Remove the RefuseManualStop=yes option This option is preventing the daemon to be restarted on upgrade. . When using systemctl to stop audit, the audit framework is recording the pid of systemd instead of the one from the user process that actually stopped the process. This is breaking the conformity with some gouvernemental certifications.
[PATCH] auditswig.i: avoid setter generation for audit_rule_data::buf As it's a flexible array generated code was never safe to use. With kernel's https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ed98ea2128b6fd83bce13716edf8f5fe6c47f574 change it's a build failure now:
audit> audit_wrap.c:5010:15: error: invalid use of flexible array member audit> 5010 | arg1->buf = (char [])(char *)memcpy(malloc((size)*sizeof(char)), (const char *)(arg2), sizeof(char)*(size)); audit> | ^
