/[smecontribs]/rpms/smeserver-coova-chilli/contribs7/smeserver-coova-chilli.spec
ViewVC logotype

Annotation of /rpms/smeserver-coova-chilli/contribs7/smeserver-coova-chilli.spec

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.33 - (hide annotations) (download)
Wed Oct 20 17:32:50 2010 UTC (14 years, 1 month ago) by vip-ire
Branch: MAIN
CVS Tags: smeserver-coova-chilli-0_2-19_el4_sme
Changes since 1.32: +7 -2 lines
* Wed Oct 20 2010 Daniel B. <daniel@firewall-services.com> 0.2-19
- Drop all the trafic not going through the external interface

1 vip-ire 1.33 # $Id: smeserver-coova-chilli.spec,v 1.32 2010/07/29 15:08:58 vip-ire Exp $
2 slords 1.7 # Authority: vip-ire
3     # Name: Daniel Berteaud
4    
5 slords 1.1 Summary: Coova-Chilli, a captive portal based on ChilliSpot configured for SME server
6     %define name smeserver-coova-chilli
7     Name: %{name}
8 slords 1.15 %define version 0.2
9 vip-ire 1.33 %define release 19
10 slords 1.1 Version: %{version}
11 vip-ire 1.5 Release: %{release}%{?dist}
12 vip-ire 1.4 License: GPL
13 slords 1.1 Group: Networking/Remote access
14     Source: %{name}-%{version}.tar.gz
15     URL: http://sme.firewall-services.com
16     BuildRoot: /var/tmp/%{name}-%{version}-%{release}-buildroot
17     BuildArchitectures: noarch
18 vip-ire 1.6 BuildRequires: e-smith-devtools
19 snetram 1.8 Requires: e-smith-release >= 7.0
20     Requires: openssl
21 vip-ire 1.26 Requires: coova-chilli >= 1.0.13
22 vip-ire 1.10 Requires: e-smith-radiusd >= 1.0.0-18
23 vip-ire 1.18 Requires: perl(NetAddr::IP)
24 vip-ire 1.26 Requires: smeserver-remoteuseraccess
25 vip-ire 1.3
26 slords 1.15 Patch1: smeserver-coova-chilli-0.2-guest_uplink_downlink.patch
27     Patch2: smeserver-coova-chilli-0.2-guest_access.patch
28 vip-ire 1.17 Patch3: smeserver-coova-chilli-0.2-chilli_ip.patch
29     Patch4: smeserver-coova-chilli-0.2-radius_timeout.patch
30     Patch5: smeserver-coova-chilli-0.2-guest_access2.patch
31 vip-ire 1.18 Patch6: smeserver-coova-chilli-0.2-template_syntax_error.patch
32 vip-ire 1.19 Patch7: smeserver-coova-chilli-0.2-httpd_warning.patch
33 vip-ire 1.22 Patch8: smeserver-coova-chilli-0.2-tundev.patch
34 vip-ire 1.23 Patch9: smeserver-coova-chilli-0.2-dhcp_range.patch
35 vip-ire 1.24 Patch10: smeserver-coova-chilli-0.2-localhost_nas.patch
36     Patch11: smeserver-coova-chilli-0.2-localhost_nas2.patch
37     Patch12: smeserver-coova-chilli-0.2-squid_template_typo.patch
38 vip-ire 1.25 Patch13: smeserver-coova-chilli-0.2-typo.patch
39 vip-ire 1.26 Patch14: smeserver-coova-chilli-0.2-allow_uamallowed.patch
40     Patch15: smeserver-coova-chilli-0.2-drop_privileges.patch
41     Patch16: smeserver-coova-chilli-0.2-use_sudo.patch
42     Patch17: smeserver-coova-chilli-0.2-templates2expand_in_createlinks.patch
43 vip-ire 1.27 Patch18: smeserver-coova-chilli-0.2-db_noc2c.patch
44 vip-ire 1.28 Patch19: smeserver-coova-chilli-0.2-remove_space.patch
45 vip-ire 1.29 Patch20: smeserver-coova-chilli-0.2-fixe_allow_uamallowed.patch
46 vip-ire 1.30 Patch21: smeserver-coova-chilli-0.2-fixe_squid_disabled.patch
47 vip-ire 1.31 Patch22: smeserver-coova-chilli-0.2-squid_tcpport.patch
48     Patch23: smeserver-coova-chilli-0.2-sudo_env.patch
49     Patch24: smeserver-coova-chilli-0.2-iptables_insert_position.patch
50     Patch25: smeserver-coova-chilli-0.2-transparent_squid.patch
51 vip-ire 1.32 Patch26: smeserver-coova-chilli-0.2-clean_cgi.patch
52     Patch27: smeserver-coova-chilli-0.2-remove_obsolete_php_templates.patch
53     Patch28: smeserver-coova-chilli-0.2-add_macallowed_in_db.patch
54     Patch29: smeserver-coova-chilli-0.2-add_uamhomepage_in_db.patch
55 vip-ire 1.33 Patch30: smeserver-coova-chilli-0.2-drop_forward_not_to_ext_if.patch
56 slords 1.1
57     %description
58     This package allow you to configure a third interface
59     (eth2). Just plug a WiFi AP on it, and you'll have
60     a secured captive portal. Users will be redirected
61     on a logon page and they'll have to enter credentials
62     (sme accounts) before the server allows them. By default,
63 vip-ire 1.5 they'll only have web access if they are members of the group "chilli"
64     This contrib will only work in server&gateway mode
65 slords 1.1
66     %changelog
67 vip-ire 1.33 * Wed Oct 20 2010 Daniel B. <daniel@firewall-services.com> 0.2-19
68     - Drop all the trafic not going through the external interface
69    
70 vip-ire 1.32 * Thu Jul 29 2010 Daniel B. <daniel@firewall-services.com> 0.2-18
71     - cleanup CGI login script
72     - remove obsolete php templates
73     - add macallowed DB key to bypass auth for some mac addresses
74     - add uamhomepage DB key
75    
76 vip-ire 1.31 * Mon Jul 19 2010 Daniel B. <daniel@firewall-services.com> 0.2-17
77     - Fixes sudo env (bug only in SME8)
78     - Uses TCPPort squid key instead of TransparentPort so coova can
79     work with dansguardian
80     - insert NAT rule just before the ACCEPT (PREROUTING_FROM_CHILLI)
81     - add transparent directive to squid (required for squid => 2.6)
82    
83 vip-ire 1.30 * Wed Apr 14 2010 Daniel B. <daniel@firewall-services.com> 0.2-16
84     - Fixe a bug in conup.sh and condown.sh
85    
86 vip-ire 1.29 * Thu Jun 11 2009 Daniel B. <daniel@firewall-services.com> 0.2-15
87     - Fixe a bug in masq template for uamallowed entries
88    
89 vip-ire 1.28 * Thu May 28 2009 Daniel B. <daniel@firewall-services.com> 0.2-14
90     - Remove space in hotspot-config.pl template
91    
92 vip-ire 1.27 * Tue May 26 2009 Daniel B. <daniel@firewall-services.com> 0.2-13
93     - Add noc2c key (allow to disable the option, but default to enabled)
94    
95 vip-ire 1.26 * Thu Apr 30 2009 Daniel B. <daniel@firewall-services.com> 0.2-12
96     - Create a new user coovachilli
97     - Add support of new options uid and gid to drop privileges
98     - Enabled noc2c (prevent client to client communication)
99     - Use sudo to call conup/condown script (as chilli runs under un
100     unprivileged account now)
101     - Add smeserver-remoteuseraccess as a dependency (for sudoers metadata templates)
102     - move templates2expand in creatlinks script
103    
104     * Wed Mar 13 2009 Daniel B. <daniel@firewall-services.com> 0.2-11
105     - Automatically allow uamallowed entries in the firewall (no need to
106     explicitly allow it agin in AllowOutgoing)
107    
108 vip-ire 1.25 * Thu Mar 12 2009 Daniel B. <daniel@firewall-services.com> 0.2-10
109     - Small typo correction
110    
111 vip-ire 1.24 * Tue Mar 10 2009 Daniel B. <daniel@firewall-services.com> 0.2-9
112     - Use allready defined localhost NAS to fixe PPTP problem [SME: 4996]
113     (thanks John K Pruder)
114     - fix a typo in squid template
115    
116 vip-ire 1.23 * Sun Mar 07 2009 Daniel B. <daniel@firewall-services.com> 0.2-8
117 vip-ire 1.24 - Add dhcpstart and dhcpstop db parameters (thanks John K Pruder)
118 vip-ire 1.23
119 vip-ire 1.22 * Sun Mar 07 2009 Daniel B. <daniel@firewall-services.com> 0.2-7
120     - Fix tundev template [SME: 5054]
121    
122 vip-ire 1.19 * Thu Sep 18 2008 Daniel B. <daniel@firewall-services.com> 0.2-6
123     - Remove warning in httpd.conf file (httpd -t)
124    
125 vip-ire 1.18 * Mon Sep 15 2008 Daniel B. <daniel@firewall-services.com> 0.2-5
126 vip-ire 1.22 - Fix Syntax Error in /etc/chilli.conf template (25listen) [SME: 4559]
127 vip-ire 1.18
128     * Mon Sep 08 2008 Daniel B. <daniel@firewall-services.com> 0.2-4
129     - Requires perl(NetAddr::IP)
130    
131 vip-ire 1.17 * Fri Sep 5 2008 Daniel B. <daniel@firewall-services.com> 0.2-3
132     - Chilli IP computed with NetAddr::IP
133     - Radius timeout set to 3 sec
134     - syntax error in radius users template fixed (for guest access)
135    
136 slords 1.15 * Thu Sep 3 2008 Daniel B. <daniel@firewall-services.com> 0.2-2
137 vip-ire 1.17 - Bug fix for guest access
138 slords 1.15
139     * Tue Sep 2 2008 Daniel B. <daniel@firewall-services.com> 0.2-1
140     - uplink and downlink for guest account are configurable via db keys
141    
142     * Tue Sep 2 2008 Daniel B. <daniel@firewall-services.com> 0.2-0
143     - Login page is a CGI, with a server-manager login page look
144 vip-ire 1.22 - Guest Access can be enabled with guestAccess key (enabled/disabled)
145 slords 1.15 - merge patchs in main package
146    
147 vip-ire 1.14 * Mon Sep 01 2008 Daniel B. <daniel@firewall-services.com> 0.1-8
148     - Fix uamallowed not working (since bypass_auth_with_squid_fix patch)
149     - Add WebRequests key (use of squid or direct connexions, default to direct)
150     - disable radconf in /etc/chilli/config
151     - possible to disable https (enabled by default in AllowedOutgoing)
152     - add tcp:static.sourceforge.net:80 in uamallowed so daloradius homepage is displayed correctly
153     - add radiustimeout directive so authentication errors display the standard message quickly
154    
155 snetram 1.13 * Thu Aug 28 2008 Jonathan Martens <smeserver-contribs@snetram.nl> 0.1-7
156     - Reverted moving of default db entries to SPEC file since common practice is to store them in files
157    
158     * Thu Aug 28 2008 Daniel B. <daniel@firewall-services.com> 0.1-6
159 vip-ire 1.12 - split uamallowed (one per line)
160     - Add dnsparanoia directive
161     - correct cmdsock directive
162     - initialise default configuration db in the spec file
163    
164 snetram 1.11 * Thu Aug 28 2008 Jonathan Martens <smeserver-contribs@snetram.nl> 0.1-5
165     - Remove the reset of $OUT from the template
166    
167 vip-ire 1.9 * Thu Aug 28 2008 Daniel B. <daniel@firewall-services.com> 0.1-4
168     - Add template to enable auth module unix (replace the template-custom)
169     - Copy images to /opt/chilli/template before removing .rpmnew directory
170 vip-ire 1.10 - Correct dependency (e-smith-radiusd not esmith-radiusd)
171 vip-ire 1.9
172 snetram 1.8 * Wed Aug 27 2008 Jonathan Martens <smeserver-contribs@snetram.nl> 0.1-3
173     - Split requirements to one per line
174     - Removed .rpmnew directory from package
175 vip-ire 1.9 - Removed the need for templates-custom as package now requires e-smith-radiusd >= 1.0.0-18
176 snetram 1.8
177 vip-ire 1.3 * Tue Aug 26 2008 Daniel B. <daniel@firewall-services.com>
178     - [0.1-2]
179 vip-ire 1.5 - Most firewall customizations (for incomming and forwarded traffic from
180 vip-ire 1.3 chilli network only) can be set through db commands (Patch3)
181     - Outgoing DNS is allowed only for the two DNS servers configured
182 vip-ire 1.5 - Clean spec file, and put php files in /opt/chilli (Patch4)
183 vip-ire 1.3
184 slords 1.1 * Tue Apr 15 2008 Daniel Berteaud <daniel@firewall-services.com>
185     - [0.1-1]
186     - security fixe: auth bypass with squid (patch1)
187     - masq template not expanded (patch2)
188    
189     * Fri Apr 04 2008 Daniel Berteaud <daniel@firewall-services.com>
190     - [0.1]
191     - initiale release
192    
193     %prep
194     %setup
195     %patch1 -p1
196     %patch2 -p1
197 vip-ire 1.17 %patch3 -p1
198     %patch4 -p1
199     %patch5 -p1
200 vip-ire 1.18 %patch6 -p1
201 vip-ire 1.19 %patch7 -p1
202 vip-ire 1.22 %patch8 -p1
203 vip-ire 1.23 %patch9 -p1
204 vip-ire 1.24 %patch10 -p1
205     %patch11 -p1
206     %patch12 -p1
207 vip-ire 1.25 %patch13 -p1
208 vip-ire 1.26 %patch14 -p1
209     %patch15 -p1
210     %patch16 -p1
211     %patch17 -p1
212 vip-ire 1.27 %patch18 -p1
213 vip-ire 1.28 %patch19 -p1
214 vip-ire 1.29 %patch20 -p1
215 vip-ire 1.30 %patch21 -p1
216 vip-ire 1.31 %patch22 -p1
217     %patch23 -p1
218     %patch24 -p1
219     %patch25 -p1
220 vip-ire 1.32 %patch26 -p1
221     %patch27 -p1
222     %patch28 -p1
223     %patch29 -p1
224 vip-ire 1.33 %patch30 -p1
225 slords 1.15
226 slords 1.1 %build
227     /usr/bin/perl createlinks
228    
229     %install
230     /bin/rm -rf $RPM_BUILD_ROOT
231     (cd root ; /usr/bin/find . -depth -print | /bin/cpio -dump $RPM_BUILD_ROOT)
232     /bin/rm -f %{name}-%{version}-filelist
233     /sbin/e-smith/genfilelist $RPM_BUILD_ROOT \
234 vip-ire 1.26 --file /etc/chilli/conup.sh 'attr(755,root,root)' \
235     --file /etc/chilli/condown.sh 'attr(750,root,root)' \
236     --file /etc/chilli/call_conup.sh 'attr(755,root,root)' \
237     --file /etc/chilli/call_condown.sh 'attr(755,root,root)' \
238 slords 1.15 --file /opt/chilli/cgi-bin/hotspotlogin.cgi 'attr(0750,root,www) %config(noreplace)' \
239     --file /opt/chilli/lang/hotspotlogin.fr.pl 'config(noreplace)' \
240     --file /opt/chilli/lang/hotspotlogin.en.pl 'config(noreplace)' \
241     --file /opt/chilli/css/sme.css 'config(noreplace)' \
242 slords 1.1 > %{name}-%{version}-filelist
243    
244     %files -f %{name}-%{version}-filelist
245     %defattr(-,root,root)
246    
247     %clean
248     rm -rf $RPM_BUILD_ROOT
249    
250 vip-ire 1.26 %pre
251     if ! /usr/bin/id coovachilli &>/dev/null; then
252     /usr/sbin/useradd -c 'Coova Chilli User' -s /sbin/nologin -r -d /etc/chilli coovachilli &>/dev/null || \
253     %logmsg "Unexpected error adding user \"coovachilli\". Abort installation."
254     fi
255    
256    
257 slords 1.1 %preun
258 vip-ire 1.3
259 slords 1.1 if [ $1 == 0 ]; then
260     /sbin/e-smith/db configuration setprop chilli status disabled
261 slords 1.7 /etc/rc.d/init.d/chilli stop >& /dev/null || :
262 slords 1.1 fi
263    

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed