Date: Wed, 31 Dec 2008 16:44:21 GMT From: Ed Schouten <ed@FreeBSD.org> To: Perforce Change Reviews <perforce@FreeBSD.org> Subject: PERFORCE change 155518 for review Message-ID: <200812311644.mBVGiLak027298@repoman.freebsd.org>
index | next in thread | raw e-mail
http://perforce.freebsd.org/chv.cgi?CH=155518 Change 155518 by ed@ed_flippo on 2008/12/31 16:43:38 IFC. Affected files ... .. //depot/projects/mpsafetty/COPYRIGHT#3 integrate .. //depot/projects/mpsafetty/cddl/contrib/opensolaris/cmd/zinject/zinject.c#2 integrate .. //depot/projects/mpsafetty/contrib/openbsm/Makefile.am#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/Makefile.in#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/NEWS#2 integrate .. //depot/projects/mpsafetty/contrib/openbsm/README#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/TODO#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/VERSION#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/bin/Makefile.in#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/bin/audit/Makefile.am#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/bin/audit/Makefile.in#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/bin/audit/audit.8#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/bin/audit/audit.c#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/bin/auditd/Makefile.am#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/bin/auditd/Makefile.in#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/bin/auditd/audit_warn.c#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/bin/auditd/auditd.8#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/bin/auditd/auditd.c#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/bin/auditd/auditd.h#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/bin/auditd/auditd_darwin.c#1 branch .. //depot/projects/mpsafetty/contrib/openbsm/bin/auditd/auditd_fbsd.c#1 branch .. //depot/projects/mpsafetty/contrib/openbsm/bin/auditfilterd/Makefile.in#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/bin/auditreduce/Makefile.in#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/bin/auditreduce/auditreduce.c#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/bin/praudit/Makefile.in#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/bsm/Makefile.am#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/bsm/Makefile.in#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/bsm/audit_uevents.h#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/bsm/auditd_lib.h#1 branch .. //depot/projects/mpsafetty/contrib/openbsm/bsm/libbsm.h#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/compat/endian.h#2 integrate .. //depot/projects/mpsafetty/contrib/openbsm/config/config.h#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/config/config.h.in#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/configure#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/configure.ac#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/etc/audit_event#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/libauditd/Makefile.am#1 branch .. //depot/projects/mpsafetty/contrib/openbsm/libauditd/Makefile.in#1 branch .. //depot/projects/mpsafetty/contrib/openbsm/libauditd/auditd_lib.c#1 branch .. //depot/projects/mpsafetty/contrib/openbsm/libbsm/Makefile.am#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/libbsm/Makefile.in#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/libbsm/au_errno.3#1 branch .. //depot/projects/mpsafetty/contrib/openbsm/libbsm/au_token.3#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/libbsm/audit_submit.3#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/libbsm/bsm_audit.c#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/libbsm/bsm_class.c#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/libbsm/bsm_control.c#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/libbsm/bsm_errno.c#1 branch .. //depot/projects/mpsafetty/contrib/openbsm/libbsm/bsm_event.c#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/libbsm/bsm_io.c#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/libbsm/bsm_mask.c#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/libbsm/bsm_token.c#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/libbsm/bsm_user.c#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/libbsm/bsm_wrappers.c#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/libbsm/libbsm.3#2 integrate .. //depot/projects/mpsafetty/contrib/openbsm/man/Makefile.in#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/man/audit.log.5#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/modules/Makefile.in#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/modules/auditfilter_noop/Makefile.in#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/sys/Makefile.in#2 integrate .. //depot/projects/mpsafetty/contrib/openbsm/sys/bsm/Makefile.am#2 integrate .. //depot/projects/mpsafetty/contrib/openbsm/sys/bsm/Makefile.in#2 integrate .. //depot/projects/mpsafetty/contrib/openbsm/sys/bsm/audit.h#2 integrate .. //depot/projects/mpsafetty/contrib/openbsm/sys/bsm/audit_errno.h#1 branch .. //depot/projects/mpsafetty/contrib/openbsm/sys/bsm/audit_internal.h#2 integrate .. //depot/projects/mpsafetty/contrib/openbsm/sys/bsm/audit_kevents.h#2 integrate .. //depot/projects/mpsafetty/contrib/openbsm/sys/bsm/audit_record.h#2 integrate .. //depot/projects/mpsafetty/contrib/openbsm/test/Makefile.in#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/test/bsm/Makefile.in#3 integrate .. //depot/projects/mpsafetty/contrib/openbsm/test/bsm/generate.c#2 integrate .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/E2BIG_record#1 branch .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/EACCES_record#1 branch .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/EBADF_record#1 branch .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/EBUSY_record#1 branch .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/ECHILD_record#1 branch .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/EDEADLK_record#1 branch .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/EEXIST_record#1 branch .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/EFAULT_record#1 branch .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/EFBIG_record#1 branch .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/EINTR_record#1 branch .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/EINVAL_record#1 branch .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/EIO_record#1 branch .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/EISDIR_record#1 branch .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/EMFILE_record#1 branch .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/EMLINK_record#1 branch .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/ENFILE_record#1 branch .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/ENODEV_record#1 branch .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/ENOENT_record#1 branch .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/ENOEXEC_record#1 branch .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/ENOMEM_record#1 branch .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/ENOSPC_record#1 branch .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/ENOTBLK_record#1 branch .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/ENOTDIR_record#1 branch .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/ENOTTY_record#1 branch .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/ENXIO_record#1 branch .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/EPERM_record#1 branch .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/EPIPE_record#1 branch .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/EROFS_record#1 branch .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/ESPIPE_record#1 branch .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/ESRCH_record#1 branch .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/ETXTBSY_record#1 branch .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/EXDEV_record#1 branch .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/arg32_record#2 integrate .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/data_record#2 integrate .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/file_record#2 integrate .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/header32_token#2 integrate .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/in_addr_record#2 integrate .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/ip_record#2 integrate .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/ipc_record#2 integrate .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/iport_record#2 integrate .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/opaque_record#2 integrate .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/path_record#2 integrate .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/process32_record#2 integrate .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/process32ex_record-IPv4#2 integrate .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/process32ex_record-IPv6#2 integrate .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/process64_record#2 integrate .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/process64ex_record-IPv4#2 integrate .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/process64ex_record-IPv6#2 integrate .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/return32_record#2 integrate .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/return32_token#2 integrate .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/seq_record#2 integrate .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/socketex_record#1 branch .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/socketex_token#1 branch .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/subject32_record#2 integrate .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/subject32ex_record#2 integrate .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/text_record#2 integrate .. //depot/projects/mpsafetty/contrib/openbsm/test/reference/zonename_record#2 integrate .. //depot/projects/mpsafetty/contrib/openbsm/tools/Makefile.in#3 integrate .. //depot/projects/mpsafetty/gnu/lib/libstdc++/Makefile#2 integrate .. //depot/projects/mpsafetty/gnu/usr.bin/man/manpath/manpath.config#2 integrate .. //depot/projects/mpsafetty/lib/Makefile#5 integrate .. //depot/projects/mpsafetty/lib/libauditd/Makefile#1 branch .. //depot/projects/mpsafetty/lib/libbsm/Makefile#2 integrate .. //depot/projects/mpsafetty/share/man/man4/cpuctl.4#2 integrate .. //depot/projects/mpsafetty/share/mk/bsd.libnames.mk#3 integrate .. //depot/projects/mpsafetty/sys/amd64/conf/USB2#1 branch .. //depot/projects/mpsafetty/sys/arm/conf/CAMBRIA#2 integrate .. //depot/projects/mpsafetty/sys/arm/conf/EP80219#6 integrate .. //depot/projects/mpsafetty/sys/arm/conf/HL200#6 integrate .. //depot/projects/mpsafetty/sys/arm/conf/IQ31244#5 integrate .. //depot/projects/mpsafetty/sys/arm/conf/NSLU#5 integrate .. //depot/projects/mpsafetty/sys/boot/i386/boot0/Makefile#3 integrate .. //depot/projects/mpsafetty/sys/boot/i386/boot0/boot0.S#4 integrate .. //depot/projects/mpsafetty/sys/bsm/audit.h#4 integrate .. //depot/projects/mpsafetty/sys/bsm/audit_errno.h#1 branch .. //depot/projects/mpsafetty/sys/bsm/audit_internal.h#5 integrate .. //depot/projects/mpsafetty/sys/bsm/audit_kevents.h#6 integrate .. //depot/projects/mpsafetty/sys/bsm/audit_record.h#5 integrate .. //depot/projects/mpsafetty/sys/compat/freebsd32/freebsd32_misc.c#9 integrate .. //depot/projects/mpsafetty/sys/compat/linprocfs/linprocfs.c#12 integrate .. //depot/projects/mpsafetty/sys/compat/linux/linux_misc.c#10 integrate .. //depot/projects/mpsafetty/sys/compat/ndis/kern_windrv.c#3 integrate .. //depot/projects/mpsafetty/sys/conf/files#39 integrate .. //depot/projects/mpsafetty/sys/dev/acpi_support/acpi_asus.c#5 integrate .. //depot/projects/mpsafetty/sys/dev/cardbus/cardbus.c#3 integrate .. //depot/projects/mpsafetty/sys/dev/usb/usbdevs#21 integrate .. //depot/projects/mpsafetty/sys/dev/usb/uscanner.c#4 integrate .. //depot/projects/mpsafetty/sys/dev/xen/blkfront/blkfront.c#7 integrate .. //depot/projects/mpsafetty/sys/dev/xen/console/console.c#10 integrate .. //depot/projects/mpsafetty/sys/dev/xen/console/xencons_ring.c#3 integrate .. //depot/projects/mpsafetty/sys/dev/xen/evtchn/evtchn_dev.c#2 integrate .. //depot/projects/mpsafetty/sys/dev/xen/netfront/netfront.c#8 integrate .. //depot/projects/mpsafetty/sys/fs/procfs/procfs_map.c#6 integrate .. //depot/projects/mpsafetty/sys/fs/pseudofs/pseudofs_vncache.c#3 integrate .. //depot/projects/mpsafetty/sys/fs/pseudofs/pseudofs_vnops.c#5 integrate .. //depot/projects/mpsafetty/sys/i386/conf/USB2#1 branch .. //depot/projects/mpsafetty/sys/i386/conf/XEN#7 integrate .. //depot/projects/mpsafetty/sys/i386/i386/genassym.c#4 integrate .. //depot/projects/mpsafetty/sys/i386/i386/machdep.c#7 integrate .. //depot/projects/mpsafetty/sys/i386/i386/vm_machdep.c#7 integrate .. //depot/projects/mpsafetty/sys/i386/ibcs2/ibcs2_sysi86.c#2 integrate .. //depot/projects/mpsafetty/sys/i386/include/xen/evtchn.h#4 delete .. //depot/projects/mpsafetty/sys/i386/include/xen/hypervisor.h#2 delete .. //depot/projects/mpsafetty/sys/i386/include/xen/xen_intr.h#4 delete .. //depot/projects/mpsafetty/sys/i386/include/xen/xenfunc.h#4 integrate .. //depot/projects/mpsafetty/sys/i386/isa/npx.c#3 integrate .. //depot/projects/mpsafetty/sys/i386/xen/clock.c#6 integrate .. //depot/projects/mpsafetty/sys/i386/xen/mp_machdep.c#8 integrate .. //depot/projects/mpsafetty/sys/i386/xen/mptable.c#2 integrate .. //depot/projects/mpsafetty/sys/i386/xen/pmap.c#7 integrate .. //depot/projects/mpsafetty/sys/i386/xen/xen_machdep.c#13 integrate .. //depot/projects/mpsafetty/sys/kern/kern_descrip.c#10 integrate .. //depot/projects/mpsafetty/sys/kern/kern_jail.c#8 integrate .. //depot/projects/mpsafetty/sys/kern/kern_proc.c#16 integrate .. //depot/projects/mpsafetty/sys/kern/kern_sysctl.c#4 integrate .. //depot/projects/mpsafetty/sys/kern/kern_xxx.c#5 integrate .. //depot/projects/mpsafetty/sys/kern/subr_param.c#6 integrate .. //depot/projects/mpsafetty/sys/kern/uipc_usrreq.c#5 integrate .. //depot/projects/mpsafetty/sys/kern/vfs_cache.c#11 integrate .. //depot/projects/mpsafetty/sys/kern/vfs_export.c#6 integrate .. //depot/projects/mpsafetty/sys/mips/mips/elf64_machdep.c#1 branch .. //depot/projects/mpsafetty/sys/netinet/in.c#10 integrate .. //depot/projects/mpsafetty/sys/netipsec/ipsec.c#11 integrate .. //depot/projects/mpsafetty/sys/security/audit/audit_bsm.c#6 integrate .. //depot/projects/mpsafetty/sys/security/audit/audit_bsm_errno.c#1 branch .. //depot/projects/mpsafetty/sys/security/audit/audit_bsm_token.c#6 integrate .. //depot/projects/mpsafetty/sys/sys/copyright.h#3 integrate .. //depot/projects/mpsafetty/sys/vm/vm_map.c#2 integrate .. //depot/projects/mpsafetty/sys/vm/vm_map.h#2 integrate .. //depot/projects/mpsafetty/sys/xen/evtchn.h#1 branch .. //depot/projects/mpsafetty/sys/xen/evtchn/evtchn.c#6 integrate .. //depot/projects/mpsafetty/sys/xen/evtchn/evtchn_dev.c#3 integrate .. //depot/projects/mpsafetty/sys/xen/features.c#2 integrate .. //depot/projects/mpsafetty/sys/xen/gnttab.c#5 integrate .. //depot/projects/mpsafetty/sys/xen/gnttab.h#4 integrate .. //depot/projects/mpsafetty/sys/xen/hypervisor.h#1 branch .. //depot/projects/mpsafetty/sys/xen/xen_intr.h#1 branch .. //depot/projects/mpsafetty/sys/xen/xenbus/xenbus_client.c#5 integrate .. //depot/projects/mpsafetty/sys/xen/xenbus/xenbus_comms.c#5 integrate .. //depot/projects/mpsafetty/sys/xen/xenbus/xenbus_comms.h#4 integrate .. //depot/projects/mpsafetty/sys/xen/xenbus/xenbus_dev.c#5 integrate .. //depot/projects/mpsafetty/sys/xen/xenbus/xenbus_probe.c#6 integrate .. //depot/projects/mpsafetty/sys/xen/xenbus/xenbus_probe_backend.c#5 integrate .. //depot/projects/mpsafetty/sys/xen/xenbus/xenbus_xs.c#7 integrate .. //depot/projects/mpsafetty/sys/xen/xenbus/xenbusvar.h#2 integrate .. //depot/projects/mpsafetty/usr.bin/fstat/zfs.c#2 integrate .. //depot/projects/mpsafetty/usr.bin/make/for.c#2 integrate .. //depot/projects/mpsafetty/usr.bin/make/job.c#5 integrate .. //depot/projects/mpsafetty/usr.bin/make/job.h#3 integrate .. //depot/projects/mpsafetty/usr.bin/make/main.c#4 integrate .. //depot/projects/mpsafetty/usr.bin/make/make.1#4 integrate .. //depot/projects/mpsafetty/usr.bin/make/make.h#2 integrate .. //depot/projects/mpsafetty/usr.bin/make/parse.c#2 integrate .. //depot/projects/mpsafetty/usr.bin/make/suff.c#2 integrate .. //depot/projects/mpsafetty/usr.bin/netstat/main.c#4 integrate .. //depot/projects/mpsafetty/usr.bin/netstat/unix.c#2 integrate .. //depot/projects/mpsafetty/usr.bin/procstat/procstat.c#2 integrate .. //depot/projects/mpsafetty/usr.bin/procstat/procstat_args.c#2 integrate .. //depot/projects/mpsafetty/usr.bin/procstat/procstat_basic.c#2 integrate .. //depot/projects/mpsafetty/usr.bin/procstat/procstat_bin.c#2 integrate .. //depot/projects/mpsafetty/usr.bin/procstat/procstat_cred.c#2 integrate .. //depot/projects/mpsafetty/usr.bin/procstat/procstat_files.c#6 integrate .. //depot/projects/mpsafetty/usr.bin/procstat/procstat_kstack.c#2 integrate .. //depot/projects/mpsafetty/usr.bin/procstat/procstat_threads.c#2 integrate .. //depot/projects/mpsafetty/usr.bin/procstat/procstat_vm.c#4 integrate .. //depot/projects/mpsafetty/usr.sbin/auditd/Makefile#3 integrate .. //depot/projects/mpsafetty/usr.sbin/cpucontrol/cpucontrol.8#2 integrate .. //depot/projects/mpsafetty/usr.sbin/gssd/Makefile#2 integrate .. //depot/projects/mpsafetty/usr.sbin/sade/disks.c#2 integrate .. //depot/projects/mpsafetty/usr.sbin/sysinstall/disks.c#2 integrate .. //depot/projects/mpsafetty/usr.sbin/sysinstall/sysinstall.8#4 integrate .. //depot/projects/mpsafetty/usr.sbin/usbdevs/usbdevs.c#2 integrate Differences ... ==== //depot/projects/mpsafetty/COPYRIGHT#3 (text+ko) ==== @@ -1,10 +1,10 @@ -# $FreeBSD: src/COPYRIGHT,v 1.10 2008/11/28 19:21:10 imp Exp $ +# $FreeBSD: src/COPYRIGHT,v 1.11 2008/12/30 04:46:25 imp Exp $ # @(#)COPYRIGHT 8.2 (Berkeley) 3/21/94 The compilation of software known as FreeBSD is distributed under the following terms: -Copyright (C) 1992-2008 The FreeBSD Project. All rights reserved. +Copyright (c) 1992-2009 The FreeBSD Project. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions ==== //depot/projects/mpsafetty/cddl/contrib/opensolaris/cmd/zinject/zinject.c#2 (text+ko) ==== @@ -146,6 +146,7 @@ #include <unistd.h> #include <sys/fs/zfs.h> +#include <sys/param.h> #include <sys/mount.h> #include <libzfs.h> ==== //depot/projects/mpsafetty/contrib/openbsm/Makefile.am#3 (text) ==== @@ -1,15 +1,23 @@ # -# $P4: //depot/projects/trustedbsd/openbsm/Makefile.am#3 $ +# $P4: //depot/projects/trustedbsd/openbsm/Makefile.am#4 $ # SUBDIRS = \ - bsm \ + bsm + +if HAVE_AUDIT_SYSCALLS +SUBDIRS += \ + libauditd +endif + +SUBDIRS += \ libbsm \ bin \ man \ modules \ sys + EXTRA_DIST = \ CHANGELOG \ LICENSE \ ==== //depot/projects/mpsafetty/contrib/openbsm/Makefile.in#3 (text) ==== @@ -15,7 +15,7 @@ @SET_MAKE@ # -# $P4: //depot/projects/trustedbsd/openbsm/Makefile.in#8 $ +# $P4: //depot/projects/trustedbsd/openbsm/Makefile.in#9 $ # VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ @@ -35,6 +35,9 @@ POST_UNINSTALL = : build_triplet = @build@ host_triplet = @host@ +@HAVE_AUDIT_SYSCALLS_TRUE@am__append_1 = \ +@HAVE_AUDIT_SYSCALLS_TRUE@ libauditd + subdir = . DIST_COMMON = README $(am__configure_deps) $(srcdir)/Makefile.am \ $(srcdir)/Makefile.in $(top_srcdir)/config/config.h.in \ @@ -63,7 +66,7 @@ distclean-recursive maintainer-clean-recursive ETAGS = etags CTAGS = ctags -DIST_SUBDIRS = $(SUBDIRS) +DIST_SUBDIRS = bsm libauditd libbsm bin man modules sys DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) distdir = $(PACKAGE)-$(VERSION) top_distdir = $(distdir) @@ -183,14 +186,7 @@ target_alias = @target_alias@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -SUBDIRS = \ - bsm \ - libbsm \ - bin \ - man \ - modules \ - sys - +SUBDIRS = bsm $(am__append_1) libbsm bin man modules sys EXTRA_DIST = \ CHANGELOG \ LICENSE \ ==== //depot/projects/mpsafetty/contrib/openbsm/NEWS#2 (text) ==== @@ -1,5 +1,50 @@ OpenBSM Version History +OpenBSM 1.1 alpha 4 + +- With the addition of BSM error number mapping, we also need to map the + local error number passed to audit_submit(3) to a BSM error number, rather + than have the caller perform that conversion. +- Reallocate user audit events to avoid collisions with Solaris; adopt a more + formal allocation scheme, and add some events allocated in Solaris that + will be of immediate use on other platforms. +- Add an event for Calife. +- Add au_strerror(3), which allows generating strings for BSM errors + directly, rather than requiring applications to map to the local error + space, which might not be able to entirely represent the BSM error number + space. +- Major auditd rewrite for launchd(8) support. Add libauditd library that is + shared between launchd and auditd. +- Add AUDIT_TRIGGER_INITIALIZE trigger (sent via 'audit -i') for (re)starting + auditing under launchd(8) on Mac OS X. +- Add 'current' symlink to active audit trail. +- Add crash recovery of previous audit trail file when detected on audit + startup that it has not been properly terminated. +- Add the event AUE_audit_recovery to indicated when an audit trail file has + been recovered from not being properly terminated. This event is stored + in the new audit trail file and includes the path of recovered audit trail + file. +- Mac OS X and FreeBSD dependent code in auditd.c is separated into + auditd_darwin.c and auditd_fbsd.c files. +- Add an event for the posix_spawn(2) and fsgetpath(2) Mac OS X system calls. +- For Mac OS X, we use ASL(3) instead of syslog(3) for logging. +- Add support for NOTICE level logging. + +OpenBSM 1.1 alpha 3 + +- Add two new functions, au_bsm_to_errno() and au_errno_to_bsm(), to map + between BSM error numbers (largely the Solaris definitions) and local + errno(2) values for 32-bit and 64-bit return tokens. This is required as + operating systems don't agree on some of the values of more recent error + numbers. +- Fix a bug how au_to_exec_args(3) and au_to_exec_env(3) calculates the total + size for the token. This bug resulted in "unknown" tokens being printed + after the exec args/env tokens. +- Support for AUT_SOCKET_EX extended socket tokens, which describe a socket + using a pair of IPv4/IPv6 and port tuples. +- OpenBSM BSM file header version bumped for 1.1 release. +- Deprecated Darwin constants, such as TRAILER_PAD_MAGIC, removed. + OpenBSM 1.1 alpha 2 - Include files in OpenBSM are now broken out into two parts: library builds @@ -348,4 +393,4 @@ to support reloading of kernel event table. - Allow comments in /etc/security configuration files. -$P4: //depot/projects/trustedbsd/openbsm/NEWS#9 $ +$P4: //depot/projects/trustedbsd/openbsm/NEWS#21 $ ==== //depot/projects/mpsafetty/contrib/openbsm/README#3 (text) ==== @@ -1,4 +1,4 @@ -OpenBSM 1.1 alpha 1 +OpenBSM 1.1 alpha 4 Introduction @@ -19,6 +19,7 @@ bsm/ Library include files for BSM compat/ Compatibility code to build on various OS's etc/ Sample /etc/security configuration files + libauditd Common audit management functions for auditd and launchd libbsm/ Implementation of BSM library interfaces and man pages man/ System call and configuration file man pages modules/ Directory for auditfilterd module source @@ -55,4 +56,4 @@ http://www.TrustedBSD.org/ -$P4: //depot/projects/trustedbsd/openbsm/README#32 $ +$P4: //depot/projects/trustedbsd/openbsm/README#34 $ ==== //depot/projects/mpsafetty/contrib/openbsm/TODO#3 (text) ==== @@ -20,5 +20,7 @@ - Document audit_warn event arguments. - Allow the path /etc/security to be configured at configure-time so that alternative locations can be used. +- NLS support for au_strerror(3), which provides error strings for BSM errors + not available on the local OS platform. -$P4: //depot/projects/trustedbsd/openbsm/TODO#11 $ +$P4: //depot/projects/trustedbsd/openbsm/TODO#12 $ ==== //depot/projects/mpsafetty/contrib/openbsm/VERSION#3 (text) ==== @@ -1,1 +1,1 @@ -OPENBSM_1_1_ALPHA_2 +OPENBSM_1_1_ALPHA_4 ==== //depot/projects/mpsafetty/contrib/openbsm/bin/Makefile.in#3 (text) ==== @@ -15,7 +15,7 @@ @SET_MAKE@ # -# $P4: //depot/projects/trustedbsd/openbsm/bin/Makefile.in#8 $ +# $P4: //depot/projects/trustedbsd/openbsm/bin/Makefile.in#10 $ # VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ ==== //depot/projects/mpsafetty/contrib/openbsm/bin/audit/Makefile.am#3 (text) ==== @@ -1,5 +1,5 @@ # -# $P4: //depot/projects/trustedbsd/openbsm/bin/audit/Makefile.am#4 $ +# $P4: //depot/projects/trustedbsd/openbsm/bin/audit/Makefile.am#6 $ # if USE_NATIVE_INCLUDES @@ -13,11 +13,11 @@ man8_MANS = audit.8 if USE_MACH_IPC -audit_SOURCES = auditd_control_user.c audit.c -CLEANFILES = auditd_control_user.c auditd_control_user.h +audit_SOURCES = auditd_controlUser.c audit.c +CLEANFILES = auditd_controlUser.c auditd_control.h -auditd_control_user.c: $(top_srcdir)/bin/auditd/auditd_control.defs - $(MIG) -user auditd_control_user.c -header auditd_control_user.h -server /dev/null -sheader /dev/null $(top_srcdir)/bin/auditd/auditd_control.defs +auditd_controlUser.c auditd_control.h: $(top_srcdir)/bin/auditd/auditd_control.defs + $(MIG) -user auditd_controlUser.c -header auditd_control.h -server /dev/null -sheader /dev/null $(top_srcdir)/bin/auditd/auditd_control.defs else audit_SOURCES = audit.c endif ==== //depot/projects/mpsafetty/contrib/openbsm/bin/audit/Makefile.in#3 (text) ==== @@ -15,7 +15,7 @@ @SET_MAKE@ # -# $P4: //depot/projects/trustedbsd/openbsm/bin/audit/Makefile.in#9 $ +# $P4: //depot/projects/trustedbsd/openbsm/bin/audit/Makefile.in#11 $ # VPATH = @srcdir@ @@ -49,9 +49,9 @@ am__installdirs = "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(man8dir)" sbinPROGRAMS_INSTALL = $(INSTALL_PROGRAM) PROGRAMS = $(sbin_PROGRAMS) -am__audit_SOURCES_DIST = audit.c auditd_control_user.c +am__audit_SOURCES_DIST = audit.c auditd_controlUser.c @USE_MACH_IPC_FALSE@am_audit_OBJECTS = audit.$(OBJEXT) -@USE_MACH_IPC_TRUE@am_audit_OBJECTS = auditd_control_user.$(OBJEXT) \ +@USE_MACH_IPC_TRUE@am_audit_OBJECTS = auditd_controlUser.$(OBJEXT) \ @USE_MACH_IPC_TRUE@ audit.$(OBJEXT) audit_OBJECTS = $(am_audit_OBJECTS) audit_DEPENDENCIES = $(top_builddir)/libbsm/libbsm.la @@ -188,8 +188,8 @@ audit_LDADD = $(top_builddir)/libbsm/libbsm.la man8_MANS = audit.8 @USE_MACH_IPC_FALSE@audit_SOURCES = audit.c -@USE_MACH_IPC_TRUE@audit_SOURCES = auditd_control_user.c audit.c -@USE_MACH_IPC_TRUE@CLEANFILES = auditd_control_user.c auditd_control_user.h +@USE_MACH_IPC_TRUE@audit_SOURCES = auditd_controlUser.c audit.c +@USE_MACH_IPC_TRUE@CLEANFILES = auditd_controlUser.c auditd_control.h all: all-am .SUFFIXES: @@ -262,7 +262,7 @@ -rm -f *.tab.c @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/audit.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/auditd_control_user.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/auditd_controlUser.Po@am__quote@ .c.o: @am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< @@ -521,8 +521,8 @@ uninstall-sbinPROGRAMS -@USE_MACH_IPC_TRUE@auditd_control_user.c: $(top_srcdir)/bin/auditd/auditd_control.defs -@USE_MACH_IPC_TRUE@ $(MIG) -user auditd_control_user.c -header auditd_control_user.h -server /dev/null -sheader /dev/null $(top_srcdir)/bin/auditd/auditd_control.defs +@USE_MACH_IPC_TRUE@auditd_controlUser.c auditd_control.h: $(top_srcdir)/bin/auditd/auditd_control.defs +@USE_MACH_IPC_TRUE@ $(MIG) -user auditd_controlUser.c -header auditd_control.h -server /dev/null -sheader /dev/null $(top_srcdir)/bin/auditd/auditd_control.defs # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: ==== //depot/projects/mpsafetty/contrib/openbsm/bin/audit/audit.8#3 (text) ==== @@ -25,9 +25,9 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $P4: //depot/projects/trustedbsd/openbsm/bin/audit/audit.8#11 $ +.\" $P4: //depot/projects/trustedbsd/openbsm/bin/audit/audit.8#13 $ .\" -.Dd October 2, 2006 +.Dd December 11, 2008 .Dt AUDIT 8 .Os .Sh NAME @@ -35,7 +35,7 @@ .Nd audit management utility .Sh SYNOPSIS .Nm -.Fl n | s | t +.Fl i | n | s | t .Sh DESCRIPTION The .Nm @@ -43,6 +43,13 @@ One of the following flags is required as an argument to .Nm : .Bl -tag -width indent +.It Fl i +Initializes and starts auditing. +This option is currently for Mac OS X only +and requires +.Xr auditd 8 +to be configured to run under +.Xr launchd 8 . .It Fl n Forces the audit system to close the existing audit log file and rotate to a new log file in a location specified in the audit control file. @@ -59,6 +66,13 @@ The .Xr auditd 8 daemon must already be running. +Optionally, it can be configured to be started +on-demand by +.Xr launchd 8 +(Mac OS X only). +The +.Nm +utility requires audit administrator privileges for successful operation. .Sh FILES .Bl -tag -width ".Pa /etc/security/audit_control" -compact .It Pa /etc/security/audit_control @@ -67,7 +81,8 @@ .Sh SEE ALSO .Xr audit 4 , .Xr audit_control 5 , -.Xr auditd 8 +.Xr auditd 8 , +.Xr launchd 8 .Sh HISTORY The OpenBSM implementation was created by McAfee Research, the security division of McAfee Inc., under contract to Apple Computer Inc.\& in 2004. ==== //depot/projects/mpsafetty/contrib/openbsm/bin/audit/audit.c#3 (text) ==== @@ -26,7 +26,7 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/bin/audit/audit.c#11 $ + * $P4: //depot/projects/trustedbsd/openbsm/bin/audit/audit.c#13 $ */ /* * Program to trigger the audit daemon with a message that is either: @@ -47,6 +47,7 @@ #include <bsm/libbsm.h> +#include <errno.h> #include <fcntl.h> #include <stdio.h> #include <stdlib.h> @@ -64,7 +65,15 @@ #include <mach/host_special_ports.h> #include <servers/bootstrap.h> -#include "auditd_control_user.h" +#include "auditd_control.h" + +/* + * XXX the following is temporary until this can be added to the kernel + * audit.h header. + */ +#ifndef AUDIT_TRIGGER_INITIALIZE +#define AUDIT_TRIGGER_INITIALIZE 7 +#endif static int send_trigger(unsigned int trigger) @@ -74,7 +83,12 @@ error = host_get_audit_control_port(mach_host_self(), &serverPort); if (error != KERN_SUCCESS) { - mach_error("Cannot get auditd_control Mach port: ", error); + if (geteuid() != 0) { + errno = EPERM; + perror("audit requires root privileges"); + } else + mach_error("Cannot get auditd_control Mach port:", + error); return (-1); } @@ -96,7 +110,10 @@ error = auditon(A_SENDTRIGGER, &trigger, sizeof(trigger)); if (error != 0) { - perror("Error sending trigger"); + if (error == EPERM) + perror("audit requires root privileges"); + else + perror("Error sending trigger"); return (-1); } @@ -108,7 +125,7 @@ usage(void) { - (void)fprintf(stderr, "Usage: audit -n | -s | -t \n"); + (void)fprintf(stderr, "Usage: audit -i | -n | -s | -t \n"); exit(-1); } @@ -124,9 +141,13 @@ if (argc != 2) usage(); - while ((ch = getopt(argc, argv, "nst")) != -1) { + while ((ch = getopt(argc, argv, "inst")) != -1) { switch(ch) { + case 'i': + trigger = AUDIT_TRIGGER_INITIALIZE; + break; + case 'n': trigger = AUDIT_TRIGGER_ROTATE_USER; break; ==== //depot/projects/mpsafetty/contrib/openbsm/bin/auditd/Makefile.am#3 (text) ==== @@ -1,5 +1,5 @@ # -# $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/Makefile.am#4 $ +# $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/Makefile.am#5 $ # if USE_NATIVE_INCLUDES @@ -9,18 +9,18 @@ endif sbin_PROGRAMS = auditd -auditd_LDADD = $(top_builddir)/libbsm/libbsm.la +auditd_LDADD = $(top_builddir)/libbsm/libbsm.la $(top_builddir)/libauditd/libauditd.la man8_MANS = auditd.8 if USE_MACH_IPC -auditd_SOURCES = auditd_control_server.c audit_triggers_server.c audit_warn.c auditd.c -CLEANFILES = auditd_control_server.c auditd_control_server.h audit_triggers_server.c audit_triggers_server.h +auditd_SOURCES = auditd_controlServer.c audit_triggersServer.c audit_warn.c auditd.c auditd_darwin.c +CLEANFILES = auditd_control_server.c auditd_controlServer.h audit_triggersServer.c audit_triggersServer.h -auditd_control_server.c: auditd_control.defs - $(MIG) -user /dev/null -header /dev/null -server auditd_control_server.c -sheader auditd_control_server.h $(top_srcdir)/bin/auditd/auditd_control.defs +auditd_controlServer.c auditd_controlServer.h: auditd_control.defs + $(MIG) -user /dev/null -header /dev/null -server auditd_controlServer.c -sheader auditd_controlServer.h $(top_srcdir)/bin/auditd/auditd_control.defs -audit_triggers_server.c: audit_triggers.defs - $(MIG) -user /dev/null -header /dev/null -server audit_triggers_server.c -sheader audit_triggers_server.h $(top_srcdir)/bin/auditd/audit_triggers.defs +audit_triggersServer.c audit_triggersServer.h: audit_triggers.defs + $(MIG) -user /dev/null -header /dev/null -server audit_triggersServer.c -sheader audit_triggersServer.h $(top_srcdir)/bin/auditd/audit_triggers.defs else -auditd_SOURCES = audit_warn.c auditd.c +auditd_SOURCES = audit_warn.c auditd.c auditd_fbsd.c endif ==== //depot/projects/mpsafetty/contrib/openbsm/bin/auditd/Makefile.in#3 (text) ==== @@ -15,7 +15,7 @@ @SET_MAKE@ # -# $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/Makefile.in#9 $ +# $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/Makefile.in#10 $ # VPATH = @srcdir@ @@ -49,16 +49,17 @@ am__installdirs = "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(man8dir)" sbinPROGRAMS_INSTALL = $(INSTALL_PROGRAM) PROGRAMS = $(sbin_PROGRAMS) -am__auditd_SOURCES_DIST = audit_warn.c auditd.c \ - auditd_control_server.c audit_triggers_server.c +am__auditd_SOURCES_DIST = audit_warn.c auditd.c auditd_fbsd.c \ + auditd_controlServer.c audit_triggersServer.c auditd_darwin.c @USE_MACH_IPC_FALSE@am_auditd_OBJECTS = audit_warn.$(OBJEXT) \ -@USE_MACH_IPC_FALSE@ auditd.$(OBJEXT) -@USE_MACH_IPC_TRUE@am_auditd_OBJECTS = \ -@USE_MACH_IPC_TRUE@ auditd_control_server.$(OBJEXT) \ -@USE_MACH_IPC_TRUE@ audit_triggers_server.$(OBJEXT) \ -@USE_MACH_IPC_TRUE@ audit_warn.$(OBJEXT) auditd.$(OBJEXT) +@USE_MACH_IPC_FALSE@ auditd.$(OBJEXT) auditd_fbsd.$(OBJEXT) +@USE_MACH_IPC_TRUE@am_auditd_OBJECTS = auditd_controlServer.$(OBJEXT) \ +@USE_MACH_IPC_TRUE@ audit_triggersServer.$(OBJEXT) \ +@USE_MACH_IPC_TRUE@ audit_warn.$(OBJEXT) auditd.$(OBJEXT) \ +@USE_MACH_IPC_TRUE@ auditd_darwin.$(OBJEXT) auditd_OBJECTS = $(am_auditd_OBJECTS) -auditd_DEPENDENCIES = $(top_builddir)/libbsm/libbsm.la +auditd_DEPENDENCIES = $(top_builddir)/libbsm/libbsm.la \ + $(top_builddir)/libauditd/libauditd.la DEFAULT_INCLUDES = -I. -I$(top_builddir)/config@am__isrc@ depcomp = $(SHELL) $(top_srcdir)/config/depcomp am__depfiles_maybe = depfiles @@ -189,11 +190,11 @@ top_srcdir = @top_srcdir@ @USE_NATIVE_INCLUDES_FALSE@INCLUDES = -I$(top_builddir) -I$(top_srcdir) -I$(top_srcdir)/sys @USE_NATIVE_INCLUDES_TRUE@INCLUDES = -I$(top_builddir) -I$(top_srcdir) -auditd_LDADD = $(top_builddir)/libbsm/libbsm.la +auditd_LDADD = $(top_builddir)/libbsm/libbsm.la $(top_builddir)/libauditd/libauditd.la man8_MANS = auditd.8 -@USE_MACH_IPC_FALSE@auditd_SOURCES = audit_warn.c auditd.c -@USE_MACH_IPC_TRUE@auditd_SOURCES = auditd_control_server.c audit_triggers_server.c audit_warn.c auditd.c -@USE_MACH_IPC_TRUE@CLEANFILES = auditd_control_server.c auditd_control_server.h audit_triggers_server.c audit_triggers_server.h +@USE_MACH_IPC_FALSE@auditd_SOURCES = audit_warn.c auditd.c auditd_fbsd.c +@USE_MACH_IPC_TRUE@auditd_SOURCES = auditd_controlServer.c audit_triggersServer.c audit_warn.c auditd.c auditd_darwin.c +@USE_MACH_IPC_TRUE@CLEANFILES = auditd_control_server.c auditd_controlServer.h audit_triggersServer.c audit_triggersServer.h all: all-am .SUFFIXES: @@ -265,10 +266,12 @@ distclean-compile: -rm -f *.tab.c -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/audit_triggers_server.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/audit_triggersServer.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/audit_warn.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/auditd.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/auditd_control_server.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/auditd_controlServer.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/auditd_darwin.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/auditd_fbsd.Po@am__quote@ .c.o: @am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< @@ -527,11 +530,11 @@ uninstall-sbinPROGRAMS -@USE_MACH_IPC_TRUE@auditd_control_server.c: auditd_control.defs -@USE_MACH_IPC_TRUE@ $(MIG) -user /dev/null -header /dev/null -server auditd_control_server.c -sheader auditd_control_server.h $(top_srcdir)/bin/auditd/auditd_control.defs +@USE_MACH_IPC_TRUE@auditd_controlServer.c auditd_controlServer.h: auditd_control.defs +@USE_MACH_IPC_TRUE@ $(MIG) -user /dev/null -header /dev/null -server auditd_controlServer.c -sheader auditd_controlServer.h $(top_srcdir)/bin/auditd/auditd_control.defs -@USE_MACH_IPC_TRUE@audit_triggers_server.c: audit_triggers.defs -@USE_MACH_IPC_TRUE@ $(MIG) -user /dev/null -header /dev/null -server audit_triggers_server.c -sheader audit_triggers_server.h $(top_srcdir)/bin/auditd/audit_triggers.defs +@USE_MACH_IPC_TRUE@audit_triggersServer.c audit_triggersServer.h: audit_triggers.defs +@USE_MACH_IPC_TRUE@ $(MIG) -user /dev/null -header /dev/null -server audit_triggersServer.c -sheader audit_triggersServer.h $(top_srcdir)/bin/auditd/audit_triggers.defs # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: ==== //depot/projects/mpsafetty/contrib/openbsm/bin/auditd/audit_warn.c#3 (text) ==== @@ -26,7 +26,7 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/audit_warn.c#9 $ + * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/audit_warn.c#10 $ */ #include <sys/types.h> @@ -71,20 +71,15 @@ } /* - * Indicates that the hard limit for all filesystems has been exceeded count - * times. + * Indicates that the hard limit for all filesystems has been exceeded. */ int -audit_warn_allhard(int count) +audit_warn_allhard(void) { - char intstr[12]; - char *args[3]; - - snprintf(intstr, 12, "%d", count); + char *args[2]; args[0] = HARDLIM_ALL_WARN; - args[1] = intstr; - args[2] = NULL; + args[1] = NULL; return (auditwarnlog(args)); } ==== //depot/projects/mpsafetty/contrib/openbsm/bin/auditd/auditd.8#3 (text) ==== @@ -25,9 +25,9 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.8#14 $ +.\" $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.8#16 $ .\" -.Dd October 2, 2006 +.Dd December 11, 2008 .Dt AUDITD 8 .Os .Sh NAME @@ -35,7 +35,7 @@ .Nd audit log management daemon .Sh SYNOPSIS .Nm -.Op Fl d +.Op Fl d | l .Sh DESCRIPTION The .Nm @@ -50,7 +50,16 @@ .Bl -tag -width indent .It Fl d Starts the daemon in debug mode \[em] it will not daemonize. +.It Fl l +This option is for when +.Nm +is configured to start on-demand using +.Xr launchd 8 . .El +.Pp +Optionally, the audit review group "audit" may be created. +Non-privileged +users that are members of this group may read the audit trail log files. .Sh NOTE To assure uninterrupted audit support, the .Nm @@ -63,20 +72,33 @@ .Pa audit_control file. .Pp -.\" Sending a -.\" .Dv SIGHUP -.\" to a running -.\" .Nm -.\" daemon will force it to exit. -Sending a -.Dv SIGTERM -to a running +If +.Nm +is started on-demand by +.Xr launchd 8 +then auditing should only be started and stopped with +.Xr audit 8 . +.Pp +On Mac OS X, .Nm -daemon will force it to exit. +uses the +.Xr asl 3 +API for writing system log messages. +Therefore, only the audit administrator +and members of the audit review group will be able to read the +system log entries. .Sh FILES -.Bl -tag -width ".Pa /var/audit" -compact +.Bl -tag -width ".Pa /etc/security" -compact .It Pa /var/audit Default directory for storing audit log files. +.Pp +.It Pa /etc/security +The directory containing the auditing configuration files +.Xr audit_class 5 , +.Xr audit_control 5 , +.Xr audit_event 5 , +and +.Xr audit_warn 5 . .El .Sh COMPATIBILITY The historical @@ -92,9 +114,14 @@ and are no longer available as arguments to .Nm . .Sh SEE ALSO +.Xr asl 3 , .Xr audit 4 , +.Xr audit_class 5 , .Xr audit_control 5 , -.Xr audit 8 +.Xr audit_event 5 , +.Xr audit_warn 5 , +.Xr audit 8 , +.Xr launchd 8 .Sh HISTORY The OpenBSM implementation was created by McAfee Research, the security division of McAfee Inc., under contract to Apple Computer Inc.\& in 2004. ==== //depot/projects/mpsafetty/contrib/openbsm/bin/auditd/auditd.c#3 (text) ==== @@ -26,30 +26,29 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#39 $ + * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#40 $ */ -#include <sys/param.h> +#include <sys/types.h> #include <config/config.h> #include <sys/dirent.h> -#include <sys/mman.h> -#include <sys/socket.h> #ifdef HAVE_FULL_QUEUE_H #include <sys/queue.h> #else /* !HAVE_FULL_QUEUE_H */ #include <compat/queue.h> #endif /* !HAVE_FULL_QUEUE_H */ +#include <sys/mman.h> +#include <sys/param.h> #include <sys/stat.h> #include <sys/wait.h> #include <bsm/audit.h> #include <bsm/audit_uevents.h> +#include <bsm/auditd_lib.h> #include <bsm/libbsm.h> -#include <netinet/in.h> - #include <err.h> #include <errno.h> #include <fcntl.h> @@ -60,54 +59,54 @@ #include <unistd.h> #include <signal.h> #include <string.h> -#include <syslog.h> >>> TRUNCATED FOR MAIL (1000 lines) <<<help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200812311644.mBVGiLak027298>