/[smecontribs]/rpms/smeserver-coova-chilli/contribs7/smeserver-coova-chilli.spec
ViewVC logotype

Diff of /rpms/smeserver-coova-chilli/contribs7/smeserver-coova-chilli.spec

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph | View Patch Patch

Revision 1.1 by slords, Tue Apr 15 15:04:56 2008 UTC Revision 1.27 by vip-ire, Tue May 26 13:46:19 2009 UTC
# Line 1  Line 1 
1  # $Id$  # $Id: smeserver-coova-chilli.spec,v 1.26 2009/05/04 14:31:30 vip-ire Exp $
2  # Authority: vip-ire  # Authority: vip-ire
3  # Name: Daniel Berteaud  # Name: Daniel Berteaud
4    
5  Summary: Coova-Chilli, a captive portal based on ChilliSpot configured for SME server  Summary: Coova-Chilli, a captive portal based on ChilliSpot configured for SME server
6  %define name smeserver-coova-chilli  %define name smeserver-coova-chilli
7  Name: %{name}  Name: %{name}
8  %define version 0.1  %define version 0.2
9  %define release 1  %define release 13
10  Version: %{version}  Version: %{version}
11  Release: %{release}%{?dist}  Release: %{release}%{?dist}
12  License: GPL  License: GPL
13  Group: Networking/Remote access  Group: Networking/Remote access
14  Source: %{name}-%{version}.tar.gz  Source: %{name}-%{version}.tar.gz
 Patch1: smeserver-coova-chilli-0.1-bypass_auth_with_squid_fix.patch  
 Patch2: smeserver-coova-chilli-0.1-expand_masq_fix.patch  
15  URL: http://sme.firewall-services.com  URL: http://sme.firewall-services.com
 Packager: Daniel Berteaud <daniel@firewall-services.com>  
16  BuildRoot: /var/tmp/%{name}-%{version}-%{release}-buildroot  BuildRoot: /var/tmp/%{name}-%{version}-%{release}-buildroot
17  BuildArchitectures: noarch  BuildArchitectures: noarch
18  Requires: e-smith-release >= 7.0 openssl coova-chilli  BuildRequires: e-smith-devtools
19  BuildRequires: e-smith-devtools >= 1.13.1-03  Requires: e-smith-release >= 7.0
20    Requires: openssl
21    Requires: coova-chilli >= 1.0.13
22    Requires: e-smith-radiusd >= 1.0.0-18
23    Requires: perl(NetAddr::IP)
24    Requires: smeserver-remoteuseraccess
25    
26    Patch1: smeserver-coova-chilli-0.2-guest_uplink_downlink.patch
27    Patch2: smeserver-coova-chilli-0.2-guest_access.patch
28    Patch3: smeserver-coova-chilli-0.2-chilli_ip.patch
29    Patch4: smeserver-coova-chilli-0.2-radius_timeout.patch
30    Patch5: smeserver-coova-chilli-0.2-guest_access2.patch
31    Patch6: smeserver-coova-chilli-0.2-template_syntax_error.patch
32    Patch7: smeserver-coova-chilli-0.2-httpd_warning.patch
33    Patch8: smeserver-coova-chilli-0.2-tundev.patch
34    Patch9: smeserver-coova-chilli-0.2-dhcp_range.patch
35    Patch10: smeserver-coova-chilli-0.2-localhost_nas.patch
36    Patch11: smeserver-coova-chilli-0.2-localhost_nas2.patch
37    Patch12: smeserver-coova-chilli-0.2-squid_template_typo.patch
38    Patch13: smeserver-coova-chilli-0.2-typo.patch
39    Patch14: smeserver-coova-chilli-0.2-allow_uamallowed.patch
40    Patch15: smeserver-coova-chilli-0.2-drop_privileges.patch
41    Patch16: smeserver-coova-chilli-0.2-use_sudo.patch
42    Patch17: smeserver-coova-chilli-0.2-templates2expand_in_createlinks.patch
43    Patch18: smeserver-coova-chilli-0.2-db_noc2c.patch
44    
45  %description  %description
46  This package allow you to configure a third interface  This package allow you to configure a third interface
# Line 27  This package allow you to configure a th Line 48  This package allow you to configure a th
48  a secured captive portal. Users will be redirected  a secured captive portal. Users will be redirected
49  on a logon page and they'll have to enter credentials  on a logon page and they'll have to enter credentials
50  (sme accounts) before the server allows them. By default,  (sme accounts) before the server allows them. By default,
51  they'll only have web access if they are members of the group "chilli"  they'll only have web access if they are members of the group "chilli"
52    This contrib will only work in server&gateway mode
53    
54  %changelog  %changelog
55    * Tue May 26 2009 Daniel B. <daniel@firewall-services.com> 0.2-13
56    - Add noc2c key (allow to disable the option, but default to enabled)
57    
58    * Thu Apr 30 2009 Daniel B. <daniel@firewall-services.com> 0.2-12
59    - Create a new user coovachilli
60    - Add support of new options uid and gid to drop privileges
61    - Enabled noc2c (prevent client to client communication)
62    - Use sudo to call conup/condown script (as chilli runs under un
63      unprivileged account now)
64    - Add smeserver-remoteuseraccess as a dependency (for sudoers metadata templates)
65    - move templates2expand in creatlinks script
66    
67    * Wed Mar 13 2009 Daniel B. <daniel@firewall-services.com> 0.2-11
68    - Automatically allow uamallowed entries in the firewall (no need to
69      explicitly allow it agin in AllowOutgoing)
70    
71    * Thu Mar 12 2009 Daniel B. <daniel@firewall-services.com> 0.2-10
72    - Small typo correction
73    
74    * Tue Mar 10 2009 Daniel B. <daniel@firewall-services.com> 0.2-9
75    - Use allready defined localhost NAS to fixe PPTP problem [SME: 4996]
76      (thanks John K Pruder)
77    - fix a typo in squid template
78    
79    * Sun Mar 07 2009 Daniel B. <daniel@firewall-services.com> 0.2-8
80    - Add dhcpstart and dhcpstop db parameters (thanks John K Pruder)
81    
82    * Sun Mar 07 2009 Daniel B. <daniel@firewall-services.com> 0.2-7
83    - Fix tundev template [SME: 5054]
84    
85    * Thu Sep 18 2008 Daniel B. <daniel@firewall-services.com> 0.2-6
86    - Remove warning in httpd.conf file (httpd -t)
87    
88    * Mon Sep 15 2008 Daniel B. <daniel@firewall-services.com> 0.2-5
89    - Fix Syntax Error in /etc/chilli.conf template (25listen) [SME: 4559]
90    
91    * Mon Sep 08 2008 Daniel B. <daniel@firewall-services.com> 0.2-4
92    - Requires perl(NetAddr::IP)
93    
94    * Fri Sep 5 2008 Daniel B. <daniel@firewall-services.com> 0.2-3
95    - Chilli IP computed with NetAddr::IP
96    - Radius timeout set to 3 sec
97    - syntax error in radius users template fixed (for guest access)
98    
99    * Thu Sep 3 2008 Daniel B. <daniel@firewall-services.com> 0.2-2
100    - Bug fix for guest access
101    
102    * Tue Sep 2 2008 Daniel B. <daniel@firewall-services.com> 0.2-1
103    - uplink and downlink for guest account are configurable via db keys
104    
105    * Tue Sep 2 2008 Daniel B. <daniel@firewall-services.com> 0.2-0
106    - Login page is a CGI, with a server-manager login page look
107    - Guest Access can be enabled with guestAccess key (enabled/disabled)
108    - merge patchs in main package
109    
110    * Mon Sep 01 2008 Daniel B. <daniel@firewall-services.com> 0.1-8
111    - Fix uamallowed not working (since bypass_auth_with_squid_fix patch)
112    - Add WebRequests key (use of squid or direct connexions, default to direct)
113    - disable radconf in /etc/chilli/config
114    - possible to disable https (enabled by default in AllowedOutgoing)
115    - add tcp:static.sourceforge.net:80 in uamallowed so daloradius homepage is displayed correctly
116    - add radiustimeout directive so authentication errors display the standard message quickly
117    
118    * Thu Aug 28 2008 Jonathan Martens <smeserver-contribs@snetram.nl> 0.1-7
119    - Reverted moving of default db entries to SPEC file since common practice is to store them in files
120    
121    * Thu Aug 28 2008 Daniel B. <daniel@firewall-services.com> 0.1-6
122    - split uamallowed (one per line)
123    - Add dnsparanoia directive
124    - correct cmdsock directive
125    - initialise default configuration db in the spec file
126    
127    * Thu Aug 28 2008 Jonathan Martens <smeserver-contribs@snetram.nl> 0.1-5
128    - Remove the reset of $OUT from the template
129    
130    * Thu Aug 28 2008 Daniel B. <daniel@firewall-services.com> 0.1-4
131    - Add template to enable auth module unix (replace the template-custom)
132    - Copy images to /opt/chilli/template before removing .rpmnew directory
133    - Correct dependency (e-smith-radiusd not esmith-radiusd)
134    
135    * Wed Aug 27 2008 Jonathan Martens <smeserver-contribs@snetram.nl> 0.1-3
136    - Split requirements to one per line
137    - Removed .rpmnew directory from package
138    - Removed the need for templates-custom as package now requires e-smith-radiusd >= 1.0.0-18
139    
140    * Tue Aug 26 2008 Daniel B. <daniel@firewall-services.com>
141    - [0.1-2]
142    - Most firewall customizations (for incomming and forwarded traffic from
143      chilli network only) can be set through db commands (Patch3)
144    - Outgoing DNS is allowed only for the two DNS servers configured
145    - Clean spec file, and put php files in /opt/chilli (Patch4)
146    
147  * Tue Apr 15 2008 Daniel Berteaud <daniel@firewall-services.com>  * Tue Apr 15 2008 Daniel Berteaud <daniel@firewall-services.com>
148  - [0.1-1]  - [0.1-1]
149  - security fixe: auth bypass with squid (patch1)  - security fixe: auth bypass with squid (patch1)
# Line 43  they'll only have web access if they are Line 157  they'll only have web access if they are
157  %setup  %setup
158  %patch1 -p1  %patch1 -p1
159  %patch2 -p1  %patch2 -p1
160    %patch3 -p1
161    %patch4 -p1
162    %patch5 -p1
163    %patch6 -p1
164    %patch7 -p1
165    %patch8 -p1
166    %patch9 -p1
167    %patch10 -p1
168    %patch11 -p1
169    %patch12 -p1
170    %patch13 -p1
171    %patch14 -p1
172    %patch15 -p1
173    %patch16 -p1
174    %patch17 -p1
175    %patch18 -p1
176    
177  %build  %build
178  /usr/bin/perl createlinks  /usr/bin/perl createlinks
# Line 52  they'll only have web access if they are Line 182  they'll only have web access if they are
182  (cd root   ; /usr/bin/find . -depth -print | /bin/cpio -dump $RPM_BUILD_ROOT)  (cd root   ; /usr/bin/find . -depth -print | /bin/cpio -dump $RPM_BUILD_ROOT)
183  /bin/rm -f %{name}-%{version}-filelist  /bin/rm -f %{name}-%{version}-filelist
184  /sbin/e-smith/genfilelist $RPM_BUILD_ROOT \  /sbin/e-smith/genfilelist $RPM_BUILD_ROOT \
185          --file /etc/chilli/conup.sh 'attr(0750,root,root)' \          --file /etc/chilli/conup.sh 'attr(755,root,root)' \
186          --file /etc/chilli/condown.sh 'attr(0750,root,root)' \          --file /etc/chilli/condown.sh 'attr(750,root,root)' \
187            --file /etc/chilli/call_conup.sh 'attr(755,root,root)' \
188            --file /etc/chilli/call_condown.sh 'attr(755,root,root)' \
189            --file /opt/chilli/cgi-bin/hotspotlogin.cgi 'attr(0750,root,www) %config(noreplace)' \
190            --file /opt/chilli/lang/hotspotlogin.fr.pl 'config(noreplace)' \
191            --file /opt/chilli/lang/hotspotlogin.en.pl 'config(noreplace)' \
192            --file /opt/chilli/css/sme.css 'config(noreplace)' \
193          > %{name}-%{version}-filelist          > %{name}-%{version}-filelist
194    
195  %files -f %{name}-%{version}-filelist  %files -f %{name}-%{version}-filelist
# Line 62  they'll only have web access if they are Line 198  they'll only have web access if they are
198  %clean  %clean
199  rm -rf $RPM_BUILD_ROOT  rm -rf $RPM_BUILD_ROOT
200    
201  %post  %pre
202  if [ ! -e /opt/chilli ]; then  if ! /usr/bin/id coovachilli &>/dev/null; then
203          /bin/cp -a /opt/chilli.rpmnew /opt/chilli          /usr/sbin/useradd -c 'Coova Chilli User' -s /sbin/nologin -r -d /etc/chilli coovachilli &>/dev/null || \
204                    %logmsg "Unexpected error adding user \"coovachilli\". Abort installation."
205  fi  fi
206    
207    
208  %preun  %preun
209    
210  if [ $1 == 0 ]; then  if [ $1 == 0 ]; then
211          /sbin/e-smith/db configuration setprop chilli status disabled          /sbin/e-smith/db configuration setprop chilli status disabled
212          /sbin/e-smith/signal-event chilli-update          /etc/rc.d/init.d/chilli stop >& /dev/null || :
213  fi  fi
214    


Legend:
Removed lines/characters  
Changed lines/characters
  Added lines/characters

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed