audit: new package

menu "System tools"

	source "package/acl/Config.in"

	source "package/attr/Config.in"

	source "package/audit/Config.in"

if BR2_PACKAGE_BUSYBOX_SHOW_OTHERS

	source "package/bootutils/Config.in"

	source "package/coreutils/Config.in"

From dceb46116a131564c1cfa7f069fd1a822879436f Mon Sep 17 00:00:00 2001

From: Clayton Shotwell <clayton.shotwell@rockwellcollins.com>

Date: Thu, 26 Mar 2015 12:33:10 -0500

Subject: [PATCH] Make zos-remote plugin optional

The zos-remote plugin is meant to use LDAP authentication to verify a

remote audit user. Add the ability to disable the plugin if the feature

is not desired.

Signed-off-by: Clayton Shotwell <clayton.shotwell@rockwellcollins.com>

---

 audisp/plugins/Makefile.am |  6 ++++--

 configure.ac               | 10 ++++++++++

 2 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/audisp/plugins/Makefile.am b/audisp/plugins/Makefile.am

index b0fa60a..2cba14b 100644

--- a/audisp/plugins/Makefile.am

+++ b/audisp/plugins/Makefile.am

@@ -22,8 +22,10 @@

 CONFIG_CLEAN_FILES = *.loT *.rej *.orig

-SUBDIRS = builtins zos-remote remote

-#SUBDIRS = builtins zos-remote

+SUBDIRS = builtins remote

+if ENABLE_ZOS_REMOTE

+SUBDIRS += zos-remote

+endif

 if HAVE_PRELUDE

 SUBDIRS += prelude

 endif

diff --git a/configure.ac b/configure.ac

index f29fa41..2e84b07 100644

--- a/configure.ac

+++ b/configure.ac

@@ -155,6 +155,16 @@ fi

 AM_CONDITIONAL(ENABLE_LISTENER, test "x$enable_listener" != "xno")

 AC_MSG_RESULT($enable_listener)

+#audisp zos-remote plugin

+AC_MSG_CHECKING(whether to include audisp ZOS remote plugin)

+AC_ARG_ENABLE(zos-remote,

+	      [AS_HELP_STRING([--disable-zos-remote],

+			      [Disable audisp ZOS remote plugin])],

+	      enable_zos_remote=$enableval,

+	      enable_zos_remote=yes)

+AM_CONDITIONAL(ENABLE_ZOS_REMOTE, test "x$enable_zos_remote" != "xno")

+AC_MSG_RESULT($enable_zos_remote)

+

 #gssapi

 AC_ARG_ENABLE(gssapi_krb5,

 	[AS_HELP_STRING([--enable-gssapi-krb5],[Enable GSSAPI Kerberos 5 support @<:@default=no@:>@])],

-- 

1.9.1

From 6d7a35dfee10d81ddc96398749645757813802fb Mon Sep 17 00:00:00 2001

From: Clayton Shotwell <clayton.shotwell@rockwellcollins.com>

Date: Tue, 31 Mar 2015 08:00:21 -0500

Subject: [PATCH] Default ADDR_NO_RANDOMIZE if not found

Some older toolchains do not declare ADDR_NO_RANDOMIZE. Add a check for

it during configure and default it if it is not found.

Signed-off-by: Clayton Shotwell <clayton.shotwell@rockwellcollins.com>

---

 auparse/interpret.c | 4 ++++

 configure.ac        | 1 +

 2 files changed, 5 insertions(+)

diff --git a/auparse/interpret.c b/auparse/interpret.c

index 0dcaa9f..a9d6691 100644

--- a/auparse/interpret.c

+++ b/auparse/interpret.c

@@ -53,6 +53,10 @@

 #include "auparse-defs.h"

 #include "gen_tables.h"

+#if !HAVE_DECL_ADDR_NO_RANDOMIZE

+# define ADDR_NO_RANDOMIZE       0x0040000

+#endif

+

 /* This is from asm/ipc.h. Copying it for now as some platforms

  * have broken headers. */

 #define SEMOP            1

diff --git a/configure.ac b/configure.ac

index 2e84b07..57aec03 100644

--- a/configure.ac

+++ b/configure.ac

@@ -66,6 +66,7 @@ AM_PROG_CC_C_O

 AC_CHECK_DECLS([MS_DIRSYNC], [], [], [[#include <sys/mount.h>]])

 AC_CHECK_DECLS([AUDIT_FEATURE_VERSION], [], [], [[#include <linux/audit.h>]])

 AC_CHECK_DECLS([AUDIT_VERSION_BACKLOG_WAIT_TIME], [], [], [[#include <linux/audit.h>]])

+AC_CHECK_DECLS([ADDR_NO_RANDOMIZE],,, [#include <sys/personality.h>])

 ALLWARNS=""

 ALLDEBUG="-g"

-- 

1.9.1

From 3f44df90f60c692127f84de090cd5337f627e1c2 Mon Sep 17 00:00:00 2001

From: Clayton Shotwell <clayton.shotwell@rockwellcollins.com>

Date: Wed, 1 Apr 2015 07:49:54 -0500

Subject: [PATCH] Do not call posix_fallocate() if unavailable

uClibc does not implement posix_fallocate(), and posix_fallocate() is

mostly only an hint to the kernel that we will need such or such

amount of space inside a file. Adding a check around the

posix_fallocate() call so it is only called when it is available.

Signed-off-by: Clayton Shotwell <clayton.shotwell@rockwellcollins.com>

---

 audisp/plugins/remote/queue.c | 2 ++

 configure.ac                  | 1 +

 2 files changed, 3 insertions(+)

diff --git a/audisp/plugins/remote/queue.c b/audisp/plugins/remote/queue.c

index 79eebd7..971e4e4 100644

--- a/audisp/plugins/remote/queue.c

+++ b/audisp/plugins/remote/queue.c

@@ -215,9 +215,11 @@ static int q_open_file(struct queue *q, const char *path)

 			return -1;

 		if (q_sync(q) != 0)

 			return -1;

+#ifdef HAVE_POSIX_FALLOCATE

 		if (posix_fallocate(q->fd, 0,

 				    (q->num_entries + 1) * q->entry_size) != 0)

 			return -1;

+#endif

 	} else {

 		uint32_t file_entries;

 		if (full_pread(q->fd, &fh, sizeof(fh), 0) != 0)

diff --git a/configure.ac b/configure.ac

index 57aec03..c14ec80 100644

--- a/configure.ac

+++ b/configure.ac

@@ -67,6 +67,7 @@ AC_CHECK_DECLS([MS_DIRSYNC], [], [], [[#include <sys/mount.h>]])

 AC_CHECK_DECLS([AUDIT_FEATURE_VERSION], [], [], [[#include <linux/audit.h>]])

 AC_CHECK_DECLS([AUDIT_VERSION_BACKLOG_WAIT_TIME], [], [], [[#include <linux/audit.h>]])

 AC_CHECK_DECLS([ADDR_NO_RANDOMIZE],,, [#include <sys/personality.h>])

+AC_CHECK_FUNCS([posix_fallocate])

 ALLWARNS=""

 ALLDEBUG="-g"

-- 

1.9.1