Commit f616d973 authored by Ray Strode's avatar Ray Strode Committed by Ray Strode

Add PAM auditing logic. Based on patch and feedback from Brian Cameron and

2008-02-05  Ray Strode  <rstrode@redhat.com>

	Add PAM auditing logic.  Based on patch and feedback from
	Brian Cameron and earlier code from Gary Winiger and
	Steve Grubb.

	* configure.ac: set HAVE_ADT and HAVE_LIBAUDIT as appropriate
	for solaris and linux audit support, respectively.
	* daemon/Makefile.am: add new auditing code to Makefile.
	* daemon/gdm-session-auditor.[ch]: generic base class for doing
	auditing.
	* daemon/gdm-session-linux-auditor.[ch]: linux auditor subclass
	* daemon/gdm-session-solaris-auditor.[ch]: solaris auditor 
	subclass
	* daemon/gdm-session-worker.c (GdmSessionWorkerPrivate): track
	auditor
	(gdm_session_worker_update_username): inform audit code about
	username changes
	(gdm_session_worker_start_auditor): instantiate the auditor
	(gdm_session_worker_stop_auditor): free the auditor
	(gdm_session_worker_uninitialize_pam): inform audit code about
	logout/login failure and then free the auditor
	(_get_tty_for_pam): fix calling return more than once on solaris
	(gdm_session_worker_initialize_pam): instantiate the auditor.
	(gdm_session_worker_authorize_user): inform audit code about
	password changes
	(gdm_session_worker_accredit_user): inform audit code about
	user getting credentials
	(gdm_session_worker_open_user_session): inform audit code about
	successful login

svn path=/trunk/; revision=5702
parent 46b6d03d
2008-02-05 Ray Strode <rstrode@redhat.com>
Add PAM auditing logic. Based on patch and feedback from
Brian Cameron and earlier code from Gary Winiger and
Steve Grubb.
* configure.ac: set HAVE_ADT and HAVE_LIBAUDIT as appropriate
for solaris and linux audit support, respectively.
* daemon/Makefile.am: add new auditing code to Makefile.
* daemon/gdm-session-auditor.[ch]: generic base class for doing
auditing.
* daemon/gdm-session-linux-auditor.[ch]: linux auditor subclass
* daemon/gdm-session-solaris-auditor.[ch]: solaris auditor
subclass
* daemon/gdm-session-worker.c (GdmSessionWorkerPrivate): track
auditor
(gdm_session_worker_update_username): inform audit code about
username changes
(gdm_session_worker_start_auditor): instantiate the auditor
(gdm_session_worker_stop_auditor): free the auditor
(gdm_session_worker_uninitialize_pam): inform audit code about
logout/login failure and then free the auditor
(_get_tty_for_pam): fix calling return more than once on solaris
(gdm_session_worker_initialize_pam): instantiate the auditor.
(gdm_session_worker_authorize_user): inform audit code about
password changes
(gdm_session_worker_accredit_user): inform audit code about
user getting credentials
(gdm_session_worker_open_user_session): inform audit code about
successful login
2008-02-05 William Jon McCann <jmccann@redhat.com> 2008-02-05 William Jon McCann <jmccann@redhat.com>
* data/session-setup.entries: * data/session-setup.entries:
......
...@@ -995,11 +995,34 @@ adt_user_context = ADT_USER; ...@@ -995,11 +995,34 @@ adt_user_context = ADT_USER;
if test ${check_sun_audit} = yes if test ${check_sun_audit} = yes
then then
AC_DEFINE(HAVE_ADT) AC_DEFINE(HAVE_ADT)
EXTRA_DAEMON_LIBS="$EXTRA_DAEMON_LIBS -lbsm" PAM_LIBS="$PAM_LIBS -lbsm"
AC_MSG_RESULT(yes) AC_MSG_RESULT(yes)
else else
AC_MSG_RESULT(no) AC_MSG_RESULT(no)
fi fi
AM_CONDITIONAL(HAVE_ADT, test x$check_sun_audit = xyes)
# Check for Linux auditing API
#
AC_ARG_WITH(libaudit,
[ --with-libaudit=[auto/yes/no] Add Linux audit support [default=auto]],,
with_libaudit=auto)
# libaudit detection
if test x$with_libaudit = xno ; then
have_libaudit=no;
else
# See if we have audit daemon library
AC_CHECK_LIB(audit, audit_log_user_message,
have_libaudit=yes, have_libaudit=no)
fi
AM_CONDITIONAL(HAVE_LIBAUDIT, test x$have_libaudit = xyes)
if test x$have_libaudit = xyes ; then
PAM_LIBS="$PAM_LIBS -laudit"
AC_DEFINE(HAVE_LIBAUDIT,1,[linux audit support])
fi
# Check for Solaris logindevperm support # Check for Solaris logindevperm support
# #
......
...@@ -244,10 +244,22 @@ gdm_xdmcp_chooser_slave_LDADD = \ ...@@ -244,10 +244,22 @@ gdm_xdmcp_chooser_slave_LDADD = \
gdm_session_worker_SOURCES = \ gdm_session_worker_SOURCES = \
session-worker-main.c \ session-worker-main.c \
gdm-session-auditor.h \
gdm-session-auditor.c \
gdm-session-worker.h \ gdm-session-worker.h \
gdm-session-worker.c \ gdm-session-worker.c \
$(NULL) $(NULL)
if HAVE_LIBAUDIT
gdm_session_worker_SOURCES += gdm-session-linux-auditor.h \
gdm-session-linux-auditor.c
endif
if HAVE_ADT
gdm_session_worker_SOURCES += gdm-session-solaris-auditor.h \
gdm-session-solaris-auditor.c
endif
gdm_session_worker_LDFLAGS = \ gdm_session_worker_LDFLAGS = \
$(PAM_LIBS) \ $(PAM_LIBS) \
$(NULL) $(NULL)
......
/* gdm-session-auditor.c - Object for auditing session login/logout
*
* Copyright (C) 2004, 2008 Sun Microsystems
* Copyright (C) 2005, 2008 Red Hat, Inc.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2, or (at your option)
* any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
* 02111-1307, USA.
*
* Written by: Brian A. Cameron <Brian.Cameron@sun.com>
* Gary Winiger <Gary.Winiger@sun.com>
* Ray Strode <rstrode@redhat.com>
* Steve Grubb <sgrubb@redhat.com>
*/
#include "config.h"
#include "gdm-session-auditor.h"
#include <errno.h>
#include <string.h>
#include <unistd.h>
#include <glib.h>
#include <glib-object.h>
#include <glib/gi18n.h>
struct _GdmSessionAuditorPrivate
{
char *username;
char *hostname;
char *display_device;
};
static void gdm_session_auditor_finalize (GObject *object);
static void gdm_session_auditor_class_install_properties (GdmSessionAuditorClass *
auditor_class);
static void gdm_session_auditor_set_property (GObject *object,
guint prop_id,
const GValue *value,
GParamSpec *pspec);
static void gdm_session_auditor_get_property (GObject *object,
guint prop_id,
GValue *value,
GParamSpec *pspec);
enum {
PROP_0 = 0,
PROP_USERNAME,
PROP_HOSTNAME,
PROP_DISPLAY_DEVICE
};
G_DEFINE_TYPE (GdmSessionAuditor, gdm_session_auditor, G_TYPE_OBJECT);
static void
gdm_session_auditor_class_init (GdmSessionAuditorClass *auditor_class)
{
GObjectClass *object_class;
object_class = G_OBJECT_CLASS (auditor_class);
object_class->finalize = gdm_session_auditor_finalize;
gdm_session_auditor_class_install_properties (auditor_class);
g_type_class_add_private (auditor_class, sizeof (GdmSessionAuditorPrivate));
}
static void
gdm_session_auditor_class_install_properties (GdmSessionAuditorClass *auditor_class)
{
GObjectClass *object_class;
GParamSpec *param_spec;
object_class = G_OBJECT_CLASS (auditor_class);
object_class->set_property = gdm_session_auditor_set_property;
object_class->get_property = gdm_session_auditor_get_property;
param_spec = g_param_spec_string ("username", _("Username"),
_("The username"),
NULL, G_PARAM_READWRITE);
g_object_class_install_property (object_class, PROP_USERNAME, param_spec);
param_spec = g_param_spec_string ("hostname", _("Hostname"),
_("The hostname"),
NULL,
G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY);
g_object_class_install_property (object_class, PROP_HOSTNAME, param_spec);
param_spec = g_param_spec_string ("display-device", _("Display Device"),
_("The display device"),
NULL,
G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY);
g_object_class_install_property (object_class, PROP_DISPLAY_DEVICE, param_spec);
}
static void
gdm_session_auditor_init (GdmSessionAuditor *auditor)
{
auditor->priv = G_TYPE_INSTANCE_GET_PRIVATE (auditor,
GDM_TYPE_SESSION_AUDITOR,
GdmSessionAuditorPrivate);
}
static void
gdm_session_auditor_finalize (GObject *object)
{
GdmSessionAuditor *auditor;
GObjectClass *parent_class;
auditor = GDM_SESSION_AUDITOR (object);
g_free (auditor->priv->username);
g_free (auditor->priv->hostname);
g_free (auditor->priv->display_device);
parent_class = G_OBJECT_CLASS (gdm_session_auditor_parent_class);
if (parent_class->finalize != NULL) {
parent_class->finalize (object);
}
}
void
gdm_session_auditor_set_username (GdmSessionAuditor *auditor,
const char *username)
{
g_return_if_fail (GDM_IS_SESSION_AUDITOR (auditor));
if (username == auditor->priv->username) {
return;
}
if ((username == NULL || auditor->priv->username == NULL) ||
strcmp (username, auditor->priv->username) != 0) {
auditor->priv->username = g_strdup (username);
g_object_notify (G_OBJECT (auditor), "username");
}
}
static void
gdm_session_auditor_set_hostname (GdmSessionAuditor *auditor,
const char *hostname)
{
g_return_if_fail (GDM_IS_SESSION_AUDITOR (auditor));
auditor->priv->hostname = g_strdup (hostname);
}
static void
gdm_session_auditor_set_display_device (GdmSessionAuditor *auditor,
const char *display_device)
{
g_return_if_fail (GDM_IS_SESSION_AUDITOR (auditor));
auditor->priv->display_device = g_strdup (display_device);
}
static char *
gdm_session_auditor_get_username (GdmSessionAuditor *auditor)
{
return g_strdup (auditor->priv->username);
}
static char *
gdm_session_auditor_get_hostname (GdmSessionAuditor *auditor)
{
return g_strdup (auditor->priv->hostname);
}
static char *
gdm_session_auditor_get_display_device (GdmSessionAuditor *auditor)
{
return g_strdup (auditor->priv->display_device);
}
static void
gdm_session_auditor_set_property (GObject *object,
guint prop_id,
const GValue *value,
GParamSpec *pspec)
{
GdmSessionAuditor *auditor;
auditor = GDM_SESSION_AUDITOR (object);
switch (prop_id) {
case PROP_USERNAME:
gdm_session_auditor_set_username (auditor, g_value_get_string (value));
break;
case PROP_HOSTNAME:
gdm_session_auditor_set_hostname (auditor, g_value_get_string (value));
break;
case PROP_DISPLAY_DEVICE:
gdm_session_auditor_set_display_device (auditor, g_value_get_string (value));
break;
default:
G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
}
}
static void
gdm_session_auditor_get_property (GObject *object,
guint prop_id,
GValue *value,
GParamSpec *pspec)
{
GdmSessionAuditor *auditor;
auditor = GDM_SESSION_AUDITOR (object);
switch (prop_id) {
case PROP_USERNAME:
g_value_set_string (value, gdm_session_auditor_get_username (auditor));
break;
case PROP_HOSTNAME:
g_value_set_string (value, gdm_session_auditor_get_hostname (auditor));
break;
case PROP_DISPLAY_DEVICE:
g_value_set_string (value, gdm_session_auditor_get_display_device (auditor));
break;
default:
G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
}
}
GdmSessionAuditor *
gdm_session_auditor_new (const char *hostname,
const char *display_device)
{
GdmSessionAuditor *auditor;
auditor = g_object_new (GDM_TYPE_SESSION_AUDITOR,
"hostname", hostname,
"display-device", display_device,
NULL);
return auditor;
}
void
gdm_session_auditor_report_password_changed (GdmSessionAuditor *auditor)
{
if (GDM_SESSION_AUDITOR_GET_CLASS (auditor)->report_password_changed != NULL) {
GDM_SESSION_AUDITOR_GET_CLASS (auditor)->report_password_changed (auditor);
}
}
void
gdm_session_auditor_report_password_change_failure (GdmSessionAuditor *auditor)
{
if (GDM_SESSION_AUDITOR_GET_CLASS (auditor)->report_password_change_failure != NULL) {
GDM_SESSION_AUDITOR_GET_CLASS (auditor)->report_password_change_failure (auditor);
}
}
void
gdm_session_auditor_report_user_accredited (GdmSessionAuditor *auditor)
{
if (GDM_SESSION_AUDITOR_GET_CLASS (auditor)->report_user_accredited != NULL) {
GDM_SESSION_AUDITOR_GET_CLASS (auditor)->report_user_accredited (auditor);
}
}
void
gdm_session_auditor_report_login (GdmSessionAuditor *auditor)
{
if (GDM_SESSION_AUDITOR_GET_CLASS (auditor)->report_login != NULL) {
GDM_SESSION_AUDITOR_GET_CLASS (auditor)->report_login (auditor);
}
}
void
gdm_session_auditor_report_login_failure (GdmSessionAuditor *auditor,
int error_code,
const char *error_message)
{
if (GDM_SESSION_AUDITOR_GET_CLASS (auditor)->report_login_failure != NULL) {
GDM_SESSION_AUDITOR_GET_CLASS (auditor)->report_login_failure (auditor, error_code, error_message);
}
}
void
gdm_session_auditor_report_logout (GdmSessionAuditor *auditor)
{
if (GDM_SESSION_AUDITOR_GET_CLASS (auditor)->report_logout != NULL) {
GDM_SESSION_AUDITOR_GET_CLASS (auditor)->report_logout (auditor);
}
}
/* gdm-session-auditor.h - Object for auditing session login/logout
*
* Copyright (C) 2004, 2008 Sun Microsystems
* Copyright (C) 2005, 2008 Red Hat, Inc.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2, or (at your option)
* any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
* 02111-1307, USA.
*
* Written by: Brian A. Cameron <Brian.Cameron@sun.com>
* Gary Winiger <Gary.Winiger@sun.com>
* Ray Strode <rstrode@redhat.com>
* Steve Grubb <sgrubb@redhat.com>
*/
#ifndef GDM_SESSION_AUDITOR_H
#define GDM_SESSION_AUDITOR_H
#include <glib.h>
#include <glib-object.h>
G_BEGIN_DECLS
#define GDM_TYPE_SESSION_AUDITOR (gdm_session_auditor_get_type ())
#define GDM_SESSION_AUDITOR(obj) (G_TYPE_CHECK_INSTANCE_CAST ((obj), GDM_TYPE_SESSION_AUDITOR, GdmSessionAuditor))
#define GDM_SESSION_AUDITOR_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST ((klass), GDM_TYPE_SESSION_AUDITOR, GdmSessionAuditorClass))
#define GDM_IS_SESSION_AUDITOR(obj) (G_TYPE_CHECK_INSTANCE_TYPE ((obj), GDM_TYPE_SESSION_AUDITOR))
#define GDM_IS_SESSION_AUDITOR_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE ((klass), GDM_TYPE_SESSION_AUDITOR))
#define GDM_SESSION_AUDITOR_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS((obj), GDM_TYPE_SESSION_AUDITOR, GdmSessionAuditorClass))
#define GDM_SESSION_AUDITOR_ERROR (gdm_session_auditor_error_quark ())
typedef struct _GdmSessionAuditor GdmSessionAuditor;
typedef struct _GdmSessionAuditorClass GdmSessionAuditorClass;
typedef struct _GdmSessionAuditorPrivate GdmSessionAuditorPrivate;
struct _GdmSessionAuditor
{
GObject parent;
/*< private > */
GdmSessionAuditorPrivate *priv;
};
struct _GdmSessionAuditorClass
{
GObjectClass parent_class;
void (* report_password_changed) (GdmSessionAuditor *auditor);
void (* report_password_change_failure) (GdmSessionAuditor *auditor);
void (* report_user_accredited) (GdmSessionAuditor *auditor);
void (* report_login) (GdmSessionAuditor *auditor);
void (* report_login_failure) (GdmSessionAuditor *auditor,
int error_code,
const char *error_message);
void (* report_logout) (GdmSessionAuditor *auditor);
};
GType gdm_session_auditor_get_type (void);
GdmSessionAuditor *gdm_session_auditor_new (const char *hostname,
const char *display_device);
void gdm_session_auditor_set_username (GdmSessionAuditor *auditor,
const char *username);
void gdm_session_auditor_report_password_changed (GdmSessionAuditor *auditor);
void gdm_session_auditor_report_password_change_failure (GdmSessionAuditor *auditor);
void gdm_session_auditor_report_user_accredited (GdmSessionAuditor *auditor);
void gdm_session_auditor_report_login (GdmSessionAuditor *auditor);
void gdm_session_auditor_report_login_failure (GdmSessionAuditor *auditor,
int error_code,
const char *error_message);
void gdm_session_auditor_report_logout (GdmSessionAuditor *auditor);
G_END_DECLS
#endif /* GDM_SESSION_AUDITOR_H */
/* gdm-session-linux-auditor.c - Object for Linux auditing of session login/logout
*
* Copyright (C) 2004, 2008 Sun Microsystems
* Copyright (C) 2005, 2008 Red Hat, Inc.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2, or (at your option)
* any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
* 02111-1307, USA.
*
* Written by: Brian A. Cameron <Brian.Cameron@sun.com>
* Gary Winiger <Gary.Winiger@sun.com>
* Ray Strode <rstrode@redhat.com>
* Steve Grubb <sgrubb@redhat.com>
*/
#include "config.h"
#include "gdm-session-linux-auditor.h"
#include <fcntl.h>
#include <pwd.h>
#include <syslog.h>
#include <unistd.h>
#include <libaudit.h>
#include <glib.h>
struct _GdmSessionLinuxAuditorPrivate
{
int audit_fd;
};
static void gdm_session_linux_auditor_finalize (GObject *object);
G_DEFINE_TYPE (GdmSessionLinuxAuditor, gdm_session_linux_auditor, GDM_TYPE_SESSION_AUDITOR);
static void
gdm_session_linux_auditor_report_login_attempt (GdmSessionAuditor *auditor,
gboolean was_successful)
{
GdmSessionLinuxAuditor *linux_auditor;
char buf[512];
char *username;
char *hostname;
char *display_device;
struct passwd *pw;
linux_auditor = GDM_SESSION_LINUX_AUDITOR (auditor);
g_object_get (G_OBJECT (auditor), "username", &username, NULL);
g_object_get (G_OBJECT (auditor), "hostname", &hostname, NULL);
g_object_get (G_OBJECT (auditor), "display-device", &display_device, NULL);
pw = getpwnam (username);
if (username) {
pw = getpwnam (username);
} else {
username = "unknown";
pw = NULL;
}
if (pw) {
g_snprintf (buf, sizeof (buf), "uid=%d", pw->pw_uid);
audit_log_user_message (linux_auditor->priv->audit_fd, AUDIT_USER_LOGIN,
buf, hostname, NULL, display_device,
was_successful != FALSE);
} else {
g_snprintf (buf, sizeof (buf), "acct=%s", username);
audit_log_user_message (linux_auditor->priv->audit_fd, AUDIT_USER_LOGIN,
buf, hostname, NULL, display_device,
was_successful != FALSE);
}
g_free (username);
g_free (hostname);
g_free (display_device);
}
static void
gdm_session_linux_auditor_report_login (GdmSessionAuditor *auditor)
{
gdm_session_linux_auditor_report_login_attempt (auditor, TRUE);
}
static void
gdm_session_linux_auditor_report_login_failure (GdmSessionAuditor *auditor,
int pam_error_code,
const char *pam_error_string)
{
gdm_session_linux_auditor_report_login_attempt (auditor, FALSE);
}
static void
gdm_session_linux_auditor_class_init (GdmSessionLinuxAuditorClass *klass)
{
GObjectClass *object_class;
GdmSessionAuditorClass *auditor_class;
object_class = G_OBJECT_CLASS (klass);
auditor_class = GDM_SESSION_AUDITOR_CLASS (klass);
object_class->finalize = gdm_session_linux_auditor_finalize;
auditor_class->report_login = gdm_session_linux_auditor_report_login;
auditor_class->report_login_failure = gdm_session_linux_auditor_report_login_failure;
g_type_class_add_private (auditor_class, sizeof (GdmSessionLinuxAuditorPrivate));
}
static void
gdm_session_linux_auditor_init (GdmSessionLinuxAuditor *auditor)
{
auditor->priv = G_TYPE_INSTANCE_GET_PRIVATE (auditor,
GDM_TYPE_SESSION_LINUX_AUDITOR,
GdmSessionLinuxAuditorPrivate);
auditor->priv->audit_fd = audit_open ();
}
static void
gdm_session_linux_auditor_finalize (GObject *object)
{
GdmSessionLinuxAuditor *linux_auditor;
GObjectClass *parent_class;
linux_auditor = GDM_SESSION_LINUX_AUDITOR (object);
close (linux_auditor->priv->audit_fd);
parent_class = G_OBJECT_CLASS (gdm_session_linux_auditor_parent_class);
if (parent_class->finalize != NULL) {
parent_class->finalize (object);
}
}
GdmSessionAuditor *
gdm_session_linux_auditor_new (const char *hostname,
const char *display_device)
{
GObject *auditor;
auditor = g_object_new (GDM_TYPE_SESSION_LINUX_AUDITOR,
"hostname", hostname,
"display-device", display_device,
NULL);
return GDM_SESSION_AUDITOR (auditor);
}
/* gdm-linux-session-auditor.h - Object for linux auditing of session login/logout
*
* Copyright (C) 2004, 2008 Sun Microsystems
* Copyright (C) 2005, 2008 Red Hat, Inc.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2, or (at your option)
* any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
* 02111-1307, USA.
*
* Written by: Brian A. Cameron <Brian.Cameron@sun.com>
* Gary Winiger <Gary.Winiger@sun.com>
* Ray Strode <rstrode@redhat.com>
* Steve Grubb <sgrubb@redhat.com>
*/
#ifndef GDM_SESSION_LINUX_AUDITOR_H
#define GDM_SESSION_LINUX_AUDITOR_H
#include <glib.h>
#include <glib-object.h>
#include "gdm-session-auditor.h"
G_BEGIN_DECLS
#define GDM_TYPE_SESSION_LINUX_AUDITOR (gdm_session_linux_auditor_get_type ())
#define GDM_SESSION_LINUX_AUDITOR(obj) (G_TYPE_CHECK_INSTANCE_CAST ((obj), GDM_TYPE_SESSION_LINUX_AUDITOR, GdmSessionLinuxAuditor))
#define GDM_SESSION_LINUX_AUDITOR_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST ((klass), GDM_TYPE_SESSION_LINUX_AUDITOR, GdmSessionLinuxAuditorClass))
#define GDM_IS_SESSION_LINUX_AUDITOR(obj) (G_TYPE_CHECK_INSTANCE_TYPE ((obj), GDM_TYPE_SESSION_LINUX_AUDITOR))
#define GDM_IS_SESSION_LINUX_AUDITOR_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE ((klass), GDM_TYPE_SESSION_LINUX_AUDITOR))
#define GDM_SESSION_LINUX_AUDITOR_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS((obj), GDM_TYPE_SESSION_LINUX_AUDITOR, GdmSessionLinuxAuditorClass))
#define GDM_SESSION_LINUX_AUDITOR_ERROR (gdm_session_linux_auditor_error_quark ())
typedef struct _GdmSessionLinuxAuditor GdmSessionLinuxAuditor;
typedef struct _GdmSessionLinuxAuditorClass GdmSessionLinuxAuditorClass;
typedef struct _GdmSessionLinuxAuditorPrivate GdmSessionLinuxAuditorPrivate;
struct _GdmSessionLinuxAuditor
{
GdmSessionAuditor parent;
/*< private > */
GdmSessionLinuxAuditorPrivate *priv;
};
struct _GdmSessionLinuxAuditorClass
{
GdmSessionAuditorClass parent_class;
};
GType gdm_session_linux_auditor_get_type (void);
GdmSessionAuditor *gdm_session_linux_auditor_new (const char *hostname,
const char *display_device);
G_END_DECLS
#endif /* GDM_SESSION_LINUX_AUDITOR_H */
/* gdm-session-solaris-auditor.c - Object for Solaris auditing of session login/logout
*
* Copyright (C) 2004, 2008 Sun Microsystems
* Copyright (C) 2005, 2008 Red Hat, Inc.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2, or (at your option)
* any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
* 02111-1307, USA.
*
* Written by: Brian A. Cameron <Brian.Cameron@sun.com>
* Gary Winiger <Gary.Winiger@sun.com>
* Ray Strode <rstrode@redhat.com>
* Steve Grubb <sgrubb@redhat.com>
*/
#include "config.h"
#include "gdm-session-solaris-auditor.h"
#include <syslog.h>