automatic version update by autodist [release 3.0-1mamba;Tue Feb 09 2021]

audit-2.8.4-rundir.patch

@@ -0,0 +1,26 @@
+diff -Nru audit-2.8.4.orig/init.d/auditd.state audit-2.8.4/init.d/auditd.state
+--- audit-2.8.4.orig/init.d/auditd.state	2018-05-21 19:38:08.000000000 +0200
++++ audit-2.8.4/init.d/auditd.state	2019-01-05 08:46:05.999451866 +0100
+@@ -7,7 +7,7 @@
+ 
+ PATH=/sbin:/bin:/usr/bin:/usr/sbin
+ prog="auditd"
+-state_file="/var/run/auditd.state"
++state_file="/run/auditd.state"
+ . /etc/init.d/functions
+ 
+ printf "Getting auditd internal state: "
+diff -Nru audit-2.8.4.orig/src/auditd.c audit-2.8.4/src/auditd.c
+--- audit-2.8.4.orig/src/auditd.c	2018-05-21 19:38:08.000000000 +0200
++++ audit-2.8.4/src/auditd.c	2019-01-05 08:44:18.153983329 +0100
+@@ -66,8 +66,8 @@
+ /* Local data */
+ static int fd = -1, pipefds[2] = {-1, -1};
+ static struct daemon_conf config;
+-static const char *pidfile = "/var/run/auditd.pid";
+-static const char *state_file = "/var/run/auditd.state";
++static const char *pidfile = "/run/auditd.pid";
++static const char *state_file = "/run/auditd.state";
+ static int init_pipe[2];
+ static int do_fork = 1, opt_aggregate_only = 0, config_dir_set = 0;
+ static struct auditd_event *cur_event = NULL, *reconfig_ev = NULL;

audit-2.8.5-usrsbin.patch

@@ -0,0 +1,59 @@
+diff -ru audit-2.8.5.orig/init.d/auditd.conf audit-2.8.5/init.d/auditd.conf
+--- audit-2.8.5.orig/init.d/auditd.conf	2019-03-01 21:19:13.000000000 +0100
++++ audit-2.8.5/init.d/auditd.conf	2019-05-27 10:02:17.350769165 +0200
+@@ -13,7 +13,7 @@
+ num_logs = 5
+ priority_boost = 4
+ disp_qos = lossy
+-dispatcher = /sbin/audispd
++dispatcher = /usr/sbin/audispd
+ name_format = NONE
+ ##name = mydomain
+ max_log_file_action = ROTATE
+diff -ru audit-2.8.5.orig/init.d/auditd.cron audit-2.8.5/init.d/auditd.cron
+--- audit-2.8.5.orig/init.d/auditd.cron	2019-02-04 15:26:52.000000000 +0100
++++ audit-2.8.5/init.d/auditd.cron	2019-05-27 10:02:17.350769165 +0200
+@@ -5,7 +5,7 @@
+ # based on a cron job.
+ ##########
+ 
+-/sbin/service auditd rotate
++/usr/sbin/service auditd rotate
+ EXITVALUE=$?
+ if [ $EXITVALUE != 0 ]; then
+     /usr/bin/logger -t auditd "ALERT exited abnormally with [$EXITVALUE]"
+diff -ru audit-2.8.5.orig/init.d/auditd.service audit-2.8.5/init.d/auditd.service
+--- audit-2.8.5.orig/init.d/auditd.service	2019-03-01 21:19:13.000000000 +0100
++++ audit-2.8.5/init.d/auditd.service	2019-05-27 10:02:56.066935836 +0200
+@@ -18,15 +18,15 @@
+ [Service]
+ Type=forking
+ PIDFile=/run/auditd.pid
+-ExecStart=/sbin/auditd
++ExecStart=/usr/sbin/auditd
+ ## To not use augenrules, copy this file to /etc/systemd/system/auditd.service
+ ## and comment/delete the next line and uncomment the auditctl line.
+ ## NOTE: augenrules expect any rules to be added to /etc/audit/rules.d/
+-ExecStartPost=-/sbin/augenrules --load
+-#ExecStartPost=-/sbin/auditctl -R /etc/audit/audit.rules
++ExecStartPost=-/usr/sbin/augenrules --load
++#ExecStartPost=-/usr/sbin/auditctl -R /etc/audit/audit.rules
+ # By default we don't clear the rules on exit. To enable this, uncomment
+ # the next line after copying the file to /etc/systemd/system/auditd.service
+-#ExecStopPost=/sbin/auditctl -R /etc/audit/audit-stop.rules
++#ExecStopPost=/usr/sbin/auditctl -R /etc/audit/audit-stop.rules
+ 
+ [Install]
+ WantedBy=multi-user.target
+diff -ru audit-2.8.5.orig/init.d/augenrules audit-2.8.5/init.d/augenrules
+--- audit-2.8.5.orig/init.d/augenrules	2019-02-04 15:26:52.000000000 +0100
++++ audit-2.8.5/init.d/augenrules	2019-05-27 10:02:17.354769182 +0200
+@@ -39,7 +39,7 @@
+ 
+ try_load() {
+ 	if [ $LoadRules -eq 1 ] ; then
+-		/sbin/auditctl -R ${DestinationFile}
++		/usr/sbin/auditctl -R ${DestinationFile}
+ 		RETVAL=$?
+ 	fi
+ }

audit.spec

@@ -1,26 +1,30 @@
 Name:          audit
-Version:       2.6.7
-Release:       3mamba
+Version:       3.0
+Release:       1mamba
 Summary:       User space tools for kernel auditing
 Group:         System/Tools
 Vendor:        openmamba
 Distribution:  openmamba
 Packager:      Silvan Calarco <silvan.calarco@mambasoft.it>
-URL:           http://people.redhat.com/sgrubb/audit
+URL:           https://people.redhat.com/sgrubb/audit
 Source:        http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
-Patch0:        libaudit-2.6.6-usrsbin.patch
+Patch0:        audit-2.8.5-usrsbin.patch
+Patch1:        audit-2.8.4-rundir.patch
 License:       GPL, LGPL
 ## AUTOBUILDREQ-BEGIN
 BuildRequires: glibc-devel
 BuildRequires: libcap-ng-devel
+BuildRequires: libe2fs-devel
 BuildRequires: libffi-devel
 BuildRequires: libgcrypt-devel
 BuildRequires: libgmp-devel
 BuildRequires: libgnutls-devel
 BuildRequires: libgpg-error-devel
+BuildRequires: libidn-devel
 BuildRequires: libkrb5-devel
 BuildRequires: libltdl-devel
 BuildRequires: libnettle-devel
+BuildRequires: libnsl-devel
 BuildRequires: libopenldap-devel
 BuildRequires: libopenssl-devel
 BuildRequires: libp11-kit-devel
@@ -28,9 +32,10 @@ BuildRequires: libprelude-devel
 BuildRequires: libpython-devel
 BuildRequires: libsasl2-devel
 BuildRequires: libtasn1-devel
+BuildRequires: libtirpc-devel
+BuildRequires: libunistring-devel
 BuildRequires: libwrap-devel
 BuildRequires: libz-devel
-BuildRequires: trousers-devel
 ## AUTOBUILDREQ-END
 BuildRequires: gcc-go
 BuildRequires: libgo-devel
@@ -38,7 +43,10 @@ BuildRequires: autoconf
 BuildRequires: automake
 BuildRequires: libtool
 BuildRequires: swig
+BuildRequires: libprelude-devel >= 5.2.0
 %systemd_requires
+Provides:      audit-plugins
+Obsoletes:     audit-plugins < 3.0
 BuildRoot:     %{_tmppath}/%{name}-%{version}-root
 
 %description
@@ -62,7 +70,7 @@ This package contains libraries and header files for developing applications tha
 %package -n lib%{name}-static
 Group:         Development/Libraries
 Summary:       Static libraries for %{name}
-Requires:      %{name}-devel = %{?epoch:%epoch:}%{version}-%{release}
+Requires:      lib%{name}-devel = %{?epoch:%epoch:}%{version}-%{release}
 
 %description -n lib%{name}-static
 This package contains the static libraries needed for developing applications that need to use static %{name} framework libraries.
@@ -70,7 +78,7 @@ This package contains the static libraries needed for developing applications th
 %package -n python-audit
 Summary:       Python bindings for libaudit
 Group:         Development/Libraries/Python
-Requires:      %{name} = %{?epoch:%epoch:}%{version}-%{release}
+Requires:      lib%{name} = %{?epoch:%epoch:}%{version}-%{release}
 
 %description -n python-audit
 The python-audit package contains the bindings so that libaudit and libauparse can be used by python.
@@ -79,25 +87,18 @@ The python-audit package contains the bindings so that libaudit and libauparse c
 Group:         Development/Libraries
 Summary:       Python3 bindings to %{name}
 Requires:      python3
-Requires:      %{name} = %{?epoch:%epoch:}%{version}-%{release}
+Requires:      lib%{name} = %{?epoch:%epoch:}%{version}-%{release}
 
 %description -n python-audit-py3
 The python-audit package containts Python 3 bindings to %{name}.
 The libaudit-devel package contains the header files needed for developing applications that need to use the audit framework libraries.
 
-%package plugins
-Group:        System/Tools
-Summary:      Plugins for the audit event dispatcher
-Requires:     %{name} = %{?epoch:%epoch:}%{version}-%{release}
-Requires:     audit = %{?epoch:%epoch:}%{version}-%{release}
-#Requires:     openldap
-
-%description plugins
-The audispd-plugins package provides plugins for the real-time interface to the audit system, audispd. These plugins can do things like relay events to remote machines or analyze events for suspicious behavior.
+%debug_package
 
 %prep
 %setup -q
-%patch0 -p1
+#%patch0 -p1
+#%patch1 -p1
 
 %build
 #autoreconf -v --install
@@ -107,8 +108,15 @@ The audispd-plugins package provides plugins for the real-time interface to the
   --enable-gssapi-krb5=yes \
   --with-libcap-ng=yes \
   --with-python=yes \
-  --enable-systemd=yes
-  
+  --enable-systemd=yes \
+  CFLAGS="%{optflags} -fcommon" \
+%ifarch arm
+  --with-arm \
+%endif   
+%ifarch aarch64
+  --with-aarch64 \
+%endif   
+
 %make
 
 %install
@@ -125,6 +133,8 @@ rm -f %{buildroot}%{python_sitearch}/_auparse.la
 rm -f %{buildroot}%{python_sitearch}/auparse.a
 rm -f %{buildroot}%{python_sitearch}/auparse.la
 
+install -d -m 0755 %{buildroot}%{_sysconfdir}/audit/rules.d
+
 %check
 make check
 
@@ -157,20 +167,26 @@ find /etc/rc[0-6].d/ -type l -xtype l -exec rm -f {} \;
 
 %files
 %defattr(-,root,root)
-%attr(750,root,root) %dir %{_sysconfdir}/audisp
-%config(noreplace) %attr(640,root,root) %{_sysconfdir}/audisp/audispd.conf
-%attr(750,root,root) %dir %{_sysconfdir}/audisp/plugins.d
-%config(noreplace) %attr(640,root,root) %{_sysconfdir}/audisp/plugins.d/af_unix.conf
-%config(noreplace) %attr(640,root,root) %{_sysconfdir}/audisp/plugins.d/syslog.conf
 %attr(750,root,root) %dir %{_sysconfdir}/audit
+%config(noreplace) %{_sysconfdir}/audit/audisp-remote.conf
+%{_sysconfdir}/audit/plugins.d/af_unix.conf
+%{_sysconfdir}/audit/plugins.d/au-remote.conf
+%{_sysconfdir}/audit/plugins.d/audispd-zos-remote.conf
+%{_sysconfdir}/audit/plugins.d/syslog.conf
+%{_sysconfdir}/audit/zos-remote.conf
 %config(noreplace) %attr(640,root,root) %{_sysconfdir}/audit/audit-stop.rules
-#%config(noreplace) %attr(640,root,root) %{_sysconfdir}/audit/rules.d/audit.rules
+%dir %{_sysconfdir}/audit/rules.d
 %config(noreplace) %attr(640,root,root) %{_sysconfdir}/audit/auditd.conf
+%dir %{_datadir}/audit/sample-rules
+%{_datadir}/audit/sample-rules/*.rules
+%{_datadir}/audit/sample-rules/README-rules
 %attr(644,root,root) %{_unitdir}/auditd.service
 %dir %{_libexecdir}/initscripts/legacy-actions/auditd
 %{_libexecdir}/initscripts/legacy-actions/auditd/*
 %attr(750,root,root) %dir %{_localstatedir}/log/audit
-%attr(750,root,root) %{_sbindir}/audispd
+%attr(750,root,root) %{_sbindir}/audispd-zos-remote
+%attr(750,root,root) %{_sbindir}/audisp-remote
+%attr(750,root,root) %{_sbindir}/audisp-syslog
 %attr(750,root,root) %{_sbindir}/auditctl
 %attr(750,root,root) %{_sbindir}/auditd
 %attr(750,root,root) %{_sbindir}/augenrules
@@ -181,12 +197,18 @@ find /etc/rc[0-6].d/ -type l -xtype l -exec rm -f {} \;
 %attr(755,root,root) %{_bindir}/aulastlog
 %attr(755,root,root) %{_bindir}/ausyscall
 %attr(750,root,root) %{_bindir}/auvirt
+%ifnarch arm aarch64
 %dir %{_prefix}/lib/golang/src/pkg/redhat.com/audit
-%{_mandir}/man5/audispd.conf.5*
+%endif
 %{_mandir}/man5/auditd.conf.5*
 %{_mandir}/man5/ausearch-expression.5*
+%{_mandir}/man5/auditd-plugins.5*
+%{_mandir}/man5/zos-remote.conf.5*
 %{_mandir}/man7/*.7*
-%{_mandir}/man8/audispd.8*
+%{_mandir}/man5/audisp-remote.conf.5*
+%{_mandir}/man8/audispd-zos-remote.8*
+%{_mandir}/man8/audisp-remote.8*
+%{_mandir}/man8/audisp-syslog.8*
 %{_mandir}/man8/auditctl.8*
 %{_mandir}/man8/auditd.8*
 %{_mandir}/man8/augenrules.8*
@@ -217,11 +239,13 @@ find /etc/rc[0-6].d/ -type l -xtype l -exec rm -f {} \;
 %{_libdir}/libauparse.la
 %{_libdir}/pkgconfig/auparse.pc
 %{_libdir}/pkgconfig/audit.pc
+%ifnarch arm aarch64
 %{_prefix}/lib/golang/src/pkg/redhat.com/audit/audit.go
+%endif
 %{_datadir}/aclocal/audit.m4
 %{_mandir}/man3/*.3.gz
-%doc contrib/skeleton.c contrib/plugin
-%doc ChangeLog README THANKS TODO
+#%doc contrib/skeleton.c contrib/plugin
+#%doc ChangeLog README THANKS TODO
 
 %files -n lib%{name}-static
 %defattr(-,root,root)
@@ -238,27 +262,55 @@ find /etc/rc[0-6].d/ -type l -xtype l -exec rm -f {} \;
 %defattr(-,root,root)
 %{python3_sitearch}/_audit.*
 %{python3_sitearch}/audit.py
+%{python3_sitearch}/__pycache__/audit.cpython-*.pyc
 %{python3_sitearch}/auparse.*
 
-%files plugins
-%defattr(-,root,root)
-%config(noreplace) %attr(640,root,root) %{_sysconfdir}/audisp/plugins.d/audispd-zos-remote.conf
-%config(noreplace) %attr(640,root,root) %{_sysconfdir}/audisp/zos-remote.conf
-%config(noreplace) %attr(640,root,root) %{_sysconfdir}/audisp/audisp-prelude.conf
-%config(noreplace) %attr(640,root,root) %{_sysconfdir}/audisp/plugins.d/au-prelude.conf
-%config(noreplace) %attr(640,root,root) %{_sysconfdir}/audisp/audisp-remote.conf
-%config(noreplace) %attr(640,root,root) %{_sysconfdir}/audisp/plugins.d/au-remote.conf
-%attr(750,root,root) %{_sbindir}/audispd-zos-remote
-%attr(750,root,root) %{_sbindir}/audisp-prelude
-%attr(750,root,root) %{_sbindir}/audisp-remote
-%{_mandir}/man5/zos-remote.conf.5*
-%{_mandir}/man8/audispd-zos-remote.8*
-%{_mandir}/man5/audisp-prelude.conf.5*
-%{_mandir}/man8/audisp-prelude.8*
-%{_mandir}/man5/audisp-remote.conf.5*
-%{_mandir}/man8/audisp-remote.8*
-
 %changelog
+* Tue Feb 09 2021 Automatic Build System <autodist@mambasoft.it> 3.0-1mamba
+- automatic version update by autodist
+
+* Sun Dec 20 2020 Silvan Calarco <silvan.calarco@mambasoft.it> 2.8.5-2mamba
+- rebuilt with debug package and libprelude 5.2.0
+
+* Mon May 27 2019 Automatic Build System <autodist@mambasoft.it> 2.8.5-1mamba
+- automatic version update by autodist
+
+* Sat Jan 05 2019 Silvan Calarco <silvan.calarco@mambasoft.it> 2.8.4-4mamba
+- apply path for /usr/sbin and rundir under /run
+
+* Fri Jan 04 2019 Silvan Calarco <silvan.calarco@mambasoft.it> 2.8.4-3mamba
+- other fix for auditd.service /usr/sbin path instead of /sbin
+
+* Sun Dec 30 2018 Silvan Calarco <silvan.calarco@mambasoft.it> 2.8.4-2mamba
+- install binaries under /usr/sbin and /usr/bin
+
+* Wed Sep 12 2018 Automatic Build System <autodist@mambasoft.it> 2.8.4-1mamba
+- automatic version update by autodist
+
+* Thu Mar 15 2018 Silvan Calarco <silvan.calarco@mambasoft.it> 2.8.3-1mamba
+- update to 2.8.3
+
+* Tue Dec 19 2017 Silvan Calarco <silvan.calarco@mambasoft.it> 2.8.2-1mamba
+- update to 2.8.2
+
+* Sat Nov 18 2017 Automatic Build System <autodist@mambasoft.it> 2.8.1-1mamba
+- automatic update by autodist
+
+* Tue May 02 2017 Automatic Build System <autodist@mambasoft.it> 2.7.6-1mamba
+- automatic version update by autodist
+
+* Fri Apr 28 2017 Silvan Calarco <silvan.calarco@mambasoft.it> 2.7.5-2mamba
+- rebuilt with root installatiion prefix  (/bin, /sbin)
+
+* Tue Apr 11 2017 Automatic Build System <autodist@mambasoft.it> 2.7.5-1mamba
+- automatic version update by autodist
+
+* Mon Apr 10 2017 Ercole 'ercolinux' Carpanetto <ercole69@gmail.com> 2.7.4-1mamba
+- update to 2.7.4
+
+* Fri Oct 07 2016 Silvan Calarco <silvan.calarco@mambasoft.it> 2.6.7-4mamba
+- libaudit-static: require libaudit-devel instead of audit-devel
+
 * Thu Sep 22 2016 Silvan Calarco <silvan.calarco@mambasoft.it> 2.6.7-3mamba
 - specfile was not renamed (webbuild rename function does this correctly)
 

libaudit-2.6.6-usrsbin.patch

@@ -1,30 +0,0 @@
-diff -Nru audit-2.4.4.orig/init.d/auditd.conf audit-2.4.4/init.d/auditd.conf
---- audit-2.4.4.orig/init.d/auditd.conf	2015-08-13 22:56:25.000000000 +0200
-+++ audit-2.4.4/init.d/auditd.conf	2015-12-01 19:54:24.403584662 +0100
-@@ -10,7 +10,7 @@
- freq = 20
- num_logs = 5
- disp_qos = lossy
--dispatcher = /sbin/audispd
-+dispatcher = /usr/sbin/audispd
- name_format = NONE
- ##name = mydomain
- max_log_file = 6 
---- audit-2.6.6/init.d/auditd.service.orig	2016-08-11 19:51:33.493168550 +0200
-+++ audit-2.6.6/init.d/auditd.service	2016-08-12 00:43:16.758055860 +0200
-@@ -9,12 +9,12 @@
- Documentation=man:auditd(8) https://people.redhat.com/sgrubb/audit/
- 
- [Service]
--ExecStart=/sbin/auditd -n
-+ExecStart=/usr/sbin/auditd -n
- ## To not use augenrules, copy this file to /etc/systemd/system/auditd.service
- ## and comment/delete the next line and uncomment the auditctl line.
- ## NOTE: augenrules expect any rules to be added to /etc/audit/rules.d/
--ExecStartPost=-/sbin/augenrules --load
--#ExecStartPost=-/sbin/auditctl -R /etc/audit/audit.rules
-+ExecStartPost=-/usr/sbin/augenrules --load
-+#ExecStartPost=-/usr/sbin/auditctl -R /etc/audit/audit.rules
- ExecReload=/bin/kill -HUP $MAINPID
- # By default we don't clear the rules on exit. To enable this, uncomment
- # the next line after copying the file to /etc/systemd/system/auditd.service