Status of Sun BSM/Auditd Support ?

Phil Dibowitz phil at
Mon Dec 20 17:59:11 EST 2004

On Mon, Dec 20, 2004 at 04:30:03PM +1100, Darren Tucker wrote:
> Darren Tucker wrote:
> >I was working on it a while back, but I had trouble testing it (I 
> >enabled BSM on my SPARC but it didn't appear to be working, and I'm not 
> >sure if I'm doing something wrong) and got sidetracked.
> OK, I dusted off my old patch, fixed a few things and split it in two:
> openssh-audit-base.patch: adds the instrumentation to sshd and an 
> example/debug audit module, and
> openssh-audit-bsm.patch: the BSM-specific bits.
> I make no guarantees other than it compiles on my boxes.  (If you apply 
> just the first you will need to fix by hand).
> I suggest we work on getting the hooks into sshd first (either in the 
> form in the patch, or inside #ifdefs) then look at the BSM specific 
> parts afterwards.
> We will also need to resolve the overlap between this and the existing 
> sys_auth_allowed_user, sys_auth_record_login and record_failed_login 
> functions.
> I'll also attach these to the bug:
> Anyone wanting to keep tabs on this may want to add themselves to the CC 
> list of that bug.

I'll add myself to the CC in the morning when I get to work. Additionally,
I'll apply the patch, compile a version, and install it on a testbox. I'll
report back what I find.


Phil Dibowitz
Systems Architect and Administrator
Enterprise Infrastructure / ISD / USC
UCC 174 - 213-821-5427

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : 

More information about the openssh-unix-dev mailing list