%define oname ufdbGuard %define patchlvl 14 Summary: ufdbGuard is a URL filter for Squid Name: ufdbguard Version: 1.31 %define subrel 2 Release: %mkrel 5 License: GPLv2 Group: System/Servers URL: http://www.urlfilterdb.com/ Source0: http://downloads.sourceforge.net/%{oname}/%{oname}-%{version}-%{patchlvl}.tar.gz Source1: http://www.urlfilterdb.com/files/downloads/ReferenceManual.pdf Patch0: ufdbGuard-1.31-fix-makeinstall.patch Patch2: ufdbGuard-1.29-do-not-phone-home.patch Patch3: ufdbGuard-1.31-listen-locally.patch Patch4: ufdbGuard-1.31-categories.patch Patch5: ufdbGuard-1.31-init-reload.patch Patch6: ufdbGuard-1.31-squid-version.patch Requires: wget Requires: openssl Requires: squid Requires: rootcerts BuildRequires: perl BuildRequires: wget BuildRequires: gdb Buildrequires: openssl-devel BuildRequires: squid Buildrequires: bzip2-devel BuildRequires: flex BuildRequires: bison Requires(post): rpm-helper Requires(postun): rpm-helper Requires(pre): rpm-helper Requires(preun): rpm-helper %description ufdbGuard is a free URL filter for Squid with additional features like SafeSearch enforcement for a large number of search engines, safer HTTPS visits and dynamic detection of proxies (URL filter circumventors). ufdbGuard supports free and commercial URL databases that can be downloaded from various sites and vendors. You can even make your own URL database for ufdbGuard. %package cgi Summary: Perl-based CGI for generating responses to blocked requests Group: System/Servers Requires: %{name} = %{version}-%{release} Requires: webserver-base %description cgi This is the Perl-based CGI for ufdbGuard to generate responses to requests that are blocked by the filtering software. This can used with a web server that supports CGIs as an alternative to the one built in to ufdbhttpd. %prep %setup -q -n %{oname}-%{version} %patch0 -p0 %patch2 -p0 %patch3 -p0 %patch4 -p0 %patch5 -p1 %patch6 -p0 perl -pi -e 's|$root = .*;|$root = %{_datadir}/%{oname};|g' samples/URLblocked.cgi # use local redirector instead of external one perl -pi -e 's|cgibin.urlfilterdb.com|localhost:8080|g' src/ufdbGuard.conf.in # default HTTPS redirections to localhost:443 instead of upstream site # this can be overridden at runtime with the redirect-https configuration parameter # e.g., redirect-https blockedhttps.urlfilterdb.com:443, in ufdbGuard.conf perl -pi -e 's|blockedhttps.urlfilterdb.com|localhost|g' src/ufdb.h.in cp %{SOURCE1} . # ufdbGuard handles log rotation internally, a logrotate config is not needed. # if you can disable internal rotation, perhaps we should add one. %build %serverbuild install -d %{buildroot}%{_sysconfdir}/sysconfig # needed by configure %configure --with-ufdb-bindir=%{_bindir} --with-ufdb-piddir=/run/ufdb --with-ufdb-mandir=%{_mandir} --with-ufdb-samplesdir=%{_datadir}/%{oname}/samples --with-ufdb-config=%{_sysconfdir}/ufdb --with-ufdb-logdir=%{_logdir}/ufdb --with-ufdb-dbhome=%{_datadir}/%{oname}/db --with-ufdb-images_dir=%{_datadir}/%{oname}/images --with-ufdb-user=squid %make %install install -d %{buildroot}%{_bindir} install -d %{buildroot}%{_logdir}/ufdb install -d %{buildroot}%{_sysconfdir}/ufdb install -d %{buildroot}%{_datadir}/%{oname}/db install -d %{buildroot}%{_datadir}/%{oname}/samples install -d %{buildroot}%{_datadir}/%{oname}/images install -d %{buildroot}%{_datadir}/%{oname}/webmin install -d %{buildroot}%{_initddir} install -d %{buildroot}%{_sysconfdir}/sysconfig install -d %{buildroot}%{_var}/www/cgi-bin install -d %{buildroot}%{_mandir}/man{1,8} %makeinstall logdir=%{buildroot}%{_logdir}/ufdb cfgdir=%{buildroot}%{_sysconfdir}/ufdb dbhome=%{buildroot}%{_datadir}/%{oname}/db images_dir=%{buildroot}%{_datadir}/%{oname}/images cp -a src/mtserver/ufdb.sh %{buildroot}%{_initddir}/ufdb chmod 755 %{buildroot}%{_initddir}/ufdb cp -a src/mtserver/sysconfig.ufdbguard %{buildroot}%{_sysconfdir}/sysconfig/%{name} cp -a samples/URLblocked.cgi %{buildroot}%{_var}/www/cgi-bin/URLblocked.cgi cp -a samples/{execdomainlist.sh,execuserlist.sh} %{buildroot}%{_datadir}/%{oname}/samples/ touch %{buildroot}%{_logdir}/ufdb/{ufdbguardd,ufdbgclient,ufdbhttpd,ufdbsignal}.log for manpage in doc/*.1; do cp -a $manpage %{buildroot}%{_mandir}/man1/ done for manpage in doc/*.8; do cp -a $manpage %{buildroot}%{_mandir}/man8/ done cp -a test/blacklist/{entertainment,ipv6,known,proxies,security} %{buildroot}%{_datadir}/%{oname}/db/ rm -f %{buildroot}%{_datadir}/%{oname}/db/security/cacerts ln -s /etc/pki/tls/certs/ca-bundle.crt %{buildroot}%{_datadir}/%{oname}/db/security/cacerts # what are the other files in test/blacklist/ for? installing in samples... for file in domains emptyuserlist erruserlist expression-error expressions httpsgoogle.expressions httpsipblock.expressions license-status privuserlist urls; do cp -a test/blacklist/$file %{buildroot}%{_datadir}/%{oname}/samples/ done cp -a webmin/ufdbguard.wbm %{buildroot}%{_datadir}/%{oname}/webmin/ cat > README.urpmi <<EOF To enable ufdbGuard usage in Squid, you should add the following lines to %{_sysconfdir}/squid/squid.conf: url_rewrite_program %{_bindir}/ufdbgclient -l %{_logdir}/ufdb url_rewrite_children 64 EOF mkdir -p %{buildroot}%{_tmpfilesdir} cat > %{buildroot}%{_tmpfilesdir}/%{name}.conf <<EOF d /run/ufdb 0700 squid squid - EOF %postun if [ "$1" = "0" ]; then rm -rf %{_datadir}/%{oname} fi %post %_tmpfilescreate %{name} %_post_service ufdb systemctl -q try-restart squid.service ||: %preun %_preun_service ufdb if [ "$1" = "0" ]; then rm -f %{_logdir}/ufdb/* fi %files %doc CREDITS README.urpmi doc/README ReferenceManual.pdf %{_initddir}/ufdb %config(noreplace) %{_sysconfdir}/sysconfig/%{name} %dir %{_sysconfdir}/ufdb %config(noreplace) %{_sysconfdir}/ufdb/%{oname}.conf %{_bindir}/ufdbAnalyse %{_bindir}/ufdb_analyse_urls %{_bindir}/ufdb_analyse_users %{_bindir}/ufdbConvertDB %{_bindir}/ufdbgclient %{_bindir}/ufdbGenTable %{_bindir}/ufdbguardd %{_bindir}/ufdbhttpd %{_bindir}/ufdb-pstack %attr(4755,squid,squid) %{_bindir}/ufdbsignal %{_bindir}/ufdb_top_urls %{_bindir}/ufdb_top_users %{_bindir}/ufdbUpdate %dir %{_datadir}/%{oname} %dir %{_datadir}/%{oname}/db %{_datadir}/%{oname}/db/* %dir %{_datadir}/%{oname}/samples %{_datadir}/%{oname}/samples/* %dir %{_datadir}/%{oname}/images %{_datadir}/%{oname}/images/* %dir %{_datadir}/%{oname}/webmin %{_datadir}/%{oname}/webmin/* %attr(-,squid,squid) %dir %{_logdir}/ufdb %attr(0640,squid,squid) %{_logdir}/ufdb/* %{_mandir}/man1/* %{_mandir}/man8/* %{_tmpfilesdir}/%{name}.conf %files cgi %attr(0755,apache,apache) %{_var}/www/cgi-bin/URLblocked.cgi %changelog * Thu Oct 08 2015 luigiwalser <luigiwalser> 1.31-5.2.mga5 + Revision: 887907 - update to 1.31-patch14 - try restarting squid after updating this package - update ReferenceManual.pdf - update to 1.31-patch13 (compatible with squid 3.4+) - rediff listen-locally patch - add patch to set squid-version * Wed Oct 15 2014 umeabot <umeabot> 1.31-5.mga5 + Revision: 744490 - Second Mageia 5 Mass Rebuild * Tue Sep 16 2014 umeabot <umeabot> 1.31-4.mga5 + Revision: 690020 - Mageia 5 Mass Rebuild * Mon Dec 02 2013 luigiwalser <luigiwalser> 1.31-3.mga4 + Revision: 554677 - include reload in init script usage statement so that systemctl sees it * Sat Oct 19 2013 umeabot <umeabot> 1.31-2.mga4 + Revision: 528898 - Mageia 4 Mass Rebuild * Sat Jun 29 2013 luigiwalser <luigiwalser> 1.31-1.mga4 + Revision: 448181 - 1.31 - update ReferenceManual.pdf - rediff patch 0 and patch 4 - redirect blocked https sites to localhost - update files list - add tmpfiles configuration for /var/run/ufdb * Thu Jan 24 2013 luigiwalser <luigiwalser> 1.30-1.mga3 + Revision: 392187 - 1.30 - remove upstreamed LSB headers patch * Mon Jan 14 2013 umeabot <umeabot> 1.29-2.mga3 + Revision: 384984 - Mass Rebuild - https://wiki.mageia.org/en/Feature:Mageia3MassRebuild * Wed Oct 24 2012 luigiwalser <luigiwalser> 1.29-1.mga3 + Revision: 309635 - imported package ufdbguard