demus/mod_security_crs-rpm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: demus:main
Branches Tags
demus:main
demus:copr-test
demus:copr
demus:f40
demus:rawhide
demus:f39
demus:f38
demus:f37
demus:f35
demus:f36
demus:f34
demus:f33
demus:f32
demus:f31
demus:f30
demus:f29
demus:f28
demus:f27
demus:f26
demus:f25
demus:f24
demus:f23
demus:f21
demus:f22
demus:f20
demus:f19
demus:f18
demus:el5
demus:el6
demus:f17
..
compare: demus:el6
Branches Tags
demus:copr-test
demus:copr
demus:main
demus:f40
demus:rawhide
demus:f39
demus:f38
demus:f37
demus:f35
demus:f36
demus:f34
demus:f33
demus:f32
demus:f31
demus:f30
demus:f29
demus:f28
demus:f27
demus:f26
demus:f25
demus:f24
demus:f23
demus:f21
demus:f22
demus:f20
demus:f19
demus:f18
demus:el5
demus:el6
demus:f17

6 Commits
main ... el6

Author SHA1 Message Date
Athmane Madjoudj
74c263e44d Merge branch 'master' into el6 2012-11-15 10:42:31 +01:00
Athmane Madjoudj
64eaf7833c Merge branch 'master' into el6 2012-09-16 17:45:14 +01:00
Athmane Madjoudj
4dea13b67d Fix conflicts 2012-09-13 10:47:40 +01:00
Athmane Madjoudj
6ee5531c68 Merge branch 'master' into el6 
Conflicts:
	mod_security_crs.spec
 2012-09-13 10:41:53 +01:00
Athmane Madjoudj
da246602cf Fix spec for el5 2012-08-28 18:51:57 +01:00
Athmane Madjoudj
3ca8ebab5c Add BuildRoot def for el5 compatibility 2012-08-28 18:42:16 +01:00
4 changed files with 1405 additions and 182 deletions
Show Stats Expand all files Collapse all files

8
.gitignore vendored
View File

@ -2,11 +2,3 @@
/modsecurity-crs_2.2.5.tar.gz
/SpiderLabs-owasp-modsecurity-crs-21197fc.tar.gz
/SpiderLabs-owasp-modsecurity-crs-v2.2.6-0-g3f85c76.tar.gz
/owasp-modsecurity-crs-2.2.8.tar.gz
/SpiderLabs-owasp-modsecurity-crs-2.2.9-19-ga57031b.tar.gz
/owasp-modsecurity-crs-f16e0b1.tar.gz
/owasp-modsecurity-crs-3.0.0.tar.gz
/owasp-modsecurity-crs-3.2.0.tar.gz
/v3.3.0.tar.gz
/v3.3.4.tar.gz
/v4.2.0.tar.gz

1351
mod_security_crs-fix-incompatible-rules.patch Normal file
View File

File diff suppressed because it is too large Load Diff

226
mod_security_crs.spec
View File

@ -1,196 +1,76 @@
%{!?_httpd_confdir: %{expand: %%global _httpd_confdir %%{_sysconfdir}/httpd/conf.d}}
%global git_short 3f85c76
Summary: ModSecurity Core Ruleset
Summary: ModSecurity Rules
Name: mod_security_crs
Version: 4.2.0
Release: 2%{?dist}
License: Apache-2.0
URL: https://coreruleset.org/
Source: https://github.com/coreruleset/coreruleset/archive/refs/tags/v%{version}.tar.gz
BuildArch: noarch
Requires: mod_security >= 2.9.6
Obsoletes: mod_security_crs-extras < 3.0.0
Version: 2.2.6
Release: 3%{?dist}
License: ASL 2.0
URL: http://www.modsecurity.org/
Group: System Environment/Daemons
# Patch0: mod_security_crs-XXX.patch
# Use the following command to generate the tarball:
# wget https://github.com/SpiderLabs/owasp-modsecurity-crs/tarball/GIT_SHORT
Source: SpiderLabs-owasp-modsecurity-crs-v%{version}-0-g%{git_short}.tar.gz
BuildArch: noarch
Requires: mod_security >= 2.7.0
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
%description
This package provides the base rules for mod_security.
%package extras
Summary: Supplementary mod_security rules
Group: System Environment/Daemons
Requires: %name = %version-%release
%description extras
This package provides supplementary rules for mod_security.
%prep
%autosetup -p1 -S gendiff -n coreruleset-%{version}
%setup -q -n SpiderLabs-owasp-modsecurity-crs-%{git_short}
%build
%install
%{__install} -d %{buildroot}%{_sysconfdir}/httpd/modsecurity.d/
%{__install} -d %{buildroot}%{_sysconfdir}/httpd/modsecurity.d/activated_rules
%{__install} -d %{buildroot}%{_sysconfdir}/httpd/modsecurity.d/plugins
%{__install} -d %{buildroot}%{_datarootdir}/mod_modsecurity_crs/rules
%{__install} -d %{buildroot}%{_datarootdir}/mod_modsecurity_crs/plugins
rm -rf %{buildroot}
# To exclude rules (pre/post)
%{__mv} rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf.example %{buildroot}%{_sysconfdir}/httpd/modsecurity.d/activated_rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf
%{__mv} rules/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf.example %{buildroot}%{_sysconfdir}/httpd/modsecurity.d/activated_rules/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf
install -d %{buildroot}%{_sysconfdir}/httpd/modsecurity.d/
install -d %{buildroot}%{_sysconfdir}/httpd/modsecurity.d/activated_rules
%{__install} -m0644 rules/*.conf %{buildroot}%{_datarootdir}/mod_modsecurity_crs/rules/
%{__install} -m0644 rules/*.data %{buildroot}%{_datarootdir}/mod_modsecurity_crs/rules/
%{__install} -m0644 plugins/* %{buildroot}%{_sysconfdir}/httpd/modsecurity.d/plugins/
%{__mv} crs-setup.conf.example %{buildroot}%{_sysconfdir}/httpd/modsecurity.d/crs-setup.conf
install -d %{buildroot}%{_prefix}/lib/modsecurity.d/base_rules
%post
if [ $1 == 1 ]; then
# activate base_rules
for f in `ls %{_datarootdir}/mod_modsecurity_crs/rules/` ; do
%{__ln_s} %{_datarootdir}/mod_modsecurity_crs/rules/$f %{_sysconfdir}/httpd/modsecurity.d/activated_rules/$f;
done
%{__sed} -i '/IncludeOptional modsecurity\.d\/\*\.conf/ a\ IncludeOptional modsecurity.d\/plugins\/*-config.conf\n IncludeOptional modsecurity.d\/plugins\/*-before.conf' %{_httpd_confdir}/mod_security.conf
%{__sed} -i '/Include modsecurity\.d\/\*\.conf/a\ Include modsecurity.d/plugins/*-config.conf\n Include modsecurity.d/plugins/*-before.conf' %{_httpd_confdir}/mod_security.conf
%{__sed} -i '/IncludeOptional modsecurity\.d\/local_rules\/\*\.conf/a\ IncludeOptional modsecurity.d\/plugins\/*-after.conf' %{_httpd_confdir}/mod_security.conf
%{__sed} -i '/Include modsecurity\.d\/local_rules\/\*\.conf/a\ Include modsecurity.d\/plugins\/*-after.conf' %{_httpd_confdir}/mod_security.conf
fi
exit 0
install -d %{buildroot}%{_prefix}/lib/modsecurity.d/optional_rules
install -d %{buildroot}%{_prefix}/lib/modsecurity.d/experimental_rules
install -d %{buildroot}%{_prefix}/lib/modsecurity.d/slr_rules
install -m0644 modsecurity_crs_10_setup.conf.example %{buildroot}%{_sysconfdir}/httpd/modsecurity.d/modsecurity_crs_10_config.conf
install -m0644 base_rules/* %{buildroot}%{_prefix}/lib/modsecurity.d/base_rules/
install -m0644 optional_rules/* %{buildroot}%{_prefix}/lib/modsecurity.d/optional_rules/
install -m0644 experimental_rules/* %{buildroot}%{_prefix}/lib/modsecurity.d/experimental_rules/
install -m0644 slr_rules/* %{buildroot}%{_prefix}/lib/modsecurity.d/slr_rules
# activate base_rules
for f in `ls %{buildroot}/%{_prefix}/lib/modsecurity.d/base_rules/` ; do
ln -s %{_prefix}/lib/modsecurity.d/base_rules/$f %{buildroot}%{_sysconfdir}/httpd/modsecurity.d/activated_rules/$f;
done
%clean
rm -rf %{buildroot}
%preun
if [ $1 == 0 ]; then
%{__sed} -i -E '/Include(Optional)? modsecurity\.d\/plugins/d' %{_httpd_confdir}/mod_security.conf
for f in `ls %{_datarootdir}/mod_modsecurity_crs/rules/` ; do
%{__rm} %{_sysconfdir}/httpd/modsecurity.d/activated_rules/$f;
done
fi
exit 0
%files
%license LICENSE
%doc CHANGES.md README.md
%{_datarootdir}/mod_modsecurity_crs
%{_sysconfdir}/httpd/modsecurity.d/plugins
%doc CHANGELOG INSTALL LICENSE README.md
%config(noreplace) %{_sysconfdir}/httpd/modsecurity.d/activated_rules/*
%config(noreplace) %{_sysconfdir}/httpd/modsecurity.d/crs-setup.conf
%config(noreplace) %{_sysconfdir}/httpd/modsecurity.d/plugins/*
%config(noreplace) %{_sysconfdir}/httpd/modsecurity.d/modsecurity_crs_10_config.conf
%{_prefix}/lib/modsecurity.d/base_rules
%files extras
%{_prefix}/lib/modsecurity.d/optional_rules
%{_prefix}/lib/modsecurity.d/experimental_rules
%{_prefix}/lib/modsecurity.d/slr_rules
%changelog
* Tue Jul 9 2024 Daniel Demus <daniel-fedoauth@demus.dk> - 4.2.0-2
- Prepare for plugins (see https://coreruleset.org/20220112/crs-plugin-mechanism/)
* Thu May 02 2024 Luboš Uhliarik <luhliari@redhat.com> - 4.2.0-1
- new version 4.2.0
- switch to autosetup
* Thu Jan 25 2024 Fedora Release Engineering <releng@fedoraproject.org> - 3.3.4-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sun Jan 21 2024 Fedora Release Engineering <releng@fedoraproject.org> - 3.3.4-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Thu Jul 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 3.3.4-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Tue Jun 06 2023 Luboš Uhliarik <luhliari@redhat.com> - 3.3.4-5
- SPDX migration
* Mon Mar 20 2023 Mikel Olasagasti Uranga <mikel@olasagasti.info> - 3.3.4-4
- Change URL to new official homepage
* Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 3.3.4-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Mon Dec 05 2022 Luboš Uhliarik <luhliari@redhat.com> - 3.3.4-2
- Add Early blocking feature patch again
* Fri Sep 30 2022 Luboš Uhliarik <luhliari@redhat.com> - 3.3.4-1
- new version 3.3.4
* Wed Sep 07 2022 Luboš Uhliarik <luhliari@redhat.com> - 3.3.0-6
- Fix application of early blocking patch
* Wed Aug 31 2022 Luboš Uhliarik <luhliari@redhat.com> - 3.3.0-5
- Backport early blocking feature
* Thu Jul 21 2022 Fedora Release Engineering <releng@fedoraproject.org> - 3.3.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 3.3.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Thu Jul 22 2021 Fedora Release Engineering <releng@fedoraproject.org> - 3.3.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Fri Mar 05 2021 Lubos Uhliarik <luhliari@redhat.com> - 3.2.0-1
- new version 3.2.0
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.0-12
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.0-11
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.0-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.0-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.0-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.0-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Thu Feb 08 2018 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.0-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.0-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Sat Apr 22 2017 Athmane Madjoudj <athmane@fedoraproject.org> - 3.0.0-4
- Exclude rule files should not be symlink
* Sat Apr 22 2017 Athmane Madjoudj <athmane@fedoraproject.org> - 3.0.0-3
- Use versioned obsoletes
- Move away from /lib since rules are data
* Sat Apr 22 2017 Athmane Madjoudj <athmane@fedoraproject.org> - 3.0.0-2
- Fix the install part since extra and experimental rules are not longer included in 3.x
- Remove EL5 bits since EL5/EPEL5 are OEL-ed
- Bump reqs
* Sat Apr 22 2017 Athmane Madjoudj <athmane@fedoraproject.org> - 3.0.0-1
- Update to 3.0.0
- Clean up the spec
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.2.9.20160414git-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Fri Apr 29 2016 Athmane Madjoudj <athmane@fedoraproject.org> 2.2.9.20160414git-1
- Update to 2.9.20160414git
* Tue Mar 08 2016 Athmane Madjoudj <athmane@fedoraproject.org> 2.2.9.20160219git-1
- Update to 2.2.9
- Minor spec cleanup
* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 2.2.8-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.2.8-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.2.8-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.2.8-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Tue Jul 02 2013 Athmane Madjoudj <athmane@fedoraproject.org> 2.2.8-1
- Update to 2.2.8
- Adapt the spec file to new github tarball schema.
- Correct bugus date in the spec file.
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.2.6-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Mon Nov 19 2012 Peter Vrabec <pvrabec@redhat.com> 2.2.6-4
- "extras" subpackage is not provided on RHEL7
* Wed Oct 17 2012 Athmane Madjoudj <athmane@fedoraproject.org> 2.2.6-3
- Remove the patch since we're requiring mod_security >= 2.7.0
- Require mod_security >= 2.7.0
@ -221,7 +101,7 @@ exit 0
* Wed Jun 20 2012 Peter Vrabec <pvrabec@redhat.com> 2.2.4-3
- "extras" subpackage is not provided on RHEL
* Thu May 03 2012 Peter Vrabec <pvrabec@redhat.com> 2.2.4-2
* Wed May 03 2012 Peter Vrabec <pvrabec@redhat.com> 2.2.4-2
- fix fedora-review issues (#816975)
* Thu Apr 19 2012 Peter Vrabec <pvrabec@redhat.com> 2.2.4-1

2
sources
View File

@ -1 +1 @@
SHA512 (v4.2.0.tar.gz) = 041556b2071385c10a4b4a29ad4f926ee86f819f8b9c95f849e76b3d2724d5fc29c21a69f9eba6fd62e7f5709a109a95feca67a19d8c8d1f0410ee2987ac7a6b
99fa2a3ec391c56ac4a92b749b299f35 SpiderLabs-owasp-modsecurity-crs-v2.2.6-0-g3f85c76.tar.gz