+# TODO
+# - check http://security.gentoo.org/glsa/glsa-200509-06.xml
#
# Conditional build:
%bcond_with combined_log # enables apache-like combined log format
#
Summary: SQUID Internet Object Cache
-Summary(es): proxy/cache para www/ftp/gopher
-Summary(pl): Uniwersalny proxy-cache server
+Summary(es): proxy/cache para WWW/FTP/gopher
+Summary(pl): Uniwersalny serwer proxy-cache
Summary(pt_BR): Cache Squid de objetos Internet
Summary(ru): Squid - ËÜÛ ÏÂßÅËÔÏ× Internet
Summary(uk): Squid - ËÅÛ ÏÂ'¤ËÔ¦× Internet
Summary(zh_CN): SQUID ¸ßËÙ»º³å´úÀí·þÎñÆ÷
Name: squid
-Version: 2.5.STABLE6
-Release: 2
+Version: 2.5.STABLE12
+Release: 2.4
Epoch: 7
License: GPL v2
Group: Networking/Daemons
Source0: http://www.squid-cache.org/Versions/v2/2.5/%{name}-%{version}.tar.bz2
-# Source0-md5: 7fd964ac27b43b613d6b981cc702a29e
-Source1: %{name}-1.1.19-faq.tar.gz
-# Source1-md5: 77d04ae621d19548797e3a0deb540df6
+# Source0-md5: 7354255015b3772a1e024dfac173e48c
+# http://www.squid-cache.org/Doc/FAQ/FAQ.tar.gz
+Source1: %{name}-FAQ.tar.gz
+# Source1-md5: cb9a955f8cda9cc166e086fccd412a43
Source2: %{name}.init
Source3: %{name}.sysconfig
-Source4: http://cache.is.co.za/%{name}-docs.tar.gz
-# Source4-md5: 0cfee556bf6394a0bd3c438c89dd2e63
+# http://squid-docs.sourceforge.net/latest/zip-files/book-full-html.zip
+Source4: %{name}-book-full-html.zip
+# Source4-md5: 4f3b6dab1de9cbb847df89d8b417378a
Source5: %{name}.conf.patch
Source6: %{name}.logrotate
Source7: %{name}.pamd
-# Bug fixes from Squid home page:
-Patch0: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE6-ntlm_challengereuse_leak.patch
-Patch1: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE6-ntlm_noreuse_leak.patch
-Patch2: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE6-client_db_gc.patch
-
+# Bug fixes from Squid home page, please include URL
+Patch0: http://www.squid-cache.org/Versions/v2/2.5/bugs/%{name}-2.5.STABLE12-setenv.patch
# Other patches:
-Patch110: http://www.sed.pl/~mrk/qos/%{name}_hit_miss_mark.patch
-Patch120: %{name}-fhs.patch
-Patch130: %{name}-location.patch
-Patch140: %{name}-domainmatch.patch
-Patch150: %{name}-libnsl_fixes.patch
-Patch170: %{name}-ac_fix.patch
-Patch180: %{name}-crash-on-ENOSPC.patch
-Patch190: %{name}-newssl.patch
-Patch210: http://piorun.ds.pg.gda.pl/~blues/patches/%{name}-more_FD-new.patch
-Patch220: %{name}-empty-referer.patch
-Patch230: %{name}-2.5.STABLE4-apache-like-combined-log.patch
+Patch100: http://www.sed.pl/~mrk/qos/%{name}_hit_miss_mark.patch
+Patch101: %{name}-fhs.patch
+Patch102: %{name}-location.patch
+Patch103: %{name}-domainmatch.patch
+Patch104: %{name}-libnsl_fixes.patch
+Patch105: %{name}-ac_fix.patch
+Patch106: %{name}-crash-on-ENOSPC.patch
+Patch107: %{name}-newssl.patch
+Patch108: %{name}-nolibs.patch
+Patch109: http://piorun.ds.pg.gda.pl/~blues/patches/%{name}-more_FD-new.patch
+Patch110: %{name}-empty-referer.patch
+Patch111: %{name}-align.patch
+Patch112: %{name}-2.5.STABLE4-apache-like-combined-log.patch
+Patch113: %{name}-auth_on_acceleration.patch
URL: http://www.squid-cache.org/
BuildRequires: autoconf
BuildRequires: automake
BuildRequires: cyrus-sasl-devel >= 2.1.0
-BuildRequires: findutils
BuildRequires: openldap-devel
BuildRequires: openssl-devel >= 0.9.7d
BuildRequires: pam-devel
BuildRequires: perl-base
-PreReq: rc-scripts >= 0.2.0
-Requires(pre): /bin/id
-Requires(pre): /usr/bin/getgid
-Requires(pre): /usr/sbin/groupadd
-Requires(pre): /usr/sbin/useradd
-Requires(post,preun): /sbin/chkconfig
+BuildRequires: rpmbuild(macros) >= 1.202
+BuildRequires: sed >= 4.0
+BuildRequires: unzip
+Requires(post): /bin/hostname
Requires(post): fileutils
Requires(post): findutils
Requires(post): grep
-Requires(post): /bin/hostname
+Requires(post,preun): /sbin/chkconfig
Requires(postun): /usr/sbin/groupdel
Requires(postun): /usr/sbin/userdel
+Requires(pre): /bin/id
+Requires(pre): /usr/bin/getgid
+Requires(pre): /usr/lib/rpm/user_group.sh
+Requires(pre): /usr/sbin/groupadd
+Requires(pre): /usr/sbin/useradd
+Requires: rc-scripts >= 0.2.0
+Requires: setup >= 2.4.6
+Provides: group(squid)
+Provides: user(squid)
BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
%define _libexecdir %{_libdir}/%{name}
%description ip_acl
This is an external ACL module for the Squid proxy server to limit
-acces for users based on IP address.
+access for users based on IP address.
%description ip_acl -l pl
Jest to modu³ kontroli dostêpu (ACL) do proxy, który pozwala na
%description ldap_acl
This is an external ACL module for the Squid proxy server to limit
-acces for users based on LDAP group membership.
+access for users based on LDAP group membership.
%description ldap_acl -l pl
Jest to modu³ kontroli dostêpu (ACL) do proxy, który pozwala na
%description unix_acl
This is an external ACL module for the Squid proxy server to limit
-acces for users based on UNIX group membership.
+access for users based on UNIX group membership.
%description unix_acl -l pl
Jest to modu³ kontroli dostêpu (ACL) do proxy, który pozwala na
%description wbinfo_acl
This is an external ACL module for the Squid proxy server to limit
-acces for users based on NT domain group membership using wbinfo.
-
+access for users based on NT domain group membership using wbinfo.
%description wbinfo_acl -l pl
Jest to modu³ kontroli dostêpu (ACL) do proxy, który pozwala na
%description winbind_acl
This is an external ACL module for the Squid proxy server to limit
-acces for users based on NT domain group membership based on Samba
+access for users based on NT domain group membership based on Samba
Winbindd from Samba 2.2.4 or greater.
%description winbind_acl -l pl
przynale¿no¶ci do grup w domenie NT oparty na Samba Winbindd z pakietu
Samba 2.2.4 lub wy¿szego.
-%prep
-%setup -q -a 1 -a 4
+%package scripts
+Summary: perl scripts for Squid
+Group: Networking/Admin
+Requires: %{name} = %{epoch}:%{version}-%{release}
+%description scripts
+This package contains perl scripts and contributed programs for Squid.
+
+%prep
+%setup -q -a1 -a4
# Bug fixes from Squid home page:
%patch0 -p1
-%patch1 -p1
-%patch2 -p1
-
# Other patches:
+%patch100 -p1
+%patch101 -p1
+%patch102 -p1
+%patch103 -p1
+%patch104 -p1
+%patch105 -p1
+%patch106 -p1
+%patch107 -p1
+%patch108 -p1
+%patch109 -p1
%patch110 -p1
-%patch120 -p1
-%patch130 -p1
-%patch140 -p1
-%patch170 -p1
-%patch180 -p1
-%patch190 -p1
-%patch210 -p1
-%patch220 -p1
-%{?with_combined_log:%patch230 -p1}
+%patch111 -p1
+%{?with_combined_log:%patch112 -p1}
+%patch113 -p1
+
+%{__sed} -i -e '1s#!.*bin/perl#!%{__perl}#' {contrib,scripts,helpers/*/*}/*.pl
%build
%{__aclocal}
%{__autoconf}
+%{__autoheader}
%{__automake}
%configure \
--datadir=%{_datadir}/squid \
--enable-x-accelerator-vary \
--localstatedir=/var \
--sysconfdir=%{_sysconfdir} \
+ --with-auth-on-acceleration \
--with-pthreads
-mv -f squid/* doc
%{__make}
-perl -pi -e 's#%{_prefix}/.*bin/perl#%{_bindir}/perl#g' contrib/*
-perl -pi -e 's#%{_prefix}/.*bin/perl#%{_bindir}/perl#g' scripts/*
-find helpers/ -type f | xargs perl -pi -e 's#%{_prefix}/.*bin/perl#%{_bindir}/perl#g'
-
%install
rm -rf $RPM_BUILD_ROOT
install -d $RPM_BUILD_ROOT%{_cgidir} \
# These two files start squid. They are replaced by /etc/rc.d/init.d script.
rm -f $RPM_BUILD_ROOT%{_bindir}/R*
+# cp, to have re-entrant install
+rm -rf docs
+cp -a doc docs
# dunno why, but manual is not installed
-mv doc/squid.8 $RPM_BUILD_ROOT%{_mandir}/man8
-
+mv docs/squid.8 $RPM_BUILD_ROOT%{_mandir}/man8
# We don't want Makefiles as docs...
-rm -f doc/Makefile*
+rm -f docs/Makefile*
# We don't like message: rpm found unpackaged files ...
-rm -f $RPM_BUILD_ROOT/etc/squid/msntauth.conf.default \
- $RPM_BUILD_ROOT/etc/squid/squid.conf.orig
+rm -f $RPM_BUILD_ROOT/etc/squid/msntauth.conf.default \
+ $RPM_BUILD_ROOT/etc/squid/squid.conf.orig
+
+> $RPM_BUILD_ROOT/var/cache/squid/netdb_state
+> $RPM_BUILD_ROOT/var/cache/squid/swap.state
+> $RPM_BUILD_ROOT/var/cache/squid/swap.state.clean
+> $RPM_BUILD_ROOT/var/cache/squid/swap.state.last-clean
%clean
rm -rf $RPM_BUILD_ROOT
+%triggerpostun -- squid < 7:2.5.STABLE7-5
+%addusertogroup stats squid
+
%pre
-if [ -n "`getgid squid`" ]; then
- if [ "`getgid squid`" != "91" ]; then
- echo "Error: group squid doesn't have gid=91. Correct this before installing squid." 1>&2
- exit 1
- fi
-else
- /usr/sbin/groupadd -g 91 -r -f squid 1>&2 || :
-fi
-if [ -n "`id -u squid 2>/dev/null`" ]; then
- if [ "`id -u squid`" != "91" ]; then
- echo "Error: user squid doesn't have uid=91. Correct this before installing squid." 1>&2
- exit 1
- fi
-else
- /usr/sbin/useradd -M -o -r -u 91 -s /bin/false \
- -g squid -c "SQUID http caching daemon" -d /var/cache/squid squid 1>&2 || :
-fi
-[ -L %{_datadir}/squid/errors ] && rm -rf %{_datadir}/squid/errors || :
+%groupadd -g 91 squid
+%useradd -o -u 91 -s /bin/false -g squid -c "SQUID http caching daemon" -d /var/cache/squid squid
+%addusertogroup stats squid
+
+[ -L %{_datadir}/squid/errors ] && rm -f %{_datadir}/squid/errors || :
%post
if ! grep -q "^visible_hostname" /etc/squid/squid.conf; then
- echo visible_hostname `/bin/hostname -f` >> /etc/squid/squid.conf
+ hostname=`/bin/hostname -f 2>/dev/null` || hostname='localhost'
+ echo visible_hostname $hostname >> /etc/squid/squid.conf
fi
if [ "$1" = "1" ]; then
/sbin/chkconfig --add squid
+ /etc/rc.d/init.d/squid init >&2
echo "Run \"/etc/rc.d/init.d/squid start\" to start squid." >&2
else
if [ -f /var/lock/subsys/squid ]; then
/etc/rc.d/init.d/squid stop >&2
fi
/sbin/chkconfig --del squid
+
+ # nuke squid cache if uninstalling
+ rm -rf /var/cache/squid/??
fi
%postun
if [ "$1" = "0" ]; then
- /usr/sbin/userdel squid
- /usr/sbin/groupdel squid
+ %userremove squid
+ %groupremove squid
fi
%files
%defattr(644,root,root,755)
-%doc faq CONTRIBUTORS COPYRIGHT CREDITS README ChangeLog QUICKSTART
-%doc RELEASENOTES.html SPONSORS doc/* src/mib.txt
+%doc CONTRIBUTORS COPYRIGHT CREDITS README ChangeLog QUICKSTART RELEASENOTES.html SPONSORS
+%doc docs/* src/mib.txt FAQ*.html book-full.html
%attr(755,root,root) %{_bindir}/squidclient
%attr(755,root,root) %{_libexecdir}/diskd
# YES, it has to be suid root, it sends ICMP packets.
%attr(755,root,root) %dir %{_sysconfdir}
%attr(754,root,root) /etc/rc.d/init.d/squid
-%attr(640,root,root) %config(noreplace) /etc/logrotate.d/squid
-%attr(640,root,squid) %config(noreplace) /etc/sysconfig/squid
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/logrotate.d/squid
+%attr(640,root,squid) %config(noreplace) %verify(not md5 mtime size) /etc/sysconfig/squid
%attr(640,root,squid) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/squid.conf
%attr(640,root,squid) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/mime.conf
%attr(640,root,root) %{_sysconfdir}/mime.conf.default
%lang(fi) %{_datadir}/squid/errors/Finnish
%lang(fr) %{_datadir}/squid/errors/French
%lang(de) %{_datadir}/squid/errors/German
+%lang(el) %{_datadir}/squid/errors/Greek
%lang(he) %{_datadir}/squid/errors/Hebrew
%lang(hu) %{_datadir}/squid/errors/Hungarian
%lang(it) %{_datadir}/squid/errors/Italian
%lang(tr) %{_datadir}/squid/errors/Turkish
%attr(755,root,root) %dir %{_libexecdir}
-%attr(755,root,root) %{_libexecdir}/*.pl
-%attr(755,root,root) %{_libexecdir}/contrib
%attr(770,root,squid) %dir /var/log/archiv/squid
%attr(770,root,squid) %dir /var/log/squid
%attr(660,root,squid) %ghost /var/log/squid/*
%attr(770,root,squid) %dir /var/cache/squid
+%ghost /var/cache/squid/netdb_state
+%ghost /var/cache/squid/swap.state
+%ghost /var/cache/squid/swap.state.clean
+%ghost /var/cache/squid/swap.state.last-clean
%{_mandir}/man8/squid.8*
%files cachemgr
%defattr(644,root,root,755)
+%attr(640,root,squid) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/cachemgr.conf
%attr(755,root,root) %{_cgidir}/*
+%{_mandir}/man8/cachemgr.cgi.8*
%files ldap_auth
%defattr(644,root,root,755)
%doc helpers/basic_auth/LDAP/README
%attr(755,root,root) %{_libexecdir}/%{name}_ldap_auth
-%attr(644,root,root) %{_mandir}/man8/%{name}_ldap_auth.*
+%{_mandir}/man8/%{name}_ldap_auth.*
%files pam_auth
%defattr(644,root,root,755)
%files ldap_acl
%defattr(644,root,root,755)
%attr(755,root,root) %{_libexecdir}/squid_ldap_group
-%attr(644,root,root) %{_mandir}/man8/%{name}_ldap_group.*
+%{_mandir}/man8/%{name}_ldap_group.*
%files unix_acl
%defattr(644,root,root,755)
%doc helpers/external_acl/unix_group/README
%attr(755,root,root) %{_libexecdir}/squid_unix_group
-%attr(644,root,root) %{_mandir}/man8/%{name}_unix_group.*
+%{_mandir}/man8/%{name}_unix_group.*
%files wbinfo_acl
%defattr(644,root,root,755)
%defattr(644,root,root,755)
%doc helpers/external_acl/winbind_group/readme.txt
%attr(755,root,root) %{_libexecdir}/wb_group
+
+%files scripts
+%defattr(644,root,root,755)
+%attr(755,root,root) %{_libexecdir}/*.pl
+%attr(755,root,root) %{_libexecdir}/contrib