mirror of
https://github.com/freebsd/freebsd-src.git
synced 2024-11-27 09:12:44 +00:00
MFH: 292432,r292433,r292434
- Merge OpenBSM 1.2 alpha 4. - Regenerate config.h for OpenBSM 1.2 alpha 4. - Add au_notify.2 and MLINKs (added in OpenBSM 1.2 alpha 4). Relnotes: yes
This commit is contained in:
parent
0421efcfca
commit
93b7fa3181
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/stable/10/; revision=293161
18
contrib/openbsm/.travis.yml
Normal file
18
contrib/openbsm/.travis.yml
Normal file
@ -0,0 +1,18 @@
|
||||
language: c
|
||||
|
||||
compiler:
|
||||
- clang
|
||||
- gcc
|
||||
|
||||
os:
|
||||
- linux
|
||||
- osx
|
||||
|
||||
before_install:
|
||||
- if [ $TRAVIS_OS_NAME == "linux" ]; then
|
||||
sudo apt-get -qq update;
|
||||
sudo apt-get -qq install byacc flex;
|
||||
elif [ $TRAVIS_OS_NAME == "osx" ]; then
|
||||
brew update;
|
||||
brew install byacc flex;
|
||||
fi
|
@ -3,7 +3,7 @@ OpenBSM Build and Installation Instructions
|
||||
OpenBSM is currently built using autoconf and automake, which should allow
|
||||
for building on a range of operating systems, including FreeBSD, Mac OS X,
|
||||
and Linux. Some components are built only if appropriate kernel audit
|
||||
suppport is found. Typical builds will be performed using:
|
||||
support is found. Typical builds will be performed using:
|
||||
|
||||
./configure
|
||||
make
|
||||
@ -31,7 +31,7 @@ not configurable.
|
||||
You may wish to specify that the OpenBSM components not be installed in the
|
||||
base system, rather in a specific directory. This may be done using the
|
||||
--prefix argument to configure. If installing to a specific directory,
|
||||
remember to update your library path so that running tools from that
|
||||
remember to update your library path so that when running tools from that
|
||||
directory the correct libbsm is used:
|
||||
|
||||
./configure --prefix=/home/rwatson/openbsm
|
||||
|
@ -34,5 +34,3 @@ as a whole:
|
||||
The TrustedBSD Project would appreciate the contribution of fixes and
|
||||
enhancements under an identical license in order to avoid potentially
|
||||
confusing license proliferation.
|
||||
|
||||
$P4: //depot/projects/trustedbsd/openbsm/LICENSE#6 $
|
||||
|
@ -1,7 +1,3 @@
|
||||
##
|
||||
## $P4: //depot/projects/trustedbsd/openbsm/Makefile.am#5 $
|
||||
##
|
||||
|
||||
SUBDIRS = \
|
||||
bsm
|
||||
|
||||
|
@ -59,9 +59,9 @@ DIST_COMMON = README $(am__configure_deps) $(srcdir)/Makefile.am \
|
||||
$(top_srcdir)/config/config.sub \
|
||||
$(top_srcdir)/config/install-sh $(top_srcdir)/config/ltmain.sh \
|
||||
$(top_srcdir)/config/missing $(top_srcdir)/configure INSTALL \
|
||||
NEWS TODO config/config.guess config/config.sub config/depcomp \
|
||||
config/install-sh config/ltmain.sh config/missing \
|
||||
config/ylwrap
|
||||
NEWS TODO config/compile config/config.guess config/config.sub \
|
||||
config/depcomp config/install-sh config/ltmain.sh \
|
||||
config/missing config/ylwrap
|
||||
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
|
||||
am__aclocal_m4_deps = $(top_srcdir)/configure.ac
|
||||
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
|
||||
|
@ -1,5 +1,16 @@
|
||||
OpenBSM Version History
|
||||
|
||||
OpenBSM 1.2 alpha 4
|
||||
|
||||
- Fix praudit to emit correct XML.
|
||||
- Fix auditdistd bugs related to IPv6 support, locking, and a kqueue-related
|
||||
descriptor leak.
|
||||
- Add audit event definitions for Capsicum-related syscalls, as well as
|
||||
AUE_BINDAT and AUE_CONNECTAT.
|
||||
- Manpage symlinks for all libbsm functions are installed again after the
|
||||
move to autotools in OpenBSM 1.0 Alpha 5.
|
||||
- A variety of minor documentation cleanups.
|
||||
|
||||
OpenBSM 1.2 alpha 3
|
||||
|
||||
- Various minor tweaks to the auditdistd build to make it fit the FreeBSD
|
||||
@ -494,5 +505,3 @@ OpenBSM 1.0 alpha 1
|
||||
- auditd(8), audit(8) added to the OpenBSM distribution. auditd extended
|
||||
to support reloading of kernel event table.
|
||||
- Allow comments in /etc/security configuration files.
|
||||
|
||||
$P4: //depot/projects/trustedbsd/openbsm/NEWS#55 $
|
||||
|
@ -1,4 +1,4 @@
|
||||
OpenBSM 1.2a2
|
||||
OpenBSM
|
||||
|
||||
Introduction
|
||||
|
||||
@ -10,7 +10,7 @@ of several organizations.
|
||||
OpenBSM includes several command line tools, including auditreduce(8) and
|
||||
praudit(8) for reducing and printing audit trails, as well as the libbsm(3)
|
||||
library to manage configuration files, generate audit records, and parse and
|
||||
print audit trils.
|
||||
print audit trails.
|
||||
|
||||
Coupled with a kernel audit implementation, OpenBSM can be used to maintain
|
||||
system audit streams, and is a foundation for a full audit-enabled system.
|
||||
@ -64,5 +64,3 @@ Information on OpenBSM may be found on the OpenBSM home page:
|
||||
Information on TrustedBSD may be found on the TrustedBSD home page:
|
||||
|
||||
http://www.TrustedBSD.org/
|
||||
|
||||
$P4: //depot/projects/trustedbsd/openbsm/README#41 $
|
||||
|
@ -7,8 +7,6 @@ OpenBSM TODO
|
||||
- Document contents of libbsm "public" data structures in libbsm man pages.
|
||||
- The audit.log.5 man page is incomplete, as it does not describe all
|
||||
token types.
|
||||
- With the move to autoconf/automake, man page symlinks are no longer
|
||||
installed. This needs to be fixed.
|
||||
- It might be desirable to be able to provide EOPNOTSUPP system call stubs
|
||||
on systems that don't have the necessary audit system calls; that would
|
||||
allow the full libbsm and tool set to build, just not run.
|
||||
@ -23,5 +21,3 @@ OpenBSM TODO
|
||||
not available on the local OS platform.
|
||||
- Support for client certificates in auditdistd, to include certificate chain
|
||||
validation.
|
||||
|
||||
$P4: //depot/projects/trustedbsd/openbsm/TODO#14 $
|
||||
|
@ -1 +1 @@
|
||||
OPENBSM_1_2_alpha3
|
||||
OPENBSM_1_2_alpha4
|
||||
|
@ -1,7 +1,4 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# $P4: //depot/projects/trustedbsd/openbsm/autogen.sh#2 $
|
||||
#
|
||||
|
||||
libtoolize --copy --force
|
||||
aclocal
|
||||
|
@ -1,7 +1,3 @@
|
||||
##
|
||||
## $P4: //depot/projects/trustedbsd/openbsm/bin/Makefile.am#4 $
|
||||
##
|
||||
|
||||
SUBDIRS = \
|
||||
auditdistd \
|
||||
auditfilterd \
|
||||
|
@ -1,7 +1,3 @@
|
||||
##
|
||||
## $P4: //depot/projects/trustedbsd/openbsm/bin/audit/Makefile.am#7 $
|
||||
##
|
||||
|
||||
if USE_NATIVE_INCLUDES
|
||||
INCLUDES = -I$(top_builddir) -I$(top_srcdir)
|
||||
else
|
||||
|
@ -25,9 +25,7 @@
|
||||
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
.\"
|
||||
.\" $P4: //depot/projects/trustedbsd/openbsm/bin/audit/audit.8#16 $
|
||||
.\"
|
||||
.Dd January 29, 2009
|
||||
.Dd July 25, 2015
|
||||
.Dt AUDIT 8
|
||||
.Os
|
||||
.Sh NAME
|
||||
@ -88,7 +86,7 @@ Audit policy file used to configure the auditing system.
|
||||
.Xr audit 4 ,
|
||||
.Xr audit_control 5 ,
|
||||
.Xr auditd 8 ,
|
||||
.Xr launchd 8
|
||||
.Xr launchd 8 (Mac OS X)
|
||||
.Sh HISTORY
|
||||
The OpenBSM implementation was created by McAfee Research, the security
|
||||
division of McAfee Inc., under contract to Apple Computer Inc.\& in 2004.
|
||||
|
@ -25,8 +25,6 @@
|
||||
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bin/audit/audit.c#15 $
|
||||
*/
|
||||
/*
|
||||
* Program to trigger the audit daemon with a message that is either:
|
||||
|
@ -1,7 +1,3 @@
|
||||
##
|
||||
## $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/Makefile.am#6 $
|
||||
##
|
||||
|
||||
if USE_NATIVE_INCLUDES
|
||||
INCLUDES = -I$(top_builddir) -I$(top_srcdir)
|
||||
else
|
||||
|
@ -1,5 +1 @@
|
||||
/*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/audit_triggers.defs#1 $
|
||||
*/
|
||||
|
||||
#include <mach/audit_triggers.defs>
|
||||
|
@ -25,8 +25,6 @@
|
||||
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/audit_warn.c#11 $
|
||||
*/
|
||||
|
||||
#include <sys/types.h>
|
||||
|
@ -25,9 +25,7 @@
|
||||
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
.\"
|
||||
.\" $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.8#19 $
|
||||
.\"
|
||||
.Dd December 11, 2008
|
||||
.Dd July 25, 2015
|
||||
.Dt AUDITD 8
|
||||
.Os
|
||||
.Sh NAME
|
||||
@ -123,7 +121,7 @@ and are no longer available as arguments to
|
||||
.Xr audit_warn 5 ,
|
||||
.Xr audit 8 ,
|
||||
.Xr auditdistd 8 ,
|
||||
.Xr launchd 8
|
||||
.Xr launchd 8 (Mac OS X)
|
||||
.Sh HISTORY
|
||||
The OpenBSM implementation was created by McAfee Research, the security
|
||||
division of McAfee Inc., under contract to Apple Computer Inc.\& in 2004.
|
||||
|
@ -25,8 +25,6 @@
|
||||
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#50 $
|
||||
*/
|
||||
|
||||
#include <sys/types.h>
|
||||
|
@ -25,8 +25,6 @@
|
||||
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.h#13 $
|
||||
*/
|
||||
|
||||
#ifndef _AUDITD_H_
|
||||
|
@ -25,8 +25,6 @@
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
|
||||
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||
* POSSIBILITY OF SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd_control.defs#2 $
|
||||
*/
|
||||
|
||||
/*
|
||||
|
@ -25,8 +25,6 @@
|
||||
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd_darwin.c#5 $
|
||||
*/
|
||||
|
||||
#include <sys/types.h>
|
||||
|
@ -25,8 +25,6 @@
|
||||
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd_fbsd.c#4 $
|
||||
*/
|
||||
|
||||
#include <sys/types.h>
|
||||
|
@ -1,7 +1,3 @@
|
||||
##
|
||||
## $P4: //depot/projects/trustedbsd/openbsm/bin/auditdistd/Makefile.am#1 $
|
||||
##
|
||||
|
||||
if USE_NATIVE_INCLUDES
|
||||
INCLUDES = -I$(top_builddir) -I$(top_srcdir)
|
||||
else
|
||||
|
@ -41,7 +41,7 @@
|
||||
.Sh DESCRIPTION
|
||||
The
|
||||
.Nm
|
||||
daemon is responsible for distributing audit trail files over TCP/IP network in
|
||||
daemon is responsible for distributing audit trail files over a TCP/IP network in
|
||||
a secure and reliable way.
|
||||
.Pp
|
||||
The
|
||||
@ -49,7 +49,7 @@ The
|
||||
daemon can be started with the following command line arguments:
|
||||
.Bl -tag -width ".Fl P Ar pidfile"
|
||||
.It Fl c Ar config
|
||||
Specify alternative location of the configuration file.
|
||||
Specify an alternative location of the configuration file.
|
||||
The default location is
|
||||
.Pa /etc/security/auditdistd.conf .
|
||||
Note: the configuration file may contain passwords.
|
||||
@ -74,7 +74,7 @@ usage message.
|
||||
Start in a launchd-friendly mode, ie. do not use
|
||||
.Xr daemon 3 .
|
||||
.It Fl P Ar pidfile
|
||||
Specify alternative location of a file where main process PID will be
|
||||
Specify an alternative location of a file where main process PID will be
|
||||
stored.
|
||||
The default location is
|
||||
.Pa /var/run/auditdistd.pid .
|
||||
|
@ -25,8 +25,6 @@
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditdistd/auditdistd.c#3 $
|
||||
*/
|
||||
|
||||
#include <config/config.h>
|
||||
|
@ -27,7 +27,7 @@
|
||||
.\"
|
||||
.\" $FreeBSD$
|
||||
.\"
|
||||
.Dd March 22, 2011
|
||||
.Dd July 1, 2015
|
||||
.Dt AUDITDISTD.CONF 5
|
||||
.Os
|
||||
.Sh NAME
|
||||
@ -37,19 +37,21 @@
|
||||
daemon.
|
||||
.Sh DESCRIPTION
|
||||
Note: the configuration file may contain passwords.
|
||||
Care should be taken to configure proper permissions on this file
|
||||
.Li ( eg. 0600 ) .
|
||||
Care should be taken to configure proper permissions for this file
|
||||
.Li ( e.g., 0600 ) .
|
||||
.Pp
|
||||
Every line starting with # is treated as comment and ignored.
|
||||
Every line starting with
|
||||
.Li #
|
||||
gets treated as a comment and is ignored.
|
||||
.Sh CONFIGURATION FILE SYNTAX
|
||||
General syntax of the
|
||||
The general syntax of the
|
||||
.Nm
|
||||
file is following:
|
||||
.Bd -literal -offset
|
||||
file is as follows:
|
||||
.Bd -literal
|
||||
## Global section.
|
||||
|
||||
# Our name.
|
||||
# The default is first part of the hostname.
|
||||
# The default is the first part of the hostname.
|
||||
name "<name>"
|
||||
|
||||
# Connection timeout.
|
||||
@ -71,11 +73,11 @@ sender {
|
||||
# The default is /var/audit/dist.
|
||||
directory "<dir>"
|
||||
.\"
|
||||
.\" # Checksum algorithm for data send over the wire.
|
||||
.\" # Checksum algorithm for data sent over the wire.
|
||||
.\" # The default is none.
|
||||
.\" checksum "<algorithm>"
|
||||
.\"
|
||||
.\" # Compression algorithm for data send over the wire.
|
||||
.\" # Compression algorithm for data sent over the wire.
|
||||
.\" # The default is none.
|
||||
.\" compression "<algorithm>"
|
||||
|
||||
@ -86,7 +88,7 @@ sender {
|
||||
# Optional.
|
||||
source "<addr>"
|
||||
|
||||
# Address of auditdistd receiver.
|
||||
# Address of the auditdistd receiver.
|
||||
# No default. Obligatory.
|
||||
remote "<addr>"
|
||||
|
||||
@ -95,7 +97,7 @@ sender {
|
||||
directory "<dir>"
|
||||
|
||||
# Fingerprint of the receiver's public key when using TLS
|
||||
# for connection.
|
||||
# for connections.
|
||||
# Example fingerprint:
|
||||
# SHA256=8F:0A:FC:8A:3D:09:80:AF:D9:AA:38:CC:8A:86:53:E6:8F:B6:1C:55:30:14:D7:F9:AA:8B:3E:73:CD:F5:76:2B
|
||||
fingerprint "<algorithm=hash>"
|
||||
@ -103,37 +105,37 @@ sender {
|
||||
# Password used to authenticate in front of the receiver.
|
||||
password "<password>"
|
||||
.\"
|
||||
.\" # Checksum algorithm for data send over the wire.
|
||||
.\" # Checksum algorithm for data sent over the wire.
|
||||
.\" # The default is none.
|
||||
.\" checksum "<algorithm>"
|
||||
.\"
|
||||
.\" # Compression algorithm for data send over the wire.
|
||||
.\" # Compression algorithm for data sent over the wire.
|
||||
.\" # The default is none.
|
||||
.\" compression "<algorithm>"
|
||||
}
|
||||
|
||||
# Currently local audit trail files can be send only to one remote
|
||||
# Currently local audit trail files can be sent only to one remote
|
||||
# auditdistd receiver, but this can change in the future.
|
||||
}
|
||||
|
||||
receiver {
|
||||
## Receiver section.
|
||||
|
||||
# Address to listen on. Multiple listen addresses might be specified.
|
||||
# Address to listen on. Multiple listen addresses may be specified.
|
||||
# The defaults are "tcp4://0.0.0.0:7878" and "tcp6://[::]:7878".
|
||||
listen "<addr>"
|
||||
|
||||
# Base directory.
|
||||
# If directory in host section is no absolute, it will be concatenated
|
||||
# with this base directory.
|
||||
# If the directory in the host section is not absolute, it will be
|
||||
# concatenated with this base directory.
|
||||
# The default is "/var/audit/remote".
|
||||
directory "<basedir>"
|
||||
|
||||
# Path to receiver's certificate file.
|
||||
# Path to the receiver's certificate file.
|
||||
# The default is "/etc/security/auditdistd.cert.pem".
|
||||
certfile "<path>"
|
||||
|
||||
# Path to receiver's private key file.
|
||||
# Path to the receiver's private key file.
|
||||
# The default is "/etc/security/auditdistd.key.pem".
|
||||
keyfile "<path>"
|
||||
|
||||
@ -158,7 +160,7 @@ receiver {
|
||||
.Ed
|
||||
.Pp
|
||||
Most of the various available configuration parameters are optional.
|
||||
If parameter is not defined in the particular section, it will be
|
||||
If a parameter is not defined in the particular section, it will be
|
||||
inherited from the parent section if possible.
|
||||
For example, if the
|
||||
.Ic source
|
||||
@ -172,14 +174,14 @@ In case the
|
||||
section does not define the
|
||||
.Ic source
|
||||
parameter at all, the default value will be used.
|
||||
.Sh CONFIGURATION FILE DESCRIPTION
|
||||
.Sh CONFIGURATION OPTION DESCRIPTION
|
||||
The following statements are available:
|
||||
.Bl -tag -width ".Ic xxxx"
|
||||
.It Ic name Aq name
|
||||
.Pp
|
||||
This host's name.
|
||||
It is send to the receiver, so it can properly recognize us if there are
|
||||
more than one sender coming from the same IP address.
|
||||
It is sent to the receiver, so it can properly recognize us if there are
|
||||
multiple senders coming from the same IP address.
|
||||
.It Ic timeout Aq seconds
|
||||
.Pp
|
||||
Connection timeout in seconds.
|
||||
@ -198,17 +200,17 @@ The default value is
|
||||
Local address to bind to before connecting to the remote
|
||||
.Nm auditdistd
|
||||
daemon.
|
||||
Format is the same as for the
|
||||
The format is the same as for the
|
||||
.Ic listen
|
||||
statement.
|
||||
.It Ic directory Aq path
|
||||
.Pp
|
||||
Directory where to look for audit trail files in case of sender mode or
|
||||
directory where to store received audit trail files.
|
||||
The directory where to look for audit trail files in case of sender mode, or
|
||||
the directory where to store received audit trail files.
|
||||
The provided path has to be an absolute path.
|
||||
The only exception is when directory is provided in the
|
||||
The only exception is when the directory is provided in the
|
||||
.Ic receiver
|
||||
section, then path provided in the
|
||||
section; then the path provided in the
|
||||
.Ic host
|
||||
subsections can be relative to the directory in the
|
||||
.Ic receiver
|
||||
@ -229,13 +231,13 @@ subsections in the
|
||||
.Ic receiver
|
||||
section where
|
||||
.Aq name
|
||||
is host's name.
|
||||
is the host's name.
|
||||
.\".It Ic checksum Aq algorithm
|
||||
.\".Pp
|
||||
.\"Checksum algorithm should be one of the following:
|
||||
.\".Bl -tag -width ".Ic sha256"
|
||||
.\".It Ic none
|
||||
.\"No checksum will be calculated for the data being send over the network.
|
||||
.\"No checksum will be calculated for the data being sent over the network.
|
||||
.\"This is the default setting.
|
||||
.\".It Ic crc32
|
||||
.\"CRC32 checksum will be calculated.
|
||||
@ -247,30 +249,30 @@ is host's name.
|
||||
.\"Compression algorithm should be one of the following:
|
||||
.\".Bl -tag -width ".Ic none"
|
||||
.\".It Ic none
|
||||
.\"Data send over the network will not be compressed.
|
||||
.\"Data sent over the network will not be compressed.
|
||||
.\"This is the default setting.
|
||||
.\".It Ic lzf
|
||||
.\"The
|
||||
.\".Nm LZF
|
||||
.\"algorithm by
|
||||
.\".An Marc Alexander Lehmann
|
||||
.\"will be used to compress the data send over the network.
|
||||
.\"will be used to compress the data sent over the network.
|
||||
.\".Nm LZF
|
||||
.\"is very fast, general purpose compression algorithm.
|
||||
.\"is a very fast, general purpose compression algorithm.
|
||||
.\".El
|
||||
.It Ic remote Aq addr
|
||||
.Pp
|
||||
Address of the remote
|
||||
.Nm auditdistd
|
||||
daemon.
|
||||
Format is the same as for the
|
||||
The format is the same as for the
|
||||
.Ic listen
|
||||
statement.
|
||||
When operating in the
|
||||
When operating in
|
||||
.Ic sender
|
||||
mode this address will be used to connect to the
|
||||
.Ic receiver .
|
||||
When operating in the
|
||||
When operating in
|
||||
.Ic receiver
|
||||
mode only connections from this address will be accepted.
|
||||
.It Ic listen Aq addr
|
||||
@ -296,21 +298,22 @@ By default
|
||||
listens on
|
||||
.Pa tcp4://0.0.0.0:7878
|
||||
and
|
||||
.Pa tcp6://[::]:7878
|
||||
if kernel supports IPv4 and IPv6 respectively.
|
||||
.Pa tcp6://[::]:7878 ,
|
||||
if the kernel supports IPv4 and IPv6 respectively.
|
||||
.It Ic keyfile Aq path
|
||||
.Pp
|
||||
Path to a file that contains private key for TLS communication.
|
||||
Path to a file that contains the private key for TLS communication.
|
||||
.It Ic certfile Aq path
|
||||
.Pp
|
||||
Path to a file that contains certificate for TLS communication.
|
||||
Path to a file that contains the certificate for TLS communication.
|
||||
.It Ic fingerprint Aq algo=hash
|
||||
.Pp
|
||||
Finger print of the receiver's public key.
|
||||
Currently only SHA256 algorithm is supported.
|
||||
Certificate public key's fingerprint ready to be pasted into auditdistd
|
||||
Fingerprint of the receiver's public key.
|
||||
Currently only the SHA256 algorithm is supported.
|
||||
The certificate public key's fingerprint ready to be pasted into the
|
||||
.Nm auditdistd
|
||||
configuration file can be obtained by running:
|
||||
.Bd -literal -offset
|
||||
.Bd -literal
|
||||
# openssl x509 -in /etc/security/auditdistd.cert.pem -noout -fingerprint -sha256 | awk -F '[ =]' '{printf("%s=%s\\n", $1, $3)}'
|
||||
.Ed
|
||||
.It Ic password Aq password
|
||||
@ -352,10 +355,10 @@ receiver {
|
||||
.Ed
|
||||
.Sh SEE ALSO
|
||||
.Xr audit 4 ,
|
||||
.Xr auditdistd 8 .
|
||||
.Xr auditdistd 8
|
||||
.Sh AUTHORS
|
||||
The
|
||||
.Nm auditdistd
|
||||
was developed by
|
||||
daemon was developed by
|
||||
.An Pawel Jakub Dawidek Aq pawel@dawidek.net
|
||||
under sponsorship of the FreeBSD Foundation.
|
||||
|
@ -25,8 +25,6 @@
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditdistd/auditdistd.h#2 $
|
||||
*/
|
||||
|
||||
#ifndef _AUDITDISTD_H_
|
||||
|
@ -25,8 +25,6 @@
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditdistd/faccessat.h#1 $
|
||||
*/
|
||||
|
||||
#ifndef _FACCESSAT_H_
|
||||
|
@ -25,8 +25,6 @@
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditdistd/fstatat.h#1 $
|
||||
*/
|
||||
|
||||
#ifndef _FSTATAT_H_
|
||||
|
@ -25,8 +25,6 @@
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditdistd/openat.h#1 $
|
||||
*/
|
||||
|
||||
#ifndef _OPENAT_H_
|
||||
|
@ -26,8 +26,6 @@
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditdistd/parse.y#5 $
|
||||
*/
|
||||
|
||||
#include <config/config.h>
|
||||
|
@ -26,8 +26,6 @@
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditdistd/pjdlog.c#1 $
|
||||
*/
|
||||
|
||||
#include <sys/types.h>
|
||||
|
@ -26,8 +26,6 @@
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditdistd/pjdlog.h#1 $
|
||||
*/
|
||||
|
||||
#ifndef _PJDLOG_H_
|
||||
|
@ -25,8 +25,6 @@
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditdistd/proto.c#1 $
|
||||
*/
|
||||
|
||||
#include <sys/types.h>
|
||||
|
@ -25,8 +25,6 @@
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditdistd/proto.h#1 $
|
||||
*/
|
||||
|
||||
#ifndef _PROTO_H_
|
||||
|
@ -26,8 +26,6 @@
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditdistd/proto_common.c#1 $
|
||||
*/
|
||||
|
||||
#include <sys/types.h>
|
||||
|
@ -25,8 +25,6 @@
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditdistd/proto_impl.h#1 $
|
||||
*/
|
||||
|
||||
#ifndef _PROTO_IMPL_H_
|
||||
|
@ -25,8 +25,6 @@
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditdistd/proto_socketpair.c#1 $
|
||||
*/
|
||||
|
||||
#include <sys/types.h>
|
||||
|
@ -26,8 +26,6 @@
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditdistd/proto_tcp.c#2 $
|
||||
*/
|
||||
|
||||
#include <config/config.h>
|
||||
|
@ -25,8 +25,6 @@
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditdistd/proto_tls.c#2 $
|
||||
*/
|
||||
|
||||
#include <config/config.h>
|
||||
|
@ -25,8 +25,6 @@
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditdistd/proto_uds.c#2 $
|
||||
*/
|
||||
|
||||
/* UDS - UNIX Domain Socket */
|
||||
|
@ -25,8 +25,6 @@
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditdistd/receiver.c#3 $
|
||||
*/
|
||||
|
||||
#include <config/config.h>
|
||||
|
@ -25,8 +25,6 @@
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditdistd/renameat.h#1 $
|
||||
*/
|
||||
|
||||
#ifndef _RENAMEAT_H_
|
||||
|
@ -25,8 +25,6 @@
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditdistd/sandbox.c#3 $
|
||||
*/
|
||||
|
||||
#include <config/config.h>
|
||||
|
@ -25,8 +25,6 @@
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditdistd/sandbox.h#1 $
|
||||
*/
|
||||
|
||||
#ifndef _SANDBOX_H_
|
||||
|
@ -25,8 +25,6 @@
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditdistd/sender.c#3 $
|
||||
*/
|
||||
|
||||
#include <config/config.h>
|
||||
|
@ -25,8 +25,6 @@
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditdistd/sigtimedwait.h#2 $
|
||||
*/
|
||||
|
||||
#ifndef _SIGTIMEDWAIT_H_
|
||||
|
@ -25,8 +25,6 @@
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditdistd/strndup.h#1 $
|
||||
*/
|
||||
|
||||
#ifndef _STRNDUP_H_
|
||||
|
@ -22,8 +22,6 @@
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditdistd/subr.c#3 $
|
||||
*/
|
||||
|
||||
#include <config/config.h>
|
||||
|
@ -22,8 +22,6 @@
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditdistd/subr.h#1 $
|
||||
*/
|
||||
|
||||
#ifndef _AUDITDISTD_SUBR_H_
|
||||
|
@ -25,8 +25,6 @@
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditdistd/synch.h#3 $
|
||||
*/
|
||||
|
||||
#ifndef _SYNCH_H_
|
||||
|
@ -26,8 +26,6 @@
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditdistd/token.l#2 $
|
||||
*/
|
||||
|
||||
#include <config/config.h>
|
||||
|
@ -25,8 +25,6 @@
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditdistd/trail.c#3 $
|
||||
*/
|
||||
|
||||
#include <config/config.h>
|
||||
|
@ -25,8 +25,6 @@
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditdistd/trail.h#1 $
|
||||
*/
|
||||
|
||||
#ifndef _AUDITDISTD_TRAIL_H_
|
||||
|
@ -25,8 +25,6 @@
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditdistd/unlinkat.h#1 $
|
||||
*/
|
||||
|
||||
#ifndef _UNLINKAT_H_
|
||||
|
@ -1,7 +1,3 @@
|
||||
##
|
||||
## $P4: //depot/projects/trustedbsd/openbsm/bin/auditfilterd/Makefile.am#4 $
|
||||
##
|
||||
|
||||
if USE_NATIVE_INCLUDES
|
||||
INCLUDES = -I$(top_builddir) -I$(top_srcdir)
|
||||
else
|
||||
|
@ -23,8 +23,6 @@
|
||||
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
.\" SUCH DAMAGE.
|
||||
.\"
|
||||
.\" $P4: //depot/projects/trustedbsd/openbsm/bin/auditfilterd/auditfilterd.8#6 $
|
||||
.\"
|
||||
.Dd October 3, 2006
|
||||
.Dt AUDITFILTERD 8
|
||||
.Os
|
||||
|
@ -24,8 +24,6 @@
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditfilterd/auditfilterd.c#13 $
|
||||
*/
|
||||
|
||||
/*
|
||||
@ -131,7 +129,7 @@ present_rawrecord(struct timespec *ts, u_char *data, u_int len)
|
||||
}
|
||||
|
||||
/*
|
||||
* Parse the BSM into a set of tokens, which will be pased to registered
|
||||
* Parse the BSM into a set of tokens, which will be passed to registered
|
||||
* and interested filters.
|
||||
*/
|
||||
#define MAX_TOKENS 128 /* Maximum tokens we handle per record. */
|
||||
|
@ -24,8 +24,6 @@
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditfilterd/auditfilterd.h#5 $
|
||||
*/
|
||||
|
||||
#define AUDITFILTERD_CONFFILE "/etc/security/audit_filter"
|
||||
|
@ -24,8 +24,6 @@
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditfilterd/auditfilterd_conf.c#5 $
|
||||
*/
|
||||
|
||||
/*
|
||||
|
@ -1,7 +1,3 @@
|
||||
##
|
||||
## $P4: //depot/projects/trustedbsd/openbsm/bin/auditreduce/Makefile.am#4 $
|
||||
##
|
||||
|
||||
if USE_NATIVE_INCLUDES
|
||||
INCLUDES = -I$(top_builddir) -I$(top_srcdir)
|
||||
else
|
||||
|
@ -25,8 +25,6 @@
|
||||
.\" IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||
.\" POSSIBILITY OF SUCH DAMAGE.
|
||||
.\"
|
||||
.\" $P4: //depot/projects/trustedbsd/openbsm/bin/auditreduce/auditreduce.1#18 $
|
||||
.\"
|
||||
.Dd January 24, 2004
|
||||
.Dt AUDITREDUCE 1
|
||||
.Os
|
||||
|
@ -25,8 +25,6 @@
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
|
||||
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||
* POSSIBILITY OF SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditreduce/auditreduce.c#31 $
|
||||
*/
|
||||
|
||||
/*
|
||||
|
@ -25,8 +25,6 @@
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
|
||||
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||
* POSSIBILITY OF SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditreduce/auditreduce.h#7 $
|
||||
*/
|
||||
|
||||
#ifndef _AUDITREDUCE_H_
|
||||
|
@ -1,7 +1,3 @@
|
||||
##
|
||||
## $P4: //depot/projects/trustedbsd/openbsm/bin/praudit/Makefile.am#4 $
|
||||
##
|
||||
|
||||
if USE_NATIVE_INCLUDES
|
||||
INCLUDES = -I$(top_builddir) -I$(top_srcdir)
|
||||
else
|
||||
|
@ -25,8 +25,6 @@
|
||||
.\" IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||
.\" POSSIBILITY OF SUCH DAMAGE.
|
||||
.\"
|
||||
.\" $P4: //depot/projects/trustedbsd/openbsm/bin/praudit/praudit.1#14 $
|
||||
.\"
|
||||
.Dd August 4, 2009
|
||||
.Dt PRAUDIT 1
|
||||
.Os
|
||||
|
@ -26,8 +26,6 @@
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
|
||||
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||
* POSSIBILITY OF SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bin/praudit/praudit.c#16 $
|
||||
*/
|
||||
|
||||
/*
|
||||
|
@ -1,7 +1,3 @@
|
||||
##
|
||||
## $P4: //depot/projects/trustedbsd/openbsm/bsm/Makefile.am#5 $
|
||||
##
|
||||
|
||||
openbsmdir = $(includedir)/bsm
|
||||
|
||||
openbsm_HEADERS = \
|
||||
|
@ -24,8 +24,6 @@
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bsm/audit_filter.h#4 $
|
||||
*/
|
||||
|
||||
#ifndef _BSM_AUDIT_FILTER_H_
|
||||
|
@ -25,8 +25,6 @@
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
|
||||
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||
* POSSIBILITY OF SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bsm/audit_uevents.h#11 $
|
||||
*/
|
||||
|
||||
#ifndef _BSM_AUDIT_UEVENTS_H_
|
||||
|
@ -25,8 +25,6 @@
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
|
||||
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||
* POSSIBILITY OF SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bsm/auditd_lib.h#5 $
|
||||
*/
|
||||
|
||||
#ifndef _BSM_AUDITD_LIB_H_
|
||||
|
@ -25,8 +25,6 @@
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
|
||||
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||
* POSSIBILITY OF SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/bsm/libbsm.h#50 $
|
||||
*/
|
||||
|
||||
#ifndef _LIBBSM_H_
|
||||
|
@ -22,8 +22,6 @@
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/compat/clock_gettime.h#3 $
|
||||
*/
|
||||
|
||||
/*
|
||||
|
@ -25,8 +25,6 @@
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/compat/closefrom.h#1 $
|
||||
*/
|
||||
|
||||
#ifndef _CLOSEFROM_H_
|
||||
|
@ -25,8 +25,6 @@
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/compat/compat.h#1 $
|
||||
*/
|
||||
|
||||
#ifndef _COMPAT_H_
|
||||
|
@ -25,7 +25,6 @@
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* Derived from FreeBSD src/sys/sys/endian.h:1.6.
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/compat/endian.h#10 $
|
||||
*/
|
||||
|
||||
#ifndef _COMPAT_ENDIAN_H_
|
||||
|
@ -25,7 +25,6 @@
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* Derived from FreeBSD src/sys/sys/endian.h:1.6.
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/compat/endian_enc.h#1 $
|
||||
*/
|
||||
|
||||
#ifndef _COMPAT_ENDIAN_ENC_H_
|
||||
|
@ -25,7 +25,6 @@
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* Derived from FreeBSD head/lib/libutil/flopen.c r193591
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/compat/flopen.h#1 $
|
||||
*/
|
||||
|
||||
#include <sys/file.h>
|
||||
|
@ -24,7 +24,6 @@
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* Derived from FreeBSD head/lib/libutil/pidfile.c r231938
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/compat/pidfile.h#1 $
|
||||
*/
|
||||
|
||||
#include <sys/param.h>
|
||||
|
@ -29,7 +29,6 @@
|
||||
* @(#)queue.h 8.5 (Berkeley) 8/20/94
|
||||
*
|
||||
* Derived from FreeBSD src/sys/sys/queue.h:1.63.
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/compat/queue.h#3 $
|
||||
*/
|
||||
|
||||
#ifndef _COMPAT_QUEUE_H_
|
||||
|
@ -25,7 +25,6 @@
|
||||
* ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*
|
||||
* dollar OpenBSD: strlcat.c,v 1.2 1999/06/17 16:28:58 millert Exp dollar
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/compat/strlcat.h#3 $
|
||||
*/
|
||||
|
||||
/*
|
||||
|
@ -25,7 +25,6 @@
|
||||
* ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*
|
||||
* dollar OpenBSD: strlcpy.c,v 1.4 1999/05/01 18:56:41 millert Exp dollar
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/compat/strlcpy.h#1 $
|
||||
*/
|
||||
|
||||
/*
|
||||
|
@ -229,13 +229,13 @@
|
||||
#define PACKAGE "OpenBSM"
|
||||
|
||||
/* Define to the address where bug reports for this package should be sent. */
|
||||
#define PACKAGE_BUGREPORT "trustedbsd-audit@TrustesdBSD.org"
|
||||
#define PACKAGE_BUGREPORT "trustedbsd-audit@TrustedBSD.org"
|
||||
|
||||
/* Define to the full name of this package. */
|
||||
#define PACKAGE_NAME "OpenBSM"
|
||||
|
||||
/* Define to the full name and version of this package. */
|
||||
#define PACKAGE_STRING "OpenBSM 1.2-alpha3"
|
||||
#define PACKAGE_STRING "OpenBSM 1.2-alpha4"
|
||||
|
||||
/* Define to the one symbol short name of this package. */
|
||||
#define PACKAGE_TARNAME "openbsm"
|
||||
@ -244,7 +244,7 @@
|
||||
#define PACKAGE_URL ""
|
||||
|
||||
/* Define to the version of this package. */
|
||||
#define PACKAGE_VERSION "1.2-alpha3"
|
||||
#define PACKAGE_VERSION "1.2-alpha4"
|
||||
|
||||
/* Define as the return type of signal handlers (`int' or `void'). */
|
||||
#define RETSIGTYPE void
|
||||
@ -280,7 +280,7 @@
|
||||
#define USE_SYS_ENDIAN_H /**/
|
||||
|
||||
/* Version number of package */
|
||||
#define VERSION "1.2-alpha3"
|
||||
#define VERSION "1.2-alpha4"
|
||||
|
||||
/* Define to 1 if `lex' declares `yytext' as a `char *' by default, not a
|
||||
`char[]'. */
|
||||
|
49
contrib/openbsm/configure
vendored
49
contrib/openbsm/configure
vendored
@ -1,9 +1,8 @@
|
||||
#! /bin/sh
|
||||
# From configure.ac P4: //depot/projects/trustedbsd/openbsm/configure.ac#65 .
|
||||
# Guess values for system-dependent variables and create Makefiles.
|
||||
# Generated by GNU Autoconf 2.69 for OpenBSM 1.2-alpha3.
|
||||
# Generated by GNU Autoconf 2.69 for OpenBSM 1.2-alpha4.
|
||||
#
|
||||
# Report bugs to <trustedbsd-audit@TrustesdBSD.org>.
|
||||
# Report bugs to <trustedbsd-audit@TrustedBSD.org>.
|
||||
#
|
||||
#
|
||||
# Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc.
|
||||
@ -276,7 +275,7 @@ fi
|
||||
$as_echo "$0: be upgraded to zsh 4.3.4 or later."
|
||||
else
|
||||
$as_echo "$0: Please tell bug-autoconf@gnu.org and
|
||||
$0: trustedbsd-audit@TrustesdBSD.org about your system,
|
||||
$0: trustedbsd-audit@TrustedBSD.org about your system,
|
||||
$0: including any error possibly output before this
|
||||
$0: message. Then install a modern shell, or manually run
|
||||
$0: the script under such a shell if you do have one."
|
||||
@ -591,9 +590,9 @@ MAKEFLAGS=
|
||||
# Identity of this package.
|
||||
PACKAGE_NAME='OpenBSM'
|
||||
PACKAGE_TARNAME='openbsm'
|
||||
PACKAGE_VERSION='1.2-alpha3'
|
||||
PACKAGE_STRING='OpenBSM 1.2-alpha3'
|
||||
PACKAGE_BUGREPORT='trustedbsd-audit@TrustesdBSD.org'
|
||||
PACKAGE_VERSION='1.2-alpha4'
|
||||
PACKAGE_STRING='OpenBSM 1.2-alpha4'
|
||||
PACKAGE_BUGREPORT='trustedbsd-audit@TrustedBSD.org'
|
||||
PACKAGE_URL=''
|
||||
|
||||
ac_unique_file="bin/auditreduce/auditreduce.c"
|
||||
@ -1327,7 +1326,7 @@ if test "$ac_init_help" = "long"; then
|
||||
# Omit some internal or obsolete options to make the list less imposing.
|
||||
# This message is too long to be a string in the A/UX 3.1 sh.
|
||||
cat <<_ACEOF
|
||||
\`configure' configures OpenBSM 1.2-alpha3 to adapt to many kinds of systems.
|
||||
\`configure' configures OpenBSM 1.2-alpha4 to adapt to many kinds of systems.
|
||||
|
||||
Usage: $0 [OPTION]... [VAR=VALUE]...
|
||||
|
||||
@ -1397,7 +1396,7 @@ fi
|
||||
|
||||
if test -n "$ac_init_help"; then
|
||||
case $ac_init_help in
|
||||
short | recursive ) echo "Configuration of OpenBSM 1.2-alpha3:";;
|
||||
short | recursive ) echo "Configuration of OpenBSM 1.2-alpha4:";;
|
||||
esac
|
||||
cat <<\_ACEOF
|
||||
|
||||
@ -1448,7 +1447,7 @@ Some influential environment variables:
|
||||
Use these variables to override the choices made by `configure' or to help
|
||||
it to find libraries and programs with nonstandard names/locations.
|
||||
|
||||
Report bugs to <trustedbsd-audit@TrustesdBSD.org>.
|
||||
Report bugs to <trustedbsd-audit@TrustedBSD.org>.
|
||||
_ACEOF
|
||||
ac_status=$?
|
||||
fi
|
||||
@ -1511,7 +1510,7 @@ fi
|
||||
test -n "$ac_init_help" && exit $ac_status
|
||||
if $ac_init_version; then
|
||||
cat <<\_ACEOF
|
||||
OpenBSM configure 1.2-alpha3
|
||||
OpenBSM configure 1.2-alpha4
|
||||
generated by GNU Autoconf 2.69
|
||||
|
||||
Copyright (C) 2012 Free Software Foundation, Inc.
|
||||
@ -1856,9 +1855,9 @@ $as_echo "$as_me: WARNING: $2: see the Autoconf documentation" >&2;}
|
||||
$as_echo "$as_me: WARNING: $2: section \"Present But Cannot Be Compiled\"" >&2;}
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: proceeding with the compiler's result" >&5
|
||||
$as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;}
|
||||
( $as_echo "## ----------------------------------------------- ##
|
||||
## Report this to trustedbsd-audit@TrustesdBSD.org ##
|
||||
## ----------------------------------------------- ##"
|
||||
( $as_echo "## ---------------------------------------------- ##
|
||||
## Report this to trustedbsd-audit@TrustedBSD.org ##
|
||||
## ---------------------------------------------- ##"
|
||||
) | sed "s/^/$as_me: WARNING: /" >&2
|
||||
;;
|
||||
esac
|
||||
@ -1991,7 +1990,7 @@ cat >config.log <<_ACEOF
|
||||
This file contains any messages produced by compilers while
|
||||
running configure, to aid debugging if configure makes a mistake.
|
||||
|
||||
It was created by OpenBSM $as_me 1.2-alpha3, which was
|
||||
It was created by OpenBSM $as_me 1.2-alpha4, which was
|
||||
generated by GNU Autoconf 2.69. Invocation command line was
|
||||
|
||||
$ $0 $@
|
||||
@ -2344,7 +2343,6 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu
|
||||
|
||||
|
||||
|
||||
|
||||
ac_aux_dir=
|
||||
for ac_dir in config "$srcdir"/config; do
|
||||
if test -f "$ac_dir/install-sh"; then
|
||||
@ -11132,6 +11130,17 @@ CC="$lt_save_CC"
|
||||
# Only expand once:
|
||||
|
||||
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether ln -s works" >&5
|
||||
$as_echo_n "checking whether ln -s works... " >&6; }
|
||||
LN_S=$as_ln_s
|
||||
if test "$LN_S" = "ln -s"; then
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
|
||||
$as_echo "yes" >&6; }
|
||||
else
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no, using $LN_S" >&5
|
||||
$as_echo "no, using $LN_S" >&6; }
|
||||
fi
|
||||
|
||||
for ac_prog in 'bison -y' byacc
|
||||
do
|
||||
# Extract the first word of "$ac_prog", so it can be a program name with args.
|
||||
@ -11552,7 +11561,7 @@ fi
|
||||
# Define the identity of the package.
|
||||
|
||||
PACKAGE=OpenBSM
|
||||
VERSION=1.2-alpha3
|
||||
VERSION=1.2-alpha4
|
||||
|
||||
|
||||
cat >>confdefs.h <<_ACEOF
|
||||
@ -14174,7 +14183,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
|
||||
# report actual input values of CONFIG_FILES etc. instead of their
|
||||
# values after options handling.
|
||||
ac_log="
|
||||
This file was extended by OpenBSM $as_me 1.2-alpha3, which was
|
||||
This file was extended by OpenBSM $as_me 1.2-alpha4, which was
|
||||
generated by GNU Autoconf 2.69. Invocation command line was
|
||||
|
||||
CONFIG_FILES = $CONFIG_FILES
|
||||
@ -14234,13 +14243,13 @@ $config_headers
|
||||
Configuration commands:
|
||||
$config_commands
|
||||
|
||||
Report bugs to <trustedbsd-audit@TrustesdBSD.org>."
|
||||
Report bugs to <trustedbsd-audit@TrustedBSD.org>."
|
||||
|
||||
_ACEOF
|
||||
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
|
||||
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
|
||||
ac_cs_version="\\
|
||||
OpenBSM config.status 1.2-alpha3
|
||||
OpenBSM config.status 1.2-alpha4
|
||||
configured by $0, generated by GNU Autoconf 2.69,
|
||||
with options \\"\$ac_cs_config\\"
|
||||
|
||||
|
@ -2,8 +2,7 @@
|
||||
# Process this file with autoconf to produce a configure script.
|
||||
|
||||
AC_PREREQ(2.59)
|
||||
AC_INIT([OpenBSM], [1.2-alpha3], [trustedbsd-audit@TrustesdBSD.org],[openbsm])
|
||||
AC_REVISION([$P4: //depot/projects/trustedbsd/openbsm/configure.ac#66 $])
|
||||
AC_INIT([OpenBSM], [1.2-alpha4], [trustedbsd-audit@TrustedBSD.org],[openbsm])
|
||||
AC_CONFIG_MACRO_DIR([m4])
|
||||
AC_CONFIG_SRCDIR([bin/auditreduce/auditreduce.c])
|
||||
AC_CONFIG_AUX_DIR(config)
|
||||
@ -29,6 +28,7 @@ AC_PROG_CC
|
||||
AC_PROG_INSTALL
|
||||
AC_PROG_LEX
|
||||
AC_PROG_LIBTOOL
|
||||
AC_PROG_LN_S
|
||||
AC_PROG_YACC
|
||||
|
||||
AM_INIT_AUTOMAKE(AC_PACKAGE_NAME, AC_PACKAGE_VERSION)
|
||||
|
@ -1,5 +1,4 @@
|
||||
#
|
||||
# $P4: //depot/projects/trustedbsd/openbsm/etc/audit_class#6 $
|
||||
# $FreeBSD$
|
||||
#
|
||||
0x00000000:no:invalid class
|
||||
|
@ -1,5 +1,4 @@
|
||||
#
|
||||
# $P4: //depot/projects/trustedbsd/openbsm/etc/audit_control#9 $
|
||||
# $FreeBSD$
|
||||
#
|
||||
dir:/var/audit
|
||||
|
@ -1,5 +1,4 @@
|
||||
#
|
||||
# $P4: //depot/projects/trustedbsd/openbsm/etc/audit_event#43 $
|
||||
# $FreeBSD$
|
||||
#
|
||||
# The mapping between event identifiers and values is also hard-coded in
|
||||
|
@ -1,5 +1,5 @@
|
||||
#
|
||||
# $P4: //depot/projects/trustedbsd/openbsm/etc/audit_filter#1 $
|
||||
# $FreeBSD$
|
||||
#
|
||||
# modulename:various arguments here
|
||||
#
|
||||
|
@ -1,5 +1,4 @@
|
||||
#
|
||||
# $P4: //depot/projects/trustedbsd/openbsm/etc/audit_user#3 $
|
||||
# $FreeBSD$
|
||||
#
|
||||
root:lo:no
|
||||
|
@ -1,6 +1,6 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# $P4: //depot/projects/trustedbsd/openbsm/etc/audit_warn#3 $
|
||||
# $FreeBSD$
|
||||
#
|
||||
|
||||
logger -p security.warning "audit warning: $@"
|
||||
|
@ -1,7 +1,3 @@
|
||||
##
|
||||
## $P4: //depot/projects/trustedbsd/openbsm/libauditd/Makefile.am#3 $
|
||||
##
|
||||
|
||||
if USE_NATIVE_INCLUDES
|
||||
INCLUDES = -I$(top_builddir) -I$(top_srcdir)
|
||||
else
|
||||
|
@ -25,8 +25,6 @@
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
|
||||
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||
* POSSIBILITY OF SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/libauditd/auditd_lib.c#18 $
|
||||
*/
|
||||
|
||||
#include <sys/param.h>
|
||||
@ -402,12 +400,13 @@ trailname_to_tstamp(char *fn, time_t *tstamp)
|
||||
* ADE_NOERR on success or there is nothing to do.
|
||||
* ADE_PARSE if error parsing audit_control(5).
|
||||
* ADE_NOMEM if could not allocate memory.
|
||||
* ADE_EXPIRE if there was an unespected error.
|
||||
* ADE_READLINK if could not read link file.
|
||||
* ADE_EXPIRE if there was an unexpected error.
|
||||
*/
|
||||
int
|
||||
auditd_expire_trails(int (*warn_expired)(char *))
|
||||
{
|
||||
int andflg, ret = ADE_NOERR;
|
||||
int andflg, len, ret = ADE_NOERR;
|
||||
size_t expire_size, total_size = 0L;
|
||||
time_t expire_age, oldest_time, current_time = time(NULL);
|
||||
struct dir_ent *traildir;
|
||||
@ -431,7 +430,9 @@ auditd_expire_trails(int (*warn_expired)(char *))
|
||||
* Read the 'current' trail file name. Trim off directory path.
|
||||
*/
|
||||
activefn[0] = '\0';
|
||||
readlink(AUDIT_CURRENT_LINK, activefn, MAXPATHLEN - 1);
|
||||
len = readlink(AUDIT_CURRENT_LINK, activefn, MAXPATHLEN - 1);
|
||||
if (len < 0)
|
||||
return (ADE_READLINK);
|
||||
if ((afnp = strrchr(activefn, '/')) != NULL)
|
||||
afnp++;
|
||||
|
||||
|
@ -26,8 +26,6 @@
|
||||
.\" IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||
.\" POSSIBILITY OF SUCH DAMAGE.
|
||||
.\"
|
||||
.\" $P4: //depot/projects/trustedbsd/openbsm/libauditd/libauditd.3#1 $
|
||||
.\"
|
||||
.Dd December 27, 2008
|
||||
.Dt LIBAUDITD 3
|
||||
.Os
|
||||
@ -45,7 +43,7 @@ library provides the internal implementation of
|
||||
There are no public interfaces in
|
||||
.Nm .
|
||||
.Sh SEE ALSO
|
||||
.Xr auditd 8 .
|
||||
.Xr auditd 8
|
||||
.Sh HISTORY
|
||||
The OpenBSM implementation was created by McAfee Research, the security
|
||||
division of McAfee Inc., under contract to Apple Computer, Inc., in 2004.
|
||||
|
@ -1,7 +1,3 @@
|
||||
##
|
||||
## $P4: //depot/projects/trustedbsd/openbsm/libbsm/Makefile.am#10 $
|
||||
##
|
||||
|
||||
if USE_NATIVE_INCLUDES
|
||||
INCLUDES = -I$(top_builddir) -I$(top_srcdir)
|
||||
else
|
||||
@ -41,9 +37,121 @@ man3_MANS = \
|
||||
au_free_token.3 \
|
||||
au_io.3 \
|
||||
au_mask.3 \
|
||||
au_notify.3 \
|
||||
au_open.3 \
|
||||
au_socket_type.3 \
|
||||
au_token.3 \
|
||||
au_user.3 \
|
||||
libbsm.3
|
||||
|
||||
install-exec-hook:
|
||||
cd $(DESTDIR)$(mandir) && \
|
||||
$(LN_S) -f au_class.3 getauclassent.3 && \
|
||||
$(LN_S) -f au_class.3 getauclassent_r.3 && \
|
||||
$(LN_S) -f au_class.3 getauclassnam.3 && \
|
||||
$(LN_S) -f au_class.3 getauclassnam_r.3 && \
|
||||
$(LN_S) -f au_class.3 setauclass.3 && \
|
||||
$(LN_S) -f au_class.3 endauclass.3 && \
|
||||
$(LN_S) -f au_control.3 setac.3 && \
|
||||
$(LN_S) -f au_control.3 endac.3 && \
|
||||
$(LN_S) -f au_control.3 getacdir.3 && \
|
||||
$(LN_S) -f au_control.3 getacdist.3 && \
|
||||
$(LN_S) -f au_control.3 getacexpire.3 && \
|
||||
$(LN_S) -f au_control.3 getacfilesz.3 && \
|
||||
$(LN_S) -f au_control.3 getacflg.3 && \
|
||||
$(LN_S) -f au_control.3 getachost.3 && \
|
||||
$(LN_S) -f au_control.3 getacmin.3 && \
|
||||
$(LN_S) -f au_control.3 getacna.3 && \
|
||||
$(LN_S) -f au_control.3 getacpol.3 && \
|
||||
$(LN_S) -f au_control.3 au_poltostr.3 && \
|
||||
$(LN_S) -f au_control.3 ac_strtopol.3 && \
|
||||
$(LN_S) -f au_domain.3 au_bsm_to_domain.3 && \
|
||||
$(LN_S) -f au_domain.3 au_domain_to_bsm.3 && \
|
||||
$(LN_S) -f au_errno.3 au_bsm_to_errno.3 && \
|
||||
$(LN_S) -f au_errno.3 au_errno_to_bsm.3 && \
|
||||
$(LN_S) -f au_errno.3 au_strerror.3 && \
|
||||
$(LN_S) -f au_event.3 setauevent.3 && \
|
||||
$(LN_S) -f au_event.3 endauevent.3 && \
|
||||
$(LN_S) -f au_event.3 getauevent.3 && \
|
||||
$(LN_S) -f au_event.3 getauevent_r.3 && \
|
||||
$(LN_S) -f au_event.3 getauevnam.3 && \
|
||||
$(LN_S) -f au_event.3 getauevnam_r.3 && \
|
||||
$(LN_S) -f au_event.3 getauevnum.3 && \
|
||||
$(LN_S) -f au_event.3 getauevnum_r.3 && \
|
||||
$(LN_S) -f au_event.3 getauevnonam.3 && \
|
||||
$(LN_S) -f au_event.3 getauevnonam_r.3 && \
|
||||
$(LN_S) -f au_fcntl.3 au_bsm_to_fcntl_cmd.3 && \
|
||||
$(LN_S) -f au_fcntl.3 au_fcntl_cmd_to_bsm.3 && \
|
||||
$(LN_S) -f au_io.3 au_fetch_tok.3 && \
|
||||
$(LN_S) -f au_io.3 au_print_tok.3 && \
|
||||
$(LN_S) -f au_io.3 au_print_flags_tok.3 && \
|
||||
$(LN_S) -f au_io.3 au_read_rec.3 && \
|
||||
$(LN_S) -f au_mask.3 au_preselect.3 && \
|
||||
$(LN_S) -f au_mask.3 getauditflagsbin.3 && \
|
||||
$(LN_S) -f au_mask.3 getauditflagschar.3 && \
|
||||
$(LN_S) -f au_notify.3 au_get_state.3 && \
|
||||
$(LN_S) -f au_notify.3 au_notify_initialize.3 && \
|
||||
$(LN_S) -f au_notify.3 au_notify_terminate.3 && \
|
||||
$(LN_S) -f au_open.3 au_open.3 && \
|
||||
$(LN_S) -f au_open.3 au_write.3 && \
|
||||
$(LN_S) -f au_open.3 au_close.3 && \
|
||||
$(LN_S) -f au_open.3 au_close_buffer.3 && \
|
||||
$(LN_S) -f au_open.3 au_close_token.3 && \
|
||||
$(LN_S) -f au_socket_type.3 au_bsm_to_socket_type.3 && \
|
||||
$(LN_S) -f au_socket_type.3 au_socket_type_to_bsm.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_arg32.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_arg64.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_arg.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_attr64.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_data.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_exit.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_groups.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_newgroups.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_in_addr.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_in_addr_ex.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_ip.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_ipc.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_ipc_perm.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_iport.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_opaque.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_file.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_text.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_path.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_process32.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_process64.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_process.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_process32_ex.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_process64_ex.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_process_ex.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_return32.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_return64.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_return.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_seq.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_sock_inet32.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_sock_inet128.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_sock_inet.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_socket_ex.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_subject32.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_subject64.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_subject.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_subject32_ex.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_subject64_ex.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_subject_ex.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_me.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_exec_args.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_exec_env.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_header.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_header32.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_header64.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_header_ex.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_header32_ex.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_trailer.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_zonename.3 && \
|
||||
$(LN_S) -f au_user.3 setauuser.3 && \
|
||||
$(LN_S) -f au_user.3 endauuser.3 && \
|
||||
$(LN_S) -f au_user.3 getauuserent.3 && \
|
||||
$(LN_S) -f au_user.3 getauuserent_r.3 && \
|
||||
$(LN_S) -f au_user.3 getauusernam.3 && \
|
||||
$(LN_S) -f au_user.3 getauusernam_r.3 && \
|
||||
$(LN_S) -f au_user.3 au_user_mask.3 && \
|
||||
$(LN_S) -f au_user.3 getfauditflags.3
|
||||
|
@ -269,6 +269,7 @@ man3_MANS = \
|
||||
au_free_token.3 \
|
||||
au_io.3 \
|
||||
au_mask.3 \
|
||||
au_notify.3 \
|
||||
au_open.3 \
|
||||
au_socket_type.3 \
|
||||
au_token.3 \
|
||||
@ -612,7 +613,8 @@ install-dvi: install-dvi-am
|
||||
install-dvi-am:
|
||||
|
||||
install-exec-am: install-libLTLIBRARIES
|
||||
|
||||
@$(NORMAL_INSTALL)
|
||||
$(MAKE) $(AM_MAKEFLAGS) install-exec-hook
|
||||
install-html: install-html-am
|
||||
|
||||
install-html-am:
|
||||
@ -655,15 +657,15 @@ uninstall-am: uninstall-libLTLIBRARIES uninstall-man
|
||||
|
||||
uninstall-man: uninstall-man3
|
||||
|
||||
.MAKE: install-am install-strip
|
||||
.MAKE: install-am install-exec-am install-strip
|
||||
|
||||
.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
|
||||
clean-libLTLIBRARIES clean-libtool cscopelist ctags distclean \
|
||||
distclean-compile distclean-generic distclean-libtool \
|
||||
distclean-tags distdir dvi dvi-am html html-am info info-am \
|
||||
install install-am install-data install-data-am install-dvi \
|
||||
install-dvi-am install-exec install-exec-am install-html \
|
||||
install-html-am install-info install-info-am \
|
||||
install-dvi-am install-exec install-exec-am install-exec-hook \
|
||||
install-html install-html-am install-info install-info-am \
|
||||
install-libLTLIBRARIES install-man install-man3 install-pdf \
|
||||
install-pdf-am install-ps install-ps-am install-strip \
|
||||
installcheck installcheck-am installdirs maintainer-clean \
|
||||
@ -673,6 +675,118 @@ uninstall-man: uninstall-man3
|
||||
uninstall-man uninstall-man3
|
||||
|
||||
|
||||
install-exec-hook:
|
||||
cd $(DESTDIR)$(mandir) && \
|
||||
$(LN_S) -f au_class.3 getauclassent.3 && \
|
||||
$(LN_S) -f au_class.3 getauclassent_r.3 && \
|
||||
$(LN_S) -f au_class.3 getauclassnam.3 && \
|
||||
$(LN_S) -f au_class.3 getauclassnam_r.3 && \
|
||||
$(LN_S) -f au_class.3 setauclass.3 && \
|
||||
$(LN_S) -f au_class.3 endauclass.3 && \
|
||||
$(LN_S) -f au_control.3 setac.3 && \
|
||||
$(LN_S) -f au_control.3 endac.3 && \
|
||||
$(LN_S) -f au_control.3 getacdir.3 && \
|
||||
$(LN_S) -f au_control.3 getacdist.3 && \
|
||||
$(LN_S) -f au_control.3 getacexpire.3 && \
|
||||
$(LN_S) -f au_control.3 getacfilesz.3 && \
|
||||
$(LN_S) -f au_control.3 getacflg.3 && \
|
||||
$(LN_S) -f au_control.3 getachost.3 && \
|
||||
$(LN_S) -f au_control.3 getacmin.3 && \
|
||||
$(LN_S) -f au_control.3 getacna.3 && \
|
||||
$(LN_S) -f au_control.3 getacpol.3 && \
|
||||
$(LN_S) -f au_control.3 au_poltostr.3 && \
|
||||
$(LN_S) -f au_control.3 ac_strtopol.3 && \
|
||||
$(LN_S) -f au_domain.3 au_bsm_to_domain.3 && \
|
||||
$(LN_S) -f au_domain.3 au_domain_to_bsm.3 && \
|
||||
$(LN_S) -f au_errno.3 au_bsm_to_errno.3 && \
|
||||
$(LN_S) -f au_errno.3 au_errno_to_bsm.3 && \
|
||||
$(LN_S) -f au_errno.3 au_strerror.3 && \
|
||||
$(LN_S) -f au_event.3 setauevent.3 && \
|
||||
$(LN_S) -f au_event.3 endauevent.3 && \
|
||||
$(LN_S) -f au_event.3 getauevent.3 && \
|
||||
$(LN_S) -f au_event.3 getauevent_r.3 && \
|
||||
$(LN_S) -f au_event.3 getauevnam.3 && \
|
||||
$(LN_S) -f au_event.3 getauevnam_r.3 && \
|
||||
$(LN_S) -f au_event.3 getauevnum.3 && \
|
||||
$(LN_S) -f au_event.3 getauevnum_r.3 && \
|
||||
$(LN_S) -f au_event.3 getauevnonam.3 && \
|
||||
$(LN_S) -f au_event.3 getauevnonam_r.3 && \
|
||||
$(LN_S) -f au_fcntl.3 au_bsm_to_fcntl_cmd.3 && \
|
||||
$(LN_S) -f au_fcntl.3 au_fcntl_cmd_to_bsm.3 && \
|
||||
$(LN_S) -f au_io.3 au_fetch_tok.3 && \
|
||||
$(LN_S) -f au_io.3 au_print_tok.3 && \
|
||||
$(LN_S) -f au_io.3 au_print_flags_tok.3 && \
|
||||
$(LN_S) -f au_io.3 au_read_rec.3 && \
|
||||
$(LN_S) -f au_mask.3 au_preselect.3 && \
|
||||
$(LN_S) -f au_mask.3 getauditflagsbin.3 && \
|
||||
$(LN_S) -f au_mask.3 getauditflagschar.3 && \
|
||||
$(LN_S) -f au_notify.3 au_get_state.3 && \
|
||||
$(LN_S) -f au_notify.3 au_notify_initialize.3 && \
|
||||
$(LN_S) -f au_notify.3 au_notify_terminate.3 && \
|
||||
$(LN_S) -f au_open.3 au_open.3 && \
|
||||
$(LN_S) -f au_open.3 au_write.3 && \
|
||||
$(LN_S) -f au_open.3 au_close.3 && \
|
||||
$(LN_S) -f au_open.3 au_close_buffer.3 && \
|
||||
$(LN_S) -f au_open.3 au_close_token.3 && \
|
||||
$(LN_S) -f au_socket_type.3 au_bsm_to_socket_type.3 && \
|
||||
$(LN_S) -f au_socket_type.3 au_socket_type_to_bsm.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_arg32.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_arg64.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_arg.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_attr64.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_data.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_exit.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_groups.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_newgroups.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_in_addr.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_in_addr_ex.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_ip.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_ipc.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_ipc_perm.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_iport.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_opaque.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_file.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_text.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_path.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_process32.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_process64.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_process.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_process32_ex.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_process64_ex.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_process_ex.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_return32.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_return64.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_return.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_seq.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_sock_inet32.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_sock_inet128.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_sock_inet.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_socket_ex.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_subject32.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_subject64.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_subject.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_subject32_ex.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_subject64_ex.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_subject_ex.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_me.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_exec_args.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_exec_env.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_header.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_header32.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_header64.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_header_ex.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_header32_ex.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_trailer.3 && \
|
||||
$(LN_S) -f au_token.3 au_to_zonename.3 && \
|
||||
$(LN_S) -f au_user.3 setauuser.3 && \
|
||||
$(LN_S) -f au_user.3 endauuser.3 && \
|
||||
$(LN_S) -f au_user.3 getauuserent.3 && \
|
||||
$(LN_S) -f au_user.3 getauuserent_r.3 && \
|
||||
$(LN_S) -f au_user.3 getauusernam.3 && \
|
||||
$(LN_S) -f au_user.3 getauusernam_r.3 && \
|
||||
$(LN_S) -f au_user.3 au_user_mask.3 && \
|
||||
$(LN_S) -f au_user.3 getfauditflags.3
|
||||
|
||||
# Tell versions [3.59,3.63) of GNU make to not export all variables.
|
||||
# Otherwise a system limit (for SysV at least) may be exceeded.
|
||||
.NOEXPORT:
|
||||
|
@ -23,8 +23,6 @@
|
||||
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
.\" SUCH DAMAGE.
|
||||
.\"
|
||||
.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_class.3#7 $
|
||||
.\"
|
||||
.Dd April 19, 2005
|
||||
.Dt AU_CLASS 3
|
||||
.Os
|
||||
|
@ -23,8 +23,6 @@
|
||||
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
.\" SUCH DAMAGE.
|
||||
.\"
|
||||
.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_control.3#17 $
|
||||
.\"
|
||||
.Dd April 19, 2005
|
||||
.Dt AU_CONTROL 3
|
||||
.Os
|
||||
@ -56,7 +54,7 @@
|
||||
.Ft int
|
||||
.Fn getacdist "void"
|
||||
.Ft int
|
||||
.Fn getacexpire "int *andflg, time_t *age, size_t *size"
|
||||
.Fn getacexpire "int *andflg" "time_t *age" "size_t *size"
|
||||
.Ft int
|
||||
.Fn getacfilesz "size_t *size_val"
|
||||
.Ft int
|
||||
|
@ -26,8 +26,6 @@
|
||||
.\" IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||
.\" POSSIBILITY OF SUCH DAMAGE.
|
||||
.\"
|
||||
.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_domain.3#2 $
|
||||
.\"
|
||||
.Dd December 28, 2008
|
||||
.Dt AU_BSM_TO_DOMAIN 3
|
||||
.Os
|
||||
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user