%define build_devel 1
%define build_daemons 0
%define build_login 0
%define build_extra_apps 0
Summary: Heimdal implementation of Kerberos V5 system
Summary(pl): Implementacja Heimdal systemu Kerberos V5
Name: heimdal
Version: 0.7.2
Release: %mkrel 8
License: Free
Group: System/Base
Source0: ftp://ftp.pdc.kth.se/pub/heimdal/src/%{name}-%{version}.tar.gz
Source1: %{name}.init
Source2: ftp://ftp.pdc.kth.se/pub/heimdal/src/%{name}-%{version}.tar.gz.asc
Source5: %{name}-ftpd.xinetd
Source6: %{name}-rshd.xinetd
Source7: %{name}-telnetd.xinetd
Source8: %{name}-kadmind.xinetd
Patch0: heimdal-0.6.3-fix-readline-detection.patch
Patch1: heimdal-0.7.2-manacl.patch
# http://qa.mandriva.com/show_bug.cgi?id=23085
Patch2: heimdal-0.7.2-attrreplace.patch
URL: http://www.pdc.kth.se/heimdal/
BuildRequires: XFree86-devel
BuildRequires: db-devel >= 4.1.25
BuildRequires: flex
BuildRequires: libtool
BuildRequires: ncurses-devel >= 5.3
BuildRequires: byacc
BuildRequires: libreadline-devel
BuildRoot: %{_tmppath}/%{name}-%{version}-root
Conflicts: krb5-lib
%description
Heimdal is a free implementation of Kerberos 5. The goals are to:
- have an implementation that can be freely used by anyone
- be protocol compatible with existing implementations and, if not in
conflict, with RFC 1510 (and any future updated RFC)
- be reasonably compatible with the M.I.T Kerberos V5 API
- have support for Kerberos V5 over GSS-API (RFC1964)
- include the most important and useful application programs (rsh,
telnet, popper, etc.)
- include enough backwards compatibility with Kerberos V4
- IPv6 support
%description -l pl
Heimdal jest darmow± implementacj± Kerberosa 5. G³ówne zalety to:
- implementacja, która mo¿e byæ u¿ywana przez ka¿dego
- kompatybilno¶æ na poziomie protoko³u z istniej±cymi implementacjami
- racjonalna kompatybilno¶æ z M.I.T Kerberos V5 API
- wsparcie dla Kerberosa 5 poprzez GSS-API (RFC1964)
- zawiera wiêkszo¶æ istotnych i u¿ytecznych aplikacji (rsh, telnet,
popper, etc.)
- zawiera wystarczaj±c± kompatybilno¶æ z Kerberos V4
- wsparcie dla IPv6
%package workstation
Summary: Heimdal Kerberos 5 workstation programs
Group: System/Base
Requires: %{name}-libs = %{version}
Obsoletes: %{name} <= 0.7.2-2mlcs4
# conflict with MIT
Conflicts: krb5-workstation
%description workstation
This package contains the client part of a Heimdal Kerberos 5 setup.
It should be tipically installed on worksations.
%package server
Summary: Kerberos Server
Summary(pl): Serwer Kerberosa
Group: Networking
Requires: %{name}-libs = %{version}
Requires(post): /sbin/chkconfig
Requires(preun):/sbin/chkconfig
# conflict with MIT
Conflicts: krb5-server
# http://qa.mandriva.com/show_bug.cgi?id=22975
Conflicts: krb5-workstation
%description server
Master KDC.
%description server -l pl
G³ówne centrum dystrybucji kluczy (KDC).
%package libs
Summary: Heimdal shared libraries
Summary(pl): Biblioteki wspó³dzielone dla heimdal
Group: Libraries
#Requires: krb5-conf
%description libs
Package contains shared libraries required by several of the other
heimdal packages.
%description libs -l pl
Pakiet zawiera biblioteki wspó³dzielone dla heimdal.
%if %{build_login}
%package login
Summary: login is used when signing onto a system
Summary(pl): Narzêdzie do logowania w systemie
Group: Applications/Networking
Requires: %{name}-libs = %{version}-%{release}
Provides: login
Conflicts: shadow-utils
#Obsoletes: login
%description login
login is used when signing onto a system. It can also be used to
switch from one user to another at any time (most modern shells have
support for this feature built into them, however). This package
contain kerberized version login program.
%description login -l pl
login jest u¿ywany przy logowaniu do systemu. Mo¿e byæ tak¿e u¿yty do
prze³±czenia z jednego u¿ytkownika na innego w dowolnej chwili
(wiêkszo¶æ wspó³czesnych shelli ma wbudowan± obs³ugê tego). Ten pakiet
zawiera skerberyzowan± wersjê programu login.
%endif
%if %{build_extra_apps}
%package ftp
Summary: The standard UNIX FTP (file transfer protocol) client
Summary(pl): Klient protoko³u FTP
Group: Applications/Networking
Requires: %{name}-libs = %{version}-%{release}
Conflicts: ftp-client-krb5
%description ftp
The ftp package provides the standard UNIX command-line FTP client
with kerberos authentication support. FTP is the file transfer
protocol, which is a widely used Internet protocol for transferring
files and for archiving files.
%description ftp -l pl
Ten pakiet dostarcza standardowego klienta ftp z wbudowan± obs³ug±
kerberosa. FTP jest protoko³em do przesy³ania plików szeroko
rozpowszechnionym w Internecie.
%package rsh
Summary: Clients for remote access commands (rsh, rlogin, rcp)
Summary(pl): Klient zdalnego dostêpu (rsh, rlogin, rcp)
Group: Applications/Networking
Requires: %{name}-libs = %{version}-%{release}
#Obsoletes: rsh
%description rsh
The rsh package contains a set of programs which allow users to run
commands on remote machines, login to other machines and copy files
between machines (rsh, rlogin and rcp). All three of these commands
use rhosts style authentication. This package contains the clients
needed for all of these services.
%description rsh -l pl
Ten pakiet zawiera zestaw narzêdzi pozwalaj±cych na wykonywanie
poleceñ na zdalnych maszynach, logowanie na inne maszyny oraz
kopiowanie plików pomiêdzy maszynami (rsh, rlogin, rcp).
%package telnet
Summary: Client for the telnet remote login
Summary(pl): Klient us³ugi telnet
Group: Applications/Networking
Requires: %{name}-libs = %{version}-%{release}
#Obsoletes: telnet
Conflicts: telnet-client-krb5
%description telnet
Telnet is a popular protocol for remote logins across the Internet.
This package provides a command line telnet client.
%description telnet -l pl
Telnet jest popularnym protoko³em zdalnego logowania. Ten pakiet
zawiera klienta tej us³ugi.
%package ftpd
Summary: The standard UNIX FTP (file transfer protocol) server
Summary(pl): Serwer FTP
Group: Networking/Daemons
Requires(pre): xinetd
Requires: %{name}-libs = %{version}-%{release}
#Obsoletes: ftpd
Conflicts: ftp-server-krb5
%description ftpd
FTP is the file transfer protocol, which is a widely used Internet
protocol for transferring files and for archiving files.
%description ftpd -l pl
FTP jest protoko³em trasmisji plików szeroko rozpowszechnionym w
Internecie.
%package rshd
Summary: Server for remote access commands (rsh, rlogin, rcp)
Summary(pl): Serwer zdalnego dostêpu (rsh, rlogin, rcp)
Group: Networking/Daemons
Requires(pre): xinetd
Requires: %{name}-libs = %{version}-%{release}
#Obsoletes: rshd
%description rshd
The rsh package contains a set of programs which allow users to run
commmands on remote machines, login to other machines and copy files
between machines (rsh, rlogin and rcp). All three of these commands
use rhosts style authentication. This package contains servers needed
for all of these services.
%description rshd -l pl
Ten pakiet zawiera zestaw serwerów pozwalaj±cych na wykonywanie
poleceñ na zdalnych maszynach, logowanie na inne maszyny oraz
kopiowanie plików pomiêdzy maszynami (rsh, rlogin, rcp).
%package telnetd
Summary: Server for the telnet remote login
Summary(pl): Serwer protoko³u telnet
Group: Networking/Daemons
Requires(pre): xinetd
Requires: %{name}-libs = %{version}-%{release}
#Obsoletes: telnetd
Conflicts: telnet-server-krb5-1.4.3-3mdk.i586.rpm
%description telnetd
Telnet is a popular protocol for remote logins across the Internet.
This package provides a telnet daemon which allows remote logins into
the machine it is running on.
%description telnetd -l pl
Telnet jest popularnym protoko³em zdalnego logowania. Ten pakiet
zawiera serwer pozwalaj±cy na zdalne logowanie siê klientów na maszynê
na której dzia³a.
%endif # build_extra_apps
%if %{build_daemons}
%package daemons
Summary: Kerberos daemons programs for use on servers
Summary(pl): Serwery popularnych us³ug, autoryzuj±ce przy pomocy kerberosa
Group: Networking
Requires: %{name}-libs = %{version}-%{release}
%description daemons
Kerberos Daemons.
%description daemons -l pl
Demony korzystaj±ce z systemu Kerberos do autoryzacji dostêpu.
%endif
%if %{build_devel}
%package devel
Summary: Header files for heimdal
Summary(pl): Pliki nag³ówkowe i dokumentacja do bibliotek heimdal
Group: Development/Libraries
Requires: %{name}-libs = %{version}-%{release}
Requires: e2fsprogs-devel
%description devel
contains files needed to compile and link software using the kerberos
libraries.
%description devel -l pl
Pliki nag³ówkowe i dokumentacja do bibliotek heimdal.
%endif
%prep
%setup -q
%patch0 -p1 -b .readline
%patch1 -p1 -b .manacl
%patch2 -p1 -b .attrreplace
autoconf
%build
export CFLAGS="$CFLAGS -D_REENTRANT -DHAVE_SNPRINTF"
%configure \
--sysconfdir=%{_sysconfdir} \
--libexecdir=%{_sbindir} \
--disable-static \
--enable-shared \
--with-readline --with-readline-lib=%{_libdir} --with-readline-include=%{_includedir}/readline \
--with-x \
--with-ipv6 \
--enable-kcm \
--with-openldap=%{_prefix} \
--without-krb4 \
--includedir=%{_prefix}/heimdal/include \
--libdir=%{_prefix}/heimdal/lib
%{__make}
%install
rm -rf $RPM_BUILD_ROOT
install -d $RPM_BUILD_ROOT{%{_var}/%{name},%{_sysconfdir}} \
$RPM_BUILD_ROOT/etc/{xinetd.d,logrotate.d,rc.d/init.d}
%makeinstall_std
install %{SOURCE1} $RPM_BUILD_ROOT/etc/rc.d/init.d/%{name}
# FIXME install %{SOURCE2} $RPM_BUILD_ROOT/etc/logrotate.d/%{name}
# FIXME install %{SOURCE3} $RPM_BUILD_ROOT/etc/sysconfig/%{name}
install %{SOURCE5} $RPM_BUILD_ROOT/etc/xinetd.d/ftpd
install %{SOURCE6} $RPM_BUILD_ROOT/etc/xinetd.d/rshd
install %{SOURCE7} $RPM_BUILD_ROOT/etc/xinetd.d/telnetd
install %{SOURCE8} $RPM_BUILD_ROOT/etc/xinetd.d/kadmind
# conflict with other packages
rm -rf $RPM_BUILD_ROOT%{_libdir}/lib{com_err,ss}.so \
$RPM_BUILD_ROOT%{_includedir}/{glob,fnmatch,ss/ss}.h
touch $RPM_BUILD_ROOT{%{_sysconfdir}/krb5.keytab,%{_var}/%{name}/kadmind.acl}
# rename to avoid confusion
mv %{buildroot}/%{_mandir}/man1/{,k}su.1
mv %{buildroot}/%{_bindir}/{,k}su
# remove cat manpages
rm -rf %{buildroot}%{_mandir}/cat*
# rename krb5-config to heimdal-config
mv -f %{buildroot}%{_bindir}/{krb5,heimdal}-config
mv -f %{buildroot}%{_mandir}/man1/{krb5,heimdal}-config.1
# rename mk_cmds to avoit conflict
mv -f %{buildroot}%{_bindir}/mk_cmds{,-heimdal}
# remove devel files if we are not going to package them
%if ! %{build_devel}
rm -f %{buildroot}%{_bindir}/{heimdal-config,mk_cmds-heimdal}
rm -f %{buildroot}%{_prefix}/heimdal/lib/lib*.{la,so}
rm -rf %{buildroot}%{_prefix}/heimdal/include
rm -rf %{buildroot}%{_mandir}/*/heimdal-config.1*
rm -f %{buildroot}%{_mandir}/man3/*
%else
%multiarch_binaries %{buildroot}/%{_bindir}/heimdal-config
%endif
%if ! %{build_daemons}
rm -f %{buildroot}%{_sbindir}/{popper,push}
rm -f %{buildroot}%{_mandir}/man8/{popper,push}.8*
%endif
%if ! %{build_login}
rm -f %{buildroot}%{_bindir}/login
rm -f %{buildroot}%{_mandir}/*/login.*
%endif
%if ! %{build_extra_apps}
rm -f %{buildroot}%{_bindir}/{ftp,rsh,rcp,telnet}
rm -f %{buildroot}%{_sbindir}/{ftpd,rshd,telnetd}
rm -f %{buildroot}%{_mandir}/*/{ftp.1,rsh.1,telnet.1,ftpusers.5,ftpd.8,rshd.8,telnetd.8}*
rm -f %{buildroot}%{_sysconfdir}/xinetd.d/{ftpd,rshd,telnetd}
%endif # build_extra_apps
# rename krb5.conf manpage because it conflicts with MIT's implementation
# not very pretty, but simple enough
mv -f %{buildroot}%{_mandir}/man5/krb5.conf.{5,heimdal.5}
cat > README.mandriva <<EOF
These Mandriva Heimdal kerberos packages have been modified in the following way:
- only heimdal-server, heimdal-workstation and heimdal-libs packages are available
in order to minimize conflicts with MIT packages and to avoid building
packages with Heimdal dependencies
- the krb5.conf manpage has been renamed to krb5.conf.heimdal to avoid a
file conflict with the krb5-workstation package from MIT
EOF
chmod 0644 README.mandriva
# install ld.so.conf configuration file
mkdir -p -m 0755 %{buildroot}%{_sysconfdir}/ld.so.conf.d
cat > %{buildroot}%{_sysconfdir}/ld.so.conf.d/heimdal.conf <<EOF
%{_prefix}/heimdal/lib
EOF
%clean
rm -rf $RPM_BUILD_ROOT
#%post
#update-alternatives --install %{_bindir}/kinit kinit \
#%{_bindir}/kinit.%{name} 10 \
#$(for i in %{_bindir}/{%{common_confl_krb5w},%{common_confl_krbafs}}
#do [ "$i" == "kinit" ] || echo -n " --slave %{_bindir}/${i} ${i} %{_bindir}/${i}.%{name}"
#done)
#update-alternatives --auto kinit
%post server
%_post_service %{name}
%preun server
%_preun_service %{name}
%if %{build_extra_apps}
%post ftpd
service xinetd condreload
%postun ftpd
service xinetd condreload
%post rshd
service xinetd condreload
%postun rshd
service xinetd condreload
%post telnetd
service xinetd condreload
%postun telnetd
service xinetd condreload
%endif # build_extra_apps
%post libs
/sbin/ldconfig
%postun libs
/sbin/ldconfig
%files workstation
%defattr(0755,root,root)
%{_bindir}/afslog
%{_bindir}/kauth
%{_bindir}/kdestroy
%{_bindir}/kf
%{_bindir}/kgetcred
%{_bindir}/kinit
%{_bindir}/klist
%{_bindir}/kpasswd
# XXX - check need for SUID bit
%attr(4755,root,root) %{_bindir}/ksu
%{_bindir}/kx
# XXX - check need for SUID bit
%attr(4755,root,root) %{_bindir}/otp
%{_bindir}/otpprint
%{_bindir}/pagsh
%{_bindir}/pfrom
%{_bindir}/rxtelnet
%{_bindir}/rxterm
%{_bindir}/string2key
%{_bindir}/tenletxr
%{_bindir}/verify_krb5_conf
%{_bindir}/xnlock
%{_sbindir}/kcm
%{_mandir}/man1/afslog.1*
%{_mandir}/man1/kauth.1*
%{_mandir}/man1/kdestroy.1*
%{_mandir}/man1/kf.1*
%{_mandir}/man1/kgetcred.1*
%{_mandir}/man1/kinit.1*
%{_mandir}/man1/klist.1*
%{_mandir}/man1/kpasswd.1*
%{_mandir}/man1/ksu.1*
%{_mandir}/man1/kx.1*
%{_mandir}/man1/otp.1*
%{_mandir}/man1/otpprint.1*
%{_mandir}/man1/pagsh.1*
%{_mandir}/man1/pfrom.1*
%{_mandir}/man1/rxtelnet.1*
%{_mandir}/man1/rxterm.1*
%{_mandir}/man1/tenletxr.1*
%{_mandir}/man1/xnlock.1*
%{_mandir}/man8/string2key.8*
%{_mandir}/man8/verify_krb5_conf.8*
%{_mandir}/man8/kcm.8*
%files server
%defattr(-,root,root)
%doc NEWS TODO
%attr(754,root,root) /etc/rc.d/init.d/%{name}
#%attr(640,root,root) /etc/logrotate.d/%{name}
#%attr(640,root,root) /etc/sysconfig/heimdal
%attr(640,root,root) %config(noreplace) %verify(not size mtime md5) /etc/xinetd.d/kadmind
%attr(700,root,root) %dir %{_var}/%{name}
%attr(600,root,root) %config(noreplace) %verify(not size mtime md5) %{_var}/%{name}/*
%{_sbindir}/dump_log
%{_sbindir}/hprop
%{_sbindir}/hpropd
%{_sbindir}/ipropd-master
%{_sbindir}/ipropd-slave
%{_sbindir}/kadmin
%{_sbindir}/kadmind
%{_sbindir}/kdc
%{_sbindir}/kfd
%{_sbindir}/kpasswdd
%{_sbindir}/kstash
%{_sbindir}/ktutil
%{_sbindir}/kxd
%{_sbindir}/replay_log
%{_sbindir}/truncate_log
%{_mandir}/man8/hprop.8.bz2
%{_mandir}/man8/hpropd.8.bz2
%{_mandir}/man8/iprop.8.bz2
%{_mandir}/man8/ipropd-master.8.bz2
%{_mandir}/man8/ipropd-slave.8.bz2
%{_mandir}/man8/kadmin.8.bz2
%{_mandir}/man8/kadmind.8.bz2
%{_mandir}/man8/kdc.8.bz2
%{_mandir}/man8/kfd.8.bz2
%{_mandir}/man8/kpasswdd.8.bz2
%{_mandir}/man8/kstash.8.bz2
%{_mandir}/man8/ktutil.8.bz2
%{_mandir}/man8/kxd.8.bz2
%files libs
%defattr(644,root,root,755)
%doc README.mandriva
%dir %{_prefix}/heimdal
%{_sysconfdir}/ld.so.conf.d/heimdal.conf
%attr(400,root,root) %ghost %{_sysconfdir}/krb5.keytab
%attr(755,root,root) %{_prefix}/heimdal/lib/lib*.so.*
%{_infodir}/heimdal.info*
%{_mandir}/*/krb5.conf.heimdal.5*
%{_mandir}/*/kerberos.8*
%if %{build_login}
%files login
%defattr(644,root,root,755)
%attr(755,root,root) %{_bindir}/login
%{_mandir}/*/login.*
%endif
%if %{build_extra_apps}
%files ftp
%defattr(644,root,root,755)
%attr(755,root,root) %{_bindir}/ftp
%{_mandir}/*/ftp.1*
%files rsh
%defattr(644,root,root,755)
%attr(755,root,root) %{_bindir}/rsh
%attr(755,root,root) %{_bindir}/rcp
%{_mandir}/*/rsh.1*
%files telnet
%defattr(644,root,root,755)
%attr(755,root,root) %{_bindir}/telnet
%{_mandir}/*/telnet.1*
%files ftpd
%defattr(644,root,root,755)
%attr(640,root,root) %config(noreplace) %verify(not size mtime md5) /etc/xinetd.d/ftpd
%attr(755,root,root) %{_sbindir}/ftpd
%{_mandir}/*/ftpusers.5*
%{_mandir}/*/ftpd.8*
%files rshd
%defattr(644,root,root,755)
%attr(640,root,root) %config(noreplace) %verify(not size mtime md5) /etc/xinetd.d/rshd
%attr(755,root,root) %{_sbindir}/rshd
%{_mandir}/*/rshd.8*
%files telnetd
%defattr(644,root,root,755)
%attr(640,root,root) %config(noreplace) %verify(not size mtime md5) /etc/xinetd.d/telnetd
%attr(755,root,root) %{_sbindir}/telnetd
%{_mandir}/*/telnetd.8*
%endif # build_extra_apps
%if %{build_daemons}
%files daemons
%defattr(644,root,root,755)
%attr(755,root,root) %{_sbindir}/popper
%attr(755,root,root) %{_sbindir}/push
%{_mandir}/*/popper.8*
%{_mandir}/*/push.8*
%endif
%if %{build_devel}
%files devel
%defattr(644,root,root,755)
%_bindir/heimdal-config
%multiarch_bindir/heimdal-config
%{_bindir}/mk_cmds-heimdal
%{_prefix}/heimdal/lib/lib*.la
%{_prefix}/heimdal/lib/lib*.so
%{_prefix}/heimdal/include
%{_mandir}/*/heimdal-config.1*
%{_mandir}/man3/*
%endif
%changelog
* Wed Jun 21 2006 Andreas Hasenack <andreas@mandriva.com> 0.7.2-8mlcs4
- enabled devel build
- moved libraries to /usr/heimdal to avoid conflict with MIT libraries,
and to avoid linking against them instead of MIT by mistake
- using ld.so.conf config file due to above change
- renamed krb5-config to heimdal-config (in devel package) to avoid
conflicts
- renamed mk_cmds to mk_cmds-heimdal (in devel package), also to avoid
conflicts
* Tue Jun 13 2006 Andreas Hasenack <andreas@mandriva.com> 0.7.2-7mlcs4
- added patch to fix #23085
* Thu May 11 2006 Andreas Hasenack <andreas@mandriva.com> 0.7.2-6mlcs4
- don't own %%{_sysconfdir}
- heimdal-server conflicts with krb5-workstation (#22975)
* Wed Apr 05 2006 Andreas Hasenack <andreas@mandriva.com> 0.7.2-5mdk
- fixed krb5.conf.5 manpage conflict with krb5-workstation
- added a README.mandriva documentation file explaining some of the
changes we did (like the above one)
* Fri Mar 17 2006 Andreas Hasenack <andreas@mandriva.com> 0.7.2-4mdk
- fixed init script typo
* Tue Mar 14 2006 Andreas Hasenack <andreas@mandriva.com> 0.7.2-3mdk
- major cleanup
- trying to use the same package layout as mit-krb5 (so, we now have
a heimdal-workstation package)
- conflict with MIT kerberos packages where appropriate
- enabled kcm (kerberos credential manager)
- make devel build optional and disabled by default to avoid having a devel
package available and linking some app against it instead of MIT's
implementation by accident
- use standard sysconfdir since we are not planing on using MIT and Heimdal
packages at the same time (besides the libs)
- added patch for manpages krb5.conf.5 and kadmind.8 about the acl file
- disabled krb4 support
- build apps, login and daemons conditionally (disabled by default)
* Fri Mar 10 2006 Andreas Hasenack <andreas@mandriva.com> 0.7.2-1mdk
- added byacc to buildrequires
- updated to version 0.7.2
* Wed Sep 21 2005 Buchan Milne <bgmilne@mandriva.org> 0.7.1-1mdk
- finally finish the last bits of this initial package
* Fri Nov 26 2004 Buchan Milne <bgmilne@linux-mandrake.com> 0.6.3-1mdk
- 0.6.3
* Mon Jul 26 2004 Buchan Milne <bgmilne@linux-mandrake.com> 0.6.2-1mdk
- 0.6.2
- drop db4 patchs (p3,p4) and compilation fixes (p5) - applied upstream
* Sun Mar 14 2004 Buchan Milne <bgmilne@linux-mandrake.com> 0.6-1mdk
- First Mandrake package (based on PLD package)
- patches to build with db4
- for now, don't terminate on missing files ...
