Merge #222197: audit: 2.8.5 -> 3.1

...into staging
2024-12-02 20:03:16 +00:00 · 2023-04-16 09:52:18 +02:00 · 2023-04-16 09:52:18 +02:00 · 584cc75acc
commit 584cc75acc
parent 8e4e2a2e2f 50c40a8f6a
3 changed files with 15 additions and 188 deletions
--- a/pkgs/os-specific/linux/audit/default.nix
+++ b/pkgs/os-specific/linux/audit/default.nix
@ -12,11 +12,11 @@

 stdenv.mkDerivation rec {
  pname = "audit";
-  version = "2.8.5"; # at the next release, remove the patches below!
+  version = "3.1";

  src = fetchurl {
    url = "https://people.redhat.com/sgrubb/audit/audit-${version}.tar.gz";
-    sha256 = "1dzcwb2q78q7x41shcachn7f4aksxbxd470yk38zh03fch1l2p8f";
+    sha256 = "sha256-tc882rsnhsCLHeNZmjsaVH5V96n5wesgePW0TPROg3g=";
  };

  outputs = [ "bin" "dev" "out" "man" ];
@ -37,40 +37,9 @@ stdenv.mkDerivation rec {
  ];

  enableParallelBuilding = true;
-
-  # TODO: Remove the musl patches when
-  #         https://github.com/linux-audit/audit-userspace/pull/25
-  #       is available with the next release.
  patches = [
-    ./patches/weak-symbols.patch
-    (fetchpatch {
-      # upstream build fix against -fno-common compilers like >=gcc-10
-      url = "https://github.com/linux-audit/audit-userspace/commit/017e6c6ab95df55f34e339d2139def83e5dada1f.patch";
-      sha256 = "100xa1rzkv0mvhjbfgpfm72f7c4p68syflvgc3xm6pxgrqqmfq8h";
-    })
+    ./fix-static.patch

-    (
-      let patch = fetchpatch {
-            url = "https://github.com/linux-audit/audit-userspace/commit/d579a08bb1cde71f939c13ac6b2261052ae9f77e.patch";
-            name = "Add-substitue-functions-for-strndupa-rawmemchr.patch";
-            sha256 = "015bvzflg1s1k5viap30nznlpjj44a66khyc8yq0waa68qwvdlsd";
-          };
-      in
-        runCommand "Add-substitue-functions-for-strndupa-rawmemchr.patch-fix-copyright-merge-conflict" {} ''
-          cp ${patch} $out
-          substituteInPlace $out --replace \
-              '-* Copyright (c) 2007-09,2011-16,2018 Red Hat Inc., Durham, North Carolina.' \
-              '-* Copyright (c) 2007-09,2011-16 Red Hat Inc., Durham, North Carolina.'
-        ''
-    )
-
-    # upstream fix for linux-headers-5.15 which removed ipx.h
-    (fetchpatch {
-      name = "no-ipx.patch";
-      url = "https://github.com/linux-audit/audit-userspace/commit/6b09724c69d91668418ddb3af00da6db6755208c.patch";
-      sha256 = "0qjq41ridyamajz9v9nyplgq7f8nn3fxw375s9sa5a0igsrx9pm0";
-      excludes = [ "ChangeLog" ];
-    })
    # Fix pending upstream inclusion for linux-headers-5.17 support:
    #  https://github.com/linux-audit/audit-userspace/pull/253
    (fetchpatch {
@ -85,13 +54,6 @@ stdenv.mkDerivation rec {
    substituteInPlace bindings/swig/src/auditswig.i \
      --replace "/usr/include/linux/audit.h" \
                "${linuxHeaders}/include/linux/audit.h"
-  ''
-  # According to https://stackoverflow.com/questions/13089166
-  # --whole-archive linker flag is required to be sure that linker
-  # correctly chooses strong version of symbol regardless of order of
-  # object files at command line.
-  + lib.optionalString stdenv.hostPlatform.isStatic ''
-    export LDFLAGS=-Wl,--whole-archive
  '';
  meta = {
    description = "Audit Library";
--- a/pkgs/os-specific/linux/audit/fix-static.patch
+++ b/pkgs/os-specific/linux/audit/fix-static.patch
@ -0,0 +1,12 @@
+--- a/auparse/auparse.h
+++ b/auparse/auparse.h
+@@ -32,6 +32,9 @@
+ # define __attr_dealloc(dealloc, argno)
+ # define __attr_dealloc_free
+ #endif
+#ifndef __attribute_malloc__
+# define __attribute_malloc__ __attribute__ ((__malloc__))
+#endif
+ 
+ #ifdef __cplusplus
+ extern "C" {
--- a/pkgs/os-specific/linux/audit/patches/weak-symbols.patch
+++ b/pkgs/os-specific/linux/audit/patches/weak-symbols.patch
@ -1,147 +0,0 @@
-Executables in src/ directory are built from source files in src/
-and are linked to libauparse, with both src/auditd-config.c and
-auparse/auditd-config.c defining "free_config" function.
-
-It is known (although obscure) behaviour of shared libraries that
-symbol defined in binary itself overrides symbol in shared library;
-with static linkage it expectedly results in multiple definition
-error.
-
-This set of fixes explicitly marks libauparse versions of
-conflicting functions as weak to have behaviour coherent with
-dynamic linkage version -- definitions in src/ overriding definition
-in auparse/.
-
-Still, this architecture is very strange and confusing.
-
-diff -r -U5 audit-2.8.5-orig/auparse/auditd-config.c audit-2.8.5/auparse/auditd-config.c
--- audit-2.8.5-orig/auparse/auditd-config.c	2019-03-01 20:19:13.000000000 +0000
-+++ audit-2.8.5/auparse/auditd-config.c	2021-01-13 11:36:12.716226498 +0000
-@@ -68,10 +68,11 @@
- };
- 
- /*
-  * Set everything to its default value
- */
-+#pragma weak clear_config
- void clear_config(struct daemon_conf *config)
- {
- 	config->local_events = 1;
- 	config->qos = QOS_NON_BLOCKING;
- 	config->sender_uid = 0;
-@@ -322,10 +323,11 @@
- 	if (config->log_file == NULL)
- 		return 1;
- 	return 0;
- }
- 
-+#pragma weak free_config
- void free_config(struct daemon_conf *config)
- {
- 	free((void*)config->log_file);
- }
- 
-diff -r -U5 audit-2.8.5-orig/auparse/interpret.c audit-2.8.5/auparse/interpret.c
--- audit-2.8.5-orig/auparse/interpret.c	2019-03-01 20:19:13.000000000 +0000
-+++ audit-2.8.5/auparse/interpret.c	2021-01-13 11:39:42.107217224 +0000
-@@ -545,10 +545,11 @@
- 	else
- 		snprintf(buf, size, "unknown(%d)", uid);
- 	return buf;
- }
- 
-+#pragma weak aulookup_destroy_uid_list
- void aulookup_destroy_uid_list(void)
- {
- 	if (uid_cache_created == 0)
- 		return;
- 
-@@ -2810,10 +2811,11 @@
- 
- /*
-  * This is the main entry point for the auparse library. Call chain is:
-  * auparse_interpret_field -> nvlist_interp_cur_val -> interpret
-  */
-+#pragma weak interpret
- const char *interpret(const rnode *r, auparse_esc_t escape_mode)
- {
- 	const nvlist *nv = &r->nv;
- 	int type;
- 	idata id;
-diff -r -U5 audit-2.8.5-orig/auparse/nvlist.c audit-2.8.5/auparse/nvlist.c
--- audit-2.8.5-orig/auparse/nvlist.c	2019-02-04 14:26:52.000000000 +0000
-+++ audit-2.8.5/auparse/nvlist.c	2021-01-13 11:37:37.190222757 +0000
-@@ -27,10 +27,11 @@
- #include "nvlist.h"
- #include "interpret.h"
- #include "auparse-idata.h"
- 
- 
-+#pragma weak nvlist_create
- void nvlist_create(nvlist *l)
- {
- 	l->head = NULL;
- 	l->cur = NULL;
- 	l->cnt = 0;
-@@ -47,17 +48,19 @@
- 	while (node->next)
- 		node = node->next;
- 	l->cur = node;
- }
- 
-+#pragma weak nvlist_next
- nvnode *nvlist_next(nvlist *l)
- {
- 	if (l->cur)
- 		l->cur = l->cur->next;
- 	return l->cur;
- }
- 
-+#pragma weak nvlist_append
- void nvlist_append(nvlist *l, nvnode *node)
- {
- 	nvnode* newnode = malloc(sizeof(nvnode));
- 
- 	newnode->name = node->name;
-@@ -141,10 +144,11 @@
- 	if (l->cur->interp_val)
- 		return l->cur->interp_val;
- 	return interpret(r, escape_mode);
- }
- 
-+#pragma weak nvlist_clear
- void nvlist_clear(nvlist* l)
- {
- 	nvnode* nextnode;
- 	register nvnode* current;
- 
-diff -r -U5 audit-2.8.5-orig/auparse/strsplit.c audit-2.8.5/auparse/strsplit.c
--- audit-2.8.5-orig/auparse/strsplit.c	2019-03-01 21:15:30.000000000 +0000
-+++ audit-2.8.5/auparse/strsplit.c	2021-01-13 11:38:04.306221556 +0000
-@@ -54,10 +54,11 @@
- 			return NULL;
- 		return s;
- 	}
- }
- 
-+#pragma weak audit_strsplit
- char *audit_strsplit(char *s)
- {
- 	static char *str = NULL;
- 	char *ptr;
- 
-diff -r -U5 audit-2.8.5-orig/lib/strsplit.c audit-2.8.5/lib/strsplit.c
--- audit-2.8.5-orig/lib/strsplit.c	2019-03-01 20:19:13.000000000 +0000
-+++ audit-2.8.5/lib/strsplit.c	2021-01-13 11:38:29.444220443 +0000
-@@ -23,10 +23,11 @@
- 
- #include <string.h>
- #include "libaudit.h"
- #include "private.h"
- 
-+#pragma weak audit_strsplit_r
- char *audit_strsplit_r(char *s, char **savedpp)
- {
- 	char *ptr;
- 
- 	if (s)