aboutsummaryrefslogtreecommitdiff
path: root/contrib/openbsm/HISTORY
diff options
context:
space:
mode:
Diffstat (limited to 'contrib/openbsm/HISTORY')
-rw-r--r--contrib/openbsm/HISTORY206
1 files changed, 0 insertions, 206 deletions
diff --git a/contrib/openbsm/HISTORY b/contrib/openbsm/HISTORY
deleted file mode 100644
index 18b9dcae3d84..000000000000
--- a/contrib/openbsm/HISTORY
+++ /dev/null
@@ -1,206 +0,0 @@
-OpenBSM 1.0 alpha 9
-
-- Rename many OpenBSM-specific constants and API elements containing the
- strings "BSM" and "bsm" to "AUDIT" and "audit", observing that this is true
- for almost all existing constants and APIs.
-- Instead of passing a per-instance cookie directly into all audit filter
- APIs, pass in the audit filter daemon state pointer, which is then used by
- the module using an audit_filter_{get,set}cookie() API. This will allow
- future service APIs provided by the filter daemon to maintain their own
- state -- for example, per-module preselection state.
-
-OpenBSM 1.0 alpha 8
-
-- Correct typo in definition of AUR_INT.
-- Adopt OpenSolaris constant values for AUDIT_* configuration flags.
-- Arguments to au_to_exec_args() and au_to_exec_env() no longer const.
-- Add kernel versions of au_to_exec_args() and au_to_exec_env().
-- Fix exec argument type that is printed for env strings from 'arg' to 'env'.
-- New OpenBSM token version number assigned, constants added for other
- commonly seen version numbers.
-- OpenBSM-specific events assigned numbers in the 43xxx range to avoid future
- collisions with Solaris. Darwin events renamed to AUE_DARWIN_foo, as they
- are now deprecated numberings.
-- autoconf now detects clock_gettime(), which is not available on Darwin.
-- praudit output fixes relating to arg32 and arg64 tokens.
-- Maximum record size updated to 64k-1 to match Solaris record size limit.
-- Various style and comment cleanups in include files.
-
-OpenBSM 1.0 alpha 7
-
-- Adopted Solaris-compatible format for subject32_ex and subject64_ex
- tokens, which previously did not correctly implement variable length
- address storage.
-- Prefer inttypes.h to stdint.h; enhance queue.h detection to test for
- TAILQ_FOREACH_SAFE(), which is present in recent BSD queue.h's, but not
- older ones. OpenBSM now builds on some FreeBSD 4.x version.
-- New event types for extended attributes, ACLs, and scheduling.
-
-OpenBSM 1.0 alpha 6
-
-- Use AU_TO_WRITE and AU_NO_TO_WRITE for the 'keep' argument to au_close();
- previously we used hard-coded 0 and 1 values.
-- Add man page for au_open(), au_write(), au_close(), and
- au_close_buffer().
-- Support a more complete range of data types for the arbitrary data token:
- add AUR_CHAR (alias to AUR_BYTE), remove AUR_LONG, add AUR_INT32 (alias
- to AUR_INT), add AUR_INT64.
-- Add au_close_token(), which allows writing a single token_t to a memory
- buffer. Not likely to be used much by applications, but useful for
- writing test tools.
-- Modify au_to_file() so that it accepts a timeval in user space, not just
- kernel -- this is not a Solaris BSM API so can be modified without
- causing compatibility issues.
-- Define a new API, au_to_header32_tm(), which adds a struct timeval
- argument to the ordinary au_to_header32(), which is now implemented by
- wrapping au_to_header32_tm() and calling gettimeofday(). #ifndef KERNEL
- the APIs that invoke gettimeofday(), rather than having a variable
- definition. Don't try to retrieve time zone information using
- gettimeofday(), as it's not needed, and introduces possible failure
- modes.
-- Don't perform byte order transformations on the addr/machine fields of
- the terminal ID that appears in the process32/subject32 tokens. These
- are assumed to be IP addresses, and as such, to be in network byte
- order.
-- Universally, APIs now assume that IP addresses and ports are provided
- in network byte order. APIs now generally provide these types in
- network byte order when decoding.
-- Beginnings of an OpenBSM test framework can now be found in openbsm/test.
- This code is not built or installed by default.
-- auditd now assigns more appropriate syslog levels to its debugging and
- error information.
-- Support for audit filters introduced: audit filters are dynamically
- loaded shared objects that run in the context of a new daemon,
- auditfilterd. The daemon reads from an audit pipe and feeds both BSM and
- parsed versions of records to shared objects using a module API. This
- will provide a framework for the writing of intrusion detection services.
-- New utility API, audit_submit(), added to capture common elements of audit
- record submission for many applications.
-
-OpenBSM 1.0 alpha 5
-
-- Update install notes to indicate /etc files are to be installed manually.
-- On systems without LOG_SECURITY, use LOG_AUTH.
-- Convert to autoconf/automake in order to move to a more portable (not
- BSD-specific) build infrastructure, and more easy conditional building of
- components. Currently, the primary feature loss is that automake does
- not have native support for manual symlinks. This will be addressed in a
- future OpenBSM release.
-- Add compat/queue.h, to be used on systems dated BSD queue macro libraries
- (as found on Linux).
-- Rename CHANGELOG to HISTORY, as our change log doesn't follow some of the
- existing conventions for a CHANGELOG.
-- Some private data structures moved from audit.h to audit_internal.h to
- prevent inappropriate use by applications and name space pollution.
-- Improved detection and use of endian macros using autoconf.
-- Avoid non-portable use of struct in6_addr, which is largely opaque.
-- Avoid leaking BSD kernel socket related token code to user space in
- bsm_token.c.
-- Teach System V IPC calls to look for Linux naming variations for certain
- struct ipc_perm fields.
-- Test for audit system calls, and if not present, don't build
- bsm_wrappers.c, bsm_notify.c, audit(8), and auditd(8), which rely on
- those system calls.
-- au_close() is not implemented on systems that don't have audit system
- calls, but au_close_buffer() is.
-- Work around missing BSDisms in bsm_wrapper.c.
-- Fix nested includes so including libbsm.h in an application on Linux
- picks up the necessary definitions.
-
-OpenBSM 1.0 alpha 4
-
-- Remove "audit" user example from audit_user, as it's not present on most
- systems.
-- Add cannot_audit() function non-Darwin systems that wraps auditon();
- required by OpenSSH BSM support. Convert Darwin cannot_audit() into a
- function rather than a macro.
-- Library build fixed on Darwin following include file tweaks. The native
- Darwin sys/audit.h conflicts with bsm/audit.h due to duplicate types, so
- for now we force bsm_wrappers.c to not perform a nested include of
- sys/audit.h.
-
-OpenBSM 1.0 alpha 3
-
-- Man page formatting, cross reference, mlinks, and accuracy improvements.
-- auditd and tools now compile and run on FreeBSD/arm.
-- auditd will now fchown() the trail file to the audit review group, if
- defined at compile-time.
-- Added AUE_SYSARCH for FreeBSD.
-- Definition of AUE_SETFSGID fixed for Linux.
-
-OpenBSM 1.0 alpha 2
-
-- Man page formatting improvements.
-- A number of new audit event identifiers for FreeBSD, Linux, and POSIX.1b
- events.
-- Remove 'tfm' class, unused in OpenBSM.
-
-OpenBSM 1.0 alpha 1
-
-- Import of Darwin74 BSM drop
-- Use 'syslog' for audit log warnings, rather than echoing to a file in
- audit_warn.
-- Compile using BSD make infrastructure.
-- Integrate bsm/ include files from Darwin74 XNU drop into OpenBSM.
-- Narrow set of symbols and defines that are exposed in user space: don't
- compile in code relying on kernel-only types such as 'struct socket'.
-- Add README, including basic build documentation.
-- Compilation of Apple-specific notify and Machroutines now #ifdef __APPLE__.
-- Staticize libbsm global variables to avoid leakage into application.
-- Add free_au_user_ent() so that au_user_ent's don't have to be leaked.
-- Clean up bogus nul-termination checks in libbsm.
-- Add libbsm API man pages: au_class.3 au_control.3 au_event.3
- au_free_token.3 au_io.3 au_mask.3 au_token.3 au_user.3 libbsm.3.
-- Add man pages for BSM system calls: audit.2 auditctl.2 auditon.2 getaudit.2
- getauid.2 setaudit.2 setauid.2
-- Modify various libbsm interfaces to more consistently return 'errno' values
- on failure.
-- Break out au_close() into constituent parts, allowing records to be written
- to memory as well as files.
-- Prefix various defines with 'BSM_' to reduce name space pollution.
-- Added audit_internal.h, which can be used by a kernel audit implementation
- wanting to rely on libbsm components.
-- Build with warnings, and eliminate warnings.
-- Make libbsm endian-independent, storing and reading BSM are big endian
- (network byte order) rather than native byte order. More consistently
- print IP addresses using the IP address print routine. These changes
- make use of sys/endian.h from *BSD; since this isn't present on Darwin,
- add it to OpenBSM as compat/endian.h, which is used only on Darwin.
-- Import of Darwin80 BSM drop, including 64-bit file IDs, better
- documentation of private APIs, and bug fixes.
-- White space cleanup.
-- Add audit.log.5, a first cut at a man page documenting the BSM file format.
-- Teach au_read_rec() to recognize stand-alone file tokens, which are present
- at the beginning and end of Solaris audit trails. Technically, these
- appear to violate the high level BSM spec, which suggests that all tokens
- are present in records, but need to be supported.
-- Implement HEADER64, ATTR64, SUBJECT64 token types, which make it possible
- to run praudit(1) on basic Solaris BSM streams.
-- Switched to Solaris spelling of token names; Darwin spellings are now
- deprecated and will be removed in a future version of OpenBSM.
-- Adopt Solaris model for representing IPv4 and IPv6 addresses.
-- Prefer C99 types.
-- Attempt to universally adopt the BSD style(9) coding style for
- consistency.
-- auditreduce(1) now has a usage message.
-- Update support for auditctl(2) system call to support FreeBSD.
-- Add support for /dev/audit as the trigger source on FreeBSD.
-- Add additional event types for Darwin, FreeBSD, and Solaris. Annotate
- conflicts (there are a few, unfortunately). Correct spellings, comment,
- sort, etc. These include {get,set}res[ug]id(), sendfile(), lchflags(),
- eaccess(), kqueue(), kevent(), poll(), lchmod().
-- Relicensed under a BSD license, many thanks to Apple, Inc!
-- Many bug fixes, cleanups, thread safety in the class, control, event,
- and user system audit databases. Annotate some persisting atomicity
- bugs associated with the API and implementation.
-- Add audump test tool.
-- Adopt OpenSolaris BSM API memory semantics: caller allocates memory,
- or static memory is returned for non-_r() versions of API calls.
- _free() calls dropped as a result, and source code compatibility with
- OpenSolaris improved significantly.
-- Annotate BSM events with origin OS and compatibility information.
-- auditd(8), audit(8) added to the OpenBSM distribution. auditd extended
- to support reloading of kernel event table.
-- Allow comments in /etc/security configuration files.
-
-$P4: //depot/projects/trustedbsd/openbsm/HISTORY#25 $
generated by cgit v1.2.3 (git 2.25.1) at 2025-02-22 08:26:31 +0000