diff -r 8dba60127214 -r 8db7071256b6 nessus-tool/nessus-tool.spec --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/nessus-tool/nessus-tool.spec Fri Jan 16 22:39:09 2009 +0100 @@ -0,0 +1,224 @@ +## +## nessus-tool.spec -- OpenPKG RPM Package Specification +## Copyright (c) 2000-2008 OpenPKG Foundation e.V. +## +## Permission to use, copy, modify, and distribute this software for +## any purpose with or without fee is hereby granted, provided that +## the above copyright notice and this permission notice appear in all +## copies. +## +## THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED +## WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +## MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +## IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR +## CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +## SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +## LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF +## USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND +## ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +## OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT +## OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +## SUCH DAMAGE. +## + +# package information +Name: nessus-tool +Summary: Nessus Security Scanner (Tool) +URL: http://www.nessus.org/ +Vendor: Renaud Deraison +Packager: OpenPKG Foundation e.V. +Distribution: OpenPKG Community +Class: EVAL +Group: Monitoring +License: GPL +Version: 2.2.11 +Release: 20081120 + +# package options +%option with_fsl yes + +# list of sources +Source0: ftp://ftp.nessus.org/pub/nessus/nessus-%{version}/src/nessus-core-%{version}.tar.gz +Source1: ftp://ftp.nessus.org/pub/nessus/nessus-%{version}/src/nessus-plugins-GPL-%{version}.tar.gz +Source2: nessusd.conf +Source3: nessusd.rules +Source4: nessusd.users +Source5: rc.nessus +Source6: fsl.nessus +Patch0: nessus-tool.patch + +# build information +Prefix: %{l_prefix} +BuildRoot: %{l_buildroot} +BuildPreReq: OpenPKG, openpkg >= 20060823, X11, gcc, make +PreReq: OpenPKG, openpkg >= 20060823, X11 +BuildPreReq: nessus-libs, glib2, gtk2, openssl +PreReq: nessus-libs, glib2, gtk2, openssl +%if "%{with_fsl}" == "yes" +BuildPreReq: fsl >= 1.3.0 +PreReq: fsl >= 1.3.0 +%endif +AutoReq: no +AutoReqProv: no + +%description + This is the Tool package of the Nessus Security Scanner, a security + scanner which will audit remotely a given network and determine + whether attackers may break into it, or misuse it in some way. + +%track + prog nessus-tool:nessus-core = { + version = %{version} + url = ftp://ftp.nessus.org/pub/nessus/ + regex = (nessus-\d+\.\d+\.\d+[a-z]?) + url = ftp://ftp.nessus.org/pub/nessus/__NEWVER__/src/ + regex = nessus-core-(__VER__)\.tar\.gz + } + prog nessus-tool:nessus-plugins = { + version = %{version} + url = ftp://ftp.nessus.org/pub/nessus/ + regex = (nessus-\d+\.\d+\.\d+[a-z]?) + url = ftp://ftp.nessus.org/pub/nessus/__NEWVER__/src/ + regex = nessus-core-(__VER__)\.tar\.gz + } + +%prep + %setup -q -c + %setup -q -T -D -a 1 + %patch -p0 + +%build + # build nessus-core part + ( cd nessus-core + CC="%{l_cc}" \ + CFLAGS="%{l_cflags -O}" \ + CPPFLAGS="%{l_cppflags}" \ + LDFLAGS="%{l_fsl_ldflags}" \ + LIBS="%{l_fsl_libs}" \ + ./configure \ + --prefix=%{l_prefix} \ + --localstatedir=%{l_prefix}/var \ + --sharedstatedir=%{l_prefix}/var \ + --enable-unix-socket=%{l_prefix}/var/nessus/nessusd.socket \ + --disable-syslog \ + --with-x \ + --x-includes=`%{l_rc} --query x11_incdir` \ + --x-libraries=`%{l_rc} --query x11_libdir` \ + --enable-save-sessions \ + --enable-save-kb \ + --enable-release + %{l_make} %{l_mflags} + ) || exit $? + + # temporarily install nessus-core for nessus-plugins building + nessus_core=`pwd`/nessus-core + ( cd nessus-core + %{l_make} %{l_mflags} \ + install DESTDIR=${nessus_core}/tmp + ) || exit $? + + # build nessus-plugins part + ( cd nessus-plugins + CC="%{l_cc}" \ + CFLAGS="-I${nessus_core}/tmp%{l_prefix}/include/nessus %{l_cflags -O}" \ + CPPFLAGS="-I${nessus_core}/tmp%{l_prefix}/include/nessus %{l_cppflags}" \ + LDFLAGS="%{l_fsl_ldflags}" \ + LIBS="%{l_fsl_libs}" \ + ./configure \ + --prefix=%{l_prefix} \ + --enable-install="`%{l_shtool} echo -e %u`" \ + --enable-shared + %{l_shtool} subst \ + -e 's;getinterfaces;local_getinterfaces;g' \ + -e 's;routethrough;local_routethrough;g' \ + -e 's;ipaddr2devname;local_ipaddr2devname;g' \ + -e 's;islocalhost;local_islocalhost;g' \ + -e 's;get_random_bytes;local_get_random_bytes;g' \ + -e 's;getsourceip;local_getsourceip;g' \ + plugins/nmap_osfingerprint/*.[ch] + %{l_make} %{l_mflags} + ) || exit $? + +%install + rm -rf $RPM_BUILD_ROOT + + %{l_shtool} mkdir -f -p -m 755 \ + $RPM_BUILD_ROOT%{l_prefix}/bin + + # install nessus-core part + ( cd nessus-core + %{l_make} %{l_mflags} install DESTDIR=$RPM_BUILD_ROOT + ) || exit $? + + # install nessus-plugins part + ( cd nessus-plugins + %{l_make} %{l_mflags} install DESTDIR=$RPM_BUILD_ROOT + ) || exit $? + + # strip down installation + strip $RPM_BUILD_ROOT%{l_prefix}/bin/* >/dev/null 2>&1 || true + + # install default configuration + %{l_shtool} install -c -m 644 %{l_value -s -a} \ + %{SOURCE nessusd.conf} \ + %{SOURCE nessusd.rules} \ + %{SOURCE nessusd.users} \ + $RPM_BUILD_ROOT%{l_prefix}/etc/nessus/ + + # install run-command script + %{l_shtool} mkdir -f -p -m 755 \ + $RPM_BUILD_ROOT%{l_prefix}/etc/fsl \ + $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d + %{l_shtool} install -c -m 755 %{l_value -s -a} \ + %{SOURCE rc.nessus} $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d/ + %{l_shtool} install -c -m 644 %{l_value -s -a} \ + %{SOURCE fsl.nessus} $RPM_BUILD_ROOT%{l_prefix}/etc/fsl/ + + # determine installation files + %{l_rpmtool} files -v -ofiles -r$RPM_BUILD_ROOT \ + %{l_files_std} \ + '%config %{l_prefix}/etc/fsl/fsl.nessus' \ + '%config %{l_prefix}/etc/nessus/*' \ + '%config %attr(0600,%{l_musr},%{l_mgrp}) %{l_prefix}/etc/nessus/nessusd.conf' + +%files -f files + +%clean + rm -rf $RPM_BUILD_ROOT + +%post + # after upgrade, restart service + if [ $1 -eq 2 ]; then + eval `%{l_rc} nessus status 2>/dev/null` + [ ".$nessus_active" = .yes ] && %{l_rc} nessus restart + fi + + # on every install, announce certificate + if [ $1 -le 2 ]; then + if [ ! -f $RPM_INSTALL_PREFIX/var/nessus/CA/servercert.pem ]; then + ( echo "For the SSL/TLS based remote client/server connections" + echo "between the Nessus server and the Nessus clients, an" + echo "X.509 server certificate/key pair is needed. Run the" + echo "following command to create it once:" + echo " \$ $RPM_INSTALL_PREFIX/sbin/nessus-mkcert" + ) | %{l_rpmtool} msg -b -t info + fi + fi + + # on initial install, announce useradd + if [ $1 -eq 1 ]; then + ( echo "Each Nessus user has to be created on the Nessus server" + echo "Run the following command to create an individual user:" + echo " \$ $RPM_INSTALL_PREFIX/sbin/nessus-adduser" + ) | %{l_rpmtool} msg -b -t info + fi + exit 0 + +%preun + # before erase, stop service and remove log files + if [ $1 -eq 0 ]; then + %{l_rc} nessus stop 2>/dev/null + rm -f $RPM_INSTALL_PREFIX/var/nessus/logs/*.log* >/dev/null 2>&1 || true + fi + exit 0 +