import audit-3.0-0.16.20191104git1c2f876.el8
This commit is contained in:
parent
4099361ee3
commit
e47b2bda8c
@ -1 +1 @@
|
|||||||
5205dd634a26512d69d75ca27171c70b70f102f0 SOURCES/audit-3.0-alpha8.tar.gz
|
fe9807c29de893c8e8bc4df8624e00a98ab2b32a SOURCES/audit-3.0-alpha9.tar.gz
|
||||||
|
2
.gitignore
vendored
2
.gitignore
vendored
@ -1 +1 @@
|
|||||||
SOURCES/audit-3.0-alpha8.tar.gz
|
SOURCES/audit-3.0-alpha9.tar.gz
|
||||||
|
36
SOURCES/audit-3.0-clang-warnings.patch
Normal file
36
SOURCES/audit-3.0-clang-warnings.patch
Normal file
@ -0,0 +1,36 @@
|
|||||||
|
commit b4b63a18e044e507b9091f01aef91d4b3beff97d
|
||||||
|
Author: Steve Grubb <sgrubb@redhat.com>
|
||||||
|
Date: Mon Nov 4 16:54:44 2019 -0500
|
||||||
|
|
||||||
|
Fix 2 clang reported warnings
|
||||||
|
|
||||||
|
diff --git a/audisp/plugins/syslog/audisp-syslog.c b/audisp/plugins/syslog/audisp-syslog.c
|
||||||
|
index 2515e0b..9daa021 100644
|
||||||
|
--- a/audisp/plugins/syslog/audisp-syslog.c
|
||||||
|
+++ b/audisp/plugins/syslog/audisp-syslog.c
|
||||||
|
@@ -181,7 +181,7 @@ static inline void write_syslog(char *s)
|
||||||
|
mptr = stpcpy(mptr, fval ? fval : "?");
|
||||||
|
mptr = stpcpy(mptr, " ");
|
||||||
|
rc = auparse_next_field(au);
|
||||||
|
- if (!header && strcmp(fname, "type") == 0) {
|
||||||
|
+ if (!header && fname && strcmp(fname, "type") == 0) {
|
||||||
|
mptr = stpcpy(mptr, "msg=audit(");
|
||||||
|
|
||||||
|
time_t t = auparse_get_time(au);
|
||||||
|
diff --git a/src/ausearch-lol.c b/src/ausearch-lol.c
|
||||||
|
index 54452e8..e709456 100644
|
||||||
|
--- a/src/ausearch-lol.c
|
||||||
|
+++ b/src/ausearch-lol.c
|
||||||
|
@@ -324,8 +324,11 @@ int lol_add_record(lol *lo, char *buff)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Eat standalone EOE, main event was already marked complete
|
||||||
|
- if (e.type == AUDIT_EOE)
|
||||||
|
+ if (e.type == AUDIT_EOE) {
|
||||||
|
+ free((char *)e.node);
|
||||||
|
+ free(n.message);
|
||||||
|
return 0;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
// Create new event and fill it in
|
||||||
|
l = malloc(sizeof(llist));
|
35
SOURCES/audit-3.0-user-event.patch
Normal file
35
SOURCES/audit-3.0-user-event.patch
Normal file
@ -0,0 +1,35 @@
|
|||||||
|
diff --git a/src/auditctl.c b/src/auditctl.c
|
||||||
|
index ac08e47..1150911 100644
|
||||||
|
--- a/src/auditctl.c
|
||||||
|
+++ b/src/auditctl.c
|
||||||
|
@@ -809,6 +809,7 @@ static int setopt(int count, int lineno, char *vars[])
|
||||||
|
retval = -1;
|
||||||
|
} else {
|
||||||
|
const char*s = optarg;
|
||||||
|
+ char *umsg;
|
||||||
|
while (*s) {
|
||||||
|
if (*s < 32) {
|
||||||
|
audit_msg(LOG_ERR,
|
||||||
|
@@ -817,11 +818,18 @@ static int setopt(int count, int lineno, char *vars[])
|
||||||
|
}
|
||||||
|
s++;
|
||||||
|
}
|
||||||
|
+ if (asprintf(&umsg, "text=%s", optarg) < 0) {
|
||||||
|
+ audit_msg(LOG_ERR, "Can't create user event");
|
||||||
|
+ return -1;
|
||||||
|
+ }
|
||||||
|
if (audit_log_user_message( fd, AUDIT_USER,
|
||||||
|
- optarg, NULL, NULL, NULL, 1) <= 0)
|
||||||
|
- retval = -1;
|
||||||
|
- else
|
||||||
|
- return -2; // success - no reply for this
|
||||||
|
+ umsg, NULL, NULL, NULL, 1) <= 0)
|
||||||
|
+ retval = -1;
|
||||||
|
+ else {
|
||||||
|
+ free(umsg);
|
||||||
|
+ return -2; // success - no reply for this
|
||||||
|
+ }
|
||||||
|
+ free(umsg);
|
||||||
|
}
|
||||||
|
break;
|
||||||
|
case 'R':
|
@ -1,23 +1,26 @@
|
|||||||
%{!?python_sitearch: %define python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")}
|
%{!?python_sitearch: %define python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")}
|
||||||
|
|
||||||
Summary: User space tools for 2.6 kernel auditing
|
Summary: User space tools for kernel auditing
|
||||||
Name: audit
|
Name: audit
|
||||||
Version: 3.0
|
Version: 3.0
|
||||||
Release: 0.11.20190507gitf58ec40%{?dist}
|
Release: 0.16.20191104git1c2f876%{?dist}
|
||||||
License: GPLv2+
|
License: GPLv2+
|
||||||
URL: http://people.redhat.com/sgrubb/audit/
|
URL: http://people.redhat.com/sgrubb/audit/
|
||||||
Source0: http://people.redhat.com/sgrubb/audit/%{name}-%{version}-alpha8.tar.gz
|
Source0: http://people.redhat.com/sgrubb/audit/%{name}-%{version}-alpha9.tar.gz
|
||||||
Source1: https://www.gnu.org/licenses/lgpl-2.1.txt
|
Source1: https://www.gnu.org/licenses/lgpl-2.1.txt
|
||||||
|
Patch1: audit-3.0-clang-warnings.patch
|
||||||
|
Patch2: audit-3.0-user-event.patch
|
||||||
|
|
||||||
BuildRequires: gcc swig
|
BuildRequires: gcc swig
|
||||||
BuildRequires: openldap-devel
|
BuildRequires: openldap-devel
|
||||||
BuildRequires: krb5-devel libcap-ng-devel
|
BuildRequires: krb5-devel libcap-ng-devel
|
||||||
BuildRequires: kernel-headers >= 2.6.29
|
BuildRequires: kernel-headers >= 2.6.29
|
||||||
Requires: %{name}-libs%{?_isa} = %{version}-%{release}
|
|
||||||
BuildRequires: systemd
|
BuildRequires: systemd
|
||||||
|
|
||||||
|
Requires: %{name}-libs%{?_isa} = %{version}-%{release}
|
||||||
Requires(post): systemd coreutils
|
Requires(post): systemd coreutils
|
||||||
Requires(preun): systemd
|
Requires(preun): systemd initscripts
|
||||||
Requires(postun): systemd coreutils
|
Requires(postun): systemd coreutils initscripts
|
||||||
|
|
||||||
%description
|
%description
|
||||||
The audit package contains the user space utilities for
|
The audit package contains the user space utilities for
|
||||||
@ -79,10 +82,10 @@ incoming audit events, as they happen, to a configured z/OS SMF (Service
|
|||||||
Management Facility) database, through an IBM Tivoli Directory Server
|
Management Facility) database, through an IBM Tivoli Directory Server
|
||||||
(ITDS) set for Remote Audit service.
|
(ITDS) set for Remote Audit service.
|
||||||
|
|
||||||
%enable_gotoolset7
|
|
||||||
|
|
||||||
%prep
|
%prep
|
||||||
%setup -q
|
%setup -q
|
||||||
|
%patch1 -p1
|
||||||
|
%patch2 -p1
|
||||||
cp %{SOURCE1} .
|
cp %{SOURCE1} .
|
||||||
|
|
||||||
%build
|
%build
|
||||||
@ -90,7 +93,7 @@ cp %{SOURCE1} .
|
|||||||
--with-python3=yes \
|
--with-python3=yes \
|
||||||
--enable-gssapi-krb5=yes --with-arm --with-aarch64 \
|
--enable-gssapi-krb5=yes --with-arm --with-aarch64 \
|
||||||
--with-libcap-ng=yes --enable-zos-remote \
|
--with-libcap-ng=yes --enable-zos-remote \
|
||||||
--enable-systemd
|
--enable-systemd
|
||||||
|
|
||||||
make CFLAGS="%{optflags}" %{?_smp_mflags}
|
make CFLAGS="%{optflags}" %{?_smp_mflags}
|
||||||
|
|
||||||
@ -136,8 +139,8 @@ rm -f rules/Makefile*
|
|||||||
# Copy default rules into place on new installation
|
# Copy default rules into place on new installation
|
||||||
files=`ls /etc/audit/rules.d/ 2>/dev/null | wc -w`
|
files=`ls /etc/audit/rules.d/ 2>/dev/null | wc -w`
|
||||||
if [ "$files" -eq 0 ] ; then
|
if [ "$files" -eq 0 ] ; then
|
||||||
if [ -e /usr/share/doc/audit/rules/10-base-config.rules ] ; then
|
if [ -e %{_datadir}/%{name}/sample-rules/10-base-config.rules ] ; then
|
||||||
cp /usr/share/doc/audit/rules/10-base-config.rules /etc/audit/rules.d/audit.rules
|
cp %{_datadir}/%{name}/sample-rules/10-base-config.rules /etc/audit/rules.d/audit.rules
|
||||||
else
|
else
|
||||||
touch /etc/audit/rules.d/audit.rules
|
touch /etc/audit/rules.d/audit.rules
|
||||||
fi
|
fi
|
||||||
@ -148,12 +151,12 @@ fi
|
|||||||
%preun
|
%preun
|
||||||
%systemd_preun auditd.service
|
%systemd_preun auditd.service
|
||||||
if [ $1 -eq 0 ]; then
|
if [ $1 -eq 0 ]; then
|
||||||
/sbin/service auditd stop > /dev/null 2>&1
|
/sbin/service auditd stop > /dev/null 2>&1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
%postun
|
%postun
|
||||||
if [ $1 -ge 1 ]; then
|
if [ $1 -ge 1 ]; then
|
||||||
/sbin/service auditd condrestart > /dev/null 2>&1 || :
|
/sbin/service auditd condrestart > /dev/null 2>&1 || :
|
||||||
fi
|
fi
|
||||||
|
|
||||||
%files libs
|
%files libs
|
||||||
@ -180,9 +183,10 @@ fi
|
|||||||
%attr(755,root,root) %{python3_sitearch}/*
|
%attr(755,root,root) %{python3_sitearch}/*
|
||||||
|
|
||||||
%files
|
%files
|
||||||
%doc README ChangeLog rules init.d/auditd.cron
|
%doc README ChangeLog init.d/auditd.cron
|
||||||
%{!?_licensedir:%global license %%doc}
|
%{!?_licensedir:%global license %%doc}
|
||||||
%license COPYING
|
%license COPYING
|
||||||
|
%attr(644,root,root) %{_datadir}/%{name}/sample-rules/*
|
||||||
%attr(644,root,root) %{_mandir}/man8/auditctl.8.gz
|
%attr(644,root,root) %{_mandir}/man8/auditctl.8.gz
|
||||||
%attr(644,root,root) %{_mandir}/man8/auditd.8.gz
|
%attr(644,root,root) %{_mandir}/man8/auditd.8.gz
|
||||||
%attr(644,root,root) %{_mandir}/man8/aureport.8.gz
|
%attr(644,root,root) %{_mandir}/man8/aureport.8.gz
|
||||||
@ -202,7 +206,7 @@ fi
|
|||||||
%attr(755,root,root) /sbin/ausearch
|
%attr(755,root,root) /sbin/ausearch
|
||||||
%attr(755,root,root) /sbin/aureport
|
%attr(755,root,root) /sbin/aureport
|
||||||
%attr(750,root,root) /sbin/autrace
|
%attr(750,root,root) /sbin/autrace
|
||||||
%attr(750,root,root) /sbin/augenrules
|
%attr(755,root,root) /sbin/augenrules
|
||||||
%attr(755,root,root) %{_bindir}/aulast
|
%attr(755,root,root) %{_bindir}/aulast
|
||||||
%attr(755,root,root) %{_bindir}/aulastlog
|
%attr(755,root,root) %{_bindir}/aulastlog
|
||||||
%attr(755,root,root) %{_bindir}/ausyscall
|
%attr(755,root,root) %{_bindir}/ausyscall
|
||||||
@ -217,7 +221,7 @@ fi
|
|||||||
%attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/state
|
%attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/state
|
||||||
%attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/stop
|
%attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/stop
|
||||||
%ghost %{_localstatedir}/run/auditd.state
|
%ghost %{_localstatedir}/run/auditd.state
|
||||||
%attr(750,root,root) %dir %{_var}/log/audit
|
%attr(-,root,-) %dir %{_var}/log/audit
|
||||||
%attr(750,root,root) %dir /etc/audit
|
%attr(750,root,root) %dir /etc/audit
|
||||||
%attr(750,root,root) %dir /etc/audit/rules.d
|
%attr(750,root,root) %dir /etc/audit/rules.d
|
||||||
%attr(750,root,root) %dir /etc/audit/plugins.d
|
%attr(750,root,root) %dir /etc/audit/plugins.d
|
||||||
@ -246,6 +250,22 @@ fi
|
|||||||
%attr(750,root,root) /sbin/audispd-zos-remote
|
%attr(750,root,root) /sbin/audispd-zos-remote
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Thu Nov 28 2019 Steve Grubb <sgrubb@redhat.com> 3.0-0.18.20191104git1c2f876
|
||||||
|
resolves: rhbz#1497279 - Add option to interpret fields in audit syslog plugin
|
||||||
|
|
||||||
|
* Mon Nov 04 2019 Steve Grubb <sgrubb@redhat.com> 3.0-0.15.20191104git1c2f876
|
||||||
|
resolves: rhbz#1757986 - Rebase audit package on 8.2 for updates
|
||||||
|
resolves: rhbz#1767054 - move audit rules to shared data directory
|
||||||
|
resolves: rhbz#1746018 - Breakup 30-ospp-v42.rules into more granular files
|
||||||
|
resolves: rhbz#1740798 - auditctl(8) needs clarification for backlog_limit
|
||||||
|
resolves: rhbz#1497279 - Add option to interpret fields in audit syslog plugin
|
||||||
|
|
||||||
|
* Thu Jul 25 2019 Steve Grubb <sgrubb@redhat.com> 3.0-0.13.20190607gitf58ec40
|
||||||
|
resolves: rhbz#1695638 - Rebase audit package to pick up latest bugfixes
|
||||||
|
|
||||||
|
* Sat Jul 13 2019 Steve Grubb <sgrubb@redhat.com> 3.0-0.12.20190607gitf58ec40
|
||||||
|
resolves: rhbz#1695638 - Rebase audit package to pick up latest bugfixes
|
||||||
|
|
||||||
* Mon Jun 10 2019 Steve Grubb <sgrubb@redhat.com> 3.0-0.11.20190607gitf58ec40
|
* Mon Jun 10 2019 Steve Grubb <sgrubb@redhat.com> 3.0-0.11.20190607gitf58ec40
|
||||||
resolves: rhbz#1643567 - service auditd stop exits prematurely
|
resolves: rhbz#1643567 - service auditd stop exits prematurely
|
||||||
resolves: rhbz#1693470 - libauparse memory leak
|
resolves: rhbz#1693470 - libauparse memory leak
|
||||||
|
Loading…
Reference in New Issue
Block a user