From: Zhang Xiliang <zhangxiliang@cn.fujitsu.com>
To: Steve Grubb <sgrubb@redhat.com>, Linux Audit <linux-audit@redhat.com>
Subject: [PATCH 2/2] Use a new funtion to instead of outing error message for field checking
Date: Thu, 07 Aug 2008 18:58:29 +0800 [thread overview]
Message-ID: <489AD555.2080500@cn.fujitsu.com> (raw)
Hello Steve,
The method of outing error message for field checking is too big. It is disadvantage to modify.
Create a helper function to output error messages.
It should be more pretty and smart.
Signed-off-by: Zhang Xiliang <zhangxiliang@cn.fujitsu.com>
---
lib/Makefile.am | 2 +-
lib/errormsg.h | 58 ++++++++++++++++++++++
lib/libaudit.c | 26 ++++++++++
src/auditctl.c | 135 ++++------------------------------------------------
src/mt/Makefile.am | 4 +-
5 files changed, 97 insertions(+), 128 deletions(-)
create mode 100644 lib/errormsg.h
diff --git a/lib/Makefile.am b/lib/Makefile.am
index 13ccbb9..c5b2c6c 100644
--- a/lib/Makefile.am
+++ b/lib/Makefile.am
@@ -30,7 +30,7 @@ lib_LTLIBRARIES = libaudit.la
include_HEADERS = libaudit.h
libaudit_la_SOURCES = libaudit.c message.c netlink.c \
lookup_table.c audit_logging.c deprecated.c \
- private.h $(BUILT_SOURCES)
+ private.h errormsg.h $(BUILT_SOURCES)
libaudit_la_LIBADD =
libaudit_la_DEPENDENCIES = $(libaudit_la_SOURCES) ../config.h
libaudit_la_LDFLAGS = -Wl,-z,relro
diff --git a/lib/errormsg.h b/lib/errormsg.h
new file mode 100644
index 0000000..6ee68d1
--- /dev/null
+++ b/lib/errormsg.h
@@ -0,0 +1,58 @@
+/* errormsg.h --
+ * Copyright 2008 FUJITSU Inc.
+ * All Rights Reserved.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ *
+ * Authors:
+ * Zhang Xiliang <zhangxiliang@cn.fujitsu.com>
+ */
+
+struct msg_tab {
+ int key; /* error number */
+ /*
+ * the field string position in the error message
+ * 0: don't output field string
+ * 1: output field string before error message
+ * 2: output field string after error message
+ */
+ int position;
+ const char *cvalue;
+};
+
+static const struct msg_tab err_msgtab[] = {
+ { -1, 2, "-F missing opration for" },
+ { -2, 2, "-F unknown field:" },
+ { -3, 1, "must be before -S" },
+ { -4, 1, "machine type not found" },
+ { -5, 1, "elf mapping not found" },
+ { -6, 1, "requested bit level not supported by machine" },
+ { -7, 1, "can only be used with exit filter list" },
+ { -8, 2, "-F unknown message type -" },
+ { -9, 0, "msgtype field can only be used with exclude filter list" },
+ { -10, 0, "Failed upgrading rule" },
+ { -11, 0, "String value too long" },
+ { -12, 0, "Only msgtype field can be used with exclude filter" },
+ { -13, 1, "only takes = or != operators" },
+ { -14, 0, "Permission can only contain \'rwxa\'" },
+ { -15, 2, "-F unknown errno -"},
+ { -16, 2, "-F unknown file type - " },
+ { -17, 1, "can only be used with exit and entry filter list" },
+ { -18, 1, "can not be used with exclude filter list" },
+ { -19, 0, "Key field needs a watch or syscall given prior to it" },
+ { -20, 2, "-F missing value after opration for" },
+ { -21, 2, "-F value should be number for" },
+ { -22, 2, "-F missing field name before operator for" }
+};
diff --git a/lib/libaudit.c b/lib/libaudit.c
index e0f108a..7d48d78 100644
--- a/lib/libaudit.c
+++ b/lib/libaudit.c
@@ -39,6 +39,7 @@
#include "libaudit.h"
#include "private.h"
+#include "errormsg.h"
/* #defines for the audit failure query */
#define CONFIG_FILE "/etc/libaudit.conf"
@@ -1153,3 +1154,28 @@ int audit_detect_machine(void)
return -1;
}
hidden_def(audit_detect_machine)
+
+void audit_number_to_errmsg(int errnumber, const char *opt)
+{
+ unsigned int i;
+
+ for (i = 0; i < sizeof(err_msgtab)/sizeof(struct msg_tab); i++) {
+ if (err_msgtab[i].key == errnumber) {
+ switch (err_msgtab[i].position)
+ {
+ case 0:
+ fprintf(stderr, "%s\n", err_msgtab[i].cvalue);
+ break;
+ case 1:
+ fprintf(stderr, "%s %s\n", opt, err_msgtab[i].cvalue);
+ break;
+ case 2:
+ fprintf(stderr, "%s %s\n", err_msgtab[i].cvalue, opt);
+ break;
+ default:
+ break;
+ }
+ return;
+ }
+ }
+}
diff --git a/src/auditctl.c b/src/auditctl.c
index 6144795..96aebe7 100644
--- a/src/auditctl.c
+++ b/src/auditctl.c
@@ -733,133 +733,16 @@ static int setopt(int count, char *vars[])
}
if (which == NEW)
rc = audit_rule_fieldpair_data(&rule_new,optarg,flags);
-//FIXME: make this a function
- switch (rc)
- {
- case 0:
- if (which == NEW && rule_new->fields[rule_new->field_count-1] ==
- AUDIT_PERM)
- audit_permadded = 1;
- break;
- case -1:
- fprintf(stderr, "-F missing operator for %s\n",
- optarg);
- retval = -1;
- break;
- case -2:
- fprintf(stderr, "-F unknown field: %s\n",
- optarg);
- retval = -1;
- break;
- case -3:
- fprintf(stderr,
- "-F %s must be before -S\n",
- optarg);
- retval = -1;
- break;
- case -4:
- fprintf(stderr,
- "-F %s machine type not found\n",
- optarg);
- retval = -1;
- break;
- case -5:
- fprintf(stderr,
- "-F %s elf mapping not found\n",
- optarg);
- retval = -1;
- break;
- case -6:
- fprintf(stderr,
- "-F %s requested bit level not supported by machine\n",
- optarg);
- retval = -1;
- break;
- case -7:
- fprintf(stderr,
- "Field %s can only be used with exit filter list\n",
- optarg);
- retval = -1;
- break;
- case -8:
- fprintf(stderr,
- "-F unknown message type - %s\n",
- optarg);
- retval = -1;
- break;
- case -9:
- fprintf(stderr,
- "msgtype field can only be used with exclude filter list\n");
- retval = -1;
- break;
- case -10:
- fprintf(stderr,
- "Failed upgrading rule\n");
- retval = -1;
- case -11:
- fprintf(stderr,
- "String value too long\n");
- retval = -1;
- break;
- case -12:
- fprintf(stderr,
- "Only msgtype field can be used with exclude filter\n");
- retval = -1;
- break;
- case -13:
- fprintf(stderr,
- "Field (%s) only takes = or != operators\n", optarg);
- retval = -1;
- break;
- case -14:
- fprintf(stderr,
- "Permission (%s) can only contain \'rwxa\n",
- optarg);
- retval = -1;
- break;
- case -15:
- fprintf(stderr,
- "-F unknown errno - %s\n", optarg);
- retval = -1;
- break;
- case -16:
- fprintf(stderr,
- "-F unknown file type - %s\n", optarg);
- retval = -1;
- break;
- case -17:
- fprintf(stderr,
- "Field %s can only be used with exit and entry filter list\n", optarg);
- retval = -1;
- break;
- case -18:
- fprintf(stderr,
- "Field %s can not be used with exclude filter list\n", optarg);
- retval = -1;
- break;
- case -19:
- fprintf(stderr,
- "Key field needs a watch or syscall given prior to it\n");
- retval = -1;
- break;
- case -20:
- fprintf(stderr,
- "-F missing value after operator for %s\n", optarg);
- retval = -1;
- break;
- case -21:
- fprintf(stderr,
- "-F value should be a number for %s\n", optarg);
- retval = -1;
- break;
- case -22:
- fprintf(stderr,
- "-F missing field name before operator for %s\n", optarg);
- retval = -1;
- default:
- retval = -1;
- break;
+
+ if (rc != 0) {
+ audit_number_to_errmsg(rc, optarg);
+ retval = -1;
+ } else {
+ if (which == NEW && rule_new->fields[rule_new->field_count-1] ==
+ AUDIT_PERM)
+ audit_permadded = 1;
}
+
break;
case 'm':
if (audit_log_user_message( fd, AUDIT_USER, optarg, NULL,
diff --git a/src/mt/Makefile.am b/src/mt/Makefile.am
index e840287..7581225 100644
--- a/src/mt/Makefile.am
+++ b/src/mt/Makefile.am
@@ -43,7 +43,7 @@ lib_OBJECTS = $(libauditmt_a_OBJECTS)
libaudit.h:
cp ${top_srcdir}/lib/libaudit.h .
-libaudit.c: libaudit.h private.h
+libaudit.c: libaudit.h private.h errormsg.h
cp ${top_srcdir}/lib/libaudit.c .
message.c: libaudit.h
cp ${top_srcdir}/lib/message.c .
@@ -89,6 +89,8 @@ optabs.h:
cp ${top_builddir}/lib/optabs.h .
errtabs.h:
cp ${top_builddir}/lib/errtabs.h .
+errormsg.h:
+ cp ${top_builddir}/lib/errormsg.h .
lookup_table.o: ${top_builddir}/config.h gen_tables.h i386_tables.h \
ia64_tables.h ppc_tables.h s390_tables.h s390x_tables.h \
next reply other threads:[~2008-08-07 10:58 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-08-07 10:58 Zhang Xiliang [this message]
2008-08-07 15:27 ` [PATCH 2/2] Use a new funtion to instead of outing error message for field checking Miloslav Trmač
2008-08-07 17:45 ` Steve Grubb
2008-08-07 18:05 ` Miloslav Trmač
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=489AD555.2080500@cn.fujitsu.com \
--to=zhangxiliang@cn.fujitsu.com \
--cc=linux-audit@redhat.com \
--cc=sgrubb@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.