%define name squid %define version 2.4.STABLE7 %define release 1.1mdk %define p_url http://www.squid-cache.org/Versions/v2/2.4/bugs %define p_name squid-2.4.stable2 ## Redefine configure values. %define _bindir %{_prefix}/sbin %define _libexecdir %{_libdir}/squid %define _initrddir /etc/rc.d/init.d/ %define _sysconfdir /etc/squid %define _localstatedir /var Summary: The Squid proxy caching server. Name: %{name} Version: %{version} Release: %{release} License: GPL Group: System/Servers Url: http://www.squid-cache.org Source: ftp.squid-cache.org:/pub/squid-2/STABLE/%{name}-%{version}-src.tar.bz2 Source1: http://www.squid-cache.org/Squid/FAQ/FAQ.sgml Source2: squid.init.bz2 Source3: squid.logrotate.bz2 Source4: squid.conf.authenticate.bz2 Source5: smb.conf.bz2 Source6: squid.conf.transparent.bz2 Source7: rc.firewall.bz2 Source8: ERR_CUSTOM_ACCESS_DENIED.English.bz2 Source9: ERR_CUSTOM_ACCESS_DENIED.French.bz2 Patch0: squid-2.1-make.patch.bz2 Patch1: squid-2.3-config.patch.bz2 Patch2: squid-perlpath.patch.bz2 Patch3: squid-2.4.STABLE2-user_group.patch.bz2 BuildRoot: %{_tmppath}/%{name}-root Prereq: /sbin/chkconfig logrotate shadow-utils BuildRequires: openldap-devel pam-devel sgml-tools %description Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools. Install squid if you need a proxy caching server. %prep %setup -q %patch1 %patch2 -p1 %patch3 -p1 %patch0 -p1 %build %serverbuild perl -p -i -e 's|SAMBAPREFIX=/usr/local/samba|SAMBAPREFIX=/usr|' auth_modules/SMB/Makefile.in perl -p -i -e 's|SAMBAPREFIX=/usr/local/samba|SAMBAPREFIX=/usr|' auth_modules/SMB/Makefile %configure --enable-poll --enable-snmp --enable-removal-policies="heap,lru" \ --enable-useragent-log --enable-carp --enable-async-io \ --enable-storeio="aufs,coss,diskd,ufs,null" --enable-htcp \ --enable-delay-pools --enable-linux-netfilter --with-pthreads \ --enable-auth-modules="LDAP,YP,NCSA,PAM,SMB,MSNT,multi-domain-NTLM" # --enable-icmp # Some versions of autoconf fail to detect sys/resource.h correctly; # apparently because it generates a compiler warning. if [ -e /usr/include/sys/resource.h ]; then cat >>include/autoconf.h <<EOF #ifndef HAVE_SYS_RESOURCE_H #define HAVE_SYS_RESOURCE_H 1 #define HAVE_STRUCT_RUSAGE 1 #endif EOF fi make -f makefile mkdir faq cp %{SOURCE1} faq cd faq sgml2html FAQ.sgml %install [ -n "%{buildroot}" -a "%{buildroot}" != / ] && rm -rf %{buildroot} %makeinstall cd errors rm -rf %{buildroot}%{_sysconfdir}/errors mkdir -p %{buildroot}%{_libexecdir}/errors for i in *; do if [ -d $i ]; then mkdir -p %{buildroot}%{_libexecdir}/errors/$i install -m 644 $i/* %{buildroot}%{_libexecdir}/errors/$i fi done ln -fs %{_libexecdir}/errors/English %{buildroot}%{_sysconfdir}/errors mkdir -p %{buildroot}%{_initrddir} mkdir -p %{buildroot}/etc/{logrotate.d,pam.d} bzcat %{SOURCE2} > %{buildroot}/%{_initrddir}/squid bzcat %{SOURCE3} > %{buildroot}/etc/logrotate.d/squid cp %{_builddir}/%{name}-%{version}/auth_modules/SMB/smb_auth.sh $RPM_BUILD_ROOT/%{_libexecdir} cp %{_builddir}/%{name}-%{version}/auth_modules/multi-domain-NTLM/smb_auth.pl $RPM_BUILD_ROOT/%{_libexecdir} perl -p -i -e 's|use Authen::Smb|use Authen::Smb::Smb|' $RPM_BUILD_ROOT/%{_libexecdir}/smb_auth.pl mv $RPM_BUILD_ROOT/%{_bindir}/*auth $RPM_BUILD_ROOT/%{_libexecdir} cp ../auth_modules/LDAP/README %{_builddir}/%{name}-%{version}/README.auth_ldap mkdir -p %{buildroot}/%{_mandir}/man8 cp ../auth_modules/LDAP/*.8 %{buildroot}/%{_mandir}/man8 cp ../auth_modules/SMB/README %{_builddir}/%{name}-%{version}/README.auth_smb cp ../auth_modules/MSNT/README.html %{_builddir}/%{name}-%{version}/README.auth_msnt.html bzcat %{SOURCE4} > %{_builddir}/%{name}-%{version}/squid.conf.authenticate bzcat %{SOURCE5} > %{_builddir}/%{name}-%{version}/smb.conf bzcat %{SOURCE6} > %{_builddir}/%{name}-%{version}/squid.conf.transparent bzcat %{SOURCE7} > %{_builddir}/%{name}-%{version}/rc.firewall mkdir -p %{buildroot}/%{_libexecdir}/errors/{English,French} bzcat %{SOURCE8} > %{buildroot}/%{_libexecdir}/errors/English/ERR_CUSTOM_ACCESS_DENIED bzcat %{SOURCE9} > %{buildroot}/%{_libexecdir}/errors/French/ERR_CUSTOM_ACCESS_DENIED strip $RPM_BUILD_ROOT/%{_libexecdir}/{msnt_auth,pam_auth,unlinkd,diskd} strip $RPM_BUILD_ROOT/%{_libexecdir}/{ncsa_auth,smb_auth,squid_ldap_auth,yp_auth} cat >> %{buildroot}/etc/pam.d/squid <<EOF #%PAM-1.0 auth required /lib/security/pam_stack.so service=system-auth auth required /lib/security/pam_nologin.so account required /lib/security/pam_stack.so service=system-auth password required /lib/security/pam_stack.so service=system-auth session required /lib/security/pam_stack.so service=system-auth session required /lib/security/pam_limits.so EOF mkdir -p %{buildroot}/var/log/squid mkdir -p %{buildroot}/var/spool/squid %clean [ -n "%{buildroot}" -a "%{buildroot}" != / ] && rm -rf %{buildroot} %pre /usr/sbin/useradd -u 23 -d /var/spool/squid -r -s /dev/null squid >/dev/null 2>&1 for i in /var/log/squid /var/spool/squid ; do if [ -d $i ] ; then for adir in `find $i -maxdepth 0 \! -user squid`; do chown -R squid.squid $adir done fi done %post %_post_service squid case "$LANG" in bg*) DIR=Bulgarian ;; cs*) DIR=Czech ;; da*) DIR=Danish ;; nl*) DIR=Dutch ;; en*) DIR=English ;; ea*) DIR=Estonian ;; fi*) DIR=Finnish ;; fr*) DIR=French ;; de*) DIR=German ;; hu*) DIR=Hungarian ;; it*) DIR=Italian ;; ja*) DIR=Japanese ;; kr*) DIR=Korean ;; pl*) DIR=Polish ;; pt*) DIR=Portuguese ;; ro*) DIR=Romanian ;; ru*) DIR=Russian-koi8-r ;; sk*) DIR=Slovak ;; es*) DIR=Spanish ;; sv*) DIR=Swedish ;; zh*) DIR=Traditional_Chinese ;; tr*) DIR=Turkish ;; *) DIR=English ;; esac # ln -sf %{_libexecdir}/errors/$DIR %{_sysconfdir}/errors %preun %_preun_service squid if [ $1 = 0 ] ; then rm -f /var/log/squid/* /sbin/chkconfig --del squid fi %postun if [ $1 = 0 ] ; then userdel squid fi %files %defattr(-,root,root) %doc faq/* README* squid.conf.* rc.firewall smb.conf ChangeLog QUICKSTART doc/* %doc contrib/url-normalizer.pl contrib/rredir.* contrib/user-agents.pl %config(noreplace) %{_sysconfdir}/squid.conf %config(noreplace) %{_sysconfdir}/mime.conf %config(noreplace) %{_sysconfdir}/mib.txt %config(noreplace) %{_sysconfdir}/squid.conf.default %config(noreplace) %{_sysconfdir}/mime.conf.default %config(noreplace) /etc/pam.d/squid %attr(755,root,squid) %config(noreplace) %{_initrddir}/squid %config(noreplace) /etc/logrotate.d/squid %{_sysconfdir}/errors %{_libexecdir}/errors %{_libexecdir}/icons %{_libexecdir}/diskd %{_libexecdir}/unlinkd %{_libexecdir}/cachemgr.cgi %attr(7755,root,squid) %{_libexecdir}/pam_auth %attr(755,root,squid) %{_libexecdir}/msnt_auth %attr(755,root,squid) %{_libexecdir}/smb_auth* %attr(755,root,squid) %{_libexecdir}/squid_ldap_auth %attr(755,root,squid) %{_libexecdir}/yp_auth %{_sbindir}/squid %{_sbindir}/client %{_mandir}/man8/* %attr(755,squid,squid) %dir /var/log/squid %attr(755,squid,squid) %dir /var/spool/squid %changelog * Thu Jul 04 2002 Vincent Danen <vdanen@mandrakesoft.com> 2.4.STABLE7-1.1mdk - 2.4.STABLE7 (there are more security fixes) - 8.1/8.2 * Fri Jun 28 2002 Christian Belisle <cbelisle@mandrakesoft.com> 2.4.STABLE6-1.4mdk - Add Patch[4,5] for security fix for 8.1/8.2. * Wed Mar 27 2002 Vincent Danen <vdanen@mandrakesoft.com> 2.4.STABLE6-1.1mdk - security fix for 8.1/8.2 * Wed Mar 27 2002 Vincent Danen <vdanen@mandrakesoft.com> 2.4.STABLE6-1mdk - 2.4STABLE6 * Mon Feb 25 2002 Florin <florin@mandrakesoft.com> 2.4.STABLE4-2mdk - make sure SAMBAPREFIX is replaced in the Makefile (thx to L.F.L. Mejia) - use some sugestions for lrus, post link (thx to M.Ducea) - remove some useless checking for a null cache (thx to A.Borsenkow) * Thu Feb 21 2002 Florin <florin@mandrakesoft.com> 2.4.STABLE4-1mdk - 2.4.STABLE4 * Wed Feb 13 2002 Florin <florin@mandrakesoft.com> 2.4.STABLE3-2mdk - add the possibility of a null cache config * Mon Jan 14 2002 Florin <florin@mandrakesoft.com> 2.4.STABLE3-1mdk - 2.4.STABLE3 - better name for patch3 * Tue Nov 06 2001 Florin <florin@mandrakesoft.com> 2.4.STABLE2-4mdk - bring back the pre and postun and modify the preun section for 7.2 - users * Fri Oct 19 2001 Florin <florin@mandrakesoft.com> 2.4.STABLE2-3mdk - rebuild for db3 * Thu Oct 11 2001 Florin <florin@mandrakesoft.com> 2.4.STABLE2-2mdk - rebuild for db3 * Fri Oct 05 2001 Florin <florin@mandrakesoft.com> 2.4.STABLE2-1mdk - 2.4.STABLE2 - add the ldap_auth man page - new squid.conf.authenticate file - add the squid.ldap.transparent, ERR_CUSTOM*, rc.firewall files - run again as squid.squid user.group like in good old days - replace the nogroup patch with squid.squid.patch * Wed Oct 03 2001 Florin <florin@mandrakesoft.com> 2.4.STABLE1-11mdk - better explanation for the samba auth in the sample conf file * Wed Oct 03 2001 Florin <florin@mandrakesoft.com> 2.4.STABLE1-10mdk - modify a bit the ldap authentication -> squid*ldap*patch - add the authenticate README files - add a sample squid.conf.authenticate file, including diskd - NIS, samba, ldap, pam authentication have been tested - modify the SAMBAPREFIX var for samba authentication - add a smb.conf sample file in docs - s/use Authen::Smb/use Authen::Smb::Smb in smb_auth.pl - remove the ncsa_auth module as it doesn't seem to work (use pam anyway) * Fri Sep 28 2001 Stefan van der Eijk <stefan@eijk.nu> 2.4.STABLE1-9mdk - BuildRequires: openldap-devel pam-devel - Removed BuildRequires: jade * Thu Aug 09 2001 Florin Grad <florin@mandrakesoft.com> 2.4.STABLE1-8mdk - fix the authentication - add two authentication scripts (.sh & .pl) * Fri Aug 03 2001 Florin <florin@mandrakesoft.com> 2.4.STABLE1-7mdk - add the forgotten diskd. Thanks to Ian C. Sison for letting me now. * Wed Jul 18 2001 Stefan van der Eijk <stefan@eijk.nu> 2.4.STABLE1-6mdk - BuildRequires: openldap-devel pam-devel - Removed BuildRequires: jade * Tue Jul 17 2001 Florin <florin@mandrakesoft.com> 2.4.STABLE1-5mdk - add the nogroup patch - the default group is now nobody instead of nogroup - comment out the pre section - the squid user is added and deleted by the system - add the auth_modules and their README files - some spec file cleanings * Sun Jun 03 2001 Christian Belisle <cbelisle@mandrakesoft.com> 2.4.STABLE1-4mdk - Applied a patch for the config file * Mon May 28 2001 Christian Belisle <cbelisle@mandrakesoft.com> 2.4.STABLE1-3mdk - The init script now handle the /var/run/squid.pid file * Tue May 22 2001 Christian Belisle <cbelisle@mandrakesoft.com> 2.4.STABLE1-2mdk - Applied some necessary patches - Changed log & spool file permission to nobody * Tue May 15 2001 Christian Belisle <cbelisle@mandrakesoft.com> 2.4.STABLE1-1mdk - Added the swap directory in /var/cache - Changed log files permission - Removed dnsserver's related things, it's now internal. - Fixed the configure parameters for 2.4 - updated to version 2.4.STABLE1 * Sun Apr 08 2001 Frederic Lepied <flepied@mandrakesoft.com> 2.3.STABLE4-5mdk - conformed to server policy * Tue Mar 13 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 2.3.STABLE4-4mdk - Fix the paths where the initscript gets installed (Christian Zoffoli). * Tue Mar 06 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 2.3.STABLE4-3mdk - Include fixes for Squid as asked by Alexander Skwar. - Remove stripping of binary. - Use %configure and %makeinstall. - Enable async io, enable carp support and enable useragent logging. * Tue Jan 16 2001 Vincent Danen <vdanen@mandrakesoft.com> 2.3.STABLE4-2mdk - security fix for tmpfile problems (patch#20) - cleanup spec; macros * Sun Nov 12 2000 Geoffrey Lee <snailtalk@mandrakesoft.com> 2.3.STABLE4-1mdk - shiny version. - comment out already applied patches. * Tue Sep 5 2000 Etienne Faure <etienne@mandraksoft.com> 2.3.STABLE2-3mdk - rebuilt with %%doc macro - added noreplace tag for config files * Tue May 2 2000 Jean-Michel Dault <jmdault@mandrakesoft.com> 2.3.STABLE2-2mdk - fixed %post script - three more bugfix patches from the squid people - buildprereq jade, sgmltools * Fri Apr 7 2000 Jean-Michel Dault <jmdault@mandrakesoft.com> 2.3.STABLE2-1mdk - merged with redhat again * Sun Mar 26 2000 Florian La Roche <Florian.LaRoche@redhat.com> - make %pre more portable * Thu Mar 16 2000 Bill Nottingham <notting@redhat.com> - bugfix patches - fix dependency on /usr/local/bin/perl * Sat Mar 4 2000 Bill Nottingham <notting@redhat.com> - 2.3.STABLE2 * Mon Feb 14 2000 Bill Nottingham <notting@redhat.com> - Yet More Bugfix Patches * Tue Feb 8 2000 Bill Nottingham <notting@redhat.com> - add more bugfix patches - --enable-heap-replacement * Mon Jan 31 2000 Cristian Gafton <gafton@redhat.com> - rebuild to fix dependencies * Fri Jan 28 2000 Bill Nottingham <notting@redhat.com> - grab some bugfix patches * Mon Jan 10 2000 Bill Nottingham <notting@redhat.com> - 2.3.STABLE1 (whee, another serial number) * Tue Dec 21 1999 Bernhard Rosenkraenzer <bero@redhat.com> - Fix compliance with ftp RFCs (http://www.wu-ftpd.org/broken-clients.html) - Work around a bug in some versions of autoconf - BuildPrereq sgml-tools - we're using sgml2html * Mon Oct 18 1999 Bill Nottingham <notting@redhat.com> - add a couple of bugfix patches * Wed Oct 13 1999 Bill Nottingham <notting@redhat.com> - update to 2.2.STABLE5. - update FAQ, fix URLs. * Sat Sep 11 1999 Cristian Gafton <gafton@redhat.com> - transform restart in reload and add restart to the init script * Tue Aug 31 1999 Bill Nottingham <notting@redhat.com> - add squid user as user 23. * Mon Aug 16 1999 Bill Nottingham <notting@redhat.com> - initscript munging - fix conflict between logrotate & squid -k (#4562) * Wed Jul 28 1999 Bill Nottingham <notting@redhat.com> - put cachemgr.cgi back in /usr/lib/squid * Wed Jul 14 1999 Bill Nottingham <notting@redhat.com> - add webdav bugfix patch (#4027) * Mon Jul 12 1999 Bill Nottingham <notting@redhat.com> - fix path to config in squid.init (confuses linuxconf) * Wed Jul 7 1999 Bill Nottingham <notting@redhat.com> - 2.2.STABLE4 * Wed Jun 9 1999 Dale Lovelace <dale@redhat.com> - logrotate changes - errors from find when /var/spool/squid or - /var/log/squid didn't exist * Thu May 20 1999 Bill Nottingham <notting@redhat.com> - 2.2.STABLE3 * Thu Apr 22 1999 Bill Nottingham <notting@redhat.com> - update to 2.2.STABLE.2 * Sun Apr 18 1999 Bill Nottingham <notting@redhat.com> - update to 2.2.STABLE1 * Thu Apr 15 1999 Bill Nottingham <notting@redhat.com> - don't need to run groupdel on remove - fix useradd * Mon Apr 12 1999 Bill Nottingham <notting@redhat.com> - fix effective_user (bug #2124) * Mon Apr 5 1999 Bill Nottingham <notting@redhat.com> - strip binaries * Thu Apr 1 1999 Bill Nottingham <notting@redhat.com> - duh. adduser does require a user name. - add a serial number * Tue Mar 30 1999 Bill Nottingham <notting@redhat.com> - add an adduser in %pre, too * Thu Mar 25 1999 Bill Nottingham <notting@redhat.com> - oog. chkconfig must be in %preun, not %postun * Wed Mar 24 1999 Bill Nottingham <notting@redhat.com> - switch to using group squid - turn off icmp (insecure) - update to 2.2.DEVEL3 - build FAQ docs from source * Tue Mar 23 1999 Bill Nottingham <notting@redhat.com> - logrotate changes * Sun Mar 21 1999 Cristian Gafton <gafton@redhat.com> - auto rebuild in the new build environment (release 4) * Wed Feb 10 1999 Bill Nottingham <notting@redhat.com> - update to 2.2.PRE2 * Wed Dec 30 1998 Bill Nottingham <notting@redhat.com> - cache & log dirs shouldn't be world readable - remove preun script (leave logs & cache @ uninstall) * Tue Dec 29 1998 Bill Nottingham <notting@redhat.com> - fix initscript to get cache_dir correct * Fri Dec 18 1998 Bill Nottingham <notting@redhat.com> - update to 2.1.PATCH2 - merge in some changes from RHCN version * Sat Oct 10 1998 Cristian Gafton <gafton@redhat.com> - strip binaries - version 1.1.22 * Sun May 10 1998 Cristian Gafton <gafton@redhat.com> - don't make packages conflict with each other... * Sat May 02 1998 Cristian Gafton <gafton@redhat.com> - added a proxy auth patch from Alex deVries <adevries@engsoc.carleton.ca> - fixed initscripts * Thu Apr 09 1998 Cristian Gafton <gafton@redhat.com> - rebuilt for Manhattan * Fri Mar 20 1998 Cristian Gafton <gafton@redhat.com> - upgraded to 1.1.21/1.NOVM.21 * Mon Mar 02 1998 Cristian Gafton <gafton@redhat.com> - updated the init script to use reconfigure option to restart squid instead of shutdown/restart (both safer and quicker) * Sat Feb 07 1998 Cristian Gafton <gafton@redhat.com> - upgraded to 1.1.20 - added the NOVM package and tryied to reduce the mess in the spec file * Wed Jan 7 1998 Cristian Gafton <gafton@redhat.com> - first build against glibc - patched out the use of setresuid(), which is available only on kernels 2.1.44 and later