Bug#1060167: audit: install aliased files into /usr (DEP17 M2)

Chris Hofstaedtler Sat, 06 Jan 2024 11:12:17 -0800

Source: audit
Version: 1:3.1.2-1
Severity: normal
Tags: patch
User: helm...@debian.org
Usertags: dep17m2
X-Debbugs-CC: helm...@debian.org


Dear audit Maintainers,

please find a patch attached to install files into /usr/{lib,sbin}
instead of /{lib,sbin}, for the ongoing Debian UsrMerge effort [1].

audit is relevant now because it is installed by debootstrap, and
thus needs to be converted before base-files can be changed.

A timely upload to experimental for further validation would be very
appreciated, as well as further testing & review.

If you want to backport audit to bookworm or earlier, please use
dh_movetousr instead of the attached patch.

If during the trixie cycle your package will undergo structural
changes or any other file moves, please also see the wiki and upload
to experimental first when these changes are done.

Chris

[1] https://wiki.debian.org/UsrMerge

diff -Nru audit-3.1.2/debian/audispd-plugins.install audit-3.1.2/debian/audispd-plugins.install
--- audit-3.1.2/debian/audispd-plugins.install	2023-12-06 20:15:29.000000000 +0100
+++ audit-3.1.2/debian/audispd-plugins.install	2024-01-06 19:48:00.000000000 +0100
@@ -2,8 +2,8 @@
 etc/audit/plugins.d/au-remote.conf
 etc/audit/plugins.d/audispd-zos-remote.conf
 etc/audit/zos-remote.conf
-sbin/audisp-remote
-sbin/audispd-zos-remote
+usr/sbin/audisp-remote
+usr/sbin/audispd-zos-remote
 usr/share/man/man5/audisp-remote.conf.5
 usr/share/man/man5/zos-remote.conf.5
 usr/share/man/man8/audisp-remote.8
diff -Nru audit-3.1.2/debian/auditd.init audit-3.1.2/debian/auditd.init
--- audit-3.1.2/debian/auditd.init	2023-12-06 20:15:29.000000000 +0100
+++ audit-3.1.2/debian/auditd.init	2024-01-06 19:48:00.000000000 +0100
@@ -16,7 +16,7 @@
 PATH=/sbin:/usr/sbin:/bin:/usr/bin
 DESC="audit daemon"
 NAME=auditd
-DAEMON=/sbin/auditd
+DAEMON=/usr/sbin/auditd
 PIDFILE=/var/run/"$NAME".pid
 SCRIPTNAME=/etc/init.d/"$NAME"
 
@@ -46,11 +46,11 @@
         # Call augenrules to compile audit rules.
         case "$USE_AUGENRULES" in
                 no|NO) ;;
-                *) [ -d /etc/audit/rules.d ] && /sbin/augenrules >/dev/null ;;
+                *) [ -d /etc/audit/rules.d ] && /usr/sbin/augenrules >/dev/null ;;
         esac
 	if [ -f /etc/audit/audit.rules ]
 	then
-		/sbin/auditctl -R /etc/audit/audit.rules >/dev/null
+		/usr/sbin/auditctl -R /etc/audit/audit.rules >/dev/null
 	fi
 }
 
diff -Nru audit-3.1.2/debian/auditd.install audit-3.1.2/debian/auditd.install
--- audit-3.1.2/debian/auditd.install	2023-12-06 20:15:29.000000000 +0100
+++ audit-3.1.2/debian/auditd.install	2024-01-06 19:48:00.000000000 +0100
@@ -3,15 +3,15 @@
 etc/audit/plugins.d/af_unix.conf
 etc/audit/plugins.d/syslog.conf
 etc/audit/rules.d/audit.rules
-init.d/auditd.service lib/systemd/system
-sbin/audisp-af_unix
-sbin/audisp-syslog
-sbin/auditctl
-sbin/auditd
-sbin/augenrules
-sbin/aureport
-sbin/ausearch
-sbin/autrace
+init.d/auditd.service usr/lib/systemd/system
+usr/sbin/audisp-af_unix
+usr/sbin/audisp-syslog
+usr/sbin/auditctl
+usr/sbin/auditd
+usr/sbin/augenrules
+usr/sbin/aureport
+usr/sbin/ausearch
+usr/sbin/autrace
 usr/bin/aulast
 usr/bin/aulastlog
 usr/bin/ausyscall
diff -Nru audit-3.1.2/debian/auditd.lintian-overrides audit-3.1.2/debian/auditd.lintian-overrides
--- audit-3.1.2/debian/auditd.lintian-overrides	2023-12-06 20:15:29.000000000 +0100
+++ audit-3.1.2/debian/auditd.lintian-overrides	2024-01-06 19:48:00.000000000 +0100
@@ -1,9 +1,9 @@
 ## Only to be forked by auditd, which explicitly checks for 750
-#auditd: executable-is-not-world-readable sbin/audispd 0750 != 0755
+#auditd: executable-is-not-world-readable usr/sbin/audispd 0750 != 0755
 ## Only root can run
-#auditd: non-standard-executable-perm sbin/auditctl 0754 != 0755
-#auditd: non-standard-executable-perm sbin/auditd 0754 != 0755
-#auditd: non-standard-executable-perm sbin/autrace 0754 != 0755
+#auditd: non-standard-executable-perm usr/sbin/auditctl 0754 != 0755
+#auditd: non-standard-executable-perm usr/sbin/auditd 0754 != 0755
+#auditd: non-standard-executable-perm usr/sbin/autrace 0754 != 0755
 #auditd: non-standard-executable-perm usr/bin/aulastlog 0754 != 0755
 ## Normal users should not see what is being audited
 auditd: non-standard-dir-perm 0750 != 0755 [etc/audit/]
diff -Nru audit-3.1.2/debian/auditd.README.Debian audit-3.1.2/debian/auditd.README.Debian
--- audit-3.1.2/debian/auditd.README.Debian	2023-12-06 20:15:29.000000000 +0100
+++ audit-3.1.2/debian/auditd.README.Debian	2024-01-06 19:48:00.000000000 +0100
@@ -13,7 +13,7 @@
   /etc/systemd/system/auditd.service.d/augenrules.conf:
     [Service]
     ExecStartPost=
-    ExecStartPost=-/sbin/auditctl -R /etc/audit/audit.rules
+    ExecStartPost=-/usr/sbin/auditctl -R /etc/audit/audit.rules
 
 Check that the needed rules are present in /etc/audit/audit.rules before
 restarting the daemon.
diff -Nru audit-3.1.2/debian/changelog audit-3.1.2/debian/changelog
--- audit-3.1.2/debian/changelog	2023-12-06 20:15:29.000000000 +0100
+++ audit-3.1.2/debian/changelog	2024-01-06 19:48:00.000000000 +0100
@@ -1,3 +1,11 @@
+audit (1:3.1.2-1.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Install aliased files into canonical locations in /usr. (DEP17 M2)
+    (Closes: #-1)
+
+ -- Chris Hofstaedtler <z...@debian.org>  Sat, 06 Jan 2024 19:48:00 +0100
+
 audit (1:3.1.2-1) unstable; urgency=medium
 
   [ Christian Göttsche ]
diff -Nru audit-3.1.2/debian/libaudit1.install audit-3.1.2/debian/libaudit1.install
--- audit-3.1.2/debian/libaudit1.install	2023-12-06 20:15:29.000000000 +0100
+++ audit-3.1.2/debian/libaudit1.install	2024-01-06 19:48:00.000000000 +0100
@@ -1 +1 @@
-lib/*/libaudit.so.*
+usr/lib/*/libaudit.so.*
diff -Nru audit-3.1.2/debian/libauparse0.install audit-3.1.2/debian/libauparse0.install
--- audit-3.1.2/debian/libauparse0.install	2023-12-06 20:15:29.000000000 +0100
+++ audit-3.1.2/debian/libauparse0.install	2024-01-06 19:48:00.000000000 +0100
@@ -1 +1 @@
-lib/*/libauparse.so.*
+usr/lib/*/libauparse.so.*
diff -Nru audit-3.1.2/debian/not-installed audit-3.1.2/debian/not-installed
--- audit-3.1.2/debian/not-installed	2023-12-06 20:15:29.000000000 +0100
+++ audit-3.1.2/debian/not-installed	2024-01-06 19:48:00.000000000 +0100
@@ -1,8 +1,8 @@
 # These are already installed by dh_installexamples
 usr/share/audit/sample-rules/
 # la files
-lib/*/libaudit.la
-lib/*/libauparse.la
+usr/lib/*/libaudit.la
+usr/lib/*/libauparse.la
 usr/lib/python*/*-packages/_audit.la
 usr/lib/python*/*-packages/auparse.la
 # python caches
diff -Nru audit-3.1.2/debian/rules audit-3.1.2/debian/rules
--- audit-3.1.2/debian/rules	2023-12-06 20:15:29.000000000 +0100
+++ audit-3.1.2/debian/rules	2024-01-06 19:48:00.000000000 +0100
@@ -39,8 +39,7 @@
 # We should also have "--with-golang" but it's not available in all arch and
 # the golang binding package is arch:all anyway.
 	dh_auto_configure -- \
-		--sbindir=/sbin \
-		--libdir=/lib/${DEB_HOST_MULTIARCH} \
+		--libdir=/usr/lib/${DEB_HOST_MULTIARCH} \
 		--enable-shared=audit \
 		--enable-gssapi-krb5 \
 		--with-apparmor \
@@ -86,33 +85,10 @@
 	$(RM) debian/tmp/etc/rc.d/init.d/auditd
 	$(RM) debian/tmp/etc/sysconfig/auditd
 
-	# Move the development library to /usr/lib
-	$(RM) debian/tmp/lib/${DEB_HOST_MULTIARCH}/libaudit.so
-	$(RM) debian/tmp/lib/${DEB_HOST_MULTIARCH}/libauparse.so
-
 	# Install the default configuration
 	install -o root -g root -m 0750 -d debian/tmp/etc/audit/rules.d/
 	install -o root -g root -m 0640 rules/10-base-config.rules debian/tmp/etc/audit/rules.d/audit.rules
 
-	mkdir -p debian/tmp/usr/lib/${DEB_HOST_MULTIARCH}/
-
-	ln -s /lib/${DEB_HOST_MULTIARCH}/libaudit.so.1.0.0 \
-		debian/tmp/usr/lib/${DEB_HOST_MULTIARCH}/libaudit.so
-	ln -s /lib/${DEB_HOST_MULTIARCH}/libauparse.so.0.0.0 \
-		debian/tmp/usr/lib/${DEB_HOST_MULTIARCH}/libauparse.so
-
-	mv debian/tmp/lib/${DEB_HOST_MULTIARCH}/libaudit.a \
-		debian/tmp/usr/lib/${DEB_HOST_MULTIARCH}/libaudit.a
-	mv debian/tmp/lib/${DEB_HOST_MULTIARCH}/libauparse.a \
-		debian/tmp/usr/lib/${DEB_HOST_MULTIARCH}/libauparse.a
-
-	mkdir -p debian/tmp/usr/lib/${DEB_HOST_MULTIARCH}/pkgconfig/
-
-	mv debian/tmp/lib/${DEB_HOST_MULTIARCH}/pkgconfig/audit.pc \
-		debian/tmp/usr/lib/${DEB_HOST_MULTIARCH}/pkgconfig/audit.pc
-	mv debian/tmp/lib/${DEB_HOST_MULTIARCH}/pkgconfig/auparse.pc \
-		debian/tmp/usr/lib/${DEB_HOST_MULTIARCH}/pkgconfig/auparse.pc
-
 override_dh_installexamples:
 	dh_installexamples -XMakefile
 
@@ -125,10 +101,10 @@
 override_dh_fixperms-arch:
 	dh_fixperms -a
 	#chmod o-wx debian/auditd/usr/bin/aulastlog
-	#chmod o-wx debian/auditd/sbin/auditctl
-	#chmod o-wx debian/auditd/sbin/auditd
-	#chmod o-wx debian/auditd/sbin/autrace
-	#chmod 750 debian/auditd/sbin/audispd
+	#chmod o-wx debian/auditd/usr/sbin/auditctl
+	#chmod o-wx debian/auditd/usr/sbin/auditd
+	#chmod o-wx debian/auditd/usr/sbin/autrace
+	#chmod 750 debian/auditd/usr/sbin/audispd
 	chmod -R o-rwx debian/auditd/var/log/audit
 	chgrp adm debian/auditd/var/log/audit
 	chmod -R o-rwx debian/auditd/etc/audit debian/audispd-plugins/etc/audit

Bug#1060167: audit: install aliased files into /usr (DEP17 M2)

Reply via email to