Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package aide for openSUSE:Factory checked in at 2023-06-30 19:59:58 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/aide (Old) and /work/SRC/openSUSE:Factory/.aide.new.13546 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "aide" Fri Jun 30 19:59:58 2023 rev:39 rq:1096118 version:0.18.4 Changes: -------- --- /work/SRC/openSUSE:Factory/aide/aide.changes 2023-06-05 18:08:19.227740548 +0200 +++ /work/SRC/openSUSE:Factory/.aide.new.13546/aide.changes 2023-06-30 20:00:27.270208132 +0200 @@ -1,0 +2,10 @@ +Fri Jun 30 10:05:30 UTC 2023 - Paolo Stivanin <info@paolostivanin.com> + +- Update to 0.18.4: + * Fix handling of extended attributes on symlinks + * Add missing ')' to log message + * Fix static linking of the aide binary + * Don't require database_out for --dry-init + * Remove strerror() calls from thread log messages + +------------------------------------------------------------------- Old: ---- aide-0.18.3.tar.gz aide-0.18.3.tar.gz.asc New: ---- aide-0.18.4.tar.gz aide-0.18.4.tar.gz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ aide.spec ++++++ --- /var/tmp/diff_new_pack.tprBdX/_old 2023-06-30 20:00:28.090213009 +0200 +++ /var/tmp/diff_new_pack.tprBdX/_new 2023-06-30 20:00:28.094213033 +0200 @@ -17,7 +17,7 @@ Name: aide -Version: 0.18.3 +Version: 0.18.4 Release: 0 Summary: Advanced Intrusion Detection Environment License: GPL-2.0-or-later ++++++ aide-0.18.3.tar.gz -> aide-0.18.4.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aide-0.18.3/ChangeLog new/aide-0.18.4/ChangeLog --- old/aide-0.18.3/ChangeLog 2023-05-16 21:20:17.000000000 +0200 +++ new/aide-0.18.4/ChangeLog 2023-06-13 22:18:29.000000000 +0200 @@ -1,3 +1,15 @@ +2023-06-13 Hannes von Haugwitz <hannes@vonhaugwitz.com> + * Release aide 0.18.4 + +2023-06-12 Hannes von Haugwitz <hannes@vonhaugwitz.com> + * Add missing ')' to log message + * Fix handling of extended attributes on symlinks (closes: #156) + +2023-06-03 Hannes von Haugwitz <hannes@vonhaugwitz.com> + * Remove strerror() calls from thread log messages + * Don't require database_out for --dry-init + * Fix static linking of the aide binary + 2023-05-16 Hannes von Haugwitz <hannes@vonhaugwitz.com> * Release aide 0.18.3 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aide-0.18.3/NEWS new/aide-0.18.4/NEWS --- old/aide-0.18.3/NEWS 2023-05-16 21:20:17.000000000 +0200 +++ new/aide-0.18.4/NEWS 2023-06-13 22:18:34.000000000 +0200 @@ -1,3 +1,10 @@ +Version 0.18.4 (2023-06-13) + * Fix handling of extended attributes on symlinks + * Add missing ')' to log message + * Fix static linking of the aide binary + * Don't require database_out for --dry-init + * Remove strerror() calls from thread log messages + Version 0.18.3 (2023-05-16) * Handle readlink() errors diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aide-0.18.3/README new/aide-0.18.4/README --- old/aide-0.18.3/README 2023-05-16 21:20:17.000000000 +0200 +++ new/aide-0.18.4/README 2023-06-13 22:18:34.000000000 +0200 @@ -1,7 +1,7 @@ AIDE - Advanced Intrusion Detection Environment ------------------------------------------------- - Version 0.18.3 + Version 0.18.4 This file is free software; as a special exception the author gives unlimited permission to copy and/or distribute it, with or without diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aide-0.18.3/configure new/aide-0.18.4/configure --- old/aide-0.18.3/configure 2023-05-16 21:20:35.000000000 +0200 +++ new/aide-0.18.4/configure 2023-06-13 22:18:53.000000000 +0200 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.71 for aide 0.18.3. +# Generated by GNU Autoconf 2.71 for aide 0.18.4. # # # Copyright (C) 1992-1996, 1998-2017, 2020-2021 Free Software Foundation, @@ -608,8 +608,8 @@ # Identity of this package. PACKAGE_NAME='aide' PACKAGE_TARNAME='aide' -PACKAGE_VERSION='0.18.3' -PACKAGE_STRING='aide 0.18.3' +PACKAGE_VERSION='0.18.4' +PACKAGE_STRING='aide 0.18.4' PACKAGE_BUGREPORT='' PACKAGE_URL='' @@ -1430,7 +1430,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures aide 0.18.3 to adapt to many kinds of systems. +\`configure' configures aide 0.18.4 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1502,7 +1502,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of aide 0.18.3:";; + short | recursive ) echo "Configuration of aide 0.18.4:";; esac cat <<\_ACEOF @@ -1674,7 +1674,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -aide configure 0.18.3 +aide configure 0.18.4 generated by GNU Autoconf 2.71 Copyright (C) 2021 Free Software Foundation, Inc. @@ -2219,7 +2219,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by aide $as_me 0.18.3, which was +It was created by aide $as_me 0.18.4, which was generated by GNU Autoconf 2.71. Invocation command line was $ $0$ac_configure_args_raw @@ -3603,7 +3603,7 @@ # Define the identity of the package. PACKAGE='aide' - VERSION='0.18.3' + VERSION='0.18.4' printf "%s\n" "#define PACKAGE \"$PACKAGE\"" >>confdefs.h @@ -3707,7 +3707,7 @@ fi -printf "%s\n" "#define AIDEVERSION \"0.18.3\"" >>confdefs.h +printf "%s\n" "#define AIDEVERSION \"0.18.4\"" >>confdefs.h @@ -5875,7 +5875,7 @@ esac fi -# Check whether static linking has explicitly been disabled +# Check whether static linking has explicitly been enabled # Check whether --enable-static was given. if test ${enable_static+y} then : @@ -10722,7 +10722,7 @@ printf "%s\n" "#define AIDECOMPILEOPTIONS \"${compoptionstring}\"" >>confdefs.h -LDFLAGS="$LDFLAGS $EXTRA_LDFLAGS" +LDFLAGS="$LDFLAGS $LD_STATIC_FLAG $EXTRA_LDFLAGS" CFLAGS="$CFLAGS $EXTRA_CFLAGS" @@ -11300,7 +11300,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by aide $as_me 0.18.3, which was +This file was extended by aide $as_me 0.18.4, which was generated by GNU Autoconf 2.71. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -11368,7 +11368,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config='$ac_cs_config_escaped' ac_cs_version="\\ -aide config.status 0.18.3 +aide config.status 0.18.4 configured by $0, generated by GNU Autoconf 2.71, with options \\"\$ac_cs_config\\" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aide-0.18.3/configure.ac new/aide-0.18.4/configure.ac --- old/aide-0.18.3/configure.ac 2023-04-01 18:25:38.000000000 +0200 +++ new/aide-0.18.4/configure.ac 2023-06-13 20:53:43.000000000 +0200 @@ -165,7 +165,7 @@ esac fi -# Check whether static linking has explicitly been disabled +# Check whether static linking has explicitly been enabled AC_ARG_ENABLE(static,[ --enable-static enable static linking (might increase the security of aide, see README for details)], [aide_static_choice=$enableval], [aide_static_choice=no]) dnl Borrowed from dbus @@ -446,7 +446,7 @@ AC_DEFINE_UNQUOTED(AIDECOMPILEOPTIONS, "${compoptionstring}",[Compile-time options displayed in -v output]) dnl Add in the optional compiler features -LDFLAGS="$LDFLAGS $EXTRA_LDFLAGS" +LDFLAGS="$LDFLAGS $LD_STATIC_FLAG $EXTRA_LDFLAGS" CFLAGS="$CFLAGS $EXTRA_CFLAGS" AC_SUBST(AIDE_DEFS) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aide-0.18.3/doc/aide.1 new/aide-0.18.4/doc/aide.1 --- old/aide-0.18.3/doc/aide.1 2023-05-16 21:20:17.000000000 +0200 +++ new/aide-0.18.4/doc/aide.1 2023-06-13 22:18:34.000000000 +0200 @@ -1,4 +1,4 @@ -.TH AIDE 1 "2023-05-16" "aide v0.18.3" "User Commands" +.TH AIDE 1 "2023-06-13" "aide v0.18.4" "User Commands" .SH NAME \fBaide\fP \- Advanced Intrusion Detection Environment .SH SYNOPSIS diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aide-0.18.3/doc/aide.conf.5 new/aide-0.18.4/doc/aide.conf.5 --- old/aide-0.18.3/doc/aide.conf.5 2023-05-16 21:20:17.000000000 +0200 +++ new/aide-0.18.4/doc/aide.conf.5 2023-06-13 22:18:34.000000000 +0200 @@ -1,4 +1,4 @@ -.TH AIDE.CONF 5 "2023-05-16" "aide v0.18.3" "AIDE" +.TH AIDE.CONF 5 "2023-06-13" "aide v0.18.4" "AIDE" .SH NAME aide.conf - The configuration file for Advanced Intrusion Detection Environment diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aide-0.18.3/src/aide.c new/aide-0.18.4/src/aide.c --- old/aide-0.18.3/src/aide.c 2023-04-01 18:25:38.000000000 +0200 +++ new/aide-0.18.4/src/aide.c 2023-06-13 20:52:39.000000000 +0200 @@ -663,7 +663,7 @@ log_msg(LOG_LEVEL_ERROR,_("missing 'database_in', config option is required")); exit(INVALID_ARGUMENT_ERROR); } - if (conf->action&DO_INIT && !(conf->database_out.url)) { + if (!(conf->action&DO_DRY_RUN) && conf->action&DO_INIT && !(conf->database_out.url)) { log_msg(LOG_LEVEL_ERROR,_("missing 'database_out', config option is required")); exit(INVALID_ARGUMENT_ERROR); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aide-0.18.3/src/db_disk.c new/aide-0.18.4/src/db_disk.c --- old/aide-0.18.3/src/db_disk.c 2023-04-03 22:06:53.000000000 +0200 +++ new/aide-0.18.4/src/db_disk.c 2023-06-13 20:54:02.000000000 +0200 @@ -158,7 +158,7 @@ if (strcmp(entp->d_name, ".") != 0 && strcmp(entp->d_name, "..") != 0) { char *entry_full_path = name_construct(full_path, entp->d_name); bool free_entry_full_path = true; - log_msg(log_level, "scan_dir: process child directory '%s' (fullpath: '%s'", &entry_full_path[conf->root_prefix_length], entry_full_path); + log_msg(log_level, "scan_dir: process child directory '%s' (fullpath: '%s')", &entry_full_path[conf->root_prefix_length], entry_full_path); if (!get_file_status(entry_full_path, &fs)) { rule = NULL; node = NULL; @@ -265,7 +265,7 @@ if (!dry_run && conf->num_workers) { if (pthread_create(&add2tree_thread, NULL, &add2tree, NULL) != 0) { - log_msg(LOG_LEVEL_ERROR, "failed to start add2tree thread: %s", strerror(errno)); + log_msg(LOG_LEVEL_ERROR, "failed to start add2tree thread"); exit(THREAD_ERROR); } } @@ -276,7 +276,7 @@ #ifdef WITH_PTHREAD if (!dry_run && conf->num_workers) { if (pthread_join(add2tree_thread, NULL) != 0) { - log_msg(LOG_LEVEL_ERROR, "failed to join add2tree thread: %s", strerror(errno)); + log_msg(LOG_LEVEL_ERROR, "failed to join add2tree thread"); exit(THREAD_ERROR); } } @@ -322,7 +322,7 @@ log_msg(LOG_LEVEL_THREAD, "%10s: wait for file_attrs_worker threads to be finished", whoami); for (int i = 0 ; i < conf->num_workers ; ++i) { if (pthread_join(file_attributes_threads[i], NULL) != 0) { - log_msg(LOG_LEVEL_WARNING, "failed to join file attributes thread #%d: %s", i, strerror(errno)); + log_msg(LOG_LEVEL_WARNING, "failed to join file attributes thread #%d", i); } log_msg(LOG_LEVEL_THREAD, "%10s: file_attrs_worker thread #%d finished", whoami, i); } @@ -342,12 +342,12 @@ for (int i = 0 ; i < conf->num_workers ; ++i) { if (pthread_create(&file_attributes_threads[i], NULL, &file_attrs_worker, (void *) (i+1L)) != 0) { - log_msg(LOG_LEVEL_ERROR, "failed to start file attributes worker thread #%d: %s", i+1, strerror(errno)); + log_msg(LOG_LEVEL_ERROR, "failed to start file attributes worker thread #%d", i+1); return RETFAIL; } } if (pthread_create(&wait_for_workers_thread, NULL, &wait_for_workers, NULL) != 0) { - log_msg(LOG_LEVEL_ERROR, "failed to start wait_for_workers thread: %s", strerror(errno)); + log_msg(LOG_LEVEL_ERROR, "failed to start wait_for_workers thread"); return RETFAIL; } return RETOK; @@ -355,7 +355,7 @@ int db_disk_finish_threads() { if (pthread_join(wait_for_workers_thread, NULL) != 0) { - log_msg(LOG_LEVEL_ERROR, "failed to join wait_for_workers thread: %s", strerror(errno)); + log_msg(LOG_LEVEL_ERROR, "failed to join wait_for_workers thread"); return RETFAIL; } log_msg(LOG_LEVEL_THREAD, "%10s: wait_for_workers thread finished", whoami_main); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aide-0.18.3/src/do_md.c new/aide-0.18.4/src/do_md.c --- old/aide-0.18.3/src/do_md.c 2023-04-01 18:25:38.000000000 +0200 +++ new/aide-0.18.4/src/do_md.c 2023-06-13 20:54:07.000000000 +0200 @@ -514,7 +514,7 @@ strncmp(attr, "trusted.", strlen("trusted."))) goto next_attr; /* only store normal xattrs, and SELinux */ - while (((aret = getxattr(line->fullpath, attr, val, asz)) == + while (((aret = lgetxattr(line->fullpath, attr, val, asz)) == -1) && (errno == ERANGE)) { asz <<= 1; val = checked_realloc (val, asz); @@ -523,7 +523,7 @@ if (aret != -1) xattr_add(xattrs, attr, val, aret); else if (errno != ENOATTR) - log_msg(LOG_LEVEL_WARNING, "getxattr failed for %s:%s", line->fullpath, strerror(errno)); + log_msg(LOG_LEVEL_WARNING, "lgetxattr failed for %s:%s", line->fullpath, strerror(errno)); next_attr: attr += len + 1; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aide-0.18.3/version.m4 new/aide-0.18.4/version.m4 --- old/aide-0.18.3/version.m4 2023-05-16 21:20:32.000000000 +0200 +++ new/aide-0.18.4/version.m4 2023-06-13 22:18:51.000000000 +0200 @@ -1 +1 @@ -m4_define([AIDE_VERSION], [0.18.3]) +m4_define([AIDE_VERSION], [0.18.4])