Vendor import of OpenBSM 1.1, which incorporates the following changes

since the last imported OpenBSM release:

OpenBSM 1.1

- Change auditon(2) parameters and data structures to be 32/64-bit architecture
  independent.  Add more information to man page about auditon(2) parameters.
- Add wrapper functions for auditon(2) to use legacy commands when the new
  commands are not supported.
- Add default for 'expire-after' in audit_control to expire trail files when
  the audit directory is more than 10 megabytes ('10M').
- Interface to convert between local and BSM fcntl(2) command values has been
  added:  au_bsm_to_fcntl_cmd(3) and au_fcntl_cmd_to_bsm(3), along with
  definitions of constants in audit_fcntl.h.
- A bug, introduced in OpenBSM 1.1 alpha 4, in which AUT_RETURN32 tokens
  generated by audit_submit(3) were improperly encoded has been fixed.
- Fix example in audit_submit(3) man page.  Also, make it clear that we want
  the audit ID as the argument.
- A new audit event class 'aa', for post-login authentication and
  authorization events, has been added.

Obtained from:	TrustedBSD Project
Sponsored by:	Apple, Inc.

CREDITS

@@ -28,6 +28,7 @@ the development of OpenBSM:
     Xin LI
     Stacey Son
     Todd Heberlein
+    Gary Hoo
 
 In addition, Coverity, Inc.'s Prevent(tm) static analysis tool and Gimpel
 Software's FlexeLint tool were used to identify a number of bugs in the

INSTALL

@@ -2,9 +2,8 @@ OpenBSM Build and Installation Instructions
 
 OpenBSM is currently built using autoconf and automake, which should allow
 for building on a range of operating systems, including FreeBSD, Mac OS X,
-and Linux.  Depending on the availability of audit facilities in the
-underlying operating system, some components that depend on kernel audit
-support are built conditionally.  Typically, build will be performed using:
+and Linux.  Some components are built only if appropriate kernel audit
+suppport is found.  Typical builds will be performed using:
 
     ./configure
     make
@@ -15,10 +14,14 @@ force the compile to fail if a warning is found:
 
     CFLAGS="-Wall -Werror" ./configure
 
-To install, use:
+To install the library, binaries, and man pages, use:
 
     make install
 
+The OpenBSM install will not install files in /etc; these have to be
+manually installed or merged.  Currently, the locations of these files are
+not configurable.
+
 You may wish to specify that the OpenBSM components not be installed in the
 base system, rather in a specific directory.  This may be done using the
 --prefix argument to configure.  If installing to a specific directory,
@@ -29,7 +32,3 @@ directory the correct libbsm is used:
     make
     make install
     LD_LIBRARY_PATH=/home/rwatson/openbsm/libbsm ; export LD_LIBRARY_PATH
-
-You will need to manually propagate openbsm/etc/* into /etc/security on your
-system; this is not done automatically so as to avoid disrupting the current
-configuration.  Currently, the locations of these files is not configurable.

Makefile.in

@@ -1,8 +1,8 @@
-# Makefile.in generated by automake 1.10 from Makefile.am.
+# Makefile.in generated by automake 1.10.1 from Makefile.am.
 # @configure_input@
 
 # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006  Free Software Foundation, Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008  Free Software Foundation, Inc.
 # This Makefile.in is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
@@ -15,7 +15,7 @@
 @SET_MAKE@
 
 #
-# $P4: //depot/projects/trustedbsd/openbsm/Makefile.in#9 $
+# $P4: //depot/projects/trustedbsd/openbsm/Makefile.in#10 $
 #
 VPATH = @srcdir@
 pkgdatadir = $(datadir)/@PACKAGE@
@@ -97,6 +97,7 @@ CXXFLAGS = @CXXFLAGS@
 CYGPATH_W = @CYGPATH_W@
 DEFS = @DEFS@
 DEPDIR = @DEPDIR@
+DSYMUTIL = @DSYMUTIL@
 ECHO = @ECHO@
 ECHO_C = @ECHO_C@
 ECHO_N = @ECHO_N@
@@ -121,6 +122,7 @@ MAINT = @MAINT@
 MAKEINFO = @MAKEINFO@
 MIG = @MIG@
 MKDIR_P = @MKDIR_P@
+NMEDIT = @NMEDIT@
 OBJEXT = @OBJEXT@
 PACKAGE = @PACKAGE@
 PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
@@ -184,6 +186,7 @@ sharedstatedir = @sharedstatedir@
 srcdir = @srcdir@
 sysconfdir = @sysconfdir@
 target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
 top_builddir = @top_builddir@
 top_srcdir = @top_srcdir@
 SUBDIRS = bsm $(am__append_1) libbsm bin man modules sys
@@ -332,8 +335,8 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
 	unique=`for i in $$list; do \
 	    if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
 	  done | \
-	  $(AWK) '    { files[$$0] = 1; } \
-	       END { for (i in files) print i; }'`; \
+	  $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \
+	      END { if (nonempty) { for (i in files) print i; }; }'`; \
 	mkid -fID $$unique
 tags: TAGS
 
@@ -358,8 +361,8 @@ TAGS: tags-recursive $(HEADERS) $(SOURCES)  $(TAGS_DEPENDENCIES) \
 	unique=`for i in $$list; do \
 	    if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
 	  done | \
-	  $(AWK) '    { files[$$0] = 1; } \
-	       END { for (i in files) print i; }'`; \
+	  $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
+	      END { if (nonempty) { for (i in files) print i; }; }'`; \
 	if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
 	  test -n "$$unique" || unique=$$empty_fix; \
 	  $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
@@ -369,13 +372,12 @@ ctags: CTAGS
 CTAGS: ctags-recursive $(HEADERS) $(SOURCES)  $(TAGS_DEPENDENCIES) \
 		$(TAGS_FILES) $(LISP)
 	tags=; \
-	here=`pwd`; \
 	list='$(SOURCES) $(HEADERS)  $(LISP) $(TAGS_FILES)'; \
 	unique=`for i in $$list; do \
 	    if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
 	  done | \
-	  $(AWK) '    { files[$$0] = 1; } \
-	       END { for (i in files) print i; }'`; \
+	  $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
+	      END { if (nonempty) { for (i in files) print i; }; }'`; \
 	test -z "$(CTAGS_ARGS)$$tags$$unique" \
 	  || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
 	     $$tags $$unique
@@ -446,6 +448,10 @@ dist-bzip2: distdir
 	tardir=$(distdir) && $(am__tar) | bzip2 -9 -c >$(distdir).tar.bz2
 	$(am__remove_distdir)
 
+dist-lzma: distdir
+	tardir=$(distdir) && $(am__tar) | lzma -9 -c >$(distdir).tar.lzma
+	$(am__remove_distdir)
+
 dist-tarZ: distdir
 	tardir=$(distdir) && $(am__tar) | compress -c >$(distdir).tar.Z
 	$(am__remove_distdir)
@@ -472,6 +478,8 @@ distcheck: dist
 	  GZIP=$(GZIP_ENV) gunzip -c $(distdir).tar.gz | $(am__untar) ;;\
 	*.tar.bz2*) \
 	  bunzip2 -c $(distdir).tar.bz2 | $(am__untar) ;;\
+	*.tar.lzma*) \
+	  unlzma -c $(distdir).tar.lzma | $(am__untar) ;;\
 	*.tar.Z*) \
 	  uncompress -c $(distdir).tar.Z | $(am__untar) ;;\
 	*.shar.gz*) \
@@ -623,8 +631,8 @@ uninstall-am:
 .PHONY: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) CTAGS GTAGS \
 	all all-am am--refresh check check-am clean clean-generic \
 	clean-libtool ctags ctags-recursive dist dist-all dist-bzip2 \
-	dist-gzip dist-shar dist-tarZ dist-zip distcheck distclean \
-	distclean-generic distclean-hdr distclean-libtool \
+	dist-gzip dist-lzma dist-shar dist-tarZ dist-zip distcheck \
+	distclean distclean-generic distclean-hdr distclean-libtool \
 	distclean-tags distcleancheck distdir distuninstallcheck dvi \
 	dvi-am html html-am info info-am install install-am \
 	install-data install-data-am install-dvi install-dvi-am \

NEWS

@@ -1,5 +1,23 @@
 OpenBSM Version History
 
+OpenBSM 1.1
+
+- Change auditon(2) parameters and data structures to be 32/64-bit architecture
+  independent.  Add more information to man page about auditon(2) parameters. 
+- Add wrapper functions for auditon(2) to use legacy commands when the new
+  commands are not supported.
+- Add default for 'expire-after' in audit_control to expire trail files when
+  the audit directory is more than 10 megabytes ('10M').
+- Interface to convert between local and BSM fcntl(2) command values has been
+  added:  au_bsm_to_fcntl_cmd(3) and au_fcntl_cmd_to_bsm(3), along with 
+  definitions of constants in audit_fcntl.h.
+- A bug, introduced in OpenBSM 1.1 alpha 4, in which AUT_RETURN32 tokens
+  generated by audit_submit(3) were improperly encoded has been fixed.
+- Fix example in audit_submit(3) man page.  Also, make it clear that we want
+  the audit ID as the argument.
+- A new audit event class 'aa', for post-login authentication and
+  authorization events, has been added.
+
 OpenBSM 1.1 beta 1
 
 - The filesz parameter in audit_control(5) now accepts suffixes: 'B' for
@@ -431,4 +449,4 @@ OpenBSM 1.0 alpha 1
   to support reloading of kernel event table.
 - Allow comments in /etc/security configuration files.
 
-$P4: //depot/projects/trustedbsd/openbsm/NEWS#32 $
+$P4: //depot/projects/trustedbsd/openbsm/NEWS#40 $

README

@@ -1,23 +1,30 @@
-OpenBSM 1.1 beta 1
+OpenBSM 1.1
 
   Introduction
 
-OpenBSM provides an open source implementation of Sun's BSM Audit API. 
-Originally created under contract to Apple Computer by McAfee Research, this
-implementation is now maintained by volunteers and the generous contribution
-of several organizations.  Coupled with a kernel audit implementation,
-OpenBSM can be used to maintain system audit streams, and is a foundation for
-an Audit-enabled system.  Portions of OpenBSM, including include files and
-token-building routines, are reusable in a kernel audit implementation, and
-may be found in the FreeBSD and Mac OS X kernels.
+OpenBSM is an open source implementation of Sun's BSM event auditing file
+format and API.  Originally created for Apple Computer by McAfee Research,
+OpenBSM is now maintained by volunteers and through the generous contribution
+of several organizations.
+
+OpenBSM includes several command line tools, including auditreduce(8) and
+praudit(8) for reducing and printing audit trails, as well as the libbsm(3)
+library to manage configuration files, generate audit records, and parse and
+print audit trils.
+
+Coupled with a kernel audit implementation, OpenBSM can be used to maintain
+system audit streams, and is a foundation for a full audit-enabled system.
+Portions of OpenBSM, including include files and token-building routines, are
+reusable in a kernel audit implementation, and may be found in the FreeBSD
+and Mac OS X kernels.
 
   Contents
 
 OpenBSM consists of several directories:
 
     bin/           Audit-related command line tools
     bsm/           Library include files for BSM
-    compat/        Compatibility code to build on various OS's
+    compat/        Compatibility code to build on various operating systems
     etc/           Sample /etc/security configuration files
     libauditd      Common audit management functions for auditd and launchd
     libbsm/        Implementation of BSM library interfaces and man pages
@@ -44,7 +51,8 @@ Please see the file INSTALL for build and installation instructions.
 
 The TrustedBSD Project would appreciate the contribution of bug fixes, 
 enhancements, etc, under identically or substantially similar licenses to 
-those present on the remainder of the OpenBSM source code.
+those present on the remainder of the OpenBSM source code.  Please see the
+file CREDITS to learn more about who has contributed to the project.
 
   Location
 
@@ -56,4 +64,4 @@ Information on TrustedBSD may be found on the TrustedBSD home page:
 
     http://www.TrustedBSD.org/
 
-$P4: //depot/projects/trustedbsd/openbsm/README#35 $
+$P4: //depot/projects/trustedbsd/openbsm/README#36 $

TODO

@@ -16,11 +16,10 @@ OpenBSM TODO
   just at the beginning of a record.  This will make it easier to use
   praudit in test suites processing single-token files without header and
   trailer context.
-- Put hostname in trail file name.
 - Document audit_warn event arguments.
 - Allow the path /etc/security to be configured at configure-time so that
   alternative locations can be used.
 - NLS support for au_strerror(3), which provides error strings for BSM errors
   not available on the local OS platform.
 
-$P4: //depot/projects/trustedbsd/openbsm/TODO#12 $
+$P4: //depot/projects/trustedbsd/openbsm/TODO#13 $

VERSION

@@ -1 +1 @@
-OPENBSM_1_1_BETA_1
+OPENBSM_1_1