Merge OpenBSM 1.1 from OpenBSM vendor branch to head.

OpenBSM history for imported revision below for reference.

MFC after:      2 weeks
Sponsored by:   Apple, Inc.
Obtained from:  TrustedBSD Project

OpenBSM 1.1

- Change auditon(2) parameters and data structures to be 32/64-bit architecture
  independent.  Add more information to man page about auditon(2) parameters.
- Add wrapper functions for auditon(2) to use legacy commands when the new
  commands are not supported.
- Add default for 'expire-after' in audit_control to expire trail files when
  the audit directory is more than 10 megabytes ('10M').
- Interface to convert between local and BSM fcntl(2) command values has been
  added:  au_bsm_to_fcntl_cmd(3) and au_fcntl_cmd_to_bsm(3), along with
  definitions of constants in audit_fcntl.h.
- A bug, introduced in OpenBSM 1.1 alpha 4, in which AUT_RETURN32 tokens
  generated by audit_submit(3) were improperly encoded has been fixed.
- Fix example in audit_submit(3) man page.  Also, make it clear that we want
  the audit ID as the argument.
- A new audit event class 'aa', for post-login authentication and
  authorization events, has been added.
This commit is contained in:
rwatson 2009-04-19 16:17:13 +00:00
commit 0776eb3d4e
62 changed files with 4978 additions and 2905 deletions

View File

@ -28,6 +28,7 @@ the development of OpenBSM:
Xin LI
Stacey Son
Todd Heberlein
Gary Hoo
In addition, Coverity, Inc.'s Prevent(tm) static analysis tool and Gimpel
Software's FlexeLint tool were used to identify a number of bugs in the

View File

@ -2,9 +2,8 @@ OpenBSM Build and Installation Instructions
OpenBSM is currently built using autoconf and automake, which should allow
for building on a range of operating systems, including FreeBSD, Mac OS X,
and Linux. Depending on the availability of audit facilities in the
underlying operating system, some components that depend on kernel audit
support are built conditionally. Typically, build will be performed using:
and Linux. Some components are built only if appropriate kernel audit
suppport is found. Typical builds will be performed using:
./configure
make
@ -15,10 +14,14 @@ force the compile to fail if a warning is found:
CFLAGS="-Wall -Werror" ./configure
To install, use:
To install the library, binaries, and man pages, use:
make install
The OpenBSM install will not install files in /etc; these have to be
manually installed or merged. Currently, the locations of these files are
not configurable.
You may wish to specify that the OpenBSM components not be installed in the
base system, rather in a specific directory. This may be done using the
--prefix argument to configure. If installing to a specific directory,
@ -29,7 +32,3 @@ directory the correct libbsm is used:
make
make install
LD_LIBRARY_PATH=/home/rwatson/openbsm/libbsm ; export LD_LIBRARY_PATH
You will need to manually propagate openbsm/etc/* into /etc/security on your
system; this is not done automatically so as to avoid disrupting the current
configuration. Currently, the locations of these files is not configurable.

View File

@ -1,8 +1,8 @@
# Makefile.in generated by automake 1.10 from Makefile.am.
# Makefile.in generated by automake 1.10.1 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@ -15,7 +15,7 @@
@SET_MAKE@
#
# $P4: //depot/projects/trustedbsd/openbsm/Makefile.in#9 $
# $P4: //depot/projects/trustedbsd/openbsm/Makefile.in#10 $
#
VPATH = @srcdir@
pkgdatadir = $(datadir)/@PACKAGE@
@ -97,6 +97,7 @@ CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DSYMUTIL = @DSYMUTIL@
ECHO = @ECHO@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
@ -121,6 +122,7 @@ MAINT = @MAINT@
MAKEINFO = @MAKEINFO@
MIG = @MIG@
MKDIR_P = @MKDIR_P@
NMEDIT = @NMEDIT@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
@ -184,6 +186,7 @@ sharedstatedir = @sharedstatedir@
srcdir = @srcdir@
sysconfdir = @sysconfdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
SUBDIRS = bsm $(am__append_1) libbsm bin man modules sys
@ -332,8 +335,8 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
mkid -fID $$unique
tags: TAGS
@ -358,8 +361,8 @@ TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonempty = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
test -n "$$unique" || unique=$$empty_fix; \
$(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
@ -369,13 +372,12 @@ ctags: CTAGS
CTAGS: ctags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
$(TAGS_FILES) $(LISP)
tags=; \
here=`pwd`; \
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonempty = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
test -z "$(CTAGS_ARGS)$$tags$$unique" \
|| $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
$$tags $$unique
@ -446,6 +448,10 @@ dist-bzip2: distdir
tardir=$(distdir) && $(am__tar) | bzip2 -9 -c >$(distdir).tar.bz2
$(am__remove_distdir)
dist-lzma: distdir
tardir=$(distdir) && $(am__tar) | lzma -9 -c >$(distdir).tar.lzma
$(am__remove_distdir)
dist-tarZ: distdir
tardir=$(distdir) && $(am__tar) | compress -c >$(distdir).tar.Z
$(am__remove_distdir)
@ -472,6 +478,8 @@ distcheck: dist
GZIP=$(GZIP_ENV) gunzip -c $(distdir).tar.gz | $(am__untar) ;;\
*.tar.bz2*) \
bunzip2 -c $(distdir).tar.bz2 | $(am__untar) ;;\
*.tar.lzma*) \
unlzma -c $(distdir).tar.lzma | $(am__untar) ;;\
*.tar.Z*) \
uncompress -c $(distdir).tar.Z | $(am__untar) ;;\
*.shar.gz*) \
@ -623,8 +631,8 @@ uninstall-am:
.PHONY: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) CTAGS GTAGS \
all all-am am--refresh check check-am clean clean-generic \
clean-libtool ctags ctags-recursive dist dist-all dist-bzip2 \
dist-gzip dist-shar dist-tarZ dist-zip distcheck distclean \
distclean-generic distclean-hdr distclean-libtool \
dist-gzip dist-lzma dist-shar dist-tarZ dist-zip distcheck \
distclean distclean-generic distclean-hdr distclean-libtool \
distclean-tags distcleancheck distdir distuninstallcheck dvi \
dvi-am html html-am info info-am install install-am \
install-data install-data-am install-dvi install-dvi-am \

View File

@ -1,5 +1,23 @@
OpenBSM Version History
OpenBSM 1.1
- Change auditon(2) parameters and data structures to be 32/64-bit architecture
independent. Add more information to man page about auditon(2) parameters.
- Add wrapper functions for auditon(2) to use legacy commands when the new
commands are not supported.
- Add default for 'expire-after' in audit_control to expire trail files when
the audit directory is more than 10 megabytes ('10M').
- Interface to convert between local and BSM fcntl(2) command values has been
added: au_bsm_to_fcntl_cmd(3) and au_fcntl_cmd_to_bsm(3), along with
definitions of constants in audit_fcntl.h.
- A bug, introduced in OpenBSM 1.1 alpha 4, in which AUT_RETURN32 tokens
generated by audit_submit(3) were improperly encoded has been fixed.
- Fix example in audit_submit(3) man page. Also, make it clear that we want
the audit ID as the argument.
- A new audit event class 'aa', for post-login authentication and
authorization events, has been added.
OpenBSM 1.1 beta 1
- The filesz parameter in audit_control(5) now accepts suffixes: 'B' for
@ -431,4 +449,4 @@ OpenBSM 1.0 alpha 1
to support reloading of kernel event table.
- Allow comments in /etc/security configuration files.
$P4: //depot/projects/trustedbsd/openbsm/NEWS#32 $
$P4: //depot/projects/trustedbsd/openbsm/NEWS#40 $

View File

@ -1,15 +1,22 @@
OpenBSM 1.1 beta 1
OpenBSM 1.1
Introduction
OpenBSM provides an open source implementation of Sun's BSM Audit API.
Originally created under contract to Apple Computer by McAfee Research, this
implementation is now maintained by volunteers and the generous contribution
of several organizations. Coupled with a kernel audit implementation,
OpenBSM can be used to maintain system audit streams, and is a foundation for
an Audit-enabled system. Portions of OpenBSM, including include files and
token-building routines, are reusable in a kernel audit implementation, and
may be found in the FreeBSD and Mac OS X kernels.
OpenBSM is an open source implementation of Sun's BSM event auditing file
format and API. Originally created for Apple Computer by McAfee Research,
OpenBSM is now maintained by volunteers and through the generous contribution
of several organizations.
OpenBSM includes several command line tools, including auditreduce(8) and
praudit(8) for reducing and printing audit trails, as well as the libbsm(3)
library to manage configuration files, generate audit records, and parse and
print audit trils.
Coupled with a kernel audit implementation, OpenBSM can be used to maintain
system audit streams, and is a foundation for a full audit-enabled system.
Portions of OpenBSM, including include files and token-building routines, are
reusable in a kernel audit implementation, and may be found in the FreeBSD
and Mac OS X kernels.
Contents
@ -17,7 +24,7 @@ OpenBSM consists of several directories:
bin/ Audit-related command line tools
bsm/ Library include files for BSM
compat/ Compatibility code to build on various OS's
compat/ Compatibility code to build on various operating systems
etc/ Sample /etc/security configuration files
libauditd Common audit management functions for auditd and launchd
libbsm/ Implementation of BSM library interfaces and man pages
@ -44,7 +51,8 @@ Please see the file INSTALL for build and installation instructions.
The TrustedBSD Project would appreciate the contribution of bug fixes,
enhancements, etc, under identically or substantially similar licenses to
those present on the remainder of the OpenBSM source code.
those present on the remainder of the OpenBSM source code. Please see the
file CREDITS to learn more about who has contributed to the project.
Location
@ -56,4 +64,4 @@ Information on TrustedBSD may be found on the TrustedBSD home page:
http://www.TrustedBSD.org/
$P4: //depot/projects/trustedbsd/openbsm/README#35 $
$P4: //depot/projects/trustedbsd/openbsm/README#36 $

View File

@ -16,11 +16,10 @@ OpenBSM TODO
just at the beginning of a record. This will make it easier to use
praudit in test suites processing single-token files without header and
trailer context.
- Put hostname in trail file name.
- Document audit_warn event arguments.
- Allow the path /etc/security to be configured at configure-time so that
alternative locations can be used.
- NLS support for au_strerror(3), which provides error strings for BSM errors
not available on the local OS platform.
$P4: //depot/projects/trustedbsd/openbsm/TODO#12 $
$P4: //depot/projects/trustedbsd/openbsm/TODO#13 $

View File

@ -1 +1 @@
OPENBSM_1_1_BETA_1
OPENBSM_1_1

View File

@ -1,7 +1,7 @@
# generated automatically by aclocal 1.10 -*- Autoconf -*-
# generated automatically by aclocal 1.10.1 -*- Autoconf -*-
# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004,
# 2005, 2006 Free Software Foundation, Inc.
# 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@ -11,14 +11,17 @@
# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE.
m4_if(m4_PACKAGE_VERSION, [2.61],,
[m4_fatal([this file was generated for autoconf 2.61.
You have another version of autoconf. If you want to use that,
you should regenerate the build system entirely.], [63])])
m4_ifndef([AC_AUTOCONF_VERSION],
[m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl
m4_if(AC_AUTOCONF_VERSION, [2.62],,
[m4_warning([this file was generated for autoconf 2.62.
You have another version of autoconf. It may work, but is not guaranteed to.
If you have problems, you may need to regenerate the build system entirely.
To do so, use the procedure documented by the package, typically `autoreconf'.])])
# libtool.m4 - Configure libtool for the host system. -*-Autoconf-*-
# serial 51 AC_PROG_LIBTOOL
# serial 52 AC_PROG_LIBTOOL
# AC_PROVIDE_IFELSE(MACRO-NAME, IF-PROVIDED, IF-NOT-PROVIDED)
@ -106,7 +109,6 @@ AC_REQUIRE([AC_DEPLIBS_CHECK_METHOD])dnl
AC_REQUIRE([AC_OBJEXT])dnl
AC_REQUIRE([AC_EXEEXT])dnl
dnl
AC_LIBTOOL_SYS_MAX_CMD_LEN
AC_LIBTOOL_SYS_GLOBAL_SYMBOL_PIPE
AC_LIBTOOL_OBJDIR
@ -208,6 +210,8 @@ file_magic*)
;;
esac
_LT_REQUIRED_DARWIN_CHECKS
AC_PROVIDE_IFELSE([AC_LIBTOOL_DLOPEN], enable_dlopen=yes, enable_dlopen=no)
AC_PROVIDE_IFELSE([AC_LIBTOOL_WIN32_DLL],
enable_win32_dll=yes, enable_win32_dll=no)
@ -287,9 +291,80 @@ ac_outfile=conftest.$ac_objext
echo "$lt_simple_link_test_code" >conftest.$ac_ext
eval "$ac_link" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err
_lt_linker_boilerplate=`cat conftest.err`
$rm conftest*
$rm -r conftest*
])# _LT_LINKER_BOILERPLATE
# _LT_REQUIRED_DARWIN_CHECKS
# --------------------------
# Check for some things on darwin
AC_DEFUN([_LT_REQUIRED_DARWIN_CHECKS],[
case $host_os in
rhapsody* | darwin*)
AC_CHECK_TOOL([DSYMUTIL], [dsymutil], [:])
AC_CHECK_TOOL([NMEDIT], [nmedit], [:])
AC_CACHE_CHECK([for -single_module linker flag],[lt_cv_apple_cc_single_mod],
[lt_cv_apple_cc_single_mod=no
if test -z "${LT_MULTI_MODULE}"; then
# By default we will add the -single_module flag. You can override
# by either setting the environment variable LT_MULTI_MODULE
# non-empty at configure time, or by adding -multi_module to the
# link flags.
echo "int foo(void){return 1;}" > conftest.c
$LTCC $LTCFLAGS $LDFLAGS -o libconftest.dylib \
-dynamiclib ${wl}-single_module conftest.c
if test -f libconftest.dylib; then
lt_cv_apple_cc_single_mod=yes
rm -rf libconftest.dylib*
fi
rm conftest.c
fi])
AC_CACHE_CHECK([for -exported_symbols_list linker flag],
[lt_cv_ld_exported_symbols_list],
[lt_cv_ld_exported_symbols_list=no
save_LDFLAGS=$LDFLAGS
echo "_main" > conftest.sym
LDFLAGS="$LDFLAGS -Wl,-exported_symbols_list,conftest.sym"
AC_LINK_IFELSE([AC_LANG_PROGRAM([],[])],
[lt_cv_ld_exported_symbols_list=yes],
[lt_cv_ld_exported_symbols_list=no])
LDFLAGS="$save_LDFLAGS"
])
case $host_os in
rhapsody* | darwin1.[[0123]])
_lt_dar_allow_undefined='${wl}-undefined ${wl}suppress' ;;
darwin1.*)
_lt_dar_allow_undefined='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' ;;
darwin*)
# if running on 10.5 or later, the deployment target defaults
# to the OS version, if on x86, and 10.4, the deployment
# target defaults to 10.4. Don't you love it?
case ${MACOSX_DEPLOYMENT_TARGET-10.0},$host in
10.0,*86*-darwin8*|10.0,*-darwin[[91]]*)
_lt_dar_allow_undefined='${wl}-undefined ${wl}dynamic_lookup' ;;
10.[[012]]*)
_lt_dar_allow_undefined='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' ;;
10.*)
_lt_dar_allow_undefined='${wl}-undefined ${wl}dynamic_lookup' ;;
esac
;;
esac
if test "$lt_cv_apple_cc_single_mod" = "yes"; then
_lt_dar_single_mod='$single_module'
fi
if test "$lt_cv_ld_exported_symbols_list" = "yes"; then
_lt_dar_export_syms=' ${wl}-exported_symbols_list,$output_objdir/${libname}-symbols.expsym'
else
_lt_dar_export_syms="~$NMEDIT -s \$output_objdir/\${libname}-symbols.expsym \${lib}"
fi
if test "$DSYMUTIL" != ":"; then
_lt_dsymutil="~$DSYMUTIL \$lib || :"
else
_lt_dsymutil=
fi
;;
esac
])
# _LT_AC_SYS_LIBPATH_AIX
# ----------------------
@ -614,7 +689,11 @@ sparc*-*solaris*)
*64-bit*)
case $lt_cv_prog_gnu_ld in
yes*) LD="${LD-ld} -m elf64_sparc" ;;
*) LD="${LD-ld} -64" ;;
*)
if ${LD-ld} -64 -r -o conftest2.o conftest.o >/dev/null 2>&1; then
LD="${LD-ld} -64"
fi
;;
esac
;;
esac
@ -707,7 +786,7 @@ AC_CACHE_CHECK([$1], [$2],
$2=yes
fi
fi
$rm conftest*
$rm -r conftest*
LDFLAGS="$save_LDFLAGS"
])
@ -978,7 +1057,7 @@ else
AC_CHECK_FUNC([shl_load],
[lt_cv_dlopen="shl_load"],
[AC_CHECK_LIB([dld], [shl_load],
[lt_cv_dlopen="shl_load" lt_cv_dlopen_libs="-dld"],
[lt_cv_dlopen="shl_load" lt_cv_dlopen_libs="-ldld"],
[AC_CHECK_FUNC([dlopen],
[lt_cv_dlopen="dlopen"],
[AC_CHECK_LIB([dl], [dlopen],
@ -986,7 +1065,7 @@ else
[AC_CHECK_LIB([svld], [dlopen],
[lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-lsvld"],
[AC_CHECK_LIB([dld], [dld_link],
[lt_cv_dlopen="dld_link" lt_cv_dlopen_libs="-dld"])
[lt_cv_dlopen="dld_link" lt_cv_dlopen_libs="-ldld"])
])
])
])
@ -1303,7 +1382,7 @@ aix3*)
soname_spec='${libname}${release}${shared_ext}$major'
;;
aix4* | aix5*)
aix[[4-9]]*)
version_type=linux
need_lib_prefix=no
need_version=no
@ -1824,6 +1903,13 @@ esac
AC_MSG_RESULT([$dynamic_linker])
test "$dynamic_linker" = no && can_build_shared=no
AC_CACHE_VAL([lt_cv_sys_lib_search_path_spec],
[lt_cv_sys_lib_search_path_spec="$sys_lib_search_path_spec"])
sys_lib_search_path_spec="$lt_cv_sys_lib_search_path_spec"
AC_CACHE_VAL([lt_cv_sys_lib_dlsearch_path_spec],
[lt_cv_sys_lib_dlsearch_path_spec="$sys_lib_dlsearch_path_spec"])
sys_lib_dlsearch_path_spec="$lt_cv_sys_lib_dlsearch_path_spec"
variables_saved_for_relink="PATH $shlibpath_var $runpath_var"
if test "$GCC" = yes; then
variables_saved_for_relink="$variables_saved_for_relink GCC_EXEC_PREFIX COMPILER_PATH LIBRARY_PATH"
@ -2323,7 +2409,7 @@ lt_cv_deplibs_check_method='unknown'
# whether `pass_all' will *always* work, you probably want this one.
case $host_os in
aix4* | aix5*)
aix[[4-9]]*)
lt_cv_deplibs_check_method=pass_all
;;
@ -2759,7 +2845,7 @@ aix3*)
fi
;;
aix4* | aix5*)
aix[[4-9]]*)
if test "$host_cpu" != ia64 && test "$aix_use_runtimelinking" = no ; then
test "$enable_shared" = yes && enable_static=no
fi
@ -2816,6 +2902,7 @@ _LT_AC_TAGVAR(postdep_objects, $1)=
_LT_AC_TAGVAR(predeps, $1)=
_LT_AC_TAGVAR(postdeps, $1)=
_LT_AC_TAGVAR(compiler_lib_search_path, $1)=
_LT_AC_TAGVAR(compiler_lib_search_dirs, $1)=
# Source file extension for C++ test sources.
ac_ext=cpp
@ -2925,7 +3012,7 @@ case $host_os in
# FIXME: insert proper C++ library support
_LT_AC_TAGVAR(ld_shlibs, $1)=no
;;
aix4* | aix5*)
aix[[4-9]]*)
if test "$host_cpu" = ia64; then
# On IA64, the linker does run time linking by default, so we don't
# have to do anything special.
@ -2938,7 +3025,7 @@ case $host_os in
# Test if we are trying to use run time linking or normal
# AIX style linking. If -brtl is somewhere in LDFLAGS, we
# need to do runtime linking.
case $host_os in aix4.[[23]]|aix4.[[23]].*|aix5*)
case $host_os in aix4.[[23]]|aix4.[[23]].*|aix[[5-9]]*)
for ld_flag in $LDFLAGS; do
case $ld_flag in
*-brtl*)
@ -3084,51 +3171,23 @@ case $host_os in
fi
;;
darwin* | rhapsody*)
case $host_os in
rhapsody* | darwin1.[[012]])
_LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-undefined ${wl}suppress'
;;
*) # Darwin 1.3 on
if test -z ${MACOSX_DEPLOYMENT_TARGET} ; then
_LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-flat_namespace ${wl}-undefined ${wl}suppress'
else
case ${MACOSX_DEPLOYMENT_TARGET} in
10.[[012]])
_LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-flat_namespace ${wl}-undefined ${wl}suppress'
;;
10.*)
_LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-undefined ${wl}dynamic_lookup'
;;
esac
fi
;;
esac
_LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no
_LT_AC_TAGVAR(hardcode_direct, $1)=no
_LT_AC_TAGVAR(hardcode_automatic, $1)=yes
_LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=unsupported
_LT_AC_TAGVAR(whole_archive_flag_spec, $1)=''
_LT_AC_TAGVAR(link_all_deplibs, $1)=yes
_LT_AC_TAGVAR(allow_undefined_flag, $1)="$_lt_dar_allow_undefined"
if test "$GXX" = yes ; then
lt_int_apple_cc_single_mod=no
output_verbose_link_cmd='echo'
if $CC -dumpspecs 2>&1 | $EGREP 'single_module' >/dev/null ; then
lt_int_apple_cc_single_mod=yes
_LT_AC_TAGVAR(archive_cmds, $1)="\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod${_lt_dsymutil}"
_LT_AC_TAGVAR(module_cmds, $1)="\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dsymutil}"
_LT_AC_TAGVAR(archive_expsym_cmds, $1)="sed 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring ${_lt_dar_single_mod}${_lt_dar_export_syms}${_lt_dsymutil}"
_LT_AC_TAGVAR(module_expsym_cmds, $1)="sed -e 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dar_export_syms}${_lt_dsymutil}"
if test "$lt_cv_apple_cc_single_mod" != "yes"; then
_LT_AC_TAGVAR(archive_cmds, $1)="\$CC -r -keep_private_externs -nostdlib -o \${lib}-master.o \$libobjs~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \${lib}-master.o \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring${_lt_dsymutil}"
_LT_AC_TAGVAR(archive_expsym_cmds, $1)="sed 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC -r -keep_private_externs -nostdlib -o \${lib}-master.o \$libobjs~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \${lib}-master.o \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring${_lt_dar_export_syms}${_lt_dsymutil}"
fi
if test "X$lt_int_apple_cc_single_mod" = Xyes ; then
_LT_AC_TAGVAR(archive_cmds, $1)='$CC -dynamiclib -single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring'
else
_LT_AC_TAGVAR(archive_cmds, $1)='$CC -r -keep_private_externs -nostdlib -o ${lib}-master.o $libobjs~$CC -dynamiclib $allow_undefined_flag -o $lib ${lib}-master.o $deplibs $compiler_flags -install_name $rpath/$soname $verstring'
fi
_LT_AC_TAGVAR(module_cmds, $1)='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags'
# Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin lds
if test "X$lt_int_apple_cc_single_mod" = Xyes ; then
_LT_AC_TAGVAR(archive_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -dynamiclib -single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}'
else
_LT_AC_TAGVAR(archive_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -r -keep_private_externs -nostdlib -o ${lib}-master.o $libobjs~$CC -dynamiclib $allow_undefined_flag -o $lib ${lib}-master.o $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}'
fi
_LT_AC_TAGVAR(module_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}'
else
case $cc_basename in
xlc*)
@ -3379,7 +3438,7 @@ case $host_os in
_LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic'
_LT_AC_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive$convenience ${wl}--no-whole-archive'
;;
pgCC*)
pgCC* | pgcpp*)
# Portland Group C++ compiler
_LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname -o $lib'
_LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname ${wl}-retain-symbols-file ${wl}$export_symbols -o $lib'
@ -3814,7 +3873,8 @@ lt_cv_prog_gnu_ld=$lt_save_with_gnu_ld
# compiler output when linking a shared library.
# Parse the compiler output and extract the necessary
# objects, libraries and library flags.
AC_DEFUN([AC_LIBTOOL_POSTDEP_PREDEP],[
AC_DEFUN([AC_LIBTOOL_POSTDEP_PREDEP],
[AC_REQUIRE([LT_AC_PROG_SED])dnl
dnl we can't use the lt_simple_compile_test_code here,
dnl because it contains code intended for an executable,
dnl not a library. It's possible we should let each
@ -3939,6 +3999,11 @@ fi
$rm -f confest.$objext
_LT_AC_TAGVAR(compiler_lib_search_dirs, $1)=
if test -n "$_LT_AC_TAGVAR(compiler_lib_search_path, $1)"; then
_LT_AC_TAGVAR(compiler_lib_search_dirs, $1)=`echo " ${_LT_AC_TAGVAR(compiler_lib_search_path, $1)}" | ${SED} -e 's! -L! !g' -e 's!^ !!'`
fi
# PORTME: override above test on systems where it is broken
ifelse([$1],[CXX],
[case $host_os in
@ -3995,7 +4060,6 @@ solaris*)
;;
esac
])
case " $_LT_AC_TAGVAR(postdeps, $1) " in
*" -lc "*) _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no ;;
esac
@ -4080,7 +4144,7 @@ aix3*)
postinstall_cmds='$RANLIB $lib'
fi
;;
aix4* | aix5*)
aix[[4-9]]*)
if test "$host_cpu" != ia64 && test "$aix_use_runtimelinking" = no ; then
test "$enable_shared" = yes && enable_static=no
fi
@ -4257,6 +4321,7 @@ if test -f "$ltmain"; then
_LT_AC_TAGVAR(predeps, $1) \
_LT_AC_TAGVAR(postdeps, $1) \
_LT_AC_TAGVAR(compiler_lib_search_path, $1) \
_LT_AC_TAGVAR(compiler_lib_search_dirs, $1) \
_LT_AC_TAGVAR(archive_cmds, $1) \
_LT_AC_TAGVAR(archive_expsym_cmds, $1) \
_LT_AC_TAGVAR(postinstall_cmds, $1) \
@ -4319,7 +4384,7 @@ ifelse([$1], [],
# Generated automatically by $PROGRAM (GNU $PACKAGE $VERSION$TIMESTAMP)
# NOTE: Changes made to this file will be lost: look at ltmain.sh.
#
# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007
# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008
# Free Software Foundation, Inc.
#
# This file is part of GNU Libtool:
@ -4556,6 +4621,10 @@ predeps=$lt_[]_LT_AC_TAGVAR(predeps, $1)
# shared library.
postdeps=$lt_[]_LT_AC_TAGVAR(postdeps, $1)
# The directories searched by this compiler when creating a shared
# library
compiler_lib_search_dirs=$lt_[]_LT_AC_TAGVAR(compiler_lib_search_dirs, $1)
# The library search path used internally by the compiler when linking
# a shared library.
compiler_lib_search_path=$lt_[]_LT_AC_TAGVAR(compiler_lib_search_path, $1)
@ -4905,7 +4974,7 @@ EOF
echo "$progname: failed program was:" >&AS_MESSAGE_LOG_FD
cat conftest.$ac_ext >&5
fi
rm -f conftest* conftst*
rm -rf conftest* conftst*
# Do not use the global_symbol_pipe unless it works.
if test "$pipe_works" = yes; then
@ -4962,7 +5031,8 @@ AC_MSG_CHECKING([for $compiler option to produce PIC])
# built for inclusion in a dll (and should export symbols for example).
# Although the cygwin gcc ignores -fPIC, still need this for old-style
# (--disable-auto-import) libraries
_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT'
m4_if([$1], [GCJ], [],
[_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT'])
;;
darwin* | rhapsody*)
# PIC is the default on this platform
@ -4999,7 +5069,7 @@ AC_MSG_CHECKING([for $compiler option to produce PIC])
esac
else
case $host_os in
aix4* | aix5*)
aix[[4-9]]*)
# All AIX code is PIC.
if test "$host_cpu" = ia64; then
# AIX 5 now supports IA64 processor
@ -5095,7 +5165,7 @@ AC_MSG_CHECKING([for $compiler option to produce PIC])
_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
_LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-static'
;;
pgCC*)
pgCC* | pgcpp*)
# Portland Group C++ compiler.
_LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-fpic'
@ -5246,7 +5316,8 @@ AC_MSG_CHECKING([for $compiler option to produce PIC])
# built for inclusion in a dll (and should export symbols for example).
# Although the cygwin gcc ignores -fPIC, still need this for old-style
# (--disable-auto-import) libraries
_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT'
m4_if([$1], [GCJ], [],
[_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT'])
;;
darwin* | rhapsody*)
@ -5316,7 +5387,8 @@ AC_MSG_CHECKING([for $compiler option to produce PIC])
mingw* | cygwin* | pw32* | os2*)
# This hack is so that the source file can tell whether it is being
# built for inclusion in a dll (and should export symbols for example).
_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT'
m4_if([$1], [GCJ], [],
[_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT'])
;;
hpux9* | hpux10* | hpux11*)
@ -5453,7 +5525,7 @@ AC_MSG_RESULT([$_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)])
#
if test -n "$_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)"; then
AC_LIBTOOL_COMPILER_OPTION([if $compiler PIC flag $_LT_AC_TAGVAR(lt_prog_compiler_pic, $1) works],
_LT_AC_TAGVAR(lt_prog_compiler_pic_works, $1),
_LT_AC_TAGVAR(lt_cv_prog_compiler_pic_works, $1),
[$_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)ifelse([$1],[],[ -DPIC],[ifelse([$1],[CXX],[ -DPIC],[])])], [],
[case $_LT_AC_TAGVAR(lt_prog_compiler_pic, $1) in
"" | " "*) ;;
@ -5477,7 +5549,7 @@ esac
#
wl=$_LT_AC_TAGVAR(lt_prog_compiler_wl, $1) eval lt_tmp_static_flag=\"$_LT_AC_TAGVAR(lt_prog_compiler_static, $1)\"
AC_LIBTOOL_LINKER_OPTION([if $compiler static flag $lt_tmp_static_flag works],
_LT_AC_TAGVAR(lt_prog_compiler_static_works, $1),
_LT_AC_TAGVAR(lt_cv_prog_compiler_static_works, $1),
$lt_tmp_static_flag,
[],
[_LT_AC_TAGVAR(lt_prog_compiler_static, $1)=])
@ -5493,7 +5565,7 @@ AC_MSG_CHECKING([whether the $compiler linker ($LD) supports shared libraries])
ifelse([$1],[CXX],[
_LT_AC_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols'
case $host_os in
aix4* | aix5*)
aix[[4-9]]*)
# If we're using GNU nm, then we don't want the "-C" option.
# -C means demangle to AIX nm, but means don't demangle with GNU nm
if $NM -V 2>&1 | grep 'GNU' > /dev/null; then
@ -5512,6 +5584,7 @@ ifelse([$1],[CXX],[
_LT_AC_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols'
;;
esac
_LT_AC_TAGVAR(exclude_expsyms, $1)=['_GLOBAL_OFFSET_TABLE_|_GLOBAL__F[ID]_.*']
],[
runpath_var=
_LT_AC_TAGVAR(allow_undefined_flag, $1)=
@ -5542,12 +5615,14 @@ ifelse([$1],[CXX],[
# it will be wrapped by ` (' and `)$', so one must not match beginning or
# end of line. Example: `a|bc|.*d.*' will exclude the symbols `a' and `bc',
# as well as any symbol that contains `d'.
_LT_AC_TAGVAR(exclude_expsyms, $1)="_GLOBAL_OFFSET_TABLE_"
_LT_AC_TAGVAR(exclude_expsyms, $1)=['_GLOBAL_OFFSET_TABLE_|_GLOBAL__F[ID]_.*']
# Although _GLOBAL_OFFSET_TABLE_ is a valid symbol C name, most a.out
# platforms (ab)use it in PIC code, but their linkers get confused if
# the symbol is explicitly referenced. Since portable code cannot
# rely on this symbol name, it's probably fine to never include it in
# preloaded symbol tables.
# Exclude shared library initialization/finalization symbols.
dnl Note also adjust exclude_expsyms for C++ above.
extract_expsyms_cmds=
# Just being paranoid about ensuring that cc_basename is set.
_LT_CC_BASENAME([$compiler])
@ -5597,7 +5672,7 @@ ifelse([$1],[CXX],[
# See if GNU ld supports shared libraries.
case $host_os in
aix3* | aix4* | aix5*)
aix[[3-9]]*)
# On AIX/PPC, the GNU linker is very broken
if test "$host_cpu" != ia64; then
_LT_AC_TAGVAR(ld_shlibs, $1)=no
@ -5816,7 +5891,7 @@ _LT_EOF
fi
;;
aix4* | aix5*)
aix[[4-9]]*)
if test "$host_cpu" = ia64; then
# On IA64, the linker does run time linking by default, so we don't
# have to do anything special.
@ -5836,7 +5911,7 @@ _LT_EOF
# Test if we are trying to use run time linking or normal
# AIX style linking. If -brtl is somewhere in LDFLAGS, we
# need to do runtime linking.
case $host_os in aix4.[[23]]|aix4.[[23]].*|aix5*)
case $host_os in aix4.[[23]]|aix4.[[23]].*|aix[[5-9]]*)
for ld_flag in $LDFLAGS; do
if (test $ld_flag = "-brtl" || test $ld_flag = "-Wl,-brtl"); then
aix_use_runtimelinking=yes
@ -5996,11 +6071,10 @@ _LT_EOF
_LT_AC_TAGVAR(link_all_deplibs, $1)=yes
if test "$GCC" = yes ; then
output_verbose_link_cmd='echo'
_LT_AC_TAGVAR(archive_cmds, $1)='$CC -dynamiclib $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring'
_LT_AC_TAGVAR(module_cmds, $1)='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags'
# Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin lds
_LT_AC_TAGVAR(archive_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -dynamiclib $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}'
_LT_AC_TAGVAR(module_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}'
_LT_AC_TAGVAR(archive_cmds, $1)="\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod${_lt_dsymutil}"
_LT_AC_TAGVAR(module_cmds, $1)="\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dsymutil}"
_LT_AC_TAGVAR(archive_expsym_cmds, $1)="sed 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring ${_lt_dar_single_mod}${_lt_dar_export_syms}${_lt_dsymutil}"
_LT_AC_TAGVAR(module_expsym_cmds, $1)="sed -e 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dar_export_syms}${_lt_dsymutil}"
else
case $cc_basename in
xlc*)
@ -6581,7 +6655,7 @@ AC_SUBST([SED])
AC_MSG_RESULT([$SED])
])
# Copyright (C) 2002, 2003, 2005, 2006 Free Software Foundation, Inc.
# Copyright (C) 2002, 2003, 2005, 2006, 2007 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -6596,7 +6670,7 @@ AC_DEFUN([AM_AUTOMAKE_VERSION],
[am__api_version='1.10'
dnl Some users find AM_AUTOMAKE_VERSION and mistake it for a way to
dnl require some minimum version. Point them to the right macro.
m4_if([$1], [1.10], [],
m4_if([$1], [1.10.1], [],
[AC_FATAL([Do not call $0, use AM_INIT_AUTOMAKE([$1]).])])dnl
])
@ -6612,8 +6686,10 @@ m4_define([_AM_AUTOCONF_VERSION], [])
# Call AM_AUTOMAKE_VERSION and AM_AUTOMAKE_VERSION so they can be traced.
# This function is AC_REQUIREd by AC_INIT_AUTOMAKE.
AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION],
[AM_AUTOMAKE_VERSION([1.10])dnl
_AM_AUTOCONF_VERSION(m4_PACKAGE_VERSION)])
[AM_AUTOMAKE_VERSION([1.10.1])dnl
m4_ifndef([AC_AUTOCONF_VERSION],
[m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl
_AM_AUTOCONF_VERSION(AC_AUTOCONF_VERSION)])
# AM_AUX_DIR_EXPAND -*- Autoconf -*-
@ -6885,7 +6961,7 @@ AC_DEFUN([_AM_OUTPUT_DEPENDENCY_COMMANDS],
# each Makefile.in and add a new line on top of each file to say so.
# Grep'ing the whole file is not good either: AIX grep has a line
# limit of 2048, but all sed's we know have understand at least 4000.
if sed 10q "$mf" | grep '^#.*generated by automake' > /dev/null 2>&1; then
if sed -n 's,^#.*generated by automake.*,X,p' "$mf" | grep X >/dev/null 2>&1; then
dirpart=`AS_DIRNAME("$mf")`
else
continue
@ -6933,13 +7009,13 @@ AC_DEFUN([AM_OUTPUT_DEPENDENCY_COMMANDS],
# Do all the work for Automake. -*- Autoconf -*-
# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004,
# 2005, 2006 Free Software Foundation, Inc.
# 2005, 2006, 2008 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
# serial 12
# serial 13
# This macro actually does too much. Some checks are only needed if
# your package does certain things. But this isn't really a big deal.
@ -7044,16 +7120,17 @@ AC_PROVIDE_IFELSE([AC_PROG_OBJC],
# our stamp files there.
AC_DEFUN([_AC_AM_CONFIG_HEADER_HOOK],
[# Compute $1's index in $config_headers.
_am_arg=$1
_am_stamp_count=1
for _am_header in $config_headers :; do
case $_am_header in
$1 | $1:* )
$_am_arg | $_am_arg:* )
break ;;
* )
_am_stamp_count=`expr $_am_stamp_count + 1` ;;
esac
done
echo "timestamp for $1" >`AS_DIRNAME([$1])`/stamp-h[]$_am_stamp_count])
echo "timestamp for $_am_arg" >`AS_DIRNAME(["$_am_arg"])`/stamp-h[]$_am_stamp_count])
# Copyright (C) 2001, 2003, 2005 Free Software Foundation, Inc.
#
@ -7354,7 +7431,7 @@ AC_SUBST([INSTALL_STRIP_PROGRAM])])
# _AM_SUBST_NOTMAKE(VARIABLE)
# ---------------------------
# Prevent Automake from outputing VARIABLE = @VARIABLE@ in Makefile.in.
# Prevent Automake from outputting VARIABLE = @VARIABLE@ in Makefile.in.
# This macro is traced by Automake.
AC_DEFUN([_AM_SUBST_NOTMAKE])

View File

@ -1,8 +1,8 @@
# Makefile.in generated by automake 1.10 from Makefile.am.
# Makefile.in generated by automake 1.10.1 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@ -15,7 +15,7 @@
@SET_MAKE@
#
# $P4: //depot/projects/trustedbsd/openbsm/bin/Makefile.in#10 $
# $P4: //depot/projects/trustedbsd/openbsm/bin/Makefile.in#11 $
#
VPATH = @srcdir@
pkgdatadir = $(datadir)/@PACKAGE@
@ -82,6 +82,7 @@ CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DSYMUTIL = @DSYMUTIL@
ECHO = @ECHO@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
@ -106,6 +107,7 @@ MAINT = @MAINT@
MAKEINFO = @MAKEINFO@
MIG = @MIG@
MKDIR_P = @MKDIR_P@
NMEDIT = @NMEDIT@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
@ -169,6 +171,7 @@ sharedstatedir = @sharedstatedir@
srcdir = @srcdir@
sysconfdir = @sysconfdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
SUBDIRS = auditfilterd auditreduce praudit $(am__append_1)
@ -286,8 +289,8 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
mkid -fID $$unique
tags: TAGS
@ -312,8 +315,8 @@ TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonempty = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
test -n "$$unique" || unique=$$empty_fix; \
$(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
@ -323,13 +326,12 @@ ctags: CTAGS
CTAGS: ctags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
$(TAGS_FILES) $(LISP)
tags=; \
here=`pwd`; \
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonempty = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
test -z "$(CTAGS_ARGS)$$tags$$unique" \
|| $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
$$tags $$unique

View File

@ -1,8 +1,8 @@
# Makefile.in generated by automake 1.10 from Makefile.am.
# Makefile.in generated by automake 1.10.1 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@ -15,7 +15,7 @@
@SET_MAKE@
#
# $P4: //depot/projects/trustedbsd/openbsm/bin/audit/Makefile.in#11 $
# $P4: //depot/projects/trustedbsd/openbsm/bin/audit/Makefile.in#12 $
#
VPATH = @srcdir@
@ -55,7 +55,7 @@ am__audit_SOURCES_DIST = audit.c auditd_controlUser.c
@USE_MACH_IPC_TRUE@ audit.$(OBJEXT)
audit_OBJECTS = $(am_audit_OBJECTS)
audit_DEPENDENCIES = $(top_builddir)/libbsm/libbsm.la
DEFAULT_INCLUDES = -I. -I$(top_builddir)/config@am__isrc@
DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)/config
depcomp = $(SHELL) $(top_srcdir)/config/depcomp
am__depfiles_maybe = depfiles
COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
@ -94,6 +94,7 @@ CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DSYMUTIL = @DSYMUTIL@
ECHO = @ECHO@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
@ -118,6 +119,7 @@ MAINT = @MAINT@
MAKEINFO = @MAKEINFO@
MIG = @MIG@
MKDIR_P = @MKDIR_P@
NMEDIT = @NMEDIT@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
@ -181,6 +183,7 @@ sharedstatedir = @sharedstatedir@
srcdir = @srcdir@
sysconfdir = @sysconfdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
@USE_NATIVE_INCLUDES_FALSE@INCLUDES = -I$(top_builddir) -I$(top_srcdir) -I$(top_srcdir)/sys
@ -232,8 +235,8 @@ install-sbinPROGRAMS: $(sbin_PROGRAMS)
|| test -f $$p1 \
; then \
f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \
echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(sbindir)/$$f'"; \
$(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(sbindir)/$$f" || exit 1; \
echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(sbinPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(sbindir)/$$f'"; \
$(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(sbinPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(sbindir)/$$f" || exit 1; \
else :; fi; \
done
@ -341,8 +344,8 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
mkid -fID $$unique
tags: TAGS
@ -354,8 +357,8 @@ TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonempty = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
test -n "$$unique" || unique=$$empty_fix; \
$(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
@ -365,13 +368,12 @@ ctags: CTAGS
CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
$(TAGS_FILES) $(LISP)
tags=; \
here=`pwd`; \
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonempty = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
test -z "$(CTAGS_ARGS)$$tags$$unique" \
|| $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
$$tags $$unique

View File

@ -26,7 +26,7 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
* $P4: //depot/projects/trustedbsd/openbsm/bin/audit/audit.c#14 $
* $P4: //depot/projects/trustedbsd/openbsm/bin/audit/audit.c#15 $
*/
/*
* Program to trigger the audit daemon with a message that is either:
@ -54,7 +54,7 @@
#include <unistd.h>
static int send_trigger(unsigned int);
static int send_trigger(int);
#ifdef USE_MACH_IPC
#include <mach/mach.h>
@ -79,7 +79,7 @@ static int send_trigger(unsigned int);
#endif
static int
send_trigger(unsigned int trigger)
send_trigger(int trigger)
{
mach_port_t serverPort;
kern_return_t error;
@ -107,11 +107,11 @@ send_trigger(unsigned int trigger)
#else /* ! USE_MACH_IPC */
static int
send_trigger(unsigned int trigger)
send_trigger(int trigger)
{
int error;
error = auditon(A_SENDTRIGGER, &trigger, sizeof(trigger));
error = audit_send_trigger(&trigger);
if (error != 0) {
if (error == EPERM)
perror("audit requires root privileges");

View File

@ -1,8 +1,8 @@
# Makefile.in generated by automake 1.10 from Makefile.am.
# Makefile.in generated by automake 1.10.1 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@ -15,7 +15,7 @@
@SET_MAKE@
#
# $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/Makefile.in#10 $
# $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/Makefile.in#11 $
#
VPATH = @srcdir@
@ -60,7 +60,7 @@ am__auditd_SOURCES_DIST = audit_warn.c auditd.c auditd_fbsd.c \
auditd_OBJECTS = $(am_auditd_OBJECTS)
auditd_DEPENDENCIES = $(top_builddir)/libbsm/libbsm.la \
$(top_builddir)/libauditd/libauditd.la
DEFAULT_INCLUDES = -I. -I$(top_builddir)/config@am__isrc@
DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)/config
depcomp = $(SHELL) $(top_srcdir)/config/depcomp
am__depfiles_maybe = depfiles
COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
@ -99,6 +99,7 @@ CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DSYMUTIL = @DSYMUTIL@
ECHO = @ECHO@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
@ -123,6 +124,7 @@ MAINT = @MAINT@
MAKEINFO = @MAKEINFO@
MIG = @MIG@
MKDIR_P = @MKDIR_P@
NMEDIT = @NMEDIT@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
@ -186,6 +188,7 @@ sharedstatedir = @sharedstatedir@
srcdir = @srcdir@
sysconfdir = @sysconfdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
@USE_NATIVE_INCLUDES_FALSE@INCLUDES = -I$(top_builddir) -I$(top_srcdir) -I$(top_srcdir)/sys
@ -237,8 +240,8 @@ install-sbinPROGRAMS: $(sbin_PROGRAMS)
|| test -f $$p1 \
; then \
f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \
echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(sbindir)/$$f'"; \
$(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(sbindir)/$$f" || exit 1; \
echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(sbinPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(sbindir)/$$f'"; \
$(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(sbinPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(sbindir)/$$f" || exit 1; \
else :; fi; \
done
@ -350,8 +353,8 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
mkid -fID $$unique
tags: TAGS
@ -363,8 +366,8 @@ TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonempty = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
test -n "$$unique" || unique=$$empty_fix; \
$(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
@ -374,13 +377,12 @@ ctags: CTAGS
CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
$(TAGS_FILES) $(LISP)
tags=; \
here=`pwd`; \
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonempty = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
test -z "$(CTAGS_ARGS)$$tags$$unique" \
|| $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
$$tags $$unique

View File

@ -26,7 +26,7 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#43 $
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#46 $
*/
#include <sys/types.h>
@ -347,7 +347,7 @@ close_all(void)
int err_ret = 0;
char TS[TIMESTAMP_LEN];
int err;
long cond;
int cond;
time_t tt;
err = auditd_gen_record(AUE_audit_shutdown, NULL);
@ -357,7 +357,7 @@ close_all(void)
/* Flush contents. */
cond = AUC_DISABLED;
err_ret = auditon(A_SETCOND, &cond, sizeof(cond));
err_ret = audit_set_cond(&cond);
if (err_ret != 0) {
auditd_log_err("Disabling audit failed! : %s", strerror(errno));
err_ret = 1;
@ -537,9 +537,12 @@ auditd_handle_trigger(int trigger)
case AUDIT_TRIGGER_READ_FILE:
auditd_log_info("Got read file trigger");
if (au_state == AUD_STATE_ENABLED &&
auditd_config_controls() == -1)
if (au_state == AUD_STATE_ENABLED) {
if (auditd_config_controls() == -1)
auditd_log_err("Error setting audit controls");
else if (do_trail_file() == -1)
auditd_log_err("Error swapping audit file");
}
break;
case AUDIT_TRIGGER_CLOSE_AND_DIE:

View File

@ -1,5 +1,5 @@
/*-
* Copyright (c) 2004-2008 Apple Inc.
* Copyright (c) 2004-2009 Apple Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@ -26,7 +26,7 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd_darwin.c#3 $
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd_darwin.c#5 $
*/
#include <sys/types.h>
@ -178,9 +178,9 @@ auditd_log_debug(const char *fmt, ...)
static void
init_audit_state(void)
{
long au_cond;
int au_cond;
if (auditon(A_GETCOND, &au_cond, sizeof(long)) < 0) {
if (audit_get_cond(&au_cond) < 0) {
if (errno != ENOSYS) {
auditd_log_err("Audit status check failed (%s)",
strerror(errno));

View File

@ -1,5 +1,5 @@
/*-
* Copyright (c) 2004-2008 Apple Inc.
* Copyright (c) 2004-2009 Apple Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@ -26,7 +26,7 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd_fbsd.c#2 $
* $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd_fbsd.c#4 $
*/
#include <sys/types.h>
@ -133,9 +133,9 @@ auditd_log_debug(const char *fmt, ...)
static void
init_audit_state(void)
{
long au_cond;
int au_cond;
if (auditon(A_GETCOND, &au_cond, sizeof(long)) < 0) {
if (audit_get_cond(&au_cond) < 0) {
if (errno != ENOSYS) {
auditd_log_err("Audit status check failed (%s)",
strerror(errno));

View File

@ -1,8 +1,8 @@
# Makefile.in generated by automake 1.10 from Makefile.am.
# Makefile.in generated by automake 1.10.1 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@ -15,7 +15,7 @@
@SET_MAKE@
#
# $P4: //depot/projects/trustedbsd/openbsm/bin/auditfilterd/Makefile.in#7 $
# $P4: //depot/projects/trustedbsd/openbsm/bin/auditfilterd/Makefile.in#8 $
#
VPATH = @srcdir@
@ -53,7 +53,7 @@ am_auditfilterd_OBJECTS = auditfilterd_conf.$(OBJEXT) \
auditfilterd.$(OBJEXT)
auditfilterd_OBJECTS = $(am_auditfilterd_OBJECTS)
auditfilterd_DEPENDENCIES = $(top_builddir)/libbsm/libbsm.la
DEFAULT_INCLUDES = -I. -I$(top_builddir)/config@am__isrc@
DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)/config
depcomp = $(SHELL) $(top_srcdir)/config/depcomp
am__depfiles_maybe = depfiles
COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
@ -92,6 +92,7 @@ CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DSYMUTIL = @DSYMUTIL@
ECHO = @ECHO@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
@ -116,6 +117,7 @@ MAINT = @MAINT@
MAKEINFO = @MAKEINFO@
MIG = @MIG@
MKDIR_P = @MKDIR_P@
NMEDIT = @NMEDIT@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
@ -179,6 +181,7 @@ sharedstatedir = @sharedstatedir@
srcdir = @srcdir@
sysconfdir = @sysconfdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
@USE_NATIVE_INCLUDES_FALSE@INCLUDES = -I$(top_builddir) -I$(top_srcdir) -I$(top_srcdir)/sys
@ -228,8 +231,8 @@ install-sbinPROGRAMS: $(sbin_PROGRAMS)
|| test -f $$p1 \
; then \
f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \
echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(sbindir)/$$f'"; \
$(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(sbindir)/$$f" || exit 1; \
echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(sbinPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(sbindir)/$$f'"; \
$(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(sbinPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(sbindir)/$$f" || exit 1; \
else :; fi; \
done
@ -337,8 +340,8 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
mkid -fID $$unique
tags: TAGS
@ -350,8 +353,8 @@ TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonempty = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
test -n "$$unique" || unique=$$empty_fix; \
$(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
@ -361,13 +364,12 @@ ctags: CTAGS
CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
$(TAGS_FILES) $(LISP)
tags=; \
here=`pwd`; \
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonempty = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
test -z "$(CTAGS_ARGS)$$tags$$unique" \
|| $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
$$tags $$unique

View File

@ -23,7 +23,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $P4: //depot/projects/trustedbsd/openbsm/bin/auditfilterd/auditfilterd.8#4 $
.\" $P4: //depot/projects/trustedbsd/openbsm/bin/auditfilterd/auditfilterd.8#6 $
.\"
.Dd October 3, 2006
.Dt AUDITFILTERD 8
@ -42,9 +42,7 @@ The
.Nm
daemon is an extensible audit event monitoring daemon, allowing pluggable
modules to track audit events from a live audit source.
It is configured using the
.Xr audit_filter 5
configuration file.
It is configured using the audit_filter configuration file.
The source can either be a pipe or a file.
.Pp
The options are as follows:
@ -82,3 +80,7 @@ The
.Nm
daemon and audit filter APIs were created by
.An Robert Watson .
.Sh BUGS
.Nm
is experimental, and should not be relied on in production.
APIs and services it offers can and will change in future OpenBSM releases.

View File

@ -1,8 +1,8 @@
# Makefile.in generated by automake 1.10 from Makefile.am.
# Makefile.in generated by automake 1.10.1 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@ -15,7 +15,7 @@
@SET_MAKE@
#
# $P4: //depot/projects/trustedbsd/openbsm/bin/auditreduce/Makefile.in#9 $
# $P4: //depot/projects/trustedbsd/openbsm/bin/auditreduce/Makefile.in#10 $
#
VPATH = @srcdir@
@ -52,7 +52,7 @@ PROGRAMS = $(sbin_PROGRAMS)
am_auditreduce_OBJECTS = auditreduce.$(OBJEXT)
auditreduce_OBJECTS = $(am_auditreduce_OBJECTS)
auditreduce_DEPENDENCIES = $(top_builddir)/libbsm/libbsm.la
DEFAULT_INCLUDES = -I. -I$(top_builddir)/config@am__isrc@
DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)/config
depcomp = $(SHELL) $(top_srcdir)/config/depcomp
am__depfiles_maybe = depfiles
COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
@ -91,6 +91,7 @@ CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DSYMUTIL = @DSYMUTIL@
ECHO = @ECHO@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
@ -115,6 +116,7 @@ MAINT = @MAINT@
MAKEINFO = @MAKEINFO@
MIG = @MIG@
MKDIR_P = @MKDIR_P@
NMEDIT = @NMEDIT@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
@ -178,6 +180,7 @@ sharedstatedir = @sharedstatedir@
srcdir = @srcdir@
sysconfdir = @sysconfdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
@USE_NATIVE_INCLUDES_FALSE@INCLUDES = -I$(top_builddir) -I$(top_srcdir) -I$(top_srcdir)/sys
@ -227,8 +230,8 @@ install-sbinPROGRAMS: $(sbin_PROGRAMS)
|| test -f $$p1 \
; then \
f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \
echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(sbindir)/$$f'"; \
$(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(sbindir)/$$f" || exit 1; \
echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(sbinPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(sbindir)/$$f'"; \
$(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(sbinPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(sbindir)/$$f" || exit 1; \
else :; fi; \
done
@ -335,8 +338,8 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
mkid -fID $$unique
tags: TAGS
@ -348,8 +351,8 @@ TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonempty = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
test -n "$$unique" || unique=$$empty_fix; \
$(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
@ -359,13 +362,12 @@ ctags: CTAGS
CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
$(TAGS_FILES) $(LISP)
tags=; \
here=`pwd`; \
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonempty = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
test -z "$(CTAGS_ARGS)$$tags$$unique" \
|| $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
$$tags $$unique

View File

@ -1,8 +1,8 @@
# Makefile.in generated by automake 1.10 from Makefile.am.
# Makefile.in generated by automake 1.10.1 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@ -15,7 +15,7 @@
@SET_MAKE@
#
# $P4: //depot/projects/trustedbsd/openbsm/bin/praudit/Makefile.in#9 $
# $P4: //depot/projects/trustedbsd/openbsm/bin/praudit/Makefile.in#10 $
#
VPATH = @srcdir@
@ -52,7 +52,7 @@ PROGRAMS = $(sbin_PROGRAMS)
am_praudit_OBJECTS = praudit.$(OBJEXT)
praudit_OBJECTS = $(am_praudit_OBJECTS)
praudit_DEPENDENCIES = $(top_builddir)/libbsm/libbsm.la
DEFAULT_INCLUDES = -I. -I$(top_builddir)/config@am__isrc@
DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)/config
depcomp = $(SHELL) $(top_srcdir)/config/depcomp
am__depfiles_maybe = depfiles
COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
@ -91,6 +91,7 @@ CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DSYMUTIL = @DSYMUTIL@
ECHO = @ECHO@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
@ -115,6 +116,7 @@ MAINT = @MAINT@
MAKEINFO = @MAKEINFO@
MIG = @MIG@
MKDIR_P = @MKDIR_P@
NMEDIT = @NMEDIT@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
@ -178,6 +180,7 @@ sharedstatedir = @sharedstatedir@
srcdir = @srcdir@
sysconfdir = @sysconfdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
@USE_NATIVE_INCLUDES_FALSE@INCLUDES = -I$(top_builddir) -I$(top_srcdir) -I$(top_srcdir)/sys
@ -227,8 +230,8 @@ install-sbinPROGRAMS: $(sbin_PROGRAMS)
|| test -f $$p1 \
; then \
f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \
echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(sbindir)/$$f'"; \
$(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(sbindir)/$$f" || exit 1; \
echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(sbinPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(sbindir)/$$f'"; \
$(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(sbinPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(sbindir)/$$f" || exit 1; \
else :; fi; \
done
@ -335,8 +338,8 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
mkid -fID $$unique
tags: TAGS
@ -348,8 +351,8 @@ TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonempty = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
test -n "$$unique" || unique=$$empty_fix; \
$(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
@ -359,13 +362,12 @@ ctags: CTAGS
CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
$(TAGS_FILES) $(LISP)
tags=; \
here=`pwd`; \
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonempty = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
test -z "$(CTAGS_ARGS)$$tags$$unique" \
|| $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
$$tags $$unique

View File

@ -1,8 +1,8 @@
# Makefile.in generated by automake 1.10 from Makefile.am.
# Makefile.in generated by automake 1.10.1 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@ -15,7 +15,7 @@
@SET_MAKE@
#
# $P4: //depot/projects/trustedbsd/openbsm/bsm/Makefile.in#9 $
# $P4: //depot/projects/trustedbsd/openbsm/bsm/Makefile.in#10 $
#
VPATH = @srcdir@
@ -79,6 +79,7 @@ CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DSYMUTIL = @DSYMUTIL@
ECHO = @ECHO@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
@ -103,6 +104,7 @@ MAINT = @MAINT@
MAKEINFO = @MAKEINFO@
MIG = @MIG@
MKDIR_P = @MKDIR_P@
NMEDIT = @NMEDIT@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
@ -166,6 +168,7 @@ sharedstatedir = @sharedstatedir@
srcdir = @srcdir@
sysconfdir = @sysconfdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
openbsmdir = $(includedir)/bsm
@ -236,8 +239,8 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
mkid -fID $$unique
tags: TAGS
@ -249,8 +252,8 @@ TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonempty = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
test -n "$$unique" || unique=$$empty_fix; \
$(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
@ -260,13 +263,12 @@ ctags: CTAGS
CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
$(TAGS_FILES) $(LISP)
tags=; \
here=`pwd`; \
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonempty = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
test -z "$(CTAGS_ARGS)$$tags$$unique" \
|| $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
$$tags $$unique

View File

@ -26,7 +26,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
* $P4: //depot/projects/trustedbsd/openbsm/bsm/audit_uevents.h#10 $
* $P4: //depot/projects/trustedbsd/openbsm/bsm/audit_uevents.h#11 $
*/
#ifndef _BSM_AUDIT_UEVENTS_H_
@ -138,5 +138,6 @@
#define AUE_calife 45027 /* OpenBSM-allocated. */
#define AUE_sudo 45028 /* OpenBSM-allocated. */
#define AUE_audit_recovery 45029 /* OpenBSM-allocated. */
#define AUE_ssauthmech 45030 /* Darwin-specific. */
#endif /* !_BSM_AUDIT_UEVENTS_H_ */

View File

@ -26,7 +26,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
* $P4: //depot/projects/trustedbsd/openbsm/bsm/libbsm.h#42 $
* $P4: //depot/projects/trustedbsd/openbsm/bsm/libbsm.h#45 $
*/
#ifndef _LIBBSM_H_
@ -562,6 +562,12 @@ typedef struct {
* local port 2 bytes
* socket address 4 bytes/16 bytes (IPv4/IPv6 address)
*/
typedef struct {
u_int16_t family;
u_int16_t port;
u_int32_t addr[4];
} au_socketinet_ex32_t;
typedef struct {
u_int16_t family;
u_int16_t port;
@ -722,7 +728,7 @@ struct tokenstr {
au_seq_t seq;
au_socket_t socket;
au_socket_ex32_t socket_ex32;
au_socketinet32_t sockinet32;
au_socketinet_ex32_t sockinet_ex32;
au_socketunix_t sockunix;
au_subject32_t subj32;
au_subject32ex_t subj32_ex;
@ -773,8 +779,8 @@ int getauditflagschar(char *auditstr, au_mask_t *masks,
int verbose);
int au_preselect(au_event_t event, au_mask_t *mask_p,
int sorf, int flag);
ssize_t au_poltostr(long policy, size_t maxsize, char *buf);
int au_strtopol(const char *polstr, long *policy);
ssize_t au_poltostr(int policy, size_t maxsize, char *buf);
int au_strtopol(const char *polstr, int *policy);
/*
* Functions relating to querying audit event information.
@ -831,10 +837,12 @@ void au_print_xml_footer(FILE *outfp);
*/
int au_bsm_to_domain(u_short bsm_domain, int *local_domainp);
int au_bsm_to_errno(u_char bsm_error, int *errorp);
int au_bsm_to_fcntl_cmd(u_short bsm_fcntl_cmd, int *local_fcntl_cmdp);
int au_bsm_to_socket_type(u_short bsm_socket_type,
int *local_socket_typep);
u_short au_domain_to_bsm(int local_domain);
u_char au_errno_to_bsm(int local_errno);
u_short au_fcntl_cmd_to_bsm(int local_fcntl_command);
u_short au_socket_type_to_bsm(int local_socket_type);
const char *au_strerror(u_char bsm_error);
@ -1262,6 +1270,33 @@ void audit_token_to_au32(
au_tid_t *tidp);
#endif /* !__APPLE__ */
/*
* Wrapper functions to auditon(2).
*/
int audit_get_car(char *path, size_t sz);
int audit_get_class(au_evclass_map_t *evc_map, size_t sz);
int audit_set_class(au_evclass_map_t *evc_map, size_t sz);
int audit_get_cond(int *cond);
int audit_set_cond(int *cond);
int audit_get_cwd(char *path, size_t sz);
int audit_get_fsize(au_fstat_t *fstat, size_t sz);
int audit_set_fsize(au_fstat_t *fstat, size_t sz);
int audit_get_kmask(au_mask_t *kmask, size_t sz);
int audit_set_kmask(au_mask_t *kmask, size_t sz);
int audit_get_kaudit(auditinfo_addr_t *aia, size_t sz);
int audit_set_kaudit(auditinfo_addr_t *aia, size_t sz);
int audit_set_pmask(auditpinfo_t *api, size_t sz);
int audit_get_pinfo(auditpinfo_t *api, size_t sz);
int audit_get_pinfo_addr(auditpinfo_addr_t *apia, size_t sz);
int audit_get_policy(int *policy);
int audit_set_policy(int *policy);
int audit_get_qctrl(au_qctrl_t *qctrl, size_t sz);
int audit_set_qctrl(au_qctrl_t *qctrl, size_t sz);
int audit_get_sinfo_addr(auditinfo_addr_t *aia, size_t sz);
int audit_get_stat(au_stat_t *stats, size_t sz);
int audit_set_stat(au_stat_t *stats, size_t sz);
int audit_send_trigger(int *trigger);
__END_DECLS
#endif /* !_LIBBSM_H_ */

View File

@ -192,6 +192,9 @@
/* Version number of package */
#undef VERSION
/* Use extended API on platforms that require it */
#undef _GNU_SOURCE
/* Define to empty if `const' does not conform to ANSI C. */
#undef const

View File

@ -2,7 +2,7 @@
# NOTE: Changing this file will not affect anything until you rerun configure.
#
# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005, 2006,
# 2007 Free Software Foundation, Inc.
# 2007, 2008 Free Software Foundation, Inc.
# Originally by Gordon Matzigkeit <gord@gnu.ai.mit.edu>, 1996
#
# This program is free software; you can redistribute it and/or modify
@ -43,8 +43,8 @@ EXIT_FAILURE=1
PROGRAM=ltmain.sh
PACKAGE=libtool
VERSION=1.5.24
TIMESTAMP=" (1.1220.2.455 2007/06/24 02:13:29)"
VERSION=1.5.26
TIMESTAMP=" (1.1220.2.492 2008/01/30 06:40:56)"
# Be Bourne compatible (taken from Autoconf:_AS_BOURNE_COMPATIBLE).
if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then
@ -113,15 +113,21 @@ esac
# These must not be set unconditionally because not all systems understand
# e.g. LANG=C (notably SCO).
# We save the old values to restore during execute mode.
for lt_var in LANG LC_ALL LC_CTYPE LC_COLLATE LC_MESSAGES
lt_env=
for lt_var in LANG LANGUAGE LC_ALL LC_CTYPE LC_COLLATE LC_MESSAGES
do
eval "if test \"\${$lt_var+set}\" = set; then
save_$lt_var=\$$lt_var
lt_env=\"$lt_var=\$$lt_var \$lt_env\"
$lt_var=C
export $lt_var
fi"
done
if test -n "$lt_env"; then
lt_env="env $lt_env"
fi
# Make sure IFS has a sensible default
lt_nl='
'
@ -514,7 +520,7 @@ do
echo "\
$PROGRAM (GNU $PACKAGE) $VERSION$TIMESTAMP
Copyright (C) 2007 Free Software Foundation, Inc.
Copyright (C) 2008 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
exit $?
@ -817,6 +823,7 @@ if test -z "$show_help"; then
*.for) xform=for ;;
*.java) xform=java ;;
*.obj) xform=obj ;;
*.sx) xform=sx ;;
esac
libobj=`$echo "X$libobj" | $Xsed -e "s/\.$xform$/.lo/"`
@ -985,7 +992,7 @@ EOF
$run $rm "$lobj" "$output_obj"
$show "$command"
if $run eval "$command"; then :
if $run eval $lt_env "$command"; then :
else
test -n "$output_obj" && $run $rm $removelist
exit $EXIT_FAILURE
@ -1057,7 +1064,7 @@ EOF
command="$command$suppress_output"
$run $rm "$obj" "$output_obj"
$show "$command"
if $run eval "$command"; then :
if $run eval $lt_env "$command"; then :
else
$run $rm $removelist
exit $EXIT_FAILURE
@ -1190,6 +1197,7 @@ EOF
thread_safe=no
vinfo=
vinfo_number=no
single_module="${wl}-single_module"
func_infer_tag $base_compile
@ -1676,6 +1684,11 @@ EOF
continue
;;
-multi_module)
single_module="${wl}-multi_module"
continue
;;
-module)
module=yes
continue
@ -2202,7 +2215,12 @@ EOF
continue
fi
name=`$echo "X$deplib" | $Xsed -e 's/^-l//'`
for searchdir in $newlib_search_path $lib_search_path $sys_lib_search_path $shlib_search_path; do
if test "$linkmode" = lib; then
searchdirs="$newlib_search_path $lib_search_path $compiler_lib_search_dirs $sys_lib_search_path $shlib_search_path"
else
searchdirs="$newlib_search_path $lib_search_path $sys_lib_search_path $shlib_search_path"
fi
for searchdir in $searchdirs; do
for search_ext in .la $std_shrext .so .a; do
# Search the libtool library
lib="$searchdir/lib${name}${search_ext}"
@ -2998,12 +3016,18 @@ EOF
# we do not want to link against static libs,
# but need to link against shared
eval deplibrary_names=`${SED} -n -e 's/^library_names=\(.*\)$/\1/p' $deplib`
eval deplibdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $deplib`
if test -n "$deplibrary_names" ; then
for tmp in $deplibrary_names ; do
depdepl=$tmp
done
if test -f "$path/$depdepl" ; then
if test -f "$deplibdir/$depdepl" ; then
depdepl="$deplibdir/$depdepl"
elif test -f "$path/$depdepl" ; then
depdepl="$path/$depdepl"
else
# Can't find it, oh well...
depdepl=
fi
# do not add paths which are already there
case " $newlib_search_path " in
@ -3151,9 +3175,10 @@ EOF
case $linkmode in
oldlib)
if test -n "$deplibs"; then
$echo "$modename: warning: \`-l' and \`-L' are ignored for archives" 1>&2
fi
case " $deplibs" in
*\ -l* | *\ -L*)
$echo "$modename: warning: \`-l' and \`-L' are ignored for archives" 1>&2 ;;
esac
if test -n "$dlfiles$dlprefiles" || test "$dlself" != no; then
$echo "$modename: warning: \`-dlopen' is ignored for archives" 1>&2
@ -4290,9 +4315,10 @@ EOF
;;
obj)
if test -n "$deplibs"; then
$echo "$modename: warning: \`-l' and \`-L' are ignored for objects" 1>&2
fi
case " $deplibs" in
*\ -l* | *\ -L*)
$echo "$modename: warning: \`-l' and \`-L' are ignored for objects" 1>&2 ;;
esac
if test -n "$dlfiles$dlprefiles" || test "$dlself" != no; then
$echo "$modename: warning: \`-dlopen' is ignored for objects" 1>&2
@ -6534,7 +6560,7 @@ relink_command=\"$relink_command\""
fi
# Restore saved environment variables
for lt_var in LANG LC_ALL LC_CTYPE LC_COLLATE LC_MESSAGES
for lt_var in LANG LANGUAGE LC_ALL LC_CTYPE LC_COLLATE LC_MESSAGES
do
eval "if test \"\${save_$lt_var+set}\" = set; then
$lt_var=\$save_$lt_var; export $lt_var

File diff suppressed because it is too large Load Diff

View File

@ -2,8 +2,8 @@
# Process this file with autoconf to produce a configure script.
AC_PREREQ(2.59)
AC_INIT([OpenBSM], [1.1beta1], [trustedbsd-audit@TrustesdBSD.org],[openbsm])
AC_REVISION([$P4: //depot/projects/trustedbsd/openbsm/configure.ac#50 $])
AC_INIT([OpenBSM], [1.1], [trustedbsd-audit@TrustesdBSD.org],[openbsm])
AC_REVISION([$P4: //depot/projects/trustedbsd/openbsm/configure.ac#52 $])
AC_CONFIG_SRCDIR([bin/auditreduce/auditreduce.c])
AC_CONFIG_AUX_DIR(config)
AC_CONFIG_HEADER([config/config.h])
@ -37,6 +37,8 @@ AC_HEADER_STDC
AC_HEADER_SYS_WAIT
AC_CHECK_HEADERS([endian.h mach/mach.h machine/endian.h sys/endian.h stdint.h])
AC_DEFINE([_GNU_SOURCE],,[Use extended API on platforms that require it])
# Checks for typedefs, structures, and compiler characteristics.
AC_C_CONST
AC_TYPE_UID_T

View File

@ -1,5 +1,5 @@
#
# $P4: //depot/projects/trustedbsd/openbsm/etc/audit_class#5 $
# $P4: //depot/projects/trustedbsd/openbsm/etc/audit_class#6 $
# $FreeBSD$
#
0x00000000:no:invalid class
@ -16,6 +16,7 @@
0x00000400:na:non attributable
0x00000800:ad:administrative
0x00001000:lo:login_logout
0x00002000:aa:authentication and authorization
0x00004000:ap:application
0x20000000:io:ioctl
0x40000000:ex:exec

View File

@ -1,10 +1,11 @@
#
# $P4: //depot/projects/trustedbsd/openbsm/etc/audit_control#6 $
# $P4: //depot/projects/trustedbsd/openbsm/etc/audit_control#8 $
# $FreeBSD$
#
dir:/var/audit
flags:lo
flags:lo,aa
minfree:5
naflags:lo
naflags:lo,aa
policy:cnt,argv
filesz:2097152
filesz:2M
expire-after:10M

View File

@ -1,5 +1,5 @@
#
# $P4: //depot/projects/trustedbsd/openbsm/etc/audit_event#36 $
# $P4: //depot/projects/trustedbsd/openbsm/etc/audit_event#39 $
# $FreeBSD$
#
# The mapping between event identifiers and values is also hard-coded in
@ -320,8 +320,8 @@
321:AUE_DARWIN_NFSSVC:nfssvc(2):ad
322:AUE_DARWIN_GETFH:getfh(2):fa
323:AUE_DARWIN_QUOTACTL:quotactl(2):ad
324:AUE_DARWIN_ADDPROFILE:system call:pc
325:AUE_DARWIN_KDEBUGTRACE:system call:pc
324:AUE_DARWIN_ADDPROFILE:add_profil():pc
325:AUE_DARWIN_KDEBUGTRACE:kdebug_trace():pc
326:AUE_DARWIN_FSTAT:fstat(2):fa
327:AUE_DARWIN_FPATHCONF:fpathconf(2):fa
328:AUE_DARWIN_GETDIRENTRIES:getdirentries(2):no
@ -376,8 +376,8 @@
43013:AUE_FUTIMES:futimes(2):fm
43014:AUE_SETSID:setsid(2):pc
43015:AUE_SETPRIVEXEC:setprivexec(2):pc
43016:AUE_ADDPROFILE:system call:pc
43017:AUE_KDEBUGTRACE:system call:pc
43016:AUE_ADDPROFILE:add_profil():pc
43017:AUE_KDEBUGTRACE:kdebug_trace():pc
43018:AUE_OPENBSM_FSTAT:fstat(2):fa
43019:AUE_FPATHCONF:fpathconf(2):fa
43020:AUE_GETDIRENTRIES:getdirentries(2):no
@ -554,6 +554,8 @@
43191:AUE_FSGETPATH:fsgetpath(2):ot
43192:AUE_PREAD:pread(2):no
43193:AUE_PWRITE:pwrite(2):no
43194:AUE_FSCTL:fsctl():fm
43195:AUE_FFSCTL:ffsctl():fm
#
# Solaris userspace events.
#
@ -627,10 +629,10 @@
6521:AUE_DARWIN_revoke_obj:revoke object priv:fm
6600:AUE_DARWIN_lw_login:loginwindow login:lo
6601:AUE_DARWIN_lw_logout:loginwindow logout:lo
7000:AUE_DARWIN_auth_user:user authentication:ad
7001:AUE_DARWIN_ssconn:SecSrvr connection setup:ad
7002:AUE_DARWIN_ssauthorize:SecSrvr AuthEngine:ad
7003:AUE_DARWIN_ssauthint:SecSrvr authinternal mech:ad
7000:AUE_DARWIN_auth_user:user authentication:aa
7001:AUE_DARWIN_ssconn:SecSrvr connection setup:aa
7002:AUE_DARWIN_ssauthorize:SecSrvr AuthEngine:aa
7003:AUE_DARWIN_ssauthint:SecSrvr authinternal mech:aa
#
# Historic/third-party application allocations of event identifiers.
#
@ -649,10 +651,11 @@
45020:AUE_revoke_obj:revoke object priv:fm
45021:AUE_lw_login:loginwindow login:lo
45022:AUE_lw_logout:loginwindow logout:lo
45023:AUE_auth_user:user authentication:ad
45024:AUE_ssconn:SecSrvr connection setup:ad
45025:AUE_ssauthorize:SecSrvr AuthEngine:ad
45026:AUE_ssauthint:SecSrvr authinternal mech:ad
45023:AUE_auth_user:user authentication:aa
45024:AUE_ssconn:SecSrvr connection setup:aa
45025:AUE_ssauthorize:SecSrvr AuthEngine:aa
45026:AUE_ssauthint:SecSrvr authinternal mech:aa
45027:AUE_calife:Calife:ad
45028:AUE_sudo:sudo(1):ad
45028:AUE_sudo:sudo(1):aa
45029:AUE_audit_recovery:audit crash recovery:ad
45030:AUE_ssauthmech:SecSrvr AuthMechanism:aa

View File

@ -1,8 +1,8 @@
# Makefile.in generated by automake 1.10 from Makefile.am.
# Makefile.in generated by automake 1.10.1 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@ -15,7 +15,7 @@
@SET_MAKE@
#
# $P4: //depot/projects/trustedbsd/openbsm/libauditd/Makefile.in#2 $
# $P4: //depot/projects/trustedbsd/openbsm/libauditd/Makefile.in#3 $
#
VPATH = @srcdir@
@ -57,7 +57,7 @@ LTLIBRARIES = $(lib_LTLIBRARIES)
libauditd_la_LIBADD =
am_libauditd_la_OBJECTS = auditd_lib.lo
libauditd_la_OBJECTS = $(am_libauditd_la_OBJECTS)
DEFAULT_INCLUDES = -I. -I$(top_builddir)/config@am__isrc@
DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)/config
depcomp = $(SHELL) $(top_srcdir)/config/depcomp
am__depfiles_maybe = depfiles
COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
@ -96,6 +96,7 @@ CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DSYMUTIL = @DSYMUTIL@
ECHO = @ECHO@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
@ -120,6 +121,7 @@ MAINT = @MAINT@
MAKEINFO = @MAKEINFO@
MIG = @MIG@
MKDIR_P = @MKDIR_P@
NMEDIT = @NMEDIT@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
@ -183,6 +185,7 @@ sharedstatedir = @sharedstatedir@
srcdir = @srcdir@
sysconfdir = @sysconfdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
@USE_NATIVE_INCLUDES_FALSE@INCLUDES = -I$(top_builddir) -I$(top_srcdir) -I$(top_srcdir)/sys
@ -233,8 +236,8 @@ install-libLTLIBRARIES: $(lib_LTLIBRARIES)
@list='$(lib_LTLIBRARIES)'; for p in $$list; do \
if test -f $$p; then \
f=$(am__strip_dir) \
echo " $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \
$(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \
echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \
$(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \
else :; fi; \
done
@ -242,8 +245,8 @@ uninstall-libLTLIBRARIES:
@$(NORMAL_UNINSTALL)
@list='$(lib_LTLIBRARIES)'; for p in $$list; do \
p=$(am__strip_dir) \
echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \
$(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \
echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \
$(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \
done
clean-libLTLIBRARIES:
@ -342,8 +345,8 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
mkid -fID $$unique
tags: TAGS
@ -355,8 +358,8 @@ TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonempty = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
test -n "$$unique" || unique=$$empty_fix; \
$(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
@ -366,13 +369,12 @@ ctags: CTAGS
CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
$(TAGS_FILES) $(LISP)
tags=; \
here=`pwd`; \
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonempty = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
test -z "$(CTAGS_ARGS)$$tags$$unique" \
|| $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
$$tags $$unique

View File

@ -26,7 +26,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
* $P4: //depot/projects/trustedbsd/openbsm/libauditd/auditd_lib.c#7 $
* $P4: //depot/projects/trustedbsd/openbsm/libauditd/auditd_lib.c#10 $
*/
#include <sys/param.h>
@ -34,13 +34,13 @@
#include <config/config.h>
#include <sys/dirent.h>
#include <sys/mount.h>
#include <sys/socket.h>
#ifdef HAVE_FULL_QUEUE_H
#include <sys/queue.h>
#else /* !HAVE_FULL_QUEUE_H */
#include <compat/queue.h>
#endif /* !HAVE_FULL_QUEUE_H */
#include <sys/mount.h>
#include <sys/socket.h>
#include <sys/stat.h>
#include <sys/time.h>
@ -247,7 +247,7 @@ auditd_set_host(void)
*/
bzero(&aia, sizeof(aia));
aia.ai_termid.at_type = AU_IPv4;
error = auditon(A_SETKAUDIT, &aia, sizeof(aia));
error = audit_set_kaudit(&aia, sizeof(aia));
if (error < 0 && errno != ENOSYS)
ret = ADE_AUDITON;
return (ret);
@ -277,7 +277,7 @@ auditd_set_host(void)
return (ADE_ADDRFAM);
}
if (auditon(A_SETKAUDIT, &aia, sizeof(aia)) < 0)
if (audit_set_kaudit(&aia, sizeof(aia)) < 0)
ret = ADE_AUDITON;
return (ret);
@ -298,12 +298,12 @@ auditd_set_minfree(void)
if (getacmin(&auditd_minval) != 0)
return (ADE_PARSE);
if (auditon(A_GETQCTRL, &qctrl, sizeof(qctrl)) != 0)
if (audit_get_qctrl(&qctrl, sizeof(qctrl)) != 0)
return (ADE_AUDITON);
if (qctrl.aq_minfree != auditd_minval) {
qctrl.aq_minfree = auditd_minval;
if (auditon(A_SETQCTRL, &qctrl, sizeof(qctrl)) != 0)
if (audit_set_qctrl(&qctrl, sizeof(qctrl)) != 0)
return (ADE_AUDITON);
}
@ -687,8 +687,7 @@ auditd_set_evcmap(void)
while ((evp = getauevent_r(evp)) != NULL) {
evc_map.ec_number = evp->ae_number;
evc_map.ec_class = evp->ae_class;
if (auditon(A_SETCLASS, &evc_map, sizeof(au_evclass_map_t))
== 0)
if (audit_set_class(&evc_map, sizeof(evc_map)) == 0)
ctr++;
}
endauevent();
@ -714,7 +713,7 @@ auditd_set_namask(void)
(getauditflagsbin(naeventstr, &aumask) != 0))
return (ADE_PARSE);
if (auditon(A_SETKMASK, &aumask, sizeof(au_mask_t)))
if (audit_set_kmask(&aumask, sizeof(aumask)) != 0)
return (ADE_AUDITON);
return (ADE_NOERR);
@ -732,18 +731,18 @@ auditd_set_namask(void)
int
auditd_set_policy(void)
{
long policy;
int policy;
char polstr[POL_STR_SIZE];
if ((getacpol(polstr, POL_STR_SIZE) != 0) ||
(au_strtopol(polstr, &policy) != 0)) {
policy = AUDIT_CNT;
if (auditon(A_SETPOLICY, &policy, sizeof(policy)))
if (audit_set_policy(&policy) != 0)
return (ADE_AUDITON);
return (ADE_PARSE);
}
if (auditon(A_SETPOLICY, &policy, sizeof(policy)))
if (audit_set_policy(&policy) != 0)
return (ADE_AUDITON);
return (ADE_NOERR);
@ -769,7 +768,7 @@ auditd_set_fsize(void)
bzero(&au_fstat, sizeof(au_fstat));
au_fstat.af_filesz = filesz;
if (auditon(A_SETFSIZE, &au_fstat, sizeof(au_fstat)) < 0)
if (audit_set_fsize(&au_fstat, sizeof(au_fstat)) != 0)
return (ADE_AUDITON);
return (ADE_NOERR);
@ -1124,7 +1123,7 @@ int
audit_quick_stop(void)
{
int len;
long cond;
int cond;
char *ptr;
time_t tt;
char oldname[MAXPATHLEN];
@ -1134,7 +1133,7 @@ audit_quick_stop(void)
/*
* Auditing already disabled?
*/
if (auditon(A_GETCOND, &cond, sizeof(cond)) < 0)
if (audit_get_cond(&cond) != 0)
return (-1);
if (cond == AUC_NOAUDIT)
return (0);
@ -1148,7 +1147,7 @@ audit_quick_stop(void)
* Shutdown auditing in the kernel.
*/
cond = AUC_DISABLED;
if (auditon(A_SETCOND, &cond, sizeof(cond)) != 0)
if (audit_set_cond(&cond) != 0)
return (-1);
#ifdef __BSM_INTERNAL_NOTIFY_KEY
notify_post(__BSM_INTERNAL_NOTIFY_KEY);

View File

@ -1,5 +1,5 @@
#
# $P4: //depot/projects/trustedbsd/openbsm/libbsm/Makefile.am#8 $
# $P4: //depot/projects/trustedbsd/openbsm/libbsm/Makefile.am#9 $
#
if USE_NATIVE_INCLUDES
@ -17,6 +17,7 @@ libbsm_la_SOURCES = \
bsm_domain.c \
bsm_errno.c \
bsm_event.c \
bsm_fcntl.c \
bsm_flags.c \
bsm_io.c \
bsm_mask.c \
@ -36,6 +37,7 @@ man3_MANS = \
au_domain.3 \
au_errno.3 \
au_event.3 \
au_fcntl_cmd.3 \
au_free_token.3 \
au_io.3 \
au_mask.3 \

View File

@ -1,8 +1,8 @@
# Makefile.in generated by automake 1.10 from Makefile.am.
# Makefile.in generated by automake 1.10.1 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@ -15,7 +15,7 @@
@SET_MAKE@
#
# $P4: //depot/projects/trustedbsd/openbsm/libbsm/Makefile.in#13 $
# $P4: //depot/projects/trustedbsd/openbsm/libbsm/Makefile.in#15 $
#
VPATH = @srcdir@
@ -60,17 +60,17 @@ libLTLIBRARIES_INSTALL = $(INSTALL)
LTLIBRARIES = $(lib_LTLIBRARIES)
libbsm_la_LIBADD =
am__libbsm_la_SOURCES_DIST = bsm_audit.c bsm_class.c bsm_control.c \
bsm_domain.c bsm_errno.c bsm_event.c bsm_flags.c bsm_io.c \
bsm_mask.c bsm_socket_type.c bsm_token.c bsm_user.c \
bsm_domain.c bsm_errno.c bsm_event.c bsm_fcntl.c bsm_flags.c \
bsm_io.c bsm_mask.c bsm_socket_type.c bsm_token.c bsm_user.c \
bsm_notify.c bsm_wrappers.c
@HAVE_AUDIT_SYSCALLS_TRUE@am__objects_1 = bsm_notify.lo \
@HAVE_AUDIT_SYSCALLS_TRUE@ bsm_wrappers.lo
am_libbsm_la_OBJECTS = bsm_audit.lo bsm_class.lo bsm_control.lo \
bsm_domain.lo bsm_errno.lo bsm_event.lo bsm_flags.lo bsm_io.lo \
bsm_mask.lo bsm_socket_type.lo bsm_token.lo bsm_user.lo \
$(am__objects_1)
bsm_domain.lo bsm_errno.lo bsm_event.lo bsm_fcntl.lo \
bsm_flags.lo bsm_io.lo bsm_mask.lo bsm_socket_type.lo \
bsm_token.lo bsm_user.lo $(am__objects_1)
libbsm_la_OBJECTS = $(am_libbsm_la_OBJECTS)
DEFAULT_INCLUDES = -I. -I$(top_builddir)/config@am__isrc@
DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)/config
depcomp = $(SHELL) $(top_srcdir)/config/depcomp
am__depfiles_maybe = depfiles
COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
@ -109,6 +109,7 @@ CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DSYMUTIL = @DSYMUTIL@
ECHO = @ECHO@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
@ -133,6 +134,7 @@ MAINT = @MAINT@
MAKEINFO = @MAKEINFO@
MIG = @MIG@
MKDIR_P = @MKDIR_P@
NMEDIT = @NMEDIT@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
@ -196,20 +198,23 @@ sharedstatedir = @sharedstatedir@
srcdir = @srcdir@
sysconfdir = @sysconfdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
@USE_NATIVE_INCLUDES_FALSE@INCLUDES = -I$(top_builddir) -I$(top_srcdir) -I$(top_srcdir)/sys
@USE_NATIVE_INCLUDES_TRUE@INCLUDES = -I$(top_builddir) -I$(top_srcdir)
lib_LTLIBRARIES = libbsm.la
libbsm_la_SOURCES = bsm_audit.c bsm_class.c bsm_control.c bsm_domain.c \
bsm_errno.c bsm_event.c bsm_flags.c bsm_io.c bsm_mask.c \
bsm_socket_type.c bsm_token.c bsm_user.c $(am__append_1)
bsm_errno.c bsm_event.c bsm_fcntl.c bsm_flags.c bsm_io.c \
bsm_mask.c bsm_socket_type.c bsm_token.c bsm_user.c \
$(am__append_1)
man3_MANS = \
au_class.3 \
au_control.3 \
au_domain.3 \
au_errno.3 \
au_event.3 \
au_fcntl_cmd.3 \
au_free_token.3 \
au_io.3 \
au_mask.3 \
@ -258,8 +263,8 @@ install-libLTLIBRARIES: $(lib_LTLIBRARIES)
@list='$(lib_LTLIBRARIES)'; for p in $$list; do \
if test -f $$p; then \
f=$(am__strip_dir) \
echo " $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \
$(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \
echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \
$(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \
else :; fi; \
done
@ -267,8 +272,8 @@ uninstall-libLTLIBRARIES:
@$(NORMAL_UNINSTALL)
@list='$(lib_LTLIBRARIES)'; for p in $$list; do \
p=$(am__strip_dir) \
echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \
$(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \
echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \
$(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \
done
clean-libLTLIBRARIES:
@ -294,6 +299,7 @@ distclean-compile:
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bsm_domain.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bsm_errno.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bsm_event.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bsm_fcntl.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bsm_flags.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bsm_io.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bsm_mask.Plo@am__quote@
@ -380,8 +386,8 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
mkid -fID $$unique
tags: TAGS
@ -393,8 +399,8 @@ TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonempty = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
test -n "$$unique" || unique=$$empty_fix; \
$(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
@ -404,13 +410,12 @@ ctags: CTAGS
CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
$(TAGS_FILES) $(LISP)
tags=; \
here=`pwd`; \
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonempty = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
test -z "$(CTAGS_ARGS)$$tags$$unique" \
|| $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
$$tags $$unique

View File

@ -23,7 +23,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_control.3#10 $
.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_control.3#11 $
.\"
.Dd April 19, 2005
.Dt AU_CONTROL 3
@ -64,9 +64,9 @@
.Ft int
.Fn getacpol "char *auditstr" "size_t len"
.Ft ssize_t
.Fn au_poltostr "long policy" "size_t maxsize" "char *buf"
.Fn au_poltostr "int policy" "size_t maxsize" "char *buf"
.Ft int
.Fn au_strtopol "const char *polstr" "long *policy"
.Fn au_strtopol "const char *polstr" "int *policy"
.Sh DESCRIPTION
These interfaces may be used to look up information from the
.Xr audit_control 5

View File

@ -0,0 +1,97 @@
.\"-
.\" Copyright (c) 2009 Apple Inc.
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of Apple Inc. ("Apple") nor the names of
.\" its contributors may be used to endorse or promote products derived
.\" from this software without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR
.\" ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
.\" IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
.\" POSSIBILITY OF SUCH DAMAGE.
.\"
.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_fcntl_cmd.3#1 $
.\"
.Dd March 5, 2009
.Dt AU_BSM_TO_FCNTL_CMD 3
.Os
.Sh NAME
.Nm au_bsm_to_fcntl_cmd ,
.Nm au_fcntl_cmd_to_bsm
.Nd "convert between BSM and local fcntl(2) command values"
.Sh LIBRARY
.Lb libbsm
.Sh SYNOPSIS
.In bsm/libbsm.h
.Ft int
.Fn au_bsm_to_fcntl_cmd "u_short bsm_fcntl_cmd" "int *local_fcntl_cmdp"
.Ft u_short
.Fn au_fcntl_cmd_to_bsm "int local_fcntl_cmd"
.Sh DESCRIPTION
These interfaces may be used to convert between the local and BSM
.Xr fcntl 2
command values.
The
.Fn au_bsm_to_fcntl_cmd
function accepts a BSM command value,
.Fa bsm_fcntl_cmd ,
and converts it to a local command value passed to
.Xr fcntl 2 ,
that will be stored in the integer pointed to by
.Fa local_fcntl_cmdp
if successful.
This call will fail if the BSM command value cannot be mapped into a local
.Xr fcntl 2
command value which may occur if the command token was generated on another
operating system.
.Pp
The
.Fn au_fcntl_cmd_to_bsm
function accepts a local
.Xr fcntl 2
command value, and returns the BSM
.Xr fcntl 2
command value for it. This call cannot fail, and instead returns a BSM
command value indicating to a later decoder that the command value could
not be encoded.
.Sh RETURN VALULES
On success,
.Fn au_bsm_to_fcntl_cmd
returns 0 and a converted command value; on failure, it returns -1 but does
not set
.Xr errno 2 .
.Sh SEE ALSO
.Xr fcntl 2 ,
.Xr au_bsm_to_domain 3 ,
.Xr au_domain_to_bsm 3 ,
.Xr au_bsm_to_socket_type 3 ,
.Xr au_socket_type_to_bsm 3 ,
.Xr libbsm 3
.Sh HISTORY
.Fn au_bsm_to_domain
and
.Fn au_domain_to_bsm
were introduced in OpenBSM 1.1.
.Sh AUTHORS
These functions were implemented by
.An Stacey Son
under contract to Apple Inc.
.Pp
The Basic Security Module (BSM) interface to audit records and audit event
stream format were defined by Sun Microsystems.

View File

@ -27,7 +27,7 @@
.\" IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
.\" POSSIBILITY OF SUCH DAMAGE.
.\"
.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/audit_submit.3#15 $
.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/audit_submit.3#17 $
.\"
.Dd January 18, 2008
.Dt audit_submit 3
@ -98,14 +98,28 @@ or
#include <stdarg.h>
#include <errno.h>
int
void
audit_bad_su(char *from_login, char *to_login)
{
struct auditinfo_addr aia;
struct auditinfo ai;
au_id_t aid;
int error;
error = audit_submit(AUE_su, getuid(), 1, EPERM,
error = getaudit_addr(&aia, sizeof(aia));
if (error < 0 && errno == ENOSYS) {
error = getaudit(&ai);
if (error < 0)
err(1, "getaudit");
aid = ai.ai_auid;
} else if (error < 0)
err(1, "getaudit_addr");
else
aid = aia.ai_auid;
error = audit_submit(AUE_su, aid, EPERM, 1,
"bad su from %s to %s", from_login, to_login);
return (error);
if (error != 0)
err(1, "audit_submit");
}
.Ed
.Pp
@ -117,6 +131,13 @@ text,bad su from from csjp to root
return,failure : Operation not permitted,1
trailer,94
.Ed
.Sh RETURN VALUES
If successful,
.Nm
will return zero.
Otherwise a -1 is returned and the global variable
.Va errno
is set to indicate the error.
.Sh SEE ALSO
.Xr auditon 2 ,
.Xr getaudit 2 ,

View File

@ -30,7 +30,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
* $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_audit.c#35 $
* $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_audit.c#36 $
*/
#include <sys/types.h>
@ -237,7 +237,7 @@ au_assemble(au_record_t *rec, short event)
*/
aia.ai_termid.at_type = AU_IPv4;
aia.ai_termid.at_addr[0] = INADDR_ANY;
if (auditon(A_GETKAUDIT, &aia, sizeof(aia)) < 0) {
if (audit_get_kaudit(&aia, sizeof(aia)) != 0) {
if (errno != ENOSYS && errno != EPERM)
return (-1);
#endif /* HAVE_AUDIT_SYSCALLS */

View File

@ -1,5 +1,5 @@
/*-
* Copyright (c) 2004,2009 Apple Inc.
* Copyright (c) 2004, 2009 Apple Inc.
* Copyright (c) 2006 Robert N. M. Watson
* All rights reserved.
*
@ -27,7 +27,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
* $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_control.c#28 $
* $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_control.c#33 $
*/
#include <config/config.h>
@ -50,6 +50,8 @@
#include <compat/strlcpy.h>
#endif
#include <sys/stat.h>
/*
* Parse the contents of the audit_control file to return the audit control
* parameters. These static fields are protected by 'mutex'.
@ -220,7 +222,7 @@ au_spacetobytes(size_t *bytes, u_long value, char mult)
* nul).
*/
ssize_t
au_poltostr(long policy, size_t maxsize, char *buf)
au_poltostr(int policy, size_t maxsize, char *buf)
{
int first = 1;
int i = 0;
@ -248,7 +250,7 @@ au_poltostr(long policy, size_t maxsize, char *buf)
* ENOMEM) or 0 on success.
*/
int
au_strtopol(const char *polstr, long *policy)
au_strtopol(const char *polstr, int *policy)
{
char *bufp, *string;
char *buffer;
@ -287,10 +289,27 @@ au_strtopol(const char *polstr, long *policy)
static void
setac_locked(void)
{
static time_t lastctime = 0;
struct stat sbuf;
ptrmoved = 1;
if (fp != NULL)
if (fp != NULL) {
/*
* Check to see if the file on disk has changed. If so,
* force a re-read of the file by closing it.
*/
if (fstat(fileno(fp), &sbuf) < 0)
goto closefp;
if (lastctime != sbuf.st_ctime) {
lastctime = sbuf.st_ctime;
closefp:
fclose(fp);
fp = NULL;
return;
}
fseek(fp, 0, SEEK_SET);
}
}
void

View File

@ -26,7 +26,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
* $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_domain.c#2 $
* $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_domain.c#3 $
*/
#include <sys/types.h>
@ -319,13 +319,6 @@ static const struct bsm_domain bsm_domains[] = {
PF_BLUETOOTH
#else
PF_NO_LOCAL_MAPPING
#endif
},
{ BSM_PF_IEEE80211,
#ifdef PF_IEEE80211
PF_IEEE80211
#else
PF_NO_LOCAL_MAPPING
#endif
},
{ BSM_PF_AX25,

View File

@ -0,0 +1,289 @@
/*-
* Copyright (c) 2008-2009 Apple Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of Apple Inc. ("Apple") nor the names of
* its contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR
* ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
* $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_fcntl.c#2 $
*/
#include <sys/param.h>
#include <sys/fcntl.h>
#include <config/config.h>
#include <bsm/audit_fcntl.h>
#include <bsm/libbsm.h>
struct bsm_fcntl_cmd {
u_short bfc_bsm_fcntl_cmd;
int bfc_local_fcntl_cmd;
};
typedef struct bsm_fcntl_cmd bsm_fcntl_cmd_t;
static const bsm_fcntl_cmd_t bsm_fcntl_cmdtab[] = {
{ BSM_F_DUPFD, F_DUPFD },
{ BSM_F_GETFD, F_GETFD },
{ BSM_F_SETFD, F_SETFD },
{ BSM_F_GETFL, F_GETFL },
{ BSM_F_SETFL, F_SETFL },
#ifdef F_O_GETLK
{ BSM_F_O_GETLK, F_O_GETLK },
#endif
{ BSM_F_SETLK, F_SETLK },
{ BSM_F_SETLKW, F_SETLK },
#ifdef F_CHFL
{ BSM_F_CHKFL, F_CHKFL },
#endif
#ifdef F_DUP2FD
{ BSM_F_DUP2FD, F_DUP2FD },
#endif
#ifdef F_ALLOCSP
{ BSM_F_ALLOCSP, F_ALLOCSP },
#endif
#ifdef F_FREESP
{ BSM_F_FREESP, F_FREESP },
#endif
#ifdef F_ISSTREAM
{ BSM_F_ISSTREAM, F_ISSTREAM},
#endif
{ BSM_F_GETLK, F_GETLK },
#ifdef F_PRIV
{ BSM_F_PRIV, F_PRIV },
#endif
#ifdef F_NPRIV
{ BSM_F_NPRIV, F_NPRIV },
#endif
#ifdef F_QUOTACTL
{ BSM_F_QUOTACTL, F_QUOTACTL },
#endif
#ifdef F_BLOCKS
{ BSM_F_BLOCKS, F_BLOCKS },
#endif
#ifdef F_BLKSIZE
{ BSM_F_BLKSIZE, F_BLKSIZE },
#endif
{ BSM_F_GETOWN, F_GETOWN },
{ BSM_F_SETOWN, F_SETOWN },
#ifdef F_REVOKE
{ BSM_F_REVOKE, F_REVOKE },
#endif
#ifdef F_HASREMOTEBLOCKS
{ BSM_F_HASREMOTEBLOCKS,
F_HASREMOTEBLOCKS },
#endif
#ifdef F_FREESP
{ BSM_F_FREESP, F_FREESP },
#endif
#ifdef F_ALLOCSP
{ BSM_F_ALLOCSP, F_ALLOCSP },
#endif
#ifdef F_FREESP64
{ BSM_F_FREESP64, F_FREESP64 },
#endif
#ifdef F_ALLOCSP64
{ BSM_F_ALLOCSP64, F_ALLOCSP64 },
#endif
#ifdef F_GETLK64
{ BSM_F_GETLK64, F_GETLK64 },
#endif
#ifdef F_SETLK64
{ BSM_F_SETLK64, F_SETLK64 },
#endif
#ifdef F_SETLKW64
{ BSM_F_SETLKW64, F_SETLKW64 },
#endif
#ifdef F_SHARE
{ BSM_F_SHARE, F_SHARE },
#endif
#ifdef F_UNSHARE
{ BSM_F_UNSHARE, F_UNSHARE },
#endif
#ifdef F_SETLK_NBMAND
{ BSM_F_SETLK_NBMAND, F_SETLK_NBMAND },
#endif
#ifdef F_SHARE_NBMAND
{ BSM_F_SHARE_NBMAND, F_SHARE_NBMAND },
#endif
#ifdef F_SETLK64_NBMAND
{ BSM_F_SETLK64_NBMAND, F_SETLK64_NBMAND },
#endif
#ifdef F_GETXFL
{ BSM_F_GETXFL, F_GETXFL },
#endif
#ifdef F_BADFD
{ BSM_F_BADFD, F_BADFD },
#endif
#ifdef F_OGETLK
{ BSM_F_OGETLK, F_OGETLK },
#endif
#ifdef F_OSETLK
{ BSM_F_OSETLK, F_OSETLK },
#endif
#ifdef F_OSETLKW
{ BSM_F_OSETLKW, F_OSETLKW },
#endif
#ifdef F_SETLK_REMOTE
{ BSM_F_SETLK_REMOTE, F_SETLK_REMOTE },
#endif
#ifdef F_SETSIG
{ BSM_F_SETSIG, F_SETSIG },
#endif
#ifdef F_GETSIG
{ BSM_F_GETSIG, F_GETSIG },
#endif
#ifdef F_CHKCLEAN
{ BSM_F_CHKCLEAN, F_CHKCLEAN },
#endif
#ifdef F_PREALLOCATE
{ BSM_F_PREALLOCATE, F_PREALLOCATE },
#endif
#ifdef F_SETSIZE
{ BSM_F_SETSIZE, F_SETSIZE },
#endif
#ifdef F_RDADVISE
{ BSM_F_RDADVISE, F_RDADVISE },
#endif
#ifdef F_RDAHEAD
{ BSM_F_RDAHEAD, F_RDAHEAD },
#endif
#ifdef F_READBOOTSTRAP
{ BSM_F_READBOOTSTRAP, F_READBOOTSTRAP },
#endif
#ifdef F_WRITEBOOTSTRAP
{ BSM_F_WRITEBOOTSTRAP, F_WRITEBOOTSTRAP },
#endif
#ifdef F_NOCACHE
{ BSM_F_NOCACHE, F_NOCACHE },
#endif
#ifdef F_LOG2PHYS
{ BSM_F_LOG2PHYS, F_LOG2PHYS },
#endif
#ifdef F_GETPATH
{ BSM_F_GETPATH, F_GETPATH },
#endif
#ifdef F_FULLFSYNC
{ BSM_F_FULLFSYNC, F_FULLFSYNC },
#endif
#ifdef F_PATHPKG_CHECK
{ BSM_F_PATHPKG_CHECK, F_PATHPKG_CHECK },
#endif
#ifdef F_FREEZE_FS
{ BSM_F_FREEZE_FS, F_FREEZE_FS },
#endif
#ifdef F_THAW_FS
{ BSM_F_THAW_FS, F_THAW_FS },
#endif
#ifdef F_GLOBAL_NOCACHE
{ BSM_F_GLOBAL_NOCACHE, F_GLOBAL_NOCACHE },
#endif
#ifdef F_OPENFROM
{ BSM_F_OPENFROM, F_OPENFROM },
#endif
#ifdef F_UNLINKFROM
{ BSM_F_UNLINKFROM, F_UNLINKFROM },
#endif
#ifdef F_CHECK_OPENEVT
{ BSM_F_CHECK_OPENEVT, F_CHECK_OPENEVT },
#endif
#ifdef F_ADDSIGS
{ BSM_F_ADDSIGS, F_ADDSIGS },
#endif
#ifdef F_MARKDEPENDENCY
{ BSM_F_MARKDEPENDENCY, F_MARKDEPENDENCY },
#endif
#ifdef FCNTL_FS_SPECIFIC_BASE
{ BSM_F_FS_SPECIFIC_0, FCNTL_FS_SPECIFIC_BASE},
{ BSM_F_FS_SPECIFIC_1, FCNTL_FS_SPECIFIC_BASE + 1},
{ BSM_F_FS_SPECIFIC_2, FCNTL_FS_SPECIFIC_BASE + 2},
{ BSM_F_FS_SPECIFIC_3, FCNTL_FS_SPECIFIC_BASE + 3},
{ BSM_F_FS_SPECIFIC_4, FCNTL_FS_SPECIFIC_BASE + 4},
{ BSM_F_FS_SPECIFIC_5, FCNTL_FS_SPECIFIC_BASE + 5},
{ BSM_F_FS_SPECIFIC_6, FCNTL_FS_SPECIFIC_BASE + 6},
{ BSM_F_FS_SPECIFIC_7, FCNTL_FS_SPECIFIC_BASE + 7},
{ BSM_F_FS_SPECIFIC_8, FCNTL_FS_SPECIFIC_BASE + 8},
{ BSM_F_FS_SPECIFIC_9, FCNTL_FS_SPECIFIC_BASE + 9},
{ BSM_F_FS_SPECIFIC_10, FCNTL_FS_SPECIFIC_BASE + 10},
{ BSM_F_FS_SPECIFIC_11, FCNTL_FS_SPECIFIC_BASE + 11},
{ BSM_F_FS_SPECIFIC_12, FCNTL_FS_SPECIFIC_BASE + 12},
{ BSM_F_FS_SPECIFIC_13, FCNTL_FS_SPECIFIC_BASE + 13},
{ BSM_F_FS_SPECIFIC_14, FCNTL_FS_SPECIFIC_BASE + 14},
{ BSM_F_FS_SPECIFIC_15, FCNTL_FS_SPECIFIC_BASE + 15},
#endif /* FCNTL_FS_SPECIFIC_BASE */
};
static const int bsm_fcntl_cmd_count = sizeof(bsm_fcntl_cmdtab) /
sizeof(bsm_fcntl_cmdtab[0]);
static const bsm_fcntl_cmd_t *
bsm_lookup_local_fcntl_cmd(int local_fcntl_cmd)
{
int i;
for (i = 0; i < bsm_fcntl_cmd_count; i++) {
if (bsm_fcntl_cmdtab[i].bfc_local_fcntl_cmd ==
local_fcntl_cmd)
return (&bsm_fcntl_cmdtab[i]);
}
return (NULL);
}
u_short
au_fcntl_cmd_to_bsm(int local_fcntl_cmd)
{
const bsm_fcntl_cmd_t *bfcp;
bfcp = bsm_lookup_local_fcntl_cmd(local_fcntl_cmd);
if (bfcp == NULL)
return (BSM_F_UNKNOWN);
return (bfcp->bfc_bsm_fcntl_cmd);
}
static const bsm_fcntl_cmd_t *
bsm_lookup_bsm_fcntl_cmd(u_short bsm_fcntl_cmd)
{
int i;
for (i = 0; i < bsm_fcntl_cmd_count; i++) {
if (bsm_fcntl_cmdtab[i].bfc_bsm_fcntl_cmd ==
bsm_fcntl_cmd)
return (&bsm_fcntl_cmdtab[i]);
}
return (NULL);
}
int
au_bsm_to_fcntl_cmd(u_short bsm_fcntl_cmd, int *local_fcntl_cmdp)
{
const bsm_fcntl_cmd_t *bfcp;
bfcp = bsm_lookup_bsm_fcntl_cmd(bsm_fcntl_cmd);
if (bfcp == NULL || bfcp->bfc_local_fcntl_cmd)
return (-1);
*local_fcntl_cmdp = bfcp->bfc_local_fcntl_cmd;
return (0);
}

View File

@ -32,7 +32,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
* $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_io.c#61 $
* $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_io.c#62 $
*/
#include <sys/types.h>
@ -365,6 +365,10 @@ close_tag(FILE *fp, u_char type)
fprintf(fp, "/>");
break;
case AUT_SOCKINET128:
fprintf(fp, "/>");
break;
case AUT_SUBJECT32:
fprintf(fp, "/>");
break;
@ -529,13 +533,16 @@ print_tok_type(FILE *fp, u_char type, const char *tokname, char raw, int xml)
break;
case AUT_SOCKINET32:
fprintf(fp, "<old_socket");
fprintf(fp, "<socket-inet ");
break;
case AUT_SOCKUNIX:
fprintf(fp, "<old_socket");
fprintf(fp, "<socket-unix ");
break;
case AUT_SOCKINET128:
fprintf(fp, "<socket-inet6 ");
case AUT_SUBJECT32:
fprintf(fp, "<subject ");
break;
@ -3067,18 +3074,18 @@ fetch_sock_inet32_tok(tokenstr_t *tok, u_char *buf, int len)
{
int err = 0;
READ_TOKEN_U_INT16(buf, len, tok->tt.sockinet32.family, tok->len,
READ_TOKEN_U_INT16(buf, len, tok->tt.sockinet_ex32.family, tok->len,
err);
if (err)
return (-1);
READ_TOKEN_BYTES(buf, len, &tok->tt.sockinet32.port,
READ_TOKEN_BYTES(buf, len, &tok->tt.sockinet_ex32.port,
sizeof(uint16_t), tok->len, err);
if (err)
return (-1);
READ_TOKEN_BYTES(buf, len, &tok->tt.sockinet32.addr,
sizeof(tok->tt.sockinet32.addr), tok->len, err);
READ_TOKEN_BYTES(buf, len, &tok->tt.sockinet_ex32.addr,
sizeof(tok->tt.sockinet_ex32.addr[0]), tok->len, err);
if (err)
return (-1);
@ -3093,22 +3100,77 @@ print_sock_inet32_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
print_tok_type(fp, tok->id, "socket-inet", raw, xml);
if (xml) {
open_attr(fp, "type");
print_2_bytes(fp, tok->tt.sockinet32.family, "%u");
print_2_bytes(fp, tok->tt.sockinet_ex32.family, "%u");
close_attr(fp);
open_attr(fp, "port");
print_2_bytes(fp, ntohs(tok->tt.sockinet32.port), "%u");
print_2_bytes(fp, ntohs(tok->tt.sockinet_ex32.port), "%u");
close_attr(fp);
open_attr(fp, "addr");
print_ip_address(fp, tok->tt.sockinet32.addr);
print_ip_address(fp, tok->tt.sockinet_ex32.addr[0]);
close_attr(fp);
close_tag(fp, tok->id);
} else {
print_delim(fp, del);
print_2_bytes(fp, tok->tt.sockinet32.family, "%u");
print_2_bytes(fp, tok->tt.sockinet_ex32.family, "%u");
print_delim(fp, del);
print_2_bytes(fp, ntohs(tok->tt.sockinet32.port), "%u");
print_2_bytes(fp, ntohs(tok->tt.sockinet_ex32.port), "%u");
print_delim(fp, del);
print_ip_address(fp, tok->tt.sockinet32.addr);
print_ip_address(fp, tok->tt.sockinet_ex32.addr[0]);
}
}
/*
* socket family 2 bytes
* local port 2 bytes
* socket address 16 bytes
*/
static int
fetch_sock_inet128_tok(tokenstr_t *tok, u_char *buf, int len)
{
int err = 0;
READ_TOKEN_U_INT16(buf, len, tok->tt.sockinet_ex32.family, tok->len,
err);
if (err)
return (-1);
READ_TOKEN_BYTES(buf, len, &tok->tt.sockinet_ex32.port,
sizeof(uint16_t), tok->len, err);
if (err)
return (-1);
READ_TOKEN_BYTES(buf, len, &tok->tt.sockinet_ex32.addr,
sizeof(tok->tt.sockinet_ex32.addr), tok->len, err);
if (err)
return (-1);
return (0);
}
static void
print_sock_inet128_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
__unused char sfrm, int xml)
{
print_tok_type(fp, tok->id, "socket-inet6", raw, xml);
if (xml) {
open_attr(fp, "type");
print_2_bytes(fp, tok->tt.sockinet_ex32.family, "%u");
close_attr(fp);
open_attr(fp, "port");
print_2_bytes(fp, ntohs(tok->tt.sockinet_ex32.port), "%u");
close_attr(fp);
open_attr(fp, "addr");
print_ip_ex_address(fp, AU_IPv6, tok->tt.sockinet_ex32.addr);
close_attr(fp);
close_tag(fp, tok->id);
} else {
print_delim(fp, del);
print_2_bytes(fp, tok->tt.sockinet_ex32.family, "%u");
print_delim(fp, del);
print_2_bytes(fp, ntohs(tok->tt.sockinet_ex32.port), "%u");
print_delim(fp, del);
print_ip_ex_address(fp, AU_IPv6, tok->tt.sockinet_ex32.addr);
}
}
@ -4057,6 +4119,9 @@ au_fetch_tok(tokenstr_t *tok, u_char *buf, int len)
case AUT_SOCKUNIX:
return (fetch_sock_unix_tok(tok, buf, len));
case AUT_SOCKINET128:
return (fetch_sock_inet128_tok(tok, buf, len));
case AUT_SUBJECT32:
return (fetch_subject32_tok(tok, buf, len));
@ -4226,6 +4291,10 @@ au_print_tok(FILE *outfp, tokenstr_t *tok, char *del, char raw, char sfrm)
print_sock_unix_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
return;
case AUT_SOCKINET128:
print_sock_inet128_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
return;
case AUT_SUBJECT32:
print_subject32_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
return;

View File

@ -1,5 +1,5 @@
/*-
* Copyright (c) 2004 Apple Inc.
* Copyright (c) 2004-2009 Apple Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@ -26,7 +26,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
* $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_notify.c#15 $
* $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_notify.c#17 $
*/
/*
@ -60,7 +60,7 @@
static int token = 0;
#endif /* AUDIT_NOTIFICATION_ENABLED */
static long au_cond = AUC_UNSET; /* <bsm/audit.h> */
static int au_cond = AUC_UNSET; /* <bsm/audit.h> */
uint32_t
au_notify_initialize(void)
@ -77,7 +77,7 @@ au_notify_initialize(void)
return (status);
#endif
if (auditon(A_GETCOND, &au_cond, sizeof(long)) < 0) {
if (audit_get_cond(&au_cond) != 0) {
syslog(LOG_ERR, "Initial audit status check failed (%s)",
strerror(errno));
if (errno == ENOSYS) /* auditon() unimplemented. */
@ -137,7 +137,7 @@ au_get_state(void)
return (au_cond);
#endif
if (auditon(A_GETCOND, &au_cond, sizeof(long)) < 0) {
if (audit_get_cond(&au_cond) != 0) {
/* XXX Reset au_cond to AUC_UNSET? */
syslog(LOG_ERR, "Audit status check failed (%s)",
strerror(errno));
@ -165,16 +165,16 @@ cannot_audit(int val __unused)
#ifdef __APPLE__
return (!(au_get_state() == AUC_AUDITING));
#else
long au_cond;
int cond;
if (auditon(A_GETCOND, &au_cond, sizeof(long)) < 0) {
if (audit_get_cond(&cond) != 0) {
if (errno != ENOSYS) {
syslog(LOG_ERR, "Audit status check failed (%s)",
strerror(errno));
}
return (1);
}
if (au_cond == AUC_NOAUDIT || au_cond == AUC_DISABLED)
if (cond == AUC_NOAUDIT || cond == AUC_DISABLED)
return (1);
return (0);
#endif /* !__APPLE__ */

View File

@ -30,7 +30,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
* $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#90 $
* $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#91 $
*/
#include <sys/types.h>
@ -1503,7 +1503,7 @@ au_to_header32_ex(int rec_size, au_event_t e_type, au_emod_t e_mod)
if (gettimeofday(&tm, NULL) == -1)
return (NULL);
if (auditon(A_GETKAUDIT, &aia, sizeof(aia)) < 0) {
if (audit_get_kaudit(&aia, sizeof(aia)) != 0) {
if (errno != ENOSYS)
return (NULL);
return (au_to_header32_tm(rec_size, e_type, e_mod, tm));

View File

@ -1,5 +1,5 @@
/*-
* Copyright (c) 2004 Apple Inc.
* Copyright (c) 2004-2009 Apple Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@ -26,7 +26,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
* $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_wrappers.c#28 $
* $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_wrappers.c#31 $
*/
#ifdef __APPLE__
@ -63,7 +63,7 @@ audit_submit(short au_event, au_id_t auid, char status,
{
char text[MAX_AUDITSTRING_LEN];
token_t *token;
long acond;
int acond;
va_list ap;
pid_t pid;
int error, afd, subj_ex;
@ -71,7 +71,7 @@ audit_submit(short au_event, au_id_t auid, char status,
struct auditinfo_addr aia;
au_tid_t atid;
if (auditon(A_GETCOND, &acond, sizeof(acond)) < 0) {
if (audit_get_cond(&acond) != 0) {
/*
* If auditon(2) returns ENOSYS, then audit has not been
* compiled into the kernel, so just return.
@ -178,7 +178,7 @@ audit_submit(short au_event, au_id_t auid, char status,
return (-1);
}
}
token = au_to_return32(status, au_errno_to_bsm(reterr));
token = au_to_return32(au_errno_to_bsm(status), reterr);
if (token == NULL) {
syslog(LOG_AUTH | LOG_ERR,
"audit: enable to build return token");
@ -488,3 +488,336 @@ audit_token_to_au32(audit_token_t atoken, uid_t *auidp, uid_t *euidp,
}
}
#endif /* !__APPLE__ */
int
audit_get_cond(int *cond)
{
int ret;
ret = auditon(A_GETCOND, cond, sizeof(*cond));
#ifdef A_OLDGETCOND
if ((0 != ret) && EINVAL == errno) {
long lcond = *cond;
ret = auditon(A_OLDGETCOND, &lcond, sizeof(lcond));
*cond = (int)lcond;
}
#endif
return (ret);
}
int
audit_set_cond(int *cond)
{
int ret;
ret = auditon(A_SETCOND, cond, sizeof(*cond));
#ifdef A_OLDSETCOND
if ((0 != ret) && (EINVAL == errno)) {
long lcond = (long)*cond;
ret = auditon(A_OLDSETCOND, &lcond, sizeof(lcond));
*cond = (int)lcond;
}
#endif
return (ret);
}
int
audit_get_policy(int *policy)
{
int ret;
ret = auditon(A_GETPOLICY, policy, sizeof(*policy));
#ifdef A_OLDGETPOLICY
if ((0 != ret) && (EINVAL == errno)){
long lpolicy = (long)*policy;
ret = auditon(A_OLDGETPOLICY, &lpolicy, sizeof(lpolicy));
*policy = (int)lpolicy;
}
#endif
return (ret);
}
int
audit_set_policy(int *policy)
{
int ret;
ret = auditon(A_SETPOLICY, policy, sizeof(*policy));
#ifdef A_OLDSETPOLICY
if ((0 != ret) && (EINVAL == errno)){
long lpolicy = (long)*policy;
ret = auditon(A_OLDSETPOLICY, &lpolicy, sizeof(lpolicy));
*policy = (int)lpolicy;
}
#endif
return (ret);
}
int
audit_get_qctrl(au_qctrl_t *qctrl, size_t sz)
{
int ret;
if (sizeof(*qctrl) != sz) {
errno = EINVAL;
return (-1);
}
ret = auditon(A_GETQCTRL, qctrl, sizeof(*qctrl));
#ifdef A_OLDGETQCTRL
if ((0 != ret) && (EINVAL == errno)){
struct old_qctrl {
size_t oq_hiwater;
size_t oq_lowater;
size_t oq_bufsz;
clock_t oq_delay;
int oq_minfree;
} oq;
oq.oq_hiwater = (size_t)qctrl->aq_hiwater;
oq.oq_lowater = (size_t)qctrl->aq_lowater;
oq.oq_bufsz = (size_t)qctrl->aq_bufsz;
oq.oq_delay = (clock_t)qctrl->aq_delay;
oq.oq_minfree = qctrl->aq_minfree;
ret = auditon(A_OLDGETQCTRL, &oq, sizeof(oq));
qctrl->aq_hiwater = (int)oq.oq_hiwater;
qctrl->aq_lowater = (int)oq.oq_lowater;
qctrl->aq_bufsz = (int)oq.oq_bufsz;
qctrl->aq_delay = (int)oq.oq_delay;
qctrl->aq_minfree = oq.oq_minfree;
}
#endif /* A_OLDGETQCTRL */
return (ret);
}
int
audit_set_qctrl(au_qctrl_t *qctrl, size_t sz)
{
int ret;
if (sizeof(*qctrl) != sz) {
errno = EINVAL;
return (-1);
}
ret = auditon(A_SETQCTRL, qctrl, sz);
#ifdef A_OLDSETQCTRL
if ((0 != ret) && (EINVAL == errno)) {
struct old_qctrl {
size_t oq_hiwater;
size_t oq_lowater;
size_t oq_bufsz;
clock_t oq_delay;
int oq_minfree;
} oq;
oq.oq_hiwater = (size_t)qctrl->aq_hiwater;
oq.oq_lowater = (size_t)qctrl->aq_lowater;
oq.oq_bufsz = (size_t)qctrl->aq_bufsz;
oq.oq_delay = (clock_t)qctrl->aq_delay;
oq.oq_minfree = qctrl->aq_minfree;
ret = auditon(A_OLDSETQCTRL, &oq, sizeof(oq));
qctrl->aq_hiwater = (int)oq.oq_hiwater;
qctrl->aq_lowater = (int)oq.oq_lowater;
qctrl->aq_bufsz = (int)oq.oq_bufsz;
qctrl->aq_delay = (int)oq.oq_delay;
qctrl->aq_minfree = oq.oq_minfree;
}
#endif /* A_OLDSETQCTRL */
return (ret);
}
int
audit_send_trigger(int *trigger)
{
return (auditon(A_SENDTRIGGER, trigger, sizeof(*trigger)));
}
int
audit_get_kaudit(auditinfo_addr_t *aia, size_t sz)
{
if (sizeof(*aia) != sz) {
errno = EINVAL;
return (-1);
}
return (auditon(A_GETKAUDIT, aia, sz));
}
int
audit_set_kaudit(auditinfo_addr_t *aia, size_t sz)
{
if (sizeof(*aia) != sz) {
errno = EINVAL;
return (-1);
}
return (auditon(A_SETKAUDIT, aia, sz));
}
int
audit_get_class(au_evclass_map_t *evc_map, size_t sz)
{
if (sizeof(*evc_map) != sz) {
errno = EINVAL;
return (-1);
}
return (auditon(A_GETCLASS, evc_map, sz));
}
int
audit_set_class(au_evclass_map_t *evc_map, size_t sz)
{
if (sizeof(*evc_map) != sz) {
errno = EINVAL;
return (-1);
}
return (auditon(A_SETCLASS, evc_map, sz));
}
int
audit_get_kmask(au_mask_t *kmask, size_t sz)
{
if (sizeof(*kmask) != sz) {
errno = EINVAL;
return (-1);
}
return (auditon(A_GETKMASK, kmask, sz));
}
int
audit_set_kmask(au_mask_t *kmask, size_t sz)
{
if (sizeof(*kmask) != sz) {
errno = EINVAL;
return (-1);
}
return (auditon(A_SETKMASK, kmask, sz));
}
int
audit_get_fsize(au_fstat_t *fstat, size_t sz)
{
if (sizeof(*fstat) != sz) {
errno = EINVAL;
return (-1);
}
return (auditon(A_GETFSIZE, fstat, sz));
}
int
audit_set_fsize(au_fstat_t *fstat, size_t sz)
{
if (sizeof(*fstat) != sz) {
errno = EINVAL;
return (-1);
}
return (auditon(A_SETFSIZE, fstat, sz));
}
int
audit_set_pmask(auditpinfo_t *api, size_t sz)
{
if (sizeof(*api) != sz) {
errno = EINVAL;
return (-1);
}
return (auditon(A_SETPMASK, api, sz));
}
int
audit_get_pinfo(auditpinfo_t *api, size_t sz)
{
if (sizeof(*api) != sz) {
errno = EINVAL;
return (-1);
}
return (auditon(A_GETPINFO, api, sz));
}
int
audit_get_pinfo_addr(auditpinfo_addr_t *apia, size_t sz)
{
if (sizeof(*apia) != sz) {
errno = EINVAL;
return (-1);
}
return (auditon(A_GETPINFO_ADDR, apia, sz));
}
int
audit_get_sinfo_addr(auditinfo_addr_t *aia, size_t sz)
{
if (sizeof(*aia) != sz) {
errno = EINVAL;
return (-1);
}
return (auditon(A_GETSINFO_ADDR, aia, sz));
}
int
audit_get_stat(au_stat_t *stats, size_t sz)
{
if (sizeof(*stats) != sz) {
errno = EINVAL;
return (-1);
}
return (auditon(A_GETSTAT, stats, sz));
}
int
audit_set_stat(au_stat_t *stats, size_t sz)
{
if (sizeof(*stats) != sz) {
errno = EINVAL;
return (-1);
}
return (auditon(A_GETSTAT, stats, sz));
}
int
audit_get_cwd(char *path, size_t sz)
{
return (auditon(A_GETCWD, path, sz));
}
int
audit_get_car(char *path, size_t sz)
{
return (auditon(A_GETCAR, path, sz));
}

View File

@ -1,6 +1,6 @@
.\"-
.\" Copyright (c) 2005-2007 Robert N. M. Watson
.\" Copyright (c) 2008 Apple Inc.
.\" Copyright (c) 2008-2009 Apple Inc.
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
@ -24,9 +24,9 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/libbsm.3#16 $
.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/libbsm.3#17 $
.\"
.Dd November 12, 2008
.Dd March 5, 2009
.Dt LIBBSM 3
.Os
.Sh NAME
@ -200,9 +200,11 @@ number, socket type, and protocol famil spaces, and must be used to generate
and interpret BSM return and extended socket tokens:
.Xr au_bsm_to_domain 3 ,
.Xr au_bsm_to_errno 3 ,
.Xr au_bsm_to_fcntl_cmd 3 ,
.Xr au_bsm_to_socket_type 3 ,
.Xr au_domain_to_bsm 3 ,
.Xr au_errno_to_bsm 3 ,
.Xr au_fcntl_cmd_to_bsm 3 ,
.Xr au_socket_type_to_bsm 3 .
.Sh SEE ALSO
.Xr au_class 3 ,

View File

@ -1,8 +1,8 @@
# Makefile.in generated by automake 1.10 from Makefile.am.
# Makefile.in generated by automake 1.10.1 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@ -15,7 +15,7 @@
@SET_MAKE@
#
# $P4: //depot/projects/trustedbsd/openbsm/man/Makefile.in#8 $
# $P4: //depot/projects/trustedbsd/openbsm/man/Makefile.in#9 $
#
VPATH = @srcdir@
pkgdatadir = $(datadir)/@PACKAGE@
@ -71,6 +71,7 @@ CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DSYMUTIL = @DSYMUTIL@
ECHO = @ECHO@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
@ -95,6 +96,7 @@ MAINT = @MAINT@
MAKEINFO = @MAKEINFO@
MIG = @MIG@
MKDIR_P = @MKDIR_P@
NMEDIT = @NMEDIT@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
@ -158,6 +160,7 @@ sharedstatedir = @sharedstatedir@
srcdir = @srcdir@
sysconfdir = @sysconfdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
man2_MANS = \

View File

@ -26,9 +26,9 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $P4: //depot/projects/trustedbsd/openbsm/man/auditon.2#15 $
.\" $P4: //depot/projects/trustedbsd/openbsm/man/auditon.2#16 $
.\"
.Dd July 10, 2008
.Dd January 29, 2009
.Dt AUDITON 2
.Os
.Sh NAME
@ -63,7 +63,7 @@ The
.Fa data
argument
must point to a
.Vt long
.Vt int
value set to one or more the following audit
policy control values bitwise OR'ed together:
.Dv AUDIT_CNT ,
@ -93,9 +93,16 @@ is set, then the environment variables passed to the
system call will be audited. The default policy is none of the audit policy
control flags set.
.It Dv A_SETKAUDIT
Return
.Er ENOSYS .
(Not implemented.)
Set the host information.
The
.Fa data
argument
must point to a
.Vt auditinfo_addr_t
structure containing the host IP address information.
After setting, audit records
that are created as a result of kernel events will contain
this information.
.It Dv A_SETKMASK
Set the kernel preselection masks (success and failure).
The
@ -156,6 +163,15 @@ If the value of free blocks falls below the configured
minimum amount, the kernel informs the audit daemon about low disk space.
The value is to be specified in percent of free file system blocks.
A value of 0 results in a disabling of the check.
The default and maximum values (default/maximum) for the
audit queue control parameters are:
.Pp
.Bl -column aq_hiwater -offset indent -compact
.It aq_hiwater Ta 100/10000 (audit records)
.It aq_lowater Ta 10/aq_hiwater (audit records)
.It aq_bufsz Ta 32767/1048576 (bytes)
.It aq_delay Ta (Not currently used.)
.El
.It Dv A_SETSTAT
Return
.Er ENOSYS .
@ -174,7 +190,7 @@ The
.Fa data
argument
must point to a
.Vt long
.Vt int
value containing the new
audit condition, one of
.Dv AUC_AUDITING ,
@ -235,10 +251,6 @@ structure with the
field set to the maximum audit log file size.
A value of 0
indicates no limit to the size.
.It Dv A_SETKAUDIT
Return
.Er ENOSYS .
(Not implemented.)
.It Dv A_GETCLASS
Return the event to class mapping for the designated audit event.
The
@ -250,9 +262,13 @@ structure. See the
.Dv A_SETCLASS
section above for more information.
.It Dv A_GETKAUDIT
Return
.Er ENOSYS .
(Not implemented.)
Get the current host information.
The
.Fa data
argument
must point to a
.Vt auditinfo_addr_t
structure.
.It Dv A_GETPINFO
Return the audit settings for a process.
The
@ -302,6 +318,22 @@ See the section
above and
.Xr getaudit 2
for more information.
.It Dv A_GETSINFO_ADDR
Return the extended audit settings for a session.
The
.Fa data
argument
must point to a
.Vt auditinfo_addr_t
structure.
The audit session ID of the target session is passed
into the kernel using the
.Fa ai_asid
field. See
.Xr getaudit_addr 2
for more information about the
.Vt auditinfo_addr_t
structure.
.It Dv A_GETKMASK
Return the current kernel preselection masks.
The
@ -317,7 +349,7 @@ The
.Fa data
argument
must point to a
.Vt long
.Vt int
value which will be set to
one of the current audit policy flags.
The audit policy flags are
@ -377,7 +409,7 @@ The
.Fa data
argument
must point to a
.Vt long
.Vt int
value which will be set to
the current audit condition, one of
.Dv AUC_AUDITING ,
@ -393,7 +425,7 @@ The
.Fa data
argument
must point to a
.Vt long
.Vt int
value set to one of the acceptable
trigger values:
.Dv AUDIT_TRIGGER_LOW_SPACE

View File

@ -1,8 +1,8 @@
# Makefile.in generated by automake 1.10 from Makefile.am.
# Makefile.in generated by automake 1.10.1 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@ -15,7 +15,7 @@
@SET_MAKE@
#
# $P4: //depot/projects/trustedbsd/openbsm/modules/Makefile.in#6 $
# $P4: //depot/projects/trustedbsd/openbsm/modules/Makefile.in#7 $
#
VPATH = @srcdir@
pkgdatadir = $(datadir)/@PACKAGE@
@ -78,6 +78,7 @@ CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DSYMUTIL = @DSYMUTIL@
ECHO = @ECHO@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
@ -102,6 +103,7 @@ MAINT = @MAINT@
MAKEINFO = @MAKEINFO@
MIG = @MIG@
MKDIR_P = @MKDIR_P@
NMEDIT = @NMEDIT@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
@ -165,6 +167,7 @@ sharedstatedir = @sharedstatedir@
srcdir = @srcdir@
sysconfdir = @sysconfdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
SUBDIRS = \
@ -284,8 +287,8 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
mkid -fID $$unique
tags: TAGS
@ -310,8 +313,8 @@ TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonempty = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
test -n "$$unique" || unique=$$empty_fix; \
$(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
@ -321,13 +324,12 @@ ctags: CTAGS
CTAGS: ctags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
$(TAGS_FILES) $(LISP)
tags=; \
here=`pwd`; \
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonempty = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
test -z "$(CTAGS_ARGS)$$tags$$unique" \
|| $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
$$tags $$unique

View File

@ -1,8 +1,8 @@
# Makefile.in generated by automake 1.10 from Makefile.am.
# Makefile.in generated by automake 1.10.1 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@ -15,7 +15,7 @@
@SET_MAKE@
#
# $P4: //depot/projects/trustedbsd/openbsm/modules/auditfilter_noop/Makefile.in#7 $
# $P4: //depot/projects/trustedbsd/openbsm/modules/auditfilter_noop/Makefile.in#8 $
#
VPATH = @srcdir@
@ -60,7 +60,7 @@ auditfilter_noop_la_OBJECTS = auditfilter_noop.lo
auditfilter_noop_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
$(auditfilter_noop_la_LDFLAGS) $(LDFLAGS) -o $@
DEFAULT_INCLUDES = -I. -I$(top_builddir)/config@am__isrc@
DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)/config
depcomp = $(SHELL) $(top_srcdir)/config/depcomp
am__depfiles_maybe = depfiles
COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
@ -96,6 +96,7 @@ CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DSYMUTIL = @DSYMUTIL@
ECHO = @ECHO@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
@ -120,6 +121,7 @@ MAINT = @MAINT@
MAKEINFO = @MAKEINFO@
MIG = @MIG@
MKDIR_P = @MKDIR_P@
NMEDIT = @NMEDIT@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
@ -183,6 +185,7 @@ sharedstatedir = @sharedstatedir@
srcdir = @srcdir@
sysconfdir = @sysconfdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
@USE_NATIVE_INCLUDES_FALSE@INCLUDES = -I$(top_builddir) -I$(top_srcdir) -I$(top_srcdir)/sys
@ -229,8 +232,8 @@ install-libLTLIBRARIES: $(lib_LTLIBRARIES)
@list='$(lib_LTLIBRARIES)'; for p in $$list; do \
if test -f $$p; then \
f=$(am__strip_dir) \
echo " $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \
$(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \
echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \
$(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \
else :; fi; \
done
@ -238,8 +241,8 @@ uninstall-libLTLIBRARIES:
@$(NORMAL_UNINSTALL)
@list='$(lib_LTLIBRARIES)'; for p in $$list; do \
p=$(am__strip_dir) \
echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \
$(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \
echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \
$(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \
done
clean-libLTLIBRARIES:
@ -293,8 +296,8 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
mkid -fID $$unique
tags: TAGS
@ -306,8 +309,8 @@ TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonempty = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
test -n "$$unique" || unique=$$empty_fix; \
$(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
@ -317,13 +320,12 @@ ctags: CTAGS
CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
$(TAGS_FILES) $(LISP)
tags=; \
here=`pwd`; \
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonempty = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
test -z "$(CTAGS_ARGS)$$tags$$unique" \
|| $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
$$tags $$unique

View File

@ -1,8 +1,8 @@
# Makefile.in generated by automake 1.10 from Makefile.am.
# Makefile.in generated by automake 1.10.1 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@ -15,7 +15,7 @@
@SET_MAKE@
#
# $P4: //depot/projects/trustedbsd/openbsm/sys/Makefile.in#3 $
# $P4: //depot/projects/trustedbsd/openbsm/sys/Makefile.in#4 $
#
VPATH = @srcdir@
pkgdatadir = $(datadir)/@PACKAGE@
@ -78,6 +78,7 @@ CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DSYMUTIL = @DSYMUTIL@
ECHO = @ECHO@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
@ -102,6 +103,7 @@ MAINT = @MAINT@
MAKEINFO = @MAKEINFO@
MIG = @MIG@
MKDIR_P = @MKDIR_P@
NMEDIT = @NMEDIT@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
@ -165,6 +167,7 @@ sharedstatedir = @sharedstatedir@
srcdir = @srcdir@
sysconfdir = @sysconfdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
SUBDIRS = \
@ -284,8 +287,8 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
mkid -fID $$unique
tags: TAGS
@ -310,8 +313,8 @@ TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonempty = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
test -n "$$unique" || unique=$$empty_fix; \
$(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
@ -321,13 +324,12 @@ ctags: CTAGS
CTAGS: ctags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
$(TAGS_FILES) $(LISP)
tags=; \
here=`pwd`; \
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonempty = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
test -z "$(CTAGS_ARGS)$$tags$$unique" \
|| $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
$$tags $$unique

View File

@ -1,5 +1,5 @@
#
# $P4: //depot/projects/trustedbsd/openbsm/sys/bsm/Makefile.am#3 $
# $P4: //depot/projects/trustedbsd/openbsm/sys/bsm/Makefile.am#4 $
#
@ -10,6 +10,7 @@ openbsm_HEADERS = \
audit.h \
audit_domain.h \
audit_errno.h \
audit_fcntl.h \
audit_internal.h \
audit_kevents.h \
audit_record.h \

View File

@ -1,8 +1,8 @@
# Makefile.in generated by automake 1.10 from Makefile.am.
# Makefile.in generated by automake 1.10.1 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@ -15,7 +15,7 @@
@SET_MAKE@
#
# $P4: //depot/projects/trustedbsd/openbsm/sys/bsm/Makefile.in#5 $
# $P4: //depot/projects/trustedbsd/openbsm/sys/bsm/Makefile.in#7 $
#
VPATH = @srcdir@
@ -49,7 +49,7 @@ CONFIG_CLEAN_FILES =
SOURCES =
DIST_SOURCES =
am__openbsm_HEADERS_DIST = audit.h audit_domain.h audit_errno.h \
audit_internal.h audit_kevents.h audit_record.h \
audit_fcntl.h audit_internal.h audit_kevents.h audit_record.h \
audit_socket_type.h
am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
am__vpath_adj = case $$p in \
@ -82,6 +82,7 @@ CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DSYMUTIL = @DSYMUTIL@
ECHO = @ECHO@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
@ -106,6 +107,7 @@ MAINT = @MAINT@
MAKEINFO = @MAKEINFO@
MIG = @MIG@
MKDIR_P = @MKDIR_P@
NMEDIT = @NMEDIT@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
@ -169,6 +171,7 @@ sharedstatedir = @sharedstatedir@
srcdir = @srcdir@
sysconfdir = @sysconfdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
@USE_NATIVE_INCLUDES_FALSE@openbsmdir = $(includedir)/bsm
@ -176,6 +179,7 @@ top_srcdir = @top_srcdir@
@USE_NATIVE_INCLUDES_FALSE@ audit.h \
@USE_NATIVE_INCLUDES_FALSE@ audit_domain.h \
@USE_NATIVE_INCLUDES_FALSE@ audit_errno.h \
@USE_NATIVE_INCLUDES_FALSE@ audit_fcntl.h \
@USE_NATIVE_INCLUDES_FALSE@ audit_internal.h \
@USE_NATIVE_INCLUDES_FALSE@ audit_kevents.h \
@USE_NATIVE_INCLUDES_FALSE@ audit_record.h \
@ -242,8 +246,8 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
mkid -fID $$unique
tags: TAGS
@ -255,8 +259,8 @@ TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonempty = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
test -n "$$unique" || unique=$$empty_fix; \
$(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
@ -266,13 +270,12 @@ ctags: CTAGS
CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
$(TAGS_FILES) $(LISP)
tags=; \
here=`pwd`; \
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonempty = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
test -z "$(CTAGS_ARGS)$$tags$$unique" \
|| $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
$$tags $$unique

View File

@ -1,5 +1,5 @@
/*-
* Copyright (c) 2005 Apple Inc.
* Copyright (c) 2005-2009 Apple Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@ -26,20 +26,14 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
* $P4: //depot/projects/trustedbsd/openbsm/sys/bsm/audit.h#5 $
* $P4: //depot/projects/trustedbsd/openbsm/sys/bsm/audit.h#9 $
*/
#ifndef _BSM_AUDIT_H
#define _BSM_AUDIT_H
#ifdef __APPLE__
/* Temporary until rdar://problem/6133383 is resolved. */
#include <sys/types.h>
#include <sys/param.h>
#include <sys/socket.h>
#include <sys/cdefs.h>
#include <sys/queue.h>
#endif /* __APPLE__ */
#include <sys/types.h>
#define AUDIT_RECORD_MAGIC 0x828a0f1b
#define MAX_AUDIT_RECORDS 20
@ -100,20 +94,20 @@
/*
* auditon(2) commands.
*/
#define A_GETPOLICY 2
#define A_SETPOLICY 3
#define A_OLDGETPOLICY 2
#define A_OLDSETPOLICY 3
#define A_GETKMASK 4
#define A_SETKMASK 5
#define A_GETQCTRL 6
#define A_SETQCTRL 7
#define A_OLDGETQCTRL 6
#define A_OLDSETQCTRL 7
#define A_GETCWD 8
#define A_GETCAR 9
#define A_GETSTAT 12
#define A_SETSTAT 13
#define A_SETUMASK 14
#define A_SETSMASK 15
#define A_GETCOND 20
#define A_SETCOND 21
#define A_OLDGETCOND 20
#define A_OLDSETCOND 21
#define A_GETCLASS 22
#define A_SETCLASS 23
#define A_GETPINFO 24
@ -125,6 +119,12 @@
#define A_SETKAUDIT 30
#define A_SENDTRIGGER 31
#define A_GETSINFO_ADDR 32
#define A_GETPOLICY 33
#define A_SETPOLICY 34
#define A_GETQCTRL 35
#define A_SETQCTRL 36
#define A_GETCOND 37
#define A_SETCOND 38
/*
* Audit policy controls.
@ -215,7 +215,6 @@ struct auditpinfo {
au_mask_t ap_mask; /* Audit masks. */
au_tid_t ap_termid; /* Terminal ID. */
au_asid_t ap_asid; /* Audit session ID. */
u_int64_t ap_flags; /* Audit session flags. */
};
typedef struct auditpinfo auditpinfo_t;
@ -225,15 +224,12 @@ struct auditpinfo_addr {
au_mask_t ap_mask; /* Audit masks. */
au_tid_addr_t ap_termid; /* Terminal ID. */
au_asid_t ap_asid; /* Audit session ID. */
u_int64_t ap_flags; /* Audit session flags. */
};
typedef struct auditpinfo_addr auditpinfo_addr_t;
struct au_session {
auditinfo_addr_t *as_aia_p; /* Ptr to full audit info. */
#define as_asid as_aia_p->ai_asid
#define as_auid as_aia_p->ai_auid
#define as_termid as_aia_p->ai_termid
au_mask_t as_mask; /* Process Audit Masks. */
};
typedef struct au_session au_session_t;
@ -244,13 +240,22 @@ typedef struct au_session au_session_t;
typedef struct au_token token_t;
/*
* Kernel audit queue control parameters.
* Kernel audit queue control parameters:
* Default: Maximum:
* aq_hiwater: AQ_HIWATER (100) AQ_MAXHIGH (10000)
* aq_lowater: AQ_LOWATER (10) <aq_hiwater
* aq_bufsz: AQ_BUFSZ (32767) AQ_MAXBUFSZ (1048576)
* aq_delay: 20 20000 (not used)
*/
struct au_qctrl {
size_t aq_hiwater;
size_t aq_lowater;
size_t aq_bufsz;
clock_t aq_delay;
int aq_hiwater; /* Max # of audit recs in queue when */
/* threads with new ARs get blocked. */
int aq_lowater; /* # of audit recs in queue when */
/* blocked threads get unblocked. */
int aq_bufsz; /* Max size of audit record for audit(2). */
int aq_delay; /* Queue delay (not used). */
int aq_minfree; /* Minimum filesystem percent free space. */
};
typedef struct au_qctrl au_qctrl_t;
@ -307,6 +312,13 @@ int getaudit(struct auditinfo *);
int setaudit(const struct auditinfo *);
int getaudit_addr(struct auditinfo_addr *, int);
int setaudit_addr(const struct auditinfo_addr *, int);
#ifdef __APPLE_API_PRIVATE
#include <mach/port.h>
mach_port_name_t audit_session_self(void);
au_asid_t audit_session_join(mach_port_name_t port);
#endif /* __APPLE_API_PRIVATE */
#endif /* defined(_KERNEL) || defined(KERNEL) */
__END_DECLS

View File

@ -26,7 +26,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
* $P4: //depot/projects/trustedbsd/openbsm/sys/bsm/audit_domain.h#1 $
* $P4: //depot/projects/trustedbsd/openbsm/sys/bsm/audit_domain.h#2 $
*/
#ifndef _BSM_AUDIT_DOMAIN_H_
@ -87,7 +87,7 @@
#define BSM_PF_SCLUSTER 514 /* FreeBSD-specific. */
#define BSM_PF_ARP 515 /* FreeBSD-specific. */
#define BSM_PF_BLUETOOTH 516 /* FreeBSD-specific. */
#define BSM_PF_IEEE80211 517 /* FreeBSD-specific. */
/* 517: unallocated. */
#define BSM_PF_AX25 518 /* Linux-specific. */
#define BSM_PF_ROSE 519 /* Linux-specific. */
#define BSM_PF_NETBEUI 520 /* Linux-specific. */

View File

@ -0,0 +1,140 @@
/*-
* Copyright (c) 2009 Apple Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of Apple Inc. ("Apple") nor the names of
* its contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR
* ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
* $P4: //depot/projects/trustedbsd/openbsm/sys/bsm/audit_fcntl.h#2 $
*/
#ifndef _BSM_AUDIT_FCNTL_H_
#define _BSM_AUDIT_FCNTL_H_
/*
* Shared and Solaris-specific: (0-99).
*/
#define BSM_F_DUPFD 0
#define BSM_F_GETFD 1
#define BSM_F_SETFD 2
#define BSM_F_GETFL 3
#define BSM_F_SETFL 4
#define BSM_F_O_GETLK 5 /* Solaris-specific. */
#define BSM_F_SETLK 6
#define BSM_F_SETLKW 7
#define BSM_F_CHKFL 8 /* Solaris-specific. */
#define BSM_F_DUP2FD 9 /* FreeBSD/Solaris-specific. */
#define BSM_F_ALLOCSP 10 /* Solaris-specific. */
#define BSM_F_FREESP 11 /* Solaris-specific. */
#define BSM_F_ISSTREAM 13 /* Solaris-specific. */
#define BSM_F_GETLK 14
#define BSM_F_PRIV 15 /* Solaris-specific. */
#define BSM_F_NPRIV 16 /* Solaris-specific. */
#define BSM_F_QUOTACTL 17 /* Solaris-specific. */
#define BSM_F_BLOCKS 18 /* Solaris-specific. */
#define BSM_F_BLKSIZE 19 /* Solaris-specific. */
#define BSM_F_GETOWN 23
#define BSM_F_SETOWN 24
#define BSM_F_REVOKE 25 /* Solaris-specific. */
#define BSM_F_HASREMOTELOCKS 26 /* Solaris-specific. */
#define BSM_F_FREESP64 27 /* Solaris-specific. */
#define BSM_F_ALLOCSP64 28 /* Solaris-specific. */
#define BSM_F_GETLK64 33 /* Solaris-specific. */
#define BSM_F_SETLK64 34 /* Solaris-specific. */
#define BSM_F_SETLKW64 35 /* Solaris-specific. */
#define BSM_F_SHARE 40 /* Solaris-specific. */
#define BSM_F_UNSHARE 41 /* Solaris-specific. */
#define BSM_F_SETLK_NBMAND 42 /* Solaris-specific. */
#define BSM_F_SHARE_NBMAND 43 /* Solaris-specific. */
#define BSM_F_SETLK64_NBMAND 44 /* Solaris-specific. */
#define BSM_F_GETXFL 45 /* Solaris-specific. */
#define BSM_F_BADFD 46 /* Solaris-specific. */
/*
* FreeBSD-specific (100-199).
*/
#define BSM_F_OGETLK 107 /* FreeBSD-specific. */
#define BSM_F_OSETLK 108 /* FreeBSD-specific. */
#define BSM_F_OSETLKW 109 /* FreeBSD-specific. */
#define BSM_F_SETLK_REMOTE 114 /* FreeBSD-specific. */
/*
* Linux-specific (200-299).
*/
#define BSM_F_SETSIG 210 /* Linux-specific. */
#define BSM_F_GETSIG 211 /* Linux-specific. */
/*
* Darwin-specific (300-399).
*/
#define BSM_F_CHKCLEAN 341 /* Darwin-specific. */
#define BSM_F_PREALLOCATE 342 /* Darwin-specific. */
#define BSM_F_SETSIZE 343 /* Darwin-specific. */
#define BSM_F_RDADVISE 344 /* Darwin-specific. */
#define BSM_F_RDAHEAD 345 /* Darwin-specific. */
#define BSM_F_READBOOTSTRAP 346 /* Darwin-specific. */
#define BSM_F_WRITEBOOTSTRAP 347 /* Darwin-specific. */
#define BSM_F_NOCACHE 348 /* Darwin-specific. */
#define BSM_F_LOG2PHYS 349 /* Darwin-specific. */
#define BSM_F_GETPATH 350 /* Darwin-specific. */
#define BSM_F_FULLFSYNC 351 /* Darwin-specific. */
#define BSM_F_PATHPKG_CHECK 352 /* Darwin-specific. */
#define BSM_F_FREEZE_FS 353 /* Darwin-specific. */
#define BSM_F_THAW_FS 354 /* Darwin-specific. */
#define BSM_F_GLOBAL_NOCACHE 355 /* Darwin-specific. */
#define BSM_F_OPENFROM 356 /* Darwin-specific. */
#define BSM_F_UNLINKFROM 357 /* Darwin-specific. */
#define BSM_F_CHECK_OPENEVT 358 /* Darwin-specific. */
#define BSM_F_ADDSIGS 359 /* Darwin-specific. */
#define BSM_F_MARKDEPENDENCY 360 /* Darwin-specific. */
/*
* Darwin file system specific (400-499).
*/
#define BSM_F_FS_SPECIFIC_0 400 /* Darwin-fs-specific. */
#define BSM_F_FS_SPECIFIC_1 401 /* Darwin-fs-specific. */
#define BSM_F_FS_SPECIFIC_2 402 /* Darwin-fs-specific. */
#define BSM_F_FS_SPECIFIC_3 403 /* Darwin-fs-specific. */
#define BSM_F_FS_SPECIFIC_4 404 /* Darwin-fs-specific. */
#define BSM_F_FS_SPECIFIC_5 405 /* Darwin-fs-specific. */
#define BSM_F_FS_SPECIFIC_6 406 /* Darwin-fs-specific. */
#define BSM_F_FS_SPECIFIC_7 407 /* Darwin-fs-specific. */
#define BSM_F_FS_SPECIFIC_8 408 /* Darwin-fs-specific. */
#define BSM_F_FS_SPECIFIC_9 409 /* Darwin-fs-specific. */
#define BSM_F_FS_SPECIFIC_10 410 /* Darwin-fs-specific. */
#define BSM_F_FS_SPECIFIC_11 411 /* Darwin-fs-specific. */
#define BSM_F_FS_SPECIFIC_12 412 /* Darwin-fs-specific. */
#define BSM_F_FS_SPECIFIC_13 413 /* Darwin-fs-specific. */
#define BSM_F_FS_SPECIFIC_14 414 /* Darwin-fs-specific. */
#define BSM_F_FS_SPECIFIC_15 415 /* Darwin-fs-specific. */
#define BSM_F_UNKNOWN 0xFFFF
#endif /* !_BSM_AUDIT_FCNTL_H_ */

View File

@ -1,5 +1,5 @@
/*-
* Copyright (c) 2005 Apple Inc.
* Copyright (c) 2005-2009 Apple Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@ -26,12 +26,18 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
* $P4: //depot/projects/trustedbsd/openbsm/sys/bsm/audit_kevents.h#5 $
* $P4: //depot/projects/trustedbsd/openbsm/sys/bsm/audit_kevents.h#6 $
*/
#ifndef _BSM_AUDIT_KEVENTS_H_
#define _BSM_AUDIT_KEVENTS_H_
/*
* The reserved event numbers for kernel events are 1...2047 and 43001..44900.
*/
#define AUE_IS_A_KEVENT(e) (((e) > 0 && (e) < 2048) || \
((e) > 43000 && (e) < 45000))
/*
* Values marked as AUE_NULL are not required to be audited as per CAPP.
*
@ -588,6 +594,8 @@
#define AUE_FSGETPATH 43191 /* Darwin. */
#define AUE_PREAD 43192 /* Darwin/FreeBSD. */
#define AUE_PWRITE 43193 /* Darwin/FreeBSD. */
#define AUE_FSCTL 43194 /* Darwin. */
#define AUE_FFSCTL 43195 /* Darwin. */
/*
* Darwin BSM uses a number of AUE_O_* definitions, which are aliased to the
@ -673,12 +681,10 @@
#define AUE_CSOPS AUE_NULL
#define AUE_DUP AUE_NULL
#define AUE_FDATASYNC AUE_NULL
#define AUE_FFSCTL AUE_NULL
#define AUE_FGETATTRLIST AUE_NULL
#define AUE_FGETXATTR AUE_NULL
#define AUE_FLISTXATTR AUE_NULL
#define AUE_FREMOVEXATTR AUE_NULL
#define AUE_FSCTL AUE_NULL
#define AUE_FSETATTRLIST AUE_NULL
#define AUE_FSETXATTR AUE_NULL
#define AUE_FSTATFS64 AUE_NULL

View File

@ -1,5 +1,5 @@
/*-
* Copyright (c) 2005-2008 Apple Inc.
* Copyright (c) 2005-2009 Apple Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@ -26,7 +26,7 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
* $P4: //depot/projects/trustedbsd/openbsm/sys/bsm/audit_record.h#9 $
* $P4: //depot/projects/trustedbsd/openbsm/sys/bsm/audit_record.h#10 $
*/
#ifndef _BSM_AUDIT_RECORD_H_
@ -285,10 +285,12 @@ token_t *au_to_zonename(const char *zonename);
*/
int au_bsm_to_domain(u_short bsm_domain, int *local_domainp);
int au_bsm_to_errno(u_char bsm_error, int *errorp);
int au_bsm_to_fcntl_cmd(u_short bsm_fcntl_cmd, int *local_fcntl_cmdp);
int au_bsm_to_socket_type(u_short bsm_socket_type,
int *local_socket_typep);
u_short au_domain_to_bsm(int local_domain);
u_char au_errno_to_bsm(int local_errno);
u_short au_fcntl_cmd_to_bsm(int local_fcntl_command);
u_short au_socket_type_to_bsm(int local_socket_type);
__END_DECLS

View File

@ -1,8 +1,8 @@
# Makefile.in generated by automake 1.10 from Makefile.am.
# Makefile.in generated by automake 1.10.1 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@ -15,7 +15,7 @@
@SET_MAKE@
#
# $P4: //depot/projects/trustedbsd/openbsm/test/Makefile.in#7 $
# $P4: //depot/projects/trustedbsd/openbsm/test/Makefile.in#8 $
#
VPATH = @srcdir@
pkgdatadir = $(datadir)/@PACKAGE@
@ -78,6 +78,7 @@ CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DSYMUTIL = @DSYMUTIL@
ECHO = @ECHO@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
@ -102,6 +103,7 @@ MAINT = @MAINT@
MAKEINFO = @MAKEINFO@
MIG = @MIG@
MKDIR_P = @MKDIR_P@
NMEDIT = @NMEDIT@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
@ -165,6 +167,7 @@ sharedstatedir = @sharedstatedir@
srcdir = @srcdir@
sysconfdir = @sysconfdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
SUBDIRS = \
@ -284,8 +287,8 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
mkid -fID $$unique
tags: TAGS
@ -310,8 +313,8 @@ TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonempty = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
test -n "$$unique" || unique=$$empty_fix; \
$(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
@ -321,13 +324,12 @@ ctags: CTAGS
CTAGS: ctags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
$(TAGS_FILES) $(LISP)
tags=; \
here=`pwd`; \
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonempty = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
test -z "$(CTAGS_ARGS)$$tags$$unique" \
|| $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
$$tags $$unique

View File

@ -1,8 +1,8 @@
# Makefile.in generated by automake 1.10 from Makefile.am.
# Makefile.in generated by automake 1.10.1 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@ -15,7 +15,7 @@
@SET_MAKE@
#
# $P4: //depot/projects/trustedbsd/openbsm/test/bsm/Makefile.in#7 $
# $P4: //depot/projects/trustedbsd/openbsm/test/bsm/Makefile.in#8 $
#
VPATH = @srcdir@
@ -52,7 +52,7 @@ PROGRAMS = $(bin_PROGRAMS)
am_generate_OBJECTS = generate.$(OBJEXT)
generate_OBJECTS = $(am_generate_OBJECTS)
generate_DEPENDENCIES = $(top_builddir)/libbsm/libbsm.la
DEFAULT_INCLUDES = -I. -I$(top_builddir)/config@am__isrc@
DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)/config
depcomp = $(SHELL) $(top_srcdir)/config/depcomp
am__depfiles_maybe = depfiles
COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
@ -88,6 +88,7 @@ CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DSYMUTIL = @DSYMUTIL@
ECHO = @ECHO@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
@ -112,6 +113,7 @@ MAINT = @MAINT@
MAKEINFO = @MAKEINFO@
MIG = @MIG@
MKDIR_P = @MKDIR_P@
NMEDIT = @NMEDIT@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
@ -175,6 +177,7 @@ sharedstatedir = @sharedstatedir@
srcdir = @srcdir@
sysconfdir = @sysconfdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
@USE_NATIVE_INCLUDES_FALSE@INCLUDES = -I$(top_builddir) -I$(top_srcdir) -I$(top_srcdir)/sys
@ -223,8 +226,8 @@ install-binPROGRAMS: $(bin_PROGRAMS)
|| test -f $$p1 \
; then \
f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \
echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(bindir)/$$f'"; \
$(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(bindir)/$$f" || exit 1; \
echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(binPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(bindir)/$$f'"; \
$(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(binPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(bindir)/$$f" || exit 1; \
else :; fi; \
done
@ -286,8 +289,8 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
mkid -fID $$unique
tags: TAGS
@ -299,8 +302,8 @@ TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonempty = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
test -n "$$unique" || unique=$$empty_fix; \
$(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
@ -310,13 +313,12 @@ ctags: CTAGS
CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
$(TAGS_FILES) $(LISP)
tags=; \
here=`pwd`; \
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonempty = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
test -z "$(CTAGS_ARGS)$$tags$$unique" \
|| $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
$$tags $$unique

View File

@ -1,8 +1,8 @@
# Makefile.in generated by automake 1.10 from Makefile.am.
# Makefile.in generated by automake 1.10.1 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
# 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@ -15,7 +15,7 @@
@SET_MAKE@
#
# $P4: //depot/projects/trustedbsd/openbsm/tools/Makefile.in#10 $
# $P4: //depot/projects/trustedbsd/openbsm/tools/Makefile.in#11 $
#
VPATH = @srcdir@
@ -52,7 +52,7 @@ PROGRAMS = $(bin_PROGRAMS)
am_audump_OBJECTS = audump.$(OBJEXT)
audump_OBJECTS = $(am_audump_OBJECTS)
audump_DEPENDENCIES = $(top_builddir)/libbsm/libbsm.la
DEFAULT_INCLUDES = -I. -I$(top_builddir)/config@am__isrc@
DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)/config
depcomp = $(SHELL) $(top_srcdir)/config/depcomp
am__depfiles_maybe = depfiles
COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
@ -88,6 +88,7 @@ CXXFLAGS = @CXXFLAGS@
CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DSYMUTIL = @DSYMUTIL@
ECHO = @ECHO@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
@ -112,6 +113,7 @@ MAINT = @MAINT@
MAKEINFO = @MAKEINFO@
MIG = @MIG@
MKDIR_P = @MKDIR_P@
NMEDIT = @NMEDIT@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
@ -175,6 +177,7 @@ sharedstatedir = @sharedstatedir@
srcdir = @srcdir@
sysconfdir = @sysconfdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
@USE_NATIVE_INCLUDES_FALSE@INCLUDES = -I$(top_builddir) -I$(top_srcdir) -I$(top_srcdir)/sys
@ -223,8 +226,8 @@ install-binPROGRAMS: $(bin_PROGRAMS)
|| test -f $$p1 \
; then \
f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \
echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(bindir)/$$f'"; \
$(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(bindir)/$$f" || exit 1; \
echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(binPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(bindir)/$$f'"; \
$(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(binPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(bindir)/$$f" || exit 1; \
else :; fi; \
done
@ -286,8 +289,8 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
mkid -fID $$unique
tags: TAGS
@ -299,8 +302,8 @@ TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonempty = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
test -n "$$unique" || unique=$$empty_fix; \
$(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
@ -310,13 +313,12 @@ ctags: CTAGS
CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
$(TAGS_FILES) $(LISP)
tags=; \
here=`pwd`; \
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
$(AWK) '{ files[$$0] = 1; nonempty = 1; } \
END { if (nonempty) { for (i in files) print i; }; }'`; \
test -z "$(CTAGS_ARGS)$$tags$$unique" \
|| $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
$$tags $$unique

View File

@ -18,6 +18,7 @@ SRCS= bsm_audit.c \
bsm_domain.c \
bsm_errno.c \
bsm_event.c \
bsm_fcntl.c \
bsm_flags.c \
bsm_io.c \
bsm_mask.c \
@ -41,6 +42,7 @@ MAN= libbsm.3 \
au_domain.3 \
au_errno.3 \
au_event.3 \
au_fcntl_cmd.3 \
au_free_token.3 \
au_io.3 \
au_mask.3 \
@ -100,6 +102,8 @@ MLINKS= libbsm.3 bsm.3 \
au_event.3 getauevnum_r.3 \
au_event.3 getauevnonam.3 \
au_event.3 getauevnonam_r.3 \
au_fcntl_cmd.3 au_bsm_to_fcntl_cmd.3 \
au_fcntl_cmd.3 au_fcntl_cmd_t_bsm.3 \
au_io.3 au_fetch_tok.3 \
au_io.3 au_print_tok.3 \
au_io.3 au_read_rec.3 \

View File

@ -26,7 +26,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
* P4: //depot/projects/trustedbsd/openbsm/sys/bsm/audit_domain.h#1
* P4: //depot/projects/trustedbsd/openbsm/sys/bsm/audit_domain.h#2
* $FreeBSD$
*/
@ -88,7 +88,7 @@
#define BSM_PF_SCLUSTER 514 /* FreeBSD-specific. */
#define BSM_PF_ARP 515 /* FreeBSD-specific. */
#define BSM_PF_BLUETOOTH 516 /* FreeBSD-specific. */
#define BSM_PF_IEEE80211 517 /* FreeBSD-specific. */
/* 517: unallocated. */
#define BSM_PF_AX25 518 /* Linux-specific. */
#define BSM_PF_ROSE 519 /* Linux-specific. */
#define BSM_PF_NETBEUI 520 /* Linux-specific. */