blob: 5a99ba2cc037518b0d19f596739408e12e5b91a9 (
plain)
#!/bin/sh
# Slackware build script for ModSecurity
# Written by pyllyukko
PRGNAM=modsecurity-apache
VERSION=${VERSION:-2.6.8}
BUILD=${BUILD:-1}
TAG=${TAG:-_SBo}
CRS_VERSION="2.2.6"
if [ -z "$ARCH" ]; then
case "$( uname -m )" in
i?86) ARCH=i486 ;;
arm*) ARCH=arm ;;
*) ARCH=$( uname -m ) ;;
esac
fi
CWD=$(pwd)
TMP=${TMP:-/tmp/SBo}
PKG=$TMP/package-$PRGNAM
OUTPUT=${OUTPUT:-/tmp}
if [ "$ARCH" = "i486" ]; then
SLKCFLAGS="-O2 -march=i486 -mtune=i686"
LIBDIRSUFFIX=""
elif [ "$ARCH" = "i686" ]; then
SLKCFLAGS="-O2 -march=i686 -mtune=i686"
LIBDIRSUFFIX=""
elif [ "$ARCH" = "x86_64" ]; then
SLKCFLAGS="-O2 -fPIC"
LIBDIRSUFFIX="64"
else
SLKCFLAGS="-O2"
LIBDIRSUFFIX=""
fi
# The package can be verified with Breno Silva Pinto's PGP key (0x6980F8B0)
# If we have GPG installed, we try to verify the signature.
if [ -x "/usr/bin/gpg" -a -x "/usr/bin/gpgv" ]
then
set +e
# This will check if we have the correct key in our keyring.
# For the trustedkeys.gpg, see "man 1 gpgv".
/usr/bin/gpg --keyring trustedkeys.gpg --no-default-keyring --list-keys 0x6980F8B0 &>/dev/null
GPG_RET=${?}
# 2 means we don't have his key, 0 means we do.
set -e
# If we have the key and the signature file, we verify the package with GPG
if [ ${GPG_RET} -eq 0 -a \
-f "${CWD}/${PRGNAM}_${VERSION}.tar.gz.asc" ]
then
/usr/bin/gpgv "${CWD}/${PRGNAM}_${VERSION}.tar.gz.asc"
fi
fi
set -e
rm -rf $PKG
mkdir -p $TMP $PKG $OUTPUT
cd $TMP
rm -rf ${PRGNAM}_${VERSION}
tar xvf $CWD/${PRGNAM}_${VERSION}.tar.gz
cd ${PRGNAM}_${VERSION}
tar xvf $CWD/modsecurity-crs_${CRS_VERSION}.tar.gz
chown -R root:root .
find -L . \
\( -perm 777 -o -perm 775 -o -perm 750 -o -perm 711 -o -perm 555 -o -perm 511 \) \
-exec chmod 755 {} \; -o \
\( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
-exec chmod 644 {} \;
# Fix location of http module.
# It's messy, actually, as the Makefile has a hardcoded libdir and also copies
# the lib to the httpd/modules directory without using the DESTDIR, really
# INSTALLing the library even when we only want to create a package :(
sed \
-e "/^pkglibdir/s|/lib|/lib${LIBDIRSUFFIX}|" \
-e "s|\$(APXS_MODULES)|\$(DESTDIR)\$(APXS_MODULES)|" \
-i apache2/Makefile.in
# oh, and since it wanted to install locally, we need to manually create the
# directory in the package...
mkdir -p $PKG/$(apxs -q LIBEXECDIR)
CFLAGS="$SLKCFLAGS" \
CXXFLAGS="$SLKCFLAGS" \
./configure \
--prefix=/usr \
--build=$ARCH-slackware-linux
make
make install-strip DESTDIR=$PKG
# It leaves two copies of the library, we'll only need one
rm $PKG/usr/lib${LIBDIRSUFFIX}/*.so
mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION
cp -a \
CHANGES LICENSE NOTICE README.TXT README_WINDOWS.TXT authors.txt doc/Reference_Manual.html \
$PKG/usr/doc/$PRGNAM-$VERSION
cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild
mkdir -p $PKG/etc/httpd/extra
cat modsecurity.conf-recommended > $PKG/etc/httpd/extra/modsecurity-recommended.conf.new
# The Core Rule Set
mkdir -p ${PKG}/etc/httpd/crs
cp -Rv modsecurity-crs_${CRS_VERSION}/* ${PKG}/etc/httpd/crs
cat modsecurity-crs_${CRS_VERSION}/modsecurity_crs_10_setup.conf.example > \
${PKG}/etc/httpd/crs/modsecurity_crs_10_setup.conf.new
mkdir -p $PKG/install
cat $CWD/slack-desc > $PKG/install/slack-desc
cat $CWD/doinst.sh > $PKG/install/doinst.sh
cd $PKG
/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.${PKGTYPE:-tgz}
|
