rpms/audit
6
0
Fork 0
Code Issues Pull Requests Releases Activity

- Add prelude IDS plugin for IDMEF alerts

Browse Source 
- Add --user option to aulastlog command
- Use desktop-file-install for system-config-audit
- Avoid touching auditd.conf most of the time (#408501)
This commit is contained in:
Steve Grubb 2008-01-19 20:59:34 +00:00
parent 597b4aeb16
commit 9893d2d877
3 changed files with 37 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.cvsignore
View File

@ -82,3 +82,4 @@ audit-1.6.1.tar.gz
audit-1.6.2.tar.gz audit-1.6.2.tar.gz
audit-1.6.4.tar.gz audit-1.6.4.tar.gz
audit-1.6.5.tar.gz audit-1.6.5.tar.gz
audit-1.6.6.tar.gz

48
audit.spec
View File

@ -1,12 +1,12 @@
%define sca_version 0.4.5 %define sca_version 0.4.5
%define sca_release 7 %define sca_release 8
%define selinux_variants mls strict targeted %define selinux_variants mls strict targeted
%define selinux_policyver 3.2.5 %define selinux_policyver 3.2.5
Summary: User space tools for 2.6 kernel auditing Summary: User space tools for 2.6 kernel auditing
Name: audit Name: audit
Version: 1.6.5 Version: 1.6.6
Release: 3%{?dist} Release: 1%{?dist}
License: GPLv2+ License: GPLv2+
Group: System Environment/Daemons Group: System Environment/Daemons
URL: http://people.redhat.com/sgrubb/audit/ URL: http://people.redhat.com/sgrubb/audit/
@ -61,7 +61,10 @@ Summary: Plugins for the audit event dispatcher
License: GPLv2+ License: GPLv2+
Group: System Environment/Daemons Group: System Environment/Daemons
BuildRequires: openldap-devel BuildRequires: openldap-devel
BuildRequires: checkpolicy selinux-policy-devel %if "%{selinux_policyver}" != ""
BuildRequires: checkpolicy selinux-policy-devel >= %{selinux_policyver}
%endif
BuildRequires: libprelude-devel >= 0.9.16
Requires: %{name} = %{version}-%{release} Requires: %{name} = %{version}-%{release}
Requires: %{name}-libs = %{version}-%{release} Requires: %{name}-libs = %{version}-%{release}
Requires: openldap Requires: openldap
@ -83,6 +86,7 @@ Version: %{sca_version}
Release: %{sca_release}%{?dist} Release: %{sca_release}%{?dist}
License: GPLv2+ License: GPLv2+
Group: Applications/System Group: Applications/System
BuildRequires: desktop-file-utils
Requires: pygtk2-libglade usermode usermode-gtk Requires: pygtk2-libglade usermode usermode-gtk
%description -n system-config-audit %description -n system-config-audit
@ -96,7 +100,7 @@ cp -p audisp/plugins/zos-remote/policy/audispd-zos-remote.* zos-remote-policy
%build %build
(cd system-config-audit; ./autogen.sh) (cd system-config-audit; ./autogen.sh)
aclocal && autoconf && autoheader && automake aclocal && autoconf && autoheader && automake
%configure --sbindir=/sbin --libdir=/%{_lib} %configure --sbindir=/sbin --libdir=/%{_lib} --with-prelude
make make
cd zos-remote-policy cd zos-remote-policy
for selinuxvariant in %{selinux_variants} for selinuxvariant in %{selinux_variants}
@ -149,6 +153,11 @@ touch -r ./audit.spec $RPM_BUILD_ROOT/etc/libaudit.conf
%find_lang system-config-audit %find_lang system-config-audit
desktop-file-install \
--dir $RPM_BUILD_ROOT/%{_datadir}/applications \
--delete-original \
system-config-audit/system-config-audit.desktop
# This is a reminder to enable it when tests # This is a reminder to enable it when tests
# aren't based on postfix uids # aren't based on postfix uids
#% check #% check
@ -171,18 +180,23 @@ done
%post %post
/sbin/chkconfig --add auditd /sbin/chkconfig --add auditd
# This is to migrate users from audit-1.0.x installations
if [ -f /etc/auditd.conf ]; then if [ -f /etc/auditd.conf ]; then
mv /etc/auditd.conf /etc/audit/auditd.conf mv /etc/auditd.conf /etc/audit/auditd.conf
fi fi
if [ -f /etc/audit.rules ]; then if [ -f /etc/audit.rules ]; then
mv /etc/audit.rules /etc/audit/audit.rules mv /etc/audit.rules /etc/audit/audit.rules
fi fi
# This is to enable the dispatcher option which was commented out
if [ -f /etc/audit/auditd.conf ]; then if [ -f /etc/audit/auditd.conf ]; then
tmp=`mktemp /etc/audit/auditd-post.XXXXXX` grep '^dispatcher' /etc/audit/auditd.conf >/dev/null
if [ -n $tmp ]; then if [ $? -eq 1 ] ; then
sed 's|^#dispatcher|dispatcher|g' /etc/audit/auditd.conf > $tmp && \ tmp=`mktemp /etc/audit/auditd-post.XXXXXX`
cat $tmp > /etc/audit/auditd.conf if [ -n $tmp ]; then
rm -f $tmp sed 's|^#dispatcher|dispatcher|g' /etc/audit/auditd.conf > $tmp && \
cat $tmp > /etc/audit/auditd.conf
rm -f $tmp
fi
fi fi
fi fi
@ -192,8 +206,7 @@ if [ $1 -eq 0 ]; then
/sbin/chkconfig --del auditd /sbin/chkconfig --del auditd
fi fi
%postun libs %postun libs -p /sbin/ldconfig
/sbin/ldconfig 2>/dev/null
%postun -n audispd-plugins %postun -n audispd-plugins
if [ $1 -eq 0 ]; then if [ $1 -eq 0 ]; then
@ -262,7 +275,7 @@ fi
%config(noreplace) %attr(640,root,root) /etc/audit/audit.rules %config(noreplace) %attr(640,root,root) /etc/audit/audit.rules
%config(noreplace) %attr(640,root,root) /etc/sysconfig/auditd %config(noreplace) %attr(640,root,root) /etc/sysconfig/auditd
%config(noreplace) %attr(640,root,root) /etc/audisp/audispd.conf %config(noreplace) %attr(640,root,root) /etc/audisp/audispd.conf
%attr(640,root,root) /etc/audisp/plugins.d/af_unix.conf %config(noreplace) %attr(640,root,root) /etc/audisp/plugins.d/af_unix.conf
%files -n audispd-plugins %files -n audispd-plugins
%defattr(-,root,root,-) %defattr(-,root,root,-)
@ -273,6 +286,9 @@ fi
%config(noreplace) %attr(640,root,root) /etc/audisp/zos-remote.conf %config(noreplace) %attr(640,root,root) /etc/audisp/zos-remote.conf
%attr(750,root,root) /sbin/audispd-zos-remote %attr(750,root,root) /sbin/audispd-zos-remote
%attr(644,root,root) %{_datadir}/selinux/*/audispd-zos-remote.pp %attr(644,root,root) %{_datadir}/selinux/*/audispd-zos-remote.pp
%config(noreplace) %attr(640,root,root) /etc/audisp/plugins.d/au-prelude.conf
%attr(750,root,root) /sbin/audisp-prelude
%attr(644,root,root) %{_mandir}/man8/audisp-prelude.8.gz
%files -n system-config-audit -f system-config-audit.lang %files -n system-config-audit -f system-config-audit.lang
%defattr(-,root,root,-) %defattr(-,root,root,-)
@ -290,6 +306,12 @@ fi
%config(noreplace) %{_sysconfdir}/security/console.apps/system-config-audit-server %config(noreplace) %{_sysconfdir}/security/console.apps/system-config-audit-server
%changelog %changelog
* Sat Jan 19 2008 Steve Grubb <sgrubb@redhat.com> 1.6.6-1
- Add prelude IDS plugin for IDMEF alerts
- Add --user option to aulastlog command
- Use desktop-file-install for system-config-audit
- Avoid touching auditd.conf most of the time (#408501)
* Fri Jan 11 2008 Steve Grubb <sgrubb@redhat.com> 1.6.5-3 * Fri Jan 11 2008 Steve Grubb <sgrubb@redhat.com> 1.6.5-3
- Updates for spec file review - Updates for spec file review
- Adjust permission on selinux policy file - Adjust permission on selinux policy file

2
sources
View File

@ -1 +1 @@
53ede8c7422cb251d01d06c7a5e3027b audit-1.6.5.tar.gz 9ce3c68697084f075928cc226357f242 audit-1.6.6.tar.gz