svn commit: r190779 - in projects/tcp_ffcaia2008_8.x: .
cddl/contrib/opensolaris/cmd/zinject
cddl/contrib/opensolaris/lib/libzfs/common contrib/bind9
contrib/cpio contrib/gdtoa contrib/ncurses cont...
Lawrence Stewart
lstewart at FreeBSD.org
Mon Apr 6 09:28:22 PDT 2009
Author: lstewart
Date: Mon Apr 6 16:28:20 2009
New Revision: 190779
URL: http://svn.freebsd.org/changeset/base/190779
Log:
Merge r186471:186647 from head.
Added:
projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditd/auditd_darwin.c
- copied unchanged from r186647, head/contrib/openbsm/bin/auditd/auditd_darwin.c
projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditd/auditd_fbsd.c
- copied unchanged from r186647, head/contrib/openbsm/bin/auditd/auditd_fbsd.c
projects/tcp_ffcaia2008_8.x/contrib/openbsm/bsm/auditd_lib.h
- copied unchanged from r186647, head/contrib/openbsm/bsm/auditd_lib.h
projects/tcp_ffcaia2008_8.x/contrib/openbsm/libauditd/
- copied from r186647, head/contrib/openbsm/libauditd/
projects/tcp_ffcaia2008_8.x/contrib/openbsm/libbsm/au_errno.3
- copied unchanged from r186647, head/contrib/openbsm/libbsm/au_errno.3
projects/tcp_ffcaia2008_8.x/contrib/openbsm/libbsm/bsm_errno.c
- copied unchanged from r186647, head/contrib/openbsm/libbsm/bsm_errno.c
projects/tcp_ffcaia2008_8.x/contrib/openbsm/sys/bsm/audit_errno.h
- copied unchanged from r186647, head/contrib/openbsm/sys/bsm/audit_errno.h
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/E2BIG_record
- copied unchanged from r186647, head/contrib/openbsm/test/reference/E2BIG_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/EACCES_record
- copied unchanged from r186647, head/contrib/openbsm/test/reference/EACCES_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/EBADF_record
- copied unchanged from r186647, head/contrib/openbsm/test/reference/EBADF_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/EBUSY_record
- copied unchanged from r186647, head/contrib/openbsm/test/reference/EBUSY_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/ECHILD_record
- copied unchanged from r186647, head/contrib/openbsm/test/reference/ECHILD_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/EDEADLK_record
- copied unchanged from r186647, head/contrib/openbsm/test/reference/EDEADLK_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/EEXIST_record
- copied unchanged from r186647, head/contrib/openbsm/test/reference/EEXIST_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/EFAULT_record
- copied unchanged from r186647, head/contrib/openbsm/test/reference/EFAULT_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/EFBIG_record
- copied unchanged from r186647, head/contrib/openbsm/test/reference/EFBIG_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/EINTR_record
- copied unchanged from r186647, head/contrib/openbsm/test/reference/EINTR_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/EINVAL_record
- copied unchanged from r186647, head/contrib/openbsm/test/reference/EINVAL_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/EIO_record
- copied unchanged from r186647, head/contrib/openbsm/test/reference/EIO_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/EISDIR_record
- copied unchanged from r186647, head/contrib/openbsm/test/reference/EISDIR_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/EMFILE_record
- copied unchanged from r186647, head/contrib/openbsm/test/reference/EMFILE_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/EMLINK_record
- copied unchanged from r186647, head/contrib/openbsm/test/reference/EMLINK_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/ENFILE_record
- copied unchanged from r186647, head/contrib/openbsm/test/reference/ENFILE_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/ENODEV_record
- copied unchanged from r186647, head/contrib/openbsm/test/reference/ENODEV_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/ENOENT_record
- copied unchanged from r186647, head/contrib/openbsm/test/reference/ENOENT_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/ENOEXEC_record
- copied unchanged from r186647, head/contrib/openbsm/test/reference/ENOEXEC_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/ENOMEM_record
- copied unchanged from r186647, head/contrib/openbsm/test/reference/ENOMEM_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/ENOSPC_record
- copied unchanged from r186647, head/contrib/openbsm/test/reference/ENOSPC_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/ENOTBLK_record
- copied unchanged from r186647, head/contrib/openbsm/test/reference/ENOTBLK_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/ENOTDIR_record
- copied unchanged from r186647, head/contrib/openbsm/test/reference/ENOTDIR_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/ENOTTY_record
- copied unchanged from r186647, head/contrib/openbsm/test/reference/ENOTTY_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/ENXIO_record
- copied unchanged from r186647, head/contrib/openbsm/test/reference/ENXIO_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/EPERM_record
- copied unchanged from r186647, head/contrib/openbsm/test/reference/EPERM_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/EPIPE_record
- copied unchanged from r186647, head/contrib/openbsm/test/reference/EPIPE_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/EROFS_record
- copied unchanged from r186647, head/contrib/openbsm/test/reference/EROFS_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/ESPIPE_record
- copied unchanged from r186647, head/contrib/openbsm/test/reference/ESPIPE_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/ESRCH_record
- copied unchanged from r186647, head/contrib/openbsm/test/reference/ESRCH_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/ETXTBSY_record
- copied unchanged from r186647, head/contrib/openbsm/test/reference/ETXTBSY_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/EXDEV_record
- copied unchanged from r186647, head/contrib/openbsm/test/reference/EXDEV_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/socketex_record
- copied unchanged from r186647, head/contrib/openbsm/test/reference/socketex_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/socketex_token
- copied unchanged from r186647, head/contrib/openbsm/test/reference/socketex_token
projects/tcp_ffcaia2008_8.x/lib/libauditd/
- copied from r186647, head/lib/libauditd/
projects/tcp_ffcaia2008_8.x/share/man/man4/ng_ether_echo.4
- copied unchanged from r186647, head/share/man/man4/ng_ether_echo.4
projects/tcp_ffcaia2008_8.x/sys/bsm/audit_errno.h
- copied unchanged from r186647, head/sys/bsm/audit_errno.h
projects/tcp_ffcaia2008_8.x/sys/mips/mips/elf64_machdep.c
- copied unchanged from r186647, head/sys/mips/mips/elf64_machdep.c
projects/tcp_ffcaia2008_8.x/sys/modules/netgraph/ether_echo/
- copied from r186647, head/sys/modules/netgraph/ether_echo/
projects/tcp_ffcaia2008_8.x/sys/netgraph/ng_ether_echo.c
- copied unchanged from r186647, head/sys/netgraph/ng_ether_echo.c
projects/tcp_ffcaia2008_8.x/sys/netgraph/ng_ether_echo.h
- copied unchanged from r186647, head/sys/netgraph/ng_ether_echo.h
projects/tcp_ffcaia2008_8.x/sys/security/audit/audit_bsm_errno.c
- copied unchanged from r186647, head/sys/security/audit/audit_bsm_errno.c
projects/tcp_ffcaia2008_8.x/sys/xen/evtchn.h
- copied unchanged from r186647, head/sys/xen/evtchn.h
projects/tcp_ffcaia2008_8.x/sys/xen/hypervisor.h
- copied unchanged from r186647, head/sys/xen/hypervisor.h
projects/tcp_ffcaia2008_8.x/sys/xen/xen_intr.h
- copied unchanged from r186647, head/sys/xen/xen_intr.h
Deleted:
projects/tcp_ffcaia2008_8.x/sys/i386/include/xen/evtchn.h
projects/tcp_ffcaia2008_8.x/sys/i386/include/xen/hypervisor.h
projects/tcp_ffcaia2008_8.x/sys/i386/include/xen/xen_intr.h
Modified:
projects/tcp_ffcaia2008_8.x/ (props changed)
projects/tcp_ffcaia2008_8.x/COPYRIGHT
projects/tcp_ffcaia2008_8.x/Makefile
projects/tcp_ffcaia2008_8.x/UPDATING
projects/tcp_ffcaia2008_8.x/cddl/contrib/opensolaris/cmd/zinject/zinject.c
projects/tcp_ffcaia2008_8.x/cddl/contrib/opensolaris/lib/libzfs/common/libzfs_sendrecv.c
projects/tcp_ffcaia2008_8.x/contrib/bind9/ (props changed)
projects/tcp_ffcaia2008_8.x/contrib/cpio/ (props changed)
projects/tcp_ffcaia2008_8.x/contrib/gdtoa/ (props changed)
projects/tcp_ffcaia2008_8.x/contrib/ncurses/ (props changed)
projects/tcp_ffcaia2008_8.x/contrib/netcat/ (props changed)
projects/tcp_ffcaia2008_8.x/contrib/ntp/ (props changed)
projects/tcp_ffcaia2008_8.x/contrib/openbsm/ (props changed)
projects/tcp_ffcaia2008_8.x/contrib/openbsm/Makefile.am
projects/tcp_ffcaia2008_8.x/contrib/openbsm/Makefile.in
projects/tcp_ffcaia2008_8.x/contrib/openbsm/NEWS
projects/tcp_ffcaia2008_8.x/contrib/openbsm/README
projects/tcp_ffcaia2008_8.x/contrib/openbsm/TODO
projects/tcp_ffcaia2008_8.x/contrib/openbsm/VERSION
projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/Makefile.in
projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/audit/Makefile.am
projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/audit/Makefile.in
projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/audit/audit.8
projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/audit/audit.c
projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditd/Makefile.am
projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditd/Makefile.in
projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditd/audit_warn.c
projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditd/auditd.8
projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditd/auditd.c
projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditd/auditd.h
projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditfilterd/Makefile.in
projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditreduce/Makefile.in
projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditreduce/auditreduce.c
projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/praudit/Makefile.in
projects/tcp_ffcaia2008_8.x/contrib/openbsm/bsm/Makefile.am
projects/tcp_ffcaia2008_8.x/contrib/openbsm/bsm/Makefile.in
projects/tcp_ffcaia2008_8.x/contrib/openbsm/bsm/audit_uevents.h
projects/tcp_ffcaia2008_8.x/contrib/openbsm/bsm/libbsm.h
projects/tcp_ffcaia2008_8.x/contrib/openbsm/compat/endian.h
projects/tcp_ffcaia2008_8.x/contrib/openbsm/config/config.h.in
projects/tcp_ffcaia2008_8.x/contrib/openbsm/configure
projects/tcp_ffcaia2008_8.x/contrib/openbsm/configure.ac
projects/tcp_ffcaia2008_8.x/contrib/openbsm/etc/audit_event
projects/tcp_ffcaia2008_8.x/contrib/openbsm/libbsm/Makefile.am
projects/tcp_ffcaia2008_8.x/contrib/openbsm/libbsm/Makefile.in
projects/tcp_ffcaia2008_8.x/contrib/openbsm/libbsm/au_token.3
projects/tcp_ffcaia2008_8.x/contrib/openbsm/libbsm/audit_submit.3
projects/tcp_ffcaia2008_8.x/contrib/openbsm/libbsm/bsm_audit.c
projects/tcp_ffcaia2008_8.x/contrib/openbsm/libbsm/bsm_class.c
projects/tcp_ffcaia2008_8.x/contrib/openbsm/libbsm/bsm_control.c
projects/tcp_ffcaia2008_8.x/contrib/openbsm/libbsm/bsm_event.c
projects/tcp_ffcaia2008_8.x/contrib/openbsm/libbsm/bsm_io.c
projects/tcp_ffcaia2008_8.x/contrib/openbsm/libbsm/bsm_mask.c
projects/tcp_ffcaia2008_8.x/contrib/openbsm/libbsm/bsm_token.c
projects/tcp_ffcaia2008_8.x/contrib/openbsm/libbsm/bsm_user.c
projects/tcp_ffcaia2008_8.x/contrib/openbsm/libbsm/bsm_wrappers.c
projects/tcp_ffcaia2008_8.x/contrib/openbsm/libbsm/libbsm.3
projects/tcp_ffcaia2008_8.x/contrib/openbsm/man/Makefile.in
projects/tcp_ffcaia2008_8.x/contrib/openbsm/man/audit.log.5
projects/tcp_ffcaia2008_8.x/contrib/openbsm/modules/Makefile.in
projects/tcp_ffcaia2008_8.x/contrib/openbsm/modules/auditfilter_noop/Makefile.in
projects/tcp_ffcaia2008_8.x/contrib/openbsm/sys/Makefile.in
projects/tcp_ffcaia2008_8.x/contrib/openbsm/sys/bsm/Makefile.am
projects/tcp_ffcaia2008_8.x/contrib/openbsm/sys/bsm/Makefile.in
projects/tcp_ffcaia2008_8.x/contrib/openbsm/sys/bsm/audit.h
projects/tcp_ffcaia2008_8.x/contrib/openbsm/sys/bsm/audit_internal.h
projects/tcp_ffcaia2008_8.x/contrib/openbsm/sys/bsm/audit_kevents.h
projects/tcp_ffcaia2008_8.x/contrib/openbsm/sys/bsm/audit_record.h
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/Makefile.in
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/bsm/Makefile.in
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/bsm/generate.c
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/arg32_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/data_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/file_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/header32_token
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/in_addr_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/ip_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/ipc_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/iport_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/opaque_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/path_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/process32_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/process32ex_record-IPv4
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/process32ex_record-IPv6
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/process64_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/process64ex_record-IPv4
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/process64ex_record-IPv6
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/return32_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/return32_token
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/seq_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/subject32_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/subject32ex_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/text_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/test/reference/zonename_record
projects/tcp_ffcaia2008_8.x/contrib/openbsm/tools/Makefile.in
projects/tcp_ffcaia2008_8.x/contrib/openpam/ (props changed)
projects/tcp_ffcaia2008_8.x/contrib/pf/ (props changed)
projects/tcp_ffcaia2008_8.x/contrib/sendmail/ (props changed)
projects/tcp_ffcaia2008_8.x/contrib/top/ (props changed)
projects/tcp_ffcaia2008_8.x/crypto/openssh/ (props changed)
projects/tcp_ffcaia2008_8.x/crypto/openssl/ (props changed)
projects/tcp_ffcaia2008_8.x/gnu/lib/libstdc++/Makefile
projects/tcp_ffcaia2008_8.x/gnu/usr.bin/man/manpath/manpath.config
projects/tcp_ffcaia2008_8.x/lib/Makefile
projects/tcp_ffcaia2008_8.x/lib/libbsm/Makefile
projects/tcp_ffcaia2008_8.x/lib/libc/ (props changed)
projects/tcp_ffcaia2008_8.x/lib/libc/stdtime/ (props changed)
projects/tcp_ffcaia2008_8.x/lib/libc/string/ffsll.c (props changed)
projects/tcp_ffcaia2008_8.x/lib/libc/string/flsll.c (props changed)
projects/tcp_ffcaia2008_8.x/lib/libc/sys/kldunload.2
projects/tcp_ffcaia2008_8.x/lib/libutil/ (props changed)
projects/tcp_ffcaia2008_8.x/lib/libutil/kinfo_getfile.c
projects/tcp_ffcaia2008_8.x/lib/libutil/kinfo_getvmmap.c
projects/tcp_ffcaia2008_8.x/sbin/ddb/ddb.8
projects/tcp_ffcaia2008_8.x/sbin/geom/misc/subr.c
projects/tcp_ffcaia2008_8.x/sbin/mount/getmntopts.c
projects/tcp_ffcaia2008_8.x/sbin/mount/mount.c
projects/tcp_ffcaia2008_8.x/sbin/savecore/savecore.8
projects/tcp_ffcaia2008_8.x/share/man/man4/Makefile
projects/tcp_ffcaia2008_8.x/share/man/man4/cpuctl.4
projects/tcp_ffcaia2008_8.x/share/man/man4/ndis.4
projects/tcp_ffcaia2008_8.x/share/man/man4/ng_tty.4
projects/tcp_ffcaia2008_8.x/share/man/man4/textdump.4
projects/tcp_ffcaia2008_8.x/share/mk/bsd.libnames.mk
projects/tcp_ffcaia2008_8.x/share/zoneinfo/ (props changed)
projects/tcp_ffcaia2008_8.x/sys/ (props changed)
projects/tcp_ffcaia2008_8.x/sys/arm/conf/AVILA
projects/tcp_ffcaia2008_8.x/sys/arm/conf/CAMBRIA
projects/tcp_ffcaia2008_8.x/sys/arm/conf/EP80219
projects/tcp_ffcaia2008_8.x/sys/arm/conf/HL200
projects/tcp_ffcaia2008_8.x/sys/arm/conf/IQ31244
projects/tcp_ffcaia2008_8.x/sys/arm/conf/NSLU
projects/tcp_ffcaia2008_8.x/sys/boot/i386/boot0/Makefile
projects/tcp_ffcaia2008_8.x/sys/boot/i386/boot0/boot0.S
projects/tcp_ffcaia2008_8.x/sys/bsm/audit.h
projects/tcp_ffcaia2008_8.x/sys/bsm/audit_internal.h
projects/tcp_ffcaia2008_8.x/sys/bsm/audit_kevents.h
projects/tcp_ffcaia2008_8.x/sys/bsm/audit_record.h
projects/tcp_ffcaia2008_8.x/sys/compat/freebsd32/freebsd32_misc.c
projects/tcp_ffcaia2008_8.x/sys/compat/linprocfs/linprocfs.c
projects/tcp_ffcaia2008_8.x/sys/compat/linux/linux_misc.c
projects/tcp_ffcaia2008_8.x/sys/compat/ndis/kern_ndis.c
projects/tcp_ffcaia2008_8.x/sys/compat/ndis/kern_windrv.c
projects/tcp_ffcaia2008_8.x/sys/compat/ndis/ndis_var.h
projects/tcp_ffcaia2008_8.x/sys/compat/ndis/ntoskrnl_var.h
projects/tcp_ffcaia2008_8.x/sys/compat/ndis/subr_ndis.c
projects/tcp_ffcaia2008_8.x/sys/compat/ndis/subr_ntoskrnl.c
projects/tcp_ffcaia2008_8.x/sys/compat/ndis/subr_usbd.c
projects/tcp_ffcaia2008_8.x/sys/compat/ndis/usbd_var.h
projects/tcp_ffcaia2008_8.x/sys/conf/files
projects/tcp_ffcaia2008_8.x/sys/conf/options
projects/tcp_ffcaia2008_8.x/sys/contrib/pf/ (props changed)
projects/tcp_ffcaia2008_8.x/sys/dev/acpi_support/acpi_asus.c
projects/tcp_ffcaia2008_8.x/sys/dev/cardbus/cardbus.c
projects/tcp_ffcaia2008_8.x/sys/dev/cfe/cfe_console.c
projects/tcp_ffcaia2008_8.x/sys/dev/if_ndis/if_ndis.c
projects/tcp_ffcaia2008_8.x/sys/dev/if_ndis/if_ndis_pccard.c
projects/tcp_ffcaia2008_8.x/sys/dev/if_ndis/if_ndis_pci.c
projects/tcp_ffcaia2008_8.x/sys/dev/if_ndis/if_ndis_usb.c
projects/tcp_ffcaia2008_8.x/sys/dev/if_ndis/if_ndisvar.h
projects/tcp_ffcaia2008_8.x/sys/dev/mn/if_mn.c (props changed)
projects/tcp_ffcaia2008_8.x/sys/dev/puc/pucdata.c
projects/tcp_ffcaia2008_8.x/sys/dev/sound/pci/hda/hdac.c
projects/tcp_ffcaia2008_8.x/sys/dev/uart/uart_tty.c
projects/tcp_ffcaia2008_8.x/sys/dev/usb/ehci_ixp4xx.c (props changed)
projects/tcp_ffcaia2008_8.x/sys/dev/usb/if_zyd.c
projects/tcp_ffcaia2008_8.x/sys/dev/usb/umass.c
projects/tcp_ffcaia2008_8.x/sys/dev/xen/blkfront/blkfront.c
projects/tcp_ffcaia2008_8.x/sys/dev/xen/console/console.c
projects/tcp_ffcaia2008_8.x/sys/dev/xen/console/xencons_ring.c
projects/tcp_ffcaia2008_8.x/sys/dev/xen/evtchn/evtchn_dev.c
projects/tcp_ffcaia2008_8.x/sys/dev/xen/netfront/netfront.c
projects/tcp_ffcaia2008_8.x/sys/fs/procfs/procfs_map.c
projects/tcp_ffcaia2008_8.x/sys/fs/pseudofs/pseudofs_vncache.c
projects/tcp_ffcaia2008_8.x/sys/fs/pseudofs/pseudofs_vnops.c
projects/tcp_ffcaia2008_8.x/sys/geom/part/g_part_bsd.c
projects/tcp_ffcaia2008_8.x/sys/geom/vinum/geom_vinum_plex.c
projects/tcp_ffcaia2008_8.x/sys/i386/conf/XEN
projects/tcp_ffcaia2008_8.x/sys/i386/i386/genassym.c
projects/tcp_ffcaia2008_8.x/sys/i386/i386/machdep.c
projects/tcp_ffcaia2008_8.x/sys/i386/i386/vm_machdep.c
projects/tcp_ffcaia2008_8.x/sys/i386/ibcs2/ibcs2_sysi86.c
projects/tcp_ffcaia2008_8.x/sys/i386/include/xen/xenfunc.h
projects/tcp_ffcaia2008_8.x/sys/i386/isa/npx.c
projects/tcp_ffcaia2008_8.x/sys/i386/xen/clock.c
projects/tcp_ffcaia2008_8.x/sys/i386/xen/mp_machdep.c
projects/tcp_ffcaia2008_8.x/sys/i386/xen/mptable.c
projects/tcp_ffcaia2008_8.x/sys/i386/xen/pmap.c
projects/tcp_ffcaia2008_8.x/sys/i386/xen/xen_machdep.c
projects/tcp_ffcaia2008_8.x/sys/kern/kern_cons.c (props changed)
projects/tcp_ffcaia2008_8.x/sys/kern/kern_descrip.c
projects/tcp_ffcaia2008_8.x/sys/kern/kern_jail.c
projects/tcp_ffcaia2008_8.x/sys/kern/kern_proc.c
projects/tcp_ffcaia2008_8.x/sys/kern/kern_sysctl.c
projects/tcp_ffcaia2008_8.x/sys/kern/kern_xxx.c
projects/tcp_ffcaia2008_8.x/sys/kern/subr_param.c
projects/tcp_ffcaia2008_8.x/sys/kern/uipc_domain.c
projects/tcp_ffcaia2008_8.x/sys/kern/uipc_usrreq.c
projects/tcp_ffcaia2008_8.x/sys/kern/vfs_cache.c
projects/tcp_ffcaia2008_8.x/sys/kern/vfs_export.c
projects/tcp_ffcaia2008_8.x/sys/kern/vfs_syscalls.c
projects/tcp_ffcaia2008_8.x/sys/modules/ndis/Makefile
projects/tcp_ffcaia2008_8.x/sys/modules/netgraph/Makefile
projects/tcp_ffcaia2008_8.x/sys/modules/usb2/Makefile
projects/tcp_ffcaia2008_8.x/sys/net/if_tun.c
projects/tcp_ffcaia2008_8.x/sys/net/route.h
projects/tcp_ffcaia2008_8.x/sys/net/rtsock.c
projects/tcp_ffcaia2008_8.x/sys/netgraph/ng_ether.c
projects/tcp_ffcaia2008_8.x/sys/netinet/if_ether.c
projects/tcp_ffcaia2008_8.x/sys/netinet/in.c
projects/tcp_ffcaia2008_8.x/sys/netinet6/in6.c
projects/tcp_ffcaia2008_8.x/sys/netipsec/ipsec.c
projects/tcp_ffcaia2008_8.x/sys/netipsec/ipsec.h
projects/tcp_ffcaia2008_8.x/sys/security/audit/audit_bsm_token.c
projects/tcp_ffcaia2008_8.x/sys/security/mac/mac_cred.c (props changed)
projects/tcp_ffcaia2008_8.x/sys/security/mac_bsdextended/ugidfw_system.c (props changed)
projects/tcp_ffcaia2008_8.x/sys/security/mac_bsdextended/ugidfw_vnode.c (props changed)
projects/tcp_ffcaia2008_8.x/sys/sys/copyright.h
projects/tcp_ffcaia2008_8.x/sys/sys/tree.h
projects/tcp_ffcaia2008_8.x/sys/vm/vm_map.c
projects/tcp_ffcaia2008_8.x/sys/vm/vm_map.h
projects/tcp_ffcaia2008_8.x/sys/xen/evtchn/evtchn.c
projects/tcp_ffcaia2008_8.x/sys/xen/evtchn/evtchn_dev.c
projects/tcp_ffcaia2008_8.x/sys/xen/features.c
projects/tcp_ffcaia2008_8.x/sys/xen/gnttab.c
projects/tcp_ffcaia2008_8.x/sys/xen/gnttab.h
projects/tcp_ffcaia2008_8.x/sys/xen/xenbus/xenbus_client.c
projects/tcp_ffcaia2008_8.x/sys/xen/xenbus/xenbus_comms.c
projects/tcp_ffcaia2008_8.x/sys/xen/xenbus/xenbus_comms.h
projects/tcp_ffcaia2008_8.x/sys/xen/xenbus/xenbus_dev.c
projects/tcp_ffcaia2008_8.x/sys/xen/xenbus/xenbus_probe.c
projects/tcp_ffcaia2008_8.x/sys/xen/xenbus/xenbus_probe_backend.c
projects/tcp_ffcaia2008_8.x/sys/xen/xenbus/xenbus_xs.c
projects/tcp_ffcaia2008_8.x/sys/xen/xenbus/xenbusvar.h
projects/tcp_ffcaia2008_8.x/usr.bin/csplit/csplit.1
projects/tcp_ffcaia2008_8.x/usr.bin/fstat/zfs.c
projects/tcp_ffcaia2008_8.x/usr.bin/gprof/gprof.1
projects/tcp_ffcaia2008_8.x/usr.bin/make/for.c
projects/tcp_ffcaia2008_8.x/usr.bin/make/job.c
projects/tcp_ffcaia2008_8.x/usr.bin/make/job.h
projects/tcp_ffcaia2008_8.x/usr.bin/make/main.c
projects/tcp_ffcaia2008_8.x/usr.bin/make/make.1
projects/tcp_ffcaia2008_8.x/usr.bin/make/make.h
projects/tcp_ffcaia2008_8.x/usr.bin/make/parse.c
projects/tcp_ffcaia2008_8.x/usr.bin/make/suff.c
projects/tcp_ffcaia2008_8.x/usr.bin/netstat/inet6.c
projects/tcp_ffcaia2008_8.x/usr.bin/netstat/main.c
projects/tcp_ffcaia2008_8.x/usr.bin/netstat/unix.c
projects/tcp_ffcaia2008_8.x/usr.bin/procstat/ (props changed)
projects/tcp_ffcaia2008_8.x/usr.bin/procstat/procstat.c
projects/tcp_ffcaia2008_8.x/usr.bin/procstat/procstat_args.c
projects/tcp_ffcaia2008_8.x/usr.bin/procstat/procstat_basic.c
projects/tcp_ffcaia2008_8.x/usr.bin/procstat/procstat_bin.c
projects/tcp_ffcaia2008_8.x/usr.bin/procstat/procstat_cred.c
projects/tcp_ffcaia2008_8.x/usr.bin/procstat/procstat_files.c
projects/tcp_ffcaia2008_8.x/usr.bin/procstat/procstat_kstack.c
projects/tcp_ffcaia2008_8.x/usr.bin/procstat/procstat_threads.c
projects/tcp_ffcaia2008_8.x/usr.bin/procstat/procstat_vm.c
projects/tcp_ffcaia2008_8.x/usr.bin/top/machine.c
projects/tcp_ffcaia2008_8.x/usr.sbin/arp/arp.8
projects/tcp_ffcaia2008_8.x/usr.sbin/arp/arp.c
projects/tcp_ffcaia2008_8.x/usr.sbin/auditd/Makefile
projects/tcp_ffcaia2008_8.x/usr.sbin/cpucontrol/cpucontrol.8
projects/tcp_ffcaia2008_8.x/usr.sbin/gssd/Makefile
projects/tcp_ffcaia2008_8.x/usr.sbin/makefs/ffs/ffs_bswap.c (props changed)
projects/tcp_ffcaia2008_8.x/usr.sbin/makefs/ffs/ffs_subr.c (props changed)
projects/tcp_ffcaia2008_8.x/usr.sbin/makefs/ffs/ufs_bswap.h (props changed)
projects/tcp_ffcaia2008_8.x/usr.sbin/makefs/getid.c (props changed)
projects/tcp_ffcaia2008_8.x/usr.sbin/ndiscvt/inf.c
projects/tcp_ffcaia2008_8.x/usr.sbin/ndiscvt/windrv_stub.c
projects/tcp_ffcaia2008_8.x/usr.sbin/ndp/ndp.c
projects/tcp_ffcaia2008_8.x/usr.sbin/pkg_install/add/main.c
projects/tcp_ffcaia2008_8.x/usr.sbin/pkg_install/lib/lib.h
projects/tcp_ffcaia2008_8.x/usr.sbin/pkg_install/lib/plist.c
projects/tcp_ffcaia2008_8.x/usr.sbin/powerd/powerd.8
projects/tcp_ffcaia2008_8.x/usr.sbin/sade/disks.c
projects/tcp_ffcaia2008_8.x/usr.sbin/sysinstall/disks.c
projects/tcp_ffcaia2008_8.x/usr.sbin/sysinstall/sysinstall.8
projects/tcp_ffcaia2008_8.x/usr.sbin/ugidfw/ugidfw.c
projects/tcp_ffcaia2008_8.x/usr.sbin/usbdevs/usbdevs.c
projects/tcp_ffcaia2008_8.x/usr.sbin/zic/ (props changed)
Modified: projects/tcp_ffcaia2008_8.x/COPYRIGHT
==============================================================================
--- projects/tcp_ffcaia2008_8.x/COPYRIGHT Mon Apr 6 15:45:03 2009 (r190778)
+++ projects/tcp_ffcaia2008_8.x/COPYRIGHT Mon Apr 6 16:28:20 2009 (r190779)
@@ -4,7 +4,7 @@
The compilation of software known as FreeBSD is distributed under the
following terms:
-Copyright (C) 1992-2008 The FreeBSD Project. All rights reserved.
+Copyright (c) 1992-2009 The FreeBSD Project. All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
Modified: projects/tcp_ffcaia2008_8.x/Makefile
==============================================================================
--- projects/tcp_ffcaia2008_8.x/Makefile Mon Apr 6 15:45:03 2009 (r190778)
+++ projects/tcp_ffcaia2008_8.x/Makefile Mon Apr 6 16:28:20 2009 (r190779)
@@ -298,7 +298,7 @@ universe_prologue:
.endif
.for target in ${TARGETS}
KERNCONFS!= cd ${.CURDIR}/sys/${target}/conf && \
- find [A-Z]*[A-Z] -type f -maxdepth 0 \
+ find [A-Z0-9]*[A-Z0-9] -type f -maxdepth 0 \
! -name DEFAULTS ! -name LINT
KERNCONFS:= ${KERNCONFS:S/^NOTES$/LINT/}
universe: universe_${target}
Modified: projects/tcp_ffcaia2008_8.x/UPDATING
==============================================================================
--- projects/tcp_ffcaia2008_8.x/UPDATING Mon Apr 6 15:45:03 2009 (r190778)
+++ projects/tcp_ffcaia2008_8.x/UPDATING Mon Apr 6 16:28:20 2009 (r190779)
@@ -22,6 +22,12 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 8.
to maximize performance. (To disable malloc debugging, run
ln -s aj /etc/malloc.conf.)
+20081225:
+ ng_tty(4) module updated to match the new TTY subsystem.
+ Due to API change, user-level applications must be updated.
+ New API support added to mpd5 CVS and expected to be present
+ in next mpd5.3 release.
+
20081219:
With __FreeBSD_version 800060 the makefs tool is part of
the base system (it was a port).
Modified: projects/tcp_ffcaia2008_8.x/cddl/contrib/opensolaris/cmd/zinject/zinject.c
==============================================================================
--- projects/tcp_ffcaia2008_8.x/cddl/contrib/opensolaris/cmd/zinject/zinject.c Mon Apr 6 15:45:03 2009 (r190778)
+++ projects/tcp_ffcaia2008_8.x/cddl/contrib/opensolaris/cmd/zinject/zinject.c Mon Apr 6 16:28:20 2009 (r190779)
@@ -146,6 +146,7 @@
#include <unistd.h>
#include <sys/fs/zfs.h>
+#include <sys/param.h>
#include <sys/mount.h>
#include <libzfs.h>
Modified: projects/tcp_ffcaia2008_8.x/cddl/contrib/opensolaris/lib/libzfs/common/libzfs_sendrecv.c
==============================================================================
--- projects/tcp_ffcaia2008_8.x/cddl/contrib/opensolaris/lib/libzfs/common/libzfs_sendrecv.c Mon Apr 6 15:45:03 2009 (r190778)
+++ projects/tcp_ffcaia2008_8.x/cddl/contrib/opensolaris/lib/libzfs/common/libzfs_sendrecv.c Mon Apr 6 16:28:20 2009 (r190779)
@@ -34,6 +34,7 @@
#include <unistd.h>
#include <stddef.h>
#include <fcntl.h>
+#include <sys/param.h>
#include <sys/mount.h>
#include <sys/mntent.h>
#include <sys/mnttab.h>
Modified: projects/tcp_ffcaia2008_8.x/contrib/openbsm/Makefile.am
==============================================================================
--- projects/tcp_ffcaia2008_8.x/contrib/openbsm/Makefile.am Mon Apr 6 15:45:03 2009 (r190778)
+++ projects/tcp_ffcaia2008_8.x/contrib/openbsm/Makefile.am Mon Apr 6 16:28:20 2009 (r190779)
@@ -1,15 +1,23 @@
#
-# $P4: //depot/projects/trustedbsd/openbsm/Makefile.am#3 $
+# $P4: //depot/projects/trustedbsd/openbsm/Makefile.am#4 $
#
SUBDIRS = \
- bsm \
+ bsm
+
+if HAVE_AUDIT_SYSCALLS
+SUBDIRS += \
+ libauditd
+endif
+
+SUBDIRS += \
libbsm \
bin \
man \
modules \
sys
+
EXTRA_DIST = \
CHANGELOG \
LICENSE \
Modified: projects/tcp_ffcaia2008_8.x/contrib/openbsm/Makefile.in
==============================================================================
--- projects/tcp_ffcaia2008_8.x/contrib/openbsm/Makefile.in Mon Apr 6 15:45:03 2009 (r190778)
+++ projects/tcp_ffcaia2008_8.x/contrib/openbsm/Makefile.in Mon Apr 6 16:28:20 2009 (r190779)
@@ -15,7 +15,7 @@
@SET_MAKE@
#
-# $P4: //depot/projects/trustedbsd/openbsm/Makefile.in#8 $
+# $P4: //depot/projects/trustedbsd/openbsm/Makefile.in#9 $
#
VPATH = @srcdir@
pkgdatadir = $(datadir)/@PACKAGE@
@@ -35,6 +35,9 @@ PRE_UNINSTALL = :
POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
+ at HAVE_AUDIT_SYSCALLS_TRUE@am__append_1 = \
+ at HAVE_AUDIT_SYSCALLS_TRUE@ libauditd
+
subdir = .
DIST_COMMON = README $(am__configure_deps) $(srcdir)/Makefile.am \
$(srcdir)/Makefile.in $(top_srcdir)/config/config.h.in \
@@ -63,7 +66,7 @@ RECURSIVE_CLEAN_TARGETS = mostlyclean-re
distclean-recursive maintainer-clean-recursive
ETAGS = etags
CTAGS = ctags
-DIST_SUBDIRS = $(SUBDIRS)
+DIST_SUBDIRS = bsm libauditd libbsm bin man modules sys
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
distdir = $(PACKAGE)-$(VERSION)
top_distdir = $(distdir)
@@ -183,14 +186,7 @@ sysconfdir = @sysconfdir@
target_alias = @target_alias@
top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
-SUBDIRS = \
- bsm \
- libbsm \
- bin \
- man \
- modules \
- sys
-
+SUBDIRS = bsm $(am__append_1) libbsm bin man modules sys
EXTRA_DIST = \
CHANGELOG \
LICENSE \
Modified: projects/tcp_ffcaia2008_8.x/contrib/openbsm/NEWS
==============================================================================
--- projects/tcp_ffcaia2008_8.x/contrib/openbsm/NEWS Mon Apr 6 15:45:03 2009 (r190778)
+++ projects/tcp_ffcaia2008_8.x/contrib/openbsm/NEWS Mon Apr 6 16:28:20 2009 (r190779)
@@ -1,5 +1,50 @@
OpenBSM Version History
+OpenBSM 1.1 alpha 4
+
+- With the addition of BSM error number mapping, we also need to map the
+ local error number passed to audit_submit(3) to a BSM error number, rather
+ than have the caller perform that conversion.
+- Reallocate user audit events to avoid collisions with Solaris; adopt a more
+ formal allocation scheme, and add some events allocated in Solaris that
+ will be of immediate use on other platforms.
+- Add an event for Calife.
+- Add au_strerror(3), which allows generating strings for BSM errors
+ directly, rather than requiring applications to map to the local error
+ space, which might not be able to entirely represent the BSM error number
+ space.
+- Major auditd rewrite for launchd(8) support. Add libauditd library that is
+ shared between launchd and auditd.
+- Add AUDIT_TRIGGER_INITIALIZE trigger (sent via 'audit -i') for (re)starting
+ auditing under launchd(8) on Mac OS X.
+- Add 'current' symlink to active audit trail.
+- Add crash recovery of previous audit trail file when detected on audit
+ startup that it has not been properly terminated.
+- Add the event AUE_audit_recovery to indicated when an audit trail file has
+ been recovered from not being properly terminated. This event is stored
+ in the new audit trail file and includes the path of recovered audit trail
+ file.
+- Mac OS X and FreeBSD dependent code in auditd.c is separated into
+ auditd_darwin.c and auditd_fbsd.c files.
+- Add an event for the posix_spawn(2) and fsgetpath(2) Mac OS X system calls.
+- For Mac OS X, we use ASL(3) instead of syslog(3) for logging.
+- Add support for NOTICE level logging.
+
+OpenBSM 1.1 alpha 3
+
+- Add two new functions, au_bsm_to_errno() and au_errno_to_bsm(), to map
+ between BSM error numbers (largely the Solaris definitions) and local
+ errno(2) values for 32-bit and 64-bit return tokens. This is required as
+ operating systems don't agree on some of the values of more recent error
+ numbers.
+- Fix a bug how au_to_exec_args(3) and au_to_exec_env(3) calculates the total
+ size for the token. This bug resulted in "unknown" tokens being printed
+ after the exec args/env tokens.
+- Support for AUT_SOCKET_EX extended socket tokens, which describe a socket
+ using a pair of IPv4/IPv6 and port tuples.
+- OpenBSM BSM file header version bumped for 1.1 release.
+- Deprecated Darwin constants, such as TRAILER_PAD_MAGIC, removed.
+
OpenBSM 1.1 alpha 2
- Include files in OpenBSM are now broken out into two parts: library builds
@@ -348,4 +393,4 @@ OpenBSM 1.0 alpha 1
to support reloading of kernel event table.
- Allow comments in /etc/security configuration files.
-$P4: //depot/projects/trustedbsd/openbsm/NEWS#9 $
+$P4: //depot/projects/trustedbsd/openbsm/NEWS#21 $
Modified: projects/tcp_ffcaia2008_8.x/contrib/openbsm/README
==============================================================================
--- projects/tcp_ffcaia2008_8.x/contrib/openbsm/README Mon Apr 6 15:45:03 2009 (r190778)
+++ projects/tcp_ffcaia2008_8.x/contrib/openbsm/README Mon Apr 6 16:28:20 2009 (r190779)
@@ -1,4 +1,4 @@
-OpenBSM 1.1 alpha 1
+OpenBSM 1.1 alpha 4
Introduction
@@ -19,6 +19,7 @@ OpenBSM consists of several directories:
bsm/ Library include files for BSM
compat/ Compatibility code to build on various OS's
etc/ Sample /etc/security configuration files
+ libauditd Common audit management functions for auditd and launchd
libbsm/ Implementation of BSM library interfaces and man pages
man/ System call and configuration file man pages
modules/ Directory for auditfilterd module source
@@ -55,4 +56,4 @@ Information on TrustedBSD may be found o
http://www.TrustedBSD.org/
-$P4: //depot/projects/trustedbsd/openbsm/README#32 $
+$P4: //depot/projects/trustedbsd/openbsm/README#34 $
Modified: projects/tcp_ffcaia2008_8.x/contrib/openbsm/TODO
==============================================================================
--- projects/tcp_ffcaia2008_8.x/contrib/openbsm/TODO Mon Apr 6 15:45:03 2009 (r190778)
+++ projects/tcp_ffcaia2008_8.x/contrib/openbsm/TODO Mon Apr 6 16:28:20 2009 (r190779)
@@ -20,5 +20,7 @@ OpenBSM TODO
- Document audit_warn event arguments.
- Allow the path /etc/security to be configured at configure-time so that
alternative locations can be used.
+- NLS support for au_strerror(3), which provides error strings for BSM errors
+ not available on the local OS platform.
-$P4: //depot/projects/trustedbsd/openbsm/TODO#11 $
+$P4: //depot/projects/trustedbsd/openbsm/TODO#12 $
Modified: projects/tcp_ffcaia2008_8.x/contrib/openbsm/VERSION
==============================================================================
--- projects/tcp_ffcaia2008_8.x/contrib/openbsm/VERSION Mon Apr 6 15:45:03 2009 (r190778)
+++ projects/tcp_ffcaia2008_8.x/contrib/openbsm/VERSION Mon Apr 6 16:28:20 2009 (r190779)
@@ -1 +1 @@
-OPENBSM_1_1_ALPHA_2
+OPENBSM_1_1_ALPHA_4
Modified: projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/Makefile.in
==============================================================================
--- projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/Makefile.in Mon Apr 6 15:45:03 2009 (r190778)
+++ projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/Makefile.in Mon Apr 6 16:28:20 2009 (r190779)
@@ -15,7 +15,7 @@
@SET_MAKE@
#
-# $P4: //depot/projects/trustedbsd/openbsm/bin/Makefile.in#8 $
+# $P4: //depot/projects/trustedbsd/openbsm/bin/Makefile.in#10 $
#
VPATH = @srcdir@
pkgdatadir = $(datadir)/@PACKAGE@
Modified: projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/audit/Makefile.am
==============================================================================
--- projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/audit/Makefile.am Mon Apr 6 15:45:03 2009 (r190778)
+++ projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/audit/Makefile.am Mon Apr 6 16:28:20 2009 (r190779)
@@ -1,5 +1,5 @@
#
-# $P4: //depot/projects/trustedbsd/openbsm/bin/audit/Makefile.am#4 $
+# $P4: //depot/projects/trustedbsd/openbsm/bin/audit/Makefile.am#6 $
#
if USE_NATIVE_INCLUDES
@@ -13,11 +13,11 @@ audit_LDADD = $(top_builddir)/libbsm/lib
man8_MANS = audit.8
if USE_MACH_IPC
-audit_SOURCES = auditd_control_user.c audit.c
-CLEANFILES = auditd_control_user.c auditd_control_user.h
+audit_SOURCES = auditd_controlUser.c audit.c
+CLEANFILES = auditd_controlUser.c auditd_control.h
-auditd_control_user.c: $(top_srcdir)/bin/auditd/auditd_control.defs
- $(MIG) -user auditd_control_user.c -header auditd_control_user.h -server /dev/null -sheader /dev/null $(top_srcdir)/bin/auditd/auditd_control.defs
+auditd_controlUser.c auditd_control.h: $(top_srcdir)/bin/auditd/auditd_control.defs
+ $(MIG) -user auditd_controlUser.c -header auditd_control.h -server /dev/null -sheader /dev/null $(top_srcdir)/bin/auditd/auditd_control.defs
else
audit_SOURCES = audit.c
endif
Modified: projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/audit/Makefile.in
==============================================================================
--- projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/audit/Makefile.in Mon Apr 6 15:45:03 2009 (r190778)
+++ projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/audit/Makefile.in Mon Apr 6 16:28:20 2009 (r190779)
@@ -15,7 +15,7 @@
@SET_MAKE@
#
-# $P4: //depot/projects/trustedbsd/openbsm/bin/audit/Makefile.in#9 $
+# $P4: //depot/projects/trustedbsd/openbsm/bin/audit/Makefile.in#11 $
#
VPATH = @srcdir@
@@ -49,9 +49,9 @@ CONFIG_CLEAN_FILES =
am__installdirs = "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(man8dir)"
sbinPROGRAMS_INSTALL = $(INSTALL_PROGRAM)
PROGRAMS = $(sbin_PROGRAMS)
-am__audit_SOURCES_DIST = audit.c auditd_control_user.c
+am__audit_SOURCES_DIST = audit.c auditd_controlUser.c
@USE_MACH_IPC_FALSE at am_audit_OBJECTS = audit.$(OBJEXT)
- at USE_MACH_IPC_TRUE@am_audit_OBJECTS = auditd_control_user.$(OBJEXT) \
+ at USE_MACH_IPC_TRUE@am_audit_OBJECTS = auditd_controlUser.$(OBJEXT) \
@USE_MACH_IPC_TRUE@ audit.$(OBJEXT)
audit_OBJECTS = $(am_audit_OBJECTS)
audit_DEPENDENCIES = $(top_builddir)/libbsm/libbsm.la
@@ -188,8 +188,8 @@ top_srcdir = @top_srcdir@
audit_LDADD = $(top_builddir)/libbsm/libbsm.la
man8_MANS = audit.8
@USE_MACH_IPC_FALSE at audit_SOURCES = audit.c
- at USE_MACH_IPC_TRUE@audit_SOURCES = auditd_control_user.c audit.c
- at USE_MACH_IPC_TRUE@CLEANFILES = auditd_control_user.c auditd_control_user.h
+ at USE_MACH_IPC_TRUE@audit_SOURCES = auditd_controlUser.c audit.c
+ at USE_MACH_IPC_TRUE@CLEANFILES = auditd_controlUser.c auditd_control.h
all: all-am
.SUFFIXES:
@@ -262,7 +262,7 @@ distclean-compile:
-rm -f *.tab.c
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/audit.Po at am__quote@
- at AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/auditd_control_user.Po at am__quote@
+ at AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/auditd_controlUser.Po at am__quote@
.c.o:
@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
@@ -521,8 +521,8 @@ uninstall-man: uninstall-man8
uninstall-sbinPROGRAMS
- at USE_MACH_IPC_TRUE@auditd_control_user.c: $(top_srcdir)/bin/auditd/auditd_control.defs
- at USE_MACH_IPC_TRUE@ $(MIG) -user auditd_control_user.c -header auditd_control_user.h -server /dev/null -sheader /dev/null $(top_srcdir)/bin/auditd/auditd_control.defs
+ at USE_MACH_IPC_TRUE@auditd_controlUser.c auditd_control.h: $(top_srcdir)/bin/auditd/auditd_control.defs
+ at USE_MACH_IPC_TRUE@ $(MIG) -user auditd_controlUser.c -header auditd_control.h -server /dev/null -sheader /dev/null $(top_srcdir)/bin/auditd/auditd_control.defs
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
.NOEXPORT:
Modified: projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/audit/audit.8
==============================================================================
--- projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/audit/audit.8 Mon Apr 6 15:45:03 2009 (r190778)
+++ projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/audit/audit.8 Mon Apr 6 16:28:20 2009 (r190779)
@@ -25,9 +25,9 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $P4: //depot/projects/trustedbsd/openbsm/bin/audit/audit.8#11 $
+.\" $P4: //depot/projects/trustedbsd/openbsm/bin/audit/audit.8#13 $
.\"
-.Dd October 2, 2006
+.Dd December 11, 2008
.Dt AUDIT 8
.Os
.Sh NAME
@@ -35,7 +35,7 @@
.Nd audit management utility
.Sh SYNOPSIS
.Nm
-.Fl n | s | t
+.Fl i | n | s | t
.Sh DESCRIPTION
The
.Nm
@@ -43,6 +43,13 @@ utility controls the state of the audit
One of the following flags is required as an argument to
.Nm :
.Bl -tag -width indent
+.It Fl i
+Initializes and starts auditing.
+This option is currently for Mac OS X only
+and requires
+.Xr auditd 8
+to be configured to run under
+.Xr launchd 8 .
.It Fl n
Forces the audit system to close the existing audit log file and rotate to
a new log file in a location specified in the audit control file.
@@ -59,6 +66,13 @@ and renamed to indicate the time of the
The
.Xr auditd 8
daemon must already be running.
+Optionally, it can be configured to be started
+on-demand by
+.Xr launchd 8
+(Mac OS X only).
+The
+.Nm
+utility requires audit administrator privileges for successful operation.
.Sh FILES
.Bl -tag -width ".Pa /etc/security/audit_control" -compact
.It Pa /etc/security/audit_control
@@ -67,7 +81,8 @@ Audit policy file used to configure the
.Sh SEE ALSO
.Xr audit 4 ,
.Xr audit_control 5 ,
-.Xr auditd 8
+.Xr auditd 8 ,
+.Xr launchd 8
.Sh HISTORY
The OpenBSM implementation was created by McAfee Research, the security
division of McAfee Inc., under contract to Apple Computer Inc.\& in 2004.
Modified: projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/audit/audit.c
==============================================================================
--- projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/audit/audit.c Mon Apr 6 15:45:03 2009 (r190778)
+++ projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/audit/audit.c Mon Apr 6 16:28:20 2009 (r190779)
@@ -26,7 +26,7 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/bin/audit/audit.c#11 $
+ * $P4: //depot/projects/trustedbsd/openbsm/bin/audit/audit.c#13 $
*/
/*
* Program to trigger the audit daemon with a message that is either:
@@ -47,6 +47,7 @@
#include <bsm/libbsm.h>
+#include <errno.h>
#include <fcntl.h>
#include <stdio.h>
#include <stdlib.h>
@@ -64,7 +65,15 @@ static int send_trigger(unsigned int);
#include <mach/host_special_ports.h>
#include <servers/bootstrap.h>
-#include "auditd_control_user.h"
+#include "auditd_control.h"
+
+/*
+ * XXX the following is temporary until this can be added to the kernel
+ * audit.h header.
+ */
+#ifndef AUDIT_TRIGGER_INITIALIZE
+#define AUDIT_TRIGGER_INITIALIZE 7
+#endif
static int
send_trigger(unsigned int trigger)
@@ -74,7 +83,12 @@ send_trigger(unsigned int trigger)
error = host_get_audit_control_port(mach_host_self(), &serverPort);
if (error != KERN_SUCCESS) {
- mach_error("Cannot get auditd_control Mach port: ", error);
+ if (geteuid() != 0) {
+ errno = EPERM;
+ perror("audit requires root privileges");
+ } else
+ mach_error("Cannot get auditd_control Mach port:",
+ error);
return (-1);
}
@@ -96,7 +110,10 @@ send_trigger(unsigned int trigger)
error = auditon(A_SENDTRIGGER, &trigger, sizeof(trigger));
if (error != 0) {
- perror("Error sending trigger");
+ if (error == EPERM)
+ perror("audit requires root privileges");
+ else
+ perror("Error sending trigger");
return (-1);
}
@@ -108,7 +125,7 @@ static void
usage(void)
{
- (void)fprintf(stderr, "Usage: audit -n | -s | -t \n");
+ (void)fprintf(stderr, "Usage: audit -i | -n | -s | -t \n");
exit(-1);
}
@@ -124,9 +141,13 @@ main(int argc, char **argv)
if (argc != 2)
usage();
- while ((ch = getopt(argc, argv, "nst")) != -1) {
+ while ((ch = getopt(argc, argv, "inst")) != -1) {
switch(ch) {
+ case 'i':
+ trigger = AUDIT_TRIGGER_INITIALIZE;
+ break;
+
case 'n':
trigger = AUDIT_TRIGGER_ROTATE_USER;
break;
Modified: projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditd/Makefile.am
==============================================================================
--- projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditd/Makefile.am Mon Apr 6 15:45:03 2009 (r190778)
+++ projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditd/Makefile.am Mon Apr 6 16:28:20 2009 (r190779)
@@ -1,5 +1,5 @@
#
-# $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/Makefile.am#4 $
+# $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/Makefile.am#5 $
#
if USE_NATIVE_INCLUDES
@@ -9,18 +9,18 @@ INCLUDES = -I$(top_builddir) -I$(top_src
endif
sbin_PROGRAMS = auditd
-auditd_LDADD = $(top_builddir)/libbsm/libbsm.la
+auditd_LDADD = $(top_builddir)/libbsm/libbsm.la $(top_builddir)/libauditd/libauditd.la
man8_MANS = auditd.8
if USE_MACH_IPC
-auditd_SOURCES = auditd_control_server.c audit_triggers_server.c audit_warn.c auditd.c
-CLEANFILES = auditd_control_server.c auditd_control_server.h audit_triggers_server.c audit_triggers_server.h
+auditd_SOURCES = auditd_controlServer.c audit_triggersServer.c audit_warn.c auditd.c auditd_darwin.c
+CLEANFILES = auditd_control_server.c auditd_controlServer.h audit_triggersServer.c audit_triggersServer.h
-auditd_control_server.c: auditd_control.defs
- $(MIG) -user /dev/null -header /dev/null -server auditd_control_server.c -sheader auditd_control_server.h $(top_srcdir)/bin/auditd/auditd_control.defs
+auditd_controlServer.c auditd_controlServer.h: auditd_control.defs
+ $(MIG) -user /dev/null -header /dev/null -server auditd_controlServer.c -sheader auditd_controlServer.h $(top_srcdir)/bin/auditd/auditd_control.defs
-audit_triggers_server.c: audit_triggers.defs
- $(MIG) -user /dev/null -header /dev/null -server audit_triggers_server.c -sheader audit_triggers_server.h $(top_srcdir)/bin/auditd/audit_triggers.defs
+audit_triggersServer.c audit_triggersServer.h: audit_triggers.defs
+ $(MIG) -user /dev/null -header /dev/null -server audit_triggersServer.c -sheader audit_triggersServer.h $(top_srcdir)/bin/auditd/audit_triggers.defs
else
-auditd_SOURCES = audit_warn.c auditd.c
+auditd_SOURCES = audit_warn.c auditd.c auditd_fbsd.c
endif
Modified: projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditd/Makefile.in
==============================================================================
--- projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditd/Makefile.in Mon Apr 6 15:45:03 2009 (r190778)
+++ projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditd/Makefile.in Mon Apr 6 16:28:20 2009 (r190779)
@@ -15,7 +15,7 @@
@SET_MAKE@
#
-# $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/Makefile.in#9 $
+# $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/Makefile.in#10 $
#
VPATH = @srcdir@
@@ -49,16 +49,17 @@ CONFIG_CLEAN_FILES =
am__installdirs = "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(man8dir)"
sbinPROGRAMS_INSTALL = $(INSTALL_PROGRAM)
PROGRAMS = $(sbin_PROGRAMS)
-am__auditd_SOURCES_DIST = audit_warn.c auditd.c \
- auditd_control_server.c audit_triggers_server.c
+am__auditd_SOURCES_DIST = audit_warn.c auditd.c auditd_fbsd.c \
+ auditd_controlServer.c audit_triggersServer.c auditd_darwin.c
@USE_MACH_IPC_FALSE at am_auditd_OBJECTS = audit_warn.$(OBJEXT) \
- at USE_MACH_IPC_FALSE@ auditd.$(OBJEXT)
- at USE_MACH_IPC_TRUE@am_auditd_OBJECTS = \
- at USE_MACH_IPC_TRUE@ auditd_control_server.$(OBJEXT) \
- at USE_MACH_IPC_TRUE@ audit_triggers_server.$(OBJEXT) \
- at USE_MACH_IPC_TRUE@ audit_warn.$(OBJEXT) auditd.$(OBJEXT)
+ at USE_MACH_IPC_FALSE@ auditd.$(OBJEXT) auditd_fbsd.$(OBJEXT)
+ at USE_MACH_IPC_TRUE@am_auditd_OBJECTS = auditd_controlServer.$(OBJEXT) \
+ at USE_MACH_IPC_TRUE@ audit_triggersServer.$(OBJEXT) \
+ at USE_MACH_IPC_TRUE@ audit_warn.$(OBJEXT) auditd.$(OBJEXT) \
+ at USE_MACH_IPC_TRUE@ auditd_darwin.$(OBJEXT)
auditd_OBJECTS = $(am_auditd_OBJECTS)
-auditd_DEPENDENCIES = $(top_builddir)/libbsm/libbsm.la
+auditd_DEPENDENCIES = $(top_builddir)/libbsm/libbsm.la \
+ $(top_builddir)/libauditd/libauditd.la
DEFAULT_INCLUDES = -I. -I$(top_builddir)/config at am__isrc@
depcomp = $(SHELL) $(top_srcdir)/config/depcomp
am__depfiles_maybe = depfiles
@@ -189,11 +190,11 @@ top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
@USE_NATIVE_INCLUDES_FALSE at INCLUDES = -I$(top_builddir) -I$(top_srcdir) -I$(top_srcdir)/sys
@USE_NATIVE_INCLUDES_TRUE at INCLUDES = -I$(top_builddir) -I$(top_srcdir)
-auditd_LDADD = $(top_builddir)/libbsm/libbsm.la
+auditd_LDADD = $(top_builddir)/libbsm/libbsm.la $(top_builddir)/libauditd/libauditd.la
man8_MANS = auditd.8
- at USE_MACH_IPC_FALSE@auditd_SOURCES = audit_warn.c auditd.c
- at USE_MACH_IPC_TRUE@auditd_SOURCES = auditd_control_server.c audit_triggers_server.c audit_warn.c auditd.c
- at USE_MACH_IPC_TRUE@CLEANFILES = auditd_control_server.c auditd_control_server.h audit_triggers_server.c audit_triggers_server.h
+ at USE_MACH_IPC_FALSE@auditd_SOURCES = audit_warn.c auditd.c auditd_fbsd.c
+ at USE_MACH_IPC_TRUE@auditd_SOURCES = auditd_controlServer.c audit_triggersServer.c audit_warn.c auditd.c auditd_darwin.c
+ at USE_MACH_IPC_TRUE@CLEANFILES = auditd_control_server.c auditd_controlServer.h audit_triggersServer.c audit_triggersServer.h
all: all-am
.SUFFIXES:
@@ -265,10 +266,12 @@ mostlyclean-compile:
distclean-compile:
-rm -f *.tab.c
- at AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/audit_triggers_server.Po at am__quote@
+ at AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/audit_triggersServer.Po at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/audit_warn.Po at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/auditd.Po at am__quote@
- at AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/auditd_control_server.Po at am__quote@
+ at AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/auditd_controlServer.Po at am__quote@
+ at AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/auditd_darwin.Po at am__quote@
+ at AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/auditd_fbsd.Po at am__quote@
.c.o:
@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
@@ -527,11 +530,11 @@ uninstall-man: uninstall-man8
uninstall-sbinPROGRAMS
- at USE_MACH_IPC_TRUE@auditd_control_server.c: auditd_control.defs
- at USE_MACH_IPC_TRUE@ $(MIG) -user /dev/null -header /dev/null -server auditd_control_server.c -sheader auditd_control_server.h $(top_srcdir)/bin/auditd/auditd_control.defs
+ at USE_MACH_IPC_TRUE@auditd_controlServer.c auditd_controlServer.h: auditd_control.defs
+ at USE_MACH_IPC_TRUE@ $(MIG) -user /dev/null -header /dev/null -server auditd_controlServer.c -sheader auditd_controlServer.h $(top_srcdir)/bin/auditd/auditd_control.defs
- at USE_MACH_IPC_TRUE@audit_triggers_server.c: audit_triggers.defs
- at USE_MACH_IPC_TRUE@ $(MIG) -user /dev/null -header /dev/null -server audit_triggers_server.c -sheader audit_triggers_server.h $(top_srcdir)/bin/auditd/audit_triggers.defs
+ at USE_MACH_IPC_TRUE@audit_triggersServer.c audit_triggersServer.h: audit_triggers.defs
+ at USE_MACH_IPC_TRUE@ $(MIG) -user /dev/null -header /dev/null -server audit_triggersServer.c -sheader audit_triggersServer.h $(top_srcdir)/bin/auditd/audit_triggers.defs
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
.NOEXPORT:
Modified: projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditd/audit_warn.c
==============================================================================
--- projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditd/audit_warn.c Mon Apr 6 15:45:03 2009 (r190778)
+++ projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditd/audit_warn.c Mon Apr 6 16:28:20 2009 (r190779)
@@ -26,7 +26,7 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/audit_warn.c#9 $
+ * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/audit_warn.c#10 $
*/
#include <sys/types.h>
@@ -71,20 +71,15 @@ auditwarnlog(char *args[])
}
/*
- * Indicates that the hard limit for all filesystems has been exceeded count
- * times.
+ * Indicates that the hard limit for all filesystems has been exceeded.
*/
int
-audit_warn_allhard(int count)
+audit_warn_allhard(void)
{
- char intstr[12];
- char *args[3];
-
- snprintf(intstr, 12, "%d", count);
+ char *args[2];
args[0] = HARDLIM_ALL_WARN;
- args[1] = intstr;
- args[2] = NULL;
+ args[1] = NULL;
return (auditwarnlog(args));
}
Modified: projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditd/auditd.8
==============================================================================
--- projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditd/auditd.8 Mon Apr 6 15:45:03 2009 (r190778)
+++ projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditd/auditd.8 Mon Apr 6 16:28:20 2009 (r190779)
@@ -25,9 +25,9 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.8#14 $
+.\" $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.8#16 $
.\"
-.Dd October 2, 2006
+.Dd December 11, 2008
.Dt AUDITD 8
.Os
.Sh NAME
@@ -35,7 +35,7 @@
.Nd audit log management daemon
.Sh SYNOPSIS
.Nm
-.Op Fl d
+.Op Fl d | l
.Sh DESCRIPTION
The
.Nm
@@ -50,7 +50,16 @@ The options are as follows:
.Bl -tag -width indent
.It Fl d
Starts the daemon in debug mode \[em] it will not daemonize.
+.It Fl l
+This option is for when
+.Nm
+is configured to start on-demand using
+.Xr launchd 8 .
.El
+.Pp
+Optionally, the audit review group "audit" may be created.
+Non-privileged
+users that are members of this group may read the audit trail log files.
.Sh NOTE
To assure uninterrupted audit support, the
.Nm
@@ -63,20 +72,33 @@ the
.Pa audit_control
file.
.Pp
-.\" Sending a
-.\" .Dv SIGHUP
-.\" to a running
-.\" .Nm
-.\" daemon will force it to exit.
-Sending a
-.Dv SIGTERM
-to a running
+If
+.Nm
+is started on-demand by
+.Xr launchd 8
+then auditing should only be started and stopped with
+.Xr audit 8 .
+.Pp
+On Mac OS X,
.Nm
-daemon will force it to exit.
+uses the
+.Xr asl 3
+API for writing system log messages.
+Therefore, only the audit administrator
+and members of the audit review group will be able to read the
+system log entries.
.Sh FILES
-.Bl -tag -width ".Pa /var/audit" -compact
+.Bl -tag -width ".Pa /etc/security" -compact
.It Pa /var/audit
Default directory for storing audit log files.
+.Pp
+.It Pa /etc/security
+The directory containing the auditing configuration files
+.Xr audit_class 5 ,
+.Xr audit_control 5 ,
+.Xr audit_event 5 ,
+and
+.Xr audit_warn 5 .
.El
.Sh COMPATIBILITY
The historical
@@ -92,9 +114,14 @@ and
and are no longer available as arguments to
.Nm .
.Sh SEE ALSO
+.Xr asl 3 ,
.Xr audit 4 ,
+.Xr audit_class 5 ,
.Xr audit_control 5 ,
-.Xr audit 8
+.Xr audit_event 5 ,
+.Xr audit_warn 5 ,
+.Xr audit 8 ,
+.Xr launchd 8
.Sh HISTORY
The OpenBSM implementation was created by McAfee Research, the security
division of McAfee Inc., under contract to Apple Computer Inc.\& in 2004.
Modified: projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditd/auditd.c
==============================================================================
--- projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditd/auditd.c Mon Apr 6 15:45:03 2009 (r190778)
+++ projects/tcp_ffcaia2008_8.x/contrib/openbsm/bin/auditd/auditd.c Mon Apr 6 16:28:20 2009 (r190779)
@@ -26,30 +26,29 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#39 $
+ * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#40 $
*/
-#include <sys/param.h>
+#include <sys/types.h>
#include <config/config.h>
#include <sys/dirent.h>
-#include <sys/mman.h>
-#include <sys/socket.h>
#ifdef HAVE_FULL_QUEUE_H
#include <sys/queue.h>
#else /* !HAVE_FULL_QUEUE_H */
#include <compat/queue.h>
#endif /* !HAVE_FULL_QUEUE_H */
+#include <sys/mman.h>
+#include <sys/param.h>
#include <sys/stat.h>
#include <sys/wait.h>
#include <bsm/audit.h>
#include <bsm/audit_uevents.h>
+#include <bsm/auditd_lib.h>
#include <bsm/libbsm.h>
-#include <netinet/in.h>
-
#include <err.h>
#include <errno.h>
#include <fcntl.h>
@@ -60,115 +59,88 @@
#include <unistd.h>
#include <signal.h>
#include <string.h>
-#include <syslog.h>
-#include <netdb.h>
#include "auditd.h"
-#ifdef USE_MACH_IPC
-#include <notify.h>
-#include <mach/port.h>
-#include <mach/mach_error.h>
-#include <mach/mach_traps.h>
-#include <mach/mach.h>
-#include <mach/host_special_ports.h>
-
-#include "auditd_control_server.h"
-#include "audit_triggers_server.h"
-#endif /* USE_MACH_IPC */
#ifndef HAVE_STRLCPY
#include <compat/strlcpy.h>
#endif
-#define NA_EVENT_STR_SIZE 25
-#define POL_STR_SIZE 128
-static int ret, minval;
-static char *lastfile = NULL;
-static int allhardcount = 0;
-static int sigchlds, sigchlds_handled;
-static int sighups, sighups_handled;
-#ifndef USE_MACH_IPC
-static int sigterms, sigterms_handled;
-static int triggerfd = 0;
-
-#else /* USE_MACH_IPC */
-
-static mach_port_t control_port = MACH_PORT_NULL;
-static mach_port_t signal_port = MACH_PORT_NULL;
-static mach_port_t port_set = MACH_PORT_NULL;
-
-#ifndef __BSM_INTERNAL_NOTIFY_KEY
-#define __BSM_INTERNAL_NOTIFY_KEY "com.apple.audit.change"
-#endif /* __BSM_INTERNAL_NOTIFY_KEY */
-#endif /* USE_MACH_IPC */
-
-static TAILQ_HEAD(, dir_ent) dir_q;
-
-static int config_audit_controls(void);
-
/*
- * Error starting auditd
+ * XXX the following is temporary until this can be added to the kernel
+ * audit.h header.
*/
-static void
-fail_exit(void)
-{
-
- audit_warn_nostart();
- exit(1);
-}
+#ifndef AUDIT_TRIGGER_INITIALIZE
+#define AUDIT_TRIGGER_INITIALIZE 7
+#endif
/*
- * Free our local list of directory names.
+ * LaunchD flag (Mac OS X and, maybe, FreeBSD only.) See launchd(8) and
+ * http://wiki.freebsd.org/launchd for more information.
+ *
+ * In order for auditd to work "on demand" with launchd(8) it can't:
+ * call daemon(3)
+ * call fork and having the parent process exit
+ * change uids or gids.
+ * set up the current working directory or chroot.
+ * set the session id
+ * change stdio to /dev/null.
+ * call setrusage(2)
+ * call setpriority(2)
+ * Ignore SIGTERM.
+ * auditd (in 'launchd mode') is launched on demand so it must catch
+ * SIGTERM to exit cleanly.
+ */
+static int launchd_flag = 0;
+
+/*
+ * The GID of the audit review group (if used). The audit trail files and
+ * system logs (Mac OS X only) can only be reviewed by members of this group
+ * or the audit administrator (aka. "root").
*/
-static void
-free_dir_q(void)
-{
- struct dir_ent *dirent;
+static gid_t audit_review_gid = -1;
- while ((dirent = TAILQ_FIRST(&dir_q))) {
- TAILQ_REMOVE(&dir_q, dirent, dirs);
- free(dirent->dirname);
- free(dirent);
- }
-}
+/*
+ * The path and file name of the last audit trail file.
+ */
+static char *lastfile = NULL;
/*
- * Generate the timestamp string.
+ * Error starting auditd. Run warn script and exit.
*/
-static int
-getTSstr(char *buf, int len)
+static void
+fail_exit(void)
{
- struct timeval ts;
- struct timezone tzp;
- time_t tt;
- if (gettimeofday(&ts, &tzp) != 0)
- return (-1);
- tt = (time_t)ts.tv_sec;
- if (!strftime(buf, len, "%Y%m%d%H%M%S", gmtime(&tt)))
- return (-1);
- return (0);
+ audit_warn_nostart();
+ exit(1);
}
/*
- * Concat the directory name to the given file name.
- * XXX We should affix the hostname also
+ * Follow the 'current' symlink to get the active trail file name.
*/
static char *
-affixdir(char *name, struct dir_ent *dirent)
+get_curfile(void)
{
- char *fn = NULL;
+ char *cf;
+ int len;
- syslog(LOG_DEBUG, "dir = %s", dirent->dirname);
- /*
- * Sanity check on file name.
- */
- if (strlen(name) != (FILENAME_LEN - 1)) {
- syslog(LOG_ERR, "Invalid file name: %s", name);
+ cf = malloc(MAXPATHLEN);
+ if (cf == NULL) {
+ auditd_log_err("malloc failed: %m");
+ return (NULL);
+ }
+
+ len = readlink(AUDIT_CURRENT_LINK, cf, MAXPATHLEN - 1);
+ if (len < 0) {
+ free(cf);
return (NULL);
}
- asprintf(&fn, "%s/%s", dirent->dirname, name);
- return (fn);
+
+ /* readlink() doesn't terminate string. */
+ cf[len] = '\0';
+
+ return (cf);
}
/*
@@ -181,6 +153,10 @@ close_lastfile(char *TS)
char *oldname;
size_t len;
+ /* If lastfile is NULL try to get it from the 'current' link. */
+ if (lastfile == NULL)
+ lastfile = get_curfile();
+
if (lastfile != NULL) {
len = strlen(lastfile) + 1;
oldname = (char *)malloc(len);
@@ -192,16 +168,21 @@ close_lastfile(char *TS)
if ((ptr = strstr(lastfile, NOT_TERMINATED)) != NULL) {
strlcpy(ptr, TS, TIMESTAMP_LEN);
if (rename(oldname, lastfile) != 0)
- syslog(LOG_ERR,
+ auditd_log_err(
"Could not rename %s to %s: %m", oldname,
lastfile);
else {
- syslog(LOG_INFO, "renamed %s to %s",
+ /*
+ * Remove the 'current' symlink since the link
+ * is now invalid.
+ */
+ (void) unlink(AUDIT_CURRENT_LINK);
+ auditd_log_notice( "renamed %s to %s",
oldname, lastfile);
audit_warn_closefile(lastfile);
}
} else
- syslog(LOG_ERR, "Could not rename %s to %s", oldname,
+ auditd_log_err( "Could not rename %s to %s", oldname,
lastfile);
free(lastfile);
free(oldname);
@@ -211,168 +192,81 @@ close_lastfile(char *TS)
}
/*
- * Create the new audit file with appropriate permissions and ownership. Try
- * to clean up if something goes wrong.
- */
-static int
-#ifdef AUDIT_REVIEW_GROUP
-open_trail(const char *fname, uid_t uid, gid_t gid)
-#else
-open_trail(const char *fname)
-#endif
-{
- int error, fd;
-
- fd = open(fname, O_RDONLY | O_CREAT, S_IRUSR | S_IRGRP);
- if (fd < 0)
- return (-1);
-#ifdef AUDIT_REVIEW_GROUP
- if (fchown(fd, uid, gid) < 0) {
- error = errno;
- close(fd);
- (void)unlink(fname);
- errno = error;
- return (-1);
- }
-#endif
- return (fd);
-}
-
-/*
* Create the new file name, swap with existing audit file.
*/
*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
More information about the svn-src-projects
mailing list