Fedora Core 4 Update: audit-1.0.2-3.FC4
Summary
The audit package contains the user space utilities for
storing and processing the audit records generate by
the audit subsystem in the Linux 2.6 kernel.
This update fixes several problems where the audit system is
used on systems with SE Linux disabled, it provides a sample
CAPP configuration, adds new auditd config option to keep
all logs instead of rotating them, and does some sanity
checks on some rules before sending them to the kernel.
- Set audit_pid to 0 in kernel on auditd shutdown
* Mon Aug 8 2005 Steve Grubb
- Make sure error packets get eaten.
- Fix a few error messages in auditctl
- Fix handling of unsupported watches when reading rules from file in auditctl
* Wed Aug 3 2005 Steve Grubb
- Add check for fields that cannot be used with syscall entry in auditctl
- Make auditctl not tolerate duplicate rule and watches
- Remove uid check in ausearch
* Tue Aug 2 2005 Steve Grubb
- Update sample CAPP config
- Remove warning for trimming file path in auditctl
- Make auditctl tolerate duplicate rule and watches
- auditd has new option so it doesn't overwrite log files
- Fixed bug in autrace that was reporting bad descriptor
* Fri Jul 29 2005 Steve Grubb
- Fix ausearch to handle missing audit log better
- Fix auditctl blank line handling
- Trim trailing '/' from file system watches in auditctl
- Catch cases where parameter was passed without option being given to auditctl
- Add CAPP sample configuration
c9bba4ca1f3dac09663d2181cda6e040 SRPMS/audit-1.0.2-3.FC4.src.rpm
f1b6e1c8169508f3858e545e07562d67 ppc/audit-1.0.2-3.FC4.ppc.rpm
be4990c76ed12d8a49761f588d775577 ppc/audit-libs-1.0.2-3.FC4.ppc.rpm
d30397cc5147adfd00da87295afca9c0 ppc/audit-libs-devel-1.0.2-3.FC4.ppc.rpm
cf630242cb25801c91ce38affe919958 ppc/debug/audit-debuginfo-1.0.2-3.FC4.ppc.rpm
75c4d69246b19f48a3e44a61fdbd121d ppc/audit-libs-1.0.2-3.FC4.ppc64.rpm
f20217790f81e1b211d80dcc682396e3 x86_64/audit-1.0.2-3.FC4.x86_64.rpm
bff3c1cfe7613f5611be996aad447e13 x86_64/audit-libs-1.0.2-3.FC4.x86_64.rpm
68eb5d3a89aac95b943ff165d6ce27dc x86_64/audit-libs-devel-1.0.2-3.FC4.x86_64.rpm
2d5bbb4e52b12f5c840e56b3df877e23
x86_64/debug/audit-debuginfo-1.0.2-3.FC4.x86_64.rpm
86688cc5b18ff61af7dc413a98c0ae11 x86_64/audit-libs-1.0.2-3.FC4.i386.rpm
117f055c03b4a3733ec60f9dc11d6195 i386/audit-1.0.2-3.FC4.i386.rpm
86688cc5b18ff61af7dc413a98c0ae11 i386/audit-libs-1.0.2-3.FC4.i386.rpm
bc181772c4d323308fe6e1c75a57f960 i386/audit-libs-devel-1.0.2-3.FC4.i386.rpm
cb4d094c5509ab086cba740c33747589 i386/debug/audit-debuginfo-1.0.2-3.FC4.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
fedora-announce-list@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-announce-list
FEDORA-2005-748 2005-08-11 Name : audit Version : 1.0.2 Release : 3.FC4 Summary : User space tools for 2.6 kernel auditing. Description : The audit package contains the user space utilities for storing and processing the audit records generate by the audit subsystem in the Linux 2.6 kernel. This update fixes several problems where the audit system is used on systems with SE Linux disabled, it provides a sample CAPP configuration, adds new auditd config option to keep all logs instead of rotating them, and does some sanity checks on some rules before sending them to the kernel. - Set audit_pid to 0 in kernel on auditd shutdown * Mon Aug 8 2005 Steve Grubb 1.0.2-1.FC4 - Make sure error packets get eaten. - Fix a few error messages in auditctl - Fix handling of unsupported watches when reading rules from file in auditctl * Wed Aug 3 2005 Steve Grubb 1.0.1-1.FC4 - Add check for fields that cannot be used with syscall entry in auditctl - Make auditctl not tolerate duplicate rule and watches - Remove uid check in ausearch * Tue Aug 2 2005 Steve Grubb 1.0-1.FC4 - Update sample CAPP config - Remove warning for trimming file path in auditctl - Make auditctl tolerate duplicate rule and watches - auditd has new option so it doesn't overwrite log files - Fixed bug in autrace that was reporting bad descriptor * Fri Jul 29 2005 Steve Grubb 0.9.20-1.FC4 - Fix ausearch to handle missing audit log better - Fix auditctl blank line handling - Trim trailing '/' from file system watches in auditctl - Catch cases where parameter was passed without option being given to auditctl - Add CAPP sample configuration c9bba4ca1f3dac09663d2181cda6e040 SRPMS/audit-1.0.2-3.FC4.src.rpm f1b6e1c8169508f3858e545e07562d67 ppc/audit-1.0.2-3.FC4.ppc.rpm be4990c76ed12d8a49761f588d775577 ppc/audit-libs-1.0.2-3.FC4.ppc.rpm d30397cc5147adfd00da87295afca9c0 ppc/audit-libs-devel-1.0.2-3.FC4.ppc.rpm cf630242cb25801c91ce38affe919958 ppc/debug/audit-debuginfo-1.0.2-3.FC4.ppc.rpm 75c4d69246b19f48a3e44a61fdbd121d ppc/audit-libs-1.0.2-3.FC4.ppc64.rpm f20217790f81e1b211d80dcc682396e3 x86_64/audit-1.0.2-3.FC4.x86_64.rpm bff3c1cfe7613f5611be996aad447e13 x86_64/audit-libs-1.0.2-3.FC4.x86_64.rpm 68eb5d3a89aac95b943ff165d6ce27dc x86_64/audit-libs-devel-1.0.2-3.FC4.x86_64.rpm 2d5bbb4e52b12f5c840e56b3df877e23 x86_64/debug/audit-debuginfo-1.0.2-3.FC4.x86_64.rpm 86688cc5b18ff61af7dc413a98c0ae11 x86_64/audit-libs-1.0.2-3.FC4.i386.rpm 117f055c03b4a3733ec60f9dc11d6195 i386/audit-1.0.2-3.FC4.i386.rpm 86688cc5b18ff61af7dc413a98c0ae11 i386/audit-libs-1.0.2-3.FC4.i386.rpm bc181772c4d323308fe6e1c75a57f960 i386/audit-libs-devel-1.0.2-3.FC4.i386.rpm cb4d094c5509ab086cba740c33747589 i386/debug/audit-debuginfo-1.0.2-3.FC4.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. fedora-announce-list@redhat.com http://www.redhat.com/mailman/listinfo/fedora-announce-list
Change Log
References
Update Instructions
