File jailkit.spec of Package jailkit
# norootforbuild
Name: jailkit
Version: 2.6
Release: 0
Summary: Utilities for limited User Accounts
Source: http://olivier.sessink.nl/jailkit/jailkit-%{version}.tar.bz2
Patch1: jailkit-fix_suse_init_script.patch
Patch2: jailkit-fix_lib_order.patch
URL: http://olivier.sessink.nl/jailkit/
Group: Productivity/Security
License: BSD license (revised)
BuildRoot: %{_tmppath}/build-%{name}-%{version}
BuildRequires: python python-devel procmail
BuildRequires: gcc make glibc-devel
BuildRequires: autoconf automake libtool
Requires: /usr/bin/python
Requires: /usr/bin/procmail
PreReq: %insserv_prereq
PreReq: permissions
%description
Jailkit is a set of utilities to limit user accounts to specific files using
chroot() and or specific commands. Setting up a chroot shell, a shell limited
to some specific command, or a daemon inside a chroot jail is a lot easier and
can be automated using these utilities.
Jailkit is used in network security appliances from several well known
manufacturers, internet servers from several large enterprise organisations,
servers from internet service providers, as well as many smaller companies and
private users that need to secure cvs, sftp, shell or daemon processes.
Authors:
--------
Olivier Sessink
%debug_package
%prep
%setup -q
%patch1
%patch2
%build
LDFLAGS="-lpthread" \
%configure
%__make %{?jobs:-j%{jobs}}
%install
%makeinstall
# remove SUID bits and install permissions file
%__install -d "%{buildroot}/etc/permissions.d"
>"%{buildroot}/etc/permissions.d/%{name}"
>"%{buildroot}/etc/permissions.d/%{name}.secure"
for f in "%{_sbindir}/jk_chrootsh" \
"%{_sbindir}/jk_procmailwrapper" \
"%{_bindir}/jk_uchroot" \
; do
%__chmod -s "%{buildroot}/$f"
echo -e "$f\t\troot.root 4755" >> "%{buildroot}/etc/permissions.d/%{name}"
echo -e "$f\t\troot.root 0755" >> "%{buildroot}/etc/permissions.d/%{name}.secure"
done
%__install -D -m0755 extra/jailkit.suse \
"%{buildroot}/etc/init.d/jailkit"
%__install -d "%{buildroot}/usr/sbin"
%__ln_s ../../etc/init.d/jailkit "%{buildroot}/usr/sbin/rcjailkit"
%post
%run_permissions
%{fillup_and_insserv -f jailkit}
%verifyscript
%verify_permissions -e %{_sbindir}/jk_chrootsh
%verify_permissions -e %{_sbindir}/jk_procmailwrapper
%verify_permissions -e %{_bindir}/jk_uchroot
%preun
%stop_on_removal jailkit
%postun
%restart_on_update jailkit
%insserv_cleanup
%clean
%__rm -rf "%{buildroot}"
%files
%defattr(-,root,root)
%doc COPYRIGHT README.txt
%dir %{_sysconfdir}/jailkit
%config(noreplace) %{_sysconfdir}/jailkit/jk_*.ini
/etc/init.d/jailkit
/usr/sbin/rcjailkit
%config /etc/permissions.d/%{name}
%config /etc/permissions.d/%{name}.secure
%verify(not mode) %{_bindir}/jk_uchroot
%{_sbindir}/jk_addjailuser
%{_sbindir}/jk_check
%{_sbindir}/jk_chrootlaunch
%verify(not mode) %{_sbindir}/jk_chrootsh
%{_sbindir}/jk_cp
%{_sbindir}/jk_init
%{_sbindir}/jk_jailuser
%{_sbindir}/jk_list
%{_sbindir}/jk_lsh
%verify(not mode) %{_sbindir}/jk_procmailwrapper
%{_sbindir}/jk_socketd
%{_sbindir}/jk_update
%{_datadir}/jailkit
%doc %{_mandir}/man8/jailkit.8*
%doc %{_mandir}/man8/jk_*.8*
%changelog
* Thu Apr 2 2009 Pascal Bleser <pascal.bleser@opensuse.org> 2.6
- update to 2.6:
* this maintenance update includes some small code cleanups
* Mon Mar 16 2009 Pascal Bleser <pascal.bleser@opensuse.org> 2.5
- new package
# vim: set sw=3 ts=3 noet:
# Local Variables:
# mode: rpm-spec
# tab-width: 3
# End:
