##
##  samhain.spec -- OpenPKG RPM Package Specification
##  Copyright (c) 2000-2022 OpenPKG Project <http://openpkg.org/>
##
##  Permission to use, copy, modify, and distribute this software for
##  any purpose with or without fee is hereby granted, provided that
##  the above copyright notice and this permission notice appear in all
##  copies.
##
##  THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
##  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
##  MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
##  IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR
##  CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
##  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
##  LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
##  USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
##  ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
##  OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
##  OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
##  SUCH DAMAGE.
##

#   package information
Name:         samhain
Summary:      File Integrity and Intrusion Detection System
URL:          http://la-samhna.de/samhain/
Vendor:       Samhain Labs
Packager:     OpenPKG Project
Distribution: OpenPKG Community
Class:        BASE
Group:        Filesystem
License:      GPL
Version:      3.1.3
Release:      20150117

#   package options
%option       with_fsl  yes

#   list of sources
Source0:      http://download.openpkg.org/components/versioned/samhain/samhain-%{version}.tar.gz
Source1:      rc.samhain
Source2:      fsl.samhain
Patch0:       samhain.patch

#   build information
BuildPreReq:  OpenPKG, openpkg >= 20160101, gcc >= 4.1
PreReq:       OpenPKG, openpkg >= 20160101
%if "%{with_fsl}" == "yes"
BuildPreReq:  fsl
PreReq:       fsl
%endif

%description
    Samhain is an open source file integrity and intrusion detection
    system for Unix that uses cryptographic checksums of files to
    detect modifications, and allows you to trace: what changes have
    occured in your system, when these changes have occured, and who
    was logged into the system at the respective time.

%track
    prog samhain = {
        version   = %{version}
        url       = http://download.openpkg.org/components/versioned/samhain/
        regex     = samhain-(__VER__)\.tar\.gz
    }

%prep
    %setup -q -c samhain-%{version}
    %{l_gzip} -d -c samhain-%{version}.tar.gz | %{l_tar} xf -
    %patch -p0 -d samhain-%{version}

%build
    cd samhain-%{version}
    enable_static=""
    case "%{l_platform -t}" in
        *-freebsd* | *-linux* ) enable_static="--enable-static" ;;
    esac
    CC="%{l_cc}" \
    CFLAGS="%{l_cflags -O}" \
    LDFLAGS="%{l_fsl_ldflags}" \
    LIBS="%{l_fsl_libs}" \
    ./configure \
        --prefix=%{l_prefix} \
        --mandir=%{l_prefix}/man \
        --with-config-file=%{l_prefix}/etc/samhain/samhainrc \
        --with-state-dir=%{l_prefix}/var/samhain \
        --with-html-file=%{l_prefix}/var/samhain/samhain.html \
        --with-data-file=%{l_prefix}/var/samhain/samhain.data \
        --with-pid-file=%{l_prefix}/var/samhain/samhain.pid \
        --with-log-file=%{l_prefix}/var/samhain/samhain.log \
        --disable-login-watch \
        --disable-khide \
        --disable-asm \
        --enable-suidcheck \
        --with-trusted=0,%{l_muid} \
        $enable_static
    %{l_make} %{l_mflags}

%install
    %{l_shtool} mkdir -f -p -m 755 \
        $RPM_BUILD_ROOT%{l_prefix}/var/samhain
    ( cd samhain-%{version}
      %{l_make} %{l_mflags} \
          install-program install-man install-data \
          DESTDIR=$RPM_BUILD_ROOT
    ) || exit $?
    chmod -R a+r $RPM_BUILD_ROOT%{l_prefix}/man
    case "%{l_platform -t}" in
        *-freebsd* ) rc="samhainrc.freebsd" ;;
        *-linux*   ) rc="samhainrc.linux"   ;;
        *-sunos*   ) rc="samhainrc.solaris" ;;
        * ) echo "ERROR: platform \"%{l_platform -t}\" not supported" 1>&2; exit 1 ;;
    esac
    %{l_shtool} install -c -m 644 \
        samhain-%{version}/$rc \
        $RPM_BUILD_ROOT%{l_prefix}/etc/samhain/samhainrc

    #   install run-command script
    %{l_shtool} mkdir -f -p -m 755 \
        $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d
    %{l_shtool} install -c -m 755 %{l_value -s -a} \
        %{SOURCE rc.samhain} $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d/

    #   install OSSP fsl configuration
    %{l_shtool} mkdir -f -p -m 755 $RPM_BUILD_ROOT%{l_prefix}/etc/fsl
    %{l_shtool} install -c -m 644 %{l_value -s -a} \
        %{SOURCE fsl.samhain} \
        $RPM_BUILD_ROOT%{l_prefix}/etc/fsl/

    #   determine installation files
    %{l_rpmtool} files -v -ofiles -r$RPM_BUILD_ROOT \
        %{l_files_std} \
        '%config %{l_prefix}/etc/fsl/fsl.samhain' \
        '%config %{l_prefix}/etc/samhain/samhainrc'

%files -f files

%clean

%post
    #   after upgrade, restart service
    [ $1 -eq 2 ] || exit 0
    eval `%{l_rc} samhain status 2>/dev/null`
    [ ".$samhain_active" = .yes ] && %{l_rc} samhain restart
    exit 0

%preun
    #   before erase, stop service and remove log files and database
    [ $1 -eq 0 ] || exit 0
    %{l_rc} samhain stop 2>/dev/null
    rm -f $RPM_INSTALL_PREFIX/var/samhain/samhain.data 2>/dev/null || true
    rm -f $RPM_INSTALL_PREFIX/var/samhain/samhain.log* 2>/dev/null || true
    exit 0