README revision 155364
1155131SrwatsonOpenBSM 1.0 2155131Srwatson 3155131Srwatson Introduction 4155131Srwatson 5155131SrwatsonOpenBSM provides an open source implementation of Sun's BSM Audit API. 6155131SrwatsonOriginally created under contract to Apple Computer by McAfee Research, 7155131Srwatsonthis implementation is now maintained by volunteers and the generous 8155131Srwatsoncontribution of several organizations. Coupled with a kernel audit 9155131Srwatsonimplementation, OpenBSM can be used to maintain system audit streams, and 10155131Srwatsonis a foundation for an Audit-enabled system. 11155131Srwatson 12155131Srwatson Contents 13155131Srwatson 14155131SrwatsonOpenBSM consists of several directories: 15155131Srwatson 16155131Srwatson bin/ Audit-related command line tools 17155131Srwatson bsm/ System include files for BSM 18155131Srwatson etc/ Sample /etc/security configuration files 19155131Srwatson libbsm/ Implementation of BSM library interfaces and man pages 20155131Srwatson man/ System call and configuration file man pages 21155131Srwatson 22155131SrwatsonOpenBSM currently builds on FreeBSD and Darwin. With Makefile adjustment 23155131Srwatsonand minor tweaks, it should build without problems on a broad range of 24155131SrwatsonPOSIX-like systems. 25155131Srwatson 26155131Srwatson Building 27155131Srwatson 28155131SrwatsonOpenBSM is currently built using a series of BSD make files which should 29155131Srwatsonwork on both FreeBSD and Darwin. One known issue is that versions of 30155131SrwatsonDarwin prior to 10.3.8 have a nested include of "sys/audit.h" from 31155131Srwatson"sys/proc.h", which can result in type definition conflicts. If running 32155131Srwatsonwith include files from an earlier version of Darwin, the nested include 33155131Srwatsonmust be manually removed in order that libbsm can be built, due to 34155131Srwatsonpotentially conflicting types resulting from an include of "sys/sysctl.h" 35155131Srwatsonby that file. On Darwin, the use of BSD make must be specified explicitly 36155131Srwatsonby using "bsdmake" rather than "make", which on Darwin refers to GNU make. 37155131SrwatsonTypical invocations from the OpenBSM tree root: 38155131Srwatson 39155131SrwatsonFreeBSD 40155131Srwatson 41155131Srwatson % make 42155131Srwatson # make install 43155131Srwatson 44155131SrwatsonDarwin 45155131Srwatson 46155131Srwatson % bsdmake 47155131Srwatson # bsdmake install 48155131Srwatson 49155131Srwatson Credits 50155131Srwatson 51155131SrwatsonThe following organizations and individuals have contributed substantially 52155131Srwatsonto the development of OpenBSM: 53155131Srwatson 54155131Srwatson Apple Computer, Inc. 55155131Srwatson McAfee Research, McAfee, Inc. 56155131Srwatson SPARTA, Inc. 57155131Srwatson Robert Watson 58155131Srwatson Wayne Salamon 59155131Srwatson Suresh Krishnaswamy 60155131Srwatson Kevin Van Vechten 61155131Srwatson Tom Rhodes 62155131Srwatson Wojciech Koszek 63155131Srwatson Chunyang Yuan 64155131Srwatson Poul-Henning Kamp 65155364Srwatson Christian Brueffer 66155364Srwatson Olivier Houchard 67155131Srwatson 68155131SrwatsonIn addition, Coverity, Inc.'s Prevent(tm) static analysis tool and Gimpel 69155131SrwatsonSoftware's FlexeLint tool were used to identify a number of bugs in the 70155131SrwatsonOpenBSM implementation. 71155131Srwatson 72155131Srwatson Contributions 73155131Srwatson 74155131SrwatsonThe TrustedBSD Project would appreciate the contribution of bug fixes, 75155131Srwatsonenhancements, etc, under identically or substantially similar licenses to 76155131Srwatsonthose present on the remainder of the OpenBSM source code. 77155131Srwatson 78155131Srwatson Location 79155131Srwatson 80155131SrwatsonInformation on OpenBSM may be found on the OpenBSM home page: 81155131Srwatson 82155131Srwatson http://www.OpenBSM.org/ 83155131Srwatson 84155131SrwatsonInformation on TrustedBSD may be found on the TrustedBSD home page: 85155131Srwatson 86155131Srwatson http://www.TrustedBSD.org/ 87155131Srwatson 88155364Srwatson$P4: //depot/projects/trustedbsd/openbsm/README#13 $ 89