[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

rpms/shadow-utils/devel shadow-4.0.13-audit-update.patch, NONE, 1.1 shadow-utils.spec, 1.60, 1.61



Author: sgrubb

Update of /cvs/dist/rpms/shadow-utils/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv14427

Modified Files:
	shadow-utils.spec 
Added Files:
	shadow-4.0.13-audit-update.patch 
Log Message:
* Sat Nov 5 2005 Steve Grubb <sgrubb redhat com> 2:4.0.13-2
- Update audit communication to standard format messages


shadow-4.0.13-audit-update.patch:
 configure.in         |    2 +-
 libmisc/audit_help.c |   21 +++------------------
 src/Makefile.am      |    1 +
 src/newgrp.c         |   33 ++++++++++++++++++++++++++++++++-
 4 files changed, 37 insertions(+), 20 deletions(-)

--- NEW FILE shadow-4.0.13-audit-update.patch ---
diff -ur shadow-4.0.13.orig/configure.in shadow-4.0.13/configure.in
--- shadow-4.0.13.orig/configure.in	2005-11-05 12:09:16.000000000 -0500
+++ shadow-4.0.13/configure.in	2005-11-05 12:46:38.000000000 -0500
@@ -271,7 +271,7 @@
 if test "$with_audit" = "yes"; then
 	AC_CHECK_HEADER(libaudit.h, [audit_header="yes"], [audit_header="no"])
 	if test "$audit_header" = "yes"; then
-		AC_CHECK_LIB(audit, audit_send_message_if_enabled,
+		AC_CHECK_LIB(audit, audit_log_acct_message,
 			[AC_DEFINE(WITH_AUDIT, 1, [Define if you want to enable Audit messages])
 			LIBAUDIT="-laudit"])
 	fi
diff -ur shadow-4.0.13.orig/libmisc/audit_help.c shadow-4.0.13/libmisc/audit_help.c
--- shadow-4.0.13.orig/libmisc/audit_help.c	2005-11-05 12:09:16.000000000 -0500
+++ shadow-4.0.13/libmisc/audit_help.c	2005-11-05 12:43:45.000000000 -0500
@@ -73,24 +73,9 @@
 {
 	if (audit_fd < 0)
 		return;
-	else {
-		char buf[PATH_MAX];
-		const char *success;
-
-		if (result)
-			success = "success";
-		else
-			success = "failed";
-
-		if (name)
-			snprintf (buf, sizeof (buf), "%s: op=%s acct=%s res=%s",
-				  pgname, op, name, success);
-		else
-			snprintf (buf, sizeof (buf), "%s: op=%s id=%u res=%s",
-				  pgname, op, id, success);
-
-		audit_send_user_message (audit_fd, type, buf);
-	}
+	else 
+		audit_log_acct_message(audit_fd, type, NULL, op, name, id,
+        				NULL, NULL, NULL, result);
 }
 
 #endif				/* WITH_AUDIT */
diff -ur shadow-4.0.13.orig/src/Makefile.am shadow-4.0.13/src/Makefile.am
--- shadow-4.0.13.orig/src/Makefile.am	2005-11-05 12:09:18.000000000 -0500
+++ shadow-4.0.13/src/Makefile.am	2005-11-05 12:49:19.000000000 -0500
@@ -65,6 +65,7 @@
 	login.c \
 	login_nopam.c
 login_LDADD    = $(LDADD) $(LIBPAM)
+newgrp_LDADD   = $(LDADD) $(LIBPAM) $(LIBAUDIT)
 newusers_LDADD = $(LDADD) $(LIBPAM)
 passwd_LDADD   = $(LDADD) $(LIBPAM) $(LIBCRACK) $(LIBAUDIT)
 su_SOURCES     = \
diff -ur shadow-4.0.13.orig/src/newgrp.c shadow-4.0.13/src/newgrp.c
--- shadow-4.0.13.orig/src/newgrp.c	2005-11-05 12:09:18.000000000 -0500
+++ shadow-4.0.13/src/newgrp.c	2005-11-05 12:43:45.000000000 -0500
@@ -118,6 +118,9 @@
 	struct sgrp *sgrp;
 #endif
 
+#ifdef WITH_AUDIT
+	audit_help_open ();
+#endif
 	setlocale (LC_ALL, "");
 	bindtextdomain (PACKAGE, LOCALEDIR);
 	textdomain (PACKAGE);
@@ -157,6 +160,10 @@
 	pwd = get_my_pwent ();
 	if (!pwd) {
 		fprintf (stderr, _("unknown UID: %u\n"), getuid ());
+#ifdef WITH_AUDIT
+		audit_logger (AUDIT_USER_START, Prog, "changing", NULL,
+				getuid (), 0);
+#endif
 		SYSLOG ((LOG_WARN, "unknown UID %u", getuid ()));
 		closelog ();
 		exit (1);
@@ -261,6 +268,10 @@
 	}
 	if (ngroups < 0) {
 		perror ("getgroups");
+#ifdef WITH_AUDIT
+		audit_logger (AUDIT_USER_START, Prog,
+				"changing", NULL, getuid (), 0);
+#endif
 		exit (1);
 	}
 #endif				/* HAVE_SETGROUPS */
@@ -470,6 +482,10 @@
 			/* error in fork() */
 			fprintf (stderr, _("%s: failure forking: %s"),
 				 is_newgrp ? "newgrp" : "sg", strerror (errno));
+#ifdef WITH_AUDIT
+			audit_logger (AUDIT_USER_START, Prog, "changing",
+					NULL, getuid (), 0);
+#endif
 			exit (1);
 		} else if (child) {
 			/* parent - wait for child to finish, then log session close */
@@ -540,6 +556,10 @@
 
 	if (setuid (getuid ())) {
 		perror ("setuid");
+#ifdef WITH_AUDIT
+		audit_logger (AUDIT_USER_START, Prog, "changing",
+				NULL, getuid (), 0);
+#endif
 		exit (1);
 	}
 
@@ -550,6 +570,10 @@
 	if (cflag) {
 		closelog ();
 		execl ("/bin/sh", "sh", "-c", command, (char *) 0);
+#ifdef WITH_AUDIT
+		audit_logger (AUDIT_USER_START, Prog, "changing",
+				NULL, getuid (), 0);
+#endif
 		if (errno == ENOENT) {
 			perror ("/bin/sh");
 			exit (127);
@@ -617,7 +641,11 @@
 		while (*envp)
 			addenv (*envp++, NULL);
 	}
-
+	
+#ifdef WITH_AUDIT
+	audit_logger (AUDIT_USER_START, Prog, "changing", NULL,
+				getuid (), 1);
+#endif
 	/*
 	 * Exec the login shell and go away. We are trying to get back to
 	 * the previous environment which should be the user's login shell.
@@ -637,5 +665,9 @@
 	 * harm.  -- JWP
 	 */
 	closelog ();
+#ifdef WITH_AUDIT
+	audit_logger (AUDIT_USER_START, Prog, "changing", NULL,
+				getuid (), 0);
+#endif
 	exit (1);
 }


Index: shadow-utils.spec
===================================================================
RCS file: /cvs/dist/rpms/shadow-utils/devel/shadow-utils.spec,v
retrieving revision 1.60
retrieving revision 1.61
diff -u -r1.60 -r1.61
--- shadow-utils.spec	22 Oct 2005 12:38:17 -0000	1.60
+++ shadow-utils.spec	5 Nov 2005 18:09:50 -0000	1.61
@@ -7,7 +7,7 @@
 Summary: Utilities for managing accounts and shadow password files.
 Name: shadow-utils
 Version: 4.0.13
-Release: 1
+Release: 2
 Epoch: 2
 URL: http://shadow.pld.org.pl/
 Source0: ftp://ftp.pld.org.pl/software/shadow/shadow-%{version}.tar.bz2
@@ -19,14 +19,15 @@
 Patch3: shadow-4.0.13-goodname.patch
 Patch4: shadow-4.0.13-newgrpPwd.patch
 Patch5: shadow-4.0.12-lOption.patch
+Patch6: shadow-4.0.13-audit-update.patch 
 License: BSD
 Group: System Environment/Base
 BuildRequires: autoconf, automake, libtool, gettext-devel
 BuildRequires: libselinux-devel >= 1.25.2-1
-BuildRequires: audit-libs-devel >= 0.9.8
+BuildRequires: audit-libs-devel >= 1.0.10
 Buildroot: %{_tmppath}/%{name}-%{version}-root
 Requires: libselinux >= 1.25.2-1
-Requires: audit-libs >= 0.9.8
+Requires: audit-libs >= 1.0.10
 Obsoletes: adduser
 
 %description
@@ -49,6 +50,7 @@
 %patch3 -p1 -b .goodname
 %patch4 -p1 -b .newgrpPwd
 %patch5 -p1 -b .lOption
+%patch6 -p1 -b .audit
 
 rm po/*.gmo
 rm po/stamp-po
@@ -230,6 +232,9 @@
 %{_mandir}/*/man8/faillog.8*
 
 %changelog
+* Sat Nov 5 2005 Steve Grubb <sgrubb redhat com> 2:4.0.13-2
+- Update audit communication to standard format messages
+
 * Fri Oct 21 2005 Peter Vrabec <pvrabec redhat com> 2:4.0.13-1
 - upgrade
 


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]