audit

rpm/audit

SHA256

Fork 0

forked from pool/audit

Commit Graph

Author	SHA256	Message	Date
Enzo Matsumiya	c309536630	Accepting request 934558 from home:favogt:branches:security - Use %autosetup - Don't include sample rules as %doc, they're already installed as normal files - Fix create-augenrules-service.patch: * auditd.service needs to require augenrules.service, not the other way around - Fix documentation for enable-stop-rules.patch OBS-URL: https://build.opensuse.org/request/show/934558 OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=134	2021-11-30 01:45:17 +00:00
Enzo Matsumiya	1b5f7ae8b7	Accepting request 925195 from home:ematsumiya:branches:security - Create separate service for augenrules (bsc#1191614, bsc#1181400) * add create-augenrules-service.patch Remove ReadWritePaths=/etc/audit from auditd.service, also removes augenrules call from ExecStartPost. Create augenrules.service with the ReadWritePaths directive above. This makes /etc/audit only accessible by augenrules.service and let auditd.service (and daemon) to be sandboxed again. - Update audit-secondary.spec to accomodate the new service file. OBS-URL: https://build.opensuse.org/request/show/925195 OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=131	2021-10-13 23:13:08 +00:00

Author

SHA256

Message

Date

Enzo Matsumiya

c309536630

Accepting request 934558 from home:favogt:branches:security

- Use %autosetup
- Don't include sample rules as %doc, they're already installed
  as normal files
- Fix create-augenrules-service.patch:
  * auditd.service needs to require augenrules.service,
    not the other way around
- Fix documentation for enable-stop-rules.patch

OBS-URL: https://build.opensuse.org/request/show/934558
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=134

2021-11-30 01:45:17 +00:00

Enzo Matsumiya

1b5f7ae8b7

Accepting request 925195 from home:ematsumiya:branches:security

- Create separate service for augenrules (bsc#1191614, bsc#1181400)
  * add create-augenrules-service.patch
  Remove ReadWritePaths=/etc/audit from auditd.service, also removes
  augenrules call from ExecStartPost.
  Create augenrules.service with the ReadWritePaths directive above.
  This makes /etc/audit only accessible by augenrules.service and
  let auditd.service (and daemon) to be sandboxed again.
- Update audit-secondary.spec to accomodate the new service file.

OBS-URL: https://build.opensuse.org/request/show/925195
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=131

2021-10-13 23:13:08 +00:00

2 Commits