>From f9199eedfa6b54b8f3542d03740ada8c57e98e69 Mon Sep 17 00:00:00 2001 From: Shawn Wells Date: Mon, 2 Apr 2012 13:19:24 -0400 Subject: [PATCH] Added 'make rpm' First crack at creating a 'make rpm' command. (1) 'make rpm' now exists, you can use that or 'make all' for desired effect. RPMs will be placed into ${OUT}/RPMS until they get a bit more vetted (2) I put a few notes inside of the 'make rpm' section, please follow them! There is an expectation that rpm-build is installed as is your rpmbuild directory structure. (3) I have the RPM install to /usr/local/scap-security-guide/. We can easily change this, thoughts and patches welcome. (4) For this initial build I'm on RHEL6. It *should* work for Fedora but testing is needed. --- rhel6/src/.gitignore | 1 + rhel6/src/Makefile | 35 ++++++++++- .../input/rpmbuild/scap-security-guide-alpha.spec | 64 ++++++++++++++++++++ rhel6/src/output/.gitignore | 5 ++ 4 files changed, 102 insertions(+), 3 deletions(-) create mode 100644 rhel6/src/input/rpmbuild/scap-security-guide-alpha.spec diff --git a/rhel6/src/.gitignore b/rhel6/src/.gitignore index e69de29..4852292 100644 --- a/rhel6/src/.gitignore +++ b/rhel6/src/.gitignore @@ -0,0 +1 @@ +scap-security-guide-*/ diff --git a/rhel6/src/Makefile b/rhel6/src/Makefile index 9d62ace..8649f66 100644 --- a/rhel6/src/Makefile +++ b/rhel6/src/Makefile @@ -2,9 +2,9 @@ IN=input OUT=output TRANS=transforms REFS=references -DIST=dist +DIST=scap-security-guide-alpha -all: shorthand-guide shorthand2xccdf tables guide checks content dist +all: shorthand-guide shorthand2xccdf tables guide checks content dist rpm shorthand-guide: xsltproc -o ${OUT}/rhel6-shorthand.xml ${IN}/guide.xslt ${IN}/guide.xml @@ -77,6 +77,35 @@ dist: content guide tables cp ${OUT}/rhel6-table-cnssrefs.html ${DIST}/policytables cp ${OUT}/rhel6-table-dcidrefs.html ${DIST}/policytables +rpm: dist + + # A few quick notes on preparing your system to build the SSG RPMs: + # (1) May the flies of a thousand horses annoy you for eternity + # if you build an RPM as root. Don't do it! + # (2) This build process assumes you have your rpmbuild structure setup + # $ sudo yum -y install rpm-build + # $ mkdir -p ~/rpmbuild/{BUILD,RPMS,SOURCES,SPECS,SRPMS} + # (3) The value if ${DIST} in this Makefile needs to match + # the %{name}-%{version} string from the .spec file, i.e. + # scap-security-guide-alpha + # (4) If you're making an RPM, chances are the code has changed. Make + # sure you update the %changelog in the .spec to reflect what's new + + # copy template .spec over to rpmbuild + cp ${IN}/rpmbuild/scap-security-guide-alpha.spec ${OUT}/ + + # tar up the sources + tar -zcvf ${OUT}/scap-security-guide-alpha.tar.gz ${DIST} + mv ${OUT}/scap-security-guide-alpha.tar.gz ~/rpmbuild/SOURCES/ + + # let's see if a build works + rpmbuild -ba ${OUT}/scap-security-guide-alpha.spec + + # Our RPM(s) will be waiting for us in ${HOMEDIR}, so copy them back + mv ~/rpmbuild/RPMS/ ${OUT}/ + + clean: - rm -f ${OUT}/*.xml ${OUT}/*.html ${OUT}/*.pdf + rm -f ${OUT}/*.xml ${OUT}/*.html ${OUT}/*.pdf ${OUT}/*.spec ${OUT}/*.tar ${OUT}/*.gz ${OUT}/*.ini rm -f ${DIST}/policytables/*.html ${DIST}/guide/*.html ${DIST}/content/*.xml + rm -rf ${OUT}/RPMS/ diff --git a/rhel6/src/input/rpmbuild/scap-security-guide-alpha.spec b/rhel6/src/input/rpmbuild/scap-security-guide-alpha.spec new file mode 100644 index 0000000..01ad83f --- /dev/null +++ b/rhel6/src/input/rpmbuild/scap-security-guide-alpha.spec @@ -0,0 +1,64 @@ +Name: scap-security-guide +Version: alpha +Release: 1%{?dist} +Summary: The scap-security-guide project, or SSG for short, aims to deliver security guidance, baselines, and associated validation mechanisms for Red Hat Enterprise Linux. + +Group: Testing +License: GPL +URL: https://fedorahosted.org/scap-security-guide/ + +Source0: %{name}-%{version}.tar.gz +BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX) + +BuildArch: noarch + +BuildRequires: /bin/rm, /bin/mkdir, /bin/cp +Requires: /bin/bash, /bin/date, /usr/bin/oscap + +%description +Today the SSG project provides guidance against U.S. Government requirements, +including those of the U.S. Department of Defense and U.S. Intelligence Community. +Many U.S. Government policies, such as NIST 800-53 provide prose stating that +System Administrators must audit "privileged user actions," but do not define +what such actions are. The SSG bridges the gap between generalized U.S. +Government Policy and specific implementation guidance. + +To lean more about the SCAP Security Guide project, please +visit https://fedorahosted.org/mailman/listinfo/scap-security-guide. Here +you will be able to find documentation, support, and information on getting +involved in the SCAP Security Guide community. + +%prep +%setup -q + + +%build +#configure +#`make %{?_smp_mflags} + + +%install +rm -rf $RPM_BUILD_ROOT +#make install DESTDIR=$RPM_BUILD_ROOT +mkdir -p $RPM_BUILD_ROOT/usr/local/%{name}/content +mkdir -p $RPM_BUILD_ROOT/usr/local/%{name}/guide +mkdir -p $RPM_BUILD_ROOT/usr/local/%{name}/policytables +mkdir -p $RPM_BUILD_ROOT/usr/local/%{name}/STIG-draft +mkdir -p $RPM_BUILD_ROOT/usr/local/%{name}/USGCB-submission + +cp -r * $RPM_BUILD_ROOT/usr/local/%{name}/ + + +%clean +rm -rf $RPM_BUILD_ROOT + + +%files +%defattr(-,root,root,-) +%doc + +%attr(0750,root,root)/usr/local/scap-security-guide/ + +%changelog +* Mon Apr 02 2012 Shawn Wells 1.0-1 +- First attempt at SSG RPM. May ${diety} help us... diff --git a/rhel6/src/output/.gitignore b/rhel6/src/output/.gitignore index 7206c02..4bbeae5 100644 --- a/rhel6/src/output/.gitignore +++ b/rhel6/src/output/.gitignore @@ -3,3 +3,8 @@ *.html *.pdf *.ini +*.spec +*.tar +*.gz +scap-security-guide-*/ +RPMS/ -- 1.7.1