[openwrt/openwrt] libaudit: update to 3.1.4, join with daemon and utils, rename
LEDE Commits
lede-commits at lists.infradead.org
Sun Apr 28 16:03:18 PDT 2024
hauke pushed a commit to openwrt/openwrt.git, branch main:
https://git.openwrt.org/ff0bb196ebba5dac4d3e77738c7d79934600b32c
commit ff0bb196ebba5dac4d3e77738c7d79934600b32c
Author: Marius Dinu <m95d+git at psihoexpert.ro>
AuthorDate: Sun Mar 31 14:22:18 2024 +0300
libaudit: update to 3.1.4, join with daemon and utils, rename
Changes:
- new URL for sources (old address is dead)
- daemon and utils from packages feed are merged in here
- only build once
- no need to update at the same time in both places
- update to v3.1.4
- removed unneeded patches
- added audisp-syslog
- removed audispd (no longer exists)
- rename and move to package/utils/audit
- update new path in one dependent package
Signed-off-by: Marius Dinu <m95d+git at psihoexpert.ro>
---
package/libs/libaudit/Makefile | 109 ------------
...ubstitue-functions-for-strndupa-rawmemchr.patch | 133 ---------------
.../libs/libaudit/patches/0002-fix-gcc-10.patch | 26 ---
package/libs/libsemanage/Makefile | 2 +-
package/utils/audit/Makefile | 184 +++++++++++++++++++++
package/utils/audit/files/audit.init | 16 ++
6 files changed, 201 insertions(+), 269 deletions(-)
diff --git a/package/libs/libaudit/Makefile b/package/libs/libaudit/Makefile
deleted file mode 100644
index 0d79c25365..0000000000
--- a/package/libs/libaudit/Makefile
+++ /dev/null
@@ -1,109 +0,0 @@
-#
-# This is free software, licensed under the GNU General Public License v2.
-# See /LICENSE for more information.
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=libaudit
-PKG_VERSION:=2.8.5
-PKG_RELEASE:=1
-
-PKG_SOURCE_NAME:=audit
-PKG_SOURCE:=$(PKG_SOURCE_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=https://people.redhat.com/sgrubb/audit
-PKG_HASH:=0e5d4103646e00f8d1981e1cd2faea7a2ae28e854c31a803e907a383c5e2ecb7
-PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_SOURCE_NAME)-$(PKG_VERSION)
-HOST_BUILD_DIR:=$(BUILD_DIR_HOST)/$(PKG_SOURCE_NAME)-$(PKG_VERSION)
-PKG_MAINTAINER:=Thomas Petazzoni <thomas.petazzoni at bootlin.com>
-PKG_LICENSE:=GPL-2.0
-PKG_LICENSE_FILES:=COPYING
-PKG_CPE_ID:=cpe:/a:linux_audit_project:linux_audit
-
-PKG_FIXUP:=autoreconf
-
-PKG_BUILD_FLAGS:=no-mips16
-PKG_INSTALL:=1
-
-include $(INCLUDE_DIR)/package.mk
-include $(INCLUDE_DIR)/host-build.mk
-
-define Package/libaudit
- CATEGORY:=Libraries
- TITLE:=Linux Auditing Framework (shared library)
- URL:=http://people.redhat.com/sgrubb/audit/
-endef
-
-define Package/libaudit/description
- This package contains the audit shared library.
-endef
-
-CONFIGURE_VARS += \
- LDFLAGS_FOR_BUILD="$(HOST_LDFLAGS)" \
- CPPFLAGS_FOR_BUILD="$(HOST_CPPFLAGS)" \
- CFLAGS_FOR_BUILD="$(HOST_CFLAGS)" \
- CC_FOR_BUILD="$(HOSTCC)"
-
-CONFIGURE_ARGS += \
- --without-libcap-ng \
- --disable-systemd \
- --without-python \
- --without-python3 \
- --disable-zos-remote
-
-ifeq ($(ARCH),aarch64)
-CONFIGURE_ARGS += --with-aarch64
-else ifeq ($(ARCH),arm)
-CONFIGURE_ARGS += --with-arm
-endif
-
-HOST_CONFIGURE_ARGS += \
- --without-libcap-ng \
- --disable-systemd \
- --without-python \
- --without-python3 \
- --disable-zos-remote
-
-MAKE_PATH:=lib
-
-# Host/Compile/default doesn't include $(MAKE_PATH), override to use,
-# so we avoid building and installing unnecessary parts on the host.
-define Host/Compile
- +$(HOST_MAKE_VARS) $(MAKE) $(HOST_JOBS) -C $(HOST_BUILD_DIR)/$(MAKE_PATH) $(HOST_MAKE_FLAGS) all
-endef
-
-define Host/Install
- +$(HOST_MAKE_VARS) $(MAKE) $(HOST_JOBS) -C $(HOST_BUILD_DIR)/lib $(HOST_MAKE_FLAGS) install
- +$(HOST_MAKE_VARS) $(MAKE) $(HOST_JOBS) -C $(HOST_BUILD_DIR)/init.d $(HOST_MAKE_FLAGS) install
-endef
-
-# We can't use the default, as the default passes $(MAKE_ARGS), which
-# overrides CC, CFLAGS, etc. and defeats the *_FOR_BUILD definitions
-# passed in CONFIGURE_VARS
-define Build/Compile
- $(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR)/$(MAKE_PATH)
-endef
-
-define Build/Install
- $(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR)/lib $(MAKE_INSTALL_FLAGS) install
- $(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR)/init.d $(MAKE_INSTALL_FLAGS) install
-endef
-
-define Build/InstallDev
- $(INSTALL_DIR) $(1)/usr/include
- $(CP) $(PKG_INSTALL_DIR)/usr/include/* $(1)/usr/include/
- $(INSTALL_DIR) $(1)/usr/lib/pkgconfig
- $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/*.pc $(1)/usr/lib/pkgconfig/
- $(INSTALL_DIR) $(1)/usr/lib
- $(CP) $(PKG_INSTALL_DIR)/usr/lib/* $(1)/usr/lib/
-endef
-
-define Package/libaudit/install
- $(INSTALL_DIR) $(1)/usr/lib
- $(CP) $(PKG_INSTALL_DIR)/usr/lib/*.so.* $(1)/usr/lib/
- $(INSTALL_DIR) $(1)/etc
- $(CP) $(PKG_INSTALL_DIR)/etc/libaudit.conf $(1)/etc/
-endef
-
-$(eval $(call HostBuild))
-$(eval $(call BuildPackage,libaudit))
diff --git a/package/libs/libaudit/patches/0001-Add-substitue-functions-for-strndupa-rawmemchr.patch b/package/libs/libaudit/patches/0001-Add-substitue-functions-for-strndupa-rawmemchr.patch
deleted file mode 100644
index ac292c57d1..0000000000
--- a/package/libs/libaudit/patches/0001-Add-substitue-functions-for-strndupa-rawmemchr.patch
+++ /dev/null
@@ -1,133 +0,0 @@
-From c39a071e7c021f6ff3554aca2758e97b47a9777c Mon Sep 17 00:00:00 2001
-From: Steve Grubb <sgrubb at redhat.com>
-Date: Tue, 26 Feb 2019 18:33:33 -0500
-Subject: [PATCH] Add substitue functions for strndupa & rawmemchr
-
-(cherry picked from commit d579a08bb1cde71f939c13ac6b2261052ae9f77e)
-Signed-off-by: Thomas Petazzoni <thomas.petazzoni at bootlin.com>
----
- auparse/auparse.c | 12 +++++++++++-
- auparse/interpret.c | 9 ++++++++-
- configure.ac | 14 +++++++++++++-
- src/ausearch-lol.c | 12 +++++++++++-
- 4 files changed, 43 insertions(+), 4 deletions(-)
-
-diff --git a/auparse/auparse.c b/auparse/auparse.c
-index 650db02..2e1c737 100644
---- a/auparse/auparse.c
-+++ b/auparse/auparse.c
-@@ -1,5 +1,5 @@
- /* auparse.c --
-- * Copyright 2006-08,2012-17 Red Hat Inc., Durham, North Carolina.
-+ * Copyright 2006-08,2012-19 Red Hat Inc., Durham, North Carolina.
- * All Rights Reserved.
- *
- * This library is free software; you can redistribute it and/or
-@@ -1118,6 +1118,16 @@ static int str2event(char *s, au_event_t *e)
- return 0;
- }
-
-+#ifndef HAVE_STRNDUPA
-+static inline char *strndupa(const char *old, size_t n)
-+{
-+ size_t len = strnlen(old, n);
-+ char *tmp = alloca(len + 1);
-+ tmp[len] = 0;
-+ return memcpy(tmp, old, len);
-+}
-+#endif
-+
- /* Returns 0 on success and 1 on error */
- static int extract_timestamp(const char *b, au_event_t *e)
- {
-diff --git a/auparse/interpret.c b/auparse/interpret.c
-index 51c4a5e..67b7b77 100644
---- a/auparse/interpret.c
-+++ b/auparse/interpret.c
-@@ -853,6 +853,13 @@ err_out:
- return print_escaped(id->val);
- }
-
-+// rawmemchr is faster. Let's use it if we have it.
-+#ifdef HAVE_RAWMEMCHR
-+#define STRCHR rawmemchr
-+#else
-+#define STRCHR strchr
-+#endif
-+
- static const char *print_proctitle(const char *val)
- {
- char *out = (char *)print_escaped(val);
-@@ -863,7 +870,7 @@ static const char *print_proctitle(const char *val)
- // Proctitle has arguments separated by NUL bytes
- // We need to write over the NUL bytes with a space
- // so that we can see the arguments
-- while ((ptr = rawmemchr(ptr, '\0'))) {
-+ while ((ptr = STRCHR(ptr, '\0'))) {
- if (ptr >= end)
- break;
- *ptr = ' ';
-diff --git a/configure.ac b/configure.ac
-index 6e345f1..6f3007e 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -1,7 +1,7 @@
- dnl
- define([AC_INIT_NOTICE],
- [### Generated automatically using autoconf version] AC_ACVERSION [
--### Copyright 2005-18 Steve Grubb <sgrubb at redhat.com>
-+### Copyright 2005-19 Steve Grubb <sgrubb at redhat.com>
- ###
- ### Permission is hereby granted, free of charge, to any person obtaining a
- ### copy of this software and associated documentation files (the "Software"),
-@@ -72,6 +72,18 @@ dnl; posix_fallocate is used in audisp-remote
- AC_CHECK_FUNCS([posix_fallocate])
- dnl; signalfd is needed for libev
- AC_CHECK_FUNC([signalfd], [], [ AC_MSG_ERROR([The signalfd system call is necessary for auditd]) ])
-+dnl; check if rawmemchr is available
-+AC_CHECK_FUNCS([rawmemchr])
-+dnl; check if strndupa is available
-+AC_LINK_IFELSE(
-+ [AC_LANG_SOURCE(
-+ [[
-+ #define _GNU_SOURCE
-+ #include <string.h>
-+ int main() { (void) strndupa("test", 10); return 0; }]])],
-+ [AC_DEFINE(HAVE_STRNDUPA, 1, [Let us know if we have it or not])],
-+ []
-+)
-
- ALLWARNS=""
- ALLDEBUG="-g"
-diff --git a/src/ausearch-lol.c b/src/ausearch-lol.c
-index 5d17a72..758c33e 100644
---- a/src/ausearch-lol.c
-+++ b/src/ausearch-lol.c
-@@ -1,6 +1,6 @@
- /*
- * ausearch-lol.c - linked list of linked lists library
--* Copyright (c) 2008,2010,2014,2016 Red Hat Inc., Durham, North Carolina.
-+* Copyright (c) 2008,2010,2014,2016,2019 Red Hat Inc., Durham, North Carolina.
- * All Rights Reserved.
- *
- * This software may be freely redistributed and/or modified under the
-@@ -152,6 +152,16 @@ static int compare_event_time(event *e1, event *e2)
- return 0;
- }
-
-+#ifndef HAVE_STRNDUPA
-+static inline char *strndupa(const char *old, size_t n)
-+{
-+ size_t len = strnlen(old, n);
-+ char *tmp = alloca(len + 1);
-+ tmp[len] = 0;
-+ return memcpy(tmp, old, len);
-+}
-+#endif
-+
- /*
- * This function will look at the line and pick out pieces of it.
- */
---
-2.21.0
-
diff --git a/package/libs/libaudit/patches/0002-fix-gcc-10.patch b/package/libs/libaudit/patches/0002-fix-gcc-10.patch
deleted file mode 100644
index 5986cf0e42..0000000000
--- a/package/libs/libaudit/patches/0002-fix-gcc-10.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-From 017e6c6ab95df55f34e339d2139def83e5dada1f Mon Sep 17 00:00:00 2001
-From: Steve Grubb <sgrubb at redhat.com>
-Date: Fri, 10 Jan 2020 21:13:50 -0500
-Subject: [PATCH 01/30] Header definitions need to be external when building
- with -fno-common (which is default in GCC 10) - Tony Jones
-
----
- src/ausearch-common.h | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/ausearch-common.h b/src/ausearch-common.h
-index 6669203..3040547 100644
---- a/src/ausearch-common.h
-+++ b/src/ausearch-common.h
-@@ -50,7 +50,7 @@ extern pid_t event_pid;
- extern int event_exact_match;
- extern uid_t event_uid, event_euid, event_loginuid;
- extern const char *event_tuid, *event_teuid, *event_tauid;
--slist *event_node_list;
-+extern slist *event_node_list;
- extern const char *event_comm;
- extern const char *event_filename;
- extern const char *event_hostname;
---
-2.26.2
-
diff --git a/package/libs/libsemanage/Makefile b/package/libs/libsemanage/Makefile
index 37e433b34c..9ebf9a6f21 100644
--- a/package/libs/libsemanage/Makefile
+++ b/package/libs/libsemanage/Makefile
@@ -18,7 +18,7 @@ PKG_LICENSE_FILES:=COPYING
PKG_CPE_ID:=cpe:/a:selinuxproject:libsemanage
-HOST_BUILD_DEPENDS:=libaudit/host libselinux/host bzip2/host
+HOST_BUILD_DEPENDS:=audit/host libselinux/host bzip2/host
include $(INCLUDE_DIR)/package.mk
diff --git a/package/utils/audit/Makefile b/package/utils/audit/Makefile
new file mode 100644
index 0000000000..e36e3ebd53
--- /dev/null
+++ b/package/utils/audit/Makefile
@@ -0,0 +1,184 @@
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=audit-userspace
+PKG_VERSION:=3.1.4
+PKG_RELEASE:=1
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://github.com/linux-audit/audit-userspace/archive/refs/tags/v$(PKG_VERSION).tar.gz?
+PKG_HASH:=aec501760acd13ebbe00e78b9b59f795d16a430b1d673628e346cd18905c594b
+PKG_MAINTAINER:=Thomas Petazzoni <thomas.petazzoni at bootlin.com>
+PKG_LICENSE:=GPL-2.0-or-later
+PKG_LICENSE_FILES:=COPYING
+PKG_CPE_ID:=cpe:/a:linux_audit_project:linux_audit
+
+PKG_CONFIG_DEPENDS:=CONFIG_KERNEL_IO_URING
+PKG_FIXUP:=autoreconf
+
+PKG_BUILD_FLAGS:=no-mips16
+PKG_INSTALL:=1
+
+include $(INCLUDE_DIR)/package.mk
+include $(INCLUDE_DIR)/host-build.mk
+
+define Package/audit/Default
+ TITLE:=Audit
+ URL:=https://github.com/linux-audit/
+endef
+
+define Package/audit/Default/description
+ The audit package contains the user space utilities for
+ storing and searching the audit records generated by
+ the audit subsystem in the kernel.
+endef
+
+define Package/libaudit
+$(call Package/audit/Default)
+ SECTION:=libs
+ CATEGORY:=Libraries
+ TITLE+= (libaudit)
+endef
+
+define Package/libaudit/description
+$(call Package/audit/Default/description)
+ This package contains the audit shared library.
+endef
+
+define Package/libauparse
+$(call Package/audit/Default)
+ SECTION:=libs
+ CATEGORY:=Libraries
+ TITLE+= (libauparse)
+ DEPENDS:= +libaudit
+endef
+
+define Package/libauparse/description
+$(call Package/audit/Default/description)
+ This package contains the audit parsing shared library.
+endef
+
+define Package/audit-utils
+$(call Package/audit/Default)
+ SECTION:=admin
+ CATEGORY:=Administration
+ TITLE+= (utilities)
+ DEPENDS:= +libaudit +libauparse
+endef
+
+define Package/audit-utils/description
+$(call Package/audit/Default/description)
+ This package contains the audit utilities.
+endef
+
+define Package/auditd
+$(call Package/audit/Default)
+ SECTION:=admin
+ CATEGORY:=Administration
+ TITLE+= (daemon)
+ DEPENDS:= +libaudit +libauparse +audit-utils +libev
+endef
+
+define Package/auditd/description
+$(call Package/audit/Default/description)
+ This package contains the audit daemon.
+endef
+
+CONFIGURE_VARS += \
+ LDFLAGS_FOR_BUILD="$(HOST_LDFLAGS)" \
+ CPPFLAGS_FOR_BUILD="$(HOST_CPPFLAGS)" \
+ CFLAGS_FOR_BUILD="$(HOST_CFLAGS)" \
+ CC_FOR_BUILD="$(HOSTCC)"
+
+CONFIGURE_ARGS += \
+ --with-debug \
+ --disable-systemd \
+ --disable-zos-remote \
+ --disable-gssapi-krb5 \
+ --without-libcap-ng \
+ --without-python \
+ --without-python3 \
+ --without-golang
+
+ifeq ($(ARCH),aarch64)
+CONFIGURE_ARGS += --with-aarch64
+else ifeq ($(ARCH),arm)
+CONFIGURE_ARGS += --with-arm
+endif
+
+HOST_CONFIGURE_ARGS += \
+ --disable-systemd \
+ --disable-zos-remote \
+ --disable-gssapi-krb5 \
+ --without-libcap-ng \
+ --without-python \
+ --without-python3 \
+ --without-golang
+
+define Host/Install
+ +$(HOST_MAKE_VARS) $(MAKE) $(HOST_JOBS) -C $(HOST_BUILD_DIR)/lib $(HOST_MAKE_FLAGS) install
+ +$(HOST_MAKE_VARS) $(MAKE) $(HOST_JOBS) -C $(HOST_BUILD_DIR)/init.d $(HOST_MAKE_FLAGS) install
+endef
+
+# We can't use the default, as the default passes $(MAKE_ARGS), which
+# overrides CC, CFLAGS, etc. and defeats the *_FOR_BUILD definitions
+# passed in CONFIGURE_VARS
+define Build/Compile
+ $(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR)/$(MAKE_PATH)
+endef
+
+define Build/Install
+ $(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR)/lib $(MAKE_INSTALL_FLAGS) install
+ $(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR)/init.d $(MAKE_INSTALL_FLAGS) install
+ $(call Build/Install/Default,install)
+endef
+
+define Build/InstallDev
+ $(INSTALL_DIR) $(1)/usr/include
+ $(CP) $(PKG_INSTALL_DIR)/usr/include/* $(1)/usr/include/
+ $(INSTALL_DIR) $(1)/usr/lib/pkgconfig
+ $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/*.pc $(1)/usr/lib/pkgconfig/
+ $(INSTALL_DIR) $(1)/usr/lib
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/* $(1)/usr/lib/
+endef
+
+define Package/libaudit/install
+ $(INSTALL_DIR) $(1)/usr/lib
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libaudit.so* $(1)/usr/lib/
+ $(INSTALL_DIR) $(1)/etc
+ $(CP) $(PKG_INSTALL_DIR)/etc/libaudit.conf $(1)/etc/
+endef
+
+define Package/libauparse/install
+ $(INSTALL_DIR) $(1)/usr/lib
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libauparse.so* $(1)/usr/lib/
+endef
+
+define Package/audit-utils/install
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(CP) $(PKG_INSTALL_DIR)/usr/bin/* $(1)/usr/bin/
+ $(INSTALL_DIR) $(1)/usr/sbin
+ $(CP) \
+ $(PKG_INSTALL_DIR)/usr/sbin/{audisp-remote,audisp-syslog,auditctl,augenrules,aureport,ausearch,autrace} \
+ $(1)/usr/sbin/
+endef
+
+define Package/auditd/install
+ $(INSTALL_DIR) $(1)/etc/audit
+ $(CP) $(PKG_INSTALL_DIR)/etc/audit/* $(1)/etc/audit/
+ # af_unix plugin is not installed. Remove it's .conf.
+ if [[ -f $(1)/etc/audit/plugins.d/af_unix.conf ]] ; then rm $(1)/etc/audit/plugins.d/af_unix.conf ; fi
+ $(INSTALL_DIR) $(1)/etc/init.d
+ $(INSTALL_BIN) ./files/audit.init $(1)/etc/init.d/audit
+ $(INSTALL_DIR) $(1)/usr/sbin
+ $(CP) $(PKG_INSTALL_DIR)/usr/sbin/auditd $(1)/usr/sbin/
+endef
+
+$(eval $(call HostBuild))
+$(eval $(call BuildPackage,libaudit))
+$(eval $(call BuildPackage,libauparse))
+$(eval $(call BuildPackage,audit-utils))
+$(eval $(call BuildPackage,auditd))
diff --git a/package/utils/audit/files/audit.init b/package/utils/audit/files/audit.init
new file mode 100644
index 0000000000..4a9f53884b
--- /dev/null
+++ b/package/utils/audit/files/audit.init
@@ -0,0 +1,16 @@
+#!/bin/sh /etc/rc.common
+# Copyright (c) 2014 OpenWrt.org
+
+START=11
+
+USE_PROCD=1
+PROG=/usr/sbin/auditd
+
+start_service() {
+ mkdir -p /var/log/audit
+ procd_open_instance
+ procd_set_param command "$PROG" -n
+ procd_set_param respawn
+ procd_close_instance
+ test -f /etc/audit/rules.d/audit.rules && /usr/sbin/auditctl -R /etc/audit/rules.d/audit.rules
+}
More information about the lede-commits
mailing list