Week 11 / Non-BSM to BSM Conversion Tools
Mateusz Piotrowski
0mp at FreeBSD.org
Tue Aug 9 02:52:54 UTC 2016
Hello,
I finished configuring the NFS on a faster machine. You
can see a tutorial I made along the way here[1].
Moreover, I set up CentOS with the latest Linux Kernel and
auditd versions. Now I am able to generate the most recent format
of the Linux Audit logs.
Until the 9th of August I plan to add a conversion for syscalls,
execs and Linux Audit records which require to call au_to_attr
(see au_token(3)). At the moment au_to_attr is a function available
to the kernel only (I sent and email to freebsd hackers regarding
this issue - see [2]) so I'll have to implement a userland version
of it. I plan to consult my solution with the OpenBSM community.
Hopefully, the 12th week will be spent on writing an extension of
auditdistd(8).
Cheers!
-mateusz
[1]: https://github.com/0mp/freebsd/wiki/Set-up-FreeBSD-with-NFS
[2]: https://lists.freebsd.org/pipermail/freebsd-hackers/2016-August/049835.html
More information about the soc-status
mailing list