From owner-p4-projects@FreeBSD.ORG Thu Apr 16 15:15:12 2009 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 81E2E106572E; Thu, 16 Apr 2009 15:15:11 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id F115810656CC for ; Thu, 16 Apr 2009 15:15:10 +0000 (UTC) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: from repoman.freebsd.org (repoman.freebsd.org [IPv6:2001:4f8:fff6::29]) by mx1.freebsd.org (Postfix) with ESMTP id D35868FC1A for ; Thu, 16 Apr 2009 15:15:10 +0000 (UTC) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.14.3/8.14.3) with ESMTP id n3GFFAU3021772 for ; Thu, 16 Apr 2009 15:15:10 GMT (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.14.3/8.14.3/Submit) id n3GFFANK021770 for perforce@freebsd.org; Thu, 16 Apr 2009 15:15:10 GMT (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Date: Thu, 16 Apr 2009 15:15:10 GMT Message-Id: <200904161515.n3GFFANK021770@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to bb+lists.freebsd.perforce@cyrus.watson.org using -f From: Robert Watson To: Perforce Change Reviews Cc: Subject: PERFORCE change 160703 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 Apr 2009 15:15:16 -0000 http://perforce.freebsd.org/chv.cgi?CH=160703 Change 160703 by rwatson@rwatson_fledge on 2009/04/16 15:15:01 OpenBSM 1.1 tarball, OpenBSM web page update, and news announcement. Affected files ... .. //depot/projects/trustedbsd/www/downloads/openbsm-1.1.tgz#1 add .. //depot/projects/trustedbsd/www/news.page#22 edit .. //depot/projects/trustedbsd/www/openbsm.page#37 edit Differences ... ==== //depot/projects/trustedbsd/www/news.page#22 (text+ko) ==== @@ -37,7 +37,7 @@ - $P4: //depot/projects/trustedbsd/www/news.page#21 $ + $P4: //depot/projects/trustedbsd/www/news.page#22 $ @@ -50,6 +50,15 @@
+
April 16, 2009 OpenBSM 1.1 released
+

OpenBSM 1.1 has been released; this is a production release of + OpenBSM, and improves OpenBSM through the addition of Mac OS X + Snow Leopard and launchd(8) support, audit trail file expiration + based on age and size, extended header support including IPv6 + address support, and improvements to the OpenBSM file format. See + the OpenBSM web page for more + information.

+
February 24, 2009 OpenBSM 1.1 beta 1 released

OpenBSM 1.1 beta 1 has been released; this is a test release ==== //depot/projects/trustedbsd/www/openbsm.page#37 (text+ko) ==== @@ -30,7 +30,7 @@ - $P4: //depot/projects/trustedbsd/www/openbsm.page#36 $ + $P4: //depot/projects/trustedbsd/www/openbsm.page#37 $ @@ -125,7 +125,7 @@ snapshot and release tarballs, vendor integrated source code (such as the FreeBSD source tree), cvsup, and the TrustedBSD Perforce repository. - The current release is OpenBSM 1.0, released on 28 October 2007. + The current release is OpenBSM 1.1, released on 16 April 2009. Please see the file README present in the OpenBSM distribution for build and installation instructions.

@@ -138,6 +138,46 @@ Description + 1.1 + openbsm-1.1.tgz + 560K + 2009-04-16 + +

OpenBSM 1.1 is the second production release of the OpenBSM + code base. Major changes since OpenBSM 1.0 include:

+ +
    +
  • Trail files now include the host where the trail is + generated. Crash recovery has been improved. Trail + expiration based on size and date is now supported; by + default trail files will be expired after 10MB of trails. + The default individual trail limit is now 2MB.
    • + +
  • Mac OS X Snow Leopard is now a fully supported platform; + launchd(8) can now be used to launchd auditd(8). Command + line tools and libraries are now supported on Mac OS X + Leopard.
    • + +
  • Extended header tokens are now supported, allowing audit + trails to be tagged with a host identifier. IPv6 addresses + are now supported in subject tokens.
    • + +
  • BSM token and record types have been further synchronized + to OpenSolaris; support for many new system calls has been + added. Local errors and socket types are mapped to and from + BSM values.
    • +
+ +

Since the last test release, OpenBSM 1.1 beta 1, 32/64-bit + compatibility has been fixed for the auditon(2) system call. + A default "expire-after" of 10MB is now set in + audit_control(5). Local fcntl(2) arguments are now mapped to + wire BSM versions using new APIs. The audit_submit(3) man + page has been fixed. A new audit event class has been added + for post-login authentication and access control events.

+ + + 1.0 openbsm-1.0.tgz 496K @@ -177,21 +217,9 @@ Date Description - - 1.1 beta 1 - openbsm-1.1-beta1.tgz - 544K - 2009-02-24 - -

In this revision, OpenBSM's auditd(8) grows support for audit - trail expiration based on age and trail size, various defaults - in audit_control(5) are modernized (such as smaller percent - free default, and enabling execve(2)argument auditing by - default), socket types and domains are converted to BSM format - when written out, and bugs are fixed in IPC permission token - encoding.

- - + + There have been no new development snapshots + since OpenBSM 1.1. @@ -214,6 +242,21 @@ Description + 1.1 beta 1 + openbsm-1.1-beta1.tgz + 544K + 2009-02-24 + +

In this revision, OpenBSM's auditd(8) grows support for audit + trail expiration based on age and trail size, various defaults + in audit_control(5) are modernized (such as smaller percent + free default, and enabling execve(2)argument auditing by + default), socket types and domains are converted to BSM format + when written out, and bugs are fixed in IPC permission token + encoding.

+ + + 1.1 alpha 5 openbsm-1.1-alpha5.tgz 544K