Robert Watson 5e386598a6 Merge OpenBSM 1.2-alpha5 from vendor branch to FreeBSD -CURRENT:
- Add a new "qsize" parameter in audit_control and the getacqsize(3) API to
  query it, allowing to set the kernel's maximum audit queue length.
- Add support to push a mapping between audit event names and event numbers
  into the kernel (where supported) using new A_GETEVENT and A_SETEVENT
  auditon(2) operations.
- Add audit event identifiers for a number of new (and not-so-new) FreeBSD
  system calls including those for asynchronous I/O, thread management, SCTP,
  jails, multi-FIB support, and misc. POSIX interfaces such as
  posix_fallocate(2) and posix_fadvise(2).
- On operating systems supporting Capsicum, auditreduce(1) and praudit(1) now
  run sandboxed.
- Empty "flags" and "naflags" fields are now permitted in audit_control(5).

Many thanks to Christian Brueffer for producing the OpenBSM release and
importing/tagging it in the vendor branch.  This release will allow improved
auditing of a range of new FreeBSD functionality, as well as non-traditional
events (e.g., fine-grained I/O auditing) not required by the Orange Book or
Common Criteria.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, AFRL
MFC after:	3 weeks
2017-03-26 21:14:49 +00:00

184 lines
4.9 KiB
Makefile

#
# $FreeBSD$
#
PACKAGE= lib${LIB}
OPENBSMDIR= ${SRCTOP}/contrib/openbsm
_LIBBSMDIR= ${OPENBSMDIR}/libbsm
LIB= bsm
SHLIB_MAJOR= 3
.PATH: ${_LIBBSMDIR}
.PATH: ${OPENBSMDIR}/bsm
.PATH: ${OPENBSMDIR}/man
SRCS= bsm_audit.c \
bsm_class.c \
bsm_control.c \
bsm_domain.c \
bsm_errno.c \
bsm_event.c \
bsm_fcntl.c \
bsm_flags.c \
bsm_io.c \
bsm_mask.c \
bsm_notify.c \
bsm_socket_type.c \
bsm_token.c \
bsm_user.c \
bsm_wrappers.c
#
# Must use BSM include files from within the contrib area, not the system.
#
CFLAGS+= -I${OPENBSMDIR} -I${_LIBBSMDIR}
WARNS?= 1
INCS= audit_uevents.h libbsm.h
INCSDIR= ${INCLUDEDIR}/bsm
MAN= libbsm.3 \
au_class.3 \
au_control.3 \
au_domain.3 \
au_errno.3 \
au_event.3 \
au_fcntl_cmd.3 \
au_free_token.3 \
au_io.3 \
au_mask.3 \
au_notify.3 \
au_open.3 \
au_socket_type.3 \
au_token.3 \
au_user.3 \
audit_submit.3
#
# It seems like maybe some of these should be installed separately, since
# they're not all libbsm parts.
#
MAN+= audit.2 \
audit.log.5 \
audit_class.5 \
audit_control.5 \
audit_event.5 \
audit_user.5 \
audit_warn.5 \
auditctl.2 \
auditon.2 \
getaudit.2 \
getauid.2 \
setaudit.2 \
setauid.2
MLINKS= libbsm.3 bsm.3 \
au_class.3 getauclassent.3 \
au_class.3 getauclassent_r.3 \
au_class.3 getauclassnam.3 \
au_class.3 getauclassnam_3.3 \
au_class.3 setauclass.3 \
au_class.3 endauclass.3 \
au_control.3 setac.3 \
au_control.3 endac.3 \
au_control.3 getacdir.3 \
au_control.3 getacmin.3 \
au_control.3 getacfilesz.3 \
au_control.3 getacflg.3 \
au_control.3 getacna.3 \
au_control.3 getacpol.3 \
au_control.3 getacqsize.3 \
au_control.3 au_poltostr.3 \
au_control.3 au_strtopol.3 \
au_domain.3 au_bsm_to_domain.3 \
au_domain.3 au_domain_to_bsm.3 \
au_errno.3 au_bsm_to_errno.3 \
au_errno.3 au_errno_to_bsm.3 \
au_errno.3 au_strerror.3 \
au_event.3 setauevent.3 \
au_event.3 endauevent.3 \
au_event.3 getauevent.3 \
au_event.3 getauevent_r.3 \
au_event.3 getauevnam.3 \
au_event.3 getauevnam_r.3 \
au_event.3 getauevnum.3 \
au_event.3 getauevnum_r.3 \
au_event.3 getauevnonam.3 \
au_event.3 getauevnonam_r.3 \
au_fcntl_cmd.3 au_bsm_to_fcntl_cmd.3 \
au_fcntl_cmd.3 au_fcntl_cmd_t_bsm.3 \
au_io.3 au_fetch_tok.3 \
au_io.3 au_print_tok.3 \
au_io.3 au_read_rec.3 \
au_mask.3 au_preselect.3 \
au_mask.3 getauditflagsbin.3 \
au_mask.3 getauditflagschar.3 \
au_notify.3 au_get_state.3 \
au_notify.3 au_notify_initialize.3 \
au_notify.3 au_notify_terminate.3 \
au_open.3 au_close.3 \
au_open.3 au_close_buffer.3 \
au_open.3 au_close_token.3 \
au_open.3 au_write.3 \
au_socket_type.3 au_bsm_to_socket_type.3 \
au_socket_type.3 au_socket_type_to_bsm.3 \
au_token.3 au_to_arg32.3 \
au_token.3 au_to_arg64.3 \
au_token.3 au_to_arg.3 \
au_token.3 au_to_attr64.3 \
au_token.3 au_to_data.3 \
au_token.3 au_to_exit.3 \
au_token.3 au_to_groups.3 \
au_token.3 au_to_newgroups.3 \
au_token.3 au_to_in_addr.3 \
au_token.3 au_to_in_addr_ex.3 \
au_token.3 au_to_ip.3 \
au_token.3 au_to_ipc.3 \
au_token.3 au_to_ipc_perm.3 \
au_token.3 au_to_iport.3 \
au_token.3 au_to_opaque.3 \
au_token.3 au_to_file.3 \
au_token.3 au_to_text.3 \
au_token.3 au_to_path.3 \
au_token.3 au_to_process32.3 \
au_token.3 au_to_process64.3 \
au_token.3 au_to_process.3 \
au_token.3 au_to_process32_ex.3 \
au_token.3 au_to_process64_ex.3 \
au_token.3 au_to_process_ex.3 \
au_token.3 au_to_return32.3 \
au_token.3 au_to_return64.3 \
au_token.3 au_to_return.3 \
au_token.3 au_to_seq.3 \
au_token.3 au_to_sock_inet32.3 \
au_token.3 au_to_sock_inet128.3 \
au_token.3 au_to_sock_inet.3 \
au_token.3 au_to_subject32.3 \
au_token.3 au_to_subject64.3 \
au_token.3 au_to_subject.3 \
au_token.3 au_to_subject32_ex.3 \
au_token.3 au_to_subject64_ex.3 \
au_token.3 au_to_subject_ex.3 \
au_token.3 au_to_me.3 \
au_token.3 au_to_exec_args.3 \
au_token.3 au_to_exec_env.3 \
au_token.3 au_to_header.3 \
au_token.3 au_to_header32.3 \
au_token.3 au_to_header64.3 \
au_token.3 au_to_trailer.3 \
au_token.3 au_to_zonename.3 \
au_user.3 setauuser.3 \
au_user.3 endauuser.3 \
au_user.3 getauuserent.3 \
au_user.3 getauuserent_r.3 \
au_user.3 getauusernam.3 \
au_user.3 getauusernam_R.3 \
au_user.3 au_user_mask.3 \
au_user.3 getfauditflags.3 \
getaudit.2 getaudit_addr.2 \
setaudit.2 setaudit_addr.2
.include <bsd.lib.mk>