Sync from SUSE:ALP:Source:Standard:1.0 munge revision 74f35243357f8418a31b418c31ec0f06

.gitattributes

@@ -0,0 +1,23 @@
+## Default LFS
+*.7z filter=lfs diff=lfs merge=lfs -text
+*.bsp filter=lfs diff=lfs merge=lfs -text
+*.bz2 filter=lfs diff=lfs merge=lfs -text
+*.gem filter=lfs diff=lfs merge=lfs -text
+*.gz filter=lfs diff=lfs merge=lfs -text
+*.jar filter=lfs diff=lfs merge=lfs -text
+*.lz filter=lfs diff=lfs merge=lfs -text
+*.lzma filter=lfs diff=lfs merge=lfs -text
+*.obscpio filter=lfs diff=lfs merge=lfs -text
+*.oxt filter=lfs diff=lfs merge=lfs -text
+*.pdf filter=lfs diff=lfs merge=lfs -text
+*.png filter=lfs diff=lfs merge=lfs -text
+*.rpm filter=lfs diff=lfs merge=lfs -text
+*.tbz filter=lfs diff=lfs merge=lfs -text
+*.tbz2 filter=lfs diff=lfs merge=lfs -text
+*.tgz filter=lfs diff=lfs merge=lfs -text
+*.ttf filter=lfs diff=lfs merge=lfs -text
+*.txz filter=lfs diff=lfs merge=lfs -text
+*.whl filter=lfs diff=lfs merge=lfs -text
+*.xz filter=lfs diff=lfs merge=lfs -text
+*.zip filter=lfs diff=lfs merge=lfs -text
+*.zst filter=lfs diff=lfs merge=lfs -text

Make-SUSE-specific-adjustments.patch

@@ -0,0 +1,26 @@
+From: Egbert Eich <eich@suse.de>
+Date: Sat Oct 15 21:10:56 2016 +0200
+Subject: [PATCH]Make SUSE specific adjustments
+Git-commit: e82cc0c3a5a40ee9053adeb34410575533fd2530
+References: 
+Signed-off-by: Egbert Eich <eich@suse.com>
+
+For sysvinit set runlvls where to start/stop munge.
+
+Signed-off-by: Egbert Eich <eich@suse.de>
+
+diff --git a/src/etc/munge.sysvinit.init.in b/src/etc/munge.sysvinit.init.in
+index 93d461b..3414ed5 100644
+--- a/src/etc/munge.sysvinit.init.in
++++ b/src/etc/munge.sysvinit.init.in
+@@ -14,8 +14,8 @@
+ # Required-Stop:      $local_fs $remote_fs
+ # Should-Start:       $named $syslog
+ # Should-Stop:        $named $syslog
+-# Default-Start:
+-# Default-Stop:
++# Default-Start:      3 5
++# Default-Stop:       0 1 2 6
+ # Short-Description:  MUNGE Uid 'N' Gid Emporium authentication service
+ # Description:        MUNGE (MUNGE Uid 'N' Gid Emporium) is a highly scalable
+ #                     authentication service for creating and validating

README.SUSE

@@ -0,0 +1,6 @@
+The file 
+/etc/munge/munge.key
+is created from /dev/urandom at installation time via the command
+  dd if=/dev/urandom bs=1 count=1024 
+so it might differ from host to host, one might to replace by identical
+one (pick one from a host) and copy it to all hosts.

_service

@@ -0,0 +1,5 @@
+<services>
+  <service name="download_files" mode="localonly">
+    <param name="enforceupstream">yes</param>
+  </service>
+</services>

baselibs.conf

@@ -0,0 +1,4 @@
+libmunge2
+munge-devel
+  requires -munge-<targettype>
+  requires "libmunge2-<targettype> = <version>"

munge.changes

@@ -0,0 +1,279 @@
+-------------------------------------------------------------------
+Wed Jul  6 09:29:47 UTC 2022 - Nicolas Morey-Chaisemartin <nmoreychaisemartin@suse.com>
+
+- Update to version 0.5.15:
+  - Added support for OpenSSL 3.0.
+  - Fixed "make install" conflict with systemd RuntimeDirectory.
+  - Fixed big-endian bug causing failures on s390x.
+  - Fixed systemd service unit conf to wait until network is online.
+  - Fixed excessive logging of "suspended new connections".
+  - Fixed gcry_check_version(GCRYPT_VERSION) bug reported by Debian.
+  - Fixed sending repeated SIGTERMs to signal stop. (dbe6dcc)
+  - Fixed failure to clean up socket or create seedfile having relative path.
+  - Fixed test suite to clean up errant processes from failed tests.
+- Re-enable build for s390*
+
+-------------------------------------------------------------------
+Tue Nov 23 09:52:25 UTC 2021 - Egbert Eich <eich@suse.com>
+
+- Disable s390*-builds. On s390x the test suite fails.
+
+-------------------------------------------------------------------
+Fri Oct 15 16:07:00 UTC 2021 - Egbert Eich <eich@suse.com>
+
+- Typo fix to sysuser file.
+
+-------------------------------------------------------------------
+Thu Oct  7 17:25:55 UTC 2021 - Egbert Eich <eich@suse.com>
+
+- Restore tmpfiles.d handling which was deleted for no good
+  reason.
+- Make sure the product specific run-directory is used which
+  is taken from the RPM macro %_rundir (bsc#1191336).
+
+-------------------------------------------------------------------
+Fri Oct  1 06:24:14 UTC 2021 - Egbert Eich <eich@suse.com>
+
+- Utilize sysuser infrastructure to set user/group munge.
+
+-------------------------------------------------------------------
+Fri Jun 19 05:00:01 UTC 2020 - Egbert Eich <eich@suse.com>
+
+- Use 'mungekey' to generate munge key,
+  Change permission of 'mungekey' from 0400 to 0600
+- Remove munge key on uninstall  
+- Add a bit of QA by running 'make check'
+- Consolidate 'rundir'-handling:
+  * fixed the location using %_rundir
+  * %ghost-ed %_rundir/munge
+- Pinned down configuration by adding more configure options
+- Consolidated the file attribute setting
+- Consolidated handline of /etc/sysconfig/munge
+- Remove tmpfiles.d/munge.conf: the runtime directory is created
+  by systemd itself.
+
+-------------------------------------------------------------------
+Tue Mar 24 08:56:31 UTC 2020 - Ana Guerrero Lopez <aguerrero@suse.com>
+
+- Update to version 0.5.14, most relevant changes:
+  * Added mungekey command for key generation via HKDF.
+  * Added negative caching of user lookups for processing supplementary groups.
+  * Added munged --origin and --stop cmdline opt.
+  * Added unmunge --numeric cmdline opt.
+  * Added several new configuration options.
+  * Added systemd EnvironmentFile to set sysconfig options.
+  * Added systemd RuntimeDirectory to replace tmpfiles.d conf.
+  * Changed logging of non-existent users to only log once for a given user.
+  * Changed default name of munged seedfile.
+  * Fixed pidfile corruption when starting new daemon while socket still in use.
+  * Fixed munged signal handlers to be async-signal-safe.
+  * Fixed "Logging stopped due to error" behavior for transient errors.
+  * Fixed misleading "Lockfile not found" error message.
+  * Fixed conversion-specifier / argument mismatch in error message.
+  * Removed autotools-generated files from version control.
+- Update patch:
+  * Make-SUSE-specific-adjustments.patch
+- Spec cleanup
+- Update package description to match upstream's
+- Add logrotate file and Requires in logrotate
+- Run bootstrap to create autotools files.
+
+-------------------------------------------------------------------
+Mon Feb  3 15:05:57 UTC 2020 - Dominique Leuenberger <dimstar@opensuse.org>
+
+- BuildRequire pkgconfig(systemd) instead of systemd: allow OBS to
+  shortcut through the -mini flavors.
+
+-------------------------------------------------------------------
+Tue Jan  7 07:42:01 UTC 2020 - Egbert Eich <eich@suse.com>
+
+- Add Provides for 'munge-libs' to package libmunge for
+  compatibility with the upstream spec file (bsc#1160075).
+
+-------------------------------------------------------------------
+Wed Nov  6 18:22:48 UTC 2019 - Egbert Eich <eich@suse.com>
+
+- Fix possible LPE during installation (bsc#1155075,
+  CVE-2019-3691).
+- Remove special %license treatment for SLE-12 as this
+  has been fixed.
+
+-------------------------------------------------------------------
+Sat Sep 22 15:24:40 UTC 2018 - eich@suse.com
+
+- Add coreutils to the Requires(post/postun).
+
+-------------------------------------------------------------------
+Tue Jun 19 06:34:58 UTC 2018 - eich@suse.com
+
+- Handle license file using %license where applicable.
+
+-------------------------------------------------------------------
+Sat Jun 16 05:11:21 UTC 2018 - eich@suse.com
+
+- Package sysconfig.munge only on non-systemd systems.
+- Fix group settings for non-systemd systems in spec file:
+  group 'munge' is used there as well.
+- Some macro cleanup.
+
+-------------------------------------------------------------------
+Fri Mar 16 13:50:22 UTC 2018 - cgoll@suse.com
+
+- added README.SUSE file  (bsc#1085665)
+
+-------------------------------------------------------------------
+Wed Dec  6 16:23:04 UTC 2017 - eich@suse.com
+
+- Update to 0.5.13:
+  * Added support for OpenSSL 1.1.0.
+  * Added support for UID/GID values >= 2^31.
+  * Added support for getentropy() and getrandom().
+  * Added --trusted-group cmdline opt to munged.
+  * Added --log-file and --seed-file cmdline opts to munged.
+  * Changed default MAC algorithm to SHA-256.
+  * Fixed autoconf installation directory variable substitution.
+  * Fixed all gcc, clang, and valgrind warnings.
+  * Improved resilience and unpredictability of PRNG.
+  * Improved hash table performance.
+  * Removed libmissing dependency from libmunge.
+
+-------------------------------------------------------------------
+Thu Nov 23 13:54:02 UTC 2017 - rbrown@suse.com
+
+- Replace references to /var/adm/fillup-templates with new 
+  %_fillupdir macro (boo#1069468)
+
+-------------------------------------------------------------------
+Tue Feb  7 17:27:18 UTC 2017 - eich@suse.com
+
+- Fix BuildRequires for zlib-devel.
+
+-------------------------------------------------------------------
+Wed Feb  1 20:13:51 UTC 2017 - eich@suse.com
+
+- Replace group/user add macros with function calls.
+- Make sure we update the user/group of files/directories correctly
+  when updating - in case they have changed.
+
+-------------------------------------------------------------------
+Tue Jan  3 16:18:13 UTC 2017 - eich@suse.com
+
+- Use user 'munge', group 'munge' for systemd and user 'daemon', group 'root' 
+  for non-systemd by setting the appropriate macros '%munge_u' and '%munge_g'.
+- Create user/group munge if they don't exist.
+- Add 'BuildRequires: libbz2-devel'
+- Fix typo.
+
+-------------------------------------------------------------------
+Tue Jan  3 15:56:53 UTC 2017 - eich@suse.com
+
+- Add 'Recommends: munge' to libmunge:
+  This library requires the munge service to run on the
+  local system to be useful.
+
+-------------------------------------------------------------------
+Mon Dec 12 09:34:54 UTC 2016 - vetter@physik.uni-wuerzburg.de
+
+- Fix typo in init script (SLE11) introduced by last change
+- Fix rpm preun/postun-scripts (SLE11)
+- Fix empty /etc/sysconfig/munge after update (SLE11)
+
+-------------------------------------------------------------------
+Thu Dec  8 09:44:36 UTC 2016 - vetter@physik.uni-wuerzburg.de
+
+- change USER from munge to daemon for non-systemd OSes
+
+-------------------------------------------------------------------
+Fri Dec  2 15:43:40 UTC 2016 - eich@suse.com
+
+- Switch to user 'munge', group 'munge'.
+
+-------------------------------------------------------------------
+Wed Oct 19 15:48:26 UTC 2016 - eich@suse.com
+
+- Adding to SLE12 SP2 FATE#321706.
+
+-------------------------------------------------------------------
+Mon Oct 17 13:24:31 UTC 2016 - eich@suse.com
+
+- Setting 'download_files' service to mode='localonly'
+  and adding source tarball. (Required for Factory).
+
+-------------------------------------------------------------------
+Mon Oct 17 06:10:25 UTC 2016 - eich@suse.com
+
+- Add baselib.conf as Source to spec file.
+- Remove tar ball of version 0.5.11.
+
+-------------------------------------------------------------------
+Sat Oct 15 18:43:05 UTC 2016 - eich@suse.com
+
+- version 0.5.12
+  * Changed project homepage to <https://dun.github.io/munge/>.
+  * Changed RPM specfile from sysvinit to systemd. (#33)
+  * Added --max-ttl cmdline opt to munged. (#28)
+  * Added --pid-file cmdline opt to munged. (#41)
+
+-------------------------------------------------------------------
+Fri Oct 14 11:07:23 UTC 2016 - eich@suse.com
+
+- Add source service to download sources.
+- Remove static libraries: If they are needed, they should be packaged
+  separately.
+- Add a %define have_systemd to clearer identify systemd relevant parts.
+- Add define of lversion insead of hard conding this.
+- remove README.MULTILIB: Package is built already.
+- Add BuildRequires: for bzip2-devel, systemd-rpm-macros.
+- Spell out files under %{_sysconfdir}/
+- Fix symlink to %{_sbindir}/rcmunge for initV and systemd.
+
+-------------------------------------------------------------------
+Thu Oct  9 09:36:15 UTC 2014 - bugs@vdm-design.de
+
+- Create /run/munge when package is installed
+  before a restart was needed for the directory to be created
+
+-------------------------------------------------------------------
+Thu Sep 18 14:01:22 UTC 2014 - bugs@vdm-design.de
+
+- We are using daemon:root as user and group for munge.
+  Therefor start it with this user instead of munge:munge
+
+-------------------------------------------------------------------
+Sat Jul 26 10:02:26 UTC 2014 - scorot@free.fr
+
+- version 0.5.11
+  * Added --mlockall cmdline opt to munged.
+  * Added --syslog cmdline opt to munged.
+  * Added --uid and --gid cmdline opts to munge.
+  * Added numeric timezone to unmunge timestamp output.
+  * Added timer to munged for periodically stirring PRNG entropy
+    pool.
+  * Added support for pkg-config.
+  * Added support for systemd.
+  * Changed timer thread to better accommodate misbehaving system
+    clocks.
+  * Changed behavior of munge --string cmdline opt to not append
+    newline.
+  * Changed init script chkconfig priority levels to start after
+    ntpd/ntpdate.
+  * Changed init script so munged runs as munge user by default.
+  * Fixed HMAC validation timing attack vulnerability.
+  * Fixed bug with munged being unable to restart if daemon not
+    cleanly shutdown.
+  * Fixed bug with large groups triggering "numerical result out
+    of range" error.
+  * Fixed bug causing high CPU utilization on FreeBSD when
+    processing group info.
+  * Fixed bug causing IPv6-only hosts to exit due to failed
+    hostname resolution.
+  * Fixed autoconf check that was not portable across shells.
+  * Fixed init script LSB Header on openSUSE.
+  * Replaced perl build-time dependency with awk.
+- add systemd support openSUSE >= 12.1
+
+-------------------------------------------------------------------
+Fri Nov 16 20:59:41 UTC 2012 - scorot@free.fr
+
+- first package based on spec file from hornos project
+

munge.spec

@@ -0,0 +1,296 @@
+#
+# spec file for package munge
+#
+# Copyright (c) 2023 SUSE LLC
+#
+# All modifications and additions to the file contributed by third parties
+# remain the property of their copyright owners, unless otherwise agreed
+# upon. The license for this file, and modifications and additions to the
+# file, is the same license as for the pristine package itself (unless the
+# license for the pristine package is not an Open Source License, in which
+# case the license is the MIT License). An "Open Source License" is a
+# license that conforms to the Open Source Definition (Version 1.9)
+# published by the Open Source Initiative.
+
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
+#
+
+
+#Compat macro for new _fillupdir macro introduced in Nov 2017
+%if ! %{defined _fillupdir}
+  %define _fillupdir /var/adm/fillup-templates
+%endif
+
+%if 0%{?suse_version} >= 1210
+%define have_systemd 1
+ %if 0%{?sle_version} >= 150000 || 0%{?is_opensuse}
+  %define have_sysuser 1
+ %endif
+%endif
+%define lversion 2
+
+%define munge_g %name
+%if 0%{?have_systemd}
+ %define munge_u %name
+%else
+ %define munge_u daemon
+%endif
+%define munge_descr "MUNGE authentication service"
+
+Name:           munge
+Version:        0.5.15
+Release:        0
+Summary:        An authentication service for creating and validating credentials
+License:        GPL-3.0-or-later AND LGPL-3.0-or-later
+Group:          Productivity/Security
+URL:            https://dun.github.io/munge/
+Source0:        https://github.com/dun/munge/archive/%{name}-%{version}.tar.gz
+Source1:        baselibs.conf
+Source2:        sysconfig.munge
+Source3:        README.SUSE
+Patch0:         Make-SUSE-specific-adjustments.patch
+BuildRequires:  autoconf
+BuildRequires:  automake
+BuildRequires:  libbz2-devel
+BuildRequires:  libtool
+BuildRequires:  openssl-devel
+BuildRequires:  pkgconfig
+# For %%check
+BuildRequires:  procps
+BuildRequires:  zlib-devel
+Requires:       logrotate
+%if 0%{?suse_version} <= 1140
+Requires(pre):  pwdutils
+%else
+Requires(pre):  shadow
+%endif
+Requires(post): coreutils
+%if 0%{?have_systemd}
+BuildRequires:  systemd-rpm-macros
+BuildRequires:  pkgconfig(systemd)
+%{?have_sysuser:BuildRequires:  sysuser-tools}
+%{?systemd_requires}
+%endif
+Requires(post): coreutils
+Requires(postun):coreutils
+
+%description
+MUNGE (MUNGE Uid 'N' Gid Emporium) is an authentication service for
+creating and validating user credentials.  It is designed to be highly
+scalable for use in an HPC cluster environment.  It provides a portable
+API for encoding the user's identity into a tamper-proof credential
+that can be obtained by an untrusted client and forwarded by untrusted
+intermediaries within a security realm.  Clients within this realm can
+create and validate credentials without the use of root privileges,
+reserved ports, or platform-specific methods.
+
+%package -n lib%{name}%{lversion}
+Summary:        Libraries for applications using MUNGE
+Group:          System/Libraries
+Recommends:     munge
+# For compatibility with the MUNGE upstream SPEC file.
+Provides:       munge-libs = %version
+
+%description -n lib%{name}%{lversion}
+A shared library for applications using the MUNGE authentication service.
+
+%package devel
+Requires:       lib%{name}%{lversion} = %{version}
+Summary:        Headers and Libraries for building applications using %{name}
+Group:          Development/Libraries/C and C++
+
+%description devel
+A header file and libraries for building applications using the %{name}
+authenication service.
+
+%{!?_rundir:%define _rundir %_localstatedir/run}
+%{!?_tmpfilesdir:%global _tmpfilesdir /usr/lib/tmpfiles.d}
+%define munge_run %_rundir/munge
+
+%prep
+%setup -n %{name}-%{name}-%{version}
+%autopatch -p1
+
+cp %{SOURCE3} .
+
+%build
+./bootstrap
+%configure --disable-static \
+    --with-crypto-lib=openssl \
+    --with-logrotateddir=%{_sysconfdir}/logrotate.d \
+    --with-pkgconfigdir=%{_libdir}/pkgconfig \
+%{?have_systemd:--with-systemdunitdir=%{_unitdir}} \
+    --with-runstatedir=%{_rundir}
+%if 0%{!?make_build:1}
+%define make_build make %{?_smp_mflags}
+%endif
+%make_build
+
+%install
+%makeinstall
+rm -f %{buildroot}%{_libdir}/*.la
+rm -f %{buildroot}%{_libdir}/*.a
+
+mkdir -p %{buildroot}%{_datarootdir}/licenses
+
+install -m 0755 -d %{buildroot}%{_fillupdir}
+# We don't want systemd file on SLE 11
+%if 0%{!?have_systemd:1}
+   test -d %{buildroot}%{_prefix}/lib/systemd && \
+      rm -rf %{buildroot}%{_prefix}/lib/systemd
+   test -f %{buildroot}/lib/systemd/system/munge.service && \
+      rm -f %{buildroot}/lib/systemd/system/munge.service
+   sed -i 's/USER="munge"/USER="%munge_u"/g' %{buildroot}/%{_initrddir}/%{name}
+   ln -s -f %{_initrddir}/%{name} %{buildroot}%{_sbindir}/rc%{name}
+   rm -f %{buildroot}%{_sysconfdir}/sysconfig/munge
+   cp -p %{S:2} %{buildroot}%{_fillupdir}/sysconfig.munge
+%else
+  sed -i 's/User=munge/User=%munge_u/g' %{buildroot}%{_unitdir}/munge.service
+  sed -i 's/Group=munge/Group=%munge_g/g' %{buildroot}%{_unitdir}/munge.service
+  rm -f %{buildroot}%{_initddir}/munge
+  rm -Rf %{buildroot}/%{munge_run}
+  rm -Rf %{buildroot}/%{_rundir}
+  mkdir -p %{buildroot}%{_tmpfilesdir}
+  cp src/etc/munge.tmpfiles.conf %{buildroot}%{_tmpfilesdir}/munge.conf
+  sed -i 's/munge \+munge/%munge_u %munge_g/g' %{buildroot}%{_tmpfilesdir}/munge.conf
+  ln -s %{_sbindir}/service %{buildroot}%{_sbindir}/rc%{name}
+  mv %{buildroot}%{_sysconfdir}/sysconfig/munge \
+     %{buildroot}%{_fillupdir}/sysconfig.munge
+  %if 0%{?have_sysuser}
+  echo -e "u %munge_u - \"%munge_descr\" %{munge_run}\n" > system-user-%{name}.conf
+  %sysusers_generate_pre system-user-%{name}.conf %{name} system-user-%{name}.conf
+  install -D -m 644 system-user-%{name}.conf %{buildroot}%{_sysusersdir}/system-user-%{name}.conf
+  %endif
+%endif
+
+%check
+# To debug add verbose=t to T_LOG_DRIVER variable in t/Makefile.am
+make check
+
+%post -n lib%{name}%{lversion} -p /sbin/ldconfig
+
+%postun -n lib%{name}%{lversion} -p /sbin/ldconfig
+
+%pre %{?have_sysuser:-f %{name}.pre}
+%if 0%{?have_systemd}
+%service_add_pre munge.service
+%endif
+%if 0%{!?have_sysuser:1}
+getent group %munge_g >/dev/null || groupadd -r %munge_g
+[ "%munge_u" = "daemon" ] || \
+{ getent passwd %munge_u >/dev/null \
+    || useradd -r -g %munge_g -d %munge_run -s /bin/false -c %munge_descr %munge_u; }
+exit 0
+%endif
+
+%preun
+%if 0%{?have_systemd}
+%service_del_preun munge.service
+%else
+%stop_on_removal munge
+%endif
+
+%define fixperm() [ -e %1 ] && /bin/chown -h %munge_u:%munge_g %1
+
+%postun
+if [ $1 -eq 1 ]
+then
+    %{fixperm %{_localstatedir}/log/munge}
+    %{fixperm %{_localstatedir}/log/munge/munged.log}
+    %{fixperm %munge_run}
+else
+    rm -f %{_sysconfdir}/munge/munge.key
+fi
+%if 0%{?have_systemd}
+%service_del_postun munge.service
+%else
+%restart_on_update munge
+%insserv_cleanup
+%endif
+
+%post
+if [ $1 -eq 1 ]
+then
+    %{fixperm %{_localstatedir}/log/munge}
+    %{fixperm %{_localstatedir}/log/munge/munged.log}
+    %{fixperm %munge_run}
+fi
+unset tmpfile
+tmpdir=$(mktemp -d /tmp/tmpdir-XXXXXXXXX)
+if [ -e %{_sysconfdir}/munge/munge.key ]; then
+    # Preserve symlink so we can check for it
+    cp -pP %{_sysconfdir}/munge/munge.key ${tmpdir}
+fi
+# Make sure this is no symlinks - this may have been created by an attacker!
+if [ -e ${tmpdir}/munge.key -a ! -h ${tmpdir}/munge.key ]; then
+    if [ $(/usr/bin/stat -c %U:%G:%a ${tmpdir}/munge.key) != \
+    %munge_u:%munge_g:600 ]; then
+	tmpfile=${tmpdir}/munge.key
+    fi
+else
+    /usr/bin/rm -f ${tmpdir}/munge.key
+    tmpfile=${tmpdir}/munge.key
+    /usr/sbin/mungekey -c -b 8192 -k $tmpfile
+fi
+if [ -n "$tmpfile" ]; then
+    /bin/chmod 0600 $tmpfile
+    /bin/chown -h %munge_u:%munge_g $tmpfile
+    /bin/mv -f $tmpfile %{_sysconfdir}/munge/munge.key
+fi
+/usr/bin/rm -rf ${tmpdir}
+%if 0%{?have_systemd}
+%service_add_post munge.service
+%{fillup_only}
+%else
+%{fillup_and_insserv -i munge}
+%endif
+
+%files
+%doc AUTHORS
+%if 0%{?suse_version} < 1500
+%dir %{_datarootdir}/licenses
+%endif
+%license COPYING
+%doc DISCLAIMER*
+%doc HISTORY
+%doc JARGON
+%doc NEWS
+%doc PLATFORMS
+%doc QUICKSTART
+%doc README
+%doc README.SUSE
+%doc doc/*
+%dir %attr(0700,%munge_u,%munge_g) %{_sysconfdir}/munge
+%attr(0600,%munge_u,%munge_g) %config(noreplace) %ghost %{_sysconfdir}/munge/munge.key
+%config(noreplace) %{_sysconfdir}/logrotate.d/munge
+# bsc#1173167
+#%%config(noreplace) %%ghost %%{_sysconfdir}/sysconfig/munge
+%{_fillupdir}/sysconfig.munge
+%dir %attr(0711,%munge_u,%munge_g) %{_localstatedir}/lib/munge
+%attr(0600,%munge_u,%munge_g) %ghost %{_localstatedir}/lib/munge/munged.seed
+%dir %attr(0700,%munge_u,%munge_g) %{_localstatedir}/log/munge
+%attr(0640,%munge_u,%munge_g) %ghost %{_localstatedir}/log/munge/munged.log
+%{_bindir}/*
+%{_sbindir}/*
+%{_mandir}/*[^3]/*
+%if 0%{?have_systemd}
+%dir %attr(0755,%munge_u,%munge_g) %ghost %{munge_run}
+%{_unitdir}/munge.service
+%{_tmpfilesdir}/munge.conf
+%else
+%dir %attr(0755,%munge_u,%munge_g) %{munge_run}
+%{_initddir}/munge
+%endif
+%dir %attr(0755,munge,munge) %ghost %{munge_run}/munged.pid
+%{?have_sysuser:%{_sysusersdir}/system-user-%{name}.conf}
+
+%files devel
+%{_includedir}/*
+%{_mandir}/*3/*
+%{_libdir}/*.so
+%{_libdir}/pkgconfig/*.pc
+
+%files -n lib%{name}%{lversion}
+%{_libdir}/*.so.*
+
+%changelog

sysconfig.munge

@@ -0,0 +1,27 @@
+###############################################################################
+# MUNGE system configuration
+###############################################################################
+
+##
+# Pass additional command-line options to the daemon.
+##
+# DAEMON_ARGS="--key-file /etc/munge/munge.key --num-threads 1"
+DAEMON_ARGS=""
+
+##
+# Adjust the scheduling priority of the daemon.
+##
+# NICE=
+NICE=""
+
+##
+# Execute the daemon under another username.
+##
+# USER="munge"
+USER="daemon"
+
+##
+# Execute the daemon under another groupname.
+##
+# GROUP="munge"
+GROUP="munge"