- Update audit-secondary.spec:
* Add "Requires: audit-rules" for audit package
* Remove preun/postun handling of audit-rules.service
- Update to 4.0
- Drop python2 support
- Drop auvirt and autrace programs
- Drop SysVinit support
- Require the use of the 5.0 or later kernel headers
- New README.md file
- Rewrite legacy service functions in terms of systemctl
- Consolidate and update end of event detection to a common function
- Split off rule loading from auditd.service into audit-rules.service
- Refactor libaudit.h to split out logging functions and record numbers
- Speed up aureport --summary reports
- Limit libaudit python bindings to logging functions
- Add a metrics function for auparse
- Change auditctl to use pidfd_send_signal for signaling auditd
- Adjust watches to optimize syscalls hooked when watch file access
- Drop nispom rules
- Add intepretations for fsconfig, fsopen, fsmount, & move_mount
- Many code fixups (cgzones)
- Update syscall and interpretation tables to the 6.8 kernel
(from v3.1.2)
- When processing a run level change, make auditd exit
- In auditd, fix return code when rules added in immutable mode
- In auparse, when files are given, also consider EUID for access
- Auparse now interprets unnamed/anonymous sockets (Enzo Matsumiya)
- Disable Python bindings from setting rules due to swig bug (S. Trofimovich)
- Update all lookup tables for the 6.5 kernel
- Don't be as paranoid about auditctl -R file permissions
- In ausearch, correct subject/object search to be an and if both are given
- Adjust formats for 64 bit time_t
- Fix segfault in python bindings around the feed API
- Add feed_has_data, get_record_num, and get/goto_field_num to python bindings
- Update spec:
* Move rules-related files into new subpackage `audit-rules':
* Files moved:
- /sbin/auditctl, /sbin/augenrules,
/etc/audit/{audit.rules,rules.d/audit.rules,audit-stop.rules}
- manpages for auditctl, augenrules, and audit.rules
- /etc/audit is now owned by `audit-rules' as well
* Add new file /usr/lib/systemd/system/audit-rules.service
* Remove in-house create-augenrules-service.patch that generated
augenrules.service systemd unit service
* Remove ownership of /usr/share/audit
* Create /usr/share/audit-rules directory on %install
* Remove audit-userspace-517-compat.patch (fixed upstream)
* Remove libev-werror.patch (fixed upstream)
* Remove audit-allow-manual-stop.patch (fixed upstream)
* Add fix-auparse-test.patch (downstream):
Upstream tests uses a static value (42) for 'gdm' uid/gid (based
on Fedora values, apparently). Replace these occurrences with
'unknown(123456)'
* Replace '--with-python' with '--with-python3' on %configure
* Remove autrace and auvirt references (upstream)
* Replace README with README.md
- Drop `--enable-systemd' from %configure as SysV-style scripts
aren't supported in upstream since
113ae191758c ("Drop support for SysVinit")
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=155
This commit is contained in:
Git OBS Bridge
parent
3f0a4c9486
commit
90ef868a13
@ -1,9 +1,44 @@
|
||||
-------------------------------------------------------------------
|
||||
Mon Sep 9 14:33:29 UTC 2024 - Enzo Matsumiya <ematsumiya@suse.com>
|
||||
Thu Sep 26 16:51:29 UTC 2024 - Enzo Matsumiya <ematsumiya@suse.com>
|
||||
|
||||
- Update audit-secondary.spec:
|
||||
* Add "Requires: audit-rules" for audit package
|
||||
* Remove preun/postun handling of audit-rules.service
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Sep 17 18:23:15 UTC 2024 - Enzo Matsumiya <ematsumiya@suse.com>
|
||||
|
||||
- Update to 4.0
|
||||
* Includes fixes since v3.1.1
|
||||
* Enhance support for newer (5.0+) kernels
|
||||
- Drop python2 support
|
||||
- Drop auvirt and autrace programs
|
||||
- Drop SysVinit support
|
||||
- Require the use of the 5.0 or later kernel headers
|
||||
- New README.md file
|
||||
- Rewrite legacy service functions in terms of systemctl
|
||||
- Consolidate and update end of event detection to a common function
|
||||
- Split off rule loading from auditd.service into audit-rules.service
|
||||
- Refactor libaudit.h to split out logging functions and record numbers
|
||||
- Speed up aureport --summary reports
|
||||
- Limit libaudit python bindings to logging functions
|
||||
- Add a metrics function for auparse
|
||||
- Change auditctl to use pidfd_send_signal for signaling auditd
|
||||
- Adjust watches to optimize syscalls hooked when watch file access
|
||||
- Drop nispom rules
|
||||
- Add intepretations for fsconfig, fsopen, fsmount, & move_mount
|
||||
- Many code fixups (cgzones)
|
||||
- Update syscall and interpretation tables to the 6.8 kernel
|
||||
(from v3.1.2)
|
||||
- When processing a run level change, make auditd exit
|
||||
- In auditd, fix return code when rules added in immutable mode
|
||||
- In auparse, when files are given, also consider EUID for access
|
||||
- Auparse now interprets unnamed/anonymous sockets (Enzo Matsumiya)
|
||||
- Disable Python bindings from setting rules due to swig bug (S. Trofimovich)
|
||||
- Update all lookup tables for the 6.5 kernel
|
||||
- Don't be as paranoid about auditctl -R file permissions
|
||||
- In ausearch, correct subject/object search to be an and if both are given
|
||||
- Adjust formats for 64 bit time_t
|
||||
- Fix segfault in python bindings around the feed API
|
||||
- Add feed_has_data, get_record_num, and get/goto_field_num to python bindings
|
||||
|
||||
- Update spec:
|
||||
* Move rules-related files into new subpackage `audit-rules':
|
||||
|
||||
@ -68,6 +68,7 @@ Summary: User Space Tools for Kernel Auditing
|
||||
License: LGPL-2.1-or-later
|
||||
Group: System/Monitoring
|
||||
Requires: %{_name}-libs = %{version}
|
||||
Requires: %{_name}-rules = %{version}
|
||||
Requires: coreutils
|
||||
Requires: group(audit)
|
||||
%{?systemd_ordering}
|
||||
@ -257,7 +258,6 @@ fi
|
||||
|
||||
%preun -n audit
|
||||
%service_del_preun auditd.service
|
||||
%service_del_preun audit-rules.service
|
||||
|
||||
%preun -n audit-rules
|
||||
# If uninstalling, delete the rules loaded in the kernel
|
||||
@ -268,7 +268,6 @@ fi
|
||||
|
||||
%postun -n audit
|
||||
%service_del_postun auditd.service
|
||||
%service_del_postun audit-rules.service
|
||||
|
||||
%postun -n audit-rules
|
||||
%service_del_postun audit-rules.service
|
||||
|
||||
@ -1,9 +1,37 @@
|
||||
-------------------------------------------------------------------
|
||||
Mon Sep 9 14:32:43 UTC 2024 - Enzo Matsumiya <ematsumiya@suse.com>
|
||||
Tue Sep 17 18:20:58 UTC 2024 - Enzo Matsumiya <ematsumiya@suse.com>
|
||||
|
||||
- Update to 4.0
|
||||
* Includes fixes since v3.1.1
|
||||
* Enhance support for newer (5.0+) kernels
|
||||
- Drop python2 support
|
||||
- Drop auvirt and autrace programs
|
||||
- Drop SysVinit support
|
||||
- Require the use of the 5.0 or later kernel headers
|
||||
- New README.md file
|
||||
- Rewrite legacy service functions in terms of systemctl
|
||||
- Consolidate and update end of event detection to a common function
|
||||
- Split off rule loading from auditd.service into audit-rules.service
|
||||
- Refactor libaudit.h to split out logging functions and record numbers
|
||||
- Speed up aureport --summary reports
|
||||
- Limit libaudit python bindings to logging functions
|
||||
- Add a metrics function for auparse
|
||||
- Change auditctl to use pidfd_send_signal for signaling auditd
|
||||
- Adjust watches to optimize syscalls hooked when watch file access
|
||||
- Drop nispom rules
|
||||
- Add intepretations for fsconfig, fsopen, fsmount, & move_mount
|
||||
- Many code fixups (cgzones)
|
||||
- Update syscall and interpretation tables to the 6.8 kernel
|
||||
(from v3.1.2)
|
||||
- When processing a run level change, make auditd exit
|
||||
- In auditd, fix return code when rules added in immutable mode
|
||||
- In auparse, when files are given, also consider EUID for access
|
||||
- Auparse now interprets unnamed/anonymous sockets (Enzo Matsumiya)
|
||||
- Disable Python bindings from setting rules due to swig bug (S. Trofimovich)
|
||||
- Update all lookup tables for the 6.5 kernel
|
||||
- Don't be as paranoid about auditctl -R file permissions
|
||||
- In ausearch, correct subject/object search to be an and if both are given
|
||||
- Adjust formats for 64 bit time_t
|
||||
- Fix segfault in python bindings around the feed API
|
||||
- Add feed_has_data, get_record_num, and get/goto_field_num to python bindings
|
||||
|
||||
- Update spec:
|
||||
* Add fix-auparse-test.patch (downstream):
|
||||
|
||||
Loading…
Reference in New Issue
Block a user