Name: shibboleth
Summary: Open source system to enable inter-institutional resource sharing
Version: @-VERSION-@
-Release: 11
-#Copyright: Internet2
+Release: 1
Group: System Environment/Libraries
-License: Apache style
+Vendor: Internet2
+License: Apache 2.0
URL: http://shibboleth.internet2.edu/
-Source0: http://shibboleth.internet2.edu/downloads/%{name}-%{version}.tar.gz
-Source1: http://shibboleth.internet2.edu/downloads/%{name}-%{version}.tar.gz.asc
+Source0: %{name}-%{version}.tar.gz
BuildRoot: %{_tmppath}/%{name}-%{version}-root
-BuildRequires: openssl-devel, curl-devel >= 7.10.6, xerces-c-devel >= 2.6.1
-BuildRequires: xml-security-c-devel >= 1.1.0, log4cpp-devel >= 0.3.5
-BuildRequires: zlib-devel, opensaml-devel >= 1.1-6
+BuildRequires: openssl-devel, curl-devel >= 7.10.6
+%if 0%{?suse_version} > 1030
+BuildRequires: libXerces-c-devel >= 2.8.0
+BuildRequires: libXerces-c-devel < 3.0
+%else
+BuildRequires: xerces%{?xercesver}-c-devel >= 2.8.0
+BuildRequires: xerces%{?xercesver}-c-devel < 3.0
+%endif
+BuildRequires: xml-security-c-devel >= 1.3.0
+BuildRequires: zlib-devel, opensaml-devel >= 1.1.1, opensaml-devel < 2.0
+%{?_with_log4cpp:BuildRequires: log4cpp-devel >= 1.0}
+%{!?_with_log4cpp:BuildRequires: log4shib-devel}
+%{?_with_fastcgi:BuildRequires: fcgi-devel}
%if "%{_vendor}" == "redhat"
-BuildRequires: httpd-devel
+%{!?_without_builtinapache:BuildRequires: httpd-devel}
%endif
%if "%{_vendor}" == "suse"
-BuildRequires: apache2-devel
+%{!?_without_builtinapache:BuildRequires: apache2-devel}
%endif
%description
-Shibboleth, a project of Internet2/MACE, is developing architectures,
-policy structures, practical technologies, and an open source
-implementation to support inter-institutional sharing of web resources
-subject to access controls. In addition, Shibboleth will develop a
-policy framework that will allow inter-operation within the higher
-education community.
+Shibboleth, a project of Internet2/MACE, is is an open source,
+attribute-based, cross-domain web single sign-on package, primarily
+based on the SAML standard.
-This package contains the shibboleth runtime library and apache module.
+This package contains the Shibboleth runtime libraries and Apache
+server module.
%package devel
-Summary: Shibboleth development Headers
+Summary: Shibboleth development files
Group: Development/Libraries
Requires: %{name} = %{version}
+Requires: opensaml-devel >= 1.1.1, opensaml-devel < 2.0
%description devel
-Shibboleth, a project of Internet2/MACE, is developing architectures,
-policy structures, practical technologies, and an open source
-implementation to support inter-institutional sharing of web resources
-subject to access controls. In addition, Shibboleth will develop a
-policy framework that will allow inter-operation within the higher
-education community.
+Shibboleth, a project of Internet2/MACE, is is an open source,
+attribute-based, cross-domain web single sign-on package, primarily
+based on the SAML standard.
This package contains the headers and other necessary files to build
-applications that use the shibboleth library.
-
-%package selinux-policy-targeted
-Summary: SELinux policy targeted configuration for Shibboleth SP
-Group: System Environment/Base
-Requires: selinux-policy-targeted-sources
-
-%description selinux-policy-targeted
-Shibboleth, a project of Internet2/MACE, is developing architectures,
-policy structures, practical technologies, and an open source
-implementation to support inter-institutional sharing of web resources
-subject to access controls. In addition, Shibboleth will develop a
-policy framework that will allow inter-operation within the higher
-education community.
-
-This package contains the SELinux Policy (source) Configuration to
-enable the Shibboleth SP to integrate into Apache HTTPD in Red Hat /
-Fedora's Policy Targeted SELinux implementation. It requires
-rebuilding your policy, so you must have the policy-targeted-source
-installed.
+extensions using the Shibboleth runtime libraries.
%prep
%setup -q
%build
-# Default value is --enable-apache-20
-# If no Apache macro exists, then add the default definition
-%{!?_with_apache13: %{!?_with_apache20: %{!?_with_apache22: %define _with_apache20 1}}}
-%configure %{?shib_options} %{?_with_apache13: --enable-apache-13} %{?_with_apache20: --enable-apache-20} %{?_with_apache22: --enable-apache-22}
-make
-make -C selinux
+%configure %{?_with_fastcgi} %{?shib_options}
+%{__make}
%install
-[ "$RPM_BUILD_ROOT" != "/" ] && rm -rf $RPM_BUILD_ROOT
-rm -rf _docs
+[ "$RPM_BUILD_ROOT" != "/" ] && %{__rm} -rf $RPM_BUILD_ROOT
+%{__make} install DESTDIR=$RPM_BUILD_ROOT
-make install DESTDIR=$RPM_BUILD_ROOT
-make -C selinux install DESTDIR=$RPM_BUILD_ROOT
-mv $RPM_BUILD_ROOT/usr/doc/shibboleth _docs
+%if "%{_vendor}" == "suse"
+ %{__sed} -i "s/\/var\/log\/httpd/\/var\/log\/apache2/g" \
+ $RPM_BUILD_ROOT/%{_sysconfdir}/%{name}/native.logger
+%endif
-find $RPM_BUILD_ROOT/%{_libexecdir} -type f -or -type l | grep \.so |
- sed -e "s|$RPM_BUILD_ROOT||" | sort > rpm.filelist
+find $RPM_BUILD_ROOT/%{_libexecdir} -type f -or -type l |
+ %{__sed} -e "s|$RPM_BUILD_ROOT||" | sort > rpm.filelist
-%check || :
-make check
+%check
+%{__make} check
%clean
-[ "$RPM_BUILD_ROOT" != "/" ] && rm -rf $RPM_BUILD_ROOT
+[ "$RPM_BUILD_ROOT" != "/" ] && %{__rm} -rf $RPM_BUILD_ROOT
%post
+%ifnos solaris2.8 solaris2.9 solaris2.10
/sbin/ldconfig
+%endif
# Plug the SP into Apache on a recognized system.
-%{?_with_apache13: %define apache_config apache.config}
-%{?_with_apache20: %define apache_config apache2.config}
-%{?_with_apache22: %define apache_config apache22.config}
-%if %{?apache_config:1}
+APACHE_CONFIG="no"
+if [ -f $RPM_BUILD_ROOT/%{_libexecdir}/mod_shib_13.so ] ; then
+ APACHE_CONFIG="apache.config"
+fi
+if [ -f $RPM_BUILD_ROOT/%{_libexecdir}/mod_shib_20.so ] ; then
+ APACHE_CONFIG="apache2.config"
+fi
+if [ -f $RPM_BUILD_ROOT/%{_libexecdir}/mod_shib_22.so ] ; then
+ APACHE_CONFIG="apache22.config"
+fi
+if [ "$APACHE_CONFIG" != "no" ] ; then
APACHE_CONFD="no"
if [ -d %{_sysconfdir}/httpd/conf.d ] ; then
APACHE_CONFD="%{_sysconfdir}/httpd/conf.d"
fi
if [ "$APACHE_CONFD" != "no" ] ; then
if [ ! -f $APACHE_CONFD/shib.conf ] ; then
- sed "s/\/usr\/doc\/shibboleth/\/usr\/share\/doc\/shibboleth-@-VERSION-@/g" \
- %{_sysconfdir}/shibboleth/%{?apache_config} \
+%if "%{_vendor}" == "suse"
+ %{__sed} "s/\/usr\/doc\/%{name}/\/usr\/share\/doc\/packages\/%{name}/g" \
+ %{_sysconfdir}/%{name}/$APACHE_CONFIG \
> $APACHE_CONFD/shib.conf
+%else
+ %{__sed} "s/\/usr\/doc\/%{name}/\/usr\/share\/doc\/%{name}-@-VERSION-@/g" \
+ %{_sysconfdir}/%{name}/$APACHE_CONFIG \
+ > $APACHE_CONFD/shib.conf
+%endif
fi
fi
-%endif
+fi
# Install the shibd init.d scripts and service
%if "%{_vendor}" == "redhat"
if [ -d %{_sysconfdir}/init.d ] ; then
if [ ! -f %{_sysconfdir}/init.d/shibd ] ; then
- cp -p %{_sysconfdir}/shibboleth/shibd %{_sysconfdir}/init.d/shibd
- chmod 755 %{_sysconfdir}/init.d/shibd
+ %{__cp} -p %{_sysconfdir}/shibboleth/shibd-%{_vendor} %{_sysconfdir}/init.d/shibd
+ %{__chmod} 755 %{_sysconfdir}/init.d/shibd
chkconfig --add shibd
fi
fi
%endif
%postun
+%ifnos solaris2.8 solaris2.9 solaris2.10
/sbin/ldconfig
+%endif
# delete the Apache configuration if we're being removed
[ "$1" = 0 ] || exit 0
[ -f %{_sysconfdir}/httpd/conf.d/shib.conf ] && \
- rm -f %{_sysconfdir}/httpd/conf.d/shib.conf
+ %{__rm} -f %{_sysconfdir}/httpd/conf.d/shib.conf
[ -f %{_sysconfdir}/apache2/conf.d/shib.conf ] && \
- rm -f %{_sysconfdir}/apache2/conf.d/shib.conf
+ %{__rm} -f %{_sysconfdir}/apache2/conf.d/shib.conf
# clear init.d state
%if "%{_vendor}" == "redhat"
chkconfig --del shibd
[ -f %{_sysconfdir}/init.d/shibd ] && \
- rm -f %{_sysconfdir}/init.d/shibd
+ %{__rm} -f %{_sysconfdir}/init.d/shibd
%endif
-%triggerin selinux-policy-targeted -- %{name}
-restorecon %{_sbindir}/shibd
-
-%triggerin selinux-policy-targeted -- selinux-policy-targeted-sources
-cd %{_sysconfdir}/selinux/targeted/src/policy || exit 1
-make -W install
-make load
-restorecon %{_sbindir}/shibd
-
%files -f rpm.filelist
%defattr(-,root,root,-)
-%doc _docs/CREDITS.txt _docs/NOTICE.txt _docs/NEWS.txt _docs/logo.jpg
-%doc _docs/main.css _docs/README.txt _docs/LICENSE.txt _docs/mysql-4.0.12.diff
%{_sbindir}/shibd
%{_sbindir}/siterefresh
%{_bindir}/shibtest
%config(noreplace) %{_sysconfdir}/shibboleth/*.xml
%config(noreplace) %{_sysconfdir}/shibboleth/*.html
%config(noreplace) %{_sysconfdir}/shibboleth/*.logger
-%config %{_sysconfdir}/shibboleth/inqueue.pem
%config %{_sysconfdir}/shibboleth/sp-example.crt
%config %{_sysconfdir}/shibboleth/sp-example.key
%{_sysconfdir}/shibboleth/*.dist
%{_sysconfdir}/shibboleth/apache*.config
-%{_sysconfdir}/shibboleth/shibd
+%{_sysconfdir}/%{name}/shibd-redhat
+%{_sysconfdir}/%{name}/shibd-debian
+%{_sysconfdir}/%{name}/shibd-osx.plist
+%docdir %{_datadir}/doc/shibboleth
+%{_datadir}/doc/shibboleth
%exclude %{_bindir}/posttest
%exclude %{_bindir}/test-client
%{_libdir}/libshib.so
%{_libdir}/libshib-target.so
-%files selinux-policy-targeted
-%defattr(-,root,root,-)
-%{_sysconfdir}/selinux/targeted/src/policy/file_contexts/program/*.fc
-%{_sysconfdir}/selinux/targeted/src/policy/domains/program/*.te
-
%changelog
+* Tue Aug 4 2009 Scott Cantor <cantor.2@osu.edu> - 1.3.3-1
+- 1.3.3 release
+
+* Fri Jun 12 2009 Scott Cantor <cantor.2@osu.edu> - 1.3.2-1
+- 1.3.2 release
+
+* Mon Dec 17 2007 Scott Cantor <cantor.2@osu.edu> - 1.3.1-2
+- 1.3.1 initial release
+
+* Sat Sep 15 2007 Scott Cantor <cantor.2@osu.edu> - 1.3.1-1
+- 1.3.1 release candidate
+
* Mon Oct 2 2006 Scott Cantor <cantor.2@osu.edu> - 1.3-11
- Applied fix for secadv 20061002
- Fix for metadata loader loop