import dogtag-pki-11.6.0-0.2.alpha2.el10

2 months ago · 4f27f83428
parent a0af6a4d54
commit 4f27f83428
3 changed files with 31 additions and 18 deletions
--- a/.dogtag-pki.metadata
+++ b/.dogtag-pki.metadata
@ -9,7 +9,7 @@ e8f606a75b61c5cec01f527239d6d9bd211567aa SOURCES/jackson-module-jaxb-annotations
 b671664492af30a494c1aeed3e0dc537d9c8678c SOURCES/jakarta.xml.bind-api-4.0.1.jar
 ccdb2cbad8e86e8a5d19d61562ab3637bed40aad SOURCES/jboss-jaxrs-2.0-api-1.0.0.Final.jar
 3d0dce7eb38c9bac6df5b21857affe5e4758af59 SOURCES/jboss-logging-3.5.3.Final.jar
-71f1ba20212182f8f028d5ef7dbcddc1a5003382 SOURCES/pki-11.5.4.tar.gz
+e8159bfa4ae06f51597c6b49ee76a190a55b45b3 SOURCES/pki-11.6.0-alpha2.tar.gz
 2d701d5495c788b92e80ea451f8ddcde191e82a1 SOURCES/resteasy-client-3.0.26.Final.jar
 543d6c2652af2305864a92b4ceec105165698ca7 SOURCES/resteasy-jackson2-provider-3.0.26.Final.jar
 86480a4557835ebd9f69c497a0a8c542d0a7d945 SOURCES/resteasy-jaxrs-3.0.26.Final.jar
--- a/.gitignore
+++ b/.gitignore
@ -9,7 +9,7 @@ SOURCES/jakarta.annotation-api-1.3.5.jar
 SOURCES/jakarta.xml.bind-api-4.0.1.jar
 SOURCES/jboss-jaxrs-2.0-api-1.0.0.Final.jar
 SOURCES/jboss-logging-3.5.3.Final.jar
-SOURCES/pki-11.5.4.tar.gz
+SOURCES/pki-11.6.0-alpha2.tar.gz
 SOURCES/resteasy-client-3.0.26.Final.jar
 SOURCES/resteasy-jackson2-provider-3.0.26.Final.jar
 SOURCES/resteasy-jaxrs-3.0.26.Final.jar
--- a/SPECS/dogtag-pki.spec
+++ b/SPECS/dogtag-pki.spec
@ -8,19 +8,19 @@ Name:             dogtag-pki

 # Upstream version number:
 %global           major_version 11
-%global           minor_version 5
-%global           update_version 4
+%global           minor_version 6
+%global           update_version 0

 # Downstream release number:
 # - development/stabilization (unsupported): 0.<n> where n >= 1
 # - GA/update (supported): <n> where n >= 1
-%global           release_number 3
+%global           release_number 0.2

 # Development phase:
 # - development (unsupported): alpha<n> where n >= 1
 # - stabilization (unsupported): beta<n> where n >= 1
 # - GA/update (supported): <none>
-#global           phase
+%global           phase alpha2

 %undefine         timestamp
 %undefine         commit_id
@ -30,7 +30,7 @@ URL:              https://www.dogtagpki.org
 # The entire source code is GPLv2 except for 'pki-tps' which is LGPLv2
 License:          GPL-2.0-only AND LGPL-2.0-only
 Version:          %{major_version}.%{minor_version}.%{update_version}
-Release:          %{release_number}%{?phase:.}%{?phase}%{?timestamp:.}%{?timestamp}%{?commit_id:.}%{?commit_id}%{?dist}.1
+Release:          %{release_number}%{?phase:.}%{?phase}%{?timestamp:.}%{?timestamp}%{?commit_id:.}%{?commit_id}%{?dist}

 # To create a tarball from a version tag:
 # $ git archive \
@ -153,7 +153,7 @@ ExcludeArch: i686
 %define pki_uid 17
 %define pki_groupname pkiuser
 %define pki_gid 17
-%define pki_homedir /usr/share/pki
+%define pki_homedir /home/%{pki_username}

 %global saveFileContext() \
 if [ -s /etc/selinux/config ]; then \
@ -604,6 +604,7 @@ Requires:         openldap-clients
 Requires:         nss-tools >= 3.36.1
 Requires:         %{product_id}-java = %{version}-%{release}
 Requires:         p11-kit-trust
+Requires:         file

 # PKICertImport depends on certutil and openssl
 Requires:         nss-tools
@ -935,15 +936,17 @@ This package provides %{product_name} API documentation.
 Summary:          %{product_name} Console Package
 BuildArch:        noarch

-BuildRequires:    mvn(org.dogtagpki.console-framework:console-framework) >= 2.1.0
-
 Obsoletes:        pki-console < %{version}-%{release}
 Provides:         pki-console = %{version}-%{release}

-Requires:         mvn(org.dogtagpki.console-framework:console-framework) >= 2.1.0
 Requires:         %{product_id}-java = %{version}-%{release}
 Requires:         %{product_id}-console-theme = %{version}-%{release}

+# IDM Console Framework has been merged into PKI Console.
+# This will remove installed IDM Console Framework packages.
+Obsoletes:        idm-console-framework <= 2.1
+Conflicts:        idm-console-framework <= 2.1
+
 %description -n   %{product_id}-console
 %{product_name} Console is a Java application used to administer %{product_name} Server.

@ -1322,8 +1325,10 @@ CXX_FLAGS="$CXX_FLAGS -g -fPIE -pie"
 # https://sourceware.org/annobin/annobin.html/Test-gaps.html
 C_FLAGS="$C_FLAGS -fplugin=annobin"

+%ifarch x86_64
 # https://sourceware.org/annobin/annobin.html/Test-cf-protection.html
 C_FLAGS="$C_FLAGS -fcf-protection=full"
+%endif

 # https://sourceware.org/annobin/annobin.html/Test-optimization.html
 C_FLAGS="$C_FLAGS -O2"
@ -1587,10 +1592,23 @@ xmlstarlet edit --inplace \
 %if %{with server}

 %pre -n %{product_id}-server
+
+# create PKI group if it doesn't exist
 getent group %{pki_groupname} >/dev/null || groupadd -f -g %{pki_gid} -r %{pki_groupname}
+
+# create PKI user if it doesn't exist
 if ! getent passwd %{pki_username} >/dev/null ; then
    useradd -r -u %{pki_uid} -g %{pki_groupname} -d %{pki_homedir} -s /sbin/nologin -c "Certificate System" %{pki_username}
 fi
+
+# create PKI home directory if it doesn't exist
+if [ ! -d %{pki_homedir} ] ; then
+    cp -ar /etc/skel %{pki_homedir}
+    chown -R %{pki_username}:%{pki_groupname} %{pki_homedir}
+    chmod 700 %{pki_homedir}
+    usermod -d %{pki_homedir} %{pki_username}
+fi
+
 exit 0

 # with server
@ -1730,13 +1748,10 @@ fi

 %license base/tools/LICENSE
 %doc base/tools/doc/README
-%{_bindir}/p12tool
-%{_bindir}/p7tool
 %{_bindir}/pistool
 %{_bindir}/pki
 %{_bindir}/revoker
 %{_bindir}/setpin
-%{_bindir}/sslget
 %{_bindir}/tkstool
 %{_bindir}/tpsclient
 %{_bindir}/AtoB
@ -1814,7 +1829,6 @@ fi
 %{_sbindir}/pkispawn
 %{_sbindir}/pkidestroy
 %{_sbindir}/pki-server
-%{_sbindir}/pki-server-upgrade
 %{_sbindir}/pki-healthcheck
 %{python3_sitelib}/pki/server/
 %{python3_sitelib}/pkihealthcheck-*.egg-info/
@ -2047,9 +2061,8 @@ fi

 ################################################################################
 %changelog
-* Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 11.5.4-3.1
- Bump release for October 2024 mass rebuild:
-  Resolves: RHEL-64018
+* Mon Dec 09 2024 Red Hat PKI Team <rhcs-maint@redhat.com> - 11.6.0-alpha2
+- Rebase to PKI 11.6.0-alpha2

 * Thu Aug 22 2024 Red Hat PKI Team <rhcs-maint@redhat.com> - 11.5.4-3
 - Fix JAXB library filename