From e3d31e63b600459ae47fc608011dd90b3bc42bc06c63781d5bc7e99267fd54ca Mon Sep 17 00:00:00 2001 From: Tony Jones Date: Thu, 20 Jul 2017 20:07:48 +0000 Subject: [PATCH] Accepting request 511710 from home:jones_tony:branches:security OBS-URL: https://build.opensuse.org/request/show/511710 OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=85 --- audit-2.5.tar.gz | 3 --- audit-2.7.7.tar.gz | 3 +++ audit-allow-manual-stop.patch | 4 ++-- audit-no-gss.patch | 3 ++- audit-secondary.changes | 11 +++++++++++ audit-secondary.spec | 6 ++++-- audit.changes | 6 ++++++ audit.spec | 4 ++-- 8 files changed, 30 insertions(+), 10 deletions(-) delete mode 100644 audit-2.5.tar.gz create mode 100644 audit-2.7.7.tar.gz diff --git a/audit-2.5.tar.gz b/audit-2.5.tar.gz deleted file mode 100644 index 2fe8a09..0000000 --- a/audit-2.5.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:9b0a0760c6f37d80cbbfe46a74db722e60ac8100b28eb31953878ffca8ac14b4 -size 1034200 diff --git a/audit-2.7.7.tar.gz b/audit-2.7.7.tar.gz new file mode 100644 index 0000000..b43e026 --- /dev/null +++ b/audit-2.7.7.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:98e22549444c313187dc98c2e137f36a9882efa0874b559b0457e5f87ae178ef +size 1110512 diff --git a/audit-allow-manual-stop.patch b/audit-allow-manual-stop.patch index af57ab2..c617e70 100644 --- a/audit-allow-manual-stop.patch +++ b/audit-allow-manual-stop.patch @@ -13,11 +13,11 @@ SUSE since we lack the ability to use a custom stop/restart --- a/init.d/auditd.service +++ b/init.d/auditd.service -@@ -4,7 +4,6 @@ DefaultDependencies=no +@@ -7,7 +7,6 @@ DefaultDependencies=no After=local-fs.target systemd-tmpfiles-setup.service Conflicts=shutdown.target Before=sysinit.target shutdown.target -RefuseManualStop=yes ConditionKernelCommandLine=!audit=0 + Documentation=man:auditd(8) https://github.com/linux-audit/audit-documentation - [Service] diff --git a/audit-no-gss.patch b/audit-no-gss.patch index 03afcfb..ca94d8a 100644 --- a/audit-no-gss.patch +++ b/audit-no-gss.patch @@ -11,10 +11,11 @@ but need manual removal here. --- a/init.d/auditd.conf +++ b/init.d/auditd.conf -@@ -27,6 +27,3 @@ tcp_listen_queue = 5 +@@ -30,7 +30,4 @@ tcp_listen_queue = 5 tcp_max_per_addr = 1 ##tcp_client_ports = 1024-65535 tcp_client_max_idle = 0 -enable_krb5 = no -krb5_principal = auditd -##krb5_key_file = /etc/audit/audit.key + distribute_network = no diff --git a/audit-secondary.changes b/audit-secondary.changes index d32f631..f99acfd 100644 --- a/audit-secondary.changes +++ b/audit-secondary.changes @@ -1,3 +1,14 @@ +------------------------------------------------------------------- +Tue Jul 18 18:33:40 UTC 2017 - tonyj@suse.com + +- Update to version 2.7.7. See audit.spec (libaudit1) for upstream + changelog + Since commit 6cf57d27 (2.7.4) audit is now started as an non-forking + service (bsc#1042781). + Add config: audit-stop.rules + Refresh patch: audit-allow-manual-stop.patch + Refresh patch: audit-no-gss.patch + ------------------------------------------------------------------- Fri Apr 1 14:59:05 UTC 2016 - tchvatal@suse.com diff --git a/audit-secondary.spec b/audit-secondary.spec index ad4c290..71a3d39 100644 --- a/audit-secondary.spec +++ b/audit-secondary.spec @@ -1,7 +1,7 @@ # # spec file for package audit-secondary # -# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -20,7 +20,7 @@ # The seperation is required to minimize unnecessary build cycles. %define _name audit Name: audit-secondary -Version: 2.5 +Version: 2.7.7 Release: 0 Summary: Secondary packages for audit License: GPL-2.0+ @@ -142,6 +142,7 @@ rm -rf %{buildroot}%{_libexecdir}/audit # Clean up some unneeded library files for ver in %{py_ver} %{py3_ver}; do rm -f %{buildroot}/%{_libdir}/python${ver}/site-packages/{_audit,_auparse,auparse}.{a,la} + rm -rf %{buildroot}/%{_libdir}/python${ver}/site-packages/__pycache__ done # cleanup makefiles for the rules (installed by %%docs command) rm -f %{buildroot}/%{_libdir}/pkgconfig/{audit,auparse}.pc @@ -235,6 +236,7 @@ fi %dir %attr(750,root,root) %{_sysconfdir}/audit/rules.d %config(noreplace) %attr(640,root,root) %{_sysconfdir}/audit/rules.d/audit.rules %config(noreplace) %attr(640,root,root) %{_sysconfdir}/audisp/audispd.conf +%config(noreplace) %attr(640,root,root) %{_sysconfdir}/audit/audit-stop.rules %dir %attr(700,root,root) %{_localstatedir}/log/audit %ghost %config(noreplace) %{_localstatedir}/log/audit/audit.log %dir %attr(700,root,root) %{_localstatedir}/spool/audit diff --git a/audit.changes b/audit.changes index d6c66cc..1f773a4 100644 --- a/audit.changes +++ b/audit.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Tue Jul 18 18:32:56 UTC 2017 - tonyj@suse.com + +- Update to version 2.7.7 release + Changelog: https://people.redhat.com/sgrubb/audit/ChangeLog + ------------------------------------------------------------------- Sat Apr 2 18:14:51 UTC 2016 - tchvatal@suse.com diff --git a/audit.spec b/audit.spec index a5579fa..7942ea4 100644 --- a/audit.spec +++ b/audit.spec @@ -1,7 +1,7 @@ # # spec file for package audit # -# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,7 @@ Name: audit -Version: 2.5 +Version: 2.7.7 Release: 0 Summary: First part of auditing package License: GPL-2.0+