rpms/audit/F-10 audit-1.7.12-libev.patch, NONE, 1.1 audit-1.8-noaudit.patch, NONE, 1.1 audit.spec, 1.203, 1.204
Steve Grubb
sgrubb at fedoraproject.org
Sun Mar 15 00:08:11 UTC 2009
Author: sgrubb
Update of /cvs/pkgs/rpms/audit/F-10
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv17651
Modified Files:
audit.spec
Added Files:
audit-1.7.12-libev.patch audit-1.8-noaudit.patch
Log Message:
* Sat Mar 14 2009 Steve Grubb <sgrubb at redhat.com> 1.7.12-2
-Fix bz #490072 - audit fails to start if audit not compiled into kernel
audit-1.7.12-libev.patch:
--- NEW FILE audit-1.7.12-libev.patch ---
diff -ur audit-1.7.12.orig/src/libev/Makefile.in audit-1.7.12/src/libev/Makefile.in
--- audit-1.7.12.orig/src/libev/Makefile.in 2009-03-14 19:54:52.000000000 -0400
+++ audit-1.7.12/src/libev/Makefile.in 2009-03-14 20:03:38.000000000 -0400
@@ -78,7 +78,7 @@
AWK = @AWK@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
-CFLAGS = @CFLAGS@
+CFLAGS = @CFLAGS@ -DNDEBUG
CPP = @CPP@
CPPFLAGS = @CPPFLAGS@
CXX = @CXX@
audit-1.8-noaudit.patch:
--- NEW FILE audit-1.8-noaudit.patch ---
Index: /trunk/init.d/auditd.init
===================================================================
--- /trunk/init.d/auditd.init (revision 243)
+++ /trunk/init.d/auditd.init (revision 265)
@@ -72,7 +72,7 @@
if test $RETVAL = 0 ; then
touch /var/lock/subsys/auditd
+ # Load the default rules
+ test -f /etc/audit/audit.rules && /sbin/auditctl -R /etc/audit/audit.rules >/dev/null
fi
- # Load the default rules
- test -f /etc/audit/audit.rules && /sbin/auditctl -R /etc/audit/audit.rules >/dev/null
return $RETVAL
}
@@ -85,9 +85,15 @@
rm -f /var/lock/subsys/auditd
# Remove watches so shutdown works cleanly
- if test "`echo $AUDITD_CLEAN_STOP | tr 'NO' 'no'`" != "no" ; then
- /sbin/auditctl -D >/dev/null
+ if test x"$AUDITD_CLEAN_STOP" != "x" ; then
+ if test "`echo $AUDITD_CLEAN_STOP | tr 'NO' 'no'`" != "no"
+ then
+ /sbin/auditctl -D >/dev/null
+ fi
fi
- if test "`echo $AUDITD_STOP_DISABLE | tr 'NO' 'no'`" != "no" ; then
- /sbin/auditctl -e 0 >/dev/null
+ if test x"$AUDITD_STOP_DISABLE" != "x" ; then
+ if test "`echo $AUDITD_STOP_DISABLE | tr 'NO' 'no'`" != "no"
+ then
+ /sbin/auditctl -e 0 >/dev/null
+ fi
fi
return $RETVAL
Index: /trunk/src/auditctl.c
===================================================================
--- /trunk/src/auditctl.c (revision 242)
+++ /trunk/src/auditctl.c (revision 265)
@@ -971,4 +971,6 @@
}
}
+ if (retval == -1 && errno == ECONNREFUSED)
+ fprintf(stderr, "The audit system is disabled\n");
return retval;
}
@@ -1086,4 +1088,10 @@
"There was an error in line %d of %s\n",
lineno, file);
+ else {
+ fprintf(stderr,
+ "The audit system is disabled\n");
+ fclose(f);
+ return 0;
+ }
if (!ignore) {
fclose(f);
@@ -1122,4 +1130,7 @@
"The audit system is in immutable "
"mode, no rules loaded\n");
+ return 0;
+ } else if (errno == ECONNREFUSED) {
+ fprintf(stderr, "The audit system is disabled\n");
return 0;
} else if (fileopt(argv[2]))
@@ -1141,4 +1152,7 @@
"The audit system is in immutable "
"mode, no rules loaded\n");
+ return 0;
+ } else if (errno == ECONNREFUSED) {
+ fprintf(stderr, "The audit system is disabled\n");
return 0;
}
Index: /trunk/src/auditd-event.c
===================================================================
--- /trunk/src/auditd-event.c (revision 258)
+++ /trunk/src/auditd-event.c (revision 265)
@@ -287,6 +287,7 @@
data->tail = NULL;
data->head = data->head->next;
- if (data->head == NULL && stop &&
- cur->reply.type == AUDIT_DAEMON_END)
+ if (data->head == NULL && stop &&
+ ( cur->reply.type == AUDIT_DAEMON_END ||
+ cur->reply.type == AUDIT_DAEMON_ABORT) )
stop_req = 1;
pthread_mutex_unlock(&data->queue_lock);
Index: /trunk/src/auditd.c
===================================================================
--- /trunk/src/auditd.c (revision 256)
+++ /trunk/src/auditd.c (revision 265)
@@ -616,5 +616,5 @@
return 1;
}
- if(getsubj(subj))
+ if (getsubj(subj))
snprintf(start, sizeof(start),
"auditd start, ver=%s format=%s "
@@ -684,5 +684,5 @@
send_audit_event(AUDIT_DAEMON_ABORT, emsg);
audit_msg(LOG_ERR,
- "Unable to set intitial audit startup state to '%s', exiting",
+ "Unable to set initial audit startup state to '%s', exiting",
startup_states[opt_startup]);
close_down();
Index: /trunk/src/autrace.c
===================================================================
--- /trunk/src/autrace.c (revision 1)
+++ /trunk/src/autrace.c (revision 265)
@@ -156,5 +156,10 @@
{
case -1:
- fprintf(stderr, "Error - can't get rule count.\n");
+ if (errno == ECONNREFUSED)
+ fprintf(stderr,
+ "The audit system is disabled\n");
+ else
+ fprintf(stderr,
+ "Error - can't get rule count.\n");
return 1;
case 0:
Index: audit.spec
===================================================================
RCS file: /cvs/pkgs/rpms/audit/F-10/audit.spec,v
retrieving revision 1.203
retrieving revision 1.204
diff -u -r1.203 -r1.204
--- audit.spec 24 Feb 2009 22:23:55 -0000 1.203
+++ audit.spec 15 Mar 2009 00:07:40 -0000 1.204
@@ -1,7 +1,7 @@
%define audit_version 1.7.12
-%define audit_release 1%{?dist}
+%define audit_release 2%{?dist}
%define sca_version 0.4.8
-%define sca_release 16
+%define sca_release 17
%{!?python_sitelib: %define python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")}
Summary: User space tools for 2.6 kernel auditing
@@ -12,6 +12,8 @@
Group: System Environment/Daemons
URL: http://people.redhat.com/sgrubb/audit/
Source0: http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
+Patch1: audit-1.8-noaudit.patch
+Patch2 : audit-1.7.12-libev.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: gettext-devel intltool libtool swig python-devel
BuildRequires: tcp_wrappers-devel
@@ -89,6 +91,8 @@
%prep
%setup -q
+%patch1 -p2
+%patch2 -p1
%build
%configure --sbindir=/sbin --libdir=/%{_lib} --with-prelude --with-libwrap --enable-gssapi-krb5=no
@@ -259,6 +263,9 @@
%config(noreplace) %{_sysconfdir}/security/console.apps/system-config-audit-server
%changelog
+* Sat Mar 14 2009 Steve Grubb <sgrubb at redhat.com> 1.7.12-2
+-Fix bz #490072 - audit fails to start if audit not compiled into kernel
+
* Tue Feb 24 2009 Steve Grubb <sgrubb at redhat.com> 1.7.12-1
- New upstream release
More information about the fedora-extras-commits
mailing list