From 58f89e9db2b2e96f1f31d6bf93379e4fa53c3de0 Mon Sep 17 00:00:00 2001 From: MSVSphere Packaging Team Date: Fri, 25 Oct 2024 13:50:57 +0300 Subject: [PATCH] import aide-0.18.6-6.el10 --- .aide.metadata | 1 + .gitignore | 1 + SOURCES/README.quickstart | 40 +++ SOURCES/aide-verbose.patch | 34 +++ SOURCES/aide.conf | 224 +++++++++++++++++ SOURCES/aide.logrotate | 9 + SOURCES/gnutls.patch | 487 +++++++++++++++++++++++++++++++++++++ SPECS/aide.spec | 374 ++++++++++++++++++++++++++++ 8 files changed, 1170 insertions(+) create mode 100644 .aide.metadata create mode 100644 .gitignore create mode 100644 SOURCES/README.quickstart create mode 100644 SOURCES/aide-verbose.patch create mode 100644 SOURCES/aide.conf create mode 100644 SOURCES/aide.logrotate create mode 100644 SOURCES/gnutls.patch create mode 100644 SPECS/aide.spec diff --git a/.aide.metadata b/.aide.metadata new file mode 100644 index 0000000..c6500fa --- /dev/null +++ b/.aide.metadata @@ -0,0 +1 @@ +c699190eba9fcaa29ee362f57fb1a05dd74d947a SOURCES/aide-0.18.6.tar.gz diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..58a533c --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/aide-0.18.6.tar.gz diff --git a/SOURCES/README.quickstart b/SOURCES/README.quickstart new file mode 100644 index 0000000..87adc63 --- /dev/null +++ b/SOURCES/README.quickstart @@ -0,0 +1,40 @@ +1) Customize /etc/aide.conf to your liking. In particular, add + important directories and files which you would like to be + covered by integrity checks. Avoid files which are expected + to change frequently or which don't affect the safety of your + system. + +2) Run "/usr/sbin/aide --init" to build the initial database. + With the default setup, that creates /var/lib/aide/aide.db.new.gz + +3) Store /etc/aide.conf, /usr/sbin/aide and /var/lib/aide/aide.db.new.gz + in a secure location, e.g. on separate read-only media (such as + CD-ROM). Alternatively, keep MD5 fingerprints or GPG signatures + of those files in a secure location, so you have means to verify + that nobody modified those files. + +4) Copy /var/lib/aide/aide.db.new.gz to /var/lib/aide/aide.db.gz + which is the location of the input database. + +5) Run "/usr/sbin/aide --check" to check your system for inconsistencies + compared with the AIDE database. Prior to running a check manually, + ensure that the AIDE binary and database have not been modified + without your knowledge. + + Caution! + + With the default setup, an AIDE check is not run periodically as a + cron job. It cannot be guaranteed that the AIDE binaries, config + file and database are intact. It is not recommended that you run + automated AIDE checks without verifying AIDE yourself frequently. + In addition to that, AIDE does not implement any password or + encryption protection for its own files. + + It is up to you how to put a file integrity checker to good effect + and how to set up automated checks if you think it adds a level of + safety (e.g. detecting failed/incomplete compromises or unauthorized + modification of special files). On a compromised system, the + intruder could disable the automated check. Or he could replace the + AIDE binary, config file and database easily when they are not + located on read-only media. + diff --git a/SOURCES/aide-verbose.patch b/SOURCES/aide-verbose.patch new file mode 100644 index 0000000..d95bb14 --- /dev/null +++ b/SOURCES/aide-verbose.patch @@ -0,0 +1,34 @@ +diff -up ./src/conf_eval.c.verbose ./src/conf_eval.c +--- ./src/conf_eval.c.verbose 2023-04-01 18:25:38.000000000 +0200 ++++ ./src/conf_eval.c 2024-05-15 00:08:41.040033220 +0200 +@@ -187,6 +187,7 @@ static void set_database_attr_option(DB_ + static void eval_config_statement(config_option_statement statement, int linenumber, char *filename, char* linebuf) { + char *str; + bool b; ++ long num; + DB_ATTR_TYPE attr; + switch (statement.option) { + ATTRIBUTE_CONFIG_OPTION_CASE(REPORT_IGNORE_ADDED_ATTRS_OPTION, report_ignore_added_attrs) +@@ -298,8 +299,20 @@ static void eval_config_statement(config + LOG_CONFIG_FORMAT_LINE(LOG_LEVEL_CONFIG, "set 'config_version' option to '%s'", str) + break; + case VERBOSE_OPTION: +- log_msg(LOG_LEVEL_ERROR, "%s:%d: 'verbose' option is no longer supported, use 'log_level' and 'report_level' options instead (see man aide.conf for details) (line: '%s')", conf_filename, conf_linenumber, conf_linebuf); +- exit(INVALID_CONFIGURELINE_ERROR); ++ log_msg(LOG_LEVEL_CONFIG, "%s:%d: 'verbose' option is deprecated, use 'log_level' and 'report_level' options instead (see man aide.conf for details) (line: '%s')", conf_filename, conf_linenumber, conf_linebuf); ++ str = eval_string_expression(statement.e, linenumber, filename, linebuf); ++ num = strtol(str, NULL, 10); ++ ++ if (num < 0 || num > 255) { ++ LOG_CONFIG_FORMAT_LINE(LOG_LEVEL_ERROR, "invalid verbose level: '%s'", str); ++ exit(INVALID_CONFIGURELINE_ERROR); ++ } ++ ++ if (num >= 10) { ++ set_log_level(LOG_LEVEL_DEBUG); ++ } ++ ++ free(str); + break; + case LIMIT_CMDLINE_OPTION: + /* command-line options are ignored here */ diff --git a/SOURCES/aide.conf b/SOURCES/aide.conf new file mode 100644 index 0000000..57b15b9 --- /dev/null +++ b/SOURCES/aide.conf @@ -0,0 +1,224 @@ +# Example configuration file for AIDE. + +@@define DBDIR /var/lib/aide +@@define LOGDIR /var/log/aide + +# The location of the database to be read. +database_in=file:@@{DBDIR}/aide.db.gz + +# The location of the database to be written. +#database_out=sql:host:port:database:login_name:passwd:table +#database_out=file:aide.db.new +database_out=file:@@{DBDIR}/aide.db.new.gz + +# Whether to gzip the output to database +gzip_dbout=yes + +# Default. +log_level=warning +report_level=changed_attributes + +report_url=file:@@{LOGDIR}/aide.log +report_url=stdout +#report_url=stderr +#NOT IMPLEMENTED report_url=mailto:root@foo.com +#NOT IMPLEMENTED report_url=syslog:LOG_AUTH + +# These are the default rules. +# +#p: permissions +#i: inode: +#n: number of links +#u: user +#g: group +#s: size +#b: block count +#m: mtime +#a: atime +#c: ctime +#S: check for growing size +#acl: Access Control Lists +#selinux SELinux security context +#xattrs: Extended file attributes +#md5: md5 checksum +#sha1: sha1 checksum +#sha256: sha256 checksum +#sha512: sha512 checksum +#rmd160: rmd160 checksum +#tiger: tiger checksum + +#haval: haval checksum (MHASH only) +#gost: gost checksum (MHASH only) +#crc32: crc32 checksum (MHASH only) +#whirlpool: whirlpool checksum (MHASH only) + +FIPSR = p+i+n+u+g+s+m+c+acl+selinux+xattrs+sha256 + +#R: p+i+n+u+g+s+m+c+acl+selinux+xattrs+md5 +#L: p+i+n+u+g+acl+selinux+xattrs +#E: Empty group +#>: Growing logfile p+u+g+i+n+S+acl+selinux+xattrs + +# You can create custom rules like this. +# With MHASH... +# ALLXTRAHASHES = sha1+rmd160+sha256+sha512+whirlpool+tiger+haval+gost+crc32 +ALLXTRAHASHES = sha1+rmd160+sha256+sha512+tiger +# Everything but access time (Ie. all changes) +EVERYTHING = R+ALLXTRAHASHES + +# Sane, with multiple hashes +# NORMAL = R+rmd160+sha256+whirlpool +NORMAL = FIPSR+sha512 + +# For directories, don't bother doing hashes +DIR = p+i+n+u+g+acl+selinux+xattrs + +# Access control only +PERMS = p+i+u+g+acl+selinux + +# Logfile are special, in that they often change +LOG = > + +# Just do sha256 and sha512 hashes +LSPP = FIPSR+sha512 + +# Some files get updated automatically, so the inode/ctime/mtime change +# but we want to know when the data inside them changes +DATAONLY = p+n+u+g+s+acl+selinux+xattrs+sha256 + +# Next decide what directories/files you want in the database. + +/boot NORMAL +/bin NORMAL +/sbin NORMAL +/lib NORMAL +/lib64 NORMAL +/opt NORMAL +/usr NORMAL +/root NORMAL +# These are too volatile +!/usr/src +!/usr/tmp + +# Check only permissions, inode, user and group for /etc, but +# cover some important files closely. +/etc PERMS +!/etc/mtab +# Ignore backup files +!/etc/.*~ +/etc/exports NORMAL +/etc/fstab NORMAL +/etc/passwd NORMAL +/etc/group NORMAL +/etc/gshadow NORMAL +/etc/shadow NORMAL +/etc/security/opasswd NORMAL + +/etc/hosts.allow NORMAL +/etc/hosts.deny NORMAL + +/etc/sudoers NORMAL +/etc/skel NORMAL + +/etc/logrotate.d NORMAL + +/etc/resolv.conf DATAONLY + +/etc/nscd.conf NORMAL +/etc/securetty NORMAL + +# Shell/X starting files +/etc/profile NORMAL +/etc/bashrc NORMAL +/etc/bash_completion.d/ NORMAL +/etc/login.defs NORMAL +/etc/zprofile NORMAL +/etc/zshrc NORMAL +/etc/zlogin NORMAL +/etc/zlogout NORMAL +/etc/profile.d/ NORMAL +/etc/X11/ NORMAL + +# Pkg manager +/etc/yum.conf NORMAL +/etc/yumex.conf NORMAL +/etc/yumex.profiles.conf NORMAL +/etc/yum/ NORMAL +/etc/yum.repos.d/ NORMAL + +/var/log LOG +/var/run/utmp LOG + +# This gets new/removes-old filenames daily +!/var/log/sa +# As we are checking it, we've truncated yesterdays size to zero. +!/var/log/aide.log + +# LSPP rules... +# AIDE produces an audit record, so this becomes perpetual motion. +# /var/log/audit/ LSPP +/etc/audit/ LSPP +/etc/libaudit.conf LSPP +/usr/sbin/stunnel LSPP +/var/spool/at LSPP +/etc/at.allow LSPP +/etc/at.deny LSPP +/etc/cron.allow LSPP +/etc/cron.deny LSPP +/etc/cron.d/ LSPP +/etc/cron.daily/ LSPP +/etc/cron.hourly/ LSPP +/etc/cron.monthly/ LSPP +/etc/cron.weekly/ LSPP +/etc/crontab LSPP +/var/spool/cron/root LSPP + +/etc/login.defs LSPP +/etc/securetty LSPP +/var/log/faillog LSPP +/var/log/lastlog LSPP + +/etc/hosts LSPP +/etc/sysconfig LSPP + +/etc/inittab LSPP +/etc/grub/ LSPP +/etc/rc.d LSPP + +/etc/ld.so.conf LSPP + +/etc/localtime LSPP + +/etc/sysctl.conf LSPP + +/etc/modprobe.conf LSPP + +/etc/pam.d LSPP +/etc/security LSPP +/etc/aliases LSPP +/etc/postfix LSPP + +/etc/ssh/sshd_config LSPP +/etc/ssh/ssh_config LSPP + +/etc/stunnel LSPP + +/etc/vsftpd.ftpusers LSPP +/etc/vsftpd LSPP + +/etc/issue LSPP +/etc/issue.net LSPP + +/etc/cups LSPP + +# With AIDE's default verbosity level of 5, these would give lots of +# warnings upon tree traversal. It might change with future version. +# +#=/lost\+found DIR +#=/home DIR + +# Ditto /var/log/sa reason... +!/var/log/and-httpd + +# Admins dot files constantly change, just check perms +/root/\..* PERMS diff --git a/SOURCES/aide.logrotate b/SOURCES/aide.logrotate new file mode 100644 index 0000000..614c6a6 --- /dev/null +++ b/SOURCES/aide.logrotate @@ -0,0 +1,9 @@ +/var/log/aide/*.log { + weekly + missingok + rotate 4 + compress + delaycompress + copytruncate + minsize 100k +} diff --git a/SOURCES/gnutls.patch b/SOURCES/gnutls.patch new file mode 100644 index 0000000..4a8607e --- /dev/null +++ b/SOURCES/gnutls.patch @@ -0,0 +1,487 @@ +diff -up ./configure.ac.gnutls ./configure.ac +--- ./configure.ac.gnutls 2023-06-13 20:53:43.000000000 +0200 ++++ ./configure.ac 2024-05-14 19:09:47.419448389 +0200 +@@ -350,6 +350,10 @@ AC_MSG_CHECKING(for Mhash) + AC_ARG_WITH([mhash], AS_HELP_STRING([--with-mhash], [use Mhash (default: check)]), [with_mhash=$withval], [with_mhash=check]) + AC_MSG_RESULT([$with_mhash]) + ++AC_MSG_CHECKING(for GnuTLS) ++AC_ARG_WITH([gnutls], AS_HELP_STRING([--with-gnutls], [use GnuTLS library (default: check)]), [with_gnutls=$withval], [with_gnutls=check]) ++AC_MSG_RESULT([$with_gnutls]) ++ + AC_MSG_CHECKING(for GNU crypto library) + AC_ARG_WITH([gcrypt], AS_HELP_STRING([--with-gcrypt], [use GNU crypto library (default: check)]), [with_gcrypt=$withval], [with_gcrypt=check]) + AC_MSG_RESULT([$with_gcrypt]) +@@ -363,19 +367,29 @@ AS_IF([test x"$with_mhash" = xyes], [ + )],AC_DEFINE(HAVE_MHASH_WHIRLPOOL,1,[mhash has whirlpool])) + AS_IF([test x"$with_gcrypt" = xcheck], [ + with_gcrypt=no ++ with_gnutls=no + ]) + ]) + AIDE_PKG_CHECK_MODULES_OPTIONAL(gcrypt, GCRYPT, libgcrypt) ++AIDE_PKG_CHECK_MODULES_OPTIONAL(gnutls, GNUTLS, gnutls) + AS_IF([test x"$with_mhash" != xno && test x"$with_gcrypt" != xno], [ + AC_MSG_ERROR([Using gcrypt together with mhash makes no sense. To disable mhash use --without-mhash]) + ]) +-AS_IF([test x"$with_mhash" = xno && test x"$with_gcrypt" = xno], [ +- AC_MSG_ERROR([AIDE requires mhash or libcrypt for hashsum calculation]) ++AS_IF([test x"$with_mhash" != xno && test x"$with_gnutls" != xno], [ ++ AC_MSG_ERROR([Using gnutls together with mhash makes no sense. To disable mhash use --without-mhash]) ++]) ++AS_IF([test x"$with_gcrypt" != xno && test x"$with_gnutls" != xno], [ ++ AC_MSG_ERROR([Using gnutls together with gcrypt makes no sense. To disable gcrypt use --without-gcrypt]) ++]) ++AS_IF([test x"$with_mhash" = xno && test x"$with_gcrypt" = xno && test x"$with_gnutls" == xno], [ ++ AC_MSG_ERROR([AIDE requires mhash, gnutls or libcrypt for hashsum calculation]) + ]) + compoptionstring="${compoptionstring}use Mhash: $with_mhash\\n" + AM_CONDITIONAL(HAVE_MHASH, [test "x$MHASH_LIBS" != "x"]) + compoptionstring="${compoptionstring}use GNU crypto library: $with_gcrypt\\n" + AM_CONDITIONAL(HAVE_GCRYPT, [test "x$GCRYPT_LIBS" != "x"]) ++compoptionstring="${compoptionstring}use GnuTLS: $with_gnutls\\n" ++AM_CONDITIONAL(HAVE_GNUTLS, [test "x$GNUTLS_LIBS" != "x"]) + + AIDE_PKG_CHECK(audit, Linux Auditing Framework, no, AUDIT, audit) + +diff -up ./doc/aide.conf.5.gnutls ./doc/aide.conf.5 +--- ./doc/aide.conf.5.gnutls 2023-08-01 10:47:59.000000000 +0200 ++++ ./doc/aide.conf.5 2024-05-14 19:09:47.420448380 +0200 +@@ -866,6 +866,7 @@ haval256 checksum + .TP + .B "crc32" + crc32 checksum ++(\fIlibmhash\fR and \fIlibgcrypt\fR only) + .TP + .B "crc32b" + crc32 checksum +@@ -876,14 +877,15 @@ GOST R 34.11-94 checksum + .TP + .B "whirlpool" + whirlpool checksum ++(\fIlibgcrypt\fR and \fIlibmhash\fRonly) + .TP + .B "stribog256" + GOST R 34.11-2012, 256 bit checksum +-(\fIlibgcrypt\fR only, added in AIDE v0.17) ++(\fIlibgcrypt\fR and \fIgnutls\fR only, added in AIDE v0.17) + .TP + .B "stribog512" + GOST R 34.11-2012, 512 bit checksum +-(\fIlibgcrypt\fR only, added in AIDE v0.17) ++(\fIlibgcrypt\fR and \fIgnutls\fR only, added in AIDE v0.17) + .PP + + Use 'aide --version' to show which hashsums are available. +diff -up ./include/md.h.gnutls ./include/md.h +--- ./include/md.h.gnutls 2023-04-01 18:25:38.000000000 +0200 ++++ ./include/md.h 2024-05-14 19:09:47.420448380 +0200 +@@ -29,6 +29,10 @@ + #ifdef WITH_GCRYPT + #include + #endif ++#ifdef WITH_GNUTLS ++#include ++#include ++#endif + #include + #include "attributes.h" + #include "hashsum.h" +@@ -61,6 +65,10 @@ typedef struct md_container { + gcry_md_hd_t mdh; + #endif + ++#ifdef WITH_GNUTLS ++ gnutls_hash_hd_t gnutls_mdh[num_hashes]; ++#endif ++ + } md_container; + + typedef struct md_hashsums { +diff -up ./Makefile.am.gnutls ./Makefile.am +--- ./Makefile.am.gnutls 2024-05-14 19:09:47.420448380 +0200 ++++ ./Makefile.am 2024-05-14 19:23:09.347757387 +0200 +@@ -64,17 +64,35 @@ if HAVE_CURL + aide_SOURCES += include/fopen.h src/fopen.c + endif + +-aide_CFLAGS = @AIDE_DEFS@ -W -Wall -g ${PTHREAD_CFLAGS} +-aide_LDADD = -lm ${PCRE2_LIBS} ${ZLIB_LIBS} ${MHASH_LIBS} ${GCRYPT_LIBS} ${POSIX_ACL_LIBS} ${SELINUX_LIBS} ${AUDIT_LIBS} ${XATTR_LIBS} ${ELF_LIBS} ${E2FSATTRS_LIBS} ${CAPABILITIES_LIBS} ${CURL_LIBS} ${PTHREAD_LIBS} ++aide_CFLAGS = @AIDE_DEFS@ -W -Wall -g ${PTHREAD_CFLAGS} ${GNUTLS_CFLAGS} ++aide_LDADD = -lm ${PCRE2_LIBS} ${ZLIB_LIBS} ${MHASH_LIBS} ${GNUTLS_LIBS} ${GCRYPT_LIBS} ${POSIX_ACL_LIBS} ${SELINUX_LIBS} ${AUDIT_LIBS} ${XATTR_LIBS} ${ELF_LIBS} ${E2FSATTRS_LIBS} ${CAPABILITIES_LIBS} ${CURL_LIBS} ${PTHREAD_LIBS} + + if HAVE_CHECK +-TESTS = check_aide +-check_PROGRAMS = check_aide ++TESTS = check_aide check_md ++check_PROGRAMS = check_aide check_md + check_aide_SOURCES = tests/check_aide.c tests/check_aide.h \ + tests/check_attributes.c src/attributes.c \ + src/log.c src/util.c +-check_aide_CFLAGS = -I$(top_srcdir)/include $(CHECK_CFLAGS) +-check_aide_LDADD = -lm ${PCRE2_LIBS} ${MHASH_LIBS} ${GCRYPT_LIBS} $(CHECK_LIBS) ++check_aide_CFLAGS = -I$(top_srcdir)/include $(CHECK_CFLAGS) ${GNUTLS_CFLAGS} ++check_aide_LDADD = -lm ${PCRE2_LIBS} ${MHASH_LIBS} ${GCRYPT_LIBS} $(CHECK_LIBS) ${GNUTLS_LIBS} ++ ++check_md_SOURCES = tests/check_md.c tests/check_md.h \ ++ tests/check_hashes.c \ ++ src/log.c src/util.c src/md.c src/base64.c src/hashsum.c src/attributes.c ++ ++check_md_CFLAGS = -I$(top_srcdir)/include \ ++ $(CHECK_CFLAGS) \ ++ $(GCRYPT_CFLAGS) \ ++ $(GNUTLS_CFLAGS) \ ++ $(MHASH_CFLAGS) \ ++ $(PCRE2_CFLAGS) ++check_md_LDADD = -lm \ ++ $(CHECK_LIBS) \ ++ ${GCRYPT_LIBS} \ ++ ${GNUTLS_LIBS} \ ++ ${MHASH_LIBS} \ ++ ${PCRE2_LIBS} ++ + endif # HAVE_CHECK + + AM_CFLAGS = @AIDE_DEFS@ -W -Wall -g +diff -up ./README.gnutls ./README +--- ./README.gnutls 2023-08-01 10:47:59.000000000 +0200 ++++ ./README 2024-05-14 19:09:47.419448389 +0200 +@@ -132,11 +132,15 @@ + o GNU make. + o pkg-config + o PCRE2 library +- o Mhash (optional, but highly recommended). Mhash is currently +- available from http://mhash.sourceforge.net/. A static version of +- libmhash needs to be build using the --enable-static=yes +- configure option. ++ ++ One of the following crypto libraries: ++ ++ o Mhash. Mhash is currently available from ++ http://mhash.sourceforge.net/. A static version of libmhash needs ++ to be build using the --enable-static=yes configure option. + Aide requires at least mhash version 0.9.2 ++ o GNU libgcrypt ++ o GnuTLS + + o libcheck (optional, needed for 'make check', license: LGPL-2.1) + +diff -up ./src/aide.c.gnutls ./src/aide.c +--- ./src/aide.c.gnutls 2023-06-13 20:52:39.000000000 +0200 ++++ ./src/aide.c 2024-05-14 19:09:47.420448380 +0200 +@@ -66,6 +66,9 @@ char* after = NULL; + #include + #define NEED_LIBGCRYPT_VERSION "1.8.0" + #endif ++#ifdef WITH_GNUTLS ++#include ++#endif + + static void usage(int exitvalue) + { +@@ -522,9 +525,6 @@ static void setdefaults_before_config() + DB_ATTR_TYPE common_attrs = ATTR(attr_perm)|ATTR(attr_ftype)|ATTR(attr_inode)|ATTR(attr_linkcount)|ATTR(attr_uid)|ATTR(attr_gid); + + DB_ATTR_TYPE GROUP_R_HASHES=0LLU; +-#ifdef WITH_MHASH +- GROUP_R_HASHES=ATTR(attr_md5); +-#endif + #ifdef WITH_GCRYPT + if (gcry_fips_mode_active()) { + char* str; +@@ -533,6 +533,8 @@ static void setdefaults_before_config() + } else { + GROUP_R_HASHES = ATTR(attr_md5); + } ++#else /* WITH_MHASH or WITH_GNUTLS */ ++ GROUP_R_HASHES=ATTR(attr_md5); + #endif + + log_msg(LOG_LEVEL_INFO, "define default groups definitions"); +diff -up ./src/hashsum.c.gnutls ./src/hashsum.c +--- ./src/hashsum.c.gnutls 2023-04-01 18:25:38.000000000 +0200 ++++ ./src/hashsum.c 2024-05-14 19:09:47.420448380 +0200 +@@ -29,6 +29,9 @@ + #ifdef WITH_GCRYPT + #include + #endif ++#ifdef WITH_GNUTLS ++#include ++#endif + + hashsum_t hashsums[] = { + { attr_md5, 16 }, +@@ -86,6 +89,24 @@ int algorithms[] = { /* order must match + }; + #endif + ++#ifdef WITH_GNUTLS ++int algorithms[] = { /* order must match hashsums array */ ++ GNUTLS_DIG_MD5, ++ GNUTLS_DIG_SHA1, ++ GNUTLS_DIG_SHA256, ++ GNUTLS_DIG_SHA512, ++ GNUTLS_DIG_RMD160, ++ -1, /* TIGER is not available */ ++ -1, /* CRC32 is not available */ ++ -1, /* CRC32B is not available */ ++ -1, /* GCRY_MD_HAVAL is not available */ ++ -1, /* WHIRLPOOL is not available */ ++ -1, /* GNUTLS_DIG_GOSTR_94 gives different results than Gcrypt */ ++ GNUTLS_DIG_STREEBOG_256, ++ GNUTLS_DIG_STREEBOG_512, ++}; ++#endif ++ + DB_ATTR_TYPE get_hashes(bool include_unsupported) { + DB_ATTR_TYPE attr = 0LLU; + for (int i = 0; i < num_hashes; ++i) { +diff -up ./src/md.c.gnutls ./src/md.c +--- ./src/md.c.gnutls 2023-04-01 18:25:38.000000000 +0200 ++++ ./src/md.c 2024-05-14 19:28:09.651209390 +0200 +@@ -40,6 +40,11 @@ + #include + #endif + ++#ifdef WITH_GNUTLS ++#include ++#include ++#endif ++ + /* + Initialise md_container according its todo_attr field + */ +@@ -90,6 +95,22 @@ int init_md(struct md_container* md, con + } + } + #endif ++#ifdef WITH_GNUTLS ++ for (HASHSUM i = 0 ; i < num_hashes ; ++i) { ++ DB_ATTR_TYPE h = ATTR(hashsums[i].attribute); ++ if (h&md->todo_attr) { ++ if(gnutls_hash_init(&(md->gnutls_mdh[i]),algorithms[i])>=0){ ++ md->calc_attr|=h; ++ } else { ++ log_msg(LOG_LEVEL_WARNING,"%s: gnutls_hash_init (%s) failed for '%s'", filename, attributes[hashsums[i].attribute].db_name, filename); ++ md->todo_attr&=~h; ++ md->gnutls_mdh[i] = NULL; ++ } ++ } else { ++ md->gnutls_mdh[i] = NULL; ++ } ++ } ++#endif + char *str; + log_msg(LOG_LEVEL_DEBUG, "%s> initialized md_container: %s (%p)", filename, str = diff_attributes(0, md->calc_attr), md); + free(str); +@@ -120,6 +141,13 @@ int update_md(struct md_container* md,vo + #ifdef WITH_GCRYPT + gcry_md_write(md->mdh, data, size); + #endif ++#ifdef WITH_GNUTLS ++ for (HASHSUM i = 0 ; i < num_hashes ; ++i) { ++ if(md->gnutls_mdh[i] != NULL){ ++ gnutls_hash(md->gnutls_mdh[i], data, size); ++ } ++ } ++#endif + return RETOK; + } + +@@ -163,6 +191,14 @@ int close_md(struct md_container* md, md + } + } + #endif ++#ifdef WITH_GNUTLS ++ for (HASHSUM i = 0 ; i < num_hashes ; ++i) { ++ if(md->gnutls_mdh[i] != NULL){ ++ gnutls_hash_deinit(md->gnutls_mdh[i], hs?hs->hashsums[i]:NULL); ++ md->gnutls_mdh[i] = NULL; ++ } ++ } ++#endif /* WITH_MHASH */ + if (hs) { + hs->attrs = md->calc_attr; + } +diff -up ./tests/check_hashes.c.gnutls ./tests/check_hashes.c +--- ./tests/check_hashes.c.gnutls 2024-05-14 19:09:47.420448380 +0200 ++++ ./tests/check_hashes.c 2024-05-14 19:09:47.420448380 +0200 +@@ -0,0 +1,111 @@ ++/* ++ * AIDE (Advanced Intrusion Detection Environment) ++ * ++ * Copyright (C) 2024 Jakub Jelen ++ * ++ * This program is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU General Public License as ++ * published by the Free Software Foundation; either version 2 of the ++ * License, or (at your option) any later version. ++ * ++ * This program is distributed in the hope that it will be useful, but ++ * WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License along ++ * with this program; if not, write to the Free Software Foundation, Inc., ++ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. ++ */ ++ ++#include "config.h" ++ ++#include ++#include ++ ++#include "hashsum.h" ++#include "md.h" ++ ++typedef struct { ++ const char *input; ++ ssize_t input_len; ++ md_hashsums expected; ++} diff_digests_t; ++ ++static diff_digests_t diff_digests_tests[] = { ++ { "", 0, {{ ++ "\xd4\x1d\x8c\xd9\x8f\x00\xb2\x04\xe9\x80\x09\x98\xec\xf8\x42\x7e", ++ "\xda\x39\xa3\xee\x5e\x6b\x4b\x0d\x32\x55\xbf\xef\x95\x60\x18\x90\xaf\xd8\x07\x09", ++ "\xe3\xb0\xc4\x42\x98\xfc\x1c\x14\x9a\xfb\xf4\xc8\x99\x6f\xb9\x24\x27\xae\x41\xe4\x64\x9b\x93\x4c\xa4\x95\x99\x1b\x78\x52\xb8\x55", ++ "\xcf\x83\xe1\x35\x7e\xef\xb8\xbd\xf1\x54\x28\x50\xd6\x6d\x80\x07\xd6\x20\xe4\x05\x0b\x57\x15\xdc\x83\xf4\xa9\x21\xd3\x6c\xe9\xce\x47\xd0\xd1\x3c\x5d\x85\xf2\xb0\xff\x83\x18\xd2\x87\x7e\xec\x2f\x63\xb9\x31\xbd\x47\x41\x7a\x81\xa5\x38\x32\x7a\xf9\x27\xda\x3e", ++ "\x9c\x11\x85\xa5\xc5\xe9\xfc\x54\x61\x28\x08\x97\x7e\xe8\xf5\x48\xb2\x25\x8d\x31", ++ "\x24\xf0\x13\x0c\x63\xac\x93\x32\x16\x16\x6e\x76\xb1\xbb\x92\x5f\xf3\x73\xde\x2d\x49\x58\x4e\x7a", ++ "\x00\x00\x00\x00", ++ "\x00\x00\x00\x00", ++ "\x4f\x69\x38\x53\x1f\x0b\xc8\x99\x1f\x62\xda\x7b\xbd\x6f\x7d\xe3\xfa\xd4\x45\x62\xb8\xc6\xf4\xeb\xf1\x46\xd5\xb4\xe4\x6f\x7c\x17", ++ "\x19\xfa\x61\xd7\x55\x22\xa4\x66\x9b\x44\xe3\x9c\x1d\x2e\x17\x26\xc5\x30\x23\x21\x30\xd4\x07\xf8\x9a\xfe\xe0\x96\x49\x97\xf7\xa7\x3e\x83\xbe\x69\x8b\x28\x8f\xeb\xcf\x88\xe3\xe0\x3c\x4f\x07\x57\xea\x89\x64\xe5\x9b\x63\xd9\x37\x08\xb1\x38\xcc\x42\xa6\x6e\xb3", ++ "\xce\x85\xb9\x9c\xc4\x67\x52\xff\xfe\xe3\x5c\xab\x9a\x7b\x02\x78\xab\xb4\xc2\xd2\x05\x5c\xff\x68\x5a\xf4\x91\x2c\x49\x49\x0f\x8d", ++ "\x3f\x53\x9a\x21\x3e\x97\xc8\x02\xcc\x22\x9d\x47\x4c\x6a\xa3\x2a\x82\x5a\x36\x0b\x2a\x93\x3a\x94\x9f\xd9\x25\x20\x8d\x9c\xe1\xbb", ++ "\x8e\x94\x5d\xa2\x09\xaa\x86\x9f\x04\x55\x92\x85\x29\xbc\xae\x46\x79\xe9\x87\x3a\xb7\x07\xb5\x53\x15\xf5\x6c\xeb\x98\xbe\xf0\xa7\x36\x2f\x71\x55\x28\x35\x6e\xe8\x3c\xda\x5f\x2a\xac\x4c\x6a\xd2\xba\x3a\x71\x5c\x1b\xcd\x81\xcb\x8e\x9f\x90\xbf\x4c\x1c\x1a\x8a" } ++ }}, ++ { "hello", 5, {{ ++ "\x5d\x41\x40\x2a\xbc\x4b\x2a\x76\xb9\x71\x9d\x91\x10\x17\xc5\x92", ++ "\xaa\xf4\xc6\x1d\xdc\xc5\xe8\xa2\xda\xbe\xde\x0f\x3b\x48\x2c\xd9\xae\xa9\x43\x4d", ++ "\x2c\xf2\x4d\xba\x5f\xb0\xa3\x0e\x26\xe8\x3b\x2a\xc5\xb9\xe2\x9e\x1b\x16\x1e\x5c\x1f\xa7\x42\x5e\x73\x04\x33\x62\x93\x8b\x98\x24", ++ "\x9b\x71\xd2\x24\xbd\x62\xf3\x78\x5d\x96\xd4\x6a\xd3\xea\x3d\x73\x31\x9b\xfb\xc2\x89\x0c\xaa\xda\xe2\xdf\xf7\x25\x19\x67\x3c\xa7\x23\x23\xc3\xd9\x9b\xa5\xc1\x1d\x7c\x7a\xcc\x6e\x14\xb8\xc5\xda\x0c\x46\x63\x47\x5c\x2e\x5c\x3a\xde\xf4\x6f\x73\xbc\xde\xc0\x43", ++ "\x10\x8f\x07\xb8\x38\x24\x12\x61\x2c\x04\x8d\x07\xd1\x3f\x81\x41\x18\x44\x5a\xcd", ++ "\xa7\x88\x62\x33\x6f\x7f\xfd\x2c\x8a\x38\x74\xf8\x9b\x1b\x74\xf2\xf2\x7b\xdb\xca\x39\x66\x02\x54", ++#ifdef WITH_MHASH ++ "\x3d\x65\x31\x19", ++#else ++ "\x36\x10\xa6\x86", ++#endif ++ "\x86\xa6\x10\x36", ++ "\x26\x71\x8e\x4f\xb0\x55\x95\xcb\x87\x03\xa6\x72\xa8\xae\x91\xee\xa0\x71\xca\xc5\xe7\x42\x61\x73\xd4\xc2\x5a\x61\x1c\x4b\x80\x22", ++ "\x0a\x25\xf5\x5d\x73\x08\xec\xa6\xb9\x56\x7a\x7e\xd3\xbd\x1b\x46\x32\x7f\x0f\x1f\xfd\xc8\x04\xdd\x8b\xb5\xaf\x40\xe8\x8d\x78\xb8\x8d\xf0\xd0\x02\xa8\x9e\x2f\xdb\xd5\x87\x6c\x52\x3f\x1b\x67\xbc\x44\xe9\xf8\x70\x47\x59\x8e\x75\x48\x29\x8e\xa1\xc8\x1c\xfd\x73", ++ "\xa7\xeb\x5d\x08\xdd\xf2\x36\x3f\x1e\xa0\x31\x7a\x80\x3f\xce\xf8\x1d\x33\x86\x3c\x8b\x2f\x9f\x6d\x7d\x14\x95\x1d\x22\x9f\x45\x67", ++ "\x3f\xb0\x70\x0a\x41\xce\x6e\x41\x41\x3b\xa7\x64\xf9\x8b\xf2\x13\x5b\xa6\xde\xd5\x16\xbe\xa2\xfa\xe8\x42\x9c\xc5\xbd\xd4\x6d\x6d", ++ "\x8d\xf4\x14\x26\x09\x66\xbe\xb7\xb3\x4d\x92\x07\x63\x07\x9e\x15\xdf\x1f\x63\x29\x7e\xb3\xdd\x43\x11\xe8\xb5\x85\xd4\xbf\x2f\x59\x23\x21\x4f\x1d\xfe\xd3\xfd\xee\x4a\xaf\x01\x83\x30\xa1\x2a\xcd\xe0\xef\xcc\x33\x8e\xb5\x29\x22\xf3\xe5\x71\x21\x2d\x42\xc8\xde" } ++ }}, ++}; ++ ++static int num_diff_digests_tests = sizeof diff_digests_tests / sizeof(diff_digests_t); ++ ++START_TEST (test_diff_digests) { ++ const char *filename = "filename"; /* used only in the debug logs */ ++ md_hashsums hs = {0}; ++ struct md_container *mdc = calloc(1, sizeof(struct md_container)); ++ mdc->todo_attr = get_hashes(false); ++ ++#ifdef WITH_GCRYPT ++ gcry_control(GCRYCTL_DISABLE_SECMEM, 0); ++ gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0); ++#endif ++ ++ init_md(mdc, filename); ++ update_md(mdc, (void *)diff_digests_tests[_i].input, diff_digests_tests[_i].input_len); ++ close_md(mdc, &hs, filename); ++ free(mdc); ++ ++ for (HASHSUM i = 0 ; i < num_hashes ; ++i) { ++ DB_ATTR_TYPE attr = ATTR(hashsums[i].attribute); ++ if (algorithms[i] >= 0 && hs.attrs&attr) { ++ ck_assert_mem_eq(diff_digests_tests[_i].expected.hashsums[i], hs.hashsums[i], hashsums[i].length); ++ } ++ } ++} ++END_TEST ++ ++Suite *make_md_suite(void) { ++ ++ Suite *s = suite_create ("md"); ++ ++ TCase *tc_diff_digests = tcase_create ("diff_digests"); ++ ++ tcase_add_loop_test (tc_diff_digests, test_diff_digests, 0, num_diff_digests_tests); ++ ++ suite_add_tcase (s, tc_diff_digests); ++ ++ return s; ++} ++ +diff -up ./tests/check_md.c.gnutls ./tests/check_md.c +--- ./tests/check_md.c.gnutls 2024-05-14 19:09:47.420448380 +0200 ++++ ./tests/check_md.c 2024-05-14 19:09:47.420448380 +0200 +@@ -0,0 +1,36 @@ ++/* ++ * AIDE (Advanced Intrusion Detection Environment) ++ * ++ * Copyright (C) 2024 Jakub Jelen ++ * ++ * This program is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU General Public License as ++ * published by the Free Software Foundation; either version 2 of the ++ * License, or (at your option) any later version. ++ * ++ * This program is distributed in the hope that it will be useful, but ++ * WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License along ++ * with this program; if not, write to the Free Software Foundation, Inc., ++ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. ++ */ ++ ++#include ++ ++#include "check_md.h" ++ ++int main (void) { ++ int number_failed; ++ SRunner *sr; ++ ++ sr = srunner_create (make_md_suite()); ++ ++ srunner_run_all (sr, CK_NORMAL); ++ number_failed = srunner_ntests_failed (sr); ++ ++ srunner_free (sr); ++ return (number_failed == 0) ? EXIT_SUCCESS : EXIT_FAILURE; ++} +diff -up ./tests/check_md.h.gnutls ./tests/check_md.h +--- ./tests/check_md.h.gnutls 2024-05-14 19:09:47.421448372 +0200 ++++ ./tests/check_md.h 2024-05-14 19:09:47.421448372 +0200 +@@ -0,0 +1,23 @@ ++/* ++ * AIDE (Advanced Intrusion Detection Environment) ++ * ++ * Copyright (C) 2024 Jakub Jelen ++ * ++ * This program is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU General Public License as ++ * published by the Free Software Foundation; either version 2 of the ++ * License, or (at your option) any later version. ++ * ++ * This program is distributed in the hope that it will be useful, but ++ * WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License along ++ * with this program; if not, write to the Free Software Foundation, Inc., ++ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. ++ */ ++ ++#include ++ ++Suite *make_md_suite(void); diff --git a/SPECS/aide.spec b/SPECS/aide.spec new file mode 100644 index 0000000..fb87362 --- /dev/null +++ b/SPECS/aide.spec @@ -0,0 +1,374 @@ +Summary: Intrusion detection environment +Name: aide +Version: 0.18.6 +Release: 6%{?dist} +URL: http://sourceforge.net/projects/aide +License: GPL-2.0-or-later +Source0: %{url}/files/aide/%{version}/%{name}-%{version}.tar.gz +Source1: aide.conf +Source2: README.quickstart +Source3: aide.logrotate + +BuildRequires: gcc +BuildRequires: make +BuildRequires: bison flex +BuildRequires: pcre2-devel +BuildRequires: libgpg-error-devel gnutls-devel +BuildRequires: zlib-devel +BuildRequires: libcurl-devel +BuildRequires: libacl-devel +BuildRequires: pkgconfig(libselinux) +BuildRequires: libattr-devel +BuildRequires: e2fsprogs-devel +BuildRequires: audit-libs-devel +BuildRequires: autoconf autoconf-archive +BuildRequires: automake libtool + +Patch1: aide-verbose.patch +Patch2: gnutls.patch + + +%description +AIDE (Advanced Intrusion Detection Environment) is a file integrity +checker and intrusion detection program. + +%prep + +%setup +#%%autosetup -p1 +cp -a %{S:2} . + +%patch -P 1 -p1 -b .verbose +%patch -P 2 -p1 -b .gnutls + +%build +autoreconf -ivf +%configure \ + --disable-static \ + --with-config_file=%{_sysconfdir}/aide.conf \ + --with-gnutls \ + --without-gcrypt \ + --with-zlib \ + --with-curl \ + --with-posix-acl \ + --with-selinux \ + --with-xattr \ + --with-e2fsattrs \ + --with-audit +%make_build + +%install +%make_install bindir=%{_sbindir} +install -Dpm0644 -t %{buildroot}%{_sysconfdir} %{S:1} +install -Dpm0644 %{S:3} %{buildroot}%{_sysconfdir}/logrotate.d/aide +mkdir -p %{buildroot}%{_localstatedir}/log/aide +mkdir -p -m0700 %{buildroot}%{_localstatedir}/lib/aide + +%files +%license COPYING +%doc AUTHORS ChangeLog NEWS README contrib/ +%doc README.quickstart +%{_sbindir}/aide +%{_mandir}/man1/*.1* +%{_mandir}/man5/*.5* +%config(noreplace) %attr(0600,root,root) %{_sysconfdir}/aide.conf +%config(noreplace) %{_sysconfdir}/logrotate.d/aide +%dir %attr(0700,root,root) %{_localstatedir}/lib/aide +%dir %attr(0700,root,root) %{_localstatedir}/log/aide + +%changelog +* Fri Oct 25 2024 MSVSphere Packaging Team - 0.18.6-6 +- Rebuilt for MSVSphere 10 + +* Mon Jun 24 2024 Troy Dawson - 0.18.6-6 +- Bump release for June 2024 mass rebuild + +* Fri May 17 2024 Radovan Sroka - 0.18.6-5 +REDHAT 10.0 ERRATUM +- fix verbose patch +- get rid of libgcrypt +Resolves: RHEL-36780 + +* Mon Feb 12 2024 Radovan Sroka - 0.18.6-4 +- rebase to 0.18.6 + +* Mon Jan 22 2024 Fedora Release Engineering - 0.18.6-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Fri Jan 19 2024 Fedora Release Engineering - 0.18.6-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Tue Oct 24 2023 Radovan Sroka - 0.18.6-1 +- rebase to 0.18.6 + +* Wed Jul 19 2023 Fedora Release Engineering - 0.18.4-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Wed Jun 21 2023 Radovan Sroka - 0.18.4-1 +- aide-0.18.4 is available +Resolves: rhbz#1910486 +- Please port your pcre dependency to pcre2. Pcre has been deprecated +Resolves: rhbz#2128267 + +* Tue Jun 13 2023 Radovan Sroka - 0.16-23 +- migrated to SPDX license + +* Wed Jan 18 2023 Fedora Release Engineering - 0.16-22 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Fri Nov 25 2022 Florian Weimer - 0.16-21 +- Apply upstream patches to port configure to C99 + +* Wed Jul 20 2022 Fedora Release Engineering - 0.16-20 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + +* Wed Jan 19 2022 Fedora Release Engineering - 0.16-19 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + +* Wed Jul 21 2021 Fedora Release Engineering - 0.16-18 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + +* Mon Jan 25 2021 Fedora Release Engineering - 0.16-17 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Fri Jul 31 2020 Fedora Release Engineering - 0.16-16 +- Second attempt - Rebuilt for + https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Mon Jul 27 2020 Fedora Release Engineering - 0.16-15 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Wed Jun 24 2020 Radovan Sroka 0.16-14 +- AIDE breaks when setting report_ignore_e2fsattrs + Resolves: rhbz#1850276 + +* Tue Jan 28 2020 Fedora Release Engineering - 0.16-13 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +* Wed Jul 31 2019 Radovan Sroka - 0.16-12 +- backport some patches + Resolves: rhbz#1717140 + +* Wed Jul 24 2019 Fedora Release Engineering - 0.16-11 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Wed Feb 20 2019 Daniel Kopecek - 0.16-10 +- Fix building with curl + Resolves: rhbz#1674637 + +* Thu Jan 31 2019 Fedora Release Engineering - 0.16-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Tue Jul 31 2018 Florian Weimer - 0.16-8 +- Rebuild with fixed binutils + +* Thu Jul 12 2018 Fedora Release Engineering - 0.16-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + +* Tue Feb 20 2018 Igor Gnatenko - 0.16-6 +- Rebuild + +* Wed Feb 07 2018 Fedora Release Engineering - 0.16-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Wed Aug 02 2017 Fedora Release Engineering - 0.16-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + +* Wed Jul 26 2017 Fedora Release Engineering - 0.16-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Wed Apr 05 2017 Radovan Sroka - 0.16-2 +- fixed upstream link + +* Tue Apr 04 2017 Radovan Sroka - 0.16-1 +- rebase to stable v0.16 +- specfile cleanup +- make doc readable + resolves: #1421355 +- make aide binary runable for any user + resolves: #1421351 + +* Fri Feb 10 2017 Fedora Release Engineering - 0.16-0.3.rc1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Tue Jul 12 2016 Tomas Sykora - 0.16-0.2.rc1 +- New upstream devel version + +* Mon Jun 20 2016 Tomas Sykora - 0.16-0.1.b1 +- New upstream devel version + +* Wed Feb 03 2016 Fedora Release Engineering - 0.15.1-12 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Sat Jul 25 2015 Till Maas - 0.15.1-11 +- Remove prelink dependency because prelink was retired + +* Tue Jun 16 2015 Fedora Release Engineering - 0.15.1-10 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Fri Aug 15 2014 Fedora Release Engineering - 0.15.1-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Fri Jul 18 2014 Yaakov Selkowitz - 0.15.1-8 +- Fix FTBFS with -Werror=format-security (#1036983, #1105942) +- Avoid prelink BR on aarch64, ppc64le (#924977, #1078476) + +* Sat Jun 07 2014 Fedora Release Engineering - 0.15.1-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Sat Aug 03 2013 Fedora Release Engineering - 0.15.1-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + +* Wed Feb 13 2013 Fedora Release Engineering - 0.15.1-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + +* Thu Nov 22 2012 Daniel Kopecek - 0.15.1-4 +- added patch to fix aide in FIPS mode +- use only FIPS approved digest algorithms in aide.conf so that + aide works by default in FIPS mode + +* Wed Jul 18 2012 Fedora Release Engineering - 0.15.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Thu Jan 12 2012 Fedora Release Engineering - 0.15.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild + +* Thu Nov 11 2010 Steve Grubb - 0.15.1-1 +- New upstream release + +* Tue May 18 2010 Steve Grubb - 0.14-5 +- Apply 2 upstream bug fixes + +* Tue May 18 2010 Steve Grubb - 0.14-4 +- Use upstream's patch to fix bz 590566 + +* Sat May 15 2010 Steve Grubb - 0.14-3 +- Fix bz 590561 aide does not detect the change of SElinux context +- Fix bz 590566 aide reports a changed file when it has not been changed + +* Wed Apr 28 2010 Steve Grubb - 0.14-2 +- Fix bz 574764 by replacing abort calls with exit +- Apply libgcrypt init patch + +* Tue Mar 16 2010 Steve Grubb - 0.14-1 +- New upstream release final 0.14 + +* Thu Feb 25 2010 Steve Grubb - 0.14-0.4.rc3 +- New upstream release + +* Thu Feb 25 2010 Steve Grubb - 0.14-0.3.rc2 +- New upstream release + +* Tue Feb 23 2010 Steve Grubb - 0.14-0.2.rc1 +- Fix dirent detection on 64bit systems + +* Mon Feb 22 2010 Steve Grubb - 0.14-0.1.rc1 +- New upstream release + +* Fri Feb 19 2010 Steve Grubb - 0.13.1-16 +- Add logrotate script and spec file cleanups + +* Fri Dec 11 2009 Steve Grubb - 0.13.1-15 +- Get rid of .dedosify files + +* Wed Dec 09 2009 Steve Grubb - 0.13.1-14 +- Revise patch for Initialize libgcrypt correctly (#530485) + +* Sat Nov 07 2009 Steve Grubb - 0.13.1-13 +- Initialize libgcrypt correctly (#530485) + +* Fri Aug 21 2009 Tomas Mraz - 0.13.1-12 +- rebuilt with new audit + +* Wed Aug 19 2009 Steve Grubb 0.13.1-11 +- rebuild for new audit-libs +- Correct regex for root's dot files (#509370) + +* Fri Jul 24 2009 Fedora Release Engineering - 0.13.1-10 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + +* Mon Jun 08 2009 Steve Grubb - 0.13.1-9 +- Make aide smarter about prelinked files (Peter Vrabec) +- Add /lib64 to default config + +* Mon Feb 23 2009 Fedora Release Engineering - 0.13.1-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild + +* Fri Jan 30 2009 Steve Grubb - 0.13.1-6 +- enable xattr support and update config file + +* Fri Sep 26 2008 Tom "spot" Callaway - 0.13.1-5 +- fix selcon patch to apply without fuzz + +* Fri Feb 15 2008 Steve Conklin +- rebuild for gcc4.3 + +* Tue Aug 21 2007 Michael Schwendt +- rebuilt + +* Sun Jul 22 2007 Michael Schwendt - 0.13.1-2 +- Apply Steve Conklin's patch to increase displayed portion of + selinux context. + +* Sun Dec 17 2006 Michael Schwendt - 0.13.1-1 +- Update to 0.13.1 release. + +* Sun Dec 10 2006 Michael Schwendt - 0.13-1 +- Update to 0.13 release. +- Include default aide.conf from RHEL5 as doc example file. + +* Sun Oct 29 2006 Michael Schwendt - 0.12-3.20061027cvs +- CAUTION! This changes the database format and results in a report of + false inconsistencies until an old database file is updated. +- Check out CVS 20061027 which now contains Red Hat's + acl/xattr/selinux/audit patches. +- Patches merged upstream. +- Update manual page substitutions. + +* Mon Oct 23 2006 Michael Schwendt - 0.12-2 +- Add "memory leaks and performance updates" patch as posted + to aide-devel by Steve Grubb. + +* Sat Oct 07 2006 Michael Schwendt - 0.12-1 +- Update to 0.12 release. +- now offers --disable-static, so -no-static patch is obsolete +- fill last element of getopt struct array with zeroes + +* Mon Oct 02 2006 Michael Schwendt - 0.11-3 +- rebuilt + +* Mon Sep 11 2006 Michael Schwendt - 0.11-2 +- rebuilt + +* Sun Feb 19 2006 Michael Schwendt - 0.11-1 +- Update to 0.11 release. +- useless-includes patch merged upstream. +- old Russian man pages not available anymore. +- disable static linking. + +* Thu Apr 7 2005 Michael Schwendt +- rebuilt + +* Fri Nov 28 2003 Michael Schwendt - 0:0.10-0.fdr.1 +- Update to 0.10 release. +- memleaks patch merged upstream. +- rootpath patch merged upstream. +- fstat patch not needed anymore. +- Updated URL. + +* Thu Nov 13 2003 Michael Schwendt - 0:0.10-0.fdr.0.2.cvs20031104 +- Added buildreq m4 to work around incomplete deps of bison package. + +* Tue Nov 04 2003 Michael Schwendt - 0:0.10-0.fdr.0.1.cvs20031104 +- Only tar.gz available upstream. +- byacc not needed when bison -y is available. +- Installed Russian manual pages. +- Updated with changes from CVS (2003-11-04). +- getopt patch merged upstream. +- bison-1.35 patch incorporated upstream. + +* Tue Sep 09 2003 Michael Schwendt - 0:0.9-0.fdr.0.2.20030902 +- Added fixes for further memleaks. + +* Sun Sep 07 2003 Michael Schwendt - 0:0.9-0.fdr.0.1.20030902 +- Initial package version.