# INCOMPLETE %{?dist: %{expand: %%define %dist 1}} Summary: OSSIM Open Source Security Information Management Name: ossim-suite Version: 1.0 Release: 1 URL: http://www.ossim.net/ Packager: Scott R. Shinn Source0: ossim-installer.sh #Source1: sa-training.cron #Source2: iptables License: GNU GPL Group: Applications/System BuildRoot: %{_tmppath}/%{name}-root BuildArch: noarch # PSA Requires: ossim base snort Requires: psa-watchdog, psa-spamassassin #Conflicts: drweb, drweb-qmail # app vault # os specific changes %{?rh90:Requires: postgresql-server } %{?rhfc1:Requires: postgresql-server } %{?rhfc2:Requires: postgresql-server } %{?rhfc3:Requires: postgresql-server } %{?rhfc4:Requires: postgresql-server } %{?rhfc4:Provides: httpd-suexec } %{?rhel3:Requires: rh-postgresql-server } %{?rhel4:Requires: postgresql-server } # fc3 needs the one from fc2 # ART Requires: mysql >= 4.1 Requires: php >= 4.3.11, php-mysql, php-imap, php-pgsql, php-mbstring, php-domxml, php-pear, php-xmlrpc %{?rh90:Requires: php-mcrypt, php-mhash, php-xslt, mysql-compat } %{?rhfc1:Requires: php-mcrypt, php-mhash, php-xslt, mysql-compat } %{?rhfc2:Requires: php-mcrypt, php-mhash, php-xslt, mysql-compat } %{?rhfc3:Requires: php-mcrypt, php-mhash, php-xslt, mysql-compat } %{?rhel3:Requires: php-mcrypt, php-mhash, php-xslt, mysql-compat } %{?rhfc4:Requires: php-gd, php-ncurses, mysqlclient10 } %{?rhel4:Requires: php-mcrypt, php-mhash, php-xslt, mysqlclient10 } %description Atomic PSA is a suite that comprises ART rpms and SW-Soft's PSA product. %prep %build %install %{__rm} -rf %{buildroot} # install rkhunter crontab %{__mkdir_p} -m 755 %{buildroot}%{_sysconfdir}/cron.daily/ %{__mkdir_p} -m 755 %{buildroot}%{_sysconfdir}/sysconfig/ %{__install} -m 755 %{SOURCE0} %{buildroot}%{_sysconfdir}/cron.daily/rkhunter %{__install} -m 755 %{SOURCE1} %{buildroot}%{_sysconfdir}/cron.daily/sa-learn %{__install} -m 600 %{SOURCE2} %{buildroot}%{_sysconfdir}/sysconfig/iptables %triggerin -- mysql-server >= 4.1.12 # turn on query caching # old_passwords? # query_cache_type=1 # query_cache_size = 32M if ! grep -q "^query_cache" /etc/my.cnf; then sed -e 's/\[mysqld\]/\[mysqld\]\nquery_cache_type=1\nquery_cache_size = 32M/' /etc/my.cnf > /etc/my.cnf.atomic mv -f /etc/my.cnf.atomic /etc/my.cnf fi if ! grep -q "^old_passwords" /etc/passwd; then sed -e 's/\[mysqld\]/\[mysqld\]\nold_passwords=1/' /etc/my.cnf > /etc/my.cnf.atomic mv -f /etc/my.cnf.atomic /etc/my.cnf fi %pre # do a DNS name check and stop the install if it doesnt work # or maybe add it automatically# # this is useless, since it runs after psa is installed # #HOSTNAME=`hostname` #IP_TEST=`ping -c 1 $HOSTNAME |grep transmitted` # #if [ "$IP_TEST" == "" ]; then # echo "Hostname: $HOSTNAME does not resolve to an IP address. Add $HOSTNAME to /etc/hosts" # exit 1 #fi # might need to turn off selinux as well %post # turn off extra services SERVICES="gpm cups nfs nfslock acpid apmd autofs nscd rpcidmapd rpcsvcgssd saslauthd portmap" for i in $SERVICES; do chkconfig --del $i done # mailman hack #%{?rhfc3:Requires: if [ ! -d /var/mailman ]; then ln -sf /usr/lib/mailman /var/mailman; fi} #%{?rhfc4:Requires: if [ ! -d /var/mailman ]; then ln -sf /usr/lib/mailman /var/mailman; fi} #%{?rhel4:Requires: if [ ! -d /var/mailman ]; then ln -sf /usr/lib/mailman /var/mailman; fi} # turn on services # store bayes in SQL? # rules_du_jor # rblsmtpd? ## performance # set up nameserver 127.0.0.1 #if ! grep -q 127.0.0.1 /etc/resolv.conf; then # cp /etc/resolv.conf /etc/resolv.conf.work # echo "nameserver 127.0.0.1" > /etc/resolv.conf # cat /etc/resolv.conf.work >> /etc/resolv.conf # rm -f /etc/resolv.conf.work #fi # make sure spamd and clamd are running # rerun qmail-scanner reconfigure #if [ -x /usr/bin/qmail-scanner-reconfigure ]; then # service clamd restart 1> /dev/null 2>&1 # service spamassassin restart 1> /dev/null 2>&1 # /usr/bin/qmail-scanner-reconfigure #fi %clean %{__rm} -rf %{buildroot} %files %defattr(-,root,root) #%{_sysconfdir}/cron.daily/rkhunter #%{_sysconfdir}/cron.daily/sa-learn #%{_sysconfdir}/sysconfig/iptables %changelog * Mon Oct 3 2005 Scott R. Shinn 1.0-11 - initial additions for FC4 * Thu Sep 1 2005 Scott R. Shinn 1.0-9 - updates and tweaks * Mon Jun 6 2005 Scott R. Shinn 1.0-1 - initial build of the atomic-psa package