PERFORCE change 157234 for review
Stacey Son
sson at FreeBSD.org
Thu Feb 5 13:05:03 PST 2009
http://perforce.freebsd.org/chv.cgi?CH=157234
Change 157234 by sson at sson_amd64 on 2009/02/05 21:04:50
NEWS and tools/audump.c updated.
- Added news about audit trail expiration and filesz parameter using
size suffixes.
- Added checks for getacfilez(), getachost(), and getacexpire() to
tools/audump.c.
Affected files ...
.. //depot/projects/trustedbsd/openbsm/NEWS#30 edit
.. //depot/projects/trustedbsd/openbsm/tools/audump.c#8 edit
Differences ...
==== //depot/projects/trustedbsd/openbsm/NEWS#30 (text+ko) ====
@@ -2,6 +2,14 @@
OpenBSM 1.1 beta 1
+- The filesz parameter in audit_control(5) now accepts suffixes: 'B' for
+ Bytes, 'K' for Kilobytes, 'M' for Megabytes, and 'G' for Gigabytes.
+ For legacy support no suffix defaults to bytes.
+- Audit trail log expiration support added. It is configured in
+ audit_control(5) with the expire-after parameter. If there is no
+ expire-after parameter in audit_control(5), the default, then the audit
+ trail files are not expired and removed. See audit_control(5) for
+ more information.
- Change defaults in audit_control: warn at 5% rather than 20% free for audit
partitions, rotate automatically at 2mb, and set the default policy to
cnt,argv rather than cnt so that execve(2) arguments are captured if
@@ -420,4 +428,4 @@
to support reloading of kernel event table.
- Allow comments in /etc/security configuration files.
-$P4: //depot/projects/trustedbsd/openbsm/NEWS#29 $
+$P4: //depot/projects/trustedbsd/openbsm/NEWS#30 $
==== //depot/projects/trustedbsd/openbsm/tools/audump.c#8 (text+ko) ====
@@ -23,7 +23,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/tools/audump.c#7 $
+ * $P4: //depot/projects/trustedbsd/openbsm/tools/audump.c#8 $
*/
#include <bsm/libbsm.h>
@@ -80,6 +80,8 @@
char string[PATH_MAX], string2[PATH_MAX];
int ret, val;
long policy;
+ time_t age;
+ size_t size;
ret = getacflg(string, PATH_MAX);
if (ret == -2)
@@ -126,6 +128,32 @@
if (au_poltostr(policy, PATH_MAX, string2) < 0)
err(-1, "au_poltostr");
printf("policy:%s\n", string2);
+
+ ret = getacfilesz(&size);
+ if (ret == -2)
+ err(-1, "getacfilesz");
+ if (ret != 0)
+ err(-1, "getacfilesz: %d", ret);
+
+ printf("filesz:%ldB\n", size);
+
+
+ ret = getachost(string, PATH_MAX);
+ if (ret == -2)
+ err(-1, "getachost");
+ if (ret == -3)
+ err(-1, "getachost: %d", ret);
+ if (ret == 0 && ret != 1)
+ printf("host:%s\n", string);
+
+ ret = getacexpire(&val, &age, &size);
+ if (ret == -2)
+ err(-1, "getacexpire");
+ if (ret == -1)
+ err(-1, "getacexpire: %d", ret);
+ if (ret == 0 && ret != 1)
+ printf("expire-after:%ldB %s %lds\n", size,
+ val ? "AND" : "OR", age);
}
static void
More information about the p4-projects
mailing list