packages/audit
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!99 update to 3.1.2

Browse Source 
From: @zhengxiaoxiaoGitee 
Reviewed-by: @huangzq6 
Signed-off-by: @huangzq6
This commit is contained in:
openeuler-ci-bot 2024-02-01 08:48:08 +00:00 committed by Gitee
commit 386a194853
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
7 changed files with 17 additions and 104 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
audit-3.1.1.tar.gz
View File

Binary file not shown.

BIN
audit-3.1.2.tar.gz Normal file
View File

Binary file not shown.

23
audit.spec
View File

@ -1,7 +1,7 @@
Summary: User space tools for kernel auditing Summary: User space tools for kernel auditing
Name: audit Name: audit
Epoch: 1 Epoch: 1
Version: 3.1.1 Version: 3.1.2
Release: 1 Release: 1
License: GPLv2+ and LGPLv2+ License: GPLv2+ and LGPLv2+
URL: https://people.redhat.com/sgrubb/audit/ URL: https://people.redhat.com/sgrubb/audit/
@ -12,9 +12,6 @@ Patch0: bugfix-audit-support-armv7b.patch
Patch1: bugfix-audit-userspace-missing-syscalls-for-aarm64.patch Patch1: bugfix-audit-userspace-missing-syscalls-for-aarm64.patch
Patch2: bugfix-audit-reload-coredump.patch Patch2: bugfix-audit-reload-coredump.patch
Patch3: audit-Add-sw64-architecture.patch Patch3: audit-Add-sw64-architecture.patch
Patch4: backport-audit-flex-array-workaround.patch
Patch5: backport-audit-undo-flex-array.patch
Patch6: backport-auditswig.i-avoid-setter-generation-for-audit_rule_d.patch
BuildRequires: gcc swig libtool systemd kernel-headers >= 2.6.29 BuildRequires: gcc swig libtool systemd kernel-headers >= 2.6.29
BuildRequires: openldap-devel krb5-devel libcap-ng-devel BuildRequires: openldap-devel krb5-devel libcap-ng-devel
@ -95,9 +92,6 @@ cp /usr/include/linux/audit.h lib/
%patch1 -p1 %patch1 -p1
%patch2 -p1 %patch2 -p1
%patch3 -p1 %patch3 -p1
%patch4 -p1
#The patch5 will be patched after the installation phase
%patch6 -p1
autoreconf -f -i autoreconf -f -i
%build %build
@ -143,7 +137,6 @@ touch -r ./audit.spec $RPM_BUILD_ROOT/usr/share/man/man5/libaudit.conf.5.gz
cur=`pwd` cur=`pwd`
cd $RPM_BUILD_ROOT cd $RPM_BUILD_ROOT
patch -p1 < %{PATCH5}
find . -name '*.orig' -delete find . -name '*.orig' -delete
cd $cur cd $cur
@ -366,6 +359,20 @@ fi
%attr(644,root,root) %{_mandir}/man8/*.8.gz %attr(644,root,root) %{_mandir}/man8/*.8.gz
%changelog %changelog
* Thu Jan 25 2024 zhengxiaoxiao<zhengxiaoxiao2@huawei.com> - 1:3.1.2-1
- update version to 3.1.2
- When processing a run level change, make auditd exit
- In auditd, fix return code when rules added in immutable mode
- In auparse, when files are given, also consider EUID for access
- Auparse now interprets unnamed/anonymous sockets (Enzo Matsumiya)
- Disable Python bindings from setting rules due to swig bug (S. Trofimovich)
- Update all lookup tables for the 6.5 kernel
- Don't be as paranoid about auditctl -R file permissions
- In ausearch, correct subject/object search to be an and if both are given
- Adjust formats for 64 bit time_t
- Fix segfault in python bindings around the feed API
- Add feed_has_data, get_record_num, and get/goto_field_num to python bindings
* Mon Jul 24 2023 zhengxiaoxiao<zhengxiaoxiao2@huawei.com> - 1:3.1.1-1 * Mon Jul 24 2023 zhengxiaoxiao<zhengxiaoxiao2@huawei.com> - 1:3.1.1-1
- update version to 3.1.1 - update version to 3.1.1

34
backport-audit-flex-array-workaround.patch
View File

@ -1,34 +0,0 @@
commit 0d31f225faef8da3fcd0f69f6544aa274102fe53
Author: Steve Grubb <sgrubb@redhat.com>
Date: Wed Feb 23 14:24:50 2022 -0500
Subject: workaround a kernel change that breaks the build
---
bindings/swig/src.auditswig.i | 2 +-
lib/libaudit.h | 2 +-
2 files changed, 2 insertions(+)m 2 deletions(-)
diff --git a/bindings/swig/src/auditswig.i b/bindings/swig/src/auditswig.i
--- a/bindings/swig/src/auditswig.i
+++ b/bindings/swig/src/auditswig.i
@@ -39,7 +39,7 @@ signed
#define __attribute(X) /*nothing*/
typedef unsigned __u32;
typedef unsigned uid_t;
-%include "/usr/include/linux/audit.h"
+%include "../lib/audit.h"
#define __extension__ /*nothing*/
%include <stdint.i>
%include "../lib/libaudit.h"
diff --git a/lib/libaudit.h b/lib/libaudit.h
--- a/lib/libaudit.h
+++ b/lib/libaudit.h
@@ -27,7 +27,7 @@
#include <stdint.h>
#include <sys/socket.h>
#include <linux/netlink.h>
-#include <linux/audit.h>
+#include "audit.h"
#include <stdarg.h>
#include <syslog.h>
#ifndef __attr_access

21
backport-audit-undo-flex-array.patch
View File

@ -1,21 +0,0 @@
commit 2df0fecef9ea2225de116c1e969462cb4846241d
Author: Steve Grubb <sgrubb@redhat.com>
Date: Thu Feb 24 09:11:06 2022 -0500
Subject: Undo fix to libaudit.h before installing
---
./usr/include/libaudit.h | 2 +-
1 flies changed, 1 insertions(+), 1 deletions(-)
diff --git a/./usr/include/libaudit.h b/.user/include/libaudit.h
--- a/./usr/include/libaudit.h
+++ b/./usr/include/libaudit.h
@@ -32,7 +32,7 @@
#include <stdint.h>
#include <sys/socket.h>
#include <linux/netlink.h>
-#include "audit.h"
+#include <linux/audit.h>
#include <stdarg.h>
#include <syslog.h>

39
backport-auditswig.i-avoid-setter-generation-for-audit_rule_d.patch
View File

@ -1,39 +0,0 @@
From 1ca7e2b07bdc962695611ee1d0852f549d5ca21c Mon Sep 17 00:00:00 2001
From: Sergei Trofimovich <slyich@gmail.com>
Date: Wed, 23 Mar 2022 07:27:05 +0000
Subject: [PATCH 10/12] auditswig.i: avoid setter generation for
audit_rule_data::buf
As it's a flexible array generated code was never safe to use.
With kernel's https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ed98ea2128b6fd83bce13716edf8f5fe6c47f574
change it's a build failure now:
audit> audit_wrap.c:5010:15: error: invalid use of flexible array member
audit> 5010 | arg1->buf = (char [])(char *)memcpy(malloc((size)*sizeof(char)), (const char *)(arg2), sizeof(char)*(size));
audit> | ^
Let's avoid setter generation entirely.
Closes: https://github.com/linux-audit/audit-userspace/issues/252
---
bindings/swig/src/auditswig.i | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/bindings/swig/src/auditswig.i b/bindings/swig/src/auditswig.i
index 21aafca..9a2c566 100644
--- a/bindings/swig/src/auditswig.i
+++ b/bindings/swig/src/auditswig.i
@@ -39,6 +39,10 @@ signed
#define __attribute(X) /*nothing*/
typedef unsigned __u32;
typedef unsigned uid_t;
+/* Sidestep SWIG's limitation of handling c99 Flexible arrays by not:
+ * generating setters against them: https://github.com/swig/swig/issues/1699
+ */
+%ignore audit_rule_data::buf;
%include "../lib/audit.h"
#define __extension__ /*nothing*/
%include <stdint.i>
--
2.33.0

4
bugfix-audit-userspace-missing-syscalls-for-aarm64.patch
View File

@ -15,10 +15,10 @@ diff --git a/lib/aarch64_table.h b/lib/aarch64_table.h
index c61aa91..ea634c1 100644 index c61aa91..ea634c1 100644
--- a/lib/aarch64_table.h --- a/lib/aarch64_table.h
+++ b/lib/aarch64_table.h +++ b/lib/aarch64_table.h
@@ -326,4 +326,46 @@ _S(447, "memfd_secret") @@ -327,4 +327,46 @@ _S(448, "process_mrelease")
_S(448, "process_mrelease")
_S(449, "futex_waitv") _S(449, "futex_waitv")
_S(450, "set_mempolicy_home_node") _S(450, "set_mempolicy_home_node")
_S(451, "cachestat")
- -
+_S(1024, "open") +_S(1024, "open")
+_S(1025, "link") +_S(1025, "link")