From 1a1d70706ac7f65b8d41e6f278752b64b3d2d039682acf6aea2c085d90c175cd Mon Sep 17 00:00:00 2001 From: OBS User unknown Date: Thu, 11 Oct 2007 16:47:28 +0000 Subject: [PATCH] OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/audit?expand=0&rev=7 --- audit-1.5.5.tar.gz | 3 --- audit-1.6.2-bugs.patch | 32 +++++++++++++++++++++++++ audit-1.6.2.tar.gz | 3 +++ audit-apparmor-types.patch | 49 -------------------------------------- audit-libs-python.changes | 6 +++++ audit-libs-python.spec | 17 +++++++------ audit-no_python.patch | 20 ++++++++-------- audit-no_sca.patch | 21 ++++++++-------- audit.changes | 6 +++++ audit.spec | 41 ++++++++++++++----------------- 10 files changed, 94 insertions(+), 104 deletions(-) delete mode 100644 audit-1.5.5.tar.gz create mode 100644 audit-1.6.2-bugs.patch create mode 100644 audit-1.6.2.tar.gz delete mode 100644 audit-apparmor-types.patch diff --git a/audit-1.5.5.tar.gz b/audit-1.5.5.tar.gz deleted file mode 100644 index 245b514..0000000 --- a/audit-1.5.5.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:c19fa0d43fc034151e6c170857a11918ff27fccb665498a94bd265566e73afd7 -size 986306 diff --git a/audit-1.6.2-bugs.patch b/audit-1.6.2-bugs.patch new file mode 100644 index 0000000..2e72cc9 --- /dev/null +++ b/audit-1.6.2-bugs.patch @@ -0,0 +1,32 @@ +From: Steve Grubb +Subject: Patches for 1.6.2 +Upsteam: yes (in 1.6.3) + +Misc patches for 1.6.2 audit + +--- audit-1.6.2.orig/lib/lookup_table.c 2007-10-05 10:30:25.000000000 -0400 ++++ audit-1.6.2/lib/lookup_table.c 2007-10-05 10:32:01.000000000 -0400 +@@ -483,7 +483,7 @@ int audit_name_to_msg_type(const char *m + strncpy(buf, msg_type + 8, len); + errno = 0; + return strtol(buf, NULL, 10); +- } else if (isdigit(msg_type)) { ++ } else if (isdigit(*msg_type)) { + errno = 0; + return strtol(msg_type, NULL, 10); + } + +--- audit-1.6.2.orig/src/auditd.c 2007-10-05 10:31:35.000000000 -0400 ++++ audit-1.6.2/src/auditd.c 2007-10-05 10:30:04.000000000 -0400 +@@ -135,8 +135,8 @@ static void distribute_event(struct audi + } + + /* Last chance to send...maybe the pipe is empty now. */ +- if (attempt) +- dispatch_event(&rep->reply, attempt); ++// if (attempt) ++// dispatch_event(&rep->reply, attempt); + } + + /* + diff --git a/audit-1.6.2.tar.gz b/audit-1.6.2.tar.gz new file mode 100644 index 0000000..466caa6 --- /dev/null +++ b/audit-1.6.2.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:c8168604d14ccbd0db3f8972035fe7e4363925a4aa6b2998d973af659796de5c +size 776148 diff --git a/audit-apparmor-types.patch b/audit-apparmor-types.patch deleted file mode 100644 index ac4e732..0000000 --- a/audit-apparmor-types.patch +++ /dev/null @@ -1,49 +0,0 @@ -From: John Johansen -Subject: AppArmor audit types -Upsteam: yes - -Update auditd for the extended types supported by AppArmor. - -Signed-off-by: John Johansen - ---- - lib/libaudit.h | 10 ++++++++-- - lib/msg_typetab.h | 8 +++++++- - 2 files changed, 15 insertions(+), 3 deletions(-) - ---- a/lib/libaudit.h -+++ b/lib/libaudit.h -@@ -131,8 +131,14 @@ extern "C" { - #endif - #define AUDIT_FIRST_APPARMOR 1500 - #define AUDIT_LAST_APPARMOR 1599 --#ifndef AUDIT_SD --#define AUDIT_SD 1500 /* Not upstream yet */ -+#ifndef AUDIT_AA -+#define AUDIT_AA 1500 /* Not upstream yet */ -+#define AUDIT_APPARMOR_AUDIT 1501 -+#define AUDIT_APPARMOR_ALLOWED 1502 -+#define AUDIT_APPARMOR_DENIED 1503 -+#define AUDIT_APPARMOR_HINT 1504 -+#define AUDIT_APPARMOR_STATUS 1505 -+#define AUDIT_APPARMOR_ERROR 1506 - #endif - - #define AUDIT_FIRST_KERN_CRYPTO_MSG 1600 ---- a/lib/msg_typetab.h -+++ b/lib/msg_typetab.h -@@ -105,7 +105,13 @@ _S(AUDIT_MAC_IPSEC_DELSPD, "MA - _S(AUDIT_ANOM_PROMISCUOUS, "ANOM_PROMISCUOUS" ) - _S(AUDIT_ANOM_ABEND, "ANOM_ABEND" ) - #ifdef WITH_APPARMOR --_S(AUDIT_SD, "APPARMOR" ) -+_S(AUDIT_AA, "APPARMOR" ) -+_S(AUDIT_APPARMOR_AUDIT, "APPARMOR_AUDIT" ) -+_S(AUDIT_APPARMOR_ALLOWED, "APPARMOR_ALLOWED" ) -+_S(AUDIT_APPARMOR_DENIED, "APPARMOR_DENIED" ) -+_S(AUDIT_APPARMOR_HINT, "APPARMOR_HINT" ) -+_S(AUDIT_APPARMOR_STATUS, "APPARMOR_STATUS" ) -+_S(AUDIT_APPARMOR_ERROR, "APPARMOR_ERROR" ) - #endif - _S(AUDIT_KERNEL, "KERNEL" ) - _S(AUDIT_ANOM_LOGIN_FAILURES, "ANOM_LOGIN_FAILURES" ) diff --git a/audit-libs-python.changes b/audit-libs-python.changes index 5e08594..af393a2 100644 --- a/audit-libs-python.changes +++ b/audit-libs-python.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Wed Oct 10 23:19:29 CEST 2007 - tonyj@suse.de + +- Upgrade to 1.6.2 + +------------------------------------------------------------------- Wed Jul 25 01:13:09 CEST 2007 - tonyj@suse.de - Upgrade to 1.5.5 diff --git a/audit-libs-python.spec b/audit-libs-python.spec index b402237..ba0acd9 100644 --- a/audit-libs-python.spec +++ b/audit-libs-python.spec @@ -1,5 +1,5 @@ # -# spec file for package audit-libs-python (Version 1.5.5) +# spec file for package audit-libs-python (Version 1.6.2) # # Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany. # This file and all modifications and additions to the pristine @@ -13,22 +13,21 @@ Name: audit-libs-python %define _name audit BuildRequires: audit-devel gcc-c++ pkg-config python-devel swig -Summary: Python bindings for libaudit -Version: 1.5.5 +Summary: Python Bindings for libaudit +Version: 1.6.2 Release: 1 License: GPL v2 or later Group: System/Monitoring -URL: http://people.redhat.com/sgrubb/audit/ +Url: http://people.redhat.com/sgrubb/audit/ Source0: audit-%{version}.tar.gz Patch0: audit-no_sca.patch -Patch1: audit-apparmor-types.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build Requires: audit-libs = %( echo `rpm -q --queryformat '%{VERSION}-%{RELEASE}' audit-libs`) PreReq: %insserv_prereq %fillup_prereq %description -The audit-libs-python package contains the bindings so that libaudit -can be used by python. +The audit-libs-python package contains the bindings for using libaudit +by python. @@ -39,7 +38,6 @@ Authors: %prep %setup -q -n audit-%{version} %patch0 -p1 -%patch1 -p1 %build #autoreconf -iv --install @@ -68,8 +66,9 @@ rm -rf $RPM_BUILD_ROOT %{_libdir}/python%{py_ver}/site-packages/_audit.so %{_libdir}/python%{py_ver}/site-packages/auparse.so %{_libdir}/python%{py_ver}/site-packages/audit.py* - %changelog +* Wed Oct 10 2007 - tonyj@suse.de +- Upgrade to 1.6.2 * Wed Jul 25 2007 - tonyj@suse.de - Upgrade to 1.5.5 Drop audit-swig-attribute.patch (upstreamed) diff --git a/audit-no_python.patch b/audit-no_python.patch index 56a951e..03ee564 100644 --- a/audit-no_python.patch +++ b/audit-no_python.patch @@ -6,8 +6,8 @@ Python code is disabled for audit.spec. Built manually by audit-libs-python.spe This is apparantly necessary due to the SuSE build system. Bit of a PITA but there you have it. ---- audit-1.5.1/configure.ac.orig 2007-03-01 01:54:19.977676000 +0100 -+++ audit-1.5.1/configure.ac 2007-03-01 02:09:06.032928000 +0100 +--- audit-1.6.1/configure.ac.orig 2007-03-01 01:54:19.977676000 +0100 ++++ audit-1.6.1/configure.ac 2007-03-01 02:09:06.032928000 +0100 @@ -39,7 +39,7 @@ AM_INIT_AUTOMAKE AM_PROG_LIBTOOL @@ -21,20 +21,20 @@ there you have it. if test x$use_apparmor != xno ; then AC_DEFINE(WITH_APPARMOR,1,[Define if you want to enable AppArmor events.])fi --AC_OUTPUT(Makefile lib/Makefile auparse/Makefile auparse/test/Makefile src/Makefile src/mt/Makefile swig/Makefile docs/Makefile init.d/Makefile audisp/Makefile bindings/Makefile bindings/python/Makefile) -+#AC_OUTPUT(Makefile lib/Makefile auparse/Makefile auparse/test/Makefile src/Makefile src/mt/Makefile swig/Makefile docs/Makefile init.d/Makefile audisp/Makefile bindings/Makefile bindings/python/Makefile) -+AC_OUTPUT(Makefile lib/Makefile auparse/Makefile auparse/test/Makefile src/Makefile src/mt/Makefile docs/Makefile init.d/Makefile audisp/Makefile) +-AC_OUTPUT(Makefile lib/Makefile auparse/Makefile auparse/test/Makefile src/Makefile src/mt/Makefile swig/Makefile docs/Makefile init.d/Makefile audisp/Makefile audisp/plugins/Makefile audisp/plugins/builtins/Makefile audisp/plugins/ids/Makefile audisp/plugins/remote/Makefile bindings/Makefile bindings/python/Makefile) ++#AC_OUTPUT(Makefile lib/Makefile auparse/Makefile auparse/test/Makefile src/Makefile src/mt/Makefile swig/Makefile docs/Makefile init.d/Makefile audisp/Makefile audisp/plugins/Makefile audisp/plugins/builtins/Makefile audisp/plugins/ids/Makefile audisp/plugins/remote/Makefile bindings/Makefile bindings/python/Makefile) ++AC_OUTPUT(Makefile lib/Makefile auparse/Makefile auparse/test/Makefile src/Makefile src/mt/Makefile docs/Makefile init.d/Makefile audisp/Makefile audisp/plugins/Makefile audisp/plugins/builtins/Makefile audisp/plugins/ids/Makefile audisp/plugins/remote/Makefile) echo . echo " ---- audit-1.5.1/Makefile.am.orig 2007-04-05 23:31:18.152428000 +0200 -+++ audit-1.5.1/Makefile.am 2007-04-05 23:37:52.670519000 +0200 +--- audit-1.6.1/Makefile.am.orig 2007-04-05 23:31:18.152428000 +0200 ++++ audit-1.6.1/Makefile.am 2007-04-05 23:37:52.670519000 +0200 @@ -21,7 +21,7 @@ # Rickard E. (Rik) Faith # -SUBDIRS = lib auparse src/mt src audisp swig bindings init.d docs +SUBDIRS = lib auparse src/mt src audisp init.d docs - EXTRA_DIST = ChangeLog AUTHORS NEWS README sample.rules contrib/capp.rules contrib/nispom.rules contrib/lspp.rules contrib/skeleton.c README-install audit.spec - CONFIG_CLEAN_FILES = Makefile.in aclocal.m4* config.h.* configure debug*.list config/* - + EXTRA_DIST = ChangeLog AUTHORS NEWS README README-install audit.spec \ + sample.rules contrib/capp.rules contrib/nispom.rules \ + contrib/lspp.rules contrib/skeleton.c contrib/avc_snap \ diff --git a/audit-no_sca.patch b/audit-no_sca.patch index c5ab10c..d43f745 100644 --- a/audit-no_sca.patch +++ b/audit-no_sca.patch @@ -4,25 +4,26 @@ Upsteam: never Disable system-config-audit. A Yast equivalent would be useful though. ---- audit-1.5.5/configure.ac.old 2007-07-25 02:13:48.399097000 +0200 -+++ audit-1.5.5/configure.ac 2007-07-25 02:14:25.113347000 +0200 +--- audit-1.6.1/configure.ac.old 2007-07-25 02:13:48.399097000 +0200 ++++ audit-1.6.1/configure.ac 2007-07-25 02:14:25.113347000 +0200 @@ -108,7 +108,6 @@ if test x$use_apparmor != xno ; then AC_DEFINE(WITH_APPARMOR,1,[Define if you want to enable AppArmor events.])fi -AC_CONFIG_SUBDIRS([system-config-audit]) - AC_OUTPUT(Makefile lib/Makefile auparse/Makefile auparse/test/Makefile src/Makefile src/mt/Makefile swig/Makefile docs/Makefile init.d/Makefile audisp/Makefile bindings/Makefile bindings/python/Makefile) + AC_OUTPUT(Makefile lib/Makefile auparse/Makefile auparse/test/Makefile src/Makefile src/mt/Makefile swig/Makefile docs/Makefile init.d/Makefile audisp/Makefile audisp/plugins/Makefile audisp/plugins/builtins/Makefile audisp/plugins/ids/Makefile audisp/plugins/remote/Makefile bindings/Makefile bindings/python/Makefile) echo . ---- audit-1.5.5/Makefile.am.old 2007-07-25 02:14:02.108373000 +0200 -+++ audit-1.5.5/Makefile.am 2007-07-25 02:14:34.180268000 +0200 -@@ -21,7 +21,7 @@ +--- audit-1.6.1/Makefile.am.orig 2007-09-18 02:58:06.195934000 +0200 ++++ audit-1.6.1/Makefile.am 2007-09-18 02:58:33.272829000 +0200 +@@ -21,8 +21,7 @@ # Rickard E. (Rik) Faith # --SUBDIRS = lib auparse src/mt src audisp swig bindings init.d docs system-config-audit +-SUBDIRS = lib auparse src/mt src audisp swig bindings init.d docs \ +- system-config-audit +SUBDIRS = lib auparse src/mt src audisp swig bindings init.d docs - EXTRA_DIST = ChangeLog AUTHORS NEWS README sample.rules contrib/capp.rules contrib/nispom.rules contrib/lspp.rules contrib/skeleton.c README-install audit.spec - CONFIG_CLEAN_FILES = Makefile.in aclocal.m4* config.h.* configure debug*.list config/* - + EXTRA_DIST = ChangeLog AUTHORS NEWS README README-install audit.spec \ + sample.rules contrib/capp.rules contrib/nispom.rules \ + contrib/lspp.rules contrib/skeleton.c contrib/avc_snap \ diff --git a/audit.changes b/audit.changes index 46bf014..432d97c 100644 --- a/audit.changes +++ b/audit.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Wed Oct 10 23:18:24 CEST 2007 - tonyj@suse.de + +- Upgrade to 1.6.2 + Plus two bugs discovered in Fedora, will be fixed in 1.6.3 + ------------------------------------------------------------------- Wed Jul 25 01:13:09 CEST 2007 - tonyj@suse.de diff --git a/audit.spec b/audit.spec index 5e13942..d69b683 100644 --- a/audit.spec +++ b/audit.spec @@ -1,5 +1,5 @@ # -# spec file for package audit (Version 1.5.5) +# spec file for package audit (Version 1.6.2) # # Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany. # This file and all modifications and additions to the pristine @@ -13,17 +13,17 @@ Name: audit BuildRequires: gcc-c++ Summary: User Space Tools for 2.6 Kernel Auditing -Version: 1.5.5 +Version: 1.6.2 Release: 1 License: GPL v2 or later Group: System/Monitoring -URL: http://people.redhat.com/sgrubb/audit/ +Url: http://people.redhat.com/sgrubb/audit/ Source0: %{name}-%{version}.tar.gz Source1: auditd.init Source2: auditd.sysconfig Patch0: audit-no_sca.patch Patch1: audit-no_python.patch -Patch2: audit-apparmor-types.patch +Patch2: audit-1.6.2-bugs.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build Requires: %{name}-libs = %{version}-%{release} PreReq: %insserv_prereq %fillup_prereq @@ -67,21 +67,6 @@ libraries. -Authors: --------- - Steve Grubb - -%package audispd-plugins -Summary: Default plugins for the audit dispatcher -License: GPL v2 or later -Group: System/Monitoring - -%description audispd-plugins -The audit-audispd-plugins package contains plugin components for the -audit dispatcher (audispd). - - - Authors: -------- Steve Grubb @@ -135,6 +120,10 @@ touch $RPM_BUILD_ROOT/var/log/audit/audit.log touch $RPM_BUILD_ROOT/etc/{auditd.conf,audit.rules} # On platforms with 32 & 64 bit libs, we need to coordinate the timestamp touch -r ./audit.spec $RPM_BUILD_ROOT/etc/libaudit.conf +# Remove the plugin stuff for now +rm -f $RPM_BUILD_ROOT/etc/audisp/plugins.d/au-ids.conf +rm -f $RPM_BUILD_ROOT/etc/audisp/plugins.d/remote.conf +rm -f $RPM_BUILD_ROOT/sbin/audisp-ids %clean rm -rf $RPM_BUILD_ROOT @@ -176,10 +165,11 @@ fi %{_includedir}/auparse.h %{_includedir}/auparse-defs.h %{_mandir}/man3/* +%doc contrib/skeleton.c contrib/plugin %files %defattr(-,root,root,-) -%doc README COPYING ChangeLog sample.rules contrib/capp.rules contrib/nispom.rules contrib/lspp.rules contrib/skeleton.c init.d/auditd.cron +%doc README COPYING ChangeLog contrib/capp.rules contrib/nispom.rules contrib/lspp.rules contrib/skeleton.c init.d/auditd.cron %{_mandir}/man8/* %{_mandir}/man5/* %attr(750,root,root) /sbin/auditctl @@ -191,17 +181,22 @@ fi %attr(755,root,root) /sbin/aureport /etc/init.d/auditd %dir %attr(750,root,root) /etc/audit -%attr(750,root,root) %dir /etc/audispd -%attr(750,root,root) %dir /etc/audispd/plugins.d +%attr(750,root,root) %dir /etc/audisp +%attr(750,root,root) %dir /etc/audisp/plugins.d +%attr(640,root,root) /etc/audisp/plugins.d/af_unix.conf +%attr(640,root,root) /etc/audisp/plugins.d/syslog.conf %ghost /etc/auditd.conf %ghost /etc/audit.rules %config(noreplace) %attr(640,root,root) /etc/audit/auditd.conf %config(noreplace) %attr(640,root,root) /etc/audit/audit.rules +%config(noreplace) %attr(640,root,root) /etc/audisp/audispd.conf /var/adm/fillup-templates/sysconfig.auditd %dir %attr(700,root,root) /var/log/audit %ghost %config(noreplace) /var/log/audit/audit.log - %changelog +* Wed Oct 10 2007 - tonyj@suse.de +- Upgrade to 1.6.2 + Plus two bugs discovered in Fedora, will be fixed in 1.6.3 * Wed Jul 25 2007 - tonyj@suse.de - Upgrade to 1.5.5 Correct bug in audit_make_equivalent function (Al Viro)