2 Version: @PACKAGE_VERSION@
4 Summary: Open source system for attribute-based Web SSO
5 Group: Productivity/Networking/Security
8 URL: http://shibboleth.internet2.edu/
9 Source: %{name}-sp-%{version}.tar.gz
10 BuildRoot: %{_tmppath}/%{name}-%{version}-root
11 Requires: openssl, xmltooling-schemas, opensaml-schemas
12 %if 0%{?suse_version} > 1030 && 0%{?suse_version} < 1130
13 PreReq: %{insserv_prereq}
14 BuildRequires: libXerces-c-devel >= 2.8.0
16 BuildRequires: libxerces-c-devel >= 2.8.0
18 BuildRequires: libxml-security-c-devel >= 1.4.0
19 BuildRequires: libxmltooling-devel >= 1.4
20 BuildRequires: libsaml-devel >= 2.4
21 %{?_with_log4cpp:BuildRequires: liblog4cpp-devel >= 1.0}
22 %{!?_with_log4cpp:BuildRequires: liblog4shib-devel}
24 Requires: libcurl-openssl >= 7.21.7
26 BuildRequires: gcc-c++, zlib-devel
27 %{!?_without_doxygen:BuildRequires: doxygen}
28 %{!?_without_odbc:BuildRequires:unixODBC-devel}
29 %{?_with_fastcgi:BuildRequires: fcgi-devel}
30 %if "%{_vendor}" == "redhat"
31 %{!?_without_builtinapache:BuildRequires: httpd-devel}
32 BuildRequires: redhat-rpm-config
34 %if "%{_vendor}" == "suse"
35 %{!?_without_builtinapache:BuildRequires: apache2-devel}
38 %if "%{_vendor}" == "suse"
39 %define pkgdocdir %{_docdir}/%{name}
41 %define pkgdocdir %{_docdir}/%{name}-%{version}
45 Shibboleth is a Web Single Sign-On implementations based on OpenSAML
46 that supports multiple protocols, federated identity, and the extensible
47 exchange of rich attributes subject to privacy controls.
49 This package contains the Shibboleth Service Provider runtime libraries
53 Summary: Shibboleth development Headers
54 Group: Development/Libraries/C and C++
55 Requires: %{name} = %{version}-%{release}
56 %if 0%{?suse_version} > 1030 && 0%{?suse_version} < 1130
57 Requires: libXerces-c-devel >= 2.8.0
59 Requires: libxerces-c-devel >= 2.8.0
61 Requires: libxml-security-c-devel >= 1.4.0
62 Requires: libxmltooling-devel >= 1.4
63 Requires: libsaml-devel >= 2.4
64 %{?_with_log4cpp:Requires: liblog4cpp-devel >= 1.0}
65 %{!?_with_log4cpp:Requires: liblog4shib-devel}
68 Shibboleth is a Web Single Sign-On implementations based on OpenSAML
69 that supports multiple protocols, federated identity, and the extensible
70 exchange of rich attributes subject to privacy controls.
72 This package includes files needed for development with Shibboleth.
78 %configure %{?_without_odbc:--disable-odbc} %{?_without_adfs:--disable-adfs} %{?_with_fastcgi} %{?_with_memcached} %{?shib_options}
79 %{__make} pkgdocdir=%{pkgdocdir}
82 %{__make} install NOKEYGEN=1 DESTDIR=$RPM_BUILD_ROOT pkgdocdir=%{pkgdocdir}
84 %if "%{_vendor}" == "suse"
85 %{__sed} -i "s/\/var\/log\/httpd/\/var\/log\/apache2/g" \
86 $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/native.logger
89 %{__sed} -i "s/#_RHEL6_//g" \
90 $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/shibd-redhat
93 # Plug the SP into the built-in Apache on a recognized system.
96 if [ -f $RPM_BUILD_ROOT%{_libdir}/%{name}/mod_shib_13.so ] ; then
97 APACHE_CONFIG="apache.config"
99 if [ -f $RPM_BUILD_ROOT%{_libdir}/%{name}/mod_shib_20.so ] ; then
100 APACHE_CONFIG="apache2.config"
102 if [ -f $RPM_BUILD_ROOT%{_libdir}/%{name}/mod_shib_22.so ] ; then
103 APACHE_CONFIG="apache22.config"
105 %{?_without_builtinapache:APACHE_CONFIG="no"}
106 if [ "$APACHE_CONFIG" != "no" ] ; then
108 if [ -d %{_sysconfdir}/httpd/conf.d ] ; then
109 APACHE_CONFD="%{_sysconfdir}/httpd/conf.d"
111 if [ -d %{_sysconfdir}/apache2/conf.d ] ; then
112 APACHE_CONFD="%{_sysconfdir}/apache2/conf.d"
114 if [ "$APACHE_CONFD" != "no" ] ; then
115 %{__mkdir} -p $RPM_BUILD_ROOT$APACHE_CONFD
116 %{__cp} -p $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/$APACHE_CONFIG $RPM_BUILD_ROOT$APACHE_CONFD/shib.conf
117 echo "%config $APACHE_CONFD/shib.conf" > rpm.filelist
121 %if "%{_vendor}" == "redhat" || "%{_vendor}" == "suse"
122 # %{_initddir} not yet in RHEL5, use deprecated %{_initrddir}
123 install -d -m 0755 $RPM_BUILD_ROOT%{_initrddir}
124 install -m 0755 $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/shibd-%{_vendor} $RPM_BUILD_ROOT%{_initrddir}/shibd
125 %if "%{_vendor}" == "suse"
126 install -d -m 0755 $RPM_BUILD_ROOT/%{_sbindir}
127 %{__ln_s} -f %{_initrddir}/shibd $RPM_BUILD_ROOT%{_sbindir}/rcshibd
135 [ "$RPM_BUILD_ROOT" != "/" ] && %{__rm} -rf $RPM_BUILD_ROOT
138 %ifnos solaris2.8 solaris2.9 solaris2.10
143 cd %{_sysconfdir}/%{name}
146 %if "%{_vendor}" == "redhat"
147 # This adds the proper /etc/rc*.d links for the script
148 /sbin/chkconfig --add shibd
149 # On upgrade, restart components if they're already running.
150 if [ "$1" -gt "1" ] ; then
151 /etc/init.d/shibd status 1>/dev/null && /etc/init.d/shibd restart 1>/dev/null
152 %{!?_without_builtinapache:/etc/init.d/httpd status 1>/dev/null && /etc/init.d/httpd restart 1>/dev/null}
156 %if "%{_vendor}" == "suse"
157 # This adds the proper /etc/rc*.d links for the script
159 %insserv_force_if_yast shibd
163 %if "%{_vendor}" == "redhat"
164 if [ "$1" = 0 ] ; then
165 /sbin/service shibd stop >/dev/null 2>&1
166 /sbin/chkconfig --del shibd
167 %{!?_without_builtinapache:/etc/init.d/httpd status 1>/dev/null && /etc/init.d/httpd restart 1>/dev/null}
170 %if "%{_vendor}" == "suse"
171 %stop_on_removal shibd
172 if [ "$1" = 0 ] ; then
173 %{!?_without_builtinapache:/etc/init.d/apache2 status 1>/dev/null && /etc/init.d/apache2 restart 1>/dev/null}
179 %ifnos solaris2.8 solaris2.9 solaris2.10
182 %if "%{_vendor}" == "suse"
184 %restart_on_update shibd
185 %{!?_without_builtinapache:%restart_on_update apache2}
190 # ugly hack if init script got removed during %postun by upgraded (buggy/2.1) package
191 %if "%{_vendor}" == "redhat"
192 if [ ! -f %{_initrddir}/shibd ] ; then
193 if [ -f %{_sysconfdir}/%{name}/shibd-%{_vendor} ] ; then
194 %{__cp} -p %{_sysconfdir}/%{name}/shibd-%{_vendor} %{_initrddir}/shibd
195 %{__chmod} 755 %{_initrddir}/shibd
196 /sbin/chkconfig --add shibd
201 %files -f rpm.filelist
202 %defattr(-,root,root,-)
205 %{_bindir}/resolvertest
206 %{_libdir}/libshibsp.so.*
207 %{_libdir}/libshibsp-lite.so.*
208 %dir %{_libdir}/%{name}
210 %exclude %{_libdir}/%{name}/*.la
211 %attr(0750,-,-) %dir %{_localstatedir}/log/%{name}
212 %dir %{_localstatedir}/run/%{name}
213 %dir %{_datadir}/xml/%{name}
214 %{_datadir}/xml/%{name}/*
215 %dir %{_sysconfdir}/%{name}
216 %config(noreplace) %{_sysconfdir}/%{name}/*.xml
217 %config(noreplace) %{_sysconfdir}/%{name}/*.html
218 %config(noreplace) %{_sysconfdir}/%{name}/*.logger
219 %if "%{_vendor}" == "redhat" || "%{_vendor}" == "suse"
220 %config %{_initrddir}/shibd
222 %if "%{_vendor}" == "suse"
225 %{_sysconfdir}/%{name}/*.dist
226 %{_sysconfdir}/%{name}/apache*.config
227 %{_sysconfdir}/%{name}/shibd-*
228 %attr(755,-,-) %{_sysconfdir}/%{name}/keygen.sh
229 %attr(755,-,-) %{_sysconfdir}/%{name}/metagen.sh
230 %{_sysconfdir}/%{name}/*.xsl
232 %exclude %{pkgdocdir}/api
235 %defattr(-,root,root,-)
237 %{_libdir}/libshibsp.so
238 %{_libdir}/libshibsp-lite.so
239 %doc %{pkgdocdir}/api
242 * Sun Jun 26 2011 Scott Cantor <cantor.2@osu.edu> - 2.4.3-1
243 - Log files shouldn't be world readable.
244 - Explicit requirement for libcurl-openssl on RHEL6
245 - Uncomment LD_LIBRARY_PATH in init script for RHEL6
247 * Fri Dec 25 2009 Scott Cantor <cantor.2@osu.edu> - 2.4-1
248 - Update dependencies.
250 * Mon Nov 23 2009 Scott Cantor <cantor.2@osu.edu> - 2.3.1-1
251 - Reset revision for 2.3.1 release
253 * Wed Aug 19 2009 Scott Cantor <cantor.2@osu.edu> - 2.2.1-2
254 - SuSE init script changes
255 - Restart Apache on removal, not just upgrade
256 - Fix scriptlet exit values when Apache is stopped
258 * Mon Aug 10 2009 Scott Cantor <cantor.2@osu.edu> - 2.2.1-1
259 - Doc handling changes
262 * Tue Aug 4 2009 Scott Cantor <cantor.2@osu.edu> - 2.2.1-1
263 - Initial version for 2.2.1, with shibd/httpd restart on upgrade
265 * Thu Jun 25 2009 Scott Cantor <cantor.2@osu.edu> - 2.2-3
266 - Add additional cleanup to posttrans fix
268 * Tue Jun 23 2009 Scott Cantor <cantor.2@osu.edu> - 2.2-2
269 - Reverse without_builtinapache macro test
270 - Fix init script handling on Red Hat to handle upgrades
272 * Wed Dec 3 2008 Scott Cantor <cantor.2@osu.edu> - 2.2-1
273 - Bump minor version.
274 - Make keygen.sh executable.
275 - Fixing SUSE Xerces dependency name.
276 - Optionally package shib.conf.
278 * Tue Jun 10 2008 Scott Cantor <cantor.2@osu.edu> - 2.1-1
279 - Change shib.conf handling to treat as config file.
281 * Mon Mar 17 2008 Scott Cantor <cantor.2@osu.edu> - 2.0-6
284 * Fri Jan 18 2008 Scott Cantor <cantor.2@osu.edu> - 2.0-5
285 - Release candidate 1.
287 * Sun Oct 21 2007 Scott Cantor <cantor.2@osu.edu> - 2.0-4
288 - libexec -> lib/shibboleth changes
289 - Added doc subpackage
291 * Thu Aug 16 2007 Scott Cantor <cantor.2@osu.edu> - 2.0-3
294 * Fri Jul 13 2007 Scott Cantor <cantor.2@osu.edu> - 2.0-2
295 - Second alpha release.
297 * Sun Jun 10 2007 Scott Cantor <cantor.2@osu.edu> - 2.0-1
298 - First alpha release.
300 * Mon Oct 2 2006 Scott Cantor <cantor.2@osu.edu> - 1.3-11
301 - Applied fix for secadv 20061002
302 - Fix for metadata loader loop
304 * Wed Jun 15 2006 Scott Cantor <cantor.2@osu.edu> - 1.3-10
305 - Applied fix for sec 20060615
307 * Fri Apr 15 2006 Scott Cantor <cantor.2@osu.edu> - 1.3-9
308 - Misc. patches, SuSE, Apache 2.2, gcc 4.1, and 64-bit support
310 * Mon Jan 9 2006 Scott Cantor <cantor.2@osu.edu> - 1.3-8
311 - Applied new fix for secadv 20060109
313 * Tue Nov 8 2005 Scott Cantor <cantor.2@osu.edu> - 1.3-7
314 - Applied new fix for secadv 20050901 plus rollup
316 * Fri Sep 23 2005 Scott Cantor <cantor.2@osu.edu> - 1.3-6
317 - Minor patches and default config changes
319 - Fix shib.conf creation
320 - Integrated init.d script
321 - Prevent replacement of config files
323 * Thu Sep 1 2005 Scott Cantor <cantor.2@osu.edu> - 1.3-5
324 - Applied fix for secadv 20050901 plus rollup of NSAPI fixes
326 * Sun Apr 24 2005 Scott Cantor <cantor.2@osu.edu> - 1.3-1
327 - Updated test programs and location of schemas.
328 - move siterefresh to to sbindir
330 * Fri Apr 1 2005 Derek Atkins <derek@ihtfp.com> - 1.3-1
331 - Add selinux-targeted-policy package
332 - move shar to sbindir
334 * Tue Oct 19 2004 Derek Atkins <derek@ihtfp.com> - 1.2-1
335 - Create SPEC file based on various versions in existence.