aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRobert Watson <rwatson@FreeBSD.org>2006-09-21 07:07:33 +0000
committerRobert Watson <rwatson@FreeBSD.org>2006-09-21 07:07:33 +0000
commitbb97b41819ea5a5e5315006cdad6902bfa2b7eb6 (patch)
treee89d92d2294a63485849fba4ed404c2f99207ca7
parentfdb4472c922529a63f0a510764a809b6e6b9dbbb (diff)
downloadsrc-bb97b41819ea5a5e5315006cdad6902bfa2b7eb6.tar.gz
src-bb97b41819ea5a5e5315006cdad6902bfa2b7eb6.zip
Vendor import of OpenBSM 1.0 alpha 11, with the following change history
notes since the last import: OpenBSM 1.0 alpha 11 - Reclassify certain read/write operations as having no class rather than the fr/fw class; our default classes audit intent (open) not operations (read, write). - Introduce AUE_SYSCTL_WRITE event so that BSD/Darwin systems can audit reads and writes of sysctls as separate events. Add additional kernel environment and jail events for FreeBSD. - Break AUDIT_TRIGGER_OPEN_NEW into two events, AUDIT_TRIGGER_ROTATE_USER (issued by the user audit(8) tool) and AUDIT_TRIGGER_ROTATE_KERNEL (issued by the kernel audit implementation) so that they can be distinguished. - Disable rate limiting of rotate requests; as the kernel doesn't retransmit a dropped request, the log file will otherwise grow indefinitely if the trigger is dropped. - Improve auditd debugging output. - Fix a number of threading related bugs in audit_control file reading routines. - Add APIs au_poltostr() and au_strtopol() to convert between text representations of audit_control policy flags and the flags passed to auditon(A_SETPOLICY) and retrieved from auditon(A_GETPOLICY). - Add API getacpol() to return the 'policy:' entry from audit_control, an extension to the Solaris file format to allow specification of policy persistent flags. - Update audump to print the audit_control policy field. - Update auditd to read the audit_control policy field and set the kernel policy to match it when configuring/reconfiguring. Remove the -s and -h arguments as these policies are now set via the configuration file. If a policy line is not found in the configuration file, continue with the current default of setting AUDIT_CNT. - Fix bugs in the parsing of large execve(2) arguments and environmental variable tokens; increase maximum parsed argument and variable count. - configure now detects strlcat(), used by policy-related functions. - Reference token and record sample files added to test tree. Obtained from: TrustedBSD Project
Notes
Notes: svn path=/vendor/openbsm/dist/; revision=162503
-rw-r--r--contrib/openbsm/HISTORY36
-rw-r--r--contrib/openbsm/TODO7
-rw-r--r--contrib/openbsm/VERSION2
-rw-r--r--contrib/openbsm/bin/audit/audit.c4
-rw-r--r--contrib/openbsm/bin/auditd/auditd.822
-rw-r--r--contrib/openbsm/bin/auditd/auditd.c126
-rw-r--r--contrib/openbsm/bin/auditd/auditd.h4
-rw-r--r--contrib/openbsm/bsm/audit.h25
-rw-r--r--contrib/openbsm/bsm/audit_kevents.h5
-rw-r--r--contrib/openbsm/bsm/libbsm.h27
-rw-r--r--contrib/openbsm/compat/strlcat.h66
-rw-r--r--contrib/openbsm/config/config.h.in3
-rwxr-xr-xcontrib/openbsm/configure25
-rw-r--r--contrib/openbsm/configure.ac6
-rw-r--r--contrib/openbsm/etc/audit_control3
-rw-r--r--contrib/openbsm/etc/audit_event15
-rw-r--r--contrib/openbsm/libbsm/au_control.342
-rw-r--r--contrib/openbsm/libbsm/au_open.310
-rw-r--r--contrib/openbsm/libbsm/bsm_control.c341
-rw-r--r--contrib/openbsm/libbsm/bsm_io.c14
-rw-r--r--contrib/openbsm/libbsm/bsm_token.c3
-rw-r--r--contrib/openbsm/libbsm/libbsm.315
-rw-r--r--contrib/openbsm/man/audit_control.558
-rw-r--r--contrib/openbsm/man/auditon.24
-rw-r--r--contrib/openbsm/test/reference/arg32_recordbin0 -> 50 bytes
-rw-r--r--contrib/openbsm/test/reference/arg32_tokenbin0 -> 25 bytes
-rw-r--r--contrib/openbsm/test/reference/data_recordbin0 -> 39 bytes
-rw-r--r--contrib/openbsm/test/reference/data_tokenbin0 -> 14 bytes
-rw-r--r--contrib/openbsm/test/reference/file_recordbin0 -> 41 bytes
-rw-r--r--contrib/openbsm/test/reference/file_tokenbin0 -> 16 bytes
-rw-r--r--contrib/openbsm/test/reference/header32_tokenbin0 -> 18 bytes
-rw-r--r--contrib/openbsm/test/reference/in_addr_recordbin0 -> 30 bytes
-rw-r--r--contrib/openbsm/test/reference/in_addr_token1
-rw-r--r--contrib/openbsm/test/reference/ip_recordbin0 -> 46 bytes
-rw-r--r--contrib/openbsm/test/reference/ip_tokenbin0 -> 21 bytes
-rw-r--r--contrib/openbsm/test/reference/ipc_recordbin0 -> 31 bytes
-rw-r--r--contrib/openbsm/test/reference/ipc_token1
-rw-r--r--contrib/openbsm/test/reference/iport_recordbin0 -> 28 bytes
-rw-r--r--contrib/openbsm/test/reference/iport_tokenbin0 -> 3 bytes
-rw-r--r--contrib/openbsm/test/reference/opaque_recordbin0 -> 32 bytes
-rw-r--r--contrib/openbsm/test/reference/opaque_tokenbin0 -> 7 bytes
-rw-r--r--contrib/openbsm/test/reference/path_recordbin0 -> 49 bytes
-rw-r--r--contrib/openbsm/test/reference/path_tokenbin0 -> 24 bytes
-rw-r--r--contrib/openbsm/test/reference/process32_recordbin0 -> 62 bytes
-rw-r--r--contrib/openbsm/test/reference/process32_tokenbin0 -> 37 bytes
-rw-r--r--contrib/openbsm/test/reference/process32ex_recordbin0 -> 66 bytes
-rw-r--r--contrib/openbsm/test/reference/process32ex_tokenbin0 -> 41 bytes
-rw-r--r--contrib/openbsm/test/reference/return32_recordbin0 -> 31 bytes
-rw-r--r--contrib/openbsm/test/reference/return32_token1
-rw-r--r--contrib/openbsm/test/reference/seq_recordbin0 -> 30 bytes
-rw-r--r--contrib/openbsm/test/reference/seq_token1
-rw-r--r--contrib/openbsm/test/reference/subject32_recordbin0 -> 62 bytes
-rw-r--r--contrib/openbsm/test/reference/subject32_tokenbin0 -> 37 bytes
-rw-r--r--contrib/openbsm/test/reference/subject32ex_recordbin0 -> 78 bytes
-rw-r--r--contrib/openbsm/test/reference/subject32ex_token-IPv4bin0 -> 41 bytes
-rw-r--r--contrib/openbsm/test/reference/subject32ex_token-IPv6bin0 -> 53 bytes
-rw-r--r--contrib/openbsm/test/reference/text_recordbin0 -> 44 bytes
-rw-r--r--contrib/openbsm/test/reference/text_tokenbin0 -> 19 bytes
-rw-r--r--contrib/openbsm/test/reference/trailer_token1
-rw-r--r--contrib/openbsm/test/samples/execve-long-args.trailbin0 -> 714 bytes
-rw-r--r--contrib/openbsm/tools/audump.c16
61 files changed, 693 insertions, 191 deletions
diff --git a/contrib/openbsm/HISTORY b/contrib/openbsm/HISTORY
index 7b249ae63155..e9093001a557 100644
--- a/contrib/openbsm/HISTORY
+++ b/contrib/openbsm/HISTORY
@@ -1,3 +1,37 @@
+OpenBSM 1.0 alpha 11
+
+- Reclassify certain read/write operations as having no class rather than the
+ fr/fw class; our default classes audit intent (open) not operations (read,
+ write).
+- Introduce AUE_SYSCTL_WRITE event so that BSD/Darwin systems can audit reads
+ and writes of sysctls as separate events. Add additional kernel
+ environment and jail events for FreeBSD.
+- Break AUDIT_TRIGGER_OPEN_NEW into two events, AUDIT_TRIGGER_ROTATE_USER
+ (issued by the user audit(8) tool) and AUDIT_TRIGGER_ROTATE_KERNEL (issued
+ by the kernel audit implementation) so that they can be distinguished.
+- Disable rate limiting of rotate requests; as the kernel doesn't retransmit
+ a dropped request, the log file will otherwise grow indefinitely if the
+ trigger is dropped.
+- Improve auditd debugging output.
+- Fix a number of threading related bugs in audit_control file reading
+ routines.
+- Add APIs au_poltostr() and au_strtopol() to convert between text
+ representations of audit_control policy flags and the flags passed to
+ auditon(A_SETPOLICY) and retrieved from auditon(A_GETPOLICY).
+- Add API getacpol() to return the 'policy:' entry from audit_control, an
+ extension to the Solaris file format to allow specification of policy
+ persistent flags.
+- Update audump to print the audit_control policy field.
+- Update auditd to read the audit_control policy field and set the kernel
+ policy to match it when configuring/reconfiguring. Remove the -s and -h
+ arguments as these policies are now set via the configuration file. If a
+ policy line is not found in the configuration file, continue with the
+ current default of setting AUDIT_CNT.
+- Fix bugs in the parsing of large execve(2) arguments and environmental
+ variable tokens; increase maximum parsed argument and variable count.
+- configure now detects strlcat(), used by policy-related functions.
+- Reference token and record sample files added to test tree.
+
OpenBSM 1.0 alpha 10
- auditd now generates complete audit records for its events, as required for
@@ -209,4 +243,4 @@ OpenBSM 1.0 alpha 1
to support reloading of kernel event table.
- Allow comments in /etc/security configuration files.
-$P4: //depot/projects/trustedbsd/openbsm/HISTORY#26 $
+$P4: //depot/projects/trustedbsd/openbsm/HISTORY#33 $
diff --git a/contrib/openbsm/TODO b/contrib/openbsm/TODO
index d30c84131c14..5e0b9c3ae318 100644
--- a/contrib/openbsm/TODO
+++ b/contrib/openbsm/TODO
@@ -17,5 +17,10 @@
just at the beginning of a record. This will make it easier to use
praudit in test suites processing single-token files without header and
trailer context.
+- Teach auditd how to notify a script when it is done with trail files so
+ that the script can archive them, compress them, delete them, whatever.
+ It should walk any trail files found at startup also, assuming it
+ successfully registers.
+- Put hostname in trail file name.
-$P4: //depot/projects/trustedbsd/openbsm/TODO#6 $
+$P4: //depot/projects/trustedbsd/openbsm/TODO#7 $
diff --git a/contrib/openbsm/VERSION b/contrib/openbsm/VERSION
index 8d3fe66f8ec7..12b10e099a6e 100644
--- a/contrib/openbsm/VERSION
+++ b/contrib/openbsm/VERSION
@@ -1 +1 @@
-OPENBSM_1_0_ALPHA_9
+OPENBSM_1_0_ALPHA_11
diff --git a/contrib/openbsm/bin/audit/audit.c b/contrib/openbsm/bin/audit/audit.c
index e5744f5f978e..c35b16786be3 100644
--- a/contrib/openbsm/bin/audit/audit.c
+++ b/contrib/openbsm/bin/audit/audit.c
@@ -30,7 +30,7 @@
*
* @APPLE_BSD_LICENSE_HEADER_END@
*
- * $P4: //depot/projects/trustedbsd/openbsm/bin/audit/audit.c#6 $
+ * $P4: //depot/projects/trustedbsd/openbsm/bin/audit/audit.c#7 $
*/
/*
* Program to trigger the audit daemon with a message that is either:
@@ -75,7 +75,7 @@ main(int argc, char **argv)
switch(ch) {
case 'n':
- trigger = AUDIT_TRIGGER_OPEN_NEW;
+ trigger = AUDIT_TRIGGER_ROTATE_USER;
break;
case 's':
diff --git a/contrib/openbsm/bin/auditd/auditd.8 b/contrib/openbsm/bin/auditd/auditd.8
index 8f054c6fc0bb..11e45e1496f2 100644
--- a/contrib/openbsm/bin/auditd/auditd.8
+++ b/contrib/openbsm/bin/auditd/auditd.8
@@ -29,7 +29,7 @@
.\"
.\" @APPLE_BSD_LICENSE_HEADER_END@
.\"
-.\" $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.8#8 $
+.\" $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.8#9 $
.\"
.Dd January 24, 2004
.Dt AUDITD 8
@@ -51,14 +51,20 @@ The options are as follows:
.Bl -tag -width Ds
.It Fl d
Starts the daemon in debug mode - it will not daemonize.
-.It Fl h
-Specifies that if auditing cannot be performed as specified, the system should
-halt (panic). Normally, the system will attempt to proceed - although individual
-processes may be stopped (see the -s option).
-.It Fl s
-Specifies that individual processes should stop rather than perform operations
-that may cause audit records to be lost due to log file full conditions
.El
+.Pp
+The historical
+.Fl h
+and
+.Fl s
+flags are now configured using
+.Xr audit_control 5
+policy flags
+.Dv ahlt
+and
+.Dv cnt ,
+and are no longer available as arguments to
+.Xr auditd 8 .
.Sh NOTE
.Pp
To assure uninterrupted audit support, the
diff --git a/contrib/openbsm/bin/auditd/auditd.c b/contrib/openbsm/bin/auditd/auditd.c
index 838424e2bc7d..86cf2335c28f 100644
--- a/contrib/openbsm/bin/auditd/auditd.c
+++ b/contrib/openbsm/bin/auditd/auditd.c
@@ -30,7 +30,7 @@
*
* @APPLE_BSD_LICENSE_HEADER_END@
*
- * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#18 $
+ * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#21 $
*/
#include <sys/types.h>
@@ -59,6 +59,7 @@
#include "auditd.h"
#define NA_EVENT_STR_SIZE 25
+#define POL_STR_SIZE 128
static int ret, minval;
static char *lastfile = NULL;
@@ -67,7 +68,6 @@ static int triggerfd = 0;
static int sigchlds, sigchlds_handled;
static int sighups, sighups_handled;
static int sigterms, sigterms_handled;
-static long global_flags;
static TAILQ_HEAD(, dir_ent) dir_q;
@@ -160,8 +160,9 @@ close_lastfile(char *TS)
*ptr = '.';
strcpy(ptr+1, TS);
if (rename(oldname, lastfile) != 0)
- syslog(LOG_ERR, "Could not rename %s to %s",
- oldname, lastfile);
+ syslog(LOG_ERR,
+ "Could not rename %s to %s: %m", oldname,
+ lastfile);
else
syslog(LOG_INFO, "renamed %s to %s",
oldname, lastfile);
@@ -286,7 +287,7 @@ swap_audit_file(void)
free(dirent->dirname);
free(dirent);
}
- syslog(LOG_ERR, "Log directories exhausted\n");
+ syslog(LOG_ERR, "Log directories exhausted");
return (-1);
}
@@ -343,7 +344,7 @@ read_control_file(void)
* XXX is generated here?
*/
if (0 == (ret = getacmin(&minval))) {
- syslog(LOG_DEBUG, "min free = %d\n", minval);
+ syslog(LOG_DEBUG, "min free = %d", minval);
if (auditon(A_GETQCTRL, &qctrl, sizeof(qctrl)) != 0) {
syslog(LOG_ERR,
"could not get audit queue settings");
@@ -494,31 +495,65 @@ register_daemon(void)
}
/*
- * Suppress duplicate messages within a 30 second interval. This should be
- * enough to time to rotate log files without thrashing from soft warnings
- * generated before the log is actually rotated.
+ * Handle the audit trigger event.
+ *
+ * We suppress (ignore) duplicated triggers in close succession in order to
+ * try to avoid thrashing-like behavior. However, not all triggers can be
+ * ignored, as triggers generally represent edge triggers, not level
+ * triggers, and won't be retransmitted if the condition persists. Of
+ * specific concern is the rotate trigger -- if one is dropped, then it will
+ * not be retransmitted, and the log file will grow in an unbounded fashion.
*/
#define DUPLICATE_INTERVAL 30
static void
handle_audit_trigger(int trigger)
{
- static int last_trigger;
+ static int last_trigger, last_warning;
static time_t last_time;
struct dir_ent *dirent;
-
- /*
- * Suppres duplicate messages from the kernel within the specified
- * interval.
- */
struct timeval ts;
struct timezone tzp;
time_t tt;
+ /*
+ * Suppress duplicate messages from the kernel within the specified
+ * interval.
+ */
if (gettimeofday(&ts, &tzp) == 0) {
tt = (time_t)ts.tv_sec;
- if ((trigger == last_trigger) &&
- (tt < (last_time + DUPLICATE_INTERVAL)))
- return;
+ switch (trigger) {
+ case AUDIT_TRIGGER_LOW_SPACE:
+ case AUDIT_TRIGGER_NO_SPACE:
+ /*
+ * Triggers we can suppress. Of course, we also need
+ * to rate limit the warnings, so apply the same
+ * interval limit on syslog messages.
+ */
+ if ((trigger == last_trigger) &&
+ (tt < (last_time + DUPLICATE_INTERVAL))) {
+ if (tt >= (last_warning + DUPLICATE_INTERVAL))
+ syslog(LOG_INFO,
+ "Suppressing duplicate trigger %d",
+ trigger);
+ return;
+ }
+ last_warning = tt;
+ break;
+
+ case AUDIT_TRIGGER_ROTATE_KERNEL:
+ case AUDIT_TRIGGER_ROTATE_USER:
+ case AUDIT_TRIGGER_READ_FILE:
+ /*
+ * Triggers that we cannot suppress.
+ */
+ break;
+ }
+
+ /*
+ * Only update last_trigger after aborting due to a duplicate
+ * trigger, not before, or we will never allow that trigger
+ * again.
+ */
last_trigger = trigger;
last_time = tt;
}
@@ -528,7 +563,6 @@ handle_audit_trigger(int trigger)
*/
dirent = TAILQ_FIRST(&dir_q);
switch(trigger) {
-
case AUDIT_TRIGGER_LOW_SPACE:
syslog(LOG_INFO, "Got low space trigger");
if (dirent && (dirent->softlim != 1)) {
@@ -554,7 +588,8 @@ handle_audit_trigger(int trigger)
} else {
/*
* Continue auditing to the current file. Also
- * generate an allsoft warning.
+ * generate an allsoft warning.
+ *
* XXX do we want to do this ?
*/
audit_warn_allsoft();
@@ -577,12 +612,14 @@ handle_audit_trigger(int trigger)
audit_warn_allhard(++allhardcount);
break;
- case AUDIT_TRIGGER_OPEN_NEW:
+ case AUDIT_TRIGGER_ROTATE_KERNEL:
+ case AUDIT_TRIGGER_ROTATE_USER:
/*
* Create a new file and swap with the one being used in
* kernel
*/
- syslog(LOG_INFO, "Got open new trigger");
+ syslog(LOG_INFO, "Got open new trigger from %s", trigger ==
+ AUDIT_TRIGGER_ROTATE_KERNEL ? "kernel" : "user");
if (swap_audit_file() == -1)
syslog(LOG_ERR, "Error swapping audit file");
break;
@@ -656,10 +693,8 @@ wait_for_events(void)
syslog(LOG_DEBUG, "%s: SIGTERM", __FUNCTION__);
break;
}
- if (sigchlds != sigchlds_handled) {
- syslog(LOG_DEBUG, "%s: SIGCHLD", __FUNCTION__);
+ if (sigchlds != sigchlds_handled)
handle_sigchld();
- }
if (sighups != sighups_handled) {
syslog(LOG_DEBUG, "%s: SIGHUP", __FUNCTION__);
handle_sighup();
@@ -670,7 +705,6 @@ wait_for_events(void)
syslog(LOG_ERR, "%s: read EOF", __FUNCTION__);
return (-1);
}
- syslog(LOG_DEBUG, "%s: read %d", __FUNCTION__, trigger);
if (trigger == AUDIT_TRIGGER_CLOSE_AND_DIE)
break;
else
@@ -691,10 +725,13 @@ config_audit_controls(void)
au_mask_t aumask;
int ctr = 0;
char naeventstr[NA_EVENT_STR_SIZE];
+ char polstr[POL_STR_SIZE];
+ long policy;
/*
* Process the audit event file, obtaining a class mapping for each
* event, and send that mapping into the kernel.
+ *
* XXX There's a risk here that the BSM library will return NULL
* for an event when it can't properly map it to a class. In that
* case, we will not process any events beyond the one that failed,
@@ -703,10 +740,17 @@ config_audit_controls(void)
ev.ae_name = (char *)malloc(AU_EVENT_NAME_MAX);
ev.ae_desc = (char *)malloc(AU_EVENT_DESC_MAX);
if ((ev.ae_name == NULL) || (ev.ae_desc == NULL)) {
+ if (ev.ae_name != NULL)
+ free(ev.ae_name);
syslog(LOG_ERR,
"Memory allocation error when configuring audit controls.");
return (-1);
}
+
+ /*
+ * XXXRW: Currently we have no way to remove mappings from the kernel
+ * when they are removed from the file-based mappings.
+ */
evp = &ev;
setauevent();
while ((evp = getauevent_r(evp)) != NULL) {
@@ -746,10 +790,21 @@ config_audit_controls(void)
"Failed to obtain non-attributable event mask.");
/*
- * Set the audit policy flags based on passed in parameter values.
+ * If a policy is configured in audit_control(5), implement the
+ * policy. However, if one isn't defined, set AUDIT_CNT to avoid
+ * leaving the system in a fragile state.
*/
- if (auditon(A_SETPOLICY, &global_flags, sizeof(global_flags)))
- syslog(LOG_ERR, "Failed to set audit policy.");
+ if ((getacpol(polstr, POL_STR_SIZE) == 0) &&
+ (au_strtopol(polstr, &policy) == 0)) {
+ if (auditon(A_SETPOLICY, &policy, sizeof(policy)))
+ syslog(LOG_ERR, "Failed to set audit policy: %m");
+ } else {
+ syslog(LOG_ERR, "Failed to obtain policy flags: %m");
+ policy = AUDIT_CNT;
+ if (auditon(A_SETPOLICY, &policy, sizeof(policy)))
+ syslog(LOG_ERR,
+ "Failed to set default audit policy: %m");
+ }
return (0);
}
@@ -826,7 +881,6 @@ main(int argc, char **argv)
int debug = 0;
int rc;
- global_flags |= AUDIT_CNT;
while ((ch = getopt(argc, argv, "dhs")) != -1) {
switch(ch) {
case 'd':
@@ -834,20 +888,10 @@ main(int argc, char **argv)
debug = 1;
break;
- case 's':
- /* Fail-stop option. */
- global_flags &= ~(AUDIT_CNT);
- break;
-
- case 'h':
- /* Halt-stop option. */
- global_flags |= AUDIT_AHLT;
- break;
-
case '?':
default:
(void)fprintf(stderr,
- "usage: auditd [-h | -s] [-d] \n");
+ "usage: auditd [-d] \n");
exit(1);
}
}
diff --git a/contrib/openbsm/bin/auditd/auditd.h b/contrib/openbsm/bin/auditd/auditd.h
index bca637037ed8..11bf9d4ce176 100644
--- a/contrib/openbsm/bin/auditd/auditd.h
+++ b/contrib/openbsm/bin/auditd/auditd.h
@@ -30,7 +30,7 @@
*
* @APPLE_BSD_LICENSE_HEADER_END@
*
- * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.h#5 $
+ * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.h#6 $
*/
#ifndef _AUDITD_H_
@@ -61,7 +61,7 @@ struct dir_ent {
#define HARDLIM_ALL_WARN "allhard"
#define SOFTLIM_ALL_WARN "allsoft"
-#define AUDITOFF_WARN "aditoff"
+#define AUDITOFF_WARN "auditoff"
#define EBUSY_WARN "ebusy"
#define GETACDIR_WARN "getacdir"
#define HARDLIM_WARN "hard"
diff --git a/contrib/openbsm/bsm/audit.h b/contrib/openbsm/bsm/audit.h
index d67b8535a8ce..ad61748abab0 100644
--- a/contrib/openbsm/bsm/audit.h
+++ b/contrib/openbsm/bsm/audit.h
@@ -30,7 +30,7 @@
*
* @APPLE_BSD_LICENSE_HEADER_END@
*
- * $P4: //depot/projects/trustedbsd/openbsm/bsm/audit.h#19 $
+ * $P4: //depot/projects/trustedbsd/openbsm/bsm/audit.h#21 $
*/
#ifndef _BSM_AUDIT_H
@@ -46,18 +46,19 @@
* Triggers for the audit daemon.
*/
#define AUDIT_TRIGGER_MIN 1
-#define AUDIT_TRIGGER_LOW_SPACE 1
-#define AUDIT_TRIGGER_OPEN_NEW 2
-#define AUDIT_TRIGGER_READ_FILE 3
-#define AUDIT_TRIGGER_CLOSE_AND_DIE 4
-#define AUDIT_TRIGGER_NO_SPACE 5
-#define AUDIT_TRIGGER_MAX 5
+#define AUDIT_TRIGGER_LOW_SPACE 1 /* Below low watermark. */
+#define AUDIT_TRIGGER_ROTATE_KERNEL 2 /* Kernel requests rotate. */
+#define AUDIT_TRIGGER_READ_FILE 3 /* Re-read config file. */
+#define AUDIT_TRIGGER_CLOSE_AND_DIE 4 /* Terminate audit. */
+#define AUDIT_TRIGGER_NO_SPACE 5 /* Below min free space. */
+#define AUDIT_TRIGGER_ROTATE_USER 6 /* User requests roate. */
+#define AUDIT_TRIGGER_MAX 6
/*
- * Special file that will be read for trigger events from the kernel
- * (FreeBSD).
+ * The special device filename (FreeBSD).
*/
-#define AUDIT_TRIGGER_FILE "/dev/audit"
+#define AUDITDEV_FILENAME "audit"
+#define AUDIT_TRIGGER_FILE ("/dev/" AUDITDEV_FILENAME)
/*
* Pre-defined audit IDs
@@ -164,12 +165,12 @@
#define AUDIT_PERZONE 0x2000
/*
- * Audit queue control parameters.
+ * Default audit queue control parameters.
*/
#define AQ_HIWATER 100
#define AQ_MAXHIGH 10000
#define AQ_LOWATER 10
-#define AQ_BUFSZ 1024
+#define AQ_BUFSZ MAXAUDITDATA
#define AQ_MAXBUFSZ 1048576
/*
diff --git a/contrib/openbsm/bsm/audit_kevents.h b/contrib/openbsm/bsm/audit_kevents.h
index cd558831986e..ef0f47b01485 100644
--- a/contrib/openbsm/bsm/audit_kevents.h
+++ b/contrib/openbsm/bsm/audit_kevents.h
@@ -30,7 +30,7 @@
*
* @APPLE_BSD_LICENSE_HEADER_END@
*
- * $P4: //depot/projects/trustedbsd/openbsm/bsm/audit_kevents.h#40 $
+ * $P4: //depot/projects/trustedbsd/openbsm/bsm/audit_kevents.h#42 $
*/
#ifndef _BSM_AUDIT_KEVENTS_H_
@@ -467,6 +467,9 @@
#define AUE_EXTATTR_SET_LINK 43111 /* FreeBSD. */
#define AUE_EXTATTR_LIST_LINK 43112 /* FreeBSD. */
#define AUE_EXTATTR_DELETE_LINK 43113 /* FreeBSD. */
+#define AUE_KENV 43114 /* FreeBSD. */
+#define AUE_JAIL_ATTACH 43115 /* FreeBSD. */
+#define AUE_SYSCTL_WRITE 43116 /* FreeBSD. */
/*
* Darwin BSM uses a number of AUE_O_* definitions, which are aliased to the
diff --git a/contrib/openbsm/bsm/libbsm.h b/contrib/openbsm/bsm/libbsm.h
index 5fea48ce1f72..34d9dbc062f0 100644
--- a/contrib/openbsm/bsm/libbsm.h
+++ b/contrib/openbsm/bsm/libbsm.h
@@ -26,7 +26,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/bsm/libbsm.h#27 $
+ * $P4: //depot/projects/trustedbsd/openbsm/bsm/libbsm.h#29 $
*/
#ifndef _LIBBSM_H_
@@ -37,9 +37,6 @@
* solely to allow OpenSSH to compile; Darwin/Apple code should not use them.
*/
-#define AUDIT_MAX_ARGS 10
-#define AUDIT_MAX_ENV 10
-
#include <sys/types.h>
#include <sys/cdefs.h>
@@ -55,13 +52,25 @@
#include <mach/mach.h> /* audit_token_t */
#endif
-#define AU_PRS_SUCCESS 1
-#define AU_PRS_FAILURE 2
-#define AU_PRS_BOTH (AU_PRS_SUCCESS|AU_PRS_FAILURE)
+/*
+ * Size parsed token vectors for execve(2) arguments and environmental
+ * variables. Note: changing these sizes affects the ABI of the token
+ * structure, and as the token structure is often placed in the caller stack,
+ * this is undesirable.
+ */
+#define AUDIT_MAX_ARGS 128
+#define AUDIT_MAX_ENV 128
+/*
+ * Arguments to au_preselect(3).
+ */
#define AU_PRS_USECACHE 0
#define AU_PRS_REREAD 1
+#define AU_PRS_SUCCESS 1
+#define AU_PRS_FAILURE 2
+#define AU_PRS_BOTH (AU_PRS_SUCCESS|AU_PRS_FAILURE)
+
#define AUDIT_EVENT_FILE "/etc/security/audit_event"
#define AUDIT_CLASS_FILE "/etc/security/audit_class"
#define AUDIT_CONTROL_FILE "/etc/security/audit_control"
@@ -71,6 +80,7 @@
#define MINFREE_CONTROL_ENTRY "minfree"
#define FLAGS_CONTROL_ENTRY "flags"
#define NA_CONTROL_ENTRY "naflags"
+#define POLICY_CONTROL_ENTRY "policy"
#define AU_CLASS_NAME_MAX 8
#define AU_CLASS_DESC_MAX 72
@@ -711,11 +721,14 @@ int getacdir(char *name, int len);
int getacmin(int *min_val);
int getacflg(char *auditstr, int len);
int getacna(char *auditstr, int len);
+int getacpol(char *auditstr, size_t len);
int getauditflagsbin(char *auditstr, au_mask_t *masks);
int getauditflagschar(char *auditstr, au_mask_t *masks,
int verbose);
int au_preselect(au_event_t event, au_mask_t *mask_p,
int sorf, int flag);
+ssize_t au_poltostr(long policy, size_t maxsize, char *buf);
+int au_strtopol(const char *polstr, long *policy);
/*
* Functions relating to querying audit event information.
diff --git a/contrib/openbsm/compat/strlcat.h b/contrib/openbsm/compat/strlcat.h
new file mode 100644
index 000000000000..ba836f83cbf9
--- /dev/null
+++ b/contrib/openbsm/compat/strlcat.h
@@ -0,0 +1,66 @@
+/*
+ * Copyright (c) 1998 Todd C. Miller <Todd.Miller@courtesan.com>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote products
+ * derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
+ * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
+ * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+ * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * dollar OpenBSD: strlcat.c,v 1.2 1999/06/17 16:28:58 millert Exp dollar
+ */
+
+/*
+ * Appends src to string dst of size siz (unlike strncat, siz is the
+ * full size of dst, not space left). At most siz-1 characters
+ * will be copied. Always NUL terminates (unless siz <= strlen(dst)).
+ * Returns strlen(src) + MIN(siz, strlen(initial dst)).
+ * If retval >= siz, truncation occurred.
+ */
+static size_t
+strlcat(dst, src, siz)
+ char *dst;
+ const char *src;
+ size_t siz;
+{
+ char *d = dst;
+ const char *s = src;
+ size_t n = siz;
+ size_t dlen;
+
+ /* Find the end of dst and adjust bytes left but don't go past end */
+ while (n-- != 0 && *d != '\0')
+ d++;
+ dlen = d - dst;
+ n = siz - dlen;
+
+ if (n == 0)
+ return(dlen + strlen(s));
+ while (*s != '\0') {
+ if (n != 1) {
+ *d++ = *s;
+ n--;
+ }
+ s++;
+ }
+ *d = '\0';
+
+ return(dlen + (s - src)); /* count does not include NUL */
+}
diff --git a/contrib/openbsm/config/config.h.in b/contrib/openbsm/config/config.h.in
index bc53efcc8f05..6daddb4f9fb1 100644
--- a/contrib/openbsm/config/config.h.in
+++ b/contrib/openbsm/config/config.h.in
@@ -86,6 +86,9 @@
/* Define to 1 if you have the <string.h> header file. */
#undef HAVE_STRING_H
+/* Define to 1 if you have the `strlcat' function. */
+#undef HAVE_STRLCAT
+
/* Define to 1 if you have the `strrchr' function. */
#undef HAVE_STRRCHR
diff --git a/contrib/openbsm/configure b/contrib/openbsm/configure
index c6394ade3025..26af770f4151 100755
--- a/contrib/openbsm/configure
+++ b/contrib/openbsm/configure
@@ -1,7 +1,7 @@
#! /bin/sh
-# From configure.ac P4: //depot/projects/trustedbsd/openbsm/configure.ac#28 .
+# From configure.ac P4: //depot/projects/trustedbsd/openbsm/configure.ac#31 .
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.59 for OpenBSM 1.0a10.
+# Generated by GNU Autoconf 2.59 for OpenBSM 1.0a11.
#
# Report bugs to <trustedbsd-audit@TrustesdBSD.org>.
#
@@ -424,8 +424,8 @@ SHELL=${CONFIG_SHELL-/bin/sh}
# Identity of this package.
PACKAGE_NAME='OpenBSM'
PACKAGE_TARNAME='openbsm'
-PACKAGE_VERSION='1.0a10'
-PACKAGE_STRING='OpenBSM 1.0a10'
+PACKAGE_VERSION='1.0a11'
+PACKAGE_STRING='OpenBSM 1.0a11'
PACKAGE_BUGREPORT='trustedbsd-audit@TrustesdBSD.org'
ac_unique_file="bin/auditreduce/auditreduce.c"
@@ -955,7 +955,7 @@ if test "$ac_init_help" = "long"; then
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures OpenBSM 1.0a10 to adapt to many kinds of systems.
+\`configure' configures OpenBSM 1.0a11 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1021,7 +1021,7 @@ fi
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of OpenBSM 1.0a10:";;
+ short | recursive ) echo "Configuration of OpenBSM 1.0a11:";;
esac
cat <<\_ACEOF
@@ -1162,7 +1162,7 @@ fi
test -n "$ac_init_help" && exit 0
if $ac_init_version; then
cat <<\_ACEOF
-OpenBSM configure 1.0a10
+OpenBSM configure 1.0a11
generated by GNU Autoconf 2.59
Copyright (C) 2003 Free Software Foundation, Inc.
@@ -1176,7 +1176,7 @@ cat >&5 <<_ACEOF
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by OpenBSM $as_me 1.0a10, which was
+It was created by OpenBSM $as_me 1.0a11, which was
generated by GNU Autoconf 2.59. Invocation command line was
$ $0 $@
@@ -19278,7 +19278,7 @@ fi
# Define the identity of the package.
PACKAGE=OpenBSM
- VERSION=1.0a10
+ VERSION=1.0a11
cat >>confdefs.h <<_ACEOF
@@ -22834,7 +22834,8 @@ done
-for ac_func in bzero clock_gettime ftruncate gettimeofday inet_ntoa memset strchr strerror strrchr strstr strtol strtoul
+
+for ac_func in bzero clock_gettime ftruncate gettimeofday inet_ntoa memset strchr strerror strlcat strrchr strstr strtol strtoul
do
as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
echo "$as_me:$LINENO: checking for $ac_func" >&5
@@ -23478,7 +23479,7 @@ _ASBOX
} >&5
cat >&5 <<_CSEOF
-This file was extended by OpenBSM $as_me 1.0a10, which was
+This file was extended by OpenBSM $as_me 1.0a11, which was
generated by GNU Autoconf 2.59. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -23541,7 +23542,7 @@ _ACEOF
cat >>$CONFIG_STATUS <<_ACEOF
ac_cs_version="\\
-OpenBSM config.status 1.0a10
+OpenBSM config.status 1.0a11
configured by $0, generated by GNU Autoconf 2.59,
with options \\"`echo "$ac_configure_args" | sed 's/[\\""\`\$]/\\\\&/g'`\\"
diff --git a/contrib/openbsm/configure.ac b/contrib/openbsm/configure.ac
index cd708bedecca..8547245c0e44 100644
--- a/contrib/openbsm/configure.ac
+++ b/contrib/openbsm/configure.ac
@@ -2,8 +2,8 @@
# Process this file with autoconf to produce a configure script.
AC_PREREQ(2.59)
-AC_INIT([OpenBSM], [1.0a10], [trustedbsd-audit@TrustesdBSD.org],[openbsm])
-AC_REVISION([$P4: //depot/projects/trustedbsd/openbsm/configure.ac#29 $])
+AC_INIT([OpenBSM], [1.0a11], [trustedbsd-audit@TrustesdBSD.org],[openbsm])
+AC_REVISION([$P4: //depot/projects/trustedbsd/openbsm/configure.ac#31 $])
AC_CONFIG_SRCDIR([bin/auditreduce/auditreduce.c])
AC_CONFIG_AUX_DIR(config)
AC_CONFIG_HEADER([config/config.h])
@@ -56,7 +56,7 @@ AC_FUNC_MKTIME
AC_TYPE_SIGNAL
AC_FUNC_STAT
AC_FUNC_STRFTIME
-AC_CHECK_FUNCS([bzero clock_gettime ftruncate gettimeofday inet_ntoa memset strchr strerror strrchr strstr strtol strtoul])
+AC_CHECK_FUNCS([bzero clock_gettime ftruncate gettimeofday inet_ntoa memset strchr strerror strlcat strrchr strstr strtol strtoul])
# sys/queue.h exists on most systems, but its capabilities vary a great deal.
# test for LIST_FIRST and TAILQ_FOREACH_SAFE, which appears to not exist in
diff --git a/contrib/openbsm/etc/audit_control b/contrib/openbsm/etc/audit_control
index fb1ce1a773ef..2db3e1fa049e 100644
--- a/contrib/openbsm/etc/audit_control
+++ b/contrib/openbsm/etc/audit_control
@@ -1,7 +1,8 @@
#
-# $P4: //depot/projects/trustedbsd/openbsm/etc/audit_control#3 $
+# $P4: //depot/projects/trustedbsd/openbsm/etc/audit_control#4 $
#
dir:/var/audit
flags:lo
minfree:20
naflags:lo
+policy:cnt
diff --git a/contrib/openbsm/etc/audit_event b/contrib/openbsm/etc/audit_event
index ebab4ed21abf..346dff7a22af 100644
--- a/contrib/openbsm/etc/audit_event
+++ b/contrib/openbsm/etc/audit_event
@@ -1,5 +1,5 @@
#
-# $P4: //depot/projects/trustedbsd/openbsm/etc/audit_event#12 $
+# $P4: //depot/projects/trustedbsd/openbsm/etc/audit_event#15 $
#
0:AUE_NULL:indir system call:no
1:AUE_EXIT:exit(2):pc
@@ -117,8 +117,8 @@
113:AUE_SYSTEMBOOT:system booted:na
114:AUE_ASYNC_DAEMON_EXIT:async_daemon(2) exited:ad
115:AUE_NFSSVC_EXIT:nfssvc(2) exited:ad
-128:AUE_WRITEL:writel(2):fw
-129:AUE_WRITEVL:writevl(2):fw
+128:AUE_WRITEL:writel(2):no
+129:AUE_WRITEVL:writevl(2):no
130:AUE_GETAUID:getauid(2):ad
131:AUE_SETAUID:setauid(2):ad
132:AUE_GETAUDIT:getaudit(2):ad
@@ -265,7 +265,7 @@
325:AUE_DARWIN_KDEBUGTRACE:system call:pc
326:AUE_DARWIN_FSTAT:fstat(2):fa
327:AUE_DARWIN_FPATHCONF:fpathconf(2):fa
-328:AUE_DARWIN_GETDIRENTRIES:getdirentries(2):fr
+328:AUE_DARWIN_GETDIRENTRIES:getdirentries(2):no
329:AUE_DARWIN_TRUNCATE:truncate(2):fw
330:AUE_DARWIN_FTRUNCATE:ftruncate(2):fw
331:AUE_DARWIN_SYSCTL:sysctl(3):ad
@@ -321,8 +321,8 @@
43017:AUE_KDEBUGTRACE:system call:pc
43018:AUE_FSTAT:fstat(2):fa
43019:AUE_FPATHCONF:fpathconf(2):fa
-43020:AUE_GETDIRENTRIES:getdirentries(2):fr
-43021:AUE_SYSCTL:sysctl(3):ad
+43020:AUE_GETDIRENTRIES:getdirentries(2):no
+43021:AUE_SYSCTL:sysctl(3):ot
43022:AUE_MLOCK:mlock(2):pc
43023:AUE_MUNLOCK:munlock(2):pc
43024:AUE_UNDELETE:undelete(2):fm
@@ -415,6 +415,9 @@
43111:AUE_EXTATTR_SET_LINK:extattr_set_link(2):fm
43112:AUE_EXTATTR_LIST_LINK:extattr_list_link(2):fa
43113:AUE_EXTATTR_DELETE_LINK:extattr_delete_link(2):fm
+43114:AUE_KENV:kenv(8):ad
+43115:AUE_JAIL_ATTACH:jail_attach(2):ad
+43116:AUE_SYSCTL_WRITE:sysctl(3):ad
#
# User space system events.
#
diff --git a/contrib/openbsm/libbsm/au_control.3 b/contrib/openbsm/libbsm/au_control.3
index 0cd66f162fd4..00a551eed2d9 100644
--- a/contrib/openbsm/libbsm/au_control.3
+++ b/contrib/openbsm/libbsm/au_control.3
@@ -23,7 +23,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_control.3#3 $
+.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_control.3#4 $
.\"
.Dd April 19, 2005
.Dt AU_CONTROL 3
@@ -34,7 +34,10 @@
.Nm getacdir ,
.Nm getacmin ,
.Nm getacflg ,
-.Nm getacna
+.Nm getacna ,
+.Nm getacpol ,
+.Nm au_poltostr
+.Nm au_strtopol
.Nd "Look up information from the audit_control database"
.Sh LIBRARY
.Lb libbsm
@@ -52,6 +55,12 @@
.Fn getacflg "char *auditstr" "int len"
.Ft int
.Fn getacna "char *auditstr" "int len"
+.Ft int
+.Fn getacpol "char *auditstr" "size_t len"
+.Ft ssize_t
+.Fn au_poltostr "long policy" "size_t maxsize" "char *buf"
+.Ft int
+.Fn au_strtopol "const char *polstr" "long *policy"
.Sh DESCRIPTION
These interfaces may be used to look up information from the
.Xr audit_control 5
@@ -90,15 +99,42 @@ returns the non-attributable flags via the passed character buffer
.Va auditstr
of length
.Va len .
+.Pp
+.Fn getacpol
+returns the audit policy flags via the passed character buffer
+.Va auditstr
+of length
+.Va len .
+.Pp
+.Fn au_poltostr
+converts a numeric audit policy mask,
+.Va policy ,
+value to a string in the passed character buffer
+.Va buf
+of lenth
+.Va maxsize .
+.Pp
+.Fn au_strtopol
+converts an audit policy flags string,
+.Va polstr ,
+to a numeric audit policy mask returned via
+.Va policy .
.Sh RETURN VALULES
.Fn getacdir ,
.Fn getacmin ,
.Fn getacflg ,
+.Fn getacna ,
+.Fn getacpol ,
and
-.Fn getacna
+.Fn au_strtopol
return 0 on success, or a negative value on failure, along with error
information in
.Va errno .
+.Pp
+.Fn au_poltostr
+returns a string length of 0 or more on success, or a negative value on
+if there is a failure.
+.Pp
Functions that return a string value will return a failure if there is
insufficient room in the passed character buffer for the full string.
.Sh SEE ALSO
diff --git a/contrib/openbsm/libbsm/au_open.3 b/contrib/openbsm/libbsm/au_open.3
index 569940e68061..db9e9b3fbc76 100644
--- a/contrib/openbsm/libbsm/au_open.3
+++ b/contrib/openbsm/libbsm/au_open.3
@@ -23,16 +23,17 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_open.3#4 $
+.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_open.3#5 $
.\"
.Dd March 4, 2006
.Dt AU_OPEN 3
.Os
.Sh NAME
-.Nm au_open ,
-.Nm au_write ,
.Nm au_close ,
-.Nm au_close_buffer
+.Nm au_close_buffer ,
+.Nm au_close_token ,
+.Nm au_open ,
+.Nm au_write
.Nd "Create and commit audit records"
.Sh LIBRARY
.Lb libbsm
@@ -120,6 +121,7 @@ return 0 on success, or a negative value on failure, along with error
information in
.Va errno .
.Sh SEE ALSO
+.Xr audit_submit 3 ,
.Xr libbsm 3
.Sh AUTHORS
This software was created by Robert Watson, Wayne Salamon, and Suresh
diff --git a/contrib/openbsm/libbsm/bsm_control.c b/contrib/openbsm/libbsm/bsm_control.c
index 438082bca892..ba643b2b9fde 100644
--- a/contrib/openbsm/libbsm/bsm_control.c
+++ b/contrib/openbsm/libbsm/bsm_control.c
@@ -1,5 +1,6 @@
/*
* Copyright (c) 2004 Apple Computer, Inc.
+ * Copyright (c) 2006 Robert N. M. Watson
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -26,7 +27,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_control.c#13 $
+ * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_control.c#15 $
*/
#include <bsm/libbsm.h>
@@ -37,9 +38,14 @@
#include <stdio.h>
#include <stdlib.h>
+#include <config/config.h>
+#ifndef HAVE_STRLCAT
+#include <compat/strlcat.h>
+#endif
+
/*
* Parse the contents of the audit_control file to return the audit control
- * parameters.
+ * parameters. These static fields are protected by 'mutex'.
*/
static FILE *fp = NULL;
static char linestr[AU_LINE_MAX];
@@ -98,21 +104,223 @@ getstrfromtype_locked(char *name, char **str)
}
/*
+ * Convert a policy to a string. Return -1 on failure, or >= 0 representing
+ * the actual size of the string placed in the buffer (excluding terminating
+ * nul).
+ */
+ssize_t
+au_poltostr(long policy, size_t maxsize, char *buf)
+{
+ int first;
+
+ if (maxsize < 1)
+ return (-1);
+ first = 1;
+ buf[0] = '\0';
+
+ if (policy & AUDIT_CNT) {
+ if (strlcat(buf, "cnt", maxsize) >= maxsize)
+ return (-1);
+ first = 0;
+ }
+ if (policy & AUDIT_AHLT) {
+ if (!first) {
+ if (strlcat(buf, ",", maxsize) >= maxsize)
+ return (-1);
+ }
+ if (strlcat(buf, "ahlt", maxsize) >= maxsize)
+ return (-1);
+ first = 0;
+ }
+ if (policy & AUDIT_ARGV) {
+ if (!first) {
+ if (strlcat(buf, ",", maxsize) >= maxsize)
+ return (-1);
+ }
+ if (strlcat(buf, "argv", maxsize) >= maxsize)
+ return (-1);
+ first = 0;
+ }
+ if (policy & AUDIT_ARGE) {
+ if (!first) {
+ if (strlcat(buf, ",", maxsize) >= maxsize)
+ return (-1);
+ }
+ if (strlcat(buf, "arge", maxsize) >= maxsize)
+ return (-1);
+ first = 0;
+ }
+ if (policy & AUDIT_SEQ) {
+ if (!first) {
+ if (strlcat(buf, ",", maxsize) >= maxsize)
+ return (-1);
+ }
+ if (strlcat(buf, "seq", maxsize) >= maxsize)
+ return (-1);
+ first = 0;
+ }
+ if (policy & AUDIT_WINDATA) {
+ if (!first) {
+ if (strlcat(buf, ",", maxsize) >= maxsize)
+ return (-1);
+ }
+ if (strlcat(buf, "windata", maxsize) >= maxsize)
+ return (-1);
+ first = 0;
+ }
+ if (policy & AUDIT_USER) {
+ if (!first) {
+ if (strlcat(buf, ",", maxsize) >= maxsize)
+ return (-1);
+ }
+ if (strlcat(buf, "user", maxsize) >= maxsize)
+ return (-1);
+ first = 0;
+ }
+ if (policy & AUDIT_GROUP) {
+ if (!first) {
+ if (strlcat(buf, ",", maxsize) >= maxsize)
+ return (-1);
+ }
+ if (strlcat(buf, "group", maxsize) >= maxsize)
+ return (-1);
+ first = 0;
+ }
+ if (policy & AUDIT_TRAIL) {
+ if (!first) {
+ if (strlcat(buf, ",", maxsize) >= maxsize)
+ return (-1);
+ }
+ if (strlcat(buf, "trail", maxsize) >= maxsize)
+ return (-1);
+ first = 0;
+ }
+ if (policy & AUDIT_PATH) {
+ if (!first) {
+ if (strlcat(buf, ",", maxsize) >= maxsize)
+ return (-1);
+ }
+ if (strlcat(buf, "path", maxsize) >= maxsize)
+ return (-1);
+ first = 0;
+ }
+ if (policy & AUDIT_SCNT) {
+ if (!first) {
+ if (strlcat(buf, ",", maxsize) >= maxsize)
+ return (-1);
+ }
+ if (strlcat(buf, "scnt", maxsize) >= maxsize)
+ return (-1);
+ first = 0;
+ }
+ if (policy & AUDIT_PUBLIC) {
+ if (!first) {
+ if (strlcat(buf, ",", maxsize) >= maxsize)
+ return (-1);
+ }
+ if (strlcat(buf, "public", maxsize) >= maxsize)
+ return (-1);
+ first = 0;
+ }
+ if (policy & AUDIT_ZONENAME) {
+ if (!first) {
+ if (strlcat(buf, ",", maxsize) >= maxsize)
+ return (-1);
+ }
+ if (strlcat(buf, "zonename", maxsize) >= maxsize)
+ return (-1);
+ first = 0;
+ }
+ if (policy & AUDIT_PERZONE) {
+ if (!first) {
+ if (strlcat(buf, ",", maxsize) >= maxsize)
+ return (-1);
+ }
+ if (strlcat(buf, "perzone", maxsize) >= maxsize)
+ return (-1);
+ first = 0;
+ }
+ return (strlen(buf));
+}
+
+/*
+ * Convert a string to a policy. Return -1 on failure (with errno EINVAL,
+ * ENOMEM) or 0 on success.
+ */
+int
+au_strtopol(const char *polstr, long *policy)
+{
+ char *bufp, *string;
+ char *buffer;
+
+ *policy = 0;
+ buffer = strdup(polstr);
+ if (buffer == NULL)
+ return (-1);
+
+ bufp = buffer;
+ while ((string = strsep(&bufp, ",")) != NULL) {
+ if (strcmp(string, "cnt") == 0)
+ *policy |= AUDIT_CNT;
+ else if (strcmp(string, "ahlt") == 0)
+ *policy |= AUDIT_AHLT;
+ else if (strcmp(string, "argv") == 0)
+ *policy |= AUDIT_ARGV;
+ else if (strcmp(string, "arge") == 0)
+ *policy |= AUDIT_ARGE;
+ else if (strcmp(string, "seq") == 0)
+ *policy |= AUDIT_SEQ;
+ else if (strcmp(string, "winau_fstat") == 0)
+ *policy |= AUDIT_WINDATA;
+ else if (strcmp(string, "user") == 0)
+ *policy |= AUDIT_USER;
+ else if (strcmp(string, "group") == 0)
+ *policy |= AUDIT_GROUP;
+ else if (strcmp(string, "trail") == 0)
+ *policy |= AUDIT_TRAIL;
+ else if (strcmp(string, "path") == 0)
+ *policy |= AUDIT_PATH;
+ else if (strcmp(string, "scnt") == 0)
+ *policy |= AUDIT_SCNT;
+ else if (strcmp(string, "public") == 0)
+ *policy |= AUDIT_PUBLIC;
+ else if (strcmp(string, "zonename") == 0)
+ *policy |= AUDIT_ZONENAME;
+ else if (strcmp(string, "perzone") == 0)
+ *policy |= AUDIT_PERZONE;
+ else {
+ free(buffer);
+ errno = EINVAL;
+ return (-1);
+ }
+ }
+ free(buffer);
+ return (0);
+}
+
+/*
* Rewind the file pointer to beginning.
*/
-void
-setac(void)
+static void
+setac_locked(void)
{
- pthread_mutex_lock(&mutex);
ptrmoved = 1;
if (fp != NULL)
fseek(fp, 0, SEEK_SET);
+}
+
+void
+setac(void)
+{
+
+ pthread_mutex_lock(&mutex);
+ setac_locked();
pthread_mutex_unlock(&mutex);
}
/*
- * Close the audit_control file
+ * Close the audit_control file.
*/
void
endac(void)
@@ -136,72 +344,54 @@ getacdir(char *name, int len)
char *dir;
int ret = 0;
- if (name == NULL) {
- errno = EINVAL;
- return (-2);
- }
-
- pthread_mutex_lock(&mutex);
-
/*
- * Check if another function was called between
- * successive calls to getacdir
+ * Check if another function was called between successive calls to
+ * getacdir.
*/
+ pthread_mutex_lock(&mutex);
if (inacdir && ptrmoved) {
ptrmoved = 0;
if (fp != NULL)
fseek(fp, 0, SEEK_SET);
ret = 2;
}
-
-
if (getstrfromtype_locked(DIR_CONTROL_ENTRY, &dir) < 0) {
pthread_mutex_unlock(&mutex);
return (-2);
}
-
- pthread_mutex_unlock(&mutex);
-
- if (dir == NULL)
+ if (dir == NULL) {
+ pthread_mutex_unlock(&mutex);
return (-1);
-
- if (strlen(dir) >= len)
+ }
+ if (strlen(dir) >= len) {
+ pthread_mutex_unlock(&mutex);
return (-3);
-
+ }
strcpy(name, dir);
-
+ pthread_mutex_unlock(&mutex);
return (ret);
}
/*
- * Return the minimum free diskspace value from the audit control file
+ * Return the minimum free diskspace value from the audit control file.
*/
int
getacmin(int *min_val)
{
char *min;
- setac();
-
- if (min_val == NULL) {
- errno = EINVAL;
- return (-2);
- }
-
pthread_mutex_lock(&mutex);
-
+ setac_locked();
if (getstrfromtype_locked(MINFREE_CONTROL_ENTRY, &min) < 0) {
pthread_mutex_unlock(&mutex);
return (-2);
}
-
- pthread_mutex_unlock(&mutex);
-
- if (min == NULL)
+ if (min == NULL) {
+ pthread_mutex_unlock(&mutex);
return (1);
-
+ }
*min_val = atoi(min);
-
+ pthread_mutex_unlock(&mutex);
return (0);
}
@@ -213,30 +403,22 @@ getacflg(char *auditstr, int len)
{
char *str;
- setac();
-
- if (auditstr == NULL) {
- errno = EINVAL;
- return (-2);
- }
-
pthread_mutex_lock(&mutex);
-
+ setac_locked();
if (getstrfromtype_locked(FLAGS_CONTROL_ENTRY, &str) < 0) {
pthread_mutex_unlock(&mutex);
return (-2);
}
-
- pthread_mutex_unlock(&mutex);
-
- if (str == NULL)
+ if (str == NULL) {
+ pthread_mutex_unlock(&mutex);
return (1);
-
- if (strlen(str) >= len)
+ }
+ if (strlen(str) >= len) {
+ pthread_mutex_unlock(&mutex);
return (-3);
-
+ }
strcpy(auditstr, str);
-
+ pthread_mutex_unlock(&mutex);
return (0);
}
@@ -248,28 +430,47 @@ getacna(char *auditstr, int len)
{
char *str;
- setac();
-
- if (auditstr == NULL) {
- errno = EINVAL;
- return (-2);
- }
-
pthread_mutex_lock(&mutex);
-
+ setac_locked();
if (getstrfromtype_locked(NA_CONTROL_ENTRY, &str) < 0) {
pthread_mutex_unlock(&mutex);
return (-2);
}
- pthread_mutex_unlock(&mutex);
-
- if (str == NULL)
+ if (str == NULL) {
+ pthread_mutex_unlock(&mutex);
return (1);
-
- if (strlen(str) >= len)
+ }
+ if (strlen(str) >= len) {
+ pthread_mutex_unlock(&mutex);
return (-3);
-
+ }
strcpy(auditstr, str);
+ return (0);
+}
+
+/*
+ * Return the policy field from the audit control file.
+ */
+int
+getacpol(char *auditstr, size_t len)
+{
+ char *str;
+ pthread_mutex_lock(&mutex);
+ setac_locked();
+ if (getstrfromtype_locked(POLICY_CONTROL_ENTRY, &str) < 0) {
+ pthread_mutex_unlock(&mutex);
+ return (-2);
+ }
+ if (str == NULL) {
+ pthread_mutex_unlock(&mutex);
+ return (-1);
+ }
+ if (strlen(str) >= len) {
+ pthread_mutex_unlock(&mutex);
+ return (-3);
+ }
+ strcpy(auditstr, str);
+ pthread_mutex_unlock(&mutex);
return (0);
}
diff --git a/contrib/openbsm/libbsm/bsm_io.c b/contrib/openbsm/libbsm/bsm_io.c
index 30639e6992af..25877351de1d 100644
--- a/contrib/openbsm/libbsm/bsm_io.c
+++ b/contrib/openbsm/libbsm/bsm_io.c
@@ -31,7 +31,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_io.c#40 $
+ * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_io.c#41 $
*/
#include <sys/types.h>
@@ -1190,7 +1190,8 @@ fetch_execarg_tok(tokenstr_t *tok, char *buf, int len)
for (i = 0; i < tok->tt.execarg.count; i++) {
bptr = buf + tok->len;
- tok->tt.execarg.text[i] = bptr;
+ if (i < AUDIT_MAX_ARGS)
+ tok->tt.execarg.text[i] = bptr;
/* Look for a null terminated string. */
while (bptr && (*bptr != '\0')) {
@@ -1202,6 +1203,8 @@ fetch_execarg_tok(tokenstr_t *tok, char *buf, int len)
return (-1);
tok->len++; /* \0 character */
}
+ if (tok->tt.execarg.count > AUDIT_MAX_ARGS)
+ tok->tt.execarg.count = AUDIT_MAX_ARGS;
return (0);
}
@@ -1235,9 +1238,10 @@ fetch_execenv_tok(tokenstr_t *tok, char *buf, int len)
if (err)
return (-1);
- for (i = 0; i< tok->tt.execenv.count; i++) {
+ for (i = 0; i < tok->tt.execenv.count; i++) {
bptr = buf + tok->len;
- tok->tt.execenv.text[i] = bptr;
+ if (i < AUDIT_MAX_ENV)
+ tok->tt.execenv.text[i] = bptr;
/* Look for a null terminated string. */
while (bptr && (*bptr != '\0')) {
@@ -1249,6 +1253,8 @@ fetch_execenv_tok(tokenstr_t *tok, char *buf, int len)
return (-1);
tok->len++; /* \0 character */
}
+ if (tok->tt.execenv.count > AUDIT_MAX_ENV)
+ tok->tt.execenv.count = AUDIT_MAX_ENV;
return (0);
}
diff --git a/contrib/openbsm/libbsm/bsm_token.c b/contrib/openbsm/libbsm/bsm_token.c
index f90cbc9f19ac..fecbeb84f219 100644
--- a/contrib/openbsm/libbsm/bsm_token.c
+++ b/contrib/openbsm/libbsm/bsm_token.c
@@ -30,7 +30,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#51 $
+ * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#52 $
*/
#include <sys/types.h>
@@ -71,7 +71,6 @@
#include <string.h>
#include <stdlib.h>
#include <unistd.h>
-#include <sys/socketvar.h>
#include <bsm/audit_internal.h>
#include <bsm/libbsm.h>
diff --git a/contrib/openbsm/libbsm/libbsm.3 b/contrib/openbsm/libbsm/libbsm.3
index df0c3c16e084..3d9aadd393e9 100644
--- a/contrib/openbsm/libbsm/libbsm.3
+++ b/contrib/openbsm/libbsm/libbsm.3
@@ -23,7 +23,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/libbsm.3#5 $
+.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/libbsm.3#7 $
.\"
.Dd April 19, 2005
.Dt LIBBSM 3
@@ -55,15 +55,18 @@ These are described respectively in the
.Xr au_notify 3 ,
.Xr au_stream 3 ,
.Xr au_token 3 ,
+and
.Xr au_user 3
-man pages.
+manual pages.
.Ss Audit Event Stream Interfaces
Audit event stream interfaces support interaction with file-backed audit
event streams:
-.Xr au_close 3 .
+.Xr au_close 3 ,
+.Xr au_close_buffer 3 ,
.Xr au_free_token 3 ,
.Xr au_open 3 ,
.Xr au_write 3 ,
+.Xr audit_submit 3 .
.Ss Audit Class Interfaces
Audit class interfaces support the look up of information from the
.Xr audit_class 5
@@ -83,7 +86,10 @@ database:
.Xr getacdir 3 ,
.Xr getacflg 3 ,
.Xr getacmin 3 ,
-.Xr getacna 3 .
+.Xr getacna 3 ,
+.Xr getacpol 3 ,
+.Xr au_poltostr 3 ,
+.Xr au_strtopol 3 .
.Ss Audit Event Interfaces
Audit event interfaces support the look up of information from the
.Xr audit_event 5
@@ -188,6 +194,7 @@ database:
.Xr au_stream 3 ,
.Xr au_token 3 ,
.Xr au_user 3 ,
+.Xr audit_submit 3 ,
.Xr audit_class 5 ,
.Xr audit_control 5
.Sh AUTHORS
diff --git a/contrib/openbsm/man/audit_control.5 b/contrib/openbsm/man/audit_control.5
index dd39afc76069..edd38bb72043 100644
--- a/contrib/openbsm/man/audit_control.5
+++ b/contrib/openbsm/man/audit_control.5
@@ -25,7 +25,7 @@
.\" IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
.\" POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $P4: //depot/projects/trustedbsd/openbsm/man/audit_control.5#9 $
+.\" $P4: //depot/projects/trustedbsd/openbsm/man/audit_control.5#11 $
.\"
.Dd January 4, 2006
.Dt AUDIT_CONTROL 5
@@ -63,6 +63,9 @@ an action cannot be attributed to a specific user.
The minimum free space required on the file system audit logs are being written to.
When the free space falls below this limit a warning will be issued.
Not currently used as the value of 20 percent is chosen by the kernel.
+.It Va policy
+A list of global audit policy flags specifying various behaviors, such as
+fail stop, auditing of paths and arguments, etc.
.El
.Sh AUDIT FLAGS
Audit flags are a comma-delimited list of audit classes as defined in the
@@ -86,6 +89,53 @@ Do not record successful events
.It ^-
Do not record failed events
.El
+.Sh AUDIT POLICY FLAGS
+The policy flags field is a comma-delimited list of policy flags from the
+following list:
+.Pp
+.Bl -tag -width zonename -compact -offset indent
+.It cnt
+Allow processes to continue running even though events are not being audited.
+If not set, processes will be suspended when the audit store space is
+exhausted.
+Currently, this is not a recoverable state.
+.It ahlt
+Fail stop the system if unable to audit an event--this consists of first
+draining pending records to disk, and then halting the operating system.
+.It argv
+Audit command line arguments to
+.Xr execve 2 .
+.It arge
+Audit environmental variable arguments to
+.Xr execve 2 .
+.It seq
+Include a unique audit sequence number token in generated audit records (not
+implemented on FreeBSD or Darwin).
+.It group
+Include supplementary groups list in generated audit records (not implemented
+on FreeBSD or Darwin; supplementary groups are never included in records on
+these systems).
+.It trail
+Append a trailer token to each audit record (not implemented on FreeBSD or
+Darwin; trailers are always included in records on these systems).
+.It path
+Include secondary file paths in audit records (not implemented on FreeBSD or
+Darwin; secondary paths are never included in records on these systems).
+.It zonename
+Include a zone ID token with each audit record (not implemented on FreeBSD or
+Darwin; FreeBSD audit records do not currently include the jail ID or name.)
+.It perzone
+Enable auditing for each local zone (not implemented on FreeBSD or Darwin; on
+FreeBSD, audit records are collected from all jails and placed in a single
+global trail, and only limited audit controls are permitted within a jail.)
+.El
+.Pp
+It is recommended that installations set the
+.Dv cnt
+flag but not
+.Dv ahlt
+flag unless it is intended that audit logs exceeding available disk space
+halt the system.
.Sh DEFAULT
The following settings appear in the default
.Nm
@@ -95,12 +145,18 @@ dir:/var/audit
flags:lo
minfree:20
naflags:lo
+policy:cnt
.Ed
.Pp
The
.Va flags
parameter above specifies the system-wide mask corresponding to login/logout
events.
+The
+.Va policy
+parameter specifies that the system should neither fail stop nor suspend
+processes when the audit store fills.
+will be audited.
.Sh FILES
.Bl -tag -width "/etc/security/audit_control" -compact
.It Pa /etc/security/audit_control
diff --git a/contrib/openbsm/man/auditon.2 b/contrib/openbsm/man/auditon.2
index 9dedbba53b07..04eb775afc85 100644
--- a/contrib/openbsm/man/auditon.2
+++ b/contrib/openbsm/man/auditon.2
@@ -25,7 +25,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.\" $P4: //depot/projects/trustedbsd/openbsm/man/auditon.2#7 $
+.\" $P4: //depot/projects/trustedbsd/openbsm/man/auditon.2#8 $
.\"
.Dd April 19, 2005
.Dt AUDITON 2
@@ -192,7 +192,7 @@ structure. The
field will be set to the maximum audit log file size.
A value of 0 indicates no limit to the size.
The
-.Ft af_filesz
+.Ft af_currsz
will be set to the current audit log file size.
.It Dv A_GETCWD
.\" [COMMENTED OUT]: Valid description, not yet implemented.
diff --git a/contrib/openbsm/test/reference/arg32_record b/contrib/openbsm/test/reference/arg32_record
new file mode 100644
index 000000000000..744dbcfd4437
--- /dev/null
+++ b/contrib/openbsm/test/reference/arg32_record
Binary files differ
diff --git a/contrib/openbsm/test/reference/arg32_token b/contrib/openbsm/test/reference/arg32_token
new file mode 100644
index 000000000000..3401aa13af9b
--- /dev/null
+++ b/contrib/openbsm/test/reference/arg32_token
Binary files differ
diff --git a/contrib/openbsm/test/reference/data_record b/contrib/openbsm/test/reference/data_record
new file mode 100644
index 000000000000..ffb3ff68647d
--- /dev/null
+++ b/contrib/openbsm/test/reference/data_record
Binary files differ
diff --git a/contrib/openbsm/test/reference/data_token b/contrib/openbsm/test/reference/data_token
new file mode 100644
index 000000000000..e000b8a3a09d
--- /dev/null
+++ b/contrib/openbsm/test/reference/data_token
Binary files differ
diff --git a/contrib/openbsm/test/reference/file_record b/contrib/openbsm/test/reference/file_record
new file mode 100644
index 000000000000..4be1f40118e3
--- /dev/null
+++ b/contrib/openbsm/test/reference/file_record
Binary files differ
diff --git a/contrib/openbsm/test/reference/file_token b/contrib/openbsm/test/reference/file_token
new file mode 100644
index 000000000000..8b6daa669bb4
--- /dev/null
+++ b/contrib/openbsm/test/reference/file_token
Binary files differ
diff --git a/contrib/openbsm/test/reference/header32_token b/contrib/openbsm/test/reference/header32_token
new file mode 100644
index 000000000000..dd72c1cf61a3
--- /dev/null
+++ b/contrib/openbsm/test/reference/header32_token
Binary files differ
diff --git a/contrib/openbsm/test/reference/in_addr_record b/contrib/openbsm/test/reference/in_addr_record
new file mode 100644
index 000000000000..0421f884f939
--- /dev/null
+++ b/contrib/openbsm/test/reference/in_addr_record
Binary files differ
diff --git a/contrib/openbsm/test/reference/in_addr_token b/contrib/openbsm/test/reference/in_addr_token
new file mode 100644
index 000000000000..56b32a7a3189
--- /dev/null
+++ b/contrib/openbsm/test/reference/in_addr_token
@@ -0,0 +1 @@
+*d \ No newline at end of file
diff --git a/contrib/openbsm/test/reference/ip_record b/contrib/openbsm/test/reference/ip_record
new file mode 100644
index 000000000000..22498445fd22
--- /dev/null
+++ b/contrib/openbsm/test/reference/ip_record
Binary files differ
diff --git a/contrib/openbsm/test/reference/ip_token b/contrib/openbsm/test/reference/ip_token
new file mode 100644
index 000000000000..96572a48ea19
--- /dev/null
+++ b/contrib/openbsm/test/reference/ip_token
Binary files differ
diff --git a/contrib/openbsm/test/reference/ipc_record b/contrib/openbsm/test/reference/ipc_record
new file mode 100644
index 000000000000..43eabb48d0d4
--- /dev/null
+++ b/contrib/openbsm/test/reference/ipc_record
Binary files differ
diff --git a/contrib/openbsm/test/reference/ipc_token b/contrib/openbsm/test/reference/ipc_token
new file mode 100644
index 000000000000..7d7690b23618
--- /dev/null
+++ b/contrib/openbsm/test/reference/ipc_token
@@ -0,0 +1 @@
+"4Vx \ No newline at end of file
diff --git a/contrib/openbsm/test/reference/iport_record b/contrib/openbsm/test/reference/iport_record
new file mode 100644
index 000000000000..228e8fe487f3
--- /dev/null
+++ b/contrib/openbsm/test/reference/iport_record
Binary files differ
diff --git a/contrib/openbsm/test/reference/iport_token b/contrib/openbsm/test/reference/iport_token
new file mode 100644
index 000000000000..0225a76dde89
--- /dev/null
+++ b/contrib/openbsm/test/reference/iport_token
Binary files differ
diff --git a/contrib/openbsm/test/reference/opaque_record b/contrib/openbsm/test/reference/opaque_record
new file mode 100644
index 000000000000..7763817d26cd
--- /dev/null
+++ b/contrib/openbsm/test/reference/opaque_record
Binary files differ
diff --git a/contrib/openbsm/test/reference/opaque_token b/contrib/openbsm/test/reference/opaque_token
new file mode 100644
index 000000000000..02460d3a36f8
--- /dev/null
+++ b/contrib/openbsm/test/reference/opaque_token
Binary files differ
diff --git a/contrib/openbsm/test/reference/path_record b/contrib/openbsm/test/reference/path_record
new file mode 100644
index 000000000000..e85e384e0677
--- /dev/null
+++ b/contrib/openbsm/test/reference/path_record
Binary files differ
diff --git a/contrib/openbsm/test/reference/path_token b/contrib/openbsm/test/reference/path_token
new file mode 100644
index 000000000000..18d8eefb73d2
--- /dev/null
+++ b/contrib/openbsm/test/reference/path_token
Binary files differ
diff --git a/contrib/openbsm/test/reference/process32_record b/contrib/openbsm/test/reference/process32_record
new file mode 100644
index 000000000000..b6a0a7720154
--- /dev/null
+++ b/contrib/openbsm/test/reference/process32_record
Binary files differ
diff --git a/contrib/openbsm/test/reference/process32_token b/contrib/openbsm/test/reference/process32_token
new file mode 100644
index 000000000000..a58adadf6dd4
--- /dev/null
+++ b/contrib/openbsm/test/reference/process32_token
Binary files differ
diff --git a/contrib/openbsm/test/reference/process32ex_record b/contrib/openbsm/test/reference/process32ex_record
new file mode 100644
index 000000000000..aa2cb560c1f4
--- /dev/null
+++ b/contrib/openbsm/test/reference/process32ex_record
Binary files differ
diff --git a/contrib/openbsm/test/reference/process32ex_token b/contrib/openbsm/test/reference/process32ex_token
new file mode 100644
index 000000000000..ba84a2a56cee
--- /dev/null
+++ b/contrib/openbsm/test/reference/process32ex_token
Binary files differ
diff --git a/contrib/openbsm/test/reference/return32_record b/contrib/openbsm/test/reference/return32_record
new file mode 100644
index 000000000000..f4a6a5b1d6a1
--- /dev/null
+++ b/contrib/openbsm/test/reference/return32_record
Binary files differ
diff --git a/contrib/openbsm/test/reference/return32_token b/contrib/openbsm/test/reference/return32_token
new file mode 100644
index 000000000000..e7a209862e6b
--- /dev/null
+++ b/contrib/openbsm/test/reference/return32_token
@@ -0,0 +1 @@
+'4Vx \ No newline at end of file
diff --git a/contrib/openbsm/test/reference/seq_record b/contrib/openbsm/test/reference/seq_record
new file mode 100644
index 000000000000..576c11232c5d
--- /dev/null
+++ b/contrib/openbsm/test/reference/seq_record
Binary files differ
diff --git a/contrib/openbsm/test/reference/seq_token b/contrib/openbsm/test/reference/seq_token
new file mode 100644
index 000000000000..99b51cfb06cf
--- /dev/null
+++ b/contrib/openbsm/test/reference/seq_token
@@ -0,0 +1 @@
+/4Vx \ No newline at end of file
diff --git a/contrib/openbsm/test/reference/subject32_record b/contrib/openbsm/test/reference/subject32_record
new file mode 100644
index 000000000000..9978e5dbb15e
--- /dev/null
+++ b/contrib/openbsm/test/reference/subject32_record
Binary files differ
diff --git a/contrib/openbsm/test/reference/subject32_token b/contrib/openbsm/test/reference/subject32_token
new file mode 100644
index 000000000000..2263fe53609c
--- /dev/null
+++ b/contrib/openbsm/test/reference/subject32_token
Binary files differ
diff --git a/contrib/openbsm/test/reference/subject32ex_record b/contrib/openbsm/test/reference/subject32ex_record
new file mode 100644
index 000000000000..ca28be4869ad
--- /dev/null
+++ b/contrib/openbsm/test/reference/subject32ex_record
Binary files differ
diff --git a/contrib/openbsm/test/reference/subject32ex_token-IPv4 b/contrib/openbsm/test/reference/subject32ex_token-IPv4
new file mode 100644
index 000000000000..0eaa71bcc76c
--- /dev/null
+++ b/contrib/openbsm/test/reference/subject32ex_token-IPv4
Binary files differ
diff --git a/contrib/openbsm/test/reference/subject32ex_token-IPv6 b/contrib/openbsm/test/reference/subject32ex_token-IPv6
new file mode 100644
index 000000000000..99202b15d434
--- /dev/null
+++ b/contrib/openbsm/test/reference/subject32ex_token-IPv6
Binary files differ
diff --git a/contrib/openbsm/test/reference/text_record b/contrib/openbsm/test/reference/text_record
new file mode 100644
index 000000000000..3bc9db76018b
--- /dev/null
+++ b/contrib/openbsm/test/reference/text_record
Binary files differ
diff --git a/contrib/openbsm/test/reference/text_token b/contrib/openbsm/test/reference/text_token
new file mode 100644
index 000000000000..12d58191dd65
--- /dev/null
+++ b/contrib/openbsm/test/reference/text_token
Binary files differ
diff --git a/contrib/openbsm/test/reference/trailer_token b/contrib/openbsm/test/reference/trailer_token
new file mode 100644
index 000000000000..138e0b3da126
--- /dev/null
+++ b/contrib/openbsm/test/reference/trailer_token
@@ -0,0 +1 @@
+4Vx \ No newline at end of file
diff --git a/contrib/openbsm/test/samples/execve-long-args.trail b/contrib/openbsm/test/samples/execve-long-args.trail
new file mode 100644
index 000000000000..0ad3af0253f6
--- /dev/null
+++ b/contrib/openbsm/test/samples/execve-long-args.trail
Binary files differ
diff --git a/contrib/openbsm/tools/audump.c b/contrib/openbsm/tools/audump.c
index 82515a8ffdfe..c591772c6651 100644
--- a/contrib/openbsm/tools/audump.c
+++ b/contrib/openbsm/tools/audump.c
@@ -1,5 +1,5 @@
/*-
- * Copyright (c) 2005 Robert N. M. Watson
+ * Copyright (c) 2005-2006 Robert N. M. Watson
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -23,7 +23,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/tools/audump.c#5 $
+ * $P4: //depot/projects/trustedbsd/openbsm/tools/audump.c#6 $
*/
#include <bsm/libbsm.h>
@@ -77,8 +77,9 @@ audump_class_r(void)
static void
audump_control(void)
{
- char string[PATH_MAX];
+ char string[PATH_MAX], string2[PATH_MAX];
int ret, val;
+ long policy;
ret = getacflg(string, PATH_MAX);
if (ret == -2)
@@ -116,6 +117,15 @@ audump_control(void)
printf("dir:%s\n", string);
} while (ret == 0);
+
+ ret = getacpol(string, PATH_MAX);
+ if (ret != 0)
+ err(-1, "getacpol");
+ if (au_strtopol(string, &policy) < 0)
+ err(-1, "au_strtopol");
+ if (au_poltostr(policy, string2, PATH_MAX) < 0)
+ err(-1, "au_poltostr");
+ printf("policy:%s\n", string2);
}
static void