3 %bcond_without kerberos5 # Kerberos V support via heimdal
4 %bcond_without prelude # prelude audisp plugin
5 %bcond_without golang # Go language bindings
6 %bcond_without python # Python bindings
7 %bcond_without zos_remote # zos-remote audisp plugin (LDAP dep)
9 %ifnarch %{ix86} %{x8664} %{arm}
13 Summary: User space tools for 2.6 kernel auditing
14 Summary(pl.UTF-8): Narzędzia przestrzeni użytkownika do audytu jąder 2.6
20 Source0: http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
21 # Source0-md5: 03a73041e2de853148b2bca67a1d9138
22 Source2: %{name}d.init
23 Source3: %{name}d.sysconfig
24 Patch0: %{name}-install.patch
25 Patch1: %{name}-m4.patch
26 Patch2: %{name}-nolibs.patch
27 Patch3: %{name}-no_zos_remote.patch
28 Patch4: %{name}-systemd-notonly.patch
29 Patch5: %{name}-am.patch
30 Patch6: %{name}-no-refusemanualstop.patch
31 Patch7: %{name}-cronjob.patch
32 Patch8: golang-paths.patch
33 # https://fedorahosted.org/fesco/ticket/1311
34 Patch9: never-audit.patch
35 URL: http://people.redhat.com/sgrubb/audit/
36 BuildRequires: autoconf >= 2.59
37 BuildRequires: automake >= 1:1.9
38 BuildRequires: glibc-headers >= 6:2.3.6
39 %{?with_golang:BuildRequires: golang}
40 %{?with_kerberos5:BuildRequires: heimdal-devel}
41 BuildRequires: libcap-ng-devel
42 %{?with_prelude:BuildRequires: libprelude-devel}
43 BuildRequires: libtool
44 BuildRequires: libwrap-devel
45 BuildRequires: linux-libc-headers >= 7:2.6.30
46 %{?with_zos_remote:BuildRequires: openldap-devel}
48 BuildRequires: python-devel >= 1:2.5
49 BuildRequires: rpm-pythonprov
50 BuildRequires: swig-python
52 BuildRequires: rpmbuild(macros) >= 1.623
53 BuildRequires: sed >= 4.0
54 Requires(post,preun): /sbin/chkconfig
55 Requires(post,preun,postun): systemd-units >= 38
56 Requires: %{name}-libs = %{version}-%{release}
58 Requires: systemd-units >= 38
59 Obsoletes: audit-audispd-plugins
60 Obsoletes: audit-systemd
61 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
63 %define _sbindir /sbin
64 # use /lib, because this path is put in /usr/share/.../settings.py
65 %define _libexecdir %{_prefix}/lib
68 The audit package contains the user space utilities for storing and
69 processing the audit records generate by the audit subsystem in the
72 %description -l pl.UTF-8
73 Ten pakiet zawiera narzędzia przestrzeni użytkownika do przechowywania
74 i przetwarzania rekordów audytu generowanych przez podsystem audytu w
78 Summary: Dynamic audit libraries
79 Summary(pl.UTF-8): Biblioteki dynamiczne audit
84 The audit-libs package contains the dynamic libraries needed for
85 applications to use the audit framework.
87 %description libs -l pl.UTF-8
88 Ten pakiet zawiera biblioteki dynamiczne potrzebne dla aplikacji
89 używających środowiska audytu.
92 Summary: Header files for audit libraries
93 Summary(pl.UTF-8): Pliki nagłówkowe bibliotek audit
95 Group: Development/Libraries
96 Requires: %{name}-libs = %{version}-%{release}
97 Requires: linux-libc-headers >= 7:2.6.30
99 %description libs-devel
100 The audit-libs-devel package contains the header files needed for
101 developing applications that need to use the audit framework library.
103 %description libs-devel -l pl.UTF-8
104 Ten pakiet zawiera pliki nagłówkowe potrzebne do tworzenia aplikacji
105 używających biblioteki środowiska audytu.
108 Summary: Static audit libraries
109 Summary(pl.UTF-8): Statyczne biblioteki audit
111 Group: Development/Libraries
112 Requires: %{name}-libs-devel = %{version}-%{release}
114 %description libs-static
115 The audit-libs-static package contains the static libraries for
116 developing applications that need to use the audit framework.
118 %description libs-static -l pl.UTF-8
119 Ten pakiet zawiera statyczne biblioteki do tworzenia aplikacji
120 używających środowiska audytu.
122 %package plugin-prelude
123 Summary: prelude plugin for audispd
124 Summary(pl.UTF-8): Wtyczka prelude dla audispd
126 Requires: %{name} = %{version}-%{release}
128 %description plugin-prelude
129 audisp-prelude is a plugin for the audit event dispatcher daemon,
130 audispd, that uses libprelude to send IDMEF alerts for possible
131 Intrusion Detection events.
133 %description plugin-prelude -l pl.UTF-8
134 audisp-prelude to wtyczka demona audispd przekazującego zdarzenia
135 audytowe wykorzystująca libprelude do wysyłania alarmów IDMEF o
136 prawdopodobnych zdarzeniach IDS.
138 %package -n golang-audit
139 Summary: Go language interface to libaudit library
140 Summary(pl.UTF-8): Interfejs języka Go do biblioteki libaudit
142 Group: Development/Languages
143 Requires: %{name}-libs = %{version}-%{release}
146 %description -n golang-audit
147 Go language interface to libaudit library.
149 %description -n golang-audit -l pl.UTF-8
150 Interfejs języka Go do biblioteki libaudit.
152 %package -n python-audit
153 Summary: Python interface to libaudit library
154 Summary(pl.UTF-8): Pythonowy interfejs do biblioteki libaudit
156 Group: Libraries/Python
157 Requires: %{name}-libs = %{version}-%{release}
159 %description -n python-audit
160 Python interface to libaudit library.
162 %description -n python-audit -l pl.UTF-8
163 Pythonowy interfejs do biblioteki libaudit.
170 %{!?with_zos_remote:%patch3 -p1}
178 %if %{without python}
179 sed 's#swig/Makefile ##' -i configure.ac
180 sed 's/swig//' -i Makefile.am
190 %{?with_kerberos5:--enable-gssapi-krb5} \
194 %{?with_prelude:--with-prelude}
199 rm -rf $RPM_BUILD_ROOT
200 install -d $RPM_BUILD_ROOT%{_var}/log/audit
203 DESTDIR=$RPM_BUILD_ROOT
205 install %{SOURCE2} $RPM_BUILD_ROOT/etc/rc.d/init.d/auditd
206 install %{SOURCE3} $RPM_BUILD_ROOT/etc/sysconfig/auditd
208 install -d $RPM_BUILD_ROOT/%{_lib}
209 mv -f $RPM_BUILD_ROOT%{_libdir}/libaudit.so.* $RPM_BUILD_ROOT/%{_lib}
210 ln -sf /%{_lib}/$(basename $RPM_BUILD_ROOT/%{_lib}/libaudit.so.*.*.*) \
211 $RPM_BUILD_ROOT%{_libdir}/libaudit.so
212 mv -f $RPM_BUILD_ROOT%{_libdir}/libauparse.so.* $RPM_BUILD_ROOT/%{_lib}
213 ln -sf /%{_lib}/$(basename $RPM_BUILD_ROOT/%{_lib}/libauparse.so.*.*.*) \
214 $RPM_BUILD_ROOT%{_libdir}/libauparse.so
216 # RH initscripts-specific
217 %{__rm} -r $RPM_BUILD_ROOT%{_libexecdir}/initscripts
220 %py_comp $RPM_BUILD_ROOT%{py_sitedir}
221 %py_ocomp $RPM_BUILD_ROOT%{py_sitedir}
223 %{__rm} $RPM_BUILD_ROOT%{py_sitedir}/*.{la,a}
227 rm -rf $RPM_BUILD_ROOT
229 %post libs -p /sbin/ldconfig
230 %postun libs -p /sbin/ldconfig
233 # Copy default rules into place on new installation
234 if [ ! -e %{_sysconfdir}/audit/audit.rules ] ; then
235 cp -a %{_sysconfdir}/audit/rules.d/audit.rules %{_sysconfdir}/audit/audit.rules
237 /sbin/chkconfig --add auditd
238 %service auditd restart "audit daemon"
239 %systemd_post auditd.service
242 if [ "$1" = "0" ]; then
244 /sbin/chkconfig --del auditd
246 %systemd_preun auditd.service
251 %triggerpostun -- %{name} < 2.2-2
252 %systemd_trigger auditd.service
254 %triggerpostun -- %{name} < 2.3-1
255 if [ -e %{_sysconfdir}/audit/audit.rules.rpmsave ] ; then
256 %{__mv} %{_sysconfdir}/audit/audit.rules{.rpmsave,}
258 %service auditd restart "audit daemon"
259 %systemd_post auditd.service
262 %defattr(644,root,root,755)
263 %doc AUTHORS ChangeLog README THANKS TODO
264 %doc contrib/{capp,nispom,lspp,stig}.rules init.d/auditd.cron
265 %attr(750,root,root) %{_bindir}/aulast
266 %attr(750,root,root) %{_bindir}/aulastlog
267 %attr(750,root,root) %{_bindir}/ausyscall
268 %attr(750,root,root) %{_bindir}/auvirt
269 %attr(750,root,root) %{_sbindir}/audispd
270 %attr(750,root,root) %{_sbindir}/auditctl
271 %attr(750,root,root) %{_sbindir}/auditd
272 %attr(750,root,root) %{_sbindir}/augenrules
273 %attr(750,root,root) %{_sbindir}/aureport
274 %attr(750,root,root) %{_sbindir}/ausearch
275 %attr(750,root,root) %{_sbindir}/autrace
276 %attr(755,root,root) %{_sbindir}/audisp-remote
277 %{?with_zos_remote:%attr(755,root,root) %{_sbindir}/audispd-zos-remote}
278 %dir %{_sysconfdir}/audisp
279 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/audispd.conf
280 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/audisp-remote.conf
281 %{?with_zos_remote:%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/zos-remote.conf}
282 %dir %{_sysconfdir}/audisp/plugins.d
283 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/plugins.d/af_unix.conf
284 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/plugins.d/au-remote.conf
285 %{?with_zos_remote:%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/plugins.d/audispd-zos-remote.conf}
286 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/plugins.d/syslog.conf
287 %dir %{_sysconfdir}/audit
288 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audit/auditd.conf
289 %dir %{_sysconfdir}/audit/rules.d
290 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audit/rules.d/audit.rules
291 %attr(754,root,root) /etc/rc.d/init.d/auditd
292 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/sysconfig/auditd
293 %{systemdunitdir}/auditd.service
294 %attr(750,root,root) %dir %{_var}/log/audit
295 %{_mandir}/man5/audispd.conf.5*
296 %{_mandir}/man5/audisp-remote.conf.5*
297 %{_mandir}/man5/auditd.conf.5*
298 %{_mandir}/man5/ausearch-expression.5*
299 %{?with_zos_remote:%{_mandir}/man5/zos-remote.conf.5*}
300 %{_mandir}/man7/audit.rules.7*
301 %{_mandir}/man8/audisp-remote.8*
302 %{?with_zos_remote:%{_mandir}/man8/audispd-zos-remote.8*}
303 %{_mandir}/man8/audispd.8*
304 %{_mandir}/man8/auditctl.8*
305 %{_mandir}/man8/auditd.8*
306 %{_mandir}/man8/augenrules.8*
307 %{_mandir}/man8/aulast.8*
308 %{_mandir}/man8/aulastlog.8*
309 %{_mandir}/man8/aureport.8*
310 %{_mandir}/man8/ausearch.8*
311 %{_mandir}/man8/ausyscall.8*
312 %{_mandir}/man8/autrace.8*
313 %{_mandir}/man8/auvirt.8*
316 %defattr(644,root,root,755)
317 %attr(755,root,root) /%{_lib}/libaudit.so.*.*.*
318 %attr(755,root,root) %ghost /%{_lib}/libaudit.so.1
319 %attr(755,root,root) /%{_lib}/libauparse.so.*.*.*
320 %attr(755,root,root) %ghost /%{_lib}/libauparse.so.0
321 %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/libaudit.conf
322 %{_mandir}/man5/libaudit.conf.5*
325 %defattr(644,root,root,755)
326 %attr(755,root,root) %{_libdir}/libaudit.so
327 %attr(755,root,root) %{_libdir}/libauparse.so
328 %{_libdir}/libaudit.la
329 %{_libdir}/libauparse.la
330 %{_includedir}/auparse*.h
331 %{_includedir}/libaudit.h
332 %{_pkgconfigdir}/audit.pc
333 %{_mandir}/man3/audit_*.3*
334 %{_mandir}/man3/auparse_*.3*
335 %{_mandir}/man3/ausearch_*.3*
336 %{_mandir}/man3/get_auditfail_action.3*
337 %{_mandir}/man3/set_aumessage_mode.3*
340 %defattr(644,root,root,755)
341 %{_libdir}/libaudit.a
342 %{_libdir}/libauparse.a
345 %files plugin-prelude
346 %defattr(644,root,root,755)
347 %attr(755,root,root) %{_sbindir}/audisp-prelude
348 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/audisp-prelude.conf
349 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/plugins.d/au-prelude.conf
350 %{_mandir}/man5/audisp-prelude.conf.5*
351 %{_mandir}/man8/audisp-prelude.8*
355 %files -n golang-audit
356 %defattr(644,root,root,755)
357 %dir %{_libdir}/golang/src/pkg/redhat.com
358 %{_libdir}/golang/src/pkg/redhat.com/audit
362 %files -n python-audit
363 %defattr(644,root,root,755)
364 %attr(755,root,root) %{py_sitedir}/_audit.so
365 %attr(755,root,root) %{py_sitedir}/auparse.so
366 %{py_sitedir}/audit.py[co]