1 |
commit: dcf4262cdd1e64450de4f825edc61f310894401c |
2 |
Author: Michał Górny <mgorny <AT> gentoo <DOT> org> |
3 |
AuthorDate: Fri Jan 1 22:52:33 2021 +0000 |
4 |
Commit: Michał Górny <mgorny <AT> gentoo <DOT> org> |
5 |
CommitDate: Fri Jan 1 22:57:14 2021 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=dcf4262c |
7 |
|
8 |
sys-process/audit: Revert "Remove old (py3.6)" |
9 |
|
10 |
Removed too many files/ due to a misgrep. |
11 |
|
12 |
Reverts: 7494ff77d198e87226f368af01769e2ebb38cb61 |
13 |
Closes: https://bugs.gentoo.org/762919 |
14 |
Signed-off-by: Michał Górny <mgorny <AT> gentoo.org> |
15 |
|
16 |
sys-process/audit/Manifest | 4 + |
17 |
sys-process/audit/audit-2.6.4.ebuild | 230 +++++++++++++++++++++ |
18 |
sys-process/audit/audit-2.7.1.ebuild | 230 +++++++++++++++++++++ |
19 |
sys-process/audit/audit-2.8.2.ebuild | 228 ++++++++++++++++++++ |
20 |
sys-process/audit/audit-2.8.3.ebuild | 228 ++++++++++++++++++++ |
21 |
.../audit/files/audit-2.1.3-ia64-compile-fix.patch | 212 +++++++++++++++++++ |
22 |
sys-process/audit/files/audit.rules | 24 +++ |
23 |
sys-process/audit/files/audit.rules.stop.post | 12 ++ |
24 |
sys-process/audit/files/audit.rules.stop.pre | 15 ++ |
25 |
9 files changed, 1183 insertions(+) |
26 |
|
27 |
diff --git a/sys-process/audit/Manifest b/sys-process/audit/Manifest |
28 |
index d5276de092b..2890c29de36 100644 |
29 |
--- a/sys-process/audit/Manifest |
30 |
+++ b/sys-process/audit/Manifest |
31 |
@@ -1,4 +1,8 @@ |
32 |
DIST audit-017e6c6ab95df55f34e339d2139def83e5dada1f.patch 852 BLAKE2B 60d8b813f57338ce267a09913e68a0726acf5cf878cd2893fe2493f80d2b0ac1e0504dc7a72e85134ae2597b268cb1772b4e7c6c2f19149fc905f6928e2db47f SHA512 78e32c05b6896d37bacf0938954fbce7486a528dabd55421f1715438fe489171f9157059050abdcb3f673258aa28b4a11f643ddb7824f3499a195dbbe634f101 |
33 |
+DIST audit-2.6.4.tar.gz 1078677 BLAKE2B 056d9f269926d9b0d74f7187f833f1e94d4e03a5137750fe4ff87b71fa0ce0e0a8569b97ecbd671f951061cfb088dff17b46e37cc14122864c37615356646fc5 SHA512 69b5d3987d2b8b189d1242fde639af3d7d366e901733133e47ee71223caf73aa7da40b7811298f0af861969b0ab482c5ef9830b711bdd15bd5f4d0ebc88a1224 |
34 |
+DIST audit-2.7.1.tar.gz 1099083 BLAKE2B 10f72ac3273ce9e23e1fb8ad8d57dcae772ba1f861f519867399d95e14f4809897637969de45566d62a73a35e5674260155773daf8de00481fcbd1b9c3138f96 SHA512 37964d81deee8608fde5f90d5d096727d3eb009e084be34749adcb0662e607e35c49c80bd83ce38b17161f11363b691721c8a8aa5dea832d320c53ab0ebb7483 |
35 |
+DIST audit-2.8.2.tar.gz 1121970 BLAKE2B bbec694ed1177a8590d035c2d6d197e49343fc370b101589e58736042c3b12cabb68fe796422f3133feb79068ab7d5931efa5414d22edead10c8871fefcd2549 SHA512 888ebf5e8e9d285b82d87377fc8836886d7a8b089c1be4091420a77a0250c9baf09aebb7a6330ff5043fb35f51eb6baf8d4491e26da7ad0811f0087e395b5012 |
36 |
+DIST audit-2.8.3.tar.gz 1107583 BLAKE2B 21c2b8543a31c0ca4319af40b844f4400615108a59195a95ea79499ff2923d7dbbc840716d60dfba311bfc451983cd4cd0f7cb27c2444825df2c0dfb50f9614f SHA512 aa939b81a66111f4e466208d7a38414bd186d00ccd374b420439764905b4707bbfcdc2331a6179a080fca981d19171696ecabd26674205b2f9339c44954db933 |
37 |
DIST audit-2.8.4.tar.gz 1123889 BLAKE2B b80272b1984942d3c38bde30d22c736a8cc8896a2e42a9bf286446129313ce57a2a117ce26a0a5f1a4a06b4a48ddde463b8837b8c98273051be0c90e5bbebd42 SHA512 5795c565effab995cee447a2dc457ef6a6f15201fb185d7104992ac373a3cb5cfc865dd661c0896a895c96f452eff392d455064d0eead55cd7364d96e0d15c4a |
38 |
DIST audit-2.8.5.tar.gz 1140694 BLAKE2B 64fd0cd93f934e3dd11faf21fcd765894a9c4336d8322179980bb7df1ef5a06d301a665860aeb84fefa0cf278940668023675b99ba7f33cdcfb542d869034358 SHA512 7d416aaa21c1a167f8e911ca82aecbaba804424f3243f505066c43ecc4a62a34feb2c27555e99d3268608404793dccca0f828c63670e3aa816016fb493f8174a |
39 |
DIST audit-2.8.5_p80866dc78b5d.tar.gz 552094 BLAKE2B adb936a314ef2f11828ee00f3513631e06e2df09e37e68be27b1b694e278116d2f486dbde7ed57c77d9ff0bcd09309ea841959c7a66caed6770f367d65dd14f4 SHA512 7ec103bf076cfac7906748162e78835f1f65dd9d68e3a7466346e0473075beb47897adf88ab9ba0eb42db1953372aafb16cc040674b9a9c887730c062b82540a |
40 |
|
41 |
diff --git a/sys-process/audit/audit-2.6.4.ebuild b/sys-process/audit/audit-2.6.4.ebuild |
42 |
new file mode 100644 |
43 |
index 00000000000..fe6c17834e6 |
44 |
--- /dev/null |
45 |
+++ b/sys-process/audit/audit-2.6.4.ebuild |
46 |
@@ -0,0 +1,230 @@ |
47 |
+# Copyright 1999-2020 Gentoo Authors |
48 |
+# Distributed under the terms of the GNU General Public License v2 |
49 |
+ |
50 |
+EAPI="6" |
51 |
+ |
52 |
+PYTHON_COMPAT=( python3_6 ) |
53 |
+ |
54 |
+inherit autotools ltprune multilib multilib-minimal toolchain-funcs preserve-libs python-r1 linux-info systemd usr-ldscript |
55 |
+ |
56 |
+DESCRIPTION="Userspace utilities for storing and processing auditing records" |
57 |
+HOMEPAGE="https://people.redhat.com/sgrubb/audit/" |
58 |
+SRC_URI="https://people.redhat.com/sgrubb/audit/${P}.tar.gz" |
59 |
+ |
60 |
+LICENSE="GPL-2+ LGPL-2.1+" |
61 |
+SLOT="0" |
62 |
+KEYWORDS="~alpha amd64 arm ~arm64 hppa ~ia64 ~mips ppc ppc64 ~s390 sparc x86" |
63 |
+IUSE="gssapi ldap python static-libs" |
64 |
+REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )" |
65 |
+# Testcases are pretty useless as they are built for RedHat users/groups and kernels. |
66 |
+RESTRICT="test" |
67 |
+ |
68 |
+RDEPEND="gssapi? ( virtual/krb5 ) |
69 |
+ ldap? ( net-nds/openldap ) |
70 |
+ sys-libs/libcap-ng |
71 |
+ python? ( ${PYTHON_DEPS} )" |
72 |
+DEPEND="${RDEPEND} |
73 |
+ >=sys-kernel/linux-headers-2.6.34 |
74 |
+ python? ( dev-lang/swig:0 )" |
75 |
+# Do not use os-headers as this is linux specific |
76 |
+ |
77 |
+CONFIG_CHECK="~AUDIT" |
78 |
+ |
79 |
+pkg_setup() { |
80 |
+ linux-info_pkg_setup |
81 |
+} |
82 |
+ |
83 |
+src_prepare() { |
84 |
+ eapply_user |
85 |
+ |
86 |
+ # Do not build GUI tools |
87 |
+ sed -i \ |
88 |
+ -e '/AC_CONFIG_SUBDIRS.*system-config-audit/d' \ |
89 |
+ "${S}"/configure.ac || die |
90 |
+ sed -i \ |
91 |
+ -e 's,system-config-audit,,g' \ |
92 |
+ "${S}"/Makefile.am || die |
93 |
+ rm -rf "${S}"/system-config-audit |
94 |
+ |
95 |
+ if ! use ldap; then |
96 |
+ sed -i \ |
97 |
+ -e '/^AC_OUTPUT/s,audisp/plugins/zos-remote/Makefile,,g' \ |
98 |
+ "${S}"/configure.ac || die |
99 |
+ sed -i \ |
100 |
+ -e '/^SUBDIRS/s,zos-remote,,g' \ |
101 |
+ "${S}"/audisp/plugins/Makefile.am || die |
102 |
+ fi |
103 |
+ |
104 |
+ # Don't build static version of Python module. |
105 |
+ eapply "${FILESDIR}"/${PN}-2.4.3-python.patch |
106 |
+ |
107 |
+ # glibc/kernel upstreams suck with both defining ia64_fpreg |
108 |
+ # This patch is a horribly workaround that is only valid as long as you |
109 |
+ # don't need the OTHER definitions in fpu.h. |
110 |
+ eapply "${FILESDIR}"/${PN}-2.1.3-ia64-compile-fix.patch |
111 |
+ |
112 |
+ # there is no --without-golang conf option |
113 |
+ sed -e "/^SUBDIRS =/s/ @gobind_dir@//" -i bindings/Makefile.am || die |
114 |
+ |
115 |
+ # Regenerate autotooling |
116 |
+ eautoreconf |
117 |
+} |
118 |
+ |
119 |
+multilib_src_configure() { |
120 |
+ local ECONF_SOURCE=${S} |
121 |
+ econf \ |
122 |
+ --sbindir="${EPREFIX}/sbin" \ |
123 |
+ $(use_enable gssapi gssapi-krb5) \ |
124 |
+ $(use_enable static-libs static) \ |
125 |
+ --enable-systemd \ |
126 |
+ --without-python \ |
127 |
+ --without-python3 |
128 |
+ |
129 |
+ if multilib_is_native_abi; then |
130 |
+ python_configure() { |
131 |
+ mkdir -p "${BUILD_DIR}" || die |
132 |
+ cd "${BUILD_DIR}" || die |
133 |
+ |
134 |
+ if python_is_python3; then |
135 |
+ econf --without-python --with-python3 |
136 |
+ else |
137 |
+ econf --with-python --without-python3 |
138 |
+ fi |
139 |
+ } |
140 |
+ |
141 |
+ use python && python_foreach_impl python_configure |
142 |
+ fi |
143 |
+} |
144 |
+ |
145 |
+src_configure() { |
146 |
+ tc-export_build_env BUILD_{CC,CPP} |
147 |
+ export CC_FOR_BUILD="${BUILD_CC}" |
148 |
+ export CPP_FOR_BUILD="${BUILD_CPP}" |
149 |
+ |
150 |
+ multilib-minimal_src_configure |
151 |
+} |
152 |
+ |
153 |
+multilib_src_compile() { |
154 |
+ if multilib_is_native_abi; then |
155 |
+ default |
156 |
+ |
157 |
+ python_compile() { |
158 |
+ local pysuffix pydef |
159 |
+ if python_is_python3; then |
160 |
+ pysuffix=3 |
161 |
+ pydef='USE_PYTHON3=true' |
162 |
+ else |
163 |
+ pysuffix=2 |
164 |
+ pydef='HAVE_PYTHON=true' |
165 |
+ fi |
166 |
+ |
167 |
+ emake -C "${BUILD_DIR}"/bindings/swig \ |
168 |
+ VPATH="${native_build}/lib" \ |
169 |
+ LIBS="${native_build}/lib/libaudit.la" \ |
170 |
+ _audit_la_LIBADD="${native_build}/lib/libaudit.la" \ |
171 |
+ _audit_la_DEPENDENCIES="${S}/lib/libaudit.h ${native_build}/lib/libaudit.la" \ |
172 |
+ ${pydef} |
173 |
+ emake -C "${BUILD_DIR}"/bindings/python/python${pysuffix} \ |
174 |
+ VPATH="${S}/bindings/python/python${pysuffix}:${native_build}/bindings/python/python${pysuffix}" \ |
175 |
+ auparse_la_LIBADD="${native_build}/auparse/libauparse.la ${native_build}/lib/libaudit.la" \ |
176 |
+ ${pydef} |
177 |
+ } |
178 |
+ |
179 |
+ local native_build="${BUILD_DIR}" |
180 |
+ use python && python_foreach_impl python_compile |
181 |
+ else |
182 |
+ emake -C lib |
183 |
+ emake -C auparse |
184 |
+ fi |
185 |
+} |
186 |
+ |
187 |
+multilib_src_install() { |
188 |
+ if multilib_is_native_abi; then |
189 |
+ emake DESTDIR="${D}" initdir="$(systemd_get_systemunitdir)" install |
190 |
+ |
191 |
+ python_install() { |
192 |
+ local pysuffix pydef |
193 |
+ if python_is_python3; then |
194 |
+ pysuffix=3 |
195 |
+ pydef='USE_PYTHON3=true' |
196 |
+ else |
197 |
+ pysuffix=2 |
198 |
+ pydef='HAVE_PYTHON=true' |
199 |
+ fi |
200 |
+ |
201 |
+ emake -C "${BUILD_DIR}"/bindings/swig \ |
202 |
+ VPATH="${native_build}/lib" \ |
203 |
+ LIBS="${native_build}/lib/libaudit.la" \ |
204 |
+ _audit_la_LIBADD="${native_build}/lib/libaudit.la" \ |
205 |
+ _audit_la_DEPENDENCIES="${S}/lib/libaudit.h ${native_build}/lib/libaudit.la" \ |
206 |
+ ${pydef} \ |
207 |
+ DESTDIR="${D}" install |
208 |
+ emake -C "${BUILD_DIR}"/bindings/python/python${pysuffix} \ |
209 |
+ VPATH="${S}/bindings/python/python${pysuffix}:${native_build}/bindings/python/python${pysuffix}" \ |
210 |
+ auparse_la_LIBADD="${native_build}/auparse/libauparse.la ${native_build}/lib/libaudit.la" \ |
211 |
+ ${pydef} \ |
212 |
+ DESTDIR="${D}" install |
213 |
+ } |
214 |
+ |
215 |
+ local native_build=${BUILD_DIR} |
216 |
+ use python && python_foreach_impl python_install |
217 |
+ |
218 |
+ # things like shadow use this so we need to be in / |
219 |
+ gen_usr_ldscript -a audit auparse |
220 |
+ else |
221 |
+ emake -C lib DESTDIR="${D}" install |
222 |
+ emake -C auparse DESTDIR="${D}" install |
223 |
+ fi |
224 |
+} |
225 |
+ |
226 |
+multilib_src_install_all() { |
227 |
+ dodoc AUTHORS ChangeLog README* THANKS TODO |
228 |
+ docinto contrib |
229 |
+ dodoc contrib/{avc_snap,skeleton.c} |
230 |
+ docinto contrib/plugin |
231 |
+ dodoc contrib/plugin/* |
232 |
+ docinto rules |
233 |
+ dodoc rules/* |
234 |
+ |
235 |
+ newinitd "${FILESDIR}"/auditd-init.d-2.4.3 auditd |
236 |
+ newconfd "${FILESDIR}"/auditd-conf.d-2.1.3 auditd |
237 |
+ |
238 |
+ chmod 644 "${D}$(systemd_get_systemunitdir)"/auditd.service || die # 556436 |
239 |
+ |
240 |
+ [ -f "${ED}"/sbin/audisp-remote ] && \ |
241 |
+ dodir /usr/sbin && \ |
242 |
+ mv "${ED}"/{sbin,usr/sbin}/audisp-remote || die |
243 |
+ |
244 |
+ # Gentoo rules |
245 |
+ insinto /etc/audit/ |
246 |
+ newins "${FILESDIR}"/audit.rules-2.1.3 audit.rules |
247 |
+ doins "${FILESDIR}"/audit.rules.stop* |
248 |
+ |
249 |
+ # audit logs go here |
250 |
+ keepdir /var/log/audit/ |
251 |
+ |
252 |
+ # Security |
253 |
+ lockdown_perms "${ED}" |
254 |
+ |
255 |
+ prune_libtool_files --modules |
256 |
+} |
257 |
+ |
258 |
+pkg_preinst() { |
259 |
+ # Preserve from the audit-1 series |
260 |
+ preserve_old_lib /$(get_libdir)/libaudit.so.0 |
261 |
+} |
262 |
+ |
263 |
+pkg_postinst() { |
264 |
+ lockdown_perms "${EROOT}" |
265 |
+ # Preserve from the audit-1 series |
266 |
+ preserve_old_lib_notify /$(get_libdir)/libaudit.so.0 |
267 |
+} |
268 |
+ |
269 |
+lockdown_perms() { |
270 |
+ # Upstream wants these to have restrictive perms. |
271 |
+ # Should not || die as not all paths may exist. |
272 |
+ local basedir="$1" |
273 |
+ chmod 0750 "${basedir}"/sbin/au{ditctl,report,dispd,ditd,search,trace} 2>/dev/null |
274 |
+ chmod 0750 "${basedir}"/var/log/audit/ 2>/dev/null |
275 |
+ chmod 0640 "${basedir}"/etc/{audit/,}{auditd.conf,audit.rules*} 2>/dev/null |
276 |
+} |
277 |
|
278 |
diff --git a/sys-process/audit/audit-2.7.1.ebuild b/sys-process/audit/audit-2.7.1.ebuild |
279 |
new file mode 100644 |
280 |
index 00000000000..b3448548a50 |
281 |
--- /dev/null |
282 |
+++ b/sys-process/audit/audit-2.7.1.ebuild |
283 |
@@ -0,0 +1,230 @@ |
284 |
+# Copyright 1999-2020 Gentoo Authors |
285 |
+# Distributed under the terms of the GNU General Public License v2 |
286 |
+ |
287 |
+EAPI=6 |
288 |
+ |
289 |
+PYTHON_COMPAT=( python3_6 ) |
290 |
+ |
291 |
+inherit autotools ltprune multilib multilib-minimal toolchain-funcs preserve-libs python-r1 linux-info systemd usr-ldscript |
292 |
+ |
293 |
+DESCRIPTION="Userspace utilities for storing and processing auditing records" |
294 |
+HOMEPAGE="https://people.redhat.com/sgrubb/audit/" |
295 |
+SRC_URI="https://people.redhat.com/sgrubb/audit/${P}.tar.gz" |
296 |
+ |
297 |
+LICENSE="GPL-2+ LGPL-2.1+" |
298 |
+SLOT="0" |
299 |
+KEYWORDS="~alpha amd64 arm ~arm64 hppa ~ia64 ~mips ppc ppc64 s390 sparc x86" |
300 |
+IUSE="gssapi ldap python static-libs" |
301 |
+REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )" |
302 |
+# Testcases are pretty useless as they are built for RedHat users/groups and kernels. |
303 |
+RESTRICT="test" |
304 |
+ |
305 |
+RDEPEND="gssapi? ( virtual/krb5 ) |
306 |
+ ldap? ( net-nds/openldap ) |
307 |
+ sys-libs/libcap-ng |
308 |
+ python? ( ${PYTHON_DEPS} )" |
309 |
+DEPEND="${RDEPEND} |
310 |
+ >=sys-kernel/linux-headers-2.6.34 |
311 |
+ python? ( dev-lang/swig:0 )" |
312 |
+# Do not use os-headers as this is linux specific |
313 |
+ |
314 |
+CONFIG_CHECK="~AUDIT" |
315 |
+ |
316 |
+pkg_setup() { |
317 |
+ linux-info_pkg_setup |
318 |
+} |
319 |
+ |
320 |
+src_prepare() { |
321 |
+ eapply_user |
322 |
+ |
323 |
+ # Do not build GUI tools |
324 |
+ sed -i \ |
325 |
+ -e '/AC_CONFIG_SUBDIRS.*system-config-audit/d' \ |
326 |
+ "${S}"/configure.ac || die |
327 |
+ sed -i \ |
328 |
+ -e 's,system-config-audit,,g' \ |
329 |
+ "${S}"/Makefile.am || die |
330 |
+ rm -rf "${S}"/system-config-audit |
331 |
+ |
332 |
+ if ! use ldap; then |
333 |
+ sed -i \ |
334 |
+ -e '/^AC_OUTPUT/s,audisp/plugins/zos-remote/Makefile,,g' \ |
335 |
+ "${S}"/configure.ac || die |
336 |
+ sed -i \ |
337 |
+ -e '/^SUBDIRS/s,zos-remote,,g' \ |
338 |
+ "${S}"/audisp/plugins/Makefile.am || die |
339 |
+ fi |
340 |
+ |
341 |
+ # Don't build static version of Python module. |
342 |
+ eapply "${FILESDIR}"/${PN}-2.4.3-python.patch |
343 |
+ |
344 |
+ # glibc/kernel upstreams suck with both defining ia64_fpreg |
345 |
+ # This patch is a horribly workaround that is only valid as long as you |
346 |
+ # don't need the OTHER definitions in fpu.h. |
347 |
+ eapply "${FILESDIR}"/${PN}-2.1.3-ia64-compile-fix.patch |
348 |
+ |
349 |
+ # there is no --without-golang conf option |
350 |
+ sed -e "/^SUBDIRS =/s/ @gobind_dir@//" -i bindings/Makefile.am || die |
351 |
+ |
352 |
+ # Regenerate autotooling |
353 |
+ eautoreconf |
354 |
+} |
355 |
+ |
356 |
+multilib_src_configure() { |
357 |
+ local ECONF_SOURCE=${S} |
358 |
+ econf \ |
359 |
+ --sbindir="${EPREFIX}/sbin" \ |
360 |
+ $(use_enable gssapi gssapi-krb5) \ |
361 |
+ $(use_enable static-libs static) \ |
362 |
+ --enable-systemd \ |
363 |
+ --without-python \ |
364 |
+ --without-python3 |
365 |
+ |
366 |
+ if multilib_is_native_abi; then |
367 |
+ python_configure() { |
368 |
+ mkdir -p "${BUILD_DIR}" || die |
369 |
+ cd "${BUILD_DIR}" || die |
370 |
+ |
371 |
+ if python_is_python3; then |
372 |
+ econf --without-python --with-python3 |
373 |
+ else |
374 |
+ econf --with-python --without-python3 |
375 |
+ fi |
376 |
+ } |
377 |
+ |
378 |
+ use python && python_foreach_impl python_configure |
379 |
+ fi |
380 |
+} |
381 |
+ |
382 |
+src_configure() { |
383 |
+ tc-export_build_env BUILD_{CC,CPP} |
384 |
+ export CC_FOR_BUILD="${BUILD_CC}" |
385 |
+ export CPP_FOR_BUILD="${BUILD_CPP}" |
386 |
+ |
387 |
+ multilib-minimal_src_configure |
388 |
+} |
389 |
+ |
390 |
+multilib_src_compile() { |
391 |
+ if multilib_is_native_abi; then |
392 |
+ default |
393 |
+ |
394 |
+ python_compile() { |
395 |
+ local pysuffix pydef |
396 |
+ if python_is_python3; then |
397 |
+ pysuffix=3 |
398 |
+ pydef='USE_PYTHON3=true' |
399 |
+ else |
400 |
+ pysuffix=2 |
401 |
+ pydef='HAVE_PYTHON=true' |
402 |
+ fi |
403 |
+ |
404 |
+ emake -C "${BUILD_DIR}"/bindings/swig \ |
405 |
+ VPATH="${native_build}/lib" \ |
406 |
+ LIBS="${native_build}/lib/libaudit.la" \ |
407 |
+ _audit_la_LIBADD="${native_build}/lib/libaudit.la" \ |
408 |
+ _audit_la_DEPENDENCIES="${S}/lib/libaudit.h ${native_build}/lib/libaudit.la" \ |
409 |
+ ${pydef} |
410 |
+ emake -C "${BUILD_DIR}"/bindings/python/python${pysuffix} \ |
411 |
+ VPATH="${S}/bindings/python/python${pysuffix}:${native_build}/bindings/python/python${pysuffix}" \ |
412 |
+ auparse_la_LIBADD="${native_build}/auparse/libauparse.la ${native_build}/lib/libaudit.la" \ |
413 |
+ ${pydef} |
414 |
+ } |
415 |
+ |
416 |
+ local native_build="${BUILD_DIR}" |
417 |
+ use python && python_foreach_impl python_compile |
418 |
+ else |
419 |
+ emake -C lib |
420 |
+ emake -C auparse |
421 |
+ fi |
422 |
+} |
423 |
+ |
424 |
+multilib_src_install() { |
425 |
+ if multilib_is_native_abi; then |
426 |
+ emake DESTDIR="${D}" initdir="$(systemd_get_systemunitdir)" install |
427 |
+ |
428 |
+ python_install() { |
429 |
+ local pysuffix pydef |
430 |
+ if python_is_python3; then |
431 |
+ pysuffix=3 |
432 |
+ pydef='USE_PYTHON3=true' |
433 |
+ else |
434 |
+ pysuffix=2 |
435 |
+ pydef='HAVE_PYTHON=true' |
436 |
+ fi |
437 |
+ |
438 |
+ emake -C "${BUILD_DIR}"/bindings/swig \ |
439 |
+ VPATH="${native_build}/lib" \ |
440 |
+ LIBS="${native_build}/lib/libaudit.la" \ |
441 |
+ _audit_la_LIBADD="${native_build}/lib/libaudit.la" \ |
442 |
+ _audit_la_DEPENDENCIES="${S}/lib/libaudit.h ${native_build}/lib/libaudit.la" \ |
443 |
+ ${pydef} \ |
444 |
+ DESTDIR="${D}" install |
445 |
+ emake -C "${BUILD_DIR}"/bindings/python/python${pysuffix} \ |
446 |
+ VPATH="${S}/bindings/python/python${pysuffix}:${native_build}/bindings/python/python${pysuffix}" \ |
447 |
+ auparse_la_LIBADD="${native_build}/auparse/libauparse.la ${native_build}/lib/libaudit.la" \ |
448 |
+ ${pydef} \ |
449 |
+ DESTDIR="${D}" install |
450 |
+ } |
451 |
+ |
452 |
+ local native_build=${BUILD_DIR} |
453 |
+ use python && python_foreach_impl python_install |
454 |
+ |
455 |
+ # things like shadow use this so we need to be in / |
456 |
+ gen_usr_ldscript -a audit auparse |
457 |
+ else |
458 |
+ emake -C lib DESTDIR="${D}" install |
459 |
+ emake -C auparse DESTDIR="${D}" install |
460 |
+ fi |
461 |
+} |
462 |
+ |
463 |
+multilib_src_install_all() { |
464 |
+ dodoc AUTHORS ChangeLog README* THANKS TODO |
465 |
+ docinto contrib |
466 |
+ dodoc contrib/{avc_snap,skeleton.c} |
467 |
+ docinto contrib/plugin |
468 |
+ dodoc contrib/plugin/* |
469 |
+ docinto rules |
470 |
+ dodoc rules/* |
471 |
+ |
472 |
+ newinitd "${FILESDIR}"/auditd-init.d-2.4.3 auditd |
473 |
+ newconfd "${FILESDIR}"/auditd-conf.d-2.1.3 auditd |
474 |
+ |
475 |
+ chmod 644 "${D}$(systemd_get_systemunitdir)"/auditd.service || die # 556436 |
476 |
+ |
477 |
+ [ -f "${ED}"/sbin/audisp-remote ] && \ |
478 |
+ dodir /usr/sbin && \ |
479 |
+ mv "${ED}"/{sbin,usr/sbin}/audisp-remote || die |
480 |
+ |
481 |
+ # Gentoo rules |
482 |
+ insinto /etc/audit/ |
483 |
+ newins "${FILESDIR}"/audit.rules-2.1.3 audit.rules |
484 |
+ doins "${FILESDIR}"/audit.rules.stop* |
485 |
+ |
486 |
+ # audit logs go here |
487 |
+ keepdir /var/log/audit/ |
488 |
+ |
489 |
+ # Security |
490 |
+ lockdown_perms "${ED}" |
491 |
+ |
492 |
+ prune_libtool_files --modules |
493 |
+} |
494 |
+ |
495 |
+pkg_preinst() { |
496 |
+ # Preserve from the audit-1 series |
497 |
+ preserve_old_lib /$(get_libdir)/libaudit.so.0 |
498 |
+} |
499 |
+ |
500 |
+pkg_postinst() { |
501 |
+ lockdown_perms "${EROOT}" |
502 |
+ # Preserve from the audit-1 series |
503 |
+ preserve_old_lib_notify /$(get_libdir)/libaudit.so.0 |
504 |
+} |
505 |
+ |
506 |
+lockdown_perms() { |
507 |
+ # Upstream wants these to have restrictive perms. |
508 |
+ # Should not || die as not all paths may exist. |
509 |
+ local basedir="$1" |
510 |
+ chmod 0750 "${basedir}"/sbin/au{ditctl,report,dispd,ditd,search,trace} 2>/dev/null |
511 |
+ chmod 0750 "${basedir}"/var/log/audit/ 2>/dev/null |
512 |
+ chmod 0640 "${basedir}"/etc/{audit/,}{auditd.conf,audit.rules*} 2>/dev/null |
513 |
+} |
514 |
|
515 |
diff --git a/sys-process/audit/audit-2.8.2.ebuild b/sys-process/audit/audit-2.8.2.ebuild |
516 |
new file mode 100644 |
517 |
index 00000000000..6bcdd339ea4 |
518 |
--- /dev/null |
519 |
+++ b/sys-process/audit/audit-2.8.2.ebuild |
520 |
@@ -0,0 +1,228 @@ |
521 |
+# Copyright 1999-2020 Gentoo Authors |
522 |
+# Distributed under the terms of the GNU General Public License v2 |
523 |
+ |
524 |
+EAPI="6" |
525 |
+ |
526 |
+PYTHON_COMPAT=( python3_6 ) |
527 |
+ |
528 |
+inherit autotools multilib multilib-minimal toolchain-funcs preserve-libs python-r1 linux-info systemd usr-ldscript |
529 |
+ |
530 |
+DESCRIPTION="Userspace utilities for storing and processing auditing records" |
531 |
+HOMEPAGE="https://people.redhat.com/sgrubb/audit/" |
532 |
+SRC_URI="https://people.redhat.com/sgrubb/audit/${P}.tar.gz" |
533 |
+ |
534 |
+LICENSE="GPL-2+ LGPL-2.1+" |
535 |
+SLOT="0" |
536 |
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86" |
537 |
+IUSE="gssapi ldap python static-libs" |
538 |
+REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )" |
539 |
+# Testcases are pretty useless as they are built for RedHat users/groups and kernels. |
540 |
+RESTRICT="test" |
541 |
+ |
542 |
+RDEPEND="gssapi? ( virtual/krb5 ) |
543 |
+ ldap? ( net-nds/openldap ) |
544 |
+ sys-libs/libcap-ng |
545 |
+ python? ( ${PYTHON_DEPS} )" |
546 |
+DEPEND="${RDEPEND} |
547 |
+ >=sys-kernel/linux-headers-2.6.34 |
548 |
+ python? ( dev-lang/swig:0 )" |
549 |
+# Do not use os-headers as this is linux specific |
550 |
+ |
551 |
+CONFIG_CHECK="~AUDIT" |
552 |
+ |
553 |
+pkg_setup() { |
554 |
+ linux-info_pkg_setup |
555 |
+} |
556 |
+ |
557 |
+src_prepare() { |
558 |
+ eapply_user |
559 |
+ |
560 |
+ # Do not build GUI tools |
561 |
+ sed -i \ |
562 |
+ -e '/AC_CONFIG_SUBDIRS.*system-config-audit/d' \ |
563 |
+ "${S}"/configure.ac || die |
564 |
+ sed -i \ |
565 |
+ -e 's,system-config-audit,,g' \ |
566 |
+ "${S}"/Makefile.am || die |
567 |
+ rm -rf "${S}"/system-config-audit |
568 |
+ |
569 |
+ if ! use ldap; then |
570 |
+ sed -i \ |
571 |
+ -e '/^AC_OUTPUT/s,audisp/plugins/zos-remote/Makefile,,g' \ |
572 |
+ "${S}"/configure.ac || die |
573 |
+ sed -i \ |
574 |
+ -e '/^SUBDIRS/s,zos-remote,,g' \ |
575 |
+ "${S}"/audisp/plugins/Makefile.am || die |
576 |
+ fi |
577 |
+ |
578 |
+ # Don't build static version of Python module. |
579 |
+ eapply "${FILESDIR}"/${PN}-2.4.3-python.patch |
580 |
+ |
581 |
+ # glibc/kernel upstreams suck with both defining ia64_fpreg |
582 |
+ # This patch is a horribly workaround that is only valid as long as you |
583 |
+ # don't need the OTHER definitions in fpu.h. |
584 |
+ eapply "${FILESDIR}"/${PN}-2.1.3-ia64-compile-fix.patch |
585 |
+ |
586 |
+ # there is no --without-golang conf option |
587 |
+ sed -e "/^SUBDIRS =/s/ @gobind_dir@//" -i bindings/Makefile.am || die |
588 |
+ |
589 |
+ # Regenerate autotooling |
590 |
+ eautoreconf |
591 |
+} |
592 |
+ |
593 |
+multilib_src_configure() { |
594 |
+ local ECONF_SOURCE=${S} |
595 |
+ econf \ |
596 |
+ --sbindir="${EPREFIX}/sbin" \ |
597 |
+ $(use_enable gssapi gssapi-krb5) \ |
598 |
+ $(use_enable static-libs static) \ |
599 |
+ --enable-systemd \ |
600 |
+ --without-python \ |
601 |
+ --without-python3 |
602 |
+ |
603 |
+ if multilib_is_native_abi; then |
604 |
+ python_configure() { |
605 |
+ mkdir -p "${BUILD_DIR}" || die |
606 |
+ cd "${BUILD_DIR}" || die |
607 |
+ |
608 |
+ if python_is_python3; then |
609 |
+ econf --without-python --with-python3 |
610 |
+ else |
611 |
+ econf --with-python --without-python3 |
612 |
+ fi |
613 |
+ } |
614 |
+ |
615 |
+ use python && python_foreach_impl python_configure |
616 |
+ fi |
617 |
+} |
618 |
+ |
619 |
+src_configure() { |
620 |
+ tc-export_build_env BUILD_{CC,CPP} |
621 |
+ export CC_FOR_BUILD="${BUILD_CC}" |
622 |
+ export CPP_FOR_BUILD="${BUILD_CPP}" |
623 |
+ |
624 |
+ multilib-minimal_src_configure |
625 |
+} |
626 |
+ |
627 |
+multilib_src_compile() { |
628 |
+ if multilib_is_native_abi; then |
629 |
+ default |
630 |
+ |
631 |
+ python_compile() { |
632 |
+ local pysuffix pydef |
633 |
+ if python_is_python3; then |
634 |
+ pysuffix=3 |
635 |
+ pydef='USE_PYTHON3=true' |
636 |
+ else |
637 |
+ pysuffix=2 |
638 |
+ pydef='HAVE_PYTHON=true' |
639 |
+ fi |
640 |
+ |
641 |
+ emake -C "${BUILD_DIR}"/bindings/swig \ |
642 |
+ VPATH="${native_build}/lib" \ |
643 |
+ LIBS="${native_build}/lib/libaudit.la" \ |
644 |
+ _audit_la_LIBADD="${native_build}/lib/libaudit.la" \ |
645 |
+ _audit_la_DEPENDENCIES="${S}/lib/libaudit.h ${native_build}/lib/libaudit.la" \ |
646 |
+ ${pydef} |
647 |
+ emake -C "${BUILD_DIR}"/bindings/python/python${pysuffix} \ |
648 |
+ VPATH="${S}/bindings/python/python${pysuffix}:${native_build}/bindings/python/python${pysuffix}" \ |
649 |
+ auparse_la_LIBADD="${native_build}/auparse/libauparse.la ${native_build}/lib/libaudit.la" \ |
650 |
+ ${pydef} |
651 |
+ } |
652 |
+ |
653 |
+ local native_build="${BUILD_DIR}" |
654 |
+ use python && python_foreach_impl python_compile |
655 |
+ else |
656 |
+ emake -C lib |
657 |
+ emake -C auparse |
658 |
+ fi |
659 |
+} |
660 |
+ |
661 |
+multilib_src_install() { |
662 |
+ if multilib_is_native_abi; then |
663 |
+ emake DESTDIR="${D}" initdir="$(systemd_get_systemunitdir)" install |
664 |
+ |
665 |
+ python_install() { |
666 |
+ local pysuffix pydef |
667 |
+ if python_is_python3; then |
668 |
+ pysuffix=3 |
669 |
+ pydef='USE_PYTHON3=true' |
670 |
+ else |
671 |
+ pysuffix=2 |
672 |
+ pydef='HAVE_PYTHON=true' |
673 |
+ fi |
674 |
+ |
675 |
+ emake -C "${BUILD_DIR}"/bindings/swig \ |
676 |
+ VPATH="${native_build}/lib" \ |
677 |
+ LIBS="${native_build}/lib/libaudit.la" \ |
678 |
+ _audit_la_LIBADD="${native_build}/lib/libaudit.la" \ |
679 |
+ _audit_la_DEPENDENCIES="${S}/lib/libaudit.h ${native_build}/lib/libaudit.la" \ |
680 |
+ ${pydef} \ |
681 |
+ DESTDIR="${D}" install |
682 |
+ emake -C "${BUILD_DIR}"/bindings/python/python${pysuffix} \ |
683 |
+ VPATH="${S}/bindings/python/python${pysuffix}:${native_build}/bindings/python/python${pysuffix}" \ |
684 |
+ auparse_la_LIBADD="${native_build}/auparse/libauparse.la ${native_build}/lib/libaudit.la" \ |
685 |
+ ${pydef} \ |
686 |
+ DESTDIR="${D}" install |
687 |
+ } |
688 |
+ |
689 |
+ local native_build=${BUILD_DIR} |
690 |
+ use python && python_foreach_impl python_install |
691 |
+ |
692 |
+ # things like shadow use this so we need to be in / |
693 |
+ gen_usr_ldscript -a audit auparse |
694 |
+ else |
695 |
+ emake -C lib DESTDIR="${D}" install |
696 |
+ emake -C auparse DESTDIR="${D}" install |
697 |
+ fi |
698 |
+} |
699 |
+ |
700 |
+multilib_src_install_all() { |
701 |
+ dodoc AUTHORS ChangeLog README* THANKS TODO |
702 |
+ docinto contrib |
703 |
+ dodoc contrib/{avc_snap,skeleton.c} |
704 |
+ docinto contrib/plugin |
705 |
+ dodoc contrib/plugin/* |
706 |
+ docinto rules |
707 |
+ dodoc rules/* |
708 |
+ |
709 |
+ newinitd "${FILESDIR}"/auditd-init.d-2.4.3 auditd |
710 |
+ newconfd "${FILESDIR}"/auditd-conf.d-2.1.3 auditd |
711 |
+ |
712 |
+ [ -f "${ED}"/sbin/audisp-remote ] && \ |
713 |
+ dodir /usr/sbin && \ |
714 |
+ mv "${ED}"/{sbin,usr/sbin}/audisp-remote || die |
715 |
+ |
716 |
+ # Gentoo rules |
717 |
+ insinto /etc/audit/ |
718 |
+ newins "${FILESDIR}"/audit.rules-2.1.3 audit.rules |
719 |
+ doins "${FILESDIR}"/audit.rules.stop* |
720 |
+ |
721 |
+ # audit logs go here |
722 |
+ keepdir /var/log/audit/ |
723 |
+ |
724 |
+ find "${D}" -name '*.la' -delete || die |
725 |
+ |
726 |
+ # Security |
727 |
+ lockdown_perms "${ED}" |
728 |
+} |
729 |
+ |
730 |
+pkg_preinst() { |
731 |
+ # Preserve from the audit-1 series |
732 |
+ preserve_old_lib /$(get_libdir)/libaudit.so.0 |
733 |
+} |
734 |
+ |
735 |
+pkg_postinst() { |
736 |
+ lockdown_perms "${EROOT}" |
737 |
+ # Preserve from the audit-1 series |
738 |
+ preserve_old_lib_notify /$(get_libdir)/libaudit.so.0 |
739 |
+} |
740 |
+ |
741 |
+lockdown_perms() { |
742 |
+ # Upstream wants these to have restrictive perms. |
743 |
+ # Should not || die as not all paths may exist. |
744 |
+ local basedir="$1" |
745 |
+ chmod 0750 "${basedir}"/sbin/au{ditctl,report,dispd,ditd,search,trace} 2>/dev/null |
746 |
+ chmod 0750 "${basedir}"/var/log/audit/ 2>/dev/null |
747 |
+ chmod 0640 "${basedir}"/etc/{audit/,}{auditd.conf,audit.rules*} 2>/dev/null |
748 |
+} |
749 |
|
750 |
diff --git a/sys-process/audit/audit-2.8.3.ebuild b/sys-process/audit/audit-2.8.3.ebuild |
751 |
new file mode 100644 |
752 |
index 00000000000..64b55ec39e2 |
753 |
--- /dev/null |
754 |
+++ b/sys-process/audit/audit-2.8.3.ebuild |
755 |
@@ -0,0 +1,228 @@ |
756 |
+# Copyright 1999-2020 Gentoo Authors |
757 |
+# Distributed under the terms of the GNU General Public License v2 |
758 |
+ |
759 |
+EAPI="6" |
760 |
+ |
761 |
+PYTHON_COMPAT=( python3_6 ) |
762 |
+ |
763 |
+inherit autotools multilib multilib-minimal toolchain-funcs preserve-libs python-r1 linux-info systemd usr-ldscript |
764 |
+ |
765 |
+DESCRIPTION="Userspace utilities for storing and processing auditing records" |
766 |
+HOMEPAGE="https://people.redhat.com/sgrubb/audit/" |
767 |
+SRC_URI="https://people.redhat.com/sgrubb/audit/${P}.tar.gz" |
768 |
+ |
769 |
+LICENSE="GPL-2+ LGPL-2.1+" |
770 |
+SLOT="0" |
771 |
+KEYWORDS="~alpha amd64 arm ~arm64 hppa ~ia64 ~mips ppc ppc64 s390 sparc x86" |
772 |
+IUSE="gssapi ldap python static-libs" |
773 |
+REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )" |
774 |
+# Testcases are pretty useless as they are built for RedHat users/groups and kernels. |
775 |
+RESTRICT="test" |
776 |
+ |
777 |
+RDEPEND="gssapi? ( virtual/krb5 ) |
778 |
+ ldap? ( net-nds/openldap ) |
779 |
+ sys-libs/libcap-ng |
780 |
+ python? ( ${PYTHON_DEPS} )" |
781 |
+DEPEND="${RDEPEND} |
782 |
+ >=sys-kernel/linux-headers-2.6.34 |
783 |
+ python? ( dev-lang/swig:0 )" |
784 |
+# Do not use os-headers as this is linux specific |
785 |
+ |
786 |
+CONFIG_CHECK="~AUDIT" |
787 |
+ |
788 |
+pkg_setup() { |
789 |
+ linux-info_pkg_setup |
790 |
+} |
791 |
+ |
792 |
+src_prepare() { |
793 |
+ eapply_user |
794 |
+ |
795 |
+ # Do not build GUI tools |
796 |
+ sed -i \ |
797 |
+ -e '/AC_CONFIG_SUBDIRS.*system-config-audit/d' \ |
798 |
+ "${S}"/configure.ac || die |
799 |
+ sed -i \ |
800 |
+ -e 's,system-config-audit,,g' \ |
801 |
+ "${S}"/Makefile.am || die |
802 |
+ rm -rf "${S}"/system-config-audit |
803 |
+ |
804 |
+ if ! use ldap; then |
805 |
+ sed -i \ |
806 |
+ -e '/^AC_OUTPUT/s,audisp/plugins/zos-remote/Makefile,,g' \ |
807 |
+ "${S}"/configure.ac || die |
808 |
+ sed -i \ |
809 |
+ -e '/^SUBDIRS/s,zos-remote,,g' \ |
810 |
+ "${S}"/audisp/plugins/Makefile.am || die |
811 |
+ fi |
812 |
+ |
813 |
+ # Don't build static version of Python module. |
814 |
+ eapply "${FILESDIR}"/${PN}-2.4.3-python.patch |
815 |
+ |
816 |
+ # glibc/kernel upstreams suck with both defining ia64_fpreg |
817 |
+ # This patch is a horribly workaround that is only valid as long as you |
818 |
+ # don't need the OTHER definitions in fpu.h. |
819 |
+ eapply "${FILESDIR}"/${PN}-2.1.3-ia64-compile-fix.patch |
820 |
+ |
821 |
+ # there is no --without-golang conf option |
822 |
+ sed -e "/^SUBDIRS =/s/ @gobind_dir@//" -i bindings/Makefile.am || die |
823 |
+ |
824 |
+ # Regenerate autotooling |
825 |
+ eautoreconf |
826 |
+} |
827 |
+ |
828 |
+multilib_src_configure() { |
829 |
+ local ECONF_SOURCE=${S} |
830 |
+ econf \ |
831 |
+ --sbindir="${EPREFIX}/sbin" \ |
832 |
+ $(use_enable gssapi gssapi-krb5) \ |
833 |
+ $(use_enable static-libs static) \ |
834 |
+ --enable-systemd \ |
835 |
+ --without-python \ |
836 |
+ --without-python3 |
837 |
+ |
838 |
+ if multilib_is_native_abi; then |
839 |
+ python_configure() { |
840 |
+ mkdir -p "${BUILD_DIR}" || die |
841 |
+ cd "${BUILD_DIR}" || die |
842 |
+ |
843 |
+ if python_is_python3; then |
844 |
+ econf --without-python --with-python3 |
845 |
+ else |
846 |
+ econf --with-python --without-python3 |
847 |
+ fi |
848 |
+ } |
849 |
+ |
850 |
+ use python && python_foreach_impl python_configure |
851 |
+ fi |
852 |
+} |
853 |
+ |
854 |
+src_configure() { |
855 |
+ tc-export_build_env BUILD_{CC,CPP} |
856 |
+ export CC_FOR_BUILD="${BUILD_CC}" |
857 |
+ export CPP_FOR_BUILD="${BUILD_CPP}" |
858 |
+ |
859 |
+ multilib-minimal_src_configure |
860 |
+} |
861 |
+ |
862 |
+multilib_src_compile() { |
863 |
+ if multilib_is_native_abi; then |
864 |
+ default |
865 |
+ |
866 |
+ python_compile() { |
867 |
+ local pysuffix pydef |
868 |
+ if python_is_python3; then |
869 |
+ pysuffix=3 |
870 |
+ pydef='USE_PYTHON3=true' |
871 |
+ else |
872 |
+ pysuffix=2 |
873 |
+ pydef='HAVE_PYTHON=true' |
874 |
+ fi |
875 |
+ |
876 |
+ emake -C "${BUILD_DIR}"/bindings/swig \ |
877 |
+ VPATH="${native_build}/lib" \ |
878 |
+ LIBS="${native_build}/lib/libaudit.la" \ |
879 |
+ _audit_la_LIBADD="${native_build}/lib/libaudit.la" \ |
880 |
+ _audit_la_DEPENDENCIES="${S}/lib/libaudit.h ${native_build}/lib/libaudit.la" \ |
881 |
+ ${pydef} |
882 |
+ emake -C "${BUILD_DIR}"/bindings/python/python${pysuffix} \ |
883 |
+ VPATH="${S}/bindings/python/python${pysuffix}:${native_build}/bindings/python/python${pysuffix}" \ |
884 |
+ auparse_la_LIBADD="${native_build}/auparse/libauparse.la ${native_build}/lib/libaudit.la" \ |
885 |
+ ${pydef} |
886 |
+ } |
887 |
+ |
888 |
+ local native_build="${BUILD_DIR}" |
889 |
+ use python && python_foreach_impl python_compile |
890 |
+ else |
891 |
+ emake -C lib |
892 |
+ emake -C auparse |
893 |
+ fi |
894 |
+} |
895 |
+ |
896 |
+multilib_src_install() { |
897 |
+ if multilib_is_native_abi; then |
898 |
+ emake DESTDIR="${D}" initdir="$(systemd_get_systemunitdir)" install |
899 |
+ |
900 |
+ python_install() { |
901 |
+ local pysuffix pydef |
902 |
+ if python_is_python3; then |
903 |
+ pysuffix=3 |
904 |
+ pydef='USE_PYTHON3=true' |
905 |
+ else |
906 |
+ pysuffix=2 |
907 |
+ pydef='HAVE_PYTHON=true' |
908 |
+ fi |
909 |
+ |
910 |
+ emake -C "${BUILD_DIR}"/bindings/swig \ |
911 |
+ VPATH="${native_build}/lib" \ |
912 |
+ LIBS="${native_build}/lib/libaudit.la" \ |
913 |
+ _audit_la_LIBADD="${native_build}/lib/libaudit.la" \ |
914 |
+ _audit_la_DEPENDENCIES="${S}/lib/libaudit.h ${native_build}/lib/libaudit.la" \ |
915 |
+ ${pydef} \ |
916 |
+ DESTDIR="${D}" install |
917 |
+ emake -C "${BUILD_DIR}"/bindings/python/python${pysuffix} \ |
918 |
+ VPATH="${S}/bindings/python/python${pysuffix}:${native_build}/bindings/python/python${pysuffix}" \ |
919 |
+ auparse_la_LIBADD="${native_build}/auparse/libauparse.la ${native_build}/lib/libaudit.la" \ |
920 |
+ ${pydef} \ |
921 |
+ DESTDIR="${D}" install |
922 |
+ } |
923 |
+ |
924 |
+ local native_build=${BUILD_DIR} |
925 |
+ use python && python_foreach_impl python_install |
926 |
+ |
927 |
+ # things like shadow use this so we need to be in / |
928 |
+ gen_usr_ldscript -a audit auparse |
929 |
+ else |
930 |
+ emake -C lib DESTDIR="${D}" install |
931 |
+ emake -C auparse DESTDIR="${D}" install |
932 |
+ fi |
933 |
+} |
934 |
+ |
935 |
+multilib_src_install_all() { |
936 |
+ dodoc AUTHORS ChangeLog README* THANKS TODO |
937 |
+ docinto contrib |
938 |
+ dodoc contrib/{avc_snap,skeleton.c} |
939 |
+ docinto contrib/plugin |
940 |
+ dodoc contrib/plugin/* |
941 |
+ docinto rules |
942 |
+ dodoc rules/* |
943 |
+ |
944 |
+ newinitd "${FILESDIR}"/auditd-init.d-2.4.3 auditd |
945 |
+ newconfd "${FILESDIR}"/auditd-conf.d-2.1.3 auditd |
946 |
+ |
947 |
+ [ -f "${ED}"/sbin/audisp-remote ] && \ |
948 |
+ dodir /usr/sbin && \ |
949 |
+ mv "${ED}"/{sbin,usr/sbin}/audisp-remote || die |
950 |
+ |
951 |
+ # Gentoo rules |
952 |
+ insinto /etc/audit/ |
953 |
+ newins "${FILESDIR}"/audit.rules-2.1.3 audit.rules |
954 |
+ doins "${FILESDIR}"/audit.rules.stop* |
955 |
+ |
956 |
+ # audit logs go here |
957 |
+ keepdir /var/log/audit/ |
958 |
+ |
959 |
+ find "${D}" -name '*.la' -delete || die |
960 |
+ |
961 |
+ # Security |
962 |
+ lockdown_perms "${ED}" |
963 |
+} |
964 |
+ |
965 |
+pkg_preinst() { |
966 |
+ # Preserve from the audit-1 series |
967 |
+ preserve_old_lib /$(get_libdir)/libaudit.so.0 |
968 |
+} |
969 |
+ |
970 |
+pkg_postinst() { |
971 |
+ lockdown_perms "${EROOT}" |
972 |
+ # Preserve from the audit-1 series |
973 |
+ preserve_old_lib_notify /$(get_libdir)/libaudit.so.0 |
974 |
+} |
975 |
+ |
976 |
+lockdown_perms() { |
977 |
+ # Upstream wants these to have restrictive perms. |
978 |
+ # Should not || die as not all paths may exist. |
979 |
+ local basedir="$1" |
980 |
+ chmod 0750 "${basedir}"/sbin/au{ditctl,report,dispd,ditd,search,trace} 2>/dev/null |
981 |
+ chmod 0750 "${basedir}"/var/log/audit/ 2>/dev/null |
982 |
+ chmod 0640 "${basedir}"/etc/{audit/,}{auditd.conf,audit.rules*} 2>/dev/null |
983 |
+} |
984 |
|
985 |
diff --git a/sys-process/audit/files/audit-2.1.3-ia64-compile-fix.patch b/sys-process/audit/files/audit-2.1.3-ia64-compile-fix.patch |
986 |
new file mode 100644 |
987 |
index 00000000000..3ec60fbc48e |
988 |
--- /dev/null |
989 |
+++ b/sys-process/audit/files/audit-2.1.3-ia64-compile-fix.patch |
990 |
@@ -0,0 +1,212 @@ |
991 |
+diff -Nuar -X exclude audit-2.1.3.orig/configure.ac audit-2.1.3/configure.ac |
992 |
+--- audit-2.1.3.orig/configure.ac 2011-08-15 17:30:58.000000000 +0000 |
993 |
++++ audit-2.1.3/configure.ac 2012-12-18 20:03:22.000000000 +0000 |
994 |
+@@ -79,6 +79,9 @@ |
995 |
+ esac |
996 |
+ fi |
997 |
+ |
998 |
++AC_CHECK_HEADER([asm/ptrace.h], [AC_DEFINE([HAVE_ASM_PTRACE_H],[],[Define to 1 if you have asm/ptrace.h])], []) |
999 |
++AC_CHECK_HEADER([linux/ptrace.h], [AC_DEFINE([HAVE_LINUX_PTRACE_H],[],[Define to 1 if you have linux/ptrace.h])], []) |
1000 |
++ |
1001 |
+ #gssapi |
1002 |
+ AC_ARG_ENABLE(gssapi_krb5, |
1003 |
+ [AS_HELP_STRING([--enable-gssapi-krb5],[Enable GSSAPI Kerberos 5 support @<:@default=no@:>@])], |
1004 |
+diff -Nuar -X exclude audit-2.1.3.orig/src/auditctl.c audit-2.1.3/src/auditctl.c |
1005 |
+--- audit-2.1.3.orig/src/auditctl.c 2011-08-15 17:31:00.000000000 +0000 |
1006 |
++++ audit-2.1.3/src/auditctl.c 2012-12-18 20:21:21.000000000 +0000 |
1007 |
+@@ -22,6 +22,7 @@ |
1008 |
+ */ |
1009 |
+ |
1010 |
+ #include "config.h" |
1011 |
++#include "fixup.h" |
1012 |
+ #include <stdio.h> |
1013 |
+ #include <stdlib.h> |
1014 |
+ #include <string.h> /* strdup needs xopen define */ |
1015 |
+diff -Nuar -X exclude audit-2.1.3.orig/src/auditd-config.c audit-2.1.3/src/auditd-config.c |
1016 |
+--- audit-2.1.3.orig/src/auditd-config.c 2011-08-15 17:31:00.000000000 +0000 |
1017 |
++++ audit-2.1.3/src/auditd-config.c 2012-12-18 20:21:23.000000000 +0000 |
1018 |
+@@ -22,6 +22,7 @@ |
1019 |
+ */ |
1020 |
+ |
1021 |
+ #include "config.h" |
1022 |
++#include "fixup.h" |
1023 |
+ #include <stdio.h> |
1024 |
+ #include <unistd.h> |
1025 |
+ #include <sys/stat.h> |
1026 |
+diff -Nuar -X exclude audit-2.1.3.orig/src/auditd-dispatch.c audit-2.1.3/src/auditd-dispatch.c |
1027 |
+--- audit-2.1.3.orig/src/auditd-dispatch.c 2011-08-15 17:31:00.000000000 +0000 |
1028 |
++++ audit-2.1.3/src/auditd-dispatch.c 2012-12-18 20:21:27.000000000 +0000 |
1029 |
+@@ -22,6 +22,7 @@ |
1030 |
+ */ |
1031 |
+ |
1032 |
+ #include "config.h" |
1033 |
++#include "fixup.h" |
1034 |
+ #include <unistd.h> |
1035 |
+ #include <sys/uio.h> |
1036 |
+ #include <fcntl.h> |
1037 |
+diff -Nuar -X exclude audit-2.1.3.orig/src/auditd-event.c audit-2.1.3/src/auditd-event.c |
1038 |
+--- audit-2.1.3.orig/src/auditd-event.c 2011-08-15 17:31:00.000000000 +0000 |
1039 |
++++ audit-2.1.3/src/auditd-event.c 2012-12-18 20:21:29.000000000 +0000 |
1040 |
+@@ -22,6 +22,7 @@ |
1041 |
+ */ |
1042 |
+ |
1043 |
+ #include "config.h" |
1044 |
++#include "fixup.h" |
1045 |
+ #include <stdio.h> |
1046 |
+ #include <stdlib.h> |
1047 |
+ #include <unistd.h> |
1048 |
+diff -Nuar -X exclude audit-2.1.3.orig/src/auditd-listen.c audit-2.1.3/src/auditd-listen.c |
1049 |
+--- audit-2.1.3.orig/src/auditd-listen.c 2011-08-15 17:31:00.000000000 +0000 |
1050 |
++++ audit-2.1.3/src/auditd-listen.c 2012-12-18 20:21:31.000000000 +0000 |
1051 |
+@@ -22,6 +22,7 @@ |
1052 |
+ */ |
1053 |
+ |
1054 |
+ #include "config.h" |
1055 |
++#include "fixup.h" |
1056 |
+ #include <stdio.h> |
1057 |
+ #include <unistd.h> |
1058 |
+ #include <sys/stat.h> |
1059 |
+diff -Nuar -X exclude audit-2.1.3.orig/src/auditd-reconfig.c audit-2.1.3/src/auditd-reconfig.c |
1060 |
+--- audit-2.1.3.orig/src/auditd-reconfig.c 2011-08-15 17:31:00.000000000 +0000 |
1061 |
++++ audit-2.1.3/src/auditd-reconfig.c 2012-12-18 20:21:33.000000000 +0000 |
1062 |
+@@ -22,6 +22,7 @@ |
1063 |
+ */ |
1064 |
+ |
1065 |
+ #include "config.h" |
1066 |
++#include "fixup.h" |
1067 |
+ #include <pthread.h> |
1068 |
+ #include <signal.h> |
1069 |
+ #include <stdlib.h> |
1070 |
+diff -Nuar -X exclude audit-2.1.3.orig/src/auditd-sendmail.c audit-2.1.3/src/auditd-sendmail.c |
1071 |
+--- audit-2.1.3.orig/src/auditd-sendmail.c 2011-08-15 17:31:00.000000000 +0000 |
1072 |
++++ audit-2.1.3/src/auditd-sendmail.c 2012-12-18 20:21:34.000000000 +0000 |
1073 |
+@@ -22,6 +22,7 @@ |
1074 |
+ */ |
1075 |
+ |
1076 |
+ #include "config.h" |
1077 |
++#include "fixup.h" |
1078 |
+ #include <stdio.h> |
1079 |
+ #include <unistd.h> // for access() |
1080 |
+ #include <string.h> |
1081 |
+diff -Nuar -X exclude audit-2.1.3.orig/src/auditd.c audit-2.1.3/src/auditd.c |
1082 |
+--- audit-2.1.3.orig/src/auditd.c 2011-08-15 17:31:00.000000000 +0000 |
1083 |
++++ audit-2.1.3/src/auditd.c 2012-12-18 20:21:38.000000000 +0000 |
1084 |
+@@ -22,6 +22,7 @@ |
1085 |
+ */ |
1086 |
+ |
1087 |
+ #include "config.h" |
1088 |
++#include "fixup.h" |
1089 |
+ #include <stdio.h> |
1090 |
+ #include <sys/types.h> |
1091 |
+ #include <unistd.h> |
1092 |
+diff -Nuar -X exclude audit-2.1.3.orig/src/autrace.c audit-2.1.3/src/autrace.c |
1093 |
+--- audit-2.1.3.orig/src/autrace.c 2011-08-15 17:31:00.000000000 +0000 |
1094 |
++++ audit-2.1.3/src/autrace.c 2012-12-18 20:21:43.000000000 +0000 |
1095 |
+@@ -21,6 +21,7 @@ |
1096 |
+ */ |
1097 |
+ |
1098 |
+ #include "config.h" |
1099 |
++#include "fixup.h" |
1100 |
+ #include <stdio.h> |
1101 |
+ #include <string.h> |
1102 |
+ #include <sys/wait.h> |
1103 |
+diff -Nuar -X exclude audit-2.1.3.orig/src/delete_all.c audit-2.1.3/src/delete_all.c |
1104 |
+--- audit-2.1.3.orig/src/delete_all.c 2011-08-15 17:31:00.000000000 +0000 |
1105 |
++++ audit-2.1.3/src/delete_all.c 2012-12-18 20:21:48.000000000 +0000 |
1106 |
+@@ -20,6 +20,7 @@ |
1107 |
+ * Steve Grubb <sgrubb@××××××.com> |
1108 |
+ */ |
1109 |
+ #include "config.h" |
1110 |
++#include "fixup.h" |
1111 |
+ #include <stdio.h> |
1112 |
+ #include <string.h> |
1113 |
+ #include <errno.h> |
1114 |
+diff -Nuar -X exclude audit-2.1.3.orig/lib/fixup.h audit-2.1.3/lib/fixup.h |
1115 |
+--- audit-2.1.3.orig/lib/fixup.h 1970-01-01 00:00:00.000000000 +0000 |
1116 |
++++ audit-2.1.3/lib/fixup.h 2012-12-18 20:21:02.000000000 +0000 |
1117 |
+@@ -0,0 +1,17 @@ |
1118 |
++#ifndef _AUDIT_IA64_FIXUP_H_ |
1119 |
++#define _AUDIT_IA64_FIXUP_H_ |
1120 |
++ |
1121 |
++#ifdef __ia64__ /* what a pos */ |
1122 |
++# include <linux/types.h> |
1123 |
++# define _ASM_IA64_FPU_H |
1124 |
++#endif |
1125 |
++#include <signal.h> |
1126 |
++/* |
1127 |
++#ifdef HAVE_ASM_PTRACE_H |
1128 |
++# include <asm/ptrace.h> |
1129 |
++#endif |
1130 |
++#ifdef HAVE_LINUX_PTRACE_H |
1131 |
++# include <linux/ptrace.h> |
1132 |
++#endif |
1133 |
++*/ |
1134 |
++#endif |
1135 |
+--- audit-2.1.3/src/ausearch.c 2012-12-22 03:09:54.000000000 +0000 |
1136 |
++++ audit-2.1.3/src/ausearch.c 2012-12-22 03:10:02.000000000 +0000 |
1137 |
+@@ -22,6 +22,7 @@ |
1138 |
+ */ |
1139 |
+ |
1140 |
+ #include "config.h" |
1141 |
++#include "fixup.h" |
1142 |
+ #include <stdio.h> |
1143 |
+ #include <stdio_ext.h> |
1144 |
+ #include <string.h> |
1145 |
+diff -Nuar audit-2.1.3.orig/audisp/audispd.c audit-2.1.3/audisp/audispd.c |
1146 |
+--- audit-2.1.3.orig/audisp/audispd.c 2011-08-15 17:30:59.000000000 +0000 |
1147 |
++++ audit-2.1.3/audisp/audispd.c 2012-12-22 03:25:15.000000000 +0000 |
1148 |
+@@ -21,6 +21,7 @@ |
1149 |
+ */ |
1150 |
+ |
1151 |
+ #include "config.h" |
1152 |
++#include "fixup.h" |
1153 |
+ #include <stdio.h> |
1154 |
+ #include <unistd.h> |
1155 |
+ #include <stdlib.h> |
1156 |
+diff -Nuar audit-2.1.3.orig/audisp/plugins/prelude/audisp-prelude.c audit-2.1.3/audisp/plugins/prelude/audisp-prelude.c |
1157 |
+--- audit-2.1.3.orig/audisp/plugins/prelude/audisp-prelude.c 2011-08-15 17:30:59.000000000 +0000 |
1158 |
++++ audit-2.1.3/audisp/plugins/prelude/audisp-prelude.c 2012-12-22 03:25:20.000000000 +0000 |
1159 |
+@@ -21,6 +21,8 @@ |
1160 |
+ * |
1161 |
+ */ |
1162 |
+ |
1163 |
++#include "config.h" |
1164 |
++#include "fixup.h" |
1165 |
+ #include <stdio.h> |
1166 |
+ #include <stdlib.h> |
1167 |
+ #include <signal.h> |
1168 |
+diff -Nuar audit-2.1.3.orig/audisp/plugins/remote/audisp-remote.c audit-2.1.3/audisp/plugins/remote/audisp-remote.c |
1169 |
+--- audit-2.1.3.orig/audisp/plugins/remote/audisp-remote.c 2011-08-15 17:30:59.000000000 +0000 |
1170 |
++++ audit-2.1.3/audisp/plugins/remote/audisp-remote.c 2012-12-22 03:25:22.000000000 +0000 |
1171 |
+@@ -22,6 +22,7 @@ |
1172 |
+ */ |
1173 |
+ |
1174 |
+ #include "config.h" |
1175 |
++#include "fixup.h" |
1176 |
+ #include <stdio.h> |
1177 |
+ #include <signal.h> |
1178 |
+ #include <syslog.h> |
1179 |
+diff -Nuar audit-2.1.3.orig/contrib/plugin/audisp-example.c audit-2.1.3/contrib/plugin/audisp-example.c |
1180 |
+--- audit-2.1.3.orig/contrib/plugin/audisp-example.c 2011-08-15 17:31:02.000000000 +0000 |
1181 |
++++ audit-2.1.3/contrib/plugin/audisp-example.c 2012-12-22 03:25:27.000000000 +0000 |
1182 |
+@@ -37,6 +37,8 @@ |
1183 |
+ */ |
1184 |
+ |
1185 |
+ #define _GNU_SOURCE |
1186 |
++#include "config.h" |
1187 |
++#include "fixup.h" |
1188 |
+ #include <stdio.h> |
1189 |
+ #include <signal.h> |
1190 |
+ #include <string.h> |
1191 |
+diff -Nuar audit-2.1.3.orig/contrib/skeleton.c audit-2.1.3/contrib/skeleton.c |
1192 |
+--- audit-2.1.3.orig/contrib/skeleton.c 2011-08-15 17:31:02.000000000 +0000 |
1193 |
++++ audit-2.1.3/contrib/skeleton.c 2012-12-22 03:25:40.000000000 +0000 |
1194 |
+@@ -7,6 +7,8 @@ |
1195 |
+ * gcc skeleton.c -o skeleton -laudit |
1196 |
+ */ |
1197 |
+ |
1198 |
++#include "config.h" |
1199 |
++#include "fixup.h" |
1200 |
+ #include <stdio.h> |
1201 |
+ #include <sys/types.h> |
1202 |
+ #include <sys/uio.h> |
1203 |
|
1204 |
diff --git a/sys-process/audit/files/audit.rules b/sys-process/audit/files/audit.rules |
1205 |
new file mode 100644 |
1206 |
index 00000000000..ef0e6ee26f3 |
1207 |
--- /dev/null |
1208 |
+++ b/sys-process/audit/files/audit.rules |
1209 |
@@ -0,0 +1,24 @@ |
1210 |
+# Copyright 1999-2005 Gentoo Foundation |
1211 |
+# Distributed under the terms of the GNU General Public License v2 |
1212 |
+# |
1213 |
+# This file contains the auditctl rules that are loaded |
1214 |
+# whenever the audit daemon is started via the initscripts. |
1215 |
+# The rules are simply the parameters that would be passed |
1216 |
+# to auditctl. |
1217 |
+ |
1218 |
+# First rule - delete all |
1219 |
+# This is to clear out old rules, so we don't append to them. |
1220 |
+-D |
1221 |
+ |
1222 |
+# Feel free to add below this line. See auditctl man page |
1223 |
+ |
1224 |
+# The following rule would cause all of the syscalls listed to be ignored in logging. |
1225 |
+# -a entry,never -S read -S write -S open -S fstat -S fstat64 -S mmap -S brk -S munmap -S _llseek -S nanosleep -S fcntl64 -S close -S dup2 -S rt_sigaction -S stat64 -S stat |
1226 |
+ |
1227 |
+# The following rule would cause the capture of all systems not caught above. |
1228 |
+# -a entry,always -S all |
1229 |
+ |
1230 |
+# Increase the buffers to survive stress events |
1231 |
+-b 256 |
1232 |
+ |
1233 |
+# vim:ft=conf: |
1234 |
|
1235 |
diff --git a/sys-process/audit/files/audit.rules.stop.post b/sys-process/audit/files/audit.rules.stop.post |
1236 |
new file mode 100644 |
1237 |
index 00000000000..29ae197f18b |
1238 |
--- /dev/null |
1239 |
+++ b/sys-process/audit/files/audit.rules.stop.post |
1240 |
@@ -0,0 +1,12 @@ |
1241 |
+# Copyright 1999-2005 Gentoo Foundation |
1242 |
+# Distributed under the terms of the GNU General Public License v2 |
1243 |
+# |
1244 |
+# This file contains the auditctl rules that are loaded immediately after the |
1245 |
+# audit deamon is stopped via the initscripts. |
1246 |
+# The rules are simply the parameters that would be passed |
1247 |
+# to auditctl. |
1248 |
+ |
1249 |
+# Not used for the default Gentoo configuration as of v1.2.3 |
1250 |
+# Paranoid security types might wish to reconfigure kauditd here. |
1251 |
+ |
1252 |
+# vim:ft=conf: |
1253 |
|
1254 |
diff --git a/sys-process/audit/files/audit.rules.stop.pre b/sys-process/audit/files/audit.rules.stop.pre |
1255 |
new file mode 100644 |
1256 |
index 00000000000..1f34173369e |
1257 |
--- /dev/null |
1258 |
+++ b/sys-process/audit/files/audit.rules.stop.pre |
1259 |
@@ -0,0 +1,15 @@ |
1260 |
+# Copyright 1999-2011 Gentoo Foundation |
1261 |
+# Distributed under the terms of the GNU General Public License v2 |
1262 |
+# |
1263 |
+# This file contains the auditctl rules that are loaded immediately before the |
1264 |
+# audit deamon is stopped via the initscripts. |
1265 |
+# The rules are simply the parameters that would be passed |
1266 |
+# to auditctl. |
1267 |
+ |
1268 |
+# auditd is stopping, don't capture events anymore |
1269 |
+-D |
1270 |
+ |
1271 |
+# Disable kernel generating audit events |
1272 |
+-e 0 |
1273 |
+ |
1274 |
+# vim:ft=conf: |