From owner-p4-projects@FreeBSD.ORG  Tue Apr 14 20:29:19 2009
Return-Path: <owner-p4-projects@FreeBSD.ORG>
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id E23E11065786; Tue, 14 Apr 2009 20:29:18 +0000 (UTC)
Delivered-To: perforce@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 6E89F106576B
	for <perforce@FreeBSD.org>; Tue, 14 Apr 2009 20:29:18 +0000 (UTC)
	(envelope-from sson@FreeBSD.org)
Received: from repoman.freebsd.org (repoman.freebsd.org
	[IPv6:2001:4f8:fff6::29])
	by mx1.freebsd.org (Postfix) with ESMTP id 5A71C8FC08
	for <perforce@FreeBSD.org>; Tue, 14 Apr 2009 20:29:18 +0000 (UTC)
	(envelope-from sson@FreeBSD.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.14.3/8.14.3) with ESMTP id n3EKTIX9025843
	for <perforce@FreeBSD.org>; Tue, 14 Apr 2009 20:29:18 GMT
	(envelope-from sson@FreeBSD.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.14.3/8.14.3/Submit) id n3EKTINV025841
	for perforce@freebsd.org; Tue, 14 Apr 2009 20:29:18 GMT
	(envelope-from sson@FreeBSD.org)
Date: Tue, 14 Apr 2009 20:29:18 GMT
Message-Id: <200904142029.n3EKTINV025841@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	sson@FreeBSD.org using -f
From: Stacey Son <sson@FreeBSD.org>
To: Perforce Change Reviews <perforce@FreeBSD.org>
Cc: 
Subject: PERFORCE change 160640 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Apr 2009 20:29:23 -0000

http://perforce.freebsd.org/chv.cgi?CH=160640

Change 160640 by sson@sson_amd64 on 2009/04/14 20:29:05

	Adding AUE_ssauthmech event, the "aa" class, and changing
	flags to audit the aa event class by default.
	
	Sync sys/bsm/audit.h with darwin kernel version.
	
	Credit: Gary Hoo

Affected files ...

.. //depot/projects/trustedbsd/openbsm/bsm/audit_uevents.h#11 edit
.. //depot/projects/trustedbsd/openbsm/etc/audit_class#6 edit
.. //depot/projects/trustedbsd/openbsm/etc/audit_control#8 edit
.. //depot/projects/trustedbsd/openbsm/etc/audit_event#39 edit
.. //depot/projects/trustedbsd/openbsm/sys/bsm/audit.h#9 edit

Differences ...

==== //depot/projects/trustedbsd/openbsm/bsm/audit_uevents.h#11 (text+ko) ====

@@ -26,7 +26,7 @@
  * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
  * POSSIBILITY OF SUCH DAMAGE.
  *
- * $P4: //depot/projects/trustedbsd/openbsm/bsm/audit_uevents.h#10 $
+ * $P4: //depot/projects/trustedbsd/openbsm/bsm/audit_uevents.h#11 $
  */
 
 #ifndef _BSM_AUDIT_UEVENTS_H_
@@ -138,5 +138,6 @@
 #define	AUE_calife		45027		/* OpenBSM-allocated. */
 #define	AUE_sudo		45028		/* OpenBSM-allocated. */
 #define	AUE_audit_recovery	45029		/* OpenBSM-allocated. */
+#define	AUE_ssauthmech		45030		/* Darwin-specific. */
 
 #endif /* !_BSM_AUDIT_UEVENTS_H_ */

==== //depot/projects/trustedbsd/openbsm/etc/audit_class#6 (text+ko) ====

@@ -1,5 +1,5 @@
 #
-# $P4: //depot/projects/trustedbsd/openbsm/etc/audit_class#5 $
+# $P4: //depot/projects/trustedbsd/openbsm/etc/audit_class#6 $
 #
 0x00000000:no:invalid class
 0x00000001:fr:file read
@@ -15,6 +15,7 @@
 0x00000400:na:non attributable
 0x00000800:ad:administrative
 0x00001000:lo:login_logout
+0x00002000:aa:authentication and authorization
 0x00004000:ap:application
 0x20000000:io:ioctl
 0x40000000:ex:exec

==== //depot/projects/trustedbsd/openbsm/etc/audit_control#8 (text+ko) ====

@@ -1,10 +1,10 @@
 #
-# $P4: //depot/projects/trustedbsd/openbsm/etc/audit_control#7 $
+# $P4: //depot/projects/trustedbsd/openbsm/etc/audit_control#8 $
 #
 dir:/var/audit
-flags:lo
+flags:lo,aa
 minfree:5
-naflags:lo
+naflags:lo,aa
 policy:cnt,argv
 filesz:2M
 expire-after:10M

==== //depot/projects/trustedbsd/openbsm/etc/audit_event#39 (text+ko) ====

@@ -1,5 +1,5 @@
 #
-# $P4: //depot/projects/trustedbsd/openbsm/etc/audit_event#38 $
+# $P4: //depot/projects/trustedbsd/openbsm/etc/audit_event#39 $
 #
 # The mapping between event identifiers and values is also hard-coded in
 # audit_kevents.h and audit_uevents.h, so changes must occur in both places,
@@ -628,10 +628,10 @@
 6521:AUE_DARWIN_revoke_obj:revoke object priv:fm
 6600:AUE_DARWIN_lw_login:loginwindow login:lo
 6601:AUE_DARWIN_lw_logout:loginwindow logout:lo
-7000:AUE_DARWIN_auth_user:user authentication:ad
-7001:AUE_DARWIN_ssconn:SecSrvr connection setup:ad
-7002:AUE_DARWIN_ssauthorize:SecSrvr AuthEngine:ad
-7003:AUE_DARWIN_ssauthint:SecSrvr authinternal mech:ad
+7000:AUE_DARWIN_auth_user:user authentication:aa
+7001:AUE_DARWIN_ssconn:SecSrvr connection setup:aa
+7002:AUE_DARWIN_ssauthorize:SecSrvr AuthEngine:aa
+7003:AUE_DARWIN_ssauthint:SecSrvr authinternal mech:aa
 #
 # Historic/third-party application allocations of event identifiers.
 #
@@ -650,10 +650,11 @@
 45020:AUE_revoke_obj:revoke object priv:fm
 45021:AUE_lw_login:loginwindow login:lo
 45022:AUE_lw_logout:loginwindow logout:lo
-45023:AUE_auth_user:user authentication:ad
-45024:AUE_ssconn:SecSrvr connection setup:ad
-45025:AUE_ssauthorize:SecSrvr AuthEngine:ad
-45026:AUE_ssauthint:SecSrvr authinternal mech:ad
+45023:AUE_auth_user:user authentication:aa
+45024:AUE_ssconn:SecSrvr connection setup:aa
+45025:AUE_ssauthorize:SecSrvr AuthEngine:aa
+45026:AUE_ssauthint:SecSrvr authinternal mech:aa
 45027:AUE_calife:Calife:ad
-45028:AUE_sudo:sudo(1):ad
+45028:AUE_sudo:sudo(1):aa
 45029:AUE_audit_recovery:audit crash recovery:ad
+45030:AUE_ssauthmech:SecSrvr AuthMechanism:aa

==== //depot/projects/trustedbsd/openbsm/sys/bsm/audit.h#9 (text+ko) ====

@@ -26,7 +26,7 @@
  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  *
- * $P4: //depot/projects/trustedbsd/openbsm/sys/bsm/audit.h#8 $
+ * $P4: //depot/projects/trustedbsd/openbsm/sys/bsm/audit.h#9 $
  */
 
 #ifndef	_BSM_AUDIT_H
@@ -313,10 +313,10 @@
 int	getaudit_addr(struct auditinfo_addr *, int);
 int	setaudit_addr(const struct auditinfo_addr *, int);
 
-#ifdef	__APPLE_API_PRIVATE
+#ifdef __APPLE_API_PRIVATE
 #include <mach/port.h>
-mach_port_name_t	audit_session_self(void);
-au_asid_t		audit_sesison_join(mach_port_name_t port);
+mach_port_name_t audit_session_self(void);
+au_asid_t	 audit_session_join(mach_port_name_t port);
 #endif /* __APPLE_API_PRIVATE */
 
 #endif /* defined(_KERNEL) || defined(KERNEL) */