audit: pkg now in meta-oe

Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
author: Armin Kuster <akuster808@gmail.com> 2021-05-13 22:21:05 -0700
committer: Joe MacDonald <joe@deserted.net> 2021-05-14 09:26:05 -0400
commit: 29e586d1b40767a836e85bfb74c2a68b9ed76d3b (patch)
tree: 30c04ec652ed7900313ea2750b6983efd32ce97d
parent: 48038b45dc114592991c069eb66d174820c0701d (diff)
download: meta-selinux-29e586d1b40767a836e85bfb74c2a68b9ed76d3b.tar.gz
5 files changed, 0 insertions, 348 deletions
diff --git a/recipes-security/audit/audit/Fixed-swig-host-contamination-issue.patch b/recipes-security/audit/audit/Fixed-swig-host-contamination-issue.patch
deleted file mode 100644
index 740bcb5..0000000
--- a/recipes-security/audit/audit/Fixed-swig-host-contamination-issue.patch
+++ /dev/null
@@ -1,57 +0,0 @@
-From 3d13f92c1bb293523670ba01aea7e655b00a6709 Mon Sep 17 00:00:00 2001
-From: Li xin <lixin.fnst@cn.fujitsu.com>
-Date: Sun, 19 Jul 2015 02:42:58 +0900
-Subject: [PATCH] audit: Fixed swig host contamination issue
-The audit build uses swig to generate a python wrapper.
-Unfortunately, the swig info file references host include
-directories.  Some of these were previously noticed and
-eliminated, but the one fixed here was not.
-Upstream-Status: Inappropriate [embedded specific]
-Signed-off-by: Anders Hedlund <anders.hedlund@windriver.com>
-Signed-off-by: Joe Slater <jslater@windriver.com>
-Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
---
- bindings/swig/python3/Makefile.am | 3 ++-
- bindings/swig/src/auditswig.i     | 2 +-
- 2 files changed, 3 insertions(+), 2 deletions(-)
-diff --git a/bindings/swig/python3/Makefile.am b/bindings/swig/python3/Makefile.am
-index dd9d934..61b486d 100644
--- a/bindings/swig/python3/Makefile.am
-+++ b/bindings/swig/python3/Makefile.am
-@@ -22,6 +22,7 @@
- CONFIG_CLEAN_FILES = *.loT *.rej *.orig
- AM_CFLAGS = -fPIC -DPIC -fno-strict-aliasing $(PYTHON3_CFLAGS)
- AM_CPPFLAGS = -I. -I$(top_builddir) -I${top_srcdir}/lib $(PYTHON3_INCLUDES)
-+STDINC ?= /usr/include
- LIBS = $(top_builddir)/lib/libaudit.la
- SWIG_FLAGS = -python -py3 -modern
- SWIG_INCLUDES = -I. -I$(top_builddir) -I${top_srcdir}/lib $(PYTHON3_INCLUDES)
-@@ -36,7 +37,7 @@ _audit_la_DEPENDENCIES =${top_srcdir}/lib/libaudit.h ${top_builddir}/lib/libaudi
- _audit_la_LIBADD = ${top_builddir}/lib/libaudit.la
- nodist__audit_la_SOURCES  = audit_wrap.c
- audit.py audit_wrap.c: ${srcdir}/../src/auditswig.i 
-       swig -o audit_wrap.c ${SWIG_FLAGS} ${SWIG_INCLUDES} ${srcdir}/../src/auditswig.i 
-+       swig -o audit_wrap.c ${SWIG_FLAGS} ${SWIG_INCLUDES} -I$(STDINC) ${srcdir}/../src/auditswig.i
- 
- CLEANFILES = audit.py* audit_wrap.c *~
- 
-diff --git a/bindings/swig/src/auditswig.i b/bindings/swig/src/auditswig.i
-index 21aafca..dd0f62c 100644
--- a/bindings/swig/src/auditswig.i
-+++ b/bindings/swig/src/auditswig.i
-@@ -39,7 +39,7 @@ signed
- #define __attribute(X) /*nothing*/
- typedef unsigned __u32;
- typedef unsigned uid_t;
-%include "/usr/include/linux/audit.h"
-+%include "linux/audit.h"
- #define __extension__ /*nothing*/
- %include <stdint.i>
- %include "../lib/libaudit.h"
-- 
-2.17.1
diff --git a/recipes-security/audit/audit/audit-volatile.conf b/recipes-security/audit/audit/audit-volatile.conf
deleted file mode 100644
index 9cbe154..0000000
--- a/recipes-security/audit/audit/audit-volatile.conf
+++ /dev/null
@@ -1 +0,0 @@
-d  /var/log/audit 0750 root root -
diff --git a/recipes-security/audit/audit/auditd b/recipes-security/audit/audit/auditd
deleted file mode 100644
index 6aa7f94..0000000
--- a/recipes-security/audit/audit/auditd
+++ /dev/null
@@ -1,153 +0,0 @@
-#! /bin/sh
-### BEGIN INIT INFO
-# Provides:          auditd
-# Required-Start:    $local_fs
-# Required-Stop:     $local_fs
-# Default-Start:     2 3 4 5
-# Default-Stop:      0 1 6
-# Short-Description: Audit Daemon
-# Description:       Collects audit information from Linux 2.6 Kernels.
-### END INIT INFO
-# Author: Philipp Matthias Hahn <pmhahn@debian.org>
-# Based on Debians /etc/init.d/skeleton and Auditds init.d/auditd.init
-# June, 2012: Adopted for yocto <amy.fong@windriver.com>
-# PATH should only include /usr/* if it runs after the mountnfs.sh script
-PATH=/sbin:/bin:/usr/sbin:/usr/bin
-DESC="audit daemon"
-NAME=auditd
-DAEMON=/sbin/auditd
-PIDFILE=/var/run/"$NAME".pid
-SCRIPTNAME=/etc/init.d/"$NAME"
-# Exit if the package is not installed
-[ -x "$DAEMON" ] || exit 0
-# Read configuration variable file if it is present
-[ -r /etc/default/"$NAME" ] && . /etc/default/"$NAME"
-. /etc/default/rcS
-. /etc/init.d/functions
-#
-# Function that starts the daemon/service
-#
-do_start()
-{
-        # Return
-        #   0 if daemon has been started
-        #   1 if daemon was already running
-        #   2 if daemon could not be started
-        start-stop-daemon -S --quiet --pidfile "$PIDFILE" --exec "$DAEMON" --test > /dev/null \
-                || return 1
-        start-stop-daemon -S --quiet --pidfile "$PIDFILE" --exec "$DAEMON" -- \
-                $EXTRAOPTIONS \
-                || return 2
-        if [ -f /etc/audit/audit.rules ]
-        then
-                /sbin/auditctl -R /etc/audit/audit.rules >/dev/null
-        fi
-}
-#
-# Function that stops the daemon/service
-#
-do_stop()
-{
-        # Return
-        #   0 if daemon has been stopped
-        #   1 if daemon was already stopped
-        #   2 if daemon could not be stopped
-        #   other if a failure occurred
-        start-stop-daemon -K --quiet --pidfile "$PIDFILE" --name "$NAME"
-        RETVAL="$?"
-        [ "$RETVAL" = 2 ] && return 2
-        # Many daemons don't delete their pidfiles when they exit.
-        rm -f "$PIDFILE"
-        rm -f /var/run/audit_events
-        # Remove watches so shutdown works cleanly
-        case "$AUDITD_CLEAN_STOP" in
-                no|NO) ;;
-                *) /sbin/auditctl -D >/dev/null ;;
-        esac
-        return "$RETVAL"
-}
-#
-# Function that sends a SIGHUP to the daemon/service
-#
-do_reload() {
-        start-stop-daemon -K --signal HUP --quiet --pidfile $PIDFILE --name $NAME
-        return 0
-}
-if [ ! -e /var/log/audit ]; then
-        mkdir -p /var/log/audit
-        [ -x /sbin/restorecon ] && /sbin/restorecon -F $(readlink -f /var/log/audit)
-fi
-case "$1" in
-  start)
-        [ "$VERBOSE" != no ] && echo "Starting $DESC" "$NAME"
-        do_start
-        case "$?" in
-                0|1) [ "$VERBOSE" != no ] && echo 0 ;;
-                2) [ "$VERBOSE" != no ] && echo 1 ;;
-        esac
-        ;;
-  stop)
-        [ "$VERBOSE" != no ] && echo "Stopping $DESC" "$NAME"
-        do_stop
-        case "$?" in
-                0|1) [ "$VERBOSE" != no ] && echo 0 ;;
-                2) [ "$VERBOSE" != no ] && echo 1 ;;
-        esac
-        ;;
-  reload|force-reload)
-        echo "Reloading $DESC" "$NAME"
-        do_reload
-        echo $?
-        ;;
-  restart)
-        echo "Restarting $DESC" "$NAME"
-        do_stop
-        case "$?" in
-          0|1)
-                do_start
-                case "$?" in
-                        0) echo 0 ;;
-                        1) echo 1 ;; # Old process is still running
-                        *) echo 1 ;; # Failed to start
-                esac
-                ;;
-          *)
-                # Failed to stop
-                echo 1
-                ;;
-        esac
-        ;;
-  rotate)
-        echo "Rotating $DESC logs" "$NAME"
-        start-stop-daemon -K --signal USR1 --quiet --pidfile "$PIDFILE" --name "$NAME"
-        echo $?
-        ;;
-  status)
-        pidofproc "$DAEMON" >/dev/null
-        status=$?
-        if [ $status -eq 0 ]; then
-                echo "$NAME is running."
-        else
-                echo "$NAME is not running."
-        fi
-        exit $status
-        ;;
-  *)
-        echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload|rotate|status}" >&2
-        exit 3
-        ;;
-esac
-:
diff --git a/recipes-security/audit/audit/auditd.service b/recipes-security/audit/audit/auditd.service
deleted file mode 100644
index 06c63f0..0000000
--- a/recipes-security/audit/audit/auditd.service
+++ /dev/null
@@ -1,28 +0,0 @@
-[Unit]
-Description=Security Auditing Service
-DefaultDependencies=no
-After=local-fs.target systemd-tmpfiles-setup.service
-Before=sysinit.target shutdown.target
-Conflicts=shutdown.target
-ConditionKernelCommandLine=!audit=0
-[Service]
-Type=forking
-PIDFile=/run/auditd.pid
-ExecStart=/sbin/auditd
-## To use augenrules, uncomment the next line and comment/delete the auditctl line.
-## NOTE: augenrules expect any rules to be added to /etc/audit/rules.d/
-#ExecStartPost=-/sbin/augenrules --load
-ExecStartPost=-/sbin/auditctl -R /etc/audit/audit.rules
-# By default we don't clear the rules on exit.
-# To enable this, uncomment the next line.
-#ExecStopPost=/sbin/auditctl -R /etc/audit/audit-stop.rules
-### Security Settings ###
-MemoryDenyWriteExecute=true
-LockPersonality=true
-ProtectControlGroups=true
-ProtectKernelModules=true
-[Install]
-WantedBy=multi-user.target
diff --git a/recipes-security/audit/audit_3.0.1.bb b/recipes-security/audit/audit_3.0.1.bb
deleted file mode 100644
index ba24d36..0000000
--- a/recipes-security/audit/audit_3.0.1.bb
+++ /dev/null
@@ -1,109 +0,0 @@
-SUMMARY = "User space tools for kernel auditing"
-DESCRIPTION = "The audit package contains the user space utilities for \
-storing and searching the audit records generated by the audit subsystem \
-in the Linux kernel."
-HOMEPAGE = "http://people.redhat.com/sgrubb/audit/"
-SECTION = "base"
-LICENSE = "GPLv2+ & LGPLv2+"
-LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f"
-SRC_URI = "git://github.com/linux-audit/${BPN}-userspace.git;branch=master \
-           file://Fixed-swig-host-contamination-issue.patch \
-           file://auditd \
-           file://auditd.service \
-           file://audit-volatile.conf \
-"
-S = "${WORKDIR}/git"
-SRCREV = "46cb7d92443c9ec7b3af15fb0baa65f65f6415d3"
-inherit autotools python3native update-rc.d systemd
-UPDATERCPN = "auditd"
-INITSCRIPT_NAME = "auditd"
-INITSCRIPT_PARAMS = "defaults"
-SYSTEMD_PACKAGES = "auditd"
-SYSTEMD_SERVICE_auditd = "auditd.service"
-DEPENDS = "python3 tcp-wrappers libcap-ng linux-libc-headers swig-native"
-EXTRA_OECONF = " --with-libwrap \
-        --enable-gssapi-krb5=no \
-        --with-libcap-ng=yes \
-        --with-python3=yes \
-        --libdir=${base_libdir} \
-        --sbindir=${base_sbindir} \
-        --without-python \
-        --without-golang \
-        --disable-zos-remote \
-        --with-arm=yes \
-        --with-aarch64=yes \
-        "
-EXTRA_OEMAKE = "PYLIBVER='python${PYTHON_BASEVERSION}' \
-        PYINC='${STAGING_INCDIR}/$(PYLIBVER)' \
-        pyexecdir=${libdir}/python${PYTHON_BASEVERSION}/site-packages \
-        STDINC='${STAGING_INCDIR}' \
-        pkgconfigdir=${libdir}/pkgconfig \
-        "
-SUMMARY_audispd-plugins = "Plugins for the audit event dispatcher"
-DESCRIPTION_audispd-plugins = "The audispd-plugins package provides plugins for the real-time \
-interface to the audit system, audispd. These plugins can do things \
-like relay events to remote machines or analyze events for suspicious \
-behavior."
-PACKAGES =+ "audispd-plugins"
-PACKAGES += "auditd ${PN}-python"
-FILES_${PN} = "${sysconfdir}/libaudit.conf ${base_libdir}/libaudit.so.1* ${base_libdir}/libauparse.so.*"
-FILES_auditd = "${bindir}/* ${base_sbindir}/* ${sysconfdir}/* ${datadir}/audit/*"
-FILES_audispd-plugins = "${sysconfdir}/audit/audisp-remote.conf \
-        ${sysconfdir}/audit/plugins.d/au-remote.conf \
-        ${sysconfdir}/audit/plugins.d/syslog.conf \
-        ${base_sbindir}/audisp-remote \
-        ${base_sbindir}/audisp-syslog \
-        ${localstatedir}/spool/audit \
-        "
-FILES_${PN}-dbg += "${libdir}/python${PYTHON_BASEVERSION}/*/.debug"
-FILES_${PN}-python = "${libdir}/python${PYTHON_BASEVERSION}"
-CONFFILES_auditd = "${sysconfdir}/audit/audit.rules"
-RDEPENDS_auditd = "bash"
-do_install_append() {
-        rm -f ${D}/${libdir}/python${PYTHON_BASEVERSION}/site-packages/*.a
-        rm -f ${D}/${libdir}/python${PYTHON_BASEVERSION}/site-packages/*.la
-        # reuse auditd config
-        [ ! -e ${D}/etc/default ] && mkdir ${D}/etc/default
-        mv ${D}/etc/sysconfig/auditd ${D}/etc/default
-        rmdir ${D}/etc/sysconfig/
-        # replace init.d
-        install -D -m 0755 ${WORKDIR}/auditd ${D}/etc/init.d/auditd
-        rm -rf ${D}/etc/rc.d
-        if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then
-                # install systemd unit files
-                install -d ${D}${systemd_unitdir}/system
-                install -m 0644 ${WORKDIR}/auditd.service ${D}${systemd_unitdir}/system
-                install -d ${D}${sysconfdir}/tmpfiles.d/
-                install -m 0644 ${WORKDIR}/audit-volatile.conf ${D}${sysconfdir}/tmpfiles.d/
-        fi
-        # audit-2.5 doesn't install any rules by default, so we do that here
-        mkdir -p ${D}/etc/audit ${D}/etc/audit/rules.d
-        cp ${S}/rules/10-base-config.rules ${D}/etc/audit/rules.d/audit.rules
-        chmod 750 ${D}/etc/audit ${D}/etc/audit/rules.d
-        chmod 640 ${D}/etc/audit/auditd.conf ${D}/etc/audit/rules.d/audit.rules
-        # Based on the audit.spec "Copy default rules into place on new installation"
-        cp ${D}/etc/audit/rules.d/audit.rules ${D}/etc/audit/audit.rules
-        # Create /var/spool/audit directory for audisp-remote
-        install -m 0700 -d ${D}${localstatedir}/spool/audit
-}
author	Armin Kuster <akuster808@gmail.com>	2021-05-13 22:21:05 -0700
committer	Joe MacDonald <joe@deserted.net>	2021-05-14 09:26:05 -0400
commit	29e586d1b40767a836e85bfb74c2a68b9ed76d3b (patch)
tree	30c04ec652ed7900313ea2750b6983efd32ce97d
parent	48038b45dc114592991c069eb66d174820c0701d (diff)
download	meta-selinux-29e586d1b40767a836e85bfb74c2a68b9ed76d3b.tar.gz

diff --git a/recipes-security/audit/audit/Fixed-swig-host-contamination-issue.patch b/recipes-security/audit/audit/Fixed-swig-host-contamination-issue.patch deleted file mode 100644 index 740bcb5..0000000 --- a/recipes-security/audit/audit/Fixed-swig-host-contamination-issue.patch +++ /dev/null
@@ -1,57 +0,0 @@
1	From 3d13f92c1bb293523670ba01aea7e655b00a6709 Mon Sep 17 00:00:00 2001
2	From: Li xin <lixin.fnst@cn.fujitsu.com>
3	Date: Sun, 19 Jul 2015 02:42:58 +0900
4	Subject: [PATCH] audit: Fixed swig host contamination issue
5
6	The audit build uses swig to generate a python wrapper.
7	Unfortunately, the swig info file references host include
8	directories. Some of these were previously noticed and
9	eliminated, but the one fixed here was not.
10
11	Upstream-Status: Inappropriate [embedded specific]
12
13	Signed-off-by: Anders Hedlund <anders.hedlund@windriver.com>
14	Signed-off-by: Joe Slater <jslater@windriver.com>
15	Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
16	---
17	bindings/swig/python3/Makefile.am \| 3 ++-
18	bindings/swig/src/auditswig.i \| 2 +-
19	2 files changed, 3 insertions(+), 2 deletions(-)
20
21	diff --git a/bindings/swig/python3/Makefile.am b/bindings/swig/python3/Makefile.am
22	index dd9d934..61b486d 100644
23	--- a/bindings/swig/python3/Makefile.am
24	+++ b/bindings/swig/python3/Makefile.am
25	@@ -22,6 +22,7 @@
26	CONFIG_CLEAN_FILES = .loT .rej *.orig
27	AM_CFLAGS = -fPIC -DPIC -fno-strict-aliasing $(PYTHON3_CFLAGS)
28	AM_CPPFLAGS = -I. -I$(top_builddir) -I${top_srcdir}/lib $(PYTHON3_INCLUDES)
29	+STDINC ?= /usr/include
30	LIBS = $(top_builddir)/lib/libaudit.la
31	SWIG_FLAGS = -python -py3 -modern
32	SWIG_INCLUDES = -I. -I$(top_builddir) -I${top_srcdir}/lib $(PYTHON3_INCLUDES)
33	@@ -36,7 +37,7 @@ _audit_la_DEPENDENCIES =${top_srcdir}/lib/libaudit.h ${top_builddir}/lib/libaudi
34	_audit_la_LIBADD = ${top_builddir}/lib/libaudit.la
35	nodist__audit_la_SOURCES = audit_wrap.c
36	audit.py audit_wrap.c: ${srcdir}/../src/auditswig.i
37	- swig -o audit_wrap.c ${SWIG_FLAGS} ${SWIG_INCLUDES} ${srcdir}/../src/auditswig.i
38	+ swig -o audit_wrap.c ${SWIG_FLAGS} ${SWIG_INCLUDES} -I$(STDINC) ${srcdir}/../src/auditswig.i
39
40	CLEANFILES = audit.py* audit_wrap.c *~
41
42	diff --git a/bindings/swig/src/auditswig.i b/bindings/swig/src/auditswig.i
43	index 21aafca..dd0f62c 100644
44	--- a/bindings/swig/src/auditswig.i
45	+++ b/bindings/swig/src/auditswig.i
46	@@ -39,7 +39,7 @@ signed
47	#define __attribute(X) /nothing/
48	typedef unsigned __u32;
49	typedef unsigned uid_t;
50	-%include "/usr/include/linux/audit.h"
51	+%include "linux/audit.h"
52	#define __extension__ /nothing/
53	%include <stdint.i>
54	%include "../lib/libaudit.h"
55	--
56	2.17.1
57


diff --git a/recipes-security/audit/audit/audit-volatile.conf b/recipes-security/audit/audit/audit-volatile.conf deleted file mode 100644 index 9cbe154..0000000 --- a/recipes-security/audit/audit/audit-volatile.conf +++ /dev/null
@@ -1 +0,0 @@
1	d /var/log/audit 0750 root root -


diff --git a/recipes-security/audit/audit/auditd b/recipes-security/audit/audit/auditd deleted file mode 100644 index 6aa7f94..0000000 --- a/recipes-security/audit/audit/auditd +++ /dev/null
@@ -1,153 +0,0 @@
1	#! /bin/sh
2	### BEGIN INIT INFO
3	# Provides: auditd
4	# Required-Start: $local_fs
5	# Required-Stop: $local_fs
6	# Default-Start: 2 3 4 5
7	# Default-Stop: 0 1 6
8	# Short-Description: Audit Daemon
9	# Description: Collects audit information from Linux 2.6 Kernels.
10	### END INIT INFO
11
12	# Author: Philipp Matthias Hahn <pmhahn@debian.org>
13	# Based on Debians /etc/init.d/skeleton and Auditds init.d/auditd.init
14
15	# June, 2012: Adopted for yocto <amy.fong@windriver.com>
16
17	# PATH should only include /usr/* if it runs after the mountnfs.sh script
18	PATH=/sbin:/bin:/usr/sbin:/usr/bin
19	DESC="audit daemon"
20	NAME=auditd
21	DAEMON=/sbin/auditd
22	PIDFILE=/var/run/"$NAME".pid
23	SCRIPTNAME=/etc/init.d/"$NAME"
24
25	# Exit if the package is not installed
26	[ -x "$DAEMON" ] \|\| exit 0
27
28	# Read configuration variable file if it is present
29	[ -r /etc/default/"$NAME" ] && . /etc/default/"$NAME"
30
31	. /etc/default/rcS
32
33	. /etc/init.d/functions
34
35	#
36	# Function that starts the daemon/service
37	#
38	do_start()
39	{
40	# Return
41	# 0 if daemon has been started
42	# 1 if daemon was already running
43	# 2 if daemon could not be started
44	start-stop-daemon -S --quiet --pidfile "$PIDFILE" --exec "$DAEMON" --test > /dev/null \
45	\|\| return 1
46	start-stop-daemon -S --quiet --pidfile "$PIDFILE" --exec "$DAEMON" -- \
47	$EXTRAOPTIONS \
48	\|\| return 2
49	if [ -f /etc/audit/audit.rules ]
50	then
51	/sbin/auditctl -R /etc/audit/audit.rules >/dev/null
52	fi
53	}
54
55	#
56	# Function that stops the daemon/service
57	#
58	do_stop()
59	{
60	# Return
61	# 0 if daemon has been stopped
62	# 1 if daemon was already stopped
63	# 2 if daemon could not be stopped
64	# other if a failure occurred
65	start-stop-daemon -K --quiet --pidfile "$PIDFILE" --name "$NAME"
66	RETVAL="$?"
67	[ "$RETVAL" = 2 ] && return 2
68	# Many daemons don't delete their pidfiles when they exit.
69	rm -f "$PIDFILE"
70	rm -f /var/run/audit_events
71	# Remove watches so shutdown works cleanly
72	case "$AUDITD_CLEAN_STOP" in
73	no\|NO) ;;
74	*) /sbin/auditctl -D >/dev/null ;;
75	esac
76	return "$RETVAL"
77	}
78
79	#
80	# Function that sends a SIGHUP to the daemon/service
81	#
82	do_reload() {
83	start-stop-daemon -K --signal HUP --quiet --pidfile $PIDFILE --name $NAME
84	return 0
85	}
86
87	if [ ! -e /var/log/audit ]; then
88	mkdir -p /var/log/audit
89	[ -x /sbin/restorecon ] && /sbin/restorecon -F $(readlink -f /var/log/audit)
90	fi
91
92	case "$1" in
93	start)
94	[ "$VERBOSE" != no ] && echo "Starting $DESC" "$NAME"
95	do_start
96	case "$?" in
97	0\|1) [ "$VERBOSE" != no ] && echo 0 ;;
98	2) [ "$VERBOSE" != no ] && echo 1 ;;
99	esac
100	;;
101	stop)
102	[ "$VERBOSE" != no ] && echo "Stopping $DESC" "$NAME"
103	do_stop
104	case "$?" in
105	0\|1) [ "$VERBOSE" != no ] && echo 0 ;;
106	2) [ "$VERBOSE" != no ] && echo 1 ;;
107	esac
108	;;
109	reload\|force-reload)
110	echo "Reloading $DESC" "$NAME"
111	do_reload
112	echo $?
113	;;
114	restart)
115	echo "Restarting $DESC" "$NAME"
116	do_stop
117	case "$?" in
118	0\|1)
119	do_start
120	case "$?" in
121	0) echo 0 ;;
122	1) echo 1 ;; # Old process is still running
123	*) echo 1 ;; # Failed to start
124	esac
125	;;
126	*)
127	# Failed to stop
128	echo 1
129	;;
130	esac
131	;;
132	rotate)
133	echo "Rotating $DESC logs" "$NAME"
134	start-stop-daemon -K --signal USR1 --quiet --pidfile "$PIDFILE" --name "$NAME"
135	echo $?
136	;;
137	status)
138	pidofproc "$DAEMON" >/dev/null
139	status=$?
140	if [ $status -eq 0 ]; then
141	echo "$NAME is running."
142	else
143	echo "$NAME is not running."
144	fi
145	exit $status
146	;;
147	*)
148	echo "Usage: $SCRIPTNAME {start\|stop\|restart\|reload\|force-reload\|rotate\|status}" >&2
149	exit 3
150	;;
151	esac
152
153	:


diff --git a/recipes-security/audit/audit/auditd.service b/recipes-security/audit/audit/auditd.service deleted file mode 100644 index 06c63f0..0000000 --- a/recipes-security/audit/audit/auditd.service +++ /dev/null
@@ -1,28 +0,0 @@
1	[Unit]
2	Description=Security Auditing Service
3	DefaultDependencies=no
4	After=local-fs.target systemd-tmpfiles-setup.service
5	Before=sysinit.target shutdown.target
6	Conflicts=shutdown.target
7	ConditionKernelCommandLine=!audit=0
8
9	[Service]
10	Type=forking
11	PIDFile=/run/auditd.pid
12	ExecStart=/sbin/auditd
13	## To use augenrules, uncomment the next line and comment/delete the auditctl line.
14	## NOTE: augenrules expect any rules to be added to /etc/audit/rules.d/
15	#ExecStartPost=-/sbin/augenrules --load
16	ExecStartPost=-/sbin/auditctl -R /etc/audit/audit.rules
17	# By default we don't clear the rules on exit.
18	# To enable this, uncomment the next line.
19	#ExecStopPost=/sbin/auditctl -R /etc/audit/audit-stop.rules
20
21	### Security Settings ###
22	MemoryDenyWriteExecute=true
23	LockPersonality=true
24	ProtectControlGroups=true
25	ProtectKernelModules=true
26
27	[Install]
28	WantedBy=multi-user.target


diff --git a/recipes-security/audit/audit_3.0.1.bb b/recipes-security/audit/audit_3.0.1.bb deleted file mode 100644 index ba24d36..0000000 --- a/recipes-security/audit/audit_3.0.1.bb +++ /dev/null
@@ -1,109 +0,0 @@
1	SUMMARY = "User space tools for kernel auditing"
2	DESCRIPTION = "The audit package contains the user space utilities for \
3	storing and searching the audit records generated by the audit subsystem \
4	in the Linux kernel."
5	HOMEPAGE = "http://people.redhat.com/sgrubb/audit/"
6	SECTION = "base"
7	LICENSE = "GPLv2+ & LGPLv2+"
8	LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f"
9
10	SRC_URI = "git://github.com/linux-audit/${BPN}-userspace.git;branch=master \
11	file://Fixed-swig-host-contamination-issue.patch \
12	file://auditd \
13	file://auditd.service \
14	file://audit-volatile.conf \
15	"
16
17	S = "${WORKDIR}/git"
18	SRCREV = "46cb7d92443c9ec7b3af15fb0baa65f65f6415d3"
19
20	inherit autotools python3native update-rc.d systemd
21
22	UPDATERCPN = "auditd"
23	INITSCRIPT_NAME = "auditd"
24	INITSCRIPT_PARAMS = "defaults"
25
26	SYSTEMD_PACKAGES = "auditd"
27	SYSTEMD_SERVICE_auditd = "auditd.service"
28
29	DEPENDS = "python3 tcp-wrappers libcap-ng linux-libc-headers swig-native"
30
31	EXTRA_OECONF = " --with-libwrap \
32	--enable-gssapi-krb5=no \
33	--with-libcap-ng=yes \
34	--with-python3=yes \
35	--libdir=${base_libdir} \
36	--sbindir=${base_sbindir} \
37	--without-python \
38	--without-golang \
39	--disable-zos-remote \
40	--with-arm=yes \
41	--with-aarch64=yes \
42	"
43
44	EXTRA_OEMAKE = "PYLIBVER='python${PYTHON_BASEVERSION}' \
45	PYINC='${STAGING_INCDIR}/$(PYLIBVER)' \
46	pyexecdir=${libdir}/python${PYTHON_BASEVERSION}/site-packages \
47	STDINC='${STAGING_INCDIR}' \
48	pkgconfigdir=${libdir}/pkgconfig \
49	"
50
51	SUMMARY_audispd-plugins = "Plugins for the audit event dispatcher"
52	DESCRIPTION_audispd-plugins = "The audispd-plugins package provides plugins for the real-time \
53	interface to the audit system, audispd. These plugins can do things \
54	like relay events to remote machines or analyze events for suspicious \
55	behavior."
56
57	PACKAGES =+ "audispd-plugins"
58	PACKAGES += "auditd ${PN}-python"
59
60	FILES_${PN} = "${sysconfdir}/libaudit.conf ${base_libdir}/libaudit.so.1* ${base_libdir}/libauparse.so.*"
61	FILES_auditd = "${bindir}/* ${base_sbindir}/* ${sysconfdir}/* ${datadir}/audit/*"
62	FILES_audispd-plugins = "${sysconfdir}/audit/audisp-remote.conf \
63	${sysconfdir}/audit/plugins.d/au-remote.conf \
64	${sysconfdir}/audit/plugins.d/syslog.conf \
65	${base_sbindir}/audisp-remote \
66	${base_sbindir}/audisp-syslog \
67	${localstatedir}/spool/audit \
68	"
69	FILES_${PN}-dbg += "${libdir}/python${PYTHON_BASEVERSION}/*/.debug"
70	FILES_${PN}-python = "${libdir}/python${PYTHON_BASEVERSION}"
71
72	CONFFILES_auditd = "${sysconfdir}/audit/audit.rules"
73	RDEPENDS_auditd = "bash"
74
75	do_install_append() {
76	rm -f ${D}/${libdir}/python${PYTHON_BASEVERSION}/site-packages/*.a
77	rm -f ${D}/${libdir}/python${PYTHON_BASEVERSION}/site-packages/*.la
78
79	# reuse auditd config
80	[ ! -e ${D}/etc/default ] && mkdir ${D}/etc/default
81	mv ${D}/etc/sysconfig/auditd ${D}/etc/default
82	rmdir ${D}/etc/sysconfig/
83
84	# replace init.d
85	install -D -m 0755 ${WORKDIR}/auditd ${D}/etc/init.d/auditd
86	rm -rf ${D}/etc/rc.d
87
88	if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then
89	# install systemd unit files
90	install -d ${D}${systemd_unitdir}/system
91	install -m 0644 ${WORKDIR}/auditd.service ${D}${systemd_unitdir}/system
92
93	install -d ${D}${sysconfdir}/tmpfiles.d/
94	install -m 0644 ${WORKDIR}/audit-volatile.conf ${D}${sysconfdir}/tmpfiles.d/
95	fi
96
97	# audit-2.5 doesn't install any rules by default, so we do that here
98	mkdir -p ${D}/etc/audit ${D}/etc/audit/rules.d
99	cp ${S}/rules/10-base-config.rules ${D}/etc/audit/rules.d/audit.rules
100
101	chmod 750 ${D}/etc/audit ${D}/etc/audit/rules.d
102	chmod 640 ${D}/etc/audit/auditd.conf ${D}/etc/audit/rules.d/audit.rules
103
104	# Based on the audit.spec "Copy default rules into place on new installation"
105	cp ${D}/etc/audit/rules.d/audit.rules ${D}/etc/audit/audit.rules
106
107	# Create /var/spool/audit directory for audisp-remote
108	install -m 0700 -d ${D}${localstatedir}/spool/audit
109	}