diff options
Diffstat (limited to 'main/audit')
-rw-r--r-- | main/audit/APKBUILD | 65 | ||||
-rw-r--r-- | main/audit/musl.patch | 46 | ||||
-rw-r--r-- | main/audit/test-uid-42.patch | 76 | ||||
-rw-r--r-- | main/audit/usr-paths.patch (renamed from main/audit/0004-fix-path-in-au-remote-conf.patch) | 14 |
4 files changed, 171 insertions, 30 deletions
diff --git a/main/audit/APKBUILD b/main/audit/APKBUILD index bd9c723667b..959f7006b6b 100644 --- a/main/audit/APKBUILD +++ b/main/audit/APKBUILD @@ -1,36 +1,33 @@ # Contributor: Dermot Bradley <dermot_bradley@yahoo.com> -# Maintainer: Tycho Andersen <tycho@docker.com> +# Contributor: Tycho Andersen <tycho@docker.com> +# Maintainer: Celeste <cielesti@protonmail.com> pkgname=audit -pkgver=3.0.1 -pkgrel=1 -pkgdesc="User space tools for 2.6 kernel auditing" +pkgver=4.0.1 +pkgrel=0 +pkgdesc="User space tools for kernel auditing" url="https://people.redhat.com/sgrubb/audit/" arch="all" -license="GPL-2.0-or-later" +license="LGPL-2.1-or-later" depends_dev="linux-headers" makedepends="$depends_dev swig libcap-ng-dev python3" install="$pkgname.pre-install" -subpackages="$pkgname-static $pkgname-dev $pkgname-doc $pkgname-libs $pkgname-openrc" +subpackages=" + $pkgname-static + $pkgname-dev + $pkgname-doc + $pkgname-libs + $pkgname-openrc + " source="https://people.redhat.com/sgrubb/audit/audit-$pkgver.tar.gz 0003-all-get-rid-of-strndupa.patch - 0004-fix-path-in-au-remote-conf.patch + usr-paths.patch + musl.patch + test-uid-42.patch auditd.initd - auditd.confd" - -case "$CARCH" in -mips*) - # mips builder does not have audit support enabled - options="$options !check" - ;; -esac - -builddir="$srcdir/audit-$pkgver" + auditd.confd + " build() { - if [ "$CARCH" = "ppc64le" ]; then - WITHOUT="--without-python3 --without-python" - fi - ./configure \ --build=$CBUILD \ --host=$CHOST \ @@ -41,29 +38,39 @@ build() { --disable-zos-remote \ --enable-shared=audit \ --with-arm \ - --with-aarch64 \ - $WITHOUT + --with-aarch64 make } check() { - make -j1 check + make check } package() { make DESTDIR="$pkgdir" install + install -Dm755 "$srcdir"/auditd.initd "$pkgdir"/etc/init.d/auditd install -Dm644 "$srcdir"/auditd.confd "$pkgdir"/etc/conf.d/auditd + + cd "$pkgdir" + rm -r usr/lib/systemd/system \ + usr/libexec/initscripts/legacy-actions/auditd + rmdir -vp --ignore-fail-on-non-empty usr/lib/systemd \ + usr/libexec/initscripts/legacy-actions } static() { pkgdesc="Static libaudit libraries" - mkdir -p "$subpkgdir"/usr/lib/ - mv "$pkgdir"/usr/lib/*.a "$subpkgdir"/usr/lib/ + + amove usr/lib/*.a } -sha512sums="ad2897c9f539681f0f65b08cd0e650c528957fd4799755c2bcc47f869e04272aad31684c46847124d7b42dde243a16ba2754936890189610814c7007c0381d8c audit-3.0.1.tar.gz +sha512sums=" +7fbc426d0ddea340a36ceab52ac090e8e3dfb3450ebf50b478324a097f19ab4bb2cf78a2532644acb17e6114b59b8fda718affda9da62fb84181e3abf76039df audit-4.0.1.tar.gz f3f2c4ee745e99877c981d889c5cbb0379d073a9b7634c1480ae603a21a13045f9978b51f8cb53c8d0ba414d249bb859af7bca7e302c464b3fc3c6463ecca762 0003-all-get-rid-of-strndupa.patch -6a0e1fb81d7defe6ad84da447a55e1e0b90299fcbd1ca679934a1dfa1a211986ea4642a1c69abe0619120b64b16546a41fa028f55f27c79819d896178aac6df7 0004-fix-path-in-au-remote-conf.patch +90c7d213a0b4ef27bf643e046dd2b3c5909706c62fba24ef34ecb32ff07b73fda13ed04c616a7cf8148115fc977aa1096b61e717abd5bd32f72f7bb4ac07999f usr-paths.patch +68e49b5056197b555dc95eeb7ee7f26b3fe9a7b2d38ad5c5d788c8bd90c5f410a2001ce8513ab3ebb663a58b0999a5fab00c9d754cb09bd0559852f14d90b722 musl.patch +a8379c26553f524a4684ee660fe1e3422d720080f137ac9ebc17873cf90d13b6b81a5fde2d9b076ee32a2c1115240146bc12daca9a22ec53e7986c7454278794 test-uid-42.patch b3d7ceba02b6b4406222c3b142fcfdf2b612dc52eebc490cfd121d696e4ef7c6cc5e27813d67937c464ed4c3cd283de9ccfcb75e63405a447523fa4641e79da3 auditd.initd -69d8777772ded7a8c0db2bcf84961b121bb355fa0d4ba0e14e311f8a8bfe665cbd2b7ac632d73477f9dfa9a6eec357a7ed458fe9b3e7b5ede75b166f3f092ab7 auditd.confd" +69d8777772ded7a8c0db2bcf84961b121bb355fa0d4ba0e14e311f8a8bfe665cbd2b7ac632d73477f9dfa9a6eec357a7ed458fe9b3e7b5ede75b166f3f092ab7 auditd.confd +" diff --git a/main/audit/musl.patch b/main/audit/musl.patch new file mode 100644 index 00000000000..9db71cfa198 --- /dev/null +++ b/main/audit/musl.patch @@ -0,0 +1,46 @@ +--- a/auparse/auparse.h ++++ b/auparse/auparse.h +@@ -55,7 +55,7 @@ + void auparse_destroy(auparse_state_t *au); + void auparse_destroy_ext(auparse_state_t *au, auparse_destroy_what_t what); + auparse_state_t *auparse_init(ausource_t source, const void *b) +- __attribute_malloc__ __attr_dealloc (auparse_destroy, 1); ++ __attribute__((__malloc__)) __attr_dealloc (auparse_destroy, 1); + int auparse_new_buffer(auparse_state_t *au, const char *data, size_t data_len) + __attr_access ((__read_only__, 2, 3)); + int auparse_feed(auparse_state_t *au, const char *data, size_t data_len) +--- a/audisp/plugins/remote/queue.c ++++ b/audisp/plugins/remote/queue.c +@@ -49,10 +49,8 @@ + }; + + /* Local Declarations */ +-static int full_pread(int fd, void *buf, size_t size, off_t offset) +- __attr_access ((__write_only__, 2, 3)); +-static int full_pwrite(int fd, const void *buf, size_t size, off_t offset) +- __attr_access ((__read_only__, 2, 3)); ++static int full_pread(int fd, void *buf, size_t size, off_t offset); ++static int full_pwrite(int fd, const void *buf, size_t size, off_t offset); + + /* Compile-time expression verification */ + #define verify(E) do { \ +--- a/audisp/plugins/remote/queue.h ++++ b/audisp/plugins/remote/queue.h +@@ -53,15 +53,14 @@ + * On error, return NULL and set errno. */ + struct queue *q_open(int q_flags, const char *path, size_t num_entries, + size_t entry_size) +- __attribute_malloc__ __attr_dealloc (q_close, 1) __wur; ++ __attribute__((__malloc__)); + + /* Add DATA to tail of Q. Return 0 on success, -1 on error and set errno. */ + int q_append(struct queue *q, const char *data); + + /* Peek at head of Q, storing it into BUF of SIZE. Return 1 if an entry + * exists, 0 if queue is empty. On error, return -1 and set errno. */ +-int q_peek(struct queue *q, char *buf, size_t size) +- __attr_access ((__write_only__, 2, 3)); ++int q_peek(struct queue *q, char *buf, size_t size); + + /* Drop head of Q and return 0. On error, return -1 and set errno. */ + int q_drop_head(struct queue *q); diff --git a/main/audit/test-uid-42.patch b/main/audit/test-uid-42.patch new file mode 100644 index 00000000000..f1d096451ef --- /dev/null +++ b/main/audit/test-uid-42.patch @@ -0,0 +1,76 @@ +uid 42 is not gdm on Alpine + +--- a/auparse/test/auparse_test.ref ++++ b/auparse/test/auparse_test.ref +@@ -188,7 +188,7 @@ + uid=0 (root) + subj=system_u:system_r:init_t:s0 (system_u:system_r:init_t:s0) + old-auid=4294967295 (unset) +- auid=42 (gdm) ++ auid=42 (unknown(42)) + tty=(none) ((none)) + old-ses=4294967295 (4294967295) + ses=1 (1) +@@ -209,7 +209,7 @@ + items=0 (0) + ppid=1 (1) + pid=2288 (2288) +- auid=42 (gdm) ++ auid=42 (unknown(42)) + uid=0 (root) + gid=0 (root) + euid=0 (root) +@@ -389,7 +389,7 @@ + uid=0 (root) + subj=system_u:system_r:init_t:s0 (system_u:system_r:init_t:s0) + old-auid=4294967295 (unset) +- auid=42 (gdm) ++ auid=42 (unknown(42)) + tty=(none) ((none)) + old-ses=4294967295 (4294967295) + ses=1 (1) +@@ -410,7 +410,7 @@ + items=0 (0) + ppid=1 (1) + pid=2288 (2288) +- auid=42 (gdm) ++ auid=42 (unknown(42)) + uid=0 (root) + gid=0 (root) + euid=0 (root) +@@ -587,7 +587,7 @@ + uid=0 (root) + subj=system_u:system_r:init_t:s0 (system_u:system_r:init_t:s0) + old-auid=4294967295 (unset) +- auid=42 (gdm) ++ auid=42 (unknown(42)) + tty=(none) ((none)) + old-ses=4294967295 (4294967295) + ses=1 (1) +@@ -608,7 +608,7 @@ + items=0 (0) + ppid=1 (1) + pid=2288 (2288) +- auid=42 (gdm) ++ auid=42 (unknown(42)) + uid=0 (root) + gid=0 (root) + euid=0 (root) +@@ -874,7 +874,7 @@ + uid=0 (root) + subj=system_u:system_r:init_t:s0 (system_u:system_r:init_t:s0) + old-auid=4294967295 (unset) +- auid=42 (gdm) ++ auid=42 (unknown(42)) + tty=(none) ((none)) + old-ses=4294967295 (4294967295) + ses=1 (1) +@@ -895,7 +895,7 @@ + items=0 (0) + ppid=1 (1) + pid=2288 (2288) +- auid=42 (gdm) ++ auid=42 (unknown(42)) + uid=0 (root) + gid=0 (root) + euid=0 (root) diff --git a/main/audit/0004-fix-path-in-au-remote-conf.patch b/main/audit/usr-paths.patch index c3d1efd8460..8e1c2b67d97 100644 --- a/main/audit/0004-fix-path-in-au-remote-conf.patch +++ b/main/audit/usr-paths.patch @@ -1,7 +1,8 @@ From: Dermot Bradley <dermot_bradley@yahoo.com> Date: Fri, 29 May 2020 19:55:23 +0100 +Updated: Mon, 30 May 2022 23:42:39 +0000 -Fix the path to the audisp-remote binary. +correct paths in plugins --- a/audisp/plugins/remote/au-remote.conf +++ b/audisp/plugins/remote/au-remote.conf @@ -14,3 +15,14 @@ Fix the path to the audisp-remote binary. type = always #args = format = string +--- a/audisp/plugins/syslog/syslog.conf ++++ b/audisp/plugins/syslog/syslog.conf +@@ -8,7 +8,7 @@ + + active = no + direction = out +-path = /sbin/audisp-syslog ++path = /usr/sbin/audisp-syslog + type = always + args = LOG_INFO + format = string |