Context Navigation

source: trunk/samhain.spec.in@ 512

Last change on this file since 512 was 495, checked in by katerina, 9 years ago
Fix for ticket #392 (make rpm broken).
File size: 8.7 KB

Line
1	#
2	# Accepted parameters for 'rpmbuild':
3	#
4	# --with tests - make tests before building
5
6	Summary: File integrity and host-based IDS
7	Name: @install_name@
8	Version: @VERSION@
9	Release: 1
10	License: GPL
11	Group: System Environment/Base
12	Source: samhain-%{version}.tar.gz
13	BuildRoot: %{_tmppath}/samhain-%{version}-root
14	Packager: Andre Oliveira da Costa <brblueser@uol.com.br>
15	Provides: %{name}
16	Requires(pre): shadow-utils
17
18	# dummy (fix configure warning)
19	# datarootdir = @datarootdir@
20
21	# no quotes here - aparently will be expanded literally
22
23	%define password %(echo $PASSWORD)
24
25	%define withpwd_prg x@clmytclient@
26	%define withstg_prg x@stegin_prg@
27
28	# disable automatic stripping of binaries upon installation
29	%define __spec_install_post %{nil}
30	# required because DeadRat wants to package some debug info otherwise
31	# (this debug info would be created by debug_install_post called
32	# from spec_install_post)
33	%define debug_package %{nil}
34	# Use internal dependency generator rather than external helpers?
35	%define _use_internal_dependency_generator 0
36
37	%description
38	@install_name@ is an open source file integrity and host-based intrusion
39	detection system for Linux and Unix. It can run as a daemon process, and
40	and thus can remember file changes -- contrary to a tool that runs from
41	cron, if a file is modified you will get only one report, while
42	subsequent checks of that file will ignore the modification as it is
43	already reported (unless the file is modified again).
44
45	@install_name@ can optionally be used as client/server system to provide
46	centralized monitoring for multiple host. Logging to a (MySQL or
47	PostgreSQL) database is supported.
48
49	NOTE: for security reasons, if you distribute binary executables to
50	third parties you should point out the use of the --add-key option to
51	modify the key material within the executable.
52	This spec file is intended to facilitate installation on YOUR system.
53	If you use this spec file to build a SRPM for distribution to third parties,
54	make sure to remove the --enable-base configure option below.
55
56	%prep
57	%setup -q -n samhain-%{version}
58
59	%build
60	%if %{?_with_tests:1}%{!?_with_tests:0}
61	# test installation (test #7 is only included if --with gpg has been
62	# specified)
63	for i in `seq 6` %{?_with_gpg:7}; do ./test/test.sh $i; done
64	%endif
65	#
66	# configure with the user-supplied arguments to './configure'
67	#
68	./configure @mydefargs@
69	make
70	%if "%{withpwd_prg}" == "xDSH_WITH_CLIENT"
71	%if 0%{?password}
72	./samhain_setpwd samhain new %{password}
73	mv samhain samhain.old
74	mv samhain.new samhain
75	%endif
76	%endif
77
78
79	%install
80	rm -rf ${RPM_BUILD_ROOT}
81	# sstrip shouldn't be used since binaries will be stripped later
82	## cat << EOF > sstrip
83	## #!/bin/sh
84	## echo "* SSTRIP DISABLED *"
85	## EOF
86	make DESTDIR=${RPM_BUILD_ROOT} install
87	# copy script files to /var/lib/samhain so that we can use them right
88	# after the package is installed
89	#
90	install -m 700 samhain-install.sh init/samhain.startLinux init/samhain.startLSB ${RPM_BUILD_ROOT}@mydataroot@
91	#
92	# file list (helpful advice from Lars Kellogg-Stedman)
93	#
94	echo "@sbindir@/@install_name@" > sh_file_list
95	find %{buildroot}/lib/modules \! -type d -print \| \
96	sed 's,%{buildroot},,' >> sh_file_list
97
98	%clean
99	rm -rf ${RPM_BUILD_ROOT}
100
101	%pre
102	if test "x@install_name@" = "xyule"
103	then
104	getent group samhain >/dev/null \|\| groupadd -r samhain
105	getent passwd yule >/dev/null \|\| \
106	useradd -r -g samhain -d @mydataroot@ -s /sbin/nologin \
107	-c "samhain server daemon" yule
108
109	fi
110	exit 0
111
112	%post
113	if test "x@sh_lkm@" = x; then
114	:
115	else
116	if test -f /sbin/depmod; then
117	/sbin/depmod -a
118	fi
119	fi
120	if [ "$1" -ge 1 ]; then
121	# Activate boot-time start up
122	cd @mydataroot@
123	/bin/sh ./samhain-install.sh --verbose install-boot
124	rm -f ./samhain.startLSB
125	rm -f ./samhain.startLinux
126	if [ -f @sbindir@/@install_name@_stealth ]; then
127	rm -f samhain-install.sh
128	fi
129	shkeep=yes
130	if test x"$shkeep" = xno; then
131	rm -f ./samhain-install.sh
132	rm -f @sbindir@/@install_name@_stealth
133	fi
134	fi
135	if [ "$1" = 1 ]; then
136	if test -f /usr/lib/lsb/install_initd; then
137	/usr/lib/lsb/install_initd /etc/init.d/@install_name@
138	fi
139	fi
140
141	%if "%{name}" != "yule"
142	cat << EOF
143
144	Samhain is installed but is NOT running yet, and the database of
145	file signatures is NOT initialized yet. Read the documentation,
146	review configuration files, and then (i) initialize it
147	(@sbindir@/samhain -t init)
148	and (ii) start it manually
149	(@sbindir@/samhain start).
150
151	It is configured to start automatically on the next boot for runlevels
152	[2-5].
153
154	EOF
155	%endif
156	%if "%{name}" == "yule"
157	cat << EOF
158
159	Yule is installed but is NOT running yet, read the documentation,
160	review configuration files, and then start it
161	(@sbindir@/yule)
162
163	It is configured to start automatically on the next boot for runlevels
164	[2-5].
165
166	EOF
167	%endif
168
169	%preun
170	# stop running instance of samhain, if any
171	if [ -f @mylockdir@/%{name}.pid ]; then
172	@sbindir@/@install_name@ stop
173	fi
174	if [ "$1" = 0 ]; then
175	# remove boot-time scripts and links
176	cd @mydataroot@
177	if [ -f ./samhain-install.sh ]; then
178	/bin/sh ./samhain-install.sh --verbose uninstall-boot
179	else
180	if test -f /usr/lib/lsb/remove_initd; then
181	/usr/lib/lsb/remove_initd /etc/init.d/@install_name@
182	fi
183	rm -f /etc/init.d/@install_name@
184	fi
185	fi
186
187
188
189	%files -f sh_file_list
190	%defattr(-,root,root)
191	%dir @mylockdir@
192	%dir @mylogdir@
193	%doc docs/BUGS COPYING docs/Changelog
194	%doc LICENSE docs/FAQ.html docs/HOWTO* docs/MANUAL-2_4.* docs/README*
195	@mydataroot@
196	%if "%{withstg_prg}" == "xsamhain_stealth"
197	@sbindir@/@install_name@_stealth
198	%endif
199	%if "%{withpwd_prg}" == "xDSH_WITH_CLIENT"
200	@sbindir@/@install_name@_setpwd
201	%endif
202	%if "%{withpwd_prg}" == "xDSH_WITH_SERVER"
203	@sbindir@/@install_name@ctl
204	%exclude @sbindir@/@install_name@_setpwd
205	%endif
206	%attr(644,root,root) @mandir@/man5/@install_name@*
207	%attr(644,root,root) @mandir@/man8/@install_name@*
208	%attr(644,root,root) /etc/logrotate.d/@install_name@
209	%if "%{name}" == "yule"
210	%attr(750,root,samhain) @mydataroot@
211	%attr(750,yule,samhain) @mylogdir@
212	%endif
213	%config(noreplace) @myrpmconffile@
214
215	%changelog
216	* Tue Oct 23 2012 Rainer Wichmann
217	- fixes for yule installation
218
219	* Tue May 16 2006 Rainer Wichmann
220	- fix manual version, noticed by Imre Gergely
221
222	* Tue Apr 05 2005 Rainer Wichmann
223	- disable automatic stripping, use sstrip
224
225	* Thu Mar 17 2005 Rainer Wichmann
226	- fixes for enable-khide
227
228	* Wed Oct 20 2004 Rainer Wichmann
229	- more fixes for client/server detection
230	- fix for samhain_stealth
231
232	* Sun Aug 15 2004 Rainer Wichmann
233	- fix detection of client/server
234
235	* Sat Jun 19 2004 Rainer Wichmann
236	- replace ./test.sh $i with make test$i
237	- add logic for rpm-light (remove some more files after install)
238	- make postun posix compliant (avoid empty argument list for rm -f)
239
240	* Wed Dec 31 2003 Stijn Jonker <sjcjonker@sjc.nl>
241	- Fixed correctly build of yule-*-rpm
242	- Fixed excluding of yule_setpwd, and including of yulectl on yule build
243	- Fixed including of samhain_setpwd in samhain client build
244	- Above changes required for correct build in newer rpms,
245	with defaults for abort on unpacked files due to
246	%_unpackaged_files_terminate_build 1 setting
247	- Fixed installation text for yule, not to display samhain text
248	- Added /sbin/chkconfig install_name on to enable the rc scripts
249
250	* Thu Dec 11 2003 Christian Vanguers <cva at molis dot be>
251	- Fixed typo in samhain.spec
252	- Compiled on RedHat Enterprise Linux ES 3
253
254	* Thu Mar 26 2003 Rainer Wichmann
255	- strip REQ_FROM_SERVER in config file path (%config(noreplace) ...)
256
257	* Sun Jan 12 2003 Rainer Wichmann <support at la-samhna dot de>
258	- replace %configure with ./configure
259
260	* Tue Dec 24 2002 Rainer Wichmann <support at la-samhna dot de>
261	- backported applicable changes to samhain.spec.in
262	- warn user that database must be initialized
263	- fix version of MANUAL in '%files'
264	- test for chkconfig, use only if found
265
266	* Sun Dec 22 2002 Andre Oliveira da Costa <brblueser@uol.com.br> 1.7.0
267	- fixed typo with _usr macro on ./configure
268	- stops running samhain before uninstall
269	- implemented conditionals to allow proper uninstalls/upgrades
270	- 'BuildPreReq: gpg' is considered only if '--with gpg' is provided
271	- run 'chkconfig' to activate samhain after installation
272	- warn user that samhain must be manually started after
273	install/upgrade
274
275	* Fri Dec 20 2002 Rainer Wichmann <support at la-samhna dot de>
276	- backported to samhain.spec.in (take over user's choices from configure)
277	- also save samhain.startLSB and samhain.startSuSE for install-boot
278
279	* Thu Dec 19 2002 Andre Oliveira da Costa <brblueser@uol.com.br> 1.6.6
280	- optional parameters '--with gpg' and '--with tests'
281	- use of pre-defined macros whenever possible
282
283	* Wed Dec 18 2002 Andre Oliveira da Costa <brblueser@uol.com.br> 1.6.6
284	- Fixed installation process, avoiding hardcoded paths on the binaries
285	(thks to samhain's author Rainer Wichmann)
286
287	* Mon Dec 16 2002 Andre Oliveira da Costa <brblueser@uol.com.br> 1.6.6
288	- First attempt to build from sources
289

Note: See TracBrowser for help on using the repository browser.

Download in other formats: