This commit was manufactured by cvs2git to create tag 'AC-STABLE'.

[packages/pwdutils.git] / pwdutils.spec

diff --git a/pwdutils.spec b/pwdutils.spec
index 43b1af04c7c420dc928e88a1c20354861af9ee5f..af16103630e5aa1680749e13c828114715deb8b9 100644 (file)
--- a/pwdutils.spec
+++ b/pwdutils.spec
@@ -1,18 +1,22 @@
-# TODO: review default login.defs
+# TODO:
+# - review default login.defs
 #
 # Conditional build:
+%bcond_without audit           # don't build audit log plugin
 %bcond_without ldap            # build without LDAP support
 %bcond_without selinux         # build without SELinux support
+%bcond_with    bioapi          # with BioAPI support in passwd
+%bcond_with    gnutls          # use GnuTLS instead of OpenSSL
 #
 Summary:       Utilities to manage the passwd and shadow user information
 Summary(pl):   Narzêdzia do zarz±dzania informacjami o u¿ytkownikach z passwd i shadow
 Name:          pwdutils
-Version:       2.6.98
-Release:       1
+Version:       3.1.2
+Release:       2
 License:       GPL v2
 Group:         Applications/System
 Source0:       ftp://ftp.kernel.org/pub/linux/utils/net/NIS/%{name}-%{version}.tar.bz2
-# Source0-md5: 586ca4954b43e635aa659c2feb4c2edb
+# Source0-md5: 554bfc1b91a02e93b9514fbe18682d9d
 Source1:       %{name}.useradd
 Source2:       %{name}.rpasswdd.init
 Source3:       %{name}.login.defs
@@ -23,20 +27,25 @@ Source7:    passwd.pamd
 Source8:       useradd.pamd
 Source9:       userdb.pamd
 Patch0:                %{name}-f-option.patch
-Patch1:                %{name}-pl.po-update.patch
-Patch2:                %{name}-no_bash.patch
-Patch3:                %{name}-silent_crontab.patch
+Patch1:                %{name}-no_bash.patch
+Patch2:                %{name}-silent_crontab.patch
+Patch3:                %{name}-pl.po-update.patch
 URL:           http://www.thkukuk.de/pam/pwdutils/
+%{?with_audit:BuildRequires:   audit-libs-devel}
 BuildRequires: autoconf
 BuildRequires: automake >= 1:1.7
+%{?with_bioapi:BuildRequires:  bioapi-devel}
 BuildRequires: gcc >= 5:3.2
 BuildRequires: gettext-devel
+%{?with_gnutls:BuildRequires:  gnutls-devel >= 1.0.0}
 BuildRequires: libnscd-devel
 %{?with_selinux:BuildRequires: libselinux-devel}
-%{?with_ldap:BuildRequires:    openldap-devel}
-BuildRequires: openssl-devel >= 0.9.7d
+BuildRequires: libtool
+%{?with_ldap:BuildRequires:    openldap-devel >= 2.3.0}
 BuildRequires: openslp-devel
+%{!?with_gnutls:BuildRequires: openssl-devel >= 0.9.7d}
 BuildRequires: pam-devel
+BuildRequires: rpmbuild(macros) >= 1.268
 BuildRequires: sed >= 4.0
 Provides:      shadow = 2:%{version}-%{release}
 Provides:      shadow-extras = 2:%{version}-%{release}
@@ -69,19 +78,51 @@ chage, chfn, chsh oraz demona do zmiany has
 bezpiecznym po³±czeniu SSL. Demon tak¿e u¿ywa PAM, wiêc mo¿na zmieniaæ
 has³a niezale¿nie od tego, gdzie s± przechowywane.
 
+%package log-audit
+Summary:       audit log plugin for pwdutils
+Summary(pl):   Wtyczka loguj±ca audit dla pwdutils
+Group:         Libraries
+Requires:      %{name} = %{version}-%{release}
+
+%description log-audit
+audit log plugin for pwdutils.
+
+%description log-audit -l pl
+Wtyczka loguj±ca audit dla pwdutils.
+
+%package -n rpasswd
+Summary:       Remote password update client
+Summary(pl):   Klient do zdalnego uaktualniania hase³
+Group:         Applications/System
+
+%description -n rpasswd
+rpasswd changes passwords for user accounts on a remote server over a
+secure SSL connection. A normal user may only change the password for
+their own account, if the user knows the password of the administrator
+account (in the moment this is the root password on the server), he may
+change the password for any account if he calls rpasswd with the -a
+option.
+
+%description -n rpasswd -l pl
+rpasswd pozwala zmieniaæ has³a u¿ytkowników na zdalnym serwerze przy
+u¿yciu bezpiecznego po³±czenia SSL. Zwyk³y u¿ytkownik mo¿e zmieniæ
+jedynie swoje has³o, a je¶li zna has³o administratora (obecnie jest to
+has³o roota na serwerze), mo¿e zmieniæ has³o dla dowolnego konta
+wywo³uj±c rpasswd z opcj± -a.
+
 %package -n rpasswdd
 Summary:       Remote password update daemon
 Summary(pl):   Demon do zdalnego uaktualniania hase³
 Group:         Applications/System
-PreReq:                rc-scripts
 Requires(post,preun):  /sbin/chkconfig
+Requires:      rc-scripts
 
 %description -n rpasswdd
 rpasswdd is a daemon that lets users change their passwords in the
 presence of a directory service like NIS, NIS+ or LDAP over a secure
 SSL connection. rpasswdd behaves like the normal passwd(1) program and
 uses PAM for authentication and changing the password, so it can be
-configured very flexibel for the local requirements.
+configured very flexible for the local requirements.
 
 %description -n rpasswdd -l pl
 rpasswdd to demon pozwalaj±cy u¿ytkownikom zmieniaæ has³a w obecno¶ci
@@ -94,8 +135,8 @@ by
 Summary:       pam_rpasswd - PAM module to change remote password
 Summary(pl):   pam_rpasswd - modu³ PAM do zdalnej zmiany has³a
 Group:         Base
-# rpasswd.conf is in base
-Requires:      %{name} = %{version}-%{release}
+# rpasswd.conf is in rpasswd
+Requires:      rpasswd = %{version}-%{release}
 
 %description -n pam-pam_rpasswd
 The pam_rpasswd PAM module is for changing the password of user
@@ -115,10 +156,10 @@ funkcjonalno
 %patch2 -p1
 %patch3 -p1
 
-rm -f po/stamp-po
-
 sed -i -e 's/-Werror //' configure.in
 
+rm -f po/stamp-po
+
 %build
 %{__gettextize}
 %{__aclocal}
@@ -126,18 +167,21 @@ sed -i -e 's/-Werror //' configure.in
 %{__autoheader}
 %{__automake}
 %configure \
+       %{?with_bioapi:CPPFLAGS="-I/usr/include/bioapi"} \
+       %{!?with_bioapi:ac_cv_header_bioapi_h=no ac_cv_lib_bioapi100_BioAPI_Init=no} \
+       %{?with_audit:--enable-audit-plugin} \
+       %{!?with_gnutls:--disable-gnutls} \
+       --%{?with_ldap:en}%{!?with_ldap:dis}able-ldap \
+       --enable-nls \
        --enable-pam_rpasswd \
        --%{?with_selinux:en}%{!?with_selinux:dis}able-selinux \
        --enable-slp \
-       --enable-ssl \
-       --%{?with_ldap:en}%{!?with_ldap:dis}able-ldap \
-       --enable-nls \
        --disable-rpath
 %{__make}
 
 %install
 rm -rf $RPM_BUILD_ROOT
-install -d $RPM_BUILD_ROOT/etc/{rc.d/init.d,pwdutils,security,skel}
+install -d $RPM_BUILD_ROOT/etc/{rc.d/init.d,pwdutils,security,skel/tmp}
 
 %{__make} install \
        DESTDIR=$RPM_BUILD_ROOT
@@ -155,6 +199,7 @@ install %{SOURCE8} $RPM_BUILD_ROOT/etc/pam.d/useradd
 install %{SOURCE9} $RPM_BUILD_ROOT/etc/pam.d/shadow
 
 rm -f $RPM_BUILD_ROOT%{_libdir}/pwdutils/*.{la,a}
+rm -f $RPM_BUILD_ROOT/etc/init.d/rpasswdd
 
 :> $RPM_BUILD_ROOT%{_sysconfdir}/shadow
 :> $RPM_BUILD_ROOT/etc/security/chfn.allow
@@ -172,23 +217,17 @@ fi
 
 %post -n rpasswdd
 /sbin/chkconfig --add rpasswdd
-if [ -f /var/lock/subsys/rpasswdd ]; then
-       /etc/rc.d/init.d/rpasswdd restart 1>&2
-else
-       echo "Run \"/etc/rc.d/init.d/rpasswdd start\" to start rpasswdd daemon."
-fi
+%service rpasswdd restart "rpasswdd daemon"
 
 %preun -n rpasswdd
 if [ "$1" = "0" ]; then
-       if [ -f /var/lock/subsys/rpasswdd ]; then
-               /etc/rc.d/init.d/rpasswdd stop 1>&2
-       fi
+       %service rpasswdd stop
        /sbin/chkconfig --del rpasswdd
 fi
 
 %files -f %{name}.lang
 %defattr(644,root,root,755)
-%doc ChangeLog NEWS README THANKS TODO
+%doc AUTHORS ChangeLog NEWS README THANKS TODO
 %attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %ghost %{_sysconfdir}/shadow
 %attr(750,root,root) %dir %{_sysconfdir}/default
 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/default/*
@@ -201,11 +240,11 @@ fi
 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/passwd
 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/useradd
 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/shadow
-%config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/login.defs
-%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/rpasswd.conf
+%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/login.defs
 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/security/chfn.allow
 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/security/chsh.allow
 %dir /etc/skel
+%dir /etc/skel/tmp
 %attr(755,root,root) %{_bindir}/chage
 %attr(4755,root,root) %{_bindir}/chfn
 %attr(4755,root,root) %{_bindir}/chsh
@@ -213,7 +252,6 @@ fi
 %attr(4755,root,root) %{_bindir}/gpasswd
 %attr(755,root,root) %{_bindir}/newgrp
 %attr(4755,root,root) %{_bindir}/passwd
-%attr(755,root,root) %{_bindir}/rpasswd
 %attr(755,root,root) %{_bindir}/sg
 %attr(755,root,root) %{_sbindir}/chpasswd
 %attr(755,root,root) %{_sbindir}/groupadd
@@ -225,7 +263,6 @@ fi
 %attr(755,root,root) %{_sbindir}/pwconv
 %attr(755,root,root) %{_sbindir}/pwck
 %attr(755,root,root) %{_sbindir}/pwunconv
-%attr(755,root,root) %{_sbindir}/rpasswdd
 %attr(755,root,root) %{_sbindir}/useradd
 %attr(755,root,root) %{_sbindir}/userdel
 %attr(755,root,root) %{_sbindir}/usermod
@@ -234,9 +271,24 @@ fi
 %dir %{_libdir}/pwdutils
 %attr(755,root,root) %{_libdir}/pwdutils/liblog_syslog.so*
 %{_mandir}/man?/*
+%exclude %{_mandir}/man1/rpasswd.1*
+%exclude %{_mandir}/man5/rpasswd.conf.5*
 %exclude %{_mandir}/man8/rpasswdd.8*
 %exclude %{_mandir}/man8/pam_rpasswd.8*
 
+%if %{with audit}
+%files log-audit
+%defattr(644,root,root,755)
+%attr(755,root,root) %{_libdir}/pwdutils/liblog_audit.so*
+%endif
+
+%files -n rpasswd
+%defattr(644,root,root,755)
+%attr(755,root,root) %{_bindir}/rpasswd
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/rpasswd.conf
+%{_mandir}/man1/rpasswd.1*
+%{_mandir}/man5/rpasswd.conf.5*
+
 %files -n rpasswdd
 %defattr(644,root,root,755)
 %attr(755,root,root) %{_sbindir}/rpasswdd