Date: Sun, 5 Nov 2006 23:47:16 GMT From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 109312 for review Message-ID: <200611052347.kA5NlG7P012719@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=109312 Change 109312 by rwatson@rwatson_fledge on 2006/11/05 23:46:36 Document the format of some additional BSM tokens in audit.log.5. Submitted by: Martin Voros <martin_voros at yahoo dot com> Affected files ... .. //depot/projects/trustedbsd/openbsm/man/audit.log.5#16 edit Differences ... ==== //depot/projects/trustedbsd/openbsm/man/audit.log.5#16 (text+ko) ==== @@ -23,9 +23,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/trustedbsd/openbsm/man/audit.log.5#15 $ +.\" $P4: //depot/projects/trustedbsd/openbsm/man/audit.log.5#16 $ .\" -.Dd May 1, 2005 +.Dd November 5, 2006 .Dt AUDIT.LOG 5 .Os .Sh NAME @@ -418,7 +418,10 @@ .Ss System V IPC Token The .Dq System V IPC -token ... +token contains the System V IPC message handle, semaphore handle or shared +memory handle. +A System V IPC token may be created using ++.Xr au_to_ipc 3 . .Bl -column -offset 3n ".No Terminal Address Type/Length" ".No N bytes + 1 NUL" .It Sy "Field Bytes Description" .It "Token ID 1 byte Token ID" @@ -481,38 +484,60 @@ .Ss System V IPC Permission Token The .Dq System V IPC permission -token ... +token contains a System V IPC access permissions. +A System V IPC permission token may be created using +.Xr au_to_ipc_perm 3 . .Bl -column -offset 3n ".No Terminal Address Type/Length" ".No N bytes + 1 NUL" .It Sy "Field Bytes Description" .It "Token ID 1 byte Token ID" -.It XXXXX +.It Li "Owner user ID" Ta "4 bytes" Ta "User ID of IPC owner" +.It Li "Owner group ID" Ta "4 bytes" Ta "Group ID of IPC owner" +.It Li "Creator user ID" Ta "4 bytes" Ta "User ID of IPC creator" +.It Li "Creator group ID" Ta "4 bytes" Ta "Group ID of IPC creator" +.It Li "Access mode" Ta "4 bytes" Ta "Access mode" +.It Li "Sequnce number" Ta "4 bytes" Ta "Sequnce number" +.It Li "Key" Ta "4 bytes" Ta "IPC key" .El .Ss Arg Token The .Dq arg -token ... +token contains informations about arguments of the system call. +Depending on the size of the desired argument value, an Arg token may be +created using +.Xr au_to_arg32 3 +or +.Xr au_to_arg64 3 . .Bl -column -offset 3n ".No Terminal Address Type/Length" ".No N bytes + 1 NUL" .It Sy "Field Bytes Description" .It "Token ID 1 byte Token ID" -.It XXXXX +.It Li "Argument ID" Ta "1 byte" Ta "Argument ID" +.It Li "Argument value" Ta "4/8 bytes" Ta "Argument value" +.It Li "Length" Ta "2 bytes" Ta "Length of the text" +.It Li "Text" Ta "N bytes + 1 nul" Ta "The string including nul" .El .Ss exec_args Token The .Dq exec_args -token ... +token contains informations about arguements of the exec() system call. +An exec_args token may be created using +.Xr au_to_exec_args 3 . .Bl -column -offset 3n ".No Terminal Address Type/Length" ".No N bytes + 1 NUL" .It Sy "Field Bytes Description" .It "Token ID 1 byte Token ID" -.It XXXXX +.It Li "Count" Ta "4 bytes" Ta "Number of arguments" +.It Li "Text" Ta "* bytes" Ta "Count null-terminated strings" .El .Ss exec_env Token The .Dq exec_env -token ... +token contains current eviroment variables to an exec() system call. +An exec_args token may be created using +.Xr au_to_exec_env 3 . .Bl -column -offset 3n ".No Terminal Address Type/Length" ".No N bytes + 1 NUL" .It Sy "Field Bytes Description" .It "Token ID 1 byte Token ID" -.It XXXXX +.It Li "Count ID" Ta "4 bytes" Ta "Number of variables" +.It Li "Text" Ta "* bytes" Ta "Count nul-terminated strings" .El .Ss Exit Token The @@ -531,11 +556,29 @@ .Ss Socket Token The .Dq socket -token ... +token contains informations about UNIX domain and Internet sockets. +Each token has four or eight fields. +Depend on type of socket a socket token may be created using +.Xr au_to_sock_unix 3 , +.Xr au_to_sock_inet32 3 or +.Xr au_to_sock_inet128 3 . +.Bl -column -offset ind ".Sy Field Name Width XX" ".Sy XX Bytes XXXX" ".Sy Description" +.It Sy "Field" Ta Sy Bytes Ta Sy Description +.It Li "Token ID" Ta "1 byte" Ta "Token ID" +.It Li "Socket family" Ta "2 bytes" Ta "Socket family" +.It Li "Local port" Ta "2 bytes" Ta "Local port" +.It Li "Socket address" Ta "4 bytes" Ta "Socket address" +.El .Bl -column -offset 3n ".No Terminal Address Type/Length" ".No N bytes + 1 NUL" .It Sy "Field Bytes Description" .It "Token ID 1 byte Token ID" -.It XXXXX ++.It Li "Socket domain" Ta "4 bytes" Ta "Socket domain" ++.It Li "Socket family" Ta "2 bytes" Ta "Socket family" ++.It Li "Address type" Ta "1 byte" Ta "Address type (IPv4/IPv6)" ++.It Li "Local port" Ta "2 bytes" Ta "Local port" ++.It Li "Local IP address" Ta "4/16 bytes" Ta "Local IP address" ++.It Li "Remote port" Ta "2 bytes" Ta "Remote port" ++.It Li "Remote IP address" Ta "4/16 bytes" Ta "Remote IP address" .El .Ss Expanded Socket Token The
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200611052347.kA5NlG7P012719>