similar to: How to add new audit class?

Hello, Freebsd-security. I'm grepping all sources for programs, which support audit and found strange thing: find . -name '*.c*' -print | \ grep -v -E '^./(sys|contrib/openbsm|tools/regression)' | \ xargs grep -E "\<(audit|au_)" shows, that only login(1), su(1), id(1) and sshd(1) uses audit. And even sshd(8) raise question: it doesn't call

FYI for those working with audit and intrusion detection on FreeBSD. Robert N M Watson ---------- Forwarded message ---------- Date: Mon, 5 Jun 2006 17:01:04 +0100 (BST) From: Robert Watson <rwatson@FreeBSD.org> To: current@FreeBSD.org Cc: trustedbsd-audit@TrustedBSD.org Subject: Heads up: OpenBSM 1.0a6, per-auditpipe preselection imported to CVS This is a heads up to current@ users

Author: jpk Repository: /hg/zfs-crypto/gate Revision: e7e07b2f4fcfbe725493f4074f9e9f0d8bfd8e1c Log message: PSARC/2002/762 Layered Trusted Solaris PSARC/2005/060 TSNET: Trusted Networking with Security Labels PSARC/2005/259 Layered Trusted Solaris Label Interfaces PSARC/2005/573 Solaris Trusted Extensions for Printing PSARC/2005/691 Trusted Extensions for Device Allocation PSARC/2005/723 Solaris

http://bugzilla.mindrot.org/show_bug.cgi?id=125 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #619 is|0 |1 obsolete| | ------- Additional Comments From dtucker at zip.com.au 2004-05-31 23:25 -------

Hi Damien, I'm working with the Solaris team that is integrating openssh into upcoming Solaris releases. I'm looking for advice from the upstream community. You were suggested for that advice. If there are other mailing lists you'd like me to ask, I'm happy to do so, or if you'd like to forward, please feel free to do so. The --with-audit=bsm (audit-bsm.c) configuration

http://bugzilla.mindrot.org/show_bug.cgi?id=125 alex.bell at bt.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |alex.bell at bt.com ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the

https://bugzilla.mindrot.org/show_bug.cgi?id=1968 Bug #: 1968 Summary: openssh won't build with --with-audit=bsm on Solaris 11 Classification: Unclassified Product: Portable OpenSSH Version: 5.9p1 Platform: ix86 OS/Version: Solaris Status: NEW Severity: normal Priority: P2

Hello, Dovecot. I'm using postfix + dovecot with pure virtual users. postfix uses standard virtual transport, and dovecot fetches such fields from userdb: chroot: "/usr/home/hosted/v-mail/%d/%n" home: "/" mail: "maildir:." Everything works Ok -- dovecot founds users' mail. Now, after upgrade to dovecot2, I want to use it LMTP server as

Hello, Dovecot. Does dovecot sieve supports variable extension (rfc5229)? It is very useful for users with large amount of mailing lists, as it allows to write only one rule for all lists (filtering by List-Id). If it is not supported, is here any plans to support it? I can try to implement it, but I don't want to duplicate work, if somebody has this extension in pipeline. -- //

Hello, Dovecot. I want to migrate to webmail (roundcube) over dovecot + sieve (pigeonhole). Now I'm using on-client (The Bat!) filters, but I need to have acccess to my mail everywhere, not only on my workstation. And I wonder, is here simple way to re-filter INBOX after sieve filters have been changed? Any offline (desktop) mail client could run new filters on old messages -- is

Hello, Dovecot. Is it possible to write one rule in sieve, which will: (1) Trigger on any message with "List-Id" header AND (2) Put this message to folder with name build from content of "List-Id" header, in such way, that message with List-Id List-Id: This is decription of list <list-name.host.org> will be put into folder "org.host.list-name" where

Hello, Dovecot. Now, with enabled "recipient_delimiter = +", "lmtp_save_to_detail_mailbox" and using LMTP, messages with "detail" in address, are placed in auto-created mailboxes. It is great, but what if I want to put all such mailboxes not in inbox directly, but lower in mailbox hierarchy? Is it possible without using sieve? -- // Black Lion AKA Lev

http://bugzilla.mindrot.org/show_bug.cgi?id=2 Michael.Gerdts at alcatel.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |Michael.Gerdts at alcatel.com ------- You are receiving this mail because: ------- You are the assignee for the bug, or are

Hello, Freebsd-stable. I installed 7.1-STABLE on my new Soekris net5501. Kernel config is in attach. This unit lock up in strange way every day. It is pingable, but no access to host on any network protocol (sshd, named, etc are not answering), and serial console (only one this unit has) DOESN'T ANSWER too! Only way to un-freeze it is cold reboot. I've thought, it is

Hi All, I'm having an issue where SSH sessions fail if I enable the cryptodev engine for HMAC. I'd like to confirm if this is a supported configuration and if there are any known bugs. HMAC with the cryptodev engine works fine when using the openssl application directly, so I suspect that something in openssh may be the cause of the issue. I tried this initially with sshd from openssh

Hello I have some issues with OpenBSM which i cannot resolve, so i decided to ask there. 1) I found some bugs in the auditreduce utility and created patch for it - http://www.freebsd.org/cgi/query-pr.cgi?pr=114534. Please, someone from freebsd team - take it, i think its better to fix this before next release. 2) I found that when i`m using XDM as login manager with OpenBSM, all my audit

Dear All, Over the past week or so, I have spent some time updating Tom Rhodes' excellent FreeBSD Handbook chapter on Audit for some of the more recent audit changes, such as new features in more recent OpenBSM versions. Since FreeBSD 6.2-BETA2 contains what is likely the final drop of the audit code (modulo any bug fixes) for 6.2-RELEASE, now would be a great time for people interested

I want to use SQLite database as storage for auth and user databases. I've encountered two problems here: (1) There is no way to open SQLite database read-only (via sqlite3_open_v2() call with SQLITE_OPEN_READONLY flag). It looks bad. I don't need (and want) to give dovecot rights to write to this database. (2) I've created system group "hostingdb", added

Hello, Arne. I try to build storage server for my home (I have a LOT of media files) with FreeBSD 7, 5xHDD (WD 500Gb) and geom_raid5 ("simple" version from perforce, beacuse http://home.tiscali.de/cmdr_faako/geom_raid5.tbz is not patched for FreeBSD7). Array & FS were created with default arguments: # graid5 label storage ad6 ad8 ad10 ad12 ad14 # newfs -O2 -U /dev/raid5/storage

Hello dovecot, wiki mentions `deliver', but it doesn't include into 1.0.beta8 dovecot distribution. It can be downlaoded from CVS, and even contains two tags on files, that seems to eb release tags :) But what is official status of `deliver' tool? Is it stable, or experemental, or what? Are here any plans when it will be packaged ad announced? -- Best regards, Lev