shibboleth.spec.in

   1 Name:           @PACKAGE@
   2 Version:        @PACKAGE_VERSION@
   3 Release:        1
   4 Summary:    Open source system for attribute-based Web SSO
   5 Group:          System Environment/Libraries
   6 Vendor:     Internet2
   7 License:        Apache 2.0
   8 URL:            http://shibboleth.internet2.edu/
   9 Source:     %{name}-sp-%{version}.tar.gz
  10 BuildRoot:      %{_tmppath}/%{name}-%{version}-root
  11 %if 0%{?suse_version} > 1030
  12 BuildRequires:  libXerces-c-devel >= 2.8.0
  13 BuildRequires:  libxml-security-c-devel >= 1.4.0
  14 BuildRequires:  libxmltooling-devel >= 1.2
  15 BuildRequires:  libsaml-devel >= 2.2
  16 %{?_with_log4cpp:BuildRequires: liblog4cpp-devel >= 1.0}
  17 %{!?_with_log4cpp:BuildRequires: liblog4shib-devel}
  18 %else
  19 BuildRequires:  xerces%{?xercesver}-c-devel >= 2.8.0
  20 BuildRequires:  xml-security-c-devel >= 1.4.0
  21 BuildRequires:  xmltooling-devel >= 1.2
  22 BuildRequires:  opensaml-devel >= 2.2
  23 %{?_with_log4cpp:BuildRequires: log4cpp-devel >= 1.0}
  24 %{!?_with_log4cpp:BuildRequires: log4shib-devel}
  25 %endif
  26 BuildRequires:  gcc-c++
  27 %{!?_without_doxygen:BuildRequires: doxygen}
  28 BuildRequires:  zlib-devel
  29 %{?_with_fastcgi:BuildRequires: fcgi-devel}
  30 %if "%{_vendor}" == "redhat"
  31 %{!?_without_builtinapache:BuildRequires: httpd-devel}
  32 %endif
  33 %if "%{_vendor}" == "suse"
  34 %{!?_without_builtinapache:BuildRequires: apache2-devel}
  35 %endif
  36
  37 %if "%{_vendor}" == "suse"
  38 %define pkgdocdir %{_docdir}/%{name}
  39 %else
  40 %define pkgdocdir %{_docdir}/%{name}-%{version}
  41 %endif
  42
  43 %description
  44 Shibboleth is a Web Single Sign-On implementations based on OpenSAML
  45 that supports multiple protocols, federated identity, and the extensible
  46 exchange of rich attributes subject to privacy controls.
  47
  48 This package contains the Shibboleth Service Provider runtime libraries
  49 and Apache module(s).
  50
  51 %package devel
  52 Summary: Shibboleth development Headers
  53 Group: Development/Libraries
  54 Requires: %{name} = %{version}
  55 %if 0%{?suse_version} > 1030
  56 Requires: libXerces-c-devel >= 2.8.0
  57 Requires: libxml-security-c-devel >= 1.4.0
  58 Requires: libxmltooling-devel >= 1.2
  59 Requires: libsaml-devel >= 2.2
  60 %{?_with_log4cpp:Requires: liblog4cpp-devel >= 1.0}
  61 %{!?_with_log4cpp:Requires: liblog4shib-devel}
  62 %else
  63 Requires: xerces%{?xercesver}-c-devel >= 2.8.0
  64 Requires: xml-security-c-devel >= 1.4.0
  65 Requires: xmltooling-devel >= 1.2
  66 Requires: opensaml-devel >= 2.2
  67 %{?_with_log4cpp:Requires: log4cpp-devel >= 1.0}
  68 %{!?_with_log4cpp:Requires: log4shib-devel}
  69 %endif
  70
  71 %description devel
  72 Shibboleth is a Web Single Sign-On implementations based on OpenSAML
  73 that supports multiple protocols, federated identity, and the extensible
  74 exchange of rich attributes subject to privacy controls.
  75
  76 This package includes files needed for development with Shibboleth.
  77
  78
  79 %prep
  80 %setup -q
  81
  82 %build
  83 %configure %{?_without_odbc:--disable-odbc} %{?_without_adfs:--disable-adfs} %{?_with_fastcgi} %{?_with_memcached} %{?shib_options}
  84 %{__make}
  85
  86 %install
  87 %{__make} install NOKEYGEN=1 DESTDIR=$RPM_BUILD_ROOT pkgdocdir=%{pkgdocdir}
  88
  89 %if "%{_vendor}" == "suse"
  90         %{__sed} -i "s/\/var\/log\/httpd/\/var\/log\/apache2/g" \
  91                 $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/native.logger
  92 %endif
  93
  94 # Plug the SP into the built-in Apache on a recognized system.
  95 touch rpm.filelist
  96 APACHE_CONFIG="no"
  97 if [ -f $RPM_BUILD_ROOT%{_libdir}/%{name}/mod_shib_13.so ] ; then
  98     APACHE_CONFIG="apache.config"
  99 fi
 100 if [ -f $RPM_BUILD_ROOT%{_libdir}/%{name}/mod_shib_20.so ] ; then
 101     APACHE_CONFIG="apache2.config"
 102 fi
 103 if [ -f $RPM_BUILD_ROOT%{_libdir}/%{name}/mod_shib_22.so ] ; then
 104     APACHE_CONFIG="apache22.config"
 105 fi
 106 %{?_without_builtinapache:APACHE_CONFIG="no"}
 107 if [ "$APACHE_CONFIG" != "no" ] ; then
 108     APACHE_CONFD="no"
 109     if [ -d %{_sysconfdir}/httpd/conf.d ] ; then
 110             APACHE_CONFD="%{_sysconfdir}/httpd/conf.d"
 111     fi
 112     if [ -d %{_sysconfdir}/apache2/conf.d ] ; then
 113             APACHE_CONFD="%{_sysconfdir}/apache2/conf.d"
 114     fi
 115     if [ "$APACHE_CONFD" != "no" ] ; then
 116         %{__mkdir} -p $RPM_BUILD_ROOT$APACHE_CONFD
 117         %{__cp} -p $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/$APACHE_CONFIG $RPM_BUILD_ROOT$APACHE_CONFD/shib.conf
 118         echo "%config $APACHE_CONFD/shib.conf" > rpm.filelist
 119     fi
 120 fi
 121
 122 %if "%{_vendor}" == "redhat" || "%{_vendor}" == "suse"
 123         # %{_initddir} not yet in RHEL5, use deprecated %{_initrddir}
 124         mkdir -p $RPM_BUILD_ROOT%{_initrddir}
 125         %{__cp} -p $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/shibd-%{_vendor} $RPM_BUILD_ROOT%{_initrddir}/shibd
 126         %{__chmod} 755 $RPM_BUILD_ROOT%{_initrddir}/shibd
 127 %endif
 128
 129 %check
 130 %{__make} check
 131
 132 %clean
 133 [ "$RPM_BUILD_ROOT" != "/" ] && %{__rm} -rf $RPM_BUILD_ROOT
 134
 135 %post
 136 %ifnos solaris2.8 solaris2.9 solaris2.10
 137 /sbin/ldconfig
 138 %endif
 139
 140 # Key generation
 141 cd %{_sysconfdir}/%{name}
 142 sh ./keygen.sh -b
 143
 144 %if "%{_vendor}" == "redhat"
 145         # This adds the proper /etc/rc*.d links for the script
 146         /sbin/chkconfig --add shibd
 147         # On upgrade, restart components if they're already running.
 148     if [ "$1" -gt "1" ] ; then
 149         /etc/init.d/shibd status 1>/dev/null && /etc/init.d/shibd restart 1>/dev/null
 150         %{!?_without_builtinapache:/etc/init.d/httpd status 1>/dev/null && /etc/init.d/httpd restart 1>/dev/null}
 151     fi
 152 %endif
 153 %if "%{_vendor}" == "suse"
 154     # This adds the proper /etc/rc*.d links for the script
 155     /sbin/chkconfig --add shibd
 156     cd /usr/sbin && ln -s /etc/init.d/shibd rcshibd
 157     # On upgrade, restart components if they're already running.
 158     if [ "$1" -gt "1" ] ; then
 159         /etc/init.d/shibd status 1>/dev/null && /etc/init.d/shibd restart 1>/dev/null
 160         %{!?_without_builtinapache:/etc/init.d/apache2 status 1>/dev/null && /etc/init.d/apache2 restart 1>/dev/null}
 161     fi
 162 %endif
 163
 164 %preun
 165 %if "%{_vendor}" == "redhat"
 166         if [ "$1" = 0 ] ; then
 167                 /sbin/service shibd stop >/dev/null 2>&1
 168                 /sbin/chkconfig --del shibd
 169         fi
 170 %endif
 171 %if "%{_vendor}" == "suse"
 172     if [ "$1" = 0 ] ; then
 173         /sbin/service shibd stop >/dev/null 2>&1
 174         /sbin/chkconfig --del shibd
 175         cd /usr/sbin && %{__rm} -f rcshibd
 176     fi
 177 %endif
 178
 179 %ifnos solaris2.8 solaris2.9 solaris2.10
 180 %postun -p /sbin/ldconfig
 181 %endif
 182
 183 %posttrans
 184 # ugly hack if init script got removed during %postun by upgraded (buggy/2.1) package
 185 %if "%{_vendor}" == "redhat"
 186     if [ ! -f %{_initrddir}/shibd ] ; then
 187         if [ -f %{_sysconfdir}/%{name}/shibd-%{_vendor} ] ; then
 188             %{__cp} -p %{_sysconfdir}/%{name}/shibd-%{_vendor} %{_initrddir}/shibd
 189             %{__chmod} 755 %{_initrddir}/shibd
 190             /sbin/chkconfig --add shibd
 191         fi
 192     fi
 193 %endif
 194
 195 %files -f rpm.filelist
 196 %defattr(-,root,root,-)
 197 %{_sbindir}/shibd
 198 %{_bindir}/mdquery
 199 %{_bindir}/resolvertest
 200 %{_libdir}/libshibsp.so.*
 201 %{_libdir}/libshibsp-lite.so.*
 202 %dir %{_libdir}/%{name}
 203 %{_libdir}/%{name}/*
 204 %exclude %{_libdir}/%{name}/*.la
 205 %dir %{_localstatedir}/log/%{name}
 206 %dir %{_localstatedir}/run/%{name}
 207 %dir %{_datadir}/xml/%{name}
 208 %{_datadir}/xml/%{name}/*
 209 %dir %{_sysconfdir}/%{name}
 210 %config(noreplace) %{_sysconfdir}/%{name}/*.xml
 211 %config(noreplace) %{_sysconfdir}/%{name}/*.html
 212 %config(noreplace) %{_sysconfdir}/%{name}/*.logger
 213 %if "%{_vendor}" == "redhat"
 214 %attr(755, root, root) %{_initrddir}/shibd
 215 %endif
 216 %if "%{_vendor}" == "suse"
 217 %attr(755, root, root) %{_initddir}/shibd
 218 %endif
 219 %{_sysconfdir}/%{name}/*.dist
 220 %{_sysconfdir}/%{name}/apache*.config
 221 %{_sysconfdir}/%{name}/shibd-*
 222 %attr(755, root, root) %{_sysconfdir}/%{name}/keygen.sh
 223 %attr(755, root, root) %{_sysconfdir}/%{name}/metagen.sh
 224 %{_sysconfdir}/%{name}/*.xsl
 225 %doc %{pkgdocdir}
 226 %exclude %{pkgdocdir}/api
 227
 228 %files devel
 229 %defattr(-,root,root,-)
 230 %{_includedir}/*
 231 %{_libdir}/libshibsp.so
 232 %{_libdir}/libshibsp-lite.so
 233 %doc %{pkgdocdir}/api
 234
 235 %changelog
 236 * Mon Aug 10 2009 Scott Cantor  <cantor.2@osu.edu>  - 2.2.1-1
 237 - Doc handling changes
 238 - SuSE init script
 239
 240 * Tue Aug 4 2009 Scott Cantor  <cantor.2@osu.edu>  - 2.2.1-1
 241 - Initial version for 2.2.1, with shibd/httpd restart on upgrade
 242
 243 * Thu Jun 25 2009 Scott Cantor  <cantor.2@osu.edu>  - 2.2-3
 244 - Add additional cleanup to posttrans fix
 245
 246 * Tue Jun 23 2009 Scott Cantor  <cantor.2@osu.edu>  - 2.2-2
 247 - Reverse without_builtinapache macro test
 248 - Fix init script handling on Red Hat to handle upgrades
 249
 250 * Wed Dec 3 2008  Scott Cantor  <cantor.2@osu.edu>  - 2.2-1
 251 - Bump minor version.
 252 - Make keygen.sh executable.
 253 - Fixing SUSE Xerces dependency name.
 254 - Optionally package shib.conf.
 255
 256 * Tue Jun 10 2008  Scott Cantor  <cantor.2@osu.edu>  - 2.1-1
 257 - Change shib.conf handling to treat as config file.
 258
 259 * Mon Mar 17 2008  Scott Cantor  <cantor.2@osu.edu>  - 2.0-6
 260 - Official release.
 261
 262 * Fri Jan 18 2008  Scott Cantor  <cantor.2@osu.edu>  - 2.0-5
 263 - Release candidate 1.
 264
 265 * Sun Oct 21 2007 Scott Cantor  <cantor.2@osu.edu>  - 2.0-4
 266 - libexec -> lib/shibboleth changes
 267 - Added doc subpackage
 268
 269 * Thu Aug 16 2007 Scott Cantor  <cantor.2@osu.edu>  - 2.0-3
 270 - First public beta.
 271
 272 * Fri Jul 13 2007 Scott Cantor  <cantor.2@osu.edu>  - 2.0-2
 273 - Second alpha release.
 274
 275 * Sun Jun 10 2007 Scott Cantor  <cantor.2@osu.edu>  - 2.0-1
 276 - First alpha release.
 277
 278 * Mon Oct 2 2006 Scott Cantor   <cantor.2@osu.edu>  - 1.3-11
 279 - Applied fix for secadv 20061002
 280 - Fix for metadata loader loop
 281
 282 * Wed Jun 15 2006 Scott Cantor  <cantor.2@osu.edu>  - 1.3-10
 283 - Applied fix for sec 20060615
 284
 285 * Fri Apr 15 2006 Scott Cantor  <cantor.2@osu.edu>  - 1.3-9
 286 - Misc. patches, SuSE, Apache 2.2, gcc 4.1, and 64-bit support
 287
 288 * Mon Jan 9 2006 Scott Cantor  <cantor.2@osu.edu>  - 1.3-8
 289 - Applied new fix for secadv 20060109
 290
 291 * Tue Nov 8 2005 Scott Cantor  <cantor.2@osu.edu>  - 1.3-7
 292 - Applied new fix for secadv 20050901 plus rollup
 293
 294 * Fri Sep 23 2005 Scott Cantor  <cantor.2@osu.edu>  - 1.3-6
 295 - Minor patches and default config changes
 296 - pidfile patch
 297 - Fix shib.conf creation
 298 - Integrated init.d script
 299 - Prevent replacement of config files
 300
 301 * Thu Sep 1 2005  Scott Cantor  <cantor.2@osu.edu>  - 1.3-5
 302 - Applied fix for secadv 20050901 plus rollup of NSAPI fixes
 303
 304 * Sun Apr 24 2005  Scott Cantor  <cantor.2@osu.edu>  - 1.3-1
 305 - Updated test programs and location of schemas.
 306 - move siterefresh to to sbindir
 307
 308 * Fri Apr  1 2005  Derek Atkins  <derek@ihtfp.com>  - 1.3-1
 309 - Add selinux-targeted-policy package
 310 - move shar to sbindir
 311
 312 * Tue Oct 19 2004  Derek Atkins  <derek@ihtfp.com>  - 1.2-1
 313 - Create SPEC file based on various versions in existence.