3b97a967e1
- Update install notes to indicate /etc files are to be installed manually. - On systems without LOG_SECURITY, use LOG_AUTH. - Convert to autoconf/automake in order to move to a more portable (not BSD-specific) build infrastructure, and more easy conditional building of components. Currently, the primary feature loss is that automake does not have native support for manual symlinks. This will be addressed in a future OpenBSM release. - Add compat/queue.h, to be used on systems dated BSD queue macro libraries (as found on Linux). - Rename CHANGELOG to HISTORY, as our change log doesn't follow some of the existing conventions for a CHANGELOG. - Some private data structures moved from audit.h to audit_internal.h to prevent inappropriate use by applications and name space pollution. - Improved detection and use of endian macros using autoconf. - Avoid non-portable use of struct in6_addr, which is largely opaque. - Avoid leaking BSD kernel socket related token code to user space in bsm_token.c. - Teach System V IPC calls to look for Linux naming variations for certain struct ipc_perm fields. - Test for audit system calls, and if not present, don't build bsm_wrappers.c, bsm_notify.c, audit(8), and auditd(8), which rely on those system calls. - au_close() is not implemented on systems that don't have audit system calls, but au_close_buffer() is. - Work around missing BSDisms in bsm_wrapper.c. - Fix nested includes so including libbsm.h in an application on Linux picks up the necessary definitions. Obtained from: TrustedBSD Project
99 lines
3.1 KiB
Plaintext
99 lines
3.1 KiB
Plaintext
OpenBSM 1.0
|
|
|
|
Introduction
|
|
|
|
OpenBSM provides an open source implementation of Sun's BSM Audit API.
|
|
Originally created under contract to Apple Computer by McAfee Research,
|
|
this implementation is now maintained by volunteers and the generous
|
|
contribution of several organizations. Coupled with a kernel audit
|
|
implementation, OpenBSM can be used to maintain system audit streams, and
|
|
is a foundation for an Audit-enabled system.
|
|
|
|
Contents
|
|
|
|
OpenBSM consists of several directories:
|
|
|
|
bin/ Audit-related command line tools
|
|
bsm/ System include files for BSM
|
|
etc/ Sample /etc/security configuration files
|
|
libbsm/ Implementation of BSM library interfaces and man pages
|
|
man/ System call and configuration file man pages
|
|
|
|
OpenBSM currently builds on FreeBSD and Darwin. With Makefile adjustment
|
|
and minor tweaks, it should build without problems on a broad range of
|
|
POSIX-like systems.
|
|
|
|
Building
|
|
|
|
OpenBSM is currently built using autoconf and automake, which should allow
|
|
for building on a range of operating systems, including FreeBSD, Mac OS X,
|
|
and Linux. Depending on the availability of audit facailities in the
|
|
underlying operating system, some components that depend on kernel audit
|
|
support are built conditionally. Typically, build will be performed using
|
|
|
|
./configure
|
|
make
|
|
|
|
To install, use:
|
|
|
|
make install
|
|
|
|
You may wish to specify that the OpenBSM components not be installed in the
|
|
base system, rather in a specific directory. This may be done using the
|
|
--prefix argument to configure. If installing to a specific directory,
|
|
remember to update your library path so that running tools from that
|
|
directory the correct libbsm is used:
|
|
|
|
./configure --prefix=/home/rwatson/openbsm
|
|
make
|
|
make install
|
|
LD_LIBRARY_PATH=/home/rwatson/openbsm/libbsm ; export LD_LIBRARY_PATH
|
|
|
|
You will need to manually propagate openbsm/etc/* into /etc on your system;
|
|
this is not done automatically so as to avoid disrupting the current
|
|
configuration. Currently, the locations of these files is not
|
|
configurable.
|
|
|
|
Credits
|
|
|
|
The following organizations and individuals have contributed substantially
|
|
to the development of OpenBSM:
|
|
|
|
Apple Computer, Inc.
|
|
McAfee Research, McAfee, Inc.
|
|
SPARTA, Inc.
|
|
Robert Watson
|
|
Wayne Salamon
|
|
Suresh Krishnaswamy
|
|
Kevin Van Vechten
|
|
Tom Rhodes
|
|
Wojciech Koszek
|
|
Chunyang Yuan
|
|
Poul-Henning Kamp
|
|
Christian Brueffer
|
|
Olivier Houchard
|
|
Christian Peron
|
|
Martin Fong
|
|
|
|
In addition, Coverity, Inc.'s Prevent(tm) static analysis tool and Gimpel
|
|
Software's FlexeLint tool were used to identify a number of bugs in the
|
|
OpenBSM implementation.
|
|
|
|
Contributions
|
|
|
|
The TrustedBSD Project would appreciate the contribution of bug fixes,
|
|
enhancements, etc, under identically or substantially similar licenses to
|
|
those present on the remainder of the OpenBSM source code.
|
|
|
|
Location
|
|
|
|
Information on OpenBSM may be found on the OpenBSM home page:
|
|
|
|
http://www.OpenBSM.org/
|
|
|
|
Information on TrustedBSD may be found on the TrustedBSD home page:
|
|
|
|
http://www.TrustedBSD.org/
|
|
|
|
$P4: //depot/projects/trustedbsd/openbsm/README#16 $
|