From c6c6d66f498ed80763465f670f7eb4f8181f66b0 Mon Sep 17 00:00:00 2001 From: jinlun Date: Wed, 20 Dec 2023 14:41:32 +0800 Subject: [PATCH] backport patches from upstream (cherry picked from commit 1c361ee0db1cff1321f225c328844179f858e8df) --- audit.spec | 8 +++- ...t-if-required-zos-parameters-missing.patch | 37 ++++++++++++++++++ backport-Fix-deprecated-python-function.patch | 28 ++++++++++++++ ...ervice-functions-in-terms-of-systemc.patch | 38 +++++++++++++++++++ 4 files changed, 110 insertions(+), 1 deletion(-) create mode 100644 backport-Error-out-if-required-zos-parameters-missing.patch create mode 100644 backport-Fix-deprecated-python-function.patch create mode 100644 backport-Rewrite-legacy-service-functions-in-terms-of-systemc.patch diff --git a/audit.spec b/audit.spec index 0edeb5e..7e0ce7e 100644 --- a/audit.spec +++ b/audit.spec @@ -2,7 +2,7 @@ Summary: User space tools for kernel auditing Name: audit Epoch: 1 Version: 3.0.1 -Release: 11 +Release: 12 License: GPLv2+ and LGPLv2+ URL: https://people.redhat.com/sgrubb/audit/ Source0: https://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz @@ -48,6 +48,9 @@ Patch36: backport-Teardown-SIGCONT-watcher-on-exit.patch Patch37: backport-Correct-path-of-config-file.patch Patch38: backport-Fix-the-error-found-by-clang-tidy-313.patch Patch39: backport-Fix-segfault-in-python-bindings-around-the-feed-API.patch +Patch40: backport-Rewrite-legacy-service-functions-in-terms-of-systemc.patch +Patch41: backport-Error-out-if-required-zos-parameters-missing.patch +Patch42: backport-Fix-deprecated-python-function.patch BuildRequires: gcc swig libtool systemd kernel-headers >= 2.6.29 BuildRequires: openldap-devel krb5-devel libcap-ng-devel @@ -383,6 +386,9 @@ fi %attr(644,root,root) %{_mandir}/man8/*.8.gz %changelog +* Wed Dec 20 2023 jinlun - 1:3.0.1-12 +- backport patches from upstream + * Thu Sep 14 2023 xuraoqing - 1:3.0.1-11 - backport patches from upstream diff --git a/backport-Error-out-if-required-zos-parameters-missing.patch b/backport-Error-out-if-required-zos-parameters-missing.patch new file mode 100644 index 0000000..45009d8 --- /dev/null +++ b/backport-Error-out-if-required-zos-parameters-missing.patch @@ -0,0 +1,37 @@ +From bbe96f9798451129ae2555f92e2f698f842f7833 Mon Sep 17 00:00:00 2001 +From: Steve Grubb +Date: Tue, 10 Oct 2023 08:22:49 -0400 +Subject: [PATCH] Error out if required zos parameters missing + +--- + audisp/plugins/zos-remote/zos-remote-ldap.c | 8 ++++++-- + 1 file changed, 6 insertions(+), 2 deletions(-) + +diff --git a/audisp/plugins/zos-remote/zos-remote-ldap.c b/audisp/plugins/zos-remote/zos-remote-ldap.c +index 7dd1424f..7e27eda4 100644 +--- a/audisp/plugins/zos-remote/zos-remote-ldap.c ++++ b/audisp/plugins/zos-remote/zos-remote-ldap.c +@@ -134,14 +134,18 @@ retry: + + int zos_remote_init(ZOS_REMOTE *zos_remote, const char *server, int port, + const char *user, const char *password, int timeout) +-{ ++{ ++ if (server == NULL || user == NULL || password == NULL) { ++ log_err("Error: required parameters are not present in config file"); ++ return ICTX_E_FATAL; ++ } + zos_remote->server = strdup(server); + zos_remote->port = port; + zos_remote->user = strdup(user); + zos_remote->password = strdup(password); + zos_remote->timeout = timeout; + zos_remote->connected = 0; +- ++ + if (!zos_remote->server || !zos_remote->user || !zos_remote->password) { + log_err("Error allocating memory for session members"); + return ICTX_E_FATAL; +-- +2.27.0 + diff --git a/backport-Fix-deprecated-python-function.patch b/backport-Fix-deprecated-python-function.patch new file mode 100644 index 0000000..7ccb5df --- /dev/null +++ b/backport-Fix-deprecated-python-function.patch @@ -0,0 +1,28 @@ +From c344a8a370afed66e78db88c2d129f6672dae1e6 Mon Sep 17 00:00:00 2001 +From: Steve Grubb +Date: Tue, 24 Oct 2023 11:51:04 -0400 +Subject: [PATCH] Fix deprecated python function + +--- + bindings/python/auparse_python.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/bindings/python/auparse_python.c b/bindings/python/auparse_python.c +index 78ef832c..1371ed54 100644 +--- a/bindings/python/auparse_python.c ++++ b/bindings/python/auparse_python.c +@@ -290,7 +290,11 @@ static void auparse_callback(auparse_state_t *au, + if (debug) printf("<< auparse_callback\n"); + arglist = Py_BuildValue("OiO", cb->py_AuParser, cb_event_type, + cb->user_data); ++#if PY_MINOR_VERSION >= 13 ++ result = PyObject_CallObject(cb->func, arglist); ++#else + result = PyEval_CallObject(cb->func, arglist); ++#endif + Py_DECREF(arglist); + Py_XDECREF(result); + } +-- +2.27.0 + diff --git a/backport-Rewrite-legacy-service-functions-in-terms-of-systemc.patch b/backport-Rewrite-legacy-service-functions-in-terms-of-systemc.patch new file mode 100644 index 0000000..ad3d809 --- /dev/null +++ b/backport-Rewrite-legacy-service-functions-in-terms-of-systemc.patch @@ -0,0 +1,38 @@ +From 38572e7eead76015b388723038f03e2ef0b1e3c1 Mon Sep 17 00:00:00 2001 +From: Steve Grubb +Date: Fri, 25 Aug 2023 10:41:20 -0400 +Subject: [PATCH] Rewrite legacy service functions in terms of systemctl + +--- + ChangeLog | 1 + + init.d/Makefile.am | 3 +-- + init.d/audit-functions | 52 --------------------------------------- + init.d/auditd.condrestart | 7 +++--- + init.d/auditd.reload | 6 +---- + init.d/auditd.resume | 6 +---- + init.d/auditd.rotate | 6 +---- + init.d/auditd.state | 4 +-- + init.d/auditd.stop | 3 +-- + 9 files changed, 11 insertions(+), 77 deletions(-) + delete mode 100644 init.d/audit-functions + +--- + init.d/auditd.condrestart | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/init.d/auditd.condrestart b/init.d/auditd.condrestart +index d86e5e4..da5b359 100644 +--- a/init.d/auditd.condrestart ++++ b/init.d/auditd.condrestart +@@ -2,7 +2,7 @@ + # Helper script to provide legacy auditd service options not + # directly supported by systemd. + +-state=`service auditd status | awk '/^ Active/ { print $2 }'` ++state=$(systemctl status auditd | awk '/Active:/ { print $2 }') + if [ $state = "active" ] ; then + /usr/libexec/initscripts/legacy-actions/auditd/restart + RETVAL="$?" +-- +2.33.0 + -- Gitee