Accepting request 68631 from home:jones_tony:branches:security

OBS-URL: https://build.opensuse.org/request/show/68631 OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=27
2011-04-28 00:17:07 +00:00 · 2011-04-28 00:17:07 +00:00 · 681ec0a9b1
commit 681ec0a9b1
parent ae458029f1
6 changed files with 70 additions and 7 deletions
--- a/audit-2.0.5.tar.bz2
+++ b/audit-2.0.5.tar.bz2
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:50761b5ceea7c7cd2833d9dc611ce6dec440ddfb238c8a60e36fffd104ec3df6
-size 618300
--- a/audit-2.1.1.tar.bz2
+++ b/audit-2.1.1.tar.bz2
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:0820a0e1dd523bdec6de5a089656adc60b1830abd85f3776a7cd89f601a4a96c
+size 634237
--- a/audit-secondary.changes
+++ b/audit-secondary.changes
@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Wed Apr 27 00:05:50 UTC 2011 - tonyj@novell.com
+
+- Upgrade to version 2.1.1 (see audit.changes for upstream change
+  history)
+
 -------------------------------------------------------------------
 Wed Sep 29 00:22:38 UTC 2010 - tonyj@novell.com

--- a/audit-secondary.spec
+++ b/audit-secondary.spec
@ -25,7 +25,7 @@ BuildRequires:  gcc-c++ openldap2-devel pkg-config python-devel swig
 Summary:        Python Bindings for libaudit
 License:        GPLv2+
 Group:          System/Monitoring
-Version:        2.0.5
+Version:        2.1.1
 Release:        3
 Url:            http://people.redhat.com/sgrubb/audit/
 Source0:        audit-%{version}.tar.bz2
--- a/audit.changes
+++ b/audit.changes
@ -1,3 +1,58 @@
+-------------------------------------------------------------------
+Wed Apr 27 00:04:23 UTC 2011 - tonyj@novell.com
+
+- Update to version 2.1.1, upstream changelog:
+  - 2.1.1
+  - When ausearch is interpretting, output "as is" if no = is found
+  - Correct socket setup in remote logging
+  - Adjusted a couple default settings for remote logging and init script
+  - Audispd was not marking restarted plugins as active
+  - Audisp-remote should keep a capability if local_port < 1024
+  - When audispd restarts plugin, send event in its preferred format
+  - In audisp-remote, make all I/O asynchronous
+  - In audisp-remote, add sigusr1 handler to dump internal state
+  - Fix autrace to use correct syscalls on s390 and s390x systems
+  - Add shutdown syscall to remote logging teardowns
+  - Correct autrace rule for 32 bits systems
+  
+  2.1
+  - Update auditctl man page for new field on user filter
+  - Fix crash in aulast when auid is foreign to the system
+  - Code cleanups
+  - Add store and forward model to audispd-remote (Mirek Trmac)
+  - Free memory on failed startups in audisp-prelude
+  - Fix memory leak in aureport
+  - Fix parsing state problem in libauparse
+  - Improve the robustness of libaudit field encoding functions
+  - Update capability tables
+  - In auditd, make failure action config checking consistent 
+  - In auditd, check that NULL is not being passed to safe_exec
+  - In audisp-remote, overflow_action wasn't suspending if that action was chosen
+  - Update interpretations for virt events
+  - Improve remote logging warning and error messages
+  - Add interpretations for netfilter events
+  
+  2.0.6
+  - ausearch/report performance improvements
+  - Synchronize all sample syscall rules to use action,list
+  - If program name provided to audit_log_acct_message, escape it
+  - Fix man page for the audit_encode_nv_string function (#647131)
+  - If value is NULL, don't segfault (#647128)
+  - Fix simple event parsing to not assume session id can't be last (Peng Haitao)
+  - Add support for new mmap audit event type
+  - Add ability for audispd syslog plugin to choose facility local0-7 (#593340)
+  - Fix autrace to use correct syscalls on i386 systems (Peng Haitao)
+  - On startup and reconfig, check for excess logs and unlink them
+  - Add a couple missing parser debug messages
+  - Fix error output resolving numeric address and update man page
+  - Add netfilter event types
+  - Fix spelling error in audit.rules man page (#667845)
+  - Improve warning in auditctl regarding immutable mode (#654883)
+  - Update syscall tables for the 2.6.37 kernel
+  - In ausearch, allow searching for auid -1
+  - Add queue overflow_action to audisp-remote to control queue overflows
+  - Update sample rules for new syscalls and packages
+
 -------------------------------------------------------------------
 Mon Feb 21 10:33:40 UTC 2011 - aj@suse.de

--- a/audit.spec
+++ b/audit.spec
@ -22,7 +22,7 @@ Name:           audit
 BuildRequires:  gcc-c++ tcpd-devel
 BuildRequires:  kernel-headers >= 2.6.29
 Summary:        User Space Tools for 2.6 Kernel Auditing
-Version:        2.0.5
+Version:        2.1.1
 Release:        7
 License:        GPLv2+
 Group:          System/Monitoring
@ -139,8 +139,9 @@ install -c -m 755 %{SOURCE1} $RPM_BUILD_ROOT/etc/init.d/auditd
 ln -s /etc/init.d/auditd $RPM_BUILD_ROOT/sbin/rcauditd
 mkdir -p $RPM_BUILD_ROOT/var/log/audit/
 touch $RPM_BUILD_ROOT/var/log/audit/audit.log
-# For %ghost below, so that old location files will still be there when
-# %post copy runs
+mkdir -p $RPM_BUILD_ROOT/var/spool/audit/
+# For ghost below, so that old location files will still be there when
+# post copy runs
 touch $RPM_BUILD_ROOT/etc/{auditd.conf,audit.rules}
 # On platforms with 32 & 64 bit libs, we need to coordinate the timestamp
 touch -r ./audit.spec $RPM_BUILD_ROOT/etc/libaudit.conf
@ -238,6 +239,7 @@ fi
 /var/adm/fillup-templates/sysconfig.auditd
 %dir %attr(700,root,root) /var/log/audit
 %ghost %config(noreplace) /var/log/audit/audit.log
+%dir %attr(700,root,root) /var/spool/audit
 %attr(755,root,root) /usr/bin/ausyscall

 %changelog