#
# Conditional build:
%bcond_without pie # auditd as PIE binary
+%bcond_without prelude # prelude audisp plugin
%bcond_without python # don't build python bindings
#
Summary: User space tools for 2.6 kernel auditing
Summary(pl.UTF-8): Narzędzia przestrzeni użytkownika do audytu jąder 2.6
Name: audit
-Version: 1.6.1
-Release: 0.1
+Version: 1.7.8
+Release: 1
License: GPL v2+
Group: Daemons
Source0: http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
-# Source0-md5: ce393ed76e25dd95f2d54ae27e7a25be
+# Source0-md5: 6b2529433c2fcf4728b286f0d822d016
Source2: %{name}d.init
Source3: %{name}d.sysconfig
Patch0: %{name}-install.patch
%{?with_pie:BuildRequires: gcc >= 5:3.4}
BuildRequires: gettext-devel >= 0.14.6
BuildRequires: glibc-headers >= 6:2.3.6
+BuildRequires: intltool
BuildRequires: libstdc++-devel
+%{?with_prelude:BuildRequires: libprelude-devel}
BuildRequires: libtool
BuildRequires: linux-libc-headers >= 7:2.6.20
+BuildRequires: openldap-devel
%if %{with python}
BuildRequires: python-devel >= 1:2.5
BuildRequires: rpm-pythonprov
Requires(post,preun): /sbin/chkconfig
Requires: %{name}-libs = %{version}-%{release}
Requires: rc-scripts
+Obsoletes: audit-audispd-plugins
BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
%define _sbindir /sbin
Ten pakiet zawiera statyczne biblioteki do tworzenia aplikacji
używających środowiska audytu.
+%package plugin-prelude
+Summary: prelude plugin for audispd
+Summary(pl.UTF-8): Wtyczka prelude dla audispd
+Group: Daemons
+Requires: %{name} = %{version}-%{release}
+
+%description plugin-prelude
+audisp-prelude is a plugin for the audit event dispatcher daemon,
+audispd, that uses libprelude to send IDMEF alerts for possible
+Intrusion Detection events.
+
+%description plugin-prelude -l pl.UTF-8
+audisp-prelude to wtyczka demona audispd przekazującego zdarzenia
+audytowe wykorzystująca libprelude do wysyłania alarmów IDMEF o
+prawdopodobnych zdarzeniach IDS.
+
%package -n python-audit
Summary: Python interface to libaudit library
Summary(pl.UTF-8): Pythonowy interfejs do biblioteki libaudit
License: GPL v2
Group: Applications/System
Requires: %{name} = %{version}-%{release}
-Version: 4.2
-Requires: python-pygtk-libglade >= 2:2.0
+Version: 0.4.8
+Requires: python-pygtk-glade >= 2:2.0
Requires: usermode
#Requires: usermode-gtk ???
%{__autoheader}
%{__automake}
cd system-config-audit
+%{__libtoolize}
%{__aclocal}
%{__autoconf}
%{__autoheader}
%{__automake}
cd ..
%configure \
- --with-apparmor
+ --with-apparmor \
+ %{?with_prelude:--with-prelude}
# override auditd_{C,LD}FLAGS to avoid -fPIE unsupported by gcc 3.3
%{__make} \
%{!?with_pie:auditd_CFLAGS="-D_REENTRANT -D_GNU_SOURCE" auditd_LDFLAGS="-Wl,-z,relro"}
install -d $RPM_BUILD_ROOT/%{_lib}
mv -f $RPM_BUILD_ROOT%{_libdir}/libaudit.so.* $RPM_BUILD_ROOT/%{_lib}
-ln -sf /%{_lib}/$(cd $RPM_BUILD_ROOT/%{_lib} ; echo libaudit.so.*.*.*) \
+ln -sf /%{_lib}/$(basename $RPM_BUILD_ROOT/%{_lib}/libaudit.so.*.*.*) \
$RPM_BUILD_ROOT%{_libdir}/libaudit.so
mv -f $RPM_BUILD_ROOT%{_libdir}/libauparse.so.* $RPM_BUILD_ROOT/%{_lib}
-ln -sf /%{_lib}/$(cd $RPM_BUILD_ROOT/%{_lib} ; echo libauparse.so.*.*.*) \
+ln -sf /%{_lib}/$(basename $RPM_BUILD_ROOT/%{_lib}/libauparse.so.*.*.*) \
$RPM_BUILD_ROOT%{_libdir}/libauparse.so
# We manually install this since Makefile doesn't
%files
%defattr(644,root,root,755)
-%doc AUTHORS ChangeLog README THANKS TODO sample.rules
+%doc AUTHORS ChangeLog README THANKS TODO
+%attr(750,root,root) %{_bindir}/aulastlog
+%attr(750,root,root) %{_bindir}/ausyscall
%attr(750,root,root) %{_sbindir}/audispd
%attr(750,root,root) %{_sbindir}/auditctl
%attr(750,root,root) %{_sbindir}/auditd
%attr(750,root,root) %{_sbindir}/aureport
%attr(750,root,root) %{_sbindir}/ausearch
%attr(750,root,root) %{_sbindir}/autrace
+%attr(755,root,root) %{_sbindir}/audisp-remote
+%attr(755,root,root) %{_sbindir}/audispd-zos-remote
%dir %{_sysconfdir}/audisp
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/audispd.conf
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/audisp-remote.conf
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/zos-remote.conf
%dir %{_sysconfdir}/audisp/plugins.d
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/plugins.d/af_unix.conf
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/plugins.d/au-remote.conf
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/plugins.d/audispd-zos-remote.conf
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/plugins.d/syslog.conf
%dir %{_sysconfdir}/audit
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audit/auditd.conf
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/sysconfig/auditd
%attr(750,root,root) %dir %{_var}/log/audit
%{_mandir}/man5/audispd.conf.5*
+%{_mandir}/man5/audisp-remote.conf.5*
%{_mandir}/man5/auditd.conf.5*
-%{_mandir}/man8/*
+%{_mandir}/man5/ausearch-expression.5*
+%{_mandir}/man5/zos-remote.conf.5*
+%{_mandir}/man8/audisp-remote.8*
+%{_mandir}/man8/audispd-zos-remote.8*
+%{_mandir}/man8/audispd.8*
+%{_mandir}/man8/auditctl.8*
+%{_mandir}/man8/auditd.8*
+%{_mandir}/man8/aulastlog.8*
+%{_mandir}/man8/aureport.8*
+%{_mandir}/man8/ausearch.8*
+%{_mandir}/man8/ausyscall.8*
+%{_mandir}/man8/autrace.8*
%files libs
%defattr(644,root,root,755)
%attr(755,root,root) /%{_lib}/libaudit.so.*.*.*
+%attr(755,root,root) %ghost /%{_lib}/libaudit.so.0
%attr(755,root,root) /%{_lib}/libauparse.so.*.*.*
+%attr(755,root,root) %ghost /%{_lib}/libauparse.so.0
%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/libaudit.conf
%files libs-devel
%{_libdir}/libauparse.la
%{_includedir}/auparse*.h
%{_includedir}/libaudit.h
-%{_mandir}/man3/*
+%{_mandir}/man3/audit_*.3*
+%{_mandir}/man3/auparse_*.3*
+%{_mandir}/man3/ausearch_*.3*
+%{_mandir}/man3/get_auditfail_action.3*
+%{_mandir}/man3/set_aumessage_mode.3*
%files libs-static
%defattr(644,root,root,755)
%{_libdir}/libaudit.a
%{_libdir}/libauparse.a
+%if %{with prelude}
+%files plugin-prelude
+%defattr(644,root,root,755)
+%attr(755,root,root) %{_sbindir}/audisp-prelude
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/audisp-prelude.conf
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/plugins.d/au-prelude.conf
+%{_mandir}/man5/audisp-prelude.conf.5*
+%{_mandir}/man8/audisp-prelude.8*
+%endif
+
%if %{with python}
%files -n python-audit
%defattr(644,root,root,755)
%attr(755,root,root) %{py_sitedir}/_audit.so
%attr(755,root,root) %{py_sitedir}/auparse.so
-%{py_sitedir}/auparse-*.egg-info
%{py_sitescriptdir}/audit.py[co]
%files -n system-config-audit -f system-config-audit.lang