From fe389a989ca983779e0abd34018c61f805deeea4 Mon Sep 17 00:00:00 2001 From: mharmsen Date: Fri, 28 Nov 2008 21:10:42 +0000 Subject: Bugzilla Bug #445402: Rename 'linux' to 'dogtag'. git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@148 c9f7a03b-bd48-0410-a16d-cbbf54688b0b --- pki/dogtag/tks/pki-tks.spec | 310 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 310 insertions(+) create mode 100644 pki/dogtag/tks/pki-tks.spec (limited to 'pki/dogtag/tks/pki-tks.spec') diff --git a/pki/dogtag/tks/pki-tks.spec b/pki/dogtag/tks/pki-tks.spec new file mode 100644 index 000000000..85cd5a550 --- /dev/null +++ b/pki/dogtag/tks/pki-tks.spec @@ -0,0 +1,310 @@ +# BEGIN COPYRIGHT BLOCK +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# +# (C) 2007 Red Hat, Inc. +# All rights reserved. +# END COPYRIGHT BLOCK + +############################################################################### +### D E F I N I T I O N S ### +############################################################################### + +## Entity Definitions +%define base_entity Dogtag +%define base_flavor fedora +%define base_prefix pki + +## Product Definitions +%define base_system Certificate System +%define base_product Token Key Service +%define base_component tks +%define base_pki %{base_entity} %{base_system} + +## Package Header Definitions +%define base_name %{base_prefix}-%{base_component} +%define base_version 1.0.0 +%define base_release 6 +%define base_group System Environment/Daemons +%define base_vendor Red Hat, Inc. +%define base_license GPLv2 with exceptions +%define base_packager %{base_vendor} +%define base_summary %{base_pki} - %{base_product} +%define base_url http://pki-svn.fedora.redhat.com/wiki/PKI_Documentation + +## Pre & Post Install/Uninstall Scripts Definitions +%define base_user pkiuser + +## Helper Definitions +%define pki_ca %{base_entity} Certificate Authority +%define pki_drm %{base_entity} Data Recovery Manager +%define pki_ds Fedora Directory Server +%define pki_ocsp %{base_entity} Online Certificate Status Protocol Manager +%define pki_ra %{base_entity} Registration Authority +%define pki_tks %{base_entity} Token Key Service +%define pki_tps %{base_entity} Token Processing System + +## Don't build the debug packages +%define debug_package %{nil} + + +##===================## +## Linux Definitions ## +##===================## +%ifos Linux +## check for presence of UI packages +%define linux_ui %(echo `rpm -q --quiet %{base_name}-ui; echo $?`) +%define fedora_ui %(echo `rpm -q --quiet %{base_flavor}-%{base_name}-ui; echo $?`) + +%if !%{linux_ui} +## if the Linux UI package is present, default to using it first +%define base_ui %{base_name}-ui +%else +%if !%{fedora_ui} +## otherwise, if the Fedora UI package is present, use it instead +%define base_ui %{base_flavor}-%{base_name}-ui +%else +## finally, if neither the Linux nor the Fedora UI packages are present, +## set base_ui to be equal to the Linux UI package to ALWAYS produce a +## "BuildRequires" dependency failure of "%{base_name}-ui" +%define base_ui %{base_name}-ui +%endif +%endif + +## For PKI version information, ALWAYS refer to the version of +## the UI package dependency associated with this spec file! +%define pki_version %(echo `rpm -q --queryformat '%{VERSION}' %{base_ui}`) +%define pki_major_version %(echo `echo %{pki_version} | awk -F. '{ print $1 }'`) +%define pki_minor_version %(echo `echo %{pki_version} | awk -F. '{ print $2 }'`) +%define pki_patch_version %(echo `echo %{pki_version} | awk -F. '{ print $3 }'`) + +## A distribution model is required on certain Linux operating systems! +## +## check for a pre-defined distribution model +%define undefined_distro %(test "%{dist}" = "" && echo 1 || echo 0) +%if %{undefined_distro} +%define is_fedora %(test -e /etc/fedora-release && echo 1 || echo 0) +%if %{is_fedora} +## define a default distribution model on Fedora Linux +%define dist_prefix .fc +%define dist_version %(echo `rpm -qf --qf='%{VERSION}' /etc/fedora-release` | tr -d [A-Za-z]) +%define dist %{dist_prefix}%{dist_version} +%else +%define is_redhat %(test -e /etc/redhat-release && echo 1 || echo 0) +%if %{is_redhat} +## define a default distribution model on Red Hat Linux +%define dist_prefix .el +%define dist_version %(echo `rpm -qf --qf='%{VERSION}' /etc/redhat-release` | tr -d [A-Za-z]) +%define dist %{dist_prefix}%{dist_version} +%endif +%endif +%endif +%endif + + + +############################################################################### +### P A C K A G E H E A D E R ### +############################################################################### + +Name: %{base_name} +Version: %{base_version} +Release: %{base_release}%{?dist} +Summary: %{base_summary} +Vendor: %{base_vendor} +URL: %{base_url} +License: %{base_license} +Packager: %{base_packager} +Group: %{base_group} + + +## Without AutoReqProv: no, rpmbuild finds all sorts of crazy +## dependencies that we don't care about, and refuses to install +AutoReqProv: no + +BuildArch: noarch +BuildRoot: %{_builddir}/%{base_name}-root + + +## NOTE: This spec file may require a specific JDK, "gcc", and/or "gcc-c++" +## packages as well as the "rpm" and "rpm-build" packages. +## +## Technically, "ant" should not need to be in "BuildRequires" since +## it is the Java equivalent of "make" (and/or "Autotools"). +## +BuildRequires: ant >= 1.6.2, %{base_ui} >= 1.0.0, %{base_prefix}-common >= 1.0.0, %{base_prefix}-util >= 1.0.0, java-devel >= 1.6.0, jpackage-utils >= 1.6.0, jss >= 4.2.4 + +## Without Requires something, rpmbuild will abort! +Requires: %{base_name}-ui, %{base_prefix}-common >= 1.0.0 + + +## This package is non-relocatable! +#Prefix: + +Source0: %{base_name}-%{base_version}.tar.gz + +## This package currently contains no patches! +#Patch0: + + +%description +%{base_pki} is an enterprise software system designed +to manage enterprise Public Key Infrastructure (PKI) deployments. + +The %{pki_tks} is an optional PKI subsystem that +manages the master key(s) and the transport key(s) required to generate and +distribute keys for hardware tokens. %{pki_tks} provides +the security between tokens and an instance of %{pki_tps}, +where the security relies upon the relationship between the master key +and the token keys. A %{pki_tps} communicates with a +%{pki_tks} over SSL using client authentication. + +%{pki_tks} helps establish a secure channel (signed and +encrypted) between the token and the %{pki_tps}, +provides proof of presence of the security token during enrollment, and +supports key changeover when the master key changes on the +%{pki_tks}. Tokens with older keys will get new token keys. + +Because of the sensitivity of the data that %{pki_tks} manages, +%{pki_tks} should be set up behind the firewall with +restricted access. + + + +############################################################################### +### P R E P A R A T I O N & S E T U P ### +############################################################################### + +## On Linux systems, prep and setup expect there to be a Source file +## in the /usr/src/redhat/SOURCES directory - it will be unpacked +## in the _builddir (not BuildRoot) +%prep + + +%setup -q + + +## This package currently contains no patches! +#%patch0 +# patches + + + +############################################################################### +### B U I L D P R O C E S S ### +############################################################################### + +%build +ant -Dspecfile=%{base_name}.spec + + + +############################################################################### +### I N S T A L L A T I O N P R O C E S S ### +############################################################################### + +%install +cd dist/binary +unzip %{name}-%{version}.zip -d ${RPM_BUILD_ROOT} +sed -i 's/^preop.product.version=.*$/preop.product.version=%{pki_version}/' ${RPM_BUILD_ROOT}/usr/share/%{base_prefix}/%{base_component}/conf/CS.cfg +sed -i 's/^cms.version=.*$/cms.version=%{pki_major_version}.%{pki_minor_version}/' ${RPM_BUILD_ROOT}/usr/share/%{base_prefix}/%{base_component}/conf/CS.cfg +cd ${RPM_BUILD_ROOT}/usr/share/java/%{base_prefix}/%{base_component} +mv %{base_component}.jar %{base_component}-%{version}.jar +ln -s %{base_component}-%{version}.jar %{base_component}.jar + + + +############################################################################### +### C L E A N U P P R O C E S S ### +############################################################################### + +%clean +rm -rf ${RPM_BUILD_ROOT} + + + +############################################################################### +### P R E & P O S T I N S T A L L / U N I N S T A L L S C R I P T S ### +############################################################################### + +%pre +if [ `grep -c %{base_user} /etc/group` -eq 0 ] ; then + groupadd %{base_user} +fi +if [ `grep -c %{base_user} /etc/passwd` -eq 0 ] ; then + # SELinux policy requires a shell of /sbin/nologin + useradd -g %{base_user} -d %{_datadir}/%{base_prefix} -s /sbin/nologin -c "%{base_pki}" -m %{base_user} +fi + + +%post +chmod 00755 %{_datadir}/%{base_prefix}/%{base_component}/setup/postinstall +%{_datadir}/%{base_prefix}/%{base_component}/setup/postinstall %{base_prefix} %{base_component} %{base_version} %{base_release} +echo "" +echo "Install finished." + + +%preun +if [ -x /etc/init.d/%{base_name} ] ; then + /etc/init.d/%{base_name} stop +fi + + +## This package currently contains no post-uninstallation process! +#%postun + + + +############################################################################### +### I N V E N T O R Y O F F I L E S A N D D I R E C T O R I E S ### +############################################################################### + +%files +%attr(-,root,root) %{_datadir}/doc/%{base_name}-%{base_version}/* +%attr(-,root,root) %{_datadir}/java/%{base_prefix}/%{base_component} +%attr(-,root,root) %{_datadir}/%{base_prefix}/%{base_component}/acl +%attr(-,root,root) %{_datadir}/%{base_prefix}/%{base_component}/alias +%attr(00660,root,root) %{_datadir}/%{base_prefix}/%{base_component}/conf/CS.cfg +%attr(-,root,root) %{_datadir}/%{base_prefix}/%{base_component}/conf/[a-z]* +%attr(-,root,root) %{_datadir}/%{base_prefix}/%{base_component}/etc +%attr(00770,root,root) %{_datadir}/%{base_prefix}/%{base_component}/logs/signedAudit +%attr(-,root,root) %{_datadir}/%{base_prefix}/%{base_component}/setup +%attr(-,root,root) %{_datadir}/%{base_prefix}/%{base_component}/shared +%attr(-,root,root) %{_datadir}/%{base_prefix}/%{base_component}/temp +%attr(-,root,root) %{_datadir}/%{base_prefix}/%{base_component}/webapps +%attr(-,root,root) %{_datadir}/%{base_prefix}/%{base_component}/work + + + +############################################################################### +### C H A N G E L O G ### +############################################################################### + +%changelog +* Mon Nov 24 2008 Ade Lee 1.0.0-6 +- Bugzilla Bug #237727 - selinux changes to init script +* Sat Nov 22 2008 Matthew Harmsen 1.0.0-5 +- Bugzilla Bug #472305 - "equality" tests in all spec files need to be fixed +- Bumped "java" and "java-devel" 1.4.2 and 1.5.0 dependencies to 1.6.0 +- Changed "java-sdk" to "java-devel" for consistency +* Fri Oct 10 2008 Jack Magne 1.0.0-4 +- Fix for port separation bug #466188. +* Thu Jul 10 2008 Jack Magne 1.0.0-3 +- Fix for bug #458337. +* Mon Jun 9 2008 Matthew Harmsen 1.0.0-2 +- Bugzilla Bug #450345: Port Dogtag 1.0.0 to + Fedora 9 (32-bit i386 & 64-bit x86_64). +* Tue Feb 19 2008 PKI Team 1.0.0-1 +- Initial open source version based upon proprietary + Red Hat Certificate System (RHCS) 7.3. + -- cgit