--- rpms/e-smith-base/sme9/e-smith-base.spec 2013/05/05 05:00:45 1.30 +++ rpms/e-smith-base/sme9/e-smith-base.spec 2018/02/13 22:39:55 1.106 @@ -1,42 +1,42 @@ -# $Id: e-smith-base.spec,v 1.29 2013/04/23 02:53:30 wellsi Exp $ +# $Id: e-smith-base.spec,v 1.105 2017/11/15 15:36:55 jpp Exp $ Summary: e-smith server and gateway - base module %define name e-smith-base Name: %{name} -%define version 5.4.0 -%define release 29 +%define version 5.6.0 +%define release 34 Version: %{version} Release: %{release}%{?dist} License: GPL Group: Networking/Daemons Source: %{name}-%{version}.tar.xz -Patch0: e-smith-base-5.4.0-runlevel_4.patch -Patch1: e-smith-base-5.4.0-local_event.patch -Patch2: e-smith-base-5.4.0-noapmd.patch -Patch3: e-smith-base-5.4.0-rsysloglink.patch -Patch4: e-smith-base-5.4.0-optimize_user_modify_unix.patch -Patch5: e-smith-base-5.4.0-user_modify_in_bootstrap.patch -Patch6: e-smith-base-5.4.0-pppoeMlimit.patch -Patch7: e-smith-base-5.4.0-microcode.patch -Patch8: e-smith-base-5.4.0-PostUpgradeRestore.patch -Patch9: e-smith-base-5.4.0-inittab.patch -Patch10: e-smith-base-5.4.0-pwauth.patch -Patch11: e-smith-base-5.4.0-uidgid.patch -Patch12: e-smith-base-5.4.0-fixwww.patch -Patch13: e-smith-base-5.4.0-SystemName.patch -Patch14: e-smith-base-5.4.0-existing_hwaddr.patch -Patch15: e-smith-base-5.4.0-remove_syslogd_templates.patch -Patch16: e-smith-base-5.4.0-rsyslog_templates.patch -Patch17: e-smith-base-5.4.0-rsyslog_db.patch -Patch18: e-smith-base-5.4.0-rsyslog.conf.patch -Patch19: e-smith-base-5.4.0-rate_limit.patch -Patch20: e-smith-base-5.4.0-no_modprobe.patch -Patch21: e-smith-base-5.4.0-more_rsyslog.patch -Patch22: e-smith-base-5.4.0-ConsoleBackupText.patch -Patch23: e-smith-base-5.4.0-NICBonding.patch -Patch24: e-smith-base-5.4.0-rename_pam_ldap_conf.patch -Patch25: e-smith-base-5.4.0-fix_bash-in_run_pppoe_conf.patch -Patch26: e-smith-base-5.4.0-StartService.patch +Patch1: e-smith-base-5.6.0-console.patch +Patch2: e-smith-base-5.6.0_added_verification_of_pptp_clients_against_dhcp.patch +Patch3: e-smith-base-5.6.0_console_verification_dhcp_vs_pptp.patch +Patch4: e-smith-base-5.6.0_remove_10runparts_for_anacron_compatibility.patch +Patch5: e-smith-base-5.6.0-mdevent.patch +Patch6: e-smith-base-5.6.0-pppoe_after_post_upgrade.patch +Patch7: e-smith-base-5.6.0-symlink_udev-post.patch +Patch8: e-smith-base-5.6.0-detect_conf_change_single_nic.patch +Patch9: e-smith-base-5.6.0-service_runlevel_4.patch +Patch10: e-smith-base-5.6.0-ensure_apache_alias_www.patch +Patch11: e-smith-base-5.6.0-specify_dhcpd_configuration_file.patch +Patch12: e-smith-base-5.6.0-default_to_no_on_quit_console_app.patch +Patch13: e-smith-base-5.6.0-only_reset_access_for_private_server.patch +Patch14: e-smith-base-5.6.0-only_fire_ip_change_on_wan.patch +Patch15: e-smith-base-5.6.0-dummy_nic.patch +Patch16: e-smith-base-5.6.0-disable_selinux.patch +Patch17: e-smith-base-5.6.0_sha256_cert.patch +Patch18: e-smith-base-5.6.0-update_mime_types.patch +Patch19: e-smith-base-5.6.0-ssl_update.patch +Patch20: e-smith-base-5.6.0-reload_ssl_when_renew_cert.patch +Patch21: e-smith-base-5.6.0-display_http_server_manager.patch +Patch22: e-smith-base-5.6.0-add_forward_column.patch +Patch23: e-smith-base-5.6.0-allow_32bits_mask.patch +Patch24: e-smith-base-5.6.0-ip_route_syntax.patch +Patch25: e-smith-base-5.8.0-expand_route_bond0.patch +Patch26: e-smith-base-5.6.0.bz10520.xinet-cleaning.patch + BuildRoot: /var/tmp/%{name}-%{version}-%{release}-buildroot BuildArch: noarch Requires: pwauth @@ -52,7 +52,6 @@ Requires: perl(Data::UUID) Requires: perl(Net::IPv4Addr) Requires: /usr/sbin/irqbalance Requires: /usr/sbin/cpuspeed -Requires: /sbin/microcode_ctl Requires: /usr/sbin/smartd Requires: dbus Requires: hal @@ -64,6 +63,7 @@ Requires: e-smith-bootloader Requires: mdadm Requires: pv Requires: pam_abl +Requires: diald Requires: /usr/bin/passwd Requires: nss-pam-ldapd Obsoletes: nss_ldap < 254 @@ -84,7 +84,224 @@ AutoReqProv: no e-smith server and gateway software - base module. %changelog -* Mon Apr 22 2013 Ian Wells 5.4.0-29.sme +* Tue Feb 13 2018 Jean-Philipe Pialasse 5.6.0-34.sme +- cleaning xinetd.conf fragment out of the package [SME: 10520] + +* Wed Nov 15 2017 Jean-Philipe Pialasse 5.6.0-33.sme +- revert previous change, wrong package + +* Wed Nov 15 2017 Jean-Philipe Pialasse 5.6.0-32.sme +- added post transaction rule for ntp [SME: 10454] +- backport of SME10 [SME: 10190] +- thank you to Stefano Zamboni for this work + +* Thu May 4 2017 Daniel Berteaud 5.6.0-31.sme +- Backport from sme10: Expand route-bond0 when nic bonding is enabled + [SME: 10270] + +* Thu Feb 9 2017 Daniel Berteaud 5.6.0-30.sme +- Use ip route syntax to define routes to local network [SME: 9905] + +* Tue Sep 13 2016 Daniel Berteaud 5.6.0-29.sme +- Allow /32 masks on the external interface, in which case we don't + check if the gateway is on the correct network) [SME: 9765] + +* Sun Jan 31 2016 Daniel Berteaud 5.6.0-28.sme +- Add a column to display forwarding address [SME: 9174] + +* Sun Jan 31 2016 Daniel Berteaud 5.6.0-27.sme +- Correctly display http URL to the server-manager in the console [SME: 9163] + +* Sun Jan 17 2016 Daniel Berteaud 5.6.0-26.sme +- Fire ssl-update event when default cert is renewed [SME: 2257] + +* Sun Jan 17 2016 Daniel Berteaud 5.6.0-25.sme +- Expand /home/e-smith/ssl.pem/pem during ssl-update [SME: 9152] + +* Tue Sep 30 2015 Daniel Berteaud 5.6.0-24.sme +- Update /etc/mime.types templates [SME: 9078] + +* Mon Aug 24 2015 Charlie Brady 5.6.0-23.sme +- Use sha256 algorithm for signature of SSL cert. [SME: 8615] + +* Thu Jun 25 2015 Daniel Berteaud 5.6.0-22.sme +- Fix including /etc/selinux directory [SME: 8954] + +* Thu Jun 25 2015 Daniel Berteaud 5.6.0-21.sme +- Add templates for /etc/selinux/config [SME: 8954] + +* Thu Jun 11 2015 Daniel Berteaud 5.6.0-20.sme +- Add dummy NIC support as InternalInterface [SME: 7200] + +* Tue Mar 31 2015 Daniel Berteaud 5.6.0-19.sme +- Only fire the ip-change event when IP is assigned to WAN nic + (Code by Charlie Brady and John Crisp) [SME: 8896] + +* Tue Mar 31 2015 Daniel Berteaud 5.6.0-18.sme +- Only reset service access when switching to or from private server mode + (Code by Charlie Brady) [SME: 8879] + +* Sun Jan 11 2015 Stephane de Labrusse 5.6.0-17.sme +- When quiting the console app with unsaved changes set the default selected +- answer to NO Hsing-Foo Wang [SME: 8616] + +* Tue Jan 6 2015 Stephane de Labrusse 5.6.0-16.sme +- Added a comment to specify the real configuration file of dhcpd [SME: 8386] + +* Sat Jan 3 2015 Stephane de Labrusse 5.6.0-15.sme +- Modified the patch of daniel e-smith-base-5.6.0-ensure_apache_alias_www.patch +- Ensure www group exists and that apache is an alias of www [SME: 8549] + +* Sun Nov 2 2014 Daniel Berteaud 5.6.0-13.sme +- Ensure www group exists and that apache is an alias of www [SME: 8549] + +* Sun Nov 2 2014 Daniel Berteaud 5.6.0-12.sme +- Check were running runlevel 4, not 7 in service wrapper [SME: 8637] + +* Sun Sep 21 2014 Daniel Berteaud 5.6.0-11.sme +- Correctly update NIC configuration on single NIC systems [SME: 8561] + +* Wed Sep 10 2014 Daniel Berteaud 5.6.0-10.sme +- Symlink udev-post service in rc7 [SME: 8542] + +* Fri Jul 25 2014 Daniel Berteaud 5.6.0-9.sme +- Fix PPPoE after a post-upgrade [SME: 8493] + +* Thu Jul 3 2014 Ian Wells 5.6.0-8.sme +- Remove dependency on microcode_ctl [SME: 8468] + +* Sun May 11 2014 stephane de Labrusse 5.6.0-7.sme +- Prevent emailing about the normal, weekly, checks of RAID arrays, by Mark Casey +- [SME: 7748] + +* Tue May 06 2014 stephane de Labrusse 5.6.0-6.sme +- remove /etc/e-smith/templates/etc/crontab/10runparts for anacron compatibility +- [SME: 8364] + +* Wed Apr 23 2014 stephane de Labrusse 5.6.0-5.sme +- Add a verification in the console of number of pptp clients against ip allowed in dhcpd +- [SME: 8312] + +* Sun Apr 6 2014 stephane de Labrusse 5.6.0-4.sme +- Add a verification in remoteaccess panel of number of pptp clients against ip allowed in dhcpd +- [SME: 8312] + +* Sat Apr 5 2014 Ian Wells 5.6.0-3.sme +- Ensure console is run with taint checking [SME: 8311] +- Non-functional perl::Critic changes. + +* Sun Mar 23 2014 Ian Wells 5.6.0-2.sme +- Roll new stream to really remove obsolete images [SME: 7962] + +* Sun Mar 23 2014 Ian Wells 5.6.0-1.sme +- Roll new stream to remove obsolete images [SME: 7962] + +* Thu Mar 20 2014 Ian Wells 5.4.0-62.sme +- Move console backup to e-smith-backup [SME: 3324] + +* Sun Mar 16 2014 Ian Wells 5.4.0-61.sme +- Remove support.pl from e-smith-base and move to smeserver-support [SME: 8264] + +* Sat Mar 15 2014 Ian Wells 5.4.0-60.sme +- Console restore should reboot [SME: 8259] + +* Sat Mar 8 2014 Ian Wells 5.4.0-59.sme +- Boostrap console should only offer restore if no password set [SME: 8259] + +* Thu Mar 6 2014 Ian Wells 5.4.0-58.sme +- Add restore backup as a console item for freshly installed servers [SME: 8259] +- Non-code changes to perform_restore.pm + +* Sun Feb 16 2014 Ian Wells 5.4.0-57.sme +- Refer to removable media not CDROM in console restore [SME: 8214] + +* Tue Jan 28 2014 Ian Wells 5.4.0-56.sme +- Remove insecure SSL ciphers [SME: 8138] + +* Sun Dec 15 2013 Daniel Berteaud 5.4.0-55.sme +- Restart rsyslog in logrotate event [SME: 8065] + +* Sun Dec 15 2013 Daniel Berteaud 5.4.0-54.sme +- Set smb ServerName if unset (patch from Ian Wells) [SME: 8030] + +* Mon Dec 9 2013 Daniel Berteaud 5.4.0-53.sme +- Don't reload init in bootstrap-console-save and console-save [SME: 8050] + +* Mon Dec 9 2013 Daniel Berteaud 5.4.0-52.sme +- Re-add missing templates metadata for bond0 [SME: 7990] + +* Sat Nov 30 2013 Daniel Berteaud 5.4.0-51.sme +- Load the bonding module if NIC bonding is enabled [SME: 7996] + +* Sat Nov 30 2013 Daniel Berteaud 5.4.0-50.sme +- Define the udev-post service in the DB [SME: 7992] + +* Sat Nov 30 2013 Daniel Berteaud 5.4.0-49.sme +- Remove the "swap interface" feature [SME: 7993] + +* Sat Nov 30 2013 Daniel Berteaud 5.4.0-48.sme +- Do not hardcode NIC names to eth0 and eth1 [SME: 7990] +- Remove obsolete VLAN code [SME: 7994] + +* Sat Nov 30 2013 Daniel Berteaud 5.4.0-47.sme +- Remove HWAddress prop from interfaces [SME: 7991] + +* Thu Nov 14 2013 Chris Burnat 5.4.0-46.sme +- Fix add_new_disk_to_raid1 (codes by Charlie Brady - patch by Terje Edseth) + [SME: 7960] + +* Wed Oct 30 2013 Charlie Brady 5.4.0-45.sme +- Fix parsing issues with "manage RAID" menu option in the console. + [SME: 7953] + +* Mon Sep 30 2013 John H. Bennett III 5.4.0-44.sme +- Patch to correct issue with not being able to access a password protected + ibay [SME: 7794] + +* Sun Jul 7 2013 Ian Wells 5.4.0-43.sme +- Improve text in console backup for success and failure [SME: 7770] + +* Fri Jul 5 2013 Ian Wells 5.4.0-42.sme +- Console USB Backup, allow user setting of compression level [SME: 7745] + Compression level of the console backup is now -6 by default + +* Fri Jul 5 2013 Ian Wells 5.4.0-41.sme +- Update ServerName (Samba netbios name) when SystemName is updated [SME: 7746] + +* Fri Jul 5 2013 Ian Wells 5.4.0-40.sme +- Remove old System Name from the Hosts DB, by Charlie Brady [SME: 7747] + +* Sun Jun 23 2013 Daniel Berteaud 5.4.0-39.sme +- Fix group creation when LDAP auth is enabled [SME: 7672] + +* Sat Jun 8 2013 Daniel Berteaud 5.4.0-38.sme +- Disable IPv6 on a default install (patch by Shad Lords) [SME: 7531] + +* Sat Jun 8 2013 Daniel Berteaud 5.4.0-37.sme +- Continue escaping control chars in rsyslog, just replace LF with space [SME: 7662] + +* Fri Jun 7 2013 Daniel Berteaud 5.4.0-36.sme +- Don't escape control characters in rsyslog [SME: 7662] + +* Thu Jun 6 2013 Daniel Berteaud 5.4.0-35.sme +- Use UTF-8 in the console [SME: 7591] + +* Sun May 19 2013 Ian Wells 5.4.0-34.sme +- Remove redundant parts of init-accounts [SME: 3550] + +* Sat May 18 2013 chris burnat 5.4.0-33.sme +- Add_template_to_ssl.pem, codes by JP Pialasse [SME: 7601] + +* Tue May 07 2013 Ian Wells 5.4.0-32.sme +- Require diald [SME: 7279] + +* Mon May 06 2013 Ian Wells 5.4.0-31.sme +- Removal of rc.e-smith now functionality is in e-smith-service [SME: 7267] + +* Sun May 05 2013 Ian Wells 5.4.0-30.sme +- Revert last change. [SME: 7227] + +* Sat May 04 2013 Ian Wells 5.4.0-29.sme - Suppress template text from /etc/inittab [SME: 7227] * Mon Apr 22 2013 Ian Wells 5.4.0-28.sme @@ -1599,7 +1816,6 @@ e-smith server and gateway software - ba %prep %setup -%patch0 -p1 %patch1 -p1 %patch2 -p1 %patch3 -p1 @@ -1627,16 +1843,7 @@ e-smith server and gateway software - ba %patch25 -p1 %patch26 -p1 -# We cannot remove an empy files or folders with a patch, see [SME: 7289] -# We remove this because it contains an empty template-begin file -rm -rf root/etc/e-smith/templates/etc/ldap.secret/ - -# We cannot add an empy file with a patch, and we want to add an empty template-begin file -touch root/etc/e-smith/templates/etc/inittab/template-begin - %pre -/sbin/e-smith/create-system-user smelog 1002 \ - 'smelog log user' /var/log/smelog /bin/false /sbin/e-smith/create-system-user smelastsys 2999 \ 'sme last system user marker' /tmp /bin/false @@ -1661,6 +1868,7 @@ perl createlinks %install rm -rf $RPM_BUILD_ROOT +mkdir -p $RPM_BUILD_ROOT/etc/selinux (cd root ; find . -depth -print | cpio -dump $RPM_BUILD_ROOT) /sbin/e-smith/genfilelist $RPM_BUILD_ROOT \ --file /etc/cron.daily/conf-mod_ssl 'attr(0544,root,root)' \ @@ -1712,6 +1920,8 @@ rm -rf $RPM_BUILD_ROOT --dir /var/log/ippp 'attr(2750,smelog,smelog)' \ --dir /etc/e-smith/skel/user/.ssh 'attr(0700,root,root)' \ --file /var/service/local/run 'attr(0750,root,root)' \ + --file /etc/sysconfig/modules/dummy.modules 'attr(0755,root,root)' \ + --dir /etc/selinux 'attr(0755,root,root)' \ > %{name}-%{version}-%{release}-filelist mkdir -p $RPM_BUILD_ROOT/home/e-smith/db