audit-devel-32bit-2.2.2-1.1.1>t 4 DpQ u׸/=„As Q<3ȻLߡFg `>&Ќ3}@zLJ`NѪw8;$#(PzJ%ᅛ٨=D%inBlW1 /Ab9=RH5 bQ'gJc(V3^!3eӲ5Ɵ j }Ap* Xς4W$8 xvW1Qx%KE7aU2D7}cFQ u׸/=„W K:B|+8d "=y5e'tKit¤] cVW5c|l#cvkX9pDo ?%%|ۏaΜ5ʸY Ȝ[ܚ59iQ<;Fw* ?P4'!ެ-5S>}߆R55 Ǘ6S@7B?Bd  M 2Ry     4H(89L:GA HA(IA0XA4YA<\AT]A\^AvbAcBdB_eBdfBilBkuBvBwBxBCaudit-devel-32bit2.2.21.1.1Header files and static library for libauditThe audit-devel package contains the static libraries and header files needed for developing applications that need to use the audit framework libraries.Q ubuild10openSUSE 12.3openSUSELGPL-2.1+http://bugs.opensuse.orgDevelopment/Libraries/C and C++http://people.redhat.com/sgrubb/audit/linuxx86_64Q uQ ulibaudit.so.1.0.0libauparse.so.0.0.0rootrootrootrootaudit-2.2.2-1.1.1.src.rpmaudit-devel-32bitaudit-devel-32bit(x86-32)   libaudit1-32bitlibauparse0-32bitrpmlib(CompressedFileNames)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsLzma)2.2.22.2.23.0.4-14.0-14.4.6-14.10.2Q @Q @P@Px@OLN@NtMz@M@MbSL!L֔LLL@L(L$@L$@K @K$@J@J@J<@J;}J@Izcrrodriguez@opensuse.orgcrrodriguez@opensuse.orgjengelh@inai.decoolo@suse.comtonyj@suse.comcoolo@suse.comjengelh@medozas.demeissner@suse.detonyj@novell.comaj@suse.decoolo@novell.comcristian.rodriguez@opensuse.orgtonyj@novell.comaj@suse.deaj@suse.dejengelh@medozas.detonyj@novell.comdmueller@suse.detonyj@suse.dejengelh@medozas.decoolo@novell.comcrrodriguez@suse.decmorve69@yahoo.escoolo@novell.comtonyj@suse.dedmueller@suse.de- remove old tarball and update -secondary spec- Audit 2.2.2 , the purpose of this update is too add compatibility with systemd for 12.3 - In auditd, tcp_max_per_addr was allowing 1 more connection than specified - In ausearch, fix matching of object records - Auditctl was returning -1 when listing rules filtered on a key field - Add interpretations for CAP_BLOCK_SUSPEND and CAP_COMPROMISE_KERNEL - Add armv5tejl, armv5tel, armv6l and armv7l machine types (Nathaniel Husted) - Updates for the 3.6 kernel - Add auparse_feed_has_data function to libauparse - Update audisp-prelude to use auparse_feed_has_data - Add support to conditionally build auditd network listener (Tyler Hicks) - In auditd, reset a flag after receiving USR1 signal info when rotating logs - Add optional systemd init script support - Add support for SECCOMP event type - Don't interpret aN_len field in EXECVE records (#869555) - In audisp-remote, do better job of draining queue - Fix capability parsing in ausearch/auparse - Interpret BPRM_FCAPS capability fields - Add ANOM_LINK event type- Executing autoreconf requires autoconf- update to 2.2.1, upstream changelog: 2.2.1 - Add more interpretations in auparse for syscall parameters - Add some interpretations to ausearch for syscall parameters - In ausearch/report and auparse, allocate extra space for node names - Update syscall tables for the 3.3.0 kernel - Update libev to 4.0.4 - Reduce the size of some applications - In auditctl, check usage against euid rather than uid 2.2 - Correct all rules for clock_settime - Fix possible segfault in auparse library - Handle malformed socket addresses better - Improve performance in audit_log_user_message() - Improve performance in writing to the log file in auditd - Syscall update for accept4 and recvmmsg - Update autrace resource usage mode syscall list - Improved sample rules for recent syscalls - Add some debug info to audisp-remote startup and shutdown - Make compiling with Python optional - In auditd, if disk_error_action is ignore, don't syslog anything - Fix some memory leaks - If audispd is stopping, don't restart children - Add support in auditctl for shell escaped filenames (Alexander) - Add search support for virt events (Marcelo Cerri) - Update interpretation tables - Sync auparse's auditd config parser with auditd's parser - In ausearch, also use cwd fields in file name searchs - In ausearch, parse cwd in USER_CMD events - In ausearch, correct parsing of uid in user space events - In ausearch, update parsing of integrity events - Apply some text cleanups from Debian (Russell Coker) - In auditd, relax some permission checks for external apps - Add ROLE_MODIFY event type - In auditctl, new -c option to continue through bad rules but with failed exit - Add auvirt program to do special reporting on virt events (Marcelo Cerri) - Add interfield comparison support to auditctl (Peter Moody) - Update auparse type intepretation for apparmor (Marcelo Cerri) - Increase tcp_max_per_addr maximum to 1024. - remove audit-no_python.patch, there is a configure switch for that now - remove prereq on sysvinit- Update to version 2.1.3, upstream changelog: - 2.1.3 - Fix parsing of EXECVE records to not escape argc field - If auditd's disk is full, send the right reason to client (#715315) - Add CAP_WAKE_ALARM to interpretations - Some updates to audisp-remote's remote-fgets function (Mirek Trmac) - Add detection of TTY events to audisp-prelude (Matteo Sessa) - Updated syscall tables for the 3.0 kernel - Update linker flags for better relro support - Make default size of logs bigger (#727310) - Extract obj from NETFILTER_PKT events - Disable 2 kerberos config options in audisp-remote.conf - 2.1.2 - In ausearch/report, fix a segfault caused by MAC_POLICY_LOAD records - In ausearch/report, add and update parsers - In auditd, cleanup DAEMON_ACCEPT and DAEMON_CLOSE addr fields - In ausearch/report, parse addr field of DAEMON_ACCEPT & DAEMON_CLOSE records - In auditd, move startup success to after events are registered - If auditd shutsdown due to failed tcp init, write a DAEMON_ABORT event - Update auditd to avoid the oom killer in new kernels (Andreas Jaeger) - Parse and interpret NETFILTER_PKT events correctly - Return error if auditctl -l fails (#709345) - In audisp-remote, replace glibc's fgets with custom implementation- add libtool as buildrequire to make the spec file more reliable- Remove redundant tags/sections from specfile - Add audit-devel to baselibs- Adjust license of libaudit and libauparse to be LGPLv2.1 or later.- Update to version 2.1.1, upstream changelog: - 2.1.1 - When ausearch is interpretting, output "as is" if no = is found - Correct socket setup in remote logging - Adjusted a couple default settings for remote logging and init script - Audispd was not marking restarted plugins as active - Audisp-remote should keep a capability if local_port < 1024 - When audispd restarts plugin, send event in its preferred format - In audisp-remote, make all I/O asynchronous - In audisp-remote, add sigusr1 handler to dump internal state - Fix autrace to use correct syscalls on s390 and s390x systems - Add shutdown syscall to remote logging teardowns - Correct autrace rule for 32 bits systems 2.1 - Update auditctl man page for new field on user filter - Fix crash in aulast when auid is foreign to the system - Code cleanups - Add store and forward model to audispd-remote (Mirek Trmac) - Free memory on failed startups in audisp-prelude - Fix memory leak in aureport - Fix parsing state problem in libauparse - Improve the robustness of libaudit field encoding functions - Update capability tables - In auditd, make failure action config checking consistent - In auditd, check that NULL is not being passed to safe_exec - In audisp-remote, overflow_action wasn't suspending if that action was chosen - Update interpretations for virt events - Improve remote logging warning and error messages - Add interpretations for netfilter events 2.0.6 - ausearch/report performance improvements - Synchronize all sample syscall rules to use action,list - If program name provided to audit_log_acct_message, escape it - Fix man page for the audit_encode_nv_string function (#647131) - If value is NULL, don't segfault (#647128) - Fix simple event parsing to not assume session id can't be last (Peng Haitao) - Add support for new mmap audit event type - Add ability for audispd syslog plugin to choose facility local0-7 (#593340) - Fix autrace to use correct syscalls on i386 systems (Peng Haitao) - On startup and reconfig, check for excess logs and unlink them - Add a couple missing parser debug messages - Fix error output resolving numeric address and update man page - Add netfilter event types - Fix spelling error in audit.rules man page (#667845) - Improve warning in auditctl regarding immutable mode (#654883) - Update syscall tables for the 2.6.37 kernel - In ausearch, allow searching for auid -1 - Add queue overflow_action to audisp-remote to control queue overflows - Update sample rules for new syscalls and packages- Fix value of oom_score_adj.- prereq init script syslog- use full RELRO.- Update to version 2.0.5 (drop: audit-as_needed.patch) - Update README-BEFORE-ADDING-PATCHES - Upstream 2.0.5 changelog: - Make auparse handle empty AUSOURCE_FILE_ARRAY correctly (Miloslav Trmač) - On i386, audit rules do not work on inode's with a large number (#554553) - Fix displaying of inode values to be unsigned integers when listing rules - Correct Makefile install of audispd (Jason Tang) - Syscall table updates for 2.6.34 kernel - Add definitions for service start and stop - Fix handling of ignore errors in auditctl - Fix gssapi support to build with new linker options - Add virtualization event types - Update aureport program help and man pages to show all options- Annotate patch audit-oom_score_adj.- Use /proc//oom_score_adj if available.- use %_smp_mflags- Minor changes to README-BEFORE-ADDING-PATCHES file. - Add this file as %source in spec- obsolete -XXbit package- Update to version 2.0.4. This is a major version update, libaudit.so has changed version. There is no backward compatibility. audit-libs has been split into libaudit1 and libauparse0. - Redhat changelog for 2.0 - 2.0.4 follows: * 2.0.4 - Make alpha processor support optional - Add support for the arm eabi processor - add a compatible regexp processing capability to auparse (Miloslav Trmač) - Fix regression in parsing user space originating records in aureport - Add tcp_max_per_addr option in auditd.conf to limit concurrent connections - Rearrange shutdown of auditd to allow DAEMON_END event more time * 2.0.3 - In auditd, tell libev to stop processing a connection when idle timeout - In auditd, tell libev to stop processing a connection when shutting down - Interpret CAPSET records in ausearch/auparse * 2.0.2 - If audisp-remote plugin has a queue at exit, use non-zero exit code - Fix autrace to use the exit filter - In audisp-remote, add a sigchld handler - In auditd, check for duplicate remote connections before accepting - Remove trailing ':' if any are at the end of acct fields in ausearch - Update remote logging code to do better sanity check of data - Fix audisp-prelude to prefer files if multiple path records are encountered - Add libaudit.conf man page - In auditd, disconnect idle clients * 2.0.1 - Aulast now reads daemon_start events for the kernel version of reboot - Clarify the man pages for ausearch/report regarding locale and date formats - Fix getloginuid for python bindings - Disable the audispd af_unix plugin by default - Add a couple new init script actions for LSB 3.2 - In audisp-remote plugin, timeout network reads (#514090) - Make some error logging in audisp-remote plugin more prominent - Add audit.rules man page - Interpret the session field in audit events * 2.0 - Remove system-config-audit - Get rid of () from userspace originating events - Removed old syscall rules API - not needed since 2.6.16 - Remove all use of the old rule structs from API - Fix uninitialized variable in auditd log rotation - Add libcap-ng support for audispd plugins - Removed ancient defines that are part of kernel 2.6.29 headers - Bump soname number for libaudit - In auditctl, deprecate the entry filter and move rules to exit filter - Parse integrity audit records in ausearch/report (Mimi Zohar) - Updated syscall table for 2.6.31 kernel - Remove support for the legacy negate syscall rule operator - In auditd reset syslog warnings if disk space becomes available- add baselibs.conf as a source- updated patches to apply with fuzz=0- do not package static libraries - fix -devel package dependencies- fixed build with --as-needed- disable as-needed for this package as it fails to build with it- Update from 1.7.7 to 1.7.13. - Redhat changelog for 1.7.8 - 1.7.13 follows: * Tue Apr 21 2009 Steve Grubb 1.7.13-1 - Disable libev asserts unless --with-debug passed to configure - Handle kernel 2.6.29's audit = 0 boot parameter better - Install audit.py file in arch specific python directory (Dan Walsh) - Fix problem with negative uids in audit rules on 32 bit systems - When file type is unknown, output octal for mode field (Miloslav Trmač) - Update tty keystroke interpretations (Miloslav Trmač) * Tue Feb 24 2009 Steve Grubb 1.7.12-1 - Add definitions for crypto events - Fix regression where msgtype couldn't be used as a range in audit rules - In libaudit, extend time spent checking reply - In acct events, prefer id over acct if given - In aulast, try id and acct in USER_LOGIN events - When in immutable mode, have auditctl tell user instead of sending rules - Add option to sysconfig to disable audit system on auditd stop - Add tcp_wrappers config option to auditd - Aulastlog can now take input from stdin - Update libaudit python bindings to throw exceptions on error - Adjust formatting of TTY data in libauparse to be like ausearch/report - Add more key mappings to TTY interpretations - Add internal queue to audisp-remote - Fix failure action code to allow executables in audisp-remote (Chu Li) - Fix memory leak when NOLOG log_format option given to auditd - Quieten some of the reconnect text being sent to syslog in audisp-remote - Apply some libev fixups to auditd - Cleanup shutdown sequence of auditd - Allow auditd log rotation via SIGUSR1 when NOLOG log format option given * Sat Jan 10 2009 Steve Grubb 1.7.11-1 - Don't error out in auditd when calling setsid - Reformat a couple auditd error messages (Oden Eriksson) - If log rotate fails, leave the old log writable - Fixed bug in setting up auditd event loop when listening - Warn if on biarch machine and auditctl rules show a syscall mismatch - Audisp-remote was not parsing some config options correctly - In auparse, check for single key in addition to virtual keys - When auditd shuts down, send AUDIT_RMW_TYPE_ENDING messages to clients - Created reconnect option to remote ending setting of audisp-remote * Sat Dec 13 2008 Steve Grubb 1.7.10-1 - Fix ausearch and aureport to handle out of order events - Add line-buffer option to ausearch & timeout pipe input (Tony Jones) - Add support in ausearch/report for tty data - In audisp-remote, allow the keyword "any" for local_port - Tighten parsing for -m and -w options in auditctl - Add session query hint for aulast proof - Fix audisp-remote to tolerate krb5 config options when not supported - Created new aureport option for tty keystroke report - audispd should detect backup config files and not use them - When checking for ack in netlink interface, retry on EAGAIN a few times - In aureport, fix mods report to show acct acted upon * Wed Nov 05 2008 Steve Grubb 1.7.9-1 - Fix uninitialized variable in aureport causing segfault - Quieten down the gssapi not supported messages - Fix bug interpretting i386 logs on x86_64 machines - If kernel is in immutable mode, auditd should not send enable command - Fix ausearch/report recent and now time keyword lookups - Created aulast program - prelude plugin should pull auid for login alert from 2nd uid field - Add system boot, shutdown, and run level change events - Add max_restarts to audispd.conf to limit times a plugin is restarted - Expand session detection in ausearch * Wed Oct 22 2008 Steve Grubb 1.7.8-1 - Interpret TTY audit data in auparse (Miloslav Trmač) - Extract terminal from USER_AVC events for ausearch/report (Peng Haitao) - Add USER_AVCs to aureport's avc reporting (Peng Haitao) - Short circuit hostname resolution in libaudit if host is empty - If log_group and user are not root, don't check dispatcher perms - Fix a bug when executing "ausearch -te today PM" - Add --exit search option to ausearch - Fix parsing config file when kerberos is disabled- refresh patches2.2.2-1.1.12.2.2-1.1.1libaudit.solibauparse.so/usr/lib/-fomit-frame-pointer -fmessage-length=0 -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -gobs://build.opensuse.org/openSUSE:12.3/standard/2789da0e6665e9e6c2102b7425798b8a-auditcpiolzma5x86_64-suse-linuxdirectory?] cr$x#̚PQ eO/sƭ %X C+ߕxTwΤt1Sغ9DӘ+-f-|2F6)F,$̝ AS