%bcond_without check

Summary: Transform Linux Audit logs for SIEM usage 
Name: laurel
Version: 0.6.2
Release: 2%{?dist}
License: GPL3
URL: https://github.com/threathunters-io/laurel
Source0: laurel-0.6.2.tar.gz
Source1: vendor.tar.gz
Source2: laurel.conf
Source3: config.toml
BuildRequires: cargo-rpm-macros >= 26
BuildRequires: clang libacl-devel
# man pages
BuildRequires: pandoc make

%description
LAUREL is an event post-processing plugin for auditd(8) that generates useful, 
enriched JSON-based audit logs suitable for modern security monitoring setups.

%prep

%setup -q -a1
%cargo_prep

# to download the deps, type "cargo vendor" and make a tar ball of the vendor directory

# some weird shit here
sed -i "s|^registry.*||g" .cargo/config.toml
sed -i "s|^replace-with.*|replace-with = \"vendored-sources\"|g" .cargo/config.toml

cat >> .cargo/config.toml << EOF
 
[source.vendored-sources]
directory = "vendor"
EOF

cat >> Cargo.toml << EOF
[profile.release]
lto = true
EOF

%build
export RUSTFLAGS="%build_rustflags"

%cargo_build

# man pages
make -C man

%install
install -d %{buildroot}%{_sysconfdir}/audit/plugins.d
install -d %{buildroot}%{_sysconfdir}/laurel
install -d %{buildroot}%{_localstatedir}/log/laurel
install -m0644 %{SOURCE2} %{buildroot}%{_sysconfdir}/audit/plugins.d/laurel.conf
install -m0644 %{SOURCE3} %{buildroot}%{_sysconfdir}/laurel/config.toml

install -d %{buildroot}%{_sbindir}
install -m0755 target/rpm/laurel %{buildroot}%{_sbindir}/
install -m0755 target/rpm/laurel2audit %{buildroot}%{_sbindir}/

install -d %{buildroot}%{_mandir}/man{7,8}
install -m0644 man/*.7 %{buildroot}%{_mandir}/man7/
install -m0644 man/*.8 %{buildroot}%{_mandir}/man8/

%if %{with check}
%check
%cargo_test
%endif

%post
chcon system_u:object_r:auditd_log_t:s0 %{_localstatedir}/log/laurel

%files
%doc LICENSE README* audit-specs contrib/selinux
%dir %{_sysconfdir}/laurel
%config(noreplace) %{_sysconfdir}/audit/plugins.d/laurel.conf
%config(noreplace) %{_sysconfdir}/laurel/config.toml
%{_sbindir}/laurel
%{_sbindir}/laurel2audit
%{_mandir}/man7/*
%{_mandir}/man8/*
%dir %{_localstatedir}/log/laurel

%changelog
* Thu Jun 27 2024 Oden Eriksson <oe@nux.se> - 0.6.2-2
- drop the selinux sub package and don't run is as _laurel

* Sun Jun 16 2024 Oden Eriksson <oe@nux.se> - 0.6.2-1
- rebuild for RHEL 9 and FC40

* Fri Jun 14 2024 Oden Eriksson <oe@nux.se> - 0.6.2-0.2
- added some of the fedora guidelines

* Thu Jun 13 2024 Oden Eriksson <oe@nux.se> - 0.6.2-0.1
- first blood