From 11daa2cca45bf395fb3a3a784f7f08f37654bd17 Mon Sep 17 00:00:00 2001 From: Yi Zhao Date: Fri, 5 Jul 2019 15:51:12 +0800 Subject: audit: upgrade 2.8.4 -> 2.8.5 * Drop backport patch: 0001-Remove-strdupa-as-suggested-in-pull-request-25.patch * Refresh all patches. Signed-off-by: Yi Zhao Signed-off-by: Joe MacDonald --- ...e-strdupa-as-suggested-in-pull-request-25.patch | 47 -------- ...ubstitue-functions-for-strndupa-rawmemchr.patch | 134 --------------------- ...ubstitue-functions-for-strndupa-rawmemchr.patch | 133 ++++++++++++++++++++ .../audit/audit/audit-python-configure.patch | 10 +- recipes-security/audit/audit/audit-python.patch | 8 +- recipes-security/audit/audit/auditd | 2 +- .../audit/audit/fix-swig-host-contamination.patch | 22 ++-- recipes-security/audit/audit_2.8.4.bb | 106 ---------------- recipes-security/audit/audit_2.8.5.bb | 105 ++++++++++++++++ 9 files changed, 259 insertions(+), 308 deletions(-) delete mode 100644 recipes-security/audit/audit/0001-Remove-strdupa-as-suggested-in-pull-request-25.patch delete mode 100644 recipes-security/audit/audit/0002-Add-substitue-functions-for-strndupa-rawmemchr.patch create mode 100644 recipes-security/audit/audit/Add-substitue-functions-for-strndupa-rawmemchr.patch delete mode 100644 recipes-security/audit/audit_2.8.4.bb create mode 100644 recipes-security/audit/audit_2.8.5.bb diff --git a/recipes-security/audit/audit/0001-Remove-strdupa-as-suggested-in-pull-request-25.patch b/recipes-security/audit/audit/0001-Remove-strdupa-as-suggested-in-pull-request-25.patch deleted file mode 100644 index 38029aa..0000000 --- a/recipes-security/audit/audit/0001-Remove-strdupa-as-suggested-in-pull-request-25.patch +++ /dev/null @@ -1,47 +0,0 @@ -From a1782b58b687b74249dc8b2411a3f646b821ebd6 Mon Sep 17 00:00:00 2001 -From: Steve Grubb -Date: Thu, 4 Oct 2018 08:45:47 -0400 -Subject: [PATCH] Remove strdupa as suggested in pull request #25 - ---- - src/auditd.c | 11 ++++++----- - 1 file changed, 6 insertions(+), 5 deletions(-) - -Origin: https://github.com/linux-audit/audit-userspace/commit/a1782b58b687b74249dc8b2411a3f646b821ebd6 -Applied-Upstream: yes - -diff --git a/src/auditd.c b/src/auditd.c -index b0952db..c826ec0 100644 ---- a/src/auditd.c -+++ b/src/auditd.c -@@ -209,21 +209,22 @@ static void cont_handler(struct ev_loop *loop, struct ev_signal *sig, - - static int extract_type(const char *str) - { -- const char *tptr, *ptr2, *ptr = str; -+ const char *ptr2, *ptr = str; - if (*str == 'n') { - ptr = strchr(str+1, ' '); - if (ptr == NULL) - return -1; // Malformed - bomb out - ptr++; - } -+ - // ptr should be at 't' - ptr2 = strchr(ptr, ' '); -- // get type=xxx in a buffer -- tptr = strndupa(ptr, ptr2 - ptr); -+ - // find = -- str = strchr(tptr, '='); -- if (str == NULL) -+ str = strchr(ptr, '='); -+ if (str == NULL || str >= ptr2) - return -1; // Malformed - bomb out -+ - // name is 1 past - str++; - return audit_name_to_msg_type(str); --- -2.20.1 - diff --git a/recipes-security/audit/audit/0002-Add-substitue-functions-for-strndupa-rawmemchr.patch b/recipes-security/audit/audit/0002-Add-substitue-functions-for-strndupa-rawmemchr.patch deleted file mode 100644 index c948aa3..0000000 --- a/recipes-security/audit/audit/0002-Add-substitue-functions-for-strndupa-rawmemchr.patch +++ /dev/null @@ -1,134 +0,0 @@ -From 5346b6af0ca67a2965ca5846ae150f3021a2aa17 Mon Sep 17 00:00:00 2001 -From: Steve Grubb -Date: Tue, 26 Feb 2019 18:33:33 -0500 -Subject: [PATCH] Add substitue functions for strndupa & rawmemchr - ---- -Origin: https://github.com/linux-audit/audit-userspace/commit/d579a08bb1cde71f939c13ac6b2261052ae9f77e -Applied-Upstream: yes - - auparse/auparse.c | 12 +++++++++++- - auparse/interpret.c | 9 ++++++++- - configure.ac | 14 +++++++++++++- - src/ausearch-lol.c | 12 +++++++++++- - 4 files changed, 43 insertions(+), 4 deletions(-) - -diff --git a/auparse/auparse.c b/auparse/auparse.c -index f84712e..3764046 100644 ---- a/auparse/auparse.c -+++ b/auparse/auparse.c -@@ -1,5 +1,5 @@ - /* auparse.c -- -- * Copyright 2006-08,2012-17 Red Hat Inc., Durham, North Carolina. -+ * Copyright 2006-08,2012-19 Red Hat Inc., Durham, North Carolina. - * All Rights Reserved. - * - * This library is free software; you can redistribute it and/or -@@ -1100,6 +1100,16 @@ static int str2event(char *s, au_event_t *e) - return 0; - } - -+#ifndef HAVE_STRNDUPA -+static inline char *strndupa(const char *old, size_t n) -+{ -+ size_t len = strnlen(old, n); -+ char *tmp = alloca(len + 1); -+ tmp[len] = 0; -+ return memcpy(tmp, old, len); -+} -+#endif -+ - /* Returns 0 on success and 1 on error */ - static int extract_timestamp(const char *b, au_event_t *e) - { -diff --git a/auparse/interpret.c b/auparse/interpret.c -index 1846f9d..8540bd1 100644 ---- a/auparse/interpret.c -+++ b/auparse/interpret.c -@@ -853,6 +853,13 @@ err_out: - return print_escaped(id->val); - } - -+// rawmemchr is faster. Let's use it if we have it. -+#ifdef HAVE_RAWMEMCHR -+#define STRCHR rawmemchr -+#else -+#define STRCHR strchr -+#endif -+ - static const char *print_proctitle(const char *val) - { - char *out = (char *)print_escaped(val); -@@ -863,7 +870,7 @@ static const char *print_proctitle(const char *val) - // Proctitle has arguments separated by NUL bytes - // We need to write over the NUL bytes with a space - // so that we can see the arguments -- while ((ptr = rawmemchr(ptr, '\0'))) { -+ while ((ptr = STRCHR(ptr, '\0'))) { - if (ptr >= end) - break; - *ptr = ' '; -diff --git a/configure.ac b/configure.ac -index ede7109..97b547f 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -1,7 +1,7 @@ - dnl - define([AC_INIT_NOTICE], - [### Generated automatically using autoconf version] AC_ACVERSION [ --### Copyright 2005-18 Steve Grubb -+### Copyright 2005-19 Steve Grubb - ### - ### Permission is hereby granted, free of charge, to any person obtaining a - ### copy of this software and associated documentation files (the "Software"), -@@ -72,6 +72,18 @@ dnl; posix_fallocate is used in audisp-remote - AC_CHECK_FUNCS([posix_fallocate]) - dnl; signalfd is needed for libev - AC_CHECK_FUNC([signalfd], [], [ AC_MSG_ERROR([The signalfd system call is necessary for auditd]) ]) -+dnl; check if rawmemchr is available -+AC_CHECK_FUNCS([rawmemchr]) -+dnl; check if strndupa is available -+AC_LINK_IFELSE( -+ [AC_LANG_SOURCE( -+ [[ -+ #define _GNU_SOURCE -+ #include -+ int main() { (void) strndupa("test", 10); return 0; }]])], -+ [AC_DEFINE(HAVE_STRNDUPA, 1, [Let us know if we have it or not])], -+ [] -+) - - ALLWARNS="" - ALLDEBUG="-g" -diff --git a/src/ausearch-lol.c b/src/ausearch-lol.c -index 4fbfbae..5eecefe 100644 ---- a/src/ausearch-lol.c -+++ b/src/ausearch-lol.c -@@ -1,6 +1,6 @@ - /* - * ausearch-lol.c - linked list of linked lists library --* Copyright (c) 2008,2010,2014,2016 Red Hat Inc., Durham, North Carolina. -+* Copyright (c) 2008,2010,2014,2016,2019 Red Hat Inc., Durham, North Carolina. - * All Rights Reserved. - * - * This software may be freely redistributed and/or modified under the -@@ -131,6 +131,16 @@ static int inline events_are_equal(event *e1, event *e2) - return 1; - } - -+#ifndef HAVE_STRNDUPA -+static inline char *strndupa(const char *old, size_t n) -+{ -+ size_t len = strnlen(old, n); -+ char *tmp = alloca(len + 1); -+ tmp[len] = 0; -+ return memcpy(tmp, old, len); -+} -+#endif -+ - /* - * This function will look at the line and pick out pieces of it. - */ --- -2.20.1 - diff --git a/recipes-security/audit/audit/Add-substitue-functions-for-strndupa-rawmemchr.patch b/recipes-security/audit/audit/Add-substitue-functions-for-strndupa-rawmemchr.patch new file mode 100644 index 0000000..bb6c61e --- /dev/null +++ b/recipes-security/audit/audit/Add-substitue-functions-for-strndupa-rawmemchr.patch @@ -0,0 +1,133 @@ +From bdcdc3dff4469aac88e718bd15958d5ed4b9392a Mon Sep 17 00:00:00 2001 +From: Steve Grubb +Date: Tue, 26 Feb 2019 18:33:33 -0500 +Subject: [PATCH] Add substitue functions for strndupa & rawmemchr + +Upstream-Status: Backport +[https://github.com/linux-audit/audit-userspace/commit/d579a08bb1cde71f939c13ac6b2261052ae9f77e] +--- + auparse/auparse.c | 12 +++++++++++- + auparse/interpret.c | 9 ++++++++- + configure.ac | 14 +++++++++++++- + src/ausearch-lol.c | 12 +++++++++++- + 4 files changed, 43 insertions(+), 4 deletions(-) + +diff --git a/auparse/auparse.c b/auparse/auparse.c +index 650db02..2e1c737 100644 +--- a/auparse/auparse.c ++++ b/auparse/auparse.c +@@ -1,5 +1,5 @@ + /* auparse.c -- +- * Copyright 2006-08,2012-17 Red Hat Inc., Durham, North Carolina. ++ * Copyright 2006-08,2012-19 Red Hat Inc., Durham, North Carolina. + * All Rights Reserved. + * + * This library is free software; you can redistribute it and/or +@@ -1118,6 +1118,16 @@ static int str2event(char *s, au_event_t *e) + return 0; + } + ++#ifndef HAVE_STRNDUPA ++static inline char *strndupa(const char *old, size_t n) ++{ ++ size_t len = strnlen(old, n); ++ char *tmp = alloca(len + 1); ++ tmp[len] = 0; ++ return memcpy(tmp, old, len); ++} ++#endif ++ + /* Returns 0 on success and 1 on error */ + static int extract_timestamp(const char *b, au_event_t *e) + { +diff --git a/auparse/interpret.c b/auparse/interpret.c +index 51c4a5e..67b7b77 100644 +--- a/auparse/interpret.c ++++ b/auparse/interpret.c +@@ -853,6 +853,13 @@ err_out: + return print_escaped(id->val); + } + ++// rawmemchr is faster. Let's use it if we have it. ++#ifdef HAVE_RAWMEMCHR ++#define STRCHR rawmemchr ++#else ++#define STRCHR strchr ++#endif ++ + static const char *print_proctitle(const char *val) + { + char *out = (char *)print_escaped(val); +@@ -863,7 +870,7 @@ static const char *print_proctitle(const char *val) + // Proctitle has arguments separated by NUL bytes + // We need to write over the NUL bytes with a space + // so that we can see the arguments +- while ((ptr = rawmemchr(ptr, '\0'))) { ++ while ((ptr = STRCHR(ptr, '\0'))) { + if (ptr >= end) + break; + *ptr = ' '; +diff --git a/configure.ac b/configure.ac +index 54bdbf1..aef07fb 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -1,7 +1,7 @@ + dnl + define([AC_INIT_NOTICE], + [### Generated automatically using autoconf version] AC_ACVERSION [ +-### Copyright 2005-18 Steve Grubb ++### Copyright 2005-19 Steve Grubb + ### + ### Permission is hereby granted, free of charge, to any person obtaining a + ### copy of this software and associated documentation files (the "Software"), +@@ -72,6 +72,18 @@ dnl; posix_fallocate is used in audisp-remote + AC_CHECK_FUNCS([posix_fallocate]) + dnl; signalfd is needed for libev + AC_CHECK_FUNC([signalfd], [], [ AC_MSG_ERROR([The signalfd system call is necessary for auditd]) ]) ++dnl; check if rawmemchr is available ++AC_CHECK_FUNCS([rawmemchr]) ++dnl; check if strndupa is available ++AC_LINK_IFELSE( ++ [AC_LANG_SOURCE( ++ [[ ++ #define _GNU_SOURCE ++ #include ++ int main() { (void) strndupa("test", 10); return 0; }]])], ++ [AC_DEFINE(HAVE_STRNDUPA, 1, [Let us know if we have it or not])], ++ [] ++) + + ALLWARNS="" + ALLDEBUG="-g" +diff --git a/src/ausearch-lol.c b/src/ausearch-lol.c +index 5d17a72..758c33e 100644 +--- a/src/ausearch-lol.c ++++ b/src/ausearch-lol.c +@@ -1,6 +1,6 @@ + /* + * ausearch-lol.c - linked list of linked lists library +-* Copyright (c) 2008,2010,2014,2016 Red Hat Inc., Durham, North Carolina. ++* Copyright (c) 2008,2010,2014,2016,2019 Red Hat Inc., Durham, North Carolina. + * All Rights Reserved. + * + * This software may be freely redistributed and/or modified under the +@@ -152,6 +152,16 @@ static int compare_event_time(event *e1, event *e2) + return 0; + } + ++#ifndef HAVE_STRNDUPA ++static inline char *strndupa(const char *old, size_t n) ++{ ++ size_t len = strnlen(old, n); ++ char *tmp = alloca(len + 1); ++ tmp[len] = 0; ++ return memcpy(tmp, old, len); ++} ++#endif ++ + /* + * This function will look at the line and pick out pieces of it. + */ +-- +2.7.4 + diff --git a/recipes-security/audit/audit/audit-python-configure.patch b/recipes-security/audit/audit/audit-python-configure.patch index cb62ec3..37096b0 100644 --- a/recipes-security/audit/audit/audit-python-configure.patch +++ b/recipes-security/audit/audit/audit-python-configure.patch @@ -1,9 +1,9 @@ -From be689ee1748c6aa531dbca982e0218d077ac901c Mon Sep 17 00:00:00 2001 +From 6a2710db094061e1956fac3ed81114d0e958ea21 Mon Sep 17 00:00:00 2001 From: Li xin Date: Sun, 19 Jul 2015 00:49:13 +0900 Subject: [PATCH] audit: python cross-compile -Upstream-Status: pending +Upstream-Status: Inappropriate [embedded specific] Signed-off-by: Xin Ouyang Signed-off-by: Li Xin @@ -14,10 +14,10 @@ Signed-off-by: T.O. Radzy Radzykewycz 1 file changed, 2 insertions(+), 15 deletions(-) diff --git a/configure.ac b/configure.ac -index 1f48cb4..cdb5219 100644 +index 6e345f1..54bdbf1 100644 --- a/configure.ac +++ b/configure.ac -@@ -94,21 +94,8 @@ if test x$use_python = xno ; then +@@ -99,21 +99,8 @@ if test "x$use_python" = xno ; then else AC_MSG_RESULT(testing) AM_PATH_PYTHON @@ -42,5 +42,5 @@ index 1f48cb4..cdb5219 100644 AM_CONDITIONAL(HAVE_PYTHON, test ${python_found} = "yes") -- -1.9.1 +2.7.4 diff --git a/recipes-security/audit/audit/audit-python.patch b/recipes-security/audit/audit/audit-python.patch index 0c2dc1c..c1a2595 100644 --- a/recipes-security/audit/audit/audit-python.patch +++ b/recipes-security/audit/audit/audit-python.patch @@ -1,8 +1,10 @@ -From 9c8fd14feabe985242ef08e52c3e866d7755fa6e Mon Sep 17 00:00:00 2001 +From 9d95d7e28a2c4cbefa998d375de180c731a151b1 Mon Sep 17 00:00:00 2001 From: Li xin Date: Sun, 19 Jul 2015 01:40:48 +0900 Subject: [PATCH] Remove hard coded python include directory +Upstream-Status: Inappropriate [embedded specific] + Signed-off-by: Mark Hatle --- bindings/Makefile.am | 8 +++++++- @@ -11,7 +13,7 @@ Signed-off-by: Mark Hatle 3 files changed, 12 insertions(+), 4 deletions(-) diff --git a/bindings/Makefile.am b/bindings/Makefile.am -index cc68df3..998b990 100644 +index 5b5c576..7a15205 100644 --- a/bindings/Makefile.am +++ b/bindings/Makefile.am @@ -22,4 +22,10 @@ @@ -58,5 +60,5 @@ index 8c98b94..ae7c52b 100644 pyexec_LTLIBRARIES = _audit.la pyexec_SOLIBRARIES = _audit.so -- -1.8.4.2 +2.7.4 diff --git a/recipes-security/audit/audit/auditd b/recipes-security/audit/audit/auditd index fcd96c9..cda2e43 100755 --- a/recipes-security/audit/audit/auditd +++ b/recipes-security/audit/audit/auditd @@ -30,7 +30,7 @@ SCRIPTNAME=/etc/init.d/"$NAME" . /etc/default/rcS -. /etc/init.d/functions +. /etc/init.d/functions # # Function that starts the daemon/service diff --git a/recipes-security/audit/audit/fix-swig-host-contamination.patch b/recipes-security/audit/audit/fix-swig-host-contamination.patch index faeeeeb..184f515 100644 --- a/recipes-security/audit/audit/fix-swig-host-contamination.patch +++ b/recipes-security/audit/audit/fix-swig-host-contamination.patch @@ -1,4 +1,4 @@ -From d7577e1e55595123e3bcec78fa4a79fe8a314fe5 Mon Sep 17 00:00:00 2001 +From bd70f570ffb82991feb7a539ac1abf3165d417a4 Mon Sep 17 00:00:00 2001 From: Li xin Date: Sun, 19 Jul 2015 02:42:58 +0900 Subject: [PATCH] audit: Fixed swig host contamination issue @@ -8,17 +8,17 @@ Unfortunately, the swig info file references host include directories. Some of these were previously noticed and eliminated, but the one fixed here was not. -Upstream Status: pending +Upstream-Status: Inappropriate [embedded specific] Signed-off-by: Anders Hedlund Signed-off-by: Joe Slater --- bindings/swig/python/Makefile.am | 3 ++- - bindings/swig/src/auditswig.i | 4 ++-- - 2 files changed, 4 insertions(+), 3 deletions(-) + bindings/swig/src/auditswig.i | 2 +- + 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/bindings/swig/python/Makefile.am b/bindings/swig/python/Makefile.am -index ae7c52b..d1bb93c 100644 +index ae7c52b..c580bc0 100644 --- a/bindings/swig/python/Makefile.am +++ b/bindings/swig/python/Makefile.am @@ -22,6 +22,7 @@ @@ -34,25 +34,23 @@ index ae7c52b..d1bb93c 100644 nodist__audit_la_SOURCES = audit_wrap.c audit.py audit_wrap.c: ${srcdir}/../src/auditswig.i - swig -o audit_wrap.c ${SWIG_FLAGS} ${SWIG_INCLUDES} ${srcdir}/../src/auditswig.i -+ swig -o audit_wrap.c ${SWIG_FLAGS} ${SWIG_INCLUDES} -I$(STDINC) ${srcdir}/../src/auditswig.i ++ swig -o audit_wrap.c ${SWIG_FLAGS} ${SWIG_INCLUDES} -I$(STDINC) ${srcdir}/../src/auditswig.i CLEANFILES = audit.py* audit_wrap.c *~ diff --git a/bindings/swig/src/auditswig.i b/bindings/swig/src/auditswig.i -index 9364ac4..48667d4 100644 +index 7ebb373..424fb68 100644 --- a/bindings/swig/src/auditswig.i +++ b/bindings/swig/src/auditswig.i -@@ -39,8 +39,8 @@ signed +@@ -39,7 +39,7 @@ signed #define __attribute(X) /*nothing*/ typedef unsigned __u32; typedef unsigned uid_t; -%include "/usr/include/linux/audit.h" +%include "linux/audit.h" #define __extension__ /*nothing*/ --%include "/usr/include/stdint.h" -+%include "stdint.h" + #include %include "../lib/libaudit.h" - -- -1.8.4.2 +2.7.4 diff --git a/recipes-security/audit/audit_2.8.4.bb b/recipes-security/audit/audit_2.8.4.bb deleted file mode 100644 index 594786a..0000000 --- a/recipes-security/audit/audit_2.8.4.bb +++ /dev/null @@ -1,106 +0,0 @@ -SUMMARY = "User space tools for kernel auditing" -DESCRIPTION = "The audit package contains the user space utilities for \ -storing and searching the audit records generated by the audit subsystem \ -in the Linux kernel." -HOMEPAGE = "http://people.redhat.com/sgrubb/audit/" -SECTION = "base" -LICENSE = "GPLv2+ & LGPLv2+" -LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f" - -SRC_URI = "http://people.redhat.com/sgrubb/${BPN}/${BPN}-${PV}.tar.gz \ - file://audit-python-configure.patch \ - file://audit-python.patch \ - file://fix-swig-host-contamination.patch \ - file://0001-Remove-strdupa-as-suggested-in-pull-request-25.patch \ - file://0002-Add-substitue-functions-for-strndupa-rawmemchr.patch \ - file://auditd \ - file://auditd.service \ - file://audit-volatile.conf \ -" -SRC_URI[md5sum] = "ec9510312564c3d9483bccf8dbda4779" -SRC_URI[sha256sum] = "a410694d09fc5708d980a61a5abcb9633a591364f1ecc7e97ad5daef9c898c38" - -inherit autotools pythonnative update-rc.d systemd - -UPDATERCPN = "auditd" -INITSCRIPT_NAME = "auditd" -INITSCRIPT_PARAMS = "defaults" - -SYSTEMD_PACKAGES = "auditd" -SYSTEMD_SERVICE_auditd = "auditd.service" - -DEPENDS += "python tcp-wrappers libcap-ng linux-libc-headers (>= 2.6.30) swig-native" - -EXTRA_OECONF += "--without-prelude \ - --with-libwrap \ - --enable-gssapi-krb5=no \ - --with-libcap-ng=yes \ - --with-python=yes \ - --libdir=${base_libdir} \ - --sbindir=${base_sbindir} \ - --without-python3 \ - --disable-zos-remote \ - " -EXTRA_OECONF_append_arm = " --with-arm=yes" -EXTRA_OECONF_append_aarch64 = " --with-aarch64=yes" - -EXTRA_OEMAKE += "PYLIBVER='python${PYTHON_BASEVERSION}' \ - PYINC='${STAGING_INCDIR}/$(PYLIBVER)' \ - pyexecdir=${libdir}/python${PYTHON_BASEVERSION}/site-packages \ - STDINC='${STAGING_INCDIR}' \ - pkgconfigdir=${libdir}/pkgconfig \ - " - -SUMMARY_audispd-plugins = "Plugins for the audit event dispatcher" -DESCRIPTION_audispd-plugins = "The audispd-plugins package provides plugins for the real-time \ -interface to the audit system, audispd. These plugins can do things \ -like relay events to remote machines or analyze events for suspicious \ -behavior." - -PACKAGES =+ "audispd-plugins" -PACKAGES += "auditd ${PN}-python" - -FILES_${PN} = "${sysconfdir}/libaudit.conf ${base_libdir}/libaudit.so.1* ${base_libdir}/libauparse.so.*" -FILES_auditd += "${bindir}/* ${base_sbindir}/* ${sysconfdir}/*" -FILES_audispd-plugins += "${sysconfdir}/audisp/audisp-remote.conf \ - ${sysconfdir}/audisp/plugins.d/au-remote.conf \ - ${sbindir}/audisp-remote ${localstatedir}/spool/audit \ - " -FILES_${PN}-dbg += "${libdir}/python${PYTHON_BASEVERSION}/*/.debug" -FILES_${PN}-python = "${libdir}/python${PYTHON_BASEVERSION}" - -CONFFILES_auditd += "${sysconfdir}/audit/audit.rules" -RDEPENDS_auditd += "bash" - -do_install_append() { - rm -f ${D}/${libdir}/python${PYTHON_BASEVERSION}/site-packages/*.a - rm -f ${D}/${libdir}/python${PYTHON_BASEVERSION}/site-packages/*.la - - # reuse auditd config - [ ! -e ${D}/etc/default ] && mkdir ${D}/etc/default - mv ${D}/etc/sysconfig/auditd ${D}/etc/default - rmdir ${D}/etc/sysconfig/ - - # replace init.d - install -D -m 0755 ${WORKDIR}/auditd ${D}/etc/init.d/auditd - rm -rf ${D}/etc/rc.d - - if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then - install -d ${D}${sysconfdir}/tmpfiles.d/ - install -m 0644 ${WORKDIR}/audit-volatile.conf ${D}${sysconfdir}/tmpfiles.d/ - fi - - # install systemd unit files - install -d ${D}${systemd_unitdir}/system - install -m 0644 ${WORKDIR}/auditd.service ${D}${systemd_unitdir}/system - - # audit-2.5 doesn't install any rules by default, so we do that here - mkdir -p ${D}/etc/audit ${D}/etc/audit/rules.d - cp ${S}/rules/10-base-config.rules ${D}/etc/audit/rules.d/audit.rules - - chmod 750 ${D}/etc/audit ${D}/etc/audit/rules.d - chmod 640 ${D}/etc/audit/auditd.conf ${D}/etc/audit/rules.d/audit.rules - - # Based on the audit.spec "Copy default rules into place on new installation" - cp ${D}/etc/audit/rules.d/audit.rules ${D}/etc/audit/audit.rules -} diff --git a/recipes-security/audit/audit_2.8.5.bb b/recipes-security/audit/audit_2.8.5.bb new file mode 100644 index 0000000..bd09873 --- /dev/null +++ b/recipes-security/audit/audit_2.8.5.bb @@ -0,0 +1,105 @@ +SUMMARY = "User space tools for kernel auditing" +DESCRIPTION = "The audit package contains the user space utilities for \ +storing and searching the audit records generated by the audit subsystem \ +in the Linux kernel." +HOMEPAGE = "http://people.redhat.com/sgrubb/audit/" +SECTION = "base" +LICENSE = "GPLv2+ & LGPLv2+" +LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f" + +SRC_URI = "http://people.redhat.com/sgrubb/${BPN}/${BPN}-${PV}.tar.gz \ + file://audit-python-configure.patch \ + file://audit-python.patch \ + file://fix-swig-host-contamination.patch \ + file://Add-substitue-functions-for-strndupa-rawmemchr.patch \ + file://auditd \ + file://auditd.service \ + file://audit-volatile.conf \ +" +SRC_URI[md5sum] = "9455e5773670afdbccaeb92681b2e97d" +SRC_URI[sha256sum] = "0e5d4103646e00f8d1981e1cd2faea7a2ae28e854c31a803e907a383c5e2ecb7" + +inherit autotools pythonnative update-rc.d systemd + +UPDATERCPN = "auditd" +INITSCRIPT_NAME = "auditd" +INITSCRIPT_PARAMS = "defaults" + +SYSTEMD_PACKAGES = "auditd" +SYSTEMD_SERVICE_auditd = "auditd.service" + +DEPENDS += "python tcp-wrappers libcap-ng linux-libc-headers (>= 2.6.30) swig-native" + +EXTRA_OECONF += "--without-prelude \ + --with-libwrap \ + --enable-gssapi-krb5=no \ + --with-libcap-ng=yes \ + --with-python=yes \ + --libdir=${base_libdir} \ + --sbindir=${base_sbindir} \ + --without-python3 \ + --disable-zos-remote \ + " +EXTRA_OECONF_append_arm = " --with-arm=yes" +EXTRA_OECONF_append_aarch64 = " --with-aarch64=yes" + +EXTRA_OEMAKE += "PYLIBVER='python${PYTHON_BASEVERSION}' \ + PYINC='${STAGING_INCDIR}/$(PYLIBVER)' \ + pyexecdir=${libdir}/python${PYTHON_BASEVERSION}/site-packages \ + STDINC='${STAGING_INCDIR}' \ + pkgconfigdir=${libdir}/pkgconfig \ + " + +SUMMARY_audispd-plugins = "Plugins for the audit event dispatcher" +DESCRIPTION_audispd-plugins = "The audispd-plugins package provides plugins for the real-time \ +interface to the audit system, audispd. These plugins can do things \ +like relay events to remote machines or analyze events for suspicious \ +behavior." + +PACKAGES =+ "audispd-plugins" +PACKAGES += "auditd ${PN}-python" + +FILES_${PN} = "${sysconfdir}/libaudit.conf ${base_libdir}/libaudit.so.1* ${base_libdir}/libauparse.so.*" +FILES_auditd += "${bindir}/* ${base_sbindir}/* ${sysconfdir}/*" +FILES_audispd-plugins += "${sysconfdir}/audisp/audisp-remote.conf \ + ${sysconfdir}/audisp/plugins.d/au-remote.conf \ + ${sbindir}/audisp-remote ${localstatedir}/spool/audit \ + " +FILES_${PN}-dbg += "${libdir}/python${PYTHON_BASEVERSION}/*/.debug" +FILES_${PN}-python = "${libdir}/python${PYTHON_BASEVERSION}" + +CONFFILES_auditd += "${sysconfdir}/audit/audit.rules" +RDEPENDS_auditd += "bash" + +do_install_append() { + rm -f ${D}/${libdir}/python${PYTHON_BASEVERSION}/site-packages/*.a + rm -f ${D}/${libdir}/python${PYTHON_BASEVERSION}/site-packages/*.la + + # reuse auditd config + [ ! -e ${D}/etc/default ] && mkdir ${D}/etc/default + mv ${D}/etc/sysconfig/auditd ${D}/etc/default + rmdir ${D}/etc/sysconfig/ + + # replace init.d + install -D -m 0755 ${WORKDIR}/auditd ${D}/etc/init.d/auditd + rm -rf ${D}/etc/rc.d + + if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then + install -d ${D}${sysconfdir}/tmpfiles.d/ + install -m 0644 ${WORKDIR}/audit-volatile.conf ${D}${sysconfdir}/tmpfiles.d/ + fi + + # install systemd unit files + install -d ${D}${systemd_unitdir}/system + install -m 0644 ${WORKDIR}/auditd.service ${D}${systemd_unitdir}/system + + # audit-2.5 doesn't install any rules by default, so we do that here + mkdir -p ${D}/etc/audit ${D}/etc/audit/rules.d + cp ${S}/rules/10-base-config.rules ${D}/etc/audit/rules.d/audit.rules + + chmod 750 ${D}/etc/audit ${D}/etc/audit/rules.d + chmod 640 ${D}/etc/audit/auditd.conf ${D}/etc/audit/rules.d/audit.rules + + # Based on the audit.spec "Copy default rules into place on new installation" + cp ${D}/etc/audit/rules.d/audit.rules ${D}/etc/audit/audit.rules +} -- cgit v1.2.3-54-g00ecf