cvs commit: src/sys/bsm audit_record.h src/sys/kern kern_exec.c src/sys/security/audit audit.c audit.h audit_arg.c audit_bsm.c audit_bsm_token.c audit_private.h audit_syscalls.c

2006-09-01 Thread Wayne Salamon
wsalamon2006-09-01 11:45:40 UTC FreeBSD src repository Modified files: sys/bsm audit_record.h sys/kern kern_exec.c sys/security/audit audit.c audit.h audit_arg.c audit_bsm.c audit_bsm_token.c audit_private.h

cvs commit: src/sys/security/audit audit_bsm.c src/sys/kern vfs_syscalls.c

2006-07-06 Thread Wayne Salamon
wsalamon2006-07-06 19:33:38 UTC FreeBSD src repository Modified files: sys/security/audit audit_bsm.c sys/kern vfs_syscalls.c Log: Audit the remaining parameters to the extattr system calls. Generate the audit records for those calls. Obtained from: Trus

cvs commit: src/sys/sys syscall.h syscall.mk sysproto.h src/sys/kern init_sysent.c syscalls.c

2006-07-05 Thread Wayne Salamon
wsalamon2006-07-05 19:24:14 UTC FreeBSD src repository Modified files: sys/sys sysproto.h syscall.mk syscall.h sys/kern init_sysent.c syscalls.c Log: Regen the system calls files, picking up the extended attr events, and some mount-related changes

cvs commit: src/sys/kern syscalls.master

2006-07-05 Thread Wayne Salamon
wsalamon2006-07-05 15:46:02 UTC FreeBSD src repository Modified files: sys/kern syscalls.master Log: Add audit events for the extended attribute system calls. Obtained from: TrustedBSD Project Approved by: rwatson (mentor) Revision ChangesPath 1.217

cvs commit: src/sys/security/audit audit_bsm_token.c

2006-06-17 Thread Wayne Salamon
wsalamon2006-06-17 13:53:04 UTC FreeBSD src repository Modified files: sys/security/audit audit_bsm_token.c Log: Make the size of the subject32_ex and process32_ex tokens depend on whether we have an IPv6 address. Write the term ID as 4 or 16 bytes depending on address type

cvs commit: src/sys/kern vfs_syscalls.c

2006-02-22 Thread Wayne Salamon
wsalamon2006-02-22 16:04:20 UTC FreeBSD src repository Modified files: sys/kern vfs_syscalls.c Log: Add pathname and/or vnode argument auditing for the following system calls: quotactl, statfs, fstatfs, fchdir, chdir, chroot, open, mknod, mkfifo, link, symlink, un

cvs commit: src/sys/kern sys_process.c

2006-02-13 Thread Wayne Salamon
wsalamon2006-02-14 01:18:31 UTC FreeBSD src repository Modified files: sys/kern sys_process.c Log: Audit the arguments to the ptrace(2) system call. Obtained from: TrustedBSD Project Approved by: rwatson (mentor) Revision ChangesPath 1.136 +7 -0

cvs commit: src/sys/kern kern_sig.c

2006-02-13 Thread Wayne Salamon
wsalamon2006-02-14 01:17:03 UTC FreeBSD src repository Modified files: sys/kern kern_sig.c Log: Audit the arguments to the kill(2) and killpg(2) system calls. Obtained from: TrustedBSD Project Approved by: rwatson (mentor) Revision ChangesPath 1.322

cvs commit: src/sys/kern kern_prot.c

2006-02-05 Thread Wayne Salamon
wsalamon2006-02-06 00:32:33 UTC FreeBSD src repository Modified files: sys/kern kern_prot.c Log: Audit the arguments (user/group IDs) for the system calls that set these IDs. Obtained from: TrustedBSD Project Approved by: rwatson (mentor) Revision Changes

cvs commit: src/sys/kern kern_fork.c

2006-02-05 Thread Wayne Salamon
wsalamon2006-02-06 00:28:50 UTC FreeBSD src repository Modified files: sys/kern kern_fork.c Log: Audit the args to rfork(), and the child PID for all fork system calls. Obtained from: TrustedBSD Project Approved by: rwatson (mentor) Revision ChangesPa

cvs commit: src/sys/kern kern_exit.c

2006-02-05 Thread Wayne Salamon
wsalamon2006-02-06 00:19:09 UTC FreeBSD src repository Modified files: sys/kern kern_exit.c Log: Audit the pid being requested in wait4(). Obtained from: TrustedBSD Project Approved by: rwatson (mentor) Revision ChangesPath 1.280 +2 -0 src/

cvs commit: src/sys/kern kern_descrip.c

2006-02-05 Thread Wayne Salamon
wsalamon2006-02-05 23:57:32 UTC FreeBSD src repository Modified files: sys/kern kern_descrip.c Log: Add auditing of arguments to the close() and fstat() system calls. Much more argument auditing yet to come, for remaining system calls in this file. Obtained fro

cvs commit: src/sys/amd64/amd64 trap.c src/sys/amd64/ia32 ia32_syscall.c

2006-02-04 Thread Wayne Salamon
wsalamon2006-02-04 20:37:20 UTC FreeBSD src repository Modified files: sys/amd64/amd64 trap.c sys/amd64/ia32 ia32_syscall.c Log: Call the audit syscall enter/exit functions for the amd64 architecture, both 32-bit and 64-bit paths. System calls will now be audite

cvs commit: src/usr.bin/login Makefile login.1 login.c login.h login_audit.c

2006-02-04 Thread Wayne Salamon
wsalamon2006-02-04 20:20:02 UTC FreeBSD src repository Modified files: usr.bin/loginMakefile login.1 login.c login.h Added files: usr.bin/loginlogin_audit.c Log: Make login audit-enabled, submitting audit records for the login and logout events. The speci

cvs commit: src/sys/i386/i386 trap.c

2006-02-04 Thread Wayne Salamon
wsalamon2006-02-04 14:11:33 UTC FreeBSD src repository Modified files: sys/i386/i386trap.c Log: Hook up the audit system to system call entry and exit. System calls will now be audited. Obtained from: TrustedBSD Project Approved by: rwatson (mentor) Revisio