From owner-freebsd-current@FreeBSD.ORG Sat Aug 26 08:25:04 2006 Return-Path: X-Original-To: freebsd-current@FreeBSD.org Delivered-To: freebsd-current@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 790A116A4DA; Sat, 26 Aug 2006 08:25:04 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from cyrus.watson.org (cyrus.watson.org [209.31.154.42]) by mx1.FreeBSD.org (Postfix) with ESMTP id B5E3F43D45; Sat, 26 Aug 2006 08:25:03 +0000 (GMT) (envelope-from rwatson@FreeBSD.org) Received: from fledge.watson.org (fledge.watson.org [209.31.154.41]) by cyrus.watson.org (Postfix) with ESMTP id 3C83846D3E; Sat, 26 Aug 2006 04:25:03 -0400 (EDT) Date: Sat, 26 Aug 2006 09:25:03 +0100 (BST) From: Robert Watson X-X-Sender: robert@fledge.watson.org To: freebsd-current@FreeBSD.org Message-ID: <20060826092027.C54235@fledge.watson.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: trustedbsd-audit@TrustedBSD.org Subject: HEADS UP: TrustedBSD OpenBSM 1.0 alpha 9 imported X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 26 Aug 2006 08:25:04 -0000 I've imported the most recent release of OpenBSM, which includes a renumbering of audit events and a chance in the BSM version. Old audit trail files will be readable by the new implementation, but older /etc/security/audit_event files are not able to translate the new event numbers to strings (etc). Make sure to run mergemaster if using audit. These changes are to avoid potential future event number conflicts with Solaris, and to assign our implementation a unique version number so it can be distinguished from existing Solaris and Darwin versions. OpenBSM is now about at the point where it's ready for import into the RELENG_6 tree, which I hope to do in the next couple of days in preparation for inclusion in FreeBSD 6.2. (Post import builds are now running locally to confirm it all committed properly.) Robert N M Watson Computer Laboratory University of Cambridge ---------- Forwarded message ---------- Date: Sat, 26 Aug 2006 08:04:17 +0000 (UTC) From: Robert Watson To: src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src/contrib/openbsm - Imported sources rwatson 2006-08-26 08:04:17 UTC FreeBSD src repository src/contrib/openbsm - Imported sources Update of /home/ncvs/src/contrib/openbsm In directory repoman.freebsd.org:/tmp/cvs-serv19917 Log Message: Vendor import of OpenBSM 1.0 alpha 9, with the following change history notes since the last import: OpenBSM 1.0 alpha 9 - Rename many OpenBSM-specific constants and API elements containing the strings "BSM" and "bsm" to "AUDIT" and "audit", observing that this is true for almost all existing constants and APIs. - Instead of passing a per-instance cookie directly into all audit filter APIs, pass in the audit filter daemon state pointer, which is then used by the module using an audit_filter_{get,set}cookie() API. This will allow future service APIs provided by the filter daemon to maintain their own state -- for example, per-module preselection state. OpenBSM 1.0 alpha 8 - Correct typo in definition of AUR_INT. - Adopt OpenSolaris constant values for AUDIT_* configuration flags. - Arguments to au_to_exec_args() and au_to_exec_env() no longer const. - Add kernel versions of au_to_exec_args() and au_to_exec_env(). - Fix exec argument type that is printed for env strings from 'arg' to 'env'. - New OpenBSM token version number assigned, constants added for other commonly seen version numbers. - OpenBSM-specific events assigned numbers in the 43xxx range to avoid future collisions with Solaris. Darwin events renamed to AUE_DARWIN_foo, as they are now deprecated numberings. - autoconf now detects clock_gettime(), which is not available on Darwin. - praudit output fixes relating to arg32 and arg64 tokens. - Maximum record size updated to 64k-1 to match Solaris record size limit. - Various style and comment cleanups in include files. This is an MFC candidate to RELENG_6. Obtained from: TrustedBSD Project Status: Vendor Tag: TrustedBSD Release Tags: OPENBSM_1_0_ALPHA_9 U src/contrib/openbsm/HISTORY U src/contrib/openbsm/LICENSE U src/contrib/openbsm/Makefile.am U src/contrib/openbsm/Makefile.in U src/contrib/openbsm/README U src/contrib/openbsm/TODO U src/contrib/openbsm/VERSION U src/contrib/openbsm/aclocal.m4 U src/contrib/openbsm/autogen.sh U src/contrib/openbsm/configure U src/contrib/openbsm/configure.ac U src/contrib/openbsm/bin/Makefile.am U src/contrib/openbsm/bin/Makefile.in U src/contrib/openbsm/bin/audit/Makefile.am U src/contrib/openbsm/bin/audit/Makefile.in U src/contrib/openbsm/bin/audit/audit.8 U src/contrib/openbsm/bin/audit/audit.c U src/contrib/openbsm/bin/auditd/Makefile.am U src/contrib/openbsm/bin/auditd/Makefile.in U src/contrib/openbsm/bin/auditd/audit_warn.c U src/contrib/openbsm/bin/auditd/auditd.8 U src/contrib/openbsm/bin/auditd/auditd.c U src/contrib/openbsm/bin/auditd/auditd.h U src/contrib/openbsm/bin/auditfilterd/Makefile.am U src/contrib/openbsm/bin/auditfilterd/Makefile.in U src/contrib/openbsm/bin/auditfilterd/auditfilterd.8 U src/contrib/openbsm/bin/auditfilterd/auditfilterd.c U src/contrib/openbsm/bin/auditfilterd/auditfilterd.h U src/contrib/openbsm/bin/auditfilterd/auditfilterd_conf.c U src/contrib/openbsm/bin/auditreduce/Makefile.am U src/contrib/openbsm/bin/auditreduce/Makefile.in U src/contrib/openbsm/bin/auditreduce/auditreduce.1 U src/contrib/openbsm/bin/auditreduce/auditreduce.c U src/contrib/openbsm/bin/auditreduce/auditreduce.h U src/contrib/openbsm/bin/praudit/Makefile.am U src/contrib/openbsm/bin/praudit/Makefile.in U src/contrib/openbsm/bin/praudit/praudit.1 U src/contrib/openbsm/bin/praudit/praudit.c U src/contrib/openbsm/bsm/Makefile.am U src/contrib/openbsm/bsm/Makefile.in U src/contrib/openbsm/bsm/audit.h U src/contrib/openbsm/bsm/audit_filter.h U src/contrib/openbsm/bsm/audit_internal.h U src/contrib/openbsm/bsm/audit_kevents.h U src/contrib/openbsm/bsm/audit_record.h U src/contrib/openbsm/bsm/audit_uevents.h U src/contrib/openbsm/bsm/libbsm.h U src/contrib/openbsm/compat/endian.h U src/contrib/openbsm/compat/queue.h U src/contrib/openbsm/config/config.guess U src/contrib/openbsm/config/config.h.in U src/contrib/openbsm/config/config.sub U src/contrib/openbsm/config/depcomp U src/contrib/openbsm/config/install-sh U src/contrib/openbsm/config/ltmain.sh U src/contrib/openbsm/config/missing U src/contrib/openbsm/etc/audit_class U src/contrib/openbsm/etc/audit_control C src/contrib/openbsm/etc/audit_event U src/contrib/openbsm/etc/audit_filter U src/contrib/openbsm/etc/audit_user U src/contrib/openbsm/etc/audit_warn U src/contrib/openbsm/libbsm/Makefile.am U src/contrib/openbsm/libbsm/Makefile.in U src/contrib/openbsm/libbsm/au_class.3 U src/contrib/openbsm/libbsm/au_control.3 U src/contrib/openbsm/libbsm/au_event.3 U src/contrib/openbsm/libbsm/au_free_token.3 U src/contrib/openbsm/libbsm/au_io.3 U src/contrib/openbsm/libbsm/au_mask.3 U src/contrib/openbsm/libbsm/au_open.3 U src/contrib/openbsm/libbsm/au_token.3 U src/contrib/openbsm/libbsm/au_user.3 U src/contrib/openbsm/libbsm/audit_submit.3 U src/contrib/openbsm/libbsm/bsm_audit.c U src/contrib/openbsm/libbsm/bsm_class.c U src/contrib/openbsm/libbsm/bsm_control.c U src/contrib/openbsm/libbsm/bsm_event.c U src/contrib/openbsm/libbsm/bsm_flags.c U src/contrib/openbsm/libbsm/bsm_io.c U src/contrib/openbsm/libbsm/bsm_mask.c U src/contrib/openbsm/libbsm/bsm_notify.c U src/contrib/openbsm/libbsm/bsm_token.c U src/contrib/openbsm/libbsm/bsm_user.c U src/contrib/openbsm/libbsm/libbsm.3 U src/contrib/openbsm/libbsm/bsm_wrappers.c U src/contrib/openbsm/man/Makefile.am U src/contrib/openbsm/man/Makefile.in U src/contrib/openbsm/man/audit.2 U src/contrib/openbsm/man/audit.log.5 U src/contrib/openbsm/man/audit_class.5 U src/contrib/openbsm/man/audit_control.5 U src/contrib/openbsm/man/audit_event.5 U src/contrib/openbsm/man/audit_user.5 U src/contrib/openbsm/man/audit_warn.5 U src/contrib/openbsm/man/auditctl.2 U src/contrib/openbsm/man/auditon.2 U src/contrib/openbsm/man/getaudit.2 U src/contrib/openbsm/man/getauid.2 U src/contrib/openbsm/man/setaudit.2 U src/contrib/openbsm/man/setauid.2 U src/contrib/openbsm/modules/Makefile.am U src/contrib/openbsm/modules/Makefile.in U src/contrib/openbsm/modules/auditfilter_noop/Makefile.am U src/contrib/openbsm/modules/auditfilter_noop/Makefile.in U src/contrib/openbsm/modules/auditfilter_noop/auditfilter_noop.c U src/contrib/openbsm/test/Makefile.am U src/contrib/openbsm/test/Makefile.in U src/contrib/openbsm/test/bsm/Makefile.am U src/contrib/openbsm/test/bsm/Makefile.in U src/contrib/openbsm/test/bsm/generate.c U src/contrib/openbsm/tools/Makefile.am U src/contrib/openbsm/tools/Makefile.in U src/contrib/openbsm/tools/audump.c 1 conflicts created by this import. Use the following command to help the merge: cvs checkout -jTrustedBSD:yesterday -jTrustedBSD src/contrib/openbsm