From d34ea8e1c6daa82372d58c49584fae030d139374 Mon Sep 17 00:00:00 2001 From: eabdullin Date: Wed, 14 May 2025 14:39:16 +0000 Subject: [PATCH] import UBI audit-4.0.3-1.el10 --- .audit.metadata | 1 - .gitignore | 2 +- SPECS/audit.spec => audit.spec | 479 ++++++++++++++++++++------- SOURCES/lgpl-2.1.txt => lgpl-2.1.txt | 0 remote-logging-ordering-cycle.patch | 14 + sources | 1 + 6 files changed, 368 insertions(+), 129 deletions(-) delete mode 100644 .audit.metadata rename SPECS/audit.spec => audit.spec (51%) rename SOURCES/lgpl-2.1.txt => lgpl-2.1.txt (100%) create mode 100644 remote-logging-ordering-cycle.patch create mode 100644 sources diff --git a/.audit.metadata b/.audit.metadata deleted file mode 100644 index c907f4c..0000000 --- a/.audit.metadata +++ /dev/null @@ -1 +0,0 @@ -45cffb1ded9a57a79b33547f58228131d3eb14a6 SOURCES/audit-3.1.2.tar.gz diff --git a/.gitignore b/.gitignore index 4c835b4..b534735 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -SOURCES/audit-3.1.2.tar.gz +v4.0.3.tar.gz diff --git a/SPECS/audit.spec b/audit.spec similarity index 51% rename from SPECS/audit.spec rename to audit.spec index c7f1a10..4acc4cf 100644 --- a/SPECS/audit.spec +++ b/audit.spec @@ -1,34 +1,40 @@ -%{!?python_sitearch: %define python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")} Summary: User space tools for kernel auditing Name: audit -Version: 3.1.2 +Version: 4.0.3 Release: 1%{?dist} -License: GPLv2+ -URL: http://people.redhat.com/sgrubb/audit/ -Source0: http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz +License: GPL-2.0-or-later AND LGPL-2.0-or-later +URL: https://github.com/linux-audit/audit-userspace/ +Source0: https://github.com/linux-audit/audit-userspace/archive/refs/tags/v%{version}.tar.gz Source1: https://www.gnu.org/licenses/lgpl-2.1.txt - -BuildRequires: gcc swig make -BuildRequires: openldap-devel -BuildRequires: krb5-devel libcap-ng-devel -BuildRequires: kernel-headers >= 2.6.29 +BuildRequires: make gcc +BuildRequires: autoconf automake libtool +BuildRequires: kernel-headers >= 5.0 BuildRequires: systemd -#BuildRequires: autoconf automake libtool + +Patch0: remote-logging-ordering-cycle.patch Requires: %{name}-libs%{?_isa} = %{version}-%{release} +Requires: %{name}-rules%{?_isa} = %{version}-%{release} Requires(post): systemd coreutils -Requires(preun): systemd initscripts -Requires(postun): systemd coreutils initscripts +Requires(preun): systemd +Requires(postun): systemd coreutils +Recommends: initscripts-service + +# Placing this here under the assumption that anything using the +# python libraries expects the system to have an audit daemon +Obsoletes: python2-audit < %{version}-%{release} %description The audit package contains the user space utilities for storing and searching the audit records generated by the audit subsystem in the Linux 2.6 and later kernels. +It includes example rules that you can use. %package libs Summary: Dynamic library for libaudit -License: LGPLv2+ +License: LGPL-2.0-or-later +BuildRequires: libcap-ng-devel %description libs The audit-libs package contains the dynamic libraries needed for @@ -36,9 +42,9 @@ applications to use the audit framework. %package libs-devel Summary: Header files for libaudit -License: LGPLv2+ +License: LGPL-2.0-or-later Requires: %{name}-libs%{?_isa} = %{version}-%{release} -Requires: kernel-headers >= 2.6.29 +Requires: kernel-headers >= 5.0 %description libs-devel The audit-libs-devel package contains the header files needed for @@ -46,8 +52,8 @@ developing applications that need to use the audit framework libraries. %package -n python3-audit Summary: Python3 bindings for libaudit -License: LGPLv2+ -BuildRequires: python3-devel +License: LGPL-2.0-or-later +BuildRequires: python3-devel python-unversioned-command swig Requires: %{name}-libs%{?_isa} = %{version}-%{release} Provides: audit-libs-python3 = %{version}-%{release} Provides: audit-libs-python3%{?_isa} = %{version}-%{release} @@ -59,7 +65,8 @@ and libauparse can be used by python3. %package -n audispd-plugins Summary: Plugins for the audit event dispatcher -License: GPLv2+ +License: GPL-2.0-or-later +BuildRequires: krb5-devel libcap-ng-devel Requires: %{name}%{?_isa} = %{version}-%{release} Requires: %{name}-libs%{?_isa} = %{version}-%{release} @@ -70,10 +77,10 @@ like relay events to remote machines. %package -n audispd-plugins-zos Summary: z/OS plugin for the audit event dispatcher -License: GPLv2+ +License: GPL-2.0-or-later +BuildRequires: openldap-devel libcap-ng-devel Requires: %{name}%{?_isa} = %{version}-%{release} Requires: %{name}-libs%{?_isa} = %{version}-%{release} -Requires: openldap %description -n audispd-plugins-zos The audispd-plugins-zos package provides a plugin that will forward all @@ -81,24 +88,36 @@ incoming audit events, as they happen, to a configured z/OS SMF (Service Management Facility) database, through an IBM Tivoli Directory Server (ITDS) set for Remote Audit service. +%package rules +Summary: audit rules and utilities +License: GPL-2.0-or-later +Recommends: %{name} = %{version}-%{release} + +%description rules +The audit rules package contains the rules and utilities to load audit rules. + %prep -%setup -q +%setup -q -n %{name}-userspace-%{version} +%patch -P 0 -p1 cp %{SOURCE1} . -#autoreconf -fv --install %build +autoreconf -fv --install +# Remove the ids code, its not ready +sed -i 's/ ids / /' audisp/plugins/Makefile.am +sed -i 's/ ids / /' audisp/plugins/Makefile.in + %configure --with-python=no \ - --with-python3=yes \ - --enable-gssapi-krb5=yes --with-arm --with-aarch64 \ - --with-libcap-ng=yes --without-golang --enable-zos-remote \ - --enable-systemd + --with-python3=yes \ + --enable-gssapi-krb5=yes --with-arm --with-aarch64 --with-riscv \ + --with-libcap-ng=yes --without-golang --enable-zos-remote \ + --enable-experimental --with-io_uring make CFLAGS="%{optflags}" %{?_smp_mflags} %install mkdir -p $RPM_BUILD_ROOT/{sbin,etc/audit/plugins.d,etc/audit/rules.d} mkdir -p $RPM_BUILD_ROOT/%{_mandir}/{man5,man8} -mkdir -p $RPM_BUILD_ROOT/%{_lib} mkdir -p $RPM_BUILD_ROOT/%{_libdir}/audit mkdir -p --mode=0700 $RPM_BUILD_ROOT/%{_var}/log/audit mkdir -p $RPM_BUILD_ROOT/%{_var}/spool/audit @@ -109,39 +128,71 @@ rm -f $RPM_BUILD_ROOT/%{_libdir}/libaudit.a rm -f $RPM_BUILD_ROOT/%{_libdir}/libauparse.a find $RPM_BUILD_ROOT -name '*.la' -delete -find $RPM_BUILD_ROOT/%{_libdir}/python?.?/site-packages -name '*.a' -delete || true +find $RPM_BUILD_ROOT/%{_libdir}/python%{python3_version}/site-packages -name '*.a' -delete || true # On platforms with 32 & 64 bit libs, we need to coordinate the timestamp touch -r ./audit.spec $RPM_BUILD_ROOT/etc/libaudit.conf touch -r ./audit.spec $RPM_BUILD_ROOT/usr/share/man/man5/libaudit.conf.5.gz %check -make check +#make %{?_smp_mflags} check # Get rid of make files so that they don't get packaged. rm -f rules/Makefile* %post +%systemd_post auditd.service +# Do not perform service start/restart when running during an rpm-ostree compose +if [ -f /run/ostree-booted ] ; then + exit 0 +fi +# If an upgrade, restart it if it's running +if [ $1 -eq 2 ] ; then + state=$(systemctl status auditd | awk '/Active:/ { print $2 }') + if [ $state = "active" ] ; then + auditctl --signal stop || true + systemctl start auditd + fi +# if an install, start it since preset says we should be running +elif [ $1 -eq 1 ] ; then + systemctl start auditd +fi + +%post rules +%systemd_post audit-rules.service # Copy default rules into place on new installation files=`ls /etc/audit/rules.d/ 2>/dev/null | wc -w` if [ "$files" -eq 0 ] ; then - if [ -e %{_datadir}/%{name}/sample-rules/10-base-config.rules ] ; then - cp %{_datadir}/%{name}/sample-rules/10-base-config.rules /etc/audit/rules.d/audit.rules - else - touch /etc/audit/rules.d/audit.rules - fi - chmod 0600 /etc/audit/rules.d/audit.rules + echo "No rules detected, adding default" +%if 0%{?rhel} + if [ -e %{_datadir}/%{name}-rules/10-base-config.rules ] ; then + install -m 0600 -o 0 -g 0 -p %{_datadir}/%{name}-rules/10-base-config.rules /etc/audit/rules.d/audit.rules +%else + # FESCO asked for audit to be off by default. #1117953 + if [ -e %{_datadir}/%{name}-rules/10-no-audit.rules ] ; then + install -m 0600 -o 0 -g 0 -p %{_datadir}/%{name}-rules/10-no-audit.rules /etc/audit/rules.d/audit.rules +%endif + else + install -m 0600 -o 0 -g 0 /dev/null /etc/audit/rules.d/audit.rules + fi + # Only load the new rules if not running during an rpm-ostree compose + if [ ! -f /run/ostree-booted ] ; then + # Make the new rules active + augenrules --load || true + fi fi -%systemd_post auditd.service %preun %systemd_preun auditd.service -if [ $1 -eq 0 ]; then - /sbin/service auditd stop > /dev/null 2>&1 +# If uninstalling, stop it +if [ $1 -eq 0 ] ; then + auditctl --signal stop || true fi -%postun -if [ $1 -ge 1 ]; then - /sbin/service auditd condrestart > /dev/null 2>&1 || : +%preun rules +%systemd_preun audit-rules.service +# If uninstalling, delete the rules loaded in the kernel +if [ $1 -eq 0 ] ; then + auditctl -D > /dev/null 2>&1 || true fi %files libs @@ -157,47 +208,39 @@ fi %{_libdir}/libaudit.so %{_libdir}/libauparse.so %{_includedir}/libaudit.h +%{_includedir}/audit_logging.h +%{_includedir}/audit-records.h %{_includedir}/auparse.h %{_includedir}/auparse-defs.h %{_datadir}/aclocal/audit.m4 %{_libdir}/pkgconfig/audit.pc %{_libdir}/pkgconfig/auparse.pc %{_mandir}/man3/* +%{_mandir}/man5/ausearch-expression.5.gz %files -n python3-audit %attr(755,root,root) %{python3_sitearch}/* %files -%doc README ChangeLog init.d/auditd.cron +%doc README.md ChangeLog init.d/auditd.cron %{!?_licensedir:%global license %%doc} %license COPYING -%attr(755,root,root) %{_datadir}/%{name} -%attr(644,root,root) %{_datadir}/%{name}/sample-rules/* -%attr(644,root,root) %{_mandir}/man8/auditctl.8.gz %attr(644,root,root) %{_mandir}/man8/auditd.8.gz %attr(644,root,root) %{_mandir}/man8/aureport.8.gz %attr(644,root,root) %{_mandir}/man8/ausearch.8.gz -%attr(644,root,root) %{_mandir}/man8/autrace.8.gz %attr(644,root,root) %{_mandir}/man8/aulast.8.gz %attr(644,root,root) %{_mandir}/man8/aulastlog.8.gz -%attr(644,root,root) %{_mandir}/man8/auvirt.8.gz -%attr(644,root,root) %{_mandir}/man8/augenrules.8.gz %attr(644,root,root) %{_mandir}/man8/ausyscall.8.gz -%attr(644,root,root) %{_mandir}/man7/audit.rules.7.gz %attr(644,root,root) %{_mandir}/man5/auditd.conf.5.gz -%attr(644,root,root) %{_mandir}/man5/ausearch-expression.5.gz %attr(644,root,root) %{_mandir}/man5/auditd-plugins.5.gz -%attr(755,root,root) %{_sbindir}/auditctl %attr(755,root,root) %{_sbindir}/auditd %attr(755,root,root) %{_sbindir}/ausearch %attr(755,root,root) %{_sbindir}/aureport -%attr(750,root,root) %{_sbindir}/autrace -%attr(755,root,root) %{_sbindir}/augenrules %attr(755,root,root) %{_bindir}/aulast %attr(755,root,root) %{_bindir}/aulastlog %attr(755,root,root) %{_bindir}/ausyscall -%attr(755,root,root) %{_bindir}/auvirt %attr(644,root,root) %{_unitdir}/auditd.service +%attr(640,root,root) %{_tmpfilesdir}/audit.conf %attr(750,root,root) %dir %{_libexecdir}/initscripts/legacy-actions/auditd %attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/condrestart %attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/reload @@ -206,31 +249,47 @@ fi %attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/rotate %attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/state %attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/stop -%attr(750,root,root) %{_libexecdir}/audit-functions %ghost %{_localstatedir}/run/auditd.state %attr(-,root,-) %dir %{_var}/log/audit -%attr(750,root,root) %dir /etc/audit -%attr(750,root,root) %dir /etc/audit/rules.d %attr(750,root,root) %dir /etc/audit/plugins.d %config(noreplace) %attr(640,root,root) /etc/audit/auditd.conf -%ghost %config(noreplace) %attr(600,root,root) /etc/audit/rules.d/audit.rules + +%files rules +%attr(755,root,root) %dir %{_datadir}/%{name}-rules +%attr(644,root,root) %{_datadir}/%{name}-rules/* +%attr(644,root,root) %{_mandir}/man8/auditctl.8.gz +%attr(644,root,root) %{_mandir}/man8/augenrules.8.gz +%attr(644,root,root) %{_mandir}/man7/audit.rules.7.gz +%attr(755,root,root) %{_sbindir}/auditctl +%attr(755,root,root) %{_sbindir}/augenrules +%attr(644,root,root) %{_unitdir}/audit-rules.service +%attr(750,root,root) %dir /etc/audit +%attr(750,root,root) %dir /etc/audit/rules.d +%ghost %config(noreplace) %attr(640,root,root) /etc/audit/rules.d/audit.rules %ghost %config(noreplace) %attr(640,root,root) /etc/audit/audit.rules %config(noreplace) %attr(640,root,root) /etc/audit/audit-stop.rules -%config(noreplace) %attr(640,root,root) /etc/audit/plugins.d/af_unix.conf %files -n audispd-plugins %config(noreplace) %attr(640,root,root) /etc/audit/audisp-remote.conf %config(noreplace) %attr(640,root,root) /etc/audit/plugins.d/au-remote.conf %config(noreplace) %attr(640,root,root) /etc/audit/plugins.d/syslog.conf +%config(noreplace) %attr(640,root,root) /etc/audit/audisp-statsd.conf +%config(noreplace) %attr(640,root,root) /etc/audit/plugins.d/au-statsd.conf %config(noreplace) %attr(640,root,root) /etc/audit/plugins.d/af_unix.conf +%config(noreplace) %attr(640,root,root) /etc/audit/audisp-filter.conf +%config(noreplace) %attr(640,root,root) /etc/audit/plugins.d/filter.conf %attr(750,root,root) %{_sbindir}/audisp-remote %attr(750,root,root) %{_sbindir}/audisp-syslog %attr(750,root,root) %{_sbindir}/audisp-af_unix +%attr(750,root,root) %{_sbindir}/audisp-statsd +%attr(750,root,root) %{_sbindir}/audisp-filter %attr(700,root,root) %dir %{_var}/spool/audit %attr(644,root,root) %{_mandir}/man5/audisp-remote.conf.5.gz %attr(644,root,root) %{_mandir}/man8/audisp-remote.8.gz %attr(644,root,root) %{_mandir}/man8/audisp-syslog.8.gz %attr(644,root,root) %{_mandir}/man8/audisp-af_unix.8.gz +%attr(644,root,root) %{_mandir}/man8/audisp-statsd.8.gz +%attr(644,root,root) %{_mandir}/man8/audisp-filter.8.gz %files -n audispd-plugins-zos %attr(644,root,root) %{_mandir}/man8/audispd-zos-remote.8.gz @@ -240,100 +299,266 @@ fi %attr(750,root,root) %{_sbindir}/audispd-zos-remote %changelog -* Sat Oct 21 2023 Sergio Correia - 3.1.2-1 -- Rebase audit to latest upstream release - Resolves: RHEL-15001 +* Wed Jan 08 2025 Attila Lakatos - 4.0.3-1 +- Rebase to 4.0.3 +- Pluginst must have .conf suffix, otherwise skipped + Resolves: RHEL-58838 +- ausearch checkpoint inode fix + Resolves: RHEL-62333 +- Audisp-filter: filter audit events and forward them to other plugins + Resolves: RHEL-5199 +- Log to console when system is halted due to audit not having enough storage + Resolves: RHEL-990 +- auditctl: remove misleasing error with --input file + Resolves: RHEL-5200 +- Remove ProtectKernelModules=true from service file + Resolves: RHEL-59571 +- Update syscall tables to reflect current kernel + Resolves: RHEL-46969 +- af_unix: Restore old behavior + Resolves: RHEL-39955 +- Add systemd-tempfiles.d for audit when root fs is read-only + Resolves: RHEL-45311 +- ausearch fix error reporting + Resolves: RHEL-32808 +- Resolve ordering cycle when using remote logging + Resolves: RHEL-59561 -* Thu Jun 22 2023 Radovan Sroka - 3.0.7-5 -- Introduce new fanotify record fields - Resolves: rhbz#2216668 -- invalid use of flexible array member - Resolves: rhbz#2116867 +* Tue Oct 29 2024 Troy Dawson - 4.0-10 +- Bump release for October 2024 mass rebuild: + Resolves: RHEL-64018 -* Mon May 02 2022 Sergio Correia - 3.0.7-4 -- Drop ProtectHome from auditd.service as it interferes with rules - Resolves: rhbz#2071727 - Default systemd service config blocks audit watch rules in some directories +* Mon Jun 24 2024 Troy Dawson - 4.0-9 +- Bump release for June 2024 mass rebuild -* Mon Mar 14 2022 Sergio Correia - 3.0.7-3 -- Fix path normalization in auparse - Resolves: rhbz#2062612 - auparse missing information when used with --format-text +* Sun Feb 04 2024 Timothée Ravier - 4.0-8 +- Fix 'install' calls in post scriptlet -* Tue Feb 22 2022 Sergio Correia - 3.0.7-2 +* Thu Jan 25 2024 Steve Grubb 4.0-7 +- Don't do "live" operations during rpm-ostree composes + +* Wed Jan 24 2024 Steve Grubb 4.0-5 +- Auditd is stopping during upgrade (bz 2259610) + +* Mon Jan 22 2024 Fedora Release Engineering - 4.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Fri Jan 19 2024 Fedora Release Engineering - 4.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Tue Jan 16 2024 Steve Grubb 4.0-1 +- New upstream major release + +* Sat Nov 04 2023 Steve Grubb 3.1.2-5 +- Bug fixes pulled from upstrean + +* Wed Sep 13 2023 Dusty Mabe 3.1.2-4 +- Remove initscripts-service from Requires(postun) + +* Fri Sep 01 2023 Steve Grubb 3.1.2-3 +- Change initscrips-service to a Recommends + +* Sat Aug 26 2023 Steve Grubb 3.1.2-2 +- SPDX Migration + +* Sun Aug 06 2023 Steve Grubb 3.1.2-1 +- New upstream release + +* Wed Jul 19 2023 Fedora Release Engineering - 3.1.1-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Tue Jun 13 2023 Python Maint - 3.1.1-3 +- Rebuilt for Python 3.12 + +* Tue May 09 2023 Davide Cavalca 3.1.1-2 +- Install the base ruleset on RHEL + +* Thu Apr 27 2023 Steve Grubb 3.1.1-1 +- New upstream release + +* Thu Feb 09 2023 Steve Grubb 3.1-2 +- New upstream feature release + +* Wed Jan 18 2023 Fedora Release Engineering - 3.0.9-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Thu Dec 22 2022 Steve Grubb 3.0.9-2 +- BuildRequires python-setuptools +- SPDX Migration + +* Mon Aug 29 2022 Steve Grubb 3.0.9-1 +- New upstream bugfix release + +* Wed Jul 20 2022 Fedora Release Engineering - 3.0.8-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + +* Mon Jun 13 2022 Python Maint - 3.0.8-2 +- Rebuilt for Python 3.11 + +* Tue Mar 29 2022 Steve Grubb 3.0.8-1 +- New upstream bugfix release + +* Thu Feb 24 2022 Steve Grubb 3.0.7-3 +- Undo fix to libaudit.h before installing + +* Mon Feb 14 2022 Steve Grubb 3.0.7-2 - Adjust sample-rules dir permissions - Resolves: rhbz#2054727 - /usr/share/audit/sample-rules is no longer readable by non-root users +- Add support for new access/dealloc function attributes +- Adjust compile flags for less warnings -* Tue Jan 25 2022 Sergio Correia - 3.0.7-1 -- New upstream release - 3.0.7 - Related: rhbz#1939406 +* Sun Jan 23 2022 Steve Grubb 3.0.7-1 +- New upstream bugfix and feature release -* Thu Jan 13 2022 Sergio Correia - 3.0.5-1 -- Rebase audit package on 8.6 - Resolves: rhbz#1939406 - Resolves: rhbz#1906065 - Resolves: rhbz#1921447 - Resolves: rhbz#1927884 - Resolves: rhbz#1921658 +* Wed Jan 19 2022 Fedora Release Engineering - 3.0.6-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild -* Wed Jan 08 2020 Steve Grubb 3.0-0.17.20191104git1c2f876 -resolves: rhbz#1757986 - Rebase audit package on 8.2 for updates (bpf patch) +* Wed Jan 05 2022 Steve Grubb 3.0.6-2 +- Require initscripts-service instead of initscripts -* Thu Nov 28 2019 Steve Grubb 3.0-0.16.20191104git1c2f876 -resolves: rhbz#1497279 - Add option to interpret fields in audit syslog plugin +* Fri Oct 01 2021 Steve Grubb 3.0.6-1 +- New upstream bugfix release -* Mon Nov 04 2019 Steve Grubb 3.0-0.15.20191104git1c2f876 -resolves: rhbz#1757986 - Rebase audit package on 8.2 for updates -resolves: rhbz#1767054 - move audit rules to shared data directory -resolves: rhbz#1746018 - Breakup 30-ospp-v42.rules into more granular files -resolves: rhbz#1740798 - auditctl(8) needs clarification for backlog_limit -resolves: rhbz#1497279 - Add option to interpret fields in audit syslog plugin +* Tue Sep 14 2021 Steve Grubb 3.0.5-3 +- Move BuildRequires around to what actually needs it -* Thu Jul 25 2019 Steve Grubb 3.0-0.13.20190607gitf58ec40 -resolves: rhbz#1695638 - Rebase audit package to pick up latest bugfixes +* Tue Sep 14 2021 Steve Grubb 3.0.5-2 +- Drop IPX interpretation support -* Sat Jul 13 2019 Steve Grubb 3.0-0.12.20190607gitf58ec40 -resolves: rhbz#1695638 - Rebase audit package to pick up latest bugfixes +* Wed Aug 11 2021 Steve Grubb 3.0.5-1 +- New upstream bugfix release -* Mon Jun 10 2019 Steve Grubb 3.0-0.11.20190607gitf58ec40 -resolves: rhbz#1643567 - service auditd stop exits prematurely -resolves: rhbz#1693470 - libauparse memory leak -resolves: rhbz#1694071 - ausearch doesn't record device/inode details checkpointing a single file -resolves: rhbz#1695638 - Rebase audit package to pick up latest bugfixes -resolves: rhbz#1705894 - aureport aborts when using a specific input -resolves: rhbz#1706045 - RFE: Backport support for new audit record types -resolves: rhbz#1715852 - RFE: provide a way to filter on network address family +* Sun Aug 08 2021 Steve Grubb 3.0.4-1 +- New upstream feature release -* Wed Jan 09 2019 Steve Grubb 3.0-0.10.20180831git0047a6c -resolves: rhbz#1655270] Message "audit: backlog limit exceeded" reported -- Fix annobin failure +* Wed Jul 21 2021 Fedora Release Engineering - 3.0.3-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild -* Fri Dec 07 2018 Steve Grubb 3.0-0.8.20180831git0047a6c -resolves: rhbz#1639745 - build requires go-toolset-7 which is not available -resolves: rhbz#1643567 - service auditd stop exits prematurely -resolves: rhbz#1616428 - Update git snapshot of audit package -- Remove static libs subpackage +* Wed Jul 14 2021 Steve Grubb 3.0.3-1 +- New upstream feature release -* Fri Aug 31 2018 Steve Grubb 3.0-0.5.20180831git0047a6c -resolves: rhbz#1616428 - Update git snapshot of audit package +* Thu Jun 24 2021 Sergio Correia - 3.0.2-2 +- Do not use custom sbindir and libdir in configure + +* Thu Jun 10 2021 Steve Grubb 3.0.2-1 +- New upstream feature and bugfix release + +* Fri Jun 04 2021 Python Maint - 3.0.1-3 +- Rebuilt for Python 3.10 + +* Thu Feb 18 2021 Steve Grubb 3.0.1-2 +- Add patch fixing segafult in the audisp-statsd plugin + +* Fri Feb 12 2021 Steve Grubb 3.0.1-1 +- New upstream feature and bugfix release +- Enable building the audisp-statsd plugin + +* Tue Jan 26 2021 Fedora Release Engineering - 3.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Wed Dec 16 2020 Steve Grubb 3.0-1 +- New upstream feature and bugfix release + +* Mon Jul 27 2020 Fedora Release Engineering - 3.0-0.21.20191104git1c2f876 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Tue May 26 2020 Miro Hrončok - 3.0-0.20.20191104git1c2f876 +- Rebuilt for Python 3.9 + +* Thu Mar 12 2020 Steve Grubb 3.0-0.19.20191104git1c2f876 +- Add Obsolete python2-audit (#1783061) + +* Wed Jan 29 2020 Steve Grubb 3.0-0.18.20191104git1c2f876 +- Fix multiple definition of `event_node_list' (#1794446) + +* Tue Jan 28 2020 Fedora Release Engineering - 3.0-0.17.20191104git1c2f876 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +* Fri Nov 22 2019 Steve Grubb 3.0-0.16.20191104git1c2f876 +- Drop python2 subpackage (#1775076) + +* Mon Nov 04 2019 Steve Grubb 3.0-0.14.20191104git1c2f876 +- New upstream git snapshot prerelease + +* Thu Oct 03 2019 Miro Hrončok - 3.0-0.14.20190507gitf58ec40 +- Rebuilt for Python 3.8.0rc1 (#1748018) + +* Mon Aug 19 2019 Miro Hrončok - 3.0-0.13.20190507gitf58ec40 +- Rebuilt for Python 3.8 + +* Wed Jul 31 2019 Steve Grubb 3.0-0.12.20190507gitf58ec40 +- Fix 1734953 - audit: FTBFS in Fedora rawhide/f31 + +* Wed Jul 24 2019 Fedora Release Engineering - 3.0-0.11.20190507gitf58ec40 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Fri Jul 05 2019 Steve Grubb 3.0-0.10.20190507gitf58ec40 +- Add initscripts package to the requires (bz #1727058) + +* Mon Jun 10 2019 Steve Grubb 3.0-0.9.20190507gitf58ec40 +- New upstream git snapshot prerelease which fixes several problems +- Fixed 1698130 - removing audit.rpm doesn't stop auditd + +* Tue Mar 26 2019 Steve Grubb 3.0-0.7.20190326git03e7489 +- New upstream git snapshot prerelease which fixes a memory leak + +* Thu Jan 31 2019 Fedora Release Engineering - 3.0-0.6.20181218gitbdb72c0 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Tue Dec 18 2018 Steve Grubb 3.0-0.5.20181218gitbdb72c0 +- New upstream git snapshot prerelease +- Remove historical ldconfig scriptlet (#1644056) + +* Fri Aug 31 2018 Steve Grubb 3.0-0.4.20180831git0047a6c +- New upstream feature prerelease * Wed Aug 08 2018 Steve Grubb 3.0-0.2.20180808git77fbcf3 -resolves: rhbz#1567357 New upstream feature prerelease +- New upstream feature prerelease * Tue Jul 17 2018 Steve Grubb 3.0-0.1.20180717gitacd53d1 - New upstream feature prerelease -* Tue Jun 26 2018 Steve Grubb 2.8.4-2 -- Fix segfault on shutdown +* Thu Jul 12 2018 Fedora Release Engineering - 2.8.4-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + +* Wed Jul 4 2018 Peter Robinson 2.8.4-3 +- Remove unused sys V initscripts legacy bits + +* Mon Jul 02 2018 Miro Hrončok - 2.8.4-2 +- Rebuilt for Python 3.7 * Tue Jun 19 2018 Steve Grubb 2.8.4-1 - New upstream bugfix release -* Wed May 30 2018 Steve Grubb 2.8.3-1 -- New upstream bugfix release -- Remove Python2 support +* Tue Jun 19 2018 Miro Hrončok - 2.8.3-4 +- Rebuilt for Python 3.7 -* Fri Apr 13 2018 Tom Stellard - 2.7.8-2 -- Use go-toolset-7 instead of golang -- Package now must be built with: rhpkg --release rhel-8.0-go-toolset +* Tue Apr 10 2018 Pete Walter - 2.8.3-3 +- Rename Python 2 and 3 subpackages to python2-audit and python3-audit as per guidelines + +* Mon Mar 26 2018 Steve Grubb 2.8.3-2 +- Fix Obsoletion of audit-libs-python not handled properly (#1559674) + +* Sat Mar 10 2018 Steve Grubb 2.8.3-1 +- New upstream bugfix release + +* Wed Feb 07 2018 Fedora Release Engineering - 2.8.2-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Mon Feb 05 2018 Steve Grubb 2.8.2-3 +- Add a Provides audit-libs-python (#1537864) +- Remove tcp_wrappers support? + +* Thu Dec 14 2017 Steve Grubb 2.8.2-2 +- Rename things from python to python2 + +* Thu Dec 14 2017 Steve Grubb 2.8.2-1 +- New upstream bugfix release + +* Thu Oct 12 2017 Steve Grubb 2.8.1-1 +- New upstream bugfix release + +* Tue Oct 10 2017 Steve Grubb 2.8-1 +- New upstream feature release * Mon Sep 18 2017 Steve Grubb 2.7.8-1 - New upstream bugfix release diff --git a/SOURCES/lgpl-2.1.txt b/lgpl-2.1.txt similarity index 100% rename from SOURCES/lgpl-2.1.txt rename to lgpl-2.1.txt diff --git a/remote-logging-ordering-cycle.patch b/remote-logging-ordering-cycle.patch new file mode 100644 index 0000000..cc30a0d --- /dev/null +++ b/remote-logging-ordering-cycle.patch @@ -0,0 +1,14 @@ +diff --git a/init.d/auditd.service.in b/init.d/auditd.service.in +index 173795164..853912f61 100644 +--- a/init.d/auditd.service.in ++++ b/init.d/auditd.service.in +@@ -16,6 +16,9 @@ Wants=audit-rules.service + ## a minimal file that overrides only the necessary lines but inherits the + ## original settings in case they get updated by a distribution. Please check + ## systemd documentation if it's unclear how to override settings. ++## If using remote logging, ensure that the systemd-update-utmp.service file ++## is updated to remove the After=auditd.service directive to prevent a ++## boot-time ordering cycle. + After=local-fs.target systemd-tmpfiles-setup.service + #After=network-online.target local-fs.target systemd-tmpfiles-setup.service + Before=sysinit.target shutdown.target audit-rules.service diff --git a/sources b/sources new file mode 100644 index 0000000..b48a140 --- /dev/null +++ b/sources @@ -0,0 +1 @@ +SHA512 (v4.0.3.tar.gz) = a20d2f832632fa844764086aac98c80f7fcb120ceeaae7472248e04eec0493981e31fd59f22c3f0dbff81ccbcd132b8297812f2b4cdb87b866c59aedf3611342