audit/readonly.patch

diff --git a/audit.spec b/audit.spec
index 39f640e36..313d803f1 100644
--- a/audit.spec
+++ b/audit.spec
@@ -215,6 +215,7 @@ fi
 %attr(755,root,root) %{_bindir}/aulast
 %attr(755,root,root) %{_bindir}/aulastlog
 %attr(755,root,root) %{_bindir}/ausyscall
+%attr(640,root,root) %{_tmpfilesdir}/audit.conf
 %attr(755,root,root) %{_bindir}/auvirt
 %attr(644,root,root) %{_unitdir}/auditd.service
 %attr(750,root,root) %dir %{_libexecdir}/initscripts/legacy-actions/auditd
diff --git a/init.d/Makefile.am b/init.d/Makefile.am
index 3a73697a6..63fae2ab4 100644
--- a/init.d/Makefile.am
+++ b/init.d/Makefile.am
@@ -23,6 +23,7 @@
 
 CONFIG_CLEAN_FILES = *.rej *.orig
 EXTRA_DIST = auditd.init auditd.service auditd.sysconfig auditd.conf \
+	audit-tmpfiles.conf \
 	auditd.cron libaudit.conf auditd.condrestart \
 	auditd.reload auditd.restart auditd.resume \
 	auditd.rotate auditd.state auditd.stop \
@@ -43,6 +44,8 @@ sbin_SCRIPTS = augenrules
 
 install-data-hook:
 	$(INSTALL_DATA) -D -m 640 ${srcdir}/${libconfig} ${DESTDIR}${sysconfdir}
+	mkdir -p ${DESTDIR}$(prefix)/lib/tmpfiles.d/
+	$(INSTALL_DATA) -m 640 ${srcdir}/audit-tmpfiles.conf ${DESTDIR}$(prefix)/lib/tmpfiles.d/audit.conf
 if ENABLE_SYSTEMD
 else
 	$(INSTALL_DATA) -D -m 640 ${srcdir}/auditd.sysconfig ${DESTDIR}${sysconfigdir}/auditd
@@ -69,6 +72,7 @@ endif
 
 uninstall-hook:
 	rm ${DESTDIR}${sysconfdir}/${libconfig}
+	rm ${DESTDIR}$(prefix)/lib/tmpfiles.d/audit.conf
 if ENABLE_SYSTEMD
 	rm ${DESTDIR}${initdir}/auditd.service
 	rm ${DESTDIR}${legacydir}/rotate
diff --git a/init.d/audit-tmpfiles.conf b/init.d/audit-tmpfiles.conf
new file mode 100644
index 000000000..5512a535a
--- /dev/null
+++ b/init.d/audit-tmpfiles.conf
@@ -0,0 +1 @@
+d /var/log/audit 0700 root root - -
c9s bugfix Disable ProtectKernelModules=true in service file Resolves: RHEL-59570 af_unix plugin: restore original behavior in binary mode Resolves: RHEL-59585 Support image mode Resolves: RHEL-69033 Resolve ordering cycle when using remote logging Resolves: RHEL-11252 Filter syscalls to ensure architecture-specific availability Resolves: RHEL-70455 2025-01-08 11:38:22 +00:00			`diff --git a/audit.spec b/audit.spec`
			`index 39f640e36..313d803f1 100644`
			`--- a/audit.spec`
			`+++ b/audit.spec`
			`@@ -215,6 +215,7 @@ fi`
			`%attr(755,root,root) %{_bindir}/aulast`
			`%attr(755,root,root) %{_bindir}/aulastlog`
			`%attr(755,root,root) %{_bindir}/ausyscall`
			`+%attr(640,root,root) %{_tmpfilesdir}/audit.conf`
			`%attr(755,root,root) %{_bindir}/auvirt`
			`%attr(644,root,root) %{_unitdir}/auditd.service`
			`%attr(750,root,root) %dir %{_libexecdir}/initscripts/legacy-actions/auditd`
			`diff --git a/init.d/Makefile.am b/init.d/Makefile.am`
			`index 3a73697a6..63fae2ab4 100644`
			`--- a/init.d/Makefile.am`
			`+++ b/init.d/Makefile.am`
			`@@ -23,6 +23,7 @@`

			`CONFIG_CLEAN_FILES = .rej .orig`
			`EXTRA_DIST = auditd.init auditd.service auditd.sysconfig auditd.conf \`
			`+ audit-tmpfiles.conf \`
			`auditd.cron libaudit.conf auditd.condrestart \`
			`auditd.reload auditd.restart auditd.resume \`
			`auditd.rotate auditd.state auditd.stop \`
			`@@ -43,6 +44,8 @@ sbin_SCRIPTS = augenrules`

			`install-data-hook:`
			`$(INSTALL_DATA) -D -m 640 ${srcdir}/${libconfig} ${DESTDIR}${sysconfdir}`
			`+ mkdir -p ${DESTDIR}$(prefix)/lib/tmpfiles.d/`
			`+ $(INSTALL_DATA) -m 640 ${srcdir}/audit-tmpfiles.conf ${DESTDIR}$(prefix)/lib/tmpfiles.d/audit.conf`
			`if ENABLE_SYSTEMD`
			`else`
			`$(INSTALL_DATA) -D -m 640 ${srcdir}/auditd.sysconfig ${DESTDIR}${sysconfigdir}/auditd`
			`@@ -69,6 +72,7 @@ endif`

			`uninstall-hook:`
			`rm ${DESTDIR}${sysconfdir}/${libconfig}`
			`+ rm ${DESTDIR}$(prefix)/lib/tmpfiles.d/audit.conf`
			`if ENABLE_SYSTEMD`
			`rm ${DESTDIR}${initdir}/auditd.service`
			`rm ${DESTDIR}${legacydir}/rotate`
			`diff --git a/init.d/audit-tmpfiles.conf b/init.d/audit-tmpfiles.conf`
			`new file mode 100644`
			`index 000000000..5512a535a`
			`--- /dev/null`
			`+++ b/init.d/audit-tmpfiles.conf`
			`@@ -0,0 +1 @@`
			`+d /var/log/audit 0700 root root - -`