testing/audit: initial import

An initial import of the audit daemon, libraries, and utilities.

Signed-off-by: Tycho Andersen <tycho@docker.com>

4 files changed, 194 insertions, 0 deletions

diff --git a/testing/audit/0001-auditctl-include-headers-to-make-build-work-with-mus.patch b/testing/audit/0001-auditctl-include-headers-to-make-build-work-with-mus.patch
new file mode 100644
index 0000000000..8747c7d450
--- /dev/null
+++ b/testing/audit/0001-auditctl-include-headers-to-make-build-work-with-mus.patch
@@ -0,0 +1,29 @@
+From 12e2693a4868c7f925ad528bb1dafd15d80616bb Mon Sep 17 00:00:00 2001
+From: Tycho Andersen <tycho@docker.com>
+Date: Mon, 13 Mar 2017 22:44:19 +0000
+Subject: [PATCH 1/3] auditctl: include headers to make build work with musl
+
+technically select is defined in sys/select.h, and `struct timeval`
+requires sys/time.h
+
+Signed-off-by: Tycho Andersen <tycho@docker.com>
+---
+ src/auditctl.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/src/auditctl.c b/src/auditctl.c
+index e112b16..11d2dc7 100644
+--- a/src/auditctl.c
++++ b/src/auditctl.c
+@@ -32,6 +32,8 @@
+ #include <ctype.h>
+ #include <unistd.h>
+ #include <sys/utsname.h>
++#include <sys/select.h>
++#include <sys/time.h>
+ #include <fcntl.h>
+ #include <errno.h>
+ #include <libgen.h>	/* For basename */
+-- 
+2.11.1
+
diff --git a/testing/audit/0002-auparse-remove-use-of-rawmemchr.patch b/testing/audit/0002-auparse-remove-use-of-rawmemchr.patch
new file mode 100644
index 0000000000..de774b3a8e
--- /dev/null
+++ b/testing/audit/0002-auparse-remove-use-of-rawmemchr.patch
@@ -0,0 +1,34 @@
+From d28763047fd0937a4f150402d2760b3ddcd3a651 Mon Sep 17 00:00:00 2001
+From: Tycho Andersen <tycho@docker.com>
+Date: Mon, 13 Mar 2017 16:17:10 -0700
+Subject: [PATCH 2/3] auparse: remove use of rawmemchr
+
+just iterate over the string instead, it's much simpler and doesn't use a
+glibc extension.
+
+Signed-off-by: Tycho Andersen <tycho@docker.com>
+---
+ auparse/interpret.c | 7 +++----
+ 1 file changed, 3 insertions(+), 4 deletions(-)
+
+diff --git a/auparse/interpret.c b/auparse/interpret.c
+index 1f517d7..57da00c 100644
+--- a/auparse/interpret.c
++++ b/auparse/interpret.c
+@@ -803,10 +803,9 @@ static const char *print_proctitle(const char *val)
+ 		size_t len = strlen(val) / 2;
+ 		const char *end = out + len;
+ 		char *ptr = out;
+-		while ((ptr  = rawmemchr(ptr, '\0'))) {
+-			if (ptr >= end)
+-				break;
+-			*ptr = ' ';
++		while (ptr < end) {
++			if (*ptr == '\0')
++				*ptr = ' ';
+ 			ptr++;
+ 		}
+ 	}
+-- 
+2.11.1
+
diff --git a/testing/audit/0003-all-get-rid-of-strndupa.patch b/testing/audit/0003-all-get-rid-of-strndupa.patch
new file mode 100644
index 0000000000..e705de4c37
--- /dev/null
+++ b/testing/audit/0003-all-get-rid-of-strndupa.patch
@@ -0,0 +1,86 @@
+From f45e805033c6aed205863d87fe56f5bc7e6fd0c4 Mon Sep 17 00:00:00 2001
+From: Tycho Andersen <tycho@docker.com>
+Date: Mon, 13 Mar 2017 16:40:08 -0700
+Subject: [PATCH 3/3] all: get rid of strndupa
+
+in one case (src/auditd.c) we don't even need to allocate a buffer, in the
+other two we do it in two steps to avoid using a non-standard function.
+
+Signed-off-by: Tycho Andersen <tycho@docker.com>
+---
+ auparse/auparse.c  |  6 ++++--
+ src/auditd.c       | 10 +++++-----
+ src/ausearch-lol.c |  6 ++++--
+ 3 files changed, 13 insertions(+), 9 deletions(-)
+
+diff --git a/auparse/auparse.c b/auparse/auparse.c
+index 3677ad7..b428330 100644
+--- a/auparse/auparse.c
++++ b/auparse/auparse.c
+@@ -1096,10 +1096,12 @@ static int extract_timestamp(const char *b, au_event_t *e)
+ 	int rc = 1;
+ 
+         e->host = NULL;
++
++	tmp = alloca(340);
+ 	if (*b == 'n')
+-		tmp = strndupa(b, 340);
++		tmp = strncpy(tmp, b, 340);
+ 	else
+-		tmp = strndupa(b, 80);
++		tmp = strncpy(tmp, b, 80);
+ 	ptr = audit_strsplit(tmp);
+ 	if (ptr) {
+ 		// Optionally grab the node - may or may not be included
+diff --git a/src/auditd.c b/src/auditd.c
+index 3f0162d..a1c2c51 100644
+--- a/src/auditd.c
++++ b/src/auditd.c
+@@ -185,7 +185,7 @@ static void child_handler2( int sig )
+ 
+ static int extract_type(const char *str)
+ {
+-	const char *tptr, *ptr2, *ptr = str;
++	const char *ptr2, *ptr = str;
+ 	if (*str == 'n') {
+ 		ptr = strchr(str+1, ' ');
+ 		if (ptr == NULL)
+@@ -194,12 +194,12 @@ static int extract_type(const char *str)
+ 	}
+ 	// ptr should be at 't'
+ 	ptr2 = strchr(ptr, ' ');
+-	// get type=xxx in a buffer
+-	tptr = strndupa(ptr, ptr2 - ptr);
++
+ 	// find =
+-	str = strchr(tptr, '=');
+-	if (str == NULL)
++	str = strchr(ptr, '=');
++	if (str == NULL || str >= ptr2)
+ 		return -1; // Malformed - bomb out
++
+ 	// name is 1 past
+ 	str++;
+ 	return audit_name_to_msg_type(str);
+diff --git a/src/ausearch-lol.c b/src/ausearch-lol.c
+index b1aec06..5d461b0 100644
+--- a/src/ausearch-lol.c
++++ b/src/ausearch-lol.c
+@@ -135,10 +135,12 @@ static int extract_timestamp(const char *b, event *e)
+ 	char *ptr, *tmp, *tnode, *ttype;
+ 
+ 	e->node = NULL;
++
++	tmp = alloca(340);
+ 	if (*b == 'n')
+-		tmp = strndupa(b, 340);
++		tmp = strncpy(tmp, b, 340);
+ 	else
+-		tmp = strndupa(b, 80);
++		tmp = strncpy(tmp, b, 80);
+ 	ptr = audit_strsplit(tmp);
+ 	if (ptr) {
+ 		// Check to see if this is the node info
+-- 
+2.11.1
+
diff --git a/testing/audit/APKBUILD b/testing/audit/APKBUILD
new file mode 100644
index 0000000000..6ec06e547d
--- /dev/null
+++ b/testing/audit/APKBUILD
@@ -0,0 +1,45 @@
+# Maintainer: Tycho Andersen <tycho@docker.com>
+pkgname=audit
+pkgver=2.7.2
+pkgrel=0
+pkgdesc="User space tools for 2.6 kernel auditing"
+url="http://people.redhat.com/sgrubb/audit/"
+arch="all"
+license="GPLv2+"
+depends=""
+depends_dev=""
+makedepends="$depends_dev linux-headers libcap-ng-dev python3"
+install=""
+subpackages="$pkgname-dev $pkgname-doc"
+source="http://people.redhat.com/sgrubb/audit/audit-$pkgver.tar.gz
+        0001-auditctl-include-headers-to-make-build-work-with-mus.patch
+        0002-auparse-remove-use-of-rawmemchr.patch
+        0003-all-get-rid-of-strndupa.patch
+        "
+builddir="$srcdir/audit-$pkgver"
+
+build() {
+	cd "$builddir"
+	./configure \
+		--build=$CBUILD \
+		--host=$CHOST \
+		--prefix=/usr \
+		--sysconfdir=/etc \
+		--mandir=/usr/share/man \
+		--localstatedir=/var \
+    --disable-zos-remote \
+    --enable-shared=audit \
+		|| return 1
+	make || return 1
+  make DESTDIR="$pkgdir" install || return 1
+}
+
+package() {
+	cd "$builddir"
+	make DESTDIR="$pkgdir" install || return 1
+}
+
+sha512sums="a3974547a6da15e87c9070f3aa8a40232555afbd8d6cdf41e6d3c2a059f766ae75febbe8ff72fdadb522222eefda08e55f10dd8d20a3cee2625a6048d38c152b  audit-2.7.2.tar.gz
+9070de8b9d778c2907adfcb78a02c3a243ed1951d399184679518493a7eca1560878616ace1f661005bda9384e8fc6fde103298c9c57d8883786210939927ecc  0001-auditctl-include-headers-to-make-build-work-with-mus.patch
+bede955da1a31b42fbb259ea88cfca97e9a4263987e5982eeeee78a74524ce5f819872cbf404551dcce490ad188cd6a0eee65312ca7665c295581801c92bbb05  0002-auparse-remove-use-of-rawmemchr.patch
+41c50d8203ba8d31bd0e4fbcacbf9f15d6d83aae77660d815aecfe75e0cd40e587730becb725431f0416da14468b85c7a13739040498869d64a30ef0602081c1  0003-all-get-rid-of-strndupa.patch"