summaryrefslogtreecommitdiffstats
path: root/specs/dogtag-pki.spec
blob: 94a76339bc12ece4a7680fb295699bdfac29c5f1 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
# for a pre-release, define the prerel field e.g. .a1 .rc2 - comment out for official release
# also remove the space between % and global - this space is needed because
# fedpkg verrel stupidly ignores comment lines
%global prerel .b2
# also need the relprefix field for a pre-release e.g. .0 - also comment out for official release
%global relprefix 0.

Summary:          Dogtag Public Key Infrastructure (PKI) Suite
Name:             dogtag-pki
Version:          10.0.0
Release:          %{?relprefix}14%{?prerel}%{?dist}
# The entire source code is GPLv2 except for 'pki-tps' which is LGPLv2
License:          GPLv2 and LGPLv2
URL:              http://pki.fedoraproject.org/
Group:            System Environment/Daemons
BuildRoot:        %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildArch:        noarch

# Establish MINIMUM package versions based upon platform
%if 0%{?fedora} >= 18
%define dogtag_pki_theme_version   10.0.0
%define esc_version                1.1.0
%define jss_version                4.2.6-24
%define pki_core_version           10.0.0
%define pki_kra_version            10.0.0
%define pki_ocsp_version           10.0.0
%define pki_ra_version             10.0.0
%define pki_tks_version            10.0.0
%define pki_tps_version            10.0.0
%define pki_console_version        10.0.0
%define tomcatjss_version          7.0.0-3
%else
%if 0%{?fedora} >= 17
%define dogtag_pki_theme_version   10.0.0
%define esc_version                1.1.0
%define jss_version                4.2.6-24
%define pki_core_version           10.0.0
%define pki_kra_version            10.0.0
%define pki_ocsp_version           10.0.0
%define pki_ra_version             10.0.0
%define pki_tks_version            10.0.0
%define pki_tps_version            10.0.0
%define pki_console_version        10.0.0
%define tomcatjss_version          7.0.0-3
%else
%if 0%{?fedora} >= 16
%define dogtag_pki_theme_version   10.0.0
%define esc_version                1.1.0
%define jss_version                4.2.6-24
%define pki_core_version           10.0.0
%define pki_kra_version            10.0.0
%define pki_ocsp_version           10.0.0
%define pki_ra_version             10.0.0
%define pki_tks_version            10.0.0
%define pki_tps_version            10.0.0
%define pki_console_version        10.0.0
%define tomcatjss_version          6.0.2
%else
%define dogtag_pki_theme_version   10.0.0
%define esc_version                1.1.0
%define jss_version                4.2.6-24
%define pki_core_version           10.0.0
%define pki_kra_version            10.0.0
%define pki_ocsp_version           10.0.0
%define pki_ra_version             10.0.0
%define pki_tks_version            10.0.0
%define pki_tps_version            10.0.0
%define pki_console_version        10.0.0
%define tomcatjss_version          2.0.0
%endif
%endif
%endif

Requires:         apache-commons-codec

# Make certain that this 'meta' package requires the latest version(s)
# of ALL top-level Dogtag PKI support packages
Requires:         jss >= %{jss_version}
Requires:         tomcatjss >= %{tomcatjss_version}

# Make certain that this 'meta' package requires the latest version(s)
# of ALL top-level Dogtag PKI support javadocs
Requires:         jss-javadoc >= %{jss_version}

# Make certain that this 'meta' package requires the latest version(s)
# of ALL Dogtag PKI theme packages
Requires:         dogtag-pki-ca-theme >= %{dogtag_pki_theme_version}
Requires:         dogtag-pki-server-theme >= %{dogtag_pki_theme_version}
Requires:         dogtag-pki-console-theme >= %{dogtag_pki_theme_version}
Requires:         dogtag-pki-kra-theme >= %{dogtag_pki_theme_version}
Requires:         dogtag-pki-ocsp-theme >= %{dogtag_pki_theme_version}
Requires:         dogtag-pki-ra-theme >= %{dogtag_pki_theme_version}
Requires:         dogtag-pki-tks-theme >= %{dogtag_pki_theme_version}
Requires:         dogtag-pki-tps-theme >= %{dogtag_pki_theme_version}

# Make certain that this 'meta' package requires the latest version(s)
# of ALL Dogtag PKI core packages
Requires:         pki-ca >= %{pki_core_version}
Requires:         pki-server >= %{pki_core_version}
Requires:         pki-tools >= %{pki_core_version}
Requires:         pki-symkey >= %{pki_core_version}
Requires:         pki-base >= %{pki_core_version}

%if 0%{?fedora} <= 17
Requires:         pki-selinux >= %{pki_core_version}
%else
Requires:         selinux-policy-base >= 3.11.1-43
%endif

# Make certain that this 'meta' package requires the latest version(s)
# of ALL Dogtag PKI core javadocs
Requires:         pki-javadoc >= %{pki_core_version}

# Make certain that this 'meta' package requires the latest version(s)
# of ALL other Dogtag PKI subsystems
Requires:         pki-kra >= %{pki_kra_version}
Requires:         pki-ocsp >= %{pki_ocsp_version}
Requires:         pki-ra >= %{pki_ra_version}
Requires:         pki-tks >= %{pki_tks_version}
Requires:         pki-tps >= %{pki_tps_version}

# Make certain that this 'meta' package requires the latest version(s)
# of Dogtag PKI console
Requires:         pki-console >= %{pki_console_version}

# Make certain that this 'meta' package requires the latest version(s)
# of ALL Dogtag PKI clients
Requires:         esc >= %{esc_version}

# NOTE:  Several PKI packages require a "virtual" theme component.  These
#        "virtual" theme components are "Provided" by various theme "flavors"
#        including "dogtag", "redhat", and "ipa".  Consequently,
#        all "dogtag", "redhat", and "ipa" theme components MUST be
#        mutually exclusive!
#
#        On Fedora systems, the "dogtag" theme packages are the ONLY available
#        theme components.
#
#        Similarly, the "ipa" theme packages are ONLY available on RHEL
#        systems, and represent the default theme components.
#
#        Alternatively, on RHEL systems, if the "dogtag" theme packages are
#        available as EPEL packages, while they may be used as a transparent
#        replacement for their corresponding "ipa" theme package, they are not
#        intended to be used as a replacement for their corresponding "redhat"
#        theme components.
#
#        Finally, if available for a RHEL system (e. g. - RHCS subscription),
#        each "redhat" theme package MUST be used as a transparent replacement
#        for its corresponding "ipa" theme package or "dogtag" theme package.
Obsoletes:        ipa-pki
Conflicts:        redhat-pki

%description
The Dogtag Public Key Infrastructure (PKI) Suite is comprised of the following
six subsystems and a client (for use by a Token Management System):

  * Certificate Authority (CA)
  * Data Recovery Manager (DRM)
  * Online Certificate Status Protocol (OCSP) Manager
  * Registration Authority (RA)
  * Token Key Service (TKS)
  * Token Processing System (TPS)
  * Enterprise Security Client (ESC)

Additionally, it provides a console GUI application used for server and
user/group administration of CA, DRM, OCSP, and TKS, javadocs on portions
of the Dogtag API, as well as various command-line tools used to assist with
a PKI deployment.

To successfully deploy instances of a CA, DRM, OCSP, or TKS,
a Tomcat Web Server must be up and running locally on this machine.

To successfully deploy instances of an RA, or TPS,
an Apache Web Server must be up and running locally on this machine.

To meet the database storage requirements of each CA, DRM, OCSP, TKS, or TPS
instance, a 389 Directory Server must be up and running either locally on
this machine, or remotely over the attached network connection.

To meet the database storage requirements of an RA, an SQLite database will
be created locally on this machine each time a new RA instance is created.

After installation of this package, use the 'pkicreate' and 'pkiremove'
utilities to respectively create and remove PKI instances.

%prep
cat > README <<EOF
This package is just a "meta-package" whose dependencies pull in all of the
packages comprising the Dogtag Public Key Infrastructure (PKI) Suite.
EOF

%install
rm -rf %{buildroot}

%files
%defattr(-,root,root,-)
%doc README

%changelog
* Thu Nov 8 2012 Endi S. Dewata <edewata@redhat.com> 10.0.0-0.14.b2
- Renamed dogtag-pki-common-theme to dogtag-pki-server-theme.

* Mon Oct 29 2012 Ade Lee <alee@redhat.com> 10.0.0-0.13.b2
- Update release to b2

* Tue Oct 23 2012 Ade Lee <alee@redhat.com> 10.0.0-0.12.b1
- Remove pki-selinux from f18 build

* Fri Oct 12 2012 Ade Lee <alee@redhat.com> 10.0.0-0.11.b1
- Update tomcatjss version

* Mon Oct 8 2012 Ade Lee <alee@redhat.com> 10.0.0-0.10.b1
- Update release to b1

* Fri Oct 5 2012 Endi S. Dewata <edewata@redhat.com> 10.0.0-0.10.a2
- Merged pki-silent into pki-server.

* Mon Oct 1 2012 Ade Lee <alee@redhat.com> 10.0.0-0.9.a2
- Update release to a2

* Mon Sep 24 2012 Endi S. Dewata <edewata@redhat.com> 10.0.0-0.9.a1
- Merged pki-setup into pki-server
- Fixed pki-javadoc dependency

* Wed Aug 22 2012 Endi S. Dewata <edewata@redhat.com> 10.0.0-0.8.a1
- Replaced pki-native-tools and pki-java-tools with pki-tools

* Wed Aug 22 2012 Endi S. Dewata <edewata@redhat.com> 10.0.0-0.7.a1
- Replaced pki-util, pki-deploy, pki-common with pki-base and pki-server

* Tue Aug 14 2012 Matthew Harmsen <mharmsen@redhat.com> 10.0.0-0.6.a1
- Updated release of 'tomcatjss' to rely on Tomcat 7 for Fedora 17
- Added 'pki-deploy' runtime dependency

* Thu Jun 14 2012 Matthew Harmsen <mharmsen@redhat.com> 10.0.0-0.5.a1
- Updated release of 'tomcatjss' to rely on Tomcat 7 for Fedora 18

* Thu Apr  5 2012 Christina Fu <cfu@redhat.com> 10.0.0-0.4.a1
- Bug 745278 - [RFE] ECC encryption keys cannot be archived

* Wed Feb 22 2012 Endi S. Dewata <edewata@redhat.com> 10.0.0-0.3.a1
- Removed dependency on OSUtil.

* Wed Feb 22 2012 Endi S. Dewata <edewata@redhat.com> 10.0.0-0.2.a1
- Added dependency on Apache Commons Codec.

* Wed Feb  1 2012 Nathan Kinder <nkinder@redhat.com> 10.0.0-0.1.a1
- Updated package version number

* Fri Oct 28 2011 Matthew Harmsen <mharmsen@redhat.com> 9.0.8-1
- Bugzilla Bug #749927 - Java class conflicts using Java 7 in Fedora 17
  (rawhide) . . .
- Bugzilla Bug #749945 - Installation error reported during CA, DRM,
  OCSP, and TKS package installation . . .

* Thu Sep 22 2011 Matthew Harmsen <mharmsen@redhat.com> 9.0.7-1
- Bugzilla Bug #734590 - Refactor JNI libraries for Fedora 16+ . . . (mharmsen)
- Bugzilla Bug #699809 - Convert CS to use systemd (alee)

* Mon Sep 12 2011 Matthew Harmsen <mharmsen@redhat.com> 9.0.0-6
- Bugzilla Bug #734590 - Refactor JNI libraries for Fedora 16+ . . .
- Established MINIMUM package versions based upon platform

* Thu Jul 14 2011 Matthew Harmsen <mharmsen@redhat.com> 9.0.0-5
- Bugzilla Bug #669226 - Remove Legacy Build System
- Updated release of 'tomcatjss' for Fedora 15

* Wed Jul 13 2011 Matthew Harmsen <mharmsen@redhat.com> 9.0.0-4
- Updated release of 'osutil' for Fedora 15
- Updated release of 'jss' and 'jss-javadoc'

* Tue Apr 5 2011 Matthew Harmsen <mharmsen@redhat.com> 9.0.0-3
- Bugzilla Bug #690950 - Update Dogtag Packages for Fedora 15 (beta)
- Bugzilla Bug #693327 - Missing requires: tomcatjss

* Fri Mar 25 2011 Matthew Harmsen <mharmsen@redhat.com> 9.0.0-2
- Bugzilla Bug #690950 - Update Dogtag Packages for Fedora 15 (beta)
- Require "tomcatjss >= 2.1.1" as a build and runtime requirement
  for Fedora 15 and later platforms

* Wed Mar 23 2011 Matthew Harmsen <mharmsen@redhat.com> 9.0.0-1
- Updated Dogtag 1.3.x --> Dogtag 2.0.0 --> Dogtag 9.0.0.