- Fix bz 590561 aide does not detect the change of SElinux context

- Fix bz 590566 aide reports a changed file when it has not been changed

aide-0.14-perms.patch

@@ -0,0 +1,14 @@
+diff -urp aide-0.14.orig/src/gen_list.c aide-0.14/src/gen_list.c
+--- aide-0.14.orig/src/gen_list.c	2010-05-15 10:32:49.000000000 -0400
++++ aide-0.14/src/gen_list.c	2010-05-15 13:10:08.000000000 -0400
+@@ -1007,7 +1007,9 @@ void strip_dbline(db_line* line,DB_ATTR_
+   if(!(attr&DB_LINKNAME)){
+     checked_free(line->linkname);
+   }
+-  /* permissions are always needed for summarize_changes, hence it is never stripped */
++  if(!(attr&DB_PERM)){
++    line->perm=0;
++  }
+   if(!(attr&DB_UID)){
+     line->uid=0;
+   }

aide-0.14-selinux.patch

@@ -0,0 +1,35 @@
+diff -urp aide-0.14.orig/include/compare_db.h aide-0.14/include/compare_db.h
+--- aide-0.14.orig/include/compare_db.h	2010-05-15 10:15:23.000000000 -0400
++++ aide-0.14/include/compare_db.h	2010-05-15 10:16:05.000000000 -0400
+@@ -48,6 +48,6 @@ void init_rxlst(list* rxlst);
+  * compare_dbline()
+  * Return RETOK if same RETFAIL if not
+  */
+-int compare_dbline(db_line* old,db_line* new,DB_ATTR_TYPE ignorelist);
++DB_ATTR_TYPE compare_dbline(db_line* old,db_line* new,DB_ATTR_TYPE ignorelist);
+ 
+ #endif
+diff -urp aide-0.14.orig/src/aide.c aide-0.14/src/aide.c
+--- aide-0.14.orig/src/aide.c	2010-05-15 10:15:23.000000000 -0400
++++ aide-0.14/src/aide.c	2010-05-15 10:17:32.000000000 -0400
+@@ -246,7 +246,7 @@ void setdefaults_before_config()
+   char* urlstr=INITIALERRORSTO;
+   url_t* u=NULL;
+   char* s=(char*)malloc(sizeof(char)*MAXHOSTNAMELEN+1);
+-  unsigned long long p;
++  DB_ATTR_TYPE p;
+ 
+   /*
+     Set up the hostname
+diff -urp aide-0.14.orig/src/compare_db.c aide-0.14/src/compare_db.c
+--- aide-0.14.orig/src/compare_db.c	2010-05-15 10:15:23.000000000 -0400
++++ aide-0.14/src/compare_db.c	2010-05-15 10:16:42.000000000 -0400
+@@ -275,7 +275,7 @@ static int compare_str(const char *s1, c
+   - ignorelist kertoo mitä ei saa vertailla
+ */
+ 
+-int compare_dbline(db_line* l1,db_line* l2,DB_ATTR_TYPE ignorelist)
++DB_ATTR_TYPE compare_dbline(db_line* l1,db_line* l2,DB_ATTR_TYPE ignorelist)
+ {
+ 
+ #define easy_compare(a,b) \

aide.spec

@@ -4,7 +4,7 @@
 Summary: Intrusion detection environment
 Name: aide
 Version: 0.14
-Release: 2%{?dist}
+Release: 3%{?dist}
 URL: http://sourceforge.net/projects/aide
 License: GPLv2+
 Group: Applications/System
@@ -16,6 +16,8 @@ Source3: aide.logrotate
 Patch1: aide-0.14-man.patch
 Patch2: aide-0.13.1-libgrypt-init.patch
 Patch3: aide-0.14-abort.patch
+Patch4: aide-0.14-selinux.patch
+Patch5: aide-0.14-perms.patch
 Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot-%(%{__id_u} -n)
 BuildRequires: mktemp 
 BuildRequires: prelink elfutils-libelf-devel
@@ -40,6 +42,8 @@ checker and intrusion detection program.
 %patch1 -p1
 %patch2 -p1
 %patch3 -p1
+%patch4 -p1
+%patch5 -p1
 
 %build
 %configure --with-config_file=%{_sysconfdir}/aide.conf \
@@ -85,6 +89,10 @@ rm -rf $RPM_BUILD_ROOT
 
 
 %changelog
+* Sat May 15 2010 Steve Grubb <sgrubb@redhat.com> - 0.14-3
+- Fix bz 590561 aide does not detect the change of SElinux context
+- Fix bz 590566 aide reports a changed file when it has not been changed
+
 * Wed Apr 28 2010 Steve Grubb <sgrubb@redhat.com> - 0.14-2
 - Fix bz 574764 by replacing abort calls with exit
 - Apply libgcrypt init patch