File munge.spec of Package munge.14621

# spec file for package munge
# Copyright (c) 2020 SUSE LLC
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via

#Compat macro for new _fillupdir macro introduced in Nov 2017
%if ! %{defined _fillupdir}
  %define _fillupdir /var/adm/fillup-templates

%if 0%{?suse_version} >= 1210
%define have_systemd 1
%define lversion 2

%define munge_g %name
%if 0%{?have_systemd}
 %define munge_u %name
 %define munge_u daemon

Name:           munge
Version:        0.5.14
Release:        0
Summary:        An authentication service for creating and validating credentials
License:        GPL-3.0-or-later AND LGPL-3.0-or-later
Group:          Productivity/Security
Source1:        baselibs.conf
Source2:        sysconfig.munge
Source3:        README.SUSE
Patch0:         Make-SUSE-specific-adjustments.patch
BuildRequires:  autoconf
BuildRequires:  automake
BuildRequires:  libbz2-devel
BuildRequires:  libtool
BuildRequires:  openssl-devel
BuildRequires:  pkgconfig
BuildRequires:  zlib-devel
Requires:       logrotate
%if 0%{?suse_version} <= 1140
Requires(pre):  pwdutils
Requires(pre):  shadow
Requires(post): coreutils
%if 0%{?have_systemd}
BuildRequires:  systemd-rpm-macros
BuildRequires:  pkgconfig(systemd)
Requires(post):     coreutils
Requires(postun):   coreutils
%if 0%{?suse_version} < 1310
%{!?_tmpfilesdir:%global _tmpfilesdir /usr/lib/tmpfiles.d}

MUNGE (MUNGE Uid 'N' Gid Emporium) is an authentication service for
creating and validating user credentials.  It is designed to be highly
scalable for use in an HPC cluster environment.  It provides a portable
API for encoding the user's identity into a tamper-proof credential
that can be obtained by an untrusted client and forwarded by untrusted
intermediaries within a security realm.  Clients within this realm can
create and validate credentials without the use of root privileges,
reserved ports, or platform-specific methods.
%package -n lib%{name}%{lversion}
Summary:        Libraries for applications using MUNGE
Group:          System/Libraries
Recommends:     munge
# For compatibility with the MUNGE upstream SPEC file.
Provides:       munge-libs = %version

%description -n lib%{name}%{lversion}
A shared library for applications using the MUNGE authentication service.

%package devel
Requires:       lib%{name}%{lversion} = %{version}
Summary:        Headers and Libraries for building applications using %{name}
Group:          Development/Libraries/C and C++

%description devel
A header file and libraries for building applications using the %{name} 
authenication service.

%setup -n %{name}-%{name}-%{version}
%patch0 -p1
cp %{SOURCE3} .

%if 0%{!?make_build:1}
%define make_build make %{?_smp_mflags}

rm -f %{buildroot}%{_libdir}/*.la
rm -f %{buildroot}%{_libdir}/*.a
rm -f %{buildroot}%{_sysconfdir}/sysconfig/munge

mkdir -p %{buildroot}%{_tmpfilesdir}
cp src/etc/munge.tmpfiles.conf %{buildroot}%{_tmpfilesdir}/munge.conf
mkdir -p %{buildroot}%{_datarootdir}/licenses

# We don't want systemd file on SLE 11
%if 0%{!?have_systemd:1}
   test -d %{buildroot}%{_prefix}/lib/systemd && \
      rm -rf %{buildroot}%{_prefix}/lib/systemd
   test -f %{buildroot}/lib/systemd/system/munge.service && \
      rm -f %{buildroot}/lib/systemd/system/munge.service
   rm -f %{buildroot}/%{_tmpfilesdir}/munge.conf
   sed -i 's/USER="munge"/USER="%munge_u"/g' %{buildroot}/%{_initrddir}/%{name}
   ln -s -f %{_initrddir}/%{name} %{buildroot}%{_sbindir}/rc%{name}
   install -m 0755 -d %{buildroot}%{_fillupdir}
   cp -p %{S:2} %{buildroot}%{_fillupdir}/sysconfig.munge
  sed -i 's/User=munge/User=%munge_u/g' %{buildroot}%{_unitdir}/munge.service
  sed -i 's/Group=munge/Group=%munge_g/g' %{buildroot}%{_unitdir}/munge.service
  sed -i 's/munge \+munge/%munge_u %munge_g/g' %{buildroot}%{_tmpfilesdir}/munge.conf
  rm -f %{buildroot}%{_initddir}/munge
  rmdir %{buildroot}%{_localstatedir}/run/munge
  ln -s %{_sbindir}/service %{buildroot}%{_sbindir}/rc%{name}

%post -n lib%{name}%{lversion} -p /sbin/ldconfig

%postun -n lib%{name}%{lversion} -p /sbin/ldconfig

%if 0%{?have_systemd}
%service_add_pre munge.service
%define munge_home "%_localstatedir%_rundir/munge"
%define munge_descr "MUNGE authentication service"
getent group %munge_g >/dev/null || groupadd -r %munge_g
getent passwd %munge_u >/dev/null || useradd -r -g %munge_g -d %munge_home -s /bin/false -c %munge_descr %munge_u
exit 0

%if 0%{?have_systemd}
%service_del_preun munge.service
%stop_on_removal munge

%define fixperm() [ -e %1 ] && /bin/chown -h %munge_u:%munge_g %1
if [ $1 -eq 1 ]
    %{fixperm %{_localstatedir}/log/munge}
    %{fixperm %{_localstatedir}/log/munge/munged.log}
    %{fixperm %{_localstatedir}/run/munge}
%if 0%{?have_systemd}
%service_del_postun munge.service
%restart_on_update munge

if [ $1 -eq 1 ]
    %{fixperm %{_localstatedir}/log/munge}
    %{fixperm %{_localstatedir}/log/munge/munged.log}
    %{fixperm %{_localstatedir}/run/munge}
unset tmpfile
tmpdir=$(mktemp -d /tmp/tmpdir-XXXXXXXXX)
if [ -e %{_sysconfdir}/munge/munge.key ]; then 
    # Preserve symlink so we can check for it
    cp -pP %{_sysconfdir}/munge/munge.key ${tmpdir}
# Make sure this is no symlinks - this may have been created by an attacker!
if [ -e ${tmpdir}/munge.key -a ! -h ${tmpdir}/munge.key ]; then
    if [ $(/usr/bin/stat -c %U:%G:%a ${tmpdir}/munge.key) != \
    %munge_u:%munge_g:400 ]; then
    /usr/bin/rm -f ${tmpdir}/munge.key
    if [ -c /dev/urandom ]; then
	/bin/dd if=/dev/urandom bs=1 count=1024 > $tmpfile 2>/dev/null
if [ -n "$tmpfile" ]; then
    /bin/chmod 0400 $tmpfile
    /bin/chown -h %munge_u:%munge_g $tmpfile
    /bin/mv -f $tmpfile %{_sysconfdir}/munge/munge.key
/usr/bin/rm -rf ${tmpdir}
%if 0%{?have_systemd}
%service_add_post munge.service
systemd-tmpfiles --create %{_tmpfilesdir}/munge.conf
%{fillup_and_insserv -i munge}

%if 0%{?suse_version} < 1500
%dir %{_datarootdir}/licenses
%license COPYING
%doc NEWS
%doc doc/*
%dir %attr(0700,%munge_u,%munge_g) %config %{_sysconfdir}/munge
%dir %attr(0711,%munge_u,%munge_g) %config %{_localstatedir}/lib/munge
%dir %attr(0700,%munge_u,%munge_g) %config %{_localstatedir}/log/munge
%config(noreplace) %{_sysconfdir}/logrotate.d/munge
%if 0%{?have_systemd}
%attr(0755,%munge_u,%munge_g) %dir %{_localstatedir}/run/%{name}

%files devel

%files -n lib%{name}%{lversion}