[gentoo-commits] repo/gentoo:master commit in: sys-apps/systemd/files/, sys-apps/systemd/

public inbox for gentoo-commits@lists.gentoo.org
 help / color / mirror / Atom feed

From: "Mike Gilbert" <floppym@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] repo/gentoo:master commit in: sys-apps/systemd/files/, sys-apps/systemd/
Date: Mon, 30 Jan 2023 02:14:05 +0000 (UTC)	[thread overview]
Message-ID: <1675044728.b32b4a57937ab2539b761226ff67dece6e7f5558.floppym@gentoo> (raw)

commit:     b32b4a57937ab2539b761226ff67dece6e7f5558
Author:     Mike Gilbert <floppym <AT> gentoo <DOT> org>
AuthorDate: Mon Jan 30 02:07:22 2023 +0000
Commit:     Mike Gilbert <floppym <AT> gentoo <DOT> org>
CommitDate: Mon Jan 30 02:12:08 2023 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b32b4a57

sys-apps/systemd: update journald-audit patch

Signed-off-by: Mike Gilbert <floppym <AT> gentoo.org>

 .../systemd/files/gentoo-journald-audit-r1.patch   | 51 ++++++++++++++++++++++
 sys-apps/systemd/systemd-9999.ebuild               |  2 +-
 2 files changed, 52 insertions(+), 1 deletion(-)

diff --git a/sys-apps/systemd/files/gentoo-journald-audit-r1.patch b/sys-apps/systemd/files/gentoo-journald-audit-r1.patch
new file mode 100644
index 000000000000..b5c32df788e9
--- /dev/null
+++ b/sys-apps/systemd/files/gentoo-journald-audit-r1.patch
@@ -0,0 +1,51 @@
+From 2de502ccff1cc780d9d29c4ff7e6c1e0f2d7a082 Mon Sep 17 00:00:00 2001
+From: Mike Gilbert <floppym@gentoo.org>
+Date: Fri, 21 Aug 2020 13:16:17 -0400
+Subject: [PATCH] journald: do not change the kernel audit setting by default
+
+Bug: https://bugs.gentoo.org/736910
+---
+ man/journald.conf.xml         | 2 +-
+ src/journal/journald-server.c | 2 +-
+ src/journal/journald.conf     | 2 +-
+ 3 files changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/man/journald.conf.xml b/man/journald.conf.xml
+index 50c33e4792..2e14674f42 100644
+--- a/man/journald.conf.xml
++++ b/man/journald.conf.xml
+@@ -427,7 +427,7 @@
+         kernel auditing on start-up. If disabled it will turn it off. If unset it will neither enable nor
+         disable it, leaving the previous state unchanged.  This means if another tool turns on auditing even
+         if <command>systemd-journald</command> left it off, it will still collect the generated
+-        messages. Defaults to on.</para>
++        messages.</para>
+ 
+         <para>Note that this option does not control whether <command>systemd-journald</command> collects
+         generated audit records, it just controls whether it tells the kernel to generate them. If you need
+diff --git a/src/journal/journald-server.c b/src/journal/journald-server.c
+index 022e12d83d..6b3d261af6 100644
+--- a/src/journal/journald-server.c
++++ b/src/journal/journald-server.c
+@@ -2367,7 +2367,7 @@ int server_init(Server *s, const char *namespace) {
+                 .compress.threshold_bytes = UINT64_MAX,
+                 .seal = true,
+ 
+-                .set_audit = true,
++                .set_audit = -1,
+ 
+                 .watchdog_usec = USEC_INFINITY,
+ 
+diff --git a/src/journal/journald.conf b/src/journal/journald.conf
+index 5a60a9d39c..64156d5463 100644
+--- a/src/journal/journald.conf
++++ b/src/journal/journald.conf
+@@ -44,4 +44,4 @@
+ #MaxLevelWall=emerg
+ #LineMax=48K
+ #ReadKMsg=yes
+-#Audit=yes
++#Audit=
+-- 
+2.39.1
+

diff --git a/sys-apps/systemd/systemd-9999.ebuild b/sys-apps/systemd/systemd-9999.ebuild
index 39a2452355b2..ea3aabd5a42f 100644
--- a/sys-apps/systemd/systemd-9999.ebuild
+++ b/sys-apps/systemd/systemd-9999.ebuild
@@ -237,7 +237,7 @@ src_prepare() {
 		PATCHES+=(
 			"${FILESDIR}/gentoo-generator-path-r2.patch"
 			"${FILESDIR}/gentoo-systemctl-disable-sysv-sync-r1.patch"
-			"${FILESDIR}/gentoo-journald-audit.patch"
+			"${FILESDIR}/gentoo-journald-audit-r1.patch"
 		)
 	fi

next             reply	other threads:[~2023-01-30  2:14 UTC|newest]

Thread overview: 62+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-01-30  2:14 Mike Gilbert [this message]
  -- strict thread matches above, loose matches on Subject: below --
2024-09-26 19:15 [gentoo-commits] repo/gentoo:master commit in: sys-apps/systemd/files/, sys-apps/systemd/ Mike Gilbert
2024-04-29 17:27 Sam James
2023-12-28  3:53 Sam James
2023-07-06  8:15 Sam James
2023-05-05  4:13 Sam James
2023-04-29  3:50 Mike Gilbert
2023-01-13 20:06 Mike Gilbert
2023-01-13  5:33 Sam James
2023-01-11  7:50 Sam James
2022-10-15 18:57 Mike Gilbert
2022-10-14 21:18 Sam James
2022-09-18 15:52 Mike Gilbert
2022-08-02 23:40 Sam James
2022-05-24 22:35 Sam James
2022-05-23 18:35 Mike Gilbert
2022-05-21 22:22 Mike Gilbert
2022-05-07 18:32 Mike Gilbert
2022-04-30  0:30 Sam James
2022-04-28  1:26 Sam James
2022-01-15 15:41 Mike Gilbert
2022-01-13 16:29 Mike Gilbert
2021-10-26 15:00 Mike Gilbert
2021-07-20 19:19 Mike Gilbert
2021-07-11 14:41 Mike Gilbert
2021-06-20 17:33 Mike Gilbert
2021-04-27 18:16 Mike Gilbert
2021-03-17 14:19 Mike Gilbert
2020-11-03 15:48 Mike Gilbert
2020-10-14 19:15 Mike Gilbert
2020-09-24 14:51 Mike Gilbert
2020-08-22  1:56 Mike Gilbert
2020-07-06 14:05 Mike Gilbert
2020-06-11  2:29 Mike Gilbert
2020-03-09 21:22 Mike Gilbert
2020-01-26 17:19 Mike Gilbert
2020-01-07  7:19 Mike Gilbert
2019-09-03 15:27 Mike Gilbert
2019-07-31 14:06 Mike Gilbert
2019-06-17 16:19 Mike Gilbert
2019-05-23 12:26 Louis Sautier
2019-05-09 13:41 Mike Gilbert
2019-05-08 17:29 Mike Gilbert
2019-04-05 20:56 Mike Gilbert
2018-10-30 14:34 Mike Gilbert
2018-09-29 15:27 Mike Gilbert
2018-03-26 21:14 Pacho Ramos
2017-12-31  1:40 Mike Gilbert
2017-12-28 16:01 Mike Gilbert
2017-10-28 18:58 Mike Gilbert
2017-10-08 17:11 Mike Gilbert
2017-09-08 21:16 Mike Gilbert
2017-08-13 23:32 Mike Gilbert
2017-07-12 20:23 Mike Gilbert
2017-06-28 17:01 Mike Gilbert
2017-03-12 17:59 Mike Gilbert
2017-01-03 18:15 Mike Gilbert
2016-12-18 23:08 Mike Gilbert
2016-04-16 20:32 Mike Gilbert
2015-12-12 15:17 Mike Gilbert
2015-11-24 16:28 Mike Gilbert
2015-10-25  9:11 Michał Górny

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:b5c32df788e dfblob:39a2452355b dfblob:ea3aabd5a42 )
 OR (
bs:"[gentoo-commits] repo/gentoo:master commit in: sys-apps/systemd/files/, sys-apps/systemd/" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1675044728.b32b4a57937ab2539b761226ff67dece6e7f5558.floppym@gentoo \
    --to=floppym@gentoo.org \
    --cc=gentoo-commits@lists.gentoo.org \
    --cc=gentoo-dev@lists.gentoo.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox