%{!?_httpd_apxs: %{expand: %%global _httpd_apxs %%{_sbindir}/apxs}} %{!?_httpd_mmn: %{expand: %%global _httpd_mmn %%(cat %{_includedir}/httpd/.mmn || echo 0-0)}} # /etc/httpd/conf.d with httpd < 2.4 and defined as /etc/httpd/conf.modules.d with httpd >= 2.4 %{!?_httpd_modconfdir: %{expand: %%global _httpd_modconfdir %%{_sysconfdir}/httpd/conf.d}} %{!?_httpd_confdir: %{expand: %%global _httpd_confdir %%{_sysconfdir}/httpd/conf.d}} %{!?_httpd_moddir: %{expand: %%global _httpd_moddir %%{_libdir}/httpd/modules}} %global with_mlogc 0%{?fedora} || 0%{?rhel} <= 6 Summary: Security module for the Apache HTTP Server Name: mod_security Version: 3.0.3 Release: 1%{?dist} License: ASL 2.0 URL: http://www.modsecurity.org/ Group: System Environment/Daemons Source: https://www.modsecurity.org/tarball/%{version}/modsecurity-v%{version}.tar.gz Source1: mod_security.conf Source2: 10-mod_security.conf Requires: httpd httpd-mmn = %{_httpd_mmn} BuildRequires: httpd-devel libxml2-devel pcre-devel curl-devel lua-devel %description ModSecurity is an open source intrusion detection and prevention engine for web applications. It operates embedded into the web server, acting as a powerful umbrella - shielding web applications from attacks. %if %with_mlogc %package -n mlogc Summary: ModSecurity Audit Log Collector Group: System Environment/Daemons Requires: mod_security %description -n mlogc This package contains the ModSecurity Audit Log Collector. %endif %prep %setup -q -n modsecurity-v%{version} %build %configure --enable-pcre-match-limit=1000000 \ --enable-pcre-match-limit-recursion=1000000 \ --with-apxs=%{_httpd_apxs} # remove rpath from libtool sed -i.rpath 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool sed -i.rpath 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool make %{_smp_mflags} %check # Test suite does not start because of some issue in shipped httpd config (fix upstreamed in PR #669) # After the fix, the test suite starts but still fails #make test #make test-regression %install rm -rf %{buildroot} install -d %{buildroot}%{_sbindir} install -d %{buildroot}%{_bindir} install -d %{buildroot}%{_httpd_moddir} install -d %{buildroot}%{_sysconfdir}/httpd/modsecurity.d/ install -d %{buildroot}%{_sysconfdir}/httpd/modsecurity.d/activated_rules install -m0755 apache2/.libs/mod_security2.so %{buildroot}%{_httpd_moddir}/mod_security2.so %if "%{_httpd_modconfdir}" != "%{_httpd_confdir}" # 2.4-style install -Dp -m0644 %{SOURCE2} %{buildroot}%{_httpd_modconfdir}/10-mod_security.conf install -Dp -m0644 %{SOURCE1} %{buildroot}%{_httpd_confdir}/mod_security.conf sed -i 's/Include/IncludeOptional/' %{buildroot}%{_httpd_confdir}/mod_security.conf %else # 2.2-style install -d -m0755 %{buildroot}%{_httpd_confdir} cat %{SOURCE2} %{SOURCE1} > %{buildroot}%{_httpd_confdir}/mod_security.conf %endif install -m 700 -d $RPM_BUILD_ROOT%{_localstatedir}/lib/%{name} # mlogc %if %with_mlogc install -d %{buildroot}%{_localstatedir}/log/mlogc install -d %{buildroot}%{_localstatedir}/log/mlogc/data install -m0755 mlogc/mlogc %{buildroot}%{_bindir}/mlogc install -m0755 mlogc/mlogc-batch-load.pl %{buildroot}%{_bindir}/mlogc-batch-load install -m0644 mlogc/mlogc-default.conf %{buildroot}%{_sysconfdir}/mlogc.conf %endif %clean rm -rf %{buildroot} %files %defattr (-,root,root) %doc CHANGES LICENSE README.TXT NOTICE %{_httpd_moddir}/mod_security2.so %config(noreplace) %{_httpd_confdir}/*.conf %if "%{_httpd_modconfdir}" != "%{_httpd_confdir}" %config(noreplace) %{_httpd_modconfdir}/*.conf %endif %dir %{_sysconfdir}/httpd/modsecurity.d %dir %{_sysconfdir}/httpd/modsecurity.d/activated_rules %attr(770,apache,root) %dir %{_localstatedir}/lib/%{name} %if %with_mlogc %files -n mlogc %defattr (-,root,root) %doc mlogc/INSTALL %attr(0640,root,apache) %config(noreplace) %{_sysconfdir}/mlogc.conf %attr(0755,root,root) %dir %{_localstatedir}/log/mlogc %attr(0770,root,apache) %dir %{_localstatedir}/log/mlogc/data %attr(0755,root,root) %{_bindir}/mlogc %attr(0755,root,root) %{_bindir}/mlogc-batch-load %endif %changelog * Thu Jan 22 2019 Daniel Steiner - New 3.x build for Fedora 29.