| /freebsd/contrib/openbsm/ |
| H A D | README | 11 praudit(8) for reducing and printing audit trails, as well as the libbsm(3)
12 library to manage configuration files, generate audit records, and parse and
13 print audit trails. It also includes the auditd(8) audit configuration
14 daemon, and the auditdistd(8) audit-trail distribution daemon.
16 Coupled with a kernel audit implementation, OpenBSM can be used to maintain
17 system audit streams, and is a foundation for a full audit-enabled system.
19 reusable in a kernel audit implementation, and may be found in the FreeBSD
30 libauditd/ Common audit management functions for auditd and launchd
40 audit Command line audit control tool
45 audump Debugging tool to parse and print audit databases
[all …]
|
| H A D | NEWS | 6 query it, allowing to set the kernel's maximum audit queue length.
7 - Add support to push a mapping between audit event names and event numbers
10 - Add audit event identifiers for a number of new (and not-so-new) FreeBSD
23 - Add audit event definitions for Capsicum-related syscalls, as well as
37 - auditdistd, a distributed audit trail management daemon, has now been
39 audited hosts to an audit server, and employs TLS encryption. Where
47 - Add Capsicum, process descriptor audit events for FreeBSD.
54 - Fix a directory descriptor leak that happened when audit trail partitions
82 the audit directory is more than 10 megabytes ('10M').
89 the audit ID as the argument.
[all …]
|
| H A D | FREEBSD-upgrade | 8 src/sys/security/audit Kernel audit framework, some OpenBSM-based files
9 src/usr.sbin/*audit* Makefiles for various OpenBSM tools
25 - Possible updates to src/sys/security/audit, especially relating to
33 contrib/openbsm/bsm audit.h audit_internal.h audit_kevents.h
47 Propagation of changes to src/sys/{bsm,security/audit} is something that
|
| H A D | configure.ac | 5 AC_INIT([OpenBSM], [1.2-alpha5], [trustedbsd-audit@TrustedBSD.org],[openbsm])
122 # Systems may not define key audit system calls, in which case libbsm cannot
134 AC_DEFINE(HAVE_AUDIT_SYSCALLS,, Define if audit system calls present)
234 # instead of the default for sending trigger messages to the audit components.
245 bin/audit/Makefile
|
| H A D | TODO | 8 - The audit.log.5 man page is incomplete, as it does not describe all
11 on systems that don't have the necessary audit system calls; that would
|
| H A D | INSTALL | 5 and Linux. Some components are built only if appropriate kernel audit
12 encryption of on-the-wire audit streams using auditdistd; the following
|
| /freebsd/contrib/openbsm/bin/audit/ |
| H A D | Makefile.am | 7 sbin_PROGRAMS = audit program
9 man8_MANS = audit.8
12 audit_SOURCES = auditd_controlUser.c audit.c
18 audit_SOURCES = audit.c
|
| H A D | Makefile.in | 91 sbin_PROGRAMS = audit$(EXEEXT)
92 subdir = bin/audit
107 am__audit_SOURCES_DIST = audit.c auditd_controlUser.c
108 @USE_MACH_IPC_FALSE@am_audit_OBJECTS = audit.$(OBJEXT)
110 @USE_MACH_IPC_TRUE@ audit.$(OBJEXT)
334 man8_MANS = audit.8
335 @USE_MACH_IPC_FALSE@audit_SOURCES = audit.c
336 @USE_MACH_IPC_TRUE@audit_SOURCES = auditd_controlUser.c audit.c
353 $(AUTOMAKE) --foreign bin/audit/Makefile
421 audit$(EXEEXT): $(audit_OBJECTS) $(audit_DEPENDENCIES) $(EXTRA_audit_DEPENDENCIES)
[all …]
|
| /freebsd/usr.sbin/audit/ |
| H A D | Makefile | 5 .PATH: ${OPENBSMDIR}/bin/audit
9 PACKAGE=audit
10 PROG= audit
11 MAN= audit.8
|
| /freebsd/contrib/openbsm/man/ |
| H A D | Makefile.am | 2 audit.2 \
11 audit.log.5 \
|
| /freebsd/etc/mtree/ |
| H A D | BSD.var.dist | 18 /set gname=audit
19 audit
20 dist uname=auditdistd gname=audit mode=0770
|
| /freebsd/secure/usr.sbin/sshd/ |
| H A D | Makefile | 8 audit.c audit-bsm.c audit-linux.c platform.c \
|
| /freebsd/sys/tools/syscalls/scripts/ |
| H A D | init_sysent.lua | 99 v:symbol(), v.audit, v.cap, v.thr))
105 v:symbol(), v.audit, v.cap, v.thr))
135 flag, v.args_size, v.name, v.audit, v.cap, v.thr))
|
| H A D | sysproto_h.lua | 149 config.syscallprefix, v:symbol(), v.audit),
190 v.name, v.audit), audit_idx)
|
| /freebsd/contrib/openbsm/etc/ |
| H A D | audit_event | 5 # kernel audit events.
202 211:AUE_AUDIT:audit(2):ot
211 220:AUE_AUDITSYS:audit system calls place holder:no
216 225:AUE_AUDITON_GETSTAT:auditon(2) - get audit statistics:ad
217 226:AUE_AUDITON_SETSTAT:auditon(2) - reset audit statistics:ad
220 229:AUE_AUDITON_GETCOND:auditon(2) - get audit state:ad
221 230:AUE_AUDITON_SETCOND:auditon(2) - set audit state:ad
677 6171:AUE_DARWIN_audit_startup:audit startup:ad
678 6172:AUE_DARWIN_audit_shutdown:audit shutdown:ad
700 45000:AUE_audit_startup:audit startu
[all...] |
| H A D | audit_control | 1 dir:/var/audit
|
| /freebsd/lib/libpam/modules/pam_login_access/ |
| H A D | pam_login_access.h | 43 bool audit; member
|
| /freebsd/tools/build/options/ |
| H A D | WITHOUT_AUDIT | 1 Do not build audit support into system programs.
|
| /freebsd/contrib/openbsm/bin/ |
| H A D | Makefile.am | 9 audit \ subdir
|
| /freebsd/contrib/openbsm/sys/bsm/ |
| H A D | Makefile.am | 5 audit.h \
|
| /freebsd/libexec/rc/rc.d/ |
| H A D | auditd | 28 /usr/sbin/audit -t
|
| /freebsd/sys/modules/dtrace/dtaudit/ |
| H A D | Makefile | 3 .PATH: ${SYSDIR}/security/audit
|
| /freebsd/lib/libbsm/ |
| H A D | Makefile | 62 MAN+= audit.2 \
|
| /freebsd/etc/ |
| H A D | group | 30 audit:*:77:
|
| /freebsd/tools/regression/priv/ |
| H A D | priv_audit_submit.c | 67 error = audit(record, sizeof(record)); in priv_audit_submit()
|