3 %bcond_without kerberos5 # Kerberos V support via heimdal
4 %bcond_without golang # Go language bindings
5 %bcond_with gccgo # use GCC go frontend instead of golang implementation
6 %bcond_without python # Python bindings (any)
7 %bcond_without python2 # Python 2 bindings
8 %bcond_without python3 # Python 3 bindings
9 %bcond_without zos_remote # zos-remote audisp plugin (LDAP dep)
11 %ifnarch %{ix86} %{x8664} %{arm} aarch64 mips64 mips64le ppc64 ppc64le s390x
16 %undefine with_python2
17 %undefine with_python3
20 %if %{_ver_ge %(rpm -q --qf='%%{E}:%%{V}' linux-libc-headers) 7:5.17}
21 %define with_flex_array_fix 1
23 Summary: User space tools for 2.6 kernel auditing
24 Summary(pl.UTF-8): Narzędzia przestrzeni użytkownika do audytu jąder 2.6
30 Source0: https://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
31 # Source0-md5: 13dd813d9fdcc1853d930c081f9e8bdf
32 Source2: %{name}d.init
33 Source3: %{name}d.sysconfig
34 Patch0: %{name}-install.patch
35 Patch1: %{name}-m4.patch
36 Patch2: %{name}-nolibs.patch
37 Patch3: %{name}-systemd-notonly.patch
38 Patch4: %{name}-am.patch
39 Patch5: %{name}-no-refusemanualstop.patch
40 Patch6: %{name}-cronjob.patch
41 Patch7: golang-paths.patch
42 Patch8: %{name}-flex-array-workaround.patch
43 Patch9: %{name}-undo-flex-array.patch
44 URL: http://people.redhat.com/sgrubb/audit/
45 BuildRequires: autoconf >= 2.59
46 BuildRequires: automake >= 1:1.12.6
47 BuildRequires: glibc-headers >= 6:2.3.6
48 %{?with_kerberos5:BuildRequires: heimdal-devel}
49 BuildRequires: libcap-ng-devel
50 BuildRequires: libtool
51 BuildRequires: libwrap-devel
52 BuildRequires: linux-libc-headers >= 7:2.6.30
53 %{?with_zos_remote:BuildRequires: openldap-devel}
55 BuildRequires: python-devel >= 1:2.5
56 BuildRequires: rpm-pythonprov
57 BuildRequires: swig-python
60 BuildRequires: python3-devel
61 BuildRequires: rpm-pythonprov
62 BuildRequires: swig-python
64 BuildRequires: rpmbuild(macros) >= 1.750
65 BuildRequires: sed >= 4.0
67 %{?with_gccgo:BuildRequires: gcc-go >= 5.1}
68 %{!?with_gccgo:BuildRequires: golang >= 1.4}
70 Requires(post,preun): /sbin/chkconfig
71 Requires(post,preun,postun): systemd-units >= 38
72 Requires: %{name}-libs = %{version}-%{release}
74 Requires: systemd-units >= 38
75 Obsoletes: audit-audispd-plugins < 1.6.7
76 Obsoletes: audit-plugin-prelude < 3
77 Obsoletes: audit-systemd < 2.2-2
78 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
80 %define _sbindir /sbin
81 # use /lib, because this path is put in /usr/share/.../settings.py
82 %define _libexecdir %{_prefix}/lib
85 The audit package contains the user space utilities for storing and
86 processing the audit records generate by the audit subsystem in the
89 %description -l pl.UTF-8
90 Ten pakiet zawiera narzędzia przestrzeni użytkownika do przechowywania
91 i przetwarzania rekordów audytu generowanych przez podsystem audytu w
95 Summary: Dynamic audit libraries
96 Summary(pl.UTF-8): Biblioteki dynamiczne audit
101 The audit-libs package contains the dynamic libraries needed for
102 applications to use the audit framework.
104 %description libs -l pl.UTF-8
105 Ten pakiet zawiera biblioteki dynamiczne potrzebne dla aplikacji
106 używających środowiska audytu.
109 Summary: Header files for audit libraries
110 Summary(pl.UTF-8): Pliki nagłówkowe bibliotek audit
112 Group: Development/Libraries
113 Requires: %{name}-libs = %{version}-%{release}
114 Requires: linux-libc-headers >= 7:2.6.30
115 Requires: libcap-ng-devel
117 %description libs-devel
118 The audit-libs-devel package contains the header files needed for
119 developing applications that need to use the audit framework library.
121 %description libs-devel -l pl.UTF-8
122 Ten pakiet zawiera pliki nagłówkowe potrzebne do tworzenia aplikacji
123 używających biblioteki środowiska audytu.
126 Summary: Static audit libraries
127 Summary(pl.UTF-8): Statyczne biblioteki audit
129 Group: Development/Libraries
130 Requires: %{name}-libs-devel = %{version}-%{release}
132 %description libs-static
133 The audit-libs-static package contains the static libraries for
134 developing applications that need to use the audit framework.
136 %description libs-static -l pl.UTF-8
137 Ten pakiet zawiera statyczne biblioteki do tworzenia aplikacji
138 używających środowiska audytu.
140 %package -n golang-audit
141 Summary: Go language interface to libaudit library
142 Summary(pl.UTF-8): Interfejs języka Go do biblioteki libaudit
144 Group: Development/Languages
145 Requires: %{name}-libs = %{version}-%{release}
147 Requires: gcc-go >= 5.1
149 Requires: golang >= 1.4
152 %description -n golang-audit
153 Go language interface to libaudit library.
155 %description -n golang-audit -l pl.UTF-8
156 Interfejs języka Go do biblioteki libaudit.
158 %package -n python-audit
159 Summary: Python 2.x interface to libaudit library
160 Summary(pl.UTF-8): Interfejs Pythona 2.x do biblioteki libaudit
162 Group: Libraries/Python
163 Requires: %{name}-libs = %{version}-%{release}
165 %description -n python-audit
166 Python 2.x interface to libaudit library.
168 %description -n python-audit -l pl.UTF-8
169 Interfejs Pythona 2.x do biblioteki libaudit.
171 %package -n python3-audit
172 Summary: Python 3.x interface to libaudit library
173 Summary(pl.UTF-8): Interfejs Pythona 3.x do biblioteki libaudit
175 Group: Libraries/Python
176 Requires: %{name}-libs = %{version}-%{release}
178 %description -n python3-audit
179 Python 3.x interface to libaudit library.
181 %description -n python3-audit -l pl.UTF-8
182 Interfejs Pythona 3.x do biblioteki libaudit.
195 %if %{with flex_array_fix}
196 # workaround flexible array member (char buf[]) incompatible with swig<=4.0.2
197 cp /usr/include/linux/audit.h lib
201 %if %{without python}
202 sed 's#[^ ]*swig/[^ ]*/Makefile ##g' -i configure.ac
203 sed 's/swig//' -i bindings/Makefile.am
213 CC_FOR_BUILD="%{__cc}" \
214 CPPFLAGS_FOR_BUILD="%{rpmcppflags}" \
215 CFLAGS_FOR_BUILD="%{rpmcflags}" \
216 LDFLAGS_FOR_BUILD="%{rpmldflags}" \
217 %{?with_kerberos5:--enable-gssapi-krb5} \
221 %{!?with_zos_remote:--disable-zos-remote}
226 rm -rf $RPM_BUILD_ROOT
227 install -d $RPM_BUILD_ROOT{%{_sysconfdir}/audit/rules.d,%{_var}/log/audit}
230 DESTDIR=$RPM_BUILD_ROOT
232 %if %{with flex_array_fix}
233 # undo include change
235 patch -p0 --no-backup-if-mismatch < %{PATCH9}
239 # default to no audit (and no overhead)
240 cp -p rules/10-no-audit.rules $RPM_BUILD_ROOT%{_sysconfdir}/audit/rules.d
242 install %{SOURCE2} $RPM_BUILD_ROOT/etc/rc.d/init.d/auditd
243 install %{SOURCE3} $RPM_BUILD_ROOT/etc/sysconfig/auditd
245 install -d $RPM_BUILD_ROOT/%{_lib}
246 mv -f $RPM_BUILD_ROOT%{_libdir}/libaudit.so.* $RPM_BUILD_ROOT/%{_lib}
247 ln -sf /%{_lib}/$(basename $RPM_BUILD_ROOT/%{_lib}/libaudit.so.*.*.*) \
248 $RPM_BUILD_ROOT%{_libdir}/libaudit.so
249 mv -f $RPM_BUILD_ROOT%{_libdir}/libauparse.so.* $RPM_BUILD_ROOT/%{_lib}
250 ln -sf /%{_lib}/$(basename $RPM_BUILD_ROOT/%{_lib}/libauparse.so.*.*.*) \
251 $RPM_BUILD_ROOT%{_libdir}/libauparse.so
253 # RH initscripts-specific
254 %{__rm} -r $RPM_BUILD_ROOT%{_libexecdir}/initscripts
257 %py_comp $RPM_BUILD_ROOT%{py_sitedir}
258 %py_ocomp $RPM_BUILD_ROOT%{py_sitedir}
260 %{__rm} $RPM_BUILD_ROOT%{py_sitedir}/*.la
264 %{__rm} $RPM_BUILD_ROOT%{py3_sitedir}/*.la
268 rm -rf $RPM_BUILD_ROOT
270 %post libs -p /sbin/ldconfig
271 %postun libs -p /sbin/ldconfig
274 # Copy default rules into place on new installation
275 if [ ! -e %{_sysconfdir}/audit/audit.rules ] ; then
276 cp -a %{_sysconfdir}/audit/rules.d/10-no-audit.rules %{_sysconfdir}/audit/audit.rules
278 /sbin/chkconfig --add auditd
279 %service auditd restart "audit daemon"
280 %systemd_post auditd.service
283 if [ "$1" = "0" ]; then
285 /sbin/chkconfig --del auditd
287 %systemd_preun auditd.service
292 %triggerpostun -- audit < 3.0
293 if [ -f %{_sysconfdir}/audisp/audisp-remote.conf.rpmsave -a ! -f %{_sysconfdir}/audit/audisp-remote.conf.rpmnew ]; then
294 mv -f %{_sysconfdir}/audit/audisp-remote.conf %{_sysconfdir}/audit/audisp-remote.conf.rpmnew
295 mv -f %{_sysconfdir}/audisp/audisp-remote.conf.rpmsave %{_sysconfdir}/audit/audisp-remote.conf
297 if [ -f %{_sysconfdir}/audisp/plugins.d/af_unix.conf.rpmsave -a ! -f %{_sysconfdir}/audit/plugins.d/af_unix.conf.rpmnew ]; then
298 mv -f %{_sysconfdir}/audit/plugins.d/af_unix.conf %{_sysconfdir}/audit/plugins.d/af_unix.conf.rpmnew
299 mv -f %{_sysconfdir}/audisp/plugins.d/af_unix.conf.rpmsave %{_sysconfdir}/audit/plugins.d/af_unix.conf
301 if [ -f %{_sysconfdir}/audisp/plugins.d/au-remote.conf.rpmsave -a ! -f %{_sysconfdir}/audit/plugins.d/au-remote.conf.rpmnew ]; then
302 mv -f %{_sysconfdir}/audit/plugins.d/au-remote.conf %{_sysconfdir}/audit/plugins.d/au-remote.conf.rpmnew
303 mv -f %{_sysconfdir}/audisp/plugins.d/au-remote.conf.rpmsave %{_sysconfdir}/audit/plugins.d/au-remote.conf
305 if [ -f %{_sysconfdir}/audisp/plugins.d/syslog.conf.rpmsave -a ! -f %{_sysconfdir}/audit/plugins.d/syslog.conf.rpmnew ]; then
306 mv -f %{_sysconfdir}/audit/plugins.d/syslog.conf %{_sysconfdir}/audit/plugins.d/syslog.conf.rpmnew
307 mv -f %{_sysconfdir}/audisp/plugins.d/syslog.conf.rpmsave %{_sysconfdir}/audit/plugins.d/syslog.conf
309 %if %{with zos_remote}
310 if [ -f %{_sysconfdir}/audisp/zos-remote.conf.rpmsave -a ! -f %{_sysconfdir}/audit/zos-remote.conf.rpmnew ]; then
311 mv -f %{_sysconfdir}/audit/zos-remote.conf %{_sysconfdir}/audit/zos-remote.conf.rpmnew
312 mv -f %{_sysconfdir}/audisp/zos-remote.conf.rpmsave %{_sysconfdir}/audit/zos-remote.conf
314 if [ -f %{_sysconfdir}/audisp/plugins.d/audisp-zos-remote.conf.rpmsave -a ! -f %{_sysconfdir}/audit/plugins.d/audisp-zos-remote.conf.rpmnew ]; then
315 mv -f %{_sysconfdir}/audit/plugins.d/audisp-zos-remote.conf %{_sysconfdir}/audit/plugins.d/audisp-zos-remote.conf.rpmnew
316 mv -f %{_sysconfdir}/audisp/plugins.d/audisp-zos-remote.conf.rpmsave %{_sysconfdir}/audit/plugins.d/audisp-zos-remote.conf
321 %defattr(644,root,root,755)
322 %doc AUTHORS ChangeLog README THANKS rules/{README-rules,*.rules} init.d/auditd.cron
323 %attr(750,root,root) %{_bindir}/aulast
324 %attr(750,root,root) %{_bindir}/aulastlog
325 %attr(750,root,root) %{_bindir}/ausyscall
326 %attr(750,root,root) %{_bindir}/auvirt
327 %attr(750,root,root) %{_sbindir}/auditctl
328 %attr(750,root,root) %{_sbindir}/auditd
329 %attr(750,root,root) %{_sbindir}/augenrules
330 %attr(750,root,root) %{_sbindir}/aureport
331 %attr(750,root,root) %{_sbindir}/ausearch
332 %attr(750,root,root) %{_sbindir}/autrace
333 %attr(755,root,root) %{_sbindir}/audisp-remote
334 %attr(755,root,root) %{_sbindir}/audisp-syslog
335 %{_libexecdir}/audit-functions
336 %dir %{_datadir}/audit
337 %{_datadir}/audit/sample-rules
338 %dir %{_sysconfdir}/audit
339 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audit/audisp-remote.conf
340 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audit/audit-stop.rules
341 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audit/auditd.conf
342 %dir %{_sysconfdir}/audit/plugins.d
343 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audit/plugins.d/af_unix.conf
344 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audit/plugins.d/au-remote.conf
345 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audit/plugins.d/syslog.conf
346 %dir %{_sysconfdir}/audit/rules.d
347 %attr(640,root,root) %config(noreplace,missingok) %verify(not md5 mtime size) %{_sysconfdir}/audit/rules.d/10-no-audit.rules
348 %attr(754,root,root) /etc/rc.d/init.d/auditd
349 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/sysconfig/auditd
350 %{systemdunitdir}/auditd.service
351 %attr(750,root,root) %dir %{_var}/log/audit
352 %{_mandir}/man5/audisp-remote.conf.5*
353 %{_mandir}/man5/auditd.conf.5*
354 %{_mandir}/man5/auditd-plugins.5*
355 %{_mandir}/man5/ausearch-expression.5*
356 %{_mandir}/man7/audit.rules.7*
357 %{_mandir}/man8/audisp-remote.8*
358 %{_mandir}/man8/audisp-syslog.8*
359 %{_mandir}/man8/auditctl.8*
360 %{_mandir}/man8/auditd.8*
361 %{_mandir}/man8/augenrules.8*
362 %{_mandir}/man8/aulast.8*
363 %{_mandir}/man8/aulastlog.8*
364 %{_mandir}/man8/aureport.8*
365 %{_mandir}/man8/ausearch.8*
366 %{_mandir}/man8/ausyscall.8*
367 %{_mandir}/man8/autrace.8*
368 %{_mandir}/man8/auvirt.8*
370 %if %{with zos_remote}
371 %attr(755,root,root) %{_sbindir}/audispd-zos-remote
372 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audit/zos-remote.conf
373 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audit/plugins.d/audispd-zos-remote.conf
374 %{_mandir}/man5/zos-remote.conf.5*
375 %{_mandir}/man8/audispd-zos-remote.8*
379 %defattr(644,root,root,755)
380 %attr(755,root,root) /%{_lib}/libaudit.so.*.*.*
381 %attr(755,root,root) %ghost /%{_lib}/libaudit.so.1
382 %attr(755,root,root) /%{_lib}/libauparse.so.*.*.*
383 %attr(755,root,root) %ghost /%{_lib}/libauparse.so.0
384 %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/libaudit.conf
385 %{_mandir}/man5/libaudit.conf.5*
388 %defattr(644,root,root,755)
389 %attr(755,root,root) %{_libdir}/libaudit.so
390 %attr(755,root,root) %{_libdir}/libauparse.so
391 %{_libdir}/libaudit.la
392 %{_libdir}/libauparse.la
393 %{_includedir}/auparse*.h
394 %{_includedir}/libaudit.h
395 %{_pkgconfigdir}/audit.pc
396 %{_pkgconfigdir}/auparse.pc
397 %{_aclocaldir}/audit.m4
398 %{_mandir}/man3/audit_*.3*
399 %{_mandir}/man3/auparse_*.3*
400 %{_mandir}/man3/ausearch_*.3*
401 %{_mandir}/man3/get_auditfail_action.3*
402 %{_mandir}/man3/set_aumessage_mode.3*
405 %defattr(644,root,root,755)
406 %{_libdir}/libaudit.a
407 %{_libdir}/libauparse.a
410 %files -n golang-audit
411 %defattr(644,root,root,755)
412 %dir %{_libdir}/golang/src/redhat.com
413 %{_libdir}/golang/src/redhat.com/audit
417 %files -n python-audit
418 %defattr(644,root,root,755)
419 %attr(755,root,root) %{py_sitedir}/_audit.so
420 %attr(755,root,root) %{py_sitedir}/auparse.so
421 %{py_sitedir}/audit.py[co]
425 %files -n python3-audit
426 %defattr(644,root,root,755)
427 %attr(755,root,root) %{py3_sitedir}/_audit.so
428 %attr(755,root,root) %{py3_sitedir}/auparse.so
429 %{py3_sitedir}/audit.py
430 %{py3_sitedir}/__pycache__/audit.cpython-*.py[co]