%define build_devel 1 %define build_daemons 0 %define build_login 0 %define build_extra_apps 0 Summary: Heimdal implementation of Kerberos V5 system Summary(pl): Implementacja Heimdal systemu Kerberos V5 Name: heimdal Version: 0.7.2 Release: %mkrel 8 License: Free Group: System/Base Source0: ftp://ftp.pdc.kth.se/pub/heimdal/src/%{name}-%{version}.tar.gz Source1: %{name}.init Source2: ftp://ftp.pdc.kth.se/pub/heimdal/src/%{name}-%{version}.tar.gz.asc Source5: %{name}-ftpd.xinetd Source6: %{name}-rshd.xinetd Source7: %{name}-telnetd.xinetd Source8: %{name}-kadmind.xinetd Patch0: heimdal-0.6.3-fix-readline-detection.patch Patch1: heimdal-0.7.2-manacl.patch # http://qa.mandriva.com/show_bug.cgi?id=23085 Patch2: heimdal-0.7.2-attrreplace.patch URL: http://www.pdc.kth.se/heimdal/ BuildRequires: XFree86-devel BuildRequires: db-devel >= 4.1.25 BuildRequires: flex BuildRequires: libtool BuildRequires: ncurses-devel >= 5.3 BuildRequires: byacc BuildRequires: libreadline-devel BuildRoot: %{_tmppath}/%{name}-%{version}-root Conflicts: krb5-lib %description Heimdal is a free implementation of Kerberos 5. The goals are to: - have an implementation that can be freely used by anyone - be protocol compatible with existing implementations and, if not in conflict, with RFC 1510 (and any future updated RFC) - be reasonably compatible with the M.I.T Kerberos V5 API - have support for Kerberos V5 over GSS-API (RFC1964) - include the most important and useful application programs (rsh, telnet, popper, etc.) - include enough backwards compatibility with Kerberos V4 - IPv6 support %description -l pl Heimdal jest darmow± implementacj± Kerberosa 5. G³ówne zalety to: - implementacja, która mo¿e byæ u¿ywana przez ka¿dego - kompatybilno¶æ na poziomie protoko³u z istniej±cymi implementacjami - racjonalna kompatybilno¶æ z M.I.T Kerberos V5 API - wsparcie dla Kerberosa 5 poprzez GSS-API (RFC1964) - zawiera wiêkszo¶æ istotnych i u¿ytecznych aplikacji (rsh, telnet, popper, etc.) - zawiera wystarczaj±c± kompatybilno¶æ z Kerberos V4 - wsparcie dla IPv6 %package workstation Summary: Heimdal Kerberos 5 workstation programs Group: System/Base Requires: %{name}-libs = %{version} Obsoletes: %{name} <= 0.7.2-2mlcs4 # conflict with MIT Conflicts: krb5-workstation %description workstation This package contains the client part of a Heimdal Kerberos 5 setup. It should be tipically installed on worksations. %package server Summary: Kerberos Server Summary(pl): Serwer Kerberosa Group: Networking Requires: %{name}-libs = %{version} Requires(post): /sbin/chkconfig Requires(preun):/sbin/chkconfig # conflict with MIT Conflicts: krb5-server # http://qa.mandriva.com/show_bug.cgi?id=22975 Conflicts: krb5-workstation %description server Master KDC. %description server -l pl G³ówne centrum dystrybucji kluczy (KDC). %package libs Summary: Heimdal shared libraries Summary(pl): Biblioteki wspó³dzielone dla heimdal Group: Libraries #Requires: krb5-conf %description libs Package contains shared libraries required by several of the other heimdal packages. %description libs -l pl Pakiet zawiera biblioteki wspó³dzielone dla heimdal. %if %{build_login} %package login Summary: login is used when signing onto a system Summary(pl): Narzêdzie do logowania w systemie Group: Applications/Networking Requires: %{name}-libs = %{version}-%{release} Provides: login Conflicts: shadow-utils #Obsoletes: login %description login login is used when signing onto a system. It can also be used to switch from one user to another at any time (most modern shells have support for this feature built into them, however). This package contain kerberized version login program. %description login -l pl login jest u¿ywany przy logowaniu do systemu. Mo¿e byæ tak¿e u¿yty do prze³±czenia z jednego u¿ytkownika na innego w dowolnej chwili (wiêkszo¶æ wspó³czesnych shelli ma wbudowan± obs³ugê tego). Ten pakiet zawiera skerberyzowan± wersjê programu login. %endif %if %{build_extra_apps} %package ftp Summary: The standard UNIX FTP (file transfer protocol) client Summary(pl): Klient protoko³u FTP Group: Applications/Networking Requires: %{name}-libs = %{version}-%{release} Conflicts: ftp-client-krb5 %description ftp The ftp package provides the standard UNIX command-line FTP client with kerberos authentication support. FTP is the file transfer protocol, which is a widely used Internet protocol for transferring files and for archiving files. %description ftp -l pl Ten pakiet dostarcza standardowego klienta ftp z wbudowan± obs³ug± kerberosa. FTP jest protoko³em do przesy³ania plików szeroko rozpowszechnionym w Internecie. %package rsh Summary: Clients for remote access commands (rsh, rlogin, rcp) Summary(pl): Klient zdalnego dostêpu (rsh, rlogin, rcp) Group: Applications/Networking Requires: %{name}-libs = %{version}-%{release} #Obsoletes: rsh %description rsh The rsh package contains a set of programs which allow users to run commands on remote machines, login to other machines and copy files between machines (rsh, rlogin and rcp). All three of these commands use rhosts style authentication. This package contains the clients needed for all of these services. %description rsh -l pl Ten pakiet zawiera zestaw narzêdzi pozwalaj±cych na wykonywanie poleceñ na zdalnych maszynach, logowanie na inne maszyny oraz kopiowanie plików pomiêdzy maszynami (rsh, rlogin, rcp). %package telnet Summary: Client for the telnet remote login Summary(pl): Klient us³ugi telnet Group: Applications/Networking Requires: %{name}-libs = %{version}-%{release} #Obsoletes: telnet Conflicts: telnet-client-krb5 %description telnet Telnet is a popular protocol for remote logins across the Internet. This package provides a command line telnet client. %description telnet -l pl Telnet jest popularnym protoko³em zdalnego logowania. Ten pakiet zawiera klienta tej us³ugi. %package ftpd Summary: The standard UNIX FTP (file transfer protocol) server Summary(pl): Serwer FTP Group: Networking/Daemons Requires(pre): xinetd Requires: %{name}-libs = %{version}-%{release} #Obsoletes: ftpd Conflicts: ftp-server-krb5 %description ftpd FTP is the file transfer protocol, which is a widely used Internet protocol for transferring files and for archiving files. %description ftpd -l pl FTP jest protoko³em trasmisji plików szeroko rozpowszechnionym w Internecie. %package rshd Summary: Server for remote access commands (rsh, rlogin, rcp) Summary(pl): Serwer zdalnego dostêpu (rsh, rlogin, rcp) Group: Networking/Daemons Requires(pre): xinetd Requires: %{name}-libs = %{version}-%{release} #Obsoletes: rshd %description rshd The rsh package contains a set of programs which allow users to run commmands on remote machines, login to other machines and copy files between machines (rsh, rlogin and rcp). All three of these commands use rhosts style authentication. This package contains servers needed for all of these services. %description rshd -l pl Ten pakiet zawiera zestaw serwerów pozwalaj±cych na wykonywanie poleceñ na zdalnych maszynach, logowanie na inne maszyny oraz kopiowanie plików pomiêdzy maszynami (rsh, rlogin, rcp). %package telnetd Summary: Server for the telnet remote login Summary(pl): Serwer protoko³u telnet Group: Networking/Daemons Requires(pre): xinetd Requires: %{name}-libs = %{version}-%{release} #Obsoletes: telnetd Conflicts: telnet-server-krb5-1.4.3-3mdk.i586.rpm %description telnetd Telnet is a popular protocol for remote logins across the Internet. This package provides a telnet daemon which allows remote logins into the machine it is running on. %description telnetd -l pl Telnet jest popularnym protoko³em zdalnego logowania. Ten pakiet zawiera serwer pozwalaj±cy na zdalne logowanie siê klientów na maszynê na której dzia³a. %endif # build_extra_apps %if %{build_daemons} %package daemons Summary: Kerberos daemons programs for use on servers Summary(pl): Serwery popularnych us³ug, autoryzuj±ce przy pomocy kerberosa Group: Networking Requires: %{name}-libs = %{version}-%{release} %description daemons Kerberos Daemons. %description daemons -l pl Demony korzystaj±ce z systemu Kerberos do autoryzacji dostêpu. %endif %if %{build_devel} %package devel Summary: Header files for heimdal Summary(pl): Pliki nag³ówkowe i dokumentacja do bibliotek heimdal Group: Development/Libraries Requires: %{name}-libs = %{version}-%{release} Requires: e2fsprogs-devel %description devel contains files needed to compile and link software using the kerberos libraries. %description devel -l pl Pliki nag³ówkowe i dokumentacja do bibliotek heimdal. %endif %prep %setup -q %patch0 -p1 -b .readline %patch1 -p1 -b .manacl %patch2 -p1 -b .attrreplace autoconf %build export CFLAGS="$CFLAGS -D_REENTRANT -DHAVE_SNPRINTF" %configure \ --sysconfdir=%{_sysconfdir} \ --libexecdir=%{_sbindir} \ --disable-static \ --enable-shared \ --with-readline --with-readline-lib=%{_libdir} --with-readline-include=%{_includedir}/readline \ --with-x \ --with-ipv6 \ --enable-kcm \ --with-openldap=%{_prefix} \ --without-krb4 \ --includedir=%{_prefix}/heimdal/include \ --libdir=%{_prefix}/heimdal/lib %{__make} %install rm -rf $RPM_BUILD_ROOT install -d $RPM_BUILD_ROOT{%{_var}/%{name},%{_sysconfdir}} \ $RPM_BUILD_ROOT/etc/{xinetd.d,logrotate.d,rc.d/init.d} %makeinstall_std install %{SOURCE1} $RPM_BUILD_ROOT/etc/rc.d/init.d/%{name} # FIXME install %{SOURCE2} $RPM_BUILD_ROOT/etc/logrotate.d/%{name} # FIXME install %{SOURCE3} $RPM_BUILD_ROOT/etc/sysconfig/%{name} install %{SOURCE5} $RPM_BUILD_ROOT/etc/xinetd.d/ftpd install %{SOURCE6} $RPM_BUILD_ROOT/etc/xinetd.d/rshd install %{SOURCE7} $RPM_BUILD_ROOT/etc/xinetd.d/telnetd install %{SOURCE8} $RPM_BUILD_ROOT/etc/xinetd.d/kadmind # conflict with other packages rm -rf $RPM_BUILD_ROOT%{_libdir}/lib{com_err,ss}.so \ $RPM_BUILD_ROOT%{_includedir}/{glob,fnmatch,ss/ss}.h touch $RPM_BUILD_ROOT{%{_sysconfdir}/krb5.keytab,%{_var}/%{name}/kadmind.acl} # rename to avoid confusion mv %{buildroot}/%{_mandir}/man1/{,k}su.1 mv %{buildroot}/%{_bindir}/{,k}su # remove cat manpages rm -rf %{buildroot}%{_mandir}/cat* # rename krb5-config to heimdal-config mv -f %{buildroot}%{_bindir}/{krb5,heimdal}-config mv -f %{buildroot}%{_mandir}/man1/{krb5,heimdal}-config.1 # rename mk_cmds to avoit conflict mv -f %{buildroot}%{_bindir}/mk_cmds{,-heimdal} # remove devel files if we are not going to package them %if ! %{build_devel} rm -f %{buildroot}%{_bindir}/{heimdal-config,mk_cmds-heimdal} rm -f %{buildroot}%{_prefix}/heimdal/lib/lib*.{la,so} rm -rf %{buildroot}%{_prefix}/heimdal/include rm -rf %{buildroot}%{_mandir}/*/heimdal-config.1* rm -f %{buildroot}%{_mandir}/man3/* %else %multiarch_binaries %{buildroot}/%{_bindir}/heimdal-config %endif %if ! %{build_daemons} rm -f %{buildroot}%{_sbindir}/{popper,push} rm -f %{buildroot}%{_mandir}/man8/{popper,push}.8* %endif %if ! %{build_login} rm -f %{buildroot}%{_bindir}/login rm -f %{buildroot}%{_mandir}/*/login.* %endif %if ! %{build_extra_apps} rm -f %{buildroot}%{_bindir}/{ftp,rsh,rcp,telnet} rm -f %{buildroot}%{_sbindir}/{ftpd,rshd,telnetd} rm -f %{buildroot}%{_mandir}/*/{ftp.1,rsh.1,telnet.1,ftpusers.5,ftpd.8,rshd.8,telnetd.8}* rm -f %{buildroot}%{_sysconfdir}/xinetd.d/{ftpd,rshd,telnetd} %endif # build_extra_apps # rename krb5.conf manpage because it conflicts with MIT's implementation # not very pretty, but simple enough mv -f %{buildroot}%{_mandir}/man5/krb5.conf.{5,heimdal.5} cat > README.mandriva <<EOF These Mandriva Heimdal kerberos packages have been modified in the following way: - only heimdal-server, heimdal-workstation and heimdal-libs packages are available in order to minimize conflicts with MIT packages and to avoid building packages with Heimdal dependencies - the krb5.conf manpage has been renamed to krb5.conf.heimdal to avoid a file conflict with the krb5-workstation package from MIT EOF chmod 0644 README.mandriva # install ld.so.conf configuration file mkdir -p -m 0755 %{buildroot}%{_sysconfdir}/ld.so.conf.d cat > %{buildroot}%{_sysconfdir}/ld.so.conf.d/heimdal.conf <<EOF %{_prefix}/heimdal/lib EOF %clean rm -rf $RPM_BUILD_ROOT #%post #update-alternatives --install %{_bindir}/kinit kinit \ #%{_bindir}/kinit.%{name} 10 \ #$(for i in %{_bindir}/{%{common_confl_krb5w},%{common_confl_krbafs}} #do [ "$i" == "kinit" ] || echo -n " --slave %{_bindir}/${i} ${i} %{_bindir}/${i}.%{name}" #done) #update-alternatives --auto kinit %post server %_post_service %{name} %preun server %_preun_service %{name} %if %{build_extra_apps} %post ftpd service xinetd condreload %postun ftpd service xinetd condreload %post rshd service xinetd condreload %postun rshd service xinetd condreload %post telnetd service xinetd condreload %postun telnetd service xinetd condreload %endif # build_extra_apps %post libs /sbin/ldconfig %postun libs /sbin/ldconfig %files workstation %defattr(0755,root,root) %{_bindir}/afslog %{_bindir}/kauth %{_bindir}/kdestroy %{_bindir}/kf %{_bindir}/kgetcred %{_bindir}/kinit %{_bindir}/klist %{_bindir}/kpasswd # XXX - check need for SUID bit %attr(4755,root,root) %{_bindir}/ksu %{_bindir}/kx # XXX - check need for SUID bit %attr(4755,root,root) %{_bindir}/otp %{_bindir}/otpprint %{_bindir}/pagsh %{_bindir}/pfrom %{_bindir}/rxtelnet %{_bindir}/rxterm %{_bindir}/string2key %{_bindir}/tenletxr %{_bindir}/verify_krb5_conf %{_bindir}/xnlock %{_sbindir}/kcm %{_mandir}/man1/afslog.1* %{_mandir}/man1/kauth.1* %{_mandir}/man1/kdestroy.1* %{_mandir}/man1/kf.1* %{_mandir}/man1/kgetcred.1* %{_mandir}/man1/kinit.1* %{_mandir}/man1/klist.1* %{_mandir}/man1/kpasswd.1* %{_mandir}/man1/ksu.1* %{_mandir}/man1/kx.1* %{_mandir}/man1/otp.1* %{_mandir}/man1/otpprint.1* %{_mandir}/man1/pagsh.1* %{_mandir}/man1/pfrom.1* %{_mandir}/man1/rxtelnet.1* %{_mandir}/man1/rxterm.1* %{_mandir}/man1/tenletxr.1* %{_mandir}/man1/xnlock.1* %{_mandir}/man8/string2key.8* %{_mandir}/man8/verify_krb5_conf.8* %{_mandir}/man8/kcm.8* %files server %defattr(-,root,root) %doc NEWS TODO %attr(754,root,root) /etc/rc.d/init.d/%{name} #%attr(640,root,root) /etc/logrotate.d/%{name} #%attr(640,root,root) /etc/sysconfig/heimdal %attr(640,root,root) %config(noreplace) %verify(not size mtime md5) /etc/xinetd.d/kadmind %attr(700,root,root) %dir %{_var}/%{name} %attr(600,root,root) %config(noreplace) %verify(not size mtime md5) %{_var}/%{name}/* %{_sbindir}/dump_log %{_sbindir}/hprop %{_sbindir}/hpropd %{_sbindir}/ipropd-master %{_sbindir}/ipropd-slave %{_sbindir}/kadmin %{_sbindir}/kadmind %{_sbindir}/kdc %{_sbindir}/kfd %{_sbindir}/kpasswdd %{_sbindir}/kstash %{_sbindir}/ktutil %{_sbindir}/kxd %{_sbindir}/replay_log %{_sbindir}/truncate_log %{_mandir}/man8/hprop.8.bz2 %{_mandir}/man8/hpropd.8.bz2 %{_mandir}/man8/iprop.8.bz2 %{_mandir}/man8/ipropd-master.8.bz2 %{_mandir}/man8/ipropd-slave.8.bz2 %{_mandir}/man8/kadmin.8.bz2 %{_mandir}/man8/kadmind.8.bz2 %{_mandir}/man8/kdc.8.bz2 %{_mandir}/man8/kfd.8.bz2 %{_mandir}/man8/kpasswdd.8.bz2 %{_mandir}/man8/kstash.8.bz2 %{_mandir}/man8/ktutil.8.bz2 %{_mandir}/man8/kxd.8.bz2 %files libs %defattr(644,root,root,755) %doc README.mandriva %dir %{_prefix}/heimdal %{_sysconfdir}/ld.so.conf.d/heimdal.conf %attr(400,root,root) %ghost %{_sysconfdir}/krb5.keytab %attr(755,root,root) %{_prefix}/heimdal/lib/lib*.so.* %{_infodir}/heimdal.info* %{_mandir}/*/krb5.conf.heimdal.5* %{_mandir}/*/kerberos.8* %if %{build_login} %files login %defattr(644,root,root,755) %attr(755,root,root) %{_bindir}/login %{_mandir}/*/login.* %endif %if %{build_extra_apps} %files ftp %defattr(644,root,root,755) %attr(755,root,root) %{_bindir}/ftp %{_mandir}/*/ftp.1* %files rsh %defattr(644,root,root,755) %attr(755,root,root) %{_bindir}/rsh %attr(755,root,root) %{_bindir}/rcp %{_mandir}/*/rsh.1* %files telnet %defattr(644,root,root,755) %attr(755,root,root) %{_bindir}/telnet %{_mandir}/*/telnet.1* %files ftpd %defattr(644,root,root,755) %attr(640,root,root) %config(noreplace) %verify(not size mtime md5) /etc/xinetd.d/ftpd %attr(755,root,root) %{_sbindir}/ftpd %{_mandir}/*/ftpusers.5* %{_mandir}/*/ftpd.8* %files rshd %defattr(644,root,root,755) %attr(640,root,root) %config(noreplace) %verify(not size mtime md5) /etc/xinetd.d/rshd %attr(755,root,root) %{_sbindir}/rshd %{_mandir}/*/rshd.8* %files telnetd %defattr(644,root,root,755) %attr(640,root,root) %config(noreplace) %verify(not size mtime md5) /etc/xinetd.d/telnetd %attr(755,root,root) %{_sbindir}/telnetd %{_mandir}/*/telnetd.8* %endif # build_extra_apps %if %{build_daemons} %files daemons %defattr(644,root,root,755) %attr(755,root,root) %{_sbindir}/popper %attr(755,root,root) %{_sbindir}/push %{_mandir}/*/popper.8* %{_mandir}/*/push.8* %endif %if %{build_devel} %files devel %defattr(644,root,root,755) %_bindir/heimdal-config %multiarch_bindir/heimdal-config %{_bindir}/mk_cmds-heimdal %{_prefix}/heimdal/lib/lib*.la %{_prefix}/heimdal/lib/lib*.so %{_prefix}/heimdal/include %{_mandir}/*/heimdal-config.1* %{_mandir}/man3/* %endif %changelog * Wed Jun 21 2006 Andreas Hasenack <andreas@mandriva.com> 0.7.2-8mlcs4 - enabled devel build - moved libraries to /usr/heimdal to avoid conflict with MIT libraries, and to avoid linking against them instead of MIT by mistake - using ld.so.conf config file due to above change - renamed krb5-config to heimdal-config (in devel package) to avoid conflicts - renamed mk_cmds to mk_cmds-heimdal (in devel package), also to avoid conflicts * Tue Jun 13 2006 Andreas Hasenack <andreas@mandriva.com> 0.7.2-7mlcs4 - added patch to fix #23085 * Thu May 11 2006 Andreas Hasenack <andreas@mandriva.com> 0.7.2-6mlcs4 - don't own %%{_sysconfdir} - heimdal-server conflicts with krb5-workstation (#22975) * Wed Apr 05 2006 Andreas Hasenack <andreas@mandriva.com> 0.7.2-5mdk - fixed krb5.conf.5 manpage conflict with krb5-workstation - added a README.mandriva documentation file explaining some of the changes we did (like the above one) * Fri Mar 17 2006 Andreas Hasenack <andreas@mandriva.com> 0.7.2-4mdk - fixed init script typo * Tue Mar 14 2006 Andreas Hasenack <andreas@mandriva.com> 0.7.2-3mdk - major cleanup - trying to use the same package layout as mit-krb5 (so, we now have a heimdal-workstation package) - conflict with MIT kerberos packages where appropriate - enabled kcm (kerberos credential manager) - make devel build optional and disabled by default to avoid having a devel package available and linking some app against it instead of MIT's implementation by accident - use standard sysconfdir since we are not planing on using MIT and Heimdal packages at the same time (besides the libs) - added patch for manpages krb5.conf.5 and kadmind.8 about the acl file - disabled krb4 support - build apps, login and daemons conditionally (disabled by default) * Fri Mar 10 2006 Andreas Hasenack <andreas@mandriva.com> 0.7.2-1mdk - added byacc to buildrequires - updated to version 0.7.2 * Wed Sep 21 2005 Buchan Milne <bgmilne@mandriva.org> 0.7.1-1mdk - finally finish the last bits of this initial package * Fri Nov 26 2004 Buchan Milne <bgmilne@linux-mandrake.com> 0.6.3-1mdk - 0.6.3 * Mon Jul 26 2004 Buchan Milne <bgmilne@linux-mandrake.com> 0.6.2-1mdk - 0.6.2 - drop db4 patchs (p3,p4) and compilation fixes (p5) - applied upstream * Sun Mar 14 2004 Buchan Milne <bgmilne@linux-mandrake.com> 0.6-1mdk - First Mandrake package (based on PLD package) - patches to build with db4 - for now, don't terminate on missing files ...