Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 01 Dec 2012 22:06:32 +0100
From:      Andreas Tobler <andreast-list@fgznet.ch>
To:        Robert Watson <rwatson@freebsd.org>
Cc:        current@freebsd.org, security@freebsd.org
Subject:   Re: Distributed audit daemon committed (was: svn commit: r243752 - in head: etc etc/defaults etc/mail etc/mtree etc/rc.d share/man/man4 usr.sbin usr.sbin/auditdistd (fwd))
Message-ID:  <50BA7158.1040302@fgznet.ch>
In-Reply-To: <alpine.BSF.2.00.1212011512410.34256@fledge.watson.org>
References:  <alpine.BSF.2.00.1212011512410.34256@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
On 01.12.12 16:15, Robert Watson wrote:
> 
> Dear all:
> 
> I've now committed the build glue required to install the recently merged 
> Audit Distribution Daemon (auditdistd) contributed by the Pawel Dawidek, and 
> sponsored by the FreeBSD Foundation.  This allows individual hosts generating 
> audit trails to submit trails to a central audit server for review and safe 
> keeping.  Part of the goal is to ensure that a host submitting trail data 
> can't later modify the trails.  Pawel uses a variety of useful security- and 
> resilience-related features such as TLS, Capsicum, etc, in auditdistd.  As the 
> recent security incident in the FreeBSD.org cluster illustrated, having 
> reliable and detailed audit trails makes a big difference in forensic work, 
> and hopefully this will allow the FreeBSD Project (and our users) to do that 
> better in the future.

Aehm, hope it is ok to 'complain' here.

Happens when installing world.

cd /export/devel/fbsd/head/src;
/usr/obj/export/devel/fbsd/head/src/make.amd64/make -f Makefile.inc1
LOCAL_MTREE= hierarchy
cd /export/devel/fbsd/head/src/etc;	
/usr/obj/export/devel/fbsd/head/src/make.amd64/make distrib-dirs
mtree -eU  -f /export/devel/fbsd/head/src/etc/mtree/BSD.root.dist -p /
mtree -eU  -f /export/devel/fbsd/head/src/etc/mtree/BSD.var.dist -p /var
mtree: line 22: unknown user auditdistd
*** [distrib-dirs] Error code 1

Andreas

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?50BA7158.1040302>