Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
server:monitoring
ossec-hids
ossec-hids.spec
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File ossec-hids.spec of Package ossec-hids
# # spec file for package ossec-hids # # Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # # Notes # agent - read local files (syslog, snort, etc) and forward # server - above + notifications + remote agents # local - do everything server does, but not recieve messages %define experimental 1 %define short_name ossec %define ossec_dir /var/lib/ossec # backward compatible requirement SLE... %{?!_initddir:%define _initddir %_initrddir} %if ! %{defined _fillupdir} %define _fillupdir /var/adm/fillup-templates %endif Summary: An Open Source Host-based Intrusion Detection System Name: ossec-hids Version: 3.7.0 Release: 0 License: GPL-2.0+ Group: Productivity/Security Source0: https://github.com/ossec/%{name}/archive/v%{version}/%{version}.tar.gz Source2: ossec-hids.logrotate Source3: ossec-init.conf Source4: ossec-hids.service Source5: sysconfig.ossec-hids Source6: sysconfig.ossec-hids-client Source7: sysconfig.ossec-hids-server Source99: %{name}.keyring Source100: ossec-hids-rpmlintrc Patch1: ossec-hids-location.patch URL: http://www.%{short_name}.net/ Vendor: http://www.ossec.net BuildRequires: coreutils # %if 0%{?suse_version} > 1120 BuildRequires: zlib-devel-static %else BuildRequires: zlib-devel BuildRequires: -post-build-checks %endif BuildRequires: glibc-devel BuildRequires: libevent-devel BuildRequires: openssl-devel BuildRequires: mysql-devel BuildRequires: pcre2-devel BuildRequires: postgresql-devel BuildRequires: update-alternatives BuildRequires: apache2-devel BuildRequires: libGeoIP-devel %if 0%{?suse_version} >= 1210 BuildRequires: systemd %endif %{?systemd_requires} BuildRoot: %{_tmppath}/%{name}-%{version}-build #BuildArch: noarch # Requires(pre): %{_sbindir}/groupadd Requires(pre): %{_sbindir}/useradd Requires(post): update-alternatives Requires(postun): update-alternatives PreReq: %fillup_prereq PreReq: %insserv_prereq Requires: logrotate Provides: ossec ExclusiveOS: linux %description OSSEC HIDS is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, rootkit detection, time-based alerting and active response. %package client Summary: The OSSEC HIDS Client Group: Productivity/Security Provides: ossec-client Requires: %{name} = %{version}-%{release} Conflicts: %{name}-server %description client The %{name}-client package contains the client part of the OSSEC HIDS. Install this package on every client to be monitored. %package server Summary: The OSSEC HIDS Server Group: Productivity/Security Provides: ossec-server Requires: %{name} = %{version}-%{release} Conflicts: %{name}-client %description server The %{name}-server package contains the server part of the OSSEC HIDS. Install this package on a central machine for log collection and alerting. %package server-mysql Summary: The OSSEC HIDS Server with MySQL Support Group: Productivity/Security Requires: %{name}-server = %{version}-%{release} Requires: mysql-server Requires(post): update-alternatives Requires(postun): update-alternatives %description server-mysql This package provides mysql support for ossec %package server-postgresql Summary: The OSSEC HIDS Server with PostgreSQL Support Group: Productivity/Security Requires: %{name}-server = %{version}-%{release} Requires: postgresql-server Requires(post): update-alternatives Requires(postun): update-alternatives %description server-postgresql This package provides postgresql support for ossec %prep %setup -q -n %{version} %patch1 -p1 # Prepare for docs rm -rf contrib/specs rm -rf contrib/ossec-testing #chmod -x contrib/* %build mkdir bin pushd src # Build the agent version first %{__make} %{?_smp_mflags} TARGET=agent ZLIB_SYSTEM=yes PCRE2_SYSTEM=yes USE_GEOIP=1 mv manage_agents ../manage_client mv ossec-logcollector ../client-logcollector mv ossec-syscheckd ../client-syscheckd # Rebuild for server # # mysql make clean %{__make} %{?_smp_mflags} TARGET=hybrid ZLIB_SYSTEM=yes PCRE2_SYSTEM=yes USE_GEOIP=1 DATABASE=mysql mv ossec-dbd ../mysql.ossec-dbd # postgres make clean %{__make} %{?_smp_mflags} TARGET=hybrid ZLIB_SYSTEM=yes PCRE2_SYSTEM=yes USE_GEOIP=1 DATABASE=pgsql mv ossec-dbd ../pg.ossec-dbd # make clean %{__make} %{?_smp_mflags} TARGET=hybrid ZLIB_SYSTEM=yes PCRE2_SYSTEM=yes USE_GEOIP=1 mv ossec-dbd ../bin/ossec-dbd.vanilla mv ../pg.ossec-dbd ../bin/ossec-dbd.pg mv ../mysql.ossec-dbd ../bin/ossec-dbd.mysql popd # Do not strip, only compress documentation %define __os_install_post /usr/lib/rpm/brp-compress # Exclude from requires %define _use_internal_dependency_generator 0 %install mkdir -p %{buildroot}%{_initrddir} mkdir -p %{buildroot}%{_sbindir} mkdir -p %{buildroot}%{ossec_dir}/{bin,stats,rules,tmp} mkdir -p %{buildroot}%{ossec_dir}/rules/translated/pure_ftpd mkdir -p %{buildroot}%{ossec_dir}/logs/{archives,alerts,firewall} mkdir -p %{buildroot}%{ossec_dir}/queue/{alerts,%{short_name},fts,syscheck,rootcheck,agent-info,rids} mkdir -p %{buildroot}%{ossec_dir}/var/run mkdir -p %{buildroot}%{ossec_dir}/etc/shared mkdir -p %{buildroot}%{ossec_dir}/etc/templates mkdir -p %{buildroot}%{ossec_dir}/etc/sql mkdir -p %{buildroot}%{ossec_dir}/active-response/bin #install -m 0600 %{short_name}-init.conf %{buildroot}%{_sysconfdir} install -m 0644 etc/%{short_name}.conf %{buildroot}%{ossec_dir}/etc/%{short_name}.conf.sample install -m 0644 etc/%{short_name}-{agent,server}.conf %{buildroot}%{ossec_dir}/etc install -m 0644 etc/*.xml %{buildroot}%{ossec_dir}/etc install -m 0644 etc/internal_options* %{buildroot}%{ossec_dir}/etc install -m 0644 etc/rules/*xml %{buildroot}%{ossec_dir}/rules install -m 0644 etc/rules/translated/pure_ftpd/* %{buildroot}%{ossec_dir}/rules/translated/pure_ftpd install -m 0644 etc/templates/config/* %{buildroot}%{ossec_dir}/etc/templates/ install -m 0550 bin/* %{buildroot}%{ossec_dir}/bin install -m 0550 src/ossec-* %{buildroot}%{ossec_dir}/bin install -m 0550 src/list_agents %{buildroot}%{ossec_dir}/bin install -m 0550 src/manage_agents %{buildroot}%{ossec_dir}/bin install -m 0550 src/syscheck_update %{buildroot}%{ossec_dir}/bin install -m 0550 src/clear_stats %{buildroot}%{ossec_dir}/bin install -m 0550 src/agent_control %{buildroot}%{ossec_dir}/bin install -m 0550 src/rootcheck_control %{buildroot}%{ossec_dir}/bin install -m 0550 src/syscheck_control %{buildroot}%{ossec_dir}/bin install -m 0550 src/verify-agent-conf %{buildroot}%{ossec_dir}/bin # install -m 0550 manage_client %{buildroot}%{ossec_dir}/bin install -m 0550 client-logcollector %{buildroot}%{ossec_dir}/bin install -m 0550 client-syscheckd %{buildroot}%{ossec_dir}/bin # install -m 0755 active-response/*.sh %{buildroot}%{ossec_dir}/active-response/bin install -m 0644 src/rootcheck/db/*.txt %{buildroot}%{ossec_dir}/etc/shared install -m 0644 src/os_dbd/mysql.schema %{buildroot}%{ossec_dir}/etc/sql/mysql.schema install -m 0644 src/os_dbd/postgresql.schema %{buildroot}%{ossec_dir}/etc/sql/postgresql.schema install -m 0550 src/init/%{short_name}-{client,server}.sh %{buildroot}%{ossec_dir}/bin # init script install -m 0755 src/init/%{name}-suse.init %{buildroot}%{_initrddir}/%{name} ln -s %{_initrddir}/%{name} %{buildroot}%{_sbindir}/rc%{name} # systemd service file %if 0%{?_unitdir:1} install -Dpm 0644 %{SOURCE4} %{buildroot}%_unitdir/%{name}.service %endif install -d -m 0755 %{buildroot}%{_fillupdir} install -m 0644 %{S:5} %{buildroot}%{_fillupdir} DATE=`date` find %{buildroot}%{_fillupdir} -type f -exec \ sed -i -e "s/BUILD_VER/%{version}/" -e "s/BUILD_DATE/$DATE/" {} + # set correct ossec-dir for ii in etc rules active-response do find %{buildroot}%{ossec_dir}/$ii -type f -exec sed -i 's%/var/ossec%/var/lib/ossec%' {} + done # create the faux ossec.conf, %ghost'ed files must exist in the buildroot touch %{buildroot}%{ossec_dir}/etc/%{short_name}.conf mkdir -p $RPM_BUILD_ROOT/etc/logrotate.d install -m 0644 %{SOURCE2} %{buildroot}/etc/logrotate.d/%{name} # %pre %{_sbindir}/groupadd -r %{short_name} 2>/dev/null || : %{_sbindir}/useradd -g %{short_name} -G %{short_name} \ -d %{ossec_dir} \ -r -s /sbin/nologin %{short_name} 2>/dev/null || : # %pre server for users in %{short_name}m %{short_name}e %{short_name}r do %{_sbindir}/useradd -g %{short_name} -G %{short_name} \ -d %{ossec_dir} \ -r -s /sbin/nologin $users 2>/dev/null || : done %if 0%{?_unitdir:1} %service_add_pre %{name}.service %endif # %pre client %if 0%{?_unitdir:1} %service_add_pre %{name}.service %endif %post %{fillup_only} # %post client %if 0%{?_unitdir:1} %service_add_post %{name}.service %endif if [ ! -f %{ossec_dir}/etc/%{short_name}.conf ]; then ln -sf %{short_name}-agent.conf %{ossec_dir}/etc/%{short_name}.conf fi ln -sf %{short_name}-client.sh %{ossec_dir}/bin/%{short_name}-control # daemon trickery ln -sf %{ossec_dir}/bin/client-logcollector %{ossec_dir}/bin/%{short_name}-logcollector ln -sf %{ossec_dir}/bin/client-syscheckd %{ossec_dir}/bin/%{short_name}-syscheckd # Create log file touch %{ossec_dir}/logs/ossec.log chown %{short_name}:%{short_name} %{ossec_dir}/logs/ossec.log chmod 0664 %{ossec_dir}/logs/ossec.log %post server #%%{fillup_only -nsa ossec-hids server} %if 0%{?_unitdir:1} %service_add_post %{name}.service %endif if [ ! -f %{ossec_dir}/etc/%{short_name}.conf ]; then ln -sf %{short_name}-server.conf %{ossec_dir}/etc/%{short_name}.conf fi ln -sf %{short_name}-server.sh %{ossec_dir}/bin/%{short_name}-control # Create log file touch %{ossec_dir}/logs/ossec.log chown %{short_name}:%{short_name} %{ossec_dir}/logs/ossec.log chmod 0664 %{ossec_dir}/logs/ossec.log # update-alternatives --quiet --install \ %{ossec_dir}/bin/%{short_name}-dbd \ %{short_name}-dbd \ %{ossec_dir}/bin/%{short_name}-dbd.vanilla 10 %post server-mysql update-alternatives --quiet --install \ %{ossec_dir}/bin/%{short_name}-dbd \ %{short_name}-dbd \ %{ossec_dir}/bin/%{short_name}-dbd.mysql 20 %post server-postgresql update-alternatives --quiet --install \ %{ossec_dir}/bin/%{short_name}-dbd \ %{short_name}-dbd \ %{ossec_dir}/bin/%{short_name}-dbd.pg 20 # %preun client %stop_on_removal %{name} %if 0%{?_unitdir:1} %service_del_preun %{name}.service %endif if [ $1 = 0 ]; then # cleanup on removal %{__rm} -f %{ossec_dir}/etc/localtime %{__rm} -f %{ossec_dir}/etc/%{short_name}.conf %{__rm} -f %{ossec_dir}/bin/%{short_name}-control %{__rm} -f %{ossec_dir}/bin/%{short_name}-logcollector %{__rm} -f %{ossec_dir}/bin/%{short_name}-syscheckd fi # %postun client %if 0%{?_unitdir:1} %service_del_postun %{name}.service %endif %insserv_cleanup # %preun server %stop_on_removal %{name} %if 0%{?_unitdir:1} %service_del_preun %{name}.service %endif if [ $1 = 0 ]; then # cleanup on removal %{__rm} -f %{ossec_dir}/etc/localtime %{__rm} -f %{ossec_dir}/etc/%{short_name}.conf %{__rm} -f %{ossec_dir}/bin/%{short_name}-control fi # update-alternatives --remove \ %{short_name}-dbd %{ossec_dir}/bin/%{short_name}-dbd.vanilla # %postun server %if 0%{?_unitdir:1} %service_del_postun %{name}.service %endif %insserv_cleanup # This occures during install of ossec-hids!!! %triggerin -- glibc [ -r %{_sysconfdir}/localtime ] && cp -fpL %{_sysconfdir}/localtime %{ossec_dir}/etc %preun server-mysql update-alternatives --remove \ %{short_name}-dbd %{ossec_dir}/bin/%{short_name}-dbd.mysql %preun server-postgresql update-alternatives --remove \ %{short_name}-dbd %{ossec_dir}/bin/%{short_name}-dbd.pg %clean %{__rm} -rf %{buildroot} %files %defattr(-,root,root) %doc BUGS CONFIG INSTALL* README.md %doc %dir %attr(550,root,%{short_name}) %dir %{ossec_dir} %attr(550,root,%{short_name}) %dir %{ossec_dir}/active-response %attr(550,root,%{short_name}) %dir %{ossec_dir}/active-response/bin %attr(550,root,%{short_name}) %dir %{ossec_dir}/bin %attr(550,root,%{short_name}) %dir %{ossec_dir}/etc %attr(550,root,%{short_name}) %dir %{ossec_dir}/etc/sql %attr(770,%{short_name},%{short_name}) %dir %{ossec_dir}/etc/shared %attr(750,%{short_name},%{short_name}) %dir %{ossec_dir}/etc/templates %attr(640,%{short_name},%{short_name}) %{ossec_dir}/etc/templates/* %attr(750,%{short_name},%{short_name}) %dir %{ossec_dir}/logs %attr(550,root,%{short_name}) %dir %{ossec_dir}/queue %attr(770,%{short_name},%{short_name}) %dir %{ossec_dir}/queue/alerts %attr(770,%{short_name},%{short_name}) %dir %{ossec_dir}/queue/%{short_name} %attr(750,%{short_name},%{short_name}) %dir %{ossec_dir}/queue/syscheck %attr(770,%{short_name},%{short_name}) %dir %{ossec_dir}/queue/rids %attr(550,root,%{short_name}) %dir %{ossec_dir}/var %attr(770,root,%{short_name}) %dir %{ossec_dir}/var/run %config(noreplace) %{_sysconfdir}/logrotate.d/ossec-hids %config(noreplace) %{_sysconfdir}/init.d/ossec-hids %{_sbindir}/rc%{name} %{_fillupdir}/sysconfig.ossec-hids %if 0%{?_unitdir:1} %_unitdir/%{name}.service %endif %files client %defattr(-,root,root) %config(noreplace) %{ossec_dir}/etc/%{short_name}-agent.conf %config(noreplace) %{ossec_dir}/etc/internal_options* %config(noreplace) %{ossec_dir}/etc/shared/* %{ossec_dir}/etc/*.sample %{ossec_dir}/active-response/bin/* %{ossec_dir}/bin/%{short_name}-client.sh %{ossec_dir}/bin/%{short_name}-agentd %{ossec_dir}/bin/client-logcollector %{ossec_dir}/bin/client-syscheckd %{ossec_dir}/bin/ossec-logcollector %{ossec_dir}/bin/ossec-syscheckd %{ossec_dir}/bin/%{short_name}-execd %{ossec_dir}/bin/manage_client %{ossec_dir}/bin/ossec-authd %files server %defattr(-,root,root) %ghost %config(missingok,noreplace) %{ossec_dir}/etc/ossec.conf %config(noreplace) %{ossec_dir}/etc/%{short_name}-server.conf %config(noreplace) %{ossec_dir}/etc/internal_options* %config %{ossec_dir}/etc/*.xml %config(noreplace) %{ossec_dir}/etc/shared/* %{ossec_dir}/etc/*.sample %{ossec_dir}/active-response/bin/* %{ossec_dir}/bin/%{short_name}-server.sh %{ossec_dir}/bin/%{short_name}-agentd %{ossec_dir}/bin/%{short_name}-analysisd %{ossec_dir}/bin/%{short_name}-execd %{ossec_dir}/bin/%{short_name}-logcollector %{ossec_dir}/bin/%{short_name}-maild %{ossec_dir}/bin/%{short_name}-monitord %{ossec_dir}/bin/%{short_name}-remoted %{ossec_dir}/bin/%{short_name}-syscheckd %{ossec_dir}/bin/%{short_name}-dbd.vanilla %{ossec_dir}/bin/%{short_name}-reportd %{ossec_dir}/bin/%{short_name}-agentlessd %{ossec_dir}/bin/%{short_name}-makelists %{ossec_dir}/bin/%{short_name}-regex %{ossec_dir}/bin/ossec-csyslogd %{ossec_dir}/bin/list_agents %{ossec_dir}/bin/manage_agents %{ossec_dir}/bin/syscheck_update %{ossec_dir}/bin/clear_stats %{ossec_dir}/bin/agent_control %{ossec_dir}/bin/ossec-regex-convert %{ossec_dir}/bin/rootcheck_control %{ossec_dir}/bin/syscheck_control %{ossec_dir}/bin/ossec-logtest %{ossec_dir}/bin/verify-agent-conf %{ossec_dir}/bin/ossec-authd %attr(750,%{short_name},%{short_name}) %dir %{ossec_dir}/logs/archives %attr(750,%{short_name},%{short_name}) %dir %{ossec_dir}/logs/alerts %attr(750,%{short_name},%{short_name}) %dir %{ossec_dir}/logs/firewall %attr(755,%{short_name}r,%{short_name}) %dir %{ossec_dir}/queue/agent-info %attr(700,%{short_name},%{short_name}) %dir %{ossec_dir}/queue/fts %attr(700,%{short_name},%{short_name}) %dir %{ossec_dir}/queue/rootcheck %attr(550,root,%{short_name}) %dir %{ossec_dir}/rules %config %{ossec_dir}/rules/* %attr(750,%{short_name},%{short_name}) %dir %{ossec_dir}/stats %attr(550,root,%{short_name}) %dir %{ossec_dir}/tmp %files server-mysql %defattr(-,root,root) %{ossec_dir}/etc/sql/mysql.schema %{ossec_dir}/bin/%{short_name}-dbd.mysql %files server-postgresql %defattr(-,root,root) %{ossec_dir}/etc/sql/postgresql.schema %{ossec_dir}/bin/%{short_name}-dbd.pg %changelog
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor