Projects
Mega:24.03:SP1:Everything
audit
_service:tar_scm:audit.spec
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:tar_scm:audit.spec of Package audit
Summary: User space tools for kernel auditing Name: audit Epoch: 1 Version: 3.1.2 Release: 6 License: GPLv2+ and LGPLv2+ URL: https://people.redhat.com/sgrubb/audit/ Source0: https://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz Source1: https://www.gnu.org/licenses/lgpl-2.1.txt Patch0: bugfix-audit-support-armv7b.patch Patch1: bugfix-audit-userspace-missing-syscalls-for-aarm64.patch Patch2: bugfix-audit-reload-coredump.patch Patch3: audit-Add-sw64-architecture.patch Patch4: backport-Rewrite-legacy-service-functions-in-terms-of-systemc.patch Patch5: backport-Error-out-if-required-zos-parameters-missing.patch Patch6: backport-Fix-deprecated-python-function.patch Patch7: backport-lib-close-audit-socket-in-load_feature_bitmap-334.patch Patch8: backport-lib-enclose-macro-to-avoid-precedence-issues.patch Patch9: backport-memory-allocation-updates-341.patch Patch10: backport-lib-cast-to-unsigned-char-for-character-test-functio.patch Patch11: backport-Make-session-id-consistently-typed-327.patch Patch12: backport-Avoid-file-descriptor-leaks-in-multi-threaded-applic.patch Patch13: backport-fix-the-use-of-isdigit-everywhere.patch Patch14: backport-Fix-new-warnings-for-unused-results.patch Patch15: backport-Change-the-first-iteration-test-so-static-analysis-b.patch Patch16: backport-Consolidate-end-of-event-detection-to-a-common-funct.patch Patch17: backport-Issue343-Fix-checkpoint-issue-to-ensure-all-complete.patch Patch18: backport-lib-avoid-UB-on-sequence-wrap-around-347.patch Patch19: backport-Change-python-bindings-to-switch-from-PyEval_CallObj.patch Patch20: backport-Cleanup-shell-script-warnings.patch Patch21: backport-Solve-issue-363-by-moving-check-to-after-load_config.patch Patch22: backport-first-part-of-NULL-pointer-checks.patch Patch23: backport-second-part-of-NULL-pointer-checks.patch Patch24: backport-last-part-of-NULL-pointer-checks.patch Patch25: backport-Fixed-NULL-checks.patch Patch26: backport-update-error-messages-in-NULL-Checks.patch Patch27: backport-adding-the-file-descriptor-closure.patch Patch28: backport-correcting-memcmp-args-in-check_rule_mismatch-functi.patch Patch29: backport-Use-atomic_int-if-available-for-signal-related-flags.patch Patch30: backport-Use-atomic_uint-if-available-for-signal-related-flag.patch Patch31: backport-avoiding-of-NULL-pointers-dereference-366.patch Patch32: backport-Cleanup-code-in-LRU.patch Patch33: backport-Fix-memory-leaks.patch Patch34: backport-fix-one-more-leak.patch Patch35: backport-Correct-output-when-displaying-rules-with-exe-path-d.patch BuildRequires: gcc swig libtool systemd kernel-headers >= 2.6.29 BuildRequires: openldap-devel krb5-devel libcap-ng-devel %ifarch %{golang_arches} BuildRequires: golang %endif Requires: %{name}-libs = %{epoch}:%{version}-%{release} Requires(post): systemd coreutils Requires(preun): systemd Requires(postun): systemd coreutils %description The audit package contains the user space utilities for storing and searching the audit records generated by the audit subsystem in the Linux 2.6 and later kernels. %package libs Summary: Dynamic library for libaudit License: LGPLv2+ %description libs The audit-libs package contains the dynamic libraries needed for applications to use the audit framework. %package -n audispd-plugins Summary: Plugins for audit event dispatcher License: GPLv2+ Requires: %{name} = %{epoch}:%{version}-%{release} Requires: %{name}-libs = %{epoch}:%{version}-%{release} %description -n audispd-plugins This package provides plugins for the real-time interface to audispd. %package -n audispd-plugins-zos Summary: z/OS plugin for audit event dispatcher License: GPLv2+ Requires: %{name} = %{epoch}:%{version}-%{release} Requires: %{name}-libs = %{epoch}:%{version}-%{release} Requires: openldap %description -n audispd-plugins-zos This package provides a z/OS plugin for audit event dispatcher that will forward audit events to a configured z/OS service management facility database. %package devel Summary: Header files for libaudit License: LGPLv2+ Requires: %{name}%{?_isa} = %{epoch}:%{version}-%{release} Requires: kernel-headers >= 2.6.29 Provides: audit-libs-devel audit-libs-static %description devel The audit-libs-devel package contains the header files needed for developing applications that need to use the audit framework libraries. %package -n python3-audit Summary: Python3 bindings for libaudit License: LGPLv2+ BuildRequires: python3-devel Requires: %{name}%{?_isa} = %{epoch}:%{version}-%{release} Provides: audit-libs-python3 = %{version}-%{release} Provides: audit-libs-python3%{?_isa} = %{version}-%{release} Obsoletes: audit-libs-python3 < %{version}-%{release} %description -n python3-audit The python3-audit package contains the bindings so that libaudit and libauparse can be used by python3. %package_help %prep %autosetup -n %{name}-%{version} -p1 cp %{SOURCE1} . cp /usr/include/linux/audit.h lib/ autoreconf -f -i %build %configure --sbindir=/sbin --libdir=/%{_lib} --with-python=no \ --with-python3=yes \ --enable-gssapi-krb5=yes --with-arm --with-aarch64 \ --with-libcap-ng=yes --enable-zos-remote \ %ifarch %{golang_arches} --with-golang \ %endif --enable-systemd make CC=%{__cc} CFLAGS="%{optflags}" %{?_smp_mflags} %install mkdir -p $RPM_BUILD_ROOT/{sbin,etc/audit/plugins.d,etc/audit/rules.d} mkdir -p $RPM_BUILD_ROOT/%{_mandir}/{man5,man8} mkdir -p $RPM_BUILD_ROOT/%{_lib} mkdir -p $RPM_BUILD_ROOT/%{_libdir}/audit mkdir -p --mode=0700 $RPM_BUILD_ROOT/%{_var}/log/audit mkdir -p $RPM_BUILD_ROOT/%{_var}/spool/audit make DESTDIR=$RPM_BUILD_ROOT install mkdir -p $RPM_BUILD_ROOT/%{_libdir} mv $RPM_BUILD_ROOT/%{_lib}/libaudit.a $RPM_BUILD_ROOT%{_libdir} mv $RPM_BUILD_ROOT/%{_lib}/libauparse.a $RPM_BUILD_ROOT%{_libdir} curdir=`pwd` cd $RPM_BUILD_ROOT/%{_libdir} LIBNAME=`basename \`ls $RPM_BUILD_ROOT/%{_lib}/libaudit.so.1.*.*\`` ln -s ../../%{_lib}/$LIBNAME libaudit.so LIBNAME=`basename \`ls $RPM_BUILD_ROOT/%{_lib}/libauparse.so.0.*.*\`` ln -s ../../%{_lib}/$LIBNAME libauparse.so cd $curdir rm -f $RPM_BUILD_ROOT/%{_lib}/libaudit.so rm -f $RPM_BUILD_ROOT/%{_lib}/libauparse.so find $RPM_BUILD_ROOT/%{_libdir}/python%{python3_version}/site-packages -name '*.a' -delete mv $RPM_BUILD_ROOT/%{_lib}/pkgconfig $RPM_BUILD_ROOT%{_libdir} touch -r ./audit.spec $RPM_BUILD_ROOT/etc/libaudit.conf touch -r ./audit.spec $RPM_BUILD_ROOT/usr/share/man/man5/libaudit.conf.5.gz cur=`pwd` cd $RPM_BUILD_ROOT find . -name '*.orig' -delete cd $cur %delete_la %check make check rm -f rules/Makefile* %pre if [ -d "/etc/audisp/" ];then # custom plugins, copy config files from /etc/audisp/plugins.d to /etc/audit/plugins.d # self-plugins confile files will be overwritten when installing self_config_files_285=(syslog.conf au-remote.conf audispd-zos-remote.conf af_unix.conf) plugins_config_files=`ls /etc/audisp/plugins.d/*.conf 2>/dev/null | wc -w` if [ $plugins_config_files -gt 0 ];then if [ ! -d /etc/audit/plugins.d/ ];then mkdir -p /etc/audit/plugins.d/ fi for file in `/usr/bin/ls /etc/audisp/plugins.d/*.conf` do if [[ " ${self_config_files_285} " =~ " `/usr/bin/basename $file` " ]];then continue else if [ ! -f /etc/audit/plugins.d/`/usr/bin/basename $file` ];then cp $file /etc/audit/plugins.d/ fi fi done fi fi %post /sbin/ldconfig files=`ls /etc/audit/rules.d/ 2>/dev/null | wc -w` if [ "$files" -eq 0 ] ; then if [ -e /usr/share/doc/audit/rules/10-no-audit.rules ] ; then cp /usr/share/doc/audit/rules/10-no-audit.rules /etc/audit/rules.d/audit.rules else touch /etc/audit/rules.d/audit.rules fi chmod 0600 /etc/audit/rules.d/audit.rules fi # merge custom changes to new file if [ -d "/etc/audisp/" ];then if [ -s "/etc/audisp/plugins.d/af_unix.conf" ];then diffrence=`diff /etc/audisp/plugins.d/af_unix.conf /etc/audit/plugins.d/af_unix.conf` if [ "X$diffrence" != "X" ];then cp /etc/audisp/plugins.d/af_unix.conf /etc/audit/plugins.d/af_unix.conf fi fi fi %systemd_post auditd.service %post -n audispd-plugins # after installing audispd-plugins if [ -d "/etc/audisp/" ];then for file in audisp-remote.conf au-remote.conf syslog.conf do # merge custom changes to new file if [ "$file" == "audisp-remote.conf" ];then if [ -s "/etc/audisp/$file" ];then diffrence=`diff /etc/audisp/$file /etc/audit/$file` if [ "X$diffrence" != "X" ];then cp /etc/audisp/$file /etc/audit/$file if [ "X`grep startup_failure_action /etc/audit/$file`" == "X" ];then # add option in new version echo "startup_failure_action = warn_once_continue" >> /etc/audit/$file fi fi fi elif [ "$file" == "syslog.conf" ];then if [ -s "/etc/audisp/plugins.d/$file" ];then diffrence=`diff /etc/audisp/plugins.d/$file /etc/audit/plugins.d/$file` if [ "X$diffrence" != "X" ];then cp /etc/audisp/plugins.d/syslog.conf /etc/audit/plugins.d/syslog.conf # change options "path" and "type" sed -i 's/path[ ]*=[ ]*builtin_syslog/path\ =\ \/sbin\/audisp-syslog/g' /etc/audit/plugins.d/syslog.conf sed -i 's/type[ ]*=[ ]*builtin/type\ =\ always/g' /etc/audit/plugins.d/syslog.conf fi fi else if [ -s "/etc/audisp/plugins.d/$file" ];then diffrence=`diff /etc/audisp/plugins.d/$file /etc/audit/plugins.d/$file` if [ "X$diffrence" != "X" ];then cp /etc/audisp/plugins.d/$file /etc/audit/plugins.d/$file fi fi fi done fi %post -n audispd-plugins-zos # after installing audispd-plugins-zos if [ -d "/etc/audisp/" ];then for file in audispd-zos-remote.conf zos-remote.conf do # merge custom changes to new file if [ "$file" == "zos-remote.conf" ];then if [ -s "/etc/audisp/$file" ];then diffrence=`diff /etc/audisp/$file /etc/audit/$file` if [ "X$diffrence" != "X" ];then cp /etc/audisp/$file /etc/audit/$file fi fi elif [ "$file" == "audispd-zos-remote.conf" ];then if [ -s "/etc/audisp/plugins.d/$file" ];then diffrence=`diff /etc/audisp/plugins.d/$file /etc/audit/plugins.d/$file` if [ "X$diffrence" != "X" ];then cp /etc/audisp/plugins.d/$file /etc/audit/plugins.d/$file # change option "args" sed -i 's/\/etc\/audisp\/zos-remote\.conf/\/etc\/audit\/zos-remote\.conf/g' /etc/audit/plugins.d/$file fi fi fi done fi %preun if [ $1 -eq 0 ] && [ -x /usr/bin/systemctl ]; then # Package removal, not upgrade /usr/bin/systemctl --no-reload disable auditd.service || : fi if [ $1 -eq 0 ]; then # Package removal, not upgrade /sbin/service auditd stop > /dev/null 2>&1 fi %postun /sbin/ldconfig if [ $1 -ge 1 ]; then /sbin/service auditd condrestart > /dev/null 2>&1 || : fi %files %doc README %{!?_licensedir:%global license %%doc} %license COPYING lgpl-2.1.txt %attr(755,root,root) /sbin/auditctl %attr(755,root,root) /sbin/auditd %attr(755,root,root) /sbin/ausearch %attr(755,root,root) /sbin/aureport %attr(750,root,root) /sbin/autrace %attr(755,root,root) /sbin/augenrules %attr(755,root,root) %{_bindir}/aulast %attr(755,root,root) %{_bindir}/aulastlog %attr(755,root,root) %{_bindir}/ausyscall %attr(755,root,root) %{_bindir}/auvirt %attr(644,root,root) %{_unitdir}/auditd.service %attr(750,root,root) %dir %{_libexecdir}/initscripts/legacy-actions/auditd %attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/condrestart %attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/reload %attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/restart %attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/resume %attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/rotate %attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/state %attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/stop %ghost %{_localstatedir}/run/auditd.state %attr(750,root,root) %dir %{_var}/log/audit %attr(750,root,root) %dir /etc/audit %attr(750,root,root) %dir /etc/audit/rules.d %attr(750,root,root) %dir /etc/audit/plugins.d %config(noreplace) %attr(640,root,root) /etc/audit/auditd.conf %ghost %config(noreplace) %attr(600,root,root) /etc/audit/rules.d/audit.rules %ghost %config(noreplace) %attr(640,root,root) /etc/audit/audit.rules %config(noreplace) %attr(640,root,root) /etc/audit/audit-stop.rules %config(noreplace) %attr(640,root,root) /etc/audit/plugins.d/af_unix.conf %files libs /%{_lib}/libaudit.so.1* /%{_lib}/libauparse.* %config(noreplace) %attr(640,root,root) /etc/libaudit.conf %files -n audispd-plugins %config(noreplace) %attr(640,root,root) /etc/audit/audisp-remote.conf %config(noreplace) %attr(640,root,root) /etc/audit/plugins.d/au-remote.conf %config(noreplace) %attr(640,root,root) /etc/audit/plugins.d/syslog.conf %attr(750,root,root) /sbin/audisp-remote %attr(750,root,root) /sbin/audisp-syslog %attr(750,root,root) /sbin/audisp-af_unix %attr(700,root,root) %dir %{_var}/spool/audit %files -n audispd-plugins-zos %config(noreplace) %attr(640,root,root) /etc/audit/plugins.d/audispd-zos-remote.conf %config(noreplace) %attr(640,root,root) /etc/audit/zos-remote.conf %attr(750,root,root) /sbin/audispd-zos-remote %files devel %defattr(-,root,root) %doc contrib/plugin %{!?_licensedir:%global license %%doc} %license lgpl-2.1.txt %{_libdir}/libaudit.so %{_libdir}/libauparse.so %ifarch %{golang_arches} %dir %{_prefix}/lib/golang/src/pkg/redhat.com/audit %{_prefix}/lib/golang/src/pkg/redhat.com/audit/audit.go %endif %{_includedir}/libaudit.h %{_includedir}/auparse.h %{_includedir}/auparse-defs.h %{_datadir}/aclocal/audit.m4 %{_libdir}/pkgconfig/audit.pc %{_libdir}/pkgconfig/auparse.pc %{_libdir}/libaudit.a %{_libdir}/libauparse.a %files -n python3-audit %attr(755,root,root) %{python3_sitearch}/* %files help %defattr(-,root,root) %doc ChangeLog rules init.d/auditd.cron %attr(644,root,root) %{_datadir}/%{name}/sample-rules/* %attr(644,root,root) %{_mandir}/man3/*.3.gz %attr(644,root,root) %{_mandir}/man5/*.5.gz %attr(644,root,root) %{_mandir}/man7/*.7.gz %attr(644,root,root) %{_mandir}/man8/*.8.gz %changelog * Sat Aug 24 2024 fangxiuning<fangxiuning@huawei.com> - 1:3.1.2-6 - backport patches to fix bug * Wed Jul 17 2024 xuraoqing<xuraoqing@huawei.com> - 1:3.1.2-5 - backport patches to fix bugs * Thu Jun 06 2024 fuanan <fuanan3@h-partners.com> - 1:3.1.2-4 - backport patches from upstream * Wed May 29 2024 fangxiuning<fangxiuning@huawei.com> - 1:3.1.2-3 - backport patches to fix bugs * Thu Feb 1 2024 liyunfei<liyunfei33@huawei.com> - 1:3.1.2-2 - add clang compile support * Thu Jan 25 2024 zhengxiaoxiao<zhengxiaoxiao2@huawei.com> - 1:3.1.2-1 - update version to 3.1.2 - When processing a run level change, make auditd exit - In auditd, fix return code when rules added in immutable mode - In auparse, when files are given, also consider EUID for access - Auparse now interprets unnamed/anonymous sockets (Enzo Matsumiya) - Disable Python bindings from setting rules due to swig bug (S. Trofimovich) - Update all lookup tables for the 6.5 kernel - Don't be as paranoid about auditctl -R file permissions - In ausearch, correct subject/object search to be an and if both are given - Adjust formats for 64 bit time_t - Fix segfault in python bindings around the feed API - Add feed_has_data, get_record_num, and get/goto_field_num to python bindings * Mon Jul 24 2023 zhengxiaoxiao<zhengxiaoxiao2@huawei.com> - 1:3.1.1-1 - update version to 3.1.1 * Fri Mar 24 2023 dongyuzhen <dongyuzhen@h-partners.com> - 1:3.0.9-2 - backport patches from upstream * Thu Feb 2 2023 zhangguangzhi<zhangguangzhi3@huawei.com> - 1:3.0.9-1 - update version to 3.0.9 * Mon Jan 16 2023 zhangguangzhi<zhangguangzhi3@huawei.com> - 1:3.0.1-5 - backport patch adapt to kernel 6.1 * Wed Nov 23 2022 zhangguangzhi<zhangguangzhi3@huawei.com> - 1:3.0.1-4 - del golang_arches for check * Tue Oct 18 2022 wuzx<wuzx1226@qq.com> - 3.0.1-3 - add sw64 patch * Sat Feb 12 2022 yixiangzhike <yixiangzhike007@163.com> - 3.0.1-2 - Fix failure of stopping auditd before uninstalling * Fri Dec 31 2021 yixiangzhike <yixiangzhike007@163.com> - 3.0.1-1 - update to 3.0.1 * Tue Nov 16 2021 yixiangzhike <yixiangzhike007@163.com> - 3.0-4 - backport some patches Turn libaucommon into a libtool convenience library Fix the closing timing of audit_fd Fix some string length issues Move the free_config to success path Check for fuzzer induced invalid value error out if log is mangled Dont run off the end with corrupt logs Another hardening measure for corrupted logs Fix busy loop in normalizer when logs are corrupt Better fix for busy loop in normalizer when logs are corrupt flush uid gid caches when user group added deleted modified In auditd check if log_file is valid before closing handle Check ctime return code When interpreting if val is NULL return an empty string auditd.service Restart on failure ignoring some exit In auditd close the logging file descriptor when logging is suspended * Wed Sep 1 2021 steven.ygui <steven_ygui@163.com> - 3.0-3 - backport some patches to fix memory leak and double free issues * Fri May 28 2021 yixiangzhike <zhangxingliang3@huawei.com> - 3.0-2 - solve the script failure when package upgrade * Tue May 25 2021 yixiangzhike <zhangxingliang3@huawei.com> - 3.0-1 - update to 3.0 * Mon May 24 2021 yixiangzhike <zhangxingliang3@huawei.com> - 2.8.5-4 - fix directory permissions for /etc/audisp and /etc/audisp/plugins.d * Thu Oct 29 2020 zhangxingliang <zhangxingliang3@huawei.com> - 2.8.5-3 - remove python2 subpackage * Wed Aug 19 2020 wangchen <wangchen137@huawei.com> - 2.8.5-2 - add epoch for requires * Wed Jul 29 2020 wangchen <wangchen137@huawei.com> - 2.8.5-1 - revert to 2.8.5 * Wed Jan 22 2020 openEuler Buildteam <buildteam@openeuler.org> - 3.0-5 - add subpackages * Tue Jan 14 2020 openEuler Buildteam <buildteam@openeuler.org> - 3.0-4 - clean code * Wed Oct 9 2019 openEuler Buildteam <buildteam@openeuler.org> - 3.0-3 - Adjust requires * Sun Sep 29 2019 openEuler Buildteam <buildteam@openeuler.org> - 3.0-2 - Fix the auditctl error * Sat Sep 21 2019 openEuler Buildteam <buildteam@openeuler.org> - 3.0-1 - Package init
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.
浙ICP备2022010568号-2