rpms/audit
6
0
Fork 0
Code Issues Pull Requests Releases Activity

New upstream bugfix release

Browse Source
This commit is contained in:
Steve Grubb 2022-03-29 17:03:45 -04:00
parent 2df0fecef9
commit ef23a033e5
5 changed files with 11 additions and 266 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -172,3 +172,4 @@ audit-2.0.4.tar.gz
/audit-3.0.5.tar.gz /audit-3.0.5.tar.gz
/audit-3.0.6.tar.gz /audit-3.0.6.tar.gz
/audit-3.0.7.tar.gz /audit-3.0.7.tar.gz
/audit-3.0.8.tar.gz

178
audit-3.0.7-func-attr.patch
View File

@ -1,178 +0,0 @@
diff -urp audit-3.0.7.orig/audisp/audispd-builtins.h audit-3.0.7/audisp/audispd-builtins.h
--- audit-3.0.7.orig/audisp/audispd-builtins.h 2021-08-21 10:15:51.000000000 -0400
+++ audit-3.0.7/audisp/audispd-builtins.h 2022-02-14 21:24:43.946258118 -0500
@@ -25,11 +25,16 @@
#ifndef AUDISPD_BUILTINS_HEADER
#define AUDISPD_BUILTINS_HEADER
+#include <features.h>
+#ifndef __attr_access
+# define __attr_access(x)
+#endif
#include "queue.h"
void start_builtin(plugin_conf_t *conf);
void stop_builtin(plugin_conf_t *conf);
-void send_af_unix_string(const char *s, unsigned int len);
+void send_af_unix_string(const char *s, unsigned int len)
+ __attr_access ((__read_only__, 1, 2));
void send_af_unix_binary(event_t *e);
void destroy_af_unix(void);
diff -urp audit-3.0.7.orig/auparse/auparse.h audit-3.0.7/auparse/auparse.h
--- audit-3.0.7.orig/auparse/auparse.h 2021-08-21 10:15:51.000000000 -0400
+++ audit-3.0.7/auparse/auparse.h 2022-02-14 21:24:43.947258108 -0500
@@ -1,5 +1,5 @@
/* auparse.h --
- * Copyright 2006-08,2012,2014-17 Red Hat Inc.
+ * Copyright 2006-08,2012,2014-17,2022 Red Hat Inc.
* All Rights Reserved.
*
* This library is free software; you can redistribute it and/or
@@ -23,6 +23,15 @@
#ifndef AUPARSE_HEADER
#define AUPARSE_HEADER
+#include <features.h>
+#ifndef __attr_access
+# define __attr_access(x)
+#endif
+#ifndef __attr_dealloc
+# define __attr_dealloc(dealloc, argno)
+# define __attr_dealloc_free
+#endif
+
#include "auparse-defs.h"
#ifdef __cplusplus
@@ -40,9 +49,14 @@ typedef void (*auparse_callback_ptr)(aup
auparse_cb_event_t cb_event_type, void *user_data);
/* General functions that affect operation of the library */
-auparse_state_t *auparse_init(ausource_t source, const void *b);
-int auparse_new_buffer(auparse_state_t *au, const char *data, size_t data_len);
-int auparse_feed(auparse_state_t *au, const char *data, size_t data_len);
+void auparse_destroy(auparse_state_t *au);
+void auparse_destroy_ext(auparse_state_t *au, auparse_destroy_what_t what);
+auparse_state_t *auparse_init(ausource_t source, const void *b)
+ __attribute_malloc__ __attr_dealloc (auparse_destroy, 1);
+int auparse_new_buffer(auparse_state_t *au, const char *data, size_t data_len)
+ __attr_access ((__read_only__, 2, 3));
+int auparse_feed(auparse_state_t *au, const char *data, size_t data_len)
+ __attr_access ((__read_only__, 2, 3));
void auparse_feed_age_events(auparse_state_t *au);
int auparse_flush_feed(auparse_state_t *au);
int auparse_feed_has_data(auparse_state_t *au);
@@ -51,8 +65,6 @@ void auparse_add_callback(auparse_state_
void *user_data, user_destroy user_destroy_func);
void auparse_set_escape_mode(auparse_state_t *au, auparse_esc_t mode);
int auparse_reset(auparse_state_t *au);
-void auparse_destroy(auparse_state_t *au);
-void auparse_destroy_ext(auparse_state_t *au, auparse_destroy_what_t what);
/* Functions that are part of the search interface */
int ausearch_add_expression(auparse_state_t *au, const char *expression,
@@ -119,7 +131,7 @@ const au_event_t *auparse_get_timestamp(
time_t auparse_get_time(auparse_state_t *au);
unsigned int auparse_get_milli(auparse_state_t *au);
unsigned long auparse_get_serial(auparse_state_t *au);
-const char *auparse_get_node(auparse_state_t *au);
+const char *auparse_get_node(auparse_state_t *au) __attr_dealloc_free;
int auparse_node_compare(au_event_t *e1, au_event_t *e2);
int auparse_timestamp_compare(au_event_t *e1, au_event_t *e2);
unsigned int auparse_get_num_records(auparse_state_t *au);
diff -urp audit-3.0.7.orig/common/common.h audit-3.0.7/common/common.h
--- audit-3.0.7.orig/common/common.h 2021-08-21 10:15:51.000000000 -0400
+++ audit-3.0.7/common/common.h 2022-02-14 21:24:43.947258108 -0500
@@ -23,13 +23,18 @@
#ifndef AUDIT_FGETS_HEADER
#define AUDIT_FGETS_HEADER
+#include <features.h>
+#ifndef __attr_access
+# define __attr_access(x)
+#endif
#include <sys/types.h>
#include "dso.h"
AUDIT_HIDDEN_START
int audit_fgets_eof(void);
int audit_fgets_more(size_t blen);
-int audit_fgets(char *buf, size_t blen, int fd);
+int audit_fgets(char *buf, size_t blen, int fd)
+ __attr_access ((__write_only__, 1, 2));
char *audit_strsplit_r(char *s, char **savedpp);
char *audit_strsplit(char *s);
diff -urp audit-3.0.7.orig/lib/libaudit.h audit-3.0.7/lib/libaudit.h
--- audit-3.0.7.orig/lib/libaudit.h 2021-10-28 17:18:27.000000000 -0400
+++ audit-3.0.7/lib/libaudit.h 2022-02-14 21:24:43.947258108 -0500
@@ -27,7 +27,14 @@
extern "C" {
#endif
-
+#include <features.h>
+#ifndef __attr_access
+# define __attr_access(x)
+#endif
+#ifndef __attr_dealloc
+# define __attr_dealloc(dealloc, argno)
+# define __attr_dealloc_free
+#endif
#include <asm/types.h>
#include <stdint.h>
#include <sys/socket.h>
@@ -605,7 +612,9 @@ extern int audit_setloginuid(uid_t uid)
extern uint32_t audit_get_session(void);
extern int audit_detect_machine(void);
extern int audit_determine_machine(const char *arch);
-extern char *audit_format_signal_info(char *buf, int len, char *op, struct audit_reply *rep, char *res);
+extern char *audit_format_signal_info(char *buf, int len, char *op,
+ struct audit_reply *rep, char *res)
+ __attr_access ((__write_only__, 1, 2));
/* Translation functions */
extern int audit_name_to_field(const char *field);
@@ -675,10 +684,15 @@ extern int audit_delete_rule_data(int fd
int flags, int action);
/* The following are for standard formatting of messages */
-extern int audit_value_needs_encoding(const char *str, unsigned int size);
-extern char *audit_encode_value(char *final,const char *buf,unsigned int size);
+extern int audit_value_needs_encoding(const char *str, unsigned int size)
+ __attr_access ((__read_only__, 1, 2));
+extern char *audit_encode_value(char *final,const char *buf,unsigned int size)
+ __attr_access ((__write_only__, 1))
+ __attr_access ((__read_only__, 2, 3));
extern char *audit_encode_nv_string(const char *name, const char *value,
- unsigned int vlen);
+ unsigned int vlen)
+ __attr_access ((__read_only__, 2, 3))
+ __attr_dealloc_free;
extern int audit_log_user_message(int audit_fd, int type, const char *message,
const char *hostname, const char *addr, const char *tty, int result);
extern int audit_log_user_comm_message(int audit_fd, int type,
diff -urp audit-3.0.7.orig/src/ausearch-lookup.h audit-3.0.7/src/ausearch-lookup.h
--- audit-3.0.7.orig/src/ausearch-lookup.h 2021-08-21 10:15:51.000000000 -0400
+++ audit-3.0.7/src/ausearch-lookup.h 2022-02-14 21:24:37.207324496 -0500
@@ -34,13 +34,16 @@
const char *aulookup_result(avc_t result);
const char *aulookup_success(int s);
-const char *aulookup_syscall(llist *l, char *buf, size_t size);
-const char *aulookup_uid(uid_t uid, char *buf, size_t size);
+const char *aulookup_syscall(llist *l, char *buf, size_t size)
+ __attr_access ((__write_only__, 2, 3));
+const char *aulookup_uid(uid_t uid, char *buf, size_t size)
+ __attr_access ((__write_only__, 2, 3));
void aulookup_destroy_uid_list(void);
char *unescape(const char *buf);
int is_hex_string(const char *str);
void print_tty_data(const char *val);
-void safe_print_string_n(const char *s, unsigned int len, int ret);
+void safe_print_string_n(const char *s, unsigned int len, int ret)
+ __attr_access ((__read_only__, 1, 2));
void safe_print_string(const char *s, int ret);
#endif

77
audit-3.0.7-gcc-flags.patch
View File

@ -1,77 +0,0 @@
From 36beaefbb4ecb0a222ac68ec9f17f854a82f7235 Mon Sep 17 00:00:00 2001
From: Steve Grubb <sgrubb@redhat.com>
Date: Mon, 14 Feb 2022 15:30:09 -0500
Subject: [PATCH] Adjust compile flags
---
audisp/plugins/remote/Makefile.am | 2 +-
auparse/Makefile.am | 2 +-
configure.ac | 15 +++++++++++++++
src/Makefile.am | 2 +-
4 files changed, 18 insertions(+), 3 deletions(-)
diff --git a/audisp/plugins/remote/Makefile.am b/audisp/plugins/remote/Makefile.am
index 217d477c5..1ac77ee8d 100644
--- a/audisp/plugins/remote/Makefile.am
+++ b/audisp/plugins/remote/Makefile.am
@@ -36,7 +36,7 @@ TESTS = $(check_PROGRAMS)
audisp_remote_DEPENDENCIES = ${top_builddir}/common/libaucommon.la
audisp_remote_SOURCES = audisp-remote.c remote-config.c queue.c
-audisp_remote_CFLAGS = -fPIE -DPIE -g -D_REENTRANT -D_GNU_SOURCE -Wundef
+audisp_remote_CFLAGS = -fPIE -DPIE -g -D_REENTRANT -D_GNU_SOURCE -Wundef ${WFLAGS}
audisp_remote_LDFLAGS = -pie -Wl,-z,relro -Wl,-z,now
audisp_remote_LDADD = $(CAPNG_LDADD) $(gss_libs) ${top_builddir}/common/libaucommon.la
diff --git a/auparse/Makefile.am b/auparse/Makefile.am
index b34b6c042..1eb5352cf 100644
--- a/auparse/Makefile.am
+++ b/auparse/Makefile.am
@@ -26,7 +26,7 @@ SUBDIRS = test
EXTRA_DIST = expression-design.txt
CLEANFILES = $(BUILT_SOURCES)
CONFIG_CLEAN_FILES = *.loT *.rej *.orig
-AM_CFLAGS = -fPIC -DPIC -D_GNU_SOURCE -g ${DEBUG} -Wno-pointer-sign -Wno-enum-compare -Wno-switch
+AM_CFLAGS = -fPIC -DPIC -D_GNU_SOURCE -g ${DEBUG} -Wno-pointer-sign -Wno-enum-compare -Wno-switch ${WFLAGS}
AM_CPPFLAGS = -I. -I${top_srcdir} -I${top_srcdir}/src -I${top_srcdir}/lib -I${top_srcdir}/common
LIBS =
diff --git a/configure.ac b/configure.ac
index e40d41e14..e74fd7036 100644
--- a/configure.ac
+++ b/configure.ac
@@ -341,6 +341,21 @@ else
fi
],WARNS="$ALLWARNS")
+WFLAGS=""
+AC_MSG_CHECKING(for -Wformat-truncation)
+TMPCFLAGS="${CFLAGS}"
+CFLAGS="${CFLAGS} -Wformat-truncation"
+AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[]])],[WFLAGS="-Wno-format-truncation"
+ AC_MSG_RESULT(yes)],
+ [AC_MSG_RESULT(no)])
+CFLAGS="${TMPCFLAGS}"
+CFLAGS="${CFLAGS} -Wunused-but-set-variable"
+AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[]])],[WFLAGS="${WFLAGS} -Wno-unused-but-set-variable"
+ AC_MSG_RESULT(yes)],
+ [AC_MSG_RESULT(no)])
+CFLAGS="${TMPCFLAGS}"
+AC_SUBST(WFLAGS)
+
withval=""
AC_MSG_CHECKING(whether to include arm eabi processor support)
AC_ARG_WITH(arm,
diff --git a/src/Makefile.am b/src/Makefile.am
index 9c68b42db..2bebf8d50 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -25,7 +25,7 @@ CONFIG_CLEAN_FILES = *.rej *.orig
SUBDIRS = test
AM_CPPFLAGS = -I${top_srcdir} -I${top_srcdir}/lib -I${top_srcdir}/src/libev -I${top_srcdir}/auparse -I${top_srcdir}/audisp -I${top_srcdir}/common
sbin_PROGRAMS = auditd auditctl aureport ausearch autrace
-AM_CFLAGS = -D_GNU_SOURCE -Wno-pointer-sign
+AM_CFLAGS = -D_GNU_SOURCE -Wno-pointer-sign ${WFLAGS}
noinst_HEADERS = auditd-config.h auditd-event.h auditd-listen.h ausearch-llist.h ausearch-options.h auditctl-llist.h aureport-options.h ausearch-parse.h aureport-scan.h ausearch-lookup.h ausearch-int.h auditd-dispatch.h ausearch-string.h ausearch-nvpair.h ausearch-common.h ausearch-avc.h ausearch-time.h ausearch-lol.h auditctl-listing.h ausearch-checkpt.h
auditd_SOURCES = auditd.c auditd-event.c auditd-config.c auditd-reconfig.c auditd-sendmail.c auditd-dispatch.c

19
audit.spec
View File

@ -1,16 +1,14 @@
Summary: User space tools for kernel auditing Summary: User space tools for kernel auditing
Name: audit Name: audit
Version: 3.0.7 Version: 3.0.8
Release: 3%{?dist} Release: 1%{?dist}
License: GPLv2+ License: GPLv2+
URL: http://people.redhat.com/sgrubb/audit/ URL: http://people.redhat.com/sgrubb/audit/
Source0: http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz Source0: http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
Source1: https://www.gnu.org/licenses/lgpl-2.1.txt Source1: https://www.gnu.org/licenses/lgpl-2.1.txt
Patch1: audit-3.0.7-func-attr.patch Patch1: audit-3.0.8-flex-array-workaround.patch
Patch2: audit-3.0.7-gcc-flags.patch Patch2: audit-3.0.8-undo-flex-array.patch
Patch3: audit-3.0.8-flex-array-workaround.patch
Patch4: audit-3.0.8-undo-flex-array.patch
BuildRequires: make gcc BuildRequires: make gcc
BuildRequires: krb5-devel BuildRequires: krb5-devel
@ -92,12 +90,10 @@ Management Facility) database, through an IBM Tivoli Directory Server
%prep %prep
%setup -q %setup -q
%patch1 -p1
%patch2 -p1
autoreconf -fv --install autoreconf -fv --install
cp %{SOURCE1} . cp %{SOURCE1} .
cp /usr/include/linux/audit.h lib/ cp /usr/include/linux/audit.h lib/
%patch3 -p1 %patch1 -p1
# Remove the ids code, its not ready # Remove the ids code, its not ready
sed -i 's/ ids / /' audisp/plugins/Makefile.am sed -i 's/ ids / /' audisp/plugins/Makefile.am
@ -135,7 +131,7 @@ touch -r ./audit.spec $RPM_BUILD_ROOT/usr/share/man/man5/libaudit.conf.5.gz
# undo the workaround # undo the workaround
cur=`pwd` cur=`pwd`
cd $RPM_BUILD_ROOT cd $RPM_BUILD_ROOT
patch -p0 < %{PATCH4} patch -p0 < %{PATCH2}
cd $cur cd $cur
%check %check
@ -265,6 +261,9 @@ fi
%attr(750,root,root) %{_sbindir}/audispd-zos-remote %attr(750,root,root) %{_sbindir}/audispd-zos-remote
%changelog %changelog
* Tue Mar 29 2022 Steve Grubb <sgrubb@redhat.com> 3.0.8-1
- New upstream bugfix release
* Thu Feb 24 2022 Steve Grubb <sgrubb@redhat.com> 3.0.7-3 * Thu Feb 24 2022 Steve Grubb <sgrubb@redhat.com> 3.0.7-3
- Undo fix to libaudit.h before installing - Undo fix to libaudit.h before installing

2
sources
View File

@ -1 +1 @@
SHA512 (audit-3.0.7.tar.gz) = b5662b32082fc2ac54e247aa0db5442d76afa30134ebba1d624a17004e9ccf6856bb75344af4ce9d9a0a66c03e1c6f18b7d45658d7df13ea71af0c8362e08d70 SHA512 (audit-3.0.8.tar.gz) = 8379bf425d68381d182300e628e42de8460d2f3e15b2395e10880f94b9989656852a50a9bece75b632ec8a04c40c9e666ff4c9d6b25ace3a8f50d2011506afab