From 56204520f7e50c2ebf6ce0653ce1d4e5aab8ee45 Mon Sep 17 00:00:00 2001 From: Daniel Steiner Date: Sat, 4 Nov 2023 11:03:01 +0100 Subject: [PATCH] Crowdsec package added (with dependency) for alma 9 --- alma/SPECS/crowdsec.spec | 244 +++++++++++++++++++++++++++++ alma/SPECS/perl-Sort-Versions.spec | 177 +++++++++++++++++++++ 2 files changed, 421 insertions(+) create mode 100644 alma/SPECS/crowdsec.spec create mode 100644 alma/SPECS/perl-Sort-Versions.spec diff --git a/alma/SPECS/crowdsec.spec b/alma/SPECS/crowdsec.spec new file mode 100644 index 0000000..26e318d --- /dev/null +++ b/alma/SPECS/crowdsec.spec @@ -0,0 +1,244 @@ + +Name: crowdsec +Version: 1.5.5 +Release: 1%{?dist} +Summary: Crowdsec - An open-source, lightweight agent to detect and respond to bad behaviors. It also automatically benefits from our global community-wide IP reputation database + +License: MIT +URL: https://crowdsec.net +Source0: https://github.com/crowdsecurity/%{name}/archive/%{name}-release.tgz +Source1: 80-%{name}.preset +Patch0: crowdsec.unit.patch +Patch1: user.patch +BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) + +%define debug_package %{nil} +%define _build_id_links none + +BuildRequires: systemd +Requires: crontabs +%{?fc33:BuildRequires: systemd-rpm-macros} +%{?fc34:BuildRequires: systemd-rpm-macros} +%{?fc35:BuildRequires: systemd-rpm-macros} +%{?fc36:BuildRequires: systemd-rpm-macros} + + +%description + +%define version_number %(echo $VERSION) +%define releasever %(echo $RELEASEVER) +%global name crowdsec +%global __mangle_shebangs_exclude_from /usr/bin/env + +%prep +%setup -q -T -b 0 -n %{name}-v%{version} + +%patch -P 0 +%patch -P 1 + +%build +sed -i "s#/usr/local/lib/crowdsec/plugins/#%{_libdir}/%{name}/plugins/#g" config/config.yaml + +%install +rm -rf %{buildroot} +mkdir -p %{buildroot}/etc/crowdsec/hub +mkdir -p %{buildroot}/etc/crowdsec/patterns +mkdir -p %{buildroot}/etc/crowdsec/console/ +mkdir -p %{buildroot}%{_sharedstatedir}/%{name}/data +mkdir -p %{buildroot}%{_presetdir} + +mkdir -p %{buildroot}%{_sharedstatedir}/%{name}/plugins +mkdir -p %{buildroot}%{_sysconfdir}/crowdsec/notifications/ +mkdir -p %{buildroot}%{_libdir}/%{name}/plugins/ + + +install -m 755 -D cmd/crowdsec/crowdsec %{buildroot}%{_bindir}/%{name} +install -m 755 -D cmd/crowdsec-cli/cscli %{buildroot}%{_bindir}/cscli +install -m 755 -D wizard.sh %{buildroot}/usr/share/crowdsec/wizard.sh +install -m 644 -D config/crowdsec.service %{buildroot}%{_unitdir}/%{name}.service +install -m 644 -D config/patterns/* -t %{buildroot}%{_sysconfdir}/crowdsec/patterns +install -m 600 -D config/config.yaml %{buildroot}%{_sysconfdir}/crowdsec +install -m 644 -D config/simulation.yaml %{buildroot}%{_sysconfdir}/crowdsec +install -m 644 -D config/profiles.yaml %{buildroot}%{_sysconfdir}/crowdsec +install -m 644 -D config/console.yaml %{buildroot}%{_sysconfdir}/crowdsec +install -m 644 -D config/context.yaml %{buildroot}%{_sysconfdir}/crowdsec/console/ +install -m 750 -D config/%{name}.cron.daily %{buildroot}%{_sysconfdir}/cron.daily/%{name} +install -m 644 -D %{SOURCE1} %{buildroot}%{_presetdir} + +install -m 551 cmd/notification-slack/notification-slack %{buildroot}%{_libdir}/%{name}/plugins/ +install -m 551 cmd/notification-http/notification-http %{buildroot}%{_libdir}/%{name}/plugins/ +install -m 551 cmd/notification-splunk/notification-splunk %{buildroot}%{_libdir}/%{name}/plugins/ +install -m 551 cmd/notification-email/notification-email %{buildroot}%{_libdir}/%{name}/plugins/ +install -m 551 cmd/notification-sentinel/notification-sentinel %{buildroot}%{_libdir}/%{name}/plugins/ + +install -m 600 cmd/notification-slack/slack.yaml %{buildroot}%{_sysconfdir}/crowdsec/notifications/ +install -m 600 cmd/notification-http/http.yaml %{buildroot}%{_sysconfdir}/crowdsec/notifications/ +install -m 600 cmd/notification-splunk/splunk.yaml %{buildroot}%{_sysconfdir}/crowdsec/notifications/ +install -m 600 cmd/notification-email/email.yaml %{buildroot}%{_sysconfdir}/crowdsec/notifications/ +install -m 600 cmd/notification-sentinel/sentinel.yaml %{buildroot}%{_sysconfdir}/crowdsec/notifications/ + + +%clean +rm -rf %{buildroot} + +%files +%defattr(-,root,root,-) +%{_bindir}/%{name} +%{_bindir}/cscli +%{_datadir}/%{name}/wizard.sh +%{_libdir}/%{name}/plugins/notification-slack +%{_libdir}/%{name}/plugins/notification-http +%{_libdir}/%{name}/plugins/notification-splunk +%{_libdir}/%{name}/plugins/notification-email +%{_libdir}/%{name}/plugins/notification-sentinel +%{_sysconfdir}/%{name}/patterns/linux-syslog +%{_sysconfdir}/%{name}/patterns/ruby +%{_sysconfdir}/%{name}/patterns/nginx +%{_sysconfdir}/%{name}/patterns/junos +%{_sysconfdir}/%{name}/patterns/cowrie_honeypot +%{_sysconfdir}/%{name}/patterns/redis +%{_sysconfdir}/%{name}/patterns/firewalls +%{_sysconfdir}/%{name}/patterns/paths +%{_sysconfdir}/%{name}/patterns/java +%{_sysconfdir}/%{name}/patterns/postgresql +%{_sysconfdir}/%{name}/patterns/bacula +%{_sysconfdir}/%{name}/patterns/mcollective +%{_sysconfdir}/%{name}/patterns/rails +%{_sysconfdir}/%{name}/patterns/haproxy +%{_sysconfdir}/%{name}/patterns/nagios +%{_sysconfdir}/%{name}/patterns/mysql +%{_sysconfdir}/%{name}/patterns/ssh +%{_sysconfdir}/%{name}/patterns/tcpdump +%{_sysconfdir}/%{name}/patterns/exim +%{_sysconfdir}/%{name}/patterns/bro +%{_sysconfdir}/%{name}/patterns/modsecurity +%{_sysconfdir}/%{name}/patterns/aws +%{_sysconfdir}/%{name}/patterns/smb +%{_sysconfdir}/%{name}/patterns/mongodb +%config(noreplace) %{_sysconfdir}/%{name}/config.yaml +%config(noreplace) %{_sysconfdir}/%{name}/simulation.yaml +%config(noreplace) %{_sysconfdir}/%{name}/profiles.yaml +%config(noreplace) %{_sysconfdir}/%{name}/console.yaml +%config(noreplace) %{_sysconfdir}/%{name}/console/context.yaml +%config(noreplace) %{_presetdir}/80-%{name}.preset +%config(noreplace) %{_sysconfdir}/%{name}/notifications/http.yaml +%config(noreplace) %{_sysconfdir}/%{name}/notifications/slack.yaml +%config(noreplace) %{_sysconfdir}/%{name}/notifications/splunk.yaml +%config(noreplace) %{_sysconfdir}/%{name}/notifications/email.yaml +%config(noreplace) %{_sysconfdir}/%{name}/notifications/sentinel.yaml +%config(noreplace) %{_sysconfdir}/cron.daily/%{name} + +%{_unitdir}/%{name}.service + +%ghost %{_sysconfdir}/%{name}/hub/.index.json +%ghost %{_localstatedir}/log/%{name}.log +%dir /var/lib/%{name}/data/ +%dir %{_sysconfdir}/%{name}/hub + +%ghost %{_sysconfdir}/crowdsec/local_api_credentials.yaml +%ghost %{_sysconfdir}/crowdsec/online_api_credentials.yaml +%ghost %{_sysconfdir}/crowdsec/acquis.yaml + +%pre + +#systemctl stop crowdsec || true + +if [ $1 == 2 ];then + if [[ ! -d /var/lib/crowdsec/backup ]]; then + cscli config backup /var/lib/crowdsec/backup + fi +fi + + +%post -p /bin/bash + +#install +if [ $1 == 1 ]; then + + if [ ! -f "/var/lib/crowdsec/data/crowdsec.db" ] ; then + touch /var/lib/crowdsec/data/crowdsec.db + fi + + echo $SHELL + . /usr/share/crowdsec/wizard.sh -n + + echo Creating acquisition configuration + if [ ! -f "/etc/crowsec/acquis.yaml" ] ; then + set +e + SILENT=true detect_services + SILENT=true TMP_ACQUIS_FILE_SKIP=skip genacquisition + set +e + fi + if [ ! -f "%{_sysconfdir}/crowdsec/online_api_credentials.yaml" ] && [ ! -f "%{_sysconfdir}/crowdsec/local_api_credentials.yaml" ] ; then + install -m 600 /dev/null %{_sysconfdir}/crowdsec/online_api_credentials.yaml + install -m 600 /dev/null %{_sysconfdir}/crowdsec/local_api_credentials.yaml + cscli capi register + cscli machines add -a + fi + if [ ! -f "%{_sysconfdir}/crowdsec/online_api_credentials.yaml" ] ; then + touch %{_sysconfdir}/crowdsec/online_api_credentials.yaml + cscli capi register + fi + if [ ! -f "%{_sysconfdir}/crowdsec/local_api_credentials.yaml" ] ; then + touch %{_sysconfdir}/crowdsec/local_api_credentials.yaml + cscli machines add -a + fi + + cscli hub update + CSCLI_BIN_INSTALLED="/usr/bin/cscli" SILENT=true install_collection + +#upgrade +elif [ $1 == 2 ] && [ -d /var/lib/crowdsec/backup ]; then + cscli config restore /var/lib/crowdsec/backup + if [ $? == 0 ]; then + rm -rf /var/lib/crowdsec/backup + fi + + if [[ -f %{_sysconfdir}/crowdsec/online_api_credentials.yaml ]] ; then + chmod 600 %{_sysconfdir}/crowdsec/online_api_credentials.yaml + fi + + if [[ -f %{_sysconfdir}/crowdsec/local_api_credentials.yaml ]] ; then + chmod 600 %{_sysconfdir}/crowdsec/local_api_credentials.yaml + fi +fi + +%systemd_post %{name}.service + +if [ $1 == 1 ]; then + API=$(cscli config show --key "Config.API.Server") + if [ "$API" = "" ] ; then + LAPI=false + else + PORT=$(cscli config show --key "Config.API.Server.ListenURI"|cut -d ":" -f2) + fi + if [ "$LAPI" = false ] || [ -z "$(ss -nlt "sport = ${PORT}" | grep -v ^State)" ] ; then + %if 0%{?fc35} || 0%{?fc36} + systemctl enable crowdsec + %endif + systemctl start crowdsec || echo "crowdsec is not started" + else + echo "Not attempting to start crowdsec, port ${PORT} is already used or lapi was disabled" + echo "This port is configured through /etc/crowdsec/config.yaml and /etc/crowdsec/local_api_credentials.yaml" + fi +fi + +%preun + +#systemctl stop crowdsec || echo "crowdsec was not started" + +%systemd_preun %{name}.service + +%postun + +%systemd_postun_with_restart %{name}.service + +if [ $1 == 0 ]; then + rm -rf /etc/crowdsec/hub +fi + +#systemctl stop crowdsec || echo "crowdsec was not started" + +%changelog +* Sat Nov 4 2023 Daniel Steiner +- First initial packaging diff --git a/alma/SPECS/perl-Sort-Versions.spec b/alma/SPECS/perl-Sort-Versions.spec new file mode 100644 index 0000000..88d5902 --- /dev/null +++ b/alma/SPECS/perl-Sort-Versions.spec @@ -0,0 +1,177 @@ +Name: perl-Sort-Versions +Version: 1.62 +Release: 13%{?dist} +Summary: Perl module for sorting of revision-like numbers +License: GPL+ or Artistic +URL: https://metacpan.org/release/Sort-Versions +Source0: https://cpan.metacpan.org/modules/by-module/Sort/Sort-Versions-%{version}.tar.gz + +BuildArch: noarch +BuildRequires: perl-generators +BuildRequires: perl(ExtUtils::MakeMaker) +BuildRequires: perl(strict) +BuildRequires: perl(warnings) +BuildRequires: perl-Test-Simple +Requires: perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version)) + +%description +A perl 5 module for sorting of revision-like numbers + +Sort::Versions allows easy sorting of mixed non-numeric and numeric strings, +like the 'version numbers' that many shared library systems and revision +control packages use. This is quite useful if you are trying to deal with +shared libraries. It can also be applied to applications that intersperse +variable-width numeric fields within text. Other applications can +undoubtedly be found. + +%prep +%setup -q -n Sort-Versions-%{version} + +%build +%{__perl} Makefile.PL INSTALLDIRS=vendor NO_PACKLIST=1 +make %{?_smp_mflags} + +%install +make pure_install PERL_INSTALL_ROOT=$RPM_BUILD_ROOT +%{_fixperms} $RPM_BUILD_ROOT/* + +%check +make test + +%files +%doc Changes +%license LICENSE +%{perl_vendorlib}/Sort +%{_mandir}/man3/* + +%changelog +* Fri Jul 26 2019 Fedora Release Engineering - 1.62-13 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Thu May 30 2019 Jitka Plesnikova - 1.62-12 +- Perl 5.30 rebuild + +* Sat Feb 02 2019 Fedora Release Engineering - 1.62-11 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Fri Jul 13 2018 Fedora Release Engineering - 1.62-10 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + +* Wed Jun 27 2018 Jitka Plesnikova - 1.62-9 +- Perl 5.28 rebuild + +* Fri Feb 09 2018 Fedora Release Engineering - 1.62-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Thu Jul 27 2017 Fedora Release Engineering - 1.62-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Sun Jun 04 2017 Jitka Plesnikova - 1.62-6 +- Perl 5.26 rebuild + +* Sat Feb 11 2017 Fedora Release Engineering - 1.62-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Sun May 15 2016 Jitka Plesnikova - 1.62-4 +- Perl 5.24 rebuild + +* Thu Feb 04 2016 Fedora Release Engineering - 1.62-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Sat Jan 30 2016 Ralf Corsépius - 1.62-2 +- Modernize spec. + +* Thu Dec 17 2015 Ralf Corsépius - 1.62-1 +- Update to 1.62. +- Remove iconv. + +* Thu Jun 18 2015 Fedora Release Engineering - 1.61-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Wed Jun 03 2015 Jitka Plesnikova - 1.61-2 +- Perl 5.22 rebuild + +* Sun May 03 2015 Ralf Corsépius - 1.61-1 +- Upstream update. +- Add %%license. + +* Tue Aug 26 2014 Jitka Plesnikova - 1.60-2 +- Perl 5.20 rebuild + +* Tue Jun 24 2014 Ralf Corsépius - 1.60-1 +- Upstream update. +- Modernize spec. + +* Sat Jun 07 2014 Fedora Release Engineering - 1.5-24 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Sun Aug 04 2013 Fedora Release Engineering - 1.5-23 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + +* Wed Jul 17 2013 Petr Pisar - 1.5-22 +- Perl 5.18 rebuild + +* Thu Feb 14 2013 Fedora Release Engineering - 1.5-21 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + +* Fri Jul 20 2012 Fedora Release Engineering - 1.5-20 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Fri Jun 08 2012 Petr Pisar - 1.5-19 +- Perl 5.16 rebuild + +* Fri Jan 13 2012 Fedora Release Engineering - 1.5-18 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild + +* Fri Jun 17 2011 Marcela Mašláňová - 1.5-17 +- Perl mass rebuild + +* Wed Feb 09 2011 Fedora Release Engineering - 1.5-16 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild + +* Wed Dec 22 2010 Marcela Maslanova - 1.5-15 +- 661697 rebuild for fixing problems with vendorach/lib + +* Thu May 06 2010 Marcela Maslanova - 1.5-14 +- Mass rebuild with perl-5.12.0 + +* Mon Dec 7 2009 Stepan Kasal - 1.5-13 +- rebuild against perl 5.10.1 + +* Sun Jul 26 2009 Fedora Release Engineering - 1.5-12 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + +* Thu Mar 19 2009 Stepan Kasal - 1.5-11 +- fix timestamps of the recoded text files + +* Mon Mar 16 2009 Stepan Kasal - 1.5-10 +- Recode as UTF-8, fix argument order find with -depth (both by Paul Howarth) +- Other minor cleanups + +* Thu Feb 26 2009 Fedora Release Engineering - 1.5-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild + +* Fri Feb 8 2008 Tom "spot" Callaway - 1.5-8 +- rebuild for new perl + +* Fri Aug 17 2007 Ralf Corsépius - 1.5-7 +- Add BR: perl(Test::More). + +* Fri Aug 17 2007 Ralf Corsépius - 1.5-6 +- Update license tag. +- Reflect perl split. + +* Tue Sep 05 2006 Ralf Corsépius - 1.5-5 +- Mass rebuild. + +* Tue Feb 28 2006 Ralf Corsépius - 1.5-4 +- Rebuild for perl-5.8.8. + +* Wed Aug 17 2005 Ralf Corsepius - 1.5-3 +- Spec cleanup. + +* Wed Aug 10 2005 Ralf Corsepius - 1.5-2 +- FE re-submission. + +* Fri Jul 01 2005 Ralf Corsepius - 1.5-1 +- FE submission.