2 Version: @PACKAGE_VERSION@
4 Summary: Open source system for attribute-based Web SSO
5 Group: Productivity/Networking/Security
8 URL: http://shibboleth.internet2.edu/
9 Source: %{name}-sp-%{version}.tar.gz
10 BuildRoot: %{_tmppath}/%{name}-%{version}-root
11 Requires: openssl, xmltooling-schemas, opensaml-schemas
12 %if 0%{?suse_version} > 1030 && 0%{?suse_version} < 1130
13 PreReq: %{insserv_prereq}
14 BuildRequires: libXerces-c-devel >= 2.8.0
16 BuildRequires: libxerces-c-devel >= 2.8.0
18 BuildRequires: libxml-security-c-devel >= 1.4.0
19 BuildRequires: libxmltooling-devel >= 1.4
20 BuildRequires: libsaml-devel >= 2.4
21 %{?_with_log4cpp:BuildRequires: liblog4cpp-devel >= 1.0}
22 %{!?_with_log4cpp:BuildRequires: liblog4shib-devel}
24 Requires: libcurl-openssl >= 7.21.7
25 BuildRequires: chrpath
27 BuildRequires: gcc-c++, zlib-devel
28 %{!?_without_doxygen:BuildRequires: doxygen}
29 %{!?_without_odbc:BuildRequires:unixODBC-devel}
30 %{?_with_fastcgi:BuildRequires: fcgi-devel}
31 %if "%{_vendor}" == "redhat"
32 %{!?_without_builtinapache:BuildRequires: httpd-devel}
33 BuildRequires: redhat-rpm-config
35 %if "%{_vendor}" == "suse"
36 %{!?_without_builtinapache:BuildRequires: apache2-devel}
39 %if "%{_vendor}" == "suse"
40 %define pkgdocdir %{_docdir}/%{name}
42 %define pkgdocdir %{_docdir}/%{name}-%{version}
46 Shibboleth is a Web Single Sign-On implementations based on OpenSAML
47 that supports multiple protocols, federated identity, and the extensible
48 exchange of rich attributes subject to privacy controls.
50 This package contains the Shibboleth Service Provider runtime libraries
54 Summary: Shibboleth development Headers
55 Group: Development/Libraries/C and C++
56 Requires: %{name} = %{version}-%{release}
57 %if 0%{?suse_version} > 1030 && 0%{?suse_version} < 1130
58 Requires: libXerces-c-devel >= 2.8.0
60 Requires: libxerces-c-devel >= 2.8.0
62 Requires: libxml-security-c-devel >= 1.4.0
63 Requires: libxmltooling-devel >= 1.4
64 Requires: libsaml-devel >= 2.4
65 %{?_with_log4cpp:Requires: liblog4cpp-devel >= 1.0}
66 %{!?_with_log4cpp:Requires: liblog4shib-devel}
69 Shibboleth is a Web Single Sign-On implementations based on OpenSAML
70 that supports multiple protocols, federated identity, and the extensible
71 exchange of rich attributes subject to privacy controls.
73 This package includes files needed for development with Shibboleth.
79 %configure %{?_without_odbc:--disable-odbc} %{?_without_adfs:--disable-adfs} %{?_with_fastcgi} %{?_with_memcached} %{?shib_options}
80 %{__make} pkgdocdir=%{pkgdocdir}
83 %{__make} install NOKEYGEN=1 DESTDIR=$RPM_BUILD_ROOT pkgdocdir=%{pkgdocdir}
85 %if "%{_vendor}" == "suse"
86 %{__sed} -i "s/\/var\/log\/httpd/\/var\/log\/apache2/g" \
87 $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/native.logger
90 %{__sed} -i "s/#_RHEL6_//g" \
91 $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/shibd-redhat
92 %{__sed} -i "s/\/opt\/shibboleth\/lib/%{_libdir}/g" \
93 $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/shibd-redhat
94 chrpath -d $RPM_BUILD_ROOT%{_sbindir}/shibd
95 chrpath -d $RPM_BUILD_ROOT%{_bindir}/mdquery
96 chrpath -d $RPM_BUILD_ROOT%{_bindir}/resolvertest
99 # Plug the SP into the built-in Apache on a recognized system.
102 if [ -f $RPM_BUILD_ROOT%{_libdir}/%{name}/mod_shib_13.so ] ; then
103 APACHE_CONFIG="apache.config"
105 if [ -f $RPM_BUILD_ROOT%{_libdir}/%{name}/mod_shib_20.so ] ; then
106 APACHE_CONFIG="apache2.config"
108 if [ -f $RPM_BUILD_ROOT%{_libdir}/%{name}/mod_shib_22.so ] ; then
109 APACHE_CONFIG="apache22.config"
111 %{?_without_builtinapache:APACHE_CONFIG="no"}
112 if [ "$APACHE_CONFIG" != "no" ] ; then
114 if [ -d %{_sysconfdir}/httpd/conf.d ] ; then
115 APACHE_CONFD="%{_sysconfdir}/httpd/conf.d"
117 if [ -d %{_sysconfdir}/apache2/conf.d ] ; then
118 APACHE_CONFD="%{_sysconfdir}/apache2/conf.d"
120 if [ "$APACHE_CONFD" != "no" ] ; then
121 %{__mkdir} -p $RPM_BUILD_ROOT$APACHE_CONFD
122 %{__cp} -p $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/$APACHE_CONFIG $RPM_BUILD_ROOT$APACHE_CONFD/shib.conf
123 echo "%config $APACHE_CONFD/shib.conf" > rpm.filelist
127 %if "%{_vendor}" == "redhat" || "%{_vendor}" == "suse"
128 # %{_initddir} not yet in RHEL5, use deprecated %{_initrddir}
129 install -d -m 0755 $RPM_BUILD_ROOT%{_initrddir}
130 install -m 0755 $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/shibd-%{_vendor} $RPM_BUILD_ROOT%{_initrddir}/shibd
131 %if "%{_vendor}" == "suse"
132 install -d -m 0755 $RPM_BUILD_ROOT/%{_sbindir}
133 %{__ln_s} -f %{_initrddir}/shibd $RPM_BUILD_ROOT%{_sbindir}/rcshibd
141 [ "$RPM_BUILD_ROOT" != "/" ] && %{__rm} -rf $RPM_BUILD_ROOT
144 %ifnos solaris2.8 solaris2.9 solaris2.10
149 cd %{_sysconfdir}/%{name}
152 %if "%{_vendor}" == "redhat"
153 # This adds the proper /etc/rc*.d links for the script
154 /sbin/chkconfig --add shibd
155 # On upgrade, restart components if they're already running.
156 if [ "$1" -gt "1" ] ; then
157 /etc/init.d/shibd status 1>/dev/null && /etc/init.d/shibd restart 1>/dev/null
158 %{!?_without_builtinapache:/etc/init.d/httpd status 1>/dev/null && /etc/init.d/httpd restart 1>/dev/null}
162 %if "%{_vendor}" == "suse"
163 # This adds the proper /etc/rc*.d links for the script
165 %insserv_force_if_yast shibd
169 %if "%{_vendor}" == "redhat"
170 if [ "$1" = 0 ] ; then
171 /sbin/service shibd stop >/dev/null 2>&1
172 /sbin/chkconfig --del shibd
173 %{!?_without_builtinapache:/etc/init.d/httpd status 1>/dev/null && /etc/init.d/httpd restart 1>/dev/null}
176 %if "%{_vendor}" == "suse"
177 %stop_on_removal shibd
178 if [ "$1" = 0 ] ; then
179 %{!?_without_builtinapache:/etc/init.d/apache2 status 1>/dev/null && /etc/init.d/apache2 restart 1>/dev/null}
185 %ifnos solaris2.8 solaris2.9 solaris2.10
188 %if "%{_vendor}" == "suse"
190 %restart_on_update shibd
191 %{!?_without_builtinapache:%restart_on_update apache2}
196 # ugly hack if init script got removed during %postun by upgraded (buggy/2.1) package
197 %if "%{_vendor}" == "redhat"
198 if [ ! -f %{_initrddir}/shibd ] ; then
199 if [ -f %{_sysconfdir}/%{name}/shibd-%{_vendor} ] ; then
200 %{__cp} -p %{_sysconfdir}/%{name}/shibd-%{_vendor} %{_initrddir}/shibd
201 %{__chmod} 755 %{_initrddir}/shibd
202 /sbin/chkconfig --add shibd
207 %files -f rpm.filelist
208 %defattr(-,root,root,-)
211 %{_bindir}/resolvertest
212 %{_libdir}/libshibsp.so.*
213 %{_libdir}/libshibsp-lite.so.*
214 %dir %{_libdir}/%{name}
216 %exclude %{_libdir}/%{name}/*.la
217 %attr(0750,-,-) %dir %{_localstatedir}/log/%{name}
218 %dir %{_localstatedir}/run/%{name}
219 %dir %{_datadir}/xml/%{name}
220 %{_datadir}/xml/%{name}/*
221 %dir %{_sysconfdir}/%{name}
222 %config(noreplace) %{_sysconfdir}/%{name}/*.xml
223 %config(noreplace) %{_sysconfdir}/%{name}/*.html
224 %config(noreplace) %{_sysconfdir}/%{name}/*.logger
225 %if "%{_vendor}" == "redhat" || "%{_vendor}" == "suse"
226 %config %{_initrddir}/shibd
228 %if "%{_vendor}" == "suse"
231 %{_sysconfdir}/%{name}/*.dist
232 %{_sysconfdir}/%{name}/apache*.config
233 %{_sysconfdir}/%{name}/shibd-*
234 %attr(755,-,-) %{_sysconfdir}/%{name}/keygen.sh
235 %attr(755,-,-) %{_sysconfdir}/%{name}/metagen.sh
236 %{_sysconfdir}/%{name}/*.xsl
238 %exclude %{pkgdocdir}/api
241 %defattr(-,root,root,-)
243 %{_libdir}/libshibsp.so
244 %{_libdir}/libshibsp-lite.so
245 %doc %{pkgdocdir}/api
248 * Sun Jun 26 2011 Scott Cantor <cantor.2@osu.edu> - 2.4.3-1
249 - Log files shouldn't be world readable.
250 - Explicit requirement for libcurl-openssl on RHEL6
251 - Uncomment LD_LIBRARY_PATH in init script for RHEL6
252 - Remove rpath from binaries for RHEL6
254 * Fri Dec 25 2009 Scott Cantor <cantor.2@osu.edu> - 2.4-1
255 - Update dependencies.
257 * Mon Nov 23 2009 Scott Cantor <cantor.2@osu.edu> - 2.3.1-1
258 - Reset revision for 2.3.1 release
260 * Wed Aug 19 2009 Scott Cantor <cantor.2@osu.edu> - 2.2.1-2
261 - SuSE init script changes
262 - Restart Apache on removal, not just upgrade
263 - Fix scriptlet exit values when Apache is stopped
265 * Mon Aug 10 2009 Scott Cantor <cantor.2@osu.edu> - 2.2.1-1
266 - Doc handling changes
269 * Tue Aug 4 2009 Scott Cantor <cantor.2@osu.edu> - 2.2.1-1
270 - Initial version for 2.2.1, with shibd/httpd restart on upgrade
272 * Thu Jun 25 2009 Scott Cantor <cantor.2@osu.edu> - 2.2-3
273 - Add additional cleanup to posttrans fix
275 * Tue Jun 23 2009 Scott Cantor <cantor.2@osu.edu> - 2.2-2
276 - Reverse without_builtinapache macro test
277 - Fix init script handling on Red Hat to handle upgrades
279 * Wed Dec 3 2008 Scott Cantor <cantor.2@osu.edu> - 2.2-1
280 - Bump minor version.
281 - Make keygen.sh executable.
282 - Fixing SUSE Xerces dependency name.
283 - Optionally package shib.conf.
285 * Tue Jun 10 2008 Scott Cantor <cantor.2@osu.edu> - 2.1-1
286 - Change shib.conf handling to treat as config file.
288 * Mon Mar 17 2008 Scott Cantor <cantor.2@osu.edu> - 2.0-6
291 * Fri Jan 18 2008 Scott Cantor <cantor.2@osu.edu> - 2.0-5
292 - Release candidate 1.
294 * Sun Oct 21 2007 Scott Cantor <cantor.2@osu.edu> - 2.0-4
295 - libexec -> lib/shibboleth changes
296 - Added doc subpackage
298 * Thu Aug 16 2007 Scott Cantor <cantor.2@osu.edu> - 2.0-3
301 * Fri Jul 13 2007 Scott Cantor <cantor.2@osu.edu> - 2.0-2
302 - Second alpha release.
304 * Sun Jun 10 2007 Scott Cantor <cantor.2@osu.edu> - 2.0-1
305 - First alpha release.
307 * Mon Oct 2 2006 Scott Cantor <cantor.2@osu.edu> - 1.3-11
308 - Applied fix for secadv 20061002
309 - Fix for metadata loader loop
311 * Wed Jun 15 2006 Scott Cantor <cantor.2@osu.edu> - 1.3-10
312 - Applied fix for sec 20060615
314 * Fri Apr 15 2006 Scott Cantor <cantor.2@osu.edu> - 1.3-9
315 - Misc. patches, SuSE, Apache 2.2, gcc 4.1, and 64-bit support
317 * Mon Jan 9 2006 Scott Cantor <cantor.2@osu.edu> - 1.3-8
318 - Applied new fix for secadv 20060109
320 * Tue Nov 8 2005 Scott Cantor <cantor.2@osu.edu> - 1.3-7
321 - Applied new fix for secadv 20050901 plus rollup
323 * Fri Sep 23 2005 Scott Cantor <cantor.2@osu.edu> - 1.3-6
324 - Minor patches and default config changes
326 - Fix shib.conf creation
327 - Integrated init.d script
328 - Prevent replacement of config files
330 * Thu Sep 1 2005 Scott Cantor <cantor.2@osu.edu> - 1.3-5
331 - Applied fix for secadv 20050901 plus rollup of NSAPI fixes
333 * Sun Apr 24 2005 Scott Cantor <cantor.2@osu.edu> - 1.3-1
334 - Updated test programs and location of schemas.
335 - move siterefresh to to sbindir
337 * Fri Apr 1 2005 Derek Atkins <derek@ihtfp.com> - 1.3-1
338 - Add selinux-targeted-policy package
339 - move shar to sbindir
341 * Tue Oct 19 2004 Derek Atkins <derek@ihtfp.com> - 1.2-1
342 - Create SPEC file based on various versions in existence.