Skip to content

augenrules: fixes for non-FHS-compliant systems #500

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 4 commits into
base: master
Choose a base branch
from
Open

augenrules: fixes for non-FHS-compliant systems #500

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
1673519
augenrules: use ls from $PATH
LordGrimmauld Sep 11, 2025
265b5e2
augenrules: use sh from PATH
LordGrimmauld Sep 11, 2025
d0f8f8c
augenrules: process with autotools to do variable expansion
LordGrimmauld Sep 11, 2025
515df55
augenrules: use auditctl from sbindir
LordGrimmauld Sep 11, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,7 @@ bindings/swig/python3/audit_wrap.c
bindings/swig/python3/_audit.so
init.d/auditd.service
init.d/audit-rules.service
init.d/augenrules
lib/*tabs.h
lib/*tables.h
ltmain.sh
Expand Down
2 changes: 1 addition & 1 deletion configure.ac
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -458,7 +458,7 @@ AC_CONFIG_FILES([Makefile common/Makefile lib/Makefile lib/audit.pc
bindings/python/python3/Makefile bindings/golang/Makefile
bindings/swig/Makefile bindings/swig/src/Makefile
bindings/swig/python3/Makefile tools/Makefile tools/aulast/Makefile
tools/aulast/test/Makefile
tools/aulast/test/Makefile init.d/augenrules
tools/aulastlog/Makefile tools/ausyscall/Makefile m4/Makefile],
[chmod +x auparse/test/run_auparse_tests.sh auparse/test/run_auparselol_test.sh])
AC_OUTPUT
Expand Down
9 changes: 5 additions & 4 deletions init.d/augenrules → init.d/augenrules.in
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
#!/bin/sh
#!/usr/bin/env sh

# Script to concatenate rules files found in a base audit rules directory
# to form a single /etc/audit/audit.rules file suitable for loading into
Expand Down Expand Up @@ -34,20 +34,21 @@ LoadRules=0
RETVAL=0
cmd="$0"
usage="Usage: $cmd [--check|--load]"
auditctl_bin=@sbindir@/auditctl

# Delete the interim file on faults
trap 'rm -f ${TmpRules}; exit 1' HUP INT QUIT PIPE TERM

try_load() {
if [ $LoadRules -eq 1 ] ; then
/sbin/auditctl -R ${DestinationFile}
$auditctl_bin -R ${DestinationFile}
RETVAL=$?
fi
}

# Check if audit is in immutable mode - exit if so
check_immutable () {
if [ "$(auditctl -s | awk '$1 == "enabled" { print $2 }')" = "2" ] ; then
if [ "$($auditctl_bin -s | awk '$1 == "enabled" { print $2 }')" = "2" ] ; then
echo "$cmd: Audit system is in immutable mode - exiting with no changes"
exit 0
fi
Expand Down Expand Up @@ -83,7 +84,7 @@ fi
# - the last processed -e directive is emitted as the last line
umask 0137
echo "## This file is automatically generated from $SourceRulesDir" >> "${TmpRules}"
for rules in $(/bin/ls -1v ${SourceRulesDir} | grep "\.rules$") ; do
for rules in $(ls -1v ${SourceRulesDir} | grep "\.rules$") ; do
cat ${SourceRulesDir}/"${rules}"
done | awk '
BEGIN {
Expand Down