%global progname maldetect Name: lmd Version: 1.3.9 Release: 1%{?dist} Summary: Linux malware detector BuildArch: noarch Group: Applications/File License: GPLv2 URL: http://www.rfxn.com/projects/linux-malware-detect/ # the author does not provide a way of download a specifc version Source0: http://www.rfxn.com/downloads/maldetect-current.tar.gz # change the paths where it looks for stuff Patch0: lmd-paths.patch # Remove autoupdate since it includes an i386 library and binary that won't work # on other architectures. # An update using the author's method will install the updated version using the # author's method which doesn't meet the Fedora packaging guidelines Patch1: lmd-no-autoupdate.path # take out lines that make the config file files executables # they are sourced from another bash script so they are redundant Patch2: lmd-bash.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) # intoify was introduced in 2.6.13 so leaving el4 out is intentional %if 0%{?el5}%{?el6}%{?fedora} Requires: inotify-tools >= 3.14 %endif Requires: perl Requires: wget %description Linux Malware Detect (LMD) is a malware scanner for Linux released under the GNU GPLv2 license, that is designed around the threats faced in shared hosted environments. It uses threat data from network edge intrusion detection systems to extract malware that is actively being used in attacks and generates signatures for detection. In addition, threat data is also derived from user submissions with the LMD checkout feature and from malware community resources. The signatures that LMD uses are MD5 file hashes and HEX pattern matches, they are also easily exported to any number of detection tools such as ClamAV. %prep %setup -q -n %{progname}-%{version} # delete the library and binary bundled with the tarball %{__rm} files/inotify/libinotifytools.so.0 %{__rm} files/inotify/inotifywait %{__sed} -i 's/\r//' COPYING.GPL %patch0 -p1 -b .lmd-paths %patch1 -p1 -b .lmd-no-autoupdate %patch2 -p1 -b .lmd-bash %build %install rm -rf %{buildroot} mkdir -p %{buildroot}%{_bindir} mkdir -p %{buildroot}%{_datadir}/%{progname} mkdir -p %{buildroot}%{_sysconfdir} mkdir -p %{buildroot}%{_sysconfdir}/cron.daily mkdir -p %{buildroot}%{_libexecdir}/%{progname} mkdir -p %{buildroot}%{_var}/lib/%{progname} %{__cp} -pr files/clean %{buildroot}%{_var}/lib/%{progname} %{__cp} -pr files/inotify %{buildroot}%{_var}/lib/%{progname} %{__cp} -pr files/quarantine %{buildroot}%{_var}/lib/%{progname} %{__cp} -pr files/sess %{buildroot}%{_var}/lib/%{progname} %{__cp} -pr files/sigs %{buildroot}%{_var}/lib/%{progname} %{__cp} -pr files/tmp %{buildroot}%{_datadir}/%{progname} %{__cp} -p files/hexstring.pl %{buildroot}%{_libexecdir}/%{progname}/ %{__cp} -p files/ignore_* %{buildroot}%{_datadir}/%{progname} %{__cp} -p files/VERSION.hash %{buildroot}%{_datadir}/%{progname} %{__cp} -p files/internals.conf %{buildroot}%{_datadir}/%{progname} %{__cp} -p files/conf.maldet %{buildroot}%{_sysconfdir}/%{progname}.conf %{__cp} -p cron.daily %{buildroot}%{_sysconfdir}/cron.daily/%{progname} %{__cp} -p files/maldet %{buildroot}%{_bindir}/ %clean rm -rf %{buildroot} %files %defattr(-,root,root,-) %doc CHANGELOG COPYING.GPL README %{_bindir}/maldet %{_datadir}/maldetect/* %{_var}/lib/maldetect/* %{_libexecdir}/maldetect/* %config(noreplace) %{_sysconfdir}/cron.daily/maldetect %config(noreplace) %{_sysconfdir}/maldetect.conf %changelog * Fri Mar 18 2011 Mark McKinstry - 1.3.9-1 - upgrade to 1.3.9 * Tue Nov 29 2010 Mark McKinstry - 1.3.7-1 - consolidate patches - make sure we're using inotify-tools >= 3.14 - upgrade to 1.3.7 * Thu Nov 11 2010 Mark McKinstry - 1.3.6-1 - initial build