OpenBSM 1.1 imported (was: svn commit: r191273 - in head:
contrib/openbsm contrib/openbsm/bin contrib/openbsm/bin/audit
contrib/openbsm/bin/auditd contrib/openbsm/bin/auditfilterd
contrib/openbsm/bin/auditreduce contrib/open... (fwd))
Robert Watson
rwatson at FreeBSD.org
Sun Apr 19 23:29:20 UTC 2009
On Mon, 20 Apr 2009, Robert Watson wrote:
> On Sun, 19 Apr 2009, Jakub Lach wrote:
>
>> 1) It's not GENERIC, but I've double checked - AUDIT is enabled.
>> 2) Local login.
>> 3) Userspace and kernel version is synced. Logging with old kernel is not
>> possible.
>>
>> Upgrading procedure- buildworld, buildkernel, installkernel, installworld,
>> mergemaster, reboot.
>
> Any chance you're using amd64 with a 64-bit userspace?
OK, it looks like login_audit.c in login(1) isn't quite ready for the new
restrictions on argument types to A_GETCOND that came in with the new OpenBSM
code. What I've done temporarily (r191296) is relax those constraints so that
both the old and new versions of the auditon(2) commands will work with longs.
This will hopefully fix the problem you're seeing with login(1), presumably on
amd64?
Robert N M Watson
Computer Laboratory
University of Cambridge
>
> Robert N M Watson
> Computer Laboratory
> University of Cambridge
>
>>
>> Thanks for reply.
>>
>>
>> Robert Watson wrote:
>>>
>>>
>>> On Sun, 19 Apr 2009, Jakub Lach wrote:
>>>
>>>> After updating to revision 191274, I cannot login.
>>>>
>>>> "could not determine audit condition"
>>>>
>>>> Sorry for bothering you, but I don't know how to deal with it.
>>>
>>> Could you let me know:
>>>
>>> (1) Do you have options AUDIT compiled into your kernel? It's in GENERIC
>>> by
>>> default, and it occurs to me I've not tested the !AUDIT case lately.
>>>
>>> (2) How are you logging in -- using the console, or sshd, or...? Does it
>>> work
>>> better or worse if you try another way of logging in?
>>>
>>> (3) ... and could you confirm that your kernel was rebuilt and installed
>>> prior
>>> to updating userspace? If you switch to an old kernel, are you then
>>> able
>>> to log in?
>>>
>>> Robert N M Watson
>>> Computer Laboratory
>>> University of Cambridge
>>> _______________________________________________
>>> freebsd-current at freebsd.org mailing list
>>> http://lists.freebsd.org/mailman/listinfo/freebsd-current
>>> To unsubscribe, send any mail to "freebsd-current-unsubscribe at freebsd.org"
>>>
>>>
>>
>> --
>> View this message in context:
>> http://www.nabble.com/OpenBSM-1.1-imported-%28was%3A-svn-commit%3A-r191273---in-head%3A-contrib-openbsm-contrib-openbsm-bin-contrib-openbsm-bin-audit-contrib-openbsm-bin-auditd-contrib-openbsm-bin-auditfilterd-contrib-openbsm-bin-auditreduce-contrib-open...-%28fwd%29%29-tp23124717p23128287.html
>> Sent from the freebsd-current mailing list archive at Nabble.com.
>>
>> _______________________________________________
>> freebsd-current at freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-current
>> To unsubscribe, send any mail to "freebsd-current-unsubscribe at freebsd.org"
>>
> _______________________________________________
> freebsd-current at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-current
> To unsubscribe, send any mail to "freebsd-current-unsubscribe at freebsd.org"
>
More information about the freebsd-current
mailing list