File puppet.spec of Package puppet
#
# spec file for package puppet
#
# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
# Evergreen/11.1: sync with 11.3
# norootforbuild
%define _fwdefdir /etc/sysconfig/SuSEfirewall2.d/services
Name: puppet
Version: 0.25.4
Release: 4.<RELEASE7>
License: GPLv2+
Group: Productivity/Networking/System
Url: http://reductivelabs.com/projects/puppet/
Source: %{name}-%{version}.tar.bz2
Source1: puppetmaster.fw
Source2: puppet.fw
Source3: puppet.sysconfig
Source4: puppetlabs-cve20113872-0.0.5.tar.gz
Source5: CVE-2011-3872.msg
Patch: %{name}-%{version}-yumconf.diff
Patch1: %{name}-%{version}-init.diff
Patch2: %{name}-%{version}-zypper.diff
# PATCH-FIX-UPSTREAM bnc#721139 CVE-2011-3848
Patch3: puppet-0.25.4-CVE-2011-3848.patch
# PATCH-FIX-UPSTREAM bnc#727025 CVE-2011-3870
Patch4: puppet-0.25.4-CVE-2011-3870.patch
# PATCH-FIX-UPSTREAM CVE-2011-3871
Patch5: 0.25-9792-Predictable-temporary-filename-in-ralsh.patch
# PATCH-FIX-UPSTREAM bnc#727024 CVE-2011-3869
Patch7: 0.25.x-9794-k5login-can-overwrite-arbitrary-files-as-root.patch
# PATCH-FIX-UPSTREAM bnc#726372 CVE-2011-3872
Patch8: puppet-0.25.4-CVE-2011-3872.patch
Requires: ruby >= 1.8.1
Requires: facter >= 1.1.4
PreReq: pwdutils %insserv_prereq %fillup_prereq
BuildRequires: facter >= 1.1.4
BuildRequires: ruby >= 1.8.1
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Summary: A network tool for managing many disparate systems
%description
Puppet lets you centrally manage every important aspect of your system
using a cross-platform specification language that manages all the
separate elements normally aggregated in different files, like users,
cron jobs, and hosts, along with obviously discrete elements like
packages, services, and files.
%package server
License: GPLv2+
Group: Productivity/Networking/System
PreReq: puppet = %{version}-%{release} %insserv_prereq %fillup_prereq
Summary: A network tool for managing many disparate systems
%description server
Puppet lets you centrally manage every important aspect of your system
using a cross-platform specification language that manages all the
separate elements normally aggregated in different files, like users,
cron jobs, and hosts, along with obviously discrete elements like
packages, services, and files.
%prep
%setup -q
%patch
%patch1
%patch2
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch7 -p1
%patch8 -p1
tar xf %{S:4}
sed -i 's#/usr/local/bin/ruby#/usr/bin/ruby#' lib/puppet/external/nagios.rb
%build
%install
DESTDIR=$RPM_BUILD_ROOT ruby -rvendor-specific install.rb install --prefix=%{buildroot}
install -d -m 755 $RPM_BUILD_ROOT/var/lib/puppet
mkdir -p $RPM_BUILD_ROOT/etc/puppet
mkdir -p $RPM_BUILD_ROOT/etc/init.d
mkdir -p $RPM_BUILD_ROOT/sbin
mkdir -p $RPM_BUILD_ROOT/var/lib/puppet
mkdir -p $RPM_BUILD_ROOT/var/run/puppet
mkdir -p $RPM_BUILD_ROOT/var/log/puppet
mkdir -p $RPM_BUILD_ROOT/%{_fwdefdir}
install -m0644 conf/redhat/puppet.conf $RPM_BUILD_ROOT/etc/puppet/puppet.conf
install -m0755 conf/suse/client.init $RPM_BUILD_ROOT/etc/init.d/puppet
install -m0755 conf/suse/server.init $RPM_BUILD_ROOT/etc/init.d/puppetmasterd
ln -sf ../../etc/init.d/puppet $RPM_BUILD_ROOT/%{_sbindir}/rcpuppet
ln -sf ../../etc/init.d/puppetmasterd $RPM_BUILD_ROOT/%{_sbindir}/rcpuppetmasterd
install -m 644 %SOURCE1 $RPM_BUILD_ROOT/%{_fwdefdir}/puppetmasterd
install -m 644 %SOURCE1 $RPM_BUILD_ROOT/%{_fwdefdir}/puppet
mkdir -p $RPM_BUILD_ROOT/var/adm/fillup-templates
cp %{S:3} $RPM_BUILD_ROOT/var/adm/fillup-templates/sysconfig.puppet
mkdir -p $RPM_BUILD_ROOT%{_docdir}/%{name}
# avoid rpm warnings
find puppetlabs-cve20113872-0.0.5 -type f -exec chmod -x \{\} \;
cp -R puppetlabs-cve20113872-0.0.5 $RPM_BUILD_ROOT/%{_docdir}/%{name}
%suse_install_update_message %{S:5}
%clean
rm -rf $RPM_BUILD_ROOT
%pre
getent group puppet >/dev/null || /usr/sbin/groupadd -o -r puppet
getent passwd puppet >/dev/null || /usr/sbin/useradd -r -g puppet -d /var/lib/puppet -s /bin/false -c "Puppet daemon" puppet
%preun
%stop_on_removal puppet
%postun
%restart_on_update puppet
%insserv_cleanup
%post
%fillup_and_insserv
%preun server
%stop_on_removal puppetmasterd
%post server
%fillup_and_insserv -f
%postun server
%restart_on_update puppetmasterd
%insserv_cleanup
%files
%defattr(-,root,root,-)
%doc CHANGELOG COPYING LICENSE README
%doc puppetlabs-cve20113872-0.0.5
%{_bindir}/pi
%{_bindir}/filebucket
%{_bindir}/puppet
%{_bindir}/ralsh
%{_bindir}/puppetdoc
%{_sbindir}/puppetca
%dir %{_libdir}/ruby/vendor_ruby/%{rb_ver}/puppet
%{_libdir}/ruby/vendor_ruby/%{rb_ver}/puppet/*
%{_libdir}/ruby/vendor_ruby/%{rb_ver}/puppet.rb
%dir /etc/puppet
%dir /var/lib/puppet
%dir /var/log/puppet
%dir /var/run/puppet
%config /etc/puppet/puppet.conf
%{_mandir}/man?/*
/etc/init.d/puppet
%{_sbindir}/rcpuppet
%{_sbindir}/puppetd
%config %{_fwdefdir}/puppet
/var/adm/fillup-templates/sysconfig.puppet
/var/adm/update-messages/%{name}-%{version}-%{release}-CVE-2011-3872.msg.txt
%files server
%defattr(-, root, root, 0755)
%dir %attr(755,root,root) /var/lib/puppet
%{_sbindir}/puppetmasterd
%{_sbindir}/puppetrun
/etc/init.d/puppetmasterd
%config %{_fwdefdir}/puppetmasterd
%{_sbindir}/rcpuppetmasterd
%{_sbindir}/puppetqd
%changelog
