rpms/mod_security_crs
7
0
Fork 0
Code Issues Pull Requests Releases Activity

- Use versioned obsoletes

Browse Source 
- Move away from /lib since rules are data
This commit is contained in:
Athmane Madjoudj 2017-04-22 14:54:50 +01:00
parent 544ea44c25
commit 8fe62d788a
1 changed files with 11 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
mod_security_crs.spec
View File

@ -1,14 +1,14 @@
Summary: ModSecurity Rules Summary: ModSecurity Rules
Name: mod_security_crs Name: mod_security_crs
Version: 3.0.0 Version: 3.0.0
Release: 2%{?dist} Release: 3%{?dist}
License: ASL 2.0 License: ASL 2.0
URL: https://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project URL: https://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project
Group: System Environment/Daemons Group: System Environment/Daemons
Source: https://github.com/SpiderLabs/owasp-modsecurity-crs/archive/v%{version}/owasp-modsecurity-crs-%{version}.tar.gz Source: https://github.com/SpiderLabs/owasp-modsecurity-crs/archive/v%{version}/owasp-modsecurity-crs-%{version}.tar.gz
BuildArch: noarch BuildArch: noarch
Requires: mod_security >= 2.8.0 Requires: mod_security >= 2.8.0
Obsoletes: mod_security_crs-extras Obsoletes: mod_security_crs-extras < 3.0.0
%description %description
This package provides the base rules for mod_security. This package provides the base rules for mod_security.
@ -22,18 +22,18 @@ This package provides the base rules for mod_security.
install -d %{buildroot}%{_sysconfdir}/httpd/modsecurity.d/ install -d %{buildroot}%{_sysconfdir}/httpd/modsecurity.d/
install -d %{buildroot}%{_sysconfdir}/httpd/modsecurity.d/activated_rules install -d %{buildroot}%{_sysconfdir}/httpd/modsecurity.d/activated_rules
install -d %{buildroot}%{_prefix}/lib/modsecurity.d/base_rules install -d %{buildroot}%{_datarootdir}/mod_modsecurity_crs/rules
# To exclude rules (pre/post) # To exclude rules (pre/post)
mv rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf.example rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf mv rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf.example rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf
mv rules/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf.example rules/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf mv rules/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf.example rules/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf
install -m0644 rules/* %{buildroot}%{_prefix}/lib/modsecurity.d/base_rules/ install -m0644 rules/* %{buildroot}%{_datarootdir}/mod_modsecurity_crs/rules/
mv crs-setup.conf.example %{buildroot}%{_sysconfdir}/httpd/modsecurity.d/crs-setup.conf mv crs-setup.conf.example %{buildroot}%{_sysconfdir}/httpd/modsecurity.d/crs-setup.conf
# activate base_rules # activate base_rules
for f in `ls %{buildroot}/%{_prefix}/lib/modsecurity.d/base_rules/` ; do for f in `ls %{buildroot}%{_datarootdir}/mod_modsecurity_crs/rules/` ; do
ln -s %{_prefix}/lib/modsecurity.d/base_rules/$f %{buildroot}%{_sysconfdir}/httpd/modsecurity.d/activated_rules/$f; ln -s %{_datarootdir}/mod_modsecurity_crs/rules/$f %{buildroot}%{_sysconfdir}/httpd/modsecurity.d/activated_rules/$f;
done done
@ -42,9 +42,13 @@ done
%doc CHANGES README.md %doc CHANGES README.md
%config(noreplace) %{_sysconfdir}/httpd/modsecurity.d/activated_rules/* %config(noreplace) %{_sysconfdir}/httpd/modsecurity.d/activated_rules/*
%config(noreplace) %{_sysconfdir}/httpd/modsecurity.d/crs-setup.conf %config(noreplace) %{_sysconfdir}/httpd/modsecurity.d/crs-setup.conf
%{_prefix}/lib/modsecurity.d/base_rules %{_datarootdir}/mod_modsecurity_crs
%changelog %changelog
* Sat Apr 22 2017 Athmane Madjoudj <athmane@fedoraproject.org> - 3.0.0-3
- Use versioned obsoletes
- Move away from /lib since rules are data
* Sat Apr 22 2017 Athmane Madjoudj <athmane@fedoraproject.org> - 3.0.0-2 * Sat Apr 22 2017 Athmane Madjoudj <athmane@fedoraproject.org> - 3.0.0-2
- Fix the install part since extra and experimental rules are not longer included in 3.x - Fix the install part since extra and experimental rules are not longer included in 3.x
- Remove EL5 bits since EL5/EPEL5 are OEL-ed - Remove EL5 bits since EL5/EPEL5 are OEL-ed