rpm/aide
SHA256
1
0
Fork 0
forked from pool/aide
Code Pull Requests Activity

Accepting request 1067470 from home:pperego:branches:security

Browse Source 
- Update to 0.18
- Rename aide-0.17.3-as-needed.patch to and rebase aide-0.18-as-needed.patch
- Added autoconf and autoconf-archive as building dependencies due to an error
  when reconfiguring the source
- Rebase aide-xattr-in-libc.patch

OBS-URL: https://build.opensuse.org/request/show/1067470
OBS-URL: https://build.opensuse.org/package/show/security/aide?expand=0&rev=49
This commit is contained in:
Marcus Meissner 2023-02-24 07:41:23 +00:00 committed by Git OBS Bridge
parent 6ae10dbd5e
commit 4bffb60ea7
9 changed files with 254 additions and 68 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
aide-0.17.3-as-needed.patch
View File

@ -1,11 +0,0 @@
--- aide-0.17.3/Makefile.am.orig 2021-02-24 12:03:16.648845473 +0100
+++ aide-0.17.3/Makefile.am 2021-02-24 12:03:57.336978950 +0100
@@ -59,7 +59,7 @@
aide_SOURCES += include/fopen.h src/fopen.c
endif
-aide_LDADD = -lm @PCRELIB@ @CRYPTLIB@ @ACLLIB@ @SELINUXLIB@ @AUDITLIB@ @ATTRLIB@ @E2FSATTRSLIB@ @ELFLIB@ @CAPLIB@ ${CURL_LIBS}
+aide_LDADD = -lm @LDFLAGS@ @PCRELIB@ @CRYPTLIB@ @ACLLIB@ @SELINUXLIB@ @AUDITLIB@ @ATTRLIB@ @E2FSATTRSLIB@ @ELFLIB@ @CAPLIB@ ${CURL_LIBS}
if HAVE_CHECK
TESTS = check_aide

3
aide-0.17.4.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:c81505246f3ffc2e76036d43a77212ae82895b5881d9b9e25c1361b1a9b7a846
size 331783

14
aide-0.17.4.tar.gz.asc
View File

@ -1,14 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQGzBAABCgAdFiEEVJXNoXyawXqyOEGnGO6GOGAi71cFAmHocOsACgkQGO6GOGAi
71di5Av9H7Iy6hWGNzv/GBxXR44+dD/dzNI1f1rQ/fHAxANVqj15pLRvGANR3r78
XOm1t+UsyJLHuRImE33GGcyALYqqOaPn+qaiqR2gLTZzy3n2wJf+Jg7VsTgUMAX0
VeCrCgae4tG4py3+/o35cf553tJf8cr62NEQpWM5Zeoqlv/m7N725/miirjqgoWL
w9/KQJPrBRvHZZFSs+P1TT+BSy8VUJOjtVXKTR3dPq+moncRZ1TEsRAgqwTbvgPd
GNQgLMlyUcex5oMLZC6Hpulx8nDhrougT1vMf0Nh8xTwJIXg4Mx+lsBazsdULD7b
WC1C5360EtsIcwdbuf2IrjKsQnXPlTcv4ya+u1y0DXGg9aA4GTngdF6lplOX4/hw
VWnOccMiUeNJ3lKp/S/ri/32RXcdYZznmOT4OhNETfxFtXv/EoeKs4DIzDFWSy/a
GAiwYHEJgpA9v+fAXTTWHVN8CWxWbac/Lhvf4o34XclLO22GzJzgNjsS3BGu521f
FrsCM5Ys
=K19s
-----END PGP SIGNATURE-----

12
aide-0.18-as-needed.patch Normal file
View File

@ -0,0 +1,12 @@
diff --color -ruN aide-0.18.ori/Makefile.am aide-0.18/Makefile.am
--- aide-0.18.ori/Makefile.am 2023-02-06 22:06:50.000000000 +0100
+++ aide-0.18/Makefile.am 2023-02-23 17:49:10.893667920 +0100
@@ -65,7 +65,7 @@
endif
aide_CFLAGS = @AIDE_DEFS@ -W -Wall -g ${PTHREAD_CFLAGS}
-aide_LDADD = -lm ${PCRE2_LIBS} ${ZLIB_LIBS} ${MHASH_LIBS} ${GCRYPT_LIBS} ${POSIX_ACL_LIBS} ${SELINUX_LIBS} ${AUDIT_LIBS} ${XATTR_LIBS} ${ELF_LIBS} ${E2FSATTRS_LIBS} ${CAPABILITIES_LIBS} ${CURL_LIBS} ${PTHREAD_LIBS}
+aide_LDADD = -lm ${LDFLAGS} ${PCRE2_LIBS} ${ZLIB_LIBS} ${MHASH_LIBS} ${GCRYPT_LIBS} ${POSIX_ACL_LIBS} ${SELINUX_LIBS} ${AUDIT_LIBS} ${XATTR_LIBS} ${ELF_LIBS} ${E2FSATTRS_LIBS} ${CAPABILITIES_LIBS} ${CURL_LIBS} ${PTHREAD_LIBS}
if HAVE_CHECK
TESTS = check_aide

3
aide-0.18.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:f1166ad01a50f7f4523a585760c673ae11185a38cfa602ae7c9e9266effd038d
size 375922

14
aide-0.18.tar.gz.asc Normal file
View File

@ -0,0 +1,14 @@
-----BEGIN PGP SIGNATURE-----
iQGzBAABCgAdFiEEVJXNoXyawXqyOEGnGO6GOGAi71cFAmPhb84ACgkQGO6GOGAi
71c+Pgv+JMW2H76Trn6lZ0+et0E568fOF1uwbLNzG62t1x6xvgl5tu+NgziSwsi3
B1nD5jkDktI55twMxMeYsTsn0qrz/VTs+00yNo0ww93I6o2+gZF6Gex8vNYkK2EE
ZnBTuWOT8bNJTN1Mi5s09m5nPIFZKLpRyx7+iKmUnmWalJeJ6py+UcEe67l27cXJ
IvGs+JuShsWVNWtPuSHk8G3iH4pZ9TaGA5GkEPMxVI2Isx7GeiaIdHnr6XgzAtF0
2oRyk807YNf2YWyBZQyitWpJ6fSHwBVixPM8Nfj2gWvxEEjTntfA0e298hxw/o4Y
S8btwy6rOvJUVq52/o5MfhBTzwaQZu5IRtxkFnd/4L365F61X0iOptXD1jiRkBUE
r6OQI7vOV5OdfkiJl9YvykxEQY7FQdqFaEKpXr300IS6amU//oSr/3uUVcUHFbYs
9U4g2FFEaiWMgCyKVozNVitweTErgGAy5GdVWQ7YgMsN44jbxT8YgaV4Gll+zqFY
EeIDKZ3/
=tSe2
-----END PGP SIGNATURE-----

225
aide-xattr-in-libc.patch
View File

@ -1,33 +1,208 @@
diff -ru old/configure.ac new/configure.ac
--- old/configure.ac 2021-02-10 22:01:14.000000000 +0100
+++ new/configure.ac 2021-02-24 13:17:31.287619804 +0100
@@ -483,7 +483,7 @@
AS_IF([test "x$with_xattr_support" != xno],
[AC_DEFINE(WITH_XATTR,1,[use xattr])
- ATTRLIB=-lattr
+ ATTRLIB=
compoptionstring="${compoptionstring}WITH_XATTR\\n"
AC_MSG_RESULT(yes)],
[AC_MSG_RESULT(no)]
diff -ru old/include/db_config.h new/include/db_config.h
--- old/include/db_config.h 2021-02-10 22:01:14.000000000 +0100
+++ new/include/db_config.h 2021-02-24 13:49:16.813840910 +0100
@@ -23,7 +23,6 @@
diff --color -ruN aide-0.18.ori/configure.ac aide-0.18/configure.ac
--- aide-0.18.ori/configure.ac 2023-02-06 22:06:50.000000000 +0100
+++ aide-0.18/configure.ac 2023-02-23 18:38:19.703630012 +0100
@@ -59,7 +59,7 @@
AIDE_DEFS="-D_GNU_SOURCE"
dnl This is borrowed from libtool
-
+
if test $ac_cv_c_compiler_gnu = yes; then
LD_STATIC_FLAG='-static'
@@ -101,54 +101,54 @@
# All AIX code is PIC.
LD_STATIC_FLAG='-bnso -bI:/lib/syscalls.exp'
;;
-
+
hpux9* | hpux10* | hpux11*)
# Is there a better LD_STATIC_FLAG that works with the bundled CC?
## wl='-Wl,'
LD_STATIC_FLAG="${wl}-a ${wl}archive"
## pic_flag='+Z'
;;
-
+
irix5* | irix6*)
## wl='-Wl,'
LD_STATIC_FLAG='-non_shared'
# PIC (with -KPIC) is the default.
;;
-
+
cygwin* | mingw* | os2*)
# We can build DLLs from non-PIC.
;;
-
+
osf3* | osf4* | osf5*)
# All OSF/1 code is PIC.
## wl='-Wl,'
LD_STATIC_FLAG='-non_shared'
;;
-
+
sco3.2v5*)
## pic_flag='-Kpic'
LD_STATIC_FLAG='-dn'
## special_shlib_compile_flags='-belf'
;;
-
+
solaris*)
## pic_flag='-KPIC'
LD_STATIC_FLAG='-Bstatic'
## wl='-Wl,'
;;
-
+
sunos4*)
## pic_flag='-PIC'
LD_STATIC_FLAG='-Bstatic'
## wl='-Qoption ld '
;;
-
+
sysv4 | sysv4.2uw2* | sysv4.3* | sysv5*)
## pic_flag='-KPIC'
LD_STATIC_FLAG='-Bstatic'
## wl='-Wl,'
;;
-
+
uts4*)
## pic_flag='-pic'
LD_STATIC_FLAG='-Bstatic'
@@ -338,8 +338,6 @@
AIDE_PKG_CHECK(selinux, SELinux, no, SELINUX, libselinux, selinux)
-AIDE_PKG_CHECK(xattr, xattr, no, XATTR, libattr, xattrs)
-
AIDE_PKG_CHECK(capabilities, POSIX 1003.1e capabilities, no, CAPABILITIES, libcap, caps)
AIDE_PKG_CHECK(e2fsattrs, e2fsattrs, no, E2FSATTRS, e2p, e2fsattrs)
diff --color -ruN aide-0.18.ori/include/db_config.h aide-0.18/include/db_config.h
--- aide-0.18.ori/include/db_config.h 2023-02-06 22:06:50.000000000 +0100
+++ aide-0.18/include/db_config.h 2023-02-23 18:29:04.202036763 +0100
@@ -19,7 +19,7 @@
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
-
+
#ifndef _DB_CONFIG_H_INCLUDED
#define _DB_CONFIG_H_INCLUDED
#include "config.h"
-#include "attributes.h"
#include "report.h"
#include "types.h"
#include <unistd.h>
@@ -48,7 +47,6 @@
#ifdef WITH_XATTR /* Do generic user Xattrs. */
@@ -32,7 +32,6 @@
#ifdef WITH_ZLIB
#include <zlib.h>
#endif
-#include "attributes.h"
#include "hashsum.h"
#include "db_line.h"
#include "list.h"
@@ -75,7 +74,7 @@
/* int (*close)(_db_config*); */
/* int db_size; */
/* DB_FIELD* db_order; */
-/* void* local; */
+/* void* local; */
/* }_db_config ; */
typedef struct database {
@@ -111,14 +110,14 @@
#ifdef WITH_ZLIB
/* Is dbout gzipped or not */
int gzip_dbout;
-
+
#endif
DB_ATTR_TYPE db_out_attrs;
char *check_path;
RESTRICTION_TYPE check_file_type;
-
+
char* config_file;
char* config_version;
bool config_check_warn_unrestricted_rules;
@@ -160,7 +159,7 @@
int symlinks_found;
DB_ATTR_TYPE attr;
-#ifdef WITH_ACL
+#ifdef WITH_ACL
int no_acl_on_symlinks;
#endif
int warn_dead_symlinks;
diff --color -ruN aide-0.18.ori/src/do_md.c aide-0.18/src/do_md.c
--- aide-0.18.ori/src/do_md.c 2023-02-06 22:06:50.000000000 +0100
+++ aide-0.18/src/do_md.c 2023-02-23 18:29:31.706313697 +0100
@@ -45,7 +45,6 @@
#ifdef WITH_XATTR
#include <sys/xattr.h>
-#include <attr/attributes.h>
#ifndef ENOATTR
# define ENOATTR ENODATA
#endif
Only in new/include: md.h.orig
Only in new/src: md.c.orig
@@ -327,7 +326,7 @@
}
void fs2db_line(struct stat* fs,db_line* line) {
-
+
line->inode=fs->st_ino;
if(ATTR(attr_uid)&line->attr) {
@@ -349,7 +348,7 @@
}else{
line->size=0;
}
-
+
if(ATTR(attr_linkcount)&line->attr){
line->nlink=fs->st_nlink;
}else {
@@ -367,7 +366,7 @@
}else{
line->ctime=0;
}
-
+
if(ATTR(attr_atime)&line->attr){
line->atime=fs->st_atime;
}else{
@@ -379,13 +378,13 @@
} else {
line->bcount=0;
}
-
+
}
#ifdef WITH_ACL
void acl2line(db_line* line) {
acl_type *ret = NULL;
-
+
#ifdef WITH_POSIX_ACL
if(ATTR(attr_acl)&line->attr) {
acl_t acl_a;
@@ -434,7 +433,7 @@
acl_free(acl_d);
}
line->acl = ret;
-#endif
+#endif
}
#endif
@@ -596,4 +595,3 @@
void no_hash(db_line* line) {
line->attr&=~get_hashes(true);
}
-

32
aide.changes
View File

@ -1,3 +1,12 @@
-------------------------------------------------------------------
Thu Feb 23 16:50:23 UTC 2023 - Paolo Perego <paolo.perego@suse.com>
- Update to 0.18
- Rename aide-0.17.3-as-needed.patch to and rebase aide-0.18-as-needed.patch
- Added autoconf and autoconf-archive as building dependencies due to an error
when reconfiguring the source
- Rebase aide-xattr-in-libc.patch
-------------------------------------------------------------------
Tue Mar 29 09:19:54 UTC 2022 - Paolo Stivanin <info@paolostivanin.com>
@ -19,12 +28,12 @@ Fri Apr 2 07:03:22 UTC 2021 - Marcus Meissner <meissner@suse.com>
-------------------------------------------------------------------
Wed Feb 24 13:45:59 UTC 2021 - Paolo Stivanin <info@paolostivanin.com>
- Update default config file to match v0.17
- Update default config file to match v0.17
-------------------------------------------------------------------
Wed Feb 24 11:01:03 UTC 2021 - Paolo Stivanin <info@paolostivanin.com>
- Update to 0.17.3:
- Update to 0.17.3:
* BACKWARDS INCOMPATIBLE CHANGES
- '--verbose' command line option and 'verbose' config option are no
longer supported, use 'log_level' and 'report_level' options instead
@ -142,7 +151,7 @@ Sun Mar 17 21:20:12 UTC 2019 - Matthias Eliasson <elimat@opensuse.org>
Wed Jan 18 13:38:03 UTC 2017 - meissner@suse.com
- Updated to 0.16
- lots of bugfixes
- lots of bugfixes
- including regexp matching within subdirectories of expressions
- aide-0.16-as-needed.patch: replaces aide-0.15.1-as-needed.patch
- aide-no_m4_dir.patch: upstream
@ -183,7 +192,7 @@ Fri Apr 26 11:26:37 UTC 2013 - mmeister@suse.com
-------------------------------------------------------------------
Wed Jan 4 13:34:11 UTC 2012 - crrodriguez@opensuse.org
- libmhash development was abandoned in 2007, so it is time
- libmhash development was abandoned in 2007, so it is time
for it to go into the library heaven, use libgcrypt instead.
-------------------------------------------------------------------
@ -215,8 +224,8 @@ Tue Aug 10 17:12:56 CEST 2010 - meissner@suse.de
-------------------------------------------------------------------
Fri Apr 30 00:40:34 CEST 2010 - ro@suse.de
- make aide check verbose to get started
- add sleep and sync to fix build
- make aide check verbose to get started
- add sleep and sync to fix build
-------------------------------------------------------------------
Wed Aug 26 12:53:54 CEST 2009 - mls@suse.de
@ -226,7 +235,7 @@ Wed Aug 26 12:53:54 CEST 2009 - mls@suse.de
-------------------------------------------------------------------
Wed Jun 17 19:43:10 CEST 2009 - crrodriguez@suse.de
- fix build when as-needed is a default liker option
- fix build when as-needed is a default liker option
-------------------------------------------------------------------
Mon Jan 5 14:19:26 CET 2009 - meissner@suse.de
@ -291,13 +300,13 @@ Sat Jan 14 22:08:31 CET 2006 - schwab@suse.de
-------------------------------------------------------------------
Fri Mar 18 15:46:21 CET 2005 - mge@suse.de
- fixes #71272 - aide-0.10-47 config files not yet converted to utf8
- fixes #71272 - aide-0.10-47 config files not yet converted to utf8
-------------------------------------------------------------------
Mon Jan 26 11:16:41 CET 2004 - mge@suse.de
- upgrade to 0.10
- #33600: more usable default aide.conf
- #33600: more usable default aide.conf
(thanks to Dirk Mueller <dmuell@gmx.net>)
- example-cron-job
@ -309,7 +318,7 @@ Sat Jan 10 22:05:03 CET 2004 - adrian@suse.de
-------------------------------------------------------------------
Wed Nov 13 01:36:35 CET 2002 - ro@suse.de
- fix build for current bison
- fix build for current bison
-------------------------------------------------------------------
Thu Aug 15 16:11:22 CEST 2002 - mge@suse.de
@ -320,7 +329,7 @@ Thu Aug 15 16:11:22 CEST 2002 - mge@suse.de
Mon Apr 9 11:30:55 CEST 2001 - ro@suse.de
- don't use macro for version
- remove obsolete macros
- remove obsolete macros
-------------------------------------------------------------------
Wed Nov 22 13:00:27 MET 2000 - mge@suse.de
@ -347,4 +356,3 @@ Sun Sep 12 00:00:00 MEST 1999 - Rami Lehti <rammer@cs.tut.fi>
Sat Sep 11 00:00:00 MEST 1999 - Zach Brown <zab@redhat.com>
- First go

8
aide.spec
View File

@ -1,7 +1,7 @@
#
# spec file for package aide
#
# Copyright (c) 2022 SUSE LLC
# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@ -17,7 +17,7 @@
Name: aide
Version: 0.17.4
Version: 0.18
Release: 0
Summary: Advanced Intrusion Detection Environment
License: GPL-2.0-or-later
@ -33,9 +33,11 @@ Source7: aide.timer.8
Source8: aide_service.conf
Source42: https://github.com/aide/aide/releases/download/v%{version}/aide-%{version}.tar.gz.asc
Source43: aide.keyring
Patch1: aide-0.17.3-as-needed.patch
Patch1: aide-0.18-as-needed.patch
Patch2: aide-xattr-in-libc.patch
Patch3: aide-systemd.patch
BuildRequires: autoconf
BuildRequires: autoconf-archive
BuildRequires: automake
BuildRequires: bison
BuildRequires: curl-devel