rpms / audit

Clone
Source Code
GIT

Blame audit-1.8-noaudit.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-atomic-beta c8-beta f10 f11 f12 f13 f14 f15 f16 f17 f18 f19 f20 f21 f22 f23 f24 f25 f26 f27 f28 f29 f7 f8 f9 master
  1.   6578fabf5e702a9a3efb9a15b34db27eecfa3c2d
  2.   audit-1.8-noaudit.patch
Blob History Raw
Steve Grubb 6578fa 
Index: /trunk/init.d/auditd.init
Steve Grubb 6578fa 
===================================================================
Steve Grubb 6578fa 
--- /trunk/init.d/auditd.init (revision 243)
Steve Grubb 6578fa 
+++ /trunk/init.d/auditd.init (revision 265)
Steve Grubb 6578fa 
@@ -72,7 +72,7 @@
Steve Grubb 6578fa 
 	if test $RETVAL = 0 ; then
Steve Grubb 6578fa 
 		touch /var/lock/subsys/auditd
Steve Grubb 6578fa 
+		# Load the default rules
Steve Grubb 6578fa 
+		test -f /etc/audit/audit.rules && /sbin/auditctl -R /etc/audit/audit.rules >/dev/null
Steve Grubb 6578fa 
 	fi
Steve Grubb 6578fa 
-	# Load the default rules
Steve Grubb 6578fa 
-	test -f /etc/audit/audit.rules && /sbin/auditctl -R /etc/audit/audit.rules >/dev/null
Steve Grubb 6578fa 
 	return $RETVAL
Steve Grubb 6578fa 
 }
Steve Grubb 6578fa 
@@ -85,9 +85,15 @@
Steve Grubb 6578fa 
 	rm -f /var/lock/subsys/auditd
Steve Grubb 6578fa 
 	# Remove watches so shutdown works cleanly
Steve Grubb 6578fa 
-	if test "`echo $AUDITD_CLEAN_STOP | tr 'NO' 'no'`" != "no" ; then
Steve Grubb 6578fa 
-		/sbin/auditctl -D >/dev/null
Steve Grubb 6578fa 
+	if test x"$AUDITD_CLEAN_STOP" != "x" ; then
Steve Grubb 6578fa 
+		if test "`echo $AUDITD_CLEAN_STOP | tr 'NO' 'no'`" != "no"
Steve Grubb 6578fa 
+		then
Steve Grubb 6578fa 
+			/sbin/auditctl -D >/dev/null
Steve Grubb 6578fa 
+		fi
Steve Grubb 6578fa 
 	fi
Steve Grubb 6578fa 
-	if test "`echo $AUDITD_STOP_DISABLE | tr 'NO' 'no'`" != "no" ; then
Steve Grubb 6578fa 
-		/sbin/auditctl -e 0 >/dev/null
Steve Grubb 6578fa 
+	if test x"$AUDITD_STOP_DISABLE" != "x" ; then
Steve Grubb 6578fa 
+		if test "`echo $AUDITD_STOP_DISABLE | tr 'NO' 'no'`" != "no"
Steve Grubb 6578fa 
+		then
Steve Grubb 6578fa 
+			/sbin/auditctl -e 0 >/dev/null
Steve Grubb 6578fa 
+		fi
Steve Grubb 6578fa 
 	fi
Steve Grubb 6578fa 
 	return $RETVAL
Steve Grubb 6578fa 
Index: /trunk/ChangeLog
Steve Grubb 6578fa 
===================================================================
Steve Grubb 6578fa 
--- /trunk/ChangeLog (revision 264)
Steve Grubb 6578fa 
+++ /trunk/ChangeLog (revision 265)
Steve Grubb 6578fa 
@@ -1,4 +1,5 @@
Steve Grubb 6578fa 
 1.8
Steve Grubb 6578fa 
 - Disable asserts unless --with-debug passed to configure
Steve Grubb 6578fa 
+- Handle kernel 2.6.29's audit = 0 boot parameter better
Steve Grubb 6578fa
Steve Grubb 6578fa 
 1.7.12
Steve Grubb 6578fa 
Index: /trunk/src/auditctl.c
Steve Grubb 6578fa 
===================================================================
Steve Grubb 6578fa 
--- /trunk/src/auditctl.c (revision 242)
Steve Grubb 6578fa 
+++ /trunk/src/auditctl.c (revision 265)
Steve Grubb 6578fa 
@@ -971,4 +971,6 @@
Steve Grubb 6578fa 
 	}
Steve Grubb 6578fa 
     }
Steve Grubb 6578fa 
+    if (retval == -1 && errno == ECONNREFUSED)
Steve Grubb 6578fa 
+		fprintf(stderr,	"The audit system is disabled\n");
Steve Grubb 6578fa 
     return retval;
Steve Grubb 6578fa 
 }
Steve Grubb 6578fa 
@@ -1086,4 +1088,10 @@
Steve Grubb 6578fa 
 					"There was an error in line %d of %s\n",
Steve Grubb 6578fa 
 					lineno, file);
Steve Grubb 6578fa 
+				else {
Steve Grubb 6578fa 
+					fprintf(stderr,
Steve Grubb 6578fa 
+					"The audit system is disabled\n");
Steve Grubb 6578fa 
+					fclose(f);
Steve Grubb 6578fa 
+					return 0;
Steve Grubb 6578fa 
+				}
Steve Grubb 6578fa 
 				if (!ignore) {
Steve Grubb 6578fa 
 					fclose(f);
Steve Grubb 6578fa 
@@ -1122,4 +1130,7 @@
Steve Grubb 6578fa 
 				"The audit system is in immutable "
Steve Grubb 6578fa 
 				"mode, no rules loaded\n");
Steve Grubb 6578fa 
+			return 0;
Steve Grubb 6578fa 
+		} else if (errno == ECONNREFUSED) {
Steve Grubb 6578fa 
+			fprintf(stderr, "The audit system is disabled\n");
Steve Grubb 6578fa 
 			return 0;
Steve Grubb 6578fa 
 		} else if (fileopt(argv[2]))
Steve Grubb 6578fa 
@@ -1141,4 +1152,7 @@
Steve Grubb 6578fa 
 				"The audit system is in immutable "
Steve Grubb 6578fa 
 				"mode, no rules loaded\n");
Steve Grubb 6578fa 
+			return 0;
Steve Grubb 6578fa 
+		} else if (errno == ECONNREFUSED) {
Steve Grubb 6578fa 
+			fprintf(stderr, "The audit system is disabled\n");
Steve Grubb 6578fa 
 			return 0;
Steve Grubb 6578fa 
 		}
Steve Grubb 6578fa 
Index: /trunk/src/auditd-event.c
Steve Grubb 6578fa 
===================================================================
Steve Grubb 6578fa 
--- /trunk/src/auditd-event.c (revision 258)
Steve Grubb 6578fa 
+++ /trunk/src/auditd-event.c (revision 265)
Steve Grubb 6578fa 
@@ -287,6 +287,7 @@
Steve Grubb 6578fa 
 			data->tail = NULL;
Steve Grubb 6578fa 
 		data->head = data->head->next;
Steve Grubb 6578fa 
-		if (data->head == NULL && stop &&
Steve Grubb 6578fa 
-					cur->reply.type == AUDIT_DAEMON_END)
Steve Grubb 6578fa 
+		if (data->head == NULL && stop &&
Steve Grubb 6578fa 
+				( cur->reply.type == AUDIT_DAEMON_END ||
Steve Grubb 6578fa 
+				cur->reply.type == AUDIT_DAEMON_ABORT) )
Steve Grubb 6578fa 
 			stop_req = 1;
Steve Grubb 6578fa 
 		pthread_mutex_unlock(&data->queue_lock);
Steve Grubb 6578fa 
Index: /trunk/src/auditd.c
Steve Grubb 6578fa 
===================================================================
Steve Grubb 6578fa 
--- /trunk/src/auditd.c (revision 256)
Steve Grubb 6578fa 
+++ /trunk/src/auditd.c (revision 265)
Steve Grubb 6578fa 
@@ -616,5 +616,5 @@
Steve Grubb 6578fa 
 			return 1;
Steve Grubb 6578fa 
 		}
Steve Grubb 6578fa 
-		if(getsubj(subj))
Steve Grubb 6578fa 
+		if (getsubj(subj))
Steve Grubb 6578fa 
 			snprintf(start, sizeof(start),
Steve Grubb 6578fa 
 				"auditd start, ver=%s format=%s "
Steve Grubb 6578fa 
@@ -684,5 +684,5 @@
Steve Grubb 6578fa 
 		send_audit_event(AUDIT_DAEMON_ABORT, emsg);
Steve Grubb 6578fa 
 		audit_msg(LOG_ERR,
Steve Grubb 6578fa 
-		"Unable to set intitial audit startup state to '%s', exiting",
Steve Grubb 6578fa 
+		"Unable to set initial audit startup state to '%s', exiting",
Steve Grubb 6578fa 
 			startup_states[opt_startup]);
Steve Grubb 6578fa 
 		close_down();
Steve Grubb 6578fa 
Index: /trunk/src/autrace.c
Steve Grubb 6578fa 
===================================================================
Steve Grubb 6578fa 
--- /trunk/src/autrace.c (revision 1)
Steve Grubb 6578fa 
+++ /trunk/src/autrace.c (revision 265)
Steve Grubb 6578fa 
@@ -156,5 +156,10 @@
Steve Grubb 6578fa 
 	{
Steve Grubb 6578fa 
 		case -1:
Steve Grubb 6578fa 
-			fprintf(stderr, "Error - can't get rule count.\n");
Steve Grubb 6578fa 
+			if (errno == ECONNREFUSED)
Steve Grubb 6578fa 
+		                fprintf(stderr,
Steve Grubb 6578fa 
+					"The audit system is disabled\n");
Steve Grubb 6578fa 
+			else
Steve Grubb 6578fa 
+				fprintf(stderr,
Steve Grubb 6578fa 
+					"Error - can't get rule count.\n");
Steve Grubb 6578fa 
 			return 1;
Steve Grubb 6578fa 
 		case 0:

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation