From owner-cvs-src-old@FreeBSD.ORG Tue Nov 11 21:58:26 2008 Return-Path: Delivered-To: cvs-src-old@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7EA041065670 for ; Tue, 11 Nov 2008 21:58:26 +0000 (UTC) (envelope-from csjp@FreeBSD.org) Received: from repoman.freebsd.org (repoman.freebsd.org [IPv6:2001:4f8:fff6::29]) by mx1.freebsd.org (Postfix) with ESMTP id 6184D8FC14 for ; Tue, 11 Nov 2008 21:58:26 +0000 (UTC) (envelope-from csjp@FreeBSD.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.14.3/8.14.3) with ESMTP id mABLwQ9x075877 for ; Tue, 11 Nov 2008 21:58:26 GMT (envelope-from csjp@repoman.freebsd.org) Received: (from svn2cvs@localhost) by repoman.freebsd.org (8.14.3/8.14.3/Submit) id mABLwQ91075876 for cvs-src-old@freebsd.org; Tue, 11 Nov 2008 21:58:26 GMT (envelope-from csjp@repoman.freebsd.org) Message-Id: <200811112158.mABLwQ91075876@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: svn2cvs set sender to csjp@repoman.freebsd.org using -f From: "Christian S.J. Peron" Date: Tue, 11 Nov 2008 21:57:03 +0000 (UTC) To: cvs-src-old@freebsd.org X-FreeBSD-CVS-Branch: HEAD Subject: cvs commit: src/sys/bsm audit_internal.h audit_record.h src/sys/security/audit audit.c audit.h audit_bsm.c audit_bsm_token.c audit_private.h audit_syscalls.c X-BeenThere: cvs-src-old@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: **OBSOLETE** CVS commit messages for the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 11 Nov 2008 21:58:26 -0000 csjp 2008-11-11 21:57:03 UTC FreeBSD src repository Modified files: sys/bsm audit_internal.h audit_record.h sys/security/audit audit.c audit.h audit_bsm.c audit_bsm_token.c audit_private.h audit_syscalls.c Log: SVN rev 184856 on 2008-11-11 21:57:03Z by csjp Add support for extended header BSM tokens. Currently we use the regular header tokens. The extended header tokens contain an IP or IPv6 address which makes it possible to identify which host an audit record came from when audit records are centralized. If the host information has not been specified, the system will default to the old style headers. Otherwise, audit records that are created as a result of system calls will contain host information. This implemented has been designed to be consistent with the Solaris implementation. Host information is set/retrieved using the A_GETKAUDIT and A_SETKAUDIT auditon(2) commands. These commands require that a pointer to a auditinfo_addr_t object is passed. Currently only IP and IPv6 address families are supported. The users pace bits associated with this change will follow in an openbsm import. Reviewed by: rwatson, (sson, wsalamon (older version)) MFC after: 1 month Revision Changes Path 1.10 +2 -0 src/sys/bsm/audit_internal.h 1.12 +3 -0 src/sys/bsm/audit_record.h 1.46 +43 -0 src/sys/security/audit/audit.c 1.21 +2 -0 src/sys/security/audit/audit.h 1.37 +24 -3 src/sys/security/audit/audit_bsm.c 1.19 +45 -0 src/sys/security/audit/audit_bsm_token.c 1.23 +1 -0 src/sys/security/audit/audit_private.h 1.33 +5 -2 src/sys/security/audit/audit_syscalls.c