From 7cca605a4bbb933e65a8c10d254d8ea7cfc8351f9b8381b971b5fbd03a3978c5 Mon Sep 17 00:00:00 2001 From: OBS User buildservice-autocommit Date: Thu, 18 Mar 2010 14:35:56 +0000 Subject: [PATCH 1/4] Updating link to change in openSUSE:Factory/audit revision 32.0 OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=81fc369541db1b3f9fd7ad1d0bd0caa4 From 11af0b5c5180d20bb16d8461cee7fb3a4f709a46ce4cc23c83db8c94fefca0b2 Mon Sep 17 00:00:00 2001 From: Tony Jones Date: Tue, 4 May 2010 18:46:08 +0000 Subject: [PATCH 2/4] Accepting request 39397 from home:jones_tony:branches:security Copy from home:jones_tony:branches:security/audit via accept of submit request 39397 revision 9. Request was accepted with message: OBS-URL: https://build.opensuse.org/request/show/39397 OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=10 --- audit-1.7.13.tar.bz2 | 3 -- audit-2.0.4.tar.bz2 | 3 ++ audit-no-gss.patch | 2 +- audit-no_plugins.patch | 20 +++++------ audit-no_python.patch | 22 +++++------- audit-no_sca.patch | 27 --------------- audit-secondary.changes | 6 ++++ audit-secondary.spec | 27 ++++++++------- audit.changes | 60 +++++++++++++++++++++++++++++---- audit.spec | 75 +++++++++++++++++++++++------------------ 10 files changed, 139 insertions(+), 106 deletions(-) delete mode 100644 audit-1.7.13.tar.bz2 create mode 100644 audit-2.0.4.tar.bz2 delete mode 100644 audit-no_sca.patch diff --git a/audit-1.7.13.tar.bz2 b/audit-1.7.13.tar.bz2 deleted file mode 100644 index e4f21e8..0000000 --- a/audit-1.7.13.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:053ebd92c6b8c1dac67f6cde59073798eb365c97bb73281b18b09b1b8bee5682 -size 905282 diff --git a/audit-2.0.4.tar.bz2 b/audit-2.0.4.tar.bz2 new file mode 100644 index 0000000..f88e68b --- /dev/null +++ b/audit-2.0.4.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:606e3802f022e11791edb40cd93a1d1708c5fc40db56a2bbbba5fa6e61298a95 +size 617863 diff --git a/audit-no-gss.patch b/audit-no-gss.patch index f5e28d8..527b7dd 100644 --- a/audit-no-gss.patch +++ b/audit-no-gss.patch @@ -8,7 +8,7 @@ but need manual removal here. --- audit-1.7.7/init.d/auditd.conf.orig 2008-09-26 02:40:48.458847000 +0200 +++ audit-1.7.7/init.d/auditd.conf 2008-09-26 02:41:13.600681000 +0200 @@ -26,6 +26,3 @@ - tcp_listen_queue = 5 + tcp_max_per_addr = 1 ##tcp_client_ports = 1024-65535 tcp_client_max_idle = 0 -enable_krb5 = no diff --git a/audit-no_plugins.patch b/audit-no_plugins.patch index 1756242..6a16152 100644 --- a/audit-no_plugins.patch +++ b/audit-no_plugins.patch @@ -5,10 +5,8 @@ Upsteam: never Non builtin plugins is build as part of phase2 by audit-secondary.spec. Conf files for builtins are still installed -Index: audit-1.7.13/audisp/plugins/Makefile.am -=================================================================== ---- audit-1.7.13.orig/audisp/plugins/Makefile.am -+++ audit-1.7.13/audisp/plugins/Makefile.am +--- audit-1.7.2/audisp/plugins/Makefile.am.orig 2008-04-22 17:20:29.022441000 +0200 ++++ audit-1.7.2/audisp/plugins/Makefile.am 2008-04-22 17:20:36.657804000 +0200 @@ -22,7 +22,7 @@ CONFIG_CLEAN_FILES = *.loT *.rej *.orig @@ -18,14 +16,14 @@ Index: audit-1.7.13/audisp/plugins/Makefile.am #SUBDIRS = builtins zos-remote if HAVE_PRELUDE SUBDIRS += prelude -Index: audit-1.7.13/docs/Makefile.am -=================================================================== ---- audit-1.7.13.orig/docs/Makefile.am -+++ audit-1.7.13/docs/Makefile.am -@@ -52,5 +52,5 @@ ausearch_add_expression.3 ausearch_add_t + +--- audit-1.7.2/docs/Makefile.am.orig 2008-04-22 17:21:45.409978000 +0200 ++++ audit-1.7.2/docs/Makefile.am 2008-04-22 17:21:59.923451000 +0200 +@@ -49,6 +49,5 @@ ausearch_clear.3 \ ausearch_next_event.3 ausearch_set_stop.3 \ autrace.8 get_auditfail_action.3 set_aumessage_mode.3 \ --audispd.8 audispd.conf.5 audispd-zos-remote.8 zos-remote.conf.5 -+audispd.8 audispd.conf.5 +-audispd.8 audispd.conf.5 audispd-zos-remote.8 libaudit.conf.5 \ +-zos-remote.conf.5 ++audispd.8 audispd.conf.5 libaudit.conf.5 diff --git a/audit-no_python.patch b/audit-no_python.patch index b325291..2a9bf29 100644 --- a/audit-no_python.patch +++ b/audit-no_python.patch @@ -6,11 +6,9 @@ Python code is disabled for audit.spec. Built manually by audit-libs-python.spe This is apparantly necessary due to the SuSE build system. Bit of a PITA but there you have it. -Index: audit-1.7.13/configure.ac -=================================================================== ---- audit-1.7.13.orig/configure.ac -+++ audit-1.7.13/configure.ac -@@ -39,7 +39,6 @@ AC_CANONICAL_TARGET +--- audit-1.7.7/configure.ac.orig 2008-09-23 01:24:06.345492000 +0200 ++++ audit-1.7.7/configure.ac 2008-09-23 01:25:15.325453000 +0200 +@@ -39,7 +39,6 @@ AM_INIT_AUTOMAKE AM_PROG_LIBTOOL AC_SUBST(LIBTOOL_DEPS) @@ -18,7 +16,7 @@ Index: audit-1.7.13/configure.ac OLDLIBS="$LIBS" m4_include([src/libev/libev.m4]) libev_LIBS="$LIBS" -@@ -202,7 +201,8 @@ AC_SUBST(libev_LIBS) +@@ -195,7 +195,8 @@ AC_SUBST(LIBPRELUDE_CFLAGS) AC_SUBST(LIBPRELUDE_LDFLAGS) @@ -28,10 +26,8 @@ Index: audit-1.7.13/configure.ac echo . echo " -Index: audit-1.7.13/Makefile.am -=================================================================== ---- audit-1.7.13.orig/Makefile.am -+++ audit-1.7.13/Makefile.am +--- audit-1.7.7/Makefile.am.orig 2008-09-23 01:24:26.915901000 +0200 ++++ audit-1.7.7/Makefile.am 2008-09-23 01:25:43.035708000 +0200 @@ -21,8 +21,8 @@ # Rickard E. (Rik) Faith # @@ -43,10 +39,8 @@ Index: audit-1.7.13/Makefile.am EXTRA_DIST = ChangeLog AUTHORS NEWS README INSTALL audit.spec \ contrib/capp.rules contrib/nispom.rules contrib/lspp.rules \ contrib/stig.rules contrib/skeleton.c contrib/avc_snap \ -Index: audit-1.7.13/auparse/Makefile.am -=================================================================== ---- audit-1.7.13.orig/auparse/Makefile.am -+++ audit-1.7.13/auparse/Makefile.am +--- audit-1.7.7/auparse/Makefile.am.orig 2008-09-23 20:45:53.245409000 +0200 ++++ audit-1.7.7/auparse/Makefile.am 2008-09-23 20:46:02.659985000 +0200 @@ -20,7 +20,6 @@ # Steve Grubb # diff --git a/audit-no_sca.patch b/audit-no_sca.patch deleted file mode 100644 index 295cabf..0000000 --- a/audit-no_sca.patch +++ /dev/null @@ -1,27 +0,0 @@ -From: Tony Jones -Subject: Disable system-config-audit -Upsteam: never - -Disable system-config-audit. A Yast equivalent would be useful though. - ---- audit-1.7.7/configure.ac.orig 2008-09-23 00:59:29.976782000 +0200 -+++ audit-1.7.7/configure.ac 2008-09-23 01:19:31.984128000 +0200 -@@ -195,7 +195,6 @@ - AC_SUBST(LIBPRELUDE_CFLAGS) - AC_SUBST(LIBPRELUDE_LDFLAGS) - --AC_CONFIG_SUBDIRS([system-config-audit]) - AC_OUTPUT(Makefile lib/Makefile lib/test/Makefile auparse/Makefile auparse/test/Makefile src/Makefile src/mt/Makefile src/libev/Makefile src/test/Makefile swig/Makefile docs/Makefile init.d/Makefile audisp/Makefile audisp/plugins/Makefile audisp/plugins/builtins/Makefile audisp/plugins/prelude/Makefile audisp/plugins/remote/Makefile audisp/plugins/zos-remote/Makefile bindings/Makefile bindings/python/Makefile tools/Makefile tools/aulast/Makefile tools/aulastlog/Makefile tools/ausyscall/Makefile) - - echo . ---- audit-1.7.7/Makefile.am.orig 2008-09-23 01:20:05.010072000 +0200 -+++ audit-1.7.7/Makefile.am 2008-09-23 01:20:10.039036000 +0200 -@@ -22,7 +22,7 @@ - # - - SUBDIRS = lib auparse src/mt src/libev src audisp tools swig bindings init.d \ -- docs system-config-audit -+ docs - EXTRA_DIST = ChangeLog AUTHORS NEWS README INSTALL audit.spec \ - contrib/capp.rules contrib/nispom.rules contrib/lspp.rules \ - contrib/stig.rules contrib/skeleton.c contrib/avc_snap \ diff --git a/audit-secondary.changes b/audit-secondary.changes index 1ec9d6d..c05ce06 100644 --- a/audit-secondary.changes +++ b/audit-secondary.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Tue May 4 10:51:33 CEST 2010 - tonyj@suse.de + +- Upgrade to version 2.0.4 (see audit.changes for upstream change + history) + ------------------------------------------------------------------- Sat Jun 20 12:33:00 CEST 2009 - cmorve69@yahoo.es diff --git a/audit-secondary.spec b/audit-secondary.spec index ced8996..f3cb88d 100644 --- a/audit-secondary.spec +++ b/audit-secondary.spec @@ -1,5 +1,5 @@ # -# spec file for package audit-secondary (Version 1.7.13) +# spec file for package audit-secondary (Version 2.0.4) # # Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. # @@ -18,24 +18,23 @@ # norootforbuild # nodebuginfo +%define _name audit Name: audit-secondary -%define _name audit -BuildRequires: audit audit-devel gcc-c++ openldap2-devel pkg-config python-devel swig +BuildRequires: gcc-c++ openldap2-devel pkg-config python-devel swig Summary: Python Bindings for libaudit License: GPLv2+ Group: System/Monitoring -Version: 1.7.13 -Release: 5 +Version: 2.0.4 +Release: 1 Url: http://people.redhat.com/sgrubb/audit/ Source0: audit-%{version}.tar.bz2 -Patch0: audit-no_sca.patch Patch1: audit-plugins-path.patch Patch2: audit-as_needed.patch -Requires: audit = %{version}-%{release} -Requires: audit-libs = %{version}-%{release} +Requires: audit = %{version} BuildRoot: %{_tmppath}/%{name}-%{version}-build PreReq: %insserv_prereq %fillup_prereq +BuildRequires: audit-devel = %{version} %description The audit-libs-python package contains the bindings for using libaudit @@ -84,8 +83,7 @@ Authors: rm -rf audisp/plugins/zos-remote/policy # we don't build prelude rm -rf audisp/plugins/prelude -%setup -q -n audit-%{version} -%patch0 -p1 +%setup -q -n %{_name}-%{version} %patch1 -p1 %patch2 @@ -93,8 +91,11 @@ rm -rf audisp/plugins/prelude autoreconf -fi export CFLAGS="%{optflags} -fno-strict-aliasing" export CXXFLAGS="$CFLAGS" -./configure --prefix=%{_prefix} --sbindir=/sbin --mandir=%{_mandir} --libdir=/%{_lib} --sysconfdir=/etc --with-apparmor -make +%configure --sbindir=/sbin \ + --libdir=/%{_lib} --libexecdir=%{_prefix}/lib/%{name} \ + --with-apparmor \ + --disable-static --with-pic +%{__make} %{?jobs:-j%jobs} %install mkdir -p $RPM_BUILD_ROOT/usr/sbin @@ -139,6 +140,8 @@ rm -rf $RPM_BUILD_ROOT %defattr(-,root,root,-) %attr(644,root,root) %{_mandir}/man8/audispd-zos-remote.8.gz %attr(644,root,root) %{_mandir}/man5/zos-remote.conf.5.gz +%attr(750,root,root) %dir /etc/audisp +%attr(750,root,root) %dir /etc/audisp/plugins.d %config(noreplace) %attr(640,root,root) /etc/audisp/plugins.d/audispd-zos-remote.conf %config(noreplace) %attr(640,root,root) /etc/audisp/zos-remote.conf %attr(750,root,root) /usr/sbin/audispd-zos-remote diff --git a/audit.changes b/audit.changes index fc4b4fd..9a17ac1 100644 --- a/audit.changes +++ b/audit.changes @@ -1,12 +1,60 @@ ------------------------------------------------------------------- -Sun Dec 13 15:39:09 CET 2009 - jengelh@medozas.de +Tue May 4 10:51:58 CEST 2010 - tonyj@suse.de -- add baselibs.conf as a source +- Update to version 2.0.4. This is a major version update, + libaudit.so has changed version. There is no backward compatibility. + audit-libs has been split into libaudit1 and libauparse0. -------------------------------------------------------------------- -Tue Nov 3 19:11:33 UTC 2009 - coolo@novell.com - -- updated patches to apply with fuzz=0 +- Redhat changelog for 2.0 - 2.0.4 follows: + * 2.0.4 + - Make alpha processor support optional + - Add support for the arm eabi processor + - add a compatible regexp processing capability to auparse (Miloslav Trmač) + - Fix regression in parsing user space originating records in aureport + - Add tcp_max_per_addr option in auditd.conf to limit concurrent connections + - Rearrange shutdown of auditd to allow DAEMON_END event more time + + * 2.0.3 + - In auditd, tell libev to stop processing a connection when idle timeout + - In auditd, tell libev to stop processing a connection when shutting down + - Interpret CAPSET records in ausearch/auparse + + * 2.0.2 + - If audisp-remote plugin has a queue at exit, use non-zero exit code + - Fix autrace to use the exit filter + - In audisp-remote, add a sigchld handler + - In auditd, check for duplicate remote connections before accepting + - Remove trailing ':' if any are at the end of acct fields in ausearch + - Update remote logging code to do better sanity check of data + - Fix audisp-prelude to prefer files if multiple path records are encountered + - Add libaudit.conf man page + - In auditd, disconnect idle clients + + * 2.0.1 + - Aulast now reads daemon_start events for the kernel version of reboot + - Clarify the man pages for ausearch/report regarding locale and date formats + - Fix getloginuid for python bindings + - Disable the audispd af_unix plugin by default + - Add a couple new init script actions for LSB 3.2 + - In audisp-remote plugin, timeout network reads (#514090) + - Make some error logging in audisp-remote plugin more prominent + - Add audit.rules man page + - Interpret the session field in audit events + + * 2.0 + - Remove system-config-audit + - Get rid of () from userspace originating events + - Removed old syscall rules API - not needed since 2.6.16 + - Remove all use of the old rule structs from API + - Fix uninitialized variable in auditd log rotation + - Add libcap-ng support for audispd plugins + - Removed ancient defines that are part of kernel 2.6.29 headers + - Bump soname number for libaudit + - In auditctl, deprecate the entry filter and move rules to exit filter + - Parse integrity audit records in ausearch/report (Mimi Zohar) + - Updated syscall table for 2.6.31 kernel + - Remove support for the legacy negate syscall rule operator + - In auditd reset syslog warnings if disk space becomes available ------------------------------------------------------------------- Mon Sep 28 16:23:29 CEST 2009 - crrodriguez@suse.de diff --git a/audit.spec b/audit.spec index d6f6840..7f72cf7 100644 --- a/audit.spec +++ b/audit.spec @@ -1,7 +1,7 @@ # -# spec file for package audit (Version 1.7.13) +# spec file for package audit (Version 2.0.4) # -# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2.0.49 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,26 +17,24 @@ # norootforbuild - Name: audit BuildRequires: gcc-c++ tcpd-devel +BuildRequires: kernel-headers >= 2.6.29 Summary: User Space Tools for 2.6 Kernel Auditing -Version: 1.7.13 -Release: 5 +Version: 2.0.4 +Release: 1 License: GPLv2+ Group: System/Monitoring Url: http://people.redhat.com/sgrubb/audit/ Source0: %{name}-%{version}.tar.bz2 Source1: auditd.init Source2: auditd.sysconfig -Source3: baselibs.conf -Patch0: audit-no_sca.patch Patch1: audit-no_python.patch Patch2: audit-no_plugins.patch Patch3: audit-no-gss.patch Patch4: audit-as_needed.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build -Requires: %{name}-libs = %{version}-%{release} +Requires: %{name}-libs = %{version} PreReq: %insserv_prereq %fillup_prereq %description @@ -44,52 +42,57 @@ The audit package contains the user space utilities for storing and processing the audit records generated by the audit subsystem in the Linux 2.6 kernel. - - Authors: -------- Steve Grubb -%package libs +%package -n libaudit1 Summary: Dynamic library for libaudit License: GPLv2+ Group: System/Monitoring -# bug437293 -%ifarch ppc64 -Obsoletes: audit-libs-64bit -%endif -# +Obsoletes: %{name}-libs < 2.0.4 +Provides: %{name}-libs = %{version} -%description libs -The audit-libs package contains the dynamic libraries needed for +%description -n libaudit1 +The libaudit package contains the dynamic libraries needed for applications to use the audit framework. - - Authors: -------- Steve Grubb +%package -n libauparse0 +Summary: Dynamic library for libauparse +License: GPLv2+ +Group: System/Monitoring + +%description -n libauparse0 +The libauparse package contains the dynamic libraries needed to +parse audit records. + +Authors: +-------- + Steve Grubb + + %package devel Summary: Header files and static library for libaudit License: LGPLv2.1+ Group: Development/Libraries/C and C++ -Requires: %{name}-libs = %{version} glibc-devel +Requires: libaudit1 = %{version} +Requires: libauparse0 = %{version} %description devel The audit-devel package contains the static libraries and header files needed for developing applications that need to use the audit framework libraries. - - Authors: -------- Steve Grubb %prep %setup -q -%patch0 -p1 %patch1 -p1 %patch2 -p1 %patch3 -p1 @@ -101,9 +104,9 @@ export CFLAGS="%{optflags} -fno-strict-aliasing" export CXXFLAGS="$CFLAGS" # no krb support (omit --enable-gssapi-krb5=yes), see audit-no-gss.patch %configure --sbindir=/sbin \ - --libdir=/%{_lib} --libexecdir=%{_prefix}/lib/%{name} \ - --with-apparmor --with-libwrap \ - --disable-static --with-pic + --libdir=/%{_lib} --libexecdir=%{_prefix}/lib/%{name} \ + --with-apparmor --with-libwrap --with-libcap-ng=yes \ + --disable-static --with-pic %{__make} %{?jobs:-j%jobs} %install @@ -116,10 +119,12 @@ mkdir -p $RPM_BUILD_ROOT/%{_includedir} mkdir -p $RPM_BUILD_ROOT/%{_libdir} # We manually install this since Makefile doesn't install -m 0644 lib/libaudit.h $RPM_BUILD_ROOT/%{_includedir} + for libname in libaudit libauparse;do %{__ln_s} -v /%{_lib}/$(readlink %{buildroot}/%{_lib}/$libname.so) %{buildroot}%{_libdir}/$libname.so %{__rm} -v %{buildroot}/%{_lib}/$libname.{so,la} done + mkdir -p $RPM_BUILD_ROOT/var/adm/fillup-templates cp %{SOURCE2} $RPM_BUILD_ROOT/var/adm/fillup-templates/sysconfig.auditd # delete redhat script, use ours @@ -135,16 +140,17 @@ touch $RPM_BUILD_ROOT/var/log/audit/audit.log touch $RPM_BUILD_ROOT/etc/{auditd.conf,audit.rules} # On platforms with 32 & 64 bit libs, we need to coordinate the timestamp touch -r ./audit.spec $RPM_BUILD_ROOT/etc/libaudit.conf - %check make check %clean rm -rf $RPM_BUILD_ROOT -%post libs -p /sbin/ldconfig +%post -n libaudit1 -p /sbin/ldconfig +%post -n libauparse0 -p /sbin/ldconfig -%postun libs -p /sbin/ldconfig +%postun -n libaudit1 -p /sbin/ldconfig +%postun -n libauparse0 -p /sbin/ldconfig %post %{fillup_and_insserv -yn auditd auditd} @@ -165,11 +171,15 @@ fi %restart_on_update auditd %{insserv_cleanup} -%files libs +%files -n libaudit1 %defattr(-,root,root) /%{_lib}/libaudit.* -/%{_lib}/libauparse.* %config(noreplace) %attr(640,root,root) /etc/libaudit.conf +%{_mandir}/man5/libaudit.conf.5* + +%files -n libauparse0 +%defattr(-,root,root) +/%{_lib}/libauparse.* %files devel %defattr(-,root,root) @@ -193,6 +203,7 @@ fi %attr(644,root,root) %{_mandir}/man8/aulast.8.gz %attr(644,root,root) %{_mandir}/man8/aulastlog.8.gz %attr(644,root,root) %{_mandir}/man8/ausyscall.8.gz +%attr(644,root,root) %{_mandir}/man7/audit.rules.7.gz %attr(644,root,root) %{_mandir}/man5/auditd.conf.5.gz %attr(644,root,root) %{_mandir}/man5/audispd.conf.5.gz %attr(644,root,root) %{_mandir}/man5/ausearch-expression.5.gz From 4cd295e351c2c3036381d104df2b3a507f3f8cb84a7b4499aab067feeeaaa712 Mon Sep 17 00:00:00 2001 From: OBS User autobuild Date: Wed, 5 May 2010 18:41:23 +0000 Subject: [PATCH 3/4] Accepting request 39398 from security checked in (request 39398) OBS-URL: https://build.opensuse.org/request/show/39398 OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=11 --- audit-1.7.13.tar.bz2 | 3 ++ audit-2.0.4.tar.bz2 | 3 -- audit-no-gss.patch | 2 +- audit-no_plugins.patch | 20 ++++++------ audit-no_python.patch | 22 ++++++++----- audit-no_sca.patch | 27 ++++++++++++++++ audit-secondary.changes | 6 ---- audit-secondary.spec | 27 +++++++--------- audit.changes | 60 ++++------------------------------ audit.spec | 71 +++++++++++++++++------------------------ 10 files changed, 104 insertions(+), 137 deletions(-) create mode 100644 audit-1.7.13.tar.bz2 delete mode 100644 audit-2.0.4.tar.bz2 create mode 100644 audit-no_sca.patch diff --git a/audit-1.7.13.tar.bz2 b/audit-1.7.13.tar.bz2 new file mode 100644 index 0000000..e4f21e8 --- /dev/null +++ b/audit-1.7.13.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:053ebd92c6b8c1dac67f6cde59073798eb365c97bb73281b18b09b1b8bee5682 +size 905282 diff --git a/audit-2.0.4.tar.bz2 b/audit-2.0.4.tar.bz2 deleted file mode 100644 index f88e68b..0000000 --- a/audit-2.0.4.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:606e3802f022e11791edb40cd93a1d1708c5fc40db56a2bbbba5fa6e61298a95 -size 617863 diff --git a/audit-no-gss.patch b/audit-no-gss.patch index 527b7dd..f5e28d8 100644 --- a/audit-no-gss.patch +++ b/audit-no-gss.patch @@ -8,7 +8,7 @@ but need manual removal here. --- audit-1.7.7/init.d/auditd.conf.orig 2008-09-26 02:40:48.458847000 +0200 +++ audit-1.7.7/init.d/auditd.conf 2008-09-26 02:41:13.600681000 +0200 @@ -26,6 +26,3 @@ - tcp_max_per_addr = 1 + tcp_listen_queue = 5 ##tcp_client_ports = 1024-65535 tcp_client_max_idle = 0 -enable_krb5 = no diff --git a/audit-no_plugins.patch b/audit-no_plugins.patch index 6a16152..1756242 100644 --- a/audit-no_plugins.patch +++ b/audit-no_plugins.patch @@ -5,8 +5,10 @@ Upsteam: never Non builtin plugins is build as part of phase2 by audit-secondary.spec. Conf files for builtins are still installed ---- audit-1.7.2/audisp/plugins/Makefile.am.orig 2008-04-22 17:20:29.022441000 +0200 -+++ audit-1.7.2/audisp/plugins/Makefile.am 2008-04-22 17:20:36.657804000 +0200 +Index: audit-1.7.13/audisp/plugins/Makefile.am +=================================================================== +--- audit-1.7.13.orig/audisp/plugins/Makefile.am ++++ audit-1.7.13/audisp/plugins/Makefile.am @@ -22,7 +22,7 @@ CONFIG_CLEAN_FILES = *.loT *.rej *.orig @@ -16,14 +18,14 @@ Conf files for builtins are still installed #SUBDIRS = builtins zos-remote if HAVE_PRELUDE SUBDIRS += prelude - ---- audit-1.7.2/docs/Makefile.am.orig 2008-04-22 17:21:45.409978000 +0200 -+++ audit-1.7.2/docs/Makefile.am 2008-04-22 17:21:59.923451000 +0200 -@@ -49,6 +49,5 @@ +Index: audit-1.7.13/docs/Makefile.am +=================================================================== +--- audit-1.7.13.orig/docs/Makefile.am ++++ audit-1.7.13/docs/Makefile.am +@@ -52,5 +52,5 @@ ausearch_add_expression.3 ausearch_add_t ausearch_clear.3 \ ausearch_next_event.3 ausearch_set_stop.3 \ autrace.8 get_auditfail_action.3 set_aumessage_mode.3 \ --audispd.8 audispd.conf.5 audispd-zos-remote.8 libaudit.conf.5 \ --zos-remote.conf.5 -+audispd.8 audispd.conf.5 libaudit.conf.5 +-audispd.8 audispd.conf.5 audispd-zos-remote.8 zos-remote.conf.5 ++audispd.8 audispd.conf.5 diff --git a/audit-no_python.patch b/audit-no_python.patch index 2a9bf29..b325291 100644 --- a/audit-no_python.patch +++ b/audit-no_python.patch @@ -6,9 +6,11 @@ Python code is disabled for audit.spec. Built manually by audit-libs-python.spe This is apparantly necessary due to the SuSE build system. Bit of a PITA but there you have it. ---- audit-1.7.7/configure.ac.orig 2008-09-23 01:24:06.345492000 +0200 -+++ audit-1.7.7/configure.ac 2008-09-23 01:25:15.325453000 +0200 -@@ -39,7 +39,6 @@ +Index: audit-1.7.13/configure.ac +=================================================================== +--- audit-1.7.13.orig/configure.ac ++++ audit-1.7.13/configure.ac +@@ -39,7 +39,6 @@ AC_CANONICAL_TARGET AM_INIT_AUTOMAKE AM_PROG_LIBTOOL AC_SUBST(LIBTOOL_DEPS) @@ -16,7 +18,7 @@ there you have it. OLDLIBS="$LIBS" m4_include([src/libev/libev.m4]) libev_LIBS="$LIBS" -@@ -195,7 +195,8 @@ +@@ -202,7 +201,8 @@ AC_SUBST(libev_LIBS) AC_SUBST(LIBPRELUDE_CFLAGS) AC_SUBST(LIBPRELUDE_LDFLAGS) @@ -26,8 +28,10 @@ there you have it. echo . echo " ---- audit-1.7.7/Makefile.am.orig 2008-09-23 01:24:26.915901000 +0200 -+++ audit-1.7.7/Makefile.am 2008-09-23 01:25:43.035708000 +0200 +Index: audit-1.7.13/Makefile.am +=================================================================== +--- audit-1.7.13.orig/Makefile.am ++++ audit-1.7.13/Makefile.am @@ -21,8 +21,8 @@ # Rickard E. (Rik) Faith # @@ -39,8 +43,10 @@ there you have it. EXTRA_DIST = ChangeLog AUTHORS NEWS README INSTALL audit.spec \ contrib/capp.rules contrib/nispom.rules contrib/lspp.rules \ contrib/stig.rules contrib/skeleton.c contrib/avc_snap \ ---- audit-1.7.7/auparse/Makefile.am.orig 2008-09-23 20:45:53.245409000 +0200 -+++ audit-1.7.7/auparse/Makefile.am 2008-09-23 20:46:02.659985000 +0200 +Index: audit-1.7.13/auparse/Makefile.am +=================================================================== +--- audit-1.7.13.orig/auparse/Makefile.am ++++ audit-1.7.13/auparse/Makefile.am @@ -20,7 +20,6 @@ # Steve Grubb # diff --git a/audit-no_sca.patch b/audit-no_sca.patch new file mode 100644 index 0000000..295cabf --- /dev/null +++ b/audit-no_sca.patch @@ -0,0 +1,27 @@ +From: Tony Jones +Subject: Disable system-config-audit +Upsteam: never + +Disable system-config-audit. A Yast equivalent would be useful though. + +--- audit-1.7.7/configure.ac.orig 2008-09-23 00:59:29.976782000 +0200 ++++ audit-1.7.7/configure.ac 2008-09-23 01:19:31.984128000 +0200 +@@ -195,7 +195,6 @@ + AC_SUBST(LIBPRELUDE_CFLAGS) + AC_SUBST(LIBPRELUDE_LDFLAGS) + +-AC_CONFIG_SUBDIRS([system-config-audit]) + AC_OUTPUT(Makefile lib/Makefile lib/test/Makefile auparse/Makefile auparse/test/Makefile src/Makefile src/mt/Makefile src/libev/Makefile src/test/Makefile swig/Makefile docs/Makefile init.d/Makefile audisp/Makefile audisp/plugins/Makefile audisp/plugins/builtins/Makefile audisp/plugins/prelude/Makefile audisp/plugins/remote/Makefile audisp/plugins/zos-remote/Makefile bindings/Makefile bindings/python/Makefile tools/Makefile tools/aulast/Makefile tools/aulastlog/Makefile tools/ausyscall/Makefile) + + echo . +--- audit-1.7.7/Makefile.am.orig 2008-09-23 01:20:05.010072000 +0200 ++++ audit-1.7.7/Makefile.am 2008-09-23 01:20:10.039036000 +0200 +@@ -22,7 +22,7 @@ + # + + SUBDIRS = lib auparse src/mt src/libev src audisp tools swig bindings init.d \ +- docs system-config-audit ++ docs + EXTRA_DIST = ChangeLog AUTHORS NEWS README INSTALL audit.spec \ + contrib/capp.rules contrib/nispom.rules contrib/lspp.rules \ + contrib/stig.rules contrib/skeleton.c contrib/avc_snap \ diff --git a/audit-secondary.changes b/audit-secondary.changes index c05ce06..1ec9d6d 100644 --- a/audit-secondary.changes +++ b/audit-secondary.changes @@ -1,9 +1,3 @@ -------------------------------------------------------------------- -Tue May 4 10:51:33 CEST 2010 - tonyj@suse.de - -- Upgrade to version 2.0.4 (see audit.changes for upstream change - history) - ------------------------------------------------------------------- Sat Jun 20 12:33:00 CEST 2009 - cmorve69@yahoo.es diff --git a/audit-secondary.spec b/audit-secondary.spec index f3cb88d..ced8996 100644 --- a/audit-secondary.spec +++ b/audit-secondary.spec @@ -1,5 +1,5 @@ # -# spec file for package audit-secondary (Version 2.0.4) +# spec file for package audit-secondary (Version 1.7.13) # # Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. # @@ -18,23 +18,24 @@ # norootforbuild # nodebuginfo -%define _name audit Name: audit-secondary -BuildRequires: gcc-c++ openldap2-devel pkg-config python-devel swig +%define _name audit +BuildRequires: audit audit-devel gcc-c++ openldap2-devel pkg-config python-devel swig Summary: Python Bindings for libaudit License: GPLv2+ Group: System/Monitoring -Version: 2.0.4 -Release: 1 +Version: 1.7.13 +Release: 5 Url: http://people.redhat.com/sgrubb/audit/ Source0: audit-%{version}.tar.bz2 +Patch0: audit-no_sca.patch Patch1: audit-plugins-path.patch Patch2: audit-as_needed.patch -Requires: audit = %{version} +Requires: audit = %{version}-%{release} +Requires: audit-libs = %{version}-%{release} BuildRoot: %{_tmppath}/%{name}-%{version}-build PreReq: %insserv_prereq %fillup_prereq -BuildRequires: audit-devel = %{version} %description The audit-libs-python package contains the bindings for using libaudit @@ -83,7 +84,8 @@ Authors: rm -rf audisp/plugins/zos-remote/policy # we don't build prelude rm -rf audisp/plugins/prelude -%setup -q -n %{_name}-%{version} +%setup -q -n audit-%{version} +%patch0 -p1 %patch1 -p1 %patch2 @@ -91,11 +93,8 @@ rm -rf audisp/plugins/prelude autoreconf -fi export CFLAGS="%{optflags} -fno-strict-aliasing" export CXXFLAGS="$CFLAGS" -%configure --sbindir=/sbin \ - --libdir=/%{_lib} --libexecdir=%{_prefix}/lib/%{name} \ - --with-apparmor \ - --disable-static --with-pic -%{__make} %{?jobs:-j%jobs} +./configure --prefix=%{_prefix} --sbindir=/sbin --mandir=%{_mandir} --libdir=/%{_lib} --sysconfdir=/etc --with-apparmor +make %install mkdir -p $RPM_BUILD_ROOT/usr/sbin @@ -140,8 +139,6 @@ rm -rf $RPM_BUILD_ROOT %defattr(-,root,root,-) %attr(644,root,root) %{_mandir}/man8/audispd-zos-remote.8.gz %attr(644,root,root) %{_mandir}/man5/zos-remote.conf.5.gz -%attr(750,root,root) %dir /etc/audisp -%attr(750,root,root) %dir /etc/audisp/plugins.d %config(noreplace) %attr(640,root,root) /etc/audisp/plugins.d/audispd-zos-remote.conf %config(noreplace) %attr(640,root,root) /etc/audisp/zos-remote.conf %attr(750,root,root) /usr/sbin/audispd-zos-remote diff --git a/audit.changes b/audit.changes index 9a17ac1..fc4b4fd 100644 --- a/audit.changes +++ b/audit.changes @@ -1,60 +1,12 @@ ------------------------------------------------------------------- -Tue May 4 10:51:58 CEST 2010 - tonyj@suse.de +Sun Dec 13 15:39:09 CET 2009 - jengelh@medozas.de -- Update to version 2.0.4. This is a major version update, - libaudit.so has changed version. There is no backward compatibility. - audit-libs has been split into libaudit1 and libauparse0. +- add baselibs.conf as a source -- Redhat changelog for 2.0 - 2.0.4 follows: - * 2.0.4 - - Make alpha processor support optional - - Add support for the arm eabi processor - - add a compatible regexp processing capability to auparse (Miloslav Trmač) - - Fix regression in parsing user space originating records in aureport - - Add tcp_max_per_addr option in auditd.conf to limit concurrent connections - - Rearrange shutdown of auditd to allow DAEMON_END event more time - - * 2.0.3 - - In auditd, tell libev to stop processing a connection when idle timeout - - In auditd, tell libev to stop processing a connection when shutting down - - Interpret CAPSET records in ausearch/auparse - - * 2.0.2 - - If audisp-remote plugin has a queue at exit, use non-zero exit code - - Fix autrace to use the exit filter - - In audisp-remote, add a sigchld handler - - In auditd, check for duplicate remote connections before accepting - - Remove trailing ':' if any are at the end of acct fields in ausearch - - Update remote logging code to do better sanity check of data - - Fix audisp-prelude to prefer files if multiple path records are encountered - - Add libaudit.conf man page - - In auditd, disconnect idle clients - - * 2.0.1 - - Aulast now reads daemon_start events for the kernel version of reboot - - Clarify the man pages for ausearch/report regarding locale and date formats - - Fix getloginuid for python bindings - - Disable the audispd af_unix plugin by default - - Add a couple new init script actions for LSB 3.2 - - In audisp-remote plugin, timeout network reads (#514090) - - Make some error logging in audisp-remote plugin more prominent - - Add audit.rules man page - - Interpret the session field in audit events - - * 2.0 - - Remove system-config-audit - - Get rid of () from userspace originating events - - Removed old syscall rules API - not needed since 2.6.16 - - Remove all use of the old rule structs from API - - Fix uninitialized variable in auditd log rotation - - Add libcap-ng support for audispd plugins - - Removed ancient defines that are part of kernel 2.6.29 headers - - Bump soname number for libaudit - - In auditctl, deprecate the entry filter and move rules to exit filter - - Parse integrity audit records in ausearch/report (Mimi Zohar) - - Updated syscall table for 2.6.31 kernel - - Remove support for the legacy negate syscall rule operator - - In auditd reset syslog warnings if disk space becomes available +------------------------------------------------------------------- +Tue Nov 3 19:11:33 UTC 2009 - coolo@novell.com + +- updated patches to apply with fuzz=0 ------------------------------------------------------------------- Mon Sep 28 16:23:29 CEST 2009 - crrodriguez@suse.de diff --git a/audit.spec b/audit.spec index 7f72cf7..d6f6840 100644 --- a/audit.spec +++ b/audit.spec @@ -1,7 +1,7 @@ # -# spec file for package audit (Version 2.0.4) +# spec file for package audit (Version 1.7.13) # -# Copyright (c) 2.0.49 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,24 +17,26 @@ # norootforbuild + Name: audit BuildRequires: gcc-c++ tcpd-devel -BuildRequires: kernel-headers >= 2.6.29 Summary: User Space Tools for 2.6 Kernel Auditing -Version: 2.0.4 -Release: 1 +Version: 1.7.13 +Release: 5 License: GPLv2+ Group: System/Monitoring Url: http://people.redhat.com/sgrubb/audit/ Source0: %{name}-%{version}.tar.bz2 Source1: auditd.init Source2: auditd.sysconfig +Source3: baselibs.conf +Patch0: audit-no_sca.patch Patch1: audit-no_python.patch Patch2: audit-no_plugins.patch Patch3: audit-no-gss.patch Patch4: audit-as_needed.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build -Requires: %{name}-libs = %{version} +Requires: %{name}-libs = %{version}-%{release} PreReq: %insserv_prereq %fillup_prereq %description @@ -42,57 +44,52 @@ The audit package contains the user space utilities for storing and processing the audit records generated by the audit subsystem in the Linux 2.6 kernel. + + Authors: -------- Steve Grubb -%package -n libaudit1 +%package libs Summary: Dynamic library for libaudit License: GPLv2+ Group: System/Monitoring -Obsoletes: %{name}-libs < 2.0.4 -Provides: %{name}-libs = %{version} +# bug437293 +%ifarch ppc64 +Obsoletes: audit-libs-64bit +%endif +# -%description -n libaudit1 -The libaudit package contains the dynamic libraries needed for +%description libs +The audit-libs package contains the dynamic libraries needed for applications to use the audit framework. -Authors: --------- - Steve Grubb -%package -n libauparse0 -Summary: Dynamic library for libauparse -License: GPLv2+ -Group: System/Monitoring - -%description -n libauparse0 -The libauparse package contains the dynamic libraries needed to -parse audit records. Authors: -------- Steve Grubb - %package devel Summary: Header files and static library for libaudit License: LGPLv2.1+ Group: Development/Libraries/C and C++ -Requires: libaudit1 = %{version} -Requires: libauparse0 = %{version} +Requires: %{name}-libs = %{version} glibc-devel %description devel The audit-devel package contains the static libraries and header files needed for developing applications that need to use the audit framework libraries. + + Authors: -------- Steve Grubb %prep %setup -q +%patch0 -p1 %patch1 -p1 %patch2 -p1 %patch3 -p1 @@ -104,9 +101,9 @@ export CFLAGS="%{optflags} -fno-strict-aliasing" export CXXFLAGS="$CFLAGS" # no krb support (omit --enable-gssapi-krb5=yes), see audit-no-gss.patch %configure --sbindir=/sbin \ - --libdir=/%{_lib} --libexecdir=%{_prefix}/lib/%{name} \ - --with-apparmor --with-libwrap --with-libcap-ng=yes \ - --disable-static --with-pic + --libdir=/%{_lib} --libexecdir=%{_prefix}/lib/%{name} \ + --with-apparmor --with-libwrap \ + --disable-static --with-pic %{__make} %{?jobs:-j%jobs} %install @@ -119,12 +116,10 @@ mkdir -p $RPM_BUILD_ROOT/%{_includedir} mkdir -p $RPM_BUILD_ROOT/%{_libdir} # We manually install this since Makefile doesn't install -m 0644 lib/libaudit.h $RPM_BUILD_ROOT/%{_includedir} - for libname in libaudit libauparse;do %{__ln_s} -v /%{_lib}/$(readlink %{buildroot}/%{_lib}/$libname.so) %{buildroot}%{_libdir}/$libname.so %{__rm} -v %{buildroot}/%{_lib}/$libname.{so,la} done - mkdir -p $RPM_BUILD_ROOT/var/adm/fillup-templates cp %{SOURCE2} $RPM_BUILD_ROOT/var/adm/fillup-templates/sysconfig.auditd # delete redhat script, use ours @@ -140,17 +135,16 @@ touch $RPM_BUILD_ROOT/var/log/audit/audit.log touch $RPM_BUILD_ROOT/etc/{auditd.conf,audit.rules} # On platforms with 32 & 64 bit libs, we need to coordinate the timestamp touch -r ./audit.spec $RPM_BUILD_ROOT/etc/libaudit.conf + %check make check %clean rm -rf $RPM_BUILD_ROOT -%post -n libaudit1 -p /sbin/ldconfig -%post -n libauparse0 -p /sbin/ldconfig +%post libs -p /sbin/ldconfig -%postun -n libaudit1 -p /sbin/ldconfig -%postun -n libauparse0 -p /sbin/ldconfig +%postun libs -p /sbin/ldconfig %post %{fillup_and_insserv -yn auditd auditd} @@ -171,15 +165,11 @@ fi %restart_on_update auditd %{insserv_cleanup} -%files -n libaudit1 +%files libs %defattr(-,root,root) /%{_lib}/libaudit.* -%config(noreplace) %attr(640,root,root) /etc/libaudit.conf -%{_mandir}/man5/libaudit.conf.5* - -%files -n libauparse0 -%defattr(-,root,root) /%{_lib}/libauparse.* +%config(noreplace) %attr(640,root,root) /etc/libaudit.conf %files devel %defattr(-,root,root) @@ -203,7 +193,6 @@ fi %attr(644,root,root) %{_mandir}/man8/aulast.8.gz %attr(644,root,root) %{_mandir}/man8/aulastlog.8.gz %attr(644,root,root) %{_mandir}/man8/ausyscall.8.gz -%attr(644,root,root) %{_mandir}/man7/audit.rules.7.gz %attr(644,root,root) %{_mandir}/man5/auditd.conf.5.gz %attr(644,root,root) %{_mandir}/man5/audispd.conf.5.gz %attr(644,root,root) %{_mandir}/man5/ausearch-expression.5.gz From 1879b107aa72fd26e61510980faf0faafb93990625a0d5b846c27caa9b3c075c Mon Sep 17 00:00:00 2001 From: OBS User buildservice-autocommit Date: Wed, 5 May 2010 18:41:24 +0000 Subject: [PATCH 4/4] Updating link to change in openSUSE:Factory/audit revision 33.0 OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=2e549d51645610c56d39ee90f5dfd448 --- audit-1.7.13.tar.bz2 | 3 -- audit-2.0.4.tar.bz2 | 3 ++ audit-no-gss.patch | 2 +- audit-no_plugins.patch | 20 ++++++------ audit-no_python.patch | 22 +++++-------- audit-no_sca.patch | 27 ---------------- audit-secondary.changes | 6 ++++ audit-secondary.spec | 27 +++++++++------- audit.changes | 58 +++++++++++++++++++++++++++++++++ audit.spec | 72 +++++++++++++++++++++++++---------------- baselibs.conf | 3 +- 11 files changed, 146 insertions(+), 97 deletions(-) delete mode 100644 audit-1.7.13.tar.bz2 create mode 100644 audit-2.0.4.tar.bz2 delete mode 100644 audit-no_sca.patch diff --git a/audit-1.7.13.tar.bz2 b/audit-1.7.13.tar.bz2 deleted file mode 100644 index e4f21e8..0000000 --- a/audit-1.7.13.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:053ebd92c6b8c1dac67f6cde59073798eb365c97bb73281b18b09b1b8bee5682 -size 905282 diff --git a/audit-2.0.4.tar.bz2 b/audit-2.0.4.tar.bz2 new file mode 100644 index 0000000..f88e68b --- /dev/null +++ b/audit-2.0.4.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:606e3802f022e11791edb40cd93a1d1708c5fc40db56a2bbbba5fa6e61298a95 +size 617863 diff --git a/audit-no-gss.patch b/audit-no-gss.patch index f5e28d8..527b7dd 100644 --- a/audit-no-gss.patch +++ b/audit-no-gss.patch @@ -8,7 +8,7 @@ but need manual removal here. --- audit-1.7.7/init.d/auditd.conf.orig 2008-09-26 02:40:48.458847000 +0200 +++ audit-1.7.7/init.d/auditd.conf 2008-09-26 02:41:13.600681000 +0200 @@ -26,6 +26,3 @@ - tcp_listen_queue = 5 + tcp_max_per_addr = 1 ##tcp_client_ports = 1024-65535 tcp_client_max_idle = 0 -enable_krb5 = no diff --git a/audit-no_plugins.patch b/audit-no_plugins.patch index 1756242..6a16152 100644 --- a/audit-no_plugins.patch +++ b/audit-no_plugins.patch @@ -5,10 +5,8 @@ Upsteam: never Non builtin plugins is build as part of phase2 by audit-secondary.spec. Conf files for builtins are still installed -Index: audit-1.7.13/audisp/plugins/Makefile.am -=================================================================== ---- audit-1.7.13.orig/audisp/plugins/Makefile.am -+++ audit-1.7.13/audisp/plugins/Makefile.am +--- audit-1.7.2/audisp/plugins/Makefile.am.orig 2008-04-22 17:20:29.022441000 +0200 ++++ audit-1.7.2/audisp/plugins/Makefile.am 2008-04-22 17:20:36.657804000 +0200 @@ -22,7 +22,7 @@ CONFIG_CLEAN_FILES = *.loT *.rej *.orig @@ -18,14 +16,14 @@ Index: audit-1.7.13/audisp/plugins/Makefile.am #SUBDIRS = builtins zos-remote if HAVE_PRELUDE SUBDIRS += prelude -Index: audit-1.7.13/docs/Makefile.am -=================================================================== ---- audit-1.7.13.orig/docs/Makefile.am -+++ audit-1.7.13/docs/Makefile.am -@@ -52,5 +52,5 @@ ausearch_add_expression.3 ausearch_add_t + +--- audit-1.7.2/docs/Makefile.am.orig 2008-04-22 17:21:45.409978000 +0200 ++++ audit-1.7.2/docs/Makefile.am 2008-04-22 17:21:59.923451000 +0200 +@@ -49,6 +49,5 @@ ausearch_clear.3 \ ausearch_next_event.3 ausearch_set_stop.3 \ autrace.8 get_auditfail_action.3 set_aumessage_mode.3 \ --audispd.8 audispd.conf.5 audispd-zos-remote.8 zos-remote.conf.5 -+audispd.8 audispd.conf.5 +-audispd.8 audispd.conf.5 audispd-zos-remote.8 libaudit.conf.5 \ +-zos-remote.conf.5 ++audispd.8 audispd.conf.5 libaudit.conf.5 diff --git a/audit-no_python.patch b/audit-no_python.patch index b325291..2a9bf29 100644 --- a/audit-no_python.patch +++ b/audit-no_python.patch @@ -6,11 +6,9 @@ Python code is disabled for audit.spec. Built manually by audit-libs-python.spe This is apparantly necessary due to the SuSE build system. Bit of a PITA but there you have it. -Index: audit-1.7.13/configure.ac -=================================================================== ---- audit-1.7.13.orig/configure.ac -+++ audit-1.7.13/configure.ac -@@ -39,7 +39,6 @@ AC_CANONICAL_TARGET +--- audit-1.7.7/configure.ac.orig 2008-09-23 01:24:06.345492000 +0200 ++++ audit-1.7.7/configure.ac 2008-09-23 01:25:15.325453000 +0200 +@@ -39,7 +39,6 @@ AM_INIT_AUTOMAKE AM_PROG_LIBTOOL AC_SUBST(LIBTOOL_DEPS) @@ -18,7 +16,7 @@ Index: audit-1.7.13/configure.ac OLDLIBS="$LIBS" m4_include([src/libev/libev.m4]) libev_LIBS="$LIBS" -@@ -202,7 +201,8 @@ AC_SUBST(libev_LIBS) +@@ -195,7 +195,8 @@ AC_SUBST(LIBPRELUDE_CFLAGS) AC_SUBST(LIBPRELUDE_LDFLAGS) @@ -28,10 +26,8 @@ Index: audit-1.7.13/configure.ac echo . echo " -Index: audit-1.7.13/Makefile.am -=================================================================== ---- audit-1.7.13.orig/Makefile.am -+++ audit-1.7.13/Makefile.am +--- audit-1.7.7/Makefile.am.orig 2008-09-23 01:24:26.915901000 +0200 ++++ audit-1.7.7/Makefile.am 2008-09-23 01:25:43.035708000 +0200 @@ -21,8 +21,8 @@ # Rickard E. (Rik) Faith # @@ -43,10 +39,8 @@ Index: audit-1.7.13/Makefile.am EXTRA_DIST = ChangeLog AUTHORS NEWS README INSTALL audit.spec \ contrib/capp.rules contrib/nispom.rules contrib/lspp.rules \ contrib/stig.rules contrib/skeleton.c contrib/avc_snap \ -Index: audit-1.7.13/auparse/Makefile.am -=================================================================== ---- audit-1.7.13.orig/auparse/Makefile.am -+++ audit-1.7.13/auparse/Makefile.am +--- audit-1.7.7/auparse/Makefile.am.orig 2008-09-23 20:45:53.245409000 +0200 ++++ audit-1.7.7/auparse/Makefile.am 2008-09-23 20:46:02.659985000 +0200 @@ -20,7 +20,6 @@ # Steve Grubb # diff --git a/audit-no_sca.patch b/audit-no_sca.patch deleted file mode 100644 index 295cabf..0000000 --- a/audit-no_sca.patch +++ /dev/null @@ -1,27 +0,0 @@ -From: Tony Jones -Subject: Disable system-config-audit -Upsteam: never - -Disable system-config-audit. A Yast equivalent would be useful though. - ---- audit-1.7.7/configure.ac.orig 2008-09-23 00:59:29.976782000 +0200 -+++ audit-1.7.7/configure.ac 2008-09-23 01:19:31.984128000 +0200 -@@ -195,7 +195,6 @@ - AC_SUBST(LIBPRELUDE_CFLAGS) - AC_SUBST(LIBPRELUDE_LDFLAGS) - --AC_CONFIG_SUBDIRS([system-config-audit]) - AC_OUTPUT(Makefile lib/Makefile lib/test/Makefile auparse/Makefile auparse/test/Makefile src/Makefile src/mt/Makefile src/libev/Makefile src/test/Makefile swig/Makefile docs/Makefile init.d/Makefile audisp/Makefile audisp/plugins/Makefile audisp/plugins/builtins/Makefile audisp/plugins/prelude/Makefile audisp/plugins/remote/Makefile audisp/plugins/zos-remote/Makefile bindings/Makefile bindings/python/Makefile tools/Makefile tools/aulast/Makefile tools/aulastlog/Makefile tools/ausyscall/Makefile) - - echo . ---- audit-1.7.7/Makefile.am.orig 2008-09-23 01:20:05.010072000 +0200 -+++ audit-1.7.7/Makefile.am 2008-09-23 01:20:10.039036000 +0200 -@@ -22,7 +22,7 @@ - # - - SUBDIRS = lib auparse src/mt src/libev src audisp tools swig bindings init.d \ -- docs system-config-audit -+ docs - EXTRA_DIST = ChangeLog AUTHORS NEWS README INSTALL audit.spec \ - contrib/capp.rules contrib/nispom.rules contrib/lspp.rules \ - contrib/stig.rules contrib/skeleton.c contrib/avc_snap \ diff --git a/audit-secondary.changes b/audit-secondary.changes index 1ec9d6d..c05ce06 100644 --- a/audit-secondary.changes +++ b/audit-secondary.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Tue May 4 10:51:33 CEST 2010 - tonyj@suse.de + +- Upgrade to version 2.0.4 (see audit.changes for upstream change + history) + ------------------------------------------------------------------- Sat Jun 20 12:33:00 CEST 2009 - cmorve69@yahoo.es diff --git a/audit-secondary.spec b/audit-secondary.spec index ced8996..35bc1e7 100644 --- a/audit-secondary.spec +++ b/audit-secondary.spec @@ -1,5 +1,5 @@ # -# spec file for package audit-secondary (Version 1.7.13) +# spec file for package audit-secondary (Version 2.0.4) # # Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. # @@ -18,24 +18,23 @@ # norootforbuild # nodebuginfo +%define _name audit Name: audit-secondary -%define _name audit -BuildRequires: audit audit-devel gcc-c++ openldap2-devel pkg-config python-devel swig +BuildRequires: gcc-c++ openldap2-devel pkg-config python-devel swig Summary: Python Bindings for libaudit License: GPLv2+ Group: System/Monitoring -Version: 1.7.13 -Release: 5 +Version: 2.0.4 +Release: 1 Url: http://people.redhat.com/sgrubb/audit/ Source0: audit-%{version}.tar.bz2 -Patch0: audit-no_sca.patch Patch1: audit-plugins-path.patch Patch2: audit-as_needed.patch -Requires: audit = %{version}-%{release} -Requires: audit-libs = %{version}-%{release} +Requires: audit = %{version} BuildRoot: %{_tmppath}/%{name}-%{version}-build PreReq: %insserv_prereq %fillup_prereq +BuildRequires: audit-devel = %{version} %description The audit-libs-python package contains the bindings for using libaudit @@ -84,8 +83,7 @@ Authors: rm -rf audisp/plugins/zos-remote/policy # we don't build prelude rm -rf audisp/plugins/prelude -%setup -q -n audit-%{version} -%patch0 -p1 +%setup -q -n %{_name}-%{version} %patch1 -p1 %patch2 @@ -93,8 +91,11 @@ rm -rf audisp/plugins/prelude autoreconf -fi export CFLAGS="%{optflags} -fno-strict-aliasing" export CXXFLAGS="$CFLAGS" -./configure --prefix=%{_prefix} --sbindir=/sbin --mandir=%{_mandir} --libdir=/%{_lib} --sysconfdir=/etc --with-apparmor -make +%configure --sbindir=/sbin \ + --libdir=/%{_lib} --libexecdir=%{_prefix}/lib/%{name} \ + --with-apparmor \ + --disable-static --with-pic +%{__make} %{?jobs:-j%jobs} %install mkdir -p $RPM_BUILD_ROOT/usr/sbin @@ -139,6 +140,8 @@ rm -rf $RPM_BUILD_ROOT %defattr(-,root,root,-) %attr(644,root,root) %{_mandir}/man8/audispd-zos-remote.8.gz %attr(644,root,root) %{_mandir}/man5/zos-remote.conf.5.gz +%attr(750,root,root) %dir /etc/audisp +%attr(750,root,root) %dir /etc/audisp/plugins.d %config(noreplace) %attr(640,root,root) /etc/audisp/plugins.d/audispd-zos-remote.conf %config(noreplace) %attr(640,root,root) /etc/audisp/zos-remote.conf %attr(750,root,root) /usr/sbin/audispd-zos-remote diff --git a/audit.changes b/audit.changes index fc4b4fd..d10b998 100644 --- a/audit.changes +++ b/audit.changes @@ -1,3 +1,61 @@ +------------------------------------------------------------------- +Tue May 4 10:51:58 CEST 2010 - tonyj@suse.de + +- Update to version 2.0.4. This is a major version update, + libaudit.so has changed version. There is no backward compatibility. + audit-libs has been split into libaudit1 and libauparse0. + +- Redhat changelog for 2.0 - 2.0.4 follows: + * 2.0.4 + - Make alpha processor support optional + - Add support for the arm eabi processor + - add a compatible regexp processing capability to auparse (Miloslav Trmač) + - Fix regression in parsing user space originating records in aureport + - Add tcp_max_per_addr option in auditd.conf to limit concurrent connections + - Rearrange shutdown of auditd to allow DAEMON_END event more time + + * 2.0.3 + - In auditd, tell libev to stop processing a connection when idle timeout + - In auditd, tell libev to stop processing a connection when shutting down + - Interpret CAPSET records in ausearch/auparse + + * 2.0.2 + - If audisp-remote plugin has a queue at exit, use non-zero exit code + - Fix autrace to use the exit filter + - In audisp-remote, add a sigchld handler + - In auditd, check for duplicate remote connections before accepting + - Remove trailing ':' if any are at the end of acct fields in ausearch + - Update remote logging code to do better sanity check of data + - Fix audisp-prelude to prefer files if multiple path records are encountered + - Add libaudit.conf man page + - In auditd, disconnect idle clients + + * 2.0.1 + - Aulast now reads daemon_start events for the kernel version of reboot + - Clarify the man pages for ausearch/report regarding locale and date formats + - Fix getloginuid for python bindings + - Disable the audispd af_unix plugin by default + - Add a couple new init script actions for LSB 3.2 + - In audisp-remote plugin, timeout network reads (#514090) + - Make some error logging in audisp-remote plugin more prominent + - Add audit.rules man page + - Interpret the session field in audit events + + * 2.0 + - Remove system-config-audit + - Get rid of () from userspace originating events + - Removed old syscall rules API - not needed since 2.6.16 + - Remove all use of the old rule structs from API + - Fix uninitialized variable in auditd log rotation + - Add libcap-ng support for audispd plugins + - Removed ancient defines that are part of kernel 2.6.29 headers + - Bump soname number for libaudit + - In auditctl, deprecate the entry filter and move rules to exit filter + - Parse integrity audit records in ausearch/report (Mimi Zohar) + - Updated syscall table for 2.6.31 kernel + - Remove support for the legacy negate syscall rule operator + - In auditd reset syslog warnings if disk space becomes available + ------------------------------------------------------------------- Sun Dec 13 15:39:09 CET 2009 - jengelh@medozas.de diff --git a/audit.spec b/audit.spec index d6f6840..d4a03f2 100644 --- a/audit.spec +++ b/audit.spec @@ -1,5 +1,5 @@ # -# spec file for package audit (Version 1.7.13) +# spec file for package audit (Version 2.0.4) # # Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. # @@ -20,9 +20,10 @@ Name: audit BuildRequires: gcc-c++ tcpd-devel +BuildRequires: kernel-headers >= 2.6.29 Summary: User Space Tools for 2.6 Kernel Auditing -Version: 1.7.13 -Release: 5 +Version: 2.0.4 +Release: 1 License: GPLv2+ Group: System/Monitoring Url: http://people.redhat.com/sgrubb/audit/ @@ -30,13 +31,12 @@ Source0: %{name}-%{version}.tar.bz2 Source1: auditd.init Source2: auditd.sysconfig Source3: baselibs.conf -Patch0: audit-no_sca.patch Patch1: audit-no_python.patch Patch2: audit-no_plugins.patch Patch3: audit-no-gss.patch Patch4: audit-as_needed.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build -Requires: %{name}-libs = %{version}-%{release} +Requires: %{name}-libs = %{version} PreReq: %insserv_prereq %fillup_prereq %description @@ -44,52 +44,57 @@ The audit package contains the user space utilities for storing and processing the audit records generated by the audit subsystem in the Linux 2.6 kernel. - - Authors: -------- Steve Grubb -%package libs +%package -n libaudit1 Summary: Dynamic library for libaudit License: GPLv2+ Group: System/Monitoring -# bug437293 -%ifarch ppc64 -Obsoletes: audit-libs-64bit -%endif -# +Obsoletes: %{name}-libs < 2.0.4 +Provides: %{name}-libs = %{version} -%description libs -The audit-libs package contains the dynamic libraries needed for +%description -n libaudit1 +The libaudit package contains the dynamic libraries needed for applications to use the audit framework. - - Authors: -------- Steve Grubb +%package -n libauparse0 +Summary: Dynamic library for libauparse +License: GPLv2+ +Group: System/Monitoring + +%description -n libauparse0 +The libauparse package contains the dynamic libraries needed to +parse audit records. + +Authors: +-------- + Steve Grubb + + %package devel Summary: Header files and static library for libaudit License: LGPLv2.1+ Group: Development/Libraries/C and C++ -Requires: %{name}-libs = %{version} glibc-devel +Requires: libaudit1 = %{version} +Requires: libauparse0 = %{version} %description devel The audit-devel package contains the static libraries and header files needed for developing applications that need to use the audit framework libraries. - - Authors: -------- Steve Grubb %prep %setup -q -%patch0 -p1 %patch1 -p1 %patch2 -p1 %patch3 -p1 @@ -101,9 +106,9 @@ export CFLAGS="%{optflags} -fno-strict-aliasing" export CXXFLAGS="$CFLAGS" # no krb support (omit --enable-gssapi-krb5=yes), see audit-no-gss.patch %configure --sbindir=/sbin \ - --libdir=/%{_lib} --libexecdir=%{_prefix}/lib/%{name} \ - --with-apparmor --with-libwrap \ - --disable-static --with-pic + --libdir=/%{_lib} --libexecdir=%{_prefix}/lib/%{name} \ + --with-apparmor --with-libwrap --with-libcap-ng=yes \ + --disable-static --with-pic %{__make} %{?jobs:-j%jobs} %install @@ -116,10 +121,12 @@ mkdir -p $RPM_BUILD_ROOT/%{_includedir} mkdir -p $RPM_BUILD_ROOT/%{_libdir} # We manually install this since Makefile doesn't install -m 0644 lib/libaudit.h $RPM_BUILD_ROOT/%{_includedir} + for libname in libaudit libauparse;do %{__ln_s} -v /%{_lib}/$(readlink %{buildroot}/%{_lib}/$libname.so) %{buildroot}%{_libdir}/$libname.so %{__rm} -v %{buildroot}/%{_lib}/$libname.{so,la} done + mkdir -p $RPM_BUILD_ROOT/var/adm/fillup-templates cp %{SOURCE2} $RPM_BUILD_ROOT/var/adm/fillup-templates/sysconfig.auditd # delete redhat script, use ours @@ -142,9 +149,13 @@ make check %clean rm -rf $RPM_BUILD_ROOT -%post libs -p /sbin/ldconfig +%post -n libaudit1 -p /sbin/ldconfig -%postun libs -p /sbin/ldconfig +%post -n libauparse0 -p /sbin/ldconfig + +%postun -n libaudit1 -p /sbin/ldconfig + +%postun -n libauparse0 -p /sbin/ldconfig %post %{fillup_and_insserv -yn auditd auditd} @@ -165,11 +176,15 @@ fi %restart_on_update auditd %{insserv_cleanup} -%files libs +%files -n libaudit1 %defattr(-,root,root) /%{_lib}/libaudit.* -/%{_lib}/libauparse.* %config(noreplace) %attr(640,root,root) /etc/libaudit.conf +%{_mandir}/man5/libaudit.conf.5* + +%files -n libauparse0 +%defattr(-,root,root) +/%{_lib}/libauparse.* %files devel %defattr(-,root,root) @@ -193,6 +208,7 @@ fi %attr(644,root,root) %{_mandir}/man8/aulast.8.gz %attr(644,root,root) %{_mandir}/man8/aulastlog.8.gz %attr(644,root,root) %{_mandir}/man8/ausyscall.8.gz +%attr(644,root,root) %{_mandir}/man7/audit.rules.7.gz %attr(644,root,root) %{_mandir}/man5/auditd.conf.5.gz %attr(644,root,root) %{_mandir}/man5/audispd.conf.5.gz %attr(644,root,root) %{_mandir}/man5/ausearch-expression.5.gz diff --git a/baselibs.conf b/baselibs.conf index 43b587b..5ea3781 100644 --- a/baselibs.conf +++ b/baselibs.conf @@ -1 +1,2 @@ -audit-libs +libaudit1 +libauparse0