Public bug reported:
audit has this ubuntu delta:
* Merge with Debian unstable. Remaining changes:
- debian/rules: Disable auditd network listener, with --disable-listener,
to reduce the risk of a remote attack on auditd, which runs as root
Turns out this was adopted in debian since 1:2.8.5-1:
* debian/rules: On Ubuntu and derivatives, disable auditd network listener
with --disable-listener
Debian's change is:
# Merge the last remaining Ubuntu specific change in Debian:
# Disable auditd network listener to reduce the risk of a remote attack on
# auditd, which runs as root
ifeq ($(shell dpkg-vendor --derives-from Ubuntu && echo yes), yes)
CONFIGURE_FLAGS += --disable-listener
endif
and ours is to add --disable-listener explicitly. d/rules ends up being:
dh_auto_configure -- \
--sbindir=/sbin \
--libdir=/lib/${DEB_HOST_MULTIARCH} \
--enable-shared=audit \
--enable-gssapi-krb5 \
--disable-listener \
--with-apparmor \
--with-libwrap \
--with-libcap-ng \
$(CONFIGURE_FLAGS) \
--with-arm --with-aarch64 ${EXTRA_ARCH_TABLE}
CONFIGURE_FLAGS gets --disable-listener on ubuntu, and we add it again.
The delta can be dropped. Then it's just a matter of checking the other
debian changes and, if deemed appropriate, sync the package.
** Affects: audit (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to audit in Ubuntu.
https://bugs.launchpad.net/bugs/1961981
Title:
Current delta applied twice, not needed
Status in audit package in Ubuntu:
New
Bug description:
audit has this ubuntu delta:
* Merge with Debian unstable. Remaining changes:
- debian/rules: Disable auditd network listener, with --disable-listener,
to reduce the risk of a remote attack on auditd, which runs as root
Turns out this was adopted in debian since 1:2.8.5-1:
* debian/rules: On Ubuntu and derivatives, disable auditd network listener
with --disable-listener
Debian's change is:
# Merge the last remaining Ubuntu specific change in Debian:
# Disable auditd network listener to reduce the risk of a remote attack on
# auditd, which runs as root
ifeq ($(shell dpkg-vendor --derives-from Ubuntu && echo yes), yes)
CONFIGURE_FLAGS += --disable-listener
endif
and ours is to add --disable-listener explicitly. d/rules ends up being:
dh_auto_configure -- \
--sbindir=/sbin \
--libdir=/lib/${DEB_HOST_MULTIARCH} \
--enable-shared=audit \
--enable-gssapi-krb5 \
--disable-listener \
--with-apparmor \
--with-libwrap \
--with-libcap-ng \
$(CONFIGURE_FLAGS) \
--with-arm --with-aarch64 ${EXTRA_ARCH_TABLE}
CONFIGURE_FLAGS gets --disable-listener on ubuntu, and we add it
again.
The delta can be dropped. Then it's just a matter of checking the
other debian changes and, if deemed appropriate, sync the package.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/audit/+bug/1961981/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
