From e33aeccfc568d3c03809d199155730dad0757008e5d2dddde176628397cf9bf1 Mon Sep 17 00:00:00 2001 From: Robert Frohl Date: Thu, 16 Feb 2023 11:01:07 +0000 Subject: [PATCH] clean up stale archiv and removed patches OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=143 --- ...x-hang-with-disk_low_action-suspend-.patch | 31 --------- audit-3.0.6.tar.gz | 3 - ...andled-ECONNREFUSED-from-getpwnam-25.patch | 64 ------------------- 3 files changed, 98 deletions(-) delete mode 100644 audisp-remote-fix-hang-with-disk_low_action-suspend-.patch delete mode 100644 audit-3.0.6.tar.gz delete mode 100644 libaudit-fix-unhandled-ECONNREFUSED-from-getpwnam-25.patch diff --git a/audisp-remote-fix-hang-with-disk_low_action-suspend-.patch b/audisp-remote-fix-hang-with-disk_low_action-suspend-.patch deleted file mode 100644 index 8d03c49..0000000 --- a/audisp-remote-fix-hang-with-disk_low_action-suspend-.patch +++ /dev/null @@ -1,31 +0,0 @@ -From b6c474b22f6e76969221138d0d9ec8d97cb217ee Mon Sep 17 00:00:00 2001 -From: Enzo Matsumiya -Date: Thu, 24 Mar 2022 23:38:24 -0300 -Subject: [PATCH] audisp-remote: fix hang with disk_low_action=suspend (#254) - -If auditd.conf has disk_low_action=suspend and the partition where the -log is triggers the disk_low_action, audisp-remote will hang in -infinite loop. - -Fixes: 10dde069d1ac ("Dont look for stop on exit while draining the queue") -Signed-off-by: Enzo Matsumiya ---- - audisp/plugins/remote/audisp-remote.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/audisp/plugins/remote/audisp-remote.c b/audisp/plugins/remote/audisp-remote.c -index b7e610e8ca32..3be91b3d5190 100644 ---- a/audisp/plugins/remote/audisp-remote.c -+++ b/audisp/plugins/remote/audisp-remote.c -@@ -619,7 +619,7 @@ int main(int argc, char *argv[]) - - // If stdin is a pipe, then flush the queue - if (is_pipe(0)) { -- while (q_queue_length(queue) && transport_ok) -+ while (q_queue_length(queue) && !suspend && transport_ok) - send_one(queue); - } - --- -2.35.1 - diff --git a/audit-3.0.6.tar.gz b/audit-3.0.6.tar.gz deleted file mode 100644 index 9d3e3a5..0000000 --- a/audit-3.0.6.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:c3e44d77513a42401d417dd0ceb203cf23886cb89402dea7b9494faa3f4fcc5e -size 1190011 diff --git a/libaudit-fix-unhandled-ECONNREFUSED-from-getpwnam-25.patch b/libaudit-fix-unhandled-ECONNREFUSED-from-getpwnam-25.patch deleted file mode 100644 index cce6813..0000000 --- a/libaudit-fix-unhandled-ECONNREFUSED-from-getpwnam-25.patch +++ /dev/null @@ -1,64 +0,0 @@ -From 614edbe52180698c5b447ff4c3e7031ff0721683 Mon Sep 17 00:00:00 2001 -From: Enzo Matsumiya -Date: Thu, 24 Mar 2022 23:36:53 -0300 -Subject: [PATCH] libaudit: fix unhandled ECONNREFUSED from getpwnam() (#255) - -From: Luis Galdos - -In some very specific scenarios with LDAP + network issues, -getpwnam() and getgrnam() might return ECONNREFUSED. - -Up in the call chain to audit_name_to_uid()/audit_name_to_gid(), -ECONNREFUSED will be handled as kernel auditd is not running, -showing "The audit system is disabled" and stopping parsing rules. - -This patch manually sets errno to ENOENT after those affected calls, in -case they fail, so rule parsing can continue cleanly. - -Signed-off-by: Enzo Matsumiya ---- - lib/libaudit.c | 17 +++++++++++++++-- - 1 file changed, 15 insertions(+), 2 deletions(-) - -diff --git a/lib/libaudit.c b/lib/libaudit.c -index 54e276156ef0..41303c244aee 100644 ---- a/lib/libaudit.c -+++ b/lib/libaudit.c -@@ -1830,9 +1830,17 @@ static int audit_name_to_uid(const char *name, uid_t *uid) - { - struct passwd *pw; - -+ errno = 0; - pw = getpwnam(name); -- if (pw == NULL) -+ if (pw == NULL) { -+ /* getpwnam() might return ECONNREFUSED in some very -+ * specific cases when using LDAP. -+ * Manually set it to ENOENT so callers don't get confused -+ * with netlink's ECONNREFUSED */ -+ if (errno == ECONNREFUSED) -+ errno = ENOENT; - return 1; -+ } - - memset(pw->pw_passwd, ' ', strlen(pw->pw_passwd)); - *uid = pw->pw_uid; -@@ -1843,9 +1851,14 @@ static int audit_name_to_gid(const char *name, gid_t *gid) - { - struct group *gr; - -+ errno = 0; - gr = getgrnam(name); -- if (gr == NULL) -+ if (gr == NULL) { -+ /* See above for explanation. */ -+ if (errno == ECONNREFUSED) -+ errno = ENOENT; - return 1; -+ } - - *gid = gr->gr_gid; - return 0; --- -2.35.1 -