OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/audit?expand=0&rev=28

2009-06-29 12:31:39 +00:00 · 2009-06-29 12:31:39 +00:00 · 779376fee2
commit 779376fee2
parent 6eb29ba165
5 changed files with 33 additions and 413 deletions
--- a/audit-as_needed.patch
+++ b/audit-as_needed.patch
@ -0,0 +1,17 @@
+From: Cristian Morales Vega <cmorve69@yahoo.es>
+Subject: Fix --as-needed build
+Upsteam: never
+
+audit_LDADD is overriding LDADD, so -lpthread is missing. Fixed with -pthread in auditd_CFLAGS.
+
+--- src/Makefile.am
+++ src/Makefile.am
+@@ -31,7 +31,7 @@
+ noinst_HEADERS = auditd-config.h auditd-event.h auditd-listen.h ausearch-llist.h ausearch-options.h auditctl-llist.h aureport-options.h ausearch-parse.h aureport-scan.h ausearch-lookup.h ausearch-int.h auditd-dispatch.h ausearch-string.h ausearch-nvpair.h ausearch-common.h ausearch-avc.h ausearch-time.h ausearch-lol.h
+ 
+ auditd_SOURCES = auditd.c auditd-event.c auditd-config.c auditd-reconfig.c auditd-sendmail.c auditd-dispatch.c auditd-listen.c
+-auditd_CFLAGS = -fPIE -DPIE -g -D_REENTRANT -D_GNU_SOURCE -fno-strict-aliasing 
+auditd_CFLAGS = -fPIE -DPIE -g -D_REENTRANT -D_GNU_SOURCE -fno-strict-aliasing -pthread
+ auditd_LDFLAGS = -pie -Wl,-z,relro
+ auditd_DEPENDENCIES = mt/libauditmt.a libev/libev.a
+ auditd_LDADD = @LIBWRAP_LIBS@ @libev_LIBS@ -Llibev -lev -lrt -lm $(gss_libs)
--- a/audit-secondary.changes
+++ b/audit-secondary.changes
@ -1,3 +1,8 @@
+-------------------------------------------------------------------
+Sat Jun 20 12:33:00 CEST 2009 - cmorve69@yahoo.es
+
+- fixed build with --as-needed
+
 -------------------------------------------------------------------
 Mon May 11 17:19:50 CEST 2009 - tonyj@suse.de

--- a/audit-secondary.spec
+++ b/audit-secondary.spec
@ -26,11 +26,12 @@ Summary:        Python Bindings for libaudit
 License:        GPL v2 or later
 Group:          System/Monitoring
 Version:        1.7.13
-Release:        2
+Release:        3
 Url:            http://people.redhat.com/sgrubb/audit/
 Source0:        audit-%{version}.tar.bz2
 Patch0:         audit-no_sca.patch
 Patch1:         audit-plugins-path.patch
+Patch2:         audit-as_needed.patch
 Requires:       audit = %{version}-%{release}
 Requires:       audit-libs = %{version}-%{release}
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
@ -86,6 +87,7 @@ rm -rf audisp/plugins/prelude
 %setup -q -n audit-%{version}
 %patch0 -p1
 %patch1 -p1
+%patch2

 %build
 autoreconf -fi
@ -147,47 +149,3 @@ rm -rf $RPM_BUILD_ROOT
 %attr(644,root,root) %{_mandir}/man8/audisp-remote.8.gz

 %changelog
-* Mon May 11 2009 tonyj@suse.de
- Update from 1.7.7 to 1.7.13 (see audit.changes for upstream change
-  history)
-* Fri Sep 26 2008 tonyj@suse.de
- Update from 1.7.4 to 1.7.7 (see audit.changes for upstream change
-  history)
-* Fri Aug 01 2008 ro@suse.de
- disable debuginfo for secondary specfile
-* Wed Jun 25 2008 tonyj@suse.de
- Update from 1.7.2 to 1.7.4 (see audit.changes for upstream change
-  history)
- Update from 1.6.8 to 1.7.2 (see audit.changes for upstream change
-  history)
-* Tue Jun 03 2008 coolo@suse.de
- avoid packaging a directory with different permissions (creating
-  rpm -V output)
-* Wed Apr 16 2008 aj@suse.de
- Use %%py_requires for proper requires.
-* Wed Mar 26 2008 tonyj@suse.de
- Update to version 1.6.8.
- Rename to audit-secondary and build audisp-plugins from here
-  to minimise bootstrap dependancies.
-* Tue Mar 18 2008 schwab@suse.de
- Use autoreconf.
-* Wed Oct 10 2007 tonyj@suse.de
- Upgrade to 1.6.2
-* Wed Jul 25 2007 tonyj@suse.de
- Upgrade to 1.5.5
-  Drop audit-swig-attribute.patch (upstreamed)
-* Fri Jul 13 2007 tonyj@suse.de
- Fix build errors on ppc
-* Thu Jul 12 2007 tonyj@suse.de
- Upgrade to 1.5.4
-* Wed May 02 2007 tonyj@suse.de
- Upgrade to 1.5.3.
-* Wed Nov 29 2006 tonyj@suse.de
- Upgrade to 1.2.9 (drop several patches which are now upstream)
- /usr/sbin/audispd now packaged by audit-libs-python
-* Sun Nov 05 2006 ro@suse.de
- fix requires
-* Thu Aug 31 2006 tonyj@suse.de
- Upgrade to 1.2.6-1
-* Wed Aug 16 2006 cthiel@suse.de
- split off package
--- a/audit.changes
+++ b/audit.changes
@ -1,3 +1,8 @@
+-------------------------------------------------------------------
+Sat Jun 20 12:33:00 CEST 2009 - cmorve69@yahoo.es
+
+- fixed build with --as-needed
+
 -------------------------------------------------------------------
 Fri Jun 19 10:35:46 CEST 2009 - coolo@novell.com

--- a/audit.spec
+++ b/audit.spec
@ -22,7 +22,7 @@ Name:           audit
 BuildRequires:  gcc-c++ tcpd-devel
 Summary:        User Space Tools for 2.6 Kernel Auditing
 Version:        1.7.13
-Release:        2
+Release:        3
 License:        GPL v2 or later
 Group:          System/Monitoring
 Url:            http://people.redhat.com/sgrubb/audit/
@ -33,6 +33,7 @@ Patch0:         audit-no_sca.patch
 Patch1:         audit-no_python.patch
 Patch2:         audit-no_plugins.patch
 Patch3:         audit-no-gss.patch
+Patch4:         audit-as_needed.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 Requires:       %{name}-libs = %{version}-%{release}
 PreReq:         %insserv_prereq %fillup_prereq
@ -91,11 +92,9 @@ Authors:
 %patch1 -p1
 %patch2 -p1
 %patch3 -p1
+%patch4

 %build
-# This package failed when testing with -Wl,-as-needed being default.  
-# So we disable it here, if you want to retest, just delete this comment and the line below.  
-export SUSE_ASNEEDED=0  
 autoreconf -fi
 export CFLAGS="%{optflags} -fno-strict-aliasing"
 export CXXFLAGS="$CFLAGS"
@ -222,367 +221,3 @@ fi
 %attr(755,root,root) /usr/bin/ausyscall

 %changelog
-* Fri Jun 19 2009 coolo@novell.com
- disable as-needed for this package as it fails to build with it
-* Mon May 11 2009 tonyj@suse.de
- Update from 1.7.7 to 1.7.13.
- Redhat changelog for 1.7.8 - 1.7.13 follows:
-  * Tue Apr 21 2009 Steve Grubb <sgrubb@redhat.com> 1.7.13-1
-  - Disable libev asserts unless --with-debug passed to configure
-  - Handle kernel 2.6.29's audit = 0 boot parameter better
-  - Install audit.py file in arch specific python directory (Dan Walsh)
-  - Fix problem with negative uids in audit rules on 32 bit systems
-  - When file type is unknown, output octal for mode field (Miloslav Trmač)
-  - Update tty keystroke interpretations (Miloslav Trmač)
-  * Tue Feb 24 2009 Steve Grubb <sgrubb@redhat.com> 1.7.12-1
-  - Add definitions for crypto events
-  - Fix regression where msgtype couldn't be used as a range in audit rules
-  - In libaudit, extend time spent checking reply
-  - In acct events, prefer id over acct if given
-  - In aulast, try id and acct in USER_LOGIN events
-  - When in immutable mode, have auditctl tell user instead of sending rules
-  - Add option to sysconfig to disable audit system on auditd stop
-  - Add tcp_wrappers config option to auditd
-  - Aulastlog can now take input from stdin
-  - Update libaudit python bindings to throw exceptions on error
-  - Adjust formatting of TTY data in libauparse to be like ausearch/report
-  - Add more key mappings to TTY interpretations
-  - Add internal queue to audisp-remote
-  - Fix failure action code to allow executables in audisp-remote (Chu Li)
-  - Fix memory leak when NOLOG log_format option given to auditd
-  - Quieten some of the reconnect text being sent to syslog in audisp-remote
-  - Apply some libev fixups to auditd
-  - Cleanup shutdown sequence of auditd
-  - Allow auditd log rotation via SIGUSR1 when NOLOG log format option given
-  * Sat Jan 10 2009 Steve Grubb <sgrubb@redhat.com> 1.7.11-1
-  - Don't error out in auditd when calling setsid
-  - Reformat a couple auditd error messages (Oden Eriksson)
-  - If log rotate fails, leave the old log writable
-  - Fixed bug in setting up auditd event loop when listening
-  - Warn if on biarch machine and auditctl rules show a syscall mismatch
-  - Audisp-remote was not parsing some config options correctly
-  - In auparse, check for single key in addition to virtual keys
-  - When auditd shuts down, send AUDIT_RMW_TYPE_ENDING messages to clients
-  - Created reconnect option to remote ending setting of audisp-remote
-  * Sat Dec 13 2008 Steve Grubb <sgrubb@redhat.com> 1.7.10-1
-  - Fix ausearch and aureport to handle out of order events
-  - Add line-buffer option to ausearch & timeout pipe input (Tony Jones)
-  - Add support in ausearch/report for tty data
-  - In audisp-remote, allow the keyword "any" for local_port
-  - Tighten parsing for -m and -w options in auditctl
-  - Add session query hint for aulast proof
-  - Fix audisp-remote to tolerate krb5 config options when not supported
-  - Created new aureport option for tty keystroke report
-  - audispd should detect backup config files and not use them
-  - When checking for ack in netlink interface, retry on EAGAIN a few times
-  - In aureport, fix mods report to show acct acted upon
-  * Wed Nov 05 2008 Steve Grubb <sgrubb@redhat.com> 1.7.9-1
-  - Fix uninitialized variable in aureport causing segfault
-  - Quieten down the gssapi not supported messages
-  - Fix bug interpretting i386 logs on x86_64 machines
-  - If kernel is in immutable mode, auditd should not send enable command
-  - Fix ausearch/report recent and now time keyword lookups
-  - Created aulast program
-  - prelude plugin should pull auid for login alert from 2nd uid field
-  - Add system boot, shutdown, and run level change events
-  - Add max_restarts to audispd.conf to limit times a plugin is restarted
-  - Expand session detection in ausearch
-  * Wed Oct 22 2008 Steve Grubb <sgrubb@redhat.com> 1.7.8-1
-  - Interpret TTY audit data in auparse (Miloslav Trmač)
-  - Extract terminal from USER_AVC events for ausearch/report (Peng Haitao)
-  - Add USER_AVCs to aureport's avc reporting (Peng Haitao)
-  - Short circuit hostname resolution in libaudit if host is empty
-  - If log_group and user are not root, don't check dispatcher perms
-  - Fix a bug when executing "ausearch -te today PM"
-  - Add --exit search option to ausearch
-  - Fix parsing config file when kerberos is disabled
-* Tue Apr 14 2009 dmueller@suse.de
- refresh patches
-* Wed Dec 10 2008 olh@suse.de
- use Obsoletes: -XXbit only for ppc64 to help solver during distupgrade
-  (bnc#437293)
-* Fri Dec 05 2008 tonyj@suse.de
- Revision to previous fix for bnc#445353.
-  These should go into SLES11 RC1.
-  1) Add --line-buffered option to limit when stdout is flushed (performance).
-  2) Testing found a related bug where (if input is a pipe) the last logical
-  record would permanently be queued waiting for a subsequent record indicating
-  end of the previous.  This subsequent record may never arrive.  Timer is
-  now run causing this record to be flushed if no new record arrives within
-  timeout.  This fix is upstream also.
-* Fri Nov 21 2008 tonyj@suse.de
- Force ausearch to flush stdout if pipe (bnc#445353)
-* Thu Oct 30 2008 olh@suse.de
- obsolete old -XXbit packages (bnc#437293)
-* Fri Sep 26 2008 tonyj@suse.de
- Update from 1.7.4 to 1.7.7.  GSS support disabled for present
- Redhat changelog for 1.7.5 - 1.7.7 follows:
-  * Wed Sep 11 2008 Steve Grubb <sgrubb@redhat.com> 1.7.7-1
-  - Bug fixes for gss code in remote logging (DJ Delorie)
-  - Fix ausearch -i to keep the node field in the output
-  - ausyscall now does strstr match on syscall names
-  - Makefile cleanup (Philipp Hahn)
-  - Add watched syscall support to audisp-prelude
-  - Use the right define for tcp_wrappers in auditd
-  - Expose encoding API for fields being logged from user space
-  * Wed Sep 11 2008 Steve Grubb <sgrubb@redhat.com> 1.7.6-1
-  - Update event record list and aureport classifications (Yu Zhiguo/Peng Haitao)
-  - Add subject to audit daemon events (Chu Li)
-  - Fix parsing of acct & exe fields in user records (Peng Haitao)
-  - Make client error handling in audisp-remote robust (DJ Delorie)
-  - Add tcp_wrappers support for auditd
-  - Updated syscall tables for 2.6.27 kernel
-  - Add heartbeat exchange to remote logging protocol (DJ Delorie)
-  - Audit connect/disconnect of remote clients
-  - In ausearch, collect pid from AVC records (Peng Haitao)
-  - Add auparse_get_field_type function to describe field's contents
-  - Add GSS/Kerberos encryption to the remote protocol (DJ Delorie)
-  * Mon Aug 25 2008 Steve Grubb <sgrubb@redhat.com> 1.7.5-1
-  - Update system-config-audit to 0.4.8
-  - Whole lot of bug fixes - see ChangeLog for details
-  - Reimplement auditd main loop using libev
-  - Add TCP listener to auditd to receive remote events
-* Tue Aug 05 2008 tonyj@suse.de
- Remove audit rules on audit stop (bnc#409093)
-* Wed Jun 25 2008 tonyj@suse.de
- Update from 1.7.2 to 1.7.4
- Redhat changelog for 1.7.3 - 1.7.4 follows:
-  * Mon May 19 2008 Steve Grubb <sgrubb@redhat.com> 1.7.4-1
-  - Fix interpreting of keys in syscall records
-  - Interpret audit rule config change list fields
-  - Don't error on name=(null) PATH records in ausearch/report
-  - Add key report to aureport
-  - Fix --end today to be now
-  - Added python bindings for auparse_goto_record_num
-  - Update system-config-audit to 0.4.7 (Miloslav Trmac)
-  - Add support for the filetype field option in auditctl
-  - In audispd boost priority after starting children
-  * Fri May 09 2008 Steve Grubb <sgrubb@redhat.com> 1.7.3-1
-  - Fix path processing in AVC records.
-  - auparse_find_field_next() wasn't resetting field ptr going to next record.
-  - auparse_find_field() wasn't checking current field before iterating
-  - cleanup some string handling in audisp-prelude plugin
-  - Update auditctl man page
-  - Fix output of keys in ausearch interpretted mode
-  - Fix ausearch/report --start now to not be reset to midnight
-  - Added auparse_goto_record_num function
-  - Prelude plugin now uses auparse_goto_record_num to avoid skipping a record
-  - audispd now has a priority boost config option
-  - Look for laddr in avcs reported via prelude
-  - Detect page 0 mmaps and alert via prelude
- Update from 1.6.8 to 1.7.2
- Complete fix for BNC# 378725
- Redhat changelog for 1.6.9-1.7.2 follows:
-  * Wed Apr 09 2008 Steve Grubb <sgrubb@redhat.com> 1.7.2-1
-  - gen_table.c now includes IPC defines to avoid glibc-headers wild goose chase
-  - ausyscall program added for cross referencing syscall name and number info
-  - Add login session ID search capability to ausearch
-  * Tue Apr 08 2008 Steve Grubb <sgrubb@redhat.com> 1.7.1-1
-  - Remove LSB headers info for init scripts
-  - Fix buffer overflow in audit_log_user_command, again (#438840)
-  - Fix memory leak in EOE code in auditd (#440075)
-  - In auditctl, don't use new operators in legacy rule format
-  - Made a couple corrections in alpha & x86_64 syscall tables (Miloslav Trmac)
-  - Add example STIG rules file
-  - Add string table lookup performance improvement patch (Miloslav Trmac)
-  - auparse_find_field_next performance improvement
-  * Sun Mar 30 2008 Steve Grubb <sgrubb@redhat.com> 1.7-1
-  - Improve input error handling in audispd
-  - Improve end of event detection in auparse library
-  - Improve handling of abstract namespaces
-  - Add test mode for prelude plugin
-  - Handle user space avcs in prelude plugin
-  - Audit event serial number now recorded in idmef alert
-  - Add --just-one option to ausearch
-  - Fix watched account login detection for some failed login attempts
-  - Couple fixups in audit logging functions (Miloslav Trmac)
-  - Add support in auditctl for virtual keys
-  - Added new type for user space MAC policy load events
-  - auparse_find_field_next was not iterating correctly, fixed it
-  - Add idmef alerts for access or execution of watched file
-  - Fix buffer overflow in audit_log_user_command
-  - Add basic remote logging plugin - only sends & no flow control
-  - Update ausearch with interpret fixes from auparse
-  * Sun Mar 09 2008 Steve Grubb <sgrubb@redhat.com> 1.6.9-1
-  - Apply hidden attribute cleanup patch (Miloslav Trmac)
-  - Apply auparse expression interface patch (Miloslav Trmac)
-  - Fix potential memleak in audit event dispatcher
-  - Change default audispd queue depth to 80
-  - Update system-config-audit to version 0.4.6 (Miloslav Trmac)
-  - audisp-prelude alerts now controlled by config file
-  - Updated syscall table for 2.6.25 kernel
-  - Apply patch correcting acct field being misencoded (Miloslav Trmac)
-  - Added watched account login detection for prelude plugin
-* Wed Apr 23 2008 tonyj@suse.de
- Fix for bnc#378725 VUL-0: audit buffer overflow
-* Thu Apr 10 2008 ro@suse.de
- added baselibs.conf file to build xxbit packages
-  for multilib support
-* Wed Mar 26 2008 tonyj@suse.de
- Update from 1.6.2 to 1.6.8.
- Move audisp-plugins to new secondary spec (along with existing
-  python libs).
- Redhat changelog follows:
-  * Thu Feb 14 2008 Steve Grubb <sgrubb@redhat.com> 1.6.8-1
-  - Update for gcc 4.3
-  - Cleanup descriptors in audispd before running plugin
-  - Fix 'recent' keyword for aureport/search
-  - Fix SE Linux policy for zos_remote plugin
-  - Add event type for group password authentication attempts
-  - Couple of updates to the translation tables
-  - Add detection of failed group authentication to audisp-prelude
-  * Thu Jan 31 2008 Steve Grubb <sgrubb@redhat.com> 1.6.7-1
-  - In ausearch/report, prefer -if to stdin
-  - In ausearch/report, add new command line option --input-logs (#428860)
-  - Updated audisp-prelude based on feedback from prelude-devel
-  - Added prelude alert for promiscuous socket being opened
-  - Added prelude alert for SE Linux policy enforcement changes
-  - Added prelude alerts for Forbidden Login Locations and Time
-  - Applied patch to auparse fixing error handling of searching by
-  interpreted value (Miloslav Trmac)
-  * Sat Jan 19 2008 Steve Grubb <sgrubb@redhat.com> 1.6.6-1
-  - Add prelude IDS plugin for IDMEF alerts
-  - Add --user option to aulastlog command
-  - Use desktop-file-install for system-config-audit
-  * Mon Jan 07 2008 Steve Grubb <sgrubb@redhat.com> 1.6.5-1
-  - Add more errno strings for exit codes in auditctl
-  - Fix config parser to allow either 0640 or 0600 for audit logs (#427062)
-  - Check for audit log being writable by owner in auditd
-  - If auditd logging was suspended, it can be resumed with SIGUSR2 (#251639)
-  - Updated CAPP, LSPP, and NISPOM rules for new capabilities
-  - Added aulastlog utility
-  * Sat Dec 29 2007 Steve Grubb <sgrubb@redhat.com> 1.6.4-1
-  - fchmod of log file was on wrong variable (#426934)
-  - Allow use of errno strings for exit codes in audit rules
-  * Thu Dec 27 2007 Steve Grubb <sgrubb@redhat.com> 1.6.3-1
-  - Add kernel release string to DEAMON_START events
-  - Fix keep_logs when num_logs option disabled (#325561)
-  - Fix auparse to handle node fields for syscall records
-  - Update system-config-audit to version 0.4.5 (Miloslav Trmac)
-  - Add keyword week-ago to aureport & ausearch start/end times
-  - Fix audit log permissions on rotate. If group is root 0400, otherwise 0440
-  - Add RACF zos remote audispd plugin (Klaus Kiwi)
-  - Add event queue overflow action to audispd
-* Tue Mar 18 2008 schwab@suse.de
- Use autoreconf.
-* Wed Oct 31 2007 tonyj@suse.de
- Incorporate 1 more Redhat fixe post 1.6.2
- Go back to 10.2 behaviour wrt to starting in disabled state.
-  This time using patch submitted upstream, fix for #Bug 333739
-* Wed Oct 10 2007 tonyj@suse.de
- Upgrade to 1.6.2
-  Plus two bugs discovered in Fedora, will be fixed in 1.6.3
-* Wed Jul 25 2007 tonyj@suse.de
- Upgrade to 1.5.5
-  Correct bug in audit_make_equivalent function (Al Viro)
-  Local: add AppArmor audit ID (upstream in 1.5.6)
-  don't build RedHat system-config-audit
-* Thu Jul 12 2007 tonyj@suse.de
- Upgrade to 1.5.4
-  Add feed interface to auparse library (John Dennis)
-  Apply patch to libauparse for unresolved symbols (#241178)
-  Apply patch to add line numbers for file events in libauparse (John Dennis)
-  Change seresults to seresult in libauparse (John Dennis)
-  Add unit32_t definition to swig (#244210)
-  Add support for directory auditing
-  Update acct field to be escaped
- Fix for #280487 "%%ghost /var/log/audit/audit.log will remove the logfile"
-* Mon May 07 2007 rguenther@suse.de
- Drop pkg-config BuildRequires introduced by last change.
-* Wed May 02 2007 tonyj@suse.de
- Upgrade to 1.5.3.  Drop AUDITD_DISABLE_CONTEXTS from audit sysconfig
-* Wed Nov 29 2006 tonyj@suse.de
- Upgrade to 1.2.9 (drop several patches which are now upstream)
- Move to using /etc/audit directory for config files
-* Thu Aug 31 2006 tonyj@suse.de
- Upgrade to 1.2.6-1
-* Sat Aug 26 2006 olh@suse.de
- do not define __KERNEL__ in userland apps
- remove unused sys/syscall.h include
-* Wed Aug 16 2006 cthiel@suse.de
- split audit into audit and audit-libs-python
-* Fri May 05 2006 sbeattie@suse.de
- disable syscall audit context creation by default #172154
-* Mon Mar 20 2006 meissner@suse.de
- Do not print a misleading errormessage when audit
-  is not compiled into the kernel. #152733
-* Mon Mar 06 2006 meissner@suse.de
- On kernels without auditing, which report ECONNREFUSED,
-  do not output stuff to stderr on startup. #152733
-* Sat Feb 25 2006 kukuk@suse.de
- Fix moving of devel libraries, don't install .la file
-* Wed Feb 22 2006 meissner@suse.de
- moved libaudit.so symlink to /usr/lib and to -devel package,
-  as requested by Thorsten.
-* Fri Feb 17 2006 meissner@suse.de
- check sendto() return against -1 (error with errno set).
-* Wed Jan 25 2006 mls@suse.de
- converted neededforbuild to BuildRequires
-* Wed Jan 25 2006 ro@suse.de
- fix fillup call since filename != packagename
-* Tue Jan 24 2006 ro@suse.de
- do not skip fillup in postinstall
-* Mon Jan 23 2006 dreynolds@suse.de
- Modified inssrv macro args to enable on boot
-* Wed Jan 18 2006 tonyj@suse.de
- Add support for AppArmor (submitted upstream for 1.1.4)
-* Fri Jan 13 2006 meissner@suse.de
- Updated to 1.1.3.
- Moved audispd to /usr/sbin since it uses /usr/lib/libstdc++
- Updated sysconfig snippet.
-* Tue Nov 08 2005 meissner@suse.de
- upgraded to 1.0.12.
-* Fri Nov 04 2005 kukuk@suse.de
- Update to 1.0.9.
-* Wed Oct 12 2005 meissner@suse.de
- upgraded to 1.0.6. ptrdift patch now solved upstream.
-* Wed Oct 05 2005 meissner@suse.de
- Upgraded to 1.0.5
-* Wed Oct 05 2005 dmueller@suse.de
- add norootforbuild
-* Mon Sep 26 2005 meissner@suse.de
- Upgraded to 1.0.4.
-	- Make rate & backlog 32 bit unsigned int in auditctl
-	- In auditctl, if -F arch is given with -t option, don't require list
-	- Update auditd man page
-	- Add size check to audit_send
-	- Update message for audit_open failure when kernel doesn't support audit
-* Tue Aug 23 2005 meissner@suse.de
- Upgraded to 1.0.3 bugfix release:
-	- adjust file perms of newly created log file in auditd
-	- fix 2 memory leaks and an out of bounds access in auditd
-	- fix case where auditd was closing netlink descriptor too early
-	- fix watch rules not to take field arguments in auditctl
-	- fix bug where inode, devmajor, devminor, exit, and success fields in auditctl
-  rules were not getting the correct value stored
-* Wed Aug 17 2005 meissner@suse.de
- Added /var/log/audit directory and ghost audit.log #105131
-* Wed Aug 10 2005 meissner@suse.de
- Upgraded to 1.0.2
-* Thu Aug 04 2005 meissner@suse.de
- Upgraded to 1.0.1.
-* Mon Jul 11 2005 meissner@suse.de
- Update to version 0.9.16.
-* Tue Jun 21 2005 meissner@suse.de
- Update to version 0.9.10.
-* Fri Jun 17 2005 meissner@suse.de
- Update to version 0.9.7.
-* Thu Jun 16 2005 kukuk@suse.de
- Update to version 0.9.5
-* Tue Jun 14 2005 ro@suse.de
- make it build with current includes
-* Tue May 31 2005 meissner@suse.de
- Upgraded to 0.9.
-* Fri May 13 2005 meissner@suse.de
- upgraded to 0.6.8
-* Tue Apr 19 2005 meissner@suse.de
- Upgraded to 0.6.11.
-* Fri Apr 15 2005 pth@suse.de
- Make libaudit.h define pgoff_t by itself.
- Fix a minor warning.
-* Wed Mar 30 2005 meissner@suse.de
- Upgraded to 0.6.9.
-* Fri Mar 04 2005 meissner@suse.de
- Upgraded to 0.6.5.
-* Thu Mar 03 2005 meissner@suse.de
- initial package of auditd for new kernel auditing system.