Displaying 20 results from an estimated 22 matches for "audit_ev".
Did you mean:
audit_fu
2008 May 22
2
"Invalid argument" error when moving sockets to backup dir
Local end (receiving): 3.0.2, 3.0.3pre2
Remote end (sending): 2.6.9
Under 3.0.x, rsync sometimes prints an "Invalid argument" error when
moving sockets to the backup directory (--backup-dir):
rsync: mknod "/backup/machine/../machine-before-4/var/run/audit_events"
failed: Invalid argument (22)
The problem appears to be that, at least with sockets, keep_backup() is
calling do_mknod() with garbage in the third parameter (dev).
When I add some debug output to do_mknod():
printf("mknod pathname=%s, mode=%d, dev=%llu\n", pathname, mode, d...
2004 May 31
1
[Bug 125] with BSM auditing, cron editing thru ssh session causes cron jobs to fail
http://bugzilla.mindrot.org/show_bug.cgi?id=125
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #619 is|0 |1
obsolete| |
------- Additional Comments From dtucker at zip.com.au 2004-05-31 23:25 -------
2011 Jun 26
1
How to add new audit class?
...ew process itself) and occurred too often
and create noise.
connect()/accept() from "nt", but not setsockopt(), for the same
reasons.
And so on.
How should I create new system class? What need to be putted into
"classmask" in audit_class(5)? How should I edit audit_event(5) file,
as it seems, that one event could belong only to one class, and I
don't want to remove these events from their natural classes.
--
// Black Lion AKA Lev Serebryakov <lev@FreeBSD.org>
2005 Jan 24
15
[Bug 125] add BSM audit support
http://bugzilla.mindrot.org/show_bug.cgi?id=125
alex.bell at bt.com changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |alex.bell at bt.com
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the
2014 Dec 04
3
Adding Solaris Audit to sshd (and sftp-server)
...;s Legacy Basic Security Module prior to Solaris 11), and "solaris"
! (Sun's Audit infrastructure from Solaris 11) are supported.
README.platform
===============
! Solaris
! -------
! Prior to Solaris 11
! -------------------
If you enable BSM auditing on Solaris, you need to update audit_event(4)
for praudit(1m) to give sensible output. The following line needs to be
added to /etc/security/audit_event:
32800:AUE_openssh:OpenSSH login:lo
The BSM audit event range available for third party TCB applications is
32768 - 65535. Event number 32800 has been choosen for AUE_openss...
2011 Jun 29
1
More questions about audit
Hello, Freebsd-security.
I'm grepping all sources for programs, which support audit and found
strange thing:
find . -name '*.c*' -print | \
grep -v -E '^./(sys|contrib/openbsm|tools/regression)' | \
xargs grep -E "\<(audit|au_)"
shows, that only login(1), su(1), id(1) and sshd(1) uses audit. And
even sshd(8) raise question: it doesn't call
2006 Mar 10
0
tun with darwin/macos x
...is known to work with Darwin 8 and
+MacOS X 10.4 in Point-to-Point (Layer 3) and Ethernet (Layer 2) mode
+using a third party driver. More information is available at:
+ http://www-user.rhrk.uni-kl.de/~nissler/tuntap/
+
+
Solaris
-------
If you enable BSM auditing on Solaris, you need to update audit_event(4)
--- configure.orig 2006-02-13 19:16:02.000000000 -0800
+++ configure 2006-02-13 18:28:39.000000000 -0800
@@ -5285,6 +5285,21 @@ cat >>confdefs.h <<_ACEOF
#define BIND_8_COMPAT 1
_ACEOF
+
+cat >>confdefs.h <<\_ACEOF
+#define SSH_TUN_FREEBSD 1
+_ACEOF
+
+
+cat >&g...
2009 Mar 27
0
consistent segfaults in ROracle with one of the databases
...type of query (template) that crashes it, I know this is not
too helpful as you cannot run it, but maybe someone spots a certain
pattern in it:
SELECT TIMESTAMP, VALUE, VM FROM
(WITH ev AS
(SELECT audit_key_new key, audit_date dt, audit_batch_nbr,
audit_date
FROM dots_audit.audit_event
WHERE table_name='VALUE_PROPERTY_MAP'),
jfsm AS
(SELECT audit_key, fund_id, fund_mult
FROM dots_audit.value_property_map WHERE property_id='%s'
UNION SELECT audit_key, value_id, value_mult
FROM dots.value_property_map WHERE...
2002 Apr 11
3
[Bug 2] sshd should have BSM auditing on Solaris
http://bugzilla.mindrot.org/show_bug.cgi?id=2
Michael.Gerdts at alcatel.com changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |Michael.Gerdts at alcatel.com
------- You are receiving this mail because: -------
You are the assignee for the bug, or are
2006 Jun 05
0
Heads up: OpenBSM 1.0a6, per-auditpipe preselection imported to CVS (fwd)
...bsm/config/config.sub
U src/contrib/openbsm/config/depcomp
U src/contrib/openbsm/config/install-sh
U src/contrib/openbsm/config/ltmain.sh
U src/contrib/openbsm/config/missing
U src/contrib/openbsm/etc/audit_class
U src/contrib/openbsm/etc/audit_control
U src/contrib/openbsm/etc/audit_event
N src/contrib/openbsm/etc/audit_filter
U src/contrib/openbsm/etc/audit_user
U src/contrib/openbsm/etc/audit_warn
U src/contrib/openbsm/libbsm/Makefile.am
U src/contrib/openbsm/libbsm/Makefile.in
U src/contrib/openbsm/libbsm/au_class.3
U src/contrib/openbsm/libbsm/au_control....
2006 Oct 31
0
PSARC/2005/625 Greyhound - Solaris Kernel SSL proxy
...o.h
create: usr/src/uts/common/inet/kssl/ksslrec.c
create: usr/src/uts/common/inet/tcp/tcp_kssl.c
create: usr/src/uts/intel/kssl/Makefile
create: usr/src/uts/sparc/kssl/Makefile
update: usr/src/cmd/cmd-inet/usr.sbin/Makefile
update: usr/src/cmd/devfsadm/misc_link.c
update: usr/src/lib/libbsm/audit_event.txt
update: usr/src/lib/libsecdb/exec_attr.txt
update: usr/src/pkgdefs/SUNWckr/prototype_com
update: usr/src/pkgdefs/SUNWckr/prototype_i386
update: usr/src/pkgdefs/SUNWckr/prototype_sparc
update: usr/src/pkgdefs/SUNWcsr/prototype_com
update: usr/src/pkgdefs/SUNWcsu/prototype_com
update: u...
2012 Jan 02
5
[Bug 1968] New: openssh won't build with --with-audit=bsm on Solaris 11
...nction ?bsm_audit_bad_login?:
audit-bsm.c:258:15: error: ?BSM_TEXTBUFSZ? undeclared (first use in
this function)
audit-bsm.c:258:15: note: each undeclared identifier is reported only
once for each function it appears in
audit-bsm.c:258:7: warning: unused variable ?textbuf?
audit-bsm.c: In function ?audit_event?:
audit-bsm.c:322:18: error: ?BSM_TEXTBUFSZ? undeclared (first use in
this function)
audit-bsm.c:322:10: warning: unused variable ?textbuf?
*** Error code 1
make: Fatal error: Command failed for target `audit-bsm.o'
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email...
2005 Jan 20
27
[Bug 974] Record Badlogins for all supported Authentication methods
http://bugzilla.mindrot.org/show_bug.cgi?id=974
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
Severity|normal |enhancement
Platform|HPPA |All
Summary|Enhancement : Record |Record Badlogins for
2004 Apr 14
8
[Bug 125] with BSM auditing, cron editing thru ssh session causes cron jobs to fail
http://bugzilla.mindrot.org/show_bug.cgi?id=125
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
Severity|major |enhancement
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
2015 Feb 28
2
SAP-2015-3-1 issues
On Sun, Mar 01, 2015 at 03:23:04AM +1100, Damien Miller wrote:
>
>
> On Sat, 28 Feb 2015, The Doctor wrote:
>
> > BSD/OS issues
> >
> > with 1.0.2a dev
>
> Thanks for testing.
>
You are welcome.
> > make tests
> >
> > regress/netcat.c:656: `on' undeclared (first use in this function)
> > regress/netcat.c:656: (Each
2020 Mar 11
6
[PATCH 0/1] *** SUBJECT HERE ***
Hi,
sifting through my system's logs, I noticed many break-in attempts by
rogue ssh clients trying long lists of common passwords. For some time
now I pondered different approaches to counter these, but could not come
up with a solution that really satisfied me.
I finally reached the conclusion that any countermeasures required
support in sshd itself, and created the attached patch. If
2006 Jan 08
3
Allow --without-privsep build.
...(compat20) {
@@ -1708,11 +1714,12 @@ main(int ac, char **av)
* If we use privilege separation, the unprivileged child transfers
* the current keystate and exits
*/
+#ifdef USE_PRIVSEP
if (use_privsep) {
mm_send_keystate(pmonitor);
exit(0);
}
-
+#endif
authenticated:
#ifdef SSH_AUDIT_EVENTS
audit_event(SSH_AUTH_SUCCESS);
--
dwmw2
2006 Oct 31
0
PSARC/2002/762 Layered Trusted Solaris
...date: usr/src/lib/auditd_plugins/syslog/systoken.c
update: usr/src/lib/auditd_plugins/syslog/systoken.h
update: usr/src/lib/common/inc/c_synonyms.h
update: usr/src/lib/libbsm/Makefile
update: usr/src/lib/libbsm/Makefile.com
update: usr/src/lib/libbsm/audit_class.txt
update: usr/src/lib/libbsm/audit_event.txt
update: usr/src/lib/libbsm/common/adt_token.c
update: usr/src/lib/libbsm/common/au_to.c
update: usr/src/lib/libbsm/common/audit_allocate.c
update: usr/src/lib/libbsm/common/audit_ftpd.c
update: usr/src/lib/libbsm/common/audit_rexd.c
update: usr/src/lib/libbsm/common/audit_rexecd.c
upd...
2013 Oct 31
9
[Bug 2167] New: Connection remains when fork() fails.
https://bugzilla.mindrot.org/show_bug.cgi?id=2167
Bug ID: 2167
Summary: Connection remains when fork() fails.
Product: Portable OpenSSH
Version: 5.3p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: sshd
Assignee: unassigned-bugs at
2016 Dec 31
2
Baffling regress/forwarding.sh failure, new in 7.4p1
...02.
debug2: fd 9 setting O_NONBLOCK
debug3: fd 9 is O_NONBLOCK
debug1: channel 0: new [port listener]
debug3: send packet: type 81
packet_write_wait: Connection from 127.0.0.1 port 60879: Broken pipe
debug1: do_cleanup
debug3: mm_request_receive entering
debug1: do_cleanup
debug1: audit_event: unhandled event 12
FAIL: failed copy of /bin/ls
trace: config file: transfer over forwarded channels and check result
dWCUHL3hrO9Sb+pyo0ZTZvaU
debug3: notify_hostkeys: sent 2 hostkeys
debug3: send packet: type 80
debug1: Entering interactive session for SSH2.
debug2: fd 7 setti...