SHA256
1
0
forked from pool/audit
audit/audit-no-gss.patch
Marcus Meissner 97e319769c Accepting request 909447 from home:ematsumiya:branches:security
- Update to version 3.0.3:
  * Dont interpret audit netlink groups unless AUDIT_NLGRP_MAX is defined
  * Add support for AUDIT_RESP_ORIGIN_UNBLOCK_TIMED to ids
  * Change auparse_feed_has_data in auparse to include incomplete events
  * Auditd, stop linking against -lrt
  * Add ProtectHome and RestrictRealtime to auditd.service
  * In auditd, read up to 3 netlink packets in a row
  * In auditd, do not validate path to plugin unless active
  * In auparse, only emit config errors when AUPARSE_DEBUG env variable exists

OBS-URL: https://build.opensuse.org/request/show/909447
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=124
2021-08-01 14:31:28 +00:00

23 lines
570 B
Diff

From: Tony Jones <tonyj@suse.de>
Subject: Disable GSS options from config file
Upsteam: never
Disable GSS/Kerberos options from config file. They are disabled from configure
but need manual removal here.
---
init.d/auditd.conf | 3 ---
1 file changed, 3 deletions(-)
--- a/init.d/auditd.conf
+++ b/init.d/auditd.conf
@@ -30,8 +30,6 @@ tcp_max_per_addr = 1
##tcp_client_ports = 1024-65535
tcp_client_max_idle = 0
transport = TCP
-krb5_principal = auditd
-##krb5_key_file = /etc/audit/audit.key
distribute_network = no
q_depth = 1200
overflow_action = SYSLOG