openpkg-packages/nessus-tool/nessus-tool.spec

##
##  nessus-tool.spec -- OpenPKG RPM Specification
##  Copyright (c) 2000-2005 The OpenPKG Project <http://www.openpkg.org/>
##  Copyright (c) 2000-2005 Ralf S. Engelschall <rse@engelschall.com>
##  Copyright (c) 2000-2005 Cable & Wireless <http://www.cw.com/>
##
##  Permission to use, copy, modify, and distribute this software for
##  any purpose with or without fee is hereby granted, provided that
##  the above copyright notice and this permission notice appear in all
##  copies.
##
##  THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
##  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
##  MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
##  IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR
##  CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
##  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
##  LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
##  USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
##  ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
##  OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
##  OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
##  SUCH DAMAGE.
##

#   package information
Name:         nessus-tool
Summary:      Nessus Security Scanner (Tool)
URL:          http://www.nessus.org/
Vendor:       Renaud Deraison
Packager:     The OpenPKG Project
Distribution: OpenPKG
Class:        PLUS
Group:        Security
License:      GPL
Version:      2.2.4
Release:      20050323

#   package options
%option       with_fsl  yes

#   list of sources
Source0:      ftp://ftp.nessus.org/pub/nessus/nessus-%{version}/src/nessus-core-%{version}.tar.gz
Source1:      ftp://ftp.nessus.org/pub/nessus/nessus-%{version}/src/nessus-plugins-GPL-%{version}.tar.gz
Source2:      nessusd.conf
Source3:      nessusd.rules
Source4:      nessusd.users
Source5:      rc.nessus
Source6:      fsl.nessus
Patch0:       nessus-tool.patch

#   build information
Prefix:       %{l_prefix}
BuildRoot:    %{l_buildroot}
BuildPreReq:  OpenPKG, openpkg >= 20040130, X11, gcc, make
PreReq:       OpenPKG, openpkg >= 20040130, X11
BuildPreReq:  nessus-libs, glib2, gtk2, openssl
PreReq:       nessus-libs, glib2, gtk2, openssl
%if "%{with_fsl}" == "yes"
BuildPreReq:  fsl >= 1.3.0
PreReq:       fsl >= 1.3.0
%endif
AutoReq:      no
AutoReqProv:  no

%description
    This is the Tool package of the Nessus Security Scanner, a security
    scanner which will audit remotely a given network and determine
    whether attackers may break into it, or misuse it in some way.

%track
    prog nessus-tool:nessus-core = {
        version   = %{version}
        url       = ftp://ftp.nessus.org/pub/nessus/
        regex     = (nessus-\d+\.\d+\.\d+[a-z]?)
        url       = ftp://ftp.nessus.org/pub/nessus/__NEWVER__/src/
        regex     = nessus-core-(__VER__)\.tar\.gz
    }
    prog nessus-tool:nessus-plugins = {
        version   = %{version}
        url       = ftp://ftp.nessus.org/pub/nessus/
        regex     = (nessus-\d+\.\d+\.\d+[a-z]?)
        url       = ftp://ftp.nessus.org/pub/nessus/__NEWVER__/src/
        regex     = nessus-core-(__VER__)\.tar\.gz
    }

%prep
    %setup -q -c
    %setup -q -T -D -a 1
    %patch -p0

%build
    #   build nessus-core part
    ( cd nessus-core
      CC="%{l_cc}" \
      CFLAGS="%{l_cflags -O}" \
      CPPFLAGS="%{l_cppflags}" \
      LDFLAGS="%{l_fsl_ldflags}" \
      LIBS="%{l_fsl_libs}" \
      ./configure \
          --prefix=%{l_prefix} \
          --localstatedir=%{l_prefix}/var \
          --sharedstatedir=%{l_prefix}/var \
          --enable-unix-socket=%{l_prefix}/var/nessus/nessusd.socket \
          --disable-syslog \
          --with-x \
          --x-includes=`%{l_rc} --query x11_incdir` \
          --x-libraries=`%{l_rc} --query x11_libdir` \
          --enable-save-sessions \
          --enable-save-kb \
          --enable-release
      %{l_make} %{l_mflags}
    ) || exit $?

    #   temporarily install nessus-core for nessus-plugins building
    nessus_core=`pwd`/nessus-core
    ( cd nessus-core
      %{l_make} %{l_mflags} \
          install DESTDIR=${nessus_core}/tmp
    ) || exit $?

    #   build nessus-plugins part
    ( cd nessus-plugins
      CC="%{l_cc}" \
      CFLAGS="-I${nessus_core}/tmp%{l_prefix}/include/nessus %{l_cflags -O}" \
      CPPFLAGS="-I${nessus_core}/tmp%{l_prefix}/include/nessus %{l_cppflags}" \
      LDFLAGS="%{l_fsl_ldflags}" \
      LIBS="%{l_fsl_libs}" \
      ./configure \
          --prefix=%{l_prefix} \
          --enable-install="`%{l_shtool} echo -e %u`" \
          --enable-shared
      %{l_shtool} subst \
          -e 's;getinterfaces;local_getinterfaces;g' \
          -e 's;routethrough;local_routethrough;g' \
          -e 's;ipaddr2devname;local_ipaddr2devname;g' \
          -e 's;islocalhost;local_islocalhost;g' \
          -e 's;get_random_bytes;local_get_random_bytes;g' \
          -e 's;getsourceip;local_getsourceip;g' \
          plugins/nmap_osfingerprint/*.[ch]
      %{l_make} %{l_mflags}
    ) || exit $?

%install
    rm -rf $RPM_BUILD_ROOT

    #   install nessus-core part
    ( cd nessus-core
      %{l_make} %{l_mflags} install DESTDIR=$RPM_BUILD_ROOT
    ) || exit $?

    #   install nessus-plugins part
    ( cd nessus-plugins
      %{l_make} %{l_mflags} install DESTDIR=$RPM_BUILD_ROOT
    ) || exit $?

    #   strip down installation
    strip $RPM_BUILD_ROOT%{l_prefix}/bin/* >/dev/null 2>&1 || true

    #   install default configuration
    %{l_shtool} install -c -m 644 %{l_value -s -a} \
        %{SOURCE nessusd.conf} \
        %{SOURCE nessusd.rules} \
        %{SOURCE nessusd.users} \
        $RPM_BUILD_ROOT%{l_prefix}/etc/nessus/

    #   install run-command script
    %{l_shtool} mkdir -f -p -m 755 \
        $RPM_BUILD_ROOT%{l_prefix}/etc/fsl \
        $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d
    %{l_shtool} install -c -m 755 %{l_value -s -a} \
        %{SOURCE rc.nessus} $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d/
    %{l_shtool} install -c -m 644 %{l_value -s -a} \
        %{SOURCE fsl.nessus} $RPM_BUILD_ROOT%{l_prefix}/etc/fsl/

    #   determine installation files
    %{l_rpmtool} files -v -ofiles -r$RPM_BUILD_ROOT \
        %{l_files_std} \
        '%not %dir %{l_prefix}/etc/fsl' \
        '%config %{l_prefix}/etc/fsl/fsl.nessus' \
        '%config %{l_prefix}/etc/nessus/*' \
        '%config %attr(0600,%{l_musr},%{l_mgrp}) %{l_prefix}/etc/nessus/nessusd.conf'

%files -f files

%clean
    rm -rf $RPM_BUILD_ROOT

%post
    #   after upgrade, restart service
    if [ $1 -eq 2 ]; then
        eval `%{l_rc} nessus status 2>/dev/null`
        [ ".$nessus_active" = .yes ] && %{l_rc} nessus restart
    fi

    #   on every install, announce certificate
    if [ $1 -le 2 ]; then
        if [ ! -f $RPM_INSTALL_PREFIX/var/nessus/CA/servercert.pem ]; then
            ( echo "For the SSL/TLS based remote client/server connections"
              echo "between the Nessus server and the Nessus clients, an"
              echo "X.509 server certificate/key pair is needed. Run the"
              echo "following command to create it once:"
              echo "  \$ $RPM_INSTALL_PREFIX/sbin/nessus-mkcert"
            ) | %{l_rpmtool} msg -b -t info
        fi
    fi

    #   on initial install, announce useradd
    if [ $1 -eq 1 ]; then
        ( echo "Each Nessus user has to be created on the Nessus server"
          echo "Run the following command to create an individual user:"
          echo "  \$ $RPM_INSTALL_PREFIX/sbin/nessus-adduser"
        ) | %{l_rpmtool} msg -b -t info
    fi
    exit 0

%preun
    #   before erase, stop service and remove log files
    if [ $1 -eq 0 ]; then
        %{l_rc} nessus stop 2>/dev/null
        rm -f $RPM_INSTALL_PREFIX/var/nessus/logs/*.log* >/dev/null 2>&1 || true
    fi
    exit 0