%global _hardened_build 1 Summary: Open source remote desktop protocol (RDP) server Name: xrdp Epoch: 1 Version: 0.9.1 Release: 7%{?dist} License: ASL 2.0 Group: Applications/Internet URL: http://www.xrdp.org/ Source0: https://github.com/neutrinolabs/xrdp/releases/download/v%{version}/xrdp-%{version}.tar.gz Source1: xrdp-sesman.pamd Source2: xrdp.sysconfig Source3: xrdp.logrotate Source4: openssl.conf Patch0: xrdp-0.9.1-sesman.patch Patch1: xrdp-0.9.1-xrdp-ini.patch Patch2: xrdp-0.9.1-service.patch Patch3: xrdp-0.9.1-fastpath.patch BuildRequires: libX11-devel BuildRequires: libXfixes-devel BuildRequires: libXrandr-devel BuildRequires: openssl BuildRequires: pam-devel BuildRequires: pkgconfig(fuse) BuildRequires: pkgconfig(openssl) BuildRequires: pkgconfig(pixman-1) BuildRequires: pkgconfig(systemd) # xorgxrdp is the default backend Requires: xorgxrdp Requires: /usr/libexec/Xorg Requires: /etc/X11/xinit/Xsession Requires(post): systemd Requires(post): systemd-sysv Requires(posttrans): openssl Requires(preun): systemd Requires(posttrans): systemd %package devel Summary: Headers and pkg-config files needed to compile xrdp backends %description xrdp provides a fully functional RDP server compatible with a wide range of RDP clients, including FreeRDP and Microsoft RDP client. %description devel This package contains headers necessary for developing xrdp backends that talk to xrdp. %prep %autosetup -p1 # create 'bash -l' based startwm, to pick up PATH etc. echo '#!/bin/bash -l . %{_sysconfdir}/xrdp/startwm.sh' > sesman/startwm-bash.sh %build %configure --enable-fuse --enable-pixman --enable-painter %make_build %install %make_install #install sesman pam config /etc/pam.d/xrdp-sesman %{__install} -Dp -m 644 %{SOURCE1} %{buildroot}%{_sysconfdir}/pam.d/xrdp-sesman #install xrdp sysconfig /etc/sysconfig/xrdp %{__install} -Dp -m 644 %{SOURCE2} %{buildroot}%{_sysconfdir}/sysconfig/xrdp #install logrotate /etc/logrotate.d/xrdp %{__install} -Dp -m 644 %{SOURCE3} %{buildroot}%{_sysconfdir}/logrotate.d/xrdp #install openssl.conf /etc/xrdp %{__install} -Dp -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/xrdp/openssl.conf #install 'bash -l' startwm script %{__install} -Dp -m 755 sesman/startwm-bash.sh %{buildroot}%{_sysconfdir}/xrdp/startwm-bash.sh %post %systemd_post xrdp.service %preun %systemd_preun xrdp.service if [ $1 -eq 0 ]; then # Stop services on package removal (see bug 1349083) systemctl stop xrdp.service > /dev/null 2>&1 || : fi %triggerun -- xrdp < 0.6.0-1 systemd-sysv-convert --save xrdp >/dev/null 2>&1 ||: # If the package is allowed to autostart: systemctl preset xrdp.service >/dev/null 2>&1 ||: # Run these because the SysV package being removed won't do them /sbin/chkconfig --del xrdp >/dev/null 2>&1 || : if [ "`systemctl is-active xrdp.service`" = 'active' ]; then systemctl stop xrdp.service >/dev/null 2>&1 || : systemctl start xrdp.service >/dev/null 2>&1 || : fi %posttrans if [ ! -s %{_sysconfdir}/xrdp/rsakeys.ini ]; then (umask 377; %{_bindir}/xrdp-keygen xrdp %{_sysconfdir}/xrdp/rsakeys.ini >/dev/null) fi chmod 400 %{_sysconfdir}/xrdp/rsakeys.ini if [ ! -s %{_sysconfdir}/xrdp/cert.pem ]; then (umask 377; openssl req -x509 -newkey rsa:2048 -sha256 -nodes -days 3652 \ -keyout %{_sysconfdir}/xrdp/key.pem \ -out %{_sysconfdir}/xrdp/cert.pem \ -config %{_sysconfdir}/xrdp/openssl.conf >/dev/null 2>&1) fi chmod 400 %{_sysconfdir}/xrdp/cert.pem chmod 400 %{_sysconfdir}/xrdp/key.pem systemctl try-restart xrdp.service >/dev/null 2>&1 || : %files %doc COPYING *.txt %dir %{_libdir}/xrdp %dir %{_sysconfdir}/xrdp %dir %{_sysconfdir}/xrdp/pulse %dir %{_datadir}/xrdp %config(noreplace) %{_sysconfdir}/xrdp/xrdp.ini %config(noreplace) %{_sysconfdir}/pam.d/xrdp-sesman %config(noreplace) %{_sysconfdir}/logrotate.d/xrdp %config(noreplace) %{_sysconfdir}/sysconfig/xrdp %config(noreplace) %{_sysconfdir}/xrdp/sesman.ini %exclude %{_sysconfdir}/xrdp/xrdp.sh %exclude %ghost %{_sysconfdir}/xrdp/*.pem %exclude %ghost %{_sysconfdir}/xrdp/rsakeys.ini %{_sysconfdir}/xrdp/km*.ini %{_sysconfdir}/xrdp/openssl.conf %{_sysconfdir}/xrdp/startwm*.sh %{_sysconfdir}/xrdp/xrdp_keyboard.ini %{_bindir}/xrdp-genkeymap %{_bindir}/xrdp-sesadmin %{_bindir}/xrdp-keygen %{_bindir}/xrdp-sesrun %{_bindir}/xrdp-dis %{_sbindir}/xrdp-chansrv %{_sbindir}/xrdp %{_sbindir}/xrdp-sesman %{_sbindir}/xrdp-sessvc %{_datadir}/xrdp/ad256.bmp %{_datadir}/xrdp/cursor0.cur %{_datadir}/xrdp/cursor1.cur %{_datadir}/xrdp/xrdp256.bmp %{_datadir}/xrdp/sans-10.fv1 %{_datadir}/xrdp/ad24b.bmp %{_datadir}/xrdp/xrdp24b.bmp %{_datadir}/xrdp/xrdp_logo.bmp %{_mandir}/man5/* %{_mandir}/man8/* %{_mandir}/man1/* %{_libdir}/xrdp/lib*.so.* %exclude %{_libdir}/xrdp/libcommon.so %{_libdir}/xrdp/libmc.so %{_libdir}/xrdp/librdp.so %exclude %{_libdir}/xrdp/libscp.so %{_libdir}/xrdp/libvnc.so %exclude %{_libdir}/xrdp/libxrdp.so %{_libdir}/xrdp/libxup.so %exclude %{_libdir}/xrdp/libxrdpapi.so %{_sysconfdir}/xrdp/pulse/default.pa %{_unitdir}/xrdp-sesman.service %{_unitdir}/xrdp.service %exclude %{_includedir}/painter.h %exclude %{_libdir}/libpainter.* %exclude %{_libdir}/pkgconfig/libpainter.pc %exclude %{_libdir}/xrdp/*.a %exclude %{_libdir}/xrdp/*.la %ghost %{_localstatedir}/log/xrdp.log %ghost %{_localstatedir}/log/xrdp-sesman.log %files devel %{_includedir}/xrdp* %{_libdir}/pkgconfig/xrdp.pc %changelog * Fri Mar 10 2017 Pavel Roskin - 1:0.9.1-7 - Require /etc/X11/xinit/Xsession, it's called from startwm.sh - Call xrdp-keygen with full path in %posttrans - Exclude *.so files for non-modules * Thu Mar 09 2017 Pavel Roskin - 1:0.9.1-6 - Make xrdp depend on xorgxrdp, not on tigervnc-server-minimal - Make Xorg backend default - Call /usr/libexec/Xorg directly to avoid permission checks * Tue Feb 21 2017 Bojan Smojver - 1:0.9.1-5 - Require openssl in posttrans phase - Move conditional restart to posttrans phase * Mon Feb 20 2017 Bojan Smojver - 1:0.9.1-4 - Move key/cert generation to posttrans stage * Thu Feb 16 2017 Bojan Smojver - 1:0.9.1-3 - Fix log file rotation * Sat Feb 11 2017 Fedora Release Engineering - 1:0.9.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild * Tue Feb 07 2017 Pavel Roskin - 1:0.9.1-2 - Enable hardened build * Tue Jan 24 2017 Pavel Roskin - 1:0.9.1-1 - Split out xrdp-devel - Generate certificate for TLS authentication on package install - Add fastpath hotfix - Fix stopping services on package uninstall - Use packaged pixman library - Enable libpainter for compatibility with "noorders" clients - Upgrade to 0.9.1 * Sun Mar 13 2016 Itamar Reis Peixoto - 1:0.9.0-6 - enable fuse for drive redirection or clipboard file transfer * Fri Feb 05 2016 Fedora Release Engineering - 1:0.9.0-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild * Mon Jul 20 2015 Bojan Smojver - 1:0.9.0-4 - own /etc/xrdp/pulse directory * Fri Jul 17 2015 Bojan Smojver - 1:0.9.0-3 - service files fixes and dependencies - sesman default configuration * Wed Jul 15 2015 Dan Horák - 1:0.9.0-2 - install epoch back to keep clean upgrade path * Tue Jul 14 2015 Itamar Reis Peixoto - 0.9.0-1 - upgrade to 0.9.0 * Fri Jun 19 2015 Fedora Release Engineering - 1:0.6.1-11 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild * Thu Jun 4 2015 Bojan Smojver - 1:0.6.1-10 - remove -ac from X server calls: bug #1105202 - put other sesman.ini changes into a patch * Fri May 15 2015 Bojan Smojver - 1:0.6.1-9 - hopefully better service dependencies * Thu Apr 23 2015 Dan Horák - 1:0.6.1-8 - fix upgrade path after the 0.8 bump in 2014-09 by adding Epoch * Mon Dec 22 2014 Bojan Smojver - 0.6.1-7 - add a delay loop when connecting to VNC back end * Mon Dec 8 2014 Bojan Smojver - 0.6.1-6 - use systemd rpm macros: bug #850374 * Thu Aug 21 2014 Kevin Fenzi - 0.6.1-5 - Rebuild for rpm bug 1131960 * Mon Aug 18 2014 Fedora Release Engineering - 0.6.1-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sun Jun 08 2014 Fedora Release Engineering - 0.6.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Tue Apr 1 2014 Bojan Smojver - 0.6.1-2 - try a bump to official 0.6.1 - provide format for syslog() call - fix memset() call - fix implicit declarations * Sun Aug 04 2013 Fedora Release Engineering - 0.6.0-0.8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Tue Jan 29 2013 Dan Horák - 0.6.0-0.7 - fix check for big endian arches (#905411) * Sun Jul 22 2012 Fedora Release Engineering - 0.6.0-0.6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Mon May 28 2012 Bojan Smojver - 0.6.0-0.5 - bind xrdp-sesman.service to xrdp.service, so that restarts work - do not use forking style, but run services in the foreground instead - dispense with ExecStop, systemd will do that for us * Sat May 26 2012 Bojan Smojver - 0.6.0-0.4 - do explicit stop/start in order to get xrdp-sesman.service up too * Sat May 26 2012 Bojan Smojver - 0.6.0-0.3 - also attempt to restart xrdp-sesman.service (just xrdp.service won't do it) - stop xrdp-sesman.service when not needed by xrdp.service * Fri May 25 2012 Bojan Smojver - 0.6.0-0.2 - bump release for rebuild with the correct e-mail address * Fri May 25 2012 Bojan Smojver - 0.6.0-0.1 - more work on systemd support - remove xrdp-dis for now, current HEAD is broken (explicit rpaths) * Wed May 23 2012 Itamar Reis Peixoto - 0.6.0-0.1 - include patch's from Bojan Smojver bz#821569 , bz#611669 * Sat Feb 04 2012 Itamar Reis Peixoto - 0.5.0-0.16 - add support for systemd * Sat Jan 14 2012 Fedora Release Engineering - 0.5.0-0.15 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Tue Feb 08 2011 Fedora Release Engineering - 0.5.0-0.14 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild * Thu Nov 18 2010 Itamar Reis Peixoto - 0.5.0-0.13 - up to git tag a9cfc235211a49c69c3cce3f98ee5976ff8103a4 * Thu Nov 18 2010 Itamar Reis Peixoto - 0.5.0-0.12.03172010 - fix logrotate to not restart xrdp and drop all open connections * Mon Oct 04 2010 Itamar Reis Peixoto - 0.5.0-0.11.03172010 - Load a default keymap when current keymap doesnt exist * Thu Jul 08 2010 Itamar Reis Peixoto - 0.5.0-0.10.03172010 - fix rhbz #611669 (load environment variables) * Thu Mar 18 2010 Itamar Reis Peixoto - 0.5.0-0.9.03172010 - buildrequires libXfixes-devel * Thu Mar 18 2010 Itamar Reis Peixoto - 0.5.0-0.8.03172010 - buildrequires libX11-devel * Thu Mar 18 2010 Itamar Reis Peixoto - 0.5.0-0.7.03172010 - sync with last xrdp cvs * Wed Sep 16 2009 Tomas Mraz - 0.5.0-0.6.20090811cvs - use password-auth instead of system-auth * Tue Sep 08 2009 Itamar Reis Peixoto - 0.5.0-0.5.20090811cvs - fix xrdp-sesman pam.d to uses system-auth * Fri Sep 04 2009 Itamar Reis Peixoto - 0.5.0-0.4.20090811cvs - increase encryption to 128 bit's - include system-auth into /etc/pam.d/xrdp-sesman * Wed Aug 26 2009 Tomas Mraz - 0.5.0-0.3.20090811cvs - rebuild with new openssl * Thu Aug 13 2009 Itamar Reis Peixoto - 0.5.0-0.2.20090811cvs - more changes to spec file https://bugzilla.redhat.com/show_bug.cgi?id=516364#c10 * Wed Aug 12 2009 Itamar Reis Peixoto - 0.5.0-0.1.20090811cvs - change versioning schema - improve initscript - fix some macros * Tue Aug 11 2009 Itamar Reis Peixoto - 0.5.0-2.20090811cvs - changes from BZ#516364 comment 2 from Mamoru Tasaka - changed license to "GPLv2+ with exceptions" - dropped -libs subpackage - use cvs version - remove a patch and use sed instead - remove attr's * Thu Apr 02 2009 Itamar Reis Peixoto 0.5.0-1 - Initial RPM release