forked from pool/audit
Accepting request 240712 from security
1 OBS-URL: https://build.opensuse.org/request/show/240712 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/audit?expand=0&rev=73
This commit is contained in:
Stephan Kulow
Git OBS Bridge
commit
30cb942b15
39
audit-ausearch-do-not-require-tclass.patch
Normal file
39
audit-ausearch-do-not-require-tclass.patch
Normal file
@ -0,0 +1,39 @@
|
|||||||
|
From: William Preston <wpreston@suse.com>
|
||||||
|
Subject: ausearch is looking for the "tclass" field in the entries, which doesn't make sense for apparmor.
|
||||||
|
References: bnc#878687
|
||||||
|
References: https://www.redhat.com/archives/linux-audit/2014-May/msg00094.html https://www.redhat.com/archives/linux-audit/2014-June/msg00001.html
|
||||||
|
Upstream: never
|
||||||
|
Signed-off-by: Tony Jones <tonyj@suse.de>
|
||||||
|
|
||||||
|
---
|
||||||
|
src/ausearch-parse.c | 18 ++++++++----------
|
||||||
|
1 file changed, 8 insertions(+), 10 deletions(-)
|
||||||
|
|
||||||
|
--- a/src/ausearch-parse.c
|
||||||
|
+++ b/src/ausearch-parse.c
|
||||||
|
@@ -1735,17 +1735,15 @@ static int parse_avc(const lnode *n, sea
|
||||||
|
|
||||||
|
// Now get the class...its at the end, so we do things different
|
||||||
|
str = strstr(term, "tclass=");
|
||||||
|
- if (str == NULL) {
|
||||||
|
- rc = 9;
|
||||||
|
- goto err;
|
||||||
|
+ if (str) {
|
||||||
|
+ str += 7;
|
||||||
|
+ term = strchr(str, ' ');
|
||||||
|
+ if (term)
|
||||||
|
+ *term = 0;
|
||||||
|
+ an.avc_class = strdup(str);
|
||||||
|
+ if (term)
|
||||||
|
+ *term = ' ';
|
||||||
|
}
|
||||||
|
- str += 7;
|
||||||
|
- term = strchr(str, ' ');
|
||||||
|
- if (term)
|
||||||
|
- *term = 0;
|
||||||
|
- an.avc_class = strdup(str);
|
||||||
|
- if (term)
|
||||||
|
- *term = ' ';
|
||||||
|
|
||||||
|
if (audit_avc_init(s) == 0) {
|
||||||
|
alist_append(s->avc, &an);
|
||||||
@ -1,3 +1,10 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu Jul 10 06:21:55 UTC 2014 - tonyj@suse.com
|
||||||
|
|
||||||
|
- Do not require tclass field to be present when searching for AVC
|
||||||
|
records (bnc#878687)
|
||||||
|
add patch: audit-ausearch-do-not-require-tclass.patch
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Tue Apr 15 00:52:16 UTC 2014 - tonyj@suse.com
|
Tue Apr 15 00:52:16 UTC 2014 - tonyj@suse.com
|
||||||
|
|
||||||
|
|||||||
@ -38,6 +38,7 @@ Patch1: audit-plugins-path.patch
|
|||||||
Patch2: audit-no-gss.patch
|
Patch2: audit-no-gss.patch
|
||||||
Patch3: audit-no_m4_dir.patch
|
Patch3: audit-no_m4_dir.patch
|
||||||
Patch4: audit-allow-manual-stop.patch
|
Patch4: audit-allow-manual-stop.patch
|
||||||
|
Patch5: audit-ausearch-do-not-require-tclass.patch
|
||||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||||
BuildRequires: audit-devel = %{version}
|
BuildRequires: audit-devel = %{version}
|
||||||
BuildRequires: autoconf >= 2.12
|
BuildRequires: autoconf >= 2.12
|
||||||
@ -94,6 +95,7 @@ rm -rf audisp/plugins/prelude
|
|||||||
%patch2 -p1
|
%patch2 -p1
|
||||||
%patch3 -p1
|
%patch3 -p1
|
||||||
%patch4 -p1
|
%patch4 -p1
|
||||||
|
%patch5 -p1
|
||||||
|
|
||||||
%build
|
%build
|
||||||
autoreconf -fi
|
autoreconf -fi
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user