Do not set environmental variables to prevent clashes with compilation time settings

Resolves: RHEL-137175

.gitignore

@@ -1,5 +1,5 @@
 /.*.swp
-/kea-*.tar.gz
-/kea-*.tar.gz.asc
+/kea-*.tar.xz
+/kea-*.tar.xz.asc
 /keama-*.tar.gz
 /keama-*.tar.gz.asc

kea-ctrl-agent.service

@@ -6,13 +6,14 @@ After=network-online.target
 After=time-sync.target
 
 [Service]
+Type=notify
 User=kea
-Environment="KEA_PIDFILE_DIR=/run/kea"
-Environment="KEA_LOCKFILE_DIR=/run/kea"
+#Environment="KEA_PIDFILE_DIR=/var/run/kea"
+#Environment="KEA_LOCKFILE_DIR=/var/run/kea"
 #Environment="KEA_LOGGER_DESTINATION=/var/log/kea/early-startup.log"
-Environment="KEA_DHCP_DATA_DIR=/var/lib/kea"
-Environment="KEA_LOG_FILE_DIR=/var/log/kea"
-Environment="KEA_CONTROL_SOCKET_DIR=/run/kea"
+#Environment="KEA_DHCP_DATA_DIR=/var/lib/kea"
+#Environment="KEA_LOG_FILE_DIR=/var/log/kea"
+#Environment="KEA_CONTROL_SOCKET_DIR=/var/run/kea"
 ConfigurationDirectory=kea
 ConfigurationDirectoryMode=0750
 RuntimeDirectory=kea

kea-dhcp-ddns.service

@@ -6,14 +6,15 @@ After=network-online.target
 After=time-sync.target
 
 [Service]
+Type=notify
 User=kea
 AmbientCapabilities=CAP_NET_BIND_SERVICE
-Environment="KEA_PIDFILE_DIR=/run/kea"
-Environment="KEA_LOCKFILE_DIR=/run/kea"
+#Environment="KEA_PIDFILE_DIR=/var/run/kea"
+#Environment="KEA_LOCKFILE_DIR=/var/run/kea"
 #Environment="KEA_LOGGER_DESTINATION=/var/log/kea/early-startup.log"
-Environment="KEA_DHCP_DATA_DIR=/var/lib/kea"
-Environment="KEA_LOG_FILE_DIR=/var/log/kea"
-Environment="KEA_CONTROL_SOCKET_DIR=/run/kea"
+#Environment="KEA_DHCP_DATA_DIR=/var/lib/kea"
+#Environment="KEA_LOG_FILE_DIR=/var/log/kea"
+#Environment="KEA_CONTROL_SOCKET_DIR=/var/run/kea"
 ConfigurationDirectory=kea
 ConfigurationDirectoryMode=0750
 RuntimeDirectory=kea

kea-dhcp4.service

@@ -6,14 +6,15 @@ After=network-online.target
 After=time-sync.target
 
 [Service]
+Type=notify
 User=kea
 AmbientCapabilities=CAP_NET_BIND_SERVICE CAP_NET_RAW
-Environment="KEA_PIDFILE_DIR=/run/kea"
-Environment="KEA_LOCKFILE_DIR=/run/kea"
+#Environment="KEA_PIDFILE_DIR=/var/run/kea"
+#Environment="KEA_LOCKFILE_DIR=/var/run/kea"
 #Environment="KEA_LOGGER_DESTINATION=/var/log/kea/early-startup.log"
-Environment="KEA_DHCP_DATA_DIR=/var/lib/kea"
-Environment="KEA_LOG_FILE_DIR=/var/log/kea"
-Environment="KEA_CONTROL_SOCKET_DIR=/run/kea"
+#Environment="KEA_DHCP_DATA_DIR=/var/lib/kea"
+#Environment="KEA_LOG_FILE_DIR=/var/log/kea"
+#Environment="KEA_CONTROL_SOCKET_DIR=/var/run/kea"
 ConfigurationDirectory=kea
 ConfigurationDirectoryMode=0750
 RuntimeDirectory=kea

kea-dhcp6.service

@@ -6,14 +6,15 @@ After=network-online.target
 After=time-sync.target
 
 [Service]
+Type=notify
 User=kea
 AmbientCapabilities=CAP_NET_BIND_SERVICE
-Environment="KEA_PIDFILE_DIR=/run/kea"
-Environment="KEA_LOCKFILE_DIR=/run/kea"
+#Environment="KEA_PIDFILE_DIR=/var/run/kea"
+#Environment="KEA_LOCKFILE_DIR=/var/run/kea"
 #Environment="KEA_LOGGER_DESTINATION=/var/log/kea/early-startup.log"
-Environment="KEA_DHCP_DATA_DIR=/var/lib/kea"
-Environment="KEA_LOG_FILE_DIR=/var/log/kea"
-Environment="KEA_CONTROL_SOCKET_DIR=/run/kea"
+#Environment="KEA_DHCP_DATA_DIR=/var/lib/kea"
+#Environment="KEA_LOG_FILE_DIR=/var/log/kea"
+#Environment="KEA_CONTROL_SOCKET_DIR=/var/run/kea"
 ConfigurationDirectory=kea
 ConfigurationDirectoryMode=0750
 RuntimeDirectory=kea

kea-gtest.patch

@@ -1,30 +0,0 @@
-diff --git a/m4macros/ax_gtest.m4 b/m4macros/ax_gtest.m4
-index 138a03f..80ebb98 100644
---- a/m4macros/ax_gtest.m4
-+++ b/m4macros/ax_gtest.m4
-@@ -173,9 +173,9 @@ if test "x$enable_gtest" = "xyes" ; then
-             for dir in $GTEST_PATHS; do
-                 if test -f "$dir/include/gtest/gtest.h"; then
-                     if test -f "$dir/lib/libgtest.a" || \
--                       test -f "$dir/lib/libgtest.so"; then
-+                       test -f "$dir/lib64/libgtest.so"; then
-                         GTEST_INCLUDES="-I$dir/include"
--                        GTEST_LDFLAGS="-L$dir/lib"
-+                        GTEST_LDFLAGS="-L$dir/lib64"
-                         GTEST_LDADD="-lgtest"
-                         GTEST_FOUND="true"
-                         AC_MSG_RESULT([$dir/lib])
-diff --git a/src/lib/util/tests/pid_file_unittest.cc b/src/lib/util/tests/pid_file_unittest.cc
-index 5f00d72..583a35b 100644
---- a/src/lib/util/tests/pid_file_unittest.cc
-+++ b/src/lib/util/tests/pid_file_unittest.cc
-@@ -181,7 +181,8 @@ TEST_F(PIDFileTest, pidGarbage) {
- }
- 
- /// @brief Test failing to write a file.
--TEST_F(PIDFileTest, pidWriteFail) {
-+/// Fails to fail for root, it doesn't throw PIDFileError exception.
-+TEST_F(PIDFileTest, DISABLED_pidWriteFail) {
-     PIDFile pid_file(absolutePath(TESTNAME));
- 
-     // Create the test file and change it's permission bits

kea-openssl-version.patch

@@ -1,13 +0,0 @@
-diff --git a/m4macros/ax_crypto.m4 b/m4macros/ax_crypto.m4
-index e1b43f8..a3a2c84 100644
---- a/m4macros/ax_crypto.m4
-+++ b/m4macros/ax_crypto.m4
-@@ -258,7 +258,7 @@ then
- else
-    CRYPTO_NAME="OpenSSL"
-    DISABLED_CRYPTO="Botan"
--   CRYPTO_PACKAGE="openssl-1.1.0"
-+   CRYPTO_PACKAGE="openssl"
-    DISTCHECK_CRYPTO_CONFIGURE_FLAG="--with-openssl=${use_openssl}"
-    AC_DEFINE_UNQUOTED([WITH_OPENSSL], [], [Compile with OpenSSL crypto])
-    AC_MSG_CHECKING(for OpenSSL library)

kea-sd-daemon.patch

@@ -0,0 +1,293 @@
+diff --git a/config-report.sh.in b/config-report.sh.in
+index 1af984e..ddd4b62 100755
+--- a/config-report.sh.in
++++ b/config-report.sh.in
+@@ -105,6 +105,18 @@ Netconf:              no
+ HERE_DOCUMENT
+ fi
+ 
++if test '@HAVE_LIBSYSTEMD_DAEMON@' != 'no'; then
++add_to_report <<HERE_DOCUMENT
++Systemd:              yes
++
++HERE_DOCUMENT
++else
++add_to_report <<HERE_DOCUMENT
++Systemd:              no
++
++HERE_DOCUMENT
++fi
++
+ if test '@HAVE_GTEST@' != 'no'; then
+ add_to_report <<HERE_DOCUMENT
+ Google Test:          @GTEST_VERSION@
+diff --git a/config.h.in b/config.h.in
+index 42ccf28..cc6354a 100644
+--- a/config.h.in
++++ b/config.h.in
+@@ -52,6 +52,9 @@
+ /* Check valgrind headers */
+ #mesondefine HAVE_VALGRIND_HEADERS
+ 
++/* Support for systemd notification through sd_notify() enabled */
++#mesondefine HAVE_LIBSYSTEMD_DAEMON
++
+ /* Whether libc is musl */
+ #mesondefine LIBC_MUSL
+ 
+diff --git a/meson.build b/meson.build
+index 8ed5b2d..df4f125 100644
+--- a/meson.build
++++ b/meson.build
+@@ -100,6 +100,7 @@ krb5_opt = get_option('krb5')
+ mysql_opt = get_option('mysql')
+ netconf_opt = get_option('netconf')
+ postgresql_opt = get_option('postgresql')
++systemd_opt = get_option('systemd')
+ 
+ FUZZ_OPT = get_option('fuzz')
+ TESTS_OPT = get_option('tests')
+@@ -297,6 +298,13 @@ if netconf_opt.allowed()
+     endif
+ endif
+ 
++# Systemd
++SYSTEMD_DEP = disabler()
++if systemd_opt.enabled()
++    SYSTEMD_DEP = dependency('libsystemd')
++    conf_data.set('HAVE_LIBSYSTEMD_DAEMON', true)
++endif
++
+ # Google Test
+ GTEST_DEP = dependency(
+     'gtest',
+@@ -886,6 +894,11 @@ else
+     report_conf_data.set('SYSREPOCPP_VERSION', 'no')
+     report_conf_data.set('SYSREPOCPP_PREFIX', 'no')
+ endif
++if SYSTEMD_DEP.found()
++    report_conf_data.set('HAVE_LIBSYSTEMD_DAEMON', 'yes')
++else
++    report_conf_data.set('HAVE_LIBSYSTEMD_DAEMON', 'no')
++endif
+ if FUZZ_OPT.enabled() or TESTS_OPT.enabled()
+     report_conf_data.set('HAVE_GTEST', 'yes')
+     version = GTEST_DEP.version()
+diff --git a/meson.options b/meson.options
+index 5c222d5..3ecd2e1 100644
+--- a/meson.options
++++ b/meson.options
+@@ -27,6 +27,7 @@ option(
+     type: 'feature',
+     description: 'Support for PostgreSQL backends.',
+ )
++option('systemd', type: 'feature', description: 'Support for systemd notification through sd_notify().')
+ 
+ # Options for enabling testing code (not real features).
+ option(
+diff --git a/src/bin/agent/ca_process.cc b/src/bin/agent/ca_process.cc
+index f01dd97..4793067 100644
+--- a/src/bin/agent/ca_process.cc
++++ b/src/bin/agent/ca_process.cc
+@@ -18,6 +18,10 @@
+ #include <util/filesystem.h>
+ #include <boost/pointer_cast.hpp>
+ 
++#ifdef HAVE_LIBSYSTEMD_DAEMON
++#include <systemd/sd-daemon.h>
++#endif
++
+ using namespace isc::asiolink;
+ using namespace isc::config;
+ using namespace isc::data;
+@@ -42,7 +46,15 @@ CtrlAgentProcess::init() {
+ 
+ void
+ CtrlAgentProcess::run() {
++
+     LOG_INFO(agent_logger, CTRL_AGENT_STARTED).arg(VERSION);
++#ifdef HAVE_LIBSYSTEMD_DAEMON
++    // Notify systemd about the same
++    sd_notifyf(0, "READY=1\n"
++               "STATUS=Processing requests...\n"
++               "MAINPID=%lu",
++               (unsigned long) getpid());
++#endif
+ 
+     LOG_WARN(agent_logger, CTRL_AGENT_IS_DEPRECATED);
+ 
+diff --git a/src/bin/agent/meson.build b/src/bin/agent/meson.build
+index c6afbfa..2d30179 100644
+--- a/src/bin/agent/meson.build
++++ b/src/bin/agent/meson.build
+@@ -1,3 +1,8 @@
++kea_ctrl_agent_dependencies = [CRYPTO_DEP]
++if SYSTEMD_DEP.found()
++    kea_ctrl_agent_dependencies += [SYSTEMD_DEP]
++endif
++
+ agent_lib = static_library(
+     'agent',
+     'agent_lexer.cc',
+@@ -17,7 +22,7 @@ agent_lib = static_library(
+ executable(
+     'kea-ctrl-agent',
+     'main.cc',
+-    dependencies: [CRYPTO_DEP],
++    dependencies: kea_ctrl_agent_dependencies,
+     include_directories: [include_directories('.')] + INCLUDES,
+     install: true,
+     install_dir: SBINDIR,
+diff --git a/src/bin/d2/d2_process.cc b/src/bin/d2/d2_process.cc
+index 7db49a3..cdb9cef 100644
+--- a/src/bin/d2/d2_process.cc
++++ b/src/bin/d2/d2_process.cc
+@@ -21,6 +21,10 @@
+ #include <hooks/hooks_manager.h>
+ #include <util/filesystem.h>
+ 
++#ifdef HAVE_LIBSYSTEMD_DAEMON
++#include <systemd/sd-daemon.h>
++#endif
++
+ using namespace isc::asiolink;
+ using namespace isc::config;
+ using namespace isc::data;
+@@ -95,6 +99,13 @@ D2Process::init() {
+ void
+ D2Process::run() {
+     LOG_INFO(d2_logger, DHCP_DDNS_STARTED).arg(VERSION);
++#ifdef HAVE_LIBSYSTEMD_DAEMON
++    // Notify systemd about the same
++    sd_notifyf(0, "READY=1\n"
++               "STATUS=Dispatching packets...\n"
++               "MAINPID=%lu",
++               (unsigned long) getpid());
++#endif
+ 
+     if (!PathChecker::shouldEnforceSecurity()) {
+         LOG_WARN(d2_logger, DHCP_DDNS_SECURITY_CHECKS_DISABLED);
+diff --git a/src/bin/d2/meson.build b/src/bin/d2/meson.build
+index 012b40d..3aff0c1 100644
+--- a/src/bin/d2/meson.build
++++ b/src/bin/d2/meson.build
+@@ -1,3 +1,8 @@
++kea_ddns_dependencies = [CRYPTO_DEP]
++if SYSTEMD_DEP.found()
++    kea_ddns_dependencies += [SYSTEMD_DEP]
++endif
++
+ d2_lib = static_library(
+     'd2',
+     'check_exists_add.cc',
+@@ -21,7 +26,7 @@ d2_lib = static_library(
+ executable(
+     'kea-dhcp-ddns',
+     'main.cc',
+-    dependencies: [CRYPTO_DEP],
++    dependencies: kea_ddns_dependencies,
+     include_directories: [include_directories('.')] + INCLUDES,
+     install: true,
+     install_dir: SBINDIR,
+diff --git a/src/bin/dhcp4/main.cc b/src/bin/dhcp4/main.cc
+index 4f88e29..5581b7a 100644
+--- a/src/bin/dhcp4/main.cc
++++ b/src/bin/dhcp4/main.cc
+@@ -24,6 +24,10 @@
+ 
+ #include <iostream>
+ 
++#ifdef HAVE_LIBSYSTEMD_DAEMON
++#include <systemd/sd-daemon.h>
++#endif
++
+ using namespace isc::data;
+ using namespace isc::dhcp;
+ using namespace isc::process;
+@@ -290,6 +294,13 @@ main(int argc, char* argv[]) {
+ 
+         // Tell the admin we are ready to process packets
+         LOG_INFO(dhcp4_logger, DHCP4_STARTED).arg(VERSION);
++#ifdef HAVE_LIBSYSTEMD_DAEMON
++        // Notify systemd about the same
++        sd_notifyf(0, "READY=1\n"
++                   "STATUS=Dispatching packets...\n"
++                   "MAINPID=%lu",
++                   (unsigned long) getpid());
++#endif
+ 
+         // And run the main loop of the server.
+         ret = server.run();
+diff --git a/src/bin/dhcp4/meson.build b/src/bin/dhcp4/meson.build
+index 3dac320..e8cacb9 100644
+--- a/src/bin/dhcp4/meson.build
++++ b/src/bin/dhcp4/meson.build
+@@ -1,3 +1,8 @@
++kea_dhcp4_dependencies = [CRYPTO_DEP]
++if SYSTEMD_DEP.found()
++    kea_dhcp4_dependencies += [SYSTEMD_DEP]
++endif
++
+ dhcp4_lib = static_library(
+     'dhcp4',
+     'client_handler.cc',
+@@ -16,7 +21,7 @@ dhcp4_lib = static_library(
+ kea_dhcp4 = executable(
+     'kea-dhcp4',
+     'main.cc',
+-    dependencies: [CRYPTO_DEP],
++    dependencies: kea_dhcp4_dependencies,
+     include_directories: [include_directories('.')] + INCLUDES,
+     install: true,
+     install_dir: SBINDIR,
+diff --git a/src/bin/dhcp6/main.cc b/src/bin/dhcp6/main.cc
+index 7ab1999..abac799 100644
+--- a/src/bin/dhcp6/main.cc
++++ b/src/bin/dhcp6/main.cc
+@@ -24,6 +24,10 @@
+ 
+ #include <iostream>
+ 
++#ifdef HAVE_LIBSYSTEMD_DAEMON
++#include <systemd/sd-daemon.h>
++#endif
++
+ using namespace isc::data;
+ using namespace isc::dhcp;
+ using namespace isc::process;
+@@ -290,6 +294,13 @@ main(int argc, char* argv[]) {
+ 
+         // Tell the admin we are ready to process packets
+         LOG_INFO(dhcp6_logger, DHCP6_STARTED).arg(VERSION);
++#ifdef HAVE_LIBSYSTEMD_DAEMON
++        // Notify systemd about the same
++        sd_notifyf(0, "READY=1\n"
++                   "STATUS=Dispatching packets...\n"
++                   "MAINPID=%lu",
++                   (unsigned long) getpid());
++#endif
+ 
+         // And run the main loop of the server.
+         ret = server.run();
+diff --git a/src/bin/dhcp6/meson.build b/src/bin/dhcp6/meson.build
+index de60fbf..04a22a9 100644
+--- a/src/bin/dhcp6/meson.build
++++ b/src/bin/dhcp6/meson.build
+@@ -1,3 +1,8 @@
++kea_dhcp6_dependencies = [CRYPTO_DEP]
++if SYSTEMD_DEP.found()
++    kea_dhcp6_dependencies += [SYSTEMD_DEP]
++endif
++
+ dhcp6_lib = static_library(
+     'dhcp6',
+     'client_handler.cc',
+@@ -17,7 +22,7 @@ dhcp6_lib = static_library(
+ kea_dhcp6 = executable(
+     'kea-dhcp6',
+     'main.cc',
+-    dependencies: [CRYPTO_DEP],
++    dependencies: kea_dhcp6_dependencies,
+     include_directories: [include_directories('.')] + INCLUDES,
+     install: true,
+     install_dir: SBINDIR,

kea.spec

@@ -1,16 +1,14 @@
 Name:           kea
-Version:        2.6.3
+Version:        3.0.2
 Release:        %autorelease
 Summary:        DHCPv4, DHCPv6 and DDNS server from ISC
-
 License:        MPL-2.0 AND BSL-1.0
 URL:            http://kea.isc.org
 
-# TODO: no support for netconf/sysconf yet
+# Support for netconf is not enabled
 %bcond_with sysrepo
-%bcond_with gtest
+%bcond_with tests
 
-#%%global prever P1
 %global keama_version 4.5.0
 # Bundled version of Bind libraries linked into Keama
 %global bind_version 9.11.36
@@ -23,8 +21,8 @@ Provides: %1 = %{version}-%{release} \
 Conflicts: %1 \
 %endif
 
-Source0:        https://downloads.isc.org/isc/kea/%{version}%{?prever:-%{prever}}/kea-%{version}%{?prever:-%{prever}}.tar.gz
-Source1:        https://downloads.isc.org/isc/kea/%{version}%{?prever:-%{prever}}/kea-%{version}%{?prever:-%{prever}}.tar.gz.asc
+Source0:        https://downloads.isc.org/isc/kea/%{version}/kea-%{version}.tar.xz
+Source1:        https://downloads.isc.org/isc/kea/%{version}/kea-%{version}.tar.xz.asc
 Source2:        https://downloads.isc.org/isc/keama/%{keama_version}/keama-%{keama_version}.tar.gz
 Source3:        https://downloads.isc.org/isc/keama/%{keama_version}/keama-%{keama_version}.tar.gz.asc
 Source10:       https://www.isc.org/docs/isc-keyblock.asc
@@ -35,54 +33,52 @@ Source14:       kea-ctrl-agent.service
 Source15:       systemd-tmpfiles.conf
 Source16:       systemd-sysusers.conf
 
-Patch1:         kea-openssl-version.patch
-Patch2:         kea-gtest.patch
+Patch1:         kea-sd-daemon.patch
 
-# autoreconf
-BuildRequires: autoconf automake libtool
 BuildRequires: boost-devel
-BuildRequires: gcc-c++
-# %%configure --with-openssl
+# %%meson -D crypto=openssl
 BuildRequires: openssl-devel
 %if 0%{?fedora}
 # https://bugzilla.redhat.com/show_bug.cgi?id=2300868#c4
 BuildRequires: openssl-devel-engine
 %endif
-# %%configure --with-pgsql
+# %%meson -D krb5=enabled
+BuildRequires: krb5-devel
+# %%meson -D mysql=enabled
+BuildRequires: mariadb-connector-c-devel
+# %%meson -D postgresql=enabled
 %if 0%{?fedora} || 0%{?rhel} > 9
 BuildRequires: libpq-devel
 %else
 BuildRequires: postgresql-server-devel
 %endif
-# %%configure --with-mysql
-BuildRequires: mariadb-connector-c-devel
-BuildRequires: log4cplus-devel
+# %%meson -D systemd=enabled
+BuildRequires: systemd-devel
 %if %{with sysrepo}
-# %%configure --with-sysrepo
+# %%meson -D netconf=enabled
 BuildRequires: sysrepo-devel
 %endif
-
+%if %{with tests}
+# %%meson -D tests=enabled
 %ifarch %{valgrind_arches}
 BuildRequires: valgrind-devel
 %endif
-%if %{with gtest}
-# %%configure --enable-gtest
 BuildRequires: gtest-devel
-# src/lib/testutils/dhcp_test_lib.sh
 BuildRequires: procps-ng
 %endif
-# %%configure --enable-generate-parser
+BuildRequires: log4cplus-devel
+BuildRequires: python3-devel
+
+BuildRequires: gcc-c++
+BuildRequires: autoconf automake libtool
+BuildRequires: make
+BuildRequires: meson
 BuildRequires: bison
 BuildRequires: flex
-# %%configure --enable-shell
-BuildRequires: python3-devel
-# in case you ever wanted to use %%configure --enable-generate-docs
-#BuildRequires: elinks asciidoc plantuml
 BuildRequires: systemd
 BuildRequires: systemd-rpm-macros
 BuildRequires: python3-sphinx
 BuildRequires: python3-sphinx_rtd_theme
-BuildRequires: make
 BuildRequires: gnupg2
 
 Requires: %{name}-libs%{?_isa} = %{version}-%{release}
@@ -91,7 +87,6 @@ Requires: coreutils util-linux
 %{?systemd_requires}
 %{?sysusers_requires_compat}
 
-
 %description
 DHCP implementation from Internet Systems Consortium, Inc. that features fully
 functional DHCPv4, DHCPv6 and Dynamic DNS servers.
@@ -99,7 +94,6 @@ Both DHCP servers fully support server discovery, address assignment, renewal,
 rebinding and release. The DHCPv6 server supports prefix delegation. Both
 servers support DNS Update mechanism, using stand-alone DDNS daemon.
 
-
 %package doc
 Summary: Documentation for Kea DHCP server
 BuildArch: noarch
@@ -107,7 +101,6 @@ BuildArch: noarch
 %description doc
 Documentation and example configuration for Kea DHCP server.
 
-
 %package devel
 Summary: Development headers and libraries for Kea DHCP server
 Requires: %{name}-libs%{?_isa} = %{version}-%{release}
@@ -119,7 +112,6 @@ Requires: pkgconfig
 %description devel
 Header files and API documentation.
 
-
 %package hooks
 Summary: Hooks libraries for kea
 Requires: %{name}-libs%{?_isa} = %{version}-%{release}
@@ -130,7 +122,6 @@ Hooking mechanism allow Kea to load one or more dynamically-linked libraries
 ("hook points"), call functions in them.  Those functions perform whatever
 custom processing is required.
 
-
 %package libs
 Summary: Shared libraries used by Kea DHCP server
 %upstream_name_compat %{upstream_name}-libs
@@ -138,7 +129,6 @@ Summary: Shared libraries used by Kea DHCP server
 %description libs
 This package contains shared libraries used by Kea DHCP server.
 
-
 %package keama
 Summary: Experimental migration assistant for Kea
 Provides: bundled(bind-libs) = %{bind_version}
@@ -147,7 +137,6 @@ Provides: bundled(bind-libs) = %{bind_version}
 The KEA Migration Assistant is an experimental tool which helps to translate
 ISC DHCP configurations to Kea.
 
-
 %prep
 %if 0%{?fedora} || 0%{?rhel} > 8
 %{gpgverify} --keyring='%{S:10}' --signature='%{S:1}' --data='%{S:0}'
@@ -155,42 +144,32 @@ ISC DHCP configurations to Kea.
 %endif
 
 %autosetup -T -b2 -N -n keama-%{keama_version}
-%autosetup -p1 -n kea-%{version}%{?prever:-%{prever}}
-
-rm -rf doc/sphinx/_build
-
-# to be able to build on ppc64(le)
-# https://sourceforge.net/p/flex/bugs/197
-# https://lists.isc.org/pipermail/kea-dev/2016-January/000599.html
-sed -i -e 's|ECHO|YYECHO|g' src/lib/eval/lexer.cc
-
+%autosetup -p1 -n kea-%{version}
 
 %build
-autoreconf --verbose --force --install
+# This removes RPATH from binaries
+export KEA_PKG_TYPE_IN_CONFIGURE="rpm"
 
-%configure \
-    --disable-dependency-tracking \
-    --disable-rpath \
-    --disable-silent-rules \
-    --disable-static \
-    --enable-generate-docs \
-    --enable-generate-messages \
-    --enable-generate-parser \
-    --enable-shell \
-    --enable-perfdhcp \
-%if %{with gtest}
-    --with-gtest \
-%endif
-    --with-mysql \
-    --with-pgsql \
-    --with-gnu-ld \
-    --with-log4cplus \
+%meson \
+    --install-umask 0022 \
 %if %{with sysrepo}
-    --with-sysrepo \
+    -D netconf=enabled \
+%else
+    -D netconf=disabled \
 %endif
-    --with-openssl
+%if %{with tests}
+    -D tests=enabled \
+%else
+    -D tests=disabled \
+%endif
+    -D crypto=openssl \
+    -D krb5=enabled \
+    -D mysql=enabled \
+    -D postgresql=enabled \
+    -D systemd=enabled
 
-%make_build
+%meson_build
+%meson_build doc
 
 # Configure & build Keama
 pushd ../keama-%{keama_version}
@@ -220,15 +199,13 @@ autoreconf --verbose --force --install
 %make_build
 popd
 
-
-%if %{with gtest}
+%if %{with tests}
 %check
-make check
+%meson_test
 %endif
 
-
 %install
-%make_install docdir=%{_pkgdocdir}
+%meson_install
 
 # Install Keama
 pushd ../keama-%{keama_version}
@@ -236,20 +213,23 @@ pushd ../keama-%{keama_version}
 popd
 
 # Remove Keama's static library, dhcp headers and man pages
-rm -f %{buildroot}/%{_libdir}/libdhcp.a
+rm %{buildroot}/%{_libdir}/libdhcp.a
 rm -rf %{buildroot}/%{_includedir}/omapip/
 rm -rf %{buildroot}%{_mandir}/man5/
 
-# Get rid of .la files
-find %{buildroot} -type f -name "*.la" -delete -print
+# Remove keactrl
+rm %{buildroot}%{_sysconfdir}/kea/keactrl.conf
+rm %{buildroot}%{_sbindir}/keactrl
+rm %{buildroot}%{_mandir}/man8/keactrl.8*
 
 %if %{without sysrepo}
 # Remove netconf files
 rm %{buildroot}%{_mandir}/man8/kea-netconf.8
 %endif
 
-rm -f %{buildroot}%{_pkgdocdir}/COPYING
-rm -f %{buildroot}%{_pkgdocdir}/html/.buildinfo
+rm %{buildroot}%{_pkgdocdir}/COPYING
+
+rm -rf %{buildroot}/usr/share/kea/meson-info/
 
 # Create empty password file for the Kea Control Agent
 install -m 0640 /dev/null %{buildroot}%{_sysconfdir}/kea/kea-api-password
@@ -275,30 +255,10 @@ install -dm 0750 %{buildroot}%{_rundir}/kea/
 mkdir -p %{buildroot}%{_localstatedir}/log
 install -dm 0750 %{buildroot}%{_localstatedir}/log/kea/
 
-
 %pre
 %sysusers_create_compat %{S:16}
 
 %post
-# Kea runs under kea user instead of root now, but if its files got altered, their new
-# ownership&permissions won't get changed so fix them to prevent startup failures
-[ "`stat --format '%U:%G' %{_rundir}/kea/logger_lockfile 2>&1 | grep root:root`" = "root:root" ] \
-    && chown kea:kea %{_rundir}/kea/logger_lockfile
-[ "`stat --format '%U:%G' %{_sharedstatedir}/kea/kea-leases4.csv* 2>&1 | grep root:root | head -1`" = "root:root" ] \
-    && chown kea:kea %{_sharedstatedir}/kea/kea-leases4.csv* && chmod 0640 %{_sharedstatedir}/kea/kea-leases4.csv*
-[ "`stat --format '%U:%G' %{_sharedstatedir}/kea/kea-leases6.csv* 2>&1 | grep root:root | head -1`" = "root:root" ] \
-    && chown kea:kea %{_sharedstatedir}/kea/kea-leases6.csv* && chmod 0640 %{_sharedstatedir}/kea/kea-leases6.csv*
-[ "`stat --format '%U:%G' %{_sharedstatedir}/kea/kea-dhcp6-serverid 2>&1 | grep root:root`" = "root:root" ] \
-    && chown kea:kea %{_sharedstatedir}/kea/kea-dhcp6-serverid
-[ "`stat --format '%U:%G' %{_sysconfdir}/kea/kea*.conf 2>&1 | grep root:root | head -1`" = "root:root" ] \
-    && chown root:kea %{_sysconfdir}/kea/kea*.conf && chmod 0640 %{_sysconfdir}/kea/kea*.conf
-
-# Remove /tmp/ from socket-name for existing configurations to fix CVE-2025-32802
-for i in kea-ctrl-agent.conf keactrl.conf kea-dhcp4.conf kea-dhcp6.conf kea-dhcp-ddns.conf; do
-    if [ -n "`grep '\"socket-name\": \"/tmp/' %{_sysconfdir}/kea/$i`" ]; then
-        sed -i.CVE-2025-32802.bak 's#\("socket-name": "/tmp/\)\(.*\)#"socket-name": "\2#g' %{_sysconfdir}/kea/$i
-    fi
-done
 # Set a pseudo-random password for default config to secure fresh install and allow CA startup without user intervention
 if [[ ! -s %{_sysconfdir}/kea/kea-api-password && -n `grep '"password-file": "kea-api-password"' %{_sysconfdir}/kea/kea-ctrl-agent.conf` ]]; then
     (umask 0027; head -c 32 /dev/urandom | base64 > %{_sysconfdir}/kea/kea-api-password)
@@ -311,13 +271,10 @@ fi
 
 %postun
 %systemd_postun_with_restart kea-dhcp4.service kea-dhcp6.service kea-dhcp-ddns.service kea-ctrl-agent.service
-
 %ldconfig_scriptlets libs
 
-
 %files
 %license COPYING
-%{_bindir}/kea-msg-compiler
 %{_sbindir}/kea-admin
 %{_sbindir}/kea-ctrl-agent
 %{_sbindir}/kea-dhcp-ddns
@@ -325,7 +282,6 @@ fi
 %{_sbindir}/kea-dhcp6
 %{_sbindir}/kea-lfc
 %{_sbindir}/kea-shell
-%{_sbindir}/keactrl
 %{_sbindir}/perfdhcp
 %{_unitdir}/kea*.service
 %{_datarootdir}/kea
@@ -347,7 +303,6 @@ fi
 %{_mandir}/man8/kea-netconf.8*
 %endif
 %{_mandir}/man8/kea-shell.8*
-%{_mandir}/man8/keactrl.8*
 %{_mandir}/man8/perfdhcp.8*
 %{_tmpfilesdir}/kea.conf
 %{_sysusersdir}/kea.conf
@@ -365,46 +320,96 @@ fi
 %doc %{_pkgdocdir}/SECURITY.md
 
 %files devel
+%{_bindir}/kea-msg-compiler
 %{_includedir}/kea
-%{_libdir}/libkea-*.so
+%{_libdir}/libkea-asiodns.so
+%{_libdir}/libkea-asiolink.so
+%{_libdir}/libkea-cc.so
+%{_libdir}/libkea-cfgrpt.so
+%{_libdir}/libkea-config.so
+%{_libdir}/libkea-cryptolink.so
+%{_libdir}/libkea-d2srv.so
+%{_libdir}/libkea-database.so
+%{_libdir}/libkea-dhcp_ddns.so
+%{_libdir}/libkea-dhcp.so
+%{_libdir}/libkea-dhcpsrv.so
+%{_libdir}/libkea-dns.so
+%{_libdir}/libkea-eval.so
+%{_libdir}/libkea-exceptions.so
+%{_libdir}/libkea-hooks.so
+%{_libdir}/libkea-http.so
+%{_libdir}/libkea-log-interprocess.so
+%{_libdir}/libkea-log.so
+%{_libdir}/libkea-mysql.so
+%{_libdir}/libkea-pgsql.so
+%{_libdir}/libkea-process.so
+%{_libdir}/libkea-stats.so
+%{_libdir}/libkea-tcp.so
+%{_libdir}/libkea-util-io.so
+%{_libdir}/libkea-util.so
+%{_libdir}/pkgconfig/kea.pc
 
 %files hooks
+%dir %{_sysconfdir}/kea/radius
+%{_sysconfdir}/kea/radius/dictionary
 %dir %{_libdir}/kea
-%{_libdir}/kea/hooks
+%dir %{_libdir}/kea/hooks
+%{_libdir}/kea/hooks/libddns_gss_tsig.so
+%{_libdir}/kea/hooks/libdhcp_bootp.so
+%{_libdir}/kea/hooks/libdhcp_class_cmds.so
+%{_libdir}/kea/hooks/libdhcp_ddns_tuning.so
+%{_libdir}/kea/hooks/libdhcp_flex_id.so
+%{_libdir}/kea/hooks/libdhcp_flex_option.so
+%{_libdir}/kea/hooks/libdhcp_ha.so
+%{_libdir}/kea/hooks/libdhcp_host_cache.so
+%{_libdir}/kea/hooks/libdhcp_host_cmds.so
+%{_libdir}/kea/hooks/libdhcp_lease_cmds.so
+%{_libdir}/kea/hooks/libdhcp_lease_query.so
+%{_libdir}/kea/hooks/libdhcp_legal_log.so
+%{_libdir}/kea/hooks/libdhcp_limits.so
+%{_libdir}/kea/hooks/libdhcp_mysql.so
+%{_libdir}/kea/hooks/libdhcp_perfmon.so
+%{_libdir}/kea/hooks/libdhcp_pgsql.so
+%{_libdir}/kea/hooks/libdhcp_ping_check.so
+%{_libdir}/kea/hooks/libdhcp_radius.so
+%{_libdir}/kea/hooks/libdhcp_run_script.so
+%{_libdir}/kea/hooks/libdhcp_stat_cmds.so
+%{_libdir}/kea/hooks/libdhcp_subnet_cmds.so
 
 %files libs
 %license COPYING
 # older: find `rpm --eval %%{_topdir}`/BUILDROOT/kea-*/usr/lib64/ -type f | grep /usr/lib64/libkea | sed -e 's#.*/usr/lib64\(.*\.so\.[0-9]\+\)\.[0-9]\+\.[0-9]\+#%%{_libdir}\1*#' | sort
 # >=f41: find `rpm --eval %%{_topdir}`/BUILD/kea-*/BUILDROOT/usr/lib64/ -type f | grep /usr/lib64/libkea | sed -e 's#.*/usr/lib64\(.*\.so\.[0-9]\+\)\.[0-9]\+\.[0-9]\+#%%{_libdir}\1*#' | sort
-%{_libdir}/libkea-asiodns.so.49*
-%{_libdir}/libkea-asiolink.so.72*
-%{_libdir}/libkea-cc.so.68*
-%{_libdir}/libkea-cfgclient.so.66*
-%{_libdir}/libkea-cryptolink.so.50*
-%{_libdir}/libkea-d2srv.so.47*
-%{_libdir}/libkea-database.so.62*
-%{_libdir}/libkea-dhcp_ddns.so.57*
-%{_libdir}/libkea-dhcp++.so.92*
-%{_libdir}/libkea-dhcpsrv.so.111*
-%{_libdir}/libkea-dns++.so.57*
-%{_libdir}/libkea-eval.so.69*
-%{_libdir}/libkea-exceptions.so.33*
-%{_libdir}/libkea-hooks.so.100*
-%{_libdir}/libkea-http.so.72*
-%{_libdir}/libkea-log.so.61*
-%{_libdir}/libkea-mysql.so.71*
-%{_libdir}/libkea-pgsql.so.71*
-%{_libdir}/libkea-process.so.74*
-%{_libdir}/libkea-stats.so.41*
-%{_libdir}/libkea-tcp.so.19*
-%{_libdir}/libkea-util-io.so.0*
-%{_libdir}/libkea-util.so.86*
+%{_libdir}/libkea-asiodns.so.62*
+%{_libdir}/libkea-asiolink.so.88*
+%{_libdir}/libkea-cc.so.82*
+%{_libdir}/libkea-cfgrpt.so.3*
+%{_libdir}/libkea-config.so.83*
+%{_libdir}/libkea-cryptolink.so.64*
+%{_libdir}/libkea-d2srv.so.63*
+%{_libdir}/libkea-database.so.76*
+%{_libdir}/libkea-dhcp_ddns.so.68*
+%{_libdir}/libkea-dhcp.so.109*
+%{_libdir}/libkea-dhcpsrv.so.131*
+%{_libdir}/libkea-dns.so.71*
+%{_libdir}/libkea-eval.so.84*
+%{_libdir}/libkea-exceptions.so.45*
+%{_libdir}/libkea-hooks.so.120*
+%{_libdir}/libkea-http.so.87*
+%{_libdir}/libkea-log-interprocess.so.3*
+%{_libdir}/libkea-log.so.75*
+%{_libdir}/libkea-mysql.so.88*
+%{_libdir}/libkea-pgsql.so.88*
+%{_libdir}/libkea-process.so.90*
+%{_libdir}/libkea-stats.so.53*
+%{_libdir}/libkea-tcp.so.33*
+%{_libdir}/libkea-util-io.so.12*
+%{_libdir}/libkea-util.so.101*
 
 %files keama
 %license COPYING
 %{_bindir}/keama
 %{_mandir}/man8/keama.8*
 
-
 %changelog
 %autochangelog

sources

@@ -1,4 +1,4 @@
-SHA512 (kea-2.6.3.tar.gz) = d7781c0b95529bfe89c19615c1dd5952fd4c4b60274e187a641992dad81ef5af921dfb15050ec43169a0c2ad267639642b2e294c5d43405f85a5fb11bb1a939a
-SHA512 (kea-2.6.3.tar.gz.asc) = ceb5771c7e8533ed93103a6d3ed9a616ffeec0c8d4feb697e3514d1be90993f8a3255c96990be96b2698b708abadbe7a42cd87a80326f376a1d450dc226a12e0
+SHA512 (kea-3.0.2.tar.xz) = 454081be248d6021aa99bfe027111f093795b123c827c6062e29a215856d29ec827f5757a1a6fc3351e74276563f101b52f26db2098cdd0b4e6f86e1b3449ba3
+SHA512 (kea-3.0.2.tar.xz.asc) = 0735968604d1ac0821f00a01e3f61134e118ec0fb26846eb6413867c855923a148316ef20022e9a51af8507711eeadaf68b2da85504332cf8c882e75fffa8793
 SHA512 (keama-4.5.0.tar.gz) = 2e48987e21999718be7ceb5b604be672c84666b07dde9545285ff7146ab6825e81af1ec3b5a4b50f20e61b40ed11b0254e3705cc580bb85de24b77ee8cbca162
 SHA512 (keama-4.5.0.tar.gz.asc) = 8ec416e44e143037a6936682d1e11b96c1a48be05f3e747e7a26b190e1f11c75104ef16c23eda9b257433b8de5a73c081b65fd903b611d8faa9c4b3b47702763

systemd-tmpfiles.conf

@@ -2,3 +2,4 @@
 # See tmpfiles.d(5) for details
 
 d /run/kea 0750 kea kea -
+d /var/lib/kea 0750 kea kea -