From e16aa2564c16d3ce0e98205208b093994ee9bcb5 Mon Sep 17 00:00:00 2001 From: Sergio Correia Date: Wed, 3 Nov 2021 09:46:18 -0300 Subject: [PATCH] Update dependency to initscripts-service instead of initscripts Resolves: rhbz#2000933 --- ...tions-file-from-initscripts-in-audit.patch | 801 ++++++++++++++++++ audit.spec | 18 +- 2 files changed, 816 insertions(+), 3 deletions(-) create mode 100644 0003-Carry-functions-file-from-initscripts-in-audit.patch diff --git a/0003-Carry-functions-file-from-initscripts-in-audit.patch b/0003-Carry-functions-file-from-initscripts-in-audit.patch new file mode 100644 index 0000000..d94e3d3 --- /dev/null +++ b/0003-Carry-functions-file-from-initscripts-in-audit.patch @@ -0,0 +1,801 @@ +From a474b904deb127a766ef8c9b5ef899e5ff801346 Mon Sep 17 00:00:00 2001 +From: Sergio Correia +Date: Tue, 31 Aug 2021 11:04:42 -0300 +Subject: [PATCH] Carry functions file from initscripts in audit + +Also update legacy service actions to use updated functions file. +--- + init.d/auditd.init | 2 +- + init.d/auditd.reload | 2 +- + init.d/auditd.resume | 2 +- + init.d/auditd.rotate | 2 +- + init.d/auditd.state | 2 +- + init.d/auditd.stop | 2 +- + init.d/functions | 697 +++++++++++++++++++++++++++++++++++++++++++ + 7 files changed, 703 insertions(+), 6 deletions(-) + create mode 100644 init.d/functions + +diff --git a/init.d/auditd.init b/init.d/auditd.init +index cfb4af8..f2150f2 100644 +--- a/init.d/auditd.init ++++ b/init.d/auditd.init +@@ -29,7 +29,7 @@ PATH=/sbin:/bin:/usr/bin:/usr/sbin + prog="auditd" + + # Source function library. +-. /etc/init.d/functions ++. /usr/share/audit/functions + + # Allow anyone to run status + if [ "$1" = "status" ] ; then +diff --git a/init.d/auditd.reload b/init.d/auditd.reload +index 9c30295..5341a9a 100644 +--- a/init.d/auditd.reload ++++ b/init.d/auditd.reload +@@ -7,7 +7,7 @@ test $(id -u) = 0 || exit 4 + + PATH=/sbin:/bin:/usr/bin:/usr/sbin + prog="auditd" +-. /etc/rc.d/init.d/functions ++. /usr/share/audit/functions + + printf "Reconfiguring: " + /sbin/augenrules --load +diff --git a/init.d/auditd.resume b/init.d/auditd.resume +index f1d2157..01cc42d 100644 +--- a/init.d/auditd.resume ++++ b/init.d/auditd.resume +@@ -7,7 +7,7 @@ test $(id -u) = 0 || exit 4 + + PATH=/sbin:/bin:/usr/bin:/usr/sbin + prog="auditd" +-. /etc/rc.d/init.d/functions ++. /usr/share/audit/functions + + printf "Resuming logging: " + killproc $prog -USR2 +diff --git a/init.d/auditd.rotate b/init.d/auditd.rotate +index 2b13cf7..94728c8 100644 +--- a/init.d/auditd.rotate ++++ b/init.d/auditd.rotate +@@ -7,7 +7,7 @@ test $(id -u) = 0 || exit 4 + + PATH=/sbin:/bin:/usr/bin:/usr/sbin + prog="auditd" +-. /etc/rc.d/init.d/functions ++. /usr/share/audit/functions + + printf "Rotating logs: " + killproc $prog -USR1 +diff --git a/init.d/auditd.state b/init.d/auditd.state +index c7e291e..04bb4f5 100644 +--- a/init.d/auditd.state ++++ b/init.d/auditd.state +@@ -8,7 +8,7 @@ test $(id -u) = 0 || exit 4 + PATH=/sbin:/bin:/usr/bin:/usr/sbin + prog="auditd" + state_file="/var/run/auditd.state" +-. /etc/rc.d/init.d/functions ++. /usr/share/audit/functions + + printf "Getting auditd internal state: " + killproc $prog -CONT +diff --git a/init.d/auditd.stop b/init.d/auditd.stop +index 7c74723..de6f264 100644 +--- a/init.d/auditd.stop ++++ b/init.d/auditd.stop +@@ -7,7 +7,7 @@ test $(id -u) = 0 || exit 4 + + PATH=/sbin:/bin:/usr/bin:/usr/sbin + prog="auditd" +-. /etc/rc.d/init.d/functions ++. /usr/share/audit/functions + pid="$(__pids_pidof "$prog")" + + printf "Stopping logging: " +diff --git a/init.d/functions b/init.d/functions +new file mode 100644 +index 0000000..e557619 +--- /dev/null ++++ b/init.d/functions +@@ -0,0 +1,697 @@ ++# -*-Shell-script-*- ++# ++# functions This file contains functions to be used by most or all ++# shell scripts in the /etc/init.d directory. ++# ++ ++TEXTDOMAIN=initscripts ++ ++# Make sure umask is sane ++umask 022 ++ ++# Set up a default search path. ++PATH="/sbin:/usr/sbin:/bin:/usr/bin" ++export PATH ++ ++if [ $PPID -ne 1 -a -z "$SYSTEMCTL_SKIP_REDIRECT" ] && \ ++ [ -d /run/systemd/system ] ; then ++ case "$0" in ++ /etc/init.d/*|/etc/rc.d/init.d/*) ++ _use_systemctl=1 ++ ;; ++ esac ++fi ++ ++systemctl_redirect () { ++ local s ++ local prog=${1##*/} ++ local command=$2 ++ local options="" ++ ++ case "$command" in ++ start) ++ s=$"Starting $prog (via systemctl): " ++ ;; ++ stop) ++ s=$"Stopping $prog (via systemctl): " ++ ;; ++ reload|try-reload) ++ s=$"Reloading $prog configuration (via systemctl): " ++ ;; ++ restart|try-restart|condrestart) ++ s=$"Restarting $prog (via systemctl): " ++ ;; ++ esac ++ ++ if [ -n "$SYSTEMCTL_IGNORE_DEPENDENCIES" ] ; then ++ options="--ignore-dependencies" ++ fi ++ ++ if ! systemctl show "$prog.service" > /dev/null 2>&1 || \ ++ systemctl show -p LoadState "$prog.service" | grep -q 'not-found' ; then ++ action $"Reloading systemd: " /bin/systemctl daemon-reload ++ fi ++ ++ action "$s" /bin/systemctl $options $command "$prog.service" ++} ++ ++# Get a sane screen width ++[ -z "${COLUMNS:-}" ] && COLUMNS=80 ++ ++# Read in our configuration ++if [ -z "${BOOTUP:-}" ]; then ++ if [ -f /etc/sysconfig/init ]; then ++ . /etc/sysconfig/init ++ else ++ # verbose ->> very (very!) old bootup look (prior to RHL-6.0?) ++ # color ->> default bootup look ++ # other ->> default bootup look without ANSI colors or positioning ++ BOOTUP=color ++ # Column to start "[ OK ]" label in: ++ RES_COL=60 ++ # terminal sequence to move to that column: ++ MOVE_TO_COL="echo -en \\033[${RES_COL}G" ++ # Terminal sequence to set color to a 'success' (bright green): ++ SETCOLOR_SUCCESS="echo -en \\033[1;32m" ++ # Terminal sequence to set color to a 'failure' (bright red): ++ SETCOLOR_FAILURE="echo -en \\033[1;31m" ++ # Terminal sequence to set color to a 'warning' (bright yellow): ++ SETCOLOR_WARNING="echo -en \\033[1;33m" ++ # Terminal sequence to reset to the default color: ++ SETCOLOR_NORMAL="echo -en \\033[0;39m" ++ ++ # Verbosity of logging: ++ LOGLEVEL=1 ++ fi ++ ++ # NOTE: /dev/ttyS* is serial console. "not a tty" is such as ++ # /dev/null associated when executed under systemd service units. ++ if LANG=C tty | grep -q -e '\(/dev/ttyS\|not a tty\)'; then ++ BOOTUP=serial ++ MOVE_TO_COL= ++ SETCOLOR_SUCCESS= ++ SETCOLOR_FAILURE= ++ SETCOLOR_WARNING= ++ SETCOLOR_NORMAL= ++ fi ++fi ++ ++# Check if any of $pid (could be plural) are running ++checkpid() { ++ local i ++ ++ for i in $* ; do ++ [ -d "/proc/$i" ] && return 0 ++ done ++ return 1 ++} ++ ++__kill_pids_term_kill_checkpids() { ++ local base_stime=$1 ++ shift 1 ++ local pid= ++ local pids=$* ++ local remaining= ++ local stat= ++ local stime= ++ ++ for pid in $pids ; do ++ [ ! -e "/proc/$pid" ] && continue ++ read -r line < "/proc/$pid/stat" 2> /dev/null ++ ++ stat=($line) ++ stime=${stat[21]} ++ ++ [ -n "$stime" ] && [ "$base_stime" -lt "$stime" ] && continue ++ remaining+="$pid " ++ done ++ ++ echo "$remaining" ++ [ -n "$remaining" ] && return 1 ++ ++ return 0 ++} ++ ++__kill_pids_term_kill() { ++ local try=0 ++ local delay=3; ++ local pid= ++ local stat= ++ local base_stime= ++ ++ # We can't initialize stat & base_stime on the same line where 'local' ++ # keyword is, otherwise the sourcing of this file will fail for ksh... ++ stat=($(< /proc/self/stat)) ++ base_stime=${stat[21]} ++ ++ if [ "$1" = "-d" ]; then ++ delay=$2 ++ shift 2 ++ fi ++ ++ local kill_list=$* ++ ++ kill_list=$(__kill_pids_term_kill_checkpids $base_stime $kill_list) ++ ++ [ -z "$kill_list" ] && return 0 ++ ++ kill -TERM $kill_list >/dev/null 2>&1 ++ sleep 0.1 ++ ++ kill_list=$(__kill_pids_term_kill_checkpids $base_stime $kill_list) ++ if [ -n "$kill_list" ] ; then ++ while [ $try -lt $delay ] ; do ++ sleep 1 ++ kill_list=$(__kill_pids_term_kill_checkpids $base_stime $kill_list) ++ [ -z "$kill_list" ] && break ++ let try+=1 ++ done ++ if [ -n "$kill_list" ] ; then ++ kill -KILL $kill_list >/dev/null 2>&1 ++ sleep 0.1 ++ kill_list=$(__kill_pids_term_kill_checkpids $base_stime $kill_list) ++ fi ++ fi ++ ++ [ -n "$kill_list" ] && return 1 ++ return 0 ++} ++ ++# __proc_pids {program} [pidfile] ++# Set $pid to pids from /run* for {program}. $pid should be declared ++# local in the caller. ++# Returns LSB exit code for the 'status' action. ++__pids_var_run() { ++ local base=${1##*/} ++ local pid_file=${2:-/run/$base.pid} ++ local pid_dir=$(/usr/bin/dirname $pid_file > /dev/null) ++ local binary=$3 ++ ++ [ -d "$pid_dir" ] && [ ! -r "$pid_dir" ] && return 4 ++ ++ pid= ++ if [ -f "$pid_file" ] ; then ++ local line p ++ ++ [ ! -r "$pid_file" ] && return 4 # "user had insufficient privilege" ++ while : ; do ++ read line ++ [ -z "$line" ] && break ++ for p in $line ; do ++ if [ -z "${p//[0-9]/}" ] && [ -d "/proc/$p" ] ; then ++ if [ -n "$binary" ] ; then ++ local b=$(readlink /proc/$p/exe | sed -e 's/\s*(deleted)$//') ++ [ "$b" != "$binary" ] && continue ++ fi ++ pid="$pid $p" ++ fi ++ done ++ done < "$pid_file" ++ ++ if [ -n "$pid" ]; then ++ return 0 ++ fi ++ return 1 # "Program is dead and /run pid file exists" ++ fi ++ return 3 # "Program is not running" ++} ++ ++# Output PIDs of matching processes, found using pidof ++__pids_pidof() { ++ pidof -c -o $$ -o $PPID -o %PPID -x "$1" || \ ++ pidof -c -o $$ -o $PPID -o %PPID -x "${1##*/}" ++} ++ ++ ++# A function to start a program. ++daemon() { ++ # Test syntax. ++ local gotbase= force= nicelevel corelimit ++ local pid base= user= nice= bg= pid_file= ++ local cgroup= ++ nicelevel=0 ++ while [ "$1" != "${1##[-+]}" ]; do ++ case $1 in ++ '') ++ echo $"$0: Usage: daemon [+/-nicelevel] {program}" "[arg1]..." ++ return 1 ++ ;; ++ --check) ++ base=$2 ++ gotbase="yes" ++ shift 2 ++ ;; ++ --check=?*) ++ base=${1#--check=} ++ gotbase="yes" ++ shift ++ ;; ++ --user) ++ user=$2 ++ shift 2 ++ ;; ++ --user=?*) ++ user=${1#--user=} ++ shift ++ ;; ++ --pidfile) ++ pid_file=$2 ++ shift 2 ++ ;; ++ --pidfile=?*) ++ pid_file=${1#--pidfile=} ++ shift ++ ;; ++ --force) ++ force="force" ++ shift ++ ;; ++ [-+][0-9]*) ++ nice="nice -n $1" ++ shift ++ ;; ++ *) ++ echo $"$0: Usage: daemon [+/-nicelevel] {program}" "[arg1]..." ++ return 1 ++ ;; ++ esac ++ done ++ ++ # Save basename. ++ [ -z "$gotbase" ] && base=${1##*/} ++ ++ # See if it's already running. Look *only* at the pid file. ++ __pids_var_run "$base" "$pid_file" ++ ++ [ -n "$pid" -a -z "$force" ] && return ++ ++ # make sure it doesn't core dump anywhere unless requested ++ corelimit="ulimit -S -c ${DAEMON_COREFILE_LIMIT:-0}" ++ ++ # if they set NICELEVEL in /etc/sysconfig/foo, honor it ++ [ -n "${NICELEVEL:-}" ] && nice="nice -n $NICELEVEL" ++ ++ # Echo daemon ++ [ "${BOOTUP:-}" = "verbose" -a -z "${LSB:-}" ] && echo -n " $base" ++ ++ # And start it up. ++ if [ -z "$user" ]; then ++ $nice /bin/bash -c "$corelimit >/dev/null 2>&1 ; $*" ++ else ++ $nice runuser -s /bin/bash $user -c "$corelimit >/dev/null 2>&1 ; $*" ++ fi ++ ++ [ "$?" -eq 0 ] && success $"$base startup" || failure $"$base startup" ++} ++ ++# A function to stop a program. ++killproc() { ++ local RC killlevel= base pid pid_file= delay try binary= ++ ++ RC=0; delay=3; try=0 ++ # Test syntax. ++ if [ "$#" -eq 0 ]; then ++ echo $"Usage: killproc [-p {pidfile} [-b {binary}]] [-d {delay}] {program} [-signal]" ++ return 1 ++ fi ++ if [ "$1" = "-p" ]; then ++ pid_file=$2 ++ shift 2 ++ fi ++ if [ "$1" = "-b" ]; then ++ if [ -z $pid_file ]; then ++ echo $"-b option can be used only with -p" ++ echo $"Usage: killproc [-p {pidfile} [-b {binary}]] [-d {delay}] {program} [-signal]" ++ return 1 ++ fi ++ binary=$2 ++ shift 2 ++ fi ++ if [ "$1" = "-d" ]; then ++ delay=$(echo $2 | awk -v RS=' ' -v IGNORECASE=1 '{if($1!~/^[0-9.]+[smhd]?$/) exit 1;d=$1~/s$|^[0-9.]*$/?1:$1~/m$/?60:$1~/h$/?60*60:$1~/d$/?24*60*60:-1;if(d==-1) exit 1;delay+=d*$1} END {printf("%d",delay+0.5)}') ++ if [ "$?" -eq 1 ]; then ++ echo $"Usage: killproc [-p {pidfile} [-b {binary}]] [-d {delay}] {program} [-signal]" ++ return 1 ++ fi ++ shift 2 ++ fi ++ ++ ++ # check for second arg to be kill level ++ [ -n "${2:-}" ] && killlevel=$2 ++ ++ # Save basename. ++ base=${1##*/} ++ ++ # Find pid. ++ __pids_var_run "$1" "$pid_file" "$binary" ++ RC=$? ++ if [ -z "$pid" ]; then ++ if [ -z "$pid_file" ]; then ++ pid="$(__pids_pidof "$1")" ++ else ++ [ "$RC" = "4" ] && { failure $"$base shutdown" ; return $RC ;} ++ fi ++ fi ++ ++ # Kill it. ++ if [ -n "$pid" ] ; then ++ [ "$BOOTUP" = "verbose" -a -z "${LSB:-}" ] && echo -n "$base " ++ if [ -z "$killlevel" ] ; then ++ __kill_pids_term_kill -d $delay $pid ++ RC=$? ++ [ "$RC" -eq 0 ] && success $"$base shutdown" || failure $"$base shutdown" ++ # use specified level only ++ else ++ if checkpid $pid; then ++ kill $killlevel $pid >/dev/null 2>&1 ++ RC=$? ++ [ "$RC" -eq 0 ] && success $"$base $killlevel" || failure $"$base $killlevel" ++ elif [ -n "${LSB:-}" ]; then ++ RC=7 # Program is not running ++ fi ++ fi ++ else ++ if [ -n "${LSB:-}" -a -n "$killlevel" ]; then ++ RC=7 # Program is not running ++ else ++ failure $"$base shutdown" ++ RC=0 ++ fi ++ fi ++ ++ # Remove pid file if any. ++ if [ -z "$killlevel" ]; then ++ rm -f "${pid_file:-/run/$base.pid}" ++ fi ++ return $RC ++} ++ ++# A function to find the pid of a program. Looks *only* at the pidfile ++pidfileofproc() { ++ local pid ++ ++ # Test syntax. ++ if [ "$#" = 0 ] ; then ++ echo $"Usage: pidfileofproc {program}" ++ return 1 ++ fi ++ ++ __pids_var_run "$1" ++ [ -n "$pid" ] && echo $pid ++ return 0 ++} ++ ++# A function to find the pid of a program. ++pidofproc() { ++ local RC pid pid_file= ++ ++ # Test syntax. ++ if [ "$#" = 0 ]; then ++ echo $"Usage: pidofproc [-p {pidfile}] {program}" ++ return 1 ++ fi ++ if [ "$1" = "-p" ]; then ++ pid_file=$2 ++ shift 2 ++ fi ++ fail_code=3 # "Program is not running" ++ ++ # First try "/run/*.pid" files ++ __pids_var_run "$1" "$pid_file" ++ RC=$? ++ if [ -n "$pid" ]; then ++ echo $pid ++ return 0 ++ fi ++ ++ [ -n "$pid_file" ] && return $RC ++ __pids_pidof "$1" || return $RC ++} ++ ++status() { ++ local base pid lock_file= pid_file= binary= ++ ++ # Test syntax. ++ if [ "$#" = 0 ] ; then ++ echo $"Usage: status [-p {pidfile}] [-l {lockfile}] [-b {binary}] {program}" ++ return 1 ++ fi ++ if [ "$1" = "-p" ]; then ++ pid_file=$2 ++ shift 2 ++ fi ++ if [ "$1" = "-l" ]; then ++ lock_file=$2 ++ shift 2 ++ fi ++ if [ "$1" = "-b" ]; then ++ if [ -z $pid_file ]; then ++ echo $"-b option can be used only with -p" ++ echo $"Usage: status [-p {pidfile}] [-l {lockfile}] [-b {binary}] {program}" ++ return 1 ++ fi ++ binary=$2 ++ shift 2 ++ fi ++ base=${1##*/} ++ ++ if [ "$_use_systemctl" = "1" ]; then ++ systemctl status ${0##*/}.service ++ ret=$? ++ # LSB daemons that dies abnormally in systemd looks alive in systemd's eyes due to RemainAfterExit=yes ++ # lets adjust the reality a little bit ++ if systemctl show -p ActiveState ${0##*/}.service | grep -q '=active$' && \ ++ systemctl show -p SubState ${0##*/}.service | grep -q '=exited$' ; then ++ ret=3 ++ fi ++ return $ret ++ fi ++ ++ # First try "pidof" ++ __pids_var_run "$1" "$pid_file" "$binary" ++ RC=$? ++ if [ -z "$pid_file" -a -z "$pid" ]; then ++ pid="$(__pids_pidof "$1")" ++ fi ++ if [ -n "$pid" ]; then ++ echo $"${base} (pid $pid) is running..." ++ return 0 ++ fi ++ ++ case "$RC" in ++ 0) ++ echo $"${base} (pid $pid) is running..." ++ return 0 ++ ;; ++ 1) ++ echo $"${base} dead but pid file exists" ++ return 1 ++ ;; ++ 4) ++ echo $"${base} status unknown due to insufficient privileges." ++ return 4 ++ ;; ++ esac ++ if [ -z "${lock_file}" ]; then ++ lock_file=${base} ++ fi ++ # See if /var/lock/subsys/${lock_file} exists ++ if [ -f /var/lock/subsys/${lock_file} ]; then ++ echo $"${base} dead but subsys locked" ++ return 2 ++ fi ++ echo $"${base} is stopped" ++ return 3 ++} ++ ++echo_success() { ++ [ "$BOOTUP" = "color" ] && $MOVE_TO_COL ++ echo -n "[" ++ [ "$BOOTUP" = "color" ] && $SETCOLOR_SUCCESS ++ echo -n $" OK " ++ [ "$BOOTUP" = "color" ] && $SETCOLOR_NORMAL ++ echo -n "]" ++ echo -ne "\r" ++ return 0 ++} ++ ++echo_failure() { ++ [ "$BOOTUP" = "color" ] && $MOVE_TO_COL ++ echo -n "[" ++ [ "$BOOTUP" = "color" ] && $SETCOLOR_FAILURE ++ echo -n $"FAILED" ++ [ "$BOOTUP" = "color" ] && $SETCOLOR_NORMAL ++ echo -n "]" ++ echo -ne "\r" ++ return 1 ++} ++ ++echo_passed() { ++ [ "$BOOTUP" = "color" ] && $MOVE_TO_COL ++ echo -n "[" ++ [ "$BOOTUP" = "color" ] && $SETCOLOR_WARNING ++ echo -n $"PASSED" ++ [ "$BOOTUP" = "color" ] && $SETCOLOR_NORMAL ++ echo -n "]" ++ echo -ne "\r" ++ return 1 ++} ++ ++echo_warning() { ++ [ "$BOOTUP" = "color" ] && $MOVE_TO_COL ++ echo -n "[" ++ [ "$BOOTUP" = "color" ] && $SETCOLOR_WARNING ++ echo -n $"WARNING" ++ [ "$BOOTUP" = "color" ] && $SETCOLOR_NORMAL ++ echo -n "]" ++ echo -ne "\r" ++ return 1 ++} ++ ++# Inform the graphical boot of our current state ++update_boot_stage() { ++ if [ -x /bin/plymouth ]; then ++ /bin/plymouth --update="$1" ++ fi ++ return 0 ++} ++ ++# Log that something succeeded ++success() { ++ [ "$BOOTUP" != "verbose" -a -z "${LSB:-}" ] && echo_success ++ return 0 ++} ++ ++# Log that something failed ++failure() { ++ local rc=$? ++ [ "$BOOTUP" != "verbose" -a -z "${LSB:-}" ] && echo_failure ++ [ -x /bin/plymouth ] && /bin/plymouth --details ++ return $rc ++} ++ ++# Log that something passed, but may have had errors. Useful for fsck ++passed() { ++ local rc=$? ++ [ "$BOOTUP" != "verbose" -a -z "${LSB:-}" ] && echo_passed ++ return $rc ++} ++ ++# Log a warning ++warning() { ++ local rc=$? ++ [ "$BOOTUP" != "verbose" -a -z "${LSB:-}" ] && echo_warning ++ return $rc ++} ++ ++# Run some action. Log its output. ++action() { ++ local STRING rc ++ ++ STRING=$1 ++ echo -n "$STRING " ++ shift ++ "$@" && success $"$STRING" || failure $"$STRING" ++ rc=$? ++ echo ++ return $rc ++} ++ ++# returns OK if $1 contains $2 ++strstr() { ++ [ "${1#*$2*}" = "$1" ] && return 1 ++ return 0 ++} ++ ++# Check whether file $1 is a backup or rpm-generated file and should be ignored ++# Copy of the function is present in usr/sbin/service ++is_ignored_file() { ++ case "$1" in ++ *~ | *.bak | *.old | *.orig | *.rpmnew | *.rpmorig | *.rpmsave) ++ return 0 ++ ;; ++ esac ++ return 1 ++} ++ ++# Convert the value ${1} of time unit ${2}-seconds into seconds: ++convert2sec() { ++ local retval="" ++ ++ case "${2}" in ++ deci) retval=$(awk "BEGIN {printf \"%.1f\", ${1} / 10}") ;; ++ centi) retval=$(awk "BEGIN {printf \"%.2f\", ${1} / 100}") ;; ++ mili) retval=$(awk "BEGIN {printf \"%.3f\", ${1} / 1000}") ;; ++ micro) retval=$(awk "BEGIN {printf \"%.6f\", ${1} / 1000000}") ;; ++ nano) retval=$(awk "BEGIN {printf \"%.9f\", ${1} / 1000000000}") ;; ++ piko) retval=$(awk "BEGIN {printf \"%.12f\", ${1} / 1000000000000}") ;; ++ esac ++ ++ echo "${retval}" ++} ++ ++# Evaluate shvar-style booleans ++is_true() { ++ case "$1" in ++ [tT] | [yY] | [yY][eE][sS] | [oO][nN] | [tT][rR][uU][eE] | 1) ++ return 0 ++ ;; ++ esac ++ return 1 ++} ++ ++# Evaluate shvar-style booleans ++is_false() { ++ case "$1" in ++ [fF] | [nN] | [nN][oO] | [oO][fF][fF] | [fF][aA][lL][sS][eE] | 0) ++ return 0 ++ ;; ++ esac ++ return 1 ++} ++ ++# Apply sysctl settings, including files in /etc/sysctl.d ++apply_sysctl() { ++ if [ -x /lib/systemd/systemd-sysctl ]; then ++ /lib/systemd/systemd-sysctl ++ else ++ for file in /usr/lib/sysctl.d/*.conf ; do ++ is_ignored_file "$file" && continue ++ [ -f /run/sysctl.d/${file##*/} ] && continue ++ [ -f /etc/sysctl.d/${file##*/} ] && continue ++ test -f "$file" && sysctl -e -p "$file" >/dev/null 2>&1 ++ done ++ for file in /run/sysctl.d/*.conf ; do ++ is_ignored_file "$file" && continue ++ [ -f /etc/sysctl.d/${file##*/} ] && continue ++ test -f "$file" && sysctl -e -p "$file" >/dev/null 2>&1 ++ done ++ for file in /etc/sysctl.d/*.conf ; do ++ is_ignored_file "$file" && continue ++ test -f "$file" && sysctl -e -p "$file" >/dev/null 2>&1 ++ done ++ sysctl -e -p /etc/sysctl.conf >/dev/null 2>&1 ++ fi ++} ++ ++# A sed expression to filter out the files that is_ignored_file recognizes ++__sed_discard_ignored_files='/\(~\|\.bak\|\.old\|\.orig\|\.rpmnew\|\.rpmorig\|\.rpmsave\)$/d' ++ ++if [ "$_use_systemctl" = "1" ]; then ++ if [ "x$1" = xstart -o \ ++ "x$1" = xstop -o \ ++ "x$1" = xrestart -o \ ++ "x$1" = xreload -o \ ++ "x$1" = xtry-restart -o \ ++ "x$1" = xforce-reload -o \ ++ "x$1" = xcondrestart ] ; then ++ ++ systemctl_redirect $0 $1 ++ exit $? ++ fi ++fi ++ ++strstr "$(cat /proc/cmdline)" "rc.debug" && set -x ++return 0 ++ +-- +2.31.1 + diff --git a/audit.spec b/audit.spec index d3026b0..fa841b7 100644 --- a/audit.spec +++ b/audit.spec @@ -2,7 +2,7 @@ Summary: User space tools for kernel auditing Name: audit Version: 3.0.5 -Release: 2%{?dist} +Release: 3%{?dist} License: GPLv2+ URL: http://people.redhat.com/sgrubb/audit/ Source0: http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz @@ -10,6 +10,7 @@ Source1: https://www.gnu.org/licenses/lgpl-2.1.txt Patch1: 0001-Add-ausysrulevalidate.patch Patch2: 0002-audit-3.0.6-time.patch +Patch3: 0003-Carry-functions-file-from-initscripts-in-audit.patch BuildRequires: make gcc swig BuildRequires: openldap-devel @@ -19,8 +20,8 @@ BuildRequires: systemd Requires: %{name}-libs%{?_isa} = %{version}-%{release} Requires(post): systemd coreutils -Requires(preun): systemd initscripts -Requires(postun): systemd coreutils initscripts +Requires(preun): systemd initscripts-service +Requires(postun): systemd coreutils initscripts-service # Placing this here under the assumption that anything using the # python libraries expects the system to have an audit daemon @@ -92,6 +93,7 @@ Management Facility) database, through an IBM Tivoli Directory Server cp %{SOURCE1} . %patch1 -p1 %patch2 -p1 +%patch3 -p1 # Remove the ids code, its not ready sed -i 's/ ids / /' audisp/plugins/Makefile.in @@ -112,8 +114,13 @@ mkdir -p $RPM_BUILD_ROOT/%{_lib} mkdir -p $RPM_BUILD_ROOT/%{_libdir}/audit mkdir -p --mode=0700 $RPM_BUILD_ROOT/%{_var}/log/audit mkdir -p $RPM_BUILD_ROOT/%{_var}/spool/audit +mkdir -p $RPM_BUILD_ROOT/%{_datadir} make DESTDIR=$RPM_BUILD_ROOT install +# Copy functions file. +install -m750 %{_builddir}/%{name}-%{version}/init.d/functions \ + $RPM_BUILD_ROOT/%{_datadir}/%{name}/functions + # Validate sample rules shipped. for r in $RPM_BUILD_ROOT/%{_datadir}/%{name}/sample-rules/*.rules; do PYTHONPATH=$RPM_BUILD_ROOT/%{python3_sitearch} \ @@ -222,6 +229,7 @@ fi %attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/rotate %attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/state %attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/stop +%attr(750,root,root) %{_datadir}/%{name}/functions %ghost %{_localstatedir}/run/auditd.state %attr(-,root,-) %dir %{_var}/log/audit %attr(750,root,root) %dir /etc/audit @@ -256,6 +264,10 @@ fi %attr(750,root,root) %{_sbindir}/audispd-zos-remote %changelog +* Wed Nov 03 2021 Sergio Correia - 3.0.5-3 +- Update dependency to initscripts-service instead of initscripts + Resolves: rhbz#2000933 + * Tue Aug 17 2021 Sergio Correia - 3.0.5-2 - Fix timestamp parsing Related: rhbz#1938680