diff options
| author | Vlad Glagolev | 2018-03-27 06:45:19 -0400 |
|---|---|---|
| committer | Vlad Glagolev | 2018-03-27 06:45:19 -0400 |
| commit | e97a8c6bf29cb2b7d4b3fabe7d8e1ff9f2718fdb (patch) | |
| tree | 3aba299976effbbcf1c40b3fd11822baf01b83f1 /security | |
| parent | 2a75be35c0763746e6665ed2f2c3a2a1d145d4f4 (diff) | |
audit: corrected logging
Diffstat (limited to 'security')
| -rwxr-xr-x | security/audit/DETAILS | 1 | ||||
| -rw-r--r-- | security/audit/HISTORY | 5 | ||||
| -rwxr-xr-x | security/audit/PRE_BUILD | 2 | ||||
| -rw-r--r-- | security/audit/logging.patch | 54 |
4 files changed, 62 insertions, 0 deletions
diff --git a/security/audit/DETAILS b/security/audit/DETAILS index 22de6b98f8..fac644038e 100755 --- a/security/audit/DETAILS +++ b/security/audit/DETAILS @@ -1,5 +1,6 @@ SPELL="audit" VERSION="2.8.3" + PATCHLEVEL=1 SOURCE="${SPELL}-${VERSION}.tar.gz" SOURCE_URL[0]="http://people.redhat.com/sgrubb/${SPELL}/${SOURCE}" SOURCE_HASH=sha512:aa939b81a66111f4e466208d7a38414bd186d00ccd374b420439764905b4707bbfcdc2331a6179a080fca981d19171696ecabd26674205b2f9339c44954db933 diff --git a/security/audit/HISTORY b/security/audit/HISTORY index e7dc565464..b77d56502d 100644 --- a/security/audit/HISTORY +++ b/security/audit/HISTORY @@ -1,3 +1,8 @@ +2018-03-27 Vlad Glagolev <stealth@sourcemage.org> + * DETAILS: PATCHLEVEL=1 + * PRE_BUILD: apply patch + * logging.patch: added, to fix disabled logging + 2018-03-22 Vlad Glagolev <stealth@sourcemage.org> * DETAILS: updated spell to 2.8.3; turn off doc dir gathering * DEPENDS: python[3] and openldap become optional; corrected flags; diff --git a/security/audit/PRE_BUILD b/security/audit/PRE_BUILD index 21db4f01b7..7bf2a963ef 100755 --- a/security/audit/PRE_BUILD +++ b/security/audit/PRE_BUILD @@ -1,6 +1,8 @@ default_pre_build && cd "${SOURCE_DIRECTORY}" && +patch -p1 < "${SPELL_DIRECTORY}/logging.patch" && + sedit "/auditd.init/d" init.d/Makefile.am && autoreconf -fi diff --git a/security/audit/logging.patch b/security/audit/logging.patch new file mode 100644 index 0000000000..102467f90f --- /dev/null +++ b/security/audit/logging.patch @@ -0,0 +1,54 @@ +From 623c4868441848ff81763dc9a73fe490d805bd14 Mon Sep 17 00:00:00 2001 +From: Steve Grubb <sgrubb@redhat.com> +Date: Mon, 26 Mar 2018 16:44:20 -0400 +Subject: [PATCH] Fix log file check/creation when file logging is disabled + entirely. This is specifically useful when you have syslog logging module + enabled, and dont want to leave unnecessary cruft such as empty log files. + Reported by Vlad Glagolev + +--- + src/auditd-config.c | 9 ++++----- + src/auditd-event.c | 3 +++ + 2 files changed, 7 insertions(+), 5 deletions(-) + +diff --git a/src/auditd-config.c b/src/auditd-config.c +index 921fdda..ccadcdd 100644 +--- a/src/auditd-config.c ++++ b/src/auditd-config.c +@@ -619,11 +619,9 @@ static int log_file_parser(struct nv_pair *nv, int line, + + fd = open(nv->value, mode); + if (fd < 0) { +- if (errno == ENOENT) { +- fd = create_log_file(nv->value); +- if (fd < 0) +- return 1; +- } else { ++ if (errno == ENOENT) ++ goto finish_up; // Will create the log later ++ else { + audit_msg(LOG_ERR, "Unable to open %s (%s)", nv->value, + strerror(errno)); + return 1; +@@ -652,6 +650,7 @@ static int log_file_parser(struct nv_pair *nv, int line, + audit_msg(LOG_WARNING, "audit log is not writable by owner"); + } + ++finish_up: + free((void *)config->log_file); + config->log_file = strdup(nv->value); + if (config->log_file == NULL) +diff --git a/src/auditd-event.c b/src/auditd-event.c +index dab9bd8..5944123 100644 +--- a/src/auditd-event.c ++++ b/src/auditd-event.c +@@ -1120,6 +1120,9 @@ static int open_audit_log(void) + { + int flags, lfd; + ++ if (config->write_logs == 0) ++ return 0; ++ + flags = O_WRONLY|O_APPEND|O_NOFOLLOW; + if (config->flush == FT_DATA) + flags |= O_DSYNC; |