diff options
Diffstat (limited to 'pki/dogtag/tks/pki-tks.spec')
-rw-r--r-- | pki/dogtag/tks/pki-tks.spec | 115 |
1 files changed, 115 insertions, 0 deletions
diff --git a/pki/dogtag/tks/pki-tks.spec b/pki/dogtag/tks/pki-tks.spec new file mode 100644 index 000000000..8a570f1c8 --- /dev/null +++ b/pki/dogtag/tks/pki-tks.spec @@ -0,0 +1,115 @@ +Name: pki-tks +Version: 9.0.0 +Release: 1%{?dist} +Summary: Dogtag Certificate System - Token Key Service +URL: http://pki.fedoraproject.org/ +License: GPLv2 +Group: System Environment/Daemons + +BuildArch: noarch + +BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) + +BuildRequires: ant +BuildRequires: java-devel >= 1:1.6.0 +BuildRequires: jpackage-utils +BuildRequires: jss >= 4.2.6 +BuildRequires: pki-common +BuildRequires: pki-util +BuildRequires: tomcatjss + +Requires: java >= 1:1.6.0 +Requires: pki-tks-ui +Requires: pki-common +Requires: pki-selinux +Requires(post): chkconfig +Requires(preun): chkconfig +Requires(preun): initscripts +Requires(postun): initscripts + +Source0: http://pki.fedoraproject.org/pki/sources/%{name}/%{name}-%{version}.tar.gz + +%description +Dogtag Certificate System is an enterprise software system designed +to manage enterprise Public Key Infrastructure (PKI) deployments. + +The Dogtag Token Key Service is an optional PKI subsystem that +manages the master key(s) and the transport key(s) required to generate and +distribute keys for hardware tokens. Dogtag Token Key Service provides +the security between tokens and an instance of Dogtag Token Processing System, +where the security relies upon the relationship between the master key +and the token keys. A Dogtag Token Processing System communicates with a +Dogtag Token Key Service over SSL using client authentication. + +Dogtag Token Key Service helps establish a secure channel (signed and +encrypted) between the token and the Dogtag Token Processing System, +provides proof of presence of the security token during enrollment, and +supports key changeover when the master key changes on the +Dogtag Token Key Service. Tokens with older keys will get new token keys. + +Because of the sensitivity of the data that Dogtag Token Key Service manages, +Dogtag Token Key Service should be set up behind the firewall with +restricted access. + +%prep + +%setup -q + +%build +ant \ + -Dinit.d="rc.d/init.d" \ + -Dproduct.ui.flavor.prefix="" \ + -Dproduct.prefix="pki" \ + -Dproduct="tks" \ + -Dversion="%{version}" + +%install +%define major_version %(echo `echo %{version} | awk -F. '{ print $1 }'`) +%define minor_version %(echo `echo %{version} | awk -F. '{ print $2 }'`) +%define patch_version %(echo `echo %{version} | awk -F. '{ print $3 }'`) + +rm -rf %{buildroot} +cd dist/binary +unzip %{name}-%{version}.zip -d %{buildroot} +cd %{buildroot}%{_datadir}/pki/tks/conf +mv CS.cfg.in CS.cfg +sed -i 's/^preop.product.version=.*$/preop.product.version=%{version}/' %{buildroot}%{_datadir}/pki/tks/conf/CS.cfg +sed -i 's/^cms.version=.*$/cms.version=%{major_version}.%{minor_version}/' %{buildroot}%{_datadir}/pki/tks/conf/CS.cfg +mkdir -p %{buildroot}%{_localstatedir}/lock/pki/tks +mkdir -p %{buildroot}%{_localstatedir}/run/pki/tks +cd %{buildroot}%{_datadir}/pki/tks/setup +mv config.desktop.in config.desktop +cd %{buildroot}%{_javadir}/pki +mv pki-tks.jar pki-tks-%{version}.jar +ln -s pki-tks-%{version}.jar pki-tks.jar + +%clean +rm -rf %{buildroot} + +%post +# This adds the proper /etc/rc*.d links for the script +/sbin/chkconfig --add pki-tksd || : + +%preun +if [ $1 = 0 ] ; then + /sbin/service pki-tksd stop >/dev/null 2>&1 + /sbin/chkconfig --del pki-tksd || : +fi + +%postun +if [ "$1" -ge "1" ] ; then + /sbin/service pki-tksd condrestart >/dev/null 2>&1 || : +fi + +%files +%defattr(-,root,root,-) +%doc LICENSE +%{_initrddir}/* +%{_javadir}/pki/ +%{_datadir}/pki/ +%{_localstatedir}/lock/* +%{_localstatedir}/run/* + +%changelog +* Fri Nov 19 2010 Matthew Harmsen <mharmsen@redhat.com> 9.0.0-1 +- Updated Dogtag 1.3.x --> Dogtag 2.0.0 --> Dogtag 9.0.0. |