sys-process/audit: Import latest

Signed-off-by: Geoff Levand <geoff@infradead.org>

sdk_container/src/third_party/coreos-overlay/sys-process/audit/Manifest

@@ -1 +1,13 @@
-DIST audit-2.4.3.tar.gz 998974 SHA256 9c914704fecc602e143e37152f3efbab2469692684c1a8cc1b801c1b49c7abc6 SHA512 2bbaa11ed5e2d8138711df325ec1997c4eb955123699fd330b5272b7f3475ca61c9753e1c103abfc9c49e1fc8aaf52dbd55545e3f1874214979ddece64ad79aa WHIRLPOOL 1a0c0a273fddc49d15322a2423d4038488738d6597d0641182befab91646355bbee393a5d09d446dc4cf2f4579dd7ea99928cadd77bc72c355db0a10d4964da5
+AUX audit-2.1.3-ia64-compile-fix.patch 7173 BLAKE2B 0bd30fd04a6c65792d068d96134ba5ccb7f2af85ab060924a9443a9a74df8407cf87012353d8005cf767f24a76993aa9f89b416dd6a616caa300b091b0c88004 SHA512 be1f0fd8933e962b11818bace04a14f89afd40c20d9e3ecc839c210fc946e851bb8ba0ce0eae9267023397f77c5a1a3c8b574b9285c0351f534a24f5c9a2a512
+AUX audit-2.4.3-python.patch 2768 BLAKE2B 374fb16cf85d4ee8bb108f6af1b045e140855fbb35527531adbf51dd8392069c3a3c3393e0b9bde892a8f8492b2e1845b89d7d9f801e26934150d7c05973ea2a SHA512 97c1f2eda07f3d986bab161d299f2cf110c1fdc76b889013748812ee7e33ece0fd6d3f34296d5d875db8c966d7fe77c57e2214c0cf6592beb48e462a504c1d70
+AUX audit.rules 886 BLAKE2B ebb2fab57467eee38040d4dde68b9ab0cbbf08af9c3115d7cba74019035cf0fbffd9e21a77064206d13f737eadc58e8ba1da2bcb3605b5efec183e262b0e37eb SHA512 070e51d8182f84385bacb0801b8d0f390f560a650b9b94b74fd5f30fdf9fb2d2ae38bd29e70e2d38a26a6188a5bc3a74d732a84d0a46de926ada692ddd19cbe0
+AUX audit.rules-2.1.3 1009 BLAKE2B df40176208bd68cb9021d15ea5803bb0d1c768c9d6400036a69409e1aae3ad55b89983ed94f22a6399a9cec8fc3dc7b20a7b27e75cdea24edda92b95ee19af87 SHA512 bce3ee9aaa0ab48395e6e10ee9b3627d6b7a8083abefdc4009de26649c65a39e000078f799e8c3c9e3341dfa030c6dfbbcad2fb7756fbb3d01b27be078adecec
+AUX audit.rules.stop.post 452 BLAKE2B b10d6d6c0fa475998856e674bd5c8dc0d7ca8f1d676a684223f48d1b22ce90441b2970c02b0eab882b3d3059f2b350d8a34109b03f5457f709624dccb3722e82 SHA512 a7bc52cbbea278a38e2837149524bb21b2c5367c96ed07fe576e08322595c5bee57ff07f8ebecd17391d9c3abe1ba187ac6e39400a153bf0ace4257303d036d3
+AUX audit.rules.stop.pre 427 BLAKE2B ddf4ac16c3e1fd401c266287e792865adf8f4dd0b4bbaea6f991bf8dcee69c8ecd69c93d0cbd8352e280c3c61d24de23ca89f700e383c79036526e59c311c004 SHA512 def5ef378ad554f38754839d1c00c598686645a59896e37a3c7ff07b00aaa05a2b92305e49a750358eaba63a7d48fb647472529b155301069771678eed272463
+AUX auditd-conf.d-2.1.3 734 BLAKE2B 018677362bc82c2052885cdd0e2185050cf5e97722ead4acdc51d428b52c265317c7dd03d1459be38b781e78f857cd967e5a60b68360c3381c31c62e1d61d843 SHA512 69d8777772ded7a8c0db2bcf84961b121bb355fa0d4ba0e14e311f8a8bfe665cbd2b7ac632d73477f9dfa9a6eec357a7ed458fe9b3e7b5ede75b166f3f092ab7
+AUX auditd-init.d-2.4.3 2054 BLAKE2B 20e68ab676c925b8567a7e9a12d2ac055fd90477cbbd6444136b7198828798f7b6428948503c344639fab5fea54962682be7c986950c2cbae8b7c9dfeb321a4b SHA512 1b48c248db5d34f148f9c79f8b2a6acbf61c729230341b861f5e331bbfb0c8356305a09eb2cc5c82c14c4fd9a13c7c13957e1ed493834b8b3b9ee38978e4c31f
+DIST audit-2.6.4.tar.gz 1078677 BLAKE2B 056d9f269926d9b0d74f7187f833f1e94d4e03a5137750fe4ff87b71fa0ce0e0a8569b97ecbd671f951061cfb088dff17b46e37cc14122864c37615356646fc5 SHA512 69b5d3987d2b8b189d1242fde639af3d7d366e901733133e47ee71223caf73aa7da40b7811298f0af861969b0ab482c5ef9830b711bdd15bd5f4d0ebc88a1224
+DIST audit-2.7.1.tar.gz 1099083 BLAKE2B 10f72ac3273ce9e23e1fb8ad8d57dcae772ba1f861f519867399d95e14f4809897637969de45566d62a73a35e5674260155773daf8de00481fcbd1b9c3138f96 SHA512 37964d81deee8608fde5f90d5d096727d3eb009e084be34749adcb0662e607e35c49c80bd83ce38b17161f11363b691721c8a8aa5dea832d320c53ab0ebb7483
+EBUILD audit-2.6.4.ebuild 6168 BLAKE2B 361c1128c2faf2895580041349eb48deb67f8a3ba28061eebb991c1d23fca98d82f00b0d41c32fcc3ce1f4e4ed9b44654d0c6f66177ff835a9b452eb0e60839f SHA512 ca6269971071902dc3688f16287d1c54ee420bab9efd8cfb8e63bdb7eb03d4e80d1bbc75b9e4cb82be3a78743e8617fe656018e509ad77562fe8a14a8f4e5c0d
+EBUILD audit-2.7.1.ebuild 6179 BLAKE2B b4a5a03fb5f3f3807fca8d5d0c26be53480fcc619cbab9344295a7ca09921e2cc7ae2441fd5d40cee7dcb7992ea29cee274f0892bba8c987a30a572bf901c237 SHA512 3b6efbe46f347e3b7abe092557e4c3cbe7cc30fd6a1648cf1d0395dd1f9a707e7eb10c3202481874657d5b9c809506b61b8dfb8dcf494fe62152a2fa6a9007cf
+MISC metadata.xml 284 BLAKE2B c99c67d5591687a10bb380f1264dd1cde6370ff3a96864093cb41c7c17617bed826652b7651490b6a4634a7429589bbd137402afd7cf8e79cfd5f636c86baa52 SHA512 84f04c94a976c0e2c7db9a7c8c392b6c714e37650efefe2db9807688c28a8cdb64722064be23b89d0263c82c5de7b7dc412ae13f95b42c97ae928c00bb584fac

sdk_container/src/third_party/coreos-overlay/sys-process/audit/audit-2.6.4.ebuild

@@ -1,37 +1,33 @@
-# Copyright 1999-2015 Gentoo Foundation
+# Copyright 1999-2017 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-process/audit/audit-2.4.3.ebuild,v 1.1 2015/07/27 18:23:11 perfinion Exp $
 
-EAPI="5"
+EAPI="6"
 
-PYTHON_COMPAT=( python{2_7,3_3,3_4} )
+PYTHON_COMPAT=( python{2_7,3_4,3_5} )
 
-inherit autotools multilib multilib-minimal toolchain-funcs python-r1 linux-info eutils systemd
+inherit autotools multilib multilib-minimal toolchain-funcs python-r1 linux-info systemd
 
 DESCRIPTION="Userspace utilities for storing and processing auditing records"
-HOMEPAGE="http://people.redhat.com/sgrubb/audit/"
+HOMEPAGE="https://people.redhat.com/sgrubb/audit/"
-SRC_URI="http://people.redhat.com/sgrubb/audit/${P}.tar.gz"
+SRC_URI="https://people.redhat.com/sgrubb/audit/${P}.tar.gz"
 
 LICENSE="GPL-2"
 SLOT="0"
-KEYWORDS="~alpha amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86"
+KEYWORDS="alpha amd64 arm ~arm64 hppa ia64 ~mips ppc ppc64 ~s390 ~sh sparc x86"
-IUSE="daemon ldap python"
+IUSE="gssapi ldap python static-libs"
-# Testcases are pretty useless as they are built for RedHat users/groups and
+REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"
-# kernels.
+# Testcases are pretty useless as they are built for RedHat users/groups and kernels.
 RESTRICT="test"
 
-RDEPEND="ldap? ( net-nds/openldap )
+RDEPEND="gssapi? ( virtual/krb5 )
-	sys-apps/diffutils
+	ldap? ( net-nds/openldap )
-	sys-libs/libcap-ng"
+	sys-libs/libcap-ng
+	python? ( ${PYTHON_DEPS} )"
 DEPEND="${RDEPEND}
-	python? ( ${PYTHON_DEPS}
+	>=sys-kernel/linux-headers-2.6.34
-		dev-lang/swig )
+	python? ( dev-lang/swig:0 )"
-	>=sys-kernel/linux-headers-2.6.34"
 # Do not use os-headers as this is linux specific
 
-REQUIRED_USE="ldap? ( daemon )
-	python? ( ${PYTHON_REQUIRED_USE} )"
-
 CONFIG_CHECK="~AUDIT"
 
 pkg_setup() {
@@ -39,27 +35,36 @@ pkg_setup() {
 }
 
 src_prepare() {
-	epatch_user
+	eapply_user
+
+	# Do not build GUI tools
+	sed -i \
+		-e '/AC_CONFIG_SUBDIRS.*system-config-audit/d' \
+		"${S}"/configure.ac || die
+	sed -i \
+		-e 's,system-config-audit,,g' \
+		"${S}"/Makefile.am || die
+	rm -rf "${S}"/system-config-audit
+
+	if ! use ldap; then
+		sed -i \
+			-e '/^AC_OUTPUT/s,audisp/plugins/zos-remote/Makefile,,g' \
+			"${S}"/configure.ac || die
+		sed -i \
+			-e '/^SUBDIRS/s,zos-remote,,g' \
+			"${S}"/audisp/plugins/Makefile.am || die
+	fi
 
 	# Don't build static version of Python module.
-	epatch "${FILESDIR}"/${PN}-2.4.3-python.patch
+	eapply "${FILESDIR}"/${PN}-2.4.3-python.patch
 
 	# glibc/kernel upstreams suck with both defining ia64_fpreg
 	# This patch is a horribly workaround that is only valid as long as you
 	# don't need the OTHER definitions in fpu.h.
-	epatch "${FILESDIR}"/${PN}-2.1.3-ia64-compile-fix.patch
+	eapply "${FILESDIR}"/${PN}-2.1.3-ia64-compile-fix.patch
 
-	if ! use daemon; then
+	# there is no --without-golang conf option
-		sed -e '/^SUBDIRS =/s/audisp//' \
+	sed -e "/^SUBDIRS =/s/ @gobind_dir@//" -i bindings/Makefile.am || die
-			-i Makefile.am || die
-		sed -e '/${DESTDIR}${initdir}/d' \
-			-e '/${DESTDIR}${legacydir}/d' \
-			-i init.d/Makefile.am || die
-		sed -e '/^sbin_PROGRAMS =/s/auditd//' \
-			-e '/^sbin_PROGRAMS =/s/aureport//' \
-			-e '/^sbin_PROGRAMS =/s/ausearch//' \
-			-i src/Makefile.am || die
-	fi
 
 	# Regenerate autotooling
 	eautoreconf
@@ -68,10 +73,10 @@ src_prepare() {
 multilib_src_configure() {
 	local ECONF_SOURCE=${S}
 	econf \
-		--sbindir=/sbin \
+		--sbindir="${EPREFIX}/sbin" \
+		$(use_enable gssapi gssapi-krb5) \
+		$(use_enable static-libs static) \
 		--enable-systemd \
-		$(use_enable ldap zos-remote) \
-		--without-golang \
 		--without-python \
 		--without-python3
 
@@ -91,6 +96,14 @@ multilib_src_configure() {
 	fi
 }
 
+src_configure() {
+	tc-export_build_env BUILD_{CC,CPP}
+	export CC_FOR_BUILD="${BUILD_CC}"
+	export CPP_FOR_BUILD="${BUILD_CPP}"
+
+	multilib-minimal_src_configure
+}
+
 multilib_src_compile() {
 	if multilib_is_native_abi; then
 		default
@@ -127,7 +140,7 @@ multilib_src_compile() {
 
 multilib_src_install() {
 	if multilib_is_native_abi; then
-		emake DESTDIR="${D}" initdir="$(systemd_get_unitdir)" install
+		emake DESTDIR="${D}" initdir="$(systemd_get_systemunitdir)" install
 
 		python_install() {
 			local pysuffix pydef
@@ -167,29 +180,51 @@ multilib_src_install() {
 multilib_src_install_all() {
 	dodoc AUTHORS ChangeLog README* THANKS TODO
 	docinto contrib
-	dodoc contrib/{*.rules,avc_snap,skeleton.c}
+	dodoc contrib/{avc_snap,skeleton.c}
-
-	if use daemon; then
 	docinto contrib/plugin
 	dodoc contrib/plugin/*
+	docinto rules
+	dodoc rules/*
 
-		newinitd "${FILESDIR}"/auditd-init.d-2.1.3 auditd
+	newinitd "${FILESDIR}"/auditd-init.d-2.4.3 auditd
 	newconfd "${FILESDIR}"/auditd-conf.d-2.1.3 auditd
 
-		[ -f "${D}"/sbin/audisp-remote ] && \
+	fperms 644 "$(systemd_get_systemunitdir)"/auditd.service # 556436
+
+	[ -f "${ED}"/sbin/audisp-remote ] && \
 	dodir /usr/sbin && \
-		mv "${D}"/{sbin,usr/sbin}/audisp-remote || die
+	mv "${ED}"/{sbin,usr/sbin}/audisp-remote || die
+
+	# Gentoo rules
+	insinto /etc/audit/
+	newins "${FILESDIR}"/audit.rules-2.1.3 audit.rules
+	doins "${FILESDIR}"/audit.rules.stop*
 
 	# audit logs go here
 	keepdir /var/log/audit/
-	fi
 
-	insinto /usr/share/audit/rules.d
+	# Security
-	doins "${FILESDIR}"/rules.d/*.rules
+	lockdown_perms "${ED}"
-
-	systemd_newtmpfilesd "${FILESDIR}"/audit-rules.tmpfiles audit-rules.conf
-	systemd_dounit "${FILESDIR}"/audit-rules.service
-	systemd_enable_service multi-user.target audit-rules.service
 
 	prune_libtool_files --modules
 }
+
+pkg_preinst() {
+	# Preserve from the audit-1 series
+	preserve_old_lib /$(get_libdir)/libaudit.so.0
+}
+
+pkg_postinst() {
+	lockdown_perms "${EROOT}"
+	# Preserve from the audit-1 series
+	preserve_old_lib_notify /$(get_libdir)/libaudit.so.0
+}
+
+lockdown_perms() {
+	# Upstream wants these to have restrictive perms.
+	# Should not || die as not all paths may exist.
+	local basedir="$1"
+	chmod 0750 "${basedir}"/sbin/au{ditctl,report,dispd,ditd,search,trace} 2>/dev/null
+	chmod 0750 "${basedir}"/var/log/audit/ 2>/dev/null
+	chmod 0640 "${basedir}"/etc/{audit/,}{auditd.conf,audit.rules*} 2>/dev/null
+}

sdk_container/src/third_party/coreos-overlay/sys-process/audit/audit-2.7.1.ebuild

@@ -0,0 +1,230 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+PYTHON_COMPAT=( python{2_7,3_4,3_5,3_6} )
+
+inherit autotools multilib multilib-minimal toolchain-funcs python-r1 linux-info systemd
+
+DESCRIPTION="Userspace utilities for storing and processing auditing records"
+HOMEPAGE="https://people.redhat.com/sgrubb/audit/"
+SRC_URI="https://people.redhat.com/sgrubb/audit/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
+IUSE="gssapi ldap python static-libs"
+REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"
+# Testcases are pretty useless as they are built for RedHat users/groups and kernels.
+RESTRICT="test"
+
+RDEPEND="gssapi? ( virtual/krb5 )
+	ldap? ( net-nds/openldap )
+	sys-libs/libcap-ng
+	python? ( ${PYTHON_DEPS} )"
+DEPEND="${RDEPEND}
+	>=sys-kernel/linux-headers-2.6.34
+	python? ( dev-lang/swig:0 )"
+# Do not use os-headers as this is linux specific
+
+CONFIG_CHECK="~AUDIT"
+
+pkg_setup() {
+	linux-info_pkg_setup
+}
+
+src_prepare() {
+	eapply_user
+
+	# Do not build GUI tools
+	sed -i \
+		-e '/AC_CONFIG_SUBDIRS.*system-config-audit/d' \
+		"${S}"/configure.ac || die
+	sed -i \
+		-e 's,system-config-audit,,g' \
+		"${S}"/Makefile.am || die
+	rm -rf "${S}"/system-config-audit
+
+	if ! use ldap; then
+		sed -i \
+			-e '/^AC_OUTPUT/s,audisp/plugins/zos-remote/Makefile,,g' \
+			"${S}"/configure.ac || die
+		sed -i \
+			-e '/^SUBDIRS/s,zos-remote,,g' \
+			"${S}"/audisp/plugins/Makefile.am || die
+	fi
+
+	# Don't build static version of Python module.
+	eapply "${FILESDIR}"/${PN}-2.4.3-python.patch
+
+	# glibc/kernel upstreams suck with both defining ia64_fpreg
+	# This patch is a horribly workaround that is only valid as long as you
+	# don't need the OTHER definitions in fpu.h.
+	eapply "${FILESDIR}"/${PN}-2.1.3-ia64-compile-fix.patch
+
+	# there is no --without-golang conf option
+	sed -e "/^SUBDIRS =/s/ @gobind_dir@//" -i bindings/Makefile.am || die
+
+	# Regenerate autotooling
+	eautoreconf
+}
+
+multilib_src_configure() {
+	local ECONF_SOURCE=${S}
+	econf \
+		--sbindir="${EPREFIX}/sbin" \
+		$(use_enable gssapi gssapi-krb5) \
+		$(use_enable static-libs static) \
+		--enable-systemd \
+		--without-python \
+		--without-python3
+
+	if multilib_is_native_abi; then
+		python_configure() {
+			mkdir -p "${BUILD_DIR}" || die
+			cd "${BUILD_DIR}" || die
+
+			if python_is_python3; then
+				econf --without-python --with-python3
+			else
+				econf --with-python --without-python3
+			fi
+		}
+
+		use python && python_foreach_impl python_configure
+	fi
+}
+
+src_configure() {
+	tc-export_build_env BUILD_{CC,CPP}
+	export CC_FOR_BUILD="${BUILD_CC}"
+	export CPP_FOR_BUILD="${BUILD_CPP}"
+
+	multilib-minimal_src_configure
+}
+
+multilib_src_compile() {
+	if multilib_is_native_abi; then
+		default
+
+		python_compile() {
+			local pysuffix pydef
+			if python_is_python3; then
+				pysuffix=3
+				pydef='USE_PYTHON3=true'
+			else
+				pysuffix=2
+				pydef='HAVE_PYTHON=true'
+			fi
+
+			emake -C "${BUILD_DIR}"/bindings/swig \
+				VPATH="${native_build}/lib" \
+				LIBS="${native_build}/lib/libaudit.la" \
+				_audit_la_LIBADD="${native_build}/lib/libaudit.la" \
+				_audit_la_DEPENDENCIES="${S}/lib/libaudit.h ${native_build}/lib/libaudit.la" \
+				${pydef}
+			emake -C "${BUILD_DIR}"/bindings/python/python${pysuffix} \
+				VPATH="${S}/bindings/python/python${pysuffix}:${native_build}/bindings/python/python${pysuffix}" \
+				auparse_la_LIBADD="${native_build}/auparse/libauparse.la ${native_build}/lib/libaudit.la" \
+				${pydef}
+		}
+
+		local native_build="${BUILD_DIR}"
+		use python && python_foreach_impl python_compile
+	else
+		emake -C lib
+		emake -C auparse
+	fi
+}
+
+multilib_src_install() {
+	if multilib_is_native_abi; then
+		emake DESTDIR="${D}" initdir="$(systemd_get_systemunitdir)" install
+
+		python_install() {
+			local pysuffix pydef
+			if python_is_python3; then
+				pysuffix=3
+				pydef='USE_PYTHON3=true'
+			else
+				pysuffix=2
+				pydef='HAVE_PYTHON=true'
+			fi
+
+			emake -C "${BUILD_DIR}"/bindings/swig \
+				VPATH="${native_build}/lib" \
+				LIBS="${native_build}/lib/libaudit.la" \
+				_audit_la_LIBADD="${native_build}/lib/libaudit.la" \
+				_audit_la_DEPENDENCIES="${S}/lib/libaudit.h ${native_build}/lib/libaudit.la" \
+				${pydef} \
+				DESTDIR="${D}" install
+			emake -C "${BUILD_DIR}"/bindings/python/python${pysuffix} \
+				VPATH="${S}/bindings/python/python${pysuffix}:${native_build}/bindings/python/python${pysuffix}" \
+				auparse_la_LIBADD="${native_build}/auparse/libauparse.la ${native_build}/lib/libaudit.la" \
+				${pydef} \
+				DESTDIR="${D}" install
+		}
+
+		local native_build=${BUILD_DIR}
+		use python && python_foreach_impl python_install
+
+		# things like shadow use this so we need to be in /
+		gen_usr_ldscript -a audit auparse
+	else
+		emake -C lib DESTDIR="${D}" install
+		emake -C auparse DESTDIR="${D}" install
+	fi
+}
+
+multilib_src_install_all() {
+	dodoc AUTHORS ChangeLog README* THANKS TODO
+	docinto contrib
+	dodoc contrib/{avc_snap,skeleton.c}
+	docinto contrib/plugin
+	dodoc contrib/plugin/*
+	docinto rules
+	dodoc rules/*
+
+	newinitd "${FILESDIR}"/auditd-init.d-2.4.3 auditd
+	newconfd "${FILESDIR}"/auditd-conf.d-2.1.3 auditd
+
+	fperms 644 "$(systemd_get_systemunitdir)"/auditd.service # 556436
+
+	[ -f "${ED}"/sbin/audisp-remote ] && \
+	dodir /usr/sbin && \
+	mv "${ED}"/{sbin,usr/sbin}/audisp-remote || die
+
+	# Gentoo rules
+	insinto /etc/audit/
+	newins "${FILESDIR}"/audit.rules-2.1.3 audit.rules
+	doins "${FILESDIR}"/audit.rules.stop*
+
+	# audit logs go here
+	keepdir /var/log/audit/
+
+	# Security
+	lockdown_perms "${ED}"
+
+	prune_libtool_files --modules
+}
+
+pkg_preinst() {
+	# Preserve from the audit-1 series
+	preserve_old_lib /$(get_libdir)/libaudit.so.0
+}
+
+pkg_postinst() {
+	lockdown_perms "${EROOT}"
+	# Preserve from the audit-1 series
+	preserve_old_lib_notify /$(get_libdir)/libaudit.so.0
+}
+
+lockdown_perms() {
+	# Upstream wants these to have restrictive perms.
+	# Should not || die as not all paths may exist.
+	local basedir="$1"
+	chmod 0750 "${basedir}"/sbin/au{ditctl,report,dispd,ditd,search,trace} 2>/dev/null
+	chmod 0750 "${basedir}"/var/log/audit/ 2>/dev/null
+	chmod 0640 "${basedir}"/etc/{audit/,}{auditd.conf,audit.rules*} 2>/dev/null
+}

sdk_container/src/third_party/coreos-overlay/sys-process/audit/files/audit-rules.service

@@ -1,16 +0,0 @@
-[Unit]
-Description=Load Security Auditing Rules
-DefaultDependencies=no
-After=local-fs.target systemd-tmpfiles-setup.service
-Conflicts=shutdown.target
-Before=sysinit.target shutdown.target
-ConditionSecurity=audit
-
-[Service]
-Type=oneshot
-RemainAfterExit=yes
-ExecStart=/sbin/augenrules --load
-ExecStop=-/sbin/auditctl -D
-
-[Install]
-WantedBy=multi-user.target

sdk_container/src/third_party/coreos-overlay/sys-process/audit/files/audit-rules.tmpfiles

@@ -1,5 +0,0 @@
-d   /etc/audit                          -   -   -   -   -
-d   /etc/audit/rules.d                  -   -   -   -   -
-L   /etc/audit/rules.d/00-clear.rules   -   -   -   -   /usr/share/audit/rules.d/00-clear.rules
-L   /etc/audit/rules.d/80-selinux.rules -   -   -   -   /usr/share/audit/rules.d/80-selinux.rules
-L   /etc/audit/rules.d/99-default.rules -   -   -   -   /usr/share/audit/rules.d/99-default.rules

sdk_container/src/third_party/coreos-overlay/sys-process/audit/files/audit.rules

@@ -0,0 +1,24 @@
+# Copyright 1999-2005 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+#
+# This file contains the auditctl rules that are loaded
+# whenever the audit daemon is started via the initscripts.
+# The rules are simply the parameters that would be passed
+# to auditctl.
+
+# First rule - delete all
+# This is to clear out old rules, so we don't append to them.
+-D
+
+# Feel free to add below this line. See auditctl man page
+
+# The following rule would cause all of the syscalls listed to be ignored in logging.
+# -a entry,never -S read -S write -S open -S fstat -S fstat64 -S mmap -S brk -S munmap -S _llseek -S nanosleep -S fcntl64 -S close -S dup2 -S rt_sigaction -S stat64 -S stat
+
+# The following rule would cause the capture of all systems not caught above.
+# -a entry,always -S all
+
+# Increase the buffers to survive stress events
+-b 256
+
+# vim:ft=conf:

sdk_container/src/third_party/coreos-overlay/sys-process/audit/files/audit.rules-2.1.3

@@ -0,0 +1,25 @@
+# Copyright 1999-2011 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+#
+# This file contains the auditctl rules that are loaded
+# whenever the audit daemon is started via the initscripts.
+# The rules are simply the parameters that would be passed
+# to auditctl.
+
+# First rule - delete all
+# This is to clear out old rules, so we don't append to them.
+-D
+
+# Feel free to add below this line. See auditctl man page
+
+# The following rule would cause all of the syscalls listed to be ignored in logging.
+-a exit,never -F arch=b32 -S read -S write -S open -S fstat -S mmap -S brk -S munmap -S nanosleep -S fcntl -S close -S dup2 -S rt_sigaction -S stat
+-a exit,never -F arch=b64 -S read -S write -S open -S fstat -S mmap -S brk -S munmap -S nanosleep -S fcntl -S close -S dup2 -S rt_sigaction -S stat
+
+# The following rule would cause the capture of all systems not caught above.
+# -a exit,always -S all
+
+# Increase the buffers to survive stress events
+-b 8192
+
+# vim:ft=conf:

sdk_container/src/third_party/coreos-overlay/sys-process/audit/files/audit.rules.stop.post

@@ -1,6 +1,5 @@
 # Copyright 1999-2005 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-process/audit/files/audit.rules.stop.post,v 1.1 2006/06/22 07:41:46 robbat2 Exp $
 #
 # This file contains the auditctl rules that are loaded immediately after the
 # audit deamon is stopped via the initscripts.

sdk_container/src/third_party/coreos-overlay/sys-process/audit/files/audit.rules.stop.pre

@@ -1,6 +1,5 @@
 # Copyright 1999-2011 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-process/audit/files/audit.rules.stop.pre,v 1.2 2011/09/11 02:58:55 robbat2 Exp $
 #
 # This file contains the auditctl rules that are loaded immediately before the
 # audit deamon is stopped via the initscripts.

sdk_container/src/third_party/coreos-overlay/sys-process/audit/files/auditd-conf.d-2.1.3

@@ -1,6 +1,5 @@
 # Copyright 1999-2011 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-process/audit/files/auditd-conf.d-2.1.3,v 1.1 2011/09/11 02:58:55 robbat2 Exp $
 
 # Configuration options for auditd
 # -f for foreground mode

sdk_container/src/third_party/coreos-overlay/sys-process/audit/files/auditd-init.d-2.4.3

@@ -1,7 +1,6 @@
-#!/sbin/runscript
+#!/sbin/openrc-run
-# Copyright 1999-2011 Gentoo Foundation
+# Copyright 1999-2015 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-process/audit/files/auditd-init.d-2.1.3,v 1.1 2011/09/11 02:58:55 robbat2 Exp $
 
 extra_started_commands='reload reload_auditd reload_rules'
 description='Linux Auditing System'
@@ -46,12 +45,11 @@ stop_auditd() {
 	return $ret
 }
 
-
 loadfile() {
 	local rules="$1"
 	if [ -n "${rules}" -a -f "${rules}" ]; then
 		einfo "Loading audit rules from ${rules}"
-		/sbin/auditctl -R "${rules}" 1>/dev/null
+		/sbin/auditctl -R "${rules}" >/dev/null
 		return $?
 	else
 		return 0
@@ -62,7 +60,6 @@ start() {
 	start_auditd
 	local ret=$?
 	if [ $ret -eq 0 -a "${RC_CMD}" != "restart" ]; then
-		touch /var/lock/subsys/${name}
 		loadfile "${RULEFILE_STARTUP}"
 	fi
 	return $ret
@@ -73,7 +70,10 @@ reload_rules() {
 }
 
 reload_auditd() {
-	[ -f ${pidfile} ] && kill -HUP `cat ${pidfile}`
+	ebegin "Reloading ${SVCNAME}"
+	start-stop-daemon --signal HUP \
+	    --exec "${command}" --pidfile "${pidfile}"
+	eend $?
 }
 
 reload() {
@@ -84,14 +84,7 @@ reload() {
 stop() {
 	[ "${RC_CMD}" != "restart" ] && loadfile "${RULEFILE_STOP_PRE}"
 	stop_auditd
-	rm -f /var/lock/subsys/${name}
 	local ret=$?
 	[ "${RC_CMD}" != "restart" ] && loadfile "${RULEFILE_STOP_POST}"
 	return $ret
 }
-
-# This is a special case, we do not want to touch the rules at all
-restart() {
-	stop_auditd
-	start_auditd
-}

sdk_container/src/third_party/coreos-overlay/sys-process/audit/files/rules.d/00-clear.rules

@@ -1,3 +0,0 @@
-# First rule - delete all
-# This is to clear out old rules, so we don't append to them.
--D

sdk_container/src/third_party/coreos-overlay/sys-process/audit/files/rules.d/80-selinux.rules

@@ -1,2 +0,0 @@
-# Enable all SELinux related events
--a exclude,never -F msgtype>=1400 -F msgtype<=1499

sdk_container/src/third_party/coreos-overlay/sys-process/audit/files/rules.d/99-default.rules

@@ -1,5 +0,0 @@
-# Always report changes to the audit subsystem itself.
--a exclude,never -F msgtype=CONFIG_CHANGE
-
-# Ignore everything else.
--a exclude,always -F msgtype>0

sdk_container/src/third_party/coreos-overlay/sys-process/audit/metadata.xml

@@ -1,7 +1,10 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
 <pkgmetadata>
-  <maintainer>
+	<maintainer type="person">
 		<email>robbat2@gentoo.org</email>
 	</maintainer>
+	<use>
+		<flag name="gssapi">Enable GSSAPI support</flag>
+	</use>
 </pkgmetadata>