specs/t/tripwire/tripwire-vl.spec

Summary: Checks to see if files have changed on your system.
Summary(ja): システムが改ざんされていないか検査するツール
Name: tripwire
Version: 1.2
Release: 5vl2
License: BSD
Group: Applications/System
Source0: ftp://ftp.cert.org/pub/tools/tripwire/tripwire-1.2.tar.Z
Source2: tripwire.verify
Patch0: tripwire-1.2-rhlinux.patch
Patch1: tripwire-1.2-security.patch
ExclusiveArch: %{ix86} sparc
BuildRoot: %{_tmppath}/%{name}-%{version}-root
Vendor: Project Vine
Distribution: Vine Linux

%description
Tripwire is a very valuable security tool for Linux systems, if it is
installed to a clean system.  Tripwire should be installed right after
the OS installation, and before you have connected your system to a
network (i.e., before any possibility exists that someone could alter
files on your system).

When Tripwire is initially set up, it creates a database that records
certain file information.  Then when it is run, it compares a designated
set of files and directories to the information stored in the database.
Added or deleted files are flagged and reported, as are any files that
have changed from their previously recorded state in the database.  When
Tripwire is run against system files on a regular basis, any file changes
will be spotted when Tripwire is run.  Tripwire will report the changes,
which will give system administrators a clue that they need to enact
damage control measures immediately if certain files have been altered.

Extra-paranoid Tripwire users will set it up to run once a week and email
the results to themselves.  Then if the emails stop coming, you'll know
someone has gotten to the Tripwire program...

%description -l ja
tripwire は「私のシステムは昨日と同じだろうか？」という基本的な疑問に
答えるツールです。tripwire は設定されたポリシーに従ってファイルやその
性質の暗号化されたデータベースを作成します。このデータベースは、シス
テムに対して何らかの不信な変更が加えられていないかを検証するために用い
られます。

%prep
%setup -q -c
tar -C .. -xf T1.2.tar
%patch0 -p1 -b .sopwith
%patch1 -p1 -b .mike

%build
make RPM_OPT_FLAGS="$RPM_OPT_FLAGS -ggdb"

%install
rm -rf %{buildroot}

mkdir -p %{buildroot}/usr/sbin 
mkdir -p %{buildroot}%{_mandir}/man{1,5,8} 
mkdir -p %{buildroot}/etc/cron.daily 
mkdir -p %{buildroot}/var/spool/tripwire

make TOPDIR=%{buildroot}  MANDIR=%{buildroot}%{_mandir} install

install -m 600 lib/tw.config %{buildroot}/etc/tw.config
install -m 700 $RPM_SOURCE_DIR/tripwire.verify %{buildroot}/etc/cron.daily

chmod 700 %{buildroot}/var/spool/tripwire
chmod 700 %{buildroot}/usr/sbin/*

chmod -R 644 FAQ Changelog INTERNALS README README.FIRST Readme 
chmod -R 644 TODO WHATSNEW docs/*
chmod 755 docs

#%post
#cd /var/spool/tripwire
#(/usr/sbin/tripwire -initialize 2>&1 | \
# /bin/mail -s "Tripwire initialization report" root ) \
# && mv databases/tw.db_* . && rm -rf databases &

%clean
rm -rf %{buildroot}

%files
%defattr(-,root,root)
%doc FAQ Changelog INTERNALS README README.FIRST Readme TODO WHATSNEW docs
%dir /var/spool/tripwire
%config /etc/tw.config
%config /etc/cron.daily/tripwire.verify
/usr/sbin/tripwire
/usr/sbin/siggen
%{_mandir}/man5/tw.config.5*
%{_mandir}/man8/tripwire.8*
%{_mandir}/man8/siggen.8*

%changelog
* Thu Feb 07 2002 Toru Sagami <sagami@vinelinux.org> 1.2-5vl2
- install man pages into %%{_mandir}
- ExclusiveArch: %%{ix86} instead of i386

* Thu Sep 21 2000 Yoshihiro Kajiki <kajiki@ylug.org>
- 1.2-5vl1 rebuild for VineSeed based on powertool's [1.2-5]
- add Japanese summarys and descriptions

* Thu Jan 13 2000 Tim Powers <timp@redhat.com>
- commented out the post initialization script, was tripping people up.

* Thu Jul 22 1999 Tim Powers <timp@redhat.com>
- rebuilt for 6.1

* Thu Feb 11 1999 Michael Maher <mike@redhat.com>
- added security patch for bug #693

* Thu Sep 10 1998 Michael Maher <mike@redhat.com>
- built package from elliot's