notes since the last import:
OpenBSM 1.0 alpha 9
- Rename many OpenBSM-specific constants and API elements containing the
strings "BSM" and "bsm" to "AUDIT" and "audit", observing that this is true
for almost all existing constants and APIs.
- Instead of passing a per-instance cookie directly into all audit filter
APIs, pass in the audit filter daemon state pointer, which is then used by
the module using an audit_filter_{get,set}cookie() API. This will allow
future service APIs provided by the filter daemon to maintain their own
state -- for example, per-module preselection state.
OpenBSM 1.0 alpha 8
- Correct typo in definition of AUR_INT.
- Adopt OpenSolaris constant values for AUDIT_* configuration flags.
- Arguments to au_to_exec_args() and au_to_exec_env() no longer const.
- Add kernel versions of au_to_exec_args() and au_to_exec_env().
- Fix exec argument type that is printed for env strings from 'arg' to 'env'.
- New OpenBSM token version number assigned, constants added for other
commonly seen version numbers.
- OpenBSM-specific events assigned numbers in the 43xxx range to avoid future
collisions with Solaris. Darwin events renamed to AUE_DARWIN_foo, as they
are now deprecated numberings.
- autoconf now detects clock_gettime(), which is not available on Darwin.
- praudit output fixes relating to arg32 and arg64 tokens.
- Maximum record size updated to 64k-1 to match Solaris record size limit.
- Various style and comment cleanups in include files.
This is an MFC candidate to RELENG_6.
Obtained from: TrustedBSD Project
notes:
- Adopted Solaris-compatible format for subject32_ex and subject64_ex
tokens, which previously did not correctly implement variable length
address storage.
- Prefer inttypes.h to stdint.h; enhance queue.h detection to test for
TAILQ_FOREACH_SAFE(), which is present in recent BSD queue.h's, but not
older ones. OpenBSM now builds on some FreeBSD 4.x version.
- New event types for extended attributes, ACLs, and scheduling.
Obtained from: TrustedBSD Project
the CVS import, and suggest removing it for the real import, rather than
suggesting it for testing. This will hopefully prevent me (and others)
from making errors.
in http://www.iana.org/assignments/icmp-parameters. Thankfully
IANA's list aggrees with <netinet/ip_icmp.h>.
I've tried to do this in a way which is mostly consistent with
tcptraceroute and Debian's version of traceroute. However, sometimes
a letter is used twice by these versions, so I've gone with:
LBL tcptr Debian (chosen)
ICMP_UNREACH_NET !N !N !N !N
ICMP_UNREACH_HOST !H !H !H !H
ICMP_UNREACH_PROTOCOL !P !P !P !P
ICMP_UNREACH_PORT ! !p ! !
ICMP_UNREACH_NEEDFRAG !F-%d !F !F-<%d> !F-<%d>
ICMP_UNREACH_SRCFAIL !S !S !S !S
ICMP_UNREACH_NET_UNKNOWN !<%d> !U !<%d> !U
ICMP_UNREACH_HOST_UNKNOWN !<%d> !U !<%d> !W
ICMP_UNREACH_ISOLATED !<%d> !I !I !I
ICMP_UNREACH_NET_PROHIB !<%d> !A !A !A
ICMP_UNREACH_HOST_PROHIB !<%d> !C !C !Z
ICMP_UNREACH_TOSNET !<%d> !T !T !Q
ICMP_UNREACH_TOSHOST !<%d> !T !T !T
ICMP_UNREACH_FILTER_PROHIB !X !A !A !X
ICMP_UNREACH_HOST_PRECEDENCE !V !<%d> !V !V
ICMP_UNREACH_PRECEDENCE_CUTOFF !C !<%d> !C !C
Graham Wilson is planning to use the same codes in Debian's version.
MFC after: 3 weeks
non-shared object, do not reserve space in .plt and .rela.plt
for regular symbols neither defined nor referenced in shared objects.
This is a backport of rev. 1.101 (sourceware.org repository) to
Binutils 2.15 which fixes the creation of bogus relocations in the
PLT of Firefox and Thunderbird binaries and which in turn caused
them to segfault in rtld(1). This is committed to the vendor branch
as it doesn't represent a local change but the original vendor fix
is from after elf_link_hash_flags was replaced with bitfields.
PR: sparc64/89486
Approved by: maintainer timeout
Obtained from: NetBSD
MFC after: 1 week
