rpms / audit

Clone
Source Code
GIT

Blame audit-1.5.7-updates.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-atomic-beta c8-beta f10 f11 f12 f13 f14 f15 f16 f17 f18 f19 f20 f21 f22 f23 f24 f25 f26 f27 f28 f29 f7 f8 f9 master
  1.   f7
  2.   audit-1.5.7-updates.patch
Blob History Raw
Steve Grubb 152c01 
diff -urp audit-1.5.6/auparse/auparse.h audit-1.5.7/auparse/auparse.h
Steve Grubb 152c01 
--- audit-1.5.6/auparse/auparse.h	2007-05-30 16:37:40.000000000 -0400
Steve Grubb 152c01 
+++ audit-1.5.7/auparse/auparse.h	2007-08-25 14:49:21.000000000 -0400
Steve Grubb 152c01 
@@ -38,19 +38,21 @@ typedef struct opaque auparse_state_t;
Steve Grubb 152c01 
 #endif
Steve Grubb 152c01
Steve Grubb 152c01 
 typedef void (*user_destroy)(void *user_data);
Steve Grubb 152c01 
-typedef void (*auparse_callback_ptr)(auparse_state_t *au, auparse_cb_event_t cb_event_type, void *user_data);
Steve Grubb 152c01 
+typedef void (*auparse_callback_ptr)(auparse_state_t *au,
Steve Grubb 152c01 
+			auparse_cb_event_t cb_event_type, void *user_data);
Steve Grubb 152c01
Steve Grubb 152c01 
 /* General functions that affect operation of the library */
Steve Grubb 152c01 
 auparse_state_t *auparse_init(ausource_t source, const void *b);
Steve Grubb 152c01 
 int auparse_feed(auparse_state_t *au, const char *data, size_t data_len);
Steve Grubb 152c01 
 int auparse_flush_feed(auparse_state_t *au);
Steve Grubb 152c01 
-void auparse_add_callback(auparse_state_t *au, auparse_callback_ptr callback, void *user_data, user_destroy user_destroy_func);
Steve Grubb 152c01 
+void auparse_add_callback(auparse_state_t *au, auparse_callback_ptr callback,
Steve Grubb 152c01 
+			void *user_data, user_destroy user_destroy_func);
Steve Grubb 152c01 
 int auparse_reset(auparse_state_t *au);
Steve Grubb 152c01 
 void auparse_destroy(auparse_state_t *au);
Steve Grubb 152c01
Steve Grubb 152c01 
 /* Functions that are part of the search interface */
Steve Grubb 152c01 
 int ausearch_add_item(auparse_state_t *au, const char *field, const char *op,
Steve Grubb 152c01 
-	const char *value, ausearch_rule_t how);
Steve Grubb 152c01 
+			const char *value, ausearch_rule_t how);
Steve Grubb 152c01 
 int ausearch_add_regex(auparse_state_t *au, const char *expr);
Steve Grubb 152c01 
 int ausearch_set_stop(auparse_state_t *au, austop_t where);
Steve Grubb 152c01 
 void ausearch_clear(auparse_state_t *au);
Steve Grubb 152c01 
diff -urp audit-1.5.6/auparse/test/Makefile.am audit-1.5.7/auparse/test/Makefile.am
Steve Grubb 152c01 
--- audit-1.5.6/auparse/test/Makefile.am	2007-05-17 15:26:49.000000000 -0400
Steve Grubb 152c01 
+++ audit-1.5.7/auparse/test/Makefile.am	2007-08-27 16:03:43.000000000 -0400
Steve Grubb 152c01 
@@ -22,6 +22,7 @@
Steve Grubb 152c01
Steve Grubb 152c01 
 check_PROGRAMS = auparse_test
Steve Grubb 152c01 
 check_SCRIPTS = auparse_test.py
Steve Grubb 152c01 
+EXTRA_DIST = auparse_test.ref
Steve Grubb 152c01
Steve Grubb 152c01 
 INCLUDES = -I..
Steve Grubb 152c01
Steve Grubb 152c01 
@@ -50,6 +51,3 @@ pymemcheck: auparse_test.py ../../bindin
Steve Grubb 152c01 
 ../../bindings/python/build/*/auparse.so: ../../bindings/python/auparse_python.c
Steve Grubb 152c01 
 	cd ../../bindings/python && make
Steve Grubb 152c01
Steve Grubb 152c01 
-
Steve Grubb 152c01 
-
Steve Grubb 152c01 
-
Steve Grubb 152c01 
diff -urp audit-1.5.6/contrib/nispom.rules audit-1.5.7/contrib/nispom.rules
Steve Grubb 152c01 
--- audit-1.5.6/contrib/nispom.rules	2007-04-18 17:50:20.000000000 -0400
Steve Grubb 152c01 
+++ audit-1.5.7/contrib/nispom.rules	2007-08-21 17:29:30.000000000 -0400
Steve Grubb 152c01 
@@ -18,10 +18,12 @@
Steve Grubb 152c01 
 ## Audit 1, 1(a) Enough information to determine the date and time of
Steve Grubb 152c01 
 ## action (e.g., common network time), the system locale of the action,
Steve Grubb 152c01 
 ## the system entity that initiated or completed the action, the resources
Steve Grubb 152c01 
-## involved, and the action involved.
Steve Grubb 152c01 
+## involved, and the action involved. NOTE: If you are on a x86_64 machine,
Steve Grubb 152c01 
+## they have a clock_settime syscall that should be enabled.
Steve Grubb 152c01
Steve Grubb 152c01 
 ## Things that could affect time
Steve Grubb 152c01 
 -a entry,always -S adjtimex -S settimeofday -k time-change
Steve Grubb 152c01 
+#-a entry,always -S clock_settime -k time-change
Steve Grubb 152c01 
 -w /etc/localtime -p wa -k time-change
Steve Grubb 152c01
Steve Grubb 152c01 
 ## Things that could affect system locale
Steve Grubb 152c01 
diff -urp audit-1.5.6/docs/auditd.conf.5 audit-1.5.7/docs/auditd.conf.5
Steve Grubb 152c01 
--- audit-1.5.6/docs/auditd.conf.5	2007-04-09 17:50:01.000000000 -0400
Steve Grubb 152c01 
+++ audit-1.5.7/docs/auditd.conf.5	2007-08-24 11:16:25.000000000 -0400
Steve Grubb 152c01 
@@ -1,4 +1,4 @@
Steve Grubb 152c01 
-.TH AUDITD.CONF: "5" "Jan 2007" "Red Hat" "System Administration Utilities"
Steve Grubb 152c01 
+.TH AUDITD.CONF: "5" "Aug 2007" "Red Hat" "System Administration Utilities"
Steve Grubb 152c01 
 .SH NAME
Steve Grubb 152c01 
 auditd.conf \- audit daemon configuration file
Steve Grubb 152c01 
 .SH DESCRIPTION
Steve Grubb 152c01 
@@ -8,8 +8,8 @@ contains configuration information speci
Steve Grubb 152c01 
 It should contain one configuration keyword per line, an equal sign,
Steve Grubb 152c01 
 and then followed by appropriate configuration information. The
Steve Grubb 152c01 
 keywords recognized are:
Steve Grubb 152c01 
-.IR  log_file ", " log_format ", " flush ", " freq ", " num_logs ",
Steve Grubb 152c01 
-.IR  max_log_file ", " max_log_file_action ", " space_left ",
Steve Grubb 152c01 
+.IR  log_file ", " log_format ", " log_group ", " flush ", " freq ",
Steve Grubb 152c01 
+.IR  num_logs ", " max_log_file ", " max_log_file_action ", " space_left ",
Steve Grubb 152c01 
 .IR  action_mail_acct ", " space_left_action ", " admin_space_left ",
Steve Grubb 152c01 
 .IR  admin_space_left_action ",
Steve Grubb 152c01 
 .IR  disk_full_action ", and " disk_error_action ".
Steve Grubb 152c01 
@@ -28,6 +28,9 @@ the audit records will be stored in a fo
Steve Grubb 152c01 
 .I NOLOG
Steve Grubb 152c01 
 then all audit information is discarded instead of writing to disk. This mode does not affect data sent to the audit event dispatcher.
Steve Grubb 152c01 
 .TP
Steve Grubb 152c01 
+.I log_group
Steve Grubb 152c01 
+This keyword specifies the group that is applied to the log file's permissions. The default is root. The group name can be either numeric or spelled out.
Steve Grubb 152c01 
+.TP
Steve Grubb 152c01 
 .I priority_boost
Steve Grubb 152c01 
 This is a non-negative number that tells the audit damon how much of a priority boost it should take. The default is 3. No change is 0.
Steve Grubb 152c01 
 .TP
Steve Grubb 152c01 
diff -urp audit-1.5.6/docs/autrace.8 audit-1.5.7/docs/autrace.8
Steve Grubb 152c01 
--- audit-1.5.6/docs/autrace.8	2007-04-09 17:50:01.000000000 -0400
Steve Grubb 152c01 
+++ audit-1.5.7/docs/autrace.8	2007-08-27 15:16:53.000000000 -0400
Steve Grubb 152c01 
@@ -8,7 +8,7 @@ autrace \- a program similar to strace
Steve Grubb 152c01 
 .RI [ program-args ]...
Steve Grubb 152c01 
 .SH DESCRIPTION
Steve Grubb 152c01 
 \fBautrace\fP is a program that will add the audit rules to trace a process similar to strace. It will then execute the \fIprogram\fP passing \fIarguments\fP to it. The resulting audit information will be in the audit logs if the audit daemon is running or syslog. This command deletes all audit rules prior to executing the target program and after executing it. As a safety precaution, it will not run unless all rules are deleted with
Steve Grubb 152c01 
-.B audtictl
Steve Grubb 152c01 
+.B auditctl
Steve Grubb 152c01 
 prior to use.
Steve Grubb 152c01 
 .SH OPTIONS
Steve Grubb 152c01 
 .TP
Steve Grubb 152c01 
diff -urp audit-1.5.6/init.d/auditd.conf audit-1.5.7/init.d/auditd.conf
Steve Grubb 152c01 
--- audit-1.5.6/init.d/auditd.conf	2007-04-09 17:50:01.000000000 -0400
Steve Grubb 152c01 
+++ audit-1.5.7/init.d/auditd.conf	2007-08-24 11:11:52.000000000 -0400
Steve Grubb 152c01 
@@ -4,6 +4,7 @@
Steve Grubb 152c01
Steve Grubb 152c01 
 log_file = /var/log/audit/audit.log
Steve Grubb 152c01 
 log_format = RAW
Steve Grubb 152c01 
+log_group = root
Steve Grubb 152c01 
 priority_boost = 3
Steve Grubb 152c01 
 flush = INCREMENTAL
Steve Grubb 152c01 
 freq = 20
Steve Grubb 152c01 
diff -urp audit-1.5.6/lib/alpha_table.h audit-1.5.7/lib/alpha_table.h
Steve Grubb 152c01 
--- audit-1.5.6/lib/alpha_table.h	2007-04-09 17:50:01.000000000 -0400
Steve Grubb 152c01 
+++ audit-1.5.7/lib/alpha_table.h	2007-08-26 17:32:50.000000000 -0400
Steve Grubb 152c01 
@@ -1,5 +1,5 @@
Steve Grubb 152c01 
 /* alpha_table.h --
Steve Grubb 152c01 
- * Copyright 2005,2006 Red Hat Inc., Durham, North Carolina.
Steve Grubb 152c01 
+ * Copyright 2005-07 Red Hat Inc., Durham, North Carolina.
Steve Grubb 152c01 
  * All Rights Reserved.
Steve Grubb 152c01 
  *
Steve Grubb 152c01 
  * This library is free software; you can redistribute it and/or
Steve Grubb 152c01 
@@ -387,3 +387,36 @@ _S(443, "ioprio_get")
Steve Grubb 152c01 
 _S(444, "inotify_init")
Steve Grubb 152c01 
 _S(445, "inotify_add_watch")
Steve Grubb 152c01 
 _S(446, "inotify_rm_watch")
Steve Grubb 152c01 
+_S(447, "fdatasync")
Steve Grubb 152c01 
+_S(448, "kexec_load")
Steve Grubb 152c01 
+_S(449, "migrate_pages")
Steve Grubb 152c01 
+_S(450, "openat")
Steve Grubb 152c01 
+_S(451, "mkdirat")
Steve Grubb 152c01 
+_S(452, "mknodat")
Steve Grubb 152c01 
+_S(453, "fchownat")
Steve Grubb 152c01 
+_S(454, "futimesat")
Steve Grubb 152c01 
+_S(455, "fstatat64")
Steve Grubb 152c01 
+_S(456, "unlinkat")
Steve Grubb 152c01 
+_S(457, "renameat")
Steve Grubb 152c01 
+_S(458, "linkat")
Steve Grubb 152c01 
+_S(459, "symlinkat")
Steve Grubb 152c01 
+_S(460, "readlinkat")
Steve Grubb 152c01 
+_S(461, "fchmodat")
Steve Grubb 152c01 
+_S(462, "faccessat")
Steve Grubb 152c01 
+_S(463, "pselect6")
Steve Grubb 152c01 
+_S(464, "ppoll")
Steve Grubb 152c01 
+_S(465, "unshare")
Steve Grubb 152c01 
+_S(466, "set_robust_list")
Steve Grubb 152c01 
+_S(467, "get_robust_list")
Steve Grubb 152c01 
+_S(468, "splice")
Steve Grubb 152c01 
+_S(469, "sync_file_range")
Steve Grubb 152c01 
+_S(470, "tee")
Steve Grubb 152c01 
+_S(471, "vmsplice")
Steve Grubb 152c01 
+_S(472, "move_pages")
Steve Grubb 152c01 
+_S(473, "getcpu")
Steve Grubb 152c01 
+_S(474, "epoll_pwait")
Steve Grubb 152c01 
+_S(475, "utimensat")
Steve Grubb 152c01 
+_S(476, "signalfd")
Steve Grubb 152c01 
+_S(477, "timerfd")
Steve Grubb 152c01 
+_S(478, "eventfd")
Steve Grubb 152c01 
+
Steve Grubb 152c01 
diff -urp audit-1.5.6/lib/i386_table.h audit-1.5.7/lib/i386_table.h
Steve Grubb 152c01 
--- audit-1.5.6/lib/i386_table.h	2007-04-09 17:50:01.000000000 -0400
Steve Grubb 152c01 
+++ audit-1.5.7/lib/i386_table.h	2007-08-26 17:24:53.000000000 -0400
Steve Grubb 152c01 
@@ -1,5 +1,5 @@
Steve Grubb 152c01 
 /* i386_table.h --
Steve Grubb 152c01 
- * Copyright 2005,2006 Red Hat Inc., Durham, North Carolina.
Steve Grubb 152c01 
+ * Copyright 2005-07 Red Hat Inc., Durham, North Carolina.
Steve Grubb 152c01 
  * All Rights Reserved.
Steve Grubb 152c01 
  *
Steve Grubb 152c01 
  * This library is free software; you can redistribute it and/or
Steve Grubb 152c01 
@@ -338,4 +338,9 @@ _S(316, "vmsplice")
Steve Grubb 152c01 
 _S(317, "move_pages")
Steve Grubb 152c01 
 _S(318, "getcpu")
Steve Grubb 152c01 
 _S(319, "epoll_pwait")
Steve Grubb 152c01 
+_S(320, "utimensat")
Steve Grubb 152c01 
+_S(321, "signalfd")
Steve Grubb 152c01 
+_S(322, "timerfd")
Steve Grubb 152c01 
+_S(323, "eventfd")
Steve Grubb 152c01 
+_S(324, "fallocate")
Steve Grubb 152c01
Steve Grubb 152c01 
diff -urp audit-1.5.6/lib/ia64_table.h audit-1.5.7/lib/ia64_table.h
Steve Grubb 152c01 
--- audit-1.5.6/lib/ia64_table.h	2007-04-29 15:48:05.000000000 -0400
Steve Grubb 152c01 
+++ audit-1.5.7/lib/ia64_table.h	2007-08-26 17:22:48.000000000 -0400
Steve Grubb 152c01 
@@ -1,5 +1,5 @@
Steve Grubb 152c01 
 /* ia64_table.h --
Steve Grubb 152c01 
- * Copyright 2005,2006 Red Hat Inc., Durham, North Carolina.
Steve Grubb 152c01 
+ * Copyright 2005-07 Red Hat Inc., Durham, North Carolina.
Steve Grubb 152c01 
  * All Rights Reserved.
Steve Grubb 152c01 
  *
Steve Grubb 152c01 
  * This library is free software; you can redistribute it and/or
Steve Grubb 152c01 
@@ -284,8 +284,8 @@ _S(1290, "symlinkat")
Steve Grubb 152c01 
 _S(1291, "readlinkat")
Steve Grubb 152c01 
 _S(1292, "fchmodat")
Steve Grubb 152c01 
 _S(1293, "faccessat")
Steve Grubb 152c01 
-//_S(1294, "")
Steve Grubb 152c01 
-//_S(1295, "")
Steve Grubb 152c01 
+_S(1294, "pselect")
Steve Grubb 152c01 
+_S(1295, "ppoll")
Steve Grubb 152c01 
 _S(1296, "unshare")
Steve Grubb 152c01 
 _S(1297, "splice")
Steve Grubb 152c01 
 _S(1298, "set_robust_list")
Steve Grubb 152c01 
@@ -293,6 +293,11 @@ _S(1299, "get_robust_list")
Steve Grubb 152c01 
 _S(1300, "sync_file_range")
Steve Grubb 152c01 
 _S(1301, "tee")
Steve Grubb 152c01 
 _S(1302, "vmsplice")
Steve Grubb 152c01 
-//_S(1303, "")
Steve Grubb 152c01 
+_S(1303, "fallocate")
Steve Grubb 152c01 
 _S(1304, "getcpu")
Steve Grubb 152c01 
+_S(1305, "epoll_pwait")
Steve Grubb 152c01 
+_S(1306, "utimensat")
Steve Grubb 152c01 
+_S(1307, "signalfd")
Steve Grubb 152c01 
+_S(1308, "timerfd")
Steve Grubb 152c01 
+_S(1309, "eventfd")
Steve Grubb 152c01
Steve Grubb 152c01 
diff -urp audit-1.5.6/lib/libaudit.c audit-1.5.7/lib/libaudit.c
Steve Grubb 152c01 
--- audit-1.5.6/lib/libaudit.c	2007-06-27 10:20:02.000000000 -0400
Steve Grubb 152c01 
+++ audit-1.5.7/lib/libaudit.c	2007-07-26 13:01:14.000000000 -0400
Steve Grubb 152c01 
@@ -1039,7 +1039,6 @@ int audit_rule_fieldpair_data(struct aud
Steve Grubb 152c01 
 					}
Steve Grubb 152c01 
 				}
Steve Grubb 152c01 
 				rule->values[rule->field_count] = val;
Steve Grubb 152c01 
-				audit_syscalladded = 1;// perm selects syscalls
Steve Grubb 152c01 
 			}
Steve Grubb 152c01 
 			break;
Steve Grubb 152c01 
 		case AUDIT_DEVMAJOR...AUDIT_SUCCESS:
Steve Grubb 152c01 
diff -urp audit-1.5.6/lib/libaudit.h audit-1.5.7/lib/libaudit.h
Steve Grubb 152c01 
--- audit-1.5.6/lib/libaudit.h	2007-07-23 17:27:09.000000000 -0400
Steve Grubb 152c01 
+++ audit-1.5.7/lib/libaudit.h	2007-08-23 10:22:40.000000000 -0400
Steve Grubb 152c01 
@@ -81,6 +81,8 @@ extern "C" {
Steve Grubb 152c01 
 #define AUDIT_TRUSTED_APP	1121	/* Trusted app msg - freestyle text */
Steve Grubb 152c01 
 #define AUDIT_USER_SELINUX_ERR	1122	/* SE Linux user space error */
Steve Grubb 152c01 
 #define AUDIT_USER_CMD		1123	/* User shell command and args */
Steve Grubb 152c01 
+#define AUDIT_USER_TTY		1124	/* Non-ICANON TTY input meaning */
Steve Grubb 152c01 
+#define AUDIT_CHUSER_ID		1125	/* Changed user ID supplemental data */
Steve Grubb 152c01
Steve Grubb 152c01 
 #define AUDIT_FIRST_DAEMON	1200
Steve Grubb 152c01 
 #define AUDIT_LAST_DAEMON	1299
Steve Grubb 152c01 
@@ -105,6 +107,9 @@ extern "C" {
Steve Grubb 152c01 
 #ifndef AUDIT_OBJ_PID
Steve Grubb 152c01 
 #define AUDIT_OBJ_PID		1318	/* Ptrace target */
Steve Grubb 152c01 
 #endif
Steve Grubb 152c01 
+#ifndef AUDIT_TTY
Steve Grubb 152c01 
+#define AUDIT_TTY		1319	/* Input on an administrative TTY */
Steve Grubb 152c01 
+#endif
Steve Grubb 152c01 
 #define AUDIT_LAST_EVENT	1399
Steve Grubb 152c01
Steve Grubb 152c01 
 #define AUDIT_FIRST_SELINUX	1400
Steve Grubb 152c01 
@@ -216,6 +221,12 @@ extern "C" {
Steve Grubb 152c01 
 #define AUDIT_MAKE_EQUIV        1015    /* Append to watched tree */
Steve Grubb 152c01 
 #endif
Steve Grubb 152c01
Steve Grubb 152c01 
+/* These are from the audit by tty patch */
Steve Grubb 152c01 
+#ifndef AUDIT_TTY_GET
Steve Grubb 152c01 
+#define AUDIT_TTY_GET		1016	/* Get TTY auditing status */
Steve Grubb 152c01 
+#define AUDIT_TTY_SET		1017	/* Set TTY audit status */
Steve Grubb 152c01 
+#endif
Steve Grubb 152c01 
+
Steve Grubb 152c01 
 /* This is for the new operator patch */
Steve Grubb 152c01 
 #ifndef AUDIT_BIT_MASK
Steve Grubb 152c01 
 #define AUDIT_BIT_MASK			0x08000000
Steve Grubb 152c01 
diff -urp audit-1.5.6/lib/msg_typetab.h audit-1.5.7/lib/msg_typetab.h
Steve Grubb 152c01 
--- audit-1.5.6/lib/msg_typetab.h	2007-07-23 17:27:09.000000000 -0400
Steve Grubb 152c01 
+++ audit-1.5.7/lib/msg_typetab.h	2007-08-23 10:24:15.000000000 -0400
Steve Grubb 152c01 
@@ -39,6 +39,8 @@ _S(AUDIT_LOGIN,                      "LO
Steve Grubb 152c01 
 _S(AUDIT_LIST_RULES,                 "LIST_RULES"                    )
Steve Grubb 152c01 
 //_S(AUDIT_TRIM,                     "TRIM"                          )
Steve Grubb 152c01 
 //_S(AUDIT_MAKE_EQUIV,               "MAKE_EQUIV"                    )
Steve Grubb 152c01 
+_S(AUDIT_TTY_GET,                    "TTY_GET"                       )
Steve Grubb 152c01 
+_S(AUDIT_TTY_SET,                    "TTY_SET"                       )
Steve Grubb 152c01 
 _S(AUDIT_USER_AUTH,                  "USER_AUTH"                     )
Steve Grubb 152c01 
 _S(AUDIT_USER_ACCT,                  "USER_ACCT"                     )
Steve Grubb 152c01 
 _S(AUDIT_USER_MGMT,                  "USER_MGMT"                     )
Steve Grubb 152c01 
@@ -63,6 +65,8 @@ _S(AUDIT_TEST,                       "TE
Steve Grubb 152c01 
 _S(AUDIT_TRUSTED_APP,                "TRUSTED_APP"                   )
Steve Grubb 152c01 
 _S(AUDIT_USER_SELINUX_ERR,           "USER_SELINUX_ERR"              )
Steve Grubb 152c01 
 _S(AUDIT_USER_CMD,                   "USER_CMD"                      )
Steve Grubb 152c01 
+_S(AUDIT_USER_TTY,                   "USER_TTY"                      )
Steve Grubb 152c01 
+_S(AUDIT_CHUSER_ID,                  "CHUSER_ID"                     )
Steve Grubb 152c01 
 _S(AUDIT_DAEMON_START,               "DAEMON_START"                  )
Steve Grubb 152c01 
 _S(AUDIT_DAEMON_END,                 "DAEMON_END"                    )
Steve Grubb 152c01 
 _S(AUDIT_DAEMON_ABORT,               "DAEMON_ABORT"                  )
Steve Grubb 152c01 
@@ -87,6 +91,7 @@ _S(AUDIT_MQ_GETSETATTR,              "MQ
Steve Grubb 152c01 
 _S(AUDIT_KERNEL_OTHER,               "KERNEL_OTHER"                  )
Steve Grubb 152c01 
 _S(AUDIT_FD_PAIR,                    "FD_PAIR"                       )
Steve Grubb 152c01 
 _S(AUDIT_OBJ_PID,                    "OBJ_PID"                       )
Steve Grubb 152c01 
+_S(AUDIT_TTY,                        "TTY"                           )
Steve Grubb 152c01 
 _S(AUDIT_AVC,                        "AVC"                           )
Steve Grubb 152c01 
 _S(AUDIT_SELINUX_ERR,                "SELINUX_ERR"                   )
Steve Grubb 152c01 
 _S(AUDIT_AVC_PATH,                   "AVC_PATH"                      )
Steve Grubb 152c01 
diff -urp audit-1.5.6/lib/ppc_table.h audit-1.5.7/lib/ppc_table.h
Steve Grubb 152c01 
--- audit-1.5.6/lib/ppc_table.h	2007-04-29 15:49:59.000000000 -0400
Steve Grubb 152c01 
+++ audit-1.5.7/lib/ppc_table.h	2007-08-26 17:18:59.000000000 -0400
Steve Grubb 152c01 
@@ -1,5 +1,5 @@
Steve Grubb 152c01 
 /* ppc_table.h --
Steve Grubb 152c01 
- * Copyright 2005,2006 Red Hat Inc., Durham, North Carolina.
Steve Grubb 152c01 
+ * Copyright 2005-07 Red Hat Inc., Durham, North Carolina.
Steve Grubb 152c01 
  * All Rights Reserved.
Steve Grubb 152c01 
  *
Steve Grubb 152c01 
  * This library is free software; you can redistribute it and/or
Steve Grubb 152c01 
@@ -317,4 +317,10 @@ _S(300, "set_robust_list")
Steve Grubb 152c01 
 _S(301, "move_pages")
Steve Grubb 152c01 
 _S(302, "getcpu")
Steve Grubb 152c01 
 _S(303, "epoll_pwait")
Steve Grubb 152c01 
+_S(304, "utimensat")
Steve Grubb 152c01 
+_S(305, "signalfd")
Steve Grubb 152c01 
+_S(306, "timerfd")
Steve Grubb 152c01 
+_S(307, "eventfd")
Steve Grubb 152c01 
+_S(308, "sync_file_range2")
Steve Grubb 152c01 
+_S(309, "fallocate")
Steve Grubb 152c01
Steve Grubb 152c01 
diff -urp audit-1.5.6/lib/s390_table.h audit-1.5.7/lib/s390_table.h
Steve Grubb 152c01 
--- audit-1.5.6/lib/s390_table.h	2007-04-29 15:50:47.000000000 -0400
Steve Grubb 152c01 
+++ audit-1.5.7/lib/s390_table.h	2007-08-26 17:15:35.000000000 -0400
Steve Grubb 152c01 
@@ -1,5 +1,5 @@
Steve Grubb 152c01 
 /* s390_table.h --
Steve Grubb 152c01 
- * Copyright 2005,2006 Red Hat Inc., Durham, North Carolina.
Steve Grubb 152c01 
+ * Copyright 2005-07 Red Hat Inc., Durham, North Carolina.
Steve Grubb 152c01 
  * All Rights Reserved.
Steve Grubb 152c01 
  *
Steve Grubb 152c01 
  * This library is free software; you can redistribute it and/or
Steve Grubb 152c01 
@@ -305,4 +305,9 @@ _S(309, "vmsplice")
Steve Grubb 152c01 
 _S(311, "getcpu")
Steve Grubb 152c01 
 _S(312, "epoll_pwait")
Steve Grubb 152c01 
 _S(313, "utimes")
Steve Grubb 152c01 
+_S(314, "fallocate")
Steve Grubb 152c01 
+_S(315, "utimensat")
Steve Grubb 152c01 
+_S(316, "signalfd")
Steve Grubb 152c01 
+_S(317, "timerfd")
Steve Grubb 152c01 
+_S(318, "eventfd")
Steve Grubb 152c01
Steve Grubb 152c01 
diff -urp audit-1.5.6/lib/s390x_table.h audit-1.5.7/lib/s390x_table.h
Steve Grubb 152c01 
--- audit-1.5.6/lib/s390x_table.h	2007-04-29 15:52:21.000000000 -0400
Steve Grubb 152c01 
+++ audit-1.5.7/lib/s390x_table.h	2007-08-26 17:15:47.000000000 -0400
Steve Grubb 152c01 
@@ -269,4 +269,9 @@ _S(309, "vmsplice")
Steve Grubb 152c01 
 _S(311, "getcpu")
Steve Grubb 152c01 
 _S(312, "epoll_pwait")
Steve Grubb 152c01 
 _S(313, "utimes")
Steve Grubb 152c01 
+_S(314, "fallocate")
Steve Grubb 152c01 
+_S(315, "utimensat")
Steve Grubb 152c01 
+_S(316, "signalfd")
Steve Grubb 152c01 
+_S(317, "timerfd")
Steve Grubb 152c01 
+_S(318, "eventfd")
Steve Grubb 152c01
Steve Grubb 152c01 
diff -urp audit-1.5.6/lib/x86_64_table.h audit-1.5.7/lib/x86_64_table.h
Steve Grubb 152c01 
--- audit-1.5.6/lib/x86_64_table.h	2007-04-09 17:50:01.000000000 -0400
Steve Grubb 152c01 
+++ audit-1.5.7/lib/x86_64_table.h	2007-08-26 17:16:39.000000000 -0400
Steve Grubb 152c01 
@@ -1,5 +1,5 @@
Steve Grubb 152c01 
 /* x86_64_table.h --
Steve Grubb 152c01 
- * Copyright 2005,2006 Red Hat Inc., Durham, North Carolina.
Steve Grubb 152c01 
+ * Copyright 2005-07 Red Hat Inc., Durham, North Carolina.
Steve Grubb 152c01 
  * All Rights Reserved.
Steve Grubb 152c01 
  *
Steve Grubb 152c01 
  * This library is free software; you can redistribute it and/or
Steve Grubb 152c01 
@@ -300,4 +300,10 @@ _S(276, "tee")
Steve Grubb 152c01 
 _S(277, "sync_file_range")
Steve Grubb 152c01 
 _S(278, "vmsplice")
Steve Grubb 152c01 
 _S(279, "move_pages")
Steve Grubb 152c01 
+_S(280, "utimensat")
Steve Grubb 152c01 
+_S(281, "epoll_pwait")
Steve Grubb 152c01 
+_S(282, "signalfd")
Steve Grubb 152c01 
+_S(283, "timerfd")
Steve Grubb 152c01 
+_S(284, "eventfd")
Steve Grubb 152c01 
+_S(285, "fallocate")
Steve Grubb 152c01
Steve Grubb 152c01 
diff -urp audit-1.5.6/src/auditctl.c audit-1.5.7/src/auditctl.c
Steve Grubb 152c01 
--- audit-1.5.6/src/auditctl.c	2007-07-24 16:33:35.000000000 -0400
Steve Grubb 152c01 
+++ audit-1.5.7/src/auditctl.c	2007-08-22 16:29:20.000000000 -0400
Steve Grubb 152c01 
@@ -70,6 +70,7 @@ static struct audit_rule_data *rule_new
Steve Grubb 152c01 
 extern int audit_archadded;
Steve Grubb 152c01 
 extern int audit_syscalladded;
Steve Grubb 152c01 
 extern unsigned int audit_elf;
Steve Grubb 152c01 
+int audit_permadded;
Steve Grubb 152c01
Steve Grubb 152c01 
 /*
Steve Grubb 152c01 
  * This function will reset everything used for each loop when loading
Steve Grubb 152c01 
@@ -79,6 +80,7 @@ static int reset_vars(void)
Steve Grubb 152c01 
 {
Steve Grubb 152c01 
 	list_requested = 0;
Steve Grubb 152c01 
 	audit_syscalladded = 0;
Steve Grubb 152c01 
+	audit_permadded = 0;
Steve Grubb 152c01 
 	audit_archadded = 0;
Steve Grubb 152c01 
 	audit_elf = 0;
Steve Grubb 152c01 
 	add = AUDIT_FILTER_UNSET;
Steve Grubb 152c01 
@@ -289,8 +291,10 @@ static int audit_setup_perms(struct audi
Steve Grubb 152c01 
 		}
Steve Grubb 152c01 
 	}
Steve Grubb 152c01
Steve Grubb 152c01 
-	if (audit_update_watch_perms(rule, val) == 0)
Steve Grubb 152c01 
+	if (audit_update_watch_perms(rule, val) == 0) {
Steve Grubb 152c01 
+		audit_permadded = 1;
Steve Grubb 152c01 
 		return 1;
Steve Grubb 152c01 
+	}
Steve Grubb 152c01 
 	return -1;
Steve Grubb 152c01 
 }
Steve Grubb 152c01
Steve Grubb 152c01 
@@ -327,7 +331,7 @@ void audit_request_rule_list(int fd)
Steve Grubb 152c01 
 }
Steve Grubb 152c01 
 // FIXME: Change these to enums
Steve Grubb 152c01 
 /*
Steve Grubb 152c01 
- * returns: -3 depreacted, -2 success - no reply, -1 error - noreply,
Steve Grubb 152c01 
+ * returns: -3 deprecated, -2 success - no reply, -1 error - noreply,
Steve Grubb 152c01 
  * 0 success - reply, > 0 success - rule
Steve Grubb 152c01 
  */
Steve Grubb 152c01 
 static int setopt(int count, char *vars[])
Steve Grubb 152c01 
@@ -584,6 +588,14 @@ static int setopt(int count, char *vars[
Steve Grubb 152c01 
 		switch (rc)
Steve Grubb 152c01 
 		{
Steve Grubb 152c01 
 			case 0:
Steve Grubb 152c01 
+				if (which == OLD &&
Steve Grubb 152c01 
+				    	rule.fields[rule.field_count-1] ==
Steve Grubb 152c01 
+						AUDIT_PERM)
Steve Grubb 152c01 
+					audit_permadded = 1;
Steve Grubb 152c01 
+				else if (which == NEW &&
Steve Grubb 152c01 
+				    rule_new->fields[rule_new->field_count-1] ==
Steve Grubb 152c01 
+						AUDIT_PERM)
Steve Grubb 152c01 
+					audit_permadded = 1;
Steve Grubb 152c01 
 				break;
Steve Grubb 152c01 
 			case -1:
Steve Grubb 152c01 
 				fprintf(stderr, "-F missing = for %s\n",
Steve Grubb 152c01 
@@ -715,7 +727,8 @@ static int setopt(int count, char *vars[
Steve Grubb 152c01 
 		}
Steve Grubb 152c01 
 		break;
Steve Grubb 152c01 
 	case 'k':
Steve Grubb 152c01 
-		if (audit_syscalladded != 1 ||
Steve Grubb 152c01 
+		// FIXME: nispom fails here
Steve Grubb 152c01 
+		if (!(audit_syscalladded || audit_permadded ) ||
Steve Grubb 152c01 
 				(add==AUDIT_FILTER_UNSET &&
Steve Grubb 152c01 
 					del==AUDIT_FILTER_UNSET)) {
Steve Grubb 152c01 
 			fprintf(stderr,
Steve Grubb 152c01 
@@ -765,7 +778,7 @@ static int setopt(int count, char *vars[
Steve Grubb 152c01 
 				fprintf(stderr,
Steve Grubb 152c01 
 				"You must give a watch prior to perms\n");
Steve Grubb 152c01 
 				retval = -1;
Steve Grubb 152c01 
-			} else
Steve Grubb 152c01 
+			} else
Steve Grubb 152c01 
 				retval = audit_setup_perms(rule_new, optarg);
Steve Grubb 152c01 
 		}
Steve Grubb 152c01 
 		break;
Steve Grubb 152c01 
diff -urp audit-1.5.6/src/auditd-config.c audit-1.5.7/src/auditd-config.c
Steve Grubb 152c01 
--- audit-1.5.6/src/auditd-config.c	2007-06-19 11:15:07.000000000 -0400
Steve Grubb 152c01 
+++ audit-1.5.7/src/auditd-config.c	2007-08-24 11:36:02.000000000 -0400
Steve Grubb 152c01 
@@ -65,6 +65,8 @@ static int log_file_parser(struct nv_pai
Steve Grubb 152c01 
 		struct daemon_conf *config);
Steve Grubb 152c01 
 static int num_logs_parser(struct nv_pair *nv, int line,
Steve Grubb 152c01 
 		struct daemon_conf *config);
Steve Grubb 152c01 
+static int log_group_parser(struct nv_pair *nv, int line,
Steve Grubb 152c01 
+		struct daemon_conf *config);
Steve Grubb 152c01 
 static int qos_parser(struct nv_pair *nv, int line,
Steve Grubb 152c01 
 		struct daemon_conf *config);
Steve Grubb 152c01 
 static int dispatch_parser(struct nv_pair *nv, int line,
Steve Grubb 152c01 
@@ -101,6 +103,7 @@ static const struct kw_pair keywords[] =
Steve Grubb 152c01 
 {
Steve Grubb 152c01 
   {"log_file",                 log_file_parser,			0 },
Steve Grubb 152c01 
   {"log_format",               log_format_parser,		0 },
Steve Grubb 152c01 
+  {"log_group",                log_group_parser,		0 },
Steve Grubb 152c01 
   {"flush",                    flush_parser,			0 },
Steve Grubb 152c01 
   {"freq",                     freq_parser,			0 },
Steve Grubb 152c01 
   {"num_logs",                 num_logs_parser,			0 },
Steve Grubb 152c01 
@@ -185,6 +188,7 @@ static void clear_config(struct daemon_c
Steve Grubb 152c01 
 	config->sender_ctx = NULL;
Steve Grubb 152c01 
 	config->log_file = strdup("/var/log/audit/audit.log");
Steve Grubb 152c01 
 	config->log_format = LF_RAW;
Steve Grubb 152c01 
+	config->log_group = 0;
Steve Grubb 152c01 
 	config->priority_boost = 3;
Steve Grubb 152c01 
 	config->flush =  FT_NONE;
Steve Grubb 152c01 
 	config->freq = 0;
Steve Grubb 152c01 
@@ -677,6 +681,38 @@ static int log_format_parser(struct nv_p
Steve Grubb 152c01 
 	return 1;
Steve Grubb 152c01 
 }
Steve Grubb 152c01
Steve Grubb 152c01 
+static int log_group_parser(struct nv_pair *nv, int line,
Steve Grubb 152c01 
+		struct daemon_conf *config)
Steve Grubb 152c01 
+{
Steve Grubb 152c01 
+	gid_t gid = 0;
Steve Grubb 152c01 
+
Steve Grubb 152c01 
+	audit_msg(LOG_DEBUG, "log_group_parser called with: %s",
Steve Grubb 152c01 
+							nv->value);
Steve Grubb 152c01 
+	if (isdigit(nv->value[0])) {
Steve Grubb 152c01 
+		errno = 0;
Steve Grubb 152c01 
+		gid = strtoul(nv->value,NULL,10);
Steve Grubb 152c01 
+		if (errno) {
Steve Grubb 152c01 
+			audit_msg(LOG_ERR,
Steve Grubb 152c01 
+		    "Numeric group ID conversion error (%s) for %s - line %d\n",
Steve Grubb 152c01 
+				strerror(errno), nv->value, line);
Steve Grubb 152c01 
+			return 1;
Steve Grubb 152c01 
+		}
Steve Grubb 152c01 
+	} else {
Steve Grubb 152c01 
+		struct group *gr ;
Steve Grubb 152c01 
+
Steve Grubb 152c01 
+		gr = getgrnam(nv->value);
Steve Grubb 152c01 
+		if (gr == NULL) {
Steve Grubb 152c01 
+			audit_msg(LOG_ERR,
Steve Grubb 152c01 
+			 "Group ID is non-numeric and unknown (%s) - line %d\n",
Steve Grubb 152c01 
+				nv->value, line);
Steve Grubb 152c01 
+			return 1;
Steve Grubb 152c01 
+		}
Steve Grubb 152c01 
+		gid = gr->gr_gid;
Steve Grubb 152c01 
+	}
Steve Grubb 152c01 
+	config->log_group = gid;
Steve Grubb 152c01 
+	return 0;
Steve Grubb 152c01 
+}
Steve Grubb 152c01 
+
Steve Grubb 152c01 
 static int flush_parser(struct nv_pair *nv, int line,
Steve Grubb 152c01 
 		struct daemon_conf *config)
Steve Grubb 152c01 
 {
Steve Grubb 152c01 
@@ -1072,7 +1108,7 @@ static int sanity_check(struct daemon_co
Steve Grubb 152c01 
 	/* Error checking */
Steve Grubb 152c01 
 	if (config->space_left <= config->admin_space_left) {
Steve Grubb 152c01 
 		audit_msg(LOG_ERR,
Steve Grubb 152c01 
-		    "Error - space_left(%lu) must be larger than admin_space_left(%lu)",
Steve Grubb 152c01 
+	    "Error - space_left(%lu) must be larger than admin_space_left(%lu)",
Steve Grubb 152c01 
 		    config->space_left, config->admin_space_left);
Steve Grubb 152c01 
 		return 1;
Steve Grubb 152c01 
 	}
Steve Grubb 152c01 
@@ -1084,7 +1120,7 @@ static int sanity_check(struct daemon_co
Steve Grubb 152c01 
 	/* Warnings */
Steve Grubb 152c01 
 	if (config->flush > FT_INCREMENTAL && config->freq != 0) {
Steve Grubb 152c01 
 		audit_msg(LOG_WARNING,
Steve Grubb 152c01 
-		    "Warning - freq is non-zero and incremental flushing not selected.");
Steve Grubb 152c01 
+           "Warning - freq is non-zero and incremental flushing not selected.");
Steve Grubb 152c01 
 	}
Steve Grubb 152c01 
 	return 0;
Steve Grubb 152c01 
 }
Steve Grubb 152c01 
diff -urp audit-1.5.6/src/auditd-config.h audit-1.5.7/src/auditd-config.h
Steve Grubb 152c01 
--- audit-1.5.6/src/auditd-config.h	2007-07-24 17:10:34.000000000 -0400
Steve Grubb 152c01 
+++ audit-1.5.7/src/auditd-config.h	2007-08-24 11:09:49.000000000 -0400
Steve Grubb 152c01 
@@ -1,5 +1,5 @@
Steve Grubb 152c01 
 /* auditd-config.h --
Steve Grubb 152c01 
- * Copyright 2004-2006 Red Hat Inc., Durham, North Carolina.
Steve Grubb 152c01 
+ * Copyright 2004-2007 Red Hat Inc., Durham, North Carolina.
Steve Grubb 152c01 
  * All Rights Reserved.
Steve Grubb 152c01 
  *
Steve Grubb 152c01 
  * This program is free software; you can redistribute it and/or modify
Steve Grubb 152c01 
@@ -25,6 +25,7 @@
Steve Grubb 152c01 
 #define AUDITD_CONFIG_H
Steve Grubb 152c01
Steve Grubb 152c01 
 #include "libaudit.h"
Steve Grubb 152c01 
+#include <grp.h>
Steve Grubb 152c01 
 #define CONFIG_FILE "/etc/audit/auditd.conf"
Steve Grubb 152c01 
 #define MEGABYTE 1048576UL
Steve Grubb 152c01
Steve Grubb 152c01 
@@ -47,6 +48,7 @@ struct daemon_conf
Steve Grubb 152c01 
 	const char *sender_ctx;	/* the context for the sender of sighup */
Steve Grubb 152c01 
 	const char *log_file;
Steve Grubb 152c01 
 	logging_formats log_format;
Steve Grubb 152c01 
+	gid_t log_group;
Steve Grubb 152c01 
 	unsigned int priority_boost;
Steve Grubb 152c01 
 	flush_technique flush;
Steve Grubb 152c01 
 	unsigned int freq;
Steve Grubb 152c01 
diff -urp audit-1.5.6/src/auditd-event.c audit-1.5.7/src/auditd-event.c
Steve Grubb 152c01 
--- audit-1.5.6/src/auditd-event.c	2007-07-24 17:17:11.000000000 -0400
Steve Grubb 152c01 
+++ audit-1.5.7/src/auditd-event.c	2007-08-24 11:34:48.000000000 -0400
Steve Grubb 152c01 
@@ -1,5 +1,5 @@
Steve Grubb 152c01 
 /* auditd-event.c --
Steve Grubb 152c01 
- * Copyright 2004-06 Red Hat Inc., Durham, North Carolina.
Steve Grubb 152c01 
+ * Copyright 2004-07 Red Hat Inc., Durham, North Carolina.
Steve Grubb 152c01 
  * All Rights Reserved.
Steve Grubb 152c01 
  *
Steve Grubb 152c01 
  * This program is free software; you can redistribute it and/or modify
Steve Grubb 152c01 
@@ -548,6 +548,7 @@ static void rotate_logs(struct auditd_co
Steve Grubb 152c01 
 		return;
Steve Grubb 152c01
Steve Grubb 152c01 
 	/* Close audit file */
Steve Grubb 152c01 
+	fchown(data->log_fd, 0, data->config->log_group);
Steve Grubb 152c01 
 	fchmod(data->log_fd, S_IRUSR|S_IRGRP);
Steve Grubb 152c01 
 	fclose(data->log_file);
Steve Grubb 152c01
Steve Grubb 152c01 
@@ -737,6 +738,7 @@ retry:
Steve Grubb 152c01 
 			return 1;
Steve Grubb 152c01 
 		}
Steve Grubb 152c01 
 	}
Steve Grubb 152c01 
+	fchown(lfd, 0, data->config->log_group);
Steve Grubb 152c01
Steve Grubb 152c01 
 	data->log_fd = lfd;
Steve Grubb 152c01 
 	data->log_file = fdopen(lfd, "a");
Steve Grubb 152c01 
diff -urp audit-1.5.6/src/aureport.c audit-1.5.7/src/aureport.c
Steve Grubb 152c01 
--- audit-1.5.6/src/aureport.c	2007-04-09 17:50:01.000000000 -0400
Steve Grubb 152c01 
+++ audit-1.5.7/src/aureport.c	2007-08-13 16:09:39.000000000 -0400
Steve Grubb 152c01 
@@ -1,6 +1,6 @@
Steve Grubb 152c01 
 /*
Steve Grubb 152c01 
  * aureport.c - main file for aureport utility
Steve Grubb 152c01 
- * Copyright 2005-06 Red Hat Inc., Durham, North Carolina.
Steve Grubb 152c01 
+ * Copyright 2005-07 Red Hat Inc., Durham, North Carolina.
Steve Grubb 152c01 
  * All Rights Reserved.
Steve Grubb 152c01 
  *
Steve Grubb 152c01 
  * This program is free software; you can redistribute it and/or modify
Steve Grubb 152c01 
@@ -97,7 +97,11 @@ int main(int argc, char *argv[])
Steve Grubb 152c01 
 		config.sender_ctx = NULL;
Steve Grubb 152c01 
 		config.log_file = NULL;
Steve Grubb 152c01 
 		config.dispatcher = NULL;
Steve Grubb 152c01 
+		config.space_left_exe = NULL;
Steve Grubb 152c01 
 		config.action_mail_acct = NULL;
Steve Grubb 152c01 
+		config.admin_space_left_exe = NULL;
Steve Grubb 152c01 
+		config.disk_full_exe = NULL;
Steve Grubb 152c01 
+		config.disk_error_exe = NULL;
Steve Grubb 152c01 
 	}
Steve Grubb 152c01
Steve Grubb 152c01 
 	print_title();
Steve Grubb 152c01 
@@ -115,6 +119,8 @@ int main(int argc, char *argv[])
Steve Grubb 152c01 
 	if (!found && report_detail == D_DETAILED && report_type != RPT_TIME) {
Steve Grubb 152c01 
 		printf("<no events of interest were found>\n\n");
Steve Grubb 152c01 
 		destroy_counters();
Steve Grubb 152c01 
+		aulookup_destroy_uid_list();
Steve Grubb 152c01 
+		aulookup_destroy_gid_list();
Steve Grubb 152c01 
 		free_config(&config);
Steve Grubb 152c01 
 		return 1;
Steve Grubb 152c01 
 	} else
Steve Grubb 152c01 
@@ -304,6 +310,7 @@ static int get_record(llist *l)
Steve Grubb 152c01 
 			} else {
Steve Grubb 152c01 
 				saved_buff = buff;
Steve Grubb 152c01 
 				free(n.message);
Steve Grubb 152c01 
+				buff = NULL;
Steve Grubb 152c01 
 				break;
Steve Grubb 152c01 
 			}
Steve Grubb 152c01 
 		} else {
Steve Grubb 152c01 
diff -urp audit-1.5.6/src/ausearch.c audit-1.5.7/src/ausearch.c
Steve Grubb 152c01 
--- audit-1.5.6/src/ausearch.c	2007-04-09 17:50:01.000000000 -0400
Steve Grubb 152c01 
+++ audit-1.5.7/src/ausearch.c	2007-08-13 15:27:35.000000000 -0400
Steve Grubb 152c01 
@@ -101,6 +101,8 @@ int main(int argc, char *argv[])
Steve Grubb 152c01 
 	ilist_clear(event_type);
Steve Grubb 152c01 
 	free(event_type);
Steve Grubb 152c01 
 	free(user_file);
Steve Grubb 152c01 
+	aulookup_destroy_uid_list();
Steve Grubb 152c01 
+	aulookup_destroy_gid_list();
Steve Grubb 152c01 
 	if (rc)
Steve Grubb 152c01 
 		return rc;
Steve Grubb 152c01 
 	if (!found) {
Steve Grubb 152c01 
@@ -164,8 +166,6 @@ static int process_logs(void)
Steve Grubb 152c01 
 		else
Steve Grubb 152c01 
 			break;
Steve Grubb 152c01 
 	} while (1);
Steve Grubb 152c01 
-	aulookup_destroy_uid_list();
Steve Grubb 152c01 
-	aulookup_destroy_gid_list();
Steve Grubb 152c01 
 	free(filename);
Steve Grubb 152c01 
 	free_config(&config);
Steve Grubb 152c01 
 	return 0;
Steve Grubb 152c01 
@@ -267,6 +267,7 @@ static int get_record(llist *l)
Steve Grubb 152c01 
 			} else {
Steve Grubb 152c01 
 				saved_buff = buff;
Steve Grubb 152c01 
 				free(n.message);
Steve Grubb 152c01 
+				buff = NULL;
Steve Grubb 152c01 
 				break;
Steve Grubb 152c01 
 			}
Steve Grubb 152c01 
 		} else {
Steve Grubb 152c01 
diff -urp audit-1.5.6/swig/auditswig.i audit-1.5.7/swig/auditswig.i
Steve Grubb 152c01 
--- audit-1.5.6/swig/auditswig.i	2007-06-27 06:59:12.000000000 -0400
Steve Grubb 152c01 
+++ audit-1.5.7/swig/auditswig.i	2007-08-24 12:40:20.000000000 -0400
Steve Grubb 152c01 
@@ -27,7 +27,7 @@
Steve Grubb 152c01 
 signed
Steve Grubb 152c01 
 %enddef
Steve Grubb 152c01 
 #define __attribute(X) /*nothing*/
Steve Grubb 152c01 
-%include "/usr/include/asm/types.h"
Steve Grubb 152c01 
+typedef unsigned __u32;
Steve Grubb 152c01 
 %include "/usr/include/linux/audit.h"
Steve Grubb 152c01 
 #define __extension__ /*nothing*/
Steve Grubb 152c01 
 %include "/usr/include/stdint.h"
Steve Grubb 152c01 
diff -urp audit-1.5.6/system-config-audit/Makefile.am audit-1.5.7/system-config-audit/Makefile.am
Steve Grubb 152c01 
--- audit-1.5.6/system-config-audit/Makefile.am	2007-07-25 14:25:05.000000000 -0400
Steve Grubb 152c01 
+++ audit-1.5.7/system-config-audit/Makefile.am	2007-08-26 17:41:20.000000000 -0400
Steve Grubb 152c01 
@@ -98,3 +98,8 @@ src/system-config-audit: src/system-conf
Steve Grubb 152c01 
 		< $(srcdir)/src/system-config-audit.in > $@
Steve Grubb 152c01
Steve Grubb 152c01 
 @INTLTOOL_DESKTOP_RULE@
Steve Grubb 152c01 
+
Steve Grubb 152c01 
+clean-generic:
Steve Grubb 152c01 
+	rm -rf autom4te*.cache
Steve Grubb 152c01 
+	rm -f *.rej *.orig
Steve Grubb 152c01 
+
Steve Grubb 152c01 
diff -urp audit-1.5.6/system-config-audit/Makefile.in audit-1.5.7/system-config-audit/Makefile.in
Steve Grubb 152c01 
--- audit-1.5.6/system-config-audit/Makefile.in	2007-07-25 14:23:56.000000000 -0400
Steve Grubb 152c01 
+++ audit-1.5.7/system-config-audit/Makefile.in	2007-08-26 17:44:02.000000000 -0400
Steve Grubb 152c01 
@@ -314,7 +314,7 @@ nodist_pkgdata_PYTHON = src/settings.py
Steve Grubb 152c01 
 CLEANFILES = $(applications_DATA) $(bin_SCRIPTS) $(nodist_pkgdata_PYTHON) \
Steve Grubb 152c01 
 	admin/system-config-audit-server.console
Steve Grubb 152c01
Steve Grubb 152c01 
-DISTCLEANFILES = intltool-extract intltool-merge intltool-update src/.libs
Steve Grubb 152c01 
+DISTCLEANFILES = intltool-extract intltool-merge intltool-update
Steve Grubb 152c01 
 EXTRA_DIST = admin/intltool-extract.in admin/intltool-merge.in \
Steve Grubb 152c01 
 	admin/intltool-update.in admin/system-config-audit-server.console.in \
Steve Grubb 152c01 
 	admin/system-config-audit-server.pam \
Steve Grubb 152c01 
@@ -883,9 +883,6 @@ install-strip:
Steve Grubb 152c01 
 	    echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
Steve Grubb 152c01 
 mostlyclean-generic:
Steve Grubb 152c01
Steve Grubb 152c01 
-clean-generic:
Steve Grubb 152c01 
-	-test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
Steve Grubb 152c01 
-
Steve Grubb 152c01 
 distclean-generic:
Steve Grubb 152c01 
 	-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
Steve Grubb 152c01 
 	-rm -f src/$(DEPDIR)/$(am__dirstamp)
Steve Grubb 152c01 
@@ -1027,6 +1024,10 @@ src/system-config-audit: src/system-conf
Steve Grubb 152c01 
 		< $(srcdir)/src/system-config-audit.in > $@
Steve Grubb 152c01
Steve Grubb 152c01 
 @INTLTOOL_DESKTOP_RULE@
Steve Grubb 152c01 
+
Steve Grubb 152c01 
+clean-generic:
Steve Grubb 152c01 
+	rm -rf autom4te*.cache
Steve Grubb 152c01 
+	rm -f *.rej *.orig
Steve Grubb 152c01 
 # Tell versions [3.59,3.63) of GNU make to not export all variables.
Steve Grubb 152c01 
 # Otherwise a system limit (for SysV at least) may be exceeded.
Steve Grubb 152c01 
 .NOEXPORT:

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation