Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:CoffeeDev:xr
audit
audit-secondary.spec
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File audit-secondary.spec of Package audit
# # spec file for package audit-secondary # # Copyright (c) 2024 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via https://bugs.opensuse.org/ # %bcond_without python2 %bcond_without python3 # This package contains all audit functionality except for audit-libs. # The seperation is required to minimize unnecessary build cycles. %define _name audit Name: audit-secondary Version: 4.0 Release: 0 Summary: Linux kernel audit subsystem utilities License: GPL-2.0-or-later Group: System/Monitoring URL: https://people.redhat.com/sgrubb/audit/ Source0: https://people.redhat.com/sgrubb/audit/%{_name}-%{version}.tar.gz Source1: system-group-audit.conf Patch1: audit-plugins-path.patch Patch2: audit-no-gss.patch Patch3: audit-ausearch-do-not-require-tclass.patch Patch4: change-default-log_group.patch Patch5: harden_auditd.service.patch Patch6: change-default-log_format.patch Patch7: fix-hardened-service.patch Patch8: enable-stop-rules.patch Patch9: fix-auparse-test.patch Patch10: auditd.service-fix-plugin-termination.patch Patch11: audit-allow-manual-stop.patch BuildRequires: audit-devel = %{version} BuildRequires: autoconf >= 2.12 BuildRequires: kernel-headers >= 2.6.30 BuildRequires: libtool BuildRequires: openldap2-devel BuildRequires: pkgconfig %if %{with python2} BuildRequires: python2-devel %endif %if %{with python3} BuildRequires: python3-devel %endif BuildRequires: swig BuildRequires: systemd-rpm-macros BuildRequires: sysuser-tools BuildRequires: tcpd-devel BuildRequires: pkgconfig(libcap-ng) Provides: bundled(libev) = 4.33 %description The audit package contains the user space utilities for storing and processing the records generated by the audit subsystem in the Linux kernel. %package -n audit Summary: User Space Tools for Kernel Auditing License: LGPL-2.1-or-later Group: System/Monitoring Requires: %{_name}-libs = %{version} Requires: %{_name}-rules = %{version} Requires: coreutils Requires: group(audit) %{?systemd_ordering} %description -n audit The audit package contains the user space utilities for storing and processing the audit records generated by the audit subsystem in the Linux kernel. %package -n audit-rules Summary: Rules and utilities for audit License: LGPL-2.1-or-later Requires: gawk Recommends: audit = %{version}-%{release} %description -n audit-rules The audit rules package contains the rules and utilities to load audit rules. %package -n system-group-audit Summary: System group 'audit' License: LGPL-2.1-or-later Group: System/Fhs BuildArch: noarch %sysusers_requires %description -n system-group-audit This package contains the system group 'audit' for read access to logs. %package -n python2-audit Summary: Python Bindings for libaudit License: LGPL-2.1-or-later Group: Development/Languages/Python Provides: audit-libs-python = %{version} Obsoletes: audit-libs-python < %{version} %description -n python2-audit The audit-libs-python package contains the bindings for using libaudit by python. %package -n python3-audit Summary: Python3 Bindings for libaudit License: LGPL-2.1-or-later Group: Development/Languages/Python Provides: audit-libs-python3 = %{version} Obsoletes: audit-libs-python3 < %{version} %description -n python3-audit The audit-libs-python3 package contains the bindings for using libaudit by python3. %package -n audit-audispd-plugins Summary: Default plugins for the audit dispatcher License: GPL-2.0-or-later Group: System/Monitoring %description -n audit-audispd-plugins The audit-audispd-plugins package contains plugin components for the audit dispatcher (audispd). %prep # remove selinux policy rm -rf audisp/plugins/zos-remote/policy # we don't build prelude rm -rf audisp/plugins/prelude %autosetup -p1 -n %{_name}-%{version} %if %{without python2} && %{with python3} # Fix python env call in tests if we only have Python3. # If both versions are present, python2 bindings are preferred by the tests and # unconditionally using /usr/bin/python3 breaks the tests # Probably the correct solution is to run the tests twice if both are present. perl -i -lpe 's{#!/usr/bin/env python\S+}{#!/usr/bin/python3}' auparse/test/auparse_test.py %endif %build autoreconf -fi export CFLAGS="%{optflags} -fno-strict-aliasing" export CXXFLAGS="$CFLAGS" export LDFLAGS="-Wl,-z,relro,-z,now" # no krb support (omit --enable-gssapi-krb5=yes), see audit-no-gss.patch %configure \ %ifarch aarch64 --with-aarch64 \ %endif %ifarch arm --with-arm \ %endif --libexecdir=%{_libexecdir}/%{_name} \ --with-apparmor \ --with-libwrap \ --with-libcap-ng=yes \ --disable-static \ %{?_with_python3} \ %{?_without_python} %make_build %sysusers_generate_pre %{SOURCE1} audit system-group-audit.conf %install # Set $PYTHON3 here so py-compile works correctly on distros that doesn't ship /usr/bin/python %make_install PYTHON3=$(realpath %__python3) mkdir -p %{buildroot}%{_localstatedir}/log/audit/ touch %{buildroot}%{_localstatedir}/log/audit/audit.log mkdir -p %{buildroot}%{_localstatedir}/spool/audit/ mkdir -p %{buildroot}%{_sysusersdir} install -m 0644 %{SOURCE1} %{buildroot}%{_sysusersdir}/ # For ghost below, so that old location files will still be there when # post copy runs mkdir -p %{buildroot}%{_sysconfdir}/%{_name}/ mkdir -p %{buildroot}%{_sysconfdir}/%{_name}/rules.d/ mkdir -p %{buildroot}%{_datadir}/%{_name}-rules touch %{buildroot}%{_sysconfdir}/audit/{auditd.conf,audit.rules} # On platforms with 32 & 64 bit libs, we need to coordinate the timestamp touch -r ./audit.spec %{buildroot}%{_sysconfdir}/libaudit.conf # Starting with audit 2.5 no config is installed so start with no rules install -m 0644 rules/10-no-audit.rules %{buildroot}%{_sysconfdir}/%{_name}/rules.d/audit.rules # delete redhat scripts, use ours rm -rf %{buildroot}%{_sysconfdir}/sysconfig/auditd rm -rf %{buildroot}%{_initddir}/auditd rm -rf %{buildroot}%{_sysconfdir}/rc.d/init.d # delete redhat systemd legacy scripts, our systemd doesn't support the feature # https://lists.fedoraproject.org/pipermail/devel/2012-June/169411.html rm -rf %{buildroot}%{_libexecdir}/audit # Clean up some unneeded library files rm -f %{buildroot}/%{_libdir}/python*/site-packages/{_audit,_auparse,auparse}.{a,la} rm -rf %{buildroot}/%{_libdir}/python*/site-packages/__pycache__ # cleanup makefiles for the rules (installed by %%docs command) rm -f %{buildroot}/%{_libdir}/pkgconfig/{audit,auparse}.pc # cleanup files handled by audit.spec rm -rf %{buildroot}/%{_datadir}/aclocal/ rm -rf %{buildroot}/%{_includedir} rm -f %{buildroot}/%{_libdir}/lib{audit,auparse}.* rm -f %{buildroot}%{_sysconfdir}/libaudit.conf rm -f %{buildroot}/%{_mandir}/man5/libaudit.conf.5 rm -rf %{buildroot}/%{_mandir}/man3 # Cleanup plugins #USR-MERGE %if 0%{?suse_version} < 1550 mkdir %{buildroot}/sbin/ for prog in auditctl auditd ausearch aureport augenrules; do ln -s %{_sbindir}/$prog %{buildroot}/sbin/$prog done %endif #END-USR-MERGE %if 0%{?suse_version} < 1550 # rcauditd symlink ln -s service %{buildroot}%{_sbindir}/rcauditd %endif chmod 0644 %{buildroot}%{_unitdir}/auditd.service %check %make_build check %post -n audit # Save existing auditd.conf if any (from old locations) if [ -f %{_sysconfdir}/auditd.conf ]; then mv %{_sysconfdir}/audit/auditd.conf %{_sysconfdir}/audit/auditd.conf.new mv %{_sysconfdir}/auditd.conf %{_sysconfdir}/audit/auditd.conf fi %service_add_post auditd.service %post -n audit-rules if [ -f %{_sysconfdir}/audit.rules ]; then # If /etc/audit.rules exists, move into the expected default place /etc/audit/audit.rules. mv %{_sysconfdir}/audit.rules %{_sysconfdir}/%{_name}/audit.rules else # We only expect /etc/audit/audit.rules to exist. If it doesn't, augenrules --load will create # it with the rules in /etc/audit/rules.d. # # If /etc/audit/rules.d is empty, copy the default rules file (no-rules). files=`ls /etc/audit/rules.d/ 2>/dev/null | wc -w` if [ "$files" -eq 0 ] ; then touch %{_sysconfdir}/%{_name}/audit.rules install -m 0600 %{_datadir}/audit-rules/10-no-audit.rules %{_sysconfdir}/%{_name}/rules.d/audit.rules # Make the new rules active fi augenrules --load fi %service_add_post audit-rules.service %pre -n audit %service_add_pre auditd.service %pre -n audit-rules %service_add_pre audit-rules.service %pre -n system-group-audit -f audit.pre %preun -n audit %service_del_preun auditd.service %preun -n audit-rules # If uninstalling, delete the rules loaded in the kernel if [ $1 -eq 0 ]; then auditctl -D > /dev/null 2>&1 fi %service_del_preun audit-rules.service %postun -n audit %service_del_postun auditd.service %postun -n audit-rules %service_del_postun audit-rules.service %files -n audit %license COPYING %doc README.md ChangeLog init.d/auditd.cron %attr(644,root,root) %{_mandir}/man8/auditd.8.gz %attr(644,root,root) %{_mandir}/man8/aureport.8.gz %attr(644,root,root) %{_mandir}/man8/ausearch.8.gz %attr(644,root,root) %{_mandir}/man8/aulast.8.gz %attr(644,root,root) %{_mandir}/man8/aulastlog.8.gz %attr(644,root,root) %{_mandir}/man8/ausyscall.8.gz %attr(644,root,root) %{_mandir}/man5/auditd.conf.5.gz %attr(644,root,root) %{_mandir}/man5/ausearch-expression.5.gz %attr(644,root,root) %{_mandir}/man8/audisp-af_unix.8.gz %if 0%{?suse_version} < 1550 /sbin/auditd /sbin/ausearch /sbin/aureport %endif %attr(750,root,root) %{_sbindir}/auditd %attr(755,root,root) %{_sbindir}/ausearch %attr(750,root,root) %{_sbindir}/audisp-syslog %attr(755,root,root) %{_bindir}/aulast %attr(755,root,root) %{_bindir}/aulastlog %attr(755,root,root) %{_bindir}/ausyscall %attr(755,root,root) %{_sbindir}/aureport %attr(755,root,root) %{_sbindir}/audisp-af_unix %dir %attr(750,root,root) %{_sysconfdir}/audit %dir %attr(750,root,root) %{_sysconfdir}/audit/plugins.d %config(noreplace) %attr(640,root,root) %{_sysconfdir}/audit/plugins.d/af_unix.conf %config(noreplace) %attr(640,root,root) %{_sysconfdir}/audit/plugins.d/syslog.conf %ghost %{_sysconfdir}/auditd.conf %config(noreplace) %attr(640,root,root) %{_sysconfdir}/audit/auditd.conf %dir %attr(750,root,audit) %{_localstatedir}/log/audit %ghost %config(noreplace) %attr(640,root,audit) %{_localstatedir}/log/audit/audit.log %dir %attr(700,root,root) %{_localstatedir}/spool/audit %{_unitdir}/auditd.service %if 0%{?suse_version} < 1550 %{_sbindir}/rcauditd %endif %files -n audit-rules %dir %attr(755,root,root) %{_datadir}/audit-rules %attr(644,root,root) %{_datadir}/audit-rules/* %attr(644,root,root) %{_mandir}/man8/auditctl.8.gz %attr(644,root,root) %{_mandir}/man8/augenrules.8.gz %attr(644,root,root) %{_mandir}/man7/audit.rules.7.gz %if 0%{?suse_version} < 1550 /sbin/auditctl /sbin/augenrules %endif %attr(750,root,root) %{_sbindir}/auditctl %attr(750,root,root) %{_sbindir}/augenrules %attr(644,root,root) %{_unitdir}/audit-rules.service %dir %attr(750,root,root) %{_sysconfdir}/audit %ghost %{_sysconfdir}/audit.rules %dir %attr(750,root,root) %{_sysconfdir}/audit/rules.d %ghost %config(noreplace) %attr(640,root,root) %{_sysconfdir}/audit/rules.d/audit.rules %ghost %config(noreplace) %attr(640,root,root) %{_sysconfdir}/audit/audit.rules %config(noreplace) %attr(640,root,root) %{_sysconfdir}/audit/audit-stop.rules %files -n system-group-audit %{_sysusersdir}/system-group-audit.conf %if %{with python2} %files -n python2-audit %attr(755,root,root) %{python2_sitearch}/_audit.so %attr(755,root,root) %{python2_sitearch}/auparse.so %attr(644,root,root) %{python2_sitearch}/audit.py* %endif %if %{with python3} %files -n python3-audit %attr(755,root,root) %{python3_sitearch}/* %attr(644,root,root) %{python3_sitearch}/audit.py* %endif %files -n audit-audispd-plugins %attr(644,root,root) %{_mandir}/man8/audispd-zos-remote.8.gz %attr(644,root,root) %{_mandir}/man5/zos-remote.conf.5.gz %attr(644,root,root) %{_mandir}/man5/audisp-remote.conf.5.gz %attr(644,root,root) %{_mandir}/man5/auditd-plugins.5.gz %attr(644,root,root) %{_mandir}/man8/audisp-remote.8.gz %attr(644,root,root) %{_mandir}/man8/audisp-syslog.8.gz %attr(750,root,root) %dir %{_sysconfdir}/audit %attr(750,root,root) %dir %{_sysconfdir}/audit/plugins.d %config(noreplace) %attr(640,root,root) %{_sysconfdir}/audit/plugins.d/audispd-zos-remote.conf %config(noreplace) %attr(640,root,root) %{_sysconfdir}/audit/zos-remote.conf %attr(750,root,root) %{_sbindir}/audisp-remote %attr(750,root,root) %{_sbindir}/audispd-zos-remote %config(noreplace) %attr(640,root,root) %{_sysconfdir}/audit/audisp-remote.conf %config(noreplace) %attr(640,root,root) %{_sysconfdir}/audit/plugins.d/au-remote.conf %changelog
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor