1 files changed, 94 insertions, 0 deletions

diff --git a/contrib/openbsm/bin/auditd/auditd.8 b/contrib/openbsm/bin/auditd/auditd.8
new file mode 100644
index 0000000..18515da
--- /dev/null
+++ b/contrib/openbsm/bin/auditd/auditd.8
@@ -0,0 +1,94 @@
+.\" Copyright (c) 2004 Apple Computer, Inc.
+.\" All rights reserved.
+.\"
+.\" @APPLE_BSD_LICENSE_HEADER_START@
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\"
+.\" 1.  Redistributions of source code must retain the above copyright
+.\"     notice, this list of conditions and the following disclaimer.
+.\" 2.  Redistributions in binary form must reproduce the above copyright
+.\"     notice, this list of conditions and the following disclaimer in the
+.\"     documentation and/or other materials provided with the distribution.
+.\" 3.  Neither the name of Apple Computer, Inc. ("Apple") nor the names of
+.\"     its contributors may be used to endorse or promote products derived
+.\"     from this software without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND ANY
+.\" EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+.\" WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+.\" DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR ANY
+.\" DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+.\" (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+.\" ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+.\"
+.\" @APPLE_BSD_LICENSE_HEADER_END@
+.\"
+.\" $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.8#6 $
+.\"
+.Dd Jan 24, 2004
+.Dt AUDITD 8
+.Os
+.Sh NAME
+.Nm auditd
+.Nd audit log management daemon
+.Sh SYNOPSIS
+.Nm auditd
+.Op Fl dhs
+.Sh DESCRIPTION
+The
+.Nm
+daemon responds to requests from the audit(1) utility and notifications
+from the kernel.  It manages the resulting audit log files and specified
+log file locations.
+.Pp
+The options are as follows:
+.Bl -tag -width Ds
+.It Fl d
+Starts the daemon in debug mode - it will not daemonize.
+.It Fl h
+Specifies that if auditing cannot be performed as specified, the system should
+halt (panic).  Normally, the system will attempt to proceed - although individual
+processes may be stopped (see the -s option).
+.It Fl s
+Specifies that individual processes should stop rather than perform operations
+that may cause audit records to be lost due to log file full conditions
+.El
+.Sh NOTE
+.Pp
+To assure uninterrupted audit support, the
+.Nm auditd
+daemon should not be started and stopped manually.  Instead, the audit(1) command
+should be used to inform the daemon to change state/configuration after altering
+the audit_control file.
+.Pp
+.\" Sending a SIGHUP to a running
+.\" .Nm auditd
+.\" daemon will force it to exit.
+Sending a SIGTERM to a running
+.Nm auditd
+daemon will force it to exit.
+.Sh FILES
+.Bl -tag -width "/var/audit" -compact
+.It Pa /var/audit
+Default directory for storing audit log files.
+.El
+.Sh SEE ALSO
+.Xr audit 8
+.Sh AUTHORS
+This software was created by McAfee Research, the security research division
+of McAfee, Inc., under contract to Apple Computer Inc.
+Additional authors include Wayne Salamon, Robert Watson, and SPARTA Inc.
+.Pp
+The Basic Security Module (BSM) interface to audit records and audit event
+stream format were defined by Sun Microsystems.
+.Sh HISTORY
+The OpenBSM implementation was created by McAfee Research, the security
+division of McAfee Inc., under contract to Apple Computer Inc. in 2004.
+It was subsequently adopted by the TrustedBSD Project as the foundation for
+the OpenBSM distribution.