projects / freebsd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 3caafc0) | patch
Introduce an audit event identifier -> audit event name mapping
authorrwatson <rwatson@FreeBSD.org>
Mon, 27 Mar 2017 10:38:53 +0000 (10:38 +0000)
committerrwatson <rwatson@FreeBSD.org>
Mon, 27 Mar 2017 10:38:53 +0000 (10:38 +0000)
commit1eefe93a8f7ad6af1927c4f1a83fe0fcf929091d
treeb88313a0893a47d5a3c7ce4e522a1afded8305d8tree | snapshot
parent3caafc04f1817b2d44fcba85739c1a689533ec64commit | diff
Introduce an audit event identifier -> audit event name mapping
database in the kernel audit implementation, similar the exist
class mapping database.  This will be used by the DTrace audit
provider to map audit event identifiers originating in the
system-call table back into strings for the purposes of setting
probe names.  The database is initialised and maintained by
auditd(8), which reads values in from the audit_events
configuration file, and then manages them using the A_GETEVENT
and A_SETEVENT auditon(2) operations.

Obtained from: TrustedBSD Project
Sponsored by: DARPA, AFRL
MFC after: 3 weeks
sys/security/audit/audit_bsm.c diff | blob | blame | history
sys/security/audit/audit_bsm_klib.c diff | blob | blame | history
sys/security/audit/audit_private.h diff | blob | blame | history
sys/security/audit/audit_syscalls.c diff | blob | blame | history
FreeBSD Project Source