import audit-3.0-0.16.20191104git1c2f876.el8

This commit is contained in:
CentOS Sources 2020-01-21 13:56:13 -05:00 committed by Stepan Oksanichenko
parent 4099361ee3
commit e47b2bda8c
5 changed files with 109 additions and 18 deletions

View File

@ -1 +1 @@
5205dd634a26512d69d75ca27171c70b70f102f0 SOURCES/audit-3.0-alpha8.tar.gz
fe9807c29de893c8e8bc4df8624e00a98ab2b32a SOURCES/audit-3.0-alpha9.tar.gz

2
.gitignore vendored
View File

@ -1 +1 @@
SOURCES/audit-3.0-alpha8.tar.gz
SOURCES/audit-3.0-alpha9.tar.gz

View File

@ -0,0 +1,36 @@
commit b4b63a18e044e507b9091f01aef91d4b3beff97d
Author: Steve Grubb <sgrubb@redhat.com>
Date: Mon Nov 4 16:54:44 2019 -0500
Fix 2 clang reported warnings
diff --git a/audisp/plugins/syslog/audisp-syslog.c b/audisp/plugins/syslog/audisp-syslog.c
index 2515e0b..9daa021 100644
--- a/audisp/plugins/syslog/audisp-syslog.c
+++ b/audisp/plugins/syslog/audisp-syslog.c
@@ -181,7 +181,7 @@ static inline void write_syslog(char *s)
mptr = stpcpy(mptr, fval ? fval : "?");
mptr = stpcpy(mptr, " ");
rc = auparse_next_field(au);
- if (!header && strcmp(fname, "type") == 0) {
+ if (!header && fname && strcmp(fname, "type") == 0) {
mptr = stpcpy(mptr, "msg=audit(");
time_t t = auparse_get_time(au);
diff --git a/src/ausearch-lol.c b/src/ausearch-lol.c
index 54452e8..e709456 100644
--- a/src/ausearch-lol.c
+++ b/src/ausearch-lol.c
@@ -324,8 +324,11 @@ int lol_add_record(lol *lo, char *buff)
}
// Eat standalone EOE, main event was already marked complete
- if (e.type == AUDIT_EOE)
+ if (e.type == AUDIT_EOE) {
+ free((char *)e.node);
+ free(n.message);
return 0;
+ }
// Create new event and fill it in
l = malloc(sizeof(llist));

View File

@ -0,0 +1,35 @@
diff --git a/src/auditctl.c b/src/auditctl.c
index ac08e47..1150911 100644
--- a/src/auditctl.c
+++ b/src/auditctl.c
@@ -809,6 +809,7 @@ static int setopt(int count, int lineno, char *vars[])
retval = -1;
} else {
const char*s = optarg;
+ char *umsg;
while (*s) {
if (*s < 32) {
audit_msg(LOG_ERR,
@@ -817,11 +818,18 @@ static int setopt(int count, int lineno, char *vars[])
}
s++;
}
+ if (asprintf(&umsg, "text=%s", optarg) < 0) {
+ audit_msg(LOG_ERR, "Can't create user event");
+ return -1;
+ }
if (audit_log_user_message( fd, AUDIT_USER,
- optarg, NULL, NULL, NULL, 1) <= 0)
- retval = -1;
- else
- return -2; // success - no reply for this
+ umsg, NULL, NULL, NULL, 1) <= 0)
+ retval = -1;
+ else {
+ free(umsg);
+ return -2; // success - no reply for this
+ }
+ free(umsg);
}
break;
case 'R':

View File

@ -1,23 +1,26 @@
%{!?python_sitearch: %define python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")}
Summary: User space tools for 2.6 kernel auditing
Summary: User space tools for kernel auditing
Name: audit
Version: 3.0
Release: 0.11.20190507gitf58ec40%{?dist}
Release: 0.16.20191104git1c2f876%{?dist}
License: GPLv2+
URL: http://people.redhat.com/sgrubb/audit/
Source0: http://people.redhat.com/sgrubb/audit/%{name}-%{version}-alpha8.tar.gz
Source0: http://people.redhat.com/sgrubb/audit/%{name}-%{version}-alpha9.tar.gz
Source1: https://www.gnu.org/licenses/lgpl-2.1.txt
Patch1: audit-3.0-clang-warnings.patch
Patch2: audit-3.0-user-event.patch
BuildRequires: gcc swig
BuildRequires: openldap-devel
BuildRequires: krb5-devel libcap-ng-devel
BuildRequires: kernel-headers >= 2.6.29
Requires: %{name}-libs%{?_isa} = %{version}-%{release}
BuildRequires: systemd
Requires: %{name}-libs%{?_isa} = %{version}-%{release}
Requires(post): systemd coreutils
Requires(preun): systemd
Requires(postun): systemd coreutils
Requires(preun): systemd initscripts
Requires(postun): systemd coreutils initscripts
%description
The audit package contains the user space utilities for
@ -79,10 +82,10 @@ incoming audit events, as they happen, to a configured z/OS SMF (Service
Management Facility) database, through an IBM Tivoli Directory Server
(ITDS) set for Remote Audit service.
%enable_gotoolset7
%prep
%setup -q
%patch1 -p1
%patch2 -p1
cp %{SOURCE1} .
%build
@ -90,7 +93,7 @@ cp %{SOURCE1} .
--with-python3=yes \
--enable-gssapi-krb5=yes --with-arm --with-aarch64 \
--with-libcap-ng=yes --enable-zos-remote \
--enable-systemd
--enable-systemd
make CFLAGS="%{optflags}" %{?_smp_mflags}
@ -136,8 +139,8 @@ rm -f rules/Makefile*
# Copy default rules into place on new installation
files=`ls /etc/audit/rules.d/ 2>/dev/null | wc -w`
if [ "$files" -eq 0 ] ; then
if [ -e /usr/share/doc/audit/rules/10-base-config.rules ] ; then
cp /usr/share/doc/audit/rules/10-base-config.rules /etc/audit/rules.d/audit.rules
if [ -e %{_datadir}/%{name}/sample-rules/10-base-config.rules ] ; then
cp %{_datadir}/%{name}/sample-rules/10-base-config.rules /etc/audit/rules.d/audit.rules
else
touch /etc/audit/rules.d/audit.rules
fi
@ -148,12 +151,12 @@ fi
%preun
%systemd_preun auditd.service
if [ $1 -eq 0 ]; then
/sbin/service auditd stop > /dev/null 2>&1
/sbin/service auditd stop > /dev/null 2>&1
fi
%postun
if [ $1 -ge 1 ]; then
/sbin/service auditd condrestart > /dev/null 2>&1 || :
/sbin/service auditd condrestart > /dev/null 2>&1 || :
fi
%files libs
@ -180,9 +183,10 @@ fi
%attr(755,root,root) %{python3_sitearch}/*
%files
%doc README ChangeLog rules init.d/auditd.cron
%doc README ChangeLog init.d/auditd.cron
%{!?_licensedir:%global license %%doc}
%license COPYING
%attr(644,root,root) %{_datadir}/%{name}/sample-rules/*
%attr(644,root,root) %{_mandir}/man8/auditctl.8.gz
%attr(644,root,root) %{_mandir}/man8/auditd.8.gz
%attr(644,root,root) %{_mandir}/man8/aureport.8.gz
@ -202,7 +206,7 @@ fi
%attr(755,root,root) /sbin/ausearch
%attr(755,root,root) /sbin/aureport
%attr(750,root,root) /sbin/autrace
%attr(750,root,root) /sbin/augenrules
%attr(755,root,root) /sbin/augenrules
%attr(755,root,root) %{_bindir}/aulast
%attr(755,root,root) %{_bindir}/aulastlog
%attr(755,root,root) %{_bindir}/ausyscall
@ -217,7 +221,7 @@ fi
%attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/state
%attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/stop
%ghost %{_localstatedir}/run/auditd.state
%attr(750,root,root) %dir %{_var}/log/audit
%attr(-,root,-) %dir %{_var}/log/audit
%attr(750,root,root) %dir /etc/audit
%attr(750,root,root) %dir /etc/audit/rules.d
%attr(750,root,root) %dir /etc/audit/plugins.d
@ -246,6 +250,22 @@ fi
%attr(750,root,root) /sbin/audispd-zos-remote
%changelog
* Thu Nov 28 2019 Steve Grubb <sgrubb@redhat.com> 3.0-0.18.20191104git1c2f876
resolves: rhbz#1497279 - Add option to interpret fields in audit syslog plugin
* Mon Nov 04 2019 Steve Grubb <sgrubb@redhat.com> 3.0-0.15.20191104git1c2f876
resolves: rhbz#1757986 - Rebase audit package on 8.2 for updates
resolves: rhbz#1767054 - move audit rules to shared data directory
resolves: rhbz#1746018 - Breakup 30-ospp-v42.rules into more granular files
resolves: rhbz#1740798 - auditctl(8) needs clarification for backlog_limit
resolves: rhbz#1497279 - Add option to interpret fields in audit syslog plugin
* Thu Jul 25 2019 Steve Grubb <sgrubb@redhat.com> 3.0-0.13.20190607gitf58ec40
resolves: rhbz#1695638 - Rebase audit package to pick up latest bugfixes
* Sat Jul 13 2019 Steve Grubb <sgrubb@redhat.com> 3.0-0.12.20190607gitf58ec40
resolves: rhbz#1695638 - Rebase audit package to pick up latest bugfixes
* Mon Jun 10 2019 Steve Grubb <sgrubb@redhat.com> 3.0-0.11.20190607gitf58ec40
resolves: rhbz#1643567 - service auditd stop exits prematurely
resolves: rhbz#1693470 - libauparse memory leak