1 |
%define major 1 |
2 |
%define libname %mklibname audit %{major} |
3 |
%define develname %mklibname audit -d |
4 |
|
5 |
%define auparsemajor 0 |
6 |
%define auparselibname %mklibname auparse %{auparsemajor} |
7 |
%define auparsedevelname %mklibname auparse -d |
8 |
|
9 |
Summary: User-space tools for Linux 2.6 kernel auditing |
10 |
Name: audit |
11 |
Version: 2.7.7 |
12 |
Release: %mkrel 1 |
13 |
License: LGPLv2+ |
14 |
Group: System/Base |
15 |
URL: http://people.redhat.com/sgrubb/audit/ |
16 |
Source0: http://people.redhat.com/sgrubb/audit/audit-%{version}.tar.gz |
17 |
Source1: %{name}-tmpfiles.conf |
18 |
BuildRequires: gettext-devel |
19 |
BuildRequires: glibc-devel >= 2.6 |
20 |
BuildRequires: intltool |
21 |
BuildRequires: libcap-ng-devel |
22 |
BuildRequires: libtool |
23 |
BuildRequires: openldap-devel |
24 |
BuildRequires: prelude-devel >= 0.9.16 |
25 |
BuildRequires: python-devel |
26 |
BuildRequires: python3-devel |
27 |
BuildRequires: swig |
28 |
BuildRequires: tcp_wrappers-devel |
29 |
# for macro definition: |
30 |
BuildRequires: systemd-devel |
31 |
Requires(preun): rpm-helper |
32 |
Requires(post): rpm-helper |
33 |
Requires(postun):rpm-helper |
34 |
Requires: tcp_wrappers |
35 |
|
36 |
%description |
37 |
The audit package contains the user space utilities for storing and searching |
38 |
the audit records generate by the audit subsystem in the Linux 2.6 kernel. |
39 |
|
40 |
%package -n %{libname} |
41 |
Summary: Main libraries for %{name} |
42 |
Group: System/Libraries |
43 |
|
44 |
%description -n %{libname} |
45 |
This package contains the main libraries for %{name}. |
46 |
|
47 |
%package -n %{develname} |
48 |
Summary: Development files for %{name} |
49 |
Group: Development/C |
50 |
Requires: %{libname} = %{version}-%{release} |
51 |
Provides: libaudit-devel = %{version}-%{release} |
52 |
Provides: audit-devel = %{version}-%{release} |
53 |
Provides: audit-libs-devel = %{version}-%{release} |
54 |
|
55 |
%description -n %{develname} |
56 |
This package contains development files for %{name}. |
57 |
|
58 |
%package -n %{auparselibname} |
59 |
Summary: Main libraries for %{name} |
60 |
Group: System/Libraries |
61 |
|
62 |
%description -n %{auparselibname} |
63 |
This package contains the main auparse libraries for %{name}. |
64 |
|
65 |
%package -n %{auparsedevelname} |
66 |
Summary: Development files for %{name} |
67 |
Group: Development/C |
68 |
Requires: %{auparselibname} = %{version}-%{release} |
69 |
Provides: auparse-devel = %{version}-%{release} |
70 |
|
71 |
|
72 |
%description -n %{auparsedevelname} |
73 |
This package contains development files for %{name}. |
74 |
|
75 |
%package -n python-audit |
76 |
Summary: Python bindings for %{name} |
77 |
Group: Development/Python |
78 |
|
79 |
%description -n python-audit |
80 |
This package contains python bindings for %{name}. |
81 |
|
82 |
%package -n python3-audit |
83 |
Summary: Python3 bindings for libaudit |
84 |
License: LGPLv2+ |
85 |
Group: Development/Python |
86 |
Requires: %{name} = %{version}-%{release} |
87 |
Requires: %{libname} = %{version}-%{release} |
88 |
|
89 |
%description -n python3-audit |
90 |
The python3-audit package contains the bindings so that libaudit |
91 |
and libauparse can be used by python3. |
92 |
|
93 |
%package -n audispd-plugins |
94 |
Summary: Plugins for the audit event dispatcher |
95 |
Group: System/Base |
96 |
Requires: %{name} = %{version} |
97 |
|
98 |
%description -n audispd-plugins |
99 |
The audispd-plugins package provides plugins for the real-time interface to the |
100 |
audit system, audispd. These plugins can do things like relay events to remote |
101 |
machines. |
102 |
|
103 |
%package -n audispd-plugins-zos |
104 |
Summary: z/OS plugin for the audit event dispatcher |
105 |
Group: System/Base |
106 |
Requires: %{name} = %{version} |
107 |
Requires: openldap |
108 |
|
109 |
%description -n audispd-plugins-zos |
110 |
The audispd-plugins-zos package provides a plugin that will forward all |
111 |
incoming audit events, as they happen, to a configured z/OS SMF (Service |
112 |
Management Facility) database, through an IBM Tivoli Directory Server |
113 |
(ITDS) set for Remote Audit service. |
114 |
|
115 |
%prep |
116 |
%setup -q |
117 |
|
118 |
find -type d -name ".libs" | xargs rm -rf |
119 |
|
120 |
#fix build with new automake |
121 |
sed -i -e 's,AM_CONFIG_HEADER,AC_CONFIG_HEADERS,g' configure.* |
122 |
|
123 |
|
124 |
%build |
125 |
%serverbuild |
126 |
autoreconf -f -v --install |
127 |
|
128 |
%configure2_5x \ |
129 |
--disable-static \ |
130 |
--with-prelude \ |
131 |
--with-libwrap \ |
132 |
--enable-gssapi-krb5=no \ |
133 |
--with-libcap-ng=yes \ |
134 |
--enable-systemd \ |
135 |
--with-python3=yes |
136 |
|
137 |
%make_build |
138 |
|
139 |
%install |
140 |
%{__install} -d %{buildroot}%{_var}/log/audit |
141 |
%{__install} -d %{buildroot}%{_libdir}/audit |
142 |
%{__install} -d %{buildroot}%{_var}/spool/audit |
143 |
%{__install} -D -p -m 644 %{SOURCE1} %{buildroot}%{_tmpfilesdir}/%{name}.conf |
144 |
|
145 |
%make_install |
146 |
|
147 |
# uneeded files |
148 |
find %{buildroot} -name "*.la" -delete |
149 |
|
150 |
%post |
151 |
# Copy default rules into place on new installation |
152 |
files=`ls /etc/audit/rules.d/ 2>/dev/null | wc -w` |
153 |
if [ "$files" -eq 0 ] ; then |
154 |
# FESCO asked for audit to be off by default. #1117953 |
155 |
if [ -e /usr/share/doc/audit/rules/10-no-audit.rules ] ; then |
156 |
cp /usr/share/doc/audit/rules/10-no-audit.rules /etc/audit/rules.d/audit.rules |
157 |
else |
158 |
touch /etc/audit/rules.d/audit.rules |
159 |
fi |
160 |
chmod 0600 /etc/audit/rules.d/audit.rules |
161 |
fi |
162 |
|
163 |
%_tmpfilescreate %{name} |
164 |
|
165 |
## This hack is because the auditd.service needs to be started before sysinit.target. So let's just enable and start |
166 |
## the service manually after installation. This needs to be revisited after our %%_post_service has been adjusted |
167 |
systemctl enable -q auditd.service |
168 |
systemctl start -q auditd.service |
169 |
# %%_post_service auditd.service |
170 |
|
171 |
%preun |
172 |
## For some unknow reason "systemctl stop" doesn't work so use "systemctl kill" instead: |
173 |
## Failed to stop auditd.service: Operation refused, unit auditd.service may be requested |
174 |
## by dependency only. |
175 |
systemctl kill -q auditd.service |
176 |
systemctl disable -q auditd.service |
177 |
|
178 |
|
179 |
%files |
180 |
%doc README ChangeLog rules init.d/auditd.cron |
181 |
%attr(644,root,root) %{_unitdir}/auditd.service |
182 |
%attr(750,root,root) %dir %{_libexecdir}/initscripts/legacy-actions/auditd |
183 |
%attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/resume |
184 |
%attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/rotate |
185 |
%attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/stop |
186 |
%attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/restart |
187 |
%attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/condrestart |
188 |
%attr(0750,root,root) %dir %{_sysconfdir}/audit |
189 |
%attr(0750,root,root) %dir %{_sysconfdir}/audisp |
190 |
%attr(0750,root,root) %dir %{_sysconfdir}/audisp/plugins.d |
191 |
%config(noreplace) %attr(0640,root,root) %{_sysconfdir}/audit/auditd.conf |
192 |
%ghost %config(noreplace) %attr(0640,root,root) %{_sysconfdir}/audit/rules.d/audit.rules |
193 |
%ghost %config(noreplace) %attr(0640,root,root) %{_sysconfdir}/audit/audit.rules |
194 |
%config(noreplace) %attr(0640,root,root) %{_sysconfdir}/audit/audit-stop.rules |
195 |
%config(noreplace) %attr(0640,root,root) %{_sysconfdir}/audisp/audispd.conf |
196 |
%config(noreplace) %attr(0640,root,root) %{_sysconfdir}/audisp/plugins.d/af_unix.conf |
197 |
%config(noreplace) %attr(0640,root,root) %{_sysconfdir}/audisp/plugins.d/syslog.conf |
198 |
%attr(0750,root,root) %{_sbindir}/audispd |
199 |
%attr(0755,root,root) %{_sbindir}/auditctl |
200 |
%attr(0755,root,root) %{_sbindir}/auditd |
201 |
%attr(0750,root,root) %{_sbindir}/autrace |
202 |
%attr(0755,root,root) %{_sbindir}/aureport |
203 |
%attr(0755,root,root) %{_sbindir}/ausearch |
204 |
%attr(0755,root,root) %{_sbindir}/augenrules |
205 |
%attr(0755,root,root) %{_bindir}/aulastlog |
206 |
%attr(0755,root,root) %{_bindir}/aulast |
207 |
%attr(0755,root,root) %{_bindir}/ausyscall |
208 |
%attr(7555,root,root) %{_bindir}/auvirt |
209 |
%attr(0644,root,root) %{_mandir}/man5/audispd.conf.5* |
210 |
%attr(0644,root,root) %{_mandir}/man5/auditd.conf.5* |
211 |
%attr(0644,root,root) %{_mandir}/man5/ausearch-expression.5* |
212 |
%attr(0644,root,root) %{_mandir}/man7/audit.rules.7* |
213 |
%attr(0644,root,root) %{_mandir}/man8/audispd.8* |
214 |
%attr(0644,root,root) %{_mandir}/man8/auditctl.8* |
215 |
%attr(0644,root,root) %{_mandir}/man8/auditd.8* |
216 |
%attr(0644,root,root) %{_mandir}/man8/aulast.8* |
217 |
%attr(0644,root,root) %{_mandir}/man8/aulastlog.8* |
218 |
%attr(6444,root,root) %{_mandir}/man8/auvirt.8.* |
219 |
%attr(6444,root,root) %{_mandir}/man8/augenrules.8* |
220 |
%attr(0644,root,root) %{_mandir}/man8/aureport.8* |
221 |
%attr(0644,root,root) %{_mandir}/man8/ausearch.8* |
222 |
%attr(0644,root,root) %{_mandir}/man8/ausyscall.8* |
223 |
%attr(0644,root,root) %{_mandir}/man8/autrace.8* |
224 |
%attr(0700,root,root) %dir %{_var}/log/audit |
225 |
%{_tmpfilesdir}/%{name}.conf |
226 |
|
227 |
%files -n %{libname} |
228 |
%config(noreplace) %attr(0640,root,root) %{_sysconfdir}/libaudit.conf |
229 |
%{_libdir}/libaudit.so.%{major}{,.*} |
230 |
%attr(0644,root,root) %{_mandir}/man5/libaudit.conf.5* |
231 |
|
232 |
%files -n %{develname} |
233 |
%doc ChangeLog contrib/skeleton.c contrib/plugin |
234 |
%{_libdir}/libaudit.so |
235 |
%{_includedir}/libaudit.h |
236 |
%{_datadir}/aclocal/audit.m4 |
237 |
%{_libdir}/pkgconfig/audit.pc |
238 |
%{_libdir}/pkgconfig/auparse.pc |
239 |
%{_mandir}/man3/audit_* |
240 |
%{_mandir}/man3/ausearch_* |
241 |
%{_mandir}/man3/get_auditfail_action.3* |
242 |
%{_mandir}/man3/set_aumessage_mode.3* |
243 |
|
244 |
%files -n %{auparselibname} |
245 |
%{_libdir}/libauparse.so.%{auparsemajor}{,.*} |
246 |
|
247 |
%files -n %{auparsedevelname} |
248 |
%doc ChangeLog contrib/skeleton.c contrib/plugin |
249 |
%{_libdir}/libauparse.so |
250 |
%{_includedir}/auparse-defs.h |
251 |
%{_includedir}/auparse.h |
252 |
%{_mandir}/man3/auparse_* |
253 |
|
254 |
%files -n python-audit |
255 |
%{python2_sitearch}/*.so |
256 |
%{python2_sitearch}/audit.p* |
257 |
|
258 |
%files -n python3-audit |
259 |
%{python3_sitearch}/* |
260 |
|
261 |
%files -n audispd-plugins |
262 |
%config(noreplace) %attr(0640,root,root) %{_sysconfdir}/audisp/audisp-prelude.conf |
263 |
%config(noreplace) %attr(0640,root,root) %{_sysconfdir}/audisp/audisp-remote.conf |
264 |
%config(noreplace) %attr(0640,root,root) %{_sysconfdir}/audisp/plugins.d/au-prelude.conf |
265 |
%config(noreplace) %attr(0640,root,root) %{_sysconfdir}/audisp/plugins.d/au-remote.conf |
266 |
%attr(0750,root,root) %{_sbindir}/audisp-prelude |
267 |
%attr(0750,root,root) %{_sbindir}/audisp-remote |
268 |
%attr(0644,root,root) %{_mandir}/man5/audisp-prelude.conf.5* |
269 |
%attr(0644,root,root) %{_mandir}/man5/audisp-remote.conf.5* |
270 |
%attr(0644,root,root) %{_mandir}/man8/audisp-prelude.8* |
271 |
%attr(0644,root,root) %{_mandir}/man8/audisp-remote.8* |
272 |
%attr(0750,root,root) %dir %{_var}/spool/audit |
273 |
|
274 |
%files -n audispd-plugins-zos |
275 |
%attr(0644,root,root) %{_mandir}/man8/audispd-zos-remote.8* |
276 |
%attr(0644,root,root) %{_mandir}/man5/zos-remote.conf.5* |
277 |
%config(noreplace) %attr(0640,root,root) %{_sysconfdir}/audisp/plugins.d/audispd-zos-remote.conf |
278 |
%config(noreplace) %attr(0640,root,root) %{_sysconfdir}/audisp/zos-remote.conf |
279 |
%attr(0750,root,root) %{_sbindir}/audispd-zos-remote |