Accepting request 247315 from home:jones_tony:branches:security

OBS-URL: https://build.opensuse.org/request/show/247315 OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=72
2014-09-02 23:07:21 +00:00 · 2014-09-02 23:07:21 +00:00 · a550638087
commit a550638087
parent 42c1e24684
9 changed files with 143 additions and 29 deletions
--- a/audit-2.3.6.tar.gz
+++ b/audit-2.3.6.tar.gz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:e4309bae77c5cc4b39684c0d951e7dd7502837a60405c95ebe27b5370d5e2545
-size 929688
--- a/audit-2.4.tar.gz
+++ b/audit-2.4.tar.gz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:6e5d39e7af9d00477ef60f824be8c93bd23a227869d6993ff36b7e7fa28fe99b
+size 937809
--- a/audit-add-ppc64le-mach-support.patch
+++ b/audit-add-ppc64le-mach-support.patch
@ -0,0 +1,85 @@
+From: Tony Jones <tonyj@suse.de>
+Subject: audit: add ppc64le mach support
+References: bnc#891861
+Commit-id: https://fedorahosted.org/audit/changeset/1013
+Signed-off-by: Tony Jones <tonyj@suse.de>
+
+---
+ lib/libaudit.c     |    5 +++++
+ lib/libaudit.h     |    6 +++++-
+ lib/lookup_table.c |    3 +++
+ lib/machinetab.h   |    1 +
+ 4 files changed, 14 insertions(+), 1 deletion(-)
+
+--- a/lib/machinetab.h
+++ b/lib/machinetab.h
+@@ -27,6 +27,7 @@ _S(MACH_X86,     "i686"   )
+ _S(MACH_86_64,   "x86_64" )
+ _S(MACH_IA64,    "ia64"   )
+ _S(MACH_PPC64,   "ppc64"  )
+_S(MACH_PPC64LE, "ppc64le")
+ _S(MACH_PPC,     "ppc"    )
+ _S(MACH_S390X,   "s390x"  )
+ _S(MACH_S390,    "s390"   )
+--- a/lib/lookup_table.c
+++ b/lib/lookup_table.c
+@@ -70,6 +70,7 @@ static const struct int_transtab elftab[
+     { MACH_86_64,   AUDIT_ARCH_X86_64 },
+     { MACH_IA64,    AUDIT_ARCH_IA64   },
+     { MACH_PPC64,   AUDIT_ARCH_PPC64  },
+    { MACH_PPC64LE, AUDIT_ARCH_PPC64LE},
+     { MACH_PPC,     AUDIT_ARCH_PPC    },
+     { MACH_S390X,   AUDIT_ARCH_S390X  },
+     { MACH_S390,    AUDIT_ARCH_S390   },
+@@ -123,6 +124,7 @@ int audit_name_to_syscall(const char *sc
+ 			found = ia64_syscall_s2i(sc, &res);
+ 			break;
+ 		case MACH_PPC64:
+		case MACH_PPC64LE:
+ 		case MACH_PPC:
+ 			found = ppc_syscall_s2i(sc, &res);
+ 			break;
+@@ -169,6 +171,7 @@ const char *audit_syscall_to_name(int sc
+ 		case MACH_IA64:
+ 			return ia64_syscall_i2s(sc);
+ 		case MACH_PPC64:
+		case MACH_PPC64LE:
+ 		case MACH_PPC:
+ 			return ppc_syscall_i2s(sc);
+ 		case MACH_S390X:
+--- a/lib/libaudit.c
+++ b/lib/libaudit.c
+@@ -1128,6 +1128,11 @@ int audit_determine_machine(const char *
+ 				return -6;
+ 			break;
+ #endif
+		case MACH_PPC64LE:
+			if (bits != __AUDIT_ARCH_64BIT)
+				return -6;
+			break;
+
+ 		case MACH_86_64: /* fallthrough */
+ 		case MACH_PPC64: /* fallthrough */
+ 		case MACH_S390X: /* fallthrough */
+--- a/lib/libaudit.h
+++ b/lib/libaudit.h
+@@ -339,6 +339,9 @@ extern "C" {
+ #define AUDIT_ARCH_AARCH64	(EM_AARCH64|__AUDIT_ARCH_64BIT|__AUDIT_ARCH_LE)
+ #endif
+ 
+#ifndef AUDIT_ARCH_PPC64LE
+#define AUDIT_ARCH_PPC64LE	(EM_PPC64|__AUDIT_ARCH_64BIT|__AUDIT_ARCH_LE)
+#endif
+ 
+ //////////////////////////////////////////////////////
+ // This is an external ABI. Any changes in here will
+@@ -418,7 +421,8 @@ typedef enum {
+ 	MACH_S390,
+ 	MACH_ALPHA,
+ 	MACH_ARM,
+-	MACH_AARCH64
+	MACH_AARCH64,
+	MACH_PPC64LE
+ } machine_t;
+ 
+ /* These are the valid audit failure tunable enum values */
--- a/audit-allow-manual-stop.patch
+++ b/audit-allow-manual-stop.patch
@ -14,10 +14,10 @@ SuSE since we lack the ability to use a custom stop/restart
 --- a/init.d/auditd.service
 +++ b/init.d/auditd.service
@@ -4,7 +4,6 @@ DefaultDependencies=no
- After=local-fs.target
+ After=local-fs.target systemd-tmpfiles-setup.service
 Conflicts=shutdown.target
 Before=sysinit.target shutdown.target
 -RefuseManualStop=yes
+ ConditionKernelCommandLine=!audit=0
 
 [Service]
- ExecStart=/sbin/auditd -n
--- a/audit-secondary.changes
+++ b/audit-secondary.changes
@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Tue Sep  2 17:35:12 UTC 2014 - tonyj@suse.com
+
+- Update to version 2.4. See audit.spec (libaudit1) for upstream
+  changelog
+  Drop patch: auditd-donot-start-if-kernel-cmdline-disabled.patch
+
 -------------------------------------------------------------------
 Fri Aug 15 14:24:33 UTC 2014 - crrodriguez@opensuse.org

--- a/audit-secondary.spec
+++ b/audit-secondary.spec
@ -30,7 +30,7 @@ BuildRequires:  swig
 Summary:        Secondary packages for audit
 License:        GPL-2.0+
 Group:          System/Monitoring
-Version:        2.3.6
+Version:        2.4
 Release:        0
 Url:            http://people.redhat.com/sgrubb/audit/
 Source0:        http://people.redhat.com/sgrubb/audit/%{_name}-%{version}.tar.gz
@ -39,7 +39,6 @@ Patch2:         audit-no-gss.patch
 Patch3:         audit-no_m4_dir.patch
 Patch4:         audit-allow-manual-stop.patch
 Patch5:         audit-ausearch-do-not-require-tclass.patch
-Patch6:         auditd-donot-start-if-kernel-cmdline-disabled.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  audit-devel = %{version}
 BuildRequires:  autoconf >= 2.12
@ -97,7 +96,6 @@ rm -rf audisp/plugins/prelude
 %patch3 -p1
 %patch4 -p1
 %patch5 -p1
-%patch6 -p1
 %build
 autoreconf -fi
 export CFLAGS="%{optflags} -fno-strict-aliasing"
@ -140,6 +138,7 @@ rm -f $RPM_BUILD_ROOT/%{_libdir}/python%{py_ver}/site-packages/_auparse.la
 rm -f $RPM_BUILD_ROOT/%{_libdir}/python%{py_ver}/site-packages/auparse.a
 rm -f $RPM_BUILD_ROOT/%{_libdir}/python%{py_ver}/site-packages/auparse.la
 rm -f $RPM_BUILD_ROOT/%{_libdir}/python%{py_ver}/site-packages/auparse-1.0-py%{py_ver}.egg-info
+rm -f $RPM_BUILD_ROOT/%{_libdir}/pkgconfig/audit.pc
 # cleanup files handled by audit.spec
 rm -rf $RPM_BUILD_ROOT/%{_includedir}
 rm -f $RPM_BUILD_ROOT/%{_libdir}/lib{audit,auparse}.*
--- a/audit.changes
+++ b/audit.changes
@ -1,3 +1,43 @@
+-------------------------------------------------------------------
+Tue Sep  2 17:33:11 UTC 2014 - tonyj@suse.com
+
+- Update to version 2.4
+
+ Changelog 2.4
+  - Optionally parse loginuids, (e)uids, & (e)gids in ausearch/report
+  - In auvirt, anomaly events don't have uuid (#1111448)
+  - Fix category handling in various records (#1120286)
+  - Fix ausearch handling of session id on 32 bit systems
+  - Set systemd startup to wait until systemd-tmpfiles-setup.service (#1097314)
+  - Interpret a0 of socketcall and ipccall syscalls
+  - Add pkgconfig file for libaudit
+  - Add go language bindings for limited use of libaudit
+  - Fix ausearch handling of exit code on 32 bit systems
+  - Fix bug in aureport string linked list handling
+  - Document week-ago time setting in ausearch/report man page
+  - Update tables for 3.16 kernel
+  - In aulast, on bad logins only record user_login proof and use it
+  - Add libaudit API for kernel features
+  - If audit=0 on kernel cmnd line, skip systemd activation (Cristian RodrÃguez)
+  - Add checkpoint --start option to ausearch (Burn Alting)
+  - Fix arch matching in ausearch
+  - Add --loginuid-immutable option to auditctl
+  - Fix memory leak in auditd when log_format is set to NOLOG
+  - Update auditctl to display features in the status command
+  - Add ausearch_add_timestamp_item_ex() to auparse
+
+ Changelog 2.3.7
+  - Limit number of options in a rule in libaudit
+  - Auditctl cannot load rule with lots of syscalls (#1089713)
+  - In ausearch, fix checkpointing when inode is reused by new log (Burn Alting)
+  - Add PROCTITLE and FEATURE_CHANGE event types
+
+-------------------------------------------------------------------
+Tue Sep  2 17:33:11 UTC 2014 - tonyj@suse.com
+
+- Add support for ppc64le (bnc#891861)
+  New patch: audit-add-ppc64le-mach-support.patch
+
 -------------------------------------------------------------------
 Tue Apr 15 00:50:50 UTC 2014 - tonyj@suse.com

--- a/audit.spec
+++ b/audit.spec
@ -20,13 +20,14 @@ Name:           audit
 Summary:        First part of auditing package
 License:        GPL-2.0+
 Group:          System/Monitoring
-Version:        2.3.6
+Version:        2.4
 Release:        0
 Url:            http://people.redhat.com/sgrubb/audit/
 Source0:        http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
 Source1:        baselibs.conf
 Source2:        README-BEFORE-ADDING-PATCHES
 Patch1:         audit-no_m4_dir.patch
+Patch2:         audit-add-ppc64le-mach-support.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  autoconf >= 2.12
 BuildRequires:  gcc-c++
@ -76,6 +77,7 @@ libraries.
 %prep
 %setup -q -n %{name}-%{version}
 %patch1 -p1
+%patch2 -p1

 %build
 autoreconf -fi
@ -137,5 +139,6 @@ install -m 0644 init.d/libaudit.conf $RPM_BUILD_ROOT/etc
 %{_includedir}/auparse.h
 %{_includedir}/auparse-defs.h
 %{_mandir}/man3/*
+%{_libdir}/pkgconfig/audit.pc

 %changelog
--- a/auditd-donot-start-if-kernel-cmdline-disabled.patch
+++ b/auditd-donot-start-if-kernel-cmdline-disabled.patch
@ -1,20 +0,0 @@
-From: Cristian Rodríguez <crrodriguez@opensuse.org>
-Subject: If the audit subsystem is disabled in the cmdline, do not start service
-Date: Fri Aug 15 14:17:53 UTC 2014
-Upstream: Not yet , submitted Aug 14 2014
-Signed-Off-by:  Cristian Rodríguez <crrodriguez@opensuse.org>
-
-If the system is booted with audit=0 in the kernel command line
-the service must not be started as the audit subsystem is permanently
-disabled until next boot.
-
--- audit-2.3.6.orig/init.d/auditd.service
-+++ audit-2.3.6/init.d/auditd.service
-@@ -4,6 +4,7 @@ DefaultDependencies=no
- After=local-fs.target
- Conflicts=shutdown.target
- Before=sysinit.target shutdown.target
-+ConditionKernelCommandLine=!audit=0
- 
- [Service]
- ExecStart=/sbin/auditd -n