freebsd-dev/contrib/openbsm/FREEBSD-upgrade

Upgrade Instructions for OpenBSM
--------------------------------

OpenBSM integrates into the FreeBSD source tree in several places:

src/contrib/openbsm        The OpenBSM distribution itself
src/sys/bsm                Modified versions of some bsm/ include files
src/sys/security/audit     Kernel audit framework, some OpenBSM-based files
src/usr.sbin/*audit*       Makefiles for various OpenBSM tools
src/etc/Makefile           Installation of /etc OpenBSM files
src/lib/libbsm/*           Build for OpenBSM library

OpenBSM is normally built using an integrated autoconf/automake build
system.  For the purposes of tight integration with FreeBSD, we use an
adapted BSD make (bmake) build system loosely based on the automake
setup.  We also rely on a static config.h generated when OpenBSM is
imported, rather than re-configuring every build.  This leads to a
more reproduceable build environment, and avoids dependence on things
not in the base tree (i.e., autoconf, automake, GNU make, etc).  An
upgrade of OpenBSM generally involves the following steps:

- Vendor import of OpenBSM into src/contrib.
- Run configure, commit src/contrib/openbsm/config/config.h.
- Replication of src/contrib/openbsm/bsm changes into src/sys/bsm.
- Possible updates to src/sys/security/audit, especially relating to
  bsm_token.c.
- Update any library, tool, or etc BSD Makefiles to add new files,
  defines, or other generally useful or necessary things.

Normally, the CVS vendor import goes along the following lines:

  cd ~/p4/projects/trustedbsd/openbsm
  cvs -d rwatson@repoman.FreeBSD.org:/home/ncvs -q import src/contrib/openbsm \
        TrustedBSD OPENBSM_1_0_ALPHA_1

Replacing the version string as required.  Use the "-n" argument to CVS to
do a test run.

Propagation of changes to src/sys/{bsm,security/audit} is something that
requires careful coordination and attention to detail.  These files are
not on CVS vendor branches, but do have the same local vs. vendor merge
issues.

$FreeBSD$
Add a brief FREEBSD-upgrade file to provide direction on how to perform OpenBSM upgrades. Right now, this is very easy, but in the future it will probably become more complicated. 2006-02-04 18:29:51 +00:00			`Upgrade Instructions for OpenBSM`
			`--------------------------------`

Update FreeBSD import instructions for OpenBSM based on the new autoconf and automake OpenBSM world order. Obtained from: TrustedBSD Project 2006-03-04 16:50:04 +00:00			`OpenBSM integrates into the FreeBSD source tree in several places:`

			`src/contrib/openbsm The OpenBSM distribution itself`
			`src/sys/bsm Modified versions of some bsm/ include files`
			`src/sys/security/audit Kernel audit framework, some OpenBSM-based files`
			`src/usr.sbin/audit Makefiles for various OpenBSM tools`
			`src/etc/Makefile Installation of /etc OpenBSM files`
			`src/lib/libbsm/* Build for OpenBSM library`

			`OpenBSM is normally built using an integrated autoconf/automake build`
			`system. For the purposes of tight integration with FreeBSD, we use an`
Fix spelling error. Submitted by: remko 2006-03-05 13:30:37 +00:00			`adapted BSD make (bmake) build system loosely based on the automake`
Update FreeBSD import instructions for OpenBSM based on the new autoconf and automake OpenBSM world order. Obtained from: TrustedBSD Project 2006-03-04 16:50:04 +00:00			`setup. We also rely on a static config.h generated when OpenBSM is`
			`imported, rather than re-configuring every build. This leads to a`
			`more reproduceable build environment, and avoids dependence on things`
			`not in the base tree (i.e., autoconf, automake, GNU make, etc). An`
			`upgrade of OpenBSM generally involves the following steps:`

			`- Vendor import of OpenBSM into src/contrib.`
			`- Run configure, commit src/contrib/openbsm/config/config.h.`
			`- Replication of src/contrib/openbsm/bsm changes into src/sys/bsm.`
			`- Possible updates to src/sys/security/audit, especially relating to`
			`bsm_token.c.`
			`- Update any library, tool, or etc BSD Makefiles to add new files,`
			`defines, or other generally useful or necessary things.`

			`Normally, the CVS vendor import goes along the following lines:`
Add a brief FREEBSD-upgrade file to provide direction on how to perform OpenBSM upgrades. Right now, this is very easy, but in the future it will probably become more complicated. 2006-02-04 18:29:51 +00:00
			`cd ~/p4/projects/trustedbsd/openbsm`
Correct typo in sample CVS import line: must specify full path to the CVS repository on repoman. 2006-02-06 00:03:39 +00:00			`cvs -d rwatson@repoman.FreeBSD.org:/home/ncvs -q import src/contrib/openbsm \`
Add a brief FREEBSD-upgrade file to provide direction on how to perform OpenBSM upgrades. Right now, this is very easy, but in the future it will probably become more complicated. 2006-02-04 18:29:51 +00:00			`TrustedBSD OPENBSM_1_0_ALPHA_1`

			`Replacing the version string as required. Use the "-n" argument to CVS to`
			`do a test run.`

Update FreeBSD import instructions for OpenBSM based on the new autoconf and automake OpenBSM world order. Obtained from: TrustedBSD Project 2006-03-04 16:50:04 +00:00			`Propagation of changes to src/sys/{bsm,security/audit} is something that`
			`requires careful coordination and attention to detail. These files are`
			`not on CVS vendor branches, but do have the same local vs. vendor merge`
			`issues.`
Add a brief FREEBSD-upgrade file to provide direction on how to perform OpenBSM upgrades. Right now, this is very easy, but in the future it will probably become more complicated. 2006-02-04 18:29:51 +00:00
			$FreeBSD$