import audit-3.0-0.16.20191104git1c2f876.el8

This commit is contained in:
CentOS Sources 2020-01-21 13:56:13 -05:00 committed by Stepan Oksanichenko
parent 4099361ee3
commit e47b2bda8c
5 changed files with 109 additions and 18 deletions

View File

@ -1 +1 @@
5205dd634a26512d69d75ca27171c70b70f102f0 SOURCES/audit-3.0-alpha8.tar.gz fe9807c29de893c8e8bc4df8624e00a98ab2b32a SOURCES/audit-3.0-alpha9.tar.gz

2
.gitignore vendored
View File

@ -1 +1 @@
SOURCES/audit-3.0-alpha8.tar.gz SOURCES/audit-3.0-alpha9.tar.gz

View File

@ -0,0 +1,36 @@
commit b4b63a18e044e507b9091f01aef91d4b3beff97d
Author: Steve Grubb <sgrubb@redhat.com>
Date: Mon Nov 4 16:54:44 2019 -0500
Fix 2 clang reported warnings
diff --git a/audisp/plugins/syslog/audisp-syslog.c b/audisp/plugins/syslog/audisp-syslog.c
index 2515e0b..9daa021 100644
--- a/audisp/plugins/syslog/audisp-syslog.c
+++ b/audisp/plugins/syslog/audisp-syslog.c
@@ -181,7 +181,7 @@ static inline void write_syslog(char *s)
mptr = stpcpy(mptr, fval ? fval : "?");
mptr = stpcpy(mptr, " ");
rc = auparse_next_field(au);
- if (!header && strcmp(fname, "type") == 0) {
+ if (!header && fname && strcmp(fname, "type") == 0) {
mptr = stpcpy(mptr, "msg=audit(");
time_t t = auparse_get_time(au);
diff --git a/src/ausearch-lol.c b/src/ausearch-lol.c
index 54452e8..e709456 100644
--- a/src/ausearch-lol.c
+++ b/src/ausearch-lol.c
@@ -324,8 +324,11 @@ int lol_add_record(lol *lo, char *buff)
}
// Eat standalone EOE, main event was already marked complete
- if (e.type == AUDIT_EOE)
+ if (e.type == AUDIT_EOE) {
+ free((char *)e.node);
+ free(n.message);
return 0;
+ }
// Create new event and fill it in
l = malloc(sizeof(llist));

View File

@ -0,0 +1,35 @@
diff --git a/src/auditctl.c b/src/auditctl.c
index ac08e47..1150911 100644
--- a/src/auditctl.c
+++ b/src/auditctl.c
@@ -809,6 +809,7 @@ static int setopt(int count, int lineno, char *vars[])
retval = -1;
} else {
const char*s = optarg;
+ char *umsg;
while (*s) {
if (*s < 32) {
audit_msg(LOG_ERR,
@@ -817,11 +818,18 @@ static int setopt(int count, int lineno, char *vars[])
}
s++;
}
+ if (asprintf(&umsg, "text=%s", optarg) < 0) {
+ audit_msg(LOG_ERR, "Can't create user event");
+ return -1;
+ }
if (audit_log_user_message( fd, AUDIT_USER,
- optarg, NULL, NULL, NULL, 1) <= 0)
- retval = -1;
- else
- return -2; // success - no reply for this
+ umsg, NULL, NULL, NULL, 1) <= 0)
+ retval = -1;
+ else {
+ free(umsg);
+ return -2; // success - no reply for this
+ }
+ free(umsg);
}
break;
case 'R':

View File

@ -1,23 +1,26 @@
%{!?python_sitearch: %define python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")} %{!?python_sitearch: %define python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")}
Summary: User space tools for 2.6 kernel auditing Summary: User space tools for kernel auditing
Name: audit Name: audit
Version: 3.0 Version: 3.0
Release: 0.11.20190507gitf58ec40%{?dist} Release: 0.16.20191104git1c2f876%{?dist}
License: GPLv2+ License: GPLv2+
URL: http://people.redhat.com/sgrubb/audit/ URL: http://people.redhat.com/sgrubb/audit/
Source0: http://people.redhat.com/sgrubb/audit/%{name}-%{version}-alpha8.tar.gz Source0: http://people.redhat.com/sgrubb/audit/%{name}-%{version}-alpha9.tar.gz
Source1: https://www.gnu.org/licenses/lgpl-2.1.txt Source1: https://www.gnu.org/licenses/lgpl-2.1.txt
Patch1: audit-3.0-clang-warnings.patch
Patch2: audit-3.0-user-event.patch
BuildRequires: gcc swig BuildRequires: gcc swig
BuildRequires: openldap-devel BuildRequires: openldap-devel
BuildRequires: krb5-devel libcap-ng-devel BuildRequires: krb5-devel libcap-ng-devel
BuildRequires: kernel-headers >= 2.6.29 BuildRequires: kernel-headers >= 2.6.29
Requires: %{name}-libs%{?_isa} = %{version}-%{release}
BuildRequires: systemd BuildRequires: systemd
Requires: %{name}-libs%{?_isa} = %{version}-%{release}
Requires(post): systemd coreutils Requires(post): systemd coreutils
Requires(preun): systemd Requires(preun): systemd initscripts
Requires(postun): systemd coreutils Requires(postun): systemd coreutils initscripts
%description %description
The audit package contains the user space utilities for The audit package contains the user space utilities for
@ -79,10 +82,10 @@ incoming audit events, as they happen, to a configured z/OS SMF (Service
Management Facility) database, through an IBM Tivoli Directory Server Management Facility) database, through an IBM Tivoli Directory Server
(ITDS) set for Remote Audit service. (ITDS) set for Remote Audit service.
%enable_gotoolset7
%prep %prep
%setup -q %setup -q
%patch1 -p1
%patch2 -p1
cp %{SOURCE1} . cp %{SOURCE1} .
%build %build
@ -90,7 +93,7 @@ cp %{SOURCE1} .
--with-python3=yes \ --with-python3=yes \
--enable-gssapi-krb5=yes --with-arm --with-aarch64 \ --enable-gssapi-krb5=yes --with-arm --with-aarch64 \
--with-libcap-ng=yes --enable-zos-remote \ --with-libcap-ng=yes --enable-zos-remote \
--enable-systemd --enable-systemd
make CFLAGS="%{optflags}" %{?_smp_mflags} make CFLAGS="%{optflags}" %{?_smp_mflags}
@ -136,8 +139,8 @@ rm -f rules/Makefile*
# Copy default rules into place on new installation # Copy default rules into place on new installation
files=`ls /etc/audit/rules.d/ 2>/dev/null | wc -w` files=`ls /etc/audit/rules.d/ 2>/dev/null | wc -w`
if [ "$files" -eq 0 ] ; then if [ "$files" -eq 0 ] ; then
if [ -e /usr/share/doc/audit/rules/10-base-config.rules ] ; then if [ -e %{_datadir}/%{name}/sample-rules/10-base-config.rules ] ; then
cp /usr/share/doc/audit/rules/10-base-config.rules /etc/audit/rules.d/audit.rules cp %{_datadir}/%{name}/sample-rules/10-base-config.rules /etc/audit/rules.d/audit.rules
else else
touch /etc/audit/rules.d/audit.rules touch /etc/audit/rules.d/audit.rules
fi fi
@ -148,12 +151,12 @@ fi
%preun %preun
%systemd_preun auditd.service %systemd_preun auditd.service
if [ $1 -eq 0 ]; then if [ $1 -eq 0 ]; then
/sbin/service auditd stop > /dev/null 2>&1 /sbin/service auditd stop > /dev/null 2>&1
fi fi
%postun %postun
if [ $1 -ge 1 ]; then if [ $1 -ge 1 ]; then
/sbin/service auditd condrestart > /dev/null 2>&1 || : /sbin/service auditd condrestart > /dev/null 2>&1 || :
fi fi
%files libs %files libs
@ -180,9 +183,10 @@ fi
%attr(755,root,root) %{python3_sitearch}/* %attr(755,root,root) %{python3_sitearch}/*
%files %files
%doc README ChangeLog rules init.d/auditd.cron %doc README ChangeLog init.d/auditd.cron
%{!?_licensedir:%global license %%doc} %{!?_licensedir:%global license %%doc}
%license COPYING %license COPYING
%attr(644,root,root) %{_datadir}/%{name}/sample-rules/*
%attr(644,root,root) %{_mandir}/man8/auditctl.8.gz %attr(644,root,root) %{_mandir}/man8/auditctl.8.gz
%attr(644,root,root) %{_mandir}/man8/auditd.8.gz %attr(644,root,root) %{_mandir}/man8/auditd.8.gz
%attr(644,root,root) %{_mandir}/man8/aureport.8.gz %attr(644,root,root) %{_mandir}/man8/aureport.8.gz
@ -202,7 +206,7 @@ fi
%attr(755,root,root) /sbin/ausearch %attr(755,root,root) /sbin/ausearch
%attr(755,root,root) /sbin/aureport %attr(755,root,root) /sbin/aureport
%attr(750,root,root) /sbin/autrace %attr(750,root,root) /sbin/autrace
%attr(750,root,root) /sbin/augenrules %attr(755,root,root) /sbin/augenrules
%attr(755,root,root) %{_bindir}/aulast %attr(755,root,root) %{_bindir}/aulast
%attr(755,root,root) %{_bindir}/aulastlog %attr(755,root,root) %{_bindir}/aulastlog
%attr(755,root,root) %{_bindir}/ausyscall %attr(755,root,root) %{_bindir}/ausyscall
@ -217,7 +221,7 @@ fi
%attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/state %attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/state
%attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/stop %attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/stop
%ghost %{_localstatedir}/run/auditd.state %ghost %{_localstatedir}/run/auditd.state
%attr(750,root,root) %dir %{_var}/log/audit %attr(-,root,-) %dir %{_var}/log/audit
%attr(750,root,root) %dir /etc/audit %attr(750,root,root) %dir /etc/audit
%attr(750,root,root) %dir /etc/audit/rules.d %attr(750,root,root) %dir /etc/audit/rules.d
%attr(750,root,root) %dir /etc/audit/plugins.d %attr(750,root,root) %dir /etc/audit/plugins.d
@ -246,6 +250,22 @@ fi
%attr(750,root,root) /sbin/audispd-zos-remote %attr(750,root,root) /sbin/audispd-zos-remote
%changelog %changelog
* Thu Nov 28 2019 Steve Grubb <sgrubb@redhat.com> 3.0-0.18.20191104git1c2f876
resolves: rhbz#1497279 - Add option to interpret fields in audit syslog plugin
* Mon Nov 04 2019 Steve Grubb <sgrubb@redhat.com> 3.0-0.15.20191104git1c2f876
resolves: rhbz#1757986 - Rebase audit package on 8.2 for updates
resolves: rhbz#1767054 - move audit rules to shared data directory
resolves: rhbz#1746018 - Breakup 30-ospp-v42.rules into more granular files
resolves: rhbz#1740798 - auditctl(8) needs clarification for backlog_limit
resolves: rhbz#1497279 - Add option to interpret fields in audit syslog plugin
* Thu Jul 25 2019 Steve Grubb <sgrubb@redhat.com> 3.0-0.13.20190607gitf58ec40
resolves: rhbz#1695638 - Rebase audit package to pick up latest bugfixes
* Sat Jul 13 2019 Steve Grubb <sgrubb@redhat.com> 3.0-0.12.20190607gitf58ec40
resolves: rhbz#1695638 - Rebase audit package to pick up latest bugfixes
* Mon Jun 10 2019 Steve Grubb <sgrubb@redhat.com> 3.0-0.11.20190607gitf58ec40 * Mon Jun 10 2019 Steve Grubb <sgrubb@redhat.com> 3.0-0.11.20190607gitf58ec40
resolves: rhbz#1643567 - service auditd stop exits prematurely resolves: rhbz#1643567 - service auditd stop exits prematurely
resolves: rhbz#1693470 - libauparse memory leak resolves: rhbz#1693470 - libauparse memory leak