1 # TODO: revise our auditd.service vs upstream version
4 %bcond_without kerberos5 # do not build with heimdal
5 %bcond_without pie # auditd as PIE binary
6 %bcond_without prelude # prelude audisp plugin
7 %bcond_without python # don't build python bindings
8 %bcond_without zos_remote # do not build zos-remote audisp plugin (LDAP dep)
10 Summary: User space tools for 2.6 kernel auditing
11 Summary(pl.UTF-8): Narzędzia przestrzeni użytkownika do audytu jąder 2.6
17 Source0: http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
18 # Source0-md5: 4cdd3756f7b7122fc1a3e4627f01b446
19 Source2: %{name}d.init
20 Source3: %{name}d.sysconfig
21 Source4: %{name}d.service
22 Patch0: %{name}-install.patch
23 Patch1: %{name}-m4.patch
24 Patch2: %{name}-nolibs.patch
25 Patch3: %{name}-no_zos_remote.patch
26 Patch4: %{name}-systemd-notonly.patch
27 Patch5: %{name}-am.patch
28 URL: http://people.redhat.com/sgrubb/audit/
29 BuildRequires: autoconf >= 2.59
30 BuildRequires: automake >= 1:1.9
31 %{?with_pie:BuildRequires: gcc >= 5:3.4}
32 BuildRequires: glibc-headers >= 6:2.3.6
33 %{?with_kerberos5:BuildRequires: heimdal-devel}
34 BuildRequires: libcap-ng-devel
35 %{?with_prelude:BuildRequires: libprelude-devel}
36 BuildRequires: libtool
37 BuildRequires: libwrap-devel
38 BuildRequires: linux-libc-headers >= 7:2.6.30
39 %{?with_zos_remote:BuildRequires: openldap-devel}
41 BuildRequires: python-devel >= 1:2.5
42 BuildRequires: rpm-pythonprov
43 BuildRequires: swig-python
45 BuildRequires: rpmbuild(macros) >= 1.623
46 BuildRequires: sed >= 4.0
47 Requires(post,preun): /sbin/chkconfig
48 Requires(post,preun,postun): systemd-units >= 38
49 Requires: %{name}-libs = %{version}-%{release}
51 Requires: systemd-units >= 38
52 Obsoletes: audit-audispd-plugins
53 Obsoletes: audit-systemd
54 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
56 %define _sbindir /sbin
57 # use /lib, because this path is put in /usr/share/.../settings.py
58 %define _libexecdir %{_prefix}/lib
61 The audit package contains the user space utilities for storing and
62 processing the audit records generate by the audit subsystem in the
65 %description -l pl.UTF-8
66 Ten pakiet zawiera narzędzia przestrzeni użytkownika do przechowywania
67 i przetwarzania rekordów audytu generowanych przez podsystem audytu w
71 Summary: Dynamic audit libraries
72 Summary(pl.UTF-8): Biblioteki dynamiczne audit
77 The audit-libs package contains the dynamic libraries needed for
78 applications to use the audit framework.
80 %description libs -l pl.UTF-8
81 Ten pakiet zawiera biblioteki dynamiczne potrzebne dla aplikacji
82 używających środowiska audytu.
85 Summary: Header files for audit libraries
86 Summary(pl.UTF-8): Pliki nagłówkowe bibliotek audit
88 Group: Development/Libraries
89 Requires: %{name}-libs = %{version}-%{release}
90 Requires: linux-libc-headers >= 7:2.6.30
92 %description libs-devel
93 The audit-libs-devel package contains the header files needed for
94 developing applications that need to use the audit framework library.
96 %description libs-devel -l pl.UTF-8
97 Ten pakiet zawiera pliki nagłówkowe potrzebne do tworzenia aplikacji
98 używających biblioteki środowiska audytu.
101 Summary: Static audit libraries
102 Summary(pl.UTF-8): Statyczne biblioteki audit
104 Group: Development/Libraries
105 Requires: %{name}-libs-devel = %{version}-%{release}
107 %description libs-static
108 The audit-libs-static package contains the static libraries for
109 developing applications that need to use the audit framework.
111 %description libs-static -l pl.UTF-8
112 Ten pakiet zawiera statyczne biblioteki do tworzenia aplikacji
113 używających środowiska audytu.
115 %package plugin-prelude
116 Summary: prelude plugin for audispd
117 Summary(pl.UTF-8): Wtyczka prelude dla audispd
119 Requires: %{name} = %{version}-%{release}
121 %description plugin-prelude
122 audisp-prelude is a plugin for the audit event dispatcher daemon,
123 audispd, that uses libprelude to send IDMEF alerts for possible
124 Intrusion Detection events.
126 %description plugin-prelude -l pl.UTF-8
127 audisp-prelude to wtyczka demona audispd przekazującego zdarzenia
128 audytowe wykorzystująca libprelude do wysyłania alarmów IDMEF o
129 prawdopodobnych zdarzeniach IDS.
131 %package -n python-audit
132 Summary: Python interface to libaudit library
133 Summary(pl.UTF-8): Pythonowy interfejs do biblioteki libaudit
135 Group: Libraries/Python
136 Requires: %{name}-libs = %{version}-%{release}
138 %description -n python-audit
139 Python interface to libaudit library.
141 %description -n python-audit -l pl.UTF-8
142 Pythonowy interfejs do biblioteki libaudit.
149 %{!?with_zos_remote:%patch3 -p1}
153 %if %{without python}
154 sed 's#swig/Makefile ##' -i configure.ac
155 sed 's/swig//' -i Makefile.am
165 %{?with_kerberos5:--enable-gssapi-krb5} \
169 %{?with_prelude:--with-prelude}
170 # override auditd_{C,LD}FLAGS to avoid -fPIE unsupported by gcc 3.3
172 %{!?with_pie:auditd_CFLAGS="-D_REENTRANT -D_GNU_SOURCE" auditd_LDFLAGS="-Wl,-z,relro"}
174 # temporarily not included in all
178 rm -rf $RPM_BUILD_ROOT
179 install -d $RPM_BUILD_ROOT%{_var}/log/audit
182 DESTDIR=$RPM_BUILD_ROOT
184 # temporarily not included in all
185 %{__make} -C auparse install \
186 DESTDIR=$RPM_BUILD_ROOT
188 install -d $RPM_BUILD_ROOT/%{_lib}
189 mv -f $RPM_BUILD_ROOT%{_libdir}/libaudit.so.* $RPM_BUILD_ROOT/%{_lib}
190 ln -sf /%{_lib}/$(basename $RPM_BUILD_ROOT/%{_lib}/libaudit.so.*.*.*) \
191 $RPM_BUILD_ROOT%{_libdir}/libaudit.so
192 mv -f $RPM_BUILD_ROOT%{_libdir}/libauparse.so.* $RPM_BUILD_ROOT/%{_lib}
193 ln -sf /%{_lib}/$(basename $RPM_BUILD_ROOT/%{_lib}/libauparse.so.*.*.*) \
194 $RPM_BUILD_ROOT%{_libdir}/libauparse.so
196 # We manually install this since Makefile doesn't
197 install -d $RPM_BUILD_ROOT{%{_includedir},%{systemdunitdir}}
198 install lib/libaudit.h $RPM_BUILD_ROOT%{_includedir}
200 install %{SOURCE2} $RPM_BUILD_ROOT/etc/rc.d/init.d/auditd
201 install %{SOURCE3} $RPM_BUILD_ROOT/etc/sysconfig/auditd
202 install %{SOURCE4} $RPM_BUILD_ROOT%{systemdunitdir}
205 %py_comp $RPM_BUILD_ROOT%{py_sitedir}
206 %py_ocomp $RPM_BUILD_ROOT%{py_sitedir}
207 %{__rm} $RPM_BUILD_ROOT%{py_sitedir}/*.py
208 %{__rm} $RPM_BUILD_ROOT%{py_sitedir}/*.{la,a}
212 rm -rf $RPM_BUILD_ROOT
214 %post libs -p /sbin/ldconfig
215 %postun libs -p /sbin/ldconfig
218 /sbin/chkconfig --add auditd
219 %service auditd restart "audit daemon"
220 %systemd_post auditd.service
223 if [ "$1" = "0" ]; then
225 /sbin/chkconfig --del auditd
227 %systemd_preun auditd.service
232 %triggerpostun -- %{name} < 2.2-2
233 %systemd_trigger auditd.service
236 %defattr(644,root,root,755)
237 %doc AUTHORS ChangeLog README THANKS TODO
238 %attr(750,root,root) %{_bindir}/aulast
239 %attr(750,root,root) %{_bindir}/aulastlog
240 %attr(750,root,root) %{_bindir}/ausyscall
241 %attr(750,root,root) %{_bindir}/auvirt
242 %attr(750,root,root) %{_sbindir}/audispd
243 %attr(750,root,root) %{_sbindir}/auditctl
244 %attr(750,root,root) %{_sbindir}/auditd
245 %attr(750,root,root) %{_sbindir}/aureport
246 %attr(750,root,root) %{_sbindir}/ausearch
247 %attr(750,root,root) %{_sbindir}/autrace
248 %attr(755,root,root) %{_sbindir}/audisp-remote
249 %{?with_zos_remote:%attr(755,root,root) %{_sbindir}/audispd-zos-remote}
250 %dir %{_sysconfdir}/audisp
251 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/audispd.conf
252 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/audisp-remote.conf
253 %{?with_zos_remote:%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/zos-remote.conf}
254 %dir %{_sysconfdir}/audisp/plugins.d
255 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/plugins.d/af_unix.conf
256 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/plugins.d/au-remote.conf
257 %{?with_zos_remote:%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/plugins.d/audispd-zos-remote.conf}
258 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/plugins.d/syslog.conf
259 %dir %{_sysconfdir}/audit
260 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audit/auditd.conf
261 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audit/audit.rules
262 %attr(754,root,root) /etc/rc.d/init.d/auditd
263 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/sysconfig/auditd
264 %{systemdunitdir}/auditd.service
265 %attr(750,root,root) %dir %{_var}/log/audit
266 %{_mandir}/man5/audispd.conf.5*
267 %{_mandir}/man5/audisp-remote.conf.5*
268 %{_mandir}/man5/auditd.conf.5*
269 %{_mandir}/man5/ausearch-expression.5*
270 %{?with_zos_remote:%{_mandir}/man5/zos-remote.conf.5*}
271 %{_mandir}/man7/audit.rules.7*
272 %{_mandir}/man8/audisp-remote.8*
273 %{?with_zos_remote:%{_mandir}/man8/audispd-zos-remote.8*}
274 %{_mandir}/man8/audispd.8*
275 %{_mandir}/man8/auditctl.8*
276 %{_mandir}/man8/auditd.8*
277 %{_mandir}/man8/aulast.8*
278 %{_mandir}/man8/aulastlog.8*
279 %{_mandir}/man8/aureport.8*
280 %{_mandir}/man8/ausearch.8*
281 %{_mandir}/man8/ausyscall.8*
282 %{_mandir}/man8/autrace.8*
283 %{_mandir}/man8/auvirt.8*
286 %defattr(644,root,root,755)
287 %attr(755,root,root) /%{_lib}/libaudit.so.*.*.*
288 %attr(755,root,root) %ghost /%{_lib}/libaudit.so.1
289 %attr(755,root,root) /%{_lib}/libauparse.so.*.*.*
290 %attr(755,root,root) %ghost /%{_lib}/libauparse.so.0
291 %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/libaudit.conf
292 %{_mandir}/man5/libaudit.conf.5*
295 %defattr(644,root,root,755)
296 %attr(755,root,root) %{_libdir}/libaudit.so
297 %attr(755,root,root) %{_libdir}/libauparse.so
298 %{_libdir}/libaudit.la
299 %{_libdir}/libauparse.la
300 %{_includedir}/auparse*.h
301 %{_includedir}/libaudit.h
302 %{_mandir}/man3/audit_*.3*
303 %{_mandir}/man3/auparse_*.3*
304 %{_mandir}/man3/ausearch_*.3*
305 %{_mandir}/man3/get_auditfail_action.3*
306 %{_mandir}/man3/set_aumessage_mode.3*
309 %defattr(644,root,root,755)
310 %{_libdir}/libaudit.a
311 %{_libdir}/libauparse.a
314 %files plugin-prelude
315 %defattr(644,root,root,755)
316 %attr(755,root,root) %{_sbindir}/audisp-prelude
317 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/audisp-prelude.conf
318 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/plugins.d/au-prelude.conf
319 %{_mandir}/man5/audisp-prelude.conf.5*
320 %{_mandir}/man8/audisp-prelude.8*
324 %files -n python-audit
325 %defattr(644,root,root,755)
326 %attr(755,root,root) %{py_sitedir}/_audit.so
327 %attr(755,root,root) %{py_sitedir}/auparse.so
328 %{py_sitedir}/audit.py[co]