rpms/aide/devel aide.conf.rhel, NONE, 1.1 .cvsignore, 1.9, 1.10 aide.spec, 1.16, 1.17 sources, 1.9, 1.10 aide-0.12-getopt.patch, 1.1, NONE aide-0.12-rh-bugfixes.patch, 1.1, NONE
Michael Schwendt (mschwendt)
fedora-extras-commits at redhat.com
Fri Jan 5 22:20:03 UTC 2007
Author: mschwendt
Update of /cvs/extras/rpms/aide/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv4680
Modified Files:
.cvsignore aide.spec sources
Added Files:
aide.conf.rhel
Removed Files:
aide-0.12-getopt.patch aide-0.12-rh-bugfixes.patch
Log Message:
* Sun Dec 17 2006 Michael Schwendt <mschwendt[AT]users.sf.net> - 0.13.1-1
- Update to 0.13.1 release.
* Sun Dec 10 2006 Michael Schwendt <mschwendt[AT]users.sf.net> - 0.13-1
- Update to 0.13 release.
- Include default aide.conf from RHEL5 as doc example file.
* Sun Oct 29 2006 Michael Schwendt <mschwendt[AT]users.sf.net> - 0.12-3.20061027cvs
- CAUTION! This changes the database format and results in a report of
false inconsistencies until an old database file is updated.
- Check out CVS 20061027 which now contains Red Hat's
acl/xattr/selinux/audit patches.
- Patches merged upstream.
- Update manual page substitutions.
--- NEW FILE aide.conf.rhel ---
# Example configuration file for AIDE.
@@define DBDIR /var/lib/aide
# The location of the database to be read.
database=file:@@{DBDIR}/aide.db.gz
# The location of the database to be written.
#database_out=sql:host:port:database:login_name:passwd:table
#database_out=file:aide.db.new
database_out=file:@@{DBDIR}/aide.db.new.gz
# Whether to gzip the output to database
gzip_dbout=yes
# Default.
verbose=5
report_url=file:/var/log/aide.log
report_url=stdout
#report_url=stderr
#NOT IMPLEMENTED report_url=mailto:root at foo.com
#NOT IMPLEMENTED report_url=syslog:LOG_AUTH
# These are the default rules.
#
#p: permissions
#i: inode:
#n: number of links
#u: user
#g: group
#s: size
#b: block count
#m: mtime
#a: atime
#c: ctime
#acl: Access Control Lists
#selinux SELinux security context
#xattrs: Extended file attributes
#S: check for growing size
#md5: md5 checksum
#sha1: sha1 checksum
#sha256: sha256 checksum
#sha512: sha512 checksum
#rmd160: rmd160 checksum
#tiger: tiger checksum
#haval: haval checksum (MHASH only)
#gost: gost checksum (MHASH only)
#crc32: crc32 checksum (MHASH only)
#whirlpool: whirlpool checksum (MHASH only)
#R: p+i+n+u+g+s+m+c+acl+selinux+xattrs+md5
#L: p+i+n+u+g+acl+selinux+xattrs
#E: Empty group
#>: Growing logfile p+u+g+i+n+S+acl+selinux+xattrs
# You can create custom rules like this.
# With MHASH...
# ALLXTRAHASHES = sha1+rmd160+sha256+sha512+whirlpool+tiger+haval+gost+crc32
ALLXTRAHASHES = sha1+rmd160+sha256+sha512+tiger
# Everything but access time (Ie. all changes)
EVERYTHING = R+ALLXTRAHASHES
# Sane, with multiple hashes
# NORMAL = R+rmd160+sha256+whirlpool
NORMAL = R+rmd160+sha256
# For directories, don't bother doing hashes
DIR = p+i+n+u+g+acl+selinux+xattrs
# Access control only
PERMS = p+i+u+g+acl+selinux
# Logfile are special, in that they often change
LOG = >
# Just do md5 and sha256 hashes
LSPP = R+sha256
# Some files get updated automatically, so the inode/ctime/mtime change
# but we want to know when the data inside them changes
DATAONLY = p+n+u+g+s+acl+selinux+xattrs+md5+sha256+rmd160+tiger
# Next decide what directories/files you want in the database.
/boot NORMAL
/bin NORMAL
/sbin NORMAL
/lib NORMAL
/opt NORMAL
/usr NORMAL
/root NORMAL
# These are too volatile
!/usr/src
!/usr/tmp
# Check only permissions, inode, user and group for /etc, but
# cover some important files closely.
/etc PERMS
!/etc/mtab
# Ignore backup files
!/etc/.*~
/etc/exports NORMAL
/etc/fstab NORMAL
/etc/passwd NORMAL
/etc/group NORMAL
/etc/gshadow NORMAL
/etc/shadow NORMAL
/etc/security/opasswd NORMAL
/etc/hosts.allow NORMAL
/etc/hosts.deny NORMAL
/etc/sudoers NORMAL
/etc/skel NORMAL
/etc/logrotate.d NORMAL
/etc/resolv.conf DATAONLY
/etc/nscd.conf NORMAL
/etc/securetty NORMAL
# Shell/X starting files
/etc/profile NORMAL
/etc/bashrc NORMAL
/etc/bash_completion.d/ NORMAL
/etc/login.defs NORMAL
/etc/zprofile NORMAL
/etc/zshrc NORMAL
/etc/zlogin NORMAL
/etc/zlogout NORMAL
/etc/profile.d/ NORMAL
/etc/X11/ NORMAL
# Pkg manager
/etc/yum.conf NORMAL
/etc/yumex.conf NORMAL
/etc/yumex.profiles.conf NORMAL
/etc/yum/ NORMAL
/etc/yum.repos.d/ NORMAL
/var/log LOG
# This gets new/removes-old filenames daily
!/var/log/sa
# As we are checking it, we've truncated yesterdays size to zero.
!/var/log/aide.log
# LSPP rules...
# AIDE produces an audit record, so this becomes perpetual motion.
# /var/log/audit/ LSPP
/etc/audit/ LSPP
/etc/libaudit.conf LSPP
/usr/sbin/stunnel LSPP
/var/spool/at LSPP
/etc/at.allow LSPP
/etc/at.deny LSPP
/etc/cron.allow LSPP
/etc/cron.deny LSPP
/etc/cron.d/ LSPP
/etc/cron.daily/ LSPP
/etc/cron.hourly/ LSPP
/etc/cron.monthly/ LSPP
/etc/cron.weekly/ LSPP
/etc/crontab LSPP
/var/spool/cron/root LSPP
/etc/login.defs LSPP
/etc/securetty LSPP
/var/log/faillog LSPP
/var/log/lastlog LSPP
/etc/hosts LSPP
/etc/sysconfig LSPP
/etc/inittab LSPP
# Grub isn't in LSPP, but pretend it is
/etc/grub/ LSPP
/etc/rc.d LSPP
/etc/ld.so.conf LSPP
/etc/localtime LSPP
/etc/sysctl.conf LSPP
/etc/modprobe.conf LSPP
/etc/pam.d LSPP
/etc/security LSPP
/etc/aliases LSPP
/etc/postfix LSPP
/etc/ssh/sshd_config LSPP
/etc/ssh/ssh_config LSPP
/etc/stunnel LSPP
/etc/vsftpd.ftpusers LSPP
/etc/vsftpd LSPP
/etc/issue LSPP
/etc/issue.net LSPP
/etc/cups LSPP
# With AIDE's default verbosity level of 5, these would give lots of
# warnings upon tree traversal. It might change with future version.
#
#=/lost\+found DIR
#=/home DIR
# Dito /var/log/sa reason...
!/var/log/and-httpd
Index: .cvsignore
===================================================================
RCS file: /cvs/extras/rpms/aide/devel/.cvsignore,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- .cvsignore 14 Oct 2006 20:42:22 -0000 1.9
+++ .cvsignore 5 Jan 2007 22:19:33 -0000 1.10
@@ -1,2 +1,2 @@
-aide-0.12.tar.gz
-aide-0.12.tar.gz.asc
+aide-0.13.1.tar.gz.asc
+aide-0.13.1.tar.gz
Index: aide.spec
===================================================================
RCS file: /cvs/extras/rpms/aide/devel/aide.spec,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -r1.16 -r1.17
--- aide.spec 23 Oct 2006 21:52:39 -0000 1.16
+++ aide.spec 5 Jan 2007 22:19:33 -0000 1.17
@@ -6,22 +6,24 @@
Summary: Intrusion detection environment
Name: aide
-Version: 0.12
-Release: 2%{?dist}
+Version: 0.13.1
+Release: 1
URL: http://sourceforge.net/projects/aide
License: GPL
Group: Applications/System
Source0: http://download.sourceforge.net/aide/aide-%{version}.tar.gz
Source1: aide.conf
Source2: README.quickstart
-Patch0: aide-0.12-getopt.patch
-Patch1: aide-0.12-rh-bugfixes.patch
+Source3: aide.conf.rhel
Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot-%(%{__id_u} -n)
Buildrequires: mhash-devel zlib-devel
Buildrequires: flex bison
%if "%{?_with_curl}x" != "x"
Buildrequires: curl-devel
%endif
+Buildrequires: pkgconfig
+Buildrequires: libattr-devel libacl-devel libselinux-devel
+Buildrequires: audit-libs-devel >= 1.2.8-2
#Buildrequires: postgresql-devel libgcrypt-devel
#(needs --with-psql and -lgcrypt in src/Makefile.in)
@@ -32,8 +34,10 @@
%prep
%setup -q
-%patch0 -p1 -b .getopt
-%patch1 -p1 -b .rh-bugfixes
+
+# Adjust default paths in manual.
+sed -i -e 's!@sysconfdir@/aide.db\(.new\)\?!%{_localstatedir}/lib/aide/aide.db\1.gz!' doc/aide.1.in
+sed -i -e 's!@sysconfdir@/aide.conf!%{_sysconfdir}/aide.conf!' doc/aide.1.in
%build
@@ -41,14 +45,10 @@
--with-zlib \
--with-mhash --enable-mhash \
%{?_with_curl} %{?_without_curl} \
+ --with-selinux --with-posix-acl --with-configmactype=sha256 \
+ --with-audit \
%{?nostatic}
-# Adjust default database paths.
-perl -pi -e 's!%{_sysconfdir}/aide.db!%{_localstatedir}/lib/aide.db!' config.h
-# Adjust default paths in manual.
-perl -pi -e 's!<prefix>/etc/aide.db!%{_localstatedir}/lib/aide.db!' doc/aide.1
-perl -pi -e 's!<prefix>/etc/aide.conf!%{_sysconfdir}/aide.conf!' doc/aide.1
-
make %{?_smp_mflags}
@@ -59,6 +59,7 @@
install -p %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}
mkdir -p -m0700 $RPM_BUILD_ROOT%{_localstatedir}/lib/aide
install -p %{SOURCE2} README.quickstart
+install -p %{SOURCE3} aide.conf.rhel
%clean
@@ -68,7 +69,7 @@
%files
%defattr(0644,root,root,0755)
%doc AUTHORS COPYING ChangeLog NEWS README doc/manual.html contrib/
-%doc README.quickstart
+%doc README.quickstart aide.conf.rhel
%attr(0700,root,root) %{_sbindir}/aide
%{_mandir}/man1/*
%{_mandir}/man5/*
@@ -77,6 +78,21 @@
%changelog
+* Sun Dec 17 2006 Michael Schwendt <mschwendt[AT]users.sf.net> - 0.13.1-1
+- Update to 0.13.1 release.
+
+* Sun Dec 10 2006 Michael Schwendt <mschwendt[AT]users.sf.net> - 0.13-1
+- Update to 0.13 release.
+- Include default aide.conf from RHEL5 as doc example file.
+
+* Sun Oct 29 2006 Michael Schwendt <mschwendt[AT]users.sf.net> - 0.12-3.20061027cvs
+- CAUTION! This changes the database format and results in a report of
+ false inconsistencies until an old database file is updated.
+- Check out CVS 20061027 which now contains Red Hat's
+ acl/xattr/selinux/audit patches.
+- Patches merged upstream.
+- Update manual page substitutions.
+
* Mon Oct 23 2006 Michael Schwendt <mschwendt[AT]users.sf.net> - 0.12-2
- Add "memory leaks and performance updates" patch as posted
to aide-devel by Steve Grubb.
Index: sources
===================================================================
RCS file: /cvs/extras/rpms/aide/devel/sources,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- sources 14 Oct 2006 20:42:22 -0000 1.9
+++ sources 5 Jan 2007 22:19:33 -0000 1.10
@@ -1,2 +1,2 @@
-fee8da9fe8ac4f78de1a237290ed3204 aide-0.12.tar.gz
-1073f8839dc68c6e0ae1251dd2371584 aide-0.12.tar.gz.asc
+eb724c089677d634a02d015ef943522c aide-0.13.1.tar.gz.asc
+27978cc6bca4f0fbf3f6f5a1b330661c aide-0.13.1.tar.gz
--- aide-0.12-getopt.patch DELETED ---
--- aide-0.12-rh-bugfixes.patch DELETED ---
More information about the scm-commits
mailing list