1 # RPM spec file for remctl.
3 # Written by Russ Allbery <eagle@eyrie.org>
4 # Improvements by Thomas Kula and Darren Patterson
5 # Copyright 2018, 2020, 2022 Russ Allbery <eagle@eyrie.org>
6 # Copyright 2006-2007, 2012-2013
7 # The Board of Trustees of the Leland Stanford Junior University
9 # SPDX-License-Identifier: MIT
11 %if 0%{?sles_version:1}
12 %define relsuffix sles%{sles_version}
13 %if %{sles_version} >= 12
14 %define with_systemd 1
17 %define rel %(cat /etc/redhat-release | cut -d ' ' -f 7 | cut -d'.' -f1)
18 %define relsuffix EL%{rel}
20 %define with_systemd 1
24 # this is needed for Stanford packaging automation
27 # Use rpmbuild option "--define 'buildperl 0'" to not build the Perl module.
28 %{!?buildperl:%define buildperl 1}
29 # Use rpmbuild option "--define 'buildperl 0'" to not build the php bindings.
30 %{!?buildphp:%define buildphp 1}
31 # Use rpmbuild option "--define 'buildperl 0'" to not build the ruby bindings.
32 %{!?buildruby:%define buildruby 1}
34 # Use rpmbuild option "--define 'buildpython 0'" to not build the Python module.
35 %{!?buildpython:%define buildpython 1}
37 %define py_version %(python -c "from distutils.sysconfig import get_python_version; print(get_python_version())" )
38 %define py_libdest %(python -c "from distutils.sysconfig import get_config_vars; print(get_config_vars()[ 'LIBDEST' ])")
39 %define py_binlibdest %(python -c "from distutils.sysconfig import get_config_vars; print(get_config_vars()[ 'BINLIBDEST' ])")
43 Summary: Client/server for Kerberos-authenticated command execution
45 Release: 1.%{relsuffix}
46 %if 0%{?rel} >= 4 || 0%{?sles_version:1}
51 URL: https://www.eyrie.org/~eagle/software/remctl/
52 Source: https://archives.eyrie.org/software/kerberos/%{name}-%{version}.tar.gz
53 Group: System Environment/Daemons
54 Vendor: Stanford University
55 Packager: Russ Allbery <eagle@eyrie.org>
56 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
57 BuildRequires: krb5-devel, libgcrypt, libevent-devel
59 BuildRequires: perl(Module::Build)
62 BuildRequires: python-devel, python
65 BuildRequires: php-devel
68 BuildRequires: ruby, ruby-devel
70 %if 0%{?sles_version:1}
71 %if 0%{?with_systemd:1}
72 BuildRequires: systemd-rpm-macros
74 Distribution: SUSE Linux Enterprise %{sles_version}
76 %if 0%{?with_systemd:1}
77 BuildRequires: systemd-units
87 # RHEL 5/6 compatibility for PHP
89 %global php_apiver %((echo 0; php -i 2>/dev/null | sed -n 's/^PHP API => //p') | tail -1)
90 %{!?php_extdir: %{expand: %%global php_extdir %(php-config --extension-dir)}}
92 %if 0%{?rel} == 5 || 0%{?rel} == 6
93 %{!?php_inidir: %{expand: %%global php_inidir %{_sysconfdir}/php.d }}
98 # RHEL 5 compatibility for Python
100 %{!?python_sitelib: %global python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print(get_python_lib())")}
101 %{!?python_sitearch: %global python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print(get_python_lib(1))")}
106 # RHEL 5/6 compatibility for Ruby
108 %{!?ruby_vendorarchdir: %global ruby_vendorarchdir %(ruby -rrbconfig -e 'puts Config::CONFIG["sitearchdir"] ')}
111 %{!?ruby_vendorarchdir: %global ruby_vendorarchdir %(ruby -rrbconfig -e 'puts Config::CONFIG["vendorarchdir"] ')}
117 remctl is a client/server protocol for executing specific commands on a
118 remote system with Kerberos authentication. The allowable commands must
119 be listed in a server configuration file, and the executable run on the
120 server may be mapped to any command name. Each command is also associated
121 with an ACL containing a list of Kerberos principals authorized to run
125 Summary: Server for Kerberos-authenticated command execution
126 Group: System Environment/Daemons
130 remctl is a client/server protocol for executing specific commands on a
131 remote system with Kerberos authentication. The allowable commands must
132 be listed in a server configuration file, and the executable run on the
133 server may be mapped to any command name. Each command is also associated
134 with an ACL containing a list of Kerberos principals authorized to run
137 This package contains the server (remctld).
140 Summary: Development files for remctl
141 Group: Applications/Internet
142 Requires: %{name}-client = %{version}-%{release}
145 remctl is a client/server protocol for executing specific commands on a
146 remote system with Kerberos authentication. The allowable commands must
147 be listed in a server configuration file, and the executable run on the
148 server may be mapped to any command name. Each command is also associated
149 with an ACL containing a list of Kerberos principals authorized to run
152 This package contains the development files.
155 Summary: Client for Kerberos-authenticated command execution
156 Group: Applications/Internet
159 remctl is a client/server protocol for executing specific commands on a
160 remote system with Kerberos authentication. The allowable commands must
161 be listed in a server configuration file, and the executable run on the
162 server may be mapped to any command name. Each command is also associated
163 with an ACL containing a list of Kerberos principals authorized to run
166 This package contains the client program (remctl) and the client libraries.
170 Summary: PHP interface to remctl
171 Group: Development/Libraries
172 Requires: %{name}-client = %{version}-%{release}
174 Requires: php-api = %{php_apiver}
176 Requires: php(zend-abi) = %{php_zend_api}
177 Requires: php(api) = %{php_core_api}
181 remctl is a client/server protocol for executing specific commands on a
182 remote system with Kerberos authentication. The allowable commands must
183 be listed in a server configuration file, and the executable run on the
184 server may be mapped to any command name. Each command is also associated
185 with an ACL containing a list of Kerberos principals authorized to run
188 This package contains the PHP remctl client library.
193 Summary: Python library for Kerberos-authenticated command execution
194 Group: Applications/Internet
195 Requires: %{name}-client = %{version}-%{release}
198 remctl is a client/server protocol for executing specific commands on a
199 remote system with Kerberos authentication. The allowable commands must
200 be listed in a server configuration file, and the executable run on the
201 server may be mapped to any command name. Each command is also associated
202 with an ACL containing a list of Kerberos principals authorized to run
205 This package contains the Python remctl client library.
210 Summary: Ruby interface to remctl
211 Group: Development/Libraries
212 Requires: %{name}-client = %{version}-%{release}
214 Requires: ruby(abi) = 1.8
216 Requires: ruby(abi) = 1.9.1
218 Provides: ruby(remctl) = %{version}-%{release}
221 remctl is a client/server protocol for executing specific commands on a
222 remote system with Kerberos authentication. The allowable commands must
223 be listed in a server configuration file, and the executable run on the
224 server may be mapped to any command name. Each command is also associated
225 with an ACL containing a list of Kerberos principals authorized to run
228 This package contains the Ruby remctl client library.
233 Summary: Perl library for Kerberos-authenticated command execution
234 Group: Applications/Internet
235 %if 0%{?sles_version:1} == 0
236 Requires: perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version))
238 Requires: %{name}-client = %{version}-%{release}
241 remctl is a client/server protocol for executing specific commands on a
242 remote system with Kerberos authentication. The allowable commands must
243 be listed in a server configuration file, and the executable run on the
244 server may be mapped to any command name. Each command is also associated
245 with an ACL containing a list of Kerberos principals authorized to run
248 This package contains the Perl remctl client library.
252 %setup -q -n remctl-%{version}
255 options="--disable-static --libdir=%{_libdir} --sysconfdir=/etc/remctl"
257 options="$options --enable-ruby"
260 options="$options --enable-php"
263 options="$options --enable-perl"
266 options="$options --enable-python"
269 export PATH="/usr/kerberos/bin:/sbin:/bin:/usr/sbin:$PATH"
270 export REMCTL_PERL_FLAGS="--installdirs=vendor"
272 export REMCTL_PERL_FLAGS="$REMCTL_PERL_FLAGS --prefix=/usr"
279 %{__rm} -rf %{buildroot}
282 options="$options RUBYARCHDIR=%{buildroot}%{ruby_vendorarchdir}"
284 make install DESTDIR=%{buildroot} INSTALL="install -p" \
285 INSTALLDIRS=vendor $options
286 %if !0%{?with_systemd:1}
287 mkdir -p %{buildroot}/etc/xinetd.d
288 install -c -m 0644 examples/xinetd %{buildroot}/etc/xinetd.d/remctl
290 mkdir -p %{buildroot}/etc/remctl/acl
291 mkdir -p %{buildroot}/etc/remctl/conf.d
292 mkdir -p %{buildroot}/usr/share/doc/remctl-{server,client}-%{vers}
293 chmod 755 %{buildroot}/usr/share/doc/remctl-{server,client}-%{vers}
294 install -c -m 0644 examples/remctl.conf %{buildroot}/etc/remctl/remctl.conf
296 find %{buildroot} -type f -name perllocal.pod -exec rm -f {} \;
297 find %{buildroot} -type f -name .packlist -exec rm -f {} \;
298 find %{buildroot} -type f -name '*.bs' -size 0 -exec rm -f {} \;
299 find %{buildroot} -type f -name Remctl.so -exec chmod 755 {} \;
300 mkdir -p %{buildroot}/usr/share/doc/remctl-perl-%{vers}
301 chmod 755 %{buildroot}/usr/share/doc/remctl-perl-%{vers}
304 mkdir -p %{buildroot}/usr/share/doc/remctl-python-%{vers}
305 chmod 755 %{buildroot}/usr/share/doc/remctl-python-%{vers}
306 find %{buildroot} -name _remctl.so -exec chmod 755 {} \;
309 mkdir -p %{buildroot}/usr/share/doc/remctl-ruby-%{vers}
310 chmod 755 %{buildroot}/usr/share/doc/remctl-ruby-%{vers}
313 mkdir -p %{buildroot}/usr/share/doc/remctl-php-%{vers}
314 chmod 755 %{buildroot}/usr/share/doc/remctl-php-%{vers}
316 mkdir -p %{buildroot}%{php_inidir}
317 install -m 0644 -p php/remctl.ini %{buildroot}%{php_inidir}
319 %if 0%{?sles_version:1}
320 mkdir -p %{buildroot}/etc/sysconfig/SuSEfirewall2.d/services
321 cat <<EOF >%{buildroot}/etc/sysconfig/SuSEfirewall2.d/services/remctld
322 ## Name: Remctl Server
323 ## Description: Open ports for Kerberos-authenticated command execution
330 %defattr(-, root, root)
331 /usr/include/remctl.h
332 %doc %{_mandir}/man3/remctl*
333 %{_libdir}/pkgconfig/libremctl.pc
336 %defattr(-, root, root)
338 %doc NEWS README TODO
339 %{_libdir}/libremctl.la
340 %{_libdir}/libremctl.so
341 %{_libdir}/libremctl.so.*
342 %doc %{_mandir}/man1/remctl.*
345 %defattr(-, root, root)
348 %doc NEWS README TODO
349 %doc %{_mandir}/*/remctld.*
350 %if !0%{?with_systemd:1}
351 %config /etc/xinetd.d/remctl
353 %config(noreplace) /etc/remctl/remctl.conf
354 %dir /etc/remctl/acl/
355 %dir /etc/remctl/conf.d/
356 %if 0%{?sles_version:1}
357 /etc/sysconfig/SuSEfirewall2.d/services/remctld
359 %if 0%{?with_systemd:1}
360 %{_unitdir}/remctld.service
361 %{_unitdir}/remctld.socket
366 %defattr(-, root, root)
367 %{python_sitearch}/_remctl.so
368 %{python_sitearch}/remctl.py*
370 %{python_sitearch}/pyremctl-%{version}-*.egg-info
378 %defattr(-,root,root,-)
379 %{perl_vendorarch}/Net
380 %{perl_vendorarch}/auto/Net
381 %doc %{_mandir}/man3/Net::Remctl*
387 %defattr(-,root,root,-)
390 %{php_extdir}/remctl.so
391 %config(noreplace) %{php_inidir}/remctl.ini
395 %defattr(-,root,root,-)
397 %defattr(-,root,root,-)
400 %{ruby_vendorarchdir}/remctl.so
403 %if 0%{?with_systemd:1} && 0%{?rel:1}
405 %systemd_preun remctld.service
407 %if 0%{?with_systemd:1} && 0%{?sles_version:1}
409 %service_add_pre remctld.service
411 %service_del_preun remctld.service
414 %post client -p /sbin/ldconfig
417 # If this is the first remctl install, add remctl to /etc/services and
418 # restart xinetd to pick up its new configuration.
419 if [ "$1" = 1 ] ; then
420 if grep -q '^remctl' /etc/services ; then
423 echo 'remctl 4373/tcp' >> /etc/services
425 %if !0%{?with_systemd:1}
426 if [ -f /var/run/xinetd.pid ] ; then
427 kill -HUP `cat /var/run/xinetd.pid`
431 %if 0%{?with_systemd:1} && 0%{?rel:1}
432 %systemd_post remctld.service
434 %if 0%{?with_systemd:1} && 0%{?sles_version:1}
435 %service_add_post remctld.service
438 %postun client -p /sbin/ldconfig
441 # If we're the last remctl package, remove the /etc/services line and
442 # restart xinetd to reflect its new configuration.
443 if [ "$1" = 0 ] ; then
444 if [ ! -f /usr/sbin/remctld ] ; then
445 if grep -q "^remctl" /etc/services ; then
446 grep -v "^remctl" /etc/services > /etc/services.tmp
447 mv -f /etc/services.tmp /etc/services
449 %if !0%{?with_systemd:1}
450 if [ -f /var/run/xinetd.pid ] ; then
451 kill -HUP `cat /var/run/xinetd.pid`
456 %if 0%{?with_systemd:1} && 0%{?rel:1}
457 %systemd_postun_with_restart remctld.service
459 %if 0%{?with_systemd:1} && 0%{?sles_version:1}
460 %service_del_postun remctld.service
465 %{__rm} -rf %{buildroot}
468 * Sun May 8 2022 Russ Allbery <eagle@eyrie.org> 3.18-1
471 * Sun Dec 13 2020 Russ Allbery <eagle@eyrie.org> 3.17-1
474 * Sat May 5 2018 Russ Allbery <eagle@eyrie.org> 3.15-1
477 * Sat Mar 31 2018 Russ Allbery <eagle@eyrie.org> 3.14-1
480 * Sat May 7 2016 Russ Allbery <eagle@eyrie.org> 3.11-1
482 - add systemd support
484 - add libevent dependency
486 * Thu Apr 11 2013 Darren Patterson <darrenp1@stanford.edu> 3.4-1
487 - update to 3.4, and merged some changes from ktdreyer in EPEL spec
488 - split out perl, php, ruby
490 * Tue Jul 17 2012 Darren Patterson <darrenp1@stanford.edu> 3.2-2
491 - spec fixes for build issues around perl and lib dirs
492 - move perl to vendor_perl on EL6
493 - re-add missing devel package
494 - change arch to i686 from i386 (if 32bit build)
495 - added missing/required doc to python package
496 - general cleanup for rpmlint
498 * Tue Jun 19 2012 Russ Allbery <eagle@eyrie.org> 3.2-1
501 * Thu Feb 23 2012 Russ Allbery <eagle@eyrie.org> 3.1-1
504 * Wed Feb 15 2012 Thomas L. Kula <tlk2126@columbia.edu> 3.0-1
506 - Add support for Python bindings, building as a sub-package
508 * Sun May 2 2010 Russ Allbery <eagle@eyrie.org> 2.16-1
510 - Ruby bindings also not yet supported.
512 * Fri Nov 14 2008 Russ Allbery <eagle@eyrie.org> 2.13-1
514 - PHP and Python bindings not yet supported.
516 * Fri Apr 4 2008 Russ Allbery <eagle@eyrie.org> 2.12-1
519 * Fri Nov 9 2007 Russ Allbery <eagle@eyrie.org> 2.11-1
521 - Change port configuration to 4373.
523 * Sun Aug 26 2007 Russ Allbery <eagle@eyrie.org> 2.10-1
525 - Incorporate changes by Darren Patterson to install the Perl module.
527 * Sun Mar 25 2007 Russ Allbery <eagle@eyrie.org> 2.7-1
530 * Sat Feb 3 2007 Russ Allbery <eagle@eyrie.org> 2.6-1
533 * Sat Feb 3 2007 Russ Allbery <eagle@eyrie.org> 2.5-1
535 - Incorporate changes by Darren Patterson to split into subpackages for
536 client and server and remove krb5-workstation requirement.
538 * Wed Jan 17 2007 Russ Allbery <eagle@eyrie.org> 2.4-1
540 - Changed permissions on the ACL directory to allow any user read.
541 - Added fix for /usr/lib64 directory on x86_64.
543 * Tue Aug 22 2006 Russ Allbery <eagle@eyrie.org> 2.1-1
545 - Incorporate changes by Digant Kasundra and Darren Patterson to the
546 Stanford-local RPM spec file, including looking for libraries in the
547 correct path, creating the /etc/remctl structure, running ldconfig,
548 and handling library installation properly.
549 - Build remctl to look in /etc/remctl/remctl.conf for its config.
550 - Install the examples/remctl.conf file as /etc/remctl/remctl.conf.
552 * Mon Aug 7 2006 Russ Allbery <eagle@eyrie.org> 2.0-1
553 - New upstream release that now provides a library as well.
554 - Add TODO to documentation files.
556 * Fri Mar 24 2006 Russ Allbery <eagle@eyrie.org> 1.12-3
557 - Lots of modifications based on the contributed kstart spec file.
558 - Use more internal RPM variables.
559 - Borrow the description from the Debian packages.
561 * Sun Feb 19 2006 Digant C Kasundra <digant@stanford.edu> 1.12-2