Add command line support for multiple audit logs

Gerrits #13774 (audit: Support multiple audit interfaces and interface options) and #13775 (audit: Add cmd helper for processing audit options) added support in the audit facility for multiple audit logs. Add command line support to use multiple audit logs for daemons that use libcmd for command line processing: bosserver, buserver, butc, fileserver, volserver, ptserver, and vlserver. Update the daemons to add a call to audit_open, and where possible add a call to audit_close when shutting down the daemon. Update help message and manpage entries for -auditlog and -audit-interface Change-Id: I4356e1aa84f580897a0e788e2a2829685be891aa Reviewed-on: https://gerrit.openafs.org/13776 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
2025-01-18 15:00:12 +00:00 · 2020-12-04 10:16:57 -07:00 · 2020-12-04 10:16:57 -07:00 · 5069c697c7
commit 5069c697c7
parent 3e204354f5
18 changed files with 214 additions and 175 deletions
--- a/doc/man-pages/pod8/bosserver.pod
+++ b/doc/man-pages/pod8/bosserver.pod
@ -11,8 +11,8 @@ B<bosserver>
    S<<< [B<-noauth>] >>>
    S<<< [B<-log>] >>>
    S<<< [B<-enable_peer_stats>] >>>
-    S<<< [B<-auditlog> <I<log path>>] >>>
-    S<<< [B<-audit-interface> ( file | sysvmq )] >>>
+    S<<< [B<-auditlog> [<I<interface>>:]<I<path>>[:<I<options>>]] >>>
+    S<<< [B<-audit-interface> <I<default interface>>>] >>>
    S<<< [B<-enable_process_stats>] >>>
    S<<< [B<-allow-dotted-principals>] >>>
    S<<< [B<-cores>[=none|<I<path>>]] >>>
@ -136,18 +136,20 @@ listed in the F</usr/afs/etc/UserList> file).
 The argument none turns off core file generation. Otherwise, the
 argument is a path where core files will be stored.

-=item B<-auditlog> <I<log path>>
+=item B<-auditlog> [<I<interface>>:]<I<path>>[:<I<options>>]

 Turns on audit logging, and sets the path for the audit log.  The audit
 log records information about RPC calls, including the name of the RPC
 call, the host that submitted the call, the authenticated entity (user)
 that issued the call, the parameters for the call, and if the call
-succeeded or failed.
+succeeded or failed.  See L<fileserver(8)> for an explanation of the audit
+facility.

-=item B<-audit-interface> (file | sysvmq)
+=item B<-audit-interface> <I<default interface>>

-Specifies what audit interface to use. Defaults to C<file>. See
-L<fileserver(8)> for an explanation of each interface.
+Sets the default audit interface used by the B<-auditlog> option.  The
+initial default is the C<file> interface. See L<fileserver(8)> for
+an explanation of each interface.

 =item B<-enable_peer_stats>

--- a/doc/man-pages/pod8/buserver.pod
+++ b/doc/man-pages/pod8/buserver.pod
@ -8,8 +8,8 @@ buserver - Initializes the Backup Server
 <div class="synopsis">

 B<buserver> S<<< [B<-database> <I<database directory>>] >>>
-    S<<< [B<-auditlog> <I<log path>>] >>>
-    S<<< [B<-audit-interface> (file | sysvmq)] >>>
+    S<<< [B<-auditlog> [<I<interface>>:]<I<path>>[:<I<options>>]] >>>
+    S<<< [B<-audit-interface> <I<default interface>>] >>>
    S<<< [B<-cellservdb> <I<cell configuration directory>>] >>> [B<-resetdb>]
    [B<-noauth>] [B<-smallht>]
    S<<< [B<-servers> <I<list of ubik database servers>>+] >>>
@ -63,18 +63,20 @@ Specifies the pathname of an alternate directory for the Backup Database
 files, ending in a final slash (C</>). If this argument is not provided,
 the default is the F</usr/afs/db> directory.

-=item B<-auditlog> <I<log path>>
+=item B<-auditlog> [<I<interface>>:]<I<path>>[:<I<options>>]

 Turns on audit logging, and sets the path for the audit log.  The audit
 log records information about RPC calls, including the name of the RPC
 call, the host that submitted the call, the authenticated entity (user)
 that issued the call, the parameters for the call, and if the call
-succeeded or failed.
+succeeded or failed.  See L<fileserver(8)> for an explanation of the audit
+facility.

-=item B<-audit-interface> (file | sysvmq)
+=item B<-audit-interface> <I<default interface>>

-Specifies what audit interface to use. Defaults to C<file>. See
-L<fileserver(8)> for an explanation of each interface.
+Sets the default audit interface used by the B<-auditlog> option.  The
+initial default is the C<file> interface. See L<fileserver(8)> for
+an explanation of each interface.

 =item B<-cellservdb> <I<cell configuration directory>>

--- a/doc/man-pages/pod8/butc.pod
+++ b/doc/man-pages/pod8/butc.pod
@ -9,12 +9,13 @@ butc - Initializes the Tape Coordinator process

 B<butc> S<<< [B<-port> <I<port offset>>] >>> S<<< [B<-debuglevel> (0 | 1 | 2)] >>>
    S<<< [B<-cell> <I<cell name>>] >>> [B<-noautoquery>] [B<-rxbind>] [B<-localauth>]
-    [B<-auditlog> <I<file | sysvmq>> [B<-audit-interface> <I<interface>>]]
+    [B<-auditlog> [<I<interface>>:]<I<path>>[:<I<options>>]]
+    [B<-audit-interface> <I<default interface>>>
    [B<-allow_unauthenticated>] [B<-help>]

 B<butc> S<<< [B<-p> <I<port offset>>] >>> S<<< [B<-d> (0 | 1 | 2)] >>>
    S<<< [B<-c> <I<cell name>>] >>> [B<-n>] [B<-r>] [B<-l>]
-    [B<-auditl> <I<file | sysvmq>> [-B<-audit-i> <I<interface>>]]
+    [B<-auditl> [<I<interface>>:]<I<path>>[:<I<options>>]]
    [B<-al>] [B<-h>]

 =for html
@ -190,18 +191,20 @@ logged on to a server machine as the local superuser C<root>; client
 machines do not have F</usr/afs/etc/KeyFile> or F</usr/afs/etc/KeyFileExt>
 files.

-=item B<-auditlog> <I<log path>>
+=item B<-auditlog> [<I<interface>>:]<I<path>>[:<I<options>>]

 Turns on audit logging, and sets the path for the audit log.  The audit
 log records information about RPC calls, including the name of the RPC
 call, the host that submitted the call, the authenticated entity (user)
 that issued the call, the parameters for the call, and if the call
-succeeded or failed.
+succeeded or failed.  See L<fileserver(8)> for an explanation of the audit
+facility.

-=item B<-audit-interface> <(file | sysvmq)>
+=item B<-audit-interface> <I<default interface>>

-Specifies what audit interface to use. Defaults to C<file>. See
-L<fileserver(8)> for an explanation of each interface.
+Sets the default audit interface used by the B<-auditlog> option.  The
+initial default is the C<file> interface. See L<fileserver(8)> for
+an explanation of each interface.

 =item B<-allow_unauthenticated>

--- a/doc/man-pages/pod8/fragments/dafileserver-synopsis.pod
+++ b/doc/man-pages/pod8/fragments/dafileserver-synopsis.pod
@ -1,6 +1,6 @@
 B<dafileserver>
-    S<<< [B<-auditlog> <I<path to log file>>] >>>
-    S<<< [B<-audit-interface> (file | sysvmq)] >>>
+    S<<< [B<-auditlog> [<I<interface>>:]<I<path>>[:<I<options>>]] >>>
+    S<<< [B<-audit-interface> <I<default interface>] >>>
    S<<< [B<-d> <I<debug level>>] >>>
    S<<< [B<-p> <I<number of processes>>] >>>
    S<<< [B<-spare> <I<number of spare blocks>>] >>>
--- a/doc/man-pages/pod8/fragments/davolserver-synopsis.pod
+++ b/doc/man-pages/pod8/fragments/davolserver-synopsis.pod
@ -1,6 +1,6 @@
 B<davolserver>
    [B<-log>] S<<< [B<-p> <I<number of processes>>] >>>
-    S<<< [B<-auditlog> <I<log path>>] >>> [B<-audit-interface> (file | sysvmq)]
+    S<<< [B<-auditlog> [<I<interface>>:]<I<path>>[:<I<options>>]] >>> [B<-audit-interface> <I<default interface>>]
    S<<< [B<-udpsize> <I<size of socket buffer in bytes>>] >>>
    S<<< [B<-d> <I<debug level>>] >>>
    [B<-nojumbo>] [B<-jumbo>] 
--- a/doc/man-pages/pod8/fragments/fileserver-options.pod
+++ b/doc/man-pages/pod8/fragments/fileserver-options.pod
@ -1,6 +1,6 @@
 =over 4

-=item B<-auditlog> <I<log path>>
+=item B<-auditlog> [<I<interface>>:]<I<path>>[:<I<options>>]

 Turns on audit logging, and sets the path for the audit log.  The audit
 log records information about RPC calls, including the name of the RPC
@ -8,16 +8,54 @@ call, the host that submitted the call, the authenticated entity (user)
 that issued the call, the parameters for the call, and if the call
 succeeded or failed.

-=item B<-audit-interface> (file | sysvmq)
+The parameter to B<-auditlog> contains three parts separated by a colon
+(see examples below).

-Specifies what audit interface to use. The C<file> interface writes audit
-messages to the file passed to B<-auditlog>. The C<sysvmq> interface
-writes audit messages to a SYSV message (see L<msgget(2)> and
-L<msgrcv(2)>). The message queue the C<sysvmq> interface writes to has the
-key C<ftok(path, 1)>, where C<path> is the path specified in the
-B<-auditlog> option.
+The first part is the optional interface name. The default audit
+interface is C<file> and can be changed by the B<-audit-interface> option.

-Defaults to C<file>.
+The second part is the path to the log file and is required.  Note the path
+to the file cannot itself contain a colon.
+
+The third part are parameters that will be passed to the audit interface.
+The parameters are optional and the value and format is specific to the
+audit interface.
+
+The audit interfaces are:
+
+=over 4
+
+=item B<file>
+
+The C<file> interface writes audit messages to the specified file.
+There are no optional parameters to the file interface. This is the default
+interface unless changed by the B<-audit-interface> option.
+
+=item B<sysvmq>
+
+The C<sysvmq> interface writes audit messages to a SYSV message (see L<msgget(2)>
+and L<msgrcv(2)>). The C<sysvmq> interface writes to the key C<ftok(msgqpath, 1)>,
+where C<msqpath> is specified by the I<path to log file> parameter. There are no
+optional parameters to the sysvmq interface.
+
+=back
+
+Multiple audit logs can be set up with different interfaces or different
+I<path to log file>.
+
+Examples:
+
+    -auditlog /path/to/file
+    -auditlog file:/path/to/file
+    -auditlog sysvmq:/path/to/sysvmq
+    -auditlog /path/to/file -auditlog /path/to/file2
+
+=item B<-audit-interface> <I<default interface>>
+
+Sets the default audit interface used by the B<-auditlog> option.  The
+initial default is the C<file> interface.
+
+See B<-auditlog> for information on the different audit interfaces.

 =item B<-d> <I<debug level>>

--- a/doc/man-pages/pod8/fragments/fileserver-synopsis.pod
+++ b/doc/man-pages/pod8/fragments/fileserver-synopsis.pod
@ -1,6 +1,6 @@
 B<fileserver>
-    S<<< [B<-auditlog> <I<path to log file>>] >>>
-    S<<< [B<-audit-interface> (file | sysvmq)] >>>
+    S<<< [B<-auditlog> [<I<interface>>:]<I<path>>[<I<options>>]] >>>
+    S<<< [B<-audit-interface> <I<default interface>>] >>>
    S<<< [B<-d> <I<debug level>>] >>>
    S<<< [B<-p> <I<number of processes>>] >>>
    S<<< [B<-spare> <I<number of spare blocks>>] >>>
--- a/doc/man-pages/pod8/fragments/volserver-options.pod
+++ b/doc/man-pages/pod8/fragments/volserver-options.pod
@ -25,18 +25,20 @@ restarted.  This option is provided for compatibility with older versions.
 Sets the number of server lightweight processes (LWPs) to run.  Provide an
 integer between C<4> and C<16>. The default is C<9>.

-=item B<-auditlog> <I<log path>>
+=item B<-auditlog> [<I<interface>>:]<I<path>>[:<I<options>>]

 Turns on audit logging, and sets the path for the audit log.  The audit
 log records information about RPC calls, including the name of the RPC
 call, the host that submitted the call, the authenticated entity (user)
 that issued the call, the parameters for the call, and if the call
-succeeded or failed.
+succeeded or failed.  See L<fileserver(8)> for an explanation of the audit
+facility.

-=item B<-audit-interface> (file | sysvmq)
+=item B<-audit-interface> <I<default interface>>

-Specifies what audit interface to use. Defaults to C<file>. See
-L<fileserver(8)> for an explanation of each interface.
+Sets the default audit interface used by the B<-auditlog> option.  The
+initial default is the C<file> interface. See L<fileserver(8)> for
+an explanation of each interface.

 =item B<-udpsize> <I<size of socket buffer>>

--- a/doc/man-pages/pod8/fragments/volserver-synopsis.pod
+++ b/doc/man-pages/pod8/fragments/volserver-synopsis.pod
@ -1,7 +1,7 @@
 B<volserver>
    [B<-log>] S<<< [B<-p> <I<number of processes>>] >>>
-    S<<< [B<-auditlog> <I<log path>>] >>>
-    S<<< [B<-audit-interface> (file | sysvmq)] >>>
+    S<<< [B<-auditlog> [<I<interface>>:]<I<path>>[:<I<options>>]] >>>
+    S<<< [B<-audit-interface> <I<default interface>>] >>>
    S<<< [B<-logfile <I<log file>>] >>> S<<< [B<-config> <I<configuration path>>] >>>
    S<<< [B<-udpsize> <I<size of socket buffer in bytes>>] >>>
    S<<< [B<-d> <I<debug level>>] >>>
--- a/doc/man-pages/pod8/ptserver.pod
+++ b/doc/man-pages/pod8/ptserver.pod
@ -14,8 +14,8 @@ ptserver S<<< [B<-database> | B<-db> <I<db path>>] >>>
    S<<< [B<-default_access> <I<user access mask>> <I<group access mask>>] >>>
    [B<-restricted>] [B<-restrict_anonymous>] [B<-enable_peer_stats>]
    [B<-enable_process_stats>] [B<-allow-dotted-principals>]
-    [B<-rxbind>] S<<< [B<-auditlog> <I<file path>>] >>>
-    S<<< [B<-audit-interface> (file | sysvmq)] >>>
+    [B<-rxbind>] S<<< [B<-auditlog> [<I<interface>>:]<I<path>>[:<I<options>>]] >>>
+    S<<< [B<-audit-interface> <I<default interface>>] >>>
    S<<< [B<-syslog>[=<I<FACILITY>>]] >>>
    S<<< [B<-logfile> <I<log file>>] >>>
    [B<-transarc-logs>]
@ -178,18 +178,20 @@ service. In a typical configuration this will be F</usr/afs/etc> - this
 option allows the use of alternative configuration locations for testing
 purposes.

-=item B<-auditlog> <I<log path>>
+=item B<-auditlog> [<I<interface>>:]<I<path>>:<I<options>>]

 Turns on audit logging, and sets the path for the audit log.  The audit
 log records information about RPC calls, including the name of the RPC
 call, the host that submitted the call, the authenticated entity (user)
 that issued the call, the parameters for the call, and if the call
-succeeded or failed.
+succeeded or failed.  See L<fileserver(8)> for an explanation of the audit
+facility.

-=item B<-audit-interface> (file | sysvmq)
+=item B<-audit-interface> <I<default interface>>

-Specifies what audit interface to use. Defaults to C<file>. See
-L<fileserver(8)> for an explanation of each interface.
+Sets the default audit interface used by the B<-auditlog> option.  The
+initial default is the C<file> interface. See L<fileserver(8)> for
+an explanation of each interface.

 =item B<-rxmaxmtu> <I<bytes>>

--- a/doc/man-pages/pod8/vlserver.pod
+++ b/doc/man-pages/pod8/vlserver.pod
@ -20,8 +20,8 @@ vlserver [B<-noauth>] [B<-smallmem>]
    S<<< [B<-config> <I<configuration path>>] >>>
    S<<< [B<-syslog>[=<I<facility>>]>] >>>
    [B<-enable_peer_stats>] [B<-enable_process_stats>]
-    S<<< [B<-auditlog> <I<log path>>] >>>
-    S<<< [B<-audit-interface> (file | sysvmq)] >>>
+    S<<< [B<-auditlog> [<I<interface>>:]<I<path>>[:<I<options>>]] >>>
+    S<<< [B<-audit-interface> <I<interface name>>] >>>
    S<<< [B<-restricted_query> (anyuser | admin)] >>>
    S<< [B<-s2scrypt> (rxgk-crypt | never)] >>
    [B<-help>]
@ -119,18 +119,20 @@ user.admin PTS entry. Sites whose Kerberos realms don't have these collisions
 between principal names may disable this check by starting the server
 with this option.

-=item B<-auditlog> <I<log path>>
+=item B<-auditlog> [<I<interface>>:]<I<path>>[:<I<options>>]

 Turns on audit logging, and sets the path for the audit log.  The audit
 log records information about RPC calls, including the name of the RPC
 call, the host that submitted the call, the authenticated entity (user)
 that issued the call, the parameters for the call, and if the call
-succeeded or failed.
+succeeded or failed.  See L<fileserver(8)> for an explanation of the audit
+facility.

-=item B<-audit-interface> (file | sysvmq)
+=item B<-audit-interface> <I<default interface>>

-Specifies what audit interface to use. Defaults to C<file>. See
-L<fileserver(8)> for an explanation of each interface.
+Sets the default audit interface used by the B<-auditlog> option.  The
+initial default is the C<file> interface. See L<fileserver(8)> for
+an explanation of each interface.

 =item B<-rxbind>

--- a/src/bozo/bosserver.c
+++ b/src/bozo/bosserver.c
@ -877,7 +877,7 @@ main(int argc, char **argv, char **envp)
    int rxMaxMTU = -1;
    afs_uint32 host = htonl(INADDR_ANY);
    char *auditIface = NULL;
-    char *auditFileName = NULL;
+    struct cmd_item *auditLogList = NULL;
    struct rx_securityClass **securityClasses;
    afs_int32 numClasses;
    int DoPeerRPCStats = 0;
@ -985,9 +985,9 @@ main(int argc, char **argv, char **envp)

    /* general server options */
    cmd_AddParmAtOffset(opts, OPT_auditinterface, "-audit-interface", CMD_SINGLE,
-			CMD_OPTIONAL, "audit interface (file or sysvmq)");
+			CMD_OPTIONAL, "default interface");
    cmd_AddParmAtOffset(opts, OPT_auditlog, "-auditlog", CMD_SINGLE,
-			CMD_OPTIONAL, "audit log path");
+			CMD_OPTIONAL, "[interface:]path[:options]");
    cmd_AddParmAtOffset(opts, OPT_transarc_logs, "-transarc-logs", CMD_FLAG,
 			CMD_OPTIONAL, "enable Transarc style logging");

@ -1043,16 +1043,8 @@ main(int argc, char **argv, char **envp)
 #endif

    /* general server options */
-    cmd_OptionAsString(opts, OPT_auditlog, &auditFileName);
-
-    if (cmd_OptionAsString(opts, OPT_auditinterface, &auditIface) == 0) {
-	if (osi_audit_interface(auditIface)) {
-	    printf("Invalid audit interface '%s'\n", auditIface);
-	    free(auditIface);
-	    exit(1);
-	}
-	free(auditIface);
-    }
+    cmd_OptionAsString(opts, OPT_auditinterface, &auditIface);
+    cmd_OptionAsList(opts, OPT_auditlog, &auditLogList);

    cmd_OptionAsFlag(opts, OPT_transarc_logs, &DoTransarcLogs);

@ -1138,8 +1130,12 @@ main(int argc, char **argv, char **envp)
 	exit(1);
    }

-    if (auditFileName != NULL)
-	osi_audit_file(auditFileName);
+    /* Process the audit related options now that the directory checks are
+     * done. */
+    code = osi_audit_cmd_Options(auditIface, auditLogList);
+    free(auditIface);
+    if (code)
+       exit(1);

    /* try to read the key from the config file */
    tdir = afsconf_Open(AFSDIR_SERVER_ETC_DIRPATH);
@ -1230,6 +1226,9 @@ main(int argc, char **argv, char **envp)
    /* initialize audit user check */
    osi_audit_set_user_check(bozo_confdir, bozo_IsLocalRealmMatch);

+    /* Finish audit initialization */
+    osi_audit_open();
+
    bozo_CreateRxBindFile(host);	/* for local scripts */

    /* allow super users to manage RX statistics */
--- a/src/budb/server.c
+++ b/src/budb/server.c
@ -163,8 +163,8 @@ initializeArgHandler(void)
    cmd_AddParm(cptr, "-ubikbuffers", CMD_SINGLE, CMD_OPTIONAL,
 		"the number of ubik buffers");

-    cmd_AddParm(cptr, "-auditlog", CMD_SINGLE, CMD_OPTIONAL,
-		"audit log path");
+    cmd_AddParm(cptr, "-auditlog", CMD_LIST, CMD_OPTIONAL,
+		"[interface:]path[:options]");

    cmd_AddParm(cptr, "-p", CMD_SINGLE, CMD_OPTIONAL,
 		"number of processes");
@ -173,7 +173,7 @@ initializeArgHandler(void)
 		"bind the Rx socket (primary interface only)");

    cmd_AddParm(cptr, "-audit-interface", CMD_SINGLE, CMD_OPTIONAL,
-		"audit interface (file or sysvmq)");
+		"default interface");

    cmd_AddParm(cptr, "-transarc-logs", CMD_FLAG, CMD_OPTIONAL,
 		"enable Transarc style logging");
@ -183,6 +183,8 @@ int
 argHandler(struct cmd_syndesc *as, void *arock)
 {

+    char *auditIface = NULL;
+
    /* globalConfPtr provides the handle for the configuration information */

    /* database directory */
@ -245,30 +247,23 @@ argHandler(struct cmd_syndesc *as, void *arock)
 	rxBind = 1;
    }

-    /* -audit-interface */
-    if (as->parms[10].items != 0) {
-	char *interface = as->parms[10].items->data;
+    /* -audit-interface and -auditlog */
+    if (as->parms[10].items != 0)
+	auditIface = as->parms[10].items->data;

-	if (osi_audit_interface(interface)) {
-	    printf("Invalid audit interface '%s'\n", interface);
+    if (as->parms[7].items != 0) {
+	int code;
+	code = osi_audit_cmd_Options(auditIface, as->parms[7].items);
+	if (code)
 	    BUDB_EXIT(-1);
-	}
    }
+
    /* -transarc-logs */
    if (as->parms[11].items != 0) {
 	logopts.lopt_rotateOnOpen = 1;
 	logopts.lopt_rotateStyle = logRotate_old;
    }

-    /* -auditlog */
-    /* needs to be after -audit-interface, so we osi_audit_interface
-     * before we osi_audit_file */
-    if (as->parms[7].items != 0) {
-	char *fileName = as->parms[7].items->data;
-
-        osi_audit_file(fileName);
-    }
-
    return 0;
 }

@ -415,7 +410,6 @@ main(int argc, char **argv)
    logopts.lopt_filename = AFSDIR_SERVER_BUDBLOG_FILEPATH;

    osi_audit_init();
-    osi_audit(BUDB_StartEvent, 0, AUD_END);

    initialize_BUDB_error_table();
    initializeArgHandler();
@ -455,6 +449,10 @@ main(int argc, char **argv)
    if (helpOption)
 	BUDB_EXIT(0);

+    /* Start auditing */
+    osi_audit_open();
+    osi_audit(BUDB_StartEvent, 0, AUD_END);
+
    /* open the log file */
    OpenLog(&logopts);

--- a/src/butc/tcmain.c
+++ b/src/butc/tcmain.c
@ -844,8 +844,7 @@ WorkerBee(struct cmd_syndesc *as, void *arock)
 #endif
    char hoststr[16];
    afs_uint32 host = htonl(INADDR_ANY);
-    char *auditFileName = NULL;
-    char *auditInterface = NULL;
+    char *auditIface = NULL;

    debugLevel = 0;

@ -1006,18 +1005,20 @@ WorkerBee(struct cmd_syndesc *as, void *arock)

    /* Start auditing */
    osi_audit_init();
-    if (as->parms[9].items) {
-	auditFileName = as->parms[9].items->data;
-    }
-    if (auditFileName != NULL)
-	osi_audit_file(auditFileName);
-    if (as->parms[10].items) {
-	auditInterface = as->parms[10].items->data;
-	if (osi_audit_interface(auditInterface)) {
-	    TLog(0, "Invalid audit interface '%s'\n", auditInterface);
+    /* Process -audit-interface and -auditlog */
+    if (as->parms[10].items != NULL)
+	auditIface = as->parms[10].items->data;
+
+    if (as->parms[9].items != NULL) {
+	int code;
+	code = osi_audit_cmd_Options(auditIface, as->parms[9].items);
+	if (code) {
+	    TLog(0, "Error processing -audit-interface or -auditlog parameters");
 	    exit(1);
 	}
    }
+
+    osi_audit_open();
    osi_audit(TC_StartEvent, 0, AUD_END);
    osi_audit_set_user_check(butc_confdir, tc_IsLocalRealmMatch);

@ -1258,9 +1259,10 @@ main(int argc, char **argv)
 		"Force multiple XBSA server support");
    cmd_AddParm(ts, "-rxbind", CMD_FLAG, CMD_OPTIONAL,
 		"bind Rx socket");
-    cmd_AddParm(ts, "-auditlog", CMD_SINGLE, CMD_OPTIONAL, "location of audit log");
+    cmd_AddParm(ts, "-auditlog", CMD_LIST, CMD_OPTIONAL,
+		"[interface:]path[:options]");
    cmd_AddParm(ts, "-audit-interface", CMD_SINGLE, CMD_OPTIONAL,
-		"interface to use for audit logging");
+		"default interface");
    cmd_AddParm(ts, "-allow_unauthenticated", CMD_FLAG, CMD_OPTIONAL,
 		"allow unauthenticated inbound RPCs (requires firewalling)");

--- a/src/ptserver/ptserver.c
+++ b/src/ptserver/ptserver.c
@ -260,8 +260,8 @@ main(int argc, char **argv)
    struct logOptions logopts;
    char *whoami = "ptserver";

-    char *auditFileName = NULL;
-    char *interface = NULL;
+    char *auditIface = NULL;
+    struct cmd_item *auditLogList = NULL;
    char *s2s_crypt_behavior = NULL;

 #ifdef	AFS_AIX32_ENV
@ -280,7 +280,6 @@ main(int argc, char **argv)
    sigaction(SIGSEGV, &nsa, NULL);
 #endif
    osi_audit_init();
-    osi_audit(PTS_StartEvent, 0, AUD_END);

    /* Initialize dirpaths */
    if (!(initAFSDirPath() & AFSDIR_SERVER_PATHS_OK)) {
@ -332,10 +331,10 @@ main(int argc, char **argv)
 			CMD_FLAG, CMD_OPTIONAL, "enable restricted anonymous mode");

    /* general server options */
-    cmd_AddParmAtOffset(opts, OPT_auditlog, "-auditlog", CMD_SINGLE,
-		 	CMD_OPTIONAL, "location of audit log");
+    cmd_AddParmAtOffset(opts, OPT_auditlog, "-auditlog", CMD_LIST,
+			CMD_OPTIONAL, "[interface:]path[:options]");
    cmd_AddParmAtOffset(opts, OPT_auditiface, "-audit-interface", CMD_SINGLE,
-		        CMD_OPTIONAL, "interface to use for audit logging");
+			CMD_OPTIONAL, "default interface");
    cmd_AddParmAtOffset(opts, OPT_config, "-config", CMD_SINGLE,
 		        CMD_OPTIONAL, "configuration location");
    cmd_AddParmAtOffset(opts, OPT_debug, "-d", CMD_SINGLE,
@ -400,15 +399,9 @@ main(int argc, char **argv)
    cmd_OptionAsFlag(opts, OPT_restrict_anonymous, &restrict_anonymous);

    /* general server options */
-    cmd_OptionAsString(opts, OPT_auditlog, &auditFileName);

-    if (cmd_OptionAsString(opts, OPT_auditiface, &interface) == 0) {
-	if (osi_audit_interface(interface)) {
-	    printf("Invalid audit interface '%s'\n", interface);
-	    PT_EXIT(1);
-	}
-	free(interface);
-    }
+    cmd_OptionAsString(opts, OPT_auditiface, &auditIface);
+    cmd_OptionAsList(opts, OPT_auditlog, &auditLogList);

    cmd_OptionAsString(opts, OPT_database, &pr_dbaseName);

@ -481,12 +474,15 @@ main(int argc, char **argv)
 	s2s_crypt_behavior = NULL;
    }

+    code = osi_audit_cmd_Options(auditIface, auditLogList);
+    free(auditIface);
+    if (code)
+	PT_EXIT(1);
+
    cmd_FreeOptions(&opts);

-    if (auditFileName) {
-	osi_audit_file(auditFileName);
-	osi_audit(PTS_StartEvent, 0, AUD_END);
-    }
+    osi_audit_open();
+    osi_audit(PTS_StartEvent, 0, AUD_END);

    OpenLog(&logopts);
 #ifdef AFS_PTHREAD_ENV
@ -652,5 +648,6 @@ main(int argc, char **argv)

    rx_StartServer(1);
    osi_audit(PTS_FinishEvent, -1, AUD_END);
+    osi_audit_close();
    exit(0);
 }
--- a/src/viced/viced.c
+++ b/src/viced/viced.c
@ -735,6 +735,8 @@ ShutDownAndCore(int dopanic)
    if (!dopanic)
 	PrintCounters();

+    /* allow audit interfaces to shutdown */
+    osi_audit_close();
    /* shut down volume package */
    VShutdown();

@ -958,7 +960,8 @@ ParseArgs(int argc, char *argv[])
    struct cmd_syndesc *opts;

    int lwps_max;
-    char *auditFileName = NULL;
+    char *auditIface = NULL;
+    struct cmd_item *auditLogList = NULL;
    char *sync_behavior = NULL;

 #if defined(AFS_AIX32_ENV)
@ -1078,10 +1081,10 @@ ParseArgs(int argc, char *argv[])
 			"disable callback breaks on reattach");

    /* general options */
-    cmd_AddParmAtOffset(opts, OPT_auditlog, "-auditlog", CMD_SINGLE,
-		    	CMD_OPTIONAL, "location of audit log");
+    cmd_AddParmAtOffset(opts, OPT_auditlog, "-auditlog", CMD_LIST,
+			CMD_OPTIONAL, "[interface:]path[:options]");
    cmd_AddParmAtOffset(opts, OPT_auditiface, "-audit-interface", CMD_SINGLE,
-			CMD_OPTIONAL, "interface to use for audit logging");
+			CMD_OPTIONAL, "default interface");
    cmd_AddParmAtOffset(opts, OPT_debug, "-d", CMD_SINGLE, CMD_OPTIONAL,
 			"debug level");
    cmd_AddParmAtOffset(opts, OPT_mrafslogs, "-mrafslogs", CMD_FLAG,
@ -1315,16 +1318,8 @@ ParseArgs(int argc, char *argv[])
    cmd_OptionAsFlag(opts, OPT_novbc, &novbc);

    /* general server options */
-    cmd_OptionAsString(opts, OPT_auditlog, &auditFileName);
-
-    if (cmd_OptionAsString(opts, OPT_auditiface, &optstring) == 0) {
-	if (osi_audit_interface(optstring)) {
-	    printf("Invalid audit interface '%s'\n", optstring);
-	    return -1;
-	}
-	free(optstring);
-	optstring = NULL;
-    }
+    cmd_OptionAsString(opts, OPT_auditiface, &auditIface);
+    cmd_OptionAsList(opts, OPT_auditlog, &auditLogList);

    if (cmd_OptionAsInt(opts, OPT_threads, &lwps) == 0) {
 	lwps_max = max_fileserver_thread() - FILESERVER_HELPER_THREADS;
@ -1433,9 +1428,10 @@ ParseArgs(int argc, char *argv[])

    cmd_OptionAsString(opts, OPT_config, &FS_configPath);

-
-    if (auditFileName)
-	osi_audit_file(auditFileName);
+    code = osi_audit_cmd_Options(auditIface, auditLogList);
+    free(auditIface);
+    if (code)
+	return -1;

    if (lwps > 64) {
 	host_thread_quota = 5;
@ -1917,6 +1913,9 @@ main(int argc, char *argv[])
    opr_softsig_Register(SIGTERM, CheckDescriptors_Signal);
 #endif

+    /* finish audit interface initalization */
+    osi_audit_open();
+
 #if defined(AFS_SGI_ENV)
    /* give this guy a non-degrading priority so help busy servers */
    schedctl(NDPRI, 0, NDPNORMMAX);
--- a/src/vlserver/vlserver.c
+++ b/src/vlserver/vlserver.c
@ -185,8 +185,8 @@ main(int argc, char **argv)
    char *vl_dbaseName;
    char *configDir;

-    char *auditFileName = NULL;
-    char *interface = NULL;
+    struct cmd_item *auditLogList = NULL;
+    char *auditIface = NULL;
    char *optstring = NULL;
    char *s2s_crypt_behavior = NULL;

@ -236,10 +236,10 @@ main(int argc, char **argv)
 		        CMD_OPTIONAL, "optimise for small memory systems");

    /* general server options */
-    cmd_AddParmAtOffset(opts, OPT_auditlog, "-auditlog", CMD_SINGLE,
-		        CMD_OPTIONAL, "location of audit log");
+    cmd_AddParmAtOffset(opts, OPT_auditlog, "-auditlog", CMD_LIST,
+			CMD_OPTIONAL, "[interface:]path[:options]");
    cmd_AddParmAtOffset(opts, OPT_auditiface, "-audit-interface", CMD_SINGLE,
-		        CMD_OPTIONAL, "interface to use for audit logging");
+			CMD_OPTIONAL, "default interface");
    cmd_AddParmAtOffset(opts, OPT_config, "-config", CMD_SINGLE,
 		        CMD_OPTIONAL, "configuration location");
    cmd_AddParmAtOffset(opts, OPT_debug, "-d", CMD_SINGLE,
@ -311,15 +311,8 @@ main(int argc, char **argv)

    /* general server options */

-    cmd_OptionAsString(opts, OPT_auditlog, &auditFileName);
-
-    if (cmd_OptionAsString(opts, OPT_auditiface, &interface) == 0) {
-	if (osi_audit_interface(interface)) {
-	    printf("Invalid audit interface '%s'\n", interface);
-	    return -1;
-	}
-	free(interface);
-    }
+    cmd_OptionAsString(opts, OPT_auditiface, &auditIface);
+    cmd_OptionAsList(opts, OPT_auditlog, &auditLogList);

    cmd_OptionAsString(opts, OPT_database, &vl_dbaseName);

@ -408,9 +401,10 @@ main(int argc, char **argv)
 	s2s_crypt_behavior = NULL;
    }

-    if (auditFileName) {
-	osi_audit_file(auditFileName);
-    }
+    code = osi_audit_cmd_Options(auditIface, auditLogList);
+    free(auditIface);
+    if (code)
+	return -1;

    OpenLog(&logopts);
 #ifdef AFS_PTHREAD_ENV
@ -420,6 +414,8 @@ main(int argc, char **argv)
    SetupLogSignals();
 #endif

+    osi_audit_open();
+
    tdir = afsconf_Open(configDir);
    if (!tdir) {
 	VLog(0,
--- a/src/volser/volmain.c
+++ b/src/volser/volmain.c
@ -78,7 +78,8 @@ int rxkadDisableDotCheck = 0;
 int DoPreserveVolumeStats = 1;
 int rxJumbograms = 0;	/* default is to not send and receive jumbograms. */
 int rxMaxMTU = -1;
-char *auditFileName = NULL;
+static char *auditIface = NULL;
+static struct cmd_item *auditLogList = NULL;
 static struct logOptions logopts;
 char *configDir = NULL;

@ -259,7 +260,6 @@ static int
 ParseArgs(int argc, char **argv) {
    int code;
    int optval;
-    char *optstring = NULL;
    struct cmd_syndesc *opts;
    char *sleepSpec = NULL;
    char *sync_behavior = NULL;
@ -277,10 +277,10 @@ ParseArgs(int argc, char **argv) {
 	   "debug level");
    cmd_AddParmAtOffset(opts, OPT_threads, "-p", CMD_SINGLE, CMD_OPTIONAL,
 	   "number of threads");
-    cmd_AddParmAtOffset(opts, OPT_auditlog, "-auditlog", CMD_SINGLE,
-	   CMD_OPTIONAL, "location of audit log");
+    cmd_AddParmAtOffset(opts, OPT_auditlog, "-auditlog", CMD_LIST,
+	   CMD_OPTIONAL, "[interface:]path[:options]");
    cmd_AddParmAtOffset(opts, OPT_audit_interface, "-audit-interface",
-	   CMD_SINGLE, CMD_OPTIONAL, "interface to use for audit logging");
+	   CMD_SINGLE, CMD_OPTIONAL, "default interface");
    cmd_AddParmAtOffset(opts, OPT_nojumbo, "-nojumbo", CMD_FLAG, CMD_OPTIONAL,
 	    "disable jumbograms");
    cmd_AddParmAtOffset(opts, OPT_jumbo, "-jumbo", CMD_FLAG, CMD_OPTIONAL,
@ -376,16 +376,10 @@ ParseArgs(int argc, char **argv) {
 	} else
 	    udpBufSize = optval;
    }
-    cmd_OptionAsString(opts, OPT_auditlog, &auditFileName);

-    if (cmd_OptionAsString(opts, OPT_audit_interface, &optstring) == 0) {
-	if (osi_audit_interface(optstring)) {
-	    printf("Invalid audit interface '%s'\n", optstring);
-	    return -1;
-	}
-	free(optstring);
-	optstring = NULL;
-    }
+    cmd_OptionAsString(opts, OPT_audit_interface, &auditIface);
+    cmd_OptionAsList(opts, OPT_auditlog, &auditLogList);
+
    if (cmd_OptionAsInt(opts, OPT_threads, &lwps) == 0) {
 	if (lwps > MAXLWP) {
 	    printf("Warning: '-p %d' is too big; using %d instead\n", lwps, MAXLWP);
@ -478,13 +472,15 @@ main(int argc, char **argv)
 	exit(1);
    }

-    if (auditFileName) {
-	if (osi_audit_file(auditFileName)) {
-	    fprintf(stderr, "error from opening auditlog %s\n", auditFileName);
-	    exit(1);
-	}
-    }
+    code = osi_audit_cmd_Options(auditIface, auditLogList);
+    free(auditIface);
+    auditIface = NULL;
+    if (code)
+	return -1;
+
+    osi_audit_open();
    osi_audit(VS_StartEvent, 0, AUD_END);
+
 #ifdef AFS_SGI_VNODE_GLUE
    if (afs_init_kernel_config(-1) < 0) {
 	printf
@ -654,6 +650,7 @@ main(int argc, char **argv)
    rx_StartServer(1);		/* Donate this process to the server process pool */

    osi_audit(VS_FinishEvent, (-1), AUD_END);
+    osi_audit_close();
    Abort("StartServer returned?");
    AFS_UNREACHED(return 0);
 }