diff --git a/packages/a/audit/abi_symbols b/packages/a/audit/abi_symbols
index 5d76ed37bb7..2fe20d46333 100644
--- a/packages/a/audit/abi_symbols
+++ b/packages/a/audit/abi_symbols
@@ -165,6 +165,7 @@ libauparse.so.0:ausearch_add_regex
libauparse.so.0:ausearch_add_timestamp_item
libauparse.so.0:ausearch_add_timestamp_item_ex
libauparse.so.0:ausearch_clear
+libauparse.so.0:ausearch_cur_event
libauparse.so.0:ausearch_next_event
libauparse.so.0:ausearch_set_stop
libauparse.so.0:find_config_change_object
diff --git a/packages/a/audit/abi_used_symbols b/packages/a/audit/abi_used_symbols
index 2d700e102e3..648ef20ac67 100644
--- a/packages/a/audit/abi_used_symbols
+++ b/packages/a/audit/abi_used_symbols
@@ -50,7 +50,6 @@ libc.so.6:closedir
libc.so.6:closelog
libc.so.6:connect
libc.so.6:ctime
-libc.so.6:ctime_r
libc.so.6:dirname
libc.so.6:dup2
libc.so.6:endprotoent
@@ -61,7 +60,6 @@ libc.so.6:epoll_ctl
libc.so.6:epoll_wait
libc.so.6:eventfd
libc.so.6:execve
-libc.so.6:execvp
libc.so.6:exit
libc.so.6:faccessat
libc.so.6:fchmod
@@ -93,6 +91,7 @@ libc.so.6:geteuid
libc.so.6:getgid
libc.so.6:getgrgid
libc.so.6:getgrnam
+libc.so.6:getgrnam_r
libc.so.6:gethostname
libc.so.6:getnameinfo
libc.so.6:getopt_long
@@ -101,6 +100,7 @@ libc.so.6:getpriority
libc.so.6:getprotobynumber
libc.so.6:getpwent
libc.so.6:getpwnam
+libc.so.6:getpwnam_r
libc.so.6:getpwuid
libc.so.6:gettimeofday
libc.so.6:getuid
@@ -218,6 +218,8 @@ libc.so.6:strstr
libc.so.6:strtof
libc.so.6:strtok_r
libc.so.6:strtol
+libc.so.6:syscall
+libc.so.6:sysconf
libc.so.6:time
libc.so.6:timerfd_create
libc.so.6:timerfd_settime
diff --git a/packages/a/audit/monitoring.yml b/packages/a/audit/monitoring.yml
new file mode 100644
index 00000000000..7469b578243
--- /dev/null
+++ b/packages/a/audit/monitoring.yml
@@ -0,0 +1,7 @@
+releases:
+ id: 15225
+ rss: https://github.com/linux-audit/audit-userspace/releases.atom
+security:
+ cpe:
+ - vendor: linux_audit_project
+ product: linux_audit
diff --git a/packages/a/audit/package.yml b/packages/a/audit/package.yml
index 103ce6caeca..3ecf3b85043 100644
--- a/packages/a/audit/package.yml
+++ b/packages/a/audit/package.yml
@@ -1,8 +1,8 @@
name : audit
-version : 3.1.3
-release : 14
+version : 4.0.1
+release : 15
source :
- - https://github.com/linux-audit/audit-userspace/archive/refs/tags/v3.1.3.tar.gz : 02e2cdf0d1098b30f0bce2dba9c9820d6cfdc378522c1aa653c7c501a9258857
+ - https://github.com/linux-audit/audit-userspace/archive/refs/tags/v4.0.1.tar.gz : f964610dc0c1e68075d5ae4b14d6280d1164b6eca3a4a13721d1a711681403d9
homepage : https://people.redhat.com/sgrubb/audit/
license :
- GPL-2.0-or-later
@@ -15,12 +15,34 @@ setup : |
%reconfigure --with-apparmor=yes \
--disable-zos-remote \
--with-python3=no \
- --with-python=no \
--disable-static \
- --sbindir=/sbin \
- --enable-systemd=yes
+ --sbindir=/usr/sbin
build : |
%make
install : |
%make_install
install -D -m 00644 $pkgfiles/audit.tmpfiles $installdir/%libdir%/tmpfiles.d/audit.conf
+
+ # Stateless
+ rm -v $installdir/etc/audit/audisp-filter.conf \
+ $installdir/etc/audit/audisp-remote.conf \
+ $installdir/etc/audit/audit-stop.rules \
+ $installdir/etc/audit/auditd.conf \
+ $installdir/etc/audit/plugins.d/af_unix.conf \
+ $installdir/etc/audit/plugins.d/au-remote.conf \
+ $installdir/etc/audit/plugins.d/filter.conf \
+ $installdir/etc/audit/plugins.d/syslog.conf \
+ $installdir/etc/libaudit.conf
+ rmdir $installdir/etc/audit/plugins.d \
+ $installdir/etc/audit \
+ $installdir/etc
+
+ # Install compat links for usr-merge
+ for TOP in {bin,sbin}; do
+ install -D -d -m 00755 $installdir/$TOP
+ pushd $installdir/usr/$TOP
+ for FILE in *; do
+ ln -sv ../usr/$TOP/$FILE $installdir/$TOP/$FILE
+ done
+ popd
+ done
diff --git a/packages/a/audit/pspec_x86_64.xml b/packages/a/audit/pspec_x86_64.xml
index 3696657765c..081b9bca835 100644
--- a/packages/a/audit/pspec_x86_64.xml
+++ b/packages/a/audit/pspec_x86_64.xml
@@ -21,14 +21,11 @@
system.base
- /etc/audit/audisp-remote.conf
- /etc/audit/audit-stop.rules
- /etc/audit/auditd.conf
- /etc/audit/plugins.d/af_unix.conf
- /etc/audit/plugins.d/au-remote.conf
- /etc/audit/plugins.d/syslog.conf
- /etc/libaudit.conf
+ /bin/aulast
+ /bin/aulastlog
+ /bin/ausyscall
/sbin/audisp-af_unix
+ /sbin/audisp-filter
/sbin/audisp-remote
/sbin/audisp-syslog
/sbin/auditctl
@@ -36,11 +33,10 @@
/sbin/augenrules
/sbin/aureport
/sbin/ausearch
- /sbin/autrace
/usr/bin/aulast
/usr/bin/aulastlog
/usr/bin/ausyscall
- /usr/bin/auvirt
+ /usr/lib/systemd/system/audit-rules.service
/usr/lib/systemd/system/auditd.service
/usr/lib64/audit/initscripts/legacy-actions/auditd/condrestart
/usr/lib64/audit/initscripts/legacy-actions/auditd/reload
@@ -54,42 +50,50 @@
/usr/lib64/libauparse.so.0
/usr/lib64/libauparse.so.0.0.0
/usr/lib64/tmpfiles.d/audit.conf
- /usr/share/audit/sample-rules/10-base-config.rules
- /usr/share/audit/sample-rules/10-no-audit.rules
- /usr/share/audit/sample-rules/11-loginuid.rules
- /usr/share/audit/sample-rules/12-cont-fail.rules
- /usr/share/audit/sample-rules/12-ignore-error.rules
- /usr/share/audit/sample-rules/20-dont-audit.rules
- /usr/share/audit/sample-rules/21-no32bit.rules
- /usr/share/audit/sample-rules/22-ignore-chrony.rules
- /usr/share/audit/sample-rules/23-ignore-filesystems.rules
- /usr/share/audit/sample-rules/30-nispom.rules
- /usr/share/audit/sample-rules/30-ospp-v42-1-create-failed.rules
- /usr/share/audit/sample-rules/30-ospp-v42-1-create-success.rules
- /usr/share/audit/sample-rules/30-ospp-v42-2-modify-failed.rules
- /usr/share/audit/sample-rules/30-ospp-v42-2-modify-success.rules
- /usr/share/audit/sample-rules/30-ospp-v42-3-access-failed.rules
- /usr/share/audit/sample-rules/30-ospp-v42-3-access-success.rules
- /usr/share/audit/sample-rules/30-ospp-v42-4-delete-failed.rules
- /usr/share/audit/sample-rules/30-ospp-v42-4-delete-success.rules
- /usr/share/audit/sample-rules/30-ospp-v42-5-perm-change-failed.rules
- /usr/share/audit/sample-rules/30-ospp-v42-5-perm-change-success.rules
- /usr/share/audit/sample-rules/30-ospp-v42-6-owner-change-failed.rules
- /usr/share/audit/sample-rules/30-ospp-v42-6-owner-change-success.rules
- /usr/share/audit/sample-rules/30-ospp-v42.rules
- /usr/share/audit/sample-rules/30-pci-dss-v31.rules
- /usr/share/audit/sample-rules/30-stig.rules
- /usr/share/audit/sample-rules/31-privileged.rules
- /usr/share/audit/sample-rules/32-power-abuse.rules
- /usr/share/audit/sample-rules/40-local.rules
- /usr/share/audit/sample-rules/41-containers.rules
- /usr/share/audit/sample-rules/42-injection.rules
- /usr/share/audit/sample-rules/43-module-load.rules
- /usr/share/audit/sample-rules/44-installers.rules
- /usr/share/audit/sample-rules/70-einval.rules
- /usr/share/audit/sample-rules/71-networking.rules
- /usr/share/audit/sample-rules/99-finalize.rules
- /usr/share/audit/sample-rules/README-rules
+ /usr/sbin/audisp-af_unix
+ /usr/sbin/audisp-filter
+ /usr/sbin/audisp-remote
+ /usr/sbin/audisp-syslog
+ /usr/sbin/auditctl
+ /usr/sbin/auditd
+ /usr/sbin/augenrules
+ /usr/sbin/aureport
+ /usr/sbin/ausearch
+ /usr/share/audit-rules/10-base-config.rules
+ /usr/share/audit-rules/10-no-audit.rules
+ /usr/share/audit-rules/11-loginuid.rules
+ /usr/share/audit-rules/12-cont-fail.rules
+ /usr/share/audit-rules/12-ignore-error.rules
+ /usr/share/audit-rules/20-dont-audit.rules
+ /usr/share/audit-rules/21-no32bit.rules
+ /usr/share/audit-rules/22-ignore-chrony.rules
+ /usr/share/audit-rules/23-ignore-filesystems.rules
+ /usr/share/audit-rules/30-ospp-v42-1-create-failed.rules
+ /usr/share/audit-rules/30-ospp-v42-1-create-success.rules
+ /usr/share/audit-rules/30-ospp-v42-2-modify-failed.rules
+ /usr/share/audit-rules/30-ospp-v42-2-modify-success.rules
+ /usr/share/audit-rules/30-ospp-v42-3-access-failed.rules
+ /usr/share/audit-rules/30-ospp-v42-3-access-success.rules
+ /usr/share/audit-rules/30-ospp-v42-4-delete-failed.rules
+ /usr/share/audit-rules/30-ospp-v42-4-delete-success.rules
+ /usr/share/audit-rules/30-ospp-v42-5-perm-change-failed.rules
+ /usr/share/audit-rules/30-ospp-v42-5-perm-change-success.rules
+ /usr/share/audit-rules/30-ospp-v42-6-owner-change-failed.rules
+ /usr/share/audit-rules/30-ospp-v42-6-owner-change-success.rules
+ /usr/share/audit-rules/30-ospp-v42.rules
+ /usr/share/audit-rules/30-pci-dss-v31.rules
+ /usr/share/audit-rules/30-stig.rules
+ /usr/share/audit-rules/31-privileged.rules
+ /usr/share/audit-rules/32-power-abuse.rules
+ /usr/share/audit-rules/40-local.rules
+ /usr/share/audit-rules/41-containers.rules
+ /usr/share/audit-rules/42-injection.rules
+ /usr/share/audit-rules/43-module-load.rules
+ /usr/share/audit-rules/44-installers.rules
+ /usr/share/audit-rules/70-einval.rules
+ /usr/share/audit-rules/71-networking.rules
+ /usr/share/audit-rules/99-finalize.rules
+ /usr/share/audit-rules/README-rules
/usr/share/man/man5/audisp-remote.conf.5
/usr/share/man/man5/auditd-plugins.5
/usr/share/man/man5/auditd.conf.5
@@ -98,6 +102,7 @@
/usr/share/man/man5/zos-remote.conf.5
/usr/share/man/man7/audit.rules.7
/usr/share/man/man8/audisp-af_unix.8
+ /usr/share/man/man8/audisp-filter.8
/usr/share/man/man8/audisp-remote.8
/usr/share/man/man8/audisp-syslog.8
/usr/share/man/man8/audispd-zos-remote.8
@@ -109,8 +114,6 @@
/usr/share/man/man8/aureport.8
/usr/share/man/man8/ausearch.8
/usr/share/man/man8/ausyscall.8
- /usr/share/man/man8/autrace.8
- /usr/share/man/man8/auvirt.8
@@ -120,9 +123,11 @@
programming.devel
- audit
+ audit
+ /usr/include/audit-records.h
+ /usr/include/audit_logging.h
/usr/include/auparse-defs.h
/usr/include/auparse.h
/usr/include/libaudit.h
@@ -220,6 +225,7 @@
/usr/share/man/man3/ausearch_add_timestamp_item.3
/usr/share/man/man3/ausearch_add_timestamp_item_ex.3
/usr/share/man/man3/ausearch_clear.3
+ /usr/share/man/man3/ausearch_cur_event.3
/usr/share/man/man3/ausearch_next_event.3
/usr/share/man/man3/ausearch_set_stop.3
/usr/share/man/man3/get_auditfail_action.3
@@ -227,9 +233,9 @@
-
- 2024-03-12
- 3.1.3
+
+ 2024-04-10
+ 4.0.1
Packaging update
Reilly Brogan
solus@reillybrogan.com