rpms/audit
6
0
Fork 0
Code Issues Pull Requests Releases Activity

- Updates for new glibc-kernheaders

Browse Source 
- Change auditctl to collect list of rules then delete them on -D
- Update capp.rules and lspp.rules to comment out rules for the possible
    list
- Add new message types
- Support sigusr1 sender identity of newer kernels
- Add support for ppid in auditctl and ausearch
- fix auditctl to trim the '/' from watches
- Move audit daemon config files to /etc/audit for better SE Linux
    protection
This commit is contained in:
Steve Grubb 2006-05-12 21:04:25 +00:00
parent e147a719cd
commit ca188de775
3 changed files with 27 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.cvsignore
View File

@ -58,3 +58,4 @@ audit-1.1.5.tar.gz
audit-1.1.6.tar.gz audit-1.1.6.tar.gz
audit-1.2.tar.gz audit-1.2.tar.gz
audit-1.2.1.tar.gz audit-1.2.1.tar.gz
audit-1.2.2.tar.gz

54
audit.spec
View File

@ -1,17 +1,14 @@
Summary: User space tools for 2.6 kernel auditing. Summary: User space tools for 2.6 kernel auditing.
Name: audit Name: audit
Version: 1.2.1 Version: 1.2.2
Release: 2 Release: 1
License: GPL License: GPL
Group: System Environment/Daemons Group: System Environment/Daemons
URL: http://people.redhat.com/sgrubb/audit/ URL: http://people.redhat.com/sgrubb/audit/
Source0: %{name}-%{version}.tar.gz Source0: %{name}-%{version}.tar.gz
Patch1: audit-1.1.3-initscript-disabled.patch
Patch2: audit-1.2.1-include.patch
Patch3: audit-1.2.1-header-abuse.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-root BuildRoot: %{_tmppath}/%{name}-%{version}-root
BuildRequires: libtool swig python-devel BuildRequires: libtool swig python-devel
BuildRequires: kernel-headers >= 2.4-9.1.95 BuildRequires: glibc-kernheaders >= 3.0-14
BuildRequires: automake >= 1.9 BuildRequires: automake >= 1.9
BuildRequires: autoconf >= 2.59 BuildRequires: autoconf >= 2.59
Requires: %{name}-libs = %{version}-%{release} Requires: %{name}-libs = %{version}-%{release}
@ -36,7 +33,7 @@ Summary: Header files and static library for libaudit
License: LGPL License: LGPL
Group: Development/Libraries Group: Development/Libraries
Requires: %{name}-libs = %{version}-%{release} Requires: %{name}-libs = %{version}-%{release}
Requires: kernel-headers >= 2.6.16 Requires: glibc-kernheaders >= 2.4-9.1.95
%description libs-devel %description libs-devel
The audit-libs-devel package contains the static libraries and header The audit-libs-devel package contains the static libraries and header
@ -48,7 +45,7 @@ Summary: Python bindings for libaudit
License: LGPL License: LGPL
Group: Development/Libraries Group: Development/Libraries
Requires: %{name}-libs = %{version}-%{release} Requires: %{name}-libs = %{version}-%{release}
Requires: kernel-headers >= 2.6.16 Requires: glibc-kernheaders >= 2.4-9.1.95
%description libs-python %description libs-python
The audit-libs-python package contains the bindings so that libaudit The audit-libs-python package contains the bindings so that libaudit
@ -56,10 +53,6 @@ can be used by python.
%prep %prep
%setup -q %setup -q
# When in production, uncomment this so the patch is applied
#%patch1 -p1
%patch2 -p1
%patch3 -p1
%build %build
autoreconf -fv --install autoreconf -fv --install
@ -96,8 +89,6 @@ rm -f $RPM_BUILD_ROOT/%{_lib}/libaudit.la
rm -f $RPM_BUILD_ROOT/%{_lib}/libauparse.la rm -f $RPM_BUILD_ROOT/%{_lib}/libauparse.la
rm -f $RPM_BUILD_ROOT/%{_libdir}/python2.4/site-packages/_audit.a rm -f $RPM_BUILD_ROOT/%{_libdir}/python2.4/site-packages/_audit.a
rm -f $RPM_BUILD_ROOT/%{_libdir}/python2.4/site-packages/_audit.la rm -f $RPM_BUILD_ROOT/%{_libdir}/python2.4/site-packages/_audit.la
# Temp remove this file
rm -f $RPM_BUILD_ROOT/sbin/audispd
%clean %clean
rm -rf $RPM_BUILD_ROOT rm -rf $RPM_BUILD_ROOT
@ -106,6 +97,12 @@ rm -rf $RPM_BUILD_ROOT
%post %post
/sbin/chkconfig --add auditd /sbin/chkconfig --add auditd
if [ -f /etc/auditd.conf ]; then
mv /etc/auditd.conf /etc/audit/auditd.conf
fi
if [ -f /etc/audit.rules ]; then
mv /etc/audit.rules /etc/audit/audit.rules
fi
%preun %preun
if [ $1 -eq 0 ]; then if [ $1 -eq 0 ]; then
@ -149,15 +146,26 @@ fi
%attr(750,root,root) /sbin/ausearch %attr(750,root,root) /sbin/ausearch
%attr(750,root,root) /sbin/aureport %attr(750,root,root) /sbin/aureport
%attr(750,root,root) /sbin/autrace %attr(750,root,root) /sbin/autrace
#%attr(750,root,root) /sbin/audispd %attr(750,root,root) /sbin/audispd
%attr(755,root,root) /etc/rc.d/init.d/auditd %attr(755,root,root) /etc/rc.d/init.d/auditd
%attr(750,root,root) %{_var}/log/audit %attr(750,root,root) %{_var}/log/audit
%config(noreplace) %attr(640,root,root) /etc/auditd.conf %attr(755,root,root) %dir /etc/audit
%config(noreplace) %attr(640,root,root) /etc/audit.rules %config(noreplace) %attr(640,root,root) /etc/audit/auditd.conf
%config(noreplace) %attr(640,root,root) /etc/audit/audit.rules
%config(noreplace) %attr(640,root,root) /etc/sysconfig/auditd %config(noreplace) %attr(640,root,root) /etc/sysconfig/auditd
%changelog %changelog
* Fri May 12 2006 Steve Grubb <sgrubb@redhat.com> 1.2.2-1
- Updates for new glibc-kernheaders
- Change auditctl to collect list of rules then delete them on -D
- Update capp.rules and lspp.rules to comment out rules for the possible list
- Add new message types
- Support sigusr1 sender identity of newer kernels
- Add support for ppid in auditctl and ausearch
- fix auditctl to trim the '/' from watches
- Move audit daemon config files to /etc/audit for better SE Linux protection
* Wed Apr 25 2006 David Woodhouse <dwmw2@redhat.com> 1.2.1-2 * Wed Apr 25 2006 David Woodhouse <dwmw2@redhat.com> 1.2.1-2
- Require kernel-headers, not glibc-kernheaders - Require kernel-headers, not glibc-kernheaders
- Fix redefinition of audit_rule_data with new kernel headers - Fix redefinition of audit_rule_data with new kernel headers
@ -188,15 +196,6 @@ fi
- Add man pages - Add man pages
- Auditd ignore most signals - Auditd ignore most signals
* Fri Feb 10 2006 Jesse Keating <jkeating@redhat.com> - 1.1.4-5.1
- bump again for double-long bug on ppc(64)
* Fri Feb 10 2006 Steve Grubb <sgrubb@redhat.com> 1.1.4-5
- Change audit_log_semanage_message to check strlen as well as NULL.
* Thu Feb 9 2006 Steve Grubb <sgrubb@redhat.com> 1.1.4-3
- Change audit_log_semanage_message to take new params.
* Wed Feb 8 2006 Steve Grubb <sgrubb@redhat.com> 1.1.4-1 * Wed Feb 8 2006 Steve Grubb <sgrubb@redhat.com> 1.1.4-1
- Fix bug in autrace where it didn't run on kernels without file watch support - Fix bug in autrace where it didn't run on kernels without file watch support
- Add syslog message to auditd saying what program was started for dispatcher - Add syslog message to auditd saying what program was started for dispatcher
@ -209,9 +208,6 @@ fi
- Call shutdown_dispatcher when auditd stops - Call shutdown_dispatcher when auditd stops
- Add new logging function audit_log_semanage_message - Add new logging function audit_log_semanage_message
* Tue Feb 07 2006 Jesse Keating <jkeating@redhat.com> - 1.1.3-1.1
- rebuilt for new gcc4.1 snapshot and glibc changes
* Thu Jan 5 2006 Steve Grubb <sgrubb@redhat.com> 1.1.3-1 * Thu Jan 5 2006 Steve Grubb <sgrubb@redhat.com> 1.1.3-1
- Add timestamp to daemon_config messages (#174865) - Add timestamp to daemon_config messages (#174865)
- Add error checking of year for aureport & ausearch - Add error checking of year for aureport & ausearch

2
sources
View File

@ -1 +1 @@
537d4ee68428e2ba2f01a8c07287fb6e audit-1.2.1.tar.gz 5474099a13cdbd514386ad14057077f4 audit-1.2.2.tar.gz