Summary: A signing server and related software client
Name: sigul
Version: 0.205
Release: 2%{?dist}
License: GPLv2
URL: https://pagure.io/sigul/
Source0: https://pagure.io/releases/sigul/sigul-%{version}.tar.bz2
Source1: sigul_bridge.service
Source2: sigul_server.service
Source3: sigul.logrotate
Requires: logrotate, python
Requires: python-nss >= 0.11
Requires: koji
# For sigul_setup_client
Requires: coreutils nss-tools
Requires(pre): shadow-utils
BuildRequires: python
# To detect the path correctly in configure
BuildRequires: gnupg
# To run the test suite
BuildRequires: python-nss, gnupg, koji, pexpect, pygpgme, python, python-fedora
BuildRequires: rpm-sign python-urlgrabber python-sqlalchemy git
BuildRequires: systemd
BuildRequires: ostree
BuildRequires: ostree-devel
%ifnarch ppc64 ppc64le
# Skopeo fails to build for ppc64le
BuildRequires: skopeo
%endif
%if 0%{?rhel}
# There is no ostree package for RHEL other than x86_64, as that's in Atomic Host
ExclusiveArch: x86_64
%endif
%description
A signing server, which lets authorized users sign data without having any
access to the necessary private key, a client for the server, and a "bridge"
that connects the two.
%package server
Summary: Sigul server component
Requires: %{name}%{?_isa} = %{version}-%{release}
%if 0%{?rhel} && 0%{?rhel} <= 5
Requires: python-sqlite2
%endif
Requires: gnupg
Requires: pygpgme
Requires: pexpect
Requires: ostree
Requires: rpm-sign
Requires: python-sqlalchemy >= 0.5
# For systemd unit macros
Requires(post): systemd
Requires(preun): systemd
Requires(postun): systemd
%description server
The server part of sigul that keeps the keys and performs the actual signing.
%package bridge
Summary: Sigul bridge
Requires: %{name}%{?_isa} = %{version}-%{release}
Requires: python-fedora
Requires: python-urlgrabber
# For systemd unit macros
Requires(post): systemd
Requires(preun): systemd
Requires(postun): systemd
%description bridge
The bridge part of sigul that facilitates connection between the client and server.
%prep
%setup -q
%build
%if 0%{?rhel} >= 7
export GPG=/usr/bin/gpg1
%endif
%configure
make %{?_smp_mflags}
%check
%ifnarch ppc64 ppc64le
# Skopeo fails to build for ppc64le
%if 0%{?fedora}
if make check; then
echo "Tests passed"
else
echo "Tests failed. Log output follows"
cat testsuite.log
cat testsuite.dir/*/{testsuite.log,bridge/sigul_bridge.log,server/sigul_server.log}
exit 1
fi
%endif
%endif
%install
make DESTDIR=$RPM_BUILD_ROOT INSTALL='install -p' install
mkdir -p $RPM_BUILD_ROOT%{_unitdir} $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d
install -m 0644 -p %{SOURCE1} $RPM_BUILD_ROOT%{_unitdir}/sigul_bridge.service
install -m 0644 -p %{SOURCE2} $RPM_BUILD_ROOT%{_unitdir}/sigul_server.service
install -m 0644 -p %{SOURCE3} $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/sigul
%pre
getent group sigul >/dev/null || groupadd -r sigul
getent passwd sigul >/dev/null || \
useradd -r -g sigul -d %{_localstatedir}/lib/sigul -s /sbin/nologin \
-c "Signing server or bridge" sigul
exit 0
%post bridge
%systemd_post sigul_bridge.service
%post server
%systemd_post sigul_server.service
%preun bridge
%systemd_preun sigul_bridge.service
%preun server
%systemd_preun sigul_server.service
%postun bridge
%systemd_postun_with_restart sigul_bridge.service
%postun server
%systemd_postun_with_restart sigul_server.service
%files
%defattr(-,root,root,-)
%doc AUTHORS COPYING NEWS README
%dir %{_sysconfdir}/sigul
%config(noreplace) %{_sysconfdir}/sigul/client.conf
%config(noreplace) %{_sysconfdir}/logrotate.d/sigul
%{_bindir}/sigul
%{_bindir}/sigul_setup_client
%{_mandir}/man1/sigul*.1*
%{_mandir}/man8/sigul*.8*
%dir %{_datadir}/sigul
%{_datadir}/sigul/bind_methods.py*
%{_datadir}/sigul/client.py*
%{_datadir}/sigul/double_tls.py*
%{_datadir}/sigul/errors.py*
%{_datadir}/sigul/settings.py*
%{_datadir}/sigul/utils.py*
%files bridge
%config(noreplace) %attr(640,root,sigul) %{_sysconfdir}/sigul/bridge.conf
%{_unitdir}/sigul_bridge.service
%{_sbindir}/sigul_bridge
%{_datadir}/sigul/bridge*
%files server
%config(noreplace) %attr(640,root,sigul) %{_sysconfdir}/sigul/server.conf
%{_unitdir}/sigul_server.service
%{_bindir}/sigul-ostree-helper
%{_sbindir}/sigul_server
%{_sbindir}/sigul_server_add_admin
%{_sbindir}/sigul_server_create_db
%dir %attr(700,sigul,sigul) %{_localstatedir}/lib/sigul
%dir %attr(700,sigul,sigul) %{_localstatedir}/lib/sigul/gnupg
%{_datadir}/sigul/server*
%changelog
* Wed Mar 01 2017 Patrick Uiterwijk <puiterwijk@redhat.com> - 0.205-2
- Enable tests
* Wed Mar 01 2017 Patrick Uiterwijk <puiterwijk@redhat.com> - 0.205-1
- Rebase to upstream 0.205
* Tue Feb 21 2017 Patrick Uiterwijk <puiterwijk@redhat.com> - 0.204-3
- Add PIN reading fix
* Tue Feb 21 2017 Patrick Uiterwijk <puiterwijk@redhat.com> - 0.204-2
- rebuilt
* Mon Feb 20 2017 Patrick Uiterwijk <puiterwijk@redhat.com> - 0.204-1
- Rebase to upstream 0.204
* Mon Feb 13 2017 Patrick Uiterwijk <puiterwijk@redhat.com> - 0.203-1
- Rebase to 0.203
* Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.202-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Sun Dec 11 2016 Patrick Uiterwijk <puiterwijk@redhat.com> - 0.202-4
- Add patch for krb5 support
* Sat Oct 29 2016 Patrick Uiterwijk <puiterwijk@redhat.com> - 0.202-3
- Disable test suite for ppc64, since skopeo failed to build
- Enable test suite on Fedora instead of RHEL
* Wed Oct 19 2016 Patrick Uiterwijk <puiterwijk@redhat.com> - 0.202-2
- Do not run tests on el7
* Tue Oct 11 2016 Patrick Uiterwijk <puiterwijk@redhat.com> - 0.202-1
- Update to 0.202
* Tue Sep 20 2016 Patrick Uiterwijk <puiterwijk@redhat.com> - 0.201-2
- Rebuild with test suite on
* Fri Sep 16 2016 Patrick Uiterwijk <puiterwijk@redhat.com> - 0.201-1
- New upstream release
* Wed Sep 07 2016 Patrick Uiterwijk <puiterwijk@redhat.com> - 0.200-1
- New upstream release
* Fri Feb 05 2016 Fedora Release Engineering <releng@fedoraproject.org> - 0.102-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
* Mon Jan 25 2016 Miloslav Trmač <mitr@redhat.com> - 0.102-2
- Migrate to systemd unit files, based on a patch by Kevin Fenzi
<kevin@scrye.com>.
Resolves: #1301297
* Thu Nov 26 2015 Miloslav Trmač <mitr@redhat.com> - 0.102-1
- Update to sigul-0.102.
Resolves: #1283364
Related: #1272535
* Wed Nov 18 2015 Miloslav Trmač <mitr@redhat.com> - 0.101-1
- Update to sigul-0.101.
Related: #1272535
* Fri Jun 19 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.100-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
* Mon Apr 27 2015 Miloslav Trmač <mitr@redhat.com> - 0.100-5
- Add Requires: rpm-sign
Resolves: #1215678
* Sun Jun 08 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.100-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Sun Aug 04 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.100-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.100-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Tue Jul 17 2012 Miloslav Trmač <mitr@redhat.com> - 0.100-1
- Update to sigul-0.100.
* Wed Feb 8 2012 Toshio Kuratomi <toshio@fedoraproject.org> - 0.99-3
- Remove the python-sqlite2 dep in Fedora as that package is being retired and
sigul can use the sqlite3 module from the python stdlib
* Sat Jan 14 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.99-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Mon Jun 6 2011 Miloslav Trmač <mitr@redhat.com> - 0.99-1
- Update to sigul-0.99.
* Thu Jun 2 2011 Miloslav Trmač <mitr@redhat.com> - 0.98-2
- Add Requires: gnupg
Resolves: #664536
* Tue May 31 2011 Miloslav Trmač <mitr@redhat.com> - 0.98-1
- Update to sigul-0.98.
* Wed Feb 09 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.97-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Wed Aug 11 2010 David Malcolm <dmalcolm@redhat.com>
- recompiling .py files against Python 2.7 (rhbz#623359)
- Drop no longer necessary references to BuildRoot:
* Fri Jul 31 2009 Miloslav Trmač <mitr@redhat.com> - 0.97-1
- Update to sigul-0.97.
- Ship NEWS.
* Tue Jul 28 2009 Jesse Keating <jkeating@redhat.com> - 0.96-6
- Fix the patch in -4
* Tue Jul 28 2009 Jesse Keating <jkeating@redhat.com> - 0.96-5
- Add a dist tag
* Tue Jul 28 2009 Jesse Keating <jkeating@redhat.com> - 0.96-4
- Add another patch to temporarily work around a stale koji issue.
- Bump python-nss reqs up now that we have a newer one in EPEL
* Mon Jul 27 2009 Jesse Keating <jkeating@redhat.com> - 0.96-3
- Setup the Requires right for EL5
* Mon Jul 27 2009 Jesse Keating <jkeating@redhat.com> - 0.96-2
- Fix various bugs while testing (release by Mitr)
- Patch from jkeating for srpm signing.
* Sat Jul 18 2009 Miloslav Trmač <mitr@redhat.com> - 0.95-0.mitr.1
- Update to 0.95.
- Add missing Requires: m2crypto.
* Wed Jul 1 2009 Miloslav Trmač <mitr@redhat.com> - 0.94-0.mitr.1
- Update to 0.94.
* Fri Apr 10 2009 Miloslav Trmač <mitr@redhat.com> - 0.93-0.mitr.1
- Update to 0.93.
* Wed Jan 28 2009 Miloslav Trmač <mitr@redhat.com> - 0.92-0.mitr.1
- Update to 0.92.
* Mon Jan 12 2009 Miloslav Trmač <mitr@redhat.com> - 0.91-0.mitr.1
- Update to 0.91.
* Sun Jan 11 2009 Miloslav Trmač <mitr@redhat.com> - 0.90-0.mitr.2
- Requires: koji, python-sqlite2
* Sun Jan 11 2009 Miloslav Trmač <mitr@redhat.com> - 0.90-0.mitr.1
- s/rpmsigner/sigul/g
* Sun Nov 30 2008 Miloslav Trmač <mitr@redhat.com> - 0.90-0.mitr.1
- Initial package.