3 %bcond_without kerberos5 # Kerberos V support via heimdal
4 %bcond_without prelude # prelude audisp plugin
5 %bcond_without golang # Go language bindings
6 %bcond_with gccgo # use GCC go frontend instead of golang implementation
7 %bcond_without python # Python bindings (any)
8 %bcond_without python2 # Python 2 bindings
9 %bcond_without python3 # Python 3 bindings
10 %bcond_without zos_remote # zos-remote audisp plugin (LDAP dep)
12 %ifnarch %{ix86} %{x8664} %{arm} aarch64 mips64 mips64le ppc64 ppc64le s390x
17 %undefine with_python2
18 %undefine with_python3
20 Summary: User space tools for 2.6 kernel auditing
21 Summary(pl.UTF-8): Narzędzia przestrzeni użytkownika do audytu jąder 2.6
27 Source0: https://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
28 # Source0-md5: 9455e5773670afdbccaeb92681b2e97d
29 Source2: %{name}d.init
30 Source3: %{name}d.sysconfig
31 Patch0: %{name}-install.patch
32 Patch1: %{name}-m4.patch
33 Patch2: %{name}-nolibs.patch
34 Patch3: %{name}-systemd-notonly.patch
35 Patch4: %{name}-am.patch
36 Patch5: %{name}-no-refusemanualstop.patch
37 Patch6: %{name}-cronjob.patch
38 Patch7: golang-paths.patch
41 URL: http://people.redhat.com/sgrubb/audit/
42 BuildRequires: autoconf >= 2.59
43 BuildRequires: automake >= 1:1.12.6
44 BuildRequires: glibc-headers >= 6:2.3.6
45 %{?with_kerberos5:BuildRequires: heimdal-devel}
46 BuildRequires: libcap-ng-devel
47 %{?with_prelude:BuildRequires: libprelude-devel}
48 BuildRequires: libtool
49 BuildRequires: libwrap-devel
50 BuildRequires: linux-libc-headers >= 7:2.6.30
51 %{?with_zos_remote:BuildRequires: openldap-devel}
53 BuildRequires: python-devel >= 1:2.5
54 BuildRequires: rpm-pythonprov
55 BuildRequires: swig-python
58 BuildRequires: python3-devel
59 BuildRequires: rpm-pythonprov
60 BuildRequires: swig-python
62 BuildRequires: rpmbuild(macros) >= 1.644
63 BuildRequires: sed >= 4.0
65 %{?with_gccgo:BuildRequires: gcc-go >= 5.1}
66 %{!?with_gccgo:BuildRequires: golang >= 1.4}
68 Requires(post,preun): /sbin/chkconfig
69 Requires(post,preun,postun): systemd-units >= 38
70 Requires: %{name}-libs = %{version}-%{release}
72 Requires: systemd-units >= 38
73 Obsoletes: audit-audispd-plugins
74 Obsoletes: audit-systemd
75 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
77 %define _sbindir /sbin
78 # use /lib, because this path is put in /usr/share/.../settings.py
79 %define _libexecdir %{_prefix}/lib
82 The audit package contains the user space utilities for storing and
83 processing the audit records generate by the audit subsystem in the
86 %description -l pl.UTF-8
87 Ten pakiet zawiera narzędzia przestrzeni użytkownika do przechowywania
88 i przetwarzania rekordów audytu generowanych przez podsystem audytu w
92 Summary: Dynamic audit libraries
93 Summary(pl.UTF-8): Biblioteki dynamiczne audit
98 The audit-libs package contains the dynamic libraries needed for
99 applications to use the audit framework.
101 %description libs -l pl.UTF-8
102 Ten pakiet zawiera biblioteki dynamiczne potrzebne dla aplikacji
103 używających środowiska audytu.
106 Summary: Header files for audit libraries
107 Summary(pl.UTF-8): Pliki nagłówkowe bibliotek audit
109 Group: Development/Libraries
110 Requires: %{name}-libs = %{version}-%{release}
111 Requires: linux-libc-headers >= 7:2.6.30
112 Requires: libcap-ng-devel
114 %description libs-devel
115 The audit-libs-devel package contains the header files needed for
116 developing applications that need to use the audit framework library.
118 %description libs-devel -l pl.UTF-8
119 Ten pakiet zawiera pliki nagłówkowe potrzebne do tworzenia aplikacji
120 używających biblioteki środowiska audytu.
123 Summary: Static audit libraries
124 Summary(pl.UTF-8): Statyczne biblioteki audit
126 Group: Development/Libraries
127 Requires: %{name}-libs-devel = %{version}-%{release}
129 %description libs-static
130 The audit-libs-static package contains the static libraries for
131 developing applications that need to use the audit framework.
133 %description libs-static -l pl.UTF-8
134 Ten pakiet zawiera statyczne biblioteki do tworzenia aplikacji
135 używających środowiska audytu.
137 %package plugin-prelude
138 Summary: prelude plugin for audispd
139 Summary(pl.UTF-8): Wtyczka prelude dla audispd
141 Requires: %{name} = %{version}-%{release}
143 %description plugin-prelude
144 audisp-prelude is a plugin for the audit event dispatcher daemon,
145 audispd, that uses libprelude to send IDMEF alerts for possible
146 Intrusion Detection events.
148 %description plugin-prelude -l pl.UTF-8
149 audisp-prelude to wtyczka demona audispd przekazującego zdarzenia
150 audytowe wykorzystująca libprelude do wysyłania alarmów IDMEF o
151 prawdopodobnych zdarzeniach IDS.
153 %package -n golang-audit
154 Summary: Go language interface to libaudit library
155 Summary(pl.UTF-8): Interfejs języka Go do biblioteki libaudit
157 Group: Development/Languages
158 Requires: %{name}-libs = %{version}-%{release}
160 Requires: gcc-go >= 5.1
162 Requires: golang >= 1.4
165 %description -n golang-audit
166 Go language interface to libaudit library.
168 %description -n golang-audit -l pl.UTF-8
169 Interfejs języka Go do biblioteki libaudit.
171 %package -n python-audit
172 Summary: Python 2.x interface to libaudit library
173 Summary(pl.UTF-8): Interfejs Pythona 2.x do biblioteki libaudit
175 Group: Libraries/Python
176 Requires: %{name}-libs = %{version}-%{release}
178 %description -n python-audit
179 Python 2.x interface to libaudit library.
181 %description -n python-audit -l pl.UTF-8
182 Interfejs Pythona 2.x do biblioteki libaudit.
184 %package -n python3-audit
185 Summary: Python 3.x interface to libaudit library
186 Summary(pl.UTF-8): Interfejs Pythona 3.x do biblioteki libaudit
188 Group: Libraries/Python
189 Requires: %{name}-libs = %{version}-%{release}
191 %description -n python3-audit
192 Python 3.x interface to libaudit library.
194 %description -n python3-audit -l pl.UTF-8
195 Interfejs Pythona 3.x do biblioteki libaudit.
210 %if %{without python}
211 sed 's#[^ ]*swig/[^ ]*/Makefile ##g' -i configure.ac
212 sed 's/swig//' -i bindings/Makefile.am
222 CC_FOR_BUILD="%{__cc}" \
223 CPPFLAGS_FOR_BUILD="%{rpmcppflags}" \
224 CFLAGS_FOR_BUILD="%{rpmcflags}" \
225 LDFLAGS_FOR_BUILD="%{rpmldflags}" \
226 %{?with_kerberos5:--enable-gssapi-krb5} \
230 %{?with_prelude:--with-prelude} \
231 %{!?with_zos_remote:--disable-zos-remote}
236 rm -rf $RPM_BUILD_ROOT
237 install -d $RPM_BUILD_ROOT{%{_sysconfdir}/audit/rules.d,%{_var}/log/audit}
240 DESTDIR=$RPM_BUILD_ROOT
242 # default to no audit (and no overhead)
243 cp -p rules/10-no-audit.rules $RPM_BUILD_ROOT%{_sysconfdir}/audit/rules.d
245 install %{SOURCE2} $RPM_BUILD_ROOT/etc/rc.d/init.d/auditd
246 install %{SOURCE3} $RPM_BUILD_ROOT/etc/sysconfig/auditd
248 install -d $RPM_BUILD_ROOT/%{_lib}
249 mv -f $RPM_BUILD_ROOT%{_libdir}/libaudit.so.* $RPM_BUILD_ROOT/%{_lib}
250 ln -sf /%{_lib}/$(basename $RPM_BUILD_ROOT/%{_lib}/libaudit.so.*.*.*) \
251 $RPM_BUILD_ROOT%{_libdir}/libaudit.so
252 mv -f $RPM_BUILD_ROOT%{_libdir}/libauparse.so.* $RPM_BUILD_ROOT/%{_lib}
253 ln -sf /%{_lib}/$(basename $RPM_BUILD_ROOT/%{_lib}/libauparse.so.*.*.*) \
254 $RPM_BUILD_ROOT%{_libdir}/libauparse.so
256 # RH initscripts-specific
257 %{__rm} -r $RPM_BUILD_ROOT%{_libexecdir}/initscripts
260 %py_comp $RPM_BUILD_ROOT%{py_sitedir}
261 %py_ocomp $RPM_BUILD_ROOT%{py_sitedir}
263 %{__rm} $RPM_BUILD_ROOT%{py_sitedir}/*.{la,a}
267 %{__rm} $RPM_BUILD_ROOT%{py3_sitedir}/*.{la,a}
271 rm -rf $RPM_BUILD_ROOT
273 %post libs -p /sbin/ldconfig
274 %postun libs -p /sbin/ldconfig
277 # Copy default rules into place on new installation
278 if [ ! -e %{_sysconfdir}/audit/audit.rules ] ; then
279 cp -a %{_sysconfdir}/audit/rules.d/10-no-audit.rules %{_sysconfdir}/audit/audit.rules
281 /sbin/chkconfig --add auditd
282 %service auditd restart "audit daemon"
283 %systemd_post auditd.service
286 if [ "$1" = "0" ]; then
288 /sbin/chkconfig --del auditd
290 %systemd_preun auditd.service
296 %defattr(644,root,root,755)
297 %doc AUTHORS ChangeLog README THANKS rules/{README-rules,*.rules} init.d/auditd.cron
298 %attr(750,root,root) %{_bindir}/aulast
299 %attr(750,root,root) %{_bindir}/aulastlog
300 %attr(750,root,root) %{_bindir}/ausyscall
301 %attr(750,root,root) %{_bindir}/auvirt
302 %attr(750,root,root) %{_sbindir}/audispd
303 %attr(750,root,root) %{_sbindir}/auditctl
304 %attr(750,root,root) %{_sbindir}/auditd
305 %attr(750,root,root) %{_sbindir}/augenrules
306 %attr(750,root,root) %{_sbindir}/aureport
307 %attr(750,root,root) %{_sbindir}/ausearch
308 %attr(750,root,root) %{_sbindir}/autrace
309 %attr(755,root,root) %{_sbindir}/audisp-remote
310 %{?with_zos_remote:%attr(755,root,root) %{_sbindir}/audispd-zos-remote}
311 %dir %{_sysconfdir}/audisp
312 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/audispd.conf
313 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/audisp-remote.conf
314 %{?with_zos_remote:%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/zos-remote.conf}
315 %dir %{_sysconfdir}/audisp/plugins.d
316 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/plugins.d/af_unix.conf
317 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/plugins.d/au-remote.conf
318 %{?with_zos_remote:%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/plugins.d/audispd-zos-remote.conf}
319 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/plugins.d/syslog.conf
320 %dir %{_sysconfdir}/audit
321 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audit/audit-stop.rules
322 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audit/auditd.conf
323 %dir %{_sysconfdir}/audit/rules.d
324 %attr(640,root,root) %config(noreplace,missingok) %verify(not md5 mtime size) %{_sysconfdir}/audit/rules.d/10-no-audit.rules
325 %attr(754,root,root) /etc/rc.d/init.d/auditd
326 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/sysconfig/auditd
327 %{systemdunitdir}/auditd.service
328 %attr(750,root,root) %dir %{_var}/log/audit
329 %{_mandir}/man5/audispd.conf.5*
330 %{_mandir}/man5/audisp-remote.conf.5*
331 %{_mandir}/man5/auditd.conf.5*
332 %{_mandir}/man5/ausearch-expression.5*
333 %{?with_zos_remote:%{_mandir}/man5/zos-remote.conf.5*}
334 %{_mandir}/man7/audit.rules.7*
335 %{_mandir}/man8/audisp-remote.8*
336 %{?with_zos_remote:%{_mandir}/man8/audispd-zos-remote.8*}
337 %{_mandir}/man8/audispd.8*
338 %{_mandir}/man8/auditctl.8*
339 %{_mandir}/man8/auditd.8*
340 %{_mandir}/man8/augenrules.8*
341 %{_mandir}/man8/aulast.8*
342 %{_mandir}/man8/aulastlog.8*
343 %{_mandir}/man8/aureport.8*
344 %{_mandir}/man8/ausearch.8*
345 %{_mandir}/man8/ausyscall.8*
346 %{_mandir}/man8/autrace.8*
347 %{_mandir}/man8/auvirt.8*
350 %defattr(644,root,root,755)
351 %attr(755,root,root) /%{_lib}/libaudit.so.*.*.*
352 %attr(755,root,root) %ghost /%{_lib}/libaudit.so.1
353 %attr(755,root,root) /%{_lib}/libauparse.so.*.*.*
354 %attr(755,root,root) %ghost /%{_lib}/libauparse.so.0
355 %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/libaudit.conf
356 %{_mandir}/man5/libaudit.conf.5*
359 %defattr(644,root,root,755)
360 %attr(755,root,root) %{_libdir}/libaudit.so
361 %attr(755,root,root) %{_libdir}/libauparse.so
362 %{_libdir}/libaudit.la
363 %{_libdir}/libauparse.la
364 %{_includedir}/auparse*.h
365 %{_includedir}/libaudit.h
366 %{_pkgconfigdir}/audit.pc
367 %{_pkgconfigdir}/auparse.pc
368 %{_aclocaldir}/audit.m4
369 %{_mandir}/man3/audit_*.3*
370 %{_mandir}/man3/auparse_*.3*
371 %{_mandir}/man3/ausearch_*.3*
372 %{_mandir}/man3/get_auditfail_action.3*
373 %{_mandir}/man3/set_aumessage_mode.3*
376 %defattr(644,root,root,755)
377 %{_libdir}/libaudit.a
378 %{_libdir}/libauparse.a
381 %files plugin-prelude
382 %defattr(644,root,root,755)
383 %attr(755,root,root) %{_sbindir}/audisp-prelude
384 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/audisp-prelude.conf
385 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audisp/plugins.d/au-prelude.conf
386 %{_mandir}/man5/audisp-prelude.conf.5*
387 %{_mandir}/man8/audisp-prelude.8*
391 %files -n golang-audit
392 %defattr(644,root,root,755)
393 %dir %{_libdir}/golang/src/redhat.com
394 %{_libdir}/golang/src/redhat.com/audit
398 %files -n python-audit
399 %defattr(644,root,root,755)
400 %attr(755,root,root) %{py_sitedir}/_audit.so
401 %attr(755,root,root) %{py_sitedir}/auparse.so
402 %{py_sitedir}/audit.py[co]
406 %files -n python3-audit
407 %defattr(644,root,root,755)
408 %attr(755,root,root) %{py3_sitedir}/_audit.so
409 %attr(755,root,root) %{py3_sitedir}/auparse.so
410 %{py3_sitedir}/audit.py
411 %{py3_sitedir}/__pycache__/audit.cpython-*.py[co]