From 8e2099e1ea252237fc81e7cd907fa7a0dcf17ad8 Mon Sep 17 00:00:00 2001
From: rwatson <rwatson@FreeBSD.org>
Date: Thu, 21 Sep 2006 07:27:02 +0000
Subject: Merge OpenBSM 1.0 alpha 11 changes into src/sys/bsm and
 src/sys/security; primarily, add new event identifiers and update trigger
 names.

Obtained from:	TrustedBSD Project
---
 sys/bsm/audit.h          | 28 ++++++++++++----------------
 sys/bsm/audit_internal.h |  2 +-
 sys/bsm/audit_kevents.h  |  5 ++++-
 sys/bsm/audit_record.h   |  2 +-
 4 files changed, 18 insertions(+), 19 deletions(-)

(limited to 'sys/bsm')

diff --git a/sys/bsm/audit.h b/sys/bsm/audit.h
index 46821e8..61686ef 100644
--- a/sys/bsm/audit.h
+++ b/sys/bsm/audit.h
@@ -30,7 +30,7 @@
  *
  * @APPLE_BSD_LICENSE_HEADER_END@
  *
- * $P4: //depot/projects/trustedbsd/audit3/sys/bsm/audit.h#31 $
+ * $P4: //depot/projects/trustedbsd/audit3/sys/bsm/audit.h#34 $
  * $FreeBSD$
  */
 
@@ -59,23 +59,19 @@
  * Triggers for the audit daemon.
  */
 #define	AUDIT_TRIGGER_MIN		1
-#define	AUDIT_TRIGGER_LOW_SPACE		1
-#define	AUDIT_TRIGGER_OPEN_NEW		2
-#define	AUDIT_TRIGGER_READ_FILE		3
-#define	AUDIT_TRIGGER_CLOSE_AND_DIE	4
-#define	AUDIT_TRIGGER_NO_SPACE		5
-#define	AUDIT_TRIGGER_MAX		5
+#define	AUDIT_TRIGGER_LOW_SPACE		1	/* Below low watermark. */
+#define	AUDIT_TRIGGER_ROTATE_KERNEL	2	/* Kernel requests rotate. */
+#define	AUDIT_TRIGGER_READ_FILE		3	/* Re-read config file. */
+#define	AUDIT_TRIGGER_CLOSE_AND_DIE	4	/* Terminate audit. */
+#define	AUDIT_TRIGGER_NO_SPACE		5	/* Below min free space. */
+#define	AUDIT_TRIGGER_ROTATE_USER	6	/* User requests roate. */
+#define	AUDIT_TRIGGER_MAX		6
 
 /*
- * Special file that will be read for trigger events from the kernel
- * (FreeBSD).
- */
-#define	AUDIT_TRIGGER_FILE	"/dev/audit"
-
-/*
- * The special device filename.
+ * The special device filename (FreeBSD).
  */
 #define	AUDITDEV_FILENAME	"audit"
+#define	AUDIT_TRIGGER_FILE	("/dev/" AUDITDEV_FILENAME)
 
 /*
  * Pre-defined audit IDs
@@ -182,12 +178,12 @@
 #define	AUDIT_PERZONE	0x2000
 
 /*
- * Audit queue control parameters.
+ * Default audit queue control parameters.
  */
 #define	AQ_HIWATER	100
 #define	AQ_MAXHIGH	10000
 #define	AQ_LOWATER	10
-#define	AQ_BUFSZ	1024
+#define	AQ_BUFSZ	MAXAUDITDATA
 #define	AQ_MAXBUFSZ	1048576
 
 /*
diff --git a/sys/bsm/audit_internal.h b/sys/bsm/audit_internal.h
index 39d04c0..63e5638 100644
--- a/sys/bsm/audit_internal.h
+++ b/sys/bsm/audit_internal.h
@@ -34,7 +34,7 @@
  *
  * @APPLE_BSD_LICENSE_HEADER_END@
  *
- * $P4: //depot/projects/trustedbsd/audit3/sys/bsm/audit_internal.h#11 $
+ * $P4: //depot/projects/trustedbsd/audit3/sys/bsm/audit_internal.h#14 $
  * $FreeBSD$
  */
 
diff --git a/sys/bsm/audit_kevents.h b/sys/bsm/audit_kevents.h
index be4f102..3e60ee0 100644
--- a/sys/bsm/audit_kevents.h
+++ b/sys/bsm/audit_kevents.h
@@ -30,7 +30,7 @@
  *
  * @APPLE_BSD_LICENSE_HEADER_END@
  *
- * $P4: //depot/projects/trustedbsd/audit3/sys/bsm/audit_kevents.h#26 $
+ * $P4: //depot/projects/trustedbsd/audit3/sys/bsm/audit_kevents.h#28 $
  * $FreeBSD$
  */
 
@@ -468,6 +468,9 @@
 #define	AUE_EXTATTR_SET_LINK	43111	/* FreeBSD. */
 #define	AUE_EXTATTR_LIST_LINK	43112	/* FreeBSD. */
 #define	AUE_EXTATTR_DELETE_LINK	43113	/* FreeBSD. */
+#define	AUE_KENV		43114	/* FreeBSD. */
+#define	AUE_JAIL_ATTACH		43115	/* FreeBSD. */
+#define	AUE_SYSCTL_WRITE	43116	/* FreeBSD. */
 
 /*
  * Darwin BSM uses a number of AUE_O_* definitions, which are aliased to the
diff --git a/sys/bsm/audit_record.h b/sys/bsm/audit_record.h
index b1c975b..b10bbd7 100644
--- a/sys/bsm/audit_record.h
+++ b/sys/bsm/audit_record.h
@@ -30,7 +30,7 @@
  *
  * @APPLE_BSD_LICENSE_HEADER_END@
  *
- * $P4: //depot/projects/trustedbsd/audit3/sys/bsm/audit_record.h#19 $
+ * $P4: //depot/projects/trustedbsd/audit3/sys/bsm/audit_record.h#21 $
  * $FreeBSD$
  */
 
-- 
cgit v1.1