Searched hist:5 (Results 501 - 525 of 9460) sorted by relevance
/freebsd-10.0-release/sys/security/audit/ | ||
H A D | bsm_socket_type.c | 187214 Wed Jan 14 08:48:08 MST 2009 rwatson Merge OpenBSM alpha 5 from OpenBSM vendor branch to head, both contrib/openbsm (svn merge) and src/sys/{bsm,security/audit} (manual merge). Hook up bsm_domain.c and bsm_socket_type.c to the libbsm build along with man pages, add audit_bsm_domain.c and audit_bsm_socket_type.c to the kernel environment. OpenBSM history for imported revisions below for reference. MFC after: 1 month Sponsored by: Apple Inc. Obtained from: TrustedBSD Project OpenBSM 1.1 alpha 5 - Stub libauditd(3) man page added. - All BSM error number constants with BSM_ERRNO_. - Interfaces to convert between local and BSM socket types and protocol families have been added: au_bsm_to_domain(3), au_bsm_to_socket_type(3), au_domain_to_bsm(3), and au_socket_type_to_bsm(3), along with definitions of constants in audit_domain.h and audit_socket_type.h. This improves interoperability by converting local constant spaces, which vary by OS, to and from Solaris constants (where available) or OpenBSM constants for protocol domains not present in Solaris (a fair number). These routines should be used when generating and interpreting extended socket tokens. - Fix build warnings with full gcc warnings enabled on most supported platforms. - Don't compile error strings into bsm_errno.c when building it in the kernel environment. - When started by launchd, use the label com.apple.auditd rather than org.trustedbsd.auditd. 187214 Wed Jan 14 08:48:08 MST 2009 rwatson Merge OpenBSM alpha 5 from OpenBSM vendor branch to head, both contrib/openbsm (svn merge) and src/sys/{bsm,security/audit} (manual merge). Hook up bsm_domain.c and bsm_socket_type.c to the libbsm build along with man pages, add audit_bsm_domain.c and audit_bsm_socket_type.c to the kernel environment. OpenBSM history for imported revisions below for reference. MFC after: 1 month Sponsored by: Apple Inc. Obtained from: TrustedBSD Project OpenBSM 1.1 alpha 5 - Stub libauditd(3) man page added. - All BSM error number constants with BSM_ERRNO_. - Interfaces to convert between local and BSM socket types and protocol families have been added: au_bsm_to_domain(3), au_bsm_to_socket_type(3), au_domain_to_bsm(3), and au_socket_type_to_bsm(3), along with definitions of constants in audit_domain.h and audit_socket_type.h. This improves interoperability by converting local constant spaces, which vary by OS, to and from Solaris constants (where available) or OpenBSM constants for protocol domains not present in Solaris (a fair number). These routines should be used when generating and interpreting extended socket tokens. - Fix build warnings with full gcc warnings enabled on most supported platforms. - Don't compile error strings into bsm_errno.c when building it in the kernel environment. - When started by launchd, use the label com.apple.auditd rather than org.trustedbsd.auditd. |
/freebsd-10.0-release/tools/regression/usr.bin/sed/regress.multitest.out/ | ||
H A D | 5.3 | diff 168257 Mon Apr 02 05:50:10 MDT 2007 yar Today SUN and GNU seds fully agree on test 5.3 and behave in a more reasonable way than BSD sed does: they properly close the range even if we branched over its end. No doubt, the range `1,5' should not match lines from 9 through 14. 167550 Wed Mar 14 10:46:22 MDT 2007 dds Reference results for sed.test (to be renamed into multitest.t). I have verified these with GNU sed 4.1.5 (and in some cases with Solaris sed) and they are identical, with the following exceptions: 5.3: The result is unspecified and BSD sed behaves differently. 6.3: GNU sed gets it wrong 7.1: GNU sed gets it wrong 7.8: BSD sed gets it wrong |
/freebsd-10.0-release/usr.bin/grep/nls/ | ||
H A D | Makefile.inc | diff 210426 Fri Jul 23 15:47:19 MDT 2010 gabor - Add Russian catalog [1] - Fix two minor nits in manpage [2] - style.Makefile(5) Submitted by: pluknet <pluknet at gmail.com> [1], Alex Kozlov <spam@rm-rf.kiev.ua> [2] Reviewed by: delphij 210389 Thu Jul 22 17:24:22 MDT 2010 gabor Add BSD grep to the base system and make it our default grep. Deliverables: Small and clean code (1,4 KSLOC vs GNU's 8,5 KSLOC), lower memory usage than GNU grep, GNU compatibility, BSD license. TODO: Performance is somewhat behind GNU grep but it is only significant for bigger searches. The reason is complex, the most important factor is that GNU grep uses lots of optimizations to improve the speed of the regex library. First, we need a modern regex library (practically by adopting TRE), add support for GNU-style non-standard regexes and then reevalute the performance issues and look for bottlenecks. In the meantime, for those, who need better performance, it is possible to build GNU grep by setting WITH_GNU_GREP. Approved by: delphij (mentor) Obtained from: OpenBSD (http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/grep/), freegrep (http://github.com/howardjp/freegrep) Sponsored by: Google SoC 2008 Portbuild tests run by: kris, pav, erwin Acknowledgements to: fjoe (as SoC 2008 mentor), everyone who helped in reviewing and testing |
/freebsd-10.0-release/usr.sbin/faithd/ | ||
H A D | faithd.h | diff 78064 Mon Jun 11 10:39:29 MDT 2001 ume Sync with recent KAME. This work was based on kame-20010528-freebsd43-snap.tgz and some critical problem after the snap was out were fixed. There are many many changes since last KAME merge. TODO: - The definitions of SADB_* in sys/net/pfkeyv2.h are still different from RFC2407/IANA assignment because of binary compatibility issue. It should be fixed under 5-CURRENT. - ip6po_m member of struct ip6_pktopts is no longer used. But, it is still there because of binary compatibility issue. It should be removed under 5-CURRENT. Reviewed by: itojun Obtained from: KAME MFC after: 3 weeks diff 78064 Mon Jun 11 10:39:29 MDT 2001 ume Sync with recent KAME. This work was based on kame-20010528-freebsd43-snap.tgz and some critical problem after the snap was out were fixed. There are many many changes since last KAME merge. TODO: - The definitions of SADB_* in sys/net/pfkeyv2.h are still different from RFC2407/IANA assignment because of binary compatibility issue. It should be fixed under 5-CURRENT. - ip6po_m member of struct ip6_pktopts is no longer used. But, it is still there because of binary compatibility issue. It should be removed under 5-CURRENT. Reviewed by: itojun Obtained from: KAME MFC after: 3 weeks |
H A D | prefix.c | 78064 Mon Jun 11 10:39:29 MDT 2001 ume Sync with recent KAME. This work was based on kame-20010528-freebsd43-snap.tgz and some critical problem after the snap was out were fixed. There are many many changes since last KAME merge. TODO: - The definitions of SADB_* in sys/net/pfkeyv2.h are still different from RFC2407/IANA assignment because of binary compatibility issue. It should be fixed under 5-CURRENT. - ip6po_m member of struct ip6_pktopts is no longer used. But, it is still there because of binary compatibility issue. It should be removed under 5-CURRENT. Reviewed by: itojun Obtained from: KAME MFC after: 3 weeks 78064 Mon Jun 11 10:39:29 MDT 2001 ume Sync with recent KAME. This work was based on kame-20010528-freebsd43-snap.tgz and some critical problem after the snap was out were fixed. There are many many changes since last KAME merge. TODO: - The definitions of SADB_* in sys/net/pfkeyv2.h are still different from RFC2407/IANA assignment because of binary compatibility issue. It should be fixed under 5-CURRENT. - ip6po_m member of struct ip6_pktopts is no longer used. But, it is still there because of binary compatibility issue. It should be removed under 5-CURRENT. Reviewed by: itojun Obtained from: KAME MFC after: 3 weeks |
/freebsd-10.0-release/usr.sbin/mld6query/ | ||
H A D | mld6.c | diff 78064 Mon Jun 11 10:39:29 MDT 2001 ume Sync with recent KAME. This work was based on kame-20010528-freebsd43-snap.tgz and some critical problem after the snap was out were fixed. There are many many changes since last KAME merge. TODO: - The definitions of SADB_* in sys/net/pfkeyv2.h are still different from RFC2407/IANA assignment because of binary compatibility issue. It should be fixed under 5-CURRENT. - ip6po_m member of struct ip6_pktopts is no longer used. But, it is still there because of binary compatibility issue. It should be removed under 5-CURRENT. Reviewed by: itojun Obtained from: KAME MFC after: 3 weeks diff 78064 Mon Jun 11 10:39:29 MDT 2001 ume Sync with recent KAME. This work was based on kame-20010528-freebsd43-snap.tgz and some critical problem after the snap was out were fixed. There are many many changes since last KAME merge. TODO: - The definitions of SADB_* in sys/net/pfkeyv2.h are still different from RFC2407/IANA assignment because of binary compatibility issue. It should be fixed under 5-CURRENT. - ip6po_m member of struct ip6_pktopts is no longer used. But, it is still there because of binary compatibility issue. It should be removed under 5-CURRENT. Reviewed by: itojun Obtained from: KAME MFC after: 3 weeks |
H A D | mld6query.8 | diff 78064 Mon Jun 11 10:39:29 MDT 2001 ume Sync with recent KAME. This work was based on kame-20010528-freebsd43-snap.tgz and some critical problem after the snap was out were fixed. There are many many changes since last KAME merge. TODO: - The definitions of SADB_* in sys/net/pfkeyv2.h are still different from RFC2407/IANA assignment because of binary compatibility issue. It should be fixed under 5-CURRENT. - ip6po_m member of struct ip6_pktopts is no longer used. But, it is still there because of binary compatibility issue. It should be removed under 5-CURRENT. Reviewed by: itojun Obtained from: KAME MFC after: 3 weeks diff 78064 Mon Jun 11 10:39:29 MDT 2001 ume Sync with recent KAME. This work was based on kame-20010528-freebsd43-snap.tgz and some critical problem after the snap was out were fixed. There are many many changes since last KAME merge. TODO: - The definitions of SADB_* in sys/net/pfkeyv2.h are still different from RFC2407/IANA assignment because of binary compatibility issue. It should be fixed under 5-CURRENT. - ip6po_m member of struct ip6_pktopts is no longer used. But, it is still there because of binary compatibility issue. It should be removed under 5-CURRENT. Reviewed by: itojun Obtained from: KAME MFC after: 3 weeks |
/freebsd-10.0-release/usr.sbin/mtree/ | ||
H A D | mtree.5 | 175030 Tue Jan 01 04:15:57 MST 2008 kientzle Add the mtree.5 manpage. I'll come back soon and remove the format specification from mtree.8. I also need to reconcile a few issues between this mtree.5 and what is actually implemented in FreeBSD's mtree utility. MFC after: 30 days 175030 Tue Jan 01 04:15:57 MST 2008 kientzle Add the mtree.5 manpage. I'll come back soon and remove the format specification from mtree.8. I also need to reconcile a few issues between this mtree.5 and what is actually implemented in FreeBSD's mtree utility. MFC after: 30 days |
/freebsd-10.0-release/usr.sbin/ntp/doc/ | ||
H A D | ntp.keys.5 | 55895 Thu Jan 13 07:59:55 MST 2000 sheldonh Abandon hope of keeping in line with the author's structure, in favour of placing information in the correct sections. The ntp_acc(8), ntp_auth(8), ntp_clock(8), ntp_conf(8), ntp_misc(8) and ntp_mon(8) pages have been merged into ntp.conf(5) and ntp.keys(5). Requested by: rgrimes, wollman 55895 Thu Jan 13 07:59:55 MST 2000 sheldonh Abandon hope of keeping in line with the author's structure, in favour of placing information in the correct sections. The ntp_acc(8), ntp_auth(8), ntp_clock(8), ntp_conf(8), ntp_misc(8) and ntp_mon(8) pages have been merged into ntp.conf(5) and ntp.keys(5). Requested by: rgrimes, wollman |
/freebsd-10.0-release/usr.sbin/pnpinfo/ | ||
H A D | Makefile | diff 125503 Thu Feb 05 20:44:25 MST 2004 ru Fixed style of DPADD and LDADD assignments as per style.Makefile(5). diff 113091 Fri Apr 04 15:49:21 MST 2003 obrien style.Makefile(5) |
/freebsd-10.0-release/usr.sbin/ppp/ | ||
H A D | i4b.h | diff 134789 Sat Sep 04 23:46:52 MDT 2004 brian Make ppp WARNS=5 clean diff 53733 Fri Nov 26 20:44:33 MST 1999 brian Change ``set cd'' so that its default value is device specific. The default is still 1 second for ttys, but is now 6 seconds for i4b (ISDN) devices and 5 seconds for ethernet (PPPoE) devices. |
H A D | ncp.h | diff 134789 Sat Sep 04 23:46:52 MDT 2004 brian Make ppp WARNS=5 clean 81634 Tue Aug 14 14:05:52 MDT 2001 brian o Add ipv6 support, abstracting most NCP addresses into opaque structures (well, they're treated as opaque). It's now possible to manage IPv6 interface addresses and routing table entries and to filter IPV6 traffic whether encapsulated or not. IPV6CP support is crude for now, and hasn't been tested against any other implementations. RADIUS and IPv6 are independent of eachother for now. ppp.linkup/ppp.linkdown aren't currently used by IPV6CP o Understand all protocols(5) in filter rules rather than only a select few. o Allow a mask specification for the ``delete'' command. It's now possible to specifically delete one of two conflicting routes. o When creating and deleting proxy arp entries, do it for all IPv4 interface addresses rather than doing it just for the ``current'' peer address. o When iface-alias isn't in effect, don't blow away manually (via ``iface add'') added interface addresses. o When listening on a tcp server (diagnostic) socket, bind so that a tcp46 socket is created -- allowing both IPv4 and IPv6 connections. o When displaying ICMP traffic, don't display the icmp type twice. When display traffic, display at least some information about unrecognised traffic. o Bump version Inspired after filtering work by: Makoto MATSUSHITA <matusita@jp.FreeBSD.org> |
/freebsd-10.0-release/usr.sbin/rip6query/ | ||
H A D | rip6query.8 | diff 78064 Mon Jun 11 10:39:29 MDT 2001 ume Sync with recent KAME. This work was based on kame-20010528-freebsd43-snap.tgz and some critical problem after the snap was out were fixed. There are many many changes since last KAME merge. TODO: - The definitions of SADB_* in sys/net/pfkeyv2.h are still different from RFC2407/IANA assignment because of binary compatibility issue. It should be fixed under 5-CURRENT. - ip6po_m member of struct ip6_pktopts is no longer used. But, it is still there because of binary compatibility issue. It should be removed under 5-CURRENT. Reviewed by: itojun Obtained from: KAME MFC after: 3 weeks diff 78064 Mon Jun 11 10:39:29 MDT 2001 ume Sync with recent KAME. This work was based on kame-20010528-freebsd43-snap.tgz and some critical problem after the snap was out were fixed. There are many many changes since last KAME merge. TODO: - The definitions of SADB_* in sys/net/pfkeyv2.h are still different from RFC2407/IANA assignment because of binary compatibility issue. It should be fixed under 5-CURRENT. - ip6po_m member of struct ip6_pktopts is no longer used. But, it is still there because of binary compatibility issue. It should be removed under 5-CURRENT. Reviewed by: itojun Obtained from: KAME MFC after: 3 weeks |
/freebsd-10.0-release/usr.sbin/route6d/ | ||
H A D | route6d.h | diff 78064 Mon Jun 11 10:39:29 MDT 2001 ume Sync with recent KAME. This work was based on kame-20010528-freebsd43-snap.tgz and some critical problem after the snap was out were fixed. There are many many changes since last KAME merge. TODO: - The definitions of SADB_* in sys/net/pfkeyv2.h are still different from RFC2407/IANA assignment because of binary compatibility issue. It should be fixed under 5-CURRENT. - ip6po_m member of struct ip6_pktopts is no longer used. But, it is still there because of binary compatibility issue. It should be removed under 5-CURRENT. Reviewed by: itojun Obtained from: KAME MFC after: 3 weeks diff 78064 Mon Jun 11 10:39:29 MDT 2001 ume Sync with recent KAME. This work was based on kame-20010528-freebsd43-snap.tgz and some critical problem after the snap was out were fixed. There are many many changes since last KAME merge. TODO: - The definitions of SADB_* in sys/net/pfkeyv2.h are still different from RFC2407/IANA assignment because of binary compatibility issue. It should be fixed under 5-CURRENT. - ip6po_m member of struct ip6_pktopts is no longer used. But, it is still there because of binary compatibility issue. It should be removed under 5-CURRENT. Reviewed by: itojun Obtained from: KAME MFC after: 3 weeks |
/freebsd-10.0-release/usr.sbin/rrenumd/ | ||
H A D | rrenumd.8 | diff 78064 Mon Jun 11 10:39:29 MDT 2001 ume Sync with recent KAME. This work was based on kame-20010528-freebsd43-snap.tgz and some critical problem after the snap was out were fixed. There are many many changes since last KAME merge. TODO: - The definitions of SADB_* in sys/net/pfkeyv2.h are still different from RFC2407/IANA assignment because of binary compatibility issue. It should be fixed under 5-CURRENT. - ip6po_m member of struct ip6_pktopts is no longer used. But, it is still there because of binary compatibility issue. It should be removed under 5-CURRENT. Reviewed by: itojun Obtained from: KAME MFC after: 3 weeks diff 78064 Mon Jun 11 10:39:29 MDT 2001 ume Sync with recent KAME. This work was based on kame-20010528-freebsd43-snap.tgz and some critical problem after the snap was out were fixed. There are many many changes since last KAME merge. TODO: - The definitions of SADB_* in sys/net/pfkeyv2.h are still different from RFC2407/IANA assignment because of binary compatibility issue. It should be fixed under 5-CURRENT. - ip6po_m member of struct ip6_pktopts is no longer used. But, it is still there because of binary compatibility issue. It should be removed under 5-CURRENT. Reviewed by: itojun Obtained from: KAME MFC after: 3 weeks |
/freebsd-10.0-release/usr.sbin/rtadvd/ | ||
H A D | advcap.h | diff 78064 Mon Jun 11 10:39:29 MDT 2001 ume Sync with recent KAME. This work was based on kame-20010528-freebsd43-snap.tgz and some critical problem after the snap was out were fixed. There are many many changes since last KAME merge. TODO: - The definitions of SADB_* in sys/net/pfkeyv2.h are still different from RFC2407/IANA assignment because of binary compatibility issue. It should be fixed under 5-CURRENT. - ip6po_m member of struct ip6_pktopts is no longer used. But, it is still there because of binary compatibility issue. It should be removed under 5-CURRENT. Reviewed by: itojun Obtained from: KAME MFC after: 3 weeks diff 78064 Mon Jun 11 10:39:29 MDT 2001 ume Sync with recent KAME. This work was based on kame-20010528-freebsd43-snap.tgz and some critical problem after the snap was out were fixed. There are many many changes since last KAME merge. TODO: - The definitions of SADB_* in sys/net/pfkeyv2.h are still different from RFC2407/IANA assignment because of binary compatibility issue. It should be fixed under 5-CURRENT. - ip6po_m member of struct ip6_pktopts is no longer used. But, it is still there because of binary compatibility issue. It should be removed under 5-CURRENT. Reviewed by: itojun Obtained from: KAME MFC after: 3 weeks |
/freebsd-10.0-release/usr.sbin/watchdogd/ | ||
H A D | Makefile | diff 126178 Mon Feb 23 18:25:27 MST 2004 johan style.Makefile(5): Use WARNS?= instead of WARNS=. diff 117185 Thu Jul 03 01:37:04 MDT 2003 smkelly o style(9) fixes - Reordered #includes - Only include <sys/types.h>, not it and <sys/cdefs.h> o style.Makefile(5) fixes - No SRCS= line when only one src file with same name as program o Use warn()/errx() instead of fprintf() - Integrated patch from Philippe Charnier <charnier@xp11.frmug.org> Approved by: jeff (mentor) |
/freebsd-10.0-release/contrib/openbsm/tools/ | ||
H A D | audump.c | diff 189279 Mon Mar 02 11:32:58 MST 2009 rwatson Merge OpenBSM 1.1 beta 1 from OpenBSM vendor branch to head, both contrib/openbsm (svn merge) and src/sys/{bsm,security/audit} (manual merge). OpenBSM history for imported revision below for reference. MFC after: 1 month Sponsored by: Apple, Inc. Obtained from: TrustedBSD Project OpenBSM 1.1 beta 1 - The filesz parameter in audit_control(5) now accepts suffixes: 'B' for Bytes, 'K' for Kilobytes, 'M' for Megabytes, and 'G' for Gigabytes. For legacy support no suffix defaults to bytes. - Audit trail log expiration support added. It is configured in audit_control(5) with the expire-after parameter. If there is no expire-after parameter in audit_control(5), the default, then the audit trail files are not expired and removed. See audit_control(5) for more information. - Change defaults in audit_control: warn at 5% rather than 20% free for audit partitions, rotate automatically at 2mb, and set the default policy to cnt,argv rather than cnt so that execve(2) arguments are captured if AUE_EXECVE events are audited. These may provide more usable defaults for many users. - Use au_domain_to_bsm(3) and au_socket_type_to_bsm(3) to convert au_to_socket_ex(3) arguments to BSM format. - Fix error encoding AUT_IPC_PERM tokens. diff 189279 Mon Mar 02 11:32:58 MST 2009 rwatson Merge OpenBSM 1.1 beta 1 from OpenBSM vendor branch to head, both contrib/openbsm (svn merge) and src/sys/{bsm,security/audit} (manual merge). OpenBSM history for imported revision below for reference. MFC after: 1 month Sponsored by: Apple, Inc. Obtained from: TrustedBSD Project OpenBSM 1.1 beta 1 - The filesz parameter in audit_control(5) now accepts suffixes: 'B' for Bytes, 'K' for Kilobytes, 'M' for Megabytes, and 'G' for Gigabytes. For legacy support no suffix defaults to bytes. - Audit trail log expiration support added. It is configured in audit_control(5) with the expire-after parameter. If there is no expire-after parameter in audit_control(5), the default, then the audit trail files are not expired and removed. See audit_control(5) for more information. - Change defaults in audit_control: warn at 5% rather than 20% free for audit partitions, rotate automatically at 2mb, and set the default policy to cnt,argv rather than cnt so that execve(2) arguments are captured if AUE_EXECVE events are audited. These may provide more usable defaults for many users. - Use au_domain_to_bsm(3) and au_socket_type_to_bsm(3) to convert au_to_socket_ex(3) arguments to BSM format. - Fix error encoding AUT_IPC_PERM tokens. diff 189279 Mon Mar 02 11:32:58 MST 2009 rwatson Merge OpenBSM 1.1 beta 1 from OpenBSM vendor branch to head, both contrib/openbsm (svn merge) and src/sys/{bsm,security/audit} (manual merge). OpenBSM history for imported revision below for reference. MFC after: 1 month Sponsored by: Apple, Inc. Obtained from: TrustedBSD Project OpenBSM 1.1 beta 1 - The filesz parameter in audit_control(5) now accepts suffixes: 'B' for Bytes, 'K' for Kilobytes, 'M' for Megabytes, and 'G' for Gigabytes. For legacy support no suffix defaults to bytes. - Audit trail log expiration support added. It is configured in audit_control(5) with the expire-after parameter. If there is no expire-after parameter in audit_control(5), the default, then the audit trail files are not expired and removed. See audit_control(5) for more information. - Change defaults in audit_control: warn at 5% rather than 20% free for audit partitions, rotate automatically at 2mb, and set the default policy to cnt,argv rather than cnt so that execve(2) arguments are captured if AUE_EXECVE events are audited. These may provide more usable defaults for many users. - Use au_domain_to_bsm(3) and au_socket_type_to_bsm(3) to convert au_to_socket_ex(3) arguments to BSM format. - Fix error encoding AUT_IPC_PERM tokens. diff 189279 Mon Mar 02 11:32:58 MST 2009 rwatson Merge OpenBSM 1.1 beta 1 from OpenBSM vendor branch to head, both contrib/openbsm (svn merge) and src/sys/{bsm,security/audit} (manual merge). OpenBSM history for imported revision below for reference. MFC after: 1 month Sponsored by: Apple, Inc. Obtained from: TrustedBSD Project OpenBSM 1.1 beta 1 - The filesz parameter in audit_control(5) now accepts suffixes: 'B' for Bytes, 'K' for Kilobytes, 'M' for Megabytes, and 'G' for Gigabytes. For legacy support no suffix defaults to bytes. - Audit trail log expiration support added. It is configured in audit_control(5) with the expire-after parameter. If there is no expire-after parameter in audit_control(5), the default, then the audit trail files are not expired and removed. See audit_control(5) for more information. - Change defaults in audit_control: warn at 5% rather than 20% free for audit partitions, rotate automatically at 2mb, and set the default policy to cnt,argv rather than cnt so that execve(2) arguments are captured if AUE_EXECVE events are audited. These may provide more usable defaults for many users. - Use au_domain_to_bsm(3) and au_socket_type_to_bsm(3) to convert au_to_socket_ex(3) arguments to BSM format. - Fix error encoding AUT_IPC_PERM tokens. diff 189279 Mon Mar 02 11:32:58 MST 2009 rwatson Merge OpenBSM 1.1 beta 1 from OpenBSM vendor branch to head, both contrib/openbsm (svn merge) and src/sys/{bsm,security/audit} (manual merge). OpenBSM history for imported revision below for reference. MFC after: 1 month Sponsored by: Apple, Inc. Obtained from: TrustedBSD Project OpenBSM 1.1 beta 1 - The filesz parameter in audit_control(5) now accepts suffixes: 'B' for Bytes, 'K' for Kilobytes, 'M' for Megabytes, and 'G' for Gigabytes. For legacy support no suffix defaults to bytes. - Audit trail log expiration support added. It is configured in audit_control(5) with the expire-after parameter. If there is no expire-after parameter in audit_control(5), the default, then the audit trail files are not expired and removed. See audit_control(5) for more information. - Change defaults in audit_control: warn at 5% rather than 20% free for audit partitions, rotate automatically at 2mb, and set the default policy to cnt,argv rather than cnt so that execve(2) arguments are captured if AUE_EXECVE events are audited. These may provide more usable defaults for many users. - Use au_domain_to_bsm(3) and au_socket_type_to_bsm(3) to convert au_to_socket_ex(3) arguments to BSM format. - Fix error encoding AUT_IPC_PERM tokens. diff 168777 Mon Apr 16 13:37:10 MDT 2007 rwatson Vendor import TrustedBSD OpenBSM 1.0 alpha 14, with the following change history notes since the last import: OpenBSM 1.0 alpha 14 - Fix endian issues when processing IPv6 addresses for extended subject and process tokens. - gcc41 warnings clean. - Teach audit_submit(3) about getaudit_addr(2). - Add support for zonename tokens. OpenBSM 1.0 alpha 13 - compat/clock_gettime.h now provides a compatibility implementation of clock_gettime(), which fixes building on Mac OS X. - Countless man page improvements, markup fixes, content fixs, etc. - XML printing support via "praudit -x". - audit.log.5 expanded to include additional BSM token types. - Added encoding and decoding routines for process64_ex, process32_ex, subject32_ex, header64, and attr64 tokens. - Additional audit event identifiers for listen, mlockall/munlockall, getpath, POSIX message queues, and mandatory access control. Approved by: re (bmah) MFC after: 3 weeks Obtained from: TrustedBSD Project |
/freebsd-10.0-release/share/man/man5/ | ||
H A D | devfs.5 | diff 231265 Thu Feb 09 08:24:50 MST 2012 mm Introduce the "ruleset=number" option for devfs(5) mounts. Add support for updating the devfs mount (currently only changing the ruleset number is supported). Check mnt_optnew with vfs_filteropt(9). This new option sets the specified ruleset number as the active ruleset of the new devfs mount and applies all its rules at mount time. If the specified ruleset doesn't exist, a new empty ruleset is created. MFC after: 1 month diff 212827 Sat Sep 18 17:26:50 MDT 2010 gjb Note that devfs(5) and fdescfs(5) both create /dev/fd file descriptors. PR: 144534 Submitted by: Matthew Seaman <m.seaman at infracaninophile co uk> Patch by: Matthew Seaman, keramida Approved by: keramida (mentor) MFC after: 1 week diff 212827 Sat Sep 18 17:26:50 MDT 2010 gjb Note that devfs(5) and fdescfs(5) both create /dev/fd file descriptors. PR: 144534 Submitted by: Matthew Seaman <m.seaman at infracaninophile co uk> Patch by: Matthew Seaman, keramida Approved by: keramida (mentor) MFC after: 1 week diff 208654 Sun May 30 11:39:10 MDT 2010 jilles devfs(5): Also mention when device nodes on ufs stopped working (6.0), as requested by some people. MFC after: 2 weeks diff 208647 Sat May 29 18:33:37 MDT 2010 jilles Clarify devfs manpages slightly. mount(8): add xref to devfs(5) devfs(5): change example to something more likely to be useful (it is not necessary to mount a devfs on /dev manually, but for chroots/jails it is often needed), mention since when devfs is preferred to device nodes on ufs PR: 146600 MFC after: 2 weeks diff 208647 Sat May 29 18:33:37 MDT 2010 jilles Clarify devfs manpages slightly. mount(8): add xref to devfs(5) devfs(5): change example to something more likely to be useful (it is not necessary to mount a devfs on /dev manually, but for chroots/jails it is often needed), mention since when devfs is preferred to device nodes on ufs PR: 146600 MFC after: 2 weeks |
/freebsd-10.0-release/sys/dev/ath/ath_hal/ | ||
H A D | ah_eeprom_v14.c | diff 224519 Sat Jul 30 11:54:52 MDT 2011 adrian Introduce the FRAC_5G EEPROM parameter. This seems to indicate whether to program the NIC for fractional 5ghz mode (ie, 5mhz spaced channels, rather than 10 or 20mhz spacing) or not. The default (0) seems to mean "only program fractional mode if needed". A different value (eg 1) seems to always enable fractional 5ghz mode regardless of the frequency. Obtained from: Atheros Approved by: re (kib) diff 224519 Sat Jul 30 11:54:52 MDT 2011 adrian Introduce the FRAC_5G EEPROM parameter. This seems to indicate whether to program the NIC for fractional 5ghz mode (ie, 5mhz spaced channels, rather than 10 or 20mhz spacing) or not. The default (0) seems to mean "only program fractional mode if needed". A different value (eg 1) seems to always enable fractional 5ghz mode regardless of the frequency. Obtained from: Atheros Approved by: re (kib) diff 224519 Sat Jul 30 11:54:52 MDT 2011 adrian Introduce the FRAC_5G EEPROM parameter. This seems to indicate whether to program the NIC for fractional 5ghz mode (ie, 5mhz spaced channels, rather than 10 or 20mhz spacing) or not. The default (0) seems to mean "only program fractional mode if needed". A different value (eg 1) seems to always enable fractional 5ghz mode regardless of the frequency. Obtained from: Atheros Approved by: re (kib) diff 221897 Sat May 14 13:37:08 MDT 2011 adrian Fix the Merlin 5ghz fast-clock EEPROM fetch to return the correct value. The eeprom Get method should return HAL_OK if fastclock is enabled in the EEPROM. It was returning the opposite of what it should have. Submitted by: Matthew Fleming <mdf356@gmail.com> diff 221163 Thu Apr 28 10:52:03 MDT 2011 adrian Introduce AR9130 (HOWL) WMAC support to the FreeBSD HAL. The AR9130 is an AR9160/AR5416 family WMAC which is glued directly to the AR913x SoC peripheral bus (APB) rather than via a PCI/PCIe bridge. The specifics: * A new build option is required to use the AR9130 - AH_SUPPORT_AR9130. This is needed due to the different location the RTC registers live with this chip; hopefully this will be undone in the future. This does currently mean that enabling this option will break non-AR9130 builds, so don't enable it unless you're specifically building an image for the AR913x SoC. * Add the new probe, attach, EEPROM and PLL methods specific to Howl. * Add a work-around to ah_eeprom_v14.c which disables some of the checks for endian-ness and magic in the EEPROM image if an eepromdata block is provided. This'll be fixed at a later stage by porting the ath9k probe code and making sure it doesn't break in other setups (which my previous attempt at this did.) * Sprinkle Howl modifications throughput the interrupt path - it doesn't implement the SYNC interrupt registers, so ignore those. * Sprinkle Howl chip powerup/down throughout the reset path; the RTC methods were * Sprinkle some other Howl workarounds in the reset path. * Hard-code an alternative setup for the AR_CFG register for Howl, that sets up things suitable for Big-Endian MIPS (which is the only platform this chip is glued to.) This has been tested on the AR913x based TP-Link WR-1043nd mode, in legacy, HT/20 and HT/40 modes. Caveats: * 2ghz has only been tested. I've not seen any 5ghz radios glued to this chipset so I can't test it. * AR5416_INTERRUPT_MITIGATION is not supported on the AR9130. At least, it isn't implemented in ath9k. Please don't enable this. * This hasn't been tested in MBSS mode or in RX/TX block-aggregation mode. diff 219318 Sat Mar 05 22:46:42 MST 2011 adrian Add an EEPROM op that extracts out the power table offset. It defaults to -5 dBm for eeproms earlier than v21. This apparently only applies to Merlin (AR9280) or later, earlier 11n chipsets have a power table offset of 0. All the code in ath9k which checks the power table offset and takes it into account first ensures the chip is Merlin or later. |
/freebsd-10.0-release/usr.sbin/pkg_install/add/ | ||
H A D | futil.c | diff 206043 Thu Apr 01 12:33:56 MDT 2010 flz Various fixes. - Replace hardcoded INDEX version. [1] - Fix a buffer overlap. [2] - Remove empty package when fetching fails and -K is used. [3] - Remove useless chmod2() after mkdtemp(3). [4] - Replace mkdir(1) call with mkdir(2). [5] - Get rid of some vsystem() calls. - Switch from lstat(2) to open(2) in fexists(). - Try rename(2) in move_file() first. - Bump PKG_INSTALL_VERSION to 20100401. PR: bin/145101 [1], bin/139492 [2], bin/144919 [3] bin/144920 [4], bin/144921 [5] Submitted by: gcooper [1,2,3,4,5] diff 206043 Thu Apr 01 12:33:56 MDT 2010 flz Various fixes. - Replace hardcoded INDEX version. [1] - Fix a buffer overlap. [2] - Remove empty package when fetching fails and -K is used. [3] - Remove useless chmod2() after mkdtemp(3). [4] - Replace mkdir(1) call with mkdir(2). [5] - Get rid of some vsystem() calls. - Switch from lstat(2) to open(2) in fexists(). - Try rename(2) in move_file() first. - Bump PKG_INSTALL_VERSION to 20100401. PR: bin/145101 [1], bin/139492 [2], bin/144919 [3] bin/144920 [4], bin/144921 [5] Submitted by: gcooper [1,2,3,4,5] diff 206043 Thu Apr 01 12:33:56 MDT 2010 flz Various fixes. - Replace hardcoded INDEX version. [1] - Fix a buffer overlap. [2] - Remove empty package when fetching fails and -K is used. [3] - Remove useless chmod2() after mkdtemp(3). [4] - Replace mkdir(1) call with mkdir(2). [5] - Get rid of some vsystem() calls. - Switch from lstat(2) to open(2) in fexists(). - Try rename(2) in move_file() first. - Bump PKG_INSTALL_VERSION to 20100401. PR: bin/145101 [1], bin/139492 [2], bin/144919 [3] bin/144920 [4], bin/144921 [5] Submitted by: gcooper [1,2,3,4,5] diff 131285 Tue Jun 29 17:06:42 MDT 2004 eik - pkg_add spawns itself as argv[0] when installing dependent packages, to enable the use as a port on older systems - use absolute paths in all calls to external programs, to account for strange PATH settings - use INDEX or INDEX-5 depending on FreeBSD version, to enable the use on FreeBSD 4.x as a port. - conditionalize all 4.x/5.x differences on __FreeBSD_version, so that the pkg_install tools can be kept in sync on 4.x and 5.x - Bump PKG_INSTALL_VERSION Reviewed by: portmgr (bento run) MFC after: 4 weeks diff 131285 Tue Jun 29 17:06:42 MDT 2004 eik - pkg_add spawns itself as argv[0] when installing dependent packages, to enable the use as a port on older systems - use absolute paths in all calls to external programs, to account for strange PATH settings - use INDEX or INDEX-5 depending on FreeBSD version, to enable the use on FreeBSD 4.x as a port. - conditionalize all 4.x/5.x differences on __FreeBSD_version, so that the pkg_install tools can be kept in sync on 4.x and 5.x - Bump PKG_INSTALL_VERSION Reviewed by: portmgr (bento run) MFC after: 4 weeks diff 131285 Tue Jun 29 17:06:42 MDT 2004 eik - pkg_add spawns itself as argv[0] when installing dependent packages, to enable the use as a port on older systems - use absolute paths in all calls to external programs, to account for strange PATH settings - use INDEX or INDEX-5 depending on FreeBSD version, to enable the use on FreeBSD 4.x as a port. - conditionalize all 4.x/5.x differences on __FreeBSD_version, so that the pkg_install tools can be kept in sync on 4.x and 5.x - Bump PKG_INSTALL_VERSION Reviewed by: portmgr (bento run) MFC after: 4 weeks |
/freebsd-10.0-release/usr.sbin/pkg_install/lib/ | ||
H A D | url.c | diff 206043 Thu Apr 01 12:33:56 MDT 2010 flz Various fixes. - Replace hardcoded INDEX version. [1] - Fix a buffer overlap. [2] - Remove empty package when fetching fails and -K is used. [3] - Remove useless chmod2() after mkdtemp(3). [4] - Replace mkdir(1) call with mkdir(2). [5] - Get rid of some vsystem() calls. - Switch from lstat(2) to open(2) in fexists(). - Try rename(2) in move_file() first. - Bump PKG_INSTALL_VERSION to 20100401. PR: bin/145101 [1], bin/139492 [2], bin/144919 [3] bin/144920 [4], bin/144921 [5] Submitted by: gcooper [1,2,3,4,5] diff 206043 Thu Apr 01 12:33:56 MDT 2010 flz Various fixes. - Replace hardcoded INDEX version. [1] - Fix a buffer overlap. [2] - Remove empty package when fetching fails and -K is used. [3] - Remove useless chmod2() after mkdtemp(3). [4] - Replace mkdir(1) call with mkdir(2). [5] - Get rid of some vsystem() calls. - Switch from lstat(2) to open(2) in fexists(). - Try rename(2) in move_file() first. - Bump PKG_INSTALL_VERSION to 20100401. PR: bin/145101 [1], bin/139492 [2], bin/144919 [3] bin/144920 [4], bin/144921 [5] Submitted by: gcooper [1,2,3,4,5] diff 206043 Thu Apr 01 12:33:56 MDT 2010 flz Various fixes. - Replace hardcoded INDEX version. [1] - Fix a buffer overlap. [2] - Remove empty package when fetching fails and -K is used. [3] - Remove useless chmod2() after mkdtemp(3). [4] - Replace mkdir(1) call with mkdir(2). [5] - Get rid of some vsystem() calls. - Switch from lstat(2) to open(2) in fexists(). - Try rename(2) in move_file() first. - Bump PKG_INSTALL_VERSION to 20100401. PR: bin/145101 [1], bin/139492 [2], bin/144919 [3] bin/144920 [4], bin/144921 [5] Submitted by: gcooper [1,2,3,4,5] diff 131285 Tue Jun 29 17:06:42 MDT 2004 eik - pkg_add spawns itself as argv[0] when installing dependent packages, to enable the use as a port on older systems - use absolute paths in all calls to external programs, to account for strange PATH settings - use INDEX or INDEX-5 depending on FreeBSD version, to enable the use on FreeBSD 4.x as a port. - conditionalize all 4.x/5.x differences on __FreeBSD_version, so that the pkg_install tools can be kept in sync on 4.x and 5.x - Bump PKG_INSTALL_VERSION Reviewed by: portmgr (bento run) MFC after: 4 weeks diff 131285 Tue Jun 29 17:06:42 MDT 2004 eik - pkg_add spawns itself as argv[0] when installing dependent packages, to enable the use as a port on older systems - use absolute paths in all calls to external programs, to account for strange PATH settings - use INDEX or INDEX-5 depending on FreeBSD version, to enable the use on FreeBSD 4.x as a port. - conditionalize all 4.x/5.x differences on __FreeBSD_version, so that the pkg_install tools can be kept in sync on 4.x and 5.x - Bump PKG_INSTALL_VERSION Reviewed by: portmgr (bento run) MFC after: 4 weeks diff 131285 Tue Jun 29 17:06:42 MDT 2004 eik - pkg_add spawns itself as argv[0] when installing dependent packages, to enable the use as a port on older systems - use absolute paths in all calls to external programs, to account for strange PATH settings - use INDEX or INDEX-5 depending on FreeBSD version, to enable the use on FreeBSD 4.x as a port. - conditionalize all 4.x/5.x differences on __FreeBSD_version, so that the pkg_install tools can be kept in sync on 4.x and 5.x - Bump PKG_INSTALL_VERSION Reviewed by: portmgr (bento run) MFC after: 4 weeks |
/freebsd-10.0-release/contrib/openbsm/bsm/ | ||
H A D | auditd_lib.h | diff 189279 Mon Mar 02 11:32:58 MST 2009 rwatson Merge OpenBSM 1.1 beta 1 from OpenBSM vendor branch to head, both contrib/openbsm (svn merge) and src/sys/{bsm,security/audit} (manual merge). OpenBSM history for imported revision below for reference. MFC after: 1 month Sponsored by: Apple, Inc. Obtained from: TrustedBSD Project OpenBSM 1.1 beta 1 - The filesz parameter in audit_control(5) now accepts suffixes: 'B' for Bytes, 'K' for Kilobytes, 'M' for Megabytes, and 'G' for Gigabytes. For legacy support no suffix defaults to bytes. - Audit trail log expiration support added. It is configured in audit_control(5) with the expire-after parameter. If there is no expire-after parameter in audit_control(5), the default, then the audit trail files are not expired and removed. See audit_control(5) for more information. - Change defaults in audit_control: warn at 5% rather than 20% free for audit partitions, rotate automatically at 2mb, and set the default policy to cnt,argv rather than cnt so that execve(2) arguments are captured if AUE_EXECVE events are audited. These may provide more usable defaults for many users. - Use au_domain_to_bsm(3) and au_socket_type_to_bsm(3) to convert au_to_socket_ex(3) arguments to BSM format. - Fix error encoding AUT_IPC_PERM tokens. diff 189279 Mon Mar 02 11:32:58 MST 2009 rwatson Merge OpenBSM 1.1 beta 1 from OpenBSM vendor branch to head, both contrib/openbsm (svn merge) and src/sys/{bsm,security/audit} (manual merge). OpenBSM history for imported revision below for reference. MFC after: 1 month Sponsored by: Apple, Inc. Obtained from: TrustedBSD Project OpenBSM 1.1 beta 1 - The filesz parameter in audit_control(5) now accepts suffixes: 'B' for Bytes, 'K' for Kilobytes, 'M' for Megabytes, and 'G' for Gigabytes. For legacy support no suffix defaults to bytes. - Audit trail log expiration support added. It is configured in audit_control(5) with the expire-after parameter. If there is no expire-after parameter in audit_control(5), the default, then the audit trail files are not expired and removed. See audit_control(5) for more information. - Change defaults in audit_control: warn at 5% rather than 20% free for audit partitions, rotate automatically at 2mb, and set the default policy to cnt,argv rather than cnt so that execve(2) arguments are captured if AUE_EXECVE events are audited. These may provide more usable defaults for many users. - Use au_domain_to_bsm(3) and au_socket_type_to_bsm(3) to convert au_to_socket_ex(3) arguments to BSM format. - Fix error encoding AUT_IPC_PERM tokens. diff 189279 Mon Mar 02 11:32:58 MST 2009 rwatson Merge OpenBSM 1.1 beta 1 from OpenBSM vendor branch to head, both contrib/openbsm (svn merge) and src/sys/{bsm,security/audit} (manual merge). OpenBSM history for imported revision below for reference. MFC after: 1 month Sponsored by: Apple, Inc. Obtained from: TrustedBSD Project OpenBSM 1.1 beta 1 - The filesz parameter in audit_control(5) now accepts suffixes: 'B' for Bytes, 'K' for Kilobytes, 'M' for Megabytes, and 'G' for Gigabytes. For legacy support no suffix defaults to bytes. - Audit trail log expiration support added. It is configured in audit_control(5) with the expire-after parameter. If there is no expire-after parameter in audit_control(5), the default, then the audit trail files are not expired and removed. See audit_control(5) for more information. - Change defaults in audit_control: warn at 5% rather than 20% free for audit partitions, rotate automatically at 2mb, and set the default policy to cnt,argv rather than cnt so that execve(2) arguments are captured if AUE_EXECVE events are audited. These may provide more usable defaults for many users. - Use au_domain_to_bsm(3) and au_socket_type_to_bsm(3) to convert au_to_socket_ex(3) arguments to BSM format. - Fix error encoding AUT_IPC_PERM tokens. diff 189279 Mon Mar 02 11:32:58 MST 2009 rwatson Merge OpenBSM 1.1 beta 1 from OpenBSM vendor branch to head, both contrib/openbsm (svn merge) and src/sys/{bsm,security/audit} (manual merge). OpenBSM history for imported revision below for reference. MFC after: 1 month Sponsored by: Apple, Inc. Obtained from: TrustedBSD Project OpenBSM 1.1 beta 1 - The filesz parameter in audit_control(5) now accepts suffixes: 'B' for Bytes, 'K' for Kilobytes, 'M' for Megabytes, and 'G' for Gigabytes. For legacy support no suffix defaults to bytes. - Audit trail log expiration support added. It is configured in audit_control(5) with the expire-after parameter. If there is no expire-after parameter in audit_control(5), the default, then the audit trail files are not expired and removed. See audit_control(5) for more information. - Change defaults in audit_control: warn at 5% rather than 20% free for audit partitions, rotate automatically at 2mb, and set the default policy to cnt,argv rather than cnt so that execve(2) arguments are captured if AUE_EXECVE events are audited. These may provide more usable defaults for many users. - Use au_domain_to_bsm(3) and au_socket_type_to_bsm(3) to convert au_to_socket_ex(3) arguments to BSM format. - Fix error encoding AUT_IPC_PERM tokens. diff 189279 Mon Mar 02 11:32:58 MST 2009 rwatson Merge OpenBSM 1.1 beta 1 from OpenBSM vendor branch to head, both contrib/openbsm (svn merge) and src/sys/{bsm,security/audit} (manual merge). OpenBSM history for imported revision below for reference. MFC after: 1 month Sponsored by: Apple, Inc. Obtained from: TrustedBSD Project OpenBSM 1.1 beta 1 - The filesz parameter in audit_control(5) now accepts suffixes: 'B' for Bytes, 'K' for Kilobytes, 'M' for Megabytes, and 'G' for Gigabytes. For legacy support no suffix defaults to bytes. - Audit trail log expiration support added. It is configured in audit_control(5) with the expire-after parameter. If there is no expire-after parameter in audit_control(5), the default, then the audit trail files are not expired and removed. See audit_control(5) for more information. - Change defaults in audit_control: warn at 5% rather than 20% free for audit partitions, rotate automatically at 2mb, and set the default policy to cnt,argv rather than cnt so that execve(2) arguments are captured if AUE_EXECVE events are audited. These may provide more usable defaults for many users. - Use au_domain_to_bsm(3) and au_socket_type_to_bsm(3) to convert au_to_socket_ex(3) arguments to BSM format. - Fix error encoding AUT_IPC_PERM tokens. diff 187214 Wed Jan 14 08:48:08 MST 2009 rwatson Merge OpenBSM alpha 5 from OpenBSM vendor branch to head, both contrib/openbsm (svn merge) and src/sys/{bsm,security/audit} (manual merge). Hook up bsm_domain.c and bsm_socket_type.c to the libbsm build along with man pages, add audit_bsm_domain.c and audit_bsm_socket_type.c to the kernel environment. OpenBSM history for imported revisions below for reference. MFC after: 1 month Sponsored by: Apple Inc. Obtained from: TrustedBSD Project OpenBSM 1.1 alpha 5 - Stub libauditd(3) man page added. - All BSM error number constants with BSM_ERRNO_. - Interfaces to convert between local and BSM socket types and protocol families have been added: au_bsm_to_domain(3), au_bsm_to_socket_type(3), au_domain_to_bsm(3), and au_socket_type_to_bsm(3), along with definitions of constants in audit_domain.h and audit_socket_type.h. This improves interoperability by converting local constant spaces, which vary by OS, to and from Solaris constants (where available) or OpenBSM constants for protocol domains not present in Solaris (a fair number). These routines should be used when generating and interpreting extended socket tokens. - Fix build warnings with full gcc warnings enabled on most supported platforms. - Don't compile error strings into bsm_errno.c when building it in the kernel environment. - When started by launchd, use the label com.apple.auditd rather than org.trustedbsd.auditd. diff 187214 Wed Jan 14 08:48:08 MST 2009 rwatson Merge OpenBSM alpha 5 from OpenBSM vendor branch to head, both contrib/openbsm (svn merge) and src/sys/{bsm,security/audit} (manual merge). Hook up bsm_domain.c and bsm_socket_type.c to the libbsm build along with man pages, add audit_bsm_domain.c and audit_bsm_socket_type.c to the kernel environment. OpenBSM history for imported revisions below for reference. MFC after: 1 month Sponsored by: Apple Inc. Obtained from: TrustedBSD Project OpenBSM 1.1 alpha 5 - Stub libauditd(3) man page added. - All BSM error number constants with BSM_ERRNO_. - Interfaces to convert between local and BSM socket types and protocol families have been added: au_bsm_to_domain(3), au_bsm_to_socket_type(3), au_domain_to_bsm(3), and au_socket_type_to_bsm(3), along with definitions of constants in audit_domain.h and audit_socket_type.h. This improves interoperability by converting local constant spaces, which vary by OS, to and from Solaris constants (where available) or OpenBSM constants for protocol domains not present in Solaris (a fair number). These routines should be used when generating and interpreting extended socket tokens. - Fix build warnings with full gcc warnings enabled on most supported platforms. - Don't compile error strings into bsm_errno.c when building it in the kernel environment. - When started by launchd, use the label com.apple.auditd rather than org.trustedbsd.auditd. |
/freebsd-10.0-release/contrib/openbsm/libbsm/ | ||
H A D | bsm_errno.c | diff 189279 Mon Mar 02 11:32:58 MST 2009 rwatson Merge OpenBSM 1.1 beta 1 from OpenBSM vendor branch to head, both contrib/openbsm (svn merge) and src/sys/{bsm,security/audit} (manual merge). OpenBSM history for imported revision below for reference. MFC after: 1 month Sponsored by: Apple, Inc. Obtained from: TrustedBSD Project OpenBSM 1.1 beta 1 - The filesz parameter in audit_control(5) now accepts suffixes: 'B' for Bytes, 'K' for Kilobytes, 'M' for Megabytes, and 'G' for Gigabytes. For legacy support no suffix defaults to bytes. - Audit trail log expiration support added. It is configured in audit_control(5) with the expire-after parameter. If there is no expire-after parameter in audit_control(5), the default, then the audit trail files are not expired and removed. See audit_control(5) for more information. - Change defaults in audit_control: warn at 5% rather than 20% free for audit partitions, rotate automatically at 2mb, and set the default policy to cnt,argv rather than cnt so that execve(2) arguments are captured if AUE_EXECVE events are audited. These may provide more usable defaults for many users. - Use au_domain_to_bsm(3) and au_socket_type_to_bsm(3) to convert au_to_socket_ex(3) arguments to BSM format. - Fix error encoding AUT_IPC_PERM tokens. diff 189279 Mon Mar 02 11:32:58 MST 2009 rwatson Merge OpenBSM 1.1 beta 1 from OpenBSM vendor branch to head, both contrib/openbsm (svn merge) and src/sys/{bsm,security/audit} (manual merge). OpenBSM history for imported revision below for reference. MFC after: 1 month Sponsored by: Apple, Inc. Obtained from: TrustedBSD Project OpenBSM 1.1 beta 1 - The filesz parameter in audit_control(5) now accepts suffixes: 'B' for Bytes, 'K' for Kilobytes, 'M' for Megabytes, and 'G' for Gigabytes. For legacy support no suffix defaults to bytes. - Audit trail log expiration support added. It is configured in audit_control(5) with the expire-after parameter. If there is no expire-after parameter in audit_control(5), the default, then the audit trail files are not expired and removed. See audit_control(5) for more information. - Change defaults in audit_control: warn at 5% rather than 20% free for audit partitions, rotate automatically at 2mb, and set the default policy to cnt,argv rather than cnt so that execve(2) arguments are captured if AUE_EXECVE events are audited. These may provide more usable defaults for many users. - Use au_domain_to_bsm(3) and au_socket_type_to_bsm(3) to convert au_to_socket_ex(3) arguments to BSM format. - Fix error encoding AUT_IPC_PERM tokens. diff 189279 Mon Mar 02 11:32:58 MST 2009 rwatson Merge OpenBSM 1.1 beta 1 from OpenBSM vendor branch to head, both contrib/openbsm (svn merge) and src/sys/{bsm,security/audit} (manual merge). OpenBSM history for imported revision below for reference. MFC after: 1 month Sponsored by: Apple, Inc. Obtained from: TrustedBSD Project OpenBSM 1.1 beta 1 - The filesz parameter in audit_control(5) now accepts suffixes: 'B' for Bytes, 'K' for Kilobytes, 'M' for Megabytes, and 'G' for Gigabytes. For legacy support no suffix defaults to bytes. - Audit trail log expiration support added. It is configured in audit_control(5) with the expire-after parameter. If there is no expire-after parameter in audit_control(5), the default, then the audit trail files are not expired and removed. See audit_control(5) for more information. - Change defaults in audit_control: warn at 5% rather than 20% free for audit partitions, rotate automatically at 2mb, and set the default policy to cnt,argv rather than cnt so that execve(2) arguments are captured if AUE_EXECVE events are audited. These may provide more usable defaults for many users. - Use au_domain_to_bsm(3) and au_socket_type_to_bsm(3) to convert au_to_socket_ex(3) arguments to BSM format. - Fix error encoding AUT_IPC_PERM tokens. diff 189279 Mon Mar 02 11:32:58 MST 2009 rwatson Merge OpenBSM 1.1 beta 1 from OpenBSM vendor branch to head, both contrib/openbsm (svn merge) and src/sys/{bsm,security/audit} (manual merge). OpenBSM history for imported revision below for reference. MFC after: 1 month Sponsored by: Apple, Inc. Obtained from: TrustedBSD Project OpenBSM 1.1 beta 1 - The filesz parameter in audit_control(5) now accepts suffixes: 'B' for Bytes, 'K' for Kilobytes, 'M' for Megabytes, and 'G' for Gigabytes. For legacy support no suffix defaults to bytes. - Audit trail log expiration support added. It is configured in audit_control(5) with the expire-after parameter. If there is no expire-after parameter in audit_control(5), the default, then the audit trail files are not expired and removed. See audit_control(5) for more information. - Change defaults in audit_control: warn at 5% rather than 20% free for audit partitions, rotate automatically at 2mb, and set the default policy to cnt,argv rather than cnt so that execve(2) arguments are captured if AUE_EXECVE events are audited. These may provide more usable defaults for many users. - Use au_domain_to_bsm(3) and au_socket_type_to_bsm(3) to convert au_to_socket_ex(3) arguments to BSM format. - Fix error encoding AUT_IPC_PERM tokens. diff 189279 Mon Mar 02 11:32:58 MST 2009 rwatson Merge OpenBSM 1.1 beta 1 from OpenBSM vendor branch to head, both contrib/openbsm (svn merge) and src/sys/{bsm,security/audit} (manual merge). OpenBSM history for imported revision below for reference. MFC after: 1 month Sponsored by: Apple, Inc. Obtained from: TrustedBSD Project OpenBSM 1.1 beta 1 - The filesz parameter in audit_control(5) now accepts suffixes: 'B' for Bytes, 'K' for Kilobytes, 'M' for Megabytes, and 'G' for Gigabytes. For legacy support no suffix defaults to bytes. - Audit trail log expiration support added. It is configured in audit_control(5) with the expire-after parameter. If there is no expire-after parameter in audit_control(5), the default, then the audit trail files are not expired and removed. See audit_control(5) for more information. - Change defaults in audit_control: warn at 5% rather than 20% free for audit partitions, rotate automatically at 2mb, and set the default policy to cnt,argv rather than cnt so that execve(2) arguments are captured if AUE_EXECVE events are audited. These may provide more usable defaults for many users. - Use au_domain_to_bsm(3) and au_socket_type_to_bsm(3) to convert au_to_socket_ex(3) arguments to BSM format. - Fix error encoding AUT_IPC_PERM tokens. diff 187214 Wed Jan 14 08:48:08 MST 2009 rwatson Merge OpenBSM alpha 5 from OpenBSM vendor branch to head, both contrib/openbsm (svn merge) and src/sys/{bsm,security/audit} (manual merge). Hook up bsm_domain.c and bsm_socket_type.c to the libbsm build along with man pages, add audit_bsm_domain.c and audit_bsm_socket_type.c to the kernel environment. OpenBSM history for imported revisions below for reference. MFC after: 1 month Sponsored by: Apple Inc. Obtained from: TrustedBSD Project OpenBSM 1.1 alpha 5 - Stub libauditd(3) man page added. - All BSM error number constants with BSM_ERRNO_. - Interfaces to convert between local and BSM socket types and protocol families have been added: au_bsm_to_domain(3), au_bsm_to_socket_type(3), au_domain_to_bsm(3), and au_socket_type_to_bsm(3), along with definitions of constants in audit_domain.h and audit_socket_type.h. This improves interoperability by converting local constant spaces, which vary by OS, to and from Solaris constants (where available) or OpenBSM constants for protocol domains not present in Solaris (a fair number). These routines should be used when generating and interpreting extended socket tokens. - Fix build warnings with full gcc warnings enabled on most supported platforms. - Don't compile error strings into bsm_errno.c when building it in the kernel environment. - When started by launchd, use the label com.apple.auditd rather than org.trustedbsd.auditd. diff 187214 Wed Jan 14 08:48:08 MST 2009 rwatson Merge OpenBSM alpha 5 from OpenBSM vendor branch to head, both contrib/openbsm (svn merge) and src/sys/{bsm,security/audit} (manual merge). Hook up bsm_domain.c and bsm_socket_type.c to the libbsm build along with man pages, add audit_bsm_domain.c and audit_bsm_socket_type.c to the kernel environment. OpenBSM history for imported revisions below for reference. MFC after: 1 month Sponsored by: Apple Inc. Obtained from: TrustedBSD Project OpenBSM 1.1 alpha 5 - Stub libauditd(3) man page added. - All BSM error number constants with BSM_ERRNO_. - Interfaces to convert between local and BSM socket types and protocol families have been added: au_bsm_to_domain(3), au_bsm_to_socket_type(3), au_domain_to_bsm(3), and au_socket_type_to_bsm(3), along with definitions of constants in audit_domain.h and audit_socket_type.h. This improves interoperability by converting local constant spaces, which vary by OS, to and from Solaris constants (where available) or OpenBSM constants for protocol domains not present in Solaris (a fair number). These routines should be used when generating and interpreting extended socket tokens. - Fix build warnings with full gcc warnings enabled on most supported platforms. - Don't compile error strings into bsm_errno.c when building it in the kernel environment. - When started by launchd, use the label com.apple.auditd rather than org.trustedbsd.auditd. |
/freebsd-10.0-release/contrib/openbsm/etc/ | ||
H A D | audit_control | diff 189279 Mon Mar 02 11:32:58 MST 2009 rwatson Merge OpenBSM 1.1 beta 1 from OpenBSM vendor branch to head, both contrib/openbsm (svn merge) and src/sys/{bsm,security/audit} (manual merge). OpenBSM history for imported revision below for reference. MFC after: 1 month Sponsored by: Apple, Inc. Obtained from: TrustedBSD Project OpenBSM 1.1 beta 1 - The filesz parameter in audit_control(5) now accepts suffixes: 'B' for Bytes, 'K' for Kilobytes, 'M' for Megabytes, and 'G' for Gigabytes. For legacy support no suffix defaults to bytes. - Audit trail log expiration support added. It is configured in audit_control(5) with the expire-after parameter. If there is no expire-after parameter in audit_control(5), the default, then the audit trail files are not expired and removed. See audit_control(5) for more information. - Change defaults in audit_control: warn at 5% rather than 20% free for audit partitions, rotate automatically at 2mb, and set the default policy to cnt,argv rather than cnt so that execve(2) arguments are captured if AUE_EXECVE events are audited. These may provide more usable defaults for many users. - Use au_domain_to_bsm(3) and au_socket_type_to_bsm(3) to convert au_to_socket_ex(3) arguments to BSM format. - Fix error encoding AUT_IPC_PERM tokens. diff 189279 Mon Mar 02 11:32:58 MST 2009 rwatson Merge OpenBSM 1.1 beta 1 from OpenBSM vendor branch to head, both contrib/openbsm (svn merge) and src/sys/{bsm,security/audit} (manual merge). OpenBSM history for imported revision below for reference. MFC after: 1 month Sponsored by: Apple, Inc. Obtained from: TrustedBSD Project OpenBSM 1.1 beta 1 - The filesz parameter in audit_control(5) now accepts suffixes: 'B' for Bytes, 'K' for Kilobytes, 'M' for Megabytes, and 'G' for Gigabytes. For legacy support no suffix defaults to bytes. - Audit trail log expiration support added. It is configured in audit_control(5) with the expire-after parameter. If there is no expire-after parameter in audit_control(5), the default, then the audit trail files are not expired and removed. See audit_control(5) for more information. - Change defaults in audit_control: warn at 5% rather than 20% free for audit partitions, rotate automatically at 2mb, and set the default policy to cnt,argv rather than cnt so that execve(2) arguments are captured if AUE_EXECVE events are audited. These may provide more usable defaults for many users. - Use au_domain_to_bsm(3) and au_socket_type_to_bsm(3) to convert au_to_socket_ex(3) arguments to BSM format. - Fix error encoding AUT_IPC_PERM tokens. diff 189279 Mon Mar 02 11:32:58 MST 2009 rwatson Merge OpenBSM 1.1 beta 1 from OpenBSM vendor branch to head, both contrib/openbsm (svn merge) and src/sys/{bsm,security/audit} (manual merge). OpenBSM history for imported revision below for reference. MFC after: 1 month Sponsored by: Apple, Inc. Obtained from: TrustedBSD Project OpenBSM 1.1 beta 1 - The filesz parameter in audit_control(5) now accepts suffixes: 'B' for Bytes, 'K' for Kilobytes, 'M' for Megabytes, and 'G' for Gigabytes. For legacy support no suffix defaults to bytes. - Audit trail log expiration support added. It is configured in audit_control(5) with the expire-after parameter. If there is no expire-after parameter in audit_control(5), the default, then the audit trail files are not expired and removed. See audit_control(5) for more information. - Change defaults in audit_control: warn at 5% rather than 20% free for audit partitions, rotate automatically at 2mb, and set the default policy to cnt,argv rather than cnt so that execve(2) arguments are captured if AUE_EXECVE events are audited. These may provide more usable defaults for many users. - Use au_domain_to_bsm(3) and au_socket_type_to_bsm(3) to convert au_to_socket_ex(3) arguments to BSM format. - Fix error encoding AUT_IPC_PERM tokens. diff 189279 Mon Mar 02 11:32:58 MST 2009 rwatson Merge OpenBSM 1.1 beta 1 from OpenBSM vendor branch to head, both contrib/openbsm (svn merge) and src/sys/{bsm,security/audit} (manual merge). OpenBSM history for imported revision below for reference. MFC after: 1 month Sponsored by: Apple, Inc. Obtained from: TrustedBSD Project OpenBSM 1.1 beta 1 - The filesz parameter in audit_control(5) now accepts suffixes: 'B' for Bytes, 'K' for Kilobytes, 'M' for Megabytes, and 'G' for Gigabytes. For legacy support no suffix defaults to bytes. - Audit trail log expiration support added. It is configured in audit_control(5) with the expire-after parameter. If there is no expire-after parameter in audit_control(5), the default, then the audit trail files are not expired and removed. See audit_control(5) for more information. - Change defaults in audit_control: warn at 5% rather than 20% free for audit partitions, rotate automatically at 2mb, and set the default policy to cnt,argv rather than cnt so that execve(2) arguments are captured if AUE_EXECVE events are audited. These may provide more usable defaults for many users. - Use au_domain_to_bsm(3) and au_socket_type_to_bsm(3) to convert au_to_socket_ex(3) arguments to BSM format. - Fix error encoding AUT_IPC_PERM tokens. diff 189279 Mon Mar 02 11:32:58 MST 2009 rwatson Merge OpenBSM 1.1 beta 1 from OpenBSM vendor branch to head, both contrib/openbsm (svn merge) and src/sys/{bsm,security/audit} (manual merge). OpenBSM history for imported revision below for reference. MFC after: 1 month Sponsored by: Apple, Inc. Obtained from: TrustedBSD Project OpenBSM 1.1 beta 1 - The filesz parameter in audit_control(5) now accepts suffixes: 'B' for Bytes, 'K' for Kilobytes, 'M' for Megabytes, and 'G' for Gigabytes. For legacy support no suffix defaults to bytes. - Audit trail log expiration support added. It is configured in audit_control(5) with the expire-after parameter. If there is no expire-after parameter in audit_control(5), the default, then the audit trail files are not expired and removed. See audit_control(5) for more information. - Change defaults in audit_control: warn at 5% rather than 20% free for audit partitions, rotate automatically at 2mb, and set the default policy to cnt,argv rather than cnt so that execve(2) arguments are captured if AUE_EXECVE events are audited. These may provide more usable defaults for many users. - Use au_domain_to_bsm(3) and au_socket_type_to_bsm(3) to convert au_to_socket_ex(3) arguments to BSM format. - Fix error encoding AUT_IPC_PERM tokens. |
Completed in 211 milliseconds