From 911ea853e570be4aaaec9076b1240d857525432c Mon Sep 17 00:00:00 2001 From: Robert Watson Date: Sat, 15 Dec 2012 13:27:45 +0000 Subject: [PATCH] Vendor import of OpenBSM 1.2-alpha3. This eliminates most local patches made relative to OpenBSM 1.2-alpha2 in order to build OpenBSM as part of the FreeBSD base. Obtained from: TrustedBSD Project --- INSTALL | 4 ++-- NEWS | 8 +++++++- VERSION | 2 +- bin/auditdistd/auditdistd.conf.5 | 4 ++-- configure | 34 +++++++++++++++++--------------- configure.ac | 16 ++++++++------- etc/audit_event | 3 ++- sys/bsm/audit_kevents.h | 3 ++- sys/bsm/audit_record.h | 4 +++- 9 files changed, 46 insertions(+), 32 deletions(-) diff --git a/INSTALL b/INSTALL index a28665dd22b5..9e52b0d435a6 100644 --- a/INSTALL +++ b/INSTALL @@ -9,8 +9,8 @@ suppport is found. Typical builds will be performed using: make If doing development work on OpenBSM with gcc, the following invocation of -configure may be preferred in order to generate full compiler warnings and -force the compile to fail if a warning is found: +configure is preferred in order to generate full compiler warnings and force +the compile to fail if a warning is found: CFLAGS="-Wall -Werror" ./configure diff --git a/NEWS b/NEWS index 86f51632f74b..a55fabb2362d 100644 --- a/NEWS +++ b/NEWS @@ -1,5 +1,11 @@ OpenBSM Version History +OpenBSM 1.2 alpha 3 + +- Various minor tweaks to the auditdistd build to make it fit the FreeBSD + build environment better. +- AUE_WAIT6 merged from FreeBSD 9. + OpenBSM 1.2 alpha 2 - auditdistd, a distributed audit trail management daemon, has now been @@ -489,4 +495,4 @@ OpenBSM 1.0 alpha 1 to support reloading of kernel event table. - Allow comments in /etc/security configuration files. -$P4: //depot/projects/trustedbsd/openbsm/NEWS#53 $ +$P4: //depot/projects/trustedbsd/openbsm/NEWS#55 $ diff --git a/VERSION b/VERSION index 5b87628ef30c..b3ea4dc9eef9 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -OPENBSM_1_2alpha2 +OPENBSM_1_2_alpha3 diff --git a/bin/auditdistd/auditdistd.conf.5 b/bin/auditdistd/auditdistd.conf.5 index 46356df00a5f..13abb5a5c4c1 100644 --- a/bin/auditdistd/auditdistd.conf.5 +++ b/bin/auditdistd/auditdistd.conf.5 @@ -355,7 +355,7 @@ receiver { .Xr auditdistd 8 . .Sh AUTHORS The -.Nm -was written by +.Nm auditdistd +was developed by .An Pawel Jakub Dawidek Aq pawel@dawidek.net under sponsorship of the FreeBSD Foundation. diff --git a/configure b/configure index f1a473e0caa5..197a9bec8259 100755 --- a/configure +++ b/configure @@ -1,7 +1,7 @@ #! /bin/sh -# From configure.ac P4: //depot/projects/trustedbsd/openbsm/configure.ac#62 . +# From configure.ac P4: //depot/projects/trustedbsd/openbsm/configure.ac#65 . # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for OpenBSM 1.2alpha2. +# Generated by GNU Autoconf 2.69 for OpenBSM 1.2-alpha3. # # Report bugs to . # @@ -591,8 +591,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='OpenBSM' PACKAGE_TARNAME='openbsm' -PACKAGE_VERSION='1.2alpha2' -PACKAGE_STRING='OpenBSM 1.2alpha2' +PACKAGE_VERSION='1.2-alpha3' +PACKAGE_STRING='OpenBSM 1.2-alpha3' PACKAGE_BUGREPORT='trustedbsd-audit@TrustesdBSD.org' PACKAGE_URL='' @@ -1327,7 +1327,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures OpenBSM 1.2alpha2 to adapt to many kinds of systems. +\`configure' configures OpenBSM 1.2-alpha3 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1397,7 +1397,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of OpenBSM 1.2alpha2:";; + short | recursive ) echo "Configuration of OpenBSM 1.2-alpha3:";; esac cat <<\_ACEOF @@ -1511,7 +1511,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -OpenBSM configure 1.2alpha2 +OpenBSM configure 1.2-alpha3 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -1991,7 +1991,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by OpenBSM $as_me 1.2alpha2, which was +It was created by OpenBSM $as_me 1.2-alpha3, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -11552,7 +11552,7 @@ fi # Define the identity of the package. PACKAGE=OpenBSM - VERSION=1.2alpha2 + VERSION=1.2-alpha3 cat >>confdefs.h <<_ACEOF @@ -13559,12 +13559,14 @@ int main () { - bswap16(0); - bswap32(0); - bswap64(0); + int i; + + i = bswap16(0); + i = bswap32(0); + i = bswap64(0); be32enc(NULL, 0); - htole64(0); - le64toh(0); + i = htole64(0); + i = le64toh(0); ; return 0; @@ -14172,7 +14174,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by OpenBSM $as_me 1.2alpha2, which was +This file was extended by OpenBSM $as_me 1.2-alpha3, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -14238,7 +14240,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -OpenBSM config.status 1.2alpha2 +OpenBSM config.status 1.2-alpha3 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff --git a/configure.ac b/configure.ac index c8d2d693b42d..d1764879ec17 100644 --- a/configure.ac +++ b/configure.ac @@ -2,8 +2,8 @@ # Process this file with autoconf to produce a configure script. AC_PREREQ(2.59) -AC_INIT([OpenBSM], [1.2alpha2], [trustedbsd-audit@TrustesdBSD.org],[openbsm]) -AC_REVISION([$P4: //depot/projects/trustedbsd/openbsm/configure.ac#63 $]) +AC_INIT([OpenBSM], [1.2-alpha3], [trustedbsd-audit@TrustesdBSD.org],[openbsm]) +AC_REVISION([$P4: //depot/projects/trustedbsd/openbsm/configure.ac#66 $]) AC_CONFIG_MACRO_DIR([m4]) AC_CONFIG_SRCDIR([bin/auditreduce/auditreduce.c]) AC_CONFIG_AUX_DIR(config) @@ -217,12 +217,14 @@ AC_TRY_LINK([ #endif #include ], [ - bswap16(0); - bswap32(0); - bswap64(0); + int i; + + i = bswap16(0); + i = bswap32(0); + i = bswap64(0); be32enc(NULL, 0); - htole64(0); - le64toh(0); + i = htole64(0); + i = le64toh(0); ], [], [ AC_DEFINE(USE_COMPAT_ENDIAN_ENC_H,, Define if compat/endian_enc.h is required) AC_MSG_RESULT([using compat/endian_enc.h]) diff --git a/etc/audit_event b/etc/audit_event index 519183db24e9..223a83a4c408 100644 --- a/etc/audit_event +++ b/etc/audit_event @@ -1,5 +1,5 @@ # -# $P4: //depot/projects/trustedbsd/openbsm/etc/audit_event#42 $ +# $P4: //depot/projects/trustedbsd/openbsm/etc/audit_event#43 $ # # The mapping between event identifiers and values is also hard-coded in # audit_kevents.h and audit_uevents.h, so changes must occur in both places, @@ -561,6 +561,7 @@ 43198:AUE_PDKILL:pdkill(2):pc 43199:AUE_PDGETPID:pdgetpid(2):pc 43200:AUE_PDWAIT:pdwait(2):pc +43201:AUE_WAIT6:wait6(2):pc # # Solaris userspace events. # diff --git a/sys/bsm/audit_kevents.h b/sys/bsm/audit_kevents.h index db7fc941de41..94e42ab2eb83 100644 --- a/sys/bsm/audit_kevents.h +++ b/sys/bsm/audit_kevents.h @@ -26,7 +26,7 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/sys/bsm/audit_kevents.h#9 $ + * $P4: //depot/projects/trustedbsd/openbsm/sys/bsm/audit_kevents.h#10 $ */ #ifndef _BSM_AUDIT_KEVENTS_H_ @@ -601,6 +601,7 @@ #define AUE_PDKILL 43198 /* FreeBSD. */ #define AUE_PDGETPID 43199 /* FreeBSD. */ #define AUE_PDWAIT 43200 /* FreeBSD. */ +#define AUE_WAIT6 43201 /* FreeBSD. */ /* * Darwin BSM uses a number of AUE_O_* definitions, which are aliased to the diff --git a/sys/bsm/audit_record.h b/sys/bsm/audit_record.h index f8dced869f4f..2a49cdc6ec56 100644 --- a/sys/bsm/audit_record.h +++ b/sys/bsm/audit_record.h @@ -26,7 +26,7 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/sys/bsm/audit_record.h#10 $ + * $P4: //depot/projects/trustedbsd/openbsm/sys/bsm/audit_record.h#12 $ */ #ifndef _BSM_AUDIT_RECORD_H_ @@ -233,6 +233,7 @@ token_t *au_to_ipc_perm(struct ipc_perm *perm); token_t *au_to_iport(uint16_t iport); token_t *au_to_opaque(const char *data, uint16_t bytes); token_t *au_to_path(const char *path); +token_t *au_to_privset(char *privtypestr, char *privstr); token_t *au_to_process(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, gid_t rgid, pid_t pid, au_asid_t sid, au_tid_t *tid); token_t *au_to_process32(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, @@ -278,6 +279,7 @@ token_t *au_to_exec_env(char **envp); token_t *au_to_text(const char *text); token_t *au_to_kevent(struct kevent *kev); token_t *au_to_trailer(int rec_size); +token_t *au_to_upriv(char sorf, char *priv); token_t *au_to_zonename(const char *zonename); /*