!36 【Mainline】Update to 3.0.1
Merge pull request !36 from yixiangzhike/master
This commit is contained in:
openeuler-ci-bot
Gitee
commit
caec238c79
BIN
audit-3.0.1.tar.gz
Normal file
BIN
audit-3.0.1.tar.gz
Normal file
Binary file not shown.
BIN
audit-3.0.tar.gz
BIN
audit-3.0.tar.gz
Binary file not shown.
42
audit.spec
42
audit.spec
@ -1,8 +1,8 @@
|
||||
Summary: User space tools for kernel auditing
|
||||
Name: audit
|
||||
Epoch: 1
|
||||
Version: 3.0
|
||||
Release: 4
|
||||
Version: 3.0.1
|
||||
Release: 1
|
||||
License: GPLv2+ and LGPLv2+
|
||||
URL: https://people.redhat.com/sgrubb/audit/
|
||||
Source0: https://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
|
||||
@ -16,23 +16,22 @@ Patch4: backport-Add-missing-call-to-free_interpretation_list.patch
|
||||
Patch5: backport-fix-2-more-issues-found-by-fuzzing.patch
|
||||
Patch6: backport-Fix-an-auparse-memory-leak-caused-in-recent-glibc.patch
|
||||
Patch7: backport-Fix-double-free-with-corrupted-logs.patch
|
||||
Patch8: backport-Turn-libaucommon-into-a-libtool-convenience-library-.patch
|
||||
Patch9: backport-Fix-the-closing-timing-of-audit_fd-166.patch
|
||||
Patch10: backport-Fix-some-string-length-issues.patch
|
||||
Patch11: backport-Move-the-free_config-to-success-path.patch
|
||||
Patch12: backport-Check-for-fuzzer-induced-invalid-value.patch
|
||||
Patch13: backport-error-out-if-log-is-mangled.patch
|
||||
Patch14: backport-Dont-run-off-the-end-with-corrupt-logs.patch
|
||||
Patch15: backport-Another-hardening-measure-for-corrupted-logs.patch
|
||||
Patch16: backport-Fix-busy-loop-in-normalizer-when-logs-are-corrupt.patch
|
||||
Patch17: backport-Better-fix-for-busy-loop-in-normalizer-when-logs-are.patch
|
||||
Patch18: backport-flush-uid-gid-caches-when-user-group-added-deleted-m.patch
|
||||
Patch19: backport-In-auditd-check-if-log_file-is-valid-before-closing-.patch
|
||||
Patch20: backport-Check-ctime-return-code.patch
|
||||
Patch21: backport-When-interpreting-if-val-is-NULL-return-an-empty-str.patch
|
||||
Patch22: backport-auditd.service-Restart-on-failure-ignoring-some-exit.patch
|
||||
Patch23: backport-0001-In-auditd-close-the-logging-file-descriptor-when-log.patch
|
||||
Patch24: backport-0002-In-auditd-close-the-logging-file-descriptor-when-log.patch
|
||||
Patch8: backport-Fix-the-closing-timing-of-audit_fd-166.patch
|
||||
Patch9: backport-Fix-some-string-length-issues.patch
|
||||
Patch10: backport-Move-the-free_config-to-success-path.patch
|
||||
Patch11: backport-Check-for-fuzzer-induced-invalid-value.patch
|
||||
Patch12: backport-error-out-if-log-is-mangled.patch
|
||||
Patch13: backport-Dont-run-off-the-end-with-corrupt-logs.patch
|
||||
Patch14: backport-Another-hardening-measure-for-corrupted-logs.patch
|
||||
Patch15: backport-Fix-busy-loop-in-normalizer-when-logs-are-corrupt.patch
|
||||
Patch16: backport-Better-fix-for-busy-loop-in-normalizer-when-logs-are.patch
|
||||
Patch17: backport-flush-uid-gid-caches-when-user-group-added-deleted-m.patch
|
||||
Patch18: backport-In-auditd-check-if-log_file-is-valid-before-closing-.patch
|
||||
Patch19: backport-Check-ctime-return-code.patch
|
||||
Patch20: backport-When-interpreting-if-val-is-NULL-return-an-empty-str.patch
|
||||
Patch21: backport-auditd.service-Restart-on-failure-ignoring-some-exit.patch
|
||||
Patch22: backport-0001-In-auditd-close-the-logging-file-descriptor-when-log.patch
|
||||
Patch23: backport-0002-In-auditd-close-the-logging-file-descriptor-when-log.patch
|
||||
|
||||
BuildRequires: gcc swig libtool systemd kernel-headers >= 2.6.29
|
||||
BuildRequires: openldap-devel krb5-devel libcap-ng-devel
|
||||
@ -144,7 +143,7 @@ cd $curdir
|
||||
rm -f $RPM_BUILD_ROOT/%{_lib}/libaudit.so
|
||||
rm -f $RPM_BUILD_ROOT/%{_lib}/libauparse.so
|
||||
|
||||
find $RPM_BUILD_ROOT/%{_libdir}/python?.?/site-packages -name '*.a' -delete
|
||||
find $RPM_BUILD_ROOT/%{_libdir}/python%{python3_version}/site-packages -name '*.a' -delete
|
||||
|
||||
mv $RPM_BUILD_ROOT/%{_lib}/pkgconfig $RPM_BUILD_ROOT%{_libdir}
|
||||
|
||||
@ -363,6 +362,9 @@ fi
|
||||
%attr(644,root,root) %{_mandir}/man8/*.8.gz
|
||||
|
||||
%changelog
|
||||
* Fri Dec 31 2021 yixiangzhike <yixiangzhike007@163.com> - 3.0.1-1
|
||||
- update to 3.0.1
|
||||
|
||||
* Tue Nov 16 2021 yixiangzhike <yixiangzhike007@163.com> - 3.0-4
|
||||
- backport some patches
|
||||
Turn libaucommon into a libtool convenience library
|
||||
|
||||
@ -1,118 +0,0 @@
|
||||
From dcbc6c76b10651c1d1b27b95869ab82ee2153afe Mon Sep 17 00:00:00 2001
|
||||
From: Laurent Bigonville <bigon@users.noreply.github.com>
|
||||
Date: Tue, 5 Jan 2021 19:29:44 +0100
|
||||
Subject: [PATCH 1988/2246] Turn libaucommon into a libtool convenience library
|
||||
(#147)
|
||||
|
||||
This makes sure that the functions compiled into libaucommon
|
||||
(audit_strsplit_r,...) end up in the libaudit/libauparse static library
|
||||
|
||||
Fixes: #146
|
||||
---
|
||||
audisp/plugins/remote/Makefile.am | 2 +-
|
||||
audisp/plugins/syslog/Makefile.am | 2 +-
|
||||
auparse/Makefile.am | 4 ++--
|
||||
auparse/test/Makefile.am | 6 +++---
|
||||
common/Makefile.am | 6 +++---
|
||||
lib/Makefile.am | 4 ++--
|
||||
6 files changed, 12 insertions(+), 12 deletions(-)
|
||||
|
||||
diff --git a/audisp/plugins/remote/Makefile.am b/audisp/plugins/remote/Makefile.am
|
||||
index 0066e25..bd3f301 100644
|
||||
--- a/audisp/plugins/remote/Makefile.am
|
||||
+++ b/audisp/plugins/remote/Makefile.am
|
||||
@@ -33,7 +33,7 @@ man_MANS = audisp-remote.8 audisp-remote.conf.5
|
||||
check_PROGRAMS = test-queue
|
||||
TESTS = $(check_PROGRAMS)
|
||||
|
||||
-audisp_remote_DEPENDENCIES = ${top_builddir}/common/libaucommon.a
|
||||
+audisp_remote_DEPENDENCIES = ${top_builddir}/common/libaucommon.la
|
||||
audisp_remote_SOURCES = audisp-remote.c remote-config.c queue.c
|
||||
audisp_remote_CFLAGS = -fPIE -DPIE -g -D_REENTRANT -D_GNU_SOURCE -Wundef
|
||||
audisp_remote_LDFLAGS = -pie -Wl,-z,relro -Wl,-z,now
|
||||
diff --git a/audisp/plugins/syslog/Makefile.am b/audisp/plugins/syslog/Makefile.am
|
||||
index 55ca77b..353229e 100644
|
||||
--- a/audisp/plugins/syslog/Makefile.am
|
||||
+++ b/audisp/plugins/syslog/Makefile.am
|
||||
@@ -29,7 +29,7 @@ plugin_conf = syslog.conf
|
||||
sbin_PROGRAMS = audisp-syslog
|
||||
man_MANS = audisp-syslog.8
|
||||
|
||||
-audisp_syslog_DEPENDENCIES = ${top_builddir}/common/libaucommon.a
|
||||
+audisp_syslog_DEPENDENCIES = ${top_builddir}/common/libaucommon.la
|
||||
audisp_syslog_SOURCES = audisp-syslog.c
|
||||
audisp_syslog_CFLAGS = -fPIE -DPIE -g -D_GNU_SOURCE -Wundef
|
||||
audisp_syslog_LDFLAGS = -pie -Wl,-z,relro -Wl,-z,now
|
||||
diff --git a/auparse/Makefile.am b/auparse/Makefile.am
|
||||
index b853003..d180c34 100644
|
||||
--- a/auparse/Makefile.am
|
||||
+++ b/auparse/Makefile.am
|
||||
@@ -45,8 +45,8 @@ libauparse_la_SOURCES = lru.c interpret.c nvlist.c ellist.c \
|
||||
normalize_record_map.h normalize_syscall_map.h
|
||||
nodist_libauparse_la_SOURCES = $(BUILT_SOURCES)
|
||||
|
||||
-libauparse_la_LIBADD = ${top_builddir}/lib/libaudit.la ${top_builddir}/common/libaucommon.a
|
||||
-libauparse_la_DEPENDENCIES = $(libauparse_la_SOURCES) ${top_builddir}/config.h ${top_builddir}/common/libaucommon.a
|
||||
+libauparse_la_LIBADD = ${top_builddir}/lib/libaudit.la ${top_builddir}/common/libaucommon.la
|
||||
+libauparse_la_DEPENDENCIES = $(libauparse_la_SOURCES) ${top_builddir}/config.h ${top_builddir}/common/libaucommon.la
|
||||
libauparse_la_LDFLAGS = -Wl,-z,relro
|
||||
|
||||
message.c:
|
||||
diff --git a/auparse/test/Makefile.am b/auparse/test/Makefile.am
|
||||
index 89ffcc4..11d10b0 100644
|
||||
--- a/auparse/test/Makefile.am
|
||||
+++ b/auparse/test/Makefile.am
|
||||
@@ -29,17 +29,17 @@ AM_CPPFLAGS = -I${top_srcdir}/auparse -I${top_srcdir}/lib
|
||||
|
||||
lookup_test_SOURCES = lookup_test.c
|
||||
lookup_test_LDADD = ${top_builddir}/auparse/libauparse.la \
|
||||
- ${top_builddir}/lib/libaudit.la ${top_builddir}/common/libaucommon.a
|
||||
+ ${top_builddir}/lib/libaudit.la ${top_builddir}/common/libaucommon.la
|
||||
|
||||
auparse_test_SOURCES = auparse_test.c
|
||||
auparse_test_LDFLAGS = -static
|
||||
auparse_test_LDADD = ${top_builddir}/auparse/libauparse.la \
|
||||
- ${top_builddir}/lib/libaudit.la ${top_builddir}/common/libaucommon.a
|
||||
+ ${top_builddir}/lib/libaudit.la ${top_builddir}/common/libaucommon.la
|
||||
|
||||
auparselol_test_SOURCES = auparselol_test.c
|
||||
auparselol_test_LDFLAGS = -static
|
||||
auparselol_test_LDADD = ${top_builddir}/auparse/libauparse.la \
|
||||
- ${top_builddir}/lib/libaudit.la ${top_builddir}/common/libaucommon.a
|
||||
+ ${top_builddir}/lib/libaudit.la ${top_builddir}/common/libaucommon.la
|
||||
|
||||
drop_srcdir = sed 's,$(srcdir)/test,test,'
|
||||
|
||||
diff --git a/common/Makefile.am b/common/Makefile.am
|
||||
index 9e00cbc..8b9aacb 100644
|
||||
--- a/common/Makefile.am
|
||||
+++ b/common/Makefile.am
|
||||
@@ -24,7 +24,7 @@ CONFIG_CLEAN_FILES = *.rej *.orig
|
||||
AM_CPPFLAGS = -D_GNU_SOURCE -fPIC -DPIC -I${top_srcdir} -I${top_srcdir}/lib
|
||||
|
||||
noinst_HEADERS = common.h
|
||||
-libaucommon_a_DEPENDENCIES = ../config.h
|
||||
-libaucommon_a_SOURCES = audit-fgets.c strsplit.c
|
||||
-noinst_LIBRARIES = libaucommon.a
|
||||
+libaucommon_la_DEPENDENCIES = ../config.h
|
||||
+libaucommon_la_SOURCES = audit-fgets.c strsplit.c
|
||||
+noinst_LTLIBRARIES = libaucommon.la
|
||||
|
||||
diff --git a/lib/Makefile.am b/lib/Makefile.am
|
||||
index 107c444..12e5861 100644
|
||||
--- a/lib/Makefile.am
|
||||
+++ b/lib/Makefile.am
|
||||
@@ -38,8 +38,8 @@ include_HEADERS = libaudit.h
|
||||
libaudit_la_SOURCES = libaudit.c message.c netlink.c \
|
||||
lookup_table.c audit_logging.c deprecated.c \
|
||||
dso.h private.h errormsg.h
|
||||
-libaudit_la_LIBADD = $(CAPNG_LDADD) ${top_builddir}/common/libaucommon.a
|
||||
-libaudit_la_DEPENDENCIES = $(libaudit_la_SOURCES) ../config.h ${top_builddir}/common/libaucommon.a
|
||||
+libaudit_la_LIBADD = $(CAPNG_LDADD) ${top_builddir}/common/libaucommon.la
|
||||
+libaudit_la_DEPENDENCIES = $(libaudit_la_SOURCES) ../config.h ${top_builddir}/common/libaucommon.la
|
||||
libaudit_la_LDFLAGS = -Wl,-z,relro -version-info $(VERSION_INFO)
|
||||
nodist_libaudit_la_SOURCES = $(BUILT_SOURCES)
|
||||
|
||||
--
|
||||
1.8.3.1
|
||||
|
||||
@ -85,8 +85,8 @@ index cb29fee..3655726 100644
|
||||
- int rc;
|
||||
+ int rc, rtype;
|
||||
size_t mlen, len;
|
||||
auparse_state_t *au;
|
||||
char *message;
|
||||
// Do raw format to get event started
|
||||
@@ -427,6 +428,17 @@ static const char *format_enrich(const struct audit_reply *rep)
|
||||
|
||||
// Loop over all fields while possible to add field
|
||||
@ -120,9 +120,9 @@ index cb29fee..3655726 100644
|
||||
+ default:
|
||||
+ break;
|
||||
+ }
|
||||
auparse_destroy_ext(au, AUPARSE_DESTROY_COMMON);
|
||||
free(message);
|
||||
}
|
||||
return format_buf;
|
||||
--
|
||||
1.8.3.1
|
||||
|
||||
|
||||
@ -15,10 +15,10 @@ diff --git a/lib/aarch64_table.h b/lib/aarch64_table.h
|
||||
index c61aa91..ea634c1 100644
|
||||
--- a/lib/aarch64_table.h
|
||||
+++ b/lib/aarch64_table.h
|
||||
@@ -311,4 +311,47 @@ _S(432, "fsmount")
|
||||
_S(433, "fspick")
|
||||
_S(434, "pidfd_open")
|
||||
_S(435, "clone3")
|
||||
@@ -311,3 +311,46 @@ _S(438, "pidfd_getfd")
|
||||
_S(439, "faccessat2")
|
||||
_S(440, "process_madvise")
|
||||
_S(441, "epoll_pwait2")
|
||||
+_S(1024, "open")
|
||||
+_S(1025, "link")
|
||||
+_S(1026, "unlink")
|
||||
@ -62,7 +62,6 @@ index c61aa91..ea634c1 100644
|
||||
+_S(1077, "uselib")
|
||||
+_S(1078, "sysctl")
|
||||
+_S(1079, "fork")
|
||||
|
||||
--
|
||||
1.8.5.6
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user