smeserver-coova-chilli/contribs7/smeserver-coova-chilli.spec

# $Id: smeserver-coova-chilli.spec,v 1.11 2008/08/28 10:12:16 snetram Exp $
# Authority: vip-ire
# Name: Daniel Berteaud

Summary: Coova-Chilli, a captive portal based on ChilliSpot configured for SME server
%define name smeserver-coova-chilli
Name: %{name}
%define version 0.1
%define release 6
Version: %{version}
Release: %{release}%{?dist}
License: GPL
Group: Networking/Remote access
Source: %{name}-%{version}.tar.gz
URL: http://sme.firewall-services.com
BuildRoot: /var/tmp/%{name}-%{version}-%{release}-buildroot
BuildArchitectures: noarch
BuildRequires: e-smith-devtools
Requires: e-smith-release >= 7.0 
Requires: openssl 
Requires: coova-chilli
Requires: e-smith-radiusd >= 1.0.0-18

Patch1: smeserver-coova-chilli-0.1-bypass_auth_with_squid_fix.patch
Patch2: smeserver-coova-chilli-0.1-expand_masq_fix.patch
Patch3: smeserver-coova-chilli-0.1-firewall2db.patch
Patch4: smeserver-coova-chilli-0.1-loginPageDir.patch
Patch5: smeserver-coova-chilli-0.1-authTemplate.patch
Patch6: smeserver-coova-chilli-0.1-fixOUTreset.patch
Patch7: smeserver-coova-chilli-0.1-uamallowed.patch 
Patch8: smeserver-coova-chilli-0.1-dnsparano.patch
Patch9: smeserver-coova-chilli-0.1-cmdsock.patch

%description
This package allow you to configure a third interface
(eth2). Just plug a WiFi AP on it, and you'll have
a secured captive portal. Users will be redirected
on a logon page and they'll have to enter credentials
(sme accounts) before the server allows them. By default, 
they'll only have web access if they are members of the group "chilli"
This contrib will only work in server&gateway mode 

%changelog
*Thu Aug 28 2008 Daniel B. <daniel@firewall-services.com> 0.1-6
- split uamallowed (one per line)
- Add dnsparanoia directive
- correct cmdsock directive
- initialise default configuration db in the spec file

* Thu Aug 28 2008 Jonathan Martens <smeserver-contribs@snetram.nl> 0.1-5
- Remove the reset of $OUT from the template

* Thu Aug 28 2008 Daniel B. <daniel@firewall-services.com> 0.1-4
- Add template to enable auth module unix (replace the template-custom)
- Copy images to /opt/chilli/template before removing .rpmnew directory
- Correct dependency (e-smith-radiusd not esmith-radiusd)

* Wed Aug 27 2008 Jonathan Martens <smeserver-contribs@snetram.nl> 0.1-3
- Split requirements to one per line
- Removed .rpmnew directory from package
- Removed the need for templates-custom as package now requires e-smith-radiusd >= 1.0.0-18

* Tue Aug 26 2008 Daniel B. <daniel@firewall-services.com>
- [0.1-2]
- Most firewall customizations (for incomming and forwarded traffic from
  chilli network only) can be set through db commands (Patch3)
- Outgoing DNS is allowed only for the two DNS servers configured
- Clean spec file, and put php files in /opt/chilli (Patch4)

* Tue Apr 15 2008 Daniel Berteaud <daniel@firewall-services.com>
- [0.1-1]
- security fixe: auth bypass with squid (patch1)
- masq template not expanded (patch2)

* Fri Apr 04 2008 Daniel Berteaud <daniel@firewall-services.com>
- [0.1]
- initiale release

%prep
%setup
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
%patch7 -p1
%patch8 -p1
%patch9 -p1

mv root/opt/chilli.rpmnew/template/images root/opt/chilli/template
rm -rf root/opt/chilli.rpmnew/
rm -rf root/etc/e-smith/templates-custom/
rm -rf root/etc/e-smith/db/configuration/defaults

%build
/usr/bin/perl createlinks

# Initialise db fragment
DEFAULT=root/etc/e-smith/db/configuration/defaults/chilli
mkdir -p $DEFAULT
echo 'service'                          > $DEFAULT/type
echo 'disabled'                         > $DEFAULT/status
echo 'private'                          > $DEFAULT/access
echo '900'                              > $DEFAULT/defidletimeout
echo '7200'                             > $DEFAULT/defsessiontimeout
echo 'eth2'                             > $DEFAULT/dhcpif
echo '212.73.209.226'                   > $DEFAULT/dns1
echo '194.206.120.1'                    > $DEFAULT/dns2
echo '10.1.0.0/255.255.255.0'           > $DEFAULT/net
echo '3990'                             > $DEFAULT/TCPPort
echo 'tun0'                             > $DEFAULT/tundev
echo 'tcp:www.firewall-services.com:80,\
        tcp:coova.org:80,\
        tcp:smeserver.org:80,\
        tcp:sourceforge.net:80'         > $DEFAULT/uamallowed
echo ''                                 > $DEFAULT/RedirectToChilli
echo ''                                 > $DEFAULT/AllowedServices
echo ''                                 > $DEFAULT/AllowedOutgoing


%install
/bin/rm -rf $RPM_BUILD_ROOT
(cd root   ; /usr/bin/find . -depth -print | /bin/cpio -dump $RPM_BUILD_ROOT)
/bin/rm -f %{name}-%{version}-filelist
/sbin/e-smith/genfilelist $RPM_BUILD_ROOT \
        --file /etc/chilli/conup.sh 'attr(0750,root,root)' \
        --file /etc/chilli/condown.sh 'attr(0750,root,root)' \
        --file /opt/chilli/hotspotlogin-loginform.php 'config(noreplace)' \
        --file /opt/chilli/hotspotlogin-nonchilli.php 'config(noreplace)' \
        --file /opt/chilli/hotspotlogin-nonssl.php 'config(noreplace)' \
        --file /opt/chilli/hotspotlogin.php 'config(noreplace)' \
        --file /opt/chilli/lang/en.php 'config(noreplace)' \
        --file /opt/chilli/lang/fr.php 'config(noreplace)' \
        --file /opt/chilli/lang/main.php 'config(noreplace)' \
        --file /opt/chilli/template/loggingin.php 'config(noreplace)' \
        --file /opt/chilli/template/loginform-footer.php 'config(noreplace)' \
        --file /opt/chilli/template/loginform-header.php 'config(noreplace)' \
        > %{name}-%{version}-filelist

%files -f %{name}-%{version}-filelist
%defattr(-,root,root)

%clean 
rm -rf $RPM_BUILD_ROOT

%preun

if [ $1 == 0 ]; then
        /sbin/e-smith/db configuration setprop chilli status disabled
        /etc/rc.d/init.d/chilli stop >& /dev/null || :
fi

1	vip-ire	1.12	# $Id: smeserver-coova-chilli.spec,v 1.11 2008/08/28 10:12:16 snetram Exp $
2	slords	1.7	# Authority: vip-ire
3			# Name: Daniel Berteaud
4
5	slords	1.1	Summary: Coova-Chilli, a captive portal based on ChilliSpot configured for SME server
6			%define name smeserver-coova-chilli
7			Name: %{name}
8			%define version 0.1
9	vip-ire	1.12	%define release 6
10	slords	1.1	Version: %{version}
11	vip-ire	1.5	Release: %{release}%{?dist}
12	vip-ire	1.4	License: GPL
13	slords	1.1	Group: Networking/Remote access
14			Source: %{name}-%{version}.tar.gz
15			URL: http://sme.firewall-services.com
16			BuildRoot: /var/tmp/%{name}-%{version}-%{release}-buildroot
17			BuildArchitectures: noarch
18	vip-ire	1.6	BuildRequires: e-smith-devtools
19	snetram	1.8	Requires: e-smith-release >= 7.0
20			Requires: openssl
21			Requires: coova-chilli
22	vip-ire	1.10	Requires: e-smith-radiusd >= 1.0.0-18
23	vip-ire	1.3
24			Patch1: smeserver-coova-chilli-0.1-bypass_auth_with_squid_fix.patch
25			Patch2: smeserver-coova-chilli-0.1-expand_masq_fix.patch
26			Patch3: smeserver-coova-chilli-0.1-firewall2db.patch
27			Patch4: smeserver-coova-chilli-0.1-loginPageDir.patch
28	vip-ire	1.9	Patch5: smeserver-coova-chilli-0.1-authTemplate.patch
29	snetram	1.11	Patch6: smeserver-coova-chilli-0.1-fixOUTreset.patch
30	vip-ire	1.12	Patch7: smeserver-coova-chilli-0.1-uamallowed.patch
31			Patch8: smeserver-coova-chilli-0.1-dnsparano.patch
32			Patch9: smeserver-coova-chilli-0.1-cmdsock.patch
33	slords	1.1
34			%description
35			This package allow you to configure a third interface
36			(eth2). Just plug a WiFi AP on it, and you'll have
37			a secured captive portal. Users will be redirected
38			on a logon page and they'll have to enter credentials
39			(sme accounts) before the server allows them. By default,
40	vip-ire	1.5	they'll only have web access if they are members of the group "chilli"
41			This contrib will only work in server&gateway mode
42	slords	1.1
43			%changelog
44	vip-ire	1.12	*Thu Aug 28 2008 Daniel B. <daniel@firewall-services.com> 0.1-6
45			- split uamallowed (one per line)
46			- Add dnsparanoia directive
47			- correct cmdsock directive
48			- initialise default configuration db in the spec file
49
50	snetram	1.11	* Thu Aug 28 2008 Jonathan Martens <smeserver-contribs@snetram.nl> 0.1-5
51			- Remove the reset of $OUT from the template
52
53	vip-ire	1.9	* Thu Aug 28 2008 Daniel B. <daniel@firewall-services.com> 0.1-4
54			- Add template to enable auth module unix (replace the template-custom)
55			- Copy images to /opt/chilli/template before removing .rpmnew directory
56	vip-ire	1.10	- Correct dependency (e-smith-radiusd not esmith-radiusd)
57	vip-ire	1.9
58	snetram	1.8	* Wed Aug 27 2008 Jonathan Martens <smeserver-contribs@snetram.nl> 0.1-3
59			- Split requirements to one per line
60			- Removed .rpmnew directory from package
61	vip-ire	1.9	- Removed the need for templates-custom as package now requires e-smith-radiusd >= 1.0.0-18
62	snetram	1.8
63	vip-ire	1.3	* Tue Aug 26 2008 Daniel B. <daniel@firewall-services.com>
64			- [0.1-2]
65	vip-ire	1.5	- Most firewall customizations (for incomming and forwarded traffic from
66	vip-ire	1.3	chilli network only) can be set through db commands (Patch3)
67			- Outgoing DNS is allowed only for the two DNS servers configured
68	vip-ire	1.5	- Clean spec file, and put php files in /opt/chilli (Patch4)
69	vip-ire	1.3
70	slords	1.1	* Tue Apr 15 2008 Daniel Berteaud <daniel@firewall-services.com>
71			- [0.1-1]
72			- security fixe: auth bypass with squid (patch1)
73			- masq template not expanded (patch2)
74
75			* Fri Apr 04 2008 Daniel Berteaud <daniel@firewall-services.com>
76			- [0.1]
77			- initiale release
78
79			%prep
80			%setup
81			%patch1 -p1
82			%patch2 -p1
83	vip-ire	1.3	%patch3 -p1
84			%patch4 -p1
85	vip-ire	1.9	%patch5 -p1
86	snetram	1.11	%patch6 -p1
87	vip-ire	1.12	%patch7 -p1
88			%patch8 -p1
89			%patch9 -p1
90
91	vip-ire	1.9	mv root/opt/chilli.rpmnew/template/images root/opt/chilli/template
92	snetram	1.8	rm -rf root/opt/chilli.rpmnew/
93			rm -rf root/etc/e-smith/templates-custom/
94	vip-ire	1.12	rm -rf root/etc/e-smith/db/configuration/defaults
95	slords	1.1
96			%build
97			/usr/bin/perl createlinks
98
99	vip-ire	1.12	# Initialise db fragment
100			DEFAULT=root/etc/e-smith/db/configuration/defaults/chilli
101			mkdir -p $DEFAULT
102			echo 'service' > $DEFAULT/type
103			echo 'disabled' > $DEFAULT/status
104			echo 'private' > $DEFAULT/access
105			echo '900' > $DEFAULT/defidletimeout
106			echo '7200' > $DEFAULT/defsessiontimeout
107			echo 'eth2' > $DEFAULT/dhcpif
108			echo '212.73.209.226' > $DEFAULT/dns1
109			echo '194.206.120.1' > $DEFAULT/dns2
110			echo '10.1.0.0/255.255.255.0' > $DEFAULT/net
111			echo '3990' > $DEFAULT/TCPPort
112			echo 'tun0' > $DEFAULT/tundev
113			echo 'tcp:www.firewall-services.com:80,\
114			tcp:coova.org:80,\
115			tcp:smeserver.org:80,\
116			tcp:sourceforge.net:80' > $DEFAULT/uamallowed
117			echo '' > $DEFAULT/RedirectToChilli
118			echo '' > $DEFAULT/AllowedServices
119			echo '' > $DEFAULT/AllowedOutgoing
120
121
122	slords	1.1	%install
123			/bin/rm -rf $RPM_BUILD_ROOT
124			(cd root ; /usr/bin/find . -depth -print \| /bin/cpio -dump $RPM_BUILD_ROOT)
125			/bin/rm -f %{name}-%{version}-filelist
126			/sbin/e-smith/genfilelist $RPM_BUILD_ROOT \
127			--file /etc/chilli/conup.sh 'attr(0750,root,root)' \
128			--file /etc/chilli/condown.sh 'attr(0750,root,root)' \
129	vip-ire	1.3	--file /opt/chilli/hotspotlogin-loginform.php 'config(noreplace)' \
130			--file /opt/chilli/hotspotlogin-nonchilli.php 'config(noreplace)' \
131			--file /opt/chilli/hotspotlogin-nonssl.php 'config(noreplace)' \
132			--file /opt/chilli/hotspotlogin.php 'config(noreplace)' \
133			--file /opt/chilli/lang/en.php 'config(noreplace)' \
134			--file /opt/chilli/lang/fr.php 'config(noreplace)' \
135			--file /opt/chilli/lang/main.php 'config(noreplace)' \
136			--file /opt/chilli/template/loggingin.php 'config(noreplace)' \
137			--file /opt/chilli/template/loginform-footer.php 'config(noreplace)' \
138			--file /opt/chilli/template/loginform-header.php 'config(noreplace)' \
139	slords	1.1	> %{name}-%{version}-filelist
140
141			%files -f %{name}-%{version}-filelist
142			%defattr(-,root,root)
143
144			%clean
145			rm -rf $RPM_BUILD_ROOT
146
147			%preun
148	vip-ire	1.3
149	slords	1.1	if [ $1 == 0 ]; then
150			/sbin/e-smith/db configuration setprop chilli status disabled
151	slords	1.7	/etc/rc.d/init.d/chilli stop >& /dev/null \|\| :
152	slords	1.1	fi
153