[gentoo-commits] repo/gentoo:master commit in: sys-process/audit/

Sam James Sun, 06 Mar 2022 01:18:53 -0800

commit:     a37a93a685bbe68410e3addaa2bc917ce49d71ef
Author:     Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Sun Mar  6 09:04:54 2022 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Sun Mar  6 09:18:29 2022 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a37a93a6


sys-process/audit: add 3.0.7

Signed-off-by: Sam James <sam <AT> gentoo.org>

 sys-process/audit/Manifest           |   1 +
 sys-process/audit/audit-3.0.7.ebuild | 162 +++++++++++++++++++++++++++++++++++
 2 files changed, 163 insertions(+)

diff --git a/sys-process/audit/Manifest b/sys-process/audit/Manifest
index 4fcfb13e54c5..e9e0be90de91 100644
--- a/sys-process/audit/Manifest
+++ b/sys-process/audit/Manifest
@@ -2,4 +2,5 @@ DIST audit-3.0.1.tar.gz 1180286 BLAKE2B 
f29687ebc76f4eb88184cce1a3da0b8ca4464b2f
 DIST audit-3.0.2.tar.gz 1184356 BLAKE2B 
13f76e9c40bc8ffc53b5499076b5cb75c2690d95414a0e1942fa9725b9617f10327a2ee676dc10cc46ba76d223f77509d305bcd22344b678443b7707cc6d10cd
 SHA512 
9e831ed6f30ac7d58f028cede97adba431bde18dfd9045c19f5e03eff52cd28db3a6792e5969f555ce51aa562662b59fa5cc5265586c6acf0b3aa1feae4d720f
 DIST audit-3.0.3.tar.gz 1186684 BLAKE2B 
53e3fbb2acc574bad86cd41e6ffe396631695321e1c02f2d0f1f1f6fed8c77f61c3513431eafb157ec11e99330b4e277f6c75eaabac6179dac2abc8826e9cc76
 SHA512 
7132fd5d90c3745cdb2cd664c8d0b74ad9108bc39940e87fd1ae3ee461c484505d5d33fa5c741caa237e79e3bf9c7e1ccb07cac81b5cbfbe59db8fc8db021fd7
 DIST audit-3.0.6.tar.gz 1190011 BLAKE2B 
93a7efad1cbea6771a73222b05aacbabc4ac61d1efb9fc2532607a94804bcac6512d0be2f4d89aa62d94fb85ba5818ffae4bf0a72676e8d549ddbec766e83e9c
 SHA512 
74734e1b1fddea086db9c5dc8c4b7817917fdf17bc7ca4e5b440aae975484d020a17c3f485f6a37b6b150a307d809e50d559d31a8cbd6f1e554933719551bcd1
+DIST audit-3.0.7.tar.gz 1180226 BLAKE2B 
706db746fb779913619da794bab24a9e890e1655bbd0abb007cbc909b32ab1d643e93953a23ef864d5e189f3447a7ddb4dca1478144cdc226f5a5594545bd28f
 SHA512 
b5662b32082fc2ac54e247aa0db5442d76afa30134ebba1d624a17004e9ccf6856bb75344af4ce9d9a0a66c03e1c6f18b7d45658d7df13ea71af0c8362e08d70
 DIST audit-3.0.tar.gz 1109442 BLAKE2B 
f9c94f7163522068f5f37163a242cb913acc87b5465f7f8550fad27ac1dc673fd7a98e208bd5e6fb136eac1fdadd659e599e7722426937481bbf8c66d86a1617
 SHA512 
b82ec73c85a8ebb5108b526673d6fe08cbe0b51376788f3ea6ed5747c4612158462893e719496dffbd723f833f84383a2d1d55fd78a3ed985ecfd19545060c88

diff --git a/sys-process/audit/audit-3.0.7.ebuild 
b/sys-process/audit/audit-3.0.7.ebuild
new file mode 100644
index 000000000000..ed9baad55d32
--- /dev/null
+++ b/sys-process/audit/audit-3.0.7.ebuild
@@ -0,0 +1,162 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+PYTHON_COMPAT=( python3_{8..10} )
+
+inherit autotools multilib-minimal toolchain-funcs python-r1 linux-info 
systemd usr-ldscript
+
+DESCRIPTION="Userspace utilities for storing and processing auditing records"
+HOMEPAGE="https://people.redhat.com/sgrubb/audit/";
+SRC_URI="https://people.redhat.com/sgrubb/audit/${P}.tar.gz";
+
+LICENSE="GPL-2+ LGPL-2.1+"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc 
~x86"
+IUSE="gssapi ldap python static-libs test"
+
+REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"
+RESTRICT="!test? ( test )"
+
+RDEPEND="gssapi? ( virtual/krb5 )
+       ldap? ( net-nds/openldap )
+       python? ( ${PYTHON_DEPS} )
+       sys-libs/libcap-ng"
+DEPEND="${RDEPEND}
+       >=sys-kernel/linux-headers-2.6.34
+       test? ( dev-libs/check )"
+BDEPEND="python? ( dev-lang/swig )"
+
+CONFIG_CHECK="~AUDIT"
+
+src_prepare() {
+       # audisp-remote moved in multilib_src_install_all
+       sed -i \
+               -e "s,/sbin/audisp-remote,${EPREFIX}/usr/sbin/audisp-remote," \
+               audisp/plugins/remote/au-remote.conf || die
+
+       # Disable installing sample rules so they can be installed as docs.
+       echo -e '%:\n\t:' | tee rules/Makefile.{am,in} >/dev/null || die
+
+       default
+       eautoreconf
+}
+
+multilib_src_configure() {
+       local -a myeconfargs=(
+               --sbindir="${EPREFIX}/sbin"
+               $(use_enable gssapi gssapi-krb5)
+               $(use_enable ldap zos-remote)
+               $(use_enable static-libs static)
+               --enable-systemd
+               --without-golang
+               --without-python
+               --without-python3
+       )
+
+       ECONF_SOURCE="${S}" econf "${myeconfargs[@]}"
+
+       if multilib_is_native_abi && use python; then
+               python_configure() {
+                       mkdir -p "${BUILD_DIR}" || die
+                       pushd "${BUILD_DIR}" &>/dev/null || die
+
+                       ECONF_SOURCE=${S} econf "${myeconfargs[@]}" 
--with-python3
+
+                       popd &>/dev/null || die
+               }
+
+               python_foreach_impl python_configure
+       fi
+}
+
+src_configure() {
+       tc-export_build_env BUILD_{CC,CPP}
+
+       local -x CC_FOR_BUILD="${BUILD_CC}"
+       local -x CPP_FOR_BUILD="${BUILD_CPP}"
+
+       multilib-minimal_src_configure
+}
+
+multilib_src_compile() {
+       if multilib_is_native_abi; then
+               default
+
+               local native_build="${BUILD_DIR}"
+               python_compile() {
+                       emake -C "${BUILD_DIR}"/bindings/swig 
top_builddir="${native_build}"
+                       emake -C "${BUILD_DIR}"/bindings/python/python3 
top_builddir="${native_build}"
+               }
+               use python && python_foreach_impl python_compile
+       else
+               emake -C common
+               emake -C lib
+               emake -C auparse
+       fi
+}
+
+multilib_src_install() {
+       if multilib_is_native_abi; then
+               emake DESTDIR="${D}" initdir="$(systemd_get_systemunitdir)" 
install
+
+               local native_build="${BUILD_DIR}"
+               python_install() {
+                       emake -C "${BUILD_DIR}"/bindings/swig DESTDIR="${D}" 
top_builddir="${native_build}" install
+                       emake -C "${BUILD_DIR}"/bindings/python/python3 
DESTDIR="${D}" top_builddir="${native_build}" install
+                       python_optimize
+               }
+
+               use python && python_foreach_impl python_install
+
+               # Things like shadow use this so we need to be in /
+               gen_usr_ldscript -a audit auparse
+       else
+               emake -C lib DESTDIR="${D}" install
+               emake -C auparse DESTDIR="${D}" install
+       fi
+}
+
+multilib_src_install_all() {
+       dodoc AUTHORS ChangeLog README* THANKS
+       docinto contrib
+       dodoc contrib/avc_snap
+       docinto contrib/plugin
+       dodoc contrib/plugin/*
+       docinto rules
+       dodoc rules/*rules
+
+       newinitd "${FILESDIR}"/auditd-init.d-2.4.3 auditd
+       newconfd "${FILESDIR}"/auditd-conf.d-2.1.3 auditd
+
+       [ -f "${ED}"/sbin/audisp-remote ] && \
+       dodir /usr/sbin && \
+       mv "${ED}"/{sbin,usr/sbin}/audisp-remote || die
+
+       # Gentoo rules
+       insinto /etc/audit
+       newins "${FILESDIR}"/audit.rules-2.1.3 audit.rules
+       doins "${FILESDIR}"/audit.rules.stop*
+
+       # audit logs go here
+       keepdir /var/log/audit
+
+       find "${ED}" -type f -name '*.la' -delete || die
+
+       # Security
+       lockdown_perms "${ED}"
+}
+
+pkg_postinst() {
+       lockdown_perms "${EROOT}"
+}
+
+lockdown_perms() {
+       # Upstream wants these to have restrictive perms.
+       # Should not || die as not all paths may exist.
+       local basedir="${1}"
+       chmod 0750 "${basedir}"/sbin/au{ditctl,ditd,report,search,trace} 
2>/dev/null
+       chmod 0750 "${basedir}"/var/log/audit 2>/dev/null
+       chmod 0640 "${basedir}"/etc/audit/{auditd.conf,audit*.rules*} 
2>/dev/null
+}

[gentoo-commits] repo/gentoo:master commit in: sys-process/audit/

Reply via email to