Week 12 / Non-BSM to BSM Conversion Tools

Mateusz Piotrowski 0mp at FreeBSD.org
Mon Aug 15 22:28:18 UTC 2016


Hello,

During the last week I finished implementing the minimal conversion 
of the SYSCALL and EXECVE type Linux Audit records. 

Moreover, I added a very basic version of au_to_attr(3) to the userland, 
so that it is possible to create an attribute token outside of the kernel.
My current implementation might not be satisfying in the long run so 
I emailed the FreeBSD and TrustedBSD mailing lists for advice and opinion.

During the last week I'll try to extend auditdistd with the ability to receive
Linux Audit log trails over the network.

The lastest code is available here: https://github.com/0mp/freebsd/pull/9

Cheers!

-Mateusz

[wiki]: https://wiki.freebsd.org/SummerOfCode2016/NonBSMtoBSMConversionTools



More information about the soc-status mailing list