python3-audit-3.0.6-150400.4.16.1<>,],eap9| 4,HLP)S"b<1Nq Vg:OJLVj O9iO?_(TvJʚl#Ak2qMdd>%]d)Iae|>F*GǸRO Ass#na\YW/*fv0ۑB碷@2d~0{3 IJlV$7~uzhwS4L@cn7d`}f#+eݐo-2@ >AO\?OLd $ B +SYdp v |  K P\kz   (8 &9&:n&BJFKGKHK(IK4XK8YKDZKt[Kx\K]K^KbKcLwdMeMfM lM uM vM,wNxNyN zNNOOOHCpython3-audit3.0.6150400.4.16.1Python3 Bindings for libauditThe audit-libs-python3 package contains the bindings for using libaudit by python3.eanebbioloESUSE Linux Enterprise 15SUSE LLC LGPL-2.1-or-laterhttps://www.suse.com/Development/Languages/Pythonhttps://people.redhat.com/sgrubb/audit/linuxppc64le1PT`eaeea66be4f8f7ac91fdd02652999d1419849d08c31f4b0ee3a040f26eceb7c351582f7c6d50eac9adf714e22e1cb293ca235b99d3ed70b991c924742a1f45a78edb5980353d70eac5b0e13abdd0bc6878c40da1c08844c067b83abb04e33dd6af310rootrootrootrootrootrootaudit-secondary-3.0.6-150400.4.16.1.src.rpmaudit-libs-python3python3-auditpython3-audit(ppc-64)@@@@@    libaudit.so.1()(64bit)libauparse.so.0()(64bit)libc.so.6()(64bit)libc.so.6(GLIBC_2.17)(64bit)python(abi)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.63.0.4-14.6.0-14.0-15.2-14.14.3edhdhdq@bT@b?@b=b; aaaim@af@aHwaC1aS@a`D`@`@_ǁ_@^[\|[.6@[&M@ZlZZZz@ZyZ_:ZC@YYYu@Ym@VbUematsumiya@suse.deematsumiya@suse.deematsumiya@suse.deematsumiya@suse.dejengelh@inai.decoolo@suse.comematsumiya@suse.comdmueller@suse.comfvogt@suse.comgmbr3@opensuse.orggmbr3@opensuse.orgematsumiya@suse.comematsumiya@suse.comematsumiya@suse.commeissner@suse.comematsumiya@suse.comematsumiya@suse.comdimstar@opensuse.orgematsumiya@suse.comabergmann@suse.comlnussel@suse.detonyj@suse.comjengelh@inai.deantoine.belvire@opensuse.organtoine.belvire@opensuse.orgkukuk@suse.detonyj@suse.commeissner@suse.comtchvatal@suse.comnormand@linux.vnet.ibm.comtchvatal@suse.commpluskal@suse.comaavindraa@gmail.comdimstar@opensuse.orgjengelh@inai.detonyj@suse.comtchvatal@suse.comtonyj@suse.com- Fix plugin termination when using systemd service units (bsc#1215377) * add auditd.service-fix-plugin-termination.patch- Update audit-secondary.spec: create symbolic link from /sbin/audisp-syslog to /usr/sbin/audisp-syslog (bsc#1201519).- Fix rules not loaded when restarting auditd.service(bsc#1204844)- Check for AF_UNIX unnamed sockets (bsc#1210004) * add check-for-AF_UNIX-unnamed-sockets.patch- Drop buildrequire on C++ compiler. - Modernize specfile constructs.- Fix buildrequire for openldap2-devel - audit doesn't require the (outdated) C++ binding, but the C headers that happen to be pulled in by buildrequiring the C++ devel package- Fix unhandled ECONNREFUSED with LDAP environments (bsc#1196645) * add libaudit-fix-unhandled-ECONNREFUSED-from-getpwnam-25.patch - Fix hang in audisp-remote with disk_low_action=suspend (bsc#1196517) * add audisp-remote-fix-hang-with-disk_low_action-suspend-.patch- add audit-userspace-517-compat.patch- Use %autosetup - Don't include sample rules as %doc, they're already installed as normal files - Fix create-augenrules-service.patch: * auditd.service needs to require augenrules.service, not the other way around - Fix documentation for enable-stop-rules.patch- Update to version 3.0.6: * fixes a segfault on some SELINUX_ERR records * makes IPX packet interpretation dependent on the ipx header file existing * adds b32/b64 support to ausyscall * adds support for armv8l * fixes auditctl list of syscalls on PPC * auditd.service now restarts auditd under some conditions- Add CONFIG parameter to %sysusers_generate_pre- Create separate service for augenrules (bsc#1191614, bsc#1181400) * add create-augenrules-service.patch Remove ReadWritePaths=/etc/audit from auditd.service, also removes augenrules call from ExecStartPost. Create augenrules.service with the ReadWritePaths directive above. This makes /etc/audit only accessible by augenrules.service and let auditd.service (and daemon) to be sandboxed again. - Update audit-secondary.spec to accomodate the new service file.- Fix hardened auditd.service (bsc#1181400) * add fix-hardened-service.patch Make /etc/audit read-write from the service. Remove PrivateDevices=true to expose /dev/* to auditd.service. - Enable stop rules for audit.service (cf. bsc#1190227) * add enable-stop-rules.patch- Change default log_format from ENRICHED to RAW (bsc#1190500): * add change-default-log_format.patch (SUSE-specific patch) - Update to version 3.0.5: * In auditd, flush uid/gid caches when user/group added/deleted/modified * Fixed various issues when dealing with corrupted logs * In auditd, check if log_file is valid before closing handle - Include fixed from 3.0.4: * Apply performance speedups to auparse library * Optimize rule loading in auditctl * Fix an auparse memory leak caused by glibc-2.33 by replacing realpath * Update syscall table to the 5.14 kernel * Fixed various issues when dealing with corrupted logs- harden_auditd.service.patch: automatic hardening applied to systemd services- Update to version 3.0.3: * Dont interpret audit netlink groups unless AUDIT_NLGRP_MAX is defined * Add support for AUDIT_RESP_ORIGIN_UNBLOCK_TIMED to ids * Change auparse_feed_has_data in auparse to include incomplete events * Auditd, stop linking against -lrt * Add ProtectHome and RestrictRealtime to auditd.service * In auditd, read up to 3 netlink packets in a row * In auditd, do not validate path to plugin unless active * In auparse, only emit config errors when AUPARSE_DEBUG env variable exists - use https source urls- Adjust audit.spec and audit-secondary.spec to support new version - Include fix for libev * add libev-werror.patch - Update to version 3.0.2 - In audispd-statsd pluging, use struct sockaddr_storage (Ville Heikkinen) - Optionally interpret auid in auditctl -l - Update some syscall argument interpretations - In auditd, do not allow spaces in the hostname name format - Big documentation cleanup (MIZUTA Takeshi) - Update syscall table to the 5.12 kernel - Update the auparse normalizer for new event types - Fix compiler warnings in ids subsystem - Block a couple signals from flush & reconfigure threads - In auditd, don't wait on flush thread when exiting - Output error message if the path of input files are too long ausearch/report Included fixes from 3.0.1 - Update syscall table to the 5.11 kernel - Add new --eoe-timeout option to ausearch and aureport (Burn Alting) - Only enable periodic timers when listening on the network - Upgrade libev to 4.33 - Add auparse_new_buffer function to auparse library - Use the select libev backend unless aggregating events - Add sudoers to some base audit rules - Update the auparse normalizer for some new syscalls and event types Included fixes from 3.0 - Generate checkpoint file even when no results are returned (Burn Alting) - Fix log file creation when file logging is disabled entirely (Vlad Glagolev) - Convert auparse_test to run with python3 (Tomáš Chvátal) - Drop support for prelude - Adjust backlog_wait_time in rules to the kernel default (#1482848) - Remove ids key syntax checking of rules in auditctl - Use SIGCONT to dump auditd internal state (#1504251) - Fix parsing of virtual timestamp fields in ausearch_expression (#1515903) - Fix parsing of uid & success for ausearch - Add support for not equal operator in audit by executable (Ondrej Mosnacek) - Hide lru symbols in auparse - Add systemd process protections - Fix aureport summary time range reporting - Allow unlimited retries on startup for remote logging - Add queue_depth to remote logging stats and increase default queue_depth size - Fix segfault on shutdown - Merge auditd and audispd code - Close on execute init_pipe fd (#1587995) - Breakout audisp syslog plugin to be standalone program - Create a common internal library to reduce code - Move all audispd config files under /etc/audit/ - Move audispd.conf settings into auditd.conf - Add queue depth statistics to internal state dump report - Add network statistics to internal state dump report - SIGUSR now also restarts queue processing if its suspended - Update lookup tables for the 4.18 kernel - Add auparse_normalizer support for SOFTWARE_UPDATE event - Add 30-ospp-v42.rules to meet new Common Criteria requirements - Deprecate enable_krb and replace with transport config opt for remote logging - Mark netlabel events as simple events so that get processed quicker - When auditd is reconfiguring, only SIGHUP plugins with valid pid (#1614833) - In aureport, fix segfault in file report - Add auparse_normalizer support for labeled networking events - Fix memory leak in audisp-remote plugin when using krb5 transport. (#1622194) - In ausearch/auparse, event aging is off by a second - In ausearch/auparse, correct event ordering to process oldest first - Migrate auparse python test to python3 - auparse_reset was not clearing everything it should - Add support for AUDIT_MAC_CALIPSO_ADD, AUDIT_MAC_CALIPSO_DEL events - In ausearch/report, lightly parse selinux portion of USER_AVC events - Add bpf syscall command argument interpretation to auparse - In ausearch/report, limit record size when malformed - Port af_unix plugin to libev - In auditd, fix extract_type function for network originating events - In auditd, calculate right size and location for network originating events - Make legacy script wait for auditd to terminate (#1643567) - Treat all network originating events as VER2 so dispatcher doesn't format it - If an event has a node name make it VER2 so dispatcher doesnt format it - In audisp-remote do an initial connection attempt (#1625156) - In auditd, allow expression of space left as a percentage (#1650670) - On PPC64LE systems, only allow 64 bit rules (#1462178) - Make some parts of auditd state report optional based on config - Update to libev-4.25 - Fix ausearch when checkpointing a single file (Burn Alting) - Fix scripting in 31-privileged.rules wrt filecap (#1662516) - In ausearch, do not checkpt if stdin is input source - In libev, remove __cold__ attribute for functions to allow proper hardening - Add tests to configure.ac for openldap support - Make systemd support files use /run rather than /var/run (Christian Hesse) - Fix minor memory leak in auditd kerberos credentials code - Allow exclude and user filter by executable name (Ondrej Mosnacek) - Fix auditd regression where keep_logs is limited by rotate_logs 2 file test - In ausearch/report fix --end to use midnight time instead of now (#1671338) - Add substitue functions for strndupa & rawmemchr - Fix memleak in auparse caused by corrected event ordering - Fix legacy reload script to reload audit rules when daemon is reloaded - Support for unescaping in trusted messages (Dmitry Voronin) - In auditd, use standard template for DEAMON events (Richard Guy Briggs) - In aureport, fix segfault for malformed USER_CMD events - Add exe field to audit_log_user_command in libaudit - In auditctl support filter on socket address families (Richard Guy Briggs) - Deprecate support for Alpha & IA64 processors - If space_left_action is rotate, allow it every time (#1718444) - In auparse, drop standalone EOE events - Add milliseconds column for ausearch extra time csv format - Fix aureport first event reporting when no start given - In audisp-remote, add new config item for startup connection errors - Remove dependency on chkconfig - Install rules to /usr/share/audit/sample-rules/ - Split up ospp rules to make SCAP scanning easier (#1746018) - In audisp-syslog, support interpreting records (#1497279) - Audit USER events now sends msg as name value pair - Add support for AUDIT_BPF event - Auditd should not process AUDIT_REPLACE events - Update syscall tables to the 5.5 kernel - Improve personality interpretation by using PERS_MASK - Speedup ausearch/report parsing RAW logging format by caching uid/name lookup - Change auparse python bindings to shared object (Issue #121) - Add error messages for watch permissions - If audit rules file doesn't exist log error message instead of info message - Revise error message for unmatched options in auditctl - In audisp-remote, fixup remote endpoint disappearin in ascii format - Add backlog_wait_time_actual reporting / resetting to auditctl (Max Englander) - In auditctl, add support for sending a signal to auditd - Removes audit-fno-common.patch: fixed in upstream - Removes audit-python3.patch: fixed in upstream- Do not explicitly provide group(audit) in system-users-audit: this is automatically handled by rpm/providers.- Create new "audit" group for read access to logs (bsc#1178154) * add change-default-log_group.patch * update audit-secondary.spec- Enable Aarch64 processor support. (bsc#1179515 bsc#1179806)- prepare usrmerge (boo#1029961)- Update to version 2.8.5: * Fix segfault on shutdown * Fix hang on startup (#1587995) * Add sleep to script to dump state so file is ready when needed * Add auparse_normalizer support for SOFTWARE_UPDATE event * Mark netlabel events as simple events so that get processed quicker * When audispd is reconfiguring, only SIGHUP plugins with valid pid (#1614833) * Add 30-ospp-v42.rules to meet new Common Criteria requirements * Update lookup tables for the 4.18 kernel * In aureport, fix segfault in file report * Add auparse_normalizer support for labeled networking events * Fix memory leak in audisp-remote plugin when using krb5 transport. (#1622194) * Event aging is off by a second * In ausearch/auparse, correct event ordering to process oldest first * auparse_reset was not clearing everything it should * Add support for AUDIT_MAC_CALIPSO_ADD, AUDIT_MAC_CALIPSO_DEL events * In ausearch/report, lightly parse selinux portion of USER_AVC events * In ausearch/report, limit record size when malformed * In auditd, fix extract_type function for network originating events * In auditd, calculate right size and location for network originating events * Treat all network originating events as VER2 so dispatcher doesn't format it * In audisp-remote do an initial connection attempt (#1625156) * In auditd, allow expression of space left as a percentage (#1650670) * On PPC64LE systems, only allow 64 bit rules (#1462178) * Make some parts of auditd state report optional based on config * Fix ausearch when checkpointing a single file (Burn Alting) * Fix scripting in 31-privileged.rules wrt filecap (#1662516) * In ausearch, do not checkpt if stdin is input source * In libev, remove __cold__ attribute for functions to allow proper hardening * Add tests to configure.ac for openldap support * Make systemd support files use /run rather than /var/run (Christian Hesse) * Fix minor memory leak in auditd kerberos credentials code * Fix auditd regression where keep_logs is limited by rotate_logs 2 file test * In ausearch/report fix --end to use midnight time instead of now (#1671338) - Fix build errors when using gcc-10 no-common default (bsc#1160384) New patch: audit-fno-common.patch - Refresh audit-allow-manual-stop.patch- Reduce scriptlets' hard dependency on systemd.- Update to version 2.8.4: * Generate checkpoint file even when not results are returned (Burn Alting). * Fix log file creation when file logging is disabled entirely (Vlad Glagolev). * Use SIGCONT to dump auditd internal state (rh#1504251). * Fix parsing of virtual timestamp fields in ausearch_expression (rh#1515903). * Fix parsing of uid & success for ausearch. * Hide lru symbols in auparse. * Fix aureport summary time range reporting. * Allow unlimited retries on startup for remote logging. * Add queue_depth to remote logging stats and increase default queue_depth size.- Update to version 2.8.3: * Correct msg function name in lru debug code. * Fix a segfault in auditd when dns resolution isn't available. * Make a reload legacy service for auditd. * In auparse python bindings, expose some new types that were missing. * In normalizer, pickup subject kind for user_login events. * Fix interpretation of unknown ioctcmds (rh#1540507). * Add ANOM_LOGIN_SERVICE, RESP_ORIGIN_BLOCK, & RESP_ORIGIN_BLOCK_TIMED events. * In auparse_normalize for USER_LOGIN events, map acct for subj_kind. * Fix logging of IPv6 addresses in DAEMON_ACCEPT events (rh#1534748). * Do not rotate auditd logs when num_logs < 2 (brozs).- Use %license instead of %doc [bsc#1082318]- Change openldap dependency to client only (bsc#1085003) - Resolve issue with previous change if both Python2 and Python3 are present, tests were failing as python2 bindings are preferred in this case.- reverted -j1 force ppc specific only- Add patch to fix test run without python2 interpreter: * audit-python3.patch - Update to 2.8.2 release: * Update tables for 4.14 kernel * Fixup ipv6 server side binding * AVC report from aureport was missing result column header (#1511606) * Add SOFTWARE_UPDATE event * In ausearch/report pickup any path and new-disk fields as a file * Fix value returned by auditctl --reset-lost (Richard Guy Briggs) * In auparse, fix expr_create_timestamp_comparison_ex to be numeric field * Fix building on old systems without linux/fanotify.h * Fix shell portability issues reported by shellcheck * Auditd validate_email should not use gethostbyname- force -j1 for PowerPC make check to avoid build failure (lookup_test.o: file not recognized: File truncated)- Add conditions around python plugins to allow us to conditionalize them in enviroment without python2- Rename python binding packages to match current python packaging standards - Update python build dependencies to resolve future split of python2/3- Update to version 2.8.1. See audit.spec (libaudit1) for upstream changelog - Remove audit-implicit-writev.patch (fixed upstream across 2 commits) * 3b30db20ad983274989ce9a522120c3c225436b3 * 07132c22314e9abbe64d1031fd8734243285bb3f - Cleanup with spec-cleaner- Add audit-implicit-writev.patch: include sys/uio.h to ensure readv and writev are declared.- Rectify RPM groups, diversify descriptions. - Remove mentions of static libraries because they are not built.- Update to version 2.7.7. See audit.spec (libaudit1) for upstream changelog Since commit 6cf57d27 (2.7.4) audit is now started as an non-forking service (bsc#1042781). Add config: audit-stop.rules Refresh patch: audit-allow-manual-stop.patch Refresh patch: audit-no-gss.patch- Version update to 2.5. See audit.spec (libaudit1) for upstream changelog - Cleanup with spec-cleaner - Sort out bit /sbin /usr/sbin/ installation - Install the rules as documentation - Remove needless %py_requires from python subpkgs- Update to version 2.4.4. See audit.spec (libaudit1) for upstream changelog - Add python3 bindings for libaudit and libauparse - Remove patch 'audit-no_m4_dir.patch' (added Fri Apr 26 11:14:39 UTC 2013 by mmeister@suse.com) No idea what earlier 'automake' build error this was trying to fix but it broke the handling of "--without-libcap-ng". Anyways, no build error occurs now and m4 path is also needed in v2.4.4 to find ax_prog_cc_for_buildaudit-libs-python3nebbiolo 17072378353.0.63.0.6-150400.4.16.13.0.6-150400.4.16.13.0.6_audit.soaudit.pyauparse.so/usr/lib64/python3.6/site-packages/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:32494/SUSE_SLE-15-SP4_Update/73526a089598575fd6d5cd1f42c951bd-audit-secondary.SUSE_SLE-15-SP4_Updatedrpmxz5ppc64le-suse-linuxELF 64-bit LSB shared object, 64-bit PowerPC or cisco 7500, version 1 (SYSV), dynamically linked, BuildID[sha1]=e59c084aa82a8cd8a7d65920153da2c028d49e56, strippedPython script, ASCII text executable, with very long linesELF 64-bit LSB shared object, 64-bit PowerPC or cisco 7500, version 1 (SYSV), dynamically linked, BuildID[sha1]=fed5ed7a893234b6a91fa912050cab50ef5abb38, strippedRRRRRRRRRTWk(c`utf-83b519fd9645df9c3e37d48fe9209b9dee1226d91395178531e4c70cf0fd62149?7zXZ !t/\ X]"k%a Es^:ؗ5qhe&Sc@'|u!.mhF.4 9X"ٿJoKqȃX$D3 u <>ptM4,Oq.H:谝\!-1Rųj)g 0hu_'-euF000ml~ln@>B\&+Ooqݿ 5pJOQts3<'=!OSD:-pV &R? E:ϙ薓@]oAMl&6c}0W uBd4*ޢo4J* 33Lc΍ BkXCQ׃obW37~*WNR^iw[Qy248K||O[6MEorZۮ#f {y~g;E!0®Bˆ-K/uK6>9@=UhSzDd:&/&+Po:-|_#\dVX5h[Cã)ChXP;×Z9SCvJSzS)*#7 uB;Bh岛XfX%`LH<[6*r\/6T?%9q!V}Yr7QhhӉ=>;C~3͵Qk {H#mr1_mw9&9&D`HaX"oU݌ ]F" *,gZTIWv[nʼR@iGivkaR,[ݰtp<w!7UQu3 y#$VUq 5e֮kP8ӾBM2lR=+GTVeSB{ )s+)F:)]|u({]; - N]t>?fH_B,?3%KEșHQDB5s=BlMyƂk Vqd[MOX rAx~2w8rf6SN#'.ʃL8xa<~"/@f8r4CsH*qDe z7‡>iV%@ JR"$ ܒ6=$fɝZyx&|ȁ3mEbu~^_tuiMR:>P"5\7^%f煥Wd4iUF_9V*,kβ$ߖƪNNś0AU63jg65ҟ~*I<8Fu'IɽhRXoQ!5hE[ƺڏe\7SURV|  .RuU>ް^*Ӕ6n У[<&sw˽<y#bcKy*ϲZ^|=Kx:ݦp"+*&i9A4nbnC*=_ZzU5 利syHnH8=,ȴyz,mV¤{1";v:^V+,29*fOV٣>'g8!מ ajSO^Z,kg!1E0޵sxFTm<1y>ZI=qج֡^纗UϏ hܒv)Lx\e,tRY=JɟG^aBLm=eSߠ2pV>4ߞ=?tM/@{d:m#J4{&K#*"1ϐB9ihif0S崏c?(jVU9;l,LUl"}}l`kf "%K‰ \qBj\HvxOV Q{dvZ3s'26OP jPĨ+弻/st߀!4=m|jUI5`8=O2]ubŸ}P;vb5 TSh8Ȃ< Bnu>dNt΀-СeS/=oW(WiNz&q-إ?UIIJY Ol5?&ps4]: u(M"甤Nt!v SBLat<4$;z YZ