|
Steve Grubb |
d3e971 |
diff -ur audit-1.5.6.orig/system-config-audit/ChangeLog audit-1.5.6/system-config-audit/ChangeLog
|
|
Steve Grubb |
d3e971 |
--- audit-1.5.6.orig/system-config-audit/ChangeLog 2007-08-28 14:08:15.000000000 -0400
|
|
Steve Grubb |
d3e971 |
+++ audit-1.5.6/system-config-audit/ChangeLog 2007-08-28 14:20:16.000000000 -0400
|
|
Steve Grubb |
d3e971 |
@@ -1,3 +1,21 @@
|
|
Steve Grubb |
d3e971 |
+2007-08-28 Miloslav Trma훾 <mitr@redhat.com>
|
|
Steve Grubb |
d3e971 |
+
|
|
Steve Grubb |
d3e971 |
+ * configure.ac: Release 0.4.3.
|
|
Steve Grubb |
d3e971 |
+ * NEWS: Update.
|
|
Steve Grubb |
d3e971 |
+
|
|
Steve Grubb |
d3e971 |
+ * src/audit_rules.py (Field.option_text): New parameter rule. Use
|
|
Steve Grubb |
d3e971 |
+ -p only in rules with -w, -F perm= otherwise.
|
|
Steve Grubb |
d3e971 |
+ (Rule.command_text): Add -k only after -S.
|
|
Steve Grubb |
d3e971 |
+
|
|
Steve Grubb |
d3e971 |
+2007-08-02 Miloslav Trma훾 <mitr@redhat.com>
|
|
Steve Grubb |
d3e971 |
+
|
|
Steve Grubb |
d3e971 |
+ * src/main_window.py (N_): Remove useless definition.
|
|
Steve Grubb |
d3e971 |
+
|
|
Steve Grubb |
d3e971 |
+2007-07-23 Miloslav Trma훾 <mitr@redhat.com>
|
|
Steve Grubb |
d3e971 |
+
|
|
Steve Grubb |
d3e971 |
+ * src/watch_list_dialog.py (_WatchTable._validate_rule): Fix a
|
|
Steve Grubb |
d3e971 |
+ crash when the rule has no AUDIT_WATCH or AUDIT_PERM field.
|
|
Steve Grubb |
d3e971 |
+
|
|
Steve Grubb |
d3e971 |
2007-07-17 Miloslav Trma훾 <mitr@redhat.com>
|
|
Steve Grubb |
d3e971 |
|
|
Steve Grubb |
d3e971 |
* system-config-audit.desktop.in (Categories): Add System, to move the
|
|
Steve Grubb |
d3e971 |
diff -ur audit-1.5.6.orig/system-config-audit/configure.ac audit-1.5.6/system-config-audit/configure.ac
|
|
Steve Grubb |
d3e971 |
--- audit-1.5.6.orig/system-config-audit/configure.ac 2007-08-28 14:08:15.000000000 -0400
|
|
Steve Grubb |
d3e971 |
+++ audit-1.5.6/system-config-audit/configure.ac 2007-08-28 14:08:59.000000000 -0400
|
|
Steve Grubb |
d3e971 |
@@ -1,5 +1,5 @@
|
|
Steve Grubb |
d3e971 |
# Process this file with autoconf to produce a configure script.
|
|
Steve Grubb |
d3e971 |
-AC_INIT([system-config-audit], [0.4.2], [mitr@redhat.com])
|
|
Steve Grubb |
d3e971 |
+AC_INIT([system-config-audit], [0.4.3], [mitr@redhat.com])
|
|
Steve Grubb |
d3e971 |
AC_COPYRIGHT(
|
|
Steve Grubb |
d3e971 |
[Copyright (C) 2007 Red Hat, Inc. All rights reserved.
|
|
Steve Grubb |
d3e971 |
|
|
Steve Grubb |
d3e971 |
diff -ur audit-1.5.6.orig/system-config-audit/NEWS audit-1.5.6/system-config-audit/NEWS
|
|
Steve Grubb |
d3e971 |
--- audit-1.5.6.orig/system-config-audit/NEWS 2007-08-28 14:08:15.000000000 -0400
|
|
Steve Grubb |
d3e971 |
+++ audit-1.5.6/system-config-audit/NEWS 2007-08-28 14:08:59.000000000 -0400
|
|
Steve Grubb |
d3e971 |
@@ -1,5 +1,10 @@
|
|
Steve Grubb |
d3e971 |
+Changes in release 0.4.3:
|
|
Steve Grubb |
d3e971 |
+* Fix order of -k and -S, and using -p without -w, in audit rules
|
|
Steve Grubb |
d3e971 |
+* Fix a crash validating a non-watch rule
|
|
Steve Grubb |
d3e971 |
+* Move the menu entry to the Administration submenu in GNOME
|
|
Steve Grubb |
d3e971 |
+
|
|
Steve Grubb |
d3e971 |
Changes in release 0.4.2:
|
|
Steve Grubb |
d3e971 |
-* Modify to run on RHEL 5.
|
|
Steve Grubb |
d3e971 |
+* Modify to run on RHEL 5
|
|
Steve Grubb |
d3e971 |
|
|
Steve Grubb |
d3e971 |
Changes in release 0.4.1:
|
|
Steve Grubb |
d3e971 |
* Add an install-fedora Makefile target
|
|
Steve Grubb |
d3e971 |
diff -ur audit-1.5.6.orig/system-config-audit/src/audit_rules.py audit-1.5.6/system-config-audit/src/audit_rules.py
|
|
Steve Grubb |
d3e971 |
--- audit-1.5.6.orig/system-config-audit/src/audit_rules.py 2007-08-28 14:08:15.000000000 -0400
|
|
Steve Grubb |
d3e971 |
+++ audit-1.5.6/system-config-audit/src/audit_rules.py 2007-08-28 14:08:59.000000000 -0400
|
|
Steve Grubb |
d3e971 |
@@ -347,13 +347,18 @@
|
|
Steve Grubb |
d3e971 |
self.op = self.OP_EQ
|
|
Steve Grubb |
d3e971 |
self.value = self.get_field_type(self.var).parse_value(string, self.op)
|
|
Steve Grubb |
d3e971 |
|
|
Steve Grubb |
d3e971 |
- def option_text(self):
|
|
Steve Grubb |
d3e971 |
- '''Return a string representing this field as an auditctl option.'''
|
|
Steve Grubb |
d3e971 |
+ def option_text(self, rule):
|
|
Steve Grubb |
d3e971 |
+ '''Return a string representing this field as an auditctl option.
|
|
Steve Grubb |
d3e971 |
+
|
|
Steve Grubb |
d3e971 |
+ Use rule to determine the correct syntax.
|
|
Steve Grubb |
d3e971 |
+
|
|
Steve Grubb |
d3e971 |
+ '''
|
|
Steve Grubb |
d3e971 |
val = self._value_text()
|
|
Steve Grubb |
d3e971 |
if self.var == audit.AUDIT_FILTERKEY:
|
|
Steve Grubb |
d3e971 |
assert self.op == self.OP_EQ
|
|
Steve Grubb |
d3e971 |
return '-k %s' % val
|
|
Steve Grubb |
d3e971 |
- elif self.var == audit.AUDIT_PERM:
|
|
Steve Grubb |
d3e971 |
+ elif (self.var == audit.AUDIT_PERM and
|
|
Steve Grubb |
d3e971 |
+ len([f for f in rule.fields if f.var == audit.AUDIT_WATCH]) == 1):
|
|
Steve Grubb |
d3e971 |
assert self.op == self.OP_EQ
|
|
Steve Grubb |
d3e971 |
return '-p %s' % val
|
|
Steve Grubb |
d3e971 |
else:
|
|
Steve Grubb |
d3e971 |
@@ -443,16 +448,21 @@
|
|
Steve Grubb |
d3e971 |
o.append('-w %s' % watches[0].value)
|
|
Steve Grubb |
d3e971 |
watch_used = True
|
|
Steve Grubb |
d3e971 |
# Add fields before syscalls because -F arch=... may change the meaning
|
|
Steve Grubb |
d3e971 |
- # of syscall names
|
|
Steve Grubb |
d3e971 |
+ # of syscall names. But add AUDIT_FILTERKEY only after -S, auditctl
|
|
Steve Grubb |
d3e971 |
+ # stubbornly insists on that order.
|
|
Steve Grubb |
d3e971 |
for f in self.fields:
|
|
Steve Grubb |
d3e971 |
- if f.var != audit.AUDIT_WATCH or not watch_used:
|
|
Steve Grubb |
d3e971 |
- o.append(f.option_text())
|
|
Steve Grubb |
d3e971 |
+ if (f.var != audit.AUDIT_FILTERKEY and
|
|
Steve Grubb |
d3e971 |
+ (f.var != audit.AUDIT_WATCH or not watch_used)):
|
|
Steve Grubb |
d3e971 |
+ o.append(f.option_text(self))
|
|
Steve Grubb |
d3e971 |
if list is not rules.exclude_rules:
|
|
Steve Grubb |
d3e971 |
for s in self.syscalls:
|
|
Steve Grubb |
d3e971 |
if s == self.SYSCALLS_ALL:
|
|
Steve Grubb |
d3e971 |
o.append('-S all')
|
|
Steve Grubb |
d3e971 |
else:
|
|
Steve Grubb |
d3e971 |
o.append('-S %s' % util.syscall_string(s, self.machine))
|
|
Steve Grubb |
d3e971 |
+ for f in self.fields:
|
|
Steve Grubb |
d3e971 |
+ if f.var == audit.AUDIT_FILTERKEY:
|
|
Steve Grubb |
d3e971 |
+ o.append(f.option_text(self))
|
|
Steve Grubb |
d3e971 |
return ' '.join(o)
|
|
Steve Grubb |
d3e971 |
|
|
Steve Grubb |
d3e971 |
def __eq__(self, rule):
|
|
Steve Grubb |
d3e971 |
diff -ur audit-1.5.6.orig/system-config-audit/src/main_window.py audit-1.5.6/system-config-audit/src/main_window.py
|
|
Steve Grubb |
d3e971 |
--- audit-1.5.6.orig/system-config-audit/src/main_window.py 2007-08-28 14:08:15.000000000 -0400
|
|
Steve Grubb |
d3e971 |
+++ audit-1.5.6/system-config-audit/src/main_window.py 2007-08-28 14:08:59.000000000 -0400
|
|
Steve Grubb |
d3e971 |
@@ -32,8 +32,6 @@
|
|
Steve Grubb |
d3e971 |
import settings
|
|
Steve Grubb |
d3e971 |
import util
|
|
Steve Grubb |
d3e971 |
|
|
Steve Grubb |
d3e971 |
-def N_(s): return s
|
|
Steve Grubb |
d3e971 |
-
|
|
Steve Grubb |
d3e971 |
def exit_watch_rules(rules):
|
|
Steve Grubb |
d3e971 |
'''Split exit rules to lists for WatchListDialog and RuleListDialog.
|
|
Steve Grubb |
d3e971 |
|
|
Steve Grubb |
d3e971 |
diff -ur audit-1.5.6.orig/system-config-audit/src/server.c audit-1.5.6/system-config-audit/src/server.c
|
|
Steve Grubb |
d3e971 |
--- audit-1.5.6.orig/system-config-audit/src/server.c 2007-08-28 14:08:15.000000000 -0400
|
|
Steve Grubb |
d3e971 |
+++ audit-1.5.6/system-config-audit/src/server.c 2007-08-28 14:08:59.000000000 -0400
|
|
Steve Grubb |
d3e971 |
@@ -200,7 +200,7 @@
|
|
Steve Grubb |
d3e971 |
err = errno;
|
|
Steve Grubb |
d3e971 |
goto err_fd;
|
|
Steve Grubb |
d3e971 |
}
|
|
Steve Grubb |
d3e971 |
- if (st.st_size > SIZE_MAX)
|
|
Steve Grubb |
d3e971 |
+ if (st.st_size > (off_t)SIZE_MAX)
|
|
Steve Grubb |
d3e971 |
{
|
|
Steve Grubb |
d3e971 |
err = EFBIG;
|
|
Steve Grubb |
d3e971 |
goto err_fd;
|