diff options
author | rwatson <rwatson@FreeBSD.org> | 2006-09-21 07:07:33 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2006-09-21 07:07:33 +0000 |
commit | 3fc61fcaeb6c4f73a668795461e276064f449f38 (patch) | |
tree | e89d92d2294a63485849fba4ed404c2f99207ca7 /contrib/openbsm/libbsm/au_control.3 | |
parent | 24713adf4396d925450ece7ee61082d0bed8b75a (diff) | |
download | FreeBSD-src-3fc61fcaeb6c4f73a668795461e276064f449f38.zip FreeBSD-src-3fc61fcaeb6c4f73a668795461e276064f449f38.tar.gz |
Vendor import of OpenBSM 1.0 alpha 11, with the following change history
notes since the last import:
OpenBSM 1.0 alpha 11
- Reclassify certain read/write operations as having no class rather than the
fr/fw class; our default classes audit intent (open) not operations (read,
write).
- Introduce AUE_SYSCTL_WRITE event so that BSD/Darwin systems can audit reads
and writes of sysctls as separate events. Add additional kernel
environment and jail events for FreeBSD.
- Break AUDIT_TRIGGER_OPEN_NEW into two events, AUDIT_TRIGGER_ROTATE_USER
(issued by the user audit(8) tool) and AUDIT_TRIGGER_ROTATE_KERNEL (issued
by the kernel audit implementation) so that they can be distinguished.
- Disable rate limiting of rotate requests; as the kernel doesn't retransmit
a dropped request, the log file will otherwise grow indefinitely if the
trigger is dropped.
- Improve auditd debugging output.
- Fix a number of threading related bugs in audit_control file reading
routines.
- Add APIs au_poltostr() and au_strtopol() to convert between text
representations of audit_control policy flags and the flags passed to
auditon(A_SETPOLICY) and retrieved from auditon(A_GETPOLICY).
- Add API getacpol() to return the 'policy:' entry from audit_control, an
extension to the Solaris file format to allow specification of policy
persistent flags.
- Update audump to print the audit_control policy field.
- Update auditd to read the audit_control policy field and set the kernel
policy to match it when configuring/reconfiguring. Remove the -s and -h
arguments as these policies are now set via the configuration file. If a
policy line is not found in the configuration file, continue with the
current default of setting AUDIT_CNT.
- Fix bugs in the parsing of large execve(2) arguments and environmental
variable tokens; increase maximum parsed argument and variable count.
- configure now detects strlcat(), used by policy-related functions.
- Reference token and record sample files added to test tree.
Obtained from: TrustedBSD Project
Diffstat (limited to 'contrib/openbsm/libbsm/au_control.3')
-rw-r--r-- | contrib/openbsm/libbsm/au_control.3 | 42 |
1 files changed, 39 insertions, 3 deletions
diff --git a/contrib/openbsm/libbsm/au_control.3 b/contrib/openbsm/libbsm/au_control.3 index 0cd66f1..00a551e 100644 --- a/contrib/openbsm/libbsm/au_control.3 +++ b/contrib/openbsm/libbsm/au_control.3 @@ -23,7 +23,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_control.3#3 $ +.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_control.3#4 $ .\" .Dd April 19, 2005 .Dt AU_CONTROL 3 @@ -34,7 +34,10 @@ .Nm getacdir , .Nm getacmin , .Nm getacflg , -.Nm getacna +.Nm getacna , +.Nm getacpol , +.Nm au_poltostr +.Nm au_strtopol .Nd "Look up information from the audit_control database" .Sh LIBRARY .Lb libbsm @@ -52,6 +55,12 @@ .Fn getacflg "char *auditstr" "int len" .Ft int .Fn getacna "char *auditstr" "int len" +.Ft int +.Fn getacpol "char *auditstr" "size_t len" +.Ft ssize_t +.Fn au_poltostr "long policy" "size_t maxsize" "char *buf" +.Ft int +.Fn au_strtopol "const char *polstr" "long *policy" .Sh DESCRIPTION These interfaces may be used to look up information from the .Xr audit_control 5 @@ -90,15 +99,42 @@ returns the non-attributable flags via the passed character buffer .Va auditstr of length .Va len . +.Pp +.Fn getacpol +returns the audit policy flags via the passed character buffer +.Va auditstr +of length +.Va len . +.Pp +.Fn au_poltostr +converts a numeric audit policy mask, +.Va policy , +value to a string in the passed character buffer +.Va buf +of lenth +.Va maxsize . +.Pp +.Fn au_strtopol +converts an audit policy flags string, +.Va polstr , +to a numeric audit policy mask returned via +.Va policy . .Sh RETURN VALULES .Fn getacdir , .Fn getacmin , .Fn getacflg , +.Fn getacna , +.Fn getacpol , and -.Fn getacna +.Fn au_strtopol return 0 on success, or a negative value on failure, along with error information in .Va errno . +.Pp +.Fn au_poltostr +returns a string length of 0 or more on success, or a negative value on +if there is a failure. +.Pp Functions that return a string value will return a failure if there is insufficient room in the passed character buffer for the full string. .Sh SEE ALSO |