shibboleth.spec.in

   1 Name:           @PACKAGE@
   2 Version:        @PACKAGE_VERSION@
   3 Release:        1
   4 Summary:    Open source system for attribute-based Web SSO
   5 Group:          System Environment/Libraries
   6 Vendor:     Internet2
   7 License:        Apache 2.0
   8 URL:            http://shibboleth.internet2.edu/
   9 Source:     %{name}-sp-%{version}.tar.gz
  10 BuildRoot:      %{_tmppath}/%{name}-%{version}-root
  11 PreReq:     openssl
  12 %if 0%{?suse_version} > 1030
  13 PreReq:         %{insserv_prereq}
  14 BuildRequires:  libXerces-c-devel >= 2.8.0
  15 BuildRequires:  libxml-security-c-devel >= 1.4.0
  16 BuildRequires:  libxmltooling-devel >= 1.2
  17 BuildRequires:  libsaml-devel >= 2.2
  18 %{?_with_log4cpp:BuildRequires: liblog4cpp-devel >= 1.0}
  19 %{!?_with_log4cpp:BuildRequires: liblog4shib-devel}
  20 %else
  21 BuildRequires:  xerces%{?xercesver}-c-devel >= 2.8.0
  22 BuildRequires:  xml-security-c-devel >= 1.4.0
  23 BuildRequires:  xmltooling-devel >= 1.2
  24 BuildRequires:  opensaml-devel >= 2.2
  25 %{?_with_log4cpp:BuildRequires: log4cpp-devel >= 1.0}
  26 %{!?_with_log4cpp:BuildRequires: log4shib-devel}
  27 %endif
  28 BuildRequires:  gcc-c++
  29 %{!?_without_doxygen:BuildRequires: doxygen}
  30 %{!?_without_odbc:BuildRequires:unixODBC-devel}
  31 BuildRequires:  zlib-devel
  32 %{?_with_fastcgi:BuildRequires: fcgi-devel}
  33 %if "%{_vendor}" == "redhat"
  34 %{!?_without_builtinapache:BuildRequires: httpd-devel}
  35 %endif
  36 %if "%{_vendor}" == "suse"
  37 %{!?_without_builtinapache:BuildRequires: apache2-devel}
  38 %endif
  39
  40 %if "%{_vendor}" == "suse"
  41 %define pkgdocdir %{_docdir}/%{name}
  42 %else
  43 %define pkgdocdir %{_docdir}/%{name}-%{version}
  44 %endif
  45
  46 %description
  47 Shibboleth is a Web Single Sign-On implementations based on OpenSAML
  48 that supports multiple protocols, federated identity, and the extensible
  49 exchange of rich attributes subject to privacy controls.
  50
  51 This package contains the Shibboleth Service Provider runtime libraries
  52 and Apache module(s).
  53
  54 %package devel
  55 Summary: Shibboleth development Headers
  56 Group: Development/Libraries
  57 Requires: %{name} = %{version}
  58 %if 0%{?suse_version} > 1030
  59 Requires: libXerces-c-devel >= 2.8.0
  60 Requires: libxml-security-c-devel >= 1.4.0
  61 Requires: libxmltooling-devel >= 1.2
  62 Requires: libsaml-devel >= 2.2
  63 %{?_with_log4cpp:Requires: liblog4cpp-devel >= 1.0}
  64 %{!?_with_log4cpp:Requires: liblog4shib-devel}
  65 %else
  66 Requires: xerces%{?xercesver}-c-devel >= 2.8.0
  67 Requires: xml-security-c-devel >= 1.4.0
  68 Requires: xmltooling-devel >= 1.2
  69 Requires: opensaml-devel >= 2.2
  70 %{?_with_log4cpp:Requires: log4cpp-devel >= 1.0}
  71 %{!?_with_log4cpp:Requires: log4shib-devel}
  72 %endif
  73
  74 %description devel
  75 Shibboleth is a Web Single Sign-On implementations based on OpenSAML
  76 that supports multiple protocols, federated identity, and the extensible
  77 exchange of rich attributes subject to privacy controls.
  78
  79 This package includes files needed for development with Shibboleth.
  80
  81
  82 %prep
  83 %setup -q
  84
  85 %build
  86 %configure %{?_without_odbc:--disable-odbc} %{?_without_adfs:--disable-adfs} %{?_with_fastcgi} %{?_with_memcached} %{?shib_options}
  87 %{__make} pkgdocdir=%{pkgdocdir}
  88
  89 %install
  90 %{__make} install NOKEYGEN=1 DESTDIR=$RPM_BUILD_ROOT pkgdocdir=%{pkgdocdir}
  91
  92 %if "%{_vendor}" == "suse"
  93         %{__sed} -i "s/\/var\/log\/httpd/\/var\/log\/apache2/g" \
  94                 $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/native.logger
  95 %endif
  96
  97 # Plug the SP into the built-in Apache on a recognized system.
  98 touch rpm.filelist
  99 APACHE_CONFIG="no"
 100 if [ -f $RPM_BUILD_ROOT%{_libdir}/%{name}/mod_shib_13.so ] ; then
 101     APACHE_CONFIG="apache.config"
 102 fi
 103 if [ -f $RPM_BUILD_ROOT%{_libdir}/%{name}/mod_shib_20.so ] ; then
 104     APACHE_CONFIG="apache2.config"
 105 fi
 106 if [ -f $RPM_BUILD_ROOT%{_libdir}/%{name}/mod_shib_22.so ] ; then
 107     APACHE_CONFIG="apache22.config"
 108 fi
 109 %{?_without_builtinapache:APACHE_CONFIG="no"}
 110 if [ "$APACHE_CONFIG" != "no" ] ; then
 111     APACHE_CONFD="no"
 112     if [ -d %{_sysconfdir}/httpd/conf.d ] ; then
 113             APACHE_CONFD="%{_sysconfdir}/httpd/conf.d"
 114     fi
 115     if [ -d %{_sysconfdir}/apache2/conf.d ] ; then
 116             APACHE_CONFD="%{_sysconfdir}/apache2/conf.d"
 117     fi
 118     if [ "$APACHE_CONFD" != "no" ] ; then
 119         %{__mkdir} -p $RPM_BUILD_ROOT$APACHE_CONFD
 120         %{__cp} -p $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/$APACHE_CONFIG $RPM_BUILD_ROOT$APACHE_CONFD/shib.conf
 121         echo "%config $APACHE_CONFD/shib.conf" > rpm.filelist
 122     fi
 123 fi
 124
 125 %if "%{_vendor}" == "redhat" || "%{_vendor}" == "suse"
 126         # %{_initddir} not yet in RHEL5, use deprecated %{_initrddir}
 127         install -d -m 0755 $RPM_BUILD_ROOT%{_initrddir}
 128         install -m 0755 $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/shibd-%{_vendor} $RPM_BUILD_ROOT%{_initrddir}/shibd
 129 %if "%{_vendor}" == "suse"
 130         install -d -m 0755 $RPM_BUILD_ROOT/%{_sbindir}
 131         %{__ln_s} -f %{_initrddir}/shibd $RPM_BUILD_ROOT%{_sbindir}/rcshibd
 132 %endif
 133 %endif
 134
 135 %check
 136 %{__make} check
 137
 138 %clean
 139 [ "$RPM_BUILD_ROOT" != "/" ] && %{__rm} -rf $RPM_BUILD_ROOT
 140
 141 %post
 142 %ifnos solaris2.8 solaris2.9 solaris2.10
 143 /sbin/ldconfig
 144 %endif
 145
 146 # Key generation
 147 cd %{_sysconfdir}/%{name}
 148 sh ./keygen.sh -b
 149
 150 %if "%{_vendor}" == "redhat"
 151         # This adds the proper /etc/rc*.d links for the script
 152         /sbin/chkconfig --add shibd
 153         # On upgrade, restart components if they're already running.
 154     if [ "$1" -gt "1" ] ; then
 155         /etc/init.d/shibd status 1>/dev/null && /etc/init.d/shibd restart 1>/dev/null
 156         %{!?_without_builtinapache:/etc/init.d/httpd status 1>/dev/null && /etc/init.d/httpd restart 1>/dev/null}
 157     fi
 158 %endif
 159 %if "%{_vendor}" == "suse"
 160     # This adds the proper /etc/rc*.d links for the script
 161     cd /
 162     %insserv_force_if_yast shibd
 163 %endif
 164
 165 %preun
 166 %if "%{_vendor}" == "redhat"
 167         if [ "$1" = 0 ] ; then
 168                 /sbin/service shibd stop >/dev/null 2>&1
 169                 /sbin/chkconfig --del shibd
 170         fi
 171 %endif
 172 %if "%{_vendor}" == "suse"
 173     %stop_on_removal shibd
 174 %endif
 175
 176 %postun
 177 %ifnos solaris2.8 solaris2.9 solaris2.10
 178 /sbin/ldconfig
 179 %endif
 180 %if "%{_vendor}" == "suse"
 181 cd /
 182 %restart_on_update shibd
 183 %{!?_without_builtinapache:%restart_on_update apache2}
 184 %{insserv_cleanup}
 185 %endif
 186
 187 %posttrans
 188 # ugly hack if init script got removed during %postun by upgraded (buggy/2.1) package
 189 %if "%{_vendor}" == "redhat"
 190     if [ ! -f %{_initrddir}/shibd ] ; then
 191         if [ -f %{_sysconfdir}/%{name}/shibd-%{_vendor} ] ; then
 192             %{__cp} -p %{_sysconfdir}/%{name}/shibd-%{_vendor} %{_initrddir}/shibd
 193             %{__chmod} 755 %{_initrddir}/shibd
 194             /sbin/chkconfig --add shibd
 195         fi
 196     fi
 197 %endif
 198
 199 %files -f rpm.filelist
 200 %defattr(-,root,root,-)
 201 %{_sbindir}/shibd
 202 %{_bindir}/mdquery
 203 %{_bindir}/resolvertest
 204 %{_libdir}/libshibsp.so.*
 205 %{_libdir}/libshibsp-lite.so.*
 206 %dir %{_libdir}/%{name}
 207 %{_libdir}/%{name}/*
 208 %exclude %{_libdir}/%{name}/*.la
 209 %dir %{_localstatedir}/log/%{name}
 210 %dir %{_localstatedir}/run/%{name}
 211 %dir %{_datadir}/xml/%{name}
 212 %{_datadir}/xml/%{name}/*
 213 %dir %{_sysconfdir}/%{name}
 214 %config(noreplace) %{_sysconfdir}/%{name}/*.xml
 215 %config(noreplace) %{_sysconfdir}/%{name}/*.html
 216 %config(noreplace) %{_sysconfdir}/%{name}/*.logger
 217 %if "%{_vendor}" == "redhat" || "%{_vendor}" == "suse"
 218 %config %{_initrddir}/shibd
 219 %endif
 220 %if "%{_vendor}" == "suse"
 221 %{_sbindir}/rcshibd
 222 %endif
 223 %{_sysconfdir}/%{name}/*.dist
 224 %{_sysconfdir}/%{name}/apache*.config
 225 %{_sysconfdir}/%{name}/shibd-*
 226 %attr(755, root, root) %{_sysconfdir}/%{name}/keygen.sh
 227 %attr(755, root, root) %{_sysconfdir}/%{name}/metagen.sh
 228 %{_sysconfdir}/%{name}/*.xsl
 229 %doc %{pkgdocdir}
 230 %exclude %{pkgdocdir}/api
 231
 232 %files devel
 233 %defattr(-,root,root,-)
 234 %{_includedir}/*
 235 %{_libdir}/libshibsp.so
 236 %{_libdir}/libshibsp-lite.so
 237 %doc %{pkgdocdir}/api
 238
 239 %changelog
 240 * Mon Aug 10 2009 Scott Cantor  <cantor.2@osu.edu>  - 2.2.1-1
 241 - Doc handling changes
 242 - SuSE init script
 243
 244 * Tue Aug 4 2009 Scott Cantor  <cantor.2@osu.edu>  - 2.2.1-1
 245 - Initial version for 2.2.1, with shibd/httpd restart on upgrade
 246
 247 * Thu Jun 25 2009 Scott Cantor  <cantor.2@osu.edu>  - 2.2-3
 248 - Add additional cleanup to posttrans fix
 249
 250 * Tue Jun 23 2009 Scott Cantor  <cantor.2@osu.edu>  - 2.2-2
 251 - Reverse without_builtinapache macro test
 252 - Fix init script handling on Red Hat to handle upgrades
 253
 254 * Wed Dec 3 2008  Scott Cantor  <cantor.2@osu.edu>  - 2.2-1
 255 - Bump minor version.
 256 - Make keygen.sh executable.
 257 - Fixing SUSE Xerces dependency name.
 258 - Optionally package shib.conf.
 259
 260 * Tue Jun 10 2008  Scott Cantor  <cantor.2@osu.edu>  - 2.1-1
 261 - Change shib.conf handling to treat as config file.
 262
 263 * Mon Mar 17 2008  Scott Cantor  <cantor.2@osu.edu>  - 2.0-6
 264 - Official release.
 265
 266 * Fri Jan 18 2008  Scott Cantor  <cantor.2@osu.edu>  - 2.0-5
 267 - Release candidate 1.
 268
 269 * Sun Oct 21 2007 Scott Cantor  <cantor.2@osu.edu>  - 2.0-4
 270 - libexec -> lib/shibboleth changes
 271 - Added doc subpackage
 272
 273 * Thu Aug 16 2007 Scott Cantor  <cantor.2@osu.edu>  - 2.0-3
 274 - First public beta.
 275
 276 * Fri Jul 13 2007 Scott Cantor  <cantor.2@osu.edu>  - 2.0-2
 277 - Second alpha release.
 278
 279 * Sun Jun 10 2007 Scott Cantor  <cantor.2@osu.edu>  - 2.0-1
 280 - First alpha release.
 281
 282 * Mon Oct 2 2006 Scott Cantor   <cantor.2@osu.edu>  - 1.3-11
 283 - Applied fix for secadv 20061002
 284 - Fix for metadata loader loop
 285
 286 * Wed Jun 15 2006 Scott Cantor  <cantor.2@osu.edu>  - 1.3-10
 287 - Applied fix for sec 20060615
 288
 289 * Fri Apr 15 2006 Scott Cantor  <cantor.2@osu.edu>  - 1.3-9
 290 - Misc. patches, SuSE, Apache 2.2, gcc 4.1, and 64-bit support
 291
 292 * Mon Jan 9 2006 Scott Cantor  <cantor.2@osu.edu>  - 1.3-8
 293 - Applied new fix for secadv 20060109
 294
 295 * Tue Nov 8 2005 Scott Cantor  <cantor.2@osu.edu>  - 1.3-7
 296 - Applied new fix for secadv 20050901 plus rollup
 297
 298 * Fri Sep 23 2005 Scott Cantor  <cantor.2@osu.edu>  - 1.3-6
 299 - Minor patches and default config changes
 300 - pidfile patch
 301 - Fix shib.conf creation
 302 - Integrated init.d script
 303 - Prevent replacement of config files
 304
 305 * Thu Sep 1 2005  Scott Cantor  <cantor.2@osu.edu>  - 1.3-5
 306 - Applied fix for secadv 20050901 plus rollup of NSAPI fixes
 307
 308 * Sun Apr 24 2005  Scott Cantor  <cantor.2@osu.edu>  - 1.3-1
 309 - Updated test programs and location of schemas.
 310 - move siterefresh to to sbindir
 311
 312 * Fri Apr  1 2005  Derek Atkins  <derek@ihtfp.com>  - 1.3-1
 313 - Add selinux-targeted-policy package
 314 - move shar to sbindir
 315
 316 * Tue Oct 19 2004  Derek Atkins  <derek@ihtfp.com>  - 1.2-1
 317 - Create SPEC file based on various versions in existence.