From 868fd5dc8aab84930cfaa5252b8be06b35552765 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Mon, 15 Jul 2024 12:27:33 +0100 Subject: gentoo auto-resync : 15:07:2024 - 12:27:33 --- sys-process/Manifest.gz | Bin 10146 -> 10142 bytes sys-process/audit/Manifest | 6 +- sys-process/audit/audit-3.1.1.ebuild | 196 ------- sys-process/audit/audit-3.1.4-r1.ebuild | 194 +++++++ .../files/audit-3.0.8-linux-headers-5.17.patch | 41 -- sys-process/audit/files/audit-3.1.4-c99.patch | 599 +++++++++++++++++++++ 6 files changed, 796 insertions(+), 240 deletions(-) delete mode 100644 sys-process/audit/audit-3.1.1.ebuild create mode 100644 sys-process/audit/audit-3.1.4-r1.ebuild delete mode 100644 sys-process/audit/files/audit-3.0.8-linux-headers-5.17.patch create mode 100644 sys-process/audit/files/audit-3.1.4-c99.patch (limited to 'sys-process') diff --git a/sys-process/Manifest.gz b/sys-process/Manifest.gz index 9fc09a98f6d1..f263c2fa74a5 100644 Binary files a/sys-process/Manifest.gz and b/sys-process/Manifest.gz differ diff --git a/sys-process/audit/Manifest b/sys-process/audit/Manifest index ac23de364157..28ac1b502a31 100644 --- a/sys-process/audit/Manifest +++ b/sys-process/audit/Manifest @@ -1,15 +1,15 @@ -AUX audit-3.0.8-linux-headers-5.17.patch 1832 BLAKE2B 15d82a6c7c964f14414ca34ed09d4251c331497e9aae1f0cbb54398bef02a5be0eadbdee90b3bb26ac90e8b9825bdb09c01bfcea61cd99b905f508c08578a9ba SHA512 76a7f958c1523f3441ad9206f1bc58e71d81f992f64c06c69f705c8bdc535dff5078fcf89b93b195fb8a437079f27f0b75b7b1a2f12c16be309daec108b6c72b AUX audit-3.0.8-musl-malloc.patch 1415 BLAKE2B 0b3a9ec80ed8b445e4d5eea0b9f49f4e5a165ac538b7769305b9107be0874ee9b50f30ea13f77d1b9d54a35ada15a0dfd07e5b905f03b4df3834a4904dec4b94 SHA512 152674f0000a14d7e13b31c1b6cfc0bf48f94f56eb2a1d52e5aa2e306264c507dd1410b7a1457195578bce734ae9ac7f9ad3e10006a8451450b6d8bf6592a8d6 AUX audit-3.1.3-musl-malloc.patch 890 BLAKE2B bfe6bc484ed86af5c9bb03d53d5ba05c47a7e342665be02cb1ec23c00e7c1bdf1876021f3f787584c0685cd6b8a2f733ab9cbf65840fd161898d4a2b74d28412 SHA512 03c84792fa4dd3e4b9310b7e95247d1a8772e202c265b7f3272e57016b2b796b2bf71536a7e31143ad972b203d4470804288b9b973e3239670329ee5ac11cbca +AUX audit-3.1.4-c99.patch 17997 BLAKE2B 3e44a2f948dfed2f46c453c2e56a9440c56c58326f9e35a466119c3aa67ba56ca0a28e708a1a356400c411068fe09030c337a851ce8690a3645c58a5b406b7ae SHA512 cbf20ba9ffba31af0fa015a211fcb66d1420eff3547e3b7ff1e52e092fdb2a4d1bb790910d65774139b64c9dadcf68f75c56787fb7861a008cfd881bef3f7834 AUX audit.rules-2.1.3 1009 BLAKE2B df40176208bd68cb9021d15ea5803bb0d1c768c9d6400036a69409e1aae3ad55b89983ed94f22a6399a9cec8fc3dc7b20a7b27e75cdea24edda92b95ee19af87 SHA512 bce3ee9aaa0ab48395e6e10ee9b3627d6b7a8083abefdc4009de26649c65a39e000078f799e8c3c9e3341dfa030c6dfbbcad2fb7756fbb3d01b27be078adecec AUX audit.rules.stop.post 452 BLAKE2B b10d6d6c0fa475998856e674bd5c8dc0d7ca8f1d676a684223f48d1b22ce90441b2970c02b0eab882b3d3059f2b350d8a34109b03f5457f709624dccb3722e82 SHA512 a7bc52cbbea278a38e2837149524bb21b2c5367c96ed07fe576e08322595c5bee57ff07f8ebecd17391d9c3abe1ba187ac6e39400a153bf0ace4257303d036d3 AUX audit.rules.stop.pre 427 BLAKE2B ddf4ac16c3e1fd401c266287e792865adf8f4dd0b4bbaea6f991bf8dcee69c8ecd69c93d0cbd8352e280c3c61d24de23ca89f700e383c79036526e59c311c004 SHA512 def5ef378ad554f38754839d1c00c598686645a59896e37a3c7ff07b00aaa05a2b92305e49a750358eaba63a7d48fb647472529b155301069771678eed272463 AUX auditd-conf.d-2.1.3 734 BLAKE2B 018677362bc82c2052885cdd0e2185050cf5e97722ead4acdc51d428b52c265317c7dd03d1459be38b781e78f857cd967e5a60b68360c3381c31c62e1d61d843 SHA512 69d8777772ded7a8c0db2bcf84961b121bb355fa0d4ba0e14e311f8a8bfe665cbd2b7ac632d73477f9dfa9a6eec357a7ed458fe9b3e7b5ede75b166f3f092ab7 AUX auditd-init.d-2.4.3 2054 BLAKE2B 20e68ab676c925b8567a7e9a12d2ac055fd90477cbbd6444136b7198828798f7b6428948503c344639fab5fea54962682be7c986950c2cbae8b7c9dfeb321a4b SHA512 1b48c248db5d34f148f9c79f8b2a6acbf61c729230341b861f5e331bbfb0c8356305a09eb2cc5c82c14c4fd9a13c7c13957e1ed493834b8b3b9ee38978e4c31f -DIST audit-3.1.1.tar.gz 1218111 BLAKE2B a804684e438efc5f35b387708b3dc91bf857eeb56624261e0f75543556c436bfe638b792f63289f049c11541b10b2dc0e9f17b22f44b913da0168b1cf20684fc SHA512 4917970cc4c7f786c464a6d101bf66d55d55ac4716cf415ff97177f08176a6301e946716d28cf5b16054538469b3140b97db99d55a28686a9a807eea60c070f3 DIST audit-3.1.2.tar.gz 1219860 BLAKE2B dfdec470bf12cce6c570b3d260e65e2b49e8ac0761e6a6fbf7b4f4a57f92e88367cd74bfcb88e6d718619b88fea27ce963a977c9f4346c95d18a5310e217accb SHA512 a97003a294ed3671df01e2952688e7d5eef59a35f6891feb53e67c4c7eab9ae8c2d18de41a5b5b20e0ad7156fac93aec05f32f6bc5eea706b42b6f27f676446a DIST audit-3.1.3.tar.gz 1225761 BLAKE2B 97ee35fc722083d541e164b27fd318ec7be2a4e4e8774767d14c6a2e800092a37b7042a272db5d208c913fb36d295c5343bd6082237caf0fb561ec3c7a2883db SHA512 7d6399ca97b171d5ea3cf7f7566bdabe9d5677a3a54c75411146dc2971106809a90d1a9cd0b1ba9b8af4cc409e6bee5876c7f2a0c54c42400fdcf9cfade58a8c -EBUILD audit-3.1.1.ebuild 4961 BLAKE2B d13005c937536751f9649990378ceeae318cc284c55903c1f5ce6217ab57ab18354f8c4b1963e3ee1e6cc418d0232423117810d40f137d69d07f9603d19c5b4a SHA512 47a0d8b0beef8629a1b7619730a89adf12c74d52f5c8e9ccb2a00c05ba05cede72d065d8a4e9cffe64c644ded4d8bd579b382e649a5f3b92eb2141e06b48adf8 +DIST audit-3.1.4.tar.gz 1225648 BLAKE2B c6875f7d031e810469511ac8f86f05b2de7f19c044dbf67bc9d66430167fcf0f031e0279ce170a496b672a6fc99ee18b8cc39943e6faf3c19a24a381d2701439 SHA512 d26c498c91e838d97d3f199630650f509bb1e82b44d364306b20db32d4116fa73d775ef56c0fed2ec8d548b19215052691cbc80c74699bc87f2a0ea08cf664f5 EBUILD audit-3.1.2.ebuild 4808 BLAKE2B 6c0fc3cad44a8fa25428ae771feb649053238bbad4b925eb8ffd8ec5fb7345b092c8679273aa9a803959adf75682fe5b11a2bd020e2f93e815b33a89cab1d5d3 SHA512 11e52292da84178c5366c7e7c4560a2772f19b0566ee0f42b172c2612110a35cc28c718f5d26234f8b6e3c31f7e336c2d84e358b86f4e819709657a90e9e6abc EBUILD audit-3.1.3.ebuild 4813 BLAKE2B d97ddf923fbcd980d62b7650f5cf86e3cc90ec5657daeab6f80aa7b622e209a34068abd9602c66ff378bae482f4c9a76f9daeb1431873257f30f3ae2442c5de3 SHA512 3eb96b05b59d5048c799d928a25ddd021f4f0197699086636b3bfe4b85d517c49dd3ef3a2021f587e51f484c6a6fed9d576590fb3eeb695fadb9aee8ba4b50c1 +EBUILD audit-3.1.4-r1.ebuild 4798 BLAKE2B 2e42554299be2bed3a4ea5c7e45573a7c724ee6615ebe71b62176836a5d53e4129acf92bc71da61112dafce354595e69aee2be2e0c436a1ff8fc5cb38937f7c0 SHA512 94b11010c6924d1193068b965cef8d9fb7fd5d54e2e84c8189405020fff0119ff60bf10666b84c595d02f78acdc585b0d9637a35f7cd24247454ff0ff99dc834 MISC metadata.xml 628 BLAKE2B 1e927808210f4acff077f0c9e1a2d358c823fd5ce405b2ef5f0ed760cfa2ac059665f5a11cf1d87314012025844f21b3b9cb25f38a892f715ab2e7de47bbb86a SHA512 2bcb29cb5748ac22d0902dc616cf236eca7f5440c48a6f4bd2b7f2c65ec35cf63bda79252ea21d3553749146b9c84a6db7af256e01a84d347bfd4d8d60a204f6 diff --git a/sys-process/audit/audit-3.1.1.ebuild b/sys-process/audit/audit-3.1.1.ebuild deleted file mode 100644 index 97910e182b7e..000000000000 --- a/sys-process/audit/audit-3.1.1.ebuild +++ /dev/null @@ -1,196 +0,0 @@ -# Copyright 1999-2024 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -# As with sys-libs/libcap-ng, same maintainer in Fedora as upstream, so -# check Fedora's packaging (https://src.fedoraproject.org/rpms/audit/tree/rawhide) -# on bumps (or if hitting a bug) to see what they've done there. - -PYTHON_COMPAT=( python3_{10..12} ) - -inherit autotools multilib-minimal toolchain-funcs python-r1 linux-info systemd usr-ldscript - -DESCRIPTION="Userspace utilities for storing and processing auditing records" -HOMEPAGE="https://people.redhat.com/sgrubb/audit/" -SRC_URI="https://people.redhat.com/sgrubb/audit/${P}.tar.gz" - -LICENSE="GPL-2+ LGPL-2.1+" -SLOT="0" -KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~mips ppc ppc64 ~riscv ~s390 sparc x86" -IUSE="gssapi io-uring ldap python static-libs test" - -REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )" -RESTRICT="!test? ( test )" - -RDEPEND=" - sys-libs/libcap-ng - gssapi? ( virtual/krb5 ) - ldap? ( net-nds/openldap:= ) - python? ( ${PYTHON_DEPS} ) -" -DEPEND=" - ${RDEPEND} - >=sys-kernel/linux-headers-2.6.34 - test? ( dev-libs/check ) -" -BDEPEND="python? ( - dev-lang/swig - $(python_gen_cond_dep ' - dev-python/setuptools[${PYTHON_USEDEP}] - ' python3_12) - ) -" - -CONFIG_CHECK="~AUDIT" - -PATCHES=( - # See bug #836702 before removing / verify builds fine w/ USE=python - # with latest kernel headers. - "${FILESDIR}"/${PN}-3.0.8-linux-headers-5.17.patch - "${FILESDIR}"/${PN}-3.0.8-musl-malloc.patch -) - -QA_CONFIG_IMPL_DECL_SKIP=( - # missing on musl. Uses handrolled AC_LINK_IFELSE but fails at link time - # for older compilers regardless. bug #898828 - strndupa -) - -src_prepare() { - # audisp-remote moved in multilib_src_install_all - sed -i \ - -e "s,/sbin/audisp-remote,${EPREFIX}/usr/sbin/audisp-remote," \ - audisp/plugins/remote/au-remote.conf || die - - # Disable installing sample rules so they can be installed as docs. - echo -e '%:\n\t:' | tee rules/Makefile.{am,in} >/dev/null || die - - default - eautoreconf -} - -multilib_src_configure() { - local myeconfargs=( - --sbindir="${EPREFIX}"/sbin - $(use_enable gssapi gssapi-krb5) - $(use_enable ldap zos-remote) - $(use_enable static-libs static) - $(use_with io-uring io_uring) - --enable-systemd - --without-golang - --without-libwrap - --without-python - --without-python3 - ) - - ECONF_SOURCE="${S}" econf "${myeconfargs[@]}" - - if multilib_is_native_abi && use python; then - python_configure() { - mkdir -p "${BUILD_DIR}" || die - pushd "${BUILD_DIR}" &>/dev/null || die - - ECONF_SOURCE="${S}" econf "${myeconfargs[@]}" --with-python3 - - popd &>/dev/null || die - } - - python_foreach_impl python_configure - fi -} - -src_configure() { - tc-export_build_env BUILD_{CC,CPP} - - local -x CC_FOR_BUILD="${BUILD_CC}" - local -x CPP_FOR_BUILD="${BUILD_CPP}" - - multilib-minimal_src_configure -} - -multilib_src_compile() { - if multilib_is_native_abi; then - default - - local native_build="${BUILD_DIR}" - - python_compile() { - emake -C "${BUILD_DIR}"/bindings/swig top_builddir="${native_build}" - emake -C "${BUILD_DIR}"/bindings/python/python3 top_builddir="${native_build}" - } - - use python && python_foreach_impl python_compile - else - emake -C common - emake -C lib - emake -C auparse - fi -} - -multilib_src_install() { - if multilib_is_native_abi; then - emake DESTDIR="${D}" initdir="$(systemd_get_systemunitdir)" install - - local native_build="${BUILD_DIR}" - - python_install() { - emake -C "${BUILD_DIR}"/bindings/swig DESTDIR="${D}" top_builddir="${native_build}" install - emake -C "${BUILD_DIR}"/bindings/python/python3 DESTDIR="${D}" top_builddir="${native_build}" install - python_optimize - } - - use python && python_foreach_impl python_install - - # Things like shadow use this so we need to be in / - gen_usr_ldscript -a audit auparse - else - emake -C lib DESTDIR="${D}" install - emake -C auparse DESTDIR="${D}" install - fi -} - -multilib_src_install_all() { - dodoc AUTHORS ChangeLog README* THANKS - docinto contrib - dodoc contrib/avc_snap - docinto contrib/plugin - dodoc contrib/plugin/* - docinto rules - dodoc rules/*rules - - newinitd "${FILESDIR}"/auditd-init.d-2.4.3 auditd - newconfd "${FILESDIR}"/auditd-conf.d-2.1.3 auditd - - if [[ -f "${ED}"/sbin/audisp-remote ]] ; then - dodir /usr/sbin - mv "${ED}"/{sbin,usr/sbin}/audisp-remote || die - fi - - # Gentoo rules - insinto /etc/audit - newins "${FILESDIR}"/audit.rules-2.1.3 audit.rules - doins "${FILESDIR}"/audit.rules.stop* - keepdir /etc/audit/rules.d - - # audit logs go here - keepdir /var/log/audit - - find "${ED}" -type f -name '*.la' -delete || die - - # Security - lockdown_perms "${ED}" -} - -pkg_postinst() { - lockdown_perms "${EROOT}" -} - -lockdown_perms() { - # Upstream wants these to have restrictive perms. - # Should not || die as not all paths may exist. - local basedir="${1}" - chmod 0750 "${basedir}"/sbin/au{ditctl,ditd,report,search,trace} 2>/dev/null - chmod 0750 "${basedir}"/var/log/audit 2>/dev/null - chmod 0640 "${basedir}"/etc/audit/{auditd.conf,audit*.rules*} 2>/dev/null -} diff --git a/sys-process/audit/audit-3.1.4-r1.ebuild b/sys-process/audit/audit-3.1.4-r1.ebuild new file mode 100644 index 000000000000..33f5402ee966 --- /dev/null +++ b/sys-process/audit/audit-3.1.4-r1.ebuild @@ -0,0 +1,194 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +# As with sys-libs/libcap-ng, same maintainer in Fedora as upstream, so +# check Fedora's packaging (https://src.fedoraproject.org/rpms/audit/tree/rawhide) +# on bumps (or if hitting a bug) to see what they've done there. + +PYTHON_COMPAT=( python3_{10..13} ) + +inherit autotools multilib-minimal toolchain-funcs python-r1 linux-info systemd usr-ldscript + +DESCRIPTION="Userspace utilities for storing and processing auditing records" +HOMEPAGE="https://people.redhat.com/sgrubb/audit/" +SRC_URI="https://people.redhat.com/sgrubb/audit/${P}.tar.gz" + +LICENSE="GPL-2+ LGPL-2.1+" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86" +IUSE="gssapi io-uring ldap python static-libs test" + +REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )" +RESTRICT="!test? ( test )" + +RDEPEND=" + sys-libs/libcap-ng + gssapi? ( virtual/krb5 ) + ldap? ( net-nds/openldap:= ) + python? ( ${PYTHON_DEPS} ) +" +DEPEND=" + ${RDEPEND} + >=sys-kernel/linux-headers-2.6.34 + test? ( dev-libs/check ) +" +BDEPEND=" + python? ( + dev-lang/swig + $(python_gen_cond_dep ' + dev-python/setuptools[${PYTHON_USEDEP}] + ' python3_12) + ) +" + +CONFIG_CHECK="~AUDIT" + +QA_CONFIG_IMPL_DECL_SKIP=( + # missing on musl. Uses handrolled AC_LINK_IFELSE but fails at link time + # for older compilers regardless. bug #898828 + strndupa +) + +PATCHES=( + "${FILESDIR}"/${P}-c99.patch +) + +src_prepare() { + # audisp-remote moved in multilib_src_install_all + sed -i \ + -e "s,/sbin/audisp-remote,${EPREFIX}/usr/sbin/audisp-remote," \ + audisp/plugins/remote/au-remote.conf || die + + # Disable installing sample rules so they can be installed as docs. + echo -e '%:\n\t:' | tee rules/Makefile.{am,in} >/dev/null || die + + default + eautoreconf +} + +multilib_src_configure() { + local myeconfargs=( + --sbindir="${EPREFIX}"/sbin + $(use_enable gssapi gssapi-krb5) + $(use_enable ldap zos-remote) + $(use_enable static-libs static) + $(use_with io-uring io_uring) + --enable-systemd + --without-golang + --without-libwrap + --without-python + --without-python3 + ) + + ECONF_SOURCE="${S}" econf "${myeconfargs[@]}" + + if multilib_is_native_abi && use python; then + python_configure() { + mkdir -p "${BUILD_DIR}" || die + pushd "${BUILD_DIR}" &>/dev/null || die + + ECONF_SOURCE="${S}" econf "${myeconfargs[@]}" --with-python3 + + popd &>/dev/null || die + } + + python_foreach_impl python_configure + fi +} + +src_configure() { + tc-export_build_env BUILD_{CC,CPP} + + local -x CC_FOR_BUILD="${BUILD_CC}" + local -x CPP_FOR_BUILD="${BUILD_CPP}" + + multilib-minimal_src_configure +} + +multilib_src_compile() { + if multilib_is_native_abi; then + default + + local native_build="${BUILD_DIR}" + + python_compile() { + emake -C "${BUILD_DIR}"/bindings/swig top_builddir="${native_build}" + emake -C "${BUILD_DIR}"/bindings/python/python3 top_builddir="${native_build}" + } + + use python && python_foreach_impl python_compile + else + emake -C common + emake -C lib + emake -C auparse + fi +} + +multilib_src_install() { + if multilib_is_native_abi; then + emake DESTDIR="${D}" initdir="$(systemd_get_systemunitdir)" install + + local native_build="${BUILD_DIR}" + + python_install() { + emake -C "${BUILD_DIR}"/bindings/swig DESTDIR="${D}" top_builddir="${native_build}" install + emake -C "${BUILD_DIR}"/bindings/python/python3 DESTDIR="${D}" top_builddir="${native_build}" install + python_optimize + } + + use python && python_foreach_impl python_install + + # Things like shadow use this so we need to be in / + gen_usr_ldscript -a audit auparse + else + emake -C lib DESTDIR="${D}" install + emake -C auparse DESTDIR="${D}" install + fi +} + +multilib_src_install_all() { + dodoc AUTHORS ChangeLog README* THANKS + docinto contrib + dodoc contrib/avc_snap + docinto contrib/plugin + dodoc contrib/plugin/* + docinto rules + dodoc rules/*rules + + newinitd "${FILESDIR}"/auditd-init.d-2.4.3 auditd + newconfd "${FILESDIR}"/auditd-conf.d-2.1.3 auditd + + if [[ -f "${ED}"/sbin/audisp-remote ]] ; then + dodir /usr/sbin + mv "${ED}"/{sbin,usr/sbin}/audisp-remote || die + fi + + # Gentoo rules + insinto /etc/audit + newins "${FILESDIR}"/audit.rules-2.1.3 audit.rules + doins "${FILESDIR}"/audit.rules.stop* + keepdir /etc/audit/rules.d + + # audit logs go here + keepdir /var/log/audit + + find "${ED}" -type f -name '*.la' -delete || die + + # Security + lockdown_perms "${ED}" +} + +pkg_postinst() { + lockdown_perms "${EROOT}" +} + +lockdown_perms() { + # Upstream wants these to have restrictive perms. + # Should not || die as not all paths may exist. + local basedir="${1}" + chmod 0750 "${basedir}"/sbin/au{ditctl,ditd,report,search,trace} 2>/dev/null + chmod 0750 "${basedir}"/var/log/audit 2>/dev/null + chmod 0640 "${basedir}"/etc/audit/{auditd.conf,audit*.rules*} 2>/dev/null +} diff --git a/sys-process/audit/files/audit-3.0.8-linux-headers-5.17.patch b/sys-process/audit/files/audit-3.0.8-linux-headers-5.17.patch deleted file mode 100644 index 8d41d8363822..000000000000 --- a/sys-process/audit/files/audit-3.0.8-linux-headers-5.17.patch +++ /dev/null @@ -1,41 +0,0 @@ -Upstream rejected a workaround/fix at https://github.com/linux-audit/audit-userspace/pull/253 -/ https://github.com/linux-audit/audit-userspace/issues/252#issuecomment-1078595249. - -Instead, in Fedora (same maintainer as upstream), they're patching the headers then unpatching before install. - -Apparently the swig bindings are on their way out but I'm not convinced that's going to be a quick migration given the API will.. surely change? - -It's not ideal but let's take the patch slyfox ended up using in nixpkgs anyway. - -https://bugs.gentoo.org/836702 - -From beed138222421a2eb4212d83cb889404bd7efc49 Mon Sep 17 00:00:00 2001 -From: Sergei Trofimovich -Date: Wed, 23 Mar 2022 07:27:05 +0000 -Subject: [PATCH] auditswig.i: avoid setter generation for audit_rule_data::buf - -As it's a flexible array generated code was never safe to use. -With kernel's https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ed98ea2128b6fd83bce13716edf8f5fe6c47f574 -change it's a build failure now: - - audit> audit_wrap.c:5010:15: error: invalid use of flexible array member - audit> 5010 | arg1->buf = (char [])(char *)memcpy(malloc((size)*sizeof(char)), (const char *)(arg2), sizeof(char)*(size)); - audit> | ^ - -Let's avoid setter generation entirely. - -Closes: https://github.com/linux-audit/audit-userspace/issues/252 ---- a/bindings/swig/src/auditswig.i -+++ b/bindings/swig/src/auditswig.i -@@ -39,6 +39,10 @@ signed - #define __attribute(X) /*nothing*/ - typedef unsigned __u32; - typedef unsigned uid_t; -+/* Sidestep SWIG's limitation of handling c99 Flexible arrays by not: -+ * generating setters against them: https://github.com/swig/swig/issues/1699 -+ */ -+%ignore audit_rule_data::buf; - %include "/usr/include/linux/audit.h" - #define __extension__ /*nothing*/ - %include - diff --git a/sys-process/audit/files/audit-3.1.4-c99.patch b/sys-process/audit/files/audit-3.1.4-c99.patch new file mode 100644 index 000000000000..e78d26038645 --- /dev/null +++ b/sys-process/audit/files/audit-3.1.4-c99.patch @@ -0,0 +1,599 @@ +https://bugs.gentoo.org/936080 +https://github.com/linux-audit/audit-userspace/commit/ec6763ed29a034b452a6fb568b226c57c7be30e7 + +From ec6763ed29a034b452a6fb568b226c57c7be30e7 Mon Sep 17 00:00:00 2001 +From: Yanase Yuki <41878038+zpc0@users.noreply.github.com> +Date: Tue, 14 May 2024 04:51:35 +0900 +Subject: [PATCH] Implicit builtin functions (#372) + +Correct a number of places where printf is being used without a prototype. +All cases are in libraries which should not be using printf. Change them +to return an error rather than communicate the problem. + +This is a backport of 8c7eaa7 + +Co-authored-by: Steve Grubb +--- a/audisp/audispd-llist.c ++++ b/audisp/audispd-llist.c +@@ -69,15 +69,13 @@ unsigned int plist_count_active(const conf_llist *l) + return cnt; + } + +-void plist_append(conf_llist *l, plugin_conf_t *p) ++int plist_append(conf_llist *l, plugin_conf_t *p) + { + lnode* newnode; + + newnode = malloc(sizeof(lnode)); +- if (newnode == NULL) { +- printf("Out of memory. Check %s file, %d line", __FILE__, __LINE__); +- return; +- } ++ if (newnode == NULL) ++ return 1; + + if (p) { + void *pp = malloc(sizeof(struct plugin_conf)); +@@ -98,6 +96,8 @@ void plist_append(conf_llist *l, plugin_conf_t *p) + // make newnode current + l->cur = newnode; + l->cnt++; ++ ++ return 0; + } + + void plist_clear(conf_llist* l) +--- a/audisp/audispd-llist.h ++++ b/audisp/audispd-llist.h +@@ -1,6 +1,6 @@ + /* + * audispd-llist.h - Header file for ausearch-conf_llist.c +-* Copyright (c) 2007,2013 Red Hat Inc., Durham, North Carolina. ++* Copyright (c) 2007,2013 Red Hat Inc. + * All Rights Reserved. + * + * This software may be freely redistributed and/or modified under the +@@ -51,7 +51,7 @@ unsigned int plist_count_active(const conf_llist *l); + void plist_last(conf_llist *l); + lnode *plist_next(conf_llist *l); + static inline lnode *plist_get_cur(conf_llist *l) { return l->cur; } +-void plist_append(conf_llist *l, plugin_conf_t *p); ++int plist_append(conf_llist *l, plugin_conf_t *p); + void plist_clear(conf_llist* l); + void plist_mark_all_unchecked(conf_llist* l); + lnode *plist_find_unchecked(conf_llist* l); +--- a/auparse/normalize-llist.c ++++ b/auparse/normalize-llist.c +@@ -1,6 +1,6 @@ + /* + * normalize-llist.c - Minimal linked list library +- * Copyright (c) 2016-17 Red Hat Inc., Durham, North Carolina. ++ * Copyright (c) 2016-17 Red Hat Inc. + * All Rights Reserved. + * + * This library is free software; you can redistribute it and/or +@@ -61,15 +61,14 @@ data_node *cllist_next(cllist *l) + return l->cur; + } + +-void cllist_append(cllist *l, uint32_t num, void *data) ++// Returns 0 on success and 1 on error ++int cllist_append(cllist *l, uint32_t num, void *data) + { + data_node *newnode; + + newnode = malloc(sizeof(data_node)); +- if (newnode == NULL) { +- printf("Out of memory. Check %s file, %d line", __FILE__, __LINE__); +- return; +- } ++ if (newnode == NULL) ++ return 1; + + newnode->num = num; + newnode->data = data; +@@ -84,5 +83,6 @@ void cllist_append(cllist *l, uint32_t num, void *data) + // make newnode current + l->cur = newnode; + l->cnt++; ++ return 0; + } + +--- a/auparse/normalize-llist.h ++++ b/auparse/normalize-llist.h +@@ -1,6 +1,6 @@ + /* + * normalize-llist.h - Header file for normalize-llist.c +- * Copyright (c) 2016-17 Red Hat Inc., Durham, North Carolina. ++ * Copyright (c) 2016-17 Red Hat Inc. + * All Rights Reserved. + * + * This library is free software; you can redistribute it and/or +@@ -53,7 +53,7 @@ AUDIT_HIDDEN_START + void cllist_create(cllist *l, void (*cleanup)(void *)); + void cllist_clear(cllist* l); + data_node *cllist_next(cllist *l); +-void cllist_append(cllist *l, uint32_t num, void *data); ++int cllist_append(cllist *l, uint32_t num, void *data); + + AUDIT_HIDDEN_END + +--- a/auparse/normalize.c ++++ b/auparse/normalize.c +@@ -179,7 +179,8 @@ static unsigned int add_subj_attr(auparse_state_t *au, const char *str, + if ((auparse_find_field(au, str))) { + attr = set_record(0, rnum); + attr = set_field(attr, auparse_get_field_num(au)); +- cllist_append(&D.actor.attr, attr, NULL); ++ if (cllist_append(&D.actor.attr, attr, NULL)) ++ return 1; + return 0; + } else + auparse_goto_record_num(au, rnum); +@@ -224,7 +225,8 @@ static unsigned int add_obj_attr(auparse_state_t *au, const char *str, + if ((auparse_find_field(au, str))) { + attr = set_record(0, rnum); + attr = set_field(attr, auparse_get_field_num(au)); +- cllist_append(&D.thing.attr, attr, NULL); ++ if (cllist_append(&D.thing.attr, attr, NULL)) ++ return 1; + return 0; + } else + auparse_goto_record_num(au, rnum); +@@ -360,21 +362,23 @@ static void collect_id_obj2(auparse_state_t *au, const char *syscall) + } + } + +-static void collect_path_attrs(auparse_state_t *au) ++static int collect_path_attrs(auparse_state_t *au) + { + value_t attr; + unsigned int rnum = auparse_get_record_num(au); + + auparse_first_field(au); + if (add_obj_attr(au, "mode", rnum)) +- return; // Failed opens don't have anything else ++ return 1; // Failed opens don't have anything else + + // All the rest of the fields matter + while ((auparse_next_field(au))) { + attr = set_record(0, rnum); + attr = set_field(attr, auparse_get_field_num(au)); +- cllist_append(&D.thing.attr, attr, NULL); ++ if (cllist_append(&D.thing.attr, attr, NULL)) ++ return 1; + } ++ return 0; + } + + static void collect_cwd_attrs(auparse_state_t *au) +--- a/src/auditctl-llist.c ++++ b/src/auditctl-llist.c +@@ -1,7 +1,7 @@ + /* + * ausearch-llist.c - Minimal linked list library +-* Copyright (c) 2005 Red Hat Inc., Durham, North Carolina. +-* All Rights Reserved. ++* Copyright (c) 2005 Red Hat Inc. ++* All Rights Reserved. + * + * This software may be freely redistributed and/or modified under the + * terms of the GNU General Public License as published by the Free +@@ -15,7 +15,7 @@ + * + * You should have received a copy of the GNU General Public License + * along with this program; see the file COPYING. If not, write to the +-* Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor ++* Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor + * Boston, MA 02110-1335, USA. + * + * Authors: +@@ -59,19 +59,17 @@ lnode *list_next(llist *l) + return l->cur; + } + +-void list_append(llist *l, struct audit_rule_data *r, size_t sz) ++int list_append(llist *l, struct audit_rule_data *r, size_t sz) + { + lnode* newnode; + + newnode = malloc(sizeof(lnode)); +- if (newnode == NULL) { +- printf("Out of memory. Check %s file, %d line", __FILE__, __LINE__); +- return; +- } ++ if (newnode == NULL) ++ return 1; + + if (r) { + void *rr = malloc(sz); +- if (rr) ++ if (rr) + memcpy(rr, r, sz); + newnode->r = rr; + } else +@@ -89,6 +87,8 @@ void list_append(llist *l, struct audit_rule_data *r, size_t sz) + // make newnode current + l->cur = newnode; + l->cnt++; ++ ++ return 0; + } + + void list_clear(llist* l) +--- a/src/auditctl-llist.h ++++ b/src/auditctl-llist.h +@@ -1,6 +1,6 @@ + /* + * auditctl-llist.h - Header file for ausearch-llist.c +-* Copyright (c) 2005 Red Hat Inc., Durham, North Carolina. ++* Copyright (c) 2005 Red Hat Inc. + * All Rights Reserved. + * + * This software may be freely redistributed and/or modified under the +@@ -50,7 +50,7 @@ void list_first(llist *l); + void list_last(llist *l); + lnode *list_next(llist *l); + static inline lnode *list_get_cur(llist *l) { return l->cur; } +-void list_append(llist *l, struct audit_rule_data *r, size_t sz); ++int list_append(llist *l, struct audit_rule_data *r, size_t sz); + void list_clear(llist* l); + + #endif +--- a/src/ausearch-avc.c ++++ b/src/ausearch-avc.c +@@ -1,7 +1,7 @@ + /* + * ausearch-avc.c - Minimal linked list library for avcs +-* Copyright (c) 2006,2008,2014 Red Hat Inc., Durham, North Carolina. +-* All Rights Reserved. ++* Copyright (c) 2006,2008,2014 Red Hat Inc. ++* All Rights Reserved. + * + * This software may be freely redistributed and/or modified under the + * terms of the GNU General Public License as published by the Free +@@ -15,7 +15,7 @@ + * + * You should have received a copy of the GNU General Public License + * along with this program; see the file COPYING. If not, write to the +-* Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor ++* Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor + * Boston, MA 02110-1335, USA. + * + * Authors: +@@ -62,15 +62,13 @@ static void alist_last(alist *l) + l->cur = cur; + } + +-void alist_append(alist *l, anode *node) ++int alist_append(alist *l, anode *node) + { + anode* newnode; + + newnode = malloc(sizeof(anode)); +- if (newnode == NULL) { +- printf("Out of memory. Check %s file, %d line", __FILE__, __LINE__); +- return; +- } ++ if (newnode == NULL) ++ return 1; + + if (node->scontext) + newnode->scontext = node->scontext; +@@ -108,6 +106,8 @@ void alist_append(alist *l, anode *node) + // make newnode current + l->cur = newnode; + l->cnt++; ++ ++ return 0; + } + + int alist_find_subj(alist *l) +--- a/src/ausearch-avc.h ++++ b/src/ausearch-avc.h +@@ -1,6 +1,6 @@ + /* + * ausearch-avc.h - Header file for ausearch-string.c +-* Copyright (c) 2006,2008 Red Hat Inc., Durham, North Carolina. ++* Copyright (c) 2006,2008 Red Hat Inc. + * All Rights Reserved. + * + * This software may be freely redistributed and/or modified under the +@@ -54,7 +54,7 @@ void alist_create(alist *l); + static inline void alist_first(alist *l) { l->cur = l->head; } + anode *alist_next(alist *l); + static inline anode *alist_get_cur(alist *l) { return l->cur; } +-void alist_append(alist *l, anode *node); ++int alist_append(alist *l, anode *node); + void anode_init(anode *an); + void anode_clear(anode *an); + void alist_clear(alist* l); +--- a/src/ausearch-int.c ++++ b/src/ausearch-int.c +@@ -1,6 +1,6 @@ + /* + * ausearch-int.c - Minimal linked list library for integers +-* Copyright (c) 2005,2008 Red Hat Inc., Durham, North Carolina. ++* Copyright (c) 2005,2008 Red Hat Inc. + * All Rights Reserved. + * + * This software may be freely redistributed and/or modified under the +@@ -41,15 +41,13 @@ int_node *ilist_next(ilist *l) + return l->cur; + } + +-void ilist_append(ilist *l, int num, unsigned int hits, int aux) ++int ilist_append(ilist *l, int num, unsigned int hits, int aux) + { + int_node* newnode; + + newnode = malloc(sizeof(int_node)); +- if (newnode == NULL) { +- printf("Out of memory. Check %s file, %d line", __FILE__, __LINE__); +- return; +- } ++ if (newnode == NULL) ++ return 1; + + newnode->num = num; + newnode->hits = hits; +@@ -65,6 +63,8 @@ void ilist_append(ilist *l, int num, unsigned int hits, int aux) + // make newnode current + l->cur = newnode; + l->cnt++; ++ ++ return 0; + } + + void ilist_clear(ilist* l) +--- a/src/ausearch-int.h ++++ b/src/ausearch-int.h +@@ -1,6 +1,6 @@ + /* + * ausearch-int.h - Header file for ausearch-int.c +-* Copyright (c) 2005,2008 Red Hat Inc., Durham, North Carolina. ++* Copyright (c) 2005,2008 Red Hat Inc. + * All Rights Reserved. + * + * This software may be freely redistributed and/or modified under the +@@ -48,7 +48,7 @@ void ilist_create(ilist *l); + static inline void ilist_first(ilist *l) { l->cur = l->head; } + int_node *ilist_next(ilist *l); + static inline int_node *ilist_get_cur(ilist *l) { return l->cur; } +-void ilist_append(ilist *l, int num, unsigned int hits, int aux); ++int ilist_append(ilist *l, int num, unsigned int hits, int aux); + void ilist_clear(ilist* l); + + /* append a number if its not already on the list */ +--- a/src/ausearch-llist.c ++++ b/src/ausearch-llist.c +@@ -1,6 +1,6 @@ + /* + * ausearch-llist.c - Minimal linked list library +-* Copyright (c) 2005-2008,2011,2016 Red Hat Inc., Durham, North Carolina. ++* Copyright (c) 2005-2008,2011,2016 Red Hat Inc. + * Copyright (c) 2011 IBM Corp. + * All Rights Reserved. + * +@@ -102,15 +102,13 @@ lnode *list_prev(llist *l) + return l->cur; + } + +-void list_append(llist *l, lnode *node) ++int list_append(llist *l, lnode *node) + { + lnode* newnode; + + newnode = malloc(sizeof(lnode)); +- if (newnode == NULL) { +- printf("Out of memory. Check %s file, %d line", __FILE__, __LINE__); +- return; +- } ++ if (newnode == NULL) ++ return 1; + + if (node->message) + newnode->message = node->message; +@@ -123,7 +121,7 @@ void list_append(llist *l, lnode *node) + newnode->type = node->type; + newnode->a0 = node->a0; + newnode->a1 = node->a1; +- newnode->item = l->cnt; ++ newnode->item = l->cnt; + newnode->next = NULL; + + // if we are at top, fix this up +@@ -135,6 +133,8 @@ void list_append(llist *l, lnode *node) + // make newnode current + l->cur = newnode; + l->cnt++; ++ ++ return 0; + } + + int list_find_item(llist *l, unsigned int i) +--- a/src/ausearch-llist.h ++++ b/src/ausearch-llist.h +@@ -107,7 +107,7 @@ void list_last(llist *l); + lnode *list_next(llist *l); + lnode *list_prev(llist *l); + static inline lnode *list_get_cur(llist *l) { return l->cur; } +-void list_append(llist *l, lnode *node); ++int list_append(llist *l, lnode *node); + void list_clear(llist* l); + int list_get_event(llist* l, event *e); + +--- a/src/ausearch-nvpair.c ++++ b/src/ausearch-nvpair.c +@@ -1,6 +1,6 @@ + /* + * ausearch-nvpair.c - Minimal linked list library for name-value pairs +-* Copyright (c) 2006-08 Red Hat Inc., Durham, North Carolina. ++* Copyright (c) 2006-08 Red Hat Inc. + * All Rights Reserved. + * + * This software may be freely redistributed and/or modified under the +@@ -42,13 +42,11 @@ nvnode *search_list_next(nvlist *l) + return l->cur; + } + +-void search_list_append(nvlist *l, nvnode *node) ++int search_list_append(nvlist *l, nvnode *node) + { + nvnode* newnode = malloc(sizeof(nvnode)); +- if (newnode == NULL) { +- printf("Out of memory. Check %s file, %d line", __FILE__, __LINE__); +- return; +- } ++ if (newnode == NULL) ++ return 1; + + newnode->name = node->name; + newnode->val = node->val; +@@ -66,6 +64,8 @@ void search_list_append(nvlist *l, nvnode *node) + // make newnode current + l->cur = newnode; + l->cnt++; ++ ++ return 0; + } + + int search_list_find_val(nvlist *l, long val) +--- a/src/ausearch-nvpair.h ++++ b/src/ausearch-nvpair.h +@@ -1,6 +1,6 @@ + /* + * ausearch-nvpair.h - Header file for ausearch-nvpair.c +-* Copyright (c) 2006-08 Red Hat Inc., Durham, North Carolina. ++* Copyright (c) 2006-08 Red Hat Inc. + * All Rights Reserved. + * + * This software may be freely redistributed and/or modified under the +@@ -48,7 +48,7 @@ void search_list_create(nvlist *l); + static inline void search_list_first(nvlist *l) { l->cur = l->head; } + nvnode *search_list_next(nvlist *l); + static inline nvnode *search_list_get_cur(nvlist *l) { return l->cur; } +-void search_list_append(nvlist *l, nvnode *node); ++int search_list_append(nvlist *l, nvnode *node); + void search_list_clear(nvlist* l); + + /* Given a numeric index, find that record. */ +--- a/src/ausearch-string.c ++++ b/src/ausearch-string.c +@@ -44,15 +44,13 @@ snode *slist_next(slist *l) + return l->cur; + } + +-void slist_append(slist *l, snode *node) ++int slist_append(slist *l, snode *node) + { + snode* newnode; + + newnode = malloc(sizeof(snode)); +- if (newnode == NULL) { +- printf("Out of memory. Check %s file, %d line", __FILE__, __LINE__); +- return; +- } ++ if (newnode == NULL) ++ return 1; + + if (node->str) + newnode->str = node->str; +@@ -79,6 +77,8 @@ void slist_append(slist *l, snode *node) + // make newnode current + l->cur = newnode; + l->cnt++; ++ ++ return 0; + } + + void slist_clear(slist* l) +--- a/src/ausearch-string.h ++++ b/src/ausearch-string.h +@@ -49,7 +49,7 @@ void slist_create(slist *l); + static inline void slist_first(slist *l) { l->cur = l->head; } + snode *slist_next(slist *l); + static inline snode *slist_get_cur(slist *l) { return l->cur; } +-void slist_append(slist *l, snode *node); ++int slist_append(slist *l, snode *node); + void slist_clear(slist* l); + + /* append a string if its not already on the list */ +--- a/tools/aulastlog/aulastlog-llist.c ++++ b/tools/aulastlog/aulastlog-llist.c +@@ -1,7 +1,7 @@ + /* + * aulastlog-llist.c - Minimal linked list library +-* Copyright (c) 2008 Red Hat Inc., Durham, North Carolina. +-* All Rights Reserved. ++* Copyright (c) 2008 Red Hat Inc.. ++* All Rights Reserved. + * + * This software may be freely redistributed and/or modified under the + * terms of the GNU General Public License as published by the Free +@@ -15,7 +15,7 @@ + * + * You should have received a copy of the GNU General Public License + * along with this program; see the file COPYING. If not, write to the +-* Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor ++* Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor + * Boston, MA 02110-1335, USA. + * + * Authors: +@@ -41,15 +41,13 @@ lnode *list_next(llist *l) + return l->cur; + } + +-void list_append(llist *l, lnode *node) ++int list_append(llist *l, lnode *node) + { + lnode* newnode; + + newnode = malloc(sizeof(lnode)); +- if (newnode == NULL) { +- printf("Out of memory. Check %s file, %d line", __FILE__, __LINE__); +- return; +- } ++ if (newnode == NULL) ++ return 1; + + newnode->sec = node->sec; + newnode->uid = node->uid; +@@ -62,7 +60,7 @@ void list_append(llist *l, lnode *node) + newnode->term = strdup(node->term); + else + newnode->term = NULL; +- newnode->item = l->cnt; ++ newnode->item = l->cnt; + newnode->next = NULL; + + // if we are at top, fix this up +@@ -74,6 +72,8 @@ void list_append(llist *l, lnode *node) + // make newnode current + l->cur = newnode; + l->cnt++; ++ ++ return 0; + } + + void list_clear(llist* l) +--- a/tools/aulastlog/aulastlog-llist.h ++++ b/tools/aulastlog/aulastlog-llist.h +@@ -1,6 +1,6 @@ + /* + * aulastlog-llist.h - Header file for aulastlog-llist.c +-* Copyright (c) 2008 Red Hat Inc., Durham, North Carolina. ++* Copyright (c) 2008 Red Hat Inc. + * All Rights Reserved. + * + * This software may be freely redistributed and/or modified under the +@@ -53,7 +53,7 @@ static inline void list_first(llist *l) { l->cur = l->head; } + lnode *list_next(llist *l); + static inline lnode *list_get_cur(llist *l) { return l->cur; } + static inline unsigned int list_get_cnt(llist *l) { return l->cnt; } +-void list_append(llist *l, lnode *node); ++int list_append(llist *l, lnode *node); + void list_clear(llist* l); + int list_update_login(llist* l, time_t t); + int list_update_host(llist* l, const char *h); + -- cgit v1.2.3