代码拉取完成,页面将自动刷新
%{!?_httpd_apxs: %{expand: %%global _httpd_apxs %%{_sbindir}/apxs}}
%{!?_httpd_mmn: %{expand: %%global _httpd_mmn %%(cat %{_includedir}/httpd/.mmn || echo 0-0)}}
%{!?_httpd_modconfdir: %{expand: %%global _httpd_modconfdir %%{_sysconfdir}/httpd/conf.d}}
%{!?_httpd_confdir: %{expand: %%global _httpd_confdir %%{_sysconfdir}/httpd/conf.d}}
%{!?_httpd_moddir: %{expand: %%global _httpd_moddir %%{_libdir}/httpd/modules}}
%global mod_audit_log_collector 0
Name: mod_security
Version: 2.9.8
Release: 1
Summary: Security module for the Apache HTTP Server
License: ASL 2.0
URL: https://www.modsecurity.org/
Source: https://github.com/owasp-modsecurity/ModSecurity/releases/download/v%{version}/modsecurity-v%{version}.tar.gz
Source1: mod_security.conf
Source2: 10-mod_security.conf
Source3: modsecurity_localrules.conf
Patch0001: modsecurity-2.9.3-apulibs.patch
Patch0002: mod_security-2.9.8-remote-rules-timeout.patch
Patch0003: mod_security-2.9.8-format-security.patch
Requires: httpd httpd-mmn = %{_httpd_mmn}
BuildRequires: gcc make perl-generators httpd-devel yajl yajl-devel pcre2-devel
BuildRequires: pkgconfig(lua) pkgconfig(libcurl) pkgconfig(libxml-2.0) pkgconfig(libpcre)
BuildRequires: autoconf automake libtool
%description
This software is also called Modsec,it is an open-source web application firewall.
It is designed for Apache HTTP Server.ModSecurity is commonly deployed to provide
protections against generic classed of vulnerabilities.The install of this package
is easy and you can read the README.TXT for more information.
%if %mod_audit_log_collector
%package -n mlogc
Summary: Collect mod_security audit log
Requires: mod_security
%description -n mlogc
This package collects mod_security audit log.
%endif
%prep
%autosetup -p1 -n modsecurity-v%{version}
%build
./autogen.sh
%configure --enable-pcre-match-limit=1000000 \
--enable-pcre-match-limit-recursion=1000000 \
--with-apxs=%{_httpd_apxs} \
--with-yajl \
--with-pcre2 \
--disable-static
sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool
sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool
%make_build
%install
install -d %{buildroot}%{_bindir}
install -d %{buildroot}%{_sbindir}
install -d %{buildroot}%{_httpd_moddir}
install -m0755 apache2/.libs/mod_security2.so %{buildroot}%{_httpd_moddir}/mod_security2.so
install -d %{buildroot}%{_sysconfdir}/httpd/modsecurity.d/
install -d %{buildroot}%{_sysconfdir}/httpd/modsecurity.d/local_rules
install -d %{buildroot}%{_sysconfdir}/httpd/modsecurity.d/activated_rules
install -m 700 -d $RPM_BUILD_ROOT%{_localstatedir}/lib/%{name}
install -Dp -m0644 %{S:3} %{buildroot}%{_sysconfdir}/httpd/modsecurity.d/local_rules/
%if "%{_httpd_modconfdir}" != "%{_httpd_confdir}"
install -Dp -m0644 %{S:1} %{buildroot}%{_httpd_confdir}/mod_security.conf
sed -i 's/Include/IncludeOptional/' %{buildroot}%{_httpd_confdir}/mod_security.conf
install -Dp -m0644 %{S:2} %{buildroot}%{_httpd_modconfdir}/10-mod_security.conf
%else
install -d -m0755 %{buildroot}%{_httpd_confdir}
cat %{S:2} %{S:1} > %{buildroot}%{_httpd_confdir}/mod_security.conf
%endif
%if %mod_audit_log_collector
install -d %{buildroot}%{_localstatedir}/log/mlogc
install -d %{buildroot}%{_localstatedir}/log/mlogc/data
install -m0644 mlogc/mlogc-default.conf %{buildroot}%{_sysconfdir}/mlogc.conf
install -m0755 mlogc/mlogc %{buildroot}%{_bindir}/mlogc
install -m0755 mlogc/mlogc-batch-load.pl %{buildroot}%{_bindir}/mlogc-batch-load
%endif
%files
%license LICENSE
%doc README.* NOTICE CHANGES
%{_httpd_moddir}/mod_security2.so
%config(noreplace) %{_httpd_confdir}/*.conf
%if "%{_httpd_modconfdir}" != "%{_httpd_confdir}"
%config(noreplace) %{_httpd_modconfdir}/*.conf
%endif
%dir %{_sysconfdir}/httpd/modsecurity.d
%dir %{_sysconfdir}/httpd/modsecurity.d/local_rules
%dir %{_sysconfdir}/httpd/modsecurity.d/activated_rules
%attr(770,apache,root) %dir %{_localstatedir}/lib/%{name}
%config(noreplace) %{_sysconfdir}/httpd/modsecurity.d/local_rules/*.conf
%if %mod_audit_log_collector
%files -n mlogc
%doc mlogc/INSTALL
%attr(0755,root,root) %dir %{_localstatedir}/log/mlogc
%attr(0770,root,apache) %dir %{_localstatedir}/log/mlogc/data
%attr(0640,root,apache) %config(noreplace) %{_sysconfdir}/mlogc.conf
%attr(0755,root,root) %{_bindir}/mlogc-batch-load
%attr(0755,root,root) %{_bindir}/mlogc
%endif
%changelog
* Mon Sep 09 2024 Funda Wang <fundawang@yeah.net> - 2.9.8-1
- update to 2.9.8
* Mon Jul 17 2023 chenchen <chen_aka_jan@163.com> - 2.9.7-1
- Upgrade to version 2.9.7
* Mon Jan 9 2023 yaoguangzhong <yaoguangzhong@xfusion.com> - 2.9.5-8
- backport allow no-key, single-value JSON body
* Sat Jan 7 2023 yaoguangzhong <yaoguangzhong@xfusion.com> - 2.9.5-7
- backport Set SecStatusEngine Off in modsecurity.conf-recommended
* Sat Jan 7 2023 yaoguangzhong <yaoguangzhong@xfusion.com> - 2.9.5-6
- backport fix memory leak that occurs on JSON parsing error
* Sat Jan 7 2023 yaoguangzhong <yaoguangzhong@xfusion.com> - 2.9.5-5
- backport Add SecRequestBodyJsonDepthLimit to modsecurity.conf-recommended
* Fri Jan 6 2023 yaoguangzhong <yaoguangzhong@xfusion.com> - 2.9.5-4
- backport properly cleanup XML parser contexts upon completion
* Fri Jan 6 2023 yaoguangzhong <yaoguangzhong@xfusion.com> - 2.9.5-3
- backport use uid if user name is not available
* Fri Jan 7 2022 liyanan <liyanan32@huawei.com> - 2.9.5-2
- Fix build fail with lua 5.4.3
* Tue Dec 14 2021 yaoxin <yaoxin30@huawei.com> - 2.9.5-1
- Upgrade mod_security to 2.9.5 for fix CVE-2021-42717
* Wed Nov 20 2019 openEuler Buildteam <buildteam@openeuler.org> - 2.9.2-7
- Type:enhancement
- Id:NA
- SUG:NA
- DESC:modify the spec
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。
马建仓 AI 助手