| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Based on oe-core commit:
commit 1528e596d4906c33e4be83fcf691cfe76d340ff3
Author: Otavio Salvador <otavio@ossystems.com.br>
Date: Thu Apr 24 15:59:20 2014 -0300
Globally replace 'base_contains' calls with 'bb.utils.contains'
The base_contains is kept as a compatibility method and we ought to not
use it in OE-Core so we can remove it from base metadata in future.
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Audit System Call needs kernel and user space support.
In user space it needs system call table for ARM. It also needs a
configure option --with-armeb for build audit. Audit system call also
needs enable kernel config CONFIG_AUDITSYSCALL.
Signed-off-by: Han Chao <chan@windriver.com>
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Various components were failing, and upon investigation it was noted
that the audit.rules file referenced by the initscript wasn't available.
There was however a copy under the rules.d directory. Investigating
the audit.spec file (which in the upstream source) showed that it was
expected that the version in the rules.d should be copied into
/etc/audit.
Do this and correct the systemd services file to use the same file.
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
|
| |
|
|
|
|
|
| |
A ordinary use should not to access auditd configuration files
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
|
| |
|
|
|
|
|
| |
Audit unit file is from https://fedorahosted.org/audit/browser/trunk/init.d/auditd.service
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
|
| |
|
|
|
|
|
| |
This reverts commit 146bd8c6bc3bc0e9e96a8517263f28f7915b871d.
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Xin Ouyang <xin.ouyang@windriver.com>
|
| |
|
|
| |
Signed-off-by: Xin Ouyang <xin.ouyang@windriver.com>
|
| |
|
|
|
|
|
| |
Building libsemanage 2.2 need the header libaudit.h.
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
|
| |
|
|
|
|
|
|
|
| |
The previous approach works well for modern hosts but older ones still
require the pre-gen'd header files to behave nicely in a x-compile
environment. So we generate them, patch them in and remove the bits of
the Makefile that may take it upon itself to re-gen them again.
Signed-off-by: Joe MacDonald <joe@deserted.net>
|
| |
|
|
|
|
|
|
| |
Refactor the audit cross compiling patch. The new patch might have some minor
host dependencies. If so, let me know!
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
|
| |
|
|
|
|
|
|
|
|
|
| |
In policycoreutils-2.13+, restorecon changes its default behaviour,
and does not restore context if the file' type is correct, even its
mcs/mls level is incorrect.
We should force it always to restore file contexts in initscripts to
avoid issues.
Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
CQID: 428272
The audit build uses swig to generate a python wrapper.
Unfortunately, the swig info file references host include
directories. Some of these were previously noticed and
eliminated, but the one fixed here was not.
Signed-off-by: Anders Hedlund <anders.hedlund@windriver.com>
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Default audit Makefile will generate native executables in lib/ and
auparse/, which are named as gen_*_h and run on the hosts to create
*_tables.h/*tabs.h header files for the targets.
This is inappropriate for our cross compiling because they need
linux-libc-headers from the host.
Even worse, on some old hosts, build will fail because some .h files
in the old linux-libc-headers (<= 2.6.29) has incomplete DEFINE lists
for the audit system.
So add *tables.h/*tabs.h header files which are generated from
linux-libc-headers-3.4, and do not generate and run those native
executables.
Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
|
| |
|
|
|
|
|
|
| |
audit admin tools and daemons should install to base_sbindir, so
they can get correct security labels after selinux restorecon
command.
Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
|
| |
|
|
|
|
| |
CQID: WIND00397456
Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Rename two packages and change files in them.
* audit-libs -> audit : main package, for libraries
* audit -> auditd : for daemon binaries
Libraries are changed to install into ${base_libdir}.
The two fixes are used to fix QA issues and fit the Debian policy.
Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
|
| |
|
|
|
|
|
|
|
| |
eglibc-2.16 splits enum __socket_type from bits/socket.h to
bits/socket_type.h, so old eglibc does not have bits/socket_type.h
We should copy it only if it exists.
Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
|
| |
|
|
|
|
|
|
| |
We have copied some target kernel headers in 72fb6da. We may get
build failures because of missing bits/socket_type.h on some hosts,
so add it.
Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
|
| |
|
|
| |
Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Just like audit_2.1.3.bb.
The executables in lib/, which are named as gen_*_h, will run on
the hosts to create *_tables.h/*tabs.h header files for the
targets.
In some old hosts, build will fail because .h files in the old
linux-libc-headers (<= 2.6.29) has incomplete DEFINE lists for
the audit system.
Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
|
| |
|
|
| |
Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
The recipe is derived from 2.1.3 with some changes made.
1. configuration files are updated to look for sbin binaries in /usr/sbin
2. a init.d file was derived from Debian to work with busybox's start-stop-daemon
3. the plugin package contents was fine tuned as some of the files from 2.1.3 were required
to let audit run.
Signed-off-by: Amy Fong <amy.fong@windriver.com>
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
The executables in lib/, which are named as gen_*_h, will run on
the hosts to create *_tables.h/*tabs.h header files for the
targets.
In some old hosts, build will fail because audit.h in the old
linux-libc-headers (<= 2.6.29) has a incomplete netlink message
list for the audit system.
Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
|
| | |
|
|
|
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
|
