Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:deadpoint
samhain-yule
samhain-yule.spec
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File samhain-yule.spec of Package samhain-yule
# # Accepted parameters for 'rpmbuild': # # --with tests - make tests before building %define _fwdefdir %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services Summary: File integrity and host-based IDS Name: yule Version: 3.0.6 Release: 1 License: GPL URL: http://www.la-samhna.de/samhain/ Group: System/Monitoring Source: samhain-%{version}.tar.gz Source1: samhain.init Source2: samhain-README.SuSE Patch0: Makefile_in.patch BuildRoot: %{_tmppath}/samhain-%{version}-root BuildRequires: procps BuildRequires: pcre-devel BuildRequires: libmysqlclient-devel BuildRequires: zlib-devel BuildRequires: postgresql-devel BuildRequires: update-alternatives # obs:server:monitoring #BuildRequires: libprelude-devel #Requires: libprelude2 Requires: procps Requires(post): update-alternatives Requires(postun): update-alternatives # dummy (fix configure warning) # datarootdir = @datarootdir@ # no quotes here - aparently will be expanded literally %define withpwd_prg xDSH_WITH_SERVER %define withstg_prg x # disable automatic stripping of binaries upon installation %define __spec_install_post %{nil} # required because DeadRat wants to package some debug info otherwise # (this debug info would be created by debug_install_post called # from spec_install_post) %define debug_package %{nil} # Use internal dependency generator rather than external helpers? %define _use_internal_dependency_generator 0 %description yule is an open source file integrity and host-based intrusion detection system for Linux and Unix. It can run as a daemon process, and and thus can remember file changes -- contrary to a tool that runs from cron, if a file is modified you will get only one report, while subsequent checks of that file will ignore the modification as it is already reported (unless the file is modified again). yule can optionally be used as client/server system to provide centralized monitoring for multiple host. Logging to a (MySQL or PostgreSQL) database is supported. NOTE: for security reasons, if you distribute binary executables to third parties you should point out the use of the --add-key option to modify the key material within the executable. This spec file is intended to facilitate installation on YOUR system. If you use this spec file to build a SRPM for distribution to third parties, make sure to remove the --enable-base configure option below. %package mysql Summary: Mysql Support for Yule Group: System/Monitoring Requires: %{name} = %{version} Requires: mysql-community-server Requires(post): update-alternatives Requires(postun): update-alternatives %description mysql This package provides mysql support for Yule. %package postgresql Summary: Postgresql Support for Yule Group: System/Monitoring Requires: %{name} = %{version} Requires: postgresql-server Requires(post): update-alternatives Requires(postun): update-alternatives %description postgresql This package provides postgresql support for Yule. %prep %setup -q -n samhain-%{version} %patch0 install -m 0644 %{S:2} README.SuSE %build %if %{?_with_tests:1}%{!?_with_tests:0} # test installation (test #7 is only included if --with gpg has been # specified) for i in `seq 6` %{?_with_gpg:7}; do ./test/test.sh $i; done %endif # configure opts CONFIGOPTS="--sbindir=%{_sbindir} \ --mandir=%{_mandir} \ --enable-identity=yule \ --enable-base=8347731,1889402732 \ --enable-network=server \ --enable-micro-stealth=168 \ --enable-suidcheck \ --enable-login-watch \ --enable-mounts-check \ --enable-logfile-monitor \ --enable-process-check \ --enable-port-check \ --enable-userfiles \ --enable-xml-log" # # build w/db support # for ii in mysql postgresql do ./configure $CONFIGOPTS \ --with-database=$ii make %{?_smp_mflags} # rename yule binary mv %{name} %{name}.$ii make clean done # build w/o db ./configure $CONFIGOPTS make %{?_smp_mflags} %install rm -rf %{buildroot} # sstrip shouldn't be used since binaries will be stripped later ## cat << EOF > sstrip ## #!/bin/sh ## echo "*** SSTRIP DISABLED ***" ## EOF make DESTDIR=%{buildroot} install # mv %{buildroot}/%{_sbindir}/%{name} %{buildroot}/%{_sbindir}/%{name}.vanilla # mkdir -p %{buildroot}%{_fwdefdir} mkdir -p %{buildroot}%{_initrddir} mkdir -p %{buildroot}%{_sbindir} mkdir -p %{buildroot}%{_datarootdir}/%{name} #mkdir -p %{buildroot}%{_defaultdocdir}/%{name} # init script install -m 0755 %{S:1} %{buildroot}/%{_initrddir}/%{name} ln -s %{_initrddir}/%{name} %{buildroot}/%{_sbindir}/rc%{name} # db init files install -m 644 sql_init/samhain.mysql.init sql_init/samhain.oracle.init \ sql_init/samhain.postgres.init %{buildroot}%{_datarootdir}/%{name} # # file list (helpful advice from Lars Kellogg-Stedman) # echo "%{_sbindir}/%{name}.vanilla" > sh_file_list find %{buildroot}/lib/modules \! -type d -print | \ sed 's,%{buildroot},,' >> sh_file_list # install install -m 700 %{name}.mysql %{buildroot}/%{_sbindir}/ install -m 700 %{name}.postgresql %{buildroot}/%{_sbindir}/ %clean rm -rf %{buildroot} %pre # add group/user groupadd -r %{name} 2>/dev/null || : useradd -r -g %{name} -s /bin/false -c "User for yule" \ -d %{_localstatedir}/lib/%{name} %{name} 2>/dev/null || : %post # update-alternatives --quiet --install \ %{_sbindir}/%{name} %{name} %{_sbindir}/%{name}.vanilla 10 if test "x" = x; then : else if test -f /sbin/depmod; then /sbin/depmod -a fi fi %post mysql update-alternatives --quiet --install \ %{_sbindir}/%{name} %{name} %{_sbindir}/%{name}.mysql 20 %post postgresql update-alternatives --quiet --install \ %{_sbindir}/%{name} %{name} %{_sbindir}/%{name}.postgresql 20 %preun %stop_on_removal update-alternatives --remove \ %{name} %{_sbindir}/%{name}.vanilla %preun mysql %stop_on_removal update-alternatives --remove \ %{name} %{_sbindir}/%{name}.mysql %preun postgresql %stop_on_removal update-alternatives --remove \ %{name} %{_sbindir}/%{name}.postgresql %postun %restart_on_update %insserv_cleanup if [ "$1" = 0 ]; then # remove any kernel modules that might have been installed RVER=`uname -r` MODFILES=`ls /lib/modules/$RVER/%{name}* 2>/dev/null` if test "x$MODFILES" = x; then : else rm -f /lib/modules/$RVER/%{name}* fi fi %files -f sh_file_list %defattr(-,root,root) %dir %{_localstatedir}/log/%{name} %doc docs/BUGS COPYING docs/Changelog docs/TODO README.SuSE %doc LICENSE docs/FAQ.html docs/HOWTO* docs/MANUAL-2_3.* docs/README* %{_localstatedir}/lib/%{name} %if "%{withstg_prg}" == "xsamhain_stealth" %{_sbindir}/%{name}_stealth %endif %if "%{withpwd_prg}" == "xDSH_WITH_CLIENT" %{_sbindir}/%{name}_setpwd %endif %if "%{withpwd_prg}" == "xDSH_WITH_SERVER" %{_sbindir}/%{name}ctl %exclude %{_sbindir}/%{name}_setpwd %endif %attr(644,root,root) /usr/share/man/man5/%{name}* %attr(644,root,root) /usr/share/man/man8/%{name}* %attr(600,%{name},%{name}) %config(noreplace) %{_sysconfdir}/%{name}rc %config(noreplace) %{_sysconfdir}/logrotate.d/%{name} %config %{_fwdefdir}/%{name} %dir %{_datarootdir}/%{name} %{_datarootdir}/%{name}/* %{_initrddir}/%{name} %{_sbindir}/rc%{name} %files mysql %defattr(-,root,root) %{_sbindir}/%{name}.mysql %files postgresql %defattr(-,root,root) %{_sbindir}/%{name}.postgresql %changelog
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor