1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/nessus-tool/nessus-tool.spec Fri Jan 16 22:39:09 2009 +0100
1.3 @@ -0,0 +1,224 @@
1.4 +##
1.5 +## nessus-tool.spec -- OpenPKG RPM Package Specification
1.6 +## Copyright (c) 2000-2008 OpenPKG Foundation e.V. <http://openpkg.net/>
1.7 +##
1.8 +## Permission to use, copy, modify, and distribute this software for
1.9 +## any purpose with or without fee is hereby granted, provided that
1.10 +## the above copyright notice and this permission notice appear in all
1.11 +## copies.
1.12 +##
1.13 +## THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
1.14 +## WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
1.15 +## MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
1.16 +## IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR
1.17 +## CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
1.18 +## SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
1.19 +## LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
1.20 +## USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
1.21 +## ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
1.22 +## OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
1.23 +## OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
1.24 +## SUCH DAMAGE.
1.25 +##
1.26 +
1.27 +# package information
1.28 +Name: nessus-tool
1.29 +Summary: Nessus Security Scanner (Tool)
1.30 +URL: http://www.nessus.org/
1.31 +Vendor: Renaud Deraison
1.32 +Packager: OpenPKG Foundation e.V.
1.33 +Distribution: OpenPKG Community
1.34 +Class: EVAL
1.35 +Group: Monitoring
1.36 +License: GPL
1.37 +Version: 2.2.11
1.38 +Release: 20081120
1.39 +
1.40 +# package options
1.41 +%option with_fsl yes
1.42 +
1.43 +# list of sources
1.44 +Source0: ftp://ftp.nessus.org/pub/nessus/nessus-%{version}/src/nessus-core-%{version}.tar.gz
1.45 +Source1: ftp://ftp.nessus.org/pub/nessus/nessus-%{version}/src/nessus-plugins-GPL-%{version}.tar.gz
1.46 +Source2: nessusd.conf
1.47 +Source3: nessusd.rules
1.48 +Source4: nessusd.users
1.49 +Source5: rc.nessus
1.50 +Source6: fsl.nessus
1.51 +Patch0: nessus-tool.patch
1.52 +
1.53 +# build information
1.54 +Prefix: %{l_prefix}
1.55 +BuildRoot: %{l_buildroot}
1.56 +BuildPreReq: OpenPKG, openpkg >= 20060823, X11, gcc, make
1.57 +PreReq: OpenPKG, openpkg >= 20060823, X11
1.58 +BuildPreReq: nessus-libs, glib2, gtk2, openssl
1.59 +PreReq: nessus-libs, glib2, gtk2, openssl
1.60 +%if "%{with_fsl}" == "yes"
1.61 +BuildPreReq: fsl >= 1.3.0
1.62 +PreReq: fsl >= 1.3.0
1.63 +%endif
1.64 +AutoReq: no
1.65 +AutoReqProv: no
1.66 +
1.67 +%description
1.68 + This is the Tool package of the Nessus Security Scanner, a security
1.69 + scanner which will audit remotely a given network and determine
1.70 + whether attackers may break into it, or misuse it in some way.
1.71 +
1.72 +%track
1.73 + prog nessus-tool:nessus-core = {
1.74 + version = %{version}
1.75 + url = ftp://ftp.nessus.org/pub/nessus/
1.76 + regex = (nessus-\d+\.\d+\.\d+[a-z]?)
1.77 + url = ftp://ftp.nessus.org/pub/nessus/__NEWVER__/src/
1.78 + regex = nessus-core-(__VER__)\.tar\.gz
1.79 + }
1.80 + prog nessus-tool:nessus-plugins = {
1.81 + version = %{version}
1.82 + url = ftp://ftp.nessus.org/pub/nessus/
1.83 + regex = (nessus-\d+\.\d+\.\d+[a-z]?)
1.84 + url = ftp://ftp.nessus.org/pub/nessus/__NEWVER__/src/
1.85 + regex = nessus-core-(__VER__)\.tar\.gz
1.86 + }
1.87 +
1.88 +%prep
1.89 + %setup -q -c
1.90 + %setup -q -T -D -a 1
1.91 + %patch -p0
1.92 +
1.93 +%build
1.94 + # build nessus-core part
1.95 + ( cd nessus-core
1.96 + CC="%{l_cc}" \
1.97 + CFLAGS="%{l_cflags -O}" \
1.98 + CPPFLAGS="%{l_cppflags}" \
1.99 + LDFLAGS="%{l_fsl_ldflags}" \
1.100 + LIBS="%{l_fsl_libs}" \
1.101 + ./configure \
1.102 + --prefix=%{l_prefix} \
1.103 + --localstatedir=%{l_prefix}/var \
1.104 + --sharedstatedir=%{l_prefix}/var \
1.105 + --enable-unix-socket=%{l_prefix}/var/nessus/nessusd.socket \
1.106 + --disable-syslog \
1.107 + --with-x \
1.108 + --x-includes=`%{l_rc} --query x11_incdir` \
1.109 + --x-libraries=`%{l_rc} --query x11_libdir` \
1.110 + --enable-save-sessions \
1.111 + --enable-save-kb \
1.112 + --enable-release
1.113 + %{l_make} %{l_mflags}
1.114 + ) || exit $?
1.115 +
1.116 + # temporarily install nessus-core for nessus-plugins building
1.117 + nessus_core=`pwd`/nessus-core
1.118 + ( cd nessus-core
1.119 + %{l_make} %{l_mflags} \
1.120 + install DESTDIR=${nessus_core}/tmp
1.121 + ) || exit $?
1.122 +
1.123 + # build nessus-plugins part
1.124 + ( cd nessus-plugins
1.125 + CC="%{l_cc}" \
1.126 + CFLAGS="-I${nessus_core}/tmp%{l_prefix}/include/nessus %{l_cflags -O}" \
1.127 + CPPFLAGS="-I${nessus_core}/tmp%{l_prefix}/include/nessus %{l_cppflags}" \
1.128 + LDFLAGS="%{l_fsl_ldflags}" \
1.129 + LIBS="%{l_fsl_libs}" \
1.130 + ./configure \
1.131 + --prefix=%{l_prefix} \
1.132 + --enable-install="`%{l_shtool} echo -e %u`" \
1.133 + --enable-shared
1.134 + %{l_shtool} subst \
1.135 + -e 's;getinterfaces;local_getinterfaces;g' \
1.136 + -e 's;routethrough;local_routethrough;g' \
1.137 + -e 's;ipaddr2devname;local_ipaddr2devname;g' \
1.138 + -e 's;islocalhost;local_islocalhost;g' \
1.139 + -e 's;get_random_bytes;local_get_random_bytes;g' \
1.140 + -e 's;getsourceip;local_getsourceip;g' \
1.141 + plugins/nmap_osfingerprint/*.[ch]
1.142 + %{l_make} %{l_mflags}
1.143 + ) || exit $?
1.144 +
1.145 +%install
1.146 + rm -rf $RPM_BUILD_ROOT
1.147 +
1.148 + %{l_shtool} mkdir -f -p -m 755 \
1.149 + $RPM_BUILD_ROOT%{l_prefix}/bin
1.150 +
1.151 + # install nessus-core part
1.152 + ( cd nessus-core
1.153 + %{l_make} %{l_mflags} install DESTDIR=$RPM_BUILD_ROOT
1.154 + ) || exit $?
1.155 +
1.156 + # install nessus-plugins part
1.157 + ( cd nessus-plugins
1.158 + %{l_make} %{l_mflags} install DESTDIR=$RPM_BUILD_ROOT
1.159 + ) || exit $?
1.160 +
1.161 + # strip down installation
1.162 + strip $RPM_BUILD_ROOT%{l_prefix}/bin/* >/dev/null 2>&1 || true
1.163 +
1.164 + # install default configuration
1.165 + %{l_shtool} install -c -m 644 %{l_value -s -a} \
1.166 + %{SOURCE nessusd.conf} \
1.167 + %{SOURCE nessusd.rules} \
1.168 + %{SOURCE nessusd.users} \
1.169 + $RPM_BUILD_ROOT%{l_prefix}/etc/nessus/
1.170 +
1.171 + # install run-command script
1.172 + %{l_shtool} mkdir -f -p -m 755 \
1.173 + $RPM_BUILD_ROOT%{l_prefix}/etc/fsl \
1.174 + $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d
1.175 + %{l_shtool} install -c -m 755 %{l_value -s -a} \
1.176 + %{SOURCE rc.nessus} $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d/
1.177 + %{l_shtool} install -c -m 644 %{l_value -s -a} \
1.178 + %{SOURCE fsl.nessus} $RPM_BUILD_ROOT%{l_prefix}/etc/fsl/
1.179 +
1.180 + # determine installation files
1.181 + %{l_rpmtool} files -v -ofiles -r$RPM_BUILD_ROOT \
1.182 + %{l_files_std} \
1.183 + '%config %{l_prefix}/etc/fsl/fsl.nessus' \
1.184 + '%config %{l_prefix}/etc/nessus/*' \
1.185 + '%config %attr(0600,%{l_musr},%{l_mgrp}) %{l_prefix}/etc/nessus/nessusd.conf'
1.186 +
1.187 +%files -f files
1.188 +
1.189 +%clean
1.190 + rm -rf $RPM_BUILD_ROOT
1.191 +
1.192 +%post
1.193 + # after upgrade, restart service
1.194 + if [ $1 -eq 2 ]; then
1.195 + eval `%{l_rc} nessus status 2>/dev/null`
1.196 + [ ".$nessus_active" = .yes ] && %{l_rc} nessus restart
1.197 + fi
1.198 +
1.199 + # on every install, announce certificate
1.200 + if [ $1 -le 2 ]; then
1.201 + if [ ! -f $RPM_INSTALL_PREFIX/var/nessus/CA/servercert.pem ]; then
1.202 + ( echo "For the SSL/TLS based remote client/server connections"
1.203 + echo "between the Nessus server and the Nessus clients, an"
1.204 + echo "X.509 server certificate/key pair is needed. Run the"
1.205 + echo "following command to create it once:"
1.206 + echo " \$ $RPM_INSTALL_PREFIX/sbin/nessus-mkcert"
1.207 + ) | %{l_rpmtool} msg -b -t info
1.208 + fi
1.209 + fi
1.210 +
1.211 + # on initial install, announce useradd
1.212 + if [ $1 -eq 1 ]; then
1.213 + ( echo "Each Nessus user has to be created on the Nessus server"
1.214 + echo "Run the following command to create an individual user:"
1.215 + echo " \$ $RPM_INSTALL_PREFIX/sbin/nessus-adduser"
1.216 + ) | %{l_rpmtool} msg -b -t info
1.217 + fi
1.218 + exit 0
1.219 +
1.220 +%preun
1.221 + # before erase, stop service and remove log files
1.222 + if [ $1 -eq 0 ]; then
1.223 + %{l_rc} nessus stop 2>/dev/null
1.224 + rm -f $RPM_INSTALL_PREFIX/var/nessus/logs/*.log* >/dev/null 2>&1 || true
1.225 + fi
1.226 + exit 0
1.227 +
