summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJonathan Davies <jpds@protonmail.com>2021-07-17 00:09:59 +0100
committerSam James <sam@gentoo.org>2021-11-03 02:02:39 +0000
commit8e1bcb5904e8f18acc6f4457ba0fd20de8d63c4f (patch)
tree8b155d00ae29707de8628bc788fd097295a8ff58 /sys-process/audit
parentwww-servers/nginx: bump to v1.21.4 (diff)
downloadgentoo-8e1bcb5904e8f18acc6f4457ba0fd20de8d63c4f.tar.gz
gentoo-8e1bcb5904e8f18acc6f4457ba0fd20de8d63c4f.tar.bz2
gentoo-8e1bcb5904e8f18acc6f4457ba0fd20de8d63c4f.zip
sys-process/audit: Version updated to 3.0.3, with changes:
* Enabled test USE flag. Signed-off-by: Jonathan Davies <jpds@protonmail.com> Closes: https://github.com/gentoo/gentoo/pull/21681 Signed-off-by: Sam James <sam@gentoo.org>
Diffstat (limited to 'sys-process/audit')
-rw-r--r--sys-process/audit/Manifest1
-rw-r--r--sys-process/audit/audit-3.0.3.ebuild155
2 files changed, 156 insertions, 0 deletions
diff --git a/sys-process/audit/Manifest b/sys-process/audit/Manifest
index 48cc8ee66011..380c8e8d470f 100644
--- a/sys-process/audit/Manifest
+++ b/sys-process/audit/Manifest
@@ -1,3 +1,4 @@
DIST audit-3.0.1.tar.gz 1180286 BLAKE2B f29687ebc76f4eb88184cce1a3da0b8ca4464b2f81f56d71048ac4a64a713f33d6964e46e78b73c72b6ac2495f80114866773b3b86753c1d0dead25df73f7c43 SHA512 ad2897c9f539681f0f65b08cd0e650c528957fd4799755c2bcc47f869e04272aad31684c46847124d7b42dde243a16ba2754936890189610814c7007c0381d8c
DIST audit-3.0.2.tar.gz 1184356 BLAKE2B 13f76e9c40bc8ffc53b5499076b5cb75c2690d95414a0e1942fa9725b9617f10327a2ee676dc10cc46ba76d223f77509d305bcd22344b678443b7707cc6d10cd SHA512 9e831ed6f30ac7d58f028cede97adba431bde18dfd9045c19f5e03eff52cd28db3a6792e5969f555ce51aa562662b59fa5cc5265586c6acf0b3aa1feae4d720f
+DIST audit-3.0.3.tar.gz 1186684 BLAKE2B 53e3fbb2acc574bad86cd41e6ffe396631695321e1c02f2d0f1f1f6fed8c77f61c3513431eafb157ec11e99330b4e277f6c75eaabac6179dac2abc8826e9cc76 SHA512 7132fd5d90c3745cdb2cd664c8d0b74ad9108bc39940e87fd1ae3ee461c484505d5d33fa5c741caa237e79e3bf9c7e1ccb07cac81b5cbfbe59db8fc8db021fd7
DIST audit-3.0.tar.gz 1109442 BLAKE2B f9c94f7163522068f5f37163a242cb913acc87b5465f7f8550fad27ac1dc673fd7a98e208bd5e6fb136eac1fdadd659e599e7722426937481bbf8c66d86a1617 SHA512 b82ec73c85a8ebb5108b526673d6fe08cbe0b51376788f3ea6ed5747c4612158462893e719496dffbd723f833f84383a2d1d55fd78a3ed985ecfd19545060c88
diff --git a/sys-process/audit/audit-3.0.3.ebuild b/sys-process/audit/audit-3.0.3.ebuild
new file mode 100644
index 000000000000..7ca9ea03f3db
--- /dev/null
+++ b/sys-process/audit/audit-3.0.3.ebuild
@@ -0,0 +1,155 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+PYTHON_COMPAT=( python3_{7..9} )
+
+inherit autotools multilib multilib-minimal toolchain-funcs python-r1 linux-info systemd usr-ldscript
+
+DESCRIPTION="Userspace utilities for storing and processing auditing records"
+HOMEPAGE="https://people.redhat.com/sgrubb/audit/"
+SRC_URI="https://people.redhat.com/sgrubb/audit/${P}.tar.gz"
+
+LICENSE="GPL-2+ LGPL-2.1+"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86"
+IUSE="gssapi ldap python static-libs test"
+
+REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"
+RESTRICT="!test? ( test )"
+
+RDEPEND="gssapi? ( virtual/krb5 )
+ ldap? ( net-nds/openldap )
+ sys-libs/libcap-ng
+ python? ( ${PYTHON_DEPS} )"
+DEPEND="${RDEPEND}
+ >=sys-kernel/linux-headers-2.6.34
+ test? ( dev-libs/check )"
+BDEPEND="python? ( dev-lang/swig:0 )"
+
+CONFIG_CHECK="~AUDIT"
+
+src_prepare() {
+ # audisp-remote moved in multilib_src_install_all
+ sed -i \
+ -e "s,/sbin/audisp-remote,${EPREFIX}/usr/sbin/audisp-remote," \
+ audisp/plugins/remote/au-remote.conf || die
+
+ # Disable installing sample rules so they can be installed as docs.
+ echo -e '%:\n\t:' | tee rules/Makefile.{am,in} >/dev/null
+
+ default
+ eautoreconf
+}
+
+multilib_src_configure() {
+ local -a myeconfargs=(
+ --sbindir="${EPREFIX}/sbin"
+ $(use_enable gssapi gssapi-krb5)
+ $(use_enable ldap zos-remote)
+ $(use_enable static-libs static)
+ --enable-systemd
+ --without-golang
+ --without-python
+ --without-python3
+ )
+ ECONF_SOURCE=${S} econf "${myeconfargs[@]}"
+
+ if multilib_is_native_abi && use python; then
+ python_configure() {
+ mkdir -p "${BUILD_DIR}"
+ pushd "${BUILD_DIR}" &>/dev/null || die
+ ECONF_SOURCE=${S} econf "${myeconfargs[@]}" --with-python3
+ popd &>/dev/null || die
+ }
+ python_foreach_impl python_configure
+ fi
+}
+
+src_configure() {
+ tc-export_build_env BUILD_{CC,CPP}
+ local -x CC_FOR_BUILD="${BUILD_CC}"
+ local -x CPP_FOR_BUILD="${BUILD_CPP}"
+ multilib-minimal_src_configure
+}
+
+multilib_src_compile() {
+ if multilib_is_native_abi; then
+ default
+
+ local native_build="${BUILD_DIR}"
+ python_compile() {
+ emake -C "${BUILD_DIR}"/bindings/swig top_builddir="${native_build}"
+ emake -C "${BUILD_DIR}"/bindings/python/python3 top_builddir="${native_build}"
+ }
+ use python && python_foreach_impl python_compile
+ else
+ emake -C common
+ emake -C lib
+ emake -C auparse
+ fi
+}
+
+multilib_src_install() {
+ if multilib_is_native_abi; then
+ emake DESTDIR="${D}" initdir="$(systemd_get_systemunitdir)" install
+
+ local native_build="${BUILD_DIR}"
+ python_install() {
+ emake -C "${BUILD_DIR}"/bindings/swig DESTDIR="${D}" top_builddir="${native_build}" install
+ emake -C "${BUILD_DIR}"/bindings/python/python3 DESTDIR="${D}" top_builddir="${native_build}" install
+ python_optimize
+ }
+ use python && python_foreach_impl python_install
+
+ # things like shadow use this so we need to be in /
+ gen_usr_ldscript -a audit auparse
+ else
+ emake -C lib DESTDIR="${D}" install
+ emake -C auparse DESTDIR="${D}" install
+ fi
+}
+
+multilib_src_install_all() {
+ dodoc AUTHORS ChangeLog README* THANKS
+ docinto contrib
+ dodoc contrib/avc_snap
+ docinto contrib/plugin
+ dodoc contrib/plugin/*
+ docinto rules
+ dodoc rules/*rules
+
+ newinitd "${FILESDIR}"/auditd-init.d-2.4.3 auditd
+ newconfd "${FILESDIR}"/auditd-conf.d-2.1.3 auditd
+
+ [ -f "${ED}"/sbin/audisp-remote ] && \
+ dodir /usr/sbin && \
+ mv "${ED}"/{sbin,usr/sbin}/audisp-remote || die
+
+ # Gentoo rules
+ insinto /etc/audit
+ newins "${FILESDIR}"/audit.rules-2.1.3 audit.rules
+ doins "${FILESDIR}"/audit.rules.stop*
+
+ # audit logs go here
+ keepdir /var/log/audit
+
+ find "${ED}" -type f -name '*.la' -delete || die
+
+ # Security
+ lockdown_perms "${ED}"
+}
+
+pkg_postinst() {
+ lockdown_perms "${EROOT}"
+}
+
+lockdown_perms() {
+ # Upstream wants these to have restrictive perms.
+ # Should not || die as not all paths may exist.
+ local basedir="$1"
+ chmod 0750 "${basedir}"/sbin/au{ditctl,ditd,report,search,trace} 2>/dev/null
+ chmod 0750 "${basedir}"/var/log/audit 2>/dev/null
+ chmod 0640 "${basedir}"/etc/audit/{auditd.conf,audit*.rules*} 2>/dev/null
+}