+ STATUS=0
+ '[' 0 -ne 0 ']'
+ cd ossec
/var/tmp/rpm-tmp.CtNG72: line 36: cd: ossec: No such file or directory
error: Bad exit status from /var/tmp/rpm-tmp.CtNG72 (%prep)
RPM build errors:
Bad exit status from /var/tmp/rpm-tmp.CtNG72 (%prep)
cd '/root/rpmbuild/BUILD'
rm -rf 'ossec'
/usr/bin/gzip -dc '/root/rpmbuild/SOURCES/ossec.tar.gz' | /usr/bin/tar -xvvf -
STATUS=$?
if [ $STATUS -ne 0 ]; then
exit $STATUS
fi
cd 'ossec'
/usr/bin/chmod -Rf a+rX,u+w,g-w,o-w .
--
---
You received this message because you are subscribed to the Google Groups "ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
+ STATUS=0
+ '[' 0 -ne 0 ']'
+ cd ossec
+ /usr/bin/chmod -Rf a+rX,u+w,g-w,o-w .
+ exit 0
Executing(%build): /bin/sh -e /var/tmp/rpm-tmp.Dj8YHy
+ umask 022
+ cd /root/rpmbuild/BUILD
+ cd ossec
+ /bin/cp /usr/local/src/OSSEC-RPM/agent/preloaded-vars.conf /root/rpmbuild/BUILD/ossec/etc/
/bin/cp: cannot stat '/usr/local/src/OSSEC-RPM/agent/preloaded-vars.conf': No such file or directory
error: Bad exit status from /var/tmp/rpm-tmp.Dj8YHy (%build)
Summary: Open Source Host-based Intrusion Detection System (Server)
Name: ossec-hids-agent-FC7
Version: 2.8.3
Release: 1
License: GPLv2
Group: Applications/Security
URL: http://www.ossec.net
Packager: Michael Williams (mave...@maverick.org)
Source: http://www.ossec.net/files/ossec.tar.gz
Requires: /usr/sbin/useradd, /usr/sbin/groupadd, /usr/sbin/groupdel, /usr/sbin/userdel, /sbin/service, /sbin/chkconfig
%description
OSSEC is an Open Source Host-based Intrusion
Detection System. It performs log analysis,
integrity checking, Windows registry monitoring,
rootkit detection, real-time alerting and active
response.
%prep
%setup -n ossec
%build
/bin/cp /usr/local/src/OSSEC-RPM/agent/preloaded-vars.conf ${RPM_BUILD_DIR}/ossec/etc/
./install.sh
%clean
rm -rf $RPM_BUILD_ROOT
%pre
################################################################################
# Create OSSEC group
#
if ! grep "^ossec" /etc/group > /dev/null ; then
/usr/sbin/groupadd ossec
fi
################################################################################
# Create OSSEC users
#
for USER in ossec ; do
if ! grep "^${USER}" /etc/passwd > /dev/null ; then
/usr/sbin/useradd -d /var/ossec -s /bin/false -g ossec ${USER}
fi
done
%post
################################################################################
# Create OSSEC /etc/init.d/ossec file
#
cat <<EOF >> /etc/init.d/ossec
#!/bin/bash
#
# ossec Starts ossec
#
#
# chkconfig: 2345 12 88
# description: OSSEC is an open source host based IDS
### BEGIN INIT INFO
# Provides: $ossec
### END INIT INFO
# Source function library.
. /etc/init.d/functions
[ -f /var/ossec/bin/ossec-control ] || exit 0
RETVAL=0
umask 077
case "\$1" in
start)
/var/ossec/bin/ossec-control start
;;
stop)
/var/ossec/bin/ossec-control stop
;;
status)
/var/ossec/bin/ossec-control status
;;
restart|reload)
/var/ossec/bin/ossec-control restart
;;
*)
echo "Usage: /var/ossec/bin/ossec-control {start|stop|status|restart}"
exit 1
esac
EOF
/bin/chown root.root /etc/init.d/ossec
/bin/chmod 755 /etc/init.d/ossec
################################################################################
# Set configuration so OSSEC starts on reboot
#
/sbin/chkconfig --add ossec
/sbin/chkconfig ossec on
%postun
# Run service command, make sure OSSEC is stopped
/sbin/service ossec stop
# Run chkconfig, stop ossec from starting on boot
/sbin/chkconfig ossec off
/sbin/chkconfig --del ossec
# Remove init.d file
[ -f /etc/init.d/ossec ] && rm /etc/init.d/ossec
# Remove ossec users
for USER in ossec ossecm ossecr ; do
if grep "^${USER}" /etc/passwd > /dev/null ; then
/usr/sbin/userdel -r ${USER}
fi
done
# Remove ossec group
if grep "^ossec" /etc/group > /dev/null ; then
/usr/sbin/groupdel ossec
fi
%files
%doc README BUGS CONFIG CONTRIB INSTALL LICENSE
%dir /var/ossec/
%attr(550, root, ossec) /var/ossec/
%dir /var/ossec/var
%attr(550, root, ossec) /var/ossec/var
%dir /var/ossec/var/run
%attr(770, root, ossec) /var/ossec/var/run
%dir /var/ossec/active-response
%attr(550, root, ossec) /var/ossec/active-response
%dir /var/ossec/active-response/bin
%attr(550, root, ossec) /var/ossec/active-response/bin
/var/ossec/active-response/bin/route-null.sh
%attr(755, root, ossec) /var/ossec/active-response/bin/route-null.sh
/var/ossec/active-response/bin/host-deny.sh
%attr(755, root, ossec) /var/ossec/active-response/bin/host-deny.sh
/var/ossec/active-response/bin/firewall-drop.sh
%attr(755, root, ossec) /var/ossec/active-response/bin/firewall-drop.sh
%dir /var/ossec/active-response/bin/firewalls
%attr(755, root, ossec) /var/ossec/active-response/bin/firewalls
/var/ossec/active-response/bin/firewalls/pf.sh
/var/ossec/active-response/bin/firewalls/ipfw.sh
/var/ossec/active-response/bin/firewalls/ipfw_mac.sh
/var/ossec/active-response/bin/disable-account.sh
%attr(755, root, ossec) /var/ossec/active-response/bin/disable-account.sh
%dir /var/ossec/bin
%attr(550, root, ossec) /var/ossec/bin
/var/ossec/bin/ossec-agentd
%attr(550, root, ossec) /var/ossec/bin/ossec-agentd
/var/ossec/bin/ossec-logcollector
%attr(550, root, ossec) /var/ossec/bin/ossec-logcollector
/var/ossec/bin/ossec-control
%attr(550, root, ossec) /var/ossec/bin/ossec-control
/var/ossec/bin/ossec-syscheckd
%attr(550, root, ossec) /var/ossec/bin/ossec-syscheckd
/var/ossec/bin/manage_agents
%attr(550, root, ossec) /var/ossec/bin/manage_agents
/var/ossec/bin/ossec-execd
%attr(550, root, ossec) /var/ossec/bin/ossec-execd
%dir /var/ossec/etc
%attr(550, root, ossec) /var/ossec/etc
/var/ossec/etc/internal_options.conf
%attr(440, root, ossec) /var/ossec/etc/internal_options.conf
/var/ossec/etc/localtime
%attr(644, root, root) /var/ossec/etc/localtime
%dir /var/ossec/etc/shared
%attr(770, root, ossec) /var/ossec/etc/shared
/var/ossec/etc/shared/win_malware_rcl.txt
%attr(770, root, ossec) /var/ossec/etc/shared/win_malware_rcl.txt
/var/ossec/etc/shared/win_applications_rcl.txt
%attr(770, root, ossec) /var/ossec/etc/shared/win_applications_rcl.txt
/var/ossec/etc/shared/win_audit_rcl.txt
%attr(770, root, ossec) /var/ossec/etc/shared/win_audit_rcl.txt
/var/ossec/etc/shared/rootkit_files.txt
%attr(770, root, ossec) /var/ossec/etc/shared/rootkit_files.txt
/var/ossec/etc/shared/rootkit_trojans.txt
%attr(770, root, ossec) /var/ossec/etc/shared/rootkit_trojans.txt
/var/ossec/etc/ossec.conf
%attr(440, root, ossec) /var/ossec/etc/ossec.conf
%dir /var/ossec/logs
%attr(750, ossec, ossec) /var/ossec/logs
/var/ossec/logs/ossec.log
%attr(664, ossec, ossec) /var/ossec/logs/ossec.log
%dir /var/ossec/queue
%attr(550, root, ossec) /var/ossec/queue
%dir /var/ossec/queue/rids
%attr(775, root, ossec) /var/ossec/queue/rids
%dir /var/ossec/queue/alerts
%attr(550, root, ossec) /var/ossec/queue/alerts
%dir /var/ossec/queue/syscheck
%attr(550, root, ossec) /var/ossec/queue/syscheck
%dir /var/ossec/queue/ossec
%attr(770, ossec, ossec) /var/ossec/queue/ossec
root
user. Building RPM's as root is dangerous, because the binary files are installed on the system before being packaged, thus you must always build as normal user so you won't accidentally pollute your system.%_builddir
. This is often implemented by running some variation of "./configure && make
” not to run install.sh, install.sh need to be executed by root permissions.