PERFORCE change 118242 for review
Robert Watson
rwatson at FreeBSD.org
Mon Apr 16 12:59:44 UTC 2007
http://perforce.freebsd.org/chv.cgi?CH=118242
Change 118242 by rwatson at rwatson_cinnamon on 2007/04/16 12:59:02
Integrate more OpenBSM updates into audit3 branch.
Affected files ...
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/README#18 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_io.c#22 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/bsm/generate.c#8 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/arg32_record#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/arg32_token#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/data_record#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/data_token#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/file_record#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/file_token#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/header32_token#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/in_addr_record#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/in_addr_token#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/ip_record#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/ip_token#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/ipc_record#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/ipc_token#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/iport_record#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/iport_token#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/opaque_record#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/opaque_token#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/path_record#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/path_token#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process32_record#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process32_token#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process32ex_record-IPv4#2 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process32ex_record-IPv6#2 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process32ex_token-IPv4#2 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process32ex_token-IPv6#2 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process64_record#2 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process64_token#2 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process64ex_record-IPv4#2 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process64ex_record-IPv6#2 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process64ex_token-IPv4#2 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process64ex_token-IPv6#2 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/return32_record#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/return32_token#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/seq_record#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/seq_token#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/subject32_record#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/subject32_token#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/subject32ex_record#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/subject32ex_token-IPv4#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/subject32ex_token-IPv6#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/text_record#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/text_token#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/trailer_token#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/zonename_record#1 branch
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/zonename_token#1 branch
.. //depot/projects/trustedbsd/audit3/sys/security/audit/audit_syscalls.c#32 edit
Differences ...
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/README#18 (text+ko) ====
@@ -3,11 +3,13 @@
Introduction
OpenBSM provides an open source implementation of Sun's BSM Audit API.
-Originally created under contract to Apple Computer by McAfee Research,
-this implementation is now maintained by volunteers and the generous
-contribution of several organizations. Coupled with a kernel audit
-implementation, OpenBSM can be used to maintain system audit streams, and
-is a foundation for an Audit-enabled system.
+Originally created under contract to Apple Computer by McAfee Research, this
+implementation is now maintained by volunteers and the generous contribution
+of several organizations. Coupled with a kernel audit implementation,
+OpenBSM can be used to maintain system audit streams, and is a foundation for
+an Audit-enabled system. Portions of OpenBSM, including include files and
+token-building routines, are reusable in a kernel audit implementation, and
+may be found in the FreeBSD and Mac OS X kernels.
Contents
@@ -15,13 +17,22 @@
bin/ Audit-related command line tools
bsm/ System include files for BSM
+ compat/ Compatibility code to build on various OS's
etc/ Sample /etc/security configuration files
libbsm/ Implementation of BSM library interfaces and man pages
man/ System call and configuration file man pages
+ modules/ Directory for auditfilterd module source
+ test/ Test token sets and geneneration program
+ tools/ Tool directory, including audump to dump databases
+
+The following programs are included with OpenBSM:
-OpenBSM currently builds on FreeBSD and Darwin. With Makefile adjustment
-and minor tweaks, it should build without problems on a broad range of
-POSIX-like systems.
+ audit Command line audit control tool
+ auditd Audit management daemon
+ auditfilterd Experimental event monitoring framework
+ auditreduce Audit trail reduction tool
+ audump Debugging tool to parse and print audit databases
+ praudit Tool to print audit trails
Building
@@ -29,7 +40,7 @@
for building on a range of operating systems, including FreeBSD, Mac OS X,
and Linux. Depending on the availability of audit facilities in the
underlying operating system, some components that depend on kernel audit
-support are built conditionally. Typically, build will be performed using
+support are built conditionally. Typically, build will be performed using:
./configure
make
@@ -51,13 +62,12 @@
You will need to manually propagate openbsm/etc/* into /etc on your system;
this is not done automatically so as to avoid disrupting the current
-configuration. Currently, the locations of these files is not
-configurable.
+configuration. Currently, the locations of these files is not configurable.
Credits
-The following organizations and individuals have contributed substantially
-to the development of OpenBSM:
+The following organizations and individuals have contributed substantially to
+the development of OpenBSM:
Apple Computer, Inc.
McAfee Research, McAfee, Inc.
@@ -100,4 +110,4 @@
http://www.TrustedBSD.org/
-$P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/README#17 $
+$P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/README#18 $
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_io.c#22 (text+ko) ====
@@ -32,7 +32,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_io.c#21 $
+ * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_io.c#22 $
*/
#include <sys/types.h>
@@ -3871,7 +3871,6 @@
* size 2 bytes;
* zonename size bytes;
*/
-
static int
fetch_zonename_tok(tokenstr_t *tok, char *buf, int len)
{
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/bsm/generate.c#8 (text+ko) ====
@@ -1,5 +1,5 @@
/*-
- * Copyright (c) 2006 Robert N. M. Watson
+ * Copyright (c) 2006-2007 Robert N. M. Watson
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -23,7 +23,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/test/bsm/generate.c#7 $
+ * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/test/bsm/generate.c#8 $
*/
/*
@@ -889,6 +889,30 @@
}
+static char *zonename_sample = "testzone";
+
+static void
+generate_zonename_token(const char *directory, const char *token_filename)
+{
+ token_t *zonename_token;
+
+ zonename_token = au_to_zonename(zonename_sample);
+ if (zonename_token == NULL)
+ err(EX_UNAVAILABLE, "au_to_zonename");
+ write_token(directory, token_filename, zonename_token);
+}
+
+static void
+generate_zonename_record(const char *directory, const char *record_filename)
+{
+ token_t *zonename_token;
+
+ zonename_token = au_to_zonename(zonename_sample);
+ if (zonename_token == NULL)
+ err(EX_UNAVAILABLE, "au_to_zonename");
+ write_record(directory, record_filename, zonename_token, AUE_NULL);
+}
+
int
main(int argc, char *argv[])
{
@@ -955,6 +979,7 @@
generate_ipc_perm_token(directory, "ipc_perm_token");
generate_groups_token(directory, "groups_token");
generate_attr32_token(directory, "attr32_token");
+ generate_zonename_token(directory, "zonename_token");
}
if (do_records) {
@@ -989,6 +1014,7 @@
generate_ipc_perm_record(directory, "ipc_perm_record");
generate_groups_record(directory, "groups_record");
generate_attr32_record(directory, "attr32_record");
+ generate_zonename_record(directory, "zonename_record");
}
return (0);
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/arg32_record#3 (binary) ====
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/arg32_token#3 (binary) ====
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/data_record#3 (binary) ====
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/data_token#3 (binary) ====
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/file_record#3 (binary) ====
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/file_token#3 (binary) ====
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/header32_token#3 (binary) ====
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/in_addr_record#3 (binary) ====
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/in_addr_token#3 (binary) ====
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/ip_record#3 (binary) ====
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/ip_token#3 (binary) ====
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/ipc_record#3 (binary) ====
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/ipc_token#3 (binary) ====
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/iport_record#3 (binary) ====
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/iport_token#3 (binary) ====
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/opaque_record#3 (binary) ====
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/opaque_token#3 (binary) ====
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/path_record#3 (binary) ====
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/path_token#3 (binary) ====
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process32_record#3 (binary) ====
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process32_token#3 (binary) ====
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process32ex_record-IPv4#2 (binary) ====
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process32ex_record-IPv6#2 (binary) ====
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process32ex_token-IPv4#2 (binary) ====
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process32ex_token-IPv6#2 (binary) ====
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process64_record#2 (binary) ====
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process64_token#2 (binary) ====
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process64ex_record-IPv4#2 (binary) ====
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process64ex_record-IPv6#2 (binary) ====
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process64ex_token-IPv4#2 (binary) ====
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/process64ex_token-IPv6#2 (binary) ====
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/return32_record#3 (binary) ====
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/return32_token#3 (binary) ====
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/seq_record#3 (binary) ====
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/seq_token#3 (binary) ====
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/subject32_record#3 (binary) ====
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/subject32_token#3 (binary) ====
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/subject32ex_record#3 (binary) ====
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/subject32ex_token-IPv4#3 (binary) ====
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/subject32ex_token-IPv6#3 (binary) ====
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/text_record#3 (binary) ====
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/text_token#3 (binary) ====
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/test/reference/trailer_token#3 (binary) ====
==== //depot/projects/trustedbsd/audit3/sys/security/audit/audit_syscalls.c#32 (text+ko) ====
More information about the p4-projects
mailing list