xref: /OK3568_Linux_fs/yocto/meta-openembedded/meta-oe/recipes-security/audit/audit_3.0.8.bb (revision 4882a59341e53eb6f0b4789bf948001014eff981) 
1SUMMARY = "User space tools for kernel auditing"
2DESCRIPTION = "The audit package contains the user space utilities for \
3storing and searching the audit records generated by the audit subsystem \
4in the Linux kernel."
5HOMEPAGE = "http://people.redhat.com/sgrubb/audit/"
6SECTION = "base"
7LICENSE = "GPL-2.0-or-later & LGPL-2.0-or-later"
8LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f"
9
10SRC_URI = "git://github.com/linux-audit/${BPN}-userspace.git;branch=master;protocol=https \
11           file://Fixed-swig-host-contamination-issue.patch \
12           file://auditd \
13           file://auditd.service \
14           file://audit-volatile.conf \
15"
16
17S = "${WORKDIR}/git"
18SRCREV = "54a62e78792fe583267cf80da717ee480b8f42bc"
19
20inherit autotools python3native update-rc.d systemd
21
22UPDATERCPN = "auditd"
23INITSCRIPT_NAME = "auditd"
24INITSCRIPT_PARAMS = "defaults"
25
26SYSTEMD_PACKAGES = "auditd"
27SYSTEMD_SERVICE:auditd = "auditd.service"
28
29DEPENDS = "python3 tcp-wrappers libcap-ng linux-libc-headers swig-native"
30
31EXTRA_OECONF = " --with-libwrap \
32        --enable-gssapi-krb5=no \
33        --with-libcap-ng=yes \
34        --with-python3=yes \
35        --libdir=${base_libdir} \
36        --sbindir=${base_sbindir} \
37        --without-python \
38        --without-golang \
39        --disable-zos-remote \
40        --with-arm=yes \
41        --with-aarch64=yes \
42        "
43
44EXTRA_OEMAKE = "PYLIBVER='python${PYTHON_BASEVERSION}' \
45	PYINC='${STAGING_INCDIR}/$(PYLIBVER)' \
46	pyexecdir=${libdir}/python${PYTHON_BASEVERSION}/site-packages \
47	STDINC='${STAGING_INCDIR}' \
48	pkgconfigdir=${libdir}/pkgconfig \
49	"
50
51SUMMARY:audispd-plugins = "Plugins for the audit event dispatcher"
52DESCRIPTION:audispd-plugins = "The audispd-plugins package provides plugins for the real-time \
53interface to the audit system, audispd. These plugins can do things \
54like relay events to remote machines or analyze events for suspicious \
55behavior."
56
57PACKAGES =+ "audispd-plugins"
58PACKAGES += "auditd ${PN}-python"
59
60FILES:${PN} = "${sysconfdir}/libaudit.conf ${base_libdir}/libaudit.so.1* ${base_libdir}/libauparse.so.*"
61FILES:auditd = "${bindir}/* ${base_sbindir}/* ${sysconfdir}/* ${datadir}/audit/*"
62FILES:audispd-plugins = "${sysconfdir}/audit/audisp-remote.conf \
63	${sysconfdir}/audit/plugins.d/au-remote.conf \
64	${sysconfdir}/audit/plugins.d/syslog.conf \
65	${base_sbindir}/audisp-remote \
66	${base_sbindir}/audisp-syslog \
67	${localstatedir}/spool/audit \
68	"
69FILES:${PN}-dbg += "${libdir}/python${PYTHON_BASEVERSION}/*/.debug"
70FILES:${PN}-python = "${libdir}/python${PYTHON_BASEVERSION}"
71
72CONFFILES:auditd = "${sysconfdir}/audit/audit.rules"
73
74do_configure:prepend() {
75	sed -e 's|buf\[];|buf[0];|g'  ${STAGING_INCDIR}/linux/audit.h > ${S}/lib/audit.h
76        sed -i -e 's|#include <linux/audit.h>|#include "audit.h"|g' ${S}/lib/libaudit.h
77}
78
79do_install:append() {
80        sed -i -e 's|#include "audit.h"|#include <linux/audit.h>|g' ${D}${includedir}/libaudit.h
81
82	rm -f ${D}/${libdir}/python${PYTHON_BASEVERSION}/site-packages/*.a
83	rm -f ${D}/${libdir}/python${PYTHON_BASEVERSION}/site-packages/*.la
84
85	# reuse auditd config
86	[ ! -e ${D}/etc/default ] && mkdir ${D}/etc/default
87	mv ${D}/etc/sysconfig/auditd ${D}/etc/default
88	rmdir ${D}/etc/sysconfig/
89
90	# replace init.d
91	install -D -m 0755 ${WORKDIR}/auditd ${D}/etc/init.d/auditd
92	rm -rf ${D}/etc/rc.d
93
94	if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then
95		# install systemd unit files
96		install -d ${D}${systemd_unitdir}/system
97		install -m 0644 ${WORKDIR}/auditd.service ${D}${systemd_unitdir}/system
98
99		install -d ${D}${sysconfdir}/tmpfiles.d/
100		install -m 0644 ${WORKDIR}/audit-volatile.conf ${D}${sysconfdir}/tmpfiles.d/
101	fi
102
103	# audit-2.5 doesn't install any rules by default, so we do that here
104	mkdir -p ${D}/etc/audit ${D}/etc/audit/rules.d
105	cp ${S}/rules/10-base-config.rules ${D}/etc/audit/rules.d/audit.rules
106
107	chmod 750 ${D}/etc/audit ${D}/etc/audit/rules.d
108	chmod 640 ${D}/etc/audit/auditd.conf ${D}/etc/audit/rules.d/audit.rules
109
110	# Based on the audit.spec "Copy default rules into place on new installation"
111	cp ${D}/etc/audit/rules.d/audit.rules ${D}/etc/audit/audit.rules
112
113	# Create /var/spool/audit directory for audisp-remote
114	install -m 0700 -d ${D}${localstatedir}/spool/audit
115}
116