Migrating SeBSD to CUREENT - Are we alive ???

[Robert Watson]

On Wed, 15 Feb 2006, dingo wrote:

> Sorry for the second post and cross post, but im hoping to get an answer. 
> Since Im waiting for an answer I hope this finds the right person, Ive been 
> holding up commits waiting for a reply to see if this is possible. while im 
> bringing SEBSD up to speed, can I integrate Audit3 into the branch, I 
> actually considered creating a new Branch SEBSD2 to move along migrations, 
> since SEBSD is dated, and capabilities work needs to be brought up to speed. 
> so can I propose to branch SEBSD2, create new branch Capabilities, Update 
> capabilities, and merge AUDIT3 into SEBSD2 ?? I have a diffed 6.0 that 
> applies, though SEBSD2 will be 7.0 based.

The audit3 branch is now almost entirely merged to CVS, meaning that audit 
support in the base tree is now basically complete.  There are a few areas 
where we're currently not auditing some system call arguments in CVS that are 
audited in audit3, but my hope is that that is resolved in a few days.  The 
MAC branch has recently been integrated, but only very lightly tested 
post-integration.  It should now have most of the audit bits, and I can push 
it forward a bit more.  So the big open question is with regards to how to 
handle the SEBSD branch.  As it stands, it's quite behind the MAC branch -- if 
integrated, it would gain the audit3 code, but probably require quite a lot of 
hacking to work through getting everything working.  Some of the previous 
problems relating to nmount should get better now that the base system has 
moved to nmount for all file systems, however.  If you create a new SEBSD2 
branch from either //depot/projects/trustedbsd/mac/... or 
//depot/vendor/freebsd/src/..., you should get the audit bits you need.

Robert N M Watson