16040 auditing could be calmer about translation of nodename to IP address
Reviewed by: Peter Tribble <peter.tribble@gmail.com>
Reviewed by: Toomas Soome <tsoome@me.com>
Reviewed by: Ryan

16040 auditing could be calmer about translation of nodename to IP address
Reviewed by: Peter Tribble <peter.tribble@gmail.com>
Reviewed by: Toomas Soome <tsoome@me.com>
Reviewed by: Ryan Goodfellow <ryan.goodfellow@oxide.computer>
Approved by: Dan McDonald <danmcd@mnx.io>

show more ...

15290 lib: remove pragma ident
Reviewed by: Garrett D'Amore <garrett@damore.org>
Reviewed by: Igor Kozhukhov <igor@dilos.org>
Reviewed by: Dan Cross <cross@oxidecomputer.com>
Approved

15290 lib: remove pragma ident
Reviewed by: Garrett D'Amore <garrett@damore.org>
Reviewed by: Igor Kozhukhov <igor@dilos.org>
Reviewed by: Dan Cross <cross@oxidecomputer.com>
Approved by: Patrick Mooney <pmooney@pfmooney.com>

show more ...

2271 CIFS clients fail to authenticate when idmap is using IDMU
Reviewed by: Gordon Ross <gordon.w.ross@gmail.com>
Approved by: Dan McDonald <danmcd@mnx.io>

14443 resection manual pages per IPD4
Reviewed by: Toomas Soome <tsoome@me.com>
Reviewed by: Robert Mustacchi <rm@fingolfin.org>
Reviewed by: Peter Tribble <peter.tribble@gmail.com>
R

14443 resection manual pages per IPD4
Reviewed by: Toomas Soome <tsoome@me.com>
Reviewed by: Robert Mustacchi <rm@fingolfin.org>
Reviewed by: Peter Tribble <peter.tribble@gmail.com>
Reviewed by: Andy Fiddaman <andy@omnios.org>
Approved by: Dan McDonald <danmcd@joyent.com>

show more ...

11826 Buffer overflow and memory leak in "libbsm"
Reviewed by: Andy Fiddaman <andy@omniosce.org>
Reviewed by: Robert Mustacchi <rm@fingolfin.org>
Reviewed by: Toomas Soome <tsoome@me.com>

11826 Buffer overflow and memory leak in "libbsm"
Reviewed by: Andy Fiddaman <andy@omniosce.org>
Reviewed by: Robert Mustacchi <rm@fingolfin.org>
Reviewed by: Toomas Soome <tsoome@me.com>
Approved by: Dan McDonald <danmcd@joyent.com>

show more ...

11148 libbsm: NULL pointer errors
Reviewed by: John Levon <john.levon@joyent.com>
Reviewed by: Sebastian Wiedenroth <sebastian.wiedenroth@skylime.net>
Approved by: Richard Lowe <richlowe@

11148 libbsm: NULL pointer errors
Reviewed by: John Levon <john.levon@joyent.com>
Reviewed by: Sebastian Wiedenroth <sebastian.wiedenroth@skylime.net>
Approved by: Richard Lowe <richlowe@richlowe.net>

show more ...

10361 usr/lib - stop lint library generation and packaging
Reviewed by: Jason King <jason.king@joyent.com>
Reviewed by: Peter Tribble <peter.tribble@gmail.com>
Reviewed by: Frederik Wesse

10361 usr/lib - stop lint library generation and packaging
Reviewed by: Jason King <jason.king@joyent.com>
Reviewed by: Peter Tribble <peter.tribble@gmail.com>
Reviewed by: Frederik Wessels <wessels147@gmail.com>
Approved by: Dan McDonald <danmcd@joyent.com>

show more ...

9149 libbsm: comparison between pointer and zero character constant
Reviewed by: Andy Fiddaman <omnios@citrus-it.co.uk>
Reviewed by: Albert Lee <trisk@forkgnu.org>
Approved by: Dan McDona

9149 libbsm: comparison between pointer and zero character constant
Reviewed by: Andy Fiddaman <omnios@citrus-it.co.uk>
Reviewed by: Albert Lee <trisk@forkgnu.org>
Approved by: Dan McDonald <danmcd@joyent.com>

show more ...

8885 64-bit libbsm:adt_do_ipv[46]_address creates non-compressible at_port.
Reviewed by: Dominik Hassler <hadfl@omniosce.org>
Reviewed by: Dan McDonald <danmcd@joyent.com>
Reviewed by: Ro

8885 64-bit libbsm:adt_do_ipv[46]_address creates non-compressible at_port.
Reviewed by: Dominik Hassler <hadfl@omniosce.org>
Reviewed by: Dan McDonald <danmcd@joyent.com>
Reviewed by: Robert Mustacchi <rm@joyent.com>
Approved by: Dan McDonald <danmcd@joyent.com>

show more ...

7812 Remove gender specific language
Reviewed by: Matt Ahrens <mahrens@delphix.com>
Reviewed by: Prakash Surya <prakash.surya@delphix.com>
Reviewed by: Steve Gonczi <steve.gonczi@delphix.

7812 Remove gender specific language
Reviewed by: Matt Ahrens <mahrens@delphix.com>
Reviewed by: Prakash Surya <prakash.surya@delphix.com>
Reviewed by: Steve Gonczi <steve.gonczi@delphix.com>
Reviewed by: Chris Williamson <chris.williamson@delphix.com>
Reviewed by: George Wilson <george.wilson@delphix.com>
Reviewed by: Igor Kozhukhov <igor@dilos.org>
Reviewed by: Dan McDonald <danmcd@omniti.com>
Reviewed by: Robert Mustacchi <rm@joyent.com>
Approved by: Richard Lowe <richlowe@richlowe.net>

show more ...

7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (ASLR)
7031 noexec_user_stack should be a security-flag
7032 want a means t

7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (ASLR)
7031 noexec_user_stack should be a security-flag
7032 want a means to forbid mappings around NULL
Reviewed by: Robert Mustacchi <rm@joyent.com>
Reviewed by: Josef 'Jeff' Sipek <jeffpc@josefsipek.net>
Reviewed by: Patrick Mooney <pmooney@joyent.com>
Approved by: Dan McDonald <danmcd@omniti.com>

show more ...

171 adt_get_mask_from_user frees memory before it's used
172 duplicate free in gss_accept_sec_context
173 duplicate free in spnego_gss_accept_sec_context
Reviewed by: gordon.w.ross@gmail.

171 adt_get_mask_from_user frees memory before it's used
172 duplicate free in gss_accept_sec_context
173 duplicate free in spnego_gss_accept_sec_context
Reviewed by: gordon.w.ross@gmail.com
Reviewed by: garrett@nexenta.com
Approved by: garrett@nexenta.com

show more ...

6884631 ilb code needs to utilize the audit tokens types of in_remote iport for server address and ports

6953290 adt_load_ttyname/adt_load_hostname should report ENETDOWN if there are no interfaces

PSARC/2009/636 Obsolete getacinfo(3bsm)
PSARC/2009/642 audit_control(4) EOL and removal
PSARC/2010/218 Audit subsystem Rights Profiles
PSARC/2010/220 svc:/system/auditset service
6875

PSARC/2009/636 Obsolete getacinfo(3bsm)
PSARC/2009/642 audit_control(4) EOL and removal
PSARC/2010/218 Audit subsystem Rights Profiles
PSARC/2010/220 svc:/system/auditset service
6875456 Solaris Audit configuration in SMF - phase 2 (PSARC/2009/636, PSARC/2009/642)
6942035 audit_binfile(5) leaves unfinished audit logs.
6942041 auditd(1) says "auditd refreshed" on startup.
6943275 audit_remote(5) leaks memory on audit service refresh
6955077 adt_get_mask_from_user() should regard _SC_GETPW_R_SIZE_MAX
6955117 $SRC/lib/libbsm/common/audit_ftpd.c shouldn't hardcode the lenght of usernames (8)
6956169 adt_audit_state() returns non-boolean values

--HG--
rename : usr/src/cmd/auditconfig/auditconfig_impl.h => usr/src/lib/libbsm/common/audit_policy.h
rename : usr/src/cmd/auditconfig/audit_scf.c => usr/src/lib/libbsm/common/audit_scf.c
rename : usr/src/cmd/auditconfig/audit_scf.h => usr/src/lib/libbsm/common/audit_scf.h

show more ...

PSARC/2010/003 EOL and removal of audit_user(4) and getauusernam(3bsm)
6914742 remove audit_user phase 1 PSARC/2010/003 EOL and removal of audit_user(4) and getauusernam(3bsm)

6916796 OSnet mapfiles should use version 2 link-editor syntax

--HG--
rename : usr/src/cmd/sgs/libelf/common/mapfile-common => usr/src/cmd/sgs/libelf/common/mapfile-vers
rename : usr

6916796 OSnet mapfiles should use version 2 link-editor syntax

--HG--
rename : usr/src/cmd/sgs/libelf/common/mapfile-common => usr/src/cmd/sgs/libelf/common/mapfile-vers
rename : usr/src/cmd/sgs/link_audit/i386/mapfile-vers-bindings => usr/src/cmd/sgs/link_audit/common/mapfile-vers-bindings
rename : usr/src/cmd/sgs/link_audit/i386/mapfile-vers-perfcnt => usr/src/cmd/sgs/link_audit/common/mapfile-vers-perfcnt
rename : usr/src/cmd/sgs/link_audit/i386/mapfile-vers-symbindrep => usr/src/cmd/sgs/link_audit/common/mapfile-vers-symbindrep
rename : usr/src/cmd/sgs/link_audit/i386/mapfile-vers-truss => usr/src/cmd/sgs/link_audit/common/mapfile-vers-truss
rename : usr/src/cmd/sgs/link_audit/i386/mapfile-vers-who => usr/src/cmd/sgs/link_audit/common/mapfile-vers-who
rename : usr/src/common/mapfiles/i386/map.noexdata => usr/src/common/mapfiles/common/map.noexdata
rename : usr/src/lib/libaio/sparc/mapfile-vers => usr/src/lib/libaio/common/mapfile-vers
rename : usr/src/lib/libelfsign/common/mapfile.map => usr/src/lib/libelfsign/common/mapfile-vers
rename : usr/src/lib/libpthread/sparc/mapfile-vers => usr/src/lib/libpthread/common/mapfile-vers
rename : usr/src/lib/librt/amd64/mapfile-vers => usr/src/lib/librt/common/mapfile-vers
rename : usr/src/lib/libsys/sparc/mapfile-vers => usr/src/lib/libsys/common/mapfile-vers
rename : usr/src/lib/libthread/sparc/mapfile-vers => usr/src/lib/libthread/common/mapfile-vers

show more ...

6948751 $SRC/lib/libbsm/common/audit_class.c needs some cleanup.

6946546 Fix for 6868082 devfsadm must rely on device_maps breaks add_allocatable on Trusted Extensions

6946518 There is no way to validate that audit flags are valid
6946529 getauditflagschar and getauclassnam may not operate properly with maximum size class names
6927607 getauditflags.c:getau

6946518 There is no way to validate that audit flags are valid
6946529 getauditflagschar and getauclassnam may not operate properly with maximum size class names
6927607 getauditflags.c:getauditflagsbin() needs boundary checking.

show more ...

6940699 no reboot audit leaves auditd disabled across reboot.

6935410 setting audit context when audit is not enabled should be more tolerant of getaddrinfo failure

6939427 core dump in adr_char: au_close should check return from malloc

6914628 Implement the user object audit token PSARC/2010/001 User object audit token
PSARC/2010/001 User object audit token
6580704 passwd gww produces a less optimal audit record.

PSARC/2009/613 auditon(2) clarification
6884238 The audit_policy variable should be a uint32_t.