Index index by Group index by Distribution index by Vendor index by creation date index by Name Feedback Help Search

audit-1.3-2.fc5 RPM for i386

From Fedora Core 5 / i386 / updates

Name: audit Distribution: Red Hat (FC-5)
Version: 1.3 Vendor: Red Hat, Inc.
Release: 2.fc5 Build date: Thu Nov 30 09:04:21 2006
Group: System Environment/Daemons Build host: hs20-bc2-3.build.redhat.com
Size: 530696 Source RPM: audit-1.3-2.fc5.src.rpm
Packager: Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>
Url: http://people.redhat.com/sgrubb/audit/
Summary: User space tools for 2.6 kernel auditing
The audit package contains the user space utilities for
storing and searching the audit records generate by
the audit subsystem in the Linux 2.6 kernel.

Provides

Requires

Copyright

GPL

Signatures

internal MD5: a122748b88e82e66a25920fe95fb5167
GPG

Changelog

* Thu Nov 30 2006 Steve Grubb <sgrubb@redhat.com> 1.3-2
  - Fix minor parsing problem and add new msg types
* Tue Nov 28 2006 Steve Grubb <sgrubb@redhat.com> 1.3-1
  - ausearch & aureport implement uid/gid caching
  - In ausearch & aureport, extract addr when hostname is unknown
  - In ausearch & aureport, test audit log presence O_RDONLY
  - New ausearch/aureport time keywords: recent, this-week, this-month, this-year
  - Added --add & --delete option to aureport
  - Update res parsing in config change events
  - Increase the size on audit daemon buffers
  - Parse avc_path records in ausearch/aureport
  - ausearch has new output mode, raw, for extracting events
  - ausearch/aureport can now read stdin
  - Rework AVC processing in ausearch/aureport
  - Added long options to ausearch and aureport
* Tue Oct 24 2006 Steve Grubb <sgrubb@redhat.com> 1.2.9-1
  - In auditd if num_logs is zero, don't rotate on SIGUSR1 (#208834)
  - Fix some defines in libaudit.h
  - Some auditd config strings were not initialized in aureport (#211443)
  - Updated man pages
  - Add Netlabel event types to libaudit
  - Update aureports to current audit event types
  - Update autrace a little
  - Deprecated all the old audit_rule functions from public API
  - Drop auparse library for the moment
* Sun Oct 01 2006 Steve Grubb <sgrubb@redhat.com> 1.2.8-1.fc5
  - Make internal auditd buffers bigger for context info
  - Correct address resolving of hostname in logging functions
  - Do not allow multiple msgtypes in same audit rule in auditctl (#207666)
  - Only =, != operators for arch & inode fields in auditctl (#206427)
  - Updated audit message type table
  - Remove watches from aureport since FS_WATCH is deprecated
  - Add audit_log_avc back temporarily (#208152)
* Wed Sep 20 2006 Steve Grubb <sgrubb@redhat.com> 1.2.7-4.fc5
  - Fix auditd.conf by commenting out dispatcher line
* Tue Sep 19 2006 Steve Grubb <sgrubb@redhat.com> 1.2.7-3.fc5
  - Fix config file location
* Tue Sep 19 2006 Steve Grubb <sgrubb@redhat.com> 1.2.7-2.fc5
  - Remove the audit dispatcher since backport of setroubleshooter is not likely
* Mon Sep 18 2006 Steve Grubb <sgrubb@redhat.com> 1.2.7-1
  - Update to new version that is designed for 2.6.18 kernel
* Mon Mar 06 2006 Steve Grubb <sgrubb@redhat.com> 1.1.5-1
  - Changed audit_log_semanage_message to take new params
  - In aureport, add class between syscall and permission in avc report
  - Fix bug where fsync is called in debug mode
  - Add optional support for tty in SYSCALL records for ausearch/aureport
  - Reinstate legacy rule operator support
  - Add man pages
  - Auditd ignore most signals
* Fri Feb 10 2006 Jesse Keating <jkeating@redhat.com> - 1.1.4-5.1
  - bump again for double-long bug on ppc(64)
* Fri Feb 10 2006 Steve Grubb <sgrubb@redhat.com> 1.1.4-5
  - Change audit_log_semanage_message to check strlen as well as NULL.
* Thu Feb 09 2006 Steve Grubb <sgrubb@redhat.com> 1.1.4-3
  - Change audit_log_semanage_message to take new params.
* Wed Feb 08 2006 Steve Grubb <sgrubb@redhat.com> 1.1.4-1
  - Fix bug in autrace where it didn't run on kernels without file watch support
  - Add syslog message to auditd saying what program was started for dispatcher
  - Remove audit_send_user from public api
  - Fix bug in USER_LOGIN messages where ausearch does not translate
    msg='uid=500: into acct name (#178102).
  - Change comm with dispatcher to socketpair from pipe
  - Change auditd to use custom daemonize to avoid race in init scripts
  - Update error message when deleting a rule that doesn't exist (#176239)
  - Call shutdown_dispatcher when auditd stops
  - Add new logging function audit_log_semanage_message
* Tue Feb 07 2006 Jesse Keating <jkeating@redhat.com> - 1.1.3-1.1
  - rebuilt for new gcc4.1 snapshot and glibc changes
* Thu Jan 05 2006 Steve Grubb <sgrubb@redhat.com> 1.1.3-1
  - Add timestamp to daemon_config messages (#174865)
  - Add error checking of year for aureport & ausearch
  - Treat af_unix sockets as files for searching and reporting
  - Update capp & lspp rules to combine syscalls for higher performance
  - Adjusted the chkconfig line for auditd to start a little earlier
  - Added skeleton program to docs for people to write their own dispatcher with
  - Apply patch from Ulrich Drepper that optimizes resource utilization
  - Change ausearch and aureport to unlocked IO
* Mon Dec 05 2005 Steve Grubb <sgrubb@redhat.com> 1.1.2-1
  - Add more message types
* Wed Nov 30 2005 Steve Grubb <sgrubb@redhat.com> 1.1.1-1
  - Add support for alpha processors
  - Update the audisp code
  - Add locale code in ausearch and aureport
  - Add new rule operator patch
  - Add exclude filter patch
  - Cleanup make files
  - Add python bindings
* Wed Nov 09 2005 Steve Grubb <sgrubb@redhat.com> 1.1-1
  - Add initial version of audisp. Just a placeholder at this point
  - Remove -t from auditctl
* Mon Nov 07 2005 Steve Grubb <sgrubb@redhat.com> 1.0.12-1
  - Add 2 more summary reports
  - Add 2 more message types

Files

/etc/audit.rules
/etc/auditd.conf
/etc/rc.d/init.d/auditd
/etc/sysconfig/auditd
/sbin/auditctl
/sbin/auditd
/sbin/aureport
/sbin/ausearch
/sbin/autrace
/usr/share/doc/audit-1.3
/usr/share/doc/audit-1.3/COPYING
/usr/share/doc/audit-1.3/ChangeLog
/usr/share/doc/audit-1.3/README
/usr/share/doc/audit-1.3/auditd.cron
/usr/share/doc/audit-1.3/capp.rules
/usr/share/doc/audit-1.3/lspp.rules
/usr/share/doc/audit-1.3/sample.rules
/usr/share/doc/audit-1.3/skeleton.c
/usr/share/man/man8/auditctl.8.gz
/usr/share/man/man8/auditd.8.gz
/usr/share/man/man8/auditd.conf.8.gz
/usr/share/man/man8/aureport.8.gz
/usr/share/man/man8/ausearch.8.gz
/usr/share/man/man8/autrace.8.gz
/var/log/audit


Generated by rpm2html 1.9.2

webmaster@wesmo.com, Wed Mar 21 12:13:11 2007