File: stenographer.spec

package info (click to toggle)
stenographer 0.0~git20180422.0.73ce5dd-1
  • links: PTS, VCS
  • area: main
  • in suites: buster
  • size: 19,112 kB
  • sloc: cpp: 2,062; sh: 782; yacc: 257; makefile: 102
file content (127 lines) | stat: -rw-r--r-- 4,325 bytes parent folder | download | duplicates (4) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
 
# I'd rather use `jq -r '.sha' to parse this out, but can't get it into mock
%global commit0 %(curl https://api.github.com/repos/google/stenographer/commits/master | awk 'NR==2{print $0}' | awk -F'"' '{print $4}')
%global shortcommit0 %(c=%{commit0}; echo ${c:0:7})
%global builddate %(date +%Y%m%d)

# NOTE: If you are creating an SRPM, you should hard-code the commit and datestamp to 
# ensure consistency as follow. NOTE: remove all the #'s. rpmlint doesn't like commented
# macros
#%#global commit0 844b5a4e538b4a560550b227c28ac911833713dd
#%#global shortcommit0 %#(c=%#{commit0}; echo ${c:0:7})
#%#global builddate 20170607

# https://bugzilla.redhat.com/show_bug.cgi?id=995136#c12
%global _dwz_low_mem_die_limit 0

Name:           stenographer
Version:        0
Release:        1.%{builddate}git%{shortcommit0}%{?dist}
Summary:        A high-speed packet capture solution that provides indexed access

License:        Apache License, 2.0
URL:            https://github.com/google/stenographer
Source0:        https://github.com/google/%{name}/archive/%{commit0}.tar.gz#/%{name}-%{commit0}.tar.gz

BuildRequires:  libaio-devel, leveldb-devel, snappy-devel, gcc-c++, make
BuildRequires:  libpcap-devel, libseccomp-devel, git
BuildRequires:  golang


Requires:       libaio, leveldb, snappy, libpcap, libseccomp
Requires:       tcpdump, curl, rpmlib(FileCaps), jq, systemd
Requires(pre):  shadow-utils

%{?systemd_requires}
BuildRequires:  systemd

%description
Stenographer is a full-packet-capture utility for buffering packets to disk for
intrusion detection and incident response purposes. It provides a high-
performance implementation of NIC-to-disk packet writing, handles deleting those
files as disk fills up, and provides methods for reading back specific sets of
packets quickly and easily.

%prep
%autosetup -n %{name}-%{commit0}

%build
# Build stenographer

export GOPATH=$(pwd):%{gopath}

#Get go deps
go get golang.org/x/text/encoding
#go get golang.org/x/text/encoding/unicode
go get golang.org/x/text/transform

# I don't understand go enough to figure out how to do this cleanly
# It complains that it can't install the project subdirs into GOPATH
# But `go build` works below regardless
set +e
go get ./...
set -e

# *** ERROR: No build ID note found in /.../BUILDROOT/etcd-2.0.0-1.rc1.fc22.x86_64/usr/bin/etcd
go build -o %{name} -a -ldflags "-B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \n')" -v -x "$@";

# Build stenotype
(cd stenotype; make %{?_smp_mflags} )

%install
rm -rf %{buildroot}

# Install binaries & scripts
install -d %{buildroot}%{_bindir}
install -p -m 755 %{name} %{buildroot}%{_bindir}
install -p -m 755 stenotype/stenotype %{buildroot}%{_bindir}
install -p -m 755 stenoread %{buildroot}%{_bindir}
install -p -m 755 stenocurl %{buildroot}%{_bindir}
install -p -m 755 stenokeys.sh %{buildroot}%{_bindir}

# Install configuration and service files
install -d %{buildroot}%{_sysconfdir}/%{name}/certs
install -p -m 644 configs/steno.conf   %{buildroot}%{_sysconfdir}/%{name}/config

install -d %{buildroot}%{_sysconfdir}/security/limits.d
install -p -m 644 configs/limits.conf  %{buildroot}%{_sysconfdir}/security/limits.d/stenographer.conf

install -d %{buildroot}%{_unitdir}
install -p -m 644 configs/systemd.conf %{buildroot}%{_unitdir}/stenographer.service

%files
%doc README.md DESIGN.md LICENSE

%attr(0500, stenographer, root) %{_bindir}/stenographer
%attr(0500, stenographer, root) %caps(cap_net_admin,cap_net_raw,cap_ipc_lock=ep) %{_bindir}/stenotype
%{_bindir}/stenoread
%{_bindir}/stenocurl
%{_bindir}/stenokeys.sh

%{_sysconfdir}/stenographer
%attr(0750, stenographer, stenographer) %{_sysconfdir}/stenographer/certs
%config(noreplace) %{_sysconfdir}/stenographer/*

%{_sysconfdir}/security/limits.d/stenographer.conf
%{_unitdir}/stenographer.service

%pre
getent group stenographer  || groupadd -r stenographer
getent passwd stenographer || useradd -r -g stenographer -d / -s /sbin/nologin \
  -c "Stenographer service account" stenographer
exit 0

%post
%systemd_post %{name}.service

%preun
%systemd_preun %{name}.service

%postun
%systemd_postun_with_restart %{name}.service

%changelog

* Wed Jun 7 2017 Derek Ditch <derek@rocknsm.io>
- Added datestamp to allow for proper RPM progression
- Minor cleanups in SPEC file
- Added systemd as build-time dependency