Blame - meta-openembedded/meta-oe/recipes-security/audit/audit_3.0.9.bb - openbmc/openbmc

blob: 9621d9e335682e23a065718c7e251d826225a1e4 [file] [log] [blame]

Andrew Geissler	517393d	2023-01-13 08:55:19 -0600	[diff] [blame^]	1	SUMMARY = "User space tools for kernel auditing"
				2	DESCRIPTION = "The audit package contains the user space utilities for \
				3	storing and searching the audit records generated by the audit subsystem \
				4	in the Linux kernel."
				5	HOMEPAGE = "http://people.redhat.com/sgrubb/audit/"
				6	SECTION = "base"
				7	LICENSE = "GPL-2.0-or-later & LGPL-2.0-or-later"
				8	LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f"
				9
				10	SRC_URI = "git://github.com/linux-audit/${BPN}-userspace.git;branch=master;protocol=https \
				11	file://Fixed-swig-host-contamination-issue.patch \
				12	file://0001-Replace-__attribute_malloc__-with-__attribute__-__ma.patch \
				13	file://auditd \
				14	file://auditd.service \
				15	file://audit-volatile.conf \
				16	"
				17
				18	S = "${WORKDIR}/git"
				19	SRCREV = "81fa28e0e8b4be83ddba03de8b816a3df510c17e"
				20
				21	inherit autotools python3native python3targetconfig update-rc.d systemd
				22
				23	UPDATERCPN = "auditd"
				24	INITSCRIPT_NAME = "auditd"
				25	INITSCRIPT_PARAMS = "defaults"
				26
				27	SYSTEMD_PACKAGES = "auditd"
				28	SYSTEMD_SERVICE:auditd = "auditd.service"
				29
				30	DEPENDS = "python3 tcp-wrappers libcap-ng linux-libc-headers swig-native"
				31
				32	EXTRA_OECONF = " --with-libwrap \
				33	--enable-gssapi-krb5=no \
				34	--with-libcap-ng=yes \
				35	--with-python3=yes \
				36	--libdir=${base_libdir} \
				37	--sbindir=${base_sbindir} \
				38	--without-python \
				39	--without-golang \
				40	--disable-zos-remote \
				41	--with-arm=yes \
				42	--with-aarch64=yes \
				43	"
				44
				45	EXTRA_OEMAKE = "PYLIBVER='python${PYTHON_BASEVERSION}' \
				46	PYINC='${STAGING_INCDIR}/$(PYLIBVER)' \
				47	pyexecdir=${libdir}/python${PYTHON_BASEVERSION}/site-packages \
				48	STDINC='${STAGING_INCDIR}' \
				49	pkgconfigdir=${libdir}/pkgconfig \
				50	"
				51
				52	SUMMARY:audispd-plugins = "Plugins for the audit event dispatcher"
				53	DESCRIPTION:audispd-plugins = "The audispd-plugins package provides plugins for the real-time \
				54	interface to the audit system, audispd. These plugins can do things \
				55	like relay events to remote machines or analyze events for suspicious \
				56	behavior."
				57
				58	PACKAGES =+ "audispd-plugins"
				59	PACKAGES += "auditd ${PN}-python"
				60
				61	FILES:${PN} = "${sysconfdir}/libaudit.conf ${base_libdir}/libaudit.so.1* ${base_libdir}/libauparse.so.*"
				62	FILES:auditd = "${bindir}/* ${base_sbindir}/* ${sysconfdir}/* ${datadir}/audit/*"
				63	FILES:audispd-plugins = "${sysconfdir}/audit/audisp-remote.conf \
				64	${sysconfdir}/audit/plugins.d/au-remote.conf \
				65	${sysconfdir}/audit/plugins.d/syslog.conf \
				66	${base_sbindir}/audisp-remote \
				67	${base_sbindir}/audisp-syslog \
				68	${localstatedir}/spool/audit \
				69	"
				70	FILES:${PN}-dbg += "${libdir}/python${PYTHON_BASEVERSION}/*/.debug"
				71	FILES:${PN}-python = "${libdir}/python${PYTHON_BASEVERSION}"
				72
				73	CONFFILES:auditd = "${sysconfdir}/audit/audit.rules"
				74
				75	do_configure:prepend() {
				76	sed -e 's\|buf\[];\|buf[0];\|g' ${STAGING_INCDIR}/linux/audit.h > ${S}/lib/audit.h
				77	sed -i -e 's\|#include <linux/audit.h>\|#include "audit.h"\|g' ${S}/lib/libaudit.h
				78	}
				79
				80	do_install:append() {
				81	sed -i -e 's\|#include "audit.h"\|#include <linux/audit.h>\|g' ${D}${includedir}/libaudit.h
				82
				83	rm -f ${D}/${libdir}/python${PYTHON_BASEVERSION}/site-packages/*.a
				84	rm -f ${D}/${libdir}/python${PYTHON_BASEVERSION}/site-packages/*.la
				85
				86	# reuse auditd config
				87	[ ! -e ${D}/etc/default ] && mkdir ${D}/etc/default
				88	mv ${D}/etc/sysconfig/auditd ${D}/etc/default
				89	rmdir ${D}/etc/sysconfig/
				90
				91	# replace init.d
				92	install -D -m 0755 ${WORKDIR}/auditd ${D}/etc/init.d/auditd
				93	rm -rf ${D}/etc/rc.d
				94
				95	if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then
				96	# install systemd unit files
				97	install -d ${D}${systemd_unitdir}/system
				98	install -m 0644 ${WORKDIR}/auditd.service ${D}${systemd_unitdir}/system
				99
				100	install -d ${D}${sysconfdir}/tmpfiles.d/
				101	install -m 0644 ${WORKDIR}/audit-volatile.conf ${D}${sysconfdir}/tmpfiles.d/
				102	fi
				103
				104	# audit-2.5 doesn't install any rules by default, so we do that here
				105	mkdir -p ${D}/etc/audit ${D}/etc/audit/rules.d
				106	cp ${S}/rules/10-base-config.rules ${D}/etc/audit/rules.d/audit.rules
				107
				108	chmod 750 ${D}/etc/audit ${D}/etc/audit/rules.d
				109	chmod 640 ${D}/etc/audit/auditd.conf ${D}/etc/audit/rules.d/audit.rules
				110
				111	# Based on the audit.spec "Copy default rules into place on new installation"
				112	cp ${D}/etc/audit/rules.d/audit.rules ${D}/etc/audit/audit.rules
				113
				114	# Create /var/spool/audit directory for audisp-remote
				115	install -m 0700 -d ${D}${localstatedir}/spool/audit
				116	}