From c28fd1e4b99041fae4fc745dfc9cbecc358cc23d Mon Sep 17 00:00:00 2001
From: Steve Grubb <sgrubb@fedoraproject.org>
Date: Dec 17 2008 15:06:51 +0000
Subject: - Fix bz 476798 - "auditd -n" does not work


---

diff --git a/audit-1.7.11-session.patch b/audit-1.7.11-session.patch
new file mode 100644
index 0000000..2a562b1
--- /dev/null
+++ b/audit-1.7.11-session.patch
@@ -0,0 +1,35 @@
+Index: /trunk/src/auditd.c
+===================================================================
+--- /trunk/src/auditd.c (revision 160)
++++ /trunk/src/auditd.c (revision 213)
+@@ -305,12 +305,14 @@
+ 			/* Open stdin,out,err to /dev/null */
+ 			fd = open("/dev/null", O_RDWR);
+-			if (fd < 0)
++			if (fd < 0) {
++				audit_msg(LOG_ERR, "Cannot open /dev/null");
+ 				return -1;
+-			if (dup2(fd, 0) < 0)
++			}
++			if ((dup2(fd, 0) < 0) || (dup2(fd, 1) < 0) ||
++							(dup2(fd, 2) < 0)) {
++				audit_msg(LOG_ERR,
++				    "Cannot reassign descriptors to /dev/null");
+ 				return -1;
+-			if (dup2(fd, 1) < 0)
+-				return -1;
+-			if (dup2(fd, 2) < 0)
+-				return -1;
++			}
+ 			close(fd);
+ 
+@@ -318,7 +320,6 @@
+ 			chdir("/");
+ 
+-			/* Change session */
+-			if (setsid() < 0)
+-				return -1;
++			/* Become session/process group leader */
++			setsid();
+ 			break;
+ 		case -1:
diff --git a/audit.spec b/audit.spec
index b0db169..74fc710 100644
--- a/audit.spec
+++ b/audit.spec
@@ -1,7 +1,7 @@
 %define audit_version 1.7.10
-%define audit_release 1%{?dist}
+%define audit_release 2%{?dist}
 %define sca_version 0.4.8
-%define sca_release 12
+%define sca_release 13
 %{!?python_sitelib: %define python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")}
 
 Summary: User space tools for 2.6 kernel auditing
@@ -12,6 +12,7 @@ License: GPLv2+
 Group: System Environment/Daemons
 URL: http://people.redhat.com/sgrubb/audit/
 Source0: http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
+Patch1: audit-1.7.11-session.patch
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 BuildRequires: gettext-devel intltool libtool swig python-devel
 BuildRequires: tcp_wrappers-devel 
@@ -89,6 +90,7 @@ A graphical utility for editing audit configuration.
 
 %prep
 %setup -q
+%patch1 -p2
 
 %build
 %configure --sbindir=/sbin --libdir=/%{_lib} --with-prelude --with-libwrap --enable-gssapi-krb5=no
@@ -259,6 +261,9 @@ fi
 %config(noreplace) %{_sysconfdir}/security/console.apps/system-config-audit-server
 
 %changelog
+* Wed Dec 17 2008 Steve Grubb <sgrubb@redhat.com> 1.7.10-2
+- Fix bz 476798 -  "auditd -n" does not work
+
 * Sat Dec 13 2008 Steve Grubb <sgrubb@redhat.com> 1.7.10-1
 - New upstream release