From 9ede3931cac82e0309b06cf9982b107c6c6002b5 Mon Sep 17 00:00:00 2001 From: ec2-user Date: Fri, 3 Feb 2017 10:39:23 +0900 Subject: [PATCH 01/31] Fixed few bugs for osquery and pip installs --- scripts/installessentials.sh | 2 +- scripts/osquery-build.sh | 2 +- scripts/pyinstaller-requirements.txt | 1 + 3 files changed, 3 insertions(+), 2 deletions(-) diff --git a/scripts/installessentials.sh b/scripts/installessentials.sh index 106f6b107..fd5eed917 100644 --- a/scripts/installessentials.sh +++ b/scripts/installessentials.sh @@ -14,4 +14,4 @@ fi easy_install pip # Creating required directories -mkdir -p /etc/osquery /var/log/osquery /etc/hubble /opt/hubble /opt/osquery +mkdir -p /etc/osquery /var/log/osquery /etc/hubble /opt/hubble /opt/osquery /var/osquery diff --git a/scripts/osquery-build.sh b/scripts/osquery-build.sh index d51a98472..2ec69cfbc 100644 --- a/scripts/osquery-build.sh +++ b/scripts/osquery-build.sh @@ -6,7 +6,7 @@ git clone https://github.com/facebook/osquery.git cd osquery make sysprep make deps -make +SKIP_TESTS=1 make -j 4 make strip sudo mv ./build/linux/osquery/osqueryi ./build/linux/osquery/osqueryd /opt/osquery sudo chown -R root. /opt/osquery diff --git a/scripts/pyinstaller-requirements.txt b/scripts/pyinstaller-requirements.txt index 454453dd2..5020b82c1 100644 --- a/scripts/pyinstaller-requirements.txt +++ b/scripts/pyinstaller-requirements.txt @@ -14,3 +14,4 @@ pygit2 salt-ssh gitpython pyinotify +cffi From 7c9dfb1ef340404d6a93ad35ce8f3c0d482e40f8 Mon Sep 17 00:00:00 2001 From: ec2-user Date: Fri, 3 Feb 2017 10:43:30 +0900 Subject: [PATCH 02/31] Update the pyinstaller to create a onedir binary to comply with CIS --- scripts/pyinstaller-hubble.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/pyinstaller-hubble.sh b/scripts/pyinstaller-hubble.sh index 1e409c6cb..92c56bf6d 100644 --- a/scripts/pyinstaller-hubble.sh +++ b/scripts/pyinstaller-hubble.sh @@ -7,7 +7,7 @@ _BINARY_LOG_LEVEL="INFO" function pkg_init { _INCLUDE_PATH="" -pyinstaller --onefile \ +pyinstaller --onedir \ --noconfirm \ --log-level $_BINARY_LOG_LEVEL \ --additional-hooks-dir=$_SOURCE_DIR \ From 983d6fd1864b17dbf4321f706279b0bb0ecaf404 Mon Sep 17 00:00:00 2001 From: EC2 Default User Date: Fri, 3 Feb 2017 02:43:55 +0000 Subject: [PATCH 03/31] Updated the pyinstaller init to run without sudo --- init_pkg.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/init_pkg.sh b/init_pkg.sh index e036d2862..10a5cbfb6 100755 --- a/init_pkg.sh +++ b/init_pkg.sh @@ -29,5 +29,5 @@ sudo bash libgit2-build.sh bash osquery-build.sh sudo bash pip-install.sh sudo bash pyinstaller-hubble.sh pkg_clean -sudo bash pyinstaller-hubble.sh pkg_init +bash pyinstaller-hubble.sh pkg_init sudo bash pyinstaller-hubble.sh pkg_create From 46e4fbf2c52f6e0779b94c97ca0afa3142a7d22e Mon Sep 17 00:00:00 2001 From: EC2 Default User Date: Fri, 3 Feb 2017 03:02:40 +0000 Subject: [PATCH 04/31] DELETED THE DUPLICATE ENTRIES --- scripts/pyinstaller-requirements.txt | 2 -- 1 file changed, 2 deletions(-) diff --git a/scripts/pyinstaller-requirements.txt b/scripts/pyinstaller-requirements.txt index 5020b82c1..e20bf321d 100644 --- a/scripts/pyinstaller-requirements.txt +++ b/scripts/pyinstaller-requirements.txt @@ -2,9 +2,7 @@ pyinstaller==3.2 # currently 3.2.1 version is not supported because of botocore Crypto pyopenssl argparse -Crypto requests -argparse logging pprint daemon From 0c0e4c7437f5c123cbbc1202efcc184027012d72 Mon Sep 17 00:00:00 2001 From: kravivar Date: Thu, 2 Feb 2017 22:50:44 -0700 Subject: [PATCH 05/31] Updated the link for hubble --- scripts/pyinstaller-hubble.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/scripts/pyinstaller-hubble.sh b/scripts/pyinstaller-hubble.sh index 92c56bf6d..c02d474fc 100644 --- a/scripts/pyinstaller-hubble.sh +++ b/scripts/pyinstaller-hubble.sh @@ -22,7 +22,8 @@ function pkg_clean { function pkg_create { cp -rf conf/hubble /etc/hubble/ cp -rf conf/hubble-profile.sh /etc/profile.d/ -mv dist/hubble /opt/hubble/ +mv dist/hubble /opt/hubble/hubble-libs +ln -s /opt/hubble/hubble-libs /opt/hubble/hubble-libs/hubble cp -rf conf/hubble /etc/hubble/ tar -cPvzf hubble.tar.gz /etc/hubble /etc/osquery /opt/hubble /opt/osquery /var/log/osquery /etc/profile.d/hubble-profile.sh } From ce9a08824d1b3f4269fb98851e2a0cf974480c4e Mon Sep 17 00:00:00 2001 From: kravivar Date: Fri, 3 Feb 2017 07:51:31 -0700 Subject: [PATCH 06/31] reverted the changes to pkg_init --- init_pkg.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/init_pkg.sh b/init_pkg.sh index 10a5cbfb6..e036d2862 100755 --- a/init_pkg.sh +++ b/init_pkg.sh @@ -29,5 +29,5 @@ sudo bash libgit2-build.sh bash osquery-build.sh sudo bash pip-install.sh sudo bash pyinstaller-hubble.sh pkg_clean -bash pyinstaller-hubble.sh pkg_init +sudo bash pyinstaller-hubble.sh pkg_init sudo bash pyinstaller-hubble.sh pkg_create From 1d7295ec33e3beafac1f9261b9576973e278219b Mon Sep 17 00:00:00 2001 From: kravivar Date: Fri, 3 Feb 2017 09:41:06 -0700 Subject: [PATCH 07/31] Fixed the link issue --- scripts/pyinstaller-hubble.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/pyinstaller-hubble.sh b/scripts/pyinstaller-hubble.sh index c02d474fc..458d19aae 100644 --- a/scripts/pyinstaller-hubble.sh +++ b/scripts/pyinstaller-hubble.sh @@ -23,7 +23,7 @@ function pkg_create { cp -rf conf/hubble /etc/hubble/ cp -rf conf/hubble-profile.sh /etc/profile.d/ mv dist/hubble /opt/hubble/hubble-libs -ln -s /opt/hubble/hubble-libs /opt/hubble/hubble-libs/hubble +ln -s /opt/hubble/hubble-libs/hubble /opt/hubble/hubble cp -rf conf/hubble /etc/hubble/ tar -cPvzf hubble.tar.gz /etc/hubble /etc/osquery /opt/hubble /opt/osquery /var/log/osquery /etc/profile.d/hubble-profile.sh } From e8c2b064239359e5dd0c99b1c6bc3c4096f5aa45 Mon Sep 17 00:00:00 2001 From: kravivar Date: Fri, 3 Feb 2017 09:45:29 -0700 Subject: [PATCH 08/31] Fixed the salt hook bug --- hook-salt.py | 28 +--------------------------- 1 file changed, 1 insertion(+), 27 deletions(-) diff --git a/hook-salt.py b/hook-salt.py index ac7c25f1e..54353fee8 100644 --- a/hook-salt.py +++ b/hook-salt.py @@ -77,33 +77,7 @@ DATAS.remove(entry) # Some packages salt required, which we should include that are not discovered by PyInstaller -PACKAGES = [ - 'ssl', - 'crypto', - 'OpenSSL', - 'argparse', - 'base64', - 'HTMLParser', - 'json', - 'logging', - 'requests', - 'functools', - 'BaseHTTPServer', - 'argparse', - 'logging', - 'pprint', - 'os', - 'random', - 'git', - 'daemon', - 'boto3', - 'botocore', - 'six', - 'inspect', - 'yaml', - 'traceback', - 'pygit2' -] +PACKAGES = [] for pkg in PACKAGES: DATAS.extend(collect_data_files(pkg, include_py_files=True)) From d73e39e574bf4ef983abd6b66144287f98e5bb7c Mon Sep 17 00:00:00 2001 From: Cloud User Date: Fri, 3 Feb 2017 19:16:11 +0000 Subject: [PATCH 09/31] Fixed the issue of python.h not found on centos --- scripts/installessentials.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/installessentials.sh b/scripts/installessentials.sh index fd5eed917..6d3ae0f3e 100644 --- a/scripts/installessentials.sh +++ b/scripts/installessentials.sh @@ -5,7 +5,7 @@ then apt-get install python-dev libffi-dev libssl-dev libxml2-dev libxslt1-dev libjpeg8-dev zlib1g-dev make cmake python-setuptools gcc -y elif [ -f "/usr/bin/yum" ] then - yum install python27-devel libffi-devel openssl-devel libxml2-devel libxslt-devel libjpeg-devel zlib-devel make cmake python27-setuptools gcc -y + yum install python27-devel libffi-devel openssl-devel libxml2-devel libxslt-devel libjpeg-devel zlib-devel make cmake python27-setuptools gcc python-devel python-setuptools -y else echo "No package managers found ..." exit From a4126436f5a8be2b03c0a59856b9790c114fffe7 Mon Sep 17 00:00:00 2001 From: Cloud User Date: Fri, 3 Feb 2017 20:04:06 +0000 Subject: [PATCH 10/31] Check for root user run and exit the script, if the script is run as root user. --- init_pkg.sh | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/init_pkg.sh b/init_pkg.sh index e036d2862..c45a35640 100755 --- a/init_pkg.sh +++ b/init_pkg.sh @@ -1,5 +1,7 @@ #!/bin/bash +_user=`id -u` + # Installing minimum of python 2.7 _python_version=`python -c 'import sys; version=sys.version_info[:3]; print("{0}.{1}.{2}".format(*version))'` @@ -16,12 +18,21 @@ scl enable python27 bash \n EOF +# Check if the python version is 2.6.6 if [ "$_python_version" == "2.6.6" ] then echo -e $_PYTHON_HELP exit fi +# Check if the current user is root +if [ "$_user" == "0" ] +then + echo "This script should not be run as root ..." + echo "Please run this script as regular user with sudo privileges ..." + echo "Exiting ..." + exit +fi cd scripts/ sudo bash installessentials.sh From 7eff35bc0b1fa30aa282794aa62c667b64084e40 Mon Sep 17 00:00:00 2001 From: Colton Myers Date: Fri, 3 Feb 2017 14:27:48 -0700 Subject: [PATCH 11/31] Only send to slack if there was actual data --- hubblestack/extmods/returners/slack_pulsar_returner.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hubblestack/extmods/returners/slack_pulsar_returner.py b/hubblestack/extmods/returners/slack_pulsar_returner.py index 6b4a563d2..0f52b6bb7 100644 --- a/hubblestack/extmods/returners/slack_pulsar_returner.py +++ b/hubblestack/extmods/returners/slack_pulsar_returner.py @@ -276,11 +276,11 @@ def returner(ret): log.error('slack_pulsar.api_key not defined in salt config') return - if isinstance(ret, dict): + if ret and isinstance(ret, dict): message = ('id: {0}\r\n' 'return: {1}\r\n').format(__opts__['id'], pprint.pformat(ret.get('return'))) - elif isinstance(ret, list): + elif ret and isinstance(ret, list): message = 'id: {0}\r\n' for r in ret: message += pprint.pformat(r.get('return')) From 6c3a841b59443f25e717139eb80b0fa9f240ddb5 Mon Sep 17 00:00:00 2001 From: Cloud User Date: Fri, 3 Feb 2017 21:48:23 +0000 Subject: [PATCH 12/31] Added the user checks before deleting the build file --- scripts/pyinstaller-hubble.sh | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/scripts/pyinstaller-hubble.sh b/scripts/pyinstaller-hubble.sh index 458d19aae..b58a5e500 100644 --- a/scripts/pyinstaller-hubble.sh +++ b/scripts/pyinstaller-hubble.sh @@ -16,7 +16,25 @@ pyinstaller --onedir \ } function pkg_clean { - rm -rf *spec *pyc build dist + declare -a check_folders=('build' 'dist' '/opt/hubble' '/opt/osquery') + + for i in "${check_folders[@]}" + do + if [[ -f $i ]] || [[ -d $i ]]; + then + read -r -p "The file/folder $i will be deleted, do you agree : [y/n]" _input + if [[ "$_input" == "y" ]]; + then + echo "removing $i ..." + rm -rf $i + else + echo "skipping deletion of $i" + fi + else + rm -f $i + fi + done + } function pkg_create { From a0c95c350a83e0e178ef32b8feb3f8be525246ef Mon Sep 17 00:00:00 2001 From: Cloud User Date: Fri, 3 Feb 2017 21:54:41 +0000 Subject: [PATCH 13/31] Bug fix to clear the contents instead of directories --- scripts/pyinstaller-hubble.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/pyinstaller-hubble.sh b/scripts/pyinstaller-hubble.sh index b58a5e500..ba3802906 100644 --- a/scripts/pyinstaller-hubble.sh +++ b/scripts/pyinstaller-hubble.sh @@ -16,7 +16,7 @@ pyinstaller --onedir \ } function pkg_clean { - declare -a check_folders=('build' 'dist' '/opt/hubble' '/opt/osquery') + declare -a check_folders=('build' 'dist' '/opt/hubble/*' '/opt/osquery/*') for i in "${check_folders[@]}" do From 846d518f89df81dc8b1557974ad35618c34b1d02 Mon Sep 17 00:00:00 2001 From: Cloud User Date: Fri, 3 Feb 2017 22:05:09 +0000 Subject: [PATCH 14/31] Fixed the remove contents bug --- scripts/pyinstaller-hubble.sh | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/scripts/pyinstaller-hubble.sh b/scripts/pyinstaller-hubble.sh index ba3802906..bdae4f7e8 100644 --- a/scripts/pyinstaller-hubble.sh +++ b/scripts/pyinstaller-hubble.sh @@ -16,13 +16,13 @@ pyinstaller --onedir \ } function pkg_clean { - declare -a check_folders=('build' 'dist' '/opt/hubble/*' '/opt/osquery/*') + declare -a check_folders=('build' 'dist' '/opt/hubble' '/opt/osquery') for i in "${check_folders[@]}" do - if [[ -f $i ]] || [[ -d $i ]]; + if [[ -f $i ]]; then - read -r -p "The file/folder $i will be deleted, do you agree : [y/n]" _input + read -r -p "The file $i will be deleted, do you agree : [y/n]" _input if [[ "$_input" == "y" ]]; then echo "removing $i ..." @@ -30,6 +30,16 @@ function pkg_clean { else echo "skipping deletion of $i" fi + elif [[ -d $i ]]; + then + read -r -p "The folder $i will be deleted, do you agree : [y/n]" _input + if [[ "$_input" == "y" ]]; + then + echo "removing $i/* ..." + rm -rf $i/* + else + echo "skipping deletion of $i" + fi else rm -f $i fi From dd2cf99d033709326b42c140a5bfeb1fd26726f6 Mon Sep 17 00:00:00 2001 From: Cloud User Date: Wed, 8 Feb 2017 18:17:22 -0500 Subject: [PATCH 15/31] Added bypass argument for answering yes to remove the unwanted directories --- init_pkg.sh | 2 +- scripts/pyinstaller-hubble.sh | 21 +++++++++++++++++++-- 2 files changed, 20 insertions(+), 3 deletions(-) diff --git a/init_pkg.sh b/init_pkg.sh index c45a35640..4c30d6217 100755 --- a/init_pkg.sh +++ b/init_pkg.sh @@ -39,6 +39,6 @@ sudo bash installessentials.sh sudo bash libgit2-build.sh bash osquery-build.sh sudo bash pip-install.sh -sudo bash pyinstaller-hubble.sh pkg_clean +sudo bash pyinstaller-hubble.sh pkg_clean $1 sudo bash pyinstaller-hubble.sh pkg_init sudo bash pyinstaller-hubble.sh pkg_create diff --git a/scripts/pyinstaller-hubble.sh b/scripts/pyinstaller-hubble.sh index bdae4f7e8..a0ba92621 100644 --- a/scripts/pyinstaller-hubble.sh +++ b/scripts/pyinstaller-hubble.sh @@ -1,5 +1,6 @@ #!/bin/bash +_check_auto_deletion=$2 pushd ../ _SOURCE_DIR="./" _BINARY_LOG_LEVEL="INFO" @@ -22,7 +23,14 @@ function pkg_clean { do if [[ -f $i ]]; then - read -r -p "The file $i will be deleted, do you agree : [y/n]" _input + + if [[ "$_check_auto_deletion" == "-y" ]]; + then + _input="y" + else + read -r -p "The file $i will be deleted, do you agree : [y/n]" _input + fi + if [[ "$_input" == "y" ]]; then echo "removing $i ..." @@ -30,9 +38,17 @@ function pkg_clean { else echo "skipping deletion of $i" fi + elif [[ -d $i ]]; then - read -r -p "The folder $i will be deleted, do you agree : [y/n]" _input + + if [[ "$_check_auto_deletion" == "-y" ]]; + then + _input="y" + else + read -r -p "The folder $i will be deleted, do you agree : [y/n]" _input + fi + if [[ "$_input" == "y" ]]; then echo "removing $i/* ..." @@ -40,6 +56,7 @@ function pkg_clean { else echo "skipping deletion of $i" fi + else rm -f $i fi From 5c2a65721a312f68eda120d1a537aa7fc7b2c996 Mon Sep 17 00:00:00 2001 From: Cloud User Date: Wed, 8 Feb 2017 18:17:40 -0500 Subject: [PATCH 16/31] added missing essentials packages --- scripts/installessentials.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/installessentials.sh b/scripts/installessentials.sh index 6d3ae0f3e..0f6e9304b 100644 --- a/scripts/installessentials.sh +++ b/scripts/installessentials.sh @@ -2,10 +2,10 @@ if [ -f "/usr/bin/apt-get" ] then - apt-get install python-dev libffi-dev libssl-dev libxml2-dev libxslt1-dev libjpeg8-dev zlib1g-dev make cmake python-setuptools gcc -y + apt-get install python-dev libffi-dev libssl-dev libxml2-dev libxslt1-dev libjpeg8-dev zlib1g-dev make cmake python-setuptools gcc wget git -y elif [ -f "/usr/bin/yum" ] then - yum install python27-devel libffi-devel openssl-devel libxml2-devel libxslt-devel libjpeg-devel zlib-devel make cmake python27-setuptools gcc python-devel python-setuptools -y + yum install python27-devel libffi-devel openssl-devel libxml2-devel libxslt-devel libjpeg-devel zlib-devel make cmake python27-setuptools gcc python-devel python-setuptools git wget -y else echo "No package managers found ..." exit From 94dee2f299fdc389b0d7c0f461264387a56992f8 Mon Sep 17 00:00:00 2001 From: Cloud User Date: Wed, 8 Feb 2017 19:58:15 -0500 Subject: [PATCH 17/31] Fixed the order issue where the scripts deletes the newly created binaries and fixed the mv statement to use cp to preserve the builds --- init_pkg.sh | 2 +- scripts/osquery-build.sh | 2 +- scripts/pyinstaller-hubble.sh | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/init_pkg.sh b/init_pkg.sh index 4c30d6217..026fad985 100755 --- a/init_pkg.sh +++ b/init_pkg.sh @@ -36,9 +36,9 @@ fi cd scripts/ sudo bash installessentials.sh +sudo bash pyinstaller-hubble.sh pkg_clean $1 sudo bash libgit2-build.sh bash osquery-build.sh sudo bash pip-install.sh -sudo bash pyinstaller-hubble.sh pkg_clean $1 sudo bash pyinstaller-hubble.sh pkg_init sudo bash pyinstaller-hubble.sh pkg_create diff --git a/scripts/osquery-build.sh b/scripts/osquery-build.sh index 2ec69cfbc..32f2e3a9d 100644 --- a/scripts/osquery-build.sh +++ b/scripts/osquery-build.sh @@ -8,7 +8,7 @@ make sysprep make deps SKIP_TESTS=1 make -j 4 make strip -sudo mv ./build/linux/osquery/osqueryi ./build/linux/osquery/osqueryd /opt/osquery +sudo cp -pr ./build/linux/osquery/osqueryi ./build/linux/osquery/osqueryd /opt/osquery sudo chown -R root. /opt/osquery cd ../../ sudo cp ../conf/osquery.conf /etc/osquery/ diff --git a/scripts/pyinstaller-hubble.sh b/scripts/pyinstaller-hubble.sh index a0ba92621..a45c213ab 100644 --- a/scripts/pyinstaller-hubble.sh +++ b/scripts/pyinstaller-hubble.sh @@ -67,7 +67,7 @@ function pkg_clean { function pkg_create { cp -rf conf/hubble /etc/hubble/ cp -rf conf/hubble-profile.sh /etc/profile.d/ -mv dist/hubble /opt/hubble/hubble-libs +cp -pr dist/hubble /opt/hubble/hubble-libs ln -s /opt/hubble/hubble-libs/hubble /opt/hubble/hubble cp -rf conf/hubble /etc/hubble/ tar -cPvzf hubble.tar.gz /etc/hubble /etc/osquery /opt/hubble /opt/osquery /var/log/osquery /etc/profile.d/hubble-profile.sh From 1f858304530405d551b91c7d0268d1d8157b98e0 Mon Sep 17 00:00:00 2001 From: Colton Myers Date: Wed, 8 Feb 2017 22:14:19 -0700 Subject: [PATCH 18/31] Add initial spec file for cent7 --- .gitignore | 1 - pkg/specs/hubblestack-el7.spec | 53 ++++++++++++++++++++++++++++++++++ 2 files changed, 53 insertions(+), 1 deletion(-) create mode 100644 pkg/specs/hubblestack-el7.spec diff --git a/.gitignore b/.gitignore index 72364f99f..4b4be9bb1 100644 --- a/.gitignore +++ b/.gitignore @@ -28,7 +28,6 @@ var/ # Usually these files are written by a python script from a template # before PyInstaller builds the exe, so as to inject date/other infos into it. *.manifest -*.spec # Installer logs pip-log.txt diff --git a/pkg/specs/hubblestack-el7.spec b/pkg/specs/hubblestack-el7.spec new file mode 100644 index 000000000..8d90a435c --- /dev/null +++ b/pkg/specs/hubblestack-el7.spec @@ -0,0 +1,53 @@ +# Don't try fancy stuff like debuginfo, which is useless on binary-only +# packages. Don't strip binary too +# Be sure buildpolicy set to do nothing +%define __spec_install_post %{nil} +%define debug_package %{nil} +%define __os_install_post %{_dbpath}/brp-compress + +Summary: Hubblestack is a module, open-source security compliance framework +Name: hubblestack +Version: 2.1.0 +Release: 1 +License: Apache 2.0 +Group: Development/Tools +SOURCE0: %{name}-%{version}.tar.gz +URL: https://hubblestack.io +Requires: git + +BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root + +%description +%{summary} + +%prep +%setup -q + +%build +# Empty section. + +%install +rm -rf %{buildroot} +mkdir -p %{buildroot} +mkdir -p %{buildroot}/usr/bin +ln -s /opt/hubble/hubble %{buildroot}/usr/bin/hubble +ln -s /opt/osquery/osqueryi %{buildroot}/usr/bin/osqueryi +ln -s /opt/osquery/osqueryd %{buildroot}/usr/bin/osqueryd + +# in builddir +cp -a * %{buildroot} + + +%clean +rm -rf %{buildroot} + + +%files +%{_sysconfdir}/* +/opt/* +/usr/bin/* +/usr/lib/* + +%changelog +* Wed Feb 8 2017 Colton Myers 2.1.0-1 +- First Build From c3db0f219bf9b399d1ae84cad737d195207072ba Mon Sep 17 00:00:00 2001 From: Colton Myers Date: Fri, 10 Feb 2017 09:57:19 -0700 Subject: [PATCH 19/31] Add el6 spec, be more precise in el7 spec for /etc --- pkg/specs/hubblestack-el6.spec | 57 ++++++++++++++++++++++++++++++++++ pkg/specs/hubblestack-el7.spec | 6 +++- 2 files changed, 62 insertions(+), 1 deletion(-) create mode 100644 pkg/specs/hubblestack-el6.spec diff --git a/pkg/specs/hubblestack-el6.spec b/pkg/specs/hubblestack-el6.spec new file mode 100644 index 000000000..ef0e7e9a1 --- /dev/null +++ b/pkg/specs/hubblestack-el6.spec @@ -0,0 +1,57 @@ +# Don't try fancy stuff like debuginfo, which is useless on binary-only +# packages. Don't strip binary too +# Be sure buildpolicy set to do nothing +%define __spec_install_post %{nil} +%define debug_package %{nil} +%define __os_install_post %{_dbpath}/brp-compress + +Summary: Hubblestack is a module, open-source security compliance framework +Name: hubblestack +Version: 2.1.0 +Release: 1 +License: Apache 2.0 +Group: Development/Tools +SOURCE0: %{name}-%{version}.tar.gz +URL: https://hubblestack.io +Requires: git + +BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root + +%description +%{summary} + +%prep +%setup -q + +%build +# Empty section. + +%install +rm -rf %{buildroot} +mkdir -p %{buildroot} +mkdir -p %{buildroot}/usr/bin +ln -s /opt/hubble/hubble %{buildroot}/usr/bin/hubble +ln -s /opt/osquery/osqueryi %{buildroot}/usr/bin/osqueryi +ln -s /opt/osquery/osqueryd %{buildroot}/usr/bin/osqueryd + +# in builddir +cp -a * %{buildroot} + + +%clean +rm -rf %{buildroot} + + +%files +%{_sysconfdir}/hubble +%{_sysconfdir}/hubble/hubble +%{_sysconfdir}/osquery +%{_sysconfdir}/osquery/osquery.flags +%{_sysconfdir}/osquery/osquery.conf +%{_sysconfdir}/init.d/hubble +/opt/* +/usr/bin/* + +%changelog +* Wed Feb 8 2017 Colton Myers 2.1.0-1 +- First Build diff --git a/pkg/specs/hubblestack-el7.spec b/pkg/specs/hubblestack-el7.spec index 8d90a435c..49bec725e 100644 --- a/pkg/specs/hubblestack-el7.spec +++ b/pkg/specs/hubblestack-el7.spec @@ -43,7 +43,11 @@ rm -rf %{buildroot} %files -%{_sysconfdir}/* +%{_sysconfdir}/hubble +%{_sysconfdir}/hubble/hubble +%{_sysconfdir}/osquery +%{_sysconfdir}/osquery/osquery.flags +%{_sysconfdir}/osquery/osquery.conf /opt/* /usr/bin/* /usr/lib/* From 2684d5aaccd59b1bab4e7f5375fbf63dc7d9827b Mon Sep 17 00:00:00 2001 From: Colton Myers Date: Fri, 10 Feb 2017 10:20:22 -0700 Subject: [PATCH 20/31] Add rpm building script --- pkg/build_rpms.sh | 40 ++++++++++++++++++++++++++++++++++ pkg/specs/hubblestack-el6.spec | 2 +- pkg/specs/hubblestack-el7.spec | 2 +- 3 files changed, 42 insertions(+), 2 deletions(-) create mode 100644 pkg/build_rpms.sh diff --git a/pkg/build_rpms.sh b/pkg/build_rpms.sh new file mode 100644 index 000000000..8d98c0190 --- /dev/null +++ b/pkg/build_rpms.sh @@ -0,0 +1,40 @@ +#!/bin/bash + +set -x # echo on + +_user=`id -u` + +# Check if the current user is root +if [ "$_user" == "0" ] +then + echo "This script should not be run as root ..." + echo "Please run this script as regular user with sudo privileges ..." + echo "Exiting ..." + exit +fi + +cd .. + +bash init_pkg.sh +mv hubble.tar.gz ~/hubble.tar.gz +mkdir ~/hubblestack +tar -xzvf ~/hubble.tar.gz -C ~/hubblestack +tar -czvf ~/hubbblestack.tar.gz ~/hubblestack/ +mkdir -p ~/rpmbuild/{RPMS,SRPMS,BUILD,SOURCES,SPECS,tmp} + +cat <~/.rpmmacros +%_topdir %(echo $HOME)/rpmbuild +%_tmppath %{_topdir}/tmp +EOF + +mv ~/hubblestack.tar.gz ~/rpmbuild/SOURCES/ +cd ~/rpmbuild + +cp ~/hubble/pkg/specs/* SPECS/ + +rpmbuild -ba SPECS/hubblestack-el6.spec +mkdir ~/el6 +mv ~/rpmbuild/RPMS/x86_64/* ~/el6/ +rpmbuild -ba SPECS/hubblestack-el7.spec +mkdir ~/el7 +mv ~/rpmbuild/RPMS/x86_64/* ~/el7/ diff --git a/pkg/specs/hubblestack-el6.spec b/pkg/specs/hubblestack-el6.spec index ef0e7e9a1..4addb9c3c 100644 --- a/pkg/specs/hubblestack-el6.spec +++ b/pkg/specs/hubblestack-el6.spec @@ -11,7 +11,7 @@ Version: 2.1.0 Release: 1 License: Apache 2.0 Group: Development/Tools -SOURCE0: %{name}-%{version}.tar.gz +SOURCE0: %{name}.tar.gz URL: https://hubblestack.io Requires: git diff --git a/pkg/specs/hubblestack-el7.spec b/pkg/specs/hubblestack-el7.spec index 49bec725e..49cccedb3 100644 --- a/pkg/specs/hubblestack-el7.spec +++ b/pkg/specs/hubblestack-el7.spec @@ -11,7 +11,7 @@ Version: 2.1.0 Release: 1 License: Apache 2.0 Group: Development/Tools -SOURCE0: %{name}-%{version}.tar.gz +SOURCE0: %{name}.tar.gz URL: https://hubblestack.io Requires: git From 1f2a7d118f2b154cc07a47d7adcb00ac2083e88c Mon Sep 17 00:00:00 2001 From: Colton Myers Date: Fri, 10 Feb 2017 10:24:10 -0700 Subject: [PATCH 21/31] Add service files --- pkg/build_rpms.sh | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/pkg/build_rpms.sh b/pkg/build_rpms.sh index 8d98c0190..500ef08be 100644 --- a/pkg/build_rpms.sh +++ b/pkg/build_rpms.sh @@ -19,6 +19,10 @@ bash init_pkg.sh mv hubble.tar.gz ~/hubble.tar.gz mkdir ~/hubblestack tar -xzvf ~/hubble.tar.gz -C ~/hubblestack +mkdir -p ~/hubblestack/etc/init.d +cp pkg/hubble ~/hubblestack/etc/init.d +mkdir -p ~/hubblestack/usr/lib/systemd/system +cp pkg/hubble.service ~/hubblestack/usr/lib/systemd/system tar -czvf ~/hubbblestack.tar.gz ~/hubblestack/ mkdir -p ~/rpmbuild/{RPMS,SRPMS,BUILD,SOURCES,SPECS,tmp} From ce101717e3a0fc4accdf2ff260939f5ffa8b9b12 Mon Sep 17 00:00:00 2001 From: Colton Myers Date: Fri, 10 Feb 2017 10:25:17 -0700 Subject: [PATCH 22/31] Make rpm script executable --- pkg/build_rpms.sh | 0 1 file changed, 0 insertions(+), 0 deletions(-) mode change 100644 => 100755 pkg/build_rpms.sh diff --git a/pkg/build_rpms.sh b/pkg/build_rpms.sh old mode 100644 new mode 100755 From a5f14cb2f72aadfa404196893498d58892b57379 Mon Sep 17 00:00:00 2001 From: Colton Myers Date: Fri, 10 Feb 2017 10:26:37 -0700 Subject: [PATCH 23/31] Add -y --- pkg/build_rpms.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/build_rpms.sh b/pkg/build_rpms.sh index 500ef08be..eaaeb7d1d 100755 --- a/pkg/build_rpms.sh +++ b/pkg/build_rpms.sh @@ -15,7 +15,7 @@ fi cd .. -bash init_pkg.sh +bash init_pkg.sh -y mv hubble.tar.gz ~/hubble.tar.gz mkdir ~/hubblestack tar -xzvf ~/hubble.tar.gz -C ~/hubblestack From 94b8f70d5b911d2155844edefdb2110b2703711d Mon Sep 17 00:00:00 2001 From: Colton Myers Date: Fri, 10 Feb 2017 10:28:42 -0700 Subject: [PATCH 24/31] Install rpm-build --- pkg/build_rpms.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/pkg/build_rpms.sh b/pkg/build_rpms.sh index eaaeb7d1d..3d9754b15 100755 --- a/pkg/build_rpms.sh +++ b/pkg/build_rpms.sh @@ -16,6 +16,9 @@ fi cd .. bash init_pkg.sh -y + +sudo yum install -y rpm-build + mv hubble.tar.gz ~/hubble.tar.gz mkdir ~/hubblestack tar -xzvf ~/hubble.tar.gz -C ~/hubblestack From d992d1ae6e9953eb52bcb39f2614d219e3f2331a Mon Sep 17 00:00:00 2001 From: Colton Myers Date: Fri, 10 Feb 2017 16:04:39 -0700 Subject: [PATCH 25/31] Latest specs and build script --- pkg/build_rpms.sh | 31 +++++++++++++++++-------------- pkg/specs/hubblestack-el6.spec | 7 +++---- pkg/specs/hubblestack-el7.spec | 7 +++---- 3 files changed, 23 insertions(+), 22 deletions(-) diff --git a/pkg/build_rpms.sh b/pkg/build_rpms.sh index 3d9754b15..f799b1f22 100755 --- a/pkg/build_rpms.sh +++ b/pkg/build_rpms.sh @@ -16,17 +16,18 @@ fi cd .. bash init_pkg.sh -y - -sudo yum install -y rpm-build - -mv hubble.tar.gz ~/hubble.tar.gz -mkdir ~/hubblestack -tar -xzvf ~/hubble.tar.gz -C ~/hubblestack -mkdir -p ~/hubblestack/etc/init.d -cp pkg/hubble ~/hubblestack/etc/init.d -mkdir -p ~/hubblestack/usr/lib/systemd/system -cp pkg/hubble.service ~/hubblestack/usr/lib/systemd/system -tar -czvf ~/hubbblestack.tar.gz ~/hubblestack/ +cp hubble.tar.gz ~/hubble.tar.gz +rm -rf ~/hubblestack-2.1.0 +rm -rf ~/hubblestack-2.1.0.tar.gz +mkdir ~/hubblestack-2.1.0 +tar -xzvf ~/hubble.tar.gz -C ~/hubblestack-2.1.0 +mkdir -p ~/hubblestack-2.1.0/etc/init.d +cp pkg/hubble ~/hubblestack-2.1.0/etc/init.d +mkdir -p ~/hubblestack-2.1.0/usr/lib/systemd/system +cp pkg/hubble.service ~/hubblestack-2.1.0/usr/lib/systemd/system +cd ~ +tar -czvf hubblestack-2.1.0.tar.gz hubblestack-2.1.0/ +rm -rf ~/rpmbuild mkdir -p ~/rpmbuild/{RPMS,SRPMS,BUILD,SOURCES,SPECS,tmp} cat <~/.rpmmacros @@ -34,14 +35,16 @@ cat <~/.rpmmacros %_tmppath %{_topdir}/tmp EOF -mv ~/hubblestack.tar.gz ~/rpmbuild/SOURCES/ +cp ~/hubblestack-2.1.0.tar.gz ~/rpmbuild/SOURCES/ cd ~/rpmbuild cp ~/hubble/pkg/specs/* SPECS/ rpmbuild -ba SPECS/hubblestack-el6.spec +rm -rf ~/el6 mkdir ~/el6 -mv ~/rpmbuild/RPMS/x86_64/* ~/el6/ +cp ~/rpmbuild/RPMS/x86_64/* ~/el6/ rpmbuild -ba SPECS/hubblestack-el7.spec +rm -rf ~/el7 mkdir ~/el7 -mv ~/rpmbuild/RPMS/x86_64/* ~/el7/ +cp ~/rpmbuild/RPMS/x86_64/* ~/el7/ diff --git a/pkg/specs/hubblestack-el6.spec b/pkg/specs/hubblestack-el6.spec index 4addb9c3c..9aef57982 100644 --- a/pkg/specs/hubblestack-el6.spec +++ b/pkg/specs/hubblestack-el6.spec @@ -4,6 +4,8 @@ %define __spec_install_post %{nil} %define debug_package %{nil} %define __os_install_post %{_dbpath}/brp-compress +# Don't fail out because we're not packaging the other distro's service files +%define _unpackaged_files_terminate_build 0 Summary: Hubblestack is a module, open-source security compliance framework Name: hubblestack @@ -11,7 +13,7 @@ Version: 2.1.0 Release: 1 License: Apache 2.0 Group: Development/Tools -SOURCE0: %{name}.tar.gz +SOURCE0: %{name}-%{version}.tar.gz URL: https://hubblestack.io Requires: git @@ -44,10 +46,7 @@ rm -rf %{buildroot} %files %{_sysconfdir}/hubble -%{_sysconfdir}/hubble/hubble %{_sysconfdir}/osquery -%{_sysconfdir}/osquery/osquery.flags -%{_sysconfdir}/osquery/osquery.conf %{_sysconfdir}/init.d/hubble /opt/* /usr/bin/* diff --git a/pkg/specs/hubblestack-el7.spec b/pkg/specs/hubblestack-el7.spec index 49cccedb3..f35683be2 100644 --- a/pkg/specs/hubblestack-el7.spec +++ b/pkg/specs/hubblestack-el7.spec @@ -4,6 +4,8 @@ %define __spec_install_post %{nil} %define debug_package %{nil} %define __os_install_post %{_dbpath}/brp-compress +# Don't fail out because we're not packaging the other distro's service files +%define _unpackaged_files_terminate_build 0 Summary: Hubblestack is a module, open-source security compliance framework Name: hubblestack @@ -11,7 +13,7 @@ Version: 2.1.0 Release: 1 License: Apache 2.0 Group: Development/Tools -SOURCE0: %{name}.tar.gz +SOURCE0: %{name}-%{version}.tar.gz URL: https://hubblestack.io Requires: git @@ -44,10 +46,7 @@ rm -rf %{buildroot} %files %{_sysconfdir}/hubble -%{_sysconfdir}/hubble/hubble %{_sysconfdir}/osquery -%{_sysconfdir}/osquery/osquery.flags -%{_sysconfdir}/osquery/osquery.conf /opt/* /usr/bin/* /usr/lib/* From ca7d78084754d8e61676a31da5f93f615c1534f7 Mon Sep 17 00:00:00 2001 From: Colton Myers Date: Mon, 13 Feb 2017 11:44:07 -0700 Subject: [PATCH 26/31] Fix python26 installs, remove autoreq from rpm builds --- .gitignore | 4 ++++ init_pkg.sh | 38 ++++++++++++++++------------------ pkg/specs/hubblestack-el6.spec | 1 + pkg/specs/hubblestack-el7.spec | 1 + scripts/installessentials.sh | 2 +- 5 files changed, 25 insertions(+), 21 deletions(-) diff --git a/.gitignore b/.gitignore index 4b4be9bb1..469153a34 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,7 @@ +scripts/temp/ +hubble.tar.gz +hubble.spec + # Byte-compiled / optimized / DLL files __pycache__/ *.py[cod] diff --git a/init_pkg.sh b/init_pkg.sh index 026fad985..9056a4360 100755 --- a/init_pkg.sh +++ b/init_pkg.sh @@ -5,26 +5,6 @@ _user=`id -u` # Installing minimum of python 2.7 _python_version=`python -c 'import sys; version=sys.version_info[:3]; print("{0}.{1}.{2}".format(*version))'` -read -r -d "" _PYTHON_HELP < Date: Mon, 13 Feb 2017 11:56:57 -0700 Subject: [PATCH 27/31] Add cp of the hubble config (for easy non-default configs) --- pkg/build_rpms.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/pkg/build_rpms.sh b/pkg/build_rpms.sh index f799b1f22..4cd12464b 100755 --- a/pkg/build_rpms.sh +++ b/pkg/build_rpms.sh @@ -25,6 +25,7 @@ mkdir -p ~/hubblestack-2.1.0/etc/init.d cp pkg/hubble ~/hubblestack-2.1.0/etc/init.d mkdir -p ~/hubblestack-2.1.0/usr/lib/systemd/system cp pkg/hubble.service ~/hubblestack-2.1.0/usr/lib/systemd/system +cp -f conf/hubble ~/hubblestack-2.1.0/etc/hubble/hubble cd ~ tar -czvf hubblestack-2.1.0.tar.gz hubblestack-2.1.0/ rm -rf ~/rpmbuild From 8a640dd2c72fb1befbce42a1acd7f3477aca73ca Mon Sep 17 00:00:00 2001 From: Colton Myers Date: Mon, 13 Feb 2017 12:01:15 -0700 Subject: [PATCH 28/31] Fix -y passing --- init_pkg.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/init_pkg.sh b/init_pkg.sh index 9056a4360..7ac74e57c 100755 --- a/init_pkg.sh +++ b/init_pkg.sh @@ -22,7 +22,7 @@ then sudo yum install python27 -y cd scripts/ sudo scl enable python27 'bash installessentials.sh' - sudo scl enable python27 'bash pyinstaller-hubble.sh pkg_clean $1' + sudo scl enable python27 "bash pyinstaller-hubble.sh pkg_clean $1" sudo scl enable python27 'bash libgit2-build.sh' bash osquery-build.sh sudo scl enable python27 'bash pip-install.sh' From 33afc246fed28fc87e88096a2774f15898574342 Mon Sep 17 00:00:00 2001 From: Colton Myers Date: Mon, 13 Feb 2017 14:55:43 -0700 Subject: [PATCH 29/31] Fix default daemon logging to be less verbose Also allow for log_level config --- hubblestack/daemon.py | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/hubblestack/daemon.py b/hubblestack/daemon.py index 542638b9a..70b6c99bb 100644 --- a/hubblestack/daemon.py +++ b/hubblestack/daemon.py @@ -198,7 +198,7 @@ def schedule(): run = True if run: - log.info('Executing scheduled function {0}'.format(func)) + log.debug('Executing scheduled function {0}'.format(func)) jobdata['last_run'] = time.time() ret = __salt__[func](*args, **kwargs) log.debug('Job returned:\n{0}'.format(ret)) @@ -207,7 +207,7 @@ def schedule(): if returner not in __returners__: log.error('Could not find {0} returner.'.format(returner)) continue - log.info('Returning job data to {0}'.format(returner)) + log.debug('Returning job data to {0}'.format(returner)) returner_ret = {'id': __grains__['id'], 'jid': salt.utils.jid.gen_jid(), 'fun': func, @@ -265,6 +265,7 @@ def load_config(): salt.config.DEFAULT_MINION_OPTS['cachedir'] = '/var/cache/hubble' salt.config.DEFAULT_MINION_OPTS['pidfile'] = '/var/run/hubble.pid' salt.config.DEFAULT_MINION_OPTS['log_file'] = '/var/log/hubble' + salt.config.DEFAULT_MINION_OPTS['log_level'] = None salt.config.DEFAULT_MINION_OPTS['file_client'] = 'local' salt.config.DEFAULT_MINION_OPTS['fileserver_update_frequency'] = 60 @@ -279,11 +280,12 @@ def load_config(): __opts__.update(parsed_args) # Convert -vvv to log level - # Default to 'error' - __opts__['log_level'] = 'error' - # Default to more verbose if we're daemonizing - if __opts__['daemonize']: - __opts__['log_level'] = 'info' + if __opts__['log_level'] is None: + # Default to 'error' + __opts__['log_level'] = 'error' + # Default to more verbose if we're daemonizing + if __opts__['daemonize']: + __opts__['log_level'] = 'info' # Handle the explicit -vvv settings if __opts__['verbose'] == 1: __opts__['log_level'] = 'warning' From 5ad59e4dbd9d69bae5cfb9bc32db4edf5245035e Mon Sep 17 00:00:00 2001 From: Colton Myers Date: Mon, 13 Feb 2017 15:01:05 -0700 Subject: [PATCH 30/31] Fix readme for building packages --- README.md | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index a0393ba88..81bbb136c 100644 --- a/README.md +++ b/README.md @@ -6,14 +6,16 @@ SaltStack infrastructure. # Building packages (CentOS) ```bash -yum install rpm-build -git clone git://github.com/hubblestack/hubble -cd hubble -python setup.py clean && python setup.py bdist_rpm +sudo yum install git +git clone git://github.com/hubblestack/hubble ~/hubble +cd ~/hubble/pkg +./build_rpms.sh # note the lack of sudo, that is important ``` -Package will be in the `dist/` directory. - +Package will be in the `~/el6/` and `~/el7` directory. The only difference +between the packages is the inclusion of `/etc/init.d/hubble` for el6 and +the inclusion of a systemd unit file for el7. There's no guarantee of glibc +compatibility. # Installation/testing From 2fe642bf36677b4e0a45ec461a75ad61242114b1 Mon Sep 17 00:00:00 2001 From: Colton Myers Date: Mon, 13 Feb 2017 15:04:54 -0700 Subject: [PATCH 31/31] Rev to 2.1.1 --- hubblestack/__init__.py | 2 +- pkg/build_rpms.sh | 22 +++++++++++----------- pkg/specs/hubblestack-el6.spec | 5 ++++- pkg/specs/hubblestack-el7.spec | 5 ++++- 4 files changed, 20 insertions(+), 14 deletions(-) diff --git a/hubblestack/__init__.py b/hubblestack/__init__.py index a33997dd1..55fa725bd 100644 --- a/hubblestack/__init__.py +++ b/hubblestack/__init__.py @@ -1 +1 @@ -__version__ = '2.1.0' +__version__ = '2.1.1' diff --git a/pkg/build_rpms.sh b/pkg/build_rpms.sh index 4cd12464b..6843c532a 100755 --- a/pkg/build_rpms.sh +++ b/pkg/build_rpms.sh @@ -17,17 +17,17 @@ cd .. bash init_pkg.sh -y cp hubble.tar.gz ~/hubble.tar.gz -rm -rf ~/hubblestack-2.1.0 -rm -rf ~/hubblestack-2.1.0.tar.gz -mkdir ~/hubblestack-2.1.0 -tar -xzvf ~/hubble.tar.gz -C ~/hubblestack-2.1.0 -mkdir -p ~/hubblestack-2.1.0/etc/init.d -cp pkg/hubble ~/hubblestack-2.1.0/etc/init.d -mkdir -p ~/hubblestack-2.1.0/usr/lib/systemd/system -cp pkg/hubble.service ~/hubblestack-2.1.0/usr/lib/systemd/system -cp -f conf/hubble ~/hubblestack-2.1.0/etc/hubble/hubble +rm -rf ~/hubblestack-2.1.1 +rm -rf ~/hubblestack-2.1.1.tar.gz +mkdir ~/hubblestack-2.1.1 +tar -xzvf ~/hubble.tar.gz -C ~/hubblestack-2.1.1 +mkdir -p ~/hubblestack-2.1.1/etc/init.d +cp pkg/hubble ~/hubblestack-2.1.1/etc/init.d +mkdir -p ~/hubblestack-2.1.1/usr/lib/systemd/system +cp pkg/hubble.service ~/hubblestack-2.1.1/usr/lib/systemd/system +cp -f conf/hubble ~/hubblestack-2.1.1/etc/hubble/hubble cd ~ -tar -czvf hubblestack-2.1.0.tar.gz hubblestack-2.1.0/ +tar -czvf hubblestack-2.1.1.tar.gz hubblestack-2.1.1/ rm -rf ~/rpmbuild mkdir -p ~/rpmbuild/{RPMS,SRPMS,BUILD,SOURCES,SPECS,tmp} @@ -36,7 +36,7 @@ cat <~/.rpmmacros %_tmppath %{_topdir}/tmp EOF -cp ~/hubblestack-2.1.0.tar.gz ~/rpmbuild/SOURCES/ +cp ~/hubblestack-2.1.1.tar.gz ~/rpmbuild/SOURCES/ cd ~/rpmbuild cp ~/hubble/pkg/specs/* SPECS/ diff --git a/pkg/specs/hubblestack-el6.spec b/pkg/specs/hubblestack-el6.spec index 3f2eac99e..528db14d7 100644 --- a/pkg/specs/hubblestack-el6.spec +++ b/pkg/specs/hubblestack-el6.spec @@ -9,7 +9,7 @@ Summary: Hubblestack is a module, open-source security compliance framework Name: hubblestack -Version: 2.1.0 +Version: 2.1.1 Release: 1 License: Apache 2.0 Group: Development/Tools @@ -55,3 +55,6 @@ rm -rf %{buildroot} %changelog * Wed Feb 8 2017 Colton Myers 2.1.0-1 - First Build + +* Mon Feb 13 2017 Colton Myers 2.1.1-1 +- Remove autoreq, add unit files diff --git a/pkg/specs/hubblestack-el7.spec b/pkg/specs/hubblestack-el7.spec index 637892760..4a504b831 100644 --- a/pkg/specs/hubblestack-el7.spec +++ b/pkg/specs/hubblestack-el7.spec @@ -9,7 +9,7 @@ Summary: Hubblestack is a module, open-source security compliance framework Name: hubblestack -Version: 2.1.0 +Version: 2.1.1 Release: 1 License: Apache 2.0 Group: Development/Tools @@ -55,3 +55,6 @@ rm -rf %{buildroot} %changelog * Wed Feb 8 2017 Colton Myers 2.1.0-1 - First Build + +* Mon Feb 13 2017 Colton Myers 2.1.1-1 +- Remove autoreq, add unit files