Auditd is stopping during upgrade (bz 2259610)
This commit is contained in:
Steve Grubb
parent
6bfe2081f1
commit
12a69cde63
45
audit-4.0-attributes.patch
Normal file
45
audit-4.0-attributes.patch
Normal file
@ -0,0 +1,45 @@
|
||||
From 0db6e0960a5c55b468f21f9841bbc7e67832b66a Mon Sep 17 00:00:00 2001
|
||||
From: Steve Grubb <ausearch.1@gmail.com>
|
||||
Date: Wed, 17 Jan 2024 12:07:25 -0500
|
||||
Subject: [PATCH] Update function attributes
|
||||
|
||||
---
|
||||
auparse/auparse.h | 2 +-
|
||||
lib/libaudit.h | 10 +++++-----
|
||||
2 files changed, 6 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/auparse/auparse.h b/auparse/auparse.h
|
||||
index c27f1ff96..0b3f68c35 100644
|
||||
--- a/auparse/auparse.h
|
||||
+++ b/auparse/auparse.h
|
||||
@@ -68,7 +68,7 @@ void auparse_add_callback(auparse_state_t *au, auparse_callback_ptr callback,
|
||||
void *user_data, user_destroy user_destroy_func);
|
||||
void auparse_set_escape_mode(auparse_state_t *au, auparse_esc_t mode);
|
||||
int auparse_reset(auparse_state_t *au);
|
||||
-char *auparse_metrics(const auparse_state_t *au);
|
||||
+char *auparse_metrics(const auparse_state_t *au) __attr_dealloc_free;
|
||||
|
||||
/* Functions that are part of the search interface */
|
||||
int ausearch_add_expression(auparse_state_t *au, const char *expression,
|
||||
diff --git a/lib/libaudit.h b/lib/libaudit.h
|
||||
index 34b337a7c..15ea2e6f4 100644
|
||||
--- a/lib/libaudit.h
|
||||
+++ b/lib/libaudit.h
|
||||
@@ -248,12 +248,12 @@ int audit_set_enabled(int fd, uint32_t enabled) __wur;
|
||||
int audit_set_failure(int fd, uint32_t failure) __wur;
|
||||
int audit_set_rate_limit(int fd, uint32_t limit);
|
||||
int audit_set_backlog_limit(int fd, uint32_t limit);
|
||||
-int audit_set_backlog_wait_time(int fd, uint32_t bwt);
|
||||
-int audit_reset_lost(int fd);
|
||||
-int audit_reset_backlog_wait_time_actual(int fd);
|
||||
+int audit_set_backlog_wait_time(int fd, uint32_t bwt);
|
||||
+int audit_reset_lost(int fd);
|
||||
+int audit_reset_backlog_wait_time_actual(int fd);
|
||||
int audit_set_feature(int fd, unsigned feature, unsigned value,
|
||||
- unsigned lock);
|
||||
-int audit_set_loginuid_immutable(int fd);
|
||||
+ unsigned lock) __wur;
|
||||
+int audit_set_loginuid_immutable(int fd) __wur;
|
||||
|
||||
/* AUDIT_LIST_RULES */
|
||||
int audit_request_rules_list_data(int fd);
|
||||
37
audit.spec
37
audit.spec
@ -2,12 +2,12 @@
|
||||
Summary: User space tools for kernel auditing
|
||||
Name: audit
|
||||
Version: 4.0
|
||||
Release: 3%{?dist}
|
||||
Release: 4%{?dist}
|
||||
License: GPL-2.0-or-later AND LGPL-2.0-or-later
|
||||
URL: http://people.redhat.com/sgrubb/audit/
|
||||
Source0: http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
|
||||
Source1: https://www.gnu.org/licenses/lgpl-2.1.txt
|
||||
|
||||
Patch1: audit-4.0-attributes.patch
|
||||
BuildRequires: make gcc
|
||||
BuildRequires: kernel-headers >= 5.0
|
||||
BuildRequires: systemd
|
||||
@ -96,6 +96,7 @@ The audit rules package contains the rules and utilities to load audit rules.
|
||||
|
||||
%prep
|
||||
%setup -q
|
||||
%patch 1 -p1
|
||||
cp %{SOURCE1} .
|
||||
|
||||
# Remove the ids code, its not ready
|
||||
@ -137,8 +138,20 @@ rm -f rules/Makefile*
|
||||
|
||||
%post
|
||||
%systemd_post auditd.service
|
||||
# If an upgrade, restart it if it's running
|
||||
if [ $1 -eq 2 ]; then
|
||||
state=$(systemctl status auditd | awk '/Active:/ { print $2 }')
|
||||
if [ $state = "active" ] ; then
|
||||
auditctl --signal stop || true
|
||||
systemctl start auditd
|
||||
fi
|
||||
# if an install, start it since preset says we should be running
|
||||
elif [ $1 -eq 1 ]; then
|
||||
systemctl start auditd
|
||||
fi
|
||||
|
||||
%post rules
|
||||
%systemd_post audit-rules.service
|
||||
# Copy default rules into place on new installation
|
||||
files=`ls /etc/audit/rules.d/ 2>/dev/null | wc -w`
|
||||
if [ "$files" -eq 0 ] ; then
|
||||
@ -154,31 +167,26 @@ if [ "$files" -eq 0 ] ; then
|
||||
else
|
||||
touch /etc/audit/rules.d/audit.rules
|
||||
fi
|
||||
# Fix up permissions
|
||||
chmod 0600 /etc/audit/rules.d/audit.rules
|
||||
# Make the new rules active
|
||||
augenrules --load
|
||||
fi
|
||||
%systemd_post audit-rules.service
|
||||
|
||||
%preun
|
||||
%systemd_preun auditd.service
|
||||
# If uninstalling, stop it
|
||||
if [ $1 -eq 0 ]; then
|
||||
auditctl --signal stop
|
||||
auditctl --signal stop || true
|
||||
fi
|
||||
|
||||
%preun rules
|
||||
%systemd_preun audit-rules.service
|
||||
# If uninstalling, delete the rules loaded in the kernel
|
||||
if [ $1 -eq 0 ]; then
|
||||
auditctl -D > /dev/null 2>&1
|
||||
fi
|
||||
|
||||
%postun
|
||||
if [ $1 -ge 1 ]; then
|
||||
state=$(systemctl status auditd | awk '/Active:/ { print $2 }')
|
||||
if [ $state = "active" ] ; then
|
||||
auditctl --signal stop
|
||||
systemctl start auditd
|
||||
fi
|
||||
fi
|
||||
|
||||
%files libs
|
||||
%{!?_licensedir:%global license %%doc}
|
||||
%license lgpl-2.1.txt
|
||||
@ -278,6 +286,9 @@ fi
|
||||
%attr(750,root,root) %{_sbindir}/audispd-zos-remote
|
||||
|
||||
%changelog
|
||||
* Wed Jan 24 2024 Steve Grubb <sgrubb@redhat.com> 4.0-4
|
||||
- Auditd is stopping during upgrade (bz 2259610)
|
||||
|
||||
* Mon Jan 22 2024 Fedora Release Engineering <releng@fedoraproject.org> - 4.0-3
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user