5 Summary: ViST(Virtual Security Table) is an unified security API platform based virtual tables.
6 Url: https://github.com/facebook/osquery
7 Group: Security/Libraries
8 Source0: file://%{name}-%{version}.tar.gz
9 Source1: %name.manifest
10 BuildRequires: gcc-c++
14 BuildRequires: glog-devel
15 BuildRequires: boost-devel
17 BuildRequires: gflags-devel
18 BuildRequires: pkgconfig(dlog)
19 BuildRequires: pkgconfig(sqlite3)
20 BuildRequires: pkgconfig(libtzplatform-config)
21 BuildRequires: pkgconfig(libsystemd-daemon)
24 Requires: boost-regex boost-system boost-thread boost-filesystem
27 %global osquery_version 4.0.0
29 %global user_name security_fw
30 %global group_name security_fw
31 %global smack_label System
33 %global ro_dir %{_datadir}
34 %global rw_dir %{TZ_SYS_DATA}
36 %global vist_ro_dir %{ro_dir}/vist
37 %global vist_rw_dir %{rw_dir}/vist
39 %global vist_db_dir %{vist_rw_dir}/db
40 %global vist_plugin_dir %{vist_ro_dir}/plugin
41 %global vist_table_dir %{vist_ro_dir}/table
42 %global vist_script_dir %{vist_ro_dir}/script
45 ViST provides unified interface of security functions.
46 ViST views security resources as virtual tables and manipulates them through SQL queries.
47 ViST adopts a plug-in architecture and uses osquery as the query analysis engine.
54 %{!?build_type:%define build_type "RELEASE"}
56 %if %{build_type} == "DEBUG" || %{build_type} == "PROFILING" || %{build_type} == "CCOV"
57 CFLAGS="$CFLAGS -Wp,-U_FORTIFY_SOURCE"
58 CXXFLAGS="$CXXFLAGS -Wp,-U_FORTIFY_SOURCE"
62 export CFLAGS+=" -fprofile-arcs -ftest-coverage"
63 export CXXFLAGS+=" -fprofile-arcs -ftest-coverage"
64 export FFLAGS+=" -fprofile-arcs -ftest-coverage"
65 export LDFLAGS+=" -lgcov"
68 %cmake . -DCMAKE_BUILD_TYPE=%{build_type} \
69 -DVERSION=%{version} \
70 -DOSQUERY_VERSION=%{osquery_version} \
72 -DUSER_NAME=%{user_name} \
73 -DGROUP_NAME=%{group_name} \
74 -DSMACK_LABEL=%{smack_label} \
75 -DDEFAULT_POLICY_ADMIN=vist-cli \
76 -DDB_INSTALL_DIR:PATH=%{vist_db_dir} \
77 -DPLUGIN_INSTALL_DIR:PATH=%{vist_plugin_dir} \
78 -DTABLE_INSTALL_DIR:PATH=%{vist_table_dir} \
79 -DSCRIPT_INSTALL_DIR:PATH=%{vist_script_dir} \
80 -DSYSTEMD_UNIT_DIR:PATH=%{_unitdir} \
81 -DBUILD_GCOV=%{?gcov:1}%{!?gcov:0}
87 mkdir -p %{buildroot}/%{vist_db_dir}
88 mkdir -p %{buildroot}/%{vist_table_dir}
89 mkdir -p %{buildroot}/%{vist_plugin_dir}
90 mkdir -p %{buildroot}/%{vist_script_dir}
92 cp data/script/*.sql %{buildroot}/%{vist_script_dir}
94 %install_service sockets.target.wants %{name}.socket
100 rm -f %{vist_db_dir}/.%{name}.db*
102 systemctl daemon-reload
104 systemctl start %{name}.socket
105 elif [ $1 = 2 ]; then
106 systemctl stop %{name}.socket
107 systemctl stop %{name}.service
108 systemctl restart %{name}.socket
112 %manifest %{name}.manifest
113 %license LICENSE-Apache-2.0
114 %attr(-, %{user_name}, %{group_name}) %{_bindir}/vist-cli
115 %attr(-, %{user_name}, %{group_name}) %{_bindir}/vistd
116 %{_libdir}/libvist-rmi.so
117 %{_unitdir}/vist.service
118 %{_unitdir}/vist.socket
119 %{_unitdir}/sockets.target.wants/vist.socket
120 %{vist_script_dir}/*.sql
121 %dir %attr(-, %{user_name}, %{group_name}) %{vist_db_dir}
122 %dir %attr(-, %{user_name}, %{group_name}) %{vist_table_dir}
123 %dir %attr(-, %{user_name}, %{group_name}) %{vist_script_dir}
125 ## Test Package ##############################################################
127 Summary: Virtaul Security Table (unit test)
128 Group: Security/Testing
129 BuildRequires: gtest-devel
133 Provides internal testcases for ViST implementation.
136 %manifest packaging/%{name}-test.manifest
137 %{_bindir}/osquery-test
138 %attr(4755 %{user_name}, %{group_name}) %{_bindir}/vist-test
139 %dir %attr(-, %{user_name}, %{group_name}) %{vist_table_dir}
140 %attr(-, %{user_name}, %{group_name}) %{vist_table_dir}/libvist-table-sample.so
141 %attr(-, %{user_name}, %{group_name}) %{vist_plugin_dir}/libtest-plugin.so
143 ## ViST Plugins #############################################################
145 Summary: Virtaul Security Table (policy modules)
146 Group: Security/Other
148 BuildRequires: pkgconfig(bluetooth-api)
149 BuildRequires: pkgconfig(capi-network-bluetooth)
152 BuildRequires: pkgconfig(klay)
153 BuildRequires: pkgconfig(capi-network-wifi-manager)
154 BuildRequires: pkgconfig(capi-network-connection)
158 Provides plugins for controlling policies.
161 #rm -f %{vist_plugin_dir}/bluetooth
162 #rm -f %{vist_plugin_dir}/wifi
165 %manifest packaging/%{name}-plugins.manifest
166 %attr(-, %{user_name}, %{group_name}) %{vist_table_dir}/libvist-bluetooth-policy.so
167 %attr(4755 %{user_name}, %{group_name}) %{_bindir}/vist-bluetooth-policy-test