audit: move from packages to openwrt
This package is joined with libaudit from openwrt base packages. Signed-off-by: Marius Dinu <m95d+git@psihoexpert.ro>
This commit is contained in:
parent
272f55e87f
commit
e87d89da2e
|
@ -1,143 +0,0 @@
|
|||
#
|
||||
# This is free software, licensed under the GNU General Public License v2.
|
||||
# See /LICENSE for more information.
|
||||
#
|
||||
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=audit
|
||||
PKG_VERSION:=2.8.5
|
||||
PKG_RELEASE:=7
|
||||
|
||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
|
||||
PKG_SOURCE_URL:=http://people.redhat.com/sgrubb/audit
|
||||
PKG_HASH:=0e5d4103646e00f8d1981e1cd2faea7a2ae28e854c31a803e907a383c5e2ecb7
|
||||
|
||||
PKG_MAINTAINER:=Thomas Petazzoni <thomas.petazzoni@bootlin.com>
|
||||
PKG_LICENSE:=GPL-2.0-or-later
|
||||
PKG_LICENSE_FILES:=COPYING
|
||||
PKG_CPE_ID:=cpe:/a:linux_audit_project:linux_audit
|
||||
|
||||
PKG_FIXUP:=autoreconf
|
||||
PKG_BUILD_DIR=$(BUILD_DIR)/$(PKG_NAME)-packages/$(PKG_NAME)-$(PKG_VERSION)
|
||||
|
||||
PKG_BUILD_FLAGS:=no-mips16
|
||||
|
||||
include $(INCLUDE_DIR)/package.mk
|
||||
|
||||
define Package/audit/Default
|
||||
TITLE:=Audit Daemon
|
||||
URL:=http://people.redhat.com/sgrubb/audit/
|
||||
endef
|
||||
|
||||
define Package/audit/Default/description
|
||||
The audit package contains the user space utilities for
|
||||
storing and searching the audit records generated by
|
||||
the audit subsystem in the Linux 2.6 kernel
|
||||
endef
|
||||
|
||||
define Package/libauparse
|
||||
$(call Package/audit/Default)
|
||||
SECTION:=libs
|
||||
CATEGORY:=Libraries
|
||||
TITLE+= (parsing shared library)
|
||||
DEPENDS:= +libaudit
|
||||
endef
|
||||
|
||||
define Package/libauparse/description
|
||||
$(call Package/audit/Default/description)
|
||||
This package contains the audit parsing shared library.
|
||||
endef
|
||||
|
||||
define Package/audit-utils
|
||||
$(call Package/audit/Default)
|
||||
SECTION:=utils
|
||||
CATEGORY:=Utilities
|
||||
TITLE+= (utilities)
|
||||
DEPENDS:= +libaudit +libauparse
|
||||
endef
|
||||
|
||||
define Package/audit-utils/description
|
||||
$(call Package/audit/Default/description)
|
||||
This package contains the audit utilities.
|
||||
endef
|
||||
|
||||
define Package/audit
|
||||
$(call Package/audit/Default)
|
||||
SECTION:=utils
|
||||
CATEGORY:=Utilities
|
||||
TITLE+= (daemon)
|
||||
DEPENDS:= +libaudit +libauparse +audit-utils +libev
|
||||
endef
|
||||
|
||||
define Package/audit/description
|
||||
$(call Package/audit/Default/description)
|
||||
This package contains the audit daemon.
|
||||
endef
|
||||
|
||||
CONFIGURE_VARS += \
|
||||
LDFLAGS_FOR_BUILD="$(HOST_LDFLAGS)" \
|
||||
CPPFLAGS_FOR_BUILD="$(HOST_CPPFLAGS)" \
|
||||
CFLAGS_FOR_BUILD="$(HOST_CFLAGS)" \
|
||||
CC_FOR_BUILD="$(HOSTCC)"
|
||||
|
||||
CONFIGURE_ARGS += \
|
||||
--without-libcap-ng \
|
||||
--disable-systemd \
|
||||
--without-python \
|
||||
--without-python3 \
|
||||
--disable-zos-remote
|
||||
|
||||
ifeq ($(ARCH),aarch64)
|
||||
CONFIGURE_ARGS += --with-aarch64
|
||||
else ifeq ($(ARCH),arm)
|
||||
CONFIGURE_ARGS += --with-arm
|
||||
endif
|
||||
|
||||
# We can't use the default, as the default passes $(MAKE_ARGS), which
|
||||
# overrides CC, CFLAGS, etc. and defeats the *_FOR_BUILD definitions
|
||||
# passed in CONFIGURE_VARS
|
||||
define Build/Compile
|
||||
$(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR)/$(MAKE_PATH)
|
||||
endef
|
||||
|
||||
define Build/Install
|
||||
$(call Build/Install/Default,install)
|
||||
$(SED) 's%^dispatcher *=.*%dispatcher = /usr/sbin/audispd%' $(PKG_INSTALL_DIR)/etc/audit/auditd.conf
|
||||
endef
|
||||
|
||||
define Build/InstallDev
|
||||
$(INSTALL_DIR) $(1)/usr/include
|
||||
$(CP) $(PKG_INSTALL_DIR)/usr/include/* $(1)/usr/include/
|
||||
$(INSTALL_DIR) $(1)/usr/lib/pkgconfig
|
||||
$(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/*.pc $(1)/usr/lib/pkgconfig/
|
||||
$(INSTALL_DIR) $(1)/usr/lib
|
||||
$(CP) $(PKG_INSTALL_DIR)/usr/lib/* $(1)/usr/lib/
|
||||
endef
|
||||
|
||||
define Package/libauparse/install
|
||||
$(INSTALL_DIR) $(1)/usr/lib
|
||||
$(CP) $(PKG_INSTALL_DIR)/usr/lib/libauparse.so.* $(1)/usr/lib/
|
||||
endef
|
||||
|
||||
define Package/audit-utils/install
|
||||
$(INSTALL_DIR) $(1)/usr/bin
|
||||
$(CP) $(PKG_INSTALL_DIR)/usr/bin/* $(1)/usr/bin/
|
||||
$(INSTALL_DIR) $(1)/usr/sbin
|
||||
$(CP) \
|
||||
$(PKG_INSTALL_DIR)/usr/sbin/{augenrules,audispd,audisp-remote,auditctl,autrace,aureport,ausearch} \
|
||||
$(1)/usr/sbin/
|
||||
endef
|
||||
|
||||
define Package/audit/install
|
||||
$(INSTALL_DIR) $(1)/etc/audit
|
||||
$(CP) $(PKG_INSTALL_DIR)/etc/audit/* $(1)/etc/audit/
|
||||
$(INSTALL_DIR) $(1)/etc/init.d
|
||||
$(INSTALL_BIN) ./files/audit.init $(1)/etc/init.d/audit
|
||||
$(INSTALL_DIR) $(1)/usr/sbin
|
||||
$(CP) $(PKG_INSTALL_DIR)/usr/sbin/auditd $(1)/usr/sbin/
|
||||
endef
|
||||
|
||||
$(eval $(call BuildPackage,libauparse))
|
||||
$(eval $(call BuildPackage,audit-utils))
|
||||
$(eval $(call BuildPackage,audit))
|
|
@ -1,16 +0,0 @@
|
|||
#!/bin/sh /etc/rc.common
|
||||
# Copyright (c) 2014 OpenWrt.org
|
||||
|
||||
START=11
|
||||
|
||||
USE_PROCD=1
|
||||
PROG=/usr/sbin/auditd
|
||||
|
||||
start_service() {
|
||||
mkdir -p /var/log/audit
|
||||
procd_open_instance
|
||||
procd_set_param command "$PROG" -n
|
||||
procd_set_param respawn
|
||||
procd_close_instance
|
||||
test -f /etc/audit/rules.d/audit.rules && /usr/sbin/auditctl -R /etc/audit/rules.d/audit.rules
|
||||
}
|
|
@ -1,122 +0,0 @@
|
|||
From c39a071e7c021f6ff3554aca2758e97b47a9777c Mon Sep 17 00:00:00 2001
|
||||
From: Steve Grubb <sgrubb@redhat.com>
|
||||
Date: Tue, 26 Feb 2019 18:33:33 -0500
|
||||
Subject: [PATCH] Add substitue functions for strndupa & rawmemchr
|
||||
|
||||
(cherry picked from commit d579a08bb1cde71f939c13ac6b2261052ae9f77e)
|
||||
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
|
||||
---
|
||||
auparse/auparse.c | 12 +++++++++++-
|
||||
auparse/interpret.c | 9 ++++++++-
|
||||
configure.ac | 14 +++++++++++++-
|
||||
src/ausearch-lol.c | 12 +++++++++++-
|
||||
4 files changed, 43 insertions(+), 4 deletions(-)
|
||||
|
||||
--- a/auparse/auparse.c
|
||||
+++ b/auparse/auparse.c
|
||||
@@ -1,5 +1,5 @@
|
||||
/* auparse.c --
|
||||
- * Copyright 2006-08,2012-17 Red Hat Inc., Durham, North Carolina.
|
||||
+ * Copyright 2006-08,2012-19 Red Hat Inc., Durham, North Carolina.
|
||||
* All Rights Reserved.
|
||||
*
|
||||
* This library is free software; you can redistribute it and/or
|
||||
@@ -1118,6 +1118,16 @@ static int str2event(char *s, au_event_t
|
||||
return 0;
|
||||
}
|
||||
|
||||
+#ifndef HAVE_STRNDUPA
|
||||
+static inline char *strndupa(const char *old, size_t n)
|
||||
+{
|
||||
+ size_t len = strnlen(old, n);
|
||||
+ char *tmp = alloca(len + 1);
|
||||
+ tmp[len] = 0;
|
||||
+ return memcpy(tmp, old, len);
|
||||
+}
|
||||
+#endif
|
||||
+
|
||||
/* Returns 0 on success and 1 on error */
|
||||
static int extract_timestamp(const char *b, au_event_t *e)
|
||||
{
|
||||
--- a/auparse/interpret.c
|
||||
+++ b/auparse/interpret.c
|
||||
@@ -853,6 +853,13 @@ err_out:
|
||||
return print_escaped(id->val);
|
||||
}
|
||||
|
||||
+// rawmemchr is faster. Let's use it if we have it.
|
||||
+#ifdef HAVE_RAWMEMCHR
|
||||
+#define STRCHR rawmemchr
|
||||
+#else
|
||||
+#define STRCHR strchr
|
||||
+#endif
|
||||
+
|
||||
static const char *print_proctitle(const char *val)
|
||||
{
|
||||
char *out = (char *)print_escaped(val);
|
||||
@@ -863,7 +870,7 @@ static const char *print_proctitle(const
|
||||
// Proctitle has arguments separated by NUL bytes
|
||||
// We need to write over the NUL bytes with a space
|
||||
// so that we can see the arguments
|
||||
- while ((ptr = rawmemchr(ptr, '\0'))) {
|
||||
+ while ((ptr = STRCHR(ptr, '\0'))) {
|
||||
if (ptr >= end)
|
||||
break;
|
||||
*ptr = ' ';
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -1,7 +1,7 @@
|
||||
dnl
|
||||
define([AC_INIT_NOTICE],
|
||||
[### Generated automatically using autoconf version] AC_ACVERSION [
|
||||
-### Copyright 2005-18 Steve Grubb <sgrubb@redhat.com>
|
||||
+### Copyright 2005-19 Steve Grubb <sgrubb@redhat.com>
|
||||
###
|
||||
### Permission is hereby granted, free of charge, to any person obtaining a
|
||||
### copy of this software and associated documentation files (the "Software"),
|
||||
@@ -72,6 +72,18 @@ dnl; posix_fallocate is used in audisp-r
|
||||
AC_CHECK_FUNCS([posix_fallocate])
|
||||
dnl; signalfd is needed for libev
|
||||
AC_CHECK_FUNC([signalfd], [], [ AC_MSG_ERROR([The signalfd system call is necessary for auditd]) ])
|
||||
+dnl; check if rawmemchr is available
|
||||
+AC_CHECK_FUNCS([rawmemchr])
|
||||
+dnl; check if strndupa is available
|
||||
+AC_LINK_IFELSE(
|
||||
+ [AC_LANG_SOURCE(
|
||||
+ [[
|
||||
+ #define _GNU_SOURCE
|
||||
+ #include <string.h>
|
||||
+ int main() { (void) strndupa("test", 10); return 0; }]])],
|
||||
+ [AC_DEFINE(HAVE_STRNDUPA, 1, [Let us know if we have it or not])],
|
||||
+ []
|
||||
+)
|
||||
|
||||
ALLWARNS=""
|
||||
ALLDEBUG="-g"
|
||||
--- a/src/ausearch-lol.c
|
||||
+++ b/src/ausearch-lol.c
|
||||
@@ -1,6 +1,6 @@
|
||||
/*
|
||||
* ausearch-lol.c - linked list of linked lists library
|
||||
-* Copyright (c) 2008,2010,2014,2016 Red Hat Inc., Durham, North Carolina.
|
||||
+* Copyright (c) 2008,2010,2014,2016,2019 Red Hat Inc., Durham, North Carolina.
|
||||
* All Rights Reserved.
|
||||
*
|
||||
* This software may be freely redistributed and/or modified under the
|
||||
@@ -152,6 +152,16 @@ static int compare_event_time(event *e1,
|
||||
return 0;
|
||||
}
|
||||
|
||||
+#ifndef HAVE_STRNDUPA
|
||||
+static inline char *strndupa(const char *old, size_t n)
|
||||
+{
|
||||
+ size_t len = strnlen(old, n);
|
||||
+ char *tmp = alloca(len + 1);
|
||||
+ tmp[len] = 0;
|
||||
+ return memcpy(tmp, old, len);
|
||||
+}
|
||||
+#endif
|
||||
+
|
||||
/*
|
||||
* This function will look at the line and pick out pieces of it.
|
||||
*/
|
|
@ -1,21 +0,0 @@
|
|||
From 017e6c6ab95df55f34e339d2139def83e5dada1f Mon Sep 17 00:00:00 2001
|
||||
From: Steve Grubb <sgrubb@redhat.com>
|
||||
Date: Fri, 10 Jan 2020 21:13:50 -0500
|
||||
Subject: [PATCH 01/30] Header definitions need to be external when building
|
||||
with -fno-common (which is default in GCC 10) - Tony Jones
|
||||
|
||||
---
|
||||
src/ausearch-common.h | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
--- a/src/ausearch-common.h
|
||||
+++ b/src/ausearch-common.h
|
||||
@@ -50,7 +50,7 @@ extern pid_t event_pid;
|
||||
extern int event_exact_match;
|
||||
extern uid_t event_uid, event_euid, event_loginuid;
|
||||
extern const char *event_tuid, *event_teuid, *event_tauid;
|
||||
-slist *event_node_list;
|
||||
+extern slist *event_node_list;
|
||||
extern const char *event_comm;
|
||||
extern const char *event_filename;
|
||||
extern const char *event_hostname;
|
|
@ -1,52 +0,0 @@
|
|||
From 6b09724c69d91668418ddb3af00da6db6755208c Mon Sep 17 00:00:00 2001
|
||||
From: Steve Grubb <sgrubb@redhat.com>
|
||||
Date: Thu, 2 Sep 2021 15:01:12 -0400
|
||||
Subject: [PATCH] Make IPX packet interpretation dependent on the ipx header
|
||||
file existing
|
||||
|
||||
--- a/auparse/interpret.c
|
||||
+++ b/auparse/interpret.c
|
||||
@@ -44,8 +44,10 @@
|
||||
#include <linux/ax25.h>
|
||||
#include <linux/atm.h>
|
||||
#include <linux/x25.h>
|
||||
-#include <linux/if.h> // FIXME: remove when ipx.h is fixed
|
||||
-#include <linux/ipx.h>
|
||||
+#ifdef HAVE_IPX_HEADERS
|
||||
+ #include <linux/if.h> // FIXME: remove when ipx.h is fixed
|
||||
+ #include <linux/ipx.h>
|
||||
+#endif
|
||||
#include <linux/capability.h>
|
||||
#include <sys/personality.h>
|
||||
#include <sys/prctl.h>
|
||||
@@ -1158,6 +1160,7 @@ static const char *print_sockaddr(const
|
||||
x->sax25_call.ax25_call[6]);
|
||||
}
|
||||
break;
|
||||
+#ifdef HAVE_IPX_HEADERS
|
||||
case AF_IPX:
|
||||
{
|
||||
const struct sockaddr_ipx *ip =
|
||||
@@ -1167,6 +1170,7 @@ static const char *print_sockaddr(const
|
||||
str, ip->sipx_port, ip->sipx_network);
|
||||
}
|
||||
break;
|
||||
+#endif
|
||||
case AF_ATMPVC:
|
||||
{
|
||||
const struct sockaddr_atmpvc* at =
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -414,6 +414,12 @@ if test x"$LIBWRAP_LIBS" != "x"; then
|
||||
AC_DEFINE_UNQUOTED(HAVE_LIBWRAP, [], Define if tcp_wrappers support is enabled )
|
||||
fi
|
||||
|
||||
+# linux/ipx.h - deprecated in 2018
|
||||
+AC_CHECK_HEADER(linux/ipx.h, ipx_headers=yes, ipx_headers=no)
|
||||
+if test $ipx_headers = yes ; then
|
||||
+ AC_DEFINE(HAVE_IPX_HEADERS,1,[IPX packet interpretation])
|
||||
+fi
|
||||
+
|
||||
# See if we want to support lower capabilities for plugins
|
||||
LIBCAP_NG_PATH
|
||||
|
Loading…
Reference in New Issue