[people/ms/strongswan.git] / packaging / redhat / freeswan.spec

Summary: FreeS/WAN IPSEC implementation
Name: freeswan
Version: 2.04
%define defkv %(rpm -q --qf='%{Version}-%{Release}\\n' kernel-source|tail -1)
# The default kernel version to build for is the latest of
# the installed kernel-source RPMs.
# This can be overridden by "--define 'kversion x.x.x-y.y.y'"
%{!?kversion: %{expand: %%define kversion %defkv}}
%define	krelver		%(echo %{kversion} | tr -s '-' '_')
# FreeS/WAN -pre/-rc nomenclature has to co-exist with hyphen paranoia
%define srcpkgver	%(echo %{version} | tr -s '_' '-')
%define our_release 1fs
%define debug_package %{nil}
Release: %{our_release}
License: GPL
Url: http://www.freeswan.org/
Source: freeswan-%{srcpkgver}.tar.gz
Group: System Environment/Daemons
BuildRoot: /var/tmp/%{name}-%{PACKAGE_VERSION}-root
%define __spec_install_post /usr/lib/rpm/brp-compress || :
BuildRequires: kernel-source = %{kversion}

%package userland
Summary: FreeS/WAN IPSEC usermod tools
Group: System Environment/Daemons
Provides: ipsec-userland
Obsoletes: freeswan
Requires: ipsec-kernel
Release: %{our_release}

%package doc
Summary: FreeS/WAN IPSEC full documentation
Group: System Environment/Daemons
Release: %{our_release}

%package module
Summary: FreeS/Wan kernel module
Group:  System Environment/Kernel
Release: %{krelver}_%{our_release}
Provides: ipsec-kernel
Requires: kernel = %{kversion}
# do not make the dependancy circular for now.
#Requires: ipsec-userland

%description userland
FreeS/WAN is a free implementation of IPSEC & IKE for Linux.  IPSEC is 
the Internet Protocol Security and uses strong cryptography to provide
both authentication and encryption services.  These services allow you
to build secure tunnels through untrusted networks.  Everything passing
through the untrusted net is encrypted by the ipsec gateway machine and 
decrypted by the gateway at the other end of the tunnel.  The resulting
tunnel is a virtual private network or VPN.

This package contains the daemons and userland tools for setting up
FreeS/WAN on a freeswan enabled kernel.

%description module
This package contains only the ipsec module for the RedHat series of kernels.

%description doc
This package contains extensive documentation of the FreeeS/WAN IPSEC
system.

%description
A dummy package that installs userland and kernel pieces.

%prep
%setup -q -n freeswan-%{srcpkgver}

%build
%{__make} \
  USERCOMPILE="-g %{optflags}" \
  INC_USRLOCAL=%{_prefix} \
  MANTREE=%{_mandir} \
  INC_RCDEFAULT=%{_initrddir} \
  programs
FS=$(pwd)
mkdir -p BUILD.%{_target_cpu}
mkdir -p BUILD.%{_target_cpu}-smp

cd packaging/redhat
for smp in -smp ""
do
%{__make} -C $FS MODBUILDDIR=$FS/BUILD.%{_target_cpu}$smp \
    FREESWANSRCDIR=$FS \
    KERNELSRC=/usr/src/linux-%{kversion} \
    ARCH=%{_arch} \
    SUBARCH=%{_arch} \
    MODULE_DEF_INCLUDE=$FS/packaging/redhat/config-%{_target_cpu}$smp.h \
    module
done

%install
%{__make} \
  DESTDIR=%{buildroot} \
  INC_USRLOCAL=%{_prefix} \
  MANTREE=%{buildroot}%{_mandir} \
  INC_RCDEFAULT=%{_initrddir} \
  install
install -d -m700 %{buildroot}%{_localstatedir}/run/pluto
install -d %{buildroot}%{_sbindir}

mkdir -p %{buildroot}/lib/modules/%{kversion}/kernel/net/ipsec
cp BUILD.%{_target_cpu}/ipsec.o \
 %{buildroot}/lib/modules/%{kversion}/kernel/net/ipsec

mkdir -p %{buildroot}/lib/modules/%{kversion}smp/kernel/net/ipsec
cp BUILD.%{_target_cpu}-smp/ipsec.o \
 %{buildroot}/lib/modules/%{kversion}smp/kernel/net/ipsec

%clean
rm -rf ${RPM_BUILD_ROOT}

%files doc
%defattr(-,root,root)
%doc doc
%doc %{_defaultdocdir}/freeswan/ipsec.conf-sample

%files userland
%defattr(-,root,root)
%doc BUGS CHANGES COPYING
%doc CREDITS INSTALL README
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ipsec.conf
%attr(0700,root,root) %dir %{_sysconfdir}/ipsec.d
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ipsec.d/policies/*
%config(noreplace) %{_initrddir}/ipsec
%{_libdir}/ipsec
%{_sbindir}/ipsec
%{_libexecdir}/ipsec
%doc %{_mandir}/*/*
%{_localstatedir}/run/pluto

%files module
%defattr (-,root,root)
/lib/modules/%{kversion}/kernel/net/ipsec
/lib/modules/%{kversion}smp/kernel/net/ipsec

%pre userland
%preun userland
if [ $1 = 0 ]; then
    /sbin/service ipsec stop || :
    /sbin/chkconfig --del ipsec
fi

%postun userland
if [ $1 -ge 1 ] ; then
  /sbin/service ipsec stop 2>&1 > /dev/null && /sbin/service ipsec start  2>&1 > /dev/null || :
fi

%postun module
%post module

%post userland
chkconfig --add ipsec

%changelog
* Fri Aug 22 2003 Sam Sgro <sam@freeswan.org>
- Juggling release/source package names to allow for 
  -pre/-rc releases to build.

* Thu Aug 14 2003 Sam Sgro <sam@freeswan.org>
- Reverting back to pre-x.509 version, cosmetic changes.

* Tue May 20 2003 Charlie Brady <charlieb@e-smith.com> 2.0.0-x509_1.3.2_2es
- Add "Obsoletes: freeswan" to userland RPM.

* Fri May 16 2003 Charlie Brady <charlieb@e-smith.com> 2.0.0-x509_1.3.2_1es
- Add version 1.3.2 of the x509 patch.
- Add missing /usr/libexec/ipsec dir and files.
- Minor tidy up of spec file.

* Thu May 15 2003 Charlie Brady <charlieb@e-smith.com> 2.0.0-1es
- Based on work by Paul Lahaie of Steamballoon, Michael
  Richardson of freeS/WAN team and Tuomo Soini <tis@foobar.fi>.
- Build freeswan RPMs from a single source RPM, for RedHat, but
  should work on any RPM based system.
Commit	Line	Data
997358a6 MW	1	Summary: FreeS/WAN IPSEC implementation
	2	Name: freeswan
	3	Version: 2.04
	4	%define defkv %(rpm -q --qf='%{Version}-%{Release}\\n' kernel-source\|tail -1)
	5	# The default kernel version to build for is the latest of
	6	# the installed kernel-source RPMs.
	7	# This can be overridden by "--define 'kversion x.x.x-y.y.y'"
	8	%{!?kversion: %{expand: %%define kversion %defkv}}
	9	%define krelver %(echo %{kversion} \| tr -s '-' '_')
	10	# FreeS/WAN -pre/-rc nomenclature has to co-exist with hyphen paranoia
	11	%define srcpkgver %(echo %{version} \| tr -s '_' '-')
	12	%define our_release 1fs
	13	%define debug_package %{nil}
	14	Release: %{our_release}
	15	License: GPL
	16	Url: http://www.freeswan.org/
	17	Source: freeswan-%{srcpkgver}.tar.gz
	18	Group: System Environment/Daemons
	19	BuildRoot: /var/tmp/%{name}-%{PACKAGE_VERSION}-root
	20	%define __spec_install_post /usr/lib/rpm/brp-compress \|\| :
	21	BuildRequires: kernel-source = %{kversion}
	22
	23	%package userland
	24	Summary: FreeS/WAN IPSEC usermod tools
	25	Group: System Environment/Daemons
	26	Provides: ipsec-userland
	27	Obsoletes: freeswan
	28	Requires: ipsec-kernel
	29	Release: %{our_release}
	30
	31	%package doc
	32	Summary: FreeS/WAN IPSEC full documentation
	33	Group: System Environment/Daemons
	34	Release: %{our_release}
	35
	36	%package module
	37	Summary: FreeS/Wan kernel module
	38	Group: System Environment/Kernel
	39	Release: %{krelver}_%{our_release}
	40	Provides: ipsec-kernel
	41	Requires: kernel = %{kversion}
	42	# do not make the dependancy circular for now.
	43	#Requires: ipsec-userland
	44
	45	%description userland
	46	FreeS/WAN is a free implementation of IPSEC & IKE for Linux. IPSEC is
	47	the Internet Protocol Security and uses strong cryptography to provide
	48	both authentication and encryption services. These services allow you
	49	to build secure tunnels through untrusted networks. Everything passing
	50	through the untrusted net is encrypted by the ipsec gateway machine and
	51	decrypted by the gateway at the other end of the tunnel. The resulting
	52	tunnel is a virtual private network or VPN.
	53
	54	This package contains the daemons and userland tools for setting up
	55	FreeS/WAN on a freeswan enabled kernel.
	56
	57	%description module
	58	This package contains only the ipsec module for the RedHat series of kernels.
	59
	60	%description doc
	61	This package contains extensive documentation of the FreeeS/WAN IPSEC
	62	system.
	63
	64	%description
65	A dummy package that installs userland and kernel pieces.
66
67	%prep
68	%setup -q -n freeswan-%{srcpkgver}
69
70	%build
71	%{__make} \
72	USERCOMPILE="-g %{optflags}" \
73	INC_USRLOCAL=%{_prefix} \
74	MANTREE=%{_mandir} \
75	INC_RCDEFAULT=%{_initrddir} \
76	programs
77	FS=$(pwd)
78	mkdir -p BUILD.%{_target_cpu}
79	mkdir -p BUILD.%{_target_cpu}-smp
80
81	cd packaging/redhat
82	for smp in -smp ""
83	do
84	%{__make} -C $FS MODBUILDDIR=$FS/BUILD.%{_target_cpu}$smp \
85	FREESWANSRCDIR=$FS \
86	KERNELSRC=/usr/src/linux-%{kversion} \
87	ARCH=%{_arch} \
88	SUBARCH=%{_arch} \
89	MODULE_DEF_INCLUDE=$FS/packaging/redhat/config-%{_target_cpu}$smp.h \
90	module
91	done
92
93	%install
94	%{__make} \
95	DESTDIR=%{buildroot} \
96	INC_USRLOCAL=%{_prefix} \
97	MANTREE=%{buildroot}%{_mandir} \
98	INC_RCDEFAULT=%{_initrddir} \
99	install
100	install -d -m700 %{buildroot}%{_localstatedir}/run/pluto
101	install -d %{buildroot}%{_sbindir}
102
103	mkdir -p %{buildroot}/lib/modules/%{kversion}/kernel/net/ipsec
104	cp BUILD.%{_target_cpu}/ipsec.o \
105	%{buildroot}/lib/modules/%{kversion}/kernel/net/ipsec
106
107	mkdir -p %{buildroot}/lib/modules/%{kversion}smp/kernel/net/ipsec
108	cp BUILD.%{_target_cpu}-smp/ipsec.o \
109	%{buildroot}/lib/modules/%{kversion}smp/kernel/net/ipsec
110
111	%clean
112	rm -rf ${RPM_BUILD_ROOT}
113
114	%files doc
115	%defattr(-,root,root)
116	%doc doc
117	%doc %{_defaultdocdir}/freeswan/ipsec.conf-sample
118
119	%files userland
120	%defattr(-,root,root)
121	%doc BUGS CHANGES COPYING
122	%doc CREDITS INSTALL README
123	%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ipsec.conf
124	%attr(0700,root,root) %dir %{_sysconfdir}/ipsec.d
125	%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ipsec.d/policies/*
126	%config(noreplace) %{_initrddir}/ipsec
127	%{_libdir}/ipsec
128	%{_sbindir}/ipsec
129	%{_libexecdir}/ipsec
130	%doc %{_mandir}//
131	%{_localstatedir}/run/pluto
132
133	%files module
134	%defattr (-,root,root)
135	/lib/modules/%{kversion}/kernel/net/ipsec
136	/lib/modules/%{kversion}smp/kernel/net/ipsec
137
138	%pre userland
139	%preun userland
140	if [ $1 = 0 ]; then
141	/sbin/service ipsec stop \|\| :
142	/sbin/chkconfig --del ipsec
143	fi
144
145	%postun userland
146	if [ $1 -ge 1 ] ; then
147	/sbin/service ipsec stop 2>&1 > /dev/null && /sbin/service ipsec start 2>&1 > /dev/null \|\| :
148	fi
149
150	%postun module
151	%post module
152
153	%post userland
154	chkconfig --add ipsec
155
156	%changelog
157	* Fri Aug 22 2003 Sam Sgro <sam@freeswan.org>
158	- Juggling release/source package names to allow for
159	-pre/-rc releases to build.
160
161	* Thu Aug 14 2003 Sam Sgro <sam@freeswan.org>
162	- Reverting back to pre-x.509 version, cosmetic changes.
163
164	* Tue May 20 2003 Charlie Brady <charlieb@e-smith.com> 2.0.0-x509_1.3.2_2es
165	- Add "Obsoletes: freeswan" to userland RPM.
166
167	* Fri May 16 2003 Charlie Brady <charlieb@e-smith.com> 2.0.0-x509_1.3.2_1es
168	- Add version 1.3.2 of the x509 patch.
169	- Add missing /usr/libexec/ipsec dir and files.
170	- Minor tidy up of spec file.
171
172	* Thu May 15 2003 Charlie Brady <charlieb@e-smith.com> 2.0.0-1es
173	- Based on work by Paul Lahaie of Steamballoon, Michael
174	Richardson of freeS/WAN team and Tuomo Soini <tis@foobar.fi>.
175	- Build freeswan RPMs from a single source RPM, for RedHat, but
176	should work on any RPM based system.