|
|
|
|
##
|
|
|
|
|
## apache-security.spec -- OpenPKG RPM Package Specification
|
|
|
|
|
## Copyright (c) 2000-2010 OpenPKG Foundation e.V. <http://openpkg.net/>
|
|
|
|
|
##
|
|
|
|
|
## Permission to use, copy, modify, and distribute this software for
|
|
|
|
|
## any purpose with or without fee is hereby granted, provided that
|
|
|
|
|
## the above copyright notice and this permission notice appear in all
|
|
|
|
|
## copies.
|
|
|
|
|
##
|
|
|
|
|
## THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
|
|
|
|
|
## WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
|
|
|
|
|
## MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
|
|
|
|
|
## IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR
|
|
|
|
|
## CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
|
|
|
## SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
|
|
|
## LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
|
|
|
|
|
## USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
|
|
|
|
|
## ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
|
|
|
|
|
## OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
|
|
|
|
|
## OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
|
|
|
## SUCH DAMAGE.
|
|
|
|
|
##
|
|
|
|
|
|
|
|
|
|
# package version
|
|
|
|
|
%define V_major 2.5
|
|
|
|
|
%define V_minor 12
|
|
|
|
|
%define V_rules 1.6.1
|
|
|
|
|
|
|
|
|
|
# package information
|
|
|
|
|
Name: apache-security
|
|
|
|
|
Summary: Apache Extension: Security
|
|
|
|
|
URL: http://www.modsecurity.org/
|
|
|
|
|
Vendor: Breach Security, Inc.
|
|
|
|
|
Packager: OpenPKG Foundation e.V.
|
|
|
|
|
Distribution: OpenPKG Community
|
|
|
|
|
Class: EVAL
|
|
|
|
|
Group: Web
|
|
|
|
|
License: Open Source
|
|
|
|
|
Version: %{V_major}.%{V_minor}
|
|
|
|
|
Release: 20100206
|
|
|
|
|
|
|
|
|
|
# list of sources
|
|
|
|
|
Source0: http://www.modsecurity.org/download/modsecurity-apache_%{V_major}.%{V_minor}.tar.gz
|
|
|
|
|
Source1: http://www.modsecurity.org/download/modsecurity-core-rules_%{V_major}-%{V_rules}.tar.gz
|
|
|
|
|
Source2: apache-security.conf
|
|
|
|
|
Patch0: apache-security.patch
|
|
|
|
|
|
|
|
|
|
# build information
|
|
|
|
|
BuildPreReq: OpenPKG, openpkg >= 20100101, make
|
|
|
|
|
PreReq: OpenPKG, openpkg >= 20100101
|
|
|
|
|
BuildPreReq: apache, apr, libxml, pcre, curl, lua
|
|
|
|
|
PreReq: apache, apr, libxml, pcre, curl, lua
|
|
|
|
|
|
|
|
|
|
%description
|
|
|
|
|
This is the Security extension module for the Apache HTTP webserver.
|
|
|
|
|
|
|
|
|
|
%track
|
|
|
|
|
prog apache-security:module = {
|
|
|
|
|
version = %{V_major}.%{V_minor}
|
|
|
|
|
url = http://www.modsecurity.org/download/direct.html
|
|
|
|
|
regex = modsecurity-apache_(%{V_major}(\.\d+)+)\.tar\.gz
|
|
|
|
|
}
|
|
|
|
|
prog apache-security:rules = {
|
|
|
|
|
version = %{V_rules}
|
|
|
|
|
url = http://www.modsecurity.org/download/direct.html
|
|
|
|
|
regex = modsecurity-core-rules_%{V_major}-(\d+(\.\d+)+)\.tar\.gz
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
%prep
|
|
|
|
|
%setup -q -n modsecurity-apache_%{V_major}.%{V_minor}
|
|
|
|
|
( cd rules
|
|
|
|
|
%{l_gzip} -dc %{SOURCE modsecurity-core-rules_%{V_major}-%{V_rules}.tar.gz} | %{l_tar} xf -
|
|
|
|
|
|
|
|
|
|
# remove config rule set of the ModSecurity core rule set as
|
|
|
|
|
# we handle those setting in our default configuration file
|
|
|
|
|
# 'apache-security.conf' already
|
|
|
|
|
rm -f modsecurity_crs_10_config.conf
|
|
|
|
|
) || exit $?
|
|
|
|
|
%patch -p0
|
|
|
|
|
|
|
|
|
|
%build
|
|
|
|
|
# build module
|
|
|
|
|
( cd apache2
|
|
|
|
|
CC="%{l_cc}" \
|
|
|
|
|
CFLAGS="%{l_cflags -O}" \
|
|
|
|
|
CPPFLAGS="%{l_cppflags}" \
|
|
|
|
|
LDFLAGS="%{l_ldflags}" \
|
|
|
|
|
./configure \
|
|
|
|
|
--prefix=%{l_prefix} \
|
|
|
|
|
--with-apxs=%{l_prefix}/sbin/apxs \
|
|
|
|
|
--with-pcre=%{l_prefix} \
|
|
|
|
|
--with-apr=%{l_prefix} \
|
|
|
|
|
--with-apu=%{l_prefix} \
|
|
|
|
|
--with-libxml=%{l_prefix} \
|
|
|
|
|
--with-lua=%{l_prefix} \
|
|
|
|
|
--with-curl=%{l_prefix}
|
|
|
|
|
%{l_make} %{l_mflags}
|
|
|
|
|
) || exit $?
|
|
|
|
|
|
|
|
|
|
%install
|
|
|
|
|
# install module
|
|
|
|
|
rm -rf $RPM_BUILD_ROOT
|
|
|
|
|
%{l_shtool} mkdir -f -p -m 755 \
|
|
|
|
|
$RPM_BUILD_ROOT%{l_prefix}/etc/apache/apache.d \
|
|
|
|
|
$RPM_BUILD_ROOT%{l_prefix}/libexec/apache
|
|
|
|
|
%{l_shtool} install -c -m 755 \
|
|
|
|
|
apache2/.libs/mod_security2.so \
|
|
|
|
|
$RPM_BUILD_ROOT%{l_prefix}/libexec/apache/mod_security.so
|
|
|
|
|
%{l_shtool} install -c -m 644 %{l_value -s -a} \
|
|
|
|
|
%{SOURCE apache-security.conf} \
|
|
|
|
|
$RPM_BUILD_ROOT%{l_prefix}/etc/apache/apache.d/
|
|
|
|
|
|
|
|
|
|
# install core rule sets
|
|
|
|
|
%{l_shtool} mkdir -f -p -m 755 \
|
|
|
|
|
$RPM_BUILD_ROOT%{l_prefix}/etc/apache-security
|
|
|
|
|
%{l_shtool} install -c -m 644 %{l_value -s -a} \
|
|
|
|
|
rules/modsecurity_crs_*.conf \
|
|
|
|
|
$RPM_BUILD_ROOT%{l_prefix}/etc/apache-security/
|
|
|
|
|
|
|
|
|
|
# create directories for logs and data storages
|
|
|
|
|
%{l_shtool} mkdir -f -p -m 755 \
|
|
|
|
|
$RPM_BUILD_ROOT%{l_prefix}/var/apache-security/{data,log,tmp,upload}
|
|
|
|
|
|
|
|
|
|
# determine installation files
|
|
|
|
|
%{l_rpmtool} files -v -ofiles -r$RPM_BUILD_ROOT \
|
|
|
|
|
%{l_files_std} \
|
|
|
|
|
'%config %{l_prefix}/etc/apache/apache.d/apache-security.conf' \
|
|
|
|
|
'%config %{l_prefix}/etc/apache-security/*' \
|
|
|
|
|
'%dir %attr(0770,%{l_susr},%{l_ngrp}) %{l_prefix}/var/apache-security/data' \
|
|
|
|
|
'%dir %attr(0770,%{l_susr},%{l_ngrp}) %{l_prefix}/var/apache-security/tmp' \
|
|
|
|
|
'%dir %attr(0770,%{l_susr},%{l_ngrp}) %{l_prefix}/var/apache-security/upload'
|
|
|
|
|
|
|
|
|
|
%files -f files
|
|
|
|
|
|
|
|
|
|
%clean
|
|
|
|
|
|
|
|
|
|
%post
|
|
|
|
|
# after upgrade, restart service
|
|
|
|
|
[ $1 -eq 2 ] || exit 0
|
|
|
|
|
eval `%{l_rc} apache status 2>/dev/null`
|
|
|
|
|
[ ".$apache_active" = .yes ] && %{l_rc} apache restart
|
|
|
|
|
exit 0
|
|
|
|
|
|
