SPECS: psad.spec - drop pointless macros, more cleanups - %service...

glen glen at pld-linux.org
Mon Dec 18 00:04:04 CET 2006


Author: glen                         Date: Sun Dec 17 23:04:04 2006 GMT
Module: SPECS                         Tag: HEAD
---- Log message:
- drop pointless macros, more cleanups
- %service and chkconfig

---- Files affected:
SPECS:
   psad.spec (1.6 -> 1.7) 

---- Diffs:

================================================================
Index: SPECS/psad.spec
diff -u SPECS/psad.spec:1.6 SPECS/psad.spec:1.7
--- SPECS/psad.spec:1.6	Sun Dec 17 23:31:50 2006
+++ SPECS/psad.spec	Mon Dec 18 00:03:59 2006
@@ -4,21 +4,11 @@
 # - CC & CFLAGS
 # - use system whois (same sources)
 #
-%define psadlibdir %{_libdir}/%{name}
-%define psadlogdir /var/log/psad
-%define psadrundir /var/run/psad
-%define psadvarlibdir /var/lib/psad
-
-### get the first @INC directory that includes the string "linux".
-### This may be 'i386-linux', or 'i686-linux-thread-multi', etc.
-# TODO: kill this
-%define psadmoddir `perl -e '$path='i386-linux'; for (@INC) { if($_ =~ m|.*/(.*linux.*)|) {$path = $1; last; }} print $path'`
-
 %include	/usr/lib/rpm/macros.perl
 Summary:	Psad analyzes iptables log messages for suspect traffic
 Name:		psad
 Version:	2.0.1
-Release:	0.3
+Release:	0.4
 License:	GPL
 Group:		Daemons
 URL:		http://www.cipherdyne.org/psad/
@@ -26,6 +16,9 @@
 # Source0-md5:	a1604b68e31178e7e0cbbfd7c1cd4edf
 BuildRequires:	perl-base
 BuildRequires:	rpm-perlprov >= 4.1-13
+BuildRequires:	rpmbuild(macros) >= 1.268
+Requires(post,preun):	/sbin/chkconfig
+Requires:	rc-scripts
 %if %{with autodeps}
 BuildRequires:	perl-Bit-Vector
 BuildRequires:	perl-Date-Calc
@@ -75,14 +68,6 @@
 
 %install
 rm -rf $RPM_BUILD_ROOT
-### config directory
-#install -d $RPM_BUILD_ROOT%{psadetcdir}
-### log directory
-install -d $RPM_BUILD_ROOT%{psadlogdir}
-### dir for psadfifo
-install -d $RPM_BUILD_ROOT%{psadvarlibdir}
-### dir for pidfiles
-install -d $RPM_BUILD_ROOT%{psadrundir}
 
 %{__make} -C Psad \
 	pure_install \
@@ -99,6 +84,7 @@
 	DESTDIR=$RPM_BUILD_ROOT
 rm -f $RPM_BUILD_ROOT%{perl_vendorarch}/auto/IPTables/ChainMgr/.packlist
 
+install -d $RPM_BUILD_ROOT/var/{log,lib,run}/psad
 
 ### whois_psad binary
 install -d $RPM_BUILD_ROOT%{_bindir}
@@ -110,8 +96,6 @@
 ### psad init script
 install -d $RPM_BUILD_ROOT/etc/rc.d/init.d
 
-### the 700 permissions mode is fixed in the
-### %post phase
 install {psad,kmsgsd,psadwatchd} $RPM_BUILD_ROOT%{_sbindir}
 install fwcheck_psad.pl $RPM_BUILD_ROOT%{_sbindir}/fwcheck_psad
 install whois/whois $RPM_BUILD_ROOT%{_bindir}/whois_psad
@@ -120,89 +104,82 @@
 install {psad.conf,kmsgsd.conf,psadwatchd.conf,fw_search.conf,alert.conf} $RPM_BUILD_ROOT%{_sysconfdir}/%{name}
 install {signatures,icmp_types,ip_options,auto_dl,snort_rule_dl,posf,pf.os} $RPM_BUILD_ROOT%{_sysconfdir}/%{name}
 install *.8 $RPM_BUILD_ROOT%{_mandir}/man8/
-install nf2csv.1 $RPM_BUILD_ROOT%{_mandir}/man1/
+install nf2csv.1 $RPM_BUILD_ROOT%{_mandir}/man1
 
 ### install snort rules files
-cp -r snort_rules $RPM_BUILD_ROOT%{_sysconfdir}/%{name}
+cp -a snort_rules $RPM_BUILD_ROOT%{_sysconfdir}/%{name}
+
+touch $RPM_BUILD_ROOT/var/lib/psad/psadfifo
 
 %clean
 rm -rf $RPM_BUILD_ROOT
 
-%pre
-#if [ ! -p /var/lib/psad/psadfifo ];
-#then [ -e /var/lib/psad/psadfifo ] && /bin/rm -f /var/lib/psad/psadfifo
-#fi
-#/bin/mknod -m 600 /var/lib/psad/psadfifo p
-#chown root.root /var/lib/psad/psadfifo
-#chmod 0600 /var/lib/psad/psadfifo
-
 %post
-### put the current hostname into the psad C binaries
-### (kmsgsd and psadwatchd).
-perl -p -i -e 'use Sys::Hostname; my $hostname = hostname(); s/HOSTNAME(\s+)_?CHANGE.?ME_?/HOSTNAME${1}$hostname/' %{_sysconfdir}/%{name}/psad.conf
-perl -p -i -e 'use Sys::Hostname; my $hostname = hostname(); s/HOSTNAME(\s+)_?CHANGE.?ME_?/HOSTNAME${1}$hostname/' %{_sysconfdir}/%{name}/psadwatchd.conf
-
-/bin/touch %{psadlogdir}/fwdata
-chown root.root %{psadlogdir}/fwdata
-chmod 0600 %{psadlogdir}/fwdata
-if [ ! -p %psadvarlibdir/psadfifo ];
-	then [ -e %psadvarlibdir/psadfifo ] && /bin/rm -f %psadvarlibdir/psadfifo
-	/bin/mknod -m 600 %psadvarlibdir/psadfifo p
-fi
-chown root.root %psadvarlibdir/psadfifo
-chmod 0600 %psadvarlibdir/psadfifo
-### make psad start at boot
-/sbin/chkconfig --add psad
-if [ -f /etc/syslog.conf ]; then
-	[ -f /etc/syslog.conf.orig ] || cp -p /etc/syslog.conf /etc/syslog.conf.orig
-
-	### add the psadfifo line to /etc/syslog.conf if necessary
-	if ! grep -v "#" /etc/syslog.conf | grep -q psadfifo; then
-		echo "[+] Adding psadfifo line to /etc/syslog.conf"
-		echo "kern.info |/var/lib/psad/psadfifo" >> /etc/syslog.conf
+if [ "$1" = 1 ]; then
+	hostname=`hostname 2>&1`
+	if [ "$hostname" ]; then
+		%{__sed} -i -e "s/^HOSTNAME.*;/HOSTNAME	$hostname;/" %{_sysconfdir}/%{name}/{psadwatchd.conf,psad.conf}
 	fi
-	if [ -e /var/run/syslogd.pid ]; then
-		echo "[+] Restarting syslogd "
-		kill -HUP `cat /var/run/syslogd.pid`
+
+# TODO: files
+	touch /var/log/psad/fwdata
+	chown root:root /var/log/psad/fwdata
+	chmod 600 /var/log/psad/fwdata
+	if [ ! -p /var/lib/psad/psadfifo ]; then
+		[ -e /var/lib/psad/psadfifo ] && rm -f /var/lib/psad/psadfifo
+		mknod -m 600 /var/lib/psad/psadfifo p
 	fi
-fi
-if grep -q "EMAIL.*root.*localhost" %{_sysconfdir}/psad/psad.conf; then
-	echo "[+] You can edit the EMAIL_ADDRESSES variable in %{_sysconfdir}/psad/psad.conf"
-	echo " %{_sysconfdir}/psad/psadwatchd.conf to have email alerts sent to an address"
-	echo "    other than root\@localhost"
-fi
+	chown root:root /var/lib/psad/psadfifo
+	chmod 0600 /var/lib/psad/psadfifo
+
+%banner -e %{name} <<EOF
+[+] You should add to syslog.conf:
+    kern.info	| /var/lib/psad/psadfifo
+
+[+] You can edit the EMAIL_ADDRESSES variable in %{_sysconfdir}/psad/psad.conf
+ %{_sysconfdir}/psad/psadwatchd.conf to have email alerts sent to an address
+    other than root at localhost
+
+[+] Be sure to edit the HOME_NET variable in %{_sysconfdir}/psad/psad.conf
+    to define the internal network(s) attached to your machine.
 
-if grep -q "HOME_NET.*CHANGEME" %{_sysconfdir}/psad/psad.conf; then
-	echo "[+] Be sure to edit the HOME_NET variable in %{_sysconfdir}/psad/psad.conf"
-	echo "    to define the internal network(s) attached to your machine."
+EOF
 fi
 
+/sbin/chkconfig --add psad
+%service psad restart
+
 %preun
-#%_preun_service psad
+if [ "$1" = 0 ]; then
+	%service psad stop
+	/sbin/chkconfig --del psad
+fi
 
 %files
 %defattr(644,root,root,755)
-%dir %{psadlogdir}
-%dir %{psadvarlibdir}
-%dir %{psadrundir}
+%dir %{_sysconfdir}/%{name}
+%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/*.conf
+%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/signatures
+%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/auto_dl
+%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/ip_options
+%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/snort_rule_dl
+%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/posf
+%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/pf.os
+%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/icmp_types
+
+%dir %{_sysconfdir}/%{name}/snort_rules
+%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/snort_rules/*
+
 %attr(754,root,root) /etc/rc.d/init.d/psad
 %attr(755,root,root) %{_sbindir}/*
 %attr(755,root,root) %{_bindir}/*
 %{_mandir}/man8/*
 %{_mandir}/man1/*
 
-%dir %{_sysconfdir}/%{name}
-%config(noreplace) %{_sysconfdir}/%{name}/*.conf
-%config(noreplace) %{_sysconfdir}/%{name}/signatures
-%config(noreplace) %{_sysconfdir}/%{name}/auto_dl
-%config(noreplace) %{_sysconfdir}/%{name}/ip_options
-%config(noreplace) %{_sysconfdir}/%{name}/snort_rule_dl
-%config(noreplace) %{_sysconfdir}/%{name}/posf
-%config(noreplace) %{_sysconfdir}/%{name}/pf.os
-%config(noreplace) %{_sysconfdir}/%{name}/icmp_types
-
-%dir %{_sysconfdir}/%{name}/snort_rules
-%config(noreplace) %{_sysconfdir}/%{name}/snort_rules/*
+%dir /var/log/psad
+%dir /var/lib/psad
+%ghost /var/lib/psad/psadfifo
+%dir /var/run/psad
 
 # perl files
 %{_mandir}/man3/IPTables::ChainMgr.3pm*
@@ -218,6 +195,10 @@
 All persons listed below can be reached at <cvs_login>@pld-linux.org
 
 $Log$
+Revision 1.7  2006/12/17 23:03:59  glen
+- drop pointless macros, more cleanups
+- %service and chkconfig
+
 Revision 1.6  2006/12/17 22:31:50  glen
 - use some perl modules that are available
 - use perl build system
================================================================

---- CVS-web:
    http://cvs.pld-linux.org/SPECS/psad.spec?r1=1.6&r2=1.7&f=u



More information about the pld-cvs-commit mailing list