michael@102: ## michael@102: ## nessus-tool.spec -- OpenPKG RPM Package Specification michael@102: ## Copyright (c) 2000-2008 OpenPKG Foundation e.V. michael@102: ## michael@102: ## Permission to use, copy, modify, and distribute this software for michael@102: ## any purpose with or without fee is hereby granted, provided that michael@102: ## the above copyright notice and this permission notice appear in all michael@102: ## copies. michael@102: ## michael@102: ## THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED michael@102: ## WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF michael@102: ## MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. michael@102: ## IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR michael@102: ## CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, michael@102: ## SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT michael@102: ## LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF michael@102: ## USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND michael@102: ## ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, michael@102: ## OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT michael@102: ## OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF michael@102: ## SUCH DAMAGE. michael@102: ## michael@102: michael@102: # package information michael@102: Name: nessus-tool michael@102: Summary: Nessus Security Scanner (Tool) michael@102: URL: http://www.nessus.org/ michael@102: Vendor: Renaud Deraison michael@102: Packager: OpenPKG Foundation e.V. michael@102: Distribution: OpenPKG Community michael@102: Class: EVAL michael@102: Group: Monitoring michael@102: License: GPL michael@102: Version: 2.2.11 michael@103: Release: 20090106 michael@102: michael@102: # package options michael@102: %option with_fsl yes michael@102: michael@102: # list of sources michael@102: Source0: ftp://ftp.nessus.org/pub/nessus/nessus-%{version}/src/nessus-core-%{version}.tar.gz michael@102: Source1: ftp://ftp.nessus.org/pub/nessus/nessus-%{version}/src/nessus-plugins-GPL-%{version}.tar.gz michael@102: Source2: nessusd.conf michael@102: Source3: nessusd.rules michael@102: Source4: nessusd.users michael@102: Source5: rc.nessus michael@102: Source6: fsl.nessus michael@102: Patch0: nessus-tool.patch michael@102: michael@102: # build information michael@102: Prefix: %{l_prefix} michael@102: BuildRoot: %{l_buildroot} michael@102: BuildPreReq: OpenPKG, openpkg >= 20060823, X11, gcc, make michael@102: PreReq: OpenPKG, openpkg >= 20060823, X11 michael@102: BuildPreReq: nessus-libs, glib2, gtk2, openssl michael@102: PreReq: nessus-libs, glib2, gtk2, openssl michael@102: %if "%{with_fsl}" == "yes" michael@102: BuildPreReq: fsl >= 1.3.0 michael@102: PreReq: fsl >= 1.3.0 michael@102: %endif michael@102: AutoReq: no michael@102: AutoReqProv: no michael@102: michael@102: %description michael@102: This is the Tool package of the Nessus Security Scanner, a security michael@102: scanner which will audit remotely a given network and determine michael@102: whether attackers may break into it, or misuse it in some way. michael@102: michael@102: %track michael@102: prog nessus-tool:nessus-core = { michael@102: version = %{version} michael@102: url = ftp://ftp.nessus.org/pub/nessus/ michael@102: regex = (nessus-\d+\.\d+\.\d+[a-z]?) michael@102: url = ftp://ftp.nessus.org/pub/nessus/__NEWVER__/src/ michael@102: regex = nessus-core-(__VER__)\.tar\.gz michael@102: } michael@102: prog nessus-tool:nessus-plugins = { michael@102: version = %{version} michael@102: url = ftp://ftp.nessus.org/pub/nessus/ michael@102: regex = (nessus-\d+\.\d+\.\d+[a-z]?) michael@102: url = ftp://ftp.nessus.org/pub/nessus/__NEWVER__/src/ michael@102: regex = nessus-core-(__VER__)\.tar\.gz michael@102: } michael@102: michael@102: %prep michael@102: %setup -q -c michael@102: %setup -q -T -D -a 1 michael@102: %patch -p0 michael@103: %{l_shtool} subst \ michael@103: -e 's;\(for scripts in scripts/\*\.nasl\) scripts/\*\.nbin;\1;' \ michael@103: -e 's;\(for scripts in scripts/\*\.inc\) scripts/\*\.nlib;\1;' \ michael@103: nessus-plugins/Makefile michael@102: michael@102: %build michael@102: # build nessus-core part michael@102: ( cd nessus-core michael@102: CC="%{l_cc}" \ michael@102: CFLAGS="%{l_cflags -O}" \ michael@102: CPPFLAGS="%{l_cppflags}" \ michael@102: LDFLAGS="%{l_fsl_ldflags}" \ michael@102: LIBS="%{l_fsl_libs}" \ michael@102: ./configure \ michael@102: --prefix=%{l_prefix} \ michael@102: --localstatedir=%{l_prefix}/var \ michael@102: --sharedstatedir=%{l_prefix}/var \ michael@102: --enable-unix-socket=%{l_prefix}/var/nessus/nessusd.socket \ michael@102: --disable-syslog \ michael@102: --with-x \ michael@102: --x-includes=`%{l_rc} --query x11_incdir` \ michael@102: --x-libraries=`%{l_rc} --query x11_libdir` \ michael@102: --enable-save-sessions \ michael@102: --enable-save-kb \ michael@102: --enable-release michael@102: %{l_make} %{l_mflags} michael@102: ) || exit $? michael@102: michael@102: # temporarily install nessus-core for nessus-plugins building michael@102: nessus_core=`pwd`/nessus-core michael@102: ( cd nessus-core michael@102: %{l_make} %{l_mflags} \ michael@102: install DESTDIR=${nessus_core}/tmp michael@102: ) || exit $? michael@102: michael@102: # build nessus-plugins part michael@102: ( cd nessus-plugins michael@102: CC="%{l_cc}" \ michael@102: CFLAGS="-I${nessus_core}/tmp%{l_prefix}/include/nessus %{l_cflags -O}" \ michael@102: CPPFLAGS="-I${nessus_core}/tmp%{l_prefix}/include/nessus %{l_cppflags}" \ michael@102: LDFLAGS="%{l_fsl_ldflags}" \ michael@102: LIBS="%{l_fsl_libs}" \ michael@102: ./configure \ michael@102: --prefix=%{l_prefix} \ michael@102: --enable-install="`%{l_shtool} echo -e %u`" \ michael@102: --enable-shared michael@102: %{l_shtool} subst \ michael@102: -e 's;getinterfaces;local_getinterfaces;g' \ michael@102: -e 's;routethrough;local_routethrough;g' \ michael@102: -e 's;ipaddr2devname;local_ipaddr2devname;g' \ michael@102: -e 's;islocalhost;local_islocalhost;g' \ michael@102: -e 's;get_random_bytes;local_get_random_bytes;g' \ michael@102: -e 's;getsourceip;local_getsourceip;g' \ michael@102: plugins/nmap_osfingerprint/*.[ch] michael@102: %{l_make} %{l_mflags} michael@102: ) || exit $? michael@102: michael@102: %install michael@102: rm -rf $RPM_BUILD_ROOT michael@102: michael@102: %{l_shtool} mkdir -f -p -m 755 \ michael@102: $RPM_BUILD_ROOT%{l_prefix}/bin michael@102: michael@102: # install nessus-core part michael@102: ( cd nessus-core michael@102: %{l_make} %{l_mflags} install DESTDIR=$RPM_BUILD_ROOT michael@102: ) || exit $? michael@102: michael@102: # install nessus-plugins part michael@102: ( cd nessus-plugins michael@102: %{l_make} %{l_mflags} install DESTDIR=$RPM_BUILD_ROOT michael@102: ) || exit $? michael@102: michael@102: # strip down installation michael@102: strip $RPM_BUILD_ROOT%{l_prefix}/bin/* >/dev/null 2>&1 || true michael@102: michael@102: # install default configuration michael@102: %{l_shtool} install -c -m 644 %{l_value -s -a} \ michael@102: %{SOURCE nessusd.conf} \ michael@102: %{SOURCE nessusd.rules} \ michael@102: %{SOURCE nessusd.users} \ michael@102: $RPM_BUILD_ROOT%{l_prefix}/etc/nessus/ michael@102: michael@102: # install run-command script michael@102: %{l_shtool} mkdir -f -p -m 755 \ michael@102: $RPM_BUILD_ROOT%{l_prefix}/etc/fsl \ michael@102: $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d michael@102: %{l_shtool} install -c -m 755 %{l_value -s -a} \ michael@102: %{SOURCE rc.nessus} $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d/ michael@102: %{l_shtool} install -c -m 644 %{l_value -s -a} \ michael@102: %{SOURCE fsl.nessus} $RPM_BUILD_ROOT%{l_prefix}/etc/fsl/ michael@102: michael@102: # determine installation files michael@102: %{l_rpmtool} files -v -ofiles -r$RPM_BUILD_ROOT \ michael@102: %{l_files_std} \ michael@102: '%config %{l_prefix}/etc/fsl/fsl.nessus' \ michael@102: '%config %{l_prefix}/etc/nessus/*' \ michael@102: '%config %attr(0600,%{l_musr},%{l_mgrp}) %{l_prefix}/etc/nessus/nessusd.conf' michael@102: michael@102: %files -f files michael@102: michael@102: %clean michael@102: rm -rf $RPM_BUILD_ROOT michael@102: michael@102: %post michael@102: # after upgrade, restart service michael@102: if [ $1 -eq 2 ]; then michael@102: eval `%{l_rc} nessus status 2>/dev/null` michael@102: [ ".$nessus_active" = .yes ] && %{l_rc} nessus restart michael@102: fi michael@102: michael@102: # on every install, announce certificate michael@102: if [ $1 -le 2 ]; then michael@102: if [ ! -f $RPM_INSTALL_PREFIX/var/nessus/CA/servercert.pem ]; then michael@102: ( echo "For the SSL/TLS based remote client/server connections" michael@102: echo "between the Nessus server and the Nessus clients, an" michael@102: echo "X.509 server certificate/key pair is needed. Run the" michael@102: echo "following command to create it once:" michael@102: echo " \$ $RPM_INSTALL_PREFIX/sbin/nessus-mkcert" michael@102: ) | %{l_rpmtool} msg -b -t info michael@102: fi michael@102: fi michael@102: michael@102: # on initial install, announce useradd michael@102: if [ $1 -eq 1 ]; then michael@102: ( echo "Each Nessus user has to be created on the Nessus server" michael@102: echo "Run the following command to create an individual user:" michael@102: echo " \$ $RPM_INSTALL_PREFIX/sbin/nessus-adduser" michael@102: ) | %{l_rpmtool} msg -b -t info michael@102: fi michael@102: exit 0 michael@102: michael@102: %preun michael@102: # before erase, stop service and remove log files michael@102: if [ $1 -eq 0 ]; then michael@102: %{l_rc} nessus stop 2>/dev/null michael@102: rm -f $RPM_INSTALL_PREFIX/var/nessus/logs/*.log* >/dev/null 2>&1 || true michael@102: fi michael@102: exit 0 michael@102: