3 %bcond_without kerberos5 # Kerberos V support via heimdal
4 %bcond_without prelude # prelude audisp plugin
5 %bcond_without golang # Go language bindings
6 %bcond_without python # Python bindings (any)
7 %bcond_without python3 # Python 3 bindings
8 %bcond_without zos_remote # zos-remote audisp plugin (LDAP dep)
10 %ifnarch %{ix86} %{x8664} %{arm}
15 %undefine with_python3
17 Summary: User space tools for 2.6 kernel auditing
18 Summary(pl.UTF-8): Narzędzia przestrzeni użytkownika do audytu jąder 2.6
24 Source0: http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
25 # Source0-md5: 72b0fd94d32846142bc472f0d91e62b4
26 Source2: %{name}d.init
27 Source3: %{name}d.sysconfig
28 Patch0: %{name}-install.patch
29 Patch1: %{name}-m4.patch
30 Patch2: %{name}-nolibs.patch
31 Patch3: %{name}-no_zos_remote.patch
32 Patch4: %{name}-systemd-notonly.patch
33 Patch5: %{name}-am.patch
34 Patch6: %{name}-no-refusemanualstop.patch
35 Patch7: %{name}-cronjob.patch
36 Patch8: golang-paths.patch
37 # https://fedorahosted.org/fesco/ticket/1311
38 Patch9: never-audit.patch
39 URL: http://people.redhat.com/sgrubb/audit/
40 BuildRequires: autoconf >= 2.59
41 BuildRequires: automake >= 1:1.9
42 BuildRequires: glibc-headers >= 6:2.3.6
43 %{?with_golang:BuildRequires: golang >= 1.4}
44 %{?with_kerberos5:BuildRequires: heimdal-devel}
45 BuildRequires: libcap-ng-devel
46 %{?with_prelude:BuildRequires: libprelude-devel}
47 BuildRequires: libtool
48 BuildRequires: libwrap-devel
49 BuildRequires: linux-libc-headers >= 7:2.6.30
50 %{?with_zos_remote:BuildRequires: openldap-devel}
52 BuildRequires: python-devel >= 1:2.5
53 BuildRequires: rpm-pythonprov
54 BuildRequires: swig-python
57 BuildRequires: python3-devel
58 BuildRequires: rpm-pythonprov
59 BuildRequires: swig-python
61 BuildRequires: rpmbuild(macros) >= 1.623
62 BuildRequires: sed >= 4.0
63 Requires(post,preun): /sbin/chkconfig
64 Requires(post,preun,postun): systemd-units >= 38
65 Requires: %{name}-libs = %{version}-%{release}
67 Requires: systemd-units >= 38
68 Obsoletes: audit-audispd-plugins
69 Obsoletes: audit-systemd
70 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
72 %define _sbindir /sbin
73 # use /lib, because this path is put in /usr/share/.../settings.py
74 %define _libexecdir %{_prefix}/lib
77 The audit package contains the user space utilities for storing and
78 processing the audit records generate by the audit subsystem in the
81 %description -l pl.UTF-8
82 Ten pakiet zawiera narzędzia przestrzeni użytkownika do przechowywania
83 i przetwarzania rekordów audytu generowanych przez podsystem audytu w
87 Summary: Dynamic audit libraries
88 Summary(pl.UTF-8): Biblioteki dynamiczne audit
93 The audit-libs package contains the dynamic libraries needed for
94 applications to use the audit framework.
96 %description libs -l pl.UTF-8
97 Ten pakiet zawiera biblioteki dynamiczne potrzebne dla aplikacji
98 używających środowiska audytu.
101 Summary: Header files for audit libraries
102 Summary(pl.UTF-8): Pliki nagłówkowe bibliotek audit
104 Group: Development/Libraries
105 Requires: %{name}-libs = %{version}-%{release}
106 Requires: linux-libc-headers >= 7:2.6.30
108 %description libs-devel
109 The audit-libs-devel package contains the header files needed for
110 developing applications that need to use the audit framework library.
112 %description libs-devel -l pl.UTF-8
113 Ten pakiet zawiera pliki nagłówkowe potrzebne do tworzenia aplikacji
114 używających biblioteki środowiska audytu.
117 Summary: Static audit libraries
118 Summary(pl.UTF-8): Statyczne biblioteki audit
120 Group: Development/Libraries
121 Requires: %{name}-libs-devel = %{version}-%{release}
123 %description libs-static
124 The audit-libs-static package contains the static libraries for
125 developing applications that need to use the audit framework.
127 %description libs-static -l pl.UTF-8
128 Ten pakiet zawiera statyczne biblioteki do tworzenia aplikacji
129 używających środowiska audytu.
131 %package plugin-prelude
132 Summary: prelude plugin for audispd
133 Summary(pl.UTF-8): Wtyczka prelude dla audispd
135 Requires: %{name} = %{version}-%{release}
137 %description plugin-prelude
138 audisp-prelude is a plugin for the audit event dispatcher daemon,
139 audispd, that uses libprelude to send IDMEF alerts for possible
140 Intrusion Detection events.
142 %description plugin-prelude -l pl.UTF-8
143 audisp-prelude to wtyczka demona audispd przekazującego zdarzenia
144 audytowe wykorzystująca libprelude do wysyłania alarmów IDMEF o
145 prawdopodobnych zdarzeniach IDS.
147 %package -n golang-audit
148 Summary: Go language interface to libaudit library
149 Summary(pl.UTF-8): Interfejs języka Go do biblioteki libaudit
151 Group: Development/Languages
152 Requires: %{name}-libs = %{version}-%{release}
153 Requires: golang >= 1.4
155 %description -n golang-audit
156 Go language interface to libaudit library.
158 %description -n golang-audit -l pl.UTF-8
159 Interfejs języka Go do biblioteki libaudit.
161 %package -n python-audit
162 Summary: Python 2.x interface to libaudit library
163 Summary(pl.UTF-8): Interfejs Pythona 2.x do biblioteki libaudit
165 Group: Libraries/Python
166 Requires: %{name}-libs = %{version}-%{release}
168 %description -n python-audit
169 Python 2.x interface to libaudit library.
171 %description -n python-audit -l pl.UTF-8
172 Interfejs Pythona 2.x do biblioteki libaudit.
174 %package -n python3-audit
175 Summary: Python 3.x interface to libaudit library
176 Summary(pl.UTF-8): Interfejs Pythona 3.x do biblioteki libaudit
178 Group: Libraries/Python
179 Requires: %{name}-libs = %{version}-%{release}
181 %description -n python3-audit
182 Python 3.x interface to libaudit library.
184 %description -n python3-audit -l pl.UTF-8
185 Interfejs Pythona 3.x do biblioteki libaudit.
192 %{!?with_zos_remote:%patch3 -p1}
200 %if %{without python}
201 sed 's#swig/Makefile ##' -i configure.ac
202 sed 's/swig//' -i Makefile.am
212 %{?with_kerberos5:--enable-gssapi-krb5} \
216 %{?with_prelude:--with-prelude}
221 rm -rf $RPM_BUILD_ROOT
222 install -d $RPM_BUILD_ROOT%{_var}/log/audit
225 DESTDIR=$RPM_BUILD_ROOT
227 install %{SOURCE2} $RPM_BUILD_ROOT/etc/rc.d/init.d/auditd
228 install %{SOURCE3} $RPM_BUILD_ROOT/etc/sysconfig/auditd
230 install -d $RPM_BUILD_ROOT/%{_lib}
231 mv -f $RPM_BUILD_ROOT%{_libdir}/libaudit.so.* $RPM_BUILD_ROOT/%{_lib}
232 ln -sf /%{_lib}/$(basename $RPM_BUILD_ROOT/%{_lib}/libaudit.so.*.*.*) \
233 $RPM_BUILD_ROOT%{_libdir}/libaudit.so
234 mv -f $RPM_BUILD_ROOT%{_libdir}/libauparse.so.* $RPM_BUILD_ROOT/%{_lib}
235 ln -sf /%{_lib}/$(basename $RPM_BUILD_ROOT/%{_lib}/libauparse.so.*.*.*) \
236 $RPM_BUILD_ROOT%{_libdir}/libauparse.so
238 # RH initscripts-specific
239 %{__rm} -r $RPM_BUILD_ROOT%{_libexecdir}/initscripts
242 %py_comp $RPM_BUILD_ROOT%{py_sitedir}
243 %py_ocomp $RPM_BUILD_ROOT%{py_sitedir}
245 %{__rm} $RPM_BUILD_ROOT%{py_sitedir}/*.{la,a}
249 %{__rm} $RPM_BUILD_ROOT%{py3_sitedir}/*.{la,a}
253 rm -rf $RPM_BUILD_ROOT
255 %post libs -p /sbin/ldconfig
256 %postun libs -p /sbin/ldconfig
259 # Copy default rules into place on new installation
260 if [ ! -e %{_sysconfdir}/audit/audit.rules ] ; then
261 cp -a %{_sysconfdir}/audit/rules.d/audit.rules %{_sysconfdir}/audit/audit.rules
263 /sbin/chkconfig --add auditd
264 %service auditd restart "audit daemon"
265 %systemd_post auditd.service
268 if [ "$1" = "0" ]; then
270 /sbin/chkconfig --del auditd
272 %systemd_preun auditd.service
277 %triggerpostun -- %{name} < 2.2-2
278 %systemd_trigger auditd.service
280 %triggerpostun -- %{name} < 2.3-1
281 if [ -e %{_sysconfdir}/audit/audit.rules.rpmsave ] ; then
282 %{__mv} %{_sysconfdir}/audit/audit.rules{.rpmsave,}
284 %service auditd restart "audit daemon"
285 %systemd_post auditd.service
288 %defattr(644,root,root,755)
289 %doc AUTHORS ChangeLog README THANKS TODO
290 %doc contrib/{capp,nispom,lspp,stig}.rules init.d/auditd.cron
291 %attr(750,root,root) %{_bindir}/aulast
292 %attr(750,root,root) %{_bindir}/aulastlog
293 %attr(750,root,root) %{_bindir}/ausyscall
294 %attr(750,root,root) %{_bindir}/auvirt
295 %attr(750,root,root) %{_sbindir}/audispd
296 %attr(750,root,root) %{_sbindir}/auditctl
297 %attr(750,root,root) %{_sbindir}/auditd
298 %attr(750,root,root) %{_sbindir}/augenrules
299 %attr(750,root,root) %{_sbindir}/aureport
300 %attr(750,root,root) %{_sbindir}/ausearch
301 %attr(750,root,root) %{_sbindir}/autrace
302 %attr(755,root,root) %{_sbindir}/audisp-remote
303 %{?with_zos_remote:%attr(755,root,root) %{_sbindir}/audispd-zos-remote}
304 %dir %{_sysconfdir}/audisp
305 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/audispd.conf
306 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/audisp-remote.conf
307 %{?with_zos_remote:%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/zos-remote.conf}
308 %dir %{_sysconfdir}/audisp/plugins.d
309 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/plugins.d/af_unix.conf
310 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/plugins.d/au-remote.conf
311 %{?with_zos_remote:%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/plugins.d/audispd-zos-remote.conf}
312 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/plugins.d/syslog.conf
313 %dir %{_sysconfdir}/audit
314 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audit/auditd.conf
315 %dir %{_sysconfdir}/audit/rules.d
316 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audit/rules.d/audit.rules
317 %attr(754,root,root) /etc/rc.d/init.d/auditd
318 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/sysconfig/auditd
319 %{systemdunitdir}/auditd.service
320 %attr(750,root,root) %dir %{_var}/log/audit
321 %{_mandir}/man5/audispd.conf.5*
322 %{_mandir}/man5/audisp-remote.conf.5*
323 %{_mandir}/man5/auditd.conf.5*
324 %{_mandir}/man5/ausearch-expression.5*
325 %{?with_zos_remote:%{_mandir}/man5/zos-remote.conf.5*}
326 %{_mandir}/man7/audit.rules.7*
327 %{_mandir}/man8/audisp-remote.8*
328 %{?with_zos_remote:%{_mandir}/man8/audispd-zos-remote.8*}
329 %{_mandir}/man8/audispd.8*
330 %{_mandir}/man8/auditctl.8*
331 %{_mandir}/man8/auditd.8*
332 %{_mandir}/man8/augenrules.8*
333 %{_mandir}/man8/aulast.8*
334 %{_mandir}/man8/aulastlog.8*
335 %{_mandir}/man8/aureport.8*
336 %{_mandir}/man8/ausearch.8*
337 %{_mandir}/man8/ausyscall.8*
338 %{_mandir}/man8/autrace.8*
339 %{_mandir}/man8/auvirt.8*
342 %defattr(644,root,root,755)
343 %attr(755,root,root) /%{_lib}/libaudit.so.*.*.*
344 %attr(755,root,root) %ghost /%{_lib}/libaudit.so.1
345 %attr(755,root,root) /%{_lib}/libauparse.so.*.*.*
346 %attr(755,root,root) %ghost /%{_lib}/libauparse.so.0
347 %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/libaudit.conf
348 %{_mandir}/man5/libaudit.conf.5*
351 %defattr(644,root,root,755)
352 %attr(755,root,root) %{_libdir}/libaudit.so
353 %attr(755,root,root) %{_libdir}/libauparse.so
354 %{_libdir}/libaudit.la
355 %{_libdir}/libauparse.la
356 %{_includedir}/auparse*.h
357 %{_includedir}/libaudit.h
358 %{_pkgconfigdir}/audit.pc
359 %{_pkgconfigdir}/auparse.pc
360 %{_mandir}/man3/audit_*.3*
361 %{_mandir}/man3/auparse_*.3*
362 %{_mandir}/man3/ausearch_*.3*
363 %{_mandir}/man3/get_auditfail_action.3*
364 %{_mandir}/man3/set_aumessage_mode.3*
367 %defattr(644,root,root,755)
368 %{_libdir}/libaudit.a
369 %{_libdir}/libauparse.a
372 %files plugin-prelude
373 %defattr(644,root,root,755)
374 %attr(755,root,root) %{_sbindir}/audisp-prelude
375 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/audisp-prelude.conf
376 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/plugins.d/au-prelude.conf
377 %{_mandir}/man5/audisp-prelude.conf.5*
378 %{_mandir}/man8/audisp-prelude.8*
382 %files -n golang-audit
383 %defattr(644,root,root,755)
384 %dir %{_libdir}/golang/src/redhat.com
385 %{_libdir}/golang/src/redhat.com/audit
389 %files -n python-audit
390 %defattr(644,root,root,755)
391 %attr(755,root,root) %{py_sitedir}/_audit.so
392 %attr(755,root,root) %{py_sitedir}/auparse.so
393 %{py_sitedir}/audit.py[co]
397 %files -n python3-audit
398 %defattr(644,root,root,755)
399 %attr(755,root,root) %{py3_sitedir}/_audit.so
400 %attr(755,root,root) %{py3_sitedir}/auparse.so
401 %{py3_sitedir}/audit.py