Adding Solaris Audit to sshd (and sftp-server)

Darren Tucker dtucker at
Wed Dec 10 22:19:37 EST 2014

Hi Gary.

On Thu, Dec 4, 2014 at 4:23 PM, Gary Winiger <gary.winiger at>

> Hi Damien,

I'm not Damien, but I did much of the work integrating the original BSM

Firstly, I'm a little concerned about adding a dependency on an(other)
undocumented API.  Is it planned to publicly document this interface?

As for the structure, what you propose sounds reasonable.  Note that we can
only accept code with license compatible with the 2-term BSD license (ISC
style[1] preferred, 2-term BSD acceptable, see the policy [2] for more

For the code itself, please follow the style guide [3], use unified diffs
(diff -u) and break patches into small, discrete pieces.  I'd also suggest
opening a bug at to track the work and attach patches
and such.

> "bsm" (Sun's Legacy Basic Security Module prior to Solaris 11)

Sun's is not the only BSM implementation these days, FreeBSD also has one.


Darren Tucker (dtucker at
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

More information about the openssh-unix-dev mailing list