- If kernel is in immutable mode, auditd should not send enable command
This commit is contained in:
Steve Grubb
parent
43fc1794e1
commit
5431994a68
12
audit-1.7.9-startup.patch
Normal file
12
audit-1.7.9-startup.patch
Normal file
@ -0,0 +1,12 @@
|
||||
diff -urp audit-1.7.9.orig/src/auditd.c audit-1.7.9/src/auditd.c
|
||||
--- audit-1.7.9.orig/src/auditd.c 2008-10-25 08:25:39.000000000 -0400
|
||||
+++ audit-1.7.9/src/auditd.c 2008-10-25 08:42:08.000000000 -0400
|
||||
@@ -664,7 +664,7 @@ int main(int argc, char *argv[])
|
||||
tell_parent(SUCCESS);
|
||||
|
||||
/* Depending on value of opt_startup (-s) set initial audit state */
|
||||
- if (opt_startup != startup_nochange &&
|
||||
+ if ((audit_is_enabled(fd) < 2) && opt_startup != startup_nochange &&
|
||||
audit_set_enabled(fd, (int)opt_startup) < 0) {
|
||||
char emsg[DEFAULT_BUF_SZ];
|
||||
if (*subj)
|
||||
11
audit.spec
11
audit.spec
@ -1,17 +1,18 @@
|
||||
%define sca_version 0.4.8
|
||||
%define sca_release 7
|
||||
%define sca_release 8
|
||||
%{!?python_sitelib: %define python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")}
|
||||
|
||||
Summary: User space tools for 2.6 kernel auditing
|
||||
Name: audit
|
||||
Version: 1.7.8
|
||||
Release: 3%{?dist}
|
||||
Release: 4%{?dist}
|
||||
License: GPLv2+
|
||||
Group: System Environment/Daemons
|
||||
URL: http://people.redhat.com/sgrubb/audit/
|
||||
Source0: http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
|
||||
Patch1: audit-1.7.9-bugs.patch
|
||||
Patch2: audit-1.7.9-i386.patch
|
||||
Patch3: audit-1.7.9-startup.patch
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
||||
BuildRequires: gettext-devel intltool libtool swig python-devel
|
||||
BuildRequires: tcp_wrappers-devel
|
||||
@ -90,6 +91,7 @@ A graphical utility for editing audit configuration.
|
||||
%setup -q
|
||||
%patch1 -p1
|
||||
%patch2 -p1
|
||||
%patch3 -p1
|
||||
|
||||
%build
|
||||
(cd system-config-audit; ./autogen.sh)
|
||||
@ -278,7 +280,10 @@ fi
|
||||
%config(noreplace) %{_sysconfdir}/security/console.apps/system-config-audit-server
|
||||
|
||||
%changelog
|
||||
* Thu Oct 23 2008 Steve Grubb <sgrubb@redhat.com> 1.7.8-3
|
||||
* Sat Oct 25 2008 Steve Grubb <sgrubb@redhat.com> 1.7.8-4
|
||||
- If kernel is in immutable mode, auditd should not send enable command
|
||||
|
||||
* Fri Oct 24 2008 Steve Grubb <sgrubb@redhat.com> 1.7.8-3
|
||||
- Fix ausearch interpretting i386 syscalls on x86_64 machine
|
||||
|
||||
* Thu Oct 23 2008 Steve Grubb <sgrubb@redhat.com> 1.7.8-2
|
||||
|
||||
Loading…
Reference in New Issue
Block a user