diff options
| author | rwatson <rwatson@FreeBSD.org> | 2008-11-12 23:48:20 +0000 |
|---|---|---|
| committer | rwatson <rwatson@FreeBSD.org> | 2008-11-12 23:48:20 +0000 |
| commit | 2bd138f9edd4a43ef97291f03523af35e1ae18f8 (patch) | |
| tree | e103f4f6bb4ebb161c9702d64560b216d1990d94 /contrib/openbsm/bin | |
| parent | 280c17909566cfd4eff091c2747edb9d747f7343 (diff) | |
| download | FreeBSD-src-2bd138f9edd4a43ef97291f03523af35e1ae18f8.zip FreeBSD-src-2bd138f9edd4a43ef97291f03523af35e1ae18f8.tar.gz | |
Flatten OpenBSM vendor tree in preparation for new OpenBSM vendor
import.
Diffstat (limited to 'contrib/openbsm/bin')
32 files changed, 0 insertions, 7133 deletions
diff --git a/contrib/openbsm/bin/Makefile b/contrib/openbsm/bin/Makefile deleted file mode 100644 index 3bc4a6c..0000000 --- a/contrib/openbsm/bin/Makefile +++ /dev/null @@ -1,10 +0,0 @@ -# -# $P4: //depot/projects/trustedbsd/openbsm/bin/Makefile#4 $ -# - -SUBDIR= audit \ - auditd \ - auditreduce \ - praudit - -.include <bsd.subdir.mk> diff --git a/contrib/openbsm/bin/Makefile.am b/contrib/openbsm/bin/Makefile.am deleted file mode 100644 index 735c241..0000000 --- a/contrib/openbsm/bin/Makefile.am +++ /dev/null @@ -1,14 +0,0 @@ -# -# $P4: //depot/projects/trustedbsd/openbsm/bin/Makefile.am#3 $ -# - -SUBDIRS = \ - auditfilterd \ - auditreduce \ - praudit - -if HAVE_AUDIT_SYSCALLS -SUBDIRS += \ - audit \ - auditd -endif diff --git a/contrib/openbsm/bin/Makefile.in b/contrib/openbsm/bin/Makefile.in deleted file mode 100644 index 8124228..0000000 --- a/contrib/openbsm/bin/Makefile.in +++ /dev/null @@ -1,489 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# -# $P4: //depot/projects/trustedbsd/openbsm/bin/Makefile.in#5 $ -# -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -@HAVE_AUDIT_SYSCALLS_TRUE@am__append_1 = \ -@HAVE_AUDIT_SYSCALLS_TRUE@ audit \ -@HAVE_AUDIT_SYSCALLS_TRUE@ auditd - -subdir = bin -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/configure.ac -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/config/config.h -CONFIG_CLEAN_FILES = -SOURCES = -DIST_SOURCES = -RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \ - html-recursive info-recursive install-data-recursive \ - install-dvi-recursive install-exec-recursive \ - install-html-recursive install-info-recursive \ - install-pdf-recursive install-ps-recursive install-recursive \ - installcheck-recursive installdirs-recursive pdf-recursive \ - ps-recursive uninstall-recursive -RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \ - distclean-recursive maintainer-clean-recursive -ETAGS = etags -CTAGS = ctags -DIST_SUBDIRS = auditfilterd auditreduce praudit audit auditd -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CC = @CC@ -CCDEPMODE = @CCDEPMODE@ -CFLAGS = @CFLAGS@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXDEPMODE = @CXXDEPMODE@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DEFS = @DEFS@ -DEPDIR = @DEPDIR@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -RANLIB = @RANLIB@ -SED = @SED@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__include = @am__include@ -am__leading_dot = @am__leading_dot@ -am__quote = @am__quote@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUBDIRS = auditfilterd auditreduce praudit $(am__append_1) -all: all-recursive - -.SUFFIXES: -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign bin/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign bin/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs - -# This directory's subdirectories are mostly independent; you can cd -# into them and run `make' without going through this Makefile. -# To change the values of `make' variables: instead of editing Makefiles, -# (1) if the variable is set in `config.status', edit `config.status' -# (which will cause the Makefiles to be regenerated when you run `make'); -# (2) otherwise, pass the desired values on the `make' command line. -$(RECURSIVE_TARGETS): - @failcom='exit 1'; \ - for f in x $$MAKEFLAGS; do \ - case $$f in \ - *=* | --[!k]*);; \ - *k*) failcom='fail=yes';; \ - esac; \ - done; \ - dot_seen=no; \ - target=`echo $@ | sed s/-recursive//`; \ - list='$(SUBDIRS)'; for subdir in $$list; do \ - echo "Making $$target in $$subdir"; \ - if test "$$subdir" = "."; then \ - dot_seen=yes; \ - local_target="$$target-am"; \ - else \ - local_target="$$target"; \ - fi; \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ - || eval $$failcom; \ - done; \ - if test "$$dot_seen" = "no"; then \ - $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \ - fi; test -z "$$fail" - -$(RECURSIVE_CLEAN_TARGETS): - @failcom='exit 1'; \ - for f in x $$MAKEFLAGS; do \ - case $$f in \ - *=* | --[!k]*);; \ - *k*) failcom='fail=yes';; \ - esac; \ - done; \ - dot_seen=no; \ - case "$@" in \ - distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \ - *) list='$(SUBDIRS)' ;; \ - esac; \ - rev=''; for subdir in $$list; do \ - if test "$$subdir" = "."; then :; else \ - rev="$$subdir $$rev"; \ - fi; \ - done; \ - rev="$$rev ."; \ - target=`echo $@ | sed s/-recursive//`; \ - for subdir in $$rev; do \ - echo "Making $$target in $$subdir"; \ - if test "$$subdir" = "."; then \ - local_target="$$target-am"; \ - else \ - local_target="$$target"; \ - fi; \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ - || eval $$failcom; \ - done && test -z "$$fail" -tags-recursive: - list='$(SUBDIRS)'; for subdir in $$list; do \ - test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \ - done -ctags-recursive: - list='$(SUBDIRS)'; for subdir in $$list; do \ - test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \ - done - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \ - include_option=--etags-include; \ - empty_fix=.; \ - else \ - include_option=--include; \ - empty_fix=; \ - fi; \ - list='$(SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" = .; then :; else \ - test ! -f $$subdir/TAGS || \ - tags="$$tags $$include_option=$$here/$$subdir/TAGS"; \ - fi; \ - done; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: ctags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" = .; then :; else \ - test -d "$(distdir)/$$subdir" \ - || $(MKDIR_P) "$(distdir)/$$subdir" \ - || exit 1; \ - distdir=`$(am__cd) $(distdir) && pwd`; \ - top_distdir=`$(am__cd) $(top_distdir) && pwd`; \ - (cd $$subdir && \ - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$$top_distdir" \ - distdir="$$distdir/$$subdir" \ - am__remove_distdir=: \ - am__skip_length_check=: \ - distdir) \ - || exit 1; \ - fi; \ - done -check-am: all-am -check: check-recursive -all-am: Makefile -installdirs: installdirs-recursive -installdirs-am: -install: install-recursive -install-exec: install-exec-recursive -install-data: install-data-recursive -uninstall: uninstall-recursive - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-recursive -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-recursive - -clean-am: clean-generic clean-libtool mostlyclean-am - -distclean: distclean-recursive - -rm -f Makefile -distclean-am: clean-am distclean-generic distclean-tags - -dvi: dvi-recursive - -dvi-am: - -html: html-recursive - -info: info-recursive - -info-am: - -install-data-am: - -install-dvi: install-dvi-recursive - -install-exec-am: - -install-html: install-html-recursive - -install-info: install-info-recursive - -install-man: - -install-pdf: install-pdf-recursive - -install-ps: install-ps-recursive - -installcheck-am: - -maintainer-clean: maintainer-clean-recursive - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-recursive - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-recursive - -pdf-am: - -ps: ps-recursive - -ps-am: - -uninstall-am: - -.MAKE: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) install-am \ - install-strip - -.PHONY: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) CTAGS GTAGS \ - all all-am check check-am clean clean-generic clean-libtool \ - ctags ctags-recursive distclean distclean-generic \ - distclean-libtool distclean-tags distdir dvi dvi-am html \ - html-am info info-am install install-am install-data \ - install-data-am install-dvi install-dvi-am install-exec \ - install-exec-am install-html install-html-am install-info \ - install-info-am install-man install-pdf install-pdf-am \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs installdirs-am maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-generic \ - mostlyclean-libtool pdf pdf-am ps ps-am tags tags-recursive \ - uninstall uninstall-am - -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/contrib/openbsm/bin/audit/Makefile b/contrib/openbsm/bin/audit/Makefile deleted file mode 100644 index cec37ea..0000000 --- a/contrib/openbsm/bin/audit/Makefile +++ /dev/null @@ -1,12 +0,0 @@ -# -# $P4: //depot/projects/trustedbsd/openbsm/bin/audit/Makefile#2 $ -# - -CFLAGS+= -I- -I ../.. -I ../../libbsm -L ../../libbsm -I. -PROG= audit -MAN= audit.8 -DPADD= /usr/lib/libbsm.a -LDADD= -lbsm -BINDIR= /usr/sbin - -.include <bsd.prog.mk> diff --git a/contrib/openbsm/bin/audit/Makefile.am b/contrib/openbsm/bin/audit/Makefile.am deleted file mode 100644 index 83094bb..0000000 --- a/contrib/openbsm/bin/audit/Makefile.am +++ /dev/null @@ -1,10 +0,0 @@ -# -# $P4: //depot/projects/trustedbsd/openbsm/bin/audit/Makefile.am#1 $ -# - -INCLUDES = -I$(top_srcdir) - -sbin_PROGRAMS = audit -audit_SOURCES = audit.c -audit_LDADD = $(top_builddir)/libbsm/libbsm.la -man8_MANS = audit.8 diff --git a/contrib/openbsm/bin/audit/Makefile.in b/contrib/openbsm/bin/audit/Makefile.in deleted file mode 100644 index 9f5e7bd..0000000 --- a/contrib/openbsm/bin/audit/Makefile.in +++ /dev/null @@ -1,516 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# -# $P4: //depot/projects/trustedbsd/openbsm/bin/audit/Makefile.in#4 $ -# - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -sbin_PROGRAMS = audit$(EXEEXT) -subdir = bin/audit -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/configure.ac -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/config/config.h -CONFIG_CLEAN_FILES = -am__installdirs = "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(man8dir)" -sbinPROGRAMS_INSTALL = $(INSTALL_PROGRAM) -PROGRAMS = $(sbin_PROGRAMS) -am_audit_OBJECTS = audit.$(OBJEXT) -audit_OBJECTS = $(am_audit_OBJECTS) -audit_DEPENDENCIES = $(top_builddir)/libbsm/libbsm.la -DEFAULT_INCLUDES = -I. -I$(top_builddir)/config@am__isrc@ -depcomp = $(SHELL) $(top_srcdir)/config/depcomp -am__depfiles_maybe = depfiles -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ -SOURCES = $(audit_SOURCES) -DIST_SOURCES = $(audit_SOURCES) -man8dir = $(mandir)/man8 -NROFF = nroff -MANS = $(man8_MANS) -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CC = @CC@ -CCDEPMODE = @CCDEPMODE@ -CFLAGS = @CFLAGS@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXDEPMODE = @CXXDEPMODE@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DEFS = @DEFS@ -DEPDIR = @DEPDIR@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -RANLIB = @RANLIB@ -SED = @SED@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__include = @am__include@ -am__leading_dot = @am__leading_dot@ -am__quote = @am__quote@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -INCLUDES = -I$(top_srcdir) -audit_SOURCES = audit.c -audit_LDADD = $(top_builddir)/libbsm/libbsm.la -man8_MANS = audit.8 -all: all-am - -.SUFFIXES: -.SUFFIXES: .c .lo .o .obj -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign bin/audit/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign bin/audit/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -install-sbinPROGRAMS: $(sbin_PROGRAMS) - @$(NORMAL_INSTALL) - test -z "$(sbindir)" || $(MKDIR_P) "$(DESTDIR)$(sbindir)" - @list='$(sbin_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(sbindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(sbindir)/$$f" || exit 1; \ - else :; fi; \ - done - -uninstall-sbinPROGRAMS: - @$(NORMAL_UNINSTALL) - @list='$(sbin_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(sbindir)/$$f'"; \ - rm -f "$(DESTDIR)$(sbindir)/$$f"; \ - done - -clean-sbinPROGRAMS: - @list='$(sbin_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -audit$(EXEEXT): $(audit_OBJECTS) $(audit_DEPENDENCIES) - @rm -f audit$(EXEEXT) - $(LINK) $(audit_OBJECTS) $(audit_LDADD) $(LIBS) - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/audit.Po@am__quote@ - -.c.o: -@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< -@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(COMPILE) -c $< - -.c.obj: -@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` -@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: -@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< -@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-man8: $(man8_MANS) $(man_MANS) - @$(NORMAL_INSTALL) - test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)" - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \ - done -uninstall-man8: - @$(NORMAL_UNINSTALL) - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man8dir)/$$inst"; \ - done - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done -check-am: all-am -check: check-am -all-am: Makefile $(PROGRAMS) $(MANS) -installdirs: - for dir in "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(man8dir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libtool clean-sbinPROGRAMS \ - mostlyclean-am - -distclean: distclean-am - -rm -rf ./$(DEPDIR) - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: install-man - -install-dvi: install-dvi-am - -install-exec-am: install-sbinPROGRAMS - -install-html: install-html-am - -install-info: install-info-am - -install-man: install-man8 - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -rf ./$(DEPDIR) - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-man uninstall-sbinPROGRAMS - -uninstall-man: uninstall-man8 - -.MAKE: install-am install-strip - -.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ - clean-libtool clean-sbinPROGRAMS ctags distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-man8 install-pdf install-pdf-am install-ps \ - install-ps-am install-sbinPROGRAMS install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-man uninstall-man8 \ - uninstall-sbinPROGRAMS - -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/contrib/openbsm/bin/audit/audit.8 b/contrib/openbsm/bin/audit/audit.8 deleted file mode 100644 index b735981..0000000 --- a/contrib/openbsm/bin/audit/audit.8 +++ /dev/null @@ -1,86 +0,0 @@ -.\" Copyright (c) 2004 Apple Computer, Inc. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. Neither the name of Apple Computer, Inc. ("Apple") nor the names of -.\" its contributors may be used to endorse or promote products derived -.\" from this software without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND ANY -.\" EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -.\" WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -.\" DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR ANY -.\" DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -.\" (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -.\" ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF -.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.\" $P4: //depot/projects/trustedbsd/openbsm/bin/audit/audit.8#10 $ -.\" -.Dd October 2, 2006 -.Dt AUDIT 8 -.Os -.Sh NAME -.Nm audit -.Nd audit management utility -.Sh SYNOPSIS -.Nm -.Fl n | s | t -.Sh DESCRIPTION -The -.Nm -utility controls the state of the audit system. -One of the following flags is required as an argument to -.Nm : -.Bl -tag -width indent -.It Fl n -Forces the audit system to close the existing audit log file and rotate to -a new log file in a location specified in the audit control file. -.It Fl s -Specifies that the audit system should [re]synchronize its -configuration from the audit control file. -A new log file will be created. -.It Fl t -Specifies that the audit system should terminate. -Log files are closed -and renamed to indicate the time of the shutdown. -.El -.Sh NOTES -The -.Xr auditd 8 -daemon must already be running. -.Sh FILES -.Bl -tag -width ".Pa /etc/security/audit_control" -compact -.It Pa /etc/security/audit_control -Audit policy file used to configure the auditing system. -.El -.Sh SEE ALSO -.Xr audit 4 , -.Xr audit_control 5 , -.Xr auditd 8 -.Sh HISTORY -The OpenBSM implementation was created by McAfee Research, the security -division of McAfee Inc., under contract to Apple Computer Inc.\& in 2004. -It was subsequently adopted by the TrustedBSD Project as the foundation for -the OpenBSM distribution. -.Sh AUTHORS -.An -nosplit -This software was created by McAfee Research, the security research division -of McAfee, Inc., under contract to Apple Computer Inc. -Additional authors include -.An Wayne Salamon , -.An Robert Watson , -and SPARTA Inc. -.Pp -The Basic Security Module (BSM) interface to audit records and audit event -stream format were defined by Sun Microsystems. diff --git a/contrib/openbsm/bin/audit/audit.c b/contrib/openbsm/bin/audit/audit.c deleted file mode 100644 index 3540464..0000000 --- a/contrib/openbsm/bin/audit/audit.c +++ /dev/null @@ -1,98 +0,0 @@ -/* - * Copyright (c) 2005 Apple Computer, Inc. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of Apple Computer, Inc. ("Apple") nor the names of - * its contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND - * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - * - * $P4: //depot/projects/trustedbsd/openbsm/bin/audit/audit.c#8 $ - */ -/* - * Program to trigger the audit daemon with a message that is either: - * - Open a new audit log file - * - Read the audit control file and take action on it - * - Close the audit log file and exit - * - */ - -#include <sys/types.h> -#include <sys/queue.h> -#include <sys/uio.h> - -#include <bsm/libbsm.h> - -#include <fcntl.h> -#include <stdio.h> -#include <stdlib.h> -#include <unistd.h> - -static void -usage(void) -{ - - (void)fprintf(stderr, "Usage: audit -n | -s | -t \n"); - exit(-1); -} - -/* - * Main routine to process command line options. - */ -int -main(int argc, char **argv) -{ - int ch; - unsigned int trigger = 0; - - if (argc != 2) - usage(); - - while ((ch = getopt(argc, argv, "nst")) != -1) { - switch(ch) { - - case 'n': - trigger = AUDIT_TRIGGER_ROTATE_USER; - break; - - case 's': - trigger = AUDIT_TRIGGER_READ_FILE; - break; - - case 't': - trigger = AUDIT_TRIGGER_CLOSE_AND_DIE; - break; - - case '?': - default: - usage(); - break; - } - } - if (auditon(A_SENDTRIGGER, &trigger, sizeof(trigger)) < 0) { - perror("Error sending trigger"); - exit(-1); - } else { - printf("Trigger sent.\n"); - exit (0); - } -} diff --git a/contrib/openbsm/bin/auditd/Makefile b/contrib/openbsm/bin/auditd/Makefile deleted file mode 100644 index fbbdc47..0000000 --- a/contrib/openbsm/bin/auditd/Makefile +++ /dev/null @@ -1,13 +0,0 @@ -# -# $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/Makefile#2 $ -# - -CFLAGS+= -I- -I ../.. -I ../../libbsm -L ../../libbsm -I. -PROG= auditd -SRCS= audit_warn.c auditd.c -MAN= auditd.8 -DPADD= /usr/lib/libbsm.a -LDADD= -lbsm -BINDIR= /usr/sbin - -.include <bsd.prog.mk> diff --git a/contrib/openbsm/bin/auditd/Makefile.am b/contrib/openbsm/bin/auditd/Makefile.am deleted file mode 100644 index eecfa55..0000000 --- a/contrib/openbsm/bin/auditd/Makefile.am +++ /dev/null @@ -1,10 +0,0 @@ -# -# $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/Makefile.am#1 $ -# - -INCLUDES = -I$(top_srcdir) - -sbin_PROGRAMS = auditd -auditd_SOURCES = audit_warn.c auditd.c -auditd_LDADD = $(top_builddir)/libbsm/libbsm.la -man8_MANS = auditd.8 diff --git a/contrib/openbsm/bin/auditd/Makefile.in b/contrib/openbsm/bin/auditd/Makefile.in deleted file mode 100644 index 9ff9451..0000000 --- a/contrib/openbsm/bin/auditd/Makefile.in +++ /dev/null @@ -1,517 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# -# $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/Makefile.in#4 $ -# - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -sbin_PROGRAMS = auditd$(EXEEXT) -subdir = bin/auditd -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/configure.ac -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/config/config.h -CONFIG_CLEAN_FILES = -am__installdirs = "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(man8dir)" -sbinPROGRAMS_INSTALL = $(INSTALL_PROGRAM) -PROGRAMS = $(sbin_PROGRAMS) -am_auditd_OBJECTS = audit_warn.$(OBJEXT) auditd.$(OBJEXT) -auditd_OBJECTS = $(am_auditd_OBJECTS) -auditd_DEPENDENCIES = $(top_builddir)/libbsm/libbsm.la -DEFAULT_INCLUDES = -I. -I$(top_builddir)/config@am__isrc@ -depcomp = $(SHELL) $(top_srcdir)/config/depcomp -am__depfiles_maybe = depfiles -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ -SOURCES = $(auditd_SOURCES) -DIST_SOURCES = $(auditd_SOURCES) -man8dir = $(mandir)/man8 -NROFF = nroff -MANS = $(man8_MANS) -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CC = @CC@ -CCDEPMODE = @CCDEPMODE@ -CFLAGS = @CFLAGS@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXDEPMODE = @CXXDEPMODE@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DEFS = @DEFS@ -DEPDIR = @DEPDIR@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -RANLIB = @RANLIB@ -SED = @SED@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__include = @am__include@ -am__leading_dot = @am__leading_dot@ -am__quote = @am__quote@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -INCLUDES = -I$(top_srcdir) -auditd_SOURCES = audit_warn.c auditd.c -auditd_LDADD = $(top_builddir)/libbsm/libbsm.la -man8_MANS = auditd.8 -all: all-am - -.SUFFIXES: -.SUFFIXES: .c .lo .o .obj -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign bin/auditd/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign bin/auditd/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -install-sbinPROGRAMS: $(sbin_PROGRAMS) - @$(NORMAL_INSTALL) - test -z "$(sbindir)" || $(MKDIR_P) "$(DESTDIR)$(sbindir)" - @list='$(sbin_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(sbindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(sbindir)/$$f" || exit 1; \ - else :; fi; \ - done - -uninstall-sbinPROGRAMS: - @$(NORMAL_UNINSTALL) - @list='$(sbin_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(sbindir)/$$f'"; \ - rm -f "$(DESTDIR)$(sbindir)/$$f"; \ - done - -clean-sbinPROGRAMS: - @list='$(sbin_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -auditd$(EXEEXT): $(auditd_OBJECTS) $(auditd_DEPENDENCIES) - @rm -f auditd$(EXEEXT) - $(LINK) $(auditd_OBJECTS) $(auditd_LDADD) $(LIBS) - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/audit_warn.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/auditd.Po@am__quote@ - -.c.o: -@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< -@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(COMPILE) -c $< - -.c.obj: -@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` -@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: -@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< -@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-man8: $(man8_MANS) $(man_MANS) - @$(NORMAL_INSTALL) - test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)" - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \ - done -uninstall-man8: - @$(NORMAL_UNINSTALL) - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man8dir)/$$inst"; \ - done - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done -check-am: all-am -check: check-am -all-am: Makefile $(PROGRAMS) $(MANS) -installdirs: - for dir in "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(man8dir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libtool clean-sbinPROGRAMS \ - mostlyclean-am - -distclean: distclean-am - -rm -rf ./$(DEPDIR) - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: install-man - -install-dvi: install-dvi-am - -install-exec-am: install-sbinPROGRAMS - -install-html: install-html-am - -install-info: install-info-am - -install-man: install-man8 - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -rf ./$(DEPDIR) - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-man uninstall-sbinPROGRAMS - -uninstall-man: uninstall-man8 - -.MAKE: install-am install-strip - -.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ - clean-libtool clean-sbinPROGRAMS ctags distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-man8 install-pdf install-pdf-am install-ps \ - install-ps-am install-sbinPROGRAMS install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-man uninstall-man8 \ - uninstall-sbinPROGRAMS - -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/contrib/openbsm/bin/auditd/audit_warn.c b/contrib/openbsm/bin/auditd/audit_warn.c deleted file mode 100644 index ef3de52..0000000 --- a/contrib/openbsm/bin/auditd/audit_warn.c +++ /dev/null @@ -1,243 +0,0 @@ -/* - * Copyright (c) 2005 Apple Computer, Inc. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of Apple Computer, Inc. ("Apple") nor the names of - * its contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND - * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - * - * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/audit_warn.c#8 $ - */ - -#include <sys/types.h> - -#include <stdio.h> -#include <stdlib.h> -#include <unistd.h> - -#include "auditd.h" - -/* - * Write an audit-related error to the system log via syslog(3). - */ -static int -auditwarnlog(char *args[]) -{ - char *loc_args[9]; - pid_t pid; - int i; - - loc_args[0] = AUDITWARN_SCRIPT; - for (i = 0; args[i] != NULL && i < 8; i++) - loc_args[i+1] = args[i]; - loc_args[i+1] = NULL; - - pid = fork(); - if (pid == -1) - return (-1); - if (pid == 0) { - /* - * Child. - */ - execv(AUDITWARN_SCRIPT, loc_args); - syslog(LOG_ERR, "Could not exec %s (%m)\n", - AUDITWARN_SCRIPT); - exit(1); - } - /* - * Parent. - */ - return (0); -} - -/* - * Indicates that the hard limit for all filesystems has been exceeded count - * times. - */ -int -audit_warn_allhard(int count) -{ - char intstr[12]; - char *args[3]; - - snprintf(intstr, 12, "%d", count); - - args[0] = HARDLIM_ALL_WARN; - args[1] = intstr; - args[2] = NULL; - - return (auditwarnlog(args)); -} - -/* - * Indicates that the soft limit for all filesystems has been exceeded. - */ -int -audit_warn_allsoft(void) -{ - char *args[2]; - - args[0] = SOFTLIM_ALL_WARN; - args[1] = NULL; - - return (auditwarnlog(args)); -} - -/* - * Indicates that someone other than the audit daemon turned off auditing. - * XXX Its not clear at this point how this function will be invoked. - * - * XXXRW: This function is not used. - */ -int -audit_warn_auditoff(void) -{ - char *args[2]; - - args[0] = AUDITOFF_WARN; - args[1] = NULL; - - return (auditwarnlog(args)); -} - -/* - * Indicate that a trail file has been closed, so can now be post-processed. - */ -int -audit_warn_closefile(char *filename) -{ - char *args[3]; - - args[0] = CLOSEFILE_WARN; - args[1] = filename; - args[2] = NULL; - - return (auditwarnlog(args)); -} - -/* - * Indicates that the audit deammn is already running - */ -int -audit_warn_ebusy(void) -{ - char *args[2]; - - args[0] = EBUSY_WARN; - args[1] = NULL; - - return (auditwarnlog(args)); -} - -/* - * Indicates that there is a problem getting the directory from - * audit_control. - * - * XXX Note that we take the filename instead of a count as the argument here - * (different from BSM). - */ -int -audit_warn_getacdir(char *filename) -{ - char *args[3]; - - args[0] = GETACDIR_WARN; - args[1] = filename; - args[2] = NULL; - - return (auditwarnlog(args)); -} - -/* - * Indicates that the hard limit for this file has been exceeded. - */ -int -audit_warn_hard(char *filename) -{ - char *args[3]; - - args[0] = HARDLIM_WARN; - args[1] = filename; - args[2] = NULL; - - return (auditwarnlog(args)); -} - -/* - * Indicates that auditing could not be started. - */ -int -audit_warn_nostart(void) -{ - char *args[2]; - - args[0] = NOSTART_WARN; - args[1] = NULL; - - return (auditwarnlog(args)); -} - -/* - * Indicaes that an error occrred during the orderly shutdown of the audit - * daemon. - */ -int -audit_warn_postsigterm(void) -{ - char *args[2]; - - args[0] = POSTSIGTERM_WARN; - args[1] = NULL; - - return (auditwarnlog(args)); -} - -/* - * Indicates that the soft limit for this file has been exceeded. - */ -int -audit_warn_soft(char *filename) -{ - char *args[3]; - - args[0] = SOFTLIM_WARN; - args[1] = filename; - args[2] = NULL; - - return (auditwarnlog(args)); -} - -/* - * Indicates that the temporary audit file already exists indicating a fatal - * error. - */ -int -audit_warn_tmpfile(void) -{ - char *args[2]; - - args[0] = TMPFILE_WARN; - args[1] = NULL; - - return (auditwarnlog(args)); -} diff --git a/contrib/openbsm/bin/auditd/auditd.8 b/contrib/openbsm/bin/auditd/auditd.8 deleted file mode 100644 index ec6b99a..0000000 --- a/contrib/openbsm/bin/auditd/auditd.8 +++ /dev/null @@ -1,113 +0,0 @@ -.\" Copyright (c) 2004 Apple Computer, Inc. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. Neither the name of Apple Computer, Inc. ("Apple") nor the names of -.\" its contributors may be used to endorse or promote products derived -.\" from this software without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND ANY -.\" EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -.\" WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -.\" DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR ANY -.\" DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -.\" (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -.\" ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF -.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.\" $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.8#13 $ -.\" -.Dd October 2, 2006 -.Dt AUDITD 8 -.Os -.Sh NAME -.Nm auditd -.Nd audit log management daemon -.Sh SYNOPSIS -.Nm -.Op Fl d -.Sh DESCRIPTION -The -.Nm -daemon responds to requests from the -.Xr audit 8 -utility and notifications -from the kernel. -It manages the resulting audit log files and specified -log file locations. -.Pp -The options are as follows: -.Bl -tag -width indent -.It Fl d -Starts the daemon in debug mode \[em] it will not daemonize. -.El -.Sh NOTE -To assure uninterrupted audit support, the -.Nm -daemon should not be started and stopped manually. -Instead, the -.Xr audit 8 -command -should be used to inform the daemon to change state/configuration after altering -the -.Pa audit_control -file. -.Pp -.\" Sending a -.\" .Dv SIGHUP -.\" to a running -.\" .Nm -.\" daemon will force it to exit. -Sending a -.Dv SIGTERM -to a running -.Nm -daemon will force it to exit. -.Sh FILES -.Bl -tag -width ".Pa /var/audit" -compact -.It Pa /var/audit -Default directory for storing audit log files. -.El -.Sh COMPATIBILITY -The historical -.Fl h -and -.Fl s -flags are now configured using -.Xr audit_control 5 -policy flags -.Cm ahlt -and -.Cm cnt , -and are no longer available as arguments to -.Nm . -.Sh SEE ALSO -.Xr audit 4 , -.Xr audit_control 5 , -.Xr audit 8 -.Sh HISTORY -The OpenBSM implementation was created by McAfee Research, the security -division of McAfee Inc., under contract to Apple Computer Inc.\& in 2004. -It was subsequently adopted by the TrustedBSD Project as the foundation for -the OpenBSM distribution. -.Sh AUTHORS -.An -nosplit -This software was created by McAfee Research, the security research division -of McAfee, Inc., under contract to Apple Computer Inc. -Additional authors include -.An Wayne Salamon , -.An Robert Watson , -and SPARTA Inc. -.Pp -The Basic Security Module (BSM) interface to audit records and audit event -stream format were defined by Sun Microsystems. diff --git a/contrib/openbsm/bin/auditd/auditd.c b/contrib/openbsm/bin/auditd/auditd.c deleted file mode 100644 index fb6fbd5..0000000 --- a/contrib/openbsm/bin/auditd/auditd.c +++ /dev/null @@ -1,933 +0,0 @@ -/* - * Copyright (c) 2004 Apple Computer, Inc. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of Apple Computer, Inc. ("Apple") nor the names of - * its contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND - * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - * - * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#26 $ - */ - -#include <sys/types.h> -#include <sys/dirent.h> -#include <sys/mman.h> -#include <sys/queue.h> -#include <sys/stat.h> -#include <sys/wait.h> - -#include <bsm/audit.h> -#include <bsm/audit_uevents.h> -#include <bsm/libbsm.h> - -#include <err.h> -#include <errno.h> -#include <fcntl.h> -#include <grp.h> -#include <stdio.h> -#include <stdlib.h> -#include <time.h> -#include <unistd.h> -#include <signal.h> -#include <string.h> -#include <syslog.h> - -#include "auditd.h" - -#define NA_EVENT_STR_SIZE 25 -#define POL_STR_SIZE 128 - -static int ret, minval; -static char *lastfile = NULL; -static int allhardcount = 0; -static int triggerfd = 0; -static int sigchlds, sigchlds_handled; -static int sighups, sighups_handled; -static int sigterms, sigterms_handled; - -static TAILQ_HEAD(, dir_ent) dir_q; - -static int config_audit_controls(void); - -/* - * Error starting auditd - */ -static void -fail_exit(void) -{ - - audit_warn_nostart(); - exit(1); -} - -/* - * Free our local list of directory names. - */ -static void -free_dir_q(void) -{ - struct dir_ent *dirent; - - while ((dirent = TAILQ_FIRST(&dir_q))) { - TAILQ_REMOVE(&dir_q, dirent, dirs); - free(dirent->dirname); - free(dirent); - } -} - -/* - * Generate the timestamp string. - */ -static int -getTSstr(char *buf, int len) -{ - struct timeval ts; - struct timezone tzp; - time_t tt; - - if (gettimeofday(&ts, &tzp) != 0) - return (-1); - tt = (time_t)ts.tv_sec; - if (!strftime(buf, len, "%Y%m%d%H%M%S", gmtime(&tt))) - return (-1); - return (0); -} - -/* - * Concat the directory name to the given file name. - * XXX We should affix the hostname also - */ -static char * -affixdir(char *name, struct dir_ent *dirent) -{ - char *fn; - char *curdir; - const char *sep = "/"; - - curdir = dirent->dirname; - syslog(LOG_DEBUG, "dir = %s", dirent->dirname); - - fn = malloc(strlen(curdir) + strlen(sep) + (2 * POSTFIX_LEN) + 1); - if (fn == NULL) - return (NULL); - strcpy(fn, curdir); - strcat(fn, sep); - strcat(fn, name); - return (fn); -} - -/* - * Close the previous audit trail file. - */ -static int -close_lastfile(char *TS) -{ - char *ptr; - char *oldname; - - if (lastfile != NULL) { - oldname = (char *)malloc(strlen(lastfile) + 1); - if (oldname == NULL) - return (-1); - strcpy(oldname, lastfile); - - /* Rename the last file -- append timestamp. */ - if ((ptr = strstr(lastfile, NOT_TERMINATED)) != NULL) { - *ptr = '.'; - strcpy(ptr+1, TS); - if (rename(oldname, lastfile) != 0) - syslog(LOG_ERR, - "Could not rename %s to %s: %m", oldname, - lastfile); - else { - syslog(LOG_INFO, "renamed %s to %s", - oldname, lastfile); - audit_warn_closefile(lastfile); - } - } - free(lastfile); - free(oldname); - lastfile = NULL; - } - return (0); -} - -/* - * Create the new audit file with appropriate permissions and ownership. Try - * to clean up if something goes wrong. - */ -static int -#ifdef AUDIT_REVIEW_GROUP -open_trail(const char *fname, uid_t uid, gid_t gid) -#else -open_trail(const char *fname) -#endif -{ - int error, fd; - - fd = open(fname, O_RDONLY | O_CREAT, S_IRUSR | S_IRGRP); - if (fd < 0) - return (-1); -#ifdef AUDIT_REVIEW_GROUP - if (fchown(fd, uid, gid) < 0) { - error = errno; - close(fd); - (void)unlink(fname); - errno = error; - return (-1); - } -#endif - return (fd); -} - -/* - * Create the new file name, swap with existing audit file. - */ -static int -swap_audit_file(void) -{ - char timestr[2 * POSTFIX_LEN]; - char *fn; - char TS[POSTFIX_LEN]; - struct dir_ent *dirent; -#ifdef AUDIT_REVIEW_GROUP - struct group *grp; - gid_t gid; - uid_t uid; -#endif - int error, fd; - - if (getTSstr(TS, POSTFIX_LEN) != 0) - return (-1); - - strcpy(timestr, TS); - strcat(timestr, NOT_TERMINATED); - -#ifdef AUDIT_REVIEW_GROUP - /* - * XXXRW: Currently, this code falls back to the daemon gid, which is - * likely the wheel group. Is there a better way to deal with this? - */ - grp = getgrnam(AUDIT_REVIEW_GROUP); - if (grp == NULL) { - syslog(LOG_INFO, - "Audit review group '%s' not available, using daemon gid", - AUDIT_REVIEW_GROUP); - gid = -1; - } else - gid = grp->gr_gid; - uid = getuid(); -#endif - - /* Try until we succeed. */ - while ((dirent = TAILQ_FIRST(&dir_q))) { - if ((fn = affixdir(timestr, dirent)) == NULL) { - syslog(LOG_INFO, "Failed to swap log at time %s", - timestr); - return (-1); - } - - /* - * Create and open the file; then close and pass to the - * kernel if all went well. - */ - syslog(LOG_INFO, "New audit file is %s", fn); -#ifdef AUDIT_REVIEW_GROUP - fd = open_trail(fn, uid, gid); -#else - fd = open_trail(fn); -#endif - if (fd < 0) - warn("open(%s)", fn); - if (fd >= 0) { - error = auditctl(fn); - if (error) { - syslog(LOG_ERR, - "auditctl failed setting log file! : %s", - strerror(errno)); - close(fd); - } else { - /* Success. */ - close_lastfile(TS); - lastfile = fn; - close(fd); - return (0); - } - } - - /* - * Tell the administrator about lack of permissions for dir. - */ - audit_warn_getacdir(dirent->dirname); - - /* Try again with a different directory. */ - TAILQ_REMOVE(&dir_q, dirent, dirs); - free(dirent->dirname); - free(dirent); - } - syslog(LOG_ERR, "Log directories exhausted"); - return (-1); -} - -/* - * Read the audit_control file contents. - */ -static int -read_control_file(void) -{ - char cur_dir[MAXNAMLEN]; - struct dir_ent *dirent; - au_qctrl_t qctrl; - - /* - * Clear old values. Force a re-read of the file the next time. - */ - free_dir_q(); - endac(); - - /* - * Read the list of directories into a local linked list. - * - * XXX We should use the reentrant interfaces once they are - * available. - */ - while (getacdir(cur_dir, MAXNAMLEN) >= 0) { - dirent = (struct dir_ent *) malloc(sizeof(struct dir_ent)); - if (dirent == NULL) - return (-1); - dirent->softlim = 0; - dirent->dirname = (char *) malloc(MAXNAMLEN); - if (dirent->dirname == NULL) { - free(dirent); - return (-1); - } - strcpy(dirent->dirname, cur_dir); - TAILQ_INSERT_TAIL(&dir_q, dirent, dirs); - } - - allhardcount = 0; - if (swap_audit_file() == -1) { - syslog(LOG_ERR, "Could not swap audit file"); - /* - * XXX Faulty directory listing? - user should be given - * XXX an opportunity to change the audit_control file - * XXX switch to a reduced mode of auditing? - */ - return (-1); - } - - /* - * XXX There are synchronization problems here - * XXX what should we do if a trigger for the earlier limit - * XXX is generated here? - */ - if (0 == (ret = getacmin(&minval))) { - syslog(LOG_DEBUG, "min free = %d", minval); - if (auditon(A_GETQCTRL, &qctrl, sizeof(qctrl)) != 0) { - syslog(LOG_ERR, - "could not get audit queue settings"); - return (-1); - } - qctrl.aq_minfree = minval; - if (auditon(A_SETQCTRL, &qctrl, sizeof(qctrl)) != 0) { - syslog(LOG_ERR, - "could not set audit queue settings"); - return (-1); - } - } - - return (0); -} - -/* - * Close all log files, control files, and tell the audit system. - */ -static int -close_all(void) -{ - struct auditinfo ai; - int err_ret = 0; - char TS[POSTFIX_LEN]; - int aufd; - token_t *tok; - long cond; - - /* Generate an audit record. */ - if ((aufd = au_open()) == -1) - syslog(LOG_ERR, "Could not create audit shutdown event."); - else { - if ((tok = au_to_text("auditd::Audit shutdown")) != NULL) - au_write(aufd, tok); - /* - * XXX we need to implement extended subject tokens so we can - * effectively represent terminal lines with this token type. - */ - bzero(&ai, sizeof(ai)); - if ((tok = au_to_subject32(getuid(), geteuid(), getegid(), - getuid(), getgid(), getpid(), getpid(), &ai.ai_termid)) - != NULL) - au_write(aufd, tok); - if ((tok = au_to_return32(0, 0)) != NULL) - au_write(aufd, tok); - if (au_close(aufd, 1, AUE_audit_shutdown) == -1) - syslog(LOG_ERR, - "Could not close audit shutdown event."); - } - - /* Flush contents. */ - cond = AUC_DISABLED; - err_ret = auditon(A_SETCOND, &cond, sizeof(cond)); - if (err_ret != 0) { - syslog(LOG_ERR, "Disabling audit failed! : %s", - strerror(errno)); - err_ret = 1; - } - if (getTSstr(TS, POSTFIX_LEN) == 0) - close_lastfile(TS); - if (lastfile != NULL) - free(lastfile); - - free_dir_q(); - if ((remove(AUDITD_PIDFILE) == -1) || err_ret) { - syslog(LOG_ERR, "Could not unregister"); - audit_warn_postsigterm(); - return (1); - } - endac(); - - if (close(triggerfd) != 0) - syslog(LOG_ERR, "Error closing control file"); - syslog(LOG_INFO, "Finished"); - return (0); -} - -/* - * When we get a signal, we are often not at a clean point. So, little can - * be done in the signal handler itself. Instead, we send a message to the - * main servicing loop to do proper handling from a non-signal-handler - * context. - */ -static void -relay_signal(int signal) -{ - - if (signal == SIGHUP) - sighups++; - if (signal == SIGTERM) - sigterms++; - if (signal == SIGCHLD) - sigchlds++; -} - -/* - * Registering the daemon. - */ -static int -register_daemon(void) -{ - FILE * pidfile; - int fd; - pid_t pid; - - /* Set up the signal hander. */ - if (signal(SIGTERM, relay_signal) == SIG_ERR) { - syslog(LOG_ERR, - "Could not set signal handler for SIGTERM"); - fail_exit(); - } - if (signal(SIGCHLD, relay_signal) == SIG_ERR) { - syslog(LOG_ERR, - "Could not set signal handler for SIGCHLD"); - fail_exit(); - } - if (signal(SIGHUP, relay_signal) == SIG_ERR) { - syslog(LOG_ERR, - "Could not set signal handler for SIGHUP"); - fail_exit(); - } - - if ((pidfile = fopen(AUDITD_PIDFILE, "a")) == NULL) { - syslog(LOG_ERR, "Could not open PID file"); - audit_warn_tmpfile(); - return (-1); - } - - /* Attempt to lock the pid file; if a lock is present, exit. */ - fd = fileno(pidfile); - if (flock(fd, LOCK_EX | LOCK_NB) < 0) { - syslog(LOG_ERR, - "PID file is locked (is another auditd running?)."); - audit_warn_ebusy(); - return (-1); - } - - pid = getpid(); - ftruncate(fd, 0); - if (fprintf(pidfile, "%u\n", pid) < 0) { - /* Should not start the daemon. */ - fail_exit(); - } - - fflush(pidfile); - return (0); -} - -/* - * Handle the audit trigger event. - * - * We suppress (ignore) duplicated triggers in close succession in order to - * try to avoid thrashing-like behavior. However, not all triggers can be - * ignored, as triggers generally represent edge triggers, not level - * triggers, and won't be retransmitted if the condition persists. Of - * specific concern is the rotate trigger -- if one is dropped, then it will - * not be retransmitted, and the log file will grow in an unbounded fashion. - */ -#define DUPLICATE_INTERVAL 30 -static void -handle_audit_trigger(int trigger) -{ - static int last_trigger, last_warning; - static time_t last_time; - struct dir_ent *dirent; - struct timeval ts; - struct timezone tzp; - time_t tt; - - /* - * Suppress duplicate messages from the kernel within the specified - * interval. - */ - if (gettimeofday(&ts, &tzp) == 0) { - tt = (time_t)ts.tv_sec; - switch (trigger) { - case AUDIT_TRIGGER_LOW_SPACE: - case AUDIT_TRIGGER_NO_SPACE: - /* - * Triggers we can suppress. Of course, we also need - * to rate limit the warnings, so apply the same - * interval limit on syslog messages. - */ - if ((trigger == last_trigger) && - (tt < (last_time + DUPLICATE_INTERVAL))) { - if (tt >= (last_warning + DUPLICATE_INTERVAL)) - syslog(LOG_INFO, - "Suppressing duplicate trigger %d", - trigger); - return; - } - last_warning = tt; - break; - - case AUDIT_TRIGGER_ROTATE_KERNEL: - case AUDIT_TRIGGER_ROTATE_USER: - case AUDIT_TRIGGER_READ_FILE: - /* - * Triggers that we cannot suppress. - */ - break; - } - - /* - * Only update last_trigger after aborting due to a duplicate - * trigger, not before, or we will never allow that trigger - * again. - */ - last_trigger = trigger; - last_time = tt; - } - - /* - * Message processing is done here. - */ - dirent = TAILQ_FIRST(&dir_q); - switch(trigger) { - case AUDIT_TRIGGER_LOW_SPACE: - syslog(LOG_INFO, "Got low space trigger"); - if (dirent && (dirent->softlim != 1)) { - TAILQ_REMOVE(&dir_q, dirent, dirs); - /* Add this node to the end of the list. */ - TAILQ_INSERT_TAIL(&dir_q, dirent, dirs); - audit_warn_soft(dirent->dirname); - dirent->softlim = 1; - - if (TAILQ_NEXT(TAILQ_FIRST(&dir_q), dirs) != NULL && - swap_audit_file() == -1) - syslog(LOG_ERR, "Error swapping audit file"); - - /* - * Check if the next dir has already reached its soft - * limit. - */ - dirent = TAILQ_FIRST(&dir_q); - if (dirent->softlim == 1) { - /* All dirs have reached their soft limit. */ - audit_warn_allsoft(); - } - } else { - /* - * Continue auditing to the current file. Also - * generate an allsoft warning. - * - * XXX do we want to do this ? - */ - audit_warn_allsoft(); - } - break; - - case AUDIT_TRIGGER_NO_SPACE: - syslog(LOG_INFO, "Got no space trigger"); - - /* Delete current dir, go on to next. */ - TAILQ_REMOVE(&dir_q, dirent, dirs); - audit_warn_hard(dirent->dirname); - free(dirent->dirname); - free(dirent); - - if (swap_audit_file() == -1) - syslog(LOG_ERR, "Error swapping audit file"); - - /* We are out of log directories. */ - audit_warn_allhard(++allhardcount); - break; - - case AUDIT_TRIGGER_ROTATE_KERNEL: - case AUDIT_TRIGGER_ROTATE_USER: - /* - * Create a new file and swap with the one being used in - * kernel - */ - syslog(LOG_INFO, "Got open new trigger from %s", trigger == - AUDIT_TRIGGER_ROTATE_KERNEL ? "kernel" : "user"); - if (swap_audit_file() == -1) - syslog(LOG_ERR, "Error swapping audit file"); - break; - - case AUDIT_TRIGGER_READ_FILE: - syslog(LOG_INFO, "Got read file trigger"); - if (read_control_file() == -1) - syslog(LOG_ERR, "Error in audit control file"); - if (config_audit_controls() == -1) - syslog(LOG_ERR, "Error setting audit controls"); - break; - - default: - syslog(LOG_ERR, "Got unknown trigger %d", trigger); - break; - } -} - -static void -handle_sighup(void) -{ - - sighups_handled = sighups; - config_audit_controls(); -} - -/* - * Reap our children. - */ -static void -reap_children(void) -{ - pid_t child; - int wstatus; - - while ((child = waitpid(-1, &wstatus, WNOHANG)) > 0) { - if (!wstatus) - continue; - syslog(LOG_INFO, "warn process [pid=%d] %s %d.", child, - ((WIFEXITED(wstatus)) ? "exited with non-zero status" : - "exited as a result of signal"), - ((WIFEXITED(wstatus)) ? WEXITSTATUS(wstatus) : - WTERMSIG(wstatus))); - } -} - -static void -handle_sigchld(void) -{ - - sigchlds_handled = sigchlds; - reap_children(); -} - -/* - * Read the control file for triggers/signals and handle appropriately. - */ -static int -wait_for_events(void) -{ - int num; - unsigned int trigger; - - for (;;) { - num = read(triggerfd, &trigger, sizeof(trigger)); - if ((num == -1) && (errno != EINTR)) { - syslog(LOG_ERR, "%s: error %d", __FUNCTION__, errno); - return (-1); - } - if (sigterms != sigterms_handled) { - syslog(LOG_DEBUG, "%s: SIGTERM", __FUNCTION__); - break; - } - if (sigchlds != sigchlds_handled) - handle_sigchld(); - if (sighups != sighups_handled) { - syslog(LOG_DEBUG, "%s: SIGHUP", __FUNCTION__); - handle_sighup(); - } - if ((num == -1) && (errno == EINTR)) - continue; - if (num == 0) { - syslog(LOG_ERR, "%s: read EOF", __FUNCTION__); - return (-1); - } - if (trigger == AUDIT_TRIGGER_CLOSE_AND_DIE) - break; - else - handle_audit_trigger(trigger); - } - return (close_all()); -} - -/* - * Configure the audit controls in the kernel: the event to class mapping, - * kernel preselection mask, etc. - */ -static int -config_audit_controls(void) -{ - au_event_ent_t ev, *evp; - au_evclass_map_t evc_map; - au_mask_t aumask; - int ctr = 0; - char naeventstr[NA_EVENT_STR_SIZE]; - char polstr[POL_STR_SIZE]; - long policy; - au_fstat_t au_fstat; - size_t filesz; - - /* - * Process the audit event file, obtaining a class mapping for each - * event, and send that mapping into the kernel. - * - * XXX There's a risk here that the BSM library will return NULL - * for an event when it can't properly map it to a class. In that - * case, we will not process any events beyond the one that failed, - * but should. We need a way to get a count of the events. - */ - ev.ae_name = (char *)malloc(AU_EVENT_NAME_MAX); - ev.ae_desc = (char *)malloc(AU_EVENT_DESC_MAX); - if ((ev.ae_name == NULL) || (ev.ae_desc == NULL)) { - if (ev.ae_name != NULL) - free(ev.ae_name); - syslog(LOG_ERR, - "Memory allocation error when configuring audit controls."); - return (-1); - } - - /* - * XXXRW: Currently we have no way to remove mappings from the kernel - * when they are removed from the file-based mappings. - */ - evp = &ev; - setauevent(); - while ((evp = getauevent_r(evp)) != NULL) { - evc_map.ec_number = evp->ae_number; - evc_map.ec_class = evp->ae_class; - if (auditon(A_SETCLASS, &evc_map, sizeof(au_evclass_map_t)) - != 0) - syslog(LOG_ERR, - "Failed to register class mapping for event %s", - evp->ae_name); - else - ctr++; - } - endauevent(); - free(ev.ae_name); - free(ev.ae_desc); - if (ctr == 0) - syslog(LOG_ERR, "No events to class mappings registered."); - else - syslog(LOG_DEBUG, "Registered %d event to class mappings.", - ctr); - - /* - * Get the non-attributable event string and set the kernel mask from - * that. - */ - if ((getacna(naeventstr, NA_EVENT_STR_SIZE) == 0) && - (getauditflagsbin(naeventstr, &aumask) == 0)) { - if (auditon(A_SETKMASK, &aumask, sizeof(au_mask_t))) - syslog(LOG_ERR, - "Failed to register non-attributable event mask."); - else - syslog(LOG_DEBUG, - "Registered non-attributable event mask."); - } else - syslog(LOG_ERR, - "Failed to obtain non-attributable event mask."); - - /* - * If a policy is configured in audit_control(5), implement the - * policy. However, if one isn't defined, set AUDIT_CNT to avoid - * leaving the system in a fragile state. - */ - if ((getacpol(polstr, POL_STR_SIZE) == 0) && - (au_strtopol(polstr, &policy) == 0)) { - if (auditon(A_SETPOLICY, &policy, sizeof(policy))) - syslog(LOG_ERR, "Failed to set audit policy: %m"); - } else { - syslog(LOG_ERR, "Failed to obtain policy flags: %m"); - policy = AUDIT_CNT; - if (auditon(A_SETPOLICY, &policy, sizeof(policy))) - syslog(LOG_ERR, - "Failed to set default audit policy: %m"); - } - - /* - * Set trail rotation size. - */ - if (getacfilesz(&filesz) == 0) { - bzero(&au_fstat, sizeof(au_fstat)); - au_fstat.af_filesz = filesz; - if (auditon(A_SETFSIZE, &au_fstat, sizeof(au_fstat)) < 0) - syslog(LOG_ERR, "Failed to set filesz: %m"); - } else - syslog(LOG_ERR, "Failed to obtain filesz: %m"); - - return (0); -} - -static void -setup(void) -{ - struct auditinfo ai; - auditinfo_t auinfo; - int aufd; - token_t *tok; - - if ((triggerfd = open(AUDIT_TRIGGER_FILE, O_RDONLY, 0)) < 0) { - syslog(LOG_ERR, "Error opening trigger file"); - fail_exit(); - } - - /* - * To provide event feedback cycles and avoid auditd becoming - * stalled if auditing is suspended, auditd and its children run - * without their events being audited. We allow the uid, tid, and - * mask fields to be implicitly set to zero, but do set the pid. We - * run this after opening the trigger device to avoid configuring - * audit state without audit present in the system. - * - * XXXRW: Is there more to it than this? - */ - bzero(&auinfo, sizeof(auinfo)); - auinfo.ai_asid = getpid(); - if (setaudit(&auinfo) == -1) { - syslog(LOG_ERR, "Error setting audit stat"); - fail_exit(); - } - - TAILQ_INIT(&dir_q); - if (read_control_file() == -1) { - syslog(LOG_ERR, "Error reading control file"); - fail_exit(); - } - - /* Generate an audit record. */ - if ((aufd = au_open()) == -1) - syslog(LOG_ERR, "Could not create audit startup event."); - else { - /* - * XXXCSJP Perhaps we want more robust audit records for - * audit start up and shutdown. This might include capturing - * failures to initialize the audit subsystem? - */ - bzero(&ai, sizeof(ai)); - if ((tok = au_to_subject32(getuid(), geteuid(), getegid(), - getuid(), getgid(), getpid(), getpid(), &ai.ai_termid)) - != NULL) - au_write(aufd, tok); - if ((tok = au_to_text("auditd::Audit startup")) != NULL) - au_write(aufd, tok); - if ((tok = au_to_return32(0, 0)) != NULL) - au_write(aufd, tok); - if (au_close(aufd, 1, AUE_audit_startup) == -1) - syslog(LOG_ERR, - "Could not close audit startup event."); - } - - if (config_audit_controls() == 0) - syslog(LOG_INFO, "Audit controls init successful"); - else - syslog(LOG_ERR, "Audit controls init failed"); -} - -int -main(int argc, char **argv) -{ - int ch; - int debug = 0; - int rc; - - while ((ch = getopt(argc, argv, "d")) != -1) { - switch(ch) { - case 'd': - /* Debug option. */ - debug = 1; - break; - - case '?': - default: - (void)fprintf(stderr, - "usage: auditd [-d] \n"); - exit(1); - } - } - -#ifdef LOG_SECURITY - openlog("auditd", LOG_CONS | LOG_PID, LOG_SECURITY); -#else - openlog("auditd", LOG_CONS | LOG_PID, LOG_AUTH); -#endif - syslog(LOG_INFO, "starting..."); - - if (debug == 0 && daemon(0, 0) == -1) { - syslog(LOG_ERR, "Failed to daemonize"); - exit(1); - } - - if (register_daemon() == -1) { - syslog(LOG_ERR, "Could not register as daemon"); - exit(1); - } - - setup(); - - rc = wait_for_events(); - syslog(LOG_INFO, "auditd exiting."); - - exit(rc); -} diff --git a/contrib/openbsm/bin/auditd/auditd.h b/contrib/openbsm/bin/auditd/auditd.h deleted file mode 100644 index 8b2416a..0000000 --- a/contrib/openbsm/bin/auditd/auditd.h +++ /dev/null @@ -1,85 +0,0 @@ -/* - * Copyright (c) 2005 Apple Computer, Inc. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of Apple Computer, Inc. ("Apple") nor the names of - * its contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND - * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - * - * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.h#8 $ - */ - -#ifndef _AUDITD_H_ -#define _AUDITD_H_ - -#include <sys/types.h> -#include <sys/queue.h> -#include <syslog.h> - -#define MAX_DIR_SIZE 255 -#define AUDITD_NAME "auditd" - -/* - * If defined, then the audit daemon will attempt to chown newly created logs - * to this group. Otherwise, they will be the default for the user running - * auditd, likely the audit group. - */ -#define AUDIT_REVIEW_GROUP "audit" - -#define POSTFIX_LEN 16 -#define NOT_TERMINATED ".not_terminated" - -struct dir_ent { - char *dirname; - char softlim; - TAILQ_ENTRY(dir_ent) dirs; -}; - -#define HARDLIM_ALL_WARN "allhard" -#define SOFTLIM_ALL_WARN "allsoft" -#define AUDITOFF_WARN "auditoff" -#define CLOSEFILE_WARN "closefile" -#define EBUSY_WARN "ebusy" -#define GETACDIR_WARN "getacdir" -#define HARDLIM_WARN "hard" -#define NOSTART_WARN "nostart" -#define POSTSIGTERM_WARN "postsigterm" -#define SOFTLIM_WARN "soft" -#define TMPFILE_WARN "tmpfile" - -#define AUDITWARN_SCRIPT "/etc/security/audit_warn" -#define AUDITD_PIDFILE "/var/run/auditd.pid" - -int audit_warn_allhard(int count); -int audit_warn_allsoft(void); -int audit_warn_auditoff(void); -int audit_warn_closefile(char *filename); -int audit_warn_ebusy(void); -int audit_warn_getacdir(char *filename); -int audit_warn_hard(char *filename); -int audit_warn_nostart(void); -int audit_warn_postsigterm(void); -int audit_warn_soft(char *filename); -int audit_warn_tmpfile(void); - -#endif /* !_AUDITD_H_ */ diff --git a/contrib/openbsm/bin/auditfilterd/Makefile.am b/contrib/openbsm/bin/auditfilterd/Makefile.am deleted file mode 100644 index b8d96a4..0000000 --- a/contrib/openbsm/bin/auditfilterd/Makefile.am +++ /dev/null @@ -1,10 +0,0 @@ -# -# $P4: //depot/projects/trustedbsd/openbsm/bin/auditfilterd/Makefile.am#1 $ -# - -INCLUDES = -I$(top_srcdir) - -sbin_PROGRAMS = auditfilterd -auditfilterd_SOURCES = auditfilterd_conf.c auditfilterd.c -auditfilterd_LDADD = $(top_builddir)/libbsm/libbsm.la -man8_MANS = auditfilterd.8 diff --git a/contrib/openbsm/bin/auditfilterd/Makefile.in b/contrib/openbsm/bin/auditfilterd/Makefile.in deleted file mode 100644 index 11741f3..0000000 --- a/contrib/openbsm/bin/auditfilterd/Makefile.in +++ /dev/null @@ -1,518 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# -# $P4: //depot/projects/trustedbsd/openbsm/bin/auditfilterd/Makefile.in#2 $ -# - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -sbin_PROGRAMS = auditfilterd$(EXEEXT) -subdir = bin/auditfilterd -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/configure.ac -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/config/config.h -CONFIG_CLEAN_FILES = -am__installdirs = "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(man8dir)" -sbinPROGRAMS_INSTALL = $(INSTALL_PROGRAM) -PROGRAMS = $(sbin_PROGRAMS) -am_auditfilterd_OBJECTS = auditfilterd_conf.$(OBJEXT) \ - auditfilterd.$(OBJEXT) -auditfilterd_OBJECTS = $(am_auditfilterd_OBJECTS) -auditfilterd_DEPENDENCIES = $(top_builddir)/libbsm/libbsm.la -DEFAULT_INCLUDES = -I. -I$(top_builddir)/config@am__isrc@ -depcomp = $(SHELL) $(top_srcdir)/config/depcomp -am__depfiles_maybe = depfiles -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ -SOURCES = $(auditfilterd_SOURCES) -DIST_SOURCES = $(auditfilterd_SOURCES) -man8dir = $(mandir)/man8 -NROFF = nroff -MANS = $(man8_MANS) -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CC = @CC@ -CCDEPMODE = @CCDEPMODE@ -CFLAGS = @CFLAGS@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXDEPMODE = @CXXDEPMODE@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DEFS = @DEFS@ -DEPDIR = @DEPDIR@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -RANLIB = @RANLIB@ -SED = @SED@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__include = @am__include@ -am__leading_dot = @am__leading_dot@ -am__quote = @am__quote@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -INCLUDES = -I$(top_srcdir) -auditfilterd_SOURCES = auditfilterd_conf.c auditfilterd.c -auditfilterd_LDADD = $(top_builddir)/libbsm/libbsm.la -man8_MANS = auditfilterd.8 -all: all-am - -.SUFFIXES: -.SUFFIXES: .c .lo .o .obj -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign bin/auditfilterd/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign bin/auditfilterd/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -install-sbinPROGRAMS: $(sbin_PROGRAMS) - @$(NORMAL_INSTALL) - test -z "$(sbindir)" || $(MKDIR_P) "$(DESTDIR)$(sbindir)" - @list='$(sbin_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(sbindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(sbindir)/$$f" || exit 1; \ - else :; fi; \ - done - -uninstall-sbinPROGRAMS: - @$(NORMAL_UNINSTALL) - @list='$(sbin_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(sbindir)/$$f'"; \ - rm -f "$(DESTDIR)$(sbindir)/$$f"; \ - done - -clean-sbinPROGRAMS: - @list='$(sbin_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -auditfilterd$(EXEEXT): $(auditfilterd_OBJECTS) $(auditfilterd_DEPENDENCIES) - @rm -f auditfilterd$(EXEEXT) - $(LINK) $(auditfilterd_OBJECTS) $(auditfilterd_LDADD) $(LIBS) - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/auditfilterd.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/auditfilterd_conf.Po@am__quote@ - -.c.o: -@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< -@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(COMPILE) -c $< - -.c.obj: -@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` -@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: -@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< -@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-man8: $(man8_MANS) $(man_MANS) - @$(NORMAL_INSTALL) - test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)" - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \ - done -uninstall-man8: - @$(NORMAL_UNINSTALL) - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man8dir)/$$inst"; \ - done - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done -check-am: all-am -check: check-am -all-am: Makefile $(PROGRAMS) $(MANS) -installdirs: - for dir in "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(man8dir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libtool clean-sbinPROGRAMS \ - mostlyclean-am - -distclean: distclean-am - -rm -rf ./$(DEPDIR) - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: install-man - -install-dvi: install-dvi-am - -install-exec-am: install-sbinPROGRAMS - -install-html: install-html-am - -install-info: install-info-am - -install-man: install-man8 - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -rf ./$(DEPDIR) - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-man uninstall-sbinPROGRAMS - -uninstall-man: uninstall-man8 - -.MAKE: install-am install-strip - -.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ - clean-libtool clean-sbinPROGRAMS ctags distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-man8 install-pdf install-pdf-am install-ps \ - install-ps-am install-sbinPROGRAMS install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-man uninstall-man8 \ - uninstall-sbinPROGRAMS - -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/contrib/openbsm/bin/auditfilterd/auditfilterd.8 b/contrib/openbsm/bin/auditfilterd/auditfilterd.8 deleted file mode 100644 index ae6ba0b..0000000 --- a/contrib/openbsm/bin/auditfilterd/auditfilterd.8 +++ /dev/null @@ -1,84 +0,0 @@ -.\"- -.\" Copyright (c) 2006 Robert N. M. Watson -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $P4: //depot/projects/trustedbsd/openbsm/bin/auditfilterd/auditfilterd.8#4 $ -.\" -.Dd October 3, 2006 -.Dt AUDITFILTERD 8 -.Os -.Sh NAME -.Nm auditfilterd -.Nd audit filter daemon -.Sh SYNOPSIS -.Nm -.Op Fl d -.Op Fl c Ar conffile -.Op Fl p Ar pipefile -.Op Fl t Ar trailfile -.Sh DESCRIPTION -The -.Nm -daemon is an extensible audit event monitoring daemon, allowing pluggable -modules to track audit events from a live audit source. -It is configured using the -.Xr audit_filter 5 -configuration file. -The source can either be a pipe or a file. -.Pp -The options are as follows: -.Bl -tag -width indent -.It Fl c Ar conffile -Specify an alternative configuration file. -.It Fl d -Starts the daemon in debug mode \[em] it will not daemonize. -.It Fl p Ar pipefile -Specify a pipe as an alternative source of audit event records. -Default is -.Pa /dev/auditpipe . -.It Fl t Ar trailfile -Specify a file as an alternative source of audit event records. -.El -.Sh FILES -.Bl -tag -width ".Pa /etc/security/audit_filterd" -compact -.It Pa /etc/security/audit_filterd -Default configuration file for -.Nm . -.It Pa /dev/auditpipe -Default audit record source for -.Nm . -.El -.Sh SEE ALSO -.Xr audit 8 , -.Xr auditd 8 -.Sh HISTORY -The OpenBSM implementation was created by McAfee Research, the security -division of McAfee Inc., under contract to Apple Computer Inc.\& in 2004. -It was subsequently adopted by the TrustedBSD Project as the foundation for -the OpenBSM distribution. -.Sh AUTHORS -The -.Nm -daemon and audit filter APIs were created by -.An Robert Watson . diff --git a/contrib/openbsm/bin/auditfilterd/auditfilterd.c b/contrib/openbsm/bin/auditfilterd/auditfilterd.c deleted file mode 100644 index 110b7cf..0000000 --- a/contrib/openbsm/bin/auditfilterd/auditfilterd.c +++ /dev/null @@ -1,353 +0,0 @@ -/*- - * Copyright (c) 2006 Robert N. M. Watson - * All rights reserved. - * - * This software was developed by Robert Watson for the TrustedBSD Project. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $P4: //depot/projects/trustedbsd/openbsm/bin/auditfilterd/auditfilterd.c#11 $ - */ - -/* - * Main file for the audit filter daemon, which presents audit records to a - * set of run-time registered loadable modules. This is the main event loop - * of the daemon, which handles starting up, waiting for records, and - * presenting records to configured modules. auditfilterd_conf.c handles the - * reading and management of the configuration, module list and module state, - * etc. - */ - -#include <sys/types.h> -#include <sys/stat.h> -#include <sys/time.h> - -#include <config/config.h> -#ifdef HAVE_FULL_QUEUE_H -#include <sys/queue.h> -#else -#include <compat/queue.h> -#endif - -#ifndef HAVE_CLOCK_GETTIME -#include <compat/clock_gettime.h> -#endif - -#include <bsm/libbsm.h> -#include <bsm/audit_filter.h> - -#include <err.h> -#include <fcntl.h> -#include <signal.h> -#include <stdio.h> -#include <stdlib.h> -#include <unistd.h> - -#include "auditfilterd.h" - -/* - * Global list of registered filters. - */ -struct auditfilter_module_list filter_list; - -/* - * Configuration and signal->main flags. - */ -int debug; /* Debugging mode requested, don't detach. */ -int reread_config; /* SIGHUP has been received. */ -int quit; /* SIGQUIT/TERM/INT has been received. */ - -static void -usage(void) -{ - - fprintf(stderr, "auditfilterd [-d] [-c conffile] [-p pipefile]" - " [-t trailfile]\n"); - fprintf(stderr, " -c Specify configuration file (default: %s)\n", - AUDITFILTERD_CONFFILE); - fprintf(stderr, " -d Debugging mode, don't daemonize\n"); - fprintf(stderr, " -p Specify pipe file (default: %s)\n", - AUDITFILTERD_PIPEFILE); - fprintf(stderr, " -t Specify audit trail file (default: none)\n"); - exit(-1); -} - -static void -auditfilterd_init(void) -{ - - TAILQ_INIT(&filter_list); -} - -static void -signal_handler(int signum) -{ - - switch (signum) { - case SIGHUP: - reread_config++; - break; - - case SIGINT: - case SIGTERM: - case SIGQUIT: - quit++; - break; - } -} - -/* - * Present raw BSM to a set of registered and interested filters. - */ -static void -present_rawrecord(struct timespec *ts, u_char *data, u_int len) -{ - struct auditfilter_module *am; - - TAILQ_FOREACH(am, &filter_list, am_list) { - if (am->am_rawrecord != NULL) - (am->am_rawrecord)(am, ts, data, len); - } -} - -/* - * Parse the BSM into a set of tokens, which will be pased to registered - * and interested filters. - */ -#define MAX_TOKENS 128 /* Maximum tokens we handle per record. */ -static void -present_tokens(struct timespec *ts, u_char *data, u_int len) -{ - struct auditfilter_module *am; - tokenstr_t tokens[MAX_TOKENS]; - u_int bytesread; - int tokencount; - - tokencount = 0; - while (bytesread < len) { - if (au_fetch_tok(&tokens[tokencount], data + bytesread, - len - bytesread) == -1) - break; - bytesread += tokens[tokencount].len; - tokencount++; - } - - TAILQ_FOREACH(am, &filter_list, am_list) { - if (am->am_record != NULL) - (am->am_record)(am, ts, tokencount, tokens); - } -} - -/* - * The main loop spins pulling records out of the record source and passing - * them to modules for processing. - */ -static void -mainloop_file(const char *conffile, const char *trailfile, FILE *trail_fp) -{ - struct timespec ts; - FILE *conf_fp; - u_char *buf; - int reclen; - - while (1) { - /* - * On SIGHUP, we reread the configuration file and reopen - * the trail file. - */ - if (reread_config) { - reread_config = 0; - warnx("rereading configuration"); - conf_fp = fopen(conffile, "r"); - if (conf_fp == NULL) - err(-1, "%s", conffile); - auditfilterd_conf(conffile, conf_fp); - fclose(conf_fp); - - fclose(trail_fp); - trail_fp = fopen(trailfile, "r"); - if (trail_fp == NULL) - err(-1, "%s", trailfile); - } - if (quit) { - warnx("quitting"); - break; - } - - /* - * For now, be relatively unrobust about incomplete records, - * but in the future will want to do better. Need to look - * more at the right blocking and signal behavior here. - */ - reclen = au_read_rec(trail_fp, &buf); - if (reclen == -1) - continue; - if (clock_gettime(CLOCK_REALTIME, &ts) < 0) - err(-1, "clock_gettime"); - present_rawrecord(&ts, buf, reclen); - present_tokens(&ts, buf, reclen); - free(buf); - } -} - -/* - * The main loop spins pulling records out of the record source and passing - * them to modules for processing. This version of the function accepts - * discrete record input from a file descriptor, as opposed to buffered input - * from a file stream. - */ -static void -mainloop_pipe(const char *conffile, const char *pipefile, int pipe_fd) -{ - u_char record[MAX_AUDIT_RECORD_SIZE]; - struct timespec ts; - FILE *conf_fp; - int reclen; - - while (1) { - /* - * On SIGHUP, we reread the configuration file. Unlike with - * a trail file, we don't reopen the pipe, as we don't want - * to miss records which will be flushed if we do. - */ - if (reread_config) { - reread_config = 0; - warnx("rereading configuration"); - conf_fp = fopen(conffile, "r"); - if (conf_fp == NULL) - err(-1, "%s", conffile); - auditfilterd_conf(conffile, conf_fp); - fclose(conf_fp); - } - if (quit) { - warnx("quitting"); - break; - } - - /* - * For now, be relatively unrobust about incomplete records, - * but in the future will want to do better. Need to look - * more at the right blocking and signal behavior here. - */ - reclen = read(pipe_fd, record, MAX_AUDIT_RECORD_SIZE); - if (reclen < 0) - continue; - if (clock_gettime(CLOCK_REALTIME, &ts) < 0) - err(-1, "clock_gettime"); - present_rawrecord(&ts, record, reclen); - present_tokens(&ts, record, reclen); - } -} - -int -main(int argc, char *argv[]) -{ - const char *pipefile, *trailfile, *conffile; - FILE *trail_fp, *conf_fp; - struct stat sb; - int pipe_fd; - int ch; - - conffile = AUDITFILTERD_CONFFILE; - trailfile = NULL; - pipefile = NULL; - while ((ch = getopt(argc, argv, "c:dp:t:")) != -1) { - switch (ch) { - case 'c': - conffile = optarg; - break; - - case 'd': - debug++; - break; - - case 't': - if (trailfile != NULL || pipefile != NULL) - usage(); - trailfile = optarg; - break; - - case 'p': - if (pipefile != NULL || trailfile != NULL) - usage(); - pipefile = optarg; - break; - - default: - usage(); - } - } - - argc -= optind; - argv += optind; - - if (argc != 0) - usage(); - - /* - * We allow only one of a pipe or a trail to be used. If none is - * specified, we provide a default pipe path. - */ - if (pipefile == NULL && trailfile == NULL) - pipefile = AUDITFILTERD_PIPEFILE; - - if (pipefile != NULL) { - pipe_fd = open(pipefile, O_RDONLY); - if (pipe_fd < 0) - err(-1, "open:%s", pipefile); - if (fstat(pipe_fd, &sb) < 0) - err(-1, "stat: %s", pipefile); - if (!S_ISCHR(sb.st_mode)) - errx(-1, "fstat: %s not device", pipefile); - } else { - trail_fp = fopen(trailfile, "r"); - if (trail_fp == NULL) - err(-1, "%s", trailfile); - } - - conf_fp = fopen(conffile, "r"); - if (conf_fp == NULL) - err(-1, "%s", conffile); - - auditfilterd_init(); - if (auditfilterd_conf(conffile, conf_fp) < 0) - exit(-1); - fclose(conf_fp); - - if (!debug) { - if (daemon(0, 0) < 0) - err(-1, "daemon"); - } - - signal(SIGHUP, signal_handler); - signal(SIGINT, signal_handler); - signal(SIGQUIT, signal_handler); - signal(SIGTERM, signal_handler); - - if (pipefile != NULL) - mainloop_pipe(conffile, pipefile, pipe_fd); - else - mainloop_file(conffile, trailfile, trail_fp); - - auditfilterd_conf_shutdown(); - return (0); -} diff --git a/contrib/openbsm/bin/auditfilterd/auditfilterd.h b/contrib/openbsm/bin/auditfilterd/auditfilterd.h deleted file mode 100644 index d55aeee..0000000 --- a/contrib/openbsm/bin/auditfilterd/auditfilterd.h +++ /dev/null @@ -1,79 +0,0 @@ -/*- - * Copyright (c) 2006 Robert N. M. Watson - * All rights reserved. - * - * This software was developed by Robert Watson for the TrustedBSD Project. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $P4: //depot/projects/trustedbsd/openbsm/bin/auditfilterd/auditfilterd.h#5 $ - */ - -#define AUDITFILTERD_CONFFILE "/etc/security/audit_filter" -#define AUDITFILTERD_PIPEFILE "/dev/auditpipe" - -/* - * Limit on the number of arguments that can appear in an audit_filterd - * configuration line. - */ -#define AUDITFILTERD_CONF_MAXARGS 256 - -/* - * Data structure description each instantiated module. - */ -struct auditfilter_module { - /* - * Fields from configuration file and dynamic linker. - */ - char *am_modulename; - char *am_arg_buffer; - int am_argc; - char **am_argv; - void *am_dlhandle; - - /* - * Fields provided by or extracted from the module. - */ - void *am_cookie; - audit_filter_attach_t am_attach; - audit_filter_reinit_t am_reinit; - audit_filter_record_t am_record; - audit_filter_rawrecord_t am_rawrecord; - audit_filter_detach_t am_detach; - - /* - * Fields for maintaining the list of modules. - */ - TAILQ_ENTRY(auditfilter_module) am_list; -}; -TAILQ_HEAD(auditfilter_module_list, auditfilter_module); - -/* - * List of currently registered modules. - */ -extern struct auditfilter_module_list filter_list; - -/* - * Function definitions. - */ -int auditfilterd_conf(const char *filename, FILE *fp); -void auditfilterd_conf_shutdown(void); diff --git a/contrib/openbsm/bin/auditfilterd/auditfilterd_conf.c b/contrib/openbsm/bin/auditfilterd/auditfilterd_conf.c deleted file mode 100644 index b0642fa..0000000 --- a/contrib/openbsm/bin/auditfilterd/auditfilterd_conf.c +++ /dev/null @@ -1,513 +0,0 @@ -/*- - * Copyright (c) 2006 Robert N. M. Watson - * All rights reserved. - * - * This software was developed by Robert Watson for the TrustedBSD Project. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $P4: //depot/projects/trustedbsd/openbsm/bin/auditfilterd/auditfilterd_conf.c#5 $ - */ - -/* - * Configuration file parser for auditfilterd. The configuration file is a - * very simple format, similar to other BSM configuration files, consisting - * of configuration entries of one line each. The configuration function is - * aware of previous runs, and will update the current configuration as - * needed. - * - * Modules are in one of two states: attached, or detached. If attach fails, - * detach is not called because it was not attached. If a module is attached - * and a call to its reinit method fails, we will detach it. - * - * Modules are passed a (void *) reference to their configuration state so - * that they may pass this into any common APIs we provide which may rely on - * that state. Currently, the only such API is the cookie API, which allows - * per-instance state to be maintained by a module. In the future, this will - * also be used to support per-instance preselection state. - */ - -#include <sys/types.h> - -#include <config/config.h> -#ifdef HAVE_FULL_QUEUE_H -#include <sys/queue.h> -#else -#include <compat/queue.h> -#endif - -#include <bsm/libbsm.h> -#include <bsm/audit_filter.h> - -#include <dlfcn.h> -#include <err.h> -#include <errno.h> -#include <limits.h> -#include <stdio.h> -#include <stdlib.h> -#include <string.h> - -#include "auditfilterd.h" - -/* - * Free an individual auditfilter_module structure. Will not shut down the - * module, just frees the memory. Does so conditional on pointers being - * non-NULL so that it can be used on partially allocated structures. - */ -static void -auditfilter_module_free(struct auditfilter_module *am) -{ - - if (am->am_modulename != NULL) - free(am->am_modulename); - if (am->am_arg_buffer != NULL) - free(am->am_arg_buffer); - if (am->am_argv != NULL) - free(am->am_argv); -} - -/* - * Free all memory associated with an auditfilter_module list. Does not - * dlclose() or shut down the modules, just free the memory. Use - * auditfilter_module_list_detach() for that, if required. - */ -static void -auditfilter_module_list_free(struct auditfilter_module_list *list) -{ - struct auditfilter_module *am; - - while (!(TAILQ_EMPTY(list))) { - am = TAILQ_FIRST(list); - TAILQ_REMOVE(list, am, am_list); - auditfilter_module_free(am); - } -} - -/* - * Detach an attached module from an auditfilter_module structure. Does not - * free the data structure itself. - */ -static void -auditfilter_module_detach(struct auditfilter_module *am) -{ - - if (am->am_detach != NULL) - am->am_detach(am); - am->am_cookie = NULL; - (void)dlclose(am->am_dlhandle); - am->am_dlhandle = NULL; -} - -/* - * Walk an auditfilter_module list, detaching each module. Intended to be - * combined with auditfilter_module_list_free(). - */ -static void -auditfilter_module_list_detach(struct auditfilter_module_list *list) -{ - struct auditfilter_module *am; - - TAILQ_FOREACH(am, list, am_list) - auditfilter_module_detach(am); -} - -/* - * Given a filled out auditfilter_module, use dlopen() and dlsym() to attach - * the module. If we fail, leave fields in the state we found them. - * - * XXXRW: Need a better way to report errors. - */ -static int -auditfilter_module_attach(struct auditfilter_module *am) -{ - - am->am_dlhandle = dlopen(am->am_modulename, RTLD_NOW); - if (am->am_dlhandle == NULL) { - warnx("auditfilter_module_attach: %s: %s", am->am_modulename, - dlerror()); - return (-1); - } - - /* - * Not implementing these is not considered a failure condition, - * although we might want to consider warning if obvious stuff is - * not implemented, such as am_record. - */ - am->am_attach = dlsym(am->am_dlhandle, AUDIT_FILTER_ATTACH_STRING); - am->am_reinit = dlsym(am->am_dlhandle, AUDIT_FILTER_REINIT_STRING); - am->am_record = dlsym(am->am_dlhandle, AUDIT_FILTER_RECORD_STRING); - am->am_rawrecord = dlsym(am->am_dlhandle, - AUDIT_FILTER_RAWRECORD_STRING); - am->am_detach = dlsym(am->am_dlhandle, AUDIT_FILTER_DETACH_STRING); - - if (am->am_attach != NULL) { - if (am->am_attach(am, am->am_argc, am->am_argv) - != AUDIT_FILTER_SUCCESS) { - warnx("auditfilter_module_attach: %s: failed", - am->am_modulename); - dlclose(am->am_dlhandle); - am->am_dlhandle = NULL; - am->am_cookie = NULL; - am->am_attach = NULL; - am->am_reinit = NULL; - am->am_record = NULL; - am->am_rawrecord = NULL; - am->am_detach = NULL; - return (-1); - } - } - - return (0); -} - -/* - * When the arguments for a module are changed, we notify the module through - * a call to its reinit method, if any. Return 0 on success, or -1 on - * failure. - */ -static int -auditfilter_module_reinit(struct auditfilter_module *am) -{ - - if (am->am_reinit == NULL) - return (0); - - if (am->am_reinit(am, am->am_argc, am->am_argv) != - AUDIT_FILTER_SUCCESS) { - warnx("auditfilter_module_reinit: %s: failed", - am->am_modulename); - return (-1); - } - - return (0); -} - -/* - * Given a configuration line, generate an auditfilter_module structure that - * describes it; caller will not pass comments in, so they are not looked - * for. Do not attempt to instantiate it. Will destroy the contents of - * 'buffer'. - * - * Configuration lines consist of two parts: the module name and arguments - * separated by a ':', and then a ','-delimited list of arguments. - * - * XXXRW: Need to decide where to send the warning output -- stderr for now. - */ -struct auditfilter_module * -auditfilter_module_parse(const char *filename, int linenumber, char *buffer) -{ - char *arguments, *module, **ap; - struct auditfilter_module *am; - - am = malloc(sizeof(*am)); - if (am == NULL) { - warn("auditfilter_module_parse: %s:%d", filename, linenumber); - return (NULL); - } - bzero(am, sizeof(*am)); - - /* - * First, break out the module and arguments strings. We look for - * one extra argument to make sure there are no more :'s in the line. - * That way, we prevent modules from using argument strings that, in - * the future, may cause problems for adding additional columns. - */ - arguments = buffer; - module = strsep(&arguments, ":"); - if (module == NULL || arguments == NULL) { - warnx("auditfilter_module_parse: %s:%d: parse error", - filename, linenumber); - return (NULL); - } - - am->am_modulename = strdup(module); - if (am->am_modulename == NULL) { - warn("auditfilter_module_parse: %s:%d", filename, linenumber); - auditfilter_module_free(am); - return (NULL); - } - - am->am_arg_buffer = strdup(buffer); - if (am->am_arg_buffer == NULL) { - warn("auditfilter_module_parse: %s:%d", filename, linenumber); - auditfilter_module_free(am); - return (NULL); - } - - /* - * Now, break out the arguments string into a series of arguments. - * This is a bit more complicated, and requires cleanup if things go - * wrong. - */ - am->am_argv = malloc(sizeof(char *) * AUDITFILTERD_CONF_MAXARGS); - if (am->am_argv == NULL) { - warn("auditfilter_module_parse: %s:%d", filename, linenumber); - auditfilter_module_free(am); - return (NULL); - } - bzero(am->am_argv, sizeof(char *) * AUDITFILTERD_CONF_MAXARGS); - am->am_argc = 0; - for (ap = am->am_argv; (*ap = strsep(&arguments, " \t")) != NULL;) { - if (**ap != '\0') { - am->am_argc++; - if (++ap >= &am->am_argv[AUDITFILTERD_CONF_MAXARGS]) - break; - } - } - if (ap >= &am->am_argv[AUDITFILTERD_CONF_MAXARGS]) { - warnx("auditfilter_module_parse: %s:%d: too many arguments", - filename, linenumber); - auditfilter_module_free(am); - return (NULL); - } - - return (am); -} - -/* - * Read a configuration file, and populate 'list' with the configuration - * lines. Does not attempt to instantiate the configuration, just read it - * into a useful set of data structures. - */ -static int -auditfilterd_conf_read(const char *filename, FILE *fp, - struct auditfilter_module_list *list) -{ - int error, linenumber, syntaxerror; - struct auditfilter_module *am; - char buffer[LINE_MAX]; - - syntaxerror = 0; - linenumber = 0; - while (!feof(fp) && !ferror(fp)) { - if (fgets(buffer, LINE_MAX, fp) == NULL) - break; - linenumber++; - if (buffer[0] == '#' || strlen(buffer) < 1) - continue; - buffer[strlen(buffer)-1] = '\0'; - am = auditfilter_module_parse(filename, linenumber, buffer); - if (am == NULL) { - syntaxerror = 1; - break; - } - TAILQ_INSERT_HEAD(list, am, am_list); - } - - /* - * File I/O error. - */ - if (ferror(fp)) { - error = errno; - auditfilter_module_list_free(list); - errno = error; - return (-1); - } - - /* - * Syntax error. - */ - if (syntaxerror) { - auditfilter_module_list_free(list); - errno = EINVAL; - return (-1); - } - return (0); -} - -/* - * Apply changes necessary to bring a new configuration into force. The new - * configuration data is passed in, and the current configuration is updated - * to match it. The contents of 'list' are freed or otherwise disposed of - * before return. - * - * The algorithms here are not very efficient, but this is an infrequent - * operation on very short lists. - */ -static void -auditfilterd_conf_apply(struct auditfilter_module_list *list) -{ - struct auditfilter_module *am1, *am2, *am_tmp; - int argc_tmp, found; - char **argv_tmp; - - /* - * First, remove remove and detach any entries that appear in the - * current configuration, but not the new configuration. - */ - TAILQ_FOREACH_SAFE(am1, &filter_list, am_list, am_tmp) { - found = 0; - TAILQ_FOREACH(am2, list, am_list) { - if (strcmp(am1->am_modulename, am2->am_modulename) - == 0) { - found = 1; - break; - } - } - if (found) - continue; - - /* - * am1 appears in filter_list, but not the new list, detach - * and free the module. - */ - warnx("detaching module %s", am1->am_modulename); - TAILQ_REMOVE(&filter_list, am1, am_list); - auditfilter_module_detach(am1); - auditfilter_module_free(am1); - } - - /* - * Next, update the configuration of any modules that appear in both - * lists. We do this by swapping the two argc and argv values and - * freeing the new one, rather than detaching the old one and - * attaching the new one. That way module state is preserved. - */ - TAILQ_FOREACH(am1, &filter_list, am_list) { - found = 0; - TAILQ_FOREACH(am2, list, am_list) { - if (strcmp(am1->am_modulename, am2->am_modulename) - == 0) { - found = 1; - break; - } - } - if (!found) - continue; - - /* - * Swap the arguments. - */ - argc_tmp = am1->am_argc; - argv_tmp = am1->am_argv; - am1->am_argc = am2->am_argc; - am1->am_argv = am2->am_argv; - am2->am_argc = argc_tmp; - am2->am_argv = argv_tmp; - - /* - * The reinit is a bit tricky: if reinit fails, we actually - * remove the old entry and detach that, as we don't allow - * running modules to be out of sync with the configuration - * file. - */ - warnx("reiniting module %s", am1->am_modulename); - if (auditfilter_module_reinit(am1) != 0) { - warnx("reinit failed for module %s, detaching", - am1->am_modulename); - TAILQ_REMOVE(&filter_list, am1, am_list); - auditfilter_module_detach(am1); - auditfilter_module_free(am1); - } - - /* - * Free the entry from the new list, which will discard the - * old arguments. No need to detach, as it was never - * attached in the first place. - */ - TAILQ_REMOVE(list, am2, am_list); - auditfilter_module_free(am2); - } - - /* - * Finally, attach any new entries that don't appear in the old - * configuration, and if they attach successfully, move them to the - * real configuration list. - */ - TAILQ_FOREACH(am1, list, am_list) { - found = 0; - TAILQ_FOREACH(am2, &filter_list, am_list) { - if (strcmp(am1->am_modulename, am2->am_modulename) - == 0) { - found = 1; - break; - } - } - if (found) - continue; - /* - * Attach the entry. If it succeeds, add to filter_list, - * otherwise, free. No need to detach if attach failed. - */ - warnx("attaching module %s", am1->am_modulename); - TAILQ_REMOVE(list, am1, am_list); - if (auditfilter_module_attach(am1) != 0) { - warnx("attaching module %s failed", - am1->am_modulename); - auditfilter_module_free(am1); - } else - TAILQ_INSERT_HEAD(&filter_list, am1, am_list); - } - - if (TAILQ_FIRST(list) != NULL) - warnx("auditfilterd_conf_apply: new list not empty\n"); -} - -/* - * Read the new configuration file into a local list. If the configuration - * file is parsed OK, then apply the changes. - */ -int -auditfilterd_conf(const char *filename, FILE *fp) -{ - struct auditfilter_module_list list; - - TAILQ_INIT(&list); - if (auditfilterd_conf_read(filename, fp, &list) < 0) - return (-1); - - auditfilterd_conf_apply(&list); - - return (0); -} - -/* - * Detach and free all active filter modules for daemon shutdown. - */ -void -auditfilterd_conf_shutdown(void) -{ - - auditfilter_module_list_detach(&filter_list); - auditfilter_module_list_free(&filter_list); -} - -/* - * APIs to allow modules to query and set their per-instance cookie. - */ -void -audit_filter_getcookie(void *instance, void **cookie) -{ - struct auditfilter_module *am; - - am = (struct auditfilter_module *)instance; - *cookie = am->am_cookie; -} - -void -audit_filter_setcookie(void *instance, void *cookie) -{ - struct auditfilter_module *am; - - am = (struct auditfilter_module *)instance; - am->am_cookie = cookie; -} diff --git a/contrib/openbsm/bin/auditreduce/Makefile b/contrib/openbsm/bin/auditreduce/Makefile deleted file mode 100644 index f4c292a..0000000 --- a/contrib/openbsm/bin/auditreduce/Makefile +++ /dev/null @@ -1,12 +0,0 @@ -# -# $P4: //depot/projects/trustedbsd/openbsm/bin/auditreduce/Makefile#4 $ -# - -CFLAGS+= -I- -I ../.. -I ../../libbsm -L ../../libbsm -I. -PROG= auditreduce -MAN= auditreduce.1 -DPADD= /usr/lib/libbsm.a -LDADD= -lbsm -BINDIR= /usr/sbin - -.include <bsd.prog.mk> diff --git a/contrib/openbsm/bin/auditreduce/Makefile.am b/contrib/openbsm/bin/auditreduce/Makefile.am deleted file mode 100644 index cce29a6..0000000 --- a/contrib/openbsm/bin/auditreduce/Makefile.am +++ /dev/null @@ -1,10 +0,0 @@ -# -# $P4: //depot/projects/trustedbsd/openbsm/bin/auditreduce/Makefile.am#1 $ -# - -INCLUDES = -I$(top_srcdir) - -sbin_PROGRAMS = auditreduce -auditreduce_SOURCES = auditreduce.c -auditreduce_LDADD = $(top_builddir)/libbsm/libbsm.la -man1_MANS = auditreduce.1 diff --git a/contrib/openbsm/bin/auditreduce/Makefile.in b/contrib/openbsm/bin/auditreduce/Makefile.in deleted file mode 100644 index 7dae162..0000000 --- a/contrib/openbsm/bin/auditreduce/Makefile.in +++ /dev/null @@ -1,516 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# -# $P4: //depot/projects/trustedbsd/openbsm/bin/auditreduce/Makefile.in#4 $ -# - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -sbin_PROGRAMS = auditreduce$(EXEEXT) -subdir = bin/auditreduce -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/configure.ac -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/config/config.h -CONFIG_CLEAN_FILES = -am__installdirs = "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(man1dir)" -sbinPROGRAMS_INSTALL = $(INSTALL_PROGRAM) -PROGRAMS = $(sbin_PROGRAMS) -am_auditreduce_OBJECTS = auditreduce.$(OBJEXT) -auditreduce_OBJECTS = $(am_auditreduce_OBJECTS) -auditreduce_DEPENDENCIES = $(top_builddir)/libbsm/libbsm.la -DEFAULT_INCLUDES = -I. -I$(top_builddir)/config@am__isrc@ -depcomp = $(SHELL) $(top_srcdir)/config/depcomp -am__depfiles_maybe = depfiles -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ -SOURCES = $(auditreduce_SOURCES) -DIST_SOURCES = $(auditreduce_SOURCES) -man1dir = $(mandir)/man1 -NROFF = nroff -MANS = $(man1_MANS) -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CC = @CC@ -CCDEPMODE = @CCDEPMODE@ -CFLAGS = @CFLAGS@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXDEPMODE = @CXXDEPMODE@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DEFS = @DEFS@ -DEPDIR = @DEPDIR@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -RANLIB = @RANLIB@ -SED = @SED@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__include = @am__include@ -am__leading_dot = @am__leading_dot@ -am__quote = @am__quote@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -INCLUDES = -I$(top_srcdir) -auditreduce_SOURCES = auditreduce.c -auditreduce_LDADD = $(top_builddir)/libbsm/libbsm.la -man1_MANS = auditreduce.1 -all: all-am - -.SUFFIXES: -.SUFFIXES: .c .lo .o .obj -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign bin/auditreduce/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign bin/auditreduce/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -install-sbinPROGRAMS: $(sbin_PROGRAMS) - @$(NORMAL_INSTALL) - test -z "$(sbindir)" || $(MKDIR_P) "$(DESTDIR)$(sbindir)" - @list='$(sbin_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(sbindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(sbindir)/$$f" || exit 1; \ - else :; fi; \ - done - -uninstall-sbinPROGRAMS: - @$(NORMAL_UNINSTALL) - @list='$(sbin_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(sbindir)/$$f'"; \ - rm -f "$(DESTDIR)$(sbindir)/$$f"; \ - done - -clean-sbinPROGRAMS: - @list='$(sbin_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -auditreduce$(EXEEXT): $(auditreduce_OBJECTS) $(auditreduce_DEPENDENCIES) - @rm -f auditreduce$(EXEEXT) - $(LINK) $(auditreduce_OBJECTS) $(auditreduce_LDADD) $(LIBS) - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/auditreduce.Po@am__quote@ - -.c.o: -@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< -@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(COMPILE) -c $< - -.c.obj: -@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` -@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: -@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< -@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-man1: $(man1_MANS) $(man_MANS) - @$(NORMAL_INSTALL) - test -z "$(man1dir)" || $(MKDIR_P) "$(DESTDIR)$(man1dir)" - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst"; \ - done -uninstall-man1: - @$(NORMAL_UNINSTALL) - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man1dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man1dir)/$$inst"; \ - done - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done -check-am: all-am -check: check-am -all-am: Makefile $(PROGRAMS) $(MANS) -installdirs: - for dir in "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(man1dir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libtool clean-sbinPROGRAMS \ - mostlyclean-am - -distclean: distclean-am - -rm -rf ./$(DEPDIR) - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: install-man - -install-dvi: install-dvi-am - -install-exec-am: install-sbinPROGRAMS - -install-html: install-html-am - -install-info: install-info-am - -install-man: install-man1 - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -rf ./$(DEPDIR) - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-man uninstall-sbinPROGRAMS - -uninstall-man: uninstall-man1 - -.MAKE: install-am install-strip - -.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ - clean-libtool clean-sbinPROGRAMS ctags distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-man1 install-pdf install-pdf-am install-ps \ - install-ps-am install-sbinPROGRAMS install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-man uninstall-man1 \ - uninstall-sbinPROGRAMS - -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/contrib/openbsm/bin/auditreduce/auditreduce.1 b/contrib/openbsm/bin/auditreduce/auditreduce.1 deleted file mode 100644 index 1f900f9..0000000 --- a/contrib/openbsm/bin/auditreduce/auditreduce.1 +++ /dev/null @@ -1,193 +0,0 @@ -.\" Copyright (c) 2004 Apple Computer, Inc. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. Neither the name of Apple Computer, Inc. ("Apple") nor the names of -.\" its contributors may be used to endorse or promote products derived -.\" from this software without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR -.\" ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING -.\" IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -.\" POSSIBILITY OF SUCH DAMAGE. -.\" -.\" $P4: //depot/projects/trustedbsd/openbsm/bin/auditreduce/auditreduce.1#14 $ -.\" -.Dd January 24, 2004 -.Dt AUDITREDUCE 1 -.Os -.Sh NAME -.Nm auditreduce -.Nd "select records from audit trail files" -.Sh SYNOPSIS -.Nm -.Op Fl A -.Op Fl a Ar YYYYMMDD Ns Op Ar HH Ns Op Ar MM Ns Op Ar SS -.Op Fl b Ar YYYYMMDD Ns Op Ar HH Ns Op Ar MM Ns Op Ar SS -.Op Fl c Ar flags -.Op Fl d Ar YYYYMMDD -.Op Fl e Ar euid -.Op Fl f Ar egid -.Op Fl g Ar rgid -.Op Fl j Ar id -.Op Fl m Ar event -.Op Fl o Ar object Ns = Ns Ar value -.Op Fl r Ar ruid -.Op Fl u Ar auid -.Op Ar -.Sh DESCRIPTION -The -.Nm -utility selects records from the audit trail files based on the specified -criteria. -Matching audit records are printed to the standard output in -their raw binary form. -If no -.Ar file -argument is specified, the standard input is used -by default. -Use the -.Xr praudit 1 -utility to print the selected audit records in human-readable form. -.Pp -The options are as follows: -.Bl -tag -width indent -.It Fl A -Select all records. -.It Fl a Ar YYYYMMDD Ns Op Ar HH Ns Op Ar MM Ns Op Ar SS -Select records that occurred after or on the given datetime. -.It Fl b Ar YYYYMMDD Ns Op Ar HH Ns Op Ar MM Ns Op Ar SS -Select records that occurred before the given datetime. -.It Fl c Ar flags -Select records matching the given audit classes specified as a comma -separated list of audit flags. -See -.Xr audit_control 5 -for a description of audit flags. -.It Fl d Ar YYYYMMDD -Select records that occurred on a given date. -This option cannot be used with -.Fl a -or -.Fl b . -.It Fl e Ar euid -Select records with the given effective user ID or name. -.It Fl f Ar egid -Select records with the given effective group ID or name. -.It Fl g Ar rgid -Select records with the given real group ID or name. -.It Fl j Ar id -Select records having a subject token with matching ID. -.It Fl m Ar event -Select records with the given event name or number. -See -.Xr audit_event 5 -for a description of audit event names and numbers. -.It Fl o Ar object Ns = Ns Ar value -.Bl -tag -width ".Cm msgqid" -.It Cm file -Select records containing path tokens, where the pathname matches -one of the comma delimited extended regular expression contained in -given specification. -Regular expressions which are prefixed with a tilde -.Pq Ql ~ -are excluded -from the search results. -These extended regular expressions are processed from left to right, -and a path will either be selected or deslected based on the first match. -.Pp -Since commas are used to delimit the regular expressions, a backslash -.Pq Ql \e -character should be used to escape the comma if it is a part of the search -pattern. -.It Cm msgqid -Select records containing the given message queue ID. -.It Cm pid -Select records containing the given process ID. -.It Cm semid -Select records containing the given semaphore ID. -.It Cm shmid -Select records containing the given shared memory ID. -.El -.It Fl r Ar ruid -Select records with the given real user ID or name. -.It Fl u Ar auid -Select records with the given audit ID. -.El -.Sh EXAMPLES -To select all records associated with effective user ID root from the audit -log -.Pa /var/audit/20031016184719.20031017122634 : -.Bd -literal -offset indent -auditreduce -e root \e - /var/audit/20031016184719.20031017122634 -.Ed -.Pp -To select all -.Xr setlogin 2 -events from that log: -.Bd -literal -offset indent -auditreduce -m AUE_SETLOGIN \e - /var/audit/20031016184719.20031017122634 -.Ed -.Pp -Output from the above command lines will typically be piped to a new trail -file, or via standard output to the -.Xr praudit 1 -command. -.Pp -Select all records containing a path token where the pathname contains -.Pa /etc/master.passwd : -.Bd -literal -offset indent -auditreduce -o file="/etc/master.passwd" \e - /var/audit/20031016184719.20031017122634 -.Ed -.Pp -Select all records containing path tokens, where the pathname is a TTY -device: -.Bd -literal -offset indent -auditreduce -o file="/dev/tty[a-zA-Z][0-9]+" \e - /var/audit/20031016184719.20031017122634 -.Ed -.Pp -Select all records containing path tokens, where the pathname is a TTY -except for -.Pa /dev/ttyp2 : -.Bd -literal -offset indent -auditreduce -o file="~/dev/ttyp2,/dev/tty[a-zA-Z][0-9]+" \e - /var/audit/20031016184719.20031017122634 -.Ed -.Sh SEE ALSO -.Xr praudit 1 , -.Xr audit_control 5 , -.Xr audit_event 5 -.Sh HISTORY -The OpenBSM implementation was created by McAfee Research, the security -division of McAfee Inc., under contract to Apple Computer Inc.\& in 2004. -It was subsequently adopted by the TrustedBSD Project as the foundation for -the OpenBSM distribution. -.Sh AUTHORS -.An -nosplit -This software was created by McAfee Research, the security research division -of McAfee, Inc., under contract to Apple Computer Inc. -Additional authors include -.An Wayne Salamon , -.An Robert Watson , -and SPARTA Inc. -.Pp -The Basic Security Module (BSM) interface to audit records and audit event -stream format were defined by Sun Microsystems. diff --git a/contrib/openbsm/bin/auditreduce/auditreduce.c b/contrib/openbsm/bin/auditreduce/auditreduce.c deleted file mode 100644 index c647bc9..0000000 --- a/contrib/openbsm/bin/auditreduce/auditreduce.c +++ /dev/null @@ -1,788 +0,0 @@ -/* - * Copyright (c) 2004 Apple Computer, Inc. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of Apple Computer, Inc. ("Apple") nor the names of - * its contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR - * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING - * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - * - * $P4: //depot/projects/trustedbsd/openbsm/bin/auditreduce/auditreduce.c#20 $ - */ - -/* - * Tool used to merge and select audit records from audit trail files - */ - -/* - * XXX Currently we do not support merging of records from multiple - * XXX audit trail files - * XXX We assume that records are sorted chronologically - both wrt to - * XXX the records present within the file and between the files themselves - */ - -#include <config/config.h> -#ifdef HAVE_FULL_QUEUE_H -#include <sys/queue.h> -#else -#include <compat/queue.h> -#endif - -#include <bsm/libbsm.h> - -#include <err.h> -#include <grp.h> -#include <pwd.h> -#include <stdio.h> -#include <stdlib.h> -#include <sysexits.h> -#include <string.h> -#include <time.h> -#include <unistd.h> -#include <regex.h> -#include <errno.h> - -#include "auditreduce.h" - -static TAILQ_HEAD(tailhead, re_entry) re_head = - TAILQ_HEAD_INITIALIZER(re_head); - -extern char *optarg; -extern int optind, optopt, opterr,optreset; - -static au_mask_t maskp; /* Class. */ -static time_t p_atime; /* Created after this time. */ -static time_t p_btime; /* Created before this time. */ -static uint16_t p_evtype; /* Event that we are searching for. */ -static int p_auid; /* Audit id. */ -static int p_euid; /* Effective user id. */ -static int p_egid; /* Effective group id. */ -static int p_rgid; /* Real group id. */ -static int p_ruid; /* Real user id. */ -static int p_subid; /* Subject id. */ - -/* - * Following are the objects (-o option) that we can select upon. - */ -static char *p_fileobj = NULL; -static char *p_msgqobj = NULL; -static char *p_pidobj = NULL; -static char *p_semobj = NULL; -static char *p_shmobj = NULL; -static char *p_sockobj = NULL; - -static uint32_t opttochk = 0; - -static void -parse_regexp(char *re_string) -{ - char *orig, *copy, re_error[64]; - struct re_entry *rep; - int error, nstrs, i, len; - - copy = strdup(re_string); - orig = copy; - len = strlen(copy); - for (nstrs = 0, i = 0; i < len; i++) { - if (copy[i] == ',' && i > 0) { - if (copy[i - 1] == '\\') - strcpy(©[i - 1], ©[i]); - else { - nstrs++; - copy[i] = '\0'; - } - } - } - TAILQ_INIT(&re_head); - for (i = 0; i < nstrs + 1; i++) { - rep = calloc(1, sizeof(*rep)); - if (rep == NULL) { - (void) fprintf(stderr, "calloc: %s\n", - strerror(errno)); - exit(1); - } - if (*copy == '~') { - copy++; - rep->re_negate = 1; - } - rep->re_pattern = strdup(copy); - error = regcomp(&rep->re_regexp, rep->re_pattern, - REG_EXTENDED | REG_NOSUB); - if (error != 0) { - regerror(error, &rep->re_regexp, re_error, 64); - (void) fprintf(stderr, "regcomp: %s\n", re_error); - exit(1); - } - TAILQ_INSERT_TAIL(&re_head, rep, re_glue); - len = strlen(copy); - copy += len + 1; - } - free(orig); -} - -static void -usage(const char *msg) -{ - fprintf(stderr, "%s\n", msg); - fprintf(stderr, "Usage: auditreduce [options] [file ...]\n"); - fprintf(stderr, "\tOptions are : \n"); - fprintf(stderr, "\t-A : all records\n"); - fprintf(stderr, "\t-a YYYYMMDD[HH[[MM[SS]]] : after date\n"); - fprintf(stderr, "\t-b YYYYMMDD[HH[[MM[SS]]] : before date\n"); - fprintf(stderr, "\t-c <flags> : matching class\n"); - fprintf(stderr, "\t-d YYYYMMDD : on date\n"); - fprintf(stderr, "\t-e <uid|name> : effective user\n"); - fprintf(stderr, "\t-f <gid|group> : effective group\n"); - fprintf(stderr, "\t-g <gid|group> : real group\n"); - fprintf(stderr, "\t-j <pid> : subject id \n"); - fprintf(stderr, "\t-m <evno|evname> : matching event\n"); - fprintf(stderr, "\t-o objecttype=objectvalue\n"); - fprintf(stderr, "\t\t file=<pathname>\n"); - fprintf(stderr, "\t\t msgqid=<ID>\n"); - fprintf(stderr, "\t\t pid=<ID>\n"); - fprintf(stderr, "\t\t semid=<ID>\n"); - fprintf(stderr, "\t\t shmid=<ID>\n"); - fprintf(stderr, "\t-r <uid|name> : real user\n"); - fprintf(stderr, "\t-u <uid|name> : audit user\n"); - exit(EX_USAGE); -} - -/* - * Check if the given auid matches the selection criteria. - */ -static int -select_auid(int au) -{ - - /* Check if we want to select on auid. */ - if (ISOPTSET(opttochk, OPT_u)) { - if (au != p_auid) - return (0); - } - return (1); -} - -/* - * Check if the given euid matches the selection criteria. - */ -static int -select_euid(int euser) -{ - - /* Check if we want to select on euid. */ - if (ISOPTSET(opttochk, OPT_e)) { - if (euser != p_euid) - return (0); - } - return (1); -} - -/* - * Check if the given egid matches the selection criteria. - */ -static int -select_egid(int egrp) -{ - - /* Check if we want to select on egid. */ - if (ISOPTSET(opttochk, OPT_f)) { - if (egrp != p_egid) - return (0); - } - return (1); -} - -/* - * Check if the given rgid matches the selection criteria. - */ -static int -select_rgid(int grp) -{ - - /* Check if we want to select on rgid. */ - if (ISOPTSET(opttochk, OPT_g)) { - if (grp != p_rgid) - return (0); - } - return (1); -} - -/* - * Check if the given ruid matches the selection criteria. - */ -static int -select_ruid(int user) -{ - - /* Check if we want to select on rgid. */ - if (ISOPTSET(opttochk, OPT_r)) { - if (user != p_ruid) - return (0); - } - return (1); -} - -/* - * Check if the given subject id (pid) matches the selection criteria. - */ -static int -select_subid(int subid) -{ - - /* Check if we want to select on subject uid. */ - if (ISOPTSET(opttochk, OPT_j)) { - if (subid != p_subid) - return (0); - } - return (1); -} - - -/* - * Check if object's pid maches the given pid. - */ -static int -select_pidobj(uint32_t pid) -{ - - if (ISOPTSET(opttochk, OPT_op)) { - if (pid != strtol(p_pidobj, (char **)NULL, 10)) - return (0); - } - return (1); -} - -/* - * Check if the given ipc object with the given type matches the selection - * criteria. - */ -static int -select_ipcobj(u_char type, uint32_t id, uint32_t *optchkd) -{ - - if (type == AT_IPC_MSG) { - SETOPT((*optchkd), OPT_om); - if (ISOPTSET(opttochk, OPT_om)) { - if (id != strtol(p_msgqobj, (char **)NULL, 10)) - return (0); - } - return (1); - } else if (type == AT_IPC_SEM) { - SETOPT((*optchkd), OPT_ose); - if (ISOPTSET(opttochk, OPT_ose)) { - if (id != strtol(p_semobj, (char **)NULL, 10)) - return (0); - } - return (1); - } else if (type == AT_IPC_SHM) { - SETOPT((*optchkd), OPT_osh); - if (ISOPTSET(opttochk, OPT_osh)) { - if (id != strtol(p_shmobj, (char **)NULL, 10)) - return (0); - } - return (1); - } - - /* Unknown type -- filter if *any* ipc filtering is required. */ - if (ISOPTSET(opttochk, OPT_om) || ISOPTSET(opttochk, OPT_ose) - || ISOPTSET(opttochk, OPT_osh)) - return (0); - - return (1); -} - - -/* - * Check if the file name matches selection criteria. - */ -static int -select_filepath(char *path, uint32_t *optchkd) -{ - struct re_entry *rep; - int match; - - SETOPT((*optchkd), OPT_of); - match = 1; - if (ISOPTSET(opttochk, OPT_of)) { - match = 0; - TAILQ_FOREACH(rep, &re_head, re_glue) { - if (regexec(&rep->re_regexp, path, 0, NULL, - 0) != REG_NOMATCH) - return (!rep->re_negate); - } - } - return (match); -} - -/* - * Returns 1 if the following pass the selection rules: - * - * before-time, - * after time, - * date, - * class, - * event - */ -static int -select_hdr32(tokenstr_t tok, uint32_t *optchkd) -{ - - SETOPT((*optchkd), (OPT_A | OPT_a | OPT_b | OPT_c | OPT_m)); - - /* The A option overrides a, b and d. */ - if (!ISOPTSET(opttochk, OPT_A)) { - if (ISOPTSET(opttochk, OPT_a)) { - if (difftime((time_t)tok.tt.hdr32.s, p_atime) < 0) { - /* Record was created before p_atime. */ - return (0); - } - } - - if (ISOPTSET(opttochk, OPT_b)) { - if (difftime(p_btime, (time_t)tok.tt.hdr32.s) < 0) { - /* Record was created after p_btime. */ - return (0); - } - } - } - - if (ISOPTSET(opttochk, OPT_c)) { - /* - * Check if the classes represented by the event matches - * given class. - */ - if (au_preselect(tok.tt.hdr32.e_type, &maskp, AU_PRS_BOTH, - AU_PRS_USECACHE) != 1) - return (0); - } - - /* Check if event matches. */ - if (ISOPTSET(opttochk, OPT_m)) { - if (tok.tt.hdr32.e_type != p_evtype) - return (0); - } - - return (1); -} - -static int -select_return32(tokenstr_t tok_ret32, tokenstr_t tok_hdr32, uint32_t *optchkd) -{ - int sorf; - - SETOPT((*optchkd), (OPT_c)); - if (tok_ret32.tt.ret32.status == 0) - sorf = AU_PRS_SUCCESS; - else - sorf = AU_PRS_FAILURE; - if (ISOPTSET(opttochk, OPT_c)) { - if (au_preselect(tok_hdr32.tt.hdr32.e_type, &maskp, sorf, - AU_PRS_USECACHE) != 1) - return (0); - } - return (1); -} - -/* - * Return 1 if checks for the the following succeed - * auid, - * euid, - * egid, - * rgid, - * ruid, - * process id - */ -static int -select_proc32(tokenstr_t tok, uint32_t *optchkd) -{ - - SETOPT((*optchkd), (OPT_u | OPT_e | OPT_f | OPT_g | OPT_r | OPT_op)); - - if (!select_auid(tok.tt.proc32.auid)) - return (0); - if (!select_euid(tok.tt.proc32.euid)) - return (0); - if (!select_egid(tok.tt.proc32.egid)) - return (0); - if (!select_rgid(tok.tt.proc32.rgid)) - return (0); - if (!select_ruid(tok.tt.proc32.ruid)) - return (0); - if (!select_pidobj(tok.tt.proc32.pid)) - return (0); - return (1); -} - -/* - * Return 1 if checks for the the following succeed - * auid, - * euid, - * egid, - * rgid, - * ruid, - * subject id - */ -static int -select_subj32(tokenstr_t tok, uint32_t *optchkd) -{ - - SETOPT((*optchkd), (OPT_u | OPT_e | OPT_f | OPT_g | OPT_r | OPT_j)); - - if (!select_auid(tok.tt.subj32.auid)) - return (0); - if (!select_euid(tok.tt.subj32.euid)) - return (0); - if (!select_egid(tok.tt.subj32.egid)) - return (0); - if (!select_rgid(tok.tt.subj32.rgid)) - return (0); - if (!select_ruid(tok.tt.subj32.ruid)) - return (0); - if (!select_subid(tok.tt.subj32.pid)) - return (0); - return (1); -} - -/* - * Read each record from the audit trail. Check if it is selected after - * passing through each of the options - */ -static int -select_records(FILE *fp) -{ - tokenstr_t tok_hdr32_copy; - u_char *buf; - tokenstr_t tok; - int reclen; - int bytesread; - int selected; - uint32_t optchkd; - - int err = 0; - while ((reclen = au_read_rec(fp, &buf)) != -1) { - optchkd = 0; - bytesread = 0; - selected = 1; - while ((selected == 1) && (bytesread < reclen)) { - if (-1 == au_fetch_tok(&tok, buf + bytesread, - reclen - bytesread)) { - /* Is this an incomplete record? */ - err = 1; - break; - } - - /* - * For each token type we have have different - * selection criteria. - */ - switch(tok.id) { - case AU_HEADER_32_TOKEN: - selected = select_hdr32(tok, - &optchkd); - bcopy(&tok, &tok_hdr32_copy, - sizeof(tok)); - break; - - case AU_PROCESS_32_TOKEN: - selected = select_proc32(tok, - &optchkd); - break; - - case AU_SUBJECT_32_TOKEN: - selected = select_subj32(tok, - &optchkd); - break; - - case AU_IPC_TOKEN: - selected = select_ipcobj( - tok.tt.ipc.type, tok.tt.ipc.id, - &optchkd); - break; - - case AU_FILE_TOKEN: - selected = select_filepath( - tok.tt.file.name, &optchkd); - break; - - case AU_PATH_TOKEN: - selected = select_filepath( - tok.tt.path.path, &optchkd); - break; - - case AU_RETURN_32_TOKEN: - selected = select_return32(tok, - tok_hdr32_copy, &optchkd); - break; - - /* - * The following tokens dont have any relevant - * attributes that we can select upon. - */ - case AU_TRAILER_TOKEN: - case AU_ARG32_TOKEN: - case AU_ATTR32_TOKEN: - case AU_EXIT_TOKEN: - case AU_NEWGROUPS_TOKEN: - case AU_IN_ADDR_TOKEN: - case AU_IP_TOKEN: - case AU_IPCPERM_TOKEN: - case AU_IPORT_TOKEN: - case AU_OPAQUE_TOKEN: - case AU_SEQ_TOKEN: - case AU_TEXT_TOKEN: - case AU_ARB_TOKEN: - case AU_SOCK_TOKEN: - default: - break; - } - bytesread += tok.len; - } - if ((selected == 1) && (!err)) { - /* Check if all the options were matched. */ - if (!(opttochk & ~optchkd)) { - /* XXX Write this record to the output file. */ - /* default to stdout */ - fwrite(buf, 1, reclen, stdout); - } - } - free(buf); - } - return (0); -} - -/* - * The -o option has the form object_type=object_value. Identify the object - * components. - */ -void -parse_object_type(char *name, char *val) -{ - if (val == NULL) - return; - - if (!strcmp(name, FILEOBJ)) { - p_fileobj = val; - parse_regexp(val); - SETOPT(opttochk, OPT_of); - } else if (!strcmp(name, MSGQIDOBJ)) { - p_msgqobj = val; - SETOPT(opttochk, OPT_om); - } else if (!strcmp(name, PIDOBJ)) { - p_pidobj = val; - SETOPT(opttochk, OPT_op); - } else if (!strcmp(name, SEMIDOBJ)) { - p_semobj = val; - SETOPT(opttochk, OPT_ose); - } else if (!strcmp(name, SHMIDOBJ)) { - p_shmobj = val; - SETOPT(opttochk, OPT_osh); - } else if (!strcmp(name, SOCKOBJ)) { - p_sockobj = val; - SETOPT(opttochk, OPT_oso); - } else - usage("unknown value for -o"); -} - -int -main(int argc, char **argv) -{ - struct group *grp; - struct passwd *pw; - struct tm tm; - au_event_t *n; - FILE *fp; - int i; - char *objval, *converr; - int ch; - char timestr[128]; - char *fname; - - converr = NULL; - - while ((ch = getopt(argc, argv, "Aa:b:c:d:e:f:g:j:m:o:r:u:")) != -1) { - switch(ch) { - case 'A': - SETOPT(opttochk, OPT_A); - break; - - case 'a': - if (ISOPTSET(opttochk, OPT_a)) { - usage("d is exclusive with a and b"); - } - SETOPT(opttochk, OPT_a); - bzero(&tm, sizeof(tm)); - strptime(optarg, "%Y%m%d%H%M%S", &tm); - strftime(timestr, sizeof(timestr), "%Y%m%d%H%M%S", - &tm); - /* fprintf(stderr, "Time converted = %s\n", timestr); */ - p_atime = mktime(&tm); - break; - - case 'b': - if (ISOPTSET(opttochk, OPT_b)) { - usage("d is exclusive with a and b"); - } - SETOPT(opttochk, OPT_b); - bzero(&tm, sizeof(tm)); - strptime(optarg, "%Y%m%d%H%M%S", &tm); - strftime(timestr, sizeof(timestr), "%Y%m%d%H%M%S", - &tm); - /* fprintf(stderr, "Time converted = %s\n", timestr); */ - p_btime = mktime(&tm); - break; - - case 'c': - if (0 != getauditflagsbin(optarg, &maskp)) { - /* Incorrect class */ - usage("Incorrect class"); - } - SETOPT(opttochk, OPT_c); - break; - - case 'd': - if (ISOPTSET(opttochk, OPT_b) || ISOPTSET(opttochk, - OPT_a)) - usage("'d' is exclusive with 'a' and 'b'"); - SETOPT(opttochk, OPT_d); - bzero(&tm, sizeof(tm)); - strptime(optarg, "%Y%m%d", &tm); - strftime(timestr, sizeof(timestr), "%Y%m%d", &tm); - /* fprintf(stderr, "Time converted = %s\n", timestr); */ - p_atime = mktime(&tm); - tm.tm_hour = 23; - tm.tm_min = 59; - tm.tm_sec = 59; - strftime(timestr, sizeof(timestr), "%Y%m%d", &tm); - /* fprintf(stderr, "Time converted = %s\n", timestr); */ - p_btime = mktime(&tm); - break; - - case 'e': - p_euid = strtol(optarg, &converr, 10); - if (*converr != '\0') { - /* Try the actual name */ - if ((pw = getpwnam(optarg)) == NULL) - break; - p_euid = pw->pw_uid; - } - SETOPT(opttochk, OPT_e); - break; - - case 'f': - p_egid = strtol(optarg, &converr, 10); - if (*converr != '\0') { - /* Try actual group name. */ - if ((grp = getgrnam(optarg)) == NULL) - break; - p_egid = grp->gr_gid; - } - SETOPT(opttochk, OPT_f); - break; - - case 'g': - p_rgid = strtol(optarg, &converr, 10); - if (*converr != '\0') { - /* Try actual group name. */ - if ((grp = getgrnam(optarg)) == NULL) - break; - p_rgid = grp->gr_gid; - } - SETOPT(opttochk, OPT_g); - break; - - case 'j': - p_subid = strtol(optarg, (char **)NULL, 10); - SETOPT(opttochk, OPT_j); - break; - - case 'm': - p_evtype = strtol(optarg, (char **)NULL, 10); - if (p_evtype == 0) { - /* Could be the string representation. */ - n = getauevnonam(optarg); - if (n == NULL) - usage("Incorrect event name"); - p_evtype = *n; - } - SETOPT(opttochk, OPT_m); - break; - - case 'o': - objval = strchr(optarg, '='); - if (objval != NULL) { - *objval = '\0'; - objval += 1; - parse_object_type(optarg, objval); - } - break; - - case 'r': - p_ruid = strtol(optarg, &converr, 10); - if (*converr != '\0') { - if ((pw = getpwnam(optarg)) == NULL) - break; - p_ruid = pw->pw_uid; - } - SETOPT(opttochk, OPT_r); - break; - - case 'u': - p_auid = strtol(optarg, &converr, 10); - if (*converr != '\0') { - if ((pw = getpwnam(optarg)) == NULL) - break; - p_auid = pw->pw_uid; - } - SETOPT(opttochk, OPT_u); - break; - - case '?': - default: - usage("Unknown option"); - } - } - argv += optind; - argc -= optind; - - if (argc == 0) { - if (select_records(stdin) == -1) - errx(EXIT_FAILURE, - "Couldn't select records from stdin"); - exit(EXIT_SUCCESS); - } - - /* - * XXX: We should actually be merging records here. - */ - for (i = 0; i < argc; i++) { - fname = argv[i]; - fp = fopen(fname, "r"); - if (fp == NULL) - errx(EXIT_FAILURE, "Couldn't open %s", fname); - if (select_records(fp) == -1) { - errx(EXIT_FAILURE, "Couldn't select records %s", - fname); - } - fclose(fp); - } - exit(EXIT_SUCCESS); -} diff --git a/contrib/openbsm/bin/auditreduce/auditreduce.h b/contrib/openbsm/bin/auditreduce/auditreduce.h deleted file mode 100644 index f69dc16..0000000 --- a/contrib/openbsm/bin/auditreduce/auditreduce.h +++ /dev/null @@ -1,74 +0,0 @@ -/* - * Copyright (c) 2004 Apple Computer, Inc. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of Apple Computer, Inc. ("Apple") nor the names of - * its contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR - * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING - * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - * - * $P4: //depot/projects/trustedbsd/openbsm/bin/auditreduce/auditreduce.h#5 $ - */ - -#ifndef _AUDITREDUCE_H_ -#define _AUDITREDUCE_H_ - - -struct re_entry { - char *re_pattern; - int re_negate; - regex_t re_regexp; - TAILQ_ENTRY(re_entry) re_glue; -}; - -#define OPT_a 0x00000001 -#define OPT_b 0x00000002 -#define OPT_c 0x00000004 -#define OPT_d (OPT_a | OPT_b) -#define OPT_e 0x00000010 -#define OPT_f 0x00000020 -#define OPT_g 0x00000040 -#define OPT_j 0x00000080 -#define OPT_m 0x00000100 -#define OPT_of 0x00000200 -#define OPT_om 0x00000400 -#define OPT_op 0x00000800 -#define OPT_ose 0x00001000 -#define OPT_osh 0x00002000 -#define OPT_oso 0x00004000 -#define OPT_r 0x00008000 -#define OPT_u 0x00010000 -#define OPT_A 0x00020000 - -#define FILEOBJ "file" -#define MSGQIDOBJ "msgqid" -#define PIDOBJ "pid" -#define SEMIDOBJ "semid" -#define SHMIDOBJ "shmid" -#define SOCKOBJ "sock" - - -#define SETOPT(optmask, bit) (optmask |= bit) -#define ISOPTSET(optmask, bit) (optmask & bit) - - -#endif /* !_AUDITREDUCE_H_ */ diff --git a/contrib/openbsm/bin/praudit/Makefile b/contrib/openbsm/bin/praudit/Makefile deleted file mode 100644 index 34e136b..0000000 --- a/contrib/openbsm/bin/praudit/Makefile +++ /dev/null @@ -1,12 +0,0 @@ -# -# $P4: //depot/projects/trustedbsd/openbsm/bin/praudit/Makefile#4 $ -# - -CFLAGS+= -I- -I ../.. -I ../../libbsm -L ../../libbsm -I. -PROG= praudit -MAN= praudit.1 -DPADD= /usr/lib/libbsm.a -LDADD= -lbsm -BINDIR= /usr/sbin - -.include <bsd.prog.mk> diff --git a/contrib/openbsm/bin/praudit/Makefile.am b/contrib/openbsm/bin/praudit/Makefile.am deleted file mode 100644 index 317567f..0000000 --- a/contrib/openbsm/bin/praudit/Makefile.am +++ /dev/null @@ -1,10 +0,0 @@ -# -# $P4: //depot/projects/trustedbsd/openbsm/bin/praudit/Makefile.am#1 $ -# - -INCLUDES = -I$(top_srcdir) - -sbin_PROGRAMS = praudit -praudit_SOURCES = praudit.c -praudit_LDADD = $(top_builddir)/libbsm/libbsm.la -man1_MANS = praudit.1 diff --git a/contrib/openbsm/bin/praudit/Makefile.in b/contrib/openbsm/bin/praudit/Makefile.in deleted file mode 100644 index b2c01b3..0000000 --- a/contrib/openbsm/bin/praudit/Makefile.in +++ /dev/null @@ -1,516 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# -# $P4: //depot/projects/trustedbsd/openbsm/bin/praudit/Makefile.in#4 $ -# - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -sbin_PROGRAMS = praudit$(EXEEXT) -subdir = bin/praudit -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/configure.ac -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/config/config.h -CONFIG_CLEAN_FILES = -am__installdirs = "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(man1dir)" -sbinPROGRAMS_INSTALL = $(INSTALL_PROGRAM) -PROGRAMS = $(sbin_PROGRAMS) -am_praudit_OBJECTS = praudit.$(OBJEXT) -praudit_OBJECTS = $(am_praudit_OBJECTS) -praudit_DEPENDENCIES = $(top_builddir)/libbsm/libbsm.la -DEFAULT_INCLUDES = -I. -I$(top_builddir)/config@am__isrc@ -depcomp = $(SHELL) $(top_srcdir)/config/depcomp -am__depfiles_maybe = depfiles -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ -SOURCES = $(praudit_SOURCES) -DIST_SOURCES = $(praudit_SOURCES) -man1dir = $(mandir)/man1 -NROFF = nroff -MANS = $(man1_MANS) -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CC = @CC@ -CCDEPMODE = @CCDEPMODE@ -CFLAGS = @CFLAGS@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXDEPMODE = @CXXDEPMODE@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DEFS = @DEFS@ -DEPDIR = @DEPDIR@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -RANLIB = @RANLIB@ -SED = @SED@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__include = @am__include@ -am__leading_dot = @am__leading_dot@ -am__quote = @am__quote@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -INCLUDES = -I$(top_srcdir) -praudit_SOURCES = praudit.c -praudit_LDADD = $(top_builddir)/libbsm/libbsm.la -man1_MANS = praudit.1 -all: all-am - -.SUFFIXES: -.SUFFIXES: .c .lo .o .obj -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign bin/praudit/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign bin/praudit/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -install-sbinPROGRAMS: $(sbin_PROGRAMS) - @$(NORMAL_INSTALL) - test -z "$(sbindir)" || $(MKDIR_P) "$(DESTDIR)$(sbindir)" - @list='$(sbin_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(sbindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(sbindir)/$$f" || exit 1; \ - else :; fi; \ - done - -uninstall-sbinPROGRAMS: - @$(NORMAL_UNINSTALL) - @list='$(sbin_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(sbindir)/$$f'"; \ - rm -f "$(DESTDIR)$(sbindir)/$$f"; \ - done - -clean-sbinPROGRAMS: - @list='$(sbin_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -praudit$(EXEEXT): $(praudit_OBJECTS) $(praudit_DEPENDENCIES) - @rm -f praudit$(EXEEXT) - $(LINK) $(praudit_OBJECTS) $(praudit_LDADD) $(LIBS) - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/praudit.Po@am__quote@ - -.c.o: -@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< -@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(COMPILE) -c $< - -.c.obj: -@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` -@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: -@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< -@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-man1: $(man1_MANS) $(man_MANS) - @$(NORMAL_INSTALL) - test -z "$(man1dir)" || $(MKDIR_P) "$(DESTDIR)$(man1dir)" - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst"; \ - done -uninstall-man1: - @$(NORMAL_UNINSTALL) - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man1dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man1dir)/$$inst"; \ - done - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done -check-am: all-am -check: check-am -all-am: Makefile $(PROGRAMS) $(MANS) -installdirs: - for dir in "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(man1dir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libtool clean-sbinPROGRAMS \ - mostlyclean-am - -distclean: distclean-am - -rm -rf ./$(DEPDIR) - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: install-man - -install-dvi: install-dvi-am - -install-exec-am: install-sbinPROGRAMS - -install-html: install-html-am - -install-info: install-info-am - -install-man: install-man1 - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -rf ./$(DEPDIR) - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-man uninstall-sbinPROGRAMS - -uninstall-man: uninstall-man1 - -.MAKE: install-am install-strip - -.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ - clean-libtool clean-sbinPROGRAMS ctags distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-man1 install-pdf install-pdf-am install-ps \ - install-ps-am install-sbinPROGRAMS install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-man uninstall-man1 \ - uninstall-sbinPROGRAMS - -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/contrib/openbsm/bin/praudit/praudit.1 b/contrib/openbsm/bin/praudit/praudit.1 deleted file mode 100644 index c32c37c..0000000 --- a/contrib/openbsm/bin/praudit/praudit.1 +++ /dev/null @@ -1,118 +0,0 @@ -.\" Copyright (c) 2004 Apple Computer, Inc. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. Neither the name of Apple Computer, Inc. ("Apple") nor the names of -.\" its contributors may be used to endorse or promote products derived -.\" from this software without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR -.\" ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING -.\" IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -.\" POSSIBILITY OF SUCH DAMAGE. -.\" -.\" $P4: //depot/projects/trustedbsd/openbsm/bin/praudit/praudit.1#12 $ -.\" -.Dd November 5, 2006 -.Dt PRAUDIT 1 -.Os -.Sh NAME -.Nm praudit -.Nd "print the contents of audit trail files" -.Sh SYNOPSIS -.Nm -.Op Fl lpx -.Op Fl r | s -.Op Fl d Ar del -.Op Ar -.Sh DESCRIPTION -The -.Nm -utility prints the contents of the audit trail files to the standard output in -human-readable form. -If no -.Ar file -argument is specified, the standard input is used -by default. -.Pp -The options are as follows: -.Bl -tag -width indent -.It Fl d Ar del -Specifies the delimiter. -The default delimiter is the comma. -.It Fl l -Prints the entire record on the same line. -If this option is not specified, -every token is displayed on a different line. -.It Fl p -Specify this option if input to -.Nm -is piped from the -.Xr tail 1 -utility. -This causes -.Nm -to sync to the start of the next record. -.It Fl r -Prints the records in their raw, numeric form. -This option is exclusive from -.Fl s . -.It Fl s -Prints the tokens in their short form. -Short text representations for -record and event type are displayed. -This option is exclusive from -.Fl r . -.It Fl x -Print audit records in the XML output format. -.El -.Pp -If the raw or short forms are not specified, the default is to print the tokens -in their long form. -Events are displayed as per their descriptions given in -.Pa /etc/security/audit_event ; -UIDs and GIDs are expanded to their names; -dates and times are displayed in human-readable format. -.Sh FILES -.Bl -tag -width ".Pa /etc/security/audit_control" -compact -.It Pa /etc/security/audit_class -Descriptions of audit event classes. -.It Pa /etc/security/audit_event -Descriptions of audit events. -.El -.Sh SEE ALSO -.Xr auditreduce 1 , -.Xr audit 4 , -.Xr auditpipe 4 , -.Xr audit_class 5 , -.Xr audit_event 5 -.Sh HISTORY -The OpenBSM implementation was created by McAfee Research, the security -division of McAfee Inc., under contract to Apple Computer Inc.\& in 2004. -It was subsequently adopted by the TrustedBSD Project as the foundation for -the OpenBSM distribution. -.Sh AUTHORS -.An -nosplit -This software was created by McAfee Research, the security research division -of McAfee, Inc., under contract to Apple Computer Inc. -Additional authors include -.An Wayne Salamon , -.An Robert Watson , -and SPARTA Inc. -.Pp -The Basic Security Module (BSM) interface to audit records and audit event -stream format were defined by Sun Microsystems. diff --git a/contrib/openbsm/bin/praudit/praudit.c b/contrib/openbsm/bin/praudit/praudit.c deleted file mode 100644 index 42f7383..0000000 --- a/contrib/openbsm/bin/praudit/praudit.c +++ /dev/null @@ -1,178 +0,0 @@ -/* - * Copyright (c) 2004 Apple Computer, Inc. - * Copyright (c) 2006 Martin Voros - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of Apple Computer, Inc. ("Apple") nor the names of - * its contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR - * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING - * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - * - * $P4: //depot/projects/trustedbsd/openbsm/bin/praudit/praudit.c#12 $ - */ - -/* - * Tool used to parse audit records conforming to the BSM structure. - */ - -/* - * praudit [-lpx] [-r | -s] [-d del] [file ...] - */ - -#include <bsm/libbsm.h> - -#include <stdio.h> -#include <stdlib.h> -#include <unistd.h> - -extern char *optarg; -extern int optind, optopt, opterr,optreset; - -static char *del = ","; /* Default delimiter. */ -static int oneline = 0; -static int raw = 0; -static int shortfrm = 0; -static int partial = 0; -static int xml = 0; - -static void -usage(void) -{ - - fprintf(stderr, "usage: praudit [-lpx] [-r | -s] [-d del] " - "[file ...]\n"); - exit(1); -} - -/* - * Token printing for each token type . - */ -static int -print_tokens(FILE *fp) -{ - u_char *buf; - tokenstr_t tok; - int reclen; - int bytesread; - - /* Allow tail -f | praudit to work. */ - if (partial) { - u_char type = 0; - /* Record must begin with a header token. */ - do { - type = fgetc(fp); - } while(type != AU_HEADER_32_TOKEN); - ungetc(type, fp); - } - - while ((reclen = au_read_rec(fp, &buf)) != -1) { - bytesread = 0; - while (bytesread < reclen) { - /* Is this an incomplete record? */ - if (-1 == au_fetch_tok(&tok, buf + bytesread, - reclen - bytesread)) - break; - if (xml) - au_print_tok_xml(stdout, &tok, del, raw, - shortfrm); - else - au_print_tok(stdout, &tok, del, raw, - shortfrm); - bytesread += tok.len; - if (oneline) { - if (!xml) - printf("%s", del); - } else - printf("\n"); - } - free(buf); - if (oneline) - printf("\n"); - fflush(stdout); - } - return (0); -} - -int -main(int argc, char **argv) -{ - int ch; - int i; - FILE *fp; - - while ((ch = getopt(argc, argv, "d:lprsx")) != -1) { - switch(ch) { - case 'd': - del = optarg; - break; - - case 'l': - oneline = 1; - break; - - case 'p': - partial = 1; - break; - - case 'r': - if (shortfrm) - usage(); /* Exclusive from shortfrm. */ - raw = 1; - break; - - case 's': - if (raw) - usage(); /* Exclusive from raw. */ - shortfrm = 1; - break; - - case 'x': - xml = 1; - break; - - case '?': - default: - usage(); - } - } - - if (xml) - au_print_xml_header(stdout); - - /* For each of the files passed as arguments dump the contents. */ - if (optind == argc) { - print_tokens(stdin); - return (1); - } - for (i = optind; i < argc; i++) { - fp = fopen(argv[i], "r"); - if ((fp == NULL) || (print_tokens(fp) == -1)) - perror(argv[i]); - if (fp != NULL) - fclose(fp); - } - - if (xml) - au_print_xml_footer(stdout); - - return (1); -} |
