PERFORCE change 63119 for review
Robert Watson
rwatson at FreeBSD.org
Sat Oct 23 20:16:46 GMT 2004
On Sun, 17 Oct 2004, Wayne Salamon wrote:
> On Oct 13, 2004, at 11:07 AM, Andrew R. Reiter wrote:
>
> > Is this p4 tree available via cvsup? If so, just curious if you could
> > let me know the label. I'd like to help out where I can.
> >
> I think you have access to the branch now.
>
> Here's a quick TODO list (I cc'ing the audit list for other's to
> consider)
>
<snip>
> 3) Integration of later TrustedBSD code.
This is something that would be useful to do soon -- I've just committed
place-holder stubs to the system call table in the base FreeBSD to reserve
system call numbers. I noticed that a new one has been added since the
audit3 tree was last integrated, so I had to renumber up one (we'll need
to update audit3 boxes carefully next update due to that!). I'm happy to
help with the branch update, since I'm pretty familiar with many of the
changes pending in the branch, and just updated the MAC branch to recent
6.x.
> 4) Pathname lookup. The audit code uses vn_fullpath(), which isn't
> always successful.
This may require some amount of work -- I'm not sure what the best
approach is here. Apple's approach is to maintain vnode back-pointers to
parents, which works fairly well for HFS+ and AppleShare where hard links
don't really work, but will be a lot harder on UFS, which doesn't really
believe in parent directories.
I spent a few minutes this afternoon getting the kernel building without
AUDIT compiled in, and also hooking up some of the BSM libraries and tools
to the build. One of the snags I've run into, though, is that the FreeBSD
build system gets a little upset with the fact that the libbsm sources
include "bsm/foo.h", but foo.h is actually in the "bsm/lib" directory.
I've prodded Mark Murray (CC'd) who has worked on the Kerberos and other
odd vendor code imports into FreeBSD, and has suggested he might have some
ideas to work around this.
It's tempting to ask Apple if they could re-bundle the BSM drop to move
the include files into a bsm sub-tree of the drop so that the build can be
bootstrapped more easily.
Robert N M Watson FreeBSD Core Team, TrustedBSD Projects
robert at fledge.watson.org Principal Research Scientist, McAfee Research
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-audit" in the body of the message
More information about the trustedbsd-audit
mailing list