Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:yudjjdzl
aide
_service:download_src_package:aide.spec
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:download_src_package:aide.spec of Package aide
# # spec file for package aide # # Copyright (c) 2022 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via https://bugs.opensuse.org/ # Name: aide Version: 0.17.4 Release: 1.1 Summary: Advanced Intrusion Detection Environment License: GPL-2.0-or-later URL: https://aide.github.io/ Source0: https://github.com/aide/aide/releases/download/v%{version}/aide-%{version}.tar.gz Source1: aide.conf Source2: aide-cron_daily.sh Source3: aide-test.sh Source4: aide.service Source5: aide.service.8 Source6: aide.timer Source7: aide.timer.8 Source8: aide_service.conf Source42: https://github.com/aide/aide/releases/download/v%{version}/aide-%{version}.tar.gz.asc Source43: aide.keyring Patch1: aide-0.17.3-as-needed.patch Patch2: aide-xattr-in-libc.patch Patch3: aide-systemd.patch BuildRequires: automake BuildRequires: bison BuildRequires: curl-devel BuildRequires: flex BuildRequires: gzip BuildRequires: libacl-devel BuildRequires: libgcrypt-devel BuildRequires: libselinux-devel BuildRequires: pcre-devel BuildRequires: pkgconfig BuildRequires: systemd-rpm-macros BuildRequires: zlib-devel %description AIDE is an intrusion detection system that checks file integrity. %package test Summary: Simple AIDE testing %description test Simple AIDE test script for externalized testing. %prep %setup -q %patch1 -p1 %patch2 -p1 %patch3 -p1 %build autoreconf -fiv %configure \ --with-config_file=%{_sysconfdir}/aide.conf \ --with-dbhmactype=md5 \ --disable-static \ --enable-lfs \ --with-posix-acl \ --with-xattr \ --with-selinux \ --with-curl \ --with-zlib \ --with-gcrypt \ --without-mhash # --enable-forced_configmd %make_build %install %make_install install -m 700 -d %{buildroot}%{_localstatedir}/lib/aide install -m 700 -d %{buildroot}%{_sysconfdir} install -m 700 -d %{buildroot}%{_unitdir}/ install -m 700 -d %{buildroot}%{_mandir}/man8 install -m 600 %{SOURCE1} %{buildroot}%{_sysconfdir}/aide.conf install -m 700 %{SOURCE3} %{buildroot}%{_bindir}/ install -m 644 %{SOURCE4} %{buildroot}%{_unitdir}/aide.service install -m 644 %{SOURCE6} %{buildroot}%{_unitdir}/aide.timer install -m 644 %{SOURCE5} %{buildroot}%{_mandir}/man8/aide.service.8 install -m 644 %{SOURCE7} %{buildroot}%{_mandir}/man8/aide.timer.8 install -m 600 %{SOURCE8} %{buildroot}%{_sysconfdir}/aide_service.conf gzip -9 %{buildroot}%{_mandir}/man8/aide.service.8 gzip -9 %{buildroot}%{_mandir}/man8/aide.timer.8 mkdir -p doc/examples%{_sysconfdir}/cron.daily/ cp -a %{SOURCE2} doc/examples%{_sysconfdir}/cron.daily/aide.sh %post if ! grep -q "database_in" %{_sysconfdir}/aide.conf ; then # with the 0.17 update some backward incompatible changes were made to the config file. Therefore, we have to adapt those parameters, otherwise the program will fail sed -i 's/database=/database_in=/' %{_sysconfdir}/aide.conf sed -i '/verbose=/d' %{_sysconfdir}/aide.conf sed -i 's/\t/ /g' %{_sysconfdir}/aide.conf fi %systemd_post %{name}.service %{name}.timer %preun %systemd_preun %{name}.service %{name}.timer %postun %systemd_postun %{name}.service %{name}.timer %check rm -rf %{_localstatedir}/tmp/aide-test mkdir %{_localstatedir}/tmp/aide-test export TESTDIR=%{_localstatedir}/tmp/aide-test %make_build DESTDIR=$TESTDIR install install -m 700 -d $TESTDIR%{_localstatedir}/lib/aide install -m 700 -d $TESTDIR%{_sysconfdir} install -m 600 %{SOURCE1} $TESTDIR%{_sysconfdir}/aide.conf.new sed -e "s#%{_localstatedir}/lib/aide#$TESTDIR%{_localstatedir}/lib/aide#g" <$TESTDIR%{_sysconfdir}/aide.conf.new >$TESTDIR%{_sysconfdir}/aide.conf if ! grep -q "database_in" %{_sysconfdir}/aide.conf ; then # with the 0.17 update some backward incompatible changes were made to the config file. Therefore, we have to adapt those parameters, otherwise the program will fail sed -i 's/database=/database_in=/' $TESTDIR%{_sysconfdir}/aide.conf sed -i '/verbose=/d' $TESTDIR%{_sysconfdir}/aide.conf sed -i 's/\t/ /g' $TESTDIR%{_sysconfdir}/aide.conf fi $TESTDIR/usr/bin/aide -D -c $TESTDIR%{_sysconfdir}/aide.conf sleep 2 sync sleep 2 $TESTDIR/usr/bin/aide -c $TESTDIR%{_sysconfdir}/aide.conf --init mv $TESTDIR%{_localstatedir}/lib/aide/aide.db.new $TESTDIR%{_localstatedir}/lib/aide/aide.db $TESTDIR/usr/bin/aide -c $TESTDIR%{_sysconfdir}/aide.conf --check --log-level=info rm -rf $TESTDIR %files %license COPYING %doc AUTHORS ChangeLog NEWS README doc/examples %{_bindir}/aide /%{_mandir}/man1/aide.1.gz /%{_mandir}/man5/aide.conf.5.gz %{_localstatedir}/lib/aide %config(noreplace) %{_sysconfdir}/aide.conf %config(noreplace) %{_sysconfdir}/aide_service.conf %{_unitdir}/aide.service %{_unitdir}/aide.timer %{_mandir}/man8/aide.timer.8* %{_mandir}/man8/aide.service.8* %files test %{_bindir}/aide-test.sh %changelog * Tue Mar 29 2022 Paolo Stivanin <info@paolostivanin.com> - Update to 0.17.4: * fix CVE-2021-45417: precalculate buffer size in base64 functions (bsc#1194735) * Thu Nov 4 2021 Stefan Schubert <schubi@suse.de> - Added aide.service and aide.timer in order to run aide periodically in the background via systemd timer. - aide-systemd.patch: hook in new manpages * Fri Apr 2 2021 Marcus Meissner <meissner@suse.com> - added missing pcre-devel buildrequires. * Wed Feb 24 2021 Paolo Stivanin <info@paolostivanin.com> - Update default config file to match v0.17 * Wed Feb 24 2021 Paolo Stivanin <info@paolostivanin.com> - Update to 0.17.3: * BACKWARDS INCOMPATIBLE CHANGES - '--verbose' command line option and 'verbose' config option are no longer supported, use 'log_level' and 'report_level' options instead - '--report' command line option is no longer supported, use 'report_url' config option instead - 'ignore_list' config option is no longer supported, use 'report_ignore_changed_attrs' instead - 'report_attributes' config option is no longer supported, use 'report_force_attrs' instead - (restricted) regular rules must start with literal '/', i.e. the rule cannot begin with a macro variable - config lines must end with new line - '@' and ' ' in the configuration are now escaped with '\', that means to match a '\' you have to use four backslashes '\\\\' in your rules - 'gzip_dbout=false' fails now with config error when no zlib support is compiled in - remove '--with-initial-errors' configure option - remove PostgreSQL database backend support - remove Sun ACL support - remove config and database signing support * Enhancements: - add new '--log-level' command line option and 'log_level' config option - introduce named log levels - add new 'report' log level to help to debug rule matching - add new 'config' log level to help to debug config and rule parsing - aad new '--dry-init' command - add new '--path-check' command - add directory support for @@include - add new @@x_include config macro - add new @@x_include_setenv config macro - add new default compound group 'H' (all compiled-in hashsums) - add support for per-report_url options - add new 'report_level' config option - add new 'report_append' config option - add exit code 21 for file lock errors - add default config values, available hashsums and compound groups to '--version' output - add Linux capabilities support - show changed attributes in 'different attributes' message - enable 'gost' and 'whirlpool' checksums when using gcrypt - add 'stribog256' and 'stribog512' gcrypt algorithms - add config file names to log output * Miscellaneous behaviour changes: - 'report_summarize_changes': hashsum changes are now indicated with 'H' - print '--help' and '--verion' output to stdout - log messages and errors are always written to stderr - initialise report URLs after configuration parsing - allow empty values for macro variables - SIGUSR1 now toggles debug log level - fail on errors in regular expressions during config parsing - fail on invalid URLs during config check - Fail on double slash in rule path - cache log lines when 'log_level' is not yet set * Deprecations: - 'database' config option is now deprecated, use 'database_in' instead - 'summarize_changes' config option is now deprecated, use 'report_summarize_changes' instead - 'grouped' config option is now deprecated, use 'report_grouped' instead - non-alphanumeric group names are deprecated * Notable bug fixes: - fix line numbers in log messages - remove warning when input database is '/dev/null' - correctly handle UTF-8 in path names and rules - fix compilation with curl and gcrypt - warn on unsupported hash algorithms - improve large-file support * Remove obsolete aide-attributes.sh script * Remove outdated manual.html * Update documentation - Rename aide-0.16.1-as-needed.patch to and rebase aide-0.17.3-as-needed.patch - Rebase aide-xattr-in-libc.patch - Remove aide-define_hash_use_gcrypt.patch (no longer needed) - Remove aide-dynamic.patch (no longer needed) * Thu Jul 30 2020 Matthias Eliasson <elimat@opensuse.org> - Update to 0.16.2 Bug fixes: * Fix handling of directory-restricted negative rules * Don't lock '/dev/null' when used as output database * Fix parsing of rules containing '?' quantifier * Fix extended attributes support (xattrs) * Fix processing of go files Please note: * The addition of the "trusted.*", "user.*" and the "security.*" namespaces to the xattrs attribute might lead to a vast amount of reported changed entries during your next AIDE run. You can use the `report_ignore_changed_attrs` option (see aide.conf(5)) to ignore changes of the xattrs attribute; but be aware that this will exclude the expected but also the unexpected (potentially malicious) changes. - Run spec-cleaner * Thu Jul 11 2019 <abergmann@suse.com> - Remove not available gcrypt algorithm 7 DB_HAVAL (bsc#1098360). Add aide-define_hash_use_gcrypt.patch * Sun Mar 17 2019 Matthias Eliasson <elimat@opensuse.org> - Update to 0.16.1 * Move to GitHub * Update documentation * Bug fixes - Upstream have moved to GitHub update URL and Source URLs accordingly - Refresh patch: aide-xattr-in-libc.patch - aide-0.16.1-as-needed.patch: replaces aide-0.16-as-needed.patch - Some cleanup of spec with spec-cleaner * Wed Jan 18 2017 meissner@suse.com - Updated to 0.16 - lots of bugfixes - including regexp matching within subdirectories of expressions - aide-0.16-as-needed.patch: replaces aide-0.15.1-as-needed.patch - aide-no_m4_dir.patch: upstream - aide.keyring: added from keyserver, cross checked key id on http://aide.sourceforge.net/ and a signature from someone I signed. * Thu Jul 2 2015 meissner@suse.com - aide-dynamic.patch: avoid overwriting dl* functions, as we might load libcrypto.so dynamically in FIPS mode. * Wed May 28 2014 crrodriguez@opensuse.org - aide-xattr-in-libc.patch: Once upon a time, 10 years ago, basic extended attribute functionality moved to libc, therefore libattr is most of the time, not needed at all. * Thu Jan 23 2014 meissner@suse.com - seperate a -test package to help with externalized testing. * Wed Jan 15 2014 meissner@suse.com - aide.conf: Move from md5 and sha1 as default to sha256+sha512, also to allow FIPS enabling with aide working. FATE#315925 * Fri Apr 26 2013 mmeister@suse.com - Removed AC_CONFIG_MACRO_DIR([m4]) from configure.in to fix build with new automake: aide-no_m4_dir.patch * Wed Jan 4 2012 crrodriguez@opensuse.org - libmhash development was abandoned in 2007, so it is time for it to go into the library heaven, use libgcrypt instead. * Fri Dec 2 2011 coolo@suse.com - add automake as buildrequire to avoid implicit dependency * Sat Sep 17 2011 jengelh@medozas.de - Remove redundant tags/sections from specfile - Add missing call to make - Use %%_smp_mflags for parallel build * Fri Oct 1 2010 freespacer@gmx.de - updated to version 0.15.1 - Ignore changed file name if attributes does not match - Allow absence of DB_CHECKINODE if file name has changed - renew patch * Tue Aug 10 2010 meissner@suse.de - updated to 0.15 - lots of fixes and some new stuff * Thu Apr 29 2010 ro@suse.de - make aide check verbose to get started - add sleep and sync to fix build * Wed Aug 26 2009 mls@suse.de - make patch0 usage consistent * Wed Jun 17 2009 crrodriguez@suse.de - fix build when as-needed is a default liker option * Mon Jan 5 2009 meissner@suse.de - fixed abort on check/update by removing the hash requirement bnc#406597 - fixed version output bnc#463511 - enhanced testcase to also run one aide --check * Fri Aug 22 2008 meissner@suse.de - enabled SELinux support [Fate#303662] - enabled curl - disable static (does not make much sense) * Tue Feb 12 2008 meissner@suse.de - Version 0.13.1 * Fixed bug with reading gzipped aide.db files * Removed dead ustat code - Version 0.13 * Added support for selinux and xattr attributes (kindly contributed by Red Hat) * Added support for the Linux Audit System (kindly contributed by Red Hat) * Fixed usage of libgcrypt instead of libmhash * Added file locking for output files * Fixed bugs - Version 0.12 * Fixed bugs * Allow http/https/ftp URLs through libcurl * Support posix_fadvice() to avoid caching files - enabled ACL and XATTR support * Thu Mar 29 2007 meissner@suse.de - buildrequires flex,bison * Thu Apr 13 2006 meissner@suse.de - run aide --init as test * Mon Feb 20 2006 mge@suse.de - update to 0.11 - fixes bug #149059 * Wed Jan 25 2006 mls@suse.de - converted neededforbuild to BuildRequires * Sat Jan 14 2006 schwab@suse.de - Don't strip binaries. * Fri Mar 18 2005 mge@suse.de - fixes #71272 - aide-0.10-47 config files not yet converted to utf8 * Mon Jan 26 2004 mge@suse.de - upgrade to 0.10 - #33600: more usable default aide.conf (thanks to Dirk Mueller <dmuell@gmx.net>) - example-cron-job * Sat Jan 10 2004 adrian@suse.de - build as user * Wed Nov 13 2002 ro@suse.de - fix build for current bison * Thu Aug 15 2002 mge@suse.de - update to 0.9 * Mon Apr 9 2001 ro@suse.de - don't use macro for version - remove obsolete macros * Wed Nov 22 2000 mge@suse.de - created PAC files - make SPEC file 7.0 compliant * Sat Jul 15 2000 mge@suse.de - initial SuSE RPM, config file /etc/aide.conf * Tue Jan 25 2000 Matthew Kirkwood <weejock@ferret.lmh.ox.ac.uk> - Fixes for RH 6.1 and sysconfdir changed to /etc and /var/lib/aide added * Sat Sep 11 1999 Rami Lehti <rammer@cs.tut.fi> - Some small changes to make this autogeneratable by configure. * Fri Sep 10 1999 Zach Brown <zab@redhat.com> - First go
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor