Import OpenBSM 1.0 alpha 2, a minor update on alpha 1:

- Man page formatting improvements. - A number of new audit event identifiers for FreeBSD, Linux, and POSIX.1b events. - Remove 'tfm' class, unused in OpenBSM. Obtained from: TrustedBSD Project
2006-02-04 13:17:48 +00:00 · 2006-02-04 13:17:48 +00:00 · 742561f0d7
commit 742561f0d7
parent ca0716f571
8 changed files with 58 additions and 22 deletions
--- a/contrib/openbsm/CHANGELOG
+++ b/contrib/openbsm/CHANGELOG
@ -1,4 +1,11 @@
-OpenBSM 1.0
+OpenBSM 1.0 alpha 2
+
+- Man page formatting improvements.
+- A number of new audit event identifiers for FreeBSD, Linux, and POSIX.1b
+  events.
+- Remove 'tfm' class, unused in OpenBSM.
+
+OpenBSM 1.0 alpha 1

 - Import of Darwin74 BSM drop
 - Use 'syslog' for audit log warnings, rather than echoing to a file in
@ -64,6 +71,5 @@ OpenBSM 1.0
 - Annotate BSM events with origin OS and compatibility information.
 - auditd(8), audit(8) added to the OpenBSM distribution.  auditd extended
  to support reloading of kernel event table.
- Allow comments in /etc/security configuration files.

-$P4: //depot/projects/trustedbsd/openbsm/CHANGELOG#6 $
+$P4: //depot/projects/trustedbsd/openbsm/CHANGELOG#7 $
--- a/contrib/openbsm/VERSION
+++ b/contrib/openbsm/VERSION
@ -1 +1 @@
-OPENBSM_1_0_ALPHA_1
+OPENBSM_1_0_ALPHA_2
--- a/contrib/openbsm/bin/audit/audit.8
+++ b/contrib/openbsm/bin/audit/audit.8
@ -29,7 +29,7 @@
 .\" 
 .\" @APPLE_BSD_LICENSE_HEADER_END@
 .\"
-.\" $P4: //depot/projects/trustedbsd/openbsm/bin/audit/audit.8#2 $
+.\" $P4: //depot/projects/trustedbsd/openbsm/bin/audit/audit.8#4 $
 .\"
 .Dd Jan 24, 2004
 .Dt AUDIT 8
@ -44,10 +44,11 @@
 .Sh DESCRIPTION
 The
 .Nm 
-utility controls the state of auditing system. The optional
+utility controls the state of the audit system.
+The optional
 .Ar file
 operand specifies the location of the audit control input file (default
-/etc/security/audit_control).  
+.Pa /etc/security/audit_control ).
 .Pp
 The options are as follows:
 .Bl -tag -width Ds
@ -56,10 +57,11 @@ Forces the audit system to close the existing audit log file and rotate to
 a new log file in a location specified in the audit control file.
 .It Fl s
 Specifies that the audit system should [re]synchronize its
-configuration from the audit control file.  A new log file will be
-created.
+configuration from the audit control file.
+A new log file will be created.
 .It Fl t
-Specifies that the audit system should terminate.  Log files are closed
+Specifies that the audit system should terminate.
+Log files are closed
 and renamed to indicate the time of the shutdown.
 .El
 .Sh NOTES
--- a/contrib/openbsm/bin/auditreduce/auditreduce.1
+++ b/contrib/openbsm/bin/auditreduce/auditreduce.1
@ -25,7 +25,7 @@
 .\" IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 .\" POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $P4: //depot/projects/trustedbsd/openbsm/bin/auditreduce/auditreduce.1#6 $
+.\" $P4: //depot/projects/trustedbsd/openbsm/bin/auditreduce/auditreduce.1#8 $
 .\"
 .Dd Jan 24, 2004
 .Dt AUDITREDUCE 1
@ -84,7 +84,7 @@ Select records that occurred on a given date.
 This option cannot be used with
 .Fl a
 or
-.Fl b
+.Fl b .
 .It Fl e Ar euid
 Select records with the given effective user id or name.
 .It Fl f Ar egid
--- a/contrib/openbsm/bsm/audit_kevents.h
+++ b/contrib/openbsm/bsm/audit_kevents.h
@ -30,7 +30,7 @@
 *
 * @APPLE_BSD_LICENSE_HEADER_END@
 *
- * $P4: //depot/projects/trustedbsd/openbsm/bsm/audit_kevents.h#29 $
+ * $P4: //depot/projects/trustedbsd/openbsm/bsm/audit_kevents.h#34 $
 */

 #ifndef _BSM_AUDIT_KEVENTS_H_
@ -45,7 +45,6 @@
 * been inserted for the Darwin variants.  If necessary, other tags will be
 * added in the future.
 */
-
 #define	AUE_NULL		0
 #define	AUE_EXIT		1
 #define	AUE_FORK		2
@ -358,7 +357,32 @@
 #define	AUE_KQUEUE		377	/* FreeBSD-specific. */
 #define	AUE_KEVENT		378	/* FreeBSD-specific. */
 #define	AUE_FSYNC		379
-#define AUE_NMOUNT		380	/* FreeBSD-specific. */
+#define	AUE_NMOUNT		380	/* FreeBSD-specific. */
+#define	AUE_BDFLUSH		381	/* Linux-specific. */
+#define	AUE_SETFSUID		382	/* Linux-specific. */
+#define	AUE_GETFSUID		383	/* Linux-specific. */
+#define	AUE_PERSONALITY		384	/* Linux-specific. */
+#define	AUE_SCHED_GETSCHEDULER	385	/* POSIX.1b. */
+#define	AUE_SCHED_SETSCHEDULER	386	/* POSIX.1b. */
+#define	AUE_PRCTL		387	/* Linux-specific. */
+#define	AUE_GETCWD		388	/* FreeBSD/Linux-specific. */
+#define	AUE_CAPGET		389	/* Linux-specific. */
+#define	AUE_CAPSET		390	/* Linux-specific. */
+#define	AUE_PIVOT_ROOT		391	/* Linux-specific. */
+#define	AUE_RTPRIO		392	/* FreeBSD-specific. */
+#define	AUE_SCHED_GETPARAM	393	/* POSIX.1b. */
+#define	AUE_SCHED_SETPARAM	394	/* POSIX.1b. */
+#define	AUE_SCHED_GET_PRIORITY_MAX	395	/* POSIX.1b. */
+#define	AUE_SCHED_GET_PRIORITY_MIN	396	/* POSIX.1b. */
+#define	AUE_SCHED_RR_GET_INTERVAL	397	/* POSIX.1b. */
+#define	AUE_ACL_GET_FILE		398	/* FreeBSD. */
+#define	AUE_ACL_SET_FILE		399	/* FreeBSD. */
+#define	AUE_ACL_GET_FD			400	/* FreeBSD. */
+#define	AUE_ACL_SET_FD			401	/* FreeBSD. */
+#define	AUE_ACL_DELETE_FILE		402	/* FreeBSD. */
+#define	AUE_ACL_DELETE_FD		403	/* FreeBSD. */
+#define	AUE_ACL_CHECK_FILE		404	/* FreeBSD. */
+#define	AUE_ACL_CHECK_FD		405	/* FreeBSD. */

 /*
 * Darwin BSM uses a number of AUE_O_* definitions, which are aliased to the
@ -467,6 +491,8 @@
 #define	AUE_MUNLOCKALL		AUE_NULL
 #define	AUE_PREAD		AUE_NULL
 #define	AUE_PWRITE		AUE_NULL
+#define	AUE_PREADV		AUE_NULL
+#define	AUE_PWRITEV		AUE_NULL
 #define	AUE_SBRK		AUE_NULL
 #define	AUE_SELECT		AUE_NULL
 #define	AUE_SEMDESTROY		AUE_NULL
--- a/contrib/openbsm/etc/audit_class
+++ b/contrib/openbsm/etc/audit_class
@ -1,5 +1,5 @@
 #
-# $P4: //depot/projects/trustedbsd/openbsm/etc/audit_class#3 $
+# $P4: //depot/projects/trustedbsd/openbsm/etc/audit_class#4 $
 #
 # This file must match audit.h
 #
@ -17,7 +17,6 @@
 0x00000400:na:non attributable
 0x00000800:ad:administrative
 0x00001000:lo:login_logout
-0x00002000:tf:tfm
 0x00004000:ap:application
 0x20000000:io:ioctl
 0x40000000:ex:exec
--- a/contrib/openbsm/etc/audit_control
+++ b/contrib/openbsm/etc/audit_control
@ -1,7 +1,7 @@
 #
-# $P4: //depot/projects/trustedbsd/openbsm/etc/audit_control#2 $
+# $P4: //depot/projects/trustedbsd/openbsm/etc/audit_control#3 $
 #
 dir:/var/audit
-flags:lo,ad,-all,^-fa,^-fc,^-cl
+flags:lo
 minfree:20
 naflags:lo
--- a/contrib/openbsm/man/audit.log.5
+++ b/contrib/openbsm/man/audit.log.5
@ -23,7 +23,7 @@
 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 .\" SUCH DAMAGE.
 .\"
-.\" $P4: //depot/projects/trustedbsd/openbsm/man/audit.log.5#6 $
+.\" $P4: //depot/projects/trustedbsd/openbsm/man/audit.log.5#7 $
 .\"
 .Dd May 1, 2005
 .Dt AUDIT.LOG 5
@ -304,7 +304,8 @@ or
 .It Li "Terminal Machine Address" Ta "4 bytes" Ta "IP address of machine"
 .El
 .Ss Expanded Process Token
-The .Dv expanded process
+The
+.Dv expanded process
 token contains the contents of the
 .Dv process
 token, with the addition of a machine address type and variable length
@ -411,7 +412,8 @@ token ...
 .Bl -column -offset ind ".Sy Field Name Width XX" ".Sy XX Bytes XXXX" ".Sy Description"
 .It Sy "Field" Ta Sy Bytes Ta Sy Description
 .It Li "Token ID" Ta "1 byte" Ta "Token ID"
-.It Li XXXXX
+.It Li "object ID type" Ta "1 byte" Ta "Object ID"
+.It Li "Object ID" Ta "4 bytes" Ta "Object ID"
 .El
 .Ss Text Token
 The
@ -591,6 +593,7 @@ token ...
 .It Li XXXXX
 .El
 .Sh SEE ALSO
+.Xr audit 8,
 .Xr libbsm 3
 .Sh AUTHORS
 The Basic Security Module (BSM) interface to audit records and audit event