mirror of
https://github.com/SebastianWendel/nixpkgs.git
synced 2024-09-21 04:49:01 +02:00
audit: 3.1 -> 3.1.1
This commit is contained in:
parent
38ed36c8dc
commit
7b4c521005
35
pkgs/os-specific/linux/audit/001-ignore-flexible-array.patch
Normal file
35
pkgs/os-specific/linux/audit/001-ignore-flexible-array.patch
Normal file
|
@ -0,0 +1,35 @@
|
|||
From beed138222421a2eb4212d83cb889404bd7efc49 Mon Sep 17 00:00:00 2001
|
||||
From: Sergei Trofimovich <slyich@gmail.com>
|
||||
Date: Wed, 23 Mar 2022 07:27:05 +0000
|
||||
Subject: [PATCH] auditswig.i: avoid setter generation for audit_rule_data::buf
|
||||
|
||||
As it's a flexible array generated code was never safe to use.
|
||||
With kernel's https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ed98ea2128b6fd83bce13716edf8f5fe6c47f574
|
||||
change it's a build failure now:
|
||||
|
||||
audit> audit_wrap.c:5010:15: error: invalid use of flexible array member
|
||||
audit> 5010 | arg1->buf = (char [])(char *)memcpy(malloc((size)*sizeof(char)), (const char *)(arg2), sizeof(char)*(size));
|
||||
audit> | ^
|
||||
|
||||
Let's avoid setter generation entirely.
|
||||
|
||||
Closes: https://github.com/linux-audit/audit-userspace/issues/252
|
||||
---
|
||||
bindings/swig/src/auditswig.i | 4 ++++
|
||||
1 file changed, 4 insertions(+)
|
||||
|
||||
diff --git a/bindings/swig/src/auditswig.i b/bindings/swig/src/auditswig.i
|
||||
index 21aafca31..9a2c5661d 100644
|
||||
--- a/bindings/swig/src/auditswig.i
|
||||
+++ b/bindings/swig/src/auditswig.i
|
||||
@@ -39,6 +39,10 @@ signed
|
||||
#define __attribute(X) /*nothing*/
|
||||
typedef unsigned __u32;
|
||||
typedef unsigned uid_t;
|
||||
+/* Sidestep SWIG's limitation of handling c99 Flexible arrays by not:
|
||||
+ * generating setters against them: https://github.com/swig/swig/issues/1699
|
||||
+ */
|
||||
+%ignore audit_rule_data::buf;
|
||||
%include "/usr/include/linux/audit.h"
|
||||
#define __extension__ /*nothing*/
|
||||
%include <stdint.i>
|
|
@ -1,52 +1,33 @@
|
|||
{
|
||||
lib, stdenv, buildPackages, fetchurl, fetchpatch,
|
||||
runCommand,
|
||||
autoreconfHook,
|
||||
autoconf, automake, libtool, bash,
|
||||
# Enabling python support while cross compiling would be possible, but
|
||||
# the configure script tries executing python to gather info instead of
|
||||
# relying on python3-config exclusively
|
||||
enablePython ? stdenv.hostPlatform == stdenv.buildPlatform, python3, swig,
|
||||
linuxHeaders ? stdenv.cc.libc.linuxHeaders
|
||||
{ lib
|
||||
, stdenv
|
||||
, fetchurl
|
||||
, fetchpatch
|
||||
, autoreconfHook
|
||||
, bash
|
||||
, buildPackages
|
||||
, libtool
|
||||
, linuxHeaders
|
||||
, python3
|
||||
, swig
|
||||
|
||||
# Enabling python support while cross compiling would be possible, but the
|
||||
# configure script tries executing python to gather info instead of relying on
|
||||
# python3-config exclusively
|
||||
, enablePython ? stdenv.hostPlatform == stdenv.buildPlatform,
|
||||
}:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
stdenv.mkDerivation (finalAttrs: {
|
||||
pname = "audit";
|
||||
version = "3.1";
|
||||
version = "3.1.1";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://people.redhat.com/sgrubb/audit/audit-${version}.tar.gz";
|
||||
sha256 = "sha256-tc882rsnhsCLHeNZmjsaVH5V96n5wesgePW0TPROg3g=";
|
||||
url = "https://people.redhat.com/sgrubb/audit/audit-${finalAttrs.version}.tar.gz";
|
||||
hash = "sha256-RuRrN2I8zgnm7hNOeNZor8NPThyHDIU+8S5BkweM/oc=";
|
||||
};
|
||||
|
||||
outputs = [ "bin" "dev" "out" "man" ];
|
||||
|
||||
strictDeps = true;
|
||||
depsBuildBuild = [ buildPackages.stdenv.cc ];
|
||||
nativeBuildInputs = [ autoreconfHook ]
|
||||
++ lib.optionals enablePython [ python3 swig ];
|
||||
buildInputs = [ bash ];
|
||||
|
||||
configureFlags = [
|
||||
# z/OS plugin is not useful on Linux,
|
||||
# and pulls in an extra openldap dependency otherwise
|
||||
"--disable-zos-remote"
|
||||
(if enablePython then "--with-python" else "--without-python")
|
||||
"--with-arm"
|
||||
"--with-aarch64"
|
||||
];
|
||||
|
||||
enableParallelBuilding = true;
|
||||
patches = [
|
||||
./fix-static.patch
|
||||
|
||||
# Fix pending upstream inclusion for linux-headers-5.17 support:
|
||||
# https://github.com/linux-audit/audit-userspace/pull/253
|
||||
(fetchpatch {
|
||||
name = "ignore-flexible-array.patch";
|
||||
url = "https://github.com/linux-audit/audit-userspace/commit/beed138222421a2eb4212d83cb889404bd7efc49.patch";
|
||||
sha256 = "1hf02zaxv6x0wmn4ca9fj48y2shks7vfna43i1zz58xw9jq7sza0";
|
||||
})
|
||||
./000-fix-static-attribute-malloc.diff
|
||||
./001-ignore-flexible-array.patch
|
||||
];
|
||||
|
||||
postPatch = ''
|
||||
|
@ -55,11 +36,44 @@ stdenv.mkDerivation rec {
|
|||
--replace "/usr/include/linux/audit.h" \
|
||||
"${linuxHeaders}/include/linux/audit.h"
|
||||
'';
|
||||
|
||||
outputs = [ "bin" "dev" "out" "man" ];
|
||||
|
||||
strictDeps = true;
|
||||
|
||||
depsBuildBuild = [
|
||||
buildPackages.stdenv.cc
|
||||
];
|
||||
|
||||
nativeBuildInputs = [
|
||||
autoreconfHook
|
||||
]
|
||||
++ lib.optionals enablePython [
|
||||
python3
|
||||
swig
|
||||
];
|
||||
|
||||
buildInputs = [
|
||||
bash
|
||||
];
|
||||
|
||||
configureFlags = [
|
||||
# z/OS plugin is not useful on Linux, and pulls in an extra openldap
|
||||
# dependency otherwise
|
||||
"--disable-zos-remote"
|
||||
"--with-arm"
|
||||
"--with-aarch64"
|
||||
(if enablePython then "--with-python" else "--without-python")
|
||||
];
|
||||
|
||||
enableParallelBuilding = true;
|
||||
|
||||
meta = {
|
||||
description = "Audit Library";
|
||||
homepage = "https://people.redhat.com/sgrubb/audit/";
|
||||
license = lib.licenses.gpl2;
|
||||
description = "Audit Library";
|
||||
changelog = "https://github.com/linux-audit/audit-userspace/releases/tag/v${finalAttrs.version}";
|
||||
license = lib.licenses.gpl2Plus;
|
||||
maintainers = with lib.maintainers; [ AndersonTorres ];
|
||||
platforms = lib.platforms.linux;
|
||||
maintainers = with lib.maintainers; [ ];
|
||||
};
|
||||
}
|
||||
})
|
||||
|
|
Loading…
Reference in a new issue