!138 backport patches to fix display rules bug

From: @fangxiuning Reviewed-by: @zhujianwei001 Signed-off-by: @zhujianwei001
2024-09-03 01:54:39 +00:00 · 2024-09-03 01:54:39 +00:00 · 5f33272f1b
commit 5f33272f1b
parent 2024bedff5 6386972e4d
2 changed files with 57 additions and 1 deletions
--- a/audit.spec
+++ b/audit.spec
@ -2,7 +2,7 @@ Summary:            User space tools for kernel auditing
 Name:               audit
 Epoch:              1
 Version:            3.1.2
-Release:            5
+Release:            6
 License:            GPLv2+ and LGPLv2+
 URL:                https://people.redhat.com/sgrubb/audit/
 Source0:            https://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
@ -43,6 +43,7 @@ Patch31:   backport-avoiding-of-NULL-pointers-dereference-366.patch
 Patch32:   backport-Cleanup-code-in-LRU.patch
 Patch33:   backport-Fix-memory-leaks.patch
 Patch34:   backport-fix-one-more-leak.patch
+Patch35:   backport-Correct-output-when-displaying-rules-with-exe-path-d.patch

 BuildRequires:      gcc swig libtool systemd kernel-headers >= 2.6.29
 BuildRequires:      openldap-devel krb5-devel libcap-ng-devel
@ -385,6 +386,9 @@ fi
 %attr(644,root,root) %{_mandir}/man8/*.8.gz

 %changelog
+* Sat Aug 24 2024 fangxiuning<fangxiuning@huawei.com> - 1:3.1.2-6
+- backport patches to fix bug
+
 * Thu Jul 18 2024 fangxiuning<fangxiuning@huawei.com> - 1:3.1.2-5
 - backport patches to fix bugs

--- a/backport-Correct-output-when-displaying-rules-with-exe-path-d.patch
+++ b/backport-Correct-output-when-displaying-rules-with-exe-path-d.patch
@ -0,0 +1,52 @@
+From e5b0c9d74a54e0c6c83ba402807a53e4544b7898 Mon Sep 17 00:00:00 2001
+From: Attila Lakatos <Cropi@users.noreply.github.com>
+Date: Wed, 12 Jun 2024 18:22:00 +0200
+Subject: [PATCH] Correct output when displaying rules with exe/path/dir (#379)
+
+Some audit operators were not displayed properly
+because auditctl used the "=" operator in all
+the scenarios mentioned above.
+
+Reference:https://github.com/linux-audit/audit-userspace/commit/e5b0c9d74a54e0c6c83ba402807a53e4544b7898
+Conflict:NA
+
+---
+ src/auditctl-listing.c | 11 ++++++++---
+ 1 file changed, 8 insertions(+), 3 deletions(-)
+
+diff --git a/src/auditctl-listing.c b/src/auditctl-listing.c
+index 57ae1837..9c322670 100644
+--- a/src/auditctl-listing.c
+++ b/src/auditctl-listing.c
+@@ -380,7 +380,9 @@ static void print_rule(const struct audit_rule_data *r)
+ 					printf("-w %.*s", r->values[i],
+ 						&r->buf[boffset]);
+ 				else
+-					printf(" -F path=%.*s",	r->values[i],
+					printf(" -F path%s%.*s",
+						audit_operator_to_symbol(op),
+						r->values[i],
+ 						&r->buf[boffset]);
+ 				boffset += r->values[i];
+ 			} else if (field == AUDIT_DIR) {
+@@ -388,12 +390,15 @@ static void print_rule(const struct audit_rule_data *r)
+ 					printf("-w %.*s", r->values[i],
+ 						&r->buf[boffset]);
+ 				else
+-					printf(" -F dir=%.*s", r->values[i],
+					printf(" -F dir%s%.*s",
+						audit_operator_to_symbol(op),
+						r->values[i],
+ 						&r->buf[boffset]);
+ 
+ 				boffset += r->values[i];
+ 			} else if (field == AUDIT_EXE) {
+-				printf(" -F exe=%.*s",
+				printf(" -F exe%s%.*s",
+					audit_operator_to_symbol(op),
+ 					r->values[i], &r->buf[boffset]);
+ 				boffset += r->values[i];
+ 			} else if (field == AUDIT_FILTERKEY) {
+-- 
+2.33.0
+