426 lines
15 KiB
RPMSpec
426 lines
15 KiB
RPMSpec
#
|
|
# spec file for the CASA_auth_token native ( Version @VERSION@ )
|
|
#
|
|
# Copyright (c) 2006 SUSE LINUX Products GmbH, Nuernberg, Germany.
|
|
# This file and all modifications and additions to the pristine
|
|
# package are under the same license as the package itself.
|
|
#
|
|
# Please submit bugfixes or comments via http://bugs.opensuse.org/
|
|
#
|
|
|
|
# norootforbuild
|
|
|
|
Name: CASA_auth_token_native
|
|
%define cfg Release
|
|
%define debug_opt ""
|
|
|
|
URL: http://www.novell.com/products
|
|
BuildRequires: CASA-devel apache2-devel expat gcc-c++ glib2-devel krb5-devel libgcc libgssapi libstdc++ libstdc++-devel mono-devel pam-devel pkgconfig update-alternatives java-1_5_0-ibm java-1_5_0-ibm-devel java-1_5_0-ibm-alsa sysvinit insserv
|
|
%define prefix /usr
|
|
License: LGPL
|
|
Group: System/Libraries
|
|
Autoreqprov: on
|
|
%define bldno @VERSION@
|
|
Version: @VERSION@
|
|
Release: 1
|
|
Summary: Novell CASA Authentication Token Libraries
|
|
Source: %{name}-%{version}.tar.bz2
|
|
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
|
Requires: expat binutils java-1_5_0-ibm CASA_auth_token_jaas_support sysvinit insserv
|
|
PreReq: %fillup_prereq %insserv_prereq
|
|
PreReq: /usr/bin/awk, /usr/bin/test, /bin/grep, /bin/cat, /usr/bin/install, /bin/pwd
|
|
PreReq: /usr/sbin/groupadd, /usr/sbin/useradd, /usr/sbin/userdel, /usr/bin/getent
|
|
|
|
%description
|
|
CASA_auth_token is an authentication token infrastructure with support
|
|
for multiple authentication mechanisms with an emphasis on providing a
|
|
scalable single sign-on solution.
|
|
|
|
A key feature of CASA_auth_token is that its authentication tokens
|
|
contain identity information about the entity being authenticated. This
|
|
information is made available to the consuming services. The amount of
|
|
information contained in the tokens is configured on a per-service
|
|
basis. Because of this feature, we say that CASA_auth_token projects an
|
|
"Authenticated Identity".
|
|
|
|
The CASA_auth_token_native package contains the CASA (Common
|
|
Authentication Services Adapter) authentication token infrastructure
|
|
is recomended that this library not be invoked directly by
|
|
applications, instead it is recomended that appplication invoke its
|
|
services through the support modules provided to integrate with PAM or
|
|
the Apache Web Server.
|
|
|
|
Authors:
|
|
--------
|
|
Juan Carlos Luciani - jluciani@novell.com
|
|
|
|
%package -n CASA_auth_token_pam_support
|
|
Summary: Novell CASA Authentication Token PAM Support Components
|
|
Group: System/Libraries
|
|
Requires: CASA_auth_token_native pam
|
|
|
|
%description -n CASA_auth_token_pam_support
|
|
CASA_auth_token is an authentication token infrastructure with support
|
|
for multiple authentication mechanisms with an emphasis on providing a
|
|
scalable single sign-on solution.
|
|
|
|
A key feature of CASA_auth_token is that its authentication tokens
|
|
contain identity information about the entity being authenticated. This
|
|
information contained in the tokens is configured on a per-service
|
|
basis. Because of this feature, we say that CASA_auth_token projects an
|
|
"Authenticated Identity".
|
|
|
|
The CASA_auth_token_pam_support package contains the CASA (Common
|
|
Authentication Services Adapter) authentication token infrastructure
|
|
PAM module for token verification.
|
|
|
|
Authors:
|
|
--------
|
|
Juan Carlos Luciani - jluciani@novell.com
|
|
|
|
%package -n CASA_auth_token_apache2_2_support
|
|
Summary: Novell CASA Authentication Token Apache2_2 Support Components
|
|
Group: System/Libraries
|
|
Requires: apache2 CASA_auth_token_native
|
|
|
|
%description -n CASA_auth_token_apache2_2_support
|
|
CASA_auth_token is an authentication token infrastructure with support
|
|
for multiple authentication mechanisms with an emphasis on providing a
|
|
scalable single sign-on solution.
|
|
|
|
A key feature of CASA_auth_token is that its authentication tokens
|
|
contain identity information about the entity being authenticated. This
|
|
information contained in the tokens is configured on a per-service
|
|
basis. Because of this feature, we say that CASA_auth_token projects an
|
|
"Authenticated Identity".
|
|
|
|
The CASA_auth_token_apache2_2_support package contains the CASA (Common
|
|
Authentication Services Adapter) authentication token infrastructure
|
|
Apache v2.2 authentication provider module for token verification. The
|
|
module expects that users authenticate utilizing the HTTP Basic
|
|
authentication scheme and that the password utilized consist of a CASA
|
|
authentication token. Information about the authenticated identity is
|
|
environment variable.
|
|
|
|
Authors:
|
|
--------
|
|
Juan Carlos Luciani - jluciani@novell.com
|
|
|
|
%package -n CASA_auth_token-devel
|
|
Summary: Novell CASA Authentication Token Development Files
|
|
Group: Development/Libraries/C and C++
|
|
Requires: CASA-devel CASA_auth_token_native CASA_auth_token_jaas_support CASA_auth_token_pam_support CASA_auth_token_apache2_2_support CASA_auth_token_svc
|
|
|
|
%description -n CASA_auth_token-devel
|
|
CASA_auth_token is an authentication token infrastructure with support
|
|
for multiple authentication mechanisms with an emphasis on providing a
|
|
scalable single sign-on solution.
|
|
|
|
A key feature of CASA_auth_token is that its authentication tokens
|
|
contain identity information about the entity being authenticated. This
|
|
information contained in the tokens is configured on a per-service
|
|
basis. Because of this feature, we say that CASA_auth_token projects an
|
|
"Authenticated Identity".
|
|
|
|
The CASA_auth_token-devel package contains the files necessary for the
|
|
development of client and server applications that utilize the CASA
|
|
(Common Authentication Service Adapter) authentication token
|
|
infrastructure for authentication.
|
|
|
|
|
|
%prep
|
|
%setup -q
|
|
#%patch
|
|
%if %{_lib} == "lib64"
|
|
%define binsource bin64
|
|
%else
|
|
%define binsource bin
|
|
%endif
|
|
|
|
%build
|
|
export PATH=.:$PATH:/usr/%_lib/qt3/bin
|
|
%if %suse_version > 1000
|
|
export CFLAGS="$CFLAGS $RPM_OPT_FLAGS -fstack-protector"
|
|
%endif
|
|
|
|
./autogen.sh
|
|
make
|
|
|
|
|
|
%install
|
|
|
|
export NO_BRP_CHECK_BYTECODE_VERSION="true"
|
|
|
|
## Prime the file system ##
|
|
install -d %{buildroot}%{prefix}
|
|
install -d %{buildroot}%{prefix}/bin
|
|
install -d %{buildroot}%{prefix}/%{_lib}
|
|
install -d %{buildroot}/%{_lib}/security
|
|
install -d %{buildroot}%{prefix}/include
|
|
install -d %{buildroot}/etc/init.d
|
|
install -d %{buildroot}/etc/ld.so.conf.d
|
|
install -d %{buildroot}/var
|
|
install -d %{buildroot}/var/lib
|
|
install -d -m 755 %{buildroot}/var/lib/CASA
|
|
install -d -m 755 %{buildroot}/var/lib/CASA/authtoken
|
|
install -d -m 755 %{buildroot}/var/lib/CASA/authtoken/validate
|
|
install -d -m 755 %{buildroot}/etc/CASA
|
|
install -d -m 755 %{buildroot}/etc/CASA/authtoken.d
|
|
install -d -m 755 %{buildroot}/etc/CASA/authtoken.d/validate.d
|
|
install -d -m 755 %{buildroot}/etc/CASA/authtoken.d/modules.d
|
|
|
|
## CASA_auth_token_native ##
|
|
# Libs
|
|
install -m 755 %{_lib}/%{cfg}/libcasa_s_authtoken.so %{buildroot}%{prefix}/%{_lib}/libcasa_s_authtoken.so.%{bldno}
|
|
install -m 755 %{_lib}/%{cfg}/casa_iden_token.so %{buildroot}%{prefix}/%{_lib}/casa_iden_token.so.%{bldno}
|
|
install -m 755 %{_lib}/%{cfg}/libcasa_c_ipc.so %{buildroot}%{prefix}/%{_lib}/libcasa_c_ipc.so.%{bldno}
|
|
install -m 755 %{_lib}/%{cfg}/libcasa_s_ipc.so %{buildroot}%{prefix}/%{_lib}/libcasa_s_ipc.so.%{bldno}
|
|
|
|
# Lib Symbolic Links
|
|
ln -sf libcasa_s_authtoken.so.%{bldno} %{buildroot}%{prefix}/%{_lib}/libcasa_s_authtoken.so
|
|
ln -sf libcasa_s_authtoken.so.%{bldno} %{buildroot}%{prefix}/%{_lib}/libcasa_s_authtoken.so.1
|
|
ln -sf casa_iden_token.so.%{bldno} %{buildroot}%{prefix}/%{_lib}/casa_iden_token.so
|
|
ln -sf casa_iden_token.so.%{bldno} %{buildroot}%{prefix}/%{_lib}/casa_iden_token.so.1
|
|
ln -sf libcasa_c_ipc.so.%{bldno} %{buildroot}%{prefix}/%{_lib}/libcasa_c_ipc.so
|
|
ln -sf libcasa_c_ipc.so.%{bldno} %{buildroot}%{prefix}/%{_lib}/libcasa_c_ipc.so.1
|
|
ln -sf libcasa_s_ipc.so.%{bldno} %{buildroot}%{prefix}/%{_lib}/libcasa_s_ipc.so
|
|
ln -sf libcasa_s_ipc.so.%{bldno} %{buildroot}%{prefix}/%{_lib}/libcasa_s_ipc.so.1
|
|
|
|
# Bins
|
|
install -m 755 bin/%{cfg}/CasaAuthtokenValidateD %{buildroot}%{prefix}/bin/casa_atvd
|
|
|
|
# Others
|
|
install -m 644 server/AuthTokenValidate/idenTokenProviders/casa/linux/CasaIdentityToken.conf %{buildroot}/etc/CASA/authtoken.d/modules.d/CasaIdentityToken.conf
|
|
install -m 755 server/AuthTokenValidate/Svc/linux/CasaAuthtokenValidateD %{buildroot}/etc/init.d/casa_atvd
|
|
|
|
## CASA_auth_token_pam_support ##
|
|
# Libs
|
|
install -m 755 %{_lib}/%{cfg}/pam_casaauthtok.so %{buildroot}/%{_lib}/security/pam_casaauthtok.so
|
|
|
|
|
|
## CASA_auth_token_apache2_2_support ##
|
|
# Libs
|
|
install -m 755 %{_lib}/%{cfg}/mod_authn_casa.so %{buildroot}%{prefix}/%{_lib}/mod_authn_casa.so.%{bldno}
|
|
|
|
# Lib Symbolic Links
|
|
ln -sf mod_authn_casa.so.%{bldno} %{buildroot}%{prefix}/%{_lib}/mod_authn_casa.so
|
|
ln -sf mod_authn_casa.so.%{bldno} %{buildroot}%{prefix}/%{_lib}/mod_authn_casa.so.1
|
|
|
|
## CASA_auth_token-devel ##
|
|
# Header Files
|
|
install -m 644 include/casa_c_authtoken.h %{buildroot}%{prefix}/include
|
|
install -m 644 include/casa_s_authtoken.h %{buildroot}%{prefix}/include
|
|
install -m 644 include/casa_c_ipc.h %{buildroot}%{prefix}/include
|
|
install -m 644 include/casa_s_ipc.h %{buildroot}%{prefix}/include
|
|
|
|
|
|
%clean
|
|
rm -rf $RPM_BUILD_ROOT
|
|
|
|
|
|
## CASA_auth_token_native ##
|
|
%pre
|
|
|
|
# Do necessary user and group administration
|
|
group_present=`getent group | grep ^casaauth`
|
|
if [ -z "$group_present" ] ; then
|
|
/usr/sbin/groupadd -r casaauth
|
|
fi
|
|
|
|
user_present=`getent passwd | grep ^casaatvd`
|
|
if [ -z "$user_present" ] ; then
|
|
/usr/sbin/useradd -c "casa_atvd System User" -s /bin/false -r -d /var/lib/CASA/authtoken/validate -g casaauth casaatvd 2> /dev/null || :
|
|
fi
|
|
|
|
%post
|
|
/sbin/ldconfig
|
|
|
|
CAVD_ETC_DIR=/etc/CASA/authtoken.d/validate.d
|
|
|
|
setup_casa_atvd_env()
|
|
{
|
|
# Save copy of enviroments file if it already exists
|
|
if [ -f $CAVD_ETC_DIR/envvars ]; then
|
|
mv $CAVD_ETC_DIR/envvars $CAVD_ETC_DIR/envvars.bak
|
|
fi
|
|
|
|
# Create envvars file
|
|
cat > $CAVD_ETC_DIR/envvars <<!
|
|
############################################################
|
|
# #
|
|
# Environment variable file for casa_atvd. #
|
|
# #
|
|
# Note: This file is sourced by the casa_atvd rc script #
|
|
# when starting the service. #
|
|
# #
|
|
# The following variables are utilized by the daemon #
|
|
# and its rc script: #
|
|
# #
|
|
# DAEMON_NO_AUTORESTART_AFTER_CRASH - #
|
|
# #
|
|
# Set this variable to "1" if you want to disable the #
|
|
# auto-restart daemon after abnormal termination #
|
|
# feature. This variable is intended to facilitate #
|
|
# the discovery of problems during quality assurance #
|
|
# testing. Disabling of the auto-restart daemon after #
|
|
# abnormal termination feature will result in a #
|
|
# configuration that is less fault tolerant. #
|
|
# #
|
|
# DAEMON_COREDUMPS_WANTED - #
|
|
# #
|
|
# Set this variable to allow core dumps to be taken #
|
|
# when a daemon terminates abnormally. This variable #
|
|
# is only meaningful when the auto-restart daemon #
|
|
# feature mentioned above is enabled. Core dumps are #
|
|
# allowed to be taken when the auto-restart daemon #
|
|
# feature is disabled. Core dumps of novell-xsrvd #
|
|
# service processes are taken to the #
|
|
# /var/novell/xtier folder. #
|
|
# #
|
|
############################################################
|
|
LD_LIBRARY_PATH="\${LD_LIBRARY_PATH}":/usr/lib/jvm/java-1.5.0-ibm/jre/bin:/usr/lib/jvm/java-1.5.0-ibm/jre/bin/classic
|
|
export LD_LIBRARY_PATH
|
|
!
|
|
chmod +x $CAVD_ETC_DIR/envvars
|
|
}
|
|
|
|
# Do not run the rest of the script if this is an upgrade
|
|
if test "$1" != 1; then
|
|
setup_casa_atvd_env
|
|
exit 0
|
|
fi
|
|
|
|
# Create link to init.d script in /usr/sbin
|
|
if [ -f /usr/sbin/rccasa_atvd ] || [ -L /usr/sbin/rccasa_atvd ]; then
|
|
rm -f /usr/sbin/rccasa_atvd
|
|
fi
|
|
ln -s /etc/init.d/casa_atvd /usr/sbin/rccasa_atvd
|
|
|
|
setup_casa_atvd_env
|
|
|
|
# Install casa_atvd init script
|
|
/usr/lib/lsb/install_initd /etc/init.d/casa_atvd
|
|
|
|
|
|
%preun
|
|
|
|
# Do not run script if this is an install
|
|
if test "$1" == 1; then
|
|
exit 0
|
|
fi
|
|
|
|
# Stop casa_atvd
|
|
/etc/init.d/casa_atvd stop
|
|
|
|
# Remove casa_atvd init script
|
|
/usr/lib/lsb/remove_initd /etc/init.d/casa_atvd
|
|
|
|
|
|
%postun
|
|
/sbin/ldconfig
|
|
|
|
# We just want to start the casa_atvd service if this is an upgrade
|
|
if test "$1" == 1; then
|
|
/etc/init.d/casa_atvd start
|
|
exit 0
|
|
fi
|
|
|
|
# Remove symbolic link to init.d script
|
|
if [ -f /usr/sbin/rccasa_atvd ] || [ -L /usr/sbin/rccasa_atvd ]; then
|
|
rm -f /usr/sbin/rccasa_atvd
|
|
fi
|
|
|
|
# Delete the casaatvd user
|
|
userdel casaatvd
|
|
|
|
# Delete the var files
|
|
rm -rf //var/lib/CASA/authtoken/validate
|
|
|
|
|
|
%files
|
|
%defattr(-,root,root)
|
|
%dir /var/lib/CASA
|
|
%dir /var/lib/CASA/authtoken
|
|
%dir %attr(-, casaatvd, casaauth) /var/lib/CASA/authtoken/validate
|
|
%dir /etc/CASA
|
|
%dir /etc/CASA/authtoken.d
|
|
%dir /etc/CASA/authtoken.d/validate.d
|
|
%dir /etc/CASA/authtoken.d/modules.d
|
|
%{prefix}/%{_lib}/libcasa_s_authtoken.so.%{bldno}
|
|
%{prefix}/%{_lib}/libcasa_s_authtoken.so
|
|
%{prefix}/%{_lib}/libcasa_s_authtoken.so.1
|
|
%{prefix}/%{_lib}/casa_iden_token.so.%{bldno}
|
|
%{prefix}/%{_lib}/casa_iden_token.so
|
|
%{prefix}/%{_lib}/casa_iden_token.so.1
|
|
%{prefix}/%{_lib}/libcasa_c_ipc.so.%{bldno}
|
|
%{prefix}/%{_lib}/libcasa_c_ipc.so
|
|
%{prefix}/%{_lib}/libcasa_c_ipc.so.1
|
|
%{prefix}/%{_lib}/libcasa_s_ipc.so.%{bldno}
|
|
%{prefix}/%{_lib}/libcasa_s_ipc.so
|
|
%{prefix}/%{_lib}/libcasa_s_ipc.so.1
|
|
%{prefix}/bin/casa_atvd
|
|
/etc/CASA/authtoken.d/modules.d/CasaIdentityToken.conf
|
|
/etc/init.d/casa_atvd
|
|
|
|
|
|
## CASA_auth_token_pam_support ##
|
|
%pre -n CASA_auth_token_pam_support
|
|
# Nothing to do in this pre script
|
|
|
|
%post -n CASA_auth_token_pam_support
|
|
/sbin/ldconfig
|
|
|
|
%preun -n CASA_auth_token_pam_support
|
|
# Nothing to do in this preun script
|
|
|
|
%postun -n CASA_auth_token_pam_support
|
|
/sbin/ldconfig
|
|
|
|
%files -n CASA_auth_token_pam_support
|
|
%defattr(-,root,root)
|
|
%dir /%{_lib}/security
|
|
/%{_lib}/security/pam_casaauthtok.so
|
|
|
|
|
|
## CASA_auth_token_apache2_2_support ##
|
|
%pre -n CASA_auth_token_apache2_2_support
|
|
# Nothing to do in this pre script
|
|
|
|
%post -n CASA_auth_token_apache2_2_support
|
|
/sbin/ldconfig
|
|
|
|
%preun -n CASA_auth_token_apache2_2_support
|
|
# Nothing to do in this preun script
|
|
|
|
%postun -n CASA_auth_token_apache2_2_support
|
|
/sbin/ldconfig
|
|
|
|
%files -n CASA_auth_token_apache2_2_support
|
|
%defattr(-,root,root)
|
|
%{prefix}/%{_lib}/mod_authn_casa.so.%{bldno}
|
|
%{prefix}/%{_lib}/mod_authn_casa.so
|
|
%{prefix}/%{_lib}/mod_authn_casa.so.1
|
|
|
|
|
|
## CASA_auth_token-devel ##
|
|
%pre -n CASA_auth_token-devel
|
|
# Nothing to do in this pre script
|
|
|
|
%post -n CASA_auth_token-devel
|
|
# Nothing to do in this post script
|
|
|
|
%preun -n CASA_auth_token-devel
|
|
# Nothing to do in this preun script
|
|
|
|
%postun -n CASA_auth_token-devel
|
|
# Nothing to do in this postun script
|
|
|
|
%files -n CASA_auth_token-devel
|
|
%defattr(-,root,root)
|
|
%{prefix}/include/casa_c_authtoken.h
|
|
%{prefix}/include/casa_s_authtoken.h
|
|
%{prefix}/include/casa_c_ipc.h
|
|
%{prefix}/include/casa_s_ipc.h
|
|
|
|
%changelog -n CASA_auth_token_native
|