[krb5] merge and conditionalize some EL6isms
Nalin Dahyabhai
nalin at fedoraproject.org
Thu Aug 30 18:06:51 UTC 2012
commit ec0380bcae3bc86674d0b991c012c6575ba177d6
Author: Nalin Dahyabhai <nalin at redhat.com>
Date: Thu Aug 30 14:06:23 2012 -0400
merge and conditionalize some EL6isms
- undo rename from krb5-pkinit-openssl to krb5-pkinit on EL6
- version the Obsoletes: on the krb5-pkinit-openssl to krb5-pkinit rename
- reintroduce the init scripts for non-systemd releases
- forward-port %%{_?rawbuild} annotations from EL6 packaging
krb5.spec | 125 +++++++++++++++++++++++++++++++++++++++++++++++++------------
1 files changed, 101 insertions(+), 24 deletions(-)
---
diff --git a/krb5.spec b/krb5.spec
index c9190e3..ef3aa61 100644
--- a/krb5.spec
+++ b/krb5.spec
@@ -1,6 +1,6 @@
%global WITH_LDAP 1
%global WITH_DIRSRV 1
-%if 0%{?fedora} >= 17 || 0%{?rhel} >= 6
+%if 0%{?fedora} >= 17 || 0%{?rhel} > 6
# These next two *will* change.
%global WITH_OPENSSL 1
%global WITH_NSS 0
@@ -10,17 +10,26 @@
%global WITH_NSS 0
%global WITH_SYSVERTO 0
%endif
+# The "move everything to /usr" feature landed in Fedora 17, but we didn't
+# catch up until the Fedora 18 development cycle, at which point we found
+# that some packages were hard-coding paths.
%if 0%{?fedora} > 17 || 0%{?rhel} > 6
%global separate_usr 0
%else
%global separate_usr 1
%endif
+# Systemd landed in Fedora 15, but this package was cut over for Fedora 16.
+%if 0%{?fedora} >= 16 || 0%{?rhel} > 6
+%global WITH_SYSTEMD 1
+%else
+%global WITH_SYSTEMD 0
+%endif
%global gettext_domain mit-krb5
Summary: The Kerberos network authentication system
Name: krb5
Version: 1.10.3
-Release: 1%{?dist}
+Release: 2%{?dist}
# Maybe we should explode from the now-available-to-everybody tarball instead?
# http://web.mit.edu/kerberos/dist/krb5/1.10/krb5-1.10.3-signed.tar
Source0: krb5-%{version}.tar.gz
@@ -45,6 +54,9 @@ Source32: krb5_prop.portreserve
Source33: krb5kdc.logrotate
Source34: kadmind.logrotate
Source35: kdb_check_weak.c
+Source36: kpropd.init
+Source37: kadmind.init
+Source38: krb5kdc.init
Patch5: krb5-1.10-ksu-access.patch
Patch6: krb5-1.10-ksu-path.patch
@@ -83,7 +95,9 @@ BuildRequires: texlive-latex
BuildRequires: keyutils-libs-devel
BuildRequires: libselinux-devel
BuildRequires: pam-devel
+%if %{WITH_SYSTEMD}
BuildRequires: systemd-units
+%endif
# For the test framework.
BuildRequires: perl, dejagnu, tcl-devel
BuildRequires: net-tools
@@ -137,16 +151,24 @@ Kerberos, you need to install this package.
Group: System Environment/Daemons
Summary: The KDC and related programs for Kerberos 5
Requires: %{name}-libs = %{version}-%{release}
-Requires(post): /sbin/install-info
+Requires(post): /sbin/install-info, chkconfig
+%if %{WITH_SYSTEMD}
Requires(post): systemd-sysv
Requires(post): systemd-units
Requires(preun): systemd-units
Requires(postun): systemd-units
+%else
+Requires(preun): chkconfig
+%endif
+Requires(post): initscripts
+Requires(postun): initscripts
# we need 'status -l' to work, and that option was added in 8.99
Requires: initscripts >= 8.99-1
+# used by the triggers
+Requires: chkconfig
# we drop files in its directory, but we don't want to own that directory
Requires: logrotate
-Requires(preun): /sbin/install-info
+Requires(preun): /sbin/install-info, initscripts
# mktemp is used by krb5-send-pr
Requires: coreutils
# we specify /usr/share/dict/words as the default dict_file in kdc.conf
@@ -194,7 +216,7 @@ package contains the basic Kerberos programs (kinit, klist, kdestroy,
kpasswd). If your network uses Kerberos, this package should be
installed on every workstation.
-%if 0%{?fedora} >= 17 || 0%{?rhel} >= 6
+%if 0%{?fedora} >= 17 || 0%{?rhel} > 6
%package pkinit
%else
%package pkinit-openssl
@@ -203,11 +225,11 @@ Summary: The PKINIT module for Kerberos 5
Group: System Environment/Libraries
Requires: %{name}-libs = %{version}-%{release}
%if 0%{?fedora} >= 17 || 0%{?rhel} >= 6
-Obsoletes: krb5-pkinit-openssl
+Obsoletes: krb5-pkinit-openssl < %{version}-%{release}
Provides: krb5-pkinit-openssl = %{version}-%{release}
%endif
-%if 0%{?fedora} >= 17 || 0%{?rhel} >= 6
+%if 0%{?fedora} >= 17 || 0%{?rhel} > 6
%description pkinit
%else
%description pkinit-openssl
@@ -218,7 +240,7 @@ to obtain initial credentials from a KDC using a private key and a
certificate.
%prep
-%setup -q -a 23 -n krb5-%{version}
+%setup -q -a 23
ln -s NOTICE LICENSE
%patch60 -p1 -b .pam
@@ -230,12 +252,12 @@ ln -s NOTICE LICENSE
%patch5 -p1 -b .ksu-access
%patch6 -p1 -b .ksu-path
%patch12 -p1 -b .ktany
-%patch16 -p1 -b .buildconf
-%patch23 -p1 -b .dns
+%patch16 -p1 -b .buildconf %{?_rawbuild}
+%patch23 -p1 -b .dns %{?_rawbuild}
%patch29 -p1 -b .kprop-mktemp
-%patch30 -p1 -b .send-pr-tempfile
+%patch30 -p1 -b .send-pr-tempfile %{?_rawbuild}
%patch39 -p1 -b .api
-%patch56 -p1 -b .doublelog
+%patch56 -p1 -b .doublelog %{?_rawbuild}
%patch59 -p1 -b .kpasswd_tcp
%patch71 -p1 -b .dirsrv-accountlock
#%patch75 -p1 -b .pkinit-debug
@@ -264,11 +286,13 @@ chmod -x doc/krb5-protocol/*.txt doc/*.html doc/*/*.html
# Rename the man pages so that they'll get generated correctly. Uses the
# "krb5-1.8-manpaths.txt" source file.
-pushd src
-cat %{SOURCE25} | while read manpage ; do
- mv "$manpage" "$manpage".in
-done
-popd
+if test -z "%{?_rawbuild}" ; then
+ pushd src
+ cat %{SOURCE25} | while read manpage ; do
+ mv "$manpage" "$manpage".in
+ done
+ popd
+fi
# Check that the PDFs we built earlier match this source tree, using the
# "krb5-tex-pdf.sh" source file.
@@ -383,16 +407,31 @@ mkdir -p $RPM_BUILD_ROOT/etc
install -pm 644 %{SOURCE6} $RPM_BUILD_ROOT/etc/krb5.conf
# Server init scripts (krb5kdc,kadmind,kpropd) and their sysconfig files.
+%if %{WITH_SYSTEMD}
mkdir -p $RPM_BUILD_ROOT%{_unitdir}
-for init in \
+for unit in \
%{SOURCE5}\
%{SOURCE4} \
%{SOURCE2} ; do
# In the past, the init script was supposed to be named after the
# service that the started daemon provided. Changing their names
# is an upgrade-time problem I'm in no hurry to deal with.
- install -pm 644 ${init} $RPM_BUILD_ROOT%{_unitdir}
+ install -pm 644 ${unit} $RPM_BUILD_ROOT%{_unitdir}
done
+%else
+mkdir -p $RPM_BUILD_ROOT/etc/rc.d/init.d
+for init in \
+ %{SOURCE36}\
+ %{SOURCE37} \
+ %{SOURCE38} ; do
+ # In the past, the init script was supposed to be named after the
+ # service that the started daemon provided. Changing their names
+ # is an upgrade-time problem I'm in no hurry to deal with.
+ service=`basename ${init} .init`
+ install -pm 755 ${init} \
+ $RPM_BUILD_ROOT/etc/rc.d/init.d/${service%d}
+done
+%endif
mkdir -p $RPM_BUILD_ROOT/etc/sysconfig
for sysconfig in \
%{SOURCE19}\
@@ -475,12 +514,19 @@ install -m 755 kdb_check_weak $RPM_BUILD_ROOT/%{_libdir}/krb5/
%postun server-ldap -p /sbin/ldconfig
%post server
+# Remove the init script for older servers.
+[ -x /etc/rc.d/init.d/krb5server ] && /sbin/chkconfig --del krb5server
+%if %{WITH_SYSTEMD}
if [ $1 -eq 1 ] ; then
# Initial installation
/bin/systemctl daemon-reload >/dev/null 2>&1 || :
fi
-# Remove the init script for older servers.
-[ -x /etc/rc.d/init.d/krb5server ] && /sbin/chkconfig --del krb5server
+%else
+# Install the new ones.
+/sbin/chkconfig --add krb5kdc
+/sbin/chkconfig --add kadmin
+/sbin/chkconfig --add kprop
+%endif
# Install info pages.
/sbin/install-info %{_infodir}/krb5-admin.info.gz %{_infodir}/dir
/sbin/install-info %{_infodir}/krb5-install.info.gz %{_infodir}/dir
@@ -488,25 +534,44 @@ exit 0
%preun server
if [ "$1" -eq "0" ] ; then
+%if %{WITH_SYSTEMD}
/bin/systemctl --no-reload disable krb5kdc.service > /dev/null 2>&1 || :
/bin/systemctl --no-reload disable kadmin.service > /dev/null 2>&1 || :
/bin/systemctl --no-reload disable kprop.service > /dev/null 2>&1 || :
/bin/systemctl stop krb5kdc.service > /dev/null 2>&1 || :
/bin/systemctl stop kadmin.service > /dev/null 2>&1 || :
/bin/systemctl stop kprop.service > /dev/null 2>&1 || :
+%else
+ /sbin/chkconfig --del krb5kdc
+ /sbin/chkconfig --del kadmin
+ /sbin/chkconfig --del kprop
+ /sbin/service krb5kdc stop > /dev/null 2>&1 || :
+ /sbin/service kadmin stop > /dev/null 2>&1 || :
+ /sbin/service kprop stop > /dev/null 2>&1 || :
+%endif
/sbin/install-info --delete %{_infodir}/krb5-admin.info.gz %{_infodir}/dir
/sbin/install-info --delete %{_infodir}/krb5-install.info.gz %{_infodir}/dir
fi
exit 0
%postun server
+%if %{WITH_SYSTEMD}
/bin/systemctl daemon-reload >/dev/null 2>&1 || :
-if [ $1 -ge 1 ] ; then
+if [ "$1" -ge 1 ] ; then
/bin/systemctl try-restart krb5kdc.service >/dev/null 2>&1 || :
/bin/systemctl try-restart kadmin.service >/dev/null 2>&1 || :
/bin/systemctl try-restart kprop.service >/dev/null 2>&1 || :
fi
+%else
+if [ "$1" -ge 1 ] ; then
+ /sbin/service krb5kdc condrestart > /dev/null 2>&1 || :
+ /sbin/service kadmin condrestart > /dev/null 2>&1 || :
+ /sbin/service kprop condrestart > /dev/null 2>&1 || :
+fi
+%endif
+exit 0
+%if %{WITH_SYSTEMD}
%triggerun server -- krb5-server < 1.9.1-13
# Save the current service runlevel info
# User must manually run
@@ -525,6 +590,7 @@ fi
/bin/systemctl try-restart krb5kdc.service >/dev/null 2>&1 || :
/bin/systemctl try-restart kadmin.service >/dev/null 2>&1 || :
/bin/systemctl try-restart kprop.service >/dev/null 2>&1 || :
+%endif
%triggerun server -- krb5-server < 1.6.3-100
if [ "$2" -eq "0" ] ; then
@@ -588,10 +654,15 @@ exit 0
%files server
%defattr(-,root,root,-)
%docdir %{_mandir}
-
+%if %{WITH_SYSTEMD}
%{_unitdir}/krb5kdc.service
%{_unitdir}/kadmin.service
%{_unitdir}/kprop.service
+%else
+/etc/rc.d/init.d/krb5kdc
+/etc/rc.d/init.d/kadmin
+/etc/rc.d/init.d/kprop
+%endif
%config(noreplace) /etc/sysconfig/krb5kdc
%config(noreplace) /etc/sysconfig/kadmin
%config(noreplace) /etc/portreserve/kerberos-iv
@@ -715,7 +786,7 @@ exit 0
%{_libdir}/libverto.so.*
%endif
-%if 0%{?fedora} >= 17 || 0%{?rhel} >= 6
+%if 0%{?fedora} >= 17 || 0%{?rhel} > 6
%files pkinit
%else
%files pkinit-openssl
@@ -766,6 +837,12 @@ exit 0
%{_sbindir}/uuserver
%changelog
+* Thu Aug 30 2012 Nalin Dahyabhai <nalin at redhat.com> 1.10.3-2
+- undo rename from krb5-pkinit-openssl to krb5-pkinit on EL6
+- version the Obsoletes: on the krb5-pkinit-openssl to krb5-pkinit rename
+- reintroduce the init scripts for non-systemd releases
+- forward-port %%{_?rawbuild} annotations from EL6 packaging
+
* Thu Aug 9 2012 Nalin Dahyabhai <nalin at redhat.com> 1.10.3-1
- update to 1.10.3, rolling in the fixes from MITKRB5-SA-2012-001
More information about the scm-commits
mailing list