1 |
%define major 1 |
2 |
%define libname %mklibname audit %{major} |
3 |
%define develname %mklibname audit -d |
4 |
|
5 |
%define auparsemajor 0 |
6 |
%define auparselibname %mklibname auparse %{auparsemajor} |
7 |
%define auparsedevelname %mklibname auparse -d |
8 |
|
9 |
Summary: User-space tools for Linux 2.6 kernel auditing |
10 |
Name: audit |
11 |
Version: 2.8.5 |
12 |
Release: %mkrel 1 |
13 |
License: LGPLv2+ |
14 |
Group: System/Base |
15 |
URL: http://people.redhat.com/sgrubb/audit/ |
16 |
Source0: http://people.redhat.com/sgrubb/audit/audit-%{version}.tar.gz |
17 |
Source1: %{name}-tmpfiles.conf |
18 |
BuildRequires: gettext-devel |
19 |
BuildRequires: glibc-devel >= 2.6 |
20 |
BuildRequires: intltool |
21 |
BuildRequires: pkgconfig(libcap-ng) |
22 |
BuildRequires: libtool |
23 |
BuildRequires: openldap-devel |
24 |
BuildRequires: pkgconfig(libprelude) >= 0.9.16 |
25 |
BuildRequires: pkgconfig(python) |
26 |
BuildRequires: python3-devel |
27 |
BuildRequires: swig |
28 |
BuildRequires: tcp_wrappers-devel |
29 |
# for macro definition: |
30 |
BuildRequires: pkgconfig(systemd) |
31 |
Requires(preun): rpm-helper |
32 |
Requires(post): rpm-helper |
33 |
Requires(postun):rpm-helper |
34 |
Requires: tcp_wrappers |
35 |
|
36 |
%description |
37 |
The audit package contains the user space utilities for storing and searching |
38 |
the audit records generate by the audit subsystem in the Linux 2.6 kernel. |
39 |
|
40 |
%package -n %{libname} |
41 |
Summary: Main libraries for %{name} |
42 |
Group: System/Libraries |
43 |
|
44 |
%description -n %{libname} |
45 |
This package contains the main libraries for %{name}. |
46 |
|
47 |
%package -n %{develname} |
48 |
Summary: Development files for %{name} |
49 |
Group: Development/C |
50 |
Requires: %{libname} = %{version}-%{release} |
51 |
Provides: libaudit-devel = %{version}-%{release} |
52 |
Provides: audit-devel = %{version}-%{release} |
53 |
Provides: audit-libs-devel = %{version}-%{release} |
54 |
|
55 |
%description -n %{develname} |
56 |
This package contains development files for %{name}. |
57 |
|
58 |
%package -n %{auparselibname} |
59 |
Summary: Main libraries for %{name} |
60 |
Group: System/Libraries |
61 |
|
62 |
%description -n %{auparselibname} |
63 |
This package contains the main auparse libraries for %{name}. |
64 |
|
65 |
%package -n %{auparsedevelname} |
66 |
Summary: Development files for %{name} |
67 |
Group: Development/C |
68 |
Requires: %{auparselibname} = %{version}-%{release} |
69 |
Provides: auparse-devel = %{version}-%{release} |
70 |
|
71 |
|
72 |
%description -n %{auparsedevelname} |
73 |
This package contains development files for %{name}. |
74 |
|
75 |
%package -n python2-audit |
76 |
Summary: Python2 bindings for %{name} |
77 |
Group: Development/Python |
78 |
|
79 |
Obsoletes: python-audit < 2.8.4-5 |
80 |
Provides: python-audit = %{version}-%{release} |
81 |
|
82 |
%description -n python2-audit |
83 |
This package contains python2 bindings for %{name}. |
84 |
|
85 |
%package -n python3-audit |
86 |
Summary: Python3 bindings for libaudit |
87 |
License: LGPLv2+ |
88 |
Group: Development/Python |
89 |
Requires: %{name} = %{version}-%{release} |
90 |
Requires: %{libname} = %{version}-%{release} |
91 |
|
92 |
%description -n python3-audit |
93 |
The python3-audit package contains the bindings so that libaudit |
94 |
and libauparse can be used by python3. |
95 |
|
96 |
%package -n audispd-plugins |
97 |
Summary: Plugins for the audit event dispatcher |
98 |
Group: System/Base |
99 |
Requires: %{name} = %{version} |
100 |
|
101 |
%description -n audispd-plugins |
102 |
The audispd-plugins package provides plugins for the real-time interface to the |
103 |
audit system, audispd. These plugins can do things like relay events to remote |
104 |
machines. |
105 |
|
106 |
%package -n audispd-plugins-zos |
107 |
Summary: z/OS plugin for the audit event dispatcher |
108 |
Group: System/Base |
109 |
Requires: %{name} = %{version} |
110 |
Requires: openldap |
111 |
|
112 |
%description -n audispd-plugins-zos |
113 |
The audispd-plugins-zos package provides a plugin that will forward all |
114 |
incoming audit events, as they happen, to a configured z/OS SMF (Service |
115 |
Management Facility) database, through an IBM Tivoli Directory Server |
116 |
(ITDS) set for Remote Audit service. |
117 |
|
118 |
%prep |
119 |
%setup -q |
120 |
|
121 |
find -type d -name ".libs" | xargs rm -rf |
122 |
|
123 |
#fix build with new automake |
124 |
sed -i -e 's,AM_CONFIG_HEADER,AC_CONFIG_HEADERS,g' configure.* |
125 |
|
126 |
#fix runstatedir |
127 |
sed -i -e 's,/var/run,%{_rundir},g' $(grep -rl /var/run) |
128 |
|
129 |
%build |
130 |
%serverbuild |
131 |
autoreconf -fvi |
132 |
|
133 |
%configure2_5x \ |
134 |
--disable-static \ |
135 |
--with-prelude \ |
136 |
--with-libwrap \ |
137 |
--enable-gssapi-krb5=no \ |
138 |
--with-libcap-ng=yes \ |
139 |
--enable-systemd \ |
140 |
--with-python3=yes |
141 |
|
142 |
%make_build |
143 |
|
144 |
%install |
145 |
%{__install} -d %{buildroot}%{_var}/log/audit |
146 |
%{__install} -d %{buildroot}%{_libdir}/audit |
147 |
%{__install} -d %{buildroot}%{_var}/spool/audit |
148 |
%{__install} -D -p -m 644 %{SOURCE1} %{buildroot}%{_tmpfilesdir}/%{name}.conf |
149 |
|
150 |
%make_install |
151 |
|
152 |
# uneeded files |
153 |
find %{buildroot} -name "*.la" -delete |
154 |
|
155 |
%post |
156 |
# Copy default rules into place on new installation |
157 |
files=`ls /etc/audit/rules.d/ 2>/dev/null | wc -w` |
158 |
if [ "$files" -eq 0 ] ; then |
159 |
# FESCO asked for audit to be off by default. #1117953 |
160 |
if [ -e /usr/share/doc/audit/rules/10-no-audit.rules ] ; then |
161 |
cp /usr/share/doc/audit/rules/10-no-audit.rules /etc/audit/rules.d/audit.rules |
162 |
else |
163 |
touch /etc/audit/rules.d/audit.rules |
164 |
fi |
165 |
chmod 0600 /etc/audit/rules.d/audit.rules |
166 |
fi |
167 |
|
168 |
%_tmpfilescreate %{name} |
169 |
|
170 |
## This hack is because the auditd.service needs to be started before sysinit.target. So let's just enable and start |
171 |
## the service manually after installation. This needs to be revisited after our %%_post_service has been adjusted |
172 |
systemctl enable -q auditd.service |
173 |
systemctl start -q auditd.service |
174 |
# %%_post_service auditd.service |
175 |
|
176 |
%preun |
177 |
## For some unknow reason "systemctl stop" doesn't work so use "systemctl kill" instead: |
178 |
## Failed to stop auditd.service: Operation refused, unit auditd.service may be requested |
179 |
## by dependency only. |
180 |
systemctl kill -q auditd.service |
181 |
systemctl disable -q auditd.service |
182 |
|
183 |
|
184 |
%files |
185 |
%doc README ChangeLog rules init.d/auditd.cron |
186 |
%attr(644,root,root) %{_unitdir}/auditd.service |
187 |
%attr(750,root,root) %dir %{_libexecdir}/initscripts/legacy-actions/auditd |
188 |
%attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/resume |
189 |
%attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/rotate |
190 |
%attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/state |
191 |
%attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/stop |
192 |
%attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/restart |
193 |
%attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/condrestart |
194 |
%attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/reload |
195 |
%attr(0750,root,root) %dir %{_sysconfdir}/audit |
196 |
%attr(0750,root,root) %dir %{_sysconfdir}/audisp |
197 |
%attr(0750,root,root) %dir %{_sysconfdir}/audisp/plugins.d |
198 |
%config(noreplace) %attr(0640,root,root) %{_sysconfdir}/audit/auditd.conf |
199 |
%ghost %config(noreplace) %attr(0640,root,root) %{_sysconfdir}/audit/rules.d/audit.rules |
200 |
%ghost %config(noreplace) %attr(0640,root,root) %{_sysconfdir}/audit/audit.rules |
201 |
%config(noreplace) %attr(0640,root,root) %{_sysconfdir}/audit/audit-stop.rules |
202 |
%config(noreplace) %attr(0640,root,root) %{_sysconfdir}/audisp/audispd.conf |
203 |
%config(noreplace) %attr(0640,root,root) %{_sysconfdir}/audisp/plugins.d/af_unix.conf |
204 |
%config(noreplace) %attr(0640,root,root) %{_sysconfdir}/audisp/plugins.d/syslog.conf |
205 |
%attr(0750,root,root) %{_sbindir}/audispd |
206 |
%attr(0755,root,root) %{_sbindir}/auditctl |
207 |
%attr(0755,root,root) %{_sbindir}/auditd |
208 |
%attr(0750,root,root) %{_sbindir}/autrace |
209 |
%attr(0755,root,root) %{_sbindir}/aureport |
210 |
%attr(0755,root,root) %{_sbindir}/ausearch |
211 |
%attr(0755,root,root) %{_sbindir}/augenrules |
212 |
%attr(0755,root,root) %{_bindir}/aulastlog |
213 |
%attr(0755,root,root) %{_bindir}/aulast |
214 |
%attr(0755,root,root) %{_bindir}/ausyscall |
215 |
%attr(7555,root,root) %{_bindir}/auvirt |
216 |
%attr(0644,root,root) %{_mandir}/man5/audispd.conf.5* |
217 |
%attr(0644,root,root) %{_mandir}/man5/auditd.conf.5* |
218 |
%attr(0644,root,root) %{_mandir}/man5/ausearch-expression.5* |
219 |
%attr(0644,root,root) %{_mandir}/man7/audit.rules.7* |
220 |
%attr(0644,root,root) %{_mandir}/man8/audispd.8* |
221 |
%attr(0644,root,root) %{_mandir}/man8/auditctl.8* |
222 |
%attr(0644,root,root) %{_mandir}/man8/auditd.8* |
223 |
%attr(0644,root,root) %{_mandir}/man8/aulast.8* |
224 |
%attr(0644,root,root) %{_mandir}/man8/aulastlog.8* |
225 |
%attr(6444,root,root) %{_mandir}/man8/auvirt.8.* |
226 |
%attr(6444,root,root) %{_mandir}/man8/augenrules.8* |
227 |
%attr(0644,root,root) %{_mandir}/man8/aureport.8* |
228 |
%attr(0644,root,root) %{_mandir}/man8/ausearch.8* |
229 |
%attr(0644,root,root) %{_mandir}/man8/ausyscall.8* |
230 |
%attr(0644,root,root) %{_mandir}/man8/autrace.8* |
231 |
%attr(0700,root,root) %dir %{_var}/log/audit |
232 |
%{_tmpfilesdir}/%{name}.conf |
233 |
|
234 |
%files -n %{libname} |
235 |
%config(noreplace) %attr(0640,root,root) %{_sysconfdir}/libaudit.conf |
236 |
%{_libdir}/libaudit.so.%{major}{,.*} |
237 |
%attr(0644,root,root) %{_mandir}/man5/libaudit.conf.5* |
238 |
|
239 |
%files -n %{develname} |
240 |
%doc ChangeLog contrib/skeleton.c contrib/plugin |
241 |
%{_libdir}/libaudit.so |
242 |
%{_includedir}/libaudit.h |
243 |
%{_datadir}/aclocal/audit.m4 |
244 |
%{_libdir}/pkgconfig/audit.pc |
245 |
%{_libdir}/pkgconfig/auparse.pc |
246 |
%{_mandir}/man3/audit_* |
247 |
%{_mandir}/man3/ausearch_* |
248 |
%{_mandir}/man3/get_auditfail_action.3* |
249 |
%{_mandir}/man3/set_aumessage_mode.3* |
250 |
|
251 |
%files -n %{auparselibname} |
252 |
%{_libdir}/libauparse.so.%{auparsemajor}{,.*} |
253 |
|
254 |
%files -n %{auparsedevelname} |
255 |
%doc ChangeLog contrib/skeleton.c contrib/plugin |
256 |
%{_libdir}/libauparse.so |
257 |
%{_includedir}/auparse-defs.h |
258 |
%{_includedir}/auparse.h |
259 |
%{_mandir}/man3/auparse_* |
260 |
|
261 |
%files -n python2-audit |
262 |
%{python2_sitearch}/*.so |
263 |
%{python2_sitearch}/audit.p* |
264 |
|
265 |
%files -n python3-audit |
266 |
%{python3_sitearch}/* |
267 |
|
268 |
%files -n audispd-plugins |
269 |
%config(noreplace) %attr(0640,root,root) %{_sysconfdir}/audisp/audisp-prelude.conf |
270 |
%config(noreplace) %attr(0640,root,root) %{_sysconfdir}/audisp/audisp-remote.conf |
271 |
%config(noreplace) %attr(0640,root,root) %{_sysconfdir}/audisp/plugins.d/au-prelude.conf |
272 |
%config(noreplace) %attr(0640,root,root) %{_sysconfdir}/audisp/plugins.d/au-remote.conf |
273 |
%attr(0750,root,root) %{_sbindir}/audisp-prelude |
274 |
%attr(0750,root,root) %{_sbindir}/audisp-remote |
275 |
%attr(0644,root,root) %{_mandir}/man5/audisp-prelude.conf.5* |
276 |
%attr(0644,root,root) %{_mandir}/man5/audisp-remote.conf.5* |
277 |
%attr(0644,root,root) %{_mandir}/man8/audisp-prelude.8* |
278 |
%attr(0644,root,root) %{_mandir}/man8/audisp-remote.8* |
279 |
%attr(0750,root,root) %dir %{_var}/spool/audit |
280 |
|
281 |
%files -n audispd-plugins-zos |
282 |
%attr(0644,root,root) %{_mandir}/man8/audispd-zos-remote.8* |
283 |
%attr(0644,root,root) %{_mandir}/man5/zos-remote.conf.5* |
284 |
%config(noreplace) %attr(0640,root,root) %{_sysconfdir}/audisp/plugins.d/audispd-zos-remote.conf |
285 |
%config(noreplace) %attr(0640,root,root) %{_sysconfdir}/audisp/zos-remote.conf |
286 |
%attr(0750,root,root) %{_sbindir}/audispd-zos-remote |