backport patches from upstream
Signed-off-by: xuraoqing <609179072@qq.com> (cherry picked from commit 5255e7ae0b8c4c8c9dd47a4134203a9655fcefbc)
This commit is contained in:
xuraoqing
openeuler-sync-bot
parent
a8d6cc56b9
commit
a27655bb8f
@ -2,7 +2,7 @@ Summary: User space tools for kernel auditing
|
||||
Name: audit
|
||||
Epoch: 1
|
||||
Version: 3.0.1
|
||||
Release: 9
|
||||
Release: 10
|
||||
License: GPLv2+ and LGPLv2+
|
||||
URL: https://people.redhat.com/sgrubb/audit/
|
||||
Source0: https://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
|
||||
@ -43,6 +43,9 @@ Patch31: backport-asprintf-can-return-a-negative-number.patch
|
||||
Patch32: backport-Cleanup-gssapi-code.patch
|
||||
Patch33: backport-Fix-another-krb5-memory-leak.patch
|
||||
Patch34: backport-Try-to-interpret-OPENAT2-fields-correctly.patch
|
||||
Patch35: backport-Add-a-buffer-limit-just-in-case.patch
|
||||
Patch36: backport-Teardown-SIGCONT-watcher-on-exit.patch
|
||||
Patch37: backport-Correct-path-of-config-file.patch
|
||||
|
||||
BuildRequires: gcc swig libtool systemd kernel-headers >= 2.6.29
|
||||
BuildRequires: openldap-devel krb5-devel libcap-ng-devel
|
||||
@ -378,6 +381,9 @@ fi
|
||||
%attr(644,root,root) %{_mandir}/man8/*.8.gz
|
||||
|
||||
%changelog
|
||||
* Thu Jun 8 2023 xuraoqing <xuraoqing@huawei.com> - 1:3.0.1-10
|
||||
- backport patches from upstream
|
||||
|
||||
* Thu Mar 23 2023 dongyuzhen <dongyuzhen@h-partners.com> - 1:3.0.1-9
|
||||
- backport patches from upstream
|
||||
|
||||
|
||||
33
backport-Add-a-buffer-limit-just-in-case.patch
Normal file
33
backport-Add-a-buffer-limit-just-in-case.patch
Normal file
@ -0,0 +1,33 @@
|
||||
From 1ab94d6873b33b1a3f343e58a0af9a0f03481ef0 Mon Sep 17 00:00:00 2001
|
||||
From: Steve Grubb <sgrubb@redhat.com>
|
||||
Date: Mon, 3 Apr 2023 17:31:39 -0400
|
||||
Subject: [PATCH] Add a buffer limit just in case
|
||||
|
||||
Reference:https://github.com/linux-audit/audit-userspace/commit/1ab94d6873b33b1a3f343e58a0af9a0f03481ef0
|
||||
Conflict:NA
|
||||
|
||||
---
|
||||
audisp/plugins/syslog/audisp-syslog.c | 5 +++--
|
||||
1 file changed, 3 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/audisp/plugins/syslog/audisp-syslog.c b/audisp/plugins/syslog/audisp-syslog.c
|
||||
index da76b84..332aa12 100644
|
||||
--- a/audisp/plugins/syslog/audisp-syslog.c
|
||||
+++ b/audisp/plugins/syslog/audisp-syslog.c
|
||||
@@ -156,10 +156,11 @@ static inline void write_syslog(char *s)
|
||||
|
||||
// Now iterate over the fields and print each one
|
||||
mptr = record;
|
||||
- while (rc > 0) {
|
||||
+ while (rc > 0 &&
|
||||
+ ((mptr-record) < (MAX_AUDIT_MESSAGE_LENGTH-128))) {
|
||||
int ftype = auparse_get_field_type(au);
|
||||
const char *fname = auparse_get_field_name(au);
|
||||
- const char *fval;
|
||||
+ const char *fval;
|
||||
switch (ftype) {
|
||||
case AUPARSE_TYPE_ESCAPED_FILE:
|
||||
fval = auparse_interpret_realpath(au);
|
||||
--
|
||||
2.33.0
|
||||
|
||||
28
backport-Correct-path-of-config-file.patch
Normal file
28
backport-Correct-path-of-config-file.patch
Normal file
@ -0,0 +1,28 @@
|
||||
From aa4293ccf874af40b8071c0af1898ded5c57b537 Mon Sep 17 00:00:00 2001
|
||||
From: Steve Grubb <sgrubb@redhat.com>
|
||||
Date: Wed, 12 Apr 2023 15:13:51 -0400
|
||||
Subject: [PATCH] Correct path of config file
|
||||
|
||||
Reference:https://github.com/linux-audit/audit-userspace/commit/aa4293ccf874af40b8071c0af1898ded5c57b537
|
||||
Conflict:audisp/plugins/syslog/audisp-syslog.8
|
||||
|
||||
---
|
||||
audisp/plugins/syslog/audisp-syslog.8 | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/audisp/plugins/syslog/audisp-syslog.8 b/audisp/plugins/syslog/audisp-syslog.8
|
||||
index f6a0fe3..30c8a43 100644
|
||||
--- a/audisp/plugins/syslog/audisp-syslog.8
|
||||
+++ b/audisp/plugins/syslog/audisp-syslog.8
|
||||
@@ -14,7 +14,7 @@ to the args line. This will cause all events to be interpreted. The drawback to
|
||||
If you are aggregating multiple machines, you should edit auditd.conf to set the name_format to something meaningful and the log_format to enriched. This way you can tell where the event came from and have the user name and groups resolved locally before it is sent off of the machine.
|
||||
|
||||
.SH FILES
|
||||
-/etc/audit/syslog.conf
|
||||
+/etc/audit/plugins/syslog.conf
|
||||
/etc/audit/auditd.conf
|
||||
.SH "SEE ALSO"
|
||||
.BR auditd.conf(8),
|
||||
--
|
||||
2.33.0
|
||||
|
||||
27
backport-Teardown-SIGCONT-watcher-on-exit.patch
Normal file
27
backport-Teardown-SIGCONT-watcher-on-exit.patch
Normal file
@ -0,0 +1,27 @@
|
||||
From 5bc0a68fcc6307a5fad1b5c6ec6862f528c52f0d Mon Sep 17 00:00:00 2001
|
||||
From: Steve Grubb <sgrubb@redhat.com>
|
||||
Date: Tue, 11 Apr 2023 13:30:20 -0400
|
||||
Subject: [PATCH] Teardown SIGCONT watcher on exit
|
||||
|
||||
Reference:https://github.com/linux-audit/audit-userspace/commit/5bc0a68fcc6307a5fad1b5c6ec6862f528c52f0d
|
||||
Conflict:NA
|
||||
|
||||
---
|
||||
src/auditd.c | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/src/auditd.c b/src/auditd.c
|
||||
index 5933703..99d661f 100644
|
||||
--- a/src/auditd.c
|
||||
+++ b/src/auditd.c
|
||||
@@ -989,6 +989,7 @@ int main(int argc, char *argv[])
|
||||
ev_signal_stop (loop, &sigusr1_watcher);
|
||||
ev_signal_stop (loop, &sigusr2_watcher);
|
||||
ev_signal_stop (loop, &sigterm_watcher);
|
||||
+ ev_signal_stop (loop, &sigcont_watcher);
|
||||
|
||||
/* Write message to log that we are going down */
|
||||
rc = audit_request_signal_info(fd);
|
||||
--
|
||||
2.33.0
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user