X-Git-Url: http://git.pld-linux.org/?a=blobdiff_plain;f=audit.spec;h=9f4529ca46118c9af1ff98fe170942cbf5e39cb4;hb=ed6d8753c01f2a8cfc274feb0ff01959630bd02a;hp=ee76bd39d6455e253fb4fe6adb422246560ac48c;hpb=ff8fccf2efab81c1945d07908e08a3dff4730443;p=packages%2Faudit.git

diff --git a/audit.spec b/audit.spec
index ee76bd3..9f4529c 100644
--- a/audit.spec
+++ b/audit.spec
@@ -1,44 +1,72 @@
 #
 # Conditional build:
-%bcond_without	pie	# auditd as PIE binary
-%bcond_without	prelude	# prelude audisp plugin
-%bcond_without	python	# don't build python bindings
-#
+%bcond_without	kerberos5	# Kerberos V support via heimdal
+%bcond_without	prelude		# prelude audisp plugin
+%bcond_without	golang		# Go language bindings
+%bcond_without	python		# Python bindings (any)
+%bcond_without	python3		# Python 3 bindings
+%bcond_without	zos_remote	# zos-remote audisp plugin (LDAP dep)
+
+%ifnarch %{ix86} %{x8664} %{arm}
+%undefine	with_golang
+%endif
+
+%if %{without python}
+%undefine	with_python3
+%endif
 Summary:	User space tools for 2.6 kernel auditing
 Summary(pl.UTF-8):	Narzędzia przestrzeni użytkownika do audytu jąder 2.6
 Name:		audit
-Version:	1.7.11
-Release:	3
+Version:	2.4.4
+Release:	5
 License:	GPL v2+
 Group:		Daemons
 Source0:	http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
-# Source0-md5:	63c7f935e390d874142ed6095f699958
+# Source0-md5:	72b0fd94d32846142bc472f0d91e62b4
 Source2:	%{name}d.init
 Source3:	%{name}d.sysconfig
 Patch0:		%{name}-install.patch
+Patch1:		%{name}-m4.patch
+Patch2:		%{name}-nolibs.patch
+Patch3:		%{name}-no_zos_remote.patch
+Patch4:		%{name}-systemd-notonly.patch
+Patch5:		%{name}-am.patch
+Patch6:		%{name}-no-refusemanualstop.patch
+Patch7:		%{name}-cronjob.patch
+Patch8:		golang-paths.patch
+# https://fedorahosted.org/fesco/ticket/1311
+Patch9:		never-audit.patch
 URL:		http://people.redhat.com/sgrubb/audit/
 BuildRequires:	autoconf >= 2.59
 BuildRequires:	automake >= 1:1.9
-%{?with_pie:BuildRequires:	gcc >= 5:3.4}
-BuildRequires:	gettext-devel >= 0.14.6
 BuildRequires:	glibc-headers >= 6:2.3.6
-BuildRequires:	intltool
-BuildRequires:	libstdc++-devel
+%{?with_golang:BuildRequires:	golang >= 1.4}
+%{?with_kerberos5:BuildRequires:	heimdal-devel}
+BuildRequires:	libcap-ng-devel
 %{?with_prelude:BuildRequires:	libprelude-devel}
 BuildRequires:	libtool
-BuildRequires:	linux-libc-headers >= 7:2.6.20
-BuildRequires:	openldap-devel
+BuildRequires:	libwrap-devel
+BuildRequires:	linux-libc-headers >= 7:2.6.30
+%{?with_zos_remote:BuildRequires:	openldap-devel}
 %if %{with python}
 BuildRequires:	python-devel >= 1:2.5
 BuildRequires:	rpm-pythonprov
 BuildRequires:	swig-python
 %endif
-BuildRequires:	rpmbuild(macros) >= 1.268
+%if %{with python3}
+BuildRequires:	python3-devel
+BuildRequires:	rpm-pythonprov
+BuildRequires:	swig-python
+%endif
+BuildRequires:	rpmbuild(macros) >= 1.623
 BuildRequires:	sed >= 4.0
 Requires(post,preun):	/sbin/chkconfig
+Requires(post,preun,postun):	systemd-units >= 38
 Requires:	%{name}-libs = %{version}-%{release}
 Requires:	rc-scripts
+Requires:	systemd-units >= 38
 Obsoletes:	audit-audispd-plugins
+Obsoletes:	audit-systemd
 BuildRoot:	%{tmpdir}/%{name}-%{version}-root-%(id -u -n)
 
 %define		_sbindir	/sbin
@@ -75,7 +103,7 @@ Summary(pl.UTF-8):	Pliki nagłówkowe bibliotek audit
 License:	LGPL v2.1+
 Group:		Development/Libraries
 Requires:	%{name}-libs = %{version}-%{release}
-Requires:	linux-libc-headers >= 7:2.6.20
+Requires:	linux-libc-headers >= 7:2.6.30
 
 %description libs-devel
 The audit-libs-devel package contains the header files needed for
@@ -116,69 +144,78 @@ audisp-prelude to wtyczka demona audispd przekazującego zdarzenia
 audytowe wykorzystująca libprelude do wysyłania alarmów IDMEF o
 prawdopodobnych zdarzeniach IDS.
 
+%package -n golang-audit
+Summary:	Go language interface to libaudit library
+Summary(pl.UTF-8):	Interfejs języka Go do biblioteki libaudit
+License:	LGPL v2.1+
+Group:		Development/Languages
+Requires:	%{name}-libs = %{version}-%{release}
+Requires:	golang >= 1.4
+
+%description -n golang-audit
+Go language interface to libaudit library.
+
+%description -n golang-audit -l pl.UTF-8
+Interfejs języka Go do biblioteki libaudit.
+
 %package -n python-audit
-Summary:	Python interface to libaudit library
-Summary(pl.UTF-8):	Pythonowy interfejs do biblioteki libaudit
+Summary:	Python 2.x interface to libaudit library
+Summary(pl.UTF-8):	Interfejs Pythona 2.x do biblioteki libaudit
 License:	LGPL v2.1+
 Group:		Libraries/Python
 Requires:	%{name}-libs = %{version}-%{release}
 
 %description -n python-audit
-Python interface to libaudit library.
+Python 2.x interface to libaudit library.
 
 %description -n python-audit -l pl.UTF-8
-Pythonowy interfejs do biblioteki libaudit.
+Interfejs Pythona 2.x do biblioteki libaudit.
 
-%package -n system-config-audit
-Summary:	Utility for editing audit configuration
-Summary(pl.UTF-8):	Narzędzie do zmiany konfiguracji audytu
-License:	GPL v2
-Group:		Applications/System
-Requires:	%{name} = %{version}-%{release}
-Version:	0.4.8
-Requires:	python-pygtk-glade >= 2:2.0
-Requires:	usermode
-#Requires:	usermode-gtk	???
+%package -n python3-audit
+Summary:	Python 3.x interface to libaudit library
+Summary(pl.UTF-8):	Interfejs Pythona 3.x do biblioteki libaudit
+License:	LGPL v2.1+
+Group:		Libraries/Python
+Requires:	%{name}-libs = %{version}-%{release}
 
-%description -n system-config-audit
-An utility for editing audit configuration.
+%description -n python3-audit
+Python 3.x interface to libaudit library.
 
-%description -n system-config-audit -l pl.UTF-8
-Narzędzie do zmiany konfiguracji audytu.
+%description -n python3-audit -l pl.UTF-8
+Interfejs Pythona 3.x do biblioteki libaudit.
 
 %prep
 %setup -q
 %patch0 -p1
-
-%if !%{with python}
+%patch1 -p1
+%patch2 -p1
+%{!?with_zos_remote:%patch3 -p1}
+%patch4 -p1
+%patch5 -p1
+%patch6 -p1
+%patch7 -p1
+%patch8 -p1
+%patch9 -p1
+
+%if %{without python}
 sed 's#swig/Makefile ##' -i configure.ac
 sed 's/swig//' -i Makefile.am
 %endif
 
-sed -i -e 's,/main\.py,/main.pyc,' system-config-audit/src/system-config-audit.in
-
 %build
 %{__libtoolize}
 %{__aclocal}
 %{__autoconf}
 %{__autoheader}
 %{__automake}
-cd system-config-audit
-%{__libtoolize}
-%{__aclocal}
-%{__autoconf}
-%{__autoheader}
-%{__automake}
-cd ..
 %configure \
+	%{?with_kerberos5:--enable-gssapi-krb5} \
+	--enable-systemd \
 	--with-apparmor \
+	--with-libwrap \
 	%{?with_prelude:--with-prelude}
-# override auditd_{C,LD}FLAGS to avoid -fPIE unsupported by gcc 3.3
-%{__make} \
-	%{!?with_pie:auditd_CFLAGS="-D_REENTRANT -D_GNU_SOURCE" auditd_LDFLAGS="-Wl,-z,relro"}
 
-# temporarily not included in all
-%{__make} -C auparse
+%{__make}
 
 %install
 rm -rf $RPM_BUILD_ROOT
@@ -187,9 +224,8 @@ install -d $RPM_BUILD_ROOT%{_var}/log/audit
 %{__make} install \
 	DESTDIR=$RPM_BUILD_ROOT
 
-# temporarily not included in all
-%{__make} -C auparse install \
-	DESTDIR=$RPM_BUILD_ROOT
+install %{SOURCE2} $RPM_BUILD_ROOT/etc/rc.d/init.d/auditd
+install %{SOURCE3} $RPM_BUILD_ROOT/etc/sysconfig/auditd
 
 install -d $RPM_BUILD_ROOT/%{_lib}
 mv -f $RPM_BUILD_ROOT%{_libdir}/libaudit.so.* $RPM_BUILD_ROOT/%{_lib}
@@ -199,21 +235,18 @@ mv -f $RPM_BUILD_ROOT%{_libdir}/libauparse.so.* $RPM_BUILD_ROOT/%{_lib}
 ln -sf /%{_lib}/$(basename $RPM_BUILD_ROOT/%{_lib}/libauparse.so.*.*.*) \
 	$RPM_BUILD_ROOT%{_libdir}/libauparse.so
 
-# We manually install this since Makefile doesn't
-install -d $RPM_BUILD_ROOT%{_includedir}
-install lib/libaudit.h $RPM_BUILD_ROOT%{_includedir}
-
-install %{SOURCE2} $RPM_BUILD_ROOT/etc/rc.d/init.d/auditd
-install %{SOURCE3} $RPM_BUILD_ROOT/etc/sysconfig/auditd
+# RH initscripts-specific
+%{__rm} -r $RPM_BUILD_ROOT%{_libexecdir}/initscripts
 
 %if %{with python}
-%py_comp $RPM_BUILD_ROOT%{py_sitescriptdir}
-%py_ocomp $RPM_BUILD_ROOT%{py_sitescriptdir}
-rm -f $RPM_BUILD_ROOT%{py_sitescriptdir}/*.py
-rm -f $RPM_BUILD_ROOT%{py_sitedir}/*.{la,a}
+%py_comp $RPM_BUILD_ROOT%{py_sitedir}
+%py_ocomp $RPM_BUILD_ROOT%{py_sitedir}
+%py_postclean
+%{__rm} $RPM_BUILD_ROOT%{py_sitedir}/*.{la,a}
+%endif
 
-%py_postclean $RPM_BUILD_ROOT%{_datadir}/system-config-audit
-%find_lang system-config-audit
+%if %{with python3}
+%{__rm} $RPM_BUILD_ROOT%{py3_sitedir}/*.{la,a}
 %endif
 
 %clean
@@ -223,68 +256,96 @@ rm -rf $RPM_BUILD_ROOT
 %postun	libs -p /sbin/ldconfig
 
 %post
+# Copy default rules into place on new installation
+if [ ! -e %{_sysconfdir}/audit/audit.rules ] ; then
+	cp -a %{_sysconfdir}/audit/rules.d/audit.rules %{_sysconfdir}/audit/audit.rules
+fi
 /sbin/chkconfig --add auditd
 %service auditd restart "audit daemon"
+%systemd_post auditd.service
 
 %preun
 if [ "$1" = "0" ]; then
 	%service auditd stop
 	/sbin/chkconfig --del auditd
 fi
+%systemd_preun auditd.service
+
+%postun
+%systemd_reload
+
+%triggerpostun -- %{name} < 2.2-2
+%systemd_trigger auditd.service
+
+%triggerpostun -- %{name} < 2.3-1
+if [ -e %{_sysconfdir}/audit/audit.rules.rpmsave ] ; then
+	%{__mv} %{_sysconfdir}/audit/audit.rules{.rpmsave,}
+fi
+%service auditd restart "audit daemon"
+%systemd_post auditd.service
 
 %files
 %defattr(644,root,root,755)
 %doc AUTHORS ChangeLog README THANKS TODO
+%doc contrib/{capp,nispom,lspp,stig}.rules init.d/auditd.cron
 %attr(750,root,root) %{_bindir}/aulast
 %attr(750,root,root) %{_bindir}/aulastlog
 %attr(750,root,root) %{_bindir}/ausyscall
+%attr(750,root,root) %{_bindir}/auvirt
 %attr(750,root,root) %{_sbindir}/audispd
 %attr(750,root,root) %{_sbindir}/auditctl
 %attr(750,root,root) %{_sbindir}/auditd
+%attr(750,root,root) %{_sbindir}/augenrules
 %attr(750,root,root) %{_sbindir}/aureport
 %attr(750,root,root) %{_sbindir}/ausearch
 %attr(750,root,root) %{_sbindir}/autrace
 %attr(755,root,root) %{_sbindir}/audisp-remote
-%attr(755,root,root) %{_sbindir}/audispd-zos-remote
+%{?with_zos_remote:%attr(755,root,root) %{_sbindir}/audispd-zos-remote}
 %dir %{_sysconfdir}/audisp
 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/audispd.conf
 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/audisp-remote.conf
-%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/zos-remote.conf
+%{?with_zos_remote:%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/zos-remote.conf}
 %dir %{_sysconfdir}/audisp/plugins.d
 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/plugins.d/af_unix.conf
 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/plugins.d/au-remote.conf
-%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/plugins.d/audispd-zos-remote.conf
+%{?with_zos_remote:%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/plugins.d/audispd-zos-remote.conf}
 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/plugins.d/syslog.conf
 %dir %{_sysconfdir}/audit
 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audit/auditd.conf
-%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audit/audit.rules
+%dir %{_sysconfdir}/audit/rules.d
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audit/rules.d/audit.rules
 %attr(754,root,root) /etc/rc.d/init.d/auditd
 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/sysconfig/auditd
+%{systemdunitdir}/auditd.service
 %attr(750,root,root) %dir %{_var}/log/audit
 %{_mandir}/man5/audispd.conf.5*
 %{_mandir}/man5/audisp-remote.conf.5*
 %{_mandir}/man5/auditd.conf.5*
 %{_mandir}/man5/ausearch-expression.5*
-%{_mandir}/man5/zos-remote.conf.5*
+%{?with_zos_remote:%{_mandir}/man5/zos-remote.conf.5*}
+%{_mandir}/man7/audit.rules.7*
 %{_mandir}/man8/audisp-remote.8*
-%{_mandir}/man8/audispd-zos-remote.8*
+%{?with_zos_remote:%{_mandir}/man8/audispd-zos-remote.8*}
 %{_mandir}/man8/audispd.8*
 %{_mandir}/man8/auditctl.8*
 %{_mandir}/man8/auditd.8*
+%{_mandir}/man8/augenrules.8*
 %{_mandir}/man8/aulast.8*
 %{_mandir}/man8/aulastlog.8*
 %{_mandir}/man8/aureport.8*
 %{_mandir}/man8/ausearch.8*
 %{_mandir}/man8/ausyscall.8*
 %{_mandir}/man8/autrace.8*
+%{_mandir}/man8/auvirt.8*
 
 %files libs
 %defattr(644,root,root,755)
 %attr(755,root,root) /%{_lib}/libaudit.so.*.*.*
-%attr(755,root,root) %ghost /%{_lib}/libaudit.so.0
+%attr(755,root,root) %ghost /%{_lib}/libaudit.so.1
 %attr(755,root,root) /%{_lib}/libauparse.so.*.*.*
 %attr(755,root,root) %ghost /%{_lib}/libauparse.so.0
 %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/libaudit.conf
+%{_mandir}/man5/libaudit.conf.5*
 
 %files libs-devel
 %defattr(644,root,root,755)
@@ -294,6 +355,8 @@ fi
 %{_libdir}/libauparse.la
 %{_includedir}/auparse*.h
 %{_includedir}/libaudit.h
+%{_pkgconfigdir}/audit.pc
+%{_pkgconfigdir}/auparse.pc
 %{_mandir}/man3/audit_*.3*
 %{_mandir}/man3/auparse_*.3*
 %{_mandir}/man3/ausearch_*.3*
@@ -315,17 +378,25 @@ fi
 %{_mandir}/man8/audisp-prelude.8*
 %endif
 
+%if %{with golang}
+%files -n golang-audit
+%defattr(644,root,root,755)
+%dir %{_libdir}/golang/src/redhat.com
+%{_libdir}/golang/src/redhat.com/audit
+%endif
+
 %if %{with python}
 %files -n python-audit
 %defattr(644,root,root,755)
 %attr(755,root,root) %{py_sitedir}/_audit.so
 %attr(755,root,root) %{py_sitedir}/auparse.so
-%{py_sitescriptdir}/audit.py[co]
+%{py_sitedir}/audit.py[co]
+%endif
 
-%files -n system-config-audit -f system-config-audit.lang
+%if %{with python3}
+%files -n python3-audit
 %defattr(644,root,root,755)
-%attr(755,root,root) %{_bindir}/system-config-audit
-%attr(755,root,root) %{_libexecdir}/system-config-audit-server
-%{_datadir}/system-config-audit
-%{_desktopdir}/system-config-audit.desktop
+%attr(755,root,root) %{py3_sitedir}/_audit.so
+%attr(755,root,root) %{py3_sitedir}/auparse.so
+%{py3_sitedir}/audit.py
 %endif