FreeBSD source tree https://cgit-dev.freebsd.org/src-test/atom?h=a 2020-07-28T20:06:16Z 2020-07-28T20:06:16Z Christian S.J. Peron csjp@FreeBSD.org 2020-07-28T20:06:16Z urn:sha1:3008333d442f4daf0318cb1d249240e086208d68 were cherry picked up the upstream OpenBSD repository. At some point we will look at doing another import, but the diffs are substantial and will require some careful testing. Differential Revision: https://reviews.freebsd.org/D25021 MFC after: 2 weeks Submitted by: gbe Reviewed by: myself, bcr 2020-04-19T02:20:39Z Alan Somers asomers@FreeBSD.org 2020-04-19T02:20:39Z urn:sha1:72a600a7a1908f1e778f54e08bd60a93be87dd33 According to the upstream man page (which we don't install), none of libauditd's symbols are intended to be public. Also, I can't find any evidence for a port that uses libauditd. Therefore, we should treat it like other such libraries and use PRIVATELIB. Reported by: phk Reviewed by: cem, emaste MFC after: 2 weeks 2020-03-28T17:36:39Z Kyle Evans kevans@FreeBSD.org 2020-03-28T17:36:39Z urn:sha1:71f8f48356585b1777d5d6a940c86f810bd20c6a This allows one to select audit records that match a -z zone glob. MFC after: 1 week Sponsored by: Modirum MDPay, Klara Systems 2019-11-28T00:46:03Z Conrad Meyer cem@FreeBSD.org 2019-11-28T00:46:03Z urn:sha1:8dd74db753c5c918971fbf5e515490c4c5245fb8 The bogus use could lead to an infinite loop depending on how fast the audit_warn script to execute. By fixing read(2) interruptibility, d060887 (r335899) revealed another bug in auditd_wait_for_events. When read is interrupted by SIGCHLD, auditd_reap_children will always return with errno set to ECHILD. But auditd_wait_for_events checks errno after that point, expecting it to be unchanged since read. As a result, it calls auditd_handle_trigger with bogus stack garbage. The result is the error message "Got unknown trigger 48." Fix by simply ignoring errno at that point; there's only one value it could've possibly had, thanks to the check up above. The best part is we've had a fix for this for like 18 months and just never merged it. Merge it now. PR: 234209 Reported by: Marie Helene Kvello-Aune <freebsd AT mhka.no> (2018-12) Submitted by: asomers (2018-07) Reviewed by: me (in OpenBSM) Obtained from: OpenBSM X-MFC-With: r335899 Security: ¯\_(ツ)_/¯ Differential Revision: https://github.com/openbsm/openbsm/pull/45 2019-11-18T13:31:16Z David Bright dab@FreeBSD.org 2019-11-18T13:31:16Z urn:sha1:2d5603fe6507ec4d773de4f37d61bd6187e42208 Co-mingling two things here: * Addressing some feedback from Konstantin and Kyle re: jail, capability mode, and a few other things * Adding audit support as promised. The audit support change includes a partial refresh of OpenBSM from upstream, where the change to add shm_rename has already been accepted. Matthew doesn't plan to work on refreshing anything else to support audit for those new event types. Submitted by: Matthew Bryan <matthew.bryan@isilon.com> Reviewed by: kib Relnotes: Yes Sponsored by: Dell EMC Isilon Differential Revision: https://reviews.freebsd.org/D22083 2019-01-17T06:35:45Z Kirk McKusick mckusick@FreeBSD.org 2019-01-17T06:35:45Z urn:sha1:88640c0e8b6f503426cce9ea1337098c241d3801 An integrity check such as a check-hash or a cross-correlation failed. The integrity error falls between EINVAL that identifies errors in parameters to a system call and EIO that identifies errors with the underlying storage media. EINTEGRITY is typically raised by intermediate kernel layers such as a filesystem or an in-kernel GEOM subsystem when they detect inconsistencies. Uses include allowing the mount(8) command to return a different exit value to automate the running of fsck(8) during a system boot. These changes make no use of the new error, they just add it. Later commits will be made for the use of the new error number and it will be added to additional manual pages as appropriate. Reviewed by: gnn, dim, brueffer, imp Discussed with: kib, cem, emaste, ed, jilles Differential Revision: https://reviews.freebsd.org/D18765 2019-01-09T01:16:35Z Pawel Jakub Dawidek pjd@FreeBSD.org 2019-01-09T01:16:35Z urn:sha1:6d4db583932349d47c0ed42f7fa4d14aac52482c an empty string, instead of NULL, if an entry is missing in the audit_control file. Because of that change the getachost() function started to return success even if the host name was not defined in the audit_control. This in turn led to auditd_hostlen always being set (for an empty host it was set to 0). If auditd_hostlen was not equal to -1 we were trying to append the host name to trail file name. All this led to situation where when host name is not defined in audit_control, auditd will create trail files with a leading '.', which breaks auditdistd as it doesn't work with longer audit trail file names. Fix this by appending host name to the trail file name only if the host name is not empty. 2018-12-07T03:13:36Z Pawel Jakub Dawidek pjd@FreeBSD.org 2018-12-07T03:13:36Z urn:sha1:4926792bc90c2694c74699f6845bb66613ee3a91 The sender has .not_terminated file. It gets disconnected. The last trail file is then terminated without adding new data (this can happen for example when auditd is being stopped on the sender). After reconnect the .not_terminated was not renamed on the receiver as it should. We were already handling similar situation where the sender crashed and the .not_terminated trail file was renamed to .crash_recovery. Extend this case to handle the situation above. 2018-10-05T17:53:47Z Glen Barber gjb@FreeBSD.org 2018-10-05T17:53:47Z urn:sha1:01d4e2149e5566e5d9394913dc9fb032da259e0b Sponsored by: The FreeBSD Foundation 2018-10-04T05:57:27Z Pawel Jakub Dawidek pjd@FreeBSD.org 2018-10-04T05:57:27Z urn:sha1:58554c8d88ba1a069bbda55dcec4ea96db0aec71 Approved by: re (kib)