SLFO-pool/aide
SHA256
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Sync from SUSE:SLFO:Main aide revision aad92bb13b18f074f39aa8ba2b2d875e

Browse Source
This commit is contained in:
Adrian Schröter 2024-05-03 10:54:29 +02:00
commit cb05f916cb
17 changed files with 1234 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
.gitattributes vendored Normal file
View File

@ -0,0 +1,23 @@
## Default LFS
*.7z filter=lfs diff=lfs merge=lfs -text
*.bsp filter=lfs diff=lfs merge=lfs -text
*.bz2 filter=lfs diff=lfs merge=lfs -text
*.gem filter=lfs diff=lfs merge=lfs -text
*.gz filter=lfs diff=lfs merge=lfs -text
*.jar filter=lfs diff=lfs merge=lfs -text
*.lz filter=lfs diff=lfs merge=lfs -text
*.lzma filter=lfs diff=lfs merge=lfs -text
*.obscpio filter=lfs diff=lfs merge=lfs -text
*.oxt filter=lfs diff=lfs merge=lfs -text
*.pdf filter=lfs diff=lfs merge=lfs -text
*.png filter=lfs diff=lfs merge=lfs -text
*.rpm filter=lfs diff=lfs merge=lfs -text
*.tbz filter=lfs diff=lfs merge=lfs -text
*.tbz2 filter=lfs diff=lfs merge=lfs -text
*.tgz filter=lfs diff=lfs merge=lfs -text
*.ttf filter=lfs diff=lfs merge=lfs -text
*.txz filter=lfs diff=lfs merge=lfs -text
*.whl filter=lfs diff=lfs merge=lfs -text
*.xz filter=lfs diff=lfs merge=lfs -text
*.zip filter=lfs diff=lfs merge=lfs -text
*.zst filter=lfs diff=lfs merge=lfs -text

13
aide-0.18-as-needed.patch Normal file
View File

@ -0,0 +1,13 @@
Index: aide-0.18.3/Makefile.am
===================================================================
--- aide-0.18.3.orig/Makefile.am
+++ aide-0.18.3/Makefile.am
@@ -65,7 +65,7 @@ aide_SOURCES += include/fopen.h src/fope
endif
aide_CFLAGS = @AIDE_DEFS@ -W -Wall -g ${PTHREAD_CFLAGS}
-aide_LDADD = -lm ${PCRE2_LIBS} ${ZLIB_LIBS} ${MHASH_LIBS} ${GCRYPT_LIBS} ${POSIX_ACL_LIBS} ${SELINUX_LIBS} ${AUDIT_LIBS} ${XATTR_LIBS} ${ELF_LIBS} ${E2FSATTRS_LIBS} ${CAPABILITIES_LIBS} ${CURL_LIBS} ${PTHREAD_LIBS}
+aide_LDADD = -lm ${LDFLAGS} ${PCRE2_LIBS} ${ZLIB_LIBS} ${MHASH_LIBS} ${GCRYPT_LIBS} ${POSIX_ACL_LIBS} ${SELINUX_LIBS} ${AUDIT_LIBS} ${XATTR_LIBS} ${ELF_LIBS} ${E2FSATTRS_LIBS} ${CAPABILITIES_LIBS} ${CURL_LIBS} ${PTHREAD_LIBS}
if HAVE_CHECK
TESTS = check_aide

BIN
aide-0.18.6.tar.gz (Stored with Git LFS) Normal file
View File

Binary file not shown.

14
aide-0.18.6.tar.gz.asc Normal file
View File

@ -0,0 +1,14 @@
-----BEGIN PGP SIGNATURE-----
iQGzBAABCgAdFiEEVJXNoXyawXqyOEGnGO6GOGAi71cFAmTIxuAACgkQGO6GOGAi
71ftsAv/bkzrJqAidCXFHf57lBcWFwcK8j9P1CNDF+sufw1Y7MVO/LaC0B6WGJyN
LjX9+bddNFl6k6uy8KW4O6DUGLV85milImKfNybIanyDTkA2/447r9GlT6+AEd5n
rlibs4yQ/39+2fjbeEENcKXGsfv0UMmx+GgR7uyQiEoj4ohyWH1x9Ti5mahcvr1L
GLNn7XdCcBXzhJIzQtjxZ68zKlIAjw25ajltBPd2s3Ep3xEhYYIvSfOrLtoWvBTB
MBAPcq1SHPJkdZVdnyCpLV5uUB7bQLURzw9ZVlePtBHWB97MBzy3d+4mB7G6jN2i
eMCYR7W0NKV7WoIZRVlz/8XA1rifrlCNO/pmul7cz8fOa9MQIQmFhgAbDr4zRbJs
r2ilh6mDh3nCjhl9qi13lyk6q3Y4cC5XyfMSprmt+QcOGmdWFOV2kcXhGL4hqCZX
uNkgv7uyARDJvs9uylagAkR39zmKNsK9brcT6NgF8srz9+FNXu32AC88mV6JtrCb
xdoH7aWM
=qETo
-----END PGP SIGNATURE-----

38
aide-cron_daily.sh Normal file
View File

@ -0,0 +1,38 @@
#!/bin/sh
#
# AIDE _Example_ Cron Script
#
# Use at your own risk!
#
# Matthias G. Eckermann <mge@suse.de>
#
AIDEBINARY=/usr/bin/aide
AIDECONFIG=/etc/aide.conf
AIDEDOMOUNT=
AIDERODEVICE=
MOUNT=/bin/mount
UMOUNT=/bin/umount
#
# if you want to have the aide database on a CDROM,
# then play with these options:
#
#AIDERODEVICE=/media/cdrom
#AIDEDOMOUNT="yes" # some non-zero-string
#AIDECONFIG=/media/cdrom/aide.conf
if [ ".$AIDEDOMOUNT" != "." ] && [ ".$AIDERODEVICE" != "." ] ; then
echo "mounting $AIDERODEVICE"
$MOUNT $AIDERODEVICE
fi
if [ -x $AIDEBINARY -a $AIDECONFIG ]; then
$AIDEBINARY --config=$AIDECONFIG --check
fi
if [ ".$AIDEDOMOUNT" != "." ] && [ ".$AIDERODEVICE" != "." ] ; then
echo "unmounting $AIDERODEVICE"
$UMOUNT $AIDERODEVICE
fi

26
aide-systemd.patch Normal file
View File

@ -0,0 +1,26 @@
Index: aide-0.18.3/doc/aide.1
===================================================================
--- aide-0.18.3.orig/doc/aide.1
+++ aide-0.18.3/doc/aide.1
@@ -143,7 +143,7 @@ See \fB--version\fR output for the defau
default \fBdatabase_in\fR and \fBdatabase_out\fR config values.
.SH SEE ALSO
-.BR aide.conf (5)
+.BR aide.conf (5), aide.service (8), aide.timer (8)
.SH BUGS
There are probably bugs in this release. Please report them
at https://github.com/aide/aide/issues .
Index: aide-0.18.3/doc/aide.conf.5
===================================================================
--- aide-0.18.3.orig/doc/aide.conf.5
+++ aide-0.18.3/doc/aide.conf.5
@@ -1090,7 +1090,7 @@ In the following, the first is not allow
.B "/foo e+p+u+g"
.PP
.SH "SEE ALSO"
-.BR aide (1)
+.BR aide (1), aide.service (8), aide.timer (8)
.SH DISCLAIMER
All trademarks are the property of their respective owners.
No animals were harmed while making this webpage or this piece of

11
aide-test.sh Normal file
View File

@ -0,0 +1,11 @@
#!/bin/sh
export TESTDIR=`mktemp -d /tmp/aide.XXXXXX`
install -m 700 -d $TESTDIR/var/lib/aide
install -m 700 -d $TESTDIR/etc
install -m 600 /etc/aide.conf $TESTDIR/etc/aide.conf.new
sed -e "s#/var/lib/aide#$TESTDIR/var/lib/aide#g" <$TESTDIR/etc/aide.conf.new >$TESTDIR/etc/aide.conf
/usr/bin/aide -c $TESTDIR/etc/aide.conf --init || exit 1
mv $TESTDIR/var/lib/aide/aide.db.new $TESTDIR/var/lib/aide/aide.db
/usr/bin/aide -c $TESTDIR/etc/aide.conf --check --verbose || exit 1
rm -rf $TESTDIR

211
aide-xattr-in-libc.patch Normal file
View File

@ -0,0 +1,211 @@
Index: aide-0.18.6/configure.ac
===================================================================
--- aide-0.18.6.orig/configure.ac
+++ aide-0.18.6/configure.ac
@@ -59,7 +59,7 @@ dnl Do the right thing for glibc...
AIDE_DEFS="-D_GNU_SOURCE"
dnl This is borrowed from libtool
-
+
if test $ac_cv_c_compiler_gnu = yes; then
LD_STATIC_FLAG='-static'
@@ -101,54 +101,54 @@ else
# All AIX code is PIC.
LD_STATIC_FLAG='-bnso -bI:/lib/syscalls.exp'
;;
-
+
hpux9* | hpux10* | hpux11*)
# Is there a better LD_STATIC_FLAG that works with the bundled CC?
## wl='-Wl,'
LD_STATIC_FLAG="${wl}-a ${wl}archive"
## pic_flag='+Z'
;;
-
+
irix5* | irix6*)
## wl='-Wl,'
LD_STATIC_FLAG='-non_shared'
# PIC (with -KPIC) is the default.
;;
-
+
cygwin* | mingw* | os2*)
# We can build DLLs from non-PIC.
;;
-
+
osf3* | osf4* | osf5*)
# All OSF/1 code is PIC.
## wl='-Wl,'
LD_STATIC_FLAG='-non_shared'
;;
-
+
sco3.2v5*)
## pic_flag='-Kpic'
LD_STATIC_FLAG='-dn'
## special_shlib_compile_flags='-belf'
;;
-
+
solaris*)
## pic_flag='-KPIC'
LD_STATIC_FLAG='-Bstatic'
## wl='-Wl,'
;;
-
+
sunos4*)
## pic_flag='-PIC'
LD_STATIC_FLAG='-Bstatic'
## wl='-Qoption ld '
;;
-
+
sysv4 | sysv4.2uw2* | sysv4.3* | sysv5*)
## pic_flag='-KPIC'
LD_STATIC_FLAG='-Bstatic'
## wl='-Wl,'
;;
-
+
uts4*)
## pic_flag='-pic'
LD_STATIC_FLAG='-Bstatic'
@@ -338,8 +338,6 @@ fi
AIDE_PKG_CHECK(selinux, SELinux, no, SELINUX, libselinux, selinux)
-AIDE_PKG_CHECK(xattr, xattr, no, XATTR, libattr, xattrs)
-
AIDE_PKG_CHECK(capabilities, POSIX 1003.1e capabilities, no, CAPABILITIES, libcap, caps)
AIDE_PKG_CHECK(e2fsattrs, e2fsattrs, no, E2FSATTRS, e2p, e2fsattrs)
Index: aide-0.18.6/include/db_config.h
===================================================================
--- aide-0.18.6.orig/include/db_config.h
+++ aide-0.18.6/include/db_config.h
@@ -19,7 +19,7 @@
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
-
+
#ifndef _DB_CONFIG_H_INCLUDED
#define _DB_CONFIG_H_INCLUDED
@@ -32,7 +32,6 @@
#ifdef WITH_ZLIB
#include <zlib.h>
#endif
-#include "attributes.h"
#include "hashsum.h"
#include "db_line.h"
#include "list.h"
@@ -75,7 +74,7 @@
/* int (*close)(_db_config*); */
/* int db_size; */
/* DB_FIELD* db_order; */
-/* void* local; */
+/* void* local; */
/* }_db_config ; */
typedef struct database {
@@ -111,14 +110,14 @@ typedef struct db_config {
#ifdef WITH_ZLIB
/* Is dbout gzipped or not */
int gzip_dbout;
-
+
#endif
DB_ATTR_TYPE db_out_attrs;
char *check_path;
RESTRICTION_TYPE check_file_type;
-
+
char* config_file;
char* config_version;
bool config_check_warn_unrestricted_rules;
@@ -160,7 +159,7 @@ typedef struct db_config {
int symlinks_found;
DB_ATTR_TYPE attr;
-#ifdef WITH_ACL
+#ifdef WITH_ACL
int no_acl_on_symlinks;
#endif
int warn_dead_symlinks;
Index: aide-0.18.6/src/do_md.c
===================================================================
--- aide-0.18.6.orig/src/do_md.c
+++ aide-0.18.6/src/do_md.c
@@ -45,7 +45,6 @@
#ifdef WITH_XATTR
#include <sys/xattr.h>
-#include <attr/attributes.h>
#ifndef ENOATTR
# define ENOATTR ENODATA
#endif
@@ -327,7 +326,7 @@ md_hashsums calc_hashsums(char* fullpath
}
void fs2db_line(struct stat* fs,db_line* line) {
-
+
line->inode=fs->st_ino;
if(ATTR(attr_uid)&line->attr) {
@@ -349,7 +348,7 @@ void fs2db_line(struct stat* fs,db_line*
}else{
line->size=0;
}
-
+
if(ATTR(attr_linkcount)&line->attr){
line->nlink=fs->st_nlink;
}else {
@@ -367,7 +366,7 @@ void fs2db_line(struct stat* fs,db_line*
}else{
line->ctime=0;
}
-
+
if(ATTR(attr_atime)&line->attr){
line->atime=fs->st_atime;
}else{
@@ -379,13 +378,13 @@ void fs2db_line(struct stat* fs,db_line*
} else {
line->bcount=0;
}
-
+
}
#ifdef WITH_ACL
void acl2line(db_line* line) {
acl_type *ret = NULL;
-
+
#ifdef WITH_POSIX_ACL
if(ATTR(attr_acl)&line->attr) {
acl_t acl_a = NULL;
@@ -438,7 +437,7 @@ void acl2line(db_line* line) {
acl_free(acl_d);
}
line->acl = ret;
-#endif
+#endif
}
#endif
@@ -600,4 +599,3 @@ void capabilities2line(db_line* line) {
void no_hash(db_line* line) {
line->attr&=~get_hashes(true);
}
-

406
aide.changes Normal file
View File

@ -0,0 +1,406 @@
-------------------------------------------------------------------
Thu Aug 3 08:40:38 UTC 2023 - Paolo Stivanin <info@paolostivanin.com>
- Update to 0.18.6:
* Fix double free() during report generation
* Improve handling of ACL errors
-------------------------------------------------------------------
Mon Jul 3 08:30:54 UTC 2023 - Paolo Stivanin <info@paolostivanin.com>
- Update to 0.18.5:
* Fix child directory processing on equal match
-------------------------------------------------------------------
Fri Jun 30 10:05:30 UTC 2023 - Paolo Stivanin <info@paolostivanin.com>
- Update to 0.18.4:
* Fix handling of extended attributes on symlinks
* Add missing ')' to log message
* Fix static linking of the aide binary
* Don't require database_out for --dry-init
* Remove strerror() calls from thread log messages
-------------------------------------------------------------------
Mon Jun 5 12:16:24 UTC 2023 - Andrea Manzini <andrea.manzini@suse.com>
- switched service macros from %systemd_* to %service_*
according to documentation at https://en.opensuse.org/openSUSE:Systemd_packaging_guidelines#Registering_unit_files_in_install_scripts
-------------------------------------------------------------------
Mon Jun 5 07:56:04 UTC 2023 - Andrea Manzini <andrea.manzini@suse.com>
- Update to 0.18.3:
* Handle readlink() errors
- Update to 0.18.2:
* Add warning if rules contain not compiled-in attributes
* Add missing lock for tree operations during file system scan
-------------------------------------------------------------------
Fri Mar 17 14:55:57 UTC 2023 - Dirk Müller <dmueller@suse.com>
- update to 0.18.1:
* Fix handling of empty growing files
* Fix segfault when using --dry-init
* Update README
- switch to pcre2
-------------------------------------------------------------------
Thu Feb 23 16:50:23 UTC 2023 - Paolo Perego <paolo.perego@suse.com>
- Update to 0.18
- Rename aide-0.17.3-as-needed.patch to and rebase aide-0.18-as-needed.patch
- Added autoconf and autoconf-archive as building dependencies due to an error
when reconfiguring the source
- Rebase aide-xattr-in-libc.patch
-------------------------------------------------------------------
Tue Mar 29 09:19:54 UTC 2022 - Paolo Stivanin <info@paolostivanin.com>
- Update to 0.17.4:
* fix CVE-2021-45417: precalculate buffer size in base64 functions (bsc#1194735)
-------------------------------------------------------------------
Thu Nov 4 10:51:25 UTC 2021 - Stefan Schubert <schubi@suse.de>
- Added aide.service and aide.timer in order to run
aide periodically in the background via systemd timer.
- aide-systemd.patch: hook in new manpages
-------------------------------------------------------------------
Fri Apr 2 07:03:22 UTC 2021 - Marcus Meissner <meissner@suse.com>
- added missing pcre-devel buildrequires.
-------------------------------------------------------------------
Wed Feb 24 13:45:59 UTC 2021 - Paolo Stivanin <info@paolostivanin.com>
- Update default config file to match v0.17
-------------------------------------------------------------------
Wed Feb 24 11:01:03 UTC 2021 - Paolo Stivanin <info@paolostivanin.com>
- Update to 0.17.3:
* BACKWARDS INCOMPATIBLE CHANGES
- '--verbose' command line option and 'verbose' config option are no
longer supported, use 'log_level' and 'report_level' options instead
- '--report' command line option is no longer supported, use
'report_url' config option instead
- 'ignore_list' config option is no longer supported, use
'report_ignore_changed_attrs' instead
- 'report_attributes' config option is no longer supported, use
'report_force_attrs' instead
- (restricted) regular rules must start with literal '/', i.e. the rule
cannot begin with a macro variable
- config lines must end with new line
- '@' and ' ' in the configuration are now escaped with '\', that means
to match a '\' you have to use four backslashes '\\\\' in your rules
- 'gzip_dbout=false' fails now with config error when no zlib support
is compiled in
- remove '--with-initial-errors' configure option
- remove PostgreSQL database backend support
- remove Sun ACL support
- remove config and database signing support
* Enhancements:
- add new '--log-level' command line option and 'log_level' config option
- introduce named log levels
- add new 'report' log level to help to debug rule matching
- add new 'config' log level to help to debug config and rule parsing
- aad new '--dry-init' command
- add new '--path-check' command
- add directory support for @@include
- add new @@x_include config macro
- add new @@x_include_setenv config macro
- add new default compound group 'H' (all compiled-in hashsums)
- add support for per-report_url options
- add new 'report_level' config option
- add new 'report_append' config option
- add exit code 21 for file lock errors
- add default config values, available hashsums and compound groups
to '--version' output
- add Linux capabilities support
- show changed attributes in 'different attributes' message
- enable 'gost' and 'whirlpool' checksums when using gcrypt
- add 'stribog256' and 'stribog512' gcrypt algorithms
- add config file names to log output
* Miscellaneous behaviour changes:
- 'report_summarize_changes': hashsum changes are now indicated with 'H'
- print '--help' and '--verion' output to stdout
- log messages and errors are always written to stderr
- initialise report URLs after configuration parsing
- allow empty values for macro variables
- SIGUSR1 now toggles debug log level
- fail on errors in regular expressions during config parsing
- fail on invalid URLs during config check
- Fail on double slash in rule path
- cache log lines when 'log_level' is not yet set
* Deprecations:
- 'database' config option is now deprecated, use 'database_in' instead
- 'summarize_changes' config option is now deprecated, use
'report_summarize_changes' instead
- 'grouped' config option is now deprecated, use 'report_grouped'
instead
- non-alphanumeric group names are deprecated
* Notable bug fixes:
- fix line numbers in log messages
- remove warning when input database is '/dev/null'
- correctly handle UTF-8 in path names and rules
- fix compilation with curl and gcrypt
- warn on unsupported hash algorithms
- improve large-file support
* Remove obsolete aide-attributes.sh script
* Remove outdated manual.html
* Update documentation
- Rename aide-0.16.1-as-needed.patch to and rebase aide-0.17.3-as-needed.patch
- Rebase aide-xattr-in-libc.patch
- Remove aide-define_hash_use_gcrypt.patch (no longer needed)
- Remove aide-dynamic.patch (no longer needed)
-------------------------------------------------------------------
Thu Jul 30 20:13:39 UTC 2020 - Matthias Eliasson <elimat@opensuse.org>
- Update to 0.16.2
Bug fixes:
* Fix handling of directory-restricted negative rules
* Don't lock '/dev/null' when used as output database
* Fix parsing of rules containing '?' quantifier
* Fix extended attributes support (xattrs)
* Fix processing of go files
Please note:
* The addition of the "trusted.*", "user.*" and the "security.*"
namespaces to the xattrs attribute might lead to a vast amount of
reported changed entries during your next AIDE run. You can use the
`report_ignore_changed_attrs` option (see aide.conf(5)) to ignore
changes of the xattrs attribute; but be aware that this will exclude
the expected but also the unexpected (potentially malicious) changes.
- Run spec-cleaner
-------------------------------------------------------------------
Thu Jul 11 13:03:25 UTC 2019 - <abergmann@suse.com>
- Remove not available gcrypt algorithm 7 DB_HAVAL (bsc#1098360).
Add aide-define_hash_use_gcrypt.patch
-------------------------------------------------------------------
Sun Mar 17 21:20:12 UTC 2019 - Matthias Eliasson <elimat@opensuse.org>
- Update to 0.16.1
* Move to GitHub
* Update documentation
* Bug fixes
- Upstream have moved to GitHub update URL and Source URLs accordingly
- Refresh patch: aide-xattr-in-libc.patch
- aide-0.16.1-as-needed.patch: replaces aide-0.16-as-needed.patch
- Some cleanup of spec with spec-cleaner
-------------------------------------------------------------------
Wed Jan 18 13:38:03 UTC 2017 - meissner@suse.com
- Updated to 0.16
- lots of bugfixes
- including regexp matching within subdirectories of expressions
- aide-0.16-as-needed.patch: replaces aide-0.15.1-as-needed.patch
- aide-no_m4_dir.patch: upstream
- aide.keyring: added from keyserver, cross checked key id on
http://aide.sourceforge.net/ and a signature from someone
I signed.
-------------------------------------------------------------------
Thu Jul 2 08:07:07 UTC 2015 - meissner@suse.com
- aide-dynamic.patch: avoid overwriting dl* functions, as we might
load libcrypto.so dynamically in FIPS mode.
-------------------------------------------------------------------
Wed May 28 21:51:58 UTC 2014 - crrodriguez@opensuse.org
- aide-xattr-in-libc.patch: Once upon a time, 10 years ago, basic extended
attribute functionality moved to libc, therefore libattr is most of the
time, not needed at all.
-------------------------------------------------------------------
Thu Jan 23 08:33:09 UTC 2014 - meissner@suse.com
- seperate a -test package to help with externalized testing.
-------------------------------------------------------------------
Wed Jan 15 14:11:14 UTC 2014 - meissner@suse.com
- aide.conf: Move from md5 and sha1 as default to sha256+sha512, also
to allow FIPS enabling with aide working. FATE#315925
-------------------------------------------------------------------
Fri Apr 26 11:26:37 UTC 2013 - mmeister@suse.com
- Removed AC_CONFIG_MACRO_DIR([m4]) from configure.in to fix
build with new automake: aide-no_m4_dir.patch
-------------------------------------------------------------------
Wed Jan 4 13:34:11 UTC 2012 - crrodriguez@opensuse.org
- libmhash development was abandoned in 2007, so it is time
for it to go into the library heaven, use libgcrypt instead.
-------------------------------------------------------------------
Fri Dec 2 06:21:56 UTC 2011 - coolo@suse.com
- add automake as buildrequire to avoid implicit dependency
-------------------------------------------------------------------
Sat Sep 17 10:50:07 UTC 2011 - jengelh@medozas.de
- Remove redundant tags/sections from specfile
- Add missing call to make
- Use %_smp_mflags for parallel build
-------------------------------------------------------------------
Fri Oct 01 15:12:21 CEST 2010 - freespacer@gmx.de
- updated to version 0.15.1
- Ignore changed file name if attributes does not match
- Allow absence of DB_CHECKINODE if file name has changed
- renew patch
-------------------------------------------------------------------
Tue Aug 10 17:12:56 CEST 2010 - meissner@suse.de
- updated to 0.15
- lots of fixes and some new stuff
-------------------------------------------------------------------
Fri Apr 30 00:40:34 CEST 2010 - ro@suse.de
- make aide check verbose to get started
- add sleep and sync to fix build
-------------------------------------------------------------------
Wed Aug 26 12:53:54 CEST 2009 - mls@suse.de
- make patch0 usage consistent
-------------------------------------------------------------------
Wed Jun 17 19:43:10 CEST 2009 - crrodriguez@suse.de
- fix build when as-needed is a default liker option
-------------------------------------------------------------------
Mon Jan 5 14:19:26 CET 2009 - meissner@suse.de
- fixed abort on check/update by removing the hash requirement bnc#406597
- fixed version output bnc#463511
- enhanced testcase to also run one aide --check
-------------------------------------------------------------------
Fri Aug 22 09:48:36 CEST 2008 - meissner@suse.de
- enabled SELinux support [Fate#303662]
- enabled curl
- disable static (does not make much sense)
-------------------------------------------------------------------
Tue Feb 12 11:26:20 CET 2008 - meissner@suse.de
- Version 0.13.1
* Fixed bug with reading gzipped aide.db files
* Removed dead ustat code
- Version 0.13
* Added support for selinux and xattr attributes
(kindly contributed by Red Hat)
* Added support for the Linux Audit System
(kindly contributed by Red Hat)
* Fixed usage of libgcrypt instead of libmhash
* Added file locking for output files
* Fixed bugs
- Version 0.12
* Fixed bugs
* Allow http/https/ftp URLs through libcurl
* Support posix_fadvice() to avoid caching files
- enabled ACL and XATTR support
-------------------------------------------------------------------
Thu Mar 29 10:13:37 CEST 2007 - meissner@suse.de
- buildrequires flex,bison
-------------------------------------------------------------------
Thu Apr 13 13:06:36 CEST 2006 - meissner@suse.de
- run aide --init as test
-------------------------------------------------------------------
Mon Feb 20 11:16:00 CET 2006 - mge@suse.de
- update to 0.11
- fixes bug #149059
-------------------------------------------------------------------
Wed Jan 25 21:34:08 CET 2006 - mls@suse.de
- converted neededforbuild to BuildRequires
-------------------------------------------------------------------
Sat Jan 14 22:08:31 CET 2006 - schwab@suse.de
- Don't strip binaries.
-------------------------------------------------------------------
Fri Mar 18 15:46:21 CET 2005 - mge@suse.de
- fixes #71272 - aide-0.10-47 config files not yet converted to utf8
-------------------------------------------------------------------
Mon Jan 26 11:16:41 CET 2004 - mge@suse.de
- upgrade to 0.10
- #33600: more usable default aide.conf
(thanks to Dirk Mueller <dmuell@gmx.net>)
- example-cron-job
-------------------------------------------------------------------
Sat Jan 10 22:05:03 CET 2004 - adrian@suse.de
- build as user
-------------------------------------------------------------------
Wed Nov 13 01:36:35 CET 2002 - ro@suse.de
- fix build for current bison
-------------------------------------------------------------------
Thu Aug 15 16:11:22 CEST 2002 - mge@suse.de
- update to 0.9
-------------------------------------------------------------------
Mon Apr 9 11:30:55 CEST 2001 - ro@suse.de
- don't use macro for version
- remove obsolete macros
-------------------------------------------------------------------
Wed Nov 22 13:00:27 MET 2000 - mge@suse.de
- created PAC files
- make SPEC file 7.0 compliant
-------------------------------------------------------------------
Sat Jul 15 22:06:58 MEST 2000 - mge@suse.de
- initial SuSE RPM, config file /etc/aide.conf
-------------------------------------------------------------------
Wed Jan 26 00:00:00 MEST 2000 - Matthew Kirkwood <weejock@ferret.lmh.ox.ac.uk>
- Fixes for RH 6.1 and sysconfdir changed to /etc and /var/lib/aide added
-------------------------------------------------------------------
Sun Sep 12 00:00:00 MEST 1999 - Rami Lehti <rammer@cs.tut.fi>
- Some small changes to make this autogeneratable by configure.
-------------------------------------------------------------------
Sat Sep 11 00:00:00 MEST 1999 - Zach Brown <zab@redhat.com>
- First go

85
aide.conf Normal file
View File

@ -0,0 +1,85 @@
#
# AIDE _Example_ Configuration
#
# Thanks to the Debian people and Dirk Müller <dmuell@gmx.net>
#
# Use at your own risk!
#
# Matthias G. Eckermann <mge@suse.de>
#
#
# Configuration parameters
#
database_in=file:/var/lib/aide/aide.db
database_out=file:/var/lib/aide/aide.db.new
report_url=stdout
warn_dead_symlinks=yes
#
# Custom rules
#
Binlib = p+i+n+u+g+s+b+m+c+sha256+sha512
ConfFiles = p+i+n+u+g+s+b+m+c+sha256+sha512
Logs = p+i+n+u+g+S
Devices = p+i+n+u+g+s+b+c+sha256+sha512
Databases = p+n+u+g
StaticDir = p+i+n+u+g
ManPages = p+i+n+u+g+s+b+m+c+sha256+sha512
#
# Directories and files
#
# Kernel, system map, etc.
/boot Binlib
# watch config files, but exclude, what changes at boot time, ...
!/etc/mtab
!/etc/lvm*
/etc ConfFiles
# Binaries
/bin Binlib
/sbin Binlib
# Libraries
/lib Binlib
# Complete /usr and /opt
/usr Binlib
/opt Binlib
# Log files
/var/log$ StaticDir
#/var/log/aide/aide.log(.[0-9])?(.gz)? Databases
#/var/log/aide/error.log(.[0-9])?(.gz)? Databases
#/var/log/setuid.changes(.[0-9])?(.gz)? Databases
/var/log Logs
# Devices
!/dev/pts
/dev Devices
# Other miscellaneous files
/var/run$ StaticDir
!/var/run
/var/lib Databases
# Test only the directory when dealing with /proc
/proc$ StaticDir
!/proc
# manpages can be trojaned, especially depending on *roff implementation
#/usr/man ManPages
#/usr/share/man ManPages
#/usr/local/man ManPages
# check sources for modifications
#/usr/src L
#/usr/local/src L
# Check headers for same
#/usr/include L
#/usr/local/include L

112
aide.keyring Normal file
View File

@ -0,0 +1,112 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBE4J+9wBEADaOHrCu7XWLSs4RzDPQMv4vCdtMASJJFBzXZzxaqUaDTZpwOxR
6wMw8PFwC0UphzbX/UBSZ1Q+31Xq0sCMOBfKA4hFVY7uDwLqommVVrctlvpcKNa4
O1lov0pg7yessUnaidO+DoJ2SJW7pvvXcI6FWLXNENzsOWL8zzgIXrkU73hV3moL
yrfPXwwj+tppSXeOg7HgxRSUfoqKwVkCdtQEyvBI1ue33jhwL1/9RUg4m8ph2unk
QXJIloivIu7Yv0S3TgcbNzJJ7V1B/M+v1EjVKhtImp1iocxLctzE5d9G2MKfpAkg
c/9McV9+KdflpS5gWZIMHHKnsJ0dzh/LZGKi47298W0h4ce3BM9gGetNyu1f7hQi
9pumoUeMymkuPeuQv3NaecLY9LSvAF9KLWRwXXxoihDYlr4cbpMyS4jT/nFCd3cu
5CXBBIoeO2w+bpxs16LD83MQdg9vRKC77sgOC/O+gWIJDh31l4aystomOOHek069
pWoOb1aIbFtaSYtVntyZ8DmyoDWvB3b/PXbxle5CkN/NPw9VDjZxqPSliTdUf1LG
EDPx22fFTHfMhjgC5XqceoWWCmvqy+4grHaLSkYKimI1DlhhVH6jYnhfBzcWDb4n
LyoRGOAKa0FurW5//I78wpkZCvTA4lTvJPHBI77+HlfiDjuuCMdFbyp6GQARAQAB
tCtIYW5uZXMgdm9uIEhhdWd3aXR6IDxodmhhdWd3aXR6QGRlYmlhbi5vcmc+iQJU
BBMBCgA+AhsBBQsJCAcDBRUKCQgLBRYCAwEAAh4BAheAFiEEK7vTD6qymzJTvPum
9pR9q2jnuTEFAmR8KDkFCRw1asMACgkQ9pR9q2jnuTH0/xAAgl3mNLOdSvUwTC6d
raw8jeQE2CmFroUVTvmMl3Ukwz946K/ba+eD8QZaFhcQ3UltxvCur518+EBo9nJ9
WvBnd/Oi3j2ReL5Md038vrlXPd/lchK9RpOtrGIAraLk76rpPgnD9dVucqJpWL2M
gyTrjVyoaAzp2nJysENP1bBczDxduTSiahz6S7vAjb3IXRhrMrX3dQg3EBDloJFZ
mkoFYwnqdNzshqad8ehMaKc6doFg66DuEAilueESYBNLNNmqZqQD3in14DEDR9bj
b3XjFKTuf78ptTAf8ZsU9VrU+XCfx2o74kbfnOvkhMzGOIYX0B/z+06YV60GvFrD
UerXOZN4V5izVEdTkcHx0f+3SVnMieY1EGi3O+1dtvGeHS4qiuJPVOHlXPNoMjsX
McZNcNe4V0w1XO9tWRboM4lPM9gfz88gy1hO04y5NcNUq9JJi/RioOEFkcXs/Y0N
G8wOvHeBJ2mDJs7Gv06mmgFUrh1TwCiXw0+877nQpYfuL0h1zrsOC9Zvxqpm34Z5
h5+HXD3RIbjkNjX7uQZKOEKNa+7P94XssZNOdsL2O6kw2NB/Hek0NatDq6O1yUwj
J9dx+VhX/suMXxPGW/ls36oiUZ1R7CV2Aya8YwIybTZWPK8gDec6uhkHH5O5e4I2
guzttrtrKHJklOP9KIG8rE000Z20LEhhbm5lcyB2b24gSGF1Z3dpdHogPGhhbm5l
c0B2b25oYXVnd2l0ei5jb20+iQJXBBMBCgBBAhsBBQsJCAcDBRUKCQgLBRYCAwEA
Ah4BAheAAhkBFiEEK7vTD6qymzJTvPum9pR9q2jnuTEFAmR8KB8FCRw1asMACgkQ
9pR9q2jnuTEepw//ZGDHnwD8XVr3N0Ky6HoM1Jzoa+WiUQaFkrGIf7evyy27gTwH
fsI2Eupnrd6rBV8Osy5iGSlxP3tsg08pR7zvOxfMXSDuvcWabxQtNDTkpG47SSne
zHUup5ptFVrcggMXjKGnEq0WvNlB53qFdbg4og8K1BTT5/zwNcVp3PewGpyU6mu4
xqdX+Ezt9oSpJ3c/UZBZD1lCEQQRD4ZubyxDJVTdQISCotkEe/SV5Pf9p29KTlMZ
ZINVR/eBYldQ+KO1E2GMheqpsnOP7Z9XMYCY9W3VyjJi1HSkJrzouRdlhPSwOsep
Y4zH58dwZJn5WMPRTsS7dMVqBndcWoYWjWILk/MXWj6Z+IYV0ffwfo23Aprh/EvB
IHfbG0yuys6CgvxfPZlMAJnG3bw/5IRRbWVBD/hWDEu7gzxBV0RnBBdBZJnEhBly
xJEPTPjkumGDjrwSTPe1UFUHBxgwVBm/+bo30rU3R8ggtGjCwM9un5e+zZlw/6Y9
TLmWc8lWqTRnWD+7zFG+Cr1Rm/YgV3OmwX5v1bYNOORYVoj0wNx4qSe3VrW15SGz
rYu9LAQLvd1gFOZPjIXdL9x8nTQ3rNAQz6gl7hIUo0pKb3YLHM/vG2uVA7nK155j
BiC9w/8A3YR0Q7jikbLRl9YtSvkaAPeQ6qU7C1cCWaQhOcqVMZ10V2yU8zi5AY0E
Tgn8cgEMAM6Nv21neMk8LSH2HPDirz0w0UWnpkqdmk1oPCw+b4SILyJwNnOi1G5N
OP9ubGLDgr1HIzVnG18k429rScgKK9gddT0dqFmmQnFvGAVaMQPTNQVZFvPiZ27j
DjwupwcN5vnMlZ6Hqwk4vwTDqVi0qQ3lOnPYa9p4VLRmZO5a1A1F+CJsczifmohM
nCsbcoB1iqBV3/YgQa/RW2Gqjecq/g9fmvIMgj0+O03PAp4KGizRAhcBTkebpVrR
GedM9wFtn+rXNJ0PzVt0Ez2yJ+0FIKn0o/dT40h6oSDdXOce0WIW+jcAkKtpzTkf
9bleRqfRDYz2tvLbRrij1EO5POj6Z54BA/lzTCZFz9IRkrvOHyzPr6C5aP1BOJGd
NhWLXNuuxykMFyoQ591qSetDFH6egnjIFaIR7TNZITew49cZi1ZcYaIEb00EdjlR
6gMzX/WOA/tptfAcaK4r8A5NnDh0cxcaGQPN9WMtcyeWIJogFFMTC07YXB13l4yU
d/WfXI2l6QARAQABiQPbBBgBCgAmAhsCFiEEK7vTD6qymzJTvPum9pR9q2jnuTEF
AmR8KHMFCRpUNwEBqcDdIAQZAQgABgUCTgn8cgAKCRAY7oY4YCLvV/x3C/44CpgL
VRUZT8bxDp7ZjIpyxTB43f+tpGlykSFMYS3/Cw/i7ar1fjoAeVonXAp0PpqeuJ9w
+p9r3UWPZeVlmibYybLujnNDnV6RmeNtzc4HUtgPP/s7rynU6RFX46T5YRUBo/aC
hjFcWVi+YUaNfBdgaKyf4INWtuNTndLXlOJkuqGCikKOuuwReJ4pvs49whVj9Nug
jsotEf4/+tzsrCIWLtSF2BI/Fz0xV2vlmCzsB5fN4nC/ksaaXAL7jHwaUbTMLJ3W
9pcqBzyUd5CEMlE0bwPihyVItLLdTErbuN7M5v3iYSRakRzm0xCpyb01Ho/KWsTW
znaGh3XK6e05Avss8mIaju+Zf/Vk+oLNzGqI+YAgczWyK82yDbuxXfWauBI32nmF
XDwqN8pvPGGEm8BgMQxfKnV0mt3BezPTYBSuPw22+wVbao3xMJSIlIbFitw2ZOSL
mit64IYYVGaWr3awn65MSK/Db9SRaGv52gOR6ylDul7wkjNE8ohlaos0y9sJEPaU
fato57kxHA8QANbsBb9seSTd0jNBsqsSh2QWWaFU55DRSixz4AiTQZOwxQ6Bv0gi
gnWbKmPNuxzUXfTTK1PG8z7R3tfTObXFslrwjLmnZR0o7EYz9wJKLGBFhSxa+KJZ
chTRrWI7AALbBULgAgxP9nOLni1cRD+NhKfbipsph4jB97fgTqOi4Fglp5E7aC+8
tfLiVgi3g8c+IWRgO4T1PT0JWzy/V78j1C+sv343zjtvwZAk35Z7mfX6KSjFsTWG
CFUSLT9FzgvJfTvlaneNdaE9mT1Ldb/2O2J1BF2FzL1EkQBVBkS83r3EtdN/tuZl
nJk+E1IrJ63ilgkzmM38SeGvwj7K8lK/EuRT3/+qTD1/f6uGOE8DNqi6CF8gi1bP
zDGfN1EbyR3ZQmfNey6nMBYDkS0bmAtNrvifeiVpwvNcRBHhCnpsOSZGPVEsJ2Wo
AslY0FOkgF+CUrxUb9TpCKY+9eXgQhCk3EqR7f0rKgsCp8w4Vbp4R0jII7jzrDkQ
x0mN2gbKz2PsJPxnQkEBFxfrVq/aMGyDsVL0Vz6K/MZWvUKheaLeatVudntE/Vso
lC9G3UsAAMDChecOrAnge/kyySqosJcfvfCvgLLxZlHHv+QWpFDaaQE9JZdDuaru
GkA33Xp0WFc0GhiEfnBR4iqoAqtdb8rp+vPQiA6sHu13NkThfsSiQn4CuQGNBE4J
/TQBDACoLGAOK8w/Mv1B3SZN/mfUYXgjJnOS1lqCNdKRG8MVQQCBVEe9QPU8yavh
/MpraEvPZhz6WSg7k1pHNMbKsDfv80ZX5WM95uMN69nmF/l+qo+eBJU8YIHWabkv
MSWTBeD1roo8CwHOl102ajgo0XzhCqeb4MkUCZCZxdTaoHcD+IW+4IbajozgzTYV
EQnyJdZwmB/EjRAncKDNCDoimHzjENQ9KOO/cPoGTFNfy9czoAmOY8gWt7b4wELD
Mx/tP06V3n9Zjpxx+sBId9xDv+Yd+JSJHbNk8FxQtRtZVGNv7SP0rIWv3AP+d93k
t/djtijzFTS5JxFViJtjwsDMdXQYnb+ReP4Jza5gLr/8gjbCRlLv/Bh1D9SyXFmf
tEcZyhJIUU2b2ybdCkwg/BdouoQxHN94bESy686djt1wiXLZa6s4jiFuMA3qfF+K
HDIbdjMBZzi0+XgJwwiqLlRkvLiG8/mGCijwFY+zzZ2lxKCOAEo8bUexOBz16Sw1
Fj55vgsAEQEAAYkCPAQYAQoAJgIbDBYhBCu70w+qspsyU7z7pvaUfato57kxBQJk
fCiTBQkaVDZfAAoJEPaUfato57kxgtEQAMqDVz4YzHUHI6jvJTm+SQQP3TnNJLsi
MQshA+651W7dTgmIWKKEgXiuvQ33WWRDc3GoTC/TVGLXA1BNBejTJmtStsyQ+RVp
a4Y7KIPA3Va90IzPMqFUQztQgh689h+NIqgJovLmyZBmzIZ5f+LllfQ4ZCfeyBTz
qWbX8cDxP1hyD7ifd6IXuPtr7sycmPCHnhisttM/6WxCOgS3fmJuFjBaO3qB8nOz
vPRSsiYdBBpXd6v6GGJ3UhcBsYdAkVj9iQdkIkok3d9NnDlHklfjfE6Uj+MYEIzn
UOcQNOf3d0tlEYE5B1lUijYIJ5b0sdGl2z2PzQlJvvKIQrVKsc0KYiK61kbh6Tu+
ldiiozyodUN3T6J82BSJp1blsRFnWK6kpaDz0geG275jViIuPnYIeVKSLFVvh0ji
Y0MxBv5kyKBpz33Y40tIdrGRo7Q3t07jACzyJT3aurKCnMK4jV/dPA45FunoAIck
16HTK8ShDQuEXP4Pu80z0Wv5V5MDRnJ0g/XhXjpNxNlhKvPEytIhDAVShWP0Rccp
J4ewy3QyapnS5FhldVHYQGowvpS8fS7MX8cqTDC83be0wcOKIGSjL6dQbVpXFT0/
DV57ejodQ1OIFfKMtqLPqndQdU3BGxHh+1mD7XIR2H70vwXW0/vKG4yy0kMLEZ67
gilA4+BAW5U+uQGNBE4J/a0BDADFSeNMstJh2Sx8LlLxTVoBVSPdm2G15kBsikDG
pWN4LiscKQT4Rmzi0uBuA1z+kD+eA+4G2nCqM7xO0RJAPLQi2zcfehdrbdwDBsFb
eCTe2lnbLqGodn0ff7YDlCyopKszgINOQQwXr4VSqG7cOGDGC38taaX5UBR7XJs0
DMb4Hg0Oer7kN3kfSnOwihfS9lgunFIp3dNN1iUEp1NAVOyJhS//4zGh5EYiTd7y
QYQC21H6eiJTmnnvLm/nskiBeR4RFm8ozGAizcji+qwjR1AeeM7ifoIxtuVFH23A
Y7KGzId4y4Bh+Ni8uQO1eTGcc2XITAj5oFdYdC61wJ3B2i1w24gAYNqAJ8bodnYA
JatFRncuaYT6X5bNKHGT+u4KqedR55njEP7XxkXyfL06gI4ri1ef22d8X0kJIY3d
d2LD81qGfAEU8Q/qboPdeaVEtG0FfMCTqQ1yyct1jkbKZMUK/EPompgUZb6JTQov
bRGUPZFbhpq8nVAsu+jRRPVFzmkAEQEAAYkCPAQYAQoAJgIbIBYhBCu70w+qspsy
U7z7pvaUfato57kxBQJkfCiTBQkaVDXmAAoJEPaUfato57kx2aoQAMmvNTQYIRZE
GbUnHhfDlPKFHuQWUTZNgn8QzksUUF6JORdCoU3MqN/6Z2nHQ3LLiM07a9byk7zh
+W3K3J//UzZ24p5FfC3YOKzIOBP08Ij0EvuCajCeR5o/P7zHu5WBhoEgr5tEnFQC
oaeWdeL5GEBRrSmntUivhSUxWs0ntqk4cC0ncRgUb+28ZBGNa0ljqYoiatIHkTpR
E9RgJiaUsnmE5THkZ3xcvIemNFRjzQ5CjP65zlRbfrCJXsYiXF1gcOIPFoKaxtBi
w5HkgVd7cmHzClCkq/RTM+dDVo3V9b3zHB//1D8XwiQWvF7gMYymCCrnH+onKPi4
XCDrCfm6toP6fEQa/nPJ92JtQiPLDpu1AxfpwNfZV/FIApNGuZ/Egs3sK7aVI76B
jvQs4chZUYfIY6axIJYceceXg1SFqiv15vjXLXi3RrtN7HaCDOCpSMQUG6gJ4dRh
VsKHK+wkqCmiIAPQt8rYkabev5dg+B+LGjj6oCmUyrCaoXubnkuX7pFqOCMDUw2b
ihb2H4k48HVxZdke3d4wPgq0oPCx3/04vFExq3PqOW9s0MTIC0XOY9GXJwJcFumQ
suOSVzMPRvWnBQnJYTfBtWehaxHG5dqNdOsNTdFfPfeD/qtHQ56RyYoqjZ87IY7q
E5GuuIiJTEypzeYfM0OkPPmPL4ku3B5J
=MtRc
-----END PGP PUBLIC KEY BLOCK-----

10
aide.service Normal file
View File

@ -0,0 +1,10 @@
[Unit]
Description=Checking system for changed files
Documentation=man:aide(1)
After=local-fs.target
[Service]
Type=oneshot
ExecStart=/bin/sh -c "/usr/bin/aide --check --config=/etc/aide_service.conf; exit 0"
IOSchedulingClass=idle
IOSchedulingPriority=7

24
aide.service.8 Normal file
View File

@ -0,0 +1,24 @@
.TH AIDE.SERVICE 8 "2021-02-10" "aide v0.17.3" "systemd environment"
.SH NAME
\fBaide\fP \- Advanced Intrusion Detection Environment
systemd environment
.SH SYNOPSIS
aide.service
aide.timer
.SH DESCRIPTION
For easier maintenance of big clusters, aide can be run by systemd.timer(5) in regular intervals.
The specific time can be set in /usr/lib/systemd/system/\fBaide.timer\fR (tag OnCalendar) or can be configured in /etc/systemd/system/aide.timer.d/local.conf. See systemd.unit(5) for more information.
The timer can be manually started via the call "systemctl start aide.timer" or can be started while the boot process which has been enabled by the call "systemctl enable aide.timer".
The result of the check will be written to "/var/log/aide_service.log". This can be set in the file /etc/aide_systemd.conf.
.SH HINT
Keep in mind that you have to init the database with the call "aide --init ; cp /var/lib/aide/aide.db.new /var/lib/aide/aide.db" at first before you are starting this service.
.SH SEE ALSO
.BR aide (1)
.BR aide.conf (5)

166
aide.spec Normal file
View File

@ -0,0 +1,166 @@
#
# spec file for package aide
#
# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
Name: aide
Version: 0.18.6
Release: 0
Summary: Advanced Intrusion Detection Environment
License: GPL-2.0-or-later
URL: https://aide.github.io/
Source0: https://github.com/aide/aide/releases/download/v%{version}/aide-%{version}.tar.gz
Source100: https://github.com/aide/aide/releases/download/v%{version}/aide-%{version}.tar.gz.asc
Source1: aide.conf
Source2: aide-cron_daily.sh
Source3: aide-test.sh
Source4: aide.service
Source5: aide.service.8
Source6: aide.timer
Source7: aide.timer.8
Source8: aide_service.conf
Source43: aide.keyring
Patch1: aide-0.18-as-needed.patch
Patch2: aide-xattr-in-libc.patch
Patch3: aide-systemd.patch
BuildRequires: autoconf
BuildRequires: autoconf-archive
BuildRequires: automake
BuildRequires: bison
BuildRequires: curl-devel
BuildRequires: flex
BuildRequires: gzip
BuildRequires: libacl-devel
BuildRequires: libgcrypt-devel
BuildRequires: libselinux-devel
BuildRequires: pcre2-devel
BuildRequires: pkgconfig
BuildRequires: systemd-rpm-macros
BuildRequires: zlib-devel
%description
AIDE is an intrusion detection system that checks file integrity.
%package test
Summary: Simple AIDE testing
BuildArch: noarch
%description test
Simple AIDE test script for externalized testing.
%prep
%setup -q
%patch1 -p1
%patch2 -p1
%patch3 -p1
%build
autoreconf -fiv
%configure \
--with-config_file=%{_sysconfdir}/aide.conf \
--with-dbhmactype=md5 \
--disable-static \
--enable-lfs \
--with-posix-acl \
--with-xattr \
--with-selinux \
--with-curl \
--with-zlib \
--with-gcrypt \
--without-mhash
# --enable-forced_configmd
%make_build
%install
%make_install
install -m 700 -d %{buildroot}%{_localstatedir}/lib/aide
install -m 700 -d %{buildroot}%{_sysconfdir}
install -m 700 -d %{buildroot}%{_unitdir}/
install -m 700 -d %{buildroot}%{_mandir}/man8
install -m 600 %{SOURCE1} %{buildroot}%{_sysconfdir}/aide.conf
install -m 700 %{SOURCE3} %{buildroot}%{_bindir}/
install -m 644 %{SOURCE4} %{buildroot}%{_unitdir}/aide.service
install -m 644 %{SOURCE6} %{buildroot}%{_unitdir}/aide.timer
install -m 644 %{SOURCE5} %{buildroot}%{_mandir}/man8/aide.service.8
install -m 644 %{SOURCE7} %{buildroot}%{_mandir}/man8/aide.timer.8
install -m 600 %{SOURCE8} %{buildroot}%{_sysconfdir}/aide_service.conf
gzip -9 %{buildroot}%{_mandir}/man8/aide.service.8
gzip -9 %{buildroot}%{_mandir}/man8/aide.timer.8
mkdir -p doc/examples%{_sysconfdir}/cron.daily/
cp -a %{SOURCE2} doc/examples%{_sysconfdir}/cron.daily/aide.sh
%pre
%service_add_pre %{name}.service %{name}.timer
%post
if ! grep -q "database_in" %{_sysconfdir}/aide.conf ; then
# with the 0.17 update some backward incompatible changes were made to the config file. Therefore, we have to adapt those parameters, otherwise the program will fail
sed -i 's/database=/database_in=/' %{_sysconfdir}/aide.conf
sed -i '/verbose=/d' %{_sysconfdir}/aide.conf
sed -i 's/\t/ /g' %{_sysconfdir}/aide.conf
fi
%service_add_post %{name}.service %{name}.timer
%preun
%service_del_preun %{name}.service %{name}.timer
%postun
%service_del_postun %{name}.service %{name}.timer
%check
rm -rf %{_localstatedir}/tmp/aide-test
mkdir %{_localstatedir}/tmp/aide-test
export TESTDIR=%{_localstatedir}/tmp/aide-test
%make_build DESTDIR=$TESTDIR install
install -m 700 -d $TESTDIR%{_localstatedir}/lib/aide
install -m 700 -d $TESTDIR%{_sysconfdir}
install -m 600 %{SOURCE1} $TESTDIR%{_sysconfdir}/aide.conf.new
sed -e "s#%{_localstatedir}/lib/aide#$TESTDIR%{_localstatedir}/lib/aide#g" <$TESTDIR%{_sysconfdir}/aide.conf.new >$TESTDIR%{_sysconfdir}/aide.conf
if ! grep -q "database_in" %{_sysconfdir}/aide.conf ; then
# with the 0.17 update some backward incompatible changes were made to the config file. Therefore, we have to adapt those parameters, otherwise the program will fail
sed -i 's/database=/database_in=/' $TESTDIR%{_sysconfdir}/aide.conf
sed -i '/verbose=/d' $TESTDIR%{_sysconfdir}/aide.conf
sed -i 's/\t/ /g' $TESTDIR%{_sysconfdir}/aide.conf
fi
$TESTDIR/usr/bin/aide -D -c $TESTDIR%{_sysconfdir}/aide.conf
sleep 2
sync
sleep 2
$TESTDIR/usr/bin/aide -c $TESTDIR%{_sysconfdir}/aide.conf --init
mv $TESTDIR%{_localstatedir}/lib/aide/aide.db.new $TESTDIR%{_localstatedir}/lib/aide/aide.db
$TESTDIR/usr/bin/aide -c $TESTDIR%{_sysconfdir}/aide.conf --check --log-level=info
rm -rf $TESTDIR
%files
%license COPYING
%doc AUTHORS ChangeLog NEWS README doc/examples
%{_bindir}/aide
/%{_mandir}/man1/aide.1.gz
/%{_mandir}/man5/aide.conf.5.gz
%{_localstatedir}/lib/aide
%config(noreplace) %{_sysconfdir}/aide.conf
%config(noreplace) %{_sysconfdir}/aide_service.conf
%{_unitdir}/aide.service
%{_unitdir}/aide.timer
%{_mandir}/man8/aide.timer.8*
%{_mandir}/man8/aide.service.8*
%files test
%{_bindir}/aide-test.sh
%changelog

12
aide.timer Normal file
View File

@ -0,0 +1,12 @@
[Unit]
Description=Checking system for changed files
Documentation=man:aide(1)
After=local-fs.target
[Timer]
OnCalendar= daily
AccuracySec=12h
Persistent=true
[Install]
WantedBy=timers.target

1
aide.timer.8 Normal file
View File

@ -0,0 +1 @@
.so aide.service.8

79
aide_service.conf Normal file
View File

@ -0,0 +1,79 @@
#
# AIDE Configuration file for systemd service aide.service
#
#
# Configuration parameters
#
database_in=file:/var/lib/aide/aide.db
database_out=file:/var/lib/aide/aide.db.new
report_url=file:/var/log/aide_service.log
warn_dead_symlinks=yes
#
# Custom rules
#
Binlib = p+i+n+u+g+s+b+m+c+sha256+sha512
ConfFiles = p+i+n+u+g+s+b+m+c+sha256+sha512
Logs = p+i+n+u+g+S
Devices = p+i+n+u+g+s+b+c+sha256+sha512
Databases = p+n+u+g
StaticDir = p+i+n+u+g
ManPages = p+i+n+u+g+s+b+m+c+sha256+sha512
#
# Directories and files
#
# Kernel, system map, etc.
/boot Binlib
# watch config files, but exclude, what changes at boot time, ...
!/etc/mtab
!/etc/lvm*
/etc ConfFiles
# Binaries
/bin Binlib
/sbin Binlib
# Libraries
/lib Binlib
# Complete /usr and /opt
/usr Binlib
/opt Binlib
# Log files
/var/log$ StaticDir
#/var/log/aide/aide.log(.[0-9])?(.gz)? Databases
#/var/log/aide/error.log(.[0-9])?(.gz)? Databases
#/var/log/setuid.changes(.[0-9])?(.gz)? Databases
/var/log Logs
# Devices
!/dev/pts
/dev Devices
# Other miscellaneous files
/var/run$ StaticDir
!/var/run
/var/lib Databases
# Test only the directory when dealing with /proc
/proc$ StaticDir
!/proc
# manpages can be trojaned, especially depending on *roff implementation
#/usr/man ManPages
#/usr/share/man ManPages
#/usr/local/man ManPages
# check sources for modifications
#/usr/src L
#/usr/local/src L
# Check headers for same
#/usr/include L
#/usr/local/include L