* [PATCH] Add audit.
@ 2016-01-13 15:03 Ricardo Wurmus
2016-01-15 21:05 ` Ludovic Courtès
0 siblings, 1 reply; 3+ messages in thread
From: Ricardo Wurmus @ 2016-01-13 15:03 UTC (permalink / raw)
To: Guix-devel
[-- Attachment #1: Type: text/plain, Size: 488 bytes --]
Hi Guix,
the tests for this package cannot easily be fixed by
#:phases
(modify-phases %standard-phases
(add-after 'unpack 'fix-tests
(lambda _
(substitute* "auparse/test/auparse_test.ref"
(("\\(root\\)") "(unknown(0))"))
#t)))
because for *some* of them “(root)” is returned (while for *most* of
them its “(unknown(0))”). Ideas on how to fix the tests are very
welcome!
~~ Ricardo
[-- Attachment #2: 0001-gnu-Add-audit.patch --]
[-- Type: text/x-patch, Size: 2900 bytes --]
From c4948bc06b30e4e55810b82cc458cd6a429b6f80 Mon Sep 17 00:00:00 2001
From: Ricardo Wurmus <ricardo.wurmus@mdc-berlin.de>
Date: Wed, 13 Jan 2016 16:00:06 +0100
Subject: [PATCH] gnu: Add audit.
* gnu/packages/admin.scm (audit): New variable.
---
gnu/packages/admin.scm | 33 +++++++++++++++++++++++++++++++++
1 file changed, 33 insertions(+)
diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm
index fbdc26d..87dd497 100644
--- a/gnu/packages/admin.scm
+++ b/gnu/packages/admin.scm
@@ -6,6 +6,7 @@
;;; Copyright © 2015 Taylan Ulrich Bayırlı/Kammer <taylanbayirli@gmail.com>
;;; Copyright © 2015 Alex Sassmannshausen <alex.sassmannshausen@gmail.com>
;;; Copyright © 2015 Eric Dvorsak <eric@dvorsak.fr>
+;;; Copyright © 2016 Ricardo Wurmus <rekado@elephly.net>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -34,6 +35,7 @@
#:use-module (guix build-system trivial)
#:use-module (gnu packages)
#:use-module (gnu packages base)
+ #:use-module (gnu packages cyrus-sasl)
#:use-module (gnu packages ncurses)
#:use-module (gnu packages readline)
#:use-module (gnu packages linux)
@@ -47,6 +49,7 @@
#:use-module (gnu packages bison)
#:use-module (gnu packages flex)
#:use-module (gnu packages glib)
+ #:use-module (gnu packages openldap)
#:use-module (gnu packages pkg-config)
#:use-module (gnu packages popt)
#:use-module (gnu packages texinfo)
@@ -1317,3 +1320,33 @@ able to adapt itself dynamically to the overall system load. Children
processes and threads of the specified process may optionally share the same
limits.")
(license license:gpl2+)))
+
+(define-public audit
+ (package
+ (name "audit")
+ (version "2.4.5")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "http://people.redhat.com/sgrubb/audit/"
+ "audit-" version ".tar.gz"))
+ (sha256
+ (base32
+ "1q1q51dvxscbi4kbakmd4bn0xrvwwaiwvaya79925cbrqwzxsg77"))))
+ (build-system gnu-build-system)
+ (home-page "http://people.redhat.com/sgrubb/audit/")
+ (arguments
+ `(;; The tests expect records like "uid=0 (root)" but only get "uid=0
+ ;; (unknown(0))" in most cases.
+ #:tests? #f
+ #:configure-flags (list "--with-python=no")))
+ (inputs
+ `(("openldap" ,openldap)
+ ("openssl" ,openssl)
+ ("sasl" ,cyrus-sasl)))
+ (synopsis "Userspace component to the Linux auditing system")
+ (description
+ "auditd is the userspace component to the Linux auditing system. It's
+responsible for writing audit records to the disk. Viewing the logs is done
+with the @code{ausearch} or @code{aureport} utilities. Configuring the audit
+rules is done with the @code{auditctl} utility.")
+ (license license:gpl2+)))
--
2.1.0
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] Add audit.
2016-01-13 15:03 [PATCH] Add audit Ricardo Wurmus
@ 2016-01-15 21:05 ` Ludovic Courtès
2016-02-15 15:07 ` Ricardo Wurmus
0 siblings, 1 reply; 3+ messages in thread
From: Ludovic Courtès @ 2016-01-15 21:05 UTC (permalink / raw)
To: Ricardo Wurmus; +Cc: Guix-devel
Ricardo Wurmus <ricardo.wurmus@mdc-berlin.de> skribis:
> the tests for this package cannot easily be fixed by
>
> #:phases
> (modify-phases %standard-phases
> (add-after 'unpack 'fix-tests
> (lambda _
> (substitute* "auparse/test/auparse_test.ref"
> (("\\(root\\)") "(unknown(0))"))
> #t)))
>
> because for *some* of them “(root)” is returned (while for *most* of
> them its “(unknown(0))”). Ideas on how to fix the tests are very
> welcome!
How does it get that info?
One thing to know is that /etc/passwd in the build environment contains
only two entries, and no entry for root/0; quoth build.cc:
--8<---------------cut here---------------start------------->8---
writeFile(chrootRootDir + "/etc/passwd",
(format(
"nixbld:x:%1%:%2%:Nix build user:/:/noshell\n"
"nobody:x:65534:65534:Nobody:/:/noshell\n")
% (buildUser.enabled() ? buildUser.getUID() : getuid())
% (buildUser.enabled() ? buildUser.getGID() : getgid())).str());
--8<---------------cut here---------------end--------------->8---
Thus, getpwuid(0) and getpwnam("root") both fail.
> From c4948bc06b30e4e55810b82cc458cd6a429b6f80 Mon Sep 17 00:00:00 2001
> From: Ricardo Wurmus <ricardo.wurmus@mdc-berlin.de>
> Date: Wed, 13 Jan 2016 16:00:06 +0100
> Subject: [PATCH] gnu: Add audit.
>
> * gnu/packages/admin.scm (audit): New variable.
[...]
> + (synopsis "Userspace component to the Linux auditing system")
I’d write “User-space”.
> + (description
> + "auditd is the userspace component to the Linux auditing system. It's
Maybe something like: “… to the Linux auditing system, which allows
logging of system calls made by user-land processes.”
Would be nice if we could fix those tests before pushing it.
Thanks,
Ludo’.
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] Add audit.
2016-01-15 21:05 ` Ludovic Courtès
@ 2016-02-15 15:07 ` Ricardo Wurmus
0 siblings, 0 replies; 3+ messages in thread
From: Ricardo Wurmus @ 2016-02-15 15:07 UTC (permalink / raw)
To: Ludovic Courtès; +Cc: Guix-devel
Ludovic Courtès <ludo@gnu.org> writes:
> Ricardo Wurmus <ricardo.wurmus@mdc-berlin.de> skribis:
>
>> the tests for this package cannot easily be fixed by
>>
>> #:phases
>> (modify-phases %standard-phases
>> (add-after 'unpack 'fix-tests
>> (lambda _
>> (substitute* "auparse/test/auparse_test.ref"
>> (("\\(root\\)") "(unknown(0))"))
>> #t)))
>>
>> because for *some* of them “(root)” is returned (while for *most* of
>> them its “(unknown(0))”). Ideas on how to fix the tests are very
>> welcome!
>
> How does it get that info?
>
> One thing to know is that /etc/passwd in the build environment contains
> only two entries, and no entry for root/0; quoth build.cc:
>
> --8<---------------cut here---------------start------------->8---
> writeFile(chrootRootDir + "/etc/passwd",
> (format(
> "nixbld:x:%1%:%2%:Nix build user:/:/noshell\n"
> "nobody:x:65534:65534:Nobody:/:/noshell\n")
> % (buildUser.enabled() ? buildUser.getUID() : getuid())
> % (buildUser.enabled() ? buildUser.getGID() : getgid())).str());
> --8<---------------cut here---------------end--------------->8---
>
> Thus, getpwuid(0) and getpwnam("root") both fail.
Ah, this explains it. With a variant of the above build phase I was
able to make the tests pass. I added a comment to explain why that’s
needed.
>> From c4948bc06b30e4e55810b82cc458cd6a429b6f80 Mon Sep 17 00:00:00 2001
>> From: Ricardo Wurmus <ricardo.wurmus@mdc-berlin.de>
>> Date: Wed, 13 Jan 2016 16:00:06 +0100
>> Subject: [PATCH] gnu: Add audit.
>>
>> * gnu/packages/admin.scm (audit): New variable.
>
> [...]
>
>> + (synopsis "Userspace component to the Linux auditing system")
>
> I’d write “User-space”.
>
>> + (description
>> + "auditd is the userspace component to the Linux auditing system. It's
>
> Maybe something like: “… to the Linux auditing system, which allows
> logging of system calls made by user-land processes.”
Okay. I applied these changes and pushed.
Thanks for the review and the suggestions!
~~ Ricardo
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2016-02-15 15:07 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-01-13 15:03 [PATCH] Add audit Ricardo Wurmus
2016-01-15 21:05 ` Ludovic Courtès
2016-02-15 15:07 ` Ricardo Wurmus
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.