Browse Source
audit: new package
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> [strip library after adding it to openwrt repository] Signed-off-by: W. Michael Petullo <mike@flyn.org>lilik-openwrt-22.03
Thomas Petazzoni
4 years ago
committed by
Paul Spooren
Paul Spooren
4 changed files with 319 additions and 0 deletions
Split View
Diff Options
-
+144 -0utils/audit/Makefile
-
+16 -0utils/audit/files/audit.init
-
+133 -0utils/audit/patches/0001-Add-substitue-functions-for-strndupa-rawmemchr.patch
-
+26 -0utils/audit/patches/0002-fix-gcc-10.patch
+ 144
- 0
utils/audit/Makefile
View File
| @ -0,0 +1,144 @@ | |||
| # | |||
| # This is free software, licensed under the GNU General Public License v2. | |||
| # See /LICENSE for more information. | |||
| # | |||
| include $(TOPDIR)/rules.mk | |||
| PKG_NAME:=audit | |||
| PKG_VERSION:=2.8.5 | |||
| PKG_RELEASE:=1 | |||
| PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz | |||
| PKG_SOURCE_URL:=http://people.redhat.com/sgrubb/audit | |||
| PKG_HASH:=0e5d4103646e00f8d1981e1cd2faea7a2ae28e854c31a803e907a383c5e2ecb7 | |||
| PKG_MAINTAINER:=Thomas Petazzoni <thomas.petazzoni@bootlin.com> | |||
| PKG_LICENSE:=GPL-2.0-or-later | |||
| PKG_LICENSE_FILES:=COPYING | |||
| PKG_CPE_ID:=cpe:/a:linux_audit_project:linux_audit | |||
| PKG_FIXUP:=autoreconf | |||
| PKG_USE_MIPS16:=0 | |||
| include $(INCLUDE_DIR)/package.mk | |||
| include $(INCLUDE_DIR)/host-build.mk | |||
| define Package/audit/Default | |||
| TITLE:=Audit Daemon | |||
| URL:=http://people.redhat.com/sgrubb/audit/ | |||
| endef | |||
| define Package/audit/Default/description | |||
| The audit package contains the user space utilities for | |||
| storing and searching the audit records generated by | |||
| the audit subsystem in the Linux 2.6 kernel | |||
| endef | |||
| define Package/libauparse | |||
| $(call Package/audit/Default) | |||
| SECTION:=libs | |||
| CATEGORY:=Libraries | |||
| TITLE+= (parsing shared library) | |||
| DEPENDS:= +libaudit | |||
| endef | |||
| define Package/libauparse/description | |||
| $(call Package/audit/Default/description) | |||
| This package contains the audit parsing shared library. | |||
| endef | |||
| define Package/audit-utils | |||
| $(call Package/audit/Default) | |||
| SECTION:=utils | |||
| CATEGORY:=Utilities | |||
| TITLE+= (utilities) | |||
| DEPENDS:= +libaudit +libauparse | |||
| endef | |||
| define Package/audit-utils/description | |||
| $(call Package/audit/Default/description) | |||
| This package contains the audit utilities. | |||
| endef | |||
| define Package/audit | |||
| $(call Package/audit/Default) | |||
| SECTION:=utils | |||
| CATEGORY:=Utilities | |||
| TITLE+= (daemon) | |||
| DEPENDS:= +libaudit +libauparse +audit-utils | |||
| endef | |||
| define Package/audit/description | |||
| $(call Package/audit/Default/description) | |||
| This package contains the audit daemon. | |||
| endef | |||
| CONFIGURE_VARS += \ | |||
| LDFLAGS_FOR_BUILD="$(HOST_LDFLAGS)" \ | |||
| CPPFLAGS_FOR_BUILD="$(HOST_CPPFLAGS)" \ | |||
| CFLAGS_FOR_BUILD="$(HOST_CFLAGS)" \ | |||
| CC_FOR_BUILD="$(HOSTCC)" | |||
| CONFIGURE_ARGS += \ | |||
| --without-libcap-ng \ | |||
| --disable-systemd \ | |||
| --without-python \ | |||
| --without-python3 \ | |||
| --disable-zos-remote | |||
| ifeq ($(ARCH),aarch64) | |||
| CONFIGURE_ARGS += --with-aarch64 | |||
| else ifeq ($(ARCH),arm) | |||
| CONFIGURE_ARGS += --with-arm | |||
| endif | |||
| # We can't use the default, as the default passes $(MAKE_ARGS), which | |||
| # overrides CC, CFLAGS, etc. and defeats the *_FOR_BUILD definitions | |||
| # passed in CONFIGURE_VARS | |||
| define Build/Compile | |||
| $(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR)/$(MAKE_PATH) | |||
| endef | |||
| define Build/Install | |||
| $(call Build/Install/Default,install) | |||
| $(SED) 's%^dispatcher *=.*%dispatcher = /usr/sbin/audispd%' $(PKG_INSTALL_DIR)/etc/audit/auditd.conf | |||
| endef | |||
| define Build/InstallDev | |||
| $(INSTALL_DIR) $(1)/usr/include | |||
| $(CP) $(PKG_INSTALL_DIR)/usr/include/* $(1)/usr/include/ | |||
| $(INSTALL_DIR) $(1)/usr/lib/pkgconfig | |||
| $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/*.pc $(1)/usr/lib/pkgconfig/ | |||
| $(INSTALL_DIR) $(1)/usr/lib | |||
| $(CP) $(PKG_INSTALL_DIR)/usr/lib/* $(1)/usr/lib/ | |||
| endef | |||
| define Package/libauparse/install | |||
| $(INSTALL_DIR) $(1)/usr/lib | |||
| $(CP) $(PKG_INSTALL_DIR)/usr/lib/libauparse.so.* $(1)/usr/lib/ | |||
| endef | |||
| define Package/audit-utils/install | |||
| $(INSTALL_DIR) $(1)/usr/bin | |||
| $(CP) $(PKG_INSTALL_DIR)/usr/bin/* $(1)/usr/bin/ | |||
| $(INSTALL_DIR) $(1)/usr/sbin | |||
| $(CP) \ | |||
| $(PKG_INSTALL_DIR)/usr/sbin/{augenrules,audispd,audisp-remote,auditctl,autrace,aureport,ausearch} \ | |||
| $(1)/usr/sbin/ | |||
| endef | |||
| define Package/audit/install | |||
| $(INSTALL_DIR) $(1)/etc/audit | |||
| $(CP) $(PKG_INSTALL_DIR)/etc/audit/* $(1)/etc/audit/ | |||
| $(INSTALL_DIR) $(1)/etc/init.d | |||
| $(INSTALL_BIN) ./files/audit.init $(1)/etc/init.d/audit | |||
| $(INSTALL_DIR) $(1)/usr/sbin | |||
| $(CP) $(PKG_INSTALL_DIR)/usr/sbin/auditd $(1)/usr/sbin/ | |||
| endef | |||
| $(eval $(call HostBuild)) | |||
| $(eval $(call BuildPackage,libauparse)) | |||
| $(eval $(call BuildPackage,audit-utils)) | |||
| $(eval $(call BuildPackage,audit)) | |||
+ 16
- 0
utils/audit/files/audit.init
View File
| @ -0,0 +1,16 @@ | |||
| #!/bin/sh /etc/rc.common | |||
| # Copyright (c) 2014 OpenWrt.org | |||
| START=11 | |||
| USE_PROCD=1 | |||
| PROG=/usr/sbin/auditd | |||
| start_service() { | |||
| mkdir -p /var/log/audit | |||
| procd_open_instance | |||
| procd_set_param command "$PROG" -n | |||
| procd_set_param respawn | |||
| procd_close_instance | |||
| test -f /etc/audit/rules.d/audit.rules && /usr/sbin/auditctl -R /etc/audit/rules.d/audit.rules | |||
| } | |||
+ 133
- 0
utils/audit/patches/0001-Add-substitue-functions-for-strndupa-rawmemchr.patch
View File
| @ -0,0 +1,133 @@ | |||
| From c39a071e7c021f6ff3554aca2758e97b47a9777c Mon Sep 17 00:00:00 2001 | |||
| From: Steve Grubb <sgrubb@redhat.com> | |||
| Date: Tue, 26 Feb 2019 18:33:33 -0500 | |||
| Subject: [PATCH] Add substitue functions for strndupa & rawmemchr | |||
| (cherry picked from commit d579a08bb1cde71f939c13ac6b2261052ae9f77e) | |||
| Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> | |||
| --- | |||
| auparse/auparse.c | 12 +++++++++++- | |||
| auparse/interpret.c | 9 ++++++++- | |||
| configure.ac | 14 +++++++++++++- | |||
| src/ausearch-lol.c | 12 +++++++++++- | |||
| 4 files changed, 43 insertions(+), 4 deletions(-) | |||
| diff --git a/auparse/auparse.c b/auparse/auparse.c | |||
| index 650db02..2e1c737 100644 | |||
| --- a/auparse/auparse.c | |||
| +++ b/auparse/auparse.c | |||
| @@ -1,5 +1,5 @@ | |||
| /* auparse.c -- | |||
| - * Copyright 2006-08,2012-17 Red Hat Inc., Durham, North Carolina. | |||
| + * Copyright 2006-08,2012-19 Red Hat Inc., Durham, North Carolina. | |||
| * All Rights Reserved. | |||
| * | |||
| * This library is free software; you can redistribute it and/or | |||
| @@ -1118,6 +1118,16 @@ static int str2event(char *s, au_event_t *e) | |||
| return 0; | |||
| } | |||
| +#ifndef HAVE_STRNDUPA | |||
| +static inline char *strndupa(const char *old, size_t n) | |||
| +{ | |||
| + size_t len = strnlen(old, n); | |||
| + char *tmp = alloca(len + 1); | |||
| + tmp[len] = 0; | |||
| + return memcpy(tmp, old, len); | |||
| +} | |||
| +#endif | |||
| + | |||
| /* Returns 0 on success and 1 on error */ | |||
| static int extract_timestamp(const char *b, au_event_t *e) | |||
| { | |||
| diff --git a/auparse/interpret.c b/auparse/interpret.c | |||
| index 51c4a5e..67b7b77 100644 | |||
| --- a/auparse/interpret.c | |||
| +++ b/auparse/interpret.c | |||
| @@ -853,6 +853,13 @@ err_out: | |||
| return print_escaped(id->val); | |||
| } | |||
| +// rawmemchr is faster. Let's use it if we have it. | |||
| +#ifdef HAVE_RAWMEMCHR | |||
| +#define STRCHR rawmemchr | |||
| +#else | |||
| +#define STRCHR strchr | |||
| +#endif | |||
| + | |||
| static const char *print_proctitle(const char *val) | |||
| { | |||
| char *out = (char *)print_escaped(val); | |||
| @@ -863,7 +870,7 @@ static const char *print_proctitle(const char *val) | |||
| // Proctitle has arguments separated by NUL bytes | |||
| // We need to write over the NUL bytes with a space | |||
| // so that we can see the arguments | |||
| - while ((ptr = rawmemchr(ptr, '\0'))) { | |||
| + while ((ptr = STRCHR(ptr, '\0'))) { | |||
| if (ptr >= end) | |||
| break; | |||
| *ptr = ' '; | |||
| diff --git a/configure.ac b/configure.ac | |||
| index 6e345f1..6f3007e 100644 | |||
| --- a/configure.ac | |||
| +++ b/configure.ac | |||
| @@ -1,7 +1,7 @@ | |||
| dnl | |||
| define([AC_INIT_NOTICE], | |||
| [### Generated automatically using autoconf version] AC_ACVERSION [ | |||
| -### Copyright 2005-18 Steve Grubb <sgrubb@redhat.com> | |||
| +### Copyright 2005-19 Steve Grubb <sgrubb@redhat.com> | |||
| ### | |||
| ### Permission is hereby granted, free of charge, to any person obtaining a | |||
| ### copy of this software and associated documentation files (the "Software"), | |||
| @@ -72,6 +72,18 @@ dnl; posix_fallocate is used in audisp-remote | |||
| AC_CHECK_FUNCS([posix_fallocate]) | |||
| dnl; signalfd is needed for libev | |||
| AC_CHECK_FUNC([signalfd], [], [ AC_MSG_ERROR([The signalfd system call is necessary for auditd]) ]) | |||
| +dnl; check if rawmemchr is available | |||
| +AC_CHECK_FUNCS([rawmemchr]) | |||
| +dnl; check if strndupa is available | |||
| +AC_LINK_IFELSE( | |||
| + [AC_LANG_SOURCE( | |||
| + [[ | |||
| + #define _GNU_SOURCE | |||
| + #include <string.h> | |||
| + int main() { (void) strndupa("test", 10); return 0; }]])], | |||
| + [AC_DEFINE(HAVE_STRNDUPA, 1, [Let us know if we have it or not])], | |||
| + [] | |||
| +) | |||
| ALLWARNS="" | |||
| ALLDEBUG="-g" | |||
| diff --git a/src/ausearch-lol.c b/src/ausearch-lol.c | |||
| index 5d17a72..758c33e 100644 | |||
| --- a/src/ausearch-lol.c | |||
| +++ b/src/ausearch-lol.c | |||
| @@ -1,6 +1,6 @@ | |||
| /* | |||
| * ausearch-lol.c - linked list of linked lists library | |||
| -* Copyright (c) 2008,2010,2014,2016 Red Hat Inc., Durham, North Carolina. | |||
| +* Copyright (c) 2008,2010,2014,2016,2019 Red Hat Inc., Durham, North Carolina. | |||
| * All Rights Reserved. | |||
| * | |||
| * This software may be freely redistributed and/or modified under the | |||
| @@ -152,6 +152,16 @@ static int compare_event_time(event *e1, event *e2) | |||
| return 0; | |||
| } | |||
| +#ifndef HAVE_STRNDUPA | |||
| +static inline char *strndupa(const char *old, size_t n) | |||
| +{ | |||
| + size_t len = strnlen(old, n); | |||
| + char *tmp = alloca(len + 1); | |||
| + tmp[len] = 0; | |||
| + return memcpy(tmp, old, len); | |||
| +} | |||
| +#endif | |||
| + | |||
| /* | |||
| * This function will look at the line and pick out pieces of it. | |||
| */ | |||
| -- | |||
| 2.21.0 | |||
+ 26
- 0
utils/audit/patches/0002-fix-gcc-10.patch
View File
| @ -0,0 +1,26 @@ | |||
| From 017e6c6ab95df55f34e339d2139def83e5dada1f Mon Sep 17 00:00:00 2001 | |||
| From: Steve Grubb <sgrubb@redhat.com> | |||
| Date: Fri, 10 Jan 2020 21:13:50 -0500 | |||
| Subject: [PATCH 01/30] Header definitions need to be external when building | |||
| with -fno-common (which is default in GCC 10) - Tony Jones | |||
| --- | |||
| src/ausearch-common.h | 2 +- | |||
| 1 file changed, 1 insertion(+), 1 deletion(-) | |||
| diff --git a/src/ausearch-common.h b/src/ausearch-common.h | |||
| index 6669203..3040547 100644 | |||
| --- a/src/ausearch-common.h | |||
| +++ b/src/ausearch-common.h | |||
| @@ -50,7 +50,7 @@ extern pid_t event_pid; | |||
| extern int event_exact_match; | |||
| extern uid_t event_uid, event_euid, event_loginuid; | |||
| extern const char *event_tuid, *event_teuid, *event_tauid; | |||
| -slist *event_node_list; | |||
| +extern slist *event_node_list; | |||
| extern const char *event_comm; | |||
| extern const char *event_filename; | |||
| extern const char *event_hostname; | |||
| -- | |||
| 2.26.2 | |||