char *serverLogSyslogTag; #endif extern void vFSLog(const char *format, va_list args); -extern void SetLogThreadNameProgram(char *(*func) () ); +extern void SetLogThreadNumProgram(int (*func) () ); /*@printflike@*/ extern void FSLog(const char *format, ...); #define ViceLog(level, str) if ((level) <= LogLevel) (FSLog str) diff --git a/src/util/afsutil_prototypes.h b/src/util/afsutil_prototypes.h index ee6873f49..af7d88995 100644 --- a/src/util/afsutil_prototypes.h +++ b/src/util/afsutil_prototypes.h @@ -157,6 +157,7 @@ extern void ResetDebug_Signal(int signo); extern void SetupLogSignals(void); extern int OpenLog(const char *fileName); extern int ReOpenLog(const char *fileName); +extern int LogThreadNum(); /* snprintf.c */ diff --git a/src/util/serverLog.c b/src/util/serverLog.c index 4219442cb..92eccd986 100644 --- a/src/util/serverLog.c +++ b/src/util/serverLog.c @@ -70,7 +70,12 @@ static pthread_mutex_t serverLogMutex; #define O_NONBLOCK 0 #endif -static char *(*threadNameProgram) () = NULL; +static int +dummyThreadNum(void) +{ + return -1; +} +static int (*threadNumProgram) () = dummyThreadNum; static int serverLogFD = -1; @@ -88,9 +93,9 @@ int printLocks = 0; static char ourName[MAXPATHLEN]; void -SetLogThreadNameProgram(char *(*func) () ) +SetLogThreadNumProgram(int (*func) () ) { - threadNameProgram = func; + threadNumProgram = func; } void @@ -102,6 +107,12 @@ WriteLogBuffer(char *buf, afs_uint32 len) UNLOCK_SERVERLOG(); } +int +LogThreadNum(void) +{ + return (*threadNumProgram) (); +} + void vFSLog(const char *format, va_list args) { @@ -109,7 +120,7 @@ vFSLog(const char *format, va_list args) char *timeStamp; char tbuffer[1024]; char *info; - int len; + int len, num; char *name; currenttime = time(0); @@ -118,10 +129,10 @@ vFSLog(const char *format, va_list args) info = &timeStamp[25]; if (mrafsStyleLogs || threadIdLogs) { - name = (*threadNameProgram) (); - if (name) { - (void)afs_snprintf(info, (sizeof tbuffer) - strlen(tbuffer), "[%s] ", - name); + num = (*threadNumProgram) (); + if (num > -1) { + (void)afs_snprintf(info, (sizeof tbuffer) - strlen(tbuffer), "[%d] ", + num); info += strlen(info); } } @@ -182,7 +193,7 @@ SetDebug_Signal(int signo) LogLevel *= 5; #if defined(AFS_PTHREAD_ENV) - if (LogLevel > 1 && threadNameProgram != NULL && + if (LogLevel > 1 && threadNumProgram != NULL && threadIdLogs == 0) { threadIdLogs = 1; } diff --git a/src/viced/viced.c b/src/viced/viced.c index d6e3a6970..75a4661bd 100644 --- a/src/viced/viced.c +++ b/src/viced/viced.c @@ -28,8 +28,8 @@ RCSID #include #include /* signal(), kill(), wait(), etc. */ #include -#ifdef AFS_NT40_ENV #include +#ifdef AFS_NT40_ENV #include #include #include @@ -317,14 +317,9 @@ ResetCheckDescriptors(void) #if defined(AFS_PTHREAD_ENV) char * -threadName(void) +threadNum(void) { - char threadid[16]; - if (LogLevel > 999) { - afs_snprintf(threadid, 16, "%d", pthread_getspecific(rx_thread_id_key)); - return threadid; - } else - return NULL; + return pthread_getspecific(rx_thread_id_key); } #endif @@ -717,6 +712,7 @@ FlagMsg() /* default supports help flag */ strcpy(buffer, "Usage: fileserver "); + strcpy(buffer, "[-auditlog ] "); strcat(buffer, "[-d ] "); strcat(buffer, "[-p ] "); strcat(buffer, "[-spare ] "); @@ -1095,6 +1091,36 @@ ParseArgs(int argc, char *argv[]) } else if (!strcmp(argv[i], "-enable_process_stats")) { rx_enableProcessRPCStats(); } + else if (strcmp(argv[i], "-auditlog") == 0) { + int tempfd, flags; + FILE *auditout; + char oldName[MAXPATHLEN]; + char *fileName = argv[++i]; + +#ifndef AFS_NT40_ENV + struct stat statbuf; + + if ((lstat(fileName, &statbuf) == 0) + && (S_ISFIFO(statbuf.st_mode))) { + flags = O_WRONLY | O_NONBLOCK; + } else +#endif + { + strcpy(oldName, fileName); + strcat(oldName, ".old"); + renamefile(fileName, oldName); + flags = O_WRONLY | O_TRUNC | O_CREAT; + } + tempfd = open(fileName, flags, 0666); + if (tempfd > -1) { + auditout = fdopen(tempfd, "a"); + if (auditout) { + osi_audit_file(auditout); + } else + printf("Warning: auditlog %s not writable, ignored.\n", fileName); + } else + printf("Warning: auditlog %s not writable, ignored.\n", fileName); + } #ifndef AFS_NT40_ENV else if (strcmp(argv[i], "-syslog") == 0) { /* set syslog logging flag */ @@ -1730,7 +1756,7 @@ main(int argc, char *argv[]) } #ifdef AFS_PTHREAD_ENV - SetLogThreadNameProgram( threadName ); + SetLogThreadNumProgram( threadNum ); #endif /* initialize libacl routines */ diff --git a/src/vlserver/vlserver.c b/src/vlserver/vlserver.c index c57c3441b..9d1a9f180 100644 --- a/src/vlserver/vlserver.c +++ b/src/vlserver/vlserver.c @@ -16,6 +16,7 @@ RCSID #include #include #include +#include #ifdef HAVE_FCNTL_H #include #endif @@ -182,6 +183,35 @@ main(argc, argv) extern char rxi_tracename[80]; strcpy(rxi_tracename, argv[++index]); + } else if (strcmp(argv[index], "-auditlog") == 0) { + int tempfd, flags; + FILE *auditout; + char oldName[MAXPATHLEN]; + char *fileName = argv[++index]; + +#ifndef AFS_NT40_ENV + struct stat statbuf; + + if ((lstat(fileName, &statbuf) == 0) + && (S_ISFIFO(statbuf.st_mode))) { + flags = O_WRONLY | O_NONBLOCK; + } else +#endif + { + strcpy(oldName, fileName); + strcat(oldName, ".old"); + renamefile(fileName, oldName); + flags = O_WRONLY | O_TRUNC | O_CREAT; + } + tempfd = open(fileName, flags, 0666); + if (tempfd > -1) { + auditout = fdopen(tempfd, "a"); + if (auditout) { + osi_audit_file(auditout); + } else + printf("Warning: auditlog %s not writable, ignored.\n", fileName); + } else + printf("Warning: auditlog %s not writable, ignored.\n", fileName); } else if (strcmp(argv[index], "-enable_peer_stats") == 0) { rx_enablePeerRPCStats(); } else if (strcmp(argv[index], "-enable_process_stats") == 0) { @@ -198,11 +228,13 @@ main(argc, argv) /* support help flag */ #ifndef AFS_NT40_ENV printf("Usage: vlserver [-p ] [-nojumbo] " + "[-auditlog ] " "[-syslog[=FACILITY]] " "[-enable_peer_stats] [-enable_process_stats] " "[-help]\n"); #else printf("Usage: vlserver [-p ] [-nojumbo] " + "[-auditlog ] " "[-enable_peer_stats] [-enable_process_stats] " "[-help]\n"); #endif diff --git a/src/volser/volmain.c b/src/volser/volmain.c index 28d701eb7..ceada2c3f 100644 --- a/src/volser/volmain.c +++ b/src/volser/volmain.c @@ -59,6 +59,8 @@ RCSID #include #include #include +#include +#include #include "volser.h" #include @@ -99,6 +101,13 @@ int Testing = 0; /* for ListViceInodes */ exit(code); \ } +#if defined(AFS_PTHREAD_ENV) +char * +threadNum(void) +{ + return pthread_getspecific(rx_thread_id_key); +} +#endif static afs_int32 MyBeforeProc(struct rx_call *acall) @@ -284,6 +293,36 @@ main(int argc, char **argv) lwps, MAXLWP); lwps = MAXLWP; } + } else if (strcmp(argv[code], "-auditlog") == 0) { + int tempfd, flags; + FILE *auditout; + char oldName[MAXPATHLEN]; + char *fileName = argv[++code]; + +#ifndef AFS_NT40_ENV + struct stat statbuf; + + if ((lstat(fileName, &statbuf) == 0) + && (S_ISFIFO(statbuf.st_mode))) { + flags = O_WRONLY | O_NONBLOCK; + } else +#endif + { + strcpy(oldName, fileName); + strcat(oldName, ".old"); + renamefile(fileName, oldName); + flags = O_WRONLY | O_TRUNC | O_CREAT; + } + tempfd = open(fileName, flags, 0666); + if (tempfd > -1) { + auditout = fdopen(tempfd, "a"); + if (auditout) { + osi_audit_file(auditout); + osi_audit(VS_StartEvent, 0, AUD_END); + } else + printf("Warning: auditlog %s not writable, ignored.\n", fileName); + } else + printf("Warning: auditlog %s not writable, ignored.\n", fileName); } else if (strcmp(argv[code], "-nojumbo") == 0) { rxJumbograms = 0; } else if (strcmp(argv[code], "-sleep") == 0) { @@ -324,12 +363,14 @@ main(int argc, char **argv) usage: #ifndef AFS_NT40_ENV printf("Usage: volserver [-log] [-p ] " + "[-auditlog ] " "[-udpsize ] " "[-syslog[=FACILITY]] " "[-enable_peer_stats] [-enable_process_stats] " "[-help]\n"); #else printf("Usage: volserver [-log] [-p ] " + "[-auditlog ] " "[-udpsize ] " "[-enable_peer_stats] [-enable_process_stats] " "[-help]\n"); @@ -346,6 +387,10 @@ main(int argc, char **argv) #endif InitErrTabs(); +#ifdef AFS_PTHREAD_ENV + SetLogThreadNumProgram( threadNum ); +#endif + #ifdef AFS_NT40_ENV if (afs_winsockInit() < 0) { ReportErrorEventAlt(AFSEVT_SVR_WINSOCK_INIT_FAILED, 0, argv[0], 0); -- 2.39.5