nessus-tool/nessus-tool.spec@4a34d7a82eab
nessus-tool/nessus-tool.spec
Tue, 29 Mar 2011 20:04:34 +0200
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Tue, 29 Mar 2011 20:04:34 +0200
- changeset 334
- 4a34d7a82eab
- parent 102
- 8db7071256b6
- permissions
- -rw-r--r--
Rework package yet again, correcting and introducing new buildconf logic:
Conditionally disable bootstrap stage comparison correctly, correct
english grammar, better find system as(1) and ld(1), indotruce detailed
optimization option messages, more completely guess cpu types, allow
profiled bootstrapping without a preinstalled GCC because many other
compilers have long since implemented 64-bit arithmetic, instruct make
to build sequentially (not in sparallel) when building a profiled
bootstrap as GCC online documents recommend, and generally improve
comment blocks.
The single most important correction in this changeset relates to the
GCC changed optimization policy since at least GCC 4.5, in which -march
is always passed and not always correctly guessed. In the case of this
package, allowing GCC to guess the architecture leads to wild build
errors at various subcomponents (zlib, libgcc, libiberty...) and
bootstrap stages. It seems quite platform specific, and the safest
approach to correcting this seems to be explicitly always specifying the
-march argument when bootstrapping GCC. Because the best choice 'native'
is not available when bootstrapping using a foreign (non GCC) compiler,
a guess is made according to rpmmacros l_platform in that case.
It is questionable as to whether these recent optimization changes
on the part of GCC or this package are compatible with each other,
or if either are complete or correct at all. At least applying these
corrections allows this package to build again in most cases test.
1 ##
2 ## nessus-tool.spec -- OpenPKG RPM Package Specification
3 ## Copyright (c) 2000-2008 OpenPKG Foundation e.V. <http://openpkg.net/>
4 ##
5 ## Permission to use, copy, modify, and distribute this software for
6 ## any purpose with or without fee is hereby granted, provided that
7 ## the above copyright notice and this permission notice appear in all
8 ## copies.
9 ##
10 ## THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
11 ## WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
12 ## MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
13 ## IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR
14 ## CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
15 ## SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
16 ## LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
17 ## USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
18 ## ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
19 ## OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
20 ## OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
21 ## SUCH DAMAGE.
22 ##
24 # package information
25 Name: nessus-tool
26 Summary: Nessus Security Scanner (Tool)
27 URL: http://www.nessus.org/
28 Vendor: Renaud Deraison
29 Packager: OpenPKG Foundation e.V.
30 Distribution: OpenPKG Community
31 Class: EVAL
32 Group: Monitoring
33 License: GPL
34 Version: 2.2.11
35 Release: 20090106
37 # package options
38 %option with_fsl yes
40 # list of sources
41 Source0: ftp://ftp.nessus.org/pub/nessus/nessus-%{version}/src/nessus-core-%{version}.tar.gz
42 Source1: ftp://ftp.nessus.org/pub/nessus/nessus-%{version}/src/nessus-plugins-GPL-%{version}.tar.gz
43 Source2: nessusd.conf
44 Source3: nessusd.rules
45 Source4: nessusd.users
46 Source5: rc.nessus
47 Source6: fsl.nessus
48 Patch0: nessus-tool.patch
50 # build information
51 Prefix: %{l_prefix}
52 BuildRoot: %{l_buildroot}
53 BuildPreReq: OpenPKG, openpkg >= 20060823, X11, gcc, make
54 PreReq: OpenPKG, openpkg >= 20060823, X11
55 BuildPreReq: nessus-libs, glib2, gtk2, openssl
56 PreReq: nessus-libs, glib2, gtk2, openssl
57 %if "%{with_fsl}" == "yes"
58 BuildPreReq: fsl >= 1.3.0
59 PreReq: fsl >= 1.3.0
60 %endif
61 AutoReq: no
62 AutoReqProv: no
64 %description
65 This is the Tool package of the Nessus Security Scanner, a security
66 scanner which will audit remotely a given network and determine
67 whether attackers may break into it, or misuse it in some way.
69 %track
70 prog nessus-tool:nessus-core = {
71 version = %{version}
72 url = ftp://ftp.nessus.org/pub/nessus/
73 regex = (nessus-\d+\.\d+\.\d+[a-z]?)
74 url = ftp://ftp.nessus.org/pub/nessus/__NEWVER__/src/
75 regex = nessus-core-(__VER__)\.tar\.gz
76 }
77 prog nessus-tool:nessus-plugins = {
78 version = %{version}
79 url = ftp://ftp.nessus.org/pub/nessus/
80 regex = (nessus-\d+\.\d+\.\d+[a-z]?)
81 url = ftp://ftp.nessus.org/pub/nessus/__NEWVER__/src/
82 regex = nessus-core-(__VER__)\.tar\.gz
83 }
85 %prep
86 %setup -q -c
87 %setup -q -T -D -a 1
88 %patch -p0
89 %{l_shtool} subst \
90 -e 's;\(for scripts in scripts/\*\.nasl\) scripts/\*\.nbin;\1;' \
91 -e 's;\(for scripts in scripts/\*\.inc\) scripts/\*\.nlib;\1;' \
92 nessus-plugins/Makefile
94 %build
95 # build nessus-core part
96 ( cd nessus-core
97 CC="%{l_cc}" \
98 CFLAGS="%{l_cflags -O}" \
99 CPPFLAGS="%{l_cppflags}" \
100 LDFLAGS="%{l_fsl_ldflags}" \
101 LIBS="%{l_fsl_libs}" \
102 ./configure \
103 --prefix=%{l_prefix} \
104 --localstatedir=%{l_prefix}/var \
105 --sharedstatedir=%{l_prefix}/var \
106 --enable-unix-socket=%{l_prefix}/var/nessus/nessusd.socket \
107 --disable-syslog \
108 --with-x \
109 --x-includes=`%{l_rc} --query x11_incdir` \
110 --x-libraries=`%{l_rc} --query x11_libdir` \
111 --enable-save-sessions \
112 --enable-save-kb \
113 --enable-release
114 %{l_make} %{l_mflags}
115 ) || exit $?
117 # temporarily install nessus-core for nessus-plugins building
118 nessus_core=`pwd`/nessus-core
119 ( cd nessus-core
120 %{l_make} %{l_mflags} \
121 install DESTDIR=${nessus_core}/tmp
122 ) || exit $?
124 # build nessus-plugins part
125 ( cd nessus-plugins
126 CC="%{l_cc}" \
127 CFLAGS="-I${nessus_core}/tmp%{l_prefix}/include/nessus %{l_cflags -O}" \
128 CPPFLAGS="-I${nessus_core}/tmp%{l_prefix}/include/nessus %{l_cppflags}" \
129 LDFLAGS="%{l_fsl_ldflags}" \
130 LIBS="%{l_fsl_libs}" \
131 ./configure \
132 --prefix=%{l_prefix} \
133 --enable-install="`%{l_shtool} echo -e %u`" \
134 --enable-shared
135 %{l_shtool} subst \
136 -e 's;getinterfaces;local_getinterfaces;g' \
137 -e 's;routethrough;local_routethrough;g' \
138 -e 's;ipaddr2devname;local_ipaddr2devname;g' \
139 -e 's;islocalhost;local_islocalhost;g' \
140 -e 's;get_random_bytes;local_get_random_bytes;g' \
141 -e 's;getsourceip;local_getsourceip;g' \
142 plugins/nmap_osfingerprint/*.[ch]
143 %{l_make} %{l_mflags}
144 ) || exit $?
146 %install
147 rm -rf $RPM_BUILD_ROOT
149 %{l_shtool} mkdir -f -p -m 755 \
150 $RPM_BUILD_ROOT%{l_prefix}/bin
152 # install nessus-core part
153 ( cd nessus-core
154 %{l_make} %{l_mflags} install DESTDIR=$RPM_BUILD_ROOT
155 ) || exit $?
157 # install nessus-plugins part
158 ( cd nessus-plugins
159 %{l_make} %{l_mflags} install DESTDIR=$RPM_BUILD_ROOT
160 ) || exit $?
162 # strip down installation
163 strip $RPM_BUILD_ROOT%{l_prefix}/bin/* >/dev/null 2>&1 || true
165 # install default configuration
166 %{l_shtool} install -c -m 644 %{l_value -s -a} \
167 %{SOURCE nessusd.conf} \
168 %{SOURCE nessusd.rules} \
169 %{SOURCE nessusd.users} \
170 $RPM_BUILD_ROOT%{l_prefix}/etc/nessus/
172 # install run-command script
173 %{l_shtool} mkdir -f -p -m 755 \
174 $RPM_BUILD_ROOT%{l_prefix}/etc/fsl \
175 $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d
176 %{l_shtool} install -c -m 755 %{l_value -s -a} \
177 %{SOURCE rc.nessus} $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d/
178 %{l_shtool} install -c -m 644 %{l_value -s -a} \
179 %{SOURCE fsl.nessus} $RPM_BUILD_ROOT%{l_prefix}/etc/fsl/
181 # determine installation files
182 %{l_rpmtool} files -v -ofiles -r$RPM_BUILD_ROOT \
183 %{l_files_std} \
184 '%config %{l_prefix}/etc/fsl/fsl.nessus' \
185 '%config %{l_prefix}/etc/nessus/*' \
186 '%config %attr(0600,%{l_musr},%{l_mgrp}) %{l_prefix}/etc/nessus/nessusd.conf'
188 %files -f files
190 %clean
191 rm -rf $RPM_BUILD_ROOT
193 %post
194 # after upgrade, restart service
195 if [ $1 -eq 2 ]; then
196 eval `%{l_rc} nessus status 2>/dev/null`
197 [ ".$nessus_active" = .yes ] && %{l_rc} nessus restart
198 fi
200 # on every install, announce certificate
201 if [ $1 -le 2 ]; then
202 if [ ! -f $RPM_INSTALL_PREFIX/var/nessus/CA/servercert.pem ]; then
203 ( echo "For the SSL/TLS based remote client/server connections"
204 echo "between the Nessus server and the Nessus clients, an"
205 echo "X.509 server certificate/key pair is needed. Run the"
206 echo "following command to create it once:"
207 echo " \$ $RPM_INSTALL_PREFIX/sbin/nessus-mkcert"
208 ) | %{l_rpmtool} msg -b -t info
209 fi
210 fi
212 # on initial install, announce useradd
213 if [ $1 -eq 1 ]; then
214 ( echo "Each Nessus user has to be created on the Nessus server"
215 echo "Run the following command to create an individual user:"
216 echo " \$ $RPM_INSTALL_PREFIX/sbin/nessus-adduser"
217 ) | %{l_rpmtool} msg -b -t info
218 fi
219 exit 0
221 %preun
222 # before erase, stop service and remove log files
223 if [ $1 -eq 0 ]; then
224 %{l_rc} nessus stop 2>/dev/null
225 rm -f $RPM_INSTALL_PREFIX/var/nessus/logs/*.log* >/dev/null 2>&1 || true
226 fi
227 exit 0
