239d018a6e
- Update audit.spec (bsc#1231236): * add requirement for 'awk' package * move some %post logic from audit to audit-rules
Enzo Matsumiya2024-10-11 13:04:43 +00:00
815d1e775d
Accepting request 1206516 from home:ematsumiya:branches:security
Enzo Matsumiya2024-10-11 13:04:43 +00:00
757054e43f
Accepting request 1205295 from security
Ana Guerrero2024-10-03 15:59:59 +00:00
c63b7ea5be
Accepting request 1205295 from security
Ana Guerrero2024-10-03 15:59:59 +00:00
1878dbbb84
- Readd audit-allow-manual-stop.patch (removed by mistake) - Fix plugin termination when using systemd service units (bsc#1215377) * add auditd.service-fix-plugin-termination.patch
Enzo Matsumiya2024-10-02 17:07:53 +00:00
40e8c1a939
Accepting request 1205294 from home:ematsumiya:branches:security
Enzo Matsumiya2024-10-02 17:07:53 +00:00
66d350687b
Accepting request 1204507 from security
Ana Guerrero2024-09-30 13:34:55 +00:00
c9e2718f37
Accepting request 1204507 from security
Ana Guerrero2024-09-30 13:34:55 +00:00
90ef868a13
- Update audit-secondary.spec: * Add "Requires: audit-rules" for audit package * Remove preun/postun handling of audit-rules.service - Update to 4.0 - Drop python2 support - Drop auvirt and autrace programs - Drop SysVinit support - Require the use of the 5.0 or later kernel headers - New README.md file - Rewrite legacy service functions in terms of systemctl - Consolidate and update end of event detection to a common function - Split off rule loading from auditd.service into audit-rules.service - Refactor libaudit.h to split out logging functions and record numbers - Speed up aureport --summary reports - Limit libaudit python bindings to logging functions - Add a metrics function for auparse - Change auditctl to use pidfd_send_signal for signaling auditd - Adjust watches to optimize syscalls hooked when watch file access - Drop nispom rules - Add intepretations for fsconfig, fsopen, fsmount, & move_mount - Many code fixups (cgzones) - Update syscall and interpretation tables to the 6.8 kernel (from v3.1.2) - When processing a run level change, make auditd exit - In auditd, fix return code when rules added in immutable mode - In auparse, when files are given, also consider EUID for access - Auparse now interprets unnamed/anonymous sockets (Enzo Matsumiya) - Disable Python bindings from setting rules due to swig bug (S. Trofimovich) - Update all lookup tables for the 6.5 kernel - Don't be as paranoid about auditctl -R file permissions - In ausearch, correct subject/object search to be an and if both are given - Adjust formats for 64 bit time_t - Fix segfault in python bindings around the feed API - Add feed_has_data, get_record_num, and get/goto_field_num to python bindings - Update spec: * Move rules-related files into new subpackage audit-rules': * Files moved: - /sbin/auditctl, /sbin/augenrules, /etc/audit/{audit.rules,rules.d/audit.rules,audit-stop.rules} - manpages for auditctl, augenrules, and audit.rules - /etc/audit is now owned by audit-rules' as well * Add new file /usr/lib/systemd/system/audit-rules.service * Remove in-house create-augenrules-service.patch that generated augenrules.service systemd unit service * Remove ownership of /usr/share/audit * Create /usr/share/audit-rules directory on %install * Remove audit-userspace-517-compat.patch (fixed upstream) * Remove libev-werror.patch (fixed upstream) * Remove audit-allow-manual-stop.patch (fixed upstream) * Add fix-auparse-test.patch (downstream): Upstream tests uses a static value (42) for 'gdm' uid/gid (based on Fedora values, apparently). Replace these occurrences with 'unknown(123456)' * Replace '--with-python' with '--with-python3' on %configure * Remove autrace and auvirt references (upstream) * Replace README with README.md - Drop `--enable-systemd' from %configure as SysV-style scripts aren't supported in upstream since 113ae191758c ("Drop support for SysVinit")
Marcus Meissner2024-09-29 09:40:50 +00:00
eab2c91052
Accepting request 1204197 from home:ematsumiya:branches:security
Marcus Meissner2024-09-29 09:40:50 +00:00
8360963980
Accepting request 1201645 from home:wfrisch:branches:security
Wolfgang Frisch2024-09-17 14:40:04 +00:00
42402f11b7
- Update to 4.0 * Includes fixes since v3.1.1 * Enhance support for newer (5.0+) kernels - Update spec: * Move rules-related files into new subpackage audit-rules': * Files moved: - /sbin/auditctl, /sbin/augenrules, /etc/audit/{audit.rules,rules.d/audit.rules,audit-stop.rules} - manpages for auditctl, augenrules, and audit.rules - /etc/audit is now owned by audit-rules' as well * Add new file /usr/lib/systemd/system/audit-rules.service * Remove in-house create-augenrules-service.patch that generated augenrules.service systemd unit service * Remove ownership of /usr/share/audit * Create /usr/share/audit-rules directory on %install * Remove audit-userspace-517-compat.patch (fixed upstream) * Remove libev-werror.patch (fixed upstream) * Remove audit-allow-manual-stop.patch (fixed upstream) * Add fix-auparse-test.patch (downstream): Upstream tests uses a static value (42) for 'gdm' uid/gid (based on Fedora values, apparently). Replace these occurrences with 'unknown(123456)' * Replace '--with-python' with '--with-python3' on %configure * Remove autrace and auvirt references (upstream) * Replace README with README.md - Drop `--enable-systemd' from %configure as SysV-style scripts aren't supported in upstream since 113ae191758c ("Drop support for SysVinit") - Update to 4.0 * Includes fixes since v3.1.1 * Enhance support for newer (5.0+) kernels - Update spec: * Add fix-auparse-test.patch (downstream): Upstream tests uses a static value (42) for 'gdm' uid/gid (based on Fedora values, apparently). Replace these occurrences with 'unknown(123456)' * Replace '--with-python' with '--with-python3' on %configure * Add new headers 'audit_logging.h' and 'audit-records.h' for audit-devel
Wolfgang Frisch2024-09-17 08:11:59 +00:00
b28e51b93c
Accepting request 1199724 from home:ematsumiya:branches:security
Wolfgang Frisch2024-09-17 08:11:59 +00:00
ac660bee23
Accepting request 1195098 from security
Ana Guerrero2024-08-22 16:10:26 +00:00
06998b579e
Accepting request 1195098 from security
Ana Guerrero2024-08-22 16:10:26 +00:00