PERFORCE change 92365 for review
Christian S.J. Peron
csjp at FreeBSD.org
Fri Feb 24 22:11:58 PST 2006
Robert Watson wrote:
>http://perforce.freebsd.org/chv.cgi?CH=92365
>
>Change 92365 by rwatson at rwatson_peppercorn on 2006/02/25 00:12:28
>
> On systems without LOG_SECURITY defined, use LOG_AUTH.
>
> Reported by: Martin Fong <martin dot fong at sri dot com>
>
>Affected files ...
>
>.. //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#13 edit
>
>Differences ...
>
>==== //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#13 (text+ko) ====
>
>@@ -30,7 +30,7 @@
> *
> * @APPLE_BSD_LICENSE_HEADER_END@
> *
>- * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#12 $
>+ * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#13 $
> */
>
> #include <sys/types.h>
>@@ -795,7 +795,11 @@
> }
> }
>
>+#ifdef LOG_SECURITY
> openlog("auditd", LOG_CONS | LOG_PID, LOG_SECURITY);
>+#else
>+ openlog("auditd", LOG_CONS | LOG_PID, LOG_AUTH);
>+#endif
> syslog(LOG_INFO, "starting...\n");
>
> if (debug == 0 && daemon(0, 0) == -1) {
>
>
>
>
In userspace, we are using LOG_AUTH | LOG_ERR to report audit failures,
at least for login(1) and su(1).
Might be a good idea to be consistent, anyway.
--
Christian S.J. Peron
csjp at FreeBSD.ORG
FreeBSD Committer
FreeBSD Security Team
More information about the trustedbsd-cvs
mailing list