|
|
|
@ -0,0 +1,270 @@
|
|
|
|
|
# Notes about rpmlint
|
|
|
|
|
# - crypto-policy-non-compliance-gnutls-{1,2} fixed with patch
|
|
|
|
|
# prelude-manager-3.1.0-gnutls_priority_init.patch
|
|
|
|
|
|
|
|
|
|
Name: prelude-manager
|
|
|
|
|
Version: 3.1.0
|
|
|
|
|
Release: 1%{?dist}
|
|
|
|
|
Summary: Bus communicator for Prelude modules and other IDMEF agents
|
|
|
|
|
# Prelude is GPL-2.0+
|
|
|
|
|
# libmissing is LGPL-2.1+
|
|
|
|
|
License: GPLv2+
|
|
|
|
|
URL: http://www.prelude-siem.org/
|
|
|
|
|
Source0: https://www.prelude-siem.org/pkg/src/3.1.0/%{name}-%{version}.tar.gz
|
|
|
|
|
Source1: %{name}.service
|
|
|
|
|
Source2: %{name}-tmpfiles.conf
|
|
|
|
|
# https://www.prelude-siem.org/issues/862
|
|
|
|
|
Patch0: prelude-manager-3.1.0-gnutls_priority_init.patch
|
|
|
|
|
# https://www.prelude-siem.org/issues/870
|
|
|
|
|
Patch1: prelude-manager-3.1.0-fix_etc_perms.patch
|
|
|
|
|
|
|
|
|
|
BuildRequires: systemd
|
|
|
|
|
BuildRequires: libgcrypt-devel
|
|
|
|
|
BuildRequires: libgpg-error-devel
|
|
|
|
|
BuildRequires: pkgconfig(gnutls)
|
|
|
|
|
BuildRequires: pkgconfig(libprelude) >= %{version}
|
|
|
|
|
BuildRequires: pkgconfig(libxml-2.0)
|
|
|
|
|
BuildRequires: libpreludedb-devel >= %{version}
|
|
|
|
|
BuildRequires: tcp_wrappers-devel
|
|
|
|
|
|
|
|
|
|
%{?systemd_requires}
|
|
|
|
|
Requires: prelude-tools
|
|
|
|
|
Requires: tcp_wrappers
|
|
|
|
|
|
|
|
|
|
%ifnarch s390
|
|
|
|
|
BuildRequires: valgrind
|
|
|
|
|
%endif
|
|
|
|
|
|
|
|
|
|
# Upstream do not use explicit version of gnulib, just checkout
|
|
|
|
|
# and update files. In libprelude 3.1.0, the checkout has been done
|
|
|
|
|
# on 2016-06-16
|
|
|
|
|
Provides: bundled(gnulib) = 20160616
|
|
|
|
|
|
|
|
|
|
ExcludeArch: ppc64 ppc64le aarch64 armv7hl
|
|
|
|
|
|
|
|
|
|
%description
|
|
|
|
|
Prelude Manager is the main program of the Prelude SIEM suite. It is a
|
|
|
|
|
multithreaded server which handles connections from the Prelude modules. It is
|
|
|
|
|
able to register local or remote agents, let the operator configure them
|
|
|
|
|
remotely, receive alerts, and store alerts in a database or any format supported
|
|
|
|
|
by reporting plugins, thus providing centralized logging and analysis. The IDMEF
|
|
|
|
|
standard is used for alert representation. Support for filtering plugins allows
|
|
|
|
|
you to hook in different places in the Manager to define custom criteria for
|
|
|
|
|
alert logging.
|
|
|
|
|
|
|
|
|
|
%package db-plugin
|
|
|
|
|
Summary: Database report plugin for Prelude Manager
|
|
|
|
|
Requires: %{name}%{?_isa} = %{version}-%{release}
|
|
|
|
|
Suggests: preludedb-mysql
|
|
|
|
|
Suggests: preludedb-pgsql
|
|
|
|
|
Suggests: preludedb-sqlite3
|
|
|
|
|
|
|
|
|
|
%description db-plugin
|
|
|
|
|
This plugin allows prelude-manager to write to database.
|
|
|
|
|
|
|
|
|
|
%package xml-plugin
|
|
|
|
|
Summary: XML report plugin for Prelude Manager
|
|
|
|
|
Requires: %{name}%{?_isa} = %{version}-%{release}
|
|
|
|
|
|
|
|
|
|
%description xml-plugin
|
|
|
|
|
This plugin allows prelude-manager to log into XML files.
|
|
|
|
|
|
|
|
|
|
%package devel
|
|
|
|
|
Summary: Libraries, includes, etc. to develop Prelude Manager plugins
|
|
|
|
|
Requires: %{name}-db-plugin%{?_isa} = %{version}-%{release}
|
|
|
|
|
Requires: %{name}-xml-plugin%{?_isa} = %{version}-%{release}
|
|
|
|
|
Requires: %{name}%{?_isa} = %{version}-%{release}
|
|
|
|
|
|
|
|
|
|
%description devel
|
|
|
|
|
Devel headers for Prelude Manager.
|
|
|
|
|
|
|
|
|
|
%package doc
|
|
|
|
|
Summary: Documentation for prelude-manager
|
|
|
|
|
BuildArch: noarch
|
|
|
|
|
|
|
|
|
|
%description doc
|
|
|
|
|
Provides documentation for prelude-manager.
|
|
|
|
|
|
|
|
|
|
%prep
|
|
|
|
|
%autosetup -p1
|
|
|
|
|
|
|
|
|
|
%build
|
|
|
|
|
%configure \
|
|
|
|
|
--disable-static \
|
|
|
|
|
--enable-shared
|
|
|
|
|
%make_build
|
|
|
|
|
|
|
|
|
|
%install
|
|
|
|
|
%make_install
|
|
|
|
|
|
|
|
|
|
find %{buildroot} -name '*.la' -delete
|
|
|
|
|
|
|
|
|
|
mkdir -p %{buildroot}%{_localstatedir}/lib/%{name}
|
|
|
|
|
mkdir -p %{buildroot}%{_sysconfdir}/prelude/profile/%{name}
|
|
|
|
|
mkdir -p %{buildroot}%{_var}/spool/%{name}/scheduler
|
|
|
|
|
|
|
|
|
|
mkdir -p %{buildroot}%{_sbindir}
|
|
|
|
|
mv %{buildroot}%{_bindir}/%{name} %{buildroot}%{_sbindir}/%{name}
|
|
|
|
|
|
|
|
|
|
# Empty dir but kept by debuginfo
|
|
|
|
|
rm -rf src/.libs
|
|
|
|
|
|
|
|
|
|
# install init script
|
|
|
|
|
install -D -p -m 0644 %{SOURCE1} %{buildroot}%{_unitdir}/%{name}.service
|
|
|
|
|
|
|
|
|
|
# tmpfiles
|
|
|
|
|
mkdir -p %{buildroot}%{_tmpfilesdir}
|
|
|
|
|
install -m 0644 %{SOURCE2} %{buildroot}%{_tmpfilesdir}/%{name}.conf
|
|
|
|
|
mkdir -p %{buildroot}/run
|
|
|
|
|
install -d -m 0755 %{buildroot}/run/%{name}/
|
|
|
|
|
|
|
|
|
|
%check
|
|
|
|
|
make check
|
|
|
|
|
|
|
|
|
|
%post
|
|
|
|
|
%systemd_post %{name}.service
|
|
|
|
|
|
|
|
|
|
%preun
|
|
|
|
|
%systemd_preun %{name}.service
|
|
|
|
|
|
|
|
|
|
%postun
|
|
|
|
|
%systemd_postun_with_restart %{name}.service
|
|
|
|
|
|
|
|
|
|
%files
|
|
|
|
|
%license COPYING HACKING.README
|
|
|
|
|
%doc README
|
|
|
|
|
%{_unitdir}/%{name}.service
|
|
|
|
|
%{_sbindir}/%{name}
|
|
|
|
|
%dir %{_libdir}/%{name}
|
|
|
|
|
%dir %{_libdir}/%{name}/decodes
|
|
|
|
|
%dir %{_libdir}/%{name}/filters
|
|
|
|
|
%dir %{_libdir}/%{name}/reports
|
|
|
|
|
%{_libdir}/%{name}/filters/idmef-criteria.so
|
|
|
|
|
%{_libdir}/%{name}/filters/thresholding.so
|
|
|
|
|
%{_libdir}/%{name}/reports/debug.so
|
|
|
|
|
%{_libdir}/%{name}/reports/smtp.so
|
|
|
|
|
%{_libdir}/%{name}/reports/textmod.so
|
|
|
|
|
%{_libdir}/%{name}/decodes/normalize.so
|
|
|
|
|
%dir %{_var}/spool/%{name}
|
|
|
|
|
%dir %{_var}/spool/%{name}/scheduler
|
|
|
|
|
%dir /run/%{name}/
|
|
|
|
|
%{_tmpfilesdir}/%{name}.conf
|
|
|
|
|
%{_localstatedir}/lib/%{name}
|
|
|
|
|
%{_sysconfdir}/prelude/profile/%{name}
|
|
|
|
|
%dir %{_sysconfdir}/%{name}
|
|
|
|
|
%config(noreplace) %{_sysconfdir}/%{name}/*.conf
|
|
|
|
|
%{_mandir}/man1/%{name}.1*
|
|
|
|
|
|
|
|
|
|
%files db-plugin
|
|
|
|
|
%{_libdir}/%{name}/reports/db.so
|
|
|
|
|
|
|
|
|
|
%files xml-plugin
|
|
|
|
|
%{_libdir}/%{name}/reports/xmlmod.so
|
|
|
|
|
%dir %{_datadir}/%{name}/
|
|
|
|
|
%dir %{_datadir}/%{name}/xmlmod
|
|
|
|
|
%{_datadir}/%{name}/xmlmod/idmef-message.dtd
|
|
|
|
|
|
|
|
|
|
%files devel
|
|
|
|
|
%dir %{_includedir}/%{name}
|
|
|
|
|
%{_includedir}/%{name}/*.h
|
|
|
|
|
|
|
|
|
|
%files doc
|
|
|
|
|
%license COPYING HACKING.README
|
|
|
|
|
%doc AUTHORS COPYING ChangeLog HACKING.README NEWS README
|
|
|
|
|
%doc %{_docdir}/%{name}/smtp/template.example
|
|
|
|
|
|
|
|
|
|
%changelog
|
|
|
|
|
* Sun Jan 29 2017 Thomas Andrejak <thomas.andrejak@gmail.com> - 3.1.0-1
|
|
|
|
|
- Bump version
|
|
|
|
|
|
|
|
|
|
* Mon Mar 11 2013 Steve Grubb <sgrubb@redhat.com> - 1.0.1-7
|
|
|
|
|
- Add -i to autoreconf so it adds the test-driver script
|
|
|
|
|
- Add libtool-ltdl-devel BuildRequires
|
|
|
|
|
|
|
|
|
|
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1:1.0.1-6
|
|
|
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
|
|
|
|
|
|
|
|
|
|
* Fri Sep 07 2012 Steve Grubb <sgrubb@redhat.com> - 1.0.1-5
|
|
|
|
|
- Add provides bundled gnulib
|
|
|
|
|
- Switch to systemd startup
|
|
|
|
|
|
|
|
|
|
* Sat Jul 21 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1:1.0.1-4
|
|
|
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
|
|
|
|
|
|
|
|
|
|
* Sat Jan 14 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1:1.0.1-3
|
|
|
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
|
|
|
|
|
|
|
|
|
|
* Fri Mar 25 2011 Steve Grubb <sgrubb@redhat.com> 1.0.1-2
|
|
|
|
|
- Disable pie patch for now
|
|
|
|
|
|
|
|
|
|
* Thu Mar 24 2011 Steve Grubb <sgrubb@redhat.com> 1.0.1-1
|
|
|
|
|
- new upstream version
|
|
|
|
|
|
|
|
|
|
* Wed Feb 09 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1:1.0.0-4
|
|
|
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
|
|
|
|
|
|
|
|
|
|
* Sun May 02 2010 Steve Grubb <sgrubb@redhat.com> 1.0.0-3
|
|
|
|
|
- Fix requires
|
|
|
|
|
|
|
|
|
|
* Fri Apr 30 2010 Steve Grubb <sgrubb@redhat.com> 1.0.0-2
|
|
|
|
|
- new upstream version
|
|
|
|
|
|
|
|
|
|
* Sat Jan 30 2010 Steve Grubb <sgrubb@redhat.com> 1.0.0rc1-1
|
|
|
|
|
- new upstream version
|
|
|
|
|
|
|
|
|
|
* Sun Jul 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.9.15-2
|
|
|
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
|
|
|
|
|
|
|
|
|
|
* Fri Jul 10 2009 Steve Grubb <sgrubb@redhat.com> 0.9.15-1
|
|
|
|
|
- new upstream version
|
|
|
|
|
|
|
|
|
|
* Wed Apr 22 2009 Steve Grubb <sgrubb@redhat.com> 0.9.14.2-3
|
|
|
|
|
- Adjusted permissions on dirs and conf files
|
|
|
|
|
|
|
|
|
|
* Thu Feb 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.9.14.2-2
|
|
|
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
|
|
|
|
|
|
|
|
|
|
* Wed Aug 27 2008 Steve Grubb <sgrubb@redhat.com> 0.9.14.2-1
|
|
|
|
|
- new upstream version
|
|
|
|
|
|
|
|
|
|
* Mon Jul 21 2008 Steve Grubb <sgrubb@redhat.com> 0.9.14-1
|
|
|
|
|
- new upstream version
|
|
|
|
|
|
|
|
|
|
* Fri Jun 27 2008 Steve Grubb <sgrubb@redhat.com> 0.9.13-1
|
|
|
|
|
- new upstream version 0.9.13
|
|
|
|
|
- Prelude-Manager-SMTP plugin is now included
|
|
|
|
|
|
|
|
|
|
* Tue Jun 24 2008 Steve Grubb <sgrubb@redhat.com> 0.9.12.1-2
|
|
|
|
|
- add prelude-manager user
|
|
|
|
|
|
|
|
|
|
* Fri May 02 2008 Steve Grubb <sgrubb@redhat.com> 0.9.12.1-1
|
|
|
|
|
- new upstream version 0.9.12.1
|
|
|
|
|
|
|
|
|
|
* Thu Apr 24 2008 Steve Grubb <sgrubb@redhat.com> 0.9.12-1
|
|
|
|
|
- new upstream version 0.9.12
|
|
|
|
|
|
|
|
|
|
* Mon Jan 14 2008 Steve Grubb <sgrubb@redhat.com> 0.9.10-1
|
|
|
|
|
- new upstream version 0.9.10
|
|
|
|
|
|
|
|
|
|
* Thu Feb 08 2007 Thorsten Scherf <tscherf@redhat.com> 0.9.7.1-4
|
|
|
|
|
- fixed Prelude trac #193
|
|
|
|
|
|
|
|
|
|
* Sun Jan 07 2007 Thorsten Scherf <tscherf@redhat.com> 0.9.7.1-3
|
|
|
|
|
- added tcp-wrapper support
|
|
|
|
|
- fixed dirowner and permissions problem
|
|
|
|
|
|
|
|
|
|
* Fri Jan 05 2007 Thorsten Scherf <tscherf@redhat.com> 0.9.7.1-2
|
|
|
|
|
- fixed encoding problems
|
|
|
|
|
- changed dirowner
|
|
|
|
|
- resolved dependency problems
|
|
|
|
|
|
|
|
|
|
* Sat Dec 30 2006 Thorsten Scherf <tscherf@redhat.com> 0.9.7.1-1
|
|
|
|
|
- moved to new upstream version 0.9.7.1
|
|
|
|
|
- changed dirowner
|
|
|
|
|
|
|
|
|
|
* Mon Nov 20 2006 Thorsten Scherf <tscherf@redhat.com> 0.9.6.1-2
|
|
|
|
|
- Some minor fixes in requirements
|
|
|
|
|
|
|
|
|
|
* Tue Oct 24 2006 Thorsten Scherf <tscherf@redhat.com> 0.9.6.1-1
|
|
|
|
|
- New Fedora build based on release 0.9.6.1
|
|
|
|
|
|