New upstream version 2.8.2
Laurent Bigonville
6 years ago
0 | 2.8.2 | |
1 | - Update tables for 4.14 kernel | |
2 | - Fixup ipv6 server side binding | |
3 | - AVC report from aureport was missing result column header (#1511606) | |
4 | - Add SOFTWARE_UPDATE event | |
5 | - In ausearch/report pickup any path and new-disk fields as a file | |
6 | - Fix value returned by auditctl --reset-lost (Richard Guy Briggs) | |
7 | - In auparse, fix expr_create_timestamp_comparison_ex to be numeric field | |
8 | - Fix building on old systems without linux/fanotify.h | |
9 | - Fix shell portability issues reported by shellcheck | |
10 | - Auditd validate_email should not use gethostbyname | |
11 | ||
0 | 12 | 2.8.1 |
1 | 13 | - Fix NULL ptr dereference in audispd plugin_dir parser |
2 | 14 | - Signed/unsigned cleanup |
0 | # Makefile.in generated by automake 1.15 from Makefile.am. | |
0 | # Makefile.in generated by automake 1.15.1 from Makefile.am. | |
1 | 1 | # @configure_input@ |
2 | 2 | |
3 | # Copyright (C) 1994-2014 Free Software Foundation, Inc. | |
3 | # Copyright (C) 1994-2017 Free Software Foundation, Inc. | |
4 | 4 | |
5 | 5 | # This Makefile.in is free software; the Free Software Foundation |
6 | 6 | # gives unlimited permission to copy and/or distribute it, |
0 | Things that need to be done: | |
1 | =========================== | |
2 | 2.8.2 | |
0 | Future roadmap (subject to change): | |
1 | =================================== | |
2 | 2.8.3 | |
3 | 3 | * Look into TLS support |
4 | * Support multiple time streams when searching | |
5 | 4 | * Add rule verify to detect mismatch between in-kernel and on-disk rules |
6 | * In audispd, look into non-blocking handling of write to plugins | |
7 | 5 | |
8 | 6 | 2.9 |
7 | * Performance improvements for auparse (Memory management) | |
8 | * If auparse input is a pipe timeout events by wall clock | |
9 | * In audispd, look into non-blocking handling of write to plugins | |
9 | 10 | * Look at pulling audispd into auditd |
11 | * Fix audit.pc.in to use Requires.private | |
12 | * Support multiple time streams when searching | |
10 | 13 | * Container support |
11 | * Performance improvements for auparse (Memory management) | |
12 | * Add ability to filter events in auditd | |
13 | * Fix audit.pc.in to use Requires.private | |
14 | * If auparse input is a pipe timeout events by wall clock | |
15 | * Change ausearch to output name="" unless its a real null. (mount) ausearch-report.c, 523. FIXME | |
16 | 14 | |
17 | 15 | 3.0 |
18 | 16 | * Basic HIDS based on reactive audit component |
19 | 17 | * Consolidate linked lists and other functions |
20 | 18 | * Consolidate parsing code between libaudit and auditd-conf.c |
21 | 19 | * Fix SIGHUP for auditd network settings |
22 | * Add gzip format for logs | |
20 | * Add ability to filter events in auditd | |
23 | 21 | |
24 | 22 | 3.0.1 |
25 | 23 | * Add keywords for time: month-ago |
26 | * Look at adding the direction read/write to file report (threat modelling) | |
27 | * Fix aureport accounting for avc in permissive mode | |
28 | 24 | * Fix aureport-scan to properly decide if CONFIG_CHANGE is add or del, need to optionally look for op and use remove/add to decide |
25 | * Change ausearch to output name="" unless its a real null. (mount) ausearch-report.c, 523. FIXME |
0 | # generated automatically by aclocal 1.15 -*- Autoconf -*- | |
1 | ||
2 | # Copyright (C) 1996-2014 Free Software Foundation, Inc. | |
0 | # generated automatically by aclocal 1.15.1 -*- Autoconf -*- | |
1 | ||
2 | # Copyright (C) 1996-2017 Free Software Foundation, Inc. | |
3 | 3 | |
4 | 4 | # This file is free software; the Free Software Foundation |
5 | 5 | # gives unlimited permission to copy and/or distribute it, |
19 | 19 | If you have problems, you may need to regenerate the build system entirely. |
20 | 20 | To do so, use the procedure documented by the package, typically 'autoreconf'.])]) |
21 | 21 | |
22 | # Copyright (C) 2002-2014 Free Software Foundation, Inc. | |
22 | # Copyright (C) 2002-2017 Free Software Foundation, Inc. | |
23 | 23 | # |
24 | 24 | # This file is free software; the Free Software Foundation |
25 | 25 | # gives unlimited permission to copy and/or distribute it, |
34 | 34 | [am__api_version='1.15' |
35 | 35 | dnl Some users find AM_AUTOMAKE_VERSION and mistake it for a way to |
36 | 36 | dnl require some minimum version. Point them to the right macro. |
37 | m4_if([$1], [1.15], [], | |
37 | m4_if([$1], [1.15.1], [], | |
38 | 38 | [AC_FATAL([Do not call $0, use AM_INIT_AUTOMAKE([$1]).])])dnl |
39 | 39 | ]) |
40 | 40 | |
50 | 50 | # Call AM_AUTOMAKE_VERSION and AM_AUTOMAKE_VERSION so they can be traced. |
51 | 51 | # This function is AC_REQUIREd by AM_INIT_AUTOMAKE. |
52 | 52 | AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION], |
53 | [AM_AUTOMAKE_VERSION([1.15])dnl | |
53 | [AM_AUTOMAKE_VERSION([1.15.1])dnl | |
54 | 54 | m4_ifndef([AC_AUTOCONF_VERSION], |
55 | 55 | [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl |
56 | 56 | _AM_AUTOCONF_VERSION(m4_defn([AC_AUTOCONF_VERSION]))]) |
57 | 57 | |
58 | 58 | # AM_AUX_DIR_EXPAND -*- Autoconf -*- |
59 | 59 | |
60 | # Copyright (C) 2001-2014 Free Software Foundation, Inc. | |
60 | # Copyright (C) 2001-2017 Free Software Foundation, Inc. | |
61 | 61 | # |
62 | 62 | # This file is free software; the Free Software Foundation |
63 | 63 | # gives unlimited permission to copy and/or distribute it, |
109 | 109 | |
110 | 110 | # AM_CONDITIONAL -*- Autoconf -*- |
111 | 111 | |
112 | # Copyright (C) 1997-2014 Free Software Foundation, Inc. | |
112 | # Copyright (C) 1997-2017 Free Software Foundation, Inc. | |
113 | 113 | # |
114 | 114 | # This file is free software; the Free Software Foundation |
115 | 115 | # gives unlimited permission to copy and/or distribute it, |
140 | 140 | Usually this means the macro was only invoked conditionally.]]) |
141 | 141 | fi])]) |
142 | 142 | |
143 | # Copyright (C) 1999-2014 Free Software Foundation, Inc. | |
143 | # Copyright (C) 1999-2017 Free Software Foundation, Inc. | |
144 | 144 | # |
145 | 145 | # This file is free software; the Free Software Foundation |
146 | 146 | # gives unlimited permission to copy and/or distribute it, |
331 | 331 | |
332 | 332 | # Generate code to set up dependency tracking. -*- Autoconf -*- |
333 | 333 | |
334 | # Copyright (C) 1999-2014 Free Software Foundation, Inc. | |
334 | # Copyright (C) 1999-2017 Free Software Foundation, Inc. | |
335 | 335 | # |
336 | 336 | # This file is free software; the Free Software Foundation |
337 | 337 | # gives unlimited permission to copy and/or distribute it, |
407 | 407 | |
408 | 408 | # Do all the work for Automake. -*- Autoconf -*- |
409 | 409 | |
410 | # Copyright (C) 1996-2014 Free Software Foundation, Inc. | |
410 | # Copyright (C) 1996-2017 Free Software Foundation, Inc. | |
411 | 411 | # |
412 | 412 | # This file is free software; the Free Software Foundation |
413 | 413 | # gives unlimited permission to copy and/or distribute it, |
604 | 604 | done |
605 | 605 | echo "timestamp for $_am_arg" >`AS_DIRNAME(["$_am_arg"])`/stamp-h[]$_am_stamp_count]) |
606 | 606 | |
607 | # Copyright (C) 2001-2014 Free Software Foundation, Inc. | |
607 | # Copyright (C) 2001-2017 Free Software Foundation, Inc. | |
608 | 608 | # |
609 | 609 | # This file is free software; the Free Software Foundation |
610 | 610 | # gives unlimited permission to copy and/or distribute it, |
625 | 625 | fi |
626 | 626 | AC_SUBST([install_sh])]) |
627 | 627 | |
628 | # Copyright (C) 2003-2014 Free Software Foundation, Inc. | |
628 | # Copyright (C) 2003-2017 Free Software Foundation, Inc. | |
629 | 629 | # |
630 | 630 | # This file is free software; the Free Software Foundation |
631 | 631 | # gives unlimited permission to copy and/or distribute it, |
646 | 646 | |
647 | 647 | # Check to see how 'make' treats includes. -*- Autoconf -*- |
648 | 648 | |
649 | # Copyright (C) 2001-2014 Free Software Foundation, Inc. | |
649 | # Copyright (C) 2001-2017 Free Software Foundation, Inc. | |
650 | 650 | # |
651 | 651 | # This file is free software; the Free Software Foundation |
652 | 652 | # gives unlimited permission to copy and/or distribute it, |
696 | 696 | |
697 | 697 | # Fake the existence of programs that GNU maintainers use. -*- Autoconf -*- |
698 | 698 | |
699 | # Copyright (C) 1997-2014 Free Software Foundation, Inc. | |
699 | # Copyright (C) 1997-2017 Free Software Foundation, Inc. | |
700 | 700 | # |
701 | 701 | # This file is free software; the Free Software Foundation |
702 | 702 | # gives unlimited permission to copy and/or distribute it, |
737 | 737 | # Obsolete and "removed" macros, that must however still report explicit |
738 | 738 | # error messages when used, to smooth transition. |
739 | 739 | # |
740 | # Copyright (C) 1996-2014 Free Software Foundation, Inc. | |
740 | # Copyright (C) 1996-2017 Free Software Foundation, Inc. | |
741 | 741 | # |
742 | 742 | # This file is free software; the Free Software Foundation |
743 | 743 | # gives unlimited permission to copy and/or distribute it, |
764 | 764 | |
765 | 765 | # Helper functions for option handling. -*- Autoconf -*- |
766 | 766 | |
767 | # Copyright (C) 2001-2014 Free Software Foundation, Inc. | |
767 | # Copyright (C) 2001-2017 Free Software Foundation, Inc. | |
768 | 768 | # |
769 | 769 | # This file is free software; the Free Software Foundation |
770 | 770 | # gives unlimited permission to copy and/or distribute it, |
793 | 793 | AC_DEFUN([_AM_IF_OPTION], |
794 | 794 | [m4_ifset(_AM_MANGLE_OPTION([$1]), [$2], [$3])]) |
795 | 795 | |
796 | # Copyright (C) 1999-2014 Free Software Foundation, Inc. | |
796 | # Copyright (C) 1999-2017 Free Software Foundation, Inc. | |
797 | 797 | # |
798 | 798 | # This file is free software; the Free Software Foundation |
799 | 799 | # gives unlimited permission to copy and/or distribute it, |
840 | 840 | # For backward compatibility. |
841 | 841 | AC_DEFUN_ONCE([AM_PROG_CC_C_O], [AC_REQUIRE([AC_PROG_CC])]) |
842 | 842 | |
843 | # Copyright (C) 1999-2014 Free Software Foundation, Inc. | |
843 | # Copyright (C) 1999-2017 Free Software Foundation, Inc. | |
844 | 844 | # |
845 | 845 | # This file is free software; the Free Software Foundation |
846 | 846 | # gives unlimited permission to copy and/or distribute it, |
873 | 873 | [ |
874 | 874 | dnl Find a Python interpreter. Python versions prior to 2.0 are not |
875 | 875 | dnl supported. (2.0 was released on October 16, 2000). |
876 | dnl FIXME: Remove the need to hard-code Python versions here. | |
876 | 877 | m4_define_default([_AM_PYTHON_INTERPRETER_LIST], |
877 | [python python2 python3 python3.3 python3.2 python3.1 python3.0 python2.7 dnl | |
878 | [python python2 python3 python3.5 python3.4 python3.3 python3.2 python3.1 python3.0 python2.7 dnl | |
878 | 879 | python2.6 python2.5 python2.4 python2.3 python2.2 python2.1 python2.0]) |
879 | 880 | |
880 | 881 | AC_ARG_VAR([PYTHON], [the Python interpreter]) |
1075 | 1076 | sys.exit(sys.hexversion < minverhex)" |
1076 | 1077 | AS_IF([AM_RUN_LOG([$1 -c "$prog"])], [$3], [$4])]) |
1077 | 1078 | |
1078 | # Copyright (C) 2001-2014 Free Software Foundation, Inc. | |
1079 | # Copyright (C) 2001-2017 Free Software Foundation, Inc. | |
1079 | 1080 | # |
1080 | 1081 | # This file is free software; the Free Software Foundation |
1081 | 1082 | # gives unlimited permission to copy and/or distribute it, |
1094 | 1095 | |
1095 | 1096 | # Check to make sure that the build environment is sane. -*- Autoconf -*- |
1096 | 1097 | |
1097 | # Copyright (C) 1996-2014 Free Software Foundation, Inc. | |
1098 | # Copyright (C) 1996-2017 Free Software Foundation, Inc. | |
1098 | 1099 | # |
1099 | 1100 | # This file is free software; the Free Software Foundation |
1100 | 1101 | # gives unlimited permission to copy and/or distribute it, |
1175 | 1176 | rm -f conftest.file |
1176 | 1177 | ]) |
1177 | 1178 | |
1178 | # Copyright (C) 2009-2014 Free Software Foundation, Inc. | |
1179 | # Copyright (C) 2009-2017 Free Software Foundation, Inc. | |
1179 | 1180 | # |
1180 | 1181 | # This file is free software; the Free Software Foundation |
1181 | 1182 | # gives unlimited permission to copy and/or distribute it, |
1235 | 1236 | _AM_SUBST_NOTMAKE([AM_BACKSLASH])dnl |
1236 | 1237 | ]) |
1237 | 1238 | |
1238 | # Copyright (C) 2001-2014 Free Software Foundation, Inc. | |
1239 | # Copyright (C) 2001-2017 Free Software Foundation, Inc. | |
1239 | 1240 | # |
1240 | 1241 | # This file is free software; the Free Software Foundation |
1241 | 1242 | # gives unlimited permission to copy and/or distribute it, |
1263 | 1264 | INSTALL_STRIP_PROGRAM="\$(install_sh) -c -s" |
1264 | 1265 | AC_SUBST([INSTALL_STRIP_PROGRAM])]) |
1265 | 1266 | |
1266 | # Copyright (C) 2006-2014 Free Software Foundation, Inc. | |
1267 | # Copyright (C) 2006-2017 Free Software Foundation, Inc. | |
1267 | 1268 | # |
1268 | 1269 | # This file is free software; the Free Software Foundation |
1269 | 1270 | # gives unlimited permission to copy and/or distribute it, |
1282 | 1283 | |
1283 | 1284 | # Check how to create a tarball. -*- Autoconf -*- |
1284 | 1285 | |
1285 | # Copyright (C) 2004-2014 Free Software Foundation, Inc. | |
1286 | # Copyright (C) 2004-2017 Free Software Foundation, Inc. | |
1286 | 1287 | # |
1287 | 1288 | # This file is free software; the Free Software Foundation |
1288 | 1289 | # gives unlimited permission to copy and/or distribute it, |
0 | # Makefile.in generated by automake 1.15 from Makefile.am. | |
0 | # Makefile.in generated by automake 1.15.1 from Makefile.am. | |
1 | 1 | # @configure_input@ |
2 | 2 | |
3 | # Copyright (C) 1994-2014 Free Software Foundation, Inc. | |
3 | # Copyright (C) 1994-2017 Free Software Foundation, Inc. | |
4 | 4 | |
5 | 5 | # This Makefile.in is free software; the Free Software Foundation |
6 | 6 | # gives unlimited permission to copy and/or distribute it, |
0 | # Makefile.in generated by automake 1.15 from Makefile.am. | |
0 | # Makefile.in generated by automake 1.15.1 from Makefile.am. | |
1 | 1 | # @configure_input@ |
2 | 2 | |
3 | # Copyright (C) 1994-2014 Free Software Foundation, Inc. | |
3 | # Copyright (C) 1994-2017 Free Software Foundation, Inc. | |
4 | 4 | |
5 | 5 | # This Makefile.in is free software; the Free Software Foundation |
6 | 6 | # gives unlimited permission to copy and/or distribute it, |
0 | # Makefile.in generated by automake 1.15 from Makefile.am. | |
0 | # Makefile.in generated by automake 1.15.1 from Makefile.am. | |
1 | 1 | # @configure_input@ |
2 | 2 | |
3 | # Copyright (C) 1994-2014 Free Software Foundation, Inc. | |
3 | # Copyright (C) 1994-2017 Free Software Foundation, Inc. | |
4 | 4 | |
5 | 5 | # This Makefile.in is free software; the Free Software Foundation |
6 | 6 | # gives unlimited permission to copy and/or distribute it, |
0 | # Makefile.in generated by automake 1.15 from Makefile.am. | |
0 | # Makefile.in generated by automake 1.15.1 from Makefile.am. | |
1 | 1 | # @configure_input@ |
2 | 2 | |
3 | # Copyright (C) 1994-2014 Free Software Foundation, Inc. | |
3 | # Copyright (C) 1994-2017 Free Software Foundation, Inc. | |
4 | 4 | |
5 | 5 | # This Makefile.in is free software; the Free Software Foundation |
6 | 6 | # gives unlimited permission to copy and/or distribute it, |
30 | 30 | |
31 | 31 | At this point, if you want have audit: forbidden login location, max concurrent sessions, max login failures, and forbidden login time anomalies being reported, you have to setup pam modules correctly. The pam modules are respectively: pam_access, pam_limits, pam_tally2, and pam_time. Please see the respective pam module man pages for any instructions. |
32 | 32 | |
33 | For performance reasons, some audit events will not produce syscall records which contain additional information about events unless there is at least one audit rule loaded. If you do not have any additional audit rules, edit \fI/etc/audit/audit.rules\fP and add something simple that won't impact performace like this: \fB\-w /etc/shadow \-p wa\fP. This rule will watch the shadow file for writes or changes to its attributes. The additional audit information provided by having at least one rule will allow the plugin to give a more complete view of the alert it is sending. | |
33 | For performance reasons, some audit events will not produce syscall records which contain additional information about events unless there is at least one audit rule loaded. If you do not have any additional audit rules, edit \fI/etc/audit/audit.rules\fP and add something simple that won't impact performance like this: \fB\-w /etc/shadow \-p wa\fP. This rule will watch the shadow file for writes or changes to its attributes. The additional audit information provided by having at least one rule will allow the plugin to give a more complete view of the alert it is sending. | |
34 | 34 | |
35 | 35 | If you are wanting to get alerts on watched syscalls, watched files, watched execution, or something becoming executable, you need to add some keys to your audit rules. For example, if you have the following audit watch in \fI/etc/audit/audit.rules\fP: |
36 | 36 |
0 | # Makefile.in generated by automake 1.15 from Makefile.am. | |
0 | # Makefile.in generated by automake 1.15.1 from Makefile.am. | |
1 | 1 | # @configure_input@ |
2 | 2 | |
3 | # Copyright (C) 1994-2014 Free Software Foundation, Inc. | |
3 | # Copyright (C) 1994-2017 Free Software Foundation, Inc. | |
4 | 4 | |
5 | 5 | # This Makefile.in is free software; the Free Software Foundation |
6 | 6 | # gives unlimited permission to copy and/or distribute it, |
1444 | 1444 | int hver, mver; |
1445 | 1445 | uint32_t type, rlen, seq; |
1446 | 1446 | char msg[MAX_AUDIT_MESSAGE_LENGTH+1]; |
1447 | int n_tries_this_message = 0; | |
1447 | unsigned int n_tries_this_message = 0; | |
1448 | 1448 | time_t now, then = 0; |
1449 | 1449 | |
1450 | 1450 | sequence_id ++; |
0 | # Makefile.in generated by automake 1.15 from Makefile.am. | |
0 | # Makefile.in generated by automake 1.15.1 from Makefile.am. | |
1 | 1 | # @configure_input@ |
2 | 2 | |
3 | # Copyright (C) 1994-2014 Free Software Foundation, Inc. | |
3 | # Copyright (C) 1994-2017 Free Software Foundation, Inc. | |
4 | 4 | |
5 | 5 | # This Makefile.in is free software; the Free Software Foundation |
6 | 6 | # gives unlimited permission to copy and/or distribute it, |
262 | 262 | |
263 | 263 | |
264 | 264 | %changelog |
265 | * Thu Oct 12 2017 Steve Grubb <sgrubb@redhat.com> 2.8.1-1 | |
265 | * Thu Dec 14 2017 Steve Grubb <sgrubb@redhat.com> 2.8.2-1 | |
266 | 266 | - New upstream release |
267 | 267 |
0 | # Makefile.in generated by automake 1.15 from Makefile.am. | |
0 | # Makefile.in generated by automake 1.15.1 from Makefile.am. | |
1 | 1 | # @configure_input@ |
2 | 2 | |
3 | # Copyright (C) 1994-2014 Free Software Foundation, Inc. | |
3 | # Copyright (C) 1994-2017 Free Software Foundation, Inc. | |
4 | 4 | |
5 | 5 | # This Makefile.in is free software; the Free Software Foundation |
6 | 6 | # gives unlimited permission to copy and/or distribute it, |
853 | 853 | || op == EO_VALUE_LE || op == EO_VALUE_GT || op == EO_VALUE_GE); |
854 | 854 | res->op = op; |
855 | 855 | res->virtual_field = 1; |
856 | res->numeric_field = 1; | |
856 | 857 | res->v.p.field.id = EF_TIMESTAMP_EX; |
857 | 858 | res->precomputed_value = 1; |
858 | 859 | res->v.p.value.timestamp_ex.sec = sec; |
58 | 58 | _S(38, "alg" ) |
59 | 59 | _S(39, "nfc" ) |
60 | 60 | _S(40, "vsock" ) |
61 | ||
61 | _S(41, "kcm" ) | |
62 | _S(42, "qipcrtr" ) | |
63 | _S(43, "smc" ) |
48 | 48 | _S(1032, "F_GETPIPE_SZ" ) |
49 | 49 | _S(1033, "F_ADD_SEALS" ) |
50 | 50 | _S(1034, "F_GET_SEALS" ) |
51 | ||
51 | _S(1035, "F_GET_RW_HINT" ) | |
52 | _S(1036, "F_SET_RW_HINT" ) | |
53 | _S(1037, "F_GET_FILE_RW_HINT" ) | |
54 | _S(1038, "F_SET_FILE_RW_HINT" ) |
49 | 49 | #include <sys/personality.h> |
50 | 50 | #include <sys/prctl.h> |
51 | 51 | #include <sched.h> |
52 | #ifdef USE_FANOTIFY | |
52 | 53 | #include <linux/fanotify.h> |
54 | #else | |
55 | #define FAN_ALLOW 1 | |
56 | #define FAN_DENY 2 | |
57 | #endif | |
53 | 58 | #include "auparse-defs.h" |
54 | 59 | #include "gen_tables.h" |
55 | 60 | |
1345 | 1350 | size_t i; |
1346 | 1351 | unsigned int flags; |
1347 | 1352 | int cnt = 0; |
1348 | char *out, buf[178]; | |
1353 | char *out, buf[sizeof(open_flag_strings)+8]; | |
1349 | 1354 | |
1350 | 1355 | errno = 0; |
1351 | 1356 | flags = strtoul(val, NULL, 16); |
1383 | 1388 | { |
1384 | 1389 | unsigned int flags, i, clone_sig; |
1385 | 1390 | int cnt = 0; |
1386 | char *out, buf[362]; // added 10 for signal name | |
1391 | char *out, buf[sizeof(clone_flag_strings)+16];// + 10 for signal name | |
1387 | 1392 | |
1388 | 1393 | errno = 0; |
1389 | 1394 | flags = strtoul(val, NULL, 16); |
1534 | 1539 | { |
1535 | 1540 | unsigned int maps, i; |
1536 | 1541 | int cnt = 0; |
1537 | char buf[176]; | |
1542 | char buf[sizeof(mmap_strings)+8]; | |
1538 | 1543 | char *out; |
1539 | 1544 | |
1540 | 1545 | errno = 0; |
1700 | 1705 | { |
1701 | 1706 | unsigned int rec, i; |
1702 | 1707 | int cnt = 0; |
1703 | char buf[234]; | |
1708 | char buf[sizeof(recv_strings)+8]; | |
1704 | 1709 | char *out; |
1705 | 1710 | |
1706 | 1711 | errno = 0; |
1979 | 1984 | { |
1980 | 1985 | unsigned int flags, partial, i; |
1981 | 1986 | int cnt = 0; |
1982 | char *out, buf[32]; | |
1987 | char *out, buf[sizeof(shm_mode_strings)+sizeof(ipccmd_strings)+8]; | |
1983 | 1988 | |
1984 | 1989 | errno = 0; |
1985 | 1990 | flags = strtoul(val, NULL, 16); |
2060 | 2065 | { |
2061 | 2066 | unsigned int flags, i; |
2062 | 2067 | int cnt = 0; |
2063 | char buf[64]; | |
2068 | char buf[sizeof(umount_strings)+8]; | |
2064 | 2069 | char *out; |
2065 | 2070 | |
2066 | 2071 | errno = 0; |
17 | 17 | * |
18 | 18 | * Authors: |
19 | 19 | * Steve Grubb <sgrubb@redhat.com> |
20 | * | |
21 | * This list is not comprehensive. Its just some cherry picked ioctls. | |
20 | 22 | * include/uapi/linux/kd.h |
21 | 23 | * include/uapi/linux/cdrom.h |
22 | 24 | * include/uapi/asm-generic/ioctls.h |
25 | 27 | |
26 | 28 | _S(0x4B3A, "KDSETMODE" ) |
27 | 29 | _S(0x4B3B, "KDGETMODE" ) |
30 | ||
28 | 31 | _S(0x5309, "CDROMEJECT" ) |
29 | 32 | _S(0x530F, "CDROMEJECT_SW" ) |
30 | 33 | _S(0x5311, "CDROM_GET_UPC" ) |
31 | 34 | _S(0x5316, "CDROMSEEK" ) |
35 | ||
32 | 36 | _S(0x5401, "TCGETS" ) |
33 | 37 | _S(0x5402, "TCSETS" ) |
34 | 38 | _S(0x5403, "TCSETSW" ) |
42 | 46 | _S(0x5414, "TIOCSWINSZ" ) |
43 | 47 | _S(0x541B, "TIOCINQ" ) |
44 | 48 | _S(0x5421, "FIONBIO" ) |
49 | _S(0x5422, "TIOCNOTTY" ) | |
45 | 50 | _S(0x8901, "FIOSETOWN" ) |
46 | 51 | _S(0x8903, "FIOGETOWN" ) |
47 | 52 | _S(0x8910, "SIOCGIFNAME" ) |
51 | 56 | _S(0x40045431, "TIOCSPTLCK" ) // Need a better fix for these |
52 | 57 | _S(0x80045430, "TIOCGPTN" ) |
53 | 58 | _S(0x80045431, "TIOCSPTLCK" ) |
59 | ||
54 | 60 | _S(0xC01C64A3, "DRM_IOCTL_MODE_CURSOR" ) |
55 | 61 | _S(0xC01864B0, "DRM_IOCTL_MODE_PAGE_FLIP" ) |
56 | 62 | _S(0xC01864B1, "DRM_IOCTL_MODE_DIRTYFB" ) |
79 | 79 | _S(67, "IPV6_TCLASS") |
80 | 80 | _S(68, "IP6T_SO_GET_REVISION_MATCH") |
81 | 81 | _S(69, "IP6T_SO_GET_REVISION_TARGET") |
82 | _S(70, "IPV6_AUTOFLOWLABEL") | |
82 | 83 | _S(72, "IPV6_ADDR_PREFERENCES") |
83 | 84 | _S(73, "IPV6_MINHOPCOUNT") |
84 | 85 | _S(74, "IPV6_ORIGDSTADDR") |
85 | 86 | _S(75, "IPV6_TRANSPARENT") |
86 | 87 | _S(76, "IPV6_UNICAST_IF") |
88 | _S(77, "IPV6_RECVFRAGSIZE") | |
87 | 89 | _S(80, "IP6T_SO_ORIGINAL_DST") |
88 | 90 |
19 | 19 | * Steve Grubb <sgrubb@redhat.com> |
20 | 20 | * Location: include/uapi/asm-generic/mman.h >0x100 |
21 | 21 | * include/uapi/asm-generic/mman-common.h < 0x100 |
22 | * NOTE: If this is updated, also update interpret.c:print_mmap() | |
23 | 22 | */ |
24 | 23 | |
25 | 24 | _S(0x00001, "MAP_SHARED" ) |
18 | 18 | * Authors: |
19 | 19 | * Steve Grubb <sgrubb@redhat.com> |
20 | 20 | * Location: include/uapi/asm-generic/fcntl.h |
21 | * NOTE: When updating this table, update interpret.c:print_open_flags() | |
22 | 21 | */ |
23 | 22 | |
24 | 23 | // Handled in the code: _S(00, "O_RDONLY" ) |
39 | 39 | _S(18, "PACKET_FANOUT") |
40 | 40 | _S(19, "PACKET_TX_HAS_OFF") |
41 | 41 | _S(20, "PACKET_QDISC_BYPASS") |
42 | ||
42 | _S(21, "PACKET_ROLLOVER_STATS") | |
43 | _S(22, "PACKET_FANOUT_DATA") |
18 | 18 | * Authors: |
19 | 19 | * Steve Grubb <sgrubb@redhat.com> |
20 | 20 | * Location: include/uapi/linux/ptrace.h |
21 | * ./arch/x86/include/uapi/asm/ptrace-abi.h | |
21 | 22 | */ |
22 | 23 | |
23 | 24 | _S(0, "PTRACE_TRACEME" ) |
39 | 40 | _S(18, "PTRACE_GETFPXREGS" ) |
40 | 41 | _S(19, "PTRACE_SETFPXREGS" ) |
41 | 42 | _S(24, "PTRACE_SYSCALL" ) |
43 | _S(25, "PTRACE_GET_THREAD_AREA") | |
44 | _S(26, "PTRACE_SET_THREAD_AREA") | |
45 | _S(30, "PTRACE_ARCH_PRCTL" ) | |
46 | _S(31, "PTRACE_SYSEMU" ) | |
47 | _S(32, "PTRACE_SYSEMU_SINGLESTEP") | |
48 | _S(33, "PTRACE_SINGLEBLOCK" ) | |
42 | 49 | _S(0x4200, "PTRACE_SETOPTIONS" ) |
43 | 50 | _S(0x4201, "PTRACE_GETEVENTMSG" ) |
44 | 51 | _S(0x4202, "PTRACE_GETSIGINFO" ) |
18 | 18 | * Authors: |
19 | 19 | * Steve Grubb <sgrubb@redhat.com> |
20 | 20 | * Location: include/linux/socket.h |
21 | * NOTE: If any update are made, update buffer size in interpret.c:print_recv() | |
22 | 21 | */ |
23 | 22 | |
24 | 23 | _S(0x00000001, "MSG_OOB") |
39 | 38 | _S(0x00008000, "MSG_MORE") |
40 | 39 | _S(0x00010000, "MSG_WAITFORONE") |
41 | 40 | _S(0x00020000, "MSG_SENDPAGE_NOTLAST") |
41 | _S(0x00040000, "MSG_BATCH") | |
42 | 42 | _S(0x20000000, "MSG_FASTOPEN") |
43 | 43 | _S(0x40000000, "MSG_CMSG_CLOEXEC") |
44 | 44 | _S(0x80000000, "MSG_CMSG_COMPAT") |
25 | 25 | _S(0x00030000U, "trap" ) |
26 | 26 | _S(0x00050000U, "errno" ) |
27 | 27 | _S(0x7ff00000U, "trace" ) |
28 | _S(0x7ffc0000U, "log" ) | |
28 | 29 | _S(0x7fff0000U, "allow" ) |
29 | 30 |
18 | 18 | * Authors: |
19 | 19 | * Steve Grubb <sgrubb@redhat.com> |
20 | 20 | * Location: include/linux/shm.h |
21 | * include/uapi/linux/shm.h | |
21 | 22 | */ |
22 | 23 | |
23 | 24 | |
24 | 25 | _S(00001000, "SHM_DEST" ) |
25 | 26 | _S(00002000, "SHM_LOCKED" ) |
27 | ||
26 | 28 | _S(00004000, "SHM_HUGETLB" ) |
27 | 29 | _S(00010000, "SHM_NORESERVE" ) |
28 | 30 |
53 | 53 | _S(278, "SOL_CAIF") |
54 | 54 | _S(279, "SOL_ALG") |
55 | 55 | _S(280, "SOL_NFC") |
56 | _S(281, "SOL_KCM") | |
57 | _S(282, "SOL_TLS") |
73 | 73 | _S(50, "SO_ATTACH_BPF") |
74 | 74 | _S(51, "SO_ATTACH_REUSEPORT_CBPF") |
75 | 75 | _S(52, "SO_ATTACH_REUSEPORT_EBPF") |
76 | _S(53, "SO_CNX_ADVICE") | |
77 | _S(54, "SCM_TIMESTAMPING_OPT_STATS") | |
78 | _S(55, "SO_MEMINFO") | |
79 | _S(56, "SO_INCOMING_NAPI_ID") | |
80 | _S(57, "SO_COOKIE") | |
81 | _S(58, "SCM_TIMESTAMPING_PKTINFO") | |
82 | _S(59, "SO_PEERGROUPS") | |
83 | _S(60, "SO_ZEROCOPY") | |
76 | 84 | |
77 | 85 | // PPC has these different |
78 | 86 | _S(116, "SO_RCVLOWAT") |
45 | 45 | _S(23, "TCP_FASTOPEN") |
46 | 46 | _S(24, "TCP_TIMESTAMP") |
47 | 47 | _S(25, "TCP_NOTSENT_LOWAT") |
48 | ||
48 | _S(26, "TCP_CC_INFO") | |
49 | _S(27, "TCP_SAVE_SYN") | |
50 | _S(28, "TCP_SAVED_SYN") | |
51 | _S(29, "TCP_REPAIR_WINDOW") | |
52 | _S(30, "TCP_FASTOPEN_CONNECT") | |
53 | _S(31, "TCP_ULP") | |
54 | _S(32, "TCP_MD5SIG_EXT") |
0 | # Makefile.in generated by automake 1.15 from Makefile.am. | |
0 | # Makefile.in generated by automake 1.15.1 from Makefile.am. | |
1 | 1 | # @configure_input@ |
2 | 2 | |
3 | # Copyright (C) 1994-2014 Free Software Foundation, Inc. | |
3 | # Copyright (C) 1994-2017 Free Software Foundation, Inc. | |
4 | 4 | |
5 | 5 | # This Makefile.in is free software; the Free Software Foundation |
6 | 6 | # gives unlimited permission to copy and/or distribute it, |
25 | 25 | _S(0x00000002, "MNT_DETACH" ) |
26 | 26 | _S(0x00000004, "MNT_EXPIRE" ) |
27 | 27 | _S(0x00000008, "UMOUNT_NOFOLLOW" ) |
28 | _S(0x80000001, "UMOUNT_UNUSED" ) | |
28 | _S(0x80000000, "UMOUNT_UNUSED" ) | |
29 | 29 |
0 | # Makefile.in generated by automake 1.15 from Makefile.am. | |
0 | # Makefile.in generated by automake 1.15.1 from Makefile.am. | |
1 | 1 | # @configure_input@ |
2 | 2 | |
3 | # Copyright (C) 1994-2014 Free Software Foundation, Inc. | |
3 | # Copyright (C) 1994-2017 Free Software Foundation, Inc. | |
4 | 4 | |
5 | 5 | # This Makefile.in is free software; the Free Software Foundation |
6 | 6 | # gives unlimited permission to copy and/or distribute it, |
0 | # Makefile.in generated by automake 1.15 from Makefile.am. | |
0 | # Makefile.in generated by automake 1.15.1 from Makefile.am. | |
1 | 1 | # @configure_input@ |
2 | 2 | |
3 | # Copyright (C) 1994-2014 Free Software Foundation, Inc. | |
3 | # Copyright (C) 1994-2017 Free Software Foundation, Inc. | |
4 | 4 | |
5 | 5 | # This Makefile.in is free software; the Free Software Foundation |
6 | 6 | # gives unlimited permission to copy and/or distribute it, |
0 | # Makefile.in generated by automake 1.15 from Makefile.am. | |
0 | # Makefile.in generated by automake 1.15.1 from Makefile.am. | |
1 | 1 | # @configure_input@ |
2 | 2 | |
3 | # Copyright (C) 1994-2014 Free Software Foundation, Inc. | |
3 | # Copyright (C) 1994-2017 Free Software Foundation, Inc. | |
4 | 4 | |
5 | 5 | # This Makefile.in is free software; the Free Software Foundation |
6 | 6 | # gives unlimited permission to copy and/or distribute it, |
2179 | 2179 | {"interpret_sock_family", (PyCFunction)AuParser_interpret_sock_family, METH_NOARGS, interpret_sock_family_doc}, |
2180 | 2180 | {"interpret_sock_port", (PyCFunction)AuParser_interpret_sock_port, METH_NOARGS, interpret_sock_port_doc}, |
2181 | 2181 | {"interpret_sock_address", (PyCFunction)AuParser_interpret_sock_address, METH_NOARGS, interpret_sock_address_doc}, |
2182 | {NULL, NULL} /* Sentinel */ | |
2182 | {NULL, NULL, 0, NULL} /* Sentinel */ | |
2183 | 2183 | }; |
2184 | 2184 | |
2185 | 2185 | PyDoc_STRVAR(AuParser_doc, |
0 | # Makefile.in generated by automake 1.15 from Makefile.am. | |
0 | # Makefile.in generated by automake 1.15.1 from Makefile.am. | |
1 | 1 | # @configure_input@ |
2 | 2 | |
3 | # Copyright (C) 1994-2014 Free Software Foundation, Inc. | |
3 | # Copyright (C) 1994-2017 Free Software Foundation, Inc. | |
4 | 4 | |
5 | 5 | # This Makefile.in is free software; the Free Software Foundation |
6 | 6 | # gives unlimited permission to copy and/or distribute it, |
0 | # Makefile.in generated by automake 1.15 from Makefile.am. | |
0 | # Makefile.in generated by automake 1.15.1 from Makefile.am. | |
1 | 1 | # @configure_input@ |
2 | 2 | |
3 | # Copyright (C) 1994-2014 Free Software Foundation, Inc. | |
3 | # Copyright (C) 1994-2017 Free Software Foundation, Inc. | |
4 | 4 | |
5 | 5 | # This Makefile.in is free software; the Free Software Foundation |
6 | 6 | # gives unlimited permission to copy and/or distribute it, |
0 | # Makefile.in generated by automake 1.15 from Makefile.am. | |
0 | # Makefile.in generated by automake 1.15.1 from Makefile.am. | |
1 | 1 | # @configure_input@ |
2 | 2 | |
3 | # Copyright (C) 1994-2014 Free Software Foundation, Inc. | |
3 | # Copyright (C) 1994-2017 Free Software Foundation, Inc. | |
4 | 4 | |
5 | 5 | # This Makefile.in is free software; the Free Software Foundation |
6 | 6 | # gives unlimited permission to copy and/or distribute it, |
0 | # Makefile.in generated by automake 1.15 from Makefile.am. | |
0 | # Makefile.in generated by automake 1.15.1 from Makefile.am. | |
1 | 1 | # @configure_input@ |
2 | 2 | |
3 | # Copyright (C) 1994-2014 Free Software Foundation, Inc. | |
3 | # Copyright (C) 1994-2017 Free Software Foundation, Inc. | |
4 | 4 | |
5 | 5 | # This Makefile.in is free software; the Free Software Foundation |
6 | 6 | # gives unlimited permission to copy and/or distribute it, |
597 | 597 | AUDIT_ACCT_LOCK = _audit.AUDIT_ACCT_LOCK |
598 | 598 | AUDIT_ACCT_UNLOCK = _audit.AUDIT_ACCT_UNLOCK |
599 | 599 | AUDIT_USER_DEVICE = _audit.AUDIT_USER_DEVICE |
600 | AUDIT_SOFTWARE_UPDATE = _audit.AUDIT_SOFTWARE_UPDATE | |
600 | 601 | AUDIT_FIRST_DAEMON = _audit.AUDIT_FIRST_DAEMON |
601 | 602 | AUDIT_LAST_DAEMON = _audit.AUDIT_LAST_DAEMON |
602 | 603 | AUDIT_DAEMON_RECONFIG = _audit.AUDIT_DAEMON_RECONFIG |
0 | # Makefile.in generated by automake 1.15 from Makefile.am. | |
0 | # Makefile.in generated by automake 1.15.1 from Makefile.am. | |
1 | 1 | # @configure_input@ |
2 | 2 | |
3 | # Copyright (C) 1994-2014 Free Software Foundation, Inc. | |
3 | # Copyright (C) 1994-2017 Free Software Foundation, Inc. | |
4 | 4 | |
5 | 5 | # This Makefile.in is free software; the Free Software Foundation |
6 | 6 | # gives unlimited permission to copy and/or distribute it, |
508 | 508 | AUDIT_ACCT_LOCK = _audit.AUDIT_ACCT_LOCK |
509 | 509 | AUDIT_ACCT_UNLOCK = _audit.AUDIT_ACCT_UNLOCK |
510 | 510 | AUDIT_USER_DEVICE = _audit.AUDIT_USER_DEVICE |
511 | AUDIT_SOFTWARE_UPDATE = _audit.AUDIT_SOFTWARE_UPDATE | |
511 | 512 | AUDIT_FIRST_DAEMON = _audit.AUDIT_FIRST_DAEMON |
512 | 513 | AUDIT_LAST_DAEMON = _audit.AUDIT_LAST_DAEMON |
513 | 514 | AUDIT_DAEMON_RECONFIG = _audit.AUDIT_DAEMON_RECONFIG |
0 | # Makefile.in generated by automake 1.15 from Makefile.am. | |
0 | # Makefile.in generated by automake 1.15.1 from Makefile.am. | |
1 | 1 | # @configure_input@ |
2 | 2 | |
3 | # Copyright (C) 1994-2014 Free Software Foundation, Inc. | |
3 | # Copyright (C) 1994-2017 Free Software Foundation, Inc. | |
4 | 4 | |
5 | 5 | # This Makefile.in is free software; the Free Software Foundation |
6 | 6 | # gives unlimited permission to copy and/or distribute it, |
0 | 0 | #! /bin/sh |
1 | 1 | # Wrapper for compilers which do not understand '-c -o'. |
2 | 2 | |
3 | scriptversion=2012-10-14.11; # UTC | |
4 | ||
5 | # Copyright (C) 1999-2014 Free Software Foundation, Inc. | |
3 | scriptversion=2016-01-11.22; # UTC | |
4 | ||
5 | # Copyright (C) 1999-2017 Free Software Foundation, Inc. | |
6 | 6 | # Written by Tom Tromey <tromey@cygnus.com>. |
7 | 7 | # |
8 | 8 | # This program is free software; you can redistribute it and/or modify |
254 | 254 | echo "compile $scriptversion" |
255 | 255 | exit $? |
256 | 256 | ;; |
257 | cl | *[/\\]cl | cl.exe | *[/\\]cl.exe ) | |
257 | cl | *[/\\]cl | cl.exe | *[/\\]cl.exe | \ | |
258 | icl | *[/\\]icl | icl.exe | *[/\\]icl.exe ) | |
258 | 259 | func_cl_wrapper "$@" # Doesn't return... |
259 | 260 | ;; |
260 | 261 | esac |
341 | 342 | # eval: (add-hook 'write-file-hooks 'time-stamp) |
342 | 343 | # time-stamp-start: "scriptversion=" |
343 | 344 | # time-stamp-format: "%:y-%02m-%02d.%02H" |
344 | # time-stamp-time-zone: "UTC" | |
345 | # time-stamp-time-zone: "UTC0" | |
345 | 346 | # time-stamp-end: "; # UTC" |
346 | 347 | # End: |
0 | 0 | #! /bin/sh |
1 | 1 | # Attempt to guess a canonical system name. |
2 | # Copyright 1992-2016 Free Software Foundation, Inc. | |
3 | ||
4 | timestamp='2016-10-02' | |
2 | # Copyright 1992-2017 Free Software Foundation, Inc. | |
3 | ||
4 | timestamp='2017-08-08' | |
5 | 5 | |
6 | 6 | # This file is free software; you can redistribute it and/or modify it |
7 | 7 | # under the terms of the GNU General Public License as published by |
49 | 49 | GNU config.guess ($timestamp) |
50 | 50 | |
51 | 51 | Originally written by Per Bothner. |
52 | Copyright 1992-2016 Free Software Foundation, Inc. | |
52 | Copyright 1992-2017 Free Software Foundation, Inc. | |
53 | 53 | |
54 | 54 | This is free software; see the source for copying conditions. There is NO |
55 | 55 | warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." |
258 | 258 | *:Sortix:*:*) |
259 | 259 | echo ${UNAME_MACHINE}-unknown-sortix |
260 | 260 | exit ;; |
261 | *:Redox:*:*) | |
262 | echo ${UNAME_MACHINE}-unknown-redox | |
263 | exit ;; | |
261 | 264 | alpha:OSF1:*:*) |
262 | 265 | case $UNAME_RELEASE in |
263 | 266 | *4.0) |
836 | 839 | UNAME_PROCESSOR=`/usr/bin/uname -p` |
837 | 840 | case ${UNAME_PROCESSOR} in |
838 | 841 | amd64) |
839 | echo x86_64-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; | |
840 | *) | |
841 | echo ${UNAME_PROCESSOR}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; | |
842 | UNAME_PROCESSOR=x86_64 ;; | |
843 | i386) | |
844 | UNAME_PROCESSOR=i586 ;; | |
842 | 845 | esac |
846 | echo ${UNAME_PROCESSOR}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` | |
843 | 847 | exit ;; |
844 | 848 | i*:CYGWIN*:*) |
845 | 849 | echo ${UNAME_MACHINE}-pc-cygwin |
1302 | 1306 | if test `echo "$UNAME_RELEASE" | sed -e 's/\..*//'` -le 10 ; then |
1303 | 1307 | if [ "$CC_FOR_BUILD" != no_compiler_found ]; then |
1304 | 1308 | if (echo '#ifdef __LP64__'; echo IS_64BIT_ARCH; echo '#endif') | \ |
1305 | (CCOPTS="" $CC_FOR_BUILD -E - 2>/dev/null) | \ | |
1306 | grep IS_64BIT_ARCH >/dev/null | |
1309 | (CCOPTS="" $CC_FOR_BUILD -E - 2>/dev/null) | \ | |
1310 | grep IS_64BIT_ARCH >/dev/null | |
1307 | 1311 | then |
1308 | 1312 | case $UNAME_PROCESSOR in |
1309 | 1313 | i386) UNAME_PROCESSOR=x86_64 ;; |
1310 | 1314 | powerpc) UNAME_PROCESSOR=powerpc64 ;; |
1311 | 1315 | esac |
1316 | fi | |
1317 | # On 10.4-10.6 one might compile for PowerPC via gcc -arch ppc | |
1318 | if (echo '#ifdef __POWERPC__'; echo IS_PPC; echo '#endif') | \ | |
1319 | (CCOPTS="" $CC_FOR_BUILD -E - 2>/dev/null) | \ | |
1320 | grep IS_PPC >/dev/null | |
1321 | then | |
1322 | UNAME_PROCESSOR=powerpc | |
1312 | 1323 | fi |
1313 | 1324 | fi |
1314 | 1325 | elif test "$UNAME_PROCESSOR" = i386 ; then |
1333 | 1344 | *:QNX:*:4*) |
1334 | 1345 | echo i386-pc-qnx |
1335 | 1346 | exit ;; |
1336 | NEO-?:NONSTOP_KERNEL:*:*) | |
1347 | NEO-*:NONSTOP_KERNEL:*:*) | |
1337 | 1348 | echo neo-tandem-nsk${UNAME_RELEASE} |
1338 | 1349 | exit ;; |
1339 | 1350 | NSE-*:NONSTOP_KERNEL:*:*) |
1340 | 1351 | echo nse-tandem-nsk${UNAME_RELEASE} |
1341 | 1352 | exit ;; |
1342 | NSR-?:NONSTOP_KERNEL:*:*) | |
1353 | NSR-*:NONSTOP_KERNEL:*:*) | |
1343 | 1354 | echo nsr-tandem-nsk${UNAME_RELEASE} |
1355 | exit ;; | |
1356 | NSX-*:NONSTOP_KERNEL:*:*) | |
1357 | echo nsx-tandem-nsk${UNAME_RELEASE} | |
1344 | 1358 | exit ;; |
1345 | 1359 | *:NonStop-UX:*:*) |
1346 | 1360 | echo mips-compaq-nonstopux |
1417 | 1431 | $0: unable to guess system type |
1418 | 1432 | |
1419 | 1433 | This script (version $timestamp), has failed to recognize the |
1420 | operating system you are using. If your script is old, overwrite | |
1421 | config.guess and config.sub with the latest versions from: | |
1434 | operating system you are using. If your script is old, overwrite *all* | |
1435 | copies of config.guess and config.sub with the latest versions from: | |
1422 | 1436 | |
1423 | 1437 | http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess |
1424 | 1438 | and |
156 | 156 | /* Define to 1 if you can safely include both <sys/time.h> and <time.h>. */ |
157 | 157 | #undef TIME_WITH_SYS_TIME |
158 | 158 | |
159 | /* Defined when fanotify headers are found */ | |
160 | #undef USE_FANOTIFY | |
161 | ||
159 | 162 | /* Define if you want to use GSSAPI */ |
160 | 163 | #undef USE_GSSAPI |
161 | 164 |
0 | 0 | #! /bin/sh |
1 | 1 | # Configuration validation subroutine script. |
2 | # Copyright 1992-2016 Free Software Foundation, Inc. | |
3 | ||
4 | timestamp='2016-09-05' | |
2 | # Copyright 1992-2017 Free Software Foundation, Inc. | |
3 | ||
4 | timestamp='2017-04-02' | |
5 | 5 | |
6 | 6 | # This file is free software; you can redistribute it and/or modify it |
7 | 7 | # under the terms of the GNU General Public License as published by |
66 | 66 | version="\ |
67 | 67 | GNU config.sub ($timestamp) |
68 | 68 | |
69 | Copyright 1992-2016 Free Software Foundation, Inc. | |
69 | Copyright 1992-2017 Free Software Foundation, Inc. | |
70 | 70 | |
71 | 71 | This is free software; see the source for copying conditions. There is NO |
72 | 72 | warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." |
262 | 262 | | fido | fr30 | frv | ft32 \ |
263 | 263 | | h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \ |
264 | 264 | | hexagon \ |
265 | | i370 | i860 | i960 | ia64 \ | |
265 | | i370 | i860 | i960 | ia16 | ia64 \ | |
266 | 266 | | ip2k | iq2000 \ |
267 | 267 | | k1om \ |
268 | 268 | | le32 | le64 \ |
300 | 300 | | open8 | or1k | or1knd | or32 \ |
301 | 301 | | pdp10 | pdp11 | pj | pjl \ |
302 | 302 | | powerpc | powerpc64 | powerpc64le | powerpcle \ |
303 | | pru \ | |
303 | 304 | | pyramid \ |
304 | 305 | | riscv32 | riscv64 \ |
305 | 306 | | rl78 | rx \ |
313 | 314 | | ubicom32 \ |
314 | 315 | | v850 | v850e | v850e1 | v850e2 | v850es | v850e2v3 \ |
315 | 316 | | visium \ |
317 | | wasm32 \ | |
316 | 318 | | we32k \ |
317 | 319 | | x86 | xc16x | xstormy16 | xtensa \ |
318 | 320 | | z8k | z80) |
386 | 388 | | h8300-* | h8500-* \ |
387 | 389 | | hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \ |
388 | 390 | | hexagon-* \ |
389 | | i*86-* | i860-* | i960-* | ia64-* \ | |
391 | | i*86-* | i860-* | i960-* | ia16-* | ia64-* \ | |
390 | 392 | | ip2k-* | iq2000-* \ |
391 | 393 | | k1om-* \ |
392 | 394 | | le32-* | le64-* \ |
427 | 429 | | orion-* \ |
428 | 430 | | pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \ |
429 | 431 | | powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* \ |
432 | | pru-* \ | |
430 | 433 | | pyramid-* \ |
431 | 434 | | riscv32-* | riscv64-* \ |
432 | 435 | | rl78-* | romp-* | rs6000-* | rx-* \ |
443 | 446 | | v850-* | v850e-* | v850e1-* | v850es-* | v850e2-* | v850e2v3-* \ |
444 | 447 | | vax-* \ |
445 | 448 | | visium-* \ |
449 | | wasm32-* \ | |
446 | 450 | | we32k-* \ |
447 | 451 | | x86-* | x86_64-* | xc16x-* | xps100-* \ |
448 | 452 | | xstormy16-* | xtensa*-* \ |
945 | 949 | nsr-tandem) |
946 | 950 | basic_machine=nsr-tandem |
947 | 951 | ;; |
952 | nsx-tandem) | |
953 | basic_machine=nsx-tandem | |
954 | ;; | |
948 | 955 | op50n-* | op60c-*) |
949 | 956 | basic_machine=hppa1.1-oki |
950 | 957 | os=-proelf |
1239 | 1246 | vxworks29k) |
1240 | 1247 | basic_machine=a29k-wrs |
1241 | 1248 | os=-vxworks |
1249 | ;; | |
1250 | wasm32) | |
1251 | basic_machine=wasm32-unknown | |
1242 | 1252 | ;; |
1243 | 1253 | w65*) |
1244 | 1254 | basic_machine=w65-wdc |
1394 | 1404 | | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \ |
1395 | 1405 | | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \ |
1396 | 1406 | | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \ |
1397 | | -chorusos* | -chorusrdb* | -cegcc* \ | |
1407 | | -chorusos* | -chorusrdb* | -cegcc* | -glidix* \ | |
1398 | 1408 | | -cygwin* | -msys* | -pe* | -psos* | -moss* | -proelf* | -rtems* \ |
1399 | 1409 | | -midipix* | -mingw32* | -mingw64* | -linux-gnu* | -linux-android* \ |
1400 | 1410 | | -linux-newlib* | -linux-musl* | -linux-uclibc* \ |
1406 | 1416 | | -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \ |
1407 | 1417 | | -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly* \ |
1408 | 1418 | | -skyos* | -haiku* | -rdos* | -toppers* | -drops* | -es* \ |
1409 | | -onefs* | -tirtos* | -phoenix*) | |
1419 | | -onefs* | -tirtos* | -phoenix* | -fuchsia* | -redox*) | |
1410 | 1420 | # Remember, each alternative MUST END IN *, to match a version number. |
1411 | 1421 | ;; |
1412 | 1422 | -qnx*) |
1635 | 1645 | sparc-* | *-sun) |
1636 | 1646 | os=-sunos4.1.1 |
1637 | 1647 | ;; |
1648 | pru-*) | |
1649 | os=-elf | |
1650 | ;; | |
1638 | 1651 | *-be) |
1639 | 1652 | os=-beos |
1640 | 1653 | ;; |
0 | 0 | #! /bin/sh |
1 | 1 | # From configure.ac Revision: 1.3 . |
2 | 2 | # Guess values for system-dependent variables and create Makefiles. |
3 | # Generated by GNU Autoconf 2.69 for audit 2.8.1. | |
3 | # Generated by GNU Autoconf 2.69 for audit 2.8.2. | |
4 | 4 | # |
5 | 5 | # |
6 | 6 | # Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. |
587 | 587 | # Identity of this package. |
588 | 588 | PACKAGE_NAME='audit' |
589 | 589 | PACKAGE_TARNAME='audit' |
590 | PACKAGE_VERSION='2.8.1' | |
591 | PACKAGE_STRING='audit 2.8.1' | |
590 | PACKAGE_VERSION='2.8.2' | |
591 | PACKAGE_STRING='audit 2.8.2' | |
592 | 592 | PACKAGE_BUGREPORT='' |
593 | 593 | PACKAGE_URL='' |
594 | 594 | |
1391 | 1391 | # Omit some internal or obsolete options to make the list less imposing. |
1392 | 1392 | # This message is too long to be a string in the A/UX 3.1 sh. |
1393 | 1393 | cat <<_ACEOF |
1394 | \`configure' configures audit 2.8.1 to adapt to many kinds of systems. | |
1394 | \`configure' configures audit 2.8.2 to adapt to many kinds of systems. | |
1395 | 1395 | |
1396 | 1396 | Usage: $0 [OPTION]... [VAR=VALUE]... |
1397 | 1397 | |
1462 | 1462 | |
1463 | 1463 | if test -n "$ac_init_help"; then |
1464 | 1464 | case $ac_init_help in |
1465 | short | recursive ) echo "Configuration of audit 2.8.1:";; | |
1465 | short | recursive ) echo "Configuration of audit 2.8.2:";; | |
1466 | 1466 | esac |
1467 | 1467 | cat <<\_ACEOF |
1468 | 1468 | |
1589 | 1589 | test -n "$ac_init_help" && exit $ac_status |
1590 | 1590 | if $ac_init_version; then |
1591 | 1591 | cat <<\_ACEOF |
1592 | audit configure 2.8.1 | |
1592 | audit configure 2.8.2 | |
1593 | 1593 | generated by GNU Autoconf 2.69 |
1594 | 1594 | |
1595 | 1595 | Copyright (C) 2012 Free Software Foundation, Inc. |
2240 | 2240 | This file contains any messages produced by compilers while |
2241 | 2241 | running configure, to aid debugging if configure makes a mistake. |
2242 | 2242 | |
2243 | It was created by audit $as_me 2.8.1, which was | |
2243 | It was created by audit $as_me 2.8.2, which was | |
2244 | 2244 | generated by GNU Autoconf 2.69. Invocation command line was |
2245 | 2245 | |
2246 | 2246 | $ $0 $@ |
3219 | 3219 | |
3220 | 3220 | # Define the identity of the package. |
3221 | 3221 | PACKAGE='audit' |
3222 | VERSION='2.8.1' | |
3222 | VERSION='2.8.2' | |
3223 | 3223 | |
3224 | 3224 | |
3225 | 3225 | cat >>confdefs.h <<_ACEOF |
14737 | 14737 | |
14738 | 14738 | # Find any Python interpreter. |
14739 | 14739 | if test -z "$PYTHON"; then |
14740 | for ac_prog in python python2 python3 python3.3 python3.2 python3.1 python3.0 python2.7 python2.6 python2.5 python2.4 python2.3 python2.2 python2.1 python2.0 | |
14740 | for ac_prog in python python2 python3 python3.5 python3.4 python3.3 python3.2 python3.1 python3.0 python2.7 python2.6 python2.5 python2.4 python2.3 python2.2 python2.1 python2.0 | |
14741 | 14741 | do |
14742 | 14742 | # Extract the first word of "$ac_prog", so it can be a program name with args. |
14743 | 14743 | set dummy $ac_prog; ac_word=$2 |
15337 | 15337 | ENABLE_SYSTEMD_TRUE='#' |
15338 | 15338 | ENABLE_SYSTEMD_FALSE= |
15339 | 15339 | fi |
15340 | ||
15341 | ||
15342 | # linux/fanotify.h | |
15343 | ac_fn_c_check_header_mongrel "$LINENO" "linux/fanotify.h" "ac_cv_header_linux_fanotify_h" "$ac_includes_default" | |
15344 | if test "x$ac_cv_header_linux_fanotify_h" = xyes; then : | |
15345 | ||
15346 | $as_echo "#define USE_FANOTIFY /**/" >>confdefs.h | |
15347 | ||
15348 | fi | |
15349 | ||
15340 | 15350 | |
15341 | 15351 | |
15342 | 15352 | withval="" |
16509 | 16519 | # report actual input values of CONFIG_FILES etc. instead of their |
16510 | 16520 | # values after options handling. |
16511 | 16521 | ac_log=" |
16512 | This file was extended by audit $as_me 2.8.1, which was | |
16522 | This file was extended by audit $as_me 2.8.2, which was | |
16513 | 16523 | generated by GNU Autoconf 2.69. Invocation command line was |
16514 | 16524 | |
16515 | 16525 | CONFIG_FILES = $CONFIG_FILES |
16575 | 16585 | cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 |
16576 | 16586 | ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" |
16577 | 16587 | ac_cs_version="\\ |
16578 | audit config.status 2.8.1 | |
16588 | audit config.status 2.8.2 | |
16579 | 16589 | configured by $0, generated by GNU Autoconf 2.69, |
16580 | 16590 | with options \\"\$ac_cs_config\\" |
16581 | 16591 |
28 | 28 | ]) |
29 | 29 | |
30 | 30 | AC_REVISION($Revision: 1.3 $)dnl |
31 | AC_INIT(audit,2.8.1) | |
31 | AC_INIT(audit,2.8.2) | |
32 | 32 | AC_PREREQ(2.12)dnl |
33 | 33 | AM_CONFIG_HEADER(config.h) |
34 | 34 | |
248 | 248 | [want_systemd="no"] |
249 | 249 | ) |
250 | 250 | AM_CONDITIONAL(ENABLE_SYSTEMD, test x$want_systemd = xyes) |
251 | ||
252 | # linux/fanotify.h | |
253 | AC_CHECK_HEADER(linux/fanotify.h, [ AC_DEFINE(USE_FANOTIFY, [], | |
254 | [Defined when fanotify headers are found]) ]) | |
251 | 255 | |
252 | 256 | withval="" |
253 | 257 | ALLDEBUG="-g" |
0 | 0 | #! /bin/sh |
1 | 1 | # depcomp - compile a program generating dependencies as side-effects |
2 | 2 | |
3 | scriptversion=2013-05-30.07; # UTC | |
4 | ||
5 | # Copyright (C) 1999-2014 Free Software Foundation, Inc. | |
3 | scriptversion=2016-01-11.22; # UTC | |
4 | ||
5 | # Copyright (C) 1999-2017 Free Software Foundation, Inc. | |
6 | 6 | |
7 | 7 | # This program is free software; you can redistribute it and/or modify |
8 | 8 | # it under the terms of the GNU General Public License as published by |
785 | 785 | # eval: (add-hook 'write-file-hooks 'time-stamp) |
786 | 786 | # time-stamp-start: "scriptversion=" |
787 | 787 | # time-stamp-format: "%:y-%02m-%02d.%02H" |
788 | # time-stamp-time-zone: "UTC" | |
788 | # time-stamp-time-zone: "UTC0" | |
789 | 789 | # time-stamp-end: "; # UTC" |
790 | 790 | # End: |
0 | # Makefile.in generated by automake 1.15 from Makefile.am. | |
0 | # Makefile.in generated by automake 1.15.1 from Makefile.am. | |
1 | 1 | # @configure_input@ |
2 | 2 | |
3 | # Copyright (C) 1994-2014 Free Software Foundation, Inc. | |
3 | # Copyright (C) 1994-2017 Free Software Foundation, Inc. | |
4 | 4 | |
5 | 5 | # This Makefile.in is free software; the Free Software Foundation |
6 | 6 | # gives unlimited permission to copy and/or distribute it, |
6 | 6 | unsigned int auparse_get_field_num(auparse_state_t *au); |
7 | 7 | |
8 | 8 | .SH "DESCRIPTION" |
9 | auparse_get_field_num will retreive the internal library cursors current field location in the current record. Fields within the same record are numbered starting from 0. This is generally not needed but there are some cases where one may want to know the exact field being looked at. | |
9 | auparse_get_field_num will retrieve the internal library cursors current field location in the current record. Fields within the same record are numbered starting from 0. This is generally not needed but there are some cases where one may want to know the exact field being looked at. | |
10 | 10 | |
11 | 11 | .SH "RETURN VALUE" |
12 | 12 |
6 | 6 | unsigned int auparse_get_record_num(auparse_state_t *au); |
7 | 7 | |
8 | 8 | .SH "DESCRIPTION" |
9 | auparse_get_record_num will retreive the internal library cursors current record location in the current event. Records within the same event are numbered starting from 0. This is generally not needed but there are some cases where one may want to know the exact record being looked at. | |
9 | auparse_get_record_num will retrieve the internal library cursors current record location in the current event. Records within the same event are numbered starting from 0. This is generally not needed but there are some cases where one may want to know the exact record being looked at. | |
10 | 10 | |
11 | 11 | .SH "RETURN VALUE" |
12 | 12 |
0 | # Makefile.in generated by automake 1.15 from Makefile.am. | |
0 | # Makefile.in generated by automake 1.15.1 from Makefile.am. | |
1 | 1 | # @configure_input@ |
2 | 2 | |
3 | # Copyright (C) 1994-2014 Free Software Foundation, Inc. | |
3 | # Copyright (C) 1994-2017 Free Software Foundation, Inc. | |
4 | 4 | |
5 | 5 | # This Makefile.in is free software; the Free Software Foundation |
6 | 6 | # gives unlimited permission to copy and/or distribute it, |
49 | 49 | test -x /sbin/auditd || exit 5 |
50 | 50 | test -f /etc/audit/auditd.conf || exit 6 |
51 | 51 | |
52 | echo -n $"Starting $prog: " | |
52 | printf "Starting $prog: " | |
53 | 53 | |
54 | 54 | # Localization for auditd is controlled in /etc/synconfig/auditd |
55 | 55 | if [ -z "$AUDITD_LANG" -o "$AUDITD_LANG" = "none" -o "$AUDITD_LANG" = "NONE" ]; then |
84 | 84 | } |
85 | 85 | |
86 | 86 | stop(){ |
87 | echo -n $"Stopping $prog: " | |
87 | printf "Stopping $prog: " | |
88 | 88 | killproc $prog |
89 | 89 | RETVAL=$? |
90 | 90 | echo |
101 | 101 | |
102 | 102 | reload(){ |
103 | 103 | test -f /etc/audit/auditd.conf || exit 6 |
104 | echo -n $"Reloading configuration: " | |
104 | printf "Reloading configuration: " | |
105 | 105 | killproc $prog -HUP |
106 | 106 | RETVAL=$? |
107 | 107 | echo |
109 | 109 | } |
110 | 110 | |
111 | 111 | rotate(){ |
112 | echo -n $"Rotating logs: " | |
112 | printf "Rotating logs: " | |
113 | 113 | killproc $prog -USR1 |
114 | 114 | RETVAL=$? |
115 | 115 | echo |
117 | 117 | } |
118 | 118 | |
119 | 119 | resume(){ |
120 | echo -n $"Resuming logging: " | |
120 | printf "Resuming logging: " | |
121 | 121 | killproc $prog -USR2 |
122 | 122 | RETVAL=$? |
123 | 123 | echo |
160 | 160 | condrestart |
161 | 161 | ;; |
162 | 162 | *) |
163 | echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|rotate|resume}" | |
163 | echo "Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|rotate|resume}" | |
164 | 164 | RETVAL=3 |
165 | 165 | esac |
166 | 166 |
6 | 6 | |
7 | 7 | PATH=/sbin:/bin:/usr/bin:/usr/sbin |
8 | 8 | prog="auditd" |
9 | source /etc/init.d/functions | |
9 | . /etc/init.d/functions | |
10 | 10 | |
11 | echo -n $"Resuming logging: " | |
11 | printf "Resuming logging: " | |
12 | 12 | killproc $prog -USR2 |
13 | 13 | RETVAL=$? |
14 | 14 | echo |
6 | 6 | |
7 | 7 | PATH=/sbin:/bin:/usr/bin:/usr/sbin |
8 | 8 | prog="auditd" |
9 | source /etc/init.d/functions | |
9 | . /etc/init.d/functions | |
10 | 10 | |
11 | echo -n $"Rotating logs: " | |
11 | printf "Rotating logs: " | |
12 | 12 | killproc $prog -USR1 |
13 | 13 | RETVAL=$? |
14 | 14 | echo |
6 | 6 | |
7 | 7 | PATH=/sbin:/bin:/usr/bin:/usr/sbin |
8 | 8 | prog="auditd" |
9 | source /etc/init.d/functions | |
9 | . /etc/init.d/functions | |
10 | 10 | |
11 | echo -n $"Stopping logging: " | |
11 | printf "Stopping logging: " | |
12 | 12 | killproc $prog -TERM |
13 | 13 | RETVAL=$? |
14 | 14 | echo |
75 | 75 | echo "## This file is automatically generated from $SourceRulesDir" >> ${TmpRules} |
76 | 76 | for rules in $(/bin/ls -1v ${SourceRulesDir} | grep "\.rules$") ; do |
77 | 77 | cat ${SourceRulesDir}/${rules} |
78 | done | awk '\ | |
78 | done | awk ' | |
79 | 79 | BEGIN { |
80 | 80 | minus_e = ""; |
81 | 81 | minus_D = ""; |
0 | 0 | #!/bin/sh |
1 | 1 | # install - install a program, script, or datafile |
2 | 2 | |
3 | scriptversion=2013-12-25.23; # UTC | |
3 | scriptversion=2016-01-11.22; # UTC | |
4 | 4 | |
5 | 5 | # This originates from X11R5 (mit/util/scripts/install.sh), which was |
6 | 6 | # later released in X11R6 (xc/config/util/install.sh) with the |
495 | 495 | # eval: (add-hook 'write-file-hooks 'time-stamp) |
496 | 496 | # time-stamp-start: "scriptversion=" |
497 | 497 | # time-stamp-format: "%:y-%02m-%02d.%02H" |
498 | # time-stamp-time-zone: "UTC" | |
498 | # time-stamp-time-zone: "UTC0" | |
499 | 499 | # time-stamp-end: "; # UTC" |
500 | 500 | # End: |
0 | # Makefile.in generated by automake 1.15 from Makefile.am. | |
0 | # Makefile.in generated by automake 1.15.1 from Makefile.am. | |
1 | 1 | # @configure_input@ |
2 | 2 | |
3 | # Copyright (C) 1994-2014 Free Software Foundation, Inc. | |
3 | # Copyright (C) 1994-2017 Free Software Foundation, Inc. | |
4 | 4 | |
5 | 5 | # This Makefile.in is free software; the Free Software Foundation |
6 | 6 | # gives unlimited permission to copy and/or distribute it, |
379 | 379 | _S(394, "pkey_mprotect") |
380 | 380 | _S(395, "pkey_alloc") |
381 | 381 | _S(396, "pkey_free") |
382 | _S(397, "statx") |
518 | 518 | int audit_reset_lost(int fd) |
519 | 519 | { |
520 | 520 | int rc; |
521 | int seq; | |
521 | 522 | struct audit_status s; |
522 | 523 | |
523 | 524 | if ((audit_get_features() & AUDIT_FEATURE_BITMAP_LOST_RESET) == 0) |
526 | 527 | memset(&s, 0, sizeof(s)); |
527 | 528 | s.mask = AUDIT_STATUS_LOST; |
528 | 529 | s.lost = 0; |
529 | rc = audit_send(fd, AUDIT_SET, &s, sizeof(s)); | |
530 | rc = __audit_send(fd, AUDIT_SET, &s, sizeof(s), &seq); | |
530 | 531 | if (rc < 0) |
531 | 532 | audit_msg(audit_priority(errno), |
532 | 533 | "Error sending lost reset request (%s)", |
836 | 837 | } |
837 | 838 | |
838 | 839 | /* |
839 | * This function will retreive the loginuid or -1 if there | |
840 | * This function will retrieve the loginuid or -1 if there | |
840 | 841 | * is an error. |
841 | 842 | */ |
842 | 843 | uid_t audit_getloginuid(void) |
900 | 901 | } |
901 | 902 | |
902 | 903 | /* |
903 | * This function will retreive the login session or -2 if there | |
904 | * This function will retrieve the login session or -2 if there | |
904 | 905 | * is an error. |
905 | 906 | */ |
906 | 907 | uint32_t audit_get_session(void) |
96 | 96 | #define AUDIT_ACCT_LOCK 1135 /* User's account locked by admin */ |
97 | 97 | #define AUDIT_ACCT_UNLOCK 1136 /* User's account unlocked by admin */ |
98 | 98 | #define AUDIT_USER_DEVICE 1137 /* User space hotplug device changes */ |
99 | #define AUDIT_SOFTWARE_UPDATE 1138 /* Software update event */ | |
99 | 100 | |
100 | 101 | #define AUDIT_FIRST_DAEMON 1200 |
101 | 102 | #define AUDIT_LAST_DAEMON 1299 |
74 | 74 | _S(AUDIT_ACCT_LOCK, "ACCT_LOCK" ) |
75 | 75 | _S(AUDIT_ACCT_UNLOCK, "ACCT_UNLOCK" ) |
76 | 76 | _S(AUDIT_USER_DEVICE, "USER_DEVICE" ) |
77 | _S(AUDIT_SOFTWARE_UPDATE, "SOFTWARE_UPDATE" ) | |
77 | 78 | _S(AUDIT_SYSTEM_BOOT, "SYSTEM_BOOT" ) |
78 | 79 | _S(AUDIT_SYSTEM_SHUTDOWN, "SYSTEM_SHUTDOWN" ) |
79 | 80 | _S(AUDIT_SYSTEM_RUNLEVEL, "SYSTEM_RUNLEVEL" ) |
202 | 202 | * error: -errno |
203 | 203 | * short: 0 |
204 | 204 | */ |
205 | int audit_send(int fd, int type, const void *data, unsigned int size) | |
205 | int __audit_send(int fd, int type, const void *data, unsigned int size, int *seq) | |
206 | 206 | { |
207 | 207 | static int sequence = 0; |
208 | 208 | struct audit_message req; |
223 | 223 | |
224 | 224 | if (++sequence < 0) |
225 | 225 | sequence = 1; |
226 | *seq = sequence; | |
226 | 227 | |
227 | 228 | memset(&req, 0, sizeof(req)); |
228 | 229 | req.nlh.nlmsg_len = NLMSG_SPACE(size); |
240 | 241 | retval = sendto(fd, &req, req.nlh.nlmsg_len, 0, |
241 | 242 | (struct sockaddr*)&addr, sizeof(addr)); |
242 | 243 | } while (retval < 0 && errno == EINTR); |
243 | if (retval == (int)req.nlh.nlmsg_len) { | |
244 | if ((retval = check_ack(fd)) == 0) | |
245 | return sequence; | |
246 | else | |
247 | return retval; | |
248 | } | |
249 | if (retval < 0) | |
250 | return -errno; | |
244 | if (retval == (int)req.nlh.nlmsg_len) | |
245 | return check_ack(fd); | |
246 | if (retval < 0) { | |
247 | return -errno; | |
248 | } else if (retval > 0) { | |
249 | errno = EINVAL; | |
250 | return -errno; | |
251 | } | |
251 | 252 | |
252 | 253 | return 0; |
254 | } | |
255 | ||
256 | int audit_send(int fd, int type, const void *data, unsigned int size) | |
257 | { | |
258 | int rc; | |
259 | int seq; | |
260 | ||
261 | rc = __audit_send(fd, type, data, size, &seq); | |
262 | if (rc == 0) | |
263 | rc = seq; | |
264 | return rc; | |
253 | 265 | } |
254 | 266 | |
255 | 267 | /* |
120 | 120 | #endif |
121 | 121 | |
122 | 122 | extern int audit_send(int fd, int type, const void *data, unsigned int size); |
123 | extern int __audit_send(int fd, int type, const void *data, unsigned int size, int *seq); | |
123 | 124 | |
124 | 125 | AUDIT_HIDDEN_START |
125 | 126 |
0 | # Makefile.in generated by automake 1.15 from Makefile.am. | |
0 | # Makefile.in generated by automake 1.15.1 from Makefile.am. | |
1 | 1 | # @configure_input@ |
2 | 2 | |
3 | # Copyright (C) 1994-2014 Free Software Foundation, Inc. | |
3 | # Copyright (C) 1994-2017 Free Software Foundation, Inc. | |
4 | 4 | |
5 | 5 | # This Makefile.in is free software; the Free Software Foundation |
6 | 6 | # gives unlimited permission to copy and/or distribute it, |
0 | # Makefile.in generated by automake 1.15 from Makefile.am. | |
0 | # Makefile.in generated by automake 1.15.1 from Makefile.am. | |
1 | 1 | # @configure_input@ |
2 | 2 | |
3 | # Copyright (C) 1994-2014 Free Software Foundation, Inc. | |
3 | # Copyright (C) 1994-2017 Free Software Foundation, Inc. | |
4 | 4 | |
5 | 5 | # This Makefile.in is free software; the Free Software Foundation |
6 | 6 | # gives unlimited permission to copy and/or distribute it, |
0 | 0 | #! /bin/sh |
1 | 1 | # Common wrapper for a few potentially missing GNU programs. |
2 | 2 | |
3 | scriptversion=2013-10-28.13; # UTC | |
4 | ||
5 | # Copyright (C) 1996-2014 Free Software Foundation, Inc. | |
3 | scriptversion=2016-01-11.22; # UTC | |
4 | ||
5 | # Copyright (C) 1996-2017 Free Software Foundation, Inc. | |
6 | 6 | # Originally written by Fran,cois Pinard <pinard@iro.umontreal.ca>, 1996. |
7 | 7 | |
8 | 8 | # This program is free software; you can redistribute it and/or modify |
209 | 209 | # eval: (add-hook 'write-file-hooks 'time-stamp) |
210 | 210 | # time-stamp-start: "scriptversion=" |
211 | 211 | # time-stamp-format: "%:y-%02m-%02d.%02H" |
212 | # time-stamp-time-zone: "UTC" | |
212 | # time-stamp-time-zone: "UTC0" | |
213 | 213 | # time-stamp-end: "; # UTC" |
214 | 214 | # End: |
0 | 0 | #!/bin/sh |
1 | 1 | # py-compile - Compile a Python program |
2 | 2 | |
3 | scriptversion=2011-06-08.12; # UTC | |
3 | scriptversion=2016-01-11.22; # UTC | |
4 | 4 | |
5 | # Copyright (C) 2000-2014 Free Software Foundation, Inc. | |
5 | # Copyright (C) 2000-2017 Free Software Foundation, Inc. | |
6 | 6 | |
7 | 7 | # This program is free software; you can redistribute it and/or modify |
8 | 8 | # it under the terms of the GNU General Public License as published by |
164 | 164 | # eval: (add-hook 'write-file-hooks 'time-stamp) |
165 | 165 | # time-stamp-start: "scriptversion=" |
166 | 166 | # time-stamp-format: "%:y-%02m-%02d.%02H" |
167 | # time-stamp-time-zone: "UTC" | |
167 | # time-stamp-time-zone: "UTC0" | |
168 | 168 | # time-stamp-end: "; # UTC" |
169 | 169 | # End: |
0 | # Makefile.in generated by automake 1.15 from Makefile.am. | |
0 | # Makefile.in generated by automake 1.15.1 from Makefile.am. | |
1 | 1 | # @configure_input@ |
2 | 2 | |
3 | # Copyright (C) 1994-2014 Free Software Foundation, Inc. | |
3 | # Copyright (C) 1994-2017 Free Software Foundation, Inc. | |
4 | 4 | |
5 | 5 | # This Makefile.in is free software; the Free Software Foundation |
6 | 6 | # gives unlimited permission to copy and/or distribute it, |
0 | # Makefile.in generated by automake 1.15 from Makefile.am. | |
0 | # Makefile.in generated by automake 1.15.1 from Makefile.am. | |
1 | 1 | # @configure_input@ |
2 | 2 | |
3 | # Copyright (C) 1994-2014 Free Software Foundation, Inc. | |
3 | # Copyright (C) 1994-2017 Free Software Foundation, Inc. | |
4 | 4 | |
5 | 5 | # This Makefile.in is free software; the Free Software Foundation |
6 | 6 | # gives unlimited permission to copy and/or distribute it, |
1096 | 1096 | |
1097 | 1097 | if ((ptr1 = strchr(acct, '@'))) { |
1098 | 1098 | char *ptr2; |
1099 | struct hostent *t_addr; | |
1099 | int rc2; | |
1100 | struct addrinfo *ai; | |
1101 | struct addrinfo hints; | |
1100 | 1102 | |
1101 | 1103 | ptr2 = strrchr(acct, '.'); // get last dot - sb after @ |
1102 | 1104 | if ((ptr2 == NULL) || (ptr1 > ptr2)) { |
1105 | 1107 | return 2; |
1106 | 1108 | } |
1107 | 1109 | |
1108 | t_addr = gethostbyname(ptr1+1); | |
1109 | if (t_addr == 0) { | |
1110 | memset(&hints, 0, sizeof(hints)); | |
1111 | hints.ai_flags = AI_ADDRCONFIG | AI_CANONNAME; | |
1112 | hints.ai_socktype = SOCK_STREAM; | |
1113 | ||
1114 | rc2 = getaddrinfo(ptr1+1, NULL, &hints, &ai); | |
1115 | freeaddrinfo(ai); | |
1116 | if (rc2 != 0) { | |
1110 | 1117 | if ((h_errno == HOST_NOT_FOUND) || |
1111 | (h_errno == NO_RECOVERY)) { | |
1112 | audit_msg(LOG_ERR, | |
1113 | "validate_email: failed looking up host for %s", | |
1114 | ptr1+1); | |
1115 | // FIXME: gethostbyname is having trouble | |
1116 | // telling when we have a temporary vs permanent | |
1117 | // dns failure. So, for now, treat all as temp | |
1118 | return 1; | |
1119 | } else if (h_errno == TRY_AGAIN) | |
1118 | (h_errno == NO_RECOVERY)) { | |
1119 | audit_msg(LOG_ERR, | |
1120 | "validate_email: failed looking up host for %s (%s)", | |
1121 | ptr1+1, gai_strerror(rc2)); | |
1122 | // FIXME: How can we tell that we truly have | |
1123 | // a permanent failure and what is that? For | |
1124 | // now treat all as temp failure. | |
1125 | } else if (h_errno == TRY_AGAIN) { | |
1120 | 1126 | audit_msg(LOG_DEBUG, |
1121 | 1127 | "validate_email: temporary failure looking up domain for %s", |
1122 | 1128 | ptr1+1); |
1129 | } | |
1123 | 1130 | return 1; |
1124 | 1131 | } |
1125 | 1132 | } |
1817 | 1824 | if (rc2 != 0) { |
1818 | 1825 | audit_msg(LOG_ERR, |
1819 | 1826 | "Cannot resolve hostname %s (%s)", |
1820 | tmp_name, gai_strerror(rc)); | |
1827 | tmp_name, gai_strerror(rc2)); | |
1821 | 1828 | rc = -1; |
1822 | 1829 | break; |
1823 | 1830 | } |
1061 | 1061 | } |
1062 | 1062 | } |
1063 | 1063 | |
1064 | static int last_log = 1; | |
1064 | static unsigned int last_log = 1; | |
1065 | 1065 | static void shift_logs(void) |
1066 | 1066 | { |
1067 | 1067 | // The way this has to work is to start scanning from .1 up until |
113 | 113 | |
114 | 114 | static void set_close_on_exec(int fd) |
115 | 115 | { |
116 | int flags = fcntl (fd, F_GETFD); | |
116 | int flags = fcntl(fd, F_GETFD); | |
117 | 117 | if (flags == -1) |
118 | 118 | flags = 0; |
119 | 119 | flags |= FD_CLOEXEC; |
120 | fcntl (fd, F_SETFD, flags); | |
120 | fcntl(fd, F_SETFD, flags); | |
121 | 121 | } |
122 | 122 | |
123 | 123 | static void release_client(struct ev_tcp *client) |
143 | 143 | |
144 | 144 | static void close_client(struct ev_tcp *client) |
145 | 145 | { |
146 | release_client (client); | |
147 | free (client); | |
148 | } | |
149 | ||
150 | static int ar_write (int sock, const void *buf, int len) | |
146 | release_client(client); | |
147 | free(client); | |
148 | } | |
149 | ||
150 | static int ar_write(int sock, const void *buf, int len) | |
151 | 151 | { |
152 | 152 | int rc = 0, w; |
153 | 153 | while (len > 0) { |
166 | 166 | } |
167 | 167 | |
168 | 168 | #ifdef USE_GSSAPI |
169 | static int ar_read (int sock, void *buf, int len) | |
169 | static int ar_read(int sock, void *buf, int len) | |
170 | 170 | { |
171 | 171 | int rc = 0, r; |
172 | 172 | while (len > 0) { |
191 | 191 | the tokens. The protocol we use for transferring tokens is to send |
192 | 192 | the length first, four bytes MSB first, then the token data. We |
193 | 193 | return nonzero on error. */ |
194 | static int recv_token (int s, gss_buffer_t tok) | |
194 | static int recv_token(int s, gss_buffer_t tok) | |
195 | 195 | { |
196 | 196 | int ret; |
197 | 197 | unsigned char lenbuf[4]; |
198 | 198 | unsigned int len; |
199 | 199 | |
200 | ret = ar_read(s, (char *) lenbuf, 4); | |
200 | ret = ar_read(s, (char *)lenbuf, 4); | |
201 | 201 | if (ret < 0) { |
202 | 202 | audit_msg(LOG_ERR, "GSS-API error reading token length"); |
203 | 203 | return -1; |
219 | 219 | } |
220 | 220 | tok->length = len; |
221 | 221 | |
222 | tok->value = (char *) malloc(tok->length ? tok->length : 1); | |
222 | tok->value = (char *)malloc(tok->length ? tok->length : 1); | |
223 | 223 | if (tok->length && tok->value == NULL) { |
224 | 224 | audit_msg(LOG_ERR, "Out of memory allocating token data"); |
225 | 225 | return -1; |
226 | 226 | } |
227 | 227 | |
228 | ret = ar_read(s, (char *) tok->value, tok->length); | |
228 | ret = ar_read(s, (char *)tok->value, tok->length); | |
229 | 229 | if (ret < 0) { |
230 | 230 | audit_msg(LOG_ERR, "GSS-API error reading token data"); |
231 | 231 | free(tok->value); |
242 | 242 | /* Same here. */ |
243 | 243 | int send_token(int s, gss_buffer_t tok) |
244 | 244 | { |
245 | int ret; | |
245 | int ret; | |
246 | 246 | unsigned char lenbuf[4]; |
247 | 247 | unsigned int len; |
248 | 248 | |
267 | 267 | if (ret < 0) { |
268 | 268 | audit_msg(LOG_ERR, "GSS-API error sending token data"); |
269 | 269 | return -1; |
270 | } else if (ret != (int) tok->length) { | |
270 | } else if (ret != (int)tok->length) { | |
271 | 271 | audit_msg(LOG_ERR, "GSS-API error sending token data"); |
272 | 272 | return -1; |
273 | 273 | } |
276 | 276 | } |
277 | 277 | |
278 | 278 | |
279 | static void gss_failure_2 (const char *msg, int status, int type) | |
279 | static void gss_failure_2(const char *msg, int status, int type) | |
280 | 280 | { |
281 | 281 | OM_uint32 message_context = 0; |
282 | 282 | OM_uint32 min_status = 0; |
283 | 283 | gss_buffer_desc status_string; |
284 | 284 | |
285 | 285 | do { |
286 | gss_display_status (&min_status, | |
286 | gss_display_status(&min_status, | |
287 | 287 | status, |
288 | 288 | type, |
289 | 289 | GSS_C_NO_OID, |
297 | 297 | } while (message_context != 0); |
298 | 298 | } |
299 | 299 | |
300 | static void gss_failure (const char *msg, int major_status, int minor_status) | |
301 | { | |
302 | gss_failure_2 (msg, major_status, GSS_C_GSS_CODE); | |
300 | static void gss_failure(const char *msg, int major_status, int minor_status) | |
301 | { | |
302 | gss_failure_2(msg, major_status, GSS_C_GSS_CODE); | |
303 | 303 | if (minor_status) |
304 | gss_failure_2 (msg, minor_status, GSS_C_MECH_CODE); | |
304 | gss_failure_2(msg, minor_status, GSS_C_MECH_CODE); | |
305 | 305 | } |
306 | 306 | |
307 | 307 | #define KCHECK(x,f) if (x) { \ |
322 | 322 | krb5_context kcontext = NULL; |
323 | 323 | int krberr; |
324 | 324 | |
325 | my_service_name = strdup (service_name); | |
325 | my_service_name = strdup(service_name); | |
326 | 326 | name_buf.value = (char *)service_name; |
327 | 327 | name_buf.length = strlen(name_buf.value) + 1; |
328 | 328 | major_status = gss_import_name(&minor_status, &name_buf, |
345 | 345 | |
346 | 346 | (void) gss_release_name(&minor_status, &server_name); |
347 | 347 | |
348 | krberr = krb5_init_context (&kcontext); | |
348 | krberr = krb5_init_context(&kcontext); | |
349 | 349 | KCHECK (krberr, "krb5_init_context"); |
350 | krberr = krb5_get_default_realm (kcontext, &my_gss_realm); | |
350 | krberr = krb5_get_default_realm(kcontext, &my_gss_realm); | |
351 | 351 | KCHECK (krberr, "krb5_get_default_realm"); |
352 | 352 | |
353 | 353 | audit_msg(LOG_DEBUG, "GSS creds for %s acquired", service_name); |
359 | 359 | the case of Kerberos, this is where the key exchange happens. |
360 | 360 | FIXME: While everything else is strictly nonblocking, this |
361 | 361 | negotiation blocks. */ |
362 | static int negotiate_credentials (ev_tcp *io) | |
362 | static int negotiate_credentials(ev_tcp *io) | |
363 | 363 | { |
364 | 364 | gss_buffer_desc send_tok, recv_tok; |
365 | 365 | gss_name_t client; |
439 | 439 | |
440 | 440 | audit_msg(LOG_INFO, "GSS-API Accepted connection from: %s", |
441 | 441 | (char *)recv_tok.value); |
442 | io->remote_name = strdup (recv_tok.value); | |
443 | io->remote_name_len = strlen (recv_tok.value); | |
442 | io->remote_name = strdup(recv_tok.value); | |
443 | io->remote_name_len = strlen(recv_tok.value); | |
444 | 444 | gss_release_buffer(&min_stat, &recv_tok); |
445 | 445 | |
446 | slashptr = strchr (io->remote_name, '/'); | |
447 | atptr = strchr (io->remote_name, '@'); | |
446 | slashptr = strchr(io->remote_name, '/'); | |
447 | atptr = strchr(io->remote_name, '@'); | |
448 | 448 | |
449 | 449 | if (!slashptr || !atptr) { |
450 | 450 | audit_msg(LOG_ERR, "Invalid GSS name from remote client: %s", |
453 | 453 | } |
454 | 454 | |
455 | 455 | *slashptr = 0; |
456 | if (strcmp (io->remote_name, my_service_name)) { | |
456 | if (strcmp(io->remote_name, my_service_name)) { | |
457 | 457 | audit_msg(LOG_ERR, "Unauthorized GSS client name: %s (not %s)", |
458 | 458 | io->remote_name, my_service_name); |
459 | 459 | return -1; |
460 | 460 | } |
461 | 461 | *slashptr = '/'; |
462 | 462 | |
463 | if (strcmp (atptr+1, my_gss_realm)) { | |
463 | if (strcmp(atptr+1, my_gss_realm)) { | |
464 | 464 | audit_msg(LOG_ERR, "Unauthorized GSS client realm: %s (not %s)", |
465 | 465 | atptr+1, my_gss_realm); |
466 | 466 | return -1; |
472 | 472 | |
473 | 473 | /* This is called from auditd-event after the message has been logged. |
474 | 474 | The header is already filled in. */ |
475 | static void client_ack (void *ack_data, const unsigned char *header, | |
475 | static void client_ack(void *ack_data, const unsigned char *header, | |
476 | 476 | const char *msg) |
477 | 477 | { |
478 | 478 | ev_tcp *io = (ev_tcp *)ack_data; |
482 | 482 | gss_buffer_desc utok, etok; |
483 | 483 | int rc, mlen; |
484 | 484 | |
485 | mlen = strlen (msg); | |
485 | mlen = strlen(msg); | |
486 | 486 | utok.length = AUDIT_RMW_HEADER_SIZE + mlen; |
487 | utok.value = malloc (utok.length + 1); | |
488 | ||
489 | memcpy (utok.value, header, AUDIT_RMW_HEADER_SIZE); | |
490 | memcpy (utok.value+AUDIT_RMW_HEADER_SIZE, msg, mlen); | |
487 | utok.value = malloc(utok.length + 1); | |
488 | ||
489 | memcpy(utok.value, header, AUDIT_RMW_HEADER_SIZE); | |
490 | memcpy(utok.value+AUDIT_RMW_HEADER_SIZE, msg, mlen); | |
491 | 491 | |
492 | 492 | /* Wrapping the message creates a token for the |
493 | 493 | client. Then we just have to worry about sending |
494 | 494 | the token. */ |
495 | 495 | |
496 | major_status = gss_wrap (&minor_status, | |
496 | major_status = gss_wrap(&minor_status, | |
497 | 497 | io->gss_context, |
498 | 498 | 1, |
499 | 499 | GSS_C_QOP_DEFAULT, |
503 | 503 | if (major_status != GSS_S_COMPLETE) { |
504 | 504 | gss_failure("encrypting message", major_status, |
505 | 505 | minor_status); |
506 | free (utok.value); | |
506 | free(utok.value); | |
507 | 507 | return; |
508 | 508 | } |
509 | 509 | // FIXME: What were we going to do with rc? |
510 | rc = send_token (io->io.fd, &etok); | |
511 | free (utok.value); | |
510 | rc = send_token(io->io.fd, &etok); | |
511 | free(utok.value); | |
512 | 512 | (void) gss_release_buffer(&minor_status, &etok); |
513 | 513 | |
514 | 514 | return; |
515 | 515 | } |
516 | 516 | #endif |
517 | 517 | // Send the header and a text error message if it exists |
518 | ar_write (io->io.fd, header, AUDIT_RMW_HEADER_SIZE); | |
518 | ar_write(io->io.fd, header, AUDIT_RMW_HEADER_SIZE); | |
519 | 519 | if (msg[0]) |
520 | ar_write (io->io.fd, msg, strlen(msg)); | |
520 | ar_write(io->io.fd, msg, strlen(msg)); | |
521 | 521 | } |
522 | 522 | |
523 | 523 | extern void distribute_event(struct auditd_event *e); |
539 | 539 | unsigned char ack[AUDIT_RMW_HEADER_SIZE]; |
540 | 540 | AUDIT_RMW_PACK_HEADER (ack, 0, AUDIT_RMW_TYPE_ACK, |
541 | 541 | 0, seq); |
542 | client_ack (io, ack, ""); | |
542 | client_ack(io, ack, ""); | |
543 | 543 | } else { |
544 | 544 | struct auditd_event *e = create_event( |
545 | 545 | header+AUDIT_RMW_HEADER_SIZE, |
551 | 551 | } |
552 | 552 | } |
553 | 553 | |
554 | static void auditd_tcp_client_handler( struct ev_loop *loop, | |
555 | struct ev_io *_io, int revents ) | |
556 | { | |
557 | struct ev_tcp *io = (struct ev_tcp *) _io; | |
554 | static void auditd_tcp_client_handler(struct ev_loop *loop, | |
555 | struct ev_io *_io, int revents) | |
556 | { | |
557 | struct ev_tcp *io = (struct ev_tcp *)_io; | |
558 | 558 | int i, r; |
559 | 559 | int total_this_call = 0; |
560 | 560 | |
585 | 585 | otherwise fails, the read will return -1. */ |
586 | 586 | if (r <= 0) { |
587 | 587 | if (r < 0) |
588 | audit_msg (LOG_WARNING, | |
588 | audit_msg(LOG_WARNING, | |
589 | 589 | "client %s socket closed unexpectedly", |
590 | 590 | sockaddr_to_addr4(&io->addr)); |
591 | 591 | |
592 | 592 | /* There may have been a final message without a LF. */ |
593 | 593 | if (io->bufptr) { |
594 | client_message (io, io->bufptr, io->buffer); | |
595 | ||
596 | } | |
597 | ||
598 | ev_io_stop (loop, _io); | |
599 | close_client (io); | |
594 | client_message(io, io->bufptr, io->buffer); | |
595 | ||
596 | } | |
597 | ||
598 | ev_io_stop(loop, _io); | |
599 | close_client(io); | |
600 | 600 | return; |
601 | 601 | } |
602 | 602 | |
634 | 634 | |
635 | 635 | /* Unwrapping the token gives us the original message, |
636 | 636 | which we know is already a single record. */ |
637 | major_status = gss_unwrap (&minor_status, io->gss_context, | |
637 | major_status = gss_unwrap(&minor_status, io->gss_context, | |
638 | 638 | &etok, &utok, NULL, NULL); |
639 | 639 | |
640 | 640 | if (major_status != GSS_S_COMPLETE) { |
644 | 644 | /* client_message() wants to NUL terminate it, |
645 | 645 | so copy it to a bigger buffer. Plus, we |
646 | 646 | want to add our own tag. */ |
647 | memcpy (msgbuf, utok.value, utok.length); | |
647 | memcpy(msgbuf, utok.value, utok.length); | |
648 | 648 | while (utok.length > 0 && msgbuf[utok.length-1] == '\n') |
649 | 649 | utok.length --; |
650 | snprintf (msgbuf + utok.length, | |
650 | snprintf(msgbuf + utok.length, | |
651 | 651 | MAX_AUDIT_MESSAGE_LENGTH - utok.length, |
652 | 652 | " krb5=%s", io->remote_name); |
653 | 653 | utok.length += 6 + io->remote_name_len; |
680 | 680 | return; |
681 | 681 | |
682 | 682 | /* We have an I-byte message in buffer. Send ACK */ |
683 | client_message (io, i, io->buffer); | |
683 | client_message(io, i, io->buffer); | |
684 | 684 | |
685 | 685 | } else { |
686 | 686 | /* At this point, the buffer has IO->BUFPTR+R bytes in it. |
700 | 700 | i++; |
701 | 701 | |
702 | 702 | /* We have an I-byte message in buffer. Send ACK */ |
703 | client_message (io, i, io->buffer); | |
703 | client_message(io, i, io->buffer); | |
704 | 704 | } |
705 | 705 | |
706 | 706 | /* Now copy any remaining bytes to the beginning of the |
729 | 729 | |
730 | 730 | request_init(&request, RQ_DAEMON, "auditd", RQ_FILE, sock, 0); |
731 | 731 | fromhost(&request); |
732 | if (! hosts_access(&request)) | |
732 | if (!hosts_access(&request)) | |
733 | 733 | return 1; |
734 | 734 | return 0; |
735 | 735 | } |
758 | 758 | } |
759 | 759 | |
760 | 760 | static void auditd_tcp_listen_handler( struct ev_loop *loop, |
761 | struct ev_io *_io, int revents ) | |
761 | struct ev_io *_io, int revents) | |
762 | 762 | { |
763 | 763 | int one=1; |
764 | 764 | int afd; |
769 | 769 | |
770 | 770 | /* Accept the connection and see where it's coming from. */ |
771 | 771 | aaddrlen = sizeof(aaddr); |
772 | afd = accept (_io->fd, (struct sockaddr *)&aaddr, &aaddrlen); | |
772 | afd = accept(_io->fd, (struct sockaddr *)&aaddr, &aaddrlen); | |
773 | 773 | if (afd == -1) { |
774 | 774 | audit_msg(LOG_ERR, "Unable to accept TCP connection"); |
775 | 775 | return; |
792 | 792 | |
793 | 793 | /* Verify it's coming from an authorized port. We assume the firewall |
794 | 794 | * will block attempts from unauthorized machines. */ |
795 | if (min_port > ntohs (aaddr.sin_port) || | |
796 | ntohs (aaddr.sin_port) > max_port) { | |
795 | if (min_port > ntohs(aaddr.sin_port) || | |
796 | ntohs(aaddr.sin_port) > max_port) { | |
797 | 797 | audit_msg(LOG_ERR, "TCP connection from %s rejected", |
798 | 798 | sockaddr_to_addr4(&aaddr)); |
799 | 799 | snprintf(emsg, sizeof(emsg), |
824 | 824 | setsockopt(afd, SOL_SOCKET, SO_REUSEADDR, (char *)&one, sizeof (int)); |
825 | 825 | setsockopt(afd, SOL_SOCKET, SO_KEEPALIVE, (char *)&one, sizeof (int)); |
826 | 826 | setsockopt(afd, IPPROTO_TCP, TCP_NODELAY, (char *)&one, sizeof (int)); |
827 | set_close_on_exec (afd); | |
827 | set_close_on_exec(afd); | |
828 | 828 | |
829 | 829 | /* Make the client data structure */ |
830 | client = (struct ev_tcp *) malloc (sizeof (struct ev_tcp)); | |
830 | client = (struct ev_tcp *)malloc (sizeof (struct ev_tcp)); | |
831 | 831 | if (client == NULL) { |
832 | 832 | audit_msg(LOG_CRIT, "Unable to allocate TCP client data"); |
833 | 833 | snprintf(emsg, sizeof(emsg), |
834 | 834 | "op=alloc addr=%s port=%d res=no", |
835 | 835 | sockaddr_to_ipv4(&aaddr), |
836 | ntohs (aaddr.sin_port)); | |
836 | ntohs(aaddr.sin_port)); | |
837 | 837 | send_audit_event(AUDIT_DAEMON_ACCEPT, emsg); |
838 | 838 | shutdown(afd, SHUT_RDWR); |
839 | 839 | close(afd); |
840 | 840 | return; |
841 | 841 | } |
842 | 842 | |
843 | memset (client, 0, sizeof (struct ev_tcp)); | |
843 | memset(client, 0, sizeof (struct ev_tcp)); | |
844 | 844 | client->client_active = 1; |
845 | 845 | |
846 | 846 | // Was watching for EV_ERROR, but libev 3.48 took it away |
847 | ev_io_init (&(client->io), auditd_tcp_client_handler, afd, EV_READ); | |
848 | ||
849 | memcpy (&client->addr, &aaddr, sizeof (struct sockaddr_in)); | |
847 | ev_io_init(&(client->io), auditd_tcp_client_handler, afd, EV_READ); | |
848 | ||
849 | memcpy(&client->addr, &aaddr, sizeof (struct sockaddr_in)); | |
850 | 850 | |
851 | 851 | #ifdef USE_GSSAPI |
852 | 852 | if (use_gss && negotiate_credentials (client)) { |
859 | 859 | #endif |
860 | 860 | |
861 | 861 | fcntl(afd, F_SETFL, O_NONBLOCK | O_NDELAY); |
862 | ev_io_start (loop, &(client->io)); | |
862 | ev_io_start(loop, &(client->io)); | |
863 | 863 | |
864 | 864 | /* Add the new connection to a linked list of active clients. */ |
865 | 865 | client->next = client_chain; |
882 | 882 | } |
883 | 883 | |
884 | 884 | static void periodic_handler(struct ev_loop *loop, struct ev_periodic *per, |
885 | int revents ) | |
885 | int revents) | |
886 | 886 | { |
887 | 887 | struct daemon_conf *config = (struct daemon_conf *) per->data; |
888 | 888 | struct ev_tcp *ev, *next = NULL; |
901 | 901 | audit_msg(LOG_NOTICE, |
902 | 902 | "client %s idle too long - closing connection\n", |
903 | 903 | sockaddr_to_addr4(&(ev->addr))); |
904 | ev_io_stop (loop, &ev->io); | |
904 | ev_io_stop(loop, &ev->io); | |
905 | 905 | release_client(ev); |
906 | 906 | free(ev); |
907 | 907 | } |
908 | 908 | } |
909 | 909 | |
910 | int auditd_tcp_listen_init ( struct ev_loop *loop, struct daemon_conf *config ) | |
910 | int auditd_tcp_listen_init(struct ev_loop *loop, struct daemon_conf *config) | |
911 | 911 | { |
912 | 912 | struct addrinfo *ai, *runp; |
913 | 913 | struct addrinfo hints; |
914 | 914 | char local[16]; |
915 | 915 | int one = 1, rc; |
916 | ||
917 | ev_periodic_init (&periodic_watcher, periodic_handler, | |
916 | int prefer_ipv6 = 0; | |
917 | ||
918 | ev_periodic_init(&periodic_watcher, periodic_handler, | |
918 | 919 | 0, config->tcp_client_max_idle, NULL); |
919 | 920 | periodic_watcher.data = config; |
920 | 921 | if (config->tcp_client_max_idle) |
921 | ev_periodic_start (loop, &periodic_watcher); | |
922 | ev_periodic_start(loop, &periodic_watcher); | |
922 | 923 | |
923 | 924 | /* If the port is not set, that means we aren't going to |
924 | 925 | listen for connections. */ |
928 | 929 | memset(&hints, '\0', sizeof(hints)); |
929 | 930 | hints.ai_flags = AI_PASSIVE | AI_ADDRCONFIG; |
930 | 931 | hints.ai_socktype = SOCK_STREAM; |
932 | hints.ai_family = AF_UNSPEC; | |
931 | 933 | snprintf(local, sizeof(local), "%ld", config->tcp_listen_port); |
932 | 934 | |
933 | 935 | rc = getaddrinfo(NULL, local, &hints, &ai); |
936 | 938 | return 1; |
937 | 939 | } |
938 | 940 | |
941 | { | |
942 | int ipv4 = 0, ipv6 = 0; | |
939 | 943 | nlsocks = 0; |
940 | 944 | runp = ai; |
941 | 945 | while (runp && nlsocks < N_SOCKS) { |
942 | listen_socket[nlsocks] = socket (runp->ai_family, | |
946 | // Let's take a pass through and see what we got. | |
947 | if (runp->ai_family == AF_INET) | |
948 | ipv4++; | |
949 | else if (runp->ai_family == AF_INET6) | |
950 | ipv6++; | |
951 | runp = runp->ai_next; | |
952 | nlsocks++; | |
953 | } | |
954 | ||
955 | if (nlsocks == 2 && ipv4 && ipv6) | |
956 | prefer_ipv6 = 1; | |
957 | } | |
958 | ||
959 | nlsocks = 0; | |
960 | runp = ai; | |
961 | while (runp && nlsocks < N_SOCKS) { | |
962 | // On linux, ipv6 sockets by default include ipv4 so | |
963 | // we only need one. | |
964 | if (runp->ai_family == AF_INET && prefer_ipv6) | |
965 | goto next_try; | |
966 | ||
967 | listen_socket[nlsocks] = socket(runp->ai_family, | |
943 | 968 | runp->ai_socktype, runp->ai_protocol); |
944 | 969 | if (listen_socket[nlsocks] < 0) { |
945 | 970 | audit_msg(LOG_ERR, "Cannot create tcp listener socket"); |
949 | 974 | /* This avoids problems if auditd needs to be restarted. */ |
950 | 975 | setsockopt(listen_socket[nlsocks], SOL_SOCKET, SO_REUSEADDR, |
951 | 976 | (char *)&one, sizeof (int)); |
952 | set_close_on_exec (listen_socket[nlsocks]); | |
977 | ||
978 | // If we had more than 2 addresses suggested we'll | |
979 | // separate the sockets. | |
980 | if (!prefer_ipv6 && runp->ai_family == AF_INET6) | |
981 | setsockopt(listen_socket[nlsocks], IPPROTO_IPV6, | |
982 | IPV6_V6ONLY, &one, sizeof(int)); | |
983 | ||
984 | set_close_on_exec(listen_socket[nlsocks]); | |
953 | 985 | |
954 | 986 | if (bind(listen_socket[nlsocks], runp->ai_addr, |
955 | 987 | runp->ai_addrlen)) { |
976 | 1008 | p ? p->p_name: "?"); |
977 | 1009 | endprotoent(); |
978 | 1010 | |
979 | ev_io_init (&tcp_listen_watcher, auditd_tcp_listen_handler, | |
1011 | ev_io_init(&tcp_listen_watcher, auditd_tcp_listen_handler, | |
980 | 1012 | listen_socket[nlsocks], EV_READ); |
981 | ev_io_start (loop, &tcp_listen_watcher); | |
1013 | ev_io_start(loop, &tcp_listen_watcher); | |
982 | 1014 | non_fatal: |
983 | 1015 | nlsocks++; |
984 | 1016 | if (nlsocks == N_SOCKS) |
1013 | 1045 | key_file = "/etc/audit/audit.key"; |
1014 | 1046 | setenv ("KRB5_KTNAME", key_file, 1); |
1015 | 1047 | |
1016 | if (stat (key_file, &st) == 0) { | |
1048 | if (stat(key_file, &st) == 0) { | |
1017 | 1049 | if ((st.st_mode & 07777) != 0400) { |
1018 | 1050 | audit_msg (LOG_ERR, |
1019 | 1051 | "%s is not mode 0400 (it's %#o) - compromised key?", |
1021 | 1053 | return -1; |
1022 | 1054 | } |
1023 | 1055 | if (st.st_uid != 0) { |
1024 | audit_msg (LOG_ERR, | |
1056 | audit_msg(LOG_ERR, | |
1025 | 1057 | "%s is not owned by root (it's %d) - compromised key?", |
1026 | 1058 | key_file, st.st_uid); |
1027 | 1059 | return -1; |
1035 | 1067 | return 0; |
1036 | 1068 | } |
1037 | 1069 | |
1038 | void auditd_tcp_listen_uninit ( struct ev_loop *loop, | |
1039 | struct daemon_conf *config ) | |
1070 | void auditd_tcp_listen_uninit(struct ev_loop *loop, struct daemon_conf *config) | |
1040 | 1071 | { |
1041 | 1072 | #ifdef USE_GSSAPI |
1042 | 1073 | OM_uint32 status; |
1043 | 1074 | #endif |
1044 | 1075 | |
1045 | ev_io_stop ( loop, &tcp_listen_watcher ); | |
1076 | ev_io_stop(loop, &tcp_listen_watcher); | |
1046 | 1077 | while (nlsocks >= 0) { |
1047 | 1078 | nlsocks--; |
1048 | close ( listen_socket[nlsocks] ); | |
1079 | close (listen_socket[nlsocks]); | |
1049 | 1080 | } |
1050 | 1081 | |
1051 | 1082 | #ifdef USE_GSSAPI |
1059 | 1090 | unsigned char ack[AUDIT_RMW_HEADER_SIZE]; |
1060 | 1091 | |
1061 | 1092 | AUDIT_RMW_PACK_HEADER (ack, 0, AUDIT_RMW_TYPE_ENDING, 0, 0); |
1062 | client_ack (client_chain, ack, ""); | |
1063 | ev_io_stop (loop, &client_chain->io); | |
1064 | close_client (client_chain); | |
1093 | client_ack(client_chain, ack, ""); | |
1094 | ev_io_stop(loop, &client_chain->io); | |
1095 | close_client(client_chain); | |
1065 | 1096 | } |
1066 | 1097 | |
1067 | 1098 | if (config->tcp_client_max_idle) |
1068 | ev_periodic_stop (loop, &periodic_watcher); | |
1099 | ev_periodic_stop(loop, &periodic_watcher); | |
1069 | 1100 | } |
1070 | 1101 | |
1071 | 1102 | static void periodic_reconfigure(struct daemon_conf *config) |
1072 | 1103 | { |
1073 | struct ev_loop *loop = ev_default_loop (EVFLAG_AUTO); | |
1104 | struct ev_loop *loop = ev_default_loop(EVFLAG_AUTO); | |
1074 | 1105 | if (config->tcp_client_max_idle) { |
1075 | ev_periodic_set (&periodic_watcher, ev_now (loop), | |
1106 | ev_periodic_set(&periodic_watcher, ev_now(loop), | |
1076 | 1107 | config->tcp_client_max_idle, NULL); |
1077 | ev_periodic_start (loop, &periodic_watcher); | |
1108 | ev_periodic_start(loop, &periodic_watcher); | |
1078 | 1109 | } else { |
1079 | ev_periodic_stop (loop, &periodic_watcher); | |
1080 | } | |
1081 | } | |
1082 | ||
1083 | void auditd_tcp_listen_reconfigure ( struct daemon_conf *nconf, | |
1084 | struct daemon_conf *oconf ) | |
1110 | ev_periodic_stop(loop, &periodic_watcher); | |
1111 | } | |
1112 | } | |
1113 | ||
1114 | void auditd_tcp_listen_reconfigure(struct daemon_conf *nconf, | |
1115 | struct daemon_conf *oconf) | |
1085 | 1116 | { |
1086 | 1117 | use_libwrap = nconf->use_libwrap; |
1087 | 1118 | |
1111 | 1142 | // and recredential if needed. |
1112 | 1143 | oconf->krb5_principal = nconf->krb5_principal; |
1113 | 1144 | } |
1145 |
215 | 215 | case RPT_AVC: |
216 | 216 | printf("AVC Report\n"); |
217 | 217 | printf( |
218 | "========================================================\n"); | |
219 | printf( | |
220 | "# date time comm subj syscall class permission obj event\n"); | |
221 | printf( | |
222 | "========================================================\n"); | |
218 | "===============================================================\n"); | |
219 | printf( | |
220 | "# date time comm subj syscall class permission obj result event\n"); | |
221 | printf( | |
222 | "===============================================================\n"); | |
223 | 223 | break; |
224 | 224 | case RPT_CONFIG: |
225 | 225 | printf("Config Change Report\n"); |
539 | 539 | break; |
540 | 540 | case RPT_LOGIN: |
541 | 541 | // who, addr, terminal, exe, success, event |
542 | // Special note...uid is used here because that is | |
543 | // the way that the message works. This is because | |
544 | // on failed logins, loginuid is not set. | |
542 | // Special note...loginuid can be used here for | |
543 | // successful logins. loginuid is not set on failed | |
544 | // logins so acct is used in that situation. | |
545 | 545 | safe_print_string(((l->s.success == S_FAILED) && |
546 | 546 | l->s.acct) ? l->s.acct : |
547 | 547 | aulookup_uid(l->s.loginuid, |
947 | 947 | *term = saved; |
948 | 948 | } |
949 | 949 | } |
950 | if (event_subject) { | |
951 | str = strstr(term, "vm-ctx="); | |
952 | if (str != NULL) { | |
953 | str += 7; | |
954 | term = strchr(str, ' '); | |
955 | if (term == NULL) | |
956 | return 27; | |
957 | *term = 0; | |
958 | if (audit_avc_init(s) == 0) { | |
959 | anode an; | |
960 | ||
961 | anode_init(&an); | |
962 | an.scontext = strdup(str); | |
963 | alist_append(s->avc, &an); | |
964 | *term = ' '; | |
965 | } else | |
966 | return 28; | |
967 | } | |
968 | } | |
969 | if (event_object) { | |
970 | str = strstr(term, "img-ctx="); | |
971 | if (str != NULL) { | |
972 | str += 8; | |
973 | term = strchr(str, ' '); | |
974 | if (term == NULL) | |
975 | return 29; | |
976 | *term = 0; | |
977 | if (audit_avc_init(s) == 0) { | |
978 | anode an; | |
979 | ||
980 | anode_init(&an); | |
981 | an.tcontext = strdup(str); | |
982 | alist_append(s->avc, &an); | |
983 | *term = ' '; | |
984 | } else | |
985 | return 30; | |
950 | if (n->type == AUDIT_VIRT_MACHINE_ID) { | |
951 | if (event_subject) { | |
952 | str = strstr(term, "vm-ctx="); | |
953 | if (str != NULL) { | |
954 | str += 7; | |
955 | term = strchr(str, ' '); | |
956 | if (term == NULL) | |
957 | return 27; | |
958 | *term = 0; | |
959 | if (audit_avc_init(s) == 0) { | |
960 | anode an; | |
961 | ||
962 | anode_init(&an); | |
963 | an.scontext = strdup(str); | |
964 | alist_append(s->avc, &an); | |
965 | *term = ' '; | |
966 | } else | |
967 | return 28; | |
968 | } | |
969 | } | |
970 | if (event_object) { | |
971 | str = strstr(term, "img-ctx="); | |
972 | if (str != NULL) { | |
973 | str += 8; | |
974 | term = strchr(str, ' '); | |
975 | if (term == NULL) | |
976 | return 29; | |
977 | *term = 0; | |
978 | if (audit_avc_init(s) == 0) { | |
979 | anode an; | |
980 | ||
981 | anode_init(&an); | |
982 | an.tcontext = strdup(str); | |
983 | alist_append(s->avc, &an); | |
984 | *term = ' '; | |
985 | } else | |
986 | return 30; | |
987 | } | |
988 | } | |
989 | } else if (n->type == AUDIT_VIRT_RESOURCE) { | |
990 | if (event_filename) { | |
991 | unsigned int incr = 6; | |
992 | str = strstr(term, " path="); | |
993 | if (str == NULL) { | |
994 | incr = 10; | |
995 | str = strstr(term, " new-disk="); | |
996 | } | |
997 | if (str != NULL) { | |
998 | int rc; | |
999 | str += incr; | |
1000 | rc = common_path_parser(s, str); | |
1001 | if (rc) | |
1002 | return rc; | |
1003 | term = str; | |
1004 | } | |
986 | 1005 | } |
987 | 1006 | } |
988 | 1007 | // optionally get uid - some records the second uid is what we want. |
0 | # Makefile.in generated by automake 1.15 from Makefile.am. | |
0 | # Makefile.in generated by automake 1.15.1 from Makefile.am. | |
1 | 1 | # @configure_input@ |
2 | 2 | |
3 | # Copyright (C) 1994-2014 Free Software Foundation, Inc. | |
3 | # Copyright (C) 1994-2017 Free Software Foundation, Inc. | |
4 | 4 | |
5 | 5 | # This Makefile.in is free software; the Free Software Foundation |
6 | 6 | # gives unlimited permission to copy and/or distribute it, |
0 | # Makefile.in generated by automake 1.15 from Makefile.am. | |
0 | # Makefile.in generated by automake 1.15.1 from Makefile.am. | |
1 | 1 | # @configure_input@ |
2 | 2 | |
3 | # Copyright (C) 1994-2014 Free Software Foundation, Inc. | |
3 | # Copyright (C) 1994-2017 Free Software Foundation, Inc. | |
4 | 4 | |
5 | 5 | # This Makefile.in is free software; the Free Software Foundation |
6 | 6 | # gives unlimited permission to copy and/or distribute it, |
0 | 0 | #! /bin/sh |
1 | 1 | # test-driver - basic testsuite driver script. |
2 | 2 | |
3 | scriptversion=2013-07-13.22; # UTC | |
3 | scriptversion=2016-01-11.22; # UTC | |
4 | 4 | |
5 | # Copyright (C) 2011-2014 Free Software Foundation, Inc. | |
5 | # Copyright (C) 2011-2017 Free Software Foundation, Inc. | |
6 | 6 | # |
7 | 7 | # This program is free software; you can redistribute it and/or modify |
8 | 8 | # it under the terms of the GNU General Public License as published by |
142 | 142 | # eval: (add-hook 'write-file-hooks 'time-stamp) |
143 | 143 | # time-stamp-start: "scriptversion=" |
144 | 144 | # time-stamp-format: "%:y-%02m-%02d.%02H" |
145 | # time-stamp-time-zone: "UTC" | |
145 | # time-stamp-time-zone: "UTC0" | |
146 | 146 | # time-stamp-end: "; # UTC" |
147 | 147 | # End: |
0 | # Makefile.in generated by automake 1.15 from Makefile.am. | |
0 | # Makefile.in generated by automake 1.15.1 from Makefile.am. | |
1 | 1 | # @configure_input@ |
2 | 2 | |
3 | # Copyright (C) 1994-2014 Free Software Foundation, Inc. | |
3 | # Copyright (C) 1994-2017 Free Software Foundation, Inc. | |
4 | 4 | |
5 | 5 | # This Makefile.in is free software; the Free Software Foundation |
6 | 6 | # gives unlimited permission to copy and/or distribute it, |
0 | # Makefile.in generated by automake 1.15 from Makefile.am. | |
0 | # Makefile.in generated by automake 1.15.1 from Makefile.am. | |
1 | 1 | # @configure_input@ |
2 | 2 | |
3 | # Copyright (C) 1994-2014 Free Software Foundation, Inc. | |
3 | # Copyright (C) 1994-2017 Free Software Foundation, Inc. | |
4 | 4 | |
5 | 5 | # This Makefile.in is free software; the Free Software Foundation |
6 | 6 | # gives unlimited permission to copy and/or distribute it, |
0 | # Makefile.in generated by automake 1.15 from Makefile.am. | |
0 | # Makefile.in generated by automake 1.15.1 from Makefile.am. | |
1 | 1 | # @configure_input@ |
2 | 2 | |
3 | # Copyright (C) 1994-2014 Free Software Foundation, Inc. | |
3 | # Copyright (C) 1994-2017 Free Software Foundation, Inc. | |
4 | 4 | |
5 | 5 | # This Makefile.in is free software; the Free Software Foundation |
6 | 6 | # gives unlimited permission to copy and/or distribute it, |
0 | # Makefile.in generated by automake 1.15 from Makefile.am. | |
0 | # Makefile.in generated by automake 1.15.1 from Makefile.am. | |
1 | 1 | # @configure_input@ |
2 | 2 | |
3 | # Copyright (C) 1994-2014 Free Software Foundation, Inc. | |
3 | # Copyright (C) 1994-2017 Free Software Foundation, Inc. | |
4 | 4 | |
5 | 5 | # This Makefile.in is free software; the Free Software Foundation |
6 | 6 | # gives unlimited permission to copy and/or distribute it, |
0 | # Makefile.in generated by automake 1.15 from Makefile.am. | |
0 | # Makefile.in generated by automake 1.15.1 from Makefile.am. | |
1 | 1 | # @configure_input@ |
2 | 2 | |
3 | # Copyright (C) 1994-2014 Free Software Foundation, Inc. | |
3 | # Copyright (C) 1994-2017 Free Software Foundation, Inc. | |
4 | 4 | |
5 | 5 | # This Makefile.in is free software; the Free Software Foundation |
6 | 6 | # gives unlimited permission to copy and/or distribute it, |