Accepting request 266863 from server:proxy:Test

factory fixes

OBS-URL: https://build.opensuse.org/request/show/266863
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=63

squid-rpmlintrc

@@ -2,4 +2,4 @@ addFilter("no-manual-page-for-binary")
 addFilter("zero-length")
 addFilter("incorrect-fsf-address")
 # Temporary solution untill it is moved into factory
-setBadness('permissions-unauthorized-file', 333)
+#setBadness('permissions-unauthorized-file', 333)

squid.changes

@@ -1,9 +1,26 @@
+-------------------------------------------------------------------
+Tue Dec  9 12:42:48 UTC 2014 - boris@steki.net
+
+- remove setBadness in rpmlintrc as it should be already in Factory
+  permissions package handled 
+
+-------------------------------------------------------------------
+Mon Dec  8 15:28:42 UTC 2014 - meissner@suse.com
+
+- %verifyscript is its own section, move out of the %postun section
+
 -------------------------------------------------------------------
 Tue Dec  2 10:27:49 UTC 2014 - dimstar@opensuse.org
 
 - Use URLs to paths that the source validator actually understands
   and make this acceptable for Tumbleweed.
 
+-------------------------------------------------------------------
+Thu Nov 27 21:18:35 UTC 2014 - chris@computersalat.de
+
+- fix for boo#894636 (squid's logrotate snippet runs init script)
+  * modify squid.logrotate to work on both systemd and SysVinit
+
 -------------------------------------------------------------------
 Thu Nov 27 13:16:58 UTC 2014 - lmuelle@suse.com
 

squid.logrotate

@@ -1,4 +1,4 @@
-/var/log/squid/access.log /var/log/squid/store.log {
+/var/log/squid/access.log /var/log/squid/store.log /var/log/squid/cache.log {
     compress
     dateext
     maxage 365
@@ -9,20 +9,6 @@
     create 640 squid root
     sharedscripts
     postrotate
-     /usr/bin/systemctl reload squid.service
-    endscript
-}
-
-/var/log/squid/cache.log {
-    compress
-    dateext
-    maxage 365
-    rotate 99
-    size=+1024k
-    notifempty
-    missingok
-    create 640 squid root
-    postrotate
-     /usr/bin/systemctl reload squid.service
+     /usr/bin/systemctl -q is-active squid.service && /usr/sbin/squid -k rotate
     endscript
 }

squid.spec

@@ -35,12 +35,12 @@ Source4:        squid.sysconfig
 Source5:        pam.squid
 Source6:        unsquid.pl
 Source7:        %{name}.logrotate
-Source9:        %{name}.permissions.easy
+###Source9:       %%{name}.permissions.easy
 Source10:       README.kerberos
 Source11:       %{name}.service
 Source13:       %{name}.keyring
 Source14:       squid.init.rh
-Source15:       %{name}.permissions.paranoid
+###Source15:       %%{name}.permissions.paranoid
 
 #
 # the following patches are downloaded directly from the webserver
@@ -226,20 +226,22 @@ make install DESTDIR=%{buildroot} SAMBAPREFIX=/usr
 mv %{buildroot}{/etc/%{name}/,/usr/share/%{name}/}mime.conf.default
 ln -s /etc/%{name}/mime.conf %{buildroot}%{_datadir}/%{name} # backward compatible
 
-# install permissions files
-cp -a %{SOURCE9} %{name}.easy
-cp -a %{SOURCE9} %{name}.secure
-cp -a %{SOURCE15} %{name}.paranoid
-%if !0%{?has_systemd}
-sed -i -re '/capabilities/d;s@^(/usr/sbin/pinger.*)750@\12750@g' %{name}.easy
-sed -i -re '/capabilities/d;s@^(/usr/sbin/pinger.*)750@\12750@g' %{name}.secure
-sed -i -re '/capabilities/d;s@^(/usr/sbin/pinger.*)750@\1750@g' %{name}.paranoid
-%endif
+#### install permissions files
+###%%if 0%%{?suse_version} <= 1320
+###cp -a %%{SOURCE9} %%{name}.easy
+###cp -a %%{SOURCE9} %%{name}.secure
+###cp -a %%{SOURCE15} %%{name}.paranoid
+###%if !0%%{?has_systemd}
+###sed -i -re '/capabilities/d;s@^(/usr/sbin/pinger.*)750@\12750@g' %%{name}.easy
+###sed -i -re '/capabilities/d;s@^(/usr/sbin/pinger.*)750@\12750@g' %%{name}.secure
+###sed -i -re '/capabilities/d;s@^(/usr/sbin/pinger.*)750@\1750@g' %%{name}.paranoid
+###%%endif
 
-install -D -m 644 %{name}.easy %{buildroot}%{_sysconfdir}/permissions.d/%{name}.easy
-# pinger should be secure "enough" anyway paranoid will strip everything :)
-install -m 644 %{name}.secure %{buildroot}%{_sysconfdir}/permissions.d/%{name}.secure
-install -m 644 %{name}.paranoid %{buildroot}%{_sysconfdir}/permissions.d/%{name}.paranoid
+###install -D -m 644 %%{name}.easy %%{buildroot}%%{_sysconfdir}/permissions.d/%%{name}.easy
+#### pinger should be secure "enough" anyway paranoid will strip everything :)
+###install -m 644 %%{name}.secure %%{buildroot}%%{_sysconfdir}/permissions.d/%%{name}.secure
+###install -m 644 %%{name}.paranoid %%{buildroot}%%{_sysconfdir}/permissions.d/%%{name}.paranoid
+###%%endif
 
 # install logrotate file
 install -D -m 644 %{SOURCE7} %{buildroot}%{_sysconfdir}/logrotate.d/%{name}
@@ -363,7 +365,6 @@ fi
  %endif
 %endif
 
-%postun
 %if 0%{?suse_version}
 %verifyscript
 %verify_permissions -e /usr/sbin/basic_pam_auth
@@ -372,6 +373,7 @@ fi
 %verify_permissions -e /var/log/squid/
 %endif
 
+%postun
 %if 0%{?has_systemd}
 %service_del_postun squid.service
 %else
@@ -414,9 +416,11 @@ fi
 %config %{squidconfdir}/%{name}.conf.default
 %config %{squidconfdir}/%{name}.conf.documented
 %config %{_sysconfdir}/pam.d/%{name}
-%config %{_sysconfdir}/permissions.d/%{name}.easy
-%config %{_sysconfdir}/permissions.d/%{name}.secure
-%config %{_sysconfdir}/permissions.d/%{name}.paranoid
+###%%if 0%%{?suse_version} <= 1320
+###%%config %%{_sysconfdir}/permissions.d/%%{name}.easy
+###%%config %%{_sysconfdir}/permissions.d/%%{name}.secure
+###%%config %%{_sysconfdir}/permissions.d/%%{name}.paranoid
+###%%endif
 %dir %{_datadir}/%{name}
 %{_datadir}/%{name}/errors
 %{_datadir}/%{name}/icons
@@ -433,7 +437,7 @@ fi
 %{_sbindir}/basic_msnt_multi_domain_auth
 %{_sbindir}/basic_ncsa_auth
 %{_sbindir}/basic_nis_auth
-%verify(not user group mode) %attr(2750,root,shadow) %{_sbindir}/basic_pam_auth
+%verify(not mode) %attr(2750,root,shadow) %{_sbindir}/basic_pam_auth
 #{_sbindir}/basic_pam_auth
 %{_sbindir}/basic_pop3_auth
 %{_sbindir}/basic_radius_auth