Date: Sat, 1 Aug 2020 00:05:31 +0530 From: Shivank Garg <shivank@freebsd.org> To: soc-status@freebsd.org Cc: Alan Somers <asomers@freebsd.org> Subject: [GSoC'20 Weekly Update] Adding audit(4) support to NFS Message-ID: <CAOVCmzGsPSQccyKYKSPcOFESNYVsGdf=gnyvxaQZMW93HWOSAQ@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Hi, This project aims to add audit(4) support to NFS, which will allow auditd(8) to just run on the NFS server and audit all activities within the NFS network. Audit works mostly on the syscall level and NFS is implemented within the kernel, which means the NFS RPCs don't generate any audit records on the server. Note that audit(4) can still be used on the NFS network but auditd(8) must run on every NFS client. This week I made the following progress: * make the TestSuite <https://github.com/shivankgarg98/NFSAuditTestSuite>; and /sys code ready for review. * Created a diff revision on phabricator for NFSv3 /sys code - https://reviews.freebsd.org/D25869 * Followed up on the suggested changes. Currently, I'm: * Fixing the AUDIT_NFSARG_UPATH1 to avoid unlocking/relocking of vnode for locked vnode, as it may cause problems. * Reading the NFSv4 code and RFC for the adding audit support to it. Please, do Check this project on Github: https://github.com/shivankgarg98/freebsd/tree/user/shivank/nfs_audit Project wiki: https://wiki.freebsd.org/SummerOfCode2020Projects/AddAuditSupportToNFS TestSuite: https://github.com/shivankgarg98/NFSAuditTestSuite Please feel free to share your ideas and feedback on this project. Best Regards, Shivank Garg
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAOVCmzGsPSQccyKYKSPcOFESNYVsGdf=gnyvxaQZMW93HWOSAQ>