diff --git a/audit-allow-manual-stop.patch b/audit-allow-manual-stop.patch new file mode 100644 index 0000000..4f47e3a --- /dev/null +++ b/audit-allow-manual-stop.patch @@ -0,0 +1,23 @@ +From: Tony Jones +Subject: allow service stop +References: https://lists.fedoraproject.org/pipermail/devel/2012-June/169411.html +References: https://www.redhat.com/archives/linux-audit/2013-July/msg00048.html +--- + +legacy-actions is Fedora specific, so blocking manual stop won't work for +SUSE since we lack the ability to use a custom stop/restart + + + init.d/auditd.service | 1 - + 1 file changed, 1 deletion(-) + +--- a/init.d/auditd.service ++++ b/init.d/auditd.service +@@ -14,7 +14,6 @@ After=local-fs.target systemd-tmpfiles-s + Before=sysinit.target shutdown.target + ##Before=shutdown.target + Conflicts=shutdown.target +-RefuseManualStop=yes + + Documentation=man:auditd(8) https://github.com/linux-audit/audit-documentation + diff --git a/audit-secondary.changes b/audit-secondary.changes index 97000ad..722d51c 100644 --- a/audit-secondary.changes +++ b/audit-secondary.changes @@ -1,3 +1,14 @@ +------------------------------------------------------------------- +Wed Oct 2 11:15:07 UTC 2024 - Enzo Matsumiya + +- Readd audit-allow-manual-stop.patch (removed by mistake) + +------------------------------------------------------------------- +Tue Oct 1 14:43:13 UTC 2024 - Enzo Matsumiya + +- Fix plugin termination when using systemd service units (bsc#1215377) + * add auditd.service-fix-plugin-termination.patch + ------------------------------------------------------------------- Thu Sep 26 16:51:29 UTC 2024 - Enzo Matsumiya diff --git a/audit-secondary.spec b/audit-secondary.spec index b9fc07b..4d97848 100644 --- a/audit-secondary.spec +++ b/audit-secondary.spec @@ -39,6 +39,8 @@ Patch6: change-default-log_format.patch Patch7: fix-hardened-service.patch Patch8: enable-stop-rules.patch Patch9: fix-auparse-test.patch +Patch10: auditd.service-fix-plugin-termination.patch +Patch11: audit-allow-manual-stop.patch BuildRequires: audit-devel = %{version} BuildRequires: autoconf >= 2.12 BuildRequires: kernel-headers >= 2.6.30 diff --git a/auditd.service-fix-plugin-termination.patch b/auditd.service-fix-plugin-termination.patch new file mode 100644 index 0000000..c5d10ac --- /dev/null +++ b/auditd.service-fix-plugin-termination.patch @@ -0,0 +1,14 @@ +--- + init.d/auditd.service | 1 + + 1 file changed, 1 insertion(+) + +--- a/init.d/auditd.service ++++ b/init.d/auditd.service +@@ -29,6 +29,7 @@ ExecStopPost=/sbin/auditctl -R /etc/audi + Restart=on-failure + # Do not restart for intentional exits. See EXIT CODES section in auditd(8). + RestartPreventExitStatus=2 4 6 ++KillMode=mixed + + ### Security Settings ### + MemoryDenyWriteExecute=true