From owner-freebsd-current@FreeBSD.ORG  Sun Apr 19 23:29:20 2009
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 89033106564A
	for <freebsd-current@freebsd.org>; Sun, 19 Apr 2009 23:29:20 +0000 (UTC)
	(envelope-from rwatson@FreeBSD.org)
Received: from cyrus.watson.org (cyrus.watson.org [65.122.17.42])
	by mx1.freebsd.org (Postfix) with ESMTP id 4418E8FC08
	for <freebsd-current@freebsd.org>; Sun, 19 Apr 2009 23:29:20 +0000 (UTC)
	(envelope-from rwatson@FreeBSD.org)
Received: from fledge.watson.org (fledge.watson.org [65.122.17.41])
	by cyrus.watson.org (Postfix) with ESMTPS id EEA8346B0D;
	Sun, 19 Apr 2009 19:29:19 -0400 (EDT)
Date: Mon, 20 Apr 2009 00:29:19 +0100 (BST)
From: Robert Watson <rwatson@FreeBSD.org>
X-X-Sender: robert@fledge.watson.org
To: Jakub Lach <jakub_lach@mailplus.pl>
In-Reply-To: <alpine.BSF.2.00.0904200004180.71062@fledge.watson.org>
Message-ID: <alpine.BSF.2.00.0904200028100.71062@fledge.watson.org>
References: <alpine.BSF.2.00.0904191728370.21859@fledge.watson.org>
	<23127561.post@talk.nabble.com>
	<alpine.BSF.2.00.0904192343350.71062@fledge.watson.org>
	<23128287.post@talk.nabble.com>
	<alpine.BSF.2.00.0904200004180.71062@fledge.watson.org>
User-Agent: Alpine 2.00 (BSF 1167 2008-08-23)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Cc: freebsd-current@freebsd.org
Subject: Re: OpenBSM 1.1 imported (was: svn commit: r191273 - in head:
 contrib/openbsm contrib/openbsm/bin contrib/openbsm/bin/audit
 contrib/openbsm/bin/auditd contrib/openbsm/bin/auditfilterd
 contrib/openbsm/bin/auditreduce contrib/open... (fwd))
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>, 
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 19 Apr 2009 23:29:20 -0000


On Mon, 20 Apr 2009, Robert Watson wrote:

> On Sun, 19 Apr 2009, Jakub Lach wrote:
>
>> 1) It's not GENERIC, but I've double checked - AUDIT is enabled.
>> 2) Local login.
>> 3) Userspace and kernel version is synced. Logging with old kernel is not
>> possible.
>> 
>> Upgrading procedure- buildworld, buildkernel, installkernel, installworld, 
>> mergemaster, reboot.
>
> Any chance you're using amd64 with a 64-bit userspace?

OK, it looks like login_audit.c in login(1) isn't quite ready for the new 
restrictions on argument types to A_GETCOND that came in with the new OpenBSM 
code.  What I've done temporarily (r191296) is relax those constraints so that 
both the old and new versions of the auditon(2) commands will work with longs. 
This will hopefully fix the problem you're seeing with login(1), presumably on 
amd64?

Robert N M Watson
Computer Laboratory
University of Cambridge


>
> Robert N M Watson
> Computer Laboratory
> University of Cambridge
>
>> 
>> Thanks for reply.
>> 
>> 
>> Robert Watson wrote:
>>> 
>>> 
>>> On Sun, 19 Apr 2009, Jakub Lach wrote:
>>> 
>>>> After updating to revision 191274, I cannot login.
>>>> 
>>>> "could not determine audit condition"
>>>> 
>>>> Sorry for bothering you, but I don't know how to deal with it.
>>> 
>>> Could you let me know:
>>> 
>>> (1) Do you have options AUDIT compiled into your kernel?  It's in GENERIC
>>> by
>>>      default, and it occurs to me I've not tested the !AUDIT case lately.
>>> 
>>> (2) How are you logging in -- using the console, or sshd, or...?  Does it
>>> work
>>>      better or worse if you try another way of logging in?
>>> 
>>> (3) ... and could you confirm that your kernel was rebuilt and installed
>>> prior
>>>      to updating userspace?  If you switch to an old kernel, are you then
>>> able
>>>      to log in?
>>> 
>>> Robert N M Watson
>>> Computer Laboratory
>>> University of Cambridge
>>> _______________________________________________
>>> freebsd-current@freebsd.org mailing list
>>> http://lists.freebsd.org/mailman/listinfo/freebsd-current
>>> To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org"
>>> 
>>> 
>> 
>> -- 
>> View this message in context: 
>> http://www.nabble.com/OpenBSM-1.1-imported-%28was%3A-svn-commit%3A-r191273---in-head%3A-contrib-openbsm-contrib-openbsm-bin-contrib-openbsm-bin-audit-contrib-openbsm-bin-auditd-contrib-openbsm-bin-auditfilterd-contrib-openbsm-bin-auditreduce-contrib-open...-%28fwd%29%29-tp23124717p23128287.html
>> Sent from the freebsd-current mailing list archive at Nabble.com.
>> 
>> _______________________________________________
>> freebsd-current@freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-current
>> To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org"
>> 
> _______________________________________________
> freebsd-current@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-current
> To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org"
>