File freeradius-server.spec of Package freeradius-server.971

#
# spec file for package freeradius-server
#
# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via http://bugs.opensuse.org/
#


Name:           freeradius-server
Version:        2.1.10
Release:        0
Provides:       freeradius = %{version}
Provides:       radiusd
Obsoletes:      freeradius < %{version}
Conflicts:      radiusd-livingston radiusd-cistron icradius
Url:            http://www.freeradius.org/
Summary:        Very Highly Configurable Radius Server
License:        GPL-2.0 and LGPL-2.1
Group:          Productivity/Networking/Radius/Servers
Source:         %{name}-%{version}.tar.bz2
Patch1:         freeradius-server-2.1.6-dialup_admin.patch
Patch2:         freeradius-server-2.1.6-rcradiusd.patch
Patch3:         freeradius-server-2.1.6-codecleanup.patch
Patch5:         freeradius-server-2.1.6-overflow.patch
Patch6:         freeradius-server-sha1-default.patch
Patch7:         freeradius-server-fix-cert-bootstrap.patch
Patch8:         freeradius-server-initscript-pidfile.patch
Patch9:         freeradius-server-radius-reload-logrotate.patch
Patch10:        freeradius-server-2.1.10-libtool.patch
# PATCH-FIX-SUSE use 'su' logrotate option (bnc#677335)
Patch12:        freeradius-server-2.1.1-logrotate_su.patch
Patch13:        freeradius-server-2.1.10-CVE-2012-3547.patch
PreReq:         perl openssl pwdutils coreutils
PreReq:         %insserv_prereq %fillup_prereq
BuildRoot:      %{_tmppath}/%{name}-%{version}-build
%define _oracle_support 0
%define apxs2 apxs2-prefork
%define apache2_sysconfdir %(%{_sbindir}/%{apxs2} -q SYSCONFDIR)
Requires:       %{name}-libs = %{version}
Requires:       python
Recommends:     logrotate
BuildRequires:  apache2-devel
BuildRequires:  cyrus-sasl-devel
BuildRequires:  db-devel
BuildRequires:  gcc-c++
BuildRequires:  gdbm-devel
BuildRequires:  gettext-devel
BuildRequires:  glibc-devel
BuildRequires:  krb5-devel
BuildRequires:  libapr1-devel
BuildRequires:  libcom_err
BuildRequires:  libmysqlclient-devel
BuildRequires:  libpcap-devel
BuildRequires:  libtool
BuildRequires:  ncurses-devel
BuildRequires:  net-snmp-devel
BuildRequires:  openldap2-devel
BuildRequires:  openssl-devel
BuildRequires:  pam-devel
BuildRequires:  perl
BuildRequires:  postgresql-devel
BuildRequires:  python-devel
BuildRequires:  sed
BuildRequires:  sqlite3-devel
BuildRequires:  unixODBC-devel

%description
The FreeRADIUS server has a number of features found in other servers
and additional features not found in any other server. The server's
features are:

* Support for RFC and VSA attributes

* Additional server configuration attributes

* Selection of a particular configuration

* Authentication methods

* Accounting methods



Authors:
--------
    Miquel van Smoorenburg <miquels@cistron.nl>
    Alan DeKok <aland@ox.org>
    Mike Machado <mike@innercite.com>
    Alan Curry
    various other people

%if %_oracle_support == 1

%package oracle

BuildRequires:  oracle-instantclient-basic
BuildRequires:  oracle-instantclient-devel
Summary:        FreeRADIUS Oracle database support
Group:          Productivity/Networking/Radius/Servers
Requires:       %{name} = %{version}
Requires:       %{name}-libs = %{version}
Requires:       oracle-instantclient-basic

%description oracle
The FreeRADIUS server has a number of features found in other servers,
and additional features not found in any other server. Rather than
doing a feature by feature comparison, we will simply list the features
of the server, and let you decide if they satisfy your needs.

Support for RFC and VSA Attributes Additional server configuration
attributes Selecting a particular configuration Authentication methods
%endif

%package libs
Summary:        FreeRADIUS shared library
Group:          Productivity/Networking/Radius/Servers

%description libs
The FreeRADIUS shared library



Authors:
--------
    Miquel van Smoorenburg <miquels@cistron.nl>
    Alan DeKok <aland@ox.org>
    Mike Machado <mike@innercite.com>
    Alan Curry
    various other people

%package utils
Summary:        FreeRADIUS Clients
Group:          Productivity/Networking/Radius/Clients
Requires:       %{name}-libs = %{version}

%description utils
The FreeRADIUS server has a number of features found in other servers
and additional features not found in any other server. The server's
features are:

* Support for RFC and VSA attributes

* Additional server configuration attributes

* Selection of a particular configuration

* Authentication methods

* Accounting methods



Authors:
--------
    Miquel van Smoorenburg <miquels@cistron.nl>
    Alan DeKok <aland@ox.org>
    Mike Machado <mike@innercite.com>
    Alan Curry
    various other people

%package dialupadmin
Summary:        Web management for FreeRADIUS
Group:          Productivity/Networking/Radius/Servers
Requires:       http_daemon
Requires:       mod_php_any
Requires:       perl-DateManip
Requires:       php
Requires:       php-ldap
Requires:       php-mysql
Requires:       php-pgsql
Requires:       php-session

%description dialupadmin
Dialup Admin supports users either in SQL (MySQL or PostgreSQL are
supported) or in LDAP. Apart from the web pages, it also includes a
number of scripts to make the administrator's life a lot easier.



Authors:
--------
    Kostas Kalevras <kkalev at noc.ntua.gr>
    Basilis Pappas <vpappas at noc.ntua.gr>
    Panagiotis Christias <christia at noc.ntua.gr>
    Thanasis Duitsis <aduitsis at noc.ntua.gr>

%package devel
Summary:        FreeRADIUS Development Files (static libs)
Group:          Development/Libraries/C and C++
Requires:       %{name}-libs = %{version}

%description devel
These are the static libraries for the FreeRADIUS package.



Authors:
--------
    Miquel van Smoorenburg <miquels@cistron.nl>
    Alan DeKok <aland@ox.org>
    Mike Machado <mike@innercite.com>
    Alan Curry
    various other people

%package doc
Summary:        FreeRADIUS Documentation
Group:          Productivity/Networking/Radius/Servers
Requires:       %{name}

%description doc
This package contains FreeRADIUS Documentation



Authors:
--------
    Miquel van Smoorenburg <miquels@cistron.nl>
    Alan DeKok <aland@ox.org>
    Mike Machado <mike@innercite.com>
    Alan Curry
    various other people

%prep
%setup -q
%patch1
%patch2
%patch3
%patch5
%patch6 -p1
%patch7 -p1
%patch8 -p1
%patch9 -p1
%patch10 -p1
%patch12 -p1
%patch13 -p1

%build
# This package failed when testing with -Wl,-as-needed being default.
# So we disable it here, if you want to retest, just delete this comment and the line below.
export SUSE_ASNEEDED=0
export CFLAGS="$RPM_OPT_FLAGS -DLDAP_DEPRECATED -fstack-protector"
%ifarch x86_64 ppc ppc64 s390 s390x
export CFLAGS="$CFLAGS -fPIC -DPIC"
%endif
export LDFLAGS="-pie"
%configure \
  --disable-static \
  --with-pic \
  --libdir=%{_libdir}/freeradius \
  --disable-ltdl-install \
  --enable-strict-dependencies \
  --with-edir \
  --with-experimental-modules \
  --with-gnu-ld \
  --with-system-libtool \
  --with-udpfromto \
  --without-rlm_eap_ikev2 \
  --without-rlm_eap_tnc \
  --with-rlm-krb5-lib-dir=%{_libdir} \
  --without-rlm_opendirectory \
  --without-rlm_sql_db2 \
  --without-rlm_sql_firebird \
  --without-rlm_sql_iodbc \
  --without-rlm_ruby \
%if %{_oracle_support} == 1
  --with-rlm_sql_oracle \
  --with-oracle-lib-dir=%{_libdir}/oracle/10.1.0.3/client/lib/
%else
  --without-rlm_sql_oracle
%endif
# no parallel build possible
make

%install
mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/lib/radiusd
make install R=$RPM_BUILD_ROOT INSTALLSTRIP=
# modify default configuration
RADDB=$RPM_BUILD_ROOT%{_sysconfdir}/raddb
perl -i -pe 's/^#user =.*$/user = radiusd/'   $RADDB/radiusd.conf
perl -i -pe 's/^#group =.*$/group = radiusd/' $RADDB/radiusd.conf
perl -i -pe 's/^#user =.*$/user = radiusd/'   $RADDB/radrelay.conf
perl -i -pe 's/^#group =.*$/group = radiusd/' $RADDB/radrelay.conf
/sbin/ldconfig -n $RPM_BUILD_ROOT%{_libdir}/freeradius
# logs
touch $RPM_BUILD_ROOT%{_localstatedir}/log/radius/radutmp
touch $RPM_BUILD_ROOT%{_localstatedir}/log/radius/radius.log
# SuSE
install -d     $RPM_BUILD_ROOT%{_sysconfdir}/pam.d
install -d     $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d
install -m 644 suse/radiusd-pam $RPM_BUILD_ROOT%{_sysconfdir}/pam.d/radiusd
install -m 644 suse/radiusd-logrotate $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/radiusd
install -d -m 755 $RPM_BUILD_ROOT%{_sysconfdir}/init.d
install    -m 744 suse/rcradiusd $RPM_BUILD_ROOT%{_sysconfdir}/init.d/freeradius
ln -sf ../..%{_sysconfdir}/init.d/freeradius $RPM_BUILD_ROOT%{_sbindir}/rcfreeradius
cp -al $RPM_BUILD_ROOT%{_sbindir}/radiusd $RPM_BUILD_ROOT%{_sbindir}/radrelay
install    -m 744 suse/rcradius-relayd $RPM_BUILD_ROOT%{_sysconfdir}/init.d/freeradius-relay
ln -sf ../..%{_sysconfdir}/init.d/freeradius-relay $RPM_BUILD_ROOT%{_sbindir}/rcfreeradius-relay
mv -v doc/README doc/README.doc
# install dialup_admin
DIALUPADMIN=$RPM_BUILD_ROOT%{_datadir}/dialup_admin
mkdir -p $DIALUPADMIN
cp -r dialup_admin/* $RPM_BUILD_ROOT%{_datadir}/dialup_admin
# apache2 config
install -d -m 755 $RPM_BUILD_ROOT%{apache2_sysconfdir}/conf.d
install -m 644 suse/admin-httpd.conf $RPM_BUILD_ROOT%{apache2_sysconfdir}/conf.d/radius.conf
# remove unneeded stuff
rm -rf doc/00-OLD
rm -f $RPM_BUILD_ROOT%{_sbindir}/rc.radiusd
rm -rf $RPM_BUILD_ROOT%{_datadir}/doc/freeradius*
rm -rf $RPM_BUILD_ROOT%{_libdir}/freeradius/*.*a
rm -f $RPM_BUILD_ROOT%{_datadir}/dialup_admin/Makefile
rm -f $RPM_BUILD_ROOT%{_defaultdocdir}/%{name}/Makefile
rm -f $RPM_BUILD_ROOT%{_defaultdocdir}/%{name}/examples/Makefile

%pre
%{_sbindir}/groupadd -r radiusd 2> /dev/null || :
%{_sbindir}/useradd -r -g radiusd -s /bin/false -c "Radius daemon" -d \
                  %{_localstatedir}/lib/radiusd radiusd 2> /dev/null || :

%post
# Generate default certificates
if [ $1 -eq 1 ]; then
	/etc/raddb/certs/bootstrap
fi
chgrp radiusd /etc/raddb/certs/*
%{fillup_and_insserv freeradius}

%preun
%stop_on_removal freeradius

%postun
%restart_on_update freeradius
%{insserv_cleanup}

%clean
rm -rf $RPM_BUILD_ROOT

%files doc
%defattr(-,root,root)
%doc doc/*

%files
%defattr(-,root,root)
# doc
%doc suse/README.SuSE
%doc COPYRIGHT CREDITS LICENSE README doc/ChangeLog
# SuSE
%{_sysconfdir}/init.d/freeradius
%{_sysconfdir}/init.d/freeradius-relay
%config %{_sysconfdir}/pam.d/radiusd
%config %{_sysconfdir}/logrotate.d/radiusd
%{_sbindir}/rcfreeradius
%{_sbindir}/rcfreeradius-relay
%dir %attr(755,radiusd,radiusd) %{_localstatedir}/lib/radiusd
# configs
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb
%defattr(-,root,radiusd)
%config(noreplace) %{_sysconfdir}/raddb/dictionary
%config(noreplace) %{_sysconfdir}/raddb/acct_users
%config(noreplace) %{_sysconfdir}/raddb/attrs
%config(noreplace) %{_sysconfdir}/raddb/attrs.access_reject
%config(noreplace) %{_sysconfdir}/raddb/attrs.accounting_response
%config(noreplace) %{_sysconfdir}/raddb/attrs.pre-proxy
%config(noreplace) %{_sysconfdir}/raddb/attrs.access_challenge
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/clients.conf
%config(noreplace) %{_sysconfdir}/raddb/hints
%config(noreplace) %{_sysconfdir}/raddb/huntgroups
%config(noreplace) %{_sysconfdir}/raddb/ldap.attrmap
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sqlippool.conf
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/preproxy_users
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/proxy.conf
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/radiusd.conf
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sql.conf
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/modules
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/modules/*
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/sql
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/sql/mssql
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/sql/mysql
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/sql/oracle
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/sql/postgresql
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/sql/ndb
%{_sysconfdir}/raddb/sql/ndb/README
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sql/*/*.conf
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sql/*/*.sql
%{_sysconfdir}/raddb/sql/oracle/msqlippool.txt
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/users
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/experimental.conf
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/certs
%{_sysconfdir}/raddb/certs/Makefile
%{_sysconfdir}/raddb/certs/README
%{_sysconfdir}/raddb/certs/xpextensions
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/certs/*.cnf
%attr(750,root,radiusd) %{_sysconfdir}/raddb/certs/bootstrap
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/sites-available
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-available/*
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/sites-enabled
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-enabled/*
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/eap.conf
%attr(640,root,radiusd) %{_sysconfdir}/raddb/example.pl
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/policy.conf
%{_sysconfdir}/raddb/policy.txt
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/templates.conf
%attr(700,radiusd,radiusd) %dir %ghost %{_localstatedir}/run/radiusd/
# binaries
%defattr(-,root,root)
%{_sbindir}/checkrad
%{_sbindir}/radiusd
%{_sbindir}/radmin
%{_sbindir}/radrelay
%{_sbindir}/radwatch
%{_sbindir}/raddebug
# man-pages
%doc %{_mandir}/man5/*
%doc %{_mandir}/man8/*
# dictionaries
%attr(755,root,root) %dir %{_datadir}/freeradius
%{_datadir}/freeradius/*
# logs
%attr(700,radiusd,radiusd) %dir %{_localstatedir}/log/radius/
%attr(700,radiusd,radiusd) %dir %{_localstatedir}/log/radius/radacct/
%attr(644,radiusd,radiusd) %{_localstatedir}/log/radius/radutmp
%config(noreplace) %attr(600,radiusd,radiusd) /var/log/radius/radius.log
# RADIUS Loadable Modules
%attr(755,root,root) %dir %{_libdir}/freeradius
%attr(755,root,root) %{_libdir}/freeradius/rlm_*.so*

%files utils
%defattr(-,root,root)
%doc %{_mandir}/man1/*
%{_bindir}/*

%files libs
%defattr(-,root,root)
# RADIUS shared libs
%attr(755,root,root) %dir %{_libdir}/freeradius
%attr(755,root,root) %{_libdir}/freeradius/lib*.so*
%if %{_oracle_support} == 1

%files oracle
%defattr(-,radiusd,radiusd)
%attr(755,root,root) %dir %{_libdir}/freeradius
%attr(755,root,root) %{_libdir}/freeradius/rlm_sql_oracle*.so*
%endif

%files dialupadmin
%defattr(-,root,root)
%dir %{_datadir}/dialup_admin/
%{_datadir}/dialup_admin/bin/
%{_datadir}/dialup_admin/doc/
%{_datadir}/dialup_admin/htdocs/
%{_datadir}/dialup_admin/html/
%{_datadir}/dialup_admin/lib/
%{_datadir}/dialup_admin/sql/
%dir %{_datadir}/dialup_admin/conf/
%config(noreplace) %{_datadir}/dialup_admin/conf/*
%config(noreplace) %{apache2_sysconfdir}/conf.d/radius.conf
%{_datadir}/dialup_admin/Changelog
%{_datadir}/dialup_admin/README

%files devel
%defattr(-,root,root)
%dir %attr(755,root,root) %{_includedir}/freeradius
%attr(644,root,root) %{_includedir}/freeradius/*.h

%changelog