PERFORCE change 91368 for review
Robert Watson
rwatson at FreeBSD.org
Wed Feb 8 03:04:01 GMT 2006
http://perforce.freebsd.org/chv.cgi?CH=91368
Change 91368 by rwatson at rwatson_peppercorn on 2006/02/08 03:03:39
Integrate OpenBSM branch into TrustedBSD audit3 branch:
- Build fixes for Darwin.
- cannot_audit() required by OpenSSH.
Affected files ...
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/CHANGELOG#8 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/audit/audit.c#4 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/auditd/auditd.c#5 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/bsm/libbsm.h#6 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/etc/audit_user#4 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_notify.c#5 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_wrappers.c#7 integrate
Differences ...
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/CHANGELOG#8 (text+ko) ====
@@ -1,3 +1,15 @@
+OpenBSM 1.0 alpha 4
+
+- Remove "audit" user example from audit_user, as it's not present on most
+ systems.
+- Add cannot_audit() function non-Darwin systems that wraps auditon();
+ required by OpenSSH BSM support. Convert Darwin cannot_audit() into a
+ function rather than a macro.
+- Library build fixed on Darwin following include file tweaks. The native
+ Darwin sys/audit.h conflicts with bsm/audit.h due to duplicate types, so
+ for now we force bsm_wrappers.c to not perform a nested include of
+ sys/audit.h.
+
OpenBSM 1.0 alpha 3
- Man page formatting, cross reference, mlinks, and accuracy improvements.
@@ -82,4 +94,4 @@
to support reloading of kernel event table.
- Allow comments in /etc/security configuration files.
-$P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/CHANGELOG#7 $
+$P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/CHANGELOG#8 $
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/audit/audit.c#4 (text+ko) ====
@@ -30,7 +30,7 @@
*
* @APPLE_BSD_LICENSE_HEADER_END@
*
- * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/audit/audit.c#3 $
+ * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/audit/audit.c#4 $
*/
/*
* Program to trigger the audit daemon with a message that is either:
@@ -40,8 +40,8 @@
*
*/
+#include <sys/types.h>
#include <sys/queue.h>
-#include <sys/types.h>
#include <sys/uio.h>
#include <bsm/audit.h>
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/auditd/auditd.c#5 (text+ko) ====
@@ -30,14 +30,14 @@
*
* @APPLE_BSD_LICENSE_HEADER_END@
*
- * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/auditd/auditd.c#4 $
+ * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/auditd/auditd.c#5 $
*/
+#include <sys/types.h>
#include <sys/dirent.h>
#include <sys/mman.h>
#include <sys/queue.h>
#include <sys/stat.h>
-#include <sys/types.h>
#include <sys/wait.h>
#include <bsm/audit.h>
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/bsm/libbsm.h#6 (text+ko) ====
@@ -26,7 +26,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/bsm/libbsm.h#5 $
+ * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/bsm/libbsm.h#6 $
*/
#ifndef _LIBBSM_H_
@@ -44,11 +44,12 @@
#include <sys/cdefs.h>
#include <sys/queue.h>
+#include <stdint.h> /* Required for audit.h. */
+
#include <bsm/audit.h>
#include <bsm/audit_record.h>
#include <stdio.h>
-#include <stdint.h>
#ifdef __APPLE__
#include <mach/mach.h> /* audit_token_t */
@@ -871,7 +872,7 @@
__END_DECLS
/* OpenSSH compatibility */
-#define cannot_audit(x) (!(au_get_state() == AUC_AUDITING))
+int cannot_audit(int);
__BEGIN_DECLS
/*
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/etc/audit_user#4 (text+ko) ====
@@ -1,5 +1,4 @@
#
-# $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/etc/audit_user#3 $
+# $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/etc/audit_user#4 $
#
root:lo:no
-audit:fc:no
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_notify.c#5 (text+ko) ====
@@ -26,15 +26,12 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_notify.c#4 $
+ * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_notify.c#5 $
*/
-#ifdef __APPLE__
-
/*
* Based on sample code from Marc Majka.
*/
-#include <notify.h>
#include <string.h> /* strerror() */
#include <sys/errno.h> /* errno */
#include <bsm/libbsm.h>
@@ -42,6 +39,8 @@
#include <syslog.h> /* syslog() */
#include <stdarg.h> /* syslog() */
+#ifdef __APPLE__
+#include <notify.h>
/* If 1, assumes a kernel that sends the right notification. */
#define AUDIT_NOTIFICATION_ENABLED 1
@@ -145,5 +144,25 @@
return (AUC_AUDITING);
}
}
+#endif /* !__APPLE__ */
-#endif /* !__APPLE__ */
+int
+cannot_audit(int val __unused)
+{
+#ifdef __APPLE__
+ return (!(au_get_state() == AUC_AUDITING));
+#else
+ unsigned long au_cond;
+
+ if (auditon(A_GETCOND, &au_cond, sizeof(long)) < 0) {
+ if (errno != ENOSYS) {
+ syslog(LOG_ERR, "Audit status check failed (%s)",
+ strerror(errno));
+ }
+ return (1);
+ }
+ if (au_cond == AUC_NOAUDIT || au_cond == AUC_DISABLED)
+ return (1);
+ return (0);
+#endif /* !__APPLE__ */
+}
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_wrappers.c#7 (text+ko) ====
@@ -26,9 +26,13 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_wrappers.c#6 $
+ * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_wrappers.c#7 $
*/
+#ifdef __APPLE__
+#define _SYS_AUDIT_H /* Prevent include of sys/audit.h. */
+#endif
+
#include <sys/param.h>
#include <sys/stat.h>
#include <sys/sysctl.h>
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list