OpenBSM 1.1 beta 1

openbsm-logoRobert Watson has announced the release of OpenBSM 1.1 beta 1; this is a test snapshot of OpenBSM 1.1. The following are the change notes from the OpenBSM NEWS file included with this release:

  •  The filesz parameter in audit_control(5) now accepts suffixes: ‘B’ for Bytes, ‘K’ for Kilobytes, ‘M’ for Megabytes, and ‘G’ for Gigabytes. For legacy support no suffix defaults to bytes.
  • Audit trail log expiration support added. It is configured in audit_control(5) with the expire-after parameter. If there is no expire-after parameter in audit_control(5), the default, then the audit trail files are not expired and removed. See audit_control(5) for more information.
  • Change defaults in audit_control: warn at 5% rather than 20% free for audit partitions, rotate automatically at 2mb, and set the default policy to cnt,argv rather than cnt so that execve(2) arguments are captured if AUE_EXECVE events are audited. These may provide more usable defaults for many users.
  • Use au_domain_to_bsm(3) and au_socket_type_to_bsm(3) to convert au_to_socket_ex(3) arguments to BSM format.
  • Fix error encoding AUT_IPC_PERM tokens.

OpenBSM releases and snapshots can be downloaded from the OpenBSM project web page.

This test release is known to build and run (to varying degrees) on FreeBSD 5.x, 6.x, 7.x, 8.x, Mac OS X Leopard, Mac OS X Snow Leopard, and OpenSuse Linux.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>