[gentoo-commits] dev/anarchy:master commit in: sys-process/audit/files/, sys-process/audit/

[gentoo-commits] dev/anarchy:master commit in: sys-process/audit/files/, sys-process/audit/

[Jory Pratt]

commit:     a7d45682a46ef43f7c74a1fc94e501ab38523172
Author:     Jory A. Pratt <anarchy <AT> gentoo <DOT> org>
AuthorDate: Sun Dec 23 01:54:52 2012 +0000
Commit:     Jory Pratt <anarchy <AT> gentoo <DOT> org>
CommitDate: Sun Dec 23 01:54:52 2012 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=dev/anarchy.git;a=commit;h=a7d45682

Fix misc failures in current ebuild

---
 sys-process/audit/Manifest                         |    7 +-
 .../{audit-2.2.1.ebuild => audit-2.2.2.ebuild}     |   26 ++-
 .../audit/files/audit-2.1.3-ia64-compile-fix.patch |  212 ++++++++++++++++++++
 .../{auditd-init.d-2.2.1 => auditd-init.d-2.2.2}   |   26 ++--
 4 files changed, 250 insertions(+), 21 deletions(-)

diff --git a/sys-process/audit/Manifest b/sys-process/audit/Manifest
index f088356..dfc98c0 100644
--- a/sys-process/audit/Manifest
+++ b/sys-process/audit/Manifest
@@ -1,8 +1,9 @@
+AUX audit-2.1.3-ia64-compile-fix.patch 7173 SHA256 af8f2764b5675fb364901dd6ce9477655b1bde9de9a9436c1a7e40793a0ad560 SHA512 be1f0fd8933e962b11818bace04a14f89afd40c20d9e3ecc839c210fc946e851bb8ba0ce0eae9267023397f77c5a1a3c8b574b9285c0351f534a24f5c9a2a512 WHIRLPOOL f6a7a3b740f39485874a874bbfdea85e087fdcde817a91526e37cddbb85d6e4536add47179021fc7245bafb74b7ad4f3286de55108cb950aee2e1d7217ef19e3
 AUX audit-2.1.3-python.patch 1353 SHA256 de214516fc107d8bfb19fcaf39d87776d9655a153e8e8b993a725f34dbe91ce5 SHA512 01e071c4219e1ea186207be883e08811021465cf18cdc2d18dcd1c61be372f2061b7f18f104dfb21ae94d363153f81133e768ddac8953703198bcda257f827eb WHIRLPOOL 4555e5b2f00a7470bb52a0813fcadf85e334f181f68414011629e95b7143bc07c83e94aa814bd4b6fc91a3add1b18444d97b24ecb7590e1884d663cf9bcf6203
 AUX audit.rules-2.1.3 1126 SHA256 8bf7f9cac7d2a47d3ff51d2a2b227588820831b5ef7c2e3d058b097d4d65eeb0 SHA512 be4a064ab9b9edfc02df3c2d3a29c4e8ffd031ce10adcf274a548ecd414b95b2aeebc54cf5aef9c04dcc121adea7b8fe63b7d153cd80f552e5f0605459a83901 WHIRLPOOL 7295ba3bc78394f4882f24fa8f3acd62fbd08543e618a260a308b2b8b350ced41d7fa9ce19a791fb0bb879a09dd4153a6e869f64ab927c7d4e2683e5f47b36d5
 AUX audit.rules.stop.post 573 SHA256 4c2e0be1a63b6800396e31153a899d4e3f2db1cee41b4dd271064dc97521edfe SHA512 a2cb699892aef006b102613b3b96ea24533437cd0927933f5520cccf28a088beef74a0ffcc74d402d4a4882fac2e59714ff537e310990956a6f56aacacaf13fd WHIRLPOOL bc13f844437980cd7d0ee4e8a1f0ad6a5e1ec1be8cd5159adb761c1f64c99f73dff6541a265e1b06fbce53988714ffbb2b0b61f91eb1fcbf081fbdeb30e8148d
 AUX audit.rules.stop.pre 547 SHA256 ec2c402d3d2b886c680259145696ad46c451dd1aed533906fdac69e30123c35f SHA512 8f0746b215a6ef1207beea2f3f73d536cfc0df58bfa55362c27c8b7ba56bf23eba2ebcf897f68b65b998c9fb090ea5d21b1d5dabc05cf0ac6e07c83f8459792d WHIRLPOOL a0563754ab170d22e78a2148afb006c55a243c809e8349a84cdafc7120446c4659bb5525338c5765a95f565ec61802cd91c308686cef3707a098bf78ab3f7ac9
 AUX auditd-conf.d-2.1.3 853 SHA256 f64186229238dd589b1fa5f72503000628b8f4f6655bdc3105b2fdbb17f6458f SHA512 3a47f7e091dc60f563d9be0027a4d1723485e7235178ffef544d39dd69de98a6283537a5649f9e2e5703a43202f77c7ff26608a653ad9d283f04bb2058fe1f45 WHIRLPOOL 29d16ead845aff5f9aac396697af2d7dd80ab39fa70fa35cc41187e9a9b43dddc0c0fdd469ffdf66a72ec1602b4faedde8158d911e95025701514c024fc6e3d9
-AUX auditd-init.d-2.2.1 2349 SHA256 2bb5bdab536d7a0e7741fc9c9ca75d12ab1f884c20ad9bbf544371ea63ee6a7f SHA512 dbb856f9d1e3ff0686e0f37613cbbfc980637afa8057db233ea4d13938ac03d71083dbaf04addab44669b7b452bc9561287cb815e2a21f83af13e2c9235dc148 WHIRLPOOL 3fb2ff0a7777ed147e0ae6c63fca074b0037a3cab6f4b3334b4a953eff2470676b9b876f0cb967666173a21edbe8327e8fe0826909c70aac2991623ee213fd84
-DIST audit-2.2.1.tar.gz 877202 SHA256 9865ca89f5b975ccf25441ddf45a874448f2bba944005aa8cd5e3c3148713a63 SHA512 e9a368529e28c87a37bfb16244a9e5c420c3e6830b47077465856a59069a26dc2d2cb77b63c9b3101d6c15a4906ca96b4f41300d6deaf4f5b02bc360c044168c WHIRLPOOL 93afdb2c846589731289321f38cc7b4027d138009fe5dbcbf77dcfbc25821400114168b1e72f735a2f2df1ab4fd7b04e58eab2529ca7596501c1b9551b558b38
-EBUILD audit-2.2.1.ebuild 4093 SHA256 bf7a8463c050728f62d05b9995a152155dabb0d090c9d15c2195a8fbdac185bd SHA512 0ffe4d7a7bad6f0654c7c6302faff5fd25131a10389f6c180de54bbcad087b367896aa83f2be1ede887f2b6bb56f1b3a83bfe2cd1d91fdf36ef2bf8d7e2a42ec WHIRLPOOL 70d142d629423f6bb367be5584c190e96a41f493e7309971e8395664afcf74f074453fe99e270de953d2140609f8de489a84a4fc749b19a622c5093f1c139987
+AUX auditd-init.d-2.2.2 2341 SHA256 5a280585adb9b2d4fa2742b5e94c4eb1517fe4c5d8d79c7ec349fe11d19af6a5 SHA512 9d4c98a34ff2039b84e648ae7bb4811ee237a29b11f811fb81d4223fdf2e56041e713f2f05793b34503478d17f17fd4390515f26921e998db1033deddd8e35c1 WHIRLPOOL 928f543daf45631c8747d75593a4a2029dd59d634386406e16c9c989192f09c811119e4cfaa59c2d9e11cae21ee5cff50465146fe55db98b35a667d9e0e92c04
+DIST audit-2.2.2.tar.gz 907066 SHA256 8bc2b45a5f08f5df6cebcd5543f24b7e68e28b64da4b23f08de2c6616384302b SHA512 98d83162e69816611dfac3d3ecc19235403ea5809d7a5cd9f13444c2085f03e46657802addb58ee31c251749f89417926ae40bcd99a77d64f062712830fde9bb WHIRLPOOL f127d3b9645d4e679a83767d688b83c7d59d4a35a166bc9f5038df89852768b695bc0c30e26fea0930aa29fed4583aa5218a42d5898d2a7c542e04cf58b9a9e9
+EBUILD audit-2.2.2.ebuild 4666 SHA256 7441b1f64fda91544a034496f5e1975593861377ebbc844963354a34ee2fce24 SHA512 85b175407a068624ede430e669c544de203cb12934b1df4d8124027c880f99603e590750825a93b2e0587bb25e31250e6f80e75ab3defded7fa9a305efc3f878 WHIRLPOOL 775203d4d663d5dad73b0f38bf16353ddae5e2c0c526d7fe505d3ff5b671ca0f58967372fb1a8479c6dc6053ff119431158c076c177690cbc31ec5541db8a135

diff --git a/sys-process/audit/audit-2.2.1.ebuild b/sys-process/audit/audit-2.2.2.ebuild
similarity index 81%
rename from sys-process/audit/audit-2.2.1.ebuild
rename to sys-process/audit/audit-2.2.2.ebuild
index b2e406d..2f76ef6 100644
--- a/sys-process/audit/audit-2.2.1.ebuild
+++ b/sys-process/audit/audit-2.2.2.ebuild
@@ -1,8 +1,8 @@
 # Copyright 1999-2012 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-process/audit/audit-2.1.3-r1.ebuild,v 1.8 2012/07/03 19:48:08 jer Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-process/audit/audit-2.2.2.ebuild,v 1.2 2012/12/22 07:36:33 robbat2 Exp $
 
-EAPI="3"
+EAPI="4"
 PYTHON_DEPEND="python? 2"
 SUPPORT_PYTHON_ABIS="1"
 RESTRICT_PYTHON_ABIS="3.* *-jython 2.7-pypy-*"
@@ -15,7 +15,7 @@ SRC_URI="http://people.redhat.com/sgrubb/audit/${P}.tar.gz"
 
 LICENSE="GPL-2"
 SLOT="0"
-KEYWORDS="~alpha amd64 hppa ~ia64 ~mips ppc ~ppc64 ~sparc x86"
+KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86"
 IUSE="ldap prelude python"
 # Testcases are pretty useless as they are built for RedHat users/groups and
 # kernels.
@@ -59,9 +59,14 @@ src_prepare() {
 	# Don't build static version of Python module.
 	epatch "${FILESDIR}"/${PN}-2.1.3-python.patch
 
+	# glibc/kernel upstreams suck with both defining ia64_fpreg
+	# This patch is a horribly workaround that is only valid as long as you
+	# don't need the OTHER definitions in fpu.h.
+	epatch "${FILESDIR}"/${PN}-2.1.3-ia64-compile-fix.patch
+
 	# Python bindings are built/installed manually.
 	sed -e "/^SUBDIRS =/s/ python//" -i bindings/Makefile.am
-	sed -e "/^SUBDIRS =/s/ swig//" -i Makefile.am
+	sed -e "/^SUBDIRS .*=/s/ swig//" -i Makefile.am
 
 	# Regenerate autotooling
 	eautoreconf
@@ -122,12 +127,16 @@ src_install() {
 	docinto contrib/plugin
 	dodoc contrib/plugin/*
 
-	newinitd "${FILESDIR}"/auditd-init.d-2.2.1 auditd
+	newinitd "${FILESDIR}"/auditd-init.d-2.2.2 auditd
 	newconfd "${FILESDIR}"/auditd-conf.d-2.1.3 auditd
 
 	# things like shadow use this so we need to be in /
 	gen_usr_ldscript -a audit auparse
 
+	[ -f "${D}"/sbin/audisp-remote ] && \
+ 	mkdir -p "${D}"/usr/sbin && \
+	mv "${D}"/{sbin,usr/sbin}/audisp-remote || die
+
 	# remove RedHat garbage
 	rm -r "${D}"/etc/{rc.d,sysconfig} || die
 
@@ -146,9 +155,16 @@ src_install() {
 	use python && python_clean_installation_image
 }
 
+pkg_preinst() {
+	# Preserve from the audit-1 series
+	preserve_old_lib /$(get_libdir)/libau{dit,parse}.so.0
+}
+
 pkg_postinst() {
 	lockdown_perms "${ROOT}"
 	use python && python_mod_optimize audit.py
+	# Preserve from the audit-1 series
+	preserve_old_lib_notify /$(get_libdir)/libau{dit,parse}.so.0
 }
 
 pkg_postrm() {

diff --git a/sys-process/audit/files/audit-2.1.3-ia64-compile-fix.patch b/sys-process/audit/files/audit-2.1.3-ia64-compile-fix.patch
new file mode 100644
index 0000000..3ec60fb
--- /dev/null
+++ b/sys-process/audit/files/audit-2.1.3-ia64-compile-fix.patch
@@ -0,0 +1,212 @@
+diff -Nuar -X exclude audit-2.1.3.orig/configure.ac audit-2.1.3/configure.ac
+--- audit-2.1.3.orig/configure.ac	2011-08-15 17:30:58.000000000 +0000
++++ audit-2.1.3/configure.ac	2012-12-18 20:03:22.000000000 +0000
+@@ -79,6 +79,9 @@
+     esac
+ fi
+ 
++AC_CHECK_HEADER([asm/ptrace.h], [AC_DEFINE([HAVE_ASM_PTRACE_H],[],[Define to 1 if you have asm/ptrace.h])], [])
++AC_CHECK_HEADER([linux/ptrace.h], [AC_DEFINE([HAVE_LINUX_PTRACE_H],[],[Define to 1 if you have linux/ptrace.h])], [])
++
+ #gssapi
+ AC_ARG_ENABLE(gssapi_krb5,
+ 	[AS_HELP_STRING([--enable-gssapi-krb5],[Enable GSSAPI Kerberos 5 support @<:@default=no@:>@])],
+diff -Nuar -X exclude audit-2.1.3.orig/src/auditctl.c audit-2.1.3/src/auditctl.c
+--- audit-2.1.3.orig/src/auditctl.c	2011-08-15 17:31:00.000000000 +0000
++++ audit-2.1.3/src/auditctl.c	2012-12-18 20:21:21.000000000 +0000
+@@ -22,6 +22,7 @@
+  */
+ 
+ #include "config.h"
++#include "fixup.h"
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <string.h>	/* strdup needs xopen define */
+diff -Nuar -X exclude audit-2.1.3.orig/src/auditd-config.c audit-2.1.3/src/auditd-config.c
+--- audit-2.1.3.orig/src/auditd-config.c	2011-08-15 17:31:00.000000000 +0000
++++ audit-2.1.3/src/auditd-config.c	2012-12-18 20:21:23.000000000 +0000
+@@ -22,6 +22,7 @@
+  */
+ 
+ #include "config.h"
++#include "fixup.h"
+ #include <stdio.h>
+ #include <unistd.h>
+ #include <sys/stat.h>
+diff -Nuar -X exclude audit-2.1.3.orig/src/auditd-dispatch.c audit-2.1.3/src/auditd-dispatch.c
+--- audit-2.1.3.orig/src/auditd-dispatch.c	2011-08-15 17:31:00.000000000 +0000
++++ audit-2.1.3/src/auditd-dispatch.c	2012-12-18 20:21:27.000000000 +0000
+@@ -22,6 +22,7 @@
+  */
+ 
+ #include "config.h"
++#include "fixup.h"
+ #include <unistd.h>
+ #include <sys/uio.h>
+ #include <fcntl.h>
+diff -Nuar -X exclude audit-2.1.3.orig/src/auditd-event.c audit-2.1.3/src/auditd-event.c
+--- audit-2.1.3.orig/src/auditd-event.c	2011-08-15 17:31:00.000000000 +0000
++++ audit-2.1.3/src/auditd-event.c	2012-12-18 20:21:29.000000000 +0000
+@@ -22,6 +22,7 @@
+  */
+ 
+ #include "config.h"
++#include "fixup.h"
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <unistd.h>
+diff -Nuar -X exclude audit-2.1.3.orig/src/auditd-listen.c audit-2.1.3/src/auditd-listen.c
+--- audit-2.1.3.orig/src/auditd-listen.c	2011-08-15 17:31:00.000000000 +0000
++++ audit-2.1.3/src/auditd-listen.c	2012-12-18 20:21:31.000000000 +0000
+@@ -22,6 +22,7 @@
+  */
+ 
+ #include "config.h"
++#include "fixup.h"
+ #include <stdio.h>
+ #include <unistd.h>
+ #include <sys/stat.h>
+diff -Nuar -X exclude audit-2.1.3.orig/src/auditd-reconfig.c audit-2.1.3/src/auditd-reconfig.c
+--- audit-2.1.3.orig/src/auditd-reconfig.c	2011-08-15 17:31:00.000000000 +0000
++++ audit-2.1.3/src/auditd-reconfig.c	2012-12-18 20:21:33.000000000 +0000
+@@ -22,6 +22,7 @@
+  */
+ 
+ #include "config.h"
++#include "fixup.h"
+ #include <pthread.h>
+ #include <signal.h>
+ #include <stdlib.h>
+diff -Nuar -X exclude audit-2.1.3.orig/src/auditd-sendmail.c audit-2.1.3/src/auditd-sendmail.c
+--- audit-2.1.3.orig/src/auditd-sendmail.c	2011-08-15 17:31:00.000000000 +0000
++++ audit-2.1.3/src/auditd-sendmail.c	2012-12-18 20:21:34.000000000 +0000
+@@ -22,6 +22,7 @@
+  */
+ 
+ #include "config.h"
++#include "fixup.h"
+ #include <stdio.h>
+ #include <unistd.h>		// for access()
+ #include <string.h>
+diff -Nuar -X exclude audit-2.1.3.orig/src/auditd.c audit-2.1.3/src/auditd.c
+--- audit-2.1.3.orig/src/auditd.c	2011-08-15 17:31:00.000000000 +0000
++++ audit-2.1.3/src/auditd.c	2012-12-18 20:21:38.000000000 +0000
+@@ -22,6 +22,7 @@
+  */
+ 
+ #include "config.h"
++#include "fixup.h"
+ #include <stdio.h>
+ #include <sys/types.h>
+ #include <unistd.h>
+diff -Nuar -X exclude audit-2.1.3.orig/src/autrace.c audit-2.1.3/src/autrace.c
+--- audit-2.1.3.orig/src/autrace.c	2011-08-15 17:31:00.000000000 +0000
++++ audit-2.1.3/src/autrace.c	2012-12-18 20:21:43.000000000 +0000
+@@ -21,6 +21,7 @@
+  */
+ 
+ #include "config.h"
++#include "fixup.h"
+ #include <stdio.h>
+ #include <string.h>
+ #include <sys/wait.h>
+diff -Nuar -X exclude audit-2.1.3.orig/src/delete_all.c audit-2.1.3/src/delete_all.c
+--- audit-2.1.3.orig/src/delete_all.c	2011-08-15 17:31:00.000000000 +0000
++++ audit-2.1.3/src/delete_all.c	2012-12-18 20:21:48.000000000 +0000
+@@ -20,6 +20,7 @@
+  *      Steve Grubb <sgrubb@redhat.com>
+  */
+ #include "config.h"
++#include "fixup.h"
+ #include <stdio.h>
+ #include <string.h>
+ #include <errno.h>
+diff -Nuar -X exclude audit-2.1.3.orig/lib/fixup.h audit-2.1.3/lib/fixup.h
+--- audit-2.1.3.orig/lib/fixup.h	1970-01-01 00:00:00.000000000 +0000
++++ audit-2.1.3/lib/fixup.h	2012-12-18 20:21:02.000000000 +0000
+@@ -0,0 +1,17 @@
++#ifndef _AUDIT_IA64_FIXUP_H_
++#define _AUDIT_IA64_FIXUP_H_
++
++#ifdef __ia64__ /* what a pos */
++# include <linux/types.h>
++# define _ASM_IA64_FPU_H
++#endif
++#include <signal.h>
++/*
++#ifdef HAVE_ASM_PTRACE_H
++# include <asm/ptrace.h>
++#endif
++#ifdef HAVE_LINUX_PTRACE_H
++# include <linux/ptrace.h>
++#endif
++*/
++#endif
+--- audit-2.1.3/src/ausearch.c	2012-12-22 03:09:54.000000000 +0000
++++ audit-2.1.3/src/ausearch.c	2012-12-22 03:10:02.000000000 +0000
+@@ -22,6 +22,7 @@
+  */
+ 
+ #include "config.h"
++#include "fixup.h"
+ #include <stdio.h>
+ #include <stdio_ext.h>
+ #include <string.h>
+diff -Nuar audit-2.1.3.orig/audisp/audispd.c audit-2.1.3/audisp/audispd.c
+--- audit-2.1.3.orig/audisp/audispd.c	2011-08-15 17:30:59.000000000 +0000
++++ audit-2.1.3/audisp/audispd.c	2012-12-22 03:25:15.000000000 +0000
+@@ -21,6 +21,7 @@
+  */
+ 
+ #include "config.h"
++#include "fixup.h"
+ #include <stdio.h>
+ #include <unistd.h>
+ #include <stdlib.h>
+diff -Nuar audit-2.1.3.orig/audisp/plugins/prelude/audisp-prelude.c audit-2.1.3/audisp/plugins/prelude/audisp-prelude.c
+--- audit-2.1.3.orig/audisp/plugins/prelude/audisp-prelude.c	2011-08-15 17:30:59.000000000 +0000
++++ audit-2.1.3/audisp/plugins/prelude/audisp-prelude.c	2012-12-22 03:25:20.000000000 +0000
+@@ -21,6 +21,8 @@
+  *
+  */
+ 
++#include "config.h"
++#include "fixup.h"
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <signal.h>
+diff -Nuar audit-2.1.3.orig/audisp/plugins/remote/audisp-remote.c audit-2.1.3/audisp/plugins/remote/audisp-remote.c
+--- audit-2.1.3.orig/audisp/plugins/remote/audisp-remote.c	2011-08-15 17:30:59.000000000 +0000
++++ audit-2.1.3/audisp/plugins/remote/audisp-remote.c	2012-12-22 03:25:22.000000000 +0000
+@@ -22,6 +22,7 @@
+  */
+ 
+ #include "config.h"
++#include "fixup.h"
+ #include <stdio.h>
+ #include <signal.h>
+ #include <syslog.h>
+diff -Nuar audit-2.1.3.orig/contrib/plugin/audisp-example.c audit-2.1.3/contrib/plugin/audisp-example.c
+--- audit-2.1.3.orig/contrib/plugin/audisp-example.c	2011-08-15 17:31:02.000000000 +0000
++++ audit-2.1.3/contrib/plugin/audisp-example.c	2012-12-22 03:25:27.000000000 +0000
+@@ -37,6 +37,8 @@
+  */
+ 
+ #define _GNU_SOURCE
++#include "config.h"
++#include "fixup.h"
+ #include <stdio.h>
+ #include <signal.h>
+ #include <string.h>
+diff -Nuar audit-2.1.3.orig/contrib/skeleton.c audit-2.1.3/contrib/skeleton.c
+--- audit-2.1.3.orig/contrib/skeleton.c	2011-08-15 17:31:02.000000000 +0000
++++ audit-2.1.3/contrib/skeleton.c	2012-12-22 03:25:40.000000000 +0000
+@@ -7,6 +7,8 @@
+  * gcc skeleton.c -o skeleton -laudit
+  */
+ 
++#include "config.h"
++#include "fixup.h"
+ #include <stdio.h>
+ #include <sys/types.h>
+ #include <sys/uio.h>

diff --git a/sys-process/audit/files/auditd-init.d-2.2.1 b/sys-process/audit/files/auditd-init.d-2.2.2
similarity index 78%
rename from sys-process/audit/files/auditd-init.d-2.2.1
rename to sys-process/audit/files/auditd-init.d-2.2.2
index 5823181..0b10dd9 100644
--- a/sys-process/audit/files/auditd-init.d-2.2.1
+++ b/sys-process/audit/files/auditd-init.d-2.2.2
@@ -10,23 +10,23 @@ description_reload_rules='Reload daemon rules'
 description_reload_auditd='Reload daemon configuration'
 
 name='auditd'
-pidfile='/var/run/auditd.pid'
+pidfile='/run/auditd.pid'
 command='/sbin/auditd'
 
 start_auditd() {
 	# Env handling taken from the upstream init script
-	if [ -z "$AUDITD_LANG" -o "$AUDITD_LANG" = "none" -o "$AUDITD_LANG" = "NONE" ]; then
-		unset LANG LC_TIME LC_ALL LC_MESSAGES LC_NUMERIC LC_MONETARY LC_COLLATE
-	else
-		LANG="$AUDITD_LANG"
-		LC_TIME="$AUDITD_LANG"
-		LC_ALL="$AUDITD_LANG"
-		LC_MESSAGES="$AUDITD_LANG"
-		LC_NUMERIC="$AUDITD_LANG"
-		LC_MONETARY="$AUDITD_LANG"
-		LC_COLLATE="$AUDITD_LANG"
-		export LANG LC_TIME LC_ALL LC_MESSAGES LC_NUMERIC LC_MONETARY LC_COLLATE
-	fi
+    if [ -z "$AUDITD_LANG" -o "$AUDITD_LANG" = "none" -o "$AUDITD_LANG" = "NONE" ]; then
+        unset LANG LC_TIME LC_ALL LC_MESSAGES LC_NUMERIC LC_MONETARY LC_COLLATE
+    else
+        LANG="$AUDITD_LANG"
+        LC_TIME="$AUDITD_LANG"
+        LC_ALL="$AUDITD_LANG"
+        LC_MESSAGES="$AUDITD_LANG"
+        LC_NUMERIC="$AUDITD_LANG"
+        LC_MONETARY="$AUDITD_LANG"
+        LC_COLLATE="$AUDITD_LANG"
+        export LANG LC_TIME LC_ALL LC_MESSAGES LC_NUMERIC LC_MONETARY LC_COLLATE
+    fi  
 	unset HOME MAIL USER USERNAME
 
 	ebegin "Starting ${name}"

[gentoo-commits] dev/anarchy:master commit in: sys-process/audit/files/, sys-process/audit/

[Jory Pratt]

commit:     912a8f03efe89c761f920312b3d193ae127a32c0
Author:     Jory A. Pratt <anarchy <AT> gentoo <DOT> org>
AuthorDate: Mon Jul 23 14:49:37 2012 +0000
Commit:     Jory Pratt <anarchy <AT> gentoo <DOT> org>
CommitDate: Mon Jul 23 14:49:37 2012 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=dev/anarchy.git;a=commit;h=912a8f03

Add sys-process/audit-2.2.1 support

---
 sys-process/audit/Manifest                       |    8 +
 sys-process/audit/audit-2.2.1.ebuild             |  164 ++++++++++++++++++++++
 sys-process/audit/files/audit-2.1.3-python.patch |   24 +++
 sys-process/audit/files/audit.rules-2.1.3        |   26 ++++
 sys-process/audit/files/audit.rules.stop.post    |   13 ++
 sys-process/audit/files/audit.rules.stop.pre     |   16 ++
 sys-process/audit/files/auditd-conf.d-2.1.3      |   23 +++
 sys-process/audit/files/auditd-init.d-2.2.1      |  100 +++++++++++++
 8 files changed, 374 insertions(+), 0 deletions(-)

diff --git a/sys-process/audit/Manifest b/sys-process/audit/Manifest
new file mode 100644
index 0000000..f088356
--- /dev/null
+++ b/sys-process/audit/Manifest
@@ -0,0 +1,8 @@
+AUX audit-2.1.3-python.patch 1353 SHA256 de214516fc107d8bfb19fcaf39d87776d9655a153e8e8b993a725f34dbe91ce5 SHA512 01e071c4219e1ea186207be883e08811021465cf18cdc2d18dcd1c61be372f2061b7f18f104dfb21ae94d363153f81133e768ddac8953703198bcda257f827eb WHIRLPOOL 4555e5b2f00a7470bb52a0813fcadf85e334f181f68414011629e95b7143bc07c83e94aa814bd4b6fc91a3add1b18444d97b24ecb7590e1884d663cf9bcf6203
+AUX audit.rules-2.1.3 1126 SHA256 8bf7f9cac7d2a47d3ff51d2a2b227588820831b5ef7c2e3d058b097d4d65eeb0 SHA512 be4a064ab9b9edfc02df3c2d3a29c4e8ffd031ce10adcf274a548ecd414b95b2aeebc54cf5aef9c04dcc121adea7b8fe63b7d153cd80f552e5f0605459a83901 WHIRLPOOL 7295ba3bc78394f4882f24fa8f3acd62fbd08543e618a260a308b2b8b350ced41d7fa9ce19a791fb0bb879a09dd4153a6e869f64ab927c7d4e2683e5f47b36d5
+AUX audit.rules.stop.post 573 SHA256 4c2e0be1a63b6800396e31153a899d4e3f2db1cee41b4dd271064dc97521edfe SHA512 a2cb699892aef006b102613b3b96ea24533437cd0927933f5520cccf28a088beef74a0ffcc74d402d4a4882fac2e59714ff537e310990956a6f56aacacaf13fd WHIRLPOOL bc13f844437980cd7d0ee4e8a1f0ad6a5e1ec1be8cd5159adb761c1f64c99f73dff6541a265e1b06fbce53988714ffbb2b0b61f91eb1fcbf081fbdeb30e8148d
+AUX audit.rules.stop.pre 547 SHA256 ec2c402d3d2b886c680259145696ad46c451dd1aed533906fdac69e30123c35f SHA512 8f0746b215a6ef1207beea2f3f73d536cfc0df58bfa55362c27c8b7ba56bf23eba2ebcf897f68b65b998c9fb090ea5d21b1d5dabc05cf0ac6e07c83f8459792d WHIRLPOOL a0563754ab170d22e78a2148afb006c55a243c809e8349a84cdafc7120446c4659bb5525338c5765a95f565ec61802cd91c308686cef3707a098bf78ab3f7ac9
+AUX auditd-conf.d-2.1.3 853 SHA256 f64186229238dd589b1fa5f72503000628b8f4f6655bdc3105b2fdbb17f6458f SHA512 3a47f7e091dc60f563d9be0027a4d1723485e7235178ffef544d39dd69de98a6283537a5649f9e2e5703a43202f77c7ff26608a653ad9d283f04bb2058fe1f45 WHIRLPOOL 29d16ead845aff5f9aac396697af2d7dd80ab39fa70fa35cc41187e9a9b43dddc0c0fdd469ffdf66a72ec1602b4faedde8158d911e95025701514c024fc6e3d9
+AUX auditd-init.d-2.2.1 2349 SHA256 2bb5bdab536d7a0e7741fc9c9ca75d12ab1f884c20ad9bbf544371ea63ee6a7f SHA512 dbb856f9d1e3ff0686e0f37613cbbfc980637afa8057db233ea4d13938ac03d71083dbaf04addab44669b7b452bc9561287cb815e2a21f83af13e2c9235dc148 WHIRLPOOL 3fb2ff0a7777ed147e0ae6c63fca074b0037a3cab6f4b3334b4a953eff2470676b9b876f0cb967666173a21edbe8327e8fe0826909c70aac2991623ee213fd84
+DIST audit-2.2.1.tar.gz 877202 SHA256 9865ca89f5b975ccf25441ddf45a874448f2bba944005aa8cd5e3c3148713a63 SHA512 e9a368529e28c87a37bfb16244a9e5c420c3e6830b47077465856a59069a26dc2d2cb77b63c9b3101d6c15a4906ca96b4f41300d6deaf4f5b02bc360c044168c WHIRLPOOL 93afdb2c846589731289321f38cc7b4027d138009fe5dbcbf77dcfbc25821400114168b1e72f735a2f2df1ab4fd7b04e58eab2529ca7596501c1b9551b558b38
+EBUILD audit-2.2.1.ebuild 4093 SHA256 bf7a8463c050728f62d05b9995a152155dabb0d090c9d15c2195a8fbdac185bd SHA512 0ffe4d7a7bad6f0654c7c6302faff5fd25131a10389f6c180de54bbcad087b367896aa83f2be1ede887f2b6bb56f1b3a83bfe2cd1d91fdf36ef2bf8d7e2a42ec WHIRLPOOL 70d142d629423f6bb367be5584c190e96a41f493e7309971e8395664afcf74f074453fe99e270de953d2140609f8de489a84a4fc749b19a622c5093f1c139987

diff --git a/sys-process/audit/audit-2.2.1.ebuild b/sys-process/audit/audit-2.2.1.ebuild
new file mode 100644
index 0000000..b2e406d
--- /dev/null
+++ b/sys-process/audit/audit-2.2.1.ebuild
@@ -0,0 +1,164 @@
+# Copyright 1999-2012 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-process/audit/audit-2.1.3-r1.ebuild,v 1.8 2012/07/03 19:48:08 jer Exp $
+
+EAPI="3"
+PYTHON_DEPEND="python? 2"
+SUPPORT_PYTHON_ABIS="1"
+RESTRICT_PYTHON_ABIS="3.* *-jython 2.7-pypy-*"
+
+inherit autotools multilib toolchain-funcs python linux-info eutils
+
+DESCRIPTION="Userspace utilities for storing and processing auditing records"
+HOMEPAGE="http://people.redhat.com/sgrubb/audit/"
+SRC_URI="http://people.redhat.com/sgrubb/audit/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha amd64 hppa ~ia64 ~mips ppc ~ppc64 ~sparc x86"
+IUSE="ldap prelude python"
+# Testcases are pretty useless as they are built for RedHat users/groups and
+# kernels.
+RESTRICT="test"
+
+RDEPEND="ldap? ( net-nds/openldap )
+		 prelude? ( dev-libs/libprelude )
+		 sys-libs/libcap-ng"
+DEPEND="${RDEPEND}
+	python? ( dev-lang/swig )
+	>=sys-kernel/linux-headers-2.6.34"
+# Do not use os-headers as this is linux specific
+
+CONFIG_CHECK="~AUDIT"
+PYTHON_DIRS="bindings/python swig"
+
+pkg_setup() {
+	linux-info_pkg_setup
+	use python && python_pkg_setup
+}
+
+src_prepare() {
+	# Do not build GUI tools
+	sed -i \
+		-e '/AC_CONFIG_SUBDIRS.*system-config-audit/d' \
+		"${S}"/configure.ac || die
+	sed -i \
+		-e 's,system-config-audit,,g' \
+		"${S}"/Makefile.am || die
+	rm -rf "${S}"/system-config-audit
+
+	if ! use ldap; then
+		sed -i \
+			-e '/^AC_OUTPUT/s,audisp/plugins/zos-remote/Makefile,,g' \
+			"${S}"/configure.ac || die
+		sed -i \
+			-e '/^SUBDIRS/s,zos-remote,,g' \
+			"${S}"/audisp/plugins/Makefile.am || die
+	fi
+
+	# Don't build static version of Python module.
+	epatch "${FILESDIR}"/${PN}-2.1.3-python.patch
+
+	# Python bindings are built/installed manually.
+	sed -e "/^SUBDIRS =/s/ python//" -i bindings/Makefile.am
+	sed -e "/^SUBDIRS =/s/ swig//" -i Makefile.am
+
+	# Regenerate autotooling
+	eautoreconf
+
+	# Disable byte-compilation of Python modules.
+	echo "#!/bin/sh" > py-compile
+
+	# Bug 352198: Avoid parallel build fail
+	cd "${S}"/src/mt
+	[[ ! -s private.h ]] && ln -s ../../lib/private.h .
+}
+
+src_configure() {
+	#append-flags -D'__attribute__(x)='
+	econf --sbindir=/sbin $(use_with prelude)
+}
+
+src_compile_python() {
+	python_copy_sources ${PYTHON_DIRS}
+
+	building() {
+		emake \
+			PYTHON_VERSION="$(python_get_version)" \
+			pyexecdir="$(python_get_sitedir)"
+	}
+	local dir
+	for dir in ${PYTHON_DIRS}; do
+		python_execute_function -s --source-dir ${dir} building
+	done
+}
+
+src_compile() {
+	default
+	use python && src_compile_python
+}
+
+src_install_python() {
+	installation() {
+		emake \
+			DESTDIR="${D}" \
+			PYTHON_VERSION="$(python_get_version)" \
+			pyexecdir="$(python_get_sitedir)" \
+			install
+	}
+	local dir
+	for dir in ${PYTHON_DIRS}; do
+		python_execute_function -s --source-dir ${dir} installation
+	done
+}
+
+src_install() {
+	emake DESTDIR="${D}" install || die
+	use python && src_install_python
+
+	dodoc AUTHORS ChangeLog README* THANKS TODO
+	docinto contrib
+	dodoc contrib/{*.rules,avc_snap,skeleton.c}
+	docinto contrib/plugin
+	dodoc contrib/plugin/*
+
+	newinitd "${FILESDIR}"/auditd-init.d-2.2.1 auditd
+	newconfd "${FILESDIR}"/auditd-conf.d-2.1.3 auditd
+
+	# things like shadow use this so we need to be in /
+	gen_usr_ldscript -a audit auparse
+
+	# remove RedHat garbage
+	rm -r "${D}"/etc/{rc.d,sysconfig} || die
+
+	# Gentoo rules
+	insinto /etc/audit/
+	newins "${FILESDIR}"/audit.rules-2.1.3 audit.rules
+	doins "${FILESDIR}"/audit.rules.stop*
+
+	# audit logs go here
+	keepdir /var/log/audit/
+
+	# Security
+	lockdown_perms "${D}"
+
+	# Don't install .la files in Python directories.
+	use python && python_clean_installation_image
+}
+
+pkg_postinst() {
+	lockdown_perms "${ROOT}"
+	use python && python_mod_optimize audit.py
+}
+
+pkg_postrm() {
+	use python && python_mod_cleanup audit.py
+}
+
+lockdown_perms() {
+	# upstream wants these to have restrictive perms
+	basedir="$1"
+	chmod 0750 "${basedir}"/sbin/au{ditctl,report,dispd,ditd,search,trace} 2>/dev/null
+	chmod 0750 "${basedir}"/var/log/audit/ 2>/dev/null
+	chmod 0640 "${basedir}"/etc/{audit/,}{auditd.conf,audit.rules*} 2>/dev/null
+}

diff --git a/sys-process/audit/files/audit-2.1.3-python.patch b/sys-process/audit/files/audit-2.1.3-python.patch
new file mode 100644
index 0000000..a9feec1
--- /dev/null
+++ b/sys-process/audit/files/audit-2.1.3-python.patch
@@ -0,0 +1,24 @@
+diff -Nuar --exclude '*.orig' audit-2.1.3.orig/bindings/python/Makefile.am audit-2.1.3/bindings/python/Makefile.am
+--- audit-2.1.3.orig/bindings/python/Makefile.am	2011-08-15 17:31:01.000000000 +0000
++++ audit-2.1.3/bindings/python/Makefile.am	2011-09-10 19:01:36.974983756 +0000
+@@ -27,5 +27,6 @@
+ 
+ auparse_la_SOURCES = auparse_python.c
+ auparse_la_CPPFLAGS = -I$(top_srcdir)/auparse $(AM_CPPFLAGS) -I/usr/include/python$(PYTHON_VERSION) -fno-strict-aliasing
+-auparse_la_LDFLAGS = -module -avoid-version -Wl,-z,relro
++auparse_la_CFLAGS = -shared
++auparse_la_LDFLAGS = -module -avoid-version -shared -Wl,-z,relro
+ auparse_la_LIBADD = ../../auparse/libauparse.la ../../lib/libaudit.la
+diff -Nuar --exclude '*.orig' audit-2.1.3.orig/swig/Makefile.am audit-2.1.3/swig/Makefile.am
+--- audit-2.1.3.orig/swig/Makefile.am	2011-08-15 17:31:03.000000000 +0000
++++ audit-2.1.3/swig/Makefile.am	2011-09-10 19:02:14.095067690 +0000
+@@ -28,7 +28,8 @@
+ pyexec_PYTHON = audit.py
+ pyexec_LTLIBRARIES = _audit.la
+ pyexec_SOLIBRARIES = _audit.so
+-_audit_la_LDFLAGS = -module -avoid-version -Wl,-z,relro
++_audit_la_CFLAGS = -shared
++_audit_la_LDFLAGS = -module -avoid-version -shared -Wl,-z,relro
+ _audit_la_HEADERS: $(top_builddir)/config.h 
+ _audit_la_DEPENDENCIES =${top_srcdir}/lib/libaudit.h ${top_builddir}/lib/libaudit.la
+ nodist__audit_la_SOURCES  = audit_wrap.c

diff --git a/sys-process/audit/files/audit.rules-2.1.3 b/sys-process/audit/files/audit.rules-2.1.3
new file mode 100644
index 0000000..b2b4f02
--- /dev/null
+++ b/sys-process/audit/files/audit.rules-2.1.3
@@ -0,0 +1,26 @@
+# Copyright 1999-2011 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-process/audit/files/audit.rules-2.1.3,v 1.1 2011/09/11 02:58:55 robbat2 Exp $
+#
+# This file contains the auditctl rules that are loaded
+# whenever the audit daemon is started via the initscripts.
+# The rules are simply the parameters that would be passed
+# to auditctl.
+
+# First rule - delete all
+# This is to clear out old rules, so we don't append to them.
+-D
+
+# Feel free to add below this line. See auditctl man page
+
+# The following rule would cause all of the syscalls listed to be ignored in logging.
+-a exit,never -F arch=b32 -S read -S write -S open -S fstat -S mmap -S brk -S munmap -S nanosleep -S fcntl -S close -S dup2 -S rt_sigaction -S stat
+-a exit,never -F arch=b64 -S read -S write -S open -S fstat -S mmap -S brk -S munmap -S nanosleep -S fcntl -S close -S dup2 -S rt_sigaction -S stat
+
+# The following rule would cause the capture of all systems not caught above.
+# -a exit,always -S all
+
+# Increase the buffers to survive stress events
+-b 8192
+
+# vim:ft=conf:

diff --git a/sys-process/audit/files/audit.rules.stop.post b/sys-process/audit/files/audit.rules.stop.post
new file mode 100644
index 0000000..34db08c
--- /dev/null
+++ b/sys-process/audit/files/audit.rules.stop.post
@@ -0,0 +1,13 @@
+# Copyright 1999-2005 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-process/audit/files/audit.rules.stop.post,v 1.1 2006/06/22 07:41:46 robbat2 Exp $
+#
+# This file contains the auditctl rules that are loaded immediately after the
+# audit deamon is stopped via the initscripts.
+# The rules are simply the parameters that would be passed
+# to auditctl.
+
+# Not used for the default Gentoo configuration as of v1.2.3
+# Paranoid security types might wish to reconfigure kauditd here.
+
+# vim:ft=conf:

diff --git a/sys-process/audit/files/audit.rules.stop.pre b/sys-process/audit/files/audit.rules.stop.pre
new file mode 100644
index 0000000..c5fb4f9
--- /dev/null
+++ b/sys-process/audit/files/audit.rules.stop.pre
@@ -0,0 +1,16 @@
+# Copyright 1999-2011 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-process/audit/files/audit.rules.stop.pre,v 1.2 2011/09/11 02:58:55 robbat2 Exp $
+#
+# This file contains the auditctl rules that are loaded immediately before the
+# audit deamon is stopped via the initscripts.
+# The rules are simply the parameters that would be passed
+# to auditctl.
+
+# auditd is stopping, don't capture events anymore
+-D
+
+# Disable kernel generating audit events
+-e 0
+
+# vim:ft=conf:

diff --git a/sys-process/audit/files/auditd-conf.d-2.1.3 b/sys-process/audit/files/auditd-conf.d-2.1.3
new file mode 100644
index 0000000..b5f389e
--- /dev/null
+++ b/sys-process/audit/files/auditd-conf.d-2.1.3
@@ -0,0 +1,23 @@
+# Copyright 1999-2011 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-process/audit/files/auditd-conf.d-2.1.3,v 1.1 2011/09/11 02:58:55 robbat2 Exp $
+
+# Configuration options for auditd
+# -f for foreground mode
+# There are some other options as well, but you'll have to look in the source
+# code to find them as they aren't ready for use yet.
+EXTRAOPTIONS=''
+
+# Audit rules file to run after starting auditd
+RULEFILE_STARTUP=/etc/audit/audit.rules
+
+# Audit rules file to run before and after stopping auditd
+RULEFILE_STOP_PRE=/etc/audit/audit.rules.stop.pre
+RULEFILE_STOP_POST=/etc/audit/audit.rules.stop.post
+
+# If you want to enforce a certain locale for auditd, 
+# uncomment one of the next lines:
+#AUDITD_LANG=none
+AUDITD_LANG=C
+#AUDITD_LANG=en_US
+#AUDITD_LANG=en_US.UTF-8

diff --git a/sys-process/audit/files/auditd-init.d-2.2.1 b/sys-process/audit/files/auditd-init.d-2.2.1
new file mode 100644
index 0000000..5823181
--- /dev/null
+++ b/sys-process/audit/files/auditd-init.d-2.2.1
@@ -0,0 +1,100 @@
+#!/sbin/runscript
+# Copyright 1999-2011 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-process/audit/files/auditd-init.d-2.1.3,v 1.1 2011/09/11 02:58:55 robbat2 Exp $
+
+extra_started_commands='reload reload_auditd reload_rules'
+description='Linux Auditing System'
+description_reload='Reload daemon configuration and rules'
+description_reload_rules='Reload daemon rules'
+description_reload_auditd='Reload daemon configuration'
+
+name='auditd'
+pidfile='/var/run/auditd.pid'
+command='/sbin/auditd'
+
+start_auditd() {
+	# Env handling taken from the upstream init script
+	if [ -z "$AUDITD_LANG" -o "$AUDITD_LANG" = "none" -o "$AUDITD_LANG" = "NONE" ]; then
+		unset LANG LC_TIME LC_ALL LC_MESSAGES LC_NUMERIC LC_MONETARY LC_COLLATE
+	else
+		LANG="$AUDITD_LANG"
+		LC_TIME="$AUDITD_LANG"
+		LC_ALL="$AUDITD_LANG"
+		LC_MESSAGES="$AUDITD_LANG"
+		LC_NUMERIC="$AUDITD_LANG"
+		LC_MONETARY="$AUDITD_LANG"
+		LC_COLLATE="$AUDITD_LANG"
+		export LANG LC_TIME LC_ALL LC_MESSAGES LC_NUMERIC LC_MONETARY LC_COLLATE
+	fi
+	unset HOME MAIL USER USERNAME
+
+	ebegin "Starting ${name}"
+	start-stop-daemon \
+		--start --quiet --pidfile ${pidfile} \
+		--exec ${command} -- ${EXTRAOPTIONS}
+	local ret=$?
+	eend $ret
+	return $ret
+}
+
+stop_auditd() {	
+	ebegin "Stopping ${name}"
+	start-stop-daemon --stop --quiet --pidfile ${pidfile}
+	local ret=$?
+	eend $ret
+	return $ret
+}
+
+
+loadfile() {
+	local rules="$1"
+	if [ -n "${rules}" -a -f "${rules}" ]; then
+		einfo "Loading audit rules from ${rules}"
+		/sbin/auditctl -R "${rules}" 1>/dev/null
+		return $?
+	else
+		return 0
+	fi
+}
+
+start() {
+	start_auditd
+	local ret=$?
+	if [ $ret -eq 0 -a "${RC_CMD}" != "restart" ]; then
+		if [ ! -d "/run/lock/subsys" ]; then
+			mkdir -p /run/lock/subsys
+		fi
+		touch /run/lock/subsys/${name}
+		loadfile "${RULEFILE_STARTUP}"
+	fi
+	return $ret
+}
+
+reload_rules() {
+	loadfile "${RULEFILE_STARTUP}"
+}
+
+reload_auditd() {
+	[ -f ${pidfile} ] && kill -HUP `cat ${pidfile}`
+}
+
+reload() {
+	reload_auditd
+	reload_rules
+}
+
+stop() {
+	[ "${RC_CMD}" != "restart" ] && loadfile "${RULEFILE_STOP_PRE}"
+	stop_auditd
+	rm -f /var/lock/subsys/${name}
+	local ret=$?
+	[ "${RC_CMD}" != "restart" ] && loadfile "${RULEFILE_STOP_POST}"
+	return $ret
+}
+
+# This is a special case, we do not want to touch the rules at all
+restart() {
+	stop_auditd
+	start_auditd
+}

[gentoo-commits] dev/anarchy:master commit in: sys-process/audit/files/, sys-process/audit/

[Jory Pratt]

commit:     16f725a14336246eae50efed42123803e206cd71
Author:     Jory A. Pratt <anarchy <AT> gentoo <DOT> org>
AuthorDate: Sun Apr 10 14:02:35 2011 +0000
Commit:     Jory Pratt <anarchy <AT> gentoo <DOT> org>
CommitDate: Sun Apr 10 14:02:35 2011 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=dev/anarchy.git;a=commit;h=16f725a1

Fix support for gcc-4.6

---
 sys-process/audit/Manifest                         |   10 ++
 sys-process/audit/audit-1.7.4.ebuild               |  135 ++++++++++++++++++++
 .../audit/files/audit-1.6.8-subdirs-fix.patch      |   12 ++
 sys-process/audit/files/audit-1.7.4-glibc212.patch |   13 ++
 sys-process/audit/files/audit-1.7.4-python.patch   |   12 ++
 sys-process/audit/files/audit.rules                |   25 ++++
 sys-process/audit/files/audit.rules.stop.post      |   13 ++
 sys-process/audit/files/audit.rules.stop.pre       |   13 ++
 sys-process/audit/files/auditd-conf.d-1.2.3        |   16 +++
 sys-process/audit/files/auditd-init.d-1.2.3        |   58 +++++++++
 10 files changed, 307 insertions(+), 0 deletions(-)

diff --git a/sys-process/audit/Manifest b/sys-process/audit/Manifest
new file mode 100644
index 0000000..8d4d4cf
--- /dev/null
+++ b/sys-process/audit/Manifest
@@ -0,0 +1,10 @@
+AUX audit-1.6.8-subdirs-fix.patch 548 RMD160 e17fef17c9f5d19a19ec912e9e693080436af938 SHA1 efe094b98380a34d840910f8a0375c21c8fb052b SHA256 26b3ce2f56ce792924be534a43e4c455b9067898642419a1411c4048f1da6c47
+AUX audit-1.7.4-glibc212.patch 316 RMD160 55963c994f336a04b975b019573721d809ab52a4 SHA1 6fbcf866ae273e7f5542cd68ddfd389f68068837 SHA256 248eaa9e69ab50d766a05bf4ba26efbee84396fb34e321d562dc47a7a95f4e28
+AUX audit-1.7.4-python.patch 456 RMD160 b370a77902853dd2280cffe452a33969adb3a360 SHA1 11e25141cfcdc81becd9c95fea14e04be5a0db74 SHA256 c457c9f35956ebdb960bbf9288bf2c0acfaf224a87a0ec7d243d1566e783f018
+AUX audit.rules 997 RMD160 bfa56758dd5f2caa8835f8d01a465124f4591c69 SHA1 f487461c83c6a732ebbe2c9811911550c92468ec SHA256 adc4779fd55919ca32b2de0d955779b7950a159c449a46ea7c0c6654a9049ee9
+AUX audit.rules.stop.post 573 RMD160 2e6503fc7ee07c4c1e58fb9ddf4b13eec6d95044 SHA1 4ef80c15f2792f17c1764eb2e21654ede46e482d SHA256 4c2e0be1a63b6800396e31153a899d4e3f2db1cee41b4dd271064dc97521edfe
+AUX audit.rules.stop.pre 500 RMD160 6b56a9522e140b48b7f7e67570596ba298a51dc7 SHA1 032921fc3ee730139b39f019b0268a2f1b1962ad SHA256 044cf06cea49f9d38ea114eb16b0a1428465fa2158aea713ef92e67e07e13c48
+AUX auditd-conf.d-1.2.3 686 RMD160 7963d2ac1ec7878db5fc29b6512742ceb0bc2ef5 SHA1 95f171317014f6e2435186953ad21d68a7f3f471 SHA256 5e0ffdc1c446bb906d25c977b0e9adb813610a15dc4d60b52d25026816adb602
+AUX auditd-init.d-1.2.3 1136 RMD160 ceddd2ce12be248183722b59240d662f507a16eb SHA1 f6fa0da5640bfa234219ebd3304d9f343c97371c SHA256 fd5e01b4aa83d848a2e97832b0ff0610610b7857ec7f0201f0f7cbeff8eec725
+DIST audit-1.7.4.tar.gz 840298 RMD160 08d57fc039021f05763920603c435747fe51c954 SHA1 5348fc1f310fd8eb068480c6b6d61e3c24c58207 SHA256 db5412852aa36ee25eb174e4f4a4676cc2d0b93cbe41a740eebf903b49b4d593
+EBUILD audit-1.7.4.ebuild 3544 RMD160 5999a689762575300ebeb8e5dfc464c643747b4d SHA1 a6e470f1d433d4f84bedae4e733e3e472474c230 SHA256 f3d1a18fa2b24d38a7db4e2789cb635476531ce6a31ccc0957a8924902a48591

diff --git a/sys-process/audit/audit-1.7.4.ebuild b/sys-process/audit/audit-1.7.4.ebuild
new file mode 100644
index 0000000..23f6d5a
--- /dev/null
+++ b/sys-process/audit/audit-1.7.4.ebuild
@@ -0,0 +1,135 @@
+# Copyright 1999-2011 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-process/audit/audit-1.7.4.ebuild,v 1.7 2011/04/04 23:02:19 jer Exp $
+
+EAPI="3"
+PYTHON_DEPEND="2"
+
+inherit autotools multilib toolchain-funcs python
+
+DESCRIPTION="Userspace utilities for storing and processing auditing records"
+HOMEPAGE="http://people.redhat.com/sgrubb/audit/"
+SRC_URI="http://people.redhat.com/sgrubb/audit/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha amd64 hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86"
+IUSE="ldap"
+# Testcases are pretty useless as they are built for RedHat users/groups and
+# kernels.
+RESTRICT="test"
+
+RDEPEND="ldap? ( net-nds/openldap )"
+DEPEND="${RDEPEND}
+	dev-lang/swig
+	>=sys-kernel/linux-headers-2.6.23"
+# Do not use os-headers as this is linux specific
+
+pkg_setup() {
+	python_set_active_version 2
+	python_pkg_setup
+}
+
+src_prepare() {
+	# Old patch applies fine
+	#EPATCH_OPTS="-p0 -d${S}" epatch "${FILESDIR}"/${PN}-1.5.4-build.patch
+
+	# Applied by upstream
+	#EPATCH_OPTS="-p1 -d${S}" epatch "${FILESDIR}"/${PN}-1.5.4-swig-gcc-attribute.patch
+
+	# Do not build GUI tools
+	sed -i \
+		-e '/AC_CONFIG_SUBDIRS.*system-config-audit/d' \
+		"${S}"/configure.ac
+	sed -i \
+		-e 's,system-config-audit,,g' \
+		-e '/^SUBDIRS/s,\\$,,g' \
+		"${S}"/Makefile.am
+	rm -rf "${S}"/system-config-audit
+
+	# Probably goes away in 1.6.9
+	EPATCH_OPTS="-p1 -d${S}" epatch "${FILESDIR}"/audit-1.6.8-subdirs-fix.patch
+
+	if ! use ldap; then
+		sed -i \
+			-e '/^AC_OUTPUT/s,audisp/plugins/zos-remote/Makefile,,g' \
+			"${S}"/configure.ac
+		sed -i \
+			-e '/^SUBDIRS/s,zos-remote,,g' \
+			"${S}"/audisp/plugins/Makefile.am
+	fi
+
+	epatch "${FILESDIR}"/${P}-glibc212.patch
+
+	# Don't build static version of Python module.
+	epatch "${FILESDIR}"/${P}-python.patch
+
+	# Regenerate autotooling
+	eautoreconf
+
+	# Bug #362037 Fix compilation with gcc-4.6.0
+	sed -i -e "s:mode_t:rmode_t:" ${S}/audisp/plugins/remote/remote-config.h ||
+		die "Failed to correct use of mode_t"
+
+	# Disable byte-compilation of Python modules.
+	echo "#!/bin/sh" > py-compile
+
+	# Bug 352198: Avoid parallel build fail
+	cd "${S}"/src/mt
+	[[ ! -s private.h ]] && ln -s ../../lib/private.h .
+}
+
+src_configure() {
+	#append-flags -D'__attribute__(x)='
+	econf --sbindir=/sbin --without-prelude
+}
+
+src_install() {
+	emake DESTDIR="${D}" install || die "emake install failed"
+	dodoc AUTHORS ChangeLog README* THANKS TODO
+	docinto contrib
+	dodoc contrib/*
+	docinto contrib/plugin
+	dodoc contrib/plugin/*
+
+	newinitd "${FILESDIR}"/auditd-init.d-1.2.3 auditd
+	newconfd "${FILESDIR}"/auditd-conf.d-1.2.3 auditd
+
+	# things like shadow use this so we need to be in /
+	dodir /$(get_libdir)
+	mv "${D}"/usr/$(get_libdir)/lib*.so* "${D}"/$(get_libdir)/ || die
+	gen_usr_ldscript libaudit.so libauparse.so
+
+	# remove RedHat garbage
+	rm -r "${D}"/etc/{rc.d,sysconfig} || die
+
+	# Gentoo rules
+	insinto /etc/audit/
+	doins "${FILESDIR}"/audit.rules*
+
+	# audit logs go here
+	keepdir /var/log/audit/
+
+	# Security
+	lockdown_perms "${D}"
+
+	# Don't install .la files in Python directories.
+	python_clean_installation_image
+}
+
+pkg_postinst() {
+	lockdown_perms "${ROOT}"
+	python_mod_optimize audit.py
+}
+
+pkg_postrm() {
+	python_mod_cleanup audit.py
+}
+
+lockdown_perms() {
+	# upstream wants these to have restrictive perms
+	basedir="$1"
+	chmod 0750 "${basedir}"/sbin/au{ditctl,report,dispd,ditd,search,trace} 2>/dev/null
+	chmod 0750 "${basedir}"/var/log/audit/ 2>/dev/null
+	chmod 0640 "${basedir}"/etc/{audit/,}{auditd.conf,audit.rules*} 2>/dev/null
+}

diff --git a/sys-process/audit/files/audit-1.6.8-subdirs-fix.patch b/sys-process/audit/files/audit-1.6.8-subdirs-fix.patch
new file mode 100644
index 0000000..662e376
--- /dev/null
+++ b/sys-process/audit/files/audit-1.6.8-subdirs-fix.patch
@@ -0,0 +1,12 @@
+--- audit-1.6.8/Makefile.am.orig	2008-02-20 14:33:51.034127088 -0800
++++ audit-1.6.8/Makefile.am	2008-02-20 14:33:57.640162864 -0800
+@@ -21,8 +21,7 @@
+ #   Rickard E. (Rik) Faith <faith@redhat.com>
+ #
+ 
+-SUBDIRS = lib auparse src/mt src audisp tools swig bindings init.d 
+-	docs 
++SUBDIRS = lib auparse src/mt src audisp tools swig bindings init.d docs 
+ EXTRA_DIST = ChangeLog AUTHORS NEWS README README-install audit.spec \
+ 	contrib/capp.rules contrib/nispom.rules contrib/lspp.rules \
+ 	contrib/skeleton.c contrib/avc_snap contrib/avc_syslog \

diff --git a/sys-process/audit/files/audit-1.7.4-glibc212.patch b/sys-process/audit/files/audit-1.7.4-glibc212.patch
new file mode 100644
index 0000000..e167849
--- /dev/null
+++ b/sys-process/audit/files/audit-1.7.4-glibc212.patch
@@ -0,0 +1,13 @@
+http://bugs.gentoo.org/334147
+
+--- lib/libaudit.c
++++ lib/libaudit.c
+@@ -36,6 +36,8 @@
+ #include <sys/utsname.h>
+ #include <fcntl.h>	/* O_NOFOLLOW needs gnu defined */
+ #include <limits.h>	/* for PATH_MAX */
++#include <sys/types.h>
++#include <sys/stat.h>	/* S_ISREG */
+ 
+ #include "libaudit.h"
+ #include "private.h"

diff --git a/sys-process/audit/files/audit-1.7.4-python.patch b/sys-process/audit/files/audit-1.7.4-python.patch
new file mode 100644
index 0000000..32fca2a
--- /dev/null
+++ b/sys-process/audit/files/audit-1.7.4-python.patch
@@ -0,0 +1,12 @@
+--- swig/Makefile.am
++++ swig/Makefile.am
+@@ -27,7 +27,8 @@
+ LIBS = $(top_builddir)/lib/libaudit.la
+ python_PYTHON = audit.py
+ pyexec_LTLIBRARIES = _audit.la
+-_audit_la_LDFLAGS = -module -avoid-version
++_audit_la_CFLAGS = -shared
++_audit_la_LDFLAGS = -module -avoid-version -shared
+ _audit_la_HEADERS: $(top_builddir)/config.h 
+ _audit_la_DEPENDENCIES =${top_srcdir}/lib/libaudit.h ${top_builddir}/lib/libaudit.la
+ nodist__audit_la_SOURCES  = audit_wrap.c

diff --git a/sys-process/audit/files/audit.rules b/sys-process/audit/files/audit.rules
new file mode 100644
index 0000000..9d9578e
--- /dev/null
+++ b/sys-process/audit/files/audit.rules
@@ -0,0 +1,25 @@
+# Copyright 1999-2005 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-process/audit/files/audit.rules,v 1.1 2006/06/22 07:41:46 robbat2 Exp $
+#
+# This file contains the auditctl rules that are loaded
+# whenever the audit daemon is started via the initscripts.
+# The rules are simply the parameters that would be passed
+# to auditctl.
+
+# First rule - delete all
+# This is to clear out old rules, so we don't append to them.
+-D
+
+# Feel free to add below this line. See auditctl man page
+
+# The following rule would cause all of the syscalls listed to be ignored in logging.
+# -a entry,never -S read -S write -S open -S fstat -S fstat64 -S mmap -S brk -S munmap -S _llseek -S nanosleep -S fcntl64 -S close -S dup2 -S rt_sigaction -S stat64 -S stat
+
+# The following rule would cause the capture of all systems not caught above.
+# -a entry,always -S all
+
+# Increase the buffers to survive stress events
+-b 256
+
+# vim:ft=conf:

diff --git a/sys-process/audit/files/audit.rules.stop.post b/sys-process/audit/files/audit.rules.stop.post
new file mode 100644
index 0000000..34db08c
--- /dev/null
+++ b/sys-process/audit/files/audit.rules.stop.post
@@ -0,0 +1,13 @@
+# Copyright 1999-2005 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-process/audit/files/audit.rules.stop.post,v 1.1 2006/06/22 07:41:46 robbat2 Exp $
+#
+# This file contains the auditctl rules that are loaded immediately after the
+# audit deamon is stopped via the initscripts.
+# The rules are simply the parameters that would be passed
+# to auditctl.
+
+# Not used for the default Gentoo configuration as of v1.2.3
+# Paranoid security types might wish to reconfigure kauditd here.
+
+# vim:ft=conf:

diff --git a/sys-process/audit/files/audit.rules.stop.pre b/sys-process/audit/files/audit.rules.stop.pre
new file mode 100644
index 0000000..c404b51
--- /dev/null
+++ b/sys-process/audit/files/audit.rules.stop.pre
@@ -0,0 +1,13 @@
+# Copyright 1999-2005 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-process/audit/files/audit.rules.stop.pre,v 1.1 2006/06/22 07:41:46 robbat2 Exp $
+#
+# This file contains the auditctl rules that are loaded immediately before the
+# audit deamon is stopped via the initscripts.
+# The rules are simply the parameters that would be passed
+# to auditctl.
+
+# auditd is stopping, don't capture events anymore
+-D
+
+# vim:ft=conf:

diff --git a/sys-process/audit/files/auditd-conf.d-1.2.3 b/sys-process/audit/files/auditd-conf.d-1.2.3
new file mode 100644
index 0000000..e722286
--- /dev/null
+++ b/sys-process/audit/files/auditd-conf.d-1.2.3
@@ -0,0 +1,16 @@
+# Copyright 1999-2005 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-process/audit/files/auditd-conf.d-1.2.3,v 1.1 2006/06/22 07:41:46 robbat2 Exp $
+
+# Configuration options for auditd
+# -f for foreground mode
+# There are some other options as well, but you'll have to look in the source
+# code to find them as they aren't ready for use yet.
+EXTRAOPTIONS=''
+
+# Audit rules file to run after starting auditd
+RULEFILE_STARTUP=/etc/audit/audit.rules
+
+# Audit rules file to run before and after stopping auditd
+RULEFILE_STOP_PRE=/etc/audit/audit.rules.stop.pre
+RULEFILE_STOP_POST=/etc/audit/audit.rules.stop.post

diff --git a/sys-process/audit/files/auditd-init.d-1.2.3 b/sys-process/audit/files/auditd-init.d-1.2.3
new file mode 100644
index 0000000..862a6be
--- /dev/null
+++ b/sys-process/audit/files/auditd-init.d-1.2.3
@@ -0,0 +1,58 @@
+#!/sbin/runscript
+# Copyright 1999-2005 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-process/audit/files/auditd-init.d-1.2.3,v 1.1 2006/06/22 07:41:46 robbat2 Exp $
+
+start_auditd() {
+	ebegin "Starting auditd"
+	start-stop-daemon \
+		--start --quiet --pidfile /var/run/auditd.pid \
+		--exec /sbin/auditd -- ${EXTRAOPTIONS}
+	local ret=$?
+	eend $ret
+	return $ret
+}
+
+stop_auditd() {	
+	ebegin "Stopping auditd"
+	start-stop-daemon \
+		--stop --quiet --pidfile /var/run/auditd.pid
+	local ret=$?
+	eend $ret
+	return $ret
+}
+
+
+loadfile() {
+	local rules="$1"
+	if [ -n "${rules}" -a -f "${rules}" ]; then
+		einfo "Loading audit rules from ${rules}"
+		/sbin/auditctl -R "${rules}" 1>/dev/null
+		return $?
+	else
+		return 0
+	fi
+}
+
+start() {
+	start_auditd
+	local ret=$?
+	if [ $ret -eq 0 ]; then
+		loadfile "${RULEFILE_STARTUP}"
+	fi
+	return $ret
+}
+
+stop() {
+	loadfile "${RULEFILE_STOP_PRE}"
+	stop_auditd
+	local ret=$?
+	loadfile "${RULEFILE_STOP_POST}"
+	return $ret
+}
+
+# This is a special case, we do not want to touch the rules at all
+restart() {
+	stop_auditd
+	start_auditd
+}