rpms / squidGuard

Clone
Source Code
GIT

Files

el5 el6 epel7 epel8 epel8-playground f10 f11 f12 f13 f14 f15 f16 f17 f18 f19 f20 f21 f22 f23 f24 f25 f26 f27 f28 f29 f30 f31 f32 f33 f34 f35 f36 f37 f38 f39 f40 f7 f8 f9 fc6 main rawhide
  1.   f22
  2.   squidGuard.spec
Blob Blame History Raw 
%define _hardened_build 1
%define _default_patch_fuzz 2
# $Id: squidGuard.spec,v 1.22 2009/10/26 13:30:17 limb Exp $

%define			_dbtopdir		%{_var}/%{name}
%define			_dbhomedir		%{_var}/%{name}/blacklists
%define			_cgibin			/var/www/cgi-bin

Name:			squidGuard
Version:		1.4
Release:		26%{?dist}
Summary:		Filter, redirector and access controller plugin for squid

Group:			System Environment/Daemons
License:		GPLv2

Source0:		http://www.squidguard.org/Downloads/squidGuard-%{version}.tar.gz
Source1:		squidGuard.logrotate
Source2:		http://squidguard.mesd.k12.or.us/blacklists.tgz
Source3:		http://cuda.port-aransas.k12.tx.us/squid-getlist.html
Source4:		squidGuard-1.4-patch-20150201.tar.gz

# K12LTSP stuff
Source100:		squidGuard.conf
Source101:		update_squidguard_blacklists
#Source102:		squidguard
#Source103:		transparent-proxying
Source104:		squidGuard.service
Source105:		transparent-proxying.service
Source106:		squidGuard-helper
Source107:		transparent-proxying-helper

# SELinux (taken from K12LTSP package)
#Source200:		squidGuard.te
#Source201:		squidGuard.fc

#Patch0:			squidGuard-upstream.patch
#Patch1:			squidGuard-paths.patch
Patch2:			squid-getlist.html.patch
Patch3:			squidGuard-perlwarning.patch
#Patch4:			squidGuard-sed.patch
Patch5:			squidGuard-makeinstall.patch
#Patch6:			squidGuard-1.3-SG-2008-06-13.patch
Patch7:			squidGuard-1.4-20091015.patch
Patch8:			squidGuard-1.4-20091019.patch
Patch9:			squidGuard-1.4-db5.patch

URL:			http://www.squidguard.org/

BuildRoot:		%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires:	bison, byacc, openldap-devel, flex, libdb-devel
Requires:		squid
#Requires(post):	%{_bindir}/chcon
#Requires(post):	/sbin/chkconfig
Requires(post): systemd-units
Requires(preun): systemd-units
Requires(postun): systemd-units

%description
squidGuard can be used to 
- limit the web access for some users to a list of accepted/well known
  web servers and/or URLs only.
- block access to some listed or blacklisted web servers and/or URLs
  for some users.
- block access to URLs matching a list of regular expressions or words
  for some users.
- enforce the use of domainnames/prohibit the use of IP address in
  URLs.
- redirect blocked URLs to an "intelligent" CGI based info page.
- redirect unregistered user to a registration form.
- redirect popular downloads like Netscape, MSIE etc. to local copies.
- redirect banners to an empty GIF.
- have different access rules based on time of day, day of the week,
  date etc.
- have different rules for different user groups.
- and much more.. 

Neither squidGuard nor Squid can be used to
- filter/censor/edit text inside documents 
- filter/censor/edit embeded scripting languages like JavaScript or
  VBscript inside HTML

%prep
%setup -q
%{__cp} %{SOURCE3} .
#%patch0 -p1
#%patch1 -p1 -b .paths
%patch2 -p0
%patch3 -p2
#%patch4 -p1
%patch5	-p1
#%patch6 -p0
%patch7 -p0
%patch8 -p0
%patch9 -p1

%{__cp} %{SOURCE100} ./squidGuard.conf.k12ltsp.template
%{__cp} %{SOURCE101} ./update_squidguard_blacklists.k12ltsp.sh

%build
%configure \
	--with-sg-config=%{_sysconfdir}/squid/squidGuard.conf \
	--with-sg-logdir=%{_var}/log/squidGuard \
	--with-sg-dbhome=%{_dbhomedir} \
	--with-ldap=yes
	
#%{__make} %{?_smp_mflags}
%{__make}

pushd contrib
%{__make} %{?_smp_mflags}
popd

#Apply squidGuard-1.4-patch-20150201.tar.gz
tar -xzf %{SOURCE4} --overwrite -C samples/ --strip-components=1

%install
%{__rm} -rf $RPM_BUILD_ROOT

#%{__make} DESTDIR=$RPM_BUILD_ROOT install
# This broke as of 1.2.1.
%{__install} -p -D -m 0755 src/squidGuard $RPM_BUILD_ROOT%{_bindir}/squidGuard

%{__install} -p -D -m 0644 %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/squidGuard
%{__install} -p -D -m 0644 samples/sample.conf $RPM_BUILD_ROOT%{_sysconfdir}/squid/squidGuard.conf
%{__install} -p -D -m 0644 %{SOURCE2} $RPM_BUILD_ROOT%{_dbtopdir}/blacklists.tar.gz

# Don't use SOURCE3, but use the allready patched one #165689
%{__install} -p -D -m 0755 squid-getlist.html $RPM_BUILD_ROOT%{_sysconfdir}/cron.daily/squidGuard

#%{__install} -p -D %{SOURCE200} $RPM_BUILD_ROOT%{_sysconfdir}/selinux/targeted/src/policy/domains/program/squidGuard.te
#%{__install} -p -D %{SOURCE201} $RPM_BUILD_ROOT%{_sysconfdir}/selinux/targeted/src/policy/file_contexts/program/squidGuard.fc

%{__install} -p -d $RPM_BUILD_ROOT%{_cgibin}
%{__install} samples/squid*cgi $RPM_BUILD_ROOT%{_cgibin}

%{__install} contrib/hostbyname/hostbyname $RPM_BUILD_ROOT%{_bindir}
%{__install} contrib/sgclean/sgclean $RPM_BUILD_ROOT%{_bindir}

#%{__install} -p -D -m 0755 %{SOURCE102} $RPM_BUILD_ROOT%{_initrddir}/squidGuard
#%{__install} -p -D -m 0755 %{SOURCE103} $RPM_BUILD_ROOT%{_initrddir}/transparent-proxying

%{__install} -p -D -m 0644 %{SOURCE104} $RPM_BUILD_ROOT%{_unitdir}/squidGuard.service
%{__install} -p -D -m 0644 %{SOURCE105} $RPM_BUILD_ROOT%{_unitdir}/transparent-proxying.service

%{__install} -p -D -m 0744 %{SOURCE106} $RPM_BUILD_ROOT%{_bindir}/squidGuard-helper
%{__install} -p -D -m 0744 %{SOURCE107} $RPM_BUILD_ROOT%{_bindir}/transparent-proxying-helper

#pushd $RPM_BUILD_ROOT%{_dbhomedir}
tar xfz $RPM_BUILD_ROOT%{_dbtopdir}/blacklists.tar.gz
#popd

sed -i "s,dest/adult/,blacklists/porn/,g" $RPM_BUILD_ROOT%{_sysconfdir}/squid/squidGuard.conf

%{__install} -p -D -m 0644 samples/babel.* $RPM_BUILD_ROOT%{_cgibin}

mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/log/squidGuard
mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/log/squid
ln -s ../squidGuard/squidGuard.log  $RPM_BUILD_ROOT%{_localstatedir}/log/squid/squidGuard.log

%clean
%{__rm} -rf $RPM_BUILD_ROOT

%post
# fix SELinux bits
#%{_bindir}/chcon -R system_u:object_r:squid_cache_t /var/squidGuard >/dev/null 2>&1
#%{_bindir}/chcon -R system_u:object_r:squid_log_t /var/log/squidGuard >/dev/null 2>&1

## do we need a new config file?
#if [ -s %{_sysconfdir}/squid/squidGuard.conf ]; then
#	CONFFILE="%{_sysconfdir}/squid/squidGuard.conf.rpmnew"
#    echo "/etc/squid/squidGuard.conf created as /etc/squid/squidGuard.conf.rpmnew"
#else
#	CONFFILE="/etc/squid/squidGuard.conf"
#fi
#cat %{_docdir}/%{name}-%{version}/squidGuard.conf.k12ltsp.template | \
#	sed s/SERVERNAME/$HOSTNAME/g > $CONFFILE

#/sbin/chkconfig --add squidGuard
#/sbin/chkconfig --add transparent-proxying
if [ $1 -eq 1 ] ; then 
    # Initial installation 
    /bin/systemctl daemon-reload >/dev/null 2>&1 || :
fi


# reload SELinux policies
#echo "Loading new SELinux policy"
#pushd %{_sysconfdir}/selinux/targeted/src/policy/
#%{__make} load &> /dev/null
#popd

#### End of %post

%preun
#if [ $1 = 0 ] ; then
#    service squidGuard stop >/dev/null 2>&1
#    /sbin/chkconfig --del squidGuard
#	/sbin/chkconfig --del transparent-proxying
#fi
if [ $1 -eq 0 ] ; then
    # Package removal, not upgrade
    /bin/systemctl --no-reload disable squidGuard.service > /dev/null 2>&1 || :
    /bin/systemctl stop squidGuard.service > /dev/null 2>&1 || :
    /bin/systemctl --no-reload disable transparent-proxying.service > /dev/null 2>&1 || :
    /bin/systemctl stop transparent-proxying.service > /dev/null 2>&1 || :
fi

%postun
/bin/systemctl daemon-reload >/dev/null 2>&1 || :
if [ $1 -ge 1 ] ; then
    # Package upgrade, not uninstall
    /bin/systemctl try-restart squidGuard.service >/dev/null 2>&1 || :
    /bin/systemctl try-restart transparent-proxying.service >/dev/null 2>&1 || :
fi

%triggerun -- squidGuard < 1.4-13
# Save the current service runlevel info
# User must manually run systemd-sysv-convert --apply squidGuard
# and systemd-sysv-convert --apply transparent-proxying
# to migrate them to systemd targets
/usr/bin/systemd-sysv-convert --save squidGuard >/dev/null 2>&1 ||:
/usr/bin/systemd-sysv-convert --save transparent-proxying >/dev/null 2>&1 ||:

# Run these because the SysV package being removed won't do them
/sbin/chkconfig --del squidGuard >/dev/null 2>&1 || :
/sbin/chkconfig --del transparent-proxying >/dev/null 2>&1 || :
/bin/systemctl try-restart squidGuard.service >/dev/null 2>&1 || :
/bin/systemctl try-restart transparent-proxying.service >/dev/null 2>&1 || :

%files
%defattr(-,root,root)
%doc samples/*.conf
%doc samples/*.cgi
%doc samples/dest/blacklists.tar.gz
%doc COPYING GPL 
%doc doc/*.txt doc/*.html doc/*.gif
%doc squidGuard.conf.k12ltsp.template
%{_bindir}/*
%config(noreplace) %{_sysconfdir}/squid/squidGuard.conf
%config(noreplace) %{_sysconfdir}/logrotate.d/squidGuard
%config(noreplace) %{_sysconfdir}/cron.daily/squidGuard
%{_dbtopdir}/
#%{_sysconfdir}/selinux/targeted/src/policy/domains/program/squidGuard.te
#%{_sysconfdir}/selinux/targeted/src/policy/file_contexts/program/squidGuard.fc
%attr(0755,root,root) %{_cgibin}/*.cgi
%config(noreplace) %{_cgibin}/squidGuard.cgi
%{_cgibin}/babel.*
%{_unitdir}/squidGuard.service
%{_unitdir}/transparent-proxying.service
%attr(0755,squid,squid) %{_localstatedir}/log/squidGuard
%attr(0755,squid,squid) %{_localstatedir}/log/squid/squidGuard.log

%changelog
* Tue Jun 21 2016 Jon Ciesla <limburgher@gmail.com> - 1.4-26
- Fix unitfile typo.

* Tue Jun 21 2016 Jon Ciesla <limburgher@gmail.com> - 1.4-25
- Patch for 20150201.
- Fix log permissions.
- logrotate correction.
- Corrected config file.

* Fri Feb 05 2016 Fedora Release Engineering <releng@fedoraproject.org> - 1.4-24
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild

* Fri Jun 19 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4-23
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild

* Thu Aug 21 2014 Kevin Fenzi <kevin@scrye.com> - 1.4-22
- Rebuild for rpm bug 1131960

* Mon Aug 18 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4-21
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild

* Sun Jun 08 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4-20
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild

* Sun Aug 04 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4-19
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild

* Wed Jul 17 2013 Petr Pisar <ppisar@redhat.com> - 1.4-18
- Perl 5.18 rebuild

* Fri Feb 15 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4-17
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild

* Mon Jan 21 2013 Bojan Smojver <bojan@rexursive.com> - 1.4-16
- Fix for Berkeley DB 5

* Sat Jul 21 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4-15
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild

* Wed Jun 27 2012 Jon Ciesla <limburgher@gmail.com> - 1.4-14
- Build with LDAP support, BZ 834916.
- Dropped db4-isms.

* Tue Apr 17 2012 Jon Ciesla <limburgher@gmail.com> - 1.4-13
- Migrate to systemd.
- Stop messing with config noreplace for the config file in post.

* Mon Apr 16 2012 Jon Ciesla <limburgher@gmail.com> - 1.4-12
- Build against libdb again.

* Fri Apr 13 2012 Jon Ciesla <limburgher@gmail.com> - 1.4-11
- Add hardened build.

* Sat Jan 14 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild

* Wed Feb 09 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild

* Mon Oct 26 2009 Jon Ciesla <limb@jcomserv.net> - 1.4-8
- Applying upstream patches for CVE-2009-3700, BZ 530862.

* Thu Sep 24 2009 Jon Ciesla <limb@jcomserv.net> - 1.4-7
- Make squidGuard.cgi config(noreplace)
- Relocated logs, updated logrotate file.
- Updated blacklist URL.

* Wed Sep 09 2009 Jon Ciesla <limb@jcomserv.net> - 1.4-6
- Include babel files, BZ 522038.

* Sun Jul 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild

* Thu Mar 05 2009 Jon Ciesla <limb@jcomserv.net> - 1.4-4
- Initscript cleanup, BZ 247065.

* Tue Feb 24 2009 Jon Ciesla <limb@jcomserv.net> - 1.4-3
- Drop chcon Req.

* Mon Feb 23 2009 Jon Ciesla <limb@jcomserv.net> - 1.4-2
- Dropping selinux policy and chcon, BZ 486634.
- Fixed URL of Source0.

* Wed Feb 18 2009 Jon Ciesla <limb@jcomserv.net> - 1.4-1
- Update to 1.4, BZ 485530.
- Building against compat-db46 until next version.

* Wed Feb 11 2009 Jon Ciesla <limb@jcomserv.net> - 1.3-1
- Update to 1.3.
- Dropped paths, sed patches, applied upstream.
- New SG-2008-06-13 patch.
 
* Wed Feb 11 2009 Jon Ciesla <limb@jcomserv.net> - 1.2.1-2
- Fix sg-2008-06-13, BZ 452467.

* Wed Feb 11 2009 Jon Ciesla <limb@jcomserv.net> - 1.2.1-1
- Update to 1.2.1,  BZ 245377.
- Dropped upstream patch.
- Updated blacklists.

* Tue Feb 19 2008 Fedora Release Engineering <rel-eng@fedoraproject.org> - 1.2.0-18
- Autorebuild for GCC 4.3

* Wed Dec 05 2007 Release Engineering <rel-eng at fedoraproject dot org> - 1.2.0-17
 - Rebuild for deps

* Fri Nov 16 2007 John Berninger <john at ncphotography dot com> 1.2.0-16
- Fix perms on cgi-bin files

* Mon Mar 26 2007 John Berninger <jwb at redhat dot com>	1.2.0-15
- Assert ownership of /var/squidGuard - bz 233915

* Tue Aug 29 2006 John Berninger <jwb at redhat dot com>	1.2.0-14
- Bump release 'cause I forgot to add a patch file that's required

* Tue Aug 29 2006 John Berninger <jwb at redhat dot com>	1.2.0-13
- general updates to confirm build on FC5/FC6
- updates to BuildRequires

* Fri Sep 09 2005 Oliver Falk <oliver@linux-kernel.at>		- 1.2.0-12
- Make it K12LTSP compatible, so a possible upgrade doesn't break
  anything/much...
  - Add SELinux stuff
  - Move dbdir to /var/squidGuard/blacklists, instead of /var/lib/squidGuard
  - Added update script and template config from/for K12
  - Add perlwarnings and sed patch
  - Install cgis in /var/www/cgi-bin
  - Added initrd stuff
- Remove questionable -ldb from make
- Remove questionable db version check

* Tue Sep 06 2005 Oliver Falk <oliver@linux-kernel.at>		- 1.2.0-11
- More bugs from Bug #165689
  Install cron script with perm 755
  Don't use SOURCE3 in install section, we need to use the patched one
  
* Mon Sep 05 2005 Oliver Falk <oliver@linux-kernel.at>		- 1.2.0-10
- Include GPL in doc section

* Mon Sep 05 2005 Oliver Falk <oliver@linux-kernel.at>		- 1.2.0-9
- More 'bugs' from Bug #165689
  Make changed on squid-getlist.html a patch, as sources should
  match upstream sources, so they are wget-able...

* Mon Sep 05 2005 Oliver Falk <oliver@linux-kernel.at>		- 1.2.0-8
- Bug #165689

* Thu May 19 2005 Oliver Falk <oliver@linux-kernel.at>		- 1.2.0-7
- Update blacklists
- Cleanup specfile

* Fri Apr 08 2005 Oliver Falk <oliver@linux-kernel.at>		- 1.2.0-6
- Fix build on RH 8 with db 4.0.14, by not applying the db4 patch

* Mon Feb 21 2005 Oliver Falk <oliver@linux-kernel.at> 		- 1.2.0-5
- Specfile cleaning
- Make it build with db4 again, by adding the db4-patch

* Mon Apr 12 2002 Oliver Pitzeier <oliver@linux-kernel.at>	- 1.2.0-4
- Tweaks

* Mon Apr 08 2002 Oliver Pitzeier <oliver@linux-kernel.at> 	- 1.2.0-3
- Rebuild

* Mon Apr 08 2002 Oliver Pitzeier <oliver@linux-kernel.at> 	- 1.2.0-2
- Updated the blacklists and put it into the right place
  I also descompress them
- Added a new "forbidden" script - the other ones are too
  old and don't work.  

* Fri Apr 05 2002 Oliver Pitzeier <oliver@linux-kernel.at> 	- 1.2.0-1
- Update to version 1.2.0

* Fri Jun  1 2001 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de>
- cleaned up for rhcontrib

* Fri Oct 13 2000 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de>
- initial build
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.