#
191273 |
|
19-Apr-2009 |
rwatson |
Merge OpenBSM 1.1 from OpenBSM vendor branch to head.
OpenBSM history for imported revision below for reference.
MFC after: 2 weeks Sponsored by: Apple, Inc. Obtained from: TrustedBSD Project
OpenBSM 1.1
- Change auditon(2) parameters and data structures to be 32/64-bit architecture independent. Add more information to man page about auditon(2) parameters. - Add wrapper functions for auditon(2) to use legacy commands when the new commands are not supported. - Add default for 'expire-after' in audit_control to expire trail files when the audit directory is more than 10 megabytes ('10M'). - Interface to convert between local and BSM fcntl(2) command values has been added: au_bsm_to_fcntl_cmd(3) and au_fcntl_cmd_to_bsm(3), along with definitions of constants in audit_fcntl.h. - A bug, introduced in OpenBSM 1.1 alpha 4, in which AUT_RETURN32 tokens generated by audit_submit(3) were improperly encoded has been fixed. - Fix example in audit_submit(3) man page. Also, make it clear that we want the audit ID as the argument. - A new audit event class 'aa', for post-login authentication and authorization events, has been added.
|
#
155290 |
|
04-Feb-2006 |
rwatson |
Import OpenBSM 1.0 alpha 2, a minor update on alpha 1:
- Man page formatting improvements. - A number of new audit event identifiers for FreeBSD, Linux, and POSIX.1b events. - Remove 'tfm' class, unused in OpenBSM.
Obtained from: TrustedBSD Project
|
#
155131 |
|
31-Jan-2006 |
rwatson |
Initial vendor import of the TrustedBSD OpenBSM distribution, version 1.0 alpha 1, an implementation of the documented Sun Basic Security Module (BSM) Audit API and file format, as well as local extensions to support the Mac OS X and FreeBSD operating systems. Also included are command line tools for audit trail reduction and conversion to text, as well as documentation of the commands, file format, and APIs. This distribution is the foundation for the TrustedBSD Audit implementation, and is a pre-release.
This is the first in a series of commits to introduce support for Common Criteria CAPP security event audit support.
This software has been made possible through the generous contributions of Apple Computer, Inc., SPARTA, Inc., as well as members of the TrustedBSD Project, including Wayne Salamon <wsalamon> and Tom Rhodes <trhodes>. The original OpenBSM implementation was created by McAfee Research under contract to Apple Computer, Inc., as part of their CC CAPP security evaluation.
Many thanks to: wsalamon, trhodes Obtained from: TrustedBSD Project
|