pool/audit
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
80 Commits 1 Branch 0 Tags 1.9 MiB
74ea258675
Commit Graph

80 Commits

This Branch
This Branch
All Branches
Author SHA256 Message Date
Jan Matejka
74ea258675 - Update to version 2.4.1 
Changelog 2.4.1
  - Make python3 support easier
  - Add support for ppc64le (Tony Jones)
  - Add some translations for a1 of ioctl system calls
  - Add command & virtualization reports to aureport
  - Update aureport config report for new events
  - Add account modification summary report to aureport
  - Add GRP_MGMT and GRP_CHAUTHTOK event types
  - Correct aureport account change reports
  - Add integrity event report to aureport
  - Add config change summary report to aureport
  - Adjust some syslogging level settings in audispd
  - Improve parsing performance in everything
  - When ausearch outputs a line, use the previously parsed values (Burn Alting)
  - Improve searching and interpreting groups in events
  - Fully interpret the proctitle field in auparse
  - Correct libaudit and auditctl support for kernel features
  - Add support for backlog_time_wait setting via auditctl
  - Update syscall tables for the 3.18 kernel
  - Ignore DNS failure for email validation in auditd (#1138674)
  - Allow rotate as action for space_left and disk_full in auditd.conf
  - Correct login summary report of aureport
  - Auditctl syscalls can be comma separated list now
  - Update rules for new subsystems and capabilities
- Drop patch audit-add-ppc64le-mach-support.patch (already upstream)

OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=74
 2014-11-26 16:13:05 +00:00
Tony Jones
a550638087 Accepting request 247315 from home:jones_tony:branches:security 
OBS-URL: https://build.opensuse.org/request/show/247315
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=72
 2014-09-02 23:07:21 +00:00
Marcus Meissner
42c1e24684 Accepting request 244848 from home:elvigia:branches:security 
- If the system has been booted with audit=0 in the kernel cmdline
  auditd.service must refrain from starting as the relevant kernel
  subsystem will be permanently disabled.
  add patch: auditd-donot-start-if-kernel-cmdline-disabled.patch

OBS-URL: https://build.opensuse.org/request/show/244848
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=70
 2014-08-21 13:31:20 +00:00
Tony Jones
0251e93f2b Accepting request 240711 from home:jones_tony:branches:security 
OBS-URL: https://build.opensuse.org/request/show/240711
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=68
 2014-07-11 21:01:21 +00:00
Tony Jones
27566ad836 Accepting request 230410 from home:jones_tony:branches:security 
OBS-URL: https://build.opensuse.org/request/show/230410
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=66
 2014-04-16 22:35:54 +00:00
Tony Jones
998e45611f Accepting request 227625 from home:elvigia:branches:security 
- fix systemd warning: 
  "Configuration file /usr/lib/systemd/system/auditd.service 
  is marked world-inaccessible. 
  This has no effect as configuration data is accessible 
  via APIs without restrictions"
* indeed restricting access to unit files using filesystem
  permissions is non-sense.

OBS-URL: https://build.opensuse.org/request/show/227625
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=64
 2014-03-26 19:47:19 +00:00
Tony Jones
c0de89a52c Accepting request 224270 from home:jones_tony:branches:security 
OBS-URL: https://build.opensuse.org/request/show/224270
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=62
 2014-02-28 18:39:10 +00:00
Tony Jones
b30a3d0a5f Accepting request 221023 from home:jones_tony:branches:security 
OBS-URL: https://build.opensuse.org/request/show/221023
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=60
 2014-02-05 16:51:31 +00:00
Tony Jones
87bc3dd49c Accepting request 209366 from home:jones_tony:branches:security 
OBS-URL: https://build.opensuse.org/request/show/209366
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=58
 2013-12-04 07:41:29 +00:00
Tony Jones
ca9983ce34 Accepting request 209349 from home:jones_tony:branches:security 
OBS-URL: https://build.opensuse.org/request/show/209349
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=57
 2013-12-03 22:28:29 +00:00
Marcus Meissner
369b484525 Accepting request 201890 from home:cboltz:branches:security 
- (re-)add rcauditd as symlink to /usr/sbin/service
("rcauditd" was lost while moving to auditd.service)

Please forward to Factory and 13.1

OBS-URL: https://build.opensuse.org/request/show/201890
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=55
 2013-10-03 11:03:22 +00:00
Stephan Kulow
2db0c57f70 - remove libcap-ng too from audit.spec as it's only needed for plugins 
(and libcap-ng itself needs python to build bindings)

OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=53
 2013-06-28 09:31:27 +00:00
Tony Jones
e38ed3ab5f Accepting request 181246 from home:jones_tony:branches:security 
OBS-URL: https://build.opensuse.org/request/show/181246
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=52
 2013-06-28 08:51:36 +00:00
Marcus Meissner
6fe93068b6 - audit-no_m4_dir.patch: Removed AC_CONFIG_MACRO_DIR([m4]) from 
configure.ac to fix build with new automake
  buildrequired and the lack of those requires causes a broken
  configure script after autoreconf add pkgconfig(libcap-ng)
  to both audit and audit-secondary, cap-ng is actually only
  use in the latter.

OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=50
 2013-04-30 13:55:28 +00:00
Marcus Meissner
c9dec60b6c Accepting request 173494 from openSUSE:Factory:Staging:Automake 
- Removed AC_CONFIG_MACRO_DIR([m4]) from configure.ac to fix
  build with new automake

OBS-URL: https://build.opensuse.org/request/show/173494
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=49
 2013-04-29 10:57:24 +00:00
Marcus Meissner
85d7f2569e Accepting request 161029 from home:elvigia:branches:security 
- Buildrequires cap-ng library 

- --with-libcap-ng=yes has no effect if libcap-ng is not 
buildrequired and the lack of those requires causes a broken
configure script after autoreconf add pkgconfig(libcap-ng)
to both audit and audit-secondary, cap-ng is actually only
use in the latter.

- Version 2.2.3
- Code cleanups
- In spec file, don't own lib64/audit
- Update man pages
- Aureport no longer reads auditd.conf when stdin is used
- Don't let systemd kill auditd if auditctl errors out
- Update syscall table for 3.7 and 3.8 kernels
- Add interpretation for setns and unshare syscalls
- Code cleanup (Tyler Hicks)
- Documentation cleanups (Laurent Bigonville)
- Add dirfd interpretation to the *at functions
- Add termination signal to clone flags interpretation
- Update stig.rules
- In auditctl, when listing rules don't print numeric value of dir fields
- Add support for rng resource type in auvirt
- Fix aulast bad login output (#922508)
- In ausearch, allow negative numbers for session and auid searches
- In audisp-remote, if disk_full_action is stop then stop sending (#908977)

OBS-URL: https://build.opensuse.org/request/show/161029
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=47
 2013-03-26 08:57:41 +00:00
Tony Jones
bb9092a477 Accepting request 160635 from home:elvigia:branches:security 
- remove sysvinit scripts.

OBS-URL: https://build.opensuse.org/request/show/160635
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=45
 2013-03-23 06:14:34 +00:00
Marcus Meissner
11f82fb426 Accepting request 150497 from home:elvigia:branches:security 
** Please send to 12.3 because starting the audit daemon is broken with systemd ****

- remove old tarball and update -secondary spec 

- Audit 2.2.2 , the purpose of this update is too add compatibility
 with systemd for 12.3
- In auditd, tcp_max_per_addr was allowing 1 more connection than specified
- In ausearch, fix matching of object records
- Auditctl was returning -1 when listing rules filtered on a key field
- Add interpretations for CAP_BLOCK_SUSPEND and CAP_COMPROMISE_KERNEL
- Add armv5tejl, armv5tel, armv6l and armv7l machine types (Nathaniel Husted) 
- Updates for the 3.6 kernel
- Add auparse_feed_has_data function to libauparse
- Update audisp-prelude to use auparse_feed_has_data
- Add support to conditionally build auditd network listener (Tyler Hicks)
- In auditd, reset a flag after receiving USR1 signal info when rotating logs
- Add optional systemd init script support
- Add support for SECCOMP event type
- Don't interpret aN_len field in EXECVE records (#869555)
- In audisp-remote, do better job of draining queue
- Fix capability parsing in ausearch/auparse
- Interpret BPRM_FCAPS capability fields
- Add ANOM_LINK event type

OBS-URL: https://build.opensuse.org/request/show/150497
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=43
 2013-01-31 12:22:54 +00:00
Marcus Meissner
5c22955868 Accepting request 149539 from home:jengelh:branches:security 
- Executing autoreconf requires autoconf

OBS-URL: https://build.opensuse.org/request/show/149539
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=41
 2013-01-22 14:09:24 +00:00
Marcus Meissner
1dfe6ebd81 Accepting request 137972 from home:coolo:branches:openSUSE:Factory 
- Update to version 2.2.1, see audit's changes

- update to 2.2.1, upstream changelog:
  2.2.1
  - Add more interpretations in auparse for syscall parameters 
  - Add some interpretations to ausearch for syscall parameters
  - In ausearch/report and auparse, allocate extra space for node names
  - Update syscall tables for the 3.3.0 kernel
  - Update libev to 4.0.4
  - Reduce the size of some applications
  - In auditctl, check usage against euid rather than uid
  
  2.2
  - Correct all rules for clock_settime
  - Fix possible segfault in auparse library
  - Handle malformed socket addresses better
  - Improve performance in audit_log_user_message() 
  - Improve performance in writing to the log file in auditd
  - Syscall update for accept4 and recvmmsg
  - Update autrace resource usage mode syscall list
  - Improved sample rules for recent syscalls
  - Add some debug info to audisp-remote startup and shutdown
  - Make compiling with Python optional
  - In auditd, if disk_error_action is ignore, don't syslog anything
  - Fix some memory leaks
  - If audispd is stopping, don't restart children
  - Add support in auditctl for shell escaped filenames (Alexander)
  - Add search support for virt events (Marcelo Cerri)
  - Update interpretation tables
  - Sync auparse's auditd config parser with auditd's parser

OBS-URL: https://build.opensuse.org/request/show/137972
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=39
 2012-10-12 13:06:39 +00:00
Tony Jones
cfd8ce15d5 Accepting request 107576 from home:jones_tony:branches:security 
OBS-URL: https://build.opensuse.org/request/show/107576
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=37
 2012-02-29 18:06:19 +00:00
Cristian Rodríguez
3adbde561c Accepting request 85948 from home:coolo:removelibtool 
add libtool as buildrequires so we no longer rely on libtool in the project config of factory - it's only needed by <10% of all packages

OBS-URL: https://build.opensuse.org/request/show/85948
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=35
 2011-10-02 15:39:13 +00:00
Stephan Kulow
2b8b1fed25 Accepting request 82852 from home:jengelh:bl-a 
- Remove redundant tags/sections from specfile
- Add audit-devel to baselibs

OBS-URL: https://build.opensuse.org/request/show/82852
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=33
 2011-09-29 19:23:17 +00:00
OBS User buildservice-autocommit
5d9bcf7005 Updating link to change in openSUSE:Factory/audit revision 50.0 
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=8433422b952ca1e5826be6685f3c01cc
 2011-05-23 09:58:02 +00:00
Tony Jones
d750318163 Accepting request 70848 from home:jones_tony:branches:security 
OBS-URL: https://build.opensuse.org/request/show/70848
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=31
 2011-05-20 17:11:17 +00:00
OBS User buildservice-autocommit
dbe2bd5b42 Updating link to change in openSUSE:Factory/audit revision 48.0 
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=410013c5ddbb68f9fcc4d529db09c933
 2011-05-12 06:48:59 +00:00
Tony Jones
7e0c834266 Accepting request 70025 from home:msmeissn:branches:security 
fixed licenses of libaudit and libauparse to be lgplv 2.1, not gpl v

OBS-URL: https://build.opensuse.org/request/show/70025
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=29
 2011-05-11 15:36:01 +00:00
OBS User buildservice-autocommit
597e1d068a Updating link to change in openSUSE:Factory/audit revision 46.0 
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=3300b577ee25476404b408203e15fcc5
 2011-05-02 10:07:44 +00:00
Tony Jones
681ec0a9b1 Accepting request 68631 from home:jones_tony:branches:security 
OBS-URL: https://build.opensuse.org/request/show/68631
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=27
 2011-04-28 00:17:07 +00:00
OBS User buildservice-autocommit
ae458029f1 Updating link to change in openSUSE:Factory/audit revision 44.0 
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=28c7cc58332f5f9cff99531480c54d1b
 2011-02-21 13:53:49 +00:00
Marcus Meissner
7ce8ae0c1a Accepting request 62244 from home:a_jaeger:branches:openSUSE:Factory 
looks good

OBS-URL: https://build.opensuse.org/request/show/62244
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=25
 2011-02-21 13:30:00 +00:00
Cristian Rodríguez
db50017012 Accepting request 55136 from home:coolo:branches:openSUSE:Factory 
OBS-URL: https://build.opensuse.org/request/show/55136
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=23
 2010-12-08 18:45:55 +00:00
Roman Drahtmueller
ace0094f74 Accepting request 52353 from home:elvigia:branches:security 
OBS-URL: https://build.opensuse.org/request/show/52353
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=22
 2010-11-09 12:34:18 +00:00
OBS User buildservice-autocommit
05e25b4eee Updating link to change in openSUSE:Factory/audit revision 39.0 
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=e38cdd0b691b6b60755903cb397b7849
 2010-10-07 23:12:17 +00:00
OBS User autobuild
d92fcc232e Accepting request 50024 from security 
checked in (request 50024)

OBS-URL: https://build.opensuse.org/request/show/50024
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=21
 2010-10-07 23:12:16 +00:00
Tony Jones
ac0c7391c5 Accepting request 49601 from home:jones_tony:branches:security 
Update to 2.0.5

OBS-URL: https://build.opensuse.org/request/show/49601
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=20
 2010-09-30 21:25:40 +00:00
Cristian Rodríguez
09202d73d5 Accepting request 49302 from home:a_jaeger:branches:openSUSE:Factory 
OBS-URL: https://build.opensuse.org/request/show/49302
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=19
 2010-09-28 17:00:09 +00:00
Roman Drahtmueller
426a43d7b5 Accepting request 49204 from home:a_jaeger:branches:openSUSE:Factory 
Passt. :-)

OBS-URL: https://build.opensuse.org/request/show/49204
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=18
 2010-09-27 12:04:27 +00:00
OBS User buildservice-autocommit
e335f1c6d6 Updating link to change in openSUSE:Factory/audit revision 38.0 
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=3d3241e0b15443eae39871a7fdf480eb
 2010-07-30 10:34:44 +00:00
OBS User autobuild
333ec06a56 Accepting request 44227 from security 
checked in (request 44227)

OBS-URL: https://build.opensuse.org/request/show/44227
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=17
 2010-07-30 10:34:43 +00:00
Pavol Rusnak
c124cb61ad Accepting request 42110 from home:jengelh:smp 
Copy from home:jengelh:smp/audit via accept of submit request 42110 revision 2.
Request was accepted with message:
Reviewed ok

OBS-URL: https://build.opensuse.org/request/show/42110
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=15
 2010-06-28 14:21:21 +00:00
Tony Jones
e9437f927f Accepting request 42081 from home:jones_tony:branches:security 
Copy from home:jones_tony:branches:security/audit via accept of submit request 42081 revision 2.
Request was accepted with message:

OBS-URL: https://build.opensuse.org/request/show/42081
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=14
 2010-06-25 21:50:35 +00:00
OBS User buildservice-autocommit
d544d6b07c Updating link to change in openSUSE:Factory/audit revision 34.0 
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=4fa5a897999b3867dbdd76d1680e2ff7
 2010-06-25 18:41:59 +00:00
OBS User autobuild
18f1fae524 Accepting request 42072 from security 
checked in (request 42072)

OBS-URL: https://build.opensuse.org/request/show/42072
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=13
 2010-06-25 18:41:58 +00:00
Pavol Rusnak
a7716f3703 Accepting request 42071 from home:dirkmueller:branches:security 
Copy from home:dirkmueller:branches:security/audit via accept of submit request 42071 revision 2.
Request was accepted with message:
Reviewed ok

OBS-URL: https://build.opensuse.org/request/show/42071
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=12
 2010-06-25 15:52:01 +00:00
OBS User buildservice-autocommit
1879b107aa Updating link to change in openSUSE:Factory/audit revision 33.0 
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=2e549d51645610c56d39ee90f5dfd448
 2010-05-05 18:41:24 +00:00
OBS User autobuild
4cd295e351 Accepting request 39398 from security 
checked in (request 39398)

OBS-URL: https://build.opensuse.org/request/show/39398
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=11
 2010-05-05 18:41:23 +00:00
Tony Jones
11af0b5c51 Accepting request 39397 from home:jones_tony:branches:security 
Copy from home:jones_tony:branches:security/audit via accept of submit request 39397 revision 9.
Request was accepted with message:

OBS-URL: https://build.opensuse.org/request/show/39397
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=10
 2010-05-04 18:46:08 +00:00
OBS User buildservice-autocommit
7cca605a4b Updating link to change in openSUSE:Factory/audit revision 32.0 
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=81fc369541db1b3f9fd7ad1d0bd0caa4
 2010-03-18 14:35:56 +00:00
OBS User autobuild
81970e5659 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/audit?expand=0&rev=32 2010-03-18 14:35:56 +00:00