2017-08-21 00:40:43 +00:00
|
|
|
{
|
2021-01-15 14:45:37 +00:00
|
|
|
lib, stdenv, buildPackages, fetchurl, fetchpatch,
|
2019-05-16 00:07:36 +00:00
|
|
|
runCommand,
|
2021-11-28 02:48:51 +00:00
|
|
|
autoreconfHook,
|
2019-05-16 00:07:36 +00:00
|
|
|
autoconf, automake, libtool,
|
2021-05-17 09:46:16 +00:00
|
|
|
enablePython ? true, python, swig,
|
|
|
|
linuxHeaders ? stdenv.cc.libc.linuxHeaders
|
2013-11-28 09:09:28 +00:00
|
|
|
}:
|
|
|
|
|
|
|
|
stdenv.mkDerivation rec {
|
2021-08-27 14:47:49 +00:00
|
|
|
pname = "audit";
|
|
|
|
version = "2.8.5"; # at the next release, remove the patches below!
|
2013-11-28 09:09:28 +00:00
|
|
|
|
|
|
|
src = fetchurl {
|
2021-08-27 14:47:49 +00:00
|
|
|
url = "https://people.redhat.com/sgrubb/audit/audit-${version}.tar.gz";
|
2019-03-21 05:32:51 +00:00
|
|
|
sha256 = "1dzcwb2q78q7x41shcachn7f4aksxbxd470yk38zh03fch1l2p8f";
|
2013-11-28 09:09:28 +00:00
|
|
|
};
|
|
|
|
|
2017-08-21 00:40:43 +00:00
|
|
|
outputs = [ "bin" "dev" "out" "man" ];
|
2016-08-20 22:55:21 +00:00
|
|
|
|
2019-06-09 13:59:13 +00:00
|
|
|
depsBuildBuild = [ buildPackages.stdenv.cc ];
|
2021-11-28 02:48:51 +00:00
|
|
|
nativeBuildInputs = [ autoreconfHook ];
|
2021-05-17 09:46:16 +00:00
|
|
|
buildInputs = lib.optionals enablePython [ python swig ];
|
2013-11-28 09:09:28 +00:00
|
|
|
|
2017-08-21 00:40:43 +00:00
|
|
|
configureFlags = [
|
|
|
|
# z/OS plugin is not useful on Linux,
|
|
|
|
# and pulls in an extra openldap dependency otherwise
|
|
|
|
"--disable-zos-remote"
|
|
|
|
(if enablePython then "--with-python" else "--without-python")
|
2019-03-25 08:14:16 +00:00
|
|
|
"--with-arm"
|
|
|
|
"--with-aarch64"
|
2017-08-21 00:40:43 +00:00
|
|
|
];
|
2013-11-28 09:09:28 +00:00
|
|
|
|
2016-09-05 12:37:43 +00:00
|
|
|
enableParallelBuilding = true;
|
|
|
|
|
2019-05-16 00:07:36 +00:00
|
|
|
# TODO: Remove the musl patches when
|
|
|
|
# https://github.com/linux-audit/audit-userspace/pull/25
|
|
|
|
# is available with the next release.
|
2021-09-11 21:48:06 +00:00
|
|
|
patches = [
|
|
|
|
./patches/weak-symbols.patch
|
|
|
|
(fetchpatch {
|
|
|
|
# upstream build fix against -fno-common compilers like >=gcc-10
|
|
|
|
url = "https://github.com/linux-audit/audit-userspace/commit/017e6c6ab95df55f34e339d2139def83e5dada1f.patch";
|
|
|
|
sha256 = "100xa1rzkv0mvhjbfgpfm72f7c4p68syflvgc3xm6pxgrqqmfq8h";
|
|
|
|
})
|
2021-11-28 02:48:51 +00:00
|
|
|
|
2019-05-16 00:07:36 +00:00
|
|
|
(
|
|
|
|
let patch = fetchpatch {
|
|
|
|
url = "https://github.com/linux-audit/audit-userspace/commit/d579a08bb1cde71f939c13ac6b2261052ae9f77e.patch";
|
|
|
|
name = "Add-substitue-functions-for-strndupa-rawmemchr.patch";
|
|
|
|
sha256 = "015bvzflg1s1k5viap30nznlpjj44a66khyc8yq0waa68qwvdlsd";
|
|
|
|
};
|
|
|
|
in
|
|
|
|
runCommand "Add-substitue-functions-for-strndupa-rawmemchr.patch-fix-copyright-merge-conflict" {} ''
|
|
|
|
cp ${patch} $out
|
|
|
|
substituteInPlace $out --replace \
|
|
|
|
'-* Copyright (c) 2007-09,2011-16,2018 Red Hat Inc., Durham, North Carolina.' \
|
|
|
|
'-* Copyright (c) 2007-09,2011-16 Red Hat Inc., Durham, North Carolina.'
|
|
|
|
''
|
|
|
|
)
|
2021-11-28 02:48:51 +00:00
|
|
|
|
|
|
|
# upstream fix for linux-headers-5.15 which removed ipx.h
|
|
|
|
(fetchpatch {
|
|
|
|
name = "no-ipx.patch";
|
|
|
|
url = "https://github.com/linux-audit/audit-userspace/commit/6b09724c69d91668418ddb3af00da6db6755208c.patch";
|
|
|
|
sha256 = "0qjq41ridyamajz9v9nyplgq7f8nn3fxw375s9sa5a0igsrx9pm0";
|
|
|
|
excludes = [ "ChangeLog" ];
|
|
|
|
})
|
2017-04-17 02:10:39 +00:00
|
|
|
];
|
|
|
|
|
2021-05-17 09:46:16 +00:00
|
|
|
postPatch = ''
|
2017-04-17 02:10:39 +00:00
|
|
|
sed -i 's,#include <sys/poll.h>,#include <poll.h>\n#include <limits.h>,' audisp/audispd.c
|
2021-05-17 09:46:16 +00:00
|
|
|
substituteInPlace bindings/swig/src/auditswig.i \
|
|
|
|
--replace "/usr/include/linux/audit.h" \
|
|
|
|
"${linuxHeaders}/include/linux/audit.h"
|
2021-01-08 00:00:00 +00:00
|
|
|
''
|
|
|
|
# According to https://stackoverflow.com/questions/13089166
|
|
|
|
# --whole-archive linker flag is required to be sure that linker
|
|
|
|
# correctly chooses strong version of symbol regardless of order of
|
|
|
|
# object files at command line.
|
2021-06-18 21:45:21 +00:00
|
|
|
+ lib.optionalString stdenv.hostPlatform.isStatic ''
|
2021-01-08 00:00:00 +00:00
|
|
|
export LDFLAGS=-Wl,--whole-archive
|
2017-04-17 02:10:39 +00:00
|
|
|
'';
|
2013-11-28 09:09:28 +00:00
|
|
|
meta = {
|
|
|
|
description = "Audit Library";
|
2020-04-01 01:11:51 +00:00
|
|
|
homepage = "https://people.redhat.com/sgrubb/audit/";
|
2021-01-15 14:45:37 +00:00
|
|
|
license = lib.licenses.gpl2;
|
|
|
|
platforms = lib.platforms.linux;
|
|
|
|
maintainers = with lib.maintainers; [ ];
|
2013-11-28 09:09:28 +00:00
|
|
|
};
|
|
|
|
}
|