Accepting request 150497 from home:elvigia:branches:security

** Please send to 12.3 because starting the audit daemon is broken with systemd **** - remove old tarball and update -secondary spec - Audit 2.2.2 , the purpose of this update is too add compatibility with systemd for 12.3 - In auditd, tcp_max_per_addr was allowing 1 more connection than specified - In ausearch, fix matching of object records - Auditctl was returning -1 when listing rules filtered on a key field - Add interpretations for CAP_BLOCK_SUSPEND and CAP_COMPROMISE_KERNEL - Add armv5tejl, armv5tel, armv6l and armv7l machine types (Nathaniel Husted) - Updates for the 3.6 kernel - Add auparse_feed_has_data function to libauparse - Update audisp-prelude to use auparse_feed_has_data - Add support to conditionally build auditd network listener (Tyler Hicks) - In auditd, reset a flag after receiving USR1 signal info when rotating logs - Add optional systemd init script support - Add support for SECCOMP event type - Don't interpret aN_len field in EXECVE records (#869555) - In audisp-remote, do better job of draining queue - Fix capability parsing in ausearch/auparse - Interpret BPRM_FCAPS capability fields - Add ANOM_LINK event type OBS-URL: https://build.opensuse.org/request/show/150497 OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=43
2013-01-31 12:22:54 +00:00 · 2013-01-31 12:22:54 +00:00 · 11f82fb426
commit 11f82fb426
parent 5c22955868
5 changed files with 42 additions and 6 deletions
--- a/audit-2.2.1.tar.gz
+++ b/audit-2.2.1.tar.gz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:9865ca89f5b975ccf25441ddf45a874448f2bba944005aa8cd5e3c3148713a63
-size 877202
--- a/audit-2.2.2.tar.gz
+++ b/audit-2.2.2.tar.gz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:8bc2b45a5f08f5df6cebcd5543f24b7e68e28b64da4b23f08de2c6616384302b
+size 907066
--- a/audit-secondary.spec
+++ b/audit-secondary.spec
@ -27,7 +27,7 @@ BuildRequires:  swig
 Summary:        Python Bindings for libaudit
 License:        GPL-2.0+
 Group:          System/Monitoring
-Version:        2.2.1
+Version:        2.2.2
 Release:        0
 Url:            http://people.redhat.com/sgrubb/audit/
 Source0:        http://people.redhat.com/sgrubb/audit/%{_name}-%{version}.tar.gz
--- a/audit.changes
+++ b/audit.changes
@ -1,3 +1,31 @@
+-------------------------------------------------------------------
+Wed Jan 30 23:19:33 UTC 2013 - crrodriguez@opensuse.org
+
+- remove old tarball and update -secondary spec 
+
+-------------------------------------------------------------------
+Wed Jan 30 23:12:19 UTC 2013 - crrodriguez@opensuse.org
+
+- Audit 2.2.2 , the purpose of this update is too add compatibility
+ with systemd for 12.3
+- In auditd, tcp_max_per_addr was allowing 1 more connection than specified
+- In ausearch, fix matching of object records
+- Auditctl was returning -1 when listing rules filtered on a key field
+- Add interpretations for CAP_BLOCK_SUSPEND and CAP_COMPROMISE_KERNEL
+- Add armv5tejl, armv5tel, armv6l and armv7l machine types (Nathaniel Husted) 
+- Updates for the 3.6 kernel
+- Add auparse_feed_has_data function to libauparse
+- Update audisp-prelude to use auparse_feed_has_data
+- Add support to conditionally build auditd network listener (Tyler Hicks)
+- In auditd, reset a flag after receiving USR1 signal info when rotating logs
+- Add optional systemd init script support
+- Add support for SECCOMP event type
+- Don't interpret aN_len field in EXECVE records (#869555)
+- In audisp-remote, do better job of draining queue
+- Fix capability parsing in ausearch/auparse
+- Interpret BPRM_FCAPS capability fields
+- Add ANOM_LINK event type
+
 -------------------------------------------------------------------
 Tue Jan 22 12:34:00 UTC 2013 - jengelh@inai.de

--- a/audit.spec
+++ b/audit.spec
@ -20,7 +20,7 @@ Name:           audit
 Summary:        User Space Tools for 2.6 Kernel Auditing
 License:        GPL-2.0+
 Group:          System/Monitoring
-Version:        2.2.1
+Version:        2.2.2
 Release:        0
 Url:            http://people.redhat.com/sgrubb/audit/
 Source0:        http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
@ -36,6 +36,7 @@ BuildRequires:  gcc-c++
 BuildRequires:  kernel-headers >= 2.6.29
 BuildRequires:  libtool
 BuildRequires:  tcpd-devel
+BuildRequires:  pkgconfig(systemd)
 Requires:       %{name}-libs = %{version}
 PreReq:         %insserv_prereq %fillup_prereq

@ -87,7 +88,7 @@ export CFLAGS="%{optflags} -fno-strict-aliasing"
 export CXXFLAGS="$CFLAGS"
 export LDFLAGS="-Wl,-z,relro,-z,now"
 # no krb support (omit --enable-gssapi-krb5=yes), see audit-no-gss.patch
-%configure --libexecdir=%{_prefix}/lib/%{name} \
+%configure --enable-systemd --libexecdir=%{_prefix}/lib/%{name} \
 	   --with-apparmor --with-libwrap --with-libcap-ng=yes \
 	   --disable-static --with-pic --without-python
 %{__make} %{?_smp_mflags}
@ -151,13 +152,19 @@ if [ -f /etc/audit.rules ]; then
   mv /etc/audit/audit.rules /etc/audit/audit.rules.new
   mv /etc/audit.rules /etc/audit/audit.rules
 fi
+%service_add_post auditd.service
+
+%pre
+%service_add_pre auditd.service

 %preun
 %stop_on_removal auditd
+%service_del_preun auditd.service

 %postun
 %restart_on_update auditd
 %{insserv_cleanup}
+%service_del_postun auditd.service

 %files -n libaudit1
 %defattr(-,root,root)
@ -229,5 +236,6 @@ fi
 %ghost %config(noreplace) /var/log/audit/audit.log
 %dir %attr(700,root,root) /var/spool/audit
 %attr(755,root,root) /usr/bin/ausyscall
+%{_unitdir}/auditd.service

 %changelog