[bro] - update to new upstream version
Daniel Kopeček
mildew at fedoraproject.org
Thu Sep 16 13:34:03 UTC 2010
commit 632cc3bb160a3caf584120fd7da9e703d1f83017
Author: Daniel Kopecek <dkopecek at redhat.com>
Date: Thu Sep 16 15:33:49 2010 +0200
- update to new upstream version
.gitignore | 1 +
bro-1.5.1-broctlfix.patch | 30 ++++
bro-1.5.1-configure.patch | 56 +++++++
bro-1.5.1-etcfix.patch | 61 ++++++++
bro-1.5.1-eth0.patch | 9 ++
...080804-openssl.patch => bro-1.5.1-openssl.patch | 24 ++--
bro-20080804.cfg => bro-1.5.cfg | 0
bro-20080804.rc => bro-1.5.rc | 45 +++---
bro-20080804-configure-opt-check.patch | 16 --
bro-20080804-configurein.patch | 21 ---
bro-20080804-installpolicy.patch | 43 ------
bro.spec | 152 +++++++++++++++-----
sources | 2 +-
13 files changed, 308 insertions(+), 152 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index 2ed0b9b..010b2bc 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,2 @@
bro-20080804.tgz
+/bro-1.5-release.tar.gz
diff --git a/bro-1.5.1-broctlfix.patch b/bro-1.5.1-broctlfix.patch
new file mode 100644
index 0000000..baebe4f
--- /dev/null
+++ b/bro-1.5.1-broctlfix.patch
@@ -0,0 +1,30 @@
+diff -up bro-1.5.1/aux/broctl/bin/broctl.in.broctlfix bro-1.5.1/aux/broctl/bin/broctl.in
+--- bro-1.5.1/aux/broctl/bin/broctl.in.broctlfix 2010-09-15 16:42:40.600187881 +0200
++++ bro-1.5.1/aux/broctl/bin/broctl.in 2010-09-15 16:42:04.969208957 +0200
+@@ -37,7 +37,7 @@ StandAlone = $STANDALONE
+ # Adjust the PYTHONPATH. (If we're installing the make-wrapper will have already
+ # set it correctly.)
+ if not "BROCTL_INSTALL" in os.environ:
+- sys.path = [os.path.join(BroBase, "lib/broctl")] + sys.path
++ sys.path = [os.path.join(BroBase, "%LIB_DIR%/broctl")] + sys.path
+
+ # We need to add the directory of the Broccoli library files
+ # to the linker's runtime search path. This is hack which
+@@ -47,7 +47,7 @@ if platform.system() == "Darwin":
+ ldpath = "DYLD_LIBRARY_PATH"
+
+ old = os.environ.get(ldpath)
+-dir = os.path.join(BroBase, "lib")
++dir = "%LIB_DIR%"
+ if not old or not dir in old:
+ if old:
+ path = "%s:%s" % (dir, old)
+@@ -708,7 +708,7 @@ from BroControl import control
+ from BroControl import cron
+ from BroControl.config import Config
+
+-Config = config.Configuration("etc/broctl.cfg", BroBase, BroDist, Version, StandAlone)
++Config = config.Configuration("%SYSCONF_DIR%/bro/broctl.cfg", BroBase, BroDist, Version, StandAlone)
+
+ util.enableSignals()
+
diff --git a/bro-1.5.1-configure.patch b/bro-1.5.1-configure.patch
new file mode 100644
index 0000000..9a355df
--- /dev/null
+++ b/bro-1.5.1-configure.patch
@@ -0,0 +1,56 @@
+diff -up bro-1.5.1/configure.orig bro-1.5.1/configure
+--- bro-1.5.1/configure.orig 2009-12-19 00:18:58.000000000 +0100
++++ bro-1.5.1/configure 2010-09-08 13:14:10.555260941 +0200
+@@ -4299,29 +4299,29 @@ else
+ nbdns="yes"
+ fi;
+
+-set |
+- sed -n -e 's/^enable_\([^=]*\)=[^=]*$/\1/p' |
+- while read var; do
+- ok=0
+- for o in option_checking activemapping binpac broccoli brov6 debug \
+- expire_dfa_states gtk_doc int64 openssl perftools perl \
+- select_loop shippedpcap broctl cluster nbdns; do
+- if test "${o}" = "${var}" ; then
+- ok=1
+- break
+- fi
+- done
+- if test ${ok} -eq 0 ; then
+- # It's hard to kill configure script from subshell!
+- { { echo "$as_me:$LINENO: error: unknown enable option: ${var}" >&5
+-echo "$as_me: error: unknown enable option: ${var}" >&2;}
+- { (exit 1); exit 1; }; }
+- exit 1
+- fi
+- done
+- if test $? -ne 0 ; then
+- exit 1
+- fi
++#set |
++# sed -n -e 's/^enable_\([^=]*\)=[^=]*$/\1/p' |
++# while read var; do
++# ok=0
++# for o in option_checking activemapping binpac broccoli brov6 debug \
++# expire_dfa_states gtk_doc int64 openssl perftools perl \
++# select_loop shippedpcap broctl cluster nbdns; do
++# if test "${o}" = "${var}" ; then
++# ok=1
++# break
++# fi
++# done
++# if test ${ok} -eq 0 ; then
++# # It's hard to kill configure script from subshell!
++# { { echo "$as_me:$LINENO: error: unknown enable option: ${var}" >&5
++#echo "$as_me: error: unknown enable option: ${var}" >&2;}
++# { (exit 1); exit 1; }; }
++# exit 1
++# fi
++# done
++# if test $? -ne 0 ; then
++# exit 1
++# fi
+
+
+ if test "$use_openssl" != "no" -a "$use_openssl" != "NO"; then
diff --git a/bro-1.5.1-etcfix.patch b/bro-1.5.1-etcfix.patch
new file mode 100644
index 0000000..712d200
--- /dev/null
+++ b/bro-1.5.1-etcfix.patch
@@ -0,0 +1,61 @@
+diff -up bro-1.5.1/aux/broctl/BroControl/options.py.etcfix bro-1.5.1/aux/broctl/BroControl/options.py
+--- bro-1.5.1/aux/broctl/BroControl/options.py.etcfix 2009-09-24 21:18:19.000000000 +0200
++++ bro-1.5.1/aux/broctl/BroControl/options.py 2010-09-16 13:57:14.179198747 +0200
+@@ -31,7 +31,7 @@ options = [
+ Option("DevMode", "0", "bool", Option.USER, False,
+ "Enable development mode, which changes how things are installed by the _install_ command."),
+
+- Option("LogDir", "${BroBase}/logs", "string", Option.USER, False,
++ Option("LogDir", "BRO_LOGDIR", "string", Option.USER, False,
+ "Directory for archived log files."),
+
+ Option("SendMail", "1", "bool", Option.USER, False,
+@@ -118,34 +118,34 @@ options = [
+ Option("HaveBroccoli", "", "bool", Option.AUTOMATIC, False,
+ "True if Broccoli interface is available."),
+
+- Option("BinDir", "${BroBase}/bin", "string", Option.AUTOMATIC, False,
++ Option("BinDir", "BRO_BINDIR", "string", Option.AUTOMATIC, False,
+ "Directory for executable files."),
+- Option("ScriptsDir", "${BroBase}/share/broctl/scripts", "string", Option.AUTOMATIC, False,
++ Option("ScriptsDir", "BROCTL_SCRIPTSDIR", "string", Option.AUTOMATIC, False,
+ "Directory for executable scripts shipping as part of broctl."),
+- Option("PostProcDir", "${BroBase}/share/broctl/scripts/postprocessors", "string", Option.AUTOMATIC, False,
++ Option("PostProcDir", "BROCTL_POSTPROCDIR", "string", Option.AUTOMATIC, False,
+ "Directory for log postprocessors."),
+- Option("HelperDir", "${BroBase}/share/broctl/scripts/helpers", "string", Option.AUTOMATIC, False,
++ Option("HelperDir", "BROCTL_HELPERDIR", "string", Option.AUTOMATIC, False,
+ "Directory for broctl helper scripts."),
+- Option("CfgDir", "${BroBase}/etc", "string", Option.AUTOMATIC, False,
++ Option("CfgDir", "BRO_CFGDIR", "string", Option.AUTOMATIC, False,
+ "Directory for configuration files."),
+- Option("SpoolDir", "${BroBase}/spool", "string", Option.AUTOMATIC, False,
++ Option("SpoolDir", "BRO_SPOOLDIR", "string", Option.AUTOMATIC, False,
+ "Directory for run-time data."),
+- Option("PolicyDir", "${BroBase}/share/bro", "string", Option.AUTOMATIC, False,
++ Option("PolicyDir", "BRO_POLICYDIR", "string", Option.AUTOMATIC, False,
+ "Directory for standard policy files."),
+- Option("StaticDir", "${BroBase}/share/broctl", "string", Option.AUTOMATIC, False,
++ Option("StaticDir", "BROCTL_STATICDIR", "string", Option.AUTOMATIC, False,
+ "Directory for static, arch-independent files."),
+- Option("TemplateDir", "${BroBase}/share/broctl/templates", "string", Option.AUTOMATIC, False,
++ Option("TemplateDir", "BROCTL_TEMPLATEDIR", "string", Option.AUTOMATIC, False,
+ "Directory where the *.in templates are copied into."),
+
+- Option("LibDir", "${BroBase}/lib", "string", Option.AUTOMATIC, False,
++ Option("LibDir", "BRO_LIBDIR", "string", Option.AUTOMATIC, False,
+ "Directory for library files."),
+- Option("LibDirInternal", "${BroBase}/lib/broctl", "string", Option.AUTOMATIC, False,
++ Option("LibDirInternal", "BROCTL_LIBDIR", "string", Option.AUTOMATIC, False,
+ "Directory for broctl-specific library files."),
+- Option("TmpDir", "${SpoolDir}/tmp", "string", Option.AUTOMATIC, False,
++ Option("TmpDir", "BRO_TMPDIR", "string", Option.AUTOMATIC, False,
+ "Directory for temporary data."),
+- Option("TmpExecDir", "${SpoolDir}/tmp", "string", Option.AUTOMATIC, False,
++ Option("TmpExecDir", "BRO_TMPEXECDIR", "string", Option.AUTOMATIC, False,
+ "Directory where binaries are copied before execution."),
+- Option("StatsDir", "${LogDir}/stats", "string", Option.AUTOMATIC, False,
++ Option("StatsDir", "BRO_STATSDIR", "string", Option.AUTOMATIC, False,
+ "Directory where statistics are kepts."),
+
+ Option("TraceSummary", "${bindir}/trace-summary", "string", Option.AUTOMATIC, False,
diff --git a/bro-1.5.1-eth0.patch b/bro-1.5.1-eth0.patch
new file mode 100644
index 0000000..f3df9f5
--- /dev/null
+++ b/bro-1.5.1-eth0.patch
@@ -0,0 +1,9 @@
+diff -up bro-1.5.1/aux/broctl/etc/node.cfg.standalone.in.eth0 bro-1.5.1/aux/broctl/etc/node.cfg.standalone.in
+--- bro-1.5.1/aux/broctl/etc/node.cfg.standalone.in.eth0 2010-09-16 14:14:59.815250965 +0200
++++ bro-1.5.1/aux/broctl/etc/node.cfg.standalone.in 2010-09-16 14:15:08.733261290 +0200
+@@ -6,4 +6,4 @@
+ [bro]
+ type=standalone
+ host=localhost
+-interface=em0
++interface=eth0
diff --git a/bro-20080804-openssl.patch b/bro-1.5.1-openssl.patch
similarity index 61%
rename from bro-20080804-openssl.patch
rename to bro-1.5.1-openssl.patch
index c6112f3..cff1edd 100644
--- a/bro-20080804-openssl.patch
+++ b/bro-1.5.1-openssl.patch
@@ -1,7 +1,7 @@
-diff -up bro-20080804/src/ssl-analyzer.pac.openssl bro-20080804/src/ssl-analyzer.pac
---- bro-20080804/src/ssl-analyzer.pac.openssl 2007-11-29 08:03:58.000000000 +0100
-+++ bro-20080804/src/ssl-analyzer.pac 2009-08-25 13:27:00.000000000 +0200
-@@ -379,7 +379,7 @@ refine analyzer SSLAnalyzer += {
+diff -up bro-1.5.1/src/ssl-analyzer.pac.openssl bro-1.5.1/src/ssl-analyzer.pac
+--- bro-1.5.1/src/ssl-analyzer.pac.openssl 2008-10-13 00:01:26.000000000 +0200
++++ bro-1.5.1/src/ssl-analyzer.pac 2010-09-08 13:36:04.179260819 +0200
+@@ -382,7 +382,7 @@ refine analyzer SSLAnalyzer += {
STACK_OF(X509)* untrusted_certs = 0;
if ( certificates->size() > 1 )
{
@@ -10,7 +10,7 @@ diff -up bro-20080804/src/ssl-analyzer.pac.openssl bro-20080804/src/ssl-analyzer
if ( ! untrusted_certs )
{
// X509_V_ERR_OUT_OF_MEM;
-@@ -402,7 +402,7 @@ refine analyzer SSLAnalyzer += {
+@@ -405,7 +405,7 @@ refine analyzer SSLAnalyzer += {
return false;
}
@@ -19,7 +19,7 @@ diff -up bro-20080804/src/ssl-analyzer.pac.openssl bro-20080804/src/ssl-analyzer
}
}
-@@ -414,7 +414,7 @@ refine analyzer SSLAnalyzer += {
+@@ -417,7 +417,7 @@ refine analyzer SSLAnalyzer += {
certificate_error(csc.error);
X509_STORE_CTX_cleanup(&csc);
@@ -28,10 +28,10 @@ diff -up bro-20080804/src/ssl-analyzer.pac.openssl bro-20080804/src/ssl-analyzer
}
X509_free(pCert);
-diff -up bro-20080804/src/X509.cc.openssl bro-20080804/src/X509.cc
---- bro-20080804/src/X509.cc.openssl 2006-10-07 04:20:48.000000000 +0200
-+++ bro-20080804/src/X509.cc 2009-08-25 13:25:19.000000000 +0200
-@@ -191,7 +191,7 @@ int X509_Cert::verifyChain(Contents_SSL*
+diff -up bro-1.5.1/src/X509.cc.openssl bro-1.5.1/src/X509.cc
+--- bro-1.5.1/src/X509.cc.openssl 2009-06-29 23:43:50.000000000 +0200
++++ bro-1.5.1/src/X509.cc 2010-09-08 13:36:04.180250612 +0200
+@@ -192,7 +192,7 @@ int X509_Cert::verifyChain(Contents_SSL*
// but in chain format).
// Init the stack.
@@ -40,7 +40,7 @@ diff -up bro-20080804/src/X509.cc.openssl bro-20080804/src/X509.cc
if ( ! untrustedCerts )
{
// Internal error allocating stack of untrusted certs.
-@@ -232,7 +232,7 @@ int X509_Cert::verifyChain(Contents_SSL*
+@@ -233,7 +233,7 @@ int X509_Cert::verifyChain(Contents_SSL*
else
// The remaining certificates (if any) are put into
// the list of untrusted certificates
@@ -49,7 +49,7 @@ diff -up bro-20080804/src/X509.cc.openssl bro-20080804/src/X509.cc
tempLength += certLength + 3;
}
-@@ -258,7 +258,7 @@ int X509_Cert::verifyChain(Contents_SSL*
+@@ -259,7 +259,7 @@ int X509_Cert::verifyChain(Contents_SSL*
// Free the stack, incuding. contents.
// FIXME: could this break Bro's memory tracking?
diff --git a/bro-20080804.cfg b/bro-1.5.cfg
similarity index 100%
rename from bro-20080804.cfg
rename to bro-1.5.cfg
diff --git a/bro-20080804.rc b/bro-1.5.rc
similarity index 79%
rename from bro-20080804.rc
rename to bro-1.5.rc
index d37d817..8130f02 100644
--- a/bro-20080804.rc
+++ b/bro-1.5.rc
@@ -23,6 +23,8 @@
. /etc/rc.d/init.d/functions
exec="/usr/bin/bro"
+broctl="/usr/bin/broctl"
+brohome="/"
prog="bro"
config="/etc/sysconfig/bro"
syslog_cmd="logger"
@@ -42,8 +44,9 @@ dexists () {
}
start() {
- [ -x $exec ] || exit 5
-
+ [ -x $exec ] || exit 5
+ [ -x $broctl ] || exit 5
+
[[ -f "${config}" && \
-w "${BROLOGS}" && \
-d "${BRO_BIN_DIR}" && \
@@ -85,26 +88,27 @@ start() {
echo -n $"Starting $prog: "
- "${exec}" ${cmd_opts} >> "${info_file}" 2>&1 &
+ #"${exec}" ${cmd_opts} >> "${info_file}" 2>&1 &
+ HOME="$brohome" "${broctl}" start >> /dev/null 2>&1
retval=$?
newpid=$!
- if [ "${retval}" = '0' -o -z "${retval}" ]; then
- for ((i=1; i < 11; i++)); do
- if [ -f "${info_file}" ]; then
- if [ -n "$(grep -E '^listening on' "${info_file}")" ]; then
- break
- fi
- fi
-
- # break now if the process returned a non-zero value
- if [ -n "${retval}" -a "${retval}" != '0' ]; then
- break
- fi
- sleep 1
- done
- fi
+ #if [ "${retval}" = '0' -o -z "${retval}" ]; then
+ # for ((i=1; i < 11; i++)); do
+ # if [ -f "${info_file}" ]; then
+ # if [ -n "$(grep -E '^listening on' "${info_file}")" ]; then
+ # break
+ # fi
+ # fi
+ #
+ # # break now if the process returned a non-zero value
+ # if [ -n "${retval}" -a "${retval}" != '0' ]; then
+ # break
+ # fi
+ # sleep 1
+ # done
+ #fi
if [ "${retval}" != '0' ]; then
${syslog_cmd} -t "${prog}" "Bro has failed to start."
@@ -125,7 +129,7 @@ start() {
stop() {
echo -n $"Stopping $prog: "
- killproc $prog
+ HOME="$brohome" "${broctl}" stop >> /dev/null 2>&1
retval=$?
echo
[ $retval -eq 0 ] && rm -f $lockfile
@@ -146,8 +150,7 @@ force_reload() {
}
rh_status() {
- # run checks to determine if the service is running or use generic status
- status $prog
+ HOME="$brohome" "${broctl}" status 2>&1 | grep running
}
rh_status_q() {
diff --git a/bro.spec b/bro.spec
index 38ce8a7..a3460fe 100644
--- a/bro.spec
+++ b/bro.spec
@@ -1,33 +1,35 @@
-%define snapshot 20080804
+%if ! (0%{?fedora} > 12 || 0%{?rhel} > 5)
+%{!?python_sitelib: %global python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print(get_python_lib())")}
+%{!?python_sitearch: %global python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print(get_python_lib(1))")}
+%endif
Summary: Open-source, Unix-based Network Intrusion Detection System
Name: bro
-Version: 1.4
-Release: 0.6.%{snapshot}svn%{?dist}
+Version: 1.5.1
+Release: 1
License: BSD
Group: Applications/Internet
URL: http://bro-ids.org
-# The source for this package was pulled from upstream's vcs. Use the
-# following commands to generate the tarball:
-# svn export -r 6043 http://svn.icir.org/bro/trunk/bro bro-%{snapshot}
-# tar -czvf bro-%{snapshot}.tgz bro-%{snapshot}
-
-Source0: bro-%{snapshot}.tgz
-Source1: bro-%{snapshot}.cfg
-Source2: bro-%{snapshot}.rc
-Patch0: bro-%{snapshot}-installpolicy.patch
-Patch1: bro-%{snapshot}-configurein.patch
-Patch2: bro-20080804-configure-opt-check.patch
-Patch3: bro-20080804-openssl.patch
+Source0: ftp://bro-ids.org/%{name}-1.5-release.tar.gz
+Source1: bro-1.5.cfg
+Source2: bro-1.5.rc
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
-BuildRequires: libpcap-devel openssl-devel zlib-devel ncurses-devel automake autoconf libtool flex bison file-devel bind-devel
+BuildRequires: libpcap-devel openssl-devel zlib-devel
+BuildRequires: ncurses-devel libtool flex bison byacc
+BuildRequires: file-devel bind-devel python2-devel python-tools
Requires(post): chkconfig
Requires(preun): chkconfig
Requires(preun): initscripts
+Patch1: bro-1.5.1-configure.patch
+Patch2: bro-1.5.1-openssl.patch
+Patch3: bro-1.5.1-etcfix.patch
+Patch4: bro-1.5.1-broctlfix.patch
+Patch5: bro-1.5.1-eth0.patch
+
%description
Bro is an open-source, Unix-based Network Intrusion Detection System (NIDS)
that passively monitors network traffic and looks for suspicious activity.
@@ -39,16 +41,39 @@ those defined in terms of events) and unusual activities (e.g., certain hosts
connecting to certain services, or patterns of failed connection attempts).
%prep
-%setup -q -n %{name}-%{snapshot}
-%patch0 -p1 -b .installpolicy
-%patch1 -p1 -b .configurein
-%patch2 -p1 -b .optcheck
-%patch3 -p1 -b .openssl
+%setup -q -n %{name}-%{version}
+%patch1 -p1 -b .configure
+%patch2 -p1 -b .openssl
+%patch3 -p1 -b .etcfix
+%patch4 -p1 -b .broctlfix
+%patch5 -p1 -b .eth0
+
+b="%{buildroot}"
+
+sed -ibak "s|BRO_BINDIR|$b%{_bindir}|g" aux/broctl/BroControl/options.py
+sed -ibak "s|BRO_CFGDIR|$b%{_sysconfdir}/bro|g" aux/broctl/BroControl/options.py
+sed -ibak "s|BRO_SPOOLDIR|$b%{_localstatedir}/spool/bro|g" aux/broctl/BroControl/options.py
+sed -ibak "s|BRO_POLICYDIR|$b%{_datadir}/bro|g" aux/broctl/BroControl/options.py
+sed -ibak "s|BRO_LIBDIR|$b%{_libdir}|g" aux/broctl/BroControl/options.py
+sed -ibak "s|BRO_TMPDIR|$b%{_localstatedir}/spool/bro/tmp|g" aux/broctl/BroControl/options.py
+sed -ibak "s|BRO_TMPEXECDIR|$b%{_localstatedir}/spool/bro/tmp|g" aux/broctl/BroControl/options.py
+sed -ibak "s|BRO_STATSDIR|$b%{_localstatedir}/log/bro/stats|g" aux/broctl/BroControl/options.py
+sed -ibak "s|BRO_LOGDIR|$b%{_localstatedir}/log/bro|g" aux/broctl/BroControl/options.py
+
+sed -ibak "s|BROCTL_LIBDIR|$b%{_libdir}/broctl|g" aux/broctl/BroControl/options.py
+sed -ibak "s|BROCTL_TEMPLATEDIR|$b%{_datadir}/broctl/templates|g" aux/broctl/BroControl/options.py
+sed -ibak "s|BROCTL_STATICDIR|$b%{_datadir}/broctl|g" aux/broctl/BroControl/options.py
+sed -ibak "s|BROCTL_SCRIPTSDIR|$b%{_datadir}/broctl/scripts|g" aux/broctl/BroControl/options.py
+sed -ibak "s|BROCTL_POSTPROCDIR|$b%{_datadir}/broctl/scripts/postprocessors|g" aux/broctl/BroControl/options.py
+sed -ibak "s|BROCTL_HELPERDIR|$b%{_datadir}/broctl/scripts/helpers|g" aux/broctl/BroControl/options.py
+
+sed -ibak "s|%LIB_DIR%|%{_libdir}|g" aux/broctl/bin/broctl.in
+sed -ibak "s|%SYSCONF_DIR%|%{_sysconfdir}|g" aux/broctl/bin/broctl.in
%build
-./autogen.sh
-%configure --enable-brov6 --disable-broccoli
-%{__make} %{?_smp_mflags} CFLAGS+="-I/usr/include/ncurses"
+%configure --enable-brov6 --enable-int64
+
+%{__make}
%install
rm -rf %{buildroot}
@@ -65,25 +90,35 @@ rm -rf %{buildroot}
%{__install} -d -m 755 %{buildroot}%{_localstatedir}/log/bro
%{__install} -d -m 755 %{buildroot}%{_localstatedir}/log/bro/archive
%{__install} -d -m 755 %{buildroot}%{_localstatedir}/log/bro/sorted-logs
+%{__install} -d -m 755 %{buildroot}%{_localstatedir}/log/bro/stats
+
+# Create spool dir
+%{__install} -d -m 755 %{buildroot}%{_localstatedir}/spool/bro
+%{__install} -d -m 755 %{buildroot}%{_localstatedir}/spool/bro/tmp
# Install scripts
-cd scripts/
+pushd scripts
%{__install} -d -m 755 %{buildroot}%{_datadir}/bro/scripts
-%{__install} -c -m 644 bro.rc-hooks.sh %{buildroot}%{_datadir}/bro/scripts/bro.rc-hooks.sh
+%{__install} -c -m 644 bro.rc-hooks.sh %{buildroot}%{_datadir}/bro/scripts/bro.rc-hooks.sh
%{__install} -D -c -m 755 %{SOURCE2} %{buildroot}%{_initrddir}/bro
-%{__install} -d -m 755 %{buildroot}%{_datadir}/bro/scripts/s2b
-%{__install} -c -m 755 snort2bro/snort2bro %{buildroot}%{_datadir}/bro/scripts/s2b/snort2bro
-%{__install} -c -m 644 snort2bro/snort2bro.cfg %{buildroot}%{_datadir}/bro/scripts/s2b/snort2bro.cfg
-cd ..
+#%{__install} -c -m 755 mail_reports.sh %{buildroot}%{_datadir}/bro/scripts/mail_reports.sh
+#%{__install} -c -m 755 mail_notice.sh %{buildroot}%{_datadir}/bro/scripts/mail_notice.sh
+#%{__install} -c -m 755 bro_log_compress.sh %{buildroot}%{_datadir}/bro/scripts/bro_log_compress.sh
+popd
-# Install bifs
-#%{__install} -d -m 755 %{buildroot}%{_datadir}/bro/bif
-#cd src/
-#for bif in $(ls *.bif.bro); do
-# %{__install} -c -m 644 ${bif} %{buildroot}%{_datadir}/bro/bif/${bif}
-#done
-#cd ..
+pushd aux/scripts
+# Excluded host-grep mon-report because they require /bin/csh
+for aux_script in bro-logchk.pl ca-create ca-issue host-to-addrs hot-report ip-grep lock_file mvlog; do
+ %{__install} -c -m 755 ${aux_script} %{buildroot}%{_datadir}/bro/scripts/${aux_script}
+done
+popd
+
+#pushd s2b
+#%{__install} -d -m 755 %{buildroot}%{_datadir}/bro/scripts/s2b
+#%{__install} -c -m 755 snort2bro/snort2bro %{buildroot}%{_datadir}/bro/scripts/s2b/snort2bro
+#%{__install} -c -m 644 snort2bro/snort2bro.cfg %{buildroot}%{_datadir}/bro/scripts/s2b/snort2bro.cfg
+#popd
# Install example signatures, site policy
%{__install} -D -d -m 755 %{buildroot}%{_localstatedir}/lib/bro/site
@@ -91,8 +126,21 @@ cd ..
%{__install} -c -m 644 scripts/s2b/example_bro_files/signatures.sig %{buildroot}%{_localstatedir}/lib/bro/site/signatures.sig
%{__install} -c -m 644 scripts/local.lite.bro %{buildroot}%{_localstatedir}/lib/bro/site/localhost.bro
+# Install broctl
+%{__make} DESTDIR="%{buildroot}" install-broctl
+
rm -rf src/libedit
+# Fix paths
+sed -i 's|%{buildroot}||g' %{buildroot}%{_libdir}/broctl/BroControl/options.py
+sed -i 's|%{buildroot}||g' %{buildroot}%{_bindir}/broctl
+sed -i 's|lib/broctl|%{_libdir}/broctl|g' %{buildroot}%{_bindir}/broctl
+
+# Remove devel and junk files
+find "%{buildroot}/%_prefix" -iname "*.la" -delete;
+find "%{buildroot}/%_prefix" -iname "*.[ha]" -delete;
+find "%{buildroot}/" -iname "*.log" -delete;
+
%clean
rm -rf %{buildroot}
@@ -107,16 +155,44 @@ fi
%files
%defattr(-,root,root,-)
-%doc README COPYING doc/user-manual/Bro-user-manual.pdf doc/ref-manual/Bro-Ref-Manual.pdf doc/quick-start/Bro-quick-start.pdf doc/pubs/*.ps doc/misc/*
+
+%doc README COPYING AUTHORS CHANGES NEWS
+%doc doc/user-manual/BroDir.pdf doc/user-manual/bro-deployment.pdf
+%doc doc/user-manual/Bro-user-manual.pdf doc/quick-start/bro-deployment.pdf
+%doc doc/quick-start/Bro-quick-start.pdf
+
%config(noreplace) %{_sysconfdir}/sysconfig/bro
+%config(noreplace) %{_sysconfdir}/broccoli.conf
+%config(noreplace) %{_sysconfdir}/bro/broctl.cfg
+%config(noreplace) %{_sysconfdir}/bro/node.cfg
+%config(noreplace) %{_sysconfdir}/bro/networks.cfg
+%config(noreplace) %{_sysconfdir}/bro/analysis.dat
+
%{_initrddir}/bro
+
%{_bindir}/bro
+%{_bindir}/broctl
+%{_bindir}/broccoli-config
+%{_bindir}/capstats
+%{_bindir}/cf
+%{_bindir}/hf
+%{_bindir}/trace-summary
+
+%{_libdir}/broctl
+%{_libdir}/libbroccoli.so*
+
%{_datadir}/bro
+%{_datadir}/broctl
+
%{_localstatedir}/run/bro
%{_localstatedir}/log/bro
%{_localstatedir}/lib/bro
+%{_localstatedir}/spool/bro
%changelog
+* Wed Sep 8 2010 Daniel Kopecek <dkopecek at redhat.com> - 1.5.1-1
+- update to new upstream version
+
* Tue Aug 25 2009 Tomas Mraz <tmraz at redhat.com> - 1.4-0.6.20080804svn
- rebuilt with new openssl
diff --git a/sources b/sources
index d994644..4fe722f 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-e93683240231069f32b960a3f7e5905c bro-20080804.tgz
+110b916b28952d4aa527564f90611501 bro-1.5-release.tar.gz
More information about the scm-commits
mailing list