On Mon, 2014-07-28 at 11:56 -0400, David Shea wrote:

All of auditd except for the parts that call exit() was wrapped in USESELINUX ifdefs, which was not defined, so our fake auditd hasn't done anything for a while. Remove the ifdefs since building an auditd that does that much nothing is kind of silly. Fix the LDFLAGS needed to link. Switch from oom_adj to oom_score_adj since the former was deprecated some time ago and complains when you use it now. Add auditd to makeupdates.

---

configure.ac | 3 +++ pyanaconda/isys/Makefile.am | 2 +- pyanaconda/isys/auditd.c | 8 ++------ scripts/makeupdates | 24 ++++++++++++++++++++++++ 4 files changed, 30 insertions(+), 7 deletions(-)

diff --git a/configure.ac b/configure.ac index 707aa7c..34ef03b 100644 --- a/configure.ac +++ b/configure.ac @@ -86,6 +86,9 @@ AC_CHECK_FUNCS([getcwd memset mkdir strchr strdup], [], [ANACONDA_SOFT_FAILURE([Function $ac_func not found.])])

+AC_CHECK_LIB([audit], [audit_open], [:],

•         [ANACONDA_SOFT_FAILURE([libaudit not found])])
  

AM_PATH_PYTHON(python_required_version)

# Check for the python extension paths diff --git a/pyanaconda/isys/Makefile.am b/pyanaconda/isys/Makefile.am index c787f60..cdb3baf 100644 --- a/pyanaconda/isys/Makefile.am +++ b/pyanaconda/isys/Makefile.am @@ -34,6 +34,6 @@ auditddir = $(libexecdir)/$(PACKAGE_NAME) auditd_PROGRAMS = auditd auditd_SOURCES = auditd.c auditd_CFLAGS = -DSTANDALONE $(SELINUX_CFLAGS) -auditd_LDADD = $(SELINUX_LIBS) $(LIBNL_LIBS) +auditd_LDFLAGS = -laudit

MAINTAINERCLEANFILES = Makefile.in diff --git a/pyanaconda/isys/auditd.c b/pyanaconda/isys/auditd.c index 3d41b73..d598f8d 100644 --- a/pyanaconda/isys/auditd.c +++ b/pyanaconda/isys/auditd.c @@ -38,7 +38,6 @@

#include "auditd.h"

-#ifdef USESELINUX static int done;

static void sig_done(int sig) @@ -92,10 +91,8 @@ static void do_auditd(int fd) { } return; } -#endif /* USESELINUX */

int audit_daemonize(void) { -#ifdef USESELINUX int fd; pid_t child;

@@ -118,8 +115,8 @@ int audit_daemonize(void) { signal(SIGTSTP, SIG_IGN); #endif /* !defined(STANDALONE) */

• if ((fd = open("/proc/self/oom_adj", O_RDWR)) >= 0) {

•    write(fd, "-17", 3);
  

• if ((fd = open("/proc/self/oom_score_adj", O_RDWR)) >= 0) {

•    write(fd, "-1000", 5);
     close(fd);
  

  } fd = audit_open();

@@ -130,7 +127,6 @@ int audit_daemonize(void) { exit(0); #endif /* !defined(STANDALONE) */

-#endif /* USESELINUX */ return 0; }

diff --git a/scripts/makeupdates b/scripts/makeupdates index 4d143cd..b631657 100755 --- a/scripts/makeupdates +++ b/scripts/makeupdates @@ -342,6 +342,10 @@ def isysChanged(tag): def widgetsChanged(tag): return _compilableChanged(tag, 'widgets')

+def auditdChanged(tag):

• return _compilableChanged(tag, 'pyanaconda/isys/auditd.c') or \

•        _compilableChanged(tag, 'pyanaconda/isys/auditd.h')
  

def checkAutotools(srcdir, builddir): # Assumes that cwd is srcdir if not os.path.isfile(os.path.join(builddir, 'Makefile')): @@ -374,6 +378,23 @@ def copyUpdatedIsys(updates, srcdir, builddir): if os.path.isfile(isysmodule): shutil.copy2(isysmodule, tmpupdates)

+def copyUpdatedAuditd(updates, srcdir, builddir):

• os.chdir(srcdir)
• print("copyUpdatedIsys BUILLDIR %s" % builddir)
• auditdir = updates + '/usr/sbin'
• checkAutotools(srcdir, builddir)
• os.system('make -C %s -j %d auditd' % (builddir + '/pyanaconda/isys', multiprocessing.cpu_count()))
• # Copy the auditd binary to /usr/sbin
• if not os.path.isdir(auditdir):

•    os.makedirs(auditdir)
  

• auditd = builddir + '/pyanaconda/isys/auditd'
• if os.path.isfile(auditd):

•    shutil.copy2(auditd, auditdir)
  

def copyUpdatedWidgets(updates, srcdir, builddir): os.chdir(srcdir)

@@ -951,6 +972,9 @@ def main(): if widgetsChanged(args.tag): copyUpdatedWidgets(updates, cwd, builddir)

•    if auditdChanged(args.tag):
  

•        copyUpdatedAuditd(updates, cwd, builddir)
  

• if args.po: copyTranslations(updates, cwd, builddir)

This looks good to me. Thanks for using the '-j' option right away.