Re: [PATCH] Add audit.
Ludovic Courtès writes: > Ricardo Wurmus skribis: > >> the tests for this package cannot easily be fixed by >> >>#:phases >>(modify-phases %standard-phases >> (add-after 'unpack 'fix-tests >>(lambda _ >> (substitute* "auparse/test/auparse_test.ref" >>(("\\(root\\)") "(unknown(0))")) >> #t))) >> >> because for *some* of them “(root)” is returned (while for *most* of >> them its “(unknown(0))”). Ideas on how to fix the tests are very >> welcome! > > How does it get that info? > > One thing to know is that /etc/passwd in the build environment contains > only two entries, and no entry for root/0; quoth build.cc: > > --8<---cut here---start->8--- > writeFile(chrootRootDir + "/etc/passwd", > (format( > "nixbld:x:%1%:%2%:Nix build user:/:/noshell\n" > "nobody:x:65534:65534:Nobody:/:/noshell\n") > % (buildUser.enabled() ? buildUser.getUID() : getuid()) > % (buildUser.enabled() ? buildUser.getGID() : getgid())).str()); > --8<---cut here---end--->8--- > > Thus, getpwuid(0) and getpwnam("root") both fail. Ah, this explains it. With a variant of the above build phase I was able to make the tests pass. I added a comment to explain why that’s needed. >> From c4948bc06b30e4e55810b82cc458cd6a429b6f80 Mon Sep 17 00:00:00 2001 >> From: Ricardo Wurmus >> Date: Wed, 13 Jan 2016 16:00:06 +0100 >> Subject: [PATCH] gnu: Add audit. >> >> * gnu/packages/admin.scm (audit): New variable. > > [...] > >> +(synopsis "Userspace component to the Linux auditing system") > > I’d write “User-space”. > >> +(description >> + "auditd is the userspace component to the Linux auditing system. It's > > Maybe something like: “… to the Linux auditing system, which allows > logging of system calls made by user-land processes.” Okay. I applied these changes and pushed. Thanks for the review and the suggestions! ~~ Ricardo
Re: [PATCH] Add audit.
Ricardo Wurmus skribis: > the tests for this package cannot easily be fixed by > >#:phases >(modify-phases %standard-phases > (add-after 'unpack 'fix-tests >(lambda _ > (substitute* "auparse/test/auparse_test.ref" >(("\\(root\\)") "(unknown(0))")) > #t))) > > because for *some* of them “(root)” is returned (while for *most* of > them its “(unknown(0))”). Ideas on how to fix the tests are very > welcome! How does it get that info? One thing to know is that /etc/passwd in the build environment contains only two entries, and no entry for root/0; quoth build.cc: --8<---cut here---start->8--- writeFile(chrootRootDir + "/etc/passwd", (format( "nixbld:x:%1%:%2%:Nix build user:/:/noshell\n" "nobody:x:65534:65534:Nobody:/:/noshell\n") % (buildUser.enabled() ? buildUser.getUID() : getuid()) % (buildUser.enabled() ? buildUser.getGID() : getgid())).str()); --8<---cut here---end--->8--- Thus, getpwuid(0) and getpwnam("root") both fail. > From c4948bc06b30e4e55810b82cc458cd6a429b6f80 Mon Sep 17 00:00:00 2001 > From: Ricardo Wurmus > Date: Wed, 13 Jan 2016 16:00:06 +0100 > Subject: [PATCH] gnu: Add audit. > > * gnu/packages/admin.scm (audit): New variable. [...] > +(synopsis "Userspace component to the Linux auditing system") I’d write “User-space”. > +(description > + "auditd is the userspace component to the Linux auditing system. It's Maybe something like: “… to the Linux auditing system, which allows logging of system calls made by user-land processes.” Would be nice if we could fix those tests before pushing it. Thanks, Ludo’.
[PATCH] Add audit.
Hi Guix, the tests for this package cannot easily be fixed by #:phases (modify-phases %standard-phases (add-after 'unpack 'fix-tests (lambda _ (substitute* "auparse/test/auparse_test.ref" (("\\(root\\)") "(unknown(0))")) #t))) because for *some* of them “(root)” is returned (while for *most* of them its “(unknown(0))”). Ideas on how to fix the tests are very welcome! ~~ Ricardo >From c4948bc06b30e4e55810b82cc458cd6a429b6f80 Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Wed, 13 Jan 2016 16:00:06 +0100 Subject: [PATCH] gnu: Add audit. * gnu/packages/admin.scm (audit): New variable. --- gnu/packages/admin.scm | 33 + 1 file changed, 33 insertions(+) diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm index fbdc26d..87dd497 100644 --- a/gnu/packages/admin.scm +++ b/gnu/packages/admin.scm @@ -6,6 +6,7 @@ ;;; Copyright © 2015 Taylan Ulrich Bayırlı/Kammer ;;; Copyright © 2015 Alex Sassmannshausen ;;; Copyright © 2015 Eric Dvorsak +;;; Copyright © 2016 Ricardo Wurmus ;;; ;;; This file is part of GNU Guix. ;;; @@ -34,6 +35,7 @@ #:use-module (guix build-system trivial) #:use-module (gnu packages) #:use-module (gnu packages base) + #:use-module (gnu packages cyrus-sasl) #:use-module (gnu packages ncurses) #:use-module (gnu packages readline) #:use-module (gnu packages linux) @@ -47,6 +49,7 @@ #:use-module (gnu packages bison) #:use-module (gnu packages flex) #:use-module (gnu packages glib) + #:use-module (gnu packages openldap) #:use-module (gnu packages pkg-config) #:use-module (gnu packages popt) #:use-module (gnu packages texinfo) @@ -1317,3 +1320,33 @@ able to adapt itself dynamically to the overall system load. Children processes and threads of the specified process may optionally share the same limits.") (license license:gpl2+))) + +(define-public audit + (package +(name "audit") +(version "2.4.5") +(source (origin + (method url-fetch) + (uri (string-append "http://people.redhat.com/sgrubb/audit/"; + "audit-" version ".tar.gz")) + (sha256 + (base32 +"1q1q51dvxscbi4kbakmd4bn0xrvwwaiwvaya79925cbrqwzxsg77" +(build-system gnu-build-system) +(home-page "http://people.redhat.com/sgrubb/audit/";) +(arguments + `(;; The tests expect records like "uid=0 (root)" but only get "uid=0 + ;; (unknown(0))" in most cases. + #:tests? #f + #:configure-flags (list "--with-python=no"))) +(inputs + `(("openldap" ,openldap) + ("openssl" ,openssl) + ("sasl" ,cyrus-sasl))) +(synopsis "Userspace component to the Linux auditing system") +(description + "auditd is the userspace component to the Linux auditing system. It's +responsible for writing audit records to the disk. Viewing the logs is done +with the @code{ausearch} or @code{aureport} utilities. Configuring the audit +rules is done with the @code{auditctl} utility.") +(license license:gpl2+))) -- 2.1.0