diff options
Diffstat (limited to 'framework/src/audit/src/auditd-config.h')
-rw-r--r-- | framework/src/audit/src/auditd-config.h | 100 |
1 files changed, 100 insertions, 0 deletions
diff --git a/framework/src/audit/src/auditd-config.h b/framework/src/audit/src/auditd-config.h new file mode 100644 index 00000000..5a3eb6bb --- /dev/null +++ b/framework/src/audit/src/auditd-config.h @@ -0,0 +1,100 @@ +/* auditd-config.h -- + * Copyright 2004-2009,2014 Red Hat Inc., Durham, North Carolina. + * All Rights Reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + * Authors: + * Steve Grubb <sgrubb@redhat.com> + * + */ + +#ifndef AUDITD_CONFIG_H +#define AUDITD_CONFIG_H + +#include "libaudit.h" +#include <grp.h> +#define CONFIG_FILE "/etc/audit/auditd.conf" +#define MEGABYTE 1048576UL + +typedef enum { D_FOREGROUND, D_BACKGROUND } daemon_t; +typedef enum { LF_RAW, LF_NOLOG } logging_formats; +typedef enum { FT_NONE, FT_INCREMENTAL, FT_DATA, FT_SYNC } flush_technique; +typedef enum { FA_IGNORE, FA_SYSLOG, FA_ROTATE, FA_EMAIL, FA_EXEC, FA_SUSPEND, + FA_SINGLE, FA_HALT } failure_action_t; +typedef enum { SZ_IGNORE, SZ_SYSLOG, SZ_SUSPEND, SZ_ROTATE, + SZ_KEEP_LOGS } size_action; +typedef enum { QOS_NON_BLOCKING, QOS_BLOCKING } qos_t; +typedef enum { TEST_AUDITD, TEST_SEARCH } log_test_t; +typedef enum { N_NONE, N_HOSTNAME, N_FQD, N_NUMERIC, N_USER } node_t; + +struct daemon_conf +{ + daemon_t daemonize; + qos_t qos; /* use blocking/non-blocking sockets */ + uid_t sender_uid; /* the uid for sender of sighup */ + pid_t sender_pid; /* the pid for sender of sighup */ + const char *sender_ctx; /* the context for the sender of sighup */ + const char *log_file; + logging_formats log_format; + gid_t log_group; + unsigned int priority_boost; + flush_technique flush; + unsigned int freq; + unsigned int num_logs; + const char *dispatcher; + node_t node_name_format; + const char *node_name; + unsigned long max_log_size; + size_action max_log_size_action; + unsigned long space_left; + failure_action_t space_left_action; + const char *space_left_exe; + const char *action_mail_acct; + unsigned long admin_space_left; + failure_action_t admin_space_left_action; + const char *admin_space_left_exe; + failure_action_t disk_full_action; + const char *disk_full_exe; + failure_action_t disk_error_action; + const char *disk_error_exe; + unsigned long tcp_listen_port; + unsigned long tcp_listen_queue; + unsigned long tcp_max_per_addr; + int use_libwrap; + unsigned long tcp_client_min_port; + unsigned long tcp_client_max_port; + unsigned long tcp_client_max_idle; + int enable_krb5; + const char *krb5_principal; + const char *krb5_key_file; +}; + +void set_allow_links(int allow); +int load_config(struct daemon_conf *config, log_test_t lt); +void clear_config(struct daemon_conf *config); +const char *audit_lookup_format(int fmt); +int create_log_file(const char *val); +int resolve_node(struct daemon_conf *config); + +void init_config_manager(void); +#ifdef AUDITD_EVENT_H +int start_config_manager(struct auditd_reply_list *rep); +#endif +void shutdown_config(void); +void free_config(struct daemon_conf *config); + +#endif + |