SHA256
1
0
forked from pool/audit
audit/audit.spec
Wolfgang Frisch d1358f4337 Accepting request 1096509 from home:polslinux:branches:security
- Update to 3.1.1:
  * Add user friendly keywords for signals to auditctl
  * In ausearch, parse up URINGOP and DM_CTRL records
  * Harden auparse to better handle corrupt logs
  * Fix a CFLAGS propogation problem in the common directory
  * Move the audispd af_unix plugin to a standalone program 
- Update to 3.1.1:
  * Add user friendly keywords for signals to auditctl
  * In ausearch, parse up URINGOP and DM_CTRL records
  * Harden auparse to better handle corrupt logs
  * Fix a CFLAGS propogation problem in the common directory
  * Move the audispd af_unix plugin to a standalone program

OBS-URL: https://build.opensuse.org/request/show/1096509
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=148
2023-07-03 14:59:58 +00:00

189 lines
5.7 KiB
RPMSpec

#
# spec file for package audit
#
# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
%ifarch x86_64
%bcond_without livepatching
%else
%bcond_with livepatching
%endif
Name: audit
Version: 3.1.1
Release: 0
Summary: Linux kernel audit subsystem utilities
License: GPL-2.0-or-later
Group: System/Monitoring
URL: https://people.redhat.com/sgrubb/audit/
Source0: https://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
Source1: baselibs.conf
Source2: README-BEFORE-ADDING-PATCHES
Patch0: change-default-log_group.patch
BuildRequires: autoconf >= 2.12
BuildRequires: kernel-headers >= 2.6.30
BuildRequires: libtool
BuildRequires: pkgconfig
BuildRequires: tcpd-devel
Requires: libaudit1 = %{version}
Requires: libauparse0 = %{version}
Provides: bundled(libev) = 4.33
%description
The audit package contains the user space utilities for storing and
processing the records generated by the audit subsystem in the
Linux kernel.
%package -n libaudit1
Summary: Library for interfacing with the kernel audit subsystem
License: LGPL-2.1-or-later
Group: System/Libraries
Obsoletes: %{name}-libs < 2.0.4
Provides: %{name}-libs = %{version}
%description -n libaudit1
The libaudit package contains the shared libraries needed for
applications to use the audit framework.
%package -n libauparse0
Summary: Library for parsing and interpreting audit events
License: LGPL-2.1-or-later
Group: System/Libraries
%description -n libauparse0
The libauparse package contains the shared libraries needed to
parse audit records.
%package -n audit-devel
Summary: Header files for libaudit
License: LGPL-2.1-or-later
Group: Development/Libraries/C and C++
Requires: libaudit1 = %{version}
Requires: libauparse0 = %{version}
%description -n audit-devel
The audit-devel package contains the header files
needed for developing applications that need to use the audit framework
libraries.
%prep
%autosetup -p1
%build
autoreconf -fi
export CFLAGS="%{optflags} -fno-strict-aliasing"
%if %{with livepatching}
export CFLAGS="$CFLAGS -fpatchable-function-entry=16,14 -fdump-ipa-clones"
%endif
export CXXFLAGS="$CFLAGS"
export LDFLAGS="-Wl,-z,relro,-z,now"
# no krb support (omit --enable-gssapi-krb5=yes), see audit-no-gss.patch
%configure \
%ifarch aarch64
--with-aarch64 \
%endif
%ifarch arm
--with-arm \
%endif
--enable-systemd \
--libexecdir=%{_libexecdir}/%{name} \
--with-apparmor \
--with-libcap-ng=no \
--disable-static \
--with-python=no \
--disable-zos-remote
%make_build -C common
%make_build -C lib
%make_build -C auparse
%make_build -C docs
%if %{with livepatching}
# Workaround bsc#1208721: remove _patchable_function_entry from static libs.
find . -name "*.a" -exec \
objcopy --remove-section "__patchable_function_entries" {} \;
%define tar_basename audit-livepatch-%{version}-%{release}
%define tar_package_name %{tar_basename}.%{_arch}.tar.xz
%define clones_dest_dir %{tar_basename}/%{_arch}
# Ipa-clones are files generated by gcc which logs changes made across
# functions, and we need to know such changes to build livepatches
# correctly. These files are intended to be used by the livepatch
# developers and may be retrieved by using `osc getbinaries`.
#
# Create ipa-clones destination folder and move clones there.
mkdir -p ipa-clones/%{clones_dest_dir}
find . -name "*.ipa-clones" ! -empty \
-exec cp -t ipa-clones/%{clones_dest_dir} --parents {} +
# Create tarball with ipa-clones.
tar -cJf %{tar_package_name} -C ipa-clones \
--owner root --group root --sort name %{tar_basename}
# Copy tarball to the OTHER folder to store it as artifact.
cp %{tar_package_name} %{_topdir}/OTHER
%endif
%install
%make_install -C common
%make_install -C lib
%make_install -C auparse
%make_install -C docs
rm -rf %{buildroot}/%{_mandir}/man[578]
mkdir -p %{buildroot}%{_sysconfdir}
mkdir -p %{buildroot}/%{_includedir}
mkdir -p %{buildroot}/%{_mandir}/man5
# We manually install this since Makefile doesn't
install -m 0644 lib/libaudit.h %{buildroot}/%{_includedir}
install -D -m 0644 ./m4/audit.m4 %{buildroot}%{_datadir}/aclocal/audit.m4
# Install libaudit.conf files by hand
install -m 0644 docs/libaudit.conf.5 %{buildroot}/%{_mandir}/man5
install -m 0644 init.d/libaudit.conf %{buildroot}%{_sysconfdir}
find %{buildroot} -type f -name "*.la" -delete -print
%check
%make_build -C lib check
%make_build -C auparse check
%post -n libaudit1 -p /sbin/ldconfig
%post -n libauparse0 -p /sbin/ldconfig
%postun -n libaudit1 -p /sbin/ldconfig
%postun -n libauparse0 -p /sbin/ldconfig
%files -n libaudit1
%{_libdir}/libaudit.so.*
%config(noreplace) %attr(640,root,root) %{_sysconfdir}/libaudit.conf
%{_mandir}/man5/libaudit.conf.5%{ext_man}
%files -n libauparse0
%{_libdir}/libauparse.so.*
%files -n audit-devel
%doc contrib/plugin
%{_libdir}/libaudit.so
%{_libdir}/libauparse.so
%{_includedir}/libaudit.h
%{_includedir}/auparse.h
%{_includedir}/auparse-defs.h
%{_mandir}/man3/*
%{_datadir}/aclocal/audit.m4
%{_libdir}/pkgconfig/audit.pc
%{_libdir}/pkgconfig/auparse.pc
%changelog