audit/audit-no-gss.patch

25 lines
701 B
Diff
Raw Normal View History

- Update to 4.0 * Includes fixes since v3.1.1 * Enhance support for newer (5.0+) kernels - Update spec: * Move rules-related files into new subpackage `audit-rules': * Files moved: - /sbin/auditctl, /sbin/augenrules, /etc/audit/{audit.rules,rules.d/audit.rules,audit-stop.rules} - manpages for auditctl, augenrules, and audit.rules - /etc/audit is now owned by `audit-rules' as well * Add new file /usr/lib/systemd/system/audit-rules.service * Remove in-house create-augenrules-service.patch that generated augenrules.service systemd unit service * Remove ownership of /usr/share/audit * Create /usr/share/audit-rules directory on %install * Remove audit-userspace-517-compat.patch (fixed upstream) * Remove libev-werror.patch (fixed upstream) * Remove audit-allow-manual-stop.patch (fixed upstream) * Add fix-auparse-test.patch (downstream): Upstream tests uses a static value (42) for 'gdm' uid/gid (based on Fedora values, apparently). Replace these occurrences with 'unknown(123456)' * Replace '--with-python' with '--with-python3' on %configure * Remove autrace and auvirt references (upstream) * Replace README with README.md - Drop `--enable-systemd' from %configure as SysV-style scripts aren't supported in upstream since 113ae191758c ("Drop support for SysVinit") - Update to 4.0 * Includes fixes since v3.1.1 * Enhance support for newer (5.0+) kernels - Update spec: * Add fix-auparse-test.patch (downstream): Upstream tests uses a static value (42) for 'gdm' uid/gid (based on Fedora values, apparently). Replace these occurrences with 'unknown(123456)' * Replace '--with-python' with '--with-python3' on %configure * Add new headers 'audit_logging.h' and 'audit-records.h' for audit-devel TODO: fix build for SLE/Leap OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=153
2024-09-17 10:11:59 +02:00
From: Tony Jones <tonyj@suse.de>
Subject: Disable GSS options from config file
Upsteam: never
Disable GSS/Kerberos options from config file. They are disabled from configure
but need manual removal here.
---
init.d/auditd.conf | 3 ---
1 file changed, 3 deletions(-)
Index: audit-3.0.9/init.d/auditd.conf
===================================================================
--- audit-3.0.9.orig/init.d/auditd.conf
+++ audit-3.0.9/init.d/auditd.conf
@@ -30,8 +30,6 @@ tcp_max_per_addr = 1
##tcp_client_ports = 1024-65535
tcp_client_max_idle = 0
transport = TCP
-krb5_principal = auditd
-##krb5_key_file = /etc/audit/audit.key
distribute_network = no
q_depth = 2000
overflow_action = SYSLOG