rpms/audit/F-10 audit-1.7.12-libev.patch, NONE, 1.1 audit-1.8-noaudit.patch, NONE, 1.1 audit.spec, 1.203, 1.204

Steve Grubb sgrubb at fedoraproject.org
Sun Mar 15 00:08:11 UTC 2009 

Author: sgrubb

Update of /cvs/pkgs/rpms/audit/F-10
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv17651

Modified Files:
	audit.spec 
Added Files:
	audit-1.7.12-libev.patch audit-1.8-noaudit.patch 
Log Message:
* Sat Mar 14 2009 Steve Grubb <sgrubb at redhat.com> 1.7.12-2
-Fix bz #490072 - audit fails to start if audit not compiled into kernel


audit-1.7.12-libev.patch:

--- NEW FILE audit-1.7.12-libev.patch ---
diff -ur audit-1.7.12.orig/src/libev/Makefile.in audit-1.7.12/src/libev/Makefile.in
--- audit-1.7.12.orig/src/libev/Makefile.in	2009-03-14 19:54:52.000000000 -0400
+++ audit-1.7.12/src/libev/Makefile.in	2009-03-14 20:03:38.000000000 -0400
@@ -78,7 +78,7 @@
 AWK = @AWK@
 CC = @CC@
 CCDEPMODE = @CCDEPMODE@
-CFLAGS = @CFLAGS@
+CFLAGS = @CFLAGS@ -DNDEBUG
 CPP = @CPP@
 CPPFLAGS = @CPPFLAGS@
 CXX = @CXX@

audit-1.8-noaudit.patch:

--- NEW FILE audit-1.8-noaudit.patch ---
Index: /trunk/init.d/auditd.init
===================================================================
--- /trunk/init.d/auditd.init (revision 243)
+++ /trunk/init.d/auditd.init (revision 265)
@@ -72,7 +72,7 @@
 	if test $RETVAL = 0 ; then
 		touch /var/lock/subsys/auditd
+		# Load the default rules
+		test -f /etc/audit/audit.rules && /sbin/auditctl -R /etc/audit/audit.rules >/dev/null
 	fi
-	# Load the default rules
-	test -f /etc/audit/audit.rules && /sbin/auditctl -R /etc/audit/audit.rules >/dev/null
 	return $RETVAL
 }
@@ -85,9 +85,15 @@
 	rm -f /var/lock/subsys/auditd
 	# Remove watches so shutdown works cleanly
-	if test "`echo $AUDITD_CLEAN_STOP | tr 'NO' 'no'`" != "no" ; then
-		/sbin/auditctl -D >/dev/null
+	if test x"$AUDITD_CLEAN_STOP" != "x" ; then
+		if test "`echo $AUDITD_CLEAN_STOP | tr 'NO' 'no'`" != "no"
+		then
+			/sbin/auditctl -D >/dev/null
+		fi
 	fi
-	if test "`echo $AUDITD_STOP_DISABLE | tr 'NO' 'no'`" != "no" ; then
-		/sbin/auditctl -e 0 >/dev/null
+	if test x"$AUDITD_STOP_DISABLE" != "x" ; then
+		if test "`echo $AUDITD_STOP_DISABLE | tr 'NO' 'no'`" != "no"
+		then
+			/sbin/auditctl -e 0 >/dev/null
+		fi
 	fi
 	return $RETVAL
Index: /trunk/src/auditctl.c
===================================================================
--- /trunk/src/auditctl.c (revision 242)
+++ /trunk/src/auditctl.c (revision 265)
@@ -971,4 +971,6 @@
 	}
     }
+    if (retval == -1 && errno == ECONNREFUSED)
+		fprintf(stderr,	"The audit system is disabled\n");
     return retval;
 }
@@ -1086,4 +1088,10 @@
 					"There was an error in line %d of %s\n",
 					lineno, file);
+				else {
+					fprintf(stderr,
+					"The audit system is disabled\n");
+					fclose(f);
+					return 0;
+				}
 				if (!ignore) {
 					fclose(f);
@@ -1122,4 +1130,7 @@
 				"The audit system is in immutable "
 				"mode, no rules loaded\n");
+			return 0;
+		} else if (errno == ECONNREFUSED) {
+			fprintf(stderr, "The audit system is disabled\n");
 			return 0;
 		} else if (fileopt(argv[2]))
@@ -1141,4 +1152,7 @@
 				"The audit system is in immutable "
 				"mode, no rules loaded\n");
+			return 0;
+		} else if (errno == ECONNREFUSED) {
+			fprintf(stderr, "The audit system is disabled\n");
 			return 0;
 		}
Index: /trunk/src/auditd-event.c
===================================================================
--- /trunk/src/auditd-event.c (revision 258)
+++ /trunk/src/auditd-event.c (revision 265)
@@ -287,6 +287,7 @@
 			data->tail = NULL;
 		data->head = data->head->next;
-		if (data->head == NULL && stop &&
-					cur->reply.type == AUDIT_DAEMON_END)
+		if (data->head == NULL && stop && 
+				( cur->reply.type == AUDIT_DAEMON_END ||
+				cur->reply.type == AUDIT_DAEMON_ABORT) )
 			stop_req = 1;
 		pthread_mutex_unlock(&data->queue_lock);
Index: /trunk/src/auditd.c
===================================================================
--- /trunk/src/auditd.c (revision 256)
+++ /trunk/src/auditd.c (revision 265)
@@ -616,5 +616,5 @@
 			return 1;
 		}
-		if(getsubj(subj))
+		if (getsubj(subj))
 			snprintf(start, sizeof(start),
 				"auditd start, ver=%s format=%s "
@@ -684,5 +684,5 @@
 		send_audit_event(AUDIT_DAEMON_ABORT, emsg);
 		audit_msg(LOG_ERR,
-		"Unable to set intitial audit startup state to '%s', exiting",
+		"Unable to set initial audit startup state to '%s', exiting",
 			startup_states[opt_startup]);
 		close_down();
Index: /trunk/src/autrace.c
===================================================================
--- /trunk/src/autrace.c (revision 1)
+++ /trunk/src/autrace.c (revision 265)
@@ -156,5 +156,10 @@
 	{
 		case -1:
-			fprintf(stderr, "Error - can't get rule count.\n");
+			if (errno == ECONNREFUSED)
+		                fprintf(stderr,
+					"The audit system is disabled\n");
+			else
+				fprintf(stderr,
+					"Error - can't get rule count.\n");
 			return 1;
 		case 0:


Index: audit.spec
===================================================================
RCS file: /cvs/pkgs/rpms/audit/F-10/audit.spec,v
retrieving revision 1.203
retrieving revision 1.204
diff -u -r1.203 -r1.204
--- audit.spec	24 Feb 2009 22:23:55 -0000	1.203
+++ audit.spec	15 Mar 2009 00:07:40 -0000	1.204
@@ -1,7 +1,7 @@
 %define audit_version 1.7.12
-%define audit_release 1%{?dist}
+%define audit_release 2%{?dist}
 %define sca_version 0.4.8
-%define sca_release 16
+%define sca_release 17
 %{!?python_sitelib: %define python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")}
 
 Summary: User space tools for 2.6 kernel auditing
@@ -12,6 +12,8 @@
 Group: System Environment/Daemons
 URL: http://people.redhat.com/sgrubb/audit/
 Source0: http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
+Patch1: audit-1.8-noaudit.patch
+Patch2 : audit-1.7.12-libev.patch
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 BuildRequires: gettext-devel intltool libtool swig python-devel
 BuildRequires: tcp_wrappers-devel 
@@ -89,6 +91,8 @@
 
 %prep
 %setup -q
+%patch1 -p2
+%patch2 -p1
 
 %build
 %configure --sbindir=/sbin --libdir=/%{_lib} --with-prelude --with-libwrap --enable-gssapi-krb5=no
@@ -259,6 +263,9 @@
 %config(noreplace) %{_sysconfdir}/security/console.apps/system-config-audit-server
 
 %changelog
+* Sat Mar 14 2009 Steve Grubb <sgrubb at redhat.com> 1.7.12-2
+-Fix bz #490072 - audit fails to start if audit not compiled into kernel
+
 * Tue Feb 24 2009 Steve Grubb <sgrubb at redhat.com> 1.7.12-1
 - New upstream release

More information about the fedora-extras-commits mailing list