aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRobert Watson <rwatson@FreeBSD.org>2006-09-02 09:37:14 +0000
committerRobert Watson <rwatson@FreeBSD.org>2006-09-02 09:37:14 +0000
commitfdb4472c922529a63f0a510764a809b6e6b9dbbb (patch)
tree3da41d520353ce92b4e87e3e00d9beafbe0899be
parent85feadf62abb053e6689d5e9cc8959b83d304f1d (diff)
downloadsrc-fdb4472c922529a63f0a510764a809b6e6b9dbbb.tar.gz
src-fdb4472c922529a63f0a510764a809b6e6b9dbbb.zip
Vendor import of OpenBSM 1.0 alpha 10, with the following changes:
- auditd now generates complete audit records for its events, as required for application-submitted audit records in the the FreeBSD kernel audit implementation. This also restores contrib/openbsm/bsm/audit_record to the vendor version after the build fixes previously committed; however, this file is not used in the build. Obtained from: TrustedBSD Project
Notes
Notes: svn path=/vendor/openbsm/dist/; revision=161863
-rw-r--r--contrib/openbsm/HISTORY8
-rw-r--r--contrib/openbsm/bin/auditd/auditd.c27
-rw-r--r--contrib/openbsm/bsm/audit_internal.h6
-rw-r--r--contrib/openbsm/bsm/audit_record.h4
-rwxr-xr-xcontrib/openbsm/configure22
-rw-r--r--contrib/openbsm/configure.ac4
6 files changed, 51 insertions, 20 deletions
diff --git a/contrib/openbsm/HISTORY b/contrib/openbsm/HISTORY
index 18b9dcae3d84..7b249ae63155 100644
--- a/contrib/openbsm/HISTORY
+++ b/contrib/openbsm/HISTORY
@@ -1,3 +1,9 @@
+OpenBSM 1.0 alpha 10
+
+- auditd now generates complete audit records for its events, as required for
+ application-submitted audit records in the the FreeBSD kernel audit
+ implementation.
+
OpenBSM 1.0 alpha 9
- Rename many OpenBSM-specific constants and API elements containing the
@@ -203,4 +209,4 @@ OpenBSM 1.0 alpha 1
to support reloading of kernel event table.
- Allow comments in /etc/security configuration files.
-$P4: //depot/projects/trustedbsd/openbsm/HISTORY#25 $
+$P4: //depot/projects/trustedbsd/openbsm/HISTORY#26 $
diff --git a/contrib/openbsm/bin/auditd/auditd.c b/contrib/openbsm/bin/auditd/auditd.c
index 39960810674c..838424e2bc7d 100644
--- a/contrib/openbsm/bin/auditd/auditd.c
+++ b/contrib/openbsm/bin/auditd/auditd.c
@@ -30,7 +30,7 @@
*
* @APPLE_BSD_LICENSE_HEADER_END@
*
- * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#17 $
+ * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#18 $
*/
#include <sys/types.h>
@@ -366,6 +366,7 @@ read_control_file(void)
static int
close_all(void)
{
+ struct auditinfo ai;
int err_ret = 0;
char TS[POSTFIX_LEN];
int aufd;
@@ -378,6 +379,17 @@ close_all(void)
else {
if ((tok = au_to_text("auditd::Audit shutdown")) != NULL)
au_write(aufd, tok);
+ /*
+ * XXX we need to implement extended subject tokens so we can
+ * effectively represent terminal lines with this token type.
+ */
+ bzero(&ai, sizeof(ai));
+ if ((tok = au_to_subject32(getuid(), geteuid(), getegid(),
+ getuid(), getgid(), getpid(), getpid(), &ai.ai_termid))
+ != NULL)
+ au_write(aufd, tok);
+ if ((tok = au_to_return32(0, 0)) != NULL)
+ au_write(aufd, tok);
if (au_close(aufd, 1, AUE_audit_shutdown) == -1)
syslog(LOG_ERR,
"Could not close audit shutdown event.");
@@ -745,6 +757,7 @@ config_audit_controls(void)
static void
setup(void)
{
+ struct auditinfo ai;
auditinfo_t auinfo;
int aufd;
token_t *tok;
@@ -781,8 +794,20 @@ setup(void)
if ((aufd = au_open()) == -1)
syslog(LOG_ERR, "Could not create audit startup event.");
else {
+ /*
+ * XXXCSJP Perhaps we wan't more robust audit records for
+ * audit start up and shutdown. This might include capturing
+ * failures to initialize the audit subsystem?
+ */
+ bzero(&ai, sizeof(ai));
+ if ((tok = au_to_subject32(getuid(), geteuid(), getegid(),
+ getuid(), getgid(), getpid(), getpid(), &ai.ai_termid))
+ != NULL)
+ au_write(aufd, tok);
if ((tok = au_to_text("auditd::Audit startup")) != NULL)
au_write(aufd, tok);
+ if ((tok = au_to_return32(0, 0)) != NULL)
+ au_write(aufd, tok);
if (au_close(aufd, 1, AUE_audit_startup) == -1)
syslog(LOG_ERR,
"Could not close audit startup event.");
diff --git a/contrib/openbsm/bsm/audit_internal.h b/contrib/openbsm/bsm/audit_internal.h
index 97bafca6977f..b579c1b86232 100644
--- a/contrib/openbsm/bsm/audit_internal.h
+++ b/contrib/openbsm/bsm/audit_internal.h
@@ -34,7 +34,7 @@
*
* @APPLE_BSD_LICENSE_HEADER_END@
*
- * $P4: //depot/projects/trustedbsd/openbsm/bsm/audit_internal.h#14 $
+ * $P4: //depot/projects/trustedbsd/openbsm/bsm/audit_internal.h#15 $
*/
#ifndef _AUDIT_INTERNAL_H
@@ -70,9 +70,9 @@ typedef struct au_record au_record_t;
/*
* We could determined the header and trailer sizes by defining appropriate
- * structures. We hold off that approach until we have a consistant way of
+ * structures. We hold off that approach until we have a consistent way of
* using structures for all tokens. This is not straightforward since these
- * token structures may contain pointers of whose contents we dont know the
+ * token structures may contain pointers of whose contents we do not know the
* size (e.g text tokens).
*/
#define AUDIT_HEADER_SIZE 18
diff --git a/contrib/openbsm/bsm/audit_record.h b/contrib/openbsm/bsm/audit_record.h
index 13828309fd07..79d13c3c3c20 100644
--- a/contrib/openbsm/bsm/audit_record.h
+++ b/contrib/openbsm/bsm/audit_record.h
@@ -322,8 +322,8 @@ token_t *au_to_subject64_ex(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid,
token_t *au_to_exec_args(char *args, int argc);
token_t *au_to_exec_env(char *envs, int envc);
#else
-token_t *au_to_exec_args(const char **argv);
-token_t *au_to_exec_env(const char **envp);
+token_t *au_to_exec_args(char **argv);
+token_t *au_to_exec_env(char **envp);
#endif
token_t *au_to_text(char *text);
token_t *au_to_kevent(struct kevent *kev);
diff --git a/contrib/openbsm/configure b/contrib/openbsm/configure
index c7e1c35403d7..c6394ade3025 100755
--- a/contrib/openbsm/configure
+++ b/contrib/openbsm/configure
@@ -1,7 +1,7 @@
#! /bin/sh
-# From configure.ac P4: //depot/projects/trustedbsd/openbsm/configure.ac#27 .
+# From configure.ac P4: //depot/projects/trustedbsd/openbsm/configure.ac#28 .
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.59 for OpenBSM 1.0a9.
+# Generated by GNU Autoconf 2.59 for OpenBSM 1.0a10.
#
# Report bugs to <trustedbsd-audit@TrustesdBSD.org>.
#
@@ -424,8 +424,8 @@ SHELL=${CONFIG_SHELL-/bin/sh}
# Identity of this package.
PACKAGE_NAME='OpenBSM'
PACKAGE_TARNAME='openbsm'
-PACKAGE_VERSION='1.0a9'
-PACKAGE_STRING='OpenBSM 1.0a9'
+PACKAGE_VERSION='1.0a10'
+PACKAGE_STRING='OpenBSM 1.0a10'
PACKAGE_BUGREPORT='trustedbsd-audit@TrustesdBSD.org'
ac_unique_file="bin/auditreduce/auditreduce.c"
@@ -955,7 +955,7 @@ if test "$ac_init_help" = "long"; then
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures OpenBSM 1.0a9 to adapt to many kinds of systems.
+\`configure' configures OpenBSM 1.0a10 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1021,7 +1021,7 @@ fi
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of OpenBSM 1.0a9:";;
+ short | recursive ) echo "Configuration of OpenBSM 1.0a10:";;
esac
cat <<\_ACEOF
@@ -1162,7 +1162,7 @@ fi
test -n "$ac_init_help" && exit 0
if $ac_init_version; then
cat <<\_ACEOF
-OpenBSM configure 1.0a9
+OpenBSM configure 1.0a10
generated by GNU Autoconf 2.59
Copyright (C) 2003 Free Software Foundation, Inc.
@@ -1176,7 +1176,7 @@ cat >&5 <<_ACEOF
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by OpenBSM $as_me 1.0a9, which was
+It was created by OpenBSM $as_me 1.0a10, which was
generated by GNU Autoconf 2.59. Invocation command line was
$ $0 $@
@@ -19278,7 +19278,7 @@ fi
# Define the identity of the package.
PACKAGE=OpenBSM
- VERSION=1.0a9
+ VERSION=1.0a10
cat >>confdefs.h <<_ACEOF
@@ -23478,7 +23478,7 @@ _ASBOX
} >&5
cat >&5 <<_CSEOF
-This file was extended by OpenBSM $as_me 1.0a9, which was
+This file was extended by OpenBSM $as_me 1.0a10, which was
generated by GNU Autoconf 2.59. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -23541,7 +23541,7 @@ _ACEOF
cat >>$CONFIG_STATUS <<_ACEOF
ac_cs_version="\\
-OpenBSM config.status 1.0a9
+OpenBSM config.status 1.0a10
configured by $0, generated by GNU Autoconf 2.59,
with options \\"`echo "$ac_configure_args" | sed 's/[\\""\`\$]/\\\\&/g'`\\"
diff --git a/contrib/openbsm/configure.ac b/contrib/openbsm/configure.ac
index 9302b2a39456..cd708bedecca 100644
--- a/contrib/openbsm/configure.ac
+++ b/contrib/openbsm/configure.ac
@@ -2,8 +2,8 @@
# Process this file with autoconf to produce a configure script.
AC_PREREQ(2.59)
-AC_INIT([OpenBSM], [1.0a9], [trustedbsd-audit@TrustesdBSD.org],[openbsm])
-AC_REVISION([$P4: //depot/projects/trustedbsd/openbsm/configure.ac#28 $])
+AC_INIT([OpenBSM], [1.0a10], [trustedbsd-audit@TrustesdBSD.org],[openbsm])
+AC_REVISION([$P4: //depot/projects/trustedbsd/openbsm/configure.ac#29 $])
AC_CONFIG_SRCDIR([bin/auditreduce/auditreduce.c])
AC_CONFIG_AUX_DIR(config)
AC_CONFIG_HEADER([config/config.h])