squid-vl.spec 11 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410
  1. %define __perl_requires %{SOURCE98}
  2. Name: squid
  3. Version: 3.0.STABLE25
  4. Release: 2%{_dist_release}
  5. Summary: The Squid proxy caching server
  6. Summary(ja): Squid ウェブプロキシキャッシュ
  7. Epoch: 7
  8. License: GPLv2+
  9. Group: System Environment/Daemons
  10. URL: http://www.squid-cache.org
  11. Source: http://www.squid-cache.org/Squid/Versions/v3/3.0/squid-%{version}.tar.bz2
  12. Source1: FAQ.sgml
  13. Source2: squid.init
  14. Source3: squid.logrotate
  15. Source4: squid.sysconfig
  16. Source5: squid.pam
  17. Source98: perl-requires-squid.sh
  18. # Upstream patches
  19. #Patch001: http://www.squid-cache.org/Versions/v3/3.0/changesets/bXXXX.patch
  20. Patch002: http://www.squid-cache.org/Versions/v3/3.0/changesets/squid-3.0-9189.patch
  21. # External patches
  22. # Local patches
  23. # Applying upstream patches first makes it less likely that local patches
  24. # will break upstream ones.
  25. Patch201: squid-3.0.STABLE1-config.patch
  26. Patch202: squid-3.0.STABLE1-location.patch
  27. Patch203: squid-3.0.STABLE15-build.patch
  28. Patch204: squid-3.0.STABLE1-perlpath.patch
  29. Patch205: squid-3.0.STABLE1-smb-path.patch
  30. Patch208: squid-3.0.STABLE7-from_manpg.patch
  31. Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
  32. Requires: bash >= 2.0
  33. Requires(pre): shadow-utils
  34. Requires(post): /sbin/chkconfig
  35. Requires(preun): /sbin/service /sbin/chkconfig
  36. Requires(postun): /sbin/service
  37. BuildRequires: openjade linuxdoc-tools
  38. BuildRequires: openldap-devel pam-devel openssl-devel krb5-devel
  39. BuildRequires: cyrus-sasl-devel
  40. Obsoletes: squid-novm
  41. # Obsoletes: squid26
  42. %description
  43. Squid is a high-performance proxy caching server for Web clients,
  44. supporting FTP, gopher, and HTTP data objects. Unlike traditional
  45. caching software, Squid handles all requests in a single,
  46. non-blocking, I/O-driven process. Squid keeps meta data and especially
  47. hot objects cached in RAM, caches DNS lookups, supports non-blocking
  48. DNS lookups, and implements negative caching of failed requests.
  49. Squid consists of a main server program squid, a Domain Name System
  50. lookup program (dnsserver), a program for retrieving FTP data
  51. (ftpget), and some management and client tools.
  52. %description -l ja
  53. Squid はウェブクライアントのための高性能のプロキシキャッシュサーバで、
  54. FTP, gopher, HTTP データオブジェクトに対応しています。これまでの
  55. キャッシュソフトウェアと違い、 Squid は全ての要求を、単一の
  56. ブロックしない I/O ドリブンのプロセスで処理します。 Squid はメタデータや
  57. ホットなオブジェクトを RAM に保持し、 DNS 問い合わせをキャッシュします。
  58. ブロック無しの DNS 問い合わせをサポートし、失敗した要求のネガティブ
  59. キャッシングが実装されています。
  60. Squid は、メインのサーバプログラム squid と、 Domain Name System
  61. 問い合わせプログラム (dnsserver) と、 FTP データを取得するプログラム
  62. (ftpget) と、いくつかの管理用またはクライアントツールから成ります。
  63. %prep
  64. %setup -q
  65. %patch002 -p0 -b .CVE-2010-3072
  66. %patch201 -p1 -b .config
  67. %patch202 -p1 -b .location
  68. %patch203 -p1 -b .build
  69. %patch204 -p1 -b .perlpath
  70. %patch205 -p1 -b .smb-path
  71. %patch208 -p1 -b .from_manpg
  72. %build
  73. export CXXFLAGS="-fPIE %{optflags}" ; export CFLAGS="-fPIE -Os -g -pipe -fsigned-char %{optflags}" ; export LDFLAGS="-pie" ;
  74. %configure \
  75. --exec_prefix=/usr \
  76. --bindir=%{_sbindir} \
  77. --libexecdir=%{_libdir}/squid \
  78. --localstatedir=/var \
  79. --datadir=%{_datadir} \
  80. --sysconfdir=/etc/squid \
  81. --disable-dependency-tracking \
  82. --enable-arp-acl \
  83. --enable-auth="basic,digest,ntlm,negotiate" \
  84. --enable-basic-auth-helpers="LDAP,MSNT,NCSA,PAM,SMB,YP,getpwnam,multi-domain-NTLM,SASL" \
  85. --enable-negotiate-auth-helpers="squid_kerb_auth" \
  86. --enable-cache-digests \
  87. --enable-cachemgr-hostname=localhost \
  88. --enable-delay-pools \
  89. --enable-digest-auth-helpers="password" \
  90. --enable-epoll \
  91. --enable-external-acl-helpers="ip_user,ldap_group,unix_group,wbinfo_group" \
  92. --enable-icap-client \
  93. --enable-ident-lookups \
  94. %ifnarch ppc64 ia64 x86_64 s390x
  95. --with-large-files \
  96. %endif
  97. --enable-linux-netfilter \
  98. --enable-ntlm-auth-helpers="SMB,fakeauth" \
  99. --enable-referer-log \
  100. --enable-removal-policies="heap,lru" \
  101. --enable-snmp \
  102. --enable-ssl \
  103. --enable-storeio="aufs,diskd,null,ufs" \
  104. --enable-useragent-log \
  105. --enable-wccpv2 \
  106. --with-aio \
  107. --with-default-user="squid" \
  108. --with-filedescriptors=16384 \
  109. --with-dl \
  110. --with-pthreads
  111. # following options are disabled by vine
  112. # --with-openssl=/usr/kerberos \
  113. # following options are no longer supported
  114. # --with-winbind-auth-challenge \
  115. # --enable-follow-x-forwarded-for \
  116. # --enable-fd-config \
  117. # --with-maxfd=16384 \
  118. # --enable-underscores \
  119. export CXXFLAGS="-fPIE" ; export CFLAGS="-fPIE -Os -g -pipe -fsigned-char" ; export LDFLAGS="-pie" ;
  120. make %{?_smp_mflags}
  121. mkdir faq
  122. cp %{SOURCE1} faq
  123. cd faq
  124. sgml2html FAQ.sgml
  125. %install
  126. rm -rf $RPM_BUILD_ROOT
  127. %makeinstall \
  128. sysconfdir=$RPM_BUILD_ROOT/etc/squid \
  129. localstatedir=$RPM_BUILD_ROOT/var \
  130. bindir=$RPM_BUILD_ROOT/%{_sbindir} \
  131. libexecdir=$RPM_BUILD_ROOT/%{_libdir}/squid
  132. echo "
  133. #
  134. # This is /etc/httpd/conf.d/squid.conf
  135. #
  136. ScriptAlias /Squid/cgi-bin/cachemgr.cgi %{_libdir}/squid/cachemgr.cgi
  137. # Only allow access from localhost by default
  138. <Location /Squid/cgi-bin/cachemgr.cgi>
  139. order allow,deny
  140. allow from localhost.localdomain
  141. # Add additional allowed hosts as needed
  142. # allow from .example.com
  143. </Location>" > $RPM_BUILD_ROOT/squid.httpd.tmp
  144. ln -s ../../%{_datadir}/squid/errors/English $RPM_BUILD_ROOT/etc/squid/errors
  145. ln -s ../../%{_datadir}/squid/icons $RPM_BUILD_ROOT/etc/squid/icons
  146. mkdir -p $RPM_BUILD_ROOT/etc/rc.d/init.d
  147. mkdir -p $RPM_BUILD_ROOT/etc/logrotate.d
  148. mkdir -p $RPM_BUILD_ROOT/etc/sysconfig
  149. mkdir -p $RPM_BUILD_ROOT/etc/pam.d
  150. mkdir -p $RPM_BUILD_ROOT/etc/httpd/conf.d/
  151. install -m 755 %{SOURCE2} $RPM_BUILD_ROOT/etc/rc.d/init.d/squid
  152. install -m 644 %{SOURCE3} $RPM_BUILD_ROOT/etc/logrotate.d/squid
  153. install -m 644 %{SOURCE4} $RPM_BUILD_ROOT/etc/sysconfig/squid
  154. install -m 644 %{SOURCE5} $RPM_BUILD_ROOT/etc/pam.d/squid
  155. install -m 644 $RPM_BUILD_ROOT/squid.httpd.tmp $RPM_BUILD_ROOT/etc/httpd/conf.d/squid.conf
  156. mkdir -p $RPM_BUILD_ROOT/var/log/squid
  157. mkdir -p $RPM_BUILD_ROOT/var/spool/squid
  158. chmod 644 contrib/url-normalizer.pl contrib/rredir.* contrib/user-agents.pl
  159. iconv -f ISO88591 -t UTF8 ChangeLog -o ChangeLog.tmp
  160. mv -f ChangeLog.tmp ChangeLog
  161. # remove unpackaged files from the buildroot
  162. rm -f $RPM_BUILD_ROOT%{_sbindir}/{RunAccel,RunCache}
  163. rm -f $RPM_BUILD_ROOT/squid.httpd.tmp
  164. %clean
  165. rm -rf $RPM_BUILD_ROOT
  166. %files
  167. %defattr(-,root,root,-)
  168. %doc faq/*\.html README ChangeLog QUICKSTART
  169. %doc contrib/url-normalizer.pl contrib/rredir.* contrib/user-agents.pl
  170. %attr(755,root,root) %dir /etc/squid
  171. %attr(755,root,root) %dir %{_libdir}/squid
  172. %attr(750,squid,squid) %dir /var/log/squid
  173. %attr(750,squid,squid) %dir /var/spool/squid
  174. %attr(4750,root,squid) %{_libdir}/squid/ncsa_auth
  175. %attr(4750,root,squid) %{_libdir}/squid/pam_auth
  176. %config(noreplace) %attr(644,root,root) /etc/httpd/conf.d/squid.conf
  177. %config(noreplace) %attr(640,root,squid) /etc/squid/squid.conf
  178. %config(noreplace) %attr(644,root,squid) /etc/squid/cachemgr.conf
  179. %config(noreplace) /etc/squid/mime.conf
  180. %config(noreplace) /etc/sysconfig/squid
  181. %config(noreplace) /etc/squid/msntauth.conf
  182. %config(noreplace) /etc/squid/mib.txt
  183. # These are not noreplace because they are just sample config files
  184. %config /etc/squid/msntauth.conf.default
  185. %config /etc/squid/squid.conf.default
  186. %config /etc/squid/mime.conf.default
  187. %config /etc/squid/cachemgr.conf.default
  188. %config(noreplace) /etc/pam.d/squid
  189. %config(noreplace) /etc/logrotate.d/squid
  190. %config(noreplace) /etc/squid/errors
  191. %dir %{_datadir}/squid
  192. %attr(-,root,root) %{_datadir}/squid/errors
  193. %attr(-,root,root) /etc/squid/icons
  194. %attr(755,root,root) /etc/rc.d/init.d/squid
  195. %{_datadir}/squid/icons
  196. %{_sbindir}/squid
  197. %{_sbindir}/squidclient
  198. %{_mandir}/man8/*
  199. %{_libdir}/squid/*
  200. %pre
  201. if ! getent group squid >/dev/null 2>&1; then
  202. /usr/sbin/groupadd -g 23 squid
  203. fi
  204. if ! getent passwd squid >/dev/null 2>&1 ; then
  205. /usr/sbin/useradd -g 23 -u 23 -d /var/spool/squid -r -s /sbin/nologin squid >/dev/null 2>&1 || exit 1
  206. fi
  207. for i in /var/log/squid /var/spool/squid ; do
  208. if [ -d $i ] ; then
  209. for adir in `find $i -maxdepth 0 \! -user squid`; do
  210. chown -R squid:squid $adir
  211. done
  212. fi
  213. done
  214. exit 0
  215. %post
  216. /sbin/chkconfig --add squid
  217. if [ $1 = 0 ]; then
  218. case "$LANG" in
  219. bg*)
  220. DIR=Bulgarian
  221. ;;
  222. ca*)
  223. DIR=Catalan
  224. ;;
  225. cs*)
  226. DIR=Czech
  227. ;;
  228. da*)
  229. DIR=Danish
  230. ;;
  231. nl*)
  232. DIR=Dutch
  233. ;;
  234. en*)
  235. DIR=English
  236. ;;
  237. ea*)
  238. DIR=Estonian
  239. ;;
  240. fi*)
  241. DIR=Finnish
  242. ;;
  243. fr*)
  244. DIR=French
  245. ;;
  246. de*)
  247. DIR=German
  248. ;;
  249. he*)
  250. DIR=Hebrew
  251. ;;
  252. hu*)
  253. DIR=Hungarian
  254. ;;
  255. it*)
  256. DIR=Italian
  257. ;;
  258. ja*)
  259. DIR=Japanese
  260. ;;
  261. kr*)
  262. DIR=Korean
  263. ;;
  264. pl*)
  265. DIR=Polish
  266. ;;
  267. pt*)
  268. DIR=Portuguese
  269. ;;
  270. ro*)
  271. DIR=Romanian
  272. ;;
  273. ru*)
  274. DIR=Russian-koi8-r
  275. ;;
  276. sr*)
  277. DIR=Serbian
  278. ;;
  279. sk*)
  280. DIR=Slovak
  281. ;;
  282. es*)
  283. DIR=Spanish
  284. ;;
  285. sv*)
  286. DIR=Swedish
  287. ;;
  288. zh_TW*)
  289. DIR=Traditional_Chinese
  290. ;;
  291. zh_CN*)
  292. DIR=Simplify_Chinese
  293. ;;
  294. tr*)
  295. DIR=Turkish
  296. ;;
  297. greek)
  298. DIR=Greek
  299. ;;
  300. *)
  301. DIR=English
  302. ;;
  303. esac
  304. ln -snf %{_datadir}/squid/errors/$DIR /etc/squid/errors
  305. fi
  306. %preun
  307. if [ $1 = 0 ] ; then
  308. service squid stop >/dev/null 2>&1
  309. rm -f /var/log/squid/*
  310. /sbin/chkconfig --del squid
  311. fi
  312. %postun
  313. if [ "$1" -ge "1" ] ; then
  314. # service squid condrestart >/dev/null 2>&1
  315. service squid condrestart
  316. fi
  317. %triggerin -- samba-common
  318. /usr/sbin/usermod -a -G wbpriv squid >/dev/null 2>&1 || \
  319. chgrp squid /var/cache/samba/winbindd_privileged >/dev/null 2>&1 || :
  320. %changelog
  321. * Mon Sep 20 2010 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp>
  322. - 7:3.0.STABLE25-2
  323. - add patch001 for fix CVE-2010-3072
  324. * Tue Mar 16 2010 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp>
  325. - 7:3.0.STABLE25-1
  326. - new upstream release
  327. * Tue Mar 9 2010 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp>
  328. - 7:3.0.STABLE24-1
  329. - new upstream release
  330. * Wed Feb 3 2010 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp>
  331. - 7:3.0.STABLE23-1
  332. - new upstream release with security fix (Handle DNS header-only packet)
  333. * Wed Aug 5 2009 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp>
  334. - 7:3.0.STABLE18-1
  335. - new upstream release
  336. - add ja summary/discription
  337. * Tue Jul 28 2009 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp>
  338. - 7:3.0.STABLE17-1
  339. - new upstream release
  340. - drop patch209 (is included in new release)
  341. * Mon Jun 22 2009 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp>
  342. - 7:3.0.STABLE16-3
  343. - update patch209 (from upstream)
  344. * Tue Jun 16 2009 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp>
  345. - 7:3.0.STABLE16-2
  346. - add patch209 to fix build error
  347. * Tue Jun 16 2009 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp>
  348. - 7:3.0.STABLE16-1
  349. - new upstream release
  350. * Sat May 09 2009 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp>
  351. - 7:3.0.STABLE15-1
  352. - new upstream release
  353. - update Patch203 to fit new release
  354. * Mon May 04 2009 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp>
  355. - 7:3.0.STABLE14-2
  356. - comment out "Obsoletes: squid26"
  357. * Mon May 04 2009 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp>
  358. - 7:3.0.STABLE14-1
  359. - Initial build for VineSeed / Vine 5.x
  360. - This package is based on Fedora 3.0.STABLE13-1