Репозитории ALT
| S: | 2.9.1-alt1 |
| 5.1: | 2.5.9-alt1 |
| 4.1: | 2.5.9-alt0.M41.1 |
| 4.0: | 2.5.9-alt0.M40.1 |
| +updates: | 2.5.9-alt0.M40.1 |
Группа :: Система/Серверы
Пакет: apache2-mod_security
навигация по пакетам
Главная Изменения Спек Патчи Sources Загрузить Gear Bugs and FR Repocop
# Spec file for mod_security module for Apache 2.0 server
%define real_name modsecurity
%define module_name mod_security
%define version 2.9.1
%define release alt1
Name: apache2-%module_name
Version: %version
Release: alt1
Summary: Tighten web applications security for Apache 2.x
License: Apache 2.0
Group: System/Servers
URL: http://www.modsecurity.org
# VCS: https://github.com/SpiderLabs/ModSecurity
Packager: Nikolay A. Fetisov <naf at altlinux.ru>
Source0: %real_name.tar
Source3: README.ALT
Source4: altdefaults.conf
Source5: security.load
Source6: security.conf
BuildRequires(pre): apache2-devel >= 2.2.5
BuildRequires(pre): rpm-build-licenses
BuildRequires: apache2-httpd-prefork gcc-c++ libcurl-devel libpcre-devel libxml2-devel
BuildRequires: libyajl-devel
BuildRequires: %apache2_apr_buildreq
Requires(pre): apache2 >= %apache2_version-%apache2_release
%description
ModSecurity is an Apache 1.x/2.x module whose purpose is to tighten the Web
application security. Effectively, it is an intrusion detection and prevention
system for the web server.
At the moment its main features are:
* Audit log; store full request details in a separate file, including POST
payloads.
* Request filtering; incoming requests can be analysed and offensive requests
can be rejected (or simply logged, if that is what you want). This feature
can be used to prevent many types of attacks (e.g. XSS attacks, SQL
injection, ...) and even allow you to run insecure applications on your
servers (if you have no other choice, of course).
%package doc
Summary: Documentation for %name module
Group: System/Servers
BuildArch: noarch
%description doc
ModSecurity is an Apache 1.x/2.x module whose purpose is to tighten the Web
application security. Effectively, it is an intrusion detection and prevention
system for the web server.
This package contains a documentation for ModSecurity.
%summary
%define conf_dir %_sysconfdir/%{module_name}2
%prep
%setup -q -n %real_name
%build
%configure --with-apxs=%apache2_apxs \
--with-apr=%apache2_apr_config \
--enable-pcre-match-limit=1000000 \
--enable-pcre-match-limit-recursion=1000000 \
--with-yajl
# remove rpath
sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool
sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool
%make
%install
/bin/install -pDm644 -- apache2/.libs/mod_security2.so %buildroot%apache2_libexecdir/mod_security2.so
/bin/install -pm644 -- %SOURCE3 README.ALT
/bin/install -pDm644 -- %SOURCE5 %buildroot%apache2_mods_available/security.load
/bin/install -pDm644 -- %SOURCE6 %buildroot%apache2_mods_available/security.conf
%__subst 's, at conf_dir at ,%conf_dir,g' %buildroot%apache2_mods_available/security.conf
%__subst 's, at apache2_tmpdir at ,%apache2_tmpdir,g' %buildroot%apache2_mods_available/security.conf
%__subst 's, at _libdir at ,%_libdir,g' %buildroot%apache2_mods_available/security.load
# alt default ruleset
/bin/install -pD -m644 -- %SOURCE4 %buildroot%conf_dir/altdefaults.conf
%post
# Reconfigure Apache2:
%apache2_sbindir/a2chkconfig ||:
if [ -e %apache2_mods_enabled/%module_name.load ]; then
CONF_OK=0
%apache2_sbindir/apachectl2 configtest && CONF_OK=1 ||:
if [ "$CONF_OK" = "1" ]; then
service %apache2_dname condrestart ||:
else
echo "Some errors detected in Apache2 configuration!"
echo "To use %real_name check configuration and start %apache2_dname service."
echo
fi
else
echo "Apache2 %real_name module had been installed, but does't enabled."
echo "Check %apache2_mods_start directory for files with '%module_name=no' lines."
echo
fi
%preun
if [ "$1" = "0" ] ; then # last uninstall
[ -e %apache2_mods_enabled/%module_name.load ] && %apache2_sbindir/a2dismod %module_name 2>&1 >/dev/null ||:
fi
%postun
# Reconfigure Apache2:
%apache2_sbindir/a2chkconfig ||:
if [ "$1" = "0" ] ; then # last uninstall
CONF_OK=0
%apache2_sbindir/apachectl2 configtest && CONF_OK=1 ||:
if [ "$CONF_OK" = "1" ]; then
service %apache2_dname condrestart ||:
else
echo "Some errors detected in Apache2 configuration!"
echo "To complete %real_name uninstalling check configuration and restart %apache2_dname service."
echo
fi
fi
%files
%doc README.* LICENSE
%apache2_libexecdir/mod_security2.so
%apache2_mods_available/security.load
%config(noreplace) %apache2_mods_available/security.conf
%dir %conf_dir
%config(noreplace) %conf_dir/*.conf
%files doc
%doc doc/*
%changelog
…
Полный changelog можно просмотреть здесь
%define real_name modsecurity
%define module_name mod_security
%define version 2.9.1
%define release alt1
Name: apache2-%module_name
Version: %version
Release: alt1
Summary: Tighten web applications security for Apache 2.x
License: Apache 2.0
Group: System/Servers
URL: http://www.modsecurity.org
# VCS: https://github.com/SpiderLabs/ModSecurity
Packager: Nikolay A. Fetisov <naf at altlinux.ru>
Source0: %real_name.tar
Source3: README.ALT
Source4: altdefaults.conf
Source5: security.load
Source6: security.conf
BuildRequires(pre): apache2-devel >= 2.2.5
BuildRequires(pre): rpm-build-licenses
BuildRequires: apache2-httpd-prefork gcc-c++ libcurl-devel libpcre-devel libxml2-devel
BuildRequires: libyajl-devel
BuildRequires: %apache2_apr_buildreq
Requires(pre): apache2 >= %apache2_version-%apache2_release
%description
ModSecurity is an Apache 1.x/2.x module whose purpose is to tighten the Web
application security. Effectively, it is an intrusion detection and prevention
system for the web server.
At the moment its main features are:
* Audit log; store full request details in a separate file, including POST
payloads.
* Request filtering; incoming requests can be analysed and offensive requests
can be rejected (or simply logged, if that is what you want). This feature
can be used to prevent many types of attacks (e.g. XSS attacks, SQL
injection, ...) and even allow you to run insecure applications on your
servers (if you have no other choice, of course).
%package doc
Summary: Documentation for %name module
Group: System/Servers
BuildArch: noarch
%description doc
ModSecurity is an Apache 1.x/2.x module whose purpose is to tighten the Web
application security. Effectively, it is an intrusion detection and prevention
system for the web server.
This package contains a documentation for ModSecurity.
%summary
%define conf_dir %_sysconfdir/%{module_name}2
%prep
%setup -q -n %real_name
%build
%configure --with-apxs=%apache2_apxs \
--with-apr=%apache2_apr_config \
--enable-pcre-match-limit=1000000 \
--enable-pcre-match-limit-recursion=1000000 \
--with-yajl
# remove rpath
sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool
sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool
%make
%install
/bin/install -pDm644 -- apache2/.libs/mod_security2.so %buildroot%apache2_libexecdir/mod_security2.so
/bin/install -pm644 -- %SOURCE3 README.ALT
/bin/install -pDm644 -- %SOURCE5 %buildroot%apache2_mods_available/security.load
/bin/install -pDm644 -- %SOURCE6 %buildroot%apache2_mods_available/security.conf
%__subst 's, at conf_dir at ,%conf_dir,g' %buildroot%apache2_mods_available/security.conf
%__subst 's, at apache2_tmpdir at ,%apache2_tmpdir,g' %buildroot%apache2_mods_available/security.conf
%__subst 's, at _libdir at ,%_libdir,g' %buildroot%apache2_mods_available/security.load
# alt default ruleset
/bin/install -pD -m644 -- %SOURCE4 %buildroot%conf_dir/altdefaults.conf
%post
# Reconfigure Apache2:
%apache2_sbindir/a2chkconfig ||:
if [ -e %apache2_mods_enabled/%module_name.load ]; then
CONF_OK=0
%apache2_sbindir/apachectl2 configtest && CONF_OK=1 ||:
if [ "$CONF_OK" = "1" ]; then
service %apache2_dname condrestart ||:
else
echo "Some errors detected in Apache2 configuration!"
echo "To use %real_name check configuration and start %apache2_dname service."
echo
fi
else
echo "Apache2 %real_name module had been installed, but does't enabled."
echo "Check %apache2_mods_start directory for files with '%module_name=no' lines."
echo
fi
%preun
if [ "$1" = "0" ] ; then # last uninstall
[ -e %apache2_mods_enabled/%module_name.load ] && %apache2_sbindir/a2dismod %module_name 2>&1 >/dev/null ||:
fi
%postun
# Reconfigure Apache2:
%apache2_sbindir/a2chkconfig ||:
if [ "$1" = "0" ] ; then # last uninstall
CONF_OK=0
%apache2_sbindir/apachectl2 configtest && CONF_OK=1 ||:
if [ "$CONF_OK" = "1" ]; then
service %apache2_dname condrestart ||:
else
echo "Some errors detected in Apache2 configuration!"
echo "To complete %real_name uninstalling check configuration and restart %apache2_dname service."
echo
fi
fi
%files
%doc README.* LICENSE
%apache2_libexecdir/mod_security2.so
%apache2_mods_available/security.load
%config(noreplace) %apache2_mods_available/security.conf
%dir %conf_dir
%config(noreplace) %conf_dir/*.conf
%files doc
%doc doc/*
%changelog
…
Полный changelog можно просмотреть здесь