Search
j0ke.net Open Build Service
>
Projects
>
internetx
:
managed
:
project
>
mod_security
> mod_security-ix.spec
Sign Up
|
Log In
Username
Password
Cancel
Overview
Repositories
Revisions
Requests
Users
Advanced
Attributes
Meta
File mod_security-ix.spec of Package mod_security (Revision 29)
Currently displaying revision
29
,
show latest
%define aslxml 1 Summary: Security module for the Apache HTTP Server Name: mod_security %if 0%{?centos_version} >= 6 || 0%{?rhel_version} >= 600 || 0%{?sl_version} >= 600 || 0%{?suse_version} >= 1110 || 0%{?sles_version} >= 11 %define pkgversion 2.7.4 %define oldver 0 %define _aslxml 0 BuildRequires: libxml2-devel %else %if %{aslxml} %define pkgversion 2.7.4 %define oldver 0 %define _aslxml 1 BuildRequires: asl-libxml2-devel %else %define pkgversion 2.6.8 %define oldver 1 %define _aslxml 0 BuildRequires: libxml2-devel %endif %endif Version: %{pkgversion} Release: 35 License: GPLv2 URL: http://www.modsecurity.org/ Group: System Environment/Daemons Source: http://www.modsecurity.org/download/modsecurity-apache_%{version}.tar.bz2 %if 0%{?rhel_version} || 0%{?centos_version} || 0%{?sl_version} || 0%{?redhat_version} Source1: 00_mod_security.conf Source2: modsecurity_crs_10_config-default.conf %endif %if 0%{?suse_version} Source1: 00_mod_security.conf.suse Source2: modsecurity_crs_10_config-default.conf.suse %endif Source3: zzz_asl_custom_exclude.conf Source4: zzz_asl_custom_local_exclude.conf Source5: modsec-clamscan.pl Source6: modsec-clean_var-asl-data-audit Patch1: waf-label.patch Patch2: mlogc-disable-force-sslv3.patch Patch50: CVE-2013-2765.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) %if 0%{?rhel_version} || 0%{?centos_version} || 0%{?sl_version} || 0%{?redhat_version} Requires: httpd httpd-mmn = %([ -a %{_includedir}/httpd/.mmn ] && cat %{_includedir}/httpd/.mmn || echo missing) BuildRequires: httpd-devel pkgconfig lua-devel Requires: lua %define apxs %{_sbindir}/apxs %define apache_libexecdir %(%{apxs} -q LIBEXECDIR) ##%define apache_sysconfdir %(%{apxs} -q SYSCONFDIR) %define apache_sysconfdir /etc/httpd %define apache_usr apache %define apache_grp apache %endif %if 0%{?suse_version} BuildRequires: apache2-devel apache2-prefork pkg-config openldap2-devel BuildRequires: -post-build-checks %if 0%{?suse_version} >= 1100 BuildRequires: lua-devel %endif %define apxs %{_sbindir}/apxs2 %define apache_libexecdir %(%{apxs} -q LIBEXECDIR) %define apache_sysconfdir %(%{apxs} -q SYSCONFDIR) %define apache_mmn %(MMN=$(%{apxs} -q LIBEXECDIR)/MMN; test -x $MMN && $MMN) %define apache_usr wwwrun %define apache_grp www Requires: apache2 %{apache_mmn} Obsoletes: apache2-mod_security2 Provides: apache2-mod_security2 = %{version} %endif BuildRequires: pcre-devel libtool curl-devel BuildRequires: curl Requires: libxml2 pcre Provides: ix-mod_security = %{version} %description ModSecurity is an open source intrusion detection and prevention engine for web applications. It operates embedded into the web server, acting as a powerful umbrella - shielding web applications from attacks. %prep %setup -n modsecurity-apache_%{version} %patch1 -p1 %patch2 %if 0%{?oldver} == 1 %patch50 -p1 %endif %build CFLAGS="%{optflags}" export CFLAGS %configure \ %if 0%{_aslxml} == 1 --with-libxml=/var/asl/usr/ \ %endif --enable-pcre-match-limit=no \ --enable-pcre-match-limit-recursion=no \ --enable-pcre-study make %{_smp_mflags} cd mlogc make %{_smp_mflags} %install rm -rf %{buildroot} mkdir -p %{buildroot}/%{apache_sysconfdir}/modsecurity.d/ mkdir -p %{buildroot}/%{apache_sysconfdir}/conf.d/ mkdir -p %{buildroot}/var/asl/data/suspicious mkdir -p %{buildroot}/var/asl/data/msa mkdir -p %{buildroot}/var/asl/data/audit install -D -m755 apache2/.libs/mod_security2.so %{buildroot}/%{apache_libexecdir}/mod_security2.so install -D -m644 %{SOURCE1} %{buildroot}/%{apache_sysconfdir}/conf.d/00_mod_security.conf install -D -m644 %{SOURCE2} %{buildroot}/%{apache_sysconfdir}/modsecurity.d/modsecurity_crs_10_config.conf install -D -m644 %{SOURCE3} %{buildroot}/%{apache_sysconfdir}/modsec/zzz_asl_custom_exclude.conf install -D -m644 %{SOURCE4} %{buildroot}/%{apache_sysconfdir}/modsec/zzz_asl_custom_local_exclude.conf install -D -m755 %{SOURCE5} %{buildroot}%{_bindir}/modsec-clamscan.pl install -D -m755 %{SOURCE6} %{buildroot}%{_sysconfdir}/cron.daily/modsec-clean_var-asl-data-audit sed -i s@"%APAUSR%:%APAGRP%"@"%{apache_usr}:%{apache_grp}"@g %{buildroot}%{_sysconfdir}/cron.daily/modsec-clean_var-asl-data-audit mkdir -p %{buildroot}/var/log/mlogc/data install -D -m755 mlogc/mlogc %{buildroot}%{_bindir}/mlogc install -m755 mlogc/mlogc-batch-load.pl %{buildroot}%{_bindir}/mlogc-batch-load.pl install -m644 mlogc/mlogc-default.conf %{buildroot}%{_sysconfdir}/mlogc.conf install -m644 mlogc/mlogc-default.conf %{buildroot}%{_sysconfdir}/mlogc-default.conf %if 0%{?suse_version} sed -i s@"^LoadModule"@"#LoadModule"@g %{buildroot}/%{apache_sysconfdir}/conf.d/00_mod_security.conf %endif %clean rm -rf %{buildroot} %post [ -x /usr/local/bin/modsec-permissions ] && /usr/local/bin/modsec-permissions || : %files %defattr (-,root,root) %doc CHANGES LICENSE README.* modsecurity* doc %{apache_libexecdir}/mod_security2.so %{_bindir}/modsec-clamscan.pl %{_bindir}/mlogc %{_bindir}/mlogc-batch-load.pl %config %{apache_sysconfdir}/conf.d/00_mod_security.conf %dir %{apache_sysconfdir}/modsecurity.d %config(noreplace) %{apache_sysconfdir}/modsecurity.d/modsecurity_crs_10_config.conf %dir %{apache_sysconfdir}/modsec %config %{apache_sysconfdir}/modsec/zzz_asl_custom_exclude.conf %config(noreplace) %{apache_sysconfdir}/modsec/zzz_asl_custom_local_exclude.conf %config(noreplace) %{_sysconfdir}/mlogc.conf %config %{_sysconfdir}/mlogc-default.conf %config %{_sysconfdir}/cron.daily/modsec-clean_var-asl-data-audit %defattr(-,%{apache_usr},%{apache_grp}) %dir /var/asl %dir /var/asl/data %dir /var/asl/data/suspicious %dir /var/asl/data/msa %dir /var/asl/data/audit %dir /var/log/mlogc %dir /var/log/mlogc/data %changelog * Mon Jun 27 2011 Carsten Schoene <cs@linux-administrator.com> - 2.5.13-23 - rename 999_asl_custom_exclude.conf to zzz_asl_custom_exclude.conf - rename 999_asl_custom_local_exclude.conf to zzz_asl_custom_local_exclude.conf * Mon Jun 06 2011 Carsten Schoene <cs@linux-administrator.com> - 2.5.13-21 - added 999_asl_custom_local_exclude.conf with noreplace - set 999_asl_custom_exclude.conf to replace * Mon Jun 06 2011 Carsten Schoene <cs@linux-administrator.com> - 2.5.13-20 - added rules to excludelist: - 350147 - 350148 - 340162 * Fri May 06 2011 Carsten Schoene <cs@linux-administrator.com> - 2.5.13-19 - rename exclude config file from 00_asl_custom_exclude.conf to 999_asl_custom_exclude.conf * Thu May 05 2011 Carsten Schoene <cs@linux-administrator.com> - 2.5.13-18 - disable clamav check rule 351000 by default * Tue May 03 2011 Carsten Schoene <cs@linux-administrator.com> - 2.5.13-17 - add 00_asl_custom_exclude.conf and disable RBL rule 350000 by default * Fri Apr 01 2011 Carsten Schoene <cs@linux-administrator.com> - 2.5.13-16 - update to release 2.5.13 * Wed Nov 24 2010 Carsten Schoene <cs@linux-administrator.com> - 2.5.12-15 - initial InterNetX GmbH specific mod_security build