[packages/audit] - updated to 2.5.2 - updated install,systemd-notonly patches - removed outdated never-audit patch
qboosh
qboosh at pld-linux.org
Wed May 11 21:49:16 CEST 2016
commit 0167336bb1d14aa835bc521b37664878adaa500c
Author: Jakub Bogusz <qboosh at pld-linux.org>
Date: Wed May 11 21:49:17 2016 +0200
- updated to 2.5.2
- updated install,systemd-notonly patches
- removed outdated never-audit patch
audit-install.patch | 14 +++++++-------
audit-systemd-notonly.patch | 15 ++++++++-------
audit.spec | 31 ++++++++++++++++++++-----------
golang-paths.patch | 19 +++++++++----------
never-audit.patch | 17 -----------------
5 files changed, 44 insertions(+), 52 deletions(-)
---
diff --git a/audit.spec b/audit.spec
index 9f4529c..f720791 100644
--- a/audit.spec
+++ b/audit.spec
@@ -17,12 +17,12 @@
Summary: User space tools for 2.6 kernel auditing
Summary(pl.UTF-8): Narzędzia przestrzeni użytkownika do audytu jąder 2.6
Name: audit
-Version: 2.4.4
-Release: 5
+Version: 2.5.2
+Release: 1
License: GPL v2+
Group: Daemons
Source0: http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
-# Source0-md5: 72b0fd94d32846142bc472f0d91e62b4
+# Source0-md5: bfc332d35b27121f105dd34ce35b6f0a
Source2: %{name}d.init
Source3: %{name}d.sysconfig
Patch0: %{name}-install.patch
@@ -34,8 +34,6 @@ Patch5: %{name}-am.patch
Patch6: %{name}-no-refusemanualstop.patch
Patch7: %{name}-cronjob.patch
Patch8: golang-paths.patch
-# https://fedorahosted.org/fesco/ticket/1311
-Patch9: never-audit.patch
URL: http://people.redhat.com/sgrubb/audit/
BuildRequires: autoconf >= 2.59
BuildRequires: automake >= 1:1.9
@@ -195,7 +193,6 @@ Interfejs Pythona 3.x do biblioteki libaudit.
%patch6 -p1
%patch7 -p1
%patch8 -p1
-%patch9 -p1
%if %{without python}
sed 's#swig/Makefile ##' -i configure.ac
@@ -219,11 +216,14 @@ sed 's/swig//' -i Makefile.am
%install
rm -rf $RPM_BUILD_ROOT
-install -d $RPM_BUILD_ROOT%{_var}/log/audit
+install -d $RPM_BUILD_ROOT{%{_sysconfdir}/audit/rules.d,%{_var}/log/audit}
%{__make} install \
DESTDIR=$RPM_BUILD_ROOT
+# default to no audit (and no overhead)
+cp -p rules/10-no-audit.rules $RPM_BUILD_ROOT%{_sysconfdir}/audit/rules.d
+
install %{SOURCE2} $RPM_BUILD_ROOT/etc/rc.d/init.d/auditd
install %{SOURCE3} $RPM_BUILD_ROOT/etc/sysconfig/auditd
@@ -258,7 +258,7 @@ rm -rf $RPM_BUILD_ROOT
%post
# Copy default rules into place on new installation
if [ ! -e %{_sysconfdir}/audit/audit.rules ] ; then
- cp -a %{_sysconfdir}/audit/rules.d/audit.rules %{_sysconfdir}/audit/audit.rules
+ cp -a %{_sysconfdir}/audit/rules.d/10-no-audit.rules %{_sysconfdir}/audit/audit.rules
fi
/sbin/chkconfig --add auditd
%service auditd restart "audit daemon"
@@ -284,10 +284,18 @@ fi
%service auditd restart "audit daemon"
%systemd_post auditd.service
+%triggerpostun -- %{name} < 2.5-1
+if [ -f %{_sysconfdir}/audit/rules.d/audit.rules.rpmsave ]; then
+%banner %{name} -e <<EOF
+Since audit 2.5 %{_sysconfdir}/audit/rules.d/audit.rules file (now saved
+as audit.rules.rpmnew) is replaced by a set of numbered rule files - remember
+to update your configuration!
+EOF
+fi
+
%files
%defattr(644,root,root,755)
-%doc AUTHORS ChangeLog README THANKS TODO
-%doc contrib/{capp,nispom,lspp,stig}.rules init.d/auditd.cron
+%doc AUTHORS ChangeLog README THANKS TODO rules/{README-rules,*.rules} init.d/auditd.cron
%attr(750,root,root) %{_bindir}/aulast
%attr(750,root,root) %{_bindir}/aulastlog
%attr(750,root,root) %{_bindir}/ausyscall
@@ -313,7 +321,7 @@ fi
%dir %{_sysconfdir}/audit
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audit/auditd.conf
%dir %{_sysconfdir}/audit/rules.d
-%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/audit/rules.d/audit.rules
+%attr(640,root,root) %config(noreplace,missingok) %verify(not md5 mtime size) %{_sysconfdir}/audit/rules.d/10-no-audit.rules
%attr(754,root,root) /etc/rc.d/init.d/auditd
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/sysconfig/auditd
%{systemdunitdir}/auditd.service
@@ -357,6 +365,7 @@ fi
%{_includedir}/libaudit.h
%{_pkgconfigdir}/audit.pc
%{_pkgconfigdir}/auparse.pc
+%{_aclocaldir}/audit.m4
%{_mandir}/man3/audit_*.3*
%{_mandir}/man3/auparse_*.3*
%{_mandir}/man3/ausearch_*.3*
diff --git a/audit-install.patch b/audit-install.patch
index 2f62e81..5301993 100644
--- a/audit-install.patch
+++ b/audit-install.patch
@@ -1,6 +1,6 @@
---- audit-2.3/init.d/Makefile.am.orig 2013-04-30 16:26:09.000000000 +0200
-+++ audit-2.3/init.d/Makefile.am 2013-05-15 15:34:15.728741312 +0200
-@@ -42,8 +42,8 @@
+--- audit-2.5.2/init.d/Makefile.am.orig 2016-04-29 18:31:43.000000000 +0200
++++ audit-2.5.2/init.d/Makefile.am 2016-05-10 19:55:50.830718697 +0200
+@@ -41,8 +41,8 @@
sbin_SCRIPTS = augenrules
install-data-hook:
@@ -11,12 +11,12 @@
if ENABLE_SYSTEMD
else
$(INSTALL_DATA) -D -m 640 ${srcdir}/auditd.sysconfig ${DESTDIR}${sysconfigdir}/auditd
-@@ -53,7 +53,7 @@
+@@ -52,7 +52,7 @@
if ENABLE_SYSTEMD
mkdir -p ${DESTDIR}${initdir}
mkdir -p ${DESTDIR}${legacydir}
-- $(INSTALL_SCRIPT) -D -m 640 ${srcdir}/auditd.service ${DESTDIR}${initdir}
-+ $(INSTALL_SCRIPT) -D -m 640 ${srcdir}/auditd.service ${DESTDIR}${initdir}/auditd.service
+- $(INSTALL_SCRIPT) -D -m 644 ${srcdir}/auditd.service ${DESTDIR}${initdir}
++ $(INSTALL_SCRIPT) -D -m 644 ${srcdir}/auditd.service ${DESTDIR}${initdir}/auditd.service
$(INSTALL_SCRIPT) -D -m 750 ${srcdir}/auditd.rotate ${DESTDIR}${legacydir}/rotate
$(INSTALL_SCRIPT) -D -m 750 ${srcdir}/auditd.resume ${DESTDIR}${legacydir}/resume
- else
+ $(INSTALL_SCRIPT) -D -m 750 ${srcdir}/auditd.stop ${DESTDIR}${legacydir}/stop
diff --git a/audit-systemd-notonly.patch b/audit-systemd-notonly.patch
index 5269407..b217242 100644
--- a/audit-systemd-notonly.patch
+++ b/audit-systemd-notonly.patch
@@ -1,5 +1,5 @@
---- audit-2.3.2/init.d/Makefile.am.orig 2013-08-24 21:51:07.859509228 +0200
-+++ audit-2.3.2/init.d/Makefile.am 2013-08-24 21:52:55.076171394 +0200
+--- audit-2.5.2/init.d/Makefile.am.orig 2016-05-10 21:54:38.137086257 +0200
++++ audit-2.5.2/init.d/Makefile.am 2016-05-10 21:56:35.680414658 +0200
@@ -28,12 +28,11 @@
dispconfig = audispd.conf
dispconfigdir = $(sysconfdir)/audisp
@@ -15,7 +15,7 @@
auditdir = $(sysconfdir)/audit
auditrdir = $(auditdir)/rules.d
-@@ -44,24 +43,20 @@
+@@ -43,24 +42,20 @@
install-data-hook:
$(INSTALL_DATA) -D -m 640 ${srcdir}/${dispconfig} ${DESTDIR}${dispconfigdir}/${dispconfig}
$(INSTALL_DATA) -D -m 640 ${srcdir}/${libconfig} ${DESTDIR}${sysconfdir}/${libconfig}
@@ -26,10 +26,11 @@
install-exec-hook:
if ENABLE_SYSTEMD
- mkdir -p ${DESTDIR}${initdir}
+- mkdir -p ${DESTDIR}${initdir}
++ mkdir -p ${DESTDIR}${systemdunitdir}
mkdir -p ${DESTDIR}${legacydir}
-- $(INSTALL_SCRIPT) -D -m 640 ${srcdir}/auditd.service ${DESTDIR}${initdir}/auditd.service
-+ $(INSTALL_SCRIPT) -D -m 640 ${srcdir}/auditd.service ${DESTDIR}${systemdunitdir}/auditd.service
+- $(INSTALL_SCRIPT) -D -m 644 ${srcdir}/auditd.service ${DESTDIR}${initdir}/auditd.service
++ $(INSTALL_SCRIPT) -D -m 644 ${srcdir}/auditd.service ${DESTDIR}${systemdunitdir}/auditd.service
$(INSTALL_SCRIPT) -D -m 750 ${srcdir}/auditd.rotate ${DESTDIR}${legacydir}/rotate
$(INSTALL_SCRIPT) -D -m 750 ${srcdir}/auditd.resume ${DESTDIR}${legacydir}/resume
$(INSTALL_SCRIPT) -D -m 750 ${srcdir}/auditd.stop ${DESTDIR}${legacydir}/stop
@@ -42,7 +43,7 @@
chmod 0750 $(DESTDIR)$(sbindir)/augenrules
-@@ -69,14 +64,13 @@
+@@ -68,14 +63,13 @@
rm ${DESTDIR}${dispconfigdir}/${dispconfig}
rm ${DESTDIR}${sysconfdir}/${libconfig}
if ENABLE_SYSTEMD
diff --git a/golang-paths.patch b/golang-paths.patch
index 2505cec..02b6dd6 100644
--- a/golang-paths.patch
+++ b/golang-paths.patch
@@ -1,23 +1,22 @@
---- audit-2.4/bindings/golang/Makefile.am~ 2014-08-24 18:39:23.000000000 +0200
-+++ audit-2.4/bindings/golang/Makefile.am 2014-10-23 07:36:39.764147566 +0200
-@@ -23,16 +23,15 @@
- CONFIG_CLEAN_FILES = *.loT *.rej *.orig
- EXTRA_DIST = audit.go
+--- audit-2.5.2/bindings/golang/Makefile.am.orig 2016-05-10 20:17:50.423996653 +0200
++++ audit-2.5.2/bindings/golang/Makefile.am 2016-05-10 20:27:31.460638934 +0200
+@@ -25,15 +25,14 @@
+ dist_check_SCRIPTS = test.go
+ if HAVE_GOLANG
-LIBDIR = lib
-GODIR = $(LIBDIR)/golang/src/pkg/redhat.com/audit
-+GODIR = ${libdir}/golang/src/redhat.com/audit
- dist_check_SCRIPTS = test.go
++GODIR = $(libdir)/golang/src/redhat.com/audit
install:
- [ -d $(DESTDIR)${prefix}/$(GODIR) ] || mkdir -p $(DESTDIR)${prefix}/$(GODIR)
- install -m 644 ${top_srcdir}/bindings/golang/audit.go $(DESTDIR)${prefix}/$(GODIR)
-+ [ -d $(DESTDIR)/$(GODIR) ] || mkdir -p $(DESTDIR)/$(GODIR)
-+ install -m 644 ${top_srcdir}/bindings/golang/audit.go $(DESTDIR)/$(GODIR)
++ [ -d $(DESTDIR)$(GODIR) ] || mkdir -p $(DESTDIR)$(GODIR)
++ install -m 644 ${top_srcdir}/bindings/golang/audit.go $(DESTDIR)$(GODIR)
uninstall:
- @rm -f $(DESTDIR)${prefix}/$(GODIR)/*
-+ @rm -f $(DESTDIR)/$(GODIR)/*
++ @rm -f $(DESTDIR)$(GODIR)/*
check:
@mkdir audit
diff --git a/never-audit.patch b/never-audit.patch
deleted file mode 100644
index ee93620..0000000
--- a/never-audit.patch
+++ /dev/null
@@ -1,17 +0,0 @@
-diff -ur audit.orig/init.d/audit.rules audit/init.d/audit.rules
---- audit.orig/init.d/audit.rules 2014-07-20 10:43:44.724841702 -0400
-+++ audit/init.d/audit.rules 2014-07-22 14:55:50.856253189 -0400
-@@ -6,9 +6,8 @@
- # First rule - delete all
- -D
-
--# Increase the buffers to survive stress events.
--# Make this bigger for busy systems
---b 320
--
--# Feel free to add below this line. See auditctl man page
-+# This suppresses syscall auditing for all tasks started
-+# with this rule in effect. Remove it if you need syscall
-+# auditing.
-+-a task,never
-
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/audit.git/commitdiff/0167336bb1d14aa835bc521b37664878adaa500c
More information about the pld-cvs-commit
mailing list