forked from pool/audit
- Update to version 2.6.5:
* Fix segfault on shutdown * Fix hang on startup (#1587995) * Add sleep to script to dump state so file is ready when needed * Add auparse_normalizer support for SOFTWARE_UPDATE event * Mark netlabel events as simple events so that get processed quicker * When audispd is reconfiguring, only SIGHUP plugins with valid pid (#1614833) * Add 30-ospp-v42.rules to meet new Common Criteria requirements * Update lookup tables for the 4.18 kernel * In aureport, fix segfault in file report * Add auparse_normalizer support for labeled networking events * Fix memory leak in audisp-remote plugin when using krb5 transport. (#1622194) * Event aging is off by a second * In ausearch/auparse, correct event ordering to process oldest first * auparse_reset was not clearing everything it should * Add support for AUDIT_MAC_CALIPSO_ADD, AUDIT_MAC_CALIPSO_DEL events * In ausearch/report, lightly parse selinux portion of USER_AVC events * In ausearch/report, limit record size when malformed * In auditd, fix extract_type function for network originating events * In auditd, calculate right size and location for network originating events * Treat all network originating events as VER2 so dispatcher doesn't format it * In audisp-remote do an initial connection attempt (#1625156) * In auditd, allow expression of space left as a percentage (#1650670) * On PPC64LE systems, only allow 64 bit rules (#1462178) * Make some parts of auditd state report optional based on config * Fix ausearch when checkpointing a single file (Burn Alting) * Fix scripting in 31-privileged.rules wrt filecap (#1662516) * In ausearch, do not checkpt if stdin is input source * In libev, remove __cold__ attribute for functions to allow proper hardening * Add tests to configure.ac for openldap support OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=108
This commit is contained in:
parent
4971d594a2
commit
74524fcb73
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:a410694d09fc5708d980a61a5abcb9633a591364f1ecc7e97ad5daef9c898c38
|
||||
size 1123889
|
3
audit-2.8.5.tar.gz
Normal file
3
audit-2.8.5.tar.gz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:0e5d4103646e00f8d1981e1cd2faea7a2ae28e854c31a803e907a383c5e2ecb7
|
||||
size 1140694
|
@ -13,10 +13,10 @@ SUSE since we lack the ability to use a custom stop/restart
|
||||
|
||||
--- a/init.d/auditd.service
|
||||
+++ b/init.d/auditd.service
|
||||
@@ -7,7 +7,6 @@ DefaultDependencies=no
|
||||
After=local-fs.target systemd-tmpfiles-setup.service
|
||||
Conflicts=shutdown.target
|
||||
@@ -11,7 +11,6 @@
|
||||
Before=sysinit.target shutdown.target
|
||||
##Before=shutdown.target
|
||||
Conflicts=shutdown.target
|
||||
-RefuseManualStop=yes
|
||||
ConditionKernelCommandLine=!audit=0
|
||||
Documentation=man:auditd(8) https://github.com/linux-audit/audit-documentation
|
||||
|
24
audit-fno-common.patch
Normal file
24
audit-fno-common.patch
Normal file
@ -0,0 +1,24 @@
|
||||
From: Tony Jones <tonyj@suse.de>
|
||||
Subject: Resolve errors when compiling with -fno-common
|
||||
Git-commmit: 017e6c6ab95df55f34e339d2139def83e5dada1f
|
||||
References: bsc#1160384
|
||||
Upsteam: pending
|
||||
|
||||
Header definitios need to be external when building with -fno-common (which
|
||||
is default in GCC 10).
|
||||
|
||||
Fixes: ff25054df7ed
|
||||
Signed-off-by: Tony Jones <tonyj@suse.de>
|
||||
|
||||
--- a/src/ausearch-common.h
|
||||
+++ b/src/ausearch-common.h
|
||||
@@ -50,7 +50,7 @@ extern pid_t event_pid;
|
||||
extern int event_exact_match;
|
||||
extern uid_t event_uid, event_euid, event_loginuid;
|
||||
extern const char *event_tuid, *event_teuid, *event_tauid;
|
||||
-slist *event_node_list;
|
||||
+extern slist *event_node_list;
|
||||
extern const char *event_comm;
|
||||
extern const char *event_filename;
|
||||
extern const char *event_hostname;
|
||||
|
@ -1,3 +1,46 @@
|
||||
-------------------------------------------------------------------
|
||||
Mon Jan 13 17:39:03 UTC 2020 - Tony Jones <tonyj@suse.com>
|
||||
|
||||
- Update to version 2.6.5:
|
||||
* Fix segfault on shutdown
|
||||
* Fix hang on startup (#1587995)
|
||||
* Add sleep to script to dump state so file is ready when needed
|
||||
* Add auparse_normalizer support for SOFTWARE_UPDATE event
|
||||
* Mark netlabel events as simple events so that get processed quicker
|
||||
* When audispd is reconfiguring, only SIGHUP plugins with valid pid (#1614833)
|
||||
* Add 30-ospp-v42.rules to meet new Common Criteria requirements
|
||||
* Update lookup tables for the 4.18 kernel
|
||||
* In aureport, fix segfault in file report
|
||||
* Add auparse_normalizer support for labeled networking events
|
||||
* Fix memory leak in audisp-remote plugin when using krb5 transport. (#1622194)
|
||||
* Event aging is off by a second
|
||||
* In ausearch/auparse, correct event ordering to process oldest first
|
||||
* auparse_reset was not clearing everything it should
|
||||
* Add support for AUDIT_MAC_CALIPSO_ADD, AUDIT_MAC_CALIPSO_DEL events
|
||||
* In ausearch/report, lightly parse selinux portion of USER_AVC events
|
||||
* In ausearch/report, limit record size when malformed
|
||||
* In auditd, fix extract_type function for network originating events
|
||||
* In auditd, calculate right size and location for network originating events
|
||||
* Treat all network originating events as VER2 so dispatcher doesn't format it
|
||||
* In audisp-remote do an initial connection attempt (#1625156)
|
||||
* In auditd, allow expression of space left as a percentage (#1650670)
|
||||
* On PPC64LE systems, only allow 64 bit rules (#1462178)
|
||||
* Make some parts of auditd state report optional based on config
|
||||
* Fix ausearch when checkpointing a single file (Burn Alting)
|
||||
* Fix scripting in 31-privileged.rules wrt filecap (#1662516)
|
||||
* In ausearch, do not checkpt if stdin is input source
|
||||
* In libev, remove __cold__ attribute for functions to allow proper hardening
|
||||
* Add tests to configure.ac for openldap support
|
||||
* Make systemd support files use /run rather than /var/run (Christian Hesse)
|
||||
* Fix minor memory leak in auditd kerberos credentials code
|
||||
* Fix auditd regression where keep_logs is limited by rotate_logs 2 file test
|
||||
* In ausearch/report fix --end to use midnight time instead of now (#1671338)
|
||||
|
||||
- Fix build errors when using gcc-10 no-common default (bsc#1160384)
|
||||
New patch: audit-fno-common.patch
|
||||
|
||||
- Refresh audit-allow-manual-stop.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Mar 21 10:32:43 UTC 2019 - Jan Engelhardt <jengelh@inai.de>
|
||||
|
||||
|
@ -1,7 +1,7 @@
|
||||
#
|
||||
# spec file for package audit-secondary
|
||||
#
|
||||
# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
|
||||
# Copyright (c) 2020 SUSE LLC
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
@ -22,18 +22,19 @@
|
||||
# The seperation is required to minimize unnecessary build cycles.
|
||||
%define _name audit
|
||||
Name: audit-secondary
|
||||
Version: 2.8.4
|
||||
Version: 2.8.5
|
||||
Release: 0
|
||||
Summary: Linux kernel audit subsystem utilities
|
||||
License: GPL-2.0-or-later
|
||||
Group: System/Monitoring
|
||||
Url: http://people.redhat.com/sgrubb/audit/
|
||||
URL: http://people.redhat.com/sgrubb/audit/
|
||||
Source0: http://people.redhat.com/sgrubb/audit/%{_name}-%{version}.tar.gz
|
||||
Patch1: audit-plugins-path.patch
|
||||
Patch2: audit-no-gss.patch
|
||||
Patch3: audit-allow-manual-stop.patch
|
||||
Patch4: audit-ausearch-do-not-require-tclass.patch
|
||||
Patch5: audit-python3.patch
|
||||
Patch6: audit-fno-common.patch
|
||||
BuildRequires: audit-devel = %{version}
|
||||
BuildRequires: autoconf >= 2.12
|
||||
BuildRequires: gcc-c++
|
||||
@ -112,6 +113,7 @@ rm -rf audisp/plugins/prelude
|
||||
%patch3 -p1
|
||||
%patch4 -p1
|
||||
%patch5 -p1
|
||||
%patch6 -p1
|
||||
|
||||
%if %{without python2} && %{with python3}
|
||||
# Fix python env call in tests if we only have Python3.
|
||||
|
@ -1,3 +1,44 @@
|
||||
-------------------------------------------------------------------
|
||||
Mon Jan 13 17:39:03 UTC 2020 - Tony Jones <tonyj@suse.com>
|
||||
|
||||
- Update to version 2.6.5:
|
||||
* Fix segfault on shutdown
|
||||
* Fix hang on startup (#1587995)
|
||||
* Add sleep to script to dump state so file is ready when needed
|
||||
* Add auparse_normalizer support for SOFTWARE_UPDATE event
|
||||
* Mark netlabel events as simple events so that get processed quicker
|
||||
* When audispd is reconfiguring, only SIGHUP plugins with valid pid (#1614833)
|
||||
* Add 30-ospp-v42.rules to meet new Common Criteria requirements
|
||||
* Update lookup tables for the 4.18 kernel
|
||||
* In aureport, fix segfault in file report
|
||||
* Add auparse_normalizer support for labeled networking events
|
||||
* Fix memory leak in audisp-remote plugin when using krb5 transport. (#1622194)
|
||||
* Event aging is off by a second
|
||||
* In ausearch/auparse, correct event ordering to process oldest first
|
||||
* auparse_reset was not clearing everything it should
|
||||
* Add support for AUDIT_MAC_CALIPSO_ADD, AUDIT_MAC_CALIPSO_DEL events
|
||||
* In ausearch/report, lightly parse selinux portion of USER_AVC events
|
||||
* In ausearch/report, limit record size when malformed
|
||||
* In auditd, fix extract_type function for network originating events
|
||||
* In auditd, calculate right size and location for network originating events
|
||||
* Treat all network originating events as VER2 so dispatcher doesn't format it
|
||||
* In audisp-remote do an initial connection attempt (#1625156)
|
||||
* In auditd, allow expression of space left as a percentage (#1650670)
|
||||
* On PPC64LE systems, only allow 64 bit rules (#1462178)
|
||||
* Make some parts of auditd state report optional based on config
|
||||
* Fix ausearch when checkpointing a single file (Burn Alting)
|
||||
* Fix scripting in 31-privileged.rules wrt filecap (#1662516)
|
||||
* In ausearch, do not checkpt if stdin is input source
|
||||
* In libev, remove __cold__ attribute for functions to allow proper hardening
|
||||
* Add tests to configure.ac for openldap support
|
||||
* Make systemd support files use /run rather than /var/run (Christian Hesse)
|
||||
* Fix minor memory leak in auditd kerberos credentials code
|
||||
* Fix auditd regression where keep_logs is limited by rotate_logs 2 file test
|
||||
* In ausearch/report fix --end to use midnight time instead of now (#1671338)
|
||||
|
||||
- Remote zos building is now a configurable option.
|
||||
It should be disabled in audit (and left enabled in audit-secondary).
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Mar 21 10:33:03 UTC 2019 - Jan Engelhardt <jengelh@inai.de>
|
||||
|
||||
|
@ -1,7 +1,7 @@
|
||||
#
|
||||
# spec file for package audit
|
||||
#
|
||||
# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
|
||||
# Copyright (c) 2020 SUSE LLC
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
@ -17,12 +17,12 @@
|
||||
|
||||
|
||||
Name: audit
|
||||
Version: 2.8.4
|
||||
Version: 2.8.5
|
||||
Release: 0
|
||||
Summary: Linux kernel audit subsystem utilities
|
||||
License: GPL-2.0-or-later
|
||||
Group: System/Monitoring
|
||||
Url: http://people.redhat.com/sgrubb/audit/
|
||||
URL: http://people.redhat.com/sgrubb/audit/
|
||||
Source0: http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
|
||||
Source1: baselibs.conf
|
||||
Source2: README-BEFORE-ADDING-PATCHES
|
||||
@ -87,7 +87,8 @@ export LDFLAGS="-Wl,-z,relro,-z,now"
|
||||
--with-libwrap \
|
||||
--without-libcap-ng \
|
||||
--disable-static \
|
||||
--without-python
|
||||
--without-python \
|
||||
--disable-zos-remote
|
||||
make %{?_smp_mflags} -C lib
|
||||
make %{?_smp_mflags} -C auparse
|
||||
make %{?_smp_mflags} -C docs
|
||||
|
Loading…
Reference in New Issue
Block a user