File tac_plus.spec of Package tac_plus

#
# spec file for package tac_plus
#
# Copyright (c) 2016 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via http://bugs.opensuse.org/
#

%if 0%{?suse_version} > 1140 || 0%{?fedora_version} > 14
%define has_systemd 1
%else
%define has_systemd 0
%endif

Name:           tac_plus
Version:        4.0.4.28
Release:        0
Summary:        TACACS+ server based on Cisco engineering release
License:        BSD
Group:          Productivity/Networking/System
Url:            http://www.shrubbery.net/tac_plus/
Source0:        ftp://ftp.shrubbery.net/pub/%{name}/tacacs-F%{version}.tar.gz
BuildRoot:      %{_tmppath}/%{name}-%{version}-build
Source1:        tac_plus.conf
Source2:        tac_plus.pamd
Source3:        tac_plus.init
Source4:        tac_plus.service
BuildRequires:  bison
BuildRequires:  flex
BuildRequires:  gcc
BuildRequires:  pam-devel
BuildRequires:  tcpd-devel
%if 0%{?suse_version} >= 1500
BuildRequires:  libnsl-devel
%endif
%if 0%{?has_systemd}
BuildRequires:  systemd
%{?systemd_requires}
%endif

%description
The base source for this TACACS+ package is Cisco's publicly available TACACS+
"developer's kit", for which we are grateful.

We needed a way to limit certain groups within the company from logging into
or getting enable access on certain devices. Access lists (ACLs) of a sort have
been added that match against the address of the device speaking with the
daemon.

Being paranoid, we also wanted to limit which hosts could connect to the
daemon. This can be done with tcp_wrappers via inetd, but this does not work if
the daemon is running standalone. So, calls to libwrap, the tcp_wrappers
library, have been added. For the source and more information about
tcp_wrappers, see Wietse Venema's site at http://www.porcupine.org/.

Along the way we have also added autoconf, expanded the manual pages,
cleaned-up various formatting and STD C nits, added PAM authentication support,
and fixed a few LP64 problems.

Of course we have also received some enchancement requests from users. One of
which was the addition of a host clause (per-host configuration). This has been
added; ported from Devrim Seral's implementation. See the documentation for
further information. 

%package devel
Summary:        TAC Plus development files
Group:          Development/Languages/C and C++
Requires:       %name = %version

%description devel
Development files for TAC Plus

%package -n libtacacs1

Summary:        TACACS+ library
Group:          Development/Languages/C and C++

%description -n libtacacs1
This package contains TACACS+ library


%prep
%setup -q -n tacacs-F%{version}

%build
%configure
%__make

%install
%makeinstall

%__mkdir -p %buildroot/{%{_sbindir},%{_initrddir},%{_sysconfdir}/{pam.d,sysconfig}}
%__install -m 640 %{SOURCE1} %buildroot/%{_sysconfdir}/
%__install -m 644 %{SOURCE2} %buildroot/%{_sysconfdir}/pam.d/%{name}
%if 0%{?has_systemd}
%{__mkdir} -p %{buildroot}%_unitdir
%{__install} -Dm 644 %{SOURCE4} %{buildroot}%_unitdir/%{name}.service
(cd %{buildroot}%_sbindir && ln -sf /usr/sbin/service rc%{name})
%else
%__install -m 755 %{SOURCE3} %buildroot/%{_initrddir}/%{name}
%__ln_s %{_initrddir}/%{name} %buildroot/%_sbindir/rc%{name}
%endif
%__mv %buildroot/%{_datadir}/{tacacs,tac_plus}
%__rm %buildroot/%{_libdir}/*.{a,la}

%clean
%__rm -rf %buildroot

%pre
%if 0%{?has_systemd}
%service_add_pre %{name}.service
%endif

%post -n libtacacs1 -p /sbin/ldconfig
%if 0%{?has_systemd}
%service_add_post %{name}.service
%endif

%preun
%if 0%{?has_systemd}
%service_del_preun %{name}.service
%else
%stop_on_removal
%endif

%postun -n libtacacs1 -p /sbin/ldconfig
%if 0%{?has_systemd}
%service_del_postun %{name}.service
%else
%restart_on_update
%endif

%files
%defattr(-,root,root)
%{_bindir}/tac_pwd
%{_sbindir}/tac_plus
%{_sbindir}/rc%{name}
%config(noreplace) %{_sysconfdir}/%{name}.conf
%config(noreplace) %{_sysconfdir}/pam.d/%{name}
%if 0%{?has_systemd}
%_unitdir/%{name}.service
%else
%{_initrddir}/%{name}
%endif
%{_datadir}/%{name}
%{_mandir}/*/*.gz

%files devel
%defattr(-,root,root)
%{_includedir}/tacacs.h
%{_libdir}/libtacacs.so

%files -n libtacacs1
%defattr(-,root,root)
%{_libdir}/libtacacs.so.1
%{_libdir}/libtacacs.so.1.0.0

%changelog