/[smecontribs]/rpms/smeserver-coova-chilli/contribs7/smeserver-coova-chilli.spec
ViewVC logotype

Contents of /rpms/smeserver-coova-chilli/contribs7/smeserver-coova-chilli.spec

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.32 - (show annotations) (download)
Thu Jul 29 15:08:58 2010 UTC (14 years, 3 months ago) by vip-ire
Branch: MAIN
CVS Tags: smeserver-coova-chilli-0_2-18_el4_sme
Changes since 1.31: +15 -1 lines
* Thu Jul 29 2010 Daniel B. <daniel@firewall-services.com> 0.2-18
- cleanup CGI login script
- remove obsolete php templates
- add macallowed DB key to bypass auth for some mac addresses
- add uamhomepage DB key

1 # $Id: smeserver-coova-chilli.spec,v 1.30 2010/04/14 16:38:56 vip-ire Exp $
2 # Authority: vip-ire
3 # Name: Daniel Berteaud
4
5 Summary: Coova-Chilli, a captive portal based on ChilliSpot configured for SME server
6 %define name smeserver-coova-chilli
7 Name: %{name}
8 %define version 0.2
9 %define release 18
10 Version: %{version}
11 Release: %{release}%{?dist}
12 License: GPL
13 Group: Networking/Remote access
14 Source: %{name}-%{version}.tar.gz
15 URL: http://sme.firewall-services.com
16 BuildRoot: /var/tmp/%{name}-%{version}-%{release}-buildroot
17 BuildArchitectures: noarch
18 BuildRequires: e-smith-devtools
19 Requires: e-smith-release >= 7.0
20 Requires: openssl
21 Requires: coova-chilli >= 1.0.13
22 Requires: e-smith-radiusd >= 1.0.0-18
23 Requires: perl(NetAddr::IP)
24 Requires: smeserver-remoteuseraccess
25
26 Patch1: smeserver-coova-chilli-0.2-guest_uplink_downlink.patch
27 Patch2: smeserver-coova-chilli-0.2-guest_access.patch
28 Patch3: smeserver-coova-chilli-0.2-chilli_ip.patch
29 Patch4: smeserver-coova-chilli-0.2-radius_timeout.patch
30 Patch5: smeserver-coova-chilli-0.2-guest_access2.patch
31 Patch6: smeserver-coova-chilli-0.2-template_syntax_error.patch
32 Patch7: smeserver-coova-chilli-0.2-httpd_warning.patch
33 Patch8: smeserver-coova-chilli-0.2-tundev.patch
34 Patch9: smeserver-coova-chilli-0.2-dhcp_range.patch
35 Patch10: smeserver-coova-chilli-0.2-localhost_nas.patch
36 Patch11: smeserver-coova-chilli-0.2-localhost_nas2.patch
37 Patch12: smeserver-coova-chilli-0.2-squid_template_typo.patch
38 Patch13: smeserver-coova-chilli-0.2-typo.patch
39 Patch14: smeserver-coova-chilli-0.2-allow_uamallowed.patch
40 Patch15: smeserver-coova-chilli-0.2-drop_privileges.patch
41 Patch16: smeserver-coova-chilli-0.2-use_sudo.patch
42 Patch17: smeserver-coova-chilli-0.2-templates2expand_in_createlinks.patch
43 Patch18: smeserver-coova-chilli-0.2-db_noc2c.patch
44 Patch19: smeserver-coova-chilli-0.2-remove_space.patch
45 Patch20: smeserver-coova-chilli-0.2-fixe_allow_uamallowed.patch
46 Patch21: smeserver-coova-chilli-0.2-fixe_squid_disabled.patch
47 Patch22: smeserver-coova-chilli-0.2-squid_tcpport.patch
48 Patch23: smeserver-coova-chilli-0.2-sudo_env.patch
49 Patch24: smeserver-coova-chilli-0.2-iptables_insert_position.patch
50 Patch25: smeserver-coova-chilli-0.2-transparent_squid.patch
51 Patch26: smeserver-coova-chilli-0.2-clean_cgi.patch
52 Patch27: smeserver-coova-chilli-0.2-remove_obsolete_php_templates.patch
53 Patch28: smeserver-coova-chilli-0.2-add_macallowed_in_db.patch
54 Patch29: smeserver-coova-chilli-0.2-add_uamhomepage_in_db.patch
55
56 %description
57 This package allow you to configure a third interface
58 (eth2). Just plug a WiFi AP on it, and you'll have
59 a secured captive portal. Users will be redirected
60 on a logon page and they'll have to enter credentials
61 (sme accounts) before the server allows them. By default,
62 they'll only have web access if they are members of the group "chilli"
63 This contrib will only work in server&gateway mode
64
65 %changelog
66 * Thu Jul 29 2010 Daniel B. <daniel@firewall-services.com> 0.2-18
67 - cleanup CGI login script
68 - remove obsolete php templates
69 - add macallowed DB key to bypass auth for some mac addresses
70 - add uamhomepage DB key
71
72 * Mon Jul 19 2010 Daniel B. <daniel@firewall-services.com> 0.2-17
73 - Fixes sudo env (bug only in SME8)
74 - Uses TCPPort squid key instead of TransparentPort so coova can
75 work with dansguardian
76 - insert NAT rule just before the ACCEPT (PREROUTING_FROM_CHILLI)
77 - add transparent directive to squid (required for squid => 2.6)
78
79 * Wed Apr 14 2010 Daniel B. <daniel@firewall-services.com> 0.2-16
80 - Fixe a bug in conup.sh and condown.sh
81
82 * Thu Jun 11 2009 Daniel B. <daniel@firewall-services.com> 0.2-15
83 - Fixe a bug in masq template for uamallowed entries
84
85 * Thu May 28 2009 Daniel B. <daniel@firewall-services.com> 0.2-14
86 - Remove space in hotspot-config.pl template
87
88 * Tue May 26 2009 Daniel B. <daniel@firewall-services.com> 0.2-13
89 - Add noc2c key (allow to disable the option, but default to enabled)
90
91 * Thu Apr 30 2009 Daniel B. <daniel@firewall-services.com> 0.2-12
92 - Create a new user coovachilli
93 - Add support of new options uid and gid to drop privileges
94 - Enabled noc2c (prevent client to client communication)
95 - Use sudo to call conup/condown script (as chilli runs under un
96 unprivileged account now)
97 - Add smeserver-remoteuseraccess as a dependency (for sudoers metadata templates)
98 - move templates2expand in creatlinks script
99
100 * Wed Mar 13 2009 Daniel B. <daniel@firewall-services.com> 0.2-11
101 - Automatically allow uamallowed entries in the firewall (no need to
102 explicitly allow it agin in AllowOutgoing)
103
104 * Thu Mar 12 2009 Daniel B. <daniel@firewall-services.com> 0.2-10
105 - Small typo correction
106
107 * Tue Mar 10 2009 Daniel B. <daniel@firewall-services.com> 0.2-9
108 - Use allready defined localhost NAS to fixe PPTP problem [SME: 4996]
109 (thanks John K Pruder)
110 - fix a typo in squid template
111
112 * Sun Mar 07 2009 Daniel B. <daniel@firewall-services.com> 0.2-8
113 - Add dhcpstart and dhcpstop db parameters (thanks John K Pruder)
114
115 * Sun Mar 07 2009 Daniel B. <daniel@firewall-services.com> 0.2-7
116 - Fix tundev template [SME: 5054]
117
118 * Thu Sep 18 2008 Daniel B. <daniel@firewall-services.com> 0.2-6
119 - Remove warning in httpd.conf file (httpd -t)
120
121 * Mon Sep 15 2008 Daniel B. <daniel@firewall-services.com> 0.2-5
122 - Fix Syntax Error in /etc/chilli.conf template (25listen) [SME: 4559]
123
124 * Mon Sep 08 2008 Daniel B. <daniel@firewall-services.com> 0.2-4
125 - Requires perl(NetAddr::IP)
126
127 * Fri Sep 5 2008 Daniel B. <daniel@firewall-services.com> 0.2-3
128 - Chilli IP computed with NetAddr::IP
129 - Radius timeout set to 3 sec
130 - syntax error in radius users template fixed (for guest access)
131
132 * Thu Sep 3 2008 Daniel B. <daniel@firewall-services.com> 0.2-2
133 - Bug fix for guest access
134
135 * Tue Sep 2 2008 Daniel B. <daniel@firewall-services.com> 0.2-1
136 - uplink and downlink for guest account are configurable via db keys
137
138 * Tue Sep 2 2008 Daniel B. <daniel@firewall-services.com> 0.2-0
139 - Login page is a CGI, with a server-manager login page look
140 - Guest Access can be enabled with guestAccess key (enabled/disabled)
141 - merge patchs in main package
142
143 * Mon Sep 01 2008 Daniel B. <daniel@firewall-services.com> 0.1-8
144 - Fix uamallowed not working (since bypass_auth_with_squid_fix patch)
145 - Add WebRequests key (use of squid or direct connexions, default to direct)
146 - disable radconf in /etc/chilli/config
147 - possible to disable https (enabled by default in AllowedOutgoing)
148 - add tcp:static.sourceforge.net:80 in uamallowed so daloradius homepage is displayed correctly
149 - add radiustimeout directive so authentication errors display the standard message quickly
150
151 * Thu Aug 28 2008 Jonathan Martens <smeserver-contribs@snetram.nl> 0.1-7
152 - Reverted moving of default db entries to SPEC file since common practice is to store them in files
153
154 * Thu Aug 28 2008 Daniel B. <daniel@firewall-services.com> 0.1-6
155 - split uamallowed (one per line)
156 - Add dnsparanoia directive
157 - correct cmdsock directive
158 - initialise default configuration db in the spec file
159
160 * Thu Aug 28 2008 Jonathan Martens <smeserver-contribs@snetram.nl> 0.1-5
161 - Remove the reset of $OUT from the template
162
163 * Thu Aug 28 2008 Daniel B. <daniel@firewall-services.com> 0.1-4
164 - Add template to enable auth module unix (replace the template-custom)
165 - Copy images to /opt/chilli/template before removing .rpmnew directory
166 - Correct dependency (e-smith-radiusd not esmith-radiusd)
167
168 * Wed Aug 27 2008 Jonathan Martens <smeserver-contribs@snetram.nl> 0.1-3
169 - Split requirements to one per line
170 - Removed .rpmnew directory from package
171 - Removed the need for templates-custom as package now requires e-smith-radiusd >= 1.0.0-18
172
173 * Tue Aug 26 2008 Daniel B. <daniel@firewall-services.com>
174 - [0.1-2]
175 - Most firewall customizations (for incomming and forwarded traffic from
176 chilli network only) can be set through db commands (Patch3)
177 - Outgoing DNS is allowed only for the two DNS servers configured
178 - Clean spec file, and put php files in /opt/chilli (Patch4)
179
180 * Tue Apr 15 2008 Daniel Berteaud <daniel@firewall-services.com>
181 - [0.1-1]
182 - security fixe: auth bypass with squid (patch1)
183 - masq template not expanded (patch2)
184
185 * Fri Apr 04 2008 Daniel Berteaud <daniel@firewall-services.com>
186 - [0.1]
187 - initiale release
188
189 %prep
190 %setup
191 %patch1 -p1
192 %patch2 -p1
193 %patch3 -p1
194 %patch4 -p1
195 %patch5 -p1
196 %patch6 -p1
197 %patch7 -p1
198 %patch8 -p1
199 %patch9 -p1
200 %patch10 -p1
201 %patch11 -p1
202 %patch12 -p1
203 %patch13 -p1
204 %patch14 -p1
205 %patch15 -p1
206 %patch16 -p1
207 %patch17 -p1
208 %patch18 -p1
209 %patch19 -p1
210 %patch20 -p1
211 %patch21 -p1
212 %patch22 -p1
213 %patch23 -p1
214 %patch24 -p1
215 %patch25 -p1
216 %patch26 -p1
217 %patch27 -p1
218 %patch28 -p1
219 %patch29 -p1
220
221 %build
222 /usr/bin/perl createlinks
223
224 %install
225 /bin/rm -rf $RPM_BUILD_ROOT
226 (cd root ; /usr/bin/find . -depth -print | /bin/cpio -dump $RPM_BUILD_ROOT)
227 /bin/rm -f %{name}-%{version}-filelist
228 /sbin/e-smith/genfilelist $RPM_BUILD_ROOT \
229 --file /etc/chilli/conup.sh 'attr(755,root,root)' \
230 --file /etc/chilli/condown.sh 'attr(750,root,root)' \
231 --file /etc/chilli/call_conup.sh 'attr(755,root,root)' \
232 --file /etc/chilli/call_condown.sh 'attr(755,root,root)' \
233 --file /opt/chilli/cgi-bin/hotspotlogin.cgi 'attr(0750,root,www) %config(noreplace)' \
234 --file /opt/chilli/lang/hotspotlogin.fr.pl 'config(noreplace)' \
235 --file /opt/chilli/lang/hotspotlogin.en.pl 'config(noreplace)' \
236 --file /opt/chilli/css/sme.css 'config(noreplace)' \
237 > %{name}-%{version}-filelist
238
239 %files -f %{name}-%{version}-filelist
240 %defattr(-,root,root)
241
242 %clean
243 rm -rf $RPM_BUILD_ROOT
244
245 %pre
246 if ! /usr/bin/id coovachilli &>/dev/null; then
247 /usr/sbin/useradd -c 'Coova Chilli User' -s /sbin/nologin -r -d /etc/chilli coovachilli &>/dev/null || \
248 %logmsg "Unexpected error adding user \"coovachilli\". Abort installation."
249 fi
250
251
252 %preun
253
254 if [ $1 == 0 ]; then
255 /sbin/e-smith/db configuration setprop chilli status disabled
256 /etc/rc.d/init.d/chilli stop >& /dev/null || :
257 fi
258

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed