# # spec file for package audit # # Copyright (c) 2023 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via https://bugs.opensuse.org/ # %ifarch x86_64 %bcond_without livepatching %else %bcond_with livepatching %endif Name: audit Version: 3.1 Release: 0 Summary: Linux kernel audit subsystem utilities License: GPL-2.0-or-later Group: System/Monitoring URL: https://people.redhat.com/sgrubb/audit/ Source0: https://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz Source1: baselibs.conf Source2: README-BEFORE-ADDING-PATCHES Patch0: change-default-log_group.patch BuildRequires: autoconf >= 2.12 BuildRequires: kernel-headers >= 2.6.30 BuildRequires: libtool BuildRequires: pkgconfig BuildRequires: tcpd-devel Requires: libaudit1 = %{version} Requires: libauparse0 = %{version} Provides: bundled(libev) = 4.33 %description The audit package contains the user space utilities for storing and processing the records generated by the audit subsystem in the Linux kernel. %package -n libaudit1 Summary: Library for interfacing with the kernel audit subsystem License: LGPL-2.1-or-later Group: System/Libraries Obsoletes: %{name}-libs < 2.0.4 Provides: %{name}-libs = %{version} %description -n libaudit1 The libaudit package contains the shared libraries needed for applications to use the audit framework. %package -n libauparse0 Summary: Library for parsing and interpreting audit events License: LGPL-2.1-or-later Group: System/Libraries %description -n libauparse0 The libauparse package contains the shared libraries needed to parse audit records. %package -n audit-devel Summary: Header files for libaudit License: LGPL-2.1-or-later Group: Development/Libraries/C and C++ Requires: libaudit1 = %{version} Requires: libauparse0 = %{version} %description -n audit-devel The audit-devel package contains the header files needed for developing applications that need to use the audit framework libraries. %prep %autosetup -p1 %build autoreconf -fi export CFLAGS="%{optflags} -fno-strict-aliasing" %if %{with livepatching} export CFLAGS="$CFLAGS -fpatchable-function-entry=16,14 -fdump-ipa-clones" %endif export CXXFLAGS="$CFLAGS" export LDFLAGS="-Wl,-z,relro,-z,now" # no krb support (omit --enable-gssapi-krb5=yes), see audit-no-gss.patch %configure \ %ifarch aarch64 --with-aarch64 \ %endif %ifarch arm --with-arm \ %endif --enable-systemd \ --libexecdir=%{_libexecdir}/%{name} \ --with-apparmor \ --with-libcap-ng=no \ --disable-static \ --with-python=no \ --disable-zos-remote %make_build -C common %make_build -C lib %make_build -C auparse %make_build -C docs %if %{with livepatching} # Workaround bsc#1208721: remove _patchable_function_entry from static libs. find . -name "*.a" -exec \ objcopy --remove-section "__patchable_function_entries" {} \; %define tar_basename audit-livepatch-%{version}-%{release} %define tar_package_name %{tar_basename}.%{_arch}.tar.xz %define clones_dest_dir %{tar_basename}/%{_arch} # Ipa-clones are files generated by gcc which logs changes made across # functions, and we need to know such changes to build livepatches # correctly. These files are intended to be used by the livepatch # developers and may be retrieved by using `osc getbinaries`. # # Create ipa-clones destination folder and move clones there. mkdir -p ipa-clones/%{clones_dest_dir} find . -name "*.ipa-clones" ! -empty \ -exec cp -t ipa-clones/%{clones_dest_dir} --parents {} + # Create tarball with ipa-clones. tar -cJf %{tar_package_name} -C ipa-clones \ --owner root --group root --sort name %{tar_basename} # Copy tarball to the OTHER folder to store it as artifact. cp %{tar_package_name} %{_topdir}/OTHER %endif %install %make_install -C common %make_install -C lib %make_install -C auparse %make_install -C docs rm -rf %{buildroot}/%{_mandir}/man[578] mkdir -p %{buildroot}%{_sysconfdir} mkdir -p %{buildroot}/%{_includedir} mkdir -p %{buildroot}/%{_mandir}/man5 # We manually install this since Makefile doesn't install -m 0644 lib/libaudit.h %{buildroot}/%{_includedir} install -D -m 0644 ./m4/audit.m4 %{buildroot}%{_datadir}/aclocal/audit.m4 # Install libaudit.conf files by hand install -m 0644 docs/libaudit.conf.5 %{buildroot}/%{_mandir}/man5 install -m 0644 init.d/libaudit.conf %{buildroot}%{_sysconfdir} find %{buildroot} -type f -name "*.la" -delete -print %check %make_build -C lib check %make_build -C auparse check %post -n libaudit1 -p /sbin/ldconfig %post -n libauparse0 -p /sbin/ldconfig %postun -n libaudit1 -p /sbin/ldconfig %postun -n libauparse0 -p /sbin/ldconfig %files -n libaudit1 %{_libdir}/libaudit.so.* %config(noreplace) %attr(640,root,root) %{_sysconfdir}/libaudit.conf %{_mandir}/man5/libaudit.conf.5%{ext_man} %files -n libauparse0 %{_libdir}/libauparse.so.* %files -n audit-devel %doc contrib/plugin %{_libdir}/libaudit.so %{_libdir}/libauparse.so %{_includedir}/libaudit.h %{_includedir}/auparse.h %{_includedir}/auparse-defs.h %{_mandir}/man3/* %{_datadir}/aclocal/audit.m4 %{_libdir}/pkgconfig/audit.pc %{_libdir}/pkgconfig/auparse.pc %changelog