PERFORCE change 106609 for review
rwatson at FreeBSD.org
Sun Sep 24 11:19:35 PDT 2006
Change 106609 by rwatson at rwatson_fledge on 2006/09/24 18:19:09
Add history item about new audit_warn event.
Affected files ...
.. //depot/projects/trustedbsd/openbsm/HISTORY#39 edit
==== //depot/projects/trustedbsd/openbsm/HISTORY#39 (text+ko) ====
@@ -11,6 +11,9 @@
line; this was the documented behavior previously, but it was not
implemented. Be more specific in auditreduce(1)'s examples section about
what might be done with the output of auditreduce.
+- Add audit_warn(5) closefile event so that administrators can hook
+ termination of an audit trail file. For example, this might be used to
+ compress the trail file after it is closed.
- auditreduce(1) now uses regular expressions for pathname matching. Users can
now supply one or more (comma delimited) regular expressions for searching
the pathnames. If one of the regular expressions is prefixed with a tilde
@@ -261,4 +264,4 @@
to support reloading of kernel event table.
- Allow comments in /etc/security configuration files.
-$P4: //depot/projects/trustedbsd/openbsm/HISTORY#38 $
+$P4: //depot/projects/trustedbsd/openbsm/HISTORY#39 $
More information about the trustedbsd-cvs