rpms/audit
6
0
Fork 0
Code Issues Pull Requests Releases Activity

import audit-3.0.7-101.el9_0.1

Browse Source
This commit is contained in:
CentOS Sources 2022-04-05 06:59:58 -04:00 committed by Stepan Oksanichenko
parent 69e6562299
commit 20efc1092d
3 changed files with 124 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

77
SOURCES/audit-3.0.7-gcc-flags.patch Normal file
View File

@ -0,0 +1,77 @@
From 36beaefbb4ecb0a222ac68ec9f17f854a82f7235 Mon Sep 17 00:00:00 2001
From: Steve Grubb <sgrubb@redhat.com>
Date: Mon, 14 Feb 2022 15:30:09 -0500
Subject: [PATCH] Adjust compile flags
---
audisp/plugins/remote/Makefile.am | 2 +-
auparse/Makefile.am | 2 +-
configure.ac | 15 +++++++++++++++
src/Makefile.am | 2 +-
4 files changed, 18 insertions(+), 3 deletions(-)
diff --git a/audisp/plugins/remote/Makefile.am b/audisp/plugins/remote/Makefile.am
index 217d477c5..1ac77ee8d 100644
--- a/audisp/plugins/remote/Makefile.am
+++ b/audisp/plugins/remote/Makefile.am
@@ -36,7 +36,7 @@ TESTS = $(check_PROGRAMS)
audisp_remote_DEPENDENCIES = ${top_builddir}/common/libaucommon.la
audisp_remote_SOURCES = audisp-remote.c remote-config.c queue.c
-audisp_remote_CFLAGS = -fPIE -DPIE -g -D_REENTRANT -D_GNU_SOURCE -Wundef
+audisp_remote_CFLAGS = -fPIE -DPIE -g -D_REENTRANT -D_GNU_SOURCE -Wundef ${WFLAGS}
audisp_remote_LDFLAGS = -pie -Wl,-z,relro -Wl,-z,now
audisp_remote_LDADD = $(CAPNG_LDADD) $(gss_libs) ${top_builddir}/common/libaucommon.la
diff --git a/auparse/Makefile.am b/auparse/Makefile.am
index b34b6c042..1eb5352cf 100644
--- a/auparse/Makefile.am
+++ b/auparse/Makefile.am
@@ -26,7 +26,7 @@ SUBDIRS = test
EXTRA_DIST = expression-design.txt
CLEANFILES = $(BUILT_SOURCES)
CONFIG_CLEAN_FILES = *.loT *.rej *.orig
-AM_CFLAGS = -fPIC -DPIC -D_GNU_SOURCE -g ${DEBUG} -Wno-pointer-sign -Wno-enum-compare -Wno-switch
+AM_CFLAGS = -fPIC -DPIC -D_GNU_SOURCE -g ${DEBUG} -Wno-pointer-sign -Wno-enum-compare -Wno-switch ${WFLAGS}
AM_CPPFLAGS = -I. -I${top_srcdir} -I${top_srcdir}/src -I${top_srcdir}/lib -I${top_srcdir}/common
LIBS =
diff --git a/configure.ac b/configure.ac
index e40d41e14..e74fd7036 100644
--- a/configure.ac
+++ b/configure.ac
@@ -341,6 +341,21 @@ else
fi
],WARNS="$ALLWARNS")
+WFLAGS=""
+AC_MSG_CHECKING(for -Wformat-truncation)
+TMPCFLAGS="${CFLAGS}"
+CFLAGS="${CFLAGS} -Wformat-truncation"
+AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[]])],[WFLAGS="-Wno-format-truncation"
+ AC_MSG_RESULT(yes)],
+ [AC_MSG_RESULT(no)])
+CFLAGS="${TMPCFLAGS}"
+CFLAGS="${CFLAGS} -Wunused-but-set-variable"
+AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[]])],[WFLAGS="${WFLAGS} -Wno-unused-but-set-variable"
+ AC_MSG_RESULT(yes)],
+ [AC_MSG_RESULT(no)])
+CFLAGS="${TMPCFLAGS}"
+AC_SUBST(WFLAGS)
+
withval=""
AC_MSG_CHECKING(whether to include arm eabi processor support)
AC_ARG_WITH(arm,
diff --git a/src/Makefile.am b/src/Makefile.am
index 9c68b42db..2bebf8d50 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -25,7 +25,7 @@ CONFIG_CLEAN_FILES = *.rej *.orig
SUBDIRS = test
AM_CPPFLAGS = -I${top_srcdir} -I${top_srcdir}/lib -I${top_srcdir}/src/libev -I${top_srcdir}/auparse -I${top_srcdir}/audisp -I${top_srcdir}/common
sbin_PROGRAMS = auditd auditctl aureport ausearch autrace
-AM_CFLAGS = -D_GNU_SOURCE -Wno-pointer-sign
+AM_CFLAGS = -D_GNU_SOURCE -Wno-pointer-sign ${WFLAGS}
noinst_HEADERS = auditd-config.h auditd-event.h auditd-listen.h ausearch-llist.h ausearch-options.h auditctl-llist.h aureport-options.h ausearch-parse.h aureport-scan.h ausearch-lookup.h ausearch-int.h auditd-dispatch.h ausearch-string.h ausearch-nvpair.h ausearch-common.h ausearch-avc.h ausearch-time.h ausearch-lol.h auditctl-listing.h ausearch-checkpt.h
auditd_SOURCES = auditd.c auditd-event.c auditd-config.c auditd-reconfig.c auditd-sendmail.c auditd-dispatch.c

31
SOURCES/audit-3.0.8-auparse-path-norm.patch Normal file
View File

@ -0,0 +1,31 @@
From becc1c297279f757835943e2cad63992134511f9 Mon Sep 17 00:00:00 2001
From: Sergio Correia <scorreia@redhat.com>
Date: Mon, 7 Mar 2022 13:11:09 -0300
Subject: [PATCH] auparse: fix off-by-one issue in path_norm() (#242)
When defining dest = rpath + 1, we end up having the first char of
`dest' as NULL -- since `rpath' points to `working', which is a static
buffer.
With the first char as NULL, path_norm() ends up producing an empty string.
This commit fixes the issue reported in this [1] mailing list post.
[1] https://listman.redhat.com/archives/linux-audit/2022-February/018844.html
---
auparse/interpret.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/auparse/interpret.c b/auparse/interpret.c
index c8a0d96dd..df593c44c 100644
--- a/auparse/interpret.c
+++ b/auparse/interpret.c
@@ -895,7 +895,7 @@ static char *path_norm(const char *name)
return strdup(name);
rpath = working;
- dest = rpath + 1;
+ dest = rpath;
rpath_limit = rpath + PATH_MAX;
for (start = name; *start; start = end) {

18
SPECS/audit.spec
View File

@ -2,19 +2,22 @@
Summary: User space tools for kernel auditing Summary: User space tools for kernel auditing
Name: audit Name: audit
Version: 3.0.7 Version: 3.0.7
Release: 100%{?dist} Release: 101%{?dist}.1
License: GPLv2+ License: GPLv2+
URL: http://people.redhat.com/sgrubb/audit/ URL: http://people.redhat.com/sgrubb/audit/
Source0: http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz Source0: http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
Source1: https://www.gnu.org/licenses/lgpl-2.1.txt Source1: https://www.gnu.org/licenses/lgpl-2.1.txt
Patch1: 0001-Add-ausysrulevalidate.patch Patch1: 0001-Add-ausysrulevalidate.patch
Patch2: audit-3.0.7-gcc-flags.patch
Patch3: audit-3.0.8-auparse-path-norm.patch
BuildRequires: make gcc swig BuildRequires: make gcc swig
BuildRequires: openldap-devel BuildRequires: openldap-devel
BuildRequires: krb5-devel libcap-ng-devel BuildRequires: krb5-devel libcap-ng-devel
BuildRequires: kernel-headers >= 2.6.29 BuildRequires: kernel-headers >= 2.6.29
BuildRequires: systemd BuildRequires: systemd
BuildRequires: autoconf automake libtool
Requires: %{name}-libs%{?_isa} = %{version}-%{release} Requires: %{name}-libs%{?_isa} = %{version}-%{release}
Requires(post): systemd coreutils Requires(post): systemd coreutils
@ -90,6 +93,9 @@ Management Facility) database, through an IBM Tivoli Directory Server
%setup -q %setup -q
cp %{SOURCE1} . cp %{SOURCE1} .
%patch1 -p1 %patch1 -p1
%patch2 -p1
%patch3 -p1
autoreconf -fv --install
# Remove the ids code, its not ready # Remove the ids code, its not ready
sed -i 's/ ids / /' audisp/plugins/Makefile.in sed -i 's/ ids / /' audisp/plugins/Makefile.in
@ -187,7 +193,7 @@ fi
%doc README ChangeLog init.d/auditd.cron %doc README ChangeLog init.d/auditd.cron
%{!?_licensedir:%global license %%doc} %{!?_licensedir:%global license %%doc}
%license COPYING %license COPYING
%attr(750,root,root) %{_datadir}/%{name} %attr(755,root,root) %{_datadir}/%{name}
%attr(644,root,root) %{_datadir}/%{name}/sample-rules/* %attr(644,root,root) %{_datadir}/%{name}/sample-rules/*
%attr(644,root,root) %{_mandir}/man8/auditctl.8.gz %attr(644,root,root) %{_mandir}/man8/auditctl.8.gz
%attr(644,root,root) %{_mandir}/man8/auditd.8.gz %attr(644,root,root) %{_mandir}/man8/auditd.8.gz
@ -257,6 +263,14 @@ fi
%attr(750,root,root) %{_sbindir}/audispd-zos-remote %attr(750,root,root) %{_sbindir}/audispd-zos-remote
%changelog %changelog
* Tue Mar 08 2022 Sergio Correia <scorreia@redhat.com> - 3.0.7-101.1
- Fix path normalization in auparse
Resolves: rhbz#2061731 - auparse missing information when used with --format-text (rhel-9.0)
* Tue Feb 22 2022 Sergio Correia <scorreia@redhat.com> - 3.0.7-101
- Adjust sample-rules dir permissions
Resolves: rhbz#2054432 - /usr/share/audit/sample-rules is no longer readable by non-root users
* Tue Jan 25 2022 Sergio Correia <scorreia@redhat.com> - 3.0.7-100 * Tue Jan 25 2022 Sergio Correia <scorreia@redhat.com> - 3.0.7-100
- New upstream release, 3.0.7 - New upstream release, 3.0.7
Resolves: rhbz#2019929 - capability=unknown-capability(39) in audit messages Resolves: rhbz#2019929 - capability=unknown-capability(39) in audit messages