|
Steve Grubb |
00064e |
%define sca_version 0.4.6
|
|
Steve Grubb |
d1b4f5 |
%define sca_release 4
|
|
Steve Grubb |
25639a |
%define selinux_variants mls strict targeted
|
|
Steve Grubb |
d12b5d |
%define selinux_policyver 3.0.8
|
|
Steve Grubb |
00064e |
%{!?python_sitelib: %define python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")}
|
|
Steve Grubb |
c56912 |
|
|
Steve Grubb |
cb9ea2 |
Summary: User space tools for 2.6 kernel auditing
|
|
cvsdist |
2c6ba5 |
Name: audit
|
|
Steve Grubb |
00064e |
Version: 1.7.2
|
|
Steve Grubb |
d1b4f5 |
Release: 4%{?dist}
|
|
Steve Grubb |
7c6e7f |
License: GPLv2+
|
|
Steve Grubb |
654a5c |
Group: System Environment/Daemons
|
|
Steve Grubb |
c5201d |
URL: http://people.redhat.com/sgrubb/audit/
|
|
Steve Grubb |
d12b5d |
Source0: http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
|
|
Steve Grubb |
4139e4 |
Patch0: audit-1.6.8-zos.patch
|
|
Steve Grubb |
00064e |
Patch1: audit-1.7.3-cmd.patch
|
|
Steve Grubb |
00064e |
Patch2: audit-1.7.2-avc.patch
|
|
Steve Grubb |
00064e |
Patch3: audit-1.7.3-prelude.patch
|
|
Steve Grubb |
adb0e1 |
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
|
Steve Grubb |
283747 |
BuildRequires: gettext-devel intltool libtool swig python-devel
|
|
Steve Grubb |
c02ad9 |
BuildRequires: kernel-headers >= 2.6.18
|
|
Steve Grubb |
8fd9fa |
BuildRequires: automake >= 1.9
|
|
Steve Grubb |
8fd9fa |
BuildRequires: autoconf >= 2.59
|
|
Steve Grubb |
75f480 |
Requires: %{name}-libs = %{version}-%{release}
|
|
Steve Grubb |
c5201d |
Requires: chkconfig
|
|
Steve Grubb |
5734b6 |
Requires(pre): coreutils
|
|
cvsdist |
2c6ba5 |
|
|
cvsdist |
2c6ba5 |
%description
|
|
cvsdist |
2c6ba5 |
The audit package contains the user space utilities for
|
|
Steve Grubb |
f553a5 |
storing and searching the audit records generate by
|
|
cvsdist |
2c6ba5 |
the audit subsystem in the Linux 2.6 kernel.
|
|
cvsdist |
2c6ba5 |
|
|
Steve Grubb |
75f480 |
%package libs
|
|
Steve Grubb |
75f480 |
Summary: Dynamic library for libaudit
|
|
Steve Grubb |
7c6e7f |
License: LGPLv2+
|
|
Steve Grubb |
c5201d |
Group: Development/Libraries
|
|
Steve Grubb |
c5201d |
|
|
Steve Grubb |
75f480 |
%description libs
|
|
Steve Grubb |
75f480 |
The audit-libs package contains the dynamic libraries needed for
|
|
Steve Grubb |
75f480 |
applications to use the audit framework.
|
|
Steve Grubb |
75f480 |
|
|
Steve Grubb |
75f480 |
%package libs-devel
|
|
Steve Grubb |
75f480 |
Summary: Header files and static library for libaudit
|
|
Steve Grubb |
7c6e7f |
License: LGPLv2+
|
|
Steve Grubb |
75f480 |
Group: Development/Libraries
|
|
Steve Grubb |
75f480 |
Requires: %{name}-libs = %{version}-%{release}
|
|
Steve Grubb |
c02ad9 |
Requires: kernel-headers >= 2.6.18
|
|
Steve Grubb |
75f480 |
|
|
Steve Grubb |
75f480 |
%description libs-devel
|
|
Steve Grubb |
75f480 |
The audit-libs-devel package contains the static libraries and header
|
|
Steve Grubb |
75f480 |
files needed for developing applications that need to use the audit
|
|
Steve Grubb |
75f480 |
framework libraries.
|
|
Steve Grubb |
c5201d |
|
|
Steve Grubb |
9fb940 |
%package libs-python
|
|
Steve Grubb |
9fb940 |
Summary: Python bindings for libaudit
|
|
Steve Grubb |
7c6e7f |
License: LGPLv2+
|
|
Steve Grubb |
9fb940 |
Group: Development/Libraries
|
|
Steve Grubb |
9fb940 |
Requires: %{name}-libs = %{version}-%{release}
|
|
Steve Grubb |
9fb940 |
|
|
Steve Grubb |
9fb940 |
%description libs-python
|
|
Steve Grubb |
9fb940 |
The audit-libs-python package contains the bindings so that libaudit
|
|
Steve Grubb |
cfd726 |
and libauparse can be used by python.
|
|
Steve Grubb |
9fb940 |
|
|
Steve Grubb |
25639a |
%package -n audispd-plugins
|
|
Steve Grubb |
25639a |
Summary: Plugins for the audit event dispatcher
|
|
Steve Grubb |
25639a |
License: GPLv2+
|
|
Steve Grubb |
25639a |
Group: System Environment/Daemons
|
|
Steve Grubb |
25639a |
BuildRequires: openldap-devel
|
|
Steve Grubb |
5734b6 |
%if "%{selinux_policyver}" != ""
|
|
Steve Grubb |
5734b6 |
BuildRequires: checkpolicy selinux-policy-devel >= %{selinux_policyver}
|
|
Steve Grubb |
5734b6 |
%endif
|
|
Steve Grubb |
5734b6 |
BuildRequires: libprelude-devel >= 0.9.16
|
|
Steve Grubb |
25639a |
Requires: %{name} = %{version}-%{release}
|
|
Steve Grubb |
25639a |
Requires: %{name}-libs = %{version}-%{release}
|
|
Steve Grubb |
25639a |
Requires: openldap
|
|
Steve Grubb |
25639a |
%if "%{selinux_policyver}" != ""
|
|
Steve Grubb |
25639a |
Requires: selinux-policy >= %{selinux_policyver}
|
|
Steve Grubb |
25639a |
%endif
|
|
Steve Grubb |
25639a |
Requires(post): /usr/sbin/semodule /sbin/restorecon
|
|
Steve Grubb |
25639a |
Requires(postun): /usr/sbin/semodule
|
|
Steve Grubb |
25639a |
|
|
Steve Grubb |
25639a |
%description -n audispd-plugins
|
|
Steve Grubb |
25639a |
The audispd-plugins package provides plugins for the real-time
|
|
Steve Grubb |
25639a |
interface to the audit system, audispd. These plugins can do things
|
|
Steve Grubb |
25639a |
like relay events to remote machines or analyze events for suspicious
|
|
Steve Grubb |
25639a |
behavior.
|
|
Steve Grubb |
25639a |
|
|
Steve Grubb |
c56912 |
%package -n system-config-audit
|
|
Steve Grubb |
c56912 |
Summary: Utility for editing audit configuration
|
|
Steve Grubb |
c56912 |
Version: %{sca_version}
|
|
Steve Grubb |
6fd670 |
Release: %{sca_release}%{?dist}
|
|
Steve Grubb |
7c6e7f |
License: GPLv2+
|
|
Steve Grubb |
c56912 |
Group: Applications/System
|
|
Steve Grubb |
5734b6 |
BuildRequires: desktop-file-utils
|
|
Steve Grubb |
c56912 |
Requires: pygtk2-libglade usermode usermode-gtk
|
|
Steve Grubb |
c56912 |
|
|
Steve Grubb |
c56912 |
%description -n system-config-audit
|
|
Steve Grubb |
25639a |
A graphical utility for editing audit configuration.
|
|
Steve Grubb |
c56912 |
|
|
cvsdist |
2c6ba5 |
%prep
|
|
cvsdist |
2c6ba5 |
%setup -q
|
|
Steve Grubb |
4139e4 |
%patch0 -p1
|
|
Steve Grubb |
2e019b |
%patch1 -p1
|
|
Steve Grubb |
c6afc3 |
%patch2 -p1
|
|
Steve Grubb |
3f63ff |
%patch3 -p1
|
|
Steve Grubb |
25639a |
mkdir zos-remote-policy
|
|
Steve Grubb |
25639a |
cp -p audisp/plugins/zos-remote/policy/audispd-zos-remote.* zos-remote-policy
|
|
Steve Grubb |
7e0621 |
|
|
cvsdist |
2c6ba5 |
%build
|
|
Steve Grubb |
114d25 |
(cd system-config-audit; ./autogen.sh)
|
|
Steve Grubb |
c56912 |
aclocal && autoconf && autoheader && automake
|
|
Steve Grubb |
5734b6 |
%configure --sbindir=/sbin --libdir=/%{_lib} --with-prelude
|
|
Steve Grubb |
c6afc3 |
make %{?_smp_mflags}
|
|
Steve Grubb |
25639a |
cd zos-remote-policy
|
|
Steve Grubb |
25639a |
for selinuxvariant in %{selinux_variants}
|
|
Steve Grubb |
25639a |
do
|
|
Steve Grubb |
00064e |
if [ "${selinuxvariant}" = "mls" ]; then
|
|
Steve Grubb |
00064e |
TYPE=mls-mls
|
|
Steve Grubb |
00064e |
else
|
|
Steve Grubb |
00064e |
TYPE=${selinuxvariant}-mcs
|
|
Steve Grubb |
00064e |
fi
|
|
Steve Grubb |
00064e |
make -f /usr/share/selinux/devel/Makefile
|
|
Steve Grubb |
25639a |
mv audispd-zos-remote.pp audispd-zos-remote.pp.${selinuxvariant}
|
|
Steve Grubb |
00064e |
make -f /usr/share/selinux/devel/Makefile clean
|
|
Steve Grubb |
25639a |
done
|
|
Steve Grubb |
25639a |
cd -
|
|
cvsdist |
2c6ba5 |
|
|
cvsdist |
2c6ba5 |
%install
|
|
cvsdist |
2c6ba5 |
rm -rf $RPM_BUILD_ROOT
|
|
Steve Grubb |
31f6a3 |
mkdir -p $RPM_BUILD_ROOT/{sbin,etc/{sysconfig,audispd/plugins.d,rc.d/init.d}}
|
|
Steve Grubb |
25639a |
mkdir -p $RPM_BUILD_ROOT/%{_mandir}/{man5,man8}
|
|
Steve Grubb |
57646a |
mkdir -p $RPM_BUILD_ROOT/%{_lib}
|
|
Daniel J Walsh |
965e81 |
mkdir -p $RPM_BUILD_ROOT/%{_libdir}/audit
|
|
Steve Grubb |
d1e22d |
mkdir -p $RPM_BUILD_ROOT/%{_var}/log/audit
|
|
Steve Grubb |
c6afc3 |
make DESTDIR=$RPM_BUILD_ROOT %{?_smp_mflags} install
|
|
Steve Grubb |
c56912 |
make -C system-config-audit DESTDIR=$RPM_BUILD_ROOT install-fedora
|
|
Steve Grubb |
25639a |
for selinuxvariant in %{selinux_variants}
|
|
Steve Grubb |
25639a |
do
|
|
Steve Grubb |
25639a |
install -d $RPM_BUILD_ROOT/%{_datadir}/selinux/${selinuxvariant}
|
|
Steve Grubb |
25639a |
install -p -m 644 zos-remote-policy/audispd-zos-remote.pp.${selinuxvariant} \
|
|
Steve Grubb |
25639a |
$RPM_BUILD_ROOT/%{_datadir}/selinux/${selinuxvariant}/audispd-zos-remote.pp
|
|
Steve Grubb |
25639a |
done
|
|
cvsdist |
2c6ba5 |
|
|
Steve Grubb |
c5201d |
mkdir -p $RPM_BUILD_ROOT/%{_libdir}
|
|
Steve Grubb |
aad931 |
# This winds up in the wrong place when libtool is involved
|
|
Steve Grubb |
19531f |
mv $RPM_BUILD_ROOT/%{_lib}/libaudit.a $RPM_BUILD_ROOT%{_libdir}
|
|
Steve Grubb |
7ea761 |
mv $RPM_BUILD_ROOT/%{_lib}/libauparse.a $RPM_BUILD_ROOT%{_libdir}
|
|
Steve Grubb |
21c8b7 |
curdir=`pwd`
|
|
Steve Grubb |
21c8b7 |
cd $RPM_BUILD_ROOT/%{_libdir}
|
|
Tomáš Mráz |
f9356b |
LIBNAME=`basename \`ls $RPM_BUILD_ROOT/%{_lib}/libaudit.so.*.*.*\``
|
|
Tomáš Mráz |
f9356b |
ln -s ../../%{_lib}/$LIBNAME libaudit.so
|
|
Steve Grubb |
7ea761 |
LIBNAME=`basename \`ls $RPM_BUILD_ROOT/%{_lib}/libauparse.so.*.*.*\``
|
|
Steve Grubb |
7ea761 |
ln -s ../../%{_lib}/$LIBNAME libauparse.so
|
|
Steve Grubb |
21c8b7 |
cd $curdir
|
|
Steve Grubb |
64cb26 |
# Remove these items so they don't get picked up.
|
|
Steve Grubb |
64cb26 |
rm -f $RPM_BUILD_ROOT/%{_lib}/libaudit.so
|
|
Steve Grubb |
7ea761 |
rm -f $RPM_BUILD_ROOT/%{_lib}/libauparse.so
|
|
Steve Grubb |
64cb26 |
rm -f $RPM_BUILD_ROOT/%{_lib}/libaudit.la
|
|
Steve Grubb |
7ea761 |
rm -f $RPM_BUILD_ROOT/%{_lib}/libauparse.la
|
|
Jeremy Katz |
cb7d8f |
rm -f $RPM_BUILD_ROOT/%{_libdir}/python?.?/site-packages/_audit.a
|
|
Jeremy Katz |
cb7d8f |
rm -f $RPM_BUILD_ROOT/%{_libdir}/python?.?/site-packages/_audit.la
|
|
Steve Grubb |
7ea761 |
rm -f $RPM_BUILD_ROOT/%{_libdir}/python?.?/site-packages/_auparse.a
|
|
Steve Grubb |
7ea761 |
rm -f $RPM_BUILD_ROOT/%{_libdir}/python?.?/site-packages/_auparse.la
|
|
Steve Grubb |
21c8b7 |
|
|
Steve Grubb |
0b8b4a |
# On platforms with 32 & 64 bit libs, we need to coordinate the timestamp
|
|
Steve Grubb |
0b8b4a |
touch -r ./audit.spec $RPM_BUILD_ROOT/etc/libaudit.conf
|
|
Steve Grubb |
0b8b4a |
|
|
Steve Grubb |
c56912 |
%find_lang system-config-audit
|
|
Steve Grubb |
c56912 |
|
|
Steve Grubb |
5734b6 |
desktop-file-install \
|
|
Steve Grubb |
5734b6 |
--dir $RPM_BUILD_ROOT/%{_datadir}/applications \
|
|
Steve Grubb |
5734b6 |
--delete-original \
|
|
Steve Grubb |
5734b6 |
system-config-audit/system-config-audit.desktop
|
|
Steve Grubb |
5734b6 |
|
|
Steve Grubb |
d12b5d |
# This is a reminder to enable it when tests
|
|
Steve Grubb |
5734b6 |
# aren't based on postfix uids
|
|
Steve Grubb |
25639a |
#% check
|
|
Steve Grubb |
25639a |
#make check
|
|
Steve Grubb |
559824 |
|
|
cvsdist |
2c6ba5 |
%clean
|
|
cvsdist |
2c6ba5 |
rm -rf $RPM_BUILD_ROOT
|
|
Steve Grubb |
25639a |
rm -rf zos-remote-policy
|
|
cvsdist |
2c6ba5 |
|
|
Steve Grubb |
7a408f |
%post libs -p /sbin/ldconfig
|
|
Steve Grubb |
75f480 |
|
|
Steve Grubb |
25639a |
%post -n audispd-plugins
|
|
Steve Grubb |
25639a |
for selinuxvariant in %{selinux_variants}
|
|
Steve Grubb |
25639a |
do
|
|
Steve Grubb |
25639a |
/usr/sbin/semodule -s $selinuxvariant \
|
|
Steve Grubb |
25639a |
-i %{_datadir}/selinux/$selinuxvariant/audispd-zos-remote.pp \
|
|
Steve Grubb |
25639a |
&> /dev/null || :
|
|
Steve Grubb |
25639a |
done
|
|
Steve Grubb |
25639a |
/sbin/restorecon -F /sbin/audispd-zos-remote /etc/audisp/zos-remote.conf
|
|
Steve Grubb |
25639a |
|
|
Steve Grubb |
c5201d |
%post
|
|
Steve Grubb |
7c0633 |
/sbin/chkconfig --add auditd
|
|
Steve Grubb |
ca188d |
if [ -f /etc/auditd.conf ]; then
|
|
Steve Grubb |
ca188d |
mv /etc/auditd.conf /etc/audit/auditd.conf
|
|
Steve Grubb |
ca188d |
fi
|
|
Steve Grubb |
ca188d |
if [ -f /etc/audit.rules ]; then
|
|
Steve Grubb |
ca188d |
mv /etc/audit.rules /etc/audit/audit.rules
|
|
Steve Grubb |
ca188d |
fi
|
|
Steve Grubb |
5734b6 |
# This is to enable the dispatcher option which was commented out
|
|
Steve Grubb |
cb9ea2 |
if [ -f /etc/audit/auditd.conf ]; then
|
|
Steve Grubb |
5734b6 |
grep '^dispatcher' /etc/audit/auditd.conf >/dev/null
|
|
Steve Grubb |
5734b6 |
if [ $? -eq 1 ] ; then
|
|
Steve Grubb |
5734b6 |
tmp=`mktemp /etc/audit/auditd-post.XXXXXX`
|
|
Steve Grubb |
5734b6 |
if [ -n $tmp ]; then
|
|
Steve Grubb |
5734b6 |
sed 's|^#dispatcher|dispatcher|g' /etc/audit/auditd.conf > $tmp && \
|
|
Steve Grubb |
5734b6 |
cat $tmp > /etc/audit/auditd.conf
|
|
Steve Grubb |
5734b6 |
rm -f $tmp
|
|
Steve Grubb |
5734b6 |
fi
|
|
Steve Grubb |
cb9ea2 |
fi
|
|
Steve Grubb |
cb9ea2 |
fi
|
|
Steve Grubb |
c5201d |
|
|
Steve Grubb |
c5201d |
%preun
|
|
Steve Grubb |
1be66f |
if [ $1 -eq 0 ]; then
|
|
Steve Grubb |
c5201d |
/sbin/service auditd stop > /dev/null 2>&1
|
|
Steve Grubb |
c5201d |
/sbin/chkconfig --del auditd
|
|
Steve Grubb |
c5201d |
fi
|
|
Steve Grubb |
c5201d |
|
|
Steve Grubb |
5734b6 |
%postun libs -p /sbin/ldconfig
|
|
Steve Grubb |
75f480 |
|
|
Steve Grubb |
25639a |
%postun -n audispd-plugins
|
|
Steve Grubb |
25639a |
if [ $1 -eq 0 ]; then
|
|
Steve Grubb |
25639a |
for selinuxvariant in %{selinux_variants}
|
|
Steve Grubb |
25639a |
do
|
|
Steve Grubb |
25639a |
/usr/sbin/semodule -s $selinuxvariant -r audispd-zos-remote &>/dev/null || :
|
|
Steve Grubb |
25639a |
done
|
|
Steve Grubb |
25639a |
fi
|
|
Steve Grubb |
25639a |
|
|
Steve Grubb |
c5201d |
%postun
|
|
Steve Grubb |
c5201d |
if [ $1 -ge 1 ]; then
|
|
Steve Grubb |
ec62b1 |
/sbin/service auditd condrestart > /dev/null 2>&1 || :
|
|
Steve Grubb |
c5201d |
fi
|
|
Steve Grubb |
c5201d |
|
|
Steve Grubb |
75f480 |
%files libs
|
|
Steve Grubb |
75f480 |
%defattr(-,root,root)
|
|
Steve Grubb |
19531f |
%attr(755,root,root) /%{_lib}/libaudit.*
|
|
Steve Grubb |
7ea761 |
%attr(755,root,root) /%{_lib}/libauparse.*
|
|
Steve Grubb |
ca97eb |
%config(noreplace) %attr(640,root,root) /etc/libaudit.conf
|
|
Steve Grubb |
75f480 |
|
|
Steve Grubb |
75f480 |
%files libs-devel
|
|
Steve Grubb |
c5201d |
%defattr(-,root,root)
|
|
Steve Grubb |
862b73 |
%doc contrib/skeleton.c contrib/plugin
|
|
Steve Grubb |
21c8b7 |
%{_libdir}/libaudit.a
|
|
Steve Grubb |
7ea761 |
%{_libdir}/libauparse.a
|
|
Steve Grubb |
21c8b7 |
%{_libdir}/libaudit.so
|
|
Steve Grubb |
7ea761 |
%{_libdir}/libauparse.so
|
|
Steve Grubb |
c5201d |
%{_includedir}/libaudit.h
|
|
Steve Grubb |
7ea761 |
%{_includedir}/auparse.h
|
|
Steve Grubb |
7ea761 |
%{_includedir}/auparse-defs.h
|
|
Steve Grubb |
72b129 |
%{_mandir}/man3/*
|
|
Steve Grubb |
00064e |
%{_mandir}/man5/ausearch-expression.5.gz
|
|
Steve Grubb |
c5201d |
|
|
Steve Grubb |
9fb940 |
%files libs-python
|
|
Steve Grubb |
9fb940 |
%defattr(-,root,root)
|
|
Steve Grubb |
00064e |
%attr(755,root,root) %{_libdir}/python?.?/site-packages/_audit.so
|
|
Steve Grubb |
00064e |
%attr(755,root,root) %{_libdir}/python?.?/site-packages/auparse.so
|
|
Steve Grubb |
00064e |
%{python_sitelib}/audit.py*
|
|
Steve Grubb |
dbe1b8 |
|
|
cvsdist |
2c6ba5 |
%files
|
|
cvsdist |
2c6ba5 |
%defattr(-,root,root,-)
|
|
Steve Grubb |
00064e |
%doc README COPYING ChangeLog contrib/capp.rules contrib/nispom.rules contrib/lspp.rules contrib/stig.rules init.d/auditd.cron
|
|
Steve Grubb |
25639a |
%attr(644,root,root) %{_mandir}/man8/audispd.8.gz
|
|
Steve Grubb |
25639a |
%attr(644,root,root) %{_mandir}/man8/auditctl.8.gz
|
|
Steve Grubb |
25639a |
%attr(644,root,root) %{_mandir}/man8/auditd.8.gz
|
|
Steve Grubb |
25639a |
%attr(644,root,root) %{_mandir}/man8/aureport.8.gz
|
|
Steve Grubb |
25639a |
%attr(644,root,root) %{_mandir}/man8/ausearch.8.gz
|
|
Steve Grubb |
25639a |
%attr(644,root,root) %{_mandir}/man8/autrace.8.gz
|
|
Steve Grubb |
25639a |
%attr(644,root,root) %{_mandir}/man8/aulastlog.8.gz
|
|
Steve Grubb |
00064e |
%attr(644,root,root) %{_mandir}/man8/ausyscall.8.gz
|
|
Steve Grubb |
25639a |
%attr(644,root,root) %{_mandir}/man5/auditd.conf.5.gz
|
|
Steve Grubb |
25639a |
%attr(644,root,root) %{_mandir}/man5/audispd.conf.5.gz
|
|
Steve Grubb |
f553a5 |
%attr(750,root,root) /sbin/auditctl
|
|
Steve Grubb |
f553a5 |
%attr(750,root,root) /sbin/auditd
|
|
Steve Grubb |
1dbd16 |
%attr(755,root,root) /sbin/ausearch
|
|
Steve Grubb |
1dbd16 |
%attr(755,root,root) /sbin/aureport
|
|
Steve Grubb |
7a408f |
%attr(750,root,root) /sbin/autrace
|
|
Steve Grubb |
551486 |
%attr(750,root,root) /sbin/audispd
|
|
Steve Grubb |
00064e |
%attr(750,root,root) %{_bindir}/aulastlog
|
|
Steve Grubb |
00064e |
%attr(755,root,root) %{_bindir}/ausyscall
|
|
Steve Grubb |
654a5c |
%attr(755,root,root) /etc/rc.d/init.d/auditd
|
|
Steve Grubb |
d1e22d |
%attr(750,root,root) %{_var}/log/audit
|
|
Steve Grubb |
835c19 |
%attr(750,root,root) %dir /etc/audit
|
|
Steve Grubb |
d3e971 |
%attr(750,root,root) %dir /etc/audisp
|
|
Steve Grubb |
d3e971 |
%attr(750,root,root) %dir /etc/audisp/plugins.d
|
|
Daniel J Walsh |
965e81 |
%attr(750,root,root) %dir %{_libdir}/audit
|
|
Steve Grubb |
ca188d |
%config(noreplace) %attr(640,root,root) /etc/audit/auditd.conf
|
|
Steve Grubb |
ca188d |
%config(noreplace) %attr(640,root,root) /etc/audit/audit.rules
|
|
Steve Grubb |
654a5c |
%config(noreplace) %attr(640,root,root) /etc/sysconfig/auditd
|
|
Steve Grubb |
7c6e7f |
%config(noreplace) %attr(640,root,root) /etc/audisp/audispd.conf
|
|
Steve Grubb |
d12b5d |
%config(noreplace) %attr(640,root,root) /etc/audisp/plugins.d/af_unix.conf
|
|
Steve Grubb |
25639a |
|
|
Steve Grubb |
25639a |
%files -n audispd-plugins
|
|
Steve Grubb |
25639a |
%defattr(-,root,root,-)
|
|
Steve Grubb |
559824 |
%attr(640,root,root) /etc/audisp/plugins.d/syslog.conf
|
|
Steve Grubb |
25639a |
%attr(644,root,root) %{_mandir}/man8/audispd-zos-remote.8.gz
|
|
Steve Grubb |
25639a |
%attr(644,root,root) %{_mandir}/man5/zos-remote.conf.5.gz
|
|
Steve Grubb |
25639a |
%config(noreplace) %attr(640,root,root) /etc/audisp/plugins.d/audispd-zos-remote.conf
|
|
Steve Grubb |
25639a |
%config(noreplace) %attr(640,root,root) /etc/audisp/zos-remote.conf
|
|
Steve Grubb |
25639a |
%attr(750,root,root) /sbin/audispd-zos-remote
|
|
Steve Grubb |
d12b5d |
%attr(644,root,root) %{_datadir}/selinux/*/audispd-zos-remote.pp
|
|
Steve Grubb |
5734b6 |
%config(noreplace) %attr(640,root,root) /etc/audisp/plugins.d/au-prelude.conf
|
|
Steve Grubb |
00064e |
%config(noreplace) %attr(640,root,root) /etc/audisp/audisp-prelude.conf
|
|
Steve Grubb |
5734b6 |
%attr(750,root,root) /sbin/audisp-prelude
|
|
Steve Grubb |
00064e |
%attr(644,root,root) %{_mandir}/man5/audisp-prelude.conf.5.gz
|
|
Steve Grubb |
5734b6 |
%attr(644,root,root) %{_mandir}/man8/audisp-prelude.8.gz
|
|
Steve Grubb |
00064e |
%config(noreplace) %attr(640,root,root) /etc/audisp/audisp-remote.conf
|
|
Steve Grubb |
00064e |
%config(noreplace) %attr(640,root,root) /etc/audisp/plugins.d/au-remote.conf
|
|
Steve Grubb |
00064e |
%attr(750,root,root) /sbin/audisp-remote
|
|
Steve Grubb |
00064e |
%attr(644,root,root) %{_mandir}/man5/audisp-remote.conf.5.gz
|
|
Steve Grubb |
00064e |
%attr(644,root,root) %{_mandir}/man8/audisp-remote.8.gz
|
|
cvsdist |
2c6ba5 |
|
|
Steve Grubb |
c56912 |
%files -n system-config-audit -f system-config-audit.lang
|
|
Steve Grubb |
c56912 |
%defattr(-,root,root,-)
|
|
Steve Grubb |
c56912 |
%doc system-config-audit/AUTHORS
|
|
Steve Grubb |
c56912 |
%doc system-config-audit/COPYING
|
|
Steve Grubb |
c56912 |
%doc system-config-audit/ChangeLog
|
|
Steve Grubb |
c56912 |
%doc system-config-audit/NEWS
|
|
Steve Grubb |
c56912 |
%doc system-config-audit/README
|
|
Steve Grubb |
c56912 |
%{_bindir}/system-config-audit
|
|
Steve Grubb |
c56912 |
%{_datadir}/applications/system-config-audit.desktop
|
|
Steve Grubb |
c56912 |
%{_datadir}/system-config-audit
|
|
Steve Grubb |
c56912 |
%{_libexecdir}/system-config-audit-server-real
|
|
Steve Grubb |
c56912 |
%{_libexecdir}/system-config-audit-server
|
|
Steve Grubb |
c56912 |
%config(noreplace) %{_sysconfdir}/pam.d/system-config-audit-server
|
|
Steve Grubb |
c56912 |
%config(noreplace) %{_sysconfdir}/security/console.apps/system-config-audit-server
|
|
Steve Grubb |
c56912 |
|
|
cvsdist |
2c6ba5 |
%changelog
|
|
Steve Grubb |
d1b4f5 |
* Fri Apr 18 2008 Steve Grubb <sgrubb@redhat.com> 1.7.2-4
|
|
Steve Grubb |
f25903 |
- Update auparse patch for audisp-prelude
|
|
Steve Grubb |
f25903 |
|
|
Steve Grubb |
00064e |
* Thu Apr 17 2008 Steve Grubb <sgrubb@redhat.com> 1.7.2-1
|
|
Steve Grubb |
00064e |
- New upstream version
|
|
Steve Grubb |
00064e |
- Update system-config-audit to version 0.4.6 (Miloslav Trmac)
|
|
Steve Grubb |
00064e |
- audisp-prelude alerts now controlled by config file
|
|
Steve Grubb |
00064e |
- Updated syscall table for 2.6.25 kernel
|
|
Steve Grubb |
00064e |
- Add basic remote logging plugin - only sends & no flow control
|
|
Steve Grubb |
00064e |
- Add support in auditctl for virtual keys
|
|
Steve Grubb |
00064e |
- Add example STIG rules file
|
|
Steve Grubb |
00064e |
- ausyscall program added for cross referencing syscall name and number info
|
|
Steve Grubb |
00064e |
- Add string table lookup performance improvement patch (Miloslav Trmac)
|
|
Steve Grubb |
00064e |
|
|
Steve Grubb |
c6afc3 |
* Wed Apr 02 2008 Steve Grubb <sgrubb@redhat.com> 1.6.8-4
|
|
Steve Grubb |
c6afc3 |
- Fix overflow in audit_log_user_command bz 438840
|
|
Steve Grubb |
c6afc3 |
- Remove LSB headers from init scripts
|
|
Steve Grubb |
c6afc3 |
- Fix ausearch to not escape saddr in avcs
|
|
Steve Grubb |
c6afc3 |
|
|
Steve Grubb |
f23caa |
* Fri Mar 14 2008 Steve Grubb <sgrubb@redhat.com> 1.6.8-3
|
|
Steve Grubb |
f23caa |
- Better fix for memleak in audit event dispatcher
|
|
Steve Grubb |
f23caa |
|
|
Steve Grubb |
2e019b |
* Sun Mar 02 2008 Steve Grubb <sgrubb@redhat.com> 1.6.8-2
|
|
Steve Grubb |
2e019b |
- Fix memleak in audit event dispatcher
|
|
Steve Grubb |
2e019b |
|
|
Steve Grubb |
4139e4 |
* Fri Feb 15 2008 Steve Grubb <sgrubb@redhat.com> 1.6.8-1
|
|
Steve Grubb |
4139e4 |
- New upstream version
|
|
Steve Grubb |
4139e4 |
- Cleanup descriptors in audispd before running plugin
|
|
Steve Grubb |
4139e4 |
- Fix 'recent' keyword for aureport/search
|
|
Steve Grubb |
4139e4 |
- Add detection of failed group authentication to audisp-prelude
|
|
Steve Grubb |
4139e4 |
|
|
Steve Grubb |
5734b6 |
* Thu Jan 31 2008 Steve Grubb <sgrubb@redhat.com> 1.6.7-1
|
|
Steve Grubb |
5734b6 |
- New upstream version
|
|
Steve Grubb |
5734b6 |
- Adds prelude IDS plugin for IDMEF alerts
|
|
Steve Grubb |
5734b6 |
- In ausearch/report, add new command line option --input-logs (#428860)
|
|
Steve Grubb |
5734b6 |
- Avoid touching auditd.conf most of the time (#408501)
|
|
Steve Grubb |
5734b6 |
|
|
Steve Grubb |
d12b5d |
* Fri Jan 11 2008 Steve Grubb <sgrubb@redhat.com> 1.6.5-2
|
|
Steve Grubb |
d12b5d |
Updates from spec file review
|
|
Steve Grubb |
d12b5d |
|
|
Steve Grubb |
25639a |
* Mon Jan 07 2008 Steve Grubb <sgrubb@redhat.com> 1.6.5-1
|
|
Steve Grubb |
25639a |
- New upstream version
|
|
Steve Grubb |
25639a |
- Add RACF zos remote audispd plugin (Klaus Kiwi)
|
|
Steve Grubb |
25639a |
- Fix audit log permissions on rotate. If group is root 0400, otherwise 0440
|
|
Steve Grubb |
25639a |
- Update system-config-audit to version 0.4.5 (Miloslav Trmac)
|
|
Steve Grubb |
25639a |
- Fix keep_logs when num_logs option disabled (#325561)
|
|
Steve Grubb |
25639a |
- Allow use of errno strings for exit codes in audit rules
|
|
Steve Grubb |
25639a |
- If auditd logging was suspended, it can be resumed with SIGUSR2 (#251639)
|
|
Steve Grubb |
25639a |
- Updated CAPP, LSPP, and NISPOM rules for new capabilities
|
|
Steve Grubb |
25639a |
- Added aulastlog utility
|
|
Steve Grubb |
25639a |
|
|
Steve Grubb |
fed318 |
* Wed Oct 17 2007 Steve Grubb <sgrubb@redhat.com> 1.6.2-4
|
|
Steve Grubb |
fed318 |
- Fix race between threads accessing common data in auditd
|
|
Steve Grubb |
fed318 |
- Fix double free in event dispatcher.
|
|
Steve Grubb |
fed318 |
|
|
Steve Grubb |
0a1d44 |
* Fri Oct 5 2007 Steve Grubb <sgrubb@redhat.com> 1.6.2-3
|
|
Steve Grubb |
0a1d44 |
- Fix syscall name to number conversion in libaudit.
|
|
Steve Grubb |
0a1d44 |
|
|
Steve Grubb |
eadd98 |
* Mon Oct 1 2007 Steve Grubb <sgrubb@redhat.com> 1.6.2-2
|
|
Steve Grubb |
eadd98 |
- Don't retry if the rt queue is full.
|
|
Steve Grubb |
eadd98 |
|
|
Steve Grubb |
559824 |
* Tue Sep 25 2007 Steve Grubb <sgrubb@redhat.com> 1.6.2-1
|
|
Steve Grubb |
559824 |
- Add support for searching by posix regular expressions in auparse
|
|
Steve Grubb |
559824 |
- Route DEAMON events into rt interface
|
|
Steve Grubb |
559824 |
- If event pipe is full, try again after doing local logging
|
|
Steve Grubb |
559824 |
- Optionally add node/machine name to records in audit daemon
|
|
Steve Grubb |
559824 |
- Update ausearch/aureport to specify nodes to search on
|
|
Steve Grubb |
559824 |
- Fix segfault interpretting saddr fields in avcs
|
|
Steve Grubb |
559824 |
|
|
Steve Grubb |
b62f29 |
* Thu Sep 6 2007 Steve Grubb <sgrubb@redhat.com> 1.6.1-2
|
|
Steve Grubb |
b62f29 |
- Fix uninitialized variable in auparse (John Dennis)
|
|
Steve Grubb |
b62f29 |
|
|
Steve Grubb |
862b73 |
* Sun Sep 2 2007 Steve Grubb <sgrubb@redhat.com> 1.6.1-1
|
|
Steve Grubb |
862b73 |
- External plugin support in place
|
|
Steve Grubb |
862b73 |
- Fix reference counting in auparse python bindings (#263961)
|
|
Steve Grubb |
862b73 |
- Moved default af_unix plugin socket to /var/run/audispd_events
|
|
Steve Grubb |
862b73 |
|
|
Steve Grubb |
114d25 |
* Wed Aug 29 2007 Steve Grubb <sgrubb@redhat.com> 1.6-3
|
|
Steve Grubb |
114d25 |
- Add newline to audispd string formatted events
|
|
Steve Grubb |
114d25 |
|
|
Steve Grubb |
d3e971 |
* Tue Aug 28 2007 Steve Grubb <sgrubb@redhat.com> 1.6-2
|
|
Steve Grubb |
d3e971 |
- spec file cleanups
|
|
Steve Grubb |
d3e971 |
- Update to s-c-audit 0.4.3
|
|
Steve Grubb |
d3e971 |
|
|
Steve Grubb |
7c6e7f |
* Mon Aug 27 2007 Steve Grubb <sgrubb@redhat.com> 1.6-1
|
|
Steve Grubb |
7c6e7f |
- Update Licence tags
|
|
Steve Grubb |
7c6e7f |
- Adding perm field should not set syscall added flag in auditctl
|
|
Steve Grubb |
7c6e7f |
- Fix segfault when aureport -if option is used
|
|
Steve Grubb |
7c6e7f |
- Fix auditctl to better check keys on rule lines
|
|
Steve Grubb |
7c6e7f |
- Add support for audit by TTY and other new event types
|
|
Steve Grubb |
7c6e7f |
- Auditd config option for group permission of audit logs
|
|
Steve Grubb |
7c6e7f |
- Swig messed up a variable in ppc's python bindings causing crashes. (#251327)
|
|
Steve Grubb |
7c6e7f |
- New audit event dispatcher
|
|
Steve Grubb |
7c6e7f |
- Update syscall tables for 2.6.23 kernel
|
|
Steve Grubb |
7c6e7f |
|
|
Steve Grubb |
283747 |
* Wed Jul 25 2007 Steve Grubb <sgrubb@redhat.com> 1.5.6-1
|
|
Steve Grubb |
283747 |
- Fix potential buffer overflow in print clone flags of auparse
|
|
Steve Grubb |
283747 |
- Fix python traceback parsing watches without perm statement (Miloslav Trmac)
|
|
Steve Grubb |
283747 |
- Update auditctl to handle legacy kernels when putting a watch on a dir
|
|
Steve Grubb |
283747 |
- Fix acct interpretation in auparse
|
|
Steve Grubb |
283747 |
|
|
Miloslav Trmac |
be93e3 |
* Tue Jul 17 2007 Miloslav Trmač <mitr@redhat.com> - 1.5.5-5
|
|
Miloslav Trmac |
be93e3 |
- Fix a double free when auditd receives SIGHUP
|
|
Miloslav Trmac |
be93e3 |
- Move the system-config-audit menu entry to the Administration menu
|
|
Miloslav Trmac |
be93e3 |
|
|
Steve Grubb |
c56912 |
* Tue Jul 10 2007 Steve Grubb <sgrubb@redhat.com> 1.5.5-1
|
|
Steve Grubb |
c56912 |
- Add system-config-audit (Miloslav Trmac)
|
|
Steve Grubb |
c56912 |
- Correct bug in audit_make_equivalent function (Al Viro)
|
|
Steve Grubb |
c56912 |
|
|
Steve Grubb |
c56912 |
* Tue Jun 26 2007 Steve Grubb <sgrubb@redhat.com> 1.5.4-1
|
|
Steve Grubb |
c56912 |
- Add feed interface to auparse library (John Dennis)
|
|
Steve Grubb |
c56912 |
- Apply patch to libauparse for unresolved symbols (#241178)
|
|
Steve Grubb |
c56912 |
- Apply patch to add line numbers for file events in libauparse (John Dennis)
|
|
Steve Grubb |
c56912 |
- Change seresults to seresult in libauparse (John Dennis)
|
|
Steve Grubb |
c56912 |
- Add unit32_t definition to swig (#244210)
|
|
Steve Grubb |
c56912 |
- Add support for directory auditing
|
|
Steve Grubb |
c56912 |
- Update acct field to be escaped
|
|
Steve Grubb |
c56912 |
|
|
Steve Grubb |
551486 |
* Tue May 01 2007 Steve Grubb <sgrubb@redhat.com> 1.5.3-1
|
|
Steve Grubb |
551486 |
- Change buffer size to prevent truncation of DAEMON events with large labels
|
|
Steve Grubb |
551486 |
- Fix memory leaks in auparse (John Dennis)
|
|
Steve Grubb |
551486 |
- Update syscall tables for 2.6.21 kernel
|
|
Steve Grubb |
551486 |
- Update capp & lspp rules
|
|
Steve Grubb |
551486 |
- New python bindings for libauparse (John Dennis)
|
|
Steve Grubb |
551486 |
|
|
Steve Grubb |
31f6a3 |
* Thu Apr 04 2007 Steve Grubb <sgrubb@redhat.com> 1.5.2-1
|
|
Steve Grubb |
31f6a3 |
- New event dispatcher (James Antill)
|
|
Steve Grubb |
31f6a3 |
- Apply patches fixing man pages and Makefile.am (Philipp Hahn)
|
|
Steve Grubb |
31f6a3 |
- Apply patch correcting python libs permissions (Philipp Hahn)
|
|
Steve Grubb |
31f6a3 |
- Fix auditd segfault on reload
|
|
Steve Grubb |
31f6a3 |
- Fix bug in auparse library for file pointers and descriptors
|
|
Steve Grubb |
31f6a3 |
- Extract subject information out of daemon events for ausearch
|
|
Steve Grubb |
31f6a3 |
|
|
Steve Grubb |
856416 |
* Thu Mar 29 2007 Steve Grubb <sgrubb@redhat.com> 1.5.1-2
|
|
Steve Grubb |
856416 |
- Remove requires kernel-headers for python-libs
|
|
Steve Grubb |
856416 |
- Apply patch to prevent segfaults on auditd reload
|
|
Steve Grubb |
856416 |
|
|
Steve Grubb |
7044bd |
* Tue Mar 20 2007 Steve Grubb <sgrubb@redhat.com> 1.5.1-1
|
|
Steve Grubb |
7044bd |
- Updated autrace to monitor *at syscalls
|
|
Steve Grubb |
7044bd |
- Add support in libaudit for AUDIT_BIT_TEST(^) and AUDIT_MASK_TEST (&)
|
|
Steve Grubb |
7044bd |
- Finish reworking auditd config parser
|
|
Steve Grubb |
7044bd |
- In auparse, interpret open, fcntl, and clone flags
|
|
Steve Grubb |
7044bd |
- In auparse, when interpreting execve record types, run args through unencode
|
|
Steve Grubb |
7044bd |
- Add support for OBJ_PID message type
|
|
Steve Grubb |
7044bd |
- Event dispatcher updates
|
|
Steve Grubb |
7044bd |
|
|
Steve Grubb |
9404d1 |
* Fri Mar 2 2007 Steve Grubb <sgrubb@redhat.com> 1.5-2
|
|
Steve Grubb |
9404d1 |
- rebuild
|
|
Steve Grubb |
9404d1 |
|
|
Steve Grubb |
dbe1b8 |
* Fri Mar 2 2007 Steve Grubb <sgrubb@redhat.com> 1.5-1
|
|
Steve Grubb |
f3a943 |
- NEW audit dispatcher program & plugin framework
|
|
Steve Grubb |
dbe1b8 |
- Correct hidden variables in libauparse
|
|
Steve Grubb |
dbe1b8 |
- Added NISPOM sample rules
|
|
Steve Grubb |
dbe1b8 |
- Verify accessibility of files passed in auparse_init
|
|
Steve Grubb |
dbe1b8 |
- Fix bug in parser library interpreting socketcalls
|
|
Steve Grubb |
dbe1b8 |
- Add support for stdio FILE pointer in auparse_init
|
|
Steve Grubb |
dbe1b8 |
- Adjust init script to allow anyone to status auditd (#230626)
|
|
Steve Grubb |
f3a943 |
|
|
Steve Grubb |
cfd726 |
* Tue Feb 20 2007 Steve Grubb <sgrubb@redhat.com> 1.4.2-1
|
|
Steve Grubb |
cfd726 |
- Add man pages
|
|
Steve Grubb |
cfd726 |
- Reduce text relocations in parser library
|
|
Steve Grubb |
cfd726 |
- Add -n option to auditd for no fork
|
|
Steve Grubb |
cfd726 |
- Add exec option to space_left, admin_space_left, disk_full,
|
|
Steve Grubb |
cfd726 |
and disk_error - eg EXEC /usr/local/script
|
|
Steve Grubb |
cfd726 |
|
|
Steve Grubb |
adb0e1 |
* Fri Feb 16 2007 Steve Grubb <sgrubb@redhat.com> 1.4.1-1
|
|
Steve Grubb |
adb0e1 |
- updated audit_rule_fieldpair_data to handle perm correctly (#226780)
|
|
Steve Grubb |
adb0e1 |
- Finished search options for audit parsing library
|
|
Steve Grubb |
adb0e1 |
- Fix ausearch -se to work correctly
|
|
Steve Grubb |
adb0e1 |
- Fix auditd init script for /usr on netdev (#228528)
|
|
Steve Grubb |
adb0e1 |
- Parse avc seperms better when there are more than one
|
|
Steve Grubb |
adb0e1 |
|
|
Steve Grubb |
7ea761 |
* Sun Feb 04 2007 Steve Grubb <sgrubb@redhat.com> 1.4-1
|
|
Steve Grubb |
7ea761 |
- New report about authentication attempts
|
|
Steve Grubb |
7ea761 |
- Updates for python 2.5
|
|
Steve Grubb |
7ea761 |
- update autrace to have resource usage mode
|
|
Steve Grubb |
7ea761 |
- update auditctl to support immutable config
|
|
Steve Grubb |
7ea761 |
- added audit_log_user_command function to libaudit api
|
|
Steve Grubb |
7ea761 |
- interpret capabilities
|
|
Steve Grubb |
7ea761 |
- added audit event parsing library
|
|
Steve Grubb |
7ea761 |
- updates for 2.6.20 kernel
|
|
Steve Grubb |
7ea761 |
|
|
Steve Grubb |
e85f91 |
* Sun Dec 10 2006 Steve Grubb <sgrubb@redhat.com> 1.3.1-2
|
|
Steve Grubb |
22f12f |
- Make more adjustments for python 2.5
|
|
Steve Grubb |
e85f91 |
|
|
Steve Grubb |
932347 |
* Sun Dec 10 2006 Steve Grubb <sgrubb@redhat.com> 1.3.1-1
|
|
Steve Grubb |
932347 |
- Fix a couple parsing problems (#217952)
|
|
Steve Grubb |
932347 |
- Add tgkill to S390* syscall tables (#218484)
|
|
Steve Grubb |
932347 |
- Fix error messages in ausearch/aureport
|
|
Steve Grubb |
932347 |
|
|
Jeremy Katz |
cb7d8f |
* Wed Dec 6 2006 Jeremy Katz <katzj@redhat.com> - 1.3-4
|
|
Jeremy Katz |
cb7d8f |
- rebuild against python 2.5
|
|
Jeremy Katz |
cb7d8f |
|
|
Steve Grubb |
0b8b4a |
* Thu Nov 30 2006 Steve Grubb <sgrubb@redhat.com> 1.3-3
|
|
Steve Grubb |
0b8b4a |
- Fix timestamp for libaudit.conf (#218053)
|
|
Steve Grubb |
0b8b4a |
|
|
Steve Grubb |
cbb5de |
* Thu Nov 30 2006 Steve Grubb <sgrubb@redhat.com> 1.3-2
|
|
Steve Grubb |
cbb5de |
- Fix minor parsing problem and add new msg types
|
|
Steve Grubb |
cbb5de |
|
|
Steve Grubb |
b7fc0d |
* Tue Nov 28 2006 Steve Grubb <sgrubb@redhat.com> 1.3-1
|
|
Steve Grubb |
b7fc0d |
- ausearch & aureport implement uid/gid caching
|
|
Steve Grubb |
b7fc0d |
- In ausearch & aureport, extract addr when hostname is unknown
|
|
Steve Grubb |
b7fc0d |
- In ausearch & aureport, test audit log presence O_RDONLY
|
|
Steve Grubb |
b7fc0d |
- New ausearch/aureport time keywords: recent, this-week, this-month, this-year
|
|
Steve Grubb |
b7fc0d |
- Added --add & --delete option to aureport
|
|
Steve Grubb |
b7fc0d |
- Update res parsing in config change events
|
|
Steve Grubb |
b7fc0d |
- Increase the size on audit daemon buffers
|
|
Steve Grubb |
b7fc0d |
- Parse avc_path records in ausearch/aureport
|
|
Steve Grubb |
b7fc0d |
- ausearch has new output mode, raw, for extracting events
|
|
Steve Grubb |
b7fc0d |
- ausearch/aureport can now read stdin
|
|
Steve Grubb |
b7fc0d |
- Rework AVC processing in ausearch/aureport
|
|
Steve Grubb |
b7fc0d |
- Added long options to ausearch and aureport
|
|
Steve Grubb |
b7fc0d |
|
|
Steve Grubb |
81b218 |
* Tue Oct 24 2006 Steve Grubb <sgrubb@redhat.com> 1.2.9-1
|
|
Steve Grubb |
81b218 |
- In auditd if num_logs is zero, don't rotate on SIGUSR1 (#208834)
|
|
Steve Grubb |
81b218 |
- Fix some defines in libaudit.h
|
|
Steve Grubb |
81b218 |
- Some auditd config strings were not initialized in aureport (#211443)
|
|
Steve Grubb |
81b218 |
- Updated man pages
|
|
Steve Grubb |
81b218 |
- Add Netlabel event types to libaudit
|
|
Steve Grubb |
81b218 |
- Update aureports to current audit event types
|
|
Steve Grubb |
81b218 |
- Update autrace a little
|
|
Steve Grubb |
81b218 |
- Deprecated all the old audit_rule functions from public API
|
|
Steve Grubb |
81b218 |
- Drop auparse library for the moment
|
|
Steve Grubb |
81b218 |
|
|
Steve Grubb |
c02ad9 |
* Fri Sep 29 2006 Steve Grubb <sgrubb@redhat.com> 1.2.8-1
|
|
Steve Grubb |
c02ad9 |
- Add dist tag and bump version (#208532)
|
|
Steve Grubb |
c02ad9 |
- Make internal auditd buffers bigger for context info
|
|
Steve Grubb |
c02ad9 |
- Correct address resolving of hostname in logging functions
|
|
Steve Grubb |
c02ad9 |
- Do not allow multiple msgtypes in same audit rule in auditctl (#207666)
|
|
Steve Grubb |
c02ad9 |
- Only =, != operators for arch & inode fields in auditctl (#206427)
|
|
Steve Grubb |
c02ad9 |
- Updated audit message type table
|
|
Steve Grubb |
c02ad9 |
- Remove watches from aureport since FS_WATCH is deprecated
|
|
Steve Grubb |
c02ad9 |
- Add audit_log_avc back temporarily (#208152)
|
|
Steve Grubb |
c02ad9 |
|