2009-04-03 19:42:16 +00:00
|
|
|
%{!?python_sitearch: %define python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")}
|
2007-07-10 23:22:14 +00:00
|
|
|
|
2006-07-13 20:38:11 +00:00
|
|
|
Summary: User space tools for 2.6 kernel auditing
|
2004-09-09 03:16:50 +00:00
|
|
|
Name: audit
|
2010-11-02 20:53:07 +00:00
|
|
|
Version: 2.0.5
|
2011-01-20 20:15:43 +00:00
|
|
|
Release: 2%{?dist}
|
2007-08-27 20:29:41 +00:00
|
|
|
License: GPLv2+
|
2004-11-15 22:58:29 +00:00
|
|
|
Group: System Environment/Daemons
|
2004-11-19 22:18:07 +00:00
|
|
|
URL: http://people.redhat.com/sgrubb/audit/
|
2008-01-11 20:42:03 +00:00
|
|
|
Source0: http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
|
2007-02-16 22:20:43 +00:00
|
|
|
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
2009-08-18 18:13:00 +00:00
|
|
|
BuildRequires: swig python-devel
|
|
|
|
BuildRequires: tcp_wrappers-devel libcap-ng-devel
|
|
|
|
BuildRequires: kernel-headers >= 2.6.29
|
2010-02-16 22:11:08 +00:00
|
|
|
BuildRequires: autoconf automake libtool
|
2005-01-05 19:13:59 +00:00
|
|
|
Requires: %{name}-libs = %{version}-%{release}
|
2004-11-19 22:18:07 +00:00
|
|
|
Requires: chkconfig
|
2008-01-31 22:07:21 +00:00
|
|
|
Requires(pre): coreutils
|
2004-09-09 03:16:50 +00:00
|
|
|
|
|
|
|
%description
|
|
|
|
The audit package contains the user space utilities for
|
2005-10-19 20:12:04 +00:00
|
|
|
storing and searching the audit records generate by
|
2004-09-09 03:16:50 +00:00
|
|
|
the audit subsystem in the Linux 2.6 kernel.
|
|
|
|
|
2005-01-05 19:13:59 +00:00
|
|
|
%package libs
|
|
|
|
Summary: Dynamic library for libaudit
|
2007-08-27 20:29:41 +00:00
|
|
|
License: LGPLv2+
|
2004-11-19 22:18:07 +00:00
|
|
|
Group: Development/Libraries
|
|
|
|
|
2005-01-05 19:13:59 +00:00
|
|
|
%description libs
|
|
|
|
The audit-libs package contains the dynamic libraries needed for
|
|
|
|
applications to use the audit framework.
|
|
|
|
|
|
|
|
%package libs-devel
|
2010-01-29 18:46:25 +00:00
|
|
|
Summary: Header files for libaudit
|
2007-08-27 20:29:41 +00:00
|
|
|
License: LGPLv2+
|
2005-01-05 19:13:59 +00:00
|
|
|
Group: Development/Libraries
|
2009-12-08 15:44:08 +00:00
|
|
|
Requires: %{name}-libs = %{version}
|
2009-08-18 18:13:00 +00:00
|
|
|
Requires: kernel-headers >= 2.6.29
|
2005-01-05 19:13:59 +00:00
|
|
|
|
|
|
|
%description libs-devel
|
2010-01-29 18:46:25 +00:00
|
|
|
The audit-libs-devel package contains the header files needed for
|
|
|
|
developing applications that need to use the audit framework libraries.
|
|
|
|
|
|
|
|
%package libs-static
|
|
|
|
Summary: Static version of libaudit library
|
|
|
|
License: LGPLv2+
|
|
|
|
Group: Development/Libraries
|
|
|
|
Requires: kernel-headers >= 2.6.29
|
|
|
|
|
|
|
|
%description libs-static
|
|
|
|
The audit-libs-static package contains the static libraries
|
|
|
|
needed for developing applications that need to use static audit
|
|
|
|
framework libraries
|
2004-11-19 22:18:07 +00:00
|
|
|
|
2005-11-30 22:08:32 +00:00
|
|
|
%package libs-python
|
|
|
|
Summary: Python bindings for libaudit
|
2007-08-27 20:29:41 +00:00
|
|
|
License: LGPLv2+
|
2005-11-30 22:08:32 +00:00
|
|
|
Group: Development/Libraries
|
|
|
|
Requires: %{name}-libs = %{version}-%{release}
|
|
|
|
|
|
|
|
%description libs-python
|
|
|
|
The audit-libs-python package contains the bindings so that libaudit
|
2007-02-21 00:11:20 +00:00
|
|
|
and libauparse can be used by python.
|
2005-11-30 22:08:32 +00:00
|
|
|
|
2007-12-27 21:50:31 +00:00
|
|
|
%package -n audispd-plugins
|
|
|
|
Summary: Plugins for the audit event dispatcher
|
|
|
|
License: GPLv2+
|
|
|
|
Group: System Environment/Daemons
|
|
|
|
BuildRequires: openldap-devel
|
2008-01-19 20:59:34 +00:00
|
|
|
BuildRequires: libprelude-devel >= 0.9.16
|
2007-12-27 21:50:31 +00:00
|
|
|
Requires: %{name} = %{version}-%{release}
|
|
|
|
Requires: %{name}-libs = %{version}-%{release}
|
|
|
|
Requires: openldap
|
|
|
|
|
|
|
|
%description -n audispd-plugins
|
|
|
|
The audispd-plugins package provides plugins for the real-time
|
|
|
|
interface to the audit system, audispd. These plugins can do things
|
|
|
|
like relay events to remote machines or analyze events for suspicious
|
|
|
|
behavior.
|
|
|
|
|
2004-09-09 03:16:50 +00:00
|
|
|
%prep
|
|
|
|
%setup -q
|
2007-08-28 23:38:25 +00:00
|
|
|
|
2004-09-09 03:16:50 +00:00
|
|
|
%build
|
2010-02-16 22:11:08 +00:00
|
|
|
autoreconf -v --install
|
2009-08-18 18:13:00 +00:00
|
|
|
%configure --sbindir=/sbin --libdir=/%{_lib} --with-prelude --with-libwrap --enable-gssapi-krb5=no --with-libcap-ng=yes
|
2008-04-08 17:11:19 +00:00
|
|
|
make %{?_smp_mflags}
|
2004-09-09 03:16:50 +00:00
|
|
|
|
|
|
|
%install
|
|
|
|
rm -rf $RPM_BUILD_ROOT
|
2007-04-05 22:44:18 +00:00
|
|
|
mkdir -p $RPM_BUILD_ROOT/{sbin,etc/{sysconfig,audispd/plugins.d,rc.d/init.d}}
|
2007-12-27 21:50:31 +00:00
|
|
|
mkdir -p $RPM_BUILD_ROOT/%{_mandir}/{man5,man8}
|
2005-03-14 21:08:53 +00:00
|
|
|
mkdir -p $RPM_BUILD_ROOT/%{_lib}
|
2006-07-27 20:56:59 +00:00
|
|
|
mkdir -p $RPM_BUILD_ROOT/%{_libdir}/audit
|
2005-04-01 19:10:36 +00:00
|
|
|
mkdir -p $RPM_BUILD_ROOT/%{_var}/log/audit
|
2009-08-19 19:06:41 +00:00
|
|
|
make DESTDIR=$RPM_BUILD_ROOT install
|
2004-09-09 03:16:50 +00:00
|
|
|
|
2004-11-19 22:18:07 +00:00
|
|
|
mkdir -p $RPM_BUILD_ROOT/%{_libdir}
|
2004-12-13 19:27:06 +00:00
|
|
|
# This winds up in the wrong place when libtool is involved
|
2005-02-20 20:43:49 +00:00
|
|
|
mv $RPM_BUILD_ROOT/%{_lib}/libaudit.a $RPM_BUILD_ROOT%{_libdir}
|
2007-02-04 22:11:48 +00:00
|
|
|
mv $RPM_BUILD_ROOT/%{_lib}/libauparse.a $RPM_BUILD_ROOT%{_libdir}
|
2005-03-03 22:48:44 +00:00
|
|
|
curdir=`pwd`
|
|
|
|
cd $RPM_BUILD_ROOT/%{_libdir}
|
2009-08-19 18:51:56 +00:00
|
|
|
LIBNAME=`basename \`ls $RPM_BUILD_ROOT/%{_lib}/libaudit.so.1.*.*\``
|
2005-07-18 14:56:29 +00:00
|
|
|
ln -s ../../%{_lib}/$LIBNAME libaudit.so
|
2009-08-19 18:51:56 +00:00
|
|
|
LIBNAME=`basename \`ls $RPM_BUILD_ROOT/%{_lib}/libauparse.so.0.*.*\``
|
2007-02-04 22:11:48 +00:00
|
|
|
ln -s ../../%{_lib}/$LIBNAME libauparse.so
|
2005-03-03 22:48:44 +00:00
|
|
|
cd $curdir
|
2005-06-23 21:40:32 +00:00
|
|
|
# Remove these items so they don't get picked up.
|
|
|
|
rm -f $RPM_BUILD_ROOT/%{_lib}/libaudit.so
|
2007-02-04 22:11:48 +00:00
|
|
|
rm -f $RPM_BUILD_ROOT/%{_lib}/libauparse.so
|
2005-06-23 21:40:32 +00:00
|
|
|
rm -f $RPM_BUILD_ROOT/%{_lib}/libaudit.la
|
2007-02-04 22:11:48 +00:00
|
|
|
rm -f $RPM_BUILD_ROOT/%{_lib}/libauparse.la
|
2006-12-06 23:05:00 +00:00
|
|
|
rm -f $RPM_BUILD_ROOT/%{_libdir}/python?.?/site-packages/_audit.a
|
|
|
|
rm -f $RPM_BUILD_ROOT/%{_libdir}/python?.?/site-packages/_audit.la
|
2007-02-04 22:11:48 +00:00
|
|
|
rm -f $RPM_BUILD_ROOT/%{_libdir}/python?.?/site-packages/_auparse.a
|
|
|
|
rm -f $RPM_BUILD_ROOT/%{_libdir}/python?.?/site-packages/_auparse.la
|
2008-08-25 21:24:14 +00:00
|
|
|
rm -f $RPM_BUILD_ROOT/%{_libdir}/python?.?/site-packages/auparse.a
|
|
|
|
rm -f $RPM_BUILD_ROOT/%{_libdir}/python?.?/site-packages/auparse.la
|
2005-03-03 22:48:44 +00:00
|
|
|
|
2006-12-01 16:34:07 +00:00
|
|
|
# On platforms with 32 & 64 bit libs, we need to coordinate the timestamp
|
|
|
|
touch -r ./audit.spec $RPM_BUILD_ROOT/etc/libaudit.conf
|
2009-10-16 17:09:20 +00:00
|
|
|
touch -r ./audit.spec $RPM_BUILD_ROOT/usr/share/man/man5/libaudit.conf.5.gz
|
2006-12-01 16:34:07 +00:00
|
|
|
|
2008-09-17 20:49:00 +00:00
|
|
|
%ifnarch ppc ppc64
|
2008-09-17 20:12:32 +00:00
|
|
|
%check
|
|
|
|
make check
|
2008-09-17 20:49:00 +00:00
|
|
|
%endif
|
2007-09-25 15:56:34 +00:00
|
|
|
|
2004-09-09 03:16:50 +00:00
|
|
|
%clean
|
|
|
|
rm -rf $RPM_BUILD_ROOT
|
|
|
|
|
2005-04-20 21:33:07 +00:00
|
|
|
%post libs -p /sbin/ldconfig
|
2005-01-05 19:13:59 +00:00
|
|
|
|
2004-11-19 22:18:07 +00:00
|
|
|
%post
|
2005-07-12 14:21:29 +00:00
|
|
|
/sbin/chkconfig --add auditd
|
2004-11-19 22:18:07 +00:00
|
|
|
|
|
|
|
%preun
|
2005-07-14 13:27:33 +00:00
|
|
|
if [ $1 -eq 0 ]; then
|
2004-11-19 22:18:07 +00:00
|
|
|
/sbin/service auditd stop > /dev/null 2>&1
|
|
|
|
/sbin/chkconfig --del auditd
|
|
|
|
fi
|
|
|
|
|
2008-01-19 20:59:34 +00:00
|
|
|
%postun libs -p /sbin/ldconfig
|
2005-01-05 19:13:59 +00:00
|
|
|
|
2004-11-19 22:18:07 +00:00
|
|
|
%postun
|
|
|
|
if [ $1 -ge 1 ]; then
|
2005-08-22 21:40:25 +00:00
|
|
|
/sbin/service auditd condrestart > /dev/null 2>&1 || :
|
2004-11-19 22:18:07 +00:00
|
|
|
fi
|
|
|
|
|
2005-01-05 19:13:59 +00:00
|
|
|
%files libs
|
2009-08-18 18:13:00 +00:00
|
|
|
%defattr(-,root,root,-)
|
2009-08-19 18:51:56 +00:00
|
|
|
%attr(755,root,root) /%{_lib}/libaudit.so.1*
|
2007-02-04 22:11:48 +00:00
|
|
|
%attr(755,root,root) /%{_lib}/libauparse.*
|
2006-06-30 20:30:02 +00:00
|
|
|
%config(noreplace) %attr(640,root,root) /etc/libaudit.conf
|
2009-10-16 17:14:38 +00:00
|
|
|
%{_mandir}/man5/libaudit.conf.5.gz
|
2005-01-05 19:13:59 +00:00
|
|
|
|
|
|
|
%files libs-devel
|
2009-08-18 18:13:00 +00:00
|
|
|
%defattr(-,root,root,-)
|
2007-09-02 16:49:22 +00:00
|
|
|
%doc contrib/skeleton.c contrib/plugin
|
2005-03-03 22:48:44 +00:00
|
|
|
%{_libdir}/libaudit.so
|
2007-02-04 22:11:48 +00:00
|
|
|
%{_libdir}/libauparse.so
|
2004-11-19 22:18:07 +00:00
|
|
|
%{_includedir}/libaudit.h
|
2007-02-04 22:11:48 +00:00
|
|
|
%{_includedir}/auparse.h
|
|
|
|
%{_includedir}/auparse-defs.h
|
2004-12-03 20:58:39 +00:00
|
|
|
%{_mandir}/man3/*
|
2004-11-19 22:18:07 +00:00
|
|
|
|
2010-01-29 18:46:25 +00:00
|
|
|
%files libs-static
|
|
|
|
%defattr(-,root,root,-)
|
|
|
|
%{_libdir}/libaudit.a
|
|
|
|
%{_libdir}/libauparse.a
|
|
|
|
|
2005-11-30 22:08:32 +00:00
|
|
|
%files libs-python
|
2009-08-18 18:13:00 +00:00
|
|
|
%defattr(-,root,root,-)
|
2009-04-03 19:42:16 +00:00
|
|
|
%attr(755,root,root) %{python_sitearch}/_audit.so
|
|
|
|
%attr(755,root,root) %{python_sitearch}/auparse.so
|
|
|
|
%{python_sitearch}/audit.py*
|
2007-03-02 22:26:36 +00:00
|
|
|
|
2004-09-09 03:16:50 +00:00
|
|
|
%files
|
|
|
|
%defattr(-,root,root,-)
|
2008-04-08 17:28:30 +00:00
|
|
|
%doc README COPYING ChangeLog contrib/capp.rules contrib/nispom.rules contrib/lspp.rules contrib/stig.rules init.d/auditd.cron
|
2007-12-27 21:50:31 +00:00
|
|
|
%attr(644,root,root) %{_mandir}/man8/audispd.8.gz
|
|
|
|
%attr(644,root,root) %{_mandir}/man8/auditctl.8.gz
|
|
|
|
%attr(644,root,root) %{_mandir}/man8/auditd.8.gz
|
|
|
|
%attr(644,root,root) %{_mandir}/man8/aureport.8.gz
|
|
|
|
%attr(644,root,root) %{_mandir}/man8/ausearch.8.gz
|
|
|
|
%attr(644,root,root) %{_mandir}/man8/autrace.8.gz
|
2008-11-05 20:54:11 +00:00
|
|
|
%attr(644,root,root) %{_mandir}/man8/aulast.8.gz
|
2008-01-07 20:11:15 +00:00
|
|
|
%attr(644,root,root) %{_mandir}/man8/aulastlog.8.gz
|
2008-04-18 20:18:30 +00:00
|
|
|
%attr(644,root,root) %{_mandir}/man8/ausyscall.8.gz
|
2009-09-28 19:55:04 +00:00
|
|
|
%attr(644,root,root) %{_mandir}/man7/audit.rules.7.gz
|
2007-12-27 21:50:31 +00:00
|
|
|
%attr(644,root,root) %{_mandir}/man5/auditd.conf.5.gz
|
|
|
|
%attr(644,root,root) %{_mandir}/man5/audispd.conf.5.gz
|
2008-07-04 00:55:30 +00:00
|
|
|
%attr(644,root,root) %{_mandir}/man5/ausearch-expression.5.gz
|
2005-10-19 20:12:04 +00:00
|
|
|
%attr(750,root,root) /sbin/auditctl
|
|
|
|
%attr(750,root,root) /sbin/auditd
|
2006-12-22 16:42:02 +00:00
|
|
|
%attr(755,root,root) /sbin/ausearch
|
|
|
|
%attr(755,root,root) /sbin/aureport
|
2005-04-20 21:33:07 +00:00
|
|
|
%attr(750,root,root) /sbin/autrace
|
2007-05-01 21:43:06 +00:00
|
|
|
%attr(750,root,root) /sbin/audispd
|
2009-09-28 19:55:04 +00:00
|
|
|
%attr(755,root,root) %{_bindir}/aulast
|
|
|
|
%attr(755,root,root) %{_bindir}/aulastlog
|
2008-04-18 20:18:30 +00:00
|
|
|
%attr(755,root,root) %{_bindir}/ausyscall
|
2004-11-15 22:58:29 +00:00
|
|
|
%attr(755,root,root) /etc/rc.d/init.d/auditd
|
2005-04-01 19:10:36 +00:00
|
|
|
%attr(750,root,root) %{_var}/log/audit
|
2006-05-12 21:09:26 +00:00
|
|
|
%attr(750,root,root) %dir /etc/audit
|
2007-08-28 18:34:17 +00:00
|
|
|
%attr(750,root,root) %dir /etc/audisp
|
|
|
|
%attr(750,root,root) %dir /etc/audisp/plugins.d
|
2006-07-27 20:56:59 +00:00
|
|
|
%attr(750,root,root) %dir %{_libdir}/audit
|
2006-05-12 21:04:25 +00:00
|
|
|
%config(noreplace) %attr(640,root,root) /etc/audit/auditd.conf
|
|
|
|
%config(noreplace) %attr(640,root,root) /etc/audit/audit.rules
|
2004-11-15 22:58:29 +00:00
|
|
|
%config(noreplace) %attr(640,root,root) /etc/sysconfig/auditd
|
2007-08-27 20:29:41 +00:00
|
|
|
%config(noreplace) %attr(640,root,root) /etc/audisp/audispd.conf
|
2008-01-19 20:59:34 +00:00
|
|
|
%config(noreplace) %attr(640,root,root) /etc/audisp/plugins.d/af_unix.conf
|
2009-01-24 15:03:04 +00:00
|
|
|
%config(noreplace) %attr(640,root,root) /etc/audisp/plugins.d/syslog.conf
|
2007-12-27 21:50:31 +00:00
|
|
|
|
|
|
|
%files -n audispd-plugins
|
|
|
|
%defattr(-,root,root,-)
|
|
|
|
%attr(644,root,root) %{_mandir}/man8/audispd-zos-remote.8.gz
|
|
|
|
%attr(644,root,root) %{_mandir}/man5/zos-remote.conf.5.gz
|
|
|
|
%config(noreplace) %attr(640,root,root) /etc/audisp/plugins.d/audispd-zos-remote.conf
|
|
|
|
%config(noreplace) %attr(640,root,root) /etc/audisp/zos-remote.conf
|
|
|
|
%attr(750,root,root) /sbin/audispd-zos-remote
|
2008-01-19 20:59:34 +00:00
|
|
|
%config(noreplace) %attr(640,root,root) /etc/audisp/plugins.d/au-prelude.conf
|
2008-03-09 23:29:28 +00:00
|
|
|
%config(noreplace) %attr(640,root,root) /etc/audisp/audisp-prelude.conf
|
2008-01-19 20:59:34 +00:00
|
|
|
%attr(750,root,root) /sbin/audisp-prelude
|
2008-03-09 23:29:28 +00:00
|
|
|
%attr(644,root,root) %{_mandir}/man5/audisp-prelude.conf.5.gz
|
2008-01-19 20:59:34 +00:00
|
|
|
%attr(644,root,root) %{_mandir}/man8/audisp-prelude.8.gz
|
2008-03-30 19:17:17 +00:00
|
|
|
%config(noreplace) %attr(640,root,root) /etc/audisp/audisp-remote.conf
|
|
|
|
%config(noreplace) %attr(640,root,root) /etc/audisp/plugins.d/au-remote.conf
|
|
|
|
%attr(750,root,root) /sbin/audisp-remote
|
|
|
|
%attr(644,root,root) %{_mandir}/man5/audisp-remote.conf.5.gz
|
|
|
|
%attr(644,root,root) %{_mandir}/man8/audisp-remote.8.gz
|
2004-09-09 03:16:50 +00:00
|
|
|
|
|
|
|
%changelog
|
2011-01-20 20:15:43 +00:00
|
|
|
* Thu Jan 20 2011 Karsten Hopp <karsten@redhat.com> 2.0.5-2
|
|
|
|
- bump and rebuild as 2.0.5-1 was erroneously linked with python-2.6 on ppc
|
|
|
|
|
2010-11-02 20:53:07 +00:00
|
|
|
* Tue Nov 02 2010 Steve Grubb <sgrubb@redhat.com> 2.0.5-1
|
|
|
|
- New upstream release
|
|
|
|
|
2010-07-22 00:39:06 +00:00
|
|
|
* Wed Jul 21 2010 David Malcolm <dmalcolm@redhat.com> - 2.0.4-4
|
|
|
|
- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild
|
|
|
|
|
2010-02-16 21:50:10 +00:00
|
|
|
* Tue Feb 16 2010 Adam Jackson <ajax@redhat.com> 2.0.4-3
|
|
|
|
- audit-2.0.4-add-needed.patch: Fix FTBFS for --no-add-needed
|
|
|
|
|
2010-01-29 18:46:25 +00:00
|
|
|
* Fri Jan 29 2010 Steve Grubb <sgrubb@redhat.com> 2.0.4-2
|
|
|
|
- Split out static libs (#556039)
|
|
|
|
|
2009-12-08 15:44:08 +00:00
|
|
|
* Tue Dec 08 2009 Steve Grubb <sgrubb@redhat.com> 2.0.4-1
|
|
|
|
- New upstream release
|
|
|
|
|
2009-10-17 19:29:28 +00:00
|
|
|
* Sat Oct 17 2009 Steve Grubb <sgrubb@redhat.com> 2.0.3-1
|
|
|
|
- New upstream release
|
|
|
|
|
2009-10-16 17:09:20 +00:00
|
|
|
* Fri Oct 16 2009 Steve Grubb <sgrubb@redhat.com> 2.0.2-1
|
|
|
|
- New upstream release
|
|
|
|
|
2009-09-28 19:55:04 +00:00
|
|
|
* Mon Sep 28 2009 Steve Grubb <sgrubb@redhat.com> 2.0.1-1
|
|
|
|
- New upstream release
|
|
|
|
|
2009-08-21 14:57:14 +00:00
|
|
|
* Fri Aug 21 2009 Steve Grubb <sgrubb@redhat.com> 2.0-3
|
2009-08-18 18:13:00 +00:00
|
|
|
- New upstream release
|
|
|
|
|
2009-07-29 23:52:26 +00:00
|
|
|
* Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.7.13-2
|
2009-07-24 17:33:31 +00:00
|
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
|
|
|
|
|
2009-04-21 19:02:44 +00:00
|
|
|
* Tue Apr 21 2009 Steve Grubb <sgrubb@redhat.com> 1.7.13-1
|
|
|
|
- New upstream release
|
|
|
|
- Fix problem with negative uids in audit rules on 32 bit systems
|
|
|
|
- Update tty keystroke interpretations (Miloslav Trmač)
|
|
|
|
|
2009-04-03 19:42:16 +00:00
|
|
|
* Fri Apr 03 2009 Steve Grubb <sgrubb@redhat.com> 1.7.12-4
|
|
|
|
- Drop some debug code in libev
|
|
|
|
|
2009-03-17 18:30:16 +00:00
|
|
|
* Tue Mar 17 2009 Steve Grubb <sgrubb@redhat.com> 1.7.12-3
|
|
|
|
- Apply patch from dwalsh moving audit.py file to arch specific python dir
|
|
|
|
|
2009-02-26 21:44:35 +00:00
|
|
|
* Thu Feb 25 2009 Steve Grubb <sgrubb@redhat.com> 1.7.12-2
|
|
|
|
- Handle audit=0 boot option for 2.6.29 kernel (#487541)
|
|
|
|
|
2009-02-24 21:36:08 +00:00
|
|
|
* Tue Feb 24 2009 Steve Grubb <sgrubb@redhat.com> 1.7.12-1
|
|
|
|
- New upstream release
|
|
|
|
|
2009-02-24 03:11:20 +00:00
|
|
|
* Mon Feb 23 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.7.11-2.1
|
|
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
|
|
|
|
|
2009-01-13 21:51:42 +00:00
|
|
|
* Tue Jan 13 2009 Steve Grubb <sgrubb@redhat.com> 1.7.11-2
|
|
|
|
- Add crypto event definitions
|
|
|
|
|
2009-01-10 21:10:21 +00:00
|
|
|
* Sat Jan 10 2009 Steve Grubb <sgrubb@redhat.com> 1.7.11-1
|
|
|
|
- New upstream release
|
|
|
|
|
2008-12-17 15:06:51 +00:00
|
|
|
* Wed Dec 17 2008 Steve Grubb <sgrubb@redhat.com> 1.7.10-2
|
|
|
|
- Fix bz 476798 - "auditd -n" does not work
|
|
|
|
|
2008-12-13 13:52:26 +00:00
|
|
|
* Sat Dec 13 2008 Steve Grubb <sgrubb@redhat.com> 1.7.10-1
|
|
|
|
- New upstream release
|
|
|
|
|
2008-11-29 16:36:38 +00:00
|
|
|
* Sat Nov 29 2008 Ignacio Vazquez-Abrams <ivazqueznet+rpm@gmail.com> - 1.7.9-1.1
|
|
|
|
- Rebuild for Python 2.6
|
|
|
|
|
2008-11-05 20:54:11 +00:00
|
|
|
* Wed Nov 05 2008 Steve Grubb <sgrubb@redhat.com> 1.7.9-1
|
|
|
|
- New upstream release
|
|
|
|
|
2008-10-28 14:35:27 +00:00
|
|
|
* Tue Oct 28 2008 Steve Grubb <sgrubb@redhat.com> 1.7.8-6
|
|
|
|
- Update specfile requires to include dist
|
|
|
|
|
2008-10-27 17:41:01 +00:00
|
|
|
* Mon Oct 27 2008 Steve Grubb <sgrubb@redhat.com> 1.7.8-5
|
|
|
|
- Fix ausearch/report recent and now time keyword lookups (#468668)
|
|
|
|
|
2008-10-25 13:08:31 +00:00
|
|
|
* Sat Oct 25 2008 Steve Grubb <sgrubb@redhat.com> 1.7.8-4
|
|
|
|
- If kernel is in immutable mode, auditd should not send enable command
|
|
|
|
|
|
|
|
* Fri Oct 24 2008 Steve Grubb <sgrubb@redhat.com> 1.7.8-3
|
2008-10-24 19:29:23 +00:00
|
|
|
- Fix ausearch interpretting i386 syscalls on x86_64 machine
|
|
|
|
|
2008-10-23 20:07:02 +00:00
|
|
|
* Thu Oct 23 2008 Steve Grubb <sgrubb@redhat.com> 1.7.8-2
|
|
|
|
- Fix segfault when using file input to aureport
|
|
|
|
- Quieten down messages about missing gssapi support
|
|
|
|
|
2008-10-22 18:21:46 +00:00
|
|
|
* Wed Oct 22 2008 Steve Grubb <sgrubb@redhat.com> 1.7.8-1
|
|
|
|
- Disable GSSAPI support until its reworked as plugin
|
|
|
|
- Interpret TTY audit data in auparse (Miloslav Trmač)
|
|
|
|
- Extract terminal from USER_AVC events for ausearch/report (Peng Haitao)
|
|
|
|
- Add USER_AVCs to aureport's avc reporting (Peng Haitao)
|
|
|
|
- Short circuit hostname resolution in libaudit if host is empty
|
|
|
|
- If log_group and user are not root, don't check dispatcher perms
|
|
|
|
- Fix a bug when executing "ausearch -te today PM"
|
|
|
|
- Add --exit search option to ausearch
|
|
|
|
- Fix parsing config file when kerberos is disabled
|
|
|
|
|
2008-10-16 19:54:50 +00:00
|
|
|
* Thu Oct 16 2008 Steve Grubb <sgrubb@redhat.com> 1.7.7-2
|
|
|
|
- Remove selinux policy for zos-remote
|
|
|
|
|
2008-09-17 20:12:32 +00:00
|
|
|
* Wed Sep 17 2008 Steve Grubb <sgrubb@redhat.com> 1.7.7-1
|
|
|
|
- Bug fixes for GSSAPI code in remote logging (DJ Delorie)
|
|
|
|
- Add watched syscall support to audisp-prelude
|
|
|
|
- Enable tcp_wrappers support in auditd
|
|
|
|
|
2008-09-11 22:51:16 +00:00
|
|
|
* Wed Sep 11 2008 Steve Grubb <sgrubb@redhat.com> 1.7.6-1
|
|
|
|
- Add subject to audit daemon events (Chu Li)
|
|
|
|
- Add tcp_wrappers support for auditd
|
|
|
|
- Updated syscall tables for 2.6.27 kernel
|
|
|
|
- Audit connect/disconnect of remote clients
|
|
|
|
- Add GSS/Kerberos encryption to the remote protocol (DJ Delorie)
|
|
|
|
|
2008-08-25 20:05:09 +00:00
|
|
|
* Mon Aug 25 2008 Steve Grubb <sgrubb@redhat.com> 1.7.5-1
|
|
|
|
- Update system-config-audit to 0.4.8
|
|
|
|
- Whole lot of bug fixes - see ChangeLog for details
|
|
|
|
- Reimplement auditd main loop using libev
|
|
|
|
- Add TCP listener to auditd to receive remote events
|
|
|
|
- Fix scheduler problem (#457061)
|
|
|
|
|
2008-07-04 00:55:30 +00:00
|
|
|
* Thu Jul 03 2008 Steve Grubb <sgrubb@redhat.com> 1.7.4-2
|
|
|
|
- Move ausearch-expression to main package (#453437)
|
|
|
|
|
2008-05-19 18:02:47 +00:00
|
|
|
* Mon May 19 2008 Steve Grubb <sgrubb@redhat.com> 1.7.4-1
|
|
|
|
- Fix interpreting of keys in syscall records
|
|
|
|
- Don't error on name=(null) PATH records in ausearch/report
|
|
|
|
- Add key report to aureport
|
|
|
|
- Update system-config-audit to 0.4.7 (Miloslav Trmac)
|
|
|
|
- Add support for the filetype field option in auditctl new to 2.6.26 kernels
|
|
|
|
|
2008-05-09 18:37:00 +00:00
|
|
|
* Fri May 09 2008 Steve Grubb <sgrubb@redhat.com> 1.7.3-1
|
|
|
|
- Fix output of keys in ausearch interpretted mode
|
|
|
|
- Fix ausearch/report --start now to not be reset to midnight
|
|
|
|
- audispd now has a priority boost config option
|
|
|
|
- Look for laddr in avcs reported via prelude
|
|
|
|
- Detect page 0 mmaps and alert via prelude
|
|
|
|
|
2008-04-18 19:47:43 +00:00
|
|
|
* Fri Apr 18 2008 Steve Grubb <sgrubb@redhat.com> 1.7.2-6
|
2008-04-17 21:14:24 +00:00
|
|
|
- Fix overflow in audit_log_user_command, better (#438840)
|
|
|
|
- ausearch was not matching path in avc records
|
|
|
|
- audisp-prelude attempt to reposition index after examining each type
|
|
|
|
- correct building of mls policy
|
2008-04-18 19:47:43 +00:00
|
|
|
- Fix auparse iterating in auparse_find_field and next_field
|
|
|
|
- Don't alert on USER_AVC's - they are not quite right
|
2008-04-17 21:14:24 +00:00
|
|
|
|
2008-04-08 17:10:03 +00:00
|
|
|
* Tue Apr 08 2008 Steve Grubb <sgrubb@redhat.com> 1.7.1-1
|
|
|
|
- Fix buffer overflow in audit_log_user_command, again (#438840)
|
|
|
|
- Fix memory leak in EOE code in auditd (#440075)
|
|
|
|
- In auditctl, don't use new operators in legacy rule format
|
|
|
|
- Made a couple corrections in alpha & x86_64 syscall tables (Miloslav Trmac)
|
|
|
|
|
2008-04-05 01:38:01 +00:00
|
|
|
* Fri Apr 04 2008 Steve Grubb <sgrubb@redhat.com> 1.7-3
|
|
|
|
- Fix memleak in auditd eoe code
|
|
|
|
|
2008-04-01 16:33:34 +00:00
|
|
|
* Tue Apr 01 2008 Steve Grubb <sgrubb@redhat.com> 1.7-2
|
|
|
|
- Remove LSB headers from init scripts
|
|
|
|
- Fix buffer overflow in audit_log_user_command again
|
|
|
|
|
2008-03-30 19:17:17 +00:00
|
|
|
* Sun Mar 30 2008 Steve Grubb <sgrubb@redhat.com> 1.7-1
|
|
|
|
- Handle user space avcs in prelude plugin
|
|
|
|
- Fix watched account login detection for some failed login attempts
|
|
|
|
- Couple fixups in audit logging functions (Miloslav Trmac)
|
|
|
|
- Add support in auditctl for virtual keys
|
|
|
|
- auparse_find_field_next was not iterating correctly, fixed it
|
|
|
|
- Add idmef alerts for access or execution of watched file
|
|
|
|
- Fix buffer overflow in audit_log_user_command
|
|
|
|
- Add basic remote logging plugin - only sends & no flow control
|
|
|
|
- Update ausearch with interpret fixes from auparse
|