File devialog.spec of Package devialog

Overview Repositories Revisions Requests Users Attributes Meta

File devialog.spec of Package devialog

#
# spec file for package devialog
#
# Copyright (c) 2021 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via https://bugs.opensuse.org/
#

%if 0%{?suse_version} >= 1230
%bcond_without systemd
%else
%bcond_with systemd
%endif

Name:           devialog
Version:        0.9.0
Release:        0
Summary:        Syslog Anomaly Detection
License:        GPL-2.0-or-later
Group:          System/Monitoring
URL:            https://devialog.org/
Source0:        %{name}-%{version}.tar.bz2
Source1:        devialog-README.SUSE
Source2:        devialog-sysconfig
Source3:        devialog.init
Source4:        devialog.systemd
Patch0:         %{name}-%{version}-distribution.patch
Requires:       perl(File::Tail)
Requires:       perl(Getopt::Std)
Requires:       perl(Mail::Sendmail)
Requires:       perl(Socket)
%if %{with systemd}
BuildRequires:  pkgconfig(systemd)
%else
Requires(pre): %fillup_prereq
%endif
BuildArch:      noarch
BuildRoot:      %{_tmppath}/%{name}-%{version}-build
%if ! %{defined _fillupdir}
%define _fillupdir /var/adm/fillup-templates
%endif

%description
devialog is a behavior/anomaly-based syslog intrusion detection system which
detects unknown attacks via anomalies in syslog. It can generate signatures for
ease of management, act upon anomalies in a predefined fashion or perform as a
standard log parser

%prep
%setup -q
%patch0 -p1
install -m644 %{SOURCE1} README.SUSE

%build
# nothing to do here

%install
mkdir -p %{buildroot}/%{_bindir}
for file in devialog.pl devialogsig.pl ; do
	install -m755 $file %{buildroot}/%{_bindir}/
done
mkdir -p %{buildroot}/%{_sysconfdir}
sed -e "s|\t.*AnomalyOutfile.*|\tAnomalyOutfile = %{_localstatedir}/log/anomalies|g; \
		s|\t.*AnomalyRcpts.*|\tAnomalyRcpts = root@localhost|g; \
		s|\t.*SignatureFile.*|\tSignatureFile = %{_sysconfdir}/signatures.pl|g; \
		s|\t.*SuggestedSignatureLocation.*|\tSuggestedSignatureLocation = %{_localstatedir}/log/suggested.log|g" \
		devialog.conf > %{buildroot}/%{_sysconfdir}/devialog.conf
chmod 0640 %{buildroot}/%{_sysconfdir}/devialog.conf
install -m640 signatures.pl %{buildroot}/%{_sysconfdir}/
mkdir -p %{buildroot}/%{_sbindir}
%if %{with systemd}
install -Dm644 %{SOURCE4} %{buildroot}/%{_unitdir}/%{name}.service
ln -sf %{_sbindir}/service %{buildroot}%{_sbindir}/rc%{name}
%else
install -Dm644 %{SOURCE2} %{buildroot}%{_fillupdir}/sysconfig.%{name}
install -Dm755 %{SOURCE3} %{buildroot}/%{_sysconfdir}/init.d/devialog
ln -sf ../../etc/init.d/%{name} %{buildroot}%{_sbindir}/rc%{name}
%endif
mkdir -p %{buildroot}%{_localstatedir}/log
touch %{buildroot}%{_localstatedir}/log/anomalies
touch %{buildroot}%{_localstatedir}/log/suggested.log

%if %{with systemd}
%pre
%service_add_pre %{name}.service

%preun
%service_del_preun %{name}.service

%post
%service_add_post %{name}.service

%postun
%service_del_postun %{name}.service

%else
%post
%fillup_only
%endif # with systemd

%files
%defattr(-,root,root)
%license COPYING
%doc BUGS QUICKSTART README.SUSE devialog.conf
%{_bindir}/*.pl
%{_sbindir}/rcdevialog
%if %{with systemd}
%{_unitdir}/%{name}.service
%else
%if 0%{?suse_version} >= 01500
%dir %{_fillupdir}
%endif
%{_fillupdir}/sysconfig.%{name}
%{_sysconfdir}/init.d/devialog
%endif
%config(noreplace) %{_sysconfdir}/devialog.conf
%config(noreplace) %{_sysconfdir}/signatures.pl
%ghost %config %{_localstatedir}/log/anomalies
%ghost %config %{_localstatedir}/log/suggested.log

%changelog

Places

File devialog.spec of Package devialog

Places