# # spec file for package apache2-mod_security2 # # Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # %define modname mod_security2 %define tarballname modsecurity-%{version} %define usrsharedir %{_datadir}/%{name} %define refman Reference-Manual.html %define faq ModSecurity-Frequently-Asked-Questions-FAQ.html Name: apache2-mod_security2 Version: 2.9.0 Release: 0 Summary: ModSecurity Open Source Web Application Firewall License: Apache-2.0 Group: Productivity/Networking/Web/Servers Url: http://www.modsecurity.org/ Source: https://www.modsecurity.org/tarball/%{version}/%{tarballname}.tar.gz Source1: https://github.com/SpiderLabs/owasp-modsecurity-crs/tarball/master//SpiderLabs-owasp-modsecurity-crs-2.2.9-5-gebe8790.tar.gz Source2: mod_security2.conf Source3: %{refman}.bz2 Source4: %{faq}.bz2 Source5: modsecurity_diagram_apache_request_cycle.jpg Source6: README-SUSE-mod_security2.txt Source7: empty.conf Patch0: apache2-mod_security2-no_rpath.diff Patch1: modsecurity-fixes.patch # https://github.com/SpiderLabs/ModSecurity/pull/837 Patch2: apache2-mod_security2-lua-5.3.patch BuildRequires: apache-rpm-macros BuildRequires: apache2-devel BuildRequires: apache2-prefork BuildRequires: autoconf BuildRequires: automake BuildRequires: c++_compiler BuildRequires: libcurl-devel BuildRequires: libtool BuildRequires: libxml2-devel BuildRequires: lua-devel BuildRequires: pcre-devel BuildRequires: pkgconfig Requires: %{apache_mmn} Requires: %{apache_suse_maintenance_mmn} Requires: apache2 BuildRoot: %{_tmppath}/%{name}-%{version}-build %description ModSecurity(TM) is an open source intrusion detection and prevention engine for web applications (or a web application firewall). Operating as an Apache Web server module or standalone, the purpose of ModSecurity is to increase web application security, protecting web applications from known and unknown attacks. The modsecurity team also offer a commercial version of their excellent ruleset. Please have a look at http://www.modsecurity.org/ for more details. %prep %setup -q -n %{tarballname} %setup -q -D -T -a 1 -n %{tarballname} mv -v SpiderLabs* rules bzip2 -dc %{SOURCE3} > %{_sourcedir}/%{refman} && touch -r %{SOURCE3} %{_sourcedir}/%{refman} bzip2 -dc %{SOURCE4} > %{_sourcedir}/%{faq} && touch -r %{SOURCE4} %{_sourcedir}/%{faq} %patch0 %patch1 -p1 %patch2 -p1 %build # aclocal only works with never distributions, %if 0%{?suse_version} >= 1310 aclocal # on older versions only autoconf is called. %else autoreconf -fi %endif automake %configure --with-apxs=%{apache_apxs} --enable-request-early --enable-htaccess-config CFLAGS="%{optflags}" make %{?_smp_mflags} %install pushd apache2 install -d -m 0755 %{buildroot}%{apache_libexecdir} install .libs/mod_security2.so %{buildroot}%{apache_libexecdir}/%{modname}.so popd install -D -m 0644 %{SOURCE2} %{buildroot}%{apache_sysconfdir}/conf.d/%{modname}.conf install -d -m 0755 %{buildroot}%{apache_sysconfdir}/mod_security2.d install -D -m 0644 %{SOURCE6} %{buildroot}%{apache_sysconfdir}/mod_security2.d install -D -m 0644 %{SOURCE7} %{buildroot}%{apache_sysconfdir}/mod_security2.d cp -a %{SOURCE6} doc install -m 0644 %{_sourcedir}/%{faq} %{_sourcedir}/%{refman} doc install -m 0644 %{SOURCE5} doc install -d -m 0755 %{buildroot}/%{usrsharedir} install -d -m 0755 %{buildroot}/%{usrsharedir}/tools install -d -m 0755 %{buildroot}/%{usrsharedir} rm -f rules/.gitignore rules/LICENSE cp -a rules/util/README %{buildroot}/%{usrsharedir}/tools/README-rules-updater.txt cp -a tools/rules-updater.pl tools/rules-updater-example.conf %{buildroot}/%{usrsharedir}/tools find rules -type f -print0 | \ xargs -0 chmod 644 cp -a rules %{buildroot}/%{usrsharedir} rm -rf %{buildroot}/%{usrsharedir}/rules/util rm -rf %{buildroot}/%{usrsharedir}/rules/lua rm -f %{buildroot}/%{usrsharedir}/rules/READM* rm -f %{buildroot}/%{usrsharedir}/rules/INSTALL %{buildroot}/%{usrsharedir}/rules/CHANGELOG mv %{buildroot}/%{usrsharedir}/rules/modsecurity_crs_10_setup.conf.example \ %{buildroot}/%{usrsharedir}/rules/modsecurity_crs_10_setup.conf %check set +x mkdir -p %{apache_test_module_dir} cp %{SOURCE2} %{apache_test_module_dir}/%{modname}-test.conf sed -i 's:%{_localstatedir}/log/apache2:/tmp:' %{apache_test_module_dir}/%{modname}-test.conf sed -i 's:%{_prefix}/share:%{buildroot}%{_prefix}/share:' %{apache_test_module_dir}/%{modname}-test.conf sed -i 's:%{_sysconfdir}/apache2:%{buildroot}%{_sysconfdir}/apache2:' %{apache_test_module_dir}/%{modname}-test.conf %apache_test_module_load -m security2 -i %{modname}-test.conf set -x %files %defattr(-, root, root, 0755) %{apache_libexecdir}/%{modname}.so %config(noreplace) %{apache_sysconfdir}/conf.d/%{modname}.conf %dir %{apache_sysconfdir}/mod_security2.d %{apache_sysconfdir}/mod_security2.d/README-SUSE-mod_security2.txt %{apache_sysconfdir}/mod_security2.d/empty.conf %dir %{usrsharedir} %doc README.TXT CHANGES LICENSE NOTICE authors.txt %{usrsharedir} %doc doc/* rules/util/regression-tests %changelog