pool/audit
SHA256
2
0
Fork 2
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

- Readd audit-allow-manual-stop.patch (removed by mistake)

Browse Source 
- Fix plugin termination when using systemd service units (bsc#1215377)
  * add auditd.service-fix-plugin-termination.patch

OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=157
This commit is contained in:
Enzo Matsumiya 2024-10-02 17:07:53 +00:00 committed by Git OBS Bridge
parent 90ef868a13
commit 1878dbbb84
4 changed files with 32 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
audit-allow-manual-stop.patch
View File

@ -11,15 +11,13 @@ SUSE since we lack the ability to use a custom stop/restart
init.d/auditd.service | 1 - init.d/auditd.service | 1 -
1 file changed, 1 deletion(-) 1 file changed, 1 deletion(-)
Index: audit-3.0.9/init.d/auditd.service --- a/init.d/auditd.service
=================================================================== +++ b/init.d/auditd.service
--- audit-3.0.9.orig/init.d/auditd.service @@ -14,7 +14,6 @@ After=local-fs.target systemd-tmpfiles-s
+++ audit-3.0.9/init.d/auditd.service
@@ -11,7 +11,6 @@ After=local-fs.target systemd-tmpfiles-s
Before=sysinit.target shutdown.target Before=sysinit.target shutdown.target
##Before=shutdown.target ##Before=shutdown.target
Conflicts=shutdown.target Conflicts=shutdown.target
-RefuseManualStop=yes -RefuseManualStop=yes
ConditionKernelCommandLine=!audit=0
ConditionKernelCommandLine=!audit=off Documentation=man:auditd(8) https://github.com/linux-audit/audit-documentation

11
audit-secondary.changes
View File

@ -1,3 +1,14 @@
-------------------------------------------------------------------
Wed Oct 2 11:15:07 UTC 2024 - Enzo Matsumiya <ematsumiya@suse.com>
- Readd audit-allow-manual-stop.patch (removed by mistake)
-------------------------------------------------------------------
Tue Oct 1 14:43:13 UTC 2024 - Enzo Matsumiya <ematsumiya@suse.com>
- Fix plugin termination when using systemd service units (bsc#1215377)
* add auditd.service-fix-plugin-termination.patch
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Sep 26 16:51:29 UTC 2024 - Enzo Matsumiya <ematsumiya@suse.com> Thu Sep 26 16:51:29 UTC 2024 - Enzo Matsumiya <ematsumiya@suse.com>

2
audit-secondary.spec
View File

@ -39,6 +39,8 @@ Patch6: change-default-log_format.patch
Patch7: fix-hardened-service.patch Patch7: fix-hardened-service.patch
Patch8: enable-stop-rules.patch Patch8: enable-stop-rules.patch
Patch9: fix-auparse-test.patch Patch9: fix-auparse-test.patch
Patch10: auditd.service-fix-plugin-termination.patch
Patch11: audit-allow-manual-stop.patch
BuildRequires: audit-devel = %{version} BuildRequires: audit-devel = %{version}
BuildRequires: autoconf >= 2.12 BuildRequires: autoconf >= 2.12
BuildRequires: kernel-headers >= 2.6.30 BuildRequires: kernel-headers >= 2.6.30

14
auditd.service-fix-plugin-termination.patch Normal file
View File

@ -0,0 +1,14 @@
---
init.d/auditd.service | 1 +
1 file changed, 1 insertion(+)
--- a/init.d/auditd.service
+++ b/init.d/auditd.service
@@ -29,6 +29,7 @@ ExecStopPost=/sbin/auditctl -R /etc/audi
Restart=on-failure
# Do not restart for intentional exits. See EXIT CODES section in auditd(8).
RestartPreventExitStatus=2 4 6
+KillMode=mixed
### Security Settings ###
MemoryDenyWriteExecute=true