summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorXin Ouyang <Xin.Ouyang@windriver.com>2013-01-21 18:53:10 +0800
committerXin Ouyang <Xin.Ouyang@windriver.com>2013-01-22 10:44:20 +0800
commit2632759938613f8173ae511bf99dccf14d23ed8d (patch)
treeeb0929a1300ee97c94f7cbf59a6154fe0d66e13c
parent393e22b3c923f69e893bb02b117b83862eebe689 (diff)
downloadmeta-selinux-2632759938613f8173ae511bf99dccf14d23ed8d.tar.gz
audit: admin tools&daemons install to base_sbindir
audit admin tools and daemons should install to base_sbindir, so they can get correct security labels after selinux restorecon command. Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
Diffstat
-rwxr-xr-xrecipes-security/audit/audit-2.2.1/auditd7
-rw-r--r--recipes-security/audit/audit-2.2.1/sbin-in-usr.patch33
-rw-r--r--recipes-security/audit/audit_2.2.1.bb6
3 files changed, 7 insertions, 39 deletions
diff --git a/recipes-security/audit/audit-2.2.1/auditd b/recipes-security/audit/audit-2.2.1/auditd
index cda836a..48b6990 100755
--- a/recipes-security/audit/audit-2.2.1/auditd
+++ b/recipes-security/audit/audit-2.2.1/auditd
@@ -18,7 +18,7 @@
18PATH=/sbin:/bin:/usr/sbin:/usr/bin 18PATH=/sbin:/bin:/usr/sbin:/usr/bin
19DESC="audit daemon" 19DESC="audit daemon"
20NAME=auditd 20NAME=auditd
21DAEMON=/usr/sbin/auditd 21DAEMON=/sbin/auditd
22PIDFILE=/var/run/"$NAME".pid 22PIDFILE=/var/run/"$NAME".pid
23SCRIPTNAME=/etc/init.d/"$NAME" 23SCRIPTNAME=/etc/init.d/"$NAME"
24 24
@@ -48,7 +48,7 @@ do_start()
48 || return 2 48 || return 2
49 if [ -f /etc/audit/audit.rules ] 49 if [ -f /etc/audit/audit.rules ]
50 then 50 then
51 /usr/sbin/auditctl -R /etc/audit/audit.rules >/dev/null 51 /sbin/auditctl -R /etc/audit/audit.rules >/dev/null
52 fi 52 fi
53} 53}
54 54
@@ -71,7 +71,7 @@ do_stop()
71 # Remove watches so shutdown works cleanly 71 # Remove watches so shutdown works cleanly
72 case "$AUDITD_CLEAN_STOP" in 72 case "$AUDITD_CLEAN_STOP" in
73 no|NO) ;; 73 no|NO) ;;
74 *) /usr/sbin/auditctl -D >/dev/null ;; 74 *) /sbin/auditctl -D >/dev/null ;;
75 esac 75 esac
76 return "$RETVAL" 76 return "$RETVAL"
77} 77}
@@ -86,6 +86,7 @@ do_reload() {
86 86
87if [ ! -e /var/log/audit ]; then 87if [ ! -e /var/log/audit ]; then
88 mkdir -p /var/log/audit 88 mkdir -p /var/log/audit
89 [ -x /sbin/restorecon ] && /sbin/restorecon /var/log/audit
89fi 90fi
90 91
91case "$1" in 92case "$1" in
diff --git a/recipes-security/audit/audit-2.2.1/sbin-in-usr.patch b/recipes-security/audit/audit-2.2.1/sbin-in-usr.patch
deleted file mode 100644
index 95f98a2..0000000
--- a/recipes-security/audit/audit-2.2.1/sbin-in-usr.patch
+++ /dev/null
@@ -1,33 +0,0 @@
1Fix sbindir paths in config files
2
3Change the default PATH of apps to reflect the location of sbindir
4in /usr/sbin
5
6Signed-off-by: Amy Fong <amy.fong@windriver.com>
7---
8 audisp/plugins/remote/au-remote.conf | 2 +-
9 init.d/auditd.conf | 2 +-
10 2 files changed, 2 insertions(+), 2 deletions(-)
11
12--- a/audisp/plugins/remote/au-remote.conf
13+++ b/audisp/plugins/remote/au-remote.conf
14@@ -5,7 +5,7 @@
15
16 active = no
17 direction = out
18-path = /sbin/audisp-remote
19+path = /usr/sbin/audisp-remote
20 type = always
21 #args =
22 format = string
23--- a/init.d/auditd.conf
24+++ b/init.d/auditd.conf
25@@ -10,7 +10,7 @@
26 freq = 20
27 num_logs = 5
28 disp_qos = lossy
29-dispatcher = /sbin/audispd
30+dispatcher = /usr/sbin/audispd
31 name_format = NONE
32 ##name = mydomain
33 max_log_file = 6
diff --git a/recipes-security/audit/audit_2.2.1.bb b/recipes-security/audit/audit_2.2.1.bb
index e12c90a..4d94025 100644
--- a/recipes-security/audit/audit_2.2.1.bb
+++ b/recipes-security/audit/audit_2.2.1.bb
@@ -4,7 +4,7 @@ storing and searching the audit records generated by the audit subsystem \
4in the Linux kernel." 4in the Linux kernel."
5HOMEPAGE = "http://people.redhat.com/sgrubb/audit/" 5HOMEPAGE = "http://people.redhat.com/sgrubb/audit/"
6SECTION = "base" 6SECTION = "base"
7PR = "r4" 7PR = "r5"
8LICENSE = "GPLv2+ & LGPLv2+" 8LICENSE = "GPLv2+ & LGPLv2+"
9LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f" 9LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f"
10 10
@@ -14,7 +14,6 @@ SRC_URI = "http://people.redhat.com/sgrubb/audit/audit-${PV}.tar.gz \
14 14
15SRC_URI += "file://2.2.1-audit-for-cross-compiling.patch \ 15SRC_URI += "file://2.2.1-audit-for-cross-compiling.patch \
16 file://audit-python-configure.patch \ 16 file://audit-python-configure.patch \
17 file://sbin-in-usr.patch \
18 file://auditd" 17 file://auditd"
19 18
20inherit autotools pythonnative update-rc.d 19inherit autotools pythonnative update-rc.d
@@ -35,6 +34,7 @@ EXTRA_OECONF += "--without-prelude \
35 --with-libcap-ng=yes \ 34 --with-libcap-ng=yes \
36 --with-python=yes \ 35 --with-python=yes \
37 --libdir=${base_libdir} \ 36 --libdir=${base_libdir} \
37 --sbindir=${base_sbindir} \
38 " 38 "
39 39
40EXTRA_OEMAKE += "PYLIBVER='python${PYTHON_BASEVERSION}' \ 40EXTRA_OEMAKE += "PYLIBVER='python${PYTHON_BASEVERSION}' \
@@ -52,7 +52,7 @@ PACKAGES =+ "audispd-plugins"
52PACKAGES += "auditd ${PN}-python" 52PACKAGES += "auditd ${PN}-python"
53 53
54FILES_${PN} = "${sysconfdir}/libaudit.conf ${base_libdir}/libaudit.so.1* ${base_libdir}/libauparse.so.*" 54FILES_${PN} = "${sysconfdir}/libaudit.conf ${base_libdir}/libaudit.so.1* ${base_libdir}/libauparse.so.*"
55FILES_auditd += "${bindir}/* ${sbindir}/* ${sysconfdir}/*" 55FILES_auditd += "${bindir}/* ${base_sbindir}/* ${sysconfdir}/*"
56FILES_audispd-plugins += "${sysconfdir}/audisp/audisp-remote.conf \ 56FILES_audispd-plugins += "${sysconfdir}/audisp/audisp-remote.conf \
57 ${sysconfdir}/audisp/plugins.d/au-remote.conf \ 57 ${sysconfdir}/audisp/plugins.d/au-remote.conf \
58 ${sbindir}/audisp-remote ${localstatedir}/spool/audit \ 58 ${sbindir}/audisp-remote ${localstatedir}/spool/audit \
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-07-25 23:42:05 +0000