testing/audit
SHA256
6
0
Fork 0
forked from pool/audit
Code Pull Requests Activity
Files
7e1b0e83b816985d641fcba464c6d05e8ec241408cba91d30cf05f5ee34bb8ea
audit/audit.spec
Enzo Matsumiya 7e1b0e83b8 Accepting request 1043243 from home:ematsumiya:branches:security 
- Enable build for ARM (32-bit)
- Update to version 3.0.9:
  * In auditd, release the async flush lock on stop
  * Don't allow auditd to log directly into /var/log when log_group is non-zero
  * Cleanup krb5 memory leaks on error paths
  * Update auditd.cron to use auditctl --signal
  * In auparse, if too many fields, realloc array bigger (Paul Wolneykien)
  * In auparse, special case kernel module name interpretation
  * If overflow_action is ignore, don't treat as an error
  (3.0.8)
  * Add gcc function attributes for access and allocation
  * Add some more man pages (MIZUTA Takeshi)
  * In auditd, change the reinitializing of the plugin queue
  * Fix path normalization in auparse (Sergio Correia)
  * In libaudit, handle ECONNREFUSED for network uid/gid lookups (Enzo Matsumiya)
  * In audisp-remote, fix hang with disk_low_action=suspend (Enzo Matsumiya)
  * Drop ProtectHome from auditd.service as it interferes with rules
  (3.0.7)
  * Add support for the OPENAT2 record type (Richard Guy Briggs)
  * In auditd, close the logging file descriptor when logging is suspended
  * Update the capabilities lookup table to match 5.16 kernel
  * Improve interpretation of renamat & faccessat family of syscalls
  * Update syscall table for the 5.16 kernel
  * Reduce dependency from initscripts to initscripts-service
- Refresh patches (context adjusment):
  * audit-allow-manual-stop.patch
  * audit-ausearch-do-not-require-tclass.patch
  * audit-no-gss.patch
  * enable-stop-rules.patch
  * fix-hardened-service.patch
  * harden_auditd.service.patch
- Remove patches (fixed by version update):
  * libaudit-fix-unhandled-ECONNREFUSED-from-getpwnam-25.patch
  * audisp-remote-fix-hang-with-disk_low_action-suspend-.patch
- Enable build for ARM (32-bit)
- Update to version 3.0.9:
  * In auditd, release the async flush lock on stop
  * Don't allow auditd to log directly into /var/log when log_group is non-zero
  * Cleanup krb5 memory leaks on error paths
  * Update auditd.cron to use auditctl --signal
  * In auparse, if too many fields, realloc array bigger (Paul Wolneykien)
  * In auparse, special case kernel module name interpretation
  * If overflow_action is ignore, don't treat as an error
  (3.0.8)
  * Add gcc function attributes for access and allocation
  * Add some more man pages (MIZUTA Takeshi)
  * In auditd, change the reinitializing of the plugin queue
  * Fix path normalization in auparse (Sergio Correia)
  * In libaudit, handle ECONNREFUSED for network uid/gid lookups (Enzo Matsumiya)
  * In audisp-remote, fix hang with disk_low_action=suspend (Enzo Matsumiya)
  * Drop ProtectHome from auditd.service as it interferes with rules
  (3.0.7)
  * Add support for the OPENAT2 record type (Richard Guy Briggs)
  * In auditd, close the logging file descriptor when logging is suspended
  * Update the capabilities lookup table to match 5.16 kernel
  * Improve interpretation of renamat & faccessat family of syscalls
  * Update syscall table for the 5.16 kernel
  * Reduce dependency from initscripts to initscripts-service
- Refresh patches (context adjusment):
  * audit-allow-manual-stop.patch
  * audit-ausearch-do-not-require-tclass.patch
  * audit-no-gss.patch
  * enable-stop-rules.patch
  * fix-hardened-service.patch
  * harden_auditd.service.patch
- Remove patches (fixed by version update):
  * libaudit-fix-unhandled-ECONNREFUSED-from-getpwnam-25.patch
  * audisp-remote-fix-hang-with-disk_low_action-suspend-.patch

OBS-URL: https://build.opensuse.org/request/show/1043243
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=141
2022-12-19 19:54:31 +00:00

153 lines
4.4 KiB
RPMSpec
Raw Blame History

#
# spec file for package audit
#
# Copyright (c) 2022 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
Name: audit
Version: 3.0.9
Release: 0
Summary: Linux kernel audit subsystem utilities
License: GPL-2.0-or-later
Group: System/Monitoring
URL: https://people.redhat.com/sgrubb/audit/
Source0: https://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
Source1: baselibs.conf
Source2: README-BEFORE-ADDING-PATCHES
Patch0: change-default-log_group.patch
BuildRequires: autoconf >= 2.12
BuildRequires: kernel-headers >= 2.6.30
BuildRequires: libtool
BuildRequires: pkgconfig
BuildRequires: tcpd-devel
Requires: libaudit1 = %{version}
Requires: libauparse0 = %{version}
Provides: bundled(libev) = 4.33
%description
The audit package contains the user space utilities for storing and
processing the records generated by the audit subsystem in the
Linux kernel.
%package -n libaudit1
Summary: Library for interfacing with the kernel audit subsystem
License: LGPL-2.1-or-later
Group: System/Libraries
Obsoletes: %{name}-libs < 2.0.4
Provides: %{name}-libs = %{version}
%description -n libaudit1
The libaudit package contains the shared libraries needed for
applications to use the audit framework.
%package -n libauparse0
Summary: Library for parsing and interpreting audit events
License: LGPL-2.1-or-later
Group: System/Libraries
%description -n libauparse0
The libauparse package contains the shared libraries needed to
parse audit records.
%package -n audit-devel
Summary: Header files for libaudit
License: LGPL-2.1-or-later
Group: Development/Libraries/C and C++
Requires: libaudit1 = %{version}
Requires: libauparse0 = %{version}
%description -n audit-devel
The audit-devel package contains the header files
needed for developing applications that need to use the audit framework
libraries.
%prep
%autosetup -p1
%build
autoreconf -fi
export CFLAGS="%{optflags} -fno-strict-aliasing"
export CXXFLAGS="$CFLAGS"
export LDFLAGS="-Wl,-z,relro,-z,now"
# no krb support (omit --enable-gssapi-krb5=yes), see audit-no-gss.patch
%configure \
%ifarch aarch64
--with-aarch64 \
%endif
%ifarch arm
--with-arm \
%endif
--enable-systemd \
--libexecdir=%{_libexecdir}/%{name} \
--with-apparmor \
--with-libcap-ng=no \
--disable-static \
--with-python=no \
--disable-zos-remote
%make_build -C common
%make_build -C lib
%make_build -C auparse
%make_build -C docs
%install
%make_install -C common
%make_install -C lib
%make_install -C auparse
%make_install -C docs
rm -rf %{buildroot}/%{_mandir}/man[578]
mkdir -p %{buildroot}%{_sysconfdir}
mkdir -p %{buildroot}/%{_includedir}
mkdir -p %{buildroot}/%{_mandir}/man5
# We manually install this since Makefile doesn't
install -m 0644 lib/libaudit.h %{buildroot}/%{_includedir}
install -D -m 0644 ./m4/audit.m4 %{buildroot}%{_datadir}/aclocal/audit.m4
# Install libaudit.conf files by hand
install -m 0644 docs/libaudit.conf.5 %{buildroot}/%{_mandir}/man5
install -m 0644 init.d/libaudit.conf %{buildroot}%{_sysconfdir}
find %{buildroot} -type f -name "*.la" -delete -print
%check
%make_build -C lib check
%make_build -C auparse check
%post -n libaudit1 -p /sbin/ldconfig
%post -n libauparse0 -p /sbin/ldconfig
%postun -n libaudit1 -p /sbin/ldconfig
%postun -n libauparse0 -p /sbin/ldconfig
%files -n libaudit1
%{_libdir}/libaudit.so.*
%config(noreplace) %attr(640,root,root) %{_sysconfdir}/libaudit.conf
%{_mandir}/man5/libaudit.conf.5%{ext_man}
%files -n libauparse0
%{_libdir}/libauparse.so.*
%files -n audit-devel
%doc contrib/plugin
%{_libdir}/libaudit.so
%{_libdir}/libauparse.so
%{_includedir}/libaudit.h
%{_includedir}/auparse.h
%{_includedir}/auparse-defs.h
%{_mandir}/man3/*
%{_datadir}/aclocal/audit.m4
%{_libdir}/pkgconfig/audit.pc
%{_libdir}/pkgconfig/auparse.pc
%changelog
View Git Blame Copy Permalink