From 111815acce0d04b8b02e24df601a15a3ac94c48b Mon Sep 17 00:00:00 2001 From: Anders Hedlund Date: Thu, 1 Aug 2013 10:24:14 -0700 Subject: audit: Fixed swig host contamination issue CQID: 428272 The audit build uses swig to generate a python wrapper. Unfortunately, the swig info file references host include directories. Some of these were previously noticed and eliminated, but the one fixed here was not. Signed-off-by: Anders Hedlund Signed-off-by: Joe Slater Signed-off-by: Mark Hatle --- .../audit/audit/fix-swig-host-contamination.patch | 48 ++++++++++++++++++++++ recipes-security/audit/audit_2.1.3.bb | 7 ++-- recipes-security/audit/audit_2.2.1.bb | 6 ++- 3 files changed, 56 insertions(+), 5 deletions(-) create mode 100644 recipes-security/audit/audit/fix-swig-host-contamination.patch diff --git a/recipes-security/audit/audit/fix-swig-host-contamination.patch b/recipes-security/audit/audit/fix-swig-host-contamination.patch new file mode 100644 index 0000000..16bb173 --- /dev/null +++ b/recipes-security/audit/audit/fix-swig-host-contamination.patch @@ -0,0 +1,48 @@ +audit: Fixed swig host contamination issue + +The audit build uses swig to generate a python wrapper. +Unfortunately, the swig info file references host include +directories. Some of these were previously noticed and +eliminated, but the one fixed here was not. + +Upstream Status: pending + +Signed-off-by: Anders Hedlund +Signed-off-by: Joe Slater + +Index: audit-2.2.1/swig/Makefile.am +=================================================================== +--- audit-2.2.1.orig/swig/Makefile.am ++++ audit-2.2.1/swig/Makefile.am +@@ -25,6 +25,7 @@ AM_CFLAGS = -fPIC -DPIC -fno-strict-alia + PYLIBVER ?= python$(PYTHON_VERSION) + PYINC ?= /usr/include/$(PYLIBVER) + INCLUDES = -I. -I$(top_builddir) -I${top_srcdir}/lib -I$(PYINC) ++STDINC ?= /usr/include + LIBS = $(top_builddir)/lib/libaudit.la + pyexec_PYTHON = audit.py + pyexec_LTLIBRARIES = _audit.la +@@ -34,7 +35,7 @@ _audit_la_HEADERS: $(top_builddir)/confi + _audit_la_DEPENDENCIES =${top_srcdir}/lib/libaudit.h ${top_builddir}/lib/libaudit.la + nodist__audit_la_SOURCES = audit_wrap.c + audit.py audit_wrap.c: ${srcdir}/auditswig.i +- swig -o audit_wrap.c -python ${INCLUDES} ${srcdir}/auditswig.i ++ swig -o audit_wrap.c -python ${INCLUDES} -I$(STDINC) ${srcdir}/auditswig.i + + CLEANFILES = audit.py* audit_wrap.c *~ + +Index: audit-2.2.1/swig/auditswig.i +=================================================================== +--- audit-2.2.1.orig/swig/auditswig.i ++++ audit-2.2.1/swig/auditswig.i +@@ -37,8 +37,8 @@ signed + #define __attribute(X) /*nothing*/ + typedef unsigned __u32; + typedef unsigned uid_t; +-%include "/usr/include/linux/audit.h" ++%include "linux/audit.h" + #define __extension__ /*nothing*/ +-%include "/usr/include/stdint.h" ++%include "stdint.h" + %include "../lib/libaudit.h" + diff --git a/recipes-security/audit/audit_2.1.3.bb b/recipes-security/audit/audit_2.1.3.bb index 8c82918..4cd7554 100644 --- a/recipes-security/audit/audit_2.1.3.bb +++ b/recipes-security/audit/audit_2.1.3.bb @@ -4,7 +4,7 @@ storing and searching the audit records generated by the audit subsystem \ in the Linux kernel." HOMEPAGE = "http://people.redhat.com/sgrubb/audit/" SECTION = "base" -PR = "r1" +PR = "r2" LICENSE = "GPLv2+ & LGPLv2+" LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f" @@ -12,7 +12,8 @@ SRC_URI = "http://people.redhat.com/sgrubb/audit/audit-2.1.3.tar.gz \ file://disable-ldap.patch \ file://audit-python.patch" -SRC_URI += "file://audit-for-cross-compiling.patch" +SRC_URI += "file://audit-for-cross-compiling.patch \ + file://fix-swig-host-contamination.patch" inherit autotools pythonnative @@ -23,7 +24,7 @@ DEPENDS += "python tcp-wrappers libcap-ng linux-libc-headers (>= 2.6.30)" EXTRA_OECONF += "--without-prelude --with-libwrap --enable-gssapi-krb5=no --disable-ldap --with-libcap-ng=yes" -EXTRA_OEMAKE += "PYLIBVER='python${PYTHON_BASEVERSION}' PYINC='${STAGING_INCDIR}/$(PYLIBVER)'" +EXTRA_OEMAKE += "PYLIBVER='python${PYTHON_BASEVERSION}' PYINC='${STAGING_INCDIR}/$(PYLIBVER)' STDINC='${STAGING_INCDIR}'" SUMMARY_audispd-plugins = "Plugins for the audit event dispatcher" DESCRIPTION_audispd-plugins = "The audispd-plugins package provides plugins for the real-time \ diff --git a/recipes-security/audit/audit_2.2.1.bb b/recipes-security/audit/audit_2.2.1.bb index a58b9e1..e0b86e2 100644 --- a/recipes-security/audit/audit_2.2.1.bb +++ b/recipes-security/audit/audit_2.2.1.bb @@ -4,7 +4,7 @@ storing and searching the audit records generated by the audit subsystem \ in the Linux kernel." HOMEPAGE = "http://people.redhat.com/sgrubb/audit/" SECTION = "base" -PR = "r6" +PR = "r7" LICENSE = "GPLv2+ & LGPLv2+" LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f" @@ -15,7 +15,8 @@ SRC_URI = "http://people.redhat.com/sgrubb/audit/audit-${PV}.tar.gz \ SRC_URI += "\ file://audit-python-configure.patch \ file://audit-cross-compiling.patch \ - file://auditd" + file://auditd \ + file://fix-swig-host-contamination.patch" inherit autotools pythonnative update-rc.d @@ -41,6 +42,7 @@ EXTRA_OECONF += "--without-prelude \ EXTRA_OEMAKE += "PYLIBVER='python${PYTHON_BASEVERSION}' \ PYINC='${STAGING_INCDIR}/$(PYLIBVER)' \ pyexecdir=${libdir}/python${PYTHON_BASEVERSION}/site-packages \ + STDINC='${STAGING_INCDIR}' \ " SUMMARY_audispd-plugins = "Plugins for the audit event dispatcher" -- cgit v1.2.3-54-g00ecf