aboutsummaryrefslogtreecommitdiffstats
path: root/framework/src/audit/src/ausearch-llist.h
diff options
context:
space:
mode:
Diffstat (limited to 'framework/src/audit/src/ausearch-llist.h')
-rw-r--r--framework/src/audit/src/ausearch-llist.h117
1 files changed, 0 insertions, 117 deletions
diff --git a/framework/src/audit/src/ausearch-llist.h b/framework/src/audit/src/ausearch-llist.h
deleted file mode 100644
index ada8ec81..00000000
--- a/framework/src/audit/src/ausearch-llist.h
+++ /dev/null
@@ -1,117 +0,0 @@
-/*
-* ausearch-llist.h - Header file for ausearch-llist.c
-* Copyright (c) 2005-2008, 2013-14 Red Hat Inc., Durham, North Carolina.
-* Copyright (c) 2011 IBM Corp.
-* All Rights Reserved.
-*
-* This software may be freely redistributed and/or modified under the
-* terms of the GNU General Public License as published by the Free
-* Software Foundation; either version 2, or (at your option) any
-* later version.
-*
-* This program is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-* GNU General Public License for more details.
-*
-* You should have received a copy of the GNU General Public License
-* along with this program; see the file COPYING. If not, write to the
-* Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-*
-* Authors:
-* Steve Grubb <sgrubb@redhat.com>
-* Marcelo Henrique Cerri <mhcerri@br.ibm.com>
-*/
-
-#ifndef AULIST_HEADER
-#define AULIST_HEADER
-
-#include "config.h"
-#include <sys/types.h>
-#include "ausearch-string.h"
-#include "ausearch-avc.h"
-#include "ausearch-common.h"
-
-
-typedef struct
-{
- time_t sec; // Event seconds
- unsigned int milli; // millisecond of the timestamp
- unsigned long serial; // Serial number of the event
- const char *node; // Machine's node name
- int type; // type of first event
-} event;
-
-typedef struct
-{
- pid_t ppid; // parent process ID
- pid_t pid; // process ID
- uid_t uid; // user ID
- uid_t euid; // effective user ID
- uid_t loginuid; // login user ID
- gid_t gid; // group ID
- gid_t egid; // effective group ID
- success_t success; // success flag, 1 = yes, 0 = no, -1 = unset
- int arch; // arch
- int syscall; // syscall
- uint32_t session_id; // Login session id
- long long exit; // Syscall exit code
- int exit_is_set; // Syscall exit code is valid
- char *hostname; // remote hostname
- slist *filename; // filename list
- char *cwd; // current working dir
- char *exe; // executable
- slist *key; // key field
- char *terminal; // terminal
- char *comm; // comm name
- alist *avc; // avcs for the event
- char *acct; // account used when uid is invalid
- char *uuid; // virtual machine unique universal identifier
- char *vmname; // virtual machine name
-} search_items;
-
-/* This is the node of the linked list. Any data elements that are per
- * record goes here. */
-typedef struct _lnode{
- char *message; // The whole unparsed message
- unsigned mlen; // Length of the message
- int type; // message type (KERNEL, USER, LOGIN, etc)
- unsigned long long a0; // argv 0
- unsigned long long a1; // argv 1
- unsigned int item; // Which item of the same event
- struct _lnode* next; // Next node pointer
-} lnode;
-
-/* This is the linked list head. Only data elements that are 1 per
- * event goes here. */
-typedef struct {
- lnode *head; // List head
- lnode *cur; // Pointer to current node
- unsigned int cnt; // How many items in this list
-
- // Data we add as 1 per event
- event e; // event - time & serial number
- search_items s; // items in master rec that are searchable
-} llist;
-
-void list_create(llist *l);
-static inline void list_first(llist *l) { l->cur = l->head; }
-void list_last(llist *l);
-lnode *list_next(llist *l);
-lnode *list_prev(llist *l);
-static inline lnode *list_get_cur(llist *l) { return l->cur; }
-void list_append(llist *l, lnode *node);
-void list_clear(llist* l);
-int list_get_event(llist* l, event *e);
-
-/* Given a numeric index, find that record. */
-int list_find_item(llist *l, unsigned int i);
-
-/* Given a message type, find the matching node */
-lnode *list_find_msg(llist *l, int i);
-
-/* Given two message types, find the first matching node */
-lnode *list_find_msg_range(llist *l, int low, int high);
-
-#endif
-