Copy stable/9 to releng/9.3 as part of the 9.3-RELEASE cycle.

Approved by: re (implicit)
Sponsored by: The FreeBSD Foundation

Merge OpenBSM 1.2-alpha3 from head to stable/9, upgrading from the previous
OpenBSM 1.1p2:

OpenBSM 1.2 alpha 3

- Various minor tweaks to the auditdistd build to make it fit the FreeBSD
build environment better.
- AUE_WAIT6 merged from FreeBSD 9.

OpenBSM 1.2 alpha 2

- auditdistd, a distributed audit trail management daemon, has now been
merged. This allows trail files to be securely and reliably synced from
audited hosts to an audit server, and employs TLS encryption. Where
available, it uses Capsicum to sandbox the service. This work was
contributed by Pawel Jakub Dawidek under sponsorship from the FreeBSD
Foundation.

OpenBSM 1.2 alpha 1

- Add Capsicum-related error numbers for FreeBSD: ENOTCAPABLE, ECAPMODE.
- Add Capsicum, process descriptor audit events for FreeBSD.
- Allow 0% minspace.
- Fixes from the clang static analyser.
- Fix expiration of trail files when the host parameter is used.
- Various typo fixes.
- Support for Solaris privilege and privilege set tokens.
- Documentation for getachost(), improvements for getacfilesz().
- Fix a directory descriptor leak that happened when audit trail partitions
filled.
- Support for more Linux distributions with a partial contemporary endian.h.
- Improved escaping of XML-encapsulated BSM.
- A variety of minor documentation, style, and functional.

A separate commit will merge build changes to enable auditdistd, etc.

Obtained from: TrustedBSD Project
Sponsored by: The FreeBSD Foundation (auditdistd)

Copy head to stable/9 as part of 9.0-RELEASE release cycle.

Approved by: re (implicit)

Merge OpenBSM 1.1 from OpenBSM vendor branch to head.

OpenBSM history for imported revision below for reference.

MFC after: 2 weeks
Sponsored by: Apple, Inc.
Obtained from: TrustedBSD Project

OpenBSM 1.1

- Change auditon(2) parameters and data structures to be 32/64-bit architecture
independent. Add more information to man page about auditon(2) parameters.
- Add wrapper functions for auditon(2) to use legacy commands when the new
commands are not supported.
- Add default for 'expire-after' in audit_control to expire trail files when
the audit directory is more than 10 megabytes ('10M').
- Interface to convert between local and BSM fcntl(2) command values has been
added: au_bsm_to_fcntl_cmd(3) and au_fcntl_cmd_to_bsm(3), along with
definitions of constants in audit_fcntl.h.
- A bug, introduced in OpenBSM 1.1 alpha 4, in which AUT_RETURN32 tokens
generated by audit_submit(3) were improperly encoded has been fixed.
- Fix example in audit_submit(3) man page. Also, make it clear that we want
the audit ID as the argument.
- A new audit event class 'aa', for post-login authentication and
authorization events, has been added.

This commit was generated by cvs2svn to compensate for changes in r173143,
which included commits to RCS files with non-trunk default branches.

Vendor import TrustedBSD OpenBSM 1.0, with the following change history
since the last import:

OpenBSM 1.0

- Fix bug in auditreduce(8) which resulted in a memory fault/crash when
the user specified an event name with -m.
- Remove AU_.* hard-coded audit class constants, as udit classes are now
entirely dynamically configured using /etc/security/audit_class.

MFC after: 3 days
Obtained from: TrustedBSD Project

Vendor import of OpenBSM 1.0 alpha 7, with the following change history
notes:

- Adopted Solaris-compatible format for subject32_ex and subject64_ex
tokens, which previously did not correctly implement variable length
address storage.
- Prefer inttypes.h to stdint.h; enhance queue.h detection to test for
TAILQ_FOREACH_SAFE(), which is present in recent BSD queue.h's, but not
older ones. OpenBSM now builds on some FreeBSD 4.x version.
- New event types for extended attributes, ACLs, and scheduling.

Obtained from: TrustedBSD Project

Vendor branch import of TrustedBSD OpenBSM 1.0 alpha 5:

- Update install notes to indicate /etc files are to be installed manually.
- On systems without LOG_SECURITY, use LOG_AUTH.
- Convert to autoconf/automake in order to move to a more portable (not
BSD-specific) build infrastructure, and more easy conditional building of
components. Currently, the primary feature loss is that automake does
not have native support for manual symlinks. This will be addressed in a
future OpenBSM release.
- Add compat/queue.h, to be used on systems dated BSD queue macro libraries
(as found on Linux).
- Rename CHANGELOG to HISTORY, as our change log doesn't follow some of the
existing conventions for a CHANGELOG.
- Some private data structures moved from audit.h to audit_internal.h to
prevent inappropriate use by applications and name space pollution.
- Improved detection and use of endian macros using autoconf.
- Avoid non-portable use of struct in6_addr, which is largely opaque.
- Avoid leaking BSD kernel socket related token code to user space in
bsm_token.c.
- Teach System V IPC calls to look for Linux naming variations for certain
struct ipc_perm fields.
- Test for audit system calls, and if not present, don't build
bsm_wrappers.c, bsm_notify.c, audit(8), and auditd(8), which rely on
those system calls.
- au_close() is not implemented on systems that don't have audit system
calls, but au_close_buffer() is.
- Work around missing BSDisms in bsm_wrapper.c.
- Fix nested includes so including libbsm.h in an application on Linux
picks up the necessary definitions.

Obtained from: TrustedBSD Project