%{?_with_static: %define nostatic 0} %{!?_with_static: %define nostatic 1} Summary: Intrusion detection environment Name: aide Version: 0.12 Release: 7 URL: http://sourceforge.net/projects/aide License: GPL Group: Applications/System Source0: http://download.sourceforge.net/aide/aide-%{version}.tar.gz Source1: aide.conf Source2: README.quickstart Patch0: aide-0.12-xattrs.patch Patch1: aide-0.12-audit.patch Patch2: aide-0.12-nomhash.patch Patch3: aide-0.12-dbnames.patch Patch4: aide-0.12-memleak.patch Patch5: aide-0.12-man.patch Patch6: aide-0.12-aclleak.patch Patch7: aide-0.12-exitcode.patch Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot-%(%{__id_u} -n) Buildrequires: zlib-devel libgcrypt-devel Buildrequires: flex bison autoconf automake Buildrequires: libattr-devel libacl-devel libselinux-devel Buildrequires: audit-libs-devel >= 1.2.8-2 %description AIDE (Advanced Intrusion Detection Environment) is a file integrity checker and intrusion detection program. %prep %setup -q %patch0 -p1 -b .xattrs %patch1 -p1 -b .audit %patch2 -p1 -b .nomhash %patch3 -p1 -b .dbnames %patch4 -p1 -b .leaks+perf %patch5 -p1 -b .man %patch6 -p1 -b .acl %patch7 -p0 -b .exit %build echo "define(AIDE_VERSION, 0.12+xattrs+sha256+audit+fixes)" > version.m4 autoreconf %configure --with-config_file=%{_sysconfdir}/aide.conf \ --with-zlib \ --disable-static \ --with-selinux --with-posix-acl --with-audit # No mhash... # --with-configmactype=sha256 \ # Adjust default database paths. perl -pi -e 's!%{_sysconfdir}/aide.db!%{_localstatedir}/lib/aide.db!' config.h # Hack echo "#define HAVE_STPCPY 1" >> config.h # Adjust default paths in manual. perl -pi -e 's!<prefix>/etc/aide.db!%{_localstatedir}/lib/aide.db!' doc/aide.1 perl -pi -e 's!<prefix>/etc/aide.conf!%{_sysconfdir}/aide.conf!' doc/aide.1 make %{?_smp_mflags} %install rm -rf $RPM_BUILD_ROOT %makeinstall bindir=$RPM_BUILD_ROOT%{_sbindir} mkdir -p $RPM_BUILD_ROOT%{_sysconfdir} install -p %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir} mkdir -p -m0700 $RPM_BUILD_ROOT%{_localstatedir}/lib/aide install -p %{SOURCE2} README.quickstart mkdir -p -m0755 $RPM_BUILD_ROOT%{_mandir}/ru/man{1,5} %clean rm -rf $RPM_BUILD_ROOT %files %defattr(0644,root,root,0755) %doc AUTHORS COPYING ChangeLog NEWS README doc/manual.html contrib/ %doc README.quickstart %attr(0700,root,root) %{_sbindir}/aide %{_mandir}/man1/* %{_mandir}/man5/* %config(noreplace) %attr(0600,root,root) %{_sysconfdir}/aide.conf %dir %attr(0700,root,root) %{_localstatedir}/lib/aide %changelog * Thu Nov 30 2006 Steve Grubb <sgrubb@redhat.com> - 0.12-7 - Fix return code for --check so that its not always 0. Resolves: #217922 * Wed Nov 29 2006 Steve Grubb <sgrubb@redhat.com> - 0.12-6 - Fix acl memory leak. Resolves: #211182 * Thu Nov 2 2006 James Antill <jantill@redhat.com> - 0.12-5 - Man page fix from Mark Anderson. - Resolves: rhbz#213758 * Mon Oct 16 2006 Steve Grubb <sgrubb@redhat.com> - 0.12-3 - Rebuild due to bad audit headers (#211056) * Mon Oct 16 2006 James Antill <jantill@redhat.com> - 0.12-1 - Moved to upstream 0.12 final. - More fixes for nomhash/etc. - Merged Steve's dbnames patch. - Merged Steve's memleak+perf patch. * Fri Oct 12 2006 James Antill <jantill@redhat.com> - 0.12_rc1-8 - Removed mhash dep. ... which also means HMAC goes away. * Thu Oct 12 2006 James Antill <jantill@redhat.com> - 0.12_rc1-6 - Add LSPP audit watch rules to default config. file - Remove /var/log/sa from default config. file, due to add/rm files daily. - Integrate audit patch from steve. * Thu Oct 12 2006 James Antill <jantill@redhat.com> - 0.12_rc1-4 - Mem double free fix. - Add security build options. * Wed Oct 11 2006 James Antill <jantill@redhat.com> - 0.12_rc1-3 - Move to latest upstream. - Massive amount of warning fixes. - Add acl/selinux/xattr support. - Add SHA256, SHA512, WHIRLPOOL hashes support. - Non-trivial DB/infrastructure changes for the above. * Sun Feb 19 2006 Michael Schwendt <mschwendt[AT]users.sf.net> - 0.11-1 - Update to 0.11 release. - useless-includes patch merged upstream. - old Russian man pages not available anymore. - disable static linking. * Fri Apr 7 2005 Michael Schwendt <mschwendt[AT]users.sf.net> - rebuilt * Fri Nov 28 2003 Michael Schwendt <mschwendt[AT]users.sf.net> - 0:0.10-0.fdr.1 - Update to 0.10 release. - memleaks patch merged upstream. - rootpath patch merged upstream. - fstat patch not needed anymore. - Updated URL. * Thu Nov 13 2003 Michael Schwendt <mschwendt[AT]users.sf.net> - 0:0.10-0.fdr.0.2.cvs20031104 - Added buildreq m4 to work around incomplete deps of bison package. * Tue Nov 04 2003 Michael Schwendt <mschwendt[AT]users.sf.net> - 0:0.10-0.fdr.0.1.cvs20031104 - Only tar.gz available upstream. - byacc not needed when bison -y is available. - Installed Russian manual pages. - Updated with changes from CVS (2003-11-04). - getopt patch merged upstream. - bison-1.35 patch incorporated upstream. * Tue Sep 09 2003 Michael Schwendt <mschwendt[AT]users.sf.net> - 0:0.9-0.fdr.0.2.20030902 - Added fixes for further memleaks. * Sun Sep 07 2003 Michael Schwendt <mschwendt[AT]users.sf.net> - 0:0.9-0.fdr.0.1.20030902 - Initial package version.