src - OpenBSD base system

diff options


context:
space:
mode:

author	Nikolay Sturm <sturm@cvs.openbsd.org>	2003-07-19 11:48:59 +0000
committer	Nikolay Sturm <sturm@cvs.openbsd.org>	2003-07-19 11:48:59 +0000
commit	cc66adb3b35ed88b028cac1c966ecbaafb704f56 (patch)
tree	56bf36dc4a8347ae51a4b8ad01dd592b77363f7a /bin/systrace
parent	4da74a3119016dd4567094309dc5444dbfbdb3a5 (diff)

- sync with NetBSD or Niels' tarball where appropriate

- keeps local changes - fixes a bug in profile feedback optimization and avoids symbol conflicts with errno - new feature: "ask" action itojun@ ok

Diffstat (limited to 'bin/systrace')

-rw-r--r--

bin/systrace/filter.c

-rw-r--r--

bin/systrace/intercept.c

-rw-r--r--

bin/systrace/lex.l

-rw-r--r--

bin/systrace/openbsd-syscalls.c

-rw-r--r--

bin/systrace/parse.y

-rw-r--r--

bin/systrace/policy.c

-rw-r--r--

bin/systrace/register.c

-rw-r--r--

bin/systrace/systrace-translate.c

-rw-r--r--

bin/systrace/systrace.1

117

-rw-r--r--

bin/systrace/systrace.c

-rw-r--r--

bin/systrace/systrace.h

11 files changed, 178 insertions, 94 deletions

diff --git a/bin/systrace/filter.c b/bin/systrace/filter.c
index 1d9c10255a7..d26961bdd72 100644
--- a/bin/systrace/filter.c
+++ b/bin/systrace/filter.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: filter.c,v 1.27 2003/06/16 06:36:40 itojun Exp $ */

+/* $OpenBSD: filter.c,v 1.28 2003/07/19 11:48:57 sturm Exp $ */

@@ -182,6 +182,7 @@ filter_evaluate(struct intercept_tlq *tls, struct filterq *fls,

/* Profile feedback optimization */

filter->match_count++;

if (last != NULL && last->match_action == action &&

+ last->match_flags == filter->match_flags &&

filter->match_count > last->match_count) {

TAILQ_REMOVE(fls, last, next);

TAILQ_INSERT_AFTER(fls, filter, last, next);

@@ -492,10 +493,9 @@ filter_ask(int fd, struct intercept_tlq *tls, struct filterq *fls,

struct filter *filter;

struct policy *policy;

short action;

- int first = 1, isalias;

+ int first = 1, isalias, isprompt = 0;

*pfuture = ICPOLICY_ASK;

- icpid->uflags = 0;

isalias = systrace_find_reverse(emulation, name) != NULL;

@@ -543,6 +543,11 @@ filter_ask(int fd, struct intercept_tlq *tls, struct filterq *fls,

}

while (1) {

+ /* Special policy active that allows only yes or no */

+ if (icpid->uflags & PROCESS_PROMPT) {

+ fprintf(stderr, "isprompt\n");

+ isprompt = 1;

+ }

filter = NULL;

if (!allow) {

@@ -557,7 +562,7 @@ filter_ask(int fd, struct intercept_tlq *tls, struct filterq *fls,

}

if (fgets(line, sizeof(line), stdin) == NULL)

- errx(1, "EOF");

+ errx(1, "EOF on policy input request");

p = line;

strsep(&p, "\n");

} else if (!first) {

@@ -608,6 +613,9 @@ filter_ask(int fd, struct intercept_tlq *tls, struct filterq *fls,

}

if (filter_parse_simple(line, &action, pfuture) != -1) {

+ /* Yes or no, no in-kernel policy allowed */

+ if (isprompt)

+ *pfuture = ICPOLICY_ASK;

if (*pfuture == ICPOLICY_ASK)

goto out;

/* We have a policy decision */

@@ -621,16 +629,32 @@ filter_ask(int fd, struct intercept_tlq *tls, struct filterq *fls,

snprintf(line, sizeof(line), "true then %s", compose);

}

+ if (isprompt) {

+ printf("Answer only \"permit\" or \"deny\". "

+ "This is a prompt.\n");

+ continue;

+ }

if (fls == NULL) {

printf("Syntax error.\n");

continue;

}

- if (filter_parse(line, &filter) == -1)

+ if (filter_parse(line, &filter) == -1) {

+ printf("Parse error.\n");

continue;

+ }

TAILQ_INSERT_TAIL(fls, filter, next);

action = filter_evaluate(tls, fls, icpid);

+ /* If we get a prompt flag here, we ask again */

+ if (icpid->uflags & PROCESS_PROMPT) {

+ filter_policyrecord(policy, filter, emulation, name, line);

+ printf("Answer only \"permit\" or \"deny\". "

+ "This is a prompt.\n");

+ continue;

+ }

if (action == ICPOLICY_ASK) {

TAILQ_REMOVE(fls, filter, next);

printf("Filter unmatched. Freeing it\n");

diff --git a/bin/systrace/intercept.c b/bin/systrace/intercept.c
index e1bf867753d..bb4e9edd317 100644
--- a/bin/systrace/intercept.c
+++ b/bin/systrace/intercept.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: intercept.c,v 1.40 2003/06/16 06:36:40 itojun Exp $ */

+/* $OpenBSD: intercept.c,v 1.41 2003/07/19 11:48:57 sturm Exp $ */

@@ -613,6 +613,7 @@ intercept_filename(int fd, pid_t pid, void *addr, int userp)

errx(1, "cwd too long");

}

+ /* Need concatenated path for simplifypath */

if (havecwd && name[0] != '/') {

if (strlcat(cwd, "/", sizeof(cwd)) >= sizeof(cwd))

goto error;

@@ -718,7 +719,7 @@ intercept_syscall(int fd, pid_t pid, u_int16_t seqnr, int policynr,

flags = 0;

icpid = intercept_getpid(pid);

/* Special handling for the exec call */

if (!strcmp(name, "execve")) {

void *addr;

diff --git a/bin/systrace/lex.l b/bin/systrace/lex.l
index 6369e737236..7e20e0cc4e4 100644
--- a/bin/systrace/lex.l
+++ b/bin/systrace/lex.l

@@ -1,4 +1,4 @@

-/* $OpenBSD: lex.l,v 1.14 2003/06/16 06:36:40 itojun Exp $ */

+/* $OpenBSD: lex.l,v 1.15 2003/07/19 11:48:58 sturm Exp $ */

@@ -72,6 +72,7 @@ int quoteescape;

+ask { return ASK; }

deny { return DENY; }

permit { return PERMIT; }

and { return AND; }

diff --git a/bin/systrace/openbsd-syscalls.c b/bin/systrace/openbsd-syscalls.c
index 4cba9bcad71..99b4ec201db 100644
--- a/bin/systrace/openbsd-syscalls.c
+++ b/bin/systrace/openbsd-syscalls.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: openbsd-syscalls.c,v 1.19 2003/06/16 06:36:40 itojun Exp $ */

+/* $OpenBSD: openbsd-syscalls.c,v 1.20 2003/07/19 11:48:58 sturm Exp $ */

@@ -352,7 +352,7 @@ obsd_translate_errno(int nerrno)

}

static int

-obsd_answer(int fd, pid_t pid, u_int32_t seqnr, short policy, int errno,

+obsd_answer(int fd, pid_t pid, u_int32_t seqnr, short policy, int nerrno,

short flags, struct elevate *elevate)

{

struct systrace_answer ans;

@@ -362,7 +362,7 @@ obsd_answer(int fd, pid_t pid, u_int32_t seqnr, short policy, int errno,

ans.stra_seqnr = seqnr;

ans.stra_policy = obsd_translate_policy(policy);

ans.stra_flags = obsd_translate_flags(flags);

- ans.stra_error = obsd_translate_errno(errno);

+ ans.stra_error = obsd_translate_errno(nerrno);

if (elevate != NULL) {

if (elevate->e_flags & ELEVATE_UID) {

diff --git a/bin/systrace/parse.y b/bin/systrace/parse.y
index 8173b8dce94..fdf401122a8 100644
--- a/bin/systrace/parse.y
+++ b/bin/systrace/parse.y

@@ -1,4 +1,4 @@

-/* $OpenBSD: parse.y,v 1.14 2003/05/29 00:39:12 itojun Exp $ */

+/* $OpenBSD: parse.y,v 1.15 2003/07/19 11:48:58 sturm Exp $ */

@@ -66,7 +66,7 @@ extern int iamroot;

-%token AND OR NOT LBRACE RBRACE LSQBRACE RSQBRACE THEN MATCH PERMIT DENY

+%token AND OR NOT LBRACE RBRACE LSQBRACE RSQBRACE THEN MATCH PERMIT DENY ASK

%token EQ NEQ TRUE SUB NSUB INPATH LOG COMMA IF USER GROUP EQUAL NEQUAL AS

%token COLON RE LESSER GREATER

%token <string> STRING

@@ -121,6 +121,10 @@ fullexpression : expression THEN action errorcode logcode elevate predicate

if ($5)

flags |= SYSCALL_LOG;

+ /* Special policy that allows only yes or no */

+ if ($3 == ICPOLICY_ASK)

+ flags |= PROCESS_PROMPT;

if ($4 != NULL)

free($4);

@@ -445,6 +449,10 @@ action : PERMIT

{

$$ = ICPOLICY_PERMIT;

}

+ | ASK

+ $$ = ICPOLICY_ASK;

| DENY

{

$$ = ICPOLICY_NEVER;

diff --git a/bin/systrace/policy.c b/bin/systrace/policy.c
index 1f94338d567..72c7f685c12 100644
--- a/bin/systrace/policy.c
+++ b/bin/systrace/policy.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: policy.c,v 1.28 2003/06/19 06:26:19 pvalchev Exp $ */

+/* $OpenBSD: policy.c,v 1.29 2003/07/19 11:48:58 sturm Exp $ */

@@ -129,7 +129,7 @@ systrace_setupdir(char *path)

if (!(sb.st_mode & S_IFDIR))

errx(1, "Not a directory: \"%s\"", policydir);

} else if (mkdir(policydir, 0700) == -1)

- err(1, "mdkdir(%s)", policydir);

+ err(1, "mkdir(%s)", policydir);

}

int

diff --git a/bin/systrace/register.c b/bin/systrace/register.c
index c21b7296491..c85ccb05719 100644
--- a/bin/systrace/register.c
+++ b/bin/systrace/register.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: register.c,v 1.15 2003/06/16 06:36:40 itojun Exp $ */

+/* $OpenBSD: register.c,v 1.16 2003/07/19 11:48:58 sturm Exp $ */

@@ -151,6 +151,9 @@ systrace_initcb(void)

X(intercept_register_sccb("native", "socket", trans_cb, NULL));

intercept_register_translation("native", "socket", 0, &ic_sockdom);

intercept_register_translation("native", "socket", 1, &ic_socktype);

+ X(intercept_register_sccb("native", "kill", trans_cb, NULL));

+ intercept_register_translation("native", "kill", 0, &ic_pidname);

+ intercept_register_translation("native", "kill", 1, &ic_signame);

X(intercept_register_sccb("linux", "open", trans_cb, NULL));

tl = intercept_register_translink("linux", "open", 0);

diff --git a/bin/systrace/systrace-translate.c b/bin/systrace/systrace-translate.c
index 959a459aece..a40291b5ebe 100644
--- a/bin/systrace/systrace-translate.c
+++ b/bin/systrace/systrace-translate.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: systrace-translate.c,v 1.16 2003/04/14 02:13:30 deraadt Exp $ */

+/* $OpenBSD: systrace-translate.c,v 1.17 2003/07/19 11:48:58 sturm Exp $ */

@@ -262,12 +262,14 @@ print_pidname(char *buf, size_t buflen, struct intercept_translate *tl)

struct intercept_pid *icpid;

pid_t pid = (intptr_t)tl->trans_addr;

- icpid = intercept_getpid(pid);

- snprintf(buf, buflen, "%s",

- icpid->name != NULL ? icpid->name : "<unknown>");

- if (icpid->name == NULL)

- intercept_freepid(pid);

+ if (pid != 0) {

+ icpid = intercept_getpid(pid);

+ snprintf(buf, buflen, "%s",

+ icpid->name != NULL ? icpid->name : "<unknown>");

+ if (icpid->name == NULL)

+ intercept_freepid(pid);

+ } else

+ strlcpy(buf, "<own process group>", buflen);

return (0);

}

diff --git a/bin/systrace/systrace.1 b/bin/systrace/systrace.1
index 09e057addfc..5dc55a8d915 100644
--- a/bin/systrace/systrace.1
+++ b/bin/systrace/systrace.1

@@ -1,4 +1,4 @@

-.\" $OpenBSD: systrace.1,v 1.33 2003/05/29 00:39:12 itojun Exp $

+.\" $OpenBSD: systrace.1,v 1.34 2003/07/19 11:48:58 sturm Exp $

.\"

@@ -30,7 +30,7 @@

.\"

.\" Manual page, using -mandoc macros

.\"

-.Dd June 3, 2002

+.Dd May 21, 2003

.Dt SYSTRACE 1

.Os

.Sh NAME

@@ -38,15 +38,13 @@

.Nd generate and enforce system call policies

.Sh SYNOPSIS

.Nm systrace

-.Bk -words

-.Op Fl aAituU

+.Op Fl AaitUu

+.Op Fl c Ar uid:gid

.Op Fl d Ar policydir

-.Op Fl g Ar gui

.Op Fl f Ar file

-.Op Fl c Ar uid:gid

+.Op Fl g Ar gui

.Op Fl p Ar pid

.Ar command ...

-.Ek

.Sh DESCRIPTION

The

.Nm

@@ -65,63 +63,50 @@ system calls require root privilege.

.Pp

The access policy can be generated interactively or obtained from a

policy file.

-Interactive policy generation will be performed by the ``notification

-user agent'', normally

+Interactive policy generation will be performed by the

+.Dq notification user agent ,

+normally

.Xr xsystrace 1 ,

unless text mode is specified via

.Fl t .

.Pp

-When running in ``automatic enforcement'' mode,

-operations not covered by the policy raise an alarm and

+When running in

+.Dq automatic enforcement

+mode, operations not covered by the policy raise an alarm and

allow an user to refine the currently configured policy.

.Pp

The options are as follows:

.Bl -tag -width Dfxfile

-.It Fl a

-Enables automatic enforcement of configured policies.

-An operation not covered by policy is denied and logged via

-.Xr syslog 3 .

.It Fl A

Automatically generate a policy that allows every operation the

application executes.

The created policy functions as a base that can be refined.

-.It Fl u

-Do not perform aliasing on system call names.

-Aliasing is enabled by default to group similar system calls into a

-single compound name.

-For example, system calls that read from the file system

-like

-.Fn lstat

-and

-.Fn access

-are translated to

-.Fn fsread .

-.It Fl i

-Inherits the policy - child processes inherit policy of the parent binary.

-.It Fl t

-Uses text mode to ask for interactive policy generation.

-.It Fl U

-Ignore user configured policies and use only global system policies.

-.It Fl d Ar policydir

-Specifies an alternative location for the user's directory from

-which policies are loaded and to which changed policies are stored.

-.It Fl g Ar gui

-Specifies an alternative location for the notification user interface.

+.It Fl a

+Enables automatic enforcement of configured policies.

+An operation not covered by policy is denied and logged via

+.Xr syslog 3 .

.It Fl c Ar uid:gid

Specifies the

.Va uid

and

.Va gid

that the monitored application should be executed with,

-which must be specified as non-negative integers (not as names).

+which must be specified as nonnegative integers (not as names).

This is useful in conjunction with privilege elevation and requires

root privilege.

+.It Fl d Ar policydir

+Specifies an alternative location for the user's directory from

+which policies are loaded and to which changed policies are stored.

.It Fl f Ar file

The policies specified in

.Ar file

are added to the policies that

.Nm

knows about.

+.It Fl g Ar gui

+Specifies an alternative location for the notification user interface.

+.It Fl i

+Inherits the policy - child processes inherit policy of the parent binary.

.It Fl p Ar pid

Specifies the pid of a process that

.Nm

@@ -129,10 +114,24 @@ should attach to.

The full path name of the corresponding binary has to be specified

.Ar command .

+.It Fl t

+Uses text mode to ask for interactive policy generation.

+.It Fl U

+Ignore user configured policies and use only global system policies.

+.It Fl u

+Do not perform aliasing on system call names.

+Aliasing is enabled by default to group similar system calls into a

+single compound name.

+For example, system calls that read from the file system like

+.Fn lstat

+and

+.Fn access

+are translated to

+.Fn fsread .

.El

.Ss POLICY

The policy is specified via the following grammar:

-.Bd -literal -offset AAA

+.Bd -literal -offset 4

filter = expression "then" action errorcode logcode

expression = symbol | "not" expression | "(" expression ")" |

expression "and" expression | expression "or" expression

@@ -142,7 +141,7 @@ symbol = string typeoff "match" cmdstring |

string typeoff "inpath" cmdstring | string typeoff "re" cmdstring |

"true"

typeoff = /* empty */ | "[" number "]"

-action = "permit" | "deny"

+action = "permit" | "deny" | "ask"

errorcode = /* empty */ | "[" string "]"

logcode = /* empty */ | "log"

.Ed

@@ -168,7 +167,7 @@ detach

have special meanings when used with a

.Va permit

rule for the

-.Xr execve 2

+.Va execve

system call.

When using

.Do

@@ -183,9 +182,14 @@ detach,

detaches from a process after successfully

completing

the

-.Xr execve 2

+.Va execve

system call.

.Pp

+The

+.Va ask

+action specifies that the user should be prompted for a decision

+every time that the rule matches.

+.Pp

The filter operations have the following meaning:

.Bl -hang -width Dinpath -offset AAA

.It match

@@ -215,28 +219,25 @@ the specified regular expression.

By appending the

.Va log

statement to a rule, a matching system call and its arguments

-are logged to

+is logged to

.Xr syslog 3 .

This is useful, for example, to log all invocations of the

-.Xr execve 2

+.Va execve

system call.

.Pp

Policy entries may contain an appended predicate.

Predicates have the following format:

-.Bd -literal -offset AAA

-", if" {"user", "group"} {"=", "!=", "<", ">" } {number, string}

+.Bd -literal -offset 4

+", if" {"user", "group"} {"=", "!=", "\*[Lt]", "\*[Gt]" } {number, string}

.Ed

.Pp

A rule is added to the configured policy only if its predicate

evaluates to true.

.Pp

-The environment variables

-.Ev $HOME , $USER

-and

-.Ev $CWD

-are substituted in rules.

-Comments, begun by an unquoted '#' character and

-continuing to the end of the line, are ignored.

+The environment variables $HOME, $USER and $CWD are substituted in rules.

+Comments, begun by an unquoted

+.Sq \&#

+character and continuing to the end of the line, are ignored.

.Sh PRIVILEGE ELEVATION

With

.Nm

@@ -260,7 +261,7 @@ in a policy to elevate the privileges for the matching system call:

.Bd -literal -offset 4

as user

as user:group

-as group

+as :group

.Ed

.Pp

The effective

@@ -269,9 +270,9 @@ and

.Va gid

are elevated only for the duration of the system call, and are restored

to the old values afterwards (except for the

-.Xr seteuid 2

-and

-.Xr setegid 2

+.Va seteuid

+or

+.Va setegid

system calls).

.Sh FILES

.Bl -tag -width xHOME/xsystrace -compact

@@ -287,7 +288,7 @@ replaced by the underscore character.

An excerpt from a sample

.Xr ls 1

policy might look as follows:

-.Bd -literal -offset AAA

+.Bd -literal -offset 4

Policy: /bin/ls, Emulation: native

[...]

native-fsread: filename eq "$HOME" then permit

diff --git a/bin/systrace/systrace.c b/bin/systrace/systrace.c
index 9b5bd1c2be2..a5e5bdb8244 100644
--- a/bin/systrace/systrace.c
+++ b/bin/systrace/systrace.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: systrace.c,v 1.43 2003/06/16 06:36:40 itojun Exp $ */

+/* $OpenBSD: systrace.c,v 1.44 2003/07/19 11:48:58 sturm Exp $ */

@@ -44,6 +44,7 @@

#include <string.h>

#include <err.h>

#include <errno.h>

+#include <grp.h>

#include <pwd.h>

#include "intercept.h"

@@ -297,7 +298,7 @@ gen_cb(int fd, pid_t pid, int policynr, const char *name, int code,

goto out;

}

- action = filter_ask(fd, NULL, NULL, policynr, emulation, name,

+ action = filter_ask(fd, NULL, pflq, policynr, emulation, name,

output, &future, ipid);

if (future != ICPOLICY_ASK)

systrace_modifypolicy(fd, policynr, name, future);

@@ -408,8 +409,8 @@ static void

usage(void)

{

fprintf(stderr,

- "Usage: systrace [-aAituU] [-d poldir] [-g gui] [-f policy]\n"

- "\t [-c uid:gid] [-p pid] command ...\n");

+ "Usage: systrace [-AaitUu] [-c uid:gid] [-d policydir] [-f file]\n"

+ "\t [-g gui] [-p pid] command ...\n");

exit(1);

}

@@ -460,6 +461,54 @@ requestor_start(char *path)

return (0);

}

+static int

+get_uid_gid(const char *argument, uid_t *uid, gid_t *gid)

+ struct group *gp;

+ struct passwd *pw;

+ unsigned long ulval;

+ char uid_gid_str[128];

+ char *endp, *g, *u;

+ strlcpy(uid_gid_str, argument, sizeof(uid_gid_str));

+ g = uid_gid_str;

+ u = strsep(&g, ":");

+ if ((pw = getpwnam(u)) != NULL) {

+ memset(pw->pw_passwd, 0, strlen(pw->pw_passwd));

+ *uid = pw->pw_uid;

+ *gid = pw->pw_gid;

+ /* Ok if group not specified. */

+ if (g == NULL)

+ return (0);

+ } else {

+ errno = 0;

+ ulval = strtoul(u, &endp, 10);

+ if (u[0] == '\0' || *endp != '\0')

+ errx(1, "no such user '%s'", u);

+ if (errno == ERANGE && ulval == ULONG_MAX)

+ errx(1, "invalid uid %s", u);

+ *uid = (uid_t)ulval;

+ }

+ if (g == NULL)

+ return (-1);

+ if ((gp = getgrnam(g)) != NULL)

+ *gid = gp->gr_gid;

+ else {

+ errno = 0;

+ ulval = strtoul(g, &endp, 10);

+ if (g[0] == '\0' || *endp != '\0')

+ errx(1, "no such group '%s'", g);

+ if (errno == ERANGE && ulval == ULONG_MAX)

+ errx(1, "invalid gid %s", g);

+ *gid = (gid_t)ulval;

+ }

+ return (0);

int

main(int argc, char **argv)

{

@@ -467,7 +516,7 @@ main(int argc, char **argv)

char **args;

char *filename = NULL;

char *policypath = NULL;

- char *guipath = _PATH_XSYSTRACE, *p;

+ char *guipath = _PATH_XSYSTRACE;

struct timeval tv, tv_wait = {60, 0};

pid_t pidattach = 0;

int usex11 = 1, count;

@@ -479,14 +528,8 @@ main(int argc, char **argv)

while ((c = getopt(argc, argv, "c:aAituUd:g:f:p:")) != -1) {

switch (c) {

case 'c':

- p = strsep(&optarg, ":");

- if (optarg == NULL || *optarg == '\0')

- usage();

setcredentials = 1;

- cr_uid = atoi(p);

- cr_gid = atoi(optarg);

- if (cr_uid <= 0 || cr_gid <= 0)

+ if (get_uid_gid(optarg, &cr_uid, &cr_gid) == -1)

usage();

break;

case 'a':

diff --git a/bin/systrace/systrace.h b/bin/systrace/systrace.h
index 9b676afcaef..99b5e819b49 100644
--- a/bin/systrace/systrace.h
+++ b/bin/systrace/systrace.h

@@ -1,4 +1,4 @@

-/* $OpenBSD: systrace.h,v 1.22 2003/06/16 06:36:40 itojun Exp $ */

+/* $OpenBSD: systrace.h,v 1.23 2003/07/19 11:48:58 sturm Exp $ */

@@ -129,6 +129,7 @@ TAILQ_HEAD(tmplqueue, template);

#define PROCESS_INHERIT_POLICY 0x01 /* Process inherits policy */

#define PROCESS_DETACH 0x02 /* Process gets detached */

#define SYSCALL_LOG 0x04 /* Log this system call */

+#define PROCESS_PROMPT 0x08 /* Prompt but nothing else */

void systrace_parameters(void);

int systrace_initpolicy(char *, char *);