demus/mod_security_crs-rpm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Debug

Browse Source
This commit is contained in:
Daniel Demus 2024-07-15 16:18:27 +02:00
parent ce33c379d1
commit 336d424d9c
1 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
mod_security_crs.spec
View File

@ -3,7 +3,7 @@
Summary: ModSecurity Core Ruleset Summary: ModSecurity Core Ruleset
Name: mod_security_crs Name: mod_security_crs
Version: 4.2.0 Version: 4.2.0
Release: 2%{?dist} Release: 10%{?dist}
License: Apache-2.0 License: Apache-2.0
URL: https://coreruleset.org/ URL: https://coreruleset.org/
Source: https://github.com/coreruleset/coreruleset/archive/refs/tags/v%{version}.tar.gz Source: https://github.com/coreruleset/coreruleset/archive/refs/tags/v%{version}.tar.gz
@ -40,22 +40,28 @@ This package provides the base rules for mod_security.
%post %post
if [ $1 == 1 ]; then if [ $1 == 1 ]; then
# activate base_rules # activate base_rules
echo "Activate base rules"
for f in `ls %{_datarootdir}/mod_modsecurity_crs/rules/` ; do for f in `ls %{_datarootdir}/mod_modsecurity_crs/rules/` ; do
%{__ln_s} %{_datarootdir}/mod_modsecurity_crs/rules/$f %{_sysconfdir}/httpd/modsecurity.d/activated_rules/$f; %{__ln_s} %{_datarootdir}/mod_modsecurity_crs/rules/$f %{_sysconfdir}/httpd/modsecurity.d/activated_rules/$f;
done done
echo "Adding to conf"
%{__sed} -i '/IncludeOptional modsecurity\.d\/\*\.conf/ a\ IncludeOptional modsecurity.d\/plugins\/*-config.conf\n IncludeOptional modsecurity.d\/plugins\/*-before.conf' %{_httpd_confdir}/mod_security.conf %{__sed} -i '/IncludeOptional modsecurity\.d\/\*\.conf/ a\ IncludeOptional modsecurity.d\/plugins\/*-config.conf\n IncludeOptional modsecurity.d\/plugins\/*-before.conf' %{_httpd_confdir}/mod_security.conf
%{__sed} -i '/Include modsecurity\.d\/\*\.conf/a\ Include modsecurity.d/plugins/*-config.conf\n Include modsecurity.d/plugins/*-before.conf' %{_httpd_confdir}/mod_security.conf %{__sed} -i '/Include modsecurity\.d\/\*\.conf/a\ Include modsecurity.d/plugins/*-config.conf\n Include modsecurity.d/plugins/*-before.conf' %{_httpd_confdir}/mod_security.conf
%{__sed} -i '/IncludeOptional modsecurity\.d\/local_rules\/\*\.conf/a\ IncludeOptional modsecurity.d\/plugins\/*-after.conf' %{_httpd_confdir}/mod_security.conf %{__sed} -i '/IncludeOptional modsecurity\.d\/local_rules\/\*\.conf/a\ IncludeOptional modsecurity.d\/plugins\/*-after.conf' %{_httpd_confdir}/mod_security.conf
%{__sed} -i '/Include modsecurity\.d\/local_rules\/\*\.conf/a\ Include modsecurity.d\/plugins\/*-after.conf' %{_httpd_confdir}/mod_security.conf %{__sed} -i '/Include modsecurity\.d\/local_rules\/\*\.conf/a\ Include modsecurity.d\/plugins\/*-after.conf' %{_httpd_confdir}/mod_security.conf
echo "Done"
fi fi
exit 0 exit 0
%preun %preun
if [ $1 == 0 ]; then if [ $1 == 0 ]; then
echo "Removing from conf"
%{__sed} -i -E '/Include(Optional)? modsecurity\.d\/plugins/d' %{_httpd_confdir}/mod_security.conf %{__sed} -i -E '/Include(Optional)? modsecurity\.d\/plugins/d' %{_httpd_confdir}/mod_security.conf
echo "Deactivate base rules"
for f in `ls %{_datarootdir}/mod_modsecurity_crs/rules/` ; do for f in `ls %{_datarootdir}/mod_modsecurity_crs/rules/` ; do
%{__rm} %{_sysconfdir}/httpd/modsecurity.d/activated_rules/$f; %{__rm} %{_sysconfdir}/httpd/modsecurity.d/activated_rules/$f;
done done
echo "Done"
fi fi
exit 0 exit 0