#
# spec file for package audit-secondary
#
# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via http://bugs.opensuse.org/
#


# This package contains all audit functionality except for audit-libs. 
# The seperation is required to minimize unnecessary build cycles.

%define 	_name audit

Name:           audit-secondary
BuildRequires:  gcc-c++
BuildRequires:  openldap2-devel
BuildRequires:  pkg-config
BuildRequires:  python-devel
BuildRequires:  swig
Summary:        Secondary packages for audit
License:        GPL-2.0+
Group:          System/Monitoring
Version:        2.4.1
Release:        0
Url:            http://people.redhat.com/sgrubb/audit/
Source0:        http://people.redhat.com/sgrubb/audit/%{_name}-%{version}.tar.gz
Patch1:         audit-plugins-path.patch
Patch2:         audit-no-gss.patch
Patch3:         audit-no_m4_dir.patch
Patch4:         audit-allow-manual-stop.patch
Patch5:         audit-ausearch-do-not-require-tclass.patch
BuildRoot:      %{_tmppath}/%{name}-%{version}-build
BuildRequires:  audit-devel = %{version}
BuildRequires:  autoconf >= 2.12
BuildRequires:  gcc-c++
BuildRequires:  kernel-headers >= 2.6.30
BuildRequires:  libtool
BuildRequires:  systemd-rpm-macros
BuildRequires:  tcpd-devel
BuildRequires:  pkgconfig(libcap-ng)

%description
Secondary packages for system auditing.

%package -n audit
Summary:        User Space Tools for 2.6 Kernel Auditing
License:        LGPL-2.1+
Group:          System/Monitoring
Requires:       %{_name}-libs = %{version}
Requires:       coreutils
%{?systemd_requires}

%description -n audit
The audit package contains the user space utilities for storing and
processing the audit records generated by the audit subsystem in the
Linux 2.6 kernel.

%package -n audit-libs-python
Summary:        Python Bindings for libaudit
License:        LGPL-2.1+
Group:          System/Monitoring
%py_requires

%description -n audit-libs-python
The audit-libs-python package contains the bindings for using libaudit
by python.

%package -n audit-audispd-plugins
Summary:        Default plugins for the audit dispatcher
License:        GPL-2.0+
Group:          System/Monitoring
Requires:       openldap2

%description -n audit-audispd-plugins
The audit-audispd-plugins package contains plugin components for the
audit dispatcher (audispd).

%prep
# remove selinux policy
rm -rf audisp/plugins/zos-remote/policy
# we don't build prelude
rm -rf audisp/plugins/prelude
%setup -q -n %{_name}-%{version}
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%build
autoreconf -fi
export CFLAGS="%{optflags} -fno-strict-aliasing"
export CXXFLAGS="$CFLAGS"
export LDFLAGS="-Wl,-z,relro,-z,now"
# no krb support (omit --enable-gssapi-krb5=yes), see audit-no-gss.patch
%configure --sbindir=/sbin --enable-systemd \
           --libexecdir=%{_prefix}/lib/%{_name} \
           --with-apparmor --with-libwrap --with-libcap-ng=yes \
	   --disable-static --with-pic
%{__make} %{?_smp_mflags}

%install
mkdir -p $RPM_BUILD_ROOT/{sbin,etc/{audispd/plugins.d,init.d}}
mkdir -p $RPM_BUILD_ROOT/usr/sbin
mkdir -p $RPM_BUILD_ROOT/%{_mandir}/{man5,man8}
make DESTDIR=$RPM_BUILD_ROOT install

mkdir -p $RPM_BUILD_ROOT/var/log/audit/
touch $RPM_BUILD_ROOT/var/log/audit/audit.log
mkdir -p $RPM_BUILD_ROOT/var/spool/audit/
# For ghost below, so that old location files will still be there when
# post copy runs
touch $RPM_BUILD_ROOT/etc/{auditd.conf,audit.rules} $RPM_BUILD_ROOT/etc/audit/auditd.conf
# On platforms with 32 & 64 bit libs, we need to coordinate the timestamp
touch -r ./audit.spec $RPM_BUILD_ROOT/etc/libaudit.conf

# delete redhat scripts, use ours
rm -rf $RPM_BUILD_ROOT/etc/sysconfig/auditd
rm -rf $RPM_BUILD_ROOT/etc/init.d/auditd
rm -rf $RPM_BUILD_ROOT/etc/rc.d/init.d
# delete redhat systemd legacy scripts, our systemd doesn't support the feature
# https://lists.fedoraproject.org/pipermail/devel/2012-June/169411.html
rm -rf $RPM_BUILD_ROOT/usr/lib/audit
# Clean up some unneeded library files
rm -f $RPM_BUILD_ROOT/%{_libdir}/python%{py_ver}/site-packages/_audit.a
rm -f $RPM_BUILD_ROOT/%{_libdir}/python%{py_ver}/site-packages/_audit.la
rm -f $RPM_BUILD_ROOT/%{_libdir}/python%{py_ver}/site-packages/_auparse.a
rm -f $RPM_BUILD_ROOT/%{_libdir}/python%{py_ver}/site-packages/_auparse.la
rm -f $RPM_BUILD_ROOT/%{_libdir}/python%{py_ver}/site-packages/auparse.a
rm -f $RPM_BUILD_ROOT/%{_libdir}/python%{py_ver}/site-packages/auparse.la
rm -f $RPM_BUILD_ROOT/%{_libdir}/python%{py_ver}/site-packages/auparse-1.0-py%{py_ver}.egg-info
rm -f $RPM_BUILD_ROOT/%{_libdir}/pkgconfig/audit.pc
# cleanup files handled by audit.spec
rm -rf $RPM_BUILD_ROOT/%{_includedir}
rm -f $RPM_BUILD_ROOT/%{_libdir}/lib{audit,auparse}.*
rm -f $RPM_BUILD_ROOT/etc/libaudit.conf 
rm -f $RPM_BUILD_ROOT/%{_mandir}/man5/libaudit.conf.5
rm -rf $RPM_BUILD_ROOT/%{_mandir}/man3
# Cleanup plugins
# audispd-zos-remote uses ldap which is in /usr/lib so move to /usr/sbin
# audisp-remote shouldn't be in /sbin either, it's not 'essential'
mv $RPM_BUILD_ROOT/sbin/{audispd-zos-remote,audisp-remote} $RPM_BUILD_ROOT/usr/sbin
#USR-MERGE
for prog in auditctl auditd ausearch autrace audispd aureport augenrules; do
  [ \! -f %{buildroot}/sbin/$prog ] || mv %{buildroot}/sbin/$prog %{buildroot}/usr/sbin/$prog
  ln -s %{_prefix}/sbin/$prog %{buildroot}/sbin/$prog
done
#END-USR-MERGE
# rcauditd symlink
( cd $RPM_BUILD_ROOT/usr/sbin && ln -s service rcauditd )
chmod 0644 %{buildroot}%{_unitdir}/auditd.service

%check
make check

%post -n audit
# Save existing audit files if any (from old locations)
if [ -f /etc/auditd.conf ]; then
   mv /etc/audit/auditd.conf /etc/audit/auditd.conf.new
   mv /etc/auditd.conf /etc/audit/auditd.conf
fi
if [ -f /etc/audit.rules ]; then
   mv /etc/audit.rules /etc/audit/audit.rules
elif [ ! -f /etc/audit/audit.rules ]; then
   cp /etc/audit/rules.d/audit.rules /etc/audit/audit.rules
fi
%service_add_post auditd.service

%pre -n audit
%service_add_pre auditd.service

%preun -n audit
%service_del_preun auditd.service

%postun -n audit
%service_del_postun auditd.service

%files -n audit
%defattr(-,root,root,-)
%doc  README COPYING ChangeLog contrib/capp.rules contrib/nispom.rules contrib/lspp.rules contrib/stig.rules init.d/auditd.cron
%attr(644,root,root) %{_mandir}/man8/audispd.8.gz
%attr(644,root,root) %{_mandir}/man8/auditctl.8.gz
%attr(644,root,root) %{_mandir}/man8/auditd.8.gz
%attr(644,root,root) %{_mandir}/man8/aureport.8.gz
%attr(644,root,root) %{_mandir}/man8/ausearch.8.gz
%attr(644,root,root) %{_mandir}/man8/autrace.8.gz
%attr(644,root,root) %{_mandir}/man8/aulast.8.gz
%attr(644,root,root) %{_mandir}/man8/aulastlog.8.gz
%attr(644,root,root) %{_mandir}/man8/ausyscall.8.gz
%attr(644,root,root) %{_mandir}/man7/audit.rules.7.gz
%attr(644,root,root) %{_mandir}/man5/auditd.conf.5.gz
%attr(644,root,root) %{_mandir}/man5/audispd.conf.5.gz
%attr(644,root,root) %{_mandir}/man5/ausearch-expression.5.gz
%attr(644,root,root) %{_mandir}/man8/auvirt.8.gz
%attr(644,root,root) %{_mandir}/man8/augenrules.8.gz
/sbin/auditctl
%attr(750,root,root) /usr/sbin/auditctl
/sbin/auditd
%attr(750,root,root) /usr/sbin/auditd
/sbin/ausearch
%attr(755,root,root) /usr/sbin/ausearch
/sbin/autrace
%attr(750,root,root) /usr/sbin/autrace
/sbin/audispd
%attr(750,root,root) /usr/sbin/augenrules
/sbin/augenrules
%attr(750,root,root) /usr/sbin/audispd
%attr(755,root,root) /usr/bin/aulast
%attr(755,root,root) /usr/bin/aulastlog
%attr(755,root,root) /usr/bin/ausyscall
/sbin/aureport
%attr(755,root,root) /usr/sbin/aureport
%attr(755,root,root) /usr/bin/auvirt
%dir %attr(750,root,root) /etc/audit
%attr(750,root,root) %dir /etc/audisp
%attr(750,root,root) %dir /etc/audisp/plugins.d
%config(noreplace) %attr(640,root,root) /etc/audisp/plugins.d/af_unix.conf
%config(noreplace) %attr(640,root,root) /etc/audisp/plugins.d/syslog.conf
%ghost /etc/auditd.conf
%ghost /etc/audit.rules
%config(noreplace) %attr(640,root,root) /etc/audit/auditd.conf
%dir %attr(750,root,root) /etc/audit/rules.d
%config %attr(640,root,root) /etc/audit/rules.d/audit.rules
%config(noreplace) %attr(640,root,root) /etc/audisp/audispd.conf
%dir %attr(700,root,root) /var/log/audit
%ghost %config(noreplace) /var/log/audit/audit.log
%dir %attr(700,root,root) /var/spool/audit
%{_unitdir}/auditd.service
/usr/sbin/rcauditd

%files -n audit-libs-python
%defattr(-,root,root,-)
%attr(755,root,root) %{_libdir}/python%{py_ver}/site-packages/_audit.so
%attr(755,root,root) %{_libdir}/python%{py_ver}/site-packages/auparse.so
%{_libdir}/python%{py_ver}/site-packages/audit.py*

%files -n audit-audispd-plugins
%defattr(-,root,root,-)
%attr(644,root,root) %{_mandir}/man8/audispd-zos-remote.8.gz
%attr(644,root,root) %{_mandir}/man5/zos-remote.conf.5.gz
%attr(644,root,root) %{_mandir}/man5/audisp-remote.conf.5.gz
%attr(644,root,root) %{_mandir}/man8/audisp-remote.8.gz
%attr(750,root,root) %dir /etc/audisp
%attr(750,root,root) %dir /etc/audisp/plugins.d
%config(noreplace) %attr(640,root,root) /etc/audisp/plugins.d/audispd-zos-remote.conf
%config(noreplace) %attr(640,root,root) /etc/audisp/zos-remote.conf
%attr(750,root,root) /usr/sbin/audisp-remote
%attr(750,root,root) /usr/sbin/audispd-zos-remote
%config(noreplace) %attr(640,root,root) /etc/audisp/audisp-remote.conf
%config(noreplace) %attr(640,root,root) /etc/audisp/plugins.d/au-remote.conf

%changelog