From 3f6faf9b7ec622c7bd5ffdf658f1881d9d5e26e5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Adrian=20Schr=C3=B6ter?= <adrian@suse.de>
Date: Wed, 23 Oct 2024 18:01:33 +0200
Subject: [PATCH] Sync from SUSE:ALP:Source:Standard:1.0 audit revision
 03edca8316e3624a8e91b3cd01372f0e

---
 audit-secondary.changes                     |  6 ++++++
 audit-secondary.spec                        |  1 +
 auditd.service-fix-plugin-termination.patch | 14 ++++++++++++++
 3 files changed, 21 insertions(+)
 create mode 100644 auditd.service-fix-plugin-termination.patch

diff --git a/audit-secondary.changes b/audit-secondary.changes
index 63ce3b8..e451466 100644
--- a/audit-secondary.changes
+++ b/audit-secondary.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Wed Sep 11 17:59:52 UTC 2024 - Enzo Matsumiya <ematsumiya@suse.com>
+
+- Fix plugin termination when using systemd service units (bsc#1215377)
+  * add auditd.service-fix-plugin-termination.patch
+
 -------------------------------------------------------------------
 Tue Dec 27 10:21:56 UTC 2022 - Ludwig Nussel <lnussel@suse.com>
 
diff --git a/audit-secondary.spec b/audit-secondary.spec
index eb0d4c7..3f71e87 100644
--- a/audit-secondary.spec
+++ b/audit-secondary.spec
@@ -42,6 +42,7 @@ Patch9:         fix-hardened-service.patch
 Patch10:        enable-stop-rules.patch
 Patch11:        create-augenrules-service.patch
 Patch12:        audit-userspace-517-compat.patch
+Patch13:	auditd.service-fix-plugin-termination.patch
 BuildRequires:  audit-devel = %{version}
 BuildRequires:  autoconf >= 2.12
 BuildRequires:  kernel-headers >= 2.6.30
diff --git a/auditd.service-fix-plugin-termination.patch b/auditd.service-fix-plugin-termination.patch
new file mode 100644
index 0000000..d518463
--- /dev/null
+++ b/auditd.service-fix-plugin-termination.patch
@@ -0,0 +1,14 @@
+---
+ init.d/auditd.service |    1 +
+ 1 file changed, 1 insertion(+)
+
+--- a/init.d/auditd.service
++++ b/init.d/auditd.service
+@@ -32,6 +32,7 @@ ExecStopPost=/sbin/auditctl -R /etc/audi
+ Restart=on-failure
+ # Do not restart for intentional exits. See EXIT CODES section in auditd(8).
+ RestartPreventExitStatus=2 4 6
++KillMode=mixed
+ 
+ ### Security Settings ###
+ MemoryDenyWriteExecute=true