source: trunk/samhain.spec.in@ 562

Last change on this file since 562 was 558, checked in by katerina, 4 years ago

Fix for ticket #447 (RPM specfile problem)

File size: 9.2 KB
RevLine 
[1]1#
2# Accepted parameters for 'rpmbuild':
3#
4# --with tests - make tests before building
5
6Summary: File integrity and host-based IDS
7Name: @install_name@
8Version: @VERSION@
9Release: 1
10License: GPL
11Group: System Environment/Base
12Source: samhain-%{version}.tar.gz
13BuildRoot: %{_tmppath}/samhain-%{version}-root
14Packager: Andre Oliveira da Costa <brblueser@uol.com.br>
15Provides: %{name}
[532]16%if 0%{?suse_version}
17Requires(pre): shadow
18%else
[415]19Requires(pre): shadow-utils
[532]20%endif
[1]21
[170]22# dummy (fix configure warning)
23# datarootdir = @datarootdir@
24
[1]25# no quotes here - aparently will be expanded literally
26
[415]27%define password %(echo $PASSWORD)
28
[1]29%define withpwd_prg x@clmytclient@
30%define withstg_prg x@stegin_prg@
31
32# disable automatic stripping of binaries upon installation
33%define __spec_install_post %{nil}
34# required because DeadRat wants to package some debug info otherwise
35# (this debug info would be created by debug_install_post called
36# from spec_install_post)
37%define debug_package %{nil}
38# Use internal dependency generator rather than external helpers?
39%define _use_internal_dependency_generator 0
40
41%description
42@install_name@ is an open source file integrity and host-based intrusion
43detection system for Linux and Unix. It can run as a daemon process, and
44and thus can remember file changes -- contrary to a tool that runs from
45cron, if a file is modified you will get only one report, while
46subsequent checks of that file will ignore the modification as it is
47already reported (unless the file is modified again).
48
49@install_name@ can optionally be used as client/server system to provide
50centralized monitoring for multiple host. Logging to a (MySQL or
51PostgreSQL) database is supported.
52
53NOTE: for security reasons, if you distribute binary executables to
54third parties you should point out the use of the --add-key option to
55modify the key material within the executable.
56This spec file is intended to facilitate installation on YOUR system.
57If you use this spec file to build a SRPM for distribution to third parties,
58make sure to remove the --enable-base configure option below.
59
60%prep
61%setup -q -n samhain-%{version}
62
63%build
64%if %{?_with_tests:1}%{!?_with_tests:0}
65# test installation (test #7 is only included if --with gpg has been
66# specified)
67for i in `seq 6` %{?_with_gpg:7}; do ./test/test.sh $i; done
68%endif
69#
70# configure with the user-supplied arguments to './configure'
71#
72./configure @mydefargs@
73make
[415]74%if "%{withpwd_prg}" == "xDSH_WITH_CLIENT"
[547]75%if "%{password}" != ""
[415]76 ./samhain_setpwd samhain new %{password}
77 mv samhain samhain.old
78 mv samhain.new samhain
79%endif
80%endif
[1]81
[415]82
[1]83%install
84rm -rf ${RPM_BUILD_ROOT}
85# sstrip shouldn't be used since binaries will be stripped later
86## cat << EOF > sstrip
87## #!/bin/sh
88## echo "*** SSTRIP DISABLED ***"
89## EOF
90make DESTDIR=${RPM_BUILD_ROOT} install
91# copy script files to /var/lib/samhain so that we can use them right
92# after the package is installed
93#
[548]94install -m 700 samhain-install.sh init/samhain.startLinux init/samhain.startLSB init/samhain.startSystemd ${RPM_BUILD_ROOT}@mydataroot@
[1]95#
96# file list (helpful advice from Lars Kellogg-Stedman)
97#
98echo "@sbindir@/@install_name@" > sh_file_list
99find %{buildroot}/lib/modules \! -type d -print | \
100 sed 's,%{buildroot},,' >> sh_file_list
101
102%clean
103rm -rf ${RPM_BUILD_ROOT}
104
[415]105%pre
106if test "x@install_name@" = "xyule"
107then
108 getent group samhain >/dev/null || groupadd -r samhain
109 getent passwd yule >/dev/null || \
110 useradd -r -g samhain -d @mydataroot@ -s /sbin/nologin \
111 -c "samhain server daemon" yule
112
113fi
114exit 0
115
[1]116%post
117if [ "$1" -ge 1 ]; then
118 # Activate boot-time start up
119 cd @mydataroot@
[390]120 /bin/sh ./samhain-install.sh --verbose install-boot
[1]121 rm -f ./samhain.startLSB
122 rm -f ./samhain.startLinux
[548]123 rm -f ./samhain.startSystemd
[1]124 if [ -f @sbindir@/@install_name@_stealth ]; then
125 rm -f samhain-install.sh
126 fi
127 shkeep=yes
128 if test x"$shkeep" = xno; then
129 rm -f ./samhain-install.sh
130 rm -f @sbindir@/@install_name@_stealth
131 fi
132fi
133if [ "$1" = 1 ]; then
134 if test -f /usr/lib/lsb/install_initd; then
135 /usr/lib/lsb/install_initd /etc/init.d/@install_name@
136 fi
137fi
138
139%if "%{name}" != "yule"
140cat << EOF
141
142Samhain is installed but is NOT running yet, and the database of
143file signatures is NOT initialized yet. Read the documentation,
144review configuration files, and then (i) initialize it
145(@sbindir@/samhain -t init)
146and (ii) start it manually
147(@sbindir@/samhain start).
148
149It is configured to start automatically on the next boot for runlevels
150[2-5].
151
152EOF
153%endif
154%if "%{name}" == "yule"
155cat << EOF
156
157Yule is installed but is NOT running yet, read the documentation,
158review configuration files, and then start it
159(@sbindir@/yule)
160
161It is configured to start automatically on the next boot for runlevels
162[2-5].
163
164EOF
165%endif
166
167%preun
168# stop running instance of samhain, if any
169if [ -f @mylockdir@/%{name}.pid ]; then
170 @sbindir@/@install_name@ stop
171fi
172if [ "$1" = 0 ]; then
173 # remove boot-time scripts and links
174 cd @mydataroot@
175 if [ -f ./samhain-install.sh ]; then
[390]176 /bin/sh ./samhain-install.sh --verbose uninstall-boot
[1]177 else
178 if test -f /usr/lib/lsb/remove_initd; then
179 /usr/lib/lsb/remove_initd /etc/init.d/@install_name@
180 fi
181 rm -f /etc/init.d/@install_name@
182 fi
183fi
184
185
186
187%files -f sh_file_list
188%defattr(-,root,root)
[547]189%if "@mylockdir@" != "/run" || "@mylockdir@" != "/var/run"
190 %dir @mylockdir@
191%endif
192%if "@mylogdir@" != "/var/log"
193 %dir @mylogdir@
194%endif
[495]195%doc docs/BUGS COPYING docs/Changelog
[481]196%doc LICENSE docs/FAQ.html docs/HOWTO* docs/MANUAL-2_4.* docs/README*
[1]197@mydataroot@
198%if "%{withstg_prg}" == "xsamhain_stealth"
199 @sbindir@/@install_name@_stealth
200%endif
201%if "%{withpwd_prg}" == "xDSH_WITH_CLIENT"
202 @sbindir@/@install_name@_setpwd
203%endif
204%if "%{withpwd_prg}" == "xDSH_WITH_SERVER"
205 @sbindir@/@install_name@ctl
[558]206 @sbindir@/@install_name@admin-sig.pl
207 @sbindir@/@install_name@admin-gpg.pl
[1]208 %exclude @sbindir@/@install_name@_setpwd
209%endif
210%attr(644,root,root) @mandir@/man5/@install_name@*
211%attr(644,root,root) @mandir@/man8/@install_name@*
[412]212%attr(644,root,root) /etc/logrotate.d/@install_name@
[415]213%if "%{name}" == "yule"
214%attr(750,root,samhain) @mydataroot@
215%attr(750,yule,samhain) @mylogdir@
216%endif
[1]217%config(noreplace) @myrpmconffile@
218
219%changelog
[558]220* Tue Jul 28 2020 Rainer Wichmann
221- fix bogus date
222- fix for recent split into samhainadmin-gpg.pl, samhainadmin-sig.pl
223
[547]224* Wed May 01 2019 Rainer Wichmann
225- remove obsolete part fpr sh_lkm
226- add fixes by Franky Van L. (password, directory ownership)
227
[532]228* Mon Dec 18 2017 Rainer Wichmann
229- patch for SLES12 by Pirmin
230- fix missing yuleadmin.pl file
231
[415]232* Tue Oct 23 2012 Rainer Wichmann
233- fixes for yule installation
234
[34]235* Tue May 16 2006 Rainer Wichmann
236- fix manual version, noticed by Imre Gergely
237
[1]238* Tue Apr 05 2005 Rainer Wichmann
239- disable automatic stripping, use sstrip
240
241* Thu Mar 17 2005 Rainer Wichmann
242- fixes for enable-khide
243
244* Wed Oct 20 2004 Rainer Wichmann
245- more fixes for client/server detection
246- fix for samhain_stealth
247
248* Sun Aug 15 2004 Rainer Wichmann
249- fix detection of client/server
250
251* Sat Jun 19 2004 Rainer Wichmann
252- replace ./test.sh $i with make test$i
253- add logic for rpm-light (remove some more files after install)
254- make postun posix compliant (avoid empty argument list for rm -f)
255
256* Wed Dec 31 2003 Stijn Jonker <sjcjonker@sjc.nl>
257- Fixed correctly build of yule-*-rpm
258- Fixed excluding of yule_setpwd, and including of yulectl on yule build
259- Fixed including of samhain_setpwd in samhain client build
260- Above changes required for correct build in newer rpms,
261 with defaults for abort on unpacked files due to
262 %_unpackaged_files_terminate_build 1 setting
263- Fixed installation text for yule, not to display samhain text
264- Added /sbin/chkconfig install_name on to enable the rc scripts
265
266* Thu Dec 11 2003 Christian Vanguers <cva at molis dot be>
267- Fixed typo in samhain.spec
268- Compiled on RedHat Enterprise Linux ES 3
269
[558]270* Wed Mar 26 2003 Rainer Wichmann
[1]271- strip REQ_FROM_SERVER in config file path (%config(noreplace) ...)
272
273* Sun Jan 12 2003 Rainer Wichmann <support at la-samhna dot de>
274- replace %configure with ./configure
275
276* Tue Dec 24 2002 Rainer Wichmann <support at la-samhna dot de>
277- backported applicable changes to samhain.spec.in
278- warn user that database must be initialized
279- fix version of MANUAL in '%files'
280- test for chkconfig, use only if found
281
282* Sun Dec 22 2002 Andre Oliveira da Costa <brblueser@uol.com.br> 1.7.0
283- fixed typo with _usr macro on ./configure
284- stops running samhain before uninstall
285- implemented conditionals to allow proper uninstalls/upgrades
286- 'BuildPreReq: gpg' is considered only if '--with gpg' is provided
287- run 'chkconfig' to activate samhain after installation
288- warn user that samhain must be manually started after
289 install/upgrade
290
291* Fri Dec 20 2002 Rainer Wichmann <support at la-samhna dot de>
292- backported to samhain.spec.in (take over user's choices from configure)
293- also save samhain.startLSB and samhain.startSuSE for install-boot
294
295* Thu Dec 19 2002 Andre Oliveira da Costa <brblueser@uol.com.br> 1.6.6
296- optional parameters '--with gpg' and '--with tests'
297- use of pre-defined macros whenever possible
298
299* Wed Dec 18 2002 Andre Oliveira da Costa <brblueser@uol.com.br> 1.6.6
300- Fixed installation process, avoiding hardcoded paths on the binaries
301 (thks to samhain's author Rainer Wichmann)
302
303* Mon Dec 16 2002 Andre Oliveira da Costa <brblueser@uol.com.br> 1.6.6
304- First attempt to build from sources
305
Note: See TracBrowser for help on using the repository browser.