3fc61fcaeb
notes since the last import: OpenBSM 1.0 alpha 11 - Reclassify certain read/write operations as having no class rather than the fr/fw class; our default classes audit intent (open) not operations (read, write). - Introduce AUE_SYSCTL_WRITE event so that BSD/Darwin systems can audit reads and writes of sysctls as separate events. Add additional kernel environment and jail events for FreeBSD. - Break AUDIT_TRIGGER_OPEN_NEW into two events, AUDIT_TRIGGER_ROTATE_USER (issued by the user audit(8) tool) and AUDIT_TRIGGER_ROTATE_KERNEL (issued by the kernel audit implementation) so that they can be distinguished. - Disable rate limiting of rotate requests; as the kernel doesn't retransmit a dropped request, the log file will otherwise grow indefinitely if the trigger is dropped. - Improve auditd debugging output. - Fix a number of threading related bugs in audit_control file reading routines. - Add APIs au_poltostr() and au_strtopol() to convert between text representations of audit_control policy flags and the flags passed to auditon(A_SETPOLICY) and retrieved from auditon(A_GETPOLICY). - Add API getacpol() to return the 'policy:' entry from audit_control, an extension to the Solaris file format to allow specification of policy persistent flags. - Update audump to print the audit_control policy field. - Update auditd to read the audit_control policy field and set the kernel policy to match it when configuring/reconfiguring. Remove the -s and -h arguments as these policies are now set via the configuration file. If a policy line is not found in the configuration file, continue with the current default of setting AUDIT_CNT. - Fix bugs in the parsing of large execve(2) arguments and environmental variable tokens; increase maximum parsed argument and variable count. - configure now detects strlcat(), used by policy-related functions. - Reference token and record sample files added to test tree. Obtained from: TrustedBSD Project |
||
---|---|---|
.. | ||
au_class.3 | ||
au_control.3 | ||
au_event.3 | ||
au_free_token.3 | ||
au_io.3 | ||
au_mask.3 | ||
au_open.3 | ||
au_token.3 | ||
au_user.3 | ||
audit_submit.3 | ||
bsm_audit.c | ||
bsm_class.c | ||
bsm_control.c | ||
bsm_event.c | ||
bsm_flags.c | ||
bsm_io.c | ||
bsm_mask.c | ||
bsm_notify.c | ||
bsm_token.c | ||
bsm_user.c | ||
bsm_wrappers.c | ||
libbsm.3 | ||
Makefile | ||
Makefile.am | ||
Makefile.in |