1 | %define build_compat32 %{?_with_compat32:1}%{!?_with_compat32:0} |
---|
2 | %define LIB_MAJOR 0 |
---|
3 | %define LIB_MINOR 7 |
---|
4 | %define LIB_REL 6 |
---|
5 | |
---|
6 | Summary: A security tool which acts as a wrapper for TCP daemons. |
---|
7 | Summary(ja): TCP デーモンのラッパとして働くセキュリティツール |
---|
8 | Name: tcp_wrappers |
---|
9 | Version: 7.6 |
---|
10 | Release: 39%{?_dist_release} |
---|
11 | License: BSD |
---|
12 | Group: System Environment/Daemons |
---|
13 | Source: ftp://ftp.porcupine.org/pub/security/tcp_wrappers_7.6.tar.gz |
---|
14 | Patch0: tcpw7.2-config.patch |
---|
15 | Patch1: tcpw7.2-setenv.patch |
---|
16 | Patch2: tcpw7.6-netgroup.patch |
---|
17 | Patch3: tcp_wrappers-7.6-bug11881.patch |
---|
18 | Patch4: tcp_wrappers-7.6-bug17795.patch |
---|
19 | Patch5: tcp_wrappers-7.6-bug17847.patch |
---|
20 | Patch6: tcp_wrappers-7.6-fixgethostbyname.patch |
---|
21 | Patch7: tcp_wrappers-7.6-docu.patch |
---|
22 | Patch8: tcp_wrappers-7.6-casesens.patch |
---|
23 | Patch9: tcp_wrappers.usagi-ipv6.patch |
---|
24 | Patch10: tcp_wrappers.ume-ipv6.patch |
---|
25 | Patch11: tcp_wrappers-7.6-shared.patch |
---|
26 | Patch12: tcp_wrappers-7.6-sig.patch |
---|
27 | Patch13: tcp_wrappers-7.6-strerror.patch |
---|
28 | Patch14: tcp_wrappers-7.6-ldflags.patch |
---|
29 | Patch15: tcp_wrappers-7.6-fix_sig-bug141110.patch |
---|
30 | Patch16: tcp_wrappers-7.6-162412.patch |
---|
31 | Patch17: tcp_wrappers-7.6-220015.patch |
---|
32 | Patch18: tcp_wrappers-7.6-restore_sigalarm.patch |
---|
33 | Patch19: tcp_wrappers-7.6-siglongjmp.patch |
---|
34 | Patch20: tcp_wrappers-7.6-sigchld.patch |
---|
35 | Patch21: tcp_wrappers-7.6-196326.patch |
---|
36 | Patch22: tcp_wrappers_7.6-249430.patch |
---|
37 | Patch23: tcp_wrappers-7.6-aclexec.patch |
---|
38 | Patch24: tcp_wrappers-7.6-fix-multidef.patch |
---|
39 | |
---|
40 | # required by sin_scope_id in ipv6 patch |
---|
41 | BuildRequires: glibc-devel >= 2.2 |
---|
42 | BuildRoot: %{_tmppath}/%{name}-%{version}-root |
---|
43 | |
---|
44 | |
---|
45 | %description |
---|
46 | The tcp_wrappers package provides small daemon programs which can |
---|
47 | monitor and filter incoming requests for systat, finger, FTP, telnet, |
---|
48 | rlogin, rsh, exec, tftp, talk and other network services. |
---|
49 | |
---|
50 | Install the tcp_wrappers program if you need a security tool for |
---|
51 | filtering incoming network services requests. |
---|
52 | |
---|
53 | %description -l ja |
---|
54 | tcp_wrapper パッケージには小さなデーモンプログラムが収められており, |
---|
55 | systat, finger, FTP, telnet, rlogin, rsh, exec, tftp, talk, その他 |
---|
56 | 様々なネットワークサービスに対する外部からの要求を監視し,フィルタリング |
---|
57 | することが出来ます. |
---|
58 | |
---|
59 | ネットワークサービスに対する外部からのリクエストをフィルタリング |
---|
60 | 出来るセキュリティツールが必要ならば tcp_wrappers パッケージを |
---|
61 | インストールして下さい. |
---|
62 | |
---|
63 | |
---|
64 | ## to build compat32 for x86_64 architecture support |
---|
65 | %package -n compat32-%{name} |
---|
66 | Summary: A security tool which acts as a wrapper for TCP daemons. |
---|
67 | Summary(ja): TCP デーモンのラッパとして働くセキュリティツール |
---|
68 | Group: System Environment/Daemons |
---|
69 | |
---|
70 | %description -n compat32-%{name} |
---|
71 | The tcp_wrappers package provides small daemon programs which can |
---|
72 | monitor and filter incoming requests for systat, finger, FTP, telnet, |
---|
73 | rlogin, rsh, exec, tftp, talk and other network services. |
---|
74 | |
---|
75 | Install the tcp_wrappers program if you need a security tool for |
---|
76 | filtering incoming network services requests. |
---|
77 | |
---|
78 | |
---|
79 | %prep |
---|
80 | %setup -q -n tcp_wrappers_7.6 |
---|
81 | %patch0 -p1 -b .config |
---|
82 | %patch1 -p1 -b .setenv |
---|
83 | %patch2 -p1 -b .netgroup |
---|
84 | %patch3 -p1 -b .bug11881 |
---|
85 | %patch4 -p1 -b .bug17795 |
---|
86 | %patch5 -p1 -b .bug17847 |
---|
87 | %patch6 -p1 -b .fixgethostbyname |
---|
88 | %patch7 -p1 -b .docu |
---|
89 | %patch8 -p1 -b .man |
---|
90 | %patch9 -p1 -b .usagi-ipv6 |
---|
91 | %patch10 -p1 -b .ume-ipv6 |
---|
92 | %patch11 -p1 -b .shared |
---|
93 | %patch12 -p1 -b .sig |
---|
94 | %patch13 -p1 -b .strerror |
---|
95 | %patch14 -p1 -b .cflags |
---|
96 | %patch15 -p1 -b .fix_sig |
---|
97 | %patch16 -p1 -b .162412 |
---|
98 | %patch17 -p1 -b .220015 |
---|
99 | %patch18 -p1 -b .restore_sigalarm |
---|
100 | %patch19 -p1 -b .siglongjmp |
---|
101 | %patch20 -p1 -b .sigchld |
---|
102 | %patch21 -p1 -b .196326 |
---|
103 | %patch22 -p1 -b .249430 |
---|
104 | %patch23 -p1 -b .aclexec |
---|
105 | %patch24 -p1 -b .multidef |
---|
106 | |
---|
107 | # Disable static library creation by default. |
---|
108 | %define with_static 0 |
---|
109 | |
---|
110 | %build |
---|
111 | make RPM_OPT_FLAGS="$RPM_OPT_FLAGS -fPIC -DPIC -D_REENTRANT -DHAVE_STRERROR -DACLEXEC" \ |
---|
112 | LDFLAGS="-pie" MAJOR=%{LIB_MAJOR} MINOR=%{LIB_MINOR} REL=%{LIB_REL} linux |
---|
113 | |
---|
114 | %install |
---|
115 | [ -n "$RPM_BUILD_ROOT" -a "$RPM_BUILD_ROOT" != / ] && rm -rf $RPM_BUILD_ROOT |
---|
116 | mkdir -p ${RPM_BUILD_ROOT}%{_includedir} |
---|
117 | mkdir -p ${RPM_BUILD_ROOT}%{_libdir} |
---|
118 | mkdir -p ${RPM_BUILD_ROOT}%{_mandir}/man{3,5,8} |
---|
119 | mkdir -p ${RPM_BUILD_ROOT}%{_sbindir} |
---|
120 | |
---|
121 | cp hosts_access.3 ${RPM_BUILD_ROOT}%{_mandir}/man3 |
---|
122 | cp hosts_access.5 hosts_options.5 ${RPM_BUILD_ROOT}%{_mandir}/man5 |
---|
123 | cp tcpd.8 tcpdchk.8 tcpdmatch.8 ${RPM_BUILD_ROOT}%{_mandir}/man8 |
---|
124 | ln -sf hosts_access.5 ${RPM_BUILD_ROOT}%{_mandir}/man5/hosts.allow.5 |
---|
125 | ln -sf hosts_access.5 ${RPM_BUILD_ROOT}%{_mandir}/man5/hosts.deny.5 |
---|
126 | %if %{with_static} |
---|
127 | cp -a libwrap.a ${RPM_BUILD_ROOT}%{_libdir} |
---|
128 | %endif |
---|
129 | cp -a libwrap.so* ${RPM_BUILD_ROOT}%{_libdir} |
---|
130 | install -p -m644 tcpd.h ${RPM_BUILD_ROOT}%{_includedir} |
---|
131 | install -m755 safe_finger ${RPM_BUILD_ROOT}%{_sbindir} |
---|
132 | install -m711 tcpd ${RPM_BUILD_ROOT}%{_sbindir} |
---|
133 | install -m755 try-from ${RPM_BUILD_ROOT}%{_sbindir} |
---|
134 | |
---|
135 | ## XXX remove utilities that expect /etc/inetd.conf (#16059). |
---|
136 | ##install -m755 tcpdchk ${RPM_BUILD_ROOT}%{_sbindir} |
---|
137 | ##install -m755 tcpdmatch ${RPM_BUILD_ROOT}%{_sbindir} |
---|
138 | #rm -f ${RPM_BUILD_ROOT}%{_mandir}/man8/tcpdmatch.* |
---|
139 | #rm -f ${RPM_BUILD_ROOT}%{_mandir}/man8/tcpdchk.* |
---|
140 | |
---|
141 | ## keep tcpdchk and tcpdmatch included here |
---|
142 | ## until xinetd is introduced for Vine Linux.... |
---|
143 | ## |
---|
144 | install -m755 tcpdchk $RPM_BUILD_ROOT%{_sbindir} |
---|
145 | install -m755 tcpdmatch $RPM_BUILD_ROOT%{_sbindir} |
---|
146 | |
---|
147 | %post -p /sbin/ldconfig |
---|
148 | %postun -p /sbin/ldconfig |
---|
149 | |
---|
150 | %post -n compat32-%{name} -p /sbin/ldconfig |
---|
151 | %postun -n compat32-%{name} -p /sbin/ldconfig |
---|
152 | |
---|
153 | %clean |
---|
154 | [ -n "$RPM_BUILD_ROOT" -a "$RPM_BUILD_ROOT" != / ] && rm -rf $RPM_BUILD_ROOT |
---|
155 | |
---|
156 | %files |
---|
157 | %defattr(-,root,root) |
---|
158 | %doc BLURB CHANGES README* DISCLAIMER Banners.Makefile |
---|
159 | %{_mandir}/man[358]/* |
---|
160 | %{_includedir}/* |
---|
161 | %if %{with_static} |
---|
162 | %{_libdir}/*.a |
---|
163 | %endif |
---|
164 | %{_libdir}/*.so |
---|
165 | %{_libdir}/*.so.* |
---|
166 | %{_sbindir}/* |
---|
167 | |
---|
168 | %if %{build_compat32} |
---|
169 | %files -n compat32-%{name} |
---|
170 | %defattr(-,root,root) |
---|
171 | %if %{with_static} |
---|
172 | %{_libdir}/*.a |
---|
173 | %endif |
---|
174 | %{_libdir}/*.so |
---|
175 | %{_libdir}/*.so.* |
---|
176 | %endif |
---|
177 | |
---|
178 | %changelog |
---|
179 | * Tue Aug 07 2012 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 7.6-39 |
---|
180 | - added Patch23 from debian (aclexec support). |
---|
181 | - added Patch24 (fix multiple definition). |
---|
182 | |
---|
183 | * Sun Apr 17 2011 Shu KONNO <owa@bg.wakwak.com> 7.6-38 |
---|
184 | - rebuilt with rpm-4.8.1-3 |
---|
185 | |
---|
186 | * Fri Feb 19 2010 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 7.6-37 |
---|
187 | - s/BuildPrereq/BuildRequires/ |
---|
188 | - added Patch14-22 from FC |
---|
189 | * Wed Jul 25 2007 Tomas Janousek <tjanouse@redhat.com> - 7.6-49 |
---|
190 | - fix for a.b.c.d/255.255.255.255 - fixes #249430 |
---|
191 | * Thu Jun 28 2007 Tomas Janousek <tjanouse@redhat.com> - 7.6-48 |
---|
192 | - compare localhost and localhost.localdomain as the same |
---|
193 | * Wed Jun 06 2007 Tomas Janousek <tjanouse@redhat.com> - 7.6-47 |
---|
194 | - fix the hostname resolving patch for x86_64 |
---|
195 | * Fri May 25 2007 Tomas Janousek <tjanouse@redhat.com> - 7.6-45 |
---|
196 | - unblock and catch SIGCHLD from spawned shell commands, fixes #112975 |
---|
197 | * Mon Apr 16 2007 Tomas Janousek <tjanouse@redhat.com> - 7.6-44 |
---|
198 | - added restore_sigalarm and siglongjmp patches from Debian, fixes #205129 |
---|
199 | * Fri Mar 09 2007 Tomas Janousek <tjanouse@redhat.com> - 7.6-43 |
---|
200 | - resolve hostnames in hosts.{allow,deny}, should fix a bunch of issues with |
---|
201 | IPv4/6 |
---|
202 | * Tue Jan 24 2006 Thomas Woerner <twoerner@redhat.com> 7.6-40 |
---|
203 | - fixed uninitialized fp in function inet_cfg (#162412) |
---|
204 | * Fri May 6 2005 Thomas Woerner <twoerner@redhat.com> 7.6-39 |
---|
205 | - fixed sig patch (#141110). Thanks to Nikita Shulga for the patch |
---|
206 | |
---|
207 | * Mon May 04 2009 NAKAMURA Kenta <kenta@vinelinux.org> 7.6-36 |
---|
208 | - removed unnecessary %%if %{build_compat32} statements |
---|
209 | - removed the static library libwrap.a by default |
---|
210 | |
---|
211 | * Wed Jul 09 2008 Daisuke SUZUKI <daisuke@linux.or.jp> 7.6-35 |
---|
212 | - new versioning policy |
---|
213 | - spec in UTF-8 |
---|
214 | |
---|
215 | * Fri Feb 17 2006 Shu KONNO <owa@bg.wakwak.com> 7.6-34vl3 |
---|
216 | - added compat32-* packages for x86_64 architecture support |
---|
217 | - fixed tcp_wrappers-7.6-shared.patch (which changed gcc to $CC) |
---|
218 | |
---|
219 | * Wed Nov 03 2004 Daisuke SUZUKI <daisuke@linux.or.jp> 7.6-34vl2 |
---|
220 | - new upstream release |
---|
221 | - add libwrap.so* to %%files |
---|
222 | |
---|
223 | * Fri Jul 4 2003 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 7.6-34vl1 |
---|
224 | - based on 7.6-34 from Rawhide, applied some patches |
---|
225 | - rebuild with new toolchains |
---|
226 | - s/Copyright/License/ |
---|
227 | |
---|
228 | * Wed Jan 10 2001 MATSUBAYASHI 'Shaolin' Kohji <shaolin@rhythmaning.org> |
---|
229 | - 7.6-17vl0 |
---|
230 | - based on 7.6-17 from Rawhide |
---|
231 | - added Japanese summary and description |
---|
232 | - keep tcpdmatch and tcpchk still until xinetd is introduced for Vine |
---|
233 | (if so in the future, these two program should be removed again...) |
---|
234 | |
---|
235 | * Sat Dec 30 2000 Jeff Johnson <jbj@redhat.com> |
---|
236 | - permit hosts.{allow,deny} to be assembled from included components (#17795). |
---|
237 | - permit '*' and '?' wildcard matches on hostnames (#17847). |
---|
238 | |
---|
239 | * Sun Nov 19 2000 Bill Nottingham <notting@redhat.com> |
---|
240 | - ia64 needs -fPIC too |
---|
241 | |
---|
242 | * Mon Aug 14 2000 Jeff Johnson <jbj@redhat.com> |
---|
243 | - remove utilities that expect /etc/inetd.conf (#16059). |
---|
244 | |
---|
245 | * Thu Jul 27 2000 Jeff Johnson <jbj@redhat.com> |
---|
246 | - security hardening (#11881). |
---|
247 | |
---|
248 | * Wed Jul 12 2000 Prospector <bugzilla@redhat.com> |
---|
249 | - automatic rebuild |
---|
250 | |
---|
251 | * Tue Jun 6 2000 Jeff Johnson <jbj@redhat.com> |
---|
252 | - FHS packaging. |
---|
253 | |
---|
254 | * Tue May 16 2000 Chris Evans <chris@ferret.lmh.ox.ac.uk> |
---|
255 | - Make tcpd mode -rwx--x--x as a security hardening measure |
---|
256 | |
---|
257 | * Mon Feb 7 2000 Jeff Johnson <jbj@redhat.com> |
---|
258 | - compress man pages. |
---|
259 | |
---|
260 | * Mon Aug 23 1999 Jeff Johnson <jbj@redhat.com> |
---|
261 | - add netgroup support (#3940). |
---|
262 | |
---|
263 | * Wed May 26 1999 Jeff Johnson <jbj@redhat.com> |
---|
264 | - compile on sparc with -fPIC. |
---|
265 | |
---|
266 | * Sun Mar 21 1999 Cristian Gafton <gafton@redhat.com> |
---|
267 | - auto rebuild in the new build environment (release 7) |
---|
268 | |
---|
269 | * Wed Dec 30 1998 Cristian Gafton <gafton@redhat.com> |
---|
270 | - build for glibc 2.1 |
---|
271 | |
---|
272 | * Sat Aug 22 1998 Jeff Johnson <jbj@redhat.com> |
---|
273 | - close setenv bug (problem #690) |
---|
274 | - spec file cleanup |
---|
275 | |
---|
276 | * Thu Jun 25 1998 Alan Cox <alan@redhat.com> |
---|
277 | - Erp where did the Dec 05 patch escape to |
---|
278 | |
---|
279 | * Thu May 07 1998 Prospector System <bugs@redhat.com> |
---|
280 | - translations modified for de, fr, tr |
---|
281 | |
---|
282 | * Fri Dec 05 1997 Erik Troan <ewt@redhat.com> |
---|
283 | - don't build setenv.o module -- it just breaks things |
---|
284 | |
---|
285 | * Wed Oct 29 1997 Marc Ewing <marc@redhat.com> |
---|
286 | - upgrade to 7.6 |
---|
287 | |
---|
288 | * Thu Jul 17 1997 Erik Troan <ewt@redhat.com> |
---|
289 | - built against glibc |
---|
290 | |
---|
291 | * Mon Mar 03 1997 Erik Troan <ewt@redhat.com> |
---|
292 | - Upgraded to version 7.5 |
---|
293 | - Uses a build root |
---|