From owner-p4-projects@FreeBSD.ORG Tue Nov 20 23:01:51 2012 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 71CC0340; Tue, 20 Nov 2012 23:01:51 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 16BE133E for ; Tue, 20 Nov 2012 23:01:51 +0000 (UTC) (envelope-from pjd@freebsd.org) Received: from skunkworks.freebsd.org (skunkworks.freebsd.org [IPv6:2001:4f8:fff6::2d]) by mx1.freebsd.org (Postfix) with ESMTP id F0F328FC16 for ; Tue, 20 Nov 2012 23:01:50 +0000 (UTC) Received: from skunkworks.freebsd.org (localhost [127.0.0.1]) by skunkworks.freebsd.org (8.14.5/8.14.5) with ESMTP id qAKN1oqk050034 for ; Tue, 20 Nov 2012 23:01:50 GMT (envelope-from pjd@freebsd.org) Received: (from perforce@localhost) by skunkworks.freebsd.org (8.14.5/8.14.5/Submit) id qAKN1oRf050031 for perforce@freebsd.org; Tue, 20 Nov 2012 23:01:50 GMT (envelope-from pjd@freebsd.org) Date: Tue, 20 Nov 2012 23:01:50 GMT Message-Id: <201211202301.qAKN1oRf050031@skunkworks.freebsd.org> X-Authentication-Warning: skunkworks.freebsd.org: perforce set sender to pjd@freebsd.org using -f From: Pawel Jakub Dawidek Subject: PERFORCE change 219821 for review To: Perforce Change Reviews Precedence: bulk X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.14 List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Nov 2012 23:01:51 -0000 http://p4web.freebsd.org/@@219821?ac=10 Change 219821 by pjd@pjd_anger on 2012/11/20 23:01:32 Move default location of the configuration file, certificate file and private key file from /etc/ to /etc/security/. Requested by: rwatson Affected files ... .. //depot/projects/trustedbsd/openbsm/bin/auditdistd/auditdistd.8#2 edit .. //depot/projects/trustedbsd/openbsm/bin/auditdistd/auditdistd.conf.5#2 edit .. //depot/projects/trustedbsd/openbsm/bin/auditdistd/auditdistd.h#2 edit Differences ... ==== //depot/projects/trustedbsd/openbsm/bin/auditdistd/auditdistd.8#2 (text+ko) ==== @@ -51,7 +51,7 @@ .It Fl c Ar config Specify alternative location of the configuration file. The default location is -.Pa /etc/auditdistd.conf . +.Pa /etc/security/auditdistd.conf . .It Fl d Print or log debugging information. This option can be specified multiple times to raise the verbosity @@ -77,8 +77,8 @@ .Pa /var/run/auditdistd.pid . .El .Sh FILES -.Bl -tag -width ".Pa /var/run/auditdistd.pid" -compact -.It Pa /etc/auditdistd.conf +.Bl -tag -width ".Pa /etc/security/auditdistd.conf" -compact +.It Pa /etc/security/auditdistd.conf The configuration file for .Nm . .It Pa /var/run/auditdistd.pid ==== //depot/projects/trustedbsd/openbsm/bin/auditdistd/auditdistd.conf.5#2 (text+ko) ==== @@ -126,11 +126,11 @@ directory "" # Path to receiver's certificate file. - # The default is "/etc/auditdistd.cert.pem". + # The default is "/etc/security/auditdistd.cert.pem". certfile "" # Path to receiver's private key file. - # The default is "/etc/auditdistd.key.pem". + # The default is "/etc/security/auditdistd.key.pem". keyfile "" # Configuration for a source system we want to receive audit trail @@ -307,15 +307,15 @@ Certificate public key's fingerprint ready to be pasted into auditdistd configuration file can be obtained by running: .Bd -literal -offset -# openssl x509 -in /etc/auditdistd.cert.pem -noout -fingerprint -sha256 | awk -F '[ =]' '{printf("%s=%s\\n", $1, $3)}' +# openssl x509 -in /etc/security/auditdistd.cert.pem -noout -fingerprint -sha256 | awk -F '[ =]' '{printf("%s=%s\\n", $1, $3)}' .Ed .It Ic password Aq password .Pp Password used to authenticate the sender in front of the receiver. .El .Sh FILES -.Bl -tag -width ".Pa /etc/auditdistd.conf" -compact -.It Pa /etc/auditdistd.conf +.Bl -tag -width ".Pa /etc/security/auditdistd.conf" -compact +.It Pa /etc/security/auditdistd.conf The default .Nm auditdistd configuration file. ==== //depot/projects/trustedbsd/openbsm/bin/auditdistd/auditdistd.h#2 (text+ko) ==== @@ -26,7 +26,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/bin/auditdistd/auditdistd.h#1 $ + * $P4: //depot/projects/trustedbsd/openbsm/bin/auditdistd/auditdistd.h#2 $ */ #ifndef _AUDITDISTD_H_ @@ -62,15 +62,15 @@ #define ADIST_USER "auditdistd" #define ADIST_TIMEOUT 20 -#define ADIST_CONFIG "/etc/auditdistd.conf" +#define ADIST_CONFIG "/etc/security/auditdistd.conf" #define ADIST_TCP_PORT "7878" #define ADIST_LISTEN_TLS_TCP4 "tls://0.0.0.0:" ADIST_TCP_PORT #define ADIST_LISTEN_TLS_TCP6 "tls://[::]:" ADIST_TCP_PORT #define ADIST_PIDFILE "/var/run/auditdistd.pid" #define ADIST_DIRECTORY_SENDER "/var/audit/dist" #define ADIST_DIRECTORY_RECEIVER "/var/audit/remote" -#define ADIST_CERTFILE "/etc/auditdistd.cert.pem" -#define ADIST_KEYFILE "/etc/auditdistd.key.pem" +#define ADIST_CERTFILE "/etc/security/auditdistd.cert.pem" +#define ADIST_KEYFILE "/etc/security/auditdistd.key.pem" #define ADIST_ERROR_WRONG_ORDER 1 #define ADIST_ERROR_INVALID_NAME 2