From 4dc073ba8d34da4cf7f4f92012ac7f4f82c52fd3 Mon Sep 17 00:00:00 2001 From: Steve Grubb Date: Sat, 15 May 2010 17:17:08 +0000 Subject: [PATCH] - Fix bz 590561 aide does not detect the change of SElinux context - Fix bz 590566 aide reports a changed file when it has not been changed --- aide-0.14-perms.patch | 14 ++++++++++++++ aide-0.14-selinux.patch | 35 +++++++++++++++++++++++++++++++++++ aide.spec | 10 +++++++++- 3 files changed, 58 insertions(+), 1 deletion(-) create mode 100644 aide-0.14-perms.patch create mode 100644 aide-0.14-selinux.patch diff --git a/aide-0.14-perms.patch b/aide-0.14-perms.patch new file mode 100644 index 0000000..e335a40 --- /dev/null +++ b/aide-0.14-perms.patch @@ -0,0 +1,14 @@ +diff -urp aide-0.14.orig/src/gen_list.c aide-0.14/src/gen_list.c +--- aide-0.14.orig/src/gen_list.c 2010-05-15 10:32:49.000000000 -0400 ++++ aide-0.14/src/gen_list.c 2010-05-15 13:10:08.000000000 -0400 +@@ -1007,7 +1007,9 @@ void strip_dbline(db_line* line,DB_ATTR_ + if(!(attr&DB_LINKNAME)){ + checked_free(line->linkname); + } +- /* permissions are always needed for summarize_changes, hence it is never stripped */ ++ if(!(attr&DB_PERM)){ ++ line->perm=0; ++ } + if(!(attr&DB_UID)){ + line->uid=0; + } diff --git a/aide-0.14-selinux.patch b/aide-0.14-selinux.patch new file mode 100644 index 0000000..153f3b4 --- /dev/null +++ b/aide-0.14-selinux.patch @@ -0,0 +1,35 @@ +diff -urp aide-0.14.orig/include/compare_db.h aide-0.14/include/compare_db.h +--- aide-0.14.orig/include/compare_db.h 2010-05-15 10:15:23.000000000 -0400 ++++ aide-0.14/include/compare_db.h 2010-05-15 10:16:05.000000000 -0400 +@@ -48,6 +48,6 @@ void init_rxlst(list* rxlst); + * compare_dbline() + * Return RETOK if same RETFAIL if not + */ +-int compare_dbline(db_line* old,db_line* new,DB_ATTR_TYPE ignorelist); ++DB_ATTR_TYPE compare_dbline(db_line* old,db_line* new,DB_ATTR_TYPE ignorelist); + + #endif +diff -urp aide-0.14.orig/src/aide.c aide-0.14/src/aide.c +--- aide-0.14.orig/src/aide.c 2010-05-15 10:15:23.000000000 -0400 ++++ aide-0.14/src/aide.c 2010-05-15 10:17:32.000000000 -0400 +@@ -246,7 +246,7 @@ void setdefaults_before_config() + char* urlstr=INITIALERRORSTO; + url_t* u=NULL; + char* s=(char*)malloc(sizeof(char)*MAXHOSTNAMELEN+1); +- unsigned long long p; ++ DB_ATTR_TYPE p; + + /* + Set up the hostname +diff -urp aide-0.14.orig/src/compare_db.c aide-0.14/src/compare_db.c +--- aide-0.14.orig/src/compare_db.c 2010-05-15 10:15:23.000000000 -0400 ++++ aide-0.14/src/compare_db.c 2010-05-15 10:16:42.000000000 -0400 +@@ -275,7 +275,7 @@ static int compare_str(const char *s1, c + - ignorelist kertoo mitä ei saa vertailla + */ + +-int compare_dbline(db_line* l1,db_line* l2,DB_ATTR_TYPE ignorelist) ++DB_ATTR_TYPE compare_dbline(db_line* l1,db_line* l2,DB_ATTR_TYPE ignorelist) + { + + #define easy_compare(a,b) \ diff --git a/aide.spec b/aide.spec index c6c3f0f..27a6876 100644 --- a/aide.spec +++ b/aide.spec @@ -4,7 +4,7 @@ Summary: Intrusion detection environment Name: aide Version: 0.14 -Release: 2%{?dist} +Release: 3%{?dist} URL: http://sourceforge.net/projects/aide License: GPLv2+ Group: Applications/System @@ -16,6 +16,8 @@ Source3: aide.logrotate Patch1: aide-0.14-man.patch Patch2: aide-0.13.1-libgrypt-init.patch Patch3: aide-0.14-abort.patch +Patch4: aide-0.14-selinux.patch +Patch5: aide-0.14-perms.patch Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot-%(%{__id_u} -n) BuildRequires: mktemp BuildRequires: prelink elfutils-libelf-devel @@ -40,6 +42,8 @@ checker and intrusion detection program. %patch1 -p1 %patch2 -p1 %patch3 -p1 +%patch4 -p1 +%patch5 -p1 %build %configure --with-config_file=%{_sysconfdir}/aide.conf \ @@ -85,6 +89,10 @@ rm -rf $RPM_BUILD_ROOT %changelog +* Sat May 15 2010 Steve Grubb - 0.14-3 +- Fix bz 590561 aide does not detect the change of SElinux context +- Fix bz 590566 aide reports a changed file when it has not been changed + * Wed Apr 28 2010 Steve Grubb - 0.14-2 - Fix bz 574764 by replacing abort calls with exit - Apply libgcrypt init patch