diff options
author | davidovski <david@davidovski.xyz> | 2022-05-04 23:52:30 +0100 |
---|---|---|
committer | davidovski <david@davidovski.xyz> | 2022-05-04 23:52:30 +0100 |
commit | 739c65c54cb0e957df5e9b76f93fb02554e5cac3 (patch) | |
tree | 09ddfa0a342f3ea9de136cb50abdd79821bf1b53 /extra/audit | |
parent | 4c585ad54388285500fd18a6aaa516894e0f2c16 (diff) |
moved everything to new file formatting
Diffstat (limited to 'extra/audit')
-rw-r--r-- | extra/audit/0003-all-get-rid-of-strndupa.patch | 56 | ||||
-rw-r--r-- | extra/audit/0004-fix-path-in-au-remote-conf.patch | 16 | ||||
-rw-r--r-- | extra/audit/auditd.confd | 22 | ||||
-rw-r--r-- | extra/audit/auditd.initd | 90 |
4 files changed, 0 insertions, 184 deletions
diff --git a/extra/audit/0003-all-get-rid-of-strndupa.patch b/extra/audit/0003-all-get-rid-of-strndupa.patch deleted file mode 100644 index d8317e1..0000000 --- a/extra/audit/0003-all-get-rid-of-strndupa.patch +++ /dev/null @@ -1,56 +0,0 @@ -From 38d950e468c1e51937530f884b138076e4897da2 Mon Sep 17 00:00:00 2001 -From: Tycho Andersen <tycho@docker.com> -Date: Mon, 13 Mar 2017 16:40:08 -0700 -Subject: [PATCH 3/4] all: get rid of strndupa - -in one case (src/auditd.c) we don't even need to allocate a buffer, in the -other two we do it in two steps to avoid using a non-standard function. - -Signed-off-by: Tycho Andersen <tycho@docker.com> ---- - auparse/auparse.c | 6 ++++-- - src/auditd.c | 10 +++++----- - src/ausearch-lol.c | 6 ++++-- - 3 files changed, 13 insertions(+), 9 deletions(-) - -diff --git a/auparse/auparse.c b/auparse/auparse.c -index 058f544..f61d204 100644 ---- a/auparse/auparse.c -+++ b/auparse/auparse.c -@@ -1102,10 +1102,12 @@ static int extract_timestamp(const char *b, au_event_t *e) - int rc = 1; - - e->host = NULL; -+ -+ tmp = alloca(340); - if (*b == 'n') -- tmp = strndupa(b, 340); -+ tmp = strncpy(tmp, b, 340); - else -- tmp = strndupa(b, 80); -+ tmp = strncpy(tmp, b, 80); - ptr = audit_strsplit(tmp); - if (ptr) { - // Optionally grab the node - may or may not be included -diff --git a/src/ausearch-lol.c b/src/ausearch-lol.c -index 29d0a32..3a2e5e8 100644 ---- a/src/ausearch-lol.c -+++ b/src/ausearch-lol.c -@@ -135,10 +135,12 @@ static int extract_timestamp(const char *b, event *e) - char *ptr, *tmp, *tnode, *ttype; - - e->node = NULL; -+ -+ tmp = alloca(340); - if (*b == 'n') -- tmp = strndupa(b, 340); -+ tmp = strncpy(tmp, b, 340); - else -- tmp = strndupa(b, 80); -+ tmp = strncpy(tmp, b, 80); - ptr = audit_strsplit(tmp); - if (ptr) { - // Check to see if this is the node info --- -2.13.1 - diff --git a/extra/audit/0004-fix-path-in-au-remote-conf.patch b/extra/audit/0004-fix-path-in-au-remote-conf.patch deleted file mode 100644 index c3d1efd..0000000 --- a/extra/audit/0004-fix-path-in-au-remote-conf.patch +++ /dev/null @@ -1,16 +0,0 @@ -From: Dermot Bradley <dermot_bradley@yahoo.com> -Date: Fri, 29 May 2020 19:55:23 +0100 - -Fix the path to the audisp-remote binary. - ---- a/audisp/plugins/remote/au-remote.conf -+++ b/audisp/plugins/remote/au-remote.conf -@@ -5,7 +5,7 @@ - - active = no - direction = out --path = /sbin/audisp-remote -+path = /usr/sbin/audisp-remote - type = always - #args = - format = string diff --git a/extra/audit/auditd.confd b/extra/audit/auditd.confd deleted file mode 100644 index c66be16..0000000 --- a/extra/audit/auditd.confd +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright 1999-2011 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -# Configuration options for auditd -# -f for foreground mode -# There are some other options as well, but you'll have to look in the source -# code to find them as they aren't ready for use yet. -EXTRAOPTIONS='' - -# Audit rules file to run after starting auditd -RULEFILE_STARTUP=/etc/audit/audit.rules - -# Audit rules file to run before and after stopping auditd -RULEFILE_STOP_PRE=/etc/audit/audit.rules.stop.pre -RULEFILE_STOP_POST=/etc/audit/audit.rules.stop.post - -# If you want to enforce a certain locale for auditd, -# uncomment one of the next lines: -#AUDITD_LANG=none -AUDITD_LANG=C -#AUDITD_LANG=en_US -#AUDITD_LANG=en_US.UTF-8 diff --git a/extra/audit/auditd.initd b/extra/audit/auditd.initd deleted file mode 100644 index b9d9c47..0000000 --- a/extra/audit/auditd.initd +++ /dev/null @@ -1,90 +0,0 @@ -#!/sbin/openrc-run -# Copyright 1999-2015 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -extra_started_commands='reload reload_auditd reload_rules' -description='Linux Auditing System' -description_reload='Reload daemon configuration and rules' -description_reload_rules='Reload daemon rules' -description_reload_auditd='Reload daemon configuration' - -name='auditd' -pidfile='/var/run/auditd.pid' -command='/usr/sbin/auditd' - -start_auditd() { - # Env handling taken from the upstream init script - if [ -z "$AUDITD_LANG" -o "$AUDITD_LANG" = "none" -o "$AUDITD_LANG" = "NONE" ]; then - unset LANG LC_TIME LC_ALL LC_MESSAGES LC_NUMERIC LC_MONETARY LC_COLLATE - else - LANG="$AUDITD_LANG" - LC_TIME="$AUDITD_LANG" - LC_ALL="$AUDITD_LANG" - LC_MESSAGES="$AUDITD_LANG" - LC_NUMERIC="$AUDITD_LANG" - LC_MONETARY="$AUDITD_LANG" - LC_COLLATE="$AUDITD_LANG" - export LANG LC_TIME LC_ALL LC_MESSAGES LC_NUMERIC LC_MONETARY LC_COLLATE - fi - unset HOME MAIL USER USERNAME - - ebegin "Starting ${name}" - start-stop-daemon \ - --start --quiet --pidfile ${pidfile} \ - --exec ${command} -- ${EXTRAOPTIONS} - local ret=$? - eend $ret - return $ret -} - -stop_auditd() { - ebegin "Stopping ${name}" - start-stop-daemon --stop --quiet --pidfile ${pidfile} - local ret=$? - eend $ret - return $ret -} - -loadfile() { - local rules="$1" - if [ -n "${rules}" -a -f "${rules}" ]; then - einfo "Loading audit rules from ${rules}" - /usr/sbin/auditctl -R "${rules}" >/dev/null - return $? - else - return 0 - fi -} - -start() { - start_auditd - local ret=$? - if [ $ret -eq 0 -a "${RC_CMD}" != "restart" ]; then - loadfile "${RULEFILE_STARTUP}" - fi - return $ret -} - -reload_rules() { - loadfile "${RULEFILE_STARTUP}" -} - -reload_auditd() { - ebegin "Reloading ${SVCNAME}" - start-stop-daemon --signal HUP \ - --exec "${command}" --pidfile "${pidfile}" - eend $? -} - -reload() { - reload_auditd - reload_rules -} - -stop() { - [ "${RC_CMD}" != "restart" ] && loadfile "${RULEFILE_STOP_PRE}" - stop_auditd - local ret=$? - [ "${RC_CMD}" != "restart" ] && loadfile "${RULEFILE_STOP_POST}" - return $ret -} |