1 |
# $Id: e-smith-base.spec,v 1.33 2013/05/08 03:12:58 wellsi Exp $ |
# $Id: e-smith-base.spec,v 1.100 2016/01/31 22:29:02 vip-ire Exp $ |
2 |
|
|
3 |
Summary: e-smith server and gateway - base module |
Summary: e-smith server and gateway - base module |
4 |
%define name e-smith-base |
%define name e-smith-base |
5 |
Name: %{name} |
Name: %{name} |
6 |
%define version 5.4.0 |
%define version 5.6.0 |
7 |
%define release 33 |
%define release 29 |
8 |
Version: %{version} |
Version: %{version} |
9 |
Release: %{release}%{?dist} |
Release: %{release}%{?dist} |
10 |
License: GPL |
License: GPL |
11 |
Group: Networking/Daemons |
Group: Networking/Daemons |
12 |
Source: %{name}-%{version}.tar.xz |
Source: %{name}-%{version}.tar.xz |
13 |
Patch0: e-smith-base-5.4.0-runlevel_4.patch |
Patch1: e-smith-base-5.6.0-console.patch |
14 |
Patch1: e-smith-base-5.4.0-local_event.patch |
Patch2: e-smith-base-5.6.0_added_verification_of_pptp_clients_against_dhcp.patch |
15 |
Patch2: e-smith-base-5.4.0-noapmd.patch |
Patch3: e-smith-base-5.6.0_console_verification_dhcp_vs_pptp.patch |
16 |
Patch3: e-smith-base-5.4.0-rsysloglink.patch |
Patch4: e-smith-base-5.6.0_remove_10runparts_for_anacron_compatibility.patch |
17 |
Patch4: e-smith-base-5.4.0-optimize_user_modify_unix.patch |
Patch5: e-smith-base-5.6.0-mdevent.patch |
18 |
Patch5: e-smith-base-5.4.0-user_modify_in_bootstrap.patch |
Patch6: e-smith-base-5.6.0-pppoe_after_post_upgrade.patch |
19 |
Patch6: e-smith-base-5.4.0-pppoeMlimit.patch |
Patch7: e-smith-base-5.6.0-symlink_udev-post.patch |
20 |
Patch7: e-smith-base-5.4.0-microcode.patch |
Patch8: e-smith-base-5.6.0-detect_conf_change_single_nic.patch |
21 |
Patch8: e-smith-base-5.4.0-PostUpgradeRestore.patch |
Patch9: e-smith-base-5.6.0-service_runlevel_4.patch |
22 |
Patch9: e-smith-base-5.4.0-inittab.patch |
Patch10: e-smith-base-5.6.0-ensure_apache_alias_www.patch |
23 |
Patch10: e-smith-base-5.4.0-pwauth.patch |
Patch11: e-smith-base-5.6.0-specify_dhcpd_configuration_file.patch |
24 |
Patch11: e-smith-base-5.4.0-uidgid.patch |
Patch12: e-smith-base-5.6.0-default_to_no_on_quit_console_app.patch |
25 |
Patch12: e-smith-base-5.4.0-fixwww.patch |
Patch13: e-smith-base-5.6.0-only_reset_access_for_private_server.patch |
26 |
Patch13: e-smith-base-5.4.0-SystemName.patch |
Patch14: e-smith-base-5.6.0-only_fire_ip_change_on_wan.patch |
27 |
Patch14: e-smith-base-5.4.0-existing_hwaddr.patch |
Patch15: e-smith-base-5.6.0-dummy_nic.patch |
28 |
Patch15: e-smith-base-5.4.0-remove_syslogd_templates.patch |
Patch16: e-smith-base-5.6.0-disable_selinux.patch |
29 |
Patch16: e-smith-base-5.4.0-rsyslog_templates.patch |
Patch17: e-smith-base-5.6.0_sha256_cert.patch |
30 |
Patch17: e-smith-base-5.4.0-rsyslog_db.patch |
Patch18: e-smith-base-5.6.0-update_mime_types.patch |
31 |
Patch18: e-smith-base-5.4.0-rsyslog.conf.patch |
Patch19: e-smith-base-5.6.0-ssl_update.patch |
32 |
Patch19: e-smith-base-5.4.0-rate_limit.patch |
Patch20: e-smith-base-5.6.0-reload_ssl_when_renew_cert.patch |
33 |
Patch20: e-smith-base-5.4.0-no_modprobe.patch |
Patch21: e-smith-base-5.6.0-display_http_server_manager.patch |
34 |
Patch21: e-smith-base-5.4.0-more_rsyslog.patch |
Patch22: e-smith-base-5.6.0-add_forward_column.patch |
35 |
Patch22: e-smith-base-5.4.0-ConsoleBackupText.patch |
Patch23: e-smith-base-5.6.0-allow_32bits_mask.patch |
|
Patch23: e-smith-base-5.4.0-NICBonding.patch |
|
|
Patch24: e-smith-base-5.4.0-rename_pam_ldap_conf.patch |
|
|
Patch25: e-smith-base-5.4.0-fix_bash-in_run_pppoe_conf.patch |
|
|
Patch26: e-smith-base-5.4.0-StartService.patch |
|
|
Patch27: e-smith-base-5.4.0-rcesmith-removal.patch |
|
|
Patch28: e-smith-base-5.4.0-add_template_to_ssl.pem.patch |
|
36 |
BuildRoot: /var/tmp/%{name}-%{version}-%{release}-buildroot |
BuildRoot: /var/tmp/%{name}-%{version}-%{release}-buildroot |
37 |
BuildArch: noarch |
BuildArch: noarch |
38 |
Requires: pwauth |
Requires: pwauth |
48 |
Requires: perl(Net::IPv4Addr) |
Requires: perl(Net::IPv4Addr) |
49 |
Requires: /usr/sbin/irqbalance |
Requires: /usr/sbin/irqbalance |
50 |
Requires: /usr/sbin/cpuspeed |
Requires: /usr/sbin/cpuspeed |
|
Requires: /sbin/microcode_ctl |
|
51 |
Requires: /usr/sbin/smartd |
Requires: /usr/sbin/smartd |
52 |
Requires: dbus |
Requires: dbus |
53 |
Requires: hal |
Requires: hal |
80 |
e-smith server and gateway software - base module. |
e-smith server and gateway software - base module. |
81 |
|
|
82 |
%changelog |
%changelog |
83 |
|
* Tue Sep 13 2016 Daniel Berteaud <daniel@firewall-services.com> 5.6.0-29.sme |
84 |
|
- Allow /32 masks on the external interface, in which case we don't |
85 |
|
check if the gateway is on the correct network) [SME: 9765] |
86 |
|
|
87 |
|
* Sun Jan 31 2016 Daniel Berteaud <daniel@firewall-services.com> 5.6.0-28.sme |
88 |
|
- Add a column to display forwarding address [SME: 9174] |
89 |
|
|
90 |
|
* Sun Jan 31 2016 Daniel Berteaud <daniel@firewall-services.com> 5.6.0-27.sme |
91 |
|
- Correctly display http URL to the server-manager in the console [SME: 9163] |
92 |
|
|
93 |
|
* Sun Jan 17 2016 Daniel Berteaud <daniel@firewall-services.com> 5.6.0-26.sme |
94 |
|
- Fire ssl-update event when default cert is renewed [SME: 2257] |
95 |
|
|
96 |
|
* Sun Jan 17 2016 Daniel Berteaud <daniel@firewall-services.com> 5.6.0-25.sme |
97 |
|
- Expand /home/e-smith/ssl.pem/pem during ssl-update [SME: 9152] |
98 |
|
|
99 |
|
* Tue Sep 30 2015 Daniel Berteaud <daniel@firewall-services.com> 5.6.0-24.sme |
100 |
|
- Update /etc/mime.types templates [SME: 9078] |
101 |
|
|
102 |
|
* Mon Aug 24 2015 Charlie Brady <charlie_brady@mitel.com> 5.6.0-23.sme |
103 |
|
- Use sha256 algorithm for signature of SSL cert. [SME: 8615] |
104 |
|
|
105 |
|
* Thu Jun 25 2015 Daniel Berteaud <daniel@firewall-services.com> 5.6.0-22.sme |
106 |
|
- Fix including /etc/selinux directory [SME: 8954] |
107 |
|
|
108 |
|
* Thu Jun 25 2015 Daniel Berteaud <daniel@firewall-services.com> 5.6.0-21.sme |
109 |
|
- Add templates for /etc/selinux/config [SME: 8954] |
110 |
|
|
111 |
|
* Thu Jun 11 2015 Daniel Berteaud <daniel@firewall-services.com> 5.6.0-20.sme |
112 |
|
- Add dummy NIC support as InternalInterface [SME: 7200] |
113 |
|
|
114 |
|
* Tue Mar 31 2015 Daniel Berteaud <daniel@firewall-services.com> 5.6.0-19.sme |
115 |
|
- Only fire the ip-change event when IP is assigned to WAN nic |
116 |
|
(Code by Charlie Brady and John Crisp) [SME: 8896] |
117 |
|
|
118 |
|
* Tue Mar 31 2015 Daniel Berteaud <daniel@firewall-services.com> 5.6.0-18.sme |
119 |
|
- Only reset service access when switching to or from private server mode |
120 |
|
(Code by Charlie Brady) [SME: 8879] |
121 |
|
|
122 |
|
* Sun Jan 11 2015 Stephane de Labrusse <stephdl@de-labrusse.fr> 5.6.0-17.sme |
123 |
|
- When quiting the console app with unsaved changes set the default selected |
124 |
|
- answer to NO Hsing-Foo Wang <hsingfoo@gmail.com> [SME: 8616] |
125 |
|
|
126 |
|
* Tue Jan 6 2015 Stephane de Labrusse <stephdl@de-labrusse.fr> 5.6.0-16.sme |
127 |
|
- Added a comment to specify the real configuration file of dhcpd [SME: 8386] |
128 |
|
|
129 |
|
* Sat Jan 3 2015 Stephane de Labrusse <stephdl@de-labrusse.fr> 5.6.0-15.sme |
130 |
|
- Modified the patch of daniel e-smith-base-5.6.0-ensure_apache_alias_www.patch |
131 |
|
- Ensure www group exists and that apache is an alias of www [SME: 8549] |
132 |
|
|
133 |
|
* Sun Nov 2 2014 Daniel Berteaud <daniel@firewall-services.com> 5.6.0-13.sme |
134 |
|
- Ensure www group exists and that apache is an alias of www [SME: 8549] |
135 |
|
|
136 |
|
* Sun Nov 2 2014 Daniel Berteaud <daniel@firewall-services.com> 5.6.0-12.sme |
137 |
|
- Check were running runlevel 4, not 7 in service wrapper [SME: 8637] |
138 |
|
|
139 |
|
* Sun Sep 21 2014 Daniel Berteaud <daniel@firewall-services.com> 5.6.0-11.sme |
140 |
|
- Correctly update NIC configuration on single NIC systems [SME: 8561] |
141 |
|
|
142 |
|
* Wed Sep 10 2014 Daniel Berteaud <daniel@firewall-services.com> 5.6.0-10.sme |
143 |
|
- Symlink udev-post service in rc7 [SME: 8542] |
144 |
|
|
145 |
|
* Fri Jul 25 2014 Daniel Berteaud <daniel@firewall-services.com> 5.6.0-9.sme |
146 |
|
- Fix PPPoE after a post-upgrade [SME: 8493] |
147 |
|
|
148 |
|
* Thu Jul 3 2014 Ian Wells <esmith@wellsi.com> 5.6.0-8.sme |
149 |
|
- Remove dependency on microcode_ctl [SME: 8468] |
150 |
|
|
151 |
|
* Sun May 11 2014 stephane de Labrusse <stephdl@de-labrusse.fr> 5.6.0-7.sme |
152 |
|
- Prevent emailing about the normal, weekly, checks of RAID arrays, by Mark Casey |
153 |
|
- [SME: 7748] |
154 |
|
|
155 |
|
* Tue May 06 2014 stephane de Labrusse <stephdl@de-labrusse.fr> 5.6.0-6.sme |
156 |
|
- remove /etc/e-smith/templates/etc/crontab/10runparts for anacron compatibility |
157 |
|
- [SME: 8364] |
158 |
|
|
159 |
|
* Wed Apr 23 2014 stephane de Labrusse <stephdl@de-labrusse.fr> 5.6.0-5.sme |
160 |
|
- Add a verification in the console of number of pptp clients against ip allowed in dhcpd |
161 |
|
- [SME: 8312] |
162 |
|
|
163 |
|
* Sun Apr 6 2014 stephane de Labrusse <stephdl@de-labrusse.fr> 5.6.0-4.sme |
164 |
|
- Add a verification in remoteaccess panel of number of pptp clients against ip allowed in dhcpd |
165 |
|
- [SME: 8312] |
166 |
|
|
167 |
|
* Sat Apr 5 2014 Ian Wells <esmith@wellsi.com> 5.6.0-3.sme |
168 |
|
- Ensure console is run with taint checking [SME: 8311] |
169 |
|
- Non-functional perl::Critic changes. |
170 |
|
|
171 |
|
* Sun Mar 23 2014 Ian Wells <esmith@wellsi.com> 5.6.0-2.sme |
172 |
|
- Roll new stream to really remove obsolete images [SME: 7962] |
173 |
|
|
174 |
|
* Sun Mar 23 2014 Ian Wells <esmith@wellsi.com> 5.6.0-1.sme |
175 |
|
- Roll new stream to remove obsolete images [SME: 7962] |
176 |
|
|
177 |
|
* Thu Mar 20 2014 Ian Wells <esmith@wellsi.com> 5.4.0-62.sme |
178 |
|
- Move console backup to e-smith-backup [SME: 3324] |
179 |
|
|
180 |
|
* Sun Mar 16 2014 Ian Wells <esmith@wellsi.com> 5.4.0-61.sme |
181 |
|
- Remove support.pl from e-smith-base and move to smeserver-support [SME: 8264] |
182 |
|
|
183 |
|
* Sat Mar 15 2014 Ian Wells <esmith@wellsi.com> 5.4.0-60.sme |
184 |
|
- Console restore should reboot [SME: 8259] |
185 |
|
|
186 |
|
* Sat Mar 8 2014 Ian Wells <esmith@wellsi.com> 5.4.0-59.sme |
187 |
|
- Boostrap console should only offer restore if no password set [SME: 8259] |
188 |
|
|
189 |
|
* Thu Mar 6 2014 Ian Wells <esmith@wellsi.com> 5.4.0-58.sme |
190 |
|
- Add restore backup as a console item for freshly installed servers [SME: 8259] |
191 |
|
- Non-code changes to perform_restore.pm |
192 |
|
|
193 |
|
* Sun Feb 16 2014 Ian Wells <esmith@wellsi.com> 5.4.0-57.sme |
194 |
|
- Refer to removable media not CDROM in console restore [SME: 8214] |
195 |
|
|
196 |
|
* Tue Jan 28 2014 Ian Wells <esmith@wellsi.com> 5.4.0-56.sme |
197 |
|
- Remove insecure SSL ciphers [SME: 8138] |
198 |
|
|
199 |
|
* Sun Dec 15 2013 Daniel Berteaud <daniel@firewall-services.com> 5.4.0-55.sme |
200 |
|
- Restart rsyslog in logrotate event [SME: 8065] |
201 |
|
|
202 |
|
* Sun Dec 15 2013 Daniel Berteaud <daniel@firewall-services.com> 5.4.0-54.sme |
203 |
|
- Set smb ServerName if unset (patch from Ian Wells) [SME: 8030] |
204 |
|
|
205 |
|
* Mon Dec 9 2013 Daniel Berteaud <daniel@firewall-services.com> 5.4.0-53.sme |
206 |
|
- Don't reload init in bootstrap-console-save and console-save [SME: 8050] |
207 |
|
|
208 |
|
* Mon Dec 9 2013 Daniel Berteaud <daniel@firewall-services.com> 5.4.0-52.sme |
209 |
|
- Re-add missing templates metadata for bond0 [SME: 7990] |
210 |
|
|
211 |
|
* Sat Nov 30 2013 Daniel Berteaud <daniel@firewall-services.com> 5.4.0-51.sme |
212 |
|
- Load the bonding module if NIC bonding is enabled [SME: 7996] |
213 |
|
|
214 |
|
* Sat Nov 30 2013 Daniel Berteaud <daniel@firewall-services.com> 5.4.0-50.sme |
215 |
|
- Define the udev-post service in the DB [SME: 7992] |
216 |
|
|
217 |
|
* Sat Nov 30 2013 Daniel Berteaud <daniel@firewall-services.com> 5.4.0-49.sme |
218 |
|
- Remove the "swap interface" feature [SME: 7993] |
219 |
|
|
220 |
|
* Sat Nov 30 2013 Daniel Berteaud <daniel@firewall-services.com> 5.4.0-48.sme |
221 |
|
- Do not hardcode NIC names to eth0 and eth1 [SME: 7990] |
222 |
|
- Remove obsolete VLAN code [SME: 7994] |
223 |
|
|
224 |
|
* Sat Nov 30 2013 Daniel Berteaud <daniel@firewall-services.com> 5.4.0-47.sme |
225 |
|
- Remove HWAddress prop from interfaces [SME: 7991] |
226 |
|
|
227 |
|
* Thu Nov 14 2013 Chris Burnat <devlist@burnat.com> 5.4.0-46.sme |
228 |
|
- Fix add_new_disk_to_raid1 (codes by Charlie Brady - patch by Terje Edseth) |
229 |
|
[SME: 7960] |
230 |
|
|
231 |
|
* Wed Oct 30 2013 Charlie Brady <charlie_brady@mitel.com> 5.4.0-45.sme |
232 |
|
- Fix parsing issues with "manage RAID" menu option in the console. |
233 |
|
[SME: 7953] |
234 |
|
|
235 |
|
* Mon Sep 30 2013 John H. Bennett III <bennettj@johnbennettservices.com> 5.4.0-44.sme |
236 |
|
- Patch to correct issue with not being able to access a password protected |
237 |
|
ibay [SME: 7794] |
238 |
|
|
239 |
|
* Sun Jul 7 2013 Ian Wells <esmith@wellsi.com> 5.4.0-43.sme |
240 |
|
- Improve text in console backup for success and failure [SME: 7770] |
241 |
|
|
242 |
|
* Fri Jul 5 2013 Ian Wells <esmith@wellsi.com> 5.4.0-42.sme |
243 |
|
- Console USB Backup, allow user setting of compression level [SME: 7745] |
244 |
|
Compression level of the console backup is now -6 by default |
245 |
|
|
246 |
|
* Fri Jul 5 2013 Ian Wells <esmith@wellsi.com> 5.4.0-41.sme |
247 |
|
- Update ServerName (Samba netbios name) when SystemName is updated [SME: 7746] |
248 |
|
|
249 |
|
* Fri Jul 5 2013 Ian Wells <esmith@wellsi.com> 5.4.0-40.sme |
250 |
|
- Remove old System Name from the Hosts DB, by Charlie Brady [SME: 7747] |
251 |
|
|
252 |
|
* Sun Jun 23 2013 Daniel Berteaud <daniel@firewall-services.com> 5.4.0-39.sme |
253 |
|
- Fix group creation when LDAP auth is enabled [SME: 7672] |
254 |
|
|
255 |
|
* Sat Jun 8 2013 Daniel Berteaud <daniel@firewall-services.com> 5.4.0-38.sme |
256 |
|
- Disable IPv6 on a default install (patch by Shad Lords) [SME: 7531] |
257 |
|
|
258 |
|
* Sat Jun 8 2013 Daniel Berteaud <daniel@firewall-services.com> 5.4.0-37.sme |
259 |
|
- Continue escaping control chars in rsyslog, just replace LF with space [SME: 7662] |
260 |
|
|
261 |
|
* Fri Jun 7 2013 Daniel Berteaud <daniel@firewall-services.com> 5.4.0-36.sme |
262 |
|
- Don't escape control characters in rsyslog [SME: 7662] |
263 |
|
|
264 |
|
* Thu Jun 6 2013 Daniel Berteaud <daniel@firewall-services.com> 5.4.0-35.sme |
265 |
|
- Use UTF-8 in the console [SME: 7591] |
266 |
|
|
267 |
|
* Sun May 19 2013 Ian Wells <esmith@wellsi.com> 5.4.0-34.sme |
268 |
|
- Remove redundant parts of init-accounts [SME: 3550] |
269 |
|
|
270 |
* Sat May 18 2013 chris burnat <devlist@burnat.com> 5.4.0-33.sme |
* Sat May 18 2013 chris burnat <devlist@burnat.com> 5.4.0-33.sme |
271 |
- Add_template_to_ssl.pem, codes by JP Pialasse [SME: 7601] |
- Add_template_to_ssl.pem, codes by JP Pialasse [SME: 7601] |
272 |
|
|
1794 |
|
|
1795 |
%prep |
%prep |
1796 |
%setup |
%setup |
|
%patch0 -p1 |
|
1797 |
%patch1 -p1 |
%patch1 -p1 |
1798 |
%patch2 -p1 |
%patch2 -p1 |
1799 |
%patch3 -p1 |
%patch3 -p1 |
1817 |
%patch21 -p1 |
%patch21 -p1 |
1818 |
%patch22 -p1 |
%patch22 -p1 |
1819 |
%patch23 -p1 |
%patch23 -p1 |
|
%patch24 -p1 |
|
|
%patch25 -p1 |
|
|
%patch26 -p1 |
|
|
%patch27 -p1 |
|
|
%patch28 -p1 |
|
|
|
|
|
# We cannot remove an empy files or folders with a patch, see [SME: 7289] |
|
|
# We remove this because it contains an empty template-begin file |
|
|
rm -rf root/etc/e-smith/templates/etc/ldap.secret/ |
|
1820 |
|
|
1821 |
%pre |
%pre |
|
/sbin/e-smith/create-system-user smelog 1002 \ |
|
|
'smelog log user' /var/log/smelog /bin/false |
|
1822 |
/sbin/e-smith/create-system-user smelastsys 2999 \ |
/sbin/e-smith/create-system-user smelastsys 2999 \ |
1823 |
'sme last system user marker' /tmp /bin/false |
'sme last system user marker' /tmp /bin/false |
1824 |
|
|
1843 |
|
|
1844 |
%install |
%install |
1845 |
rm -rf $RPM_BUILD_ROOT |
rm -rf $RPM_BUILD_ROOT |
1846 |
|
mkdir -p $RPM_BUILD_ROOT/etc/selinux |
1847 |
(cd root ; find . -depth -print | cpio -dump $RPM_BUILD_ROOT) |
(cd root ; find . -depth -print | cpio -dump $RPM_BUILD_ROOT) |
1848 |
/sbin/e-smith/genfilelist $RPM_BUILD_ROOT \ |
/sbin/e-smith/genfilelist $RPM_BUILD_ROOT \ |
1849 |
--file /etc/cron.daily/conf-mod_ssl 'attr(0544,root,root)' \ |
--file /etc/cron.daily/conf-mod_ssl 'attr(0544,root,root)' \ |
1895 |
--dir /var/log/ippp 'attr(2750,smelog,smelog)' \ |
--dir /var/log/ippp 'attr(2750,smelog,smelog)' \ |
1896 |
--dir /etc/e-smith/skel/user/.ssh 'attr(0700,root,root)' \ |
--dir /etc/e-smith/skel/user/.ssh 'attr(0700,root,root)' \ |
1897 |
--file /var/service/local/run 'attr(0750,root,root)' \ |
--file /var/service/local/run 'attr(0750,root,root)' \ |
1898 |
|
--file /etc/sysconfig/modules/dummy.modules 'attr(0755,root,root)' \ |
1899 |
|
--dir /etc/selinux 'attr(0755,root,root)' \ |
1900 |
> %{name}-%{version}-%{release}-filelist |
> %{name}-%{version}-%{release}-filelist |
1901 |
|
|
1902 |
mkdir -p $RPM_BUILD_ROOT/home/e-smith/db |
mkdir -p $RPM_BUILD_ROOT/home/e-smith/db |