Date: Mon, 6 Apr 2009 16:28:20 +0000 (UTC) From: Lawrence Stewart <lstewart@FreeBSD.org> To: src-committers@freebsd.org, svn-src-projects@freebsd.org Subject: svn commit: r190779 - in projects/tcp_ffcaia2008_8.x: . cddl/contrib/opensolaris/cmd/zinject cddl/contrib/opensolaris/lib/libzfs/common contrib/bind9 contrib/cpio contrib/gdtoa contrib/ncurses cont... Message-ID: <200904061628.n36GSKUr076920@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: lstewart Date: Mon Apr 6 16:28:20 2009 New Revision: 190779 URL: http://svn.freebsd.org/changeset/base/190779 Log: Merge r186471:186647 from head. Added: projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditd/auditd_darwin.c - copied unchanged from r186647, head/contrib/openbsm/bin/auditd/auditd_darwin.c projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditd/auditd_fbsd.c - copied unchanged from r186647, head/contrib/openbsm/bin/auditd/auditd_fbsd.c projects/tcp_ffcaia2008_8.x/contrib/openbsm/bsm/auditd_lib.h - copied unchanged from r186647, head/contrib/openbsm/bsm/auditd_lib.h projects/tcp_ffcaia2008_8.x/contrib/openbsm/libauditd/ - copied from r186647, head/contrib/openbsm/libauditd/ projects/tcp_ffcaia2008_8.x/contrib/openbsm/libbsm/au_errno.3 - copied unchanged from r186647, head/contrib/openbsm/libbsm/au_errno.3 projects/tcp_ffcaia2008_8.x/contrib/openbsm/libbsm/bsm_errno.c - copied unchanged from r186647, head/contrib/openbsm/libbsm/bsm_errno.c projects/tcp_ffcaia2008_8.x/contrib/openbsm/sys/bsm/audit_errno.h - copied unchanged from r186647, head/contrib/openbsm/sys/bsm/audit_errno.h projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/E2BIG_record - copied unchanged from r186647, head/contrib/openbsm/test/reference/E2BIG_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/EACCES_record - copied unchanged from r186647, head/contrib/openbsm/test/reference/EACCES_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/EBADF_record - copied unchanged from r186647, head/contrib/openbsm/test/reference/EBADF_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/EBUSY_record - copied unchanged from r186647, head/contrib/openbsm/test/reference/EBUSY_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/ECHILD_record - copied unchanged from r186647, head/contrib/openbsm/test/reference/ECHILD_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/EDEADLK_record - copied unchanged from r186647, head/contrib/openbsm/test/reference/EDEADLK_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/EEXIST_record - copied unchanged from r186647, head/contrib/openbsm/test/reference/EEXIST_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/EFAULT_record - copied unchanged from r186647, head/contrib/openbsm/test/reference/EFAULT_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/EFBIG_record - copied unchanged from r186647, head/contrib/openbsm/test/reference/EFBIG_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/EINTR_record - copied unchanged from r186647, head/contrib/openbsm/test/reference/EINTR_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/EINVAL_record - copied unchanged from r186647, head/contrib/openbsm/test/reference/EINVAL_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/EIO_record - copied unchanged from r186647, head/contrib/openbsm/test/reference/EIO_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/EISDIR_record - copied unchanged from r186647, head/contrib/openbsm/test/reference/EISDIR_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/EMFILE_record - copied unchanged from r186647, head/contrib/openbsm/test/reference/EMFILE_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/EMLINK_record - copied unchanged from r186647, head/contrib/openbsm/test/reference/EMLINK_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/ENFILE_record - copied unchanged from r186647, head/contrib/openbsm/test/reference/ENFILE_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/ENODEV_record - copied unchanged from r186647, head/contrib/openbsm/test/reference/ENODEV_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/ENOENT_record - copied unchanged from r186647, head/contrib/openbsm/test/reference/ENOENT_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/ENOEXEC_record - copied unchanged from r186647, head/contrib/openbsm/test/reference/ENOEXEC_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/ENOMEM_record - copied unchanged from r186647, head/contrib/openbsm/test/reference/ENOMEM_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/ENOSPC_record - copied unchanged from r186647, head/contrib/openbsm/test/reference/ENOSPC_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/ENOTBLK_record - copied unchanged from r186647, head/contrib/openbsm/test/reference/ENOTBLK_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/ENOTDIR_record - copied unchanged from r186647, head/contrib/openbsm/test/reference/ENOTDIR_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/ENOTTY_record - copied unchanged from r186647, head/contrib/openbsm/test/reference/ENOTTY_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/ENXIO_record - copied unchanged from r186647, head/contrib/openbsm/test/reference/ENXIO_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/EPERM_record - copied unchanged from r186647, head/contrib/openbsm/test/reference/EPERM_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/EPIPE_record - copied unchanged from r186647, head/contrib/openbsm/test/reference/EPIPE_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/EROFS_record - copied unchanged from r186647, head/contrib/openbsm/test/reference/EROFS_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/ESPIPE_record - copied unchanged from r186647, head/contrib/openbsm/test/reference/ESPIPE_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/ESRCH_record - copied unchanged from r186647, head/contrib/openbsm/test/reference/ESRCH_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/ETXTBSY_record - copied unchanged from r186647, head/contrib/openbsm/test/reference/ETXTBSY_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/EXDEV_record - copied unchanged from r186647, head/contrib/openbsm/test/reference/EXDEV_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/socketex_record - copied unchanged from r186647, head/contrib/openbsm/test/reference/socketex_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/socketex_token - copied unchanged from r186647, head/contrib/openbsm/test/reference/socketex_token projects/tcp_ffcaia2008_8.x/lib/libauditd/ - copied from r186647, head/lib/libauditd/ projects/tcp_ffcaia2008_8.x/share/man/man4/ng_ether_echo.4 - copied unchanged from r186647, head/share/man/man4/ng_ether_echo.4 projects/tcp_ffcaia2008_8.x/sys/bsm/audit_errno.h - copied unchanged from r186647, head/sys/bsm/audit_errno.h projects/tcp_ffcaia2008_8.x/sys/mips/mips/elf64_machdep.c - copied unchanged from r186647, head/sys/mips/mips/elf64_machdep.c projects/tcp_ffcaia2008_8.x/sys/modules/netgraph/ether_echo/ - copied from r186647, head/sys/modules/netgraph/ether_echo/ projects/tcp_ffcaia2008_8.x/sys/netgraph/ng_ether_echo.c - copied unchanged from r186647, head/sys/netgraph/ng_ether_echo.c projects/tcp_ffcaia2008_8.x/sys/netgraph/ng_ether_echo.h - copied unchanged from r186647, head/sys/netgraph/ng_ether_echo.h projects/tcp_ffcaia2008_8.x/sys/security/audit/audit_bsm_errno.c - copied unchanged from r186647, head/sys/security/audit/audit_bsm_errno.c projects/tcp_ffcaia2008_8.x/sys/xen/evtchn.h - copied unchanged from r186647, head/sys/xen/evtchn.h projects/tcp_ffcaia2008_8.x/sys/xen/hypervisor.h - copied unchanged from r186647, head/sys/xen/hypervisor.h projects/tcp_ffcaia2008_8.x/sys/xen/xen_intr.h - copied unchanged from r186647, head/sys/xen/xen_intr.h Deleted: projects/tcp_ffcaia2008_8.x/sys/i386/include/xen/evtchn.h projects/tcp_ffcaia2008_8.x/sys/i386/include/xen/hypervisor.h projects/tcp_ffcaia2008_8.x/sys/i386/include/xen/xen_intr.h Modified: projects/tcp_ffcaia2008_8.x/ (props changed) projects/tcp_ffcaia2008_8.x/COPYRIGHT projects/tcp_ffcaia2008_8.x/Makefile projects/tcp_ffcaia2008_8.x/UPDATING projects/tcp_ffcaia2008_8.x/cddl/contrib/opensolaris/cmd/zinject/zinject.c projects/tcp_ffcaia2008_8.x/cddl/contrib/opensolaris/lib/libzfs/common/libzfs_sendrecv.c projects/tcp_ffcaia2008_8.x/contrib/bind9/ (props changed) projects/tcp_ffcaia2008_8.x/contrib/cpio/ (props changed) projects/tcp_ffcaia2008_8.x/contrib/gdtoa/ (props changed) projects/tcp_ffcaia2008_8.x/contrib/ncurses/ (props changed) projects/tcp_ffcaia2008_8.x/contrib/netcat/ (props changed) projects/tcp_ffcaia2008_8.x/contrib/ntp/ (props changed) projects/tcp_ffcaia2008_8.x/contrib/openbsm/ (props changed) projects/tcp_ffcaia2008_8.x/contrib/openbsm/Makefile.am projects/tcp_ffcaia2008_8.x/contrib/openbsm/Makefile.in projects/tcp_ffcaia2008_8.x/contrib/openbsm/NEWS projects/tcp_ffcaia2008_8.x/contrib/openbsm/README projects/tcp_ffcaia2008_8.x/contrib/openbsm/TODO projects/tcp_ffcaia2008_8.x/contrib/openbsm/VERSION projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/Makefile.in projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/audit/Makefile.am projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/audit/Makefile.in projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/audit/audit.8 projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/audit/audit.c projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditd/Makefile.am projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditd/Makefile.in projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditd/audit_warn.c projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditd/auditd.8 projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditd/auditd.c projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditd/auditd.h projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditfilterd/Makefile.in projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditreduce/Makefile.in projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditreduce/auditreduce.c projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/praudit/Makefile.in projects/tcp_ffcaia2008_8.x/contrib/openbsm/bsm/Makefile.am projects/tcp_ffcaia2008_8.x/contrib/openbsm/bsm/Makefile.in projects/tcp_ffcaia2008_8.x/contrib/openbsm/bsm/audit_uevents.h projects/tcp_ffcaia2008_8.x/contrib/openbsm/bsm/libbsm.h projects/tcp_ffcaia2008_8.x/contrib/openbsm/compat/endian.h projects/tcp_ffcaia2008_8.x/contrib/openbsm/config/config.h.in projects/tcp_ffcaia2008_8.x/contrib/openbsm/configure projects/tcp_ffcaia2008_8.x/contrib/openbsm/configure.ac projects/tcp_ffcaia2008_8.x/contrib/openbsm/etc/audit_event projects/tcp_ffcaia2008_8.x/contrib/openbsm/libbsm/Makefile.am projects/tcp_ffcaia2008_8.x/contrib/openbsm/libbsm/Makefile.in projects/tcp_ffcaia2008_8.x/contrib/openbsm/libbsm/au_token.3 projects/tcp_ffcaia2008_8.x/contrib/openbsm/libbsm/audit_submit.3 projects/tcp_ffcaia2008_8.x/contrib/openbsm/libbsm/bsm_audit.c projects/tcp_ffcaia2008_8.x/contrib/openbsm/libbsm/bsm_class.c projects/tcp_ffcaia2008_8.x/contrib/openbsm/libbsm/bsm_control.c projects/tcp_ffcaia2008_8.x/contrib/openbsm/libbsm/bsm_event.c projects/tcp_ffcaia2008_8.x/contrib/openbsm/libbsm/bsm_io.c projects/tcp_ffcaia2008_8.x/contrib/openbsm/libbsm/bsm_mask.c projects/tcp_ffcaia2008_8.x/contrib/openbsm/libbsm/bsm_token.c projects/tcp_ffcaia2008_8.x/contrib/openbsm/libbsm/bsm_user.c projects/tcp_ffcaia2008_8.x/contrib/openbsm/libbsm/bsm_wrappers.c projects/tcp_ffcaia2008_8.x/contrib/openbsm/libbsm/libbsm.3 projects/tcp_ffcaia2008_8.x/contrib/openbsm/man/Makefile.in projects/tcp_ffcaia2008_8.x/contrib/openbsm/man/audit.log.5 projects/tcp_ffcaia2008_8.x/contrib/openbsm/modules/Makefile.in projects/tcp_ffcaia2008_8.x/contrib/openbsm/modules/auditfilter_noop/Makefile.in projects/tcp_ffcaia2008_8.x/contrib/openbsm/sys/Makefile.in projects/tcp_ffcaia2008_8.x/contrib/openbsm/sys/bsm/Makefile.am projects/tcp_ffcaia2008_8.x/contrib/openbsm/sys/bsm/Makefile.in projects/tcp_ffcaia2008_8.x/contrib/openbsm/sys/bsm/audit.h projects/tcp_ffcaia2008_8.x/contrib/openbsm/sys/bsm/audit_internal.h projects/tcp_ffcaia2008_8.x/contrib/openbsm/sys/bsm/audit_kevents.h projects/tcp_ffcaia2008_8.x/contrib/openbsm/sys/bsm/audit_record.h projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/Makefile.in projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/bsm/Makefile.in projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/bsm/generate.c projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/arg32_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/data_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/file_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/header32_token projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/in_addr_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/ip_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/ipc_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/iport_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/opaque_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/path_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/process32_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/process32ex_record-IPv4 projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/process32ex_record-IPv6 projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/process64_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/process64ex_record-IPv4 projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/process64ex_record-IPv6 projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/return32_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/return32_token projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/seq_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/subject32_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/subject32ex_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/text_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/zonename_record projects/tcp_ffcaia2008_8.x/contrib/openbsm/tools/Makefile.in projects/tcp_ffcaia2008_8.x/contrib/openpam/ (props changed) projects/tcp_ffcaia2008_8.x/contrib/pf/ (props changed) projects/tcp_ffcaia2008_8.x/contrib/sendmail/ (props changed) projects/tcp_ffcaia2008_8.x/contrib/top/ (props changed) projects/tcp_ffcaia2008_8.x/crypto/openssh/ (props changed) projects/tcp_ffcaia2008_8.x/crypto/openssl/ (props changed) projects/tcp_ffcaia2008_8.x/gnu/lib/libstdc++/Makefile projects/tcp_ffcaia2008_8.x/gnu/usr.bin/man/manpath/manpath.config projects/tcp_ffcaia2008_8.x/lib/Makefile projects/tcp_ffcaia2008_8.x/lib/libbsm/Makefile projects/tcp_ffcaia2008_8.x/lib/libc/ (props changed) projects/tcp_ffcaia2008_8.x/lib/libc/stdtime/ (props changed) projects/tcp_ffcaia2008_8.x/lib/libc/string/ffsll.c (props changed) projects/tcp_ffcaia2008_8.x/lib/libc/string/flsll.c (props changed) projects/tcp_ffcaia2008_8.x/lib/libc/sys/kldunload.2 projects/tcp_ffcaia2008_8.x/lib/libutil/ (props changed) projects/tcp_ffcaia2008_8.x/lib/libutil/kinfo_getfile.c projects/tcp_ffcaia2008_8.x/lib/libutil/kinfo_getvmmap.c projects/tcp_ffcaia2008_8.x/sbin/ddb/ddb.8 projects/tcp_ffcaia2008_8.x/sbin/geom/misc/subr.c projects/tcp_ffcaia2008_8.x/sbin/mount/getmntopts.c projects/tcp_ffcaia2008_8.x/sbin/mount/mount.c projects/tcp_ffcaia2008_8.x/sbin/savecore/savecore.8 projects/tcp_ffcaia2008_8.x/share/man/man4/Makefile projects/tcp_ffcaia2008_8.x/share/man/man4/cpuctl.4 projects/tcp_ffcaia2008_8.x/share/man/man4/ndis.4 projects/tcp_ffcaia2008_8.x/share/man/man4/ng_tty.4 projects/tcp_ffcaia2008_8.x/share/man/man4/textdump.4 projects/tcp_ffcaia2008_8.x/share/mk/bsd.libnames.mk projects/tcp_ffcaia2008_8.x/share/zoneinfo/ (props changed) projects/tcp_ffcaia2008_8.x/sys/ (props changed) projects/tcp_ffcaia2008_8.x/sys/arm/conf/AVILA projects/tcp_ffcaia2008_8.x/sys/arm/conf/CAMBRIA projects/tcp_ffcaia2008_8.x/sys/arm/conf/EP80219 projects/tcp_ffcaia2008_8.x/sys/arm/conf/HL200 projects/tcp_ffcaia2008_8.x/sys/arm/conf/IQ31244 projects/tcp_ffcaia2008_8.x/sys/arm/conf/NSLU projects/tcp_ffcaia2008_8.x/sys/boot/i386/boot0/Makefile projects/tcp_ffcaia2008_8.x/sys/boot/i386/boot0/boot0.S projects/tcp_ffcaia2008_8.x/sys/bsm/audit.h projects/tcp_ffcaia2008_8.x/sys/bsm/audit_internal.h projects/tcp_ffcaia2008_8.x/sys/bsm/audit_kevents.h projects/tcp_ffcaia2008_8.x/sys/bsm/audit_record.h projects/tcp_ffcaia2008_8.x/sys/compat/freebsd32/freebsd32_misc.c projects/tcp_ffcaia2008_8.x/sys/compat/linprocfs/linprocfs.c projects/tcp_ffcaia2008_8.x/sys/compat/linux/linux_misc.c projects/tcp_ffcaia2008_8.x/sys/compat/ndis/kern_ndis.c projects/tcp_ffcaia2008_8.x/sys/compat/ndis/kern_windrv.c projects/tcp_ffcaia2008_8.x/sys/compat/ndis/ndis_var.h projects/tcp_ffcaia2008_8.x/sys/compat/ndis/ntoskrnl_var.h projects/tcp_ffcaia2008_8.x/sys/compat/ndis/subr_ndis.c projects/tcp_ffcaia2008_8.x/sys/compat/ndis/subr_ntoskrnl.c projects/tcp_ffcaia2008_8.x/sys/compat/ndis/subr_usbd.c projects/tcp_ffcaia2008_8.x/sys/compat/ndis/usbd_var.h projects/tcp_ffcaia2008_8.x/sys/conf/files projects/tcp_ffcaia2008_8.x/sys/conf/options projects/tcp_ffcaia2008_8.x/sys/contrib/pf/ (props changed) projects/tcp_ffcaia2008_8.x/sys/dev/acpi_support/acpi_asus.c projects/tcp_ffcaia2008_8.x/sys/dev/cardbus/cardbus.c projects/tcp_ffcaia2008_8.x/sys/dev/cfe/cfe_console.c projects/tcp_ffcaia2008_8.x/sys/dev/if_ndis/if_ndis.c projects/tcp_ffcaia2008_8.x/sys/dev/if_ndis/if_ndis_pccard.c projects/tcp_ffcaia2008_8.x/sys/dev/if_ndis/if_ndis_pci.c projects/tcp_ffcaia2008_8.x/sys/dev/if_ndis/if_ndis_usb.c projects/tcp_ffcaia2008_8.x/sys/dev/if_ndis/if_ndisvar.h projects/tcp_ffcaia2008_8.x/sys/dev/mn/if_mn.c (props changed) projects/tcp_ffcaia2008_8.x/sys/dev/puc/pucdata.c projects/tcp_ffcaia2008_8.x/sys/dev/sound/pci/hda/hdac.c projects/tcp_ffcaia2008_8.x/sys/dev/uart/uart_tty.c projects/tcp_ffcaia2008_8.x/sys/dev/usb/ehci_ixp4xx.c (props changed) projects/tcp_ffcaia2008_8.x/sys/dev/usb/if_zyd.c projects/tcp_ffcaia2008_8.x/sys/dev/usb/umass.c projects/tcp_ffcaia2008_8.x/sys/dev/xen/blkfront/blkfront.c projects/tcp_ffcaia2008_8.x/sys/dev/xen/console/console.c projects/tcp_ffcaia2008_8.x/sys/dev/xen/console/xencons_ring.c projects/tcp_ffcaia2008_8.x/sys/dev/xen/evtchn/evtchn_dev.c projects/tcp_ffcaia2008_8.x/sys/dev/xen/netfront/netfront.c projects/tcp_ffcaia2008_8.x/sys/fs/procfs/procfs_map.c projects/tcp_ffcaia2008_8.x/sys/fs/pseudofs/pseudofs_vncache.c projects/tcp_ffcaia2008_8.x/sys/fs/pseudofs/pseudofs_vnops.c projects/tcp_ffcaia2008_8.x/sys/geom/part/g_part_bsd.c projects/tcp_ffcaia2008_8.x/sys/geom/vinum/geom_vinum_plex.c projects/tcp_ffcaia2008_8.x/sys/i386/conf/XEN projects/tcp_ffcaia2008_8.x/sys/i386/i386/genassym.c projects/tcp_ffcaia2008_8.x/sys/i386/i386/machdep.c projects/tcp_ffcaia2008_8.x/sys/i386/i386/vm_machdep.c projects/tcp_ffcaia2008_8.x/sys/i386/ibcs2/ibcs2_sysi86.c projects/tcp_ffcaia2008_8.x/sys/i386/include/xen/xenfunc.h projects/tcp_ffcaia2008_8.x/sys/i386/isa/npx.c projects/tcp_ffcaia2008_8.x/sys/i386/xen/clock.c projects/tcp_ffcaia2008_8.x/sys/i386/xen/mp_machdep.c projects/tcp_ffcaia2008_8.x/sys/i386/xen/mptable.c projects/tcp_ffcaia2008_8.x/sys/i386/xen/pmap.c projects/tcp_ffcaia2008_8.x/sys/i386/xen/xen_machdep.c projects/tcp_ffcaia2008_8.x/sys/kern/kern_cons.c (props changed) projects/tcp_ffcaia2008_8.x/sys/kern/kern_descrip.c projects/tcp_ffcaia2008_8.x/sys/kern/kern_jail.c projects/tcp_ffcaia2008_8.x/sys/kern/kern_proc.c projects/tcp_ffcaia2008_8.x/sys/kern/kern_sysctl.c projects/tcp_ffcaia2008_8.x/sys/kern/kern_xxx.c projects/tcp_ffcaia2008_8.x/sys/kern/subr_param.c projects/tcp_ffcaia2008_8.x/sys/kern/uipc_domain.c projects/tcp_ffcaia2008_8.x/sys/kern/uipc_usrreq.c projects/tcp_ffcaia2008_8.x/sys/kern/vfs_cache.c projects/tcp_ffcaia2008_8.x/sys/kern/vfs_export.c projects/tcp_ffcaia2008_8.x/sys/kern/vfs_syscalls.c projects/tcp_ffcaia2008_8.x/sys/modules/ndis/Makefile projects/tcp_ffcaia2008_8.x/sys/modules/netgraph/Makefile projects/tcp_ffcaia2008_8.x/sys/modules/usb2/Makefile projects/tcp_ffcaia2008_8.x/sys/net/if_tun.c projects/tcp_ffcaia2008_8.x/sys/net/route.h projects/tcp_ffcaia2008_8.x/sys/net/rtsock.c projects/tcp_ffcaia2008_8.x/sys/netgraph/ng_ether.c projects/tcp_ffcaia2008_8.x/sys/netinet/if_ether.c projects/tcp_ffcaia2008_8.x/sys/netinet/in.c projects/tcp_ffcaia2008_8.x/sys/netinet6/in6.c projects/tcp_ffcaia2008_8.x/sys/netipsec/ipsec.c projects/tcp_ffcaia2008_8.x/sys/netipsec/ipsec.h projects/tcp_ffcaia2008_8.x/sys/security/audit/audit_bsm_token.c projects/tcp_ffcaia2008_8.x/sys/security/mac/mac_cred.c (props changed) projects/tcp_ffcaia2008_8.x/sys/security/mac_bsdextended/ugidfw_system.c (props changed) projects/tcp_ffcaia2008_8.x/sys/security/mac_bsdextended/ugidfw_vnode.c (props changed) projects/tcp_ffcaia2008_8.x/sys/sys/copyright.h projects/tcp_ffcaia2008_8.x/sys/sys/tree.h projects/tcp_ffcaia2008_8.x/sys/vm/vm_map.c projects/tcp_ffcaia2008_8.x/sys/vm/vm_map.h projects/tcp_ffcaia2008_8.x/sys/xen/evtchn/evtchn.c projects/tcp_ffcaia2008_8.x/sys/xen/evtchn/evtchn_dev.c projects/tcp_ffcaia2008_8.x/sys/xen/features.c projects/tcp_ffcaia2008_8.x/sys/xen/gnttab.c projects/tcp_ffcaia2008_8.x/sys/xen/gnttab.h projects/tcp_ffcaia2008_8.x/sys/xen/xenbus/xenbus_client.c projects/tcp_ffcaia2008_8.x/sys/xen/xenbus/xenbus_comms.c projects/tcp_ffcaia2008_8.x/sys/xen/xenbus/xenbus_comms.h projects/tcp_ffcaia2008_8.x/sys/xen/xenbus/xenbus_dev.c projects/tcp_ffcaia2008_8.x/sys/xen/xenbus/xenbus_probe.c projects/tcp_ffcaia2008_8.x/sys/xen/xenbus/xenbus_probe_backend.c projects/tcp_ffcaia2008_8.x/sys/xen/xenbus/xenbus_xs.c projects/tcp_ffcaia2008_8.x/sys/xen/xenbus/xenbusvar.h projects/tcp_ffcaia2008_8.x/usr.bin/csplit/csplit.1 projects/tcp_ffcaia2008_8.x/usr.bin/fstat/zfs.c projects/tcp_ffcaia2008_8.x/usr.bin/gprof/gprof.1 projects/tcp_ffcaia2008_8.x/usr.bin/make/for.c projects/tcp_ffcaia2008_8.x/usr.bin/make/job.c projects/tcp_ffcaia2008_8.x/usr.bin/make/job.h projects/tcp_ffcaia2008_8.x/usr.bin/make/main.c projects/tcp_ffcaia2008_8.x/usr.bin/make/make.1 projects/tcp_ffcaia2008_8.x/usr.bin/make/make.h projects/tcp_ffcaia2008_8.x/usr.bin/make/parse.c projects/tcp_ffcaia2008_8.x/usr.bin/make/suff.c projects/tcp_ffcaia2008_8.x/usr.bin/netstat/inet6.c projects/tcp_ffcaia2008_8.x/usr.bin/netstat/main.c projects/tcp_ffcaia2008_8.x/usr.bin/netstat/unix.c projects/tcp_ffcaia2008_8.x/usr.bin/procstat/ (props changed) projects/tcp_ffcaia2008_8.x/usr.bin/procstat/procstat.c projects/tcp_ffcaia2008_8.x/usr.bin/procstat/procstat_args.c projects/tcp_ffcaia2008_8.x/usr.bin/procstat/procstat_basic.c projects/tcp_ffcaia2008_8.x/usr.bin/procstat/procstat_bin.c projects/tcp_ffcaia2008_8.x/usr.bin/procstat/procstat_cred.c projects/tcp_ffcaia2008_8.x/usr.bin/procstat/procstat_files.c projects/tcp_ffcaia2008_8.x/usr.bin/procstat/procstat_kstack.c projects/tcp_ffcaia2008_8.x/usr.bin/procstat/procstat_threads.c projects/tcp_ffcaia2008_8.x/usr.bin/procstat/procstat_vm.c projects/tcp_ffcaia2008_8.x/usr.bin/top/machine.c projects/tcp_ffcaia2008_8.x/usr.sbin/arp/arp.8 projects/tcp_ffcaia2008_8.x/usr.sbin/arp/arp.c projects/tcp_ffcaia2008_8.x/usr.sbin/auditd/Makefile projects/tcp_ffcaia2008_8.x/usr.sbin/cpucontrol/cpucontrol.8 projects/tcp_ffcaia2008_8.x/usr.sbin/gssd/Makefile projects/tcp_ffcaia2008_8.x/usr.sbin/makefs/ffs/ffs_bswap.c (props changed) projects/tcp_ffcaia2008_8.x/usr.sbin/makefs/ffs/ffs_subr.c (props changed) projects/tcp_ffcaia2008_8.x/usr.sbin/makefs/ffs/ufs_bswap.h (props changed) projects/tcp_ffcaia2008_8.x/usr.sbin/makefs/getid.c (props changed) projects/tcp_ffcaia2008_8.x/usr.sbin/ndiscvt/inf.c projects/tcp_ffcaia2008_8.x/usr.sbin/ndiscvt/windrv_stub.c projects/tcp_ffcaia2008_8.x/usr.sbin/ndp/ndp.c projects/tcp_ffcaia2008_8.x/usr.sbin/pkg_install/add/main.c projects/tcp_ffcaia2008_8.x/usr.sbin/pkg_install/lib/lib.h projects/tcp_ffcaia2008_8.x/usr.sbin/pkg_install/lib/plist.c projects/tcp_ffcaia2008_8.x/usr.sbin/powerd/powerd.8 projects/tcp_ffcaia2008_8.x/usr.sbin/sade/disks.c projects/tcp_ffcaia2008_8.x/usr.sbin/sysinstall/disks.c projects/tcp_ffcaia2008_8.x/usr.sbin/sysinstall/sysinstall.8 projects/tcp_ffcaia2008_8.x/usr.sbin/ugidfw/ugidfw.c projects/tcp_ffcaia2008_8.x/usr.sbin/usbdevs/usbdevs.c projects/tcp_ffcaia2008_8.x/usr.sbin/zic/ (props changed) Modified: projects/tcp_ffcaia2008_8.x/COPYRIGHT ============================================================================== --- projects/tcp_ffcaia2008_8.x/COPYRIGHT Mon Apr 6 15:45:03 2009 (r190778) +++ projects/tcp_ffcaia2008_8.x/COPYRIGHT Mon Apr 6 16:28:20 2009 (r190779) @@ -4,7 +4,7 @@ The compilation of software known as FreeBSD is distributed under the following terms: -Copyright (C) 1992-2008 The FreeBSD Project. All rights reserved. +Copyright (c) 1992-2009 The FreeBSD Project. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions Modified: projects/tcp_ffcaia2008_8.x/Makefile ============================================================================== --- projects/tcp_ffcaia2008_8.x/Makefile Mon Apr 6 15:45:03 2009 (r190778) +++ projects/tcp_ffcaia2008_8.x/Makefile Mon Apr 6 16:28:20 2009 (r190779) @@ -298,7 +298,7 @@ universe_prologue: .endif .for target in ${TARGETS} KERNCONFS!= cd ${.CURDIR}/sys/${target}/conf && \ - find [A-Z]*[A-Z] -type f -maxdepth 0 \ + find [A-Z0-9]*[A-Z0-9] -type f -maxdepth 0 \ ! -name DEFAULTS ! -name LINT KERNCONFS:= ${KERNCONFS:S/^NOTES$/LINT/} universe: universe_${target} Modified: projects/tcp_ffcaia2008_8.x/UPDATING ============================================================================== --- projects/tcp_ffcaia2008_8.x/UPDATING Mon Apr 6 15:45:03 2009 (r190778) +++ projects/tcp_ffcaia2008_8.x/UPDATING Mon Apr 6 16:28:20 2009 (r190779) @@ -22,6 +22,12 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 8. to maximize performance. (To disable malloc debugging, run ln -s aj /etc/malloc.conf.) +20081225: + ng_tty(4) module updated to match the new TTY subsystem. + Due to API change, user-level applications must be updated. + New API support added to mpd5 CVS and expected to be present + in next mpd5.3 release. + 20081219: With __FreeBSD_version 800060 the makefs tool is part of the base system (it was a port). Modified: projects/tcp_ffcaia2008_8.x/cddl/contrib/opensolaris/cmd/zinject/zinject.c ============================================================================== --- projects/tcp_ffcaia2008_8.x/cddl/contrib/opensolaris/cmd/zinject/zinject.c Mon Apr 6 15:45:03 2009 (r190778) +++ projects/tcp_ffcaia2008_8.x/cddl/contrib/opensolaris/cmd/zinject/zinject.c Mon Apr 6 16:28:20 2009 (r190779) @@ -146,6 +146,7 @@ #include <unistd.h> #include <sys/fs/zfs.h> +#include <sys/param.h> #include <sys/mount.h> #include <libzfs.h> Modified: projects/tcp_ffcaia2008_8.x/cddl/contrib/opensolaris/lib/libzfs/common/libzfs_sendrecv.c ============================================================================== --- projects/tcp_ffcaia2008_8.x/cddl/contrib/opensolaris/lib/libzfs/common/libzfs_sendrecv.c Mon Apr 6 15:45:03 2009 (r190778) +++ projects/tcp_ffcaia2008_8.x/cddl/contrib/opensolaris/lib/libzfs/common/libzfs_sendrecv.c Mon Apr 6 16:28:20 2009 (r190779) @@ -34,6 +34,7 @@ #include <unistd.h> #include <stddef.h> #include <fcntl.h> +#include <sys/param.h> #include <sys/mount.h> #include <sys/mntent.h> #include <sys/mnttab.h> Modified: projects/tcp_ffcaia2008_8.x/contrib/openbsm/Makefile.am ============================================================================== --- projects/tcp_ffcaia2008_8.x/contrib/openbsm/Makefile.am Mon Apr 6 15:45:03 2009 (r190778) +++ projects/tcp_ffcaia2008_8.x/contrib/openbsm/Makefile.am Mon Apr 6 16:28:20 2009 (r190779) @@ -1,15 +1,23 @@ # -# $P4: //depot/projects/trustedbsd/openbsm/Makefile.am#3 $ +# $P4: //depot/projects/trustedbsd/openbsm/Makefile.am#4 $ # SUBDIRS = \ - bsm \ + bsm + +if HAVE_AUDIT_SYSCALLS +SUBDIRS += \ + libauditd +endif + +SUBDIRS += \ libbsm \ bin \ man \ modules \ sys + EXTRA_DIST = \ CHANGELOG \ LICENSE \ Modified: projects/tcp_ffcaia2008_8.x/contrib/openbsm/Makefile.in ============================================================================== --- projects/tcp_ffcaia2008_8.x/contrib/openbsm/Makefile.in Mon Apr 6 15:45:03 2009 (r190778) +++ projects/tcp_ffcaia2008_8.x/contrib/openbsm/Makefile.in Mon Apr 6 16:28:20 2009 (r190779) @@ -15,7 +15,7 @@ @SET_MAKE@ # -# $P4: //depot/projects/trustedbsd/openbsm/Makefile.in#8 $ +# $P4: //depot/projects/trustedbsd/openbsm/Makefile.in#9 $ # VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ @@ -35,6 +35,9 @@ PRE_UNINSTALL = : POST_UNINSTALL = : build_triplet = @build@ host_triplet = @host@ +@HAVE_AUDIT_SYSCALLS_TRUE@am__append_1 = \ +@HAVE_AUDIT_SYSCALLS_TRUE@ libauditd + subdir = . DIST_COMMON = README $(am__configure_deps) $(srcdir)/Makefile.am \ $(srcdir)/Makefile.in $(top_srcdir)/config/config.h.in \ @@ -63,7 +66,7 @@ RECURSIVE_CLEAN_TARGETS = mostlyclean-re distclean-recursive maintainer-clean-recursive ETAGS = etags CTAGS = ctags -DIST_SUBDIRS = $(SUBDIRS) +DIST_SUBDIRS = bsm libauditd libbsm bin man modules sys DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) distdir = $(PACKAGE)-$(VERSION) top_distdir = $(distdir) @@ -183,14 +186,7 @@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUBDIRS = \ - bsm \ - libbsm \ - bin \ - man \ - modules \ - sys - +SUBDIRS = bsm $(am__append_1) libbsm bin man modules sys EXTRA_DIST = \ CHANGELOG \ LICENSE \ Modified: projects/tcp_ffcaia2008_8.x/contrib/openbsm/NEWS ============================================================================== --- projects/tcp_ffcaia2008_8.x/contrib/openbsm/NEWS Mon Apr 6 15:45:03 2009 (r190778) +++ projects/tcp_ffcaia2008_8.x/contrib/openbsm/NEWS Mon Apr 6 16:28:20 2009 (r190779) @@ -1,5 +1,50 @@ OpenBSM Version History +OpenBSM 1.1 alpha 4 + +- With the addition of BSM error number mapping, we also need to map the + local error number passed to audit_submit(3) to a BSM error number, rather + than have the caller perform that conversion. +- Reallocate user audit events to avoid collisions with Solaris; adopt a more + formal allocation scheme, and add some events allocated in Solaris that + will be of immediate use on other platforms. +- Add an event for Calife. +- Add au_strerror(3), which allows generating strings for BSM errors + directly, rather than requiring applications to map to the local error + space, which might not be able to entirely represent the BSM error number + space. +- Major auditd rewrite for launchd(8) support. Add libauditd library that is + shared between launchd and auditd. +- Add AUDIT_TRIGGER_INITIALIZE trigger (sent via 'audit -i') for (re)starting + auditing under launchd(8) on Mac OS X. +- Add 'current' symlink to active audit trail. +- Add crash recovery of previous audit trail file when detected on audit + startup that it has not been properly terminated. +- Add the event AUE_audit_recovery to indicated when an audit trail file has + been recovered from not being properly terminated. This event is stored + in the new audit trail file and includes the path of recovered audit trail + file. +- Mac OS X and FreeBSD dependent code in auditd.c is separated into + auditd_darwin.c and auditd_fbsd.c files. +- Add an event for the posix_spawn(2) and fsgetpath(2) Mac OS X system calls. +- For Mac OS X, we use ASL(3) instead of syslog(3) for logging. +- Add support for NOTICE level logging. + +OpenBSM 1.1 alpha 3 + +- Add two new functions, au_bsm_to_errno() and au_errno_to_bsm(), to map + between BSM error numbers (largely the Solaris definitions) and local + errno(2) values for 32-bit and 64-bit return tokens. This is required as + operating systems don't agree on some of the values of more recent error + numbers. +- Fix a bug how au_to_exec_args(3) and au_to_exec_env(3) calculates the total + size for the token. This bug resulted in "unknown" tokens being printed + after the exec args/env tokens. +- Support for AUT_SOCKET_EX extended socket tokens, which describe a socket + using a pair of IPv4/IPv6 and port tuples. +- OpenBSM BSM file header version bumped for 1.1 release. +- Deprecated Darwin constants, such as TRAILER_PAD_MAGIC, removed. + OpenBSM 1.1 alpha 2 - Include files in OpenBSM are now broken out into two parts: library builds @@ -348,4 +393,4 @@ OpenBSM 1.0 alpha 1 to support reloading of kernel event table. - Allow comments in /etc/security configuration files. -$P4: //depot/projects/trustedbsd/openbsm/NEWS#9 $ +$P4: //depot/projects/trustedbsd/openbsm/NEWS#21 $ Modified: projects/tcp_ffcaia2008_8.x/contrib/openbsm/README ============================================================================== --- projects/tcp_ffcaia2008_8.x/contrib/openbsm/README Mon Apr 6 15:45:03 2009 (r190778) +++ projects/tcp_ffcaia2008_8.x/contrib/openbsm/README Mon Apr 6 16:28:20 2009 (r190779) @@ -1,4 +1,4 @@ -OpenBSM 1.1 alpha 1 +OpenBSM 1.1 alpha 4 Introduction @@ -19,6 +19,7 @@ OpenBSM consists of several directories: bsm/ Library include files for BSM compat/ Compatibility code to build on various OS's etc/ Sample /etc/security configuration files + libauditd Common audit management functions for auditd and launchd libbsm/ Implementation of BSM library interfaces and man pages man/ System call and configuration file man pages modules/ Directory for auditfilterd module source @@ -55,4 +56,4 @@ Information on TrustedBSD may be found o http://www.TrustedBSD.org/ -$P4: //depot/projects/trustedbsd/openbsm/README#32 $ +$P4: //depot/projects/trustedbsd/openbsm/README#34 $ Modified: projects/tcp_ffcaia2008_8.x/contrib/openbsm/TODO ============================================================================== --- projects/tcp_ffcaia2008_8.x/contrib/openbsm/TODO Mon Apr 6 15:45:03 2009 (r190778) +++ projects/tcp_ffcaia2008_8.x/contrib/openbsm/TODO Mon Apr 6 16:28:20 2009 (r190779) @@ -20,5 +20,7 @@ OpenBSM TODO - Document audit_warn event arguments. - Allow the path /etc/security to be configured at configure-time so that alternative locations can be used. +- NLS support for au_strerror(3), which provides error strings for BSM errors + not available on the local OS platform. -$P4: //depot/projects/trustedbsd/openbsm/TODO#11 $ +$P4: //depot/projects/trustedbsd/openbsm/TODO#12 $ Modified: projects/tcp_ffcaia2008_8.x/contrib/openbsm/VERSION ============================================================================== --- projects/tcp_ffcaia2008_8.x/contrib/openbsm/VERSION Mon Apr 6 15:45:03 2009 (r190778) +++ projects/tcp_ffcaia2008_8.x/contrib/openbsm/VERSION Mon Apr 6 16:28:20 2009 (r190779) @@ -1 +1 @@ -OPENBSM_1_1_ALPHA_2 +OPENBSM_1_1_ALPHA_4 Modified: projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/Makefile.in ============================================================================== --- projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/Makefile.in Mon Apr 6 15:45:03 2009 (r190778) +++ projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/Makefile.in Mon Apr 6 16:28:20 2009 (r190779) @@ -15,7 +15,7 @@ @SET_MAKE@ # -# $P4: //depot/projects/trustedbsd/openbsm/bin/Makefile.in#8 $ +# $P4: //depot/projects/trustedbsd/openbsm/bin/Makefile.in#10 $ # VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ Modified: projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/audit/Makefile.am ============================================================================== --- projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/audit/Makefile.am Mon Apr 6 15:45:03 2009 (r190778) +++ projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/audit/Makefile.am Mon Apr 6 16:28:20 2009 (r190779) @@ -1,5 +1,5 @@ # -# $P4: //depot/projects/trustedbsd/openbsm/bin/audit/Makefile.am#4 $ +# $P4: //depot/projects/trustedbsd/openbsm/bin/audit/Makefile.am#6 $ # if USE_NATIVE_INCLUDES @@ -13,11 +13,11 @@ audit_LDADD = $(top_builddir)/libbsm/lib man8_MANS = audit.8 if USE_MACH_IPC -audit_SOURCES = auditd_control_user.c audit.c -CLEANFILES = auditd_control_user.c auditd_control_user.h +audit_SOURCES = auditd_controlUser.c audit.c +CLEANFILES = auditd_controlUser.c auditd_control.h -auditd_control_user.c: $(top_srcdir)/bin/auditd/auditd_control.defs - $(MIG) -user auditd_control_user.c -header auditd_control_user.h -server /dev/null -sheader /dev/null $(top_srcdir)/bin/auditd/auditd_control.defs +auditd_controlUser.c auditd_control.h: $(top_srcdir)/bin/auditd/auditd_control.defs + $(MIG) -user auditd_controlUser.c -header auditd_control.h -server /dev/null -sheader /dev/null $(top_srcdir)/bin/auditd/auditd_control.defs else audit_SOURCES = audit.c endif Modified: projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/audit/Makefile.in ============================================================================== --- projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/audit/Makefile.in Mon Apr 6 15:45:03 2009 (r190778) +++ projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/audit/Makefile.in Mon Apr 6 16:28:20 2009 (r190779) @@ -15,7 +15,7 @@ @SET_MAKE@ # -# $P4: //depot/projects/trustedbsd/openbsm/bin/audit/Makefile.in#9 $ +# $P4: //depot/projects/trustedbsd/openbsm/bin/audit/Makefile.in#11 $ # VPATH = @srcdir@ @@ -49,9 +49,9 @@ CONFIG_CLEAN_FILES = am__installdirs = "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(man8dir)" sbinPROGRAMS_INSTALL = $(INSTALL_PROGRAM) PROGRAMS = $(sbin_PROGRAMS) -am__audit_SOURCES_DIST = audit.c auditd_control_user.c +am__audit_SOURCES_DIST = audit.c auditd_controlUser.c @USE_MACH_IPC_FALSE@am_audit_OBJECTS = audit.$(OBJEXT) -@USE_MACH_IPC_TRUE@am_audit_OBJECTS = auditd_control_user.$(OBJEXT) \ +@USE_MACH_IPC_TRUE@am_audit_OBJECTS = auditd_controlUser.$(OBJEXT) \ @USE_MACH_IPC_TRUE@ audit.$(OBJEXT) audit_OBJECTS = $(am_audit_OBJECTS) audit_DEPENDENCIES = $(top_builddir)/libbsm/libbsm.la @@ -188,8 +188,8 @@ top_srcdir = @top_srcdir@ audit_LDADD = $(top_builddir)/libbsm/libbsm.la man8_MANS = audit.8 @USE_MACH_IPC_FALSE@audit_SOURCES = audit.c -@USE_MACH_IPC_TRUE@audit_SOURCES = auditd_control_user.c audit.c -@USE_MACH_IPC_TRUE@CLEANFILES = auditd_control_user.c auditd_control_user.h +@USE_MACH_IPC_TRUE@audit_SOURCES = auditd_controlUser.c audit.c +@USE_MACH_IPC_TRUE@CLEANFILES = auditd_controlUser.c auditd_control.h all: all-am .SUFFIXES: @@ -262,7 +262,7 @@ distclean-compile: -rm -f *.tab.c @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/audit.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/auditd_control_user.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/auditd_controlUser.Po@am__quote@ .c.o: @am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< @@ -521,8 +521,8 @@ uninstall-man: uninstall-man8 uninstall-sbinPROGRAMS -@USE_MACH_IPC_TRUE@auditd_control_user.c: $(top_srcdir)/bin/auditd/auditd_control.defs -@USE_MACH_IPC_TRUE@ $(MIG) -user auditd_control_user.c -header auditd_control_user.h -server /dev/null -sheader /dev/null $(top_srcdir)/bin/auditd/auditd_control.defs +@USE_MACH_IPC_TRUE@auditd_controlUser.c auditd_control.h: $(top_srcdir)/bin/auditd/auditd_control.defs +@USE_MACH_IPC_TRUE@ $(MIG) -user auditd_controlUser.c -header auditd_control.h -server /dev/null -sheader /dev/null $(top_srcdir)/bin/auditd/auditd_control.defs # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: Modified: projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/audit/audit.8 ============================================================================== --- projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/audit/audit.8 Mon Apr 6 15:45:03 2009 (r190778) +++ projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/audit/audit.8 Mon Apr 6 16:28:20 2009 (r190779) @@ -25,9 +25,9 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $P4: //depot/projects/trustedbsd/openbsm/bin/audit/audit.8#11 $ +.\" $P4: //depot/projects/trustedbsd/openbsm/bin/audit/audit.8#13 $ .\" -.Dd October 2, 2006 +.Dd December 11, 2008 .Dt AUDIT 8 .Os .Sh NAME @@ -35,7 +35,7 @@ .Nd audit management utility .Sh SYNOPSIS .Nm -.Fl n | s | t +.Fl i | n | s | t .Sh DESCRIPTION The .Nm @@ -43,6 +43,13 @@ utility controls the state of the audit One of the following flags is required as an argument to .Nm : .Bl -tag -width indent +.It Fl i +Initializes and starts auditing. +This option is currently for Mac OS X only +and requires +.Xr auditd 8 +to be configured to run under +.Xr launchd 8 . .It Fl n Forces the audit system to close the existing audit log file and rotate to a new log file in a location specified in the audit control file. @@ -59,6 +66,13 @@ and renamed to indicate the time of the The .Xr auditd 8 daemon must already be running. +Optionally, it can be configured to be started +on-demand by +.Xr launchd 8 +(Mac OS X only). +The +.Nm +utility requires audit administrator privileges for successful operation. .Sh FILES .Bl -tag -width ".Pa /etc/security/audit_control" -compact .It Pa /etc/security/audit_control @@ -67,7 +81,8 @@ Audit policy file used to configure the .Sh SEE ALSO .Xr audit 4 , .Xr audit_control 5 , -.Xr auditd 8 +.Xr auditd 8 , +.Xr launchd 8 .Sh HISTORY The OpenBSM implementation was created by McAfee Research, the security division of McAfee Inc., under contract to Apple Computer Inc.\& in 2004. Modified: projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/audit/audit.c ============================================================================== --- projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/audit/audit.c Mon Apr 6 15:45:03 2009 (r190778) +++ projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/audit/audit.c Mon Apr 6 16:28:20 2009 (r190779) @@ -26,7 +26,7 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/bin/audit/audit.c#11 $ + * $P4: //depot/projects/trustedbsd/openbsm/bin/audit/audit.c#13 $ */ /* * Program to trigger the audit daemon with a message that is either: @@ -47,6 +47,7 @@ #include <bsm/libbsm.h> +#include <errno.h> #include <fcntl.h> #include <stdio.h> #include <stdlib.h> @@ -64,7 +65,15 @@ static int send_trigger(unsigned int); #include <mach/host_special_ports.h> #include <servers/bootstrap.h> -#include "auditd_control_user.h" +#include "auditd_control.h" + +/* + * XXX the following is temporary until this can be added to the kernel + * audit.h header. + */ +#ifndef AUDIT_TRIGGER_INITIALIZE +#define AUDIT_TRIGGER_INITIALIZE 7 +#endif static int send_trigger(unsigned int trigger) @@ -74,7 +83,12 @@ send_trigger(unsigned int trigger) error = host_get_audit_control_port(mach_host_self(), &serverPort); if (error != KERN_SUCCESS) { - mach_error("Cannot get auditd_control Mach port: ", error); + if (geteuid() != 0) { + errno = EPERM; + perror("audit requires root privileges"); + } else + mach_error("Cannot get auditd_control Mach port:", + error); return (-1); } @@ -96,7 +110,10 @@ send_trigger(unsigned int trigger) error = auditon(A_SENDTRIGGER, &trigger, sizeof(trigger)); if (error != 0) { - perror("Error sending trigger"); + if (error == EPERM) + perror("audit requires root privileges"); + else + perror("Error sending trigger"); return (-1); } @@ -108,7 +125,7 @@ static void usage(void) { - (void)fprintf(stderr, "Usage: audit -n | -s | -t \n"); + (void)fprintf(stderr, "Usage: audit -i | -n | -s | -t \n"); exit(-1); } @@ -124,9 +141,13 @@ main(int argc, char **argv) if (argc != 2) usage(); - while ((ch = getopt(argc, argv, "nst")) != -1) { + while ((ch = getopt(argc, argv, "inst")) != -1) { switch(ch) { + case 'i': + trigger = AUDIT_TRIGGER_INITIALIZE; + break; + case 'n': trigger = AUDIT_TRIGGER_ROTATE_USER; break; Modified: projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditd/Makefile.am ============================================================================== --- projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditd/Makefile.am Mon Apr 6 15:45:03 2009 (r190778) +++ projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditd/Makefile.am Mon Apr 6 16:28:20 2009 (r190779) @@ -1,5 +1,5 @@ # -# $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/Makefile.am#4 $ +# $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/Makefile.am#5 $ # if USE_NATIVE_INCLUDES @@ -9,18 +9,18 @@ INCLUDES = -I$(top_builddir) -I$(top_src endif sbin_PROGRAMS = auditd -auditd_LDADD = $(top_builddir)/libbsm/libbsm.la +auditd_LDADD = $(top_builddir)/libbsm/libbsm.la $(top_builddir)/libauditd/libauditd.la man8_MANS = auditd.8 if USE_MACH_IPC -auditd_SOURCES = auditd_control_server.c audit_triggers_server.c audit_warn.c auditd.c -CLEANFILES = auditd_control_server.c auditd_control_server.h audit_triggers_server.c audit_triggers_server.h +auditd_SOURCES = auditd_controlServer.c audit_triggersServer.c audit_warn.c auditd.c auditd_darwin.c +CLEANFILES = auditd_control_server.c auditd_controlServer.h audit_triggersServer.c audit_triggersServer.h -auditd_control_server.c: auditd_control.defs - $(MIG) -user /dev/null -header /dev/null -server auditd_control_server.c -sheader auditd_control_server.h $(top_srcdir)/bin/auditd/auditd_control.defs +auditd_controlServer.c auditd_controlServer.h: auditd_control.defs + $(MIG) -user /dev/null -header /dev/null -server auditd_controlServer.c -sheader auditd_controlServer.h $(top_srcdir)/bin/auditd/auditd_control.defs -audit_triggers_server.c: audit_triggers.defs - $(MIG) -user /dev/null -header /dev/null -server audit_triggers_server.c -sheader audit_triggers_server.h $(top_srcdir)/bin/auditd/audit_triggers.defs +audit_triggersServer.c audit_triggersServer.h: audit_triggers.defs + $(MIG) -user /dev/null -header /dev/null -server audit_triggersServer.c -sheader audit_triggersServer.h $(top_srcdir)/bin/auditd/audit_triggers.defs else -auditd_SOURCES = audit_warn.c auditd.c +auditd_SOURCES = audit_warn.c auditd.c auditd_fbsd.c endif Modified: projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditd/Makefile.in ============================================================================== --- projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditd/Makefile.in Mon Apr 6 15:45:03 2009 (r190778) +++ projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditd/Makefile.in Mon Apr 6 16:28:20 2009 (r190779) @@ -15,7 +15,7 @@ @SET_MAKE@ # -# $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/Makefile.in#9 $ +# $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/Makefile.in#10 $ # VPATH = @srcdir@ @@ -49,16 +49,17 @@ CONFIG_CLEAN_FILES = am__installdirs = "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(man8dir)" sbinPROGRAMS_INSTALL = $(INSTALL_PROGRAM) PROGRAMS = $(sbin_PROGRAMS) -am__auditd_SOURCES_DIST = audit_warn.c auditd.c \ - auditd_control_server.c audit_triggers_server.c +am__auditd_SOURCES_DIST = audit_warn.c auditd.c auditd_fbsd.c \ + auditd_controlServer.c audit_triggersServer.c auditd_darwin.c @USE_MACH_IPC_FALSE@am_auditd_OBJECTS = audit_warn.$(OBJEXT) \ -@USE_MACH_IPC_FALSE@ auditd.$(OBJEXT) -@USE_MACH_IPC_TRUE@am_auditd_OBJECTS = \ -@USE_MACH_IPC_TRUE@ auditd_control_server.$(OBJEXT) \ -@USE_MACH_IPC_TRUE@ audit_triggers_server.$(OBJEXT) \ -@USE_MACH_IPC_TRUE@ audit_warn.$(OBJEXT) auditd.$(OBJEXT) +@USE_MACH_IPC_FALSE@ auditd.$(OBJEXT) auditd_fbsd.$(OBJEXT) +@USE_MACH_IPC_TRUE@am_auditd_OBJECTS = auditd_controlServer.$(OBJEXT) \ +@USE_MACH_IPC_TRUE@ audit_triggersServer.$(OBJEXT) \ +@USE_MACH_IPC_TRUE@ audit_warn.$(OBJEXT) auditd.$(OBJEXT) \ +@USE_MACH_IPC_TRUE@ auditd_darwin.$(OBJEXT) auditd_OBJECTS = $(am_auditd_OBJECTS) -auditd_DEPENDENCIES = $(top_builddir)/libbsm/libbsm.la +auditd_DEPENDENCIES = $(top_builddir)/libbsm/libbsm.la \ + $(top_builddir)/libauditd/libauditd.la DEFAULT_INCLUDES = -I. -I$(top_builddir)/config@am__isrc@ depcomp = $(SHELL) $(top_srcdir)/config/depcomp am__depfiles_maybe = depfiles @@ -189,11 +190,11 @@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ @USE_NATIVE_INCLUDES_FALSE@INCLUDES = -I$(top_builddir) -I$(top_srcdir) -I$(top_srcdir)/sys @USE_NATIVE_INCLUDES_TRUE@INCLUDES = -I$(top_builddir) -I$(top_srcdir) -auditd_LDADD = $(top_builddir)/libbsm/libbsm.la +auditd_LDADD = $(top_builddir)/libbsm/libbsm.la $(top_builddir)/libauditd/libauditd.la man8_MANS = auditd.8 -@USE_MACH_IPC_FALSE@auditd_SOURCES = audit_warn.c auditd.c -@USE_MACH_IPC_TRUE@auditd_SOURCES = auditd_control_server.c audit_triggers_server.c audit_warn.c auditd.c -@USE_MACH_IPC_TRUE@CLEANFILES = auditd_control_server.c auditd_control_server.h audit_triggers_server.c audit_triggers_server.h +@USE_MACH_IPC_FALSE@auditd_SOURCES = audit_warn.c auditd.c auditd_fbsd.c +@USE_MACH_IPC_TRUE@auditd_SOURCES = auditd_controlServer.c audit_triggersServer.c audit_warn.c auditd.c auditd_darwin.c +@USE_MACH_IPC_TRUE@CLEANFILES = auditd_control_server.c auditd_controlServer.h audit_triggersServer.c audit_triggersServer.h all: all-am .SUFFIXES: @@ -265,10 +266,12 @@ mostlyclean-compile: distclean-compile: -rm -f *.tab.c -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/audit_triggers_server.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/audit_triggersServer.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/audit_warn.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/auditd.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/auditd_control_server.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/auditd_controlServer.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/auditd_darwin.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/auditd_fbsd.Po@am__quote@ .c.o: @am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< @@ -527,11 +530,11 @@ uninstall-man: uninstall-man8 uninstall-sbinPROGRAMS -@USE_MACH_IPC_TRUE@auditd_control_server.c: auditd_control.defs -@USE_MACH_IPC_TRUE@ $(MIG) -user /dev/null -header /dev/null -server auditd_control_server.c -sheader auditd_control_server.h $(top_srcdir)/bin/auditd/auditd_control.defs +@USE_MACH_IPC_TRUE@auditd_controlServer.c auditd_controlServer.h: auditd_control.defs +@USE_MACH_IPC_TRUE@ $(MIG) -user /dev/null -header /dev/null -server auditd_controlServer.c -sheader auditd_controlServer.h $(top_srcdir)/bin/auditd/auditd_control.defs -@USE_MACH_IPC_TRUE@audit_triggers_server.c: audit_triggers.defs -@USE_MACH_IPC_TRUE@ $(MIG) -user /dev/null -header /dev/null -server audit_triggers_server.c -sheader audit_triggers_server.h $(top_srcdir)/bin/auditd/audit_triggers.defs +@USE_MACH_IPC_TRUE@audit_triggersServer.c audit_triggersServer.h: audit_triggers.defs +@USE_MACH_IPC_TRUE@ $(MIG) -user /dev/null -header /dev/null -server audit_triggersServer.c -sheader audit_triggersServer.h $(top_srcdir)/bin/auditd/audit_triggers.defs # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: Modified: projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditd/audit_warn.c ============================================================================== --- projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditd/audit_warn.c Mon Apr 6 15:45:03 2009 (r190778) +++ projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditd/audit_warn.c Mon Apr 6 16:28:20 2009 (r190779) @@ -26,7 +26,7 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/audit_warn.c#9 $ + * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/audit_warn.c#10 $ */ #include <sys/types.h> @@ -71,20 +71,15 @@ auditwarnlog(char *args[]) } /* - * Indicates that the hard limit for all filesystems has been exceeded count - * times. + * Indicates that the hard limit for all filesystems has been exceeded. */ int -audit_warn_allhard(int count) +audit_warn_allhard(void) { - char intstr[12]; - char *args[3]; - - snprintf(intstr, 12, "%d", count); + char *args[2]; args[0] = HARDLIM_ALL_WARN; - args[1] = intstr; - args[2] = NULL; + args[1] = NULL; return (auditwarnlog(args)); } Modified: projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditd/auditd.8 ============================================================================== --- projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditd/auditd.8 Mon Apr 6 15:45:03 2009 (r190778) +++ projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditd/auditd.8 Mon Apr 6 16:28:20 2009 (r190779) @@ -25,9 +25,9 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.8#14 $ +.\" $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.8#16 $ .\" -.Dd October 2, 2006 +.Dd December 11, 2008 .Dt AUDITD 8 .Os .Sh NAME @@ -35,7 +35,7 @@ .Nd audit log management daemon .Sh SYNOPSIS .Nm -.Op Fl d +.Op Fl d | l .Sh DESCRIPTION The .Nm @@ -50,7 +50,16 @@ The options are as follows: .Bl -tag -width indent .It Fl d Starts the daemon in debug mode \[em] it will not daemonize. +.It Fl l +This option is for when +.Nm +is configured to start on-demand using +.Xr launchd 8 . .El +.Pp +Optionally, the audit review group "audit" may be created. +Non-privileged +users that are members of this group may read the audit trail log files. .Sh NOTE To assure uninterrupted audit support, the .Nm @@ -63,20 +72,33 @@ the .Pa audit_control file. .Pp -.\" Sending a -.\" .Dv SIGHUP -.\" to a running -.\" .Nm -.\" daemon will force it to exit. -Sending a -.Dv SIGTERM -to a running +If +.Nm +is started on-demand by +.Xr launchd 8 +then auditing should only be started and stopped with +.Xr audit 8 . +.Pp +On Mac OS X, .Nm -daemon will force it to exit. +uses the +.Xr asl 3 +API for writing system log messages. +Therefore, only the audit administrator +and members of the audit review group will be able to read the +system log entries. .Sh FILES -.Bl -tag -width ".Pa /var/audit" -compact +.Bl -tag -width ".Pa /etc/security" -compact .It Pa /var/audit Default directory for storing audit log files. +.Pp +.It Pa /etc/security +The directory containing the auditing configuration files +.Xr audit_class 5 , +.Xr audit_control 5 , +.Xr audit_event 5 , +and +.Xr audit_warn 5 . .El .Sh COMPATIBILITY The historical @@ -92,9 +114,14 @@ and and are no longer available as arguments to .Nm . .Sh SEE ALSO +.Xr asl 3 , .Xr audit 4 , +.Xr audit_class 5 , .Xr audit_control 5 , -.Xr audit 8 +.Xr audit_event 5 , +.Xr audit_warn 5 , +.Xr audit 8 , +.Xr launchd 8 .Sh HISTORY The OpenBSM implementation was created by McAfee Research, the security division of McAfee Inc., under contract to Apple Computer Inc.\& in 2004. Modified: projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditd/auditd.c ============================================================================== --- projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditd/auditd.c Mon Apr 6 15:45:03 2009 (r190778) +++ projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditd/auditd.c Mon Apr 6 16:28:20 2009 (r190779) @@ -26,30 +26,29 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#39 $ + * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#40 $ */ -#include <sys/param.h> +#include <sys/types.h> #include <config/config.h> #include <sys/dirent.h> -#include <sys/mman.h> -#include <sys/socket.h> #ifdef HAVE_FULL_QUEUE_H #include <sys/queue.h> #else /* !HAVE_FULL_QUEUE_H */ #include <compat/queue.h> #endif /* !HAVE_FULL_QUEUE_H */ +#include <sys/mman.h> +#include <sys/param.h> #include <sys/stat.h> #include <sys/wait.h> #include <bsm/audit.h> #include <bsm/audit_uevents.h> +#include <bsm/auditd_lib.h> #include <bsm/libbsm.h> -#include <netinet/in.h> - #include <err.h> #include <errno.h> #include <fcntl.h> @@ -60,115 +59,88 @@ #include <unistd.h> #include <signal.h> #include <string.h> -#include <syslog.h> -#include <netdb.h> #include "auditd.h" -#ifdef USE_MACH_IPC -#include <notify.h> -#include <mach/port.h> -#include <mach/mach_error.h> -#include <mach/mach_traps.h> -#include <mach/mach.h> -#include <mach/host_special_ports.h> - -#include "auditd_control_server.h" -#include "audit_triggers_server.h" -#endif /* USE_MACH_IPC */ #ifndef HAVE_STRLCPY #include <compat/strlcpy.h> #endif -#define NA_EVENT_STR_SIZE 25 -#define POL_STR_SIZE 128 -static int ret, minval; -static char *lastfile = NULL; -static int allhardcount = 0; -static int sigchlds, sigchlds_handled; -static int sighups, sighups_handled; -#ifndef USE_MACH_IPC -static int sigterms, sigterms_handled; -static int triggerfd = 0; - -#else /* USE_MACH_IPC */ - -static mach_port_t control_port = MACH_PORT_NULL; -static mach_port_t signal_port = MACH_PORT_NULL; -static mach_port_t port_set = MACH_PORT_NULL; - -#ifndef __BSM_INTERNAL_NOTIFY_KEY -#define __BSM_INTERNAL_NOTIFY_KEY "com.apple.audit.change" -#endif /* __BSM_INTERNAL_NOTIFY_KEY */ -#endif /* USE_MACH_IPC */ - -static TAILQ_HEAD(, dir_ent) dir_q; - -static int config_audit_controls(void); - /* - * Error starting auditd + * XXX the following is temporary until this can be added to the kernel + * audit.h header. */ -static void -fail_exit(void) -{ - - audit_warn_nostart(); - exit(1); -} +#ifndef AUDIT_TRIGGER_INITIALIZE +#define AUDIT_TRIGGER_INITIALIZE 7 +#endif /* - * Free our local list of directory names. + * LaunchD flag (Mac OS X and, maybe, FreeBSD only.) See launchd(8) and + * http://wiki.freebsd.org/launchd for more information. + * + * In order for auditd to work "on demand" with launchd(8) it can't: + * call daemon(3) + * call fork and having the parent process exit + * change uids or gids. + * set up the current working directory or chroot. + * set the session id + * change stdio to /dev/null. + * call setrusage(2) + * call setpriority(2) + * Ignore SIGTERM. + * auditd (in 'launchd mode') is launched on demand so it must catch + * SIGTERM to exit cleanly. + */ +static int launchd_flag = 0; + +/* + * The GID of the audit review group (if used). The audit trail files and + * system logs (Mac OS X only) can only be reviewed by members of this group + * or the audit administrator (aka. "root"). */ -static void -free_dir_q(void) -{ - struct dir_ent *dirent; +static gid_t audit_review_gid = -1; - while ((dirent = TAILQ_FIRST(&dir_q))) { - TAILQ_REMOVE(&dir_q, dirent, dirs); - free(dirent->dirname); - free(dirent); - } -} +/* + * The path and file name of the last audit trail file. + */ +static char *lastfile = NULL; /* - * Generate the timestamp string. + * Error starting auditd. Run warn script and exit. */ -static int -getTSstr(char *buf, int len) +static void +fail_exit(void) { - struct timeval ts; - struct timezone tzp; - time_t tt; - if (gettimeofday(&ts, &tzp) != 0) - return (-1); - tt = (time_t)ts.tv_sec; - if (!strftime(buf, len, "%Y%m%d%H%M%S", gmtime(&tt))) - return (-1); - return (0); + audit_warn_nostart(); + exit(1); } /* - * Concat the directory name to the given file name. - * XXX We should affix the hostname also + * Follow the 'current' symlink to get the active trail file name. */ static char * -affixdir(char *name, struct dir_ent *dirent) +get_curfile(void) { - char *fn = NULL; + char *cf; + int len; - syslog(LOG_DEBUG, "dir = %s", dirent->dirname); - /* - * Sanity check on file name. - */ - if (strlen(name) != (FILENAME_LEN - 1)) { - syslog(LOG_ERR, "Invalid file name: %s", name); + cf = malloc(MAXPATHLEN); + if (cf == NULL) { + auditd_log_err("malloc failed: %m"); + return (NULL); + } + + len = readlink(AUDIT_CURRENT_LINK, cf, MAXPATHLEN - 1); + if (len < 0) { + free(cf); return (NULL); } - asprintf(&fn, "%s/%s", dirent->dirname, name); - return (fn); + + /* readlink() doesn't terminate string. */ + cf[len] = '\0'; + + return (cf); } /* @@ -181,6 +153,10 @@ close_lastfile(char *TS) char *oldname; size_t len; + /* If lastfile is NULL try to get it from the 'current' link. */ + if (lastfile == NULL) + lastfile = get_curfile(); + if (lastfile != NULL) { len = strlen(lastfile) + 1; oldname = (char *)malloc(len); @@ -192,16 +168,21 @@ close_lastfile(char *TS) if ((ptr = strstr(lastfile, NOT_TERMINATED)) != NULL) { strlcpy(ptr, TS, TIMESTAMP_LEN); if (rename(oldname, lastfile) != 0) - syslog(LOG_ERR, + auditd_log_err( "Could not rename %s to %s: %m", oldname, lastfile); else { - syslog(LOG_INFO, "renamed %s to %s", + /* + * Remove the 'current' symlink since the link + * is now invalid. + */ + (void) unlink(AUDIT_CURRENT_LINK); + auditd_log_notice( "renamed %s to %s", oldname, lastfile); audit_warn_closefile(lastfile); } } else - syslog(LOG_ERR, "Could not rename %s to %s", oldname, + auditd_log_err( "Could not rename %s to %s", oldname, lastfile); free(lastfile); free(oldname); @@ -211,168 +192,81 @@ close_lastfile(char *TS) } /* - * Create the new audit file with appropriate permissions and ownership. Try - * to clean up if something goes wrong. - */ -static int -#ifdef AUDIT_REVIEW_GROUP -open_trail(const char *fname, uid_t uid, gid_t gid) -#else -open_trail(const char *fname) -#endif -{ - int error, fd; - - fd = open(fname, O_RDONLY | O_CREAT, S_IRUSR | S_IRGRP); - if (fd < 0) - return (-1); -#ifdef AUDIT_REVIEW_GROUP - if (fchown(fd, uid, gid) < 0) { - error = errno; - close(fd); - (void)unlink(fname); - errno = error; - return (-1); - } -#endif - return (fd); -} - -/* * Create the new file name, swap with existing audit file. */ *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200904061628.n36GSKUr076920>