[packages/audit] - rel 2; by default audit was enabled but with zero rules. Now disable audit entirely by default sin

arekm arekm at pld-linux.org
Thu Dec 11 16:17:35 CET 2014 

commit 816d3bb0eee1ad274b85176202b8d9c412ca4412
Author: Arkadiusz Miśkiewicz <arekm at maven.pl>
Date:   Thu Dec 11 16:17:30 2014 +0100

    - rel 2; by default audit was enabled but with zero rules. Now disable audit entirely by default since enabling it has performance impact even if there are no rules -> https://fedorahosted.org/fesco/ticket/1311

 audit.spec        |  5 ++++-
 never-audit.patch | 17 +++++++++++++++++
 2 files changed, 21 insertions(+), 1 deletion(-)
---
diff --git a/audit.spec b/audit.spec
index 81ff7bb..4f40ec8 100644
--- a/audit.spec
+++ b/audit.spec
@@ -10,7 +10,7 @@ Summary:	User space tools for 2.6 kernel auditing
 Summary(pl.UTF-8):	Narzędzia przestrzeni użytkownika do audytu jąder 2.6
 Name:		audit
 Version:	2.4.1
-Release:	1
+Release:	2
 License:	GPL v2+
 Group:		Daemons
 Source0:	http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
@@ -26,6 +26,8 @@ Patch5:		%{name}-am.patch
 Patch6:		%{name}-no-refusemanualstop.patch
 Patch7:		%{name}-cronjob.patch
 Patch8:		golang-paths.patch
+# https://fedorahosted.org/fesco/ticket/1311
+Patch9:		never-audit.patch
 URL:		http://people.redhat.com/sgrubb/audit/
 BuildRequires:	autoconf >= 2.59
 BuildRequires:	automake >= 1:1.9
@@ -167,6 +169,7 @@ Pythonowy interfejs do biblioteki libaudit.
 %patch6 -p1
 %patch7 -p1
 %patch8 -p1
+%patch9 -p1
 
 %if %{without python}
 sed 's#swig/Makefile ##' -i configure.ac
diff --git a/never-audit.patch b/never-audit.patch
new file mode 100644
index 0000000..ee93620
--- /dev/null
+++ b/never-audit.patch
@@ -0,0 +1,17 @@
+diff -ur audit.orig/init.d/audit.rules audit/init.d/audit.rules
+--- audit.orig/init.d/audit.rules	2014-07-20 10:43:44.724841702 -0400
++++ audit/init.d/audit.rules	2014-07-22 14:55:50.856253189 -0400
+@@ -6,9 +6,8 @@
+ # First rule - delete all
+ -D
+ 
+-# Increase the buffers to survive stress events.
+-# Make this bigger for busy systems
+--b 320
+-
+-# Feel free to add below this line. See auditctl man page
++# This suppresses syscall auditing for all tasks started
++# with this rule in effect.  Remove it if you need syscall
++# auditing.
++-a task,never
+ 
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/audit.git/commitdiff/816d3bb0eee1ad274b85176202b8d9c412ca4412

More information about the pld-cvs-commit mailing list