]>
Commit | Line | Data |
---|---|---|
e7204cb7 | 1 | %define apxs /usr/sbin/apxs |
dbbca04e JR |
2 | # Use the following command to verify gitver and githash when updating from master: |
3 | # wget --content-disposition https://github.com/SpiderLabs/owasp-modsecurity-crs/tarball/master | |
4 | %define gitver 2.2.7-21 | |
5 | %define githash d4f9c5a | |
e7204cb7 JR |
6 | Summary: OWASP ModSecurity Core Rule Set (CRS) |
7 | Name: apache-mod_security_crs | |
dbbca04e JR |
8 | Version: %(echo %{gitver} | tr - .) |
9 | Release: 1 | |
e7204cb7 JR |
10 | License: ASL 2.0 |
11 | Group: Networking/Daemons/HTTP | |
dbbca04e JR |
12 | Source0: https://github.com/SpiderLabs/owasp-modsecurity-crs/tarball/%{githash}/SpiderLabs-owasp-modsecurity-crs-%{gitver}-%{githash}.tar.gz |
13 | # Source0-md5: ae12b393c8c1af70a2c3d939aa4aafca | |
e7204cb7 JR |
14 | URL: http://www.modsecurity.org/ |
15 | BuildRequires: apache-devel | |
16 | BuildRequires: rpmbuild(macros) >= 1.268 | |
17 | Requires: apache-mod_security >= 2.7.0 | |
dbbca04e | 18 | BuildArch: noarch |
e7204cb7 JR |
19 | BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n) |
20 | ||
21 | %define apacheconfdir %(%{apxs} -q SYSCONFDIR 2>/dev/null)/conf.d | |
22 | ||
23 | %description | |
24 | OWASP ModSecurity Core Rule Set provides generic protection from | |
25 | unknown vulnerabilities often found in web applications, which are | |
26 | in most cases custom coded. The Core Rules are heavily commented to | |
27 | allow it to be used as a step-by-step deployment guide | |
28 | for ModSecurity™. | |
29 | ||
dbbca04e JR |
30 | %package extras |
31 | Summary: Supplementary OWASP ModSecurity Core Rule Set (CRS) | |
32 | Group: Networking/Daemons/HTTP | |
33 | Requires: %{name} = %{version}-%{release} | |
34 | ||
35 | %description extras | |
36 | This package provides supplementary rules for mod_security. | |
37 | ||
e7204cb7 | 38 | %prep |
dbbca04e | 39 | %setup -q -n SpiderLabs-owasp-modsecurity-crs-%{githash} |
e7204cb7 JR |
40 | |
41 | %build | |
42 | ||
43 | %install | |
44 | rm -rf $RPM_BUILD_ROOT | |
dbbca04e JR |
45 | install -d $RPM_BUILD_ROOT%{apacheconfdir}/modsecurity.d/activated_rules \ |
46 | $RPM_BUILD_ROOT%{_datadir}/modsecurity.d/base_rules \ | |
47 | $RPM_BUILD_ROOT%{_datadir}/modsecurity.d/{optional,experimental,slr}_rules | |
48 | ||
49 | install modsecurity_crs_10_setup.conf.example $RPM_BUILD_ROOT%{apacheconfdir}/modsecurity.d/modsecurity_crs_10_config.conf | |
50 | install base_rules/* $RPM_BUILD_ROOT%{_datadir}/modsecurity.d/base_rules/ | |
e7204cb7 | 51 | |
dbbca04e JR |
52 | install optional_rules/* $RPM_BUILD_ROOT%{_datadir}/modsecurity.d/optional_rules/ |
53 | install experimental_rules/* $RPM_BUILD_ROOT%{_datadir}/modsecurity.d/experimental_rules/ | |
54 | install slr_rules/* $RPM_BUILD_ROOT%{_datadir}/modsecurity.d/slr_rules | |
55 | ||
56 | # activate base_rules | |
57 | cd $RPM_BUILD_ROOT/%{_datadir}/modsecurity.d/base_rules | |
58 | for f in * ; do | |
59 | ln -s %{_datadir}/modsecurity.d/base_rules/$f $RPM_BUILD_ROOT%{apacheconfdir}/modsecurity.d/activated_rules/$f | |
60 | done | |
e7204cb7 JR |
61 | |
62 | %clean | |
63 | rm -rf $RPM_BUILD_ROOT | |
64 | ||
65 | %files | |
66 | %defattr(644,root,root,755) | |
dbbca04e JR |
67 | %doc CHANGELOG INSTALL LICENSE README.md util |
68 | %config(noreplace) %verify(not md5 mtime size) %{apacheconfdir}/modsecurity.d/activated_rules/* | |
69 | %config(noreplace) %verify(not md5 mtime size) %{apacheconfdir}/modsecurity.d/modsecurity_crs_10_config.conf | |
70 | %{_datadir}/modsecurity.d/base_rules | |
71 | ||
72 | %files extras | |
73 | %defattr(644,root,root,755) | |
74 | %{_datadir}/modsecurity.d/optional_rules | |
75 | %{_datadir}/modsecurity.d/experimental_rules | |
76 | %{_datadir}/modsecurity.d/slr_rules |