Distributed audit daemon committed (was: svn commit: r243752 - in head: etc etc/defaults etc/mail etc/mtree etc/rc.d share/man/man4 usr.sbin usr.sbin/auditdistd (fwd))
Andreas Tobler
andreast-list at fgznet.ch
Sat Dec 1 21:06:37 UTC 2012
On 01.12.12 16:15, Robert Watson wrote:
>
> Dear all:
>
> I've now committed the build glue required to install the recently merged
> Audit Distribution Daemon (auditdistd) contributed by the Pawel Dawidek, and
> sponsored by the FreeBSD Foundation. This allows individual hosts generating
> audit trails to submit trails to a central audit server for review and safe
> keeping. Part of the goal is to ensure that a host submitting trail data
> can't later modify the trails. Pawel uses a variety of useful security- and
> resilience-related features such as TLS, Capsicum, etc, in auditdistd. As the
> recent security incident in the FreeBSD.org cluster illustrated, having
> reliable and detailed audit trails makes a big difference in forensic work,
> and hopefully this will allow the FreeBSD Project (and our users) to do that
> better in the future.
Aehm, hope it is ok to 'complain' here.
Happens when installing world.
cd /export/devel/fbsd/head/src;
/usr/obj/export/devel/fbsd/head/src/make.amd64/make -f Makefile.inc1
LOCAL_MTREE= hierarchy
cd /export/devel/fbsd/head/src/etc;
/usr/obj/export/devel/fbsd/head/src/make.amd64/make distrib-dirs
mtree -eU -f /export/devel/fbsd/head/src/etc/mtree/BSD.root.dist -p /
mtree -eU -f /export/devel/fbsd/head/src/etc/mtree/BSD.var.dist -p /var
mtree: line 22: unknown user auditdistd
*** [distrib-dirs] Error code 1
Andreas
More information about the freebsd-current
mailing list