d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
fdfa4d2d35
freebsd-dev/contrib/openbsm/bin/Makefile.am

16 lines
200 B
Makefile
Raw Normal View History

Import OpenBSM 1.2-alpha2: OpenBSM 1.2 alpha 2 - auditdistd, a distributed audit trail management daemon, has now been merged. This allows trail files to be securely and reliably synced from audited hosts to an audit server, and employs TLS encryption. Where available, it uses Capsicum to sandbox the service. This work was contributed by Pawel Jakub Dawidek under sponsorship from the FreeBSD Foundation. OpenBSM 1.2 alpha 1 - Add Capsicum-related error numbers for FreeBSD: ENOTCAPABLE, ECAPMODE. - Add Capsicum, process descriptor audit events for FreeBSD. - Allow 0% minspace. - Fixes from the clang static analyser. - Fix expiration of trail files when the host parameter is used. - Various typo fixes. - Support for Solaris privilege and privilege set tokens. - Documentation for getachost(), improvements for getacfilesz(). - Fix a directory descriptor leak that happened when audit trail partitions filled. - Support for more Linux distributions with a partial contemporary endian.h. - Improved escaping of XML-encapsulated BSM. - A variety of minor documentation, style, and functional. Obtained from: TrustedBSD Project Sponsored by: The FreeBSD Foundation (auditdistd)
2012-11-30 23:50:07 +00:00
##
## $P4: //depot/projects/trustedbsd/openbsm/bin/Makefile.am#4 $
##
Vendor branch import of TrustedBSD OpenBSM 1.0 alpha 5: - Update install notes to indicate /etc files are to be installed manually. - On systems without LOG_SECURITY, use LOG_AUTH. - Convert to autoconf/automake in order to move to a more portable (not BSD-specific) build infrastructure, and more easy conditional building of components. Currently, the primary feature loss is that automake does not have native support for manual symlinks. This will be addressed in a future OpenBSM release. - Add compat/queue.h, to be used on systems dated BSD queue macro libraries (as found on Linux). - Rename CHANGELOG to HISTORY, as our change log doesn't follow some of the existing conventions for a CHANGELOG. - Some private data structures moved from audit.h to audit_internal.h to prevent inappropriate use by applications and name space pollution. - Improved detection and use of endian macros using autoconf. - Avoid non-portable use of struct in6_addr, which is largely opaque. - Avoid leaking BSD kernel socket related token code to user space in bsm_token.c. - Teach System V IPC calls to look for Linux naming variations for certain struct ipc_perm fields. - Test for audit system calls, and if not present, don't build bsm_wrappers.c, bsm_notify.c, audit(8), and auditd(8), which rely on those system calls. - au_close() is not implemented on systems that don't have audit system calls, but au_close_buffer() is. - Work around missing BSDisms in bsm_wrapper.c. - Fix nested includes so including libbsm.h in an application on Linux picks up the necessary definitions. Obtained from: TrustedBSD Project
2006-03-04 16:45:52 +00:00
SUBDIRS = \
Import OpenBSM 1.2-alpha2: OpenBSM 1.2 alpha 2 - auditdistd, a distributed audit trail management daemon, has now been merged. This allows trail files to be securely and reliably synced from audited hosts to an audit server, and employs TLS encryption. Where available, it uses Capsicum to sandbox the service. This work was contributed by Pawel Jakub Dawidek under sponsorship from the FreeBSD Foundation. OpenBSM 1.2 alpha 1 - Add Capsicum-related error numbers for FreeBSD: ENOTCAPABLE, ECAPMODE. - Add Capsicum, process descriptor audit events for FreeBSD. - Allow 0% minspace. - Fixes from the clang static analyser. - Fix expiration of trail files when the host parameter is used. - Various typo fixes. - Support for Solaris privilege and privilege set tokens. - Documentation for getachost(), improvements for getacfilesz(). - Fix a directory descriptor leak that happened when audit trail partitions filled. - Support for more Linux distributions with a partial contemporary endian.h. - Improved escaping of XML-encapsulated BSM. - A variety of minor documentation, style, and functional. Obtained from: TrustedBSD Project Sponsored by: The FreeBSD Foundation (auditdistd)
2012-11-30 23:50:07 +00:00
auditdistd \
Vendor branch import of TrustedBSD OpenBSM 1.0 alpha 6: - Use AU_TO_WRITE and AU_NO_TO_WRITE for the 'keep' argument to au_close(); previously we used hard-coded 0 and 1 values. - Add man page for au_open(), au_write(), au_close(), and au_close_buffer(). - Support a more complete range of data types for the arbitrary data token: add AUR_CHAR (alias to AUR_BYTE), remove AUR_LONG, add AUR_INT32 (alias to AUR_INT), add AUR_INT64. - Add au_close_token(), which allows writing a single token_t to a memory buffer. Not likely to be used much by applications, but useful for writing test tools. - Modify au_to_file() so that it accepts a timeval in user space, not just kernel -- this is not a Solaris BSM API so can be modified without causing compatibility issues. - Define a new API, au_to_header32_tm(), which adds a struct timeval argument to the ordinary au_to_header32(), which is now implemented by wrapping au_to_header32_tm() and calling gettimeofday(). #ifndef KERNEL the APIs that invoke gettimeofday(), rather than having a variable definition. Don't try to retrieve time zone information using gettimeofday(), as it's not needed, and introduces possible failure modes. - Don't perform byte order transformations on the addr/machine fields of the terminal ID that appears in the process32/subject32 tokens. These are assumed to be IP addresses, and as such, to be in network byte order. - Universally, APIs now assume that IP addresses and ports are provided in network byte order. APIs now generally provide these types in network byte order when decoding. - Beginnings of an OpenBSM test framework can now be found in openbsm/test. This code is not built or installed by default. - auditd now assigns more appropriate syslog levels to its debugging and error information. - Support for audit filters introduced: audit filters are dynamically loaded shared objects that run in the context of a new daemon, auditfilterd. The daemon reads from an audit pipe and feeds both BSM and parsed versions of records to shared objects using a module API. This will provide a framework for the writing of intrusion detection services. - New utility API, audit_submit(), added to capture common elements of audit record submission for many applications. Obtained from: TrustedBSD Project
2006-06-05 10:52:12 +00:00
auditfilterd \
Vendor branch import of TrustedBSD OpenBSM 1.0 alpha 5: - Update install notes to indicate /etc files are to be installed manually. - On systems without LOG_SECURITY, use LOG_AUTH. - Convert to autoconf/automake in order to move to a more portable (not BSD-specific) build infrastructure, and more easy conditional building of components. Currently, the primary feature loss is that automake does not have native support for manual symlinks. This will be addressed in a future OpenBSM release. - Add compat/queue.h, to be used on systems dated BSD queue macro libraries (as found on Linux). - Rename CHANGELOG to HISTORY, as our change log doesn't follow some of the existing conventions for a CHANGELOG. - Some private data structures moved from audit.h to audit_internal.h to prevent inappropriate use by applications and name space pollution. - Improved detection and use of endian macros using autoconf. - Avoid non-portable use of struct in6_addr, which is largely opaque. - Avoid leaking BSD kernel socket related token code to user space in bsm_token.c. - Teach System V IPC calls to look for Linux naming variations for certain struct ipc_perm fields. - Test for audit system calls, and if not present, don't build bsm_wrappers.c, bsm_notify.c, audit(8), and auditd(8), which rely on those system calls. - au_close() is not implemented on systems that don't have audit system calls, but au_close_buffer() is. - Work around missing BSDisms in bsm_wrapper.c. - Fix nested includes so including libbsm.h in an application on Linux picks up the necessary definitions. Obtained from: TrustedBSD Project
2006-03-04 16:45:52 +00:00
auditreduce \
praudit
if HAVE_AUDIT_SYSCALLS
SUBDIRS += \
audit \
auditd
endif
Reference in New Issue Copy Permalink