1aa0e1022d
- Man page formatting improvements. - A number of new audit event identifiers for FreeBSD, Linux, and POSIX.1b events. - Remove 'tfm' class, unused in OpenBSM. Obtained from: TrustedBSD Project
76 lines
4.0 KiB
Plaintext
76 lines
4.0 KiB
Plaintext
OpenBSM 1.0 alpha 2
|
|
|
|
- Man page formatting improvements.
|
|
- A number of new audit event identifiers for FreeBSD, Linux, and POSIX.1b
|
|
events.
|
|
- Remove 'tfm' class, unused in OpenBSM.
|
|
|
|
OpenBSM 1.0 alpha 1
|
|
|
|
- Import of Darwin74 BSM drop
|
|
- Use 'syslog' for audit log warnings, rather than echoing to a file in
|
|
audit_warn.
|
|
- Compile using BSD make infrastructure.
|
|
- Integrate bsm/ include files from Darwin74 XNU drop into OpenBSM.
|
|
- Narrow set of symbols and defines that are exposed in user space: don't
|
|
compile in code relying on kernel-only types such as 'struct socket'.
|
|
- Add README, including basic build documentation.
|
|
- Compilation of Apple-specific notify and Machroutines now #ifdef __APPLE__.
|
|
- Staticize libbsm global variables to avoid leakage into application.
|
|
- Add free_au_user_ent() so that au_user_ent's don't have to be leaked.
|
|
- Clean up bogus nul-termination checks in libbsm.
|
|
- Add libbsm API man pages: au_class.3 au_control.3 au_event.3
|
|
au_free_token.3 au_io.3 au_mask.3 au_token.3 au_user.3 libbsm.3.
|
|
- Add man pages for BSM system calls: audit.2 auditctl.2 auditon.2 getaudit.2
|
|
getauid.2 setaudit.2 setauid.2
|
|
- Modify various libbsm interfaces to more consistently return 'errno' values
|
|
on failure.
|
|
- Break out au_close() into constituent parts, allowing records to be written
|
|
to memory as well as files.
|
|
- Prefix various defines with 'BSM_' to reduce name space pollution.
|
|
- Added audit_internal.h, which can be used by a kernel audit implementation
|
|
wanting to rely on libbsm components.
|
|
- Build with warnings, and eliminate warnings.
|
|
- Make libbsm endian-independent, storing and reading BSM are big endian
|
|
(network byte order) rather than native byte order. More consistently
|
|
print IP addresses using the IP address print routine. These changes
|
|
make use of sys/endian.h from *BSD; since this isn't present on Darwin,
|
|
add it to OpenBSM as compat/endian.h, which is used only on Darwin.
|
|
- Import of Darwin80 BSM drop, including 64-bit file IDs, better
|
|
documentation of private APIs, and bug fixes.
|
|
- White space cleanup.
|
|
- Add audit.log.5, a first cut at a man page documenting the BSM file format.
|
|
- Teach au_read_rec() to recognize stand-alone file tokens, which are present
|
|
at the beginning and end of Solaris audit trails. Technically, these
|
|
appear to violate the high level BSM spec, which suggests that all tokens
|
|
are present in records, but need to be supported.
|
|
- Implement HEADER64, ATTR64, SUBJECT64 token types, which make it possible
|
|
to run praudit(1) on basic Solaris BSM streams.
|
|
- Switched to Solaris spelling of token names; Darwin spellings are now
|
|
deprecated and will be removed in a future version of OpenBSM.
|
|
- Adopt Solaris model for representing IPv4 and IPv6 addresses.
|
|
- Prefer C99 types.
|
|
- Attempt to universally adopt the BSD style(9) coding style for
|
|
consistency.
|
|
- auditreduce(1) now has a usage message.
|
|
- Update support for auditctl(2) system call to support FreeBSD.
|
|
- Add support for /dev/audit as the trigger source on FreeBSD.
|
|
- Add additional event types for Darwin, FreeBSD, and Solaris. Annotate
|
|
conflicts (there are a few, unfortunately). Correct spellings, comment,
|
|
sort, etc. These include {get,set}res[ug]id(), sendfile(), lchflags(),
|
|
eaccess(), kqueue(), kevent(), poll(), lchmod().
|
|
- Relicensed under a BSD license, many thanks to Apple, Inc!
|
|
- Many bug fixes, cleanups, thread safety in the class, control, event,
|
|
and user system audit databases. Annotate some persisting atomicity
|
|
bugs associated with the API and implementation.
|
|
- Add audump test tool.
|
|
- Adopt OpenSolaris BSM API memory semantics: caller allocates memory,
|
|
or static memory is returned for non-_r() versions of API calls.
|
|
_free() calls dropped as a result, and source code compatibility with
|
|
OpenSolaris improved significantly.
|
|
- Annotate BSM events with origin OS and compatibility information.
|
|
- auditd(8), audit(8) added to the OpenBSM distribution. auditd extended
|
|
to support reloading of kernel event table.
|
|
|
|
$P4: //depot/projects/trustedbsd/openbsm/CHANGELOG#7 $
|