From c183a174e421f342eee7ff38950b7bcc8aa41ec2 Mon Sep 17 00:00:00 2001 From: Steve Grubb Date: Oct 22 2008 18:21:46 +0000 Subject: - Disable GSSAPI support until its reworked as plugin - Interpret TTY audit data in auparse (Miloslav Trmač) - Extract terminal from USER_AVC events for ausearch/report (Peng Haitao) - Add USER_AVCs to aureport's avc reporting (Peng Haitao) - Short circuit hostname resolution in libaudit if host is empty - If log_group and user are not root, don't check dispatcher perms - Fix a bug when executing "ausearch -te today PM" - Add --exit search option to ausearch - Fix parsing config file when kerberos is disabled --- diff --git a/.cvsignore b/.cvsignore index 748c792..b65c227 100644 --- a/.cvsignore +++ b/.cvsignore @@ -93,3 +93,4 @@ audit-1.7.4.tar.gz audit-1.7.5.tar.gz audit-1.7.6.tar.gz audit-1.7.7.tar.gz +audit-1.7.8.tar.gz diff --git a/audit-1.7.8-nopolicy.patch b/audit-1.7.8-nopolicy.patch deleted file mode 100644 index 4d3d41d..0000000 --- a/audit-1.7.8-nopolicy.patch +++ /dev/null @@ -1,363 +0,0 @@ -diff -ur audit-1.7.7.orig/audisp/plugins/zos-remote/Makefile.am audit-1.7.7/audisp/plugins/zos-remote/Makefile.am ---- audit-1.7.7.orig/audisp/plugins/zos-remote/Makefile.am 2008-09-17 15:57:13.000000000 -0400 -+++ audit-1.7.7/audisp/plugins/zos-remote/Makefile.am 2008-10-16 15:59:08.000000000 -0400 -@@ -22,7 +22,6 @@ - - INCLUDES = -I${top_srcdir} -I${top_srcdir}/lib -I${top_srcdir}/auparse - CONFIG_CLEAN_FILES = Makefile.in *.rej *.orig --SUBDIRS = policy - AUTOMAKE_OPTIONS = no-dependencies - EXTRA_DIST = zos-remote.conf audispd-zos-remote.conf - LIBS = -L${top_builddir}/auparse -lauparse -diff -ur audit-1.7.7.orig/audisp/plugins/zos-remote/Makefile.in audit-1.7.7/audisp/plugins/zos-remote/Makefile.in ---- audit-1.7.7.orig/audisp/plugins/zos-remote/Makefile.in 2008-09-17 15:57:39.000000000 -0400 -+++ audit-1.7.7/audisp/plugins/zos-remote/Makefile.in 2008-10-16 16:01:50.000000000 -0400 -@@ -97,19 +97,9 @@ - $(LDFLAGS) -o $@ - SOURCES = $(audispd_zos_remote_SOURCES) - DIST_SOURCES = $(audispd_zos_remote_SOURCES) --RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \ -- html-recursive info-recursive install-data-recursive \ -- install-dvi-recursive install-exec-recursive \ -- install-html-recursive install-info-recursive \ -- install-pdf-recursive install-ps-recursive install-recursive \ -- installcheck-recursive installdirs-recursive pdf-recursive \ -- ps-recursive uninstall-recursive - HEADERS = $(noinst_HEADERS) --RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \ -- distclean-recursive maintainer-clean-recursive - ETAGS = etags - CTAGS = ctags --DIST_SUBDIRS = $(SUBDIRS) - DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) - ACLOCAL = @ACLOCAL@ - AMTAR = @AMTAR@ -@@ -237,7 +227,6 @@ - top_srcdir = @top_srcdir@ - INCLUDES = -I${top_srcdir} -I${top_srcdir}/lib -I${top_srcdir}/auparse - CONFIG_CLEAN_FILES = Makefile.in *.rej *.orig --SUBDIRS = policy - AUTOMAKE_OPTIONS = no-dependencies - EXTRA_DIST = zos-remote.conf audispd-zos-remote.conf - LDADD = -lpthread -lldap -llber -@@ -252,7 +241,7 @@ - zos-remote-ldap.c zos-remote-config.c zos-remote-queue.c - - audispd_zos_remote_CFLAGS = -W -Wall -Wundef -D_GNU_SOURCE --all: all-recursive -+all: all-am - - .SUFFIXES: - .SUFFIXES: .c .lo .o .obj -@@ -368,76 +357,6 @@ - clean-libtool: - -rm -rf .libs _libs - --# This directory's subdirectories are mostly independent; you can cd --# into them and run `make' without going through this Makefile. --# To change the values of `make' variables: instead of editing Makefiles, --# (1) if the variable is set in `config.status', edit `config.status' --# (which will cause the Makefiles to be regenerated when you run `make'); --# (2) otherwise, pass the desired values on the `make' command line. --$(RECURSIVE_TARGETS): -- @failcom='exit 1'; \ -- for f in x $$MAKEFLAGS; do \ -- case $$f in \ -- *=* | --[!k]*);; \ -- *k*) failcom='fail=yes';; \ -- esac; \ -- done; \ -- dot_seen=no; \ -- target=`echo $@ | sed s/-recursive//`; \ -- list='$(SUBDIRS)'; for subdir in $$list; do \ -- echo "Making $$target in $$subdir"; \ -- if test "$$subdir" = "."; then \ -- dot_seen=yes; \ -- local_target="$$target-am"; \ -- else \ -- local_target="$$target"; \ -- fi; \ -- (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ -- || eval $$failcom; \ -- done; \ -- if test "$$dot_seen" = "no"; then \ -- $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \ -- fi; test -z "$$fail" -- --$(RECURSIVE_CLEAN_TARGETS): -- @failcom='exit 1'; \ -- for f in x $$MAKEFLAGS; do \ -- case $$f in \ -- *=* | --[!k]*);; \ -- *k*) failcom='fail=yes';; \ -- esac; \ -- done; \ -- dot_seen=no; \ -- case "$@" in \ -- distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \ -- *) list='$(SUBDIRS)' ;; \ -- esac; \ -- rev=''; for subdir in $$list; do \ -- if test "$$subdir" = "."; then :; else \ -- rev="$$subdir $$rev"; \ -- fi; \ -- done; \ -- rev="$$rev ."; \ -- target=`echo $@ | sed s/-recursive//`; \ -- for subdir in $$rev; do \ -- echo "Making $$target in $$subdir"; \ -- if test "$$subdir" = "."; then \ -- local_target="$$target-am"; \ -- else \ -- local_target="$$target"; \ -- fi; \ -- (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ -- || eval $$failcom; \ -- done && test -z "$$fail" --tags-recursive: -- list='$(SUBDIRS)'; for subdir in $$list; do \ -- test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \ -- done --ctags-recursive: -- list='$(SUBDIRS)'; for subdir in $$list; do \ -- test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \ -- done -- - ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ -@@ -448,23 +367,10 @@ - mkid -fID $$unique - tags: TAGS - --TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ -+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ -- if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \ -- include_option=--etags-include; \ -- empty_fix=.; \ -- else \ -- include_option=--include; \ -- empty_fix=; \ -- fi; \ -- list='$(SUBDIRS)'; for subdir in $$list; do \ -- if test "$$subdir" = .; then :; else \ -- test ! -f $$subdir/TAGS || \ -- tags="$$tags $$include_option=$$here/$$subdir/TAGS"; \ -- fi; \ -- done; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ -@@ -477,7 +383,7 @@ - $$tags $$unique; \ - fi - ctags: CTAGS --CTAGS: ctags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ -+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ -@@ -524,40 +430,22 @@ - || exit 1; \ - fi; \ - done -- list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ -- if test "$$subdir" = .; then :; else \ -- test -d "$(distdir)/$$subdir" \ -- || $(MKDIR_P) "$(distdir)/$$subdir" \ -- || exit 1; \ -- distdir=`$(am__cd) $(distdir) && pwd`; \ -- top_distdir=`$(am__cd) $(top_distdir) && pwd`; \ -- (cd $$subdir && \ -- $(MAKE) $(AM_MAKEFLAGS) \ -- top_distdir="$$top_distdir" \ -- distdir="$$distdir/$$subdir" \ -- am__remove_distdir=: \ -- am__skip_length_check=: \ -- distdir) \ -- || exit 1; \ -- fi; \ -- done - check-am: all-am --check: check-recursive -+check: check-am - all-am: Makefile $(PROGRAMS) $(HEADERS) --installdirs: installdirs-recursive --installdirs-am: -+installdirs: - for dir in "$(DESTDIR)$(sbindir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done --install: install-recursive --install-exec: install-exec-recursive --install-data: install-data-recursive --uninstall: uninstall-recursive -+install: install-am -+install-exec: install-exec-am -+install-data: install-data-am -+uninstall: uninstall-am - - install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - --installcheck: installcheck-recursive -+installcheck: installcheck-am - install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ -@@ -573,23 +461,23 @@ - maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." --clean: clean-recursive -+clean: clean-am - - clean-am: clean-generic clean-libtool clean-sbinPROGRAMS \ - mostlyclean-am - --distclean: distclean-recursive -+distclean: distclean-am - -rm -f Makefile - distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - --dvi: dvi-recursive -+dvi: dvi-am - - dvi-am: - --html: html-recursive -+html: html-am - --info: info-recursive -+info: info-am - - info-am: - -@@ -597,36 +485,36 @@ - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - --install-dvi: install-dvi-recursive -+install-dvi: install-dvi-am - - install-exec-am: install-sbinPROGRAMS - --install-html: install-html-recursive -+install-html: install-html-am - --install-info: install-info-recursive -+install-info: install-info-am - - install-man: - --install-pdf: install-pdf-recursive -+install-pdf: install-pdf-am - --install-ps: install-ps-recursive -+install-ps: install-ps-am - - installcheck-am: - --maintainer-clean: maintainer-clean-recursive -+maintainer-clean: maintainer-clean-am - -rm -f Makefile - maintainer-clean-am: distclean-am maintainer-clean-generic - --mostlyclean: mostlyclean-recursive -+mostlyclean: mostlyclean-am - - mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - --pdf: pdf-recursive -+pdf: pdf-am - - pdf-am: - --ps: ps-recursive -+ps: ps-am - - ps-am: - -@@ -634,12 +522,10 @@ - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - --.MAKE: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) install-am \ -- install-data-am install-strip uninstall-am -+.MAKE: install-am install-data-am install-strip uninstall-am - --.PHONY: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) CTAGS GTAGS \ -- all all-am check check-am clean clean-generic clean-libtool \ -- clean-sbinPROGRAMS ctags ctags-recursive distclean \ -+.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ -+ clean-libtool clean-sbinPROGRAMS ctags distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am \ -@@ -647,11 +533,11 @@ - install-exec-am install-html install-html-am install-info \ - install-info-am install-man install-pdf install-pdf-am \ - install-ps install-ps-am install-sbinPROGRAMS install-strip \ -- installcheck installcheck-am installdirs installdirs-am \ -- maintainer-clean maintainer-clean-generic mostlyclean \ -- mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ -- pdf pdf-am ps ps-am tags tags-recursive uninstall uninstall-am \ -- uninstall-hook uninstall-sbinPROGRAMS -+ installcheck installcheck-am installdirs maintainer-clean \ -+ maintainer-clean-generic mostlyclean mostlyclean-compile \ -+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ -+ tags uninstall uninstall-am uninstall-hook \ -+ uninstall-sbinPROGRAMS - - - install-data-hook: -diff -ur audit-1.7.7.orig/configure audit-1.7.7/configure ---- audit-1.7.7.orig/configure 2008-09-17 15:57:37.000000000 -0400 -+++ audit-1.7.7/configure 2008-10-16 15:58:53.000000000 -0400 -@@ -23678,7 +23678,7 @@ - - subdirs="$subdirs system-config-audit" - --ac_config_files="$ac_config_files Makefile lib/Makefile lib/test/Makefile auparse/Makefile auparse/test/Makefile src/Makefile src/mt/Makefile src/libev/Makefile swig/Makefile docs/Makefile init.d/Makefile audisp/Makefile audisp/plugins/Makefile audisp/plugins/builtins/Makefile audisp/plugins/prelude/Makefile audisp/plugins/remote/Makefile audisp/plugins/zos-remote/Makefile audisp/plugins/zos-remote/policy/Makefile bindings/Makefile bindings/python/Makefile tools/Makefile tools/aulastlog/Makefile tools/ausyscall/Makefile" -+ac_config_files="$ac_config_files Makefile lib/Makefile lib/test/Makefile auparse/Makefile auparse/test/Makefile src/Makefile src/mt/Makefile src/libev/Makefile swig/Makefile docs/Makefile init.d/Makefile audisp/Makefile audisp/plugins/Makefile audisp/plugins/builtins/Makefile audisp/plugins/prelude/Makefile audisp/plugins/remote/Makefile audisp/plugins/zos-remote/Makefile bindings/Makefile bindings/python/Makefile tools/Makefile tools/aulastlog/Makefile tools/ausyscall/Makefile" - - cat >confcache <<\_ACEOF - # This file is a shell script that caches the results of configure -@@ -24325,7 +24325,6 @@ - "audisp/plugins/prelude/Makefile") CONFIG_FILES="$CONFIG_FILES audisp/plugins/prelude/Makefile" ;; - "audisp/plugins/remote/Makefile") CONFIG_FILES="$CONFIG_FILES audisp/plugins/remote/Makefile" ;; - "audisp/plugins/zos-remote/Makefile") CONFIG_FILES="$CONFIG_FILES audisp/plugins/zos-remote/Makefile" ;; -- "audisp/plugins/zos-remote/policy/Makefile") CONFIG_FILES="$CONFIG_FILES audisp/plugins/zos-remote/policy/Makefile" ;; - "bindings/Makefile") CONFIG_FILES="$CONFIG_FILES bindings/Makefile" ;; - "bindings/python/Makefile") CONFIG_FILES="$CONFIG_FILES bindings/python/Makefile" ;; - "tools/Makefile") CONFIG_FILES="$CONFIG_FILES tools/Makefile" ;; -diff -ur audit-1.7.7.orig/configure.ac audit-1.7.7/configure.ac ---- audit-1.7.7.orig/configure.ac 2008-09-17 15:57:13.000000000 -0400 -+++ audit-1.7.7/configure.ac 2008-10-16 15:58:53.000000000 -0400 -@@ -196,7 +196,7 @@ - AC_SUBST(libev_LIBS) - - AC_CONFIG_SUBDIRS([system-config-audit]) --AC_OUTPUT(Makefile lib/Makefile lib/test/Makefile auparse/Makefile auparse/test/Makefile src/Makefile src/mt/Makefile src/libev/Makefile swig/Makefile docs/Makefile init.d/Makefile audisp/Makefile audisp/plugins/Makefile audisp/plugins/builtins/Makefile audisp/plugins/prelude/Makefile audisp/plugins/remote/Makefile audisp/plugins/zos-remote/Makefile audisp/plugins/zos-remote/policy/Makefile bindings/Makefile bindings/python/Makefile tools/Makefile tools/aulastlog/Makefile tools/ausyscall/Makefile) -+AC_OUTPUT(Makefile lib/Makefile lib/test/Makefile auparse/Makefile auparse/test/Makefile src/Makefile src/mt/Makefile src/libev/Makefile swig/Makefile docs/Makefile init.d/Makefile audisp/Makefile audisp/plugins/Makefile audisp/plugins/builtins/Makefile audisp/plugins/prelude/Makefile audisp/plugins/remote/Makefile audisp/plugins/zos-remote/Makefile bindings/Makefile bindings/python/Makefile tools/Makefile tools/aulastlog/Makefile tools/ausyscall/Makefile) - - echo . - echo " -diff -ur audit-1.7.7.orig/lib/audit_logging.c audit-1.7.7/lib/audit_logging.c ---- audit-1.7.7.orig/lib/audit_logging.c 2008-09-17 15:57:13.000000000 -0400 -+++ audit-1.7.7/lib/audit_logging.c 2008-10-16 15:58:53.000000000 -0400 -@@ -54,7 +54,8 @@ - - buf[0] = '?'; - buf[1] = 0; -- if (host == NULL) /* Short circuit this lookup if NULL */ -+ /* Short circuit this lookup if NULL, or empty */ -+ if (host == NULL || *host == 0) - return; - - memset(&hints, 0, sizeof(hints)); diff --git a/audit.spec b/audit.spec index c9f4328..1addc31 100644 --- a/audit.spec +++ b/audit.spec @@ -1,19 +1,18 @@ %define sca_version 0.4.8 -%define sca_release 4 +%define sca_release 5 %{!?python_sitelib: %define python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")} Summary: User space tools for 2.6 kernel auditing Name: audit -Version: 1.7.7 -Release: 2%{?dist} +Version: 1.7.8 +Release: 1%{?dist} License: GPLv2+ Group: System Environment/Daemons URL: http://people.redhat.com/sgrubb/audit/ Source0: http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz -Patch1: audit-1.7.8-nopolicy.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: gettext-devel intltool libtool swig python-devel -BuildRequires: tcp_wrappers-devel krb5-devel +BuildRequires: tcp_wrappers-devel BuildRequires: kernel-headers >= 2.6.18 BuildRequires: automake >= 1.9 BuildRequires: autoconf >= 2.59 @@ -87,11 +86,10 @@ A graphical utility for editing audit configuration. %prep %setup -q -%patch1 -p1 %build (cd system-config-audit; ./autogen.sh) -%configure --sbindir=/sbin --libdir=/%{_lib} --with-prelude --with-libwrap --enable-gssapi-krb5 +%configure --sbindir=/sbin --libdir=/%{_lib} --with-prelude --with-libwrap --enable-gssapi-krb5=no make %{?_smp_mflags} %install @@ -276,6 +274,17 @@ fi %config(noreplace) %{_sysconfdir}/security/console.apps/system-config-audit-server %changelog +* Wed Oct 22 2008 Steve Grubb 1.7.8-1 +- Disable GSSAPI support until its reworked as plugin +- Interpret TTY audit data in auparse (Miloslav Trmač) +- Extract terminal from USER_AVC events for ausearch/report (Peng Haitao) +- Add USER_AVCs to aureport's avc reporting (Peng Haitao) +- Short circuit hostname resolution in libaudit if host is empty +- If log_group and user are not root, don't check dispatcher perms +- Fix a bug when executing "ausearch -te today PM" +- Add --exit search option to ausearch +- Fix parsing config file when kerberos is disabled + * Thu Oct 16 2008 Steve Grubb 1.7.7-2 - Remove selinux policy for zos-remote diff --git a/sources b/sources index 3ee63eb..dd13575 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -be66a1e78091f0e7280e286784c5b4b3 audit-1.7.7.tar.gz +6b2529433c2fcf4728b286f0d822d016 audit-1.7.8.tar.gz