|
Packit |
f0d170 |
%{!?python_sitearch: %define python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")}
|
|
Packit |
f0d170 |
|
|
Packit |
f0d170 |
Summary: User space tools for kernel auditing
|
|
Packit |
f0d170 |
Name: audit
|
|
Packit |
f0d170 |
Version: 3.0
|
|
Packit |
f0d170 |
Release: 1
|
|
Packit |
f0d170 |
License: GPLv2+
|
|
Packit |
f0d170 |
Group: System Environment/Daemons
|
|
Packit |
f0d170 |
URL: http://people.redhat.com/sgrubb/audit/
|
|
Packit |
f0d170 |
Source0: http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
|
|
Packit |
f0d170 |
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
|
|
Packit |
f0d170 |
BuildRequires: gcc
|
|
Packit |
f0d170 |
BuildRequires: golang
|
|
Packit |
f0d170 |
BuildRequires: tcp_wrappers-devel krb5-devel libcap-ng-devel
|
|
Packit |
f0d170 |
BuildRequires: kernel-headers >= 2.6.29
|
|
Packit |
f0d170 |
BuildRequires: systemd
|
|
Packit |
f0d170 |
|
|
Packit |
f0d170 |
Requires: %{name}-libs = %{version}-%{release}
|
|
Packit |
f0d170 |
Requires(post): systemd coreutils
|
|
Packit |
f0d170 |
Requires(preun): systemd initscripts
|
|
Packit |
f0d170 |
Requires(postun): systemd coreutils initscript
|
|
Packit |
f0d170 |
|
|
Packit |
f0d170 |
%description
|
|
Packit |
f0d170 |
The audit package contains the user space utilities for
|
|
Packit |
f0d170 |
storing and searching the audit records generated by
|
|
Packit |
f0d170 |
the audit subsystem in the Linux 2.6 and later kernels.
|
|
Packit |
f0d170 |
|
|
Packit |
f0d170 |
%package libs
|
|
Packit |
f0d170 |
Summary: Dynamic library for libaudit
|
|
Packit |
f0d170 |
License: LGPLv2+
|
|
Packit |
f0d170 |
|
|
Packit |
f0d170 |
%description libs
|
|
Packit |
f0d170 |
The audit-libs package contains the dynamic libraries needed for
|
|
Packit |
f0d170 |
applications to use the audit framework.
|
|
Packit |
f0d170 |
|
|
Packit |
f0d170 |
%package libs-devel
|
|
Packit |
f0d170 |
Summary: Header files for libaudit
|
|
Packit |
f0d170 |
License: LGPLv2+
|
|
Packit |
f0d170 |
Requires: %{name}-libs%{?_isa} = %{version}-%{release}
|
|
Packit |
f0d170 |
Requires: kernel-headers >= 2.6.29
|
|
Packit |
f0d170 |
|
|
Packit |
f0d170 |
%description libs-devel
|
|
Packit |
f0d170 |
The audit-libs-devel package contains the header files needed for
|
|
Packit |
f0d170 |
developing applications that need to use the audit framework libraries.
|
|
Packit |
f0d170 |
|
|
Packit |
f0d170 |
%package libs-static
|
|
Packit |
f0d170 |
Summary: Static version of libaudit library
|
|
Packit |
f0d170 |
License: LGPLv2+
|
|
Packit |
f0d170 |
Requires: kernel-headers >= 2.6.29
|
|
Packit |
f0d170 |
|
|
Packit |
f0d170 |
%description libs-static
|
|
Packit |
f0d170 |
The audit-libs-static package contains the static libraries
|
|
Packit |
f0d170 |
needed for developing applications that need to use static audit
|
|
Packit |
f0d170 |
framework libraries
|
|
Packit |
f0d170 |
|
|
Packit |
f0d170 |
%package libs-python2
|
|
Packit |
f0d170 |
Summary: Python2 bindings for libaudit
|
|
Packit |
f0d170 |
License: LGPLv2+
|
|
Packit |
f0d170 |
BuildRequires: python2-devel
|
|
Packit |
f0d170 |
Requires: %{name}-libs%{?_isa} = %{version}-%{release}
|
|
Packit |
f0d170 |
Provides: audit-libs-python = %{version}-%{release}
|
|
Packit |
f0d170 |
Obsoletes: audit-libs-python <= 2.8.3
|
|
Packit |
f0d170 |
|
|
Packit |
f0d170 |
%description libs-python2
|
|
Packit |
f0d170 |
The audit-libs-python2 package contains the bindings so that libaudit
|
|
Packit |
f0d170 |
and libauparse can be used by python2.
|
|
Packit |
f0d170 |
|
|
Packit |
f0d170 |
%package libs-python3
|
|
Packit |
f0d170 |
Summary: Python3 bindings for libaudit
|
|
Packit |
f0d170 |
License: LGPLv2+
|
|
Packit |
f0d170 |
BuildRequires: python3-devel swig
|
|
Packit |
f0d170 |
Requires: %{name}-libs%{?_isa} = %{version}-%{release}
|
|
Packit |
f0d170 |
|
|
Packit |
f0d170 |
%description libs-python3
|
|
Packit |
f0d170 |
The audit-libs-python3 package contains the bindings so that libaudit
|
|
Packit |
f0d170 |
and libauparse can be used by python3.
|
|
Packit |
f0d170 |
|
|
Packit |
f0d170 |
%package -n audispd-plugins
|
|
Packit |
f0d170 |
Summary: Plugins for the audit event dispatcher
|
|
Packit |
f0d170 |
License: GPLv2+
|
|
Packit |
f0d170 |
BuildRequires: openldap-devel
|
|
Packit |
f0d170 |
Requires: %{name} = %{version}-%{release}
|
|
Packit |
f0d170 |
Requires: %{name}-libs%{?_isa} = %{version}-%{release}
|
|
Packit |
f0d170 |
|
|
Packit |
f0d170 |
%description -n audispd-plugins
|
|
Packit |
f0d170 |
The audispd-plugins package provides plugins for the real-time
|
|
Packit |
f0d170 |
interface to the audit system, audispd. These plugins can do things
|
|
Packit |
f0d170 |
like relay events to remote machines or analyze events for suspicious
|
|
Packit |
f0d170 |
behavior.
|
|
Packit |
f0d170 |
|
|
Packit |
f0d170 |
%prep
|
|
Packit |
f0d170 |
%setup -q
|
|
Packit |
f0d170 |
|
|
Packit |
f0d170 |
%build
|
|
Packit |
f0d170 |
%configure --sbindir=/sbin --libdir=/%{_lib} --with-python=yes \
|
|
Packit |
f0d170 |
--with-python3=yes --enable-tcp=yes \
|
|
Packit |
f0d170 |
--with-golang --with-libwrap \
|
|
Packit |
f0d170 |
--enable-gssapi-krb5=yes --enable-zos-remote \
|
|
Packit |
f0d170 |
--with-libcap-ng=yes --enable-systemd
|
|
Packit |
f0d170 |
|
|
Packit |
f0d170 |
make CFLAGS="%{optflags}" %{?_smp_mflags}
|
|
Packit |
f0d170 |
|
|
Packit |
f0d170 |
%install
|
|
Packit |
f0d170 |
mkdir -p $RPM_BUILD_ROOT/{sbin,etc/audit/plugins.d,etc/audit/rules.d}
|
|
Packit |
f0d170 |
mkdir -p $RPM_BUILD_ROOT/%{_mandir}/{man5,man8}
|
|
Packit |
f0d170 |
mkdir -p $RPM_BUILD_ROOT/%{_lib}
|
|
Packit |
f0d170 |
mkdir -p $RPM_BUILD_ROOT/%{_libdir}/audit
|
|
Packit |
f0d170 |
mkdir --mode=0700 -p $RPM_BUILD_ROOT/%{_var}/log/audit
|
|
Packit |
f0d170 |
mkdir -p $RPM_BUILD_ROOT/%{_var}/spool/audit
|
|
Packit |
f0d170 |
make DESTDIR=$RPM_BUILD_ROOT install
|
|
Packit |
f0d170 |
|
|
Packit |
f0d170 |
mkdir -p $RPM_BUILD_ROOT/%{_libdir}
|
|
Packit |
f0d170 |
# This winds up in the wrong place when libtool is involved
|
|
Packit |
f0d170 |
mv $RPM_BUILD_ROOT/%{_lib}/libaudit.a $RPM_BUILD_ROOT%{_libdir}
|
|
Packit |
f0d170 |
mv $RPM_BUILD_ROOT/%{_lib}/libauparse.a $RPM_BUILD_ROOT%{_libdir}
|
|
Packit |
f0d170 |
curdir=`pwd`
|
|
Packit |
f0d170 |
cd $RPM_BUILD_ROOT/%{_libdir}
|
|
Packit |
f0d170 |
LIBNAME=`basename \`ls $RPM_BUILD_ROOT/%{_lib}/libaudit.so.1.*.*\``
|
|
Packit |
f0d170 |
ln -s ../../%{_lib}/$LIBNAME libaudit.so
|
|
Packit |
f0d170 |
LIBNAME=`basename \`ls $RPM_BUILD_ROOT/%{_lib}/libauparse.so.0.*.*\``
|
|
Packit |
f0d170 |
ln -s ../../%{_lib}/$LIBNAME libauparse.so
|
|
Packit |
f0d170 |
cd $curdir
|
|
Packit |
f0d170 |
# Remove these items so they don't get picked up.
|
|
Packit |
f0d170 |
rm -f $RPM_BUILD_ROOT/%{_lib}/libaudit.so
|
|
Packit |
f0d170 |
rm -f $RPM_BUILD_ROOT/%{_lib}/libauparse.so
|
|
Packit |
f0d170 |
|
|
Packit |
f0d170 |
find $RPM_BUILD_ROOT -name '*.la' -delete
|
|
Packit |
f0d170 |
find $RPM_BUILD_ROOT/%{_libdir}/python?.?/site-packages -name '*.a' -delete
|
|
Packit |
f0d170 |
|
|
Packit |
f0d170 |
# Move the pkgconfig file
|
|
Packit |
f0d170 |
mv $RPM_BUILD_ROOT/%{_lib}/pkgconfig $RPM_BUILD_ROOT%{_libdir}
|
|
Packit |
f0d170 |
|
|
Packit |
f0d170 |
# On platforms with 32 & 64 bit libs, we need to coordinate the timestamp
|
|
Packit |
f0d170 |
touch -r ./audit.spec $RPM_BUILD_ROOT/etc/libaudit.conf
|
|
Packit |
f0d170 |
touch -r ./audit.spec $RPM_BUILD_ROOT/usr/share/man/man5/libaudit.conf.5.gz
|
|
Packit |
f0d170 |
|
|
Packit |
f0d170 |
%check
|
|
Packit |
f0d170 |
make check
|
|
Packit |
f0d170 |
|
|
Packit |
f0d170 |
%post libs -p /sbin/ldconfig
|
|
Packit |
f0d170 |
|
|
Packit |
f0d170 |
%post
|
|
Packit |
f0d170 |
# Copy default rules into place on new installation
|
|
Packit |
f0d170 |
files=`ls /etc/audit/rules.d/ 2>/dev/null | wc -w`
|
|
Packit |
f0d170 |
if [ "$files" -eq 0 ] ; then
|
|
Packit |
f0d170 |
cp %{_datadir}/%{name}/sample-rules/10-base-config.rules /etc/audit/rules.d/audit.rules
|
|
Packit |
f0d170 |
chmod 0600 /etc/audit/rules.d/audit.rules
|
|
Packit |
f0d170 |
fi
|
|
Packit |
f0d170 |
%systemd_post auditd.service
|
|
Packit |
f0d170 |
|
|
Packit |
f0d170 |
%preun
|
|
Packit |
f0d170 |
%systemd_preun auditd.service
|
|
Packit |
f0d170 |
if [ $1 -eq 0 ]; then
|
|
Packit |
f0d170 |
/sbin/service auditd stop > /dev/null 2>&1
|
|
Packit |
f0d170 |
fi
|
|
Packit |
f0d170 |
|
|
Packit |
f0d170 |
%postun libs -p /sbin/ldconfig
|
|
Packit |
f0d170 |
|
|
Packit |
f0d170 |
%postun
|
|
Packit |
f0d170 |
if [ $1 -ge 1 ]; then
|
|
Packit |
f0d170 |
/sbin/service auditd condrestart > /dev/null 2>&1 || :
|
|
Packit |
f0d170 |
fi
|
|
Packit |
f0d170 |
|
|
Packit |
f0d170 |
%files libs
|
|
Packit |
f0d170 |
%license COPYING.LIB
|
|
Packit |
f0d170 |
/%{_lib}/libaudit.so.1*
|
|
Packit |
f0d170 |
/%{_lib}/libauparse.*
|
|
Packit |
f0d170 |
%config(noreplace) %attr(640,root,root) /etc/libaudit.conf
|
|
Packit |
f0d170 |
%{_mandir}/man5/libaudit.conf.5.gz
|
|
Packit |
f0d170 |
|
|
Packit |
f0d170 |
%files libs-devel
|
|
Packit |
f0d170 |
%defattr(-,root,root,-)
|
|
Packit |
f0d170 |
%doc contrib/plugin
|
|
Packit |
f0d170 |
%{_libdir}/libaudit.so
|
|
Packit |
f0d170 |
%{_libdir}/libauparse.so
|
|
Packit |
f0d170 |
%dir %{_prefix}/lib/golang/src/pkg/redhat.com/audit
|
|
Packit |
f0d170 |
%{_prefix}/lib/golang/src/pkg/redhat.com/audit/audit.go
|
|
Packit |
f0d170 |
%{_includedir}/libaudit.h
|
|
Packit |
f0d170 |
%{_includedir}/auparse.h
|
|
Packit |
f0d170 |
%{_includedir}/auparse-defs.h
|
|
Packit |
f0d170 |
%{_datadir}/aclocal/audit.m4
|
|
Packit |
f0d170 |
%{_libdir}/pkgconfig/audit.pc
|
|
Packit |
f0d170 |
%{_libdir}/pkgconfig/auparse.pc
|
|
Packit |
f0d170 |
%{_mandir}/man3/*
|
|
Packit |
f0d170 |
|
|
Packit |
f0d170 |
%files libs-static
|
|
Packit |
f0d170 |
%license COPYING.LIB
|
|
Packit |
f0d170 |
%{_libdir}/libaudit.a
|
|
Packit |
f0d170 |
%{_libdir}/libauparse.a
|
|
Packit |
f0d170 |
|
|
Packit |
f0d170 |
%files libs-python2
|
|
Packit |
f0d170 |
%attr(755,root,root) %{python_sitearch}/_audit.so
|
|
Packit |
f0d170 |
%attr(755,root,root) %{python_sitearch}/auparse.so
|
|
Packit |
f0d170 |
%{python_sitearch}/audit.py*
|
|
Packit |
f0d170 |
|
|
Packit |
f0d170 |
%files libs-python3
|
|
Packit |
f0d170 |
%defattr(-,root,root,-)
|
|
Packit |
f0d170 |
%attr(755,root,root) %{python3_sitearch}/*
|
|
Packit |
f0d170 |
|
|
Packit |
f0d170 |
%files
|
|
Packit |
f0d170 |
%license COPYING
|
|
Packit |
f0d170 |
%doc README ChangeLog rules init.d/auditd.cron
|
|
Packit |
f0d170 |
%attr(644,root,root) %{_datadir}/%{name}/sample-rules/*
|
|
Packit |
f0d170 |
%attr(644,root,root) %{_mandir}/man8/auditctl.8.gz
|
|
Packit |
f0d170 |
%attr(644,root,root) %{_mandir}/man8/auditd.8.gz
|
|
Packit |
f0d170 |
%attr(644,root,root) %{_mandir}/man8/aureport.8.gz
|
|
Packit |
f0d170 |
%attr(644,root,root) %{_mandir}/man8/ausearch.8.gz
|
|
Packit |
f0d170 |
%attr(644,root,root) %{_mandir}/man8/autrace.8.gz
|
|
Packit |
f0d170 |
%attr(644,root,root) %{_mandir}/man8/aulast.8.gz
|
|
Packit |
f0d170 |
%attr(644,root,root) %{_mandir}/man8/aulastlog.8.gz
|
|
Packit |
f0d170 |
%attr(644,root,root) %{_mandir}/man8/auvirt.8.gz
|
|
Packit |
f0d170 |
%attr(644,root,root) %{_mandir}/man8/augenrules.8.gz
|
|
Packit |
f0d170 |
%attr(644,root,root) %{_mandir}/man8/ausyscall.8.gz
|
|
Packit |
f0d170 |
%attr(644,root,root) %{_mandir}/man7/audit.rules.7.gz
|
|
Packit |
f0d170 |
%attr(644,root,root) %{_mandir}/man5/auditd.conf.5.gz
|
|
Packit |
f0d170 |
%attr(644,root,root) %{_mandir}/man5/ausearch-expression.5.gz
|
|
Packit |
f0d170 |
%attr(644,root,root) %{_mandir}/man5/auditd-plugins.5.gz
|
|
Packit |
f0d170 |
%attr(755,root,root) /sbin/auditctl
|
|
Packit |
f0d170 |
%attr(755,root,root) /sbin/auditd
|
|
Packit |
f0d170 |
%attr(755,root,root) /sbin/ausearch
|
|
Packit |
f0d170 |
%attr(755,root,root) /sbin/aureport
|
|
Packit |
f0d170 |
%attr(750,root,root) /sbin/autrace
|
|
Packit |
f0d170 |
%attr(750,root,root) /sbin/augenrules
|
|
Packit |
f0d170 |
%attr(755,root,root) %{_bindir}/aulast
|
|
Packit |
f0d170 |
%attr(755,root,root) %{_bindir}/aulastlog
|
|
Packit |
f0d170 |
%attr(755,root,root) %{_bindir}/ausyscall
|
|
Packit |
f0d170 |
%attr(755,root,root) %{_bindir}/auvirt
|
|
Packit |
f0d170 |
%attr(644,root,root) %{_unitdir}/auditd.service
|
|
Packit |
f0d170 |
%attr(750,root,root) %dir %{_libexecdir}/initscripts/legacy-actions/auditd
|
|
Packit |
f0d170 |
%attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/condrestart
|
|
Packit |
f0d170 |
%attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/reload
|
|
Packit |
f0d170 |
%attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/restart
|
|
Packit |
f0d170 |
%attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/resume
|
|
Packit |
f0d170 |
%attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/rotate
|
|
Packit |
f0d170 |
%attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/state
|
|
Packit |
f0d170 |
%attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/stop
|
|
Packit |
f0d170 |
%ghost %{_localstatedir}/run/auditd.state
|
|
Packit |
f0d170 |
%attr(-,root,-) %dir %{_var}/log/audit
|
|
Packit |
f0d170 |
%attr(750,root,root) %dir /etc/audit
|
|
Packit |
f0d170 |
%attr(750,root,root) %dir /etc/audit/rules.d
|
|
Packit |
f0d170 |
%attr(750,root,root) %dir /etc/audit/plugins.d
|
|
Packit |
f0d170 |
%config(noreplace) %attr(640,root,root) /etc/audit/auditd.conf
|
|
Packit |
f0d170 |
%ghost %config(noreplace) %attr(640,root,root) /etc/audit/rules.d/audit.rules
|
|
Packit |
f0d170 |
%ghost %config(noreplace) %attr(640,root,root) /etc/audit/audit.rules
|
|
Packit |
f0d170 |
%config(noreplace) %attr(640,root,root) /etc/audit/audit-stop.rules
|
|
Packit |
f0d170 |
%config(noreplace) %attr(640,root,root) /etc/audit/plugins.d/af_unix.conf
|
|
Packit |
f0d170 |
|
|
Packit |
f0d170 |
%files -n audispd-plugins
|
|
Packit |
f0d170 |
%attr(644,root,root) %{_mandir}/man8/audispd-zos-remote.8.gz
|
|
Packit |
f0d170 |
%attr(644,root,root) %{_mandir}/man5/zos-remote.conf.5.gz
|
|
Packit |
f0d170 |
%config(noreplace) %attr(640,root,root) /etc/audit/plugins.d/audispd-zos-remote.conf
|
|
Packit |
f0d170 |
%config(noreplace) %attr(640,root,root) /etc/audit/zos-remote.conf
|
|
Packit |
f0d170 |
%attr(750,root,root) /sbin/audispd-zos-remote
|
|
Packit |
f0d170 |
%config(noreplace) %attr(640,root,root) /etc/audit/audisp-remote.conf
|
|
Packit |
f0d170 |
%config(noreplace) %attr(640,root,root) /etc/audit/plugins.d/au-remote.conf
|
|
Packit |
f0d170 |
%config(noreplace) %attr(640,root,root) /etc/audit/plugins.d/syslog.conf
|
|
Packit |
f0d170 |
%attr(750,root,root) /sbin/audisp-remote
|
|
Packit |
f0d170 |
%attr(750,root,root) /sbin/audisp-syslog
|
|
Packit |
f0d170 |
%attr(700,root,root) %dir %{_var}/spool/audit
|
|
Packit |
f0d170 |
%attr(644,root,root) %{_mandir}/man5/audisp-remote.conf.5.gz
|
|
Packit |
f0d170 |
%attr(644,root,root) %{_mandir}/man8/audisp-remote.8.gz
|
|
Packit |
f0d170 |
%attr(644,root,root) %{_mandir}/man8/audisp-syslog.8.gz
|
|
Packit |
f0d170 |
|
|
Packit |
f0d170 |
|
|
Packit |
f0d170 |
%changelog
|
|
Packit |
f0d170 |
* Sat Mar 10 2018 Steve Grubb <sgrubb@redhat.com> 3.0-1
|
|
Packit |
f0d170 |
- New upstream release
|
|
Packit |
f0d170 |
|