tcp_wrappers-vl.spec 9.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293
  1. %define build_compat32 %{?_with_compat32:1}%{!?_with_compat32:0}
  2. %define LIB_MAJOR 0
  3. %define LIB_MINOR 7
  4. %define LIB_REL 6
  5. Summary: A security tool which acts as a wrapper for TCP daemons.
  6. Summary(ja): TCP デーモンのラッパとして働くセキュリティツール
  7. Name: tcp_wrappers
  8. Version: 7.6
  9. Release: 39%{?_dist_release}
  10. License: BSD
  11. Group: System Environment/Daemons
  12. Source: ftp://ftp.porcupine.org/pub/security/tcp_wrappers_7.6.tar.gz
  13. Patch0: tcpw7.2-config.patch
  14. Patch1: tcpw7.2-setenv.patch
  15. Patch2: tcpw7.6-netgroup.patch
  16. Patch3: tcp_wrappers-7.6-bug11881.patch
  17. Patch4: tcp_wrappers-7.6-bug17795.patch
  18. Patch5: tcp_wrappers-7.6-bug17847.patch
  19. Patch6: tcp_wrappers-7.6-fixgethostbyname.patch
  20. Patch7: tcp_wrappers-7.6-docu.patch
  21. Patch8: tcp_wrappers-7.6-casesens.patch
  22. Patch9: tcp_wrappers.usagi-ipv6.patch
  23. Patch10: tcp_wrappers.ume-ipv6.patch
  24. Patch11: tcp_wrappers-7.6-shared.patch
  25. Patch12: tcp_wrappers-7.6-sig.patch
  26. Patch13: tcp_wrappers-7.6-strerror.patch
  27. Patch14: tcp_wrappers-7.6-ldflags.patch
  28. Patch15: tcp_wrappers-7.6-fix_sig-bug141110.patch
  29. Patch16: tcp_wrappers-7.6-162412.patch
  30. Patch17: tcp_wrappers-7.6-220015.patch
  31. Patch18: tcp_wrappers-7.6-restore_sigalarm.patch
  32. Patch19: tcp_wrappers-7.6-siglongjmp.patch
  33. Patch20: tcp_wrappers-7.6-sigchld.patch
  34. Patch21: tcp_wrappers-7.6-196326.patch
  35. Patch22: tcp_wrappers_7.6-249430.patch
  36. Patch23: tcp_wrappers-7.6-aclexec.patch
  37. Patch24: tcp_wrappers-7.6-fix-multidef.patch
  38. # required by sin_scope_id in ipv6 patch
  39. BuildRequires: glibc-devel >= 2.2
  40. BuildRoot: %{_tmppath}/%{name}-%{version}-root
  41. %description
  42. The tcp_wrappers package provides small daemon programs which can
  43. monitor and filter incoming requests for systat, finger, FTP, telnet,
  44. rlogin, rsh, exec, tftp, talk and other network services.
  45. Install the tcp_wrappers program if you need a security tool for
  46. filtering incoming network services requests.
  47. %description -l ja
  48. tcp_wrapper パッケージには小さなデーモンプログラムが収められており,
  49. systat, finger, FTP, telnet, rlogin, rsh, exec, tftp, talk, その他
  50. 様々なネットワークサービスに対する外部からの要求を監視し,フィルタリング
  51. することが出来ます.
  52. ネットワークサービスに対する外部からのリクエストをフィルタリング
  53. 出来るセキュリティツールが必要ならば tcp_wrappers パッケージを
  54. インストールして下さい.
  55. ## to build compat32 for x86_64 architecture support
  56. %package -n compat32-%{name}
  57. Summary: A security tool which acts as a wrapper for TCP daemons.
  58. Summary(ja): TCP デーモンのラッパとして働くセキュリティツール
  59. Group: System Environment/Daemons
  60. %description -n compat32-%{name}
  61. The tcp_wrappers package provides small daemon programs which can
  62. monitor and filter incoming requests for systat, finger, FTP, telnet,
  63. rlogin, rsh, exec, tftp, talk and other network services.
  64. Install the tcp_wrappers program if you need a security tool for
  65. filtering incoming network services requests.
  66. %prep
  67. %setup -q -n tcp_wrappers_7.6
  68. %patch0 -p1 -b .config
  69. %patch1 -p1 -b .setenv
  70. %patch2 -p1 -b .netgroup
  71. %patch3 -p1 -b .bug11881
  72. %patch4 -p1 -b .bug17795
  73. %patch5 -p1 -b .bug17847
  74. %patch6 -p1 -b .fixgethostbyname
  75. %patch7 -p1 -b .docu
  76. %patch8 -p1 -b .man
  77. %patch9 -p1 -b .usagi-ipv6
  78. %patch10 -p1 -b .ume-ipv6
  79. %patch11 -p1 -b .shared
  80. %patch12 -p1 -b .sig
  81. %patch13 -p1 -b .strerror
  82. %patch14 -p1 -b .cflags
  83. %patch15 -p1 -b .fix_sig
  84. %patch16 -p1 -b .162412
  85. %patch17 -p1 -b .220015
  86. %patch18 -p1 -b .restore_sigalarm
  87. %patch19 -p1 -b .siglongjmp
  88. %patch20 -p1 -b .sigchld
  89. %patch21 -p1 -b .196326
  90. %patch22 -p1 -b .249430
  91. %patch23 -p1 -b .aclexec
  92. %patch24 -p1 -b .multidef
  93. # Disable static library creation by default.
  94. %define with_static 0
  95. %build
  96. make RPM_OPT_FLAGS="$RPM_OPT_FLAGS -fPIC -DPIC -D_REENTRANT -DHAVE_STRERROR -DACLEXEC" \
  97. LDFLAGS="-pie" MAJOR=%{LIB_MAJOR} MINOR=%{LIB_MINOR} REL=%{LIB_REL} linux
  98. %install
  99. [ -n "$RPM_BUILD_ROOT" -a "$RPM_BUILD_ROOT" != / ] && rm -rf $RPM_BUILD_ROOT
  100. mkdir -p ${RPM_BUILD_ROOT}%{_includedir}
  101. mkdir -p ${RPM_BUILD_ROOT}%{_libdir}
  102. mkdir -p ${RPM_BUILD_ROOT}%{_mandir}/man{3,5,8}
  103. mkdir -p ${RPM_BUILD_ROOT}%{_sbindir}
  104. cp hosts_access.3 ${RPM_BUILD_ROOT}%{_mandir}/man3
  105. cp hosts_access.5 hosts_options.5 ${RPM_BUILD_ROOT}%{_mandir}/man5
  106. cp tcpd.8 tcpdchk.8 tcpdmatch.8 ${RPM_BUILD_ROOT}%{_mandir}/man8
  107. ln -sf hosts_access.5 ${RPM_BUILD_ROOT}%{_mandir}/man5/hosts.allow.5
  108. ln -sf hosts_access.5 ${RPM_BUILD_ROOT}%{_mandir}/man5/hosts.deny.5
  109. %if %{with_static}
  110. cp -a libwrap.a ${RPM_BUILD_ROOT}%{_libdir}
  111. %endif
  112. cp -a libwrap.so* ${RPM_BUILD_ROOT}%{_libdir}
  113. install -p -m644 tcpd.h ${RPM_BUILD_ROOT}%{_includedir}
  114. install -m755 safe_finger ${RPM_BUILD_ROOT}%{_sbindir}
  115. install -m711 tcpd ${RPM_BUILD_ROOT}%{_sbindir}
  116. install -m755 try-from ${RPM_BUILD_ROOT}%{_sbindir}
  117. ## XXX remove utilities that expect /etc/inetd.conf (#16059).
  118. ##install -m755 tcpdchk ${RPM_BUILD_ROOT}%{_sbindir}
  119. ##install -m755 tcpdmatch ${RPM_BUILD_ROOT}%{_sbindir}
  120. #rm -f ${RPM_BUILD_ROOT}%{_mandir}/man8/tcpdmatch.*
  121. #rm -f ${RPM_BUILD_ROOT}%{_mandir}/man8/tcpdchk.*
  122. ## keep tcpdchk and tcpdmatch included here
  123. ## until xinetd is introduced for Vine Linux....
  124. ##
  125. install -m755 tcpdchk $RPM_BUILD_ROOT%{_sbindir}
  126. install -m755 tcpdmatch $RPM_BUILD_ROOT%{_sbindir}
  127. %post -p /sbin/ldconfig
  128. %postun -p /sbin/ldconfig
  129. %post -n compat32-%{name} -p /sbin/ldconfig
  130. %postun -n compat32-%{name} -p /sbin/ldconfig
  131. %clean
  132. [ -n "$RPM_BUILD_ROOT" -a "$RPM_BUILD_ROOT" != / ] && rm -rf $RPM_BUILD_ROOT
  133. %files
  134. %defattr(-,root,root)
  135. %doc BLURB CHANGES README* DISCLAIMER Banners.Makefile
  136. %{_mandir}/man[358]/*
  137. %{_includedir}/*
  138. %if %{with_static}
  139. %{_libdir}/*.a
  140. %endif
  141. %{_libdir}/*.so
  142. %{_libdir}/*.so.*
  143. %{_sbindir}/*
  144. %if %{build_compat32}
  145. %files -n compat32-%{name}
  146. %defattr(-,root,root)
  147. %if %{with_static}
  148. %{_libdir}/*.a
  149. %endif
  150. %{_libdir}/*.so
  151. %{_libdir}/*.so.*
  152. %endif
  153. %changelog
  154. * Tue Aug 07 2012 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 7.6-39
  155. - added Patch23 from debian (aclexec support).
  156. - added Patch24 (fix multiple definition).
  157. * Sun Apr 17 2011 Shu KONNO <owa@bg.wakwak.com> 7.6-38
  158. - rebuilt with rpm-4.8.1-3
  159. * Fri Feb 19 2010 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 7.6-37
  160. - s/BuildPrereq/BuildRequires/
  161. - added Patch14-22 from FC
  162. * Wed Jul 25 2007 Tomas Janousek <tjanouse@redhat.com> - 7.6-49
  163. - fix for a.b.c.d/255.255.255.255 - fixes #249430
  164. * Thu Jun 28 2007 Tomas Janousek <tjanouse@redhat.com> - 7.6-48
  165. - compare localhost and localhost.localdomain as the same
  166. * Wed Jun 06 2007 Tomas Janousek <tjanouse@redhat.com> - 7.6-47
  167. - fix the hostname resolving patch for x86_64
  168. * Fri May 25 2007 Tomas Janousek <tjanouse@redhat.com> - 7.6-45
  169. - unblock and catch SIGCHLD from spawned shell commands, fixes #112975
  170. * Mon Apr 16 2007 Tomas Janousek <tjanouse@redhat.com> - 7.6-44
  171. - added restore_sigalarm and siglongjmp patches from Debian, fixes #205129
  172. * Fri Mar 09 2007 Tomas Janousek <tjanouse@redhat.com> - 7.6-43
  173. - resolve hostnames in hosts.{allow,deny}, should fix a bunch of issues with
  174. IPv4/6
  175. * Tue Jan 24 2006 Thomas Woerner <twoerner@redhat.com> 7.6-40
  176. - fixed uninitialized fp in function inet_cfg (#162412)
  177. * Fri May 6 2005 Thomas Woerner <twoerner@redhat.com> 7.6-39
  178. - fixed sig patch (#141110). Thanks to Nikita Shulga for the patch
  179. * Mon May 04 2009 NAKAMURA Kenta <kenta@vinelinux.org> 7.6-36
  180. - removed unnecessary %%if %{build_compat32} statements
  181. - removed the static library libwrap.a by default
  182. * Wed Jul 09 2008 Daisuke SUZUKI <daisuke@linux.or.jp> 7.6-35
  183. - new versioning policy
  184. - spec in UTF-8
  185. * Fri Feb 17 2006 Shu KONNO <owa@bg.wakwak.com> 7.6-34vl3
  186. - added compat32-* packages for x86_64 architecture support
  187. - fixed tcp_wrappers-7.6-shared.patch (which changed gcc to $CC)
  188. * Wed Nov 03 2004 Daisuke SUZUKI <daisuke@linux.or.jp> 7.6-34vl2
  189. - new upstream release
  190. - add libwrap.so* to %%files
  191. * Fri Jul 4 2003 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 7.6-34vl1
  192. - based on 7.6-34 from Rawhide, applied some patches
  193. - rebuild with new toolchains
  194. - s/Copyright/License/
  195. * Wed Jan 10 2001 MATSUBAYASHI 'Shaolin' Kohji <shaolin@rhythmaning.org>
  196. - 7.6-17vl0
  197. - based on 7.6-17 from Rawhide
  198. - added Japanese summary and description
  199. - keep tcpdmatch and tcpchk still until xinetd is introduced for Vine
  200. (if so in the future, these two program should be removed again...)
  201. * Sat Dec 30 2000 Jeff Johnson <jbj@redhat.com>
  202. - permit hosts.{allow,deny} to be assembled from included components (#17795).
  203. - permit '*' and '?' wildcard matches on hostnames (#17847).
  204. * Sun Nov 19 2000 Bill Nottingham <notting@redhat.com>
  205. - ia64 needs -fPIC too
  206. * Mon Aug 14 2000 Jeff Johnson <jbj@redhat.com>
  207. - remove utilities that expect /etc/inetd.conf (#16059).
  208. * Thu Jul 27 2000 Jeff Johnson <jbj@redhat.com>
  209. - security hardening (#11881).
  210. * Wed Jul 12 2000 Prospector <bugzilla@redhat.com>
  211. - automatic rebuild
  212. * Tue Jun 6 2000 Jeff Johnson <jbj@redhat.com>
  213. - FHS packaging.
  214. * Tue May 16 2000 Chris Evans <chris@ferret.lmh.ox.ac.uk>
  215. - Make tcpd mode -rwx--x--x as a security hardening measure
  216. * Mon Feb 7 2000 Jeff Johnson <jbj@redhat.com>
  217. - compress man pages.
  218. * Mon Aug 23 1999 Jeff Johnson <jbj@redhat.com>
  219. - add netgroup support (#3940).
  220. * Wed May 26 1999 Jeff Johnson <jbj@redhat.com>
  221. - compile on sparc with -fPIC.
  222. * Sun Mar 21 1999 Cristian Gafton <gafton@redhat.com>
  223. - auto rebuild in the new build environment (release 7)
  224. * Wed Dec 30 1998 Cristian Gafton <gafton@redhat.com>
  225. - build for glibc 2.1
  226. * Sat Aug 22 1998 Jeff Johnson <jbj@redhat.com>
  227. - close setenv bug (problem #690)
  228. - spec file cleanup
  229. * Thu Jun 25 1998 Alan Cox <alan@redhat.com>
  230. - Erp where did the Dec 05 patch escape to
  231. * Thu May 07 1998 Prospector System <bugs@redhat.com>
  232. - translations modified for de, fr, tr
  233. * Fri Dec 05 1997 Erik Troan <ewt@redhat.com>
  234. - don't build setenv.o module -- it just breaks things
  235. * Wed Oct 29 1997 Marc Ewing <marc@redhat.com>
  236. - upgrade to 7.6
  237. * Thu Jul 17 1997 Erik Troan <ewt@redhat.com>
  238. - built against glibc
  239. * Mon Mar 03 1997 Erik Troan <ewt@redhat.com>
  240. - Upgraded to version 7.5
  241. - Uses a build root