audit user space build problems

[Steve Grubb]

Hello,

Recently, distributions moved to building against gcc-12 for their latest OS 
composes. It's been found in at least 2 distributions that the user space 
package is failing to build. It's natural to think this is related to gcc-12 
since it's the obvious change.

However, the problem is a combination of 2 things:

1) SWIG is making buggy code
2) The kernel changed to using flexible array members

The issue specifically is with struct audit_rules_data. At the bottom, it was 
using buf[0];  But on 5.17, it uses buf[];  It turns out that gcc-12 is just 
a coincidence and anything using gcc-12 also has the newest kernel.

The options are:
1) Report this as a SWIG bug and wait
2) Rewrite the libaudit python bindings to not use SWIG
3) Ask for buf[0]; to be reinstated in the kernel.

Of these, I think option 2 is the only viable long term option. It will take 
some time to write new python bindings that preserve the SWIG api.

A short term fix might be for distros to copy the kernel header into the lib 
directory and patch it to restore buf[0];, then change libaudit.c to include 
"audit.h" instead of <linux/audit.h>. There may be other approaches.

Just wanted to let everyone know that new builds in distributions are running 
into a problem. And a real fix will take a while.

Best,
-Steve