diff --git a/audit-1.7.13.tar.bz2 b/audit-1.7.13.tar.bz2 deleted file mode 100644 index e4f21e8..0000000 --- a/audit-1.7.13.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:053ebd92c6b8c1dac67f6cde59073798eb365c97bb73281b18b09b1b8bee5682 -size 905282 diff --git a/audit-2.0.4.tar.bz2 b/audit-2.0.4.tar.bz2 new file mode 100644 index 0000000..f88e68b --- /dev/null +++ b/audit-2.0.4.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:606e3802f022e11791edb40cd93a1d1708c5fc40db56a2bbbba5fa6e61298a95 +size 617863 diff --git a/audit-no-gss.patch b/audit-no-gss.patch index f5e28d8..527b7dd 100644 --- a/audit-no-gss.patch +++ b/audit-no-gss.patch @@ -8,7 +8,7 @@ but need manual removal here. --- audit-1.7.7/init.d/auditd.conf.orig 2008-09-26 02:40:48.458847000 +0200 +++ audit-1.7.7/init.d/auditd.conf 2008-09-26 02:41:13.600681000 +0200 @@ -26,6 +26,3 @@ - tcp_listen_queue = 5 + tcp_max_per_addr = 1 ##tcp_client_ports = 1024-65535 tcp_client_max_idle = 0 -enable_krb5 = no diff --git a/audit-no_plugins.patch b/audit-no_plugins.patch index 1756242..6a16152 100644 --- a/audit-no_plugins.patch +++ b/audit-no_plugins.patch @@ -5,10 +5,8 @@ Upsteam: never Non builtin plugins is build as part of phase2 by audit-secondary.spec. Conf files for builtins are still installed -Index: audit-1.7.13/audisp/plugins/Makefile.am -=================================================================== ---- audit-1.7.13.orig/audisp/plugins/Makefile.am -+++ audit-1.7.13/audisp/plugins/Makefile.am +--- audit-1.7.2/audisp/plugins/Makefile.am.orig 2008-04-22 17:20:29.022441000 +0200 ++++ audit-1.7.2/audisp/plugins/Makefile.am 2008-04-22 17:20:36.657804000 +0200 @@ -22,7 +22,7 @@ CONFIG_CLEAN_FILES = *.loT *.rej *.orig @@ -18,14 +16,14 @@ Index: audit-1.7.13/audisp/plugins/Makefile.am #SUBDIRS = builtins zos-remote if HAVE_PRELUDE SUBDIRS += prelude -Index: audit-1.7.13/docs/Makefile.am -=================================================================== ---- audit-1.7.13.orig/docs/Makefile.am -+++ audit-1.7.13/docs/Makefile.am -@@ -52,5 +52,5 @@ ausearch_add_expression.3 ausearch_add_t + +--- audit-1.7.2/docs/Makefile.am.orig 2008-04-22 17:21:45.409978000 +0200 ++++ audit-1.7.2/docs/Makefile.am 2008-04-22 17:21:59.923451000 +0200 +@@ -49,6 +49,5 @@ ausearch_clear.3 \ ausearch_next_event.3 ausearch_set_stop.3 \ autrace.8 get_auditfail_action.3 set_aumessage_mode.3 \ --audispd.8 audispd.conf.5 audispd-zos-remote.8 zos-remote.conf.5 -+audispd.8 audispd.conf.5 +-audispd.8 audispd.conf.5 audispd-zos-remote.8 libaudit.conf.5 \ +-zos-remote.conf.5 ++audispd.8 audispd.conf.5 libaudit.conf.5 diff --git a/audit-no_python.patch b/audit-no_python.patch index b325291..2a9bf29 100644 --- a/audit-no_python.patch +++ b/audit-no_python.patch @@ -6,11 +6,9 @@ Python code is disabled for audit.spec. Built manually by audit-libs-python.spe This is apparantly necessary due to the SuSE build system. Bit of a PITA but there you have it. -Index: audit-1.7.13/configure.ac -=================================================================== ---- audit-1.7.13.orig/configure.ac -+++ audit-1.7.13/configure.ac -@@ -39,7 +39,6 @@ AC_CANONICAL_TARGET +--- audit-1.7.7/configure.ac.orig 2008-09-23 01:24:06.345492000 +0200 ++++ audit-1.7.7/configure.ac 2008-09-23 01:25:15.325453000 +0200 +@@ -39,7 +39,6 @@ AM_INIT_AUTOMAKE AM_PROG_LIBTOOL AC_SUBST(LIBTOOL_DEPS) @@ -18,7 +16,7 @@ Index: audit-1.7.13/configure.ac OLDLIBS="$LIBS" m4_include([src/libev/libev.m4]) libev_LIBS="$LIBS" -@@ -202,7 +201,8 @@ AC_SUBST(libev_LIBS) +@@ -195,7 +195,8 @@ AC_SUBST(LIBPRELUDE_CFLAGS) AC_SUBST(LIBPRELUDE_LDFLAGS) @@ -28,10 +26,8 @@ Index: audit-1.7.13/configure.ac echo . echo " -Index: audit-1.7.13/Makefile.am -=================================================================== ---- audit-1.7.13.orig/Makefile.am -+++ audit-1.7.13/Makefile.am +--- audit-1.7.7/Makefile.am.orig 2008-09-23 01:24:26.915901000 +0200 ++++ audit-1.7.7/Makefile.am 2008-09-23 01:25:43.035708000 +0200 @@ -21,8 +21,8 @@ # Rickard E. (Rik) Faith # @@ -43,10 +39,8 @@ Index: audit-1.7.13/Makefile.am EXTRA_DIST = ChangeLog AUTHORS NEWS README INSTALL audit.spec \ contrib/capp.rules contrib/nispom.rules contrib/lspp.rules \ contrib/stig.rules contrib/skeleton.c contrib/avc_snap \ -Index: audit-1.7.13/auparse/Makefile.am -=================================================================== ---- audit-1.7.13.orig/auparse/Makefile.am -+++ audit-1.7.13/auparse/Makefile.am +--- audit-1.7.7/auparse/Makefile.am.orig 2008-09-23 20:45:53.245409000 +0200 ++++ audit-1.7.7/auparse/Makefile.am 2008-09-23 20:46:02.659985000 +0200 @@ -20,7 +20,6 @@ # Steve Grubb # diff --git a/audit-no_sca.patch b/audit-no_sca.patch deleted file mode 100644 index 295cabf..0000000 --- a/audit-no_sca.patch +++ /dev/null @@ -1,27 +0,0 @@ -From: Tony Jones -Subject: Disable system-config-audit -Upsteam: never - -Disable system-config-audit. A Yast equivalent would be useful though. - ---- audit-1.7.7/configure.ac.orig 2008-09-23 00:59:29.976782000 +0200 -+++ audit-1.7.7/configure.ac 2008-09-23 01:19:31.984128000 +0200 -@@ -195,7 +195,6 @@ - AC_SUBST(LIBPRELUDE_CFLAGS) - AC_SUBST(LIBPRELUDE_LDFLAGS) - --AC_CONFIG_SUBDIRS([system-config-audit]) - AC_OUTPUT(Makefile lib/Makefile lib/test/Makefile auparse/Makefile auparse/test/Makefile src/Makefile src/mt/Makefile src/libev/Makefile src/test/Makefile swig/Makefile docs/Makefile init.d/Makefile audisp/Makefile audisp/plugins/Makefile audisp/plugins/builtins/Makefile audisp/plugins/prelude/Makefile audisp/plugins/remote/Makefile audisp/plugins/zos-remote/Makefile bindings/Makefile bindings/python/Makefile tools/Makefile tools/aulast/Makefile tools/aulastlog/Makefile tools/ausyscall/Makefile) - - echo . ---- audit-1.7.7/Makefile.am.orig 2008-09-23 01:20:05.010072000 +0200 -+++ audit-1.7.7/Makefile.am 2008-09-23 01:20:10.039036000 +0200 -@@ -22,7 +22,7 @@ - # - - SUBDIRS = lib auparse src/mt src/libev src audisp tools swig bindings init.d \ -- docs system-config-audit -+ docs - EXTRA_DIST = ChangeLog AUTHORS NEWS README INSTALL audit.spec \ - contrib/capp.rules contrib/nispom.rules contrib/lspp.rules \ - contrib/stig.rules contrib/skeleton.c contrib/avc_snap \ diff --git a/audit-secondary.changes b/audit-secondary.changes index 1ec9d6d..c05ce06 100644 --- a/audit-secondary.changes +++ b/audit-secondary.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Tue May 4 10:51:33 CEST 2010 - tonyj@suse.de + +- Upgrade to version 2.0.4 (see audit.changes for upstream change + history) + ------------------------------------------------------------------- Sat Jun 20 12:33:00 CEST 2009 - cmorve69@yahoo.es diff --git a/audit-secondary.spec b/audit-secondary.spec index ced8996..35bc1e7 100644 --- a/audit-secondary.spec +++ b/audit-secondary.spec @@ -1,5 +1,5 @@ # -# spec file for package audit-secondary (Version 1.7.13) +# spec file for package audit-secondary (Version 2.0.4) # # Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. # @@ -18,24 +18,23 @@ # norootforbuild # nodebuginfo +%define _name audit Name: audit-secondary -%define _name audit -BuildRequires: audit audit-devel gcc-c++ openldap2-devel pkg-config python-devel swig +BuildRequires: gcc-c++ openldap2-devel pkg-config python-devel swig Summary: Python Bindings for libaudit License: GPLv2+ Group: System/Monitoring -Version: 1.7.13 -Release: 5 +Version: 2.0.4 +Release: 1 Url: http://people.redhat.com/sgrubb/audit/ Source0: audit-%{version}.tar.bz2 -Patch0: audit-no_sca.patch Patch1: audit-plugins-path.patch Patch2: audit-as_needed.patch -Requires: audit = %{version}-%{release} -Requires: audit-libs = %{version}-%{release} +Requires: audit = %{version} BuildRoot: %{_tmppath}/%{name}-%{version}-build PreReq: %insserv_prereq %fillup_prereq +BuildRequires: audit-devel = %{version} %description The audit-libs-python package contains the bindings for using libaudit @@ -84,8 +83,7 @@ Authors: rm -rf audisp/plugins/zos-remote/policy # we don't build prelude rm -rf audisp/plugins/prelude -%setup -q -n audit-%{version} -%patch0 -p1 +%setup -q -n %{_name}-%{version} %patch1 -p1 %patch2 @@ -93,8 +91,11 @@ rm -rf audisp/plugins/prelude autoreconf -fi export CFLAGS="%{optflags} -fno-strict-aliasing" export CXXFLAGS="$CFLAGS" -./configure --prefix=%{_prefix} --sbindir=/sbin --mandir=%{_mandir} --libdir=/%{_lib} --sysconfdir=/etc --with-apparmor -make +%configure --sbindir=/sbin \ + --libdir=/%{_lib} --libexecdir=%{_prefix}/lib/%{name} \ + --with-apparmor \ + --disable-static --with-pic +%{__make} %{?jobs:-j%jobs} %install mkdir -p $RPM_BUILD_ROOT/usr/sbin @@ -139,6 +140,8 @@ rm -rf $RPM_BUILD_ROOT %defattr(-,root,root,-) %attr(644,root,root) %{_mandir}/man8/audispd-zos-remote.8.gz %attr(644,root,root) %{_mandir}/man5/zos-remote.conf.5.gz +%attr(750,root,root) %dir /etc/audisp +%attr(750,root,root) %dir /etc/audisp/plugins.d %config(noreplace) %attr(640,root,root) /etc/audisp/plugins.d/audispd-zos-remote.conf %config(noreplace) %attr(640,root,root) /etc/audisp/zos-remote.conf %attr(750,root,root) /usr/sbin/audispd-zos-remote diff --git a/audit.changes b/audit.changes index fc4b4fd..d10b998 100644 --- a/audit.changes +++ b/audit.changes @@ -1,3 +1,61 @@ +------------------------------------------------------------------- +Tue May 4 10:51:58 CEST 2010 - tonyj@suse.de + +- Update to version 2.0.4. This is a major version update, + libaudit.so has changed version. There is no backward compatibility. + audit-libs has been split into libaudit1 and libauparse0. + +- Redhat changelog for 2.0 - 2.0.4 follows: + * 2.0.4 + - Make alpha processor support optional + - Add support for the arm eabi processor + - add a compatible regexp processing capability to auparse (Miloslav Trmač) + - Fix regression in parsing user space originating records in aureport + - Add tcp_max_per_addr option in auditd.conf to limit concurrent connections + - Rearrange shutdown of auditd to allow DAEMON_END event more time + + * 2.0.3 + - In auditd, tell libev to stop processing a connection when idle timeout + - In auditd, tell libev to stop processing a connection when shutting down + - Interpret CAPSET records in ausearch/auparse + + * 2.0.2 + - If audisp-remote plugin has a queue at exit, use non-zero exit code + - Fix autrace to use the exit filter + - In audisp-remote, add a sigchld handler + - In auditd, check for duplicate remote connections before accepting + - Remove trailing ':' if any are at the end of acct fields in ausearch + - Update remote logging code to do better sanity check of data + - Fix audisp-prelude to prefer files if multiple path records are encountered + - Add libaudit.conf man page + - In auditd, disconnect idle clients + + * 2.0.1 + - Aulast now reads daemon_start events for the kernel version of reboot + - Clarify the man pages for ausearch/report regarding locale and date formats + - Fix getloginuid for python bindings + - Disable the audispd af_unix plugin by default + - Add a couple new init script actions for LSB 3.2 + - In audisp-remote plugin, timeout network reads (#514090) + - Make some error logging in audisp-remote plugin more prominent + - Add audit.rules man page + - Interpret the session field in audit events + + * 2.0 + - Remove system-config-audit + - Get rid of () from userspace originating events + - Removed old syscall rules API - not needed since 2.6.16 + - Remove all use of the old rule structs from API + - Fix uninitialized variable in auditd log rotation + - Add libcap-ng support for audispd plugins + - Removed ancient defines that are part of kernel 2.6.29 headers + - Bump soname number for libaudit + - In auditctl, deprecate the entry filter and move rules to exit filter + - Parse integrity audit records in ausearch/report (Mimi Zohar) + - Updated syscall table for 2.6.31 kernel + - Remove support for the legacy negate syscall rule operator + - In auditd reset syslog warnings if disk space becomes available + ------------------------------------------------------------------- Sun Dec 13 15:39:09 CET 2009 - jengelh@medozas.de diff --git a/audit.spec b/audit.spec index d6f6840..d4a03f2 100644 --- a/audit.spec +++ b/audit.spec @@ -1,5 +1,5 @@ # -# spec file for package audit (Version 1.7.13) +# spec file for package audit (Version 2.0.4) # # Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. # @@ -20,9 +20,10 @@ Name: audit BuildRequires: gcc-c++ tcpd-devel +BuildRequires: kernel-headers >= 2.6.29 Summary: User Space Tools for 2.6 Kernel Auditing -Version: 1.7.13 -Release: 5 +Version: 2.0.4 +Release: 1 License: GPLv2+ Group: System/Monitoring Url: http://people.redhat.com/sgrubb/audit/ @@ -30,13 +31,12 @@ Source0: %{name}-%{version}.tar.bz2 Source1: auditd.init Source2: auditd.sysconfig Source3: baselibs.conf -Patch0: audit-no_sca.patch Patch1: audit-no_python.patch Patch2: audit-no_plugins.patch Patch3: audit-no-gss.patch Patch4: audit-as_needed.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build -Requires: %{name}-libs = %{version}-%{release} +Requires: %{name}-libs = %{version} PreReq: %insserv_prereq %fillup_prereq %description @@ -44,52 +44,57 @@ The audit package contains the user space utilities for storing and processing the audit records generated by the audit subsystem in the Linux 2.6 kernel. - - Authors: -------- Steve Grubb -%package libs +%package -n libaudit1 Summary: Dynamic library for libaudit License: GPLv2+ Group: System/Monitoring -# bug437293 -%ifarch ppc64 -Obsoletes: audit-libs-64bit -%endif -# +Obsoletes: %{name}-libs < 2.0.4 +Provides: %{name}-libs = %{version} -%description libs -The audit-libs package contains the dynamic libraries needed for +%description -n libaudit1 +The libaudit package contains the dynamic libraries needed for applications to use the audit framework. - - Authors: -------- Steve Grubb +%package -n libauparse0 +Summary: Dynamic library for libauparse +License: GPLv2+ +Group: System/Monitoring + +%description -n libauparse0 +The libauparse package contains the dynamic libraries needed to +parse audit records. + +Authors: +-------- + Steve Grubb + + %package devel Summary: Header files and static library for libaudit License: LGPLv2.1+ Group: Development/Libraries/C and C++ -Requires: %{name}-libs = %{version} glibc-devel +Requires: libaudit1 = %{version} +Requires: libauparse0 = %{version} %description devel The audit-devel package contains the static libraries and header files needed for developing applications that need to use the audit framework libraries. - - Authors: -------- Steve Grubb %prep %setup -q -%patch0 -p1 %patch1 -p1 %patch2 -p1 %patch3 -p1 @@ -101,9 +106,9 @@ export CFLAGS="%{optflags} -fno-strict-aliasing" export CXXFLAGS="$CFLAGS" # no krb support (omit --enable-gssapi-krb5=yes), see audit-no-gss.patch %configure --sbindir=/sbin \ - --libdir=/%{_lib} --libexecdir=%{_prefix}/lib/%{name} \ - --with-apparmor --with-libwrap \ - --disable-static --with-pic + --libdir=/%{_lib} --libexecdir=%{_prefix}/lib/%{name} \ + --with-apparmor --with-libwrap --with-libcap-ng=yes \ + --disable-static --with-pic %{__make} %{?jobs:-j%jobs} %install @@ -116,10 +121,12 @@ mkdir -p $RPM_BUILD_ROOT/%{_includedir} mkdir -p $RPM_BUILD_ROOT/%{_libdir} # We manually install this since Makefile doesn't install -m 0644 lib/libaudit.h $RPM_BUILD_ROOT/%{_includedir} + for libname in libaudit libauparse;do %{__ln_s} -v /%{_lib}/$(readlink %{buildroot}/%{_lib}/$libname.so) %{buildroot}%{_libdir}/$libname.so %{__rm} -v %{buildroot}/%{_lib}/$libname.{so,la} done + mkdir -p $RPM_BUILD_ROOT/var/adm/fillup-templates cp %{SOURCE2} $RPM_BUILD_ROOT/var/adm/fillup-templates/sysconfig.auditd # delete redhat script, use ours @@ -142,9 +149,13 @@ make check %clean rm -rf $RPM_BUILD_ROOT -%post libs -p /sbin/ldconfig +%post -n libaudit1 -p /sbin/ldconfig -%postun libs -p /sbin/ldconfig +%post -n libauparse0 -p /sbin/ldconfig + +%postun -n libaudit1 -p /sbin/ldconfig + +%postun -n libauparse0 -p /sbin/ldconfig %post %{fillup_and_insserv -yn auditd auditd} @@ -165,11 +176,15 @@ fi %restart_on_update auditd %{insserv_cleanup} -%files libs +%files -n libaudit1 %defattr(-,root,root) /%{_lib}/libaudit.* -/%{_lib}/libauparse.* %config(noreplace) %attr(640,root,root) /etc/libaudit.conf +%{_mandir}/man5/libaudit.conf.5* + +%files -n libauparse0 +%defattr(-,root,root) +/%{_lib}/libauparse.* %files devel %defattr(-,root,root) @@ -193,6 +208,7 @@ fi %attr(644,root,root) %{_mandir}/man8/aulast.8.gz %attr(644,root,root) %{_mandir}/man8/aulastlog.8.gz %attr(644,root,root) %{_mandir}/man8/ausyscall.8.gz +%attr(644,root,root) %{_mandir}/man7/audit.rules.7.gz %attr(644,root,root) %{_mandir}/man5/auditd.conf.5.gz %attr(644,root,root) %{_mandir}/man5/audispd.conf.5.gz %attr(644,root,root) %{_mandir}/man5/ausearch-expression.5.gz diff --git a/baselibs.conf b/baselibs.conf index 43b587b..5ea3781 100644 --- a/baselibs.conf +++ b/baselibs.conf @@ -1 +1,2 @@ -audit-libs +libaudit1 +libauparse0