Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package aide for openSUSE:Factory checked in at 2021-11-04 16:10:02 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/aide (Old) and /work/SRC/openSUSE:Factory/.aide.new.1890 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "aide" Thu Nov 4 16:10:02 2021 rev:34 rq:929164 version:0.17.3 Changes: -------- --- /work/SRC/openSUSE:Factory/aide/aide.changes 2021-04-06 17:31:27.039237031 +0200 +++ /work/SRC/openSUSE:Factory/.aide.new.1890/aide.changes 2021-11-04 16:10:44.289087783 +0100 @@ -1,0 +2,7 @@ +Thu Nov 4 10:51:25 UTC 2021 - Stefan Schubert <[email protected]> + +- Added aide.service and aide.timer in order to run + aide periodically in the background via systemd timer. +- aide-systemd.patch: hook in new manpages + +------------------------------------------------------------------- New: ---- aide-systemd.patch aide.service aide.service.8 aide.timer aide.timer.8 aide_service.conf ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ aide.spec ++++++ --- /var/tmp/diff_new_pack.Tnv1sp/_old 2021-11-04 16:10:44.957088173 +0100 +++ /var/tmp/diff_new_pack.Tnv1sp/_new 2021-11-04 16:10:44.961088175 +0100 @@ -26,19 +26,27 @@ Source1: aide.conf Source2: aide-cron_daily.sh Source3: aide-test.sh +Source4: aide.service +Source5: aide.service.8 +Source6: aide.timer +Source7: aide.timer.8 +Source8: aide_service.conf Source42: https://github.com/aide/aide/releases/download/v%{version}/aide-%{version}.tar.gz.asc Source43: aide.keyring Patch1: aide-0.17.3-as-needed.patch Patch2: aide-xattr-in-libc.patch +Patch3: aide-systemd.patch BuildRequires: automake BuildRequires: bison BuildRequires: curl-devel BuildRequires: flex +BuildRequires: gzip BuildRequires: libacl-devel BuildRequires: libgcrypt-devel BuildRequires: libselinux-devel BuildRequires: pcre-devel BuildRequires: pkgconfig +BuildRequires: systemd-rpm-macros BuildRequires: zlib-devel %description @@ -54,6 +62,7 @@ %setup -q %patch1 -p1 %patch2 -p1 +%patch3 -p1 %build autoreconf -fiv @@ -76,8 +85,17 @@ %make_install install -m 700 -d %{buildroot}%{_localstatedir}/lib/aide install -m 700 -d %{buildroot}%{_sysconfdir} +install -m 700 -d %{buildroot}%{_unitdir}/ +install -m 700 -d %{buildroot}%{_mandir}/man8 install -m 600 %{SOURCE1} %{buildroot}%{_sysconfdir}/aide.conf install -m 700 %{SOURCE3} %{buildroot}%{_bindir}/ +install -m 644 %{SOURCE4} %{buildroot}%{_unitdir}/aide.service +install -m 644 %{SOURCE6} %{buildroot}%{_unitdir}/aide.timer +install -m 644 %{SOURCE5} %{buildroot}%{_mandir}/man8/aide.service.8 +install -m 644 %{SOURCE7} %{buildroot}%{_mandir}/man8/aide.timer.8 +install -m 600 %{SOURCE8} %{buildroot}%{_sysconfdir}/aide_service.conf +gzip -9 %{buildroot}%{_mandir}/man8/aide.service.8 +gzip -9 %{buildroot}%{_mandir}/man8/aide.timer.8 mkdir -p doc/examples%{_sysconfdir}/cron.daily/ cp -a %{SOURCE2} doc/examples%{_sysconfdir}/cron.daily/aide.sh @@ -88,6 +106,13 @@ sed -i '/verbose=/d' %{_sysconfdir}/aide.conf sed -i 's/\t/ /g' %{_sysconfdir}/aide.conf fi +%systemd_post %{name}.service %{name}.timer + +%preun +%systemd_preun %{name}.service %{name}.timer + +%postun +%systemd_postun %{name}.service %{name}.timer %check rm -rf %{_localstatedir}/tmp/aide-test @@ -123,6 +148,11 @@ /%{_mandir}/man5/aide.conf.5.gz %{_localstatedir}/lib/aide %config(noreplace) %{_sysconfdir}/aide.conf +%config(noreplace) %{_sysconfdir}/aide_service.conf +%{_unitdir}/aide.service +%{_unitdir}/aide.timer +%{_mandir}/man8/aide.timer.8* +%{_mandir}/man8/aide.service.8* %files test %{_bindir}/aide-test.sh ++++++ aide-systemd.patch ++++++ diff -Naur org/doc/aide.1 patch/doc/aide.1 --- org/doc/aide.1 2021-11-03 16:06:51.562903494 +0100 +++ patch/doc/aide.1 2021-11-03 16:17:31.549730006 +0100 @@ -135,7 +135,7 @@ default \fBdatabase_in\fR and \fBdatabase_out\fR config values. .SH SEE ALSO -.BR aide.conf (5) +.BR aide.conf (5), aide.service (8), aide.timer (8) .SH BUGS There are probably bugs in this release. Please report them at https://github.com/aide/aide/issues . diff -Naur org/doc/aide.conf.5 patch/doc/aide.conf.5 --- org/doc/aide.conf.5 2021-11-03 16:06:51.582903583 +0100 +++ patch/doc/aide.conf.5 2021-11-03 16:18:03.469869750 +0100 @@ -668,7 +668,7 @@ .B "/foo e+p+u+g" .PP .SH "SEE ALSO" -.BR aide (1) +.BR aide (1), aide.service (8), aide.timer (8) .SH DISCLAIMER All trademarks are the property of their respective owners. No animals were harmed while making this webpage or this piece of ++++++ aide.service ++++++ [Unit] Description=Checking system for changed files Documentation=man:aide(1) After=local-fs.target [Service] Type=oneshot ExecStart=/bin/sh -c "/usr/bin/aide --check --config=/etc/aide_service.conf; exit 0" IOSchedulingClass=idle IOSchedulingPriority=7 ++++++ aide.service.8 ++++++ .TH AIDE.SERVICE 8 "2021-02-10" "aide v0.17.3" "systemd environment" .SH NAME \fBaide\fP \- Advanced Intrusion Detection Environment systemd environment .SH SYNOPSIS aide.service aide.timer .SH DESCRIPTION For easier maintenance of big clusters, aide can be run by systemd.timer(5) in regular intervals. The specific time can be set in /usr/lib/systemd/system/\fBaide.timer\fR (tag OnCalendar) or can be configured in /etc/systemd/system/aide.timer.d/local.conf. See systemd.unit(5) for more information. The timer can be manually started via the call "systemctl start aide.timer" or can be started while the boot process which has been enabled by the call "systemctl enable aide.timer". The result of the check will be written to "/var/log/aide_service.log". This can be set in the file /etc/aide_systemd.conf. .SH HINT Keep in mind that you have to init the database with the call "aide --init ; cp /var/lib/aide/aide.db.new /var/lib/aide/aide.db" at first before you are starting this service. .SH SEE ALSO .BR aide (1) .BR aide.conf (5) ++++++ aide.timer ++++++ [Unit] Description=Checking system for changed files Documentation=man:aide(1) After=local-fs.target [Timer] OnCalendar= daily AccuracySec=12h Persistent=true [Install] WantedBy=timers.target ++++++ aide.timer.8 ++++++ .so aide.service.8 ++++++ aide_service.conf ++++++ # # AIDE Configuration file for systemd service aide.service # # # Configuration parameters # database_in=file:/var/lib/aide/aide.db database_out=file:/var/lib/aide/aide.db.new report_url=file:/var/log/aide_service.log warn_dead_symlinks=yes # # Custom rules # Binlib = p+i+n+u+g+s+b+m+c+sha256+sha512 ConfFiles = p+i+n+u+g+s+b+m+c+sha256+sha512 Logs = p+i+n+u+g+S Devices = p+i+n+u+g+s+b+c+sha256+sha512 Databases = p+n+u+g StaticDir = p+i+n+u+g ManPages = p+i+n+u+g+s+b+m+c+sha256+sha512 # # Directories and files # # Kernel, system map, etc. /boot Binlib # watch config files, but exclude, what changes at boot time, ... !/etc/mtab !/etc/lvm* /etc ConfFiles # Binaries /bin Binlib /sbin Binlib # Libraries /lib Binlib # Complete /usr and /opt /usr Binlib /opt Binlib # Log files /var/log$ StaticDir #/var/log/aide/aide.log(.[0-9])?(.gz)? Databases #/var/log/aide/error.log(.[0-9])?(.gz)? Databases #/var/log/setuid.changes(.[0-9])?(.gz)? Databases /var/log Logs # Devices !/dev/pts /dev Devices # Other miscellaneous files /var/run$ StaticDir !/var/run /var/lib Databases # Test only the directory when dealing with /proc /proc$ StaticDir !/proc # manpages can be trojaned, especially depending on *roff implementation #/usr/man ManPages #/usr/share/man ManPages #/usr/local/man ManPages # check sources for modifications #/usr/src L #/usr/local/src L # Check headers for same #/usr/include L #/usr/local/include L
