Re: [PATCH] Add audit.
Ludovic Courtès writes:
> Ricardo Wurmus skribis:
>
>> the tests for this package cannot easily be fixed by
>>
>>#:phases
>>(modify-phases %standard-phases
>> (add-after 'unpack 'fix-tests
>>(lambda _
>> (substitute* "auparse/test/auparse_test.ref"
>>(("\\(root\\)") "(unknown(0))"))
>> #t)))
>>
>> because for *some* of them “(root)” is returned (while for *most* of
>> them its “(unknown(0))”). Ideas on how to fix the tests are very
>> welcome!
>
> How does it get that info?
>
> One thing to know is that /etc/passwd in the build environment contains
> only two entries, and no entry for root/0; quoth build.cc:
>
> --8<---cut here---start->8---
> writeFile(chrootRootDir + "/etc/passwd",
> (format(
> "nixbld:x:%1%:%2%:Nix build user:/:/noshell\n"
> "nobody:x:65534:65534:Nobody:/:/noshell\n")
> % (buildUser.enabled() ? buildUser.getUID() : getuid())
> % (buildUser.enabled() ? buildUser.getGID() : getgid())).str());
> --8<---cut here---end--->8---
>
> Thus, getpwuid(0) and getpwnam("root") both fail.
Ah, this explains it. With a variant of the above build phase I was
able to make the tests pass. I added a comment to explain why that’s
needed.
>> From c4948bc06b30e4e55810b82cc458cd6a429b6f80 Mon Sep 17 00:00:00 2001
>> From: Ricardo Wurmus
>> Date: Wed, 13 Jan 2016 16:00:06 +0100
>> Subject: [PATCH] gnu: Add audit.
>>
>> * gnu/packages/admin.scm (audit): New variable.
>
> [...]
>
>> +(synopsis "Userspace component to the Linux auditing system")
>
> I’d write “User-space”.
>
>> +(description
>> + "auditd is the userspace component to the Linux auditing system. It's
>
> Maybe something like: “… to the Linux auditing system, which allows
> logging of system calls made by user-land processes.”
Okay. I applied these changes and pushed.
Thanks for the review and the suggestions!
~~ Ricardo
Re: [PATCH] Add audit.
Ricardo Wurmus skribis:
> the tests for this package cannot easily be fixed by
>
>#:phases
>(modify-phases %standard-phases
> (add-after 'unpack 'fix-tests
>(lambda _
> (substitute* "auparse/test/auparse_test.ref"
>(("\\(root\\)") "(unknown(0))"))
> #t)))
>
> because for *some* of them “(root)” is returned (while for *most* of
> them its “(unknown(0))”). Ideas on how to fix the tests are very
> welcome!
How does it get that info?
One thing to know is that /etc/passwd in the build environment contains
only two entries, and no entry for root/0; quoth build.cc:
--8<---cut here---start->8---
writeFile(chrootRootDir + "/etc/passwd",
(format(
"nixbld:x:%1%:%2%:Nix build user:/:/noshell\n"
"nobody:x:65534:65534:Nobody:/:/noshell\n")
% (buildUser.enabled() ? buildUser.getUID() : getuid())
% (buildUser.enabled() ? buildUser.getGID() : getgid())).str());
--8<---cut here---end--->8---
Thus, getpwuid(0) and getpwnam("root") both fail.
> From c4948bc06b30e4e55810b82cc458cd6a429b6f80 Mon Sep 17 00:00:00 2001
> From: Ricardo Wurmus
> Date: Wed, 13 Jan 2016 16:00:06 +0100
> Subject: [PATCH] gnu: Add audit.
>
> * gnu/packages/admin.scm (audit): New variable.
[...]
> +(synopsis "Userspace component to the Linux auditing system")
I’d write “User-space”.
> +(description
> + "auditd is the userspace component to the Linux auditing system. It's
Maybe something like: “… to the Linux auditing system, which allows
logging of system calls made by user-land processes.”
Would be nice if we could fix those tests before pushing it.
Thanks,
Ludo’.
[PATCH] Add audit.
Hi Guix,
the tests for this package cannot easily be fixed by
#:phases
(modify-phases %standard-phases
(add-after 'unpack 'fix-tests
(lambda _
(substitute* "auparse/test/auparse_test.ref"
(("\\(root\\)") "(unknown(0))"))
#t)))
because for *some* of them “(root)” is returned (while for *most* of
them its “(unknown(0))”). Ideas on how to fix the tests are very
welcome!
~~ Ricardo
>From c4948bc06b30e4e55810b82cc458cd6a429b6f80 Mon Sep 17 00:00:00 2001
From: Ricardo Wurmus
Date: Wed, 13 Jan 2016 16:00:06 +0100
Subject: [PATCH] gnu: Add audit.
* gnu/packages/admin.scm (audit): New variable.
---
gnu/packages/admin.scm | 33 +
1 file changed, 33 insertions(+)
diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm
index fbdc26d..87dd497 100644
--- a/gnu/packages/admin.scm
+++ b/gnu/packages/admin.scm
@@ -6,6 +6,7 @@
;;; Copyright © 2015 Taylan Ulrich Bayırlı/Kammer
;;; Copyright © 2015 Alex Sassmannshausen
;;; Copyright © 2015 Eric Dvorsak
+;;; Copyright © 2016 Ricardo Wurmus
;;;
;;; This file is part of GNU Guix.
;;;
@@ -34,6 +35,7 @@
#:use-module (guix build-system trivial)
#:use-module (gnu packages)
#:use-module (gnu packages base)
+ #:use-module (gnu packages cyrus-sasl)
#:use-module (gnu packages ncurses)
#:use-module (gnu packages readline)
#:use-module (gnu packages linux)
@@ -47,6 +49,7 @@
#:use-module (gnu packages bison)
#:use-module (gnu packages flex)
#:use-module (gnu packages glib)
+ #:use-module (gnu packages openldap)
#:use-module (gnu packages pkg-config)
#:use-module (gnu packages popt)
#:use-module (gnu packages texinfo)
@@ -1317,3 +1320,33 @@ able to adapt itself dynamically to the overall system load. Children
processes and threads of the specified process may optionally share the same
limits.")
(license license:gpl2+)))
+
+(define-public audit
+ (package
+(name "audit")
+(version "2.4.5")
+(source (origin
+ (method url-fetch)
+ (uri (string-append "http://people.redhat.com/sgrubb/audit/";
+ "audit-" version ".tar.gz"))
+ (sha256
+ (base32
+"1q1q51dvxscbi4kbakmd4bn0xrvwwaiwvaya79925cbrqwzxsg77"
+(build-system gnu-build-system)
+(home-page "http://people.redhat.com/sgrubb/audit/";)
+(arguments
+ `(;; The tests expect records like "uid=0 (root)" but only get "uid=0
+ ;; (unknown(0))" in most cases.
+ #:tests? #f
+ #:configure-flags (list "--with-python=no")))
+(inputs
+ `(("openldap" ,openldap)
+ ("openssl" ,openssl)
+ ("sasl" ,cyrus-sasl)))
+(synopsis "Userspace component to the Linux auditing system")
+(description
+ "auditd is the userspace component to the Linux auditing system. It's
+responsible for writing audit records to the disk. Viewing the logs is done
+with the @code{ausearch} or @code{aureport} utilities. Configuring the audit
+rules is done with the @code{auditctl} utility.")
+(license license:gpl2+)))
--
2.1.0
