Hi Gerd,
thanks for your input. I have in fact created a spec with several
subpackages (as suggested by "x509" on freenode loosely based on the
debian packaging logic).
Gerd v. Egidy schrieb:
thanks for investing time into that, I've been doing the same for some time
now...
However, since i'm not a packager yet i'd need someone to "sponsor" me
into the packager group.
This sponsoring process is one of the reasons I haven't done anything into
that direction yet. Sorry that I can't help you with it.
too bad, but maybe we'll find someone :)
If i find a sponsor, would you be interested in becoming a co-maintainer?
apparently that does give one a better chance to get a sponsor.
Would you mind posting your spec (and other files/patches when needed)?
of course i do not. i've attached it to the mail.
Do you have network manager integration as a separate subpackage? I haven't
done that yet.
i have
The stuff I've used here is attached, feel free to copy anything you want from
it.
Kind regards,
Gerd
the only thing i haven't done yet is writing a proper chkconfig enabled
init script for strongswan. did you put any work into that?
best regards,
johannes
Name: strongswan
Version: 4.3.5
Release: 1%{?dist}
Summary: StrongSwan IPSec Implementation
Group: System Environment/Daemons
License: GPL
URL: http://strongswan.org/
Source0:
http://download.strongswan.org/%{name}-%{version}.tar.bz2
BuildRoot: %(mktemp -ud
%{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
# removed kernel-devel
BuildRequires: gmp-devel, openldap-devel, curl-devel, libxml2-devel,
clearsilver-devel, fcgi-devel, mysql-devel, sqlite-devel >= 3.3.1,
libgcrypt-devel, pam-devel, NetworkManager-glib-devel
Provides: ipsec-userland = %{version}-%{release}
Requires: gmp, kernel >= 2.6.1, curl, libxml2, libgcrypt, pam,
NetworkManager-glib
%description
strongSwan is an OpenSource IPsec implementation for the Linux operating
system. It is based on the discontinued FreeS/WAN project and the X.509 patch
which we developed over the last three years.
The focus is on
* simplicity of configuration
* strong encryption and authentication methods
* powerful IPsec policies supporting large and complex VPN networks
This Package contains the userland to enable the native NETKEY IPSEC stack in
linux 2.6
%prep
%setup -q -n %{name}-%{version}
%ifarch i386
%configure --disable-static --enable-curl --enable-ldap --enable-blowfish
--enable-mysql --enable-sqlite --enable-medsrv --enable-medcli --enable-smp
--enable-sql --enable-smartcard --enable-cisco-quirks --enable-eap-sim
--enable-eap-sim-file --enable-eap-identity --enable-eap-md5 --enable-eap-gtc
--enable-eap-aka --enable-eap-mschapv2 --enable-eap-radius
--enable-kernel-pfkey --enable-nat-transport --enable-fast --enable-manager
--enable-mediation --enable-integrity-test --enable-padlock --enable-agent
--disable-dependency-tracking --enable-test-vectors --enable-nm --enable-md4
--enable-scripts
%else
%configure --disable-static --enable-curl --enable-ldap --enable-blowfish
--enable-mysql --enable-sqlite --enable-medsrv --enable-medcli --enable-smp
--enable-sql --enable-smartcard --enable-cisco-quirks --enable-eap-sim
--enable-eap-sim-file --enable-eap-identity --enable-eap-md5 --enable-eap-gtc
--enable-eap-aka --enable-eap-mschapv2 --enable-eap-radius
--enable-kernel-pfkey --enable-nat-transport --enable-fast --enable-manager
--enable-mediation --enable-integrity-test --enable-agent
--disable-dependency-tracking --enable-test-vectors --enable-nm --enable-md4
--enable-scripts
%endif
%build
LD_LIBRARY_PATH="." make %{?_smp_mflags} RPM_OPT_FLAGS="$RPM_OPT_FLAGS"
LDFLAGS="-L%{_libdir}/mysql $LDFLAGS"
%install
rm -rf $RPM_BUILD_ROOT
make %{?_smp_mflags} install DESTDIR=$RPM_BUILD_ROOT
#libtool --finish %{_libexecdir}/ipsec
find $RPM_BUILD_ROOT -name \*.la -delete
%clean
rm -rf $RPM_BUILD_ROOT
%package starter
Group: System Environment/Daemons
Summary: strongSwan daemon starter and configuration file parser
%description starter
The starter and the associated "ipsec" script control both pluto and charon
from the command line. It parses ipsec.conf and loads the configurations to the
daemons. While the IKEv2 daemon can use other configuration backends, the IKEv1
daemon is limited to configurations from ipsec.conf.
%files starter
%defattr(-,root,root,-)
%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ipsec.conf
%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/strongswan.conf
%attr(0700,root,root) %dir %{_sysconfdir}/ipsec.d/*
%doc AUTHORS ChangeLog COPYING CREDITS INSTALL README NEWS TODO
%exclude %{_libexecdir}/ipsec/lib*
%exclude %{_libexecdir}/ipsec/plugins
%exclude %{_libexecdir}/ipsec/manager
%exclude %{_libexecdir}/ipsec/medsrv
%exclude %{_libexecdir}/ipsec/charon
%exclude %{_libexecdir}/ipsec/pluto
%exclude %{_libexecdir}/ipsec/whack
%exclude %{_libexecdir}/ipsec/stroke
#%exclude %{_usrsrc}/debug
#%exclude %{_libdir}/debug
%{_mandir}/*/*
%{_sbindir}/ipsec
%{_libexecdir}/ipsec/*
%package manager
Group: System Environment/Daemons
Summary: strongSwan utility and crypto library
%description manager
This Package contains the strongswan FastCGI apps strongswan-manager and
strongswan-medsrv (IKEv2 mediation)
Requires: clearsilver, fcgi
%files manager
%defattr(-,root,root,-)
%{_libexecdir}/ipsec/manager/*
%{_libexecdir}/ipsec/medsrv/*
%{_libdir}/libfast*
%package ikev1
Group: System Environment/Daemons
Summary: strongSwan Internet Key Exchange (v1) daemon
%description ikev1
Pluto is an IPsec IKEv1 daemon. It was inherited from the FreeS/WAN project,
but provides improved X.509 certificate support and other features.
Pluto can run in parallel with charon, the newer IKEv2 daemon.
%files ikev1
%defattr(-,root,root,-)
%doc %{_mandir}/man8/pluto.8.gz
%{_libexecdir}/ipsec/_pluto_adns
%{_libexecdir}/ipsec/pluto
%{_libexecdir}/ipsec/whack
%package ikev2
Group: System Environment/Daemons
Summary: strongSwan Internet Key Exchange (v2) daemon
%description ikev2
Charon is an IPsec IKEv2 daemon. It is written from scratch using a fully
multi-threaded design and a modular architecture. Various plugins provide
additional functionality.
This build of charon can run in parallel with pluto, the IKEv1 daemon.
%files ikev2
%defattr(-,root,root,-)
# %doc %{_mandir}/man8/charon.8.gz (does not exist yet)
%{_libexecdir}/ipsec/charon
%{_libexecdir}/ipsec/plugins/lib*stroke*
%{_libexecdir}/ipsec/stroke
%package -n libstrongswan-ldap
Group: System Environment/Daemons
Summary: strongSwan plugin for LDAP
%description -n libstrongswan-ldap
This package contains the strongswan LDAP plugin
%files -n libstrongswan-ldap
%defattr(-,root,root,-)
%{_libexecdir}/ipsec/plugins/libstrongswan-ldap*
%package -n libstrongswan-sqlite3
Group: System Environment/Daemons
Summary: strongSwan plugin for sqlite3
%description -n libstrongswan-sqlite3
This package contains the strongswan sqlite3 plugin
%files -n libstrongswan-sqlite3
%defattr(-,root,root,-)
%{_libexecdir}/ipsec/plugins/libstrongswan-sqlite*
%package -n libstrongswan-mysql
Group: System Environment/Daemons
Summary: strongSwan plugin for MySQL
%description -n libstrongswan-mysql
This package contains the strongswan mysql plugin
%files -n libstrongswan-mysql
%defattr(-,root,root,-)
%{_libexecdir}/ipsec/plugins/libstrongswan-mysql*
%package -n libstrongswan
Group: System Environment/Daemons
Summary: strongSwan utility and crypto library
%description -n libstrongswan
This package provides the underlying library of charon and other strongSwan
components. It is built in a modular way and is extendable through various
plugins.
%files -n libstrongswan
%defattr(-,root,root,-)
%exclude %{_libexecdir}/ipsec/plugins/libstrongswan-mysql*
%exclude %{_libexecdir}/ipsec/plugins/libstrongswan-sqlite*
%exclude %{_libexecdir}/ipsec/plugins/libstrongswan-ldap*
%exclude %{_libexecdir}/ipsec/plugins/lib*stroke*
%{_libexecdir}/ipsec/plugins/*
%{_libexecdir}/ipsec/lib*
%{_libdir}/libstrongswan*
%post -p /sbin/ldconfig
%postun -p /sbin/ldconfig
%changelog
* Mon Nov 09 2009 Johannes Russek <[email protected]> 4.3.5-1
- updated to 4.3.5, fixed some minor problems to built on ppc as well
* Mon Sep 28 2009 Johannes Russek <[email protected]> 4.3.5-1
- updated to 4.3.5dr2 (dr2 containing some important fixes)
* Mon Sep 21 2009 Johannes Russek <[email protected]> 4.3.4-1
* Tue Jun 23 2009 Johannes Russek <[email protected]> 4.3.2-1
- updated to 4.3.2
- tried to enable as many configure options as possible
- this added some deps, most notably clearsilver
- I did not enable NetworkManager, since I'm targetting VPN server, not client
* Thu Jun 11 2009 Johannes Russek <[email protected]> 4.3.1-1
- updated to 4.3.1
- removed workaround patches to be able to help redhat with debugging XFRM
issues
* Wed May 13 2009 Johannes Russek <[email protected]> 4.2.14-1
- updated to 4.2.14
* Fri Nov 14 2008 Johannes Russek <[email protected]> 4.2.8-1
- updated to 4.2.8
* Tue Sep 18 2008 Johannes Russek <[email protected]> 4.2.7-1
- updated to 4.2.7
* Thu Sep 11 2008 Johannes Russek <[email protected]> 4.2.6-2
- forgot to include libcurl support for OCSP, added
* Tue Sep 09 2008 Johannes Russek <[email protected]> 4.2.6-1
- updated to 4.2.6, mock-buildable
* Tue Jul 10 2007 Johannes Russek <[email protected]> 4.1.4-1
- packaged basic tarball, applied small patch for rpm compatibility
_______________________________________________
Users mailing list
[email protected]
https://lists.strongswan.org/mailman/listinfo/users
