Merge OpenBSM 1.1 from OpenBSM vendor branch to head.

OpenBSM history for imported revision below for reference. MFC after: 2 weeks Sponsored by: Apple, Inc. Obtained from: TrustedBSD Project OpenBSM 1.1 - Change auditon(2) parameters and data structures to be 32/64-bit architecture independent. Add more information to man page about auditon(2) parameters. - Add wrapper functions for auditon(2) to use legacy commands when the new commands are not supported. - Add default for 'expire-after' in audit_control to expire trail files when the audit directory is more than 10 megabytes ('10M'). - Interface to convert between local and BSM fcntl(2) command values has been added: au_bsm_to_fcntl_cmd(3) and au_fcntl_cmd_to_bsm(3), along with definitions of constants in audit_fcntl.h. - A bug, introduced in OpenBSM 1.1 alpha 4, in which AUT_RETURN32 tokens generated by audit_submit(3) were improperly encoded has been fixed. - Fix example in audit_submit(3) man page. Also, make it clear that we want the audit ID as the argument. - A new audit event class 'aa', for post-login authentication and authorization events, has been added.
author: rwatson <rwatson@FreeBSD.org> 2009-04-19 16:17:13 +0000
committer: rwatson <rwatson@FreeBSD.org> 2009-04-19 16:17:13 +0000
commit: 0776eb3d4e2d6b0ae1235e374c6b259d959701c2 (patch)
tree: 23231275c989b2a559134953a8963fe87175a61e /contrib/openbsm/man
parent: 7e3aff1dc199846d15b3c479bff793353b8cfe8f (diff)
parent: 54523de9b2bce64154b5be9c25e07f3c840f1144 (diff)
download: FreeBSD-src-0776eb3d4e2d6b0ae1235e374c6b259d959701c2.zip
FreeBSD-src-0776eb3d4e2d6b0ae1235e374c6b259d959701c2.tar.gz
2 files changed, 55 insertions, 20 deletions
diff --git a/contrib/openbsm/man/Makefile.in b/contrib/openbsm/man/Makefile.in
index 2f229f5..aeb775a 100644
--- a/contrib/openbsm/man/Makefile.in
+++ b/contrib/openbsm/man/Makefile.in
@@ -1,8 +1,8 @@
-# Makefile.in generated by automake 1.10 from Makefile.am.
+# Makefile.in generated by automake 1.10.1 from Makefile.am.
 # @configure_input@
 
 # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006  Free Software Foundation, Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008  Free Software Foundation, Inc.
 # This Makefile.in is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
@@ -15,7 +15,7 @@
 @SET_MAKE@
 
 #
-# $P4: //depot/projects/trustedbsd/openbsm/man/Makefile.in#8 $
+# $P4: //depot/projects/trustedbsd/openbsm/man/Makefile.in#9 $
 #
 VPATH = @srcdir@
 pkgdatadir = $(datadir)/@PACKAGE@
@@ -71,6 +71,7 @@ CXXFLAGS = @CXXFLAGS@
 CYGPATH_W = @CYGPATH_W@
 DEFS = @DEFS@
 DEPDIR = @DEPDIR@
+DSYMUTIL = @DSYMUTIL@
 ECHO = @ECHO@
 ECHO_C = @ECHO_C@
 ECHO_N = @ECHO_N@
@@ -95,6 +96,7 @@ MAINT = @MAINT@
 MAKEINFO = @MAKEINFO@
 MIG = @MIG@
 MKDIR_P = @MKDIR_P@
+NMEDIT = @NMEDIT@
 OBJEXT = @OBJEXT@
 PACKAGE = @PACKAGE@
 PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
@@ -158,6 +160,7 @@ sharedstatedir = @sharedstatedir@
 srcdir = @srcdir@
 sysconfdir = @sysconfdir@
 target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
 top_builddir = @top_builddir@
 top_srcdir = @top_srcdir@
 man2_MANS = \
diff --git a/contrib/openbsm/man/auditon.2 b/contrib/openbsm/man/auditon.2
index 9a0a9a1..e43debb 100644
--- a/contrib/openbsm/man/auditon.2
+++ b/contrib/openbsm/man/auditon.2
@@ -26,9 +26,9 @@
 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 .\" SUCH DAMAGE.
 .\"
-.\" $P4: //depot/projects/trustedbsd/openbsm/man/auditon.2#15 $
+.\" $P4: //depot/projects/trustedbsd/openbsm/man/auditon.2#16 $
 .\"
-.Dd July 10, 2008
+.Dd January 29, 2009
 .Dt AUDITON 2
 .Os
 .Sh NAME
@@ -63,7 +63,7 @@ The
 .Fa data
 argument
 must point to a
-.Vt long
+.Vt int
 value set to one or more the following audit
 policy control values bitwise OR'ed together:
 .Dv AUDIT_CNT ,
@@ -93,9 +93,16 @@ is set, then the environment variables passed to the
 system call will be audited.  The default policy is none of the audit policy
 control flags set. 
 .It Dv A_SETKAUDIT
-Return
-.Er ENOSYS .
-(Not implemented.)
+Set the host information.
+The
+.Fa data
+argument
+must point to a
+.Vt auditinfo_addr_t
+structure containing the host IP address information.
+After setting, audit records
+that are created as a result of kernel events will contain
+this information. 
 .It Dv A_SETKMASK
 Set the kernel preselection masks (success and failure).
 The
@@ -156,6 +163,15 @@ If the value of free blocks falls below the configured
 minimum amount, the kernel informs the audit daemon about low disk space.
 The value is to be specified in percent of free file system blocks.
 A value of 0 results in a disabling of the check.
+The default and maximum values (default/maximum) for the
+audit queue control parameters are:
+.Pp
+.Bl -column aq_hiwater -offset indent -compact
+.It aq_hiwater Ta 100/10000 (audit records)
+.It aq_lowater Ta 10/aq_hiwater (audit records)
+.It aq_bufsz Ta 32767/1048576 (bytes)
+.It aq_delay Ta (Not currently used.)
+.El
 .It Dv A_SETSTAT
 Return
 .Er ENOSYS .
@@ -174,7 +190,7 @@ The
 .Fa data
 argument
 must point to a
-.Vt long
+.Vt int
 value containing the new
 audit condition, one of
 .Dv AUC_AUDITING ,
@@ -235,10 +251,6 @@ structure with the
 field set to the maximum audit log file size.
 A value of 0
 indicates no limit to the size.
-.It Dv A_SETKAUDIT
-Return
-.Er ENOSYS .
-(Not implemented.)
 .It Dv A_GETCLASS
 Return the event to class mapping for the designated audit event.
 The
@@ -250,9 +262,13 @@ structure. See the
 .Dv A_SETCLASS 
 section above for more information.
 .It Dv A_GETKAUDIT
-Return
-.Er ENOSYS .
-(Not implemented.)
+Get the current host information.
+The
+.Fa data
+argument
+must point to a
+.Vt auditinfo_addr_t
+structure.
 .It Dv A_GETPINFO
 Return the audit settings for a process.
 The
@@ -302,6 +318,22 @@ See the section
 above and 
 .Xr getaudit 2
 for more information.
+.It Dv A_GETSINFO_ADDR
+Return the extended audit settings for a session.
+The
+.Fa data
+argument
+must point to a
+.Vt auditinfo_addr_t
+structure.
+The audit session ID of the target session is passed 
+into the kernel using the
+.Fa ai_asid
+field.  See 
+.Xr getaudit_addr 2
+for more information about the
+.Vt auditinfo_addr_t
+structure.
 .It Dv A_GETKMASK
 Return the current kernel preselection masks.
 The
@@ -317,7 +349,7 @@ The
 .Fa data
 argument
 must point to a
-.Vt long
+.Vt int
 value which will be set to
 one of the current audit policy flags.
 The audit policy flags are
@@ -377,7 +409,7 @@ The
 .Fa data
 argument
 must point to a
-.Vt long
+.Vt int
 value which will be set to
 the current audit condition, one of 
 .Dv AUC_AUDITING ,
@@ -393,7 +425,7 @@ The
 .Fa data
 argument
 must point to a
-.Vt long
+.Vt int
 value set to one of the acceptable
 trigger values:
 .Dv AUDIT_TRIGGER_LOW_SPACE
author	rwatson <rwatson@FreeBSD.org>	2009-04-19 16:17:13 +0000
committer	rwatson <rwatson@FreeBSD.org>	2009-04-19 16:17:13 +0000
commit	0776eb3d4e2d6b0ae1235e374c6b259d959701c2 (patch)
tree	23231275c989b2a559134953a8963fe87175a61e /contrib/openbsm/man
parent	7e3aff1dc199846d15b3c479bff793353b8cfe8f (diff)
parent	54523de9b2bce64154b5be9c25e07f3c840f1144 (diff)
download	FreeBSD-src-0776eb3d4e2d6b0ae1235e374c6b259d959701c2.zip FreeBSD-src-0776eb3d4e2d6b0ae1235e374c6b259d959701c2.tar.gz