rpms/audit/devel audit-1.6.5-perm.patch, NONE, 1.1 audit.spec, 1.153, 1.154
Steve Grubb (sgrubb)
fedora-extras-commits at redhat.com
Mon Dec 31 03:30:34 UTC 2007
- Previous message (by thread): rpms/perl-DBD-SQLite/EL-4 .cvsignore, 1.4, 1.5 perl-DBD-SQLite.spec, 1.4, 1.5 sources, 1.4, 1.5
- Next message (by thread): rpms/m17n-contrib/devel .cvsignore, 1.3, 1.4 m17n-contrib.spec, 1.5, 1.6 sources, 1.3, 1.4
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: sgrubb
Update of /cvs/pkgs/rpms/audit/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv22530
Modified Files:
audit.spec
Added Files:
audit-1.6.5-perm.patch
Log Message:
* Sun Dec 30 2007 Steve Grubb <sgrubb at redhat.com> 1.6.4-2
- Allow 0600 file perms for audit logs
audit-1.6.5-perm.patch:
--- NEW FILE audit-1.6.5-perm.patch ---
diff -urp audit-1.6.5.orig/src/auditd-config.c audit-1.6.5/src/auditd-config.c
--- audit-1.6.5.orig/src/auditd-config.c 2007-12-30 17:01:29.000000000 -0500
+++ audit-1.6.5/src/auditd-config.c 2007-12-30 17:07:45.000000000 -0500
@@ -505,9 +505,9 @@ static int log_file_parser(struct nv_pai
audit_msg(LOG_ERR, "%s is not owned by root", nv->value);
return 1;
}
- if ((buf.st_mode & (S_IRWXU|S_IRWXG|S_IRWXO)) !=
- (S_IRUSR|S_IWUSR|S_IRGRP)) {
- audit_msg(LOG_ERR, "%s permissions should be 0640", nv->value);
+ if ( (buf.st_mode & (S_IXUSR|S_IWGRP|S_IXGRP|S_IRWXO)) ) {
+ audit_msg(LOG_ERR, "%s permissions should be 0600 or 0640",
+ nv->value);
return 1;
}
free((void *)config->log_file);
Index: audit.spec
===================================================================
RCS file: /cvs/pkgs/rpms/audit/devel/audit.spec,v
retrieving revision 1.153
retrieving revision 1.154
diff -u -r1.153 -r1.154
--- audit.spec 29 Dec 2007 15:51:09 -0000 1.153
+++ audit.spec 31 Dec 2007 03:29:57 -0000 1.154
@@ -6,11 +6,12 @@
Summary: User space tools for 2.6 kernel auditing
Name: audit
Version: 1.6.4
-Release: 1%{?dist}
+Release: 2%{?dist}
License: GPLv2+
Group: System Environment/Daemons
URL: http://people.redhat.com/sgrubb/audit/
Source0: %{name}-%{version}.tar.gz
+Patch1: audit-1.6.5-perm.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: gettext-devel intltool libtool swig python-devel
BuildRequires: kernel-headers >= 2.6.18
@@ -90,6 +91,7 @@
%prep
%setup -q
+%patch1 -p1
mkdir zos-remote-policy
cp -p audisp/plugins/zos-remote/policy/audispd-zos-remote.* zos-remote-policy
@@ -288,6 +290,9 @@
%config(noreplace) %{_sysconfdir}/security/console.apps/system-config-audit-server
%changelog
+* Sun Dec 30 2007 Steve Grubb <sgrubb at redhat.com> 1.6.4-2
+- Allow 0600 file perms for audit logs
+
* Sat Dec 29 2007 Steve Grubb <sgrubb at redhat.com> 1.6.4-1
- fchmod of log file was on wrong variable (#426934)
- Allow use of errno strings for exit codes in audit rules
- Previous message (by thread): rpms/perl-DBD-SQLite/EL-4 .cvsignore, 1.4, 1.5 perl-DBD-SQLite.spec, 1.4, 1.5 sources, 1.4, 1.5
- Next message (by thread): rpms/m17n-contrib/devel .cvsignore, 1.3, 1.4 m17n-contrib.spec, 1.5, 1.6 sources, 1.3, 1.4
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list