Error at compiling audit 4.2.2
by Alarie, Maxime
Not sure if you guys provide support for this,
I am trying to compile auditd 4.2.2 and Iam using python 2.6..
I get this error and I was wondering if it cou;s be fixed. Or If I absolutely need to use pythoin 2.7:
Command entered: /configure --sbindir=/sbin --with-python=yes --with-libwrap --enable-gssapi-krb5=yes --with-libcap-ng=yes
Error (checking header files section):
Checking for header files
checking for ANSI C header files... (cached) yes
checking whether time.h and sys/time.h may both be included... yes
checking for an ANSI C-conforming const... yes
checking for inline... inline
checking size of unsigned int... 4
checking size of unsigned long... 8
checking whether MS_DIRSYNC is declared... yes
checking whether AUDIT_FEATURE_VERSION is declared... no
checking whether AUDIT_VERSION_BACKLOG_WAIT_TIME is declared... no
checking whether to create python bindings... testing
checking for python... /usr/bin/python
checking for python version... 2.6
checking for python platform... linux2
checking for python script directory... ${prefix}/lib64/python2.6/site-packages
checking for python extension module directory... ${exec_prefix}/lib64/python2.6/site-packages
configure: error: Python explicitly required and python headers found
any tips would help, I can even use an older version if necessary.. I just need to upgrade 1.8. (SLES 11)
MErci
9 years, 4 months
[PATCH 1/2] audit: log binding and unbinding to netlink multicast socket
by Steve Grubb
The audit subsystem could use a function that logs the commonly needed
fields for a typical audit event. This logs less that audit_log_task_info
and reduces the need to hand code individual fields.
Signed-off-by: Steve Grubb <sgrubb(a)redhat.com>
---
include/linux/audit.h | 5 +++++
kernel/audit.c | 35 +++++++++++++++++++++++++++++++++++
2 files changed, 40 insertions(+)
diff --git a/include/linux/audit.h b/include/linux/audit.h
index c2e7e3a..2620847 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -484,6 +484,8 @@ static inline void audit_log_secctx(struct audit_buffer *ab, u32 secid)
extern int audit_log_task_context(struct audit_buffer *ab);
extern void audit_log_task_info(struct audit_buffer *ab,
struct task_struct *tsk);
+extern void audit_log_task_simple(struct audit_buffer *ab,
+ struct task_struct *tsk);
extern int audit_update_lsm_rules(void);
@@ -540,6 +542,9 @@ static inline int audit_log_task_context(struct audit_buffer *ab)
static inline void audit_log_task_info(struct audit_buffer *ab,
struct task_struct *tsk)
{ }
+static inline void audit_log_task_simple(struct audit_buffer *ab,
+ struct task_struct *tsk)
+{ }
#define audit_enabled 0
#endif /* CONFIG_AUDIT */
static inline void audit_log_string(struct audit_buffer *ab, const char *buf)
diff --git a/kernel/audit.c b/kernel/audit.c
index 1c13e42..29fb38b 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -1100,6 +1100,41 @@ static void audit_receive(struct sk_buff *skb)
mutex_unlock(&audit_cmd_mutex);
}
+/* This function logs the essential information needed to understand
+ * what or who is causing the event */
+void audit_log_task_simple(struct audit_buffer *ab, struct task_struct *tsk)
+{
+ const struct cred *cred;
+ char comm[sizeof(tsk->comm)];
+ char *tty;
+
+ if (!ab)
+ return;
+
+ /* tsk == current */
+ cred = current_cred();
+
+ spin_lock_irq(&tsk->sighand->siglock);
+ if (tsk->signal && tsk->signal->tty && tsk->signal->tty->name)
+ tty = tsk->signal->tty->name;
+ else
+ tty = "(none)";
+ spin_unlock_irq(&tsk->sighand->siglock);
+
+ audit_log_format(ab, "pid=%u uid=%u auid=%u tty=%s ses=%u",
+ task_pid_nr(tsk),
+ from_kuid(&init_user_ns, cred->uid),
+ from_kuid(&init_user_ns, audit_get_loginuid(tsk)),
+ tty, audit_get_sessionid(tsk));
+
+ audit_log_task_context(ab); /* subj= */
+ audit_log_format(ab, " comm=");
+ audit_log_untrustedstring(ab, get_task_comm(comm, tsk));
+
+ audit_log_d_path_exe(ab, tsk->mm); /* exe= */
+}
+EXPORT_SYMBOL(audit_log_task_simple);
+
/* Run custom bind function on netlink socket group connect or bind requests. */
static int audit_bind(struct net *net, int group)
{
--
2.4.3
9 years, 4 months
[PATCH 2/2] audit: log binding and unbinding to netlink multicast socket
by Steve Grubb
Log information about programs connecting and disconnecting to the audit
netlink multicast socket. This is needed so that during investigations a
security officer can tell who or what had access to the audit trail. This
helps to meet the FAU_SAR.2 requirement for Common Criteria.
Signed-off-by: Steve Grubb <sgrubb(a)redhat.com>
---
include/uapi/linux/audit.h | 1 +
kernel/audit.c | 30 ++++++++++++++++++++++++++++--
2 files changed, 29 insertions(+), 2 deletions(-)
diff --git a/include/uapi/linux/audit.h b/include/uapi/linux/audit.h
index d3475e1..bb4555a 100644
--- a/include/uapi/linux/audit.h
+++ b/include/uapi/linux/audit.h
@@ -110,6 +110,7 @@
#define AUDIT_SECCOMP 1326 /* Secure Computing event */
#define AUDIT_PROCTITLE 1327 /* Proctitle emit event */
#define AUDIT_FEATURE_CHANGE 1328 /* audit log listing feature changes */
+#define AUDIT_EVENT_LISTENER 1329 /* task joined multicast read socket */
#define AUDIT_AVC 1400 /* SE Linux avc denial or grant */
#define AUDIT_SELINUX_ERR 1401 /* Internal SE Linux Errors */
diff --git a/kernel/audit.c b/kernel/audit.c
index 29fb38b..3253f1b 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -1135,13 +1135,36 @@ void audit_log_task_simple(struct audit_buffer *ab, struct task_struct *tsk)
}
EXPORT_SYMBOL(audit_log_task_simple);
+static void audit_log_bind(int group, const char *op, int err)
+{
+ struct audit_buffer *ab;
+
+ ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_EVENT_LISTENER);
+ if (!ab)
+ return;
+
+ audit_log_task_simple(ab, current);
+ audit_log_format(ab, " nlnk-grp=%d", group);
+ audit_log_format(ab, " op=%s", op);
+ audit_log_format(ab, " res=%d", !err);
+ audit_log_end(ab);
+}
+
/* Run custom bind function on netlink socket group connect or bind requests. */
static int audit_bind(struct net *net, int group)
{
+ int err = 0;
+
if (!capable(CAP_AUDIT_READ))
- return -EPERM;
+ err = -EPERM;
+ audit_log_bind(group, "connect", err);
- return 0;
+ return err;
+}
+
+static void audit_unbind(struct net *net, int group)
+{
+ audit_log_bind(group, "disconnect", 0);
}
static int __net_init audit_net_init(struct net *net)
@@ -1151,6 +1176,7 @@ static int __net_init audit_net_init(struct net *net)
.bind = audit_bind,
.flags = NL_CFG_F_NONROOT_RECV,
.groups = AUDIT_NLGRP_MAX,
+ .unbind = audit_unbind,
};
struct audit_net *aunet = net_generic(net, audit_net_id);
--
2.4.3
9 years, 5 months
[PATCH 0/2] audit: log binding and unbinding to netlink multicast socket
by Steve Grubb
Hello,
I am resurrecting this old patch. Its been cleaned up by adding a simple task
logging function which should, in the future, serve almost all kernel logging
needs. The cleaned up bind and unbind functions call it to create the preamble
and then finish with specific data items for bind/unbinding.
In essence, this patch logs connecting and unconnecting to the audit netlink
multicast socket. This is needed so that during investigations a security
officer can tell who or what had access to the audit trail. This helps to meet
the FAU_SAR.2 SFR for Common Criteria.
Sample output:
type=UNKNOWN[1329] msg=audit(1437683193.897:725): pid=10068 uid=0 auid=4325
tty=pts0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
comm="test" exe="/home/sgrubb/test/multicast/test" nlnk-grp=1 op=connect res=1
type=UNKNOWN[1329] msg=audit(1437683308.055:741): pid=10068 uid=0 auid=4325
tty=pts0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
comm="test" exe=(null) nlnk-grp=1 op=disconnect res=1
Signed-off-by: Steve Grubb <sgrubb(a)redhat.com>
---
9 years, 5 months
[PATCH] Missed cross compile fixes
by Clayton Shotwell
My previous patch set attempted to fix the building of the gen_tables.c
applications so they can run on the build machine when cross compiling.
I failed to realize that automake would still attempt to insert the
CFLAGS and CPPFLAGS variables even when they should be CFLAGS_FOR_BUILD
and CPPFLAGS_FOR_BUILD. This change set should override those FLAGS
variables properly.
Signed-off-by: Clayton Shotwell <clayton.shotwell(a)rockwellcollins.com>
---
auparse/Makefile.am | 185 +++++++++++++++++++++++++++++++++++++++++-----------
lib/Makefile.am | 85 +++++++++++++++++++-----
2 files changed, 216 insertions(+), 54 deletions(-)
diff --git a/auparse/Makefile.am b/auparse/Makefile.am
index 742f7ba..4b864d7 100644
--- a/auparse/Makefile.am
+++ b/auparse/Makefile.am
@@ -79,302 +79,413 @@ noinst_PROGRAMS = gen_accesstabs_h gen_captabs_h gen_clock_h \
gen_umounttabs_h
gen_accesstabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h accesstab.h
-gen_accesstabs_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="accesstab.h"'
+gen_accesstabs_h_CFLAGS = '-DTABLE_H="accesstab.h"'
$(gen_accesstabs_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_accesstabs_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_accesstabs_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_accesstabs_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_accesstabs_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_accesstabs_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
accesstabs.h: gen_accesstabs_h Makefile
./gen_accesstabs_h --i2s-transtab access > $@
gen_captabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h captab.h
-gen_captabs_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="captab.h"'
+gen_captabs_h_CFLAGS = '-DTABLE_H="captab.h"'
$(gen_captabs_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_captabs_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_captabs_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_captabs_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_captabs_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_captabs_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
captabs.h: gen_captabs_h Makefile
./gen_captabs_h --i2s cap > $@
gen_clock_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h clocktab.h
-gen_clock_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="clocktab.h"'
+gen_clock_h_CFLAGS = '-DTABLE_H="clocktab.h"'
$(gen_clock_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_clock_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_clock_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_clock_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_clock_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_clock_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
clocktabs.h: gen_clock_h Makefile
./gen_clock_h --i2s clock > $@
gen_clone_flagtabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h \
clone-flagtab.h
-gen_clone_flagtabs_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="clone-flagtab.h"'
+gen_clone_flagtabs_h_CFLAGS = '-DTABLE_H="clone-flagtab.h"'
$(gen_clone_flagtabs_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_clone_flagtabs_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_clone_flagtabs_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_clone-flagtabs_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_clone-flagtabs_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_clone-flagtabs_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
clone-flagtabs.h: gen_clone-flagtabs_h Makefile
./gen_clone-flagtabs_h --i2s-transtab clone_flag > $@
gen_epoll_ctls_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h epoll_ctl.h
-gen_epoll_ctls_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="epoll_ctl.h"'
+gen_epoll_ctls_h_CFLAGS = '-DTABLE_H="epoll_ctl.h"'
$(gen_epoll_ctls_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_epoll_ctls_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_epoll_ctls_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_epoll_ctls_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_epoll_ctls_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_epoll_ctls_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
epoll_ctls.h: gen_epoll_ctls_h Makefile
./gen_epoll_ctls_h --i2s epoll_ctl > $@
gen_famtabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h famtab.h
-gen_famtabs_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="famtab.h"'
+gen_famtabs_h_CFLAGS = '-DTABLE_H="famtab.h"'
$(gen_famtabs_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_famtabs_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_famtabs_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_famtabs_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_famtabs_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_famtabs_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
famtabs.h: gen_famtabs_h Makefile
./gen_famtabs_h --i2s fam > $@
gen_flagtabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h flagtab.h
# ../auparse/ is used to avoid using ../lib/flagtab.h
-gen_flagtabs_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="../auparse/flagtab.h"'
+gen_flagtabs_h_CFLAGS = '-DTABLE_H="../auparse/flagtab.h"'
$(gen_flagtabs_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_flagtabs_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_flagtabs_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_flagtabs_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_flagtabs_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_flagtabs_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
flagtabs.h: gen_flagtabs_h Makefile
./gen_flagtabs_h --i2s-transtab flag > $@
gen_fcntl_cmdtabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h \
fcntl-cmdtab.h
-gen_fcntl_cmdtabs_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="fcntl-cmdtab.h"'
+gen_fcntl_cmdtabs_h_CFLAGS = '-DTABLE_H="fcntl-cmdtab.h"'
$(gen_fcntl_cmdtabs_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_fcntl_cmdtabs_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_fcntl_cmdtabs_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_fcntl-cmdtabs_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_fcntl-cmdtabs_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_fcntl-cmdtabs_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
fcntl-cmdtabs.h: gen_fcntl-cmdtabs_h Makefile
./gen_fcntl-cmdtabs_h --i2s fcntl > $@
gen_icmptypetabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h icmptypetab.h
-gen_icmptypetabs_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="icmptypetab.h"'
+gen_icmptypetabs_h_CFLAGS = '-DTABLE_H="icmptypetab.h"'
$(gen_icmptypetabs_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_icmptypetabs_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_icmptypetabs_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_icmptypetabs_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_icmptypetabs_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_icmptypetabs_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
icmptypetabs.h: gen_icmptypetabs_h Makefile
./gen_icmptypetabs_h --i2s icmptype > $@
gen_ioctlreqtabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h ioctlreqtab.h
-gen_ioctlreqtabs_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="ioctlreqtab.h"'
+gen_ioctlreqtabs_h_CFLAGS = '-DTABLE_H="ioctlreqtab.h"'
$(gen_ioctlreqtabs_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_ioctlreqtabs_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_ioctlreqtabs_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_ioctlreqtabs_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_ioctlreqtabs_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_ioctlreqtabs_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
ioctlreqtabs.h: gen_ioctlreqtabs_h Makefile
./gen_ioctlreqtabs_h --i2s ioctlreq > $@
gen_ipctabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h ipctab.h
-gen_ipctabs_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="ipctab.h"'
+gen_ipctabs_h_CFLAGS = '-DTABLE_H="ipctab.h"'
$(gen_ipctabs_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_ipctabs_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_ipctabs_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_ipctabs_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_ipctabs_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_ipctabs_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
ipctabs.h: gen_ipctabs_h Makefile
./gen_ipctabs_h --i2s ipc > $@
gen_ipccmdtabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h ipccmdtab.h
-gen_ipccmdtabs_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="ipccmdtab.h"'
+gen_ipccmdtabs_h_CFLAGS = '-DTABLE_H="ipccmdtab.h"'
$(gen_ipccmdtabs_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_ipccmdtabs_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_ipccmdtabs_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_ipccmdtabs_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_ipccmdtabs_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_ipccmdtabs_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
ipccmdtabs.h: gen_ipccmdtabs_h Makefile
./gen_ipccmdtabs_h --i2s-transtab ipccmd > $@
gen_ipoptnametabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h ipoptnametab.h
-gen_ipoptnametabs_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="ipoptnametab.h"'
+gen_ipoptnametabs_h_CFLAGS = '-DTABLE_H="ipoptnametab.h"'
$(gen_ipoptnametabs_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_ipoptnametabs_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_ipoptnametabs_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_ipoptnametabs_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_ipoptnametabs_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_ipoptnametabs_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
ipoptnametabs.h: gen_ipoptnametabs_h Makefile
./gen_ipoptnametabs_h --i2s ipoptname > $@
gen_ip6optnametabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h ip6optnametab.h
-gen_ip6optnametabs_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="ip6optnametab.h"'
+gen_ip6optnametabs_h_CFLAGS = '-DTABLE_H="ip6optnametab.h"'
$(gen_ip6optnametabs_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_ip6optnametabs_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_ip6optnametabs_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_ip6optnametabs_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_ip6optnametabs_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_ip6optnametabs_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
ip6optnametabs.h: gen_ip6optnametabs_h Makefile
./gen_ip6optnametabs_h --i2s ip6optname > $@
gen_mmaptabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h mmaptab.h
-gen_mmaptabs_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="mmaptab.h"'
+gen_mmaptabs_h_CFLAGS = '-DTABLE_H="mmaptab.h"'
$(gen_mmaptabs_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_mmaptabs_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_mmaptabs_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_mmaptabs_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_mmaptabs_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_mmaptabs_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
mmaptabs.h: gen_mmaptabs_h Makefile
./gen_mmaptabs_h --i2s-transtab mmap > $@
gen_mounttabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h mounttab.h
-gen_mounttabs_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="mounttab.h"'
+gen_mounttabs_h_CFLAGS = '-DTABLE_H="mounttab.h"'
$(gen_mounttabs_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_mounttabs_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_mounttabs_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_mounttabs_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_mounttabs_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_mounttabs_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
mounttabs.h: gen_mounttabs_h Makefile
./gen_mounttabs_h --i2s-transtab mount > $@
gen_nfprototabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h nfprototab.h
-gen_nfprototabs_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="nfprototab.h"'
+gen_nfprototabs_h_CFLAGS = '-DTABLE_H="nfprototab.h"'
$(gen_nfprototabs_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_nfprototabs_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_nfprototabs_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_nfprototabs_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_nfprototabs_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_nfprototabs_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
nfprototabs.h: gen_nfprototabs_h Makefile
./gen_nfprototabs_h --i2s nfproto > $@
gen_open_flagtabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h \
open-flagtab.h
-gen_open_flagtabs_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="open-flagtab.h"'
+gen_open_flagtabs_h_CFLAGS = '-DTABLE_H="open-flagtab.h"'
$(gen_open_flagtabs_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_open_flagtabs_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_open_flagtabs_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_open-flagtabs_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_open-flagtabs_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_open-flagtabs_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
open-flagtabs.h: gen_open-flagtabs_h Makefile
./gen_open-flagtabs_h --i2s-transtab open_flag > $@
gen_persontabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h persontab.h
-gen_persontabs_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="persontab.h"'
+gen_persontabs_h_CFLAGS = '-DTABLE_H="persontab.h"'
$(gen_persontabs_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_persontabs_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_persontabs_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_persontabs_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_persontabs_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_persontabs_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
persontabs.h: gen_persontabs_h Makefile
./gen_persontabs_h --i2s person > $@
gen_ptracetabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h ptracetab.h
-gen_ptracetabs_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="ptracetab.h"'
+gen_ptracetabs_h_CFLAGS = '-DTABLE_H="ptracetab.h"'
$(gen_ptracetabs_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_ptracetabs_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_ptracetabs_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_ptracetabs_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_ptracetabs_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_ptracetabs_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
ptracetabs.h: gen_ptracetabs_h Makefile
./gen_ptracetabs_h --i2s ptrace > $@
gen_prctl_opttabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h prctl-opt-tab.h
-gen_prctl_opttabs_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="prctl-opt-tab.h"'
+gen_prctl_opttabs_h_CFLAGS = '-DTABLE_H="prctl-opt-tab.h"'
$(gen_prctl_opttabs_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_prctl_opttabs_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_prctl_opttabs_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_prctl_opttabs_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_prctl_opttabs_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_prctl_opttabs_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
prctl_opttabs.h: gen_prctl_opttabs_h Makefile
./gen_prctl_opttabs_h --i2s prctl_opt > $@
gen_pktoptnametabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h pktoptnametab.h
-gen_pktoptnametabs_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="pktoptnametab.h"'
+gen_pktoptnametabs_h_CFLAGS = '-DTABLE_H="pktoptnametab.h"'
$(gen_pktoptnametabs_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_pktoptnametabs_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_pktoptnametabs_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_pktoptnametabs_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_pktoptnametabs_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_pktoptnametabs_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
pktoptnametabs.h: gen_pktoptnametabs_h Makefile
./gen_pktoptnametabs_h --i2s pktoptname > $@
gen_prottabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h prottab.h
-gen_prottabs_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="prottab.h"'
+gen_prottabs_h_CFLAGS = '-DTABLE_H="prottab.h"'
$(gen_prottabs_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_prottabs_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_prottabs_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_prottabs_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_prottabs_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_prottabs_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
prottabs.h: gen_prottabs_h Makefile
./gen_prottabs_h --i2s-transtab prot > $@
gen_recvtabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h recvtab.h
-gen_recvtabs_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="recvtab.h"'
+gen_recvtabs_h_CFLAGS = '-DTABLE_H="recvtab.h"'
$(gen_recvtabs_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_recvtabs_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_recvtabs_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_recvtabs_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_recvtabs_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_recvtabs_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
recvtabs.h: gen_recvtabs_h Makefile
./gen_recvtabs_h --i2s-transtab recv > $@
gen_rlimit_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h rlimittab.h
-gen_rlimit_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="rlimittab.h"'
+gen_rlimit_h_CFLAGS = '-DTABLE_H="rlimittab.h"'
$(gen_rlimit_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_rlimit_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_rlimit_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_rlimit_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_rlimit_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_rlimit_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
rlimittabs.h: gen_rlimit_h Makefile
./gen_rlimit_h --i2s rlimit > $@
gen_schedtabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h schedtab.h
-gen_schedtabs_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="schedtab.h"'
+gen_schedtabs_h_CFLAGS = '-DTABLE_H="schedtab.h"'
$(gen_schedtabs_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_schedtabs_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_schedtabs_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_schedtabs_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_schedtabs_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_schedtabs_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
schedtabs.h: gen_schedtabs_h Makefile
./gen_schedtabs_h --i2s sched > $@
gen_seccomptabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h seccomptab.h
-gen_seccomptabs_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="seccomptab.h"'
+gen_seccomptabs_h_CFLAGS = '-DTABLE_H="seccomptab.h"'
$(gen_seccomptabs_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_seccomptabs_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_seccomptabs_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_seccomptabs_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_seccomptabs_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_seccomptabs_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
seccomptabs.h: gen_seccomptabs_h Makefile
./gen_seccomptabs_h --i2s seccomp > $@
gen_seektabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h seektab.h
-gen_seektabs_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="seektab.h"'
+gen_seektabs_h_CFLAGS = '-DTABLE_H="seektab.h"'
$(gen_seektabs_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_seektabs_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_seektabs_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_seektabs_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_seektabs_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_seektabs_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
seektabs.h: gen_seektabs_h Makefile
./gen_seektabs_h --i2s seek > $@
gen_shm_modetabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h shm_modetab.h
-gen_shm_modetabs_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="shm_modetab.h"'
+gen_shm_modetabs_h_CFLAGS = '-DTABLE_H="shm_modetab.h"'
$(gen_shm_modetabs_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_shm_modetabs_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_shm_modetabs_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_shm_modetabs_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_shm_modetabs_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_shm_modetabs_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
shm_modetabs.h: gen_shm_modetabs_h Makefile
./gen_shm_modetabs_h --i2s-transtab shm_mode > $@
gen_signals_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h signaltab.h
-gen_signals_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="signaltab.h"'
+gen_signals_h_CFLAGS = '-DTABLE_H="signaltab.h"'
$(gen_signals_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_signals_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_signals_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_signals_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_signals_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_signals_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
signaltabs.h: gen_signals_h Makefile
./gen_signals_h --i2s signal > $@
gen_sockleveltabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h sockleveltab.h
-gen_sockleveltabs_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="sockleveltab.h"'
+gen_sockleveltabs_h_CFLAGS = '-DTABLE_H="sockleveltab.h"'
$(gen_sockleveltabs_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_sockleveltabs_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_sockleveltabs_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_sockleveltabs_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_sockleveltabs_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_sockleveltabs_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
sockleveltabs.h: gen_sockleveltabs_h Makefile
./gen_sockleveltabs_h --i2s socklevel > $@
gen_sockoptnametabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h sockoptnametab.h
-gen_sockoptnametabs_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="sockoptnametab.h"'
+gen_sockoptnametabs_h_CFLAGS = '-DTABLE_H="sockoptnametab.h"'
$(gen_sockoptnametabs_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_sockoptnametabs_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_sockoptnametabs_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_sockoptnametabs_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_sockoptnametabs_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_sockoptnametabs_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
sockoptnametabs.h: gen_sockoptnametabs_h Makefile
./gen_sockoptnametabs_h --i2s sockoptname > $@
gen_socktabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h socktab.h
-gen_socktabs_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="socktab.h"'
+gen_socktabs_h_CFLAGS = '-DTABLE_H="socktab.h"'
$(gen_socktabs_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_socktabs_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_socktabs_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_socktabs_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_socktabs_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_socktabs_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
socktabs.h: gen_socktabs_h Makefile
./gen_socktabs_h --i2s sock > $@
gen_socktypetabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h socktypetab.h
-gen_socktypetabs_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="socktypetab.h"'
+gen_socktypetabs_h_CFLAGS = '-DTABLE_H="socktypetab.h"'
$(gen_socktypetabs_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_socktypetabs_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_socktypetabs_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_socktypetabs_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_socktypetabs_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_socktypetabs_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
socktypetabs.h: gen_socktypetabs_h Makefile
./gen_socktypetabs_h --i2s sock_type > $@
gen_tcpoptnametabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h tcpoptnametab.h
-gen_tcpoptnametabs_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="tcpoptnametab.h"'
+gen_tcpoptnametabs_h_CFLAGS = '-DTABLE_H="tcpoptnametab.h"'
$(gen_tcpoptnametabs_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_tcpoptnametabs_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_tcpoptnametabs_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_tcpoptnametabs_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_tcpoptnametabs_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_tcpoptnametabs_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
tcpoptnametabs.h: gen_tcpoptnametabs_h Makefile
./gen_tcpoptnametabs_h --i2s tcpoptname > $@
gen_typetabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h typetab.h
-gen_typetabs_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="typetab.h"'
+gen_typetabs_h_CFLAGS = '-DTABLE_H="typetab.h"'
$(gen_typetabs_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_typetabs_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_typetabs_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_typetabs_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_typetabs_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_typetabs_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
typetabs.h: gen_typetabs_h Makefile
./gen_typetabs_h --s2i type > $@
gen_umounttabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h umounttab.h
-gen_umounttabs_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="umounttab.h"'
+gen_umounttabs_h_CFLAGS = '-DTABLE_H="umounttab.h"'
$(gen_umounttabs_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_umounttabs_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_umounttabs_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_umounttabs_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_umounttabs_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_umounttabs_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
umounttabs.h: gen_umounttabs_h Makefile
./gen_umounttabs_h --i2s-transtab umount > $@
diff --git a/lib/Makefile.am b/lib/Makefile.am
index dddadd5..e2ed101 100644
--- a/lib/Makefile.am
+++ b/lib/Makefile.am
@@ -70,145 +70,196 @@ if USE_AARCH64
noinst_PROGRAMS += gen_aarch64_tables_h
endif
gen_actiontabs_h_SOURCES = gen_tables.c gen_tables.h actiontab.h
-gen_actiontabs_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="actiontab.h"'
+gen_actiontabs_h_CFLAGS = '-DTABLE_H="actiontab.h"'
$(gen_actiontabs_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_actiontabs_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_actiontabs_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_actiontabs_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_actiontabs_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_actiontabs_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
actiontabs.h: gen_actiontabs_h Makefile
./gen_actiontabs_h --lowercase --i2s --s2i action > $@
if USE_ALPHA
gen_alpha_tables_h_SOURCES = gen_tables.c gen_tables.h alpha_table.h
-gen_alpha_tables_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="alpha_table.h"'
+gen_alpha_tables_h_CFLAGS = '-DTABLE_H="alpha_table.h"'
$(gen_alpha_tables_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_alpha_tables_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_alpha_tables_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_alpha_tables_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_alpha_tables_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_alpha_tables_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
alpha_tables.h: gen_alpha_tables_h Makefile
./gen_alpha_tables_h --lowercase --i2s --s2i alpha_syscall > $@
endif
if USE_ARM
gen_arm_tables_h_SOURCES = gen_tables.c gen_tables.h arm_table.h
-gen_arm_tables_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="arm_table.h"'
+gen_arm_tables_h_CFLAGS = '-DTABLE_H="arm_table.h"'
$(gen_arm_tables_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_arm_tables_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_arm_tables_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_arm_tables_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_arm_tables_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_arm_tables_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
arm_tables.h: gen_arm_tables_h Makefile
./gen_arm_tables_h --lowercase --i2s --s2i arm_syscall > $@
endif
if USE_AARCH64
gen_aarch64_tables_h_SOURCES = gen_tables.c gen_tables.h aarch64_table.h
-gen_aarch64_tables_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="aarch64_table.h"'
+gen_aarch64_tables_h_CFLAGS = '-DTABLE_H="aarch64_table.h"'
$(gen_aarch64_tables_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_aarch64_tables_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_aarch64_tables_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_aarch64_tables_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_aarch64_tables_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_aarch64_tables_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
aarch64_tables.h: gen_aarch64_tables_h Makefile
./gen_aarch64_tables_h --lowercase --i2s --s2i aarch64_syscall > $@
endif
gen_errtabs_h_SOURCES = gen_tables.c gen_tables.h errtab.h
-gen_errtabs_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="errtab.h"'
+gen_errtabs_h_CFLAGS = '-DTABLE_H="errtab.h"'
$(gen_errtabs_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_errtabs_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_errtabs_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_errtabs_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_errtabs_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_errtabs_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
errtabs.h: gen_errtabs_h Makefile
./gen_errtabs_h --duplicate-ints --uppercase --i2s --s2i err > $@
gen_fieldtabs_h_SOURCES = gen_tables.c gen_tables.h fieldtab.h
-gen_fieldtabs_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="fieldtab.h"'
+gen_fieldtabs_h_CFLAGS = '-DTABLE_H="fieldtab.h"'
$(gen_fieldtabs_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_fieldtabs_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_fieldtabs_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_fieldtabs_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_fieldtabs_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_fieldtabs_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
fieldtabs.h: gen_fieldtabs_h Makefile
./gen_fieldtabs_h --duplicate-ints --lowercase --i2s --s2i field > $@
gen_flagtabs_h_SOURCES = gen_tables.c gen_tables.h flagtab.h
-gen_flagtabs_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="flagtab.h"'
+gen_flagtabs_h_CFLAGS = '-DTABLE_H="flagtab.h"'
$(gen_flagtabs_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_flagtabs_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_flagtabs_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_flagtabs_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_flagtabs_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_flagtabs_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
flagtabs.h: gen_flagtabs_h Makefile
./gen_flagtabs_h --lowercase --i2s --s2i flag > $@
gen_ftypetabs_h_SOURCES = gen_tables.c gen_tables.h ftypetab.h
-gen_ftypetabs_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="ftypetab.h"'
+gen_ftypetabs_h_CFLAGS = '-DTABLE_H="ftypetab.h"'
$(gen_ftypetabs_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_ftypetabs_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_ftypetabs_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_ftypetabs_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_ftypetabs_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_ftypetabs_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
ftypetabs.h: gen_ftypetabs_h Makefile
./gen_ftypetabs_h --lowercase --i2s --s2i ftype > $@
gen_i386_tables_h_SOURCES = gen_tables.c gen_tables.h i386_table.h
-gen_i386_tables_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="i386_table.h"'
+gen_i386_tables_h_CFLAGS = '-DTABLE_H="i386_table.h"'
$(gen_i386_tables_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_i386_tables_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_i386_tables_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_i386_tables_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_i386_tables_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_i386_tables_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
i386_tables.h: gen_i386_tables_h Makefile
./gen_i386_tables_h --duplicate-ints --lowercase --i2s --s2i \
i386_syscall > $@
gen_ia64_tables_h_SOURCES = gen_tables.c gen_tables.h ia64_table.h
-gen_ia64_tables_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="ia64_table.h"'
+gen_ia64_tables_h_CFLAGS = '-DTABLE_H="ia64_table.h"'
$(gen_ia64_tables_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_ia64_tables_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_ia64_tables_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_ia64_tables_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_ia64_tables_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_ia64_tables_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
ia64_tables.h: gen_ia64_tables_h Makefile
./gen_ia64_tables_h --lowercase --i2s --s2i ia64_syscall > $@
gen_machinetabs_h_SOURCES = gen_tables.c gen_tables.h machinetab.h
-gen_machinetabs_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="machinetab.h"'
+gen_machinetabs_h_CFLAGS = '-DTABLE_H="machinetab.h"'
$(gen_machinetabs_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_machinetabs_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_machinetabs_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_machinetabs_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_machinetabs_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_machinetabs_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
machinetabs.h: gen_machinetabs_h Makefile
./gen_machinetabs_h --duplicate-ints --lowercase --i2s --s2i machine \
> $@
gen_msg_typetabs_h_SOURCES = gen_tables.c gen_tables.h msg_typetab.h
-gen_msg_typetabs_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="msg_typetab.h"'
+gen_msg_typetabs_h_CFLAGS = '-DTABLE_H="msg_typetab.h"'
$(gen_msg_typetabs_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_msg_typetabs_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_msg_typetabs_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_msg_typetabs_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_msg_typetabs_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_msg_typetabs_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
msg_typetabs.h: gen_msg_typetabs_h Makefile
./gen_msg_typetabs_h --uppercase --i2s --s2i msg_type > $@
gen_optabs_h_SOURCES = gen_tables.c gen_tables.h optab.h
-gen_optabs_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="optab.h"'
+gen_optabs_h_CFLAGS = '-DTABLE_H="optab.h"'
$(gen_optabs_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_optabs_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_optabs_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_optabs_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_optabs_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_optabs_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
optabs.h: gen_optabs_h Makefile
./gen_optabs_h --i2s op > $@
gen_ppc_tables_h_SOURCES = gen_tables.c gen_tables.h ppc_table.h
-gen_ppc_tables_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="ppc_table.h"'
+gen_ppc_tables_h_CFLAGS = '-DTABLE_H="ppc_table.h"'
$(gen_ppc_tables_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_ppc_tables_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_ppc_tables_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_ppc_tables_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_ppc_tables_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_ppc_tables_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
ppc_tables.h: gen_ppc_tables_h Makefile
./gen_ppc_tables_h --lowercase --i2s --s2i ppc_syscall > $@
gen_s390_tables_h_SOURCES = gen_tables.c gen_tables.h s390_table.h
-gen_s390_tables_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="s390_table.h"'
+gen_s390_tables_h_CFLAGS = '-DTABLE_H="s390_table.h"'
$(gen_s390_tables_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_s390_tables_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_s390_tables_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_s390_tables_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_s390_tables_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_s390_tables_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
s390_tables.h: gen_s390_tables_h Makefile
./gen_s390_tables_h --lowercase --i2s --s2i s390_syscall > $@
gen_s390x_tables_h_SOURCES = gen_tables.c gen_tables.h s390x_table.h
-gen_s390x_tables_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="s390x_table.h"'
+gen_s390x_tables_h_CFLAGS = '-DTABLE_H="s390x_table.h"'
$(gen_s390x_tables_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_s390x_tables_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_s390x_tables_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_s390x_tables_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_s390x_tables_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_s390x_tables_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
s390x_tables.h: gen_s390x_tables_h Makefile
./gen_s390x_tables_h --lowercase --i2s --s2i s390x_syscall > $@
gen_x86_64_tables_h_SOURCES = gen_tables.c gen_tables.h x86_64_table.h
-gen_x86_64_tables_h_CFLAGS = $(CFLAGS_FOR_BUILD) '-DTABLE_H="x86_64_table.h"'
+gen_x86_64_tables_h_CFLAGS = '-DTABLE_H="x86_64_table.h"'
$(gen_x86_64_tables_h_OBJECTS): CC=$(CC_FOR_BUILD)
+$(gen_x86_64_tables_h_OBJECTS): CFLAGS=$(CFLAGS_FOR_BUILD)
$(gen_x86_64_tables_h_OBJECTS): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
gen_x86_64_tables_h$(BUILD_EXEEXT): CC=$(CC_FOR_BUILD)
+gen_x86_64_tables_h$(BUILD_EXEEXT): CFLAGS=$(CFLAGS_FOR_BUILD)
+gen_x86_64_tables_h$(BUILD_EXEEXT): CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
x86_64_tables.h: gen_x86_64_tables_h Makefile
./gen_x86_64_tables_h --lowercase --i2s --s2i x86_64_syscall > $@
--
1.9.1
9 years, 5 months
Auditd framework slowdowns (sometimes freezes) the entire system.
by Kangkook Jee
Hi all,
I'm writing a custom user-land auditd client subscribing to kauditd to monitor a
number of system calls that we are interested. My auditd client seems to work
fine in overall but I found unexpected behavior of auditd framework which slows
down (or sometimes freezes) the entire system as the consuming rate of audit
client couldn't catch up the speed of audit message generation.
Here's the simple code snippet used to reproduce the problem.
//
// To build.
// g++ -o simple_audit -std=c++11 -L/usr/lib/x86_64-linux-gnu/ main.cpp -laudit
//
#include <libaudit.h>
#include <sys/types.h>
#include <unistd.h>
#include <cassert>
#include <iostream>
static int32_t fd = -1;
static bool au_listen_flag = true;
int main(int argc, char* argv[]) {
struct audit_reply rep;
uint64_t cnt = 0;
if (argc != 2) {
fprintf(stderr, "Invalid usage: %s <sleep_interval>\n", argv[0]);
exit(1);
}
uint32_t sleep_time = atoi(argv[1]);
fd = audit_open();
if (fd < 0) {
// error handling.
std::cerr << "Invalid fd returned: " + std::to_string(fd) << std::endl;
exit(-1);
}
int32_t ret = audit_set_pid(fd, getpid(), WAIT_YES);
if (ret < 0) {
std::cerr << "audit_set_pid failed: " + std::to_string(fd) << std::endl;
exit(-1);
}
while (au_listen_flag) {
int32_t rc = audit_get_reply(fd, &rep, GET_REPLY_BLOCKING, 0);
if (rc > 0) {
cnt++;
}
usleep(sleep_time);
if (cnt % 10000 == 0) {
printf ("messages %lu\n", cnt);
}
}
close(fd);
}
The problem becomes more apparent as we increase the amount of sleep time that
is provided as a first command line argument (say a thousand Milli-seconds) and
simultaneously run some heavy-load tasks (i.e., kernel build).
sudo ./simple_audit 1000
Here's the command line that we used to add system calls to be monitored and
enable.
# Adding events.
/sbin/auditctl -a exit,always -F arch=b64 -S clone -S close -S creat -S dup -S dup2 -S dup3 -S execve -S exit -S exit_group -S fork -S open -S openat -S unlink -S unlinkat -S vfork -S 288 -S accept -S bind -S connect -S listen -S socket -S socketpair
# Enabling events.
/sbin/auditctl -e1 -b 102400
At the very moment, "auditctl -s" indicating that kernel buffer is filled up but
it does not throw away audit messages ('lost' is not increasing ).
# auditctl -s
AUDIT_STATUS: enabled=1 flag=1 pid=29887 rate_limit=0 backlog_limit=102400 lost=270878600 backlog=102402
# auditctl -s
AUDIT_STATUS: enabled=1 flag=1 pid=29887 rate_limit=0 backlog_limit=102400 lost=270878600 backlog=102402
Could anyone guide me how to configure kauditd's buffer setting so that it can
dump audit messages when the buffer is filled up and user-land consumer can't
catch up the speed of audit message produce?
Thanks a lot for your help in advance!
Regards, Kangkook
9 years, 5 months
Configuration file monitoring - reporting content changes
by Burn Alting
All,
I am interested in any Linux based capability that will monitor
identified files and report on actual changes to the monitored file. I
know there are methods of recording that the file has been changed (e.g.
aide and/or monitor writes via auditd), but I want to know what has
changed ... basically something that would provide a 'diff' like output.
Now there are tools like Samhain that will record the content changes of
a file that is <= 92000 bytes in size, but I am interested in a more
lightweight solution ... perhaps a simple inotify(7) based utility that
perhaps maintains a copy of the file(s) in core (in compressed format)
and based on inotify() returns checks for changes and reports (somehow
yet to be defined) the before/after changes.
Is there anything 'out there' that list members are aware of?
If not, would the following utility be of interest? On startup, load the
monitored file(s) (saving a compressed copy in memory). Then, using
inotify, monitor for changes and if so, emit some kind of record
defining the change and change the compressed in-memory copy. If so, is
our mailing list and the contributed portion of auditd an appropriate
repository for such a tool.
Naturally, such a tool would be supported by appropriate auditd
monitoring that will take care of changing file attributes etc and file
writes. That is, auditd tells me who and the utility tells me what.
Regards
Burn
9 years, 5 months
Re: Configuration file monitoring - reporting content changes
by Burn Alting
Mon, 2015-07-20 at 21:09 +0900, Tetsuo Handa wrote:
> Burn Alting wrote:
> > All,
> >
> > I am interested in any Linux based capability that will monitor
> > identified files and report on actual changes to the monitored file. I
> > know there are methods of recording that the file has been changed (e.g.
> > aide and/or monitor writes via auditd), but I want to know what has
> > changed ... basically something that would provide a 'diff' like output.
> >
> > Now there are tools like Samhain that will record the content changes of
> > a file that is <= 92000 bytes in size, but I am interested in a more
> > lightweight solution ... perhaps a simple inotify(7) based utility that
> > perhaps maintains a copy of the file(s) in core (in compressed format)
> > and based on inotify() returns checks for changes and reports (somehow
> > yet to be defined) the before/after changes.
> >
> > Is there anything 'out there' that list members are aware of?
>
> If you don't need to protect "copy of the file(s)" from malicious attacks,
> I think cvs / svn / git etc. would be sufficient.
>
> If you need to protect "copy of the file(s)" from malicious attacks,
> you would need to use access control mechanisms (e.g. SELinux).
Tetsuo,
I appreciate what you say, but I am looking at this problem from the
point of view of
a. There is no central management of configuration files, which means
git/puppet is not a viable solution.
b. The entity that will change the file is authorized to make the
change. That is, I just want to know what has changed. I am assuming
there are sufficient access control mechanisms to 'protect the file'.
Regards
9 years, 5 months
[PATCH V6 0/2] audit: rebalance and remove extra layers of watch references
by Richard Guy Briggs
While working on the audit by executable path feature, it was discovered that
watches and parent references were slightly imbalanced and deeper than
necessary.
Only bump up references when they are actually used and decrease when removed.
Richard Guy Briggs (2):
audit: eliminate unnecessary extra layer of watch references
audit: eliminate unnecessary extra layer of watch parent references
kernel/audit_watch.c | 11 ++++-------
kernel/auditfilter.c | 9 ---------
2 files changed, 4 insertions(+), 16 deletions(-)
9 years, 5 months
