diff options
| author |   Jason Zaman <perfinion@gentoo.org> | 2024-07-14 15:43:21 -0700 |
|---|---|---|
| committer | Jason Zaman <perfinion@gentoo.org> | 2024-07-14 16:13:54 -0700 |
| commit | 06f2781c70fab797c05d34fdccd3abca5391946e (patch) | |
| tree | c7644af6a73e6da61ff2db9e6b5cb65deae63c61 /sys-process | |
| parent | sys-process/audit: add 3.1.4 (diff) | |
| download | gentoo-06f2781c70fab797c05d34fdccd3abca5391946e.tar.gz gentoo-06f2781c70fab797c05d34fdccd3abca5391946e.tar.bz2 gentoo-06f2781c70fab797c05d34fdccd3abca5391946e.zip | |
sys-process/audit: drop 3.1.1
Signed-off-by: Jason Zaman <perfinion@gentoo.org>
Diffstat (limited to 'sys-process')
| -rw-r--r-- | sys-process/audit/Manifest | 1 | ||||
| -rw-r--r-- | sys-process/audit/audit-3.1.1.ebuild | 196 | ||||
| -rw-r--r-- | sys-process/audit/files/audit-3.0.8-linux-headers-5.17.patch | 41 |
3 files changed, 0 insertions, 238 deletions
diff --git a/sys-process/audit/Manifest b/sys-process/audit/Manifest index a4241527b24b..32dd6e54f424 100644 --- a/sys-process/audit/Manifest +++ b/sys-process/audit/Manifest @@ -1,4 +1,3 @@ -DIST audit-3.1.1.tar.gz 1218111 BLAKE2B a804684e438efc5f35b387708b3dc91bf857eeb56624261e0f75543556c436bfe638b792f63289f049c11541b10b2dc0e9f17b22f44b913da0168b1cf20684fc SHA512 4917970cc4c7f786c464a6d101bf66d55d55ac4716cf415ff97177f08176a6301e946716d28cf5b16054538469b3140b97db99d55a28686a9a807eea60c070f3 DIST audit-3.1.2.tar.gz 1219860 BLAKE2B dfdec470bf12cce6c570b3d260e65e2b49e8ac0761e6a6fbf7b4f4a57f92e88367cd74bfcb88e6d718619b88fea27ce963a977c9f4346c95d18a5310e217accb SHA512 a97003a294ed3671df01e2952688e7d5eef59a35f6891feb53e67c4c7eab9ae8c2d18de41a5b5b20e0ad7156fac93aec05f32f6bc5eea706b42b6f27f676446a DIST audit-3.1.3.tar.gz 1225761 BLAKE2B 97ee35fc722083d541e164b27fd318ec7be2a4e4e8774767d14c6a2e800092a37b7042a272db5d208c913fb36d295c5343bd6082237caf0fb561ec3c7a2883db SHA512 7d6399ca97b171d5ea3cf7f7566bdabe9d5677a3a54c75411146dc2971106809a90d1a9cd0b1ba9b8af4cc409e6bee5876c7f2a0c54c42400fdcf9cfade58a8c DIST audit-3.1.4.tar.gz 1225648 BLAKE2B c6875f7d031e810469511ac8f86f05b2de7f19c044dbf67bc9d66430167fcf0f031e0279ce170a496b672a6fc99ee18b8cc39943e6faf3c19a24a381d2701439 SHA512 d26c498c91e838d97d3f199630650f509bb1e82b44d364306b20db32d4116fa73d775ef56c0fed2ec8d548b19215052691cbc80c74699bc87f2a0ea08cf664f5 diff --git a/sys-process/audit/audit-3.1.1.ebuild b/sys-process/audit/audit-3.1.1.ebuild deleted file mode 100644 index 97910e182b7e..000000000000 --- a/sys-process/audit/audit-3.1.1.ebuild +++ /dev/null @@ -1,196 +0,0 @@ -# Copyright 1999-2024 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -# As with sys-libs/libcap-ng, same maintainer in Fedora as upstream, so -# check Fedora's packaging (https://src.fedoraproject.org/rpms/audit/tree/rawhide) -# on bumps (or if hitting a bug) to see what they've done there. - -PYTHON_COMPAT=( python3_{10..12} ) - -inherit autotools multilib-minimal toolchain-funcs python-r1 linux-info systemd usr-ldscript - -DESCRIPTION="Userspace utilities for storing and processing auditing records" -HOMEPAGE="https://people.redhat.com/sgrubb/audit/" -SRC_URI="https://people.redhat.com/sgrubb/audit/${P}.tar.gz" - -LICENSE="GPL-2+ LGPL-2.1+" -SLOT="0" -KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~mips ppc ppc64 ~riscv ~s390 sparc x86" -IUSE="gssapi io-uring ldap python static-libs test" - -REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )" -RESTRICT="!test? ( test )" - -RDEPEND=" - sys-libs/libcap-ng - gssapi? ( virtual/krb5 ) - ldap? ( net-nds/openldap:= ) - python? ( ${PYTHON_DEPS} ) -" -DEPEND=" - ${RDEPEND} - >=sys-kernel/linux-headers-2.6.34 - test? ( dev-libs/check ) -" -BDEPEND="python? ( - dev-lang/swig - $(python_gen_cond_dep ' - dev-python/setuptools[${PYTHON_USEDEP}] - ' python3_12) - ) -" - -CONFIG_CHECK="~AUDIT" - -PATCHES=( - # See bug #836702 before removing / verify builds fine w/ USE=python - # with latest kernel headers. - "${FILESDIR}"/${PN}-3.0.8-linux-headers-5.17.patch - "${FILESDIR}"/${PN}-3.0.8-musl-malloc.patch -) - -QA_CONFIG_IMPL_DECL_SKIP=( - # missing on musl. Uses handrolled AC_LINK_IFELSE but fails at link time - # for older compilers regardless. bug #898828 - strndupa -) - -src_prepare() { - # audisp-remote moved in multilib_src_install_all - sed -i \ - -e "s,/sbin/audisp-remote,${EPREFIX}/usr/sbin/audisp-remote," \ - audisp/plugins/remote/au-remote.conf || die - - # Disable installing sample rules so they can be installed as docs. - echo -e '%:\n\t:' | tee rules/Makefile.{am,in} >/dev/null || die - - default - eautoreconf -} - -multilib_src_configure() { - local myeconfargs=( - --sbindir="${EPREFIX}"/sbin - $(use_enable gssapi gssapi-krb5) - $(use_enable ldap zos-remote) - $(use_enable static-libs static) - $(use_with io-uring io_uring) - --enable-systemd - --without-golang - --without-libwrap - --without-python - --without-python3 - ) - - ECONF_SOURCE="${S}" econf "${myeconfargs[@]}" - - if multilib_is_native_abi && use python; then - python_configure() { - mkdir -p "${BUILD_DIR}" || die - pushd "${BUILD_DIR}" &>/dev/null || die - - ECONF_SOURCE="${S}" econf "${myeconfargs[@]}" --with-python3 - - popd &>/dev/null || die - } - - python_foreach_impl python_configure - fi -} - -src_configure() { - tc-export_build_env BUILD_{CC,CPP} - - local -x CC_FOR_BUILD="${BUILD_CC}" - local -x CPP_FOR_BUILD="${BUILD_CPP}" - - multilib-minimal_src_configure -} - -multilib_src_compile() { - if multilib_is_native_abi; then - default - - local native_build="${BUILD_DIR}" - - python_compile() { - emake -C "${BUILD_DIR}"/bindings/swig top_builddir="${native_build}" - emake -C "${BUILD_DIR}"/bindings/python/python3 top_builddir="${native_build}" - } - - use python && python_foreach_impl python_compile - else - emake -C common - emake -C lib - emake -C auparse - fi -} - -multilib_src_install() { - if multilib_is_native_abi; then - emake DESTDIR="${D}" initdir="$(systemd_get_systemunitdir)" install - - local native_build="${BUILD_DIR}" - - python_install() { - emake -C "${BUILD_DIR}"/bindings/swig DESTDIR="${D}" top_builddir="${native_build}" install - emake -C "${BUILD_DIR}"/bindings/python/python3 DESTDIR="${D}" top_builddir="${native_build}" install - python_optimize - } - - use python && python_foreach_impl python_install - - # Things like shadow use this so we need to be in / - gen_usr_ldscript -a audit auparse - else - emake -C lib DESTDIR="${D}" install - emake -C auparse DESTDIR="${D}" install - fi -} - -multilib_src_install_all() { - dodoc AUTHORS ChangeLog README* THANKS - docinto contrib - dodoc contrib/avc_snap - docinto contrib/plugin - dodoc contrib/plugin/* - docinto rules - dodoc rules/*rules - - newinitd "${FILESDIR}"/auditd-init.d-2.4.3 auditd - newconfd "${FILESDIR}"/auditd-conf.d-2.1.3 auditd - - if [[ -f "${ED}"/sbin/audisp-remote ]] ; then - dodir /usr/sbin - mv "${ED}"/{sbin,usr/sbin}/audisp-remote || die - fi - - # Gentoo rules - insinto /etc/audit - newins "${FILESDIR}"/audit.rules-2.1.3 audit.rules - doins "${FILESDIR}"/audit.rules.stop* - keepdir /etc/audit/rules.d - - # audit logs go here - keepdir /var/log/audit - - find "${ED}" -type f -name '*.la' -delete || die - - # Security - lockdown_perms "${ED}" -} - -pkg_postinst() { - lockdown_perms "${EROOT}" -} - -lockdown_perms() { - # Upstream wants these to have restrictive perms. - # Should not || die as not all paths may exist. - local basedir="${1}" - chmod 0750 "${basedir}"/sbin/au{ditctl,ditd,report,search,trace} 2>/dev/null - chmod 0750 "${basedir}"/var/log/audit 2>/dev/null - chmod 0640 "${basedir}"/etc/audit/{auditd.conf,audit*.rules*} 2>/dev/null -} diff --git a/sys-process/audit/files/audit-3.0.8-linux-headers-5.17.patch b/sys-process/audit/files/audit-3.0.8-linux-headers-5.17.patch deleted file mode 100644 index 8d41d8363822..000000000000 --- a/sys-process/audit/files/audit-3.0.8-linux-headers-5.17.patch +++ /dev/null @@ -1,41 +0,0 @@ -Upstream rejected a workaround/fix at https://github.com/linux-audit/audit-userspace/pull/253 -/ https://github.com/linux-audit/audit-userspace/issues/252#issuecomment-1078595249. - -Instead, in Fedora (same maintainer as upstream), they're patching the headers then unpatching before install. - -Apparently the swig bindings are on their way out but I'm not convinced that's going to be a quick migration given the API will.. surely change? - -It's not ideal but let's take the patch slyfox ended up using in nixpkgs anyway. - -https://bugs.gentoo.org/836702 - -From beed138222421a2eb4212d83cb889404bd7efc49 Mon Sep 17 00:00:00 2001 -From: Sergei Trofimovich <slyich@gmail.com> -Date: Wed, 23 Mar 2022 07:27:05 +0000 -Subject: [PATCH] auditswig.i: avoid setter generation for audit_rule_data::buf - -As it's a flexible array generated code was never safe to use. -With kernel's https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ed98ea2128b6fd83bce13716edf8f5fe6c47f574 -change it's a build failure now: - - audit> audit_wrap.c:5010:15: error: invalid use of flexible array member - audit> 5010 | arg1->buf = (char [])(char *)memcpy(malloc((size)*sizeof(char)), (const char *)(arg2), sizeof(char)*(size)); - audit> | ^ - -Let's avoid setter generation entirely. - -Closes: https://github.com/linux-audit/audit-userspace/issues/252 ---- a/bindings/swig/src/auditswig.i -+++ b/bindings/swig/src/auditswig.i -@@ -39,6 +39,10 @@ signed - #define __attribute(X) /*nothing*/ - typedef unsigned __u32; - typedef unsigned uid_t; -+/* Sidestep SWIG's limitation of handling c99 Flexible arrays by not: -+ * generating setters against them: https://github.com/swig/swig/issues/1699 -+ */ -+%ignore audit_rule_data::buf; - %include "/usr/include/linux/audit.h" - #define __extension__ /*nothing*/ - %include <stdint.i> - |