SHA256
1
0
forked from pool/audit
audit/audit-allow-manual-stop.patch
Tony Jones 74524fcb73 - Update to version 2.6.5:
* Fix segfault on shutdown
  * Fix hang on startup (#1587995)
  * Add sleep to script to dump state so file is ready when needed
  * Add auparse_normalizer support for SOFTWARE_UPDATE event
  * Mark netlabel events as simple events so that get processed quicker
  * When audispd is reconfiguring, only SIGHUP plugins with valid pid (#1614833)
  * Add 30-ospp-v42.rules to meet new Common Criteria requirements
  * Update lookup tables for the 4.18 kernel
  * In aureport, fix segfault in file report
  * Add auparse_normalizer support for labeled networking events
  * Fix memory leak in audisp-remote plugin when using krb5 transport. (#1622194)
  * Event aging is off by a second
  * In ausearch/auparse, correct event ordering to process oldest first
  * auparse_reset was not clearing everything it should
  * Add support for AUDIT_MAC_CALIPSO_ADD, AUDIT_MAC_CALIPSO_DEL events
  * In ausearch/report, lightly parse selinux portion of USER_AVC events
  * In ausearch/report, limit record size when malformed
  * In auditd, fix extract_type function for network originating events
  * In auditd, calculate right size and location for network originating events
  * Treat all network originating events as VER2 so dispatcher doesn't format it
  * In audisp-remote do an initial connection attempt (#1625156)
  * In auditd, allow expression of space left as a percentage (#1650670)
  * On PPC64LE systems, only allow 64 bit rules (#1462178)
  * Make some parts of auditd state report optional based on config
  * Fix ausearch when checkpointing a single file (Burn Alting)
  * Fix scripting in 31-privileged.rules wrt filecap (#1662516)
  * In ausearch, do not checkpt if stdin is input source
  * In libev, remove __cold__ attribute for functions to allow proper hardening
  * Add tests to configure.ac for openldap support

OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=108
2020-01-16 20:02:22 +00:00

24 lines
735 B
Diff

From: Tony Jones <tonyj@suse.de>
Subject: allow service stop
References: https://lists.fedoraproject.org/pipermail/devel/2012-June/169411.html
References: https://www.redhat.com/archives/linux-audit/2013-July/msg00048.html
---
legacy-actions is Fedora specific, so blocking manual stop won't work for
SUSE since we lack the ability to use a custom stop/restart
init.d/auditd.service | 1 -
1 file changed, 1 deletion(-)
--- a/init.d/auditd.service
+++ b/init.d/auditd.service
@@ -11,7 +11,6 @@
Before=sysinit.target shutdown.target
##Before=shutdown.target
Conflicts=shutdown.target
-RefuseManualStop=yes
ConditionKernelCommandLine=!audit=0
Documentation=man:auditd(8) https://github.com/linux-audit/audit-documentation