%define name aide
%define version 0.13
%define release %mkrel 1
Summary: Advanced Intrusion Detection Environment
Name: %{name}
Version: %{version}
Release: %{release}
Source0: http://prdownloads.sourceforge.net/aide/%{name}-%{version}.tar.bz2
Source1: %{name}.extra-0.7.tar.bz2
BuildRoot: %{_tmppath}/%{name}-buildroot
License: GPL
URL: http://sourceforge.net/projects/aide
Group: Networking/Other
Buildrequires: flex glibc-devel glibc-static-devel
BuildRequires: libmhash-devel zlib-devel bison
%description
AIDE (Advanced Intrusion Detection Environment) is a free replacement for
Tripwire. It does the same things as the semi-free Tripwire and more.
There are other free replacements available so why build a new one? All the
other replacements do not achieve the level of Tripwire. And I wanted a
program that would exceed the limitations of Tripwire.
The idea is that for an intruder to get in, certain files on the system must
change - configuration files, for example. And once an intruder is in, in
order to do much useful, the intruder must gain root access - something else
that requires changing files. aide ensures that you (root) can be notified of
ANY changes to a configurable list of properties (modification date, size,
various hash-values) of a configurable list files.
Aide should be installed right after the OS installation, and before
you have connected your system to a network (i.e., before any
possibility exists that someone could alter files on your system).
%prep
[ -n "${RPM_BUILD_ROOT}" -a "${RPM_BUILD_ROOT}" != / ] \
&& rm -rf ${RPM_BUILD_ROOT}/
%setup -T -b 0
%setup -T -D -a 1
%configure --prefix=%{_prefix} \
--sysconfdir=/etc \
--with-config_file=/etc/aide.conf \
--with-zlib \
--with-mhash \
--enable-mhash
grep -v "#define DEFAULT_DB" config.h > config.h.tmp
echo '#define DEFAULT_DB "/var/lib/aide/aide.db"' >> config.h.tmp
echo '#define DEFAULT_DB_OUT "/var/lib/aide/aide.db.new"' >> config.h.tmp
mv -f config.h.tmp config.h
%build
make
%install
mkdir -p ${RPM_BUILD_ROOT}/etc/cron.daily
mkdir -p ${RPM_BUILD_ROOT}%{_prefix}/sbin
mkdir -p ${RPM_BUILD_ROOT}%{_mandir}/man1
mkdir -p ${RPM_BUILD_ROOT}%{_mandir}/man5
make prefix=$RPM_BUILD_ROOT%{_prefix} \
bindir=${RPM_BUILD_ROOT}%{_sbindir} \
mandir=${RPM_BUILD_ROOT}%{_mandir} \
install-strip
mkdir -p -m 700 ${RPM_BUILD_ROOT}/var/lib/aide
install -m 700 ./extra/aide.check $RPM_BUILD_ROOT/etc/cron.daily
chmod 700 $RPM_BUILD_ROOT/var/lib/aide
chmod 700 $RPM_BUILD_ROOT/usr/sbin/*
%post
echo "****************************************************************"
echo "* You should now set up an /etc/aide.conf to your *"
echo "* system and run '/usr/sbin/aide --init' *"
echo "* (there is an example in /usr/share/doc/aide-0.9/aide.conf.in *"
echo "* *"
echo "* Then copy /etc/aide.conf, /usr/sbin/aide, *"
echo "* and aide.db.new to a secure location *"
echo "* (preferably read-only media) *"
echo "****************************************************************"
%clean
[ -n "${RPM_BUILD_ROOT}" -a "${RPM_BUILD_ROOT}" != / ] \
&& rm -rf ${RPM_BUILD_ROOT}/
%files
%defattr(-,root,root)
%doc AUTHORS COPYING ChangeLog NEWS README ./doc/manual.html ./extra/aide.html
%doc doc/aide.conf.in
%{_sbindir}/aide
%{_mandir}/man1/*
%{_mandir}/man5/*
/var/lib/aide
%defattr(0644,root,root,755)
%config(noreplace) /etc/cron.daily/aide.check
%changelog
* Thu Dec 20 2007 Olivier Blin <oblin@mandriva.com> 0.13-1mdv2008.1
+ Revision: 135819
- restore BuildRoot
+ Thierry Vignaud <tvignaud@mandriva.com>
- kill re-definition of %%buildroot on Pixel's request
- buildrequires obsoletes buildprereq
* Mon Dec 11 2006 Lenny Cartier <lenny@mandriva.com> 0.13-1mdv2007.0
+ Revision: 94778
- Update to 0.13
- Import aide
