Vendor import of OpenBSM 1.0 alpha 11, with the following change history

notes since the last import:

OpenBSM 1.0 alpha 11

- Reclassify certain read/write operations as having no class rather than the
  fr/fw class; our default classes audit intent (open) not operations (read,
  write).
- Introduce AUE_SYSCTL_WRITE event so that BSD/Darwin systems can audit reads
  and writes of sysctls as separate events.  Add additional kernel
  environment and jail events for FreeBSD.
- Break AUDIT_TRIGGER_OPEN_NEW into two events, AUDIT_TRIGGER_ROTATE_USER
  (issued by the user audit(8) tool) and AUDIT_TRIGGER_ROTATE_KERNEL (issued
  by the kernel audit implementation) so that they can be distinguished.
- Disable rate limiting of rotate requests; as the kernel doesn't retransmit
  a dropped request, the log file will otherwise grow indefinitely if the
  trigger is dropped.
- Improve auditd debugging output.
- Fix a number of threading related bugs in audit_control file reading
  routines.
- Add APIs au_poltostr() and au_strtopol() to convert between text
  representations of audit_control policy flags and the flags passed to
  auditon(A_SETPOLICY) and retrieved from auditon(A_GETPOLICY).
- Add API getacpol() to return the 'policy:' entry from audit_control, an
  extension to the Solaris file format to allow specification of policy
  persistent flags.
- Update audump to print the audit_control policy field.
- Update auditd to read the audit_control policy field and set the kernel
  policy to match it when configuring/reconfiguring.  Remove the -s and -h
  arguments as these policies are now set via the configuration file.  If a
  policy line is not found in the configuration file, continue with the
  current default of setting AUDIT_CNT.
- Fix bugs in the parsing of large execve(2) arguments and environmental
  variable tokens; increase maximum parsed argument and variable count.
- configure now detects strlcat(), used by policy-related functions.
- Reference token and record sample files added to test tree.

Obtained from:	TrustedBSD Project

1 files changed, 13 insertions, 3 deletions

diff --git a/contrib/openbsm/tools/audump.c b/contrib/openbsm/tools/audump.c
index 82515a8..c591772 100644
--- a/contrib/openbsm/tools/audump.c
+++ b/contrib/openbsm/tools/audump.c
@@ -1,5 +1,5 @@
 /*-
- * Copyright (c) 2005 Robert N. M. Watson
+ * Copyright (c) 2005-2006 Robert N. M. Watson
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -23,7 +23,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- * $P4: //depot/projects/trustedbsd/openbsm/tools/audump.c#5 $
+ * $P4: //depot/projects/trustedbsd/openbsm/tools/audump.c#6 $
  */
 
 #include <bsm/libbsm.h>
@@ -77,8 +77,9 @@ audump_class_r(void)
 static void
 audump_control(void)
 {
-	char string[PATH_MAX];
+	char string[PATH_MAX], string2[PATH_MAX];
 	int ret, val;
+	long policy;
 
 	ret = getacflg(string, PATH_MAX);
 	if (ret == -2)
@@ -116,6 +117,15 @@ audump_control(void)
 		printf("dir:%s\n", string);
 
 	} while (ret == 0);
+
+	ret = getacpol(string, PATH_MAX);
+	if (ret != 0)
+		err(-1, "getacpol");
+	if (au_strtopol(string, &policy) < 0)
+		err(-1, "au_strtopol");
+	if (au_poltostr(policy, string2, PATH_MAX) < 0)
+		err(-1, "au_poltostr");
+	printf("policy:%s\n", string2);
 }
 
 static void