Print this page
First stab at the full Joyent wad (still needs work!!!)
*** 1,9 ****
! From 6d74600c9a8d52d7b03fd4274a415e980b77d4b6 Mon Sep 17 00:00:00 2001
From: oracle <solaris@oracle.com>
Date: Mon, 3 Aug 2015 14:37:01 -0700
! Subject: [PATCH 14/30] Solaris Auditing support
#
# Add Solaris Auditing configuration (--with-audit=solaris) to openssh-6.5p1.
#
# Add phase 1 Solaris Auditing of sshd login/logout to openssh-6.5p1.
--- 1,9 ----
! From b60fe491735349ba901b371dc8a0d1cd5ab163da Mon Sep 17 00:00:00 2001
From: oracle <solaris@oracle.com>
Date: Mon, 3 Aug 2015 14:37:01 -0700
! Subject: [PATCH 15/36] Solaris Auditing support
#
# Add Solaris Auditing configuration (--with-audit=solaris) to openssh-6.5p1.
#
# Add phase 1 Solaris Auditing of sshd login/logout to openssh-6.5p1.
*** 68,81 ****
+(Sun's Audit infrastructure from Solaris 11) are supported.
--with-pam enables PAM support. If PAM support is compiled in, it must
also be enabled in sshd_config (refer to the UsePAM directive).
diff --git a/Makefile.in b/Makefile.in
! index 5bf2a06..e19c665 100644
--- a/Makefile.in
+++ b/Makefile.in
! @@ -100,7 +100,7 @@ SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \
roaming_common.o roaming_client.o
SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o \
- audit.o audit-bsm.o audit-linux.o platform.o \
+ audit.o audit-bsm.o audit-linux.o audit-solaris.o platform.o \
--- 68,81 ----
+(Sun's Audit infrastructure from Solaris 11) are supported.
--with-pam enables PAM support. If PAM support is compiled in, it must
also be enabled in sshd_config (refer to the UsePAM directive).
diff --git a/Makefile.in b/Makefile.in
! index 121a261..62e6a84 100644
--- a/Makefile.in
+++ b/Makefile.in
! @@ -101,7 +101,7 @@ SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \
roaming_common.o roaming_client.o
SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o \
- audit.o audit-bsm.o audit-linux.o platform.o \
+ audit.o audit-bsm.o audit-linux.o audit-solaris.o platform.o \
*** 674,696 ****
+done:
+ (void) adt_end_session(ah);
+}
+#endif /* USE_SOLARIS_AUDIT */
diff --git a/configure.ac b/configure.ac
! index 81edc01..27b95cb 100644
--- a/configure.ac
+++ b/configure.ac
! @@ -1518,7 +1518,7 @@ AC_ARG_WITH([libedit],
AUDIT_MODULE=none
AC_ARG_WITH([audit],
- [ --with-audit=module Enable audit support (modules=debug,bsm,linux)],
+ [ --with-audit=module Enable audit support (modules=debug,bsm,linux,solaris)],
[
AC_MSG_CHECKING([for supported audit module])
case "$withval" in
! @@ -1555,6 +1555,13 @@ AC_ARG_WITH([audit],
SSHDLIBS="$SSHDLIBS -laudit"
AC_DEFINE([USE_LINUX_AUDIT], [1], [Use Linux audit module])
;;
+ solaris)
+ AC_MSG_RESULT([solaris])
--- 674,696 ----
+done:
+ (void) adt_end_session(ah);
+}
+#endif /* USE_SOLARIS_AUDIT */
diff --git a/configure.ac b/configure.ac
! index 2985819..b38b1b3 100644
--- a/configure.ac
+++ b/configure.ac
! @@ -1547,7 +1547,7 @@ AC_ARG_WITH([libedit],
AUDIT_MODULE=none
AC_ARG_WITH([audit],
- [ --with-audit=module Enable audit support (modules=debug,bsm,linux)],
+ [ --with-audit=module Enable audit support (modules=debug,bsm,linux,solaris)],
[
AC_MSG_CHECKING([for supported audit module])
case "$withval" in
! @@ -1584,6 +1584,13 @@ AC_ARG_WITH([audit],
SSHDLIBS="$SSHDLIBS -laudit"
AC_DEFINE([USE_LINUX_AUDIT], [1], [Use Linux audit module])
;;
+ solaris)
+ AC_MSG_RESULT([solaris])
*** 717,740 ****
+
#if !defined(HAVE___func__) && defined(HAVE___FUNCTION__)
# define __func__ __FUNCTION__
#elif !defined(HAVE___func__)
diff --git a/sshd.c b/sshd.c
! index 5a00ae2..f577f75 100644
--- a/sshd.c
+++ b/sshd.c
! @@ -2228,7 +2228,9 @@ main(int ac, char **av)
}
#ifdef SSH_AUDIT_EVENTS
+#ifndef USE_SOLARIS_AUDIT
audit_event(SSH_AUTH_SUCCESS);
+#endif /* !USE_SOLARIS_AUDIT */
#endif
#ifdef GSSAPI
! @@ -2258,6 +2260,10 @@ main(int ac, char **av)
do_pam_session();
}
#endif
+#ifdef USE_SOLARIS_AUDIT
+ /* Audit should take place after all successful pam */
--- 717,740 ----
+
#if !defined(HAVE___func__) && defined(HAVE___FUNCTION__)
# define __func__ __FUNCTION__
#elif !defined(HAVE___func__)
diff --git a/sshd.c b/sshd.c
! index 7e519d4..87032ec 100644
--- a/sshd.c
+++ b/sshd.c
! @@ -2234,7 +2234,9 @@ main(int ac, char **av)
}
#ifdef SSH_AUDIT_EVENTS
+#ifndef USE_SOLARIS_AUDIT
audit_event(SSH_AUTH_SUCCESS);
+#endif /* !USE_SOLARIS_AUDIT */
#endif
#ifdef GSSAPI
! @@ -2264,6 +2266,10 @@ main(int ac, char **av)
do_pam_session();
}
#endif
+#ifdef USE_SOLARIS_AUDIT
+ /* Audit should take place after all successful pam */
*** 742,748 ****
+#endif /* USE_SOLARIS_AUDIT */
/*
* In privilege separation, we fork another child and prepare
--
! 2.3.2 (Apple Git-55)
--- 742,748 ----
+#endif /* USE_SOLARIS_AUDIT */
/*
* In privilege separation, we fork another child and prepare
--
! 2.5.4 (Apple Git-61)