| 1 |
commit: dcf4262cdd1e64450de4f825edc61f310894401c |
| 2 |
Author: Michał Górny <mgorny <AT> gentoo <DOT> org> |
| 3 |
AuthorDate: Fri Jan 1 22:52:33 2021 +0000 |
| 4 |
Commit: Michał Górny <mgorny <AT> gentoo <DOT> org> |
| 5 |
CommitDate: Fri Jan 1 22:57:14 2021 +0000 |
| 6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=dcf4262c |
| 7 |
|
| 8 |
sys-process/audit: Revert "Remove old (py3.6)" |
| 9 |
|
| 10 |
Removed too many files/ due to a misgrep. |
| 11 |
|
| 12 |
Reverts: 7494ff77d198e87226f368af01769e2ebb38cb61 |
| 13 |
Closes: https://bugs.gentoo.org/762919 |
| 14 |
Signed-off-by: Michał Górny <mgorny <AT> gentoo.org> |
| 15 |
|
| 16 |
sys-process/audit/Manifest | 4 + |
| 17 |
sys-process/audit/audit-2.6.4.ebuild | 230 +++++++++++++++++++++ |
| 18 |
sys-process/audit/audit-2.7.1.ebuild | 230 +++++++++++++++++++++ |
| 19 |
sys-process/audit/audit-2.8.2.ebuild | 228 ++++++++++++++++++++ |
| 20 |
sys-process/audit/audit-2.8.3.ebuild | 228 ++++++++++++++++++++ |
| 21 |
.../audit/files/audit-2.1.3-ia64-compile-fix.patch | 212 +++++++++++++++++++ |
| 22 |
sys-process/audit/files/audit.rules | 24 +++ |
| 23 |
sys-process/audit/files/audit.rules.stop.post | 12 ++ |
| 24 |
sys-process/audit/files/audit.rules.stop.pre | 15 ++ |
| 25 |
9 files changed, 1183 insertions(+) |
| 26 |
|
| 27 |
diff --git a/sys-process/audit/Manifest b/sys-process/audit/Manifest |
| 28 |
index d5276de092b..2890c29de36 100644 |
| 29 |
--- a/sys-process/audit/Manifest |
| 30 |
+++ b/sys-process/audit/Manifest |
| 31 |
@@ -1,4 +1,8 @@ |
| 32 |
DIST audit-017e6c6ab95df55f34e339d2139def83e5dada1f.patch 852 BLAKE2B 60d8b813f57338ce267a09913e68a0726acf5cf878cd2893fe2493f80d2b0ac1e0504dc7a72e85134ae2597b268cb1772b4e7c6c2f19149fc905f6928e2db47f SHA512 78e32c05b6896d37bacf0938954fbce7486a528dabd55421f1715438fe489171f9157059050abdcb3f673258aa28b4a11f643ddb7824f3499a195dbbe634f101 |
| 33 |
+DIST audit-2.6.4.tar.gz 1078677 BLAKE2B 056d9f269926d9b0d74f7187f833f1e94d4e03a5137750fe4ff87b71fa0ce0e0a8569b97ecbd671f951061cfb088dff17b46e37cc14122864c37615356646fc5 SHA512 69b5d3987d2b8b189d1242fde639af3d7d366e901733133e47ee71223caf73aa7da40b7811298f0af861969b0ab482c5ef9830b711bdd15bd5f4d0ebc88a1224 |
| 34 |
+DIST audit-2.7.1.tar.gz 1099083 BLAKE2B 10f72ac3273ce9e23e1fb8ad8d57dcae772ba1f861f519867399d95e14f4809897637969de45566d62a73a35e5674260155773daf8de00481fcbd1b9c3138f96 SHA512 37964d81deee8608fde5f90d5d096727d3eb009e084be34749adcb0662e607e35c49c80bd83ce38b17161f11363b691721c8a8aa5dea832d320c53ab0ebb7483 |
| 35 |
+DIST audit-2.8.2.tar.gz 1121970 BLAKE2B bbec694ed1177a8590d035c2d6d197e49343fc370b101589e58736042c3b12cabb68fe796422f3133feb79068ab7d5931efa5414d22edead10c8871fefcd2549 SHA512 888ebf5e8e9d285b82d87377fc8836886d7a8b089c1be4091420a77a0250c9baf09aebb7a6330ff5043fb35f51eb6baf8d4491e26da7ad0811f0087e395b5012 |
| 36 |
+DIST audit-2.8.3.tar.gz 1107583 BLAKE2B 21c2b8543a31c0ca4319af40b844f4400615108a59195a95ea79499ff2923d7dbbc840716d60dfba311bfc451983cd4cd0f7cb27c2444825df2c0dfb50f9614f SHA512 aa939b81a66111f4e466208d7a38414bd186d00ccd374b420439764905b4707bbfcdc2331a6179a080fca981d19171696ecabd26674205b2f9339c44954db933 |
| 37 |
DIST audit-2.8.4.tar.gz 1123889 BLAKE2B b80272b1984942d3c38bde30d22c736a8cc8896a2e42a9bf286446129313ce57a2a117ce26a0a5f1a4a06b4a48ddde463b8837b8c98273051be0c90e5bbebd42 SHA512 5795c565effab995cee447a2dc457ef6a6f15201fb185d7104992ac373a3cb5cfc865dd661c0896a895c96f452eff392d455064d0eead55cd7364d96e0d15c4a |
| 38 |
DIST audit-2.8.5.tar.gz 1140694 BLAKE2B 64fd0cd93f934e3dd11faf21fcd765894a9c4336d8322179980bb7df1ef5a06d301a665860aeb84fefa0cf278940668023675b99ba7f33cdcfb542d869034358 SHA512 7d416aaa21c1a167f8e911ca82aecbaba804424f3243f505066c43ecc4a62a34feb2c27555e99d3268608404793dccca0f828c63670e3aa816016fb493f8174a |
| 39 |
DIST audit-2.8.5_p80866dc78b5d.tar.gz 552094 BLAKE2B adb936a314ef2f11828ee00f3513631e06e2df09e37e68be27b1b694e278116d2f486dbde7ed57c77d9ff0bcd09309ea841959c7a66caed6770f367d65dd14f4 SHA512 7ec103bf076cfac7906748162e78835f1f65dd9d68e3a7466346e0473075beb47897adf88ab9ba0eb42db1953372aafb16cc040674b9a9c887730c062b82540a |
| 40 |
|
| 41 |
diff --git a/sys-process/audit/audit-2.6.4.ebuild b/sys-process/audit/audit-2.6.4.ebuild |
| 42 |
new file mode 100644 |
| 43 |
index 00000000000..fe6c17834e6 |
| 44 |
--- /dev/null |
| 45 |
+++ b/sys-process/audit/audit-2.6.4.ebuild |
| 46 |
@@ -0,0 +1,230 @@ |
| 47 |
+# Copyright 1999-2020 Gentoo Authors |
| 48 |
+# Distributed under the terms of the GNU General Public License v2 |
| 49 |
+ |
| 50 |
+EAPI="6" |
| 51 |
+ |
| 52 |
+PYTHON_COMPAT=( python3_6 ) |
| 53 |
+ |
| 54 |
+inherit autotools ltprune multilib multilib-minimal toolchain-funcs preserve-libs python-r1 linux-info systemd usr-ldscript |
| 55 |
+ |
| 56 |
+DESCRIPTION="Userspace utilities for storing and processing auditing records" |
| 57 |
+HOMEPAGE="https://people.redhat.com/sgrubb/audit/" |
| 58 |
+SRC_URI="https://people.redhat.com/sgrubb/audit/${P}.tar.gz" |
| 59 |
+ |
| 60 |
+LICENSE="GPL-2+ LGPL-2.1+" |
| 61 |
+SLOT="0" |
| 62 |
+KEYWORDS="~alpha amd64 arm ~arm64 hppa ~ia64 ~mips ppc ppc64 ~s390 sparc x86" |
| 63 |
+IUSE="gssapi ldap python static-libs" |
| 64 |
+REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )" |
| 65 |
+# Testcases are pretty useless as they are built for RedHat users/groups and kernels. |
| 66 |
+RESTRICT="test" |
| 67 |
+ |
| 68 |
+RDEPEND="gssapi? ( virtual/krb5 ) |
| 69 |
+ ldap? ( net-nds/openldap ) |
| 70 |
+ sys-libs/libcap-ng |
| 71 |
+ python? ( ${PYTHON_DEPS} )" |
| 72 |
+DEPEND="${RDEPEND} |
| 73 |
+ >=sys-kernel/linux-headers-2.6.34 |
| 74 |
+ python? ( dev-lang/swig:0 )" |
| 75 |
+# Do not use os-headers as this is linux specific |
| 76 |
+ |
| 77 |
+CONFIG_CHECK="~AUDIT" |
| 78 |
+ |
| 79 |
+pkg_setup() { |
| 80 |
+ linux-info_pkg_setup |
| 81 |
+} |
| 82 |
+ |
| 83 |
+src_prepare() { |
| 84 |
+ eapply_user |
| 85 |
+ |
| 86 |
+ # Do not build GUI tools |
| 87 |
+ sed -i \ |
| 88 |
+ -e '/AC_CONFIG_SUBDIRS.*system-config-audit/d' \ |
| 89 |
+ "${S}"/configure.ac || die |
| 90 |
+ sed -i \ |
| 91 |
+ -e 's,system-config-audit,,g' \ |
| 92 |
+ "${S}"/Makefile.am || die |
| 93 |
+ rm -rf "${S}"/system-config-audit |
| 94 |
+ |
| 95 |
+ if ! use ldap; then |
| 96 |
+ sed -i \ |
| 97 |
+ -e '/^AC_OUTPUT/s,audisp/plugins/zos-remote/Makefile,,g' \ |
| 98 |
+ "${S}"/configure.ac || die |
| 99 |
+ sed -i \ |
| 100 |
+ -e '/^SUBDIRS/s,zos-remote,,g' \ |
| 101 |
+ "${S}"/audisp/plugins/Makefile.am || die |
| 102 |
+ fi |
| 103 |
+ |
| 104 |
+ # Don't build static version of Python module. |
| 105 |
+ eapply "${FILESDIR}"/${PN}-2.4.3-python.patch |
| 106 |
+ |
| 107 |
+ # glibc/kernel upstreams suck with both defining ia64_fpreg |
| 108 |
+ # This patch is a horribly workaround that is only valid as long as you |
| 109 |
+ # don't need the OTHER definitions in fpu.h. |
| 110 |
+ eapply "${FILESDIR}"/${PN}-2.1.3-ia64-compile-fix.patch |
| 111 |
+ |
| 112 |
+ # there is no --without-golang conf option |
| 113 |
+ sed -e "/^SUBDIRS =/s/ @gobind_dir@//" -i bindings/Makefile.am || die |
| 114 |
+ |
| 115 |
+ # Regenerate autotooling |
| 116 |
+ eautoreconf |
| 117 |
+} |
| 118 |
+ |
| 119 |
+multilib_src_configure() { |
| 120 |
+ local ECONF_SOURCE=${S} |
| 121 |
+ econf \ |
| 122 |
+ --sbindir="${EPREFIX}/sbin" \ |
| 123 |
+ $(use_enable gssapi gssapi-krb5) \ |
| 124 |
+ $(use_enable static-libs static) \ |
| 125 |
+ --enable-systemd \ |
| 126 |
+ --without-python \ |
| 127 |
+ --without-python3 |
| 128 |
+ |
| 129 |
+ if multilib_is_native_abi; then |
| 130 |
+ python_configure() { |
| 131 |
+ mkdir -p "${BUILD_DIR}" || die |
| 132 |
+ cd "${BUILD_DIR}" || die |
| 133 |
+ |
| 134 |
+ if python_is_python3; then |
| 135 |
+ econf --without-python --with-python3 |
| 136 |
+ else |
| 137 |
+ econf --with-python --without-python3 |
| 138 |
+ fi |
| 139 |
+ } |
| 140 |
+ |
| 141 |
+ use python && python_foreach_impl python_configure |
| 142 |
+ fi |
| 143 |
+} |
| 144 |
+ |
| 145 |
+src_configure() { |
| 146 |
+ tc-export_build_env BUILD_{CC,CPP} |
| 147 |
+ export CC_FOR_BUILD="${BUILD_CC}" |
| 148 |
+ export CPP_FOR_BUILD="${BUILD_CPP}" |
| 149 |
+ |
| 150 |
+ multilib-minimal_src_configure |
| 151 |
+} |
| 152 |
+ |
| 153 |
+multilib_src_compile() { |
| 154 |
+ if multilib_is_native_abi; then |
| 155 |
+ default |
| 156 |
+ |
| 157 |
+ python_compile() { |
| 158 |
+ local pysuffix pydef |
| 159 |
+ if python_is_python3; then |
| 160 |
+ pysuffix=3 |
| 161 |
+ pydef='USE_PYTHON3=true' |
| 162 |
+ else |
| 163 |
+ pysuffix=2 |
| 164 |
+ pydef='HAVE_PYTHON=true' |
| 165 |
+ fi |
| 166 |
+ |
| 167 |
+ emake -C "${BUILD_DIR}"/bindings/swig \ |
| 168 |
+ VPATH="${native_build}/lib" \ |
| 169 |
+ LIBS="${native_build}/lib/libaudit.la" \ |
| 170 |
+ _audit_la_LIBADD="${native_build}/lib/libaudit.la" \ |
| 171 |
+ _audit_la_DEPENDENCIES="${S}/lib/libaudit.h ${native_build}/lib/libaudit.la" \ |
| 172 |
+ ${pydef} |
| 173 |
+ emake -C "${BUILD_DIR}"/bindings/python/python${pysuffix} \ |
| 174 |
+ VPATH="${S}/bindings/python/python${pysuffix}:${native_build}/bindings/python/python${pysuffix}" \ |
| 175 |
+ auparse_la_LIBADD="${native_build}/auparse/libauparse.la ${native_build}/lib/libaudit.la" \ |
| 176 |
+ ${pydef} |
| 177 |
+ } |
| 178 |
+ |
| 179 |
+ local native_build="${BUILD_DIR}" |
| 180 |
+ use python && python_foreach_impl python_compile |
| 181 |
+ else |
| 182 |
+ emake -C lib |
| 183 |
+ emake -C auparse |
| 184 |
+ fi |
| 185 |
+} |
| 186 |
+ |
| 187 |
+multilib_src_install() { |
| 188 |
+ if multilib_is_native_abi; then |
| 189 |
+ emake DESTDIR="${D}" initdir="$(systemd_get_systemunitdir)" install |
| 190 |
+ |
| 191 |
+ python_install() { |
| 192 |
+ local pysuffix pydef |
| 193 |
+ if python_is_python3; then |
| 194 |
+ pysuffix=3 |
| 195 |
+ pydef='USE_PYTHON3=true' |
| 196 |
+ else |
| 197 |
+ pysuffix=2 |
| 198 |
+ pydef='HAVE_PYTHON=true' |
| 199 |
+ fi |
| 200 |
+ |
| 201 |
+ emake -C "${BUILD_DIR}"/bindings/swig \ |
| 202 |
+ VPATH="${native_build}/lib" \ |
| 203 |
+ LIBS="${native_build}/lib/libaudit.la" \ |
| 204 |
+ _audit_la_LIBADD="${native_build}/lib/libaudit.la" \ |
| 205 |
+ _audit_la_DEPENDENCIES="${S}/lib/libaudit.h ${native_build}/lib/libaudit.la" \ |
| 206 |
+ ${pydef} \ |
| 207 |
+ DESTDIR="${D}" install |
| 208 |
+ emake -C "${BUILD_DIR}"/bindings/python/python${pysuffix} \ |
| 209 |
+ VPATH="${S}/bindings/python/python${pysuffix}:${native_build}/bindings/python/python${pysuffix}" \ |
| 210 |
+ auparse_la_LIBADD="${native_build}/auparse/libauparse.la ${native_build}/lib/libaudit.la" \ |
| 211 |
+ ${pydef} \ |
| 212 |
+ DESTDIR="${D}" install |
| 213 |
+ } |
| 214 |
+ |
| 215 |
+ local native_build=${BUILD_DIR} |
| 216 |
+ use python && python_foreach_impl python_install |
| 217 |
+ |
| 218 |
+ # things like shadow use this so we need to be in / |
| 219 |
+ gen_usr_ldscript -a audit auparse |
| 220 |
+ else |
| 221 |
+ emake -C lib DESTDIR="${D}" install |
| 222 |
+ emake -C auparse DESTDIR="${D}" install |
| 223 |
+ fi |
| 224 |
+} |
| 225 |
+ |
| 226 |
+multilib_src_install_all() { |
| 227 |
+ dodoc AUTHORS ChangeLog README* THANKS TODO |
| 228 |
+ docinto contrib |
| 229 |
+ dodoc contrib/{avc_snap,skeleton.c} |
| 230 |
+ docinto contrib/plugin |
| 231 |
+ dodoc contrib/plugin/* |
| 232 |
+ docinto rules |
| 233 |
+ dodoc rules/* |
| 234 |
+ |
| 235 |
+ newinitd "${FILESDIR}"/auditd-init.d-2.4.3 auditd |
| 236 |
+ newconfd "${FILESDIR}"/auditd-conf.d-2.1.3 auditd |
| 237 |
+ |
| 238 |
+ chmod 644 "${D}$(systemd_get_systemunitdir)"/auditd.service || die # 556436 |
| 239 |
+ |
| 240 |
+ [ -f "${ED}"/sbin/audisp-remote ] && \ |
| 241 |
+ dodir /usr/sbin && \ |
| 242 |
+ mv "${ED}"/{sbin,usr/sbin}/audisp-remote || die |
| 243 |
+ |
| 244 |
+ # Gentoo rules |
| 245 |
+ insinto /etc/audit/ |
| 246 |
+ newins "${FILESDIR}"/audit.rules-2.1.3 audit.rules |
| 247 |
+ doins "${FILESDIR}"/audit.rules.stop* |
| 248 |
+ |
| 249 |
+ # audit logs go here |
| 250 |
+ keepdir /var/log/audit/ |
| 251 |
+ |
| 252 |
+ # Security |
| 253 |
+ lockdown_perms "${ED}" |
| 254 |
+ |
| 255 |
+ prune_libtool_files --modules |
| 256 |
+} |
| 257 |
+ |
| 258 |
+pkg_preinst() { |
| 259 |
+ # Preserve from the audit-1 series |
| 260 |
+ preserve_old_lib /$(get_libdir)/libaudit.so.0 |
| 261 |
+} |
| 262 |
+ |
| 263 |
+pkg_postinst() { |
| 264 |
+ lockdown_perms "${EROOT}" |
| 265 |
+ # Preserve from the audit-1 series |
| 266 |
+ preserve_old_lib_notify /$(get_libdir)/libaudit.so.0 |
| 267 |
+} |
| 268 |
+ |
| 269 |
+lockdown_perms() { |
| 270 |
+ # Upstream wants these to have restrictive perms. |
| 271 |
+ # Should not || die as not all paths may exist. |
| 272 |
+ local basedir="$1" |
| 273 |
+ chmod 0750 "${basedir}"/sbin/au{ditctl,report,dispd,ditd,search,trace} 2>/dev/null |
| 274 |
+ chmod 0750 "${basedir}"/var/log/audit/ 2>/dev/null |
| 275 |
+ chmod 0640 "${basedir}"/etc/{audit/,}{auditd.conf,audit.rules*} 2>/dev/null |
| 276 |
+} |
| 277 |
|
| 278 |
diff --git a/sys-process/audit/audit-2.7.1.ebuild b/sys-process/audit/audit-2.7.1.ebuild |
| 279 |
new file mode 100644 |
| 280 |
index 00000000000..b3448548a50 |
| 281 |
--- /dev/null |
| 282 |
+++ b/sys-process/audit/audit-2.7.1.ebuild |
| 283 |
@@ -0,0 +1,230 @@ |
| 284 |
+# Copyright 1999-2020 Gentoo Authors |
| 285 |
+# Distributed under the terms of the GNU General Public License v2 |
| 286 |
+ |
| 287 |
+EAPI=6 |
| 288 |
+ |
| 289 |
+PYTHON_COMPAT=( python3_6 ) |
| 290 |
+ |
| 291 |
+inherit autotools ltprune multilib multilib-minimal toolchain-funcs preserve-libs python-r1 linux-info systemd usr-ldscript |
| 292 |
+ |
| 293 |
+DESCRIPTION="Userspace utilities for storing and processing auditing records" |
| 294 |
+HOMEPAGE="https://people.redhat.com/sgrubb/audit/" |
| 295 |
+SRC_URI="https://people.redhat.com/sgrubb/audit/${P}.tar.gz" |
| 296 |
+ |
| 297 |
+LICENSE="GPL-2+ LGPL-2.1+" |
| 298 |
+SLOT="0" |
| 299 |
+KEYWORDS="~alpha amd64 arm ~arm64 hppa ~ia64 ~mips ppc ppc64 s390 sparc x86" |
| 300 |
+IUSE="gssapi ldap python static-libs" |
| 301 |
+REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )" |
| 302 |
+# Testcases are pretty useless as they are built for RedHat users/groups and kernels. |
| 303 |
+RESTRICT="test" |
| 304 |
+ |
| 305 |
+RDEPEND="gssapi? ( virtual/krb5 ) |
| 306 |
+ ldap? ( net-nds/openldap ) |
| 307 |
+ sys-libs/libcap-ng |
| 308 |
+ python? ( ${PYTHON_DEPS} )" |
| 309 |
+DEPEND="${RDEPEND} |
| 310 |
+ >=sys-kernel/linux-headers-2.6.34 |
| 311 |
+ python? ( dev-lang/swig:0 )" |
| 312 |
+# Do not use os-headers as this is linux specific |
| 313 |
+ |
| 314 |
+CONFIG_CHECK="~AUDIT" |
| 315 |
+ |
| 316 |
+pkg_setup() { |
| 317 |
+ linux-info_pkg_setup |
| 318 |
+} |
| 319 |
+ |
| 320 |
+src_prepare() { |
| 321 |
+ eapply_user |
| 322 |
+ |
| 323 |
+ # Do not build GUI tools |
| 324 |
+ sed -i \ |
| 325 |
+ -e '/AC_CONFIG_SUBDIRS.*system-config-audit/d' \ |
| 326 |
+ "${S}"/configure.ac || die |
| 327 |
+ sed -i \ |
| 328 |
+ -e 's,system-config-audit,,g' \ |
| 329 |
+ "${S}"/Makefile.am || die |
| 330 |
+ rm -rf "${S}"/system-config-audit |
| 331 |
+ |
| 332 |
+ if ! use ldap; then |
| 333 |
+ sed -i \ |
| 334 |
+ -e '/^AC_OUTPUT/s,audisp/plugins/zos-remote/Makefile,,g' \ |
| 335 |
+ "${S}"/configure.ac || die |
| 336 |
+ sed -i \ |
| 337 |
+ -e '/^SUBDIRS/s,zos-remote,,g' \ |
| 338 |
+ "${S}"/audisp/plugins/Makefile.am || die |
| 339 |
+ fi |
| 340 |
+ |
| 341 |
+ # Don't build static version of Python module. |
| 342 |
+ eapply "${FILESDIR}"/${PN}-2.4.3-python.patch |
| 343 |
+ |
| 344 |
+ # glibc/kernel upstreams suck with both defining ia64_fpreg |
| 345 |
+ # This patch is a horribly workaround that is only valid as long as you |
| 346 |
+ # don't need the OTHER definitions in fpu.h. |
| 347 |
+ eapply "${FILESDIR}"/${PN}-2.1.3-ia64-compile-fix.patch |
| 348 |
+ |
| 349 |
+ # there is no --without-golang conf option |
| 350 |
+ sed -e "/^SUBDIRS =/s/ @gobind_dir@//" -i bindings/Makefile.am || die |
| 351 |
+ |
| 352 |
+ # Regenerate autotooling |
| 353 |
+ eautoreconf |
| 354 |
+} |
| 355 |
+ |
| 356 |
+multilib_src_configure() { |
| 357 |
+ local ECONF_SOURCE=${S} |
| 358 |
+ econf \ |
| 359 |
+ --sbindir="${EPREFIX}/sbin" \ |
| 360 |
+ $(use_enable gssapi gssapi-krb5) \ |
| 361 |
+ $(use_enable static-libs static) \ |
| 362 |
+ --enable-systemd \ |
| 363 |
+ --without-python \ |
| 364 |
+ --without-python3 |
| 365 |
+ |
| 366 |
+ if multilib_is_native_abi; then |
| 367 |
+ python_configure() { |
| 368 |
+ mkdir -p "${BUILD_DIR}" || die |
| 369 |
+ cd "${BUILD_DIR}" || die |
| 370 |
+ |
| 371 |
+ if python_is_python3; then |
| 372 |
+ econf --without-python --with-python3 |
| 373 |
+ else |
| 374 |
+ econf --with-python --without-python3 |
| 375 |
+ fi |
| 376 |
+ } |
| 377 |
+ |
| 378 |
+ use python && python_foreach_impl python_configure |
| 379 |
+ fi |
| 380 |
+} |
| 381 |
+ |
| 382 |
+src_configure() { |
| 383 |
+ tc-export_build_env BUILD_{CC,CPP} |
| 384 |
+ export CC_FOR_BUILD="${BUILD_CC}" |
| 385 |
+ export CPP_FOR_BUILD="${BUILD_CPP}" |
| 386 |
+ |
| 387 |
+ multilib-minimal_src_configure |
| 388 |
+} |
| 389 |
+ |
| 390 |
+multilib_src_compile() { |
| 391 |
+ if multilib_is_native_abi; then |
| 392 |
+ default |
| 393 |
+ |
| 394 |
+ python_compile() { |
| 395 |
+ local pysuffix pydef |
| 396 |
+ if python_is_python3; then |
| 397 |
+ pysuffix=3 |
| 398 |
+ pydef='USE_PYTHON3=true' |
| 399 |
+ else |
| 400 |
+ pysuffix=2 |
| 401 |
+ pydef='HAVE_PYTHON=true' |
| 402 |
+ fi |
| 403 |
+ |
| 404 |
+ emake -C "${BUILD_DIR}"/bindings/swig \ |
| 405 |
+ VPATH="${native_build}/lib" \ |
| 406 |
+ LIBS="${native_build}/lib/libaudit.la" \ |
| 407 |
+ _audit_la_LIBADD="${native_build}/lib/libaudit.la" \ |
| 408 |
+ _audit_la_DEPENDENCIES="${S}/lib/libaudit.h ${native_build}/lib/libaudit.la" \ |
| 409 |
+ ${pydef} |
| 410 |
+ emake -C "${BUILD_DIR}"/bindings/python/python${pysuffix} \ |
| 411 |
+ VPATH="${S}/bindings/python/python${pysuffix}:${native_build}/bindings/python/python${pysuffix}" \ |
| 412 |
+ auparse_la_LIBADD="${native_build}/auparse/libauparse.la ${native_build}/lib/libaudit.la" \ |
| 413 |
+ ${pydef} |
| 414 |
+ } |
| 415 |
+ |
| 416 |
+ local native_build="${BUILD_DIR}" |
| 417 |
+ use python && python_foreach_impl python_compile |
| 418 |
+ else |
| 419 |
+ emake -C lib |
| 420 |
+ emake -C auparse |
| 421 |
+ fi |
| 422 |
+} |
| 423 |
+ |
| 424 |
+multilib_src_install() { |
| 425 |
+ if multilib_is_native_abi; then |
| 426 |
+ emake DESTDIR="${D}" initdir="$(systemd_get_systemunitdir)" install |
| 427 |
+ |
| 428 |
+ python_install() { |
| 429 |
+ local pysuffix pydef |
| 430 |
+ if python_is_python3; then |
| 431 |
+ pysuffix=3 |
| 432 |
+ pydef='USE_PYTHON3=true' |
| 433 |
+ else |
| 434 |
+ pysuffix=2 |
| 435 |
+ pydef='HAVE_PYTHON=true' |
| 436 |
+ fi |
| 437 |
+ |
| 438 |
+ emake -C "${BUILD_DIR}"/bindings/swig \ |
| 439 |
+ VPATH="${native_build}/lib" \ |
| 440 |
+ LIBS="${native_build}/lib/libaudit.la" \ |
| 441 |
+ _audit_la_LIBADD="${native_build}/lib/libaudit.la" \ |
| 442 |
+ _audit_la_DEPENDENCIES="${S}/lib/libaudit.h ${native_build}/lib/libaudit.la" \ |
| 443 |
+ ${pydef} \ |
| 444 |
+ DESTDIR="${D}" install |
| 445 |
+ emake -C "${BUILD_DIR}"/bindings/python/python${pysuffix} \ |
| 446 |
+ VPATH="${S}/bindings/python/python${pysuffix}:${native_build}/bindings/python/python${pysuffix}" \ |
| 447 |
+ auparse_la_LIBADD="${native_build}/auparse/libauparse.la ${native_build}/lib/libaudit.la" \ |
| 448 |
+ ${pydef} \ |
| 449 |
+ DESTDIR="${D}" install |
| 450 |
+ } |
| 451 |
+ |
| 452 |
+ local native_build=${BUILD_DIR} |
| 453 |
+ use python && python_foreach_impl python_install |
| 454 |
+ |
| 455 |
+ # things like shadow use this so we need to be in / |
| 456 |
+ gen_usr_ldscript -a audit auparse |
| 457 |
+ else |
| 458 |
+ emake -C lib DESTDIR="${D}" install |
| 459 |
+ emake -C auparse DESTDIR="${D}" install |
| 460 |
+ fi |
| 461 |
+} |
| 462 |
+ |
| 463 |
+multilib_src_install_all() { |
| 464 |
+ dodoc AUTHORS ChangeLog README* THANKS TODO |
| 465 |
+ docinto contrib |
| 466 |
+ dodoc contrib/{avc_snap,skeleton.c} |
| 467 |
+ docinto contrib/plugin |
| 468 |
+ dodoc contrib/plugin/* |
| 469 |
+ docinto rules |
| 470 |
+ dodoc rules/* |
| 471 |
+ |
| 472 |
+ newinitd "${FILESDIR}"/auditd-init.d-2.4.3 auditd |
| 473 |
+ newconfd "${FILESDIR}"/auditd-conf.d-2.1.3 auditd |
| 474 |
+ |
| 475 |
+ chmod 644 "${D}$(systemd_get_systemunitdir)"/auditd.service || die # 556436 |
| 476 |
+ |
| 477 |
+ [ -f "${ED}"/sbin/audisp-remote ] && \ |
| 478 |
+ dodir /usr/sbin && \ |
| 479 |
+ mv "${ED}"/{sbin,usr/sbin}/audisp-remote || die |
| 480 |
+ |
| 481 |
+ # Gentoo rules |
| 482 |
+ insinto /etc/audit/ |
| 483 |
+ newins "${FILESDIR}"/audit.rules-2.1.3 audit.rules |
| 484 |
+ doins "${FILESDIR}"/audit.rules.stop* |
| 485 |
+ |
| 486 |
+ # audit logs go here |
| 487 |
+ keepdir /var/log/audit/ |
| 488 |
+ |
| 489 |
+ # Security |
| 490 |
+ lockdown_perms "${ED}" |
| 491 |
+ |
| 492 |
+ prune_libtool_files --modules |
| 493 |
+} |
| 494 |
+ |
| 495 |
+pkg_preinst() { |
| 496 |
+ # Preserve from the audit-1 series |
| 497 |
+ preserve_old_lib /$(get_libdir)/libaudit.so.0 |
| 498 |
+} |
| 499 |
+ |
| 500 |
+pkg_postinst() { |
| 501 |
+ lockdown_perms "${EROOT}" |
| 502 |
+ # Preserve from the audit-1 series |
| 503 |
+ preserve_old_lib_notify /$(get_libdir)/libaudit.so.0 |
| 504 |
+} |
| 505 |
+ |
| 506 |
+lockdown_perms() { |
| 507 |
+ # Upstream wants these to have restrictive perms. |
| 508 |
+ # Should not || die as not all paths may exist. |
| 509 |
+ local basedir="$1" |
| 510 |
+ chmod 0750 "${basedir}"/sbin/au{ditctl,report,dispd,ditd,search,trace} 2>/dev/null |
| 511 |
+ chmod 0750 "${basedir}"/var/log/audit/ 2>/dev/null |
| 512 |
+ chmod 0640 "${basedir}"/etc/{audit/,}{auditd.conf,audit.rules*} 2>/dev/null |
| 513 |
+} |
| 514 |
|
| 515 |
diff --git a/sys-process/audit/audit-2.8.2.ebuild b/sys-process/audit/audit-2.8.2.ebuild |
| 516 |
new file mode 100644 |
| 517 |
index 00000000000..6bcdd339ea4 |
| 518 |
--- /dev/null |
| 519 |
+++ b/sys-process/audit/audit-2.8.2.ebuild |
| 520 |
@@ -0,0 +1,228 @@ |
| 521 |
+# Copyright 1999-2020 Gentoo Authors |
| 522 |
+# Distributed under the terms of the GNU General Public License v2 |
| 523 |
+ |
| 524 |
+EAPI="6" |
| 525 |
+ |
| 526 |
+PYTHON_COMPAT=( python3_6 ) |
| 527 |
+ |
| 528 |
+inherit autotools multilib multilib-minimal toolchain-funcs preserve-libs python-r1 linux-info systemd usr-ldscript |
| 529 |
+ |
| 530 |
+DESCRIPTION="Userspace utilities for storing and processing auditing records" |
| 531 |
+HOMEPAGE="https://people.redhat.com/sgrubb/audit/" |
| 532 |
+SRC_URI="https://people.redhat.com/sgrubb/audit/${P}.tar.gz" |
| 533 |
+ |
| 534 |
+LICENSE="GPL-2+ LGPL-2.1+" |
| 535 |
+SLOT="0" |
| 536 |
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86" |
| 537 |
+IUSE="gssapi ldap python static-libs" |
| 538 |
+REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )" |
| 539 |
+# Testcases are pretty useless as they are built for RedHat users/groups and kernels. |
| 540 |
+RESTRICT="test" |
| 541 |
+ |
| 542 |
+RDEPEND="gssapi? ( virtual/krb5 ) |
| 543 |
+ ldap? ( net-nds/openldap ) |
| 544 |
+ sys-libs/libcap-ng |
| 545 |
+ python? ( ${PYTHON_DEPS} )" |
| 546 |
+DEPEND="${RDEPEND} |
| 547 |
+ >=sys-kernel/linux-headers-2.6.34 |
| 548 |
+ python? ( dev-lang/swig:0 )" |
| 549 |
+# Do not use os-headers as this is linux specific |
| 550 |
+ |
| 551 |
+CONFIG_CHECK="~AUDIT" |
| 552 |
+ |
| 553 |
+pkg_setup() { |
| 554 |
+ linux-info_pkg_setup |
| 555 |
+} |
| 556 |
+ |
| 557 |
+src_prepare() { |
| 558 |
+ eapply_user |
| 559 |
+ |
| 560 |
+ # Do not build GUI tools |
| 561 |
+ sed -i \ |
| 562 |
+ -e '/AC_CONFIG_SUBDIRS.*system-config-audit/d' \ |
| 563 |
+ "${S}"/configure.ac || die |
| 564 |
+ sed -i \ |
| 565 |
+ -e 's,system-config-audit,,g' \ |
| 566 |
+ "${S}"/Makefile.am || die |
| 567 |
+ rm -rf "${S}"/system-config-audit |
| 568 |
+ |
| 569 |
+ if ! use ldap; then |
| 570 |
+ sed -i \ |
| 571 |
+ -e '/^AC_OUTPUT/s,audisp/plugins/zos-remote/Makefile,,g' \ |
| 572 |
+ "${S}"/configure.ac || die |
| 573 |
+ sed -i \ |
| 574 |
+ -e '/^SUBDIRS/s,zos-remote,,g' \ |
| 575 |
+ "${S}"/audisp/plugins/Makefile.am || die |
| 576 |
+ fi |
| 577 |
+ |
| 578 |
+ # Don't build static version of Python module. |
| 579 |
+ eapply "${FILESDIR}"/${PN}-2.4.3-python.patch |
| 580 |
+ |
| 581 |
+ # glibc/kernel upstreams suck with both defining ia64_fpreg |
| 582 |
+ # This patch is a horribly workaround that is only valid as long as you |
| 583 |
+ # don't need the OTHER definitions in fpu.h. |
| 584 |
+ eapply "${FILESDIR}"/${PN}-2.1.3-ia64-compile-fix.patch |
| 585 |
+ |
| 586 |
+ # there is no --without-golang conf option |
| 587 |
+ sed -e "/^SUBDIRS =/s/ @gobind_dir@//" -i bindings/Makefile.am || die |
| 588 |
+ |
| 589 |
+ # Regenerate autotooling |
| 590 |
+ eautoreconf |
| 591 |
+} |
| 592 |
+ |
| 593 |
+multilib_src_configure() { |
| 594 |
+ local ECONF_SOURCE=${S} |
| 595 |
+ econf \ |
| 596 |
+ --sbindir="${EPREFIX}/sbin" \ |
| 597 |
+ $(use_enable gssapi gssapi-krb5) \ |
| 598 |
+ $(use_enable static-libs static) \ |
| 599 |
+ --enable-systemd \ |
| 600 |
+ --without-python \ |
| 601 |
+ --without-python3 |
| 602 |
+ |
| 603 |
+ if multilib_is_native_abi; then |
| 604 |
+ python_configure() { |
| 605 |
+ mkdir -p "${BUILD_DIR}" || die |
| 606 |
+ cd "${BUILD_DIR}" || die |
| 607 |
+ |
| 608 |
+ if python_is_python3; then |
| 609 |
+ econf --without-python --with-python3 |
| 610 |
+ else |
| 611 |
+ econf --with-python --without-python3 |
| 612 |
+ fi |
| 613 |
+ } |
| 614 |
+ |
| 615 |
+ use python && python_foreach_impl python_configure |
| 616 |
+ fi |
| 617 |
+} |
| 618 |
+ |
| 619 |
+src_configure() { |
| 620 |
+ tc-export_build_env BUILD_{CC,CPP} |
| 621 |
+ export CC_FOR_BUILD="${BUILD_CC}" |
| 622 |
+ export CPP_FOR_BUILD="${BUILD_CPP}" |
| 623 |
+ |
| 624 |
+ multilib-minimal_src_configure |
| 625 |
+} |
| 626 |
+ |
| 627 |
+multilib_src_compile() { |
| 628 |
+ if multilib_is_native_abi; then |
| 629 |
+ default |
| 630 |
+ |
| 631 |
+ python_compile() { |
| 632 |
+ local pysuffix pydef |
| 633 |
+ if python_is_python3; then |
| 634 |
+ pysuffix=3 |
| 635 |
+ pydef='USE_PYTHON3=true' |
| 636 |
+ else |
| 637 |
+ pysuffix=2 |
| 638 |
+ pydef='HAVE_PYTHON=true' |
| 639 |
+ fi |
| 640 |
+ |
| 641 |
+ emake -C "${BUILD_DIR}"/bindings/swig \ |
| 642 |
+ VPATH="${native_build}/lib" \ |
| 643 |
+ LIBS="${native_build}/lib/libaudit.la" \ |
| 644 |
+ _audit_la_LIBADD="${native_build}/lib/libaudit.la" \ |
| 645 |
+ _audit_la_DEPENDENCIES="${S}/lib/libaudit.h ${native_build}/lib/libaudit.la" \ |
| 646 |
+ ${pydef} |
| 647 |
+ emake -C "${BUILD_DIR}"/bindings/python/python${pysuffix} \ |
| 648 |
+ VPATH="${S}/bindings/python/python${pysuffix}:${native_build}/bindings/python/python${pysuffix}" \ |
| 649 |
+ auparse_la_LIBADD="${native_build}/auparse/libauparse.la ${native_build}/lib/libaudit.la" \ |
| 650 |
+ ${pydef} |
| 651 |
+ } |
| 652 |
+ |
| 653 |
+ local native_build="${BUILD_DIR}" |
| 654 |
+ use python && python_foreach_impl python_compile |
| 655 |
+ else |
| 656 |
+ emake -C lib |
| 657 |
+ emake -C auparse |
| 658 |
+ fi |
| 659 |
+} |
| 660 |
+ |
| 661 |
+multilib_src_install() { |
| 662 |
+ if multilib_is_native_abi; then |
| 663 |
+ emake DESTDIR="${D}" initdir="$(systemd_get_systemunitdir)" install |
| 664 |
+ |
| 665 |
+ python_install() { |
| 666 |
+ local pysuffix pydef |
| 667 |
+ if python_is_python3; then |
| 668 |
+ pysuffix=3 |
| 669 |
+ pydef='USE_PYTHON3=true' |
| 670 |
+ else |
| 671 |
+ pysuffix=2 |
| 672 |
+ pydef='HAVE_PYTHON=true' |
| 673 |
+ fi |
| 674 |
+ |
| 675 |
+ emake -C "${BUILD_DIR}"/bindings/swig \ |
| 676 |
+ VPATH="${native_build}/lib" \ |
| 677 |
+ LIBS="${native_build}/lib/libaudit.la" \ |
| 678 |
+ _audit_la_LIBADD="${native_build}/lib/libaudit.la" \ |
| 679 |
+ _audit_la_DEPENDENCIES="${S}/lib/libaudit.h ${native_build}/lib/libaudit.la" \ |
| 680 |
+ ${pydef} \ |
| 681 |
+ DESTDIR="${D}" install |
| 682 |
+ emake -C "${BUILD_DIR}"/bindings/python/python${pysuffix} \ |
| 683 |
+ VPATH="${S}/bindings/python/python${pysuffix}:${native_build}/bindings/python/python${pysuffix}" \ |
| 684 |
+ auparse_la_LIBADD="${native_build}/auparse/libauparse.la ${native_build}/lib/libaudit.la" \ |
| 685 |
+ ${pydef} \ |
| 686 |
+ DESTDIR="${D}" install |
| 687 |
+ } |
| 688 |
+ |
| 689 |
+ local native_build=${BUILD_DIR} |
| 690 |
+ use python && python_foreach_impl python_install |
| 691 |
+ |
| 692 |
+ # things like shadow use this so we need to be in / |
| 693 |
+ gen_usr_ldscript -a audit auparse |
| 694 |
+ else |
| 695 |
+ emake -C lib DESTDIR="${D}" install |
| 696 |
+ emake -C auparse DESTDIR="${D}" install |
| 697 |
+ fi |
| 698 |
+} |
| 699 |
+ |
| 700 |
+multilib_src_install_all() { |
| 701 |
+ dodoc AUTHORS ChangeLog README* THANKS TODO |
| 702 |
+ docinto contrib |
| 703 |
+ dodoc contrib/{avc_snap,skeleton.c} |
| 704 |
+ docinto contrib/plugin |
| 705 |
+ dodoc contrib/plugin/* |
| 706 |
+ docinto rules |
| 707 |
+ dodoc rules/* |
| 708 |
+ |
| 709 |
+ newinitd "${FILESDIR}"/auditd-init.d-2.4.3 auditd |
| 710 |
+ newconfd "${FILESDIR}"/auditd-conf.d-2.1.3 auditd |
| 711 |
+ |
| 712 |
+ [ -f "${ED}"/sbin/audisp-remote ] && \ |
| 713 |
+ dodir /usr/sbin && \ |
| 714 |
+ mv "${ED}"/{sbin,usr/sbin}/audisp-remote || die |
| 715 |
+ |
| 716 |
+ # Gentoo rules |
| 717 |
+ insinto /etc/audit/ |
| 718 |
+ newins "${FILESDIR}"/audit.rules-2.1.3 audit.rules |
| 719 |
+ doins "${FILESDIR}"/audit.rules.stop* |
| 720 |
+ |
| 721 |
+ # audit logs go here |
| 722 |
+ keepdir /var/log/audit/ |
| 723 |
+ |
| 724 |
+ find "${D}" -name '*.la' -delete || die |
| 725 |
+ |
| 726 |
+ # Security |
| 727 |
+ lockdown_perms "${ED}" |
| 728 |
+} |
| 729 |
+ |
| 730 |
+pkg_preinst() { |
| 731 |
+ # Preserve from the audit-1 series |
| 732 |
+ preserve_old_lib /$(get_libdir)/libaudit.so.0 |
| 733 |
+} |
| 734 |
+ |
| 735 |
+pkg_postinst() { |
| 736 |
+ lockdown_perms "${EROOT}" |
| 737 |
+ # Preserve from the audit-1 series |
| 738 |
+ preserve_old_lib_notify /$(get_libdir)/libaudit.so.0 |
| 739 |
+} |
| 740 |
+ |
| 741 |
+lockdown_perms() { |
| 742 |
+ # Upstream wants these to have restrictive perms. |
| 743 |
+ # Should not || die as not all paths may exist. |
| 744 |
+ local basedir="$1" |
| 745 |
+ chmod 0750 "${basedir}"/sbin/au{ditctl,report,dispd,ditd,search,trace} 2>/dev/null |
| 746 |
+ chmod 0750 "${basedir}"/var/log/audit/ 2>/dev/null |
| 747 |
+ chmod 0640 "${basedir}"/etc/{audit/,}{auditd.conf,audit.rules*} 2>/dev/null |
| 748 |
+} |
| 749 |
|
| 750 |
diff --git a/sys-process/audit/audit-2.8.3.ebuild b/sys-process/audit/audit-2.8.3.ebuild |
| 751 |
new file mode 100644 |
| 752 |
index 00000000000..64b55ec39e2 |
| 753 |
--- /dev/null |
| 754 |
+++ b/sys-process/audit/audit-2.8.3.ebuild |
| 755 |
@@ -0,0 +1,228 @@ |
| 756 |
+# Copyright 1999-2020 Gentoo Authors |
| 757 |
+# Distributed under the terms of the GNU General Public License v2 |
| 758 |
+ |
| 759 |
+EAPI="6" |
| 760 |
+ |
| 761 |
+PYTHON_COMPAT=( python3_6 ) |
| 762 |
+ |
| 763 |
+inherit autotools multilib multilib-minimal toolchain-funcs preserve-libs python-r1 linux-info systemd usr-ldscript |
| 764 |
+ |
| 765 |
+DESCRIPTION="Userspace utilities for storing and processing auditing records" |
| 766 |
+HOMEPAGE="https://people.redhat.com/sgrubb/audit/" |
| 767 |
+SRC_URI="https://people.redhat.com/sgrubb/audit/${P}.tar.gz" |
| 768 |
+ |
| 769 |
+LICENSE="GPL-2+ LGPL-2.1+" |
| 770 |
+SLOT="0" |
| 771 |
+KEYWORDS="~alpha amd64 arm ~arm64 hppa ~ia64 ~mips ppc ppc64 s390 sparc x86" |
| 772 |
+IUSE="gssapi ldap python static-libs" |
| 773 |
+REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )" |
| 774 |
+# Testcases are pretty useless as they are built for RedHat users/groups and kernels. |
| 775 |
+RESTRICT="test" |
| 776 |
+ |
| 777 |
+RDEPEND="gssapi? ( virtual/krb5 ) |
| 778 |
+ ldap? ( net-nds/openldap ) |
| 779 |
+ sys-libs/libcap-ng |
| 780 |
+ python? ( ${PYTHON_DEPS} )" |
| 781 |
+DEPEND="${RDEPEND} |
| 782 |
+ >=sys-kernel/linux-headers-2.6.34 |
| 783 |
+ python? ( dev-lang/swig:0 )" |
| 784 |
+# Do not use os-headers as this is linux specific |
| 785 |
+ |
| 786 |
+CONFIG_CHECK="~AUDIT" |
| 787 |
+ |
| 788 |
+pkg_setup() { |
| 789 |
+ linux-info_pkg_setup |
| 790 |
+} |
| 791 |
+ |
| 792 |
+src_prepare() { |
| 793 |
+ eapply_user |
| 794 |
+ |
| 795 |
+ # Do not build GUI tools |
| 796 |
+ sed -i \ |
| 797 |
+ -e '/AC_CONFIG_SUBDIRS.*system-config-audit/d' \ |
| 798 |
+ "${S}"/configure.ac || die |
| 799 |
+ sed -i \ |
| 800 |
+ -e 's,system-config-audit,,g' \ |
| 801 |
+ "${S}"/Makefile.am || die |
| 802 |
+ rm -rf "${S}"/system-config-audit |
| 803 |
+ |
| 804 |
+ if ! use ldap; then |
| 805 |
+ sed -i \ |
| 806 |
+ -e '/^AC_OUTPUT/s,audisp/plugins/zos-remote/Makefile,,g' \ |
| 807 |
+ "${S}"/configure.ac || die |
| 808 |
+ sed -i \ |
| 809 |
+ -e '/^SUBDIRS/s,zos-remote,,g' \ |
| 810 |
+ "${S}"/audisp/plugins/Makefile.am || die |
| 811 |
+ fi |
| 812 |
+ |
| 813 |
+ # Don't build static version of Python module. |
| 814 |
+ eapply "${FILESDIR}"/${PN}-2.4.3-python.patch |
| 815 |
+ |
| 816 |
+ # glibc/kernel upstreams suck with both defining ia64_fpreg |
| 817 |
+ # This patch is a horribly workaround that is only valid as long as you |
| 818 |
+ # don't need the OTHER definitions in fpu.h. |
| 819 |
+ eapply "${FILESDIR}"/${PN}-2.1.3-ia64-compile-fix.patch |
| 820 |
+ |
| 821 |
+ # there is no --without-golang conf option |
| 822 |
+ sed -e "/^SUBDIRS =/s/ @gobind_dir@//" -i bindings/Makefile.am || die |
| 823 |
+ |
| 824 |
+ # Regenerate autotooling |
| 825 |
+ eautoreconf |
| 826 |
+} |
| 827 |
+ |
| 828 |
+multilib_src_configure() { |
| 829 |
+ local ECONF_SOURCE=${S} |
| 830 |
+ econf \ |
| 831 |
+ --sbindir="${EPREFIX}/sbin" \ |
| 832 |
+ $(use_enable gssapi gssapi-krb5) \ |
| 833 |
+ $(use_enable static-libs static) \ |
| 834 |
+ --enable-systemd \ |
| 835 |
+ --without-python \ |
| 836 |
+ --without-python3 |
| 837 |
+ |
| 838 |
+ if multilib_is_native_abi; then |
| 839 |
+ python_configure() { |
| 840 |
+ mkdir -p "${BUILD_DIR}" || die |
| 841 |
+ cd "${BUILD_DIR}" || die |
| 842 |
+ |
| 843 |
+ if python_is_python3; then |
| 844 |
+ econf --without-python --with-python3 |
| 845 |
+ else |
| 846 |
+ econf --with-python --without-python3 |
| 847 |
+ fi |
| 848 |
+ } |
| 849 |
+ |
| 850 |
+ use python && python_foreach_impl python_configure |
| 851 |
+ fi |
| 852 |
+} |
| 853 |
+ |
| 854 |
+src_configure() { |
| 855 |
+ tc-export_build_env BUILD_{CC,CPP} |
| 856 |
+ export CC_FOR_BUILD="${BUILD_CC}" |
| 857 |
+ export CPP_FOR_BUILD="${BUILD_CPP}" |
| 858 |
+ |
| 859 |
+ multilib-minimal_src_configure |
| 860 |
+} |
| 861 |
+ |
| 862 |
+multilib_src_compile() { |
| 863 |
+ if multilib_is_native_abi; then |
| 864 |
+ default |
| 865 |
+ |
| 866 |
+ python_compile() { |
| 867 |
+ local pysuffix pydef |
| 868 |
+ if python_is_python3; then |
| 869 |
+ pysuffix=3 |
| 870 |
+ pydef='USE_PYTHON3=true' |
| 871 |
+ else |
| 872 |
+ pysuffix=2 |
| 873 |
+ pydef='HAVE_PYTHON=true' |
| 874 |
+ fi |
| 875 |
+ |
| 876 |
+ emake -C "${BUILD_DIR}"/bindings/swig \ |
| 877 |
+ VPATH="${native_build}/lib" \ |
| 878 |
+ LIBS="${native_build}/lib/libaudit.la" \ |
| 879 |
+ _audit_la_LIBADD="${native_build}/lib/libaudit.la" \ |
| 880 |
+ _audit_la_DEPENDENCIES="${S}/lib/libaudit.h ${native_build}/lib/libaudit.la" \ |
| 881 |
+ ${pydef} |
| 882 |
+ emake -C "${BUILD_DIR}"/bindings/python/python${pysuffix} \ |
| 883 |
+ VPATH="${S}/bindings/python/python${pysuffix}:${native_build}/bindings/python/python${pysuffix}" \ |
| 884 |
+ auparse_la_LIBADD="${native_build}/auparse/libauparse.la ${native_build}/lib/libaudit.la" \ |
| 885 |
+ ${pydef} |
| 886 |
+ } |
| 887 |
+ |
| 888 |
+ local native_build="${BUILD_DIR}" |
| 889 |
+ use python && python_foreach_impl python_compile |
| 890 |
+ else |
| 891 |
+ emake -C lib |
| 892 |
+ emake -C auparse |
| 893 |
+ fi |
| 894 |
+} |
| 895 |
+ |
| 896 |
+multilib_src_install() { |
| 897 |
+ if multilib_is_native_abi; then |
| 898 |
+ emake DESTDIR="${D}" initdir="$(systemd_get_systemunitdir)" install |
| 899 |
+ |
| 900 |
+ python_install() { |
| 901 |
+ local pysuffix pydef |
| 902 |
+ if python_is_python3; then |
| 903 |
+ pysuffix=3 |
| 904 |
+ pydef='USE_PYTHON3=true' |
| 905 |
+ else |
| 906 |
+ pysuffix=2 |
| 907 |
+ pydef='HAVE_PYTHON=true' |
| 908 |
+ fi |
| 909 |
+ |
| 910 |
+ emake -C "${BUILD_DIR}"/bindings/swig \ |
| 911 |
+ VPATH="${native_build}/lib" \ |
| 912 |
+ LIBS="${native_build}/lib/libaudit.la" \ |
| 913 |
+ _audit_la_LIBADD="${native_build}/lib/libaudit.la" \ |
| 914 |
+ _audit_la_DEPENDENCIES="${S}/lib/libaudit.h ${native_build}/lib/libaudit.la" \ |
| 915 |
+ ${pydef} \ |
| 916 |
+ DESTDIR="${D}" install |
| 917 |
+ emake -C "${BUILD_DIR}"/bindings/python/python${pysuffix} \ |
| 918 |
+ VPATH="${S}/bindings/python/python${pysuffix}:${native_build}/bindings/python/python${pysuffix}" \ |
| 919 |
+ auparse_la_LIBADD="${native_build}/auparse/libauparse.la ${native_build}/lib/libaudit.la" \ |
| 920 |
+ ${pydef} \ |
| 921 |
+ DESTDIR="${D}" install |
| 922 |
+ } |
| 923 |
+ |
| 924 |
+ local native_build=${BUILD_DIR} |
| 925 |
+ use python && python_foreach_impl python_install |
| 926 |
+ |
| 927 |
+ # things like shadow use this so we need to be in / |
| 928 |
+ gen_usr_ldscript -a audit auparse |
| 929 |
+ else |
| 930 |
+ emake -C lib DESTDIR="${D}" install |
| 931 |
+ emake -C auparse DESTDIR="${D}" install |
| 932 |
+ fi |
| 933 |
+} |
| 934 |
+ |
| 935 |
+multilib_src_install_all() { |
| 936 |
+ dodoc AUTHORS ChangeLog README* THANKS TODO |
| 937 |
+ docinto contrib |
| 938 |
+ dodoc contrib/{avc_snap,skeleton.c} |
| 939 |
+ docinto contrib/plugin |
| 940 |
+ dodoc contrib/plugin/* |
| 941 |
+ docinto rules |
| 942 |
+ dodoc rules/* |
| 943 |
+ |
| 944 |
+ newinitd "${FILESDIR}"/auditd-init.d-2.4.3 auditd |
| 945 |
+ newconfd "${FILESDIR}"/auditd-conf.d-2.1.3 auditd |
| 946 |
+ |
| 947 |
+ [ -f "${ED}"/sbin/audisp-remote ] && \ |
| 948 |
+ dodir /usr/sbin && \ |
| 949 |
+ mv "${ED}"/{sbin,usr/sbin}/audisp-remote || die |
| 950 |
+ |
| 951 |
+ # Gentoo rules |
| 952 |
+ insinto /etc/audit/ |
| 953 |
+ newins "${FILESDIR}"/audit.rules-2.1.3 audit.rules |
| 954 |
+ doins "${FILESDIR}"/audit.rules.stop* |
| 955 |
+ |
| 956 |
+ # audit logs go here |
| 957 |
+ keepdir /var/log/audit/ |
| 958 |
+ |
| 959 |
+ find "${D}" -name '*.la' -delete || die |
| 960 |
+ |
| 961 |
+ # Security |
| 962 |
+ lockdown_perms "${ED}" |
| 963 |
+} |
| 964 |
+ |
| 965 |
+pkg_preinst() { |
| 966 |
+ # Preserve from the audit-1 series |
| 967 |
+ preserve_old_lib /$(get_libdir)/libaudit.so.0 |
| 968 |
+} |
| 969 |
+ |
| 970 |
+pkg_postinst() { |
| 971 |
+ lockdown_perms "${EROOT}" |
| 972 |
+ # Preserve from the audit-1 series |
| 973 |
+ preserve_old_lib_notify /$(get_libdir)/libaudit.so.0 |
| 974 |
+} |
| 975 |
+ |
| 976 |
+lockdown_perms() { |
| 977 |
+ # Upstream wants these to have restrictive perms. |
| 978 |
+ # Should not || die as not all paths may exist. |
| 979 |
+ local basedir="$1" |
| 980 |
+ chmod 0750 "${basedir}"/sbin/au{ditctl,report,dispd,ditd,search,trace} 2>/dev/null |
| 981 |
+ chmod 0750 "${basedir}"/var/log/audit/ 2>/dev/null |
| 982 |
+ chmod 0640 "${basedir}"/etc/{audit/,}{auditd.conf,audit.rules*} 2>/dev/null |
| 983 |
+} |
| 984 |
|
| 985 |
diff --git a/sys-process/audit/files/audit-2.1.3-ia64-compile-fix.patch b/sys-process/audit/files/audit-2.1.3-ia64-compile-fix.patch |
| 986 |
new file mode 100644 |
| 987 |
index 00000000000..3ec60fbc48e |
| 988 |
--- /dev/null |
| 989 |
+++ b/sys-process/audit/files/audit-2.1.3-ia64-compile-fix.patch |
| 990 |
@@ -0,0 +1,212 @@ |
| 991 |
+diff -Nuar -X exclude audit-2.1.3.orig/configure.ac audit-2.1.3/configure.ac |
| 992 |
+--- audit-2.1.3.orig/configure.ac 2011-08-15 17:30:58.000000000 +0000 |
| 993 |
++++ audit-2.1.3/configure.ac 2012-12-18 20:03:22.000000000 +0000 |
| 994 |
+@@ -79,6 +79,9 @@ |
| 995 |
+ esac |
| 996 |
+ fi |
| 997 |
+ |
| 998 |
++AC_CHECK_HEADER([asm/ptrace.h], [AC_DEFINE([HAVE_ASM_PTRACE_H],[],[Define to 1 if you have asm/ptrace.h])], []) |
| 999 |
++AC_CHECK_HEADER([linux/ptrace.h], [AC_DEFINE([HAVE_LINUX_PTRACE_H],[],[Define to 1 if you have linux/ptrace.h])], []) |
| 1000 |
++ |
| 1001 |
+ #gssapi |
| 1002 |
+ AC_ARG_ENABLE(gssapi_krb5, |
| 1003 |
+ [AS_HELP_STRING([--enable-gssapi-krb5],[Enable GSSAPI Kerberos 5 support @<:@default=no@:>@])], |
| 1004 |
+diff -Nuar -X exclude audit-2.1.3.orig/src/auditctl.c audit-2.1.3/src/auditctl.c |
| 1005 |
+--- audit-2.1.3.orig/src/auditctl.c 2011-08-15 17:31:00.000000000 +0000 |
| 1006 |
++++ audit-2.1.3/src/auditctl.c 2012-12-18 20:21:21.000000000 +0000 |
| 1007 |
+@@ -22,6 +22,7 @@ |
| 1008 |
+ */ |
| 1009 |
+ |
| 1010 |
+ #include "config.h" |
| 1011 |
++#include "fixup.h" |
| 1012 |
+ #include <stdio.h> |
| 1013 |
+ #include <stdlib.h> |
| 1014 |
+ #include <string.h> /* strdup needs xopen define */ |
| 1015 |
+diff -Nuar -X exclude audit-2.1.3.orig/src/auditd-config.c audit-2.1.3/src/auditd-config.c |
| 1016 |
+--- audit-2.1.3.orig/src/auditd-config.c 2011-08-15 17:31:00.000000000 +0000 |
| 1017 |
++++ audit-2.1.3/src/auditd-config.c 2012-12-18 20:21:23.000000000 +0000 |
| 1018 |
+@@ -22,6 +22,7 @@ |
| 1019 |
+ */ |
| 1020 |
+ |
| 1021 |
+ #include "config.h" |
| 1022 |
++#include "fixup.h" |
| 1023 |
+ #include <stdio.h> |
| 1024 |
+ #include <unistd.h> |
| 1025 |
+ #include <sys/stat.h> |
| 1026 |
+diff -Nuar -X exclude audit-2.1.3.orig/src/auditd-dispatch.c audit-2.1.3/src/auditd-dispatch.c |
| 1027 |
+--- audit-2.1.3.orig/src/auditd-dispatch.c 2011-08-15 17:31:00.000000000 +0000 |
| 1028 |
++++ audit-2.1.3/src/auditd-dispatch.c 2012-12-18 20:21:27.000000000 +0000 |
| 1029 |
+@@ -22,6 +22,7 @@ |
| 1030 |
+ */ |
| 1031 |
+ |
| 1032 |
+ #include "config.h" |
| 1033 |
++#include "fixup.h" |
| 1034 |
+ #include <unistd.h> |
| 1035 |
+ #include <sys/uio.h> |
| 1036 |
+ #include <fcntl.h> |
| 1037 |
+diff -Nuar -X exclude audit-2.1.3.orig/src/auditd-event.c audit-2.1.3/src/auditd-event.c |
| 1038 |
+--- audit-2.1.3.orig/src/auditd-event.c 2011-08-15 17:31:00.000000000 +0000 |
| 1039 |
++++ audit-2.1.3/src/auditd-event.c 2012-12-18 20:21:29.000000000 +0000 |
| 1040 |
+@@ -22,6 +22,7 @@ |
| 1041 |
+ */ |
| 1042 |
+ |
| 1043 |
+ #include "config.h" |
| 1044 |
++#include "fixup.h" |
| 1045 |
+ #include <stdio.h> |
| 1046 |
+ #include <stdlib.h> |
| 1047 |
+ #include <unistd.h> |
| 1048 |
+diff -Nuar -X exclude audit-2.1.3.orig/src/auditd-listen.c audit-2.1.3/src/auditd-listen.c |
| 1049 |
+--- audit-2.1.3.orig/src/auditd-listen.c 2011-08-15 17:31:00.000000000 +0000 |
| 1050 |
++++ audit-2.1.3/src/auditd-listen.c 2012-12-18 20:21:31.000000000 +0000 |
| 1051 |
+@@ -22,6 +22,7 @@ |
| 1052 |
+ */ |
| 1053 |
+ |
| 1054 |
+ #include "config.h" |
| 1055 |
++#include "fixup.h" |
| 1056 |
+ #include <stdio.h> |
| 1057 |
+ #include <unistd.h> |
| 1058 |
+ #include <sys/stat.h> |
| 1059 |
+diff -Nuar -X exclude audit-2.1.3.orig/src/auditd-reconfig.c audit-2.1.3/src/auditd-reconfig.c |
| 1060 |
+--- audit-2.1.3.orig/src/auditd-reconfig.c 2011-08-15 17:31:00.000000000 +0000 |
| 1061 |
++++ audit-2.1.3/src/auditd-reconfig.c 2012-12-18 20:21:33.000000000 +0000 |
| 1062 |
+@@ -22,6 +22,7 @@ |
| 1063 |
+ */ |
| 1064 |
+ |
| 1065 |
+ #include "config.h" |
| 1066 |
++#include "fixup.h" |
| 1067 |
+ #include <pthread.h> |
| 1068 |
+ #include <signal.h> |
| 1069 |
+ #include <stdlib.h> |
| 1070 |
+diff -Nuar -X exclude audit-2.1.3.orig/src/auditd-sendmail.c audit-2.1.3/src/auditd-sendmail.c |
| 1071 |
+--- audit-2.1.3.orig/src/auditd-sendmail.c 2011-08-15 17:31:00.000000000 +0000 |
| 1072 |
++++ audit-2.1.3/src/auditd-sendmail.c 2012-12-18 20:21:34.000000000 +0000 |
| 1073 |
+@@ -22,6 +22,7 @@ |
| 1074 |
+ */ |
| 1075 |
+ |
| 1076 |
+ #include "config.h" |
| 1077 |
++#include "fixup.h" |
| 1078 |
+ #include <stdio.h> |
| 1079 |
+ #include <unistd.h> // for access() |
| 1080 |
+ #include <string.h> |
| 1081 |
+diff -Nuar -X exclude audit-2.1.3.orig/src/auditd.c audit-2.1.3/src/auditd.c |
| 1082 |
+--- audit-2.1.3.orig/src/auditd.c 2011-08-15 17:31:00.000000000 +0000 |
| 1083 |
++++ audit-2.1.3/src/auditd.c 2012-12-18 20:21:38.000000000 +0000 |
| 1084 |
+@@ -22,6 +22,7 @@ |
| 1085 |
+ */ |
| 1086 |
+ |
| 1087 |
+ #include "config.h" |
| 1088 |
++#include "fixup.h" |
| 1089 |
+ #include <stdio.h> |
| 1090 |
+ #include <sys/types.h> |
| 1091 |
+ #include <unistd.h> |
| 1092 |
+diff -Nuar -X exclude audit-2.1.3.orig/src/autrace.c audit-2.1.3/src/autrace.c |
| 1093 |
+--- audit-2.1.3.orig/src/autrace.c 2011-08-15 17:31:00.000000000 +0000 |
| 1094 |
++++ audit-2.1.3/src/autrace.c 2012-12-18 20:21:43.000000000 +0000 |
| 1095 |
+@@ -21,6 +21,7 @@ |
| 1096 |
+ */ |
| 1097 |
+ |
| 1098 |
+ #include "config.h" |
| 1099 |
++#include "fixup.h" |
| 1100 |
+ #include <stdio.h> |
| 1101 |
+ #include <string.h> |
| 1102 |
+ #include <sys/wait.h> |
| 1103 |
+diff -Nuar -X exclude audit-2.1.3.orig/src/delete_all.c audit-2.1.3/src/delete_all.c |
| 1104 |
+--- audit-2.1.3.orig/src/delete_all.c 2011-08-15 17:31:00.000000000 +0000 |
| 1105 |
++++ audit-2.1.3/src/delete_all.c 2012-12-18 20:21:48.000000000 +0000 |
| 1106 |
+@@ -20,6 +20,7 @@ |
| 1107 |
+ * Steve Grubb <sgrubb@××××××.com> |
| 1108 |
+ */ |
| 1109 |
+ #include "config.h" |
| 1110 |
++#include "fixup.h" |
| 1111 |
+ #include <stdio.h> |
| 1112 |
+ #include <string.h> |
| 1113 |
+ #include <errno.h> |
| 1114 |
+diff -Nuar -X exclude audit-2.1.3.orig/lib/fixup.h audit-2.1.3/lib/fixup.h |
| 1115 |
+--- audit-2.1.3.orig/lib/fixup.h 1970-01-01 00:00:00.000000000 +0000 |
| 1116 |
++++ audit-2.1.3/lib/fixup.h 2012-12-18 20:21:02.000000000 +0000 |
| 1117 |
+@@ -0,0 +1,17 @@ |
| 1118 |
++#ifndef _AUDIT_IA64_FIXUP_H_ |
| 1119 |
++#define _AUDIT_IA64_FIXUP_H_ |
| 1120 |
++ |
| 1121 |
++#ifdef __ia64__ /* what a pos */ |
| 1122 |
++# include <linux/types.h> |
| 1123 |
++# define _ASM_IA64_FPU_H |
| 1124 |
++#endif |
| 1125 |
++#include <signal.h> |
| 1126 |
++/* |
| 1127 |
++#ifdef HAVE_ASM_PTRACE_H |
| 1128 |
++# include <asm/ptrace.h> |
| 1129 |
++#endif |
| 1130 |
++#ifdef HAVE_LINUX_PTRACE_H |
| 1131 |
++# include <linux/ptrace.h> |
| 1132 |
++#endif |
| 1133 |
++*/ |
| 1134 |
++#endif |
| 1135 |
+--- audit-2.1.3/src/ausearch.c 2012-12-22 03:09:54.000000000 +0000 |
| 1136 |
++++ audit-2.1.3/src/ausearch.c 2012-12-22 03:10:02.000000000 +0000 |
| 1137 |
+@@ -22,6 +22,7 @@ |
| 1138 |
+ */ |
| 1139 |
+ |
| 1140 |
+ #include "config.h" |
| 1141 |
++#include "fixup.h" |
| 1142 |
+ #include <stdio.h> |
| 1143 |
+ #include <stdio_ext.h> |
| 1144 |
+ #include <string.h> |
| 1145 |
+diff -Nuar audit-2.1.3.orig/audisp/audispd.c audit-2.1.3/audisp/audispd.c |
| 1146 |
+--- audit-2.1.3.orig/audisp/audispd.c 2011-08-15 17:30:59.000000000 +0000 |
| 1147 |
++++ audit-2.1.3/audisp/audispd.c 2012-12-22 03:25:15.000000000 +0000 |
| 1148 |
+@@ -21,6 +21,7 @@ |
| 1149 |
+ */ |
| 1150 |
+ |
| 1151 |
+ #include "config.h" |
| 1152 |
++#include "fixup.h" |
| 1153 |
+ #include <stdio.h> |
| 1154 |
+ #include <unistd.h> |
| 1155 |
+ #include <stdlib.h> |
| 1156 |
+diff -Nuar audit-2.1.3.orig/audisp/plugins/prelude/audisp-prelude.c audit-2.1.3/audisp/plugins/prelude/audisp-prelude.c |
| 1157 |
+--- audit-2.1.3.orig/audisp/plugins/prelude/audisp-prelude.c 2011-08-15 17:30:59.000000000 +0000 |
| 1158 |
++++ audit-2.1.3/audisp/plugins/prelude/audisp-prelude.c 2012-12-22 03:25:20.000000000 +0000 |
| 1159 |
+@@ -21,6 +21,8 @@ |
| 1160 |
+ * |
| 1161 |
+ */ |
| 1162 |
+ |
| 1163 |
++#include "config.h" |
| 1164 |
++#include "fixup.h" |
| 1165 |
+ #include <stdio.h> |
| 1166 |
+ #include <stdlib.h> |
| 1167 |
+ #include <signal.h> |
| 1168 |
+diff -Nuar audit-2.1.3.orig/audisp/plugins/remote/audisp-remote.c audit-2.1.3/audisp/plugins/remote/audisp-remote.c |
| 1169 |
+--- audit-2.1.3.orig/audisp/plugins/remote/audisp-remote.c 2011-08-15 17:30:59.000000000 +0000 |
| 1170 |
++++ audit-2.1.3/audisp/plugins/remote/audisp-remote.c 2012-12-22 03:25:22.000000000 +0000 |
| 1171 |
+@@ -22,6 +22,7 @@ |
| 1172 |
+ */ |
| 1173 |
+ |
| 1174 |
+ #include "config.h" |
| 1175 |
++#include "fixup.h" |
| 1176 |
+ #include <stdio.h> |
| 1177 |
+ #include <signal.h> |
| 1178 |
+ #include <syslog.h> |
| 1179 |
+diff -Nuar audit-2.1.3.orig/contrib/plugin/audisp-example.c audit-2.1.3/contrib/plugin/audisp-example.c |
| 1180 |
+--- audit-2.1.3.orig/contrib/plugin/audisp-example.c 2011-08-15 17:31:02.000000000 +0000 |
| 1181 |
++++ audit-2.1.3/contrib/plugin/audisp-example.c 2012-12-22 03:25:27.000000000 +0000 |
| 1182 |
+@@ -37,6 +37,8 @@ |
| 1183 |
+ */ |
| 1184 |
+ |
| 1185 |
+ #define _GNU_SOURCE |
| 1186 |
++#include "config.h" |
| 1187 |
++#include "fixup.h" |
| 1188 |
+ #include <stdio.h> |
| 1189 |
+ #include <signal.h> |
| 1190 |
+ #include <string.h> |
| 1191 |
+diff -Nuar audit-2.1.3.orig/contrib/skeleton.c audit-2.1.3/contrib/skeleton.c |
| 1192 |
+--- audit-2.1.3.orig/contrib/skeleton.c 2011-08-15 17:31:02.000000000 +0000 |
| 1193 |
++++ audit-2.1.3/contrib/skeleton.c 2012-12-22 03:25:40.000000000 +0000 |
| 1194 |
+@@ -7,6 +7,8 @@ |
| 1195 |
+ * gcc skeleton.c -o skeleton -laudit |
| 1196 |
+ */ |
| 1197 |
+ |
| 1198 |
++#include "config.h" |
| 1199 |
++#include "fixup.h" |
| 1200 |
+ #include <stdio.h> |
| 1201 |
+ #include <sys/types.h> |
| 1202 |
+ #include <sys/uio.h> |
| 1203 |
|
| 1204 |
diff --git a/sys-process/audit/files/audit.rules b/sys-process/audit/files/audit.rules |
| 1205 |
new file mode 100644 |
| 1206 |
index 00000000000..ef0e6ee26f3 |
| 1207 |
--- /dev/null |
| 1208 |
+++ b/sys-process/audit/files/audit.rules |
| 1209 |
@@ -0,0 +1,24 @@ |
| 1210 |
+# Copyright 1999-2005 Gentoo Foundation |
| 1211 |
+# Distributed under the terms of the GNU General Public License v2 |
| 1212 |
+# |
| 1213 |
+# This file contains the auditctl rules that are loaded |
| 1214 |
+# whenever the audit daemon is started via the initscripts. |
| 1215 |
+# The rules are simply the parameters that would be passed |
| 1216 |
+# to auditctl. |
| 1217 |
+ |
| 1218 |
+# First rule - delete all |
| 1219 |
+# This is to clear out old rules, so we don't append to them. |
| 1220 |
+-D |
| 1221 |
+ |
| 1222 |
+# Feel free to add below this line. See auditctl man page |
| 1223 |
+ |
| 1224 |
+# The following rule would cause all of the syscalls listed to be ignored in logging. |
| 1225 |
+# -a entry,never -S read -S write -S open -S fstat -S fstat64 -S mmap -S brk -S munmap -S _llseek -S nanosleep -S fcntl64 -S close -S dup2 -S rt_sigaction -S stat64 -S stat |
| 1226 |
+ |
| 1227 |
+# The following rule would cause the capture of all systems not caught above. |
| 1228 |
+# -a entry,always -S all |
| 1229 |
+ |
| 1230 |
+# Increase the buffers to survive stress events |
| 1231 |
+-b 256 |
| 1232 |
+ |
| 1233 |
+# vim:ft=conf: |
| 1234 |
|
| 1235 |
diff --git a/sys-process/audit/files/audit.rules.stop.post b/sys-process/audit/files/audit.rules.stop.post |
| 1236 |
new file mode 100644 |
| 1237 |
index 00000000000..29ae197f18b |
| 1238 |
--- /dev/null |
| 1239 |
+++ b/sys-process/audit/files/audit.rules.stop.post |
| 1240 |
@@ -0,0 +1,12 @@ |
| 1241 |
+# Copyright 1999-2005 Gentoo Foundation |
| 1242 |
+# Distributed under the terms of the GNU General Public License v2 |
| 1243 |
+# |
| 1244 |
+# This file contains the auditctl rules that are loaded immediately after the |
| 1245 |
+# audit deamon is stopped via the initscripts. |
| 1246 |
+# The rules are simply the parameters that would be passed |
| 1247 |
+# to auditctl. |
| 1248 |
+ |
| 1249 |
+# Not used for the default Gentoo configuration as of v1.2.3 |
| 1250 |
+# Paranoid security types might wish to reconfigure kauditd here. |
| 1251 |
+ |
| 1252 |
+# vim:ft=conf: |
| 1253 |
|
| 1254 |
diff --git a/sys-process/audit/files/audit.rules.stop.pre b/sys-process/audit/files/audit.rules.stop.pre |
| 1255 |
new file mode 100644 |
| 1256 |
index 00000000000..1f34173369e |
| 1257 |
--- /dev/null |
| 1258 |
+++ b/sys-process/audit/files/audit.rules.stop.pre |
| 1259 |
@@ -0,0 +1,15 @@ |
| 1260 |
+# Copyright 1999-2011 Gentoo Foundation |
| 1261 |
+# Distributed under the terms of the GNU General Public License v2 |
| 1262 |
+# |
| 1263 |
+# This file contains the auditctl rules that are loaded immediately before the |
| 1264 |
+# audit deamon is stopped via the initscripts. |
| 1265 |
+# The rules are simply the parameters that would be passed |
| 1266 |
+# to auditctl. |
| 1267 |
+ |
| 1268 |
+# auditd is stopping, don't capture events anymore |
| 1269 |
+-D |
| 1270 |
+ |
| 1271 |
+# Disable kernel generating audit events |
| 1272 |
+-e 0 |
| 1273 |
+ |
| 1274 |
+# vim:ft=conf: |
Archives