tcp_wrappers-vl.spec 9.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282
  1. %define build_compat32 %{?_with_compat32:1}%{!?_with_compat32:0}
  2. %define LIB_MAJOR 0
  3. %define LIB_MINOR 7
  4. %define LIB_REL 6
  5. Summary: A security tool which acts as a wrapper for TCP daemons.
  6. Summary(ja): TCP デーモンのラッパとして働くセキュリティツール
  7. Name: tcp_wrappers
  8. Version: 7.6
  9. Release: 37%{?_dist_release}
  10. License: BSD
  11. Group: System Environment/Daemons
  12. Source: ftp://ftp.porcupine.org/pub/security/tcp_wrappers_7.6.tar.gz
  13. Patch0: tcpw7.2-config.patch
  14. Patch1: tcpw7.2-setenv.patch
  15. Patch2: tcpw7.6-netgroup.patch
  16. Patch3: tcp_wrappers-7.6-bug11881.patch
  17. Patch4: tcp_wrappers-7.6-bug17795.patch
  18. Patch5: tcp_wrappers-7.6-bug17847.patch
  19. Patch6: tcp_wrappers-7.6-fixgethostbyname.patch
  20. Patch7: tcp_wrappers-7.6-docu.patch
  21. Patch8: tcp_wrappers-7.6-casesens.patch
  22. Patch9: tcp_wrappers.usagi-ipv6.patch
  23. Patch10: tcp_wrappers.ume-ipv6.patch
  24. Patch11: tcp_wrappers-7.6-shared.patch
  25. Patch12: tcp_wrappers-7.6-sig.patch
  26. Patch13: tcp_wrappers-7.6-strerror.patch
  27. Patch14: tcp_wrappers-7.6-ldflags.patch
  28. Patch15: tcp_wrappers-7.6-fix_sig-bug141110.patch
  29. Patch16: tcp_wrappers-7.6-162412.patch
  30. Patch17: tcp_wrappers-7.6-220015.patch
  31. Patch18: tcp_wrappers-7.6-restore_sigalarm.patch
  32. Patch19: tcp_wrappers-7.6-siglongjmp.patch
  33. Patch20: tcp_wrappers-7.6-sigchld.patch
  34. Patch21: tcp_wrappers-7.6-196326.patch
  35. Patch22: tcp_wrappers_7.6-249430.patch
  36. # required by sin_scope_id in ipv6 patch
  37. BuildRequires: glibc-devel >= 2.2
  38. BuildRoot: %{_tmppath}/%{name}-%{version}-root
  39. %description
  40. The tcp_wrappers package provides small daemon programs which can
  41. monitor and filter incoming requests for systat, finger, FTP, telnet,
  42. rlogin, rsh, exec, tftp, talk and other network services.
  43. Install the tcp_wrappers program if you need a security tool for
  44. filtering incoming network services requests.
  45. %description -l ja
  46. tcp_wrapper パッケージには小さなデーモンプログラムが収められており,
  47. systat, finger, FTP, telnet, rlogin, rsh, exec, tftp, talk, その他
  48. 様々なネットワークサービスに対する外部からの要求を監視し,フィルタリング
  49. することが出来ます.
  50. ネットワークサービスに対する外部からのリクエストをフィルタリング
  51. 出来るセキュリティツールが必要ならば tcp_wrappers パッケージを
  52. インストールして下さい.
  53. ## to build compat32 for x86_64 architecture support
  54. %package -n compat32-%{name}
  55. Summary: A security tool which acts as a wrapper for TCP daemons.
  56. Summary(ja): TCP デーモンのラッパとして働くセキュリティツール
  57. Group: System Environment/Daemons
  58. %description -n compat32-%{name}
  59. The tcp_wrappers package provides small daemon programs which can
  60. monitor and filter incoming requests for systat, finger, FTP, telnet,
  61. rlogin, rsh, exec, tftp, talk and other network services.
  62. Install the tcp_wrappers program if you need a security tool for
  63. filtering incoming network services requests.
  64. %prep
  65. %setup -q -n tcp_wrappers_7.6
  66. %patch0 -p1 -b .config
  67. %patch1 -p1 -b .setenv
  68. %patch2 -p1 -b .netgroup
  69. %patch3 -p1 -b .bug11881
  70. %patch4 -p1 -b .bug17795
  71. %patch5 -p1 -b .bug17847
  72. %patch6 -p1 -b .fixgethostbyname
  73. %patch7 -p1 -b .docu
  74. %patch8 -p1 -b .man
  75. %patch9 -p1 -b .usagi-ipv6
  76. %patch10 -p1 -b .ume-ipv6
  77. %patch11 -p1 -b .shared
  78. %patch12 -p1 -b .sig
  79. %patch13 -p1 -b .strerror
  80. %patch14 -p1 -b .cflags
  81. %patch15 -p1 -b .fix_sig
  82. %patch16 -p1 -b .162412
  83. %patch17 -p1 -b .220015
  84. %patch18 -p1 -b .restore_sigalarm
  85. %patch19 -p1 -b .siglongjmp
  86. %patch20 -p1 -b .sigchld
  87. %patch21 -p1 -b .196326
  88. %patch22 -p1 -b .249430
  89. # Disable static library creation by default.
  90. %define with_static 0
  91. %build
  92. make RPM_OPT_FLAGS="$RPM_OPT_FLAGS -fPIC -DPIC -D_REENTRANT -DHAVE_STRERROR" \
  93. LDFLAGS="-pie" MAJOR=%{LIB_MAJOR} MINOR=%{LIB_MINOR} REL=%{LIB_REL} linux
  94. %install
  95. [ -n "$RPM_BUILD_ROOT" -a "$RPM_BUILD_ROOT" != / ] && rm -rf $RPM_BUILD_ROOT
  96. mkdir -p ${RPM_BUILD_ROOT}%{_includedir}
  97. mkdir -p ${RPM_BUILD_ROOT}%{_libdir}
  98. mkdir -p ${RPM_BUILD_ROOT}%{_mandir}/man{3,5,8}
  99. mkdir -p ${RPM_BUILD_ROOT}%{_sbindir}
  100. cp hosts_access.3 ${RPM_BUILD_ROOT}%{_mandir}/man3
  101. cp hosts_access.5 hosts_options.5 ${RPM_BUILD_ROOT}%{_mandir}/man5
  102. cp tcpd.8 tcpdchk.8 tcpdmatch.8 ${RPM_BUILD_ROOT}%{_mandir}/man8
  103. ln -sf hosts_access.5 ${RPM_BUILD_ROOT}%{_mandir}/man5/hosts.allow.5
  104. ln -sf hosts_access.5 ${RPM_BUILD_ROOT}%{_mandir}/man5/hosts.deny.5
  105. %if %{with_static}
  106. cp -a libwrap.a ${RPM_BUILD_ROOT}%{_libdir}
  107. %endif
  108. cp -a libwrap.so* ${RPM_BUILD_ROOT}%{_libdir}
  109. install -p -m644 tcpd.h ${RPM_BUILD_ROOT}%{_includedir}
  110. install -m755 safe_finger ${RPM_BUILD_ROOT}%{_sbindir}
  111. install -m711 tcpd ${RPM_BUILD_ROOT}%{_sbindir}
  112. install -m755 try-from ${RPM_BUILD_ROOT}%{_sbindir}
  113. ## XXX remove utilities that expect /etc/inetd.conf (#16059).
  114. ##install -m755 tcpdchk ${RPM_BUILD_ROOT}%{_sbindir}
  115. ##install -m755 tcpdmatch ${RPM_BUILD_ROOT}%{_sbindir}
  116. #rm -f ${RPM_BUILD_ROOT}%{_mandir}/man8/tcpdmatch.*
  117. #rm -f ${RPM_BUILD_ROOT}%{_mandir}/man8/tcpdchk.*
  118. ## keep tcpdchk and tcpdmatch included here
  119. ## until xinetd is introduced for Vine Linux....
  120. ##
  121. install -m755 tcpdchk $RPM_BUILD_ROOT%{_sbindir}
  122. install -m755 tcpdmatch $RPM_BUILD_ROOT%{_sbindir}
  123. %post -p /sbin/ldconfig
  124. %postun -p /sbin/ldconfig
  125. %post -n compat32-%{name} -p /sbin/ldconfig
  126. %postun -n compat32-%{name} -p /sbin/ldconfig
  127. %clean
  128. [ -n "$RPM_BUILD_ROOT" -a "$RPM_BUILD_ROOT" != / ] && rm -rf $RPM_BUILD_ROOT
  129. %files
  130. %defattr(-,root,root)
  131. %doc BLURB CHANGES README* DISCLAIMER Banners.Makefile
  132. %{_mandir}/man[358]/*
  133. %{_includedir}/*
  134. %if %{with_static}
  135. %{_libdir}/*.a
  136. %endif
  137. %{_libdir}/*.so
  138. %{_libdir}/*.so.*
  139. %{_sbindir}/*
  140. %if %{build_compat32}
  141. %files -n compat32-%{name}
  142. %defattr(-,root,root)
  143. %if %{with_static}
  144. %{_libdir}/*.a
  145. %endif
  146. %{_libdir}/*.so
  147. %{_libdir}/*.so.*
  148. %endif
  149. %changelog
  150. * Fri Feb 19 2010 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 7.6-37
  151. - s/BuildPrereq/BuildRequires/
  152. - added Patch14-22 from FC
  153. * Wed Jul 25 2007 Tomas Janousek <tjanouse@redhat.com> - 7.6-49
  154. - fix for a.b.c.d/255.255.255.255 - fixes #249430
  155. * Thu Jun 28 2007 Tomas Janousek <tjanouse@redhat.com> - 7.6-48
  156. - compare localhost and localhost.localdomain as the same
  157. * Wed Jun 06 2007 Tomas Janousek <tjanouse@redhat.com> - 7.6-47
  158. - fix the hostname resolving patch for x86_64
  159. * Fri May 25 2007 Tomas Janousek <tjanouse@redhat.com> - 7.6-45
  160. - unblock and catch SIGCHLD from spawned shell commands, fixes #112975
  161. * Mon Apr 16 2007 Tomas Janousek <tjanouse@redhat.com> - 7.6-44
  162. - added restore_sigalarm and siglongjmp patches from Debian, fixes #205129
  163. * Fri Mar 09 2007 Tomas Janousek <tjanouse@redhat.com> - 7.6-43
  164. - resolve hostnames in hosts.{allow,deny}, should fix a bunch of issues with
  165. IPv4/6
  166. * Tue Jan 24 2006 Thomas Woerner <twoerner@redhat.com> 7.6-40
  167. - fixed uninitialized fp in function inet_cfg (#162412)
  168. * Fri May 6 2005 Thomas Woerner <twoerner@redhat.com> 7.6-39
  169. - fixed sig patch (#141110). Thanks to Nikita Shulga for the patch
  170. * Mon May 04 2009 NAKAMURA Kenta <kenta@vinelinux.org> 7.6-36
  171. - removed unnecessary %%if %{build_compat32} statements
  172. - removed the static library libwrap.a by default
  173. * Wed Jul 09 2008 Daisuke SUZUKI <daisuke@linux.or.jp> 7.6-35
  174. - new versioning policy
  175. - spec in UTF-8
  176. * Fri Feb 17 2006 Shu KONNO <owa@bg.wakwak.com> 7.6-34vl3
  177. - added compat32-* packages for x86_64 architecture support
  178. - fixed tcp_wrappers-7.6-shared.patch (which changed gcc to $CC)
  179. * Wed Nov 03 2004 Daisuke SUZUKI <daisuke@linux.or.jp> 7.6-34vl2
  180. - new upstream release
  181. - add libwrap.so* to %%files
  182. * Fri Jul 4 2003 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 7.6-34vl1
  183. - based on 7.6-34 from Rawhide, applied some patches
  184. - rebuild with new toolchains
  185. - s/Copyright/License/
  186. * Wed Jan 10 2001 MATSUBAYASHI 'Shaolin' Kohji <shaolin@rhythmaning.org>
  187. - 7.6-17vl0
  188. - based on 7.6-17 from Rawhide
  189. - added Japanese summary and description
  190. - keep tcpdmatch and tcpchk still until xinetd is introduced for Vine
  191. (if so in the future, these two program should be removed again...)
  192. * Sat Dec 30 2000 Jeff Johnson <jbj@redhat.com>
  193. - permit hosts.{allow,deny} to be assembled from included components (#17795).
  194. - permit '*' and '?' wildcard matches on hostnames (#17847).
  195. * Sun Nov 19 2000 Bill Nottingham <notting@redhat.com>
  196. - ia64 needs -fPIC too
  197. * Mon Aug 14 2000 Jeff Johnson <jbj@redhat.com>
  198. - remove utilities that expect /etc/inetd.conf (#16059).
  199. * Thu Jul 27 2000 Jeff Johnson <jbj@redhat.com>
  200. - security hardening (#11881).
  201. * Wed Jul 12 2000 Prospector <bugzilla@redhat.com>
  202. - automatic rebuild
  203. * Tue Jun 6 2000 Jeff Johnson <jbj@redhat.com>
  204. - FHS packaging.
  205. * Tue May 16 2000 Chris Evans <chris@ferret.lmh.ox.ac.uk>
  206. - Make tcpd mode -rwx--x--x as a security hardening measure
  207. * Mon Feb 7 2000 Jeff Johnson <jbj@redhat.com>
  208. - compress man pages.
  209. * Mon Aug 23 1999 Jeff Johnson <jbj@redhat.com>
  210. - add netgroup support (#3940).
  211. * Wed May 26 1999 Jeff Johnson <jbj@redhat.com>
  212. - compile on sparc with -fPIC.
  213. * Sun Mar 21 1999 Cristian Gafton <gafton@redhat.com>
  214. - auto rebuild in the new build environment (release 7)
  215. * Wed Dec 30 1998 Cristian Gafton <gafton@redhat.com>
  216. - build for glibc 2.1
  217. * Sat Aug 22 1998 Jeff Johnson <jbj@redhat.com>
  218. - close setenv bug (problem #690)
  219. - spec file cleanup
  220. * Thu Jun 25 1998 Alan Cox <alan@redhat.com>
  221. - Erp where did the Dec 05 patch escape to
  222. * Thu May 07 1998 Prospector System <bugs@redhat.com>
  223. - translations modified for de, fr, tr
  224. * Fri Dec 05 1997 Erik Troan <ewt@redhat.com>
  225. - don't build setenv.o module -- it just breaks things
  226. * Wed Oct 29 1997 Marc Ewing <marc@redhat.com>
  227. - upgrade to 7.6
  228. * Thu Jul 17 1997 Erik Troan <ewt@redhat.com>
  229. - built against glibc
  230. * Mon Mar 03 1997 Erik Troan <ewt@redhat.com>
  231. - Upgraded to version 7.5
  232. - Uses a build root