Date: Wed, 25 Feb 2009 13:30:17 +0000 (UTC) From: Robert Watson <rwatson@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-7@freebsd.org Subject: svn commit: r189037 - in stable/7/sys: . contrib/pf dev/ath/ath_hal dev/cxgb security/audit Message-ID: <200902251330.n1PDUH3P098086@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: rwatson Date: Wed Feb 25 13:30:17 2009 New Revision: 189037 URL: http://svn.freebsd.org/changeset/base/189037 Log: Merge r184544 and r184545 from head to stable/7: Remove stale comment about filtering in audit pipe ioctl routine: we do support filtering now, although we may want to make it more interesting in the future. Update introductory comment for audit pipes. Sponsored by: Apple, Inc. Modified: stable/7/sys/ (props changed) stable/7/sys/contrib/pf/ (props changed) stable/7/sys/dev/ath/ath_hal/ (props changed) stable/7/sys/dev/cxgb/ (props changed) stable/7/sys/security/audit/audit_pipe.c Modified: stable/7/sys/security/audit/audit_pipe.c ============================================================================== --- stable/7/sys/security/audit/audit_pipe.c Wed Feb 25 13:26:30 2009 (r189036) +++ stable/7/sys/security/audit/audit_pipe.c Wed Feb 25 13:30:17 2009 (r189037) @@ -57,10 +57,10 @@ __FBSDID("$FreeBSD$"); /* * Implementation of a clonable special device providing a live stream of BSM - * audit data. This is a "tee" of the data going to the file. It provides - * unreliable but timely access to audit events. Consumers of this interface - * should be very careful to avoid introducing event cycles. Consumers may - * express interest via a set of preselection ioctls. + * audit data. Consumers receive a "tee" of the system audit trail by + * default, but may also define alternative event selections using ioctls. + * This interface provides unreliable but timely access to audit events. + * Consumers should be very careful to avoid introducing event cycles. */ /* @@ -736,9 +736,6 @@ audit_pipe_close(struct cdev *dev, int f /* * Audit pipe ioctl() routine. Handle file descriptor and audit pipe layer * commands. - * - * Would be desirable to support filtering, although perhaps something simple - * like an event mask, as opposed to something complicated like BPF. */ static int audit_pipe_ioctl(struct cdev *dev, u_long cmd, caddr_t data, int flag,
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200902251330.n1PDUH3P098086>