* Migrate from the Ubuntu-specific way of providing a rules directory
(/etc/audit/rules.d/) to the new, upstream rules directory feature based
on /sbin/augenrules. If USE_AUGENRULES is set to "yes" in
/etc/default/auditd, then the auditd init script will use
/etc/audit/rules.d/*.rules files to generate /etc/audit/audit.rules.
Instead of generating the /etc/audit/audit.rules file, the old
Ubuntu-specific way of handling a rules directory parsed
/etc/audit/audit.rules, in addition to the /etc/audit/rules.d/*.rules
files.
- debian/auditd.preinst, debian/auditd.postinst, debian/auditd.postrm:
When upgrading from a version without augenrules, check for a
pre-existing rules directory (/etc/audit/rules.d/). If it exists and is
populated with rules files, move /etc/audit/audit.rules to
/etc/audit/rules.d/audit.rules and set USE_AUGENRULES to "yes". This
migration logic should be dropped after the 14.04 release.
* Merge from Debian testing (LP: #1251795). Remaining changes:
- debian/rules: Disable auditd network listener, with --disable-listener,
to reduce the risk of a remote attack on auditd, which runs as root
- debian/control, debian/rules: Remove libwrap0-dev Build-Dependency and
--with-libwrap configure argument since libwrap is only used by the
auditd network listener
* Dropped changes:
- debian/auditd.init: apply the intent of Peter Moody's patch to add
support for rules.d directory for splitting out audit.d rules
+ The new augenrules tool, called from the init script, replaces this
- debian/control: The upstream audit sources embed and build against their
own version of libev. This is not desirable, but there's no reason to
list libev-dev as a build dependency at this time.
+ Debian commented out the libev Build-Dependency
- debian/patches/FTBFS-python-multiarch.diff: No longer needed
- debian/patches/fix-asprintf-warnings.patch,
debian/patches/fix-unused-result-warnings.patch
debian/patches/fix-discards-const-qualifier-warnings.patch: Present in
upstream release
* debian/auditd.init: The start command now requires $remote_fs to be
started because it may call /bin/augenrules, which depends on
/usr/bin/awk. $PATH must also be updated so that augenrules can find awk.
audit (1:2.3.2-2) unstable; urgency=low
* QA upload.
* Upload to unstable.
audit (1:2.3.2-1) experimental; urgency=low
* QA upload.
* New upstream release
* debian/control, debian/rules: Add support for dh-systemd
* debian/rules: Call dh_installinit with --restart-after-upgrade to minimize
downtime
* debian/patches/01-no-refusemanualstop.patch: Remove RefuseManualStop=yes
option, this is preventing the auditd daemoin to be restarted on upgrade
audit (1:2.3.1-1) experimental; urgency=low
* QA upload.
* New upstream release
- debian/libauparse0.symbols: Adjust .symbols file
* debian/control: Bump Standards-Version to 3.9.4 (no further changes)
* debian/control: Use canonical URL for VCS field
* debian/auditd.init: Remove the usage of the VERBOSE variable
(see lintian error: init.d-script-call-internal-API)
audit (1:2.3-1) experimental; urgency=low
* QA upload.
* New upstream release
* debian/auditd.install: Install /sbin/augenrules and the related manpage
* debian/auditd.post{inst,rm}: /etc/audit/audit.rules is no longer shipped
in the package, copy it on first installation and remove it on purge.
* debian/auditd.default, debian/auditd.init: Automatically generate
/etc/audit/audit.rules on start if USE_AUGENRULES is set to yes
* debian/auditd.NEWS, debian/auditd.README.Debian: Add documentation about
automatically generating the audit.rules file on startup.
* debian/auditd.lintian-overrides: Adjust overrides to match new installed
config files.
* debian/auditd.default, debian/auditd.init: Add an option to disable the
audit system when the daemon is stopped.
audit (1:2.2.3-1) experimental; urgency=low
* QA upload.
* New upstream release
- Properly document audit_open() can fails and sets errno (Closes: #642501)
- Drop all the patches, they have been applied upstream
* Remove libev-dev Build-Dependency
- debian/control: The upstream audit sources embed and build against their
own version of libev. This is not desirable, but there's no reason to
list libev-dev as a build dependency at this time. (Closes: #699933)
-- Tyler Hicks <email address hidden> Fri, 15 Nov 2013 17:24:58 -0800
This bug was fixed in the package audit - 1:2.3.2-2ubuntu1
---------------
audit (1:2.3.2-2ubuntu1) trusty; urgency=low
* Migrate from the Ubuntu-specific way of providing a rules directory audit/rules. d/) to the new, upstream rules directory feature based default/ auditd, then the auditd init script will use audit/rules. d/*.rules files to generate /etc/audit/ audit.rules. audit.rules file, the old audit/audit. rules, in addition to the /etc/audit/ rules.d/ *.rules auditd. preinst, debian/ auditd. postinst, debian/ auditd. postrm: rules.d/ ). If it exists and is audit.rules to etc/audit/ rules.d/ audit.rules and set USE_AUGENRULES to "yes". This -with-libwrap configure argument since libwrap is only used by the patches/ FTBFS-python- multiarch. diff: No longer needed patches/ fix-asprintf- warnings. patch, patches/ fix-unused- result- warnings. patch patches/ fix-discards- const-qualifier -warnings. patch: Present in
(/etc/
on /sbin/augenrules. If USE_AUGENRULES is set to "yes" in
/etc/
/etc/
Instead of generating the /etc/audit/
Ubuntu-specific way of handling a rules directory parsed
/etc/
files.
- debian/
When upgrading from a version without augenrules, check for a
pre-existing rules directory (/etc/audit/
populated with rules files, move /etc/audit/
/
migration logic should be dropped after the 14.04 release.
* Merge from Debian testing (LP: #1251795). Remaining changes:
- debian/rules: Disable auditd network listener, with --disable-listener,
to reduce the risk of a remote attack on auditd, which runs as root
- debian/control, debian/rules: Remove libwrap0-dev Build-Dependency and
-
auditd network listener
* Dropped changes:
- debian/auditd.init: apply the intent of Peter Moody's patch to add
support for rules.d directory for splitting out audit.d rules
+ The new augenrules tool, called from the init script, replaces this
- debian/control: The upstream audit sources embed and build against their
own version of libev. This is not desirable, but there's no reason to
list libev-dev as a build dependency at this time.
+ Debian commented out the libev Build-Dependency
- debian/
- debian/
debian/
debian/
upstream release
* debian/auditd.init: The start command now requires $remote_fs to be
started because it may call /bin/augenrules, which depends on
/usr/bin/awk. $PATH must also be updated so that augenrules can find awk.
audit (1:2.3.2-2) unstable; urgency=low
* QA upload.
* Upload to unstable.
audit (1:2.3.2-1) experimental; urgency=low
* QA upload. after-upgrade to minimize patches/ 01-no-refuseman ualstop. patch: Remove RefuseManualSto p=yes
* New upstream release
* debian/control, debian/rules: Add support for dh-systemd
* debian/rules: Call dh_installinit with --restart-
downtime
* debian/
option, this is preventing the auditd daemoin to be restarted on upgrade
audit (1:2.3.1-1) experimental; urgency=low
* QA upload. libauparse0. symbols: Adjust .symbols file script- call-internal- API)
* New upstream release
- debian/
* debian/control: Bump Standards-Version to 3.9.4 (no further changes)
* debian/control: Use canonical URL for VCS field
* debian/auditd.init: Remove the usage of the VERBOSE variable
(see lintian error: init.d-
audit (1:2.3-1) experimental; urgency=low
* QA upload. auditd. install: Install /sbin/augenrules and the related manpage auditd. post{inst, rm}: /etc/audit/ audit.rules is no longer shipped auditd. default, debian/auditd.init: Automatically generate audit/audit. rules on start if USE_AUGENRULES is set to yes auditd. README. Debian: Add documentation about auditd. lintian- overrides: Adjust overrides to match new installed auditd. default, debian/auditd.init: Add an option to disable the
* New upstream release
* debian/
* debian/
in the package, copy it on first installation and remove it on purge.
* debian/
/etc/
* debian/auditd.NEWS, debian/
automatically generating the audit.rules file on startup.
* debian/
config files.
* debian/
audit system when the daemon is stopped.
audit (1:2.2.3-1) experimental; urgency=low
* QA upload.
* New upstream release
- Properly document audit_open() can fails and sets errno (Closes: #642501)
- Drop all the patches, they have been applied upstream
* Remove libev-dev Build-Dependency
- debian/control: The upstream audit sources embed and build against their
own version of libev. This is not desirable, but there's no reason to
list libev-dev as a build dependency at this time. (Closes: #699933)
-- Tyler Hicks <email address hidden> Fri, 15 Nov 2013 17:24:58 -0800