-Name: shibboleth-sp
+Name: shibboleth
Version: @PACKAGE_VERSION@
Release: 1
Summary: Open source system for attribute-based Web SSO
Group: Productivity/Networking/Security
-Vendor: Internet2
+Vendor: Shibboleth Consortium
License: Apache 2.0
-URL: http://shibboleth.internet2.edu/
-Source: %{name}-%{version}.tar.gz
-BuildRoot: %{_tmppath}/%{name}-%{version}-root
-Obsoletes: @PACKAGE_NAME@ < %{version}-%{release}
+URL: http://shibboleth.net/
+Source: %{name}-sp-%{version}.tar.bz2
+BuildRoot: %{_tmppath}/%{name}-sp-%{version}-root
+Obsoletes: shibboleth-sp = 2.5.0
Requires: openssl
-PreReq: xmltooling-schemas, opensaml-schemas
+%if 0%{?rhel} >= 6 || 0%{?centos_version} >= 600 || 0%{?amzn} >= 1
+PreReq: xmltooling-schemas%{?_isa} >= 1.5.0, opensaml-schemas%{?_isa} >= 2.5.0
+%else
+PreReq: xmltooling-schemas >= 1.5.0, opensaml-schemas >= 2.5.0
+%endif
%if 0%{?suse_version} > 1030 && 0%{?suse_version} < 1130
PreReq: %{insserv_prereq} %{fillup_prereq}
-BuildRequires: libXerces-c-devel >= 2.8.0
+BuildRequires: libxerces-c-devel >= 3.1
%else
-BuildRequires: libxerces-c-devel >= 2.8.0
+%if 0%{?rhel} >= 7 || 0%{?centos_version} >= 700
+BuildRequires: xerces-c-devel >= 3.1
+%else
+BuildRequires: libxerces-c-devel >= 3.1
+%endif
%endif
BuildRequires: libxml-security-c-devel >= 1.4.0
-BuildRequires: libxmltooling-devel >= 1.5
-BuildRequires: libsaml-devel >= 2.5
+BuildRequires: libxmltooling-devel >= 1.5.0
+BuildRequires: libsaml-devel >= 2.5.0
%{?_with_log4cpp:BuildRequires: liblog4cpp-devel >= 1.0}
-%{!?_with_log4cpp:BuildRequires: liblog4shib-devel}
-%if 0%{?rhel} >= 6 || 0%{?centos_version} >= 600
-Requires: libcurl-openssl >= 7.21.7
+%{!?_with_log4cpp:BuildRequires: liblog4shib-devel >= 1.0.4}
+%if 0%{?rhel} >= 6 || 0%{?centos_version} >= 600 || 0%{?amzn} >= 1
+Requires: libcurl-openssl%{?_isa} >= 7.21.7
BuildRequires: chrpath
%endif
+%if 0%{?suse_version} > 1300
+BuildRequires: libtool
+%endif
BuildRequires: gcc-c++, zlib-devel, boost-devel >= 1.32.0
+%{!?_without_gssapi:BuildRequires: krb5-devel}
%{!?_without_doxygen:BuildRequires: doxygen}
%{!?_without_odbc:BuildRequires:unixODBC-devel}
%{?_with_fastcgi:BuildRequires: fcgi-devel}
BuildRequires: libmemcached-devel
%endif
%{?_with_memcached:BuildRequires: libmemcached-devel}
-%if "%{_vendor}" == "redhat"
+%if "%{_vendor}" == "redhat" || "%{_vendor}" == "amazon"
+%if 0%{?rhel} >= 6 || 0%{?centos_version} >= 600 || 0%{?amzn} >= 1
+%{!?_without_builtinapache:BuildRequires: httpd-devel%{?_isa}}
+%else
%{!?_without_builtinapache:BuildRequires: httpd-devel}
+%endif
BuildRequires: redhat-rpm-config
Requires(pre): shadow-utils
Requires(post): chkconfig
Summary: Shibboleth Development Headers
Group: Development/Libraries/C and C++
Requires: %{name} = %{version}-%{release}
-%if 0%{?suse_version} > 1030 && 0%{?suse_version} < 1130
-Requires: libXerces-c-devel >= 2.8.0
+Obsoletes: shibboleth-sp-devel = 2.5.0
+%if 0%{?rhel} >= 7 || 0%{?centos_version} >= 700
+Requires: xerces-c-devel >= 3.1
%else
-Requires: libxerces-c-devel >= 2.8.0
+Requires: libxerces-c-devel >= 3.1
%endif
Requires: libxml-security-c-devel >= 1.4.0
-Requires: libxmltooling-devel >= 1.5
-Requires: libsaml-devel >= 2.5
+Requires: libxmltooling-devel >= 1.5.0
+Requires: libsaml-devel >= 2.5.0
%{?_with_log4cpp:Requires: liblog4cpp-devel >= 1.0}
-%{!?_with_log4cpp:Requires: liblog4shib-devel}
+%{!?_with_log4cpp:Requires: liblog4shib-devel >= 1.0.4}
%description devel
Shibboleth is a Web Single Sign-On implementations based on OpenSAML
This package includes files needed for development with Shibboleth.
%prep
-%setup -q
+%setup -n %{name}-sp-%{version}
%build
%if 0%{?centos_version} >= 600
- %configure %{?_without_odbc:--disable-odbc} %{?_without_adfs:--disable-adfs} %{?_with_fastcgi} %{!?_without_memcached:--with-memcached} %{?shib_options}
+ %configure %{?_without_odbc:--disable-odbc} %{?_without_adfs:--disable-adfs} %{?_with_fastcgi} %{!?_without_gssapi:--with-gssapi} %{!?_without_memcached:--with-memcached} %{?shib_options}
%else
- %configure %{?_without_odbc:--disable-odbc} %{?_without_adfs:--disable-adfs} %{?_with_fastcgi} %{?_with_memcached} %{?shib_options}
+ %configure %{?_without_odbc:--disable-odbc} %{?_without_adfs:--disable-adfs} %{?_with_fastcgi} %{!?_without_gssapi:--with-gssapi} %{?_with_memcached} %{?shib_options}
%endif
%{__make} pkgdocdir=%{pkgdocdir}
# Establish location of sysconfig file, if any.
SYSCONFIG_SHIBD="no"
-%if "%{_vendor}" == "redhat"
+%if "%{_vendor}" == "redhat" || "%{_vendor}" == "amazon"
%{__mkdir} -p $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig
echo "%config(noreplace) %{_sysconfdir}/sysconfig/shibd" >> rpm.filelist
SYSCONFIG_SHIBD="$RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/shibd"
# User account for shibd
SHIBD_USER=%{runuser}
EOF
- %if 0%{?rhel} >= 6 || 0%{?centos_version} >= 600
+ %if 0%{?rhel} >= 6 || 0%{?centos_version} >= 600 || 0%{?amzn} >= 1
cat >> $SYSCONFIG_SHIBD <<EOF
# Override OS-supplied libcurl
%endif
fi
-%if "%{_vendor}" == "redhat" || "%{_vendor}" == "suse"
+%if "%{_vendor}" == "redhat" || "%{_vendor}" == "amazon" || "%{_vendor}" == "suse"
# %{_initddir} not yet in RHEL5, use deprecated %{_initrddir}
install -d -m 0755 $RPM_BUILD_ROOT%{_initrddir}
install -m 0755 $RPM_BUILD_ROOT%{_sysconfdir}/shibboleth/shibd-%{_vendor} $RPM_BUILD_ROOT%{_initrddir}/shibd
exit 0
%post
-%ifnos solaris2.8 solaris2.9 solaris2.10
+%ifnos solaris2.8 solaris2.9 solaris2.10 solaris2.11
/sbin/ldconfig
%endif
# Fix ownership of log files (even on new installs, if they're left from an older one).
%{__chown} %{runuser}:%{runuser} %{_localstatedir}/log/shibboleth/* 2>/dev/null || :
-%if "%{_vendor}" == "redhat"
+%if "%{_vendor}" == "redhat" || "%{_vendor}" == "amazon"
if [ "$1" -gt "1" ] ; then
# On Red Hat with shib.conf installed, clean up old Alias commands
# by pointing them at new version-independent /usr/share/share tree.
# This adds the proper /etc/rc*.d links for the script
/sbin/chkconfig --add shibd
-
- # On upgrade, restart components if they're already running.
- # This gets repeated now down in %postun, and the next release
- # should remove this copy. If we yank it now, we'll break upgrades.
- if [ "$1" -gt "1" ] ; then
- /etc/init.d/shibd status 1>/dev/null && /etc/init.d/shibd restart 1>/dev/null
- %{!?_without_builtinapache:/etc/init.d/httpd status 1>/dev/null && /etc/init.d/httpd restart 1>/dev/null}
- exit 0
- fi
%endif
%if "%{_vendor}" == "suse"
# This adds the proper /etc/rc*.d links for the script
%preun
# On final removal, stop shibd and remove service, restart Apache if running.
-%if "%{_vendor}" == "redhat"
+%if "%{_vendor}" == "redhat" || "%{_vendor}" == "amazon"
if [ "$1" -eq 0 ] ; then
/sbin/service shibd stop >/dev/null 2>&1
/sbin/chkconfig --del shibd
- %{!?_without_builtinapache:/etc/init.d/httpd status 1>/dev/null && /etc/init.d/httpd restart 1>/dev/null}
+ %{!?_without_builtinapache:/sbin/service httpd status 1>/dev/null && /sbin/service httpd restart 1>/dev/null}
fi
%endif
%if "%{_vendor}" == "suse"
%stop_on_removal shibd
if [ "$1" -eq 0 ] ; then
- %{!?_without_builtinapache:/etc/init.d/apache2 status 1>/dev/null && /etc/init.d/apache2 restart 1>/dev/null}
+ %{!?_without_builtinapache:/sbin/service apache2 status 1>/dev/null && /sbin/service apache2 restart 1>/dev/null}
fi
%endif
exit 0
%postun
-%ifnos solaris2.8 solaris2.9 solaris2.10
+%ifnos solaris2.8 solaris2.9 solaris2.10 solaris2.11
/sbin/ldconfig
%endif
-%if "%{_vendor}" == "redhat"
+%if "%{_vendor}" == "redhat" || "%{_vendor}" == "amazon"
# On upgrade, restart components if they're already running.
if [ "$1" -ge "1" ] ; then
- /etc/init.d/shibd status 1>/dev/null && /etc/init.d/shibd restart 1>/dev/null
- %{!?_without_builtinapache:/etc/init.d/httpd status 1>/dev/null && /etc/init.d/httpd restart 1>/dev/null}
+ /sbin/service shibd status 1>/dev/null && /sbin/service shibd restart 1>/dev/null
+ %{!?_without_builtinapache:/sbin/service httpd status 1>/dev/null && /sbin/service httpd restart 1>/dev/null}
exit 0
fi
%endif
%posttrans
# ugly hack if init script got removed during %postun by upgraded (buggy/2.1) package
-%if "%{_vendor}" == "redhat"
+%if "%{_vendor}" == "redhat" || "%{_vendor}" == "amazon"
if [ ! -f %{_initrddir}/shibd ] ; then
if [ -f %{_sysconfdir}/shibboleth/shibd-%{_vendor} ] ; then
%{__cp} -p %{_sysconfdir}/shibboleth/shibd-%{_vendor} %{_initrddir}/shibd
%{_libdir}/libshibsp-lite.so.*
%dir %{_libdir}/shibboleth
%{_libdir}/shibboleth/*
-%exclude %{_libdir}/shibboleth/*.la
%attr(0750,%{runuser},%{runuser}) %dir %{_localstatedir}/log/shibboleth
+%if "%{_vendor}" == "redhat" || "%{_vendor}" == "amazon" || "%{_vendor}" == "suse"
+%if "%{_vendor}" == "redhat" || "%{_vendor}" == "amazon"
+%attr(0750,apache,apache) %dir %{_localstatedir}/log/shibboleth-www
+%endif
+%if "%{_vendor}" == "suse"
+%attr(0750,wwwrun,www) %dir %{_localstatedir}/log/shibboleth-www
+%endif
+%else
+%attr(0750,-,-) %dir %{_localstatedir}/log/shibboleth-www
+%endif
+%if 0%{?suse_version} < 1300
%attr(0755,%{runuser},%{runuser}) %dir %{_localstatedir}/run/shibboleth
+%endif
%attr(0755,%{runuser},%{runuser}) %dir %{_localstatedir}/cache/shibboleth
%dir %{_datadir}/xml/shibboleth
%{_datadir}/xml/shibboleth/*
%config(noreplace) %{_sysconfdir}/shibboleth/*.xml
%config(noreplace) %{_sysconfdir}/shibboleth/*.html
%config(noreplace) %{_sysconfdir}/shibboleth/*.logger
-%if "%{_vendor}" == "redhat" || "%{_vendor}" == "suse"
+%if "%{_vendor}" == "redhat" || "%{_vendor}" == "amazon" || "%{_vendor}" == "suse"
%config %{_initrddir}/shibd
%endif
%if "%{_vendor}" == "suse"
%doc %{pkgdocdir}/api
%changelog
-* Thu Mar 1 2012 Scott Cantor <cantor.2@osu.edu> - 2.5-1
+* Mon Mar 9 2015 Scott Cantor <cantor.2@osu.edu> - 2.5.4-1
+- Add Amazon VM support
+- Add a separate native logging directory
+- Remove hard-coded init.d usage
+- Switch to bz2 sources to prevent future issues with SuSE
+
+* Mon Nov 17 2014 Scott Cantor <cantor.2@osu.edu> - 2.5.3-2
+- Add libtool dep for OpenSUSE 13
+- Remove /var/run/shibboleth for OpenSUSE 13
+
+* Tue May 13 2014 Ian Young <ian@iay.org.uk> - 2.5.3-1.2
+- Update package dependencies for RHEL/CentOS 7
+- Fix bogus dates in changelog
+
+* Sat Jun 8 2013 Scott Cantor <cantor.2@osu.edu> - 2.5.2-1
+- Add --with-gssapi using MIT K5 by default
+
+* Tue Sep 25 2012 Scott Cantor <cantor.2@osu.edu> - 2.5.1-1
+- Merge back various changes used in released packages
+- Prep for 2.5.1 by pulling extra restart out
+
+* Tue Aug 7 2012 Scott Cantor <cantor.2@osu.edu> - 2.5.0-2
+- Changed package name back to shibboleth because of upgrade bugs
+- Put back extra restart for this release only.
+
+* Thu Mar 1 2012 Scott Cantor <cantor.2@osu.edu> - 2.5.0-1
- Move logo and stylesheet to version-independent tree
- Make shib.conf noreplace
- Post-fixup of Alias commands in older shib.conf
- Applied fix for secadv 20061002
- Fix for metadata loader loop
-* Wed Jun 15 2006 Scott Cantor <cantor.2@osu.edu> - 1.3-10
+* Thu Jun 15 2006 Scott Cantor <cantor.2@osu.edu> - 1.3-10
- Applied fix for sec 20060615
-* Fri Apr 15 2006 Scott Cantor <cantor.2@osu.edu> - 1.3-9
+* Sat Apr 15 2006 Scott Cantor <cantor.2@osu.edu> - 1.3-9
- Misc. patches, SuSE, Apache 2.2, gcc 4.1, and 64-bit support
* Mon Jan 9 2006 Scott Cantor <cantor.2@osu.edu> - 1.3-8