File rhnmd.spec of Package rhnmd.3888
#
# spec file for package rhnmd
#
# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
%global np_name nocpulse
%global identity %{_var}/lib/%{np_name}/.ssh/nocpulse-identity
%{!?fedora: %global sbinpath /sbin}%{?fedora: %global sbinpath %{_sbindir}}
%if 0%{!?_initddir:1}
%if 0%{?suse_version}
%global _initddir %{_sysconfdir}/init.d
%global sbinpath /sbin
%else
%global _initddir %{_sysconfdir}/rc.d/init.d
%endif
%endif
Summary: Spacewalk Monitoring Daemon
License: GPL-2.0
Group: System Environment/Daemons
Name: rhnmd
Url: https://fedorahosted.org/spacewalk
Source0: rhnmd-git-0.fe2ed9a.tar.gz
Version: 5.3.18.4
Release: 0
BuildArch: noarch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Requires: openssh
%if 0%{?suse_version}
PreReq: pwdutils %fillup_prereq %insserv_prereq
# make chkconfig work during build
BuildRequires: sysconfig
%else
Requires: openssh-server
%if 0%{?fedora}
Requires(post): chkconfig
Requires(preun): chkconfig
Requires(post): systemd-sysv
Requires(preun): systemd-sysv
Requires(post): systemd-units
Requires(preun): systemd-units
BuildRequires: systemd-units
%else
Requires(post): chkconfig
Requires(preun): chkconfig
# This is for /sbin/service
Requires(preun): initscripts
Requires(postun): initscripts
%endif
%endif
%if 0%{?suse_version} >= 1210
BuildRequires: systemd
%{?systemd_requires}
%endif
BuildRequires: pam-devel
Obsoletes: rhnmd.i386 < 5.3.0-5
Obsoletes: rhnmd.x86_64 < 5.3.0-5
Provides: rhnmd.i386 = %{version}
Provides: rhnmd.x86_64 = %{version}
Requires(post): /usr/sbin/semanage, %{sbinpath}/restorecon
Requires(preun): /usr/sbin/semanage
%description
rhnmd enables secure ssh-based communication between the monitoring
scout and the monitored host.
%prep
%setup -q -n rhnmd-git-0.fe2ed9a
%build
#nothing to do
%install
rm -rf $RPM_BUILD_ROOT
mkdir -p $RPM_BUILD_ROOT%{_usr}/sbin
mkdir -p $RPM_BUILD_ROOT%{_usr}/lib
mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/%{np_name}
mkdir -p $RPM_BUILD_ROOT%{_var}/lib/%{np_name}/.ssh
mkdir -p $RPM_BUILD_ROOT%{_var}/lib/%{np_name}/sbin
mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/pam.d
mkdir -p $RPM_BUILD_ROOT%{_libdir}
ln -sf sshd $RPM_BUILD_ROOT%{_usr}/sbin/rhnmd
%if 0%{?suse_version} >= 1100
mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services
install -m 644 rhnmd.fw $RPM_BUILD_ROOT/%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/rhnmd
%endif
%if 0%{?suse_version}
%if 0%{?suse_version} >= 1210
mkdir -p $RPM_BUILD_ROOT/%{_unitdir}
install -m 0644 rhnmd.service $RPM_BUILD_ROOT/%{_unitdir}/
ln -sf %{_sbindir}/service $RPM_BUILD_ROOT/%{_sbindir}/rcrhnmd
%else
mkdir -p $RPM_BUILD_ROOT%{_initddir}
install -pm 0755 rhnmd.init.SUSE $RPM_BUILD_ROOT%{_initddir}/rhnmd
ln -sf ../../etc/init.d/rhnmd $RPM_BUILD_ROOT/%{_sbindir}/rcrhnmd
%endif
%else
%if 0%{?fedora}
mkdir -p $RPM_BUILD_ROOT/%{_unitdir}
install -m 0644 rhnmd.service $RPM_BUILD_ROOT/%{_unitdir}/
%else
mkdir -p $RPM_BUILD_ROOT%{_initddir}
install -pm 0755 rhnmd-init $RPM_BUILD_ROOT%{_initddir}/rhnmd
%endif
%endif
install -pm 0755 rhnmd_create_key.sh $RPM_BUILD_ROOT%{_var}/lib/%{np_name}/sbin/
install -pm 0644 rhnmd_config $RPM_BUILD_ROOT%{_sysconfdir}/%{np_name}/rhnmd_config
install -pm 0600 authorized_keys $RPM_BUILD_ROOT%{_var}/lib/%{np_name}/.ssh/authorized_keys
install -pm 0644 rhnmd-pam_config $RPM_BUILD_ROOT%{_sysconfdir}/pam.d/rhnmd
%pre
if [ $1 -eq 1 ] ; then
getent group %{np_name} >/dev/null || groupadd -r %{np_name}
%if !0%{?suse_version}
getent passwd %{np_name} >/dev/null || \
useradd -r -g %{np_name} -d %{_var}/lib/%{np_name} -c "NOCpulse user" %{np_name}
/usr/bin/passwd -l %{np_name} >/dev/null
%else
# SUSE sshd do not allow to login into locked accounts
getent passwd %{np_name} >/dev/null || \
useradd -r -g %{np_name} -d %{_var}/lib/%{np_name} -c "NOCpulse user" %{np_name} -s /bin/bash
%if 0%{?suse_version} && 0%{?suse_version} < 1110
# SLES 10 useradd create locked account
# SUSE sshd do not allow a normal user to login to a locked account
echo "%{np_name}:*" | /usr/sbin/chpasswd -e
%endif
%endif
exit 0
fi
# Old NOCpulse packages has home in /home/nocpulse.
# We need to migrate them to new place.
if getent passwd %{np_name} >/dev/null && [ -d /home/nocpulse ]; then
/usr/sbin/usermod -d %{_var}/lib/%{np_name} -m nocpulse
rm -rf %{_var}/lib/nocpulse/bin
rm -rf %{_var}/lib/nocpulse/var
fi
%if 0%{?suse_version} >= 1210
%service_add_pre rhnmd.service
%endif
%post
# keygen is done in init script. Doing this in %post is bad for using this rpm in appliances.
%if !0%{?suse_version}
if [ ! -f %{identity} ]
then
%{sbinpath}/runuser -s /bin/bash -c "/usr/bin/ssh-keygen -q -t dsa -N '' -f %{identity}" - %{np_name}
fi
%endif
%if 0%{?suse_version} >= 1210
%service_add_post rhnmd.service
%else
%if 0%{?suse_version} && 0%{?suse_version} < 1210
%{fillup_and_insserv rhnmd}
%else
if [ -f /etc/init.d/rhnmd ]; then
/sbin/chkconfig --add rhnmd
fi
/usr/sbin/semanage fcontext -a -t sshd_key_t '/var/lib/nocpulse/\.ssh/nocpulse-identity' || :
%if 0%{?rhel} && "%rhel" < "6"
/usr/sbin/semanage fcontext -a -t sshd_key_t '/var/lib/nocpulse/\.ssh/authorized_keys' || :
%else
/usr/sbin/semanage fcontext -a -t ssh_home_t '/var/lib/nocpulse/\.ssh/authorized_keys' || :
%endif
/sbin/restorecon -rvv /var/lib/nocpulse || :
%if 0%{?fedora} || 0%{?rhel} > 6
/usr/sbin/semanage port -l | grep -q '^ssh_port_t\b.*\btcp\b.*\b4545\b' || /usr/sbin/semanage port -a -t ssh_port_t -p tcp 4545 || :
%endif
%endif
%endif
%preun
%if 0%{?suse_version} >= 1210
%service_del_preun rhnmd.service
%else
%if 0%{?suse_version} && 0%{?suse_version} < 1210
%stop_on_removal rhnmd
%else
if [ $1 = 0 ]; then
%if 0%{?fedora}
/bin/systemctl stop rhnmd.service >/dev/null 2>&1
/usr/sbin/semanage port -d -t ssh_port_t -p tcp 4545 || :
%else
/sbin/service rhnmd stop > /dev/null 2>&1
%endif
if [ -f /etc/init.d/rhnmd ]; then
/sbin/chkconfig --del rhnmd
fi
fi
%endif
%endif
%postun
%if 0%{?suse_version} >= 1210
%service_del_preun rhnmd.service
%else
%if 0%{?suse_version} && 0%{?suse_version} < 1210
%restart_on_update rhnmd
%{insserv_cleanup}
%endif
%endif
%clean
rm -rf $RPM_BUILD_ROOT
%files
%defattr(-, root,root,-)
%dir %{_sysconfdir}/%{np_name}
%config(noreplace) %{_sysconfdir}/pam.d/rhnmd
%dir %attr(-, %{np_name},%{np_name}) %{_var}/lib/%{np_name}
%dir %attr(700, %{np_name},%{np_name}) %{_var}/lib/%{np_name}/.ssh
%dir %attr(-, %{np_name},%{np_name}) %{_var}/lib/%{np_name}/sbin
%config(noreplace) %attr(-, %{np_name},%{np_name}) %{_var}/lib/%{np_name}/.ssh/authorized_keys
%{_var}/lib/%{np_name}/sbin/*
%{_usr}/sbin/rhnmd
%config(noreplace) %{_sysconfdir}/%{np_name}/rhnmd_config
%if 0%{?fedora} || 0%{?suse_version} >= 1210
%{_unitdir}/rhnmd.service
%else
%{_initddir}/rhnmd
%endif
%doc LICENSE
%if 0%{?suse_version} >= 1100
%config %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/rhnmd
%endif
%if 0%{?suse_version}
%{_sbindir}/rcrhnmd
%endif
%changelog
