From owner-cvs-all@FreeBSD.ORG  Sat Apr 21 22:08:49 2007
Return-Path: <owner-cvs-all@FreeBSD.ORG>
X-Original-To: cvs-all@FreeBSD.org
Delivered-To: cvs-all@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 19C8216A403;
	Sat, 21 Apr 2007 22:08:49 +0000 (UTC)
	(envelope-from rwatson@FreeBSD.org)
Received: from repoman.freebsd.org (repoman.freebsd.org [69.147.83.41])
	by mx1.freebsd.org (Postfix) with ESMTP id 0971413C457;
	Sat, 21 Apr 2007 22:08:49 +0000 (UTC)
	(envelope-from rwatson@FreeBSD.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.13.8/8.13.8) with ESMTP id l3LM8mOj026340;
	Sat, 21 Apr 2007 22:08:48 GMT
	(envelope-from rwatson@repoman.freebsd.org)
Received: (from rwatson@localhost)
	by repoman.freebsd.org (8.13.8/8.13.8/Submit) id l3LM8mkk026339;
	Sat, 21 Apr 2007 22:08:48 GMT (envelope-from rwatson)
Message-Id: <200704212208.l3LM8mkk026339@repoman.freebsd.org>
From: Robert Watson <rwatson@FreeBSD.org>
Date: Sat, 21 Apr 2007 22:08:48 +0000 (UTC)
To: src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org
X-FreeBSD-CVS-Branch: HEAD
Cc: 
Subject: cvs commit: src/sys/conf files src/sys/security/audit
 audit_syscalls.c src/sys/security/mac mac_audit.c mac_framework.h
 mac_policy.h src/sys/security/mac_biba mac_biba.c
 src/sys/security/mac_bsdextended mac_bsdextended.c
 src/sys/security/mac_lomac ...
X-BeenThere: cvs-all@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: CVS commit messages for the entire tree <cvs-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-all>,
	<mailto:cvs-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-all>
List-Post: <mailto:cvs-all@freebsd.org>
List-Help: <mailto:cvs-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-all>,
	<mailto:cvs-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 21 Apr 2007 22:08:49 -0000

rwatson     2007-04-21 22:08:48 UTC

  FreeBSD src repository

  Modified files:
    sys/conf             files 
    sys/security/audit   audit_syscalls.c 
    sys/security/mac     mac_framework.h mac_policy.h 
    sys/security/mac_biba mac_biba.c 
    sys/security/mac_bsdextended mac_bsdextended.c 
    sys/security/mac_lomac mac_lomac.c 
    sys/security/mac_mls mac_mls.c 
    sys/security/mac_stub mac_stub.c 
    sys/security/mac_test mac_test.c 
  Added files:
    sys/security/mac     mac_audit.c 
  Log:
  Allow MAC policy modules to control access to audit configuration system
  calls.  Add MAC Framework entry points and MAC policy entry points for
  audit(), auditctl(), auditon(), setaudit(), aud setauid().
  
  MAC Framework entry points are only added for audit system calls where
  additional argument context may be useful for policy decision-making; other
  audit system calls without arguments may be controlled via the priv(9)
  entry points.
  
  Update various policy modules to implement audit-related checks, and in
  some cases, other missing system-related checks.
  
  Obtained from:  TrustedBSD Project
  Sponsored by:   SPARTA, Inc.
  
  Revision  Changes    Path
  1.1197    +1 -0      src/sys/conf/files
  1.14      +44 -0     src/sys/security/audit/audit_syscalls.c
  1.1       +101 -0    src/sys/security/mac/mac_audit.c (new)
  1.79      +6 -0      src/sys/security/mac/mac_framework.h
  1.87      +14 -0     src/sys/security/mac/mac_policy.h
  1.102     +46 -0     src/sys/security/mac_biba/mac_biba.c
  1.35      +27 -0     src/sys/security/mac_bsdextended/mac_bsdextended.c
  1.46      +63 -1     src/sys/security/mac_lomac/mac_lomac.c
  1.83      +40 -0     src/sys/security/mac_mls/mac_mls.c
  1.62      +45 -4     src/sys/security/mac_stub/mac_stub.c
  1.70      +60 -3     src/sys/security/mac_test/mac_test.c