[packages/audit] - rel 2; by default audit was enabled but with zero rules. Now disable audit entirely by default sin
arekm
arekm at pld-linux.org
Thu Dec 11 16:17:35 CET 2014
commit 816d3bb0eee1ad274b85176202b8d9c412ca4412
Author: Arkadiusz Miśkiewicz <arekm at maven.pl>
Date: Thu Dec 11 16:17:30 2014 +0100
- rel 2; by default audit was enabled but with zero rules. Now disable audit entirely by default since enabling it has performance impact even if there are no rules -> https://fedorahosted.org/fesco/ticket/1311
audit.spec | 5 ++++-
never-audit.patch | 17 +++++++++++++++++
2 files changed, 21 insertions(+), 1 deletion(-)
---
diff --git a/audit.spec b/audit.spec
index 81ff7bb..4f40ec8 100644
--- a/audit.spec
+++ b/audit.spec
@@ -10,7 +10,7 @@ Summary: User space tools for 2.6 kernel auditing
Summary(pl.UTF-8): Narzędzia przestrzeni użytkownika do audytu jąder 2.6
Name: audit
Version: 2.4.1
-Release: 1
+Release: 2
License: GPL v2+
Group: Daemons
Source0: http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
@@ -26,6 +26,8 @@ Patch5: %{name}-am.patch
Patch6: %{name}-no-refusemanualstop.patch
Patch7: %{name}-cronjob.patch
Patch8: golang-paths.patch
+# https://fedorahosted.org/fesco/ticket/1311
+Patch9: never-audit.patch
URL: http://people.redhat.com/sgrubb/audit/
BuildRequires: autoconf >= 2.59
BuildRequires: automake >= 1:1.9
@@ -167,6 +169,7 @@ Pythonowy interfejs do biblioteki libaudit.
%patch6 -p1
%patch7 -p1
%patch8 -p1
+%patch9 -p1
%if %{without python}
sed 's#swig/Makefile ##' -i configure.ac
diff --git a/never-audit.patch b/never-audit.patch
new file mode 100644
index 0000000..ee93620
--- /dev/null
+++ b/never-audit.patch
@@ -0,0 +1,17 @@
+diff -ur audit.orig/init.d/audit.rules audit/init.d/audit.rules
+--- audit.orig/init.d/audit.rules 2014-07-20 10:43:44.724841702 -0400
++++ audit/init.d/audit.rules 2014-07-22 14:55:50.856253189 -0400
+@@ -6,9 +6,8 @@
+ # First rule - delete all
+ -D
+
+-# Increase the buffers to survive stress events.
+-# Make this bigger for busy systems
+--b 320
+-
+-# Feel free to add below this line. See auditctl man page
++# This suppresses syscall auditing for all tasks started
++# with this rule in effect. Remove it if you need syscall
++# auditing.
++-a task,never
+
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/audit.git/commitdiff/816d3bb0eee1ad274b85176202b8d9c412ca4412
More information about the pld-cvs-commit
mailing list