From: Scott Cantor <cantor.2@osu.edu>
Date: Thu, 25 Aug 2011 00:23:19 +0000 (+0000)
Subject: Add post script for shib.conf cleanup.
X-Git-Tag: 2.5.0~245
X-Git-Url: http://www.project-moonshot.org/gitweb/?p=shibboleth%2Fcpp-sp.git;a=commitdiff_plain;h=d4d9109d5378266f4ba1751cea2a2f81f997224d

Add post script for shib.conf cleanup.
---

diff --git a/shibboleth.spec.in b/shibboleth.spec.in
index 9eb22ee..0e394c6 100644
--- a/shibboleth.spec.in
+++ b/shibboleth.spec.in
@@ -11,19 +11,19 @@ BuildRoot:	%{_tmppath}/%{name}-%{version}-root
 Requires:	openssl
 PreReq:		xmltooling-schemas, opensaml-schemas
 %if 0%{?suse_version} > 1030 && 0%{?suse_version} < 1130
-PreReq:         %{insserv_prereq}
-BuildRequires:  libXerces-c-devel >= 2.8.0
+PreReq:		%{insserv_prereq}
+BuildRequires:	libXerces-c-devel >= 2.8.0
 %else
-BuildRequires:  libxerces-c-devel >= 2.8.0
+BuildRequires:	libxerces-c-devel >= 2.8.0
 %endif
-BuildRequires:  libxml-security-c-devel >= 1.4.0
-BuildRequires:  libxmltooling-devel >= 1.5
-BuildRequires:  libsaml-devel >= 2.5
+BuildRequires:	libxml-security-c-devel >= 1.4.0
+BuildRequires:	libxmltooling-devel >= 1.5
+BuildRequires:	libsaml-devel >= 2.5
 %{?_with_log4cpp:BuildRequires: liblog4cpp-devel >= 1.0}
 %{!?_with_log4cpp:BuildRequires: liblog4shib-devel}
 %if 0%{?rhel} >= 6 || 0%{?centos_version} >= 600
-Requires: libcurl-openssl >= 7.21.7
-BuildRequires: chrpath
+Requires:		libcurl-openssl >= 7.21.7
+BuildRequires:	chrpath
 %endif
 BuildRequires:  gcc-c++, zlib-devel
 %{!?_without_doxygen:BuildRequires: doxygen}
@@ -48,11 +48,11 @@ Shibboleth is a Web Single Sign-On implementations based on OpenSAML
 that supports multiple protocols, federated identity, and the extensible
 exchange of rich attributes subject to privacy controls.
 
-This package contains the Shibboleth Service Provider runtime libraries
-and Apache module(s).
+This package contains the Shibboleth Service Provider runtime libraries,
+daemon, default plugins, and Apache module(s).
 
 %package devel
-Summary:	Shibboleth development Headers
+Summary:	Shibboleth Development Headers
 Group:		Development/Libraries/C and C++
 Requires:	%{name} = %{version}-%{release}
 %if 0%{?suse_version} > 1030 && 0%{?suse_version} < 1130
@@ -101,28 +101,28 @@ This package includes files needed for development with Shibboleth.
 touch rpm.filelist
 APACHE_CONFIG="no"
 if [ -f $RPM_BUILD_ROOT%{_libdir}/%{name}/mod_shib_13.so ] ; then
-    APACHE_CONFIG="apache.config"
+	APACHE_CONFIG="apache.config"
 fi
 if [ -f $RPM_BUILD_ROOT%{_libdir}/%{name}/mod_shib_20.so ] ; then
-    APACHE_CONFIG="apache2.config"
+	APACHE_CONFIG="apache2.config"
 fi
 if [ -f $RPM_BUILD_ROOT%{_libdir}/%{name}/mod_shib_22.so ] ; then
-    APACHE_CONFIG="apache22.config"
+	APACHE_CONFIG="apache22.config"
 fi
 %{?_without_builtinapache:APACHE_CONFIG="no"}
 if [ "$APACHE_CONFIG" != "no" ] ; then
-    APACHE_CONFD="no"
-    if [ -d %{_sysconfdir}/httpd/conf.d ] ; then
-            APACHE_CONFD="%{_sysconfdir}/httpd/conf.d"
-    fi
-    if [ -d %{_sysconfdir}/apache2/conf.d ] ; then
-            APACHE_CONFD="%{_sysconfdir}/apache2/conf.d"
-    fi
-    if [ "$APACHE_CONFD" != "no" ] ; then
-        %{__mkdir} -p $RPM_BUILD_ROOT$APACHE_CONFD
-        %{__cp} -p $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/$APACHE_CONFIG $RPM_BUILD_ROOT$APACHE_CONFD/shib.conf 
-        echo "%config(noreplace) $APACHE_CONFD/shib.conf" > rpm.filelist
-    fi
+	APACHE_CONFD="no"
+	if [ -d %{_sysconfdir}/httpd/conf.d ] ; then
+		APACHE_CONFD="%{_sysconfdir}/httpd/conf.d"
+	fi
+	if [ -d %{_sysconfdir}/apache2/conf.d ] ; then
+		APACHE_CONFD="%{_sysconfdir}/apache2/conf.d"
+	fi
+	if [ "$APACHE_CONFD" != "no" ] ; then
+		%{__mkdir} -p $RPM_BUILD_ROOT$APACHE_CONFD
+		%{__cp} -p $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/$APACHE_CONFIG $RPM_BUILD_ROOT$APACHE_CONFD/shib.conf 
+		echo "%config(noreplace) $APACHE_CONFD/shib.conf" > rpm.filelist
+	fi
 fi
 
 %if "%{_vendor}" == "redhat" || "%{_vendor}" == "suse"
@@ -150,20 +150,40 @@ fi
 cd %{_sysconfdir}/%{name}
 sh ./keygen.sh -b
 
+if [ "$1" -gt "1" ] ; then
+	# On systems with shib.conf installed, clean up old Alias commands
+	# by pointing them at new version-independent /usr/share/share tree.
+	# Any Aliases we didn't create we assume are custom files.
+	# This is to accomodate making shib.conf a noreplace config file.
+	APACHE_CONF="no"
+	if [ -f %{_sysconfdir}/httpd/conf.d/shib.conf ] ; then
+		APACHE_CONF="%{_sysconfdir}/httpd/conf.d/shib.conf"
+	fi
+	if [ -f %{_sysconfdir}/apache2/conf.d/shib.conf ] ; then
+		APACHE_CONF="%{_sysconfdir}/apache2/conf.d/shib.conf"
+	fi
+	if [ "$APACHE_CONF" != "no" ] ; then
+		%{__sed} -i "s/\/usr\/share\/doc\/shibboleth\(\-\(.\)\{1,\}\)\{0,1\}\/main\.css/\/usr\/share\/shibboleth\/main.css/g" \
+			$APACHE_CONF
+		%{__sed} -i "s/\/usr\/share\/doc\/shibboleth\(\-\(.\)\{1,\}\)\{0,1\}\/logo\.jpg/\/usr\/share\/shibboleth\/logo.jpg/g" \
+			$APACHE_CONF
+	fi
+fi
+
 %if "%{_vendor}" == "redhat"
 	# This adds the proper /etc/rc*.d links for the script
 	/sbin/chkconfig --add shibd
 	# On upgrade, restart components if they're already running.
-    if [ "$1" -gt "1" ] ; then
-        /etc/init.d/shibd status 1>/dev/null && /etc/init.d/shibd restart 1>/dev/null
-        %{!?_without_builtinapache:/etc/init.d/httpd status 1>/dev/null && /etc/init.d/httpd restart 1>/dev/null}
-        exit 0
-    fi
+	if [ "$1" -gt "1" ] ; then
+		/etc/init.d/shibd status 1>/dev/null && /etc/init.d/shibd restart 1>/dev/null
+		%{!?_without_builtinapache:/etc/init.d/httpd status 1>/dev/null && /etc/init.d/httpd restart 1>/dev/null}
+		exit 0
+	fi
 %endif
 %if "%{_vendor}" == "suse"
-    # This adds the proper /etc/rc*.d links for the script
-    cd /
-    %insserv_force_if_yast shibd
+	# This adds the proper /etc/rc*.d links for the script
+	cd /
+	%insserv_force_if_yast shibd
 %endif
 
 %preun
@@ -171,14 +191,14 @@ sh ./keygen.sh -b
 	if [ "$1" = 0 ] ; then
 		/sbin/service shibd stop >/dev/null 2>&1
 		/sbin/chkconfig --del shibd
-        %{!?_without_builtinapache:/etc/init.d/httpd status 1>/dev/null && /etc/init.d/httpd restart 1>/dev/null}
+		%{!?_without_builtinapache:/etc/init.d/httpd status 1>/dev/null && /etc/init.d/httpd restart 1>/dev/null}
 	fi
 %endif
 %if "%{_vendor}" == "suse"
-    %stop_on_removal shibd
-    if [ "$1" = 0 ] ; then
-        %{!?_without_builtinapache:/etc/init.d/apache2 status 1>/dev/null && /etc/init.d/apache2 restart 1>/dev/null}
-    fi
+	%stop_on_removal shibd
+	if [ "$1" = 0 ] ; then
+		%{!?_without_builtinapache:/etc/init.d/apache2 status 1>/dev/null && /etc/init.d/apache2 restart 1>/dev/null}
+	fi
 %endif
 exit 0
 
@@ -196,13 +216,13 @@ cd /
 %posttrans
 # ugly hack if init script got removed during %postun by upgraded (buggy/2.1) package
 %if "%{_vendor}" == "redhat"
-    if [ ! -f %{_initrddir}/shibd ] ; then
-        if [ -f %{_sysconfdir}/%{name}/shibd-%{_vendor} ] ; then
-            %{__cp} -p %{_sysconfdir}/%{name}/shibd-%{_vendor} %{_initrddir}/shibd
-            %{__chmod} 755 %{_initrddir}/shibd
-            /sbin/chkconfig --add shibd
-        fi
-    fi
+	if [ ! -f %{_initrddir}/shibd ] ; then
+		if [ -f %{_sysconfdir}/%{name}/shibd-%{_vendor} ] ; then
+			%{__cp} -p %{_sysconfdir}/%{name}/shibd-%{_vendor} %{_initrddir}/shibd
+			%{__chmod} 755 %{_initrddir}/shibd
+			/sbin/chkconfig --add shibd
+	fi
+fi
 %endif
 
 %files -f rpm.filelist
@@ -248,6 +268,11 @@ cd /
 %doc %{pkgdocdir}/api
 
 %changelog
+* Tue Aug 9 2011  Scott Cantor  <cantor.2@osu.edu>  - 2.5-1
+- Move logo and stylesheet to version-independent tree
+- Make shib.conf noreplace
+- Post-fixup of Alias commands in older shib.conf
+
 * Sun Jun 26 2011  Scott Cantor  <cantor.2@osu.edu>  - 2.4.3-1
 - Log files shouldn't be world readable.
 - Explicit requirement for libcurl-openssl on RHEL6