%define name logcheck
%define version 1.1.1
%define release 5mdk
Name: %{name}
Summary: Psionic LogCheck
Version: %{version}
Release: %{release}
Copyright: GPL
Group: Monitoring
URL: http://www.psionic.com
Source: %{name}-%{version}.tar.bz2
Source1: %{name}.cron
Patch: %{name}.patch.bz2
Patch1: %{name}-sh.patch.bz2
BuildRoot: %{_tmppath}/%{name}-buildroot
%description
Logcheck is a software package that is designed to automatically run and check
system log files for security violations and unusual activity. Logcheck
utilizes a program called logtail that remembers the last position it read
from in a log file and uses this position on subsequent runs to process new
information. All source code is available for review and the implementation
was kept simple to avoid problems. This package is a clone of the
frequentcheck.sh script from the Trusted Information Systems Gauntlet(tm)
firewall package. TIS has granted permission for me to clone this package.
%prep
%setup -q
%patch -p1
%patch1 -p1
%build
%install
[ -n "%{buildroot}" -a "%{buildroot}" != / ] && rm -rf %{buildroot}
mkdir -p %{buildroot}
export INSTALLDIR=%{buildroot}%{_sysconfdir}/logcheck
export INSTALLDIR_BIN=%{buildroot}%{_bindir}
export INSTALLDIR_SH=%{buildroot}%{_bindir}
export TMPDIR=%{buildroot}/var/%{name}
export CFLAGS=$RPM_OPT_FLAGS
mkdir -p %{buildroot}%{_sysconfdir}/logcheck
mkdir -p %{buildroot}%{_bindir}
mkdir -p %{buildroot}/var/%{name}
make linux
# rename files
pushd %{buildroot}%{_sysconfdir}/logcheck
mv -f logcheck.hacking hacking
mv -f logcheck.violations violations
mv -f logcheck.violations.ignore violations.ignore
mv -f logcheck.ignore ignore
popd
mkdir -p %{buildroot}%{_sysconfdir}/cron.daily/
install -m755 %{SOURCE1} %{buildroot}%{_sysconfdir}/cron.daily/logcheck
%clean
[ -n "%{buildroot}" -a "%{buildroot}" != / ] && rm -rf %{buildroot}
rm -rf $RPM_BUILD_DIR/%{name}-%{version}
%files
%defattr(-,root,root,0755)
%doc CHANGES CREDITS INSTALL LICENSE README* systems/linux/README*
%config %{_sysconfdir}/cron.daily/logcheck
%config(noreplace) %{_sysconfdir}/logcheck/hacking
%config(noreplace) %{_sysconfdir}/logcheck/violations
%config(noreplace) %{_sysconfdir}/logcheck/violations.ignore
%config(noreplace) %{_sysconfdir}/logcheck/ignore
%{_bindir}/logcheck.sh
%{_bindir}/logtail
%attr(0700,root,root) %dir /var/%{name}
%changelog
* Fri Oct 6 2000 Vincent Danen <vdanen@mandrakesoft.com> 1.1.1-5mdk
- change TEMPDIR to /var/logcheck with 0700 permissions (thanks to
timp@redhat.com for the suggestion)
- check mail/news logs
* Mon Sep 18 2000 Vincent Danen <vdanen@mandrakesoft.com> 1.1.1-4mdk
- move logcheck script from running hourly to running daily
* Thu Aug 3 2000 Vincent Danen <vdanen@mandrakesoft.com> 1.1.1-3mdk
- macros
- fix path for config files
- change group
- add patch to fix configuration variables in logcheck.sh
- add script in cron.hourly
* Thu May 4 2000 Vincent Danen <vdanen@linux-mandrake.com> 1.1.1-2mdk
- fix group
- fix for spec-helper
- change prefix to /usr
- bzip patch
* Wed Dec 1 1999 Vincent Danen <vdanen@linux-mandrake.com>
- updated specfile for Mandrake contribs
- specfile cleanups
- bzip sources
- 1.1.1
* Tue Nov 9 1999 Vincent Danen <vdanen@softhome.net>
- updated spec file to clean up properly
- specfile adaptations
* Tue Sep 28 1999 Vincent Danen <vdanen@softhome.net>
- updated spec file
* Mon Sep 27 1999 Vincent Danen <vdanen@softhome.net>
- 1.1
- Mandrake adaptions
distrib
>
Mandriva
>
7.2
>
i586
>
media
>
main-src
>
by-pkgid
>
9a3fa647e1c4a37b5b5b87bdc8e04b89
>
files
>
5
