---- audit-2.3/init.d/Makefile.am.orig 2013-04-30 16:26:09.000000000 +0200
-+++ audit-2.3/init.d/Makefile.am 2013-05-15 15:34:15.728741312 +0200
-@@ -42,8 +42,8 @@
+--- audit-2.5.2/init.d/Makefile.am.orig 2016-04-29 18:31:43.000000000 +0200
++++ audit-2.5.2/init.d/Makefile.am 2016-05-10 19:55:50.830718697 +0200
+@@ -41,8 +41,8 @@
sbin_SCRIPTS = augenrules
install-data-hook:
if ENABLE_SYSTEMD
else
$(INSTALL_DATA) -D -m 640 ${srcdir}/auditd.sysconfig ${DESTDIR}${sysconfigdir}/auditd
-@@ -53,7 +53,7 @@
+@@ -52,7 +52,7 @@
if ENABLE_SYSTEMD
mkdir -p ${DESTDIR}${initdir}
mkdir -p ${DESTDIR}${legacydir}
-- $(INSTALL_SCRIPT) -D -m 640 ${srcdir}/auditd.service ${DESTDIR}${initdir}
-+ $(INSTALL_SCRIPT) -D -m 640 ${srcdir}/auditd.service ${DESTDIR}${initdir}/auditd.service
+- $(INSTALL_SCRIPT) -D -m 644 ${srcdir}/auditd.service ${DESTDIR}${initdir}
++ $(INSTALL_SCRIPT) -D -m 644 ${srcdir}/auditd.service ${DESTDIR}${initdir}/auditd.service
$(INSTALL_SCRIPT) -D -m 750 ${srcdir}/auditd.rotate ${DESTDIR}${legacydir}/rotate
$(INSTALL_SCRIPT) -D -m 750 ${srcdir}/auditd.resume ${DESTDIR}${legacydir}/resume
- else
+ $(INSTALL_SCRIPT) -D -m 750 ${srcdir}/auditd.stop ${DESTDIR}${legacydir}/stop
---- audit-2.3.2/init.d/Makefile.am.orig 2013-08-24 21:51:07.859509228 +0200
-+++ audit-2.3.2/init.d/Makefile.am 2013-08-24 21:52:55.076171394 +0200
+--- audit-2.5.2/init.d/Makefile.am.orig 2016-05-10 21:54:38.137086257 +0200
++++ audit-2.5.2/init.d/Makefile.am 2016-05-10 21:56:35.680414658 +0200
@@ -28,12 +28,11 @@
dispconfig = audispd.conf
dispconfigdir = $(sysconfdir)/audisp
auditdir = $(sysconfdir)/audit
auditrdir = $(auditdir)/rules.d
-@@ -44,24 +43,20 @@
+@@ -43,24 +42,20 @@
install-data-hook:
$(INSTALL_DATA) -D -m 640 ${srcdir}/${dispconfig} ${DESTDIR}${dispconfigdir}/${dispconfig}
$(INSTALL_DATA) -D -m 640 ${srcdir}/${libconfig} ${DESTDIR}${sysconfdir}/${libconfig}
install-exec-hook:
if ENABLE_SYSTEMD
- mkdir -p ${DESTDIR}${initdir}
+- mkdir -p ${DESTDIR}${initdir}
++ mkdir -p ${DESTDIR}${systemdunitdir}
mkdir -p ${DESTDIR}${legacydir}
-- $(INSTALL_SCRIPT) -D -m 640 ${srcdir}/auditd.service ${DESTDIR}${initdir}/auditd.service
-+ $(INSTALL_SCRIPT) -D -m 640 ${srcdir}/auditd.service ${DESTDIR}${systemdunitdir}/auditd.service
+- $(INSTALL_SCRIPT) -D -m 644 ${srcdir}/auditd.service ${DESTDIR}${initdir}/auditd.service
++ $(INSTALL_SCRIPT) -D -m 644 ${srcdir}/auditd.service ${DESTDIR}${systemdunitdir}/auditd.service
$(INSTALL_SCRIPT) -D -m 750 ${srcdir}/auditd.rotate ${DESTDIR}${legacydir}/rotate
$(INSTALL_SCRIPT) -D -m 750 ${srcdir}/auditd.resume ${DESTDIR}${legacydir}/resume
$(INSTALL_SCRIPT) -D -m 750 ${srcdir}/auditd.stop ${DESTDIR}${legacydir}/stop
chmod 0750 $(DESTDIR)$(sbindir)/augenrules
-@@ -69,14 +64,13 @@
+@@ -68,14 +63,13 @@
rm ${DESTDIR}${dispconfigdir}/${dispconfig}
rm ${DESTDIR}${sysconfdir}/${libconfig}
if ENABLE_SYSTEMD
Summary: User space tools for 2.6 kernel auditing
Summary(pl.UTF-8): Narzędzia przestrzeni użytkownika do audytu jąder 2.6
Name: audit
-Version: 2.4.4
-Release: 5
+Version: 2.5.2
+Release: 1
License: GPL v2+
Group: Daemons
Source0: http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
-# Source0-md5: 72b0fd94d32846142bc472f0d91e62b4
+# Source0-md5: bfc332d35b27121f105dd34ce35b6f0a
Source2: %{name}d.init
Source3: %{name}d.sysconfig
Patch0: %{name}-install.patch
Patch6: %{name}-no-refusemanualstop.patch
Patch7: %{name}-cronjob.patch
Patch8: golang-paths.patch
-# https://fedorahosted.org/fesco/ticket/1311
-Patch9: never-audit.patch
URL: http://people.redhat.com/sgrubb/audit/
BuildRequires: autoconf >= 2.59
BuildRequires: automake >= 1:1.9
%patch6 -p1
%patch7 -p1
%patch8 -p1
-%patch9 -p1
%if %{without python}
sed 's#swig/Makefile ##' -i configure.ac
%install
rm -rf $RPM_BUILD_ROOT
-install -d $RPM_BUILD_ROOT%{_var}/log/audit
+install -d $RPM_BUILD_ROOT{%{_sysconfdir}/audit/rules.d,%{_var}/log/audit}
%{__make} install \
DESTDIR=$RPM_BUILD_ROOT
+# default to no audit (and no overhead)
+cp -p rules/10-no-audit.rules $RPM_BUILD_ROOT%{_sysconfdir}/audit/rules.d
+
install %{SOURCE2} $RPM_BUILD_ROOT/etc/rc.d/init.d/auditd
install %{SOURCE3} $RPM_BUILD_ROOT/etc/sysconfig/auditd
%post
# Copy default rules into place on new installation
if [ ! -e %{_sysconfdir}/audit/audit.rules ] ; then
- cp -a %{_sysconfdir}/audit/rules.d/audit.rules %{_sysconfdir}/audit/audit.rules
+ cp -a %{_sysconfdir}/audit/rules.d/10-no-audit.rules %{_sysconfdir}/audit/audit.rules
fi
/sbin/chkconfig --add auditd
%service auditd restart "audit daemon"
%service auditd restart "audit daemon"
%systemd_post auditd.service
+%triggerpostun -- %{name} < 2.5-1
+if [ -f %{_sysconfdir}/audit/rules.d/audit.rules.rpmsave ]; then
+%banner %{name} -e <<EOF
+Since audit 2.5 %{_sysconfdir}/audit/rules.d/audit.rules file (now saved
+as audit.rules.rpmnew) is replaced by a set of numbered rule files - remember
+to update your configuration!
+EOF
+fi
+
%files
%defattr(644,root,root,755)
-%doc AUTHORS ChangeLog README THANKS TODO
-%doc contrib/{capp,nispom,lspp,stig}.rules init.d/auditd.cron
+%doc AUTHORS ChangeLog README THANKS TODO rules/{README-rules,*.rules} init.d/auditd.cron
%attr(750,root,root) %{_bindir}/aulast
%attr(750,root,root) %{_bindir}/aulastlog
%attr(750,root,root) %{_bindir}/ausyscall
%dir %{_sysconfdir}/audit
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audit/auditd.conf
%dir %{_sysconfdir}/audit/rules.d
-%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audit/rules.d/audit.rules
+%attr(640,root,root) %config(noreplace,missingok) %verify(not md5 mtime size) %{_sysconfdir}/audit/rules.d/10-no-audit.rules
%attr(754,root,root) /etc/rc.d/init.d/auditd
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/sysconfig/auditd
%{systemdunitdir}/auditd.service
%{_includedir}/libaudit.h
%{_pkgconfigdir}/audit.pc
%{_pkgconfigdir}/auparse.pc
+%{_aclocaldir}/audit.m4
%{_mandir}/man3/audit_*.3*
%{_mandir}/man3/auparse_*.3*
%{_mandir}/man3/ausearch_*.3*
---- audit-2.4/bindings/golang/Makefile.am~ 2014-08-24 18:39:23.000000000 +0200
-+++ audit-2.4/bindings/golang/Makefile.am 2014-10-23 07:36:39.764147566 +0200
-@@ -23,16 +23,15 @@
- CONFIG_CLEAN_FILES = *.loT *.rej *.orig
- EXTRA_DIST = audit.go
+--- audit-2.5.2/bindings/golang/Makefile.am.orig 2016-05-10 20:17:50.423996653 +0200
++++ audit-2.5.2/bindings/golang/Makefile.am 2016-05-10 20:27:31.460638934 +0200
+@@ -25,15 +25,14 @@
+ dist_check_SCRIPTS = test.go
+ if HAVE_GOLANG
-LIBDIR = lib
-GODIR = $(LIBDIR)/golang/src/pkg/redhat.com/audit
-+GODIR = ${libdir}/golang/src/redhat.com/audit
- dist_check_SCRIPTS = test.go
++GODIR = $(libdir)/golang/src/redhat.com/audit
install:
- [ -d $(DESTDIR)${prefix}/$(GODIR) ] || mkdir -p $(DESTDIR)${prefix}/$(GODIR)
- install -m 644 ${top_srcdir}/bindings/golang/audit.go $(DESTDIR)${prefix}/$(GODIR)
-+ [ -d $(DESTDIR)/$(GODIR) ] || mkdir -p $(DESTDIR)/$(GODIR)
-+ install -m 644 ${top_srcdir}/bindings/golang/audit.go $(DESTDIR)/$(GODIR)
++ [ -d $(DESTDIR)$(GODIR) ] || mkdir -p $(DESTDIR)$(GODIR)
++ install -m 644 ${top_srcdir}/bindings/golang/audit.go $(DESTDIR)$(GODIR)
uninstall:
- @rm -f $(DESTDIR)${prefix}/$(GODIR)/*
-+ @rm -f $(DESTDIR)/$(GODIR)/*
++ @rm -f $(DESTDIR)$(GODIR)/*
check:
@mkdir audit
+++ /dev/null
-diff -ur audit.orig/init.d/audit.rules audit/init.d/audit.rules
---- audit.orig/init.d/audit.rules 2014-07-20 10:43:44.724841702 -0400
-+++ audit/init.d/audit.rules 2014-07-22 14:55:50.856253189 -0400
-@@ -6,9 +6,8 @@
- # First rule - delete all
- -D
-
--# Increase the buffers to survive stress events.
--# Make this bigger for busy systems
---b 320
--
--# Feel free to add below this line. See auditctl man page
-+# This suppresses syscall auditing for all tasks started
-+# with this rule in effect. Remove it if you need syscall
-+# auditing.
-+-a task,never
-