Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Jason Zaman <perfinion@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] repo/gentoo:master commit in: sys-process/audit/
Date: Mon, 04 Jun 2018 07:50:35
Message-Id: 1528098607.cc83c96f2c3663bd1f99b7c4f5206a093236a5ba.perfinion@gentoo
1 commit: cc83c96f2c3663bd1f99b7c4f5206a093236a5ba
2 Author: Jason Zaman <perfinion <AT> gentoo <DOT> org>
3 AuthorDate: Mon Jun 4 06:52:39 2018 +0000
4 Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
5 CommitDate: Mon Jun 4 07:50:07 2018 +0000
6 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cc83c96f
7
8 sys-process/audit: bump to 2.8.3
9
10 Package-Manager: Portage-2.3.40, Repoman-2.3.9
11
12 sys-process/audit/Manifest | 1 +
13 sys-process/audit/audit-2.8.3.ebuild | 230 +++++++++++++++++++++++++++++++++++
14 2 files changed, 231 insertions(+)
15
16 diff --git a/sys-process/audit/Manifest b/sys-process/audit/Manifest
17 index 7303bc7843e..b95d1676625 100644
18 --- a/sys-process/audit/Manifest
19 +++ b/sys-process/audit/Manifest
20 @@ -1,3 +1,4 @@
21 DIST audit-2.6.4.tar.gz 1078677 BLAKE2B 056d9f269926d9b0d74f7187f833f1e94d4e03a5137750fe4ff87b71fa0ce0e0a8569b97ecbd671f951061cfb088dff17b46e37cc14122864c37615356646fc5 SHA512 69b5d3987d2b8b189d1242fde639af3d7d366e901733133e47ee71223caf73aa7da40b7811298f0af861969b0ab482c5ef9830b711bdd15bd5f4d0ebc88a1224
22 DIST audit-2.7.1.tar.gz 1099083 BLAKE2B 10f72ac3273ce9e23e1fb8ad8d57dcae772ba1f861f519867399d95e14f4809897637969de45566d62a73a35e5674260155773daf8de00481fcbd1b9c3138f96 SHA512 37964d81deee8608fde5f90d5d096727d3eb009e084be34749adcb0662e607e35c49c80bd83ce38b17161f11363b691721c8a8aa5dea832d320c53ab0ebb7483
23 DIST audit-2.8.2.tar.gz 1121970 BLAKE2B bbec694ed1177a8590d035c2d6d197e49343fc370b101589e58736042c3b12cabb68fe796422f3133feb79068ab7d5931efa5414d22edead10c8871fefcd2549 SHA512 888ebf5e8e9d285b82d87377fc8836886d7a8b089c1be4091420a77a0250c9baf09aebb7a6330ff5043fb35f51eb6baf8d4491e26da7ad0811f0087e395b5012
24 +DIST audit-2.8.3.tar.gz 1107583 BLAKE2B 21c2b8543a31c0ca4319af40b844f4400615108a59195a95ea79499ff2923d7dbbc840716d60dfba311bfc451983cd4cd0f7cb27c2444825df2c0dfb50f9614f SHA512 aa939b81a66111f4e466208d7a38414bd186d00ccd374b420439764905b4707bbfcdc2331a6179a080fca981d19171696ecabd26674205b2f9339c44954db933
25
26 diff --git a/sys-process/audit/audit-2.8.3.ebuild b/sys-process/audit/audit-2.8.3.ebuild
27 new file mode 100644
28 index 00000000000..c03f103ef2f
29 --- /dev/null
30 +++ b/sys-process/audit/audit-2.8.3.ebuild
31 @@ -0,0 +1,230 @@
32 +# Copyright 1999-2018 Gentoo Foundation
33 +# Distributed under the terms of the GNU General Public License v2
34 +
35 +EAPI="6"
36 +
37 +PYTHON_COMPAT=( python{2_7,3_4,3_5,3_6} )
38 +
39 +inherit autotools multilib multilib-minimal toolchain-funcs preserve-libs python-r1 linux-info systemd
40 +
41 +DESCRIPTION="Userspace utilities for storing and processing auditing records"
42 +HOMEPAGE="https://people.redhat.com/sgrubb/audit/"
43 +SRC_URI="https://people.redhat.com/sgrubb/audit/${P}.tar.gz"
44 +
45 +LICENSE="GPL-2"
46 +SLOT="0"
47 +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
48 +IUSE="gssapi ldap python static-libs"
49 +REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"
50 +# Testcases are pretty useless as they are built for RedHat users/groups and kernels.
51 +RESTRICT="test"
52 +
53 +RDEPEND="gssapi? ( virtual/krb5 )
54 + ldap? ( net-nds/openldap )
55 + sys-libs/libcap-ng
56 + python? ( ${PYTHON_DEPS} )"
57 +DEPEND="${RDEPEND}
58 + >=sys-kernel/linux-headers-2.6.34
59 + python? ( dev-lang/swig:0 )"
60 +# Do not use os-headers as this is linux specific
61 +
62 +CONFIG_CHECK="~AUDIT"
63 +
64 +pkg_setup() {
65 + linux-info_pkg_setup
66 +}
67 +
68 +src_prepare() {
69 + eapply_user
70 +
71 + # Do not build GUI tools
72 + sed -i \
73 + -e '/AC_CONFIG_SUBDIRS.*system-config-audit/d' \
74 + "${S}"/configure.ac || die
75 + sed -i \
76 + -e 's,system-config-audit,,g' \
77 + "${S}"/Makefile.am || die
78 + rm -rf "${S}"/system-config-audit
79 +
80 + if ! use ldap; then
81 + sed -i \
82 + -e '/^AC_OUTPUT/s,audisp/plugins/zos-remote/Makefile,,g' \
83 + "${S}"/configure.ac || die
84 + sed -i \
85 + -e '/^SUBDIRS/s,zos-remote,,g' \
86 + "${S}"/audisp/plugins/Makefile.am || die
87 + fi
88 +
89 + # Don't build static version of Python module.
90 + eapply "${FILESDIR}"/${PN}-2.4.3-python.patch
91 +
92 + # glibc/kernel upstreams suck with both defining ia64_fpreg
93 + # This patch is a horribly workaround that is only valid as long as you
94 + # don't need the OTHER definitions in fpu.h.
95 + eapply "${FILESDIR}"/${PN}-2.1.3-ia64-compile-fix.patch
96 +
97 + # there is no --without-golang conf option
98 + sed -e "/^SUBDIRS =/s/ @gobind_dir@//" -i bindings/Makefile.am || die
99 +
100 + # Regenerate autotooling
101 + eautoreconf
102 +}
103 +
104 +multilib_src_configure() {
105 + local ECONF_SOURCE=${S}
106 + econf \
107 + --sbindir="${EPREFIX}/sbin" \
108 + $(use_enable gssapi gssapi-krb5) \
109 + $(use_enable static-libs static) \
110 + --enable-systemd \
111 + --without-python \
112 + --without-python3
113 +
114 + if multilib_is_native_abi; then
115 + python_configure() {
116 + mkdir -p "${BUILD_DIR}" || die
117 + cd "${BUILD_DIR}" || die
118 +
119 + if python_is_python3; then
120 + econf --without-python --with-python3
121 + else
122 + econf --with-python --without-python3
123 + fi
124 + }
125 +
126 + use python && python_foreach_impl python_configure
127 + fi
128 +}
129 +
130 +src_configure() {
131 + tc-export_build_env BUILD_{CC,CPP}
132 + export CC_FOR_BUILD="${BUILD_CC}"
133 + export CPP_FOR_BUILD="${BUILD_CPP}"
134 +
135 + multilib-minimal_src_configure
136 +}
137 +
138 +multilib_src_compile() {
139 + if multilib_is_native_abi; then
140 + default
141 +
142 + python_compile() {
143 + local pysuffix pydef
144 + if python_is_python3; then
145 + pysuffix=3
146 + pydef='USE_PYTHON3=true'
147 + else
148 + pysuffix=2
149 + pydef='HAVE_PYTHON=true'
150 + fi
151 +
152 + emake -C "${BUILD_DIR}"/bindings/swig \
153 + VPATH="${native_build}/lib" \
154 + LIBS="${native_build}/lib/libaudit.la" \
155 + _audit_la_LIBADD="${native_build}/lib/libaudit.la" \
156 + _audit_la_DEPENDENCIES="${S}/lib/libaudit.h ${native_build}/lib/libaudit.la" \
157 + ${pydef}
158 + emake -C "${BUILD_DIR}"/bindings/python/python${pysuffix} \
159 + VPATH="${S}/bindings/python/python${pysuffix}:${native_build}/bindings/python/python${pysuffix}" \
160 + auparse_la_LIBADD="${native_build}/auparse/libauparse.la ${native_build}/lib/libaudit.la" \
161 + ${pydef}
162 + }
163 +
164 + local native_build="${BUILD_DIR}"
165 + use python && python_foreach_impl python_compile
166 + else
167 + emake -C lib
168 + emake -C auparse
169 + fi
170 +}
171 +
172 +multilib_src_install() {
173 + if multilib_is_native_abi; then
174 + emake DESTDIR="${D}" initdir="$(systemd_get_systemunitdir)" install
175 +
176 + python_install() {
177 + local pysuffix pydef
178 + if python_is_python3; then
179 + pysuffix=3
180 + pydef='USE_PYTHON3=true'
181 + else
182 + pysuffix=2
183 + pydef='HAVE_PYTHON=true'
184 + fi
185 +
186 + emake -C "${BUILD_DIR}"/bindings/swig \
187 + VPATH="${native_build}/lib" \
188 + LIBS="${native_build}/lib/libaudit.la" \
189 + _audit_la_LIBADD="${native_build}/lib/libaudit.la" \
190 + _audit_la_DEPENDENCIES="${S}/lib/libaudit.h ${native_build}/lib/libaudit.la" \
191 + ${pydef} \
192 + DESTDIR="${D}" install
193 + emake -C "${BUILD_DIR}"/bindings/python/python${pysuffix} \
194 + VPATH="${S}/bindings/python/python${pysuffix}:${native_build}/bindings/python/python${pysuffix}" \
195 + auparse_la_LIBADD="${native_build}/auparse/libauparse.la ${native_build}/lib/libaudit.la" \
196 + ${pydef} \
197 + DESTDIR="${D}" install
198 + }
199 +
200 + local native_build=${BUILD_DIR}
201 + use python && python_foreach_impl python_install
202 +
203 + # things like shadow use this so we need to be in /
204 + gen_usr_ldscript -a audit auparse
205 + else
206 + emake -C lib DESTDIR="${D}" install
207 + emake -C auparse DESTDIR="${D}" install
208 + fi
209 +}
210 +
211 +multilib_src_install_all() {
212 + dodoc AUTHORS ChangeLog README* THANKS TODO
213 + docinto contrib
214 + dodoc contrib/{avc_snap,skeleton.c}
215 + docinto contrib/plugin
216 + dodoc contrib/plugin/*
217 + docinto rules
218 + dodoc rules/*
219 +
220 + newinitd "${FILESDIR}"/auditd-init.d-2.4.3 auditd
221 + newconfd "${FILESDIR}"/auditd-conf.d-2.1.3 auditd
222 +
223 + fperms 644 "$(systemd_get_systemunitdir)"/auditd.service # 556436
224 +
225 + [ -f "${ED}"/sbin/audisp-remote ] && \
226 + dodir /usr/sbin && \
227 + mv "${ED}"/{sbin,usr/sbin}/audisp-remote || die
228 +
229 + # Gentoo rules
230 + insinto /etc/audit/
231 + newins "${FILESDIR}"/audit.rules-2.1.3 audit.rules
232 + doins "${FILESDIR}"/audit.rules.stop*
233 +
234 + # audit logs go here
235 + keepdir /var/log/audit/
236 +
237 + find "${D}" -name '*.la' -delete || die
238 +
239 + # Security
240 + lockdown_perms "${ED}"
241 +}
242 +
243 +pkg_preinst() {
244 + # Preserve from the audit-1 series
245 + preserve_old_lib /$(get_libdir)/libaudit.so.0
246 +}
247 +
248 +pkg_postinst() {
249 + lockdown_perms "${EROOT}"
250 + # Preserve from the audit-1 series
251 + preserve_old_lib_notify /$(get_libdir)/libaudit.so.0
252 +}
253 +
254 +lockdown_perms() {
255 + # Upstream wants these to have restrictive perms.
256 + # Should not || die as not all paths may exist.
257 + local basedir="$1"
258 + chmod 0750 "${basedir}"/sbin/au{ditctl,report,dispd,ditd,search,trace} 2>/dev/null
259 + chmod 0750 "${basedir}"/var/log/audit/ 2>/dev/null
260 + chmod 0640 "${basedir}"/etc/{audit/,}{auditd.conf,audit.rules*} 2>/dev/null
261 +}
Report Message
Find on MARC Find on Google Groups