svn commit: r187214 - in head: contrib/openbsm
contrib/openbsm/bin/auditd contrib/openbsm/bin/auditreduce
contrib/openbsm/bsm contrib/openbsm/libauditd
contrib/openbsm/libbsm contrib/openbsm/man co...
Robert Watson
rwatson at FreeBSD.org
Wed Jan 14 02:44:18 PST 2009
Author: rwatson
Date: Wed Jan 14 10:44:16 2009
New Revision: 187214
URL: http://svn.freebsd.org/changeset/base/187214
Log:
Merge OpenBSM alpha 5 from OpenBSM vendor branch to head, both
contrib/openbsm (svn merge) and src/sys/{bsm,security/audit} (manual
merge). Hook up bsm_domain.c and bsm_socket_type.c to the libbsm
build along with man pages, add audit_bsm_domain.c and
audit_bsm_socket_type.c to the kernel environment.
OpenBSM history for imported revisions below for reference.
MFC after: 1 month
Sponsored by: Apple Inc.
Obtained from: TrustedBSD Project
OpenBSM 1.1 alpha 5
- Stub libauditd(3) man page added.
- All BSM error number constants with BSM_ERRNO_.
- Interfaces to convert between local and BSM socket types and protocol
families have been added: au_bsm_to_domain(3), au_bsm_to_socket_type(3),
au_domain_to_bsm(3), and au_socket_type_to_bsm(3), along with definitions
of constants in audit_domain.h and audit_socket_type.h. This improves
interoperability by converting local constant spaces, which vary by OS, to
and from Solaris constants (where available) or OpenBSM constants for
protocol domains not present in Solaris (a fair number). These routines
should be used when generating and interpreting extended socket tokens.
- Fix build warnings with full gcc warnings enabled on most supported
platforms.
- Don't compile error strings into bsm_errno.c when building it in the kernel
environment.
- When started by launchd, use the label com.apple.auditd rather than
org.trustedbsd.auditd.
Added:
head/contrib/openbsm/libauditd/libauditd.3
- copied unchanged from r187065, vendor/openbsm/dist/libauditd/libauditd.3
head/contrib/openbsm/libbsm/au_domain.3
- copied unchanged from r187065, vendor/openbsm/dist/libbsm/au_domain.3
head/contrib/openbsm/libbsm/au_socket_type.3
- copied unchanged from r187065, vendor/openbsm/dist/libbsm/au_socket_type.3
head/contrib/openbsm/libbsm/bsm_domain.c
- copied unchanged from r187065, vendor/openbsm/dist/libbsm/bsm_domain.c
head/contrib/openbsm/libbsm/bsm_socket_type.c
- copied unchanged from r187065, vendor/openbsm/dist/libbsm/bsm_socket_type.c
head/contrib/openbsm/sys/bsm/audit_domain.h
- copied unchanged from r187065, vendor/openbsm/dist/sys/bsm/audit_domain.h
head/contrib/openbsm/sys/bsm/audit_socket_type.h
- copied unchanged from r187065, vendor/openbsm/dist/sys/bsm/audit_socket_type.h
head/sys/bsm/audit_domain.h (contents, props changed)
head/sys/bsm/audit_socket_type.h (contents, props changed)
head/sys/security/audit/audit_bsm_domain.c (contents, props changed)
head/sys/security/audit/audit_bsm_socket_type.c (contents, props changed)
Modified:
head/contrib/openbsm/ (props changed)
head/contrib/openbsm/INSTALL
head/contrib/openbsm/NEWS
head/contrib/openbsm/VERSION
head/contrib/openbsm/bin/auditd/auditd.8
head/contrib/openbsm/bin/auditd/auditd.c
head/contrib/openbsm/bin/auditd/auditd_darwin.c
head/contrib/openbsm/bin/auditd/auditd_fbsd.c
head/contrib/openbsm/bin/auditreduce/auditreduce.c
head/contrib/openbsm/bsm/auditd_lib.h
head/contrib/openbsm/bsm/libbsm.h
head/contrib/openbsm/configure
head/contrib/openbsm/configure.ac
head/contrib/openbsm/libauditd/Makefile.am
head/contrib/openbsm/libauditd/Makefile.in
head/contrib/openbsm/libauditd/auditd_lib.c
head/contrib/openbsm/libbsm/Makefile.am
head/contrib/openbsm/libbsm/Makefile.in
head/contrib/openbsm/libbsm/au_token.3
head/contrib/openbsm/libbsm/bsm_audit.c
head/contrib/openbsm/libbsm/bsm_errno.c
head/contrib/openbsm/libbsm/bsm_io.c
head/contrib/openbsm/libbsm/bsm_token.c
head/contrib/openbsm/libbsm/libbsm.3
head/contrib/openbsm/man/audit_user.5
head/contrib/openbsm/sys/bsm/Makefile.am
head/contrib/openbsm/sys/bsm/Makefile.in
head/contrib/openbsm/sys/bsm/audit.h
head/contrib/openbsm/sys/bsm/audit_errno.h
head/contrib/openbsm/sys/bsm/audit_record.h
head/contrib/openbsm/test/bsm/generate.c
head/contrib/openbsm/test/reference/E2BIG_record
head/contrib/openbsm/test/reference/EACCES_record
head/contrib/openbsm/test/reference/EBADF_record
head/contrib/openbsm/test/reference/EBUSY_record
head/contrib/openbsm/test/reference/ECHILD_record
head/contrib/openbsm/test/reference/EDEADLK_record
head/contrib/openbsm/test/reference/EEXIST_record
head/contrib/openbsm/test/reference/EFAULT_record
head/contrib/openbsm/test/reference/EFBIG_record
head/contrib/openbsm/test/reference/EINTR_record
head/contrib/openbsm/test/reference/EINVAL_record
head/contrib/openbsm/test/reference/EIO_record
head/contrib/openbsm/test/reference/EISDIR_record
head/contrib/openbsm/test/reference/EMFILE_record
head/contrib/openbsm/test/reference/EMLINK_record
head/contrib/openbsm/test/reference/ENFILE_record
head/contrib/openbsm/test/reference/ENODEV_record
head/contrib/openbsm/test/reference/ENOENT_record
head/contrib/openbsm/test/reference/ENOEXEC_record
head/contrib/openbsm/test/reference/ENOMEM_record
head/contrib/openbsm/test/reference/ENOSPC_record
head/contrib/openbsm/test/reference/ENOTBLK_record
head/contrib/openbsm/test/reference/ENOTDIR_record
head/contrib/openbsm/test/reference/ENOTTY_record
head/contrib/openbsm/test/reference/ENXIO_record
head/contrib/openbsm/test/reference/EPERM_record
head/contrib/openbsm/test/reference/EPIPE_record
head/contrib/openbsm/test/reference/EROFS_record
head/contrib/openbsm/test/reference/ESPIPE_record
head/contrib/openbsm/test/reference/ESRCH_record
head/contrib/openbsm/test/reference/ETXTBSY_record
head/contrib/openbsm/test/reference/EXDEV_record
head/contrib/openbsm/test/reference/arg32_record
head/contrib/openbsm/test/reference/data_record
head/contrib/openbsm/test/reference/data_token
head/contrib/openbsm/test/reference/file_record
head/contrib/openbsm/test/reference/in_addr_record
head/contrib/openbsm/test/reference/ip_record
head/contrib/openbsm/test/reference/ipc_record
head/contrib/openbsm/test/reference/iport_record
head/contrib/openbsm/test/reference/opaque_record
head/contrib/openbsm/test/reference/path_record
head/contrib/openbsm/test/reference/process32_record
head/contrib/openbsm/test/reference/process32ex_record-IPv4
head/contrib/openbsm/test/reference/process32ex_record-IPv6
head/contrib/openbsm/test/reference/process64_record
head/contrib/openbsm/test/reference/process64ex_record-IPv4
head/contrib/openbsm/test/reference/process64ex_record-IPv6
head/contrib/openbsm/test/reference/return32_record
head/contrib/openbsm/test/reference/seq_record
head/contrib/openbsm/test/reference/socketex_record
head/contrib/openbsm/test/reference/socketex_token
head/contrib/openbsm/test/reference/subject32_record
head/contrib/openbsm/test/reference/subject32ex_record
head/contrib/openbsm/test/reference/text_record
head/contrib/openbsm/test/reference/zonename_record
head/lib/libbsm/Makefile
head/sys/bsm/audit.h
head/sys/bsm/audit_errno.h
head/sys/bsm/audit_internal.h
head/sys/bsm/audit_kevents.h
head/sys/bsm/audit_record.h
head/sys/conf/files
head/sys/security/audit/audit_bsm_errno.c
head/sys/security/audit/audit_bsm_token.c
Modified: head/contrib/openbsm/INSTALL
==============================================================================
--- head/contrib/openbsm/INSTALL Wed Jan 14 10:17:35 2009 (r187213)
+++ head/contrib/openbsm/INSTALL Wed Jan 14 10:44:16 2009 (r187214)
@@ -9,6 +9,12 @@ support are built conditionally. Typica
./configure
make
+If doing development work on OpenBSM with gcc, the following invocation of
+configure may be preferred in order to generate full compiler warnings and
+force the compile to fail if a warning is found:
+
+ CFLAGS="-Wall -Werror" ./configure
+
To install, use:
make install
Modified: head/contrib/openbsm/NEWS
==============================================================================
--- head/contrib/openbsm/NEWS Wed Jan 14 10:17:35 2009 (r187213)
+++ head/contrib/openbsm/NEWS Wed Jan 14 10:44:16 2009 (r187214)
@@ -1,5 +1,24 @@
OpenBSM Version History
+OpenBSM 1.1 alpha 5
+
+- Stub libauditd(3) man page added.
+- All BSM error number constants with BSM_ERRNO_.
+- Interfaces to convert between local and BSM socket types and protocol
+ families have been added: au_bsm_to_domain(3), au_bsm_to_socket_type(3),
+ au_domain_to_bsm(3), and au_socket_type_to_bsm(3), along with definitions
+ of constants in audit_domain.h and audit_socket_type.h. This improves
+ interoperability by converting local constant spaces, which vary by OS, to
+ and from Solaris constants (where available) or OpenBSM constants for
+ protocol domains not present in Solaris (a fair number). These routines
+ should be used when generating and interpreting extended socket tokens.
+- Fix build warnings with full gcc warnings enabled on most supported
+ platforms.
+- Don't compile error strings into bsm_errno.c when building it in the kernel
+ environment.
+- When started by launchd, use the label com.apple.auditd rather than
+ org.trustedbsd.auditd.
+
OpenBSM 1.1 alpha 4
- With the addition of BSM error number mapping, we also need to map the
@@ -393,4 +412,4 @@ OpenBSM 1.0 alpha 1
to support reloading of kernel event table.
- Allow comments in /etc/security configuration files.
-$P4: //depot/projects/trustedbsd/openbsm/NEWS#21 $
+$P4: //depot/projects/trustedbsd/openbsm/NEWS#27 $
Modified: head/contrib/openbsm/VERSION
==============================================================================
--- head/contrib/openbsm/VERSION Wed Jan 14 10:17:35 2009 (r187213)
+++ head/contrib/openbsm/VERSION Wed Jan 14 10:44:16 2009 (r187214)
@@ -1 +1 @@
-OPENBSM_1_1_ALPHA_4
+OPENBSM_1_1_ALPHA_5
Modified: head/contrib/openbsm/bin/auditd/auditd.8
==============================================================================
--- head/contrib/openbsm/bin/auditd/auditd.8 Wed Jan 14 10:17:35 2009 (r187213)
+++ head/contrib/openbsm/bin/auditd/auditd.8 Wed Jan 14 10:44:16 2009 (r187214)
@@ -25,7 +25,7 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.8#16 $
+.\" $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.8#17 $
.\"
.Dd December 11, 2008
.Dt AUDITD 8
@@ -115,6 +115,7 @@ and are no longer available as arguments
.Nm .
.Sh SEE ALSO
.Xr asl 3 ,
+.Xr libauditd 3 ,
.Xr audit 4 ,
.Xr audit_class 5 ,
.Xr audit_control 5 ,
Modified: head/contrib/openbsm/bin/auditd/auditd.c
==============================================================================
--- head/contrib/openbsm/bin/auditd/auditd.c Wed Jan 14 10:17:35 2009 (r187213)
+++ head/contrib/openbsm/bin/auditd/auditd.c Wed Jan 14 10:44:16 2009 (r187214)
@@ -26,7 +26,7 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#40 $
+ * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#41 $
*/
#include <sys/types.h>
@@ -252,7 +252,7 @@ do_trail_file(void)
*/
err = auditd_read_dirs(audit_warn_soft, audit_warn_hard);
if (err) {
- auditd_log_err("auditd_read_dirs() %s: %m",
+ auditd_log_err("auditd_read_dirs(): %s",
auditd_strerror(err));
if (err == ADE_HARDLIM)
audit_warn_allhard();
Modified: head/contrib/openbsm/bin/auditd/auditd_darwin.c
==============================================================================
--- head/contrib/openbsm/bin/auditd/auditd_darwin.c Wed Jan 14 10:17:35 2009 (r187213)
+++ head/contrib/openbsm/bin/auditd/auditd_darwin.c Wed Jan 14 10:44:16 2009 (r187214)
@@ -26,7 +26,7 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd_darwin.c#2 $
+ * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd_darwin.c#3 $
*/
#include <sys/types.h>
@@ -83,7 +83,7 @@ static int max_idletime = 0;
#endif /* __BSM_INTERNAL_NOTIFY_KEY */
#ifndef __AUDIT_LAUNCHD_LABEL
-#define __AUDIT_LAUNCHD_LABEL "org.trustedbsd.auditd"
+#define __AUDIT_LAUNCHD_LABEL "com.apple.auditd"
#endif /* __AUDIT_LAUNCHD_LABEL */
#define MAX_MSG_SIZE 4096
@@ -100,7 +100,7 @@ auditd_openlog(int debug, gid_t gid)
if (debug)
opt = ASL_OPT_STDERR;
- au_aslclient = asl_open("auditd", "org.trustedbsd.auditd", opt);
+ au_aslclient = asl_open("auditd", "com.apple.auditd", opt);
au_aslmsg = asl_new(ASL_TYPE_MSG);
#ifdef ASL_KEY_READ_UID
Modified: head/contrib/openbsm/bin/auditd/auditd_fbsd.c
==============================================================================
--- head/contrib/openbsm/bin/auditd/auditd_fbsd.c Wed Jan 14 10:17:35 2009 (r187213)
+++ head/contrib/openbsm/bin/auditd/auditd_fbsd.c Wed Jan 14 10:44:16 2009 (r187214)
@@ -26,7 +26,7 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd_fbsd.c#1 $
+ * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd_fbsd.c#2 $
*/
#include <sys/types.h>
@@ -35,9 +35,11 @@
#include <errno.h>
#include <fcntl.h>
+#include <stdarg.h>
#include <signal.h>
+#include <string.h>
#include <syslog.h>
-#include <stdarg.h>
+#include <unistd.h>
#include <bsm/audit.h>
#include <bsm/audit_uevents.h>
Modified: head/contrib/openbsm/bin/auditreduce/auditreduce.c
==============================================================================
--- head/contrib/openbsm/bin/auditreduce/auditreduce.c Wed Jan 14 10:17:35 2009 (r187213)
+++ head/contrib/openbsm/bin/auditreduce/auditreduce.c Wed Jan 14 10:44:16 2009 (r187214)
@@ -26,7 +26,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/bin/auditreduce/auditreduce.c#29 $
+ * $P4: //depot/projects/trustedbsd/openbsm/bin/auditreduce/auditreduce.c#31 $
*/
/*
@@ -41,6 +41,9 @@
*/
#include <config/config.h>
+
+#define _GNU_SOURCE /* Required for strptime() on glibc2. */
+
#ifdef HAVE_FULL_QUEUE_H
#include <sys/queue.h>
#else
Modified: head/contrib/openbsm/bsm/auditd_lib.h
==============================================================================
--- head/contrib/openbsm/bsm/auditd_lib.h Wed Jan 14 10:17:35 2009 (r187213)
+++ head/contrib/openbsm/bsm/auditd_lib.h Wed Jan 14 10:44:16 2009 (r187214)
@@ -26,7 +26,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/bsm/auditd_lib.h#2 $
+ * $P4: //depot/projects/trustedbsd/openbsm/bsm/auditd_lib.h#3 $
*/
#ifndef _BSM_AUDITD_LIB_H_
@@ -57,7 +57,7 @@
* Path of auditd plist file for launchd.
*/
#define AUDITD_PLIST_FILE \
- "/System/Library/LaunchDaemons/org.trustedbsd.auditd.plist"
+ "/System/Library/LaunchDaemons/com.apple.auditd.plist"
/*
* Error return codes for auditd_lib functions.
Modified: head/contrib/openbsm/bsm/libbsm.h
==============================================================================
--- head/contrib/openbsm/bsm/libbsm.h Wed Jan 14 10:17:35 2009 (r187213)
+++ head/contrib/openbsm/bsm/libbsm.h Wed Jan 14 10:44:16 2009 (r187214)
@@ -26,7 +26,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/bsm/libbsm.h#40 $
+ * $P4: //depot/projects/trustedbsd/openbsm/bsm/libbsm.h#41 $
*/
#ifndef _LIBBSM_H_
@@ -821,14 +821,22 @@ void au_print_tok_xml(FILE *outfp, to
*/
void au_print_xml_header(FILE *outfp);
void au_print_xml_footer(FILE *outfp);
-__END_DECLS
/*
- * Functions relating to BSM<->errno conversion.
- */
-int au_bsm_to_errno(u_char bsm_error, int *errorp);
-u_char au_errno_to_bsm(int error);
-const char *au_strerror(u_char bsm_error);
+ * BSM library routines for converting between local and BSM constant spaces.
+ * (Note: some of these are replicated in audit_record.h for the benefit of
+ * the FreeBSD and Mac OS X kernels)
+ */
+int au_bsm_to_domain(u_short bsm_domain, int *local_domainp);
+int au_bsm_to_errno(u_char bsm_error, int *errorp);
+int au_bsm_to_socket_type(u_short bsm_socket_type,
+ int *local_socket_typep);
+u_short au_domain_to_bsm(int local_domain);
+u_char au_errno_to_bsm(int local_errno);
+u_short au_socket_type_to_bsm(int local_socket_type);
+
+const char *au_strerror(u_char bsm_error);
+__END_DECLS
/*
* The remaining APIs are associated with Apple's BSM implementation, in
Modified: head/contrib/openbsm/configure
==============================================================================
--- head/contrib/openbsm/configure Wed Jan 14 10:17:35 2009 (r187213)
+++ head/contrib/openbsm/configure Wed Jan 14 10:44:16 2009 (r187214)
@@ -1,7 +1,7 @@
#! /bin/sh
-# From configure.ac P4: //depot/projects/trustedbsd/openbsm/configure.ac#47 .
+# From configure.ac P4: //depot/projects/trustedbsd/openbsm/configure.ac#49 .
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.61 for OpenBSM 1.1alpha4.
+# Generated by GNU Autoconf 2.61 for OpenBSM 1.1alpha5.
#
# Report bugs to <trustedbsd-audit at TrustesdBSD.org>.
#
@@ -729,8 +729,8 @@ SHELL=${CONFIG_SHELL-/bin/sh}
# Identity of this package.
PACKAGE_NAME='OpenBSM'
PACKAGE_TARNAME='openbsm'
-PACKAGE_VERSION='1.1alpha4'
-PACKAGE_STRING='OpenBSM 1.1alpha4'
+PACKAGE_VERSION='1.1alpha5'
+PACKAGE_STRING='OpenBSM 1.1alpha5'
PACKAGE_BUGREPORT='trustedbsd-audit at TrustesdBSD.org'
ac_unique_file="bin/auditreduce/auditreduce.c"
@@ -1404,7 +1404,7 @@ if test "$ac_init_help" = "long"; then
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures OpenBSM 1.1alpha4 to adapt to many kinds of systems.
+\`configure' configures OpenBSM 1.1alpha5 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1474,7 +1474,7 @@ fi
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of OpenBSM 1.1alpha4:";;
+ short | recursive ) echo "Configuration of OpenBSM 1.1alpha5:";;
esac
cat <<\_ACEOF
@@ -1580,7 +1580,7 @@ fi
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-OpenBSM configure 1.1alpha4
+OpenBSM configure 1.1alpha5
generated by GNU Autoconf 2.61
Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001,
@@ -1594,7 +1594,7 @@ cat >config.log <<_ACEOF
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by OpenBSM $as_me 1.1alpha4, which was
+It was created by OpenBSM $as_me 1.1alpha5, which was
generated by GNU Autoconf 2.61. Invocation command line was
$ $0 $@
@@ -19076,7 +19076,7 @@ fi
# Define the identity of the package.
PACKAGE=OpenBSM
- VERSION=1.1alpha4
+ VERSION=1.1alpha5
cat >>confdefs.h <<_ACEOF
@@ -23584,7 +23584,7 @@ exec 6>&1
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by OpenBSM $as_me 1.1alpha4, which was
+This file was extended by OpenBSM $as_me 1.1alpha5, which was
generated by GNU Autoconf 2.61. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -23637,7 +23637,7 @@ Report bugs to <bug-autoconf at gnu.org>."
_ACEOF
cat >>$CONFIG_STATUS <<_ACEOF
ac_cs_version="\\
-OpenBSM config.status 1.1alpha4
+OpenBSM config.status 1.1alpha5
configured by $0, generated by GNU Autoconf 2.61,
with options \\"`echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`\\"
Modified: head/contrib/openbsm/configure.ac
==============================================================================
--- head/contrib/openbsm/configure.ac Wed Jan 14 10:17:35 2009 (r187213)
+++ head/contrib/openbsm/configure.ac Wed Jan 14 10:44:16 2009 (r187214)
@@ -2,8 +2,8 @@
# Process this file with autoconf to produce a configure script.
AC_PREREQ(2.59)
-AC_INIT([OpenBSM], [1.1alpha4], [trustedbsd-audit at TrustesdBSD.org],[openbsm])
-AC_REVISION([$P4: //depot/projects/trustedbsd/openbsm/configure.ac#48 $])
+AC_INIT([OpenBSM], [1.1alpha5], [trustedbsd-audit at TrustesdBSD.org],[openbsm])
+AC_REVISION([$P4: //depot/projects/trustedbsd/openbsm/configure.ac#49 $])
AC_CONFIG_SRCDIR([bin/auditreduce/auditreduce.c])
AC_CONFIG_AUX_DIR(config)
AC_CONFIG_HEADER([config/config.h])
Modified: head/contrib/openbsm/libauditd/Makefile.am
==============================================================================
--- head/contrib/openbsm/libauditd/Makefile.am Wed Jan 14 10:17:35 2009 (r187213)
+++ head/contrib/openbsm/libauditd/Makefile.am Wed Jan 14 10:44:16 2009 (r187214)
@@ -1,5 +1,5 @@
#
-# $P4: //depot/projects/trustedbsd/openbsm/libauditd/Makefile.am#1 $
+# $P4: //depot/projects/trustedbsd/openbsm/libauditd/Makefile.am#2 $
#
if USE_NATIVE_INCLUDES
@@ -13,5 +13,5 @@ lib_LTLIBRARIES = libauditd.la
libauditd_la_SOURCES = \
auditd_lib.c
-#man3_MANS = \
-# libauditd.3
+man3_MANS = \
+ libauditd.3
Modified: head/contrib/openbsm/libauditd/Makefile.in
==============================================================================
--- head/contrib/openbsm/libauditd/Makefile.in Wed Jan 14 10:17:35 2009 (r187213)
+++ head/contrib/openbsm/libauditd/Makefile.in Wed Jan 14 10:44:16 2009 (r187214)
@@ -15,7 +15,7 @@
@SET_MAKE@
#
-# $P4: //depot/projects/trustedbsd/openbsm/libauditd/Makefile.in#1 $
+# $P4: //depot/projects/trustedbsd/openbsm/libauditd/Makefile.in#2 $
#
VPATH = @srcdir@
@@ -51,7 +51,7 @@ am__vpath_adj = case $$p in \
*) f=$$p;; \
esac;
am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
-am__installdirs = "$(DESTDIR)$(libdir)"
+am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(man3dir)"
libLTLIBRARIES_INSTALL = $(INSTALL)
LTLIBRARIES = $(lib_LTLIBRARIES)
libauditd_la_LIBADD =
@@ -71,6 +71,9 @@ LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLF
$(LDFLAGS) -o $@
SOURCES = $(libauditd_la_SOURCES)
DIST_SOURCES = $(libauditd_la_SOURCES)
+man3dir = $(mandir)/man3
+NROFF = nroff
+MANS = $(man3_MANS)
ETAGS = etags
CTAGS = ctags
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
@@ -188,6 +191,9 @@ lib_LTLIBRARIES = libauditd.la
libauditd_la_SOURCES = \
auditd_lib.c
+man3_MANS = \
+ libauditd.3
+
all: all-am
.SUFFIXES:
@@ -285,6 +291,51 @@ mostlyclean-libtool:
clean-libtool:
-rm -rf .libs _libs
+install-man3: $(man3_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man3dir)" || $(MKDIR_P) "$(DESTDIR)$(man3dir)"
+ @list='$(man3_MANS) $(dist_man3_MANS) $(nodist_man3_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.3*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 3*) ;; \
+ *) ext='3' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man3dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man3dir)/$$inst"; \
+ done
+uninstall-man3:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man3_MANS) $(dist_man3_MANS) $(nodist_man3_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.3*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 3*) ;; \
+ *) ext='3' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man3dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man3dir)/$$inst"; \
+ done
ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
@@ -362,9 +413,9 @@ distdir: $(DISTFILES)
done
check-am: all-am
check: check-am
-all-am: Makefile $(LTLIBRARIES)
+all-am: Makefile $(LTLIBRARIES) $(MANS)
installdirs:
- for dir in "$(DESTDIR)$(libdir)"; do \
+ for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(man3dir)"; do \
test -z "$$dir" || $(MKDIR_P) "$$dir"; \
done
install: install-am
@@ -412,7 +463,7 @@ info: info-am
info-am:
-install-data-am:
+install-data-am: install-man
install-dvi: install-dvi-am
@@ -422,7 +473,7 @@ install-html: install-html-am
install-info: install-info-am
-install-man:
+install-man: install-man3
install-pdf: install-pdf-am
@@ -448,7 +499,9 @@ ps: ps-am
ps-am:
-uninstall-am: uninstall-libLTLIBRARIES
+uninstall-am: uninstall-libLTLIBRARIES uninstall-man
+
+uninstall-man: uninstall-man3
.MAKE: install-am install-strip
@@ -459,16 +512,14 @@ uninstall-am: uninstall-libLTLIBRARIES
install install-am install-data install-data-am install-dvi \
install-dvi-am install-exec install-exec-am install-html \
install-html-am install-info install-info-am \
- install-libLTLIBRARIES install-man install-pdf install-pdf-am \
- install-ps install-ps-am install-strip installcheck \
- installcheck-am installdirs maintainer-clean \
+ install-libLTLIBRARIES install-man install-man3 install-pdf \
+ install-pdf-am install-ps install-ps-am install-strip \
+ installcheck installcheck-am installdirs maintainer-clean \
maintainer-clean-generic mostlyclean mostlyclean-compile \
mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
- tags uninstall uninstall-am uninstall-libLTLIBRARIES
-
+ tags uninstall uninstall-am uninstall-libLTLIBRARIES \
+ uninstall-man uninstall-man3
-#man3_MANS = \
-# libauditd.3
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
.NOEXPORT:
Modified: head/contrib/openbsm/libauditd/auditd_lib.c
==============================================================================
--- head/contrib/openbsm/libauditd/auditd_lib.c Wed Jan 14 10:17:35 2009 (r187213)
+++ head/contrib/openbsm/libauditd/auditd_lib.c Wed Jan 14 10:44:16 2009 (r187214)
@@ -26,7 +26,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/libauditd/auditd_lib.c#1 $
+ * $P4: //depot/projects/trustedbsd/openbsm/libauditd/auditd_lib.c#2 $
*/
#include <sys/param.h>
@@ -823,7 +823,7 @@ audit_quick_stop(void)
*/
if (auditon(A_GETCOND, &cond, sizeof(cond)) < 0)
return (-1);
- if (cond == AUC_DISABLED)
+ if (cond == AUC_NOAUDIT)
return (0);
/*
Copied: head/contrib/openbsm/libauditd/libauditd.3 (from r187065, vendor/openbsm/dist/libauditd/libauditd.3)
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/contrib/openbsm/libauditd/libauditd.3 Wed Jan 14 10:44:16 2009 (r187214, copy of r187065, vendor/openbsm/dist/libauditd/libauditd.3)
@@ -0,0 +1,60 @@
+.\"-
+.\" Copyright (c) 2008 Apple Inc.
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Apple Inc. ("Apple") nor the names of
+.\" its contributors may be used to endorse or promote products derived
+.\" from this software without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR
+.\" ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
+.\" IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+.\" POSSIBILITY OF SUCH DAMAGE.
+.\"
+.\" $P4: //depot/projects/trustedbsd/openbsm/libauditd/libauditd.3#1 $
+.\"
+.Dd December 27, 2008
+.Dt LIBAUDITD 3
+.Os
+.Sh NAME
+.Nm libauditd
+.Nd "auditd support library"
+.Sh LIBRARY
+.Lb libauditd
+.Sh DESCRIPTION
+The
+.Nm
+library provides the internal implementation of
+.Xr auditd 8 .
+.Sh INTERFACES
+There are no public interfaces in
+.Nm .
+.Sh SEE ALSO
+.Xr auditd 8 .
+.Sh HISTORY
+The OpenBSM implementation was created by McAfee Research, the security
+division of McAfee Inc., under contract to Apple Computer, Inc., in 2004.
+It was subsequently adopted by the TrustedBSD Project as the foundation for
+the OpenBSM distribution.
+.Sh AUTHORS
+.An -nosplit
+This software was created by
+.An Stacey Son .
+.Pp
+The Basic Security Module (BSM) interface to audit records and audit event
+stream format were defined by Sun Microsystems.
Modified: head/contrib/openbsm/libbsm/Makefile.am
==============================================================================
--- head/contrib/openbsm/libbsm/Makefile.am Wed Jan 14 10:17:35 2009 (r187213)
+++ head/contrib/openbsm/libbsm/Makefile.am Wed Jan 14 10:44:16 2009 (r187214)
@@ -1,5 +1,5 @@
#
-# $P4: //depot/projects/trustedbsd/openbsm/libbsm/Makefile.am#7 $
+# $P4: //depot/projects/trustedbsd/openbsm/libbsm/Makefile.am#8 $
#
if USE_NATIVE_INCLUDES
@@ -14,11 +14,13 @@ libbsm_la_SOURCES = \
bsm_audit.c \
bsm_class.c \
bsm_control.c \
+ bsm_domain.c \
bsm_errno.c \
bsm_event.c \
bsm_flags.c \
bsm_io.c \
bsm_mask.c \
+ bsm_socket_type.c \
bsm_token.c \
bsm_user.c
@@ -31,12 +33,14 @@ endif
man3_MANS = \
au_class.3 \
au_control.3 \
+ au_domain.3 \
au_errno.3 \
au_event.3 \
au_free_token.3 \
au_io.3 \
au_mask.3 \
au_open.3 \
+ au_socket_type.3 \
au_token.3 \
au_user.3 \
libbsm.3
Modified: head/contrib/openbsm/libbsm/Makefile.in
==============================================================================
--- head/contrib/openbsm/libbsm/Makefile.in Wed Jan 14 10:17:35 2009 (r187213)
+++ head/contrib/openbsm/libbsm/Makefile.in Wed Jan 14 10:44:16 2009 (r187214)
@@ -15,7 +15,7 @@
@SET_MAKE@
#
-# $P4: //depot/projects/trustedbsd/openbsm/libbsm/Makefile.in#12 $
+# $P4: //depot/projects/trustedbsd/openbsm/libbsm/Makefile.in#13 $
#
VPATH = @srcdir@
@@ -60,13 +60,15 @@ libLTLIBRARIES_INSTALL = $(INSTALL)
LTLIBRARIES = $(lib_LTLIBRARIES)
libbsm_la_LIBADD =
am__libbsm_la_SOURCES_DIST = bsm_audit.c bsm_class.c bsm_control.c \
- bsm_errno.c bsm_event.c bsm_flags.c bsm_io.c bsm_mask.c \
- bsm_token.c bsm_user.c bsm_notify.c bsm_wrappers.c
+ bsm_domain.c bsm_errno.c bsm_event.c bsm_flags.c bsm_io.c \
+ bsm_mask.c bsm_socket_type.c bsm_token.c bsm_user.c \
+ bsm_notify.c bsm_wrappers.c
@HAVE_AUDIT_SYSCALLS_TRUE at am__objects_1 = bsm_notify.lo \
@HAVE_AUDIT_SYSCALLS_TRUE@ bsm_wrappers.lo
am_libbsm_la_OBJECTS = bsm_audit.lo bsm_class.lo bsm_control.lo \
- bsm_errno.lo bsm_event.lo bsm_flags.lo bsm_io.lo bsm_mask.lo \
- bsm_token.lo bsm_user.lo $(am__objects_1)
+ bsm_domain.lo bsm_errno.lo bsm_event.lo bsm_flags.lo bsm_io.lo \
+ bsm_mask.lo bsm_socket_type.lo bsm_token.lo bsm_user.lo \
+ $(am__objects_1)
libbsm_la_OBJECTS = $(am_libbsm_la_OBJECTS)
DEFAULT_INCLUDES = -I. -I$(top_builddir)/config at am__isrc@
depcomp = $(SHELL) $(top_srcdir)/config/depcomp
@@ -199,18 +201,20 @@ top_srcdir = @top_srcdir@
@USE_NATIVE_INCLUDES_FALSE at INCLUDES = -I$(top_builddir) -I$(top_srcdir) -I$(top_srcdir)/sys
@USE_NATIVE_INCLUDES_TRUE at INCLUDES = -I$(top_builddir) -I$(top_srcdir)
lib_LTLIBRARIES = libbsm.la
-libbsm_la_SOURCES = bsm_audit.c bsm_class.c bsm_control.c bsm_errno.c \
- bsm_event.c bsm_flags.c bsm_io.c bsm_mask.c bsm_token.c \
- bsm_user.c $(am__append_1)
+libbsm_la_SOURCES = bsm_audit.c bsm_class.c bsm_control.c bsm_domain.c \
+ bsm_errno.c bsm_event.c bsm_flags.c bsm_io.c bsm_mask.c \
+ bsm_socket_type.c bsm_token.c bsm_user.c $(am__append_1)
man3_MANS = \
au_class.3 \
au_control.3 \
+ au_domain.3 \
au_errno.3 \
au_event.3 \
au_free_token.3 \
au_io.3 \
au_mask.3 \
au_open.3 \
+ au_socket_type.3 \
au_token.3 \
au_user.3 \
libbsm.3
@@ -287,12 +291,14 @@ distclean-compile:
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/bsm_audit.Plo at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/bsm_class.Plo at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/bsm_control.Plo at am__quote@
+ at AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/bsm_domain.Plo at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/bsm_errno.Plo at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/bsm_event.Plo at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/bsm_flags.Plo at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/bsm_io.Plo at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/bsm_mask.Plo at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/bsm_notify.Plo at am__quote@
+ at AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/bsm_socket_type.Plo at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/bsm_token.Plo at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/bsm_user.Plo at am__quote@
@AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/bsm_wrappers.Plo at am__quote@
Copied: head/contrib/openbsm/libbsm/au_domain.3 (from r187065, vendor/openbsm/dist/libbsm/au_domain.3)
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/contrib/openbsm/libbsm/au_domain.3 Wed Jan 14 10:44:16 2009 (r187214, copy of r187065, vendor/openbsm/dist/libbsm/au_domain.3)
@@ -0,0 +1,87 @@
+.\"-
+.\" Copyright (c) 2008 Apple Inc.
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Apple Inc. ("Apple") nor the names of
+.\" its contributors may be used to endorse or promote products derived
+.\" from this software without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR
+.\" ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
+.\" IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+.\" POSSIBILITY OF SUCH DAMAGE.
+.\"
+.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_domain.3#1 $
+.\"
+.Dd December 28, 2008
+.Dt AU_BSM_TO_DOMAIN 3
+.Os
+.Sh NAME
+.Nm au_bsm_to_domain ,
+.Nm au_domain_to_bsm
+.Nd "convert between BSM and local protocol domains"
+.Sh LIBRARY
+.Lb libbsm
+.Sh SYNOPSIS
+.In bsm/libbsm.h
+.Ft int
+.Fn au_bsm_to_domain "u_short bsm_domain" "int *local_domainp"
+.Ft u_short
+.Fn au_domain_to_bsm "int local_domain"
+.Sh DESCRIPTION
+These interfaces may be used to convert between the local and BSM protocol
+domains.
+The
+.Fn au_bsm_to_domain
+function accepts a BSM domain,
+.Fa bsm_domain ,
+and converts it to a local domain, such as those passed to
+.Xr socket 2 ,
+that will be stored in the integer pointed to by
+.Fa local_domainp
+if successful.
+This call will fail if the BSM domain cannot be mapped into a local domain,
+which may occur if the socket token was generated on another operating
+system.
+.Pp
+.Fn au_domain_to_bsm
+function accepts a local domain, and returns the BSM domain for it.
+This call cannot fail, and instead returns a BSM domain indicating to a later
+decoder that the domain could not be encoded.
+.Sh RETURN VALULES
+On success,
+.Fn au_bsm_to_domain
+returns 0 and a converted domain; on failure, it returns -1 but does not set
+.Xr errno 2 .
+.Sh SEE ALSO
+.Xr au_bsm_to_socket_type 3 ,
+.Xr au_socket_type_to_bsm 3 ,
+.Xr au_to_socket_ex 3 ,
+.Xr libbsm 3
+.Sh HISTORY
+.Fn au_bsm_to_domain
+and
+.Fn au_domain_to_bsm
+were introduced in OpenBSM 1.1.
+.Sh AUTHORS
+These functions were implemented by
+.An Robert Watson
+under contract to Apple Inc.
+.Pp
+The Basic Security Module (BSM) interface to audit records and audit event
+stream format were defined by Sun Microsystems.
Copied: head/contrib/openbsm/libbsm/au_socket_type.3 (from r187065, vendor/openbsm/dist/libbsm/au_socket_type.3)
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/contrib/openbsm/libbsm/au_socket_type.3 Wed Jan 14 10:44:16 2009 (r187214, copy of r187065, vendor/openbsm/dist/libbsm/au_socket_type.3)
@@ -0,0 +1,93 @@
+.\"-
+.\" Copyright (c) 2008 Apple Inc.
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Apple Inc. ("Apple") nor the names of
+.\" its contributors may be used to endorse or promote products derived
+.\" from this software without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR
+.\" ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
+.\" IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+.\" POSSIBILITY OF SUCH DAMAGE.
+.\"
+.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_socket_type.3#1 $
+.\"
+.Dd December 28, 2008
+.Dt AU_BSM_TO_SOCKET_TYPE 3
+.Os
+.Sh NAME
+.Nm au_bsm_to_socket_type ,
+.Nm au_socket_type_to_bsm
+.Nd "convert between BSM and local socket types"
+.Sh LIBRARY
+.Lb libbsm
+.Sh SYNOPSIS
+.In bsm/libbsm.h
+.Ft int
+.Fn au_bsm_to_socket_type "u_short bsm_socket_type" "int *local_socket_typep"
+.Ft u_short
+.Fn au_socket_type_to_bsm "int local_socket_type"
+.Sh DESCRIPTION
+These interfaces may be used to convert between the local and BSM socket
+types.
+The
+.Fn au_bsm_to_socket_type
+function accepts a BSM socket type,
+.Fa bsm_socket_type ,
+and converts it to a local socket type, such as those passed to
+.Xr socket 2 ,
+that will be stored in the integer pointed to by
+.Fa local_socket_typep
+if successful.
+This call will fail if the BSM socket type cannot be mapped into a local
+socket type, which may occur if the socket token was generated on another
+operating system.
+.Pp
+.Fn au_socket_type_to_bsm
+function accepts a local socket type, and returns the BSM socket type for it.
+This call cannot fail, and instead returns a BSM socket type indicating to a
+later decoder that the socket type could not be encoded.
+.Sh RETURN VALULES
+On success,
+.Fn au_bsm_to_socket_type
+returns 0 and a converted socket type; on failure, it returns -1 but does not
+set
+.Xr errno 2 .
+.Pp
+On success,
+.Fn au_strerror
+returns a pointer to an error string; on failure it will return
+.Dv NULL .
+.Sh SEE ALSO
+.Xr au_bsm_to_domain 3 ,
+.Xr au_domain_to_bsm 3 ,
+.Xr au_to_socket_ex 3 ,
+.Xr libbsm 3
+.Sh HISTORY
+.Fn au_bsm_to_socket_type
+and
+.Fn au_socket_type_to_bsm
+were introduced in OpenBSM 1.1.
+.Sh AUTHORS
+These functions were implemented by
+.An Robert Watson
+under contract to Apple Inc.
+.Pp
+The Basic Security Module (BSM) interface to audit records and audit event
+stream format were defined by Sun Microsystems.
Modified: head/contrib/openbsm/libbsm/au_token.3
==============================================================================
--- head/contrib/openbsm/libbsm/au_token.3 Wed Jan 14 10:17:35 2009 (r187213)
+++ head/contrib/openbsm/libbsm/au_token.3 Wed Jan 14 10:44:16 2009 (r187214)
@@ -23,7 +23,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_token.3#16 $
+.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_token.3#17 $
.\"
.Dd April 19, 2005
.Dt AU_TOKEN 3
@@ -60,6 +60,7 @@
.Nm au_to_sock_inet32 ,
.Nm au_to_sock_inet128 ,
.Nm au_to_sock_inet ,
+.Nm au_to_socket_ex ,
.Nm au_to_subject32 ,
.Nm au_to_subject64 ,
.Nm au_to_subject ,
@@ -156,6 +157,8 @@
.Ft "token_t *"
.Fn au_to_sock_int "struct sockaddr_in *so"
.Ft "token_t *"
+.Fn au_to_socket_ex "u_short so_domain" "u_short so_type" "struct sockaddr *sa_local" "struct sockaddr *sa_remote"
+.Ft "token_t *"
.Fo au_to_subject32
.Fa "au_id_t auid" "uid_t euid" "gid_t egid" "uid_t ruid"
.Fa "gid_t rgid" "pid_t pid" "au_asid_t sid" "au_tid_t *tid"
Modified: head/contrib/openbsm/libbsm/bsm_audit.c
==============================================================================
--- head/contrib/openbsm/libbsm/bsm_audit.c Wed Jan 14 10:17:35 2009 (r187213)
+++ head/contrib/openbsm/libbsm/bsm_audit.c Wed Jan 14 10:44:16 2009 (r187214)
@@ -30,7 +30,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_audit.c#34 $
+ * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_audit.c#35 $
*/
#include <sys/types.h>
@@ -219,13 +219,16 @@ au_write(int d, token_t *tok)
static int
au_assemble(au_record_t *rec, short event)
{
- token_t *header, *tok, *trailer;
- size_t tot_rec_size, hdrsize;
- u_char *dptr;
+#ifdef HAVE_AUDIT_SYSCALLS
struct in6_addr *aptr;
- int error;
struct auditinfo_addr aia;
struct timeval tm;
+ size_t hdrsize;
+#endif /* HAVE_AUDIT_SYSCALLS */
+ token_t *header, *tok, *trailer;
+ size_t tot_rec_size;
+ u_char *dptr;
+ int error;
#ifdef HAVE_AUDIT_SYSCALLS
/*
Copied: head/contrib/openbsm/libbsm/bsm_domain.c (from r187065, vendor/openbsm/dist/libbsm/bsm_domain.c)
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/contrib/openbsm/libbsm/bsm_domain.c Wed Jan 14 10:44:16 2009 (r187214, copy of r187065, vendor/openbsm/dist/libbsm/bsm_domain.c)
@@ -0,0 +1,499 @@
+/*-
+ * Copyright (c) 2008 Apple Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of Apple Inc. ("Apple") nor the names of
+ * its contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR
+ * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
+ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ *
+ * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_domain.c#2 $
+ */
+
+#include <sys/types.h>
+#include <sys/socket.h>
+
+#include <config/config.h>
+
+#include <bsm/audit_domain.h>
+#include <bsm/libbsm.h>
+
+struct bsm_domain {
+ u_short bd_bsm_domain;
+ int bd_local_domain;
+};
+
+#define PF_NO_LOCAL_MAPPING -600
+
+static const struct bsm_domain bsm_domains[] = {
+ { BSM_PF_UNSPEC, PF_UNSPEC },
+ { BSM_PF_LOCAL, PF_LOCAL },
+ { BSM_PF_INET, PF_INET },
+ { BSM_PF_IMPLINK,
+#ifdef PF_IMPLINK
+ PF_IMPLINK
+#else
+ PF_NO_LOCAL_MAPPING
+#endif
+ },
+ { BSM_PF_PUP,
+#ifdef PF_PUP
+ PF_PUP
+#else
+ PF_NO_LOCAL_MAPPING
+#endif
*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
More information about the svn-src-head
mailing list