From e76832c90f093dcf8c0ba93bf77b1201c051816f Mon Sep 17 00:00:00 2001 From: Steve Grubb Date: Apr 21 2009 19:02:44 +0000 Subject: - New upstream release - Fix problem with negative uids in audit rules on 32 bit systems - Update tty keystroke interpretations (Miloslav Trmač) --- diff --git a/.cvsignore b/.cvsignore index e3f8da1..add3166 100644 --- a/.cvsignore +++ b/.cvsignore @@ -98,3 +98,4 @@ audit-1.7.9.tar.gz audit-1.7.10.tar.gz audit-1.7.11.tar.gz audit-1.7.12.tar.gz +audit-1.7.13.tar.gz diff --git a/audit-1.7.12-libev.patch b/audit-1.7.12-libev.patch deleted file mode 100644 index 6ecfdbc..0000000 --- a/audit-1.7.12-libev.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -ur audit-1.7.12.orig/src/libev/Makefile.in audit-1.7.12/src/libev/Makefile.in ---- audit-1.7.12.orig/src/libev/Makefile.in 2009-03-14 19:54:52.000000000 -0400 -+++ audit-1.7.12/src/libev/Makefile.in 2009-03-14 20:03:38.000000000 -0400 -@@ -78,7 +78,7 @@ - AWK = @AWK@ - CC = @CC@ - CCDEPMODE = @CCDEPMODE@ --CFLAGS = @CFLAGS@ -+CFLAGS = @CFLAGS@ -DNDEBUG - CPP = @CPP@ - CPPFLAGS = @CPPFLAGS@ - CXX = @CXX@ diff --git a/audit-1.8-noaudit.patch b/audit-1.8-noaudit.patch deleted file mode 100644 index fe2541f..0000000 --- a/audit-1.8-noaudit.patch +++ /dev/null @@ -1,120 +0,0 @@ -Index: /trunk/init.d/auditd.init -=================================================================== ---- /trunk/init.d/auditd.init (revision 243) -+++ /trunk/init.d/auditd.init (revision 265) -@@ -72,7 +72,7 @@ - if test $RETVAL = 0 ; then - touch /var/lock/subsys/auditd -+ # Load the default rules -+ test -f /etc/audit/audit.rules && /sbin/auditctl -R /etc/audit/audit.rules >/dev/null - fi -- # Load the default rules -- test -f /etc/audit/audit.rules && /sbin/auditctl -R /etc/audit/audit.rules >/dev/null - return $RETVAL - } -@@ -85,9 +85,15 @@ - rm -f /var/lock/subsys/auditd - # Remove watches so shutdown works cleanly -- if test "`echo $AUDITD_CLEAN_STOP | tr 'NO' 'no'`" != "no" ; then -- /sbin/auditctl -D >/dev/null -+ if test x"$AUDITD_CLEAN_STOP" != "x" ; then -+ if test "`echo $AUDITD_CLEAN_STOP | tr 'NO' 'no'`" != "no" -+ then -+ /sbin/auditctl -D >/dev/null -+ fi - fi -- if test "`echo $AUDITD_STOP_DISABLE | tr 'NO' 'no'`" != "no" ; then -- /sbin/auditctl -e 0 >/dev/null -+ if test x"$AUDITD_STOP_DISABLE" != "x" ; then -+ if test "`echo $AUDITD_STOP_DISABLE | tr 'NO' 'no'`" != "no" -+ then -+ /sbin/auditctl -e 0 >/dev/null -+ fi - fi - return $RETVAL -Index: /trunk/src/auditctl.c -=================================================================== ---- /trunk/src/auditctl.c (revision 242) -+++ /trunk/src/auditctl.c (revision 265) -@@ -971,4 +971,6 @@ - } - } -+ if (retval == -1 && errno == ECONNREFUSED) -+ fprintf(stderr, "The audit system is disabled\n"); - return retval; - } -@@ -1086,4 +1088,10 @@ - "There was an error in line %d of %s\n", - lineno, file); -+ else { -+ fprintf(stderr, -+ "The audit system is disabled\n"); -+ fclose(f); -+ return 0; -+ } - if (!ignore) { - fclose(f); -@@ -1122,4 +1130,7 @@ - "The audit system is in immutable " - "mode, no rules loaded\n"); -+ return 0; -+ } else if (errno == ECONNREFUSED) { -+ fprintf(stderr, "The audit system is disabled\n"); - return 0; - } else if (fileopt(argv[2])) -@@ -1141,4 +1152,7 @@ - "The audit system is in immutable " - "mode, no rules loaded\n"); -+ return 0; -+ } else if (errno == ECONNREFUSED) { -+ fprintf(stderr, "The audit system is disabled\n"); - return 0; - } -Index: /trunk/src/auditd-event.c -=================================================================== ---- /trunk/src/auditd-event.c (revision 258) -+++ /trunk/src/auditd-event.c (revision 265) -@@ -287,6 +287,7 @@ - data->tail = NULL; - data->head = data->head->next; -- if (data->head == NULL && stop && -- cur->reply.type == AUDIT_DAEMON_END) -+ if (data->head == NULL && stop && -+ ( cur->reply.type == AUDIT_DAEMON_END || -+ cur->reply.type == AUDIT_DAEMON_ABORT) ) - stop_req = 1; - pthread_mutex_unlock(&data->queue_lock); -Index: /trunk/src/auditd.c -=================================================================== ---- /trunk/src/auditd.c (revision 256) -+++ /trunk/src/auditd.c (revision 265) -@@ -616,5 +616,5 @@ - return 1; - } -- if(getsubj(subj)) -+ if (getsubj(subj)) - snprintf(start, sizeof(start), - "auditd start, ver=%s format=%s " -@@ -684,5 +684,5 @@ - send_audit_event(AUDIT_DAEMON_ABORT, emsg); - audit_msg(LOG_ERR, -- "Unable to set intitial audit startup state to '%s', exiting", -+ "Unable to set initial audit startup state to '%s', exiting", - startup_states[opt_startup]); - close_down(); -Index: /trunk/src/autrace.c -=================================================================== ---- /trunk/src/autrace.c (revision 1) -+++ /trunk/src/autrace.c (revision 265) -@@ -156,5 +156,10 @@ - { - case -1: -- fprintf(stderr, "Error - can't get rule count.\n"); -+ if (errno == ECONNREFUSED) -+ fprintf(stderr, -+ "The audit system is disabled\n"); -+ else -+ fprintf(stderr, -+ "Error - can't get rule count.\n"); - return 1; - case 0: diff --git a/audit-swig.patch b/audit-swig.patch deleted file mode 100644 index f3201c9..0000000 --- a/audit-swig.patch +++ /dev/null @@ -1,246 +0,0 @@ -diff -u -r audit-1.7.12/swig/Makefile.am audit-1.7.12.good/swig/Makefile.am ---- audit-1.7.12/swig/Makefile.am 2009-02-24 16:11:36.000000000 -0500 -+++ audit-1.7.12.good/swig/Makefile.am 2009-03-06 23:36:21.000000000 -0500 -@@ -25,7 +25,7 @@ - PYLIBVER ?= python$(PYTHON_VERSION) - INCLUDES = -I. -I$(top_builddir) -I${top_srcdir}/lib -I/usr/include/$(PYLIBVER) - LIBS = $(top_builddir)/lib/libaudit.la --python_PYTHON = audit.py -+pyexec_PYTHON = audit.py - pyexec_LTLIBRARIES = _audit.la - pyexec_SOLIBRARIES = _audit.so - _audit_la_LDFLAGS = -module -avoid-version -diff -u -r audit-1.7.12/swig/Makefile.in audit-1.7.12.good/swig/Makefile.in ---- audit-1.7.12/swig/Makefile.in 2009-02-24 16:12:03.000000000 -0500 -+++ audit-1.7.12.good/swig/Makefile.in 2009-03-06 23:39:01.000000000 -0500 -@@ -1,4 +1,4 @@ --# Makefile.in generated by automake 1.10.1 from Makefile.am. -+# Makefile.in generated by automake 1.10.2 from Makefile.am. - # @configure_input@ - - # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -@@ -34,7 +34,7 @@ - host_triplet = @host@ - target_triplet = @target@ - subdir = swig --DIST_COMMON = $(python_PYTHON) $(srcdir)/Makefile.am \ -+DIST_COMMON = $(pyexec_PYTHON) $(srcdir)/Makefile.am \ - $(srcdir)/Makefile.in - ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 - am__aclocal_m4_deps = $(top_srcdir)/src/libev/libev.m4 \ -@@ -49,7 +49,7 @@ - *) f=$$p;; \ - esac; - am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; --am__installdirs = "$(DESTDIR)$(pyexecdir)" "$(DESTDIR)$(pythondir)" -+am__installdirs = "$(DESTDIR)$(pyexecdir)" "$(DESTDIR)$(pyexecdir)" - pyexecLTLIBRARIES_INSTALL = $(INSTALL) - LTLIBRARIES = $(pyexec_LTLIBRARIES) - _audit_la_LIBADD = -@@ -72,7 +72,7 @@ - $(LDFLAGS) -o $@ - SOURCES = $(nodist__audit_la_SOURCES) - DIST_SOURCES = --pythonPYTHON_INSTALL = $(INSTALL_DATA) -+pyexecPYTHON_INSTALL = $(INSTALL_DATA) - py_compile = $(top_srcdir)/py-compile - ETAGS = etags - CTAGS = ctags -@@ -89,27 +89,24 @@ - CFLAGS = @CFLAGS@ - CPP = @CPP@ - CPPFLAGS = @CPPFLAGS@ --CXX = @CXX@ --CXXCPP = @CXXCPP@ --CXXDEPMODE = @CXXDEPMODE@ --CXXFLAGS = @CXXFLAGS@ - CYGPATH_W = @CYGPATH_W@ - DEFS = @DEFS@ - DEPDIR = @DEPDIR@ --ECHO = @ECHO@ -+DSYMUTIL = @DSYMUTIL@ -+DUMPBIN = @DUMPBIN@ - ECHO_C = @ECHO_C@ - ECHO_N = @ECHO_N@ - ECHO_T = @ECHO_T@ - EGREP = @EGREP@ - EXEEXT = @EXEEXT@ --F77 = @F77@ --FFLAGS = @FFLAGS@ -+FGREP = @FGREP@ - GREP = @GREP@ - INSTALL = @INSTALL@ - INSTALL_DATA = @INSTALL_DATA@ - INSTALL_PROGRAM = @INSTALL_PROGRAM@ - INSTALL_SCRIPT = @INSTALL_SCRIPT@ - INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -+LD = @LD@ - LDFLAGS = @LDFLAGS@ - LIBOBJS = @LIBOBJS@ - LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@ -@@ -118,11 +115,17 @@ - LIBTOOL = @LIBTOOL@ - LIBTOOL_DEPS = @LIBTOOL_DEPS@ - LIBWRAP_LIBS = @LIBWRAP_LIBS@ -+LIPO = @LIPO@ - LN_S = @LN_S@ - LTLIBOBJS = @LTLIBOBJS@ - MAKEINFO = @MAKEINFO@ - MKDIR_P = @MKDIR_P@ -+NM = @NM@ -+NMEDIT = @NMEDIT@ -+OBJDUMP = @OBJDUMP@ - OBJEXT = @OBJEXT@ -+OTOOL = @OTOOL@ -+OTOOL64 = @OTOOL64@ - PACKAGE = @PACKAGE@ - PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ - PACKAGE_NAME = @PACKAGE_NAME@ -@@ -146,8 +149,7 @@ - abs_top_builddir = @abs_top_builddir@ - abs_top_srcdir = @abs_top_srcdir@ - ac_ct_CC = @ac_ct_CC@ --ac_ct_CXX = @ac_ct_CXX@ --ac_ct_F77 = @ac_ct_F77@ -+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ - am__include = @am__include@ - am__leading_dot = @am__leading_dot@ - am__quote = @am__quote@ -@@ -180,6 +182,7 @@ - libexecdir = @libexecdir@ - localedir = @localedir@ - localstatedir = @localstatedir@ -+lt_ECHO = @lt_ECHO@ - mandir = @mandir@ - mkdir_p = @mkdir_p@ - oldincludedir = @oldincludedir@ -@@ -201,6 +204,7 @@ - target_cpu = @target_cpu@ - target_os = @target_os@ - target_vendor = @target_vendor@ -+top_build_prefix = @top_build_prefix@ - top_builddir = @top_builddir@ - top_srcdir = @top_srcdir@ - -@@ -229,7 +233,7 @@ - CONFIG_CLEAN_FILES = *.loT *.rej *.orig - AM_CFLAGS = -fPIC -DPIC - INCLUDES = -I. -I$(top_builddir) -I${top_srcdir}/lib -I/usr/include/$(PYLIBVER) --python_PYTHON = audit.py -+pyexec_PYTHON = audit.py - pyexec_LTLIBRARIES = _audit.la - pyexec_SOLIBRARIES = _audit.so - _audit_la_LDFLAGS = -module -avoid-version -@@ -244,8 +248,8 @@ - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ -- cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ -- && exit 0; \ -+ ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ -+ && { if test -f $@; then exit 0; else break; fi; }; \ - exit 1;; \ - esac; \ - done; \ -@@ -333,33 +337,33 @@ - - clean-libtool: - -rm -rf .libs _libs --install-pythonPYTHON: $(python_PYTHON) -+install-pyexecPYTHON: $(pyexec_PYTHON) - @$(NORMAL_INSTALL) -- test -z "$(pythondir)" || $(MKDIR_P) "$(DESTDIR)$(pythondir)" -- @list='$(python_PYTHON)'; dlist=''; for p in $$list; do\ -+ test -z "$(pyexecdir)" || $(MKDIR_P) "$(DESTDIR)$(pyexecdir)" -+ @list='$(pyexec_PYTHON)'; dlist=''; for p in $$list; do\ - if test -f "$$p"; then b=; else b="$(srcdir)/"; fi; \ - if test -f $$b$$p; then \ - f=$(am__strip_dir) \ - dlist="$$dlist $$f"; \ -- echo " $(pythonPYTHON_INSTALL) '$$b$$p' '$(DESTDIR)$(pythondir)/$$f'"; \ -- $(pythonPYTHON_INSTALL) "$$b$$p" "$(DESTDIR)$(pythondir)/$$f"; \ -+ echo " $(pyexecPYTHON_INSTALL) '$$b$$p' '$(DESTDIR)$(pyexecdir)/$$f'"; \ -+ $(pyexecPYTHON_INSTALL) "$$b$$p" "$(DESTDIR)$(pyexecdir)/$$f"; \ - else :; fi; \ - done; \ - if test -n "$$dlist"; then \ - if test -z "$(DESTDIR)"; then \ -- PYTHON=$(PYTHON) $(py_compile) --basedir "$(pythondir)" $$dlist; \ -+ PYTHON=$(PYTHON) $(py_compile) --basedir "$(pyexecdir)" $$dlist; \ - else \ -- PYTHON=$(PYTHON) $(py_compile) --destdir "$(DESTDIR)" --basedir "$(pythondir)" $$dlist; \ -+ PYTHON=$(PYTHON) $(py_compile) --destdir "$(DESTDIR)" --basedir "$(pyexecdir)" $$dlist; \ - fi; \ - else :; fi - --uninstall-pythonPYTHON: -+uninstall-pyexecPYTHON: - @$(NORMAL_UNINSTALL) -- @list='$(python_PYTHON)'; dlist=''; for p in $$list; do\ -+ @list='$(pyexec_PYTHON)'; dlist=''; for p in $$list; do\ - f=$(am__strip_dir) \ -- rm -f "$(DESTDIR)$(pythondir)/$$f"; \ -- rm -f "$(DESTDIR)$(pythondir)/$${f}c"; \ -- rm -f "$(DESTDIR)$(pythondir)/$${f}o"; \ -+ rm -f "$(DESTDIR)$(pyexecdir)/$$f"; \ -+ rm -f "$(DESTDIR)$(pyexecdir)/$${f}c"; \ -+ rm -f "$(DESTDIR)$(pyexecdir)/$${f}o"; \ - done - - ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) -@@ -367,7 +371,7 @@ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ -- $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ -+ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ - END { if (nonempty) { for (i in files) print i; }; }'`; \ - mkid -fID $$unique - tags: TAGS -@@ -439,7 +443,7 @@ - check: check-am - all-am: Makefile $(LTLIBRARIES) - installdirs: -- for dir in "$(DESTDIR)$(pyexecdir)" "$(DESTDIR)$(pythondir)"; do \ -+ for dir in "$(DESTDIR)$(pyexecdir)" "$(DESTDIR)$(pyexecdir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done - install: install-am -@@ -488,11 +492,11 @@ - - info-am: - --install-data-am: install-pythonPYTHON -+install-data-am: - - install-dvi: install-dvi-am - --install-exec-am: install-pyexecLTLIBRARIES -+install-exec-am: install-pyexecLTLIBRARIES install-pyexecPYTHON - - install-html: install-html-am - -@@ -524,7 +528,7 @@ - - ps-am: - --uninstall-am: uninstall-pyexecLTLIBRARIES uninstall-pythonPYTHON -+uninstall-am: uninstall-pyexecLTLIBRARIES uninstall-pyexecPYTHON - - .MAKE: install-am install-strip - -@@ -536,12 +540,12 @@ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-ps install-ps-am \ -- install-pyexecLTLIBRARIES install-pythonPYTHON install-strip \ -+ install-pyexecLTLIBRARIES install-pyexecPYTHON install-strip \ - installcheck installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-pyexecLTLIBRARIES \ -- uninstall-pythonPYTHON -+ uninstall-pyexecPYTHON - - PYLIBVER ?= python$(PYTHON_VERSION) - _audit_la_HEADERS: $(top_builddir)/config.h diff --git a/audit.spec b/audit.spec index bb2b2dd..9e066f5 100644 --- a/audit.spec +++ b/audit.spec @@ -1,7 +1,7 @@ -%define audit_version 1.7.12 -%define audit_release 4%{?dist} +%define audit_version 1.7.13 +%define audit_release 1%{?dist} %define sca_version 0.4.8 -%define sca_release 19 +%define sca_release 20 %{!?python_sitearch: %define python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")} Summary: User space tools for 2.6 kernel auditing @@ -12,9 +12,6 @@ License: GPLv2+ Group: System Environment/Daemons URL: http://people.redhat.com/sgrubb/audit/ Source0: http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz -Patch1: audit-1.8-noaudit.patch -Patch2: audit-1.7.12-libev.patch -Patch3: audit-swig.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: gettext-devel intltool libtool swig python-devel BuildRequires: tcp_wrappers-devel @@ -92,9 +89,6 @@ A graphical utility for editing audit configuration. %prep %setup -q -%patch1 -p2 -%patch2 -p1 -%patch3 -p1 %build %configure --sbindir=/sbin --libdir=/%{_lib} --with-prelude --with-libwrap --enable-gssapi-krb5=no @@ -264,6 +258,11 @@ fi %config(noreplace) %{_sysconfdir}/security/console.apps/system-config-audit-server %changelog +* Tue Apr 21 2009 Steve Grubb 1.7.13-1 +- New upstream release +- Fix problem with negative uids in audit rules on 32 bit systems +- Update tty keystroke interpretations (Miloslav Trmač) + * Fri Apr 03 2009 Steve Grubb 1.7.12-4 - Drop some debug code in libev diff --git a/sources b/sources index 78bdc02..2d7d334 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -d245861c33d714eba3e14a3582e1c214 audit-1.7.12.tar.gz +967776cbec046043ef02ffefe0e89cb7 audit-1.7.13.tar.gz