source: trunk/scripts/samhain.spec.in@ 440

Last change on this file since 440 was 412, checked in by katerina, 12 years ago

Enhancements for ticket #312 (logrotate) and #313 (--enable-suid).

File size: 5.1 KB
Line 
1#
2# Accepted parameters for 'rpmbuild':
3#
4# --with gpg - enables gpg support
5# --with tests - make tests before building
6
7Summary: File integrity and host-based IDS
8Name: samhain
9Version: @VERSION@
10Release: 1
11License: GPL
12Group: System Environment/Base
13Source: %{name}-%{version}.tar.gz
14BuildRoot: %{_tmppath}/%{name}-%{version}-root
15Packager: Andre Oliveira da Costa <brblueser@uol.com.br>
16Provides: %{name}
17%if %{?_with_gpg:1}%{!?_with_gpg:0}
18BuildPreReq: gpg
19%endif
20
21%description
22samhain is an open source file integrity and host-based intrusion
23detection system for Linux and Unix. It can run as a daemon process, and
24and thus can remember file changes -- contrary to a tool that runs from
25cron, if a file is modified you will get only one report, while
26subsequent checks of that file will ignore the modification as it is
27already reported (unless the file is modified again).
28
29samhain can optionally be used as client/server system to provide
30centralized monitoring for multiple host. Logging to a (MySQL or
31PostgreSQL) database is supported.
32
33This package contains only the single host version.
34
35%prep
36%setup -q -n samhain-%{version}
37
38%build
39%if %{?_with_tests:1}%{!?_with_tests:0}
40# test installation (test #7 is only included if --with gpg has been
41# specified)
42for i in `seq 6` %{?_with_gpg:7}; do ./test/test.sh $i; done
43%endif
44./configure --prefix=%{_usr} \
45 --sbindir=%{_sbindir} \
46 --sysconfdir=%{_sysconfdir} \
47 --localstatedir=%{_localstatedir} \
48 --mandir=%{_mandir} \
49%{?_with_gpg: --with-gpg=`type -p gpg`}
50
51make
52
53%install
54rm -rf $RPM_BUILD_ROOT
55# sstrip shouldn't be used since binaries will be stripped later
56cat << EOF > sstrip
57#!/bin/sh
58echo "*** SSTRIP DISABLED ***"
59EOF
60make DESTDIR=${RPM_BUILD_ROOT} install
61# copy script files to /var/lib/samhain so that we can use them right
62# after the package is installed
63install -m 700 samhain-install.sh init/samhain.startLinux init/samhain.startLSB ${RPM_BUILD_ROOT}%{_localstatedir}/lib/%{name}
64
65%clean
66rm -rf ${RPM_BUILD_ROOT}
67
68%post
69if [ "$1" = 1 ]; then
70 # Activate boot-time start up
71 cd %{_localstatedir}/lib/%{name}
72 /bin/sh ./samhain-install.sh --verbose install-boot
73 if test -f /sbin/chkconfig; then
74 /sbin/chkconfig --add samhain
75 /sbin/chkconfig samhain on
76 fi
77fi
78cat << EOF
79
80Samhain is installed but is NOT running yet, and the database of
81file signatures is NOT initialized yet. Read the documentation,
82review configuration files, and then (i) initialize it
83(%{_sbindir}/samhain -t init)
84and (ii) start it manually
85(%{_sysconfdir}/init.d/samhain start).
86
87It is configured to start automatically on the next boot for runlevels
88[2-5].
89
90EOF
91
92
93%preun
94# stop running instance of samhain, if any
95if [ -f %{_localstatedir}/run/%{name}.pid ]; then
96 %{_sysconfdir}/init.d/samhain stop
97fi
98if [ "$1" = 0 ]; then
99 # remove boot-time scripts and links
100 cd %{_localstatedir}/lib/samhain
101 if [ -f ./samhain-install.sh ]; then
102 /bin/sh ./samhain-install.sh --verbose uninstall-boot
103 else
104 if [ -f /sbin/chkconfig ]; then
105 /sbin/chkconfig samhain off
106 /sbin/chkconfig --del samhain
107 fi
108 fi
109fi
110
111%postun
112if [ "$1" = 0 ]; then
113 # remove any kernel modules that might have been installed
114 RVER=`uname -r`
115 rm -f /lib/modules/$RVER/samhain*
116fi
117
118
119%files
120%defattr(-,root,root)
121%dir %{_localstatedir}/run
122%dir %{_localstatedir}/log
123%doc docs/BUGS COPYING docs/Changelog docs/TODO
124%doc LICENSE docs/HOWTO* docs/MANUAL-2_3.* docs/README*
125%{_localstatedir}/lib/%{name}
126%{_sbindir}/%{name}
127%attr(644,root,root) %{_mandir}/man5/samhain*
128%attr(644,root,root) %{_mandir}/man8/samhain*
129%attr(644,root,root) /etc/logrotate.d/@install_name@
130%config(noreplace) %{_sysconfdir}/samhainrc
131
132%changelog
133* Sat Jun 19 2004 Rainer Wichmann
134- replace ./test.sh $i with make test$i
135
136* Sat Jan 03 2004 Rainer Wichmann
137- Use /sbin/chkconfig as in ../samhain.spec.in
138
139* Thu Dec 11 2003 Christian Vanguers <cva at molis dot be>
140- Fixed typo in samhain.spec
141
142* Tue Dec 24 2002 Rainer Wichmann
143- warn user that database must be initialized
144- fix version of MANUAL in '%files'
145- test for chkconfig, use only if found
146
147* Sun Dec 22 2002 Andre Oliveira da Costa <brblueser@uol.com.br> 1.7.0
148- fixed typo with _usr macro on ./configure
149- stops running samhain before uninstall
150- implemented conditionals to allow proper uninstalls/upgrades
151- 'BuildPreReq: gpg' is considered only if '--with gpg' is provided
152- run 'chkconfig' to activate samhain after installation
153- warn user that samhain must be manually started after
154 install/upgrade
155
156* Fri Dec 20 2002 Rainer Wichmann
157- use 'configure' to set version string
158- use standard macros for paths
159
160* Thu Dec 19 2002 Andre Oliveira da Costa <brblueser@uol.com.br> 1.6.6
161- optional parameters '--with gpg' and '--with tests'
162- use of pre-defined macros whenever possible
163
164* Wed Dec 18 2002 Andre Oliveira da Costa <brblueser@uol.com.br> 1.6.6
165- Fixed installation process, avoiding hardcoded paths on the binaries
166 (thks to samhain's author Rainer Wichmann)
167
168* Mon Dec 16 2002 Andre Oliveira da Costa <brblueser@uol.com.br> 1.6.6
169- First attempt to build from sources
Note: See TracBrowser for help on using the repository browser.