HEADS UP: TrustedBSD OpenBSM 1.0 alpha 9 imported

Robert Watson rwatson at FreeBSD.org
Sat Aug 26 08:25:04 UTC 2006

I've imported the most recent release of OpenBSM, which includes a renumbering 
of audit events and a chance in the BSM version.  Old audit trail files will 
be readable by the new implementation, but older /etc/security/audit_event 
files are not able to translate the new event numbers to strings (etc).  Make 
sure to run mergemaster if using audit.  These changes are to avoid potential 
future event number conflicts with Solaris, and to assign our implementation a 
unique version number so it can be distinguished from existing Solaris and 
Darwin versions.

OpenBSM is now about at the point where it's ready for import into the 
RELENG_6 tree, which I hope to do in the next couple of days in preparation 
for inclusion in FreeBSD 6.2.

(Post import builds are now running locally to confirm it all committed 

Robert N M Watson
Computer Laboratory
University of Cambridge

---------- Forwarded message ----------
Date: Sat, 26 Aug 2006 08:04:17 +0000 (UTC)
From: Robert Watson <rwatson at FreeBSD.org>
To: src-committers at FreeBSD.org, cvs-src at FreeBSD.org, cvs-all at FreeBSD.org
Subject: cvs commit: src/contrib/openbsm - Imported sources

rwatson     2006-08-26 08:04:17 UTC

   FreeBSD src repository

   src/contrib/openbsm - Imported sources
   Update of /home/ncvs/src/contrib/openbsm
   In directory repoman.freebsd.org:/tmp/cvs-serv19917

   Log Message:
   Vendor import of OpenBSM 1.0 alpha 9, with the following change history
   notes since the last import:

   OpenBSM 1.0 alpha 9

   - Rename many OpenBSM-specific constants and API elements containing the
     strings "BSM" and "bsm" to "AUDIT" and "audit", observing that this is true
     for almost all existing constants and APIs.
   - Instead of passing a per-instance cookie directly into all audit filter
     APIs, pass in the audit filter daemon state pointer, which is then used by
     the module using an audit_filter_{get,set}cookie() API.  This will allow
     future service APIs provided by the filter daemon to maintain their own
     state -- for example, per-module preselection state.

   OpenBSM 1.0 alpha 8

   - Correct typo in definition of AUR_INT.
   - Adopt OpenSolaris constant values for AUDIT_* configuration flags.
   - Arguments to au_to_exec_args() and au_to_exec_env() no longer const.
   - Add kernel versions of au_to_exec_args() and au_to_exec_env().
   - Fix exec argument type that is printed for env strings from 'arg' to 'env'.
   - New OpenBSM token version number assigned, constants added for other
     commonly seen version numbers.
   - OpenBSM-specific events assigned numbers in the 43xxx range to avoid future
     collisions with Solaris.  Darwin events renamed to AUE_DARWIN_foo, as they
     are now deprecated numberings.
   - autoconf now detects clock_gettime(), which is not available on Darwin.
   - praudit output fixes relating to arg32 and arg64 tokens.
   - Maximum record size updated to 64k-1 to match Solaris record size limit.
   - Various style and comment cleanups in include files.

   This is an MFC candidate to RELENG_6.

   Obtained from:	TrustedBSD Project


   Vendor Tag:	TrustedBSD
   Release Tags:	OPENBSM_1_0_ALPHA_9

   1 conflicts created by this import.
   Use the following command to help the merge:

   	cvs checkout -jTrustedBSD:yesterday -jTrustedBSD src/contrib/openbsm

