Bug 1117953 - Per fesco#1311, please disable syscall auditing by default
This commit is contained in:
parent
ff9bb330e4
commit
97cac88aaf
@ -6,12 +6,14 @@
|
||||
Summary: User space tools for 2.6 kernel auditing
|
||||
Name: audit
|
||||
Version: 2.3.7
|
||||
Release: 3%{?dist}
|
||||
Release: 4%{?dist}
|
||||
License: GPLv2+
|
||||
Group: System Environment/Daemons
|
||||
URL: http://people.redhat.com/sgrubb/audit/
|
||||
Source0: http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
|
||||
Source1: https://www.gnu.org/licenses/lgpl-2.1.txt
|
||||
# FESCO asked for audit to be off by default. #1117953
|
||||
Patch1: never-audit.patch
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
||||
BuildRequires: swig python-devel
|
||||
BuildRequires: tcp_wrappers-devel krb5-devel libcap-ng-devel
|
||||
@ -91,6 +93,7 @@ behavior.
|
||||
%prep
|
||||
%setup -q
|
||||
cp %{SOURCE1} .
|
||||
%patch1 -p1
|
||||
|
||||
%build
|
||||
%configure --sbindir=/sbin --libdir=/%{_lib} --with-python=yes --with-libwrap --enable-gssapi-krb5=yes --with-libcap-ng=yes --with-arm --with-aarch64 \
|
||||
@ -280,6 +283,9 @@ fi
|
||||
%attr(644,root,root) %{_mandir}/man8/audisp-remote.8.gz
|
||||
|
||||
%changelog
|
||||
* Tue Jun 03 2014 Steve Grubb <sgrubb@redhat.com> 2.3.7-4
|
||||
- Bug 1117953 - Per fesco#1311, please disable syscall auditing by default
|
||||
|
||||
* Fri Jul 11 2014 Tom Callaway <spot@fedoraproject.org> - 2.3.7-3
|
||||
- mark license files properly
|
||||
|
||||
|
17
never-audit.patch
Normal file
17
never-audit.patch
Normal file
@ -0,0 +1,17 @@
|
||||
diff -ur audit.orig/init.d/audit.rules audit/init.d/audit.rules
|
||||
--- audit.orig/init.d/audit.rules 2014-07-20 10:43:44.724841702 -0400
|
||||
+++ audit/init.d/audit.rules 2014-07-22 14:55:50.856253189 -0400
|
||||
@@ -6,9 +6,8 @@
|
||||
# First rule - delete all
|
||||
-D
|
||||
|
||||
-# Increase the buffers to survive stress events.
|
||||
-# Make this bigger for busy systems
|
||||
--b 320
|
||||
-
|
||||
-# Feel free to add below this line. See auditctl man page
|
||||
+# This suppresses syscall auditing for all tasks started
|
||||
+# with this rule in effect. Remove it if you need syscall
|
||||
+# auditing.
|
||||
+-a task,never
|
||||
|
Loading…
Reference in New Issue
Block a user