diff --git a/audit-2.8.4.tar.gz b/audit-2.8.4.tar.gz deleted file mode 100644 index 4147853..0000000 --- a/audit-2.8.4.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:a410694d09fc5708d980a61a5abcb9633a591364f1ecc7e97ad5daef9c898c38 -size 1123889 diff --git a/audit-2.8.5.tar.gz b/audit-2.8.5.tar.gz new file mode 100644 index 0000000..aa95d73 --- /dev/null +++ b/audit-2.8.5.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:0e5d4103646e00f8d1981e1cd2faea7a2ae28e854c31a803e907a383c5e2ecb7 +size 1140694 diff --git a/audit-allow-manual-stop.patch b/audit-allow-manual-stop.patch index c617e70..01399fe 100644 --- a/audit-allow-manual-stop.patch +++ b/audit-allow-manual-stop.patch @@ -13,10 +13,10 @@ SUSE since we lack the ability to use a custom stop/restart --- a/init.d/auditd.service +++ b/init.d/auditd.service -@@ -7,7 +7,6 @@ DefaultDependencies=no - After=local-fs.target systemd-tmpfiles-setup.service - Conflicts=shutdown.target +@@ -11,7 +11,6 @@ Before=sysinit.target shutdown.target + ##Before=shutdown.target + Conflicts=shutdown.target -RefuseManualStop=yes ConditionKernelCommandLine=!audit=0 Documentation=man:auditd(8) https://github.com/linux-audit/audit-documentation diff --git a/audit-fno-common.patch b/audit-fno-common.patch new file mode 100644 index 0000000..4ac3388 --- /dev/null +++ b/audit-fno-common.patch @@ -0,0 +1,24 @@ +From: Tony Jones +Subject: Resolve errors when compiling with -fno-common +Git-commmit: 017e6c6ab95df55f34e339d2139def83e5dada1f +References: bsc#1160384 +Upsteam: pending + +Header definitios need to be external when building with -fno-common (which +is default in GCC 10). + +Fixes: ff25054df7ed +Signed-off-by: Tony Jones + +--- a/src/ausearch-common.h ++++ b/src/ausearch-common.h +@@ -50,7 +50,7 @@ extern pid_t event_pid; + extern int event_exact_match; + extern uid_t event_uid, event_euid, event_loginuid; + extern const char *event_tuid, *event_teuid, *event_tauid; +-slist *event_node_list; ++extern slist *event_node_list; + extern const char *event_comm; + extern const char *event_filename; + extern const char *event_hostname; + diff --git a/audit-secondary.changes b/audit-secondary.changes index 24eebd9..74efbd0 100644 --- a/audit-secondary.changes +++ b/audit-secondary.changes @@ -1,3 +1,46 @@ +------------------------------------------------------------------- +Mon Jan 13 17:39:03 UTC 2020 - Tony Jones + +- Update to version 2.6.5: + * Fix segfault on shutdown + * Fix hang on startup (#1587995) + * Add sleep to script to dump state so file is ready when needed + * Add auparse_normalizer support for SOFTWARE_UPDATE event + * Mark netlabel events as simple events so that get processed quicker + * When audispd is reconfiguring, only SIGHUP plugins with valid pid (#1614833) + * Add 30-ospp-v42.rules to meet new Common Criteria requirements + * Update lookup tables for the 4.18 kernel + * In aureport, fix segfault in file report + * Add auparse_normalizer support for labeled networking events + * Fix memory leak in audisp-remote plugin when using krb5 transport. (#1622194) + * Event aging is off by a second + * In ausearch/auparse, correct event ordering to process oldest first + * auparse_reset was not clearing everything it should + * Add support for AUDIT_MAC_CALIPSO_ADD, AUDIT_MAC_CALIPSO_DEL events + * In ausearch/report, lightly parse selinux portion of USER_AVC events + * In ausearch/report, limit record size when malformed + * In auditd, fix extract_type function for network originating events + * In auditd, calculate right size and location for network originating events + * Treat all network originating events as VER2 so dispatcher doesn't format it + * In audisp-remote do an initial connection attempt (#1625156) + * In auditd, allow expression of space left as a percentage (#1650670) + * On PPC64LE systems, only allow 64 bit rules (#1462178) + * Make some parts of auditd state report optional based on config + * Fix ausearch when checkpointing a single file (Burn Alting) + * Fix scripting in 31-privileged.rules wrt filecap (#1662516) + * In ausearch, do not checkpt if stdin is input source + * In libev, remove __cold__ attribute for functions to allow proper hardening + * Add tests to configure.ac for openldap support + * Make systemd support files use /run rather than /var/run (Christian Hesse) + * Fix minor memory leak in auditd kerberos credentials code + * Fix auditd regression where keep_logs is limited by rotate_logs 2 file test + * In ausearch/report fix --end to use midnight time instead of now (#1671338) + +- Fix build errors when using gcc-10 no-common default (bsc#1160384) + New patch: audit-fno-common.patch + +- Refresh audit-allow-manual-stop.patch + ------------------------------------------------------------------- Thu Mar 21 10:32:43 UTC 2019 - Jan Engelhardt diff --git a/audit-secondary.spec b/audit-secondary.spec index 6d7aae9..3f11838 100644 --- a/audit-secondary.spec +++ b/audit-secondary.spec @@ -1,7 +1,7 @@ # # spec file for package audit-secondary # -# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2020 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -22,18 +22,19 @@ # The seperation is required to minimize unnecessary build cycles. %define _name audit Name: audit-secondary -Version: 2.8.4 +Version: 2.8.5 Release: 0 Summary: Linux kernel audit subsystem utilities License: GPL-2.0-or-later Group: System/Monitoring -Url: http://people.redhat.com/sgrubb/audit/ +URL: http://people.redhat.com/sgrubb/audit/ Source0: http://people.redhat.com/sgrubb/audit/%{_name}-%{version}.tar.gz Patch1: audit-plugins-path.patch Patch2: audit-no-gss.patch Patch3: audit-allow-manual-stop.patch Patch4: audit-ausearch-do-not-require-tclass.patch Patch5: audit-python3.patch +Patch6: audit-fno-common.patch BuildRequires: audit-devel = %{version} BuildRequires: autoconf >= 2.12 BuildRequires: gcc-c++ @@ -112,6 +113,7 @@ rm -rf audisp/plugins/prelude %patch3 -p1 %patch4 -p1 %patch5 -p1 +%patch6 -p1 %if %{without python2} && %{with python3} # Fix python env call in tests if we only have Python3. diff --git a/audit.changes b/audit.changes index 5eb1e70..479d975 100644 --- a/audit.changes +++ b/audit.changes @@ -1,3 +1,44 @@ +------------------------------------------------------------------- +Mon Jan 13 17:39:03 UTC 2020 - Tony Jones + +- Update to version 2.6.5: + * Fix segfault on shutdown + * Fix hang on startup (#1587995) + * Add sleep to script to dump state so file is ready when needed + * Add auparse_normalizer support for SOFTWARE_UPDATE event + * Mark netlabel events as simple events so that get processed quicker + * When audispd is reconfiguring, only SIGHUP plugins with valid pid (#1614833) + * Add 30-ospp-v42.rules to meet new Common Criteria requirements + * Update lookup tables for the 4.18 kernel + * In aureport, fix segfault in file report + * Add auparse_normalizer support for labeled networking events + * Fix memory leak in audisp-remote plugin when using krb5 transport. (#1622194) + * Event aging is off by a second + * In ausearch/auparse, correct event ordering to process oldest first + * auparse_reset was not clearing everything it should + * Add support for AUDIT_MAC_CALIPSO_ADD, AUDIT_MAC_CALIPSO_DEL events + * In ausearch/report, lightly parse selinux portion of USER_AVC events + * In ausearch/report, limit record size when malformed + * In auditd, fix extract_type function for network originating events + * In auditd, calculate right size and location for network originating events + * Treat all network originating events as VER2 so dispatcher doesn't format it + * In audisp-remote do an initial connection attempt (#1625156) + * In auditd, allow expression of space left as a percentage (#1650670) + * On PPC64LE systems, only allow 64 bit rules (#1462178) + * Make some parts of auditd state report optional based on config + * Fix ausearch when checkpointing a single file (Burn Alting) + * Fix scripting in 31-privileged.rules wrt filecap (#1662516) + * In ausearch, do not checkpt if stdin is input source + * In libev, remove __cold__ attribute for functions to allow proper hardening + * Add tests to configure.ac for openldap support + * Make systemd support files use /run rather than /var/run (Christian Hesse) + * Fix minor memory leak in auditd kerberos credentials code + * Fix auditd regression where keep_logs is limited by rotate_logs 2 file test + * In ausearch/report fix --end to use midnight time instead of now (#1671338) + +- Remote zos building is now a configurable option. + It should be disabled in audit (and left enabled in audit-secondary). + ------------------------------------------------------------------- Thu Mar 21 10:33:03 UTC 2019 - Jan Engelhardt diff --git a/audit.spec b/audit.spec index a52739f..775281c 100644 --- a/audit.spec +++ b/audit.spec @@ -1,7 +1,7 @@ # # spec file for package audit # -# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2020 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,12 +17,12 @@ Name: audit -Version: 2.8.4 +Version: 2.8.5 Release: 0 Summary: Linux kernel audit subsystem utilities License: GPL-2.0-or-later Group: System/Monitoring -Url: http://people.redhat.com/sgrubb/audit/ +URL: http://people.redhat.com/sgrubb/audit/ Source0: http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz Source1: baselibs.conf Source2: README-BEFORE-ADDING-PATCHES @@ -87,7 +87,8 @@ export LDFLAGS="-Wl,-z,relro,-z,now" --with-libwrap \ --without-libcap-ng \ --disable-static \ - --without-python + --without-python \ + --disable-zos-remote make %{?_smp_mflags} -C lib make %{?_smp_mflags} -C auparse make %{?_smp_mflags} -C docs