Google Git
Sign in
cos / cos / overlays / board-overlays / f7979c3dccfff4af16887dc15e8a1841e234ecb1^! / .
commitf7979c3dccfff4af16887dc15e8a1841e234ecb1[log] [tgz]
authorAnil Altinay <aaltinay@google.com>Wed Jul 21 23:20:26 2021 +0000
committerAnil Altinay <aaltinay@google.com>Thu Jul 22 17:51:37 2021 +0000
treeed4a063fa4f4391d5f2df40f6542e269f20d63c2
parent04974d495b0afd6d087303ef33041de26bc9f8a2 [diff]
project-lakitu: sys-process/audit: apply the initial COS modification

When sys-process/audit was first created in COS by commit f56a9bfa5b75
("add audit tools in sys-process/audit") in
src/private-overlays/overlay-lakitu-private repository, its ebuild
file was different from the upstream Gentoo's ebuild file. This commit
applies those differences to 3.0.2

BUG=b/186856398
TEST=See the last commit in this series.
RELEASE_NOTE=None

Change-Id: I4e0788979962a8fe53f452b93dff979586a20b95
Reviewed-on: https://cos-review.googlesource.com/c/cos/overlays/board-overlays/+/19800
Tested-by: Cusky Presubmit Bot <presubmit@cos-infra-prod.iam.gserviceaccount.com>
Reviewed-by: Robert Kolchmeyer <rkolchmeyer@google.com>

diff --git a/project-lakitu/sys-process/audit/audit-3.0.2-r1.ebuild b/project-lakitu/sys-process/audit/audit-3.0.2-r2.ebuild
similarity index 100%
rename from project-lakitu/sys-process/audit/audit-3.0.2-r1.ebuild
rename to project-lakitu/sys-process/audit/audit-3.0.2-r2.ebuild

diff --git a/project-lakitu/sys-process/audit/audit-3.0.2.ebuild b/project-lakitu/sys-process/audit/audit-3.0.2.ebuild
index 0688724..e327cff 100644
--- a/project-lakitu/sys-process/audit/audit-3.0.2.ebuild
+++ b/project-lakitu/sys-process/audit/audit-3.0.2.ebuild

@@ -14,17 +14,20 @@
 LICENSE="GPL-2+ LGPL-2.1+"
 SLOT="0"
 KEYWORDS="*"
-IUSE="gssapi ldap python static-libs"
+IUSE="daemon gssapi ldap python static-libs"
 
-REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"
+REQUIRED_USE="ldap? ( daemon )
+	python? ( ${PYTHON_REQUIRED_USE} )"
 # Testcases are pretty useless as they are built for RedHat users/groups and kernels.
 RESTRICT="test"
 
 RDEPEND="gssapi? ( virtual/krb5 )
 	ldap? ( net-nds/openldap )
+	sys-apps/diffutils
 	sys-libs/libcap-ng
 	python? ( ${PYTHON_DEPS} )"
 DEPEND="${RDEPEND}
+	python? ( dev-lang/swig )
 	>=sys-kernel/linux-headers-2.6.34" # This is linux specific.
 BDEPEND="python? ( dev-lang/swig:0 )"
 
@@ -39,6 +42,18 @@
 	# Disable installing sample rules so they can be installed as docs.
 	echo -e '%:\n\t:' | tee rules/Makefile.{am,in} >/dev/null
 
+	if ! use daemon; then
+		sed -e '/^SUBDIRS =/s/audisp//' \
+			-i Makefile.am || die
+		sed -e '/${DESTDIR}${initdir}/d' \
+			-e '/${DESTDIR}${legacydir}/d' \
+			-i init.d/Makefile.am || die
+		sed -e '/^sbin_PROGRAMS =/s/auditd//' \
+			-e '/^sbin_PROGRAMS =/s/aureport//' \
+			-e '/^sbin_PROGRAMS =/s/ausearch//' \
+			-i src/Makefile.am || die
+	fi
+
 	default
 	eautoreconf
 }
@@ -113,43 +128,28 @@
 
 multilib_src_install_all() {
 	dodoc AUTHORS ChangeLog README* THANKS
-	docinto contrib
-	dodoc contrib/avc_snap
-	docinto contrib/plugin
-	dodoc contrib/plugin/*
-	docinto rules
-	dodoc rules/*rules
+	
+	if use daemon; then
+		docinto contrib/plugin
+		dodoc contrib/plugin/*
+		docinto rules
+		dodoc rules/*rules
 
-	newinitd "${FILESDIR}"/auditd-init.d-2.4.3 auditd
-	newconfd "${FILESDIR}"/auditd-conf.d-2.1.3 auditd
+		newinitd "${FILESDIR}"/auditd-init.d-2.4.3 auditd
+		newconfd "${FILESDIR}"/auditd-conf.d-2.1.3 auditd
 
-	[ -f "${ED}"/sbin/audisp-remote ] && \
-	dodir /usr/sbin && \
-	mv "${ED}"/{sbin,usr/sbin}/audisp-remote || die
+		[ -f "${ED}"/sbin/audisp-remote ] && \
+		dodir /usr/sbin && \
+		mv "${ED}"/{sbin,usr/sbin}/audisp-remote || die
 
-	# Gentoo rules
-	insinto /etc/audit
-	newins "${FILESDIR}"/audit.rules-2.1.3 audit.rules
-	doins "${FILESDIR}"/audit.rules.stop*
+		# audit logs go here
+		keepdir /var/log/audit
+	fi
 
-	# audit logs go here
-	keepdir /var/log/audit
+	insinto /usr/share/audit/rules.d
+	doins "${FILESDIR}"/rules.d/*.rules
 
-	find "${ED}" -type f -name '*.la' -delete || die
-
-	# Security
-	lockdown_perms "${ED}"
-}
-
-pkg_postinst() {
-	lockdown_perms "${EROOT}"
-}
-
-lockdown_perms() {
-	# Upstream wants these to have restrictive perms.
-	# Should not || die as not all paths may exist.
-	local basedir="$1"
-	chmod 0750 "${basedir}"/sbin/au{ditctl,ditd,report,search,trace} 2>/dev/null
-	chmod 0750 "${basedir}"/var/log/audit 2>/dev/null
-	chmod 0640 "${basedir}"/etc/audit/{auditd.conf,audit*.rules*} 2>/dev/null
+	systemd_newtmpfilesd "${FILESDIR}"/audit-rules.tmpfiles audit-rules.conf
+	systemd_dounit "${FILESDIR}"/audit-rules.service
+	systemd_enable_service multi-user.target audit-rules.service
 }

diff --git a/project-lakitu/sys-process/audit/files/audit.rules-2.1.3 b/project-lakitu/sys-process/audit/files/audit.rules-2.1.3
deleted file mode 100644
index 25dbedf..0000000
--- a/project-lakitu/sys-process/audit/files/audit.rules-2.1.3
+++ /dev/null

@@ -1,25 +0,0 @@
-# Copyright 1999-2011 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-#
-# This file contains the auditctl rules that are loaded
-# whenever the audit daemon is started via the initscripts.
-# The rules are simply the parameters that would be passed
-# to auditctl.
-
-# First rule - delete all
-# This is to clear out old rules, so we don't append to them.
--D
-
-# Feel free to add below this line. See auditctl man page
-
-# The following rule would cause all of the syscalls listed to be ignored in logging.
--a exit,never -F arch=b32 -S read -S write -S open -S fstat -S mmap -S brk -S munmap -S nanosleep -S fcntl -S close -S dup2 -S rt_sigaction -S stat
--a exit,never -F arch=b64 -S read -S write -S open -S fstat -S mmap -S brk -S munmap -S nanosleep -S fcntl -S close -S dup2 -S rt_sigaction -S stat
-
-# The following rule would cause the capture of all systems not caught above.
-# -a exit,always -S all
-
-# Increase the buffers to survive stress events
--b 8192
-
-# vim:ft=conf:

diff --git a/project-lakitu/sys-process/audit/files/audit.rules.stop.post b/project-lakitu/sys-process/audit/files/audit.rules.stop.post
deleted file mode 100644
index 29ae197..0000000
--- a/project-lakitu/sys-process/audit/files/audit.rules.stop.post
+++ /dev/null

@@ -1,12 +0,0 @@
-# Copyright 1999-2005 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-#
-# This file contains the auditctl rules that are loaded immediately after the
-# audit deamon is stopped via the initscripts.
-# The rules are simply the parameters that would be passed
-# to auditctl.
-
-# Not used for the default Gentoo configuration as of v1.2.3
-# Paranoid security types might wish to reconfigure kauditd here.
-
-# vim:ft=conf:

diff --git a/project-lakitu/sys-process/audit/files/audit.rules.stop.pre b/project-lakitu/sys-process/audit/files/audit.rules.stop.pre
deleted file mode 100644
index 1f34173..0000000
--- a/project-lakitu/sys-process/audit/files/audit.rules.stop.pre
+++ /dev/null

@@ -1,15 +0,0 @@
-# Copyright 1999-2011 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-#
-# This file contains the auditctl rules that are loaded immediately before the
-# audit deamon is stopped via the initscripts.
-# The rules are simply the parameters that would be passed
-# to auditctl.
-
-# auditd is stopping, don't capture events anymore
--D
-
-# Disable kernel generating audit events
--e 0
-
-# vim:ft=conf: