1Upgrade Instructions for OpenBSM 2-------------------------------- 3 4OpenBSM integrates into the FreeBSD source tree in several places: 5 6src/contrib/openbsm The OpenBSM distribution itself 7src/sys/bsm Modified versions of some bsm/ include files 8src/sys/security/audit Kernel audit framework, some OpenBSM-based files 9src/usr.sbin/*audit* Makefiles for various OpenBSM tools 10src/etc/Makefile Installation of /etc OpenBSM files 11src/lib/libbsm/* Build for OpenBSM library 12 13OpenBSM is normally built using an integrated autoconf/automake build 14system. For the purposes of tight integration with FreeBSD, we use an 15adapted BSD make (bmake) build system loosely based on the automake 16setup. We also rely on a static config.h generated when OpenBSM is 17imported, rather than re-configuring every build. This leads to a 18more reproduceable build environment, and avoids dependence on things 19not in the base tree (i.e., autoconf, automake, GNU make, etc). An 20upgrade of OpenBSM generally involves the following steps: 21 22- Vendor import of OpenBSM into src/contrib. 23- Run configure, commit src/contrib/openbsm/config/config.h. 24- Replication of src/contrib/openbsm/bsm changes into src/sys/bsm. 25- Possible updates to src/sys/security/audit, especially relating to 26 bsm_token.c. 27- Update any library, tool, or etc BSD Makefiles to add new files, 28 defines, or other generally useful or necessary things. 29 30Normally, the CVS vendor import goes along the following lines: 31 32 cd ~/p4/projects/trustedbsd/openbsm 33 cvs -d rwatson@repoman.FreeBSD.org:/home/ncvs -q import src/contrib/openbsm \ 34 TrustedBSD OPENBSM_1_0_ALPHA_1 35 36Replacing the version string as required. Use the "-n" argument to CVS to 37do a test run. 38 39Propagation of changes to src/sys/{bsm,security/audit} is something that 40requires careful coordination and attention to detail. These files are 41not on CVS vendor branches, but do have the same local vs. vendor merge 42issues. 43 44$FreeBSD$ 45