head	1.5;
access;
symbols
	RELENG_8_4:1.5.0.2
	RELENG_9_1_0_RELEASE:1.3
	RELENG_9_1:1.3.0.16
	RELENG_9_1_BP:1.3
	RELENG_8_3_0_RELEASE:1.3
	RELENG_8_3:1.3.0.14
	RELENG_8_3_BP:1.3
	RELENG_9_0_0_RELEASE:1.3
	RELENG_9_0:1.3.0.12
	RELENG_9_0_BP:1.3
	RELENG_9:1.3.0.10
	RELENG_9_BP:1.3
	RELENG_8_2_0_RELEASE:1.3
	RELENG_8_2:1.3.0.8
	RELENG_8_2_BP:1.3
	RELENG_8_1_0_RELEASE:1.3
	RELENG_8_1:1.3.0.6
	RELENG_8_1_BP:1.3
	RELENG_8_0_0_RELEASE:1.3
	RELENG_8_0:1.3.0.4
	RELENG_8_0_BP:1.3
	RELENG_8:1.3.0.2
	RELENG_8_BP:1.3;
locks; strict;
comment	@# @;


1.5
date	2012.12.15.15.01.24;	author svnexp;	state Exp;
branches
	1.5.2.1;
next	1.4;

1.4
date	2012.12.01.12.01.17;	author svnexp;	state Exp;
branches;
next	1.3;

1.3
date	2009.04.19.16.17.13;	author rwatson;	state Exp;
branches
	1.3.10.1;
next	1.2;

1.2
date	2009.01.14.10.44.16;	author rwatson;	state Exp;
branches;
next	1.1;

1.1
date	2008.12.02.23.26.43;	author rwatson;	state Exp;
branches;
next	;

1.5.2.1
date	2012.12.15.15.01.24;	author svnexp;	state dead;
branches;
next	1.5.2.2;

1.5.2.2
date	2013.03.28.13.01.52;	author svnexp;	state Exp;
branches;
next	;

1.3.10.1
date	2012.12.18.09.35.26;	author svnexp;	state Exp;
branches;
next	;


desc
@@


1.5
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/244265
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@OpenBSM Build and Installation Instructions

OpenBSM is currently built using autoconf and automake, which should allow
for building on a range of operating systems, including FreeBSD, Mac OS X,
and Linux.  Some components are built only if appropriate kernel audit
suppport is found.  Typical builds will be performed using:

    ./configure
    make

If doing development work on OpenBSM with gcc, the following invocation of
configure is preferred in order to generate full compiler warnings and force
the compile to fail if a warning is found:

    CFLAGS="-Wall -Werror" ./configure

On Linux systems, OpenSSL headers may have to be installed to support
encryption of on-the-wire audit streams using auditdistd; the following
appears to work on Ubuntu:

    sudo apt-get install libssl-dev

To install the library, binaries, and man pages, use:

    make install

The OpenBSM install will not install files in /etc; these have to be
manually installed or merged.  Currently, the locations of these files are
not configurable.

You may wish to specify that the OpenBSM components not be installed in the
base system, rather in a specific directory.  This may be done using the
--prefix argument to configure.  If installing to a specific directory,
remember to update your library path so that running tools from that
directory the correct libbsm is used:

    ./configure --prefix=/home/rwatson/openbsm
    make
    make install
    LD_LIBRARY_PATH=/home/rwatson/openbsm/libbsm ; export LD_LIBRARY_PATH
@


1.5.2.1
log
@file INSTALL was added on branch RELENG_8_4 on 2013-03-28 13:01:52 +0000
@
text
@d1 40
@


1.5.2.2
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/248810
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a0 34
OpenBSM Build and Installation Instructions

OpenBSM is currently built using autoconf and automake, which should allow
for building on a range of operating systems, including FreeBSD, Mac OS X,
and Linux.  Some components are built only if appropriate kernel audit
suppport is found.  Typical builds will be performed using:

    ./configure
    make

If doing development work on OpenBSM with gcc, the following invocation of
configure may be preferred in order to generate full compiler warnings and
force the compile to fail if a warning is found:

    CFLAGS="-Wall -Werror" ./configure

To install the library, binaries, and man pages, use:

    make install

The OpenBSM install will not install files in /etc; these have to be
manually installed or merged.  Currently, the locations of these files are
not configurable.

You may wish to specify that the OpenBSM components not be installed in the
base system, rather in a specific directory.  This may be done using the
--prefix argument to configure.  If installing to a specific directory,
remember to update your library path so that running tools from that
directory the correct libbsm is used:

    ./configure --prefix=/home/rwatson/openbsm
    make
    make install
    LD_LIBRARY_PATH=/home/rwatson/openbsm/libbsm ; export LD_LIBRARY_PATH
@


1.4
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/243750
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@d12 2
a13 2
configure may be preferred in order to generate full compiler warnings and
force the compile to fail if a warning is found:
@


1.3
log
@SVN rev 191273 on 2009-04-19 16:17:13Z by rwatson

Merge OpenBSM 1.1 from OpenBSM vendor branch to head.

OpenBSM history for imported revision below for reference.

MFC after:      2 weeks
Sponsored by:   Apple, Inc.
Obtained from:  TrustedBSD Project

OpenBSM 1.1

- Change auditon(2) parameters and data structures to be 32/64-bit architecture
  independent.  Add more information to man page about auditon(2) parameters.
- Add wrapper functions for auditon(2) to use legacy commands when the new
  commands are not supported.
- Add default for 'expire-after' in audit_control to expire trail files when
  the audit directory is more than 10 megabytes ('10M').
- Interface to convert between local and BSM fcntl(2) command values has been
  added:  au_bsm_to_fcntl_cmd(3) and au_fcntl_cmd_to_bsm(3), along with
  definitions of constants in audit_fcntl.h.
- A bug, introduced in OpenBSM 1.1 alpha 4, in which AUT_RETURN32 tokens
  generated by audit_submit(3) were improperly encoded has been fixed.
- Fix example in audit_submit(3) man page.  Also, make it clear that we want
  the audit ID as the argument.
- A new audit event class 'aa', for post-login authentication and
  authorization events, has been added.
@
text
@d17 6
@


1.3.10.1
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/244390
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ## r244390 | rwatson | 2012-12-18 09:32:44 +0000 (Tue, 18 Dec 2012) | 39 lines
## SVN ##
## SVN ## Merge OpenBSM 1.2-alpha3 from head to stable/9, upgrading from the previous
## SVN ## OpenBSM 1.1p2:
## SVN ##
## SVN ## OpenBSM 1.2 alpha 3
## SVN ##
## SVN ## - Various minor tweaks to the auditdistd build to make it fit the FreeBSD
## SVN ##   build environment better.
## SVN ## - AUE_WAIT6 merged from FreeBSD 9.
## SVN ##
## SVN ## OpenBSM 1.2 alpha 2
## SVN ##
## SVN ## - auditdistd, a distributed audit trail management daemon, has now been
## SVN ##   merged.  This allows trail files to be securely and reliably synced from
## SVN ##   audited hosts to an audit server, and employs TLS encryption.  Where
## SVN ##   available, it uses Capsicum to sandbox the service.  This work was
## SVN ##   contributed by Pawel Jakub Dawidek under sponsorship from the FreeBSD
## SVN ##   Foundation.
## SVN ##
## SVN ## OpenBSM 1.2 alpha 1
## SVN ##
## SVN ## - Add Capsicum-related error numbers for FreeBSD: ENOTCAPABLE, ECAPMODE.
## SVN ## - Add Capsicum, process descriptor audit events for FreeBSD.
## SVN ## - Allow 0% minspace.
## SVN ## - Fixes from the clang static analyser.
## SVN ## - Fix expiration of trail files when the host parameter is used.
## SVN ## - Various typo fixes.
## SVN ## - Support for Solaris privilege and privilege set tokens.
## SVN ## - Documentation for getachost(), improvements for getacfilesz().
## SVN ## - Fix a directory descriptor leak that happened when audit trail partitions
## SVN ##   filled.
## SVN ## - Support for more Linux distributions with a partial contemporary endian.h.
## SVN ## - Improved escaping of XML-encapsulated BSM.
## SVN ## - A variety of minor documentation, style, and functional.
## SVN ##
## SVN ## A separate commit will merge build changes to enable auditdistd, etc.
## SVN ##
## SVN ## Obtained from:	TrustedBSD Project
## SVN ## Sponsored by:	The FreeBSD Foundation (auditdistd)
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ##
@
text
@d12 2
a13 2
configure is preferred in order to generate full compiler warnings and force
the compile to fail if a warning is found:
a16 6
On Linux systems, OpenSSL headers may have to be installed to support
encryption of on-the-wire audit streams using auditdistd; the following
appears to work on Ubuntu:

    sudo apt-get install libssl-dev

@


1.2
log
@SVN rev 187214 on 2009-01-14 10:44:16Z by rwatson

Merge OpenBSM alpha 5 from OpenBSM vendor branch to head, both
contrib/openbsm (svn merge) and src/sys/{bsm,security/audit} (manual
merge).  Hook up bsm_domain.c and bsm_socket_type.c to the libbsm
build along with man pages, add audit_bsm_domain.c and
audit_bsm_socket_type.c to the kernel environment.

OpenBSM history for imported revisions below for reference.

MFC after:      1 month
Sponsored by:   Apple Inc.
Obtained from:  TrustedBSD Project

OpenBSM 1.1 alpha 5

- Stub libauditd(3) man page added.
- All BSM error number constants with BSM_ERRNO_.
- Interfaces to convert between local and BSM socket types and protocol
  families have been added: au_bsm_to_domain(3), au_bsm_to_socket_type(3),
  au_domain_to_bsm(3), and au_socket_type_to_bsm(3), along with definitions
  of constants in audit_domain.h and audit_socket_type.h.  This improves
  interoperability by converting local constant spaces, which vary by OS, to
  and from Solaris constants (where available) or OpenBSM constants for
  protocol domains not present in Solaris (a fair number).  These routines
  should be used when generating and interpreting extended socket tokens.
- Fix build warnings with full gcc warnings enabled on most supported
  platforms.
- Don't compile error strings into bsm_errno.c when building it in the kernel
  environment.
- When started by launchd, use the label com.apple.auditd rather than
  org.trustedbsd.auditd.
@
text
@d5 2
a6 3
and Linux.  Depending on the availability of audit facilities in the
underlying operating system, some components that depend on kernel audit
support are built conditionally.  Typically, build will be performed using:
d17 1
a17 1
To install, use:
d21 4
a34 4

You will need to manually propagate openbsm/etc/* into /etc/security on your
system; this is not done automatically so as to avoid disrupting the current
configuration.  Currently, the locations of these files is not configurable.
@


1.1
log
@SVN rev 185573 on 2008-12-02 23:26:43Z by rwatson

Merge OpenBSM 1.1 alpha 2 from the OpenBSM vendor branch to head, both
contrib/openbsm (svn merge) and sys/{bsm,security/audit} (manual merge).

- Add OpenBSM contrib tree to include paths for audit(8) and auditd(8).
- Merge support for new tokens, fixes to existing token generation to
  audit_bsm_token.c.
- Synchronize bsm includes and definitions.

OpenBSM history for imported revisions below for reference.

MFC after:      1 month
Sponsored by:   Apple Inc.
Obtained from:  TrustedBSD Project

--

OpenBSM 1.1 alpha 2

- Include files in OpenBSM are now broken out into two parts: library builds
  required solely for user space, and system includes, which may also be
  required for use in the kernels of systems integrating OpenBSM.  Submitted
  by Stacey Son.
- Configure option --with-native-includes allows forcing the use of native
  include for system includes, rather than the versions bundled with OpenBSM.
  This is intended specifically for platforms that ship OpenBSM, have adapted
  versions of the system includes in a kernel source tree, and will use the
  OpenBSM build infrastructure with an unmodified OpenBSM distribution,
  allowing the customized system includes to be used with the OpenBSM build.
  Submitted by Stacey Son.
- Various strcpy()'s/strcat()'s have been changed to strlcpy()'s/strlcat()'s
  or asprintf().  Added compat/strlcpy.h for Linux.
- Remove compatibility defines for old Darwin token constant names; now only
  BSM token names are provided and used.
- Add support for extended header tokens, which contain space for information
  on the host generating the record.
- Add support for setting extended host information in the kernel, which is
  used for setting host information in extended header tokens.  The
  audit_control file now supports a "host" parameter which can be used by
  auditd to set the information; if not present, the kernel parameters won't
  be set and auditd uses unextended headers for records that it generates.

OpenBSM 1.1 alpha 1

- Add option to auditreduce(1) which allows users to invert sense of
  matching, such that BSM records that do not match, are selected.
- Fix bug in audit_write() where we commit an incomplete record in the
  event there is an error writing the subject token.  This was submitted
  by Diego Giagio.
- Build support for Mac OS X 10.5.1 submitted by Eric Hall.
- Fix a bug which resulted in host XML attributes not being arguments so
  that const strings can be passed as arguments to tokens.  This patch was
  submitted by Xin LI.
- Modify the -m option so users can select more then one audit event.
- For Mac OS X, added Mach IPC support for audit trigger messages.
- Fixed a bug in getacna() which resulted in a locking problem on Mac OS X.
- Added LOG_PERROR flag to openlog when -d option is used with auditd.
- AUE events added for Mac OS X Leopard system calls.
@
text
@d12 6
@

