bb97b41819
notes since the last import: OpenBSM 1.0 alpha 11 - Reclassify certain read/write operations as having no class rather than the fr/fw class; our default classes audit intent (open) not operations (read, write). - Introduce AUE_SYSCTL_WRITE event so that BSD/Darwin systems can audit reads and writes of sysctls as separate events. Add additional kernel environment and jail events for FreeBSD. - Break AUDIT_TRIGGER_OPEN_NEW into two events, AUDIT_TRIGGER_ROTATE_USER (issued by the user audit(8) tool) and AUDIT_TRIGGER_ROTATE_KERNEL (issued by the kernel audit implementation) so that they can be distinguished. - Disable rate limiting of rotate requests; as the kernel doesn't retransmit a dropped request, the log file will otherwise grow indefinitely if the trigger is dropped. - Improve auditd debugging output. - Fix a number of threading related bugs in audit_control file reading routines. - Add APIs au_poltostr() and au_strtopol() to convert between text representations of audit_control policy flags and the flags passed to auditon(A_SETPOLICY) and retrieved from auditon(A_GETPOLICY). - Add API getacpol() to return the 'policy:' entry from audit_control, an extension to the Solaris file format to allow specification of policy persistent flags. - Update audump to print the audit_control policy field. - Update auditd to read the audit_control policy field and set the kernel policy to match it when configuring/reconfiguring. Remove the -s and -h arguments as these policies are now set via the configuration file. If a policy line is not found in the configuration file, continue with the current default of setting AUDIT_CNT. - Fix bugs in the parsing of large execve(2) arguments and environmental variable tokens; increase maximum parsed argument and variable count. - configure now detects strlcat(), used by policy-related functions. - Reference token and record sample files added to test tree. Obtained from: TrustedBSD Project
114 lines
2.9 KiB
Plaintext
114 lines
2.9 KiB
Plaintext
# -*- Autoconf -*-
|
|
# Process this file with autoconf to produce a configure script.
|
|
|
|
AC_PREREQ(2.59)
|
|
AC_INIT([OpenBSM], [1.0a11], [trustedbsd-audit@TrustesdBSD.org],[openbsm])
|
|
AC_REVISION([$P4: //depot/projects/trustedbsd/openbsm/configure.ac#31 $])
|
|
AC_CONFIG_SRCDIR([bin/auditreduce/auditreduce.c])
|
|
AC_CONFIG_AUX_DIR(config)
|
|
AC_CONFIG_HEADER([config/config.h])
|
|
AM_MAINTAINER_MODE
|
|
|
|
# Checks for programs.
|
|
AC_PROG_CC
|
|
AC_PROG_INSTALL
|
|
AC_PROG_LIBTOOL
|
|
|
|
AM_INIT_AUTOMAKE(AC_PACKAGE_NAME, AC_PACKAGE_VERSION)
|
|
|
|
AC_SEARCH_LIBS(dlsym, dl)
|
|
AC_SEARCH_LIBS(clock_gettime, rt)
|
|
|
|
# Checks for header files.
|
|
AC_HEADER_STDC
|
|
AC_HEADER_SYS_WAIT
|
|
AC_CHECK_HEADERS([endian.h mach/mach.h machine/endian.h sys/endian.h])
|
|
|
|
# Checks for typedefs, structures, and compiler characteristics.
|
|
AC_C_CONST
|
|
AC_TYPE_UID_T
|
|
AC_TYPE_PID_T
|
|
AC_TYPE_SIZE_T
|
|
AC_CHECK_MEMBERS([struct stat.st_rdev])
|
|
|
|
AC_CHECK_MEMBER([struct ipc_perm.__key],
|
|
[AC_DEFINE(HAVE_IPC_PERM___KEY,, Define if ipc_perm.__key instead of key)],
|
|
[],[
|
|
#include <sys/types.h>
|
|
#include <sys/ipc.h>
|
|
])
|
|
|
|
AC_CHECK_MEMBER([struct ipc_perm.__seq],
|
|
[AC_DEFINE(HAVE_IPC_PERM___SEQ,, Define if ipc_perm.__seq instead of seq)],
|
|
[],[
|
|
#include <sys/types.h>
|
|
#include <sys/ipc.h>
|
|
])
|
|
|
|
AC_HEADER_TIME
|
|
AC_STRUCT_TM
|
|
|
|
# Checks for library functions.
|
|
AC_FUNC_CHOWN
|
|
AC_FUNC_FORK
|
|
AC_FUNC_MALLOC
|
|
AC_FUNC_MKTIME
|
|
AC_TYPE_SIGNAL
|
|
AC_FUNC_STAT
|
|
AC_FUNC_STRFTIME
|
|
AC_CHECK_FUNCS([bzero clock_gettime ftruncate gettimeofday inet_ntoa memset strchr strerror strlcat strrchr strstr strtol strtoul])
|
|
|
|
# sys/queue.h exists on most systems, but its capabilities vary a great deal.
|
|
# test for LIST_FIRST and TAILQ_FOREACH_SAFE, which appears to not exist in
|
|
# all of them, and are necessary for OpenBSM.
|
|
AC_TRY_LINK([
|
|
#include <sys/queue.h>
|
|
], [
|
|
|
|
#ifndef LIST_FIRST
|
|
#error LIST_FIRST missing
|
|
#endif
|
|
#ifndef TAILQ_FOREACH_SAFE
|
|
#error TAILQ_FOREACH_SAFE
|
|
#endif
|
|
], [
|
|
AC_DEFINE(HAVE_FULL_QUEUE_H,, Define if queue.h includes LIST_FIRST)
|
|
])
|
|
|
|
# Systems may not define key audit system calls, in which case libbsm cannot
|
|
# depend on them or it will generate link-time or run-time errors. Test for
|
|
# just one.
|
|
AC_TRY_LINK([
|
|
#include <stdlib.h>
|
|
|
|
extern int auditon(int, void *, int);
|
|
], [
|
|
int err;
|
|
|
|
err = auditon(0, NULL, 0);
|
|
], [
|
|
AC_DEFINE(HAVE_AUDIT_SYSCALLS,, Define if audit system calls present)
|
|
have_audit_syscalls=true
|
|
], [
|
|
have_audit_syscalls=false
|
|
])
|
|
AM_CONDITIONAL(HAVE_AUDIT_SYSCALLS, $have_audit_syscalls)
|
|
|
|
AC_CONFIG_FILES([Makefile
|
|
bin/Makefile
|
|
bin/audit/Makefile
|
|
bin/auditd/Makefile
|
|
bin/auditfilterd/Makefile
|
|
bin/auditreduce/Makefile
|
|
bin/praudit/Makefile
|
|
bsm/Makefile
|
|
libbsm/Makefile
|
|
modules/Makefile
|
|
modules/auditfilter_noop/Makefile
|
|
man/Makefile
|
|
test/Makefile
|
|
test/bsm/Makefile
|
|
tools/Makefile])
|
|
|
|
AC_OUTPUT
|