Vendor import of OpenBSM 1.1p1, which incorporates the following changes
since the last imported OpenBSM release: OpenBSM 1.1p1 - Fixes to AUT_SOCKUNIX token parsing. - IPv6 support for au_to_me(3). - Improved robustness in the parsing of audit_control, especially long flags/naflags strings and whitespace in all fields. - Add missing conversion of a number of FreeBSD/Mac OS X errnos to/from BSM error number space. Obtained from: TrustedBSD Project Sponsored by: Apple, Inc.
This commit is contained in:
parent
a751bb7470
commit
5d171016e7
11
NEWS
11
NEWS
@ -1,5 +1,14 @@
|
||||
OpenBSM Version History
|
||||
|
||||
OpenBSM 1.1p1
|
||||
|
||||
- Fixes to AUT_SOCKUNIX token parsing.
|
||||
- IPv6 support for au_to_me(3).
|
||||
- Improved robustness in the parsing of audit_control, especially long
|
||||
flags/naflags strings and whitespace in all fields.
|
||||
- Add missing conversion of a number of FreeBSD/Mac OS X errnos to/from BSM
|
||||
error number space.
|
||||
|
||||
OpenBSM 1.1
|
||||
|
||||
- Change auditon(2) parameters and data structures to be 32/64-bit architecture
|
||||
@ -449,4 +458,4 @@ OpenBSM 1.0 alpha 1
|
||||
to support reloading of kernel event table.
|
||||
- Allow comments in /etc/security configuration files.
|
||||
|
||||
$P4: //depot/projects/trustedbsd/openbsm/NEWS#40 $
|
||||
$P4: //depot/projects/trustedbsd/openbsm/NEWS#42 $
|
||||
|
22
configure
vendored
22
configure
vendored
@ -1,7 +1,7 @@
|
||||
#! /bin/sh
|
||||
# From configure.ac P4: //depot/projects/trustedbsd/openbsm/configure.ac#51 .
|
||||
# From configure.ac P4: //depot/projects/trustedbsd/openbsm/configure.ac#52 .
|
||||
# Guess values for system-dependent variables and create Makefiles.
|
||||
# Generated by GNU Autoconf 2.62 for OpenBSM 1.1.
|
||||
# Generated by GNU Autoconf 2.62 for OpenBSM 1.1p1.
|
||||
#
|
||||
# Report bugs to <trustedbsd-audit@TrustesdBSD.org>.
|
||||
#
|
||||
@ -751,8 +751,8 @@ SHELL=${CONFIG_SHELL-/bin/sh}
|
||||
# Identity of this package.
|
||||
PACKAGE_NAME='OpenBSM'
|
||||
PACKAGE_TARNAME='openbsm'
|
||||
PACKAGE_VERSION='1.1'
|
||||
PACKAGE_STRING='OpenBSM 1.1'
|
||||
PACKAGE_VERSION='1.1p1'
|
||||
PACKAGE_STRING='OpenBSM 1.1p1'
|
||||
PACKAGE_BUGREPORT='trustedbsd-audit@TrustesdBSD.org'
|
||||
|
||||
ac_unique_file="bin/auditreduce/auditreduce.c"
|
||||
@ -1492,7 +1492,7 @@ if test "$ac_init_help" = "long"; then
|
||||
# Omit some internal or obsolete options to make the list less imposing.
|
||||
# This message is too long to be a string in the A/UX 3.1 sh.
|
||||
cat <<_ACEOF
|
||||
\`configure' configures OpenBSM 1.1 to adapt to many kinds of systems.
|
||||
\`configure' configures OpenBSM 1.1p1 to adapt to many kinds of systems.
|
||||
|
||||
Usage: $0 [OPTION]... [VAR=VALUE]...
|
||||
|
||||
@ -1562,7 +1562,7 @@ fi
|
||||
|
||||
if test -n "$ac_init_help"; then
|
||||
case $ac_init_help in
|
||||
short | recursive ) echo "Configuration of OpenBSM 1.1:";;
|
||||
short | recursive ) echo "Configuration of OpenBSM 1.1p1:";;
|
||||
esac
|
||||
cat <<\_ACEOF
|
||||
|
||||
@ -1671,7 +1671,7 @@ fi
|
||||
test -n "$ac_init_help" && exit $ac_status
|
||||
if $ac_init_version; then
|
||||
cat <<\_ACEOF
|
||||
OpenBSM configure 1.1
|
||||
OpenBSM configure 1.1p1
|
||||
generated by GNU Autoconf 2.62
|
||||
|
||||
Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001,
|
||||
@ -1685,7 +1685,7 @@ cat >config.log <<_ACEOF
|
||||
This file contains any messages produced by compilers while
|
||||
running configure, to aid debugging if configure makes a mistake.
|
||||
|
||||
It was created by OpenBSM $as_me 1.1, which was
|
||||
It was created by OpenBSM $as_me 1.1p1, which was
|
||||
generated by GNU Autoconf 2.62. Invocation command line was
|
||||
|
||||
$ $0 $@
|
||||
@ -19662,7 +19662,7 @@ fi
|
||||
|
||||
# Define the identity of the package.
|
||||
PACKAGE=OpenBSM
|
||||
VERSION=1.1
|
||||
VERSION=1.1p1
|
||||
|
||||
|
||||
cat >>confdefs.h <<_ACEOF
|
||||
@ -24400,7 +24400,7 @@ exec 6>&1
|
||||
# report actual input values of CONFIG_FILES etc. instead of their
|
||||
# values after options handling.
|
||||
ac_log="
|
||||
This file was extended by OpenBSM $as_me 1.1, which was
|
||||
This file was extended by OpenBSM $as_me 1.1p1, which was
|
||||
generated by GNU Autoconf 2.62. Invocation command line was
|
||||
|
||||
CONFIG_FILES = $CONFIG_FILES
|
||||
@ -24453,7 +24453,7 @@ Report bugs to <bug-autoconf@gnu.org>."
|
||||
_ACEOF
|
||||
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
|
||||
ac_cs_version="\\
|
||||
OpenBSM config.status 1.1
|
||||
OpenBSM config.status 1.1p1
|
||||
configured by $0, generated by GNU Autoconf 2.62,
|
||||
with options \\"`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`\\"
|
||||
|
||||
|
@ -2,8 +2,8 @@
|
||||
# Process this file with autoconf to produce a configure script.
|
||||
|
||||
AC_PREREQ(2.59)
|
||||
AC_INIT([OpenBSM], [1.1], [trustedbsd-audit@TrustesdBSD.org],[openbsm])
|
||||
AC_REVISION([$P4: //depot/projects/trustedbsd/openbsm/configure.ac#52 $])
|
||||
AC_INIT([OpenBSM], [1.1p1], [trustedbsd-audit@TrustesdBSD.org],[openbsm])
|
||||
AC_REVISION([$P4: //depot/projects/trustedbsd/openbsm/configure.ac#53 $])
|
||||
AC_CONFIG_SRCDIR([bin/auditreduce/auditreduce.c])
|
||||
AC_CONFIG_AUX_DIR(config)
|
||||
AC_CONFIG_HEADER([config/config.h])
|
||||
|
@ -1,5 +1,5 @@
|
||||
#
|
||||
# $P4: //depot/projects/trustedbsd/openbsm/etc/audit_event#39 $
|
||||
# $P4: //depot/projects/trustedbsd/openbsm/etc/audit_event#40 $
|
||||
#
|
||||
# The mapping between event identifiers and values is also hard-coded in
|
||||
# audit_kevents.h and audit_uevents.h, so changes must occur in both places,
|
||||
@ -555,6 +555,7 @@
|
||||
43193:AUE_PWRITE:pwrite(2):no
|
||||
43194:AUE_FSCTL:fsctl():fm
|
||||
43195:AUE_FFSCTL:ffsctl():fm
|
||||
43196:AUE_LPATHCONF:lpathconf(2):fa
|
||||
#
|
||||
# Solaris userspace events.
|
||||
#
|
||||
|
@ -26,7 +26,7 @@
|
||||
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||
* POSSIBILITY OF SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/libauditd/auditd_lib.c#10 $
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/libauditd/auditd_lib.c#11 $
|
||||
*/
|
||||
|
||||
#include <sys/param.h>
|
||||
@ -130,7 +130,7 @@ static char *auditd_errmsg[] = {
|
||||
|
||||
#define MAXERRCODE (sizeof(auditd_errmsg) / sizeof(auditd_errmsg[0]))
|
||||
|
||||
#define NA_EVENT_STR_SIZE 25
|
||||
#define NA_EVENT_STR_SIZE 128
|
||||
#define POL_STR_SIZE 128
|
||||
|
||||
|
||||
|
@ -27,7 +27,7 @@
|
||||
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||
* POSSIBILITY OF SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_control.c#33 $
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_control.c#34 $
|
||||
*/
|
||||
|
||||
#include <config/config.h>
|
||||
@ -121,9 +121,13 @@ getstrfromtype_locked(char *name, char **str)
|
||||
if (linestr[0] == '#')
|
||||
continue;
|
||||
|
||||
/* Remove trailing new line character. */
|
||||
if ((nl = strrchr(linestr, '\n')) != NULL)
|
||||
/* Remove trailing new line character and white space. */
|
||||
nl = strchr(linestr, '\0') - 1;
|
||||
while (nl >= linestr && ('\n' == *nl || ' ' == *nl ||
|
||||
'\t' == *nl)) {
|
||||
*nl = '\0';
|
||||
nl--;
|
||||
}
|
||||
|
||||
tokptr = linestr;
|
||||
if ((type = strtok_r(tokptr, delim, &last)) != NULL) {
|
||||
|
@ -26,7 +26,7 @@
|
||||
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||
* POSSIBILITY OF SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_errno.c#17 $
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_errno.c#19 $
|
||||
*/
|
||||
|
||||
#include <sys/types.h>
|
||||
@ -453,6 +453,104 @@ static const struct bsm_errno bsm_errnos[] = {
|
||||
{ BSM_ERRNO_EINPROGRESS, EINPROGRESS,
|
||||
ES("Operation now in progress") },
|
||||
{ BSM_ERRNO_ESTALE, ESTALE, ES("Stale NFS file handle") },
|
||||
{ BSM_ERRNO_EPROCLIM,
|
||||
#ifdef EPROCLIM
|
||||
EPROCLIM,
|
||||
#else
|
||||
ERRNO_NO_LOCAL_MAPPING,
|
||||
#endif
|
||||
ES("Too many processes") },
|
||||
{ BSM_ERRNO_EBADRPC,
|
||||
#ifdef EBADRPC
|
||||
EBADRPC,
|
||||
#else
|
||||
ERRNO_NO_LOCAL_MAPPING,
|
||||
#endif
|
||||
ES("RPC struct is bad") },
|
||||
{ BSM_ERRNO_ERPCMISMATCH,
|
||||
#ifdef ERPCMISMATCH
|
||||
ERPCMISMATCH,
|
||||
#else
|
||||
ERRNO_NO_LOCAL_MAPPING,
|
||||
#endif
|
||||
ES("RPC version wrong") },
|
||||
{ BSM_ERRNO_EPROGUNAVAIL,
|
||||
#ifdef EPROGUNAVAIL
|
||||
EPROGUNAVAIL,
|
||||
#else
|
||||
ERRNO_NO_LOCAL_MAPPING,
|
||||
#endif
|
||||
ES("RPC prog. not avail") },
|
||||
{ BSM_ERRNO_EPROGMISMATCH,
|
||||
#ifdef EPROGMISMATCH
|
||||
EPROGMISMATCH,
|
||||
#else
|
||||
ERRNO_NO_LOCAL_MAPPING,
|
||||
#endif
|
||||
ES("RPC version wrong") },
|
||||
{ BSM_ERRNO_EPROCUNAVAIL,
|
||||
#ifdef EPROCUNAVAIL
|
||||
EPROCUNAVAIL,
|
||||
#else
|
||||
ERRNO_NO_LOCAL_MAPPING,
|
||||
#endif
|
||||
ES("Bad procedure for program") },
|
||||
{ BSM_ERRNO_EFTYPE,
|
||||
#ifdef EFTYPE
|
||||
EFTYPE,
|
||||
#else
|
||||
ERRNO_NO_LOCAL_MAPPING,
|
||||
#endif
|
||||
ES("Inappropriate file type or format") },
|
||||
{ BSM_ERRNO_EAUTH,
|
||||
#ifdef EAUTH
|
||||
EAUTH,
|
||||
#else
|
||||
ERRNO_NO_LOCAL_MAPPING,
|
||||
#endif
|
||||
ES("Authenticateion error") },
|
||||
{ BSM_ERRNO_ENEEDAUTH,
|
||||
#ifdef ENEEDAUTH
|
||||
ENEEDAUTH,
|
||||
#else
|
||||
ERRNO_NO_LOCAL_MAPPING,
|
||||
#endif
|
||||
ES("Need authenticator") },
|
||||
{ BSM_ERRNO_ENOATTR,
|
||||
#ifdef ENOATTR
|
||||
ENOATTR,
|
||||
#else
|
||||
ERRNO_NO_LOCAL_MAPPING,
|
||||
#endif
|
||||
ES("Attribute not found") },
|
||||
{ BSM_ERRNO_EDOOFUS,
|
||||
#ifdef EDOOFUS
|
||||
EDOOFUS,
|
||||
#else
|
||||
ERRNO_NO_LOCAL_MAPPING,
|
||||
#endif
|
||||
ES("Programming error") },
|
||||
{ BSM_ERRNO_EJUSTRETURN,
|
||||
#ifdef EJUSTRETURN
|
||||
EJUSTRETURN,
|
||||
#else
|
||||
ERRNO_NO_LOCAL_MAPPING,
|
||||
#endif
|
||||
ES("Just return") },
|
||||
{ BSM_ERRNO_ENOIOCTL,
|
||||
#ifdef ENOIOCTL
|
||||
ENOIOCTL,
|
||||
#else
|
||||
ERRNO_NO_LOCAL_MAPPING,
|
||||
#endif
|
||||
ES("ioctl not handled by this layer") },
|
||||
{ BSM_ERRNO_EDIRIOCTL,
|
||||
#ifdef EDIRIOCTL
|
||||
EDIRIOCTL,
|
||||
#else
|
||||
ERRNO_NO_LOCAL_MAPPING,
|
||||
#endif
|
||||
ES("do direct ioctl in GEOM") },
|
||||
{ BSM_ERRNO_EPWROFF,
|
||||
#ifdef EPWROFF
|
||||
EPWROFF,
|
||||
|
@ -32,7 +32,7 @@
|
||||
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||
* POSSIBILITY OF SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_io.c#62 $
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_io.c#63 $
|
||||
*/
|
||||
|
||||
#include <sys/types.h>
|
||||
@ -3176,19 +3176,25 @@ print_sock_inet128_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
|
||||
|
||||
/*
|
||||
* socket family 2 bytes
|
||||
* path 104 bytes
|
||||
* path (up to) 104 bytes + NULL (NULL terminated string).
|
||||
*/
|
||||
static int
|
||||
fetch_sock_unix_tok(tokenstr_t *tok, u_char *buf, int len)
|
||||
{
|
||||
int err = 0;
|
||||
u_char *p;
|
||||
int slen;
|
||||
|
||||
|
||||
READ_TOKEN_U_INT16(buf, len, tok->tt.sockunix.family, tok->len, err);
|
||||
if (err)
|
||||
return (-1);
|
||||
|
||||
READ_TOKEN_BYTES(buf, len, tok->tt.sockunix.path, 104, tok->len,
|
||||
err);
|
||||
/* slen = strnlen((buf + tok->len), 104) + 1; */
|
||||
p = (u_char *)memchr((const void *)(buf + tok->len), '\0', 104);
|
||||
slen = (p ? (int)(p - (buf + tok->len)) : 104) + 1;
|
||||
|
||||
READ_TOKEN_BYTES(buf, len, tok->tt.sockunix.path, slen, tok->len, err);
|
||||
if (err)
|
||||
return (-1);
|
||||
|
||||
|
@ -30,7 +30,7 @@
|
||||
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||
* POSSIBILITY OF SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#91 $
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#93 $
|
||||
*/
|
||||
|
||||
#include <sys/types.h>
|
||||
@ -996,7 +996,7 @@ au_to_socket_ex(u_short so_domain, u_short so_type,
|
||||
/*
|
||||
* token ID 1 byte
|
||||
* socket family 2 bytes
|
||||
* path 104 bytes
|
||||
* path (up to) 104 bytes + NULL (NULL terminated string)
|
||||
*/
|
||||
token_t *
|
||||
au_to_sock_unix(struct sockaddr_un *so)
|
||||
@ -1270,12 +1270,27 @@ token_t *
|
||||
au_to_me(void)
|
||||
{
|
||||
auditinfo_t auinfo;
|
||||
auditinfo_addr_t aia;
|
||||
|
||||
if (getaudit(&auinfo) != 0)
|
||||
return (NULL);
|
||||
/*
|
||||
* Try to use getaudit_addr(2) first. If this kernel does not support
|
||||
* it, then fall back on to getaudit(2).
|
||||
*/
|
||||
if (getaudit_addr(&aia, sizeof(aia)) != 0) {
|
||||
if (errno == ENOSYS) {
|
||||
if (getaudit(&auinfo) != 0)
|
||||
return (NULL);
|
||||
return (au_to_subject32(auinfo.ai_auid, geteuid(),
|
||||
getegid(), getuid(), getgid(), getpid(),
|
||||
auinfo.ai_asid, &auinfo.ai_termid));
|
||||
} else {
|
||||
/* getaudit_addr(2) failed for some other reason. */
|
||||
return (NULL);
|
||||
}
|
||||
}
|
||||
|
||||
return (au_to_subject32(auinfo.ai_auid, geteuid(), getegid(),
|
||||
getuid(), getgid(), getpid(), auinfo.ai_asid, &auinfo.ai_termid));
|
||||
return (au_to_subject32_ex(aia.ai_auid, geteuid(), getegid(), getuid(),
|
||||
getgid(), getpid(), aia.ai_asid, &aia.ai_termid));
|
||||
}
|
||||
#endif
|
||||
|
||||
|
@ -26,9 +26,9 @@
|
||||
.\" IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||
.\" POSSIBILITY OF SUCH DAMAGE.
|
||||
.\"
|
||||
.\" $P4: //depot/projects/trustedbsd/openbsm/man/audit_control.5#22 $
|
||||
.\" $P4: //depot/projects/trustedbsd/openbsm/man/audit_control.5#23 $
|
||||
.\"
|
||||
.Dd January 29, 2009
|
||||
.Dd May 14, 2009
|
||||
.Dt AUDIT_CONTROL 5
|
||||
.Os
|
||||
.Sh NAME
|
||||
@ -94,7 +94,7 @@ Specifies when audit log files will expire and be removed.
|
||||
This may be after a time period has passed since the file was last
|
||||
written to or when the aggregate of all the trail files have reached a
|
||||
specified size or a combination of both.
|
||||
If no expire-after parameter is given then audit log files with not
|
||||
If no expire-after parameter is given then audit log files will not
|
||||
expire and be removed by the audit control system.
|
||||
See the information below for the format of the expiration
|
||||
specification.
|
||||
@ -217,7 +217,7 @@ The suffixes on the values are case sensitive.
|
||||
If both an age and disk space value are used they are seperated by
|
||||
AND or OR and both values are used to determine when audit
|
||||
log files expire.
|
||||
In the case of AND, both the age and disk space conditions must be meet
|
||||
In the case of AND, both the age and disk space conditions must be met
|
||||
before the log file is removed.
|
||||
In the case of OR, either condition may expire the log file.
|
||||
For example:
|
||||
@ -233,17 +233,18 @@ The following settings appear in the default
|
||||
file:
|
||||
.Bd -literal -offset indent
|
||||
dir:/var/audit
|
||||
flags:lo
|
||||
flags:lo,aa
|
||||
minfree:5
|
||||
naflags:lo
|
||||
naflags:lo,aa
|
||||
policy:cnt,argv
|
||||
filesz:2097152
|
||||
filesz:2M
|
||||
expire-after:10M
|
||||
.Ed
|
||||
.Pp
|
||||
The
|
||||
.Va flags
|
||||
parameter above specifies the system-wide mask corresponding to login/logout
|
||||
events.
|
||||
as well as authentication and authorization events.
|
||||
The
|
||||
.Va policy
|
||||
parameter specifies that the system should neither fail stop nor suspend
|
||||
@ -253,6 +254,7 @@ be audited for
|
||||
events.
|
||||
The trail file will be automatically rotated by the audit daemon when the
|
||||
file size reaches approximately 2MB.
|
||||
Trail files will expire when their aggregate size exceeds 10MB.
|
||||
.Sh FILES
|
||||
.Bl -tag -width ".Pa /etc/security/audit_control" -compact
|
||||
.It Pa /etc/security/audit_control
|
||||
|
@ -26,7 +26,7 @@
|
||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/sys/bsm/audit.h#9 $
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/sys/bsm/audit.h#10 $
|
||||
*/
|
||||
|
||||
#ifndef _BSM_AUDIT_H
|
||||
@ -172,6 +172,7 @@ typedef pid_t au_asid_t;
|
||||
typedef u_int16_t au_event_t;
|
||||
typedef u_int16_t au_emod_t;
|
||||
typedef u_int32_t au_class_t;
|
||||
typedef u_int64_t au_asflgs_t __attribute__ ((aligned (8)));
|
||||
|
||||
struct au_tid {
|
||||
dev_t port;
|
||||
@ -205,7 +206,7 @@ struct auditinfo_addr {
|
||||
au_mask_t ai_mask; /* Audit masks. */
|
||||
au_tid_addr_t ai_termid; /* Terminal ID. */
|
||||
au_asid_t ai_asid; /* Audit session ID. */
|
||||
u_int64_t ai_flags; /* Audit session flags. */
|
||||
au_asflgs_t ai_flags; /* Audit session flags. */
|
||||
};
|
||||
typedef struct auditinfo_addr auditinfo_addr_t;
|
||||
|
||||
@ -224,7 +225,7 @@ struct auditpinfo_addr {
|
||||
au_mask_t ap_mask; /* Audit masks. */
|
||||
au_tid_addr_t ap_termid; /* Terminal ID. */
|
||||
au_asid_t ap_asid; /* Audit session ID. */
|
||||
u_int64_t ap_flags; /* Audit session flags. */
|
||||
au_asflgs_t ap_flags; /* Audit session flags. */
|
||||
};
|
||||
typedef struct auditpinfo_addr auditpinfo_addr_t;
|
||||
|
||||
|
@ -26,7 +26,7 @@
|
||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/sys/bsm/audit_kevents.h#6 $
|
||||
* $P4: //depot/projects/trustedbsd/openbsm/sys/bsm/audit_kevents.h#8 $
|
||||
*/
|
||||
|
||||
#ifndef _BSM_AUDIT_KEVENTS_H_
|
||||
@ -596,6 +596,7 @@
|
||||
#define AUE_PWRITE 43193 /* Darwin/FreeBSD. */
|
||||
#define AUE_FSCTL 43194 /* Darwin. */
|
||||
#define AUE_FFSCTL 43195 /* Darwin. */
|
||||
#define AUE_LPATHCONF 43196 /* FreeBSD. */
|
||||
|
||||
/*
|
||||
* Darwin BSM uses a number of AUE_O_* definitions, which are aliased to the
|
||||
|
Loading…
Reference in New Issue
Block a user