Summary: | [NEW PORT] security/setaudit: Tool to specify audit configurations on a process | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Product: | Ports & Packages | Reporter: | Mateusz Piotrowski <0mp> | ||||||||
Component: | Individual Port(s) | Assignee: | Danilo G. Baio <dbaio> | ||||||||
Status: | Closed FIXED | ||||||||||
Severity: | Affects Some People | CC: | 0mp, csjp, dbaio, dewayne | ||||||||
Priority: | --- | Flags: | dbaio:
maintainer-feedback+
|
||||||||
Version: | Latest | ||||||||||
Hardware: | Any | ||||||||||
OS: | Any | ||||||||||
Attachments: |
|
Description
Mateusz Piotrowski
2018-03-15 11:15:26 UTC
Created attachment 191522 [details]
Shell archive of a new setaudit port (version: g20150315, revision: 2)
I updated the attachment as there was a typo in pkg-descr.
A new release should be published soon. Please, do not commit those changes just yet. I'll update the patch soon. Created attachment 191632 [details]
Shell archive of a new setaudit port (version: v1.0.0)
Setaudit v1.0.0 has been released.
It should be ok to merge it into ports at this point.
QA:
- poudriere: 11.1 amd64
- portlintChanges:
- Update to version v1.0.0.
Hi. Thanks for this submission. I tested this tool and it's very nice. I've started the audit daemon and listen the logs through `praudit /dev/auditpipe`. What about write more information in the pkg-descr about this tool? And other concern, in base we already have a man page called setaudit. Regards. (In reply to Danilo G. Baio from comment #4) I'll consult csjp@ and report back soon. :) (In reply to Danilo G. Baio from comment #4) We can certainly improve on the description. With respect to the man page duplicate this is fine. Although there is already a setaudit(2) man page, there is no setaudit(1) or setaudit(8) man page. If a user wants to view the setaudit(2) man page, they can simply "man 2 setaudit". We have this in base already with things like daemon, printf etc. (In reply to Christian S.J. Peron from comment #6) Hi Christian, that's ok, thanks for clarifying. I've seen some changes in the Github repository, will you tag a new version? Regards. (In reply to Danilo G. Baio from comment #7) Hi Danilo, Sounds great. I just pushed another tag (v1.0.1) Thanks! (In reply to Christian S.J. Peron from comment #8) It's needed to change the manpage in the Makefile. https://github.com/csjayp/setaudit/blob/master/Makefile#L21 Now we are waiting for a more detailed pkg-descr. Hi Christian and Mateusz. What do you think about this change in pkg-descr? $ cat pkg-descr With setaudit is possible to specify audit configurations on a process directly at the runtime. All audit events are redirected to the auditd (audit log management daemon). Example of enabling all exe related audit events performed by a `command` and its child processes: # setaudit -m ex `command` WWW: https://github.com/csjayp/setaudit (In reply to Danilo G. Baio from comment #11) You've missed a word :) How about: > With setaudit it is possible to specify audit configurations on a process > directly at the runtime. > > All audit events are redirected to the auditd(8), an audit log management > daemon. > > Example of enabling all exe related audit events performed by a command and its > child processes: > > # setaudit -m ex command > > WWW: https://github.com/csjayp/setaudit One way or another, it's a huge improvement over the previous pkg-descr so I'm happy any formatting you decide on. :) I think that this port is ready. Would you like me to update the patch and run poudriere tests? A commit references this bug: Author: dbaio Date: Tue Mar 27 23:20:34 UTC 2018 New revision: 465770 URL: https://svnweb.freebsd.org/changeset/ports/465770 Log: Add security/setaudit: Tool to specify audit configurations on a process With setaudit it is possible to specify audit configurations on a process directly at the runtime. All audit events are redirected to the auditd(8), an audit log management daemon. Example of enabling all exe related audit events performed by a command and its child processes: # setaudit -m ex command WWW: https://github.com/csjayp/setaudit PR: 226627 Submitted by: Mateusz Piotrowski <0mp@FreeBSD.org> Changes: head/security/Makefile head/security/setaudit/ head/security/setaudit/Makefile head/security/setaudit/distinfo head/security/setaudit/pkg-descr (In reply to commit-hook from comment #13) Danilo Looks great, thanks! Committed, thank you both. And sorry for the delay. (In reply to Danilo G. Baio from comment #15) Thank you for helping us with all those little improvements. You're great! |