packages/audit
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
audit/audit.spec

384 lines
14 KiB
RPMSpec
Raw Blame History

Summary: User space tools for kernel auditing
Name: audit
Epoch: 1
Version: 3.0
Release: 3
License: GPLv2+ and LGPLv2+
URL: https://people.redhat.com/sgrubb/audit/
Source0: https://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
Source1: https://www.gnu.org/licenses/lgpl-2.1.txt
Patch0: bugfix-audit-support-armv7b.patch
Patch1: bugfix-audit-userspace-missing-syscalls-for-aarm64.patch
Patch2: bugfix-audit-reload-coredump.patch
Patch3: backport-Fix-the-default-location-for-zos-remote.conf-171.patch
Patch4: backport-Add-missing-call-to-free_interpretation_list.patch
Patch5: backport-fix-2-more-issues-found-by-fuzzing.patch
Patch6: backport-Fix-an-auparse-memory-leak-caused-in-recent-glibc.patch
Patch7: backport-Fix-double-free-with-corrupted-logs.patch
BuildRequires: gcc swig libtool systemd kernel-headers >= 2.6.29
BuildRequires: openldap-devel krb5-devel libcap-ng-devel
%ifarch %{golang_arches}
BuildRequires: golang
%endif
Requires: %{name}-libs = %{epoch}:%{version}-%{release}
Requires(post): systemd coreutils
Requires(preun): systemd
Requires(postun): systemd coreutils
%description
The audit package contains the user space utilities for storing and searching
the audit records generated by the audit subsystem in the Linux 2.6 and later
kernels.
%package libs
Summary: Dynamic library for libaudit
License: LGPLv2+
%description libs
The audit-libs package contains the dynamic libraries needed for
applications to use the audit framework.
%package -n audispd-plugins
Summary: Plugins for audit event dispatcher
License: GPLv2+
Requires: %{name} = %{epoch}:%{version}-%{release}
Requires: %{name}-libs = %{epoch}:%{version}-%{release}
%description -n audispd-plugins
This package provides plugins for the real-time interface to audispd.
%package -n audispd-plugins-zos
Summary: z/OS plugin for audit event dispatcher
License: GPLv2+
Requires: %{name} = %{epoch}:%{version}-%{release}
Requires: %{name}-libs = %{epoch}:%{version}-%{release}
Requires: openldap
%description -n audispd-plugins-zos
This package provides a z/OS plugin for audit event dispatcher that
will forward audit events to a configured z/OS service management facility
database.
%package devel
Summary: Header files for libaudit
License: LGPLv2+
Requires: %{name}%{?_isa} = %{epoch}:%{version}-%{release}
Requires: kernel-headers >= 2.6.29
Provides: audit-libs-devel audit-libs-static
%description devel
The audit-libs-devel package contains the header files needed for developing
applications that need to use the audit framework libraries.
%package -n python3-audit
Summary: Python3 bindings for libaudit
License: LGPLv2+
BuildRequires: python3-devel
Requires: %{name}%{?_isa} = %{epoch}:%{version}-%{release}
Provides: audit-libs-python3 = %{version}-%{release}
Provides: audit-libs-python3%{?_isa} = %{version}-%{release}
Obsoletes: audit-libs-python3 < %{version}-%{release}
%description -n python3-audit
The python3-audit package contains the bindings so that libaudit and
libauparse can be used by python3.
%package_help
%prep
%autosetup -n %{name}-%{version} -p1
cp %{SOURCE1} .
autoreconf -f -i
%build
%configure --sbindir=/sbin --libdir=/%{_lib} --with-python=no \
--with-python3=yes \
--enable-gssapi-krb5=yes --with-arm --with-aarch64 \
--with-libcap-ng=yes --enable-zos-remote \
%ifarch %{golang_arches}
--with-golang \
%endif
--enable-systemd
make CFLAGS="%{optflags}" %{?_smp_mflags}
%install
mkdir -p $RPM_BUILD_ROOT/{sbin,etc/audit/plugins.d,etc/audit/rules.d}
mkdir -p $RPM_BUILD_ROOT/%{_mandir}/{man5,man8}
mkdir -p $RPM_BUILD_ROOT/%{_lib}
mkdir -p $RPM_BUILD_ROOT/%{_libdir}/audit
mkdir -p --mode=0700 $RPM_BUILD_ROOT/%{_var}/log/audit
mkdir -p $RPM_BUILD_ROOT/%{_var}/spool/audit
make DESTDIR=$RPM_BUILD_ROOT install
mkdir -p $RPM_BUILD_ROOT/%{_libdir}
mv $RPM_BUILD_ROOT/%{_lib}/libaudit.a $RPM_BUILD_ROOT%{_libdir}
mv $RPM_BUILD_ROOT/%{_lib}/libauparse.a $RPM_BUILD_ROOT%{_libdir}
curdir=`pwd`
cd $RPM_BUILD_ROOT/%{_libdir}
LIBNAME=`basename \`ls $RPM_BUILD_ROOT/%{_lib}/libaudit.so.1.*.*\``
ln -s ../../%{_lib}/$LIBNAME libaudit.so
LIBNAME=`basename \`ls $RPM_BUILD_ROOT/%{_lib}/libauparse.so.0.*.*\``
ln -s ../../%{_lib}/$LIBNAME libauparse.so
cd $curdir
rm -f $RPM_BUILD_ROOT/%{_lib}/libaudit.so
rm -f $RPM_BUILD_ROOT/%{_lib}/libauparse.so
find $RPM_BUILD_ROOT/%{_libdir}/python?.?/site-packages -name '*.a' -delete
mv $RPM_BUILD_ROOT/%{_lib}/pkgconfig $RPM_BUILD_ROOT%{_libdir}
touch -r ./audit.spec $RPM_BUILD_ROOT/etc/libaudit.conf
touch -r ./audit.spec $RPM_BUILD_ROOT/usr/share/man/man5/libaudit.conf.5.gz
%delete_la
%check
%ifarch %{golang_arches}
make check
%endif
rm -f rules/Makefile*
%pre
if [ -d "/etc/audisp/" ];then
# custom plugins, copy config files from /etc/audisp/plugins.d to /etc/audit/plugins.d
# self-plugins confile files will be overwritten when installing
self_config_files_285=(syslog.conf au-remote.conf audispd-zos-remote.conf af_unix.conf)
plugins_config_files=`ls /etc/audisp/plugins.d/*.conf 2>/dev/null | wc -w`
if [ $plugins_config_files -gt 0 ];then
if [ ! -d /etc/audit/plugins.d/ ];then
mkdir -p /etc/audit/plugins.d/
fi
for file in `/usr/bin/ls /etc/audisp/plugins.d/*.conf`
do
if [[ " ${self_config_files_285} " =~ " `/usr/bin/basename $file` " ]];then
continue
else
if [ ! -f /etc/audit/plugins.d/`/usr/bin/basename $file` ];then
cp $file /etc/audit/plugins.d/
fi
fi
done
fi
fi
%post
/sbin/ldconfig
files=`ls /etc/audit/rules.d/ 2>/dev/null | wc -w`
if [ "$files" -eq 0 ] ; then
if [ -e /usr/share/doc/audit/rules/10-no-audit.rules ] ; then
cp /usr/share/doc/audit/rules/10-no-audit.rules /etc/audit/rules.d/audit.rules
else
touch /etc/audit/rules.d/audit.rules
fi
chmod 0600 /etc/audit/rules.d/audit.rules
fi
# merge custom changes to new file
if [ -d "/etc/audisp/" ];then
if [ -s "/etc/audisp/plugins.d/af_unix.conf" ];then
diffrence=`diff /etc/audisp/plugins.d/af_unix.conf /etc/audit/plugins.d/af_unix.conf`
if [ "X$diffrence" != "X" ];then
cp /etc/audisp/plugins.d/af_unix.conf /etc/audit/plugins.d/af_unix.conf
fi
fi
fi
%systemd_post auditd.service
%post -n audispd-plugins
# after installing audispd-plugins
if [ -d "/etc/audisp/" ];then
for file in audisp-remote.conf au-remote.conf syslog.conf
do
# merge custom changes to new file
if [ "$file" == "audisp-remote.conf" ];then
if [ -s "/etc/audisp/$file" ];then
diffrence=`diff /etc/audisp/$file /etc/audit/$file`
if [ "X$diffrence" != "X" ];then
cp /etc/audisp/$file /etc/audit/$file
if [ "X`grep startup_failure_action /etc/audit/$file`" == "X" ];then
# add option in new version
echo "startup_failure_action = warn_once_continue" >> /etc/audit/$file
fi
fi
fi
elif [ "$file" == "syslog.conf" ];then
if [ -s "/etc/audisp/plugins.d/$file" ];then
diffrence=`diff /etc/audisp/plugins.d/$file /etc/audit/plugins.d/$file`
if [ "X$diffrence" != "X" ];then
cp /etc/audisp/plugins.d/syslog.conf /etc/audit/plugins.d/syslog.conf
# change options "path" and "type"
sed -i 's/path[ ]*=[ ]*builtin_syslog/path\ =\ \/sbin\/audisp-syslog/g' /etc/audit/plugins.d/syslog.conf
sed -i 's/type[ ]*=[ ]*builtin/type\ =\ always/g' /etc/audit/plugins.d/syslog.conf
fi
fi
else
if [ -s "/etc/audisp/plugins.d/$file" ];then
diffrence=`diff /etc/audisp/plugins.d/$file /etc/audit/plugins.d/$file`
if [ "X$diffrence" != "X" ];then
cp /etc/audisp/plugins.d/$file /etc/audit/plugins.d/$file
fi
fi
fi
done
fi
%post -n audispd-plugins-zos
# after installing audispd-plugins-zos
if [ -d "/etc/audisp/" ];then
for file in audispd-zos-remote.conf zos-remote.conf
do
# merge custom changes to new file
if [ "$file" == "zos-remote.conf" ];then
if [ -s "/etc/audisp/$file" ];then
diffrence=`diff /etc/audisp/$file /etc/audit/$file`
if [ "X$diffrence" != "X" ];then
cp /etc/audisp/$file /etc/audit/$file
fi
fi
elif [ "$file" == "audispd-zos-remote.conf" ];then
if [ -s "/etc/audisp/plugins.d/$file" ];then
diffrence=`diff /etc/audisp/plugins.d/$file /etc/audit/plugins.d/$file`
if [ "X$diffrence" != "X" ];then
cp /etc/audisp/plugins.d/$file /etc/audit/plugins.d/$file
# change option "args"
sed -i 's/\/etc\/audisp\/zos-remote\.conf/\/etc\/audit\/zos-remote\.conf/g' /etc/audit/plugins.d/$file
fi
fi
fi
done
fi
%preun
%systemd_preun auditd.service
%postun
/sbin/ldconfig
if [ $1 -ge 1 ]; then
/sbin/service auditd condrestart > /dev/null 2>&1 || :
fi
%files
%doc README
%{!?_licensedir:%global license %%doc}
%license COPYING lgpl-2.1.txt
%attr(755,root,root) /sbin/auditctl
%attr(755,root,root) /sbin/auditd
%attr(755,root,root) /sbin/ausearch
%attr(755,root,root) /sbin/aureport
%attr(750,root,root) /sbin/autrace
%attr(755,root,root) /sbin/augenrules
%attr(755,root,root) %{_bindir}/aulast
%attr(755,root,root) %{_bindir}/aulastlog
%attr(755,root,root) %{_bindir}/ausyscall
%attr(755,root,root) %{_bindir}/auvirt
%attr(644,root,root) %{_unitdir}/auditd.service
%attr(750,root,root) %dir %{_libexecdir}/initscripts/legacy-actions/auditd
%attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/condrestart
%attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/reload
%attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/restart
%attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/resume
%attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/rotate
%attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/state
%attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/stop
%ghost %{_localstatedir}/run/auditd.state
%attr(750,root,root) %dir %{_var}/log/audit
%attr(750,root,root) %dir /etc/audit
%attr(750,root,root) %dir /etc/audit/rules.d
%attr(750,root,root) %dir /etc/audit/plugins.d
%config(noreplace) %attr(640,root,root) /etc/audit/auditd.conf
%ghost %config(noreplace) %attr(600,root,root) /etc/audit/rules.d/audit.rules
%ghost %config(noreplace) %attr(640,root,root) /etc/audit/audit.rules
%config(noreplace) %attr(640,root,root) /etc/audit/audit-stop.rules
%config(noreplace) %attr(640,root,root) /etc/audit/plugins.d/af_unix.conf
%files libs
/%{_lib}/libaudit.so.1*
/%{_lib}/libauparse.*
%config(noreplace) %attr(640,root,root) /etc/libaudit.conf
%files -n audispd-plugins
%config(noreplace) %attr(640,root,root) /etc/audit/audisp-remote.conf
%config(noreplace) %attr(640,root,root) /etc/audit/plugins.d/au-remote.conf
%config(noreplace) %attr(640,root,root) /etc/audit/plugins.d/syslog.conf
%attr(750,root,root) /sbin/audisp-remote
%attr(750,root,root) /sbin/audisp-syslog
%attr(700,root,root) %dir %{_var}/spool/audit
%files -n audispd-plugins-zos
%config(noreplace) %attr(640,root,root) /etc/audit/plugins.d/audispd-zos-remote.conf
%config(noreplace) %attr(640,root,root) /etc/audit/zos-remote.conf
%attr(750,root,root) /sbin/audispd-zos-remote
%files devel
%defattr(-,root,root)
%doc contrib/plugin
%{!?_licensedir:%global license %%doc}
%license lgpl-2.1.txt
%{_libdir}/libaudit.so
%{_libdir}/libauparse.so
%ifarch %{golang_arches}
%dir %{_prefix}/lib/golang/src/pkg/redhat.com/audit
%{_prefix}/lib/golang/src/pkg/redhat.com/audit/audit.go
%endif
%{_includedir}/libaudit.h
%{_includedir}/auparse.h
%{_includedir}/auparse-defs.h
%{_datadir}/aclocal/audit.m4
%{_libdir}/pkgconfig/audit.pc
%{_libdir}/pkgconfig/auparse.pc
%{_libdir}/libaudit.a
%{_libdir}/libauparse.a
%files -n python3-audit
%attr(755,root,root) %{python3_sitearch}/*
%files help
%defattr(-,root,root)
%doc ChangeLog rules init.d/auditd.cron
%attr(644,root,root) %{_datadir}/%{name}/sample-rules/*
%attr(644,root,root) %{_mandir}/man3/*.3.gz
%attr(644,root,root) %{_mandir}/man5/*.5.gz
%attr(644,root,root) %{_mandir}/man7/*.7.gz
%attr(644,root,root) %{_mandir}/man8/*.8.gz
%changelog
* Wed Sep 1 2021 steven.ygui <steven_ygui@163.com> - 3.0-3
- backport some patches to fix memory leak and double free issues
* Fri May 28 2021 yixiangzhike <zhangxingliang3@huawei.com> - 3.0-2
- solve the script failure when package upgrade
* Tue May 25 2021 yixiangzhike <zhangxingliang3@huawei.com> - 3.0-1
- update to 3.0
* Mon May 24 2021 yixiangzhike <zhangxingliang3@huawei.com> - 2.8.5-4
- fix directory permissions for /etc/audisp and /etc/audisp/plugins.d
* Thu Oct 29 2020 zhangxingliang <zhangxingliang3@huawei.com> - 2.8.5-3
- remove python2 subpackage
* Wed Aug 19 2020 wangchen <wangchen137@huawei.com> - 2.8.5-2
- add epoch for requires
* Wed Jul 29 2020 wangchen <wangchen137@huawei.com> - 2.8.5-1
- revert to 2.8.5
* Wed Jan 22 2020 openEuler Buildteam <buildteam@openeuler.org> - 3.0-5
- add subpackages
* Tue Jan 14 2020 openEuler Buildteam <buildteam@openeuler.org> - 3.0-4
- clean code
* Wed Oct 9 2019 openEuler Buildteam <buildteam@openeuler.org> - 3.0-3
- Adjust requires
* Sun Sep 29 2019 openEuler Buildteam <buildteam@openeuler.org> - 3.0-2
- Fix the auditctl error
* Sat Sep 21 2019 openEuler Buildteam <buildteam@openeuler.org> - 3.0-1
- Package init
Reference in New Issue View Git Blame Copy Permalink