Commit 94ff0ed2 authored by Clayton Shotwell's avatar Clayton Shotwell Committed by Thomas Petazzoni
Browse files

audit: version bump 



Bumping from version 2.4.1 to 2.4.3 to drop patches that have been
picked up by the mainline.

Signed-off-by: default avatarClayton Shotwell <clayton.shotwell@rockwellcollins.com>
Signed-off-by: default avatarThomas Petazzoni <thomas.petazzoni@free-electrons.com>
parent 140c0a4a

package/audit/0001-Enable-cross-compiling.patch

deleted100644 → 0
+0 −686

File deleted.

Preview size limit exceeded, changes collapsed.

package/audit/0002-Make-zos-remote-plugin-optional.patch

deleted100644 → 0
+0 −56
Original line number Diff line number Diff line 
From dceb46116a131564c1cfa7f069fd1a822879436f Mon Sep 17 00:00:00 2001

From: Clayton Shotwell <clayton.shotwell@rockwellcollins.com>

Date: Thu, 26 Mar 2015 12:33:10 -0500

Subject: [PATCH] Make zos-remote plugin optional



The zos-remote plugin is meant to use LDAP authentication to verify a

remote audit user. Add the ability to disable the plugin if the feature

is not desired.



Signed-off-by: Clayton Shotwell <clayton.shotwell@rockwellcollins.com>

---

 audisp/plugins/Makefile.am |  6 ++++--

 configure.ac               | 10 ++++++++++

 2 files changed, 14 insertions(+), 2 deletions(-)



diff --git a/audisp/plugins/Makefile.am b/audisp/plugins/Makefile.am

index b0fa60a..2cba14b 100644

--- a/audisp/plugins/Makefile.am

+++ b/audisp/plugins/Makefile.am

@@ -22,8 +22,10 @@

 

 CONFIG_CLEAN_FILES = *.loT *.rej *.orig

 

-SUBDIRS = builtins zos-remote remote

-#SUBDIRS = builtins zos-remote

+SUBDIRS = builtins remote

+if ENABLE_ZOS_REMOTE

+SUBDIRS += zos-remote

+endif

 if HAVE_PRELUDE

 SUBDIRS += prelude

 endif

diff --git a/configure.ac b/configure.ac

index f29fa41..2e84b07 100644

--- a/configure.ac

+++ b/configure.ac

@@ -155,6 +155,16 @@ fi

 AM_CONDITIONAL(ENABLE_LISTENER, test "x$enable_listener" != "xno")

 AC_MSG_RESULT($enable_listener)

 

+#audisp zos-remote plugin

+AC_MSG_CHECKING(whether to include audisp ZOS remote plugin)

+AC_ARG_ENABLE(zos-remote,

+	      [AS_HELP_STRING([--disable-zos-remote],

+			      [Disable audisp ZOS remote plugin])],

+	      enable_zos_remote=$enableval,

+	      enable_zos_remote=yes)

+AM_CONDITIONAL(ENABLE_ZOS_REMOTE, test "x$enable_zos_remote" != "xno")

+AC_MSG_RESULT($enable_zos_remote)

+

 #gssapi

 AC_ARG_ENABLE(gssapi_krb5,

 	[AS_HELP_STRING([--enable-gssapi-krb5],[Enable GSSAPI Kerberos 5 support @<:@default=no@:>@])],

-- 

1.9.1

package/audit/0003-Default-ADDR_NO_RANDOMIZE-if-not-found.patch

deleted100644 → 0
+0 −44
Original line number Diff line number Diff line 
From 6d7a35dfee10d81ddc96398749645757813802fb Mon Sep 17 00:00:00 2001

From: Clayton Shotwell <clayton.shotwell@rockwellcollins.com>

Date: Tue, 31 Mar 2015 08:00:21 -0500

Subject: [PATCH] Default ADDR_NO_RANDOMIZE if not found



Some older toolchains do not declare ADDR_NO_RANDOMIZE. Add a check for

it during configure and default it if it is not found.



Signed-off-by: Clayton Shotwell <clayton.shotwell@rockwellcollins.com>

---

 auparse/interpret.c | 4 ++++

 configure.ac        | 1 +

 2 files changed, 5 insertions(+)



diff --git a/auparse/interpret.c b/auparse/interpret.c

index 0dcaa9f..a9d6691 100644

--- a/auparse/interpret.c

+++ b/auparse/interpret.c

@@ -53,6 +53,10 @@

 #include "auparse-defs.h"

 #include "gen_tables.h"

 

+#if !HAVE_DECL_ADDR_NO_RANDOMIZE

+# define ADDR_NO_RANDOMIZE       0x0040000

+#endif

+

 /* This is from asm/ipc.h. Copying it for now as some platforms

  * have broken headers. */

 #define SEMOP            1

diff --git a/configure.ac b/configure.ac

index 2e84b07..57aec03 100644

--- a/configure.ac

+++ b/configure.ac

@@ -66,6 +66,7 @@ AM_PROG_CC_C_O

 AC_CHECK_DECLS([MS_DIRSYNC], [], [], [[#include <sys/mount.h>]])

 AC_CHECK_DECLS([AUDIT_FEATURE_VERSION], [], [], [[#include <linux/audit.h>]])

 AC_CHECK_DECLS([AUDIT_VERSION_BACKLOG_WAIT_TIME], [], [], [[#include <linux/audit.h>]])

+AC_CHECK_DECLS([ADDR_NO_RANDOMIZE],,, [#include <sys/personality.h>])

 

 ALLWARNS=""

 ALLDEBUG="-g"

-- 

1.9.1

package/audit/0004-Do-not-call-posix_fallocate-if-unavailable.patch

deleted100644 → 0
+0 −47
Original line number Diff line number Diff line 
From 3f44df90f60c692127f84de090cd5337f627e1c2 Mon Sep 17 00:00:00 2001

From: Clayton Shotwell <clayton.shotwell@rockwellcollins.com>

Date: Wed, 1 Apr 2015 07:49:54 -0500

Subject: [PATCH] Do not call posix_fallocate() if unavailable



uClibc does not implement posix_fallocate(), and posix_fallocate() is

mostly only an hint to the kernel that we will need such or such

amount of space inside a file. Adding a check around the

posix_fallocate() call so it is only called when it is available.



Signed-off-by: Clayton Shotwell <clayton.shotwell@rockwellcollins.com>

---

 audisp/plugins/remote/queue.c | 2 ++

 configure.ac                  | 1 +

 2 files changed, 3 insertions(+)



diff --git a/audisp/plugins/remote/queue.c b/audisp/plugins/remote/queue.c

index 79eebd7..971e4e4 100644

--- a/audisp/plugins/remote/queue.c

+++ b/audisp/plugins/remote/queue.c

@@ -215,9 +215,11 @@ static int q_open_file(struct queue *q, const char *path)

 			return -1;

 		if (q_sync(q) != 0)

 			return -1;

+#ifdef HAVE_POSIX_FALLOCATE

 		if (posix_fallocate(q->fd, 0,

 				    (q->num_entries + 1) * q->entry_size) != 0)

 			return -1;

+#endif

 	} else {

 		uint32_t file_entries;

 		if (full_pread(q->fd, &fh, sizeof(fh), 0) != 0)

diff --git a/configure.ac b/configure.ac

index 57aec03..c14ec80 100644

--- a/configure.ac

+++ b/configure.ac

@@ -67,6 +67,7 @@ AC_CHECK_DECLS([MS_DIRSYNC], [], [], [[#include <sys/mount.h>]])

 AC_CHECK_DECLS([AUDIT_FEATURE_VERSION], [], [], [[#include <linux/audit.h>]])

 AC_CHECK_DECLS([AUDIT_VERSION_BACKLOG_WAIT_TIME], [], [], [[#include <linux/audit.h>]])

 AC_CHECK_DECLS([ADDR_NO_RANDOMIZE],,, [#include <sys/personality.h>])

+AC_CHECK_FUNCS([posix_fallocate])

 

 ALLWARNS=""

 ALLDEBUG="-g"

-- 

1.9.1

package/audit/0005-Fix-header-detection-when-cross-compiling.patch

deleted100644 → 0
+0 −46
Original line number Diff line number Diff line 
From ce268f342b5a921d6608b0c317734b10dc8533b0 Mon Sep 17 00:00:00 2001

From: Clayton Shotwell <clayton.shotwell@rockwellcollins.com>

Date: Wed, 8 Apr 2015 08:49:26 -0500

Subject: [PATCH] Fix header detection when cross compiling



During the build, there is a check to see if MS_DIRSYNC is defined in

mount.h. This check is used in gen_tables.c to see if linux/fs.h needs

to be included. When cross compiling on a system that does not have the

MS_DIRSYNC defined in mount.h, a compile failure is generated. To

prevent this issue, do not check for MS_DIRSYNC in the configure and

simply check to see if MS_DIRSYNC is defined before included linux/fs.h.



Signed-off-by: Clayton Shotwell <clayton.shotwell@rockwellcollins.com>

---

 configure.ac     | 1 -

 lib/gen_tables.c | 2 +-

 2 files changed, 1 insertion(+), 2 deletions(-)



diff --git a/configure.ac b/configure.ac

index c14ec80..e63684b 100644

--- a/configure.ac

+++ b/configure.ac

@@ -63,7 +63,6 @@ AC_C_INLINE

 AC_CHECK_SIZEOF([unsigned int])

 AC_CHECK_SIZEOF([unsigned long])

 AM_PROG_CC_C_O

-AC_CHECK_DECLS([MS_DIRSYNC], [], [], [[#include <sys/mount.h>]])

 AC_CHECK_DECLS([AUDIT_FEATURE_VERSION], [], [], [[#include <linux/audit.h>]])

 AC_CHECK_DECLS([AUDIT_VERSION_BACKLOG_WAIT_TIME], [], [], [[#include <linux/audit.h>]])

 AC_CHECK_DECLS([ADDR_NO_RANDOMIZE],,, [#include <sys/personality.h>])

diff --git a/lib/gen_tables.c b/lib/gen_tables.c

index 8606a39..9f25b50 100644

--- a/lib/gen_tables.c

+++ b/lib/gen_tables.c

@@ -33,7 +33,7 @@

 #include <sys/stat.h>

 #include <sys/personality.h>

 #include <sys/mount.h>

-#if !HAVE_DECL_MS_DIRSYNC

+#ifndef MS_DIRSYNC

 #include <linux/fs.h>

 #endif

 #include "gen_tables.h"

-- 

1.9.1