From 474c73e94ac494c5f32d8f70c49cc88c636d9521 Mon Sep 17 00:00:00 2001 From: Daniel Steiner Date: Wed, 6 Sep 2023 07:46:23 +0200 Subject: [PATCH] Gitea update, openidc update, Lynis package added --- alma/SPECS/lynis.spec | 91 ++++++++++++++++++++++++++++++ alma/SPECS/mod_auth_openidc.spec | 5 +- centos/SPECS/lynis.spec | 91 ++++++++++++++++++++++++++++++ centos/SPECS/mod_auth_openidc.spec | 5 +- fedora/SPECS/gitea.spec | 5 +- fedora/SPECS/lynis.spec | 91 ++++++++++++++++++++++++++++++ fedora/SPECS/mod_auth_openidc.spec | 5 +- fedora/SPECS/zabbix.spec | 11 ++-- 8 files changed, 296 insertions(+), 8 deletions(-) create mode 100644 alma/SPECS/lynis.spec create mode 100644 centos/SPECS/lynis.spec create mode 100644 fedora/SPECS/lynis.spec diff --git a/alma/SPECS/lynis.spec b/alma/SPECS/lynis.spec new file mode 100644 index 0000000..5b6d97e --- /dev/null +++ b/alma/SPECS/lynis.spec @@ -0,0 +1,91 @@ +%if 0%{?el6} + %global bashcompdir /usr/share/bash-completion/ +%else + %global bashcompdir %(pkg-config --variable=completionsdir bash-completion) +%endif + +Name: lynis +Version: 3.0.9 +Release: 2%{?dist} +Summary: Security and system auditing tool +License: GPL-3.0-only +URL: https://cisofy.com/lynis/ +Source0: https://cisofy.com/files/%{name}-%{version}.tar.gz +Patch0: 1386.patch +Patch1: %{name}-egrep.patch +BuildArch: noarch +BuildRequires: bash-completion +BuildRequires: git-core +%if 0%{?el6} +BuildRequires: procps +%else +BuildRequires: procps-ng +%endif +Requires: audit +Requires: e2fsprogs +Requires: module-init-tools + +%description +Lynis is an auditing and hardening tool for Unix/Linux and you might even call +it a compliance tool. It scans the system and installed software. Then it +performs many individual security control checks. It determines the hardening +state of the machine, detects security issues and provides suggestions to +improve the security defense of the system. + +%prep +%setup -n %{name} +%patch0 -p1 +%patch1 + +%build +# nothing to do + +%install +mkdir -p %{buildroot}%{_sysconfdir}/%{name} +install -p default.prf %{buildroot}%{_sysconfdir}/%{name} + +mkdir -p %{buildroot}%{_bindir} +install -p lynis %{buildroot}%{_bindir} + +mkdir -p %{buildroot}%{_mandir}/man8 +install -p lynis.8 %{buildroot}%{_mandir}/man8 + +mkdir -p %{buildroot}%{_datadir}/%{name}/include/ +# Forced by upstream. Otherwise these scripts can't be executed. +install -p include/* %{buildroot}%{_datadir}/%{name}/include/ +chmod 644 %{buildroot}%{_datadir}/%{name}/include/* + +mkdir -p %{buildroot}%{_datadir}/%{name}/plugins/ +install -p plugins/* %{buildroot}%{_datadir}/%{name}/plugins/ + +cp -pR db/ %{buildroot}%{_datadir}/%{name}/ + +mkdir -p %{buildroot}%{bashcompdir} +install -p extras/bash_completion.d/lynis %{buildroot}%{bashcompdir}/ + +mkdir -p %{buildroot}%{_localstatedir}/log/ +touch %{buildroot}%{_localstatedir}/log/lynis.log +touch %{buildroot}%{_localstatedir}/log/lynis-report.dat + +#check +# Sanity check +#./lynis audit system --quick --pentest + +%files +%doc CHANGELOG* CONTRIBUTORS* FAQ* README* +%doc extras/systemd/ +%license LICENSE +%{_bindir}/lynis +%{bashcompdir}/* +%{_datadir}/lynis/ +%{_mandir}/man8/lynis.8* +%dir %{_sysconfdir}/%{name} +%config(noreplace) %{_sysconfdir}/%{name}/default.prf +%ghost %{_localstatedir}/log/lynis.log +%ghost %{_localstatedir}/log/lynis-report.dat + +%changelog +* Sun Aug 13 2023 Daniel Steiner +- First build for Fedora 38. +- Updates the original 3.0.8 release rpm. + diff --git a/alma/SPECS/mod_auth_openidc.spec b/alma/SPECS/mod_auth_openidc.spec index c6ed14f..176ad97 100644 --- a/alma/SPECS/mod_auth_openidc.spec +++ b/alma/SPECS/mod_auth_openidc.spec @@ -14,7 +14,7 @@ %global httpd_pkg_cache_dir /var/cache/httpd/mod_auth_openidc Name: mod_auth_openidc -Version: 2.4.14.1 +Version: 2.4.14.3 Release: 1%{?dist} Summary: OpenID Connect auth module for Apache HTTP Server @@ -94,6 +94,9 @@ install -m 700 -d $RPM_BUILD_ROOT%{httpd_pkg_cache_dir}/cache %dir %attr(0700, apache, apache) %{httpd_pkg_cache_dir}/cache %changelog +* Wed Sep 6 2023 Daniel Steiner +- Update to 2.4.14.3. + * Sun May 28 2023 Daniel Steiner - Update to 2.4.14.1. diff --git a/centos/SPECS/lynis.spec b/centos/SPECS/lynis.spec new file mode 100644 index 0000000..5b6d97e --- /dev/null +++ b/centos/SPECS/lynis.spec @@ -0,0 +1,91 @@ +%if 0%{?el6} + %global bashcompdir /usr/share/bash-completion/ +%else + %global bashcompdir %(pkg-config --variable=completionsdir bash-completion) +%endif + +Name: lynis +Version: 3.0.9 +Release: 2%{?dist} +Summary: Security and system auditing tool +License: GPL-3.0-only +URL: https://cisofy.com/lynis/ +Source0: https://cisofy.com/files/%{name}-%{version}.tar.gz +Patch0: 1386.patch +Patch1: %{name}-egrep.patch +BuildArch: noarch +BuildRequires: bash-completion +BuildRequires: git-core +%if 0%{?el6} +BuildRequires: procps +%else +BuildRequires: procps-ng +%endif +Requires: audit +Requires: e2fsprogs +Requires: module-init-tools + +%description +Lynis is an auditing and hardening tool for Unix/Linux and you might even call +it a compliance tool. It scans the system and installed software. Then it +performs many individual security control checks. It determines the hardening +state of the machine, detects security issues and provides suggestions to +improve the security defense of the system. + +%prep +%setup -n %{name} +%patch0 -p1 +%patch1 + +%build +# nothing to do + +%install +mkdir -p %{buildroot}%{_sysconfdir}/%{name} +install -p default.prf %{buildroot}%{_sysconfdir}/%{name} + +mkdir -p %{buildroot}%{_bindir} +install -p lynis %{buildroot}%{_bindir} + +mkdir -p %{buildroot}%{_mandir}/man8 +install -p lynis.8 %{buildroot}%{_mandir}/man8 + +mkdir -p %{buildroot}%{_datadir}/%{name}/include/ +# Forced by upstream. Otherwise these scripts can't be executed. +install -p include/* %{buildroot}%{_datadir}/%{name}/include/ +chmod 644 %{buildroot}%{_datadir}/%{name}/include/* + +mkdir -p %{buildroot}%{_datadir}/%{name}/plugins/ +install -p plugins/* %{buildroot}%{_datadir}/%{name}/plugins/ + +cp -pR db/ %{buildroot}%{_datadir}/%{name}/ + +mkdir -p %{buildroot}%{bashcompdir} +install -p extras/bash_completion.d/lynis %{buildroot}%{bashcompdir}/ + +mkdir -p %{buildroot}%{_localstatedir}/log/ +touch %{buildroot}%{_localstatedir}/log/lynis.log +touch %{buildroot}%{_localstatedir}/log/lynis-report.dat + +#check +# Sanity check +#./lynis audit system --quick --pentest + +%files +%doc CHANGELOG* CONTRIBUTORS* FAQ* README* +%doc extras/systemd/ +%license LICENSE +%{_bindir}/lynis +%{bashcompdir}/* +%{_datadir}/lynis/ +%{_mandir}/man8/lynis.8* +%dir %{_sysconfdir}/%{name} +%config(noreplace) %{_sysconfdir}/%{name}/default.prf +%ghost %{_localstatedir}/log/lynis.log +%ghost %{_localstatedir}/log/lynis-report.dat + +%changelog +* Sun Aug 13 2023 Daniel Steiner +- First build for Fedora 38. +- Updates the original 3.0.8 release rpm. + diff --git a/centos/SPECS/mod_auth_openidc.spec b/centos/SPECS/mod_auth_openidc.spec index a62d82e..856992d 100644 --- a/centos/SPECS/mod_auth_openidc.spec +++ b/centos/SPECS/mod_auth_openidc.spec @@ -14,7 +14,7 @@ %global httpd_pkg_cache_dir /var/cache/httpd/mod_auth_openidc Name: mod_auth_openidc -Version: 2.4.14.1 +Version: 2.4.14.3 Release: 1%{?dist} Summary: OpenID Connect auth module for Apache HTTP Server @@ -92,6 +92,9 @@ install -m 700 -d $RPM_BUILD_ROOT%{httpd_pkg_cache_dir}/cache %dir %attr(0700, apache, apache) %{httpd_pkg_cache_dir}/cache %changelog +* Wed Sep 6 2023 Daniel Steiner +- Update to 2.4.14.3. + * Sun May 28 2023 Daniel Steiner - Update to 2.4.14.1. diff --git a/fedora/SPECS/gitea.spec b/fedora/SPECS/gitea.spec index 3b945f8..e7d1e16 100644 --- a/fedora/SPECS/gitea.spec +++ b/fedora/SPECS/gitea.spec @@ -1,5 +1,5 @@ Name: gitea -Version: 1.20.2 +Version: 1.20.3 Release: 1%{?dist} Summary: Gitea is a painless self-hosted Git service. %define MyVersion %version @@ -84,6 +84,9 @@ getent passwd gitea > /dev/null || \ %changelog +* Wed Sep 6 2023 Daniel Steiner +- Update to 1.20.3. + * Wed Aug 2 2023 Daniel Steiner - Update to 1.20.2. diff --git a/fedora/SPECS/lynis.spec b/fedora/SPECS/lynis.spec new file mode 100644 index 0000000..1fc66aa --- /dev/null +++ b/fedora/SPECS/lynis.spec @@ -0,0 +1,91 @@ +%if 0%{?el6} + %global bashcompdir /usr/share/bash-completion/ +%else + %global bashcompdir %(pkg-config --variable=completionsdir bash-completion) +%endif + +Name: lynis +Version: 3.0.9 +Release: 2%{?dist} +Summary: Security and system auditing tool +License: GPL-3.0-only +URL: https://cisofy.com/lynis/ +Source0: https://cisofy.com/files/%{name}-%{version}.tar.gz +Patch0: 1386.patch +Patch1: %{name}-egrep.patch +BuildArch: noarch +BuildRequires: bash-completion +BuildRequires: git-core +%if 0%{?el6} +BuildRequires: procps +%else +BuildRequires: procps-ng +%endif +Requires: audit +Requires: e2fsprogs +Requires: module-init-tools + +%description +Lynis is an auditing and hardening tool for Unix/Linux and you might even call +it a compliance tool. It scans the system and installed software. Then it +performs many individual security control checks. It determines the hardening +state of the machine, detects security issues and provides suggestions to +improve the security defense of the system. + +%prep +%setup -n %{name} +%patch -P0 -p1 +%patch -P1 + +%build +# nothing to do + +%install +mkdir -p %{buildroot}%{_sysconfdir}/%{name} +install -p default.prf %{buildroot}%{_sysconfdir}/%{name} + +mkdir -p %{buildroot}%{_bindir} +install -p lynis %{buildroot}%{_bindir} + +mkdir -p %{buildroot}%{_mandir}/man8 +install -p lynis.8 %{buildroot}%{_mandir}/man8 + +mkdir -p %{buildroot}%{_datadir}/%{name}/include/ +# Forced by upstream. Otherwise these scripts can't be executed. +install -p include/* %{buildroot}%{_datadir}/%{name}/include/ +chmod 644 %{buildroot}%{_datadir}/%{name}/include/* + +mkdir -p %{buildroot}%{_datadir}/%{name}/plugins/ +install -p plugins/* %{buildroot}%{_datadir}/%{name}/plugins/ + +cp -pR db/ %{buildroot}%{_datadir}/%{name}/ + +mkdir -p %{buildroot}%{bashcompdir} +install -p extras/bash_completion.d/lynis %{buildroot}%{bashcompdir}/ + +mkdir -p %{buildroot}%{_localstatedir}/log/ +touch %{buildroot}%{_localstatedir}/log/lynis.log +touch %{buildroot}%{_localstatedir}/log/lynis-report.dat + +#check +# Sanity check +#./lynis audit system --quick --pentest + +%files +%doc CHANGELOG* CONTRIBUTORS* FAQ* README* +%doc extras/systemd/ +%license LICENSE +%{_bindir}/lynis +%{bashcompdir}/* +%{_datadir}/lynis/ +%{_mandir}/man8/lynis.8* +%dir %{_sysconfdir}/%{name} +%config(noreplace) %{_sysconfdir}/%{name}/default.prf +%ghost %{_localstatedir}/log/lynis.log +%ghost %{_localstatedir}/log/lynis-report.dat + +%changelog +* Sun Aug 13 2023 Daniel Steiner +- First build for Fedora 38. +- Updates the original 3.0.8 release rpm. + diff --git a/fedora/SPECS/mod_auth_openidc.spec b/fedora/SPECS/mod_auth_openidc.spec index 132fe08..143515e 100644 --- a/fedora/SPECS/mod_auth_openidc.spec +++ b/fedora/SPECS/mod_auth_openidc.spec @@ -14,7 +14,7 @@ %global httpd_pkg_cache_dir /var/cache/httpd/mod_auth_openidc Name: mod_auth_openidc -Version: 2.4.14.1 +Version: 2.4.14.3 Release: 1%{?dist} Summary: OpenID Connect auth module for Apache HTTP Server @@ -94,6 +94,9 @@ install -m 700 -d $RPM_BUILD_ROOT%{httpd_pkg_cache_dir}/cache %dir %attr(0700, apache, apache) %{httpd_pkg_cache_dir}/cache %changelog +* Wed Sep 6 2023 Daniel Steiner +- Update to 2.4.14.3. + * Sun May 28 2023 Daniel Steiner - Update to 2.4.14.1. diff --git a/fedora/SPECS/zabbix.spec b/fedora/SPECS/zabbix.spec index ecdde9f..2f8ff6e 100644 --- a/fedora/SPECS/zabbix.spec +++ b/fedora/SPECS/zabbix.spec @@ -1,5 +1,5 @@ Name: zabbix -Version: 6.4.5 +Version: 6.4.6 Release: %{?alphatag:%{?alphatag}.}release1%{?dist} Summary: The Enterprise-class open source monitoring solution Group: Applications/Internet @@ -1367,13 +1367,16 @@ if [ $1 = 0 ] && semodule -l | grep -q zabbix_policy; then semodule -r zabbix_po # %changelog -* Wed Aug 2 2023 Zabbix Packager - 6.4.5-release1 +* Fri Aug 25 2023 Zabbix Packager +- update to 6.4.6 + +* Wed Aug 2 2023 Zabbix Packager - update to 6.4.5 -* Fri May 26 2023 Zabbix Packager - 6.4.3-release1 +* Fri May 26 2023 Zabbix Packager - update to 6.4.3 -* Tue May 23 2023 Zabbix Packager - 6.4.3-rc1.release1 +* Tue May 23 2023 Zabbix Packager - update to 6.4.3rc1 * Mon May 15 2023 Zabbix Packager - 6.4.2-release3