Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

audit-2.1.1-15.1.2 RPM for i586

From OpenSuSE 12.1 for i586

Name: audit Distribution: openSUSE 12.1
Version: 2.1.1 Vendor: openSUSE
Release: 15.1.2 Build date: Wed Nov 2 11:30:02 2011
Group: System/Monitoring Build host: build12
Size: 911663 Source RPM: audit-2.1.1-15.1.2.src.rpm
Summary: User Space Tools for 2.6 Kernel Auditing
The audit package contains the user space utilities for storing and
processing the audit records generated by the audit subsystem in the
Linux 2.6 kernel.






* Fri Sep 30 2011
  - add libtool as buildrequire to make the spec file more reliable
* Sat Sep 17 2011
  - Remove redundant tags/sections from specfile
  - Add audit-devel to baselibs
* Wed May 11 2011
  - Adjust license of libaudit and libauparse to be
    LGPLv2.1 or later.
* Wed Apr 27 2011
  - Update to version 2.1.1, upstream changelog:
    - 2.1.1
    - When ausearch is interpretting, output "as is" if no = is found
    - Correct socket setup in remote logging
    - Adjusted a couple default settings for remote logging and init script
    - Audispd was not marking restarted plugins as active
    - Audisp-remote should keep a capability if local_port < 1024
    - When audispd restarts plugin, send event in its preferred format
    - In audisp-remote, make all I/O asynchronous
    - In audisp-remote, add sigusr1 handler to dump internal state
    - Fix autrace to use correct syscalls on s390 and s390x systems
    - Add shutdown syscall to remote logging teardowns
    - Correct autrace rule for 32 bits systems
    - Update auditctl man page for new field on user filter
    - Fix crash in aulast when auid is foreign to the system
    - Code cleanups
    - Add store and forward model to audispd-remote (Mirek Trmac)
    - Free memory on failed startups in audisp-prelude
    - Fix memory leak in aureport
    - Fix parsing state problem in libauparse
    - Improve the robustness of libaudit field encoding functions
    - Update capability tables
    - In auditd, make failure action config checking consistent
    - In auditd, check that NULL is not being passed to safe_exec
    - In audisp-remote, overflow_action wasn't suspending if that action was chosen
    - Update interpretations for virt events
    - Improve remote logging warning and error messages
    - Add interpretations for netfilter events
    - ausearch/report performance improvements
    - Synchronize all sample syscall rules to use action,list
    - If program name provided to audit_log_acct_message, escape it
    - Fix man page for the audit_encode_nv_string function (#647131)
    - If value is NULL, don't segfault (#647128)
    - Fix simple event parsing to not assume session id can't be last (Peng Haitao)
    - Add support for new mmap audit event type
    - Add ability for audispd syslog plugin to choose facility local0-7 (#593340)
    - Fix autrace to use correct syscalls on i386 systems (Peng Haitao)
    - On startup and reconfig, check for excess logs and unlink them
    - Add a couple missing parser debug messages
    - Fix error output resolving numeric address and update man page
    - Add netfilter event types
    - Fix spelling error in audit.rules man page (#667845)
    - Improve warning in auditctl regarding immutable mode (#654883)
    - Update syscall tables for the 2.6.37 kernel
    - In ausearch, allow searching for auid -1
    - Add queue overflow_action to audisp-remote to control queue overflows
    - Update sample rules for new syscalls and packages
* Mon Feb 21 2011
  - Fix value of oom_score_adj.
* Tue Dec 07 2010
  - prereq init script syslog
* Sun Nov 07 2010
  - use full RELRO.
* Tue Sep 28 2010
  - Update to version 2.0.5 (drop: audit-as_needed.patch)
  - Upstream 2.0.5 changelog:
    - Make auparse handle empty AUSOURCE_FILE_ARRAY correctly (Miloslav TrmaÄ)
    - On i386, audit rules do not work on inode's with a large number (#554553)
    - Fix displaying of inode values to be unsigned integers when listing rules
    - Correct Makefile install of audispd (Jason Tang)
    - Syscall table updates for 2.6.34 kernel
    - Add definitions for service start and stop
    - Fix handling of ignore errors in auditctl
    - Fix gssapi support to build with new linker options
    - Add virtualization event types
    - Update aureport program help and man pages to show all options
* Tue Sep 28 2010
  - Annotate patch audit-oom_score_adj.
* Mon Sep 27 2010
  - Use /proc/<pid>/oom_score_adj if available.
* Mon Jun 28 2010
  - use %_smp_mflags
* Fri Jun 25 2010
  - Minor changes to README-BEFORE-ADDING-PATCHES file.
  - Add this file as %source in spec
* Fri Jun 25 2010
  - obsolete -XXbit package
* Tue May 04 2010
  - Update to version 2.0.4.  This is a major version update, has changed version. There is no backward compatibility.
    audit-libs has been split into libaudit1 and libauparse0.
  - Redhat changelog for 2.0 - 2.0.4 follows:
    * 2.0.4
    - Make alpha processor support optional
    - Add support for the arm eabi processor
    - add a compatible regexp processing capability to auparse (Miloslav TrmaÄ)
    - Fix regression in parsing user space originating records in aureport
    - Add tcp_max_per_addr option in auditd.conf to limit concurrent connections
    - Rearrange shutdown of auditd to allow DAEMON_END event more time
    * 2.0.3
    - In auditd, tell libev to stop processing a connection when idle timeout
    - In auditd, tell libev to stop processing a connection when shutting down
    - Interpret CAPSET records in ausearch/auparse
    * 2.0.2
    - If audisp-remote plugin has a queue at exit, use non-zero exit code
    - Fix autrace to use the exit filter
    - In audisp-remote, add a sigchld handler
    - In auditd, check for duplicate remote connections before accepting
    - Remove trailing ':' if any are at the end of acct fields in ausearch
    - Update remote logging code to do better sanity check of data
    - Fix audisp-prelude to prefer files if multiple path records are encountered
    - Add libaudit.conf man page
    - In auditd, disconnect idle clients
    * 2.0.1
    - Aulast now reads daemon_start events for the kernel version of reboot
    - Clarify the man pages for ausearch/report regarding locale and date formats
    - Fix getloginuid for python bindings
    - Disable the audispd af_unix plugin by default
    - Add a couple new init script actions for LSB 3.2
    - In audisp-remote plugin, timeout network reads (#514090)
    - Make some error logging in audisp-remote plugin more prominent
    - Add audit.rules man page
    - Interpret the session field in audit events
    * 2.0
    - Remove system-config-audit
    - Get rid of () from userspace originating events
    - Removed old syscall rules API - not needed since 2.6.16
    - Remove all use of the old rule structs from API
    - Fix uninitialized variable in auditd log rotation
    - Add libcap-ng support for audispd plugins
    - Removed ancient defines that are part of kernel 2.6.29 headers
    - Bump soname number for libaudit
    - In auditctl, deprecate the entry filter and move rules to exit filter
    - Parse integrity audit records in ausearch/report (Mimi Zohar)
    - Updated syscall table for 2.6.31 kernel
    - Remove support for the legacy negate syscall rule operator
    - In auditd reset syslog warnings if disk space becomes available
* Sun Dec 13 2009
  - add baselibs.conf as a source
* Tue Nov 03 2009
  - updated patches to apply with fuzz=0
* Mon Sep 28 2009
  - do not package static libraries
  - fix -devel package dependencies
* Sat Jun 20 2009
  - fixed build with --as-needed
* Fri Jun 19 2009
  - disable as-needed for this package as it fails to build with it
* Mon May 11 2009
  - Update from 1.7.7 to 1.7.13.
  - Redhat changelog for 1.7.8 - 1.7.13 follows:
    * Tue Apr 21 2009 Steve Grubb <> 1.7.13-1
    - Disable libev asserts unless --with-debug passed to configure
    - Handle kernel 2.6.29's audit = 0 boot parameter better
    - Install file in arch specific python directory (Dan Walsh)
    - Fix problem with negative uids in audit rules on 32 bit systems
    - When file type is unknown, output octal for mode field (Miloslav TrmaÄ)
    - Update tty keystroke interpretations (Miloslav TrmaÄ)
    * Tue Feb 24 2009 Steve Grubb <> 1.7.12-1
    - Add definitions for crypto events
    - Fix regression where msgtype couldn't be used as a range in audit rules
    - In libaudit, extend time spent checking reply
    - In acct events, prefer id over acct if given
    - In aulast, try id and acct in USER_LOGIN events
    - When in immutable mode, have auditctl tell user instead of sending rules
    - Add option to sysconfig to disable audit system on auditd stop
    - Add tcp_wrappers config option to auditd
    - Aulastlog can now take input from stdin
    - Update libaudit python bindings to throw exceptions on error
    - Adjust formatting of TTY data in libauparse to be like ausearch/report
    - Add more key mappings to TTY interpretations
    - Add internal queue to audisp-remote
    - Fix failure action code to allow executables in audisp-remote (Chu Li)
    - Fix memory leak when NOLOG log_format option given to auditd
    - Quieten some of the reconnect text being sent to syslog in audisp-remote
    - Apply some libev fixups to auditd
    - Cleanup shutdown sequence of auditd
    - Allow auditd log rotation via SIGUSR1 when NOLOG log format option given
    * Sat Jan 10 2009 Steve Grubb <> 1.7.11-1
    - Don't error out in auditd when calling setsid
    - Reformat a couple auditd error messages (Oden Eriksson)
    - If log rotate fails, leave the old log writable
    - Fixed bug in setting up auditd event loop when listening
    - Warn if on biarch machine and auditctl rules show a syscall mismatch
    - Audisp-remote was not parsing some config options correctly
    - In auparse, check for single key in addition to virtual keys
    - When auditd shuts down, send AUDIT_RMW_TYPE_ENDING messages to clients
    - Created reconnect option to remote ending setting of audisp-remote
    * Sat Dec 13 2008 Steve Grubb <> 1.7.10-1
    - Fix ausearch and aureport to handle out of order events
    - Add line-buffer option to ausearch & timeout pipe input (Tony Jones)
    - Add support in ausearch/report for tty data
    - In audisp-remote, allow the keyword "any" for local_port
    - Tighten parsing for -m and -w options in auditctl
    - Add session query hint for aulast proof
    - Fix audisp-remote to tolerate krb5 config options when not supported
    - Created new aureport option for tty keystroke report
    - audispd should detect backup config files and not use them
    - When checking for ack in netlink interface, retry on EAGAIN a few times
    - In aureport, fix mods report to show acct acted upon
    * Wed Nov 05 2008 Steve Grubb <> 1.7.9-1
    - Fix uninitialized variable in aureport causing segfault
    - Quieten down the gssapi not supported messages
    - Fix bug interpretting i386 logs on x86_64 machines
    - If kernel is in immutable mode, auditd should not send enable command
    - Fix ausearch/report recent and now time keyword lookups
    - Created aulast program
    - prelude plugin should pull auid for login alert from 2nd uid field
    - Add system boot, shutdown, and run level change events
    - Add max_restarts to audispd.conf to limit times a plugin is restarted
    - Expand session detection in ausearch
    * Wed Oct 22 2008 Steve Grubb <> 1.7.8-1
    - Interpret TTY audit data in auparse (Miloslav TrmaÄ)
    - Extract terminal from USER_AVC events for ausearch/report (Peng Haitao)
    - Add USER_AVCs to aureport's avc reporting (Peng Haitao)
    - Short circuit hostname resolution in libaudit if host is empty
    - If log_group and user are not root, don't check dispatcher perms
    - Fix a bug when executing "ausearch -te today PM"
    - Add --exit search option to ausearch
    - Fix parsing config file when kerberos is disabled
* Tue Apr 14 2009
  - refresh patches



Generated by rpm2html 1.8.1

Fabrice Bellet, Mon Jul 10 03:42:25 2017