/[smecontribs]/rpms/smeserver-coova-chilli/contribs7/smeserver-coova-chilli.spec
ViewVC logotype

Diff of /rpms/smeserver-coova-chilli/contribs7/smeserver-coova-chilli.spec

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph | View Patch Patch

Revision 1.3 by vip-ire, Wed Aug 27 11:36:18 2008 UTC Revision 1.33 by vip-ire, Wed Oct 20 17:32:50 2010 UTC
# Line 1  Line 1 
1    # $Id: smeserver-coova-chilli.spec,v 1.32 2010/07/29 15:08:58 vip-ire Exp $
2    # Authority: vip-ire
3    # Name: Daniel Berteaud
4    
5  Summary: Coova-Chilli, a captive portal based on ChilliSpot configured for SME server  Summary: Coova-Chilli, a captive portal based on ChilliSpot configured for SME server
6  %define name smeserver-coova-chilli  %define name smeserver-coova-chilli
7  Name: %{name}  Name: %{name}
8  %define version 0.1  %define version 0.2
9  %define release 2.el4.sme  %define release 19
10  Version: %{version}  Version: %{version}
11  Release: %{release}  Release: %{release}%{?dist}
12  Copyright: GPL  License: GPL
13  Group: Networking/Remote access  Group: Networking/Remote access
14  Source: %{name}-%{version}.tar.gz  Source: %{name}-%{version}.tar.gz
15  URL: http://sme.firewall-services.com  URL: http://sme.firewall-services.com
 Packager: Daniel Berteaud <daniel@firewall-services.com>  
16  BuildRoot: /var/tmp/%{name}-%{version}-%{release}-buildroot  BuildRoot: /var/tmp/%{name}-%{version}-%{release}-buildroot
17  BuildArchitectures: noarch  BuildArchitectures: noarch
18  Requires: e-smith-release >= 7.0 openssl coova-chilli  BuildRequires: e-smith-devtools
19    Requires: e-smith-release >= 7.0
20  Patch1: smeserver-coova-chilli-0.1-bypass_auth_with_squid_fix.patch  Requires: openssl
21  Patch2: smeserver-coova-chilli-0.1-expand_masq_fix.patch  Requires: coova-chilli >= 1.0.13
22  Patch3: smeserver-coova-chilli-0.1-firewall2db.patch  Requires: e-smith-radiusd >= 1.0.0-18
23  Patch4: smeserver-coova-chilli-0.1-loginPageDir.patch  Requires: perl(NetAddr::IP)
24    Requires: smeserver-remoteuseraccess
25    
26    Patch1: smeserver-coova-chilli-0.2-guest_uplink_downlink.patch
27    Patch2: smeserver-coova-chilli-0.2-guest_access.patch
28    Patch3: smeserver-coova-chilli-0.2-chilli_ip.patch
29    Patch4: smeserver-coova-chilli-0.2-radius_timeout.patch
30    Patch5: smeserver-coova-chilli-0.2-guest_access2.patch
31    Patch6: smeserver-coova-chilli-0.2-template_syntax_error.patch
32    Patch7: smeserver-coova-chilli-0.2-httpd_warning.patch
33    Patch8: smeserver-coova-chilli-0.2-tundev.patch
34    Patch9: smeserver-coova-chilli-0.2-dhcp_range.patch
35    Patch10: smeserver-coova-chilli-0.2-localhost_nas.patch
36    Patch11: smeserver-coova-chilli-0.2-localhost_nas2.patch
37    Patch12: smeserver-coova-chilli-0.2-squid_template_typo.patch
38    Patch13: smeserver-coova-chilli-0.2-typo.patch
39    Patch14: smeserver-coova-chilli-0.2-allow_uamallowed.patch
40    Patch15: smeserver-coova-chilli-0.2-drop_privileges.patch
41    Patch16: smeserver-coova-chilli-0.2-use_sudo.patch
42    Patch17: smeserver-coova-chilli-0.2-templates2expand_in_createlinks.patch
43    Patch18: smeserver-coova-chilli-0.2-db_noc2c.patch
44    Patch19: smeserver-coova-chilli-0.2-remove_space.patch
45    Patch20: smeserver-coova-chilli-0.2-fixe_allow_uamallowed.patch
46    Patch21: smeserver-coova-chilli-0.2-fixe_squid_disabled.patch
47    Patch22: smeserver-coova-chilli-0.2-squid_tcpport.patch
48    Patch23: smeserver-coova-chilli-0.2-sudo_env.patch
49    Patch24: smeserver-coova-chilli-0.2-iptables_insert_position.patch
50    Patch25: smeserver-coova-chilli-0.2-transparent_squid.patch
51    Patch26: smeserver-coova-chilli-0.2-clean_cgi.patch
52    Patch27: smeserver-coova-chilli-0.2-remove_obsolete_php_templates.patch
53    Patch28: smeserver-coova-chilli-0.2-add_macallowed_in_db.patch
54    Patch29: smeserver-coova-chilli-0.2-add_uamhomepage_in_db.patch
55    Patch30: smeserver-coova-chilli-0.2-drop_forward_not_to_ext_if.patch
56    
57  %description  %description
58  This package allow you to configure a third interface  This package allow you to configure a third interface
# Line 25  This package allow you to configure a th Line 60  This package allow you to configure a th
60  a secured captive portal. Users will be redirected  a secured captive portal. Users will be redirected
61  on a logon page and they'll have to enter credentials  on a logon page and they'll have to enter credentials
62  (sme accounts) before the server allows them. By default,  (sme accounts) before the server allows them. By default,
63  they'll only have web access if they are members of the group "chilli"  they'll only have web access if they are members of the group "chilli"
64    This contrib will only work in server&gateway mode
65    
66  %changelog  %changelog
67    * Wed Oct 20 2010 Daniel B. <daniel@firewall-services.com> 0.2-19
68    - Drop all the trafic not going through the external interface
69    
70    * Thu Jul 29 2010 Daniel B. <daniel@firewall-services.com> 0.2-18
71    - cleanup CGI login script
72    - remove obsolete php templates
73    - add macallowed DB key to bypass auth for some mac addresses
74    - add uamhomepage DB key
75    
76    * Mon Jul 19 2010 Daniel B. <daniel@firewall-services.com> 0.2-17
77    - Fixes sudo env (bug only in SME8)
78    - Uses TCPPort squid key instead of TransparentPort so coova can
79      work with dansguardian
80    - insert NAT rule just before the ACCEPT (PREROUTING_FROM_CHILLI)
81    - add transparent directive to squid (required for squid => 2.6)
82    
83    * Wed Apr 14 2010 Daniel B. <daniel@firewall-services.com> 0.2-16
84    - Fixe a bug in conup.sh and condown.sh
85    
86    * Thu Jun 11 2009 Daniel B. <daniel@firewall-services.com> 0.2-15
87    - Fixe a bug in masq template for uamallowed entries
88    
89    * Thu May 28 2009 Daniel B. <daniel@firewall-services.com> 0.2-14
90    - Remove space in hotspot-config.pl template
91    
92    * Tue May 26 2009 Daniel B. <daniel@firewall-services.com> 0.2-13
93    - Add noc2c key (allow to disable the option, but default to enabled)
94    
95    * Thu Apr 30 2009 Daniel B. <daniel@firewall-services.com> 0.2-12
96    - Create a new user coovachilli
97    - Add support of new options uid and gid to drop privileges
98    - Enabled noc2c (prevent client to client communication)
99    - Use sudo to call conup/condown script (as chilli runs under un
100      unprivileged account now)
101    - Add smeserver-remoteuseraccess as a dependency (for sudoers metadata templates)
102    - move templates2expand in creatlinks script
103    
104    * Wed Mar 13 2009 Daniel B. <daniel@firewall-services.com> 0.2-11
105    - Automatically allow uamallowed entries in the firewall (no need to
106      explicitly allow it agin in AllowOutgoing)
107    
108    * Thu Mar 12 2009 Daniel B. <daniel@firewall-services.com> 0.2-10
109    - Small typo correction
110    
111    * Tue Mar 10 2009 Daniel B. <daniel@firewall-services.com> 0.2-9
112    - Use allready defined localhost NAS to fixe PPTP problem [SME: 4996]
113      (thanks John K Pruder)
114    - fix a typo in squid template
115    
116    * Sun Mar 07 2009 Daniel B. <daniel@firewall-services.com> 0.2-8
117    - Add dhcpstart and dhcpstop db parameters (thanks John K Pruder)
118    
119    * Sun Mar 07 2009 Daniel B. <daniel@firewall-services.com> 0.2-7
120    - Fix tundev template [SME: 5054]
121    
122    * Thu Sep 18 2008 Daniel B. <daniel@firewall-services.com> 0.2-6
123    - Remove warning in httpd.conf file (httpd -t)
124    
125    * Mon Sep 15 2008 Daniel B. <daniel@firewall-services.com> 0.2-5
126    - Fix Syntax Error in /etc/chilli.conf template (25listen) [SME: 4559]
127    
128    * Mon Sep 08 2008 Daniel B. <daniel@firewall-services.com> 0.2-4
129    - Requires perl(NetAddr::IP)
130    
131    * Fri Sep 5 2008 Daniel B. <daniel@firewall-services.com> 0.2-3
132    - Chilli IP computed with NetAddr::IP
133    - Radius timeout set to 3 sec
134    - syntax error in radius users template fixed (for guest access)
135    
136    * Thu Sep 3 2008 Daniel B. <daniel@firewall-services.com> 0.2-2
137    - Bug fix for guest access
138    
139    * Tue Sep 2 2008 Daniel B. <daniel@firewall-services.com> 0.2-1
140    - uplink and downlink for guest account are configurable via db keys
141    
142    * Tue Sep 2 2008 Daniel B. <daniel@firewall-services.com> 0.2-0
143    - Login page is a CGI, with a server-manager login page look
144    - Guest Access can be enabled with guestAccess key (enabled/disabled)
145    - merge patchs in main package
146    
147    * Mon Sep 01 2008 Daniel B. <daniel@firewall-services.com> 0.1-8
148    - Fix uamallowed not working (since bypass_auth_with_squid_fix patch)
149    - Add WebRequests key (use of squid or direct connexions, default to direct)
150    - disable radconf in /etc/chilli/config
151    - possible to disable https (enabled by default in AllowedOutgoing)
152    - add tcp:static.sourceforge.net:80 in uamallowed so daloradius homepage is displayed correctly
153    - add radiustimeout directive so authentication errors display the standard message quickly
154    
155    * Thu Aug 28 2008 Jonathan Martens <smeserver-contribs@snetram.nl> 0.1-7
156    - Reverted moving of default db entries to SPEC file since common practice is to store them in files
157    
158    * Thu Aug 28 2008 Daniel B. <daniel@firewall-services.com> 0.1-6
159    - split uamallowed (one per line)
160    - Add dnsparanoia directive
161    - correct cmdsock directive
162    - initialise default configuration db in the spec file
163    
164    * Thu Aug 28 2008 Jonathan Martens <smeserver-contribs@snetram.nl> 0.1-5
165    - Remove the reset of $OUT from the template
166    
167    * Thu Aug 28 2008 Daniel B. <daniel@firewall-services.com> 0.1-4
168    - Add template to enable auth module unix (replace the template-custom)
169    - Copy images to /opt/chilli/template before removing .rpmnew directory
170    - Correct dependency (e-smith-radiusd not esmith-radiusd)
171    
172    * Wed Aug 27 2008 Jonathan Martens <smeserver-contribs@snetram.nl> 0.1-3
173    - Split requirements to one per line
174    - Removed .rpmnew directory from package
175    - Removed the need for templates-custom as package now requires e-smith-radiusd >= 1.0.0-18
176    
177  * Tue Aug 26 2008 Daniel B. <daniel@firewall-services.com>  * Tue Aug 26 2008 Daniel B. <daniel@firewall-services.com>
178  - [0.1-2]  - [0.1-2]
179  - Most firewall customizations (for incomming and forwarded traffic from  - Most firewall customizations (for incomming and forwarded traffic from
180    chilli network only) can be set through db commands (Patch3)    chilli network only) can be set through db commands (Patch3)
181  - Outgoing DNS is allowed only for the two DNS servers configured  - Outgoing DNS is allowed only for the two DNS servers configured
182  - Clean spec file, adn put php files in /opt/chilli (Patch4)  - Clean spec file, and put php files in /opt/chilli (Patch4)
   
183    
184  * Tue Apr 15 2008 Daniel Berteaud <daniel@firewall-services.com>  * Tue Apr 15 2008 Daniel Berteaud <daniel@firewall-services.com>
185  - [0.1-1]  - [0.1-1]
# Line 51  they'll only have web access if they are Line 196  they'll only have web access if they are
196  %patch2 -p1  %patch2 -p1
197  %patch3 -p1  %patch3 -p1
198  %patch4 -p1  %patch4 -p1
199    %patch5 -p1
200    %patch6 -p1
201    %patch7 -p1
202    %patch8 -p1
203    %patch9 -p1
204    %patch10 -p1
205    %patch11 -p1
206    %patch12 -p1
207    %patch13 -p1
208    %patch14 -p1
209    %patch15 -p1
210    %patch16 -p1
211    %patch17 -p1
212    %patch18 -p1
213    %patch19 -p1
214    %patch20 -p1
215    %patch21 -p1
216    %patch22 -p1
217    %patch23 -p1
218    %patch24 -p1
219    %patch25 -p1
220    %patch26 -p1
221    %patch27 -p1
222    %patch28 -p1
223    %patch29 -p1
224    %patch30 -p1
225    
226  %build  %build
227  /usr/bin/perl createlinks  /usr/bin/perl createlinks
# Line 60  they'll only have web access if they are Line 231  they'll only have web access if they are
231  (cd root   ; /usr/bin/find . -depth -print | /bin/cpio -dump $RPM_BUILD_ROOT)  (cd root   ; /usr/bin/find . -depth -print | /bin/cpio -dump $RPM_BUILD_ROOT)
232  /bin/rm -f %{name}-%{version}-filelist  /bin/rm -f %{name}-%{version}-filelist
233  /sbin/e-smith/genfilelist $RPM_BUILD_ROOT \  /sbin/e-smith/genfilelist $RPM_BUILD_ROOT \
234          --file /etc/chilli/conup.sh 'attr(0750,root,root)' \          --file /etc/chilli/conup.sh 'attr(755,root,root)' \
235          --file /etc/chilli/condown.sh 'attr(0750,root,root)' \          --file /etc/chilli/condown.sh 'attr(750,root,root)' \
236          --file /opt/chilli/hotspotlogin-loginform.php 'config(noreplace)' \          --file /etc/chilli/call_conup.sh 'attr(755,root,root)' \
237          --file /opt/chilli/hotspotlogin-nonchilli.php 'config(noreplace)' \          --file /etc/chilli/call_condown.sh 'attr(755,root,root)' \
238          --file /opt/chilli/hotspotlogin-nonssl.php 'config(noreplace)' \          --file /opt/chilli/cgi-bin/hotspotlogin.cgi 'attr(0750,root,www) %config(noreplace)' \
239          --file /opt/chilli/hotspotlogin.php 'config(noreplace)' \          --file /opt/chilli/lang/hotspotlogin.fr.pl 'config(noreplace)' \
240          --file /opt/chilli/lang/en.php 'config(noreplace)' \          --file /opt/chilli/lang/hotspotlogin.en.pl 'config(noreplace)' \
241          --file /opt/chilli/lang/fr.php 'config(noreplace)' \          --file /opt/chilli/css/sme.css 'config(noreplace)' \
         --file /opt/chilli/lang/main.php 'config(noreplace)' \  
         --file /opt/chilli/template/loggingin.php 'config(noreplace)' \  
         --file /opt/chilli/template/loginform-footer.php 'config(noreplace)' \  
         --file /opt/chilli/template/loginform-header.php 'config(noreplace)' \  
242          > %{name}-%{version}-filelist          > %{name}-%{version}-filelist
243    
244  %files -f %{name}-%{version}-filelist  %files -f %{name}-%{version}-filelist
# Line 81  they'll only have web access if they are Line 248  they'll only have web access if they are
248  rm -rf $RPM_BUILD_ROOT  rm -rf $RPM_BUILD_ROOT
249    
250  %pre  %pre
251    if ! /usr/bin/id coovachilli &>/dev/null; then
252            /usr/sbin/useradd -c 'Coova Chilli User' -s /sbin/nologin -r -d /etc/chilli coovachilli &>/dev/null || \
253                    %logmsg "Unexpected error adding user \"coovachilli\". Abort installation."
254    fi
255    
256    
 %post  
   
257  %preun  %preun
258    
259  if [ $1 == 0 ]; then  if [ $1 == 0 ]; then
260          /sbin/e-smith/db configuration setprop chilli status disabled          /sbin/e-smith/db configuration setprop chilli status disabled
261          /etc/rc.d/init.d/chilli stop > /dev/null 2>&1          /etc/rc.d/init.d/chilli stop >& /dev/null || :
         true  
262  fi  fi
263    
 %postun  
   


Legend:
Removed lines/characters  
Changed lines/characters
  Added lines/characters

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed