|
 |
60c0467 |
%global _vararpwatch %{_localstatedir}/lib/arpwatch
|
|
|
ba6360b |
%global _hardened_build 1
|
|
 |
6ced790 |
|
|
|
6ced790 |
Name: arpwatch
|
|
|
6ced790 |
Epoch: 14
|
|
|
6ced790 |
Version: 2.1a15
|
|
|
c12c6fc |
Release: 35%{?dist}
|
|
|
6ced790 |
Summary: Network monitoring tools for tracking IP addresses on a network
|
|
|
6ced790 |
Group: Applications/System
|
|
|
d9debb6 |
License: BSD with advertising
|
|
|
6ced790 |
URL: http://ee.lbl.gov/
|
|
|
c12c6fc |
Requires(pre): shadow-utils
|
|
 |
d0463f3 |
Requires(post): systemd
|
|
|
d0463f3 |
Requires(preun): systemd
|
|
|
d0463f3 |
Requires(postun): systemd
|
|
|
6ced790 |
Requires: /usr/sbin/sendmail
|
|
|
d0463f3 |
BuildRequires: /usr/sbin/sendmail libpcap-devel systemd
|
|
|
6ced790 |
|
|
|
6ced790 |
Source0: ftp://ftp.ee.lbl.gov/arpwatch-%{version}.tar.gz
|
|
|
88ad459 |
Source1: arpwatch.service
|
|
|
46681ed |
# created by:
|
|
|
46681ed |
# wget -O- http://standards.ieee.org/regauth/oui/oui.txt | \
|
|
|
46681ed |
# iconv -f iso8859-1 -t utf8 | massagevendor | bzip2
|
|
|
c46110b |
Source3: ethercodes-20110707.dat.bz2
|
|
|
6ced790 |
Patch1: arpwatch-2.1a4-fhs.patch
|
|
|
6ced790 |
Patch2: arpwatch-2.1a10-man.patch
|
|
|
6ced790 |
Patch3: arpwatch-drop.patch
|
|
|
6ced790 |
Patch4: arpwatch-drop-man.patch
|
|
|
6ced790 |
Patch5: arpwatch-addr.patch
|
|
|
6ced790 |
Patch6: arpwatch-dir-man.patch
|
|
|
6ced790 |
Patch7: arpwatch-scripts.patch
|
|
|
6ced790 |
Patch8: arpwatch-2.1a15-nolocalpcap.patch
|
|
|
d9debb6 |
Patch9: arpwatch-2.1a15-bogon.patch
|
|
|
cb33144 |
Patch10: arpwatch-2.1a15-extraman.patch
|
|
|
18732da |
Patch11: arpwatch-exitcode.patch
|
|
Ales Ledvinka |
77ee46d |
Patch12: arpwatch-2.1a15-dropgroup.patch
|
|
|
517bebf |
Patch13: arpwatch-2.1a15-devlookup.patch
|
|
Ales Ledvinka |
befc399 |
Patch14: arpwatch-2.1a15-lookupiselect.patch
|
|
Ales Ledvinka |
fab89b0 |
Patch16: arpwatch-201301-ethcodes.patch
|
|
|
ba6360b |
Patch17: arpwatch-pie.patch
|
|
|
a351fd9 |
Patch18: arpwatch-aarch64.patch
|
|
|
6ced790 |
|
|
|
6ced790 |
%description
|
|
|
6ced790 |
The arpwatch package contains arpwatch and arpsnmp. Arpwatch and
|
|
|
6ced790 |
arpsnmp are both network monitoring tools. Both utilities monitor
|
|
|
6ced790 |
Ethernet or FDDI network traffic and build databases of Ethernet/IP
|
|
|
6ced790 |
address pairs, and can report certain changes via email.
|
|
|
6ced790 |
|
|
|
6ced790 |
Install the arpwatch package if you need networking monitoring devices
|
|
|
6ced790 |
which will automatically keep track of the IP addresses on your
|
|
|
6ced790 |
network.
|
|
|
6ced790 |
|
|
|
6ced790 |
%prep
|
|
|
6ced790 |
%setup -q
|
|
|
6ced790 |
|
|
|
6ced790 |
%patch1 -p1 -b .fhs
|
|
|
6ced790 |
%patch2 -p1 -b .arpsnmpman
|
|
|
6ced790 |
%patch3 -p1 -b .droproot
|
|
|
6ced790 |
%patch4 -p0 -b .droprootman
|
|
|
6ced790 |
%patch5 -p1 -b .mailuser
|
|
|
6ced790 |
%patch6 -p1 -b .dirman
|
|
|
6ced790 |
%patch7 -p1 -b .scripts
|
|
|
6ced790 |
%patch8 -p1 -b .nolocalpcap
|
|
|
d9debb6 |
%patch9 -p1 -b .bogon
|
|
|
cb33144 |
%patch10 -p1 -b .extraman
|
|
|
18732da |
%patch11 -p1 -b .exitcode
|
|
Ales Ledvinka |
77ee46d |
%patch12 -p1 -b .dropgroup
|
|
|
517bebf |
%patch13 -p1 -b .devlookup
|
|
Ales Ledvinka |
befc399 |
%patch14 -p1 -b .iselect
|
|
Ales Ledvinka |
fab89b0 |
%patch16 -p1 -b .ethcode
|
|
|
ba6360b |
%patch17 -p1 -b .pie
|
|
|
a351fd9 |
%patch18 -p1 -b .aarch64
|
|
|
6ced790 |
|
|
|
6ced790 |
%build
|
|
|
6ced790 |
%configure
|
|
|
6ced790 |
make ARPDIR=%{_vararpwatch}
|
|
|
6ced790 |
|
|
|
6ced790 |
%install
|
|
|
6ced790 |
|
|
|
6ced790 |
mkdir -p $RPM_BUILD_ROOT%{_mandir}/man8
|
|
|
6ced790 |
mkdir -p $RPM_BUILD_ROOT%{_sbindir}
|
|
|
6ced790 |
mkdir -p $RPM_BUILD_ROOT%{_vararpwatch}
|
|
|
60c0467 |
mkdir -p $RPM_BUILD_ROOT%{_unitdir}
|
|
Ales Ledvinka |
fab89b0 |
touch $RPM_BUILD_ROOT%{_vararpwatch}/arp.dat-
|
|
|
6ced790 |
make DESTDIR=$RPM_BUILD_ROOT install install-man
|
|
|
6ced790 |
|
|
|
6ced790 |
# prepare awk scripts
|
|
|
6ced790 |
perl -pi -e "s/\'/\'\\\'\'/g" *.awk
|
|
|
6ced790 |
|
|
|
6ced790 |
# and embed them
|
|
|
6ced790 |
for i in arp2ethers massagevendor massagevendor-old; do
|
|
|
6ced790 |
cp -f $i $RPM_BUILD_ROOT%{_sbindir}
|
|
|
6ced790 |
for j in *.awk; do
|
|
|
6ced790 |
sed "s/-f\ *\(\<$j\>\)/\'\1\n\' /g" \
|
|
|
6ced790 |
< $RPM_BUILD_ROOT%{_sbindir}/$i \
|
|
|
6ced790 |
| sed "s/$j\$//;tx;b;:x;r$j" \
|
|
|
6ced790 |
> $RPM_BUILD_ROOT%{_sbindir}/$i.x
|
|
|
6ced790 |
mv -f $RPM_BUILD_ROOT%{_sbindir}/$i{.x,}
|
|
|
6ced790 |
done
|
|
|
6ced790 |
chmod 755 $RPM_BUILD_ROOT%{_sbindir}/$i
|
|
|
6ced790 |
done
|
|
|
6ced790 |
|
|
|
a80d80c |
install -p -m644 *.dat $RPM_BUILD_ROOT%{_vararpwatch}
|
|
|
60c0467 |
install -p -m644 %{SOURCE1} $RPM_BUILD_ROOT%{_unitdir}/arpwatch.service
|
|
|
3bd0e98 |
install -p -m644 %{SOURCE3} $RPM_BUILD_ROOT%{_vararpwatch}/ethercodes.dat.bz2
|
|
|
3bd0e98 |
bzip2 -df $RPM_BUILD_ROOT%{_vararpwatch}/ethercodes.dat.bz2
|
|
|
6ced790 |
|
|
|
cb33144 |
rm -f $RPM_BUILD_ROOT%{_sbindir}/massagevendor-old
|
|
|
cb33144 |
|
|
|
6ced790 |
%post
|
|
|
66d462d |
%systemd_post arpwatch.service
|
|
|
6ced790 |
|
|
|
6ced790 |
%pre
|
|
|
f1b7b51 |
if ! getent group arpwatch &> /dev/null; then
|
|
|
f1b7b51 |
getent group pcap 2> /dev/null | grep -q 77 &&
|
|
|
f1b7b51 |
/usr/sbin/groupmod -n arpwatch pcap 2> /dev/null ||
|
|
|
f1b7b51 |
/usr/sbin/groupadd -g 77 arpwatch 2> /dev/null
|
|
|
f1b7b51 |
fi
|
|
|
f1b7b51 |
if ! getent passwd arpwatch &> /dev/null; then
|
|
|
f1b7b51 |
getent passwd pcap 2> /dev/null | grep -q 77 &&
|
|
|
f1b7b51 |
/usr/sbin/usermod -l arpwatch -g 77 \
|
|
|
f1b7b51 |
-d %{_vararpwatch} pcap 2> /dev/null ||
|
|
|
f1b7b51 |
/usr/sbin/useradd -u 77 -g 77 -s /sbin/nologin \
|
|
|
f1b7b51 |
-M -r -d %{_vararpwatch} arpwatch 2> /dev/null
|
|
|
f1b7b51 |
fi
|
|
|
6ced790 |
:
|
|
|
6ced790 |
|
|
|
6ced790 |
%postun
|
|
|
66d462d |
%systemd_postun_with_restart arpwatch.service
|
|
|
6ced790 |
|
|
|
6ced790 |
%preun
|
|
|
66d462d |
%systemd_preun arpwatch.service
|
|
|
6ced790 |
|
|
|
6ced790 |
%files
|
|
|
6ced790 |
%doc README CHANGES arpfetch
|
|
|
6ced790 |
%{_sbindir}/arpwatch
|
|
|
6ced790 |
%{_sbindir}/arpsnmp
|
|
|
6ced790 |
%{_sbindir}/arp2ethers
|
|
|
6ced790 |
%{_sbindir}/massagevendor
|
|
|
cb33144 |
%{_mandir}/man8/*.8*
|
|
|
60c0467 |
%{_unitdir}/arpwatch.service
|
|
Ales Ledvinka |
fab89b0 |
%attr(1775,-,arpwatch) %dir %{_vararpwatch}
|
|
Ales Ledvinka |
fab89b0 |
%attr(0644,arpwatch,arpwatch) %verify(not md5 size mtime) %config(noreplace) %{_vararpwatch}/arp.dat
|
|
Ales Ledvinka |
fab89b0 |
%attr(0644,arpwatch,arpwatch) %verify(not md5 size mtime) %config(noreplace) %{_vararpwatch}/arp.dat-
|
|
Ales Ledvinka |
fab89b0 |
%attr(0600,arpwatch,arpwatch) %verify(not md5 size mtime) %ghost %{_vararpwatch}/arp.dat.new
|
|
Ales Ledvinka |
fab89b0 |
%attr(0644,-,arpwatch) %verify(not md5 size mtime) %config(noreplace) %{_vararpwatch}/ethercodes.dat
|
|
|
6ced790 |
|
|
|
6ced790 |
%changelog
|
|
|
c12c6fc |
* Tue Jan 26 2016 Jan Synáček <jsynacek@redhat.com> - 14:2.1a15-35
|
|
|
c12c6fc |
- fix arpwatch buffer overflow (#1301880)
|
|
|
c12c6fc |
|
|
 |
cd9954c |
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 14:2.1a15-34
|
|
|
cd9954c |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
|
|
|
cd9954c |
|
|
 |
95cf65b |
* Fri Aug 15 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 14:2.1a15-33
|
|
|
95cf65b |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
|
|
|
95cf65b |
|
|
|
d103807 |
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 14:2.1a15-32
|
|
|
d103807 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
|
|
|
d103807 |
|
|
|
4e95468 |
* Mon Feb 3 2014 Jan Synáček <jsynacek@redhat.com> 14:2.1a15-31
|
|
|
4e95468 |
- reference documentation in the service file
|
|
|
9e04a59 |
- remove redundant sysconfig-related stuff
|
|
|
4e95468 |
|
|
|
cd1b9a9 |
* Sun Aug 4 2013 Peter Robinson <pbrobinson@fedoraproject.org> 14:2.1a15-30
|
|
|
cd1b9a9 |
- Fix FTBFS
|
|
|
cd1b9a9 |
|
|
|
b717ed7 |
* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 14:2.1a15-29
|
|
|
b717ed7 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
|
|
|
b717ed7 |
|
|
|
ba6360b |
* Tue Apr 23 2013 Jan Synáček <jsynacek@redhat.com> 14:2.1a15-28
|
|
|
ba6360b |
- harden the package (#954336)
|
|
|
a351fd9 |
- support aarch64 (#925027)
|
|
|
ba6360b |
|
|
|
963de15 |
* Wed Feb 13 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 14:2.1a15-27
|
|
|
963de15 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
|
|
|
963de15 |
|
|
|
cd1b9a9 |
* Thu Jan 17 2013 Ales Ledvinka <aledvink@redhat.com> - 14:2.1a15-26
|
|
Ales Ledvinka |
fab89b0 |
- fix permissions related to collected database
|
|
Ales Ledvinka |
fab89b0 |
- update ethcodes defaults to current public IEEE OUI-32
|
|
Ales Ledvinka |
fab89b0 |
|
|
Ales Ledvinka |
12acff1 |
* Mon Oct 15 2012 Ales Ledvinka <aledvink@redhat.com> - 14:2.1a15-25
|
|
Ales Ledvinka |
12acff1 |
- fix -i with invalid interface specified (#842660)
|
|
Ales Ledvinka |
12acff1 |
|
|
Ales Ledvinka |
befc399 |
* Mon Oct 15 2012 Ales Ledvinka <aledvink@redhat.com> - 14:2.1a15-24
|
|
Ales Ledvinka |
befc399 |
- fix devlookup to start with -i interface specified (#842660)
|
|
Ales Ledvinka |
befc399 |
|
|
|
66d462d |
* Wed Aug 22 2012 Jan Synáček <jsynacek@redhat.com> - 14:2.1a15-23
|
|
|
66d462d |
- Add system-rpm macros (#850032)
|
|
|
66d462d |
|
|
|
517bebf |
* Tue Jul 24 2012 Jan Synáček <jsynacek@redhat.com> - 14:2.1a15-22
|
|
|
517bebf |
- add devlookup patch: search for suitable default interface, if -i is not
|
|
|
517bebf |
specified (#842660)
|
|
|
517bebf |
|
|
|
60c0467 |
* Thu Jul 19 2012 Jan Synáček <jsynacek@redhat.com> - 14:2.1a15-21
|
|
|
60c0467 |
- make spec slightly more fedora-review-friendly
|
|
|
60c0467 |
|
|
|
3c75f4e |
* Wed Jul 18 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 14:2.1a15-21
|
|
|
3c75f4e |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
|
|
|
3c75f4e |
|
|
Ales Ledvinka |
77ee46d |
* Thu May 31 2012 Aleš Ledvinka <aledvink@redhat.com> 14:2.1a15-20
|
|
Ales Ledvinka |
77ee46d |
- fix supplementary group list (#825328) (CVE-2012-2653)
|
|
Ales Ledvinka |
77ee46d |
|
|
|
8dfd3d0 |
* Thu Jan 19 2012 Jan Synáček <jsynacek@redhat.com> 14:2.1a15-19
|
|
|
8dfd3d0 |
- Turn on PrivateTmp=true in service file (#782477)
|
|
|
8dfd3d0 |
|
|
|
928eac5 |
* Thu Jan 05 2012 Jan Synáček <jsynacek@redhat.com> 14:2.1a15-18
|
|
|
928eac5 |
- Rebuilt for GCC 4.7
|
|
|
928eac5 |
|
|
|
2544a6e |
* Fri Jul 08 2011 Miroslav Lichvar <mlichvar@redhat.com> 14:2.1a15-17
|
|
|
2544a6e |
- exit with zero error code (#699285)
|
|
|
2544a6e |
- change service type to forking (#699285)
|
|
|
2544a6e |
|
|
|
2544a6e |
* Thu Jul 07 2011 Miroslav Lichvar <mlichvar@redhat.com> 14:2.1a15-16
|
|
|
c9e1d84 |
- replace SysV init script with systemd service (#699285)
|
|
|
c9e1d84 |
- update ethercodes.dat
|
|
|
c9e1d84 |
|
|
|
c39bc04 |
* Mon Mar 28 2011 Miroslav Lichvar <mlichvar@redhat.com> 14:2.1a15-15
|
|
|
c39bc04 |
- update ethercodes.dat (#690948)
|
|
|
c39bc04 |
|
|
|
6770e6f |
* Mon Feb 07 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 14:2.1a15-14
|
|
|
6770e6f |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
|
|
|
6770e6f |
|
|
|
cb33144 |
* Tue Mar 30 2010 Miroslav Lichvar <mlichvar@redhat.com> 14:2.1a15-13
|
|
|
cb33144 |
- update ethercodes.dat (#577552)
|
|
|
cb33144 |
- mark ethercodes.dat as noreplace
|
|
|
cb33144 |
- fix init script LSB compliance
|
|
|
cb33144 |
- include Debian arp2ethers and massagevendor man pages (#526160)
|
|
|
cb33144 |
- don't include massagevendor-old script anymore
|
|
|
cb33144 |
|
|
|
46681ed |
* Wed Sep 02 2009 Miroslav Lichvar <mlichvar@redhat.com> 14:2.1a15-12
|
|
|
46681ed |
- update ethercodes.dat
|
|
|
46681ed |
|
|
 |
83562c3 |
* Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 14:2.1a15-11
|
|
|
83562c3 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
|
|
|
83562c3 |
|
|
|
f2af1b7 |
* Mon Feb 23 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 14:2.1a15-10
|
|
|
f2af1b7 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
|
|
|
f2af1b7 |
|
|
|
3bd0e98 |
* Tue Sep 16 2008 Miroslav Lichvar <mlichvar@redhat.com> 14:2.1a15-9
|
|
|
3bd0e98 |
- update ethercodes.dat (#462364)
|
|
|
3bd0e98 |
|
|
|
49a22ad |
* Tue Feb 19 2008 Fedora Release Engineering <rel-eng@fedoraproject.org> - 14:2.1a15-8
|
|
|
49a22ad |
- Autorebuild for GCC 4.3
|
|
|
49a22ad |
|
|
|
62554f7 |
* Wed Aug 22 2007 Miroslav Lichvar <mlichvar@redhat.com> 14:2.1a15-7
|
|
|
62554f7 |
- rebuild
|
|
|
62554f7 |
|
|
|
d9debb6 |
* Thu Aug 09 2007 Miroslav Lichvar <mlichvar@redhat.com> 14:2.1a15-6
|
|
|
d9debb6 |
- improve init script (#246869)
|
|
|
d9debb6 |
- allow -n 0/32 to disable reporting bogons from 0.0.0.0 (#244606)
|
|
|
d9debb6 |
- update license tag
|
|
|
d9debb6 |
- update ethercodes.dat
|
|
|
d9debb6 |
|
|
|
a80d80c |
* Wed Jun 13 2007 Miroslav Lichvar <mlichvar@redhat.com> 14:2.1a15-5
|
|
|
a80d80c |
- update ethercodes.dat
|
|
|
a80d80c |
|
|
|
b1329e8 |
* Thu May 24 2007 Miroslav Lichvar <mlichvar@redhat.com> 14:2.1a15-4
|
|
|
b1329e8 |
- fix return codes in init script (#237781)
|
|
|
b1329e8 |
|
|
|
f1b7b51 |
* Mon Jan 15 2007 Miroslav Lichvar <mlichvar@redhat.com> 14:2.1a15-3
|
|
|
f1b7b51 |
- rename pcap user to arpwatch
|
|
|
f1b7b51 |
|
|
|
6ced790 |
* Tue Nov 28 2006 Miroslav Lichvar <mlichvar@redhat.com> 14:2.1a15-2
|
|
|
6ced790 |
- split from tcpdump package (#193657)
|
|
|
6ced790 |
- update to 2.1a15
|
|
|
6ced790 |
- clean up files in /var
|
|
|
6ced790 |
- force linking with system libpcap
|