rpms/aide
7
0
Fork 0
Code Issues Pull Requests Releases Activity

- New upstream release

Browse Source
This commit is contained in:
Steve 2010-11-11 08:05:15 -05:00
parent 9179ae4593
commit 08070604f7
8 changed files with 16 additions and 226 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -8,3 +8,5 @@ aide-0.14-rc3.tar.gz
aide-0.14-rc3.tar.gz.asc
aide-0.14.tar.gz
aide-0.14.tar.gz.asc
/aide-0.15.1.tar.gz
/aide-0.15.1.tar.gz.asc

41
aide-0.13.1-libgrypt-init.patch
View File

@ -1,41 +0,0 @@
diff -urp aide-0.13.1.orig/doc/aide.1.in aide-0.13.1/doc/aide.1.in
--- aide-0.13.1.orig/doc/aide.1.in 2009-12-01 12:23:10.000000000 -0500
+++ aide-0.13.1/doc/aide.1.in 2009-12-01 12:28:14.000000000 -0500
@@ -67,6 +67,7 @@ conditions:
.IP "16 Unimplemented function error"
.IP "17 Invalid configureline error"
.IP "18 IO error"
+.IP "19 Version mismatch error"
.PP
.SH NOTES
Please note that due to mmap issues, aide cannot be terminated with
diff -urp aide-0.13.1.orig/include/report.h aide-0.13.1/include/report.h
--- aide-0.13.1.orig/include/report.h 2009-12-01 12:23:10.000000000 -0500
+++ aide-0.13.1/include/report.h 2009-12-01 12:27:43.000000000 -0500
@@ -31,6 +31,7 @@
#define UNIMPLEMENTED_FUNCTION_ERROR 16
#define INVALID_CONFIGURELINE_ERROR 17
#define IO_ERROR 18
+#define VERSION_MISMATCH_ERROR 19
/* Errorcodes */
#define HASH_ALGO_ERROR 30
diff -urp aide-0.13.1.orig/src/md.c aide-0.13.1/src/md.c
--- aide-0.13.1.orig/src/md.c 2009-12-01 12:23:10.000000000 -0500
+++ aide-0.13.1/src/md.c 2009-12-01 12:27:04.000000000 -0500
@@ -201,6 +201,15 @@ int init_md(struct md_container* md) {
#endif
#ifdef WITH_GCRYPT
error(255,"Gcrypt library initialization\n");
+ /*
+ Initialize libgcrypt as per
+ http://www.gnupg.org/documentation/manuals/gcrypt/Initializing-the-library.html
+ */
+ if(!gcry_check_version(GCRYPT_VERSION)) {
+ error(0,"libgcrypt version mismatch\n");
+ exit(VERSION_MISMATCH_ERROR);
+ }
+ gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
if(gcry_md_open(&md->mdh,0,0)!=GPG_ERR_NO_ERROR){
error(0,"gcrypt_md_open failed\n");
exit(IO_ERROR);

97
aide-0.14-abort.patch
View File

@ -1,97 +0,0 @@
diff -urp aide.orig/src/commandconf.c aide/src/commandconf.c
--- aide.orig/src/commandconf.c 2010-04-28 11:17:07.000000000 -0400
+++ aide/src/commandconf.c 2010-04-28 11:19:12.000000000 -0400
@@ -216,7 +216,7 @@ int conf_input_wrapper(char* buf, int ma
MHASH_FAILED){
error(0, "mhash_hmac_init() failed for %i for config check. Aborting\n",
conf->confhmactype);
- abort();
+ exit(EXIT_FAILURE);
}
} else {
conf->do_configmd=0;
@@ -341,7 +341,7 @@ int db_input_wrapper(char* buf, int max_
if(c==-1) {
int xx;
error(0,"Error reading gzipped file: %s\n",gzerror(*db_gzp,&xx));
- abort();
+ exit(EXIT_FAILURE);
}
}else {
/* False alarm */
@@ -377,7 +377,7 @@ int db_input_wrapper(char* buf, int max_
mhash_get_hash_pblock(conf->dbhmactype)))==
MHASH_FAILED){
error(0, "mhash_hmac_init() failed for db check. Aborting\n");
- abort();
+ exit(EXIT_FAILURE);
}
} else {
*domd=0;
diff -urp aide.orig/src/compare_db.c aide/src/compare_db.c
--- aide.orig/src/compare_db.c 2010-04-28 11:17:07.000000000 -0400
+++ aide/src/compare_db.c 2010-04-28 11:20:15.000000000 -0400
@@ -1025,7 +1025,7 @@ void init_rxlst(list* rxlst)
if (data==NULL){
error(0,_("Not enough memory for regexpr compile... exiting..\n"));
- abort();
+ exit(EXIT_FAILURE);
}
strcpy(data+1,((rx_rule*)r->data)->rx);
diff -urp aide.orig/src/db.c aide/src/db.c
--- aide.orig/src/db.c 2010-04-28 11:17:07.000000000 -0400
+++ aide/src/db.c 2010-04-28 11:21:02.000000000 -0400
@@ -382,7 +382,7 @@ db_line* db_char2line(char** ss,int db){
line->filename=strdup(ss[(*db_order)[i]]);
} else {
error(0,"db_char2line():Error while reading database\n");
- abort();
+ exit(EXIT_FAILURE);
}
break;
}
diff -urp aide.orig/src/list.c aide/src/list.c
--- aide.orig/src/list.c 2010-04-28 11:17:07.000000000 -0400
+++ aide/src/list.c 2010-04-28 11:22:45.000000000 -0400
@@ -47,7 +47,7 @@
/*
- * Some way to handle mallocs failure would be nice. Now it say abort().
+ * Some way to handle mallocs failure would be nice.
*/
list* list_append(list* listp,void*data)
@@ -57,7 +57,7 @@ list* list_append(list* listp,void*data)
if (newitem==NULL) {
error(0,"Not enough memory to add a new item to list.\n");
- abort();
+ exit(EXIT_FAILURE);
}
if(listp==NULL){
@@ -65,7 +65,7 @@ list* list_append(list* listp,void*data)
if (header==NULL){
error(0,"Not enough memory for list header allocation\n");
- abort();
+ exit(EXIT_FAILURE);
}
newitem->data=data;
diff -urp aide.orig/src/util.c aide/src/util.c
--- aide.orig/src/util.c 2010-04-28 11:17:07.000000000 -0400
+++ aide/src/util.c 2010-04-28 11:21:49.000000000 -0400
@@ -332,8 +332,7 @@ void sig_handler(int signum)
conf->catch_mmap=0;
} else {
error(0,"Caught SIGBUS/SEGV. Exiting\n");
- abort();
- exit(1);
+ exit(EXIT_FAILURE);
}
break;
}

24
aide-0.14-other-fixes.patch
View File

@ -1,24 +0,0 @@
diff -urp aide-0.14.orig/src/be.c aide-0.14/src/be.c
--- aide-0.14.orig/src/be.c 2010-05-18 12:36:19.000000000 -0400
+++ aide-0.14/src/be.c 2010-05-18 12:39:53.000000000 -0400
@@ -161,7 +161,7 @@ FILE* be_init(int inout,url_t* u,int isz
#endif
#ifdef WITH_ZLIB
if(iszipped && !inout){
- fh=gzdopen(fd,"wb9+");
+ fh=gzdopen(fd,"wb9");
if(fh==NULL){
error(0,_("Couldn't open file %s for %s"),u->value,
inout?"reading\n":"writing\n");
diff -urp aide-0.14.orig/src/commandconf.c aide-0.14/src/commandconf.c
--- aide-0.14.orig/src/commandconf.c 2010-05-18 12:36:19.000000000 -0400
+++ aide-0.14/src/commandconf.c 2010-05-18 12:36:49.000000000 -0400
@@ -84,7 +84,7 @@ int commandconf(const char mode,const ch
else {
tmp=(char*)malloc(sizeof(char)
*(strlen(after)+strlen(line)+2));
- strcat(tmp,after);
+ strcpy(tmp,after);
strcat(tmp,"\n");
strcat(tmp,line);
free(after);

12
aide-0.14-perms.patch
View File

@ -1,12 +0,0 @@
diff -urp aide-0.14.orig/src/compare_db.c aide-0.14/src/compare_db.c
--- aide-0.14.orig/src/compare_db.c 2010-05-15 10:32:49.000000000 -0400
+++ aide-0.14/src/compare_db.c 2010-05-18 10:47:46.000000000 -0400
@@ -317,7 +317,7 @@ DB_ATTR_TYPE compare_dbline(db_line* l1,
easy_compare(DB_BCOUNT,bcount);
if (!(DB_PERM&ignorelist)) {
- if(l1->perm!=l2->perm){
+ if (DB_PERM&l1->attr && DB_PERM&l2->attr && l1->perm!=l2->perm) {
ret|=DB_PERM;
}
} else {

35
aide-0.14-selinux.patch
View File

@ -1,35 +0,0 @@
diff -urp aide-0.14.orig/include/compare_db.h aide-0.14/include/compare_db.h
--- aide-0.14.orig/include/compare_db.h 2010-05-15 10:15:23.000000000 -0400
+++ aide-0.14/include/compare_db.h 2010-05-15 10:16:05.000000000 -0400
@@ -48,6 +48,6 @@ void init_rxlst(list* rxlst);
* compare_dbline()
* Return RETOK if same RETFAIL if not
*/
-int compare_dbline(db_line* old,db_line* new,DB_ATTR_TYPE ignorelist);
+DB_ATTR_TYPE compare_dbline(db_line* old,db_line* new,DB_ATTR_TYPE ignorelist);
#endif
diff -urp aide-0.14.orig/src/aide.c aide-0.14/src/aide.c
--- aide-0.14.orig/src/aide.c 2010-05-15 10:15:23.000000000 -0400
+++ aide-0.14/src/aide.c 2010-05-15 10:17:32.000000000 -0400
@@ -246,7 +246,7 @@ void setdefaults_before_config()
char* urlstr=INITIALERRORSTO;
url_t* u=NULL;
char* s=(char*)malloc(sizeof(char)*MAXHOSTNAMELEN+1);
- unsigned long long p;
+ DB_ATTR_TYPE p;
/*
Set up the hostname
diff -urp aide-0.14.orig/src/compare_db.c aide-0.14/src/compare_db.c
--- aide-0.14.orig/src/compare_db.c 2010-05-15 10:15:23.000000000 -0400
+++ aide-0.14/src/compare_db.c 2010-05-15 10:16:42.000000000 -0400
@@ -275,7 +275,7 @@ static int compare_str(const char *s1, c
- ignorelist kertoo mitä ei saa vertailla
*/
-int compare_dbline(db_line* l1,db_line* l2,DB_ATTR_TYPE ignorelist)
+DB_ATTR_TYPE compare_dbline(db_line* l1,db_line* l2,DB_ATTR_TYPE ignorelist)
{
#define easy_compare(a,b) \

27
aide.spec
View File

@ -3,8 +3,8 @@
Summary: Intrusion detection environment
Name: aide
Version: 0.14
Release: 5%{?dist}
Version: 0.15.1
Release: 1%{?dist}
URL: http://sourceforge.net/projects/aide
License: GPLv2+
Group: Applications/System
@ -14,11 +14,6 @@ Source2: README.quickstart
Source3: aide.logrotate
# Customize the database file location in the man page.
Patch1: aide-0.14-man.patch
Patch2: aide-0.13.1-libgrypt-init.patch
Patch3: aide-0.14-abort.patch
Patch4: aide-0.14-selinux.patch
Patch5: aide-0.14-perms.patch
Patch6: aide-0.14-other-fixes.patch
Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot-%(%{__id_u} -n)
BuildRequires: mktemp
BuildRequires: prelink elfutils-libelf-devel
@ -27,7 +22,8 @@ Buildrequires: mhash-devel
%endif
Buildrequires: zlib-devel libgcrypt-devel
Buildrequires: flex bison
Buildrequires: libattr-devel libacl-devel libselinux-devel
Buildrequires: libattr-devel e2fsprogs-devel
Buildrequires: libacl-devel libselinux-devel
Buildrequires: audit-libs-devel >= 1.2.8-2
%if "%{?_with_curl}x" != "x"
Buildrequires: curl-devel
@ -41,11 +37,6 @@ checker and intrusion detection program.
%prep
%setup -q
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
%build
%configure --with-config_file=%{_sysconfdir}/aide.conf \
@ -55,9 +46,12 @@ checker and intrusion detection program.
--with-mhash \
%endif
%{?_with_curl} %{?_without_curl} \
--with-selinux --with-posix-acl --with-audit \
--with-posix-acl \
--with-selinux \
--with-prelink \
--with-xattr \
--with-prelink
--with-e2fsattrs \
--with-audit
make
@ -91,6 +85,9 @@ rm -rf $RPM_BUILD_ROOT
%changelog
* Thu Nov 11 2010 Steve Grubb <sgrubb@redhat.com> - 0.15.1-1
- New upstream release
* Tue May 18 2010 Steve Grubb <sgrubb@redhat.com> - 0.14-5
- Apply 2 upstream bug fixes

4
sources
View File

@ -1,2 +1,2 @@
634dbb6ab20b2d11992cc389a667e755 aide-0.14.tar.gz
0109d6db60c0f702a5392fbcd052e642 aide-0.14.tar.gz.asc
d0b72535ff68b93a648e4d08b0ed7f07 aide-0.15.1.tar.gz
aa8e08c35c13786b2abb3afe6e6a8024 aide-0.15.1.tar.gz.asc