PERFORCE change 157234 for review

Thu Feb 5 13:05:03 PST 2009

http://perforce.freebsd.org/chv.cgi?CH=157234

Change 157234 by sson at sson_amd64 on 2009/02/05 21:04:50

	NEWS and tools/audump.c updated.
	- Added news about audit trail expiration and filesz parameter using
	size suffixes.
	- Added checks for getacfilez(), getachost(), and getacexpire() to
	tools/audump.c.

Affected files ...

.. //depot/projects/trustedbsd/openbsm/NEWS#30 edit
.. //depot/projects/trustedbsd/openbsm/tools/audump.c#8 edit

Differences ...

==== //depot/projects/trustedbsd/openbsm/NEWS#30 (text+ko) ====

@@ -2,6 +2,14 @@
 
 OpenBSM 1.1 beta 1
 
+- The filesz parameter in audit_control(5) now accepts suffixes: 'B' for
+  Bytes, 'K' for Kilobytes, 'M' for Megabytes, and 'G' for Gigabytes.
+  For legacy support no suffix defaults to bytes.
+- Audit trail log expiration support added.  It is configured in
+  audit_control(5) with the expire-after parameter.  If there is no 
+  expire-after parameter in audit_control(5), the default, then the audit
+  trail files are not expired and removed.  See audit_control(5) for
+  more information.
 - Change defaults in audit_control: warn at 5% rather than 20% free for audit
   partitions, rotate automatically at 2mb, and set the default policy to
   cnt,argv rather than cnt so that execve(2) arguments are captured if
@@ -420,4 +428,4 @@
   to support reloading of kernel event table.
 - Allow comments in /etc/security configuration files.
 
-$P4: //depot/projects/trustedbsd/openbsm/NEWS#29 $
+$P4: //depot/projects/trustedbsd/openbsm/NEWS#30 $

==== //depot/projects/trustedbsd/openbsm/tools/audump.c#8 (text+ko) ====

@@ -23,7 +23,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- * $P4: //depot/projects/trustedbsd/openbsm/tools/audump.c#7 $
+ * $P4: //depot/projects/trustedbsd/openbsm/tools/audump.c#8 $
  */
 
 #include <bsm/libbsm.h>
@@ -80,6 +80,8 @@
 	char string[PATH_MAX], string2[PATH_MAX];
 	int ret, val;
 	long policy;
+	time_t age;
+	size_t size;
 
 	ret = getacflg(string, PATH_MAX);
 	if (ret == -2)
@@ -126,6 +128,32 @@
 	if (au_poltostr(policy, PATH_MAX, string2) < 0)
 		err(-1, "au_poltostr");
 	printf("policy:%s\n", string2);
+
+	ret = getacfilesz(&size);
+	if (ret == -2)
+		err(-1, "getacfilesz");
+	if (ret != 0)
+		err(-1, "getacfilesz: %d", ret);
+
+	printf("filesz:%ldB\n", size);
+
+
+	ret = getachost(string, PATH_MAX);
+	if (ret == -2)
+		err(-1, "getachost");
+	if (ret == -3)
+		err(-1, "getachost: %d", ret);
+	if (ret == 0 && ret != 1)
+		printf("host:%s\n", string);
+
+	ret = getacexpire(&val, &age, &size);
+	if (ret == -2)
+		err(-1, "getacexpire");
+	if (ret == -1)
+		err(-1, "getacexpire: %d", ret);
+	if (ret == 0 && ret != 1)
+		printf("expire-after:%ldB  %s %lds\n", size,
+		    val ? "AND" : "OR", age);
 }
 
 static void
