diff --git a/Add-missing-include-in-src-db.c.patch b/Add-missing-include-in-src-db.c.patch deleted file mode 100644 index 79775fc..0000000 --- a/Add-missing-include-in-src-db.c.patch +++ /dev/null @@ -1,28 +0,0 @@ -From c6e47606cb485457afd06d74c7f372011184fa73 Mon Sep 17 00:00:00 2001 -From: Ilya Tumaykin -Date: Tue, 23 May 2017 17:24:29 +0300 -Subject: [PATCH 05/20] Add missing include in src/db.c - -url_fclose() function used in this file is defined in fopen.h. ---- - src/db.c | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/src/db.c b/src/db.c -index dd133d4..858240d 100644 ---- a/src/db.c -+++ b/src/db.c -@@ -28,6 +28,10 @@ - #include "db_disk.h" - #include "md.h" - -+#ifdef WITH_CURL -+#include "fopen.h" -+#endif -+ - #ifdef WITH_PSQL - #include "db_sql.h" - #endif --- -2.19.1 - diff --git a/Fix-root_prefix-option.patch b/Fix-root_prefix-option.patch deleted file mode 100644 index d1115ed..0000000 --- a/Fix-root_prefix-option.patch +++ /dev/null @@ -1,46 +0,0 @@ -From 11a2c9828cc5d182a0a3090af4ee7687eb997f57 Mon Sep 17 00:00:00 2001 -From: Hannes von Haugwitz -Date: Sat, 18 Nov 2017 09:00:27 +0100 -Subject: [PATCH 02/20] Fix root_prefix option - ---- - ChangeLog | 3 +++ - src/db_disk.c | 4 ++-- - 2 files changed, 5 insertions(+), 2 deletions(-) - -diff --git a/ChangeLog b/ChangeLog -index 14a3c72..43f84a1 100644 ---- a/ChangeLog -+++ b/ChangeLog -@@ -1,3 +1,6 @@ -+2017-11-18 Hannes von Haugwitz -+ * Fix root_prefix option -+ - 2017-10-29 Hannes von Haugwitz - * Fix short form of --limit parameter - -diff --git a/src/db_disk.c b/src/db_disk.c -index 47e3e3e..36748e7 100644 ---- a/src/db_disk.c -+++ b/src/db_disk.c -@@ -203,7 +203,7 @@ db_line *db_readline_disk () - fullname=malloc((conf->root_prefix_length+2)*sizeof(char)); - strncpy(fullname, conf->root_prefix, conf->root_prefix_length+1); - strncat (fullname, "/", 1); -- if (!get_file_status(&fullname[conf->root_prefix_length], &fs)) { -+ if (!get_file_status(fullname, &fs)) { - add = check_rxtree (&fullname[conf->root_prefix_length], conf->tree, &attr, fs.st_mode); - error (240, "%s match=%d, tree=%p, attr=%llu\n", &fullname[conf->root_prefix_length], add, - conf->tree, attr); -@@ -249,7 +249,7 @@ recursion: - If not call, db_readline_disk again... - */ - -- if (get_file_status(&fullname[conf->root_prefix_length], &fs)) { -+ if (get_file_status(fullname, &fs)) { - free (fullname); - goto recursion; - } --- -2.19.1 - diff --git a/Fix-short-form-of-limit-parameter.patch b/Fix-short-form-of-limit-parameter.patch deleted file mode 100644 index 6deed36..0000000 --- a/Fix-short-form-of-limit-parameter.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 4863aa95d571c95107841aebf97d3d32aa8b3577 Mon Sep 17 00:00:00 2001 -From: Hannes von Haugwitz -Date: Sun, 29 Oct 2017 22:16:39 +0100 -Subject: [PATCH 01/20] Fix short form of --limit parameter - ---- - ChangeLog | 3 +++ - src/aide.c | 2 +- - 2 files changed, 4 insertions(+), 1 deletion(-) - -diff --git a/ChangeLog b/ChangeLog -index 263c438..14a3c72 100644 ---- a/ChangeLog -+++ b/ChangeLog -@@ -1,3 +1,6 @@ -+2017-10-29 Hannes von Haugwitz -+ * Fix short form of --limit parameter -+ - 2016-07-25 Hannes von Haugwitz - * Release version 0.16 - -diff --git a/src/aide.c b/src/aide.c -index f85c1b4..2971178 100644 ---- a/src/aide.c -+++ b/src/aide.c -@@ -117,7 +117,7 @@ static int read_param(int argc,char**argv) - }; - - while(1){ -- option = getopt_long(argc, argv, "hV::vc:B:A:r:iCuDE", options, &i); -+ option = getopt_long(argc, argv, "hV::vc:l:B:A:r:iCuDE", options, &i); - if(option==-1) - break; - switch(option) --- -2.19.1 - diff --git a/README.quickstart b/README.quickstart deleted file mode 100644 index 87adc63..0000000 --- a/README.quickstart +++ /dev/null @@ -1,40 +0,0 @@ -1) Customize /etc/aide.conf to your liking. In particular, add - important directories and files which you would like to be - covered by integrity checks. Avoid files which are expected - to change frequently or which don't affect the safety of your - system. - -2) Run "/usr/sbin/aide --init" to build the initial database. - With the default setup, that creates /var/lib/aide/aide.db.new.gz - -3) Store /etc/aide.conf, /usr/sbin/aide and /var/lib/aide/aide.db.new.gz - in a secure location, e.g. on separate read-only media (such as - CD-ROM). Alternatively, keep MD5 fingerprints or GPG signatures - of those files in a secure location, so you have means to verify - that nobody modified those files. - -4) Copy /var/lib/aide/aide.db.new.gz to /var/lib/aide/aide.db.gz - which is the location of the input database. - -5) Run "/usr/sbin/aide --check" to check your system for inconsistencies - compared with the AIDE database. Prior to running a check manually, - ensure that the AIDE binary and database have not been modified - without your knowledge. - - Caution! - - With the default setup, an AIDE check is not run periodically as a - cron job. It cannot be guaranteed that the AIDE binaries, config - file and database are intact. It is not recommended that you run - automated AIDE checks without verifying AIDE yourself frequently. - In addition to that, AIDE does not implement any password or - encryption protection for its own files. - - It is up to you how to put a file integrity checker to good effect - and how to set up automated checks if you think it adds a level of - safety (e.g. detecting failed/incomplete compromises or unauthorized - modification of special files). On a compromised system, the - intruder could disable the automated check. Or he could replace the - AIDE binary, config file and database easily when they are not - located on read-only media. - diff --git a/Skip-reading-section-data-if-the-section-doesn-t-con.patch b/Skip-reading-section-data-if-the-section-doesn-t-con.patch deleted file mode 100644 index 0d11779..0000000 --- a/Skip-reading-section-data-if-the-section-doesn-t-con.patch +++ /dev/null @@ -1,27 +0,0 @@ -From dd98dbd23770b8f8b95dc5a08ad5d5546831076a Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Luk=C3=A1=C5=A1=20Jirkovsk=C3=BD?= -Date: Fri, 8 Mar 2019 20:44:51 +0100 -Subject: [PATCH 19/20] Skip reading section data if the section doesn't - contain any table. - -Fixes floating point exception on go files. ---- - src/do_md.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/do_md.c b/src/do_md.c -index 86fde8d..35c0751 100644 ---- a/src/do_md.c -+++ b/src/do_md.c -@@ -99,7 +99,7 @@ int is_prelinked(int fd) { - while (!bingo && (scn = elf_nextscn(elf, scn)) != NULL) { - (void) gelf_getshdr(scn, &shdr); - -- if (shdr.sh_type != SHT_DYNAMIC) -+ if (shdr.sh_type != SHT_DYNAMIC || shdr.sh_entsize == 0) - continue; - - while (!bingo && (data = elf_getdata (scn, data)) != NULL) { --- -2.19.1 - diff --git a/aide-0.16.tar.gz b/aide-0.16.tar.gz deleted file mode 100644 index 4ab3793..0000000 Binary files a/aide-0.16.tar.gz and /dev/null differ diff --git a/aide-0.16b1-fipsfix.patch b/aide-0.16b1-fipsfix.patch deleted file mode 100644 index 434d74e..0000000 --- a/aide-0.16b1-fipsfix.patch +++ /dev/null @@ -1,103 +0,0 @@ -diff -up ./src/aide.c.orig ./aide-0.16b1/src/aide.c ---- ./src/aide.c.orig 2016-07-12 11:10:08.013158385 +0200 -+++ ./src/aide.c 2016-07-12 11:30:54.867833064 +0200 -@@ -511,9 +511,28 @@ int main(int argc,char**argv) - #endif - umask(0177); - init_sighandler(); -- - setdefaults_before_config(); - -+#if WITH_GCRYPT -+ error(255,"Gcrypt library initialization\n"); -+ /* -+ * Initialize libgcrypt as per -+ * http://www.gnupg.org/documentation/manuals/gcrypt/Initializing-the-library.html -+ * -+ * -+ */ -+ gcry_control(GCRYCTL_SET_ENFORCED_FIPS_FLAG, 0); -+ gcry_control(GCRYCTL_INIT_SECMEM, 1); -+ -+ if(!gcry_check_version(GCRYPT_VERSION)) { -+ error(0,"libgcrypt version mismatch\n"); -+ exit(VERSION_MISMATCH_ERROR); -+ } -+ -+ gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0); -+#endif /* WITH_GCRYPT */ -+ -+ - if(read_param(argc,argv)==RETFAIL){ - error(0, _("Invalid argument\n") ); - exit(INVALID_ARGUMENT_ERROR); -@@ -646,6 +665,9 @@ int main(int argc,char**argv) - } - #endif - } -+#ifdef WITH_GCRYPT -+ gcry_control(GCRYCTL_TERM_SECMEM, 0); -+#endif /* WITH_GCRYPT */ - return RETOK; - } - const char* aide_key_3=CONFHMACKEY_03; -diff -up ./src/md.c.orig ./aide-0.16b1/src/md.c ---- ./src/md.c.orig 2016-04-15 23:30:16.000000000 +0200 -+++ ./src/md.c 2016-07-12 11:35:04.007675329 +0200 -@@ -201,14 +201,7 @@ int init_md(struct md_container* md) { - } - #endif - #ifdef WITH_GCRYPT -- error(255,"Gcrypt library initialization\n"); -- if(!gcry_check_version(GCRYPT_VERSION)) { -- error(0,"libgcrypt version mismatch\n"); -- exit(VERSION_MISMATCH_ERROR); -- } -- gcry_control(GCRYCTL_DISABLE_SECMEM, 0); -- gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0); -- if(gcry_md_open(&md->mdh,0,0)!=GPG_ERR_NO_ERROR){ -+ if(gcry_md_open(&md->mdh,0,GCRY_MD_FLAG_SECURE)!=GPG_ERR_NO_ERROR){ - error(0,"gcrypt_md_open failed\n"); - exit(IO_ERROR); - } -@@ -299,7 +292,7 @@ int close_md(struct md_container* md) { - - /*. There might be more hashes in the library. Add those here.. */ - -- gcry_md_reset(md->mdh); -+ gcry_md_close(md->mdh); - #endif - - #ifdef WITH_MHASH -diff -up ./src/util.c.orig ./aide-0.16b1/src/util.c ---- ./src/util.c.orig 2016-07-12 11:39:17.023437355 +0200 -+++ ./src/util.c 2016-07-12 11:39:51.618721157 +0200 -@@ -519,28 +519,5 @@ int syslog_facility_lookup(char *s) - return(AIDE_SYSLOG_FACILITY); - } - --/* We need these dummy stubs to fool the linker into believing that -- we do not need them at link time */ -- --void* dlopen(char*filename,int flag) --{ -- return NULL; --} -- --void* dlsym(void*handle,char*symbol) --{ -- return NULL; --} -- --void* dlclose(void*handle) --{ -- return NULL; --} -- --const char* dlerror(void) --{ -- return NULL; --} -- - const char* aide_key_2=CONFHMACKEY_02; - const char* db_key_2=DBHMACKEY_02; diff --git a/aide-0.16rc1-man.patch b/aide-0.16rc1-man.patch deleted file mode 100644 index 4715552..0000000 --- a/aide-0.16rc1-man.patch +++ /dev/null @@ -1,15 +0,0 @@ -diff -up ./doc/aide.1.in.orig ./doc/aide.1.in ---- ./doc/aide.1.in.orig 2016-07-12 16:10:01.724595895 +0200 -+++ ./doc/aide.1.in 2016-07-12 16:06:21.968639822 +0200 -@@ -103,9 +103,9 @@ echo | base64 \-d | h - .SH FILES - .IP \fB@sysconfdir@/aide.conf\fR - Default aide configuration file. --.IP \fB@sysconfdir@/aide.db\fR -+.IP \fB@localstatedir@/lib/aide/aide.db\fR - Default aide database. --.IP \fB@sysconfdir@/aide.db.new\fR -+.IP \fB@localstatedir@/lib/aide/aide.db.new\fR - Default aide output database. - .SH SEE ALSO - .BR aide.conf (5) diff --git a/aide-define_hash_use_gcrypt.patch b/aide-define_hash_use_gcrypt.patch deleted file mode 100644 index e643a00..0000000 --- a/aide-define_hash_use_gcrypt.patch +++ /dev/null @@ -1,37 +0,0 @@ -diff -Nur aide-0.16/include/md.h aide-0.16.new/include/md.h ---- aide-0.16/include/md.h 2016-07-25 22:56:55.000000000 +0200 -+++ aide-0.16.new/include/md.h 2018-11-21 14:07:01.347479021 +0100 -@@ -48,7 +48,7 @@ - #define HASH_GCRYPT_COUNT GCRY_MD_CRC32 - #ifndef WITH_MHASH - #define HASH_USE_GCRYPT (DB_MD5|DB_SHA1|DB_RMD160|DB_TIGER|DB_CRC32|\ -- DB_HAVAL|DB_CRC32|DB_SHA256|DB_SHA512) -+ DB_CRC32B|DB_SHA256|DB_SHA512) - #endif - #endif - -diff -Nur aide-0.16/src/md.c aide-0.16.new/src/md.c ---- aide-0.16/src/md.c 2016-07-25 22:56:55.000000000 +0200 -+++ aide-0.16.new/src/md.c 2018-11-21 14:06:05.602295496 +0100 -@@ -55,10 +55,12 @@ - r=DB_TIGER; - break; - } -+/* until libgcrypt-1.8.4 not implemented yet, see doc/gcrypt.info-1 - case GCRY_MD_HAVAL: { - r=DB_HAVAL; - break; - } -+*/ - case GCRY_MD_SHA256: { - r=DB_SHA256; - break; -@@ -219,7 +221,7 @@ - if(gcry_md_enable(md->mdh,i)==GPG_ERR_NO_ERROR){ - md->calc_attr|=h; - } else { -- error(0,"gcry_md_enable %i failed",i); -+ error(0,"gcry_md_enable %i failed, see /usr/include/gcrypt.h enum gcry_md_algos",i); - md->todo_attr&=~h; - } - } diff --git a/aide.conf b/aide.conf deleted file mode 100644 index cd95c01..0000000 --- a/aide.conf +++ /dev/null @@ -1,223 +0,0 @@ -# Example configuration file for AIDE. - -@@define DBDIR /var/lib/aide -@@define LOGDIR /var/log/aide - -# The location of the database to be read. -database=file:@@{DBDIR}/aide.db.gz - -# The location of the database to be written. -#database_out=sql:host:port:database:login_name:passwd:table -#database_out=file:aide.db.new -database_out=file:@@{DBDIR}/aide.db.new.gz - -# Whether to gzip the output to database -gzip_dbout=yes - -# Default. -verbose=5 - -report_url=file:@@{LOGDIR}/aide.log -report_url=stdout -#report_url=stderr -#NOT IMPLEMENTED report_url=mailto:root@foo.com -#NOT IMPLEMENTED report_url=syslog:LOG_AUTH - -# These are the default rules. -# -#p: permissions -#i: inode: -#n: number of links -#u: user -#g: group -#s: size -#b: block count -#m: mtime -#a: atime -#c: ctime -#S: check for growing size -#acl: Access Control Lists -#selinux SELinux security context -#xattrs: Extended file attributes -#md5: md5 checksum -#sha1: sha1 checksum -#sha256: sha256 checksum -#sha512: sha512 checksum -#rmd160: rmd160 checksum -#tiger: tiger checksum - -#haval: haval checksum (MHASH only) -#gost: gost checksum (MHASH only) -#crc32: crc32 checksum (MHASH only) -#whirlpool: whirlpool checksum (MHASH only) - -FIPSR = p+i+n+u+g+s+m+c+acl+selinux+xattrs+sha256 - -#R: p+i+n+u+g+s+m+c+acl+selinux+xattrs+md5 -#L: p+i+n+u+g+acl+selinux+xattrs -#E: Empty group -#>: Growing logfile p+u+g+i+n+S+acl+selinux+xattrs - -# You can create custom rules like this. -# With MHASH... -# ALLXTRAHASHES = sha1+rmd160+sha256+sha512+whirlpool+tiger+haval+gost+crc32 -ALLXTRAHASHES = sha1+rmd160+sha256+sha512+tiger -# Everything but access time (Ie. all changes) -EVERYTHING = R+ALLXTRAHASHES - -# Sane, with multiple hashes -# NORMAL = R+rmd160+sha256+whirlpool -NORMAL = FIPSR+sha512 - -# For directories, don't bother doing hashes -DIR = p+i+n+u+g+acl+selinux+xattrs - -# Access control only -PERMS = p+i+u+g+acl+selinux - -# Logfile are special, in that they often change -LOG = > - -# Just do sha256 and sha512 hashes -LSPP = FIPSR+sha512 - -# Some files get updated automatically, so the inode/ctime/mtime change -# but we want to know when the data inside them changes -DATAONLY = p+n+u+g+s+acl+selinux+xattrs+sha256 - -# Next decide what directories/files you want in the database. - -/boot NORMAL -/bin NORMAL -/sbin NORMAL -/lib NORMAL -/lib64 NORMAL -/opt NORMAL -/usr NORMAL -/root NORMAL -# These are too volatile -!/usr/src -!/usr/tmp - -# Check only permissions, inode, user and group for /etc, but -# cover some important files closely. -/etc PERMS -!/etc/mtab -# Ignore backup files -!/etc/.*~ -/etc/exports NORMAL -/etc/fstab NORMAL -/etc/passwd NORMAL -/etc/group NORMAL -/etc/gshadow NORMAL -/etc/shadow NORMAL -/etc/security/opasswd NORMAL - -/etc/hosts.allow NORMAL -/etc/hosts.deny NORMAL - -/etc/sudoers NORMAL -/etc/skel NORMAL - -/etc/logrotate.d NORMAL - -/etc/resolv.conf DATAONLY - -/etc/nscd.conf NORMAL -/etc/securetty NORMAL - -# Shell/X starting files -/etc/profile NORMAL -/etc/bashrc NORMAL -/etc/bash_completion.d/ NORMAL -/etc/login.defs NORMAL -/etc/zprofile NORMAL -/etc/zshrc NORMAL -/etc/zlogin NORMAL -/etc/zlogout NORMAL -/etc/profile.d/ NORMAL -/etc/X11/ NORMAL - -# Pkg manager -/etc/yum.conf NORMAL -/etc/yumex.conf NORMAL -/etc/yumex.profiles.conf NORMAL -/etc/yum/ NORMAL -/etc/yum.repos.d/ NORMAL - -/var/log LOG -/var/run/utmp LOG - -# This gets new/removes-old filenames daily -!/var/log/sa -# As we are checking it, we've truncated yesterdays size to zero. -!/var/log/aide.log - -# LSPP rules... -# AIDE produces an audit record, so this becomes perpetual motion. -# /var/log/audit/ LSPP -/etc/audit/ LSPP -/etc/libaudit.conf LSPP -/usr/sbin/stunnel LSPP -/var/spool/at LSPP -/etc/at.allow LSPP -/etc/at.deny LSPP -/etc/cron.allow LSPP -/etc/cron.deny LSPP -/etc/cron.d/ LSPP -/etc/cron.daily/ LSPP -/etc/cron.hourly/ LSPP -/etc/cron.monthly/ LSPP -/etc/cron.weekly/ LSPP -/etc/crontab LSPP -/var/spool/cron/root LSPP - -/etc/login.defs LSPP -/etc/securetty LSPP -/var/log/faillog LSPP -/var/log/lastlog LSPP - -/etc/hosts LSPP -/etc/sysconfig LSPP - -/etc/inittab LSPP -/etc/grub/ LSPP -/etc/rc.d LSPP - -/etc/ld.so.conf LSPP - -/etc/localtime LSPP - -/etc/sysctl.conf LSPP - -/etc/modprobe.conf LSPP - -/etc/pam.d LSPP -/etc/security LSPP -/etc/aliases LSPP -/etc/postfix LSPP - -/etc/ssh/sshd_config LSPP -/etc/ssh/ssh_config LSPP - -/etc/stunnel LSPP - -/etc/vsftpd.ftpusers LSPP -/etc/vsftpd LSPP - -/etc/issue LSPP -/etc/issue.net LSPP - -/etc/cups LSPP - -# With AIDE's default verbosity level of 5, these would give lots of -# warnings upon tree traversal. It might change with future version. -# -#=/lost\+found DIR -#=/home DIR - -# Ditto /var/log/sa reason... -!/var/log/and-httpd - -# Admins dot files constantly change, just check perms -/root/\..* PERMS diff --git a/aide.logrotate b/aide.logrotate deleted file mode 100644 index 614c6a6..0000000 --- a/aide.logrotate +++ /dev/null @@ -1,9 +0,0 @@ -/var/log/aide/*.log { - weekly - missingok - rotate 4 - compress - delaycompress - copytruncate - minsize 100k -} diff --git a/aide.spec b/aide.spec deleted file mode 100644 index 2ea2208..0000000 --- a/aide.spec +++ /dev/null @@ -1,112 +0,0 @@ -Name: aide -Version: 0.16 -Release: 14 -Summary: Advanced Intrusion Detection Environment -License: GPLv2+ -URL: http://sourceforge.net/projects/aide -Source0: http://sourceforge.net/projects/aide/files/aide/%{version}/%{name}-%{version}.tar.gz -Source1: aide.conf -Source2: README.quickstart -Source3: aide.logrotate - -BuildRequires: gcc make bison flex pcre-devel libgpg-error-devel libgcrypt-devel zlib-devel libcurl-devel -BuildRequires: libacl-devel libselinux-devel libattr-devel e2fsprogs-devel audit-libs-devel git - -Patch1: aide-0.16rc1-man.patch -Patch2: aide-0.16b1-fipsfix.patch -Patch6000: aide-define_hash_use_gcrypt.patch -Patch6001: Fix-short-form-of-limit-parameter.patch -Patch6002: Fix-root_prefix-option.patch -Patch6003: Add-missing-include-in-src-db.c.patch -Patch6004: src-do_md.c-fix-memory-leak-in-is_prelinked.patch -Patch6005: Skip-reading-section-data-if-the-section-doesn-t-con.patch - -%description -AIDE (Advanced Intrusion Detection Environment, [eyd]) is a file and directory integrity checker. -It creates a database from the regular expression rules that it finds from the config file(s). -Once this database is initialized it can be used to verify the integrity of the files. - -%package_help - -%prep -%autosetup -n %{name}-%{version} -p1 -Sgit - -%build -%configure --disable-static --with-config_file=%{_sysconfdir}/aide.conf --with-gcrypt --with-zlib \ - --with-curl --with-posix-acl --with-selinux --with-xattr --with-e2fsattrs --with-audit -make %{?_smp_mflags} - -%install -%make_install bindir=%{_sbindir} -install -Dpm0644 -t %{buildroot}%{_sysconfdir} %{S:1} -install -Dpm0644 -t %{buildroot}%{_datadir}/doc/aide-help %{S:2} -install -Dpm0644 -t %{buildroot}%{_sysconfdir}/logrotate.d/aide %{S:3} -mkdir -p %{buildroot}%{_localstatedir}/log/aide -mkdir -p -m0700 %{buildroot}%{_localstatedir}/lib/aide - -%pre - -%preun - -%post - -%postun - -%files -%defattr(-,root,root) -%license COPYING AUTHORS -%doc ChangeLog contrib/ -%{_sbindir}/* -%config(noreplace) %attr(0600,root,root) %{_sysconfdir}/aide.conf -%config(noreplace) %{_sysconfdir}/logrotate.d/aide -%dir %attr(0700,root,root) %{_localstatedir}/lib/aide -%dir %attr(0700,root,root) %{_localstatedir}/log/aide - -%files help -%defattr(-,root,root) -%doc NEWS README doc/manual.html README.quickstart -%{_mandir}/*/* - -%changelog -* Wed Oct 9 2019 openEuler Buildteam - 0.16-14 -- Type:enhancement -- ID:NA -- SUG:NA -- DESC: change the directory of AUTHORS - -* Sat Sep 21 2019 openEuler Buildteam - 0.16-13 -- Type:enhancement -- ID:NA -- SUG:NA -- DESC:revise description - -* Fri Aug 23 2019 openEuler Buildteam - 0.16-12 -- Type:bugfix -- ID:NA -- SUG:NA -- DESC:strengthen spec - -* Tue Aug 20 2019 guoxiaoqi - 0.16-11 -- Type:bugfix -- ID:NA -- SUG:NA -- DESC:rename patches - -* Tue Apr 9 2019 wangxiao - 0.16-10 -- Type:bugfix -- ID:NA -- SUG:restart -- DESC:Fix short form of --limit parameter - Fix root_prefix option - Add missing include in src/db.c - Fix memory leak in is_prelinked - Skip reading section data if the section doesn't contain any table. - -* Sun Apr 7 2019 zoujing - 0.16-9 -- Type:enhancement -- ID:NA -- SUG:restart -- DESC: backport patch for fixing "DBG: md_enable: algorithm 7 not available" - -* Tue Jul 31 2018 openEuler Buildteam - 0.16-8 -- Package init diff --git a/src-do_md.c-fix-memory-leak-in-is_prelinked.patch b/src-do_md.c-fix-memory-leak-in-is_prelinked.patch deleted file mode 100644 index 9c5ca0a..0000000 --- a/src-do_md.c-fix-memory-leak-in-is_prelinked.patch +++ /dev/null @@ -1,48 +0,0 @@ -From 242ce0bd6cedbbc989c565364679c57ee9171424 Mon Sep 17 00:00:00 2001 -From: Hannes von Haugwitz -Date: Fri, 7 Dec 2018 08:16:08 +0100 -Subject: [PATCH 10/20] src/do_md.c: fix memory leak in is_prelinked - -* thanks to Robert Springer for the patch -* closes #103 ---- - ChangeLog | 4 ++++ - src/do_md.c | 7 +++++-- - 2 files changed, 9 insertions(+), 2 deletions(-) - -diff --git a/src/do_md.c b/src/do_md.c -index bc06e62..86fde8d 100644 ---- a/src/do_md.c -+++ b/src/do_md.c -@@ -1,7 +1,7 @@ - /* aide, Advanced Intrusion Detection Environment - * vi: ts=8 sw=8 - * -- * Copyright (C) 1999-2002,2004-2006,2009-2011,2013 Rami Lehti, Pablo -+ * Copyright (C) 1999-2002,2004-2006,2009-2011,2013,2018 Rami Lehti, Pablo - * Virolainen, Mike Markley, Richard van den Berg, Hannes von Haugwitz - * $Header$ - * -@@ -90,8 +90,10 @@ int is_prelinked(int fd) { - if ((elf = elf_begin (fd, ELF_C_READ, NULL)) == NULL - || elf_kind(elf) != ELF_K_ELF - || gelf_getehdr(elf, &ehdr) == NULL -- || !(ehdr.e_type == ET_DYN || ehdr.e_type == ET_EXEC)) -+ || !(ehdr.e_type == ET_DYN || ehdr.e_type == ET_EXEC)) { -+ elf_end(elf); - return 0; -+ } - - bingo = 0; - while (!bingo && (scn = elf_nextscn(elf, scn)) != NULL) { -@@ -113,6 +115,7 @@ int is_prelinked(int fd) { - } - } - } -+ elf_end(elf); - - return bingo; - } --- -2.19.1 -