Date: Tue, 3 Oct 2006 15:12:09 GMT From: Ruslan Ermilov <ru@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 107186 for review Message-ID: <200610031512.k93FC9NE027707@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=107186 Change 107186 by ru@ru_edoofus on 2006/10/03 15:12:02 Fix markup. Affected files ... .. //depot/projects/trustedbsd/openbsm/man/audit.2#8 edit .. //depot/projects/trustedbsd/openbsm/man/auditctl.2#7 edit .. //depot/projects/trustedbsd/openbsm/man/auditon.2#11 edit .. //depot/projects/trustedbsd/openbsm/man/getaudit.2#7 edit .. //depot/projects/trustedbsd/openbsm/man/getauid.2#7 edit .. //depot/projects/trustedbsd/openbsm/man/setaudit.2#7 edit .. //depot/projects/trustedbsd/openbsm/man/setauid.2#7 edit Differences ... ==== //depot/projects/trustedbsd/openbsm/man/audit.2#8 (text+ko) ==== @@ -24,25 +24,29 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/trustedbsd/openbsm/man/audit.2#7 $ +.\" $P4: //depot/projects/trustedbsd/openbsm/man/audit.2#8 $ .\" .Dd April 19, 2005 .Dt AUDIT 2 .Os .Sh NAME .Nm audit -.Nd "Commit a BSM audit record to the audit log" +.Nd "commit BSM audit record to audit log" .Sh SYNOPSIS .In bsm/audit.h .Ft int .Fn audit "const char *record" "u_int length" .Sh DESCRIPTION +The .Fn audit +system call submits a completed BSM audit record to the system audit log. .Pp +The .Fa record -is a pointer to the the specific event to be recorded and -.Vt length +argument +is a pointer to the specific event to be recorded and +.Fa length is the size in bytes of the data to be written. .Sh RETURN VALUES .Rv -std @@ -57,9 +61,9 @@ argument is beyond the allocated address space of the process. .It Bq Er EINVAL The token ID is invalid or -.Vt length +.Va length is larger than -.Vt MAXAUDITDATA . +.Dv MAXAUDITDATA . .It Bq Er EPERM The process does not have sufficient permission to complete the operation. @@ -79,9 +83,13 @@ It was subsequently adopted by the TrustedBSD Project as the foundation for the OpenBSM distribution. .Sh AUTHORS +.An -nosplit This software was created by McAfee Research, the security research division of McAfee, Inc., under contract to Apple Computer Inc. -Additional authors include Wayne Salamon, Robert Watson, and SPARTA Inc. +Additional authors include +.An Wayne Salamon , +.An Robert Watson , +and SPARTA Inc. .Pp The Basic Security Module (BSM) interface to audit records and audit event stream format were defined by Sun Microsystems. ==== //depot/projects/trustedbsd/openbsm/man/auditctl.2#7 (text+ko) ==== @@ -23,14 +23,14 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/trustedbsd/openbsm/man/auditctl.2#6 $ +.\" $P4: //depot/projects/trustedbsd/openbsm/man/auditctl.2#7 $ .\" .Dd April 19, 2005 .Dt AUDITCTL 2 .Os .Sh NAME .Nm auditctl -.Nd "Configure system audit parameters" +.Nd "configure system audit parameters" .Sh SYNOPSIS .In bsm/audit.h .Ft int @@ -39,26 +39,23 @@ The .Fn auditctl system call directs the kernel to open a new audit trail log file. -.Fn auditctl -requires appropriate privilege. +It requires an appropriate privilege. In the .Fx implementation, .Fn auditctl opens new files, but -.Fn auditon +.Xr auditon 2 is used to disable the audit log. In the Mac OS X implementation, passing -.Va NULL +.Dv NULL to .Fn auditctl will disable the audit log. .Sh RETURN VALUES -.Nm -returns 0 on success, or returns -1 on failure, providing additional error -information via -.Va errno . +.Rv -std .Sh SEE ALSO +.Xr auditon 2 , .Xr libbsm 3 , .Xr auditd 8 .Sh HISTORY @@ -67,9 +64,13 @@ It was subsequently adopted by the TrustedBSD Project as the foundation for the OpenBSM distribution. .Sh AUTHORS +.An -nosplit This software was created by McAfee Research, the security research division of McAfee, Inc., under contract to Apple Computer Inc. -Additional authors include Wayne Salamon, Robert Watson, and SPARTA Inc. +Additional authors include +.An Wayne Salamon , +.An Robert Watson , +and SPARTA Inc. .Pp The Basic Security Module (BSM) interface to audit records and audit event stream format were defined by Sun Microsystems. ==== //depot/projects/trustedbsd/openbsm/man/auditon.2#11 (text+ko) ==== @@ -25,37 +25,47 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/trustedbsd/openbsm/man/auditon.2#10 $ +.\" $P4: //depot/projects/trustedbsd/openbsm/man/auditon.2#11 $ .\" .Dd April 19, 2005 .Dt AUDITON 2 .Os .Sh NAME .Nm auditon -.Nd "Configure system audit parameters" +.Nd "configure system audit parameters" .Sh SYNOPSIS .In bsm/audit.h .Ft int .Fn auditon "int cmd" "void *data" "u_int length" .Sh DESCRIPTION The -.Nm +.Fn auditon system call is used to manipulate various audit control operations. -.Ft *data +The +.Fa data +argument should point to a structure whose type depends on the command. -.Ft length -specifies the size of the -.Em data +The +.Fa length +argument +specifies the size of +.Fa *data in bytes. -.Ft cmd +The +.Fa cmd +argument may be any of the following: .Bl -tag -width ".It Dv A_GETPINFO_ADDR" .It Dv A_SETPOLICY Set audit policy flags. -.Ft *data -must point to a long value set to one of the audit +The +.Fa data +argument +must point to a +.Vt long +value set to one of the audit policy control values defined in -.Pa audit.h . +.In bsm/audit.h . Currently, only .Dv AUDIT_CNT and @@ -76,24 +86,28 @@ .Er ENOSYS . .It Dv A_SETKMASK Set the kernel preselection masks (success and failure). -.Ft *data +The +.Fa data +argument must point to a -.Ft au_mask_t +.Vt au_mask_t structure containing the mask values. These masks are used for non-attributable audit event preselection. .It Dv A_SETQCTRL Set kernel audit queue parameters. -.Ft *data +The +.Fa data +argument must point to a -.Ft au_qctrl_t +.Vt au_qctrl_t structure containing the kernel audit queue control settings: -.Va high water , -.Va low water , -.Va output buffer size , -.Va percent min free disk space , +.Dq "high water" , +.Dq "low water" , +.Dq "output buffer size" , +.Dq "percent min free disk space" , and -.Em delay +.Dq delay (not currently used). .It Dv A_SETSTAT Return @@ -106,8 +120,12 @@ .Er ENOSYS . .It Dv A_SETCOND Set the current auditing condition. -.Ft *data -must point to a long value containing the new +The +.Fa data +argument +must point to a +.Vt long +value containing the new audit condition, one of .Dv AUC_AUDITING , .Dv AUC_NOAUDIT , @@ -115,24 +133,30 @@ .Dv AUC_DISABLED . .It Dv A_SETCLASS Set the event class preselection mask for an audit event. -.Ft *data +The +.Fa data +argument must point to a -.Ft au_evclass_map_t +.Vt au_evclass_map_t structure containing the audit event and mask. .It Dv A_SETPMASK Set the preselection masks for a process. -.Ft *data +The +.Fa data +argument must point to a -.Ft auditpinfo_t +.Vt auditpinfo_t structure that contains the given process's audit preselection masks for both success and failure. .It Dv A_SETFSIZE Set the maximum size of the audit log file. -.Ft *data +The +.Fa data +argument must point to a -.Ft au_fstat_t +.Vt au_fstat_t structure with the -.Ft af_filesz +.Va af_filesz field set to the maximum audit log file size. A value of 0 indicates no limit to the size. @@ -141,18 +165,22 @@ .Er ENOSYS . .It Dv A_GETCLASS Return the event to class mapping for the designated audit event. -.Ft *data +The +.Fa data +argument must point to a -.Ft au_evclass_map_t +.Vt au_evclass_map_t structure. .It Dv A_GETKAUDIT Return .Er ENOSYS . .It Dv A_GETPINFO Return the audit settings for a process. -.Ft *data +The +.Fa data +argument must point to a -.Ft auditpinfo_t +.Vt auditpinfo_t structure which will be set to contain the audit ID, preselection mask, terminal ID, and audit session ID of the given process. @@ -161,15 +189,21 @@ .Er ENOSYS . .It Dv A_GETKMASK Return the current kernel preselection masks. -.Ft *data +The +.Fa data +argument must point to a -.Ft au_mask_t +.Vt au_mask_t structure which will be set to the current kernel preselection masks for non-attributable events. .It Dv A_GETPOLICY Return the current audit policy setting. -.Ft *data -must point to a long value which will be set to +The +.Fa data +argument +must point to a +.Vt long +value which will be set to one of the current audit policy flags. Currently, only .Dv AUDIT_CNT @@ -178,23 +212,28 @@ are implemented. .It Dv A_GETQCTRL Return the current kernel audit queue control parameters. -.Ft *data +The +.Fa data +argument must point to a -.Ft au_qctrl_t +.Vt au_qctrl_t structure which will be set to the current kernel audit queue control parameters. .It Dv A_GETFSIZE Returns the maximum size of the audit log file. -.Ft *data +The +.Fa data +argument must point to a -.Ft au_fstat_t +.Vt au_fstat_t structure. The -.Ft af_filesz +.Va af_filesz field will be set to the maximum audit log file size. A value of 0 indicates no limit to the size. The -.Ft af_currsz +.Va af_currsz +field will be set to the current audit log file size. .It Dv A_GETCWD .\" [COMMENTED OUT]: Valid description, not yet implemented. @@ -214,16 +253,24 @@ .Er ENOSYS . .It Dv A_GETCOND Return the current auditing condition. -.Ft *data -must point to a long value which will be set to +The +.Fa data +argument +must point to a +.Vt long +value which will be set to the current audit condition, either .Dv AUC_AUDITING or .Dv AUC_NOAUDIT . .It Dv A_SENDTRIGGER Send a trigger to the audit daemon. -.Fr *data -must point to a long value set to one of the acceptable +The +.Fa data +argument +must point to a +.Vt long +value set to one of the acceptable trigger values: .Dv AUDIT_TRIGGER_LOW_SPACE (low disk space where the audit log resides), @@ -279,9 +326,13 @@ It was subsequently adopted by the TrustedBSD Project as the foundation for the OpenBSM distribution. .Sh AUTHORS +.An -nosplit This software was created by McAfee Research, the security research division of McAfee, Inc., under contract to Apple Computer Inc. -Additional authors include Wayne Salamon, Robert Watson, and SPARTA Inc. +Additional authors include +.An Wayne Salamon , +.An Robert Watson , +and SPARTA Inc. .Pp The Basic Security Module (BSM) interface to audit records and audit event stream format were defined by Sun Microsystems. ==== //depot/projects/trustedbsd/openbsm/man/getaudit.2#7 (text+ko) ==== @@ -23,7 +23,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/trustedbsd/openbsm/man/getaudit.2#6 $ +.\" $P4: //depot/projects/trustedbsd/openbsm/man/getaudit.2#7 $ .\" .Dd April 19, 2005 .Dt GETAUDIT 2 @@ -31,7 +31,7 @@ .Sh NAME .Nm getaudit , .Nm getaudit_addr -.Nd "Retrieve audit session state" +.Nd "retrieve audit session state" .Sh SYNOPSIS .In bsm/audit.h .Ft int @@ -39,23 +39,24 @@ .Ft int .Fn getaudit_addr "auditinfo_addr_t *auditinfo_addr" "u_int length" .Sh DESCRIPTION +The .Fn getaudit +system call retrieves the active audit session state for the current process via the .Vt auditinfo_t pointed to by -.Va auditinfo . +.Fa auditinfo . +The .Fn getaudit_addr +system call retrieves extended state via -.Va auditinfo_addr +.Fa auditinfo_addr and -.Va length . +.Fa length . .Pp -This system call requires appropriate privilege to complete. +These system calls require an appropriate privilege to complete. .Sh RETURN VALUES -.Nm -returns 0 on success, or returns -1 on failure, providing additional error -information via -.Va errno . +.Rv -std getaudit getaudit_addr .Sh SEE ALSO .Xr audit 2 , .Xr auditon 2 , @@ -69,9 +70,13 @@ It was subsequently adopted by the TrustedBSD Project as the foundation for the OpenBSM distribution. .Sh AUTHORS +.An -nosplit This software was created by McAfee Research, the security research division of McAfee, Inc., under contract to Apple Computer Inc. -Additional authors include Wayne Salamon, Robert Watson, and SPARTA Inc. +Additional authors include +.An Wayne Salamon , +.An Robert Watson , +and SPARTA Inc. .Pp The Basic Security Module (BSM) interface to audit records and audit event stream format were defined by Sun Microsystems. ==== //depot/projects/trustedbsd/openbsm/man/getauid.2#7 (text+ko) ==== @@ -23,31 +23,30 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/trustedbsd/openbsm/man/getauid.2#6 $ +.\" $P4: //depot/projects/trustedbsd/openbsm/man/getauid.2#7 $ .\" .Dd April 19, 2005 .Dt GETAUID 2 .Os .Sh NAME .Nm getauid -.Nd "Retrieve audit session ID" +.Nd "retrieve audit session ID" .Sh SYNOPSIS .In bsm/audit.h .Ft int .Fn getauid "au_id_t *auid" .Sh DESCRIPTION -.Nm +The +.Fn getauid +system call retrieves the active audit session ID for the current process via the .Vt au_id_t pointed to by -.Va auid . +.Fa auid . .Pp -This system call requires appropriate privilege to complete. +This system call requires an appropriate privilege to complete. .Sh RETURN VALUES -.Nm -returns 0 on success, or returns -1 on failure, providing additional error -information via -.Va errno . +.Rv -std .Sh SEE ALSO .Xr audit 2 , .Xr auditon 2 , @@ -63,9 +62,13 @@ It was subsequently adopted by the TrustedBSD Project as the foundation for the OpenBSM distribution. .Sh AUTHORS +.An -nosplit This software was created by McAfee Research, the security research division of McAfee, Inc., under contract to Apple Computer Inc. -Additional authors include Wayne Salamon, Robert Watson, and SPARTA Inc. +Additional authors include +.An Wayne Salamon , +.An Robert Watson , +and SPARTA Inc. .Pp The Basic Security Module (BSM) interface to audit records and audit event stream format were defined by Sun Microsystems. ==== //depot/projects/trustedbsd/openbsm/man/setaudit.2#7 (text+ko) ==== @@ -23,7 +23,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/trustedbsd/openbsm/man/setaudit.2#6 $ +.\" $P4: //depot/projects/trustedbsd/openbsm/man/setaudit.2#7 $ .\" .Dd April 19, 2005 .Dt SETAUDIT 2 @@ -31,31 +31,32 @@ .Sh NAME .Nm setaudit , .Nm setaudit_addr -.Nd "Set audit session state" +.Nd "set audit session state" .Sh SYNOPSIS .In bsm/audit.h .Ft int .Fn setaudit "auditinfo_t *auditinfo" .Ft int -.Fn setaudit_addr "auditinfo_addr_t *auditinfo" "u_int length" +.Fn setaudit_addr "auditinfo_addr_t *auditinfo_addr" "u_int length" .Sh DESCRIPTION -.Nm +The +.Fn setaudit +system call sets the active audit session state for the current process via the .Vt auditinfo_t pointed to by -.Va auditinfo . +.Fa auditinfo . +The .Fn setaudit_addr +system call sets extended state via -.Va auditinfo_addr +.Fa auditinfo_addr and -.Va length . +.Fa length . .Pp -This system call requires appropriate privilege to complete. +These system calls require an appropriate privilege to complete. .Sh RETURN VALUES -.Nm -returns 0 on success, or returns -1 on failure, providing additional error -information via -.Va errno . +.Rv -std setaudit setaudit_addr .Sh SEE ALSO .Xr audit 2 , .Xr auditon 2 , @@ -69,9 +70,13 @@ It was subsequently adopted by the TrustedBSD Project as the foundation for the OpenBSM distribution. .Sh AUTHORS +.An -nosplit This software was created by McAfee Research, the security research division of McAfee, Inc., under contract to Apple Computer Inc. -Additional authors include Wayne Salamon, Robert Watson, and SPARTA Inc. +Additional authors include +.An Wayne Salamon , +.An Robert Watson , +and SPARTA Inc. .Pp The Basic Security Module (BSM) interface to audit records and audit event stream format were defined by Sun Microsystems. ==== //depot/projects/trustedbsd/openbsm/man/setauid.2#7 (text+ko) ==== @@ -23,31 +23,30 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/trustedbsd/openbsm/man/setauid.2#6 $ +.\" $P4: //depot/projects/trustedbsd/openbsm/man/setauid.2#7 $ .\" .Dd April 19, 2005 .Dt SETAUID 2 .Os .Sh NAME .Nm setauid -.Nd "Set audit session ID" +.Nd "set audit session ID" .Sh SYNOPSIS .In bsm/audit.h .Ft int .Fn setauid "au_id_t *auid" .Sh DESCRIPTION -.Nm +The +.Fn setauid +system call sets the active audit session ID for the current process from the .Vt au_id_t pointed to by -.Va auid . +.Fa auid . .Pp -This system call requires appropriate privilege to complete. +This system call requires an appropriate privilege to complete. .Sh RETURN VALUES -.Nm -returns 0 on success, or returns -1 on failure, providing additional error -information via -.Va errno . +.Rv -std .Sh SEE ALSO .Xr audit 2 , .Xr auditon 2 , @@ -63,9 +62,13 @@ It was subsequently adopted by the TrustedBSD Project as the foundation for the OpenBSM distribution. .Sh AUTHORS +.An -nosplit This software was created by McAfee Research, the security research division of McAfee, Inc., under contract to Apple Computer Inc. -Additional authors include Wayne Salamon, Robert Watson, and SPARTA Inc. +Additional authors include +.An Wayne Salamon , +.An Robert Watson , +and SPARTA Inc. .Pp The Basic Security Module (BSM) interface to audit records and audit event stream format were defined by Sun Microsystems.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200610031512.k93FC9NE027707>