OpenBSM questions
Alex Samorukov
ml at os2.kiev.ua
Sat Jul 14 05:21:33 UTC 2007
Hello
I have some issues with OpenBSM which i cannot resolve, so i decided to
ask there.
1) I found some bugs in the auditreduce utility and created patch for it
- http://www.freebsd.org/cgi/query-pr.cgi?pr=114534.
Please, someone from freebsd team - take it, i think its better to fix
this before next release.
2) I found that when i`m using XDM as login manager with OpenBSM, all my
audit events comes with subject -1, and becauseof this i cant filter
them with audit_user policy. When i`m using console "login" all work as
designed and i got logged in user in the subject.
I think that xdm must be patched to support audit, i found audit code
in the login sources. My be someone already did such patches?
3) All services running from rc scripts also using "-1" as their
subject. How can i change subject for such programs? E.g. mysql work
with myslq uid/gid and i want create special policy for the mysql in the
audit_user file, but "subject" of such events is always "-1", so i cant
do this.
P.S. I`m using FreeBSD-STABLE.
More information about the freebsd-security
mailing list