[pki-core/f14/master] - Bugzilla Bug #668839 - Review Request: pki-core - Removed empty "pre" from "pki-ca" - Consolid
kwright
kwright at fedoraproject.org
Tue Jan 18 18:06:35 UTC 2011
commit 0d45d2bf38aaed9855c59787e205789eba46144e
Author: Kevin Wright <kwright at redhat.com>
Date: Tue Jan 18 10:06:20 2011 -0800
- Bugzilla Bug #668839 - Review Request: pki-core
- Removed empty "pre" from "pki-ca"
- Consolidated directory ownership
- Corrected file ownership within subpackages
- Removed all versioning from NSS and NSPR packages
.gitignore | 1 +
clog | 5 +
pki-core.spec | 570 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++
sources | 1 +
4 files changed, 577 insertions(+), 0 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index e69de29..64e17eb 100644
--- a/.gitignore
+++ b/.gitignore
@@ -0,0 +1 @@
+/pki-core-9.0.0.tar.gz
diff --git a/clog b/clog
new file mode 100644
index 0000000..d028771
--- /dev/null
+++ b/clog
@@ -0,0 +1,5 @@
+- Bugzilla Bug #668839 - Review Request: pki-core
+- Removed empty "pre" from "pki-ca"
+- Consolidated directory ownership
+- Corrected file ownership within subpackages
+- Removed all versioning from NSS and NSPR packages
diff --git a/pki-core.spec b/pki-core.spec
new file mode 100644
index 0000000..115d4f3
--- /dev/null
+++ b/pki-core.spec
@@ -0,0 +1,570 @@
+Name: pki-core
+Version: 9.0.0
+Release: 3%{?dist}
+Summary: Certificate System - PKI Core Components
+URL: http://pki.fedoraproject.org/
+License: GPLv2
+Group: System Environment/Daemons
+
+BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+
+# jss requires versioning to meet both build and runtime requirements
+# tomcatjss requires versioning since version 2.0.0 requires tomcat6
+# pki-common-theme requires versioning to meet runtime requirements
+# pki-ca-theme requires versioning to meet runtime requirements
+BuildRequires: cmake
+BuildRequires: java-devel >= 1:1.6.0
+BuildRequires: jpackage-utils
+BuildRequires: jss >= 4.2.6-12
+BuildRequires: ldapjdk
+BuildRequires: nspr-devel
+BuildRequires: nss-devel
+BuildRequires: openldap-devel
+BuildRequires: osutil
+BuildRequires: pkgconfig
+BuildRequires: policycoreutils
+BuildRequires: selinux-policy-devel
+BuildRequires: tomcatjss >= 2.0.0
+BuildRequires: velocity
+BuildRequires: xalan-j2
+BuildRequires: xerces-j2
+
+Source0: http://pki.fedoraproject.org/pki/sources/%{name}/%{name}-%{version}.tar.gz
+
+%if 0%{?rhel}
+ExcludeArch: ppc ppc64 s390 s390x
+%endif
+
+%global saveFileContext() \
+if [ -s /etc/selinux/config ]; then \
+ . %{_sysconfdir}/selinux/config; \
+ FILE_CONTEXT=%{_sysconfdir}/selinux/%1/contexts/files/file_contexts; \
+ if [ "${SELINUXTYPE}" == %1 -a -f ${FILE_CONTEXT} ]; then \
+ cp -f ${FILE_CONTEXT} ${FILE_CONTEXT}.%{name}; \
+ fi \
+fi;
+
+%global relabel() \
+. %{_sysconfdir}/selinux/config; \
+FILE_CONTEXT=%{_sysconfdir}/selinux/%1/contexts/files/file_contexts; \
+selinuxenabled; \
+if [ $? == 0 -a "${SELINUXTYPE}" == %1 -a -f ${FILE_CONTEXT}.%{name} ]; then \
+ fixfiles -C ${FILE_CONTEXT}.%{name} restore; \
+ rm -f ${FILE_CONTEXT}.%name; \
+fi;
+
+%global overview \
+================================== \
+|| ABOUT "CERTIFICATE SYSTEM" || \
+================================== \
+ \
+Certificate System (CS) is an enterprise software system designed \
+to manage enterprise Public Key Infrastructure (PKI) deployments. \
+ \
+PKI Core contains fundamental packages required by Certificate System, \
+and consists of the following components: \
+ \
+ * pki-setup \
+ * pki-symkey \
+ * pki-native-tools \
+ * pki-util \
+ * pki-util-javadoc \
+ * pki-java-tools \
+ * pki-java-tools-javadoc \
+ * pki-common \
+ * pki-common-javadoc \
+ * pki-selinux \
+ * pki-ca \
+ * pki-silent \
+ \
+which comprise the following PKI subsystems: \
+ \
+ * Certificate Authority (CA) \
+ \
+For deployment purposes, Certificate System requires ONE AND ONLY ONE \
+of the following "Mutually-Exclusive" PKI Theme packages: \
+ \
+ * ipa-pki-theme (IPA deployments) \
+ * dogtag-pki-theme (Dogtag Certificate System deployments) \
+ * redhat-pki-theme (Red Hat Certificate System deployments) \
+ \
+%{nil}
+
+%description %{overview}
+
+
+%package -n pki-setup
+Summary: Certificate System - PKI Instance Creation & Removal Scripts
+Group: System Environment/Base
+
+BuildArch: noarch
+
+Requires: perl-Crypt-SSLeay
+Requires: policycoreutils
+Requires: openldap-clients
+
+%description -n pki-setup
+PKI setup scripts are used to create and remove instances from PKI deployments.
+
+This package is a part of the PKI Core used by the Certificate System.
+
+%{overview}
+
+
+%package -n pki-symkey
+Summary: Symmetric Key JNI Package
+Group: System Environment/Libraries
+
+Requires: java >= 1:1.6.0
+Requires: jpackage-utils
+Requires: jss >= 4.2.6-12
+Requires: nss
+
+Provides: symkey = %{version}-%{release}
+
+Obsoletes: symkey < %{version}-%{release}
+
+%description -n pki-symkey
+The Symmetric Key Java Native Interface (JNI) package supplies various native
+symmetric key operations to Java programs.
+
+This package is a part of the PKI Core used by the Certificate System.
+
+%{overview}
+
+
+%package -n pki-native-tools
+Summary: Certificate System - Native Tools
+Group: System Environment/Base
+
+Requires: openldap-clients
+Requires: nss
+Requires: nss-tools
+Requires: pki-setup = %{version}-%{release}
+
+%description -n pki-native-tools
+These platform-dependent PKI executables are used to help make
+Certificate System into a more complete and robust PKI solution.
+
+This package is a part of the PKI Core used by the Certificate System.
+
+%{overview}
+
+
+%package -n pki-util
+Summary: Certificate System - PKI Utility Framework
+Group: System Environment/Base
+
+BuildArch: noarch
+
+Requires: java >= 1:1.6.0
+Requires: jpackage-utils
+Requires: jss >= 4.2.6-12
+Requires: ldapjdk
+
+%description -n pki-util
+The PKI Utility Framework is required by the following four PKI subsystems:
+
+ the Certificate Authority (CA),
+ the Data Recovery Manager (DRM),
+ the Online Certificate Status Protocol (OCSP) Manager, and
+ the Token Key Service (TKS).
+
+This package is a part of the PKI Core used by the Certificate System.
+
+%{overview}
+
+
+%package -n pki-util-javadoc
+Summary: Certificate System - PKI Utility Framework Javadocs
+Group: Documentation
+
+BuildArch: noarch
+
+Requires: pki-util = %{version}-%{release}
+
+%description -n pki-util-javadoc
+This documentation pertains exclusively to version %{version} of
+the PKI Utility Framework.
+
+This package is a part of the PKI Core used by the Certificate System.
+
+%{overview}
+
+
+%package -n pki-java-tools
+Summary: Certificate System - PKI Java-Based Tools
+Group: System Environment/Base
+
+BuildArch: noarch
+
+Requires: java >= 1:1.6.0
+Requires: pki-native-tools = %{version}-%{release}
+Requires: pki-util = %{version}-%{release}
+
+%description -n pki-java-tools
+These platform-independent PKI executables are used to help make
+Certificate System into a more complete and robust PKI solution.
+
+This package is a part of the PKI Core used by the Certificate System.
+
+%{overview}
+
+
+%package -n pki-java-tools-javadoc
+Summary: Certificate System - PKI Java-Based Tools Javadocs
+Group: Documentation
+
+BuildArch: noarch
+
+Requires: pki-java-tools = %{version}-%{release}
+
+%description -n pki-java-tools-javadoc
+This documentation pertains exclusively to version %{version} of
+the PKI Java-Based Tools.
+
+This package is a part of the PKI Core used by the Certificate System.
+
+%{overview}
+
+
+%package -n pki-common
+Summary: Certificate System - PKI Common Framework
+Group: System Environment/Base
+
+BuildArch: noarch
+
+Requires: java >= 1:1.6.0
+Requires: jss >= 4.2.6-12
+Requires: osutil
+Requires: pki-common-theme >= 9.0.0
+Requires: pki-java-tools = %{version}-%{release}
+Requires: pki-setup = %{version}-%{release}
+Requires: pki-symkey = %{version}-%{release}
+Requires: tomcatjss >= 2.0.0
+Requires: %{_javadir}/ldapjdk.jar
+Requires: %{_javadir}/velocity.jar
+Requires: %{_javadir}/xalan-j2.jar
+Requires: %{_javadir}/xalan-j2-serializer.jar
+Requires: %{_javadir}/xerces-j2.jar
+Requires: velocity
+
+%description -n pki-common
+The PKI Common Framework is required by the following four PKI subsystems:
+
+ the Certificate Authority (CA),
+ the Data Recovery Manager (DRM),
+ the Online Certificate Status Protocol (OCSP) Manager, and
+ the Token Key Service (TKS).
+
+This package is a part of the PKI Core used by the Certificate System.
+
+%{overview}
+
+
+%package -n pki-common-javadoc
+Summary: Certificate System - PKI Common Framework Javadocs
+Group: Documentation
+
+BuildArch: noarch
+
+Requires: pki-common = %{version}-%{release}
+
+%description -n pki-common-javadoc
+This documentation pertains exclusively to version %{version} of
+the PKI Common Framework.
+
+This package is a part of the PKI Core used by the Certificate System.
+
+%{overview}
+
+
+%package -n pki-selinux
+Summary: Certificate System - PKI Selinux Policies
+Group: System Environment/Base
+
+BuildArch: noarch
+
+Requires: policycoreutils
+Requires: selinux-policy-targeted
+
+%description -n pki-selinux
+Selinux policies for the PKI components.
+
+This package is a part of the PKI Core used by the Certificate System.
+
+%{overview}
+
+
+%package -n pki-ca
+Summary: Certificate System - Certificate Authority
+Group: System Environment/Daemons
+
+BuildArch: noarch
+
+Requires: java >= 1:1.6.0
+Requires: pki-ca-theme >= 9.0.0
+Requires: pki-common = %{version}-%{release}
+Requires: pki-selinux = %{version}-%{release}
+Requires: pki-setup = %{version}-%{release}
+Requires(post): chkconfig
+Requires(preun): chkconfig
+Requires(preun): initscripts
+Requires(postun): initscripts
+
+%description -n pki-ca
+The Certificate Authority (CA) is a required PKI subsystem which issues,
+renews, revokes, and publishes certificates as well as compiling and
+publishing Certificate Revocation Lists (CRLs).
+
+The Certificate Authority can be configured as a self-signing Certificate
+Authority, where it is the root CA, or it can act as a subordinate CA,
+where it obtains its own signing certificate from a public CA.
+
+This package is a part of the PKI Core used by the Certificate System.
+
+%{overview}
+
+
+%package -n pki-silent
+Summary: Certificate System - Silent Installer
+Group: System Environment/Base
+
+BuildArch: noarch
+
+Requires: java >= 1:1.6.0
+Requires: pki-common = %{version}-%{release}
+
+%description -n pki-silent
+The PKI Silent Installer may be used to "automatically" configure
+the following PKI subsystems in a non-graphical (batch) fashion
+including:
+
+ the Certificate Authority (CA),
+ the Data Recovery Manager (DRM),
+ the Online Certificate Status Protocol (OCSP) Manager,
+ the Registration Authority (RA),
+ the Token Key Service (TKS), and/or
+ the Token Processing System (TPS).
+
+This package is a part of the PKI Core used by the Certificate System.
+
+%{overview}
+
+
+%prep
+
+
+%setup -q
+
+
+%clean
+%{__rm} -rf %{buildroot}
+
+
+%build
+%{__mkdir_p} build
+cd build
+%cmake -DVAR_INSTALL_DIR:PATH=/var -DBUILD_PKI_CORE:BOOL=ON ..
+%{__make} VERBOSE=1 %{?_smp_mflags}
+
+
+%install
+%{__rm} -rf %{buildroot}
+cd build
+%{__make} install DESTDIR=%{buildroot} INSTALL="install -p"
+
+cd %{buildroot}%{_libdir}/symkey
+%{__rm} symkey.jar
+%{__ln_s} symkey-%{version}.jar symkey.jar
+
+cd %{buildroot}%{_jnidir}
+%{__rm} symkey.jar
+%{__ln_s} %{_libdir}/symkey/symkey.jar symkey.jar
+
+
+%pre -n pki-selinux
+%saveFileContext targeted
+
+
+%post -n pki-selinux
+semodule -s targeted -i %{_datadir}/selinux/modules/pki.pp
+%relabel targeted
+
+
+%preun -n pki-selinux
+if [ $1 = 0 ]; then
+ %saveFileContext targeted
+fi
+
+
+%postun -n pki-selinux
+if [ $1 = 0 ]; then
+ semodule -s targeted -r pki
+ %relabel targeted
+fi
+
+
+%post -n pki-ca
+# This adds the proper /etc/rc*.d links for the script
+/sbin/chkconfig --add pki-cad || :
+
+
+%preun -n pki-ca
+if [ $1 = 0 ] ; then
+ /sbin/service pki-cad stop >/dev/null 2>&1
+ /sbin/chkconfig --del pki-cad || :
+fi
+
+
+%postun -n pki-ca
+if [ "$1" -ge "1" ] ; then
+ /sbin/service pki-cad condrestart >/dev/null 2>&1 || :
+fi
+
+
+%files -n pki-setup
+%defattr(-,root,root,-)
+%doc base/setup/LICENSE
+%{_bindir}/pkicreate
+%{_bindir}/pkiremove
+%dir %{_datadir}/pki
+%dir %{_datadir}/pki/scripts
+%{_datadir}/pki/scripts/pkicommon.pm
+%dir %{_localstatedir}/lock/pki
+%dir %{_localstatedir}/run/pki
+
+
+%files -n pki-symkey
+%defattr(-,root,root,-)
+%doc base/symkey/LICENSE
+%{_jnidir}/symkey.jar
+%{_libdir}/symkey/
+
+
+%files -n pki-native-tools
+%defattr(-,root,root,-)
+%doc base/native-tools/LICENSE base/native-tools/doc/README
+%{_bindir}/bulkissuance
+%{_bindir}/p7tool
+%{_bindir}/revoker
+%{_bindir}/setpin
+%{_bindir}/sslget
+%{_bindir}/tkstool
+%{_datadir}/pki/native-tools/
+
+
+%files -n pki-util
+%defattr(-,root,root,-)
+%doc base/util/LICENSE
+%dir %{_javadir}/pki
+%{_javadir}/pki/pki-cmsutil-%{version}.jar
+%{_javadir}/pki/pki-cmsutil.jar
+%{_javadir}/pki/pki-nsutil-%{version}.jar
+%{_javadir}/pki/pki-nsutil.jar
+
+%files -n pki-util-javadoc
+%defattr(-,root,root,-)
+%{_javadocdir}/pki-util-%{version}/
+
+
+%files -n pki-java-tools
+%defattr(-,root,root,-)
+%doc base/java-tools/LICENSE
+%{_bindir}/AtoB
+%{_bindir}/AuditVerify
+%{_bindir}/BtoA
+%{_bindir}/CMCEnroll
+%{_bindir}/CMCRequest
+%{_bindir}/CMCResponse
+%{_bindir}/CMCRevoke
+%{_bindir}/CRMFPopClient
+%{_bindir}/ExtJoiner
+%{_bindir}/GenExtKeyUsage
+%{_bindir}/GenIssuerAltNameExt
+%{_bindir}/GenSubjectAltNameExt
+%{_bindir}/HttpClient
+%{_bindir}/OCSPClient
+%{_bindir}/PKCS10Client
+%{_bindir}/PKCS12Export
+%{_bindir}/PrettyPrintCert
+%{_bindir}/PrettyPrintCrl
+%{_bindir}/TokenInfo
+%{_javadir}/pki/pki-tools-%{version}.jar
+%{_javadir}/pki/pki-tools.jar
+
+%files -n pki-java-tools-javadoc
+%defattr(-,root,root,-)
+%{_javadocdir}/pki-java-tools-%{version}/
+
+
+%files -n pki-common
+%defattr(-,root,root,-)
+%doc base/common/LICENSE
+%{_javadir}/pki/pki-certsrv-%{version}.jar
+%{_javadir}/pki/pki-certsrv.jar
+%{_javadir}/pki/pki-cms-%{version}.jar
+%{_javadir}/pki/pki-cms.jar
+%{_javadir}/pki/pki-cmsbundle-%{version}.jar
+%{_javadir}/pki/pki-cmsbundle.jar
+%{_javadir}/pki/pki-cmscore-%{version}.jar
+%{_javadir}/pki/pki-cmscore.jar
+%{_datadir}/pki/scripts/functions
+%{_datadir}/pki/scripts/pki_apache_initscript
+%{_datadir}/pki/setup/
+
+%files -n pki-common-javadoc
+%defattr(-,root,root,-)
+%{_javadocdir}/pki-common-%{version}/
+
+
+%files -n pki-selinux
+%defattr(-,root,root,-)
+%doc base/selinux/LICENSE
+%{_datadir}/selinux/modules/pki.pp
+
+
+%files -n pki-ca
+%defattr(-,root,root,-)
+%doc base/ca/LICENSE
+%{_initrddir}/pki-cad
+%{_javadir}/pki/pki-ca-%{version}.jar
+%{_javadir}/pki/pki-ca.jar
+%dir %{_datadir}/pki/ca
+%{_datadir}/pki/ca/conf/
+%{_datadir}/pki/ca/emails/
+%dir %{_datadir}/pki/ca/profiles
+%{_datadir}/pki/ca/profiles/ca/
+%{_datadir}/pki/ca/webapps/
+%{_datadir}/pki/ca/setup/
+%dir %{_localstatedir}/lock/pki/ca
+%dir %{_localstatedir}/run/pki/ca
+
+
+%files -n pki-silent
+%defattr(-,root,root,-)
+%doc base/silent/LICENSE
+%{_bindir}/pkisilent
+%{_javadir}/pki/pki-silent-%{version}.jar
+%{_javadir}/pki/pki-silent.jar
+%{_datadir}/pki/silent/
+
+
+%changelog
+* Thu Jan 13 2011 Matthew Harmsen <mharmsen at redhat.com> 9.0.0-3
+- Bugzilla Bug #668839 - Review Request: pki-core
+- Removed empty "pre" from "pki-ca"
+- Consolidated directory ownership
+- Corrected file ownership within subpackages
+- Removed all versioning from NSS and NSPR packages
+
+* Thu Jan 13 2011 Matthew Harmsen <mharmsen at redhat.com> 9.0.0-2
+- Bugzilla Bug #668839 - Review Request: pki-core
+- Added component versioning comments
+- Updated JSS from "4.2.6-10" to "4.2.6-12"
+- Modified installation section to preserve timestamps
+- Removed sectional comments
+
+* Wed Dec 1 2010 Matthew Harmsen <mharmsen at redhat.com> 9.0.0-1
+- Initial revision. (kwright at redhat.com & mharmsen at redhat.com)
+
diff --git a/sources b/sources
index e69de29..d33cbf9 100644
--- a/sources
+++ b/sources
@@ -0,0 +1 @@
+d87e9fbc76c39a5026b732b11278fad9 pki-core-9.0.0.tar.gz
More information about the scm-commits
mailing list