From owner-trustedbsd-audit@FreeBSD.ORG Thu Feb 16 13:41:56 2006 Return-Path: X-Original-To: trustedbsd-audit@freebsd.org Delivered-To: trustedbsd-audit@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4626816A420 for ; Thu, 16 Feb 2006 13:41:56 +0000 (GMT) (envelope-from rwatson@FreeBSD.org) Received: from cyrus.watson.org (cyrus.watson.org [209.31.154.42]) by mx1.FreeBSD.org (Postfix) with ESMTP id E519043D46 for ; Thu, 16 Feb 2006 13:41:55 +0000 (GMT) (envelope-from rwatson@FreeBSD.org) Received: from fledge.watson.org (fledge.watson.org [209.31.154.41]) by cyrus.watson.org (Postfix) with ESMTP id 394F746B4D; Thu, 16 Feb 2006 08:41:41 -0500 (EST) Date: Thu, 16 Feb 2006 13:45:11 +0000 (GMT) From: Robert Watson X-X-Sender: robert@fledge.watson.org To: dingo In-Reply-To: <1139960201.4107.6.camel@pavilion.optimlabs.com> Message-ID: <20060216134229.P18732@fledge.watson.org> References: <1139960201.4107.6.camel@pavilion.optimlabs.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: trustedbsd-discuss@cyrus.watson.org, trustedbsd-audit@TrustedBSD.org Subject: Re: Migrating SeBSD to CUREENT - Are we alive ??? X-BeenThere: trustedbsd-audit@FreeBSD.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: TrustedBSD Audit Discussion List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 Feb 2006 13:41:56 -0000 On Wed, 15 Feb 2006, dingo wrote: > Sorry for the second post and cross post, but im hoping to get an answer. > Since Im waiting for an answer I hope this finds the right person, Ive been > holding up commits waiting for a reply to see if this is possible. while im > bringing SEBSD up to speed, can I integrate Audit3 into the branch, I > actually considered creating a new Branch SEBSD2 to move along migrations, > since SEBSD is dated, and capabilities work needs to be brought up to speed. > so can I propose to branch SEBSD2, create new branch Capabilities, Update > capabilities, and merge AUDIT3 into SEBSD2 ?? I have a diffed 6.0 that > applies, though SEBSD2 will be 7.0 based. The audit3 branch is now almost entirely merged to CVS, meaning that audit support in the base tree is now basically complete. There are a few areas where we're currently not auditing some system call arguments in CVS that are audited in audit3, but my hope is that that is resolved in a few days. The MAC branch has recently been integrated, but only very lightly tested post-integration. It should now have most of the audit bits, and I can push it forward a bit more. So the big open question is with regards to how to handle the SEBSD branch. As it stands, it's quite behind the MAC branch -- if integrated, it would gain the audit3 code, but probably require quite a lot of hacking to work through getting everything working. Some of the previous problems relating to nmount should get better now that the base system has moved to nmount for all file systems, however. If you create a new SEBSD2 branch from either //depot/projects/trustedbsd/mac/... or //depot/vendor/freebsd/src/..., you should get the audit bits you need. Robert N M Watson