| 1 |
commit: 3fb285ad4c0756b03f23cc4432388363d14384ce |
| 2 |
Author: Harri Nieminen <moikkis <AT> gmail <DOT> com> |
| 3 |
AuthorDate: Tue Mar 27 13:39:57 2018 +0000 |
| 4 |
Commit: Michał Górny <mgorny <AT> gentoo <DOT> org> |
| 5 |
CommitDate: Thu Mar 29 19:21:31 2018 +0000 |
| 6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3fb285ad |
| 7 |
|
| 8 |
www-apache/modsecurity-crs: Remove old |
| 9 |
|
| 10 |
Closes: https://github.com/gentoo/gentoo/pull/7643 |
| 11 |
Package-Manager: Portage-2.3.24, Repoman-2.3.6 |
| 12 |
|
| 13 |
www-apache/modsecurity-crs/Manifest | 1 - |
| 14 |
.../modsecurity-crs-2.2.6-r1.ebuild | 136 --------------------- |
| 15 |
2 files changed, 137 deletions(-) |
| 16 |
|
| 17 |
diff --git a/www-apache/modsecurity-crs/Manifest b/www-apache/modsecurity-crs/Manifest |
| 18 |
index 350e6b95721..da8c80c1e06 100644 |
| 19 |
--- a/www-apache/modsecurity-crs/Manifest |
| 20 |
+++ b/www-apache/modsecurity-crs/Manifest |
| 21 |
@@ -1,4 +1,3 @@ |
| 22 |
-DIST modsecurity-crs-2.2.6.tar.gz 291070 BLAKE2B 6bb86d3592a08c5ded133838d498ceda1955f2b82e47884b0df0c28e69a80426052019c43ca90dbf30598752c4c0df60b2348675fc0c10ebc3bb4d5b16b352de SHA512 0e6c2735814dd24ba2329bc756e382b0430937a703d492b2ac00f95af6598903961b43013e99cd49240fe6b7a5439a7b1b3e79c3b7a48828465252dafd586165 |
| 23 |
DIST modsecurity-crs-2.2.7.tar.gz 294137 BLAKE2B 399c72d5c52f2914e8f92c813b6ac346bbd2858d34b61ff4845dbbc7671ff7ffa906b43e2d8e3283a5f30b2fec59395b81239c121c953d51d736b009bc86f4bb SHA512 d0d3dac1b391c8ab730cc16546c9508d93c85dd674b2750d12fff99c17e5575b36bea0cf00e06fdd20c2db5dfdbdc3fd7bbaa26502988617632acfde1ee88927 |
| 24 |
DIST modsecurity-crs-2.2.9.tar.gz 279898 BLAKE2B 75e9c5c9fb0fdf3957b17926b923d1d26b44677fc30556bf58d0b44d73918f7f65052714a7c67c53fc312f81a28422025303674f934f085929e8f4b9ea9fc063 SHA512 fc95cfff9d4ba9a4478c704e5d16e4054e514eb3ffb6343706840aad76607f997b4cc4b8b148adc5cb83743ea7996328d35b8556115de29d6a0e034b67591a09 |
| 25 |
DIST modsecurity-crs-3.0.2.tar.gz 156751 BLAKE2B 111a330b6081d476899be321e15d74379b3c3db23f429a4a4ef1900c87e4b29229638acf3bb367745446ef97ccba4679db91b0d84bae93f2c127bbb6e8031851 SHA512 ae8fe9a0f00a57708c8680cb76882214e4f5ff647e13087aaf1bfc7382cefb38d2f3a88eb1f210031b553f56d3e44c12dbdc68f8b0d09fb4a9e2f15a70d885aa |
| 26 |
|
| 27 |
diff --git a/www-apache/modsecurity-crs/modsecurity-crs-2.2.6-r1.ebuild b/www-apache/modsecurity-crs/modsecurity-crs-2.2.6-r1.ebuild |
| 28 |
deleted file mode 100644 |
| 29 |
index ca7ba53a426..00000000000 |
| 30 |
--- a/www-apache/modsecurity-crs/modsecurity-crs-2.2.6-r1.ebuild |
| 31 |
+++ /dev/null |
| 32 |
@@ -1,136 +0,0 @@ |
| 33 |
-# Copyright 1999-2012 Gentoo Foundation |
| 34 |
-# Distributed under the terms of the GNU General Public License v2 |
| 35 |
- |
| 36 |
-EAPI=4 |
| 37 |
- |
| 38 |
-GITHUB_USER=SpiderLabs |
| 39 |
-GITHUB_PROJECT=owasp-${PN} |
| 40 |
- |
| 41 |
-DESCRIPTION="Core Rule Set for ModSecurity" |
| 42 |
-HOMEPAGE="http://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project" |
| 43 |
-SRC_URI="https://github.com/${GITHUB_USER}/${GITHUB_PROJECT}/tarball/v${PV} -> ${P}.tar.gz" |
| 44 |
- |
| 45 |
-LICENSE="Apache-2.0" |
| 46 |
-SLOT="0" |
| 47 |
-KEYWORDS="amd64 ppc sparc x86" |
| 48 |
-IUSE="lua geoip" |
| 49 |
- |
| 50 |
-RDEPEND=">=www-apache/mod_security-2.7[lua?,geoip?]" |
| 51 |
-DEPEND="" |
| 52 |
- |
| 53 |
-S="${WORKDIR}/${P}" |
| 54 |
- |
| 55 |
-RULESDIR=/etc/modsecurity |
| 56 |
-LUADIR=/usr/share/${PN}/lua |
| 57 |
- |
| 58 |
-src_unpack() { |
| 59 |
- default |
| 60 |
- mv "${WORKDIR}/${GITHUB_USER}-${GITHUB_PROJECT}-"* "${P}" || die |
| 61 |
-} |
| 62 |
- |
| 63 |
-src_prepare() { |
| 64 |
- if ! use lua; then |
| 65 |
- # comment out this since it's in the same file as another one we want to keep |
| 66 |
- sed -i -e "/id:'96000[456]'/s:^:#:" \ |
| 67 |
- experimental_rules/modsecurity_crs_61_ip_forensics.conf || die |
| 68 |
- |
| 69 |
- # remove these that rely on the presence of the lua files |
| 70 |
- rm \ |
| 71 |
- experimental_rules/modsecurity_crs_16_scanner_integration.conf \ |
| 72 |
- experimental_rules/modsecurity_crs_40_appsensor_detection_point_2.1_request_exception.conf \ |
| 73 |
- experimental_rules/modsecurity_crs_41_advanced_filters.conf \ |
| 74 |
- experimental_rules/modsecurity_crs_55_response_profiling.conf \ |
| 75 |
- experimental_rules/modsecurity_crs_56_pvi_checks.conf \ |
| 76 |
- || die |
| 77 |
- else |
| 78 |
- # fix up the path to the scripts; there seems to be no |
| 79 |
- # consistency at all on how the rules are loaded. |
| 80 |
- sed -i \ |
| 81 |
- -e "s:/etc/apache2/modsecurity-crs/lua/:${LUADIR}/:" \ |
| 82 |
- -e "s:profile_page_scripts.lua:${LUADIR}/\0:" \ |
| 83 |
- -e "s:/usr/local/apache/conf/crs/lua/:${LUADIR}/:" \ |
| 84 |
- -e "s:/usr/local/apache/conf/modsec_current/base_rules/:${LUADIR}/:" \ |
| 85 |
- -e "s:/etc/apache2/modsecurity-crs/lua/:${LUADIR}/:" \ |
| 86 |
- -e "s:\.\./lua/:${LUADIR}/:" \ |
| 87 |
- *_rules/*.conf || die |
| 88 |
- |
| 89 |
- # fix up the shebang on the scripts |
| 90 |
- sed -i -e "s:/opt/local/bin/lua:/usr/bin/lua:" \ |
| 91 |
- lua/*.lua || die |
| 92 |
- fi |
| 93 |
- |
| 94 |
- sed -i \ |
| 95 |
- -e '/SecGeoLookupDb/s:^:#:' \ |
| 96 |
- -e '/SecGeoLookupDb/a# Gentoo already defines it in 79_modsecurity.conf' \ |
| 97 |
- experimental_rules/modsecurity_crs_61_ip_forensics.conf || die |
| 98 |
- |
| 99 |
- if ! use geoip; then |
| 100 |
- if use lua; then |
| 101 |
- # only comment this out as the file is going to be used for other things |
| 102 |
- sed -i -e "/id:'960007'/,+1 s:^:#:" \ |
| 103 |
- experimental_rules/modsecurity_crs_61_ip_forensics.conf || die |
| 104 |
- else |
| 105 |
- rm experimental_rules/modsecurity_crs_61_ip_forensics.conf || die |
| 106 |
- fi |
| 107 |
- fi |
| 108 |
-} |
| 109 |
- |
| 110 |
-src_install() { |
| 111 |
- insinto "${RULESDIR}" |
| 112 |
- # slr_rules as of 2.2.6 have broken IDs that don't work with |
| 113 |
- # ModSecurity 2.7, but the rules require 2.7 to begin with. |
| 114 |
- doins -r base_rules optional_rules experimental_rules #slr_rules |
| 115 |
- |
| 116 |
- insinto "${LUADIR}" |
| 117 |
- doins lua/*.lua |
| 118 |
- |
| 119 |
- dodoc CHANGELOG README.md |
| 120 |
- |
| 121 |
- ( |
| 122 |
- cat - <<EOF |
| 123 |
-<IfDefine SECURITY> |
| 124 |
-EOF |
| 125 |
- |
| 126 |
- cat modsecurity_crs_10_setup.conf.example |
| 127 |
- |
| 128 |
- cat - <<EOF |
| 129 |
- |
| 130 |
-Include /etc/modsecurity/base_rules/*.conf |
| 131 |
- |
| 132 |
-# Include Trustwave SpiderLabs Research Team rules |
| 133 |
-# Include /etc/modsecurity/slr_rules/*.conf |
| 134 |
-# Not installed yet as of 2.2.6 |
| 135 |
- |
| 136 |
-# Optionally use the other rules as well |
| 137 |
-# Include /etc/modsecurity/optional_rules/*.conf |
| 138 |
-# Include /etc/modsecurity/experimental_rules/*.conf |
| 139 |
-</IfDefine> |
| 140 |
- |
| 141 |
-# -*- apache -*- |
| 142 |
-# vim: ts=4 filetype=apache |
| 143 |
- |
| 144 |
-EOF |
| 145 |
- ) > "${T}"/"80_${PN}.conf" |
| 146 |
- |
| 147 |
- insinto /etc/apache2/modules.d/ |
| 148 |
- doins "${T}"/"80_${PN}.conf" |
| 149 |
-} |
| 150 |
- |
| 151 |
-pkg_postinst() { |
| 152 |
- elog |
| 153 |
- elog "If you want to enable further rules, check the following directories:" |
| 154 |
- elog " ${RULESDIR}/optional_rules" |
| 155 |
- elog " ${RULESDIR}/experimental_rules" |
| 156 |
- elog "" |
| 157 |
- elog "Starting from version 2.0.9, the default for the Core Rule Set is again to block" |
| 158 |
- elog "when rules hit. If you wish to go back to the 2.0.8 method of anomaly scoring, you" |
| 159 |
- elog "should change 80_${PN}.conf so that you have these settings enabled:" |
| 160 |
- elog "" |
| 161 |
- elog " #SecDefaultAction \"phase:2,deny,log\"" |
| 162 |
- elog " SecAction \"phase:1,t:none,nolog,pass,setvar:tx.anomaly_score_blocking=on\"" |
| 163 |
- elog "" |
| 164 |
- elog "Starting from version 2.1.2 rules are installed, for consistency, under" |
| 165 |
- elog "/etc/modsecurity, and can be configured with the following file:" |
| 166 |
- elog " /etc/apache2/modules.d/80_${PN}.conf" |
| 167 |
- elog "" |
| 168 |
-} |
Archives