[GSoC'20 Weekly Update] Adding audit(4) support to NFS
Shivank Garg
shivank at freebsd.org
Mon Aug 10 18:40:14 UTC 2020
Hi,
This project aims to add audit(4) support to NFS, which will allow
auditd(8) to just run on the NFS server and audit all activities within the
NFS network. Audit works mostly on the syscall level and NFS is implemented
within the kernel, which means the NFS RPCs don't generate any audit
records on the server.
Note that audit(4) can still be used on the NFS network but auditd(8) must
run on every NFS client.
Til this I week, I made the following progress:
* Fixed the AUDIT_NFSARG_UPATH1 to avoid unlocking/relocking of vnode for
locked vnode.
* Followed up on NFSv3 Audit(4) support revision here:
https://reviews.freebsd.org/D25869
* Started Auditing NFSv4 Sub-operations:
https://github.com/shivankgarg98/freebsd/compare/user/shivank/nfs_audit_review2...shivankgarg98:user/shivank/nfsv4_audit
Currently, I'm:
* Developing TestSuite for NFSv4 Simultaneously for audited sub-ops.
* auditing remaining NFSv4 services.
Please, do Check this project on
Github: https://github.com/shivankgarg98/freebsd/tree/user/shivank/nfs_audit
NFSv4 audit feature branch:
https://github.com/shivankgarg98/freebsd/tree/user/shivank/nfsv4_audit
Project wiki:
https://wiki.freebsd.org/SummerOfCode2020Projects/AddAuditSupportToNFS
TestSuite: https://github.com/shivankgarg98/NFSAuditTestSuite
Please feel free to share your ideas and feedback on this project.
Best Regards,
Shivank Garg
More information about the soc-status
mailing list