varrundir = $(localstatedir)/run
pkgsysconfdir = $(sysconfdir)/@PACKAGE@
pkgsysconf_DATA = \
+ shibd \
apache.config \
apache2.config \
inqueue.pem
apache2.config: ${srcdir}/apache2.config.in Makefile ${top_builddir}/config.status
$(MAKE) do-build-file FILE=$@
+shibd: ${srcdir}/shibd.in Makefile ${top_builddir}/config.status
+ $(MAKE) do-build-file FILE=$@
+
shibd.logger: ${srcdir}/shibd.logger.in Makefile ${top_builddir}/config.status
$(MAKE) do-build-file FILE=$@
CLEANFILES = \
apache.config \
apache2.config \
+ shibd \
shibd.logger \
native.logger \
shibboleth.xml \
shibd.logger.in \
apache.config.in \
apache2.config.in \
+ shibd.in \
shibboleth.logger \
accessError.html \
rmError.html \
--- /dev/null
+#!/bin/bash
+#
+# Startup script for the Shibboleth Service Provider Daemon
+#
+# chkconfig: - 98 02
+# description: Shibboleth Service Provider Daemon
+# processname: shibd
+# pidfile: @-VARRUNDIR-@/shibd.pid
+# config: @-PKGSYSCONFDIR-@/shibboleth.xml
+
+# Source function library.
+. /etc/rc.d/init.d/functions
+shibd="@-PREFIX-@/sbin/shibd"
+SHIBD_USER=root
+pidfile=@-VARRUNDIR-@/shibd.pid
+prog=shibd
+RETVAL=0
+
+start() {
+ echo -n $"Starting $prog: "
+ if [ -f /var/lock/subsys/shibd ] ; then
+ if [ -f $pidfile ]; then
+ read kpid < $pidfile
+ if checkpid $kpid 2>&1; then
+ echo "process already running"
+ return -1
+ else
+ echo "lock file found but no process running for pid $kpid, continuing"
+ fi
+ fi
+ fi
+
+ export SHIBD_PID=$pidfile
+ touch $pidfile
+ chown $SHIBD_USER:$SHIBD_USER $pidfile
+ # daemon function just hangs, so I'm using su directly
+ su - $SHIBD_USER -c "$shibd -p $pidfile -f &"
+
+ RETVAL=$?
+ echo
+ [ $RETVAL = 0 ] && touch /var/lock/subsys/shibd
+ return $RETVAL
+}
+
+stop() {
+ echo -n $"Stopping $prog: "
+ if [ -f $pidfile ]; then
+ read kpid < $pidfile
+ kill $kpid
+ else
+ killproc shibd
+ fi
+
+ RETVAL=$?
+ echo
+ [ $RETVAL = 0 ] && rm -f /var/lock/subsys/shibd $pidfile
+}
+
+# See how we were called.
+case "$1" in
+ start)
+ start
+ ;;
+ stop)
+ stop
+ ;;
+ status)
+ status $shibd
+ RETVAL=$?
+ ;;
+ restart)
+ stop
+ sleep 5
+ start
+ ;;
+ *)
+ echo $"Usage: $prog {start|stop|restart}"
+ exit 1
+esac
+
+exit $RETVAL
Name: shibboleth
Summary: Open source system to enable inter-institutional resource sharing
Version: @-VERSION-@
-Release: 4
+Release: 6
#Copyright: University Corporation for Advanced Internet Development, Inc.
Group: System Environment/Libraries
License: Apache style
/sbin/ldconfig
# Plug the shibboleth SP into Apache2 on a Red Hat system.
-[ -d %{_sysconfdir}/httpd/conf.d ] || exit 0
-[ -f %{_sysconfdir}/httpd/conf.d/shib.conf ] && exit 0
-cp -p %{_sysconfdir}/shibboleth/apache2.config \
- %{_sysconfdir}/httpd/conf.d/shib.conf
+if [ -d %{_sysconfdir}/httpd/conf.d ] ; then
+ if [ ! -f %{_sysconfdir}/httpd/conf.d/shib.conf ] ; then
+ sed "s/\/usr\/doc\/shibboleth/\/usr\/share\/doc\/shibboleth-@-VERSION-@/g" \
+ %{_sysconfdir}/shibboleth/apache2.config \
+ > %{_sysconfdir}/httpd/conf.d/shib.conf
+ fi
+fi
+
+# Install the shibd init.d scripts and service
+if [ -d %{_sysconfdir}/init.d ] ; then
+ if [ ! -f %{_sysconfdir}/init.d/shibd ] ; then
+ cp -p %{_sysconfdir}/shibboleth/shibd %{_sysconfdir}/init.d/shibd
+ chmod 755 %{_sysconfdir}/init.d/shibd
+ chkconfig --add shibd
+ fi
+fi
%postun
/sbin/ldconfig
# delete the shibboleth apache configuration if we're being removed
-[ "$0" = 0 ] || exit 0
+[ "$1" = 0 ] || exit 0
[ -f %{_sysconfdir}/httpd/conf.d/shib.conf ] && \
rm -f %{_sysconfdir}/httpd/conf.d/shib.conf
+# clear init.d state
+chkconfig --del shibd
+[ -f %{_sysconfdir}/init.d/shibd ] && \
+ rm -f %{_sysconfdir}/init.d/shibd
+
%triggerin selinux-policy-targeted -- %{name}
restorecon %{_sbindir}/shibd
%config %{_sysconfdir}/shibboleth/sp-example.key
%{_sysconfdir}/shibboleth/*.dist
%{_sysconfdir}/shibboleth/apache*.config
+%{_sysconfdir}/shibboleth/shibd
%exclude %{_bindir}/posttest
%exclude %{_bindir}/test-client
%{_sysconfdir}/selinux/targeted/src/policy/domains/program/*.te
%changelog
+* Fri Sep 23 2005 Scott Cantor <cantor.2@osu.edu> - 1.3-6
+- Minor patches and default config changes
+- pidfile patch
+- Fix shib.conf creation
+- Integrated init.d script
+
+* Thu Sep 1 2005 Scott Cantor <cantor.2@osu.edu> - 1.3-5
+- Applied fix for secadv 20050901 plus rollup of NSAPI fixes
+
* Sun Apr 24 2005 Scott Cantor <cantor.2@osu.edu> - 1.3-1
- Updated test programs and location of schemas.
- move siterefresh to to sbindir