From ff0bb196ebba5dac4d3e77738c7d79934600b32c Mon Sep 17 00:00:00 2001 From: Marius Dinu Date: Sun, 31 Mar 2024 14:22:18 +0300 Subject: [PATCH] libaudit: update to 3.1.4, join with daemon and utils, rename Changes: - new URL for sources (old address is dead) - daemon and utils from packages feed are merged in here - only build once - no need to update at the same time in both places - update to v3.1.4 - removed unneeded patches - added audisp-syslog - removed audispd (no longer exists) - rename and move to package/utils/audit - update new path in one dependent package Signed-off-by: Marius Dinu --- package/libs/libaudit/Makefile | 109 ----------- ...tue-functions-for-strndupa-rawmemchr.patch | 133 ------------- .../libaudit/patches/0002-fix-gcc-10.patch | 26 --- package/libs/libsemanage/Makefile | 2 +- package/utils/audit/Makefile | 184 ++++++++++++++++++ package/utils/audit/files/audit.init | 16 ++ 6 files changed, 201 insertions(+), 269 deletions(-) delete mode 100644 package/libs/libaudit/Makefile delete mode 100644 package/libs/libaudit/patches/0001-Add-substitue-functions-for-strndupa-rawmemchr.patch delete mode 100644 package/libs/libaudit/patches/0002-fix-gcc-10.patch create mode 100644 package/utils/audit/Makefile create mode 100644 package/utils/audit/files/audit.init diff --git a/package/libs/libaudit/Makefile b/package/libs/libaudit/Makefile deleted file mode 100644 index 0d79c25365..0000000000 --- a/package/libs/libaudit/Makefile +++ /dev/null @@ -1,109 +0,0 @@ -# -# This is free software, licensed under the GNU General Public License v2. -# See /LICENSE for more information. -# - -include $(TOPDIR)/rules.mk - -PKG_NAME:=libaudit -PKG_VERSION:=2.8.5 -PKG_RELEASE:=1 - -PKG_SOURCE_NAME:=audit -PKG_SOURCE:=$(PKG_SOURCE_NAME)-$(PKG_VERSION).tar.gz -PKG_SOURCE_URL:=https://people.redhat.com/sgrubb/audit -PKG_HASH:=0e5d4103646e00f8d1981e1cd2faea7a2ae28e854c31a803e907a383c5e2ecb7 -PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_SOURCE_NAME)-$(PKG_VERSION) -HOST_BUILD_DIR:=$(BUILD_DIR_HOST)/$(PKG_SOURCE_NAME)-$(PKG_VERSION) -PKG_MAINTAINER:=Thomas Petazzoni -PKG_LICENSE:=GPL-2.0 -PKG_LICENSE_FILES:=COPYING -PKG_CPE_ID:=cpe:/a:linux_audit_project:linux_audit - -PKG_FIXUP:=autoreconf - -PKG_BUILD_FLAGS:=no-mips16 -PKG_INSTALL:=1 - -include $(INCLUDE_DIR)/package.mk -include $(INCLUDE_DIR)/host-build.mk - -define Package/libaudit - CATEGORY:=Libraries - TITLE:=Linux Auditing Framework (shared library) - URL:=http://people.redhat.com/sgrubb/audit/ -endef - -define Package/libaudit/description - This package contains the audit shared library. -endef - -CONFIGURE_VARS += \ - LDFLAGS_FOR_BUILD="$(HOST_LDFLAGS)" \ - CPPFLAGS_FOR_BUILD="$(HOST_CPPFLAGS)" \ - CFLAGS_FOR_BUILD="$(HOST_CFLAGS)" \ - CC_FOR_BUILD="$(HOSTCC)" - -CONFIGURE_ARGS += \ - --without-libcap-ng \ - --disable-systemd \ - --without-python \ - --without-python3 \ - --disable-zos-remote - -ifeq ($(ARCH),aarch64) -CONFIGURE_ARGS += --with-aarch64 -else ifeq ($(ARCH),arm) -CONFIGURE_ARGS += --with-arm -endif - -HOST_CONFIGURE_ARGS += \ - --without-libcap-ng \ - --disable-systemd \ - --without-python \ - --without-python3 \ - --disable-zos-remote - -MAKE_PATH:=lib - -# Host/Compile/default doesn't include $(MAKE_PATH), override to use, -# so we avoid building and installing unnecessary parts on the host. -define Host/Compile - +$(HOST_MAKE_VARS) $(MAKE) $(HOST_JOBS) -C $(HOST_BUILD_DIR)/$(MAKE_PATH) $(HOST_MAKE_FLAGS) all -endef - -define Host/Install - +$(HOST_MAKE_VARS) $(MAKE) $(HOST_JOBS) -C $(HOST_BUILD_DIR)/lib $(HOST_MAKE_FLAGS) install - +$(HOST_MAKE_VARS) $(MAKE) $(HOST_JOBS) -C $(HOST_BUILD_DIR)/init.d $(HOST_MAKE_FLAGS) install -endef - -# We can't use the default, as the default passes $(MAKE_ARGS), which -# overrides CC, CFLAGS, etc. and defeats the *_FOR_BUILD definitions -# passed in CONFIGURE_VARS -define Build/Compile - $(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR)/$(MAKE_PATH) -endef - -define Build/Install - $(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR)/lib $(MAKE_INSTALL_FLAGS) install - $(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR)/init.d $(MAKE_INSTALL_FLAGS) install -endef - -define Build/InstallDev - $(INSTALL_DIR) $(1)/usr/include - $(CP) $(PKG_INSTALL_DIR)/usr/include/* $(1)/usr/include/ - $(INSTALL_DIR) $(1)/usr/lib/pkgconfig - $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/*.pc $(1)/usr/lib/pkgconfig/ - $(INSTALL_DIR) $(1)/usr/lib - $(CP) $(PKG_INSTALL_DIR)/usr/lib/* $(1)/usr/lib/ -endef - -define Package/libaudit/install - $(INSTALL_DIR) $(1)/usr/lib - $(CP) $(PKG_INSTALL_DIR)/usr/lib/*.so.* $(1)/usr/lib/ - $(INSTALL_DIR) $(1)/etc - $(CP) $(PKG_INSTALL_DIR)/etc/libaudit.conf $(1)/etc/ -endef - -$(eval $(call HostBuild)) -$(eval $(call BuildPackage,libaudit)) diff --git a/package/libs/libaudit/patches/0001-Add-substitue-functions-for-strndupa-rawmemchr.patch b/package/libs/libaudit/patches/0001-Add-substitue-functions-for-strndupa-rawmemchr.patch deleted file mode 100644 index ac292c57d1..0000000000 --- a/package/libs/libaudit/patches/0001-Add-substitue-functions-for-strndupa-rawmemchr.patch +++ /dev/null @@ -1,133 +0,0 @@ -From c39a071e7c021f6ff3554aca2758e97b47a9777c Mon Sep 17 00:00:00 2001 -From: Steve Grubb -Date: Tue, 26 Feb 2019 18:33:33 -0500 -Subject: [PATCH] Add substitue functions for strndupa & rawmemchr - -(cherry picked from commit d579a08bb1cde71f939c13ac6b2261052ae9f77e) -Signed-off-by: Thomas Petazzoni ---- - auparse/auparse.c | 12 +++++++++++- - auparse/interpret.c | 9 ++++++++- - configure.ac | 14 +++++++++++++- - src/ausearch-lol.c | 12 +++++++++++- - 4 files changed, 43 insertions(+), 4 deletions(-) - -diff --git a/auparse/auparse.c b/auparse/auparse.c -index 650db02..2e1c737 100644 ---- a/auparse/auparse.c -+++ b/auparse/auparse.c -@@ -1,5 +1,5 @@ - /* auparse.c -- -- * Copyright 2006-08,2012-17 Red Hat Inc., Durham, North Carolina. -+ * Copyright 2006-08,2012-19 Red Hat Inc., Durham, North Carolina. - * All Rights Reserved. - * - * This library is free software; you can redistribute it and/or -@@ -1118,6 +1118,16 @@ static int str2event(char *s, au_event_t *e) - return 0; - } - -+#ifndef HAVE_STRNDUPA -+static inline char *strndupa(const char *old, size_t n) -+{ -+ size_t len = strnlen(old, n); -+ char *tmp = alloca(len + 1); -+ tmp[len] = 0; -+ return memcpy(tmp, old, len); -+} -+#endif -+ - /* Returns 0 on success and 1 on error */ - static int extract_timestamp(const char *b, au_event_t *e) - { -diff --git a/auparse/interpret.c b/auparse/interpret.c -index 51c4a5e..67b7b77 100644 ---- a/auparse/interpret.c -+++ b/auparse/interpret.c -@@ -853,6 +853,13 @@ err_out: - return print_escaped(id->val); - } - -+// rawmemchr is faster. Let's use it if we have it. -+#ifdef HAVE_RAWMEMCHR -+#define STRCHR rawmemchr -+#else -+#define STRCHR strchr -+#endif -+ - static const char *print_proctitle(const char *val) - { - char *out = (char *)print_escaped(val); -@@ -863,7 +870,7 @@ static const char *print_proctitle(const char *val) - // Proctitle has arguments separated by NUL bytes - // We need to write over the NUL bytes with a space - // so that we can see the arguments -- while ((ptr = rawmemchr(ptr, '\0'))) { -+ while ((ptr = STRCHR(ptr, '\0'))) { - if (ptr >= end) - break; - *ptr = ' '; -diff --git a/configure.ac b/configure.ac -index 6e345f1..6f3007e 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -1,7 +1,7 @@ - dnl - define([AC_INIT_NOTICE], - [### Generated automatically using autoconf version] AC_ACVERSION [ --### Copyright 2005-18 Steve Grubb -+### Copyright 2005-19 Steve Grubb - ### - ### Permission is hereby granted, free of charge, to any person obtaining a - ### copy of this software and associated documentation files (the "Software"), -@@ -72,6 +72,18 @@ dnl; posix_fallocate is used in audisp-remote - AC_CHECK_FUNCS([posix_fallocate]) - dnl; signalfd is needed for libev - AC_CHECK_FUNC([signalfd], [], [ AC_MSG_ERROR([The signalfd system call is necessary for auditd]) ]) -+dnl; check if rawmemchr is available -+AC_CHECK_FUNCS([rawmemchr]) -+dnl; check if strndupa is available -+AC_LINK_IFELSE( -+ [AC_LANG_SOURCE( -+ [[ -+ #define _GNU_SOURCE -+ #include -+ int main() { (void) strndupa("test", 10); return 0; }]])], -+ [AC_DEFINE(HAVE_STRNDUPA, 1, [Let us know if we have it or not])], -+ [] -+) - - ALLWARNS="" - ALLDEBUG="-g" -diff --git a/src/ausearch-lol.c b/src/ausearch-lol.c -index 5d17a72..758c33e 100644 ---- a/src/ausearch-lol.c -+++ b/src/ausearch-lol.c -@@ -1,6 +1,6 @@ - /* - * ausearch-lol.c - linked list of linked lists library --* Copyright (c) 2008,2010,2014,2016 Red Hat Inc., Durham, North Carolina. -+* Copyright (c) 2008,2010,2014,2016,2019 Red Hat Inc., Durham, North Carolina. - * All Rights Reserved. - * - * This software may be freely redistributed and/or modified under the -@@ -152,6 +152,16 @@ static int compare_event_time(event *e1, event *e2) - return 0; - } - -+#ifndef HAVE_STRNDUPA -+static inline char *strndupa(const char *old, size_t n) -+{ -+ size_t len = strnlen(old, n); -+ char *tmp = alloca(len + 1); -+ tmp[len] = 0; -+ return memcpy(tmp, old, len); -+} -+#endif -+ - /* - * This function will look at the line and pick out pieces of it. - */ --- -2.21.0 - diff --git a/package/libs/libaudit/patches/0002-fix-gcc-10.patch b/package/libs/libaudit/patches/0002-fix-gcc-10.patch deleted file mode 100644 index 5986cf0e42..0000000000 --- a/package/libs/libaudit/patches/0002-fix-gcc-10.patch +++ /dev/null @@ -1,26 +0,0 @@ -From 017e6c6ab95df55f34e339d2139def83e5dada1f Mon Sep 17 00:00:00 2001 -From: Steve Grubb -Date: Fri, 10 Jan 2020 21:13:50 -0500 -Subject: [PATCH 01/30] Header definitions need to be external when building - with -fno-common (which is default in GCC 10) - Tony Jones - ---- - src/ausearch-common.h | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/ausearch-common.h b/src/ausearch-common.h -index 6669203..3040547 100644 ---- a/src/ausearch-common.h -+++ b/src/ausearch-common.h -@@ -50,7 +50,7 @@ extern pid_t event_pid; - extern int event_exact_match; - extern uid_t event_uid, event_euid, event_loginuid; - extern const char *event_tuid, *event_teuid, *event_tauid; --slist *event_node_list; -+extern slist *event_node_list; - extern const char *event_comm; - extern const char *event_filename; - extern const char *event_hostname; --- -2.26.2 - diff --git a/package/libs/libsemanage/Makefile b/package/libs/libsemanage/Makefile index 37e433b34c..9ebf9a6f21 100644 --- a/package/libs/libsemanage/Makefile +++ b/package/libs/libsemanage/Makefile @@ -18,7 +18,7 @@ PKG_LICENSE_FILES:=COPYING PKG_CPE_ID:=cpe:/a:selinuxproject:libsemanage -HOST_BUILD_DEPENDS:=libaudit/host libselinux/host bzip2/host +HOST_BUILD_DEPENDS:=audit/host libselinux/host bzip2/host include $(INCLUDE_DIR)/package.mk diff --git a/package/utils/audit/Makefile b/package/utils/audit/Makefile new file mode 100644 index 0000000000..e36e3ebd53 --- /dev/null +++ b/package/utils/audit/Makefile @@ -0,0 +1,184 @@ +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=audit-userspace +PKG_VERSION:=3.1.4 +PKG_RELEASE:=1 +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_SOURCE_URL:=https://github.com/linux-audit/audit-userspace/archive/refs/tags/v$(PKG_VERSION).tar.gz? +PKG_HASH:=aec501760acd13ebbe00e78b9b59f795d16a430b1d673628e346cd18905c594b +PKG_MAINTAINER:=Thomas Petazzoni +PKG_LICENSE:=GPL-2.0-or-later +PKG_LICENSE_FILES:=COPYING +PKG_CPE_ID:=cpe:/a:linux_audit_project:linux_audit + +PKG_CONFIG_DEPENDS:=CONFIG_KERNEL_IO_URING +PKG_FIXUP:=autoreconf + +PKG_BUILD_FLAGS:=no-mips16 +PKG_INSTALL:=1 + +include $(INCLUDE_DIR)/package.mk +include $(INCLUDE_DIR)/host-build.mk + +define Package/audit/Default + TITLE:=Audit + URL:=https://github.com/linux-audit/ +endef + +define Package/audit/Default/description + The audit package contains the user space utilities for + storing and searching the audit records generated by + the audit subsystem in the kernel. +endef + +define Package/libaudit +$(call Package/audit/Default) + SECTION:=libs + CATEGORY:=Libraries + TITLE+= (libaudit) +endef + +define Package/libaudit/description +$(call Package/audit/Default/description) + This package contains the audit shared library. +endef + +define Package/libauparse +$(call Package/audit/Default) + SECTION:=libs + CATEGORY:=Libraries + TITLE+= (libauparse) + DEPENDS:= +libaudit +endef + +define Package/libauparse/description +$(call Package/audit/Default/description) + This package contains the audit parsing shared library. +endef + +define Package/audit-utils +$(call Package/audit/Default) + SECTION:=admin + CATEGORY:=Administration + TITLE+= (utilities) + DEPENDS:= +libaudit +libauparse +endef + +define Package/audit-utils/description +$(call Package/audit/Default/description) + This package contains the audit utilities. +endef + +define Package/auditd +$(call Package/audit/Default) + SECTION:=admin + CATEGORY:=Administration + TITLE+= (daemon) + DEPENDS:= +libaudit +libauparse +audit-utils +libev +endef + +define Package/auditd/description +$(call Package/audit/Default/description) + This package contains the audit daemon. +endef + +CONFIGURE_VARS += \ + LDFLAGS_FOR_BUILD="$(HOST_LDFLAGS)" \ + CPPFLAGS_FOR_BUILD="$(HOST_CPPFLAGS)" \ + CFLAGS_FOR_BUILD="$(HOST_CFLAGS)" \ + CC_FOR_BUILD="$(HOSTCC)" + +CONFIGURE_ARGS += \ + --with-debug \ + --disable-systemd \ + --disable-zos-remote \ + --disable-gssapi-krb5 \ + --without-libcap-ng \ + --without-python \ + --without-python3 \ + --without-golang + +ifeq ($(ARCH),aarch64) +CONFIGURE_ARGS += --with-aarch64 +else ifeq ($(ARCH),arm) +CONFIGURE_ARGS += --with-arm +endif + +HOST_CONFIGURE_ARGS += \ + --disable-systemd \ + --disable-zos-remote \ + --disable-gssapi-krb5 \ + --without-libcap-ng \ + --without-python \ + --without-python3 \ + --without-golang + +define Host/Install + +$(HOST_MAKE_VARS) $(MAKE) $(HOST_JOBS) -C $(HOST_BUILD_DIR)/lib $(HOST_MAKE_FLAGS) install + +$(HOST_MAKE_VARS) $(MAKE) $(HOST_JOBS) -C $(HOST_BUILD_DIR)/init.d $(HOST_MAKE_FLAGS) install +endef + +# We can't use the default, as the default passes $(MAKE_ARGS), which +# overrides CC, CFLAGS, etc. and defeats the *_FOR_BUILD definitions +# passed in CONFIGURE_VARS +define Build/Compile + $(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR)/$(MAKE_PATH) +endef + +define Build/Install + $(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR)/lib $(MAKE_INSTALL_FLAGS) install + $(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR)/init.d $(MAKE_INSTALL_FLAGS) install + $(call Build/Install/Default,install) +endef + +define Build/InstallDev + $(INSTALL_DIR) $(1)/usr/include + $(CP) $(PKG_INSTALL_DIR)/usr/include/* $(1)/usr/include/ + $(INSTALL_DIR) $(1)/usr/lib/pkgconfig + $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/*.pc $(1)/usr/lib/pkgconfig/ + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib/* $(1)/usr/lib/ +endef + +define Package/libaudit/install + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libaudit.so* $(1)/usr/lib/ + $(INSTALL_DIR) $(1)/etc + $(CP) $(PKG_INSTALL_DIR)/etc/libaudit.conf $(1)/etc/ +endef + +define Package/libauparse/install + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libauparse.so* $(1)/usr/lib/ +endef + +define Package/audit-utils/install + $(INSTALL_DIR) $(1)/usr/bin + $(CP) $(PKG_INSTALL_DIR)/usr/bin/* $(1)/usr/bin/ + $(INSTALL_DIR) $(1)/usr/sbin + $(CP) \ + $(PKG_INSTALL_DIR)/usr/sbin/{audisp-remote,audisp-syslog,auditctl,augenrules,aureport,ausearch,autrace} \ + $(1)/usr/sbin/ +endef + +define Package/auditd/install + $(INSTALL_DIR) $(1)/etc/audit + $(CP) $(PKG_INSTALL_DIR)/etc/audit/* $(1)/etc/audit/ + # af_unix plugin is not installed. Remove it's .conf. + if [[ -f $(1)/etc/audit/plugins.d/af_unix.conf ]] ; then rm $(1)/etc/audit/plugins.d/af_unix.conf ; fi + $(INSTALL_DIR) $(1)/etc/init.d + $(INSTALL_BIN) ./files/audit.init $(1)/etc/init.d/audit + $(INSTALL_DIR) $(1)/usr/sbin + $(CP) $(PKG_INSTALL_DIR)/usr/sbin/auditd $(1)/usr/sbin/ +endef + +$(eval $(call HostBuild)) +$(eval $(call BuildPackage,libaudit)) +$(eval $(call BuildPackage,libauparse)) +$(eval $(call BuildPackage,audit-utils)) +$(eval $(call BuildPackage,auditd)) diff --git a/package/utils/audit/files/audit.init b/package/utils/audit/files/audit.init new file mode 100644 index 0000000000..4a9f53884b --- /dev/null +++ b/package/utils/audit/files/audit.init @@ -0,0 +1,16 @@ +#!/bin/sh /etc/rc.common +# Copyright (c) 2014 OpenWrt.org + +START=11 + +USE_PROCD=1 +PROG=/usr/sbin/auditd + +start_service() { + mkdir -p /var/log/audit + procd_open_instance + procd_set_param command "$PROG" -n + procd_set_param respawn + procd_close_instance + test -f /etc/audit/rules.d/audit.rules && /usr/sbin/auditctl -R /etc/audit/rules.d/audit.rules +} -- 2.30.2