libaudit: update to 3.1.4, join with daemon and utils, rename

Changes: - new URL for sources (old address is dead) - daemon and utils from packages feed are merged in here - only build once - no need to update at the same time in both places - update to v3.1.4 - removed unneeded patches - added audisp-syslog - removed audispd (no longer exists) - rename and move to package/utils/audit - update new path in one dependent package Signed-off-by: Marius Dinu <m95d+git@psihoexpert.ro>
2024-03-31 14:22:18 +03:00 · 2024-03-31 14:22:18 +03:00 · ff0bb196eb
parent c390c6c709
commit ff0bb196eb
6 changed files with 201 additions and 269 deletions
--- a/package/libs/libaudit/Makefile
+++ b/package/libs/libaudit/Makefile
@ -1,109 +0,0 @@
-#
-# This is free software, licensed under the GNU General Public License v2.
-# See /LICENSE for more information.
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=libaudit
-PKG_VERSION:=2.8.5
-PKG_RELEASE:=1
-
-PKG_SOURCE_NAME:=audit
-PKG_SOURCE:=$(PKG_SOURCE_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=https://people.redhat.com/sgrubb/audit
-PKG_HASH:=0e5d4103646e00f8d1981e1cd2faea7a2ae28e854c31a803e907a383c5e2ecb7
-PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_SOURCE_NAME)-$(PKG_VERSION)
-HOST_BUILD_DIR:=$(BUILD_DIR_HOST)/$(PKG_SOURCE_NAME)-$(PKG_VERSION)
-PKG_MAINTAINER:=Thomas Petazzoni <thomas.petazzoni@bootlin.com>
-PKG_LICENSE:=GPL-2.0
-PKG_LICENSE_FILES:=COPYING
-PKG_CPE_ID:=cpe:/a:linux_audit_project:linux_audit
-
-PKG_FIXUP:=autoreconf
-
-PKG_BUILD_FLAGS:=no-mips16
-PKG_INSTALL:=1
-
-include $(INCLUDE_DIR)/package.mk
-include $(INCLUDE_DIR)/host-build.mk
-
-define Package/libaudit
-  CATEGORY:=Libraries
-  TITLE:=Linux Auditing Framework (shared library)
-  URL:=http://people.redhat.com/sgrubb/audit/
-endef
-
-define Package/libaudit/description
-	This package contains the audit shared library.
-endef
-
-CONFIGURE_VARS += \
-	LDFLAGS_FOR_BUILD="$(HOST_LDFLAGS)" \
-	CPPFLAGS_FOR_BUILD="$(HOST_CPPFLAGS)" \
-	CFLAGS_FOR_BUILD="$(HOST_CFLAGS)" \
-	CC_FOR_BUILD="$(HOSTCC)"
-
-CONFIGURE_ARGS += \
-	--without-libcap-ng \
-	--disable-systemd \
-	--without-python \
-	--without-python3 \
-	--disable-zos-remote
-
-ifeq ($(ARCH),aarch64)
-CONFIGURE_ARGS += --with-aarch64
-else ifeq ($(ARCH),arm)
-CONFIGURE_ARGS += --with-arm
-endif
-
-HOST_CONFIGURE_ARGS += \
-	--without-libcap-ng \
-	--disable-systemd \
-	--without-python \
-	--without-python3 \
-	--disable-zos-remote
-
-MAKE_PATH:=lib
-
-# Host/Compile/default doesn't include $(MAKE_PATH), override to use,
-# so we avoid building and installing unnecessary parts on the host.
-define Host/Compile
-	+$(HOST_MAKE_VARS) $(MAKE) $(HOST_JOBS) -C $(HOST_BUILD_DIR)/$(MAKE_PATH) $(HOST_MAKE_FLAGS) all
-endef
-
-define Host/Install
-	+$(HOST_MAKE_VARS) $(MAKE) $(HOST_JOBS) -C $(HOST_BUILD_DIR)/lib $(HOST_MAKE_FLAGS) install
-	+$(HOST_MAKE_VARS) $(MAKE) $(HOST_JOBS) -C $(HOST_BUILD_DIR)/init.d $(HOST_MAKE_FLAGS) install
-endef
-
-# We can't use the default, as the default passes $(MAKE_ARGS), which
-# overrides CC, CFLAGS, etc. and defeats the *_FOR_BUILD definitions
-# passed in CONFIGURE_VARS
-define Build/Compile
-	$(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR)/$(MAKE_PATH)
-endef
-
-define Build/Install
-	$(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR)/lib $(MAKE_INSTALL_FLAGS) install
-	$(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR)/init.d $(MAKE_INSTALL_FLAGS) install
-endef
-
-define Build/InstallDev
-	$(INSTALL_DIR) $(1)/usr/include
-	$(CP) $(PKG_INSTALL_DIR)/usr/include/* $(1)/usr/include/
-	$(INSTALL_DIR) $(1)/usr/lib/pkgconfig
-	$(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/*.pc $(1)/usr/lib/pkgconfig/
-	$(INSTALL_DIR) $(1)/usr/lib
-	$(CP) $(PKG_INSTALL_DIR)/usr/lib/* $(1)/usr/lib/
-endef
-
-define Package/libaudit/install
-	$(INSTALL_DIR) $(1)/usr/lib
-	$(CP) $(PKG_INSTALL_DIR)/usr/lib/*.so.* $(1)/usr/lib/
-	$(INSTALL_DIR) $(1)/etc
-	$(CP) $(PKG_INSTALL_DIR)/etc/libaudit.conf $(1)/etc/
-endef
-
-$(eval $(call HostBuild))
-$(eval $(call BuildPackage,libaudit))
--- a/package/libs/libaudit/patches/0001-Add-substitue-functions-for-strndupa-rawmemchr.patch
+++ b/package/libs/libaudit/patches/0001-Add-substitue-functions-for-strndupa-rawmemchr.patch
@ -1,133 +0,0 @@
-From c39a071e7c021f6ff3554aca2758e97b47a9777c Mon Sep 17 00:00:00 2001
-From: Steve Grubb <sgrubb@redhat.com>
-Date: Tue, 26 Feb 2019 18:33:33 -0500
-Subject: [PATCH] Add substitue functions for strndupa & rawmemchr
-
-(cherry picked from commit d579a08bb1cde71f939c13ac6b2261052ae9f77e)
-Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
---
- auparse/auparse.c   | 12 +++++++++++-
- auparse/interpret.c |  9 ++++++++-
- configure.ac        | 14 +++++++++++++-
- src/ausearch-lol.c  | 12 +++++++++++-
- 4 files changed, 43 insertions(+), 4 deletions(-)
-
-diff --git a/auparse/auparse.c b/auparse/auparse.c
-index 650db02..2e1c737 100644
--- a/auparse/auparse.c
-+++ b/auparse/auparse.c
-@@ -1,5 +1,5 @@
- /* auparse.c --
- * Copyright 2006-08,2012-17 Red Hat Inc., Durham, North Carolina.
-+ * Copyright 2006-08,2012-19 Red Hat Inc., Durham, North Carolina.
-  * All Rights Reserved.
-  *
-  * This library is free software; you can redistribute it and/or
-@@ -1118,6 +1118,16 @@ static int str2event(char *s, au_event_t *e)
- 	return 0;
- }
- 
-+#ifndef HAVE_STRNDUPA
-+static inline char *strndupa(const char *old, size_t n)
-+{
-+	size_t len = strnlen(old, n);
-+	char *tmp = alloca(len + 1);
-+	tmp[len] = 0;
-+	return memcpy(tmp, old, len);
-+}
-+#endif
-+
- /* Returns 0 on success and 1 on error */
- static int extract_timestamp(const char *b, au_event_t *e)
- {
-diff --git a/auparse/interpret.c b/auparse/interpret.c
-index 51c4a5e..67b7b77 100644
--- a/auparse/interpret.c
-+++ b/auparse/interpret.c
-@@ -853,6 +853,13 @@ err_out:
- 		return print_escaped(id->val);
- }
- 
-+// rawmemchr is faster. Let's use it if we have it.
-+#ifdef HAVE_RAWMEMCHR
-+#define STRCHR rawmemchr
-+#else
-+#define STRCHR strchr
-+#endif
-+
- static const char *print_proctitle(const char *val)
- {
- 	char *out = (char *)print_escaped(val);
-@@ -863,7 +870,7 @@ static const char *print_proctitle(const char *val)
- 		// Proctitle has arguments separated by NUL bytes
- 		// We need to write over the NUL bytes with a space
- 		// so that we can see the arguments
-		while ((ptr  = rawmemchr(ptr, '\0'))) {
-+		while ((ptr  = STRCHR(ptr, '\0'))) {
- 			if (ptr >= end)
- 				break;
- 			*ptr = ' ';
-diff --git a/configure.ac b/configure.ac
-index 6e345f1..6f3007e 100644
--- a/configure.ac
-+++ b/configure.ac
-@@ -1,7 +1,7 @@
- dnl
- define([AC_INIT_NOTICE],
- [### Generated automatically using autoconf version] AC_ACVERSION [
-### Copyright 2005-18 Steve Grubb <sgrubb@redhat.com>
-+### Copyright 2005-19 Steve Grubb <sgrubb@redhat.com>
- ###
- ### Permission is hereby granted, free of charge, to any person obtaining a
- ### copy of this software and associated documentation files (the "Software"),
-@@ -72,6 +72,18 @@ dnl; posix_fallocate is used in audisp-remote
- AC_CHECK_FUNCS([posix_fallocate])
- dnl; signalfd is needed for libev
- AC_CHECK_FUNC([signalfd], [], [ AC_MSG_ERROR([The signalfd system call is necessary for auditd]) ])
-+dnl; check if rawmemchr is available
-+AC_CHECK_FUNCS([rawmemchr])
-+dnl; check if strndupa is available
-+AC_LINK_IFELSE(
-+  [AC_LANG_SOURCE(
-+    [[
-+      #define _GNU_SOURCE
-+      #include <string.h>
-+      int main() { (void) strndupa("test", 10); return 0; }]])],
-+ [AC_DEFINE(HAVE_STRNDUPA, 1, [Let us know if we have it or not])],
-+ []
-+)
- 
- ALLWARNS=""
- ALLDEBUG="-g"
-diff --git a/src/ausearch-lol.c b/src/ausearch-lol.c
-index 5d17a72..758c33e 100644
--- a/src/ausearch-lol.c
-+++ b/src/ausearch-lol.c
-@@ -1,6 +1,6 @@
- /*
- * ausearch-lol.c - linked list of linked lists library
-* Copyright (c) 2008,2010,2014,2016 Red Hat Inc., Durham, North Carolina.
-+* Copyright (c) 2008,2010,2014,2016,2019 Red Hat Inc., Durham, North Carolina.
- * All Rights Reserved. 
- *
- * This software may be freely redistributed and/or modified under the
-@@ -152,6 +152,16 @@ static int compare_event_time(event *e1, event *e2)
- 	return 0;
- }
- 
-+#ifndef HAVE_STRNDUPA
-+static inline char *strndupa(const char *old, size_t n)
-+{
-+	size_t len = strnlen(old, n);
-+	char *tmp = alloca(len + 1);
-+	tmp[len] = 0;
-+	return memcpy(tmp, old, len);
-+}
-+#endif
-+
- /*
-  * This function will look at the line and pick out pieces of it.
-  */
-- 
-2.21.0
-
--- a/package/libs/libaudit/patches/0002-fix-gcc-10.patch
+++ b/package/libs/libaudit/patches/0002-fix-gcc-10.patch
@ -1,26 +0,0 @@
-From 017e6c6ab95df55f34e339d2139def83e5dada1f Mon Sep 17 00:00:00 2001
-From: Steve Grubb <sgrubb@redhat.com>
-Date: Fri, 10 Jan 2020 21:13:50 -0500
-Subject: [PATCH 01/30] Header definitions need to be external when building
- with -fno-common (which is default in GCC 10) - Tony Jones
-
---
- src/ausearch-common.h | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/ausearch-common.h b/src/ausearch-common.h
-index 6669203..3040547 100644
--- a/src/ausearch-common.h
-+++ b/src/ausearch-common.h
-@@ -50,7 +50,7 @@ extern pid_t event_pid;
- extern int event_exact_match;
- extern uid_t event_uid, event_euid, event_loginuid;
- extern const char *event_tuid, *event_teuid, *event_tauid;
-slist *event_node_list;
-+extern slist *event_node_list;
- extern const char *event_comm;
- extern const char *event_filename;
- extern const char *event_hostname;
-- 
-2.26.2
-
--- a/package/libs/libsemanage/Makefile
+++ b/package/libs/libsemanage/Makefile
@ -18,7 +18,7 @@ PKG_LICENSE_FILES:=COPYING
 PKG_CPE_ID:=cpe:/a:selinuxproject:libsemanage


-HOST_BUILD_DEPENDS:=libaudit/host libselinux/host bzip2/host
+HOST_BUILD_DEPENDS:=audit/host libselinux/host bzip2/host


 include $(INCLUDE_DIR)/package.mk
--- a/package/utils/audit/Makefile
+++ b/package/utils/audit/Makefile
@ -0,0 +1,184 @@
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=audit-userspace
+PKG_VERSION:=3.1.4
+PKG_RELEASE:=1
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://github.com/linux-audit/audit-userspace/archive/refs/tags/v$(PKG_VERSION).tar.gz?
+PKG_HASH:=aec501760acd13ebbe00e78b9b59f795d16a430b1d673628e346cd18905c594b
+PKG_MAINTAINER:=Thomas Petazzoni <thomas.petazzoni@bootlin.com>
+PKG_LICENSE:=GPL-2.0-or-later
+PKG_LICENSE_FILES:=COPYING
+PKG_CPE_ID:=cpe:/a:linux_audit_project:linux_audit
+
+PKG_CONFIG_DEPENDS:=CONFIG_KERNEL_IO_URING
+PKG_FIXUP:=autoreconf
+
+PKG_BUILD_FLAGS:=no-mips16
+PKG_INSTALL:=1
+
+include $(INCLUDE_DIR)/package.mk
+include $(INCLUDE_DIR)/host-build.mk
+
+define Package/audit/Default
+  TITLE:=Audit
+  URL:=https://github.com/linux-audit/
+endef
+
+define Package/audit/Default/description
+  The audit package contains the user space utilities for
+  storing and searching the audit records generated by
+  the audit subsystem in the kernel.
+endef
+
+define Package/libaudit
+$(call Package/audit/Default)
+  SECTION:=libs
+  CATEGORY:=Libraries
+  TITLE+= (libaudit)
+endef
+
+define Package/libaudit/description
+$(call Package/audit/Default/description)
+  This package contains the audit shared library.
+endef
+
+define Package/libauparse
+$(call Package/audit/Default)
+  SECTION:=libs
+  CATEGORY:=Libraries
+  TITLE+= (libauparse)
+  DEPENDS:= +libaudit
+endef
+
+define Package/libauparse/description
+$(call Package/audit/Default/description)
+  This package contains the audit parsing shared library.
+endef
+
+define Package/audit-utils
+$(call Package/audit/Default)
+  SECTION:=admin
+  CATEGORY:=Administration
+  TITLE+= (utilities)
+  DEPENDS:= +libaudit +libauparse
+endef
+
+define Package/audit-utils/description
+$(call Package/audit/Default/description)
+  This package contains the audit utilities.
+endef
+
+define Package/auditd
+$(call Package/audit/Default)
+  SECTION:=admin
+  CATEGORY:=Administration
+  TITLE+= (daemon)
+  DEPENDS:= +libaudit +libauparse +audit-utils +libev
+endef
+
+define Package/auditd/description
+$(call Package/audit/Default/description)
+  This package contains the audit daemon.
+endef
+
+CONFIGURE_VARS += \
+	LDFLAGS_FOR_BUILD="$(HOST_LDFLAGS)" \
+	CPPFLAGS_FOR_BUILD="$(HOST_CPPFLAGS)" \
+	CFLAGS_FOR_BUILD="$(HOST_CFLAGS)" \
+	CC_FOR_BUILD="$(HOSTCC)"
+
+CONFIGURE_ARGS += \
+	--with-debug \
+	--disable-systemd \
+	--disable-zos-remote \
+	--disable-gssapi-krb5 \
+	--without-libcap-ng \
+	--without-python \
+	--without-python3 \
+	--without-golang
+
+ifeq ($(ARCH),aarch64)
+CONFIGURE_ARGS += --with-aarch64
+else ifeq ($(ARCH),arm)
+CONFIGURE_ARGS += --with-arm
+endif
+
+HOST_CONFIGURE_ARGS += \
+	--disable-systemd \
+	--disable-zos-remote \
+	--disable-gssapi-krb5 \
+	--without-libcap-ng \
+	--without-python \
+	--without-python3 \
+	--without-golang
+
+define Host/Install
+	+$(HOST_MAKE_VARS) $(MAKE) $(HOST_JOBS) -C $(HOST_BUILD_DIR)/lib $(HOST_MAKE_FLAGS) install
+	+$(HOST_MAKE_VARS) $(MAKE) $(HOST_JOBS) -C $(HOST_BUILD_DIR)/init.d $(HOST_MAKE_FLAGS) install
+endef
+
+# We can't use the default, as the default passes $(MAKE_ARGS), which
+# overrides CC, CFLAGS, etc. and defeats the *_FOR_BUILD definitions
+# passed in CONFIGURE_VARS
+define Build/Compile
+	$(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR)/$(MAKE_PATH)
+endef
+
+define Build/Install
+	$(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR)/lib $(MAKE_INSTALL_FLAGS) install
+	$(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR)/init.d $(MAKE_INSTALL_FLAGS) install
+	$(call Build/Install/Default,install)
+endef
+
+define Build/InstallDev
+	$(INSTALL_DIR) $(1)/usr/include
+	$(CP) $(PKG_INSTALL_DIR)/usr/include/* $(1)/usr/include/
+	$(INSTALL_DIR) $(1)/usr/lib/pkgconfig
+	$(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/*.pc $(1)/usr/lib/pkgconfig/
+	$(INSTALL_DIR) $(1)/usr/lib
+	$(CP) $(PKG_INSTALL_DIR)/usr/lib/* $(1)/usr/lib/
+endef
+
+define Package/libaudit/install
+	$(INSTALL_DIR) $(1)/usr/lib
+	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libaudit.so* $(1)/usr/lib/
+	$(INSTALL_DIR) $(1)/etc
+	$(CP) $(PKG_INSTALL_DIR)/etc/libaudit.conf $(1)/etc/
+endef
+
+define Package/libauparse/install
+	$(INSTALL_DIR) $(1)/usr/lib
+	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libauparse.so* $(1)/usr/lib/
+endef
+
+define Package/audit-utils/install
+	$(INSTALL_DIR) $(1)/usr/bin
+	$(CP) $(PKG_INSTALL_DIR)/usr/bin/* $(1)/usr/bin/
+	$(INSTALL_DIR) $(1)/usr/sbin
+	$(CP) \
+		$(PKG_INSTALL_DIR)/usr/sbin/{audisp-remote,audisp-syslog,auditctl,augenrules,aureport,ausearch,autrace} \
+		$(1)/usr/sbin/
+endef
+
+define Package/auditd/install
+	$(INSTALL_DIR) $(1)/etc/audit
+	$(CP) $(PKG_INSTALL_DIR)/etc/audit/* $(1)/etc/audit/
+	# af_unix plugin is not installed. Remove it's .conf.
+	if [[ -f $(1)/etc/audit/plugins.d/af_unix.conf ]] ; then rm $(1)/etc/audit/plugins.d/af_unix.conf ; fi
+	$(INSTALL_DIR) $(1)/etc/init.d
+	$(INSTALL_BIN) ./files/audit.init $(1)/etc/init.d/audit
+	$(INSTALL_DIR) $(1)/usr/sbin
+	$(CP) $(PKG_INSTALL_DIR)/usr/sbin/auditd $(1)/usr/sbin/
+endef
+
+$(eval $(call HostBuild))
+$(eval $(call BuildPackage,libaudit))
+$(eval $(call BuildPackage,libauparse))
+$(eval $(call BuildPackage,audit-utils))
+$(eval $(call BuildPackage,auditd))
--- a/package/utils/audit/files/audit.init
+++ b/package/utils/audit/files/audit.init
@ -0,0 +1,16 @@
+#!/bin/sh /etc/rc.common
+# Copyright (c) 2014 OpenWrt.org
+
+START=11
+
+USE_PROCD=1
+PROG=/usr/sbin/auditd
+
+start_service() {
+	mkdir -p /var/log/audit
+	procd_open_instance
+	procd_set_param command "$PROG" -n
+	procd_set_param respawn
+	procd_close_instance
+	test -f /etc/audit/rules.d/audit.rules && /usr/sbin/auditctl -R /etc/audit/rules.d/audit.rules
+}