source: trunk/samhain.spec.in@ 442

Last change on this file since 442 was 418, checked in by katerina, 12 years ago

Fix for ticket #322 (RPM build problem).

File size: 9.0 KB
Line 
1#
2# Accepted parameters for 'rpmbuild':
3#
4# --with tests - make tests before building
5
6Summary: File integrity and host-based IDS
7Name: @install_name@
8Version: @VERSION@
9Release: 1
10License: GPL
11Group: System Environment/Base
12Source: samhain-%{version}.tar.gz
13BuildRoot: %{_tmppath}/samhain-%{version}-root
14Packager: Andre Oliveira da Costa <brblueser@uol.com.br>
15Provides: %{name}
16Requires(pre): shadow-utils
17
18# dummy (fix configure warning)
19# datarootdir = @datarootdir@
20
21# no quotes here - aparently will be expanded literally
22
23%define password %(echo $PASSWORD)
24
25%define withpwd_prg x@clmytclient@
26%define withstg_prg x@stegin_prg@
27
28# disable automatic stripping of binaries upon installation
29%define __spec_install_post %{nil}
30# required because DeadRat wants to package some debug info otherwise
31# (this debug info would be created by debug_install_post called
32# from spec_install_post)
33%define debug_package %{nil}
34# Use internal dependency generator rather than external helpers?
35%define _use_internal_dependency_generator 0
36
37%description
38@install_name@ is an open source file integrity and host-based intrusion
39detection system for Linux and Unix. It can run as a daemon process, and
40and thus can remember file changes -- contrary to a tool that runs from
41cron, if a file is modified you will get only one report, while
42subsequent checks of that file will ignore the modification as it is
43already reported (unless the file is modified again).
44
45@install_name@ can optionally be used as client/server system to provide
46centralized monitoring for multiple host. Logging to a (MySQL or
47PostgreSQL) database is supported.
48
49NOTE: for security reasons, if you distribute binary executables to
50third parties you should point out the use of the --add-key option to
51modify the key material within the executable.
52This spec file is intended to facilitate installation on YOUR system.
53If you use this spec file to build a SRPM for distribution to third parties,
54make sure to remove the --enable-base configure option below.
55
56%prep
57%setup -q -n samhain-%{version}
58
59%build
60%if %{?_with_tests:1}%{!?_with_tests:0}
61# test installation (test #7 is only included if --with gpg has been
62# specified)
63for i in `seq 6` %{?_with_gpg:7}; do ./test/test.sh $i; done
64%endif
65#
66# configure with the user-supplied arguments to './configure'
67#
68./configure @mydefargs@
69make
70%if "%{withpwd_prg}" == "xDSH_WITH_CLIENT"
71%if 0%{?password}
72 ./samhain_setpwd samhain new %{password}
73 mv samhain samhain.old
74 mv samhain.new samhain
75%endif
76%endif
77
78
79%install
80rm -rf ${RPM_BUILD_ROOT}
81# sstrip shouldn't be used since binaries will be stripped later
82## cat << EOF > sstrip
83## #!/bin/sh
84## echo "*** SSTRIP DISABLED ***"
85## EOF
86make DESTDIR=${RPM_BUILD_ROOT} install
87# copy script files to /var/lib/samhain so that we can use them right
88# after the package is installed
89#
90install -m 700 samhain-install.sh init/samhain.startLinux init/samhain.startLSB ${RPM_BUILD_ROOT}@mydataroot@
91#
92# file list (helpful advice from Lars Kellogg-Stedman)
93#
94echo "@sbindir@/@install_name@" > sh_file_list
95find %{buildroot}/lib/modules \! -type d -print | \
96 sed 's,%{buildroot},,' >> sh_file_list
97
98%clean
99rm -rf ${RPM_BUILD_ROOT}
100
101%pre
102if test "x@install_name@" = "xyule"
103then
104 getent group samhain >/dev/null || groupadd -r samhain
105 getent passwd yule >/dev/null || \
106 useradd -r -g samhain -d @mydataroot@ -s /sbin/nologin \
107 -c "samhain server daemon" yule
108
109fi
110exit 0
111
112%post
113if test "x@sh_lkm@" = x; then
114 :
115else
116 if test -f /sbin/depmod; then
117 /sbin/depmod -a
118 fi
119fi
120if [ "$1" -ge 1 ]; then
121 # Activate boot-time start up
122 cd @mydataroot@
123 /bin/sh ./samhain-install.sh --verbose install-boot
124 rm -f ./samhain.startLSB
125 rm -f ./samhain.startLinux
126 if [ -f @sbindir@/@install_name@_stealth ]; then
127 rm -f samhain-install.sh
128 fi
129 shkeep=yes
130 if test x"$shkeep" = xno; then
131 rm -f ./samhain-install.sh
132 rm -f @sbindir@/@install_name@_stealth
133 fi
134fi
135if [ "$1" = 1 ]; then
136 if test -f /usr/lib/lsb/install_initd; then
137 /usr/lib/lsb/install_initd /etc/init.d/@install_name@
138 fi
139fi
140
141%if "%{name}" != "yule"
142cat << EOF
143
144Samhain is installed but is NOT running yet, and the database of
145file signatures is NOT initialized yet. Read the documentation,
146review configuration files, and then (i) initialize it
147(@sbindir@/samhain -t init)
148and (ii) start it manually
149(@sbindir@/samhain start).
150
151It is configured to start automatically on the next boot for runlevels
152[2-5].
153
154EOF
155%endif
156%if "%{name}" == "yule"
157cat << EOF
158
159Yule is installed but is NOT running yet, read the documentation,
160review configuration files, and then start it
161(@sbindir@/yule)
162
163It is configured to start automatically on the next boot for runlevels
164[2-5].
165
166EOF
167%endif
168
169%preun
170# stop running instance of samhain, if any
171if [ -f @mylockdir@/%{name}.pid ]; then
172 @sbindir@/@install_name@ stop
173fi
174if [ "$1" = 0 ]; then
175 # remove boot-time scripts and links
176 cd @mydataroot@
177 if [ -f ./samhain-install.sh ]; then
178 /bin/sh ./samhain-install.sh --verbose uninstall-boot
179 else
180 if test -f /usr/lib/lsb/remove_initd; then
181 /usr/lib/lsb/remove_initd /etc/init.d/@install_name@
182 fi
183 rm -f /etc/init.d/@install_name@
184 fi
185fi
186
187%postun
188if [ "$1" = 0 ]; then
189 # remove any kernel modules that might have been installed
190 RVER=`uname -r`
191 MODFILES=`ls /lib/modules/$RVER/@install_name@* 2>/dev/null`
192 if test "x$MODFILES" = x; then
193 :
194 else
195 rm -f /lib/modules/$RVER/@install_name@*
196 fi
197fi
198
199
200%files -f sh_file_list
201%defattr(-,root,root)
202%dir @mylockdir@
203%dir @mylogdir@
204%doc docs/BUGS COPYING docs/Changelog docs/TODO
205%doc LICENSE docs/FAQ.html docs/HOWTO* docs/MANUAL-2_3.* docs/README*
206@mydataroot@
207%if "%{withstg_prg}" == "xsamhain_stealth"
208 @sbindir@/@install_name@_stealth
209%endif
210%if "%{withpwd_prg}" == "xDSH_WITH_CLIENT"
211 @sbindir@/@install_name@_setpwd
212%endif
213%if "%{withpwd_prg}" == "xDSH_WITH_SERVER"
214 @sbindir@/@install_name@ctl
215 %exclude @sbindir@/@install_name@_setpwd
216%endif
217%attr(644,root,root) @mandir@/man5/@install_name@*
218%attr(644,root,root) @mandir@/man8/@install_name@*
219%attr(644,root,root) /etc/logrotate.d/@install_name@
220%if "%{name}" == "yule"
221%attr(750,root,samhain) @mydataroot@
222%attr(750,yule,samhain) @mylogdir@
223%endif
224%config(noreplace) @myrpmconffile@
225
226%changelog
227* Tue Oct 23 2012 Rainer Wichmann
228- fixes for yule installation
229
230* Tue May 16 2006 Rainer Wichmann
231- fix manual version, noticed by Imre Gergely
232
233* Tue Apr 05 2005 Rainer Wichmann
234- disable automatic stripping, use sstrip
235
236* Thu Mar 17 2005 Rainer Wichmann
237- fixes for enable-khide
238
239* Wed Oct 20 2004 Rainer Wichmann
240- more fixes for client/server detection
241- fix for samhain_stealth
242
243* Sun Aug 15 2004 Rainer Wichmann
244- fix detection of client/server
245
246* Sat Jun 19 2004 Rainer Wichmann
247- replace ./test.sh $i with make test$i
248- add logic for rpm-light (remove some more files after install)
249- make postun posix compliant (avoid empty argument list for rm -f)
250
251* Wed Dec 31 2003 Stijn Jonker <sjcjonker@sjc.nl>
252- Fixed correctly build of yule-*-rpm
253- Fixed excluding of yule_setpwd, and including of yulectl on yule build
254- Fixed including of samhain_setpwd in samhain client build
255- Above changes required for correct build in newer rpms,
256 with defaults for abort on unpacked files due to
257 %_unpackaged_files_terminate_build 1 setting
258- Fixed installation text for yule, not to display samhain text
259- Added /sbin/chkconfig install_name on to enable the rc scripts
260
261* Thu Dec 11 2003 Christian Vanguers <cva at molis dot be>
262- Fixed typo in samhain.spec
263- Compiled on RedHat Enterprise Linux ES 3
264
265* Thu Mar 26 2003 Rainer Wichmann
266- strip REQ_FROM_SERVER in config file path (%config(noreplace) ...)
267
268* Sun Jan 12 2003 Rainer Wichmann <support at la-samhna dot de>
269- replace %configure with ./configure
270
271* Tue Dec 24 2002 Rainer Wichmann <support at la-samhna dot de>
272- backported applicable changes to samhain.spec.in
273- warn user that database must be initialized
274- fix version of MANUAL in '%files'
275- test for chkconfig, use only if found
276
277* Sun Dec 22 2002 Andre Oliveira da Costa <brblueser@uol.com.br> 1.7.0
278- fixed typo with _usr macro on ./configure
279- stops running samhain before uninstall
280- implemented conditionals to allow proper uninstalls/upgrades
281- 'BuildPreReq: gpg' is considered only if '--with gpg' is provided
282- run 'chkconfig' to activate samhain after installation
283- warn user that samhain must be manually started after
284 install/upgrade
285
286* Fri Dec 20 2002 Rainer Wichmann <support at la-samhna dot de>
287- backported to samhain.spec.in (take over user's choices from configure)
288- also save samhain.startLSB and samhain.startSuSE for install-boot
289
290* Thu Dec 19 2002 Andre Oliveira da Costa <brblueser@uol.com.br> 1.6.6
291- optional parameters '--with gpg' and '--with tests'
292- use of pre-defined macros whenever possible
293
294* Wed Dec 18 2002 Andre Oliveira da Costa <brblueser@uol.com.br> 1.6.6
295- Fixed installation process, avoiding hardcoded paths on the binaries
296 (thks to samhain's author Rainer Wichmann)
297
298* Mon Dec 16 2002 Andre Oliveira da Costa <brblueser@uol.com.br> 1.6.6
299- First attempt to build from sources
300
Note: See TracBrowser for help on using the repository browser.