diff --git a/audit-3.0.1.tar.gz b/audit-3.0.1.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..4be9e3466ba463e3bccc3ba475c5620d1e5390e5 Binary files /dev/null and b/audit-3.0.1.tar.gz differ diff --git a/audit-3.0.tar.gz b/audit-3.0.tar.gz deleted file mode 100644 index 7598a6f353456d4178a320127841f394c9daf099..0000000000000000000000000000000000000000 Binary files a/audit-3.0.tar.gz and /dev/null differ diff --git a/audit.spec b/audit.spec index be99234ef52058d4981b780f82c34ae77b6bc78a..174cd1b05ea7d314c60212001b54692d828148dc 100644 --- a/audit.spec +++ b/audit.spec @@ -1,8 +1,8 @@ Summary: User space tools for kernel auditing Name: audit Epoch: 1 -Version: 3.0 -Release: 4 +Version: 3.0.1 +Release: 1 License: GPLv2+ and LGPLv2+ URL: https://people.redhat.com/sgrubb/audit/ Source0: https://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz @@ -16,23 +16,22 @@ Patch4: backport-Add-missing-call-to-free_interpretation_list.patch Patch5: backport-fix-2-more-issues-found-by-fuzzing.patch Patch6: backport-Fix-an-auparse-memory-leak-caused-in-recent-glibc.patch Patch7: backport-Fix-double-free-with-corrupted-logs.patch -Patch8: backport-Turn-libaucommon-into-a-libtool-convenience-library-.patch -Patch9: backport-Fix-the-closing-timing-of-audit_fd-166.patch -Patch10: backport-Fix-some-string-length-issues.patch -Patch11: backport-Move-the-free_config-to-success-path.patch -Patch12: backport-Check-for-fuzzer-induced-invalid-value.patch -Patch13: backport-error-out-if-log-is-mangled.patch -Patch14: backport-Dont-run-off-the-end-with-corrupt-logs.patch -Patch15: backport-Another-hardening-measure-for-corrupted-logs.patch -Patch16: backport-Fix-busy-loop-in-normalizer-when-logs-are-corrupt.patch -Patch17: backport-Better-fix-for-busy-loop-in-normalizer-when-logs-are.patch -Patch18: backport-flush-uid-gid-caches-when-user-group-added-deleted-m.patch -Patch19: backport-In-auditd-check-if-log_file-is-valid-before-closing-.patch -Patch20: backport-Check-ctime-return-code.patch -Patch21: backport-When-interpreting-if-val-is-NULL-return-an-empty-str.patch -Patch22: backport-auditd.service-Restart-on-failure-ignoring-some-exit.patch -Patch23: backport-0001-In-auditd-close-the-logging-file-descriptor-when-log.patch -Patch24: backport-0002-In-auditd-close-the-logging-file-descriptor-when-log.patch +Patch8: backport-Fix-the-closing-timing-of-audit_fd-166.patch +Patch9: backport-Fix-some-string-length-issues.patch +Patch10: backport-Move-the-free_config-to-success-path.patch +Patch11: backport-Check-for-fuzzer-induced-invalid-value.patch +Patch12: backport-error-out-if-log-is-mangled.patch +Patch13: backport-Dont-run-off-the-end-with-corrupt-logs.patch +Patch14: backport-Another-hardening-measure-for-corrupted-logs.patch +Patch15: backport-Fix-busy-loop-in-normalizer-when-logs-are-corrupt.patch +Patch16: backport-Better-fix-for-busy-loop-in-normalizer-when-logs-are.patch +Patch17: backport-flush-uid-gid-caches-when-user-group-added-deleted-m.patch +Patch18: backport-In-auditd-check-if-log_file-is-valid-before-closing-.patch +Patch19: backport-Check-ctime-return-code.patch +Patch20: backport-When-interpreting-if-val-is-NULL-return-an-empty-str.patch +Patch21: backport-auditd.service-Restart-on-failure-ignoring-some-exit.patch +Patch22: backport-0001-In-auditd-close-the-logging-file-descriptor-when-log.patch +Patch23: backport-0002-In-auditd-close-the-logging-file-descriptor-when-log.patch BuildRequires: gcc swig libtool systemd kernel-headers >= 2.6.29 BuildRequires: openldap-devel krb5-devel libcap-ng-devel @@ -144,7 +143,7 @@ cd $curdir rm -f $RPM_BUILD_ROOT/%{_lib}/libaudit.so rm -f $RPM_BUILD_ROOT/%{_lib}/libauparse.so -find $RPM_BUILD_ROOT/%{_libdir}/python?.?/site-packages -name '*.a' -delete +find $RPM_BUILD_ROOT/%{_libdir}/python%{python3_version}/site-packages -name '*.a' -delete mv $RPM_BUILD_ROOT/%{_lib}/pkgconfig $RPM_BUILD_ROOT%{_libdir} @@ -363,6 +362,9 @@ fi %attr(644,root,root) %{_mandir}/man8/*.8.gz %changelog +* Fri Dec 31 2021 yixiangzhike - 3.0.1-1 +- update to 3.0.1 + * Tue Nov 16 2021 yixiangzhike - 3.0-4 - backport some patches Turn libaucommon into a libtool convenience library diff --git a/backport-Turn-libaucommon-into-a-libtool-convenience-library-.patch b/backport-Turn-libaucommon-into-a-libtool-convenience-library-.patch deleted file mode 100644 index 0081b5d46415374d22941feb1464970a1a5aa636..0000000000000000000000000000000000000000 --- a/backport-Turn-libaucommon-into-a-libtool-convenience-library-.patch +++ /dev/null @@ -1,118 +0,0 @@ -From dcbc6c76b10651c1d1b27b95869ab82ee2153afe Mon Sep 17 00:00:00 2001 -From: Laurent Bigonville -Date: Tue, 5 Jan 2021 19:29:44 +0100 -Subject: [PATCH 1988/2246] Turn libaucommon into a libtool convenience library - (#147) - -This makes sure that the functions compiled into libaucommon -(audit_strsplit_r,...) end up in the libaudit/libauparse static library - -Fixes: #146 ---- - audisp/plugins/remote/Makefile.am | 2 +- - audisp/plugins/syslog/Makefile.am | 2 +- - auparse/Makefile.am | 4 ++-- - auparse/test/Makefile.am | 6 +++--- - common/Makefile.am | 6 +++--- - lib/Makefile.am | 4 ++-- - 6 files changed, 12 insertions(+), 12 deletions(-) - -diff --git a/audisp/plugins/remote/Makefile.am b/audisp/plugins/remote/Makefile.am -index 0066e25..bd3f301 100644 ---- a/audisp/plugins/remote/Makefile.am -+++ b/audisp/plugins/remote/Makefile.am -@@ -33,7 +33,7 @@ man_MANS = audisp-remote.8 audisp-remote.conf.5 - check_PROGRAMS = test-queue - TESTS = $(check_PROGRAMS) - --audisp_remote_DEPENDENCIES = ${top_builddir}/common/libaucommon.a -+audisp_remote_DEPENDENCIES = ${top_builddir}/common/libaucommon.la - audisp_remote_SOURCES = audisp-remote.c remote-config.c queue.c - audisp_remote_CFLAGS = -fPIE -DPIE -g -D_REENTRANT -D_GNU_SOURCE -Wundef - audisp_remote_LDFLAGS = -pie -Wl,-z,relro -Wl,-z,now -diff --git a/audisp/plugins/syslog/Makefile.am b/audisp/plugins/syslog/Makefile.am -index 55ca77b..353229e 100644 ---- a/audisp/plugins/syslog/Makefile.am -+++ b/audisp/plugins/syslog/Makefile.am -@@ -29,7 +29,7 @@ plugin_conf = syslog.conf - sbin_PROGRAMS = audisp-syslog - man_MANS = audisp-syslog.8 - --audisp_syslog_DEPENDENCIES = ${top_builddir}/common/libaucommon.a -+audisp_syslog_DEPENDENCIES = ${top_builddir}/common/libaucommon.la - audisp_syslog_SOURCES = audisp-syslog.c - audisp_syslog_CFLAGS = -fPIE -DPIE -g -D_GNU_SOURCE -Wundef - audisp_syslog_LDFLAGS = -pie -Wl,-z,relro -Wl,-z,now -diff --git a/auparse/Makefile.am b/auparse/Makefile.am -index b853003..d180c34 100644 ---- a/auparse/Makefile.am -+++ b/auparse/Makefile.am -@@ -45,8 +45,8 @@ libauparse_la_SOURCES = lru.c interpret.c nvlist.c ellist.c \ - normalize_record_map.h normalize_syscall_map.h - nodist_libauparse_la_SOURCES = $(BUILT_SOURCES) - --libauparse_la_LIBADD = ${top_builddir}/lib/libaudit.la ${top_builddir}/common/libaucommon.a --libauparse_la_DEPENDENCIES = $(libauparse_la_SOURCES) ${top_builddir}/config.h ${top_builddir}/common/libaucommon.a -+libauparse_la_LIBADD = ${top_builddir}/lib/libaudit.la ${top_builddir}/common/libaucommon.la -+libauparse_la_DEPENDENCIES = $(libauparse_la_SOURCES) ${top_builddir}/config.h ${top_builddir}/common/libaucommon.la - libauparse_la_LDFLAGS = -Wl,-z,relro - - message.c: -diff --git a/auparse/test/Makefile.am b/auparse/test/Makefile.am -index 89ffcc4..11d10b0 100644 ---- a/auparse/test/Makefile.am -+++ b/auparse/test/Makefile.am -@@ -29,17 +29,17 @@ AM_CPPFLAGS = -I${top_srcdir}/auparse -I${top_srcdir}/lib - - lookup_test_SOURCES = lookup_test.c - lookup_test_LDADD = ${top_builddir}/auparse/libauparse.la \ -- ${top_builddir}/lib/libaudit.la ${top_builddir}/common/libaucommon.a -+ ${top_builddir}/lib/libaudit.la ${top_builddir}/common/libaucommon.la - - auparse_test_SOURCES = auparse_test.c - auparse_test_LDFLAGS = -static - auparse_test_LDADD = ${top_builddir}/auparse/libauparse.la \ -- ${top_builddir}/lib/libaudit.la ${top_builddir}/common/libaucommon.a -+ ${top_builddir}/lib/libaudit.la ${top_builddir}/common/libaucommon.la - - auparselol_test_SOURCES = auparselol_test.c - auparselol_test_LDFLAGS = -static - auparselol_test_LDADD = ${top_builddir}/auparse/libauparse.la \ -- ${top_builddir}/lib/libaudit.la ${top_builddir}/common/libaucommon.a -+ ${top_builddir}/lib/libaudit.la ${top_builddir}/common/libaucommon.la - - drop_srcdir = sed 's,$(srcdir)/test,test,' - -diff --git a/common/Makefile.am b/common/Makefile.am -index 9e00cbc..8b9aacb 100644 ---- a/common/Makefile.am -+++ b/common/Makefile.am -@@ -24,7 +24,7 @@ CONFIG_CLEAN_FILES = *.rej *.orig - AM_CPPFLAGS = -D_GNU_SOURCE -fPIC -DPIC -I${top_srcdir} -I${top_srcdir}/lib - - noinst_HEADERS = common.h --libaucommon_a_DEPENDENCIES = ../config.h --libaucommon_a_SOURCES = audit-fgets.c strsplit.c --noinst_LIBRARIES = libaucommon.a -+libaucommon_la_DEPENDENCIES = ../config.h -+libaucommon_la_SOURCES = audit-fgets.c strsplit.c -+noinst_LTLIBRARIES = libaucommon.la - -diff --git a/lib/Makefile.am b/lib/Makefile.am -index 107c444..12e5861 100644 ---- a/lib/Makefile.am -+++ b/lib/Makefile.am -@@ -38,8 +38,8 @@ include_HEADERS = libaudit.h - libaudit_la_SOURCES = libaudit.c message.c netlink.c \ - lookup_table.c audit_logging.c deprecated.c \ - dso.h private.h errormsg.h --libaudit_la_LIBADD = $(CAPNG_LDADD) ${top_builddir}/common/libaucommon.a --libaudit_la_DEPENDENCIES = $(libaudit_la_SOURCES) ../config.h ${top_builddir}/common/libaucommon.a -+libaudit_la_LIBADD = $(CAPNG_LDADD) ${top_builddir}/common/libaucommon.la -+libaudit_la_DEPENDENCIES = $(libaudit_la_SOURCES) ../config.h ${top_builddir}/common/libaucommon.la - libaudit_la_LDFLAGS = -Wl,-z,relro -version-info $(VERSION_INFO) - nodist_libaudit_la_SOURCES = $(BUILT_SOURCES) - --- -1.8.3.1 - diff --git a/backport-flush-uid-gid-caches-when-user-group-added-deleted-m.patch b/backport-flush-uid-gid-caches-when-user-group-added-deleted-m.patch index 74ab9aea4a732d622b7011b6099cf09882a512fa..6836ea076389084a25b151d56977dca7a763c4bd 100644 --- a/backport-flush-uid-gid-caches-when-user-group-added-deleted-m.patch +++ b/backport-flush-uid-gid-caches-when-user-group-added-deleted-m.patch @@ -85,8 +85,8 @@ index cb29fee..3655726 100644 - int rc; + int rc, rtype; size_t mlen, len; - auparse_state_t *au; char *message; + // Do raw format to get event started @@ -427,6 +428,17 @@ static const char *format_enrich(const struct audit_reply *rep) // Loop over all fields while possible to add field @@ -120,9 +120,9 @@ index cb29fee..3655726 100644 + default: + break; + } - auparse_destroy_ext(au, AUPARSE_DESTROY_COMMON); free(message); } + return format_buf; -- 1.8.3.1 diff --git a/bugfix-audit-userspace-missing-syscalls-for-aarm64.patch b/bugfix-audit-userspace-missing-syscalls-for-aarm64.patch index 38f3aff6915dd2be385500f9f151d73171d6397e..23483cce6f04002d95df0a2e9af9e54efb107856 100644 --- a/bugfix-audit-userspace-missing-syscalls-for-aarm64.patch +++ b/bugfix-audit-userspace-missing-syscalls-for-aarm64.patch @@ -15,10 +15,10 @@ diff --git a/lib/aarch64_table.h b/lib/aarch64_table.h index c61aa91..ea634c1 100644 --- a/lib/aarch64_table.h +++ b/lib/aarch64_table.h -@@ -311,4 +311,47 @@ _S(432, "fsmount") - _S(433, "fspick") - _S(434, "pidfd_open") - _S(435, "clone3") +@@ -311,3 +311,46 @@ _S(438, "pidfd_getfd") + _S(439, "faccessat2") + _S(440, "process_madvise") + _S(441, "epoll_pwait2") +_S(1024, "open") +_S(1025, "link") +_S(1026, "unlink") @@ -62,7 +62,6 @@ index c61aa91..ea634c1 100644 +_S(1077, "uselib") +_S(1078, "sysctl") +_S(1079, "fork") - -- 1.8.5.6