diff options
Diffstat (limited to 'main/audit')
-rw-r--r-- | main/audit/0002-auparse-remove-use-of-rawmemchr.patch | 34 | ||||
-rw-r--r-- | main/audit/0005-fix-path-in-auditd-conf.patch | 19 | ||||
-rw-r--r-- | main/audit/APKBUILD | 71 | ||||
-rw-r--r-- | main/audit/fno-common-fix.patch | 23 | ||||
-rw-r--r-- | main/audit/musl.patch | 46 | ||||
-rw-r--r-- | main/audit/test-uid-42.patch | 76 | ||||
-rw-r--r-- | main/audit/usr-paths.patch (renamed from main/audit/0004-fix-path-in-au-remote-conf.patch) | 14 |
7 files changed, 171 insertions, 112 deletions
diff --git a/main/audit/0002-auparse-remove-use-of-rawmemchr.patch b/main/audit/0002-auparse-remove-use-of-rawmemchr.patch deleted file mode 100644 index 891a87bbc33..00000000000 --- a/main/audit/0002-auparse-remove-use-of-rawmemchr.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 8f2a6788b78dd6b219545aacbd42e2f84df8c71a Mon Sep 17 00:00:00 2001 -From: Tycho Andersen <tycho@docker.com> -Date: Mon, 13 Mar 2017 16:17:10 -0700 -Subject: [PATCH 2/4] auparse: remove use of rawmemchr - -just iterate over the string instead, it's much simpler and doesn't use a -glibc extension. - -Signed-off-by: Tycho Andersen <tycho@docker.com> ---- - auparse/interpret.c | 7 +++---- - 1 file changed, 3 insertions(+), 4 deletions(-) - -diff --git a/auparse/interpret.c b/auparse/interpret.c -index ea17c41..75b7679 100644 ---- a/auparse/interpret.c -+++ b/auparse/interpret.c -@@ -819,10 +819,9 @@ static const char *print_proctitle(const char *val) - // Proctitle has arguments separated by NUL bytes - // We need to write over the NUL bytes with a space - // so that we can see the arguments -- while ((ptr = rawmemchr(ptr, '\0'))) { -- if (ptr >= end) -- break; -- *ptr = ' '; -+ while (ptr < end) { -+ if (*ptr == '\0') -+ *ptr = ' '; - ptr++; - } - } --- -2.13.1 - diff --git a/main/audit/0005-fix-path-in-auditd-conf.patch b/main/audit/0005-fix-path-in-auditd-conf.patch deleted file mode 100644 index 4214d398617..00000000000 --- a/main/audit/0005-fix-path-in-auditd-conf.patch +++ /dev/null @@ -1,19 +0,0 @@ -From: Dermot Bradley <dermot_bradley@yahoo.com> -Date: Fri, 29 May 2020 19:58:07 +0100 - -Fix the path to the audispd binary. - -There is no point upstreaming this fix as the next release (3.0 -in development) no longer uses this configuration setting. - ---- a/init.d/auditd.conf -+++ b/init.d/auditd.conf -@@ -13,7 +13,7 @@ - num_logs = 5 - priority_boost = 4 - disp_qos = lossy --dispatcher = /sbin/audispd -+dispatcher = /usr/sbin/audispd - name_format = NONE - ##name = mydomain - max_log_file_action = ROTATE diff --git a/main/audit/APKBUILD b/main/audit/APKBUILD index b99bc5a5b41..959f7006b6b 100644 --- a/main/audit/APKBUILD +++ b/main/audit/APKBUILD @@ -1,39 +1,33 @@ # Contributor: Dermot Bradley <dermot_bradley@yahoo.com> -# Maintainer: Tycho Andersen <tycho@docker.com> +# Contributor: Tycho Andersen <tycho@docker.com> +# Maintainer: Celeste <cielesti@protonmail.com> pkgname=audit -pkgver=2.8.5 -pkgrel=3 -pkgdesc="User space tools for 2.6 kernel auditing" +pkgver=4.0.1 +pkgrel=0 +pkgdesc="User space tools for kernel auditing" url="https://people.redhat.com/sgrubb/audit/" arch="all" -license="GPL-2.0-or-later" +license="LGPL-2.1-or-later" depends_dev="linux-headers" makedepends="$depends_dev swig libcap-ng-dev python3" install="$pkgname.pre-install" -subpackages="$pkgname-static $pkgname-dev $pkgname-doc $pkgname-libs $pkgname-openrc" +subpackages=" + $pkgname-static + $pkgname-dev + $pkgname-doc + $pkgname-libs + $pkgname-openrc + " source="https://people.redhat.com/sgrubb/audit/audit-$pkgver.tar.gz - fno-common-fix.patch - 0002-auparse-remove-use-of-rawmemchr.patch 0003-all-get-rid-of-strndupa.patch - 0004-fix-path-in-au-remote-conf.patch - 0005-fix-path-in-auditd-conf.patch + usr-paths.patch + musl.patch + test-uid-42.patch auditd.initd - auditd.confd" - -case "$CARCH" in -mips*) - # mips builder does not have audit support enabled - options="$options !check" - ;; -esac - -builddir="$srcdir/audit-$pkgver" + auditd.confd + " build() { - if [ "$CARCH" = "ppc64le" ]; then - WITHOUT="--without-python3 --without-python" - fi - ./configure \ --build=$CBUILD \ --host=$CHOST \ @@ -44,32 +38,39 @@ build() { --disable-zos-remote \ --enable-shared=audit \ --with-arm \ - --with-aarch64 \ - $WITHOUT + --with-aarch64 make } check() { - make -j1 check + make check } package() { make DESTDIR="$pkgdir" install + install -Dm755 "$srcdir"/auditd.initd "$pkgdir"/etc/init.d/auditd install -Dm644 "$srcdir"/auditd.confd "$pkgdir"/etc/conf.d/auditd + + cd "$pkgdir" + rm -r usr/lib/systemd/system \ + usr/libexec/initscripts/legacy-actions/auditd + rmdir -vp --ignore-fail-on-non-empty usr/lib/systemd \ + usr/libexec/initscripts/legacy-actions } static() { pkgdesc="Static libaudit libraries" - mkdir -p "$subpkgdir"/usr/lib/ - mv "$pkgdir"/usr/lib/*.a "$subpkgdir"/usr/lib/ + + amove usr/lib/*.a } -sha512sums="7d416aaa21c1a167f8e911ca82aecbaba804424f3243f505066c43ecc4a62a34feb2c27555e99d3268608404793dccca0f828c63670e3aa816016fb493f8174a audit-2.8.5.tar.gz -78e32c05b6896d37bacf0938954fbce7486a528dabd55421f1715438fe489171f9157059050abdcb3f673258aa28b4a11f643ddb7824f3499a195dbbe634f101 fno-common-fix.patch -b7851d4c3c6d7d35f2e822273c17ab530ac24301c414da7f0c7578b7a182692ecd01b51cb50ea04adba4b43987f27020f8f411aec23b3bda0af4d4b6e9fbae5d 0002-auparse-remove-use-of-rawmemchr.patch +sha512sums=" +7fbc426d0ddea340a36ceab52ac090e8e3dfb3450ebf50b478324a097f19ab4bb2cf78a2532644acb17e6114b59b8fda718affda9da62fb84181e3abf76039df audit-4.0.1.tar.gz f3f2c4ee745e99877c981d889c5cbb0379d073a9b7634c1480ae603a21a13045f9978b51f8cb53c8d0ba414d249bb859af7bca7e302c464b3fc3c6463ecca762 0003-all-get-rid-of-strndupa.patch -6a0e1fb81d7defe6ad84da447a55e1e0b90299fcbd1ca679934a1dfa1a211986ea4642a1c69abe0619120b64b16546a41fa028f55f27c79819d896178aac6df7 0004-fix-path-in-au-remote-conf.patch -f2ed684363df755360f5265257da3d0cbd41024b1112498beb9c6d76b8f538e7b5e4bcfe233c8d6cbb22ecac60eb1b20f91ae0ba93b3d9009af733021c4be61e 0005-fix-path-in-auditd-conf.patch +90c7d213a0b4ef27bf643e046dd2b3c5909706c62fba24ef34ecb32ff07b73fda13ed04c616a7cf8148115fc977aa1096b61e717abd5bd32f72f7bb4ac07999f usr-paths.patch +68e49b5056197b555dc95eeb7ee7f26b3fe9a7b2d38ad5c5d788c8bd90c5f410a2001ce8513ab3ebb663a58b0999a5fab00c9d754cb09bd0559852f14d90b722 musl.patch +a8379c26553f524a4684ee660fe1e3422d720080f137ac9ebc17873cf90d13b6b81a5fde2d9b076ee32a2c1115240146bc12daca9a22ec53e7986c7454278794 test-uid-42.patch b3d7ceba02b6b4406222c3b142fcfdf2b612dc52eebc490cfd121d696e4ef7c6cc5e27813d67937c464ed4c3cd283de9ccfcb75e63405a447523fa4641e79da3 auditd.initd -69d8777772ded7a8c0db2bcf84961b121bb355fa0d4ba0e14e311f8a8bfe665cbd2b7ac632d73477f9dfa9a6eec357a7ed458fe9b3e7b5ede75b166f3f092ab7 auditd.confd" +69d8777772ded7a8c0db2bcf84961b121bb355fa0d4ba0e14e311f8a8bfe665cbd2b7ac632d73477f9dfa9a6eec357a7ed458fe9b3e7b5ede75b166f3f092ab7 auditd.confd +" diff --git a/main/audit/fno-common-fix.patch b/main/audit/fno-common-fix.patch deleted file mode 100644 index b73ae271ff4..00000000000 --- a/main/audit/fno-common-fix.patch +++ /dev/null @@ -1,23 +0,0 @@ -From 017e6c6ab95df55f34e339d2139def83e5dada1f Mon Sep 17 00:00:00 2001 -From: Steve Grubb <sgrubb@redhat.com> -Date: Fri, 10 Jan 2020 21:13:50 -0500 -Subject: [PATCH] Header definitions need to be external when building with - -fno-common (which is default in GCC 10) - Tony Jones - ---- - src/ausearch-common.h | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/ausearch-common.h b/src/ausearch-common.h -index 6669203..3040547 100644 ---- a/src/ausearch-common.h -+++ b/src/ausearch-common.h -@@ -50,7 +50,7 @@ extern pid_t event_pid; - extern int event_exact_match; - extern uid_t event_uid, event_euid, event_loginuid; - extern const char *event_tuid, *event_teuid, *event_tauid; --slist *event_node_list; -+extern slist *event_node_list; - extern const char *event_comm; - extern const char *event_filename; - extern const char *event_hostname; diff --git a/main/audit/musl.patch b/main/audit/musl.patch new file mode 100644 index 00000000000..9db71cfa198 --- /dev/null +++ b/main/audit/musl.patch @@ -0,0 +1,46 @@ +--- a/auparse/auparse.h ++++ b/auparse/auparse.h +@@ -55,7 +55,7 @@ + void auparse_destroy(auparse_state_t *au); + void auparse_destroy_ext(auparse_state_t *au, auparse_destroy_what_t what); + auparse_state_t *auparse_init(ausource_t source, const void *b) +- __attribute_malloc__ __attr_dealloc (auparse_destroy, 1); ++ __attribute__((__malloc__)) __attr_dealloc (auparse_destroy, 1); + int auparse_new_buffer(auparse_state_t *au, const char *data, size_t data_len) + __attr_access ((__read_only__, 2, 3)); + int auparse_feed(auparse_state_t *au, const char *data, size_t data_len) +--- a/audisp/plugins/remote/queue.c ++++ b/audisp/plugins/remote/queue.c +@@ -49,10 +49,8 @@ + }; + + /* Local Declarations */ +-static int full_pread(int fd, void *buf, size_t size, off_t offset) +- __attr_access ((__write_only__, 2, 3)); +-static int full_pwrite(int fd, const void *buf, size_t size, off_t offset) +- __attr_access ((__read_only__, 2, 3)); ++static int full_pread(int fd, void *buf, size_t size, off_t offset); ++static int full_pwrite(int fd, const void *buf, size_t size, off_t offset); + + /* Compile-time expression verification */ + #define verify(E) do { \ +--- a/audisp/plugins/remote/queue.h ++++ b/audisp/plugins/remote/queue.h +@@ -53,15 +53,14 @@ + * On error, return NULL and set errno. */ + struct queue *q_open(int q_flags, const char *path, size_t num_entries, + size_t entry_size) +- __attribute_malloc__ __attr_dealloc (q_close, 1) __wur; ++ __attribute__((__malloc__)); + + /* Add DATA to tail of Q. Return 0 on success, -1 on error and set errno. */ + int q_append(struct queue *q, const char *data); + + /* Peek at head of Q, storing it into BUF of SIZE. Return 1 if an entry + * exists, 0 if queue is empty. On error, return -1 and set errno. */ +-int q_peek(struct queue *q, char *buf, size_t size) +- __attr_access ((__write_only__, 2, 3)); ++int q_peek(struct queue *q, char *buf, size_t size); + + /* Drop head of Q and return 0. On error, return -1 and set errno. */ + int q_drop_head(struct queue *q); diff --git a/main/audit/test-uid-42.patch b/main/audit/test-uid-42.patch new file mode 100644 index 00000000000..f1d096451ef --- /dev/null +++ b/main/audit/test-uid-42.patch @@ -0,0 +1,76 @@ +uid 42 is not gdm on Alpine + +--- a/auparse/test/auparse_test.ref ++++ b/auparse/test/auparse_test.ref +@@ -188,7 +188,7 @@ + uid=0 (root) + subj=system_u:system_r:init_t:s0 (system_u:system_r:init_t:s0) + old-auid=4294967295 (unset) +- auid=42 (gdm) ++ auid=42 (unknown(42)) + tty=(none) ((none)) + old-ses=4294967295 (4294967295) + ses=1 (1) +@@ -209,7 +209,7 @@ + items=0 (0) + ppid=1 (1) + pid=2288 (2288) +- auid=42 (gdm) ++ auid=42 (unknown(42)) + uid=0 (root) + gid=0 (root) + euid=0 (root) +@@ -389,7 +389,7 @@ + uid=0 (root) + subj=system_u:system_r:init_t:s0 (system_u:system_r:init_t:s0) + old-auid=4294967295 (unset) +- auid=42 (gdm) ++ auid=42 (unknown(42)) + tty=(none) ((none)) + old-ses=4294967295 (4294967295) + ses=1 (1) +@@ -410,7 +410,7 @@ + items=0 (0) + ppid=1 (1) + pid=2288 (2288) +- auid=42 (gdm) ++ auid=42 (unknown(42)) + uid=0 (root) + gid=0 (root) + euid=0 (root) +@@ -587,7 +587,7 @@ + uid=0 (root) + subj=system_u:system_r:init_t:s0 (system_u:system_r:init_t:s0) + old-auid=4294967295 (unset) +- auid=42 (gdm) ++ auid=42 (unknown(42)) + tty=(none) ((none)) + old-ses=4294967295 (4294967295) + ses=1 (1) +@@ -608,7 +608,7 @@ + items=0 (0) + ppid=1 (1) + pid=2288 (2288) +- auid=42 (gdm) ++ auid=42 (unknown(42)) + uid=0 (root) + gid=0 (root) + euid=0 (root) +@@ -874,7 +874,7 @@ + uid=0 (root) + subj=system_u:system_r:init_t:s0 (system_u:system_r:init_t:s0) + old-auid=4294967295 (unset) +- auid=42 (gdm) ++ auid=42 (unknown(42)) + tty=(none) ((none)) + old-ses=4294967295 (4294967295) + ses=1 (1) +@@ -895,7 +895,7 @@ + items=0 (0) + ppid=1 (1) + pid=2288 (2288) +- auid=42 (gdm) ++ auid=42 (unknown(42)) + uid=0 (root) + gid=0 (root) + euid=0 (root) diff --git a/main/audit/0004-fix-path-in-au-remote-conf.patch b/main/audit/usr-paths.patch index c3d1efd8460..8e1c2b67d97 100644 --- a/main/audit/0004-fix-path-in-au-remote-conf.patch +++ b/main/audit/usr-paths.patch @@ -1,7 +1,8 @@ From: Dermot Bradley <dermot_bradley@yahoo.com> Date: Fri, 29 May 2020 19:55:23 +0100 +Updated: Mon, 30 May 2022 23:42:39 +0000 -Fix the path to the audisp-remote binary. +correct paths in plugins --- a/audisp/plugins/remote/au-remote.conf +++ b/audisp/plugins/remote/au-remote.conf @@ -14,3 +15,14 @@ Fix the path to the audisp-remote binary. type = always #args = format = string +--- a/audisp/plugins/syslog/syslog.conf ++++ b/audisp/plugins/syslog/syslog.conf +@@ -8,7 +8,7 @@ + + active = no + direction = out +-path = /sbin/audisp-syslog ++path = /usr/sbin/audisp-syslog + type = always + args = LOG_INFO + format = string |