Bug #1251795 “Please merge audit 1:2.3.2-2 (main) from Debian te...” : Bugs : audit package : Ubuntu

Revision history for this message

Tyler Hicks (tyhicks) wrote on 2013-11-16:

#1

audit_2.3.2-2ubuntu1.debdiff Edit (11.7 KiB, text/plain)

Please double check how I'm handling the conffile changes before sponsoring. Thanks!

Revision history for this message

Tyler Hicks (tyhicks) wrote on 2013-11-16:

#2

I've opened Debian bug 729704 to forward the following change:

  * debian/auditd.init: The start command now requires $remote_fs to be
    started because it may call /bin/augenrules, which depends on
    /usr/bin/awk. $PATH must also be updated so that augenrules can find awk.

Revision history for this message

Tyler Hicks (tyhicks) wrote on 2013-11-16:

#3

I've subscribed the Goobuntu Team since they were subscribed to bug 730872, which added in the Ubuntu-specific audit rules directory support. My debdiff will remove that in favor of the newly upstream rules directory support.

Changed in audit (Ubuntu):
status:	In Progress → Confirmed
assignee:	Tyler Hicks (tyhicks) → nobody

Revision history for this message

James Page (james-page) wrote on 2013-11-18:

#4

@Tyler

Thanks for the merge; can I confirm what the intended behaviour is? My understanding from the changelog comment was that if I upgraded from the current version in trusty to this new version, then I would end up with audit.rules in /etc/audit/rules.d and USE_AUGENRULES="yes" in /etc/default/auditd.

As this did not happen, I'm either missing the intent of the migration or its not working as intended.

Changed in audit (Ubuntu):
status:	Confirmed → Incomplete

Revision history for this message

Tyler Hicks (tyhicks) wrote on 2013-11-22: Re: [Bug 1251795] Re: Please merge audit 1:2.3.2-2 (main) from Debian testing (main)

#5

On 2013-11-18 10:33:34, James Page wrote:
> @Tyler
>
> Thanks for the merge; can I confirm what the intended behaviour is? My
> understanding from the changelog comment was that if I upgraded from the
> current version in trusty to this new version, then I would end up with
> audit.rules in /etc/audit/rules.d and USE_AUGENRULES="yes" in
> /etc/default/auditd.

Here's the relevant snippet from the changelog:

  When upgrading from a version without augenrules, check for a
  pre-existing rules directory (/etc/audit/rules.d/). If it exists and is
  populated with rules files, move /etc/audit/audit.rules to
  /etc/audit/rules.d/audit.rules and set USE_AUGENRULES to "yes".

So, you should only have audit.rules in rules.d/ and USE_AUGENRULES="yes" if
you already had a rules.d/ directory populated with rules files. The vast
majority of users will not have a rules.d/ directory and I suspect that is the
case with your system, too.

Tyler Hicks (tyhicks) on 2013-11-27

Changed in audit (Ubuntu):
status:	Incomplete → Confirmed

Revision history for this message

Iain Lane (laney) wrote on 2013-12-03:

#6

James, please could you take another look?

Revision history for this message

Marc Deslauriers (mdeslaur) wrote on 2013-12-04:

#7

Debdiff looks good, and upgrades appear to work as intended.

ACK, thanks!

I've uploaded it to trusty.

Changed in audit (Ubuntu):
status:	Confirmed → Fix Committed

Revision history for this message

Launchpad Janitor (janitor) wrote on 2013-12-04:

#8

Download full text (4.6 KiB)

This bug was fixed in the package audit - 1:2.3.2-2ubuntu1

---------------
audit (1:2.3.2-2ubuntu1) trusty; urgency=low

  * Migrate from the Ubuntu-specific way of providing a rules directory
    (/etc/audit/rules.d/) to the new, upstream rules directory feature based
    on /sbin/augenrules. If USE_AUGENRULES is set to "yes" in
    /etc/default/auditd, then the auditd init script will use
    /etc/audit/rules.d/*.rules files to generate /etc/audit/audit.rules.
    Instead of generating the /etc/audit/audit.rules file, the old
    Ubuntu-specific way of handling a rules directory parsed
    /etc/audit/audit.rules, in addition to the /etc/audit/rules.d/*.rules
    files.
    - debian/auditd.preinst, debian/auditd.postinst, debian/auditd.postrm:
      When upgrading from a version without augenrules, check for a
      pre-existing rules directory (/etc/audit/rules.d/). If it exists and is
      populated with rules files, move /etc/audit/audit.rules to
      /etc/audit/rules.d/audit.rules and set USE_AUGENRULES to "yes". This
      migration logic should be dropped after the 14.04 release.
  * Merge from Debian testing (LP: #1251795). Remaining changes:
    - debian/rules: Disable auditd network listener, with --disable-listener,
      to reduce the risk of a remote attack on auditd, which runs as root
    - debian/control, debian/rules: Remove libwrap0-dev Build-Dependency and
      --with-libwrap configure argument since libwrap is only used by the
      auditd network listener
  * Dropped changes:
    - debian/auditd.init: apply the intent of Peter Moody's patch to add
      support for rules.d directory for splitting out audit.d rules
      + The new augenrules tool, called from the init script, replaces this
    - debian/control: The upstream audit sources embed and build against their
      own version of libev. This is not desirable, but there's no reason to
      list libev-dev as a build dependency at this time.
      + Debian commented out the libev Build-Dependency
    - debian/patches/FTBFS-python-multiarch.diff: No longer needed
    - debian/patches/fix-asprintf-warnings.patch,
      debian/patches/fix-unused-result-warnings.patch
      debian/patches/fix-discards-const-qualifier-warnings.patch: Present in
      upstream release
  * debian/auditd.init: The start command now requires $remote_fs to be
    started because it may call /bin/augenrules, which depends on
    /usr/bin/awk. $PATH must also be updated so that augenrules can find awk.

audit (1:2.3.2-2) unstable; urgency=low

* QA upload.
* Upload to unstable.

audit (1:2.3.2-1) experimental; urgency=low

  * QA upload.
  * New upstream release
  * debian/control, debian/rules: Add support for dh-systemd
  * debian/rules: Call dh_installinit with --restart-after-upgrade to minimize
    downtime
  * debian/patches/01-no-refusemanualstop.patch: Remove RefuseManualStop=yes
    option, this is preventing the auditd daemoin to be restarted on upgrade

audit (1:2.3.1-1) experimental; urgency=low

  * QA upload.
  * New upstream release
    - debian/libauparse0.symbols: Adjust .symbols file
  * debian/control: Bump Standards-Version to 3.9.4 (no further changes)
  * debian/con...

This bug was fixed in the package audit - 1:2.3.2-2ubuntu1

---------------
audit (1:2.3.2-2ubuntu1) trusty; urgency=low

* Migrate from the Ubuntu-specific way of providing a rules directory
    (/etc/audit/rules.d/) to the new, upstream rules directory feature based
    on /sbin/augenrules. If USE_AUGENRULES is set to "yes" in
    /etc/default/auditd, then the auditd init script will use
    /etc/audit/rules.d/*.rules files to generate /etc/audit/audit.rules.
    Instead of generating the /etc/audit/audit.rules file, the old
    Ubuntu-specific way of handling a rules directory parsed
    /etc/audit/audit.rules, in addition to the /etc/audit/rules.d/*.rules
    files.
    - debian/auditd.preinst, debian/auditd.postinst, debian/auditd.postrm:
      When upgrading from a version without augenrules, check for a
      pre-existing rules directory (/etc/audit/rules.d/). If it exists and is
      populated with rules files, move /etc/audit/audit.rules to
      /etc/audit/rules.d/audit.rules and set USE_AUGENRULES to "yes". This
      migration logic should be dropped after the 14.04 release.
  * Merge from Debian testing (LP: #1251795). Remaining changes:
    - debian/rules: Disable auditd network listener, with --disable-listener,
      to reduce the risk of a remote attack on auditd, which runs as root
    - debian/control, debian/rules: Remove libwrap0-dev Build-Dependency and
      --with-libwrap configure argument since libwrap is only used by the
      auditd network listener
  * Dropped changes:
    - debian/auditd.init: apply the intent of Peter Moody's patch to add
      support for rules.d directory for splitting out audit.d rules
      + The new augenrules tool, called from the init script, replaces this
    - debian/control: The upstream audit sources embed and build against their
      own version of libev. This is not desirable, but there's no reason to
      list libev-dev as a build dependency at this time.
      + Debian commented out the libev Build-Dependency
    - debian/patches/FTBFS-python-multiarch.diff: No longer needed
    - debian/patches/fix-asprintf-warnings.patch,
      debian/patches/fix-unused-result-warnings.patch
      debian/patches/fix-discards-const-qualifier-warnings.patch: Present in
      upstream release
  * debian/auditd.init: The start command now requires $remote_fs to be
    started because it may call /bin/augenrules, which depends on
    /usr/bin/awk. $PATH must also be updated so that augenrules can find awk.

audit (1:2.3.2-2) unstable; urgency=low

* QA upload.
  * Upload to unstable.

audit (1:2.3.2-1) experimental; urgency=low

* QA upload.
  * New upstream release
  * debian/control, debian/rules: Add support for dh-systemd
  * debian/rules: Call dh_installinit with --restart-after-upgrade to minimize
    downtime
  * debian/patches/01-no-refusemanualstop.patch: Remove RefuseManualStop=yes
    option, this is preventing the auditd daemoin to be restarted on upgrade

audit (1:2.3.1-1) experimental; urgency=low

* QA upload.
  * New upstream release
    - debian/libauparse0.symbols: Adjust .symbols file
  * debian/control: Bump Standards-Version to 3.9.4 (no further changes)
  * debian/control: Use canonical URL for VCS field
  * debian/auditd.init: Remove the usage of the VERBOSE variable
    (see lintian error: init.d-script-call-internal-API)

audit (1:2.3-1) experimental; urgency=low

* QA upload.
  * New upstream release
  * debian/auditd.install: Install /sbin/augenrules and the related manpage
  * debian/auditd.post{inst,rm}: /etc/audit/audit.rules is no longer shipped
    in the package, copy it on first installation and remove it on purge.
  * debian/auditd.default, debian/auditd.init: Automatically generate
    /etc/audit/audit.rules on start if USE_AUGENRULES is set to yes
  * debian/auditd.NEWS, debian/auditd.README.Debian: Add documentation about
    automatically generating the audit.rules file on startup.
  * debian/auditd.lintian-overrides: Adjust overrides to match new installed
    config files.
  * debian/auditd.default, debian/auditd.init: Add an option to disable the
    audit system when the daemon is stopped.

audit (1:2.2.3-1) experimental; urgency=low

* QA upload.
  * New upstream release
    - Properly document audit_open() can fails and sets errno (Closes: #642501)
    - Drop all the patches, they have been applied upstream
  * Remove libev-dev Build-Dependency
    - debian/control: The upstream audit sources embed and build against their
      own version of libev. This is not desirable, but there's no reason to
      list libev-dev as a build dependency at this time. (Closes: #699933)
 -- Tyler Hicks <tyhicks@canonical.com>   Fri, 15 Nov 2013 17:24:58 -0800

Changed in audit (Ubuntu):
status:	Fix Committed → Fix Released

Ubuntu
audit package

Please merge audit 1:2.3.2-2 (main) from Debian testing (main)

Bug Description

Other bug subscribers

Patches

Remote bug watches

Ubuntuaudit package

Please merge audit 1:2.3.2-2 (main) from Debian testing (main)

Bug Description

Other bug subscribers

Patches

Remote bug watches

Ubuntu
audit package