Vendor branch import of TrustedBSD OpenBSM 1.0 alpha 6:
- Use AU_TO_WRITE and AU_NO_TO_WRITE for the 'keep' argument to au_close(); previously we used hard-coded 0 and 1 values. - Add man page for au_open(), au_write(), au_close(), and au_close_buffer(). - Support a more complete range of data types for the arbitrary data token: add AUR_CHAR (alias to AUR_BYTE), remove AUR_LONG, add AUR_INT32 (alias to AUR_INT), add AUR_INT64. - Add au_close_token(), which allows writing a single token_t to a memory buffer. Not likely to be used much by applications, but useful for writing test tools. - Modify au_to_file() so that it accepts a timeval in user space, not just kernel -- this is not a Solaris BSM API so can be modified without causing compatibility issues. - Define a new API, au_to_header32_tm(), which adds a struct timeval argument to the ordinary au_to_header32(), which is now implemented by wrapping au_to_header32_tm() and calling gettimeofday(). #ifndef KERNEL the APIs that invoke gettimeofday(), rather than having a variable definition. Don't try to retrieve time zone information using gettimeofday(), as it's not needed, and introduces possible failure modes. - Don't perform byte order transformations on the addr/machine fields of the terminal ID that appears in the process32/subject32 tokens. These are assumed to be IP addresses, and as such, to be in network byte order. - Universally, APIs now assume that IP addresses and ports are provided in network byte order. APIs now generally provide these types in network byte order when decoding. - Beginnings of an OpenBSM test framework can now be found in openbsm/test. This code is not built or installed by default. - auditd now assigns more appropriate syslog levels to its debugging and error information. - Support for audit filters introduced: audit filters are dynamically loaded shared objects that run in the context of a new daemon, auditfilterd. The daemon reads from an audit pipe and feeds both BSM and parsed versions of records to shared objects using a module API. This will provide a framework for the writing of intrusion detection services. - New utility API, audit_submit(), added to capture common elements of audit record submission for many applications. Obtained from: TrustedBSD Project
This commit is contained in:
parent
3b97a967e1
commit
506764c6f6
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/vendor/openbsm/dist/; revision=159248
@ -1,3 +1,44 @@
|
|||||||
|
OpenBSM 1.0 alpha 6
|
||||||
|
|
||||||
|
- Use AU_TO_WRITE and AU_NO_TO_WRITE for the 'keep' argument to au_close();
|
||||||
|
previously we used hard-coded 0 and 1 values.
|
||||||
|
- Add man page for au_open(), au_write(), au_close(), and
|
||||||
|
au_close_buffer().
|
||||||
|
- Support a more complete range of data types for the arbitrary data token:
|
||||||
|
add AUR_CHAR (alias to AUR_BYTE), remove AUR_LONG, add AUR_INT32 (alias
|
||||||
|
to AUR_INT), add AUR_INT64.
|
||||||
|
- Add au_close_token(), which allows writing a single token_t to a memory
|
||||||
|
buffer. Not likely to be used much by applications, but useful for
|
||||||
|
writing test tools.
|
||||||
|
- Modify au_to_file() so that it accepts a timeval in user space, not just
|
||||||
|
kernel -- this is not a Solaris BSM API so can be modified without
|
||||||
|
causing compatibility issues.
|
||||||
|
- Define a new API, au_to_header32_tm(), which adds a struct timeval
|
||||||
|
argument to the ordinary au_to_header32(), which is now implemented by
|
||||||
|
wrapping au_to_header32_tm() and calling gettimeofday(). #ifndef KERNEL
|
||||||
|
the APIs that invoke gettimeofday(), rather than having a variable
|
||||||
|
definition. Don't try to retrieve time zone information using
|
||||||
|
gettimeofday(), as it's not needed, and introduces possible failure
|
||||||
|
modes.
|
||||||
|
- Don't perform byte order transformations on the addr/machine fields of
|
||||||
|
the terminal ID that appears in the process32/subject32 tokens. These
|
||||||
|
are assumed to be IP addresses, and as such, to be in network byte
|
||||||
|
order.
|
||||||
|
- Universally, APIs now assume that IP addresses and ports are provided
|
||||||
|
in network byte order. APIs now generally provide these types in
|
||||||
|
network byte order when decoding.
|
||||||
|
- Beginnings of an OpenBSM test framework can now be found in openbsm/test.
|
||||||
|
This code is not built or installed by default.
|
||||||
|
- auditd now assigns more appropriate syslog levels to its debugging and
|
||||||
|
error information.
|
||||||
|
- Support for audit filters introduced: audit filters are dynamically
|
||||||
|
loaded shared objects that run in the context of a new daemon,
|
||||||
|
auditfilterd. The daemon reads from an audit pipe and feeds both BSM and
|
||||||
|
parsed versions of records to shared objects using a module API. This
|
||||||
|
will provide a framework for the writing of intrusion detection services.
|
||||||
|
- New utility API, audit_submit(), added to capture common elements of audit
|
||||||
|
record submission for many applications.
|
||||||
|
|
||||||
OpenBSM 1.0 alpha 5
|
OpenBSM 1.0 alpha 5
|
||||||
|
|
||||||
- Update install notes to indicate /etc files are to be installed manually.
|
- Update install notes to indicate /etc files are to be installed manually.
|
||||||
@ -124,4 +165,4 @@ OpenBSM 1.0 alpha 1
|
|||||||
to support reloading of kernel event table.
|
to support reloading of kernel event table.
|
||||||
- Allow comments in /etc/security configuration files.
|
- Allow comments in /etc/security configuration files.
|
||||||
|
|
||||||
$P4: //depot/projects/trustedbsd/openbsm/HISTORY#2 $
|
$P4: //depot/projects/trustedbsd/openbsm/HISTORY#12 $
|
||||||
|
@ -1,12 +1,13 @@
|
|||||||
#
|
#
|
||||||
# $P4: //depot/projects/trustedbsd/openbsm/Makefile.am#1 $
|
# $P4: //depot/projects/trustedbsd/openbsm/Makefile.am#2 $
|
||||||
#
|
#
|
||||||
|
|
||||||
SUBDIRS = \
|
SUBDIRS = \
|
||||||
bsm \
|
bsm \
|
||||||
libbsm \
|
libbsm \
|
||||||
bin \
|
bin \
|
||||||
man
|
man \
|
||||||
|
modules
|
||||||
|
|
||||||
EXTRA_DIST = \
|
EXTRA_DIST = \
|
||||||
CHANGELOG \
|
CHANGELOG \
|
||||||
|
@ -15,7 +15,7 @@
|
|||||||
@SET_MAKE@
|
@SET_MAKE@
|
||||||
|
|
||||||
#
|
#
|
||||||
# $P4: //depot/projects/trustedbsd/openbsm/Makefile.in#3 $
|
# $P4: //depot/projects/trustedbsd/openbsm/Makefile.in#4 $
|
||||||
#
|
#
|
||||||
srcdir = @srcdir@
|
srcdir = @srcdir@
|
||||||
top_srcdir = @top_srcdir@
|
top_srcdir = @top_srcdir@
|
||||||
@ -181,7 +181,8 @@ SUBDIRS = \
|
|||||||
bsm \
|
bsm \
|
||||||
libbsm \
|
libbsm \
|
||||||
bin \
|
bin \
|
||||||
man
|
man \
|
||||||
|
modules
|
||||||
|
|
||||||
EXTRA_DIST = \
|
EXTRA_DIST = \
|
||||||
CHANGELOG \
|
CHANGELOG \
|
||||||
|
@ -27,7 +27,7 @@ POSIX-like systems.
|
|||||||
|
|
||||||
OpenBSM is currently built using autoconf and automake, which should allow
|
OpenBSM is currently built using autoconf and automake, which should allow
|
||||||
for building on a range of operating systems, including FreeBSD, Mac OS X,
|
for building on a range of operating systems, including FreeBSD, Mac OS X,
|
||||||
and Linux. Depending on the availability of audit facailities in the
|
and Linux. Depending on the availability of audit facilities in the
|
||||||
underlying operating system, some components that depend on kernel audit
|
underlying operating system, some components that depend on kernel audit
|
||||||
support are built conditionally. Typically, build will be performed using
|
support are built conditionally. Typically, build will be performed using
|
||||||
|
|
||||||
@ -95,4 +95,4 @@ Information on TrustedBSD may be found on the TrustedBSD home page:
|
|||||||
|
|
||||||
http://www.TrustedBSD.org/
|
http://www.TrustedBSD.org/
|
||||||
|
|
||||||
$P4: //depot/projects/trustedbsd/openbsm/README#16 $
|
$P4: //depot/projects/trustedbsd/openbsm/README#17 $
|
||||||
|
@ -13,5 +13,9 @@
|
|||||||
- It might be desirable to be able to provide EOPNOTSUPP system call stubs
|
- It might be desirable to be able to provide EOPNOTSUPP system call stubs
|
||||||
on systems that don't have the necessary audit system calls; that would
|
on systems that don't have the necessary audit system calls; that would
|
||||||
allow the full libbsm and tool set to build, just not run.
|
allow the full libbsm and tool set to build, just not run.
|
||||||
|
- Teach praudit how to begin printing at any point in a token stream, not
|
||||||
|
just at the beginning of a record. This will make it easier to use
|
||||||
|
praudit in test suites processing single-token files without header and
|
||||||
|
trailer context.
|
||||||
|
|
||||||
$P4: //depot/projects/trustedbsd/openbsm/TODO#5 $
|
$P4: //depot/projects/trustedbsd/openbsm/TODO#6 $
|
||||||
|
@ -1 +1 @@
|
|||||||
OPENBSM_1_0_ALPHA_3
|
OPENBSM_1_0_ALPHA_6
|
||||||
|
@ -1,8 +1,9 @@
|
|||||||
#
|
#
|
||||||
# $P4: //depot/projects/trustedbsd/openbsm/bin/Makefile.am#2 $
|
# $P4: //depot/projects/trustedbsd/openbsm/bin/Makefile.am#3 $
|
||||||
#
|
#
|
||||||
|
|
||||||
SUBDIRS = \
|
SUBDIRS = \
|
||||||
|
auditfilterd \
|
||||||
auditreduce \
|
auditreduce \
|
||||||
praudit
|
praudit
|
||||||
|
|
||||||
|
@ -15,7 +15,7 @@
|
|||||||
@SET_MAKE@
|
@SET_MAKE@
|
||||||
|
|
||||||
#
|
#
|
||||||
# $P4: //depot/projects/trustedbsd/openbsm/bin/Makefile.in#3 $
|
# $P4: //depot/projects/trustedbsd/openbsm/bin/Makefile.in#4 $
|
||||||
#
|
#
|
||||||
srcdir = @srcdir@
|
srcdir = @srcdir@
|
||||||
top_srcdir = @top_srcdir@
|
top_srcdir = @top_srcdir@
|
||||||
@ -62,7 +62,7 @@ RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \
|
|||||||
uninstall-recursive
|
uninstall-recursive
|
||||||
ETAGS = etags
|
ETAGS = etags
|
||||||
CTAGS = ctags
|
CTAGS = ctags
|
||||||
DIST_SUBDIRS = auditreduce praudit audit auditd
|
DIST_SUBDIRS = auditfilterd auditreduce praudit audit auditd
|
||||||
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
|
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
|
||||||
ACLOCAL = @ACLOCAL@
|
ACLOCAL = @ACLOCAL@
|
||||||
AMDEP_FALSE = @AMDEP_FALSE@
|
AMDEP_FALSE = @AMDEP_FALSE@
|
||||||
@ -165,7 +165,7 @@ sbindir = @sbindir@
|
|||||||
sharedstatedir = @sharedstatedir@
|
sharedstatedir = @sharedstatedir@
|
||||||
sysconfdir = @sysconfdir@
|
sysconfdir = @sysconfdir@
|
||||||
target_alias = @target_alias@
|
target_alias = @target_alias@
|
||||||
SUBDIRS = auditreduce praudit $(am__append_1)
|
SUBDIRS = auditfilterd auditreduce praudit $(am__append_1)
|
||||||
all: all-recursive
|
all: all-recursive
|
||||||
|
|
||||||
.SUFFIXES:
|
.SUFFIXES:
|
||||||
|
@ -30,7 +30,7 @@
|
|||||||
*
|
*
|
||||||
* @APPLE_BSD_LICENSE_HEADER_END@
|
* @APPLE_BSD_LICENSE_HEADER_END@
|
||||||
*
|
*
|
||||||
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#13 $
|
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#16 $
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <sys/types.h>
|
#include <sys/types.h>
|
||||||
@ -44,6 +44,7 @@
|
|||||||
#include <bsm/audit_uevents.h>
|
#include <bsm/audit_uevents.h>
|
||||||
#include <bsm/libbsm.h>
|
#include <bsm/libbsm.h>
|
||||||
|
|
||||||
|
#include <err.h>
|
||||||
#include <errno.h>
|
#include <errno.h>
|
||||||
#include <fcntl.h>
|
#include <fcntl.h>
|
||||||
#include <grp.h>
|
#include <grp.h>
|
||||||
@ -63,6 +64,7 @@ static int ret, minval;
|
|||||||
static char *lastfile = NULL;
|
static char *lastfile = NULL;
|
||||||
static int allhardcount = 0;
|
static int allhardcount = 0;
|
||||||
static int triggerfd = 0;
|
static int triggerfd = 0;
|
||||||
|
static int sigchlds, sigchlds_handled;
|
||||||
static int sighups, sighups_handled;
|
static int sighups, sighups_handled;
|
||||||
static int sigterms, sigterms_handled;
|
static int sigterms, sigterms_handled;
|
||||||
static long global_flags;
|
static long global_flags;
|
||||||
@ -127,7 +129,7 @@ affixdir(char *name, struct dir_ent *dirent)
|
|||||||
const char *sep = "/";
|
const char *sep = "/";
|
||||||
|
|
||||||
curdir = dirent->dirname;
|
curdir = dirent->dirname;
|
||||||
syslog(LOG_INFO, "dir = %s\n", dirent->dirname);
|
syslog(LOG_DEBUG, "dir = %s", dirent->dirname);
|
||||||
|
|
||||||
fn = malloc(strlen(curdir) + strlen(sep) + (2 * POSTFIX_LEN) + 1);
|
fn = malloc(strlen(curdir) + strlen(sep) + (2 * POSTFIX_LEN) + 1);
|
||||||
if (fn == NULL)
|
if (fn == NULL)
|
||||||
@ -158,10 +160,10 @@ close_lastfile(char *TS)
|
|||||||
*ptr = '.';
|
*ptr = '.';
|
||||||
strcpy(ptr+1, TS);
|
strcpy(ptr+1, TS);
|
||||||
if (rename(oldname, lastfile) != 0)
|
if (rename(oldname, lastfile) != 0)
|
||||||
syslog(LOG_ERR, "Could not rename %s to %s \n",
|
syslog(LOG_ERR, "Could not rename %s to %s",
|
||||||
oldname, lastfile);
|
oldname, lastfile);
|
||||||
else
|
else
|
||||||
syslog(LOG_INFO, "renamed %s to %s \n",
|
syslog(LOG_INFO, "renamed %s to %s",
|
||||||
oldname, lastfile);
|
oldname, lastfile);
|
||||||
}
|
}
|
||||||
free(lastfile);
|
free(lastfile);
|
||||||
@ -241,7 +243,7 @@ swap_audit_file(void)
|
|||||||
/* Try until we succeed. */
|
/* Try until we succeed. */
|
||||||
while ((dirent = TAILQ_FIRST(&dir_q))) {
|
while ((dirent = TAILQ_FIRST(&dir_q))) {
|
||||||
if ((fn = affixdir(timestr, dirent)) == NULL) {
|
if ((fn = affixdir(timestr, dirent)) == NULL) {
|
||||||
syslog(LOG_INFO, "Failed to swap log at time %s\n",
|
syslog(LOG_INFO, "Failed to swap log at time %s",
|
||||||
timestr);
|
timestr);
|
||||||
return (-1);
|
return (-1);
|
||||||
}
|
}
|
||||||
@ -250,7 +252,7 @@ swap_audit_file(void)
|
|||||||
* Create and open the file; then close and pass to the
|
* Create and open the file; then close and pass to the
|
||||||
* kernel if all went well.
|
* kernel if all went well.
|
||||||
*/
|
*/
|
||||||
syslog(LOG_INFO, "New audit file is %s\n", fn);
|
syslog(LOG_INFO, "New audit file is %s", fn);
|
||||||
#ifdef AUDIT_REVIEW_GROUP
|
#ifdef AUDIT_REVIEW_GROUP
|
||||||
fd = open_trail(fn, uid, gid);
|
fd = open_trail(fn, uid, gid);
|
||||||
#else
|
#else
|
||||||
@ -262,7 +264,7 @@ swap_audit_file(void)
|
|||||||
error = auditctl(fn);
|
error = auditctl(fn);
|
||||||
if (error) {
|
if (error) {
|
||||||
syslog(LOG_ERR,
|
syslog(LOG_ERR,
|
||||||
"auditctl failed setting log file! : %s\n",
|
"auditctl failed setting log file! : %s",
|
||||||
strerror(errno));
|
strerror(errno));
|
||||||
close(fd);
|
close(fd);
|
||||||
} else {
|
} else {
|
||||||
@ -284,7 +286,7 @@ swap_audit_file(void)
|
|||||||
free(dirent->dirname);
|
free(dirent->dirname);
|
||||||
free(dirent);
|
free(dirent);
|
||||||
}
|
}
|
||||||
syslog(LOG_INFO, "Log directories exhausted\n");
|
syslog(LOG_ERR, "Log directories exhausted\n");
|
||||||
return (-1);
|
return (-1);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -326,7 +328,7 @@ read_control_file(void)
|
|||||||
|
|
||||||
allhardcount = 0;
|
allhardcount = 0;
|
||||||
if (swap_audit_file() == -1) {
|
if (swap_audit_file() == -1) {
|
||||||
syslog(LOG_ERR, "Could not swap audit file\n");
|
syslog(LOG_ERR, "Could not swap audit file");
|
||||||
/*
|
/*
|
||||||
* XXX Faulty directory listing? - user should be given
|
* XXX Faulty directory listing? - user should be given
|
||||||
* XXX an opportunity to change the audit_control file
|
* XXX an opportunity to change the audit_control file
|
||||||
@ -341,16 +343,16 @@ read_control_file(void)
|
|||||||
* XXX is generated here?
|
* XXX is generated here?
|
||||||
*/
|
*/
|
||||||
if (0 == (ret = getacmin(&minval))) {
|
if (0 == (ret = getacmin(&minval))) {
|
||||||
syslog(LOG_INFO, "min free = %d\n", minval);
|
syslog(LOG_DEBUG, "min free = %d\n", minval);
|
||||||
if (auditon(A_GETQCTRL, &qctrl, sizeof(qctrl)) != 0) {
|
if (auditon(A_GETQCTRL, &qctrl, sizeof(qctrl)) != 0) {
|
||||||
syslog(LOG_ERR,
|
syslog(LOG_ERR,
|
||||||
"could not get audit queue settings\n");
|
"could not get audit queue settings");
|
||||||
return (-1);
|
return (-1);
|
||||||
}
|
}
|
||||||
qctrl.aq_minfree = minval;
|
qctrl.aq_minfree = minval;
|
||||||
if (auditon(A_SETQCTRL, &qctrl, sizeof(qctrl)) != 0) {
|
if (auditon(A_SETQCTRL, &qctrl, sizeof(qctrl)) != 0) {
|
||||||
syslog(LOG_ERR,
|
syslog(LOG_ERR,
|
||||||
"could not set audit queue settings\n");
|
"could not set audit queue settings");
|
||||||
return (-1);
|
return (-1);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -372,20 +374,20 @@ close_all(void)
|
|||||||
|
|
||||||
/* Generate an audit record. */
|
/* Generate an audit record. */
|
||||||
if ((aufd = au_open()) == -1)
|
if ((aufd = au_open()) == -1)
|
||||||
syslog(LOG_ERR, "Could not create audit shutdown event.\n");
|
syslog(LOG_ERR, "Could not create audit shutdown event.");
|
||||||
else {
|
else {
|
||||||
if ((tok = au_to_text("auditd::Audit shutdown")) != NULL)
|
if ((tok = au_to_text("auditd::Audit shutdown")) != NULL)
|
||||||
au_write(aufd, tok);
|
au_write(aufd, tok);
|
||||||
if (au_close(aufd, 1, AUE_audit_shutdown) == -1)
|
if (au_close(aufd, 1, AUE_audit_shutdown) == -1)
|
||||||
syslog(LOG_ERR,
|
syslog(LOG_ERR,
|
||||||
"Could not close audit shutdown event.\n");
|
"Could not close audit shutdown event.");
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Flush contents. */
|
/* Flush contents. */
|
||||||
cond = AUC_DISABLED;
|
cond = AUC_DISABLED;
|
||||||
err_ret = auditon(A_SETCOND, &cond, sizeof(cond));
|
err_ret = auditon(A_SETCOND, &cond, sizeof(cond));
|
||||||
if (err_ret != 0) {
|
if (err_ret != 0) {
|
||||||
syslog(LOG_ERR, "Disabling audit failed! : %s\n",
|
syslog(LOG_ERR, "Disabling audit failed! : %s",
|
||||||
strerror(errno));
|
strerror(errno));
|
||||||
err_ret = 1;
|
err_ret = 1;
|
||||||
}
|
}
|
||||||
@ -396,15 +398,15 @@ close_all(void)
|
|||||||
|
|
||||||
free_dir_q();
|
free_dir_q();
|
||||||
if ((remove(AUDITD_PIDFILE) == -1) || err_ret) {
|
if ((remove(AUDITD_PIDFILE) == -1) || err_ret) {
|
||||||
syslog(LOG_ERR, "Could not unregister\n");
|
syslog(LOG_ERR, "Could not unregister");
|
||||||
audit_warn_postsigterm();
|
audit_warn_postsigterm();
|
||||||
return (1);
|
return (1);
|
||||||
}
|
}
|
||||||
endac();
|
endac();
|
||||||
|
|
||||||
if (close(triggerfd) != 0)
|
if (close(triggerfd) != 0)
|
||||||
syslog(LOG_ERR, "Error closing control file\n");
|
syslog(LOG_ERR, "Error closing control file");
|
||||||
syslog(LOG_INFO, "Finished.\n");
|
syslog(LOG_INFO, "Finished");
|
||||||
return (0);
|
return (0);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -422,6 +424,8 @@ relay_signal(int signal)
|
|||||||
sighups++;
|
sighups++;
|
||||||
if (signal == SIGTERM)
|
if (signal == SIGTERM)
|
||||||
sigterms++;
|
sigterms++;
|
||||||
|
if (signal == SIGCHLD)
|
||||||
|
sigchlds++;
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -437,23 +441,22 @@ register_daemon(void)
|
|||||||
/* Set up the signal hander. */
|
/* Set up the signal hander. */
|
||||||
if (signal(SIGTERM, relay_signal) == SIG_ERR) {
|
if (signal(SIGTERM, relay_signal) == SIG_ERR) {
|
||||||
syslog(LOG_ERR,
|
syslog(LOG_ERR,
|
||||||
"Could not set signal handler for SIGTERM\n");
|
"Could not set signal handler for SIGTERM");
|
||||||
fail_exit();
|
fail_exit();
|
||||||
}
|
}
|
||||||
if (signal(SIGCHLD, relay_signal) == SIG_ERR) {
|
if (signal(SIGCHLD, relay_signal) == SIG_ERR) {
|
||||||
syslog(LOG_ERR,
|
syslog(LOG_ERR,
|
||||||
"Could not set signal handler for SIGCHLD\n");
|
"Could not set signal handler for SIGCHLD");
|
||||||
fail_exit();
|
fail_exit();
|
||||||
}
|
}
|
||||||
if (signal(SIGHUP, relay_signal) == SIG_ERR) {
|
if (signal(SIGHUP, relay_signal) == SIG_ERR) {
|
||||||
syslog(LOG_ERR,
|
syslog(LOG_ERR,
|
||||||
"Could not set signal handler for SIGHUP\n");
|
"Could not set signal handler for SIGHUP");
|
||||||
fail_exit();
|
fail_exit();
|
||||||
}
|
}
|
||||||
|
|
||||||
if ((pidfile = fopen(AUDITD_PIDFILE, "a")) == NULL) {
|
if ((pidfile = fopen(AUDITD_PIDFILE, "a")) == NULL) {
|
||||||
syslog(LOG_ERR,
|
syslog(LOG_ERR, "Could not open PID file");
|
||||||
"Could not open PID file\n");
|
|
||||||
audit_warn_tmpfile();
|
audit_warn_tmpfile();
|
||||||
return (-1);
|
return (-1);
|
||||||
}
|
}
|
||||||
@ -462,7 +465,7 @@ register_daemon(void)
|
|||||||
fd = fileno(pidfile);
|
fd = fileno(pidfile);
|
||||||
if (flock(fd, LOCK_EX | LOCK_NB) < 0) {
|
if (flock(fd, LOCK_EX | LOCK_NB) < 0) {
|
||||||
syslog(LOG_ERR,
|
syslog(LOG_ERR,
|
||||||
"PID file is locked (is another auditd running?).\n");
|
"PID file is locked (is another auditd running?).");
|
||||||
audit_warn_ebusy();
|
audit_warn_ebusy();
|
||||||
return (-1);
|
return (-1);
|
||||||
}
|
}
|
||||||
@ -490,7 +493,6 @@ handle_audit_trigger(int trigger)
|
|||||||
static int last_trigger;
|
static int last_trigger;
|
||||||
static time_t last_time;
|
static time_t last_time;
|
||||||
struct dir_ent *dirent;
|
struct dir_ent *dirent;
|
||||||
int rc;
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Suppres duplicate messages from the kernel within the specified
|
* Suppres duplicate messages from the kernel within the specified
|
||||||
@ -516,7 +518,7 @@ handle_audit_trigger(int trigger)
|
|||||||
switch(trigger) {
|
switch(trigger) {
|
||||||
|
|
||||||
case AUDIT_TRIGGER_LOW_SPACE:
|
case AUDIT_TRIGGER_LOW_SPACE:
|
||||||
syslog(LOG_INFO, "Got low space trigger\n");
|
syslog(LOG_INFO, "Got low space trigger");
|
||||||
if (dirent && (dirent->softlim != 1)) {
|
if (dirent && (dirent->softlim != 1)) {
|
||||||
TAILQ_REMOVE(&dir_q, dirent, dirs);
|
TAILQ_REMOVE(&dir_q, dirent, dirs);
|
||||||
/* Add this node to the end of the list. */
|
/* Add this node to the end of the list. */
|
||||||
@ -526,7 +528,7 @@ handle_audit_trigger(int trigger)
|
|||||||
|
|
||||||
if (TAILQ_NEXT(TAILQ_FIRST(&dir_q), dirs) != NULL &&
|
if (TAILQ_NEXT(TAILQ_FIRST(&dir_q), dirs) != NULL &&
|
||||||
swap_audit_file() == -1)
|
swap_audit_file() == -1)
|
||||||
syslog(LOG_ERR, "Error swapping audit file\n");
|
syslog(LOG_ERR, "Error swapping audit file");
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Check if the next dir has already reached its soft
|
* Check if the next dir has already reached its soft
|
||||||
@ -548,7 +550,7 @@ handle_audit_trigger(int trigger)
|
|||||||
break;
|
break;
|
||||||
|
|
||||||
case AUDIT_TRIGGER_NO_SPACE:
|
case AUDIT_TRIGGER_NO_SPACE:
|
||||||
syslog(LOG_INFO, "Got no space trigger\n");
|
syslog(LOG_INFO, "Got no space trigger");
|
||||||
|
|
||||||
/* Delete current dir, go on to next. */
|
/* Delete current dir, go on to next. */
|
||||||
TAILQ_REMOVE(&dir_q, dirent, dirs);
|
TAILQ_REMOVE(&dir_q, dirent, dirs);
|
||||||
@ -557,7 +559,7 @@ handle_audit_trigger(int trigger)
|
|||||||
free(dirent);
|
free(dirent);
|
||||||
|
|
||||||
if (swap_audit_file() == -1)
|
if (swap_audit_file() == -1)
|
||||||
syslog(LOG_ERR, "Error swapping audit file\n");
|
syslog(LOG_ERR, "Error swapping audit file");
|
||||||
|
|
||||||
/* We are out of log directories. */
|
/* We are out of log directories. */
|
||||||
audit_warn_allhard(++allhardcount);
|
audit_warn_allhard(++allhardcount);
|
||||||
@ -568,21 +570,21 @@ handle_audit_trigger(int trigger)
|
|||||||
* Create a new file and swap with the one being used in
|
* Create a new file and swap with the one being used in
|
||||||
* kernel
|
* kernel
|
||||||
*/
|
*/
|
||||||
syslog(LOG_INFO, "Got open new trigger\n");
|
syslog(LOG_INFO, "Got open new trigger");
|
||||||
if (swap_audit_file() == -1)
|
if (swap_audit_file() == -1)
|
||||||
syslog(LOG_ERR, "Error swapping audit file\n");
|
syslog(LOG_ERR, "Error swapping audit file");
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case AUDIT_TRIGGER_READ_FILE:
|
case AUDIT_TRIGGER_READ_FILE:
|
||||||
syslog(LOG_INFO, "Got read file trigger\n");
|
syslog(LOG_INFO, "Got read file trigger");
|
||||||
if (read_control_file() == -1)
|
if (read_control_file() == -1)
|
||||||
syslog(LOG_ERR, "Error in audit control file\n");
|
syslog(LOG_ERR, "Error in audit control file");
|
||||||
if (config_audit_controls() == -1)
|
if (config_audit_controls() == -1)
|
||||||
syslog(LOG_ERR, "Error setting audit controls\n");
|
syslog(LOG_ERR, "Error setting audit controls");
|
||||||
break;
|
break;
|
||||||
|
|
||||||
default:
|
default:
|
||||||
syslog(LOG_ERR, "Got unknown trigger %d\n", trigger);
|
syslog(LOG_ERR, "Got unknown trigger %d", trigger);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -595,44 +597,6 @@ handle_sighup(void)
|
|||||||
config_audit_controls();
|
config_audit_controls();
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
|
||||||
* Read the control file for triggers and handle appropriately.
|
|
||||||
*/
|
|
||||||
static int
|
|
||||||
wait_for_triggers(void)
|
|
||||||
{
|
|
||||||
int num;
|
|
||||||
unsigned int trigger;
|
|
||||||
|
|
||||||
for (;;) {
|
|
||||||
num = read(triggerfd, &trigger, sizeof(trigger));
|
|
||||||
if ((num == -1) && (errno != EINTR)) {
|
|
||||||
syslog(LOG_ERR, "%s: error %d\n", __FUNCTION__, errno);
|
|
||||||
return (-1);
|
|
||||||
}
|
|
||||||
if (sigterms != sigterms_handled) {
|
|
||||||
syslog(LOG_INFO, "%s: SIGTERM", __FUNCTION__);
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
if (sighups != sighups_handled) {
|
|
||||||
syslog(LOG_INFO, "%s: SIGHUP", __FUNCTION__);
|
|
||||||
handle_sighup();
|
|
||||||
}
|
|
||||||
if ((num == -1) && (errno == EINTR))
|
|
||||||
continue;
|
|
||||||
if (num == 0) {
|
|
||||||
syslog(LOG_INFO, "%s: read EOF\n", __FUNCTION__);
|
|
||||||
return (-1);
|
|
||||||
}
|
|
||||||
syslog(LOG_INFO, "%s: read %d\n", __FUNCTION__, trigger);
|
|
||||||
if (trigger == AUDIT_TRIGGER_CLOSE_AND_DIE)
|
|
||||||
break;
|
|
||||||
else
|
|
||||||
handle_audit_trigger(trigger);
|
|
||||||
}
|
|
||||||
return (close_all());
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Reap our children.
|
* Reap our children.
|
||||||
*/
|
*/
|
||||||
@ -645,7 +609,7 @@ reap_children(void)
|
|||||||
while ((child = waitpid(-1, &wstatus, WNOHANG)) > 0) {
|
while ((child = waitpid(-1, &wstatus, WNOHANG)) > 0) {
|
||||||
if (!wstatus)
|
if (!wstatus)
|
||||||
continue;
|
continue;
|
||||||
syslog(LOG_INFO, "warn process [pid=%d] %s %d.\n", child,
|
syslog(LOG_INFO, "warn process [pid=%d] %s %d.", child,
|
||||||
((WIFEXITED(wstatus)) ? "exited with non-zero status" :
|
((WIFEXITED(wstatus)) ? "exited with non-zero status" :
|
||||||
"exited as a result of signal"),
|
"exited as a result of signal"),
|
||||||
((WIFEXITED(wstatus)) ? WEXITSTATUS(wstatus) :
|
((WIFEXITED(wstatus)) ? WEXITSTATUS(wstatus) :
|
||||||
@ -653,6 +617,56 @@ reap_children(void)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static void
|
||||||
|
handle_sigchld(void)
|
||||||
|
{
|
||||||
|
|
||||||
|
sigchlds_handled = sigchlds;
|
||||||
|
reap_children();
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Read the control file for triggers/signals and handle appropriately.
|
||||||
|
*/
|
||||||
|
static int
|
||||||
|
wait_for_events(void)
|
||||||
|
{
|
||||||
|
int num;
|
||||||
|
unsigned int trigger;
|
||||||
|
|
||||||
|
for (;;) {
|
||||||
|
num = read(triggerfd, &trigger, sizeof(trigger));
|
||||||
|
if ((num == -1) && (errno != EINTR)) {
|
||||||
|
syslog(LOG_ERR, "%s: error %d", __FUNCTION__, errno);
|
||||||
|
return (-1);
|
||||||
|
}
|
||||||
|
if (sigterms != sigterms_handled) {
|
||||||
|
syslog(LOG_DEBUG, "%s: SIGTERM", __FUNCTION__);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
if (sigchlds != sigchlds_handled) {
|
||||||
|
syslog(LOG_DEBUG, "%s: SIGCHLD", __FUNCTION__);
|
||||||
|
handle_sigchld();
|
||||||
|
}
|
||||||
|
if (sighups != sighups_handled) {
|
||||||
|
syslog(LOG_DEBUG, "%s: SIGHUP", __FUNCTION__);
|
||||||
|
handle_sighup();
|
||||||
|
}
|
||||||
|
if ((num == -1) && (errno == EINTR))
|
||||||
|
continue;
|
||||||
|
if (num == 0) {
|
||||||
|
syslog(LOG_ERR, "%s: read EOF", __FUNCTION__);
|
||||||
|
return (-1);
|
||||||
|
}
|
||||||
|
syslog(LOG_DEBUG, "%s: read %d", __FUNCTION__, trigger);
|
||||||
|
if (trigger == AUDIT_TRIGGER_CLOSE_AND_DIE)
|
||||||
|
break;
|
||||||
|
else
|
||||||
|
handle_audit_trigger(trigger);
|
||||||
|
}
|
||||||
|
return (close_all());
|
||||||
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Configure the audit controls in the kernel: the event to class mapping,
|
* Configure the audit controls in the kernel: the event to class mapping,
|
||||||
* kernel preselection mask, etc.
|
* kernel preselection mask, etc.
|
||||||
@ -700,7 +714,7 @@ config_audit_controls(void)
|
|||||||
if (ctr == 0)
|
if (ctr == 0)
|
||||||
syslog(LOG_ERR, "No events to class mappings registered.");
|
syslog(LOG_ERR, "No events to class mappings registered.");
|
||||||
else
|
else
|
||||||
syslog(LOG_INFO, "Registered %d event to class mappings.",
|
syslog(LOG_DEBUG, "Registered %d event to class mappings.",
|
||||||
ctr);
|
ctr);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -713,7 +727,7 @@ config_audit_controls(void)
|
|||||||
syslog(LOG_ERR,
|
syslog(LOG_ERR,
|
||||||
"Failed to register non-attributable event mask.");
|
"Failed to register non-attributable event mask.");
|
||||||
else
|
else
|
||||||
syslog(LOG_INFO,
|
syslog(LOG_DEBUG,
|
||||||
"Registered non-attributable event mask.");
|
"Registered non-attributable event mask.");
|
||||||
} else
|
} else
|
||||||
syslog(LOG_ERR,
|
syslog(LOG_ERR,
|
||||||
@ -731,35 +745,53 @@ config_audit_controls(void)
|
|||||||
static void
|
static void
|
||||||
setup(void)
|
setup(void)
|
||||||
{
|
{
|
||||||
|
auditinfo_t auinfo;
|
||||||
int aufd;
|
int aufd;
|
||||||
token_t *tok;
|
token_t *tok;
|
||||||
|
|
||||||
if ((triggerfd = open(AUDIT_TRIGGER_FILE, O_RDONLY, 0)) < 0) {
|
if ((triggerfd = open(AUDIT_TRIGGER_FILE, O_RDONLY, 0)) < 0) {
|
||||||
syslog(LOG_ERR, "Error opening trigger file\n");
|
syslog(LOG_ERR, "Error opening trigger file");
|
||||||
|
fail_exit();
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* To provide event feedback cycles and avoid auditd becoming
|
||||||
|
* stalled if auditing is suspended, auditd and its children run
|
||||||
|
* without their events being audited. We allow the uid, tid, and
|
||||||
|
* mask fields to be implicitly set to zero, but do set the pid. We
|
||||||
|
* run this after opening the trigger device to avoid configuring
|
||||||
|
* audit state without audit present in the system.
|
||||||
|
*
|
||||||
|
* XXXRW: Is there more to it than this?
|
||||||
|
*/
|
||||||
|
bzero(&auinfo, sizeof(auinfo));
|
||||||
|
auinfo.ai_asid = getpid();
|
||||||
|
if (setaudit(&auinfo) == -1) {
|
||||||
|
syslog(LOG_ERR, "Error setting audit stat");
|
||||||
fail_exit();
|
fail_exit();
|
||||||
}
|
}
|
||||||
|
|
||||||
TAILQ_INIT(&dir_q);
|
TAILQ_INIT(&dir_q);
|
||||||
if (read_control_file() == -1) {
|
if (read_control_file() == -1) {
|
||||||
syslog(LOG_ERR, "Error reading control file\n");
|
syslog(LOG_ERR, "Error reading control file");
|
||||||
fail_exit();
|
fail_exit();
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Generate an audit record. */
|
/* Generate an audit record. */
|
||||||
if ((aufd = au_open()) == -1)
|
if ((aufd = au_open()) == -1)
|
||||||
syslog(LOG_ERR, "Could not create audit startup event.\n");
|
syslog(LOG_ERR, "Could not create audit startup event.");
|
||||||
else {
|
else {
|
||||||
if ((tok = au_to_text("auditd::Audit startup")) != NULL)
|
if ((tok = au_to_text("auditd::Audit startup")) != NULL)
|
||||||
au_write(aufd, tok);
|
au_write(aufd, tok);
|
||||||
if (au_close(aufd, 1, AUE_audit_startup) == -1)
|
if (au_close(aufd, 1, AUE_audit_startup) == -1)
|
||||||
syslog(LOG_ERR,
|
syslog(LOG_ERR,
|
||||||
"Could not close audit startup event.\n");
|
"Could not close audit startup event.");
|
||||||
}
|
}
|
||||||
|
|
||||||
if (config_audit_controls() == 0)
|
if (config_audit_controls() == 0)
|
||||||
syslog(LOG_INFO, "Audit controls init successful\n");
|
syslog(LOG_INFO, "Audit controls init successful");
|
||||||
else
|
else
|
||||||
syslog(LOG_INFO, "Audit controls init failed\n");
|
syslog(LOG_ERR, "Audit controls init failed");
|
||||||
}
|
}
|
||||||
|
|
||||||
int
|
int
|
||||||
@ -800,22 +832,22 @@ main(int argc, char **argv)
|
|||||||
#else
|
#else
|
||||||
openlog("auditd", LOG_CONS | LOG_PID, LOG_AUTH);
|
openlog("auditd", LOG_CONS | LOG_PID, LOG_AUTH);
|
||||||
#endif
|
#endif
|
||||||
syslog(LOG_INFO, "starting...\n");
|
syslog(LOG_INFO, "starting...");
|
||||||
|
|
||||||
if (debug == 0 && daemon(0, 0) == -1) {
|
if (debug == 0 && daemon(0, 0) == -1) {
|
||||||
syslog(LOG_ERR, "Failed to daemonize\n");
|
syslog(LOG_ERR, "Failed to daemonize");
|
||||||
exit(1);
|
exit(1);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (register_daemon() == -1) {
|
if (register_daemon() == -1) {
|
||||||
syslog(LOG_ERR, "Could not register as daemon\n");
|
syslog(LOG_ERR, "Could not register as daemon");
|
||||||
exit(1);
|
exit(1);
|
||||||
}
|
}
|
||||||
|
|
||||||
setup();
|
setup();
|
||||||
|
|
||||||
rc = wait_for_triggers();
|
rc = wait_for_events();
|
||||||
syslog(LOG_INFO, "auditd exiting.\n");
|
syslog(LOG_INFO, "auditd exiting.");
|
||||||
|
|
||||||
exit(rc);
|
exit(rc);
|
||||||
}
|
}
|
||||||
|
10
contrib/openbsm/bin/auditfilterd/Makefile.am
Normal file
10
contrib/openbsm/bin/auditfilterd/Makefile.am
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
#
|
||||||
|
# $P4: //depot/projects/trustedbsd/openbsm/bin/auditfilterd/Makefile.am#1 $
|
||||||
|
#
|
||||||
|
|
||||||
|
INCLUDES = -I$(top_srcdir)
|
||||||
|
|
||||||
|
sbin_PROGRAMS = auditfilterd
|
||||||
|
auditfilterd_SOURCES = auditfilterd_conf.c auditfilterd.c
|
||||||
|
auditfilterd_LDADD = $(top_builddir)/libbsm/libbsm.la
|
||||||
|
man8_MANS = auditfilterd.8
|
508
contrib/openbsm/bin/auditfilterd/Makefile.in
Normal file
508
contrib/openbsm/bin/auditfilterd/Makefile.in
Normal file
@ -0,0 +1,508 @@
|
|||||||
|
# Makefile.in generated by automake 1.9.6 from Makefile.am.
|
||||||
|
# @configure_input@
|
||||||
|
|
||||||
|
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
|
||||||
|
# 2003, 2004, 2005 Free Software Foundation, Inc.
|
||||||
|
# This Makefile.in is free software; the Free Software Foundation
|
||||||
|
# gives unlimited permission to copy and/or distribute it,
|
||||||
|
# with or without modifications, as long as this notice is preserved.
|
||||||
|
|
||||||
|
# This program is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
|
||||||
|
# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
|
||||||
|
# PARTICULAR PURPOSE.
|
||||||
|
|
||||||
|
@SET_MAKE@
|
||||||
|
|
||||||
|
#
|
||||||
|
# $P4: //depot/projects/trustedbsd/openbsm/bin/auditfilterd/Makefile.in#1 $
|
||||||
|
#
|
||||||
|
|
||||||
|
srcdir = @srcdir@
|
||||||
|
top_srcdir = @top_srcdir@
|
||||||
|
VPATH = @srcdir@
|
||||||
|
pkgdatadir = $(datadir)/@PACKAGE@
|
||||||
|
pkglibdir = $(libdir)/@PACKAGE@
|
||||||
|
pkgincludedir = $(includedir)/@PACKAGE@
|
||||||
|
top_builddir = ../..
|
||||||
|
am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
|
||||||
|
INSTALL = @INSTALL@
|
||||||
|
install_sh_DATA = $(install_sh) -c -m 644
|
||||||
|
install_sh_PROGRAM = $(install_sh) -c
|
||||||
|
install_sh_SCRIPT = $(install_sh) -c
|
||||||
|
INSTALL_HEADER = $(INSTALL_DATA)
|
||||||
|
transform = $(program_transform_name)
|
||||||
|
NORMAL_INSTALL = :
|
||||||
|
PRE_INSTALL = :
|
||||||
|
POST_INSTALL = :
|
||||||
|
NORMAL_UNINSTALL = :
|
||||||
|
PRE_UNINSTALL = :
|
||||||
|
POST_UNINSTALL = :
|
||||||
|
build_triplet = @build@
|
||||||
|
host_triplet = @host@
|
||||||
|
sbin_PROGRAMS = auditfilterd$(EXEEXT)
|
||||||
|
subdir = bin/auditfilterd
|
||||||
|
DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
|
||||||
|
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
|
||||||
|
am__aclocal_m4_deps = $(top_srcdir)/configure.ac
|
||||||
|
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
|
||||||
|
$(ACLOCAL_M4)
|
||||||
|
mkinstalldirs = $(install_sh) -d
|
||||||
|
CONFIG_HEADER = $(top_builddir)/config/config.h
|
||||||
|
CONFIG_CLEAN_FILES =
|
||||||
|
am__installdirs = "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(man8dir)"
|
||||||
|
sbinPROGRAMS_INSTALL = $(INSTALL_PROGRAM)
|
||||||
|
PROGRAMS = $(sbin_PROGRAMS)
|
||||||
|
am_auditfilterd_OBJECTS = auditfilterd_conf.$(OBJEXT) \
|
||||||
|
auditfilterd.$(OBJEXT)
|
||||||
|
auditfilterd_OBJECTS = $(am_auditfilterd_OBJECTS)
|
||||||
|
auditfilterd_DEPENDENCIES = $(top_builddir)/libbsm/libbsm.la
|
||||||
|
DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/config
|
||||||
|
depcomp = $(SHELL) $(top_srcdir)/config/depcomp
|
||||||
|
am__depfiles_maybe = depfiles
|
||||||
|
COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
|
||||||
|
$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
|
||||||
|
LTCOMPILE = $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) \
|
||||||
|
$(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \
|
||||||
|
$(AM_CFLAGS) $(CFLAGS)
|
||||||
|
CCLD = $(CC)
|
||||||
|
LINK = $(LIBTOOL) --tag=CC --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
|
||||||
|
$(AM_LDFLAGS) $(LDFLAGS) -o $@
|
||||||
|
SOURCES = $(auditfilterd_SOURCES)
|
||||||
|
DIST_SOURCES = $(auditfilterd_SOURCES)
|
||||||
|
man8dir = $(mandir)/man8
|
||||||
|
NROFF = nroff
|
||||||
|
MANS = $(man8_MANS)
|
||||||
|
ETAGS = etags
|
||||||
|
CTAGS = ctags
|
||||||
|
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
|
||||||
|
ACLOCAL = @ACLOCAL@
|
||||||
|
AMDEP_FALSE = @AMDEP_FALSE@
|
||||||
|
AMDEP_TRUE = @AMDEP_TRUE@
|
||||||
|
AMTAR = @AMTAR@
|
||||||
|
AR = @AR@
|
||||||
|
AUTOCONF = @AUTOCONF@
|
||||||
|
AUTOHEADER = @AUTOHEADER@
|
||||||
|
AUTOMAKE = @AUTOMAKE@
|
||||||
|
AWK = @AWK@
|
||||||
|
CC = @CC@
|
||||||
|
CCDEPMODE = @CCDEPMODE@
|
||||||
|
CFLAGS = @CFLAGS@
|
||||||
|
CPP = @CPP@
|
||||||
|
CPPFLAGS = @CPPFLAGS@
|
||||||
|
CXX = @CXX@
|
||||||
|
CXXCPP = @CXXCPP@
|
||||||
|
CXXDEPMODE = @CXXDEPMODE@
|
||||||
|
CXXFLAGS = @CXXFLAGS@
|
||||||
|
CYGPATH_W = @CYGPATH_W@
|
||||||
|
DEFS = @DEFS@
|
||||||
|
DEPDIR = @DEPDIR@
|
||||||
|
ECHO = @ECHO@
|
||||||
|
ECHO_C = @ECHO_C@
|
||||||
|
ECHO_N = @ECHO_N@
|
||||||
|
ECHO_T = @ECHO_T@
|
||||||
|
EGREP = @EGREP@
|
||||||
|
EXEEXT = @EXEEXT@
|
||||||
|
F77 = @F77@
|
||||||
|
FFLAGS = @FFLAGS@
|
||||||
|
HAVE_AUDIT_SYSCALLS_FALSE = @HAVE_AUDIT_SYSCALLS_FALSE@
|
||||||
|
HAVE_AUDIT_SYSCALLS_TRUE = @HAVE_AUDIT_SYSCALLS_TRUE@
|
||||||
|
INSTALL_DATA = @INSTALL_DATA@
|
||||||
|
INSTALL_PROGRAM = @INSTALL_PROGRAM@
|
||||||
|
INSTALL_SCRIPT = @INSTALL_SCRIPT@
|
||||||
|
INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
|
||||||
|
LDFLAGS = @LDFLAGS@
|
||||||
|
LIBOBJS = @LIBOBJS@
|
||||||
|
LIBS = @LIBS@
|
||||||
|
LIBTOOL = @LIBTOOL@
|
||||||
|
LN_S = @LN_S@
|
||||||
|
LTLIBOBJS = @LTLIBOBJS@
|
||||||
|
MAINT = @MAINT@
|
||||||
|
MAINTAINER_MODE_FALSE = @MAINTAINER_MODE_FALSE@
|
||||||
|
MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@
|
||||||
|
MAKEINFO = @MAKEINFO@
|
||||||
|
OBJEXT = @OBJEXT@
|
||||||
|
PACKAGE = @PACKAGE@
|
||||||
|
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
|
||||||
|
PACKAGE_NAME = @PACKAGE_NAME@
|
||||||
|
PACKAGE_STRING = @PACKAGE_STRING@
|
||||||
|
PACKAGE_TARNAME = @PACKAGE_TARNAME@
|
||||||
|
PACKAGE_VERSION = @PACKAGE_VERSION@
|
||||||
|
PATH_SEPARATOR = @PATH_SEPARATOR@
|
||||||
|
RANLIB = @RANLIB@
|
||||||
|
SET_MAKE = @SET_MAKE@
|
||||||
|
SHELL = @SHELL@
|
||||||
|
STRIP = @STRIP@
|
||||||
|
VERSION = @VERSION@
|
||||||
|
ac_ct_AR = @ac_ct_AR@
|
||||||
|
ac_ct_CC = @ac_ct_CC@
|
||||||
|
ac_ct_CXX = @ac_ct_CXX@
|
||||||
|
ac_ct_F77 = @ac_ct_F77@
|
||||||
|
ac_ct_RANLIB = @ac_ct_RANLIB@
|
||||||
|
ac_ct_STRIP = @ac_ct_STRIP@
|
||||||
|
am__fastdepCC_FALSE = @am__fastdepCC_FALSE@
|
||||||
|
am__fastdepCC_TRUE = @am__fastdepCC_TRUE@
|
||||||
|
am__fastdepCXX_FALSE = @am__fastdepCXX_FALSE@
|
||||||
|
am__fastdepCXX_TRUE = @am__fastdepCXX_TRUE@
|
||||||
|
am__include = @am__include@
|
||||||
|
am__leading_dot = @am__leading_dot@
|
||||||
|
am__quote = @am__quote@
|
||||||
|
am__tar = @am__tar@
|
||||||
|
am__untar = @am__untar@
|
||||||
|
bindir = @bindir@
|
||||||
|
build = @build@
|
||||||
|
build_alias = @build_alias@
|
||||||
|
build_cpu = @build_cpu@
|
||||||
|
build_os = @build_os@
|
||||||
|
build_vendor = @build_vendor@
|
||||||
|
datadir = @datadir@
|
||||||
|
exec_prefix = @exec_prefix@
|
||||||
|
host = @host@
|
||||||
|
host_alias = @host_alias@
|
||||||
|
host_cpu = @host_cpu@
|
||||||
|
host_os = @host_os@
|
||||||
|
host_vendor = @host_vendor@
|
||||||
|
includedir = @includedir@
|
||||||
|
infodir = @infodir@
|
||||||
|
install_sh = @install_sh@
|
||||||
|
libdir = @libdir@
|
||||||
|
libexecdir = @libexecdir@
|
||||||
|
localstatedir = @localstatedir@
|
||||||
|
mandir = @mandir@
|
||||||
|
mkdir_p = @mkdir_p@
|
||||||
|
oldincludedir = @oldincludedir@
|
||||||
|
prefix = @prefix@
|
||||||
|
program_transform_name = @program_transform_name@
|
||||||
|
sbindir = @sbindir@
|
||||||
|
sharedstatedir = @sharedstatedir@
|
||||||
|
sysconfdir = @sysconfdir@
|
||||||
|
target_alias = @target_alias@
|
||||||
|
INCLUDES = -I$(top_srcdir)
|
||||||
|
auditfilterd_SOURCES = auditfilterd_conf.c auditfilterd.c
|
||||||
|
auditfilterd_LDADD = $(top_builddir)/libbsm/libbsm.la
|
||||||
|
man8_MANS = auditfilterd.8
|
||||||
|
all: all-am
|
||||||
|
|
||||||
|
.SUFFIXES:
|
||||||
|
.SUFFIXES: .c .lo .o .obj
|
||||||
|
$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps)
|
||||||
|
@for dep in $?; do \
|
||||||
|
case '$(am__configure_deps)' in \
|
||||||
|
*$$dep*) \
|
||||||
|
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
|
||||||
|
&& exit 0; \
|
||||||
|
exit 1;; \
|
||||||
|
esac; \
|
||||||
|
done; \
|
||||||
|
echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign bin/auditfilterd/Makefile'; \
|
||||||
|
cd $(top_srcdir) && \
|
||||||
|
$(AUTOMAKE) --foreign bin/auditfilterd/Makefile
|
||||||
|
.PRECIOUS: Makefile
|
||||||
|
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
|
||||||
|
@case '$?' in \
|
||||||
|
*config.status*) \
|
||||||
|
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
|
||||||
|
*) \
|
||||||
|
echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
|
||||||
|
cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
|
||||||
|
esac;
|
||||||
|
|
||||||
|
$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
|
||||||
|
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
|
||||||
|
|
||||||
|
$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
|
||||||
|
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
|
||||||
|
$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
|
||||||
|
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
|
||||||
|
install-sbinPROGRAMS: $(sbin_PROGRAMS)
|
||||||
|
@$(NORMAL_INSTALL)
|
||||||
|
test -z "$(sbindir)" || $(mkdir_p) "$(DESTDIR)$(sbindir)"
|
||||||
|
@list='$(sbin_PROGRAMS)'; for p in $$list; do \
|
||||||
|
p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \
|
||||||
|
if test -f $$p \
|
||||||
|
|| test -f $$p1 \
|
||||||
|
; then \
|
||||||
|
f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \
|
||||||
|
echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(sbindir)/$$f'"; \
|
||||||
|
$(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(sbindir)/$$f" || exit 1; \
|
||||||
|
else :; fi; \
|
||||||
|
done
|
||||||
|
|
||||||
|
uninstall-sbinPROGRAMS:
|
||||||
|
@$(NORMAL_UNINSTALL)
|
||||||
|
@list='$(sbin_PROGRAMS)'; for p in $$list; do \
|
||||||
|
f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \
|
||||||
|
echo " rm -f '$(DESTDIR)$(sbindir)/$$f'"; \
|
||||||
|
rm -f "$(DESTDIR)$(sbindir)/$$f"; \
|
||||||
|
done
|
||||||
|
|
||||||
|
clean-sbinPROGRAMS:
|
||||||
|
@list='$(sbin_PROGRAMS)'; for p in $$list; do \
|
||||||
|
f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \
|
||||||
|
echo " rm -f $$p $$f"; \
|
||||||
|
rm -f $$p $$f ; \
|
||||||
|
done
|
||||||
|
auditfilterd$(EXEEXT): $(auditfilterd_OBJECTS) $(auditfilterd_DEPENDENCIES)
|
||||||
|
@rm -f auditfilterd$(EXEEXT)
|
||||||
|
$(LINK) $(auditfilterd_LDFLAGS) $(auditfilterd_OBJECTS) $(auditfilterd_LDADD) $(LIBS)
|
||||||
|
|
||||||
|
mostlyclean-compile:
|
||||||
|
-rm -f *.$(OBJEXT)
|
||||||
|
|
||||||
|
distclean-compile:
|
||||||
|
-rm -f *.tab.c
|
||||||
|
|
||||||
|
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/auditfilterd.Po@am__quote@
|
||||||
|
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/auditfilterd_conf.Po@am__quote@
|
||||||
|
|
||||||
|
.c.o:
|
||||||
|
@am__fastdepCC_TRUE@ if $(COMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ $<; \
|
||||||
|
@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Po"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi
|
||||||
|
@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
|
||||||
|
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
|
||||||
|
@am__fastdepCC_FALSE@ $(COMPILE) -c $<
|
||||||
|
|
||||||
|
.c.obj:
|
||||||
|
@am__fastdepCC_TRUE@ if $(COMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ `$(CYGPATH_W) '$<'`; \
|
||||||
|
@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Po"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi
|
||||||
|
@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
|
||||||
|
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
|
||||||
|
@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
|
||||||
|
|
||||||
|
.c.lo:
|
||||||
|
@am__fastdepCC_TRUE@ if $(LTCOMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ $<; \
|
||||||
|
@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Plo"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi
|
||||||
|
@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
|
||||||
|
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
|
||||||
|
@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
|
||||||
|
|
||||||
|
mostlyclean-libtool:
|
||||||
|
-rm -f *.lo
|
||||||
|
|
||||||
|
clean-libtool:
|
||||||
|
-rm -rf .libs _libs
|
||||||
|
|
||||||
|
distclean-libtool:
|
||||||
|
-rm -f libtool
|
||||||
|
uninstall-info-am:
|
||||||
|
install-man8: $(man8_MANS) $(man_MANS)
|
||||||
|
@$(NORMAL_INSTALL)
|
||||||
|
test -z "$(man8dir)" || $(mkdir_p) "$(DESTDIR)$(man8dir)"
|
||||||
|
@list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
|
||||||
|
l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
|
||||||
|
for i in $$l2; do \
|
||||||
|
case "$$i" in \
|
||||||
|
*.8*) list="$$list $$i" ;; \
|
||||||
|
esac; \
|
||||||
|
done; \
|
||||||
|
for i in $$list; do \
|
||||||
|
if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
|
||||||
|
else file=$$i; fi; \
|
||||||
|
ext=`echo $$i | sed -e 's/^.*\\.//'`; \
|
||||||
|
case "$$ext" in \
|
||||||
|
8*) ;; \
|
||||||
|
*) ext='8' ;; \
|
||||||
|
esac; \
|
||||||
|
inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
|
||||||
|
inst=`echo $$inst | sed -e 's/^.*\///'`; \
|
||||||
|
inst=`echo $$inst | sed '$(transform)'`.$$ext; \
|
||||||
|
echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \
|
||||||
|
$(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \
|
||||||
|
done
|
||||||
|
uninstall-man8:
|
||||||
|
@$(NORMAL_UNINSTALL)
|
||||||
|
@list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
|
||||||
|
l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
|
||||||
|
for i in $$l2; do \
|
||||||
|
case "$$i" in \
|
||||||
|
*.8*) list="$$list $$i" ;; \
|
||||||
|
esac; \
|
||||||
|
done; \
|
||||||
|
for i in $$list; do \
|
||||||
|
ext=`echo $$i | sed -e 's/^.*\\.//'`; \
|
||||||
|
case "$$ext" in \
|
||||||
|
8*) ;; \
|
||||||
|
*) ext='8' ;; \
|
||||||
|
esac; \
|
||||||
|
inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
|
||||||
|
inst=`echo $$inst | sed -e 's/^.*\///'`; \
|
||||||
|
inst=`echo $$inst | sed '$(transform)'`.$$ext; \
|
||||||
|
echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \
|
||||||
|
rm -f "$(DESTDIR)$(man8dir)/$$inst"; \
|
||||||
|
done
|
||||||
|
|
||||||
|
ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
|
||||||
|
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
|
||||||
|
unique=`for i in $$list; do \
|
||||||
|
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
|
||||||
|
done | \
|
||||||
|
$(AWK) ' { files[$$0] = 1; } \
|
||||||
|
END { for (i in files) print i; }'`; \
|
||||||
|
mkid -fID $$unique
|
||||||
|
tags: TAGS
|
||||||
|
|
||||||
|
TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
|
||||||
|
$(TAGS_FILES) $(LISP)
|
||||||
|
tags=; \
|
||||||
|
here=`pwd`; \
|
||||||
|
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
|
||||||
|
unique=`for i in $$list; do \
|
||||||
|
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
|
||||||
|
done | \
|
||||||
|
$(AWK) ' { files[$$0] = 1; } \
|
||||||
|
END { for (i in files) print i; }'`; \
|
||||||
|
if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
|
||||||
|
test -n "$$unique" || unique=$$empty_fix; \
|
||||||
|
$(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
|
||||||
|
$$tags $$unique; \
|
||||||
|
fi
|
||||||
|
ctags: CTAGS
|
||||||
|
CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
|
||||||
|
$(TAGS_FILES) $(LISP)
|
||||||
|
tags=; \
|
||||||
|
here=`pwd`; \
|
||||||
|
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
|
||||||
|
unique=`for i in $$list; do \
|
||||||
|
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
|
||||||
|
done | \
|
||||||
|
$(AWK) ' { files[$$0] = 1; } \
|
||||||
|
END { for (i in files) print i; }'`; \
|
||||||
|
test -z "$(CTAGS_ARGS)$$tags$$unique" \
|
||||||
|
|| $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
|
||||||
|
$$tags $$unique
|
||||||
|
|
||||||
|
GTAGS:
|
||||||
|
here=`$(am__cd) $(top_builddir) && pwd` \
|
||||||
|
&& cd $(top_srcdir) \
|
||||||
|
&& gtags -i $(GTAGS_ARGS) $$here
|
||||||
|
|
||||||
|
distclean-tags:
|
||||||
|
-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
|
||||||
|
|
||||||
|
distdir: $(DISTFILES)
|
||||||
|
@srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \
|
||||||
|
topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \
|
||||||
|
list='$(DISTFILES)'; for file in $$list; do \
|
||||||
|
case $$file in \
|
||||||
|
$(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \
|
||||||
|
$(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \
|
||||||
|
esac; \
|
||||||
|
if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
|
||||||
|
dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \
|
||||||
|
if test "$$dir" != "$$file" && test "$$dir" != "."; then \
|
||||||
|
dir="/$$dir"; \
|
||||||
|
$(mkdir_p) "$(distdir)$$dir"; \
|
||||||
|
else \
|
||||||
|
dir=''; \
|
||||||
|
fi; \
|
||||||
|
if test -d $$d/$$file; then \
|
||||||
|
if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
|
||||||
|
cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
|
||||||
|
fi; \
|
||||||
|
cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
|
||||||
|
else \
|
||||||
|
test -f $(distdir)/$$file \
|
||||||
|
|| cp -p $$d/$$file $(distdir)/$$file \
|
||||||
|
|| exit 1; \
|
||||||
|
fi; \
|
||||||
|
done
|
||||||
|
check-am: all-am
|
||||||
|
check: check-am
|
||||||
|
all-am: Makefile $(PROGRAMS) $(MANS)
|
||||||
|
installdirs:
|
||||||
|
for dir in "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(man8dir)"; do \
|
||||||
|
test -z "$$dir" || $(mkdir_p) "$$dir"; \
|
||||||
|
done
|
||||||
|
install: install-am
|
||||||
|
install-exec: install-exec-am
|
||||||
|
install-data: install-data-am
|
||||||
|
uninstall: uninstall-am
|
||||||
|
|
||||||
|
install-am: all-am
|
||||||
|
@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
|
||||||
|
|
||||||
|
installcheck: installcheck-am
|
||||||
|
install-strip:
|
||||||
|
$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
|
||||||
|
install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
|
||||||
|
`test -z '$(STRIP)' || \
|
||||||
|
echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
|
||||||
|
mostlyclean-generic:
|
||||||
|
|
||||||
|
clean-generic:
|
||||||
|
|
||||||
|
distclean-generic:
|
||||||
|
-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
|
||||||
|
|
||||||
|
maintainer-clean-generic:
|
||||||
|
@echo "This command is intended for maintainers to use"
|
||||||
|
@echo "it deletes files that may require special tools to rebuild."
|
||||||
|
clean: clean-am
|
||||||
|
|
||||||
|
clean-am: clean-generic clean-libtool clean-sbinPROGRAMS \
|
||||||
|
mostlyclean-am
|
||||||
|
|
||||||
|
distclean: distclean-am
|
||||||
|
-rm -rf ./$(DEPDIR)
|
||||||
|
-rm -f Makefile
|
||||||
|
distclean-am: clean-am distclean-compile distclean-generic \
|
||||||
|
distclean-libtool distclean-tags
|
||||||
|
|
||||||
|
dvi: dvi-am
|
||||||
|
|
||||||
|
dvi-am:
|
||||||
|
|
||||||
|
html: html-am
|
||||||
|
|
||||||
|
info: info-am
|
||||||
|
|
||||||
|
info-am:
|
||||||
|
|
||||||
|
install-data-am: install-man
|
||||||
|
|
||||||
|
install-exec-am: install-sbinPROGRAMS
|
||||||
|
|
||||||
|
install-info: install-info-am
|
||||||
|
|
||||||
|
install-man: install-man8
|
||||||
|
|
||||||
|
installcheck-am:
|
||||||
|
|
||||||
|
maintainer-clean: maintainer-clean-am
|
||||||
|
-rm -rf ./$(DEPDIR)
|
||||||
|
-rm -f Makefile
|
||||||
|
maintainer-clean-am: distclean-am maintainer-clean-generic
|
||||||
|
|
||||||
|
mostlyclean: mostlyclean-am
|
||||||
|
|
||||||
|
mostlyclean-am: mostlyclean-compile mostlyclean-generic \
|
||||||
|
mostlyclean-libtool
|
||||||
|
|
||||||
|
pdf: pdf-am
|
||||||
|
|
||||||
|
pdf-am:
|
||||||
|
|
||||||
|
ps: ps-am
|
||||||
|
|
||||||
|
ps-am:
|
||||||
|
|
||||||
|
uninstall-am: uninstall-info-am uninstall-man uninstall-sbinPROGRAMS
|
||||||
|
|
||||||
|
uninstall-man: uninstall-man8
|
||||||
|
|
||||||
|
.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
|
||||||
|
clean-libtool clean-sbinPROGRAMS ctags distclean \
|
||||||
|
distclean-compile distclean-generic distclean-libtool \
|
||||||
|
distclean-tags distdir dvi dvi-am html html-am info info-am \
|
||||||
|
install install-am install-data install-data-am install-exec \
|
||||||
|
install-exec-am install-info install-info-am install-man \
|
||||||
|
install-man8 install-sbinPROGRAMS install-strip installcheck \
|
||||||
|
installcheck-am installdirs maintainer-clean \
|
||||||
|
maintainer-clean-generic mostlyclean mostlyclean-compile \
|
||||||
|
mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
|
||||||
|
tags uninstall uninstall-am uninstall-info-am uninstall-man \
|
||||||
|
uninstall-man8 uninstall-sbinPROGRAMS
|
||||||
|
|
||||||
|
# Tell versions [3.59,3.63) of GNU make to not export all variables.
|
||||||
|
# Otherwise a system limit (for SysV at least) may be exceeded.
|
||||||
|
.NOEXPORT:
|
77
contrib/openbsm/bin/auditfilterd/auditfilterd.8
Normal file
77
contrib/openbsm/bin/auditfilterd/auditfilterd.8
Normal file
@ -0,0 +1,77 @@
|
|||||||
|
.\"-
|
||||||
|
.\" Copyright (c) 2006 Robert N. M. Watson
|
||||||
|
.\" All rights reserved.
|
||||||
|
.\"
|
||||||
|
.\" Redistribution and use in source and binary forms, with or without
|
||||||
|
.\" modification, are permitted provided that the following conditions
|
||||||
|
.\" are met:
|
||||||
|
.\" 1. Redistributions of source code must retain the above copyright
|
||||||
|
.\" notice, this list of conditions and the following disclaimer.
|
||||||
|
.\" 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
.\" notice, this list of conditions and the following disclaimer in the
|
||||||
|
.\" documentation and/or other materials provided with the distribution.
|
||||||
|
.\"
|
||||||
|
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
|
||||||
|
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
.\" SUCH DAMAGE.
|
||||||
|
.\"
|
||||||
|
.\" $P4: //depot/projects/trustedbsd/openbsm/bin/auditfilterd/auditfilterd.8#2 $
|
||||||
|
.\"
|
||||||
|
.Dd March 27, 2006
|
||||||
|
.Dt AUDITFILTERD 8
|
||||||
|
.Os
|
||||||
|
.Sh NAME
|
||||||
|
.Nm auditfilterd
|
||||||
|
.Nd audit filter daemon
|
||||||
|
.Sh SYNOPSIS
|
||||||
|
.Nm auditfilterd
|
||||||
|
.Op Fl d
|
||||||
|
.Op Fl c Ar conffile
|
||||||
|
.Op Fl t Ar trailfile
|
||||||
|
.Sh DESCRIPTION
|
||||||
|
The
|
||||||
|
.Nm
|
||||||
|
daemon is an extensible audit event monitoring daemon, allowing pluggable
|
||||||
|
modules to track audit events from a live audit source.
|
||||||
|
It is configured using the
|
||||||
|
.Xr audit_filter 5
|
||||||
|
configuration file.
|
||||||
|
.Pp
|
||||||
|
The options are as follows:
|
||||||
|
.Bl -tag -width Ds
|
||||||
|
.It Fl d
|
||||||
|
Starts the daemon in debug mode - it will not daemonize.
|
||||||
|
.It Fl c Ar conffile
|
||||||
|
Specify an alternative configuration file.
|
||||||
|
.It Fl t Ar trailfile
|
||||||
|
Specify an alternative source of audit event records.
|
||||||
|
.El
|
||||||
|
.Sh FILES
|
||||||
|
.Bl -tag -width "/etc/security/audit_filterd" -compact
|
||||||
|
.It Pa /etc/security/audit_filterd
|
||||||
|
Default configuration file for
|
||||||
|
.Nm .
|
||||||
|
.It Pa /dev/auditpipe
|
||||||
|
Default audit record source for
|
||||||
|
.Nm .
|
||||||
|
.El
|
||||||
|
.Sh SEE ALSO
|
||||||
|
.Xr audit 8 ,
|
||||||
|
.Xr auditd 8
|
||||||
|
.Sh AUTHORS
|
||||||
|
The
|
||||||
|
.Nm
|
||||||
|
daemon and audit filter APIs were created by Robert Watson.
|
||||||
|
.Sh HISTORY
|
||||||
|
The OpenBSM implementation was created by McAfee Research, the security
|
||||||
|
division of McAfee Inc., under contract to Apple Computer Inc. in 2004.
|
||||||
|
It was subsequently adopted by the TrustedBSD Project as the foundation for
|
||||||
|
the OpenBSM distribution.
|
341
contrib/openbsm/bin/auditfilterd/auditfilterd.c
Normal file
341
contrib/openbsm/bin/auditfilterd/auditfilterd.c
Normal file
@ -0,0 +1,341 @@
|
|||||||
|
/*-
|
||||||
|
* Copyright (c) 2006 Robert N. M. Watson
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This software was developed by Robert Watson for the TrustedBSD Project.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditfilterd/auditfilterd.c#6 $
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <sys/types.h>
|
||||||
|
#include <sys/stat.h>
|
||||||
|
#include <sys/time.h>
|
||||||
|
|
||||||
|
#include <config/config.h>
|
||||||
|
#ifdef HAVE_FULL_QUEUE_H
|
||||||
|
#include <sys/queue.h>
|
||||||
|
#else
|
||||||
|
#include <compat/queue.h>
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#include <bsm/libbsm.h>
|
||||||
|
#include <bsm/audit_filter.h>
|
||||||
|
|
||||||
|
#include <err.h>
|
||||||
|
#include <fcntl.h>
|
||||||
|
#include <signal.h>
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include <unistd.h>
|
||||||
|
|
||||||
|
#include "auditfilterd.h"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Global list of registered filters.
|
||||||
|
*/
|
||||||
|
struct auditfilter_module_list filter_list;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Configuration and signal->main flags.
|
||||||
|
*/
|
||||||
|
int debug; /* Debugging mode requested, don't detach. */
|
||||||
|
int reread_config; /* SIGHUP has been received. */
|
||||||
|
int quit; /* SIGQUIT/TERM/INT has been received. */
|
||||||
|
|
||||||
|
static void
|
||||||
|
usage(void)
|
||||||
|
{
|
||||||
|
|
||||||
|
fprintf(stderr, "auditfilterd [-c conffile] [-d] [-p pipefile]"
|
||||||
|
" [-t trailfile]\n");
|
||||||
|
fprintf(stderr, " -c Specify configuration file (default: %s)\n",
|
||||||
|
AUDITFILTERD_CONFFILE);
|
||||||
|
fprintf(stderr, " -d Debugging mode, don't daemonize\n");
|
||||||
|
fprintf(stderr, " -p Specify pipe file (default: %s)\n",
|
||||||
|
AUDITFILTERD_PIPEFILE);
|
||||||
|
fprintf(stderr, " -t Specify audit trail file (default: none)\n");
|
||||||
|
exit(-1);
|
||||||
|
}
|
||||||
|
|
||||||
|
static void
|
||||||
|
auditfilterd_init(void)
|
||||||
|
{
|
||||||
|
|
||||||
|
TAILQ_INIT(&filter_list);
|
||||||
|
}
|
||||||
|
|
||||||
|
static void
|
||||||
|
signal_handler(int signum)
|
||||||
|
{
|
||||||
|
|
||||||
|
switch (signum) {
|
||||||
|
case SIGHUP:
|
||||||
|
reread_config++;
|
||||||
|
break;
|
||||||
|
|
||||||
|
case SIGINT:
|
||||||
|
case SIGTERM:
|
||||||
|
case SIGQUIT:
|
||||||
|
quit++;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Present raw BSM to a set of registered and interested filters.
|
||||||
|
*/
|
||||||
|
static void
|
||||||
|
present_bsmrecord(struct timespec *ts, u_char *data, u_int len)
|
||||||
|
{
|
||||||
|
struct auditfilter_module *am;
|
||||||
|
|
||||||
|
TAILQ_FOREACH(am, &filter_list, am_list) {
|
||||||
|
if (am->am_bsmrecord != NULL)
|
||||||
|
(am->am_bsmrecord)(am->am_instance, ts, data, len);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Parse the BSM into a set of tokens, which will be pased to registered
|
||||||
|
* and interested filters.
|
||||||
|
*/
|
||||||
|
#define MAX_TOKENS 128 /* Maximum tokens we handle per record. */
|
||||||
|
static void
|
||||||
|
present_tokens(struct timespec *ts, u_char *data, u_int len)
|
||||||
|
{
|
||||||
|
struct auditfilter_module *am;
|
||||||
|
tokenstr_t tokens[MAX_TOKENS];
|
||||||
|
u_int bytesread;
|
||||||
|
int tokencount;
|
||||||
|
|
||||||
|
tokencount = 0;
|
||||||
|
while (bytesread < len) {
|
||||||
|
if (au_fetch_tok(&tokens[tokencount], data + bytesread,
|
||||||
|
len - bytesread) == -1)
|
||||||
|
break;
|
||||||
|
bytesread += tokens[tokencount].len;
|
||||||
|
tokencount++;
|
||||||
|
}
|
||||||
|
|
||||||
|
TAILQ_FOREACH(am, &filter_list, am_list) {
|
||||||
|
if (am->am_record != NULL)
|
||||||
|
(am->am_record)(am->am_instance, ts, tokencount,
|
||||||
|
tokens);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The main loop spins pulling records out of the record source and passing
|
||||||
|
* them to modules for processing.
|
||||||
|
*/
|
||||||
|
static void
|
||||||
|
mainloop_file(const char *conffile, const char *trailfile, FILE *trail_fp)
|
||||||
|
{
|
||||||
|
struct timespec ts;
|
||||||
|
FILE *conf_fp;
|
||||||
|
u_char *buf;
|
||||||
|
int reclen;
|
||||||
|
|
||||||
|
while (1) {
|
||||||
|
/*
|
||||||
|
* On SIGHUP, we reread the configuration file and reopen
|
||||||
|
* the trail file.
|
||||||
|
*/
|
||||||
|
if (reread_config) {
|
||||||
|
reread_config = 0;
|
||||||
|
warnx("rereading configuration");
|
||||||
|
conf_fp = fopen(conffile, "r");
|
||||||
|
if (conf_fp == NULL)
|
||||||
|
err(-1, "%s", conffile);
|
||||||
|
auditfilterd_conf(conffile, conf_fp);
|
||||||
|
fclose(conf_fp);
|
||||||
|
|
||||||
|
fclose(trail_fp);
|
||||||
|
trail_fp = fopen(trailfile, "r");
|
||||||
|
if (trail_fp == NULL)
|
||||||
|
err(-1, "%s", trailfile);
|
||||||
|
}
|
||||||
|
if (quit) {
|
||||||
|
warnx("quitting");
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* For now, be relatively unrobust about incomplete records,
|
||||||
|
* but in the future will want to do better. Need to look
|
||||||
|
* more at the right blocking and signal behavior here.
|
||||||
|
*/
|
||||||
|
reclen = au_read_rec(trail_fp, &buf);
|
||||||
|
if (reclen == -1)
|
||||||
|
continue;
|
||||||
|
if (clock_gettime(CLOCK_REALTIME, &ts) < 0)
|
||||||
|
err(-1, "clock_gettime");
|
||||||
|
present_bsmrecord(&ts, buf, reclen);
|
||||||
|
present_tokens(&ts, buf, reclen);
|
||||||
|
free(buf);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The main loop spins pulling records out of the record source and passing
|
||||||
|
* them to modules for processing. This version of the function accepts
|
||||||
|
* discrete record input from a file descriptor, as opposed to buffered input
|
||||||
|
* from a file stream.
|
||||||
|
*/
|
||||||
|
static void
|
||||||
|
mainloop_pipe(const char *conffile, const char *pipefile, int pipe_fd)
|
||||||
|
{
|
||||||
|
u_char record[MAX_AUDIT_RECORD_SIZE];
|
||||||
|
struct timespec ts;
|
||||||
|
FILE *conf_fp;
|
||||||
|
int reclen;
|
||||||
|
|
||||||
|
while (1) {
|
||||||
|
/*
|
||||||
|
* On SIGHUP, we reread the configuration file. Unlike with
|
||||||
|
* a trail file, we don't reopen the pipe, as we don't want
|
||||||
|
* to miss records which will be flushed if we do.
|
||||||
|
*/
|
||||||
|
if (reread_config) {
|
||||||
|
reread_config = 0;
|
||||||
|
warnx("rereading configuration");
|
||||||
|
conf_fp = fopen(conffile, "r");
|
||||||
|
if (conf_fp == NULL)
|
||||||
|
err(-1, "%s", conffile);
|
||||||
|
auditfilterd_conf(conffile, conf_fp);
|
||||||
|
fclose(conf_fp);
|
||||||
|
}
|
||||||
|
if (quit) {
|
||||||
|
warnx("quitting");
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* For now, be relatively unrobust about incomplete records,
|
||||||
|
* but in the future will want to do better. Need to look
|
||||||
|
* more at the right blocking and signal behavior here.
|
||||||
|
*/
|
||||||
|
reclen = read(pipe_fd, record, MAX_AUDIT_RECORD_SIZE);
|
||||||
|
if (reclen < 0)
|
||||||
|
continue;
|
||||||
|
if (clock_gettime(CLOCK_REALTIME, &ts) < 0)
|
||||||
|
err(-1, "clock_gettime");
|
||||||
|
present_bsmrecord(&ts, record, reclen);
|
||||||
|
present_tokens(&ts, record, reclen);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
int
|
||||||
|
main(int argc, char *argv[])
|
||||||
|
{
|
||||||
|
const char *pipefile, *trailfile, *conffile;
|
||||||
|
FILE *trail_fp, *conf_fp;
|
||||||
|
struct stat sb;
|
||||||
|
int pipe_fd;
|
||||||
|
int ch;
|
||||||
|
|
||||||
|
conffile = AUDITFILTERD_CONFFILE;
|
||||||
|
trailfile = NULL;
|
||||||
|
pipefile = NULL;
|
||||||
|
while ((ch = getopt(argc, argv, "c:dp:t:")) != -1) {
|
||||||
|
switch (ch) {
|
||||||
|
case 'c':
|
||||||
|
conffile = optarg;
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'd':
|
||||||
|
debug++;
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 't':
|
||||||
|
if (trailfile != NULL || pipefile != NULL)
|
||||||
|
usage();
|
||||||
|
trailfile = optarg;
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'p':
|
||||||
|
if (pipefile != NULL || trailfile != NULL)
|
||||||
|
usage();
|
||||||
|
pipefile = optarg;
|
||||||
|
break;
|
||||||
|
|
||||||
|
default:
|
||||||
|
usage();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
argc -= optind;
|
||||||
|
argv += optind;
|
||||||
|
|
||||||
|
if (argc != 0)
|
||||||
|
usage();
|
||||||
|
|
||||||
|
/*
|
||||||
|
* We allow only one of a pipe or a trail to be used. If none is
|
||||||
|
* specified, we provide a default pipe path.
|
||||||
|
*/
|
||||||
|
if (pipefile == NULL && trailfile == NULL)
|
||||||
|
pipefile = AUDITFILTERD_PIPEFILE;
|
||||||
|
|
||||||
|
if (pipefile != NULL) {
|
||||||
|
pipe_fd = open(pipefile, O_RDONLY);
|
||||||
|
if (pipe_fd < 0)
|
||||||
|
err(-1, "open:%s", pipefile);
|
||||||
|
if (fstat(pipe_fd, &sb) < 0)
|
||||||
|
err(-1, "stat: %s", pipefile);
|
||||||
|
if (!S_ISCHR(sb.st_mode))
|
||||||
|
errx(-1, "fstat: %s not device", pipefile);
|
||||||
|
} else {
|
||||||
|
trail_fp = fopen(trailfile, "r");
|
||||||
|
if (trail_fp == NULL)
|
||||||
|
err(-1, "%s", trailfile);
|
||||||
|
}
|
||||||
|
|
||||||
|
conf_fp = fopen(conffile, "r");
|
||||||
|
if (conf_fp == NULL)
|
||||||
|
err(-1, "%s", conffile);
|
||||||
|
|
||||||
|
auditfilterd_init();
|
||||||
|
if (auditfilterd_conf(conffile, conf_fp) < 0)
|
||||||
|
exit(-1);
|
||||||
|
fclose(conf_fp);
|
||||||
|
|
||||||
|
if (!debug) {
|
||||||
|
if (daemon(0, 0) < 0)
|
||||||
|
err(-1, "daemon");
|
||||||
|
}
|
||||||
|
|
||||||
|
signal(SIGHUP, signal_handler);
|
||||||
|
signal(SIGINT, signal_handler);
|
||||||
|
signal(SIGQUIT, signal_handler);
|
||||||
|
signal(SIGTERM, signal_handler);
|
||||||
|
|
||||||
|
if (pipefile != NULL)
|
||||||
|
mainloop_pipe(conffile, pipefile, pipe_fd);
|
||||||
|
else
|
||||||
|
mainloop_file(conffile, trailfile, trail_fp);
|
||||||
|
|
||||||
|
auditfilterd_conf_shutdown();
|
||||||
|
return (0);
|
||||||
|
}
|
79
contrib/openbsm/bin/auditfilterd/auditfilterd.h
Normal file
79
contrib/openbsm/bin/auditfilterd/auditfilterd.h
Normal file
@ -0,0 +1,79 @@
|
|||||||
|
/*-
|
||||||
|
* Copyright (c) 2006 Robert N. M. Watson
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This software was developed by Robert Watson for the TrustedBSD Project.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditfilterd/auditfilterd.h#3 $
|
||||||
|
*/
|
||||||
|
|
||||||
|
#define AUDITFILTERD_CONFFILE "/etc/security/audit_filter"
|
||||||
|
#define AUDITFILTERD_PIPEFILE "/dev/auditpipe"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Limit on the number of arguments that can appear in an audit_filterd
|
||||||
|
* configuration line.
|
||||||
|
*/
|
||||||
|
#define AUDITFILTERD_CONF_MAXARGS 256
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Data structure description each instantiated module.
|
||||||
|
*/
|
||||||
|
struct auditfilter_module {
|
||||||
|
/*
|
||||||
|
* Fields from configuration file and dynamic linker.
|
||||||
|
*/
|
||||||
|
char *am_modulename;
|
||||||
|
char *am_arg_buffer;
|
||||||
|
int am_argc;
|
||||||
|
char **am_argv;
|
||||||
|
void *am_dlhandle;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Fields provided by or extracted from the module.
|
||||||
|
*/
|
||||||
|
void *am_instance;
|
||||||
|
audit_filter_attach_t am_attach;
|
||||||
|
audit_filter_reinit_t am_reinit;
|
||||||
|
audit_filter_record_t am_record;
|
||||||
|
audit_filter_bsmrecord_t am_bsmrecord;
|
||||||
|
audit_filter_detach_t am_detach;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Fields for maintaining the list of modules.
|
||||||
|
*/
|
||||||
|
TAILQ_ENTRY(auditfilter_module) am_list;
|
||||||
|
};
|
||||||
|
TAILQ_HEAD(auditfilter_module_list, auditfilter_module);
|
||||||
|
|
||||||
|
/*
|
||||||
|
* List of currently registered modules.
|
||||||
|
*/
|
||||||
|
extern struct auditfilter_module_list filter_list;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Function definitions.
|
||||||
|
*/
|
||||||
|
int auditfilterd_conf(const char *filename, FILE *fp);
|
||||||
|
void auditfilterd_conf_shutdown(void);
|
485
contrib/openbsm/bin/auditfilterd/auditfilterd_conf.c
Normal file
485
contrib/openbsm/bin/auditfilterd/auditfilterd_conf.c
Normal file
@ -0,0 +1,485 @@
|
|||||||
|
/*-
|
||||||
|
* Copyright (c) 2006 Robert N. M. Watson
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This software was developed by Robert Watson for the TrustedBSD Project.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditfilterd/auditfilterd_conf.c#3 $
|
||||||
|
*/
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Configuration file parser for auditfilterd. The configuration file is a
|
||||||
|
* very simple format, similar to other BSM configuration files, consisting
|
||||||
|
* of configuration entries of one line each. The configuration function is
|
||||||
|
* aware of previous runs, and will update the current configuration as
|
||||||
|
* needed.
|
||||||
|
*
|
||||||
|
* Modules are in one of two states: attached, or detached. If attach fails,
|
||||||
|
* detach is not called because it was not attached. If a module is attached
|
||||||
|
* and a call to its reinit method fails, we will detach it.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <sys/types.h>
|
||||||
|
|
||||||
|
#include <config/config.h>
|
||||||
|
#ifdef HAVE_FULL_QUEUE_H
|
||||||
|
#include <sys/queue.h>
|
||||||
|
#else
|
||||||
|
#include <compat/queue.h>
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#include <bsm/libbsm.h>
|
||||||
|
#include <bsm/audit_filter.h>
|
||||||
|
|
||||||
|
#include <dlfcn.h>
|
||||||
|
#include <err.h>
|
||||||
|
#include <errno.h>
|
||||||
|
#include <limits.h>
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include <string.h>
|
||||||
|
|
||||||
|
#include "auditfilterd.h"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Free an individual auditfilter_module structure. Will not shut down the
|
||||||
|
* module, just frees the memory. Does so conditional on pointers being
|
||||||
|
* non-NULL so that it can be used on partially allocated structures.
|
||||||
|
*/
|
||||||
|
static void
|
||||||
|
auditfilter_module_free(struct auditfilter_module *am)
|
||||||
|
{
|
||||||
|
|
||||||
|
if (am->am_modulename != NULL)
|
||||||
|
free(am->am_modulename);
|
||||||
|
if (am->am_arg_buffer != NULL)
|
||||||
|
free(am->am_arg_buffer);
|
||||||
|
if (am->am_argv != NULL)
|
||||||
|
free(am->am_argv);
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Free all memory associated with an auditfilter_module list. Does not
|
||||||
|
* dlclose() or shut down the modules, just free the memory. Use
|
||||||
|
* auditfilter_module_list_detach() for that, if required.
|
||||||
|
*/
|
||||||
|
static void
|
||||||
|
auditfilter_module_list_free(struct auditfilter_module_list *list)
|
||||||
|
{
|
||||||
|
struct auditfilter_module *am;
|
||||||
|
|
||||||
|
while (!(TAILQ_EMPTY(list))) {
|
||||||
|
am = TAILQ_FIRST(list);
|
||||||
|
TAILQ_REMOVE(list, am, am_list);
|
||||||
|
auditfilter_module_free(am);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Detach an attached module from an auditfilter_module structure. Does not
|
||||||
|
* free the data structure itself.
|
||||||
|
*/
|
||||||
|
static void
|
||||||
|
auditfilter_module_detach(struct auditfilter_module *am)
|
||||||
|
{
|
||||||
|
|
||||||
|
if (am->am_detach != NULL)
|
||||||
|
am->am_detach(am->am_instance);
|
||||||
|
am->am_instance = NULL;
|
||||||
|
(void)dlclose(am->am_dlhandle);
|
||||||
|
am->am_dlhandle = NULL;
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Walk an auditfilter_module list, detaching each module. Intended to be
|
||||||
|
* combined with auditfilter_module_list_free().
|
||||||
|
*/
|
||||||
|
static void
|
||||||
|
auditfilter_module_list_detach(struct auditfilter_module_list *list)
|
||||||
|
{
|
||||||
|
struct auditfilter_module *am;
|
||||||
|
|
||||||
|
TAILQ_FOREACH(am, list, am_list)
|
||||||
|
auditfilter_module_detach(am);
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Given a filled out auditfilter_module, use dlopen() and dlsym() to attach
|
||||||
|
* the module. If we fail, leave fields in the state we found them.
|
||||||
|
*
|
||||||
|
* XXXRW: Need a better way to report errors.
|
||||||
|
*/
|
||||||
|
static int
|
||||||
|
auditfilter_module_attach(struct auditfilter_module *am)
|
||||||
|
{
|
||||||
|
|
||||||
|
am->am_dlhandle = dlopen(am->am_modulename, RTLD_NOW);
|
||||||
|
if (am->am_dlhandle == NULL) {
|
||||||
|
warnx("auditfilter_module_attach: %s: %s", am->am_modulename,
|
||||||
|
dlerror());
|
||||||
|
return (-1);
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Not implementing these is not considered a failure condition,
|
||||||
|
* although we might want to consider warning if obvious stuff is
|
||||||
|
* not implemented, such as am_record.
|
||||||
|
*/
|
||||||
|
am->am_attach = dlsym(am->am_dlhandle, AUDIT_FILTER_ATTACH_STRING);
|
||||||
|
am->am_reinit = dlsym(am->am_dlhandle, AUDIT_FILTER_REINIT_STRING);
|
||||||
|
am->am_record = dlsym(am->am_dlhandle, AUDIT_FILTER_RECORD_STRING);
|
||||||
|
am->am_bsmrecord = dlsym(am->am_dlhandle,
|
||||||
|
AUDIT_FILTER_BSMRECORD_STRING);
|
||||||
|
am->am_detach = dlsym(am->am_dlhandle, AUDIT_FILTER_DETACH_STRING);
|
||||||
|
|
||||||
|
if (am->am_attach != NULL) {
|
||||||
|
if (am->am_attach(&am->am_instance, am->am_argc, am->am_argv)
|
||||||
|
!= AUDIT_FILTER_SUCCESS) {
|
||||||
|
warnx("auditfilter_module_attach: %s: failed",
|
||||||
|
am->am_modulename);
|
||||||
|
dlclose(am->am_dlhandle);
|
||||||
|
am->am_dlhandle = NULL;
|
||||||
|
am->am_attach = NULL;
|
||||||
|
am->am_reinit = NULL;
|
||||||
|
am->am_record = NULL;
|
||||||
|
am->am_bsmrecord = NULL;
|
||||||
|
am->am_detach = NULL;
|
||||||
|
return (-1);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return (0);
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* When the arguments for a module are changed, we notify the module through
|
||||||
|
* a call to its reinit method, if any. Return 0 on success, or -1 on
|
||||||
|
* failure.
|
||||||
|
*/
|
||||||
|
static int
|
||||||
|
auditfilter_module_reinit(struct auditfilter_module *am)
|
||||||
|
{
|
||||||
|
|
||||||
|
if (am->am_reinit == NULL)
|
||||||
|
return (0);
|
||||||
|
|
||||||
|
if (am->am_reinit(&am->am_instance, am->am_argc, am->am_argv) !=
|
||||||
|
AUDIT_FILTER_SUCCESS) {
|
||||||
|
warnx("auditfilter_module_reinit: %s: failed",
|
||||||
|
am->am_modulename);
|
||||||
|
return (-1);
|
||||||
|
}
|
||||||
|
|
||||||
|
return (0);
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Given a configuration line, generate an auditfilter_module structure that
|
||||||
|
* describes it; caller will not pass comments in, so they are not looked
|
||||||
|
* for. Do not attempt to instantiate it. Will destroy the contents of
|
||||||
|
* 'buffer'.
|
||||||
|
*
|
||||||
|
* Configuration lines consist of two parts: the module name and arguments
|
||||||
|
* separated by a ':', and then a ','-delimited list of arguments.
|
||||||
|
*
|
||||||
|
* XXXRW: Need to decide where to send the warning output -- stderr for now.
|
||||||
|
*/
|
||||||
|
struct auditfilter_module *
|
||||||
|
auditfilter_module_parse(const char *filename, int linenumber, char *buffer)
|
||||||
|
{
|
||||||
|
char *arguments, *module, **ap;
|
||||||
|
struct auditfilter_module *am;
|
||||||
|
|
||||||
|
am = malloc(sizeof(*am));
|
||||||
|
if (am == NULL) {
|
||||||
|
warn("auditfilter_module_parse: %s:%d", filename, linenumber);
|
||||||
|
return (NULL);
|
||||||
|
}
|
||||||
|
bzero(am, sizeof(*am));
|
||||||
|
|
||||||
|
/*
|
||||||
|
* First, break out the module and arguments strings. We look for
|
||||||
|
* one extra argument to make sure there are no more :'s in the line.
|
||||||
|
* That way, we prevent modules from using argument strings that, in
|
||||||
|
* the future, may cause problems for adding additional columns.
|
||||||
|
*/
|
||||||
|
arguments = buffer;
|
||||||
|
module = strsep(&arguments, ":");
|
||||||
|
if (module == NULL || arguments == NULL) {
|
||||||
|
warnx("auditfilter_module_parse: %s:%d: parse error",
|
||||||
|
filename, linenumber);
|
||||||
|
return (NULL);
|
||||||
|
}
|
||||||
|
|
||||||
|
am->am_modulename = strdup(module);
|
||||||
|
if (am->am_modulename == NULL) {
|
||||||
|
warn("auditfilter_module_parse: %s:%d", filename, linenumber);
|
||||||
|
auditfilter_module_free(am);
|
||||||
|
return (NULL);
|
||||||
|
}
|
||||||
|
|
||||||
|
am->am_arg_buffer = strdup(buffer);
|
||||||
|
if (am->am_arg_buffer == NULL) {
|
||||||
|
warn("auditfilter_module_parse: %s:%d", filename, linenumber);
|
||||||
|
auditfilter_module_free(am);
|
||||||
|
return (NULL);
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Now, break out the arguments string into a series of arguments.
|
||||||
|
* This is a bit more complicated, and requires cleanup if things go
|
||||||
|
* wrong.
|
||||||
|
*/
|
||||||
|
am->am_argv = malloc(sizeof(char *) * AUDITFILTERD_CONF_MAXARGS);
|
||||||
|
if (am->am_argv == NULL) {
|
||||||
|
warn("auditfilter_module_parse: %s:%d", filename, linenumber);
|
||||||
|
auditfilter_module_free(am);
|
||||||
|
return (NULL);
|
||||||
|
}
|
||||||
|
bzero(am->am_argv, sizeof(char *) * AUDITFILTERD_CONF_MAXARGS);
|
||||||
|
am->am_argc = 0;
|
||||||
|
for (ap = am->am_argv; (*ap = strsep(&arguments, " \t")) != NULL;) {
|
||||||
|
if (**ap != '\0') {
|
||||||
|
am->am_argc++;
|
||||||
|
if (++ap >= &am->am_argv[AUDITFILTERD_CONF_MAXARGS])
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (ap >= &am->am_argv[AUDITFILTERD_CONF_MAXARGS]) {
|
||||||
|
warnx("auditfilter_module_parse: %s:%d: too many arguments",
|
||||||
|
filename, linenumber);
|
||||||
|
auditfilter_module_free(am);
|
||||||
|
return (NULL);
|
||||||
|
}
|
||||||
|
|
||||||
|
return (am);
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Read a configuration file, and populate 'list' with the configuration
|
||||||
|
* lines. Does not attempt to instantiate the configuration, just read it
|
||||||
|
* into a useful set of data structures.
|
||||||
|
*/
|
||||||
|
static int
|
||||||
|
auditfilterd_conf_read(const char *filename, FILE *fp,
|
||||||
|
struct auditfilter_module_list *list)
|
||||||
|
{
|
||||||
|
int error, linenumber, syntaxerror;
|
||||||
|
struct auditfilter_module *am;
|
||||||
|
char buffer[LINE_MAX];
|
||||||
|
|
||||||
|
syntaxerror = 0;
|
||||||
|
linenumber = 0;
|
||||||
|
while (!feof(fp) && !ferror(fp)) {
|
||||||
|
if (fgets(buffer, LINE_MAX, fp) == NULL)
|
||||||
|
break;
|
||||||
|
linenumber++;
|
||||||
|
if (buffer[0] == '#' || strlen(buffer) < 1)
|
||||||
|
continue;
|
||||||
|
buffer[strlen(buffer)-1] = '\0';
|
||||||
|
am = auditfilter_module_parse(filename, linenumber, buffer);
|
||||||
|
if (am == NULL) {
|
||||||
|
syntaxerror = 1;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
TAILQ_INSERT_HEAD(list, am, am_list);
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* File I/O error.
|
||||||
|
*/
|
||||||
|
if (ferror(fp)) {
|
||||||
|
error = errno;
|
||||||
|
auditfilter_module_list_free(list);
|
||||||
|
errno = error;
|
||||||
|
return (-1);
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Syntax error.
|
||||||
|
*/
|
||||||
|
if (syntaxerror) {
|
||||||
|
auditfilter_module_list_free(list);
|
||||||
|
errno = EINVAL;
|
||||||
|
return (-1);
|
||||||
|
}
|
||||||
|
return (0);
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Apply changes necessary to bring a new configuration into force. The new
|
||||||
|
* configuration data is passed in, and the current configuration is updated
|
||||||
|
* to match it. The contents of 'list' are freed or otherwise disposed of
|
||||||
|
* before return.
|
||||||
|
*
|
||||||
|
* The algorithms here are not very efficient, but this is an infrequent
|
||||||
|
* operation on very short lists.
|
||||||
|
*/
|
||||||
|
static void
|
||||||
|
auditfilterd_conf_apply(struct auditfilter_module_list *list)
|
||||||
|
{
|
||||||
|
struct auditfilter_module *am1, *am2, *am_tmp;
|
||||||
|
int argc_tmp, found;
|
||||||
|
char **argv_tmp;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* First, remove remove and detach any entries that appear in the
|
||||||
|
* current configuration, but not the new configuration.
|
||||||
|
*/
|
||||||
|
TAILQ_FOREACH_SAFE(am1, &filter_list, am_list, am_tmp) {
|
||||||
|
found = 0;
|
||||||
|
TAILQ_FOREACH(am2, list, am_list) {
|
||||||
|
if (strcmp(am1->am_modulename, am2->am_modulename)
|
||||||
|
== 0) {
|
||||||
|
found = 1;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (found)
|
||||||
|
continue;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* am1 appears in filter_list, but not the new list, detach
|
||||||
|
* and free the module.
|
||||||
|
*/
|
||||||
|
warnx("detaching module %s", am1->am_modulename);
|
||||||
|
TAILQ_REMOVE(&filter_list, am1, am_list);
|
||||||
|
auditfilter_module_detach(am1);
|
||||||
|
auditfilter_module_free(am1);
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Next, update the configuration of any modules that appear in both
|
||||||
|
* lists. We do this by swapping the two argc and argv values and
|
||||||
|
* freeing the new one, rather than detaching the old one and
|
||||||
|
* attaching the new one. That way module state is preserved.
|
||||||
|
*/
|
||||||
|
TAILQ_FOREACH(am1, &filter_list, am_list) {
|
||||||
|
found = 0;
|
||||||
|
TAILQ_FOREACH(am2, list, am_list) {
|
||||||
|
if (strcmp(am1->am_modulename, am2->am_modulename)
|
||||||
|
== 0) {
|
||||||
|
found = 1;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (!found)
|
||||||
|
continue;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Swap the arguments.
|
||||||
|
*/
|
||||||
|
argc_tmp = am1->am_argc;
|
||||||
|
argv_tmp = am1->am_argv;
|
||||||
|
am1->am_argc = am2->am_argc;
|
||||||
|
am1->am_argv = am2->am_argv;
|
||||||
|
am2->am_argc = argc_tmp;
|
||||||
|
am2->am_argv = argv_tmp;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The reinit is a bit tricky: if reinit fails, we actually
|
||||||
|
* remove the old entry and detach that, as we don't allow
|
||||||
|
* running modules to be out of sync with the configuration
|
||||||
|
* file.
|
||||||
|
*/
|
||||||
|
warnx("reiniting module %s", am1->am_modulename);
|
||||||
|
if (auditfilter_module_reinit(am1) != 0) {
|
||||||
|
warnx("reinit failed for module %s, detaching",
|
||||||
|
am1->am_modulename);
|
||||||
|
TAILQ_REMOVE(&filter_list, am1, am_list);
|
||||||
|
auditfilter_module_detach(am1);
|
||||||
|
auditfilter_module_free(am1);
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Free the entry from the new list, which will discard the
|
||||||
|
* old arguments. No need to detach, as it was never
|
||||||
|
* attached in the first place.
|
||||||
|
*/
|
||||||
|
TAILQ_REMOVE(list, am2, am_list);
|
||||||
|
auditfilter_module_free(am2);
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Finally, attach any new entries that don't appear in the old
|
||||||
|
* configuration, and if they attach successfully, move them to the
|
||||||
|
* real configuration list.
|
||||||
|
*/
|
||||||
|
TAILQ_FOREACH(am1, list, am_list) {
|
||||||
|
found = 0;
|
||||||
|
TAILQ_FOREACH(am2, &filter_list, am_list) {
|
||||||
|
if (strcmp(am1->am_modulename, am2->am_modulename)
|
||||||
|
== 0) {
|
||||||
|
found = 1;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (found)
|
||||||
|
continue;
|
||||||
|
/*
|
||||||
|
* Attach the entry. If it succeeds, add to filter_list,
|
||||||
|
* otherwise, free. No need to detach if attach failed.
|
||||||
|
*/
|
||||||
|
warnx("attaching module %s", am1->am_modulename);
|
||||||
|
TAILQ_REMOVE(list, am1, am_list);
|
||||||
|
if (auditfilter_module_attach(am1) != 0) {
|
||||||
|
warnx("attaching module %s failed",
|
||||||
|
am1->am_modulename);
|
||||||
|
auditfilter_module_free(am1);
|
||||||
|
} else
|
||||||
|
TAILQ_INSERT_HEAD(&filter_list, am1, am_list);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (TAILQ_FIRST(list) != NULL)
|
||||||
|
warnx("auditfilterd_conf_apply: new list not empty\n");
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Read the new configuration file into a local list. If the configuration
|
||||||
|
* file is parsed OK, then apply the changes.
|
||||||
|
*/
|
||||||
|
int
|
||||||
|
auditfilterd_conf(const char *filename, FILE *fp)
|
||||||
|
{
|
||||||
|
struct auditfilter_module_list list;
|
||||||
|
|
||||||
|
TAILQ_INIT(&list);
|
||||||
|
if (auditfilterd_conf_read(filename, fp, &list) < 0)
|
||||||
|
return (-1);
|
||||||
|
|
||||||
|
auditfilterd_conf_apply(&list);
|
||||||
|
|
||||||
|
return (0);
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Detach and free all active filter modules for daemon shutdown.
|
||||||
|
*/
|
||||||
|
void
|
||||||
|
auditfilterd_conf_shutdown(void)
|
||||||
|
{
|
||||||
|
|
||||||
|
auditfilter_module_list_detach(&filter_list);
|
||||||
|
auditfilter_module_list_free(&filter_list);
|
||||||
|
}
|
@ -26,7 +26,7 @@
|
|||||||
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||||
* POSSIBILITY OF SUCH DAMAGE.
|
* POSSIBILITY OF SUCH DAMAGE.
|
||||||
*
|
*
|
||||||
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditreduce/auditreduce.c#13 $
|
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditreduce/auditreduce.c#14 $
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -42,11 +42,12 @@
|
|||||||
|
|
||||||
#include <bsm/libbsm.h>
|
#include <bsm/libbsm.h>
|
||||||
|
|
||||||
|
#include <err.h>
|
||||||
|
#include <grp.h>
|
||||||
|
#include <pwd.h>
|
||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
#include <stdlib.h>
|
#include <stdlib.h>
|
||||||
#include <sysexits.h>
|
#include <sysexits.h>
|
||||||
#include <grp.h>
|
|
||||||
#include <pwd.h>
|
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include <time.h>
|
#include <time.h>
|
||||||
#include <unistd.h>
|
#include <unistd.h>
|
||||||
|
@ -1,11 +1,12 @@
|
|||||||
#
|
#
|
||||||
# $P4: //depot/projects/trustedbsd/openbsm/bsm/Makefile.am#1 $
|
# $P4: //depot/projects/trustedbsd/openbsm/bsm/Makefile.am#2 $
|
||||||
#
|
#
|
||||||
|
|
||||||
openbsmdir = $(includedir)/bsm
|
openbsmdir = $(includedir)/bsm
|
||||||
|
|
||||||
openbsm_HEADERS = \
|
openbsm_HEADERS = \
|
||||||
audit.h \
|
audit.h \
|
||||||
|
audit_filter.h \
|
||||||
audit_internal.h \
|
audit_internal.h \
|
||||||
audit_kevents.h \
|
audit_kevents.h \
|
||||||
audit_record.h \
|
audit_record.h \
|
||||||
|
@ -15,7 +15,7 @@
|
|||||||
@SET_MAKE@
|
@SET_MAKE@
|
||||||
|
|
||||||
#
|
#
|
||||||
# $P4: //depot/projects/trustedbsd/openbsm/bsm/Makefile.in#3 $
|
# $P4: //depot/projects/trustedbsd/openbsm/bsm/Makefile.in#4 $
|
||||||
#
|
#
|
||||||
|
|
||||||
srcdir = @srcdir@
|
srcdir = @srcdir@
|
||||||
@ -168,6 +168,7 @@ target_alias = @target_alias@
|
|||||||
openbsmdir = $(includedir)/bsm
|
openbsmdir = $(includedir)/bsm
|
||||||
openbsm_HEADERS = \
|
openbsm_HEADERS = \
|
||||||
audit.h \
|
audit.h \
|
||||||
|
audit_filter.h \
|
||||||
audit_internal.h \
|
audit_internal.h \
|
||||||
audit_kevents.h \
|
audit_kevents.h \
|
||||||
audit_record.h \
|
audit_record.h \
|
||||||
|
@ -30,7 +30,7 @@
|
|||||||
*
|
*
|
||||||
* @APPLE_BSD_LICENSE_HEADER_END@
|
* @APPLE_BSD_LICENSE_HEADER_END@
|
||||||
*
|
*
|
||||||
* $P4: //depot/projects/trustedbsd/openbsm/bsm/audit.h#15 $
|
* $P4: //depot/projects/trustedbsd/openbsm/bsm/audit.h#16 $
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#ifndef _BSM_AUDIT_H
|
#ifndef _BSM_AUDIT_H
|
||||||
@ -264,11 +264,11 @@ struct audit_stat {
|
|||||||
unsigned int as_version;
|
unsigned int as_version;
|
||||||
unsigned int as_numevent;
|
unsigned int as_numevent;
|
||||||
int as_generated;
|
int as_generated;
|
||||||
int as_nonattring;
|
int as_nonattrib;
|
||||||
int as_kernel;
|
int as_kernel;
|
||||||
int as_audit;
|
int as_audit;
|
||||||
int as_auditctl;
|
int as_auditctl;
|
||||||
int as_enqueu;
|
int as_enqueue;
|
||||||
int as_written;
|
int as_written;
|
||||||
int as_wblocked;
|
int as_wblocked;
|
||||||
int as_rblocked;
|
int as_rblocked;
|
||||||
|
77
contrib/openbsm/bsm/audit_filter.h
Normal file
77
contrib/openbsm/bsm/audit_filter.h
Normal file
@ -0,0 +1,77 @@
|
|||||||
|
/*-
|
||||||
|
* Copyright (c) 2006 Robert N. M. Watson
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This software was developed by Robert Watson for the TrustedBSD Project.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* $P4: //depot/projects/trustedbsd/openbsm/bsm/audit_filter.h#2 $
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef _BSM_AUDIT_FILTER_H_
|
||||||
|
#define _BSM_AUDIT_FILTER_H_
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Module interface for audit filter modules.
|
||||||
|
*
|
||||||
|
* audit_filter_attach_t - filter module is being attached with arguments
|
||||||
|
* audit_filter_reinit_t - arguments to module have changed
|
||||||
|
* audit_filter_record_t - present parsed record to filter module, with
|
||||||
|
* receipt time
|
||||||
|
* audit_filter_bsmrecord_t - present bsm format record to filter module,
|
||||||
|
* with receipt time
|
||||||
|
* audit_filter_destach_t - filter module is being detached
|
||||||
|
*
|
||||||
|
* There may be many instances of the same filter, identified by the instance
|
||||||
|
* void pointer maintained by the filter instance.
|
||||||
|
*/
|
||||||
|
typedef int (*audit_filter_attach_t)(void **instance, int argc, char *argv[]);
|
||||||
|
typedef int (*audit_filter_reinit_t)(void *instance, int argc, char *argv[]);
|
||||||
|
typedef void (*audit_filter_record_t)(void *instance, struct timespec *ts,
|
||||||
|
int token_count, const tokenstr_t tok[]);
|
||||||
|
typedef void (*audit_filter_bsmrecord_t)(void *instance, struct timespec *ts,
|
||||||
|
void *data, u_int len);
|
||||||
|
typedef void (*audit_filter_detach_t)(void *instance);
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Values to be returned by audit_filter_init_t.
|
||||||
|
*/
|
||||||
|
#define AUDIT_FILTER_SUCCESS (0)
|
||||||
|
#define AUDIT_FILTER_FAILURE (-1)
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Standard name for filter module initialization functions, which will be
|
||||||
|
* found using dlsym().
|
||||||
|
*/
|
||||||
|
#define AUDIT_FILTER_ATTACH audit_filter_attach
|
||||||
|
#define AUDIT_FILTER_REINIT audit_filter_reinit
|
||||||
|
#define AUDIT_FILTER_RECORD audit_filter_record
|
||||||
|
#define AUDIT_FILTER_BSMRECORD audit_filter_bsmrecord
|
||||||
|
#define AUDIT_FILTER_DETACH audit_filter_detach
|
||||||
|
#define AUDIT_FILTER_ATTACH_STRING "audit_filter_attach"
|
||||||
|
#define AUDIT_FILTER_REINIT_STRING "audit_filter_reinit"
|
||||||
|
#define AUDIT_FILTER_RECORD_STRING "audit_filter_record"
|
||||||
|
#define AUDIT_FILTER_BSMRECORD_STRING "audit_filter_bsmrecord"
|
||||||
|
#define AUDIT_FILTER_DETACH_STRING "audit_filter_detach"
|
||||||
|
|
||||||
|
#endif /* !_BSM_AUDIT_FILTER_H_ */
|
@ -30,23 +30,15 @@
|
|||||||
*
|
*
|
||||||
* @APPLE_BSD_LICENSE_HEADER_END@
|
* @APPLE_BSD_LICENSE_HEADER_END@
|
||||||
*
|
*
|
||||||
* $P4: //depot/projects/trustedbsd/openbsm/bsm/audit_record.h#14 $
|
* $P4: //depot/projects/trustedbsd/openbsm/bsm/audit_record.h#17 $
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#ifndef _BSM_AUDIT_RECORD_H_
|
#ifndef _BSM_AUDIT_RECORD_H_
|
||||||
#define _BSM_AUDIT_RECORD_H_
|
#define _BSM_AUDIT_RECORD_H_
|
||||||
|
|
||||||
/* Various token id types */
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Values inside the comments are not documented in the BSM pages and
|
* Token type identifiers.
|
||||||
* have been picked up from the header files
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/*
|
|
||||||
* Values marked as XXX do not have a value defined in the BSM header files
|
|
||||||
*/
|
|
||||||
|
|
||||||
#define AUT_INVALID 0x00
|
#define AUT_INVALID 0x00
|
||||||
#define AUT_OTHER_FILE32 0x11
|
#define AUT_OTHER_FILE32 0x11
|
||||||
#define AUT_OHEADER 0x12
|
#define AUT_OHEADER 0x12
|
||||||
@ -187,13 +179,19 @@
|
|||||||
|
|
||||||
/* data-types for the arbitrary token */
|
/* data-types for the arbitrary token */
|
||||||
#define AUR_BYTE 0
|
#define AUR_BYTE 0
|
||||||
|
#define AUR_CHAR AUR_BYTE
|
||||||
#define AUR_SHORT 1
|
#define AUR_SHORT 1
|
||||||
#define AUR_LONG 2
|
#define AUR_INT32 2
|
||||||
|
#define AUR_INT AUR_INT
|
||||||
|
#define AUR_INT64 3
|
||||||
|
|
||||||
/* ... and their sizes */
|
/* ... and their sizes */
|
||||||
#define AUR_BYTE_SIZE sizeof(u_char)
|
#define AUR_BYTE_SIZE sizeof(u_char)
|
||||||
|
#define AUR_CHAR_SIZE AUR_BYTE_SIZE
|
||||||
#define AUR_SHORT_SIZE sizeof(uint16_t)
|
#define AUR_SHORT_SIZE sizeof(uint16_t)
|
||||||
#define AUR_LONG_SIZE sizeof(uint32_t)
|
#define AUR_INT32_SIZE sizeof(uint32_t)
|
||||||
|
#define AUR_INT_SIZE AUR_INT32_SIZE
|
||||||
|
#define AUR_INT64_SIZE sizeof(uint64_t)
|
||||||
|
|
||||||
/* Modifiers for the header token */
|
/* Modifiers for the header token */
|
||||||
#define PAD_NOTATTR 0x4000 /* nonattributable event */
|
#define PAD_NOTATTR 0x4000 /* nonattributable event */
|
||||||
@ -230,24 +228,18 @@ int au_open(void);
|
|||||||
int au_write(int d, token_t *m);
|
int au_write(int d, token_t *m);
|
||||||
int au_close(int d, int keep, short event);
|
int au_close(int d, int keep, short event);
|
||||||
int au_close_buffer(int d, short event, u_char *buffer, size_t *buflen);
|
int au_close_buffer(int d, short event, u_char *buffer, size_t *buflen);
|
||||||
|
int au_close_token(token_t *tok, u_char *buffer, size_t *buflen);
|
||||||
|
|
||||||
#if defined(KERNEL) || defined(_KERNEL)
|
|
||||||
token_t *au_to_file(char *file, struct timeval tm);
|
token_t *au_to_file(char *file, struct timeval tm);
|
||||||
#else
|
|
||||||
token_t *au_to_file(char *file);
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#if defined(KERNEL) || defined(_KERNEL)
|
token_t *au_to_header32_tm(int rec_size, au_event_t e_type, au_emod_t e_mod,
|
||||||
token_t *au_to_header(int rec_size, au_event_t e_type, au_emod_t e_mod,
|
|
||||||
struct timeval tm);
|
struct timeval tm);
|
||||||
token_t *au_to_header32(int rec_size, au_event_t e_type, au_emod_t e_mod,
|
#if !defined(KERNEL) && !defined(_KERNEL)
|
||||||
struct timeval tm);
|
|
||||||
#else
|
|
||||||
token_t *au_to_header(int rec_size, au_event_t e_type, au_emod_t e_mod);
|
token_t *au_to_header(int rec_size, au_event_t e_type, au_emod_t e_mod);
|
||||||
token_t *au_to_header32(int rec_size, au_event_t e_type, au_emod_t e_mod);
|
token_t *au_to_header32(int rec_size, au_event_t e_type, au_emod_t e_mod);
|
||||||
|
token_t *au_to_header64(int rec_size, au_event_t e_type, au_emod_t e_mod);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
token_t *au_to_header64(int rec_size, au_event_t e_type, au_emod_t e_mod);
|
|
||||||
token_t *au_to_me(void);
|
token_t *au_to_me(void);
|
||||||
token_t *au_to_arg(char n, char *text, uint32_t v);
|
token_t *au_to_arg(char n, char *text, uint32_t v);
|
||||||
token_t *au_to_arg32(char n, char *text, uint32_t v);
|
token_t *au_to_arg32(char n, char *text, uint32_t v);
|
||||||
|
@ -26,7 +26,7 @@
|
|||||||
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||||
* POSSIBILITY OF SUCH DAMAGE.
|
* POSSIBILITY OF SUCH DAMAGE.
|
||||||
*
|
*
|
||||||
* $P4: //depot/projects/trustedbsd/openbsm/bsm/libbsm.h#18 $
|
* $P4: //depot/projects/trustedbsd/openbsm/bsm/libbsm.h#20 $
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#ifndef _LIBBSM_H_
|
#ifndef _LIBBSM_H_
|
||||||
@ -695,6 +695,9 @@ struct tokenstr {
|
|||||||
|
|
||||||
typedef struct tokenstr tokenstr_t;
|
typedef struct tokenstr tokenstr_t;
|
||||||
|
|
||||||
|
int audit_submit(short au_event, au_id_t auid,
|
||||||
|
char status, int reterr, const char *fmt, ...);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Functions relating to querying audit class information.
|
* Functions relating to querying audit class information.
|
||||||
*/
|
*/
|
||||||
|
@ -42,9 +42,6 @@
|
|||||||
/* Define if ipc_perm.__seq instead of seq */
|
/* Define if ipc_perm.__seq instead of seq */
|
||||||
#undef HAVE_IPC_PERM___SEQ
|
#undef HAVE_IPC_PERM___SEQ
|
||||||
|
|
||||||
/* Define to 1 if you have the `bsm' library (-lbsm). */
|
|
||||||
#undef HAVE_LIBBSM
|
|
||||||
|
|
||||||
/* Define to 1 if you have the <machine/endian.h> header file. */
|
/* Define to 1 if you have the <machine/endian.h> header file. */
|
||||||
#undef HAVE_MACHINE_ENDIAN_H
|
#undef HAVE_MACHINE_ENDIAN_H
|
||||||
|
|
||||||
|
251
contrib/openbsm/configure
vendored
251
contrib/openbsm/configure
vendored
@ -1,7 +1,7 @@
|
|||||||
#! /bin/sh
|
#! /bin/sh
|
||||||
# From configure.ac P4: //depot/projects/trustedbsd/openbsm/configure.ac#15 .
|
# From configure.ac P4: //depot/projects/trustedbsd/openbsm/configure.ac#22 .
|
||||||
# Guess values for system-dependent variables and create Makefiles.
|
# Guess values for system-dependent variables and create Makefiles.
|
||||||
# Generated by GNU Autoconf 2.59 for OpenBSM 1.0a5.
|
# Generated by GNU Autoconf 2.59 for OpenBSM 1.0a6.
|
||||||
#
|
#
|
||||||
# Report bugs to <trustedbsd-audit@TrustesdBSD.org>.
|
# Report bugs to <trustedbsd-audit@TrustesdBSD.org>.
|
||||||
#
|
#
|
||||||
@ -424,8 +424,8 @@ SHELL=${CONFIG_SHELL-/bin/sh}
|
|||||||
# Identity of this package.
|
# Identity of this package.
|
||||||
PACKAGE_NAME='OpenBSM'
|
PACKAGE_NAME='OpenBSM'
|
||||||
PACKAGE_TARNAME='openbsm'
|
PACKAGE_TARNAME='openbsm'
|
||||||
PACKAGE_VERSION='1.0a5'
|
PACKAGE_VERSION='1.0a6'
|
||||||
PACKAGE_STRING='OpenBSM 1.0a5'
|
PACKAGE_STRING='OpenBSM 1.0a6'
|
||||||
PACKAGE_BUGREPORT='trustedbsd-audit@TrustesdBSD.org'
|
PACKAGE_BUGREPORT='trustedbsd-audit@TrustesdBSD.org'
|
||||||
|
|
||||||
ac_unique_file="bin/auditreduce/auditreduce.c"
|
ac_unique_file="bin/auditreduce/auditreduce.c"
|
||||||
@ -955,7 +955,7 @@ if test "$ac_init_help" = "long"; then
|
|||||||
# Omit some internal or obsolete options to make the list less imposing.
|
# Omit some internal or obsolete options to make the list less imposing.
|
||||||
# This message is too long to be a string in the A/UX 3.1 sh.
|
# This message is too long to be a string in the A/UX 3.1 sh.
|
||||||
cat <<_ACEOF
|
cat <<_ACEOF
|
||||||
\`configure' configures OpenBSM 1.0a5 to adapt to many kinds of systems.
|
\`configure' configures OpenBSM 1.0a6 to adapt to many kinds of systems.
|
||||||
|
|
||||||
Usage: $0 [OPTION]... [VAR=VALUE]...
|
Usage: $0 [OPTION]... [VAR=VALUE]...
|
||||||
|
|
||||||
@ -1021,7 +1021,7 @@ fi
|
|||||||
|
|
||||||
if test -n "$ac_init_help"; then
|
if test -n "$ac_init_help"; then
|
||||||
case $ac_init_help in
|
case $ac_init_help in
|
||||||
short | recursive ) echo "Configuration of OpenBSM 1.0a5:";;
|
short | recursive ) echo "Configuration of OpenBSM 1.0a6:";;
|
||||||
esac
|
esac
|
||||||
cat <<\_ACEOF
|
cat <<\_ACEOF
|
||||||
|
|
||||||
@ -1162,7 +1162,7 @@ fi
|
|||||||
test -n "$ac_init_help" && exit 0
|
test -n "$ac_init_help" && exit 0
|
||||||
if $ac_init_version; then
|
if $ac_init_version; then
|
||||||
cat <<\_ACEOF
|
cat <<\_ACEOF
|
||||||
OpenBSM configure 1.0a5
|
OpenBSM configure 1.0a6
|
||||||
generated by GNU Autoconf 2.59
|
generated by GNU Autoconf 2.59
|
||||||
|
|
||||||
Copyright (C) 2003 Free Software Foundation, Inc.
|
Copyright (C) 2003 Free Software Foundation, Inc.
|
||||||
@ -1176,7 +1176,7 @@ cat >&5 <<_ACEOF
|
|||||||
This file contains any messages produced by compilers while
|
This file contains any messages produced by compilers while
|
||||||
running configure, to aid debugging if configure makes a mistake.
|
running configure, to aid debugging if configure makes a mistake.
|
||||||
|
|
||||||
It was created by OpenBSM $as_me 1.0a5, which was
|
It was created by OpenBSM $as_me 1.0a6, which was
|
||||||
generated by GNU Autoconf 2.59. Invocation command line was
|
generated by GNU Autoconf 2.59. Invocation command line was
|
||||||
|
|
||||||
$ $0 $@
|
$ $0 $@
|
||||||
@ -19278,7 +19278,7 @@ fi
|
|||||||
|
|
||||||
# Define the identity of the package.
|
# Define the identity of the package.
|
||||||
PACKAGE=OpenBSM
|
PACKAGE=OpenBSM
|
||||||
VERSION=1.0a5
|
VERSION=1.0a6
|
||||||
|
|
||||||
|
|
||||||
cat >>confdefs.h <<_ACEOF
|
cat >>confdefs.h <<_ACEOF
|
||||||
@ -19627,16 +19627,13 @@ fi
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
# Checks for libraries.
|
echo "$as_me:$LINENO: checking for library containing dlsym" >&5
|
||||||
# FIXME: Replace `main' with a function in `-lbsm':
|
echo $ECHO_N "checking for library containing dlsym... $ECHO_C" >&6
|
||||||
|
if test "${ac_cv_search_dlsym+set}" = set; then
|
||||||
echo "$as_me:$LINENO: checking for main in -lbsm" >&5
|
|
||||||
echo $ECHO_N "checking for main in -lbsm... $ECHO_C" >&6
|
|
||||||
if test "${ac_cv_lib_bsm_main+set}" = set; then
|
|
||||||
echo $ECHO_N "(cached) $ECHO_C" >&6
|
echo $ECHO_N "(cached) $ECHO_C" >&6
|
||||||
else
|
else
|
||||||
ac_check_lib_save_LIBS=$LIBS
|
ac_func_search_save_LIBS=$LIBS
|
||||||
LIBS="-lbsm $LIBS"
|
ac_cv_search_dlsym=no
|
||||||
cat >conftest.$ac_ext <<_ACEOF
|
cat >conftest.$ac_ext <<_ACEOF
|
||||||
/* confdefs.h. */
|
/* confdefs.h. */
|
||||||
_ACEOF
|
_ACEOF
|
||||||
@ -19644,11 +19641,17 @@ cat confdefs.h >>conftest.$ac_ext
|
|||||||
cat >>conftest.$ac_ext <<_ACEOF
|
cat >>conftest.$ac_ext <<_ACEOF
|
||||||
/* end confdefs.h. */
|
/* end confdefs.h. */
|
||||||
|
|
||||||
|
/* Override any gcc2 internal prototype to avoid an error. */
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C"
|
||||||
|
#endif
|
||||||
|
/* We use char because int might match the return type of a gcc2
|
||||||
|
builtin and then its argument prototype would still apply. */
|
||||||
|
char dlsym ();
|
||||||
int
|
int
|
||||||
main ()
|
main ()
|
||||||
{
|
{
|
||||||
main ();
|
dlsym ();
|
||||||
;
|
;
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -19675,25 +19678,204 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
|
|||||||
ac_status=$?
|
ac_status=$?
|
||||||
echo "$as_me:$LINENO: \$? = $ac_status" >&5
|
echo "$as_me:$LINENO: \$? = $ac_status" >&5
|
||||||
(exit $ac_status); }; }; then
|
(exit $ac_status); }; }; then
|
||||||
ac_cv_lib_bsm_main=yes
|
ac_cv_search_dlsym="none required"
|
||||||
else
|
else
|
||||||
echo "$as_me: failed program was:" >&5
|
echo "$as_me: failed program was:" >&5
|
||||||
sed 's/^/| /' conftest.$ac_ext >&5
|
sed 's/^/| /' conftest.$ac_ext >&5
|
||||||
|
|
||||||
ac_cv_lib_bsm_main=no
|
|
||||||
fi
|
fi
|
||||||
rm -f conftest.err conftest.$ac_objext \
|
rm -f conftest.err conftest.$ac_objext \
|
||||||
conftest$ac_exeext conftest.$ac_ext
|
conftest$ac_exeext conftest.$ac_ext
|
||||||
LIBS=$ac_check_lib_save_LIBS
|
if test "$ac_cv_search_dlsym" = no; then
|
||||||
fi
|
for ac_lib in dl; do
|
||||||
echo "$as_me:$LINENO: result: $ac_cv_lib_bsm_main" >&5
|
LIBS="-l$ac_lib $ac_func_search_save_LIBS"
|
||||||
echo "${ECHO_T}$ac_cv_lib_bsm_main" >&6
|
cat >conftest.$ac_ext <<_ACEOF
|
||||||
if test $ac_cv_lib_bsm_main = yes; then
|
/* confdefs.h. */
|
||||||
cat >>confdefs.h <<_ACEOF
|
|
||||||
#define HAVE_LIBBSM 1
|
|
||||||
_ACEOF
|
_ACEOF
|
||||||
|
cat confdefs.h >>conftest.$ac_ext
|
||||||
|
cat >>conftest.$ac_ext <<_ACEOF
|
||||||
|
/* end confdefs.h. */
|
||||||
|
|
||||||
LIBS="-lbsm $LIBS"
|
/* Override any gcc2 internal prototype to avoid an error. */
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C"
|
||||||
|
#endif
|
||||||
|
/* We use char because int might match the return type of a gcc2
|
||||||
|
builtin and then its argument prototype would still apply. */
|
||||||
|
char dlsym ();
|
||||||
|
int
|
||||||
|
main ()
|
||||||
|
{
|
||||||
|
dlsym ();
|
||||||
|
;
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
_ACEOF
|
||||||
|
rm -f conftest.$ac_objext conftest$ac_exeext
|
||||||
|
if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
|
||||||
|
(eval $ac_link) 2>conftest.er1
|
||||||
|
ac_status=$?
|
||||||
|
grep -v '^ *+' conftest.er1 >conftest.err
|
||||||
|
rm -f conftest.er1
|
||||||
|
cat conftest.err >&5
|
||||||
|
echo "$as_me:$LINENO: \$? = $ac_status" >&5
|
||||||
|
(exit $ac_status); } &&
|
||||||
|
{ ac_try='test -z "$ac_c_werror_flag"
|
||||||
|
|| test ! -s conftest.err'
|
||||||
|
{ (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
|
||||||
|
(eval $ac_try) 2>&5
|
||||||
|
ac_status=$?
|
||||||
|
echo "$as_me:$LINENO: \$? = $ac_status" >&5
|
||||||
|
(exit $ac_status); }; } &&
|
||||||
|
{ ac_try='test -s conftest$ac_exeext'
|
||||||
|
{ (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
|
||||||
|
(eval $ac_try) 2>&5
|
||||||
|
ac_status=$?
|
||||||
|
echo "$as_me:$LINENO: \$? = $ac_status" >&5
|
||||||
|
(exit $ac_status); }; }; then
|
||||||
|
ac_cv_search_dlsym="-l$ac_lib"
|
||||||
|
break
|
||||||
|
else
|
||||||
|
echo "$as_me: failed program was:" >&5
|
||||||
|
sed 's/^/| /' conftest.$ac_ext >&5
|
||||||
|
|
||||||
|
fi
|
||||||
|
rm -f conftest.err conftest.$ac_objext \
|
||||||
|
conftest$ac_exeext conftest.$ac_ext
|
||||||
|
done
|
||||||
|
fi
|
||||||
|
LIBS=$ac_func_search_save_LIBS
|
||||||
|
fi
|
||||||
|
echo "$as_me:$LINENO: result: $ac_cv_search_dlsym" >&5
|
||||||
|
echo "${ECHO_T}$ac_cv_search_dlsym" >&6
|
||||||
|
if test "$ac_cv_search_dlsym" != no; then
|
||||||
|
test "$ac_cv_search_dlsym" = "none required" || LIBS="$ac_cv_search_dlsym $LIBS"
|
||||||
|
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "$as_me:$LINENO: checking for library containing clock_gettime" >&5
|
||||||
|
echo $ECHO_N "checking for library containing clock_gettime... $ECHO_C" >&6
|
||||||
|
if test "${ac_cv_search_clock_gettime+set}" = set; then
|
||||||
|
echo $ECHO_N "(cached) $ECHO_C" >&6
|
||||||
|
else
|
||||||
|
ac_func_search_save_LIBS=$LIBS
|
||||||
|
ac_cv_search_clock_gettime=no
|
||||||
|
cat >conftest.$ac_ext <<_ACEOF
|
||||||
|
/* confdefs.h. */
|
||||||
|
_ACEOF
|
||||||
|
cat confdefs.h >>conftest.$ac_ext
|
||||||
|
cat >>conftest.$ac_ext <<_ACEOF
|
||||||
|
/* end confdefs.h. */
|
||||||
|
|
||||||
|
/* Override any gcc2 internal prototype to avoid an error. */
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C"
|
||||||
|
#endif
|
||||||
|
/* We use char because int might match the return type of a gcc2
|
||||||
|
builtin and then its argument prototype would still apply. */
|
||||||
|
char clock_gettime ();
|
||||||
|
int
|
||||||
|
main ()
|
||||||
|
{
|
||||||
|
clock_gettime ();
|
||||||
|
;
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
_ACEOF
|
||||||
|
rm -f conftest.$ac_objext conftest$ac_exeext
|
||||||
|
if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
|
||||||
|
(eval $ac_link) 2>conftest.er1
|
||||||
|
ac_status=$?
|
||||||
|
grep -v '^ *+' conftest.er1 >conftest.err
|
||||||
|
rm -f conftest.er1
|
||||||
|
cat conftest.err >&5
|
||||||
|
echo "$as_me:$LINENO: \$? = $ac_status" >&5
|
||||||
|
(exit $ac_status); } &&
|
||||||
|
{ ac_try='test -z "$ac_c_werror_flag"
|
||||||
|
|| test ! -s conftest.err'
|
||||||
|
{ (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
|
||||||
|
(eval $ac_try) 2>&5
|
||||||
|
ac_status=$?
|
||||||
|
echo "$as_me:$LINENO: \$? = $ac_status" >&5
|
||||||
|
(exit $ac_status); }; } &&
|
||||||
|
{ ac_try='test -s conftest$ac_exeext'
|
||||||
|
{ (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
|
||||||
|
(eval $ac_try) 2>&5
|
||||||
|
ac_status=$?
|
||||||
|
echo "$as_me:$LINENO: \$? = $ac_status" >&5
|
||||||
|
(exit $ac_status); }; }; then
|
||||||
|
ac_cv_search_clock_gettime="none required"
|
||||||
|
else
|
||||||
|
echo "$as_me: failed program was:" >&5
|
||||||
|
sed 's/^/| /' conftest.$ac_ext >&5
|
||||||
|
|
||||||
|
fi
|
||||||
|
rm -f conftest.err conftest.$ac_objext \
|
||||||
|
conftest$ac_exeext conftest.$ac_ext
|
||||||
|
if test "$ac_cv_search_clock_gettime" = no; then
|
||||||
|
for ac_lib in rt; do
|
||||||
|
LIBS="-l$ac_lib $ac_func_search_save_LIBS"
|
||||||
|
cat >conftest.$ac_ext <<_ACEOF
|
||||||
|
/* confdefs.h. */
|
||||||
|
_ACEOF
|
||||||
|
cat confdefs.h >>conftest.$ac_ext
|
||||||
|
cat >>conftest.$ac_ext <<_ACEOF
|
||||||
|
/* end confdefs.h. */
|
||||||
|
|
||||||
|
/* Override any gcc2 internal prototype to avoid an error. */
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C"
|
||||||
|
#endif
|
||||||
|
/* We use char because int might match the return type of a gcc2
|
||||||
|
builtin and then its argument prototype would still apply. */
|
||||||
|
char clock_gettime ();
|
||||||
|
int
|
||||||
|
main ()
|
||||||
|
{
|
||||||
|
clock_gettime ();
|
||||||
|
;
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
_ACEOF
|
||||||
|
rm -f conftest.$ac_objext conftest$ac_exeext
|
||||||
|
if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
|
||||||
|
(eval $ac_link) 2>conftest.er1
|
||||||
|
ac_status=$?
|
||||||
|
grep -v '^ *+' conftest.er1 >conftest.err
|
||||||
|
rm -f conftest.er1
|
||||||
|
cat conftest.err >&5
|
||||||
|
echo "$as_me:$LINENO: \$? = $ac_status" >&5
|
||||||
|
(exit $ac_status); } &&
|
||||||
|
{ ac_try='test -z "$ac_c_werror_flag"
|
||||||
|
|| test ! -s conftest.err'
|
||||||
|
{ (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
|
||||||
|
(eval $ac_try) 2>&5
|
||||||
|
ac_status=$?
|
||||||
|
echo "$as_me:$LINENO: \$? = $ac_status" >&5
|
||||||
|
(exit $ac_status); }; } &&
|
||||||
|
{ ac_try='test -s conftest$ac_exeext'
|
||||||
|
{ (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
|
||||||
|
(eval $ac_try) 2>&5
|
||||||
|
ac_status=$?
|
||||||
|
echo "$as_me:$LINENO: \$? = $ac_status" >&5
|
||||||
|
(exit $ac_status); }; }; then
|
||||||
|
ac_cv_search_clock_gettime="-l$ac_lib"
|
||||||
|
break
|
||||||
|
else
|
||||||
|
echo "$as_me: failed program was:" >&5
|
||||||
|
sed 's/^/| /' conftest.$ac_ext >&5
|
||||||
|
|
||||||
|
fi
|
||||||
|
rm -f conftest.err conftest.$ac_objext \
|
||||||
|
conftest$ac_exeext conftest.$ac_ext
|
||||||
|
done
|
||||||
|
fi
|
||||||
|
LIBS=$ac_func_search_save_LIBS
|
||||||
|
fi
|
||||||
|
echo "$as_me:$LINENO: result: $ac_cv_search_clock_gettime" >&5
|
||||||
|
echo "${ECHO_T}$ac_cv_search_clock_gettime" >&6
|
||||||
|
if test "$ac_cv_search_clock_gettime" != no; then
|
||||||
|
test "$ac_cv_search_clock_gettime" = "none required" || LIBS="$ac_cv_search_clock_gettime $LIBS"
|
||||||
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
@ -22895,7 +23077,7 @@ else
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
|
|
||||||
ac_config_files="$ac_config_files Makefile bin/Makefile bin/audit/Makefile bin/auditd/Makefile bin/auditreduce/Makefile bin/praudit/Makefile bsm/Makefile libbsm/Makefile man/Makefile tools/Makefile"
|
ac_config_files="$ac_config_files Makefile bin/Makefile bin/audit/Makefile bin/auditd/Makefile bin/auditfilterd/Makefile bin/auditreduce/Makefile bin/praudit/Makefile bsm/Makefile libbsm/Makefile modules/Makefile modules/auditfilter_noop/Makefile man/Makefile test/Makefile test/bsm/Makefile tools/Makefile"
|
||||||
|
|
||||||
|
|
||||||
cat >confcache <<\_ACEOF
|
cat >confcache <<\_ACEOF
|
||||||
@ -23295,7 +23477,7 @@ _ASBOX
|
|||||||
} >&5
|
} >&5
|
||||||
cat >&5 <<_CSEOF
|
cat >&5 <<_CSEOF
|
||||||
|
|
||||||
This file was extended by OpenBSM $as_me 1.0a5, which was
|
This file was extended by OpenBSM $as_me 1.0a6, which was
|
||||||
generated by GNU Autoconf 2.59. Invocation command line was
|
generated by GNU Autoconf 2.59. Invocation command line was
|
||||||
|
|
||||||
CONFIG_FILES = $CONFIG_FILES
|
CONFIG_FILES = $CONFIG_FILES
|
||||||
@ -23358,7 +23540,7 @@ _ACEOF
|
|||||||
|
|
||||||
cat >>$CONFIG_STATUS <<_ACEOF
|
cat >>$CONFIG_STATUS <<_ACEOF
|
||||||
ac_cs_version="\\
|
ac_cs_version="\\
|
||||||
OpenBSM config.status 1.0a5
|
OpenBSM config.status 1.0a6
|
||||||
configured by $0, generated by GNU Autoconf 2.59,
|
configured by $0, generated by GNU Autoconf 2.59,
|
||||||
with options \\"`echo "$ac_configure_args" | sed 's/[\\""\`\$]/\\\\&/g'`\\"
|
with options \\"`echo "$ac_configure_args" | sed 's/[\\""\`\$]/\\\\&/g'`\\"
|
||||||
|
|
||||||
@ -23472,11 +23654,16 @@ do
|
|||||||
"bin/Makefile" ) CONFIG_FILES="$CONFIG_FILES bin/Makefile" ;;
|
"bin/Makefile" ) CONFIG_FILES="$CONFIG_FILES bin/Makefile" ;;
|
||||||
"bin/audit/Makefile" ) CONFIG_FILES="$CONFIG_FILES bin/audit/Makefile" ;;
|
"bin/audit/Makefile" ) CONFIG_FILES="$CONFIG_FILES bin/audit/Makefile" ;;
|
||||||
"bin/auditd/Makefile" ) CONFIG_FILES="$CONFIG_FILES bin/auditd/Makefile" ;;
|
"bin/auditd/Makefile" ) CONFIG_FILES="$CONFIG_FILES bin/auditd/Makefile" ;;
|
||||||
|
"bin/auditfilterd/Makefile" ) CONFIG_FILES="$CONFIG_FILES bin/auditfilterd/Makefile" ;;
|
||||||
"bin/auditreduce/Makefile" ) CONFIG_FILES="$CONFIG_FILES bin/auditreduce/Makefile" ;;
|
"bin/auditreduce/Makefile" ) CONFIG_FILES="$CONFIG_FILES bin/auditreduce/Makefile" ;;
|
||||||
"bin/praudit/Makefile" ) CONFIG_FILES="$CONFIG_FILES bin/praudit/Makefile" ;;
|
"bin/praudit/Makefile" ) CONFIG_FILES="$CONFIG_FILES bin/praudit/Makefile" ;;
|
||||||
"bsm/Makefile" ) CONFIG_FILES="$CONFIG_FILES bsm/Makefile" ;;
|
"bsm/Makefile" ) CONFIG_FILES="$CONFIG_FILES bsm/Makefile" ;;
|
||||||
"libbsm/Makefile" ) CONFIG_FILES="$CONFIG_FILES libbsm/Makefile" ;;
|
"libbsm/Makefile" ) CONFIG_FILES="$CONFIG_FILES libbsm/Makefile" ;;
|
||||||
|
"modules/Makefile" ) CONFIG_FILES="$CONFIG_FILES modules/Makefile" ;;
|
||||||
|
"modules/auditfilter_noop/Makefile" ) CONFIG_FILES="$CONFIG_FILES modules/auditfilter_noop/Makefile" ;;
|
||||||
"man/Makefile" ) CONFIG_FILES="$CONFIG_FILES man/Makefile" ;;
|
"man/Makefile" ) CONFIG_FILES="$CONFIG_FILES man/Makefile" ;;
|
||||||
|
"test/Makefile" ) CONFIG_FILES="$CONFIG_FILES test/Makefile" ;;
|
||||||
|
"test/bsm/Makefile" ) CONFIG_FILES="$CONFIG_FILES test/bsm/Makefile" ;;
|
||||||
"tools/Makefile" ) CONFIG_FILES="$CONFIG_FILES tools/Makefile" ;;
|
"tools/Makefile" ) CONFIG_FILES="$CONFIG_FILES tools/Makefile" ;;
|
||||||
"depfiles" ) CONFIG_COMMANDS="$CONFIG_COMMANDS depfiles" ;;
|
"depfiles" ) CONFIG_COMMANDS="$CONFIG_COMMANDS depfiles" ;;
|
||||||
"config/config.h" ) CONFIG_HEADERS="$CONFIG_HEADERS config/config.h" ;;
|
"config/config.h" ) CONFIG_HEADERS="$CONFIG_HEADERS config/config.h" ;;
|
||||||
|
@ -2,8 +2,8 @@
|
|||||||
# Process this file with autoconf to produce a configure script.
|
# Process this file with autoconf to produce a configure script.
|
||||||
|
|
||||||
AC_PREREQ(2.59)
|
AC_PREREQ(2.59)
|
||||||
AC_INIT([OpenBSM], [1.0a5], [trustedbsd-audit@TrustesdBSD.org],[openbsm])
|
AC_INIT([OpenBSM], [1.0a6], [trustedbsd-audit@TrustesdBSD.org],[openbsm])
|
||||||
AC_REVISION([$P4: //depot/projects/trustedbsd/openbsm/configure.ac#16 $])
|
AC_REVISION([$P4: //depot/projects/trustedbsd/openbsm/configure.ac#22 $])
|
||||||
AC_CONFIG_SRCDIR([bin/auditreduce/auditreduce.c])
|
AC_CONFIG_SRCDIR([bin/auditreduce/auditreduce.c])
|
||||||
AC_CONFIG_AUX_DIR(config)
|
AC_CONFIG_AUX_DIR(config)
|
||||||
AC_CONFIG_HEADER([config/config.h])
|
AC_CONFIG_HEADER([config/config.h])
|
||||||
@ -16,9 +16,8 @@ AC_PROG_LIBTOOL
|
|||||||
|
|
||||||
AM_INIT_AUTOMAKE(AC_PACKAGE_NAME, AC_PACKAGE_VERSION)
|
AM_INIT_AUTOMAKE(AC_PACKAGE_NAME, AC_PACKAGE_VERSION)
|
||||||
|
|
||||||
# Checks for libraries.
|
AC_SEARCH_LIBS(dlsym, dl)
|
||||||
# FIXME: Replace `main' with a function in `-lbsm':
|
AC_SEARCH_LIBS(clock_gettime, rt)
|
||||||
AC_CHECK_LIB([bsm], [main])
|
|
||||||
|
|
||||||
# Checks for header files.
|
# Checks for header files.
|
||||||
AC_HEADER_STDC
|
AC_HEADER_STDC
|
||||||
@ -99,11 +98,16 @@ AC_CONFIG_FILES([Makefile
|
|||||||
bin/Makefile
|
bin/Makefile
|
||||||
bin/audit/Makefile
|
bin/audit/Makefile
|
||||||
bin/auditd/Makefile
|
bin/auditd/Makefile
|
||||||
|
bin/auditfilterd/Makefile
|
||||||
bin/auditreduce/Makefile
|
bin/auditreduce/Makefile
|
||||||
bin/praudit/Makefile
|
bin/praudit/Makefile
|
||||||
bsm/Makefile
|
bsm/Makefile
|
||||||
libbsm/Makefile
|
libbsm/Makefile
|
||||||
|
modules/Makefile
|
||||||
|
modules/auditfilter_noop/Makefile
|
||||||
man/Makefile
|
man/Makefile
|
||||||
|
test/Makefile
|
||||||
|
test/bsm/Makefile
|
||||||
tools/Makefile])
|
tools/Makefile])
|
||||||
|
|
||||||
AC_OUTPUT
|
AC_OUTPUT
|
||||||
|
5
contrib/openbsm/etc/audit_filter
Normal file
5
contrib/openbsm/etc/audit_filter
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
#
|
||||||
|
# $P4: //depot/projects/trustedbsd/openbsm/etc/audit_filter#1 $
|
||||||
|
#
|
||||||
|
# modulename:various arguments here
|
||||||
|
#
|
@ -1,5 +1,5 @@
|
|||||||
#
|
#
|
||||||
# $P4: //depot/projects/trustedbsd/openbsm/libbsm/Makefile.am#2 $
|
# $P4: //depot/projects/trustedbsd/openbsm/libbsm/Makefile.am#3 $
|
||||||
#
|
#
|
||||||
|
|
||||||
INCLUDES = -I$(top_srcdir)
|
INCLUDES = -I$(top_srcdir)
|
||||||
@ -30,6 +30,7 @@ man3_MANS = \
|
|||||||
au_free_token.3 \
|
au_free_token.3 \
|
||||||
au_io.3 \
|
au_io.3 \
|
||||||
au_mask.3 \
|
au_mask.3 \
|
||||||
|
au_open.3 \
|
||||||
au_token.3 \
|
au_token.3 \
|
||||||
au_user.3 \
|
au_user.3 \
|
||||||
libbsm.3
|
libbsm.3
|
||||||
|
@ -15,7 +15,7 @@
|
|||||||
@SET_MAKE@
|
@SET_MAKE@
|
||||||
|
|
||||||
#
|
#
|
||||||
# $P4: //depot/projects/trustedbsd/openbsm/libbsm/Makefile.in#3 $
|
# $P4: //depot/projects/trustedbsd/openbsm/libbsm/Makefile.in#4 $
|
||||||
#
|
#
|
||||||
|
|
||||||
srcdir = @srcdir@
|
srcdir = @srcdir@
|
||||||
@ -204,6 +204,7 @@ man3_MANS = \
|
|||||||
au_free_token.3 \
|
au_free_token.3 \
|
||||||
au_io.3 \
|
au_io.3 \
|
||||||
au_mask.3 \
|
au_mask.3 \
|
||||||
|
au_open.3 \
|
||||||
au_token.3 \
|
au_token.3 \
|
||||||
au_user.3 \
|
au_user.3 \
|
||||||
libbsm.3
|
libbsm.3
|
||||||
|
149
contrib/openbsm/libbsm/au_open.3
Normal file
149
contrib/openbsm/libbsm/au_open.3
Normal file
@ -0,0 +1,149 @@
|
|||||||
|
.\"-
|
||||||
|
.\" Copyright (c) 2006 Robert N. M. Watson
|
||||||
|
.\" All rights reserved.
|
||||||
|
.\"
|
||||||
|
.\" Redistribution and use in source and binary forms, with or without
|
||||||
|
.\" modification, are permitted provided that the following conditions
|
||||||
|
.\" are met:
|
||||||
|
.\" 1. Redistributions of source code must retain the above copyright
|
||||||
|
.\" notice, this list of conditions and the following disclaimer.
|
||||||
|
.\" 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
.\" notice, this list of conditions and the following disclaimer in the
|
||||||
|
.\" documentation and/or other materials provided with the distribution.
|
||||||
|
.\"
|
||||||
|
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
|
||||||
|
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
.\" SUCH DAMAGE.
|
||||||
|
.\"
|
||||||
|
.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_open.3#4 $
|
||||||
|
.\"
|
||||||
|
.Dd March 4, 2006
|
||||||
|
.Dt AU_OPEN 3
|
||||||
|
.Os
|
||||||
|
.Sh NAME
|
||||||
|
.Nm au_open ,
|
||||||
|
.Nm au_write ,
|
||||||
|
.Nm au_close ,
|
||||||
|
.Nm au_close_buffer
|
||||||
|
.Nd "Create and commit audit records"
|
||||||
|
.Sh LIBRARY
|
||||||
|
.Lb libbsm
|
||||||
|
.Sh SYNOPSIS
|
||||||
|
.In libbsm.h
|
||||||
|
.Ft int
|
||||||
|
.Fn au_open "void"
|
||||||
|
.Ft int
|
||||||
|
.Fn au_write "int d" "token_t *tok"
|
||||||
|
.Ft int
|
||||||
|
.Fn au_close "int d" "int keep" "short event"
|
||||||
|
.Ft int
|
||||||
|
.Fn au_close_buffer "int d" "short event" "u_char *buffer" "size_t *buflen"
|
||||||
|
.Ft int
|
||||||
|
.Fn au_close_token "token_t *tok" "u_char *buffer" "size_t *buflen"
|
||||||
|
.Sh DESCRIPTION
|
||||||
|
These interfaces allow applications to allocate audit records, construct a
|
||||||
|
record using a series of tokens, and commit the audit record to the system
|
||||||
|
event log.
|
||||||
|
An extension API is also provided to commit the record to an in-memory
|
||||||
|
buffer rather than the system audit log.
|
||||||
|
.Pp
|
||||||
|
The
|
||||||
|
.Fn au_open
|
||||||
|
interface allocates a new audit record descriptor.
|
||||||
|
.Pp
|
||||||
|
The
|
||||||
|
.Fn au_write
|
||||||
|
interface adds a token to an allocated audit descriptor.
|
||||||
|
When a token has been successfully added to a record, the caller no longer
|
||||||
|
owns the token memory, and does not need to free it directly via a call to
|
||||||
|
.Xr au_free_token 3 .
|
||||||
|
.Pp
|
||||||
|
The
|
||||||
|
.Fn au_close
|
||||||
|
function is used to commit an audit record to the system audit log, or
|
||||||
|
abandon the record.
|
||||||
|
In either cases, all resources associated with the record will be released.
|
||||||
|
The
|
||||||
|
.Va keep
|
||||||
|
argument determines the behavior: a value of
|
||||||
|
.Dv AU_TO_WRITE
|
||||||
|
causes the record to be committed; a value of
|
||||||
|
.Dv AU_TO_NO_WRITE
|
||||||
|
causes it to be abandoned.
|
||||||
|
When the audit record is committed, a BSM header will be inserted before
|
||||||
|
tokens added to the record, using the event identifier passed via
|
||||||
|
.Va event ,
|
||||||
|
and a trailer added to the end.
|
||||||
|
Committing a record to the system audit log requires privilege.
|
||||||
|
.Pp
|
||||||
|
The
|
||||||
|
.Fn au_close_buffer
|
||||||
|
function writes the resulting record to an in-memory buffer of size
|
||||||
|
.Va *buflen ;
|
||||||
|
it will write back the filled buffer length into the same variable.
|
||||||
|
The argument
|
||||||
|
.Va short
|
||||||
|
is the event identifier to use in the record header.
|
||||||
|
.Pp
|
||||||
|
The
|
||||||
|
.Fn au_close_token
|
||||||
|
function generates the BSM stream output for a single token,
|
||||||
|
.Va tok ,
|
||||||
|
in the passed buffer
|
||||||
|
.Va buffer .
|
||||||
|
The initial buffer size and resulting data size are passed via
|
||||||
|
.Va *buflen .
|
||||||
|
.Fn au_close_token
|
||||||
|
will free the token before returning.
|
||||||
|
.Sh RETURN VALUES
|
||||||
|
The function
|
||||||
|
.Fn au_open
|
||||||
|
returns a non-negative audit record descriptor number on success, or a
|
||||||
|
negative value on failure, along with error information in
|
||||||
|
.Va errno .
|
||||||
|
.Pp
|
||||||
|
The functions
|
||||||
|
.Fn au_write ,
|
||||||
|
.Fn au_close ,
|
||||||
|
.Fn au_close_buffer ,
|
||||||
|
and
|
||||||
|
.Fn au_close_token
|
||||||
|
return 0 on success, or a negative value on failure, along with error
|
||||||
|
information in
|
||||||
|
.Va errno .
|
||||||
|
.Sh SEE ALSO
|
||||||
|
.Xr libbsm 3
|
||||||
|
.Sh AUTHORS
|
||||||
|
This software was created by Robert Watson, Wayne Salamon, and Suresh
|
||||||
|
Krishnaswamy for McAfee Research, the security research division of McAfee,
|
||||||
|
Inc., under contract to Apple Computer, Inc.
|
||||||
|
.Pp
|
||||||
|
The Basic Security Module (BSM) interface to audit records and audit event
|
||||||
|
stream format were defined by Sun Microsystems.
|
||||||
|
.Sh HISTORY
|
||||||
|
The OpenBSM implementation was created by McAfee Research, the security
|
||||||
|
division of McAfee Inc., under contract to Apple Computer, Inc., in 2004.
|
||||||
|
It was subsequently adopted by the TrustedBSD Project as the foundation for
|
||||||
|
the OpenBSM distribution.
|
||||||
|
.Sh BUGS
|
||||||
|
Currently,
|
||||||
|
.Fn au_open
|
||||||
|
does not reserve kernel resources necessary to commit the record to the
|
||||||
|
trail; on systems supporting
|
||||||
|
.Fn au_close ,
|
||||||
|
the call will block until resources are available to commit the record.
|
||||||
|
However, this leads to the possibility of an action being permitted without
|
||||||
|
the record being guaranteed to go to disk.
|
||||||
|
Ideally,
|
||||||
|
.Fn au_open
|
||||||
|
would reserve resources necessary to commit any submitted record, releasing
|
||||||
|
them on
|
||||||
|
.Fn au_close .
|
@ -23,7 +23,7 @@
|
|||||||
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
.\" SUCH DAMAGE.
|
.\" SUCH DAMAGE.
|
||||||
.\"
|
.\"
|
||||||
.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_token.3#5 $
|
.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_token.3#7 $
|
||||||
.\"
|
.\"
|
||||||
.Dd April 19, 2005
|
.Dd April 19, 2005
|
||||||
.Dt AU_TOKEN 3
|
.Dt AU_TOKEN 3
|
||||||
@ -57,9 +57,6 @@
|
|||||||
.Nm au_to_return64 ,
|
.Nm au_to_return64 ,
|
||||||
.Nm au_to_return ,
|
.Nm au_to_return ,
|
||||||
.Nm au_to_seq ,
|
.Nm au_to_seq ,
|
||||||
.Nm au_to_socket ,
|
|
||||||
.Nm au_to_socket_ex_32 ,
|
|
||||||
.Nm au_to_socket_ex_128 ,
|
|
||||||
.Nm au_to_sock_inet32 ,
|
.Nm au_to_sock_inet32 ,
|
||||||
.Nm au_to_sock_inet128 ,
|
.Nm au_to_sock_inet128 ,
|
||||||
.Nm au_to_sock_inet ,
|
.Nm au_to_sock_inet ,
|
||||||
@ -116,9 +113,7 @@
|
|||||||
.Ft token_t *
|
.Ft token_t *
|
||||||
.Fn au_to_opaque "char *data" "u_int64_t bytes"
|
.Fn au_to_opaque "char *data" "u_int64_t bytes"
|
||||||
.Ft token_t *
|
.Ft token_t *
|
||||||
.Fn au_to_file "char *file"
|
.Fn au_to_file "char *file" "struct timeval tm"
|
||||||
.Ft token_t *
|
|
||||||
.Fn au_to_file "char *file"
|
|
||||||
.Ft token_t *
|
.Ft token_t *
|
||||||
.Fn au_to_text "char *text"
|
.Fn au_to_text "char *text"
|
||||||
.Ft token_t *
|
.Ft token_t *
|
||||||
@ -140,12 +135,6 @@
|
|||||||
.Ft token_t *
|
.Ft token_t *
|
||||||
.Fn au_to_seq "long audit_count"
|
.Fn au_to_seq "long audit_count"
|
||||||
.Ft token_t *
|
.Ft token_t *
|
||||||
.Fn au_to_socket "struct socket *so"
|
|
||||||
.Ft token_t *
|
|
||||||
.Fn au_to_socket_ex_32 "struct socket *so"
|
|
||||||
.Ft token_t *
|
|
||||||
.Fn au_to_socket_ex_128 "struct socket *so"
|
|
||||||
.Ft token_t *
|
|
||||||
.Fn au_to_sock_inet32 "struct sockaddr_in *so"
|
.Fn au_to_sock_inet32 "struct sockaddr_in *so"
|
||||||
.Ft token_t *
|
.Ft token_t *
|
||||||
.Fn au_to_sock_inet128 "struct sockaddr_in6 *so"
|
.Fn au_to_sock_inet128 "struct sockaddr_in6 *so"
|
||||||
|
126
contrib/openbsm/libbsm/audit_submit.3
Normal file
126
contrib/openbsm/libbsm/audit_submit.3
Normal file
@ -0,0 +1,126 @@
|
|||||||
|
.\"
|
||||||
|
.\" Copyright (c) 2006 Christian S.J. Peron
|
||||||
|
.\" All rights reserved.
|
||||||
|
.\"
|
||||||
|
.\" Redistribution and use in source and binary forms, with or without
|
||||||
|
.\" modification, are permitted provided that the following conditions
|
||||||
|
.\" are met:
|
||||||
|
.\"
|
||||||
|
.\" 1. Redistributions of source code must retain the above copyright
|
||||||
|
.\" notice, this list of conditions and the following disclaimer.
|
||||||
|
.\" 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
.\" notice, this list of conditions and the following disclaimer in the
|
||||||
|
.\" documentation and/or other materials provided with the distribution.
|
||||||
|
.\" 3. Neither the name of Apple Computer, Inc. ("Apple") nor the names of
|
||||||
|
.\" its contributors may be used to endorse or promote products derived
|
||||||
|
.\" from this software without specific prior written permission.
|
||||||
|
.\"
|
||||||
|
.\" THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND
|
||||||
|
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
.\" ARE DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR
|
||||||
|
.\" ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
|
||||||
|
.\" IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||||
|
.\" POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
.\"
|
||||||
|
.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/audit_submit.3#8 $
|
||||||
|
.\"
|
||||||
|
.Dd May 29, 2006
|
||||||
|
.Dt audit_submit 3
|
||||||
|
.Os
|
||||||
|
.Sh NAME
|
||||||
|
.Nm audit_submit
|
||||||
|
.Nd general purpose audit record submission
|
||||||
|
.Sh LIBRARY
|
||||||
|
.Lb libbsm
|
||||||
|
.Sh SYNOPSIS
|
||||||
|
.In stdio.h
|
||||||
|
.Ft int
|
||||||
|
.Fn audit_submit "short au_event" "au_id_t auid" "char status" "int reterr" "const char * restrict format" ...
|
||||||
|
.Sh DESCRIPTION
|
||||||
|
The
|
||||||
|
.Nm
|
||||||
|
function provides a generic programming interface for audit record submission.
|
||||||
|
This audit record will contain a header, subject token, an optional text token,
|
||||||
|
return token, and a trailer.
|
||||||
|
The header will contain the event class specified by
|
||||||
|
.Fa au_event .
|
||||||
|
The subject token will be generated based on
|
||||||
|
.Fa au_ctx .
|
||||||
|
The return token is dependant on the
|
||||||
|
.Fa status
|
||||||
|
and
|
||||||
|
.Fa reterr
|
||||||
|
arguments.
|
||||||
|
Optionally, a text token will be created as a part of this record.
|
||||||
|
.Pp
|
||||||
|
Text token output is under the control of a
|
||||||
|
.Fa format
|
||||||
|
string that specifies how subsequent arguments (or arguments accessed via the
|
||||||
|
variable-length argument facilities of
|
||||||
|
.Xr stdarg 3 )
|
||||||
|
are converted for output.
|
||||||
|
If
|
||||||
|
.Fa format
|
||||||
|
is NULL, then no text token is created in the audit record.
|
||||||
|
.Pp
|
||||||
|
It should be noted that
|
||||||
|
.Nm
|
||||||
|
assumes that
|
||||||
|
.Xr setaudit 2 ,
|
||||||
|
or
|
||||||
|
.Xr setaudit_addr 2
|
||||||
|
has already been called.
|
||||||
|
As a direct result, the terminal ID for the
|
||||||
|
subject will be retrieved from the kernel via
|
||||||
|
.Xr getaudit 2 ,
|
||||||
|
or
|
||||||
|
.Xr getaudit_addr 2 .
|
||||||
|
.Sh EXAMPLES
|
||||||
|
.Bd -literal -offset indent
|
||||||
|
#include <bsm/audit.h>
|
||||||
|
#include <bsm/libbsm.h>
|
||||||
|
#include <bsm/audit_uevents.h>
|
||||||
|
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <stdarg.h>
|
||||||
|
#include <errno.h>
|
||||||
|
|
||||||
|
int
|
||||||
|
audit_bad_su(char *from_login, char *to_login)
|
||||||
|
{
|
||||||
|
int error;
|
||||||
|
|
||||||
|
error = audit_submit(AUE_su, getuid(), 1, EPERM,
|
||||||
|
"bad su from %s to %s", from_login, to_login);
|
||||||
|
return (error);
|
||||||
|
}
|
||||||
|
.Ed
|
||||||
|
.Pp
|
||||||
|
Will generate the following audit record:
|
||||||
|
.Bd -literal -offset indent
|
||||||
|
header,94,1,su(1),0,Mon Apr 17 23:23:59 2006, + 271 msec
|
||||||
|
subject,root,root,wheel,root,wheel,652,652,0,0.0.0.0
|
||||||
|
text,bad su from from csjp to root
|
||||||
|
return,failure : Operation not permitted,1
|
||||||
|
trailer,94
|
||||||
|
.Ed
|
||||||
|
.Sh SEE ALSO
|
||||||
|
.Xr auditon 2 ,
|
||||||
|
.Xr getaudit 2 ,
|
||||||
|
.Xr libbsm 3 ,
|
||||||
|
.Xr stdarg 3
|
||||||
|
.Sh HISTORY
|
||||||
|
The
|
||||||
|
.Nm
|
||||||
|
function first appeared in OpenBSM version 1.0.
|
||||||
|
OpenBSM 1.0 was introduced in FreeBSD 7.0.
|
||||||
|
.Sh AUTHORS
|
||||||
|
The
|
||||||
|
.Nm
|
||||||
|
function was written by
|
||||||
|
.An Christian S.J. Peron Aq csjp@FreeBSD.org .
|
@ -30,7 +30,7 @@
|
|||||||
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||||
* POSSIBILITY OF SUCH DAMAGE.
|
* POSSIBILITY OF SUCH DAMAGE.
|
||||||
*
|
*
|
||||||
* $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_audit.c#22 $
|
* $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_audit.c#26 $
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <sys/types.h>
|
#include <sys/types.h>
|
||||||
@ -280,12 +280,11 @@ au_close(int d, int keep, short event)
|
|||||||
return (-1); /* Invalid descriptor */
|
return (-1); /* Invalid descriptor */
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!keep) {
|
if (keep == AU_TO_NO_WRITE) {
|
||||||
retval = 0;
|
retval = 0;
|
||||||
goto cleanup;
|
goto cleanup;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
tot_rec_size = rec->len + BSM_HEADER_SIZE + BSM_TRAILER_SIZE;
|
tot_rec_size = rec->len + BSM_HEADER_SIZE + BSM_TRAILER_SIZE;
|
||||||
|
|
||||||
if (tot_rec_size > MAX_AUDIT_RECORD_SIZE) {
|
if (tot_rec_size > MAX_AUDIT_RECORD_SIZE) {
|
||||||
@ -361,3 +360,24 @@ au_close_buffer(int d, short event, u_char *buffer, size_t *buflen)
|
|||||||
au_teardown(rec);
|
au_teardown(rec);
|
||||||
return (retval);
|
return (retval);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* au_close_token() returns the byte format of a token_t. This won't
|
||||||
|
* generally be used by applications, but is quite useful for writing test
|
||||||
|
* tools. Will free the token on either success or failure.
|
||||||
|
*/
|
||||||
|
int
|
||||||
|
au_close_token(token_t *tok, u_char *buffer, size_t *buflen)
|
||||||
|
{
|
||||||
|
|
||||||
|
if (tok->len > *buflen) {
|
||||||
|
au_free_token(tok);
|
||||||
|
errno = ENOMEM;
|
||||||
|
return (EINVAL);
|
||||||
|
}
|
||||||
|
|
||||||
|
memcpy(buffer, tok->t_data, tok->len);
|
||||||
|
*buflen = tok->len;
|
||||||
|
au_free_token(tok);
|
||||||
|
return (0);
|
||||||
|
}
|
||||||
|
@ -31,7 +31,7 @@
|
|||||||
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||||
* POSSIBILITY OF SUCH DAMAGE.
|
* POSSIBILITY OF SUCH DAMAGE.
|
||||||
*
|
*
|
||||||
* $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_io.c#34 $
|
* $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_io.c#37 $
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <sys/types.h>
|
#include <sys/types.h>
|
||||||
@ -893,6 +893,7 @@ fetch_arb_tok(tokenstr_t *tok, char *buf, int len)
|
|||||||
*/
|
*/
|
||||||
switch(tok->tt.arb.bu) {
|
switch(tok->tt.arb.bu) {
|
||||||
case AUR_BYTE:
|
case AUR_BYTE:
|
||||||
|
/* case AUR_CHAR: */
|
||||||
datasize = AUR_BYTE_SIZE;
|
datasize = AUR_BYTE_SIZE;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
@ -900,8 +901,13 @@ fetch_arb_tok(tokenstr_t *tok, char *buf, int len)
|
|||||||
datasize = AUR_SHORT_SIZE;
|
datasize = AUR_SHORT_SIZE;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case AUR_LONG:
|
case AUR_INT32:
|
||||||
datasize = AUR_LONG_SIZE;
|
/* case AUR_INT: */
|
||||||
|
datasize = AUR_INT32_SIZE;
|
||||||
|
break;
|
||||||
|
|
||||||
|
case AUR_INT64:
|
||||||
|
datasize = AUR_INT64_SIZE;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
default:
|
default:
|
||||||
@ -962,6 +968,7 @@ print_arb_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
|
|||||||
print_delim(fp, del);
|
print_delim(fp, del);
|
||||||
switch(tok->tt.arb.bu) {
|
switch(tok->tt.arb.bu) {
|
||||||
case AUR_BYTE:
|
case AUR_BYTE:
|
||||||
|
/* case AUR_CHAR: */
|
||||||
str = "byte";
|
str = "byte";
|
||||||
size = AUR_BYTE_SIZE;
|
size = AUR_BYTE_SIZE;
|
||||||
print_string(fp, str, strlen(str));
|
print_string(fp, str, strlen(str));
|
||||||
@ -979,23 +986,36 @@ print_arb_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
|
|||||||
print_delim(fp, del);
|
print_delim(fp, del);
|
||||||
print_1_byte(fp, tok->tt.arb.uc, "%u");
|
print_1_byte(fp, tok->tt.arb.uc, "%u");
|
||||||
print_delim(fp, del);
|
print_delim(fp, del);
|
||||||
for (i = 0; i<tok->tt.arb.uc; i++)
|
for (i = 0; i < tok->tt.arb.uc; i++)
|
||||||
fprintf(fp, format, *((u_int16_t *)(tok->tt.arb.data +
|
fprintf(fp, format, *((u_int16_t *)(tok->tt.arb.data +
|
||||||
(size * i))));
|
(size * i))));
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case AUR_LONG:
|
case AUR_INT32:
|
||||||
|
/* case AUR_INT: */
|
||||||
str = "int";
|
str = "int";
|
||||||
size = AUR_LONG_SIZE;
|
size = AUR_INT32_SIZE;
|
||||||
print_string(fp, str, strlen(str));
|
print_string(fp, str, strlen(str));
|
||||||
print_delim(fp, del);
|
print_delim(fp, del);
|
||||||
print_1_byte(fp, tok->tt.arb.uc, "%u");
|
print_1_byte(fp, tok->tt.arb.uc, "%u");
|
||||||
print_delim(fp, del);
|
print_delim(fp, del);
|
||||||
for (i = 0; i<tok->tt.arb.uc; i++)
|
for (i = 0; i < tok->tt.arb.uc; i++)
|
||||||
fprintf(fp, format, *((u_int32_t *)(tok->tt.arb.data +
|
fprintf(fp, format, *((u_int32_t *)(tok->tt.arb.data +
|
||||||
(size * i))));
|
(size * i))));
|
||||||
break;
|
break;
|
||||||
|
|
||||||
|
case AUR_INT64:
|
||||||
|
str = "int64";
|
||||||
|
size = AUR_INT64_SIZE;
|
||||||
|
print_string(fp, str, strlen(str));
|
||||||
|
print_delim(fp, del);
|
||||||
|
print_1_byte(fp, tok->tt.arb.uc, "%u");
|
||||||
|
print_delim(fp, del);
|
||||||
|
for (i = 0; i < tok->tt.arb.uc; i++)
|
||||||
|
fprintf(fp, format, *((u_int64_t *)(tok->tt.arb.data +
|
||||||
|
(size * i))));
|
||||||
|
break;
|
||||||
|
|
||||||
default:
|
default:
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
@ -1336,7 +1356,8 @@ fetch_inaddr_tok(tokenstr_t *tok, char *buf, int len)
|
|||||||
{
|
{
|
||||||
int err = 0;
|
int err = 0;
|
||||||
|
|
||||||
READ_TOKEN_U_INT32(buf, len, tok->tt.inaddr.addr, tok->len, err);
|
READ_TOKEN_BYTES(buf, len, &tok->tt.inaddr.addr, sizeof(uint32_t),
|
||||||
|
tok->len, err);
|
||||||
if (err)
|
if (err)
|
||||||
return (-1);
|
return (-1);
|
||||||
|
|
||||||
@ -1410,15 +1431,18 @@ fetch_ip_tok(tokenstr_t *tok, char *buf, int len)
|
|||||||
if (err)
|
if (err)
|
||||||
return (-1);
|
return (-1);
|
||||||
|
|
||||||
READ_TOKEN_U_INT16(buf, len, tok->tt.ip.len, tok->len, err);
|
READ_TOKEN_BYTES(buf, len, &tok->tt.ip.len, sizeof(uint16_t),
|
||||||
|
tok->len, err);
|
||||||
if (err)
|
if (err)
|
||||||
return (-1);
|
return (-1);
|
||||||
|
|
||||||
READ_TOKEN_U_INT16(buf, len, tok->tt.ip.id, tok->len, err);
|
READ_TOKEN_BYTES(buf, len, &tok->tt.ip.id, sizeof(uint16_t),
|
||||||
|
tok->len, err);
|
||||||
if (err)
|
if (err)
|
||||||
return (-1);
|
return (-1);
|
||||||
|
|
||||||
READ_TOKEN_U_INT16(buf, len, tok->tt.ip.offset, tok->len, err);
|
READ_TOKEN_BYTES(buf, len, &tok->tt.ip.offset, sizeof(uint16_t),
|
||||||
|
tok->len, err);
|
||||||
if (err)
|
if (err)
|
||||||
return (-1);
|
return (-1);
|
||||||
|
|
||||||
@ -1430,7 +1454,8 @@ fetch_ip_tok(tokenstr_t *tok, char *buf, int len)
|
|||||||
if (err)
|
if (err)
|
||||||
return (-1);
|
return (-1);
|
||||||
|
|
||||||
READ_TOKEN_U_INT16(buf, len, tok->tt.ip.chksm, tok->len, err);
|
READ_TOKEN_BYTES(buf, len, &tok->tt.ip.chksm, sizeof(uint16_t),
|
||||||
|
tok->len, err);
|
||||||
if (err)
|
if (err)
|
||||||
return (-1);
|
return (-1);
|
||||||
|
|
||||||
@ -1458,17 +1483,17 @@ print_ip_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
|
|||||||
print_delim(fp, del);
|
print_delim(fp, del);
|
||||||
print_mem(fp, (u_char *)(&tok->tt.ip.tos), sizeof(u_char));
|
print_mem(fp, (u_char *)(&tok->tt.ip.tos), sizeof(u_char));
|
||||||
print_delim(fp, del);
|
print_delim(fp, del);
|
||||||
print_2_bytes(fp, tok->tt.ip.len, "%u");
|
print_2_bytes(fp, ntohs(tok->tt.ip.len), "%u");
|
||||||
print_delim(fp, del);
|
print_delim(fp, del);
|
||||||
print_2_bytes(fp, tok->tt.ip.id, "%u");
|
print_2_bytes(fp, ntohs(tok->tt.ip.id), "%u");
|
||||||
print_delim(fp, del);
|
print_delim(fp, del);
|
||||||
print_2_bytes(fp, tok->tt.ip.offset, "%u");
|
print_2_bytes(fp, ntohs(tok->tt.ip.offset), "%u");
|
||||||
print_delim(fp, del);
|
print_delim(fp, del);
|
||||||
print_mem(fp, (u_char *)(&tok->tt.ip.ttl), sizeof(u_char));
|
print_mem(fp, (u_char *)(&tok->tt.ip.ttl), sizeof(u_char));
|
||||||
print_delim(fp, del);
|
print_delim(fp, del);
|
||||||
print_mem(fp, (u_char *)(&tok->tt.ip.prot), sizeof(u_char));
|
print_mem(fp, (u_char *)(&tok->tt.ip.prot), sizeof(u_char));
|
||||||
print_delim(fp, del);
|
print_delim(fp, del);
|
||||||
print_2_bytes(fp, tok->tt.ip.chksm, "%u");
|
print_2_bytes(fp, ntohs(tok->tt.ip.chksm), "%u");
|
||||||
print_delim(fp, del);
|
print_delim(fp, del);
|
||||||
print_ip_address(fp, tok->tt.ip.src);
|
print_ip_address(fp, tok->tt.ip.src);
|
||||||
print_delim(fp, del);
|
print_delim(fp, del);
|
||||||
@ -1582,7 +1607,8 @@ fetch_iport_tok(tokenstr_t *tok, char *buf, int len)
|
|||||||
{
|
{
|
||||||
int err = 0;
|
int err = 0;
|
||||||
|
|
||||||
READ_TOKEN_U_INT16(buf, len, tok->tt.iport.port, tok->len, err);
|
READ_TOKEN_BYTES(buf, len, &tok->tt.iport.port, sizeof(uint16_t),
|
||||||
|
tok->len, err);
|
||||||
if (err)
|
if (err)
|
||||||
return (-1);
|
return (-1);
|
||||||
|
|
||||||
@ -1596,7 +1622,7 @@ print_iport_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
|
|||||||
|
|
||||||
print_tok_type(fp, tok->id, "ip port", raw);
|
print_tok_type(fp, tok->id, "ip port", raw);
|
||||||
print_delim(fp, del);
|
print_delim(fp, del);
|
||||||
print_2_bytes(fp, tok->tt.iport.port, "%#x");
|
print_2_bytes(fp, ntohs(tok->tt.iport.port), "%#x");
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -1712,7 +1738,8 @@ fetch_process32_tok(tokenstr_t *tok, char *buf, int len)
|
|||||||
if (err)
|
if (err)
|
||||||
return (-1);
|
return (-1);
|
||||||
|
|
||||||
READ_TOKEN_U_INT32(buf, len, tok->tt.proc32.tid.addr, tok->len, err);
|
READ_TOKEN_BYTES(buf, len, &tok->tt.proc32.tid.addr,
|
||||||
|
sizeof(tok->tt.proc32.tid.addr), tok->len, err);
|
||||||
if (err)
|
if (err)
|
||||||
return (-1);
|
return (-1);
|
||||||
|
|
||||||
@ -1931,7 +1958,8 @@ fetch_sock_inet32_tok(tokenstr_t *tok, char *buf, int len)
|
|||||||
if (err)
|
if (err)
|
||||||
return (-1);
|
return (-1);
|
||||||
|
|
||||||
READ_TOKEN_U_INT16(buf, len, tok->tt.sockinet32.port, tok->len, err);
|
READ_TOKEN_BYTES(buf, len, &tok->tt.sockinet32.port,
|
||||||
|
sizeof(uint16_t), tok->len, err);
|
||||||
if (err)
|
if (err)
|
||||||
return (-1);
|
return (-1);
|
||||||
|
|
||||||
@ -1952,7 +1980,7 @@ print_sock_inet32_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
|
|||||||
print_delim(fp, del);
|
print_delim(fp, del);
|
||||||
print_2_bytes(fp, tok->tt.sockinet32.family, "%u");
|
print_2_bytes(fp, tok->tt.sockinet32.family, "%u");
|
||||||
print_delim(fp, del);
|
print_delim(fp, del);
|
||||||
print_2_bytes(fp, tok->tt.sockinet32.port, "%u");
|
print_2_bytes(fp, ntohs(tok->tt.sockinet32.port), "%u");
|
||||||
print_delim(fp, del);
|
print_delim(fp, del);
|
||||||
print_ip_address(fp, tok->tt.sockinet32.addr);
|
print_ip_address(fp, tok->tt.sockinet32.addr);
|
||||||
}
|
}
|
||||||
@ -1961,7 +1989,8 @@ print_sock_inet32_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
|
|||||||
* socket family 2 bytes
|
* socket family 2 bytes
|
||||||
* path 104 bytes
|
* path 104 bytes
|
||||||
*/
|
*/
|
||||||
static int fetch_sock_unix_tok(tokenstr_t *tok, char *buf, int len)
|
static int
|
||||||
|
fetch_sock_unix_tok(tokenstr_t *tok, char *buf, int len)
|
||||||
{
|
{
|
||||||
int err = 0;
|
int err = 0;
|
||||||
|
|
||||||
@ -1997,7 +2026,8 @@ print_sock_unix_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
|
|||||||
* remote port 2 bytes
|
* remote port 2 bytes
|
||||||
* remote address 4 bytes
|
* remote address 4 bytes
|
||||||
*/
|
*/
|
||||||
static int fetch_socket_tok(tokenstr_t *tok, char *buf, int len)
|
static int
|
||||||
|
fetch_socket_tok(tokenstr_t *tok, char *buf, int len)
|
||||||
{
|
{
|
||||||
int err = 0;
|
int err = 0;
|
||||||
|
|
||||||
@ -2005,7 +2035,8 @@ static int fetch_socket_tok(tokenstr_t *tok, char *buf, int len)
|
|||||||
if (err)
|
if (err)
|
||||||
return (-1);
|
return (-1);
|
||||||
|
|
||||||
READ_TOKEN_U_INT16(buf, len, tok->tt.socket.l_port, tok->len, err);
|
READ_TOKEN_BYTES(buf, len, &tok->tt.socket.l_port, sizeof(uint16_t),
|
||||||
|
tok->len, err);
|
||||||
if (err)
|
if (err)
|
||||||
return (-1);
|
return (-1);
|
||||||
|
|
||||||
@ -2014,7 +2045,8 @@ static int fetch_socket_tok(tokenstr_t *tok, char *buf, int len)
|
|||||||
if (err)
|
if (err)
|
||||||
return (-1);
|
return (-1);
|
||||||
|
|
||||||
READ_TOKEN_U_INT16(buf, len, tok->tt.socket.r_port, tok->len, err);
|
READ_TOKEN_BYTES(buf, len, &tok->tt.socket.r_port, sizeof(uint16_t),
|
||||||
|
tok->len, err);
|
||||||
if (err)
|
if (err)
|
||||||
return (-1);
|
return (-1);
|
||||||
|
|
||||||
@ -2035,11 +2067,11 @@ print_socket_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
|
|||||||
print_delim(fp, del);
|
print_delim(fp, del);
|
||||||
print_2_bytes(fp, tok->tt.socket.type, "%u");
|
print_2_bytes(fp, tok->tt.socket.type, "%u");
|
||||||
print_delim(fp, del);
|
print_delim(fp, del);
|
||||||
print_2_bytes(fp, tok->tt.socket.l_port, "%u");
|
print_2_bytes(fp, ntohs(tok->tt.socket.l_port), "%u");
|
||||||
print_delim(fp, del);
|
print_delim(fp, del);
|
||||||
print_ip_address(fp, tok->tt.socket.l_addr);
|
print_ip_address(fp, tok->tt.socket.l_addr);
|
||||||
print_delim(fp, del);
|
print_delim(fp, del);
|
||||||
print_2_bytes(fp, tok->tt.socket.r_port, "%u");
|
print_2_bytes(fp, ntohs(tok->tt.socket.r_port), "%u");
|
||||||
print_delim(fp, del);
|
print_delim(fp, del);
|
||||||
print_ip_address(fp, tok->tt.socket.r_addr);
|
print_ip_address(fp, tok->tt.socket.r_addr);
|
||||||
}
|
}
|
||||||
@ -2359,8 +2391,8 @@ fetch_socketex32_tok(tokenstr_t *tok, char *buf, int len)
|
|||||||
if (err)
|
if (err)
|
||||||
return (-1);
|
return (-1);
|
||||||
|
|
||||||
READ_TOKEN_U_INT16(buf, len, tok->tt.socket_ex32.l_port, tok->len,
|
READ_TOKEN_BYTES(buf, len, &tok->tt.socket_ex32.l_port,
|
||||||
err);
|
sizeof(uint16_t), tok->len, err);
|
||||||
if (err)
|
if (err)
|
||||||
return (-1);
|
return (-1);
|
||||||
|
|
||||||
@ -2374,8 +2406,8 @@ fetch_socketex32_tok(tokenstr_t *tok, char *buf, int len)
|
|||||||
if (err)
|
if (err)
|
||||||
return (-1);
|
return (-1);
|
||||||
|
|
||||||
READ_TOKEN_U_INT32(buf, len, tok->tt.socket_ex32.r_port, tok->len,
|
READ_TOKEN_BYTES(buf, len, &tok->tt.socket_ex32.r_port,
|
||||||
err);
|
sizeof(uint16_t), tok->len, err);
|
||||||
if (err)
|
if (err)
|
||||||
return (-1);
|
return (-1);
|
||||||
|
|
||||||
@ -2401,11 +2433,11 @@ print_socketex32_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
|
|||||||
print_delim(fp, del);
|
print_delim(fp, del);
|
||||||
print_2_bytes(fp, tok->tt.socket_ex32.type, "%#x");
|
print_2_bytes(fp, tok->tt.socket_ex32.type, "%#x");
|
||||||
print_delim(fp, del);
|
print_delim(fp, del);
|
||||||
print_2_bytes(fp, tok->tt.socket_ex32.l_port, "%#x");
|
print_2_bytes(fp, ntohs(tok->tt.socket_ex32.l_port), "%#x");
|
||||||
print_delim(fp, del);
|
print_delim(fp, del);
|
||||||
print_ip_address(fp, tok->tt.socket_ex32.l_addr);
|
print_ip_address(fp, tok->tt.socket_ex32.l_addr);
|
||||||
print_delim(fp, del);
|
print_delim(fp, del);
|
||||||
print_4_bytes(fp, tok->tt.socket_ex32.r_port, "%#x");
|
print_4_bytes(fp, ntohs(tok->tt.socket_ex32.r_port), "%#x");
|
||||||
print_delim(fp, del);
|
print_delim(fp, del);
|
||||||
print_ip_address(fp, tok->tt.socket_ex32.r_addr);
|
print_ip_address(fp, tok->tt.socket_ex32.r_addr);
|
||||||
}
|
}
|
||||||
|
@ -30,7 +30,7 @@
|
|||||||
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||||
* POSSIBILITY OF SUCH DAMAGE.
|
* POSSIBILITY OF SUCH DAMAGE.
|
||||||
*
|
*
|
||||||
* $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#43 $
|
* $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#47 $
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <sys/types.h>
|
#include <sys/types.h>
|
||||||
@ -243,6 +243,7 @@ au_to_data(char unit_print, char unit_type, char unit_count, char *p)
|
|||||||
/* Determine the size of the basic unit. */
|
/* Determine the size of the basic unit. */
|
||||||
switch (unit_type) {
|
switch (unit_type) {
|
||||||
case AUR_BYTE:
|
case AUR_BYTE:
|
||||||
|
/* case AUR_CHAR: */
|
||||||
datasize = AUR_BYTE_SIZE;
|
datasize = AUR_BYTE_SIZE;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
@ -250,8 +251,13 @@ au_to_data(char unit_print, char unit_type, char unit_count, char *p)
|
|||||||
datasize = AUR_SHORT_SIZE;
|
datasize = AUR_SHORT_SIZE;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case AUR_LONG:
|
case AUR_INT32:
|
||||||
datasize = AUR_LONG_SIZE;
|
/* case AUR_INT: */
|
||||||
|
datasize = AUR_INT32_SIZE;
|
||||||
|
break;
|
||||||
|
|
||||||
|
case AUR_INT64:
|
||||||
|
datasize = AUR_INT64_SIZE;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
default:
|
default:
|
||||||
@ -261,7 +267,7 @@ au_to_data(char unit_print, char unit_type, char unit_count, char *p)
|
|||||||
|
|
||||||
totdata = datasize * unit_count;
|
totdata = datasize * unit_count;
|
||||||
|
|
||||||
GET_TOKEN_AREA(t, dptr, totdata + 4 * sizeof(u_char));
|
GET_TOKEN_AREA(t, dptr, 4 * sizeof(u_char) + totdata);
|
||||||
if (t == NULL)
|
if (t == NULL)
|
||||||
return (NULL);
|
return (NULL);
|
||||||
|
|
||||||
@ -341,12 +347,12 @@ au_to_in_addr(struct in_addr *internet_addr)
|
|||||||
token_t *t;
|
token_t *t;
|
||||||
u_char *dptr = NULL;
|
u_char *dptr = NULL;
|
||||||
|
|
||||||
GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(u_int32_t));
|
GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(uint32_t));
|
||||||
if (t == NULL)
|
if (t == NULL)
|
||||||
return (NULL);
|
return (NULL);
|
||||||
|
|
||||||
ADD_U_CHAR(dptr, AUT_IN_ADDR);
|
ADD_U_CHAR(dptr, AUT_IN_ADDR);
|
||||||
ADD_U_INT32(dptr, internet_addr->s_addr);
|
ADD_MEM(dptr, &internet_addr->s_addr, sizeof(uint32_t));
|
||||||
|
|
||||||
return (t);
|
return (t);
|
||||||
}
|
}
|
||||||
@ -363,13 +369,13 @@ au_to_in_addr_ex(struct in6_addr *internet_addr)
|
|||||||
u_char *dptr = NULL;
|
u_char *dptr = NULL;
|
||||||
u_int32_t type = AF_INET6;
|
u_int32_t type = AF_INET6;
|
||||||
|
|
||||||
GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 5 * sizeof(u_int32_t));
|
GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 5 * sizeof(uint32_t));
|
||||||
if (t == NULL)
|
if (t == NULL)
|
||||||
return (NULL);
|
return (NULL);
|
||||||
|
|
||||||
ADD_U_CHAR(dptr, AUT_IN_ADDR_EX);
|
ADD_U_CHAR(dptr, AUT_IN_ADDR_EX);
|
||||||
ADD_U_INT32(dptr, type);
|
ADD_U_INT32(dptr, type);
|
||||||
ADD_MEM(dptr, internet_addr, sizeof(*internet_addr));
|
ADD_MEM(dptr, internet_addr, 5 * sizeof(uint32_t));
|
||||||
|
|
||||||
return (t);
|
return (t);
|
||||||
}
|
}
|
||||||
@ -528,23 +534,12 @@ au_to_opaque(char *data, u_int16_t bytes)
|
|||||||
* file pathname N bytes + 1 terminating NULL byte
|
* file pathname N bytes + 1 terminating NULL byte
|
||||||
*/
|
*/
|
||||||
token_t *
|
token_t *
|
||||||
#if defined(KERNEL) || defined(_KERNEL)
|
|
||||||
au_to_file(char *file, struct timeval tm)
|
au_to_file(char *file, struct timeval tm)
|
||||||
#else
|
|
||||||
au_to_file(char *file)
|
|
||||||
#endif
|
|
||||||
{
|
{
|
||||||
token_t *t;
|
token_t *t;
|
||||||
u_char *dptr = NULL;
|
u_char *dptr = NULL;
|
||||||
u_int16_t filelen;
|
u_int16_t filelen;
|
||||||
u_int32_t timems;
|
u_int32_t timems;
|
||||||
#if !defined(KERNEL) && !defined(_KERNEL)
|
|
||||||
struct timeval tm;
|
|
||||||
struct timezone tzp;
|
|
||||||
|
|
||||||
if (gettimeofday(&tm, &tzp) == -1)
|
|
||||||
return (NULL);
|
|
||||||
#endif
|
|
||||||
|
|
||||||
filelen = strlen(file);
|
filelen = strlen(file);
|
||||||
filelen += 1;
|
filelen += 1;
|
||||||
@ -650,7 +645,7 @@ au_to_process32(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, gid_t rgid,
|
|||||||
ADD_U_INT32(dptr, pid);
|
ADD_U_INT32(dptr, pid);
|
||||||
ADD_U_INT32(dptr, sid);
|
ADD_U_INT32(dptr, sid);
|
||||||
ADD_U_INT32(dptr, tid->port);
|
ADD_U_INT32(dptr, tid->port);
|
||||||
ADD_U_INT32(dptr, tid->machine);
|
ADD_MEM(dptr, &tid->machine, sizeof(u_int32_t));
|
||||||
|
|
||||||
return (t);
|
return (t);
|
||||||
}
|
}
|
||||||
@ -837,21 +832,28 @@ au_to_sock_inet32(struct sockaddr_in *so)
|
|||||||
{
|
{
|
||||||
token_t *t;
|
token_t *t;
|
||||||
u_char *dptr = NULL;
|
u_char *dptr = NULL;
|
||||||
|
uint16_t family;
|
||||||
|
|
||||||
GET_TOKEN_AREA(t, dptr, 3 * sizeof(u_char) + sizeof(u_int16_t) +
|
GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 2 * sizeof(uint16_t) +
|
||||||
sizeof(u_int32_t));
|
sizeof(uint32_t));
|
||||||
if (t == NULL)
|
if (t == NULL)
|
||||||
return (NULL);
|
return (NULL);
|
||||||
|
|
||||||
ADD_U_CHAR(dptr, AUT_SOCKINET32);
|
ADD_U_CHAR(dptr, AUT_SOCKINET32);
|
||||||
/*
|
/*
|
||||||
* In Darwin, sin_family is one octet, but BSM defines the token
|
* BSM defines the family field as 16 bits, but many operating
|
||||||
* to store two. So we copy in a 0 first.
|
* systems have an 8-bit sin_family field. Extend to 16 bits before
|
||||||
|
* writing into the token. Assume that both the port and the address
|
||||||
|
* in the sockaddr_in are already in network byte order, but family
|
||||||
|
* is in local byte order.
|
||||||
|
*
|
||||||
|
* XXXRW: Should a name space conversion be taking place on the value
|
||||||
|
* of sin_family?
|
||||||
*/
|
*/
|
||||||
ADD_U_CHAR(dptr, 0);
|
family = so->sin_family;
|
||||||
ADD_U_CHAR(dptr, so->sin_family);
|
ADD_U_INT16(dptr, family);
|
||||||
ADD_U_INT16(dptr, so->sin_port);
|
ADD_MEM(dptr, &so->sin_port, sizeof(uint16_t));
|
||||||
ADD_U_INT32(dptr, so->sin_addr.s_addr);
|
ADD_MEM(dptr, &so->sin_addr.s_addr, sizeof(uint32_t));
|
||||||
|
|
||||||
return (t);
|
return (t);
|
||||||
|
|
||||||
@ -877,7 +879,7 @@ au_to_sock_inet128(struct sockaddr_in6 *so)
|
|||||||
ADD_U_CHAR(dptr, so->sin6_family);
|
ADD_U_CHAR(dptr, so->sin6_family);
|
||||||
|
|
||||||
ADD_U_INT16(dptr, so->sin6_port);
|
ADD_U_INT16(dptr, so->sin6_port);
|
||||||
ADD_MEM(dptr, &so->sin6_addr, sizeof(so->sin6_addr));
|
ADD_MEM(dptr, &so->sin6_addr, 4 * sizeof(uint32_t));
|
||||||
|
|
||||||
return (t);
|
return (t);
|
||||||
|
|
||||||
@ -923,7 +925,7 @@ au_to_subject32(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, gid_t rgid,
|
|||||||
ADD_U_INT32(dptr, pid);
|
ADD_U_INT32(dptr, pid);
|
||||||
ADD_U_INT32(dptr, sid);
|
ADD_U_INT32(dptr, sid);
|
||||||
ADD_U_INT32(dptr, tid->port);
|
ADD_U_INT32(dptr, tid->port);
|
||||||
ADD_U_INT32(dptr, tid->machine);
|
ADD_MEM(dptr, &tid->machine, sizeof(u_int32_t));
|
||||||
|
|
||||||
return (t);
|
return (t);
|
||||||
}
|
}
|
||||||
@ -1117,23 +1119,12 @@ au_to_exec_env(const char **env)
|
|||||||
* milliseconds of time 4 bytes/8 bytes (32-bit/64-bit value)
|
* milliseconds of time 4 bytes/8 bytes (32-bit/64-bit value)
|
||||||
*/
|
*/
|
||||||
token_t *
|
token_t *
|
||||||
#if defined(KERNEL) || defined(_KERNEL)
|
au_to_header32_tm(int rec_size, au_event_t e_type, au_emod_t e_mod,
|
||||||
au_to_header32(int rec_size, au_event_t e_type, au_emod_t e_mod,
|
|
||||||
struct timeval tm)
|
struct timeval tm)
|
||||||
#else
|
|
||||||
au_to_header32(int rec_size, au_event_t e_type, au_emod_t e_mod)
|
|
||||||
#endif
|
|
||||||
{
|
{
|
||||||
token_t *t;
|
token_t *t;
|
||||||
u_char *dptr = NULL;
|
u_char *dptr = NULL;
|
||||||
u_int32_t timems;
|
u_int32_t timems;
|
||||||
#if !defined(KERNEL) && !defined(_KERNEL)
|
|
||||||
struct timeval tm;
|
|
||||||
struct timezone tzp;
|
|
||||||
|
|
||||||
if (gettimeofday(&tm, &tzp) == -1)
|
|
||||||
return (NULL);
|
|
||||||
#endif
|
|
||||||
|
|
||||||
GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(u_int32_t) +
|
GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(u_int32_t) +
|
||||||
sizeof(u_char) + 2 * sizeof(u_int16_t) + 2 * sizeof(u_int32_t));
|
sizeof(u_char) + 2 * sizeof(u_int16_t) + 2 * sizeof(u_int32_t));
|
||||||
@ -1154,6 +1145,17 @@ au_to_header32(int rec_size, au_event_t e_type, au_emod_t e_mod)
|
|||||||
return (t);
|
return (t);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#if !defined(KERNEL) && !defined(_KERNEL)
|
||||||
|
token_t *
|
||||||
|
au_to_header32(int rec_size, au_event_t e_type, au_emod_t e_mod)
|
||||||
|
{
|
||||||
|
struct timeval tm;
|
||||||
|
|
||||||
|
if (gettimeofday(&tm, NULL) == -1)
|
||||||
|
return (NULL);
|
||||||
|
return (au_to_header32_tm(rec_size, e_type, e_mod, tm));
|
||||||
|
}
|
||||||
|
|
||||||
token_t *
|
token_t *
|
||||||
au_to_header64(__unused int rec_size, __unused au_event_t e_type,
|
au_to_header64(__unused int rec_size, __unused au_event_t e_type,
|
||||||
__unused au_emod_t e_mod)
|
__unused au_emod_t e_mod)
|
||||||
@ -1169,6 +1171,7 @@ au_to_header(int rec_size, au_event_t e_type, au_emod_t e_mod)
|
|||||||
|
|
||||||
return (au_to_header32(rec_size, e_type, e_mod));
|
return (au_to_header32(rec_size, e_type, e_mod));
|
||||||
}
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* token ID 1 byte
|
* token ID 1 byte
|
||||||
|
@ -26,7 +26,7 @@
|
|||||||
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||||
* POSSIBILITY OF SUCH DAMAGE.
|
* POSSIBILITY OF SUCH DAMAGE.
|
||||||
*
|
*
|
||||||
* $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_wrappers.c#18 $
|
* $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_wrappers.c#23 $
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#ifdef __APPLE__
|
#ifdef __APPLE__
|
||||||
@ -46,6 +46,7 @@
|
|||||||
|
|
||||||
#include <unistd.h>
|
#include <unistd.h>
|
||||||
#include <syslog.h>
|
#include <syslog.h>
|
||||||
|
#include <stdarg.h>
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include <errno.h>
|
#include <errno.h>
|
||||||
|
|
||||||
@ -53,6 +54,115 @@
|
|||||||
int audit_set_terminal_port(dev_t *p);
|
int audit_set_terminal_port(dev_t *p);
|
||||||
int audit_set_terminal_host(uint32_t *m);
|
int audit_set_terminal_host(uint32_t *m);
|
||||||
|
|
||||||
|
/*
|
||||||
|
* General purpose audit submission mechanism for userspace.
|
||||||
|
*/
|
||||||
|
int
|
||||||
|
audit_submit(short au_event, au_id_t auid, char status,
|
||||||
|
int reterr, const char *fmt, ...)
|
||||||
|
{
|
||||||
|
char text[MAX_AUDITSTRING_LEN];
|
||||||
|
token_t *token;
|
||||||
|
long acond;
|
||||||
|
va_list ap;
|
||||||
|
pid_t pid;
|
||||||
|
int error, afd;
|
||||||
|
struct auditinfo ai;
|
||||||
|
|
||||||
|
if (auditon(A_GETCOND, &acond, sizeof(acond)) < 0) {
|
||||||
|
/*
|
||||||
|
* If auditon(2) returns ENOSYS, then audit has not been
|
||||||
|
* compiled into the kernel, so just return.
|
||||||
|
*/
|
||||||
|
if (errno == ENOSYS)
|
||||||
|
return (0);
|
||||||
|
error = errno;
|
||||||
|
syslog(LOG_AUTH | LOG_ERR, "audit: auditon failed: %s",
|
||||||
|
strerror(errno));
|
||||||
|
errno = error;
|
||||||
|
return (-1);
|
||||||
|
}
|
||||||
|
if (acond == AUC_NOAUDIT)
|
||||||
|
return (0);
|
||||||
|
afd = au_open();
|
||||||
|
if (afd < 0) {
|
||||||
|
error = errno;
|
||||||
|
syslog(LOG_AUTH | LOG_ERR, "audit: au_open failed: %s",
|
||||||
|
strerror(errno));
|
||||||
|
errno = error;
|
||||||
|
return (-1);
|
||||||
|
}
|
||||||
|
if (getaudit(&ai) < 0) {
|
||||||
|
error = errno;
|
||||||
|
syslog(LOG_AUTH | LOG_ERR, "audit: getaudit failed: %s",
|
||||||
|
strerror(errno));
|
||||||
|
errno = error;
|
||||||
|
return (-1);
|
||||||
|
}
|
||||||
|
pid = getpid();
|
||||||
|
token = au_to_subject32(auid, geteuid(), getegid(),
|
||||||
|
getuid(), getgid(), pid, pid, &ai.ai_termid);
|
||||||
|
if (token == NULL) {
|
||||||
|
syslog(LOG_AUTH | LOG_ERR,
|
||||||
|
"audit: unable to build subject token");
|
||||||
|
(void) au_close(afd, AU_TO_NO_WRITE, au_event);
|
||||||
|
errno = EPERM;
|
||||||
|
return (-1);
|
||||||
|
}
|
||||||
|
if (au_write(afd, token) < 0) {
|
||||||
|
error = errno;
|
||||||
|
syslog(LOG_AUTH | LOG_ERR,
|
||||||
|
"audit: au_write failed: %s", strerror(errno));
|
||||||
|
(void) au_close(afd, AU_TO_NO_WRITE, au_event);
|
||||||
|
errno = error;
|
||||||
|
return (-1);
|
||||||
|
}
|
||||||
|
if (fmt != NULL) {
|
||||||
|
va_start(ap, fmt);
|
||||||
|
(void) vsnprintf(text, MAX_AUDITSTRING_LEN, fmt, ap);
|
||||||
|
va_end(ap);
|
||||||
|
token = au_to_text(text);
|
||||||
|
if (token == NULL) {
|
||||||
|
syslog(LOG_AUTH | LOG_ERR,
|
||||||
|
"audit: failed to generate text token");
|
||||||
|
(void) au_close(afd, AU_TO_NO_WRITE, au_event);
|
||||||
|
errno = EPERM;
|
||||||
|
return (-1);
|
||||||
|
}
|
||||||
|
if (au_write(afd, token) < 0) {
|
||||||
|
error = errno;
|
||||||
|
syslog(LOG_AUTH | LOG_ERR,
|
||||||
|
"audit: au_write failed: %s", strerror(errno));
|
||||||
|
(void) au_close(afd, AU_TO_NO_WRITE, au_event);
|
||||||
|
errno = error;
|
||||||
|
return (-1);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
token = au_to_return32(status, reterr);
|
||||||
|
if (token == NULL) {
|
||||||
|
syslog(LOG_AUTH | LOG_ERR,
|
||||||
|
"audit: enable to build return token");
|
||||||
|
(void) au_close(afd, AU_TO_NO_WRITE, au_event);
|
||||||
|
errno = EPERM;
|
||||||
|
return (-1);
|
||||||
|
}
|
||||||
|
if (au_write(afd, token) < 0) {
|
||||||
|
error = errno;
|
||||||
|
syslog(LOG_AUTH | LOG_ERR,
|
||||||
|
"audit: au_write failed: %s", strerror(errno));
|
||||||
|
(void) au_close(afd, AU_TO_NO_WRITE, au_event);
|
||||||
|
errno = error;
|
||||||
|
return (-1);
|
||||||
|
}
|
||||||
|
if (au_close(afd, AU_TO_WRITE, au_event) < 0) {
|
||||||
|
error = errno;
|
||||||
|
syslog(LOG_AUTH | LOG_ERR, "audit: record not committed");
|
||||||
|
errno = error;
|
||||||
|
return (-1);
|
||||||
|
}
|
||||||
|
return (0);
|
||||||
|
}
|
||||||
|
|
||||||
int
|
int
|
||||||
audit_set_terminal_port(dev_t *p)
|
audit_set_terminal_port(dev_t *p)
|
||||||
{
|
{
|
||||||
@ -130,7 +240,7 @@ audit_set_terminal_id(au_tid_t *tid)
|
|||||||
* tok = au_to_random_token_2(...);
|
* tok = au_to_random_token_2(...);
|
||||||
* au_write(aufd, tok);
|
* au_write(aufd, tok);
|
||||||
* ...
|
* ...
|
||||||
* au_close(aufd, 1, AUE_your_event_type);
|
* au_close(aufd, AU_TO_WRITE, AUE_your_event_type);
|
||||||
*
|
*
|
||||||
* Assumes, like all wrapper calls, that the caller has previously checked
|
* Assumes, like all wrapper calls, that the caller has previously checked
|
||||||
* that auditing is enabled via the audit_get_state() call.
|
* that auditing is enabled via the audit_get_state() call.
|
||||||
@ -156,7 +266,7 @@ audit_write(short event_code, token_t *subject, token_t *misctok, char retval,
|
|||||||
if (subject && au_write(aufd, subject) == -1) {
|
if (subject && au_write(aufd, subject) == -1) {
|
||||||
au_free_token(subject);
|
au_free_token(subject);
|
||||||
au_free_token(misctok);
|
au_free_token(misctok);
|
||||||
(void)au_close(aufd, 0, event_code);
|
(void)au_close(aufd, AU_TO_WRITE, event_code);
|
||||||
syslog(LOG_ERR, "%s: write of subject failed", func);
|
syslog(LOG_ERR, "%s: write of subject failed", func);
|
||||||
return (kAUWriteSubjectTokErr);
|
return (kAUWriteSubjectTokErr);
|
||||||
}
|
}
|
||||||
@ -164,31 +274,30 @@ audit_write(short event_code, token_t *subject, token_t *misctok, char retval,
|
|||||||
/* Save the event-specific token. */
|
/* Save the event-specific token. */
|
||||||
if (misctok && au_write(aufd, misctok) == -1) {
|
if (misctok && au_write(aufd, misctok) == -1) {
|
||||||
au_free_token(misctok);
|
au_free_token(misctok);
|
||||||
(void)au_close(aufd, 0, event_code);
|
(void)au_close(aufd, AU_TO_NO_WRITE, event_code);
|
||||||
syslog(LOG_ERR, "%s: write of caller token failed", func);
|
syslog(LOG_ERR, "%s: write of caller token failed", func);
|
||||||
return (kAUWriteCallerTokErr);
|
return (kAUWriteCallerTokErr);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Tokenize and save the return value. */
|
/* Tokenize and save the return value. */
|
||||||
if ((rettok = au_to_return32(retval, errcode)) == NULL) {
|
if ((rettok = au_to_return32(retval, errcode)) == NULL) {
|
||||||
(void)au_close(aufd, 0, event_code);
|
(void)au_close(aufd, AU_TO_NO_WRITE, event_code);
|
||||||
syslog(LOG_ERR, "%s: au_to_return32() failed", func);
|
syslog(LOG_ERR, "%s: au_to_return32() failed", func);
|
||||||
return (kAUMakeReturnTokErr);
|
return (kAUMakeReturnTokErr);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (au_write(aufd, rettok) == -1) {
|
if (au_write(aufd, rettok) == -1) {
|
||||||
au_free_token(rettok);
|
au_free_token(rettok);
|
||||||
(void)au_close(aufd, 0, event_code);
|
(void)au_close(aufd, AU_TO_NO_WRITE, event_code);
|
||||||
syslog(LOG_ERR, "%s: write of return code failed", func);
|
syslog(LOG_ERR, "%s: write of return code failed", func);
|
||||||
return (kAUWriteReturnTokErr);
|
return (kAUWriteReturnTokErr);
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* au_close()'s second argument is "keep": if keep == 0, the record is
|
* We assume the caller wouldn't have bothered with this
|
||||||
* discarded. We assume the caller wouldn't have bothered with this
|
|
||||||
* function if it hadn't already decided to keep the record.
|
* function if it hadn't already decided to keep the record.
|
||||||
*/
|
*/
|
||||||
if (au_close(aufd, 1, event_code) < 0) {
|
if (au_close(aufd, AU_TO_WRITE, event_code) < 0) {
|
||||||
syslog(LOG_ERR, "%s: au_close() failed", func);
|
syslog(LOG_ERR, "%s: au_close() failed", func);
|
||||||
return (kAUCloseErr);
|
return (kAUCloseErr);
|
||||||
}
|
}
|
||||||
|
@ -23,7 +23,7 @@
|
|||||||
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
.\" SUCH DAMAGE.
|
.\" SUCH DAMAGE.
|
||||||
.\"
|
.\"
|
||||||
.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/libbsm.3#4 $
|
.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/libbsm.3#5 $
|
||||||
.\"
|
.\"
|
||||||
.Dd April 19, 2005
|
.Dd April 19, 2005
|
||||||
.Dt LIBBSM 3
|
.Dt LIBBSM 3
|
||||||
@ -158,9 +158,6 @@ representation.
|
|||||||
.Xr au_to_return32 3 ,
|
.Xr au_to_return32 3 ,
|
||||||
.Xr au_to_return64 3 ,
|
.Xr au_to_return64 3 ,
|
||||||
.Xr au_to_seq 3 ,
|
.Xr au_to_seq 3 ,
|
||||||
.Xr au_to_socket 3 ,
|
|
||||||
.Xr au_to_socket_ex_32 3 ,
|
|
||||||
.Xr au_to_socket_ex_128 3 ,
|
|
||||||
.Xr au_to_sock_inet 3 ,
|
.Xr au_to_sock_inet 3 ,
|
||||||
.Xr au_to_sock_inet32 3 ,
|
.Xr au_to_sock_inet32 3 ,
|
||||||
.Xr au_to_sock_inet128 3 ,
|
.Xr au_to_sock_inet128 3 ,
|
||||||
|
@ -23,7 +23,7 @@
|
|||||||
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
.\" SUCH DAMAGE.
|
.\" SUCH DAMAGE.
|
||||||
.\"
|
.\"
|
||||||
.\" $P4: //depot/projects/trustedbsd/openbsm/man/auditctl.2#4 $
|
.\" $P4: //depot/projects/trustedbsd/openbsm/man/auditctl.2#5 $
|
||||||
.\"
|
.\"
|
||||||
.Dd April 19, 2005
|
.Dd April 19, 2005
|
||||||
.Dt AUDITCTL 2
|
.Dt AUDITCTL 2
|
||||||
@ -34,7 +34,7 @@
|
|||||||
.Sh SYNOPSIS
|
.Sh SYNOPSIS
|
||||||
.In bsm/audit.h
|
.In bsm/audit.h
|
||||||
.Ft int
|
.Ft int
|
||||||
.Fn auditon "const char *path"
|
.Fn auditctl "const char *path"
|
||||||
.Sh DESCRIPTION
|
.Sh DESCRIPTION
|
||||||
The
|
The
|
||||||
.Fn auditctl
|
.Fn auditctl
|
||||||
|
7
contrib/openbsm/modules/Makefile.am
Normal file
7
contrib/openbsm/modules/Makefile.am
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
#
|
||||||
|
# $P4: //depot/projects/trustedbsd/openbsm/modules/Makefile.am#1 $
|
||||||
|
#
|
||||||
|
|
||||||
|
SUBDIRS = \
|
||||||
|
auditfilter_noop
|
||||||
|
|
477
contrib/openbsm/modules/Makefile.in
Normal file
477
contrib/openbsm/modules/Makefile.in
Normal file
@ -0,0 +1,477 @@
|
|||||||
|
# Makefile.in generated by automake 1.9.6 from Makefile.am.
|
||||||
|
# @configure_input@
|
||||||
|
|
||||||
|
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
|
||||||
|
# 2003, 2004, 2005 Free Software Foundation, Inc.
|
||||||
|
# This Makefile.in is free software; the Free Software Foundation
|
||||||
|
# gives unlimited permission to copy and/or distribute it,
|
||||||
|
# with or without modifications, as long as this notice is preserved.
|
||||||
|
|
||||||
|
# This program is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
|
||||||
|
# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
|
||||||
|
# PARTICULAR PURPOSE.
|
||||||
|
|
||||||
|
@SET_MAKE@
|
||||||
|
|
||||||
|
#
|
||||||
|
# $P4: //depot/projects/trustedbsd/openbsm/modules/Makefile.in#1 $
|
||||||
|
#
|
||||||
|
srcdir = @srcdir@
|
||||||
|
top_srcdir = @top_srcdir@
|
||||||
|
VPATH = @srcdir@
|
||||||
|
pkgdatadir = $(datadir)/@PACKAGE@
|
||||||
|
pkglibdir = $(libdir)/@PACKAGE@
|
||||||
|
pkgincludedir = $(includedir)/@PACKAGE@
|
||||||
|
top_builddir = ..
|
||||||
|
am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
|
||||||
|
INSTALL = @INSTALL@
|
||||||
|
install_sh_DATA = $(install_sh) -c -m 644
|
||||||
|
install_sh_PROGRAM = $(install_sh) -c
|
||||||
|
install_sh_SCRIPT = $(install_sh) -c
|
||||||
|
INSTALL_HEADER = $(INSTALL_DATA)
|
||||||
|
transform = $(program_transform_name)
|
||||||
|
NORMAL_INSTALL = :
|
||||||
|
PRE_INSTALL = :
|
||||||
|
POST_INSTALL = :
|
||||||
|
NORMAL_UNINSTALL = :
|
||||||
|
PRE_UNINSTALL = :
|
||||||
|
POST_UNINSTALL = :
|
||||||
|
build_triplet = @build@
|
||||||
|
host_triplet = @host@
|
||||||
|
subdir = modules
|
||||||
|
DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
|
||||||
|
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
|
||||||
|
am__aclocal_m4_deps = $(top_srcdir)/configure.ac
|
||||||
|
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
|
||||||
|
$(ACLOCAL_M4)
|
||||||
|
mkinstalldirs = $(install_sh) -d
|
||||||
|
CONFIG_HEADER = $(top_builddir)/config/config.h
|
||||||
|
CONFIG_CLEAN_FILES =
|
||||||
|
SOURCES =
|
||||||
|
DIST_SOURCES =
|
||||||
|
RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \
|
||||||
|
html-recursive info-recursive install-data-recursive \
|
||||||
|
install-exec-recursive install-info-recursive \
|
||||||
|
install-recursive installcheck-recursive installdirs-recursive \
|
||||||
|
pdf-recursive ps-recursive uninstall-info-recursive \
|
||||||
|
uninstall-recursive
|
||||||
|
ETAGS = etags
|
||||||
|
CTAGS = ctags
|
||||||
|
DIST_SUBDIRS = $(SUBDIRS)
|
||||||
|
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
|
||||||
|
ACLOCAL = @ACLOCAL@
|
||||||
|
AMDEP_FALSE = @AMDEP_FALSE@
|
||||||
|
AMDEP_TRUE = @AMDEP_TRUE@
|
||||||
|
AMTAR = @AMTAR@
|
||||||
|
AR = @AR@
|
||||||
|
AUTOCONF = @AUTOCONF@
|
||||||
|
AUTOHEADER = @AUTOHEADER@
|
||||||
|
AUTOMAKE = @AUTOMAKE@
|
||||||
|
AWK = @AWK@
|
||||||
|
CC = @CC@
|
||||||
|
CCDEPMODE = @CCDEPMODE@
|
||||||
|
CFLAGS = @CFLAGS@
|
||||||
|
CPP = @CPP@
|
||||||
|
CPPFLAGS = @CPPFLAGS@
|
||||||
|
CXX = @CXX@
|
||||||
|
CXXCPP = @CXXCPP@
|
||||||
|
CXXDEPMODE = @CXXDEPMODE@
|
||||||
|
CXXFLAGS = @CXXFLAGS@
|
||||||
|
CYGPATH_W = @CYGPATH_W@
|
||||||
|
DEFS = @DEFS@
|
||||||
|
DEPDIR = @DEPDIR@
|
||||||
|
ECHO = @ECHO@
|
||||||
|
ECHO_C = @ECHO_C@
|
||||||
|
ECHO_N = @ECHO_N@
|
||||||
|
ECHO_T = @ECHO_T@
|
||||||
|
EGREP = @EGREP@
|
||||||
|
EXEEXT = @EXEEXT@
|
||||||
|
F77 = @F77@
|
||||||
|
FFLAGS = @FFLAGS@
|
||||||
|
HAVE_AUDIT_SYSCALLS_FALSE = @HAVE_AUDIT_SYSCALLS_FALSE@
|
||||||
|
HAVE_AUDIT_SYSCALLS_TRUE = @HAVE_AUDIT_SYSCALLS_TRUE@
|
||||||
|
INSTALL_DATA = @INSTALL_DATA@
|
||||||
|
INSTALL_PROGRAM = @INSTALL_PROGRAM@
|
||||||
|
INSTALL_SCRIPT = @INSTALL_SCRIPT@
|
||||||
|
INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
|
||||||
|
LDFLAGS = @LDFLAGS@
|
||||||
|
LIBOBJS = @LIBOBJS@
|
||||||
|
LIBS = @LIBS@
|
||||||
|
LIBTOOL = @LIBTOOL@
|
||||||
|
LN_S = @LN_S@
|
||||||
|
LTLIBOBJS = @LTLIBOBJS@
|
||||||
|
MAINT = @MAINT@
|
||||||
|
MAINTAINER_MODE_FALSE = @MAINTAINER_MODE_FALSE@
|
||||||
|
MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@
|
||||||
|
MAKEINFO = @MAKEINFO@
|
||||||
|
OBJEXT = @OBJEXT@
|
||||||
|
PACKAGE = @PACKAGE@
|
||||||
|
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
|
||||||
|
PACKAGE_NAME = @PACKAGE_NAME@
|
||||||
|
PACKAGE_STRING = @PACKAGE_STRING@
|
||||||
|
PACKAGE_TARNAME = @PACKAGE_TARNAME@
|
||||||
|
PACKAGE_VERSION = @PACKAGE_VERSION@
|
||||||
|
PATH_SEPARATOR = @PATH_SEPARATOR@
|
||||||
|
RANLIB = @RANLIB@
|
||||||
|
SET_MAKE = @SET_MAKE@
|
||||||
|
SHELL = @SHELL@
|
||||||
|
STRIP = @STRIP@
|
||||||
|
VERSION = @VERSION@
|
||||||
|
ac_ct_AR = @ac_ct_AR@
|
||||||
|
ac_ct_CC = @ac_ct_CC@
|
||||||
|
ac_ct_CXX = @ac_ct_CXX@
|
||||||
|
ac_ct_F77 = @ac_ct_F77@
|
||||||
|
ac_ct_RANLIB = @ac_ct_RANLIB@
|
||||||
|
ac_ct_STRIP = @ac_ct_STRIP@
|
||||||
|
am__fastdepCC_FALSE = @am__fastdepCC_FALSE@
|
||||||
|
am__fastdepCC_TRUE = @am__fastdepCC_TRUE@
|
||||||
|
am__fastdepCXX_FALSE = @am__fastdepCXX_FALSE@
|
||||||
|
am__fastdepCXX_TRUE = @am__fastdepCXX_TRUE@
|
||||||
|
am__include = @am__include@
|
||||||
|
am__leading_dot = @am__leading_dot@
|
||||||
|
am__quote = @am__quote@
|
||||||
|
am__tar = @am__tar@
|
||||||
|
am__untar = @am__untar@
|
||||||
|
bindir = @bindir@
|
||||||
|
build = @build@
|
||||||
|
build_alias = @build_alias@
|
||||||
|
build_cpu = @build_cpu@
|
||||||
|
build_os = @build_os@
|
||||||
|
build_vendor = @build_vendor@
|
||||||
|
datadir = @datadir@
|
||||||
|
exec_prefix = @exec_prefix@
|
||||||
|
host = @host@
|
||||||
|
host_alias = @host_alias@
|
||||||
|
host_cpu = @host_cpu@
|
||||||
|
host_os = @host_os@
|
||||||
|
host_vendor = @host_vendor@
|
||||||
|
includedir = @includedir@
|
||||||
|
infodir = @infodir@
|
||||||
|
install_sh = @install_sh@
|
||||||
|
libdir = @libdir@
|
||||||
|
libexecdir = @libexecdir@
|
||||||
|
localstatedir = @localstatedir@
|
||||||
|
mandir = @mandir@
|
||||||
|
mkdir_p = @mkdir_p@
|
||||||
|
oldincludedir = @oldincludedir@
|
||||||
|
prefix = @prefix@
|
||||||
|
program_transform_name = @program_transform_name@
|
||||||
|
sbindir = @sbindir@
|
||||||
|
sharedstatedir = @sharedstatedir@
|
||||||
|
sysconfdir = @sysconfdir@
|
||||||
|
target_alias = @target_alias@
|
||||||
|
SUBDIRS = \
|
||||||
|
auditfilter_noop
|
||||||
|
|
||||||
|
all: all-recursive
|
||||||
|
|
||||||
|
.SUFFIXES:
|
||||||
|
$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps)
|
||||||
|
@for dep in $?; do \
|
||||||
|
case '$(am__configure_deps)' in \
|
||||||
|
*$$dep*) \
|
||||||
|
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
|
||||||
|
&& exit 0; \
|
||||||
|
exit 1;; \
|
||||||
|
esac; \
|
||||||
|
done; \
|
||||||
|
echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign modules/Makefile'; \
|
||||||
|
cd $(top_srcdir) && \
|
||||||
|
$(AUTOMAKE) --foreign modules/Makefile
|
||||||
|
.PRECIOUS: Makefile
|
||||||
|
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
|
||||||
|
@case '$?' in \
|
||||||
|
*config.status*) \
|
||||||
|
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
|
||||||
|
*) \
|
||||||
|
echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
|
||||||
|
cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
|
||||||
|
esac;
|
||||||
|
|
||||||
|
$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
|
||||||
|
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
|
||||||
|
|
||||||
|
$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
|
||||||
|
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
|
||||||
|
$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
|
||||||
|
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
|
||||||
|
|
||||||
|
mostlyclean-libtool:
|
||||||
|
-rm -f *.lo
|
||||||
|
|
||||||
|
clean-libtool:
|
||||||
|
-rm -rf .libs _libs
|
||||||
|
|
||||||
|
distclean-libtool:
|
||||||
|
-rm -f libtool
|
||||||
|
uninstall-info-am:
|
||||||
|
|
||||||
|
# This directory's subdirectories are mostly independent; you can cd
|
||||||
|
# into them and run `make' without going through this Makefile.
|
||||||
|
# To change the values of `make' variables: instead of editing Makefiles,
|
||||||
|
# (1) if the variable is set in `config.status', edit `config.status'
|
||||||
|
# (which will cause the Makefiles to be regenerated when you run `make');
|
||||||
|
# (2) otherwise, pass the desired values on the `make' command line.
|
||||||
|
$(RECURSIVE_TARGETS):
|
||||||
|
@failcom='exit 1'; \
|
||||||
|
for f in x $$MAKEFLAGS; do \
|
||||||
|
case $$f in \
|
||||||
|
*=* | --[!k]*);; \
|
||||||
|
*k*) failcom='fail=yes';; \
|
||||||
|
esac; \
|
||||||
|
done; \
|
||||||
|
dot_seen=no; \
|
||||||
|
target=`echo $@ | sed s/-recursive//`; \
|
||||||
|
list='$(SUBDIRS)'; for subdir in $$list; do \
|
||||||
|
echo "Making $$target in $$subdir"; \
|
||||||
|
if test "$$subdir" = "."; then \
|
||||||
|
dot_seen=yes; \
|
||||||
|
local_target="$$target-am"; \
|
||||||
|
else \
|
||||||
|
local_target="$$target"; \
|
||||||
|
fi; \
|
||||||
|
(cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \
|
||||||
|
|| eval $$failcom; \
|
||||||
|
done; \
|
||||||
|
if test "$$dot_seen" = "no"; then \
|
||||||
|
$(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \
|
||||||
|
fi; test -z "$$fail"
|
||||||
|
|
||||||
|
mostlyclean-recursive clean-recursive distclean-recursive \
|
||||||
|
maintainer-clean-recursive:
|
||||||
|
@failcom='exit 1'; \
|
||||||
|
for f in x $$MAKEFLAGS; do \
|
||||||
|
case $$f in \
|
||||||
|
*=* | --[!k]*);; \
|
||||||
|
*k*) failcom='fail=yes';; \
|
||||||
|
esac; \
|
||||||
|
done; \
|
||||||
|
dot_seen=no; \
|
||||||
|
case "$@" in \
|
||||||
|
distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \
|
||||||
|
*) list='$(SUBDIRS)' ;; \
|
||||||
|
esac; \
|
||||||
|
rev=''; for subdir in $$list; do \
|
||||||
|
if test "$$subdir" = "."; then :; else \
|
||||||
|
rev="$$subdir $$rev"; \
|
||||||
|
fi; \
|
||||||
|
done; \
|
||||||
|
rev="$$rev ."; \
|
||||||
|
target=`echo $@ | sed s/-recursive//`; \
|
||||||
|
for subdir in $$rev; do \
|
||||||
|
echo "Making $$target in $$subdir"; \
|
||||||
|
if test "$$subdir" = "."; then \
|
||||||
|
local_target="$$target-am"; \
|
||||||
|
else \
|
||||||
|
local_target="$$target"; \
|
||||||
|
fi; \
|
||||||
|
(cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \
|
||||||
|
|| eval $$failcom; \
|
||||||
|
done && test -z "$$fail"
|
||||||
|
tags-recursive:
|
||||||
|
list='$(SUBDIRS)'; for subdir in $$list; do \
|
||||||
|
test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \
|
||||||
|
done
|
||||||
|
ctags-recursive:
|
||||||
|
list='$(SUBDIRS)'; for subdir in $$list; do \
|
||||||
|
test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \
|
||||||
|
done
|
||||||
|
|
||||||
|
ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
|
||||||
|
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
|
||||||
|
unique=`for i in $$list; do \
|
||||||
|
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
|
||||||
|
done | \
|
||||||
|
$(AWK) ' { files[$$0] = 1; } \
|
||||||
|
END { for (i in files) print i; }'`; \
|
||||||
|
mkid -fID $$unique
|
||||||
|
tags: TAGS
|
||||||
|
|
||||||
|
TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
|
||||||
|
$(TAGS_FILES) $(LISP)
|
||||||
|
tags=; \
|
||||||
|
here=`pwd`; \
|
||||||
|
if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \
|
||||||
|
include_option=--etags-include; \
|
||||||
|
empty_fix=.; \
|
||||||
|
else \
|
||||||
|
include_option=--include; \
|
||||||
|
empty_fix=; \
|
||||||
|
fi; \
|
||||||
|
list='$(SUBDIRS)'; for subdir in $$list; do \
|
||||||
|
if test "$$subdir" = .; then :; else \
|
||||||
|
test ! -f $$subdir/TAGS || \
|
||||||
|
tags="$$tags $$include_option=$$here/$$subdir/TAGS"; \
|
||||||
|
fi; \
|
||||||
|
done; \
|
||||||
|
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
|
||||||
|
unique=`for i in $$list; do \
|
||||||
|
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
|
||||||
|
done | \
|
||||||
|
$(AWK) ' { files[$$0] = 1; } \
|
||||||
|
END { for (i in files) print i; }'`; \
|
||||||
|
if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
|
||||||
|
test -n "$$unique" || unique=$$empty_fix; \
|
||||||
|
$(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
|
||||||
|
$$tags $$unique; \
|
||||||
|
fi
|
||||||
|
ctags: CTAGS
|
||||||
|
CTAGS: ctags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
|
||||||
|
$(TAGS_FILES) $(LISP)
|
||||||
|
tags=; \
|
||||||
|
here=`pwd`; \
|
||||||
|
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
|
||||||
|
unique=`for i in $$list; do \
|
||||||
|
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
|
||||||
|
done | \
|
||||||
|
$(AWK) ' { files[$$0] = 1; } \
|
||||||
|
END { for (i in files) print i; }'`; \
|
||||||
|
test -z "$(CTAGS_ARGS)$$tags$$unique" \
|
||||||
|
|| $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
|
||||||
|
$$tags $$unique
|
||||||
|
|
||||||
|
GTAGS:
|
||||||
|
here=`$(am__cd) $(top_builddir) && pwd` \
|
||||||
|
&& cd $(top_srcdir) \
|
||||||
|
&& gtags -i $(GTAGS_ARGS) $$here
|
||||||
|
|
||||||
|
distclean-tags:
|
||||||
|
-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
|
||||||
|
|
||||||
|
distdir: $(DISTFILES)
|
||||||
|
@srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \
|
||||||
|
topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \
|
||||||
|
list='$(DISTFILES)'; for file in $$list; do \
|
||||||
|
case $$file in \
|
||||||
|
$(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \
|
||||||
|
$(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \
|
||||||
|
esac; \
|
||||||
|
if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
|
||||||
|
dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \
|
||||||
|
if test "$$dir" != "$$file" && test "$$dir" != "."; then \
|
||||||
|
dir="/$$dir"; \
|
||||||
|
$(mkdir_p) "$(distdir)$$dir"; \
|
||||||
|
else \
|
||||||
|
dir=''; \
|
||||||
|
fi; \
|
||||||
|
if test -d $$d/$$file; then \
|
||||||
|
if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
|
||||||
|
cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
|
||||||
|
fi; \
|
||||||
|
cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
|
||||||
|
else \
|
||||||
|
test -f $(distdir)/$$file \
|
||||||
|
|| cp -p $$d/$$file $(distdir)/$$file \
|
||||||
|
|| exit 1; \
|
||||||
|
fi; \
|
||||||
|
done
|
||||||
|
list='$(DIST_SUBDIRS)'; for subdir in $$list; do \
|
||||||
|
if test "$$subdir" = .; then :; else \
|
||||||
|
test -d "$(distdir)/$$subdir" \
|
||||||
|
|| $(mkdir_p) "$(distdir)/$$subdir" \
|
||||||
|
|| exit 1; \
|
||||||
|
distdir=`$(am__cd) $(distdir) && pwd`; \
|
||||||
|
top_distdir=`$(am__cd) $(top_distdir) && pwd`; \
|
||||||
|
(cd $$subdir && \
|
||||||
|
$(MAKE) $(AM_MAKEFLAGS) \
|
||||||
|
top_distdir="$$top_distdir" \
|
||||||
|
distdir="$$distdir/$$subdir" \
|
||||||
|
distdir) \
|
||||||
|
|| exit 1; \
|
||||||
|
fi; \
|
||||||
|
done
|
||||||
|
check-am: all-am
|
||||||
|
check: check-recursive
|
||||||
|
all-am: Makefile
|
||||||
|
installdirs: installdirs-recursive
|
||||||
|
installdirs-am:
|
||||||
|
install: install-recursive
|
||||||
|
install-exec: install-exec-recursive
|
||||||
|
install-data: install-data-recursive
|
||||||
|
uninstall: uninstall-recursive
|
||||||
|
|
||||||
|
install-am: all-am
|
||||||
|
@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
|
||||||
|
|
||||||
|
installcheck: installcheck-recursive
|
||||||
|
install-strip:
|
||||||
|
$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
|
||||||
|
install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
|
||||||
|
`test -z '$(STRIP)' || \
|
||||||
|
echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
|
||||||
|
mostlyclean-generic:
|
||||||
|
|
||||||
|
clean-generic:
|
||||||
|
|
||||||
|
distclean-generic:
|
||||||
|
-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
|
||||||
|
|
||||||
|
maintainer-clean-generic:
|
||||||
|
@echo "This command is intended for maintainers to use"
|
||||||
|
@echo "it deletes files that may require special tools to rebuild."
|
||||||
|
clean: clean-recursive
|
||||||
|
|
||||||
|
clean-am: clean-generic clean-libtool mostlyclean-am
|
||||||
|
|
||||||
|
distclean: distclean-recursive
|
||||||
|
-rm -f Makefile
|
||||||
|
distclean-am: clean-am distclean-generic distclean-libtool \
|
||||||
|
distclean-tags
|
||||||
|
|
||||||
|
dvi: dvi-recursive
|
||||||
|
|
||||||
|
dvi-am:
|
||||||
|
|
||||||
|
html: html-recursive
|
||||||
|
|
||||||
|
info: info-recursive
|
||||||
|
|
||||||
|
info-am:
|
||||||
|
|
||||||
|
install-data-am:
|
||||||
|
|
||||||
|
install-exec-am:
|
||||||
|
|
||||||
|
install-info: install-info-recursive
|
||||||
|
|
||||||
|
install-man:
|
||||||
|
|
||||||
|
installcheck-am:
|
||||||
|
|
||||||
|
maintainer-clean: maintainer-clean-recursive
|
||||||
|
-rm -f Makefile
|
||||||
|
maintainer-clean-am: distclean-am maintainer-clean-generic
|
||||||
|
|
||||||
|
mostlyclean: mostlyclean-recursive
|
||||||
|
|
||||||
|
mostlyclean-am: mostlyclean-generic mostlyclean-libtool
|
||||||
|
|
||||||
|
pdf: pdf-recursive
|
||||||
|
|
||||||
|
pdf-am:
|
||||||
|
|
||||||
|
ps: ps-recursive
|
||||||
|
|
||||||
|
ps-am:
|
||||||
|
|
||||||
|
uninstall-am: uninstall-info-am
|
||||||
|
|
||||||
|
uninstall-info: uninstall-info-recursive
|
||||||
|
|
||||||
|
.PHONY: $(RECURSIVE_TARGETS) CTAGS GTAGS all all-am check check-am \
|
||||||
|
clean clean-generic clean-libtool clean-recursive ctags \
|
||||||
|
ctags-recursive distclean distclean-generic distclean-libtool \
|
||||||
|
distclean-recursive distclean-tags distdir dvi dvi-am html \
|
||||||
|
html-am info info-am install install-am install-data \
|
||||||
|
install-data-am install-exec install-exec-am install-info \
|
||||||
|
install-info-am install-man install-strip installcheck \
|
||||||
|
installcheck-am installdirs installdirs-am maintainer-clean \
|
||||||
|
maintainer-clean-generic maintainer-clean-recursive \
|
||||||
|
mostlyclean mostlyclean-generic mostlyclean-libtool \
|
||||||
|
mostlyclean-recursive pdf pdf-am ps ps-am tags tags-recursive \
|
||||||
|
uninstall uninstall-am uninstall-info-am
|
||||||
|
|
||||||
|
# Tell versions [3.59,3.63) of GNU make to not export all variables.
|
||||||
|
# Otherwise a system limit (for SysV at least) may be exceeded.
|
||||||
|
.NOEXPORT:
|
10
contrib/openbsm/modules/auditfilter_noop/Makefile.am
Normal file
10
contrib/openbsm/modules/auditfilter_noop/Makefile.am
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
#
|
||||||
|
# $P4: //depot/projects/trustedbsd/openbsm/modules/auditfilter_noop/Makefile.am#1 $
|
||||||
|
#
|
||||||
|
|
||||||
|
INCLUDES = -I$(top_srcdir)
|
||||||
|
|
||||||
|
lib_LTLIBRARIES = auditfilter_noop.la
|
||||||
|
|
||||||
|
auditfilter_noop_la_SOURCE = auditfilter_noop.c
|
||||||
|
auditfilter_noop_la_LDFLAGS = -module
|
459
contrib/openbsm/modules/auditfilter_noop/Makefile.in
Normal file
459
contrib/openbsm/modules/auditfilter_noop/Makefile.in
Normal file
@ -0,0 +1,459 @@
|
|||||||
|
# Makefile.in generated by automake 1.9.6 from Makefile.am.
|
||||||
|
# @configure_input@
|
||||||
|
|
||||||
|
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
|
||||||
|
# 2003, 2004, 2005 Free Software Foundation, Inc.
|
||||||
|
# This Makefile.in is free software; the Free Software Foundation
|
||||||
|
# gives unlimited permission to copy and/or distribute it,
|
||||||
|
# with or without modifications, as long as this notice is preserved.
|
||||||
|
|
||||||
|
# This program is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
|
||||||
|
# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
|
||||||
|
# PARTICULAR PURPOSE.
|
||||||
|
|
||||||
|
@SET_MAKE@
|
||||||
|
|
||||||
|
#
|
||||||
|
# $P4: //depot/projects/trustedbsd/openbsm/modules/auditfilter_noop/Makefile.in#1 $
|
||||||
|
#
|
||||||
|
|
||||||
|
srcdir = @srcdir@
|
||||||
|
top_srcdir = @top_srcdir@
|
||||||
|
VPATH = @srcdir@
|
||||||
|
pkgdatadir = $(datadir)/@PACKAGE@
|
||||||
|
pkglibdir = $(libdir)/@PACKAGE@
|
||||||
|
pkgincludedir = $(includedir)/@PACKAGE@
|
||||||
|
top_builddir = ../..
|
||||||
|
am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
|
||||||
|
INSTALL = @INSTALL@
|
||||||
|
install_sh_DATA = $(install_sh) -c -m 644
|
||||||
|
install_sh_PROGRAM = $(install_sh) -c
|
||||||
|
install_sh_SCRIPT = $(install_sh) -c
|
||||||
|
INSTALL_HEADER = $(INSTALL_DATA)
|
||||||
|
transform = $(program_transform_name)
|
||||||
|
NORMAL_INSTALL = :
|
||||||
|
PRE_INSTALL = :
|
||||||
|
POST_INSTALL = :
|
||||||
|
NORMAL_UNINSTALL = :
|
||||||
|
PRE_UNINSTALL = :
|
||||||
|
POST_UNINSTALL = :
|
||||||
|
build_triplet = @build@
|
||||||
|
host_triplet = @host@
|
||||||
|
subdir = modules/auditfilter_noop
|
||||||
|
DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
|
||||||
|
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
|
||||||
|
am__aclocal_m4_deps = $(top_srcdir)/configure.ac
|
||||||
|
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
|
||||||
|
$(ACLOCAL_M4)
|
||||||
|
mkinstalldirs = $(install_sh) -d
|
||||||
|
CONFIG_HEADER = $(top_builddir)/config/config.h
|
||||||
|
CONFIG_CLEAN_FILES =
|
||||||
|
am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
|
||||||
|
am__vpath_adj = case $$p in \
|
||||||
|
$(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
|
||||||
|
*) f=$$p;; \
|
||||||
|
esac;
|
||||||
|
am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
|
||||||
|
am__installdirs = "$(DESTDIR)$(libdir)"
|
||||||
|
libLTLIBRARIES_INSTALL = $(INSTALL)
|
||||||
|
LTLIBRARIES = $(lib_LTLIBRARIES)
|
||||||
|
auditfilter_noop_la_LIBADD =
|
||||||
|
auditfilter_noop_la_SOURCES = auditfilter_noop.c
|
||||||
|
auditfilter_noop_la_OBJECTS = auditfilter_noop.lo
|
||||||
|
DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/config
|
||||||
|
depcomp = $(SHELL) $(top_srcdir)/config/depcomp
|
||||||
|
am__depfiles_maybe = depfiles
|
||||||
|
COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
|
||||||
|
$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
|
||||||
|
LTCOMPILE = $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) \
|
||||||
|
$(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \
|
||||||
|
$(AM_CFLAGS) $(CFLAGS)
|
||||||
|
CCLD = $(CC)
|
||||||
|
LINK = $(LIBTOOL) --tag=CC --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
|
||||||
|
$(AM_LDFLAGS) $(LDFLAGS) -o $@
|
||||||
|
SOURCES = auditfilter_noop.c
|
||||||
|
DIST_SOURCES = auditfilter_noop.c
|
||||||
|
ETAGS = etags
|
||||||
|
CTAGS = ctags
|
||||||
|
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
|
||||||
|
ACLOCAL = @ACLOCAL@
|
||||||
|
AMDEP_FALSE = @AMDEP_FALSE@
|
||||||
|
AMDEP_TRUE = @AMDEP_TRUE@
|
||||||
|
AMTAR = @AMTAR@
|
||||||
|
AR = @AR@
|
||||||
|
AUTOCONF = @AUTOCONF@
|
||||||
|
AUTOHEADER = @AUTOHEADER@
|
||||||
|
AUTOMAKE = @AUTOMAKE@
|
||||||
|
AWK = @AWK@
|
||||||
|
CC = @CC@
|
||||||
|
CCDEPMODE = @CCDEPMODE@
|
||||||
|
CFLAGS = @CFLAGS@
|
||||||
|
CPP = @CPP@
|
||||||
|
CPPFLAGS = @CPPFLAGS@
|
||||||
|
CXX = @CXX@
|
||||||
|
CXXCPP = @CXXCPP@
|
||||||
|
CXXDEPMODE = @CXXDEPMODE@
|
||||||
|
CXXFLAGS = @CXXFLAGS@
|
||||||
|
CYGPATH_W = @CYGPATH_W@
|
||||||
|
DEFS = @DEFS@
|
||||||
|
DEPDIR = @DEPDIR@
|
||||||
|
ECHO = @ECHO@
|
||||||
|
ECHO_C = @ECHO_C@
|
||||||
|
ECHO_N = @ECHO_N@
|
||||||
|
ECHO_T = @ECHO_T@
|
||||||
|
EGREP = @EGREP@
|
||||||
|
EXEEXT = @EXEEXT@
|
||||||
|
F77 = @F77@
|
||||||
|
FFLAGS = @FFLAGS@
|
||||||
|
HAVE_AUDIT_SYSCALLS_FALSE = @HAVE_AUDIT_SYSCALLS_FALSE@
|
||||||
|
HAVE_AUDIT_SYSCALLS_TRUE = @HAVE_AUDIT_SYSCALLS_TRUE@
|
||||||
|
INSTALL_DATA = @INSTALL_DATA@
|
||||||
|
INSTALL_PROGRAM = @INSTALL_PROGRAM@
|
||||||
|
INSTALL_SCRIPT = @INSTALL_SCRIPT@
|
||||||
|
INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
|
||||||
|
LDFLAGS = @LDFLAGS@
|
||||||
|
LIBOBJS = @LIBOBJS@
|
||||||
|
LIBS = @LIBS@
|
||||||
|
LIBTOOL = @LIBTOOL@
|
||||||
|
LN_S = @LN_S@
|
||||||
|
LTLIBOBJS = @LTLIBOBJS@
|
||||||
|
MAINT = @MAINT@
|
||||||
|
MAINTAINER_MODE_FALSE = @MAINTAINER_MODE_FALSE@
|
||||||
|
MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@
|
||||||
|
MAKEINFO = @MAKEINFO@
|
||||||
|
OBJEXT = @OBJEXT@
|
||||||
|
PACKAGE = @PACKAGE@
|
||||||
|
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
|
||||||
|
PACKAGE_NAME = @PACKAGE_NAME@
|
||||||
|
PACKAGE_STRING = @PACKAGE_STRING@
|
||||||
|
PACKAGE_TARNAME = @PACKAGE_TARNAME@
|
||||||
|
PACKAGE_VERSION = @PACKAGE_VERSION@
|
||||||
|
PATH_SEPARATOR = @PATH_SEPARATOR@
|
||||||
|
RANLIB = @RANLIB@
|
||||||
|
SET_MAKE = @SET_MAKE@
|
||||||
|
SHELL = @SHELL@
|
||||||
|
STRIP = @STRIP@
|
||||||
|
VERSION = @VERSION@
|
||||||
|
ac_ct_AR = @ac_ct_AR@
|
||||||
|
ac_ct_CC = @ac_ct_CC@
|
||||||
|
ac_ct_CXX = @ac_ct_CXX@
|
||||||
|
ac_ct_F77 = @ac_ct_F77@
|
||||||
|
ac_ct_RANLIB = @ac_ct_RANLIB@
|
||||||
|
ac_ct_STRIP = @ac_ct_STRIP@
|
||||||
|
am__fastdepCC_FALSE = @am__fastdepCC_FALSE@
|
||||||
|
am__fastdepCC_TRUE = @am__fastdepCC_TRUE@
|
||||||
|
am__fastdepCXX_FALSE = @am__fastdepCXX_FALSE@
|
||||||
|
am__fastdepCXX_TRUE = @am__fastdepCXX_TRUE@
|
||||||
|
am__include = @am__include@
|
||||||
|
am__leading_dot = @am__leading_dot@
|
||||||
|
am__quote = @am__quote@
|
||||||
|
am__tar = @am__tar@
|
||||||
|
am__untar = @am__untar@
|
||||||
|
bindir = @bindir@
|
||||||
|
build = @build@
|
||||||
|
build_alias = @build_alias@
|
||||||
|
build_cpu = @build_cpu@
|
||||||
|
build_os = @build_os@
|
||||||
|
build_vendor = @build_vendor@
|
||||||
|
datadir = @datadir@
|
||||||
|
exec_prefix = @exec_prefix@
|
||||||
|
host = @host@
|
||||||
|
host_alias = @host_alias@
|
||||||
|
host_cpu = @host_cpu@
|
||||||
|
host_os = @host_os@
|
||||||
|
host_vendor = @host_vendor@
|
||||||
|
includedir = @includedir@
|
||||||
|
infodir = @infodir@
|
||||||
|
install_sh = @install_sh@
|
||||||
|
libdir = @libdir@
|
||||||
|
libexecdir = @libexecdir@
|
||||||
|
localstatedir = @localstatedir@
|
||||||
|
mandir = @mandir@
|
||||||
|
mkdir_p = @mkdir_p@
|
||||||
|
oldincludedir = @oldincludedir@
|
||||||
|
prefix = @prefix@
|
||||||
|
program_transform_name = @program_transform_name@
|
||||||
|
sbindir = @sbindir@
|
||||||
|
sharedstatedir = @sharedstatedir@
|
||||||
|
sysconfdir = @sysconfdir@
|
||||||
|
target_alias = @target_alias@
|
||||||
|
INCLUDES = -I$(top_srcdir)
|
||||||
|
lib_LTLIBRARIES = auditfilter_noop.la
|
||||||
|
auditfilter_noop_la_SOURCE = auditfilter_noop.c
|
||||||
|
auditfilter_noop_la_LDFLAGS = -module
|
||||||
|
all: all-am
|
||||||
|
|
||||||
|
.SUFFIXES:
|
||||||
|
.SUFFIXES: .c .lo .o .obj
|
||||||
|
$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps)
|
||||||
|
@for dep in $?; do \
|
||||||
|
case '$(am__configure_deps)' in \
|
||||||
|
*$$dep*) \
|
||||||
|
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
|
||||||
|
&& exit 0; \
|
||||||
|
exit 1;; \
|
||||||
|
esac; \
|
||||||
|
done; \
|
||||||
|
echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign modules/auditfilter_noop/Makefile'; \
|
||||||
|
cd $(top_srcdir) && \
|
||||||
|
$(AUTOMAKE) --foreign modules/auditfilter_noop/Makefile
|
||||||
|
.PRECIOUS: Makefile
|
||||||
|
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
|
||||||
|
@case '$?' in \
|
||||||
|
*config.status*) \
|
||||||
|
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
|
||||||
|
*) \
|
||||||
|
echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
|
||||||
|
cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
|
||||||
|
esac;
|
||||||
|
|
||||||
|
$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
|
||||||
|
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
|
||||||
|
|
||||||
|
$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
|
||||||
|
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
|
||||||
|
$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
|
||||||
|
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
|
||||||
|
install-libLTLIBRARIES: $(lib_LTLIBRARIES)
|
||||||
|
@$(NORMAL_INSTALL)
|
||||||
|
test -z "$(libdir)" || $(mkdir_p) "$(DESTDIR)$(libdir)"
|
||||||
|
@list='$(lib_LTLIBRARIES)'; for p in $$list; do \
|
||||||
|
if test -f $$p; then \
|
||||||
|
f=$(am__strip_dir) \
|
||||||
|
echo " $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \
|
||||||
|
$(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \
|
||||||
|
else :; fi; \
|
||||||
|
done
|
||||||
|
|
||||||
|
uninstall-libLTLIBRARIES:
|
||||||
|
@$(NORMAL_UNINSTALL)
|
||||||
|
@set -x; list='$(lib_LTLIBRARIES)'; for p in $$list; do \
|
||||||
|
p=$(am__strip_dir) \
|
||||||
|
echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \
|
||||||
|
$(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \
|
||||||
|
done
|
||||||
|
|
||||||
|
clean-libLTLIBRARIES:
|
||||||
|
-test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES)
|
||||||
|
@list='$(lib_LTLIBRARIES)'; for p in $$list; do \
|
||||||
|
dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
|
||||||
|
test "$$dir" != "$$p" || dir=.; \
|
||||||
|
echo "rm -f \"$${dir}/so_locations\""; \
|
||||||
|
rm -f "$${dir}/so_locations"; \
|
||||||
|
done
|
||||||
|
auditfilter_noop.la: $(auditfilter_noop_la_OBJECTS) $(auditfilter_noop_la_DEPENDENCIES)
|
||||||
|
$(LINK) -rpath $(libdir) $(auditfilter_noop_la_LDFLAGS) $(auditfilter_noop_la_OBJECTS) $(auditfilter_noop_la_LIBADD) $(LIBS)
|
||||||
|
|
||||||
|
mostlyclean-compile:
|
||||||
|
-rm -f *.$(OBJEXT)
|
||||||
|
|
||||||
|
distclean-compile:
|
||||||
|
-rm -f *.tab.c
|
||||||
|
|
||||||
|
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/auditfilter_noop.Plo@am__quote@
|
||||||
|
|
||||||
|
.c.o:
|
||||||
|
@am__fastdepCC_TRUE@ if $(COMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ $<; \
|
||||||
|
@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Po"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi
|
||||||
|
@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
|
||||||
|
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
|
||||||
|
@am__fastdepCC_FALSE@ $(COMPILE) -c $<
|
||||||
|
|
||||||
|
.c.obj:
|
||||||
|
@am__fastdepCC_TRUE@ if $(COMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ `$(CYGPATH_W) '$<'`; \
|
||||||
|
@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Po"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi
|
||||||
|
@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
|
||||||
|
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
|
||||||
|
@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
|
||||||
|
|
||||||
|
.c.lo:
|
||||||
|
@am__fastdepCC_TRUE@ if $(LTCOMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ $<; \
|
||||||
|
@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Plo"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi
|
||||||
|
@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
|
||||||
|
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
|
||||||
|
@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
|
||||||
|
|
||||||
|
mostlyclean-libtool:
|
||||||
|
-rm -f *.lo
|
||||||
|
|
||||||
|
clean-libtool:
|
||||||
|
-rm -rf .libs _libs
|
||||||
|
|
||||||
|
distclean-libtool:
|
||||||
|
-rm -f libtool
|
||||||
|
uninstall-info-am:
|
||||||
|
|
||||||
|
ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
|
||||||
|
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
|
||||||
|
unique=`for i in $$list; do \
|
||||||
|
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
|
||||||
|
done | \
|
||||||
|
$(AWK) ' { files[$$0] = 1; } \
|
||||||
|
END { for (i in files) print i; }'`; \
|
||||||
|
mkid -fID $$unique
|
||||||
|
tags: TAGS
|
||||||
|
|
||||||
|
TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
|
||||||
|
$(TAGS_FILES) $(LISP)
|
||||||
|
tags=; \
|
||||||
|
here=`pwd`; \
|
||||||
|
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
|
||||||
|
unique=`for i in $$list; do \
|
||||||
|
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
|
||||||
|
done | \
|
||||||
|
$(AWK) ' { files[$$0] = 1; } \
|
||||||
|
END { for (i in files) print i; }'`; \
|
||||||
|
if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
|
||||||
|
test -n "$$unique" || unique=$$empty_fix; \
|
||||||
|
$(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
|
||||||
|
$$tags $$unique; \
|
||||||
|
fi
|
||||||
|
ctags: CTAGS
|
||||||
|
CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
|
||||||
|
$(TAGS_FILES) $(LISP)
|
||||||
|
tags=; \
|
||||||
|
here=`pwd`; \
|
||||||
|
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
|
||||||
|
unique=`for i in $$list; do \
|
||||||
|
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
|
||||||
|
done | \
|
||||||
|
$(AWK) ' { files[$$0] = 1; } \
|
||||||
|
END { for (i in files) print i; }'`; \
|
||||||
|
test -z "$(CTAGS_ARGS)$$tags$$unique" \
|
||||||
|
|| $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
|
||||||
|
$$tags $$unique
|
||||||
|
|
||||||
|
GTAGS:
|
||||||
|
here=`$(am__cd) $(top_builddir) && pwd` \
|
||||||
|
&& cd $(top_srcdir) \
|
||||||
|
&& gtags -i $(GTAGS_ARGS) $$here
|
||||||
|
|
||||||
|
distclean-tags:
|
||||||
|
-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
|
||||||
|
|
||||||
|
distdir: $(DISTFILES)
|
||||||
|
@srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \
|
||||||
|
topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \
|
||||||
|
list='$(DISTFILES)'; for file in $$list; do \
|
||||||
|
case $$file in \
|
||||||
|
$(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \
|
||||||
|
$(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \
|
||||||
|
esac; \
|
||||||
|
if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
|
||||||
|
dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \
|
||||||
|
if test "$$dir" != "$$file" && test "$$dir" != "."; then \
|
||||||
|
dir="/$$dir"; \
|
||||||
|
$(mkdir_p) "$(distdir)$$dir"; \
|
||||||
|
else \
|
||||||
|
dir=''; \
|
||||||
|
fi; \
|
||||||
|
if test -d $$d/$$file; then \
|
||||||
|
if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
|
||||||
|
cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
|
||||||
|
fi; \
|
||||||
|
cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
|
||||||
|
else \
|
||||||
|
test -f $(distdir)/$$file \
|
||||||
|
|| cp -p $$d/$$file $(distdir)/$$file \
|
||||||
|
|| exit 1; \
|
||||||
|
fi; \
|
||||||
|
done
|
||||||
|
check-am: all-am
|
||||||
|
check: check-am
|
||||||
|
all-am: Makefile $(LTLIBRARIES)
|
||||||
|
installdirs:
|
||||||
|
for dir in "$(DESTDIR)$(libdir)"; do \
|
||||||
|
test -z "$$dir" || $(mkdir_p) "$$dir"; \
|
||||||
|
done
|
||||||
|
install: install-am
|
||||||
|
install-exec: install-exec-am
|
||||||
|
install-data: install-data-am
|
||||||
|
uninstall: uninstall-am
|
||||||
|
|
||||||
|
install-am: all-am
|
||||||
|
@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
|
||||||
|
|
||||||
|
installcheck: installcheck-am
|
||||||
|
install-strip:
|
||||||
|
$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
|
||||||
|
install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
|
||||||
|
`test -z '$(STRIP)' || \
|
||||||
|
echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
|
||||||
|
mostlyclean-generic:
|
||||||
|
|
||||||
|
clean-generic:
|
||||||
|
|
||||||
|
distclean-generic:
|
||||||
|
-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
|
||||||
|
|
||||||
|
maintainer-clean-generic:
|
||||||
|
@echo "This command is intended for maintainers to use"
|
||||||
|
@echo "it deletes files that may require special tools to rebuild."
|
||||||
|
clean: clean-am
|
||||||
|
|
||||||
|
clean-am: clean-generic clean-libLTLIBRARIES clean-libtool \
|
||||||
|
mostlyclean-am
|
||||||
|
|
||||||
|
distclean: distclean-am
|
||||||
|
-rm -rf ./$(DEPDIR)
|
||||||
|
-rm -f Makefile
|
||||||
|
distclean-am: clean-am distclean-compile distclean-generic \
|
||||||
|
distclean-libtool distclean-tags
|
||||||
|
|
||||||
|
dvi: dvi-am
|
||||||
|
|
||||||
|
dvi-am:
|
||||||
|
|
||||||
|
html: html-am
|
||||||
|
|
||||||
|
info: info-am
|
||||||
|
|
||||||
|
info-am:
|
||||||
|
|
||||||
|
install-data-am:
|
||||||
|
|
||||||
|
install-exec-am: install-libLTLIBRARIES
|
||||||
|
|
||||||
|
install-info: install-info-am
|
||||||
|
|
||||||
|
install-man:
|
||||||
|
|
||||||
|
installcheck-am:
|
||||||
|
|
||||||
|
maintainer-clean: maintainer-clean-am
|
||||||
|
-rm -rf ./$(DEPDIR)
|
||||||
|
-rm -f Makefile
|
||||||
|
maintainer-clean-am: distclean-am maintainer-clean-generic
|
||||||
|
|
||||||
|
mostlyclean: mostlyclean-am
|
||||||
|
|
||||||
|
mostlyclean-am: mostlyclean-compile mostlyclean-generic \
|
||||||
|
mostlyclean-libtool
|
||||||
|
|
||||||
|
pdf: pdf-am
|
||||||
|
|
||||||
|
pdf-am:
|
||||||
|
|
||||||
|
ps: ps-am
|
||||||
|
|
||||||
|
ps-am:
|
||||||
|
|
||||||
|
uninstall-am: uninstall-info-am uninstall-libLTLIBRARIES
|
||||||
|
|
||||||
|
.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
|
||||||
|
clean-libLTLIBRARIES clean-libtool ctags distclean \
|
||||||
|
distclean-compile distclean-generic distclean-libtool \
|
||||||
|
distclean-tags distdir dvi dvi-am html html-am info info-am \
|
||||||
|
install install-am install-data install-data-am install-exec \
|
||||||
|
install-exec-am install-info install-info-am \
|
||||||
|
install-libLTLIBRARIES install-man install-strip installcheck \
|
||||||
|
installcheck-am installdirs maintainer-clean \
|
||||||
|
maintainer-clean-generic mostlyclean mostlyclean-compile \
|
||||||
|
mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
|
||||||
|
tags uninstall uninstall-am uninstall-info-am \
|
||||||
|
uninstall-libLTLIBRARIES
|
||||||
|
|
||||||
|
# Tell versions [3.59,3.63) of GNU make to not export all variables.
|
||||||
|
# Otherwise a system limit (for SysV at least) may be exceeded.
|
||||||
|
.NOEXPORT:
|
73
contrib/openbsm/modules/auditfilter_noop/auditfilter_noop.c
Normal file
73
contrib/openbsm/modules/auditfilter_noop/auditfilter_noop.c
Normal file
@ -0,0 +1,73 @@
|
|||||||
|
/*-
|
||||||
|
* Copyright (c) 2006 Robert N. M. Watson
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This software was developed by Robert Watson for the TrustedBSD Project.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* $P4: //depot/projects/trustedbsd/openbsm/modules/auditfilter_noop/auditfilter_noop.c#2 $
|
||||||
|
*/
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Sample audit filter: no-op which sinks audit records in both BSM and
|
||||||
|
* parsed formats, but does nothing with them.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <bsm/libbsm.h>
|
||||||
|
|
||||||
|
#include <bsm/libbsm.h>
|
||||||
|
#include <bsm/audit_filter.h>
|
||||||
|
|
||||||
|
int
|
||||||
|
AUDIT_FILTER_ATTACH(void **instance, int argc, char *argv[])
|
||||||
|
{
|
||||||
|
|
||||||
|
return (0);
|
||||||
|
}
|
||||||
|
|
||||||
|
int
|
||||||
|
AUDIT_FILTER_REINIT(void *instance, int argc, char *argv[])
|
||||||
|
{
|
||||||
|
|
||||||
|
return (0);
|
||||||
|
}
|
||||||
|
|
||||||
|
void
|
||||||
|
AUDIT_FILTER_RECORD(void *instance, struct timespec *ts, int token_count,
|
||||||
|
const tokenstr_t *tok[])
|
||||||
|
{
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
void
|
||||||
|
AUDIT_FILTER_BSMRECORD(void *instance, struct timespec *ts, u_char *data,
|
||||||
|
u_int len)
|
||||||
|
{
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
void
|
||||||
|
AUDIT_FILTER_DETACH(void *instance)
|
||||||
|
{
|
||||||
|
|
||||||
|
}
|
6
contrib/openbsm/test/Makefile.am
Normal file
6
contrib/openbsm/test/Makefile.am
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
#
|
||||||
|
# $P4: //depot/projects/trustedbsd/openbsm/test/Makefile.am#1 $
|
||||||
|
#
|
||||||
|
|
||||||
|
SUBDIRS = \
|
||||||
|
bsm
|
477
contrib/openbsm/test/Makefile.in
Normal file
477
contrib/openbsm/test/Makefile.in
Normal file
@ -0,0 +1,477 @@
|
|||||||
|
# Makefile.in generated by automake 1.9.6 from Makefile.am.
|
||||||
|
# @configure_input@
|
||||||
|
|
||||||
|
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
|
||||||
|
# 2003, 2004, 2005 Free Software Foundation, Inc.
|
||||||
|
# This Makefile.in is free software; the Free Software Foundation
|
||||||
|
# gives unlimited permission to copy and/or distribute it,
|
||||||
|
# with or without modifications, as long as this notice is preserved.
|
||||||
|
|
||||||
|
# This program is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
|
||||||
|
# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
|
||||||
|
# PARTICULAR PURPOSE.
|
||||||
|
|
||||||
|
@SET_MAKE@
|
||||||
|
|
||||||
|
#
|
||||||
|
# $P4: //depot/projects/trustedbsd/openbsm/test/Makefile.in#1 $
|
||||||
|
#
|
||||||
|
srcdir = @srcdir@
|
||||||
|
top_srcdir = @top_srcdir@
|
||||||
|
VPATH = @srcdir@
|
||||||
|
pkgdatadir = $(datadir)/@PACKAGE@
|
||||||
|
pkglibdir = $(libdir)/@PACKAGE@
|
||||||
|
pkgincludedir = $(includedir)/@PACKAGE@
|
||||||
|
top_builddir = ..
|
||||||
|
am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
|
||||||
|
INSTALL = @INSTALL@
|
||||||
|
install_sh_DATA = $(install_sh) -c -m 644
|
||||||
|
install_sh_PROGRAM = $(install_sh) -c
|
||||||
|
install_sh_SCRIPT = $(install_sh) -c
|
||||||
|
INSTALL_HEADER = $(INSTALL_DATA)
|
||||||
|
transform = $(program_transform_name)
|
||||||
|
NORMAL_INSTALL = :
|
||||||
|
PRE_INSTALL = :
|
||||||
|
POST_INSTALL = :
|
||||||
|
NORMAL_UNINSTALL = :
|
||||||
|
PRE_UNINSTALL = :
|
||||||
|
POST_UNINSTALL = :
|
||||||
|
build_triplet = @build@
|
||||||
|
host_triplet = @host@
|
||||||
|
subdir = test
|
||||||
|
DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
|
||||||
|
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
|
||||||
|
am__aclocal_m4_deps = $(top_srcdir)/configure.ac
|
||||||
|
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
|
||||||
|
$(ACLOCAL_M4)
|
||||||
|
mkinstalldirs = $(install_sh) -d
|
||||||
|
CONFIG_HEADER = $(top_builddir)/config/config.h
|
||||||
|
CONFIG_CLEAN_FILES =
|
||||||
|
SOURCES =
|
||||||
|
DIST_SOURCES =
|
||||||
|
RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \
|
||||||
|
html-recursive info-recursive install-data-recursive \
|
||||||
|
install-exec-recursive install-info-recursive \
|
||||||
|
install-recursive installcheck-recursive installdirs-recursive \
|
||||||
|
pdf-recursive ps-recursive uninstall-info-recursive \
|
||||||
|
uninstall-recursive
|
||||||
|
ETAGS = etags
|
||||||
|
CTAGS = ctags
|
||||||
|
DIST_SUBDIRS = $(SUBDIRS)
|
||||||
|
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
|
||||||
|
ACLOCAL = @ACLOCAL@
|
||||||
|
AMDEP_FALSE = @AMDEP_FALSE@
|
||||||
|
AMDEP_TRUE = @AMDEP_TRUE@
|
||||||
|
AMTAR = @AMTAR@
|
||||||
|
AR = @AR@
|
||||||
|
AUTOCONF = @AUTOCONF@
|
||||||
|
AUTOHEADER = @AUTOHEADER@
|
||||||
|
AUTOMAKE = @AUTOMAKE@
|
||||||
|
AWK = @AWK@
|
||||||
|
CC = @CC@
|
||||||
|
CCDEPMODE = @CCDEPMODE@
|
||||||
|
CFLAGS = @CFLAGS@
|
||||||
|
CPP = @CPP@
|
||||||
|
CPPFLAGS = @CPPFLAGS@
|
||||||
|
CXX = @CXX@
|
||||||
|
CXXCPP = @CXXCPP@
|
||||||
|
CXXDEPMODE = @CXXDEPMODE@
|
||||||
|
CXXFLAGS = @CXXFLAGS@
|
||||||
|
CYGPATH_W = @CYGPATH_W@
|
||||||
|
DEFS = @DEFS@
|
||||||
|
DEPDIR = @DEPDIR@
|
||||||
|
ECHO = @ECHO@
|
||||||
|
ECHO_C = @ECHO_C@
|
||||||
|
ECHO_N = @ECHO_N@
|
||||||
|
ECHO_T = @ECHO_T@
|
||||||
|
EGREP = @EGREP@
|
||||||
|
EXEEXT = @EXEEXT@
|
||||||
|
F77 = @F77@
|
||||||
|
FFLAGS = @FFLAGS@
|
||||||
|
HAVE_AUDIT_SYSCALLS_FALSE = @HAVE_AUDIT_SYSCALLS_FALSE@
|
||||||
|
HAVE_AUDIT_SYSCALLS_TRUE = @HAVE_AUDIT_SYSCALLS_TRUE@
|
||||||
|
INSTALL_DATA = @INSTALL_DATA@
|
||||||
|
INSTALL_PROGRAM = @INSTALL_PROGRAM@
|
||||||
|
INSTALL_SCRIPT = @INSTALL_SCRIPT@
|
||||||
|
INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
|
||||||
|
LDFLAGS = @LDFLAGS@
|
||||||
|
LIBOBJS = @LIBOBJS@
|
||||||
|
LIBS = @LIBS@
|
||||||
|
LIBTOOL = @LIBTOOL@
|
||||||
|
LN_S = @LN_S@
|
||||||
|
LTLIBOBJS = @LTLIBOBJS@
|
||||||
|
MAINT = @MAINT@
|
||||||
|
MAINTAINER_MODE_FALSE = @MAINTAINER_MODE_FALSE@
|
||||||
|
MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@
|
||||||
|
MAKEINFO = @MAKEINFO@
|
||||||
|
OBJEXT = @OBJEXT@
|
||||||
|
PACKAGE = @PACKAGE@
|
||||||
|
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
|
||||||
|
PACKAGE_NAME = @PACKAGE_NAME@
|
||||||
|
PACKAGE_STRING = @PACKAGE_STRING@
|
||||||
|
PACKAGE_TARNAME = @PACKAGE_TARNAME@
|
||||||
|
PACKAGE_VERSION = @PACKAGE_VERSION@
|
||||||
|
PATH_SEPARATOR = @PATH_SEPARATOR@
|
||||||
|
RANLIB = @RANLIB@
|
||||||
|
SET_MAKE = @SET_MAKE@
|
||||||
|
SHELL = @SHELL@
|
||||||
|
STRIP = @STRIP@
|
||||||
|
VERSION = @VERSION@
|
||||||
|
ac_ct_AR = @ac_ct_AR@
|
||||||
|
ac_ct_CC = @ac_ct_CC@
|
||||||
|
ac_ct_CXX = @ac_ct_CXX@
|
||||||
|
ac_ct_F77 = @ac_ct_F77@
|
||||||
|
ac_ct_RANLIB = @ac_ct_RANLIB@
|
||||||
|
ac_ct_STRIP = @ac_ct_STRIP@
|
||||||
|
am__fastdepCC_FALSE = @am__fastdepCC_FALSE@
|
||||||
|
am__fastdepCC_TRUE = @am__fastdepCC_TRUE@
|
||||||
|
am__fastdepCXX_FALSE = @am__fastdepCXX_FALSE@
|
||||||
|
am__fastdepCXX_TRUE = @am__fastdepCXX_TRUE@
|
||||||
|
am__include = @am__include@
|
||||||
|
am__leading_dot = @am__leading_dot@
|
||||||
|
am__quote = @am__quote@
|
||||||
|
am__tar = @am__tar@
|
||||||
|
am__untar = @am__untar@
|
||||||
|
bindir = @bindir@
|
||||||
|
build = @build@
|
||||||
|
build_alias = @build_alias@
|
||||||
|
build_cpu = @build_cpu@
|
||||||
|
build_os = @build_os@
|
||||||
|
build_vendor = @build_vendor@
|
||||||
|
datadir = @datadir@
|
||||||
|
exec_prefix = @exec_prefix@
|
||||||
|
host = @host@
|
||||||
|
host_alias = @host_alias@
|
||||||
|
host_cpu = @host_cpu@
|
||||||
|
host_os = @host_os@
|
||||||
|
host_vendor = @host_vendor@
|
||||||
|
includedir = @includedir@
|
||||||
|
infodir = @infodir@
|
||||||
|
install_sh = @install_sh@
|
||||||
|
libdir = @libdir@
|
||||||
|
libexecdir = @libexecdir@
|
||||||
|
localstatedir = @localstatedir@
|
||||||
|
mandir = @mandir@
|
||||||
|
mkdir_p = @mkdir_p@
|
||||||
|
oldincludedir = @oldincludedir@
|
||||||
|
prefix = @prefix@
|
||||||
|
program_transform_name = @program_transform_name@
|
||||||
|
sbindir = @sbindir@
|
||||||
|
sharedstatedir = @sharedstatedir@
|
||||||
|
sysconfdir = @sysconfdir@
|
||||||
|
target_alias = @target_alias@
|
||||||
|
SUBDIRS = \
|
||||||
|
bsm
|
||||||
|
|
||||||
|
all: all-recursive
|
||||||
|
|
||||||
|
.SUFFIXES:
|
||||||
|
$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps)
|
||||||
|
@for dep in $?; do \
|
||||||
|
case '$(am__configure_deps)' in \
|
||||||
|
*$$dep*) \
|
||||||
|
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
|
||||||
|
&& exit 0; \
|
||||||
|
exit 1;; \
|
||||||
|
esac; \
|
||||||
|
done; \
|
||||||
|
echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign test/Makefile'; \
|
||||||
|
cd $(top_srcdir) && \
|
||||||
|
$(AUTOMAKE) --foreign test/Makefile
|
||||||
|
.PRECIOUS: Makefile
|
||||||
|
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
|
||||||
|
@case '$?' in \
|
||||||
|
*config.status*) \
|
||||||
|
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
|
||||||
|
*) \
|
||||||
|
echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
|
||||||
|
cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
|
||||||
|
esac;
|
||||||
|
|
||||||
|
$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
|
||||||
|
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
|
||||||
|
|
||||||
|
$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
|
||||||
|
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
|
||||||
|
$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
|
||||||
|
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
|
||||||
|
|
||||||
|
mostlyclean-libtool:
|
||||||
|
-rm -f *.lo
|
||||||
|
|
||||||
|
clean-libtool:
|
||||||
|
-rm -rf .libs _libs
|
||||||
|
|
||||||
|
distclean-libtool:
|
||||||
|
-rm -f libtool
|
||||||
|
uninstall-info-am:
|
||||||
|
|
||||||
|
# This directory's subdirectories are mostly independent; you can cd
|
||||||
|
# into them and run `make' without going through this Makefile.
|
||||||
|
# To change the values of `make' variables: instead of editing Makefiles,
|
||||||
|
# (1) if the variable is set in `config.status', edit `config.status'
|
||||||
|
# (which will cause the Makefiles to be regenerated when you run `make');
|
||||||
|
# (2) otherwise, pass the desired values on the `make' command line.
|
||||||
|
$(RECURSIVE_TARGETS):
|
||||||
|
@failcom='exit 1'; \
|
||||||
|
for f in x $$MAKEFLAGS; do \
|
||||||
|
case $$f in \
|
||||||
|
*=* | --[!k]*);; \
|
||||||
|
*k*) failcom='fail=yes';; \
|
||||||
|
esac; \
|
||||||
|
done; \
|
||||||
|
dot_seen=no; \
|
||||||
|
target=`echo $@ | sed s/-recursive//`; \
|
||||||
|
list='$(SUBDIRS)'; for subdir in $$list; do \
|
||||||
|
echo "Making $$target in $$subdir"; \
|
||||||
|
if test "$$subdir" = "."; then \
|
||||||
|
dot_seen=yes; \
|
||||||
|
local_target="$$target-am"; \
|
||||||
|
else \
|
||||||
|
local_target="$$target"; \
|
||||||
|
fi; \
|
||||||
|
(cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \
|
||||||
|
|| eval $$failcom; \
|
||||||
|
done; \
|
||||||
|
if test "$$dot_seen" = "no"; then \
|
||||||
|
$(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \
|
||||||
|
fi; test -z "$$fail"
|
||||||
|
|
||||||
|
mostlyclean-recursive clean-recursive distclean-recursive \
|
||||||
|
maintainer-clean-recursive:
|
||||||
|
@failcom='exit 1'; \
|
||||||
|
for f in x $$MAKEFLAGS; do \
|
||||||
|
case $$f in \
|
||||||
|
*=* | --[!k]*);; \
|
||||||
|
*k*) failcom='fail=yes';; \
|
||||||
|
esac; \
|
||||||
|
done; \
|
||||||
|
dot_seen=no; \
|
||||||
|
case "$@" in \
|
||||||
|
distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \
|
||||||
|
*) list='$(SUBDIRS)' ;; \
|
||||||
|
esac; \
|
||||||
|
rev=''; for subdir in $$list; do \
|
||||||
|
if test "$$subdir" = "."; then :; else \
|
||||||
|
rev="$$subdir $$rev"; \
|
||||||
|
fi; \
|
||||||
|
done; \
|
||||||
|
rev="$$rev ."; \
|
||||||
|
target=`echo $@ | sed s/-recursive//`; \
|
||||||
|
for subdir in $$rev; do \
|
||||||
|
echo "Making $$target in $$subdir"; \
|
||||||
|
if test "$$subdir" = "."; then \
|
||||||
|
local_target="$$target-am"; \
|
||||||
|
else \
|
||||||
|
local_target="$$target"; \
|
||||||
|
fi; \
|
||||||
|
(cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \
|
||||||
|
|| eval $$failcom; \
|
||||||
|
done && test -z "$$fail"
|
||||||
|
tags-recursive:
|
||||||
|
list='$(SUBDIRS)'; for subdir in $$list; do \
|
||||||
|
test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \
|
||||||
|
done
|
||||||
|
ctags-recursive:
|
||||||
|
list='$(SUBDIRS)'; for subdir in $$list; do \
|
||||||
|
test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \
|
||||||
|
done
|
||||||
|
|
||||||
|
ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
|
||||||
|
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
|
||||||
|
unique=`for i in $$list; do \
|
||||||
|
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
|
||||||
|
done | \
|
||||||
|
$(AWK) ' { files[$$0] = 1; } \
|
||||||
|
END { for (i in files) print i; }'`; \
|
||||||
|
mkid -fID $$unique
|
||||||
|
tags: TAGS
|
||||||
|
|
||||||
|
TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
|
||||||
|
$(TAGS_FILES) $(LISP)
|
||||||
|
tags=; \
|
||||||
|
here=`pwd`; \
|
||||||
|
if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \
|
||||||
|
include_option=--etags-include; \
|
||||||
|
empty_fix=.; \
|
||||||
|
else \
|
||||||
|
include_option=--include; \
|
||||||
|
empty_fix=; \
|
||||||
|
fi; \
|
||||||
|
list='$(SUBDIRS)'; for subdir in $$list; do \
|
||||||
|
if test "$$subdir" = .; then :; else \
|
||||||
|
test ! -f $$subdir/TAGS || \
|
||||||
|
tags="$$tags $$include_option=$$here/$$subdir/TAGS"; \
|
||||||
|
fi; \
|
||||||
|
done; \
|
||||||
|
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
|
||||||
|
unique=`for i in $$list; do \
|
||||||
|
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
|
||||||
|
done | \
|
||||||
|
$(AWK) ' { files[$$0] = 1; } \
|
||||||
|
END { for (i in files) print i; }'`; \
|
||||||
|
if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
|
||||||
|
test -n "$$unique" || unique=$$empty_fix; \
|
||||||
|
$(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
|
||||||
|
$$tags $$unique; \
|
||||||
|
fi
|
||||||
|
ctags: CTAGS
|
||||||
|
CTAGS: ctags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
|
||||||
|
$(TAGS_FILES) $(LISP)
|
||||||
|
tags=; \
|
||||||
|
here=`pwd`; \
|
||||||
|
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
|
||||||
|
unique=`for i in $$list; do \
|
||||||
|
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
|
||||||
|
done | \
|
||||||
|
$(AWK) ' { files[$$0] = 1; } \
|
||||||
|
END { for (i in files) print i; }'`; \
|
||||||
|
test -z "$(CTAGS_ARGS)$$tags$$unique" \
|
||||||
|
|| $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
|
||||||
|
$$tags $$unique
|
||||||
|
|
||||||
|
GTAGS:
|
||||||
|
here=`$(am__cd) $(top_builddir) && pwd` \
|
||||||
|
&& cd $(top_srcdir) \
|
||||||
|
&& gtags -i $(GTAGS_ARGS) $$here
|
||||||
|
|
||||||
|
distclean-tags:
|
||||||
|
-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
|
||||||
|
|
||||||
|
distdir: $(DISTFILES)
|
||||||
|
@srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \
|
||||||
|
topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \
|
||||||
|
list='$(DISTFILES)'; for file in $$list; do \
|
||||||
|
case $$file in \
|
||||||
|
$(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \
|
||||||
|
$(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \
|
||||||
|
esac; \
|
||||||
|
if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
|
||||||
|
dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \
|
||||||
|
if test "$$dir" != "$$file" && test "$$dir" != "."; then \
|
||||||
|
dir="/$$dir"; \
|
||||||
|
$(mkdir_p) "$(distdir)$$dir"; \
|
||||||
|
else \
|
||||||
|
dir=''; \
|
||||||
|
fi; \
|
||||||
|
if test -d $$d/$$file; then \
|
||||||
|
if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
|
||||||
|
cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
|
||||||
|
fi; \
|
||||||
|
cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
|
||||||
|
else \
|
||||||
|
test -f $(distdir)/$$file \
|
||||||
|
|| cp -p $$d/$$file $(distdir)/$$file \
|
||||||
|
|| exit 1; \
|
||||||
|
fi; \
|
||||||
|
done
|
||||||
|
list='$(DIST_SUBDIRS)'; for subdir in $$list; do \
|
||||||
|
if test "$$subdir" = .; then :; else \
|
||||||
|
test -d "$(distdir)/$$subdir" \
|
||||||
|
|| $(mkdir_p) "$(distdir)/$$subdir" \
|
||||||
|
|| exit 1; \
|
||||||
|
distdir=`$(am__cd) $(distdir) && pwd`; \
|
||||||
|
top_distdir=`$(am__cd) $(top_distdir) && pwd`; \
|
||||||
|
(cd $$subdir && \
|
||||||
|
$(MAKE) $(AM_MAKEFLAGS) \
|
||||||
|
top_distdir="$$top_distdir" \
|
||||||
|
distdir="$$distdir/$$subdir" \
|
||||||
|
distdir) \
|
||||||
|
|| exit 1; \
|
||||||
|
fi; \
|
||||||
|
done
|
||||||
|
check-am: all-am
|
||||||
|
check: check-recursive
|
||||||
|
all-am: Makefile
|
||||||
|
installdirs: installdirs-recursive
|
||||||
|
installdirs-am:
|
||||||
|
install: install-recursive
|
||||||
|
install-exec: install-exec-recursive
|
||||||
|
install-data: install-data-recursive
|
||||||
|
uninstall: uninstall-recursive
|
||||||
|
|
||||||
|
install-am: all-am
|
||||||
|
@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
|
||||||
|
|
||||||
|
installcheck: installcheck-recursive
|
||||||
|
install-strip:
|
||||||
|
$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
|
||||||
|
install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
|
||||||
|
`test -z '$(STRIP)' || \
|
||||||
|
echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
|
||||||
|
mostlyclean-generic:
|
||||||
|
|
||||||
|
clean-generic:
|
||||||
|
|
||||||
|
distclean-generic:
|
||||||
|
-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
|
||||||
|
|
||||||
|
maintainer-clean-generic:
|
||||||
|
@echo "This command is intended for maintainers to use"
|
||||||
|
@echo "it deletes files that may require special tools to rebuild."
|
||||||
|
clean: clean-recursive
|
||||||
|
|
||||||
|
clean-am: clean-generic clean-libtool mostlyclean-am
|
||||||
|
|
||||||
|
distclean: distclean-recursive
|
||||||
|
-rm -f Makefile
|
||||||
|
distclean-am: clean-am distclean-generic distclean-libtool \
|
||||||
|
distclean-tags
|
||||||
|
|
||||||
|
dvi: dvi-recursive
|
||||||
|
|
||||||
|
dvi-am:
|
||||||
|
|
||||||
|
html: html-recursive
|
||||||
|
|
||||||
|
info: info-recursive
|
||||||
|
|
||||||
|
info-am:
|
||||||
|
|
||||||
|
install-data-am:
|
||||||
|
|
||||||
|
install-exec-am:
|
||||||
|
|
||||||
|
install-info: install-info-recursive
|
||||||
|
|
||||||
|
install-man:
|
||||||
|
|
||||||
|
installcheck-am:
|
||||||
|
|
||||||
|
maintainer-clean: maintainer-clean-recursive
|
||||||
|
-rm -f Makefile
|
||||||
|
maintainer-clean-am: distclean-am maintainer-clean-generic
|
||||||
|
|
||||||
|
mostlyclean: mostlyclean-recursive
|
||||||
|
|
||||||
|
mostlyclean-am: mostlyclean-generic mostlyclean-libtool
|
||||||
|
|
||||||
|
pdf: pdf-recursive
|
||||||
|
|
||||||
|
pdf-am:
|
||||||
|
|
||||||
|
ps: ps-recursive
|
||||||
|
|
||||||
|
ps-am:
|
||||||
|
|
||||||
|
uninstall-am: uninstall-info-am
|
||||||
|
|
||||||
|
uninstall-info: uninstall-info-recursive
|
||||||
|
|
||||||
|
.PHONY: $(RECURSIVE_TARGETS) CTAGS GTAGS all all-am check check-am \
|
||||||
|
clean clean-generic clean-libtool clean-recursive ctags \
|
||||||
|
ctags-recursive distclean distclean-generic distclean-libtool \
|
||||||
|
distclean-recursive distclean-tags distdir dvi dvi-am html \
|
||||||
|
html-am info info-am install install-am install-data \
|
||||||
|
install-data-am install-exec install-exec-am install-info \
|
||||||
|
install-info-am install-man install-strip installcheck \
|
||||||
|
installcheck-am installdirs installdirs-am maintainer-clean \
|
||||||
|
maintainer-clean-generic maintainer-clean-recursive \
|
||||||
|
mostlyclean mostlyclean-generic mostlyclean-libtool \
|
||||||
|
mostlyclean-recursive pdf pdf-am ps ps-am tags tags-recursive \
|
||||||
|
uninstall uninstall-am uninstall-info-am
|
||||||
|
|
||||||
|
# Tell versions [3.59,3.63) of GNU make to not export all variables.
|
||||||
|
# Otherwise a system limit (for SysV at least) may be exceeded.
|
||||||
|
.NOEXPORT:
|
9
contrib/openbsm/test/bsm/Makefile.am
Normal file
9
contrib/openbsm/test/bsm/Makefile.am
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
#
|
||||||
|
# $P4: //depot/projects/trustedbsd/openbsm/test/bsm/Makefile.am#1 $
|
||||||
|
#
|
||||||
|
|
||||||
|
INCLUDES = -I$(top_srcdir)
|
||||||
|
|
||||||
|
bin_PROGRAMS = generate
|
||||||
|
generate_SOURCES = generate.c
|
||||||
|
generate_LDADD = $(top_builddir)/libbsm/libbsm.la
|
453
contrib/openbsm/test/bsm/Makefile.in
Normal file
453
contrib/openbsm/test/bsm/Makefile.in
Normal file
@ -0,0 +1,453 @@
|
|||||||
|
# Makefile.in generated by automake 1.9.6 from Makefile.am.
|
||||||
|
# @configure_input@
|
||||||
|
|
||||||
|
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
|
||||||
|
# 2003, 2004, 2005 Free Software Foundation, Inc.
|
||||||
|
# This Makefile.in is free software; the Free Software Foundation
|
||||||
|
# gives unlimited permission to copy and/or distribute it,
|
||||||
|
# with or without modifications, as long as this notice is preserved.
|
||||||
|
|
||||||
|
# This program is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
|
||||||
|
# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
|
||||||
|
# PARTICULAR PURPOSE.
|
||||||
|
|
||||||
|
@SET_MAKE@
|
||||||
|
|
||||||
|
#
|
||||||
|
# $P4: //depot/projects/trustedbsd/openbsm/test/bsm/Makefile.in#1 $
|
||||||
|
#
|
||||||
|
|
||||||
|
srcdir = @srcdir@
|
||||||
|
top_srcdir = @top_srcdir@
|
||||||
|
VPATH = @srcdir@
|
||||||
|
pkgdatadir = $(datadir)/@PACKAGE@
|
||||||
|
pkglibdir = $(libdir)/@PACKAGE@
|
||||||
|
pkgincludedir = $(includedir)/@PACKAGE@
|
||||||
|
top_builddir = ../..
|
||||||
|
am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
|
||||||
|
INSTALL = @INSTALL@
|
||||||
|
install_sh_DATA = $(install_sh) -c -m 644
|
||||||
|
install_sh_PROGRAM = $(install_sh) -c
|
||||||
|
install_sh_SCRIPT = $(install_sh) -c
|
||||||
|
INSTALL_HEADER = $(INSTALL_DATA)
|
||||||
|
transform = $(program_transform_name)
|
||||||
|
NORMAL_INSTALL = :
|
||||||
|
PRE_INSTALL = :
|
||||||
|
POST_INSTALL = :
|
||||||
|
NORMAL_UNINSTALL = :
|
||||||
|
PRE_UNINSTALL = :
|
||||||
|
POST_UNINSTALL = :
|
||||||
|
build_triplet = @build@
|
||||||
|
host_triplet = @host@
|
||||||
|
bin_PROGRAMS = generate$(EXEEXT)
|
||||||
|
subdir = test/bsm
|
||||||
|
DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
|
||||||
|
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
|
||||||
|
am__aclocal_m4_deps = $(top_srcdir)/configure.ac
|
||||||
|
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
|
||||||
|
$(ACLOCAL_M4)
|
||||||
|
mkinstalldirs = $(install_sh) -d
|
||||||
|
CONFIG_HEADER = $(top_builddir)/config/config.h
|
||||||
|
CONFIG_CLEAN_FILES =
|
||||||
|
am__installdirs = "$(DESTDIR)$(bindir)"
|
||||||
|
binPROGRAMS_INSTALL = $(INSTALL_PROGRAM)
|
||||||
|
PROGRAMS = $(bin_PROGRAMS)
|
||||||
|
am_generate_OBJECTS = generate.$(OBJEXT)
|
||||||
|
generate_OBJECTS = $(am_generate_OBJECTS)
|
||||||
|
generate_DEPENDENCIES = $(top_builddir)/libbsm/libbsm.la
|
||||||
|
DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/config
|
||||||
|
depcomp = $(SHELL) $(top_srcdir)/config/depcomp
|
||||||
|
am__depfiles_maybe = depfiles
|
||||||
|
COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
|
||||||
|
$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
|
||||||
|
LTCOMPILE = $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) \
|
||||||
|
$(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \
|
||||||
|
$(AM_CFLAGS) $(CFLAGS)
|
||||||
|
CCLD = $(CC)
|
||||||
|
LINK = $(LIBTOOL) --tag=CC --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
|
||||||
|
$(AM_LDFLAGS) $(LDFLAGS) -o $@
|
||||||
|
SOURCES = $(generate_SOURCES)
|
||||||
|
DIST_SOURCES = $(generate_SOURCES)
|
||||||
|
ETAGS = etags
|
||||||
|
CTAGS = ctags
|
||||||
|
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
|
||||||
|
ACLOCAL = @ACLOCAL@
|
||||||
|
AMDEP_FALSE = @AMDEP_FALSE@
|
||||||
|
AMDEP_TRUE = @AMDEP_TRUE@
|
||||||
|
AMTAR = @AMTAR@
|
||||||
|
AR = @AR@
|
||||||
|
AUTOCONF = @AUTOCONF@
|
||||||
|
AUTOHEADER = @AUTOHEADER@
|
||||||
|
AUTOMAKE = @AUTOMAKE@
|
||||||
|
AWK = @AWK@
|
||||||
|
CC = @CC@
|
||||||
|
CCDEPMODE = @CCDEPMODE@
|
||||||
|
CFLAGS = @CFLAGS@
|
||||||
|
CPP = @CPP@
|
||||||
|
CPPFLAGS = @CPPFLAGS@
|
||||||
|
CXX = @CXX@
|
||||||
|
CXXCPP = @CXXCPP@
|
||||||
|
CXXDEPMODE = @CXXDEPMODE@
|
||||||
|
CXXFLAGS = @CXXFLAGS@
|
||||||
|
CYGPATH_W = @CYGPATH_W@
|
||||||
|
DEFS = @DEFS@
|
||||||
|
DEPDIR = @DEPDIR@
|
||||||
|
ECHO = @ECHO@
|
||||||
|
ECHO_C = @ECHO_C@
|
||||||
|
ECHO_N = @ECHO_N@
|
||||||
|
ECHO_T = @ECHO_T@
|
||||||
|
EGREP = @EGREP@
|
||||||
|
EXEEXT = @EXEEXT@
|
||||||
|
F77 = @F77@
|
||||||
|
FFLAGS = @FFLAGS@
|
||||||
|
HAVE_AUDIT_SYSCALLS_FALSE = @HAVE_AUDIT_SYSCALLS_FALSE@
|
||||||
|
HAVE_AUDIT_SYSCALLS_TRUE = @HAVE_AUDIT_SYSCALLS_TRUE@
|
||||||
|
INSTALL_DATA = @INSTALL_DATA@
|
||||||
|
INSTALL_PROGRAM = @INSTALL_PROGRAM@
|
||||||
|
INSTALL_SCRIPT = @INSTALL_SCRIPT@
|
||||||
|
INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
|
||||||
|
LDFLAGS = @LDFLAGS@
|
||||||
|
LIBOBJS = @LIBOBJS@
|
||||||
|
LIBS = @LIBS@
|
||||||
|
LIBTOOL = @LIBTOOL@
|
||||||
|
LN_S = @LN_S@
|
||||||
|
LTLIBOBJS = @LTLIBOBJS@
|
||||||
|
MAINT = @MAINT@
|
||||||
|
MAINTAINER_MODE_FALSE = @MAINTAINER_MODE_FALSE@
|
||||||
|
MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@
|
||||||
|
MAKEINFO = @MAKEINFO@
|
||||||
|
OBJEXT = @OBJEXT@
|
||||||
|
PACKAGE = @PACKAGE@
|
||||||
|
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
|
||||||
|
PACKAGE_NAME = @PACKAGE_NAME@
|
||||||
|
PACKAGE_STRING = @PACKAGE_STRING@
|
||||||
|
PACKAGE_TARNAME = @PACKAGE_TARNAME@
|
||||||
|
PACKAGE_VERSION = @PACKAGE_VERSION@
|
||||||
|
PATH_SEPARATOR = @PATH_SEPARATOR@
|
||||||
|
RANLIB = @RANLIB@
|
||||||
|
SET_MAKE = @SET_MAKE@
|
||||||
|
SHELL = @SHELL@
|
||||||
|
STRIP = @STRIP@
|
||||||
|
VERSION = @VERSION@
|
||||||
|
ac_ct_AR = @ac_ct_AR@
|
||||||
|
ac_ct_CC = @ac_ct_CC@
|
||||||
|
ac_ct_CXX = @ac_ct_CXX@
|
||||||
|
ac_ct_F77 = @ac_ct_F77@
|
||||||
|
ac_ct_RANLIB = @ac_ct_RANLIB@
|
||||||
|
ac_ct_STRIP = @ac_ct_STRIP@
|
||||||
|
am__fastdepCC_FALSE = @am__fastdepCC_FALSE@
|
||||||
|
am__fastdepCC_TRUE = @am__fastdepCC_TRUE@
|
||||||
|
am__fastdepCXX_FALSE = @am__fastdepCXX_FALSE@
|
||||||
|
am__fastdepCXX_TRUE = @am__fastdepCXX_TRUE@
|
||||||
|
am__include = @am__include@
|
||||||
|
am__leading_dot = @am__leading_dot@
|
||||||
|
am__quote = @am__quote@
|
||||||
|
am__tar = @am__tar@
|
||||||
|
am__untar = @am__untar@
|
||||||
|
bindir = @bindir@
|
||||||
|
build = @build@
|
||||||
|
build_alias = @build_alias@
|
||||||
|
build_cpu = @build_cpu@
|
||||||
|
build_os = @build_os@
|
||||||
|
build_vendor = @build_vendor@
|
||||||
|
datadir = @datadir@
|
||||||
|
exec_prefix = @exec_prefix@
|
||||||
|
host = @host@
|
||||||
|
host_alias = @host_alias@
|
||||||
|
host_cpu = @host_cpu@
|
||||||
|
host_os = @host_os@
|
||||||
|
host_vendor = @host_vendor@
|
||||||
|
includedir = @includedir@
|
||||||
|
infodir = @infodir@
|
||||||
|
install_sh = @install_sh@
|
||||||
|
libdir = @libdir@
|
||||||
|
libexecdir = @libexecdir@
|
||||||
|
localstatedir = @localstatedir@
|
||||||
|
mandir = @mandir@
|
||||||
|
mkdir_p = @mkdir_p@
|
||||||
|
oldincludedir = @oldincludedir@
|
||||||
|
prefix = @prefix@
|
||||||
|
program_transform_name = @program_transform_name@
|
||||||
|
sbindir = @sbindir@
|
||||||
|
sharedstatedir = @sharedstatedir@
|
||||||
|
sysconfdir = @sysconfdir@
|
||||||
|
target_alias = @target_alias@
|
||||||
|
INCLUDES = -I$(top_srcdir)
|
||||||
|
generate_SOURCES = generate.c
|
||||||
|
generate_LDADD = $(top_builddir)/libbsm/libbsm.la
|
||||||
|
all: all-am
|
||||||
|
|
||||||
|
.SUFFIXES:
|
||||||
|
.SUFFIXES: .c .lo .o .obj
|
||||||
|
$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps)
|
||||||
|
@for dep in $?; do \
|
||||||
|
case '$(am__configure_deps)' in \
|
||||||
|
*$$dep*) \
|
||||||
|
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
|
||||||
|
&& exit 0; \
|
||||||
|
exit 1;; \
|
||||||
|
esac; \
|
||||||
|
done; \
|
||||||
|
echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign test/bsm/Makefile'; \
|
||||||
|
cd $(top_srcdir) && \
|
||||||
|
$(AUTOMAKE) --foreign test/bsm/Makefile
|
||||||
|
.PRECIOUS: Makefile
|
||||||
|
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
|
||||||
|
@case '$?' in \
|
||||||
|
*config.status*) \
|
||||||
|
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
|
||||||
|
*) \
|
||||||
|
echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
|
||||||
|
cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
|
||||||
|
esac;
|
||||||
|
|
||||||
|
$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
|
||||||
|
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
|
||||||
|
|
||||||
|
$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
|
||||||
|
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
|
||||||
|
$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
|
||||||
|
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
|
||||||
|
install-binPROGRAMS: $(bin_PROGRAMS)
|
||||||
|
@$(NORMAL_INSTALL)
|
||||||
|
test -z "$(bindir)" || $(mkdir_p) "$(DESTDIR)$(bindir)"
|
||||||
|
@list='$(bin_PROGRAMS)'; for p in $$list; do \
|
||||||
|
p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \
|
||||||
|
if test -f $$p \
|
||||||
|
|| test -f $$p1 \
|
||||||
|
; then \
|
||||||
|
f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \
|
||||||
|
echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(bindir)/$$f'"; \
|
||||||
|
$(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(bindir)/$$f" || exit 1; \
|
||||||
|
else :; fi; \
|
||||||
|
done
|
||||||
|
|
||||||
|
uninstall-binPROGRAMS:
|
||||||
|
@$(NORMAL_UNINSTALL)
|
||||||
|
@list='$(bin_PROGRAMS)'; for p in $$list; do \
|
||||||
|
f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \
|
||||||
|
echo " rm -f '$(DESTDIR)$(bindir)/$$f'"; \
|
||||||
|
rm -f "$(DESTDIR)$(bindir)/$$f"; \
|
||||||
|
done
|
||||||
|
|
||||||
|
clean-binPROGRAMS:
|
||||||
|
@list='$(bin_PROGRAMS)'; for p in $$list; do \
|
||||||
|
f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \
|
||||||
|
echo " rm -f $$p $$f"; \
|
||||||
|
rm -f $$p $$f ; \
|
||||||
|
done
|
||||||
|
generate$(EXEEXT): $(generate_OBJECTS) $(generate_DEPENDENCIES)
|
||||||
|
@rm -f generate$(EXEEXT)
|
||||||
|
$(LINK) $(generate_LDFLAGS) $(generate_OBJECTS) $(generate_LDADD) $(LIBS)
|
||||||
|
|
||||||
|
mostlyclean-compile:
|
||||||
|
-rm -f *.$(OBJEXT)
|
||||||
|
|
||||||
|
distclean-compile:
|
||||||
|
-rm -f *.tab.c
|
||||||
|
|
||||||
|
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/generate.Po@am__quote@
|
||||||
|
|
||||||
|
.c.o:
|
||||||
|
@am__fastdepCC_TRUE@ if $(COMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ $<; \
|
||||||
|
@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Po"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi
|
||||||
|
@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
|
||||||
|
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
|
||||||
|
@am__fastdepCC_FALSE@ $(COMPILE) -c $<
|
||||||
|
|
||||||
|
.c.obj:
|
||||||
|
@am__fastdepCC_TRUE@ if $(COMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ `$(CYGPATH_W) '$<'`; \
|
||||||
|
@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Po"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi
|
||||||
|
@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
|
||||||
|
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
|
||||||
|
@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
|
||||||
|
|
||||||
|
.c.lo:
|
||||||
|
@am__fastdepCC_TRUE@ if $(LTCOMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ $<; \
|
||||||
|
@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Plo"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi
|
||||||
|
@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
|
||||||
|
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
|
||||||
|
@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
|
||||||
|
|
||||||
|
mostlyclean-libtool:
|
||||||
|
-rm -f *.lo
|
||||||
|
|
||||||
|
clean-libtool:
|
||||||
|
-rm -rf .libs _libs
|
||||||
|
|
||||||
|
distclean-libtool:
|
||||||
|
-rm -f libtool
|
||||||
|
uninstall-info-am:
|
||||||
|
|
||||||
|
ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
|
||||||
|
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
|
||||||
|
unique=`for i in $$list; do \
|
||||||
|
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
|
||||||
|
done | \
|
||||||
|
$(AWK) ' { files[$$0] = 1; } \
|
||||||
|
END { for (i in files) print i; }'`; \
|
||||||
|
mkid -fID $$unique
|
||||||
|
tags: TAGS
|
||||||
|
|
||||||
|
TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
|
||||||
|
$(TAGS_FILES) $(LISP)
|
||||||
|
tags=; \
|
||||||
|
here=`pwd`; \
|
||||||
|
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
|
||||||
|
unique=`for i in $$list; do \
|
||||||
|
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
|
||||||
|
done | \
|
||||||
|
$(AWK) ' { files[$$0] = 1; } \
|
||||||
|
END { for (i in files) print i; }'`; \
|
||||||
|
if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
|
||||||
|
test -n "$$unique" || unique=$$empty_fix; \
|
||||||
|
$(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
|
||||||
|
$$tags $$unique; \
|
||||||
|
fi
|
||||||
|
ctags: CTAGS
|
||||||
|
CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
|
||||||
|
$(TAGS_FILES) $(LISP)
|
||||||
|
tags=; \
|
||||||
|
here=`pwd`; \
|
||||||
|
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
|
||||||
|
unique=`for i in $$list; do \
|
||||||
|
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
|
||||||
|
done | \
|
||||||
|
$(AWK) ' { files[$$0] = 1; } \
|
||||||
|
END { for (i in files) print i; }'`; \
|
||||||
|
test -z "$(CTAGS_ARGS)$$tags$$unique" \
|
||||||
|
|| $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
|
||||||
|
$$tags $$unique
|
||||||
|
|
||||||
|
GTAGS:
|
||||||
|
here=`$(am__cd) $(top_builddir) && pwd` \
|
||||||
|
&& cd $(top_srcdir) \
|
||||||
|
&& gtags -i $(GTAGS_ARGS) $$here
|
||||||
|
|
||||||
|
distclean-tags:
|
||||||
|
-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
|
||||||
|
|
||||||
|
distdir: $(DISTFILES)
|
||||||
|
@srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \
|
||||||
|
topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \
|
||||||
|
list='$(DISTFILES)'; for file in $$list; do \
|
||||||
|
case $$file in \
|
||||||
|
$(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \
|
||||||
|
$(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \
|
||||||
|
esac; \
|
||||||
|
if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
|
||||||
|
dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \
|
||||||
|
if test "$$dir" != "$$file" && test "$$dir" != "."; then \
|
||||||
|
dir="/$$dir"; \
|
||||||
|
$(mkdir_p) "$(distdir)$$dir"; \
|
||||||
|
else \
|
||||||
|
dir=''; \
|
||||||
|
fi; \
|
||||||
|
if test -d $$d/$$file; then \
|
||||||
|
if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
|
||||||
|
cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
|
||||||
|
fi; \
|
||||||
|
cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
|
||||||
|
else \
|
||||||
|
test -f $(distdir)/$$file \
|
||||||
|
|| cp -p $$d/$$file $(distdir)/$$file \
|
||||||
|
|| exit 1; \
|
||||||
|
fi; \
|
||||||
|
done
|
||||||
|
check-am: all-am
|
||||||
|
check: check-am
|
||||||
|
all-am: Makefile $(PROGRAMS)
|
||||||
|
installdirs:
|
||||||
|
for dir in "$(DESTDIR)$(bindir)"; do \
|
||||||
|
test -z "$$dir" || $(mkdir_p) "$$dir"; \
|
||||||
|
done
|
||||||
|
install: install-am
|
||||||
|
install-exec: install-exec-am
|
||||||
|
install-data: install-data-am
|
||||||
|
uninstall: uninstall-am
|
||||||
|
|
||||||
|
install-am: all-am
|
||||||
|
@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
|
||||||
|
|
||||||
|
installcheck: installcheck-am
|
||||||
|
install-strip:
|
||||||
|
$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
|
||||||
|
install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
|
||||||
|
`test -z '$(STRIP)' || \
|
||||||
|
echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
|
||||||
|
mostlyclean-generic:
|
||||||
|
|
||||||
|
clean-generic:
|
||||||
|
|
||||||
|
distclean-generic:
|
||||||
|
-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
|
||||||
|
|
||||||
|
maintainer-clean-generic:
|
||||||
|
@echo "This command is intended for maintainers to use"
|
||||||
|
@echo "it deletes files that may require special tools to rebuild."
|
||||||
|
clean: clean-am
|
||||||
|
|
||||||
|
clean-am: clean-binPROGRAMS clean-generic clean-libtool mostlyclean-am
|
||||||
|
|
||||||
|
distclean: distclean-am
|
||||||
|
-rm -rf ./$(DEPDIR)
|
||||||
|
-rm -f Makefile
|
||||||
|
distclean-am: clean-am distclean-compile distclean-generic \
|
||||||
|
distclean-libtool distclean-tags
|
||||||
|
|
||||||
|
dvi: dvi-am
|
||||||
|
|
||||||
|
dvi-am:
|
||||||
|
|
||||||
|
html: html-am
|
||||||
|
|
||||||
|
info: info-am
|
||||||
|
|
||||||
|
info-am:
|
||||||
|
|
||||||
|
install-data-am:
|
||||||
|
|
||||||
|
install-exec-am: install-binPROGRAMS
|
||||||
|
|
||||||
|
install-info: install-info-am
|
||||||
|
|
||||||
|
install-man:
|
||||||
|
|
||||||
|
installcheck-am:
|
||||||
|
|
||||||
|
maintainer-clean: maintainer-clean-am
|
||||||
|
-rm -rf ./$(DEPDIR)
|
||||||
|
-rm -f Makefile
|
||||||
|
maintainer-clean-am: distclean-am maintainer-clean-generic
|
||||||
|
|
||||||
|
mostlyclean: mostlyclean-am
|
||||||
|
|
||||||
|
mostlyclean-am: mostlyclean-compile mostlyclean-generic \
|
||||||
|
mostlyclean-libtool
|
||||||
|
|
||||||
|
pdf: pdf-am
|
||||||
|
|
||||||
|
pdf-am:
|
||||||
|
|
||||||
|
ps: ps-am
|
||||||
|
|
||||||
|
ps-am:
|
||||||
|
|
||||||
|
uninstall-am: uninstall-binPROGRAMS uninstall-info-am
|
||||||
|
|
||||||
|
.PHONY: CTAGS GTAGS all all-am check check-am clean clean-binPROGRAMS \
|
||||||
|
clean-generic clean-libtool ctags distclean distclean-compile \
|
||||||
|
distclean-generic distclean-libtool distclean-tags distdir dvi \
|
||||||
|
dvi-am html html-am info info-am install install-am \
|
||||||
|
install-binPROGRAMS install-data install-data-am install-exec \
|
||||||
|
install-exec-am install-info install-info-am install-man \
|
||||||
|
install-strip installcheck installcheck-am installdirs \
|
||||||
|
maintainer-clean maintainer-clean-generic mostlyclean \
|
||||||
|
mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
|
||||||
|
pdf pdf-am ps ps-am tags uninstall uninstall-am \
|
||||||
|
uninstall-binPROGRAMS uninstall-info-am
|
||||||
|
|
||||||
|
# Tell versions [3.59,3.63) of GNU make to not export all variables.
|
||||||
|
# Otherwise a system limit (for SysV at least) may be exceeded.
|
||||||
|
.NOEXPORT:
|
755
contrib/openbsm/test/bsm/generate.c
Normal file
755
contrib/openbsm/test/bsm/generate.c
Normal file
@ -0,0 +1,755 @@
|
|||||||
|
/*-
|
||||||
|
* Copyright (c) 2006 Robert N. M. Watson
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* $P4: //depot/projects/trustedbsd/openbsm/test/bsm/generate.c#3 $
|
||||||
|
*/
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Generate a series of BSM token samples in the requested directory.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <sys/types.h>
|
||||||
|
#include <sys/stat.h>
|
||||||
|
|
||||||
|
#include <netinet/in.h>
|
||||||
|
#include <netinet/in_systm.h>
|
||||||
|
#include <netinet/ip.h>
|
||||||
|
|
||||||
|
#include <arpa/inet.h>
|
||||||
|
|
||||||
|
#include <bsm/audit_kevents.h>
|
||||||
|
#include <bsm/libbsm.h>
|
||||||
|
|
||||||
|
#include <err.h>
|
||||||
|
#include <errno.h>
|
||||||
|
#include <fcntl.h>
|
||||||
|
#include <limits.h>
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include <string.h>
|
||||||
|
#include <sysexits.h>
|
||||||
|
#include <unistd.h>
|
||||||
|
|
||||||
|
static int do_records, do_tokens;
|
||||||
|
|
||||||
|
static void
|
||||||
|
usage(void)
|
||||||
|
{
|
||||||
|
|
||||||
|
fprintf(stderr, "generate [-rt] path\n");
|
||||||
|
exit(EX_USAGE);
|
||||||
|
}
|
||||||
|
|
||||||
|
static int
|
||||||
|
open_file(const char *directory, const char *name)
|
||||||
|
{
|
||||||
|
char pathname[PATH_MAX];
|
||||||
|
int fd;
|
||||||
|
|
||||||
|
snprintf(pathname, PATH_MAX, "%s/%s", directory, name);
|
||||||
|
(void)unlink(pathname);
|
||||||
|
fd = open(pathname, O_WRONLY | O_CREAT | O_EXCL, 0600);
|
||||||
|
if (fd < 0)
|
||||||
|
err(EX_CANTCREAT, "open: %s", name);
|
||||||
|
return (fd);
|
||||||
|
}
|
||||||
|
|
||||||
|
static void
|
||||||
|
write_file(int fd, void *buffer, size_t buflen, const char *filename)
|
||||||
|
{
|
||||||
|
ssize_t len;
|
||||||
|
|
||||||
|
len = write(fd, buffer, buflen);
|
||||||
|
if (len < 0)
|
||||||
|
err(EX_OSERR, "write_file: %s", filename);
|
||||||
|
if (len < buflen)
|
||||||
|
err(EX_OSERR, "write_file: short write: %s", filename);
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Write a single token to a file.
|
||||||
|
*/
|
||||||
|
static void
|
||||||
|
write_token(const char *directory, const char *filename, token_t *tok)
|
||||||
|
{
|
||||||
|
u_char buffer[MAX_AUDIT_RECORD_SIZE];
|
||||||
|
size_t buflen;
|
||||||
|
int fd;
|
||||||
|
|
||||||
|
buflen = MAX_AUDIT_RECORD_SIZE;
|
||||||
|
if (au_close_token(tok, buffer, &buflen) < 0)
|
||||||
|
err(EX_UNAVAILABLE, "au_close_token");
|
||||||
|
fd = open_file(directory, filename);
|
||||||
|
write_file(fd, buffer, buflen, filename);
|
||||||
|
close(fd);
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Write a token to a file, wrapped in audit record header and trailer.
|
||||||
|
*/
|
||||||
|
static void
|
||||||
|
write_record(const char *directory, const char *filename, token_t *tok,
|
||||||
|
short event)
|
||||||
|
{
|
||||||
|
u_char buffer[MAX_AUDIT_RECORD_SIZE];
|
||||||
|
size_t buflen;
|
||||||
|
int au, fd;
|
||||||
|
|
||||||
|
au = au_open();
|
||||||
|
if (au < 0)
|
||||||
|
err(EX_UNAVAILABLE, "au_open");
|
||||||
|
if (au_write(au, tok) < 0)
|
||||||
|
err(EX_UNAVAILABLE, "au_write");
|
||||||
|
buflen = MAX_AUDIT_RECORD_SIZE;
|
||||||
|
if (au_close_buffer(au, event, buffer, &buflen) < 0)
|
||||||
|
err(EX_UNAVAILABLE, "au_close_buffer");
|
||||||
|
fd = open_file(directory, filename);
|
||||||
|
write_file(fd, buffer, buflen, filename);
|
||||||
|
close(fd);
|
||||||
|
}
|
||||||
|
|
||||||
|
static struct timeval file_token_timeval = { 0x12345, 0x67890} ;
|
||||||
|
|
||||||
|
static void
|
||||||
|
generate_file_token(const char *directory, const char *token_filename)
|
||||||
|
{
|
||||||
|
token_t *file_token;
|
||||||
|
|
||||||
|
file_token = au_to_file("test", file_token_timeval);
|
||||||
|
if (file_token == NULL)
|
||||||
|
err(EX_UNAVAILABLE, "au_to_file");
|
||||||
|
write_token(directory, token_filename, file_token);
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* AUT_OHEADER
|
||||||
|
*/
|
||||||
|
|
||||||
|
static int trailer_token_len = 0x12345678;
|
||||||
|
|
||||||
|
static void
|
||||||
|
generate_trailer_token(const char *directory, const char *token_filename)
|
||||||
|
{
|
||||||
|
token_t *trailer_token;
|
||||||
|
|
||||||
|
trailer_token = au_to_trailer(trailer_token_len);
|
||||||
|
if (trailer_token == NULL)
|
||||||
|
err(EX_UNAVAILABLE, "au_to_trailer");
|
||||||
|
write_token(directory, token_filename, trailer_token);
|
||||||
|
}
|
||||||
|
|
||||||
|
static int header32_token_len = 0x12345678;
|
||||||
|
static au_event_t header32_e_type = AUE_OPEN;
|
||||||
|
static au_emod_t header32_e_mod = 0x4567;
|
||||||
|
static struct timeval header32_tm = { 0x12345, 0x67890 };
|
||||||
|
|
||||||
|
static void
|
||||||
|
generate_header32_token(const char *directory, const char *token_filename)
|
||||||
|
{
|
||||||
|
token_t *header32_token;
|
||||||
|
|
||||||
|
header32_token = au_to_header32_tm(header32_token_len,
|
||||||
|
header32_e_type, header32_e_mod, header32_tm);
|
||||||
|
if (header32_token == NULL)
|
||||||
|
err(EX_UNAVAILABLE, "au_to_header32");
|
||||||
|
write_token(directory, token_filename, header32_token);
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* AUT_HEADER32_EX
|
||||||
|
*/
|
||||||
|
|
||||||
|
static char data_token_unit_print = AUP_STRING;
|
||||||
|
static char data_token_unit_type = AUR_CHAR;
|
||||||
|
static char *data_token_data = "SomeData";
|
||||||
|
static char data_token_unit_count = sizeof("SomeData") + 1;
|
||||||
|
|
||||||
|
static void
|
||||||
|
generate_data_token(const char *directory, const char *token_filename)
|
||||||
|
{
|
||||||
|
token_t *data_token;
|
||||||
|
|
||||||
|
data_token = au_to_data(data_token_unit_print, data_token_unit_type,
|
||||||
|
data_token_unit_count, data_token_data);
|
||||||
|
if (data_token == NULL)
|
||||||
|
err(EX_UNAVAILABLE, "au_to_data");
|
||||||
|
write_token(directory, token_filename, data_token);
|
||||||
|
}
|
||||||
|
|
||||||
|
static void
|
||||||
|
generate_data_record(const char *directory, const char *record_filename)
|
||||||
|
{
|
||||||
|
token_t *data_token;
|
||||||
|
|
||||||
|
data_token = au_to_data(data_token_unit_print, data_token_unit_type,
|
||||||
|
data_token_unit_count, data_token_data);
|
||||||
|
if (data_token == NULL)
|
||||||
|
err(EX_UNAVAILABLE, "au_to_data");
|
||||||
|
write_record(directory, record_filename, data_token, AUE_NULL);
|
||||||
|
}
|
||||||
|
|
||||||
|
static char ipc_type = AT_IPC_MSG;
|
||||||
|
static int ipc_id = 0x12345678;
|
||||||
|
|
||||||
|
static void
|
||||||
|
generate_ipc_token(const char *directory, const char *token_filename)
|
||||||
|
{
|
||||||
|
token_t *ipc_token;
|
||||||
|
|
||||||
|
ipc_token = au_to_ipc(ipc_type, ipc_id);
|
||||||
|
if (ipc_token == NULL)
|
||||||
|
err(EX_UNAVAILABLE, "au_to_ipc");
|
||||||
|
write_token(directory, token_filename, ipc_token);
|
||||||
|
}
|
||||||
|
|
||||||
|
static void
|
||||||
|
generate_ipc_record(const char *directory, const char *record_filename)
|
||||||
|
{
|
||||||
|
token_t *ipc_token;
|
||||||
|
|
||||||
|
ipc_token = au_to_ipc(ipc_type, ipc_id);
|
||||||
|
if (ipc_token == NULL)
|
||||||
|
err(EX_UNAVAILABLE, "au_to_ipc");
|
||||||
|
write_record(directory, record_filename, ipc_token, AUE_NULL);
|
||||||
|
}
|
||||||
|
|
||||||
|
static char *path_token_path = "/test/this/is/a/test";
|
||||||
|
|
||||||
|
static void
|
||||||
|
generate_path_token(const char *directory, const char *token_filename)
|
||||||
|
{
|
||||||
|
token_t *path_token;
|
||||||
|
|
||||||
|
path_token = au_to_path(path_token_path);
|
||||||
|
if (path_token == NULL)
|
||||||
|
err(EX_UNAVAILABLE, "au_to_path");
|
||||||
|
write_token(directory, token_filename, path_token);
|
||||||
|
}
|
||||||
|
|
||||||
|
static void
|
||||||
|
generate_path_record(const char *directory, const char *record_filename)
|
||||||
|
{
|
||||||
|
token_t *path_token;
|
||||||
|
|
||||||
|
path_token = au_to_path(path_token_path);
|
||||||
|
if (path_token == NULL)
|
||||||
|
err(EX_UNAVAILABLE, "au_to_path");
|
||||||
|
write_record(directory, record_filename, path_token, AUE_NULL);
|
||||||
|
}
|
||||||
|
|
||||||
|
static au_id_t subject32_auid = 0x12345678;
|
||||||
|
static uid_t subject32_euid = 0x01234567;
|
||||||
|
static gid_t subject32_egid = 0x23456789;
|
||||||
|
static uid_t subject32_ruid = 0x98765432;
|
||||||
|
static gid_t subject32_rgid = 0x09876543;
|
||||||
|
static pid_t subject32_pid = 0x13243546;
|
||||||
|
static au_asid_t subject32_sid = 0x97867564;
|
||||||
|
static au_tid_t subject32_tid = { 0x16593746 };
|
||||||
|
|
||||||
|
static void
|
||||||
|
generate_subject32_token(const char *directory, const char *token_filename)
|
||||||
|
{
|
||||||
|
token_t *subject32_token;
|
||||||
|
|
||||||
|
subject32_tid.machine = inet_addr("127.0.0.1");
|
||||||
|
|
||||||
|
subject32_token = au_to_subject32(subject32_auid, subject32_euid,
|
||||||
|
subject32_egid, subject32_ruid, subject32_rgid, subject32_pid,
|
||||||
|
subject32_sid, &subject32_tid);
|
||||||
|
if (subject32_token == NULL)
|
||||||
|
err(EX_UNAVAILABLE, "au_to_subject32");
|
||||||
|
write_token(directory, token_filename, subject32_token);
|
||||||
|
}
|
||||||
|
|
||||||
|
static void
|
||||||
|
generate_subject32_record(const char *directory, const char *record_filename)
|
||||||
|
{
|
||||||
|
token_t *subject32_token;
|
||||||
|
|
||||||
|
subject32_tid.machine = inet_addr("127.0.0.1");
|
||||||
|
|
||||||
|
subject32_token = au_to_subject32(subject32_auid, subject32_euid,
|
||||||
|
subject32_egid, subject32_ruid, subject32_rgid, subject32_pid,
|
||||||
|
subject32_sid, &subject32_tid);
|
||||||
|
if (subject32_token == NULL)
|
||||||
|
err(EX_UNAVAILABLE, "au_to_subject32");
|
||||||
|
write_record(directory, record_filename, subject32_token, AUE_NULL);
|
||||||
|
}
|
||||||
|
|
||||||
|
static au_id_t process32_auid = 0x12345678;
|
||||||
|
static uid_t process32_euid = 0x01234567;
|
||||||
|
static gid_t process32_egid = 0x23456789;
|
||||||
|
static uid_t process32_ruid = 0x98765432;
|
||||||
|
static gid_t process32_rgid = 0x09876543;
|
||||||
|
static pid_t process32_pid = 0x13243546;
|
||||||
|
static au_asid_t process32_sid = 0x97867564;
|
||||||
|
static au_tid_t process32_tid = { 0x16593746 };
|
||||||
|
|
||||||
|
static void
|
||||||
|
generate_process32_token(const char *directory, const char *token_filename)
|
||||||
|
{
|
||||||
|
token_t *process32_token;
|
||||||
|
|
||||||
|
process32_tid.machine = inet_addr("127.0.0.1");
|
||||||
|
|
||||||
|
process32_token = au_to_process32(process32_auid, process32_euid,
|
||||||
|
process32_egid, process32_ruid, process32_rgid, process32_pid,
|
||||||
|
process32_sid, &process32_tid);
|
||||||
|
if (process32_token == NULL)
|
||||||
|
err(EX_UNAVAILABLE, "au_to_process32");
|
||||||
|
write_token(directory, token_filename, process32_token);
|
||||||
|
}
|
||||||
|
|
||||||
|
static void
|
||||||
|
generate_process32_record(const char *directory, const char *record_filename)
|
||||||
|
{
|
||||||
|
token_t *process32_token;
|
||||||
|
|
||||||
|
process32_tid.machine = inet_addr("127.0.0.1");
|
||||||
|
|
||||||
|
process32_token = au_to_process32(process32_auid, process32_euid,
|
||||||
|
process32_egid, process32_ruid, process32_rgid, process32_pid,
|
||||||
|
process32_sid, &process32_tid);
|
||||||
|
if (process32_token == NULL)
|
||||||
|
err(EX_UNAVAILABLE, "au_ti_process32");
|
||||||
|
write_record(directory, record_filename, process32_token, AUE_NULL);
|
||||||
|
}
|
||||||
|
|
||||||
|
static char return32_status = 0xd7;
|
||||||
|
static uint32_t return32_ret = 0x12345678;
|
||||||
|
|
||||||
|
static void
|
||||||
|
generate_return32_token(const char *directory, const char *token_filename)
|
||||||
|
{
|
||||||
|
token_t *return32_token;
|
||||||
|
|
||||||
|
return32_token = au_to_return32(return32_status, return32_ret);
|
||||||
|
if (return32_token == NULL)
|
||||||
|
err(EX_UNAVAILABLE, "au_to_return32");
|
||||||
|
write_token(directory, token_filename, return32_token);
|
||||||
|
}
|
||||||
|
|
||||||
|
static void
|
||||||
|
generate_return32_record(const char *directory, const char *record_filename)
|
||||||
|
{
|
||||||
|
token_t *return32_token;
|
||||||
|
|
||||||
|
return32_token = au_to_return32(return32_status, return32_ret);
|
||||||
|
if (return32_token == NULL)
|
||||||
|
err(EX_UNAVAILABLE, "au_to_return32");
|
||||||
|
write_record(directory, record_filename, return32_token, AUE_NULL);
|
||||||
|
}
|
||||||
|
|
||||||
|
static char *text_token_text = "This is a test.";
|
||||||
|
|
||||||
|
static void
|
||||||
|
generate_text_token(const char *directory, const char *token_filename)
|
||||||
|
{
|
||||||
|
token_t *text_token;
|
||||||
|
|
||||||
|
text_token = au_to_text(text_token_text);
|
||||||
|
if (text_token == NULL)
|
||||||
|
err(EX_UNAVAILABLE, "au_to_text");
|
||||||
|
write_token(directory, token_filename, text_token);
|
||||||
|
}
|
||||||
|
|
||||||
|
static void
|
||||||
|
generate_text_record(const char *directory, const char *record_filename)
|
||||||
|
{
|
||||||
|
token_t *text_token;
|
||||||
|
|
||||||
|
text_token = au_to_text(text_token_text);
|
||||||
|
if (text_token == NULL)
|
||||||
|
err(EX_UNAVAILABLE, "au_to_text");
|
||||||
|
write_record(directory, record_filename, text_token, AUE_NULL);
|
||||||
|
}
|
||||||
|
|
||||||
|
static char opaque_token_data[] = {0xaa, 0xbb, 0xcc, 0xdd};
|
||||||
|
static int opaque_token_bytes = sizeof(opaque_token_data);
|
||||||
|
|
||||||
|
static void
|
||||||
|
generate_opaque_token(const char *directory, const char *token_filename)
|
||||||
|
{
|
||||||
|
token_t *opaque_token;
|
||||||
|
|
||||||
|
opaque_token = au_to_opaque(opaque_token_data, opaque_token_bytes);
|
||||||
|
if (opaque_token == NULL)
|
||||||
|
err(EX_UNAVAILABLE, "au_to_opaque");
|
||||||
|
write_token(directory, token_filename, opaque_token);
|
||||||
|
}
|
||||||
|
|
||||||
|
static void
|
||||||
|
generate_opaque_record(const char *directory, const char *record_filename)
|
||||||
|
{
|
||||||
|
token_t *opaque_token;
|
||||||
|
|
||||||
|
opaque_token = au_to_opaque(opaque_token_data, opaque_token_bytes);
|
||||||
|
if (opaque_token == NULL)
|
||||||
|
err(EX_UNAVAILABLE, "au_to_opaque");
|
||||||
|
write_record(directory, record_filename, opaque_token, AUE_NULL);
|
||||||
|
}
|
||||||
|
|
||||||
|
static struct in_addr in_addr_token_addr;
|
||||||
|
|
||||||
|
static void
|
||||||
|
generate_in_addr_token(const char *directory, const char *token_filename)
|
||||||
|
{
|
||||||
|
token_t *in_addr_token;
|
||||||
|
|
||||||
|
in_addr_token_addr.s_addr = inet_addr("192.168.100.15");
|
||||||
|
|
||||||
|
in_addr_token = au_to_in_addr(&in_addr_token_addr);
|
||||||
|
if (in_addr_token == NULL)
|
||||||
|
err(EX_UNAVAILABLE, "au_to_in_addr");
|
||||||
|
write_token(directory, token_filename, in_addr_token);
|
||||||
|
}
|
||||||
|
|
||||||
|
static void
|
||||||
|
generate_in_addr_record(const char *directory, const char *record_filename)
|
||||||
|
{
|
||||||
|
token_t *in_addr_token;
|
||||||
|
|
||||||
|
in_addr_token_addr.s_addr = inet_addr("192.168.100.15");
|
||||||
|
|
||||||
|
in_addr_token = au_to_in_addr(&in_addr_token_addr);
|
||||||
|
if (in_addr_token == NULL)
|
||||||
|
err(EX_UNAVAILABLE, "au_to_in_addr");
|
||||||
|
write_record(directory, record_filename, in_addr_token, AUE_NULL);
|
||||||
|
}
|
||||||
|
|
||||||
|
static struct ip ip_token_ip;
|
||||||
|
static u_char ip_token_ip_v = 4;
|
||||||
|
static uint16_t ip_token_ip_id = 0x5478;
|
||||||
|
static u_char ip_token_ip_ttl = 64;
|
||||||
|
static u_char ip_token_ip_p = IPPROTO_ICMP;
|
||||||
|
static struct in_addr ip_token_ip_src;
|
||||||
|
static struct in_addr ip_token_ip_dst;
|
||||||
|
|
||||||
|
static void
|
||||||
|
generate_ip_token(const char *directory, const char *token_filename)
|
||||||
|
{
|
||||||
|
token_t *ip_token;
|
||||||
|
|
||||||
|
ip_token_ip_src.s_addr = inet_addr("192.168.100.155");
|
||||||
|
ip_token_ip_dst.s_addr = inet_addr("192.168.110.48");
|
||||||
|
|
||||||
|
memset(&ip_token_ip, 0, sizeof(ip_token_ip));
|
||||||
|
ip_token_ip.ip_v = ip_token_ip_v;
|
||||||
|
ip_token_ip.ip_len = htons(sizeof(ip_token_ip));
|
||||||
|
ip_token_ip.ip_id = htons(ip_token_ip_id);
|
||||||
|
ip_token_ip.ip_ttl = ip_token_ip_ttl;
|
||||||
|
ip_token_ip.ip_p = ip_token_ip_p;
|
||||||
|
ip_token_ip.ip_src = ip_token_ip_src;
|
||||||
|
ip_token_ip.ip_dst = ip_token_ip_dst;
|
||||||
|
|
||||||
|
ip_token = au_to_ip(&ip_token_ip);
|
||||||
|
if (ip_token == NULL)
|
||||||
|
err(EX_UNAVAILABLE, "au_to_ip");
|
||||||
|
write_token(directory, token_filename, ip_token);
|
||||||
|
}
|
||||||
|
|
||||||
|
static void
|
||||||
|
generate_ip_record(const char *directory, const char *record_filename)
|
||||||
|
{
|
||||||
|
token_t *ip_token;
|
||||||
|
|
||||||
|
ip_token_ip_src.s_addr = inet_addr("192.168.100.155");
|
||||||
|
ip_token_ip_dst.s_addr = inet_addr("192.168.110.48");
|
||||||
|
|
||||||
|
memset(&ip_token_ip, 0, sizeof(ip_token_ip));
|
||||||
|
ip_token_ip.ip_v = ip_token_ip_v;
|
||||||
|
ip_token_ip.ip_len = htons(sizeof(ip_token_ip));
|
||||||
|
ip_token_ip.ip_id = htons(ip_token_ip_id);
|
||||||
|
ip_token_ip.ip_ttl = ip_token_ip_ttl;
|
||||||
|
ip_token_ip.ip_p = ip_token_ip_p;
|
||||||
|
ip_token_ip.ip_src = ip_token_ip_src;
|
||||||
|
ip_token_ip.ip_dst = ip_token_ip_dst;
|
||||||
|
|
||||||
|
ip_token = au_to_ip(&ip_token_ip);
|
||||||
|
if (ip_token == NULL)
|
||||||
|
err(EX_UNAVAILABLE, "au_to_ip");
|
||||||
|
write_record(directory, record_filename, ip_token, AUE_NULL);
|
||||||
|
}
|
||||||
|
|
||||||
|
static u_int16_t iport_token_iport;
|
||||||
|
|
||||||
|
static void
|
||||||
|
generate_iport_token(const char *directory, const char *token_filename)
|
||||||
|
{
|
||||||
|
token_t *iport_token;
|
||||||
|
|
||||||
|
iport_token_iport = htons(80);
|
||||||
|
|
||||||
|
iport_token = au_to_iport(iport_token_iport);
|
||||||
|
if (iport_token == NULL)
|
||||||
|
err(EX_UNAVAILABLE, "au_to_iport");
|
||||||
|
write_token(directory, token_filename, iport_token);
|
||||||
|
}
|
||||||
|
|
||||||
|
static void
|
||||||
|
generate_iport_record(const char *directory, const char *record_filename)
|
||||||
|
{
|
||||||
|
token_t *iport_token;
|
||||||
|
|
||||||
|
iport_token_iport = htons(80);
|
||||||
|
|
||||||
|
iport_token = au_to_iport(iport_token_iport);
|
||||||
|
if (iport_token == NULL)
|
||||||
|
err(EX_UNAVAILABLE, "au_to_iport");
|
||||||
|
write_record(directory, record_filename, iport_token, AUE_NULL);
|
||||||
|
}
|
||||||
|
|
||||||
|
static char arg32_token_n = 3;
|
||||||
|
static char *arg32_token_text = "test_arg32_token";
|
||||||
|
static uint32_t arg32_token_v = 0xabcdef00;
|
||||||
|
|
||||||
|
static void
|
||||||
|
generate_arg32_token(const char *directory, const char *token_filename)
|
||||||
|
{
|
||||||
|
token_t *arg32_token;
|
||||||
|
|
||||||
|
arg32_token = au_to_arg32(arg32_token_n, arg32_token_text,
|
||||||
|
arg32_token_v);
|
||||||
|
if (arg32_token == NULL)
|
||||||
|
err(EX_UNAVAILABLE, "au_to_arg32");
|
||||||
|
write_token(directory, token_filename, arg32_token);
|
||||||
|
}
|
||||||
|
|
||||||
|
static void
|
||||||
|
generate_arg32_record(const char *directory, const char *record_filename)
|
||||||
|
{
|
||||||
|
token_t *arg32_token;
|
||||||
|
|
||||||
|
arg32_token = au_to_arg32(arg32_token_n, arg32_token_text,
|
||||||
|
arg32_token_v);
|
||||||
|
if (arg32_token == NULL)
|
||||||
|
err(EX_UNAVAILABLE, "au_to_arg32");
|
||||||
|
write_record(directory, record_filename, arg32_token, AUE_NULL);
|
||||||
|
}
|
||||||
|
|
||||||
|
static long seq_audit_count = 0x12345678;
|
||||||
|
|
||||||
|
static void
|
||||||
|
generate_seq_token(const char *directory, const char *token_filename)
|
||||||
|
{
|
||||||
|
token_t *seq_token;
|
||||||
|
|
||||||
|
seq_token = au_to_seq(seq_audit_count);
|
||||||
|
if (seq_token == NULL)
|
||||||
|
err(EX_UNAVAILABLE, "au_to_seq");
|
||||||
|
write_token(directory, token_filename, seq_token);
|
||||||
|
}
|
||||||
|
|
||||||
|
static void
|
||||||
|
generate_seq_record(const char *directory, const char *record_filename)
|
||||||
|
{
|
||||||
|
token_t *seq_token;
|
||||||
|
|
||||||
|
seq_token = au_to_seq(seq_audit_count);
|
||||||
|
if (seq_token == NULL)
|
||||||
|
err(EX_UNAVAILABLE, "au_to_seq");
|
||||||
|
write_record(directory, record_filename, seq_token, AUE_NULL);
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* AUT_ACL
|
||||||
|
*/
|
||||||
|
|
||||||
|
static void
|
||||||
|
generate_attr_token(const char *directory, const char *token_filename)
|
||||||
|
{
|
||||||
|
token_t *attr_token;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
static void
|
||||||
|
generate_attr_record(const char *directory, const char *record_filename)
|
||||||
|
{
|
||||||
|
token_t *attr_token;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
static void
|
||||||
|
generate_ipc_perm_token(const char *directory, const char *token_filename)
|
||||||
|
{
|
||||||
|
token_t *ipc_perm_token;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
static void
|
||||||
|
generate_ipc_perm_record(const char *directory, const char *record_filename)
|
||||||
|
{
|
||||||
|
token_t *ipc_perm_token;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* AUT_LABEL
|
||||||
|
*/
|
||||||
|
|
||||||
|
static void
|
||||||
|
generate_groups_token(const char *directory, const char *token_filename)
|
||||||
|
{
|
||||||
|
token_t *groups_token;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
static void
|
||||||
|
generate_groups_record(const char *directory, const char *record_filename)
|
||||||
|
{
|
||||||
|
token_t *groups_token;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* AUT_ILABEL
|
||||||
|
*/
|
||||||
|
|
||||||
|
/*
|
||||||
|
* AUT_SLABEL
|
||||||
|
*/
|
||||||
|
|
||||||
|
/*
|
||||||
|
* AUT_CLEAR
|
||||||
|
*/
|
||||||
|
|
||||||
|
/*
|
||||||
|
* AUT_PRIV
|
||||||
|
*/
|
||||||
|
|
||||||
|
/*
|
||||||
|
* AUT_UPRIV
|
||||||
|
*/
|
||||||
|
|
||||||
|
/*
|
||||||
|
* AUT_LIAISON
|
||||||
|
*/
|
||||||
|
|
||||||
|
/*
|
||||||
|
* AUT_NEWGROUPS
|
||||||
|
*/
|
||||||
|
|
||||||
|
/*
|
||||||
|
* AUT_EXEC_ARGS
|
||||||
|
*/
|
||||||
|
|
||||||
|
/*
|
||||||
|
* AUT_EXEC_ENV
|
||||||
|
*/
|
||||||
|
|
||||||
|
static void
|
||||||
|
generate_attr32_token(const char *directory, const char *token_filename)
|
||||||
|
{
|
||||||
|
token_t *attr32_token;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
static void
|
||||||
|
generate_attr32_record(const char *directory, const char *record_filename)
|
||||||
|
{
|
||||||
|
token_t *attr32_token;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
int
|
||||||
|
main(int argc, char *argv[])
|
||||||
|
{
|
||||||
|
const char *directory;
|
||||||
|
int ch;
|
||||||
|
|
||||||
|
while ((ch = getopt(argc, argv, "rt")) != -1) {
|
||||||
|
switch (ch) {
|
||||||
|
case 'r':
|
||||||
|
do_records++;
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 't':
|
||||||
|
do_tokens++;
|
||||||
|
break;
|
||||||
|
|
||||||
|
default:
|
||||||
|
usage();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
argc -= optind;
|
||||||
|
argv += optind;
|
||||||
|
|
||||||
|
if (argc != 1)
|
||||||
|
usage();
|
||||||
|
|
||||||
|
directory = argv[0];
|
||||||
|
|
||||||
|
if (mkdir(directory, 0755) < 0 && errno != EEXIST)
|
||||||
|
err(EX_OSERR, "mkdir: %s", directory);
|
||||||
|
|
||||||
|
if (do_tokens) {
|
||||||
|
generate_file_token(directory, "file_token");
|
||||||
|
generate_trailer_token(directory, "trailer_token");
|
||||||
|
generate_header32_token(directory, "header32_token");
|
||||||
|
generate_data_token(directory, "data_token");
|
||||||
|
generate_ipc_token(directory, "ipc_token");
|
||||||
|
generate_path_token(directory, "path_token");
|
||||||
|
generate_subject32_token(directory, "subject32_token");
|
||||||
|
generate_process32_token(directory, "process32_token");
|
||||||
|
generate_return32_token(directory, "return32_token");
|
||||||
|
generate_text_token(directory, "text_token");
|
||||||
|
generate_opaque_token(directory, "opaque_token");
|
||||||
|
generate_in_addr_token(directory, "in_addr_token");
|
||||||
|
generate_ip_token(directory, "ip_token");
|
||||||
|
generate_iport_token(directory, "iport_token");
|
||||||
|
generate_arg32_token(directory, "arg32_token");
|
||||||
|
generate_seq_token(directory, "seq_token");
|
||||||
|
generate_attr_token(directory, "attr_token");
|
||||||
|
generate_ipc_perm_token(directory, "ipc_perm_token");
|
||||||
|
generate_groups_token(directory, "groups_token");
|
||||||
|
generate_attr32_token(directory, "attr32_token");
|
||||||
|
}
|
||||||
|
|
||||||
|
if (do_records) {
|
||||||
|
generate_file_token(directory, "file_token");
|
||||||
|
generate_trailer_token(directory, "trailer_token");
|
||||||
|
generate_header32_token(directory, "header32_token");
|
||||||
|
generate_data_token(directory, "data_record");
|
||||||
|
generate_ipc_token(directory, "ipc_record");
|
||||||
|
generate_path_token(directory, "path_record");
|
||||||
|
generate_subject32_token(directory, "subject32_record");
|
||||||
|
generate_process32_token(directory, "process32_record");
|
||||||
|
generate_return32_token(directory, "return32_record");
|
||||||
|
generate_text_token(directory, "text_record");
|
||||||
|
generate_opaque_token(directory, "opaque_record");
|
||||||
|
generate_in_addr_token(directory, "in_addr_record");
|
||||||
|
generate_ip_token(directory, "ip_record");
|
||||||
|
generate_iport_token(directory, "iport_record");
|
||||||
|
generate_arg32_token(directory, "arg32_record");
|
||||||
|
generate_seq_token(directory, "seq_record");
|
||||||
|
generate_attr_token(directory, "attr_record");
|
||||||
|
generate_ipc_perm_token(directory, "ipc_perm_record");
|
||||||
|
generate_groups_token(directory, "groups_record");
|
||||||
|
generate_attr32_token(directory, "attr32_record");
|
||||||
|
}
|
||||||
|
|
||||||
|
return (0);
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user