From 1878dbbb843a08723f771536276c32f769f6c4e93d7bc90584f7615a32104f2f Mon Sep 17 00:00:00 2001 From: Enzo Matsumiya Date: Wed, 2 Oct 2024 17:07:53 +0000 Subject: [PATCH] - Readd audit-allow-manual-stop.patch (removed by mistake) - Fix plugin termination when using systemd service units (bsc#1215377) * add auditd.service-fix-plugin-termination.patch OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=157 --- audit-allow-manual-stop.patch | 12 +++++------- audit-secondary.changes | 11 +++++++++++ audit-secondary.spec | 2 ++ auditd.service-fix-plugin-termination.patch | 14 ++++++++++++++ 4 files changed, 32 insertions(+), 7 deletions(-) create mode 100644 auditd.service-fix-plugin-termination.patch diff --git a/audit-allow-manual-stop.patch b/audit-allow-manual-stop.patch index 82663c3..4f47e3a 100644 --- a/audit-allow-manual-stop.patch +++ b/audit-allow-manual-stop.patch @@ -11,15 +11,13 @@ SUSE since we lack the ability to use a custom stop/restart init.d/auditd.service | 1 - 1 file changed, 1 deletion(-) -Index: audit-3.0.9/init.d/auditd.service -=================================================================== ---- audit-3.0.9.orig/init.d/auditd.service -+++ audit-3.0.9/init.d/auditd.service -@@ -11,7 +11,6 @@ After=local-fs.target systemd-tmpfiles-s +--- a/init.d/auditd.service ++++ b/init.d/auditd.service +@@ -14,7 +14,6 @@ After=local-fs.target systemd-tmpfiles-s Before=sysinit.target shutdown.target ##Before=shutdown.target Conflicts=shutdown.target -RefuseManualStop=yes - ConditionKernelCommandLine=!audit=0 - ConditionKernelCommandLine=!audit=off + + Documentation=man:auditd(8) https://github.com/linux-audit/audit-documentation diff --git a/audit-secondary.changes b/audit-secondary.changes index 97000ad..722d51c 100644 --- a/audit-secondary.changes +++ b/audit-secondary.changes @@ -1,3 +1,14 @@ +------------------------------------------------------------------- +Wed Oct 2 11:15:07 UTC 2024 - Enzo Matsumiya + +- Readd audit-allow-manual-stop.patch (removed by mistake) + +------------------------------------------------------------------- +Tue Oct 1 14:43:13 UTC 2024 - Enzo Matsumiya + +- Fix plugin termination when using systemd service units (bsc#1215377) + * add auditd.service-fix-plugin-termination.patch + ------------------------------------------------------------------- Thu Sep 26 16:51:29 UTC 2024 - Enzo Matsumiya diff --git a/audit-secondary.spec b/audit-secondary.spec index b9fc07b..4d97848 100644 --- a/audit-secondary.spec +++ b/audit-secondary.spec @@ -39,6 +39,8 @@ Patch6: change-default-log_format.patch Patch7: fix-hardened-service.patch Patch8: enable-stop-rules.patch Patch9: fix-auparse-test.patch +Patch10: auditd.service-fix-plugin-termination.patch +Patch11: audit-allow-manual-stop.patch BuildRequires: audit-devel = %{version} BuildRequires: autoconf >= 2.12 BuildRequires: kernel-headers >= 2.6.30 diff --git a/auditd.service-fix-plugin-termination.patch b/auditd.service-fix-plugin-termination.patch new file mode 100644 index 0000000..c5d10ac --- /dev/null +++ b/auditd.service-fix-plugin-termination.patch @@ -0,0 +1,14 @@ +--- + init.d/auditd.service | 1 + + 1 file changed, 1 insertion(+) + +--- a/init.d/auditd.service ++++ b/init.d/auditd.service +@@ -29,6 +29,7 @@ ExecStopPost=/sbin/auditctl -R /etc/audi + Restart=on-failure + # Do not restart for intentional exits. See EXIT CODES section in auditd(8). + RestartPreventExitStatus=2 4 6 ++KillMode=mixed + + ### Security Settings ### + MemoryDenyWriteExecute=true