1 # services timeoout time on idle for on-demand activation.
2 # give it '-1' if don't want to timeout on idle.
3 %define service_idle_timeout_time 60
4 %define popup_service_idle_timeout_time 10
6 # Configure engine file system.
8 # ro_dir_name / rw_dir_name
9 # - dir name is directory name inside of CSR directory.
10 # - 'dbspace' cannot be used as a dir_name.
11 %define engine_ro_dir_name engine
12 %define engine_rw_dir_name engine
14 # base of detailed url of content screening engine.
15 # If it's defined, detailed_url for client will be generated by
16 # concatenating base url + malware name.
17 # Else it's not defined, detailed_url getter in engine API will be used.
18 %define with_detailed_base_url 0
19 %define detailed_base_url %nil
21 %define with_sample_engine 1
23 Summary: A general purpose content screening and reputation solution
27 Source: %{name}-%{version}.tar.gz
28 License: Apache-2.0 and BSL-1.0
29 Group: Security/Service
32 BuildRequires: gettext-tools
33 BuildRequires: pkgconfig(dlog)
34 BuildRequires: pkgconfig(libsystemd-daemon)
35 BuildRequires: pkgconfig(vconf)
36 BuildRequires: pkgconfig(sqlite3)
37 BuildRequires: pkgconfig(pkgmgr)
38 BuildRequires: pkgconfig(pkgmgr-info)
39 BuildRequires: pkgconfig(libsmack)
40 BuildRequires: pkgconfig(capi-appfw-application)
41 BuildRequires: pkgconfig(elementary)
42 BuildRequires: pkgconfig(efl-extension)
43 BuildRequires: pkgconfig(icu-i18n)
44 BuildRequires: pkgconfig(libtzplatform-config)
45 BuildRequires: pkgconfig(cynara-client)
46 Requires: lib%{name}-common = %{version}-%{release}
50 General purpose content screening and reputation solution. Can scan
51 file contents and checking url to prevent malicious items.
53 %global service_name csr
54 %global bin_dir %{_bindir}
55 %global sbin_dir /sbin
56 %global ro_data_dir %{_datadir}
57 %global rw_data_dir /opt/share
58 %global ro_db_dir %{ro_data_dir}/%{service_name}/dbspace
59 %global rw_db_dir %{rw_data_dir}/%{service_name}/dbspace
60 %global ro_res_dir %{ro_data_dir}/%{service_name}/res
61 %global engine_rw_working_dir %{rw_data_dir}/%{service_name}/%{engine_rw_dir_name}
62 %global engine_dir %{ro_data_dir}/%{service_name}/%{engine_ro_dir_name}
63 %global test_dir %{rw_data_dir}/%{service_name}-test
64 %global test_res_dir %{ro_data_dir}/%{service_name}-test
66 %global service_user security_fw
67 %global service_group security_fw
68 %global test_user owner
69 %global popup_service_env_file_path /run/tizen-system-env
70 %global smack_domain_name System
71 %global popup_unitdir %{_unitdir_user}
73 %package -n lib%{name}-common
74 Summary: CSR framework (common library)
76 Group: Security/Libraries
77 BuildRequires: pkgconfig(cynara-creds-socket)
78 Requires: %{sbin_dir}/ldconfig
80 %description -n lib%{name}-common
81 Content Screening and Reputation framework package (common library)
83 %package -n lib%{name}-client
84 Summary: CSR framework (client library)
86 Group: Security/Libraries
87 BuildRequires: pkgconfig(capi-base-common)
88 Requires: %{name} = %{version}-%{release}
89 Requires: %{sbin_dir}/ldconfig
91 %description -n lib%{name}-client
92 Content Screening and Reputation framework package (client library)
95 Summary: CSR framework (development files)
97 Group: Security/Development
98 BuildRequires: pkgconfig(capi-base-common)
99 Requires: %{name} = %{version}-%{release}
100 Requires: lib%{name}-client
103 Content Screening and Reputation framework development files like headers and pkgconfigs
105 %package engine-devel
106 Summary: CSR framework (engine development files)
108 Group: Security/Development
110 %description engine-devel
111 Content Screening and Reputation framework engine development files like headers and
115 Summary: CSR framework (test program)
116 License: Apache-2.0 and BSL-1.0
117 Group: Security/Testing
118 BuildRequires: boost-devel
119 BuildRequires: pkgconfig(pkgmgr-info)
120 BuildRequires: pkgconfig(glib-2.0)
121 BuildRequires: pkgconfig(storage)
123 Requires: %{name} = %{version}
126 Content Screening and Reputation framework (test program)
130 Summary: CSR framework (gcov)
131 Group: Security/Testing
135 Content Screening and Reputation framework (gcov)
143 # define build architecture
145 %define test_target emulator
147 %define test_target target
151 export CFLAGS+=" -fprofile-arcs -ftest-coverage"
152 export CXXFLAGS+=" -fprofile-arcs -ftest-coverage"
153 export FFLAGS+=" -fprofile-arcs -ftest-coverage"
154 export LDFLAGS+=" -lgcov"
158 -DCMAKE_BUILD_TYPE=%{?build_type:%build_type}%{!?build_type:RELEASE} \
159 -DCMAKE_VERBOSE_MAKEFILE=ON \
160 -DCMAKE_INSTALL_PREFIX=%{_prefix} \
161 -DSERVICE_USER=%{service_user} \
162 -DSERVICE_GROUP=%{service_group} \
163 -DSMACK_DOMAIN_NAME=%{smack_domain_name} \
164 -DPOPUP_SERVICE_ENV_FILE_PATH:PATH=%{popup_service_env_file_path} \
165 -DSERVICE_NAME=%{service_name} \
166 -DVERSION=%{version} \
167 -DINCLUDE_INSTALL_DIR:PATH=%{_includedir} \
168 -DBIN_DIR:PATH=%{bin_dir} \
169 -DSYSTEMD_UNIT_DIR=%{_unitdir} \
170 -DPOPUP_SYSTEMD_UNIT_DIR=%{popup_unitdir} \
171 -DRO_DBSPACE:PATH=%{ro_db_dir} \
172 -DRW_DBSPACE:PATH=%{rw_db_dir} \
173 -DRO_RES_DIR:PATH=%{ro_res_dir} \
174 -DRO_DATA_DIR:PATH=%{ro_data_dir} \
175 -DSERVICE_IDLE_TIMEOUT_TIME=%{service_idle_timeout_time} \
176 -DPOPUP_SERVICE_IDLE_TIMEOUT_TIME=%{popup_service_idle_timeout_time} \
177 -DENGINE_RW_WORKING_DIR:PATH=%{engine_rw_working_dir} \
178 -DENGINE_DIR:PATH=%{engine_dir} \
179 -DTEST_TARGET=%{test_target} \
180 -DTEST_DIR:PATH=%{test_dir} \
181 -DTEST_RES_DIR:PATH=%{test_res_dir} \
182 %if 0%{?with_detailed_base_url}
183 -DDETAILED_URL_BASE:STRING=%{detailed_base_url} \
185 %if 0%{?with_sample_engine}
186 -DWITH_SAMPLE_ENGINE:BOOL=ON \
188 -DWITH_SAMPLE_ENGINE:BOOL=OFF \
190 -DTZ_SYS_STORAGE=%TZ_SYS_STORAGE \
191 -DTZ_SYS_RW_APP=%TZ_SYS_RW_APP \
192 -DTZ_SYS_RO_APP=%TZ_SYS_RO_APP \
193 -DBUILD_GCOV=%{?gcov:1}%{!?gcov:0}
195 make %{?jobs:-j%jobs}
199 find . -name '*.gcno' -exec cp '{}' gcov-obj ';'
204 %install_service sockets.target.wants %{service_name}-cs.socket
205 %install_service sockets.target.wants %{service_name}-wp.socket
206 %install_service sockets.target.wants %{service_name}-admin.socket
207 %install_service ../user/sockets.target.wants %{service_name}-popup.socket
208 %install_service ../system/user-sockets@.target.wants %{service_name}-popup@.socket
210 mkdir -p %{buildroot}%{rw_db_dir}
211 mkdir -p %{buildroot}%{ro_db_dir}
212 cp data/scripts/*.sql %{buildroot}%{ro_db_dir}
214 mkdir -p %{buildroot}%{engine_dir}
215 mkdir -p %{buildroot}%{engine_rw_working_dir}
217 %find_lang %{service_name}
220 mkdir -p %{buildroot}%{_datadir}/gcov/obj
221 install -m 0644 gcov-obj/* %{buildroot}%{_datadir}/gcov/obj
225 set_cap_script=%{ro_data_dir}/security-config/set_capability
226 if [ -f $set_cap_script ]; then
230 rm -f %{rw_db_dir}/.%{service_name}.db*
232 systemctl daemon-reload
234 systemctl start %{service_name}-cs.socket
235 systemctl start %{service_name}-wp.socket
236 systemctl start %{service_name}-admin.socket
237 systemctl start %{service_name}.service
239 systemctl --user start %{service_name}-popup.socket
240 systemctl --user start %{service_name}-popup.service
241 elif [ $1 = 2 ]; then
242 systemctl stop %{service_name}-cs.socket
243 systemctl stop %{service_name}-wp.socket
244 systemctl stop %{service_name}-admin.socket
245 systemctl restart %{service_name}.service
247 systemctl --user stop %{service_name}-popup.socket
248 systemctl --user restart %{service_name}-popup.service
253 systemctl stop %{service_name}-cs.socket
254 systemctl stop %{service_name}-wp.socket
255 systemctl stop %{service_name}-admin.socket
256 systemctl stop %{service_name}.service
258 systemctl --user stop %{service_name}-popup.socket
259 systemctl --user stop %{service_name}-popup.service
264 systemctl daemon-reload
267 %post -n lib%{name}-common -p %{sbin_dir}/ldconfig
268 %post -n lib%{name}-client -p %{sbin_dir}/ldconfig
269 %postun -n lib%{name}-common -p %{sbin_dir}/ldconfig
270 %postun -n lib%{name}-client -p %{sbin_dir}/ldconfig
272 %post -n %{name}-test
273 chsmack -a "_" %{test_dir}/test_dir/dir1
274 %if 0%{?with_sample_engine}
275 systemctl stop %{service_name}-cs.socket
276 systemctl stop %{service_name}-wp.socket
277 systemctl stop %{service_name}-admin.socket
278 systemctl restart %{service_name}.service
280 touch %{engine_rw_working_dir}/csret_cs_virus_signatures
281 touch %{engine_rw_working_dir}/csret_wp_risky_urls
285 chmod 777 -R /tmp/home/abuild/rpmbuild/BUILD/csr-framework-*
286 su - owner -c %{bin_dir}/%{service_name}-test
287 %{bin_dir}/%{service_name}-internal-test
288 %{bin_dir}/%{service_name}-threadpool-test
291 %files -f %{service_name}.lang
292 %defattr(-,root,root,-)
293 %manifest %{service_name}.manifest
295 %license LICENSE.BSL-1.0
296 %{bin_dir}/%{service_name}-server
297 %{bin_dir}/%{service_name}-popup
298 %{_unitdir}/%{service_name}.service
299 %{_unitdir}/sockets.target.wants/%{service_name}-cs.socket
300 %{_unitdir}/sockets.target.wants/%{service_name}-wp.socket
301 %{_unitdir}/sockets.target.wants/%{service_name}-admin.socket
302 %{_unitdir}/%{service_name}-cs.socket
303 %{_unitdir}/%{service_name}-wp.socket
304 %{_unitdir}/%{service_name}-admin.socket
305 %{popup_unitdir}/%{service_name}-popup.socket
306 %{popup_unitdir}/sockets.target.wants/%{service_name}-popup.socket
307 %{popup_unitdir}/%{service_name}-popup.service
308 %{_unitdir}/%{service_name}-popup@.socket
309 %{_unitdir}/user-sockets@.target.wants/%{service_name}-popup@.socket
310 %{_unitdir}/%{service_name}-popup@.service
311 %{ro_res_dir}/default-icon.png
313 %dir %{ro_data_dir}/%{service_name}
314 %dir %attr(-, %{service_user}, %{service_group}) %{rw_data_dir}/%{service_name}
316 %dir %attr(-, %{service_user}, %{service_group}) %{rw_db_dir}
317 %attr(444, %{service_user}, %{service_group}) %{ro_db_dir}/*.sql
320 %dir %attr(775, %{service_user}, %{service_group}) %{engine_rw_working_dir}
322 %files -n lib%{name}-common
323 %defattr(-,root,root,-)
324 %manifest %{service_name}-common.manifest
326 %{_libdir}/lib%{service_name}-common.so.*
328 %files -n lib%{name}-client
329 %defattr(-,root,root,-)
330 %manifest %{service_name}-client.manifest
332 %{_libdir}/lib%{service_name}-client.so.*
335 %defattr(-,root,root,-)
336 %{_includedir}/csr/csr-content-screening.h
337 %{_includedir}/csr/csr-content-screening-types.h
338 %{_includedir}/csr/csr-web-protection.h
339 %{_includedir}/csr/csr-web-protection-types.h
340 %{_includedir}/csr/csr-error.h
341 %{_includedir}/csr/csr-engine-manager.h
342 %{_libdir}/pkgconfig/%{service_name}.pc
343 %{_libdir}/lib%{service_name}-client.so
344 %{_libdir}/lib%{service_name}-common.so
347 %defattr(-,root,root,-)
348 %{_includedir}/csre/csre-content-screening-engine-info.h
349 %{_includedir}/csre/csre-content-screening.h
350 %{_includedir}/csre/csre-content-screening-types.h
351 %{_includedir}/csre/csre-error.h
352 %{_includedir}/csre/csre-web-protection-engine-info.h
353 %{_includedir}/csre/csre-web-protection.h
354 %{_includedir}/csre/csre-web-protection-types.h
355 %{_libdir}/pkgconfig/%{service_name}-engine.pc
358 %defattr(-,root,root,-)
359 %manifest %{service_name}-test.manifest
361 %license LICENSE.BSL-1.0
362 %{_libdir}/lib%{service_name}-test-common.so
363 %attr(-, %{test_user}, %{service_group}) %{bin_dir}/%{service_name}-test
364 %attr(-, %{test_user}, %{service_group}) %{bin_dir}/%{service_name}-internal-test
365 %attr(-, %{test_user}, %{service_group}) %{bin_dir}/%{service_name}-popup-test
366 %attr(-, %{test_user}, %{service_group}) %{bin_dir}/%{service_name}-threadpool-test
369 %dir %attr(-, %{test_user}, %{service_group}) %{test_dir}
370 %attr(-, %{test_user}, %{service_group}) %{test_dir}/*
372 %dir %attr(-, %{test_user}, %{service_group}) %{test_res_dir}
373 %attr(-, %{test_user}, %{service_group}) %{test_res_dir}/*
375 # sample engine related files
376 %if 0%{?with_sample_engine}
377 %{engine_dir}/lib%{service_name}-cs-engine.so
378 %{engine_dir}/lib%{service_name}-wp-engine.so
379 %attr(-, %{service_user}, %{service_group}) %{engine_rw_working_dir}/*
384 %{_datadir}/gcov/obj/*