audit-1.3-2.fc5 RPM for x86_64

From Fedora Core 5 / x86_64 / updates

The audit package contains the user space utilities for
storing and searching the audit records generate by
the audit subsystem in the Linux 2.6 kernel.

Provides

• audit

Requires

• /bin/bash
• /bin/sh
• /bin/sh
• /bin/sh
• audit-libs >= 1.1.3
• chkconfig >= 1.3
• coreutils

Copyright

GPL

Signatures

internal MD5: 0f6158bf5fb4a681ddb24de336c2d13e

GPG

Changelog

* Thu Nov 30 2006 Steve Grubb <sgrubb@redhat.com> 1.3-2
  - Fix minor parsing problem and add new msg types
* Tue Nov 28 2006 Steve Grubb <sgrubb@redhat.com> 1.3-1
  - ausearch & aureport implement uid/gid caching
  - In ausearch & aureport, extract addr when hostname is unknown
  - In ausearch & aureport, test audit log presence O_RDONLY
  - New ausearch/aureport time keywords: recent, this-week, this-month, this-year
  - Added --add & --delete option to aureport
  - Update res parsing in config change events
  - Increase the size on audit daemon buffers
  - Parse avc_path records in ausearch/aureport
  - ausearch has new output mode, raw, for extracting events
  - ausearch/aureport can now read stdin
  - Rework AVC processing in ausearch/aureport
  - Added long options to ausearch and aureport
* Tue Oct 24 2006 Steve Grubb <sgrubb@redhat.com> 1.2.9-1
  - In auditd if num_logs is zero, don't rotate on SIGUSR1 (#208834)
  - Fix some defines in libaudit.h
  - Some auditd config strings were not initialized in aureport (#211443)
  - Updated man pages
  - Add Netlabel event types to libaudit
  - Update aureports to current audit event types
  - Update autrace a little
  - Deprecated all the old audit_rule functions from public API
  - Drop auparse library for the moment
* Sun Oct 01 2006 Steve Grubb <sgrubb@redhat.com> 1.2.8-1.fc5
  - Make internal auditd buffers bigger for context info
  - Correct address resolving of hostname in logging functions
  - Do not allow multiple msgtypes in same audit rule in auditctl (#207666)
  - Only =, != operators for arch & inode fields in auditctl (#206427)
  - Updated audit message type table
  - Remove watches from aureport since FS_WATCH is deprecated
  - Add audit_log_avc back temporarily (#208152)
* Wed Sep 20 2006 Steve Grubb <sgrubb@redhat.com> 1.2.7-4.fc5
  - Fix auditd.conf by commenting out dispatcher line
* Tue Sep 19 2006 Steve Grubb <sgrubb@redhat.com> 1.2.7-3.fc5
  - Fix config file location
* Tue Sep 19 2006 Steve Grubb <sgrubb@redhat.com> 1.2.7-2.fc5
  - Remove the audit dispatcher since backport of setroubleshooter is not likely
* Mon Sep 18 2006 Steve Grubb <sgrubb@redhat.com> 1.2.7-1
  - Update to new version that is designed for 2.6.18 kernel
* Mon Mar 06 2006 Steve Grubb <sgrubb@redhat.com> 1.1.5-1
  - Changed audit_log_semanage_message to take new params
  - In aureport, add class between syscall and permission in avc report
  - Fix bug where fsync is called in debug mode
  - Add optional support for tty in SYSCALL records for ausearch/aureport
  - Reinstate legacy rule operator support
  - Add man pages
  - Auditd ignore most signals
* Fri Feb 10 2006 Jesse Keating <jkeating@redhat.com> - 1.1.4-5.1
  - bump again for double-long bug on ppc(64)
* Fri Feb 10 2006 Steve Grubb <sgrubb@redhat.com> 1.1.4-5
  - Change audit_log_semanage_message to check strlen as well as NULL.
* Thu Feb 09 2006 Steve Grubb <sgrubb@redhat.com> 1.1.4-3
  - Change audit_log_semanage_message to take new params.
* Wed Feb 08 2006 Steve Grubb <sgrubb@redhat.com> 1.1.4-1
  - Fix bug in autrace where it didn't run on kernels without file watch support
  - Add syslog message to auditd saying what program was started for dispatcher
  - Remove audit_send_user from public api
  - Fix bug in USER_LOGIN messages where ausearch does not translate
    msg='uid=500: into acct name (#178102).
  - Change comm with dispatcher to socketpair from pipe
  - Change auditd to use custom daemonize to avoid race in init scripts
  - Update error message when deleting a rule that doesn't exist (#176239)
  - Call shutdown_dispatcher when auditd stops
  - Add new logging function audit_log_semanage_message
* Tue Feb 07 2006 Jesse Keating <jkeating@redhat.com> - 1.1.3-1.1
  - rebuilt for new gcc4.1 snapshot and glibc changes
* Thu Jan 05 2006 Steve Grubb <sgrubb@redhat.com> 1.1.3-1
  - Add timestamp to daemon_config messages (#174865)
  - Add error checking of year for aureport & ausearch
  - Treat af_unix sockets as files for searching and reporting
  - Update capp & lspp rules to combine syscalls for higher performance
  - Adjusted the chkconfig line for auditd to start a little earlier
  - Added skeleton program to docs for people to write their own dispatcher with
  - Apply patch from Ulrich Drepper that optimizes resource utilization
  - Change ausearch and aureport to unlocked IO
* Mon Dec 05 2005 Steve Grubb <sgrubb@redhat.com> 1.1.2-1
  - Add more message types
* Wed Nov 30 2005 Steve Grubb <sgrubb@redhat.com> 1.1.1-1
  - Add support for alpha processors
  - Update the audisp code
  - Add locale code in ausearch and aureport
  - Add new rule operator patch
  - Add exclude filter patch
  - Cleanup make files
  - Add python bindings
* Wed Nov 09 2005 Steve Grubb <sgrubb@redhat.com> 1.1-1
  - Add initial version of audisp. Just a placeholder at this point
  - Remove -t from auditctl
* Mon Nov 07 2005 Steve Grubb <sgrubb@redhat.com> 1.0.12-1
  - Add 2 more summary reports
  - Add 2 more message types

Files

/etc/audit.rules
/etc/auditd.conf
/etc/rc.d/init.d/auditd
/etc/sysconfig/auditd
/sbin/auditctl
/sbin/auditd
/sbin/aureport
/sbin/ausearch
/sbin/autrace
/usr/share/doc/audit-1.3
/usr/share/doc/audit-1.3/COPYING
/usr/share/doc/audit-1.3/ChangeLog
/usr/share/doc/audit-1.3/README
/usr/share/doc/audit-1.3/auditd.cron
/usr/share/doc/audit-1.3/capp.rules
/usr/share/doc/audit-1.3/lspp.rules
/usr/share/doc/audit-1.3/sample.rules
/usr/share/doc/audit-1.3/skeleton.c
/usr/share/man/man8/auditctl.8.gz
/usr/share/man/man8/auditd.8.gz
/usr/share/man/man8/auditd.conf.8.gz
/usr/share/man/man8/aureport.8.gz
/usr/share/man/man8/ausearch.8.gz
/usr/share/man/man8/autrace.8.gz
/var/log/audit

Generated by rpm2html 1.9.2

webmaster@wesmo.com, Wed Mar 21 12:13:11 2007