# $Id: httpd-naat.spec.proto,v 1.3 2002/01/30 17:41:45 philippe Exp $ %define name httpd-naat %define version 0.8 %define release 3mdk %define admroot /var %define apacheadmroot %{admroot}/www-naat %define apachebase %{_sysconfdir}/httpd %define apachelogs /var/log %define port 8443 Summary: HTTP server daemon to provide Administrative WWW services Name: %{name} Version: %{version} Release: %{release} License: Apache License Group: System/Servers URL: http://www.linux-mandrake.org Source: %{name}-%{version}.tar.bz2 Source1: %{name}.init Source2: %{name}.conf Source3: %{name}.sysconfig Source4: ssl.%{name}-vhost.conf Source5: %{name}.mod_ssl.conf Source6: dot-htaccess Source7: httpd-naat.logrotate Source8: %{name}.Vhosts.conf Source9: squidGuard.cgi Source10: nulbanner.png Buildroot: %{_tmppath}/%{name}-root PreReq: apache >= 1.3.20 PreReq: mod_php PreReq: php-gd PreReq: mod_ssl PreReq: mod_auth_external PreReq: sudo PreReq: perl PreReq: SnortSnarf PreReq: dhcpstatus BuildArchitectures: noarch %description httpd-naat is an Apache configuration for the Network Appliance Administration Tool on Linux-Mandrake Server. %prep rm -rf $RPM_BUILD_ROOT %setup -q %install mkdir -p $RPM_BUILD_ROOT%{apacheadmroot}/{html,cgi-bin,icons,perl,squidGuard} #mkdir -p $RPM_BUILD_ROOT%{apacheadmroot}/html/admin mkdir -p $RPM_BUILD_ROOT%{_initrddir} mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig mkdir -p $RPM_BUILD_ROOT%{apachebase}/conf/{ssl,vhosts} mkdir -p $RPM_BUILD_ROOT%{apachelogs}/httpd-naat mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d mkdir -p $RPM_BUILD_ROOT/%{_sbindir} install -m755 %{SOURCE1} $RPM_BUILD_ROOT/%{_initrddir}/%{name} install -m644 %{SOURCE2} $RPM_BUILD_ROOT/%{apachebase}/conf/ install -m644 %{SOURCE4} $RPM_BUILD_ROOT/%{apachebase}/conf/ssl/ install -m644 %{SOURCE5} $RPM_BUILD_ROOT/%{apachebase}/conf/ssl/ install -m644 %{SOURCE8} $RPM_BUILD_ROOT/%{apachebase}/conf/vhosts/ #install -m600 %{SOURCE6} $RPM_BUILD_ROOT/%{apacheadmroot}/html/admin/.htaccess install -m644 %{SOURCE7} $RPM_BUILD_ROOT/%{_sysconfdir}/logrotate.d/httpd-naat install -m755 %{SOURCE9} $RPM_BUILD_ROOT/%{apacheadmroot}/squidGuard install -m644 %{SOURCE10} $RPM_BUILD_ROOT/%{apacheadmroot}/squidGuard for file in %{apachebase}/conf/%{name}.conf \ %{apachebase}/conf/ssl/ssl.%{name}-vhost.conf \ %{apachebase}/conf/vhosts/%{name}.Vhosts.conf \ %{apachebase}/conf/ssl/%{name}.mod_ssl.conf ; do #directory config perl -pi -e 's!\@apacheadmroot\@!%{apacheadmroot}!g' $RPM_BUILD_ROOT/${file} # port configuration perl -pi -e 's!\@port\@!%{port}!g' $RPM_BUILD_ROOT/${file} # name configuration (log, lock files and user ) perl -pi -e 's!\@name\@!%{name}!g' $RPM_BUILD_ROOT/${file} # logs-naat perl -pi -e 's!\@logs\@!logs-naat!g' $RPM_BUILD_ROOT/${file} done install -m644 %{SOURCE3} $RPM_BUILD_ROOT/%{_sysconfdir}/sysconfig/%{name} ln -sf ../..%{apachelogs}/httpd-naat $RPM_BUILD_ROOT%{apachebase}/logs-naat cd $RPM_BUILD_ROOT/%{_sbindir} ln -sf httpd httpd-naat %clean rm -rf $RPM_BUILD_ROOT %pre # Add admin group exist if doesn't exit # warly # # FIXME: if the group admin exists before that install create it # grpconv failed and the install reboot # grep -q '^admin:' /etc/passwd || \ /usr/sbin/useradd -c 'Administrator' \ -d /home/admin -G adm -s /bin/bash admin grep -q '^httpd-naat:' /etc/passwd || \ /usr/sbin/useradd -c "Httpd Naat Admin" -s /bin/bash -M \ -d /var/www-naat -G admin,apache httpd-naat # httpd-naat #if [ ! -f "/usr/sbin/httpd-naat" ]; then # ln -s /usr/sbin/httpd /usr/sbin/httpd-naat #fi %post # verify mod_auth configuration #if [ -e %{apachebase}/%{apachebase}/conf/addon-modules/mod_auth_external.conf ]; then #echo "Include conf/addon-modules/mod_auth_external.conf" >> %{apachebase}/conf/httpd-naat.conf #service httpd-naat reload #fi # # FIXME # # add httpd-naat on msec check #for i in 3 4 5; do #if [ -f /etc/security/msec/server.$i ]; then # grep -qw httpd-naat /etc/security/msec/server.$i || { # echo httpd-naat >> /etc/security/msec/server.$i # } #fi #if [ -f /etc/security/msec/perm.$i ]; then # grep -q "/var/log/httpd-naat" /etc/security/msec/perm.$i || { # echo "/var/log/httpd-naat httpd-naat.admin 750" >> /etc/security/msec/perm.$i # } # grep -q "/var/www-naat" /etc/security/msec/perm.$i || { # echo "/var/www-naat httpd-naat.admin 750" >> /etc/security/msec/perm.$i # } #fi #done # # /FIXME # %_post_service httpd-naat # make SnortSnarf work ln -sf /var/www/cgi-bin/*.pl %{apacheadmroot}/cgi-bin/ # make dhcpstatus work cp -a /var/www/cgi-bin/dhcpstatus*cgi %{apacheadmroot}/cgi-bin/ # proxy pac #grep -qw "application/x-ns-proxy-autoconfig" /etc/httpd/conf/apache-mime.types || { # echo "application/x-ns-proxy-autoconfig pac dat" >> /etc/httpd/conf/apache-mime.types #} %preun %_preun_service httpd-naat #%postun #if [ -e %{apachebase}/%{apachebase}/conf/addon-modules/mod_auth_external.conf ]; then #$perl -pi -e "s|Include conf/addon-modules/mod_auth_external.conf\n||g;" \ # %{apachebase}/conf/httpd-naat.conf #service httpd-naat reload #fi #if [ $1 = "0" ]; then # full uninstall # remove logs #rm -fr /var/log/httpd-naat/* # remove user http-naat #grep -q '^httpd-naat:' /etc/passwd && \ # /usr/sbin/userdel -r httpd-naat 2> /dev/null # remove the link #rm -rf /usr/sbin/httpd-naat #fi %files %defattr(-,root,root) %config(noreplace) %{_initrddir}/httpd-naat %config(noreplace) %{_sysconfdir}/sysconfig/httpd-naat %config(noreplace) %{_sysconfdir}/logrotate.d/httpd-naat %config(noreplace) %{apachebase}/conf/httpd-naat.conf %config(noreplace) %{apachebase}/conf/ssl/ssl.httpd-naat-vhost.conf %config(noreplace) %{apachebase}/conf/ssl/httpd-naat.mod_ssl.conf %config(noreplace) %{apachebase}/conf/vhosts/httpd-naat.Vhosts.conf #% attr(750,httpd-naat,admin) %dir %{apacheadmroot} %attr(750,httpd-naat,admin) %config(noreplace) %{apacheadmroot}/* %attr(-,root,root) %dir %{apachebase}/logs-naat %attr(750,httpd-naat,admin) %dir %{apachelogs}/httpd-naat %{_sbindir}/httpd-naat %doc GPL COPYRIGHT AUTHORS README %changelog * Wed Jan 30 2002 Philippe Libat <philippe@mandrakesoft.com> 0.8-3mdk - fix Makefile * Wed Jan 30 2002 Philippe Libat <philippe@mandrakesoft.com> 0.8-2mdk - new mod_auth_external : add group authentification * Wed Dec 19 2001 Philippe Libat <philippe@mandrakesoft.com> 0.8-1mdk - version snf * Tue Oct 09 2001 Philippe Libat <philippe@mandrakesoft.com> 0.7-1mdk - fix httpd-naat config file -> apache 1.3.20 * Mon Aug 27 2001 Renaud Chaillat <rchaillat@mandrakesoft.com> 0.6-1mdk - updates for 8.1 (php4 module) * Mon Apr 30 2001 Philippe Libat <philippe@mandrakesoft.com> 0.5-1mdk - supress htaccess * Wed Apr 03 2001 Florin Grad <florin@mandrakesoft.com> 0.4-3mdk - make the cgi-bin appear - create the links with the SnortSnarf cgi files - add requires on SnortSnarf and on dhcpstatus - copy the cgis in post to %{apacheadmroot}/cgi-bin * Fri Mar 02 2001 Florin Grad <florin@mandrakesoft.com> 0.4-2mdk - add the mime types and nulbanner entries in the conf file * Fri Feb 9 2001 Renaud Chaillat <rchaillat@mandrakesoft.com> 0.4-1mdk - removed some configurations (now in the backend package) * Tue Jan 30 2001 Florin Grad <florin@mandrakesoft.com> 0.3-5mdk - add the vhosts entries (thanks to j-m.dault) for squidGuard - add the squidGuard.cgi and nulbanner.png sources also for sGuard * Thu Jan 25 2001 Philippe Libat <philippe@mandrakesoft.com> 0.3-4mdk - logrotate * Mon Jan 22 2001 Philippe Libat <philippe@mandrakesoft.com> 0.3-3mdk - add diald modules * Thu Jan 18 2001 Philippe Libat <philippe@mandrakesoft.com> 0.3-2mdk - add lvs in msec * Fri Jan 5 2001 Philippe Libat <philippe@mandrakesoft.com> 0.3-1mdk - msec check * Fri Dec 29 2000 Philippe Libat <philippe@mandrakesoft.com> 0.2-6mdk - add /var/log/httpd-naat and /var/www-naat in the msec authorized server list for security level 4 add default admin group for httpd-naat * Tue Dec 26 2000 Warly <warly@mandrakesoft.com> 0.2-5mdk - add httpd-naat in the msec authorized server list for security level 4 * Tue Dec 26 2000 Warly <warly@mandrakesoft.com> 0.2-4mdk - fix init file log dir owner and status displaying * Wed Dec 20 2000 Philippe Libat <philippe@mandrakesoft.com> 0.2-1mdk - mod_auth_external * Wed Oct 4 2000 Philippe Libat <philippe@mandrakesoft.com> 0.1-2mdk - requires * Mon Sep 18 2000 Philippe Libat <philippe@mandrakesoft.com> 0.1-1mdk - Mandrake first spec