From bb2d5f9d4d6a01840eeaf1b072027369119c710c Mon Sep 17 00:00:00 2001 From: Yi Zhao Date: Sat, 6 Sep 2025 21:02:31 +0800 Subject: audit: upgrade 4.0.5 -> 4.1.2 ChangeLog: https://github.com/linux-audit/audit-userspace/releases/tag/v4.1.0 https://github.com/linux-audit/audit-userspace/releases/tag/v4.1.1 https://github.com/linux-audit/audit-userspace/releases/tag/v4.1.2 Disable some test cases in auparse/test as they can not be built with --disable-static configuration. Signed-off-by: Yi Zhao Signed-off-by: Khem Raj --- ...0001-auparse-test-disable-some-test-cases.patch | 38 ++++++++ meta-oe/recipes-security/audit/audit_4.0.5.bb | 107 -------------------- meta-oe/recipes-security/audit/audit_4.1.2.bb | 108 +++++++++++++++++++++ 3 files changed, 146 insertions(+), 107 deletions(-) create mode 100644 meta-oe/recipes-security/audit/audit/0001-auparse-test-disable-some-test-cases.patch delete mode 100644 meta-oe/recipes-security/audit/audit_4.0.5.bb create mode 100644 meta-oe/recipes-security/audit/audit_4.1.2.bb diff --git a/meta-oe/recipes-security/audit/audit/0001-auparse-test-disable-some-test-cases.patch b/meta-oe/recipes-security/audit/audit/0001-auparse-test-disable-some-test-cases.patch new file mode 100644 index 0000000000..fb9a901f3c --- /dev/null +++ b/meta-oe/recipes-security/audit/audit/0001-auparse-test-disable-some-test-cases.patch @@ -0,0 +1,38 @@ +From 003983a6e04a5e8d9373a96cb0a1c13caae9b193 Mon Sep 17 00:00:00 2001 +From: Yi Zhao +Date: Sat, 6 Sep 2025 14:04:40 +0800 +Subject: [PATCH] auparse/test: disable some test cases + +Disable test cases databuf_test lru_cache_test and uid_name_wrap_test as +they can not be built with --disable-static configuration. See [1]. + +[1]: https://github.com/linux-audit/audit-userspace/issues/494 + +Upstream-Status: Inappropriate [embedded specific] + +Signed-off-by: Yi Zhao +--- + auparse/test/Makefile.am | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/auparse/test/Makefile.am b/auparse/test/Makefile.am +index 06928438..dad75e76 100644 +--- a/auparse/test/Makefile.am ++++ b/auparse/test/Makefile.am +@@ -21,10 +21,10 @@ + # + + CONFIG_CLEAN_FILES = *.loT *.rej *.orig *.cur +-noinst_PROGRAMS = auparse_test auparselol_test lookup_test databuf_test \ +- auparse_extra_test lru_cache_test uid_name_wrap_test ++noinst_PROGRAMS = auparse_test auparselol_test lookup_test \ ++ auparse_extra_test + TESTS = run_auparse_tests.sh run_auparselol_test.sh lookup_test \ +- databuf_test auparse_extra_test lru_cache_test uid_name_wrap_test ++ auparse_extra_test + dist_check_SCRIPTS = run_auparse_tests.sh run_auparselol_test.sh + EXTRA_DIST = auparse_test.ref auparse_test.ref.py test.log test2.log test3.log test4.log auditd_raw.sed run_auparse_tests.sh auparse_test.py run_auparselol_test.sh + CLEANFILES = run_auparse_tests.sh run_auparselol_test.sh +-- +2.34.1 + diff --git a/meta-oe/recipes-security/audit/audit_4.0.5.bb b/meta-oe/recipes-security/audit/audit_4.0.5.bb deleted file mode 100644 index 58100b206d..0000000000 --- a/meta-oe/recipes-security/audit/audit_4.0.5.bb +++ /dev/null @@ -1,107 +0,0 @@ -SUMMARY = "User space tools for kernel auditing" -DESCRIPTION = "The audit package contains the user space utilities for \ -storing and searching the audit records generated by the audit subsystem \ -in the Linux kernel." -HOMEPAGE = "http://people.redhat.com/sgrubb/audit/" -SECTION = "base" -LICENSE = "GPL-2.0-or-later & LGPL-2.0-or-later" -LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f" - -SRC_URI = "git://github.com/linux-audit/${BPN}-userspace.git;branch=master;protocol=https \ - file://0001-Fixed-swig-host-contamination-issue.patch \ - file://auditd \ - " - -SRCREV = "97c4ec3d68b5b199f2796d1e126c2144506bd228" - -inherit autotools python3targetconfig update-rc.d systemd - -UPDATERCPN = "auditd" -INITSCRIPT_NAME = "auditd" -INITSCRIPT_PARAMS = "defaults" - -SYSTEMD_PACKAGES = "auditd" -SYSTEMD_SERVICE:auditd = "auditd.service audit-rules.service" - -DEPENDS = "python3 tcp-wrappers libcap-ng linux-libc-headers swig-native python3-setuptools-native coreutils-native" - -EXTRA_OECONF = " \ - --with-libwrap \ - --with-libcap-ng \ - --with-python3 \ - --with-arm \ - --with-aarch64 \ - --with-riscv \ - --without-golang \ - --disable-gssapi-krb5 \ - --disable-zos-remote \ - --sbindir=${base_sbindir} \ - --runstatedir=/run \ - " - -EXTRA_OEMAKE = " \ - PYTHON=python3 \ - pythondir=${PYTHON_SITEPACKAGES_DIR} \ - pyexecdir=${PYTHON_SITEPACKAGES_DIR} \ - STDINC='${STAGING_INCDIR}' \ - " - -SUMMARY:audispd-plugins = "Plugins for the audit event dispatcher" -DESCRIPTION:audispd-plugins = "The audispd-plugins package provides plugins for the real-time \ -interface to the audit system, audispd. These plugins can do things \ -like relay events to remote machines or analyze events for suspicious \ -behavior." - -PACKAGES =+ "audispd-plugins" -PACKAGES += "auditd ${PN}-python" - -FILES:${PN} = "${sysconfdir}/libaudit.conf ${libdir}/libau*.so.*" -FILES:auditd = "${bindir}/* ${base_sbindir}/* ${sysconfdir}/* \ - ${datadir}/audit-rules/* ${libexecdir}/* \ - ${nonarch_libdir}/tmpfiles.d/*.conf" -FILES:audispd-plugins = "${sysconfdir}/audit/audisp-remote.conf \ - ${sysconfdir}/audit/plugins.d/au-remote.conf \ - ${sysconfdir}/audit/plugins.d/syslog.conf \ - ${base_sbindir}/audisp-remote \ - ${base_sbindir}/audisp-syslog \ - ${localstatedir}/spool/audit \ - " -FILES:${PN}-dbg += "${libdir}/python${PYTHON_BASEVERSION}/*/.debug" -FILES:${PN}-python = "${libdir}/python${PYTHON_BASEVERSION}" - -CONFFILES:auditd = "${sysconfdir}/audit/audit.rules" - -do_configure:prepend() { - sed -e 's|buf\[];|buf[0];|g' ${STAGING_INCDIR}/linux/audit.h > ${S}/lib/audit.h - sed -i -e 's|#include |#include "audit.h"|g' ${S}/lib/libaudit.h -} - -do_install:append() { - sed -i -e 's|#include "audit.h"|#include |g' ${D}${includedir}/libaudit.h - - # Install default rules - install -d -m 750 ${D}/etc/audit - install -d -m 750 ${D}/etc/audit/rules.d - - install -m 0640 ${S}/rules/10-base-config.rules ${D}/etc/audit/rules.d/audit.rules - - # Based on the audit.spec "Copy default rules into place on new installation" - install -m 0640 ${D}/etc/audit/rules.d/audit.rules ${D}/etc/audit/audit.rules - - if ${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', 'true', 'false', d)}; then - install -D -m 0755 ${UNPACKDIR}/auditd ${D}/etc/init.d/auditd - fi - - if ! ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then - rm -rf ${D}${nonarch_libdir}/systemd - rm -rf ${D}${nonarch_libdir}/tmpfiles.d - - # Remove empty directory when enable multilib - rmdir --ignore-fail-on-non-empty ${D}${nonarch_libdir} - fi - - # Create /var/spool/audit directory for audisp-remote - install -d -m 0700 ${D}${localstatedir}/spool/audit -} - -CVE_PRODUCT = "linux:audit" diff --git a/meta-oe/recipes-security/audit/audit_4.1.2.bb b/meta-oe/recipes-security/audit/audit_4.1.2.bb new file mode 100644 index 0000000000..2cd28e85f1 --- /dev/null +++ b/meta-oe/recipes-security/audit/audit_4.1.2.bb @@ -0,0 +1,108 @@ +SUMMARY = "User space tools for kernel auditing" +DESCRIPTION = "The audit package contains the user space utilities for \ +storing and searching the audit records generated by the audit subsystem \ +in the Linux kernel." +HOMEPAGE = "http://people.redhat.com/sgrubb/audit/" +SECTION = "base" +LICENSE = "GPL-2.0-or-later & LGPL-2.0-or-later" +LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f" + +SRC_URI = "git://github.com/linux-audit/${BPN}-userspace.git;branch=master;protocol=https \ + file://0001-Fixed-swig-host-contamination-issue.patch \ + file://0001-auparse-test-disable-some-test-cases.patch \ + file://auditd \ + " + +SRCREV = "4db9c700b0c8b24a8113bc00d98101228e7d0212" + +inherit autotools python3targetconfig update-rc.d systemd + +UPDATERCPN = "auditd" +INITSCRIPT_NAME = "auditd" +INITSCRIPT_PARAMS = "defaults" + +SYSTEMD_PACKAGES = "auditd" +SYSTEMD_SERVICE:auditd = "auditd.service audit-rules.service" + +DEPENDS = "python3 tcp-wrappers libcap-ng linux-libc-headers swig-native python3-setuptools-native coreutils-native" + +EXTRA_OECONF = " \ + --with-libwrap \ + --with-libcap-ng \ + --with-python3 \ + --with-arm \ + --with-aarch64 \ + --with-riscv \ + --without-golang \ + --disable-gssapi-krb5 \ + --disable-zos-remote \ + --sbindir=${base_sbindir} \ + --runstatedir=/run \ + " + +EXTRA_OEMAKE = " \ + PYTHON=python3 \ + pythondir=${PYTHON_SITEPACKAGES_DIR} \ + pyexecdir=${PYTHON_SITEPACKAGES_DIR} \ + STDINC='${STAGING_INCDIR}' \ + " + +SUMMARY:audispd-plugins = "Plugins for the audit event dispatcher" +DESCRIPTION:audispd-plugins = "The audispd-plugins package provides plugins for the real-time \ +interface to the audit system, audispd. These plugins can do things \ +like relay events to remote machines or analyze events for suspicious \ +behavior." + +PACKAGES =+ "audispd-plugins" +PACKAGES += "auditd ${PN}-python" + +FILES:${PN} = "${sysconfdir}/libaudit.conf ${libdir}/libau*.so.*" +FILES:auditd = "${bindir}/* ${base_sbindir}/* ${sysconfdir}/* \ + ${datadir}/audit-rules/* ${libexecdir}/* \ + ${nonarch_libdir}/tmpfiles.d/*.conf" +FILES:audispd-plugins = "${sysconfdir}/audit/audisp-remote.conf \ + ${sysconfdir}/audit/plugins.d/au-remote.conf \ + ${sysconfdir}/audit/plugins.d/syslog.conf \ + ${base_sbindir}/audisp-remote \ + ${base_sbindir}/audisp-syslog \ + ${localstatedir}/spool/audit \ + " +FILES:${PN}-dbg += "${libdir}/python${PYTHON_BASEVERSION}/*/.debug" +FILES:${PN}-python = "${libdir}/python${PYTHON_BASEVERSION}" + +CONFFILES:auditd = "${sysconfdir}/audit/audit.rules" + +do_configure:prepend() { + sed -e 's|buf\[];|buf[0];|g' ${STAGING_INCDIR}/linux/audit.h > ${S}/lib/audit.h + sed -i -e 's|#include |#include "audit.h"|g' ${S}/lib/libaudit.h +} + +do_install:append() { + sed -i -e 's|#include "audit.h"|#include |g' ${D}${includedir}/libaudit.h + + # Install default rules + install -d -m 750 ${D}/etc/audit + install -d -m 750 ${D}/etc/audit/rules.d + + install -m 0640 ${S}/rules/10-base-config.rules ${D}/etc/audit/rules.d/audit.rules + + # Based on the audit.spec "Copy default rules into place on new installation" + install -m 0640 ${D}/etc/audit/rules.d/audit.rules ${D}/etc/audit/audit.rules + + if ${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', 'true', 'false', d)}; then + install -D -m 0755 ${UNPACKDIR}/auditd ${D}/etc/init.d/auditd + fi + + if ! ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then + rm -rf ${D}${nonarch_libdir}/systemd + rm -rf ${D}${nonarch_libdir}/tmpfiles.d + + # Remove empty directory when enable multilib + rmdir --ignore-fail-on-non-empty ${D}${nonarch_libdir} + fi + + # Create /var/spool/audit directory for audisp-remote + install -d -m 0700 ${D}${localstatedir}/spool/audit +} + +CVE_PRODUCT = "linux:audit" -- cgit v1.2.3-54-g00ecf