rpms/certmonger
5
0
Fork 0
Code Issues Pull Requests Releases Activity

- update to 0.43

Browse Source
This commit is contained in:
Nalin Dahyabhai 2011-08-10 18:23:52 -04:00
parent a15951ae49
commit c0eb1bf7eb
1 changed files with 114 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

137
certmonger.spec
View File

@ -1,5 +1,25 @@
%if 0%{?fedora} > 15 || 0%{?rhel} > 6
%global systemd 1
%global sysvinit 0
%else
%global systemd 0
%global sysvinit 1
%endif
%if 0%{?fedora} > 14 || 0%{?rhel} > 6
%global tmpfiles 1
%else
%global tmpfiles 0
%endif
%if 0%{?fedora} > 9 || 0%{?rhel} > 5
%global sysvinitdir %{_initddir}
%else
%global sysvinitdir %{_initrddir}
%endif
Name: certmonger Name: certmonger
Version: 0.42 Version: 0.43
Release: 1%{?dist} Release: 1%{?dist}
Summary: Certificate status monitor and PKI enrollment client Summary: Certificate status monitor and PKI enrollment client
@ -36,8 +56,18 @@ BuildRequires: /usr/bin/dos2unix
# we need a running system bus # we need a running system bus
Requires: dbus Requires: dbus
%if %{systemd}
BuildRequires: systemd-units
Requires(post): systemd-units
Requires(preun): systemd-units
Requires(postun): systemd-units
Requires(post): systemd-sysv
%endif
%if %{sysvinit}
Requires(post): /sbin/chkconfig, /sbin/service Requires(post): /sbin/chkconfig, /sbin/service
Requires(preun): /sbin/chkconfig, /sbin/service Requires(preun): /sbin/chkconfig, /sbin/service
%endif
%description %description
Certmonger is a service which is primarily concerned with getting your Certmonger is a service which is primarily concerned with getting your
@ -47,28 +77,26 @@ system enrolled with a certificate authority (CA) and keeping it enrolled.
%setup -q %setup -q
%build %build
%configure --with-tmpdir=/var/run/certmonger %configure \
# For some reason, Fedora's xmlrpc-c-config just tells us about %if %{systemd}
# libxmlrpc_client, but in F13 we need all of them. Workaround. --enable-systemd \
%endif
%if %{sysvinit}
--enable-sysvinit=%{sysvinitdir} \
%endif
%if %{tmpfiles}
--enable-tmpfiles \
%endif
--with-tmpdir=/var/run/certmonger
# For some reason, some versions of xmlrpc-c-config in Fedora and RHEL just
# tell us about libxmlrpc_client, but we need more. Work around.
make %{?_smp_mflags} XMLRPC_LIBS="-lxmlrpc_client -lxmlrpc_util -lxmlrpc" make %{?_smp_mflags} XMLRPC_LIBS="-lxmlrpc_client -lxmlrpc_util -lxmlrpc"
%install %install
rm -rf $RPM_BUILD_ROOT rm -rf $RPM_BUILD_ROOT
make install DESTDIR=$RPM_BUILD_ROOT make install DESTDIR=$RPM_BUILD_ROOT
mkdir -p $RPM_BUILD_ROOT/%{_localstatedir}/lib/certmonger/{cas,requests} mkdir -p $RPM_BUILD_ROOT/%{_localstatedir}/lib/certmonger/{cas,requests}
%if 0%{?fedora} <= 9 || 0%{?rhel} < 6
mkdir -p $RPM_BUILD_ROOT/%{_initrddir}
install -m755 src/certmonger.init $RPM_BUILD_ROOT/%{_initrddir}/certmonger
%else
mkdir -p $RPM_BUILD_ROOT/%{_initddir}
install -m755 src/certmonger.init $RPM_BUILD_ROOT/%{_initddir}/certmonger
%endif
install -m755 -d $RPM_BUILD_ROOT/var/run/certmonger install -m755 -d $RPM_BUILD_ROOT/var/run/certmonger
%if 0%{?fedora} > 14
install -m755 -d $RPM_BUILD_ROOT/etc/tmpfiles.d
install -m644 certmonger.tmpfiles $RPM_BUILD_ROOT/etc/tmpfiles.d/certmonger.conf
%endif
%{find_lang} %{name} %{find_lang} %{name}
%check %check
@ -81,21 +109,55 @@ rm -rf $RPM_BUILD_ROOT
if test $1 -eq 1 ; then if test $1 -eq 1 ; then
killall -HUP dbus-daemon 2>&1 > /dev/null killall -HUP dbus-daemon 2>&1 > /dev/null
fi fi
%if %{systemd}
if test $1 -eq 1 ; then
/bin/systemctl daemon-reload >/dev/null 2>&1 || :
fi
%endif
%if %{sysvinit}
/sbin/chkconfig --add certmonger /sbin/chkconfig --add certmonger
%endif
%postun %postun
%if %{systemd}
/bin/systemctl daemon-reload >/dev/null 2>&1 || :
if [ $1 -ge 1 ] ; then
/bin/systemctl try-restart certmonger.service >/dev/null 2>&1 || :
fi
%endif
%if %{sysvinit}
if test $1 -gt 0 ; then if test $1 -gt 0 ; then
/sbin/service certmonger condrestart 2>&1 > /dev/null /sbin/service certmonger condrestart 2>&1 > /dev/null
fi fi
%endif
exit 0 exit 0
%preun %preun
%if %{systemd}
/bin/systemctl --no-reload disable certmonger.service > /dev/null 2>&1 || :
/bin/systemctl stop certmonger.service > /dev/null 2>&1 || :
%endif
%if %{sysvinit}
if test $1 -eq 0 ; then if test $1 -eq 0 ; then
/sbin/service certmonger stop 2>&1 > /dev/null /sbin/service certmonger stop 2>&1 > /dev/null
/sbin/chkconfig --del certmonger /sbin/chkconfig --del certmonger
fi fi
%endif
exit 0 exit 0
%if %{systemd}
%triggerun -- certmonger < 0.43
# Save the current service runlevel info, in case the user wants to apply
# the enabled status manually later, by running
# "systemd-sysv-convert --apply certmonger".
%{_bindir}/systemd-sysv-convert --save certmonger >/dev/null 2>&1 ||:
# Do this because the old package's %%postun doesn't know we need to do it.
/sbin/chkconfig --del certmonger >/dev/null 2>&1 || :
# Do this because the old package's %%postun wouldn't have tried.
/bin/systemctl try-restart certmonger.service >/dev/null 2>&1 || :
exit 0
%endif
%files -f %{name}.lang %files -f %{name}.lang
%defattr(-,root,root,-) %defattr(-,root,root,-)
%doc README LICENSE STATUS doc/*.txt %doc README LICENSE STATUS doc/*.txt
@ -103,22 +165,51 @@ exit 0
%config(noreplace) %{_datadir}/dbus-1/services/* %config(noreplace) %{_datadir}/dbus-1/services/*
%dir %{_sysconfdir}/certmonger %dir %{_sysconfdir}/certmonger
%config(noreplace) %{_sysconfdir}/certmonger/certmonger.conf %config(noreplace) %{_sysconfdir}/certmonger/certmonger.conf
%if 0%{?fedora} <= 9 || 0%{?rhel} < 6 %dir /var/run/certmonger
%{_initrddir}/certmonger
%else
%{_initddir}/certmonger
%endif
%{_bindir}/* %{_bindir}/*
%{_sbindir}/certmonger %{_sbindir}/certmonger
%{_mandir}/man*/* %{_mandir}/man*/*
%{_libexecdir}/%{name} %{_libexecdir}/%{name}
%{_localstatedir}/lib/certmonger %{_localstatedir}/lib/certmonger
%if 0%{?fedora} > 14 %if %{sysvinit}
%{sysvinitdir}/certmonger
%endif
%if %{tmpfiles}
%attr(0644,root,root) %config(noreplace) /etc/tmpfiles.d/certmonger.conf %attr(0644,root,root) %config(noreplace) /etc/tmpfiles.d/certmonger.conf
%endif %endif
%dir /var/run/certmonger %if %{systemd}
%config(noreplace) /lib/systemd/system/*
%endif
%changelog %changelog
* Wed Aug 10 2011 Nalin Dahyabhai <nalin@redhat.com> 0.43-1
- add a -K option to ipa-submit, to use the current ccache, which makes
it easier to test
* Fri Aug 5 2011 Nalin Dahyabhai <nalin@redhat.com>
- if xmlrpc-c's struct xmlrpc_curl_xportparms has a gss_delegate field, set
it to TRUE when we're doing Negotiate auth (#727864, #727863, #727866)
* Wed Jul 13 2011 Nalin Dahyabhai <nalin@redhat.com>
- treat the ability to access keys in an NSS database without using a PIN,
when we've been told we need one, as an error (#692766)
- when handling "getcert resubmit" requests, if we don't have a key yet,
make sure we go all the way back to generating one (#694184)
- getcert: try to clean up tests for NSS and PEM file locations (#699059)
- don't try to set reconnect-on-exit policy unless we managed to connect
to the bus (#712500)
- handle cases where we specify a token but the storage token isn't
known (#699552)
- getcert: recognize -i and storage options to narrow down which requests
the user wants to know about (#698772)
- output hints when the daemon has startup problems, too (#712075)
- add flags to specify whether we're bus-activated or not, so that we can
exit if we have nothing to do after handling a request received over
the bus if some specified amount of time has passed
- explicitly disallow non-root access in the D-Bus configuration (#712072)
- migrate to systemd on releases newer than Fedora 15 or RHEL 6 (#718172)
- fix a couple of incorrect calls to talloc_asprintf() (#721392)
* Wed Apr 13 2011 Nalin Dahyabhai <nalin@redhat.com> 0.42-1 * Wed Apr 13 2011 Nalin Dahyabhai <nalin@redhat.com> 0.42-1
- getcert: fix a buffer overrun preparing a request for the daemon when - getcert: fix a buffer overrun preparing a request for the daemon when
there are more parameters to encode than space in the array (#696185) there are more parameters to encode than space in the array (#696185)