Rebase to 4.0.3

- Pluginst must have .conf suffix, otherwise skipped Resolves: RHEL-58838 - ausearch checkpoint inode fix Resolves: RHEL-58838 - Audisp-filter: filter audit events and forward them to other plugins Resolves: RHEL-5199 - Log to console when system is halted due to audit not having enough storage Resolves: RHEL-990 - auditctl: remove misleasing error with --input file Resolves: RHEL-5200 - Remove ProtectKernelModules=true from service file Resolves: RHEL-5200 - Update syscall tables to reflect current kernel Resolves: RHEL-46969 - af_unix: Restore old behavior Resolves: RHEL-39955 - Add systemd-tempfiles.d for audit when root fs is read-only Resolves: RHEL-45311 - ausearch fix error reporting Resolves: RHEL-45311
2025-01-08 10:14:40 +01:00 · 2025-01-08 10:14:40 +01:00 · b322838199
commit b322838199
parent cb94a9d99f
4 changed files with 40 additions and 56 deletions
--- a/.gitignore
+++ b/.gitignore
@ -178,3 +178,4 @@ audit-2.0.4.tar.gz
 /audit-3.1.1.tar.gz
 /audit-3.1.2.tar.gz
 /audit-4.0.tar.gz
 /v4.0.3.tar.gz
--- a/audit-4.0-attributes.patch
+++ b/audit-4.0-attributes.patch
@ -1,45 +0,0 @@
 From 0db6e0960a5c55b468f21f9841bbc7e67832b66a Mon Sep 17 00:00:00 2001
 From: Steve Grubb <ausearch.1@gmail.com>
 Date: Wed, 17 Jan 2024 12:07:25 -0500
 Subject: [PATCH] Update function attributes
 ---
 auparse/auparse.h |  2 +-
 lib/libaudit.h    | 10 +++++-----
 2 files changed, 6 insertions(+), 6 deletions(-)
 diff --git a/auparse/auparse.h b/auparse/auparse.h
 index c27f1ff96..0b3f68c35 100644
 --- a/auparse/auparse.h
 +++ b/auparse/auparse.h
@@ -68,7 +68,7 @@ void auparse_add_callback(auparse_state_t *au, auparse_callback_ptr callback,
 			void *user_data, user_destroy user_destroy_func);
 void auparse_set_escape_mode(auparse_state_t *au, auparse_esc_t mode);
 int auparse_reset(auparse_state_t *au);
 -char *auparse_metrics(const auparse_state_t *au);
 +char *auparse_metrics(const auparse_state_t *au) __attr_dealloc_free;
 /* Functions that are part of the search interface */
 int ausearch_add_expression(auparse_state_t *au, const char *expression,
 diff --git a/lib/libaudit.h b/lib/libaudit.h
 index 34b337a7c..15ea2e6f4 100644
 --- a/lib/libaudit.h
 +++ b/lib/libaudit.h
@@ -248,12 +248,12 @@ int  audit_set_enabled(int fd, uint32_t enabled) __wur;
 int  audit_set_failure(int fd, uint32_t failure) __wur;
 int  audit_set_rate_limit(int fd, uint32_t limit);
 int  audit_set_backlog_limit(int fd, uint32_t limit);
 -int audit_set_backlog_wait_time(int fd, uint32_t bwt);
 -int audit_reset_lost(int fd);
 -int audit_reset_backlog_wait_time_actual(int fd);
 +int  audit_set_backlog_wait_time(int fd, uint32_t bwt);
 +int  audit_reset_lost(int fd);
 +int  audit_reset_backlog_wait_time_actual(int fd);
 int  audit_set_feature(int fd, unsigned feature, unsigned value,
 -		      unsigned lock);
 -int  audit_set_loginuid_immutable(int fd);
 +		      unsigned lock) __wur;
 +int  audit_set_loginuid_immutable(int fd) __wur;
 /* AUDIT_LIST_RULES */
 int  audit_request_rules_list_data(int fd);
--- a/audit.spec
+++ b/audit.spec
@ -1,14 +1,14 @@
 Summary: User space tools for kernel auditing
 Name: audit
-Version: 4.0
+Version: 4.0.3
-Release: 10%{?dist}
+Release: 1%{?dist}
 License: GPL-2.0-or-later AND LGPL-2.0-or-later
-URL: http://people.redhat.com/sgrubb/audit/
+URL: https://github.com/linux-audit/audit-userspace/
-Source0: http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
+Source0: https://github.com/linux-audit/audit-userspace/archive/refs/tags/v%{version}.tar.gz
 Source1: https://www.gnu.org/licenses/lgpl-2.1.txt
 Patch1: audit-4.0-attributes.patch
 BuildRequires: make gcc
 BuildRequires: autoconf automake libtool
 BuildRequires: kernel-headers >= 5.0
 BuildRequires: systemd
@ -95,20 +95,20 @@ Recommends: %{name} = %{version}-%{release}
 The audit rules package contains the rules and utilities to load audit rules.
 %prep
-%setup -q
+%setup -q -n %{name}-userspace-%{version}
 %patch 1 -p1
 cp %{SOURCE1} .
 %build
 autoreconf -fv --install
 # Remove the ids code, its not ready
 sed -i 's/ ids / /' audisp/plugins/Makefile.am
 sed -i 's/ ids / /' audisp/plugins/Makefile.in
 %build
 %configure --with-python=no \
           --with-python3=yes \
-           --enable-gssapi-krb5=yes --with-arm --with-aarch64 \
+           --enable-gssapi-krb5=yes --with-arm --with-aarch64 --with-riscv \
           --with-libcap-ng=yes --without-golang --enable-zos-remote \
-           --enable-systemd --enable-experimental --with-io_uring
+           --enable-experimental --with-io_uring
 make CFLAGS="%{optflags}" %{?_smp_mflags}
@ -237,6 +237,7 @@ fi
 %attr(755,root,root) %{_bindir}/aulastlog
 %attr(755,root,root) %{_bindir}/ausyscall
 %attr(644,root,root) %{_unitdir}/auditd.service
 %attr(640,root,root) %{_tmpfilesdir}/audit.conf
 %attr(750,root,root) %dir %{_libexecdir}/initscripts/legacy-actions/auditd
 %attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/condrestart
 %attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/reload
@ -272,16 +273,20 @@ fi
 %config(noreplace) %attr(640,root,root) /etc/audit/audisp-statsd.conf
 %config(noreplace) %attr(640,root,root) /etc/audit/plugins.d/au-statsd.conf
 %config(noreplace) %attr(640,root,root) /etc/audit/plugins.d/af_unix.conf
 %config(noreplace) %attr(640,root,root) /etc/audit/audisp-filter.conf
 %config(noreplace) %attr(640,root,root) /etc/audit/plugins.d/filter.conf
 %attr(750,root,root) %{_sbindir}/audisp-remote
 %attr(750,root,root) %{_sbindir}/audisp-syslog
 %attr(750,root,root) %{_sbindir}/audisp-af_unix
 %attr(750,root,root) %{_sbindir}/audisp-statsd
 %attr(750,root,root) %{_sbindir}/audisp-filter
 %attr(700,root,root) %dir %{_var}/spool/audit
 %attr(644,root,root) %{_mandir}/man5/audisp-remote.conf.5.gz
 %attr(644,root,root) %{_mandir}/man8/audisp-remote.8.gz
 %attr(644,root,root) %{_mandir}/man8/audisp-syslog.8.gz
 %attr(644,root,root) %{_mandir}/man8/audisp-af_unix.8.gz
 %attr(644,root,root) %{_mandir}/man8/audisp-statsd.8.gz
 %attr(644,root,root) %{_mandir}/man8/audisp-filter.8.gz
 %files -n audispd-plugins-zos
 %attr(644,root,root) %{_mandir}/man8/audispd-zos-remote.8.gz
@ -291,6 +296,29 @@ fi
 %attr(750,root,root) %{_sbindir}/audispd-zos-remote
 %changelog
 * Wed Jan 08 2025 Attila Lakatos <alakatos@redhat.com> - 4.0.3-1
 - Rebase to 4.0.3
 - Pluginst must have .conf suffix, otherwise skipped
  Resolves: RHEL-58838
 - ausearch checkpoint inode fix
  Resolves: RHEL-62333
 - Audisp-filter: filter audit events and forward them to other plugins
  Resolves: RHEL-5199
 - Log to console when system is halted due to audit not having enough storage
  Resolves: RHEL-990
 - auditctl: remove misleasing error with --input file
  Resolves: RHEL-5200
 - Remove ProtectKernelModules=true from service file
  Resolves: RHEL-59571
 - Update syscall tables to reflect current kernel
  Resolves: RHEL-46969
 - af_unix: Restore old behavior
  Resolves: RHEL-39955
 - Add systemd-tempfiles.d for audit when root fs is read-only
  Resolves: RHEL-45311
 - ausearch fix error reporting
  Resolves: RHEL-32808
 * Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 4.0-10
 - Bump release for October 2024 mass rebuild:
  Resolves: RHEL-64018
--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (audit-4.0.tar.gz) = 4ed5b216c75c655fd40a74b909d591922a66690bdf2cc5c69a23be3e9b10c8d341fd9b4f496f3ce2a8f99b7d86f0dda13e36387edd845b590ab767a82b4315cc
+SHA512 (v4.0.3.tar.gz) = a20d2f832632fa844764086aac98c80f7fcb120ceeaae7472248e04eec0493981e31fd59f22c3f0dbff81ccbcd132b8297812f2b4cdb87b866c59aedf3611342
`@ -1 +1 @@`
	`SHA512 (audit-4.0.tar.gz) = 4ed5b216c75c655fd40a74b909d591922a66690bdf2cc5c69a23be3e9b10c8d341fd9b4f496f3ce2a8f99b7d86f0dda13e36387edd845b590ab767a82b4315cc`	`SHA512 (v4.0.3.tar.gz) = a20d2f832632fa844764086aac98c80f7fcb120ceeaae7472248e04eec0493981e31fd59f22c3f0dbff81ccbcd132b8297812f2b4cdb87b866c59aedf3611342`