Bug 15740

Summary: Add a new method "GetAuditSessionData" for Solaris auditing
Product: dbus Reporter: simon zheng <simon.zheng>
Component: coreAssignee: Havoc Pennington <hp>
Status: RESOLVED FIXED QA Contact: John (J5) Palmieri <johnp>
Severity: major    
Priority: medium CC: brian.cameron, walters
Version: unspecifiedKeywords: security
Hardware: Other   
OS: Solaris   
Whiteboard:
i915 platform: i915 features:
Attachments: Enhancement for Solaris auditing
patch to add "GetAdtAuditSessionData" method
enhanced patch to add "GetAdtAuditSessionData"
rename more to use _adt, static for internal func, fix one or two spaces

Description simon zheng 2008-04-28 03:37:52 UTC
Created attachment 16212 [details] [review]
Enhancement for Solaris auditing

On Solaris, auditing a mandatory requirement. To get audit data from socket connection credentials, I propose to add a method "GetAuditSessionData" to interface "org.freedesktop.DBus" exported by dbus daemon

------
    <method name="GetAuditSessionData">
      <arg direction="in" type="s"/>
      <arg direction="out" type="ay"/>
    </method>
------
Comment 1 John (J5) Palmieri 2008-04-28 08:04:02 UTC
Can you rename the interface to GetSolarisAuditSessionData or something similar?  Audit is pretty much an overloaded word these days and unless Linux Audit and Solaris Audit return the same data it doesn't make sense to have a generic API.   
Comment 2 simon zheng 2008-04-30 03:45:59 UTC
Created attachment 16260 [details] [review]
patch to add "GetAdtAuditSessionData" method

Renamed interface name and removed unsuitable compiling-time macro "HAVE_ADT" in public header file "dbus/dbus-connection.h".
Comment 3 simon zheng 2008-04-30 03:47:15 UTC
(In reply to comment #1)
> Can you rename the interface to GetSolarisAuditSessionData or something
> similar?  Audit is pretty much an overloaded word these days and unless Linux
> Audit and Solaris Audit return the same data it doesn't make sense to have a
> generic API.   
> 

Sure. Renamed to "GetAdtAuditSessionData". Because the Solaris API may be
adopted by other platforms in the future, "Adt" would be more generic than
"Solaris".
Comment 4 Havoc Pennington 2008-05-13 12:09:41 UTC
I would #ifdef this less; notice how the windows SID is done, where it has most of the API even on Unix, it's just that the windows SID is never set in the credentials struct.

Inside the bus daemon (driver.c), you could always export the method, but just have it return an error if the audit data isn't available. Which should happen naturally if dbus_connection_get_adt_audit_session_data() fails.

In general only the sysdeps-unix.c part looks like it truly, definitely needs the #ifdef (and the adt header should not be included anywhere else, for example including bsm/adt.h in driver.c is not correct; direct use of the system API should all be in the sysdeps-* files.




Comment 5 simon zheng 2008-05-14 05:15:00 UTC
Created attachment 16525 [details] [review]
enhanced patch to add "GetAdtAuditSessionData"

Havoc, thank you for review.

Removed "#ifdef" and "#include <bsm/adt.h>" and let "GetAdtAuditSessionData" return error as long as the audit data isn't available. Could you have a look again?
Comment 6 Colin Walters 2008-05-23 16:55:13 UTC
Looks reasonable.
Comment 7 Colin Walters 2008-05-30 18:33:03 UTC
Created attachment 16838 [details] [review]
rename more to use _adt, static for internal func, fix one or two spaces

Simon, can you have a look at this updated patch which tweaks yours:

o Rename more bits to use _ADT
o Fix a function to be static that was only used internally
o Add spaces between function name and call in one or two places
Comment 8 simon zheng 2008-06-01 19:12:39 UTC
(In reply to comment #7)
> Created an attachment (id=16838) [details]
> rename more to use _adt, static for internal func, fix one or two spaces
> 
> Simon, can you have a look at this updated patch which tweaks yours:
> 
> o Rename more bits to use _ADT
> o Fix a function to be static that was only used internally
> o Add spaces between function name and call in one or two places
> 

Colin,

Really appreciate your help. 

Only one minor issue. Because _dbus_credentials_add_adt_audit_data() is also called in file dbus/dbus-sysdeps-unix.c, it would be good to mask it as export function rather than static.

Could you help to push upstream if patch is fine?
Comment 9 Colin Walters 2008-06-05 14:30:55 UTC
I removed the errant "static" and have committed this upstream.  If you have a chance to update to git HEAD and test and report success, it would be appreciated!

commit ab1eb1fd5a26affa2383b0eb7e292efd83ec2546
Author: Colin Walters <walters@verbum.org>
Date:   Thu Jun 5 17:24:34 2008 -0400

    Bug 15740: Solaris/ADT auditing support (simon zheng)
    
    	* bus/driver.c: Add GetAdtAuditSessionData method
    	which returns audit data for a connection.
    	* configure.in: Detect ADT auditing support
    	* dbus/dbus-auth.c: Read ADT auditing creds.
    	* dbus/dbus-connection.c: Implement
    	dbus_connection_get_adt_audit_session_data.
    	* dbus/dbus-connection.h: Export it.
    	* dbus/dbus-credentials.c: Add support for
    	gathering adt_audit_data and retrieving it
    	via _dbus_credentials_get_adt_audit_data.
    	* dbus/dbus-credentials.h: Add
    	DBUS_CREDENTIAL_ADT_AUDIT_DATA_ID.
    	* dbus/dbus-protocol.h: New error
    	DBUS_ERROR_ADT_AUDIT_DATA_UNKNOWN.
    	* dbus/dbus-sysdeps.c: Support for reading
    	audit credentials via ADT API.
    	* dbus/dbus-transport.c: New function
    	_dbus_transport_get_adt_audit_session_data
    	to retrieve credentials.
    	* dbus/dbus-transport.h: Export it.

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.