dist-git conversion

#2781)

Makefile

@@ -1,21 +0,0 @@
-# Makefile for source rpm: amtu
-# $Id: Makefile,v 1.1 2004/09/09 02:56:56 cvsdist Exp $
-NAME := amtu
-SPECFILE = $(firstword $(wildcard *.spec))
-
-define find-makefile-common
-for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
-endef
-
-MAKEFILE_COMMON := $(shell $(find-makefile-common))
-
-ifeq ($(MAKEFILE_COMMON),)
-# attempt a checkout
-define checkout-makefile-common
-test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2
-endef
-
-MAKEFILE_COMMON := $(shell $(checkout-makefile-common))
-endif
-
-include $(MAKEFILE_COMMON)

amtu-1.0.8-init.patch

@@ -0,0 +1,267 @@
+diff -urN amtu-1.0.8.orig/configure.in amtu-1.0.8/configure.in
+--- amtu-1.0.8.orig/configure.in	2009-07-06 09:39:44.000000000 -0400
++++ amtu-1.0.8/configure.in	2009-07-06 10:11:15.000000000 -0400
+@@ -19,7 +19,7 @@
+ esac
+ AC_CHECK_LIB(laus, laus_open)
+ AC_CHECK_LIB(audit, audit_open)
+-AC_OUTPUT(Makefile src/Makefile doc/Makefile)
++AC_OUTPUT(Makefile src/Makefile init/Makefile doc/Makefile)
+ 
+ echo .
+ echo "
+diff -urN amtu-1.0.8.orig/doc/AMTUHowTo.txt amtu-1.0.8/doc/AMTUHowTo.txt
+--- amtu-1.0.8.orig/doc/AMTUHowTo.txt	1969-12-31 19:00:00.000000000 -0500
++++ amtu-1.0.8/doc/AMTUHowTo.txt	2009-07-06 10:20:42.000000000 -0400
+@@ -0,0 +1,105 @@
++ABSTRACT MACHINE TEST UTILITY HOWTO
++
++
++OVERVIEW
++
++Abstract Machine Test Utility (AMTU) is an administrative utility to check 
++whether the underlying protection mechanism of the hardware are still being 
++enforced. This is a requirement of the Controlled Access Protection Profile 
++(CAPP) FTP_AMT.1, see http://www.radium.ncsc.mil/tpep/library/protection_profiles/CAPP-1.d.pdf.
++AMTU executes the following tests:
++
++* Memory 
++
++Randomly writes to areas of memory and then reading the memory back to 
++ensure the values written remain unchanged. 
++
++* Memory Separation
++
++Ensures that user space programs cannot read and write to areas of memory
++utilized by the likes of Video RAM, kernel code, etc.
++
++* I/O Controller - Network
++
++Verifies random data transmitted is also the data received for each configured
++network device. Only ethernet and token ring devices that are configured and
++up are checked. Async devices are not checked.
++
++* I/O Controller - Disk
++
++Verifies that information written to disks remains unchanged. Only SCSI and IDE
++controllers associated with mounted filesystems are checked.
++
++* Supervisor Mode Instructions
++
++Ensures that the enforcement of the property that privileged instructions
++should only be in supervisor mode is still in effect. The set privileged
++instructions tested to confirm this is architecture dependant.
++
++
++
++TESTED VERSIONS
++
++AMTU has been tested on the following:
++
++* RHEL4 and 5
++* SuSE SLES 8
++* pSeries (32-bit and 64-bit)
++* iSeries (64-bit)
++* zSeries (31-bit)
++* xSeries (32-bit)
++
++
++
++INSTALLING AMTU
++
++VERIFYING SYSTEM REQUIREMENTS AND PREREQUISITES
++
++Before installing AMTU, verify that your system meets the following
++requirements and prerequisites:
++
++* The system is running in the Common Criteria evaluated configuration.
++
++
++COMPILING AND INSTALLING AMTU
++
++Untar the AMTU source tarball.  Then issue the following commands:
++	./bootstrap
++	./configure
++	make
++	make install
++
++Only the last step must be run as root. During the ./configure stage
++you may opt to change various options including default install directory.
++
++When compiling AMTU as a 64-bit application on a PPC64 architecture (with the
++exception of Squadron pSeries), specify
++ 
++	./configure CC=/opt/cross/bin/powerpc64-linux-gcc
++
++where /opt/cross/bin/powerpc64-linux-gcc is the 64-bit gcc compiler.
++
++To compile as a 64-bit application on X86_64 architecture or Squadron pSeries, 
++
++	./configure CC="gcc -m64" 
++
++
++
++RUNNING AMTU
++
++AMTU installs to /usr/bin/amtu by default. You can add optional command line 
++arguments (see the AMTU man page (amtu.8) for more details).
++
++
++
++INTERPRETING RESULTS
++
++AMTU issues the following return codes when executed:
++
++	* -1 - Program abort error
++	*  0 - Successful program completion
++
++If the error is repeatable, you can re-run amtu with the -d option to get 
++more information about the failure. The success or failure of AMTU is logged
++in the audit log files (see auditd.8).
++
+diff -urN amtu-1.0.8.orig/doc/Makefile.am amtu-1.0.8/doc/Makefile.am
+--- amtu-1.0.8.orig/doc/Makefile.am	2009-07-06 09:39:44.000000000 -0400
++++ amtu-1.0.8/doc/Makefile.am	2009-07-06 09:40:49.000000000 -0400
+@@ -1,3 +1,3 @@
+ CONFIG_CLEAN_FILES = *.rej *.orig
+-EXTRA_DIST = $(man_MANS)
++EXTRA_DIST = $(man_MANS) AbstractMachineTestingDesign.doc AMTUHowTo.txt
+ man_MANS = amtu.8
+diff -urN amtu-1.0.8.orig/init/amtu.init amtu-1.0.8/init/amtu.init
+--- amtu-1.0.8.orig/init/amtu.init	1969-12-31 19:00:00.000000000 -0500
++++ amtu-1.0.8/init/amtu.init	2009-07-06 10:17:43.000000000 -0400
+@@ -0,0 +1,90 @@
++#!/bin/sh
++#
++# amtu:		Abstract Machine Tests
++#
++# chkconfig: - 96 99
++# description:  This service runs the abstract machine tests to check the \
++#		underlying security assumptions. It can be configured to
++#		halt the machine in the event of failure. The program does
++#		not stay resident, but rather runs once.
++#
++# processname: /sbin/amtu
++# config: /etc/sysconfig/amtu
++#
++# Return values according to LSB for all commands but status:
++# 0 - success
++# 1 - generic or unspecified error
++# 2 - invalid or excess argument(s)
++# 3 - unimplemented feature (e.g. "reload")
++# 4 - insufficient privilege
++# 5 - program is not installed
++# 6 - program is not configured
++# 7 - program is not running
++
++PATH=/sbin:/bin:/usr/bin:/usr/sbin
++prog="amtu"
++
++# Source function library.
++. /etc/rc.d/init.d/functions
++
++# Allow anyone to run status
++if [ "$1" = "status" ] ; then
++	exit 0
++fi
++
++# Check that we are root ... so non-root users stop here
++test $EUID = 0  ||  exit 4
++
++# Check config
++test -f /etc/sysconfig/amtu && . /etc/sysconfig/amtu
++
++RETVAL=0
++
++start() {
++	test -x /usr/bin/amtu  || exit 5
++	# Now check that the syconfig is found and has important things
++	# configured
++	test -f /etc/sysconfig/amtu || exit 6
++	test x"$AMTU_HALT_ON_FAILURE" = "x" || exit 6
++	test x"$HALT_COMMAND" = "x" || exit 6
++	echo -n $"Starting $prog: "
++	daemon $prog "$EXTRAOPTIONS"
++	RETVAL=$?
++	if [ $RETVAL -ne 0 ] ; then
++		if [ "$AMTU_HALT_ON_FAILURE" = "yes" ] ; then
++			# Give audit daemon chance to write to disk
++			sleep 3
++			logger "Amtu failed and halt on failure requested"
++			$HALT_COMMAND
++		fi
++	fi
++	return $RETVAL
++}
++
++stop() {
++	/bin/true
++}
++
++# See how we were called.
++case "$1" in
++    start)
++	start
++	;;
++    stop)
++	stop
++	;;
++    status)
++        ;;
++    restart)
++	stop
++	start
++	;;
++    condrestart)
++	;;
++    reload)
++        ;;
++    *)
++	echo $"Usage: $0 {start|stop|status|restart|condrestart|reload}"
++	;;
++esac
++exit $RETVAL
+diff -urN amtu-1.0.8.orig/init/amtu.sysconfig amtu-1.0.8/init/amtu.sysconfig
+--- amtu-1.0.8.orig/init/amtu.sysconfig	1969-12-31 19:00:00.000000000 -0500
++++ amtu-1.0.8/init/amtu.sysconfig	2009-07-06 10:06:07.000000000 -0400
+@@ -0,0 +1,11 @@
++# Add extra options here:
++EXTRAOPTIONS=""
++#
++# This option is used to determine if failing any amtu test should result in
++# the machine being unusable. The default is no, but it can be changed to
++# yes in case this is desired.
++AMTU_HALT_ON_FAILURE="no"
++#
++# Should halt on failure trigger and its set to yes, the following command
++# will be issued to stop the system:
++HALT_COMMAND="poweroff"
+diff -urN amtu-1.0.8.orig/init/Makefile.am amtu-1.0.8/init/Makefile.am
+--- amtu-1.0.8.orig/init/Makefile.am	1969-12-31 19:00:00.000000000 -0500
++++ amtu-1.0.8/init/Makefile.am	2009-07-06 10:14:22.000000000 -0400
+@@ -0,0 +1,16 @@
++
++CONFIG_CLEAN_FILES = *.rej *.orig
++EXTRA_DIST = amtu.init amtu.sysconfig
++initdir=$(sysconfdir)/rc.d/init.d
++sysconfigdir=$(sysconfdir)/sysconfig
++
++install-data-hook:
++	$(INSTALL_DATA) -D -m 640 ${srcdir}/amtu.sysconfig ${DESTDIR}${sysconfigdir}/amtu
++
++install-exec-hook:
++	$(INSTALL_SCRIPT) -D -m 755 ${srcdir}/amtu.init ${DESTDIR}${initdir}/amtu
++
++uninstall-hook:
++	rm ${DESTDIR}${sysconfigdir}/amtu
++	rm ${DESTDIR}${initdir}/amtu
++
+diff -urN amtu-1.0.8.orig/Makefile.am amtu-1.0.8/Makefile.am
+--- amtu-1.0.8.orig/Makefile.am	2009-07-06 09:39:44.000000000 -0400
++++ amtu-1.0.8/Makefile.am	2009-07-06 10:10:55.000000000 -0400
+@@ -1,4 +1,4 @@
+-SUBDIRS = src doc
++SUBDIRS = src init doc
+ EXTRA_DIST = bootstrap LICENSE CPLv1.0.htm README
+ CONFIG_CLEAN_FILES = debug*.list config/*
+ 

amtu.spec

@@ -1,17 +1,17 @@
 Summary: Abstract Machine Test Utility (AMTU)
 Name: amtu 
-Version: 1.0.6
+Version: 1.0.8
-Release: 4%{?dist}
+Release: 2%{?dist}
 License: CPL
 Group: System Environment/Base
 URL: http://sourceforge.net/projects/amtueal/
 Source0: %{name}-%{version}.tar.gz
+Patch1: amtu-1.0.8-init.patch
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 BuildRequires: audit-libs-devel >= 1.1.2
 BuildRequires: automake
-Requires: audit >= 1.1.2
+Requires: chkconfig
-
+ExclusiveArch: i386 i686 x86_64 ppc ppc64 s390 s390x ia64
-# Red Hat AMTU SPEC file
 
 %description
 Abstract Machine Test Utility (AMTU) is an administrative utility to check
@@ -22,20 +22,9 @@ http://www.radium.ncsc.mil/tpep/library/protection_profiles/CAPP-1.d.pdf
 
 %prep
 %setup -q
+%patch1 -p1
 
 %build
-# Determine appropriate compiler
-CC="gcc"
-%ifarch ppc64 ppc64iseries ppc64pseries
-  CC="/usr/bin/ppc64-redhat-linux-gcc"
-%endif
-# Determine appropriate compiler flags
-CFLAGS="$RPM_OPT_FLAGS -D_GNU_SOURCE -Wall -pipe"
-%ifarch x86_64
-  CFLAGS="$RPM_OPT_FLAGS -D_GNU_SOURCE -Wall -pipe -m64"
-%endif
-export CC CFLAGS
-# next 3 items is to quieten autoreconf
 touch ChangeLog
 touch NEWS
 touch AUTHORS
@@ -45,22 +34,39 @@ make %{?_smp_mflags}
 
 %install
 rm -rf $RPM_BUILD_ROOT
-mkdir -p $RPM_BUILD_ROOT/%{_bindir}
+make "DESTDIR=${RPM_BUILD_ROOT}" install
-install -m 0750 src/amtu $RPM_BUILD_ROOT/%{_bindir}
-
-mkdir -p $RPM_BUILD_ROOT/%{_mandir}/man8/
-install -m 644 doc/amtu.8 $RPM_BUILD_ROOT/%{_mandir}/man8/amtu.8
 
 %clean
 rm -rf $RPM_BUILD_ROOT
 
+%post
+/sbin/chkconfig --add amtu
+
+%preun
+if [ $1 -eq 0 ]; then
+   /sbin/service amtu stop > /dev/null 2>&1
+   /sbin/chkconfig --del amtu
+fi
+
 %files
-%defattr(-,root,root)
+%defattr(-,root,root, -)
-%doc doc/AMTUHowTo.txt COPYING
+%doc doc/AMTUHowTo.txt LICENSE
+%attr(755,root,root) /etc/rc.d/init.d/amtu
+%config(noreplace) %attr(640,root,root) /etc/sysconfig/amtu
 %attr(0750,root,root) %{_bindir}/amtu
 %attr(0644,root,root) %{_mandir}/man8/*
 
 %changelog
+* Fri Aug 28 2009 Steve Grubb <sgrubb@redhat.com> - 1.0.8-2
+- Add ExclusiveArch for platforms having memory separation tests
+
+* Fri Aug 21 2009 Steve Grubb <sgrubb@redhat.com> 1.0.8-1
+- new upstream version
+- Add init script for bootup system check
+
+* Wed Jul 01 2009 Steve Grubb <sgrubb@redhat.com> 1.0.7-1
+- new upstream version
+
 * Mon Feb 23 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.6-4
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
 

sources

@@ -1 +1 @@
-9c65ae295bb875bb4aa8786e17a2f1e7  amtu-1.0.6.tar.gz
+755b517a3a1cc4092435c349d9b99312  amtu-1.0.8.tar.gz