Fix verbose option
Signed-off-by: Radovan Sroka <rsroka@redhat.com>
This commit is contained in:
parent
772571371f
commit
a003ad04cf
@ -1,58 +0,0 @@
|
|||||||
From c7caa6027c92b28aa11b8da74d56357e12f56d67 Mon Sep 17 00:00:00 2001
|
|
||||||
From: =?UTF-8?q?Daniel=20Kope=C4=8Dek?= <dkopecek@redhat.com>
|
|
||||||
Date: Wed, 20 Feb 2019 12:00:56 +0100
|
|
||||||
Subject: [PATCH] Use LDADD for adding curl library to the linker command
|
|
||||||
|
|
||||||
---
|
|
||||||
Makefile.am | 2 +-
|
|
||||||
configure.ac | 5 +++--
|
|
||||||
2 files changed, 4 insertions(+), 3 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/Makefile.am b/Makefile.am
|
|
||||||
index 4b05d7a..1541d56 100644
|
|
||||||
--- a/Makefile.am
|
|
||||||
+++ b/Makefile.am
|
|
||||||
@@ -55,7 +55,7 @@ if USE_CURL
|
|
||||||
aide_SOURCES += include/fopen.h src/fopen.c
|
|
||||||
endif
|
|
||||||
|
|
||||||
-aide_LDADD = -lm @PCRELIB@ @CRYPTLIB@ @ACLLIB@ @SELINUXLIB@ @AUDITLIB@ @ATTRLIB@ @E2FSATTRSLIB@ @ELFLIB@
|
|
||||||
+aide_LDADD = -lm @PCRELIB@ @CRYPTLIB@ @ACLLIB@ @SELINUXLIB@ @AUDITLIB@ @ATTRLIB@ @E2FSATTRSLIB@ @ELFLIB@ @CURLLIB@
|
|
||||||
AM_CFLAGS = @AIDE_DEFS@ -W -Wall -g
|
|
||||||
AM_CPPFLAGS = -I$(top_srcdir) \
|
|
||||||
-I$(top_srcdir)/include \
|
|
||||||
diff --git a/configure.ac b/configure.ac
|
|
||||||
index 3598ebe..0418c59 100644
|
|
||||||
--- a/configure.ac
|
|
||||||
+++ b/configure.ac
|
|
||||||
@@ -702,24 +702,25 @@ if test x$with_zlib = xyes; then
|
|
||||||
compoptionstring="${compoptionstring}WITH_ZLIB\\n"
|
|
||||||
fi
|
|
||||||
|
|
||||||
+CURLLIB=
|
|
||||||
if test x$with_curl = xyes; then
|
|
||||||
AC_PATH_PROG(curlconfig, "curl-config")
|
|
||||||
if test "_$curlconfig" != _ ; then
|
|
||||||
CURL_CFLAGS=`$curlconfig --cflags`
|
|
||||||
- CURL_LIBS=`$curlconfig --libs`
|
|
||||||
+ CURLLIB=`$curlconfig --libs`
|
|
||||||
else
|
|
||||||
AC_MSG_ERROR([You don't have curl properly installed. Install it or try --without-curl.])
|
|
||||||
fi
|
|
||||||
AC_CHECK_HEADERS(curl/curl.h,,
|
|
||||||
[AC_MSG_ERROR([You don't have curl properly installed. Install it or try --without-curl.])])
|
|
||||||
CFLAGS="$CFLAGS $CURL_CFLAGS"
|
|
||||||
- LDFLAGS="$LDFLAGS $CURL_LIBS"
|
|
||||||
AC_CHECK_LIB(curl,curl_easy_init,havecurl=yes,
|
|
||||||
[AC_MSG_ERROR([You don't have curl properly installed. Install it or try --without-curl.])]
|
|
||||||
)
|
|
||||||
AC_DEFINE(WITH_CURL,1,[use curl])
|
|
||||||
compoptionstring="${compoptionstring}WITH_CURL\\n"
|
|
||||||
fi
|
|
||||||
+AC_SUBST(CURLLIB)
|
|
||||||
AM_CONDITIONAL(USE_CURL, test x$havecurl = xyes)
|
|
||||||
|
|
||||||
AC_ARG_WITH(mhash,
|
|
||||||
--
|
|
||||||
2.20.1
|
|
||||||
|
|
@ -1,17 +0,0 @@
|
|||||||
--- ./src/do_md.c 2018-03-19 05:10:19.994957024 -0400
|
|
||||||
+++ ./src/do_md.c 2018-03-19 05:19:05.829957024 -0400
|
|
||||||
@@ -135,8 +135,13 @@
|
|
||||||
continue;
|
|
||||||
|
|
||||||
while (!bingo && (data = elf_getdata (scn, data)) != NULL) {
|
|
||||||
- int maxndx = data->d_size / shdr.sh_entsize;
|
|
||||||
+ int maxndx;
|
|
||||||
int ndx;
|
|
||||||
+
|
|
||||||
+ if (shdr.sh_entsize != 0)
|
|
||||||
+ maxndx = data->d_size / shdr.sh_entsize;
|
|
||||||
+ else
|
|
||||||
+ continue;
|
|
||||||
|
|
||||||
for (ndx = 0; ndx < maxndx; ++ndx) {
|
|
||||||
(void) gelf_getdyn (data, ndx, &dyn);
|
|
@ -1,153 +0,0 @@
|
|||||||
diff -up ./include/md.h.crypto ./include/md.h
|
|
||||||
--- ./include/md.h.crypto 2016-07-25 22:56:55.000000000 +0200
|
|
||||||
+++ ./include/md.h 2018-08-29 15:00:30.827491299 +0200
|
|
||||||
@@ -149,6 +149,7 @@ int init_md(struct md_container*);
|
|
||||||
int update_md(struct md_container*,void*,ssize_t);
|
|
||||||
int close_md(struct md_container*);
|
|
||||||
void md2line(struct md_container*,struct db_line*);
|
|
||||||
+DB_ATTR_TYPE get_available_crypto();
|
|
||||||
|
|
||||||
|
|
||||||
#endif /*_MD_H_INCLUDED*/
|
|
||||||
diff -up ./src/aide.c.crypto ./src/aide.c
|
|
||||||
--- ./src/aide.c.crypto 2018-08-29 15:00:30.825491309 +0200
|
|
||||||
+++ ./src/aide.c 2018-08-29 15:00:30.827491299 +0200
|
|
||||||
@@ -349,7 +349,7 @@ static void setdefaults_before_config()
|
|
||||||
|
|
||||||
conf->db_attrs = 0;
|
|
||||||
#if defined(WITH_MHASH) || defined(WITH_GCRYPT)
|
|
||||||
- conf->db_attrs |= DB_MD5|DB_TIGER|DB_HAVAL|DB_CRC32|DB_SHA1|DB_RMD160|DB_SHA256|DB_SHA512;
|
|
||||||
+ conf->db_attrs |= get_available_crypto();
|
|
||||||
#ifdef WITH_MHASH
|
|
||||||
conf->db_attrs |= DB_GOST;
|
|
||||||
#ifdef HAVE_MHASH_WHIRLPOOL
|
|
||||||
diff -up ./src/md.c.crypto ./src/md.c
|
|
||||||
--- ./src/md.c.crypto 2018-08-29 15:00:30.823491319 +0200
|
|
||||||
+++ ./src/md.c 2018-08-29 15:02:28.013903479 +0200
|
|
||||||
@@ -78,6 +78,49 @@ DB_ATTR_TYPE hash_gcrypt2attr(int i) {
|
|
||||||
return r;
|
|
||||||
}
|
|
||||||
|
|
||||||
+const char * hash_gcrypt2str(int i) {
|
|
||||||
+ char * r = "?";
|
|
||||||
+#ifdef WITH_GCRYPT
|
|
||||||
+ switch (i) {
|
|
||||||
+ case GCRY_MD_MD5: {
|
|
||||||
+ r = "MD5";
|
|
||||||
+ break;
|
|
||||||
+ }
|
|
||||||
+ case GCRY_MD_SHA1: {
|
|
||||||
+ r = "SHA1";
|
|
||||||
+ break;
|
|
||||||
+ }
|
|
||||||
+ case GCRY_MD_RMD160: {
|
|
||||||
+ r = "RMD160";
|
|
||||||
+ break;
|
|
||||||
+ }
|
|
||||||
+ case GCRY_MD_TIGER: {
|
|
||||||
+ r = "TIGER";
|
|
||||||
+ break;
|
|
||||||
+ }
|
|
||||||
+ case GCRY_MD_HAVAL: {
|
|
||||||
+ r = "HAVAL";
|
|
||||||
+ break;
|
|
||||||
+ }
|
|
||||||
+ case GCRY_MD_SHA256: {
|
|
||||||
+ r = "SHA256";
|
|
||||||
+ break;
|
|
||||||
+ }
|
|
||||||
+ case GCRY_MD_SHA512: {
|
|
||||||
+ r = "SHA512";
|
|
||||||
+ break;
|
|
||||||
+ }
|
|
||||||
+ case GCRY_MD_CRC32: {
|
|
||||||
+ r = "CRC32";
|
|
||||||
+ break;
|
|
||||||
+ }
|
|
||||||
+ default:
|
|
||||||
+ break;
|
|
||||||
+ }
|
|
||||||
+#endif
|
|
||||||
+ return r;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
DB_ATTR_TYPE hash_mhash2attr(int i) {
|
|
||||||
DB_ATTR_TYPE r=0;
|
|
||||||
#ifdef WITH_MHASH
|
|
||||||
@@ -163,6 +206,44 @@ DB_ATTR_TYPE hash_mhash2attr(int i) {
|
|
||||||
Initialise md_container according it's todo_attr field
|
|
||||||
*/
|
|
||||||
|
|
||||||
+DB_ATTR_TYPE get_available_crypto() {
|
|
||||||
+
|
|
||||||
+ DB_ATTR_TYPE ret = 0;
|
|
||||||
+
|
|
||||||
+/*
|
|
||||||
+ * This function is usually called before config processing
|
|
||||||
+ * and default verbose level is 5
|
|
||||||
+ */
|
|
||||||
+#define lvl 255
|
|
||||||
+
|
|
||||||
+ error(lvl, "get_available_crypto called\n");
|
|
||||||
+
|
|
||||||
+#ifdef WITH_GCRYPT
|
|
||||||
+
|
|
||||||
+ /*
|
|
||||||
+ * some initialization for FIPS
|
|
||||||
+ */
|
|
||||||
+ gcry_check_version(NULL);
|
|
||||||
+ error(lvl, "Found algos:");
|
|
||||||
+
|
|
||||||
+ for(int i=0;i<=HASH_GCRYPT_COUNT;i++) {
|
|
||||||
+
|
|
||||||
+ if ( (hash_gcrypt2attr(i) & HASH_USE_GCRYPT) == 0 )
|
|
||||||
+ continue;
|
|
||||||
+
|
|
||||||
+ if (gcry_md_algo_info(i, GCRYCTL_TEST_ALGO, NULL, NULL) == 0) {
|
|
||||||
+ ret |= hash_gcrypt2attr(i);
|
|
||||||
+ error(lvl, " %s", hash_gcrypt2str(i));
|
|
||||||
+ }
|
|
||||||
+ }
|
|
||||||
+ error(lvl, "\n");
|
|
||||||
+
|
|
||||||
+#endif
|
|
||||||
+
|
|
||||||
+ error(lvl, "get_available_crypto_returned with %lld\n", ret);
|
|
||||||
+ return ret;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
int init_md(struct md_container* md) {
|
|
||||||
|
|
||||||
int i;
|
|
||||||
@@ -201,18 +282,27 @@ int init_md(struct md_container* md) {
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
#ifdef WITH_GCRYPT
|
|
||||||
- if(gcry_md_open(&md->mdh,0,GCRY_MD_FLAG_SECURE)!=GPG_ERR_NO_ERROR){
|
|
||||||
+ if(gcry_md_open(&md->mdh,0,GCRY_MD_FLAG_SECURE)!=GPG_ERR_NO_ERROR){
|
|
||||||
error(0,"gcrypt_md_open failed\n");
|
|
||||||
exit(IO_ERROR);
|
|
||||||
}
|
|
||||||
for(i=0;i<=HASH_GCRYPT_COUNT;i++) {
|
|
||||||
+
|
|
||||||
+
|
|
||||||
if (((hash_gcrypt2attr(i)&HASH_USE_GCRYPT)&md->todo_attr)!=0) {
|
|
||||||
- DB_ATTR_TYPE h=hash_gcrypt2attr(i);
|
|
||||||
- error(255,"inserting %llu\n",h);
|
|
||||||
+
|
|
||||||
+ DB_ATTR_TYPE h=hash_gcrypt2attr(i);
|
|
||||||
+
|
|
||||||
+ if (gcry_md_algo_info(i, GCRYCTL_TEST_ALGO, NULL, NULL) != 0) {
|
|
||||||
+ error(0,"Algo %s is not available\n", hash_gcrypt2str(i));
|
|
||||||
+ exit(-1);
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ error(255,"inserting %llu\n",h);
|
|
||||||
if(gcry_md_enable(md->mdh,i)==GPG_ERR_NO_ERROR){
|
|
||||||
md->calc_attr|=h;
|
|
||||||
} else {
|
|
||||||
- error(0,"gcry_md_enable %i failed",i);
|
|
||||||
+ error(0,"gcry_md_enable %i failed\n",i);
|
|
||||||
md->todo_attr&=~h;
|
|
||||||
}
|
|
||||||
}
|
|
@ -1,103 +0,0 @@
|
|||||||
diff -up ./src/aide.c.orig ./aide-0.16b1/src/aide.c
|
|
||||||
--- ./src/aide.c.orig 2016-07-12 11:10:08.013158385 +0200
|
|
||||||
+++ ./src/aide.c 2016-07-12 11:30:54.867833064 +0200
|
|
||||||
@@ -511,9 +511,28 @@ int main(int argc,char**argv)
|
|
||||||
#endif
|
|
||||||
umask(0177);
|
|
||||||
init_sighandler();
|
|
||||||
-
|
|
||||||
setdefaults_before_config();
|
|
||||||
|
|
||||||
+#if WITH_GCRYPT
|
|
||||||
+ error(255,"Gcrypt library initialization\n");
|
|
||||||
+ /*
|
|
||||||
+ * Initialize libgcrypt as per
|
|
||||||
+ * http://www.gnupg.org/documentation/manuals/gcrypt/Initializing-the-library.html
|
|
||||||
+ *
|
|
||||||
+ *
|
|
||||||
+ */
|
|
||||||
+ gcry_control(GCRYCTL_SET_ENFORCED_FIPS_FLAG, 0);
|
|
||||||
+ gcry_control(GCRYCTL_INIT_SECMEM, 1);
|
|
||||||
+
|
|
||||||
+ if(!gcry_check_version(GCRYPT_VERSION)) {
|
|
||||||
+ error(0,"libgcrypt version mismatch\n");
|
|
||||||
+ exit(VERSION_MISMATCH_ERROR);
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
|
|
||||||
+#endif /* WITH_GCRYPT */
|
|
||||||
+
|
|
||||||
+
|
|
||||||
if(read_param(argc,argv)==RETFAIL){
|
|
||||||
error(0, _("Invalid argument\n") );
|
|
||||||
exit(INVALID_ARGUMENT_ERROR);
|
|
||||||
@@ -646,6 +665,9 @@ int main(int argc,char**argv)
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
}
|
|
||||||
+#ifdef WITH_GCRYPT
|
|
||||||
+ gcry_control(GCRYCTL_TERM_SECMEM, 0);
|
|
||||||
+#endif /* WITH_GCRYPT */
|
|
||||||
return RETOK;
|
|
||||||
}
|
|
||||||
const char* aide_key_3=CONFHMACKEY_03;
|
|
||||||
diff -up ./src/md.c.orig ./aide-0.16b1/src/md.c
|
|
||||||
--- ./src/md.c.orig 2016-04-15 23:30:16.000000000 +0200
|
|
||||||
+++ ./src/md.c 2016-07-12 11:35:04.007675329 +0200
|
|
||||||
@@ -201,14 +201,7 @@ int init_md(struct md_container* md) {
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
#ifdef WITH_GCRYPT
|
|
||||||
- error(255,"Gcrypt library initialization\n");
|
|
||||||
- if(!gcry_check_version(GCRYPT_VERSION)) {
|
|
||||||
- error(0,"libgcrypt version mismatch\n");
|
|
||||||
- exit(VERSION_MISMATCH_ERROR);
|
|
||||||
- }
|
|
||||||
- gcry_control(GCRYCTL_DISABLE_SECMEM, 0);
|
|
||||||
- gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
|
|
||||||
- if(gcry_md_open(&md->mdh,0,0)!=GPG_ERR_NO_ERROR){
|
|
||||||
+ if(gcry_md_open(&md->mdh,0,GCRY_MD_FLAG_SECURE)!=GPG_ERR_NO_ERROR){
|
|
||||||
error(0,"gcrypt_md_open failed\n");
|
|
||||||
exit(IO_ERROR);
|
|
||||||
}
|
|
||||||
@@ -299,7 +292,7 @@ int close_md(struct md_container* md) {
|
|
||||||
|
|
||||||
/*. There might be more hashes in the library. Add those here.. */
|
|
||||||
|
|
||||||
- gcry_md_reset(md->mdh);
|
|
||||||
+ gcry_md_close(md->mdh);
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#ifdef WITH_MHASH
|
|
||||||
diff -up ./src/util.c.orig ./aide-0.16b1/src/util.c
|
|
||||||
--- ./src/util.c.orig 2016-07-12 11:39:17.023437355 +0200
|
|
||||||
+++ ./src/util.c 2016-07-12 11:39:51.618721157 +0200
|
|
||||||
@@ -519,28 +519,5 @@ int syslog_facility_lookup(char *s)
|
|
||||||
return(AIDE_SYSLOG_FACILITY);
|
|
||||||
}
|
|
||||||
|
|
||||||
-/* We need these dummy stubs to fool the linker into believing that
|
|
||||||
- we do not need them at link time */
|
|
||||||
-
|
|
||||||
-void* dlopen(char*filename,int flag)
|
|
||||||
-{
|
|
||||||
- return NULL;
|
|
||||||
-}
|
|
||||||
-
|
|
||||||
-void* dlsym(void*handle,char*symbol)
|
|
||||||
-{
|
|
||||||
- return NULL;
|
|
||||||
-}
|
|
||||||
-
|
|
||||||
-void* dlclose(void*handle)
|
|
||||||
-{
|
|
||||||
- return NULL;
|
|
||||||
-}
|
|
||||||
-
|
|
||||||
-const char* dlerror(void)
|
|
||||||
-{
|
|
||||||
- return NULL;
|
|
||||||
-}
|
|
||||||
-
|
|
||||||
const char* aide_key_2=CONFHMACKEY_02;
|
|
||||||
const char* db_key_2=DBHMACKEY_02;
|
|
@ -1,15 +0,0 @@
|
|||||||
diff -up ./doc/aide.1.in.orig ./doc/aide.1.in
|
|
||||||
--- ./doc/aide.1.in.orig 2016-07-12 16:10:01.724595895 +0200
|
|
||||||
+++ ./doc/aide.1.in 2016-07-12 16:06:21.968639822 +0200
|
|
||||||
@@ -103,9 +103,9 @@ echo <encoded_checksum> | base64 \-d | h
|
|
||||||
.SH FILES
|
|
||||||
.IP \fB@sysconfdir@/aide.conf\fR
|
|
||||||
Default aide configuration file.
|
|
||||||
-.IP \fB@sysconfdir@/aide.db\fR
|
|
||||||
+.IP \fB@localstatedir@/lib/aide/aide.db\fR
|
|
||||||
Default aide database.
|
|
||||||
-.IP \fB@sysconfdir@/aide.db.new\fR
|
|
||||||
+.IP \fB@localstatedir@/lib/aide/aide.db.new\fR
|
|
||||||
Default aide output database.
|
|
||||||
.SH SEE ALSO
|
|
||||||
.BR aide.conf (5)
|
|
File diff suppressed because it is too large
Load Diff
@ -1,30 +0,0 @@
|
|||||||
This is no longer relevant upstream as of this commit:
|
|
||||||
|
|
||||||
commit ab12f8919f0f7beff0b8db974e98285ede6a285d
|
|
||||||
Author: Hannes von Haugwitz <hannes@vonhaugwitz.com>
|
|
||||||
Date: Sun Sep 22 07:26:28 2019 +0200
|
|
||||||
|
|
||||||
Use AC_SYS_LARGEFILE for large-file support
|
|
||||||
|
|
||||||
- closes #16
|
|
||||||
- require C99 compatible compiler
|
|
||||||
- stop using readdir_r in favor of readdir
|
|
||||||
- remove unused 'size_o member in db_line struct
|
|
||||||
- '--disable-largefile' now disables LFS
|
|
||||||
|
|
||||||
diff --git a/configure.ac b/configure.ac
|
|
||||||
index cafe16e95ed68c9f..144d55a9146548c0 100644
|
|
||||||
--- a/configure.ac
|
|
||||||
+++ b/configure.ac
|
|
||||||
@@ -574,9 +574,10 @@ AC_CACHE_CHECK([for LFS ino_t],ac_cv_ino_type,[
|
|
||||||
AC_TRY_RUN([
|
|
||||||
#include <unistd.h>
|
|
||||||
#include <stdio.h>
|
|
||||||
+#include <stdlib.h>
|
|
||||||
#include <sys/types.h>
|
|
||||||
#include <sys/stat.h>
|
|
||||||
-main() { struct stat64 st; ino64_t s; if (sizeof(ino_t) == sizeof(ino64_t)) exit(1); exit((lstat64("/dev/null", &st)==0)?0:1); }],
|
|
||||||
+int main() { struct stat64 st; ino64_t s; if (sizeof(ino_t) == sizeof(ino64_t)) exit(1); exit((lstat64("/dev/null", &st)==0)?0:1); }],
|
|
||||||
ac_cv_ino_type=ino64_t,ac_cv_ino_type=ino_t,ac_cv_ino_type=cross)])
|
|
||||||
AIDE_INO_TYPE=$ac_cv_ino_type
|
|
||||||
|
|
@ -1,60 +0,0 @@
|
|||||||
Mostly equivalent to this upstream commit:
|
|
||||||
|
|
||||||
commit 601113f8a57c8f195af09bb2f14123449fa6bded
|
|
||||||
Author: Sam James <sam@gentoo.org>
|
|
||||||
Date: Fri Nov 18 00:04:53 2022 +0000
|
|
||||||
|
|
||||||
Fix configure.ac compatibility with Clang 16
|
|
||||||
|
|
||||||
Clang 16 makes -Wimplicit-function-declaration and -Wimplicit-int errors by default.
|
|
||||||
|
|
||||||
Unfortunately, this can lead to misconfiguration or miscompilation of software as configure
|
|
||||||
tests may then return the wrong result.
|
|
||||||
|
|
||||||
We also fix -Wstrict-prototypes while here as it's easy to do and it prepares
|
|
||||||
us for C23.
|
|
||||||
|
|
||||||
For more information, see LWN.net [0] or LLVM's Discourse [1], the Gentoo wiki [2],
|
|
||||||
or the (new) c-std-porting mailing list [3].
|
|
||||||
|
|
||||||
[0] https://lwn.net/Articles/913505/
|
|
||||||
[1] https://discourse.llvm.org/t/configure-script-breakage-with-the-new-werror-implicit-function-declaration/65213
|
|
||||||
[2] https://wiki.gentoo.org/wiki/Modern_C_porting
|
|
||||||
[3] hosted at lists.linux.dev.
|
|
||||||
|
|
||||||
Bug: https://bugs.gentoo.org/881707
|
|
||||||
Signed-off-by: Sam James <sam@gentoo.org>
|
|
||||||
|
|
||||||
diff --git a/configure.ac b/configure.ac
|
|
||||||
index 144d55a9146548c0..e74911535ddd015f 100644
|
|
||||||
--- a/configure.ac
|
|
||||||
+++ b/configure.ac
|
|
||||||
@@ -279,7 +279,10 @@ AC_CHECK_FUNCS(fcntl ftruncate posix_fadvise asprintf snprintf \
|
|
||||||
AC_CACHE_CHECK([for open/O_NOATIME], db_cv_open_o_noatime, [
|
|
||||||
echo "test for working open/O_NOATIME" > __o_noatime_file
|
|
||||||
AC_TRY_RUN([
|
|
||||||
+#include <stdlib.h>
|
|
||||||
#include <sys/types.h>
|
|
||||||
+#include <sys/stat.h>
|
|
||||||
+#include <unistd.h>
|
|
||||||
#include <fcntl.h>
|
|
||||||
#ifndef O_NOATIME
|
|
||||||
#if defined(__linux__) && (defined(__i386__) || defined(__PPC__))
|
|
||||||
@@ -288,12 +291,15 @@ AC_TRY_RUN([
|
|
||||||
#define O_NOATIME 0
|
|
||||||
#endif
|
|
||||||
#endif
|
|
||||||
-main() {
|
|
||||||
+int main() {
|
|
||||||
int c, fd = open("__o_noatime_file", O_RDONLY | O_NOATIME, 0);
|
|
||||||
exit ((!O_NOATIME) || (fd == -1) || (read(fd, &c, 1) != 1));
|
|
||||||
}], [db_cv_open_o_noatime=yes], [db_cv_open_o_noatime=no],
|
|
||||||
AC_TRY_LINK([
|
|
||||||
-#include <sys/types.h>
|
|
||||||
+#include <stdlib.h>
|
|
||||||
+#include <sys/types.h>
|
|
||||||
+#include <sys/stat.h>
|
|
||||||
+#include <unistd.h>
|
|
||||||
#include <fcntl.h>
|
|
||||||
#ifndef O_NOATIME
|
|
||||||
#if defined(__linux__) && (defined(__i386__) || defined(__PPC__))
|
|
34
aide-verbose.patch
Normal file
34
aide-verbose.patch
Normal file
@ -0,0 +1,34 @@
|
|||||||
|
diff -up ./src/conf_eval.c.fix ./src/conf_eval.c
|
||||||
|
--- ./src/conf_eval.c.fix 2023-12-22 12:12:22.961141634 +0100
|
||||||
|
+++ ./src/conf_eval.c 2023-12-22 14:09:21.217786675 +0100
|
||||||
|
@@ -166,6 +166,7 @@ static DB_ATTR_TYPE eval_attribute_expre
|
||||||
|
|
||||||
|
static void set_database_attr_option(DB_ATTR_TYPE attr, int linenumber, char *filename, char* linebuf) {
|
||||||
|
char *str;
|
||||||
|
+ long num;
|
||||||
|
|
||||||
|
DB_ATTR_TYPE hashes = get_hashes(true);
|
||||||
|
if (attr&(~hashes)) {
|
||||||
|
@@ -298,8 +299,20 @@ static void eval_config_statement(config
|
||||||
|
LOG_CONFIG_FORMAT_LINE(LOG_LEVEL_CONFIG, "set 'config_version' option to '%s'", str)
|
||||||
|
break;
|
||||||
|
case VERBOSE_OPTION:
|
||||||
|
- log_msg(LOG_LEVEL_ERROR, "%s:%d: 'verbose' option is no longer supported, use 'log_level' and 'report_level' options instead (see man aide.conf for details) (line: '%s')", conf_filename, conf_linenumber, conf_linebuf);
|
||||||
|
- exit(INVALID_CONFIGURELINE_ERROR);
|
||||||
|
+ log_msg(LOG_LEVEL_CONFIG, "%s:%d: 'verbose' option is deprecated, use 'log_level' and 'report_level' options instead (see man aide.conf for details) (line: '%s')", conf_filename, conf_linenumber, conf_linebuf);
|
||||||
|
+ str = eval_string_expression(statement.e, linenumber, filename, linebuf);
|
||||||
|
+ num = strtol(str, NULL, 10);
|
||||||
|
+
|
||||||
|
+ if (num < 0 && num > 255) {
|
||||||
|
+ LOG_CONFIG_FORMAT_LINE(LOG_LEVEL_ERROR, "invalid verbose level: '%s'", str);
|
||||||
|
+ exit(INVALID_CONFIGURELINE_ERROR);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (num >= 10) {
|
||||||
|
+ set_log_level(LOG_LEVEL_DEBUG);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ free(str);
|
||||||
|
break;
|
||||||
|
case LIMIT_CMDLINE_OPTION:
|
||||||
|
/* command-line options are ignored here */
|
22
aide.spec
22
aide.spec
@ -1,7 +1,7 @@
|
|||||||
Summary: Intrusion detection environment
|
Summary: Intrusion detection environment
|
||||||
Name: aide
|
Name: aide
|
||||||
Version: 0.18.6
|
Version: 0.18.6
|
||||||
Release: 3%{?dist}
|
Release: 4%{?dist}
|
||||||
URL: http://sourceforge.net/projects/aide
|
URL: http://sourceforge.net/projects/aide
|
||||||
License: GPL-2.0-or-later
|
License: GPL-2.0-or-later
|
||||||
|
|
||||||
@ -25,20 +25,7 @@ BuildRequires: e2fsprogs-devel
|
|||||||
BuildRequires: audit-libs-devel
|
BuildRequires: audit-libs-devel
|
||||||
BuildRequires: autoconf automake libtool
|
BuildRequires: autoconf automake libtool
|
||||||
|
|
||||||
# Customize the database file location in the man page.
|
Patch1: aide-verbose.patch
|
||||||
#Patch1: aide-0.16rc1-man.patch
|
|
||||||
# fix aide in FIPS mode
|
|
||||||
#Patch2: aide-0.16b1-fipsfix.patch
|
|
||||||
# Bug 1674637 - aide: FTBFS in Fedora rawhide/f30
|
|
||||||
#Patch3: aide-0.16-Use-LDADD-for-adding-curl-library-to-the-linker-comm.patch
|
|
||||||
|
|
||||||
#Patch4: aide-0.15-syslog-format.patch
|
|
||||||
#Patch5: aide-0.16-crypto-disable-haval-and-others.patch
|
|
||||||
#Patch6: coverity.patch
|
|
||||||
#Patch7: aide-0.16-crash-elf.patch
|
|
||||||
#Patch8: aide-configure-c99-1.patch
|
|
||||||
#Patch9: aide-configure-c99-2.patch
|
|
||||||
#Patch10: aide-configure-c99-3.patch
|
|
||||||
|
|
||||||
%description
|
%description
|
||||||
AIDE (Advanced Intrusion Detection Environment) is a file integrity
|
AIDE (Advanced Intrusion Detection Environment) is a file integrity
|
||||||
@ -48,6 +35,8 @@ checker and intrusion detection program.
|
|||||||
%autosetup -p1
|
%autosetup -p1
|
||||||
cp -a %{S:2} .
|
cp -a %{S:2} .
|
||||||
|
|
||||||
|
%patch -R -P 1 -p1 -b .verbose
|
||||||
|
|
||||||
%build
|
%build
|
||||||
#autoreconf -ivf
|
#autoreconf -ivf
|
||||||
%configure \
|
%configure \
|
||||||
@ -83,6 +72,9 @@ mkdir -p -m0700 %{buildroot}%{_localstatedir}/lib/aide
|
|||||||
%dir %attr(0700,root,root) %{_localstatedir}/log/aide
|
%dir %attr(0700,root,root) %{_localstatedir}/log/aide
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Feb 12 2024 Radovan Sroka <rsroka@redhat.com> - 0.18.6-4
|
||||||
|
- rebase to 0.18.6
|
||||||
|
|
||||||
* Mon Jan 22 2024 Fedora Release Engineering <releng@fedoraproject.org> - 0.18.6-3
|
* Mon Jan 22 2024 Fedora Release Engineering <releng@fedoraproject.org> - 0.18.6-3
|
||||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
|
||||||
|
|
||||||
|
@ -1,31 +0,0 @@
|
|||||||
diff --up ./src/compare_db.c ./src/compare_db.c
|
|
||||||
--- ./src/compare_db.c
|
|
||||||
+++ ./src/compare_db.c
|
|
||||||
@@ -438,7 +438,11 @@ snprintf(*values[0], l, "%s",s);
|
|
||||||
} else {
|
|
||||||
*values = malloc(1 * sizeof (char*));
|
|
||||||
if (DB_FTYPE&attr) {
|
|
||||||
- easy_string(get_file_type_string(line->perm))
|
|
||||||
+ char *file_type = get_file_type_string(line->perm);
|
|
||||||
+ if (!file_type) {
|
|
||||||
+ error(2,"%s: ", file_type);
|
|
||||||
+ }
|
|
||||||
+ easy_string(file_type)
|
|
||||||
} else if (DB_LINKNAME&attr) {
|
|
||||||
easy_string(line->linkname)
|
|
||||||
easy_number((DB_SIZE|DB_SIZEG),size,"%li")
|
|
||||||
diff -up ./src/db_file.c ./src/db_file.c
|
|
||||||
--- ./src/db_file.c
|
|
||||||
+++ ./src/db_file.c
|
|
||||||
@@ -194,6 +194,10 @@ int db_file_read_spec(int db){
|
|
||||||
|
|
||||||
*db_order=(DB_FIELD*) malloc(1*sizeof(DB_FIELD));
|
|
||||||
|
|
||||||
+ if (*db_order == NULL){
|
|
||||||
+ error(1,"malloc for *db_order failed in %s", __func__);
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
while ((i=db_scan())!=TNEWLINE){
|
|
||||||
switch (i) {
|
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user