From bc0e97ce46f76627afa222c7ec48ce1395dc127e Mon Sep 17 00:00:00 2001
From: Ryan Steinmetz <zi@FreeBSD.org>
Date: Sun, 14 Jul 2013 13:49:06 +0000
Subject: - Clarify instructions for auditdistd configuration

---
 security/openbsm-devel/files/pkg-message.in | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

(limited to 'security')

diff --git a/security/openbsm-devel/files/pkg-message.in b/security/openbsm-devel/files/pkg-message.in
index 688c6845c555..73a7b2833c58 100644
--- a/security/openbsm-devel/files/pkg-message.in
+++ b/security/openbsm-devel/files/pkg-message.in
@@ -28,9 +28,10 @@ receiver {
 	}
 }
 
-5. Update permissions on the auditdistd configuration file:
+5. Update permissions on the auditdistd configuration file and create directory:
 # chmod 600 /etc/security/auditdistd.conf
 # chown root:wheel /etc/security/auditdistd.conf
+# mkdir -m 700 /var/audit/remote ; chown auditdistd:wheel /var/audit/remote
 
 6. Add the following to /etc/rc.conf:
 auditdistd_enable="YES"
@@ -56,13 +57,16 @@ dist:on
 4. Create /etc/security/auditdistd.conf configuration file:
 sender {
 	host "<enter hostname of receiver here>" {
-	remote "tls://<enter IP of the receiver here>"
-	fingerprint "SHA256=8F:0A:FC:8A:3D:09:80:AF:D9:AA:38:CC:8A:86:..."
-	password "<enter password generated above here>"
+		remote "tls://<enter IP of the receiver here>"
+		fingerprint "SHA256=8F:0A:FC:8A:3D:09:80:AF:D9:AA:38:CC:8A:86:..."
+		password "<enter password generated above here>"
 	}
 }
 
-4. Start the required daemons:
+5. Create the required directories:
+# mkdir -m 0770 /var/audit/dist ; chown auditdistd:audit /var/audit/dist
+
+6. Start the required daemons:
 service auditd start && service auditdistd start
 
 Additional information regarding auditdistd may be found on the OpenBSM wiki:
-- 
cgit v1.2.3