rpm/audit
SHA256
1
0
Fork 0
forked from pool/audit
Code Pull Requests Activity

OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/audit?expand=0&rev=7

Browse Source
This commit is contained in:
OBS User unknown 2007-10-11 16:47:28 +00:00 committed by Git OBS Bridge
parent e01a00e9c6
commit 1a1d70706a
10 changed files with 94 additions and 104 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
audit-1.5.5.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:c19fa0d43fc034151e6c170857a11918ff27fccb665498a94bd265566e73afd7
size 986306

32
audit-1.6.2-bugs.patch Normal file
View File

@ -0,0 +1,32 @@
From: Steve Grubb <sgrubb@redhat.com>
Subject: Patches for 1.6.2
Upsteam: yes (in 1.6.3)
Misc patches for 1.6.2 audit
--- audit-1.6.2.orig/lib/lookup_table.c 2007-10-05 10:30:25.000000000 -0400
+++ audit-1.6.2/lib/lookup_table.c 2007-10-05 10:32:01.000000000 -0400
@@ -483,7 +483,7 @@ int audit_name_to_msg_type(const char *m
strncpy(buf, msg_type + 8, len);
errno = 0;
return strtol(buf, NULL, 10);
- } else if (isdigit(msg_type)) {
+ } else if (isdigit(*msg_type)) {
errno = 0;
return strtol(msg_type, NULL, 10);
}
--- audit-1.6.2.orig/src/auditd.c 2007-10-05 10:31:35.000000000 -0400
+++ audit-1.6.2/src/auditd.c 2007-10-05 10:30:04.000000000 -0400
@@ -135,8 +135,8 @@ static void distribute_event(struct audi
}
/* Last chance to send...maybe the pipe is empty now. */
- if (attempt)
- dispatch_event(&rep->reply, attempt);
+// if (attempt)
+// dispatch_event(&rep->reply, attempt);
}
/*

3
audit-1.6.2.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:c8168604d14ccbd0db3f8972035fe7e4363925a4aa6b2998d973af659796de5c
size 776148

49
audit-apparmor-types.patch
View File

@ -1,49 +0,0 @@
From: John Johansen <jjohansen@suse.de>
Subject: AppArmor audit types
Upsteam: yes
Update auditd for the extended types supported by AppArmor.
Signed-off-by: John Johansen <jjohansen@suse.de>
---
lib/libaudit.h | 10 ++++++++--
lib/msg_typetab.h | 8 +++++++-
2 files changed, 15 insertions(+), 3 deletions(-)
--- a/lib/libaudit.h
+++ b/lib/libaudit.h
@@ -131,8 +131,14 @@ extern "C" {
#endif
#define AUDIT_FIRST_APPARMOR 1500
#define AUDIT_LAST_APPARMOR 1599
-#ifndef AUDIT_SD
-#define AUDIT_SD 1500 /* Not upstream yet */
+#ifndef AUDIT_AA
+#define AUDIT_AA 1500 /* Not upstream yet */
+#define AUDIT_APPARMOR_AUDIT 1501
+#define AUDIT_APPARMOR_ALLOWED 1502
+#define AUDIT_APPARMOR_DENIED 1503
+#define AUDIT_APPARMOR_HINT 1504
+#define AUDIT_APPARMOR_STATUS 1505
+#define AUDIT_APPARMOR_ERROR 1506
#endif
#define AUDIT_FIRST_KERN_CRYPTO_MSG 1600
--- a/lib/msg_typetab.h
+++ b/lib/msg_typetab.h
@@ -105,7 +105,13 @@ _S(AUDIT_MAC_IPSEC_DELSPD, "MA
_S(AUDIT_ANOM_PROMISCUOUS, "ANOM_PROMISCUOUS" )
_S(AUDIT_ANOM_ABEND, "ANOM_ABEND" )
#ifdef WITH_APPARMOR
-_S(AUDIT_SD, "APPARMOR" )
+_S(AUDIT_AA, "APPARMOR" )
+_S(AUDIT_APPARMOR_AUDIT, "APPARMOR_AUDIT" )
+_S(AUDIT_APPARMOR_ALLOWED, "APPARMOR_ALLOWED" )
+_S(AUDIT_APPARMOR_DENIED, "APPARMOR_DENIED" )
+_S(AUDIT_APPARMOR_HINT, "APPARMOR_HINT" )
+_S(AUDIT_APPARMOR_STATUS, "APPARMOR_STATUS" )
+_S(AUDIT_APPARMOR_ERROR, "APPARMOR_ERROR" )
#endif
_S(AUDIT_KERNEL, "KERNEL" )
_S(AUDIT_ANOM_LOGIN_FAILURES, "ANOM_LOGIN_FAILURES" )

6
audit-libs-python.changes
View File

@ -1,3 +1,9 @@
-------------------------------------------------------------------
Wed Oct 10 23:19:29 CEST 2007 - tonyj@suse.de
- Upgrade to 1.6.2
-------------------------------------------------------------------
Wed Jul 25 01:13:09 CEST 2007 - tonyj@suse.de
- Upgrade to 1.5.5

17
audit-libs-python.spec
View File

@ -1,5 +1,5 @@
#
# spec file for package audit-libs-python (Version 1.5.5)
# spec file for package audit-libs-python (Version 1.6.2)
#
# Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany.
# This file and all modifications and additions to the pristine
@ -13,22 +13,21 @@
Name: audit-libs-python
%define _name audit
BuildRequires: audit-devel gcc-c++ pkg-config python-devel swig
Summary: Python bindings for libaudit
Version: 1.5.5
Summary: Python Bindings for libaudit
Version: 1.6.2
Release: 1
License: GPL v2 or later
Group: System/Monitoring
URL: http://people.redhat.com/sgrubb/audit/
Url: http://people.redhat.com/sgrubb/audit/
Source0: audit-%{version}.tar.gz
Patch0: audit-no_sca.patch
Patch1: audit-apparmor-types.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Requires: audit-libs = %( echo `rpm -q --queryformat '%{VERSION}-%{RELEASE}' audit-libs`)
PreReq: %insserv_prereq %fillup_prereq
%description
The audit-libs-python package contains the bindings so that libaudit
can be used by python.
The audit-libs-python package contains the bindings for using libaudit
by python.
@ -39,7 +38,6 @@ Authors:
%prep
%setup -q -n audit-%{version}
%patch0 -p1
%patch1 -p1
%build
#autoreconf -iv --install
@ -68,8 +66,9 @@ rm -rf $RPM_BUILD_ROOT
%{_libdir}/python%{py_ver}/site-packages/_audit.so
%{_libdir}/python%{py_ver}/site-packages/auparse.so
%{_libdir}/python%{py_ver}/site-packages/audit.py*
%changelog
* Wed Oct 10 2007 - tonyj@suse.de
- Upgrade to 1.6.2
* Wed Jul 25 2007 - tonyj@suse.de
- Upgrade to 1.5.5
Drop audit-swig-attribute.patch (upstreamed)

20
audit-no_python.patch
View File

@ -6,8 +6,8 @@ Python code is disabled for audit.spec. Built manually by audit-libs-python.spe
This is apparantly necessary due to the SuSE build system. Bit of a PITA but
there you have it.
--- audit-1.5.1/configure.ac.orig 2007-03-01 01:54:19.977676000 +0100
+++ audit-1.5.1/configure.ac 2007-03-01 02:09:06.032928000 +0100
--- audit-1.6.1/configure.ac.orig 2007-03-01 01:54:19.977676000 +0100
+++ audit-1.6.1/configure.ac 2007-03-01 02:09:06.032928000 +0100
@@ -39,7 +39,7 @@
AM_INIT_AUTOMAKE
AM_PROG_LIBTOOL
@ -21,20 +21,20 @@ there you have it.
if test x$use_apparmor != xno ; then
AC_DEFINE(WITH_APPARMOR,1,[Define if you want to enable AppArmor events.])fi
-AC_OUTPUT(Makefile lib/Makefile auparse/Makefile auparse/test/Makefile src/Makefile src/mt/Makefile swig/Makefile docs/Makefile init.d/Makefile audisp/Makefile bindings/Makefile bindings/python/Makefile)
+#AC_OUTPUT(Makefile lib/Makefile auparse/Makefile auparse/test/Makefile src/Makefile src/mt/Makefile swig/Makefile docs/Makefile init.d/Makefile audisp/Makefile bindings/Makefile bindings/python/Makefile)
+AC_OUTPUT(Makefile lib/Makefile auparse/Makefile auparse/test/Makefile src/Makefile src/mt/Makefile docs/Makefile init.d/Makefile audisp/Makefile)
-AC_OUTPUT(Makefile lib/Makefile auparse/Makefile auparse/test/Makefile src/Makefile src/mt/Makefile swig/Makefile docs/Makefile init.d/Makefile audisp/Makefile audisp/plugins/Makefile audisp/plugins/builtins/Makefile audisp/plugins/ids/Makefile audisp/plugins/remote/Makefile bindings/Makefile bindings/python/Makefile)
+#AC_OUTPUT(Makefile lib/Makefile auparse/Makefile auparse/test/Makefile src/Makefile src/mt/Makefile swig/Makefile docs/Makefile init.d/Makefile audisp/Makefile audisp/plugins/Makefile audisp/plugins/builtins/Makefile audisp/plugins/ids/Makefile audisp/plugins/remote/Makefile bindings/Makefile bindings/python/Makefile)
+AC_OUTPUT(Makefile lib/Makefile auparse/Makefile auparse/test/Makefile src/Makefile src/mt/Makefile docs/Makefile init.d/Makefile audisp/Makefile audisp/plugins/Makefile audisp/plugins/builtins/Makefile audisp/plugins/ids/Makefile audisp/plugins/remote/Makefile)
echo .
echo "
--- audit-1.5.1/Makefile.am.orig 2007-04-05 23:31:18.152428000 +0200
+++ audit-1.5.1/Makefile.am 2007-04-05 23:37:52.670519000 +0200
--- audit-1.6.1/Makefile.am.orig 2007-04-05 23:31:18.152428000 +0200
+++ audit-1.6.1/Makefile.am 2007-04-05 23:37:52.670519000 +0200
@@ -21,7 +21,7 @@
# Rickard E. (Rik) Faith <faith@redhat.com>
#
-SUBDIRS = lib auparse src/mt src audisp swig bindings init.d docs
+SUBDIRS = lib auparse src/mt src audisp init.d docs
EXTRA_DIST = ChangeLog AUTHORS NEWS README sample.rules contrib/capp.rules contrib/nispom.rules contrib/lspp.rules contrib/skeleton.c README-install audit.spec
CONFIG_CLEAN_FILES = Makefile.in aclocal.m4* config.h.* configure debug*.list config/*
EXTRA_DIST = ChangeLog AUTHORS NEWS README README-install audit.spec \
sample.rules contrib/capp.rules contrib/nispom.rules \
contrib/lspp.rules contrib/skeleton.c contrib/avc_snap \

21
audit-no_sca.patch
View File

@ -4,25 +4,26 @@ Upsteam: never
Disable system-config-audit. A Yast equivalent would be useful though.
--- audit-1.5.5/configure.ac.old 2007-07-25 02:13:48.399097000 +0200
+++ audit-1.5.5/configure.ac 2007-07-25 02:14:25.113347000 +0200
--- audit-1.6.1/configure.ac.old 2007-07-25 02:13:48.399097000 +0200
+++ audit-1.6.1/configure.ac 2007-07-25 02:14:25.113347000 +0200
@@ -108,7 +108,6 @@
if test x$use_apparmor != xno ; then
AC_DEFINE(WITH_APPARMOR,1,[Define if you want to enable AppArmor events.])fi
-AC_CONFIG_SUBDIRS([system-config-audit])
AC_OUTPUT(Makefile lib/Makefile auparse/Makefile auparse/test/Makefile src/Makefile src/mt/Makefile swig/Makefile docs/Makefile init.d/Makefile audisp/Makefile bindings/Makefile bindings/python/Makefile)
AC_OUTPUT(Makefile lib/Makefile auparse/Makefile auparse/test/Makefile src/Makefile src/mt/Makefile swig/Makefile docs/Makefile init.d/Makefile audisp/Makefile audisp/plugins/Makefile audisp/plugins/builtins/Makefile audisp/plugins/ids/Makefile audisp/plugins/remote/Makefile bindings/Makefile bindings/python/Makefile)
echo .
--- audit-1.5.5/Makefile.am.old 2007-07-25 02:14:02.108373000 +0200
+++ audit-1.5.5/Makefile.am 2007-07-25 02:14:34.180268000 +0200
@@ -21,7 +21,7 @@
--- audit-1.6.1/Makefile.am.orig 2007-09-18 02:58:06.195934000 +0200
+++ audit-1.6.1/Makefile.am 2007-09-18 02:58:33.272829000 +0200
@@ -21,8 +21,7 @@
# Rickard E. (Rik) Faith <faith@redhat.com>
#
-SUBDIRS = lib auparse src/mt src audisp swig bindings init.d docs system-config-audit
-SUBDIRS = lib auparse src/mt src audisp swig bindings init.d docs \
- system-config-audit
+SUBDIRS = lib auparse src/mt src audisp swig bindings init.d docs
EXTRA_DIST = ChangeLog AUTHORS NEWS README sample.rules contrib/capp.rules contrib/nispom.rules contrib/lspp.rules contrib/skeleton.c README-install audit.spec
CONFIG_CLEAN_FILES = Makefile.in aclocal.m4* config.h.* configure debug*.list config/*
EXTRA_DIST = ChangeLog AUTHORS NEWS README README-install audit.spec \
sample.rules contrib/capp.rules contrib/nispom.rules \
contrib/lspp.rules contrib/skeleton.c contrib/avc_snap \

6
audit.changes
View File

@ -1,3 +1,9 @@
-------------------------------------------------------------------
Wed Oct 10 23:18:24 CEST 2007 - tonyj@suse.de
- Upgrade to 1.6.2
Plus two bugs discovered in Fedora, will be fixed in 1.6.3
-------------------------------------------------------------------
Wed Jul 25 01:13:09 CEST 2007 - tonyj@suse.de

41
audit.spec
View File

@ -1,5 +1,5 @@
#
# spec file for package audit (Version 1.5.5)
# spec file for package audit (Version 1.6.2)
#
# Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany.
# This file and all modifications and additions to the pristine
@ -13,17 +13,17 @@
Name: audit
BuildRequires: gcc-c++
Summary: User Space Tools for 2.6 Kernel Auditing
Version: 1.5.5
Version: 1.6.2
Release: 1
License: GPL v2 or later
Group: System/Monitoring
URL: http://people.redhat.com/sgrubb/audit/
Url: http://people.redhat.com/sgrubb/audit/
Source0: %{name}-%{version}.tar.gz
Source1: auditd.init
Source2: auditd.sysconfig
Patch0: audit-no_sca.patch
Patch1: audit-no_python.patch
Patch2: audit-apparmor-types.patch
Patch2: audit-1.6.2-bugs.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Requires: %{name}-libs = %{version}-%{release}
PreReq: %insserv_prereq %fillup_prereq
@ -67,21 +67,6 @@ libraries.
Authors:
--------
Steve Grubb <sgrubb@redhat.com>
%package audispd-plugins
Summary: Default plugins for the audit dispatcher
License: GPL v2 or later
Group: System/Monitoring
%description audispd-plugins
The audit-audispd-plugins package contains plugin components for the
audit dispatcher (audispd).
Authors:
--------
Steve Grubb <sgrubb@redhat.com>
@ -135,6 +120,10 @@ touch $RPM_BUILD_ROOT/var/log/audit/audit.log
touch $RPM_BUILD_ROOT/etc/{auditd.conf,audit.rules}
# On platforms with 32 & 64 bit libs, we need to coordinate the timestamp
touch -r ./audit.spec $RPM_BUILD_ROOT/etc/libaudit.conf
# Remove the plugin stuff for now
rm -f $RPM_BUILD_ROOT/etc/audisp/plugins.d/au-ids.conf
rm -f $RPM_BUILD_ROOT/etc/audisp/plugins.d/remote.conf
rm -f $RPM_BUILD_ROOT/sbin/audisp-ids
%clean
rm -rf $RPM_BUILD_ROOT
@ -176,10 +165,11 @@ fi
%{_includedir}/auparse.h
%{_includedir}/auparse-defs.h
%{_mandir}/man3/*
%doc contrib/skeleton.c contrib/plugin
%files
%defattr(-,root,root,-)
%doc README COPYING ChangeLog sample.rules contrib/capp.rules contrib/nispom.rules contrib/lspp.rules contrib/skeleton.c init.d/auditd.cron
%doc README COPYING ChangeLog contrib/capp.rules contrib/nispom.rules contrib/lspp.rules contrib/skeleton.c init.d/auditd.cron
%{_mandir}/man8/*
%{_mandir}/man5/*
%attr(750,root,root) /sbin/auditctl
@ -191,17 +181,22 @@ fi
%attr(755,root,root) /sbin/aureport
/etc/init.d/auditd
%dir %attr(750,root,root) /etc/audit
%attr(750,root,root) %dir /etc/audispd
%attr(750,root,root) %dir /etc/audispd/plugins.d
%attr(750,root,root) %dir /etc/audisp
%attr(750,root,root) %dir /etc/audisp/plugins.d
%attr(640,root,root) /etc/audisp/plugins.d/af_unix.conf
%attr(640,root,root) /etc/audisp/plugins.d/syslog.conf
%ghost /etc/auditd.conf
%ghost /etc/audit.rules
%config(noreplace) %attr(640,root,root) /etc/audit/auditd.conf
%config(noreplace) %attr(640,root,root) /etc/audit/audit.rules
%config(noreplace) %attr(640,root,root) /etc/audisp/audispd.conf
/var/adm/fillup-templates/sysconfig.auditd
%dir %attr(700,root,root) /var/log/audit
%ghost %config(noreplace) /var/log/audit/audit.log
%changelog
* Wed Oct 10 2007 - tonyj@suse.de
- Upgrade to 1.6.2
Plus two bugs discovered in Fedora, will be fixed in 1.6.3
* Wed Jul 25 2007 - tonyj@suse.de
- Upgrade to 1.5.5
Correct bug in audit_make_equivalent function (Al Viro)