Dear 6.x users:

In preparation for FreeBSD 6.3, Christian and I have been merging a moderate
number of OpenBSM and audit-related changes from HEAD to RELENG_6. I believe
we're now about done in time for the next 6.3 BETA, so if I could ask all
users of audit in 6-STABLE to slide forward and test out the changes, that
would be most helpful. Most should, in theory, be transparent as they are
largely bug fixes and cleanups, so what we're really looking for are any
problems that need to be resolved before the release. The OpenBSM commit
message is below, but you can check the back commit logs for other changes to
src/sys/security/audit in support or related to this.

Thanks,

Robert N M Watson
Computer Laboratory
University of Cambridge

---------- Forwarded message ----------
Date: Thu, 15 Nov 2007 19:27:12 +0000 (UTC)
From: Robert Watson
To: src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org
Subject: cvs commit: src/contrib/openbsm HISTORY Makefile.in README TODO
VERSION aclocal.m4 configure configure.ac src/contrib/openbsm/bin
Makefile.in src/contrib/openbsm/bin/audit Makefile.in audit.8
audit.c src/contrib/openbsm/bin/auditd Makefile.in audit_warn.c ...

rwatson 2007-11-15 19:27:12 UTC

FreeBSD src repository

Modified files: (Branch: RELENG_6)
contrib/openbsm HISTORY Makefile.in README TODO VERSION
aclocal.m4 configure configure.ac
contrib/openbsm/bin Makefile.in
contrib/openbsm/bin/audit Makefile.in audit.8 audit.c
contrib/openbsm/bin/auditd Makefile.in audit_warn.c auditd.8
auditd.c auditd.h
contrib/openbsm/bin/auditfilterd Makefile.in auditfilterd.8
auditfilterd.c
contrib/openbsm/bin/auditreduce Makefile.in auditreduce.1
auditreduce.c
contrib/openbsm/bin/praudit Makefile.in praudit.1 praudit.c
contrib/openbsm/bsm Makefile.in libbsm.h
contrib/openbsm/config config.h config.h.in ltmain.sh
contrib/openbsm/etc audit_class audit_control audit_event
audit_user audit_warn
contrib/openbsm/libbsm Makefile.in au_class.3 au_control.3
au_event.3 au_free_token.3 au_io.3
au_mask.3 au_open.3 au_token.3
au_user.3 audit_submit.3 bsm_event.c
bsm_io.c bsm_notify.c bsm_token.c
bsm_wrappers.c libbsm.3
contrib/openbsm/man Makefile.in audit.2 audit.log.5
audit_class.5 audit_control.5
audit_event.5 audit_user.5 audit_warn.5
auditctl.2 auditon.2 getaudit.2 getauid.2
setaudit.2 setauid.2
contrib/openbsm/modules Makefile.in
contrib/openbsm/modules/auditfilter_noop Makefile.in
contrib/openbsm/test Makefile.in
contrib/openbsm/test/bsm Makefile.in generate.c
contrib/openbsm/test/reference arg32_record data_record
file_record in_addr_record
ip_record ipc_record
iport_record opaque_record
path_record process32_record
return32_record seq_record
subject32_record
subject32ex_record
subject32ex_token-IPv4
subject32ex_token-IPv6
text_record
contrib/openbsm/tools Makefile.in audump.c
Added files: (Branch: RELENG_6)
contrib/openbsm/compat clock_gettime.h
contrib/openbsm/test/reference process32ex_record-IPv4
process32ex_record-IPv6
process32ex_token-IPv4
process32ex_token-IPv6
process64_record
process64_token
process64ex_record-IPv4
process64ex_record-IPv6
process64ex_token-IPv4
process64ex_token-IPv6
zonename_record zonename_token
Removed files: (Branch: RELENG_6)
contrib/openbsm/test/reference process32ex_record
process32ex_token
Log:
Merge OpenBSM 1.0 from HEAD to RELENG_6:

OpenBSM 1.0

- Fix bug in auditreduce(8) which resulted in a memory fault/crash when
the user specified an event name with -m.
- Remove AU_.* hard-coded audit class constants, as udit classes are now
entirely dynamically configured using /etc/security/audit_class.

OpenBSM 1.0 alpha 15

- Fix bug when processing in_addr_ex tokens.
- Restore the behavior of printing the string/text specified while
auditing arg32 tokens.
- Synchronized audit event list to Solaris, picking up the *at(2) system call
definitions, now required for FreeBSD and Linux. Added additional events
for *at(2) system calls not present in Solaris.
- Bugs in auditreduce(8) fixed allowing partial date strings to be used in
filtering events.

OpenBSM 1.0 alpha 14

- Fix endian issues when processing IPv6 addresses for extended subject
and process tokens.
- gcc41 warnings clean.
- Teach audit_submit(3) about getaudit_addr(2).
- Add support for zonename tokens.

OpenBSM 1.0 alpha 13

- compat/clock_gettime.h now provides a compatibility implementation of
clock_gettime(), which fixes building on Mac OS X.
- Countless man page improvements, markup fixes, content fixs, etc.
- XML printing support via "praudit -x".
- audit.log.5 expanded to include additional BSM token types.
- Added encoding and decoding routines for process64_ex, process32_ex,
subject32_ex, header64, and attr64 tokens.
- Additional audit event identifiers for listen, mlockall/munlockall,
getpath, POSIX message queues, and mandatory access control.

Revision Changes Path
1.1.1.5.2.3 +39 -1 src/contrib/openbsm/HISTORY
1.1.1.2.2.2 +77 -64 src/contrib/openbsm/Makefile.in
1.1.1.6.2.2 +29 -15 src/contrib/openbsm/README
1.1.1.3.2.3 +1 -2 src/contrib/openbsm/TODO
1.1.1.6.2.3 +1 -1 src/contrib/openbsm/VERSION
1.1.1.1.2.2 +888 -475 src/contrib/openbsm/aclocal.m4
1.1.1.2.2.2 +69 -59 src/contrib/openbsm/bin/Makefile.in
1.1.1.1.2.2 +71 -61 src/contrib/openbsm/bin/audit/Makefile.in
1.1.1.3.2.2 +26 -30 src/contrib/openbsm/bin/audit/audit.8
1.1.1.4.2.3 +1 -5 src/contrib/openbsm/bin/audit/audit.c
1.1.1.1.2.2 +71 -61 src/contrib/openbsm/bin/auditd/Makefile.in
1.1.1.2.2.3 +1 -5 src/contrib/openbsm/bin/auditd/audit_warn.c
1.1.1.2.2.3 +46 -38 src/contrib/openbsm/bin/auditd/auditd.8
1.1.1.7.2.3 +3 -7 src/contrib/openbsm/bin/auditd/auditd.c
1.1.1.2.2.3 +1 -5 src/contrib/openbsm/bin/auditd/auditd.h
1.1.1.1.2.2 +71 -61 src/contrib/openbsm/bin/auditfilterd/Makefile.in
1.1.1.1.2.2 +20 -13 src/contrib/openbsm/bin/auditfilterd/auditfilterd.8
1.1.1.2.2.2 +6 -2 src/contrib/openbsm/bin/auditfilterd/auditfilterd.c
1.1.1.1.2.2 +71 -61 src/contrib/openbsm/bin/auditreduce/Makefile.in
1.1.1.3.2.3 +79 -69 src/contrib/openbsm/bin/auditreduce/auditreduce.1
1.1.1.3.2.3 +4 -2 src/contrib/openbsm/bin/auditreduce/auditreduce.c
1.1.1.1.2.2 +71 -61 src/contrib/openbsm/bin/praudit/Makefile.in
1.1.1.2.2.2 +50 -29 src/contrib/openbsm/bin/praudit/praudit.1
1.1.1.2.2.2 +36 -15 src/contrib/openbsm/bin/praudit/praudit.c
1.1.1.2.2.2 +57 -50 src/contrib/openbsm/bsm/Makefile.in
1.1.1.6.2.3 +51 -3 src/contrib/openbsm/bsm/libbsm.h
1.1.1.1.4.1 +54 -0 src/contrib/openbsm/compat/clock_gettime.h (new)
1.3.2.3 +6 -6 src/contrib/openbsm/config/config.h
1.1.1.3.2.3 +1 -1 src/contrib/openbsm/config/config.h.in
1.1.1.2.2.2 +149 -82 src/contrib/openbsm/config/ltmain.sh
1.1.1.5.2.3 +6713 -7092 src/contrib/openbsm/configure
1.1.1.5.2.3 +2 -2 src/contrib/openbsm/configure.ac
1.2.2.2 +2 -4 src/contrib/openbsm/etc/audit_class
1.2.2.3 +0 -1 src/contrib/openbsm/etc/audit_control
1.4.2.3 +89 -15 src/contrib/openbsm/etc/audit_event
1.2.2.2 +1 -1 src/contrib/openbsm/etc/audit_user
1.2.2.2 +1 -1 src/contrib/openbsm/etc/audit_warn
1.1.1.2.2.2 +72 -62 src/contrib/openbsm/libbsm/Makefile.in
1.1.1.1.2.2 +32 -20 src/contrib/openbsm/libbsm/au_class.3
1.1.1.2.2.3 +64 -32 src/contrib/openbsm/libbsm/au_control.3
1.1.1.2.2.2 +46 -28 src/contrib/openbsm/libbsm/au_event.3
1.1.1.2.2.2 +26 -20 src/contrib/openbsm/libbsm/au_free_token.3
1.1.1.1.2.2 +39 -22 src/contrib/openbsm/libbsm/au_io.3
1.1.1.2.2.2 +49 -33 src/contrib/openbsm/libbsm/au_mask.3
1.1.1.1.2.3 +26 -19 src/contrib/openbsm/libbsm/au_open.3
1.1.1.4.2.2 +109 -72 src/contrib/openbsm/libbsm/au_token.3
1.1.1.2.2.2 +52 -32 src/contrib/openbsm/libbsm/au_user.3
1.1.1.1.2.2 +18 -12 src/contrib/openbsm/libbsm/audit_submit.3
1.1.1.2.2.2 +3 -3 src/contrib/openbsm/libbsm/bsm_event.c
1.1.1.4.2.3 +2133 -503 src/contrib/openbsm/libbsm/bsm_io.c
1.1.1.4.2.2 +4 -3 src/contrib/openbsm/libbsm/bsm_notify.c
1.1.1.7.2.3 +214 -34 src/contrib/openbsm/libbsm/bsm_token.c
1.1.1.4.2.2 +24 -5 src/contrib/openbsm/libbsm/bsm_wrappers.c
1.1.1.3.2.3 +21 -13 src/contrib/openbsm/libbsm/libbsm.3
1.1.1.1.2.2 +56 -47 src/contrib/openbsm/man/Makefile.in
1.1.1.1.2.2 +23 -15 src/contrib/openbsm/man/audit.2
1.1.1.5.2.2 +346 -295 src/contrib/openbsm/man/audit.log.5
1.1.1.2.2.2 +26 -17 src/contrib/openbsm/man/audit_class.5
1.1.1.2.2.3 +76 -58 src/contrib/openbsm/man/audit_control.5
1.1.1.2.2.2 +28 -22 src/contrib/openbsm/man/audit_event.5
1.1.1.2.2.2 +50 -23 src/contrib/openbsm/man/audit_user.5
1.1.1.2.2.2 +26 -19 src/contrib/openbsm/man/audit_warn.5
1.1.1.2.2.2 +18 -17 src/contrib/openbsm/man/auditctl.2
1.1.1.2.2.3 +115 -62 src/contrib/openbsm/man/auditon.2
1.1.1.2.2.2 +23 -18 src/contrib/openbsm/man/getaudit.2
1.1.1.2.2.2 +21 -18 src/contrib/openbsm/man/getauid.2
1.1.1.2.2.2 +24 -20 src/contrib/openbsm/man/setaudit.2
1.1.1.2.2.2 +21 -18 src/contrib/openbsm/man/setauid.2
1.1.1.1.2.2 +69 -59 src/contrib/openbsm/modules/Makefile.in
1.1.1.1.2.2 +73 -61 src/contrib/openbsm/modules/auditfilter_noop/Makefile.in
1.1.1.1.2.2 +69 -59 src/contrib/openbsm/test/Makefile.in
1.1.1.1.2.2 +68 -58 src/contrib/openbsm/test/bsm/Makefile.in
1.1.1.3.2.2 +176 -14 src/contrib/openbsm/test/bsm/generate.c
1.1.1.1.2.2 +1 -1 src/contrib/openbsm/test/reference/arg32_record
1.1.1.1.2.2 +1 -1 src/contrib/openbsm/test/reference/data_record
1.1.1.1.2.2 +1 -1 src/contrib/openbsm/test/reference/file_record
1.1.1.1.2.2 +1 -1 src/contrib/openbsm/test/reference/in_addr_record
1.1.1.1.2.2 +1 -1 src/contrib/openbsm/test/reference/ip_record
1.1.1.1.2.2 +1 -1 src/contrib/openbsm/test/reference/ipc_record
1.1.1.1.2.2 +1 -1 src/contrib/openbsm/test/reference/iport_record
1.1.1.1.2.2 +1 -1 src/contrib/openbsm/test/reference/opaque_record
1.1.1.1.2.2 +1 -1 src/contrib/openbsm/test/reference/path_record
1.1.1.1.2.2 +1 -1 src/contrib/openbsm/test/reference/process32_record
1.1.1.1.2.2 +0 -2 src/contrib/openbsm/test/reference/process32ex_record (dead)
1.1.1.1.4.1 +2 -0 src/contrib/openbsm/test/reference/process32ex_record-IPv4 (new)
1.1.1.1.4.1 +2 -0 src/contrib/openbsm/test/reference/process32ex_record-IPv6 (new)
1.1.1.1.2.2 +0 -1 src/contrib/openbsm/test/reference/process32ex_token (dead)
1.1.1.1.4.1 +1 -0 src/contrib/openbsm/test/reference/process32ex_token-IPv4 (new)
1.1.1.1.4.1 +1 -0 src/contrib/openbsm/test/reference/process32ex_token-IPv6 (new)
1.1.1.1.4.1 +2 -0 src/contrib/openbsm/test/reference/process64_record (new)
1.1.1.1.4.1 +1 -0 src/contrib/openbsm/test/reference/process64_token (new)
1.1.1.1.4.1 +2 -0 src/contrib/openbsm/test/reference/process64ex_record-IPv4 (new)
1.1.1.1.4.1 +2 -0 src/contrib/openbsm/test/reference/process64ex_record-IPv6 (new)
1.1.1.1.4.1 +1 -0 src/contrib/openbsm/test/reference/process64ex_token-IPv4 (new)
1.1.1.1.4.1 +1 -0 src/contrib/openbsm/test/reference/process64ex_token-IPv6 (new)
1.1.1.1.2.2 +1 -1 src/contrib/openbsm/test/reference/return32_record
1.1.1.1.2.2 +1 -1 src/contrib/openbsm/test/reference/seq_record
1.1.1.1.2.2 +1 -1 src/contrib/openbsm/test/reference/subject32_record
1.1.1.1.2.2 +1 -1 src/contrib/openbsm/test/reference/subject32ex_record
1.1.1.1.2.2 +1 -1 src/contrib/openbsm/test/reference/subject32ex_token-IPv4
1.1.1.1.2.2 +1 -1 src/contrib/openbsm/test/reference/subject32ex_token-IPv6
1.1.1.1.2.2 +1 -1 src/contrib/openbsm/test/reference/text_record
1.1.1.1.4.1 +2 -0 src/contrib/openbsm/test/reference/zonename_record (new)
1.1.1.1.4.1 +1 -0 src/contrib/openbsm/test/reference/zonename_token (new)
1.1.1.2.2.2 +68 -58 src/contrib/openbsm/tools/Makefile.in
1.1.1.2.2.3 +2 -2 src/contrib/openbsm/tools/audump.c
_______________________________________________
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/lis...freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org"