Sophie

Sophie

distrib > Mandriva > 10.2 > x86_64 > by-pkgid > 82634241f4854f2da753d930320623d6 > files > 2

apache-tools-1.0.1-1mdk.src.rpm

%define apache_version 2.0.53

Summary:	Apache Security Tools
Name:		apache-tools
Version:	1.0.1
Release:	1mdk
License:	GPL
Group:		System/Servers
URL:		http://www.apachesecurity.net/
Source0:	http://www.apachesecurity.net/download/apache_tools-%{version}.tar.bz2
Source1:	apache-tools-index.html.bz2
BuildRequires:	apache2-devel
Requires:	rrdtool
Requires:	iptables
Requires:	apache2-conf
Requires:	apache2-common
Requires:	apache2-modules
BuildRoot:	%{_tmppath}/%{name}-%{version}-buildroot

%description
o apache-monitor.pl - monitors mod_status output and stores web
  server activity in a RRD file.

o apache-monitor-graph.pl - creates pretty graphs from a RRD file
  populated by the previous script (you can find an example here). 

o apache-protect - monitors mod_status output to detect a DoS
  attack, then uses the blacklist tool to cut the offending IP
  address at the firewall.

o error_log_ai.pl - implementation of the Artificial Ignorance
  concept (devised by Marcus J. Ranum) for the Apache error log.

o blacklist - uses iptables to create a temporarily blacklist.

o blacklist-webclient.c - a C program that can be marked suid
  root, and called from a non-root script to blacklist IP
  addresses.

o logscan.pl - easy-to-use log analysis script, supports field
  names and regular expressions (will support anti-evasion
  techniques in the future).

o mod_globalerror.c - Apache 2 module that allows the server to
  have per-virtual host error logs *and* have one file where all
  errors are duplicated (useful for server monitoring).

%package -n	apache2-mod_globalerror
Summary:	Produces an independent global error log
Version:	%{apache_version}_%{version}
Group:		System/Servers
PreReq:		apache2-conf
PreReq:		apache2-common
PreReq:		apache2-modules

%description -n	apache2-mod_globalerror
This Apache 2.x module will produce an independent, global, error
log. This is very handy to allow for server monitoring (using Swatch,
for example) in situations where independent, per-virtual host, logs
are used.

After adding the module to the configuration, use the GlobalErrorLog
directive to specify the file where the log should go to (piped
logging is supported) and the GlobalErrorLogLevel directive to
specify the log level.

%prep

%setup -q -n apache_tools

bzcat %{SOURCE1} > apache-tools-index.html

%build

gcc %{optflags} blacklist-webclient.c -o blacklist-webclient

%{_sbindir}/apxs2 -c mod_globalerror.c

%install
[ "%{buildroot}" != "/" ] && rm -rf %{buildroot}

install -d %{buildroot}%{_var}/www/cgi-bin
install -d %{buildroot}%{_bindir}
install -d %{buildroot}/sbin
install -d %{buildroot}%{_sysconfdir}/httpd/conf.d
install -d %{buildroot}%{_sysconfdir}/httpd/webapps.d
install -d %{buildroot}%{_sysconfdir}/cron.hourly
install -d %{buildroot}%{_localstatedir}/apache-monitor
install -d %{buildroot}%{_var}/www/html/admin/apache-monitor
install -d %{buildroot}%{_libdir}/apache2-extramodules

install -m0755 blacklist-webclient %{buildroot}%{_var}/www/cgi-bin/blacklist.cgi
install -m0755 apache-monitor %{buildroot}%{_bindir}/
install -m0755 apache-monitor-graph %{buildroot}%{_bindir}/
install -m0755 apache-protect %{buildroot}%{_bindir}/
install -m0755 error_log_ai %{buildroot}%{_bindir}/
install -m0755 logscan %{buildroot}%{_bindir}/
install -m0755 blacklist %{buildroot}/sbin/

install -m0644 apache-tools-index.html %{buildroot}%{_var}/www/html/admin/apache-monitor/index.html

install -m0755 .libs/mod_globalerror.so %{buildroot}%{_libdir}/apache2-extramodules/
cat << EOF > %{buildroot}%{_sysconfdir}/httpd/conf.d/mod_globalerror.conf
<IfDefine HAVE_GLOBALERROR>
  <IfModule !mod_globalerror.c>
    LoadModule globalerror_module		extramodules/mod_globalerror.so
  </IfModule>
</IfDefine>

<IfModule mod_globalerror.c>
    GlobalErrorLog logs/globalerror_log
    GlobalErrorLogLevel debug
</IfModule>
EOF

cat << EOF > %{buildroot}%{_sysconfdir}/httpd/webapps.d/apache-tools.conf
<Directory %{_var}/www/html/admin/apache-monitor/>
    Order allow,deny
    Allow from 127.0.0.1
</Directory>
EOF

cat << EOF > %{buildroot}%{_sysconfdir}/httpd/webapps.d/blacklist.conf
<Location /cgi-bin/blacklist.cgi>
    Order allow,deny
    Allow from 127.0.0.1
</Location>
EOF

cat << EOF > %{buildroot}%{_sysconfdir}/cron.hourly/apache-tools
#!/bin/bash
# GPL, Fri Feb 18 2005 Oden Eriksson <oeriksson@mandrakesoft.com>
# Simple script to utilize apache-tools, serves as an example.
# It requires mod_status and "ExtendedStatus On".

# Edit these files (and the file you are reading) to suit your needs:
# %{_sysconfdir}/httpd/webapps.d/apache-tools.conf
# %{_var}/www/html/admin/apache-monitor/index.html

# poll stats
%{_bindir}/apache-monitor %{_localstatedir}/apache-monitor/localhost http://127.0.0.1/server-status/

# make stats
%{_bindir}/apache-monitor-graph %{_localstatedir}/apache-monitor/localhost %{_var}/www/html/admin/apache-monitor/ 3600
EOF

%post
%{_initrddir}/httpd restart

%postun
%{_initrddir}/httpd restart

%post -n apache2-mod_globalerror
%{_initrddir}/httpd restart

%postun -n apache2-mod_globalerror
%{_initrddir}/httpd restart

%clean
[ "%{buildroot}" != "/" ] && rm -rf %{buildroot}

%files
%defattr(-,root,root)
%doc README LICENSE CHANGES
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/httpd/webapps.d/apache-tools.conf
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/httpd/webapps.d/blacklist.conf
%attr(0755,root,root) %config(noreplace) %{_sysconfdir}/cron.hourly/apache-tools
%attr(0755,root,root) %{_bindir}/apache-monitor
%attr(0755,root,root) %{_bindir}/apache-monitor-graph
%attr(0755,root,root) %{_bindir}/apache-protect
%attr(0755,root,root) %{_bindir}/error_log_ai
%attr(0755,root,root) %{_bindir}/logscan
%attr(0755,root,root) /sbin/blacklist
%attr(4755,root,root) %{_var}/www/cgi-bin/blacklist.cgi
%attr(0755,root,root) %dir %{_var}/www/html/admin/apache-monitor
%attr(0755,root,root) %dir %{_localstatedir}/apache-monitor
%attr(0644,root,root) %{_var}/www/html/admin/apache-monitor/index.html

%files -n apache2-mod_globalerror
%defattr(-,root,root)
%doc README LICENSE CHANGES
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/httpd/conf.d/mod_globalerror.conf
%attr(0755,root,root) %{_libdir}/apache2-extramodules/mod_globalerror.so

%changelog
* Fri Feb 18 2005 Oden Eriksson <oeriksson@mandrakesoft.com> 1.0.1-1mdk
- added S1 and some cron stuff

* Fri Feb 11 2005 Oden Eriksson <oeriksson@mandrakesoft.com> 1.0-1mdk
- the version was really 1.0 (@sf)

* Fri Feb 11 2005 Oden Eriksson <oeriksson@mandrakesoft.com> 0.0-1mdk
- initial Mandrakelinux package

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional