Accepting request 137972 from home:coolo:branches:openSUSE:Factory

- Update to version 2.2.1, see audit's changes - update to 2.2.1, upstream changelog: 2.2.1 - Add more interpretations in auparse for syscall parameters - Add some interpretations to ausearch for syscall parameters - In ausearch/report and auparse, allocate extra space for node names - Update syscall tables for the 3.3.0 kernel - Update libev to 4.0.4 - Reduce the size of some applications - In auditctl, check usage against euid rather than uid 2.2 - Correct all rules for clock_settime - Fix possible segfault in auparse library - Handle malformed socket addresses better - Improve performance in audit_log_user_message() - Improve performance in writing to the log file in auditd - Syscall update for accept4 and recvmmsg - Update autrace resource usage mode syscall list - Improved sample rules for recent syscalls - Add some debug info to audisp-remote startup and shutdown - Make compiling with Python optional - In auditd, if disk_error_action is ignore, don't syslog anything - Fix some memory leaks - If audispd is stopping, don't restart children - Add support in auditctl for shell escaped filenames (Alexander) - Add search support for virt events (Marcelo Cerri) - Update interpretation tables - Sync auparse's auditd config parser with auditd's parser OBS-URL: https://build.opensuse.org/request/show/137972 OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=39
2012-10-12 13:06:39 +00:00 · 2012-10-12 13:06:39 +00:00 · 1dfe6ebd81
commit 1dfe6ebd81
parent cfd8ce15d5
9 changed files with 82 additions and 100 deletions
--- a/audit-2.1.3.tar.bz2
+++ b/audit-2.1.3.tar.bz2
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:6327318a73e4e38efeacfb0521388d1e6891e416992ff3798d37262395c6c4d3
-size 636030
--- a/audit-2.2.1.tar.gz
+++ b/audit-2.2.1.tar.gz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:9865ca89f5b975ccf25441ddf45a874448f2bba944005aa8cd5e3c3148713a63
+size 877202
--- a/audit-no_python.patch
+++ b/audit-no_python.patch
@ -1,57 +0,0 @@
-From: Tony Jones <tonyj@suse.de>
-Subject: Disable automatic building of python code
-Upsteam: never
-
-Python code is disabled for audit.spec.  Built manually by audit-libs-python.spec.
-This is apparantly necessary due to the SuSE build system.  Bit of a PITA but
-there you have it.
-
---
- Makefile.am         |    4 ++--
- auparse/Makefile.am |    1 -
- configure.ac        |    4 ++--
- 3 files changed, 4 insertions(+), 5 deletions(-)
-
--- a/configure.ac
-+++ b/configure.ac
-@@ -40,7 +40,6 @@ AC_CANONICAL_TARGET
- AM_INIT_AUTOMAKE
- AM_PROG_LIBTOOL
- AC_SUBST(LIBTOOL_DEPS)
-AM_PATH_PYTHON
- OLDLIBS="$LIBS"
- m4_include([src/libev/libev.m4])
- libev_LIBS="$LIBS"
-@@ -231,7 +230,8 @@ AC_SUBST(libev_LIBS)
- AC_SUBST(LIBPRELUDE_CFLAGS)
- AC_SUBST(LIBPRELUDE_LDFLAGS)
- 
-AC_OUTPUT(Makefile lib/Makefile lib/test/Makefile auparse/Makefile auparse/test/Makefile src/Makefile src/mt/Makefile src/libev/Makefile src/test/Makefile swig/Makefile docs/Makefile init.d/Makefile audisp/Makefile audisp/plugins/Makefile audisp/plugins/builtins/Makefile audisp/plugins/prelude/Makefile audisp/plugins/remote/Makefile audisp/plugins/zos-remote/Makefile bindings/Makefile bindings/python/Makefile tools/Makefile tools/aulast/Makefile tools/aulastlog/Makefile tools/ausyscall/Makefile)
-+# SuSE: remove swig/Makefile + bindings/Makefile + bindings/python/Makefile
-+AC_OUTPUT(Makefile lib/Makefile lib/test/Makefile auparse/Makefile auparse/test/Makefile src/Makefile src/mt/Makefile src/libev/Makefile src/test/Makefile docs/Makefile init.d/Makefile audisp/Makefile audisp/plugins/Makefile audisp/plugins/builtins/Makefile audisp/plugins/prelude/Makefile audisp/plugins/remote/Makefile audisp/plugins/zos-remote/Makefile tools/Makefile tools/aulast/Makefile tools/aulastlog/Makefile tools/ausyscall/Makefile)
- 
- echo .
- echo "
--- a/Makefile.am
-+++ b/Makefile.am
-@@ -21,8 +21,8 @@
- #   Rickard E. (Rik) Faith <faith@redhat.com>
- #
- 
-SUBDIRS = lib auparse src/mt src/libev src audisp tools swig bindings init.d \
-	docs
-+# SuSE: remove swig + bindings
-+SUBDIRS = lib auparse src/mt src/libev src audisp tools init.d docs
- EXTRA_DIST = ChangeLog AUTHORS NEWS README INSTALL audit.spec \
- 	contrib/capp.rules contrib/nispom.rules contrib/lspp.rules \
- 	contrib/stig.rules contrib/skeleton.c contrib/avc_snap \
--- a/auparse/Makefile.am
-+++ b/auparse/Makefile.am
-@@ -20,7 +20,6 @@
- #   Steve Grubb <sgrubb@redhat.com>
- #
- 
-SUBDIRS = test
- CLEANFILES = $(BUILT_SOURCES)
- CONFIG_CLEAN_FILES = *.loT *.rej *.orig
- AM_CFLAGS = -fPIC -DPIC -D_GNU_SOURCE -g ${DEBUG}
--- a/audit-secondary.changes
+++ b/audit-secondary.changes
@ -1,3 +1,8 @@
+-------------------------------------------------------------------
+Fri Oct 12 13:00:30 UTC 2012 - coolo@suse.com
+
+- Update to version 2.2.1, see audit's changes
+
 -------------------------------------------------------------------
 Tue Feb 28 21:58:24 UTC 2012 - tonyj@suse.com

--- a/audit-secondary.spec
+++ b/audit-secondary.spec
@ -14,7 +14,6 @@

 # Please submit bugfixes or comments via http://bugs.opensuse.org/
 #
-# nodebuginfo


 %define		_name audit
@ -28,10 +27,10 @@ BuildRequires:  swig
 Summary:        Python Bindings for libaudit
 License:        GPL-2.0+
 Group:          System/Monitoring
-Version:        2.1.3
+Version:        2.2.1
 Release:        0
 Url:            http://people.redhat.com/sgrubb/audit/
-Source0:        audit-%{version}.tar.bz2
+Source0:        http://people.redhat.com/sgrubb/audit/%{_name}-%{version}.tar.gz
 Patch1:         audit-plugins-path.patch
 Requires:       audit = %{version}
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
--- a/audit.changes
+++ b/audit.changes
@ -1,3 +1,49 @@
+-------------------------------------------------------------------
+Fri Oct 12 12:51:13 UTC 2012 - coolo@suse.com
+
+- update to 2.2.1, upstream changelog:
+  2.2.1
+  - Add more interpretations in auparse for syscall parameters 
+  - Add some interpretations to ausearch for syscall parameters
+  - In ausearch/report and auparse, allocate extra space for node names
+  - Update syscall tables for the 3.3.0 kernel
+  - Update libev to 4.0.4
+  - Reduce the size of some applications
+  - In auditctl, check usage against euid rather than uid
+  
+  2.2
+  - Correct all rules for clock_settime
+  - Fix possible segfault in auparse library
+  - Handle malformed socket addresses better
+  - Improve performance in audit_log_user_message() 
+  - Improve performance in writing to the log file in auditd
+  - Syscall update for accept4 and recvmmsg
+  - Update autrace resource usage mode syscall list
+  - Improved sample rules for recent syscalls
+  - Add some debug info to audisp-remote startup and shutdown
+  - Make compiling with Python optional
+  - In auditd, if disk_error_action is ignore, don't syslog anything
+  - Fix some memory leaks
+  - If audispd is stopping, don't restart children
+  - Add support in auditctl for shell escaped filenames (Alexander)
+  - Add search support for virt events (Marcelo Cerri)
+  - Update interpretation tables
+  - Sync auparse's auditd config parser with auditd's parser
+  - In ausearch, also use cwd fields in file name searchs
+  - In ausearch, parse cwd in USER_CMD events
+  - In ausearch, correct parsing of uid in user space events
+  - In ausearch, update parsing of integrity events
+  - Apply some text cleanups from Debian (Russell Coker)
+  - In auditd, relax some permission checks for external apps
+  - Add ROLE_MODIFY event type
+  - In auditctl, new -c option to continue through bad rules but with failed exit
+  - Add auvirt program to do special reporting on virt events (Marcelo Cerri)
+  - Add interfield comparison support to auditctl (Peter Moody)
+  - Update auparse type intepretation for apparmor (Marcelo Cerri)
+  - Increase tcp_max_per_addr maximum to 1024.
+- remove audit-no_python.patch, there is a configure switch for that now
+- remove prereq on sysvinit
+
 -------------------------------------------------------------------
 Tue Feb 28 21:55:39 UTC 2012 - tonyj@suse.com

--- a/audit.spec
+++ b/audit.spec
@ -24,20 +24,19 @@ BuildRequires:  tcpd-devel
 Summary:        User Space Tools for 2.6 Kernel Auditing
 License:        GPL-2.0+
 Group:          System/Monitoring
-Version:        2.1.3
+Version:        2.2.1
 Release:        0
 Url:            http://people.redhat.com/sgrubb/audit/
-Source0:        %{name}-%{version}.tar.bz2
+Source0:        http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
 Source1:        auditd.init
 Source2:        auditd.sysconfig
 Source3:        baselibs.conf
 Source4:        README-BEFORE-ADDING-PATCHES
-Patch1:         audit-no_python.patch
 Patch2:         audit-no_plugins.patch
 Patch3:         audit-no-gss.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 Requires:       %{name}-libs = %{version}
-PreReq:         %insserv_prereq %fillup_prereq sysvinit(syslog)
+PreReq:         %insserv_prereq %fillup_prereq

 %description
 The audit package contains the user space utilities for storing and
@ -78,7 +77,6 @@ libraries.

 %prep
 %setup -q
-%patch1 -p1
 %patch2 -p1
 %patch3 -p1

@ -88,10 +86,9 @@ export CFLAGS="%{optflags} -fno-strict-aliasing"
 export CXXFLAGS="$CFLAGS"
 export LDFLAGS="-Wl,-z,relro,-z,now"
 # no krb support (omit --enable-gssapi-krb5=yes), see audit-no-gss.patch
-%configure --sbindir=/sbin \
-	   --libdir=/%{_lib} --libexecdir=%{_prefix}/lib/%{name} \
+%configure --libexecdir=%{_prefix}/lib/%{name} \
 	   --with-apparmor --with-libwrap --with-libcap-ng=yes \
-	   --disable-static --with-pic
+	   --disable-static --with-pic --without-python
 %{__make} %{?_smp_mflags}

 %install
@ -106,8 +103,12 @@ mkdir -p $RPM_BUILD_ROOT/%{_libdir}
 install -m 0644 lib/libaudit.h $RPM_BUILD_ROOT/%{_includedir}

 for libname in libaudit libauparse;do
-%{__ln_s} -v /%{_lib}/$(readlink %{buildroot}/%{_lib}/$libname.so) %{buildroot}%{_libdir}/$libname.so
-%{__rm} -v %{buildroot}/%{_lib}/$libname.{so,la}
+  %{__rm} -v %{buildroot}/%{_libdir}/$libname.la
+done
+
+# USR-MERGE
+for prog in auditctl auditd ausearch autrace audispd aureport; do
+  ln -s %{_prefix}/sbin/$prog %{buildroot}/sbin/$prog
 done

 mkdir -p $RPM_BUILD_ROOT/var/adm/fillup-templates
@ -117,7 +118,7 @@ rm -rf $RPM_BUILD_ROOT/etc/sysconfig/auditd
 rm -rf $RPM_BUILD_ROOT/etc/init.d/auditd
 rm -rf $RPM_BUILD_ROOT/etc/rc.d/init.d
 install -c -m 755 %{SOURCE1} $RPM_BUILD_ROOT/etc/init.d/auditd
-ln -s /etc/init.d/auditd $RPM_BUILD_ROOT/sbin/rcauditd
+ln -s /etc/init.d/auditd $RPM_BUILD_ROOT/usr/sbin/rcauditd
 mkdir -p $RPM_BUILD_ROOT/var/log/audit/
 touch $RPM_BUILD_ROOT/var/log/audit/audit.log
 mkdir -p $RPM_BUILD_ROOT/var/spool/audit/
@ -159,19 +160,19 @@ fi

 %files -n libaudit1
 %defattr(-,root,root)
-/%{_lib}/libaudit.*
+%{_libdir}/libaudit.so.*
 %config(noreplace) %attr(640,root,root) /etc/libaudit.conf
 %{_mandir}/man5/libaudit.conf.5*

 %files -n libauparse0
 %defattr(-,root,root)
-/%{_lib}/libauparse.*
+%{_libdir}/libauparse.so.*

 %files devel
 %defattr(-,root,root)
 %doc contrib/skeleton.c contrib/plugin
-%{_libdir}/libaudit.*
-%{_libdir}/libauparse.*
+%{_libdir}/libaudit.so
+%{_libdir}/libauparse.so
 %{_includedir}/libaudit.h
 %{_includedir}/auparse.h
 %{_includedir}/auparse-defs.h
@ -193,16 +194,24 @@ fi
 %attr(644,root,root) %{_mandir}/man5/auditd.conf.5.gz
 %attr(644,root,root) %{_mandir}/man5/audispd.conf.5.gz
 %attr(644,root,root) %{_mandir}/man5/ausearch-expression.5.gz
+%attr(644,root,root) %{_mandir}/man8/auvirt.8.gz
 %attr(750,root,root) /sbin/auditctl
+%attr(750,root,root) /usr/sbin/auditctl
 %attr(750,root,root) /sbin/auditd
+%attr(750,root,root) /usr/sbin/auditd
 %attr(755,root,root) /sbin/ausearch
-%attr(750,root,root) /sbin/rcauditd
+%attr(755,root,root) /usr/sbin/ausearch
+%attr(750,root,root) /usr/sbin/rcauditd
 %attr(750,root,root) /sbin/autrace
+%attr(750,root,root) /usr/sbin/autrace
 %attr(750,root,root) /sbin/audispd
+%attr(750,root,root) /usr/sbin/audispd
 %attr(755,root,root) /usr/bin/aulast
 %attr(755,root,root) /usr/bin/aulastlog
 %attr(755,root,root) /usr/bin/ausyscall
 %attr(755,root,root) /sbin/aureport
+%attr(755,root,root) /usr/sbin/aureport
+%attr(755,root,root) /usr/bin/auvirt
 /etc/init.d/auditd
 %dir %attr(750,root,root) /etc/audit
 %attr(750,root,root) %dir /etc/audisp
--- a/auditd.init
+++ b/auditd.init
@ -39,7 +39,7 @@

 # Check for missing binaries (stale symlinks should not happen)
 # Note: Special treatment of stop for LSB conformance
-AUDITD_BIN=/sbin/auditd
+AUDITD_BIN=/usr/sbin/auditd
 test -x $AUDITD_BIN || { echo "$AUDITD_BIN not installed"; 
 	if [ "$1" = "stop" ]; then exit 0;
 	else exit 5; fi; }
--- a/auditd.sysconfig
+++ b/auditd.sysconfig
@ -1,23 +1,3 @@
-## Path:        System/Auditing
-## Description: Auditing Options
-## Type:        string
-## Default:     auditd
-## ServiceReload: auditd
-## ServiceRestart: auditd
-#
-IDENT="auditd"
-# Type: string
-# Default: ""
-# Add extra options here
-EXTRAOPTIONS=""
-#
-## Type: string
-## Default: "en_US"
-#
-# This is the locale information that audit uses. Its defaulted to en_US.
-# To remove all locale information from audit's environment, set
-# AUDITD_LANG to the empty string or the string "none".
-AUDITD_LANG="en_US"
 #
 ## Type: string
 ## Default: "yes"