diff options
author | Robert Watson <rwatson@FreeBSD.org> | 2009-04-19 16:17:13 +0000 |
---|---|---|
committer | Robert Watson <rwatson@FreeBSD.org> | 2009-04-19 16:17:13 +0000 |
commit | c0020399a650364d0134f79f3fa319f84064372d (patch) | |
tree | 23231275c989b2a559134953a8963fe87175a61e /contrib/openbsm/bsm | |
parent | 4df4e33572998a0342707718ac8796ac3d21e33c (diff) | |
parent | a751bb747008d2d65523ad2bb7693437b6a3d185 (diff) | |
download | src-c0020399a650364d0134f79f3fa319f84064372d.tar.gz src-c0020399a650364d0134f79f3fa319f84064372d.zip |
Merge OpenBSM 1.1 from OpenBSM vendor branch to head.
OpenBSM history for imported revision below for reference.
MFC after: 2 weeks
Sponsored by: Apple, Inc.
Obtained from: TrustedBSD Project
OpenBSM 1.1
- Change auditon(2) parameters and data structures to be 32/64-bit architecture
independent. Add more information to man page about auditon(2) parameters.
- Add wrapper functions for auditon(2) to use legacy commands when the new
commands are not supported.
- Add default for 'expire-after' in audit_control to expire trail files when
the audit directory is more than 10 megabytes ('10M').
- Interface to convert between local and BSM fcntl(2) command values has been
added: au_bsm_to_fcntl_cmd(3) and au_fcntl_cmd_to_bsm(3), along with
definitions of constants in audit_fcntl.h.
- A bug, introduced in OpenBSM 1.1 alpha 4, in which AUT_RETURN32 tokens
generated by audit_submit(3) were improperly encoded has been fixed.
- Fix example in audit_submit(3) man page. Also, make it clear that we want
the audit ID as the argument.
- A new audit event class 'aa', for post-login authentication and
authorization events, has been added.
Notes
Notes:
svn path=/head/; revision=191273
Diffstat (limited to 'contrib/openbsm/bsm')
-rw-r--r-- | contrib/openbsm/bsm/Makefile.in | 22 | ||||
-rw-r--r-- | contrib/openbsm/bsm/audit_uevents.h | 3 | ||||
-rw-r--r-- | contrib/openbsm/bsm/libbsm.h | 43 |
3 files changed, 53 insertions, 15 deletions
diff --git a/contrib/openbsm/bsm/Makefile.in b/contrib/openbsm/bsm/Makefile.in index 5ea5ee274df5..2894ae73ef08 100644 --- a/contrib/openbsm/bsm/Makefile.in +++ b/contrib/openbsm/bsm/Makefile.in @@ -1,8 +1,8 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.10.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -15,7 +15,7 @@ @SET_MAKE@ # -# $P4: //depot/projects/trustedbsd/openbsm/bsm/Makefile.in#9 $ +# $P4: //depot/projects/trustedbsd/openbsm/bsm/Makefile.in#10 $ # VPATH = @srcdir@ @@ -79,6 +79,7 @@ CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ +DSYMUTIL = @DSYMUTIL@ ECHO = @ECHO@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ @@ -103,6 +104,7 @@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ MIG = @MIG@ MKDIR_P = @MKDIR_P@ +NMEDIT = @NMEDIT@ OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ @@ -166,6 +168,7 @@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ openbsmdir = $(includedir)/bsm @@ -236,8 +239,8 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ + $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS @@ -249,8 +252,8 @@ TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ @@ -260,13 +263,12 @@ ctags: CTAGS CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) tags=; \ - here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ test -z "$(CTAGS_ARGS)$$tags$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ $$tags $$unique diff --git a/contrib/openbsm/bsm/audit_uevents.h b/contrib/openbsm/bsm/audit_uevents.h index 53c56164ee02..f71797b5b318 100644 --- a/contrib/openbsm/bsm/audit_uevents.h +++ b/contrib/openbsm/bsm/audit_uevents.h @@ -26,7 +26,7 @@ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/bsm/audit_uevents.h#10 $ + * $P4: //depot/projects/trustedbsd/openbsm/bsm/audit_uevents.h#11 $ */ #ifndef _BSM_AUDIT_UEVENTS_H_ @@ -138,5 +138,6 @@ #define AUE_calife 45027 /* OpenBSM-allocated. */ #define AUE_sudo 45028 /* OpenBSM-allocated. */ #define AUE_audit_recovery 45029 /* OpenBSM-allocated. */ +#define AUE_ssauthmech 45030 /* Darwin-specific. */ #endif /* !_BSM_AUDIT_UEVENTS_H_ */ diff --git a/contrib/openbsm/bsm/libbsm.h b/contrib/openbsm/bsm/libbsm.h index 8713b4a813e2..d8c5086adac7 100644 --- a/contrib/openbsm/bsm/libbsm.h +++ b/contrib/openbsm/bsm/libbsm.h @@ -26,7 +26,7 @@ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/bsm/libbsm.h#42 $ + * $P4: //depot/projects/trustedbsd/openbsm/bsm/libbsm.h#45 $ */ #ifndef _LIBBSM_H_ @@ -565,6 +565,12 @@ typedef struct { typedef struct { u_int16_t family; u_int16_t port; + u_int32_t addr[4]; +} au_socketinet_ex32_t; + +typedef struct { + u_int16_t family; + u_int16_t port; u_int32_t addr; } au_socketinet32_t; @@ -722,7 +728,7 @@ struct tokenstr { au_seq_t seq; au_socket_t socket; au_socket_ex32_t socket_ex32; - au_socketinet32_t sockinet32; + au_socketinet_ex32_t sockinet_ex32; au_socketunix_t sockunix; au_subject32_t subj32; au_subject32ex_t subj32_ex; @@ -773,8 +779,8 @@ int getauditflagschar(char *auditstr, au_mask_t *masks, int verbose); int au_preselect(au_event_t event, au_mask_t *mask_p, int sorf, int flag); -ssize_t au_poltostr(long policy, size_t maxsize, char *buf); -int au_strtopol(const char *polstr, long *policy); +ssize_t au_poltostr(int policy, size_t maxsize, char *buf); +int au_strtopol(const char *polstr, int *policy); /* * Functions relating to querying audit event information. @@ -831,10 +837,12 @@ void au_print_xml_footer(FILE *outfp); */ int au_bsm_to_domain(u_short bsm_domain, int *local_domainp); int au_bsm_to_errno(u_char bsm_error, int *errorp); +int au_bsm_to_fcntl_cmd(u_short bsm_fcntl_cmd, int *local_fcntl_cmdp); int au_bsm_to_socket_type(u_short bsm_socket_type, int *local_socket_typep); u_short au_domain_to_bsm(int local_domain); u_char au_errno_to_bsm(int local_errno); +u_short au_fcntl_cmd_to_bsm(int local_fcntl_command); u_short au_socket_type_to_bsm(int local_socket_type); const char *au_strerror(u_char bsm_error); @@ -1262,6 +1270,33 @@ void audit_token_to_au32( au_tid_t *tidp); #endif /* !__APPLE__ */ +/* + * Wrapper functions to auditon(2). + */ +int audit_get_car(char *path, size_t sz); +int audit_get_class(au_evclass_map_t *evc_map, size_t sz); +int audit_set_class(au_evclass_map_t *evc_map, size_t sz); +int audit_get_cond(int *cond); +int audit_set_cond(int *cond); +int audit_get_cwd(char *path, size_t sz); +int audit_get_fsize(au_fstat_t *fstat, size_t sz); +int audit_set_fsize(au_fstat_t *fstat, size_t sz); +int audit_get_kmask(au_mask_t *kmask, size_t sz); +int audit_set_kmask(au_mask_t *kmask, size_t sz); +int audit_get_kaudit(auditinfo_addr_t *aia, size_t sz); +int audit_set_kaudit(auditinfo_addr_t *aia, size_t sz); +int audit_set_pmask(auditpinfo_t *api, size_t sz); +int audit_get_pinfo(auditpinfo_t *api, size_t sz); +int audit_get_pinfo_addr(auditpinfo_addr_t *apia, size_t sz); +int audit_get_policy(int *policy); +int audit_set_policy(int *policy); +int audit_get_qctrl(au_qctrl_t *qctrl, size_t sz); +int audit_set_qctrl(au_qctrl_t *qctrl, size_t sz); +int audit_get_sinfo_addr(auditinfo_addr_t *aia, size_t sz); +int audit_get_stat(au_stat_t *stats, size_t sz); +int audit_set_stat(au_stat_t *stats, size_t sz); +int audit_send_trigger(int *trigger); + __END_DECLS #endif /* !_LIBBSM_H_ */ |