forked from pool/cockpit

607 lines
16 KiB

# This file is maintained at the following location:
# If you are editing this file in another location, changes will likely
# be clobbered the next time an automated release is done.
# Check first
%if 0%{?suse_version}
%global tag 0.79
# Globals that may be defined elsewhere
# * gitcommit xxxx
# * selinux 1
# * tag 0.71
%define branding auto
%define rev 1
%if %{defined gitcommit}
%define extra_flags CFLAGS='-O2 -Wall -Werror -fPIC -g -DWITH_DEBUG'
%define branding default
#Defaults for our SELinux policy toggle
%if %{undefined selinux}
%if %{defined gitcommit}
%define selinux 1
%if 0%{?fedora} > 0 && 0%{?fedora} <= 21
%define selinux 1
%if 0%{?rhel}
%define selinux 1
%if 0%{?centos}
%define rhel 0
%define _hardened_build 1
%define libssh_version 0.7.1
%if 0%{?fedora} > 0 && 0%{?fedora} < 22
%define libssh_version 0.6.0
Name: cockpit
%if %{defined gitcommit}
Version: %{gitcommit}
Version: %{tag}
Release: %{rev}%{?dist}
Summary: A user interface for Linux servers
%if 0%{?suse_version}
License: LGPL-2.1+
License: LGPLv2+
%if %{defined gitcommit}
Source0: cockpit-%{version}.tar.gz
%if 0%{?suse_version}
Source1: cockpit-suse.pam
Source1: cockpit-fedora.pam
# openSUSE doesn't carry Fedora branding pixmaps
Patch1: branding-symlinks.patch
BuildRequires: pkgconfig(gio-unix-2.0)
BuildRequires: pkgconfig(json-glib-1.0)
BuildRequires: pkgconfig(polkit-agent-1) >= 0.105
BuildRequires: pam-devel
BuildRequires: autoconf automake
BuildRequires: intltool
BuildRequires: libssh-devel >= %{libssh_version}
BuildRequires: openssl-devel
BuildRequires: zlib-devel
BuildRequires: krb5-devel
BuildRequires: libxslt-devel
%if 0%{?suse_version}
BuildRequires: -post-build-checks
BuildRequires: -rpmlint-mini
BuildRequires: -rpmlint-Factory
%define extra_flags CFLAGS='$(RPM_OPT_FLAGS)'
BuildRequires: update-desktop-files
BuildRequires: docbook-xsl-stylesheets
BuildRequires: keyutils-devel
BuildRequires: dbus-1-devel
BuildRequires: libpcp-devel
BuildRequires: docbook-style-xsl
BuildRequires: keyutils-libs-devel
BuildRequires: pcp-libs-devel
BuildRequires: glib-networking
BuildRequires: sed
BuildRequires: glib2-devel >= 2.37.4
BuildRequires: systemd-devel
BuildRequires: gdb
BuildRequires: glib-networking
BuildRequires: systemd
BuildRequires: polkit
%if %{defined gitcommit}
BuildRequires: npm
BuildRequires: nodejs
# For kerberos tests
BuildRequires: krb5-server
# For selinux
%if 0%{?selinux}
BuildRequires: selinux-policy-devel
BuildRequires: checkpolicy
BuildRequires: selinux-policy-doc
BuildRequires: sed
# For documentation
BuildRequires: xmlto
Requires: %{name}-bridge = %{version}-%{release}
Requires: %{name}-networkmanager = %{version}-%{release}
Requires: %{name}-ws = %{version}-%{release}
Requires: %{name}-shell = %{version}-%{release}
Requires: %{name}-storaged = %{version}-%{release}
%ifarch x86_64 armv7hl
Requires: %{name}-docker = %{version}-%{release}
%if 0%{?rhel}
Requires: %{name}-subscriptions = %{version}-%{release}
Cockpit runs in a browser and can manage your network of GNU/Linux
%package bridge
Summary: Cockpit bridge server-side component
Provides: %{name}-daemon
Obsoletes: %{name}-daemon < 0.48-2
Requires: polkit
%description bridge
The Cockpit bridge component installed server side and runs commands on the
system on behalf of the web based user interface.
%package doc
Summary: Cockpit deployment and developer guide
%description doc
The Cockpit Deployment and Developer Guide shows sysadmins how to
deploy Cockpit on their machines as well as helps developers who want to
embed or extend Cockpit.
%package pcp
Summary: Cockpit PCP integration
Requires: %{name}-bridge = %{version}-%{release}
Requires: pcp
%description pcp
Cockpit support for reading PCP metrics and loading PCP archives.
%package ws
Summary: Cockpit Web Service
Requires: glib-networking
Requires: openssl
Requires: glib2 >= 2.37.4
%if 0%{?suse_version}
Requires: libssh4 >= %{libssh_version}
Requires: libssh >= %{libssh_version}
Requires(post): systemd
Requires(preun): systemd
Requires(postun): systemd
%description ws
The Cockpit Web Service listens on the network, and authenticates users.
%setup -q
%if 0%{?fedora} == 20
sed -i s/unconfined_service_t/unconfined_t/g src/ws/
%if 0%{?suse_version}
%patch1 -p1
%if %{defined gitcommit}
%configure --disable-static --disable-silent-rules --with-cockpit-user=cockpit-ws --with-branding=%{branding}
make -j %{?extra_flags} all
%if 0%{?selinux}
make selinux
# needs full network access, doesn't work in build service
%if 0%{?suse_version} == 0
make -j check
make install DESTDIR=%{buildroot}
%if %{defined gitcommit}
make install-test-assets DESTDIR=%{buildroot}
mkdir -p %{buildroot}/%{_datadir}/polkit-1/rules.d
cp src/bridge/polkit-workarounds.rules %{buildroot}/%{_datadir}/polkit-1/rules.d
rm -rf %{buildroot}/%{_datadir}/%{name}/playground
mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/pam.d
install -p -m 644 tools/cockpit.pam $RPM_BUILD_ROOT%{_sysconfdir}/pam.d/cockpit
rm -f %{buildroot}/%{_libdir}/cockpit/*.so
%if 0%{?suse_version}
install -d %{buildroot}%{_docdir}/%{name}
install -p -m 644 AUTHORS COPYING %{buildroot}%{_docdir}/%{name}/
%if 0%{?selinux}
install -d %{buildroot}%{_datadir}/selinux/targeted
install -p -m 644 cockpit.pp %{buildroot}%{_datadir}/selinux/targeted/
# Build the package lists for resource packages
echo '%dir %{_datadir}/%{name}/base1' > shell.list
find %{buildroot}%{_datadir}/%{name}/base1 -type f >> shell.list
echo '%dir %{_datadir}/%{name}/dashboard' >> shell.list
find %{buildroot}%{_datadir}/%{name}/dashboard -type f >> shell.list
echo '%dir %{_datadir}/%{name}/domain' >> shell.list
find %{buildroot}%{_datadir}/%{name}/domain -type f >> shell.list
echo '%dir %{_datadir}/%{name}/shell' >> shell.list
find %{buildroot}%{_datadir}/%{name}/shell -type f >> shell.list
echo '%dir %{_datadir}/%{name}/system' >> shell.list
find %{buildroot}%{_datadir}/%{name}/system -type f >> shell.list
echo '%dir %{_datadir}/%{name}/users' >> shell.list
find %{buildroot}%{_datadir}/%{name}/users -type f >> shell.list
echo '%dir %{_datadir}/%{name}/subscriptions' > subscriptions.list
find %{buildroot}%{_datadir}/%{name}/subscriptions -type f >> subscriptions.list
echo '%dir %{_datadir}/%{name}/storage' > storaged.list
find %{buildroot}%{_datadir}/%{name}/storage -type f >> storaged.list
echo '%dir %{_datadir}/%{name}/network' > networkmanager.list
find %{buildroot}%{_datadir}/%{name}/network -type f >> networkmanager.list
%ifarch x86_64 armv7hl
echo '%dir %{_datadir}/%{name}/docker' > docker.list
find %{buildroot}%{_datadir}/%{name}/docker -type f >> docker.list
rm -rf %{buildroot}/%{_datadir}/%{name}/docker
touch docker.list
%if 0%{?suse_version}
%suse_update_desktop_file -u -r -G 'Cockpit Server Manager' %{name} System Utility
mv %{buildroot}%{_datadir}/doc/%{name} %{buildroot}%{_docdir}/%{name}/html
ln -sf /sbin/service $RPM_BUILD_ROOT/usr/sbin/rc%{name}
# no firewalld on SUSE
rm -rf %{buildroot}%{_prefix}/lib/firewalld
# PAM security
install -d %{buildroot}/%{_lib}/security
mv %{buildroot}%{_libdir}/security/ %{buildroot}/%{_lib}/security
rm -rf %{_libdir}/security
%ifarch x86_64
echo '%dir %{_datadir}/%{name}/kubernetes' > kubernetes.list
find %{buildroot}%{_datadir}/%{name}/kubernetes -type f >> kubernetes.list
rm -rf %{buildroot}/%{_datadir}/%{name}/kubernetes
touch kubernetes.list
sed -i "s|%{buildroot}||" *.list
# Build the package lists for debug package, and move debug files to installed locations
find %{buildroot}/usr/src/debug%{_datadir}/%{name} -type f -o -type l > debug.list
sed -i "s|%{buildroot}/usr/src/debug||" debug.list
tar -C %{buildroot}/usr/src/debug -cf - . | tar -C %{buildroot} -xf -
rm -rf %{buildroot}/usr/src/debug
# On RHEL subscriptions, networkmanager, and docker are part of the shell package
%if 0%{?rhel}
cat subscriptions.list docker.list networkmanager.list >> shell.list
# Only strip out debug info in non wip builds
%if %{defined gitcommit}
%define find_debug_info %{nil}
%define find_debug_info %{_rpmconfigdir}/ %{?_missing_build_ids_terminate_build:--strict-build-id} %{?_include_minidebuginfo:-m} %{?_find_debuginfo_dwz_opts} %{?_find_debuginfo_opts} "%{_builddir}/%{?buildsubdir}"
# .css, .html, and .html are minified/gzipped but somehow the originals remain
%if 0%{?suse_version}
rm -rf %{buildroot}%{_datadir}/%{name}/*/*.{css,js,mustache}
rm -rf %{buildroot}%{_datadir}/%{name}/*/index.html
rm -rf %{buildroot}%{_datadir}/%{name}/*/console.html
rm -rf %{buildroot}%{_datadir}/%{name}/*/operation.html
rm -rf %{buildroot}%{_datadir}/%{name}/*/shell.html
rm -rf %{buildroot}%{_datadir}/%{name}/*/logs.html
rm -rf %{buildroot}%{_datadir}/%{name}/*/terminal.html
rm -rf %{buildroot}%{_datadir}/%{name}/*/services.html
rm -rf %{buildroot}%{_datadir}/%{name}/kubernetes/views/*body.html
rm -rf %{buildroot}%{_datadir}/%{name}/kubernetes/views/*bar.html
rm -rf %{buildroot}%{_datadir}/%{name}/kubernetes/views/*page.html
rm -rf %{buildroot}%{_datadir}/%{name}/kubernetes/views/*panel.html
# Redefine how debug info is built to slip in our extra debug files
%define __debug_install_post \
%{find_debug_info} \
cat debug.list >> %{_builddir}/%{?buildsubdir}/debugfiles.list \
%if 0%{?suse_version}
%dir %{_datadir}/%{name}
%files bridge
%if 0%{?suse_version}
%doc %{_mandir}/man1/cockpit-bridge.1.gz
%attr(4755, -, -) %{_libexecdir}/cockpit-polkit
%if 0%{?suse_version}
%files doc
%if 0%{?suse_version}
%exclude %{_docdir}/%{name}/AUTHORS
%exclude %{_docdir}/%{name}/COPYING
%exclude %{_docdir}/%{name}/
%files pcp
%post pcp
# HACK -
( cd %{_localstatedir}/lib/pcp/pmns && ./Rebuild -du )
# HACK -
# We can't use "systemctl reload-or-try-restart" since systemctl might
# be out of sync with reality.
/usr/share/pcp/lib/pmlogger reload
%files ws
%if 0%{?suse_version}
%doc %{_mandir}/man5/cockpit.conf.5.gz
%doc %{_mandir}/man8/cockpit-ws.8.gz
%doc %{_mandir}/man8/remotectl.8.gz
%doc %{_mandir}/man8/pam_ssh_add.8.gz
%config(noreplace) %{_sysconfdir}/%{name}
%config(noreplace) %{_sysconfdir}/pam.d/cockpit
%if !0%{?suse_version}
%attr(4750, root, cockpit-ws) %{_libexecdir}/cockpit-session
%if !0%{?suse_version}
%attr(775, -, wheel) %{_localstatedir}/lib/%{name}
%pre ws
%if 0%{?suse_version}
%service_add_pre %{name}.service %{name}.socket
getent group cockpit-ws >/dev/null || groupadd -r cockpit-ws
getent passwd cockpit-ws >/dev/null || useradd -r -g cockpit-ws -d / -s /sbin/nologin -c "User for cockpit-ws" cockpit-ws
%post ws
%if 0%{?suse_version}
%service_add_post %{name}.service %{name}.socket
%systemd_post cockpit.socket
# firewalld only partially picks up changes to its services files without this
test -f %{_bindir}/firewall-cmd && firewall-cmd --reload --quiet || true
%preun ws
%if 0%{?suse_version}
%service_del_preun %{name}.service %{name}.socket
%systemd_preun cockpit.socket
%postun ws
%if 0%{?suse_version}
%service_del_postun %{name}.service %{name}.socket
%systemd_postun_with_restart cockpit.socket
%package shell
Summary: Cockpit Shell user interface package
Requires: %{name}-bridge = %{version}-%{release}
%if 0%{?suse_version}
Requires: shadow
Requires: shadow-utils
Requires: grep
Requires: libpwquality
Requires: /usr/bin/date
%if 0%{?rhel}
Provides: %{name}-subscriptions = %{version}-%{release}
Requires: subscription-manager >= 1.13
Provides: %{name}-networkmanager = %{version}-%{release}
Requires: NetworkManager
%ifarch x86_64 armv7hl
Provides: %{name}-docker = %{version}-%{release}
Requires: docker >= 1.3.0
Provides: %{name}-assets
Obsoletes: %{name}-assets < 0.32
BuildArch: noarch
%description shell
This package contains the Cockpit shell UI assets.
%files shell -f shell.list
%if 0%{?suse_version}
%package storaged
Summary: Cockpit user interface for storage, using Storaged
Requires: storaged >= 2.1.1
Requires: storaged-lvm2 >= 2.1.1
%if 0%{?suse_version}
Requires: multipath-tools
Requires: device-mapper-multipath
BuildArch: noarch
%description storaged
The Cockpit component for managing storage. This package uses Storaged.
%files storaged -f storaged.list
# Conditionally built packages below
%if 0%{?rhel} == 0
%package subscriptions
Summary: Cockpit subscription user interface package
Requires: subscription-manager >= 1.13
BuildArch: noarch
%description subscriptions
This package contains the Cockpit user interface integration with local
subscription management.
%files subscriptions -f subscriptions.list
%package networkmanager
Summary: Cockpit user interface for networking, using NetworkManager
Requires: NetworkManager
BuildArch: noarch
%description networkmanager
The Cockpit component for managing networking. This package uses NetworkManager.
%files networkmanager -f networkmanager.list
%ifarch x86_64 armv7hl
%package docker
Summary: Cockpit user interface for Docker containers
Requires: docker >= 1.3.0
%description docker
The Cockpit components for interacting with Docker and user interface.
This package is not yet complete.
%files docker -f docker.list
%if 0%{?suse_version}
%ifarch x86_64
%package kubernetes
Summary: Cockpit user interface for Kubernetes cluster
Requires: /usr/bin/kubectl
%description kubernetes
The Cockpit components for visualizing and configuring a Kubernetes
cluster. Installed on the Kubernetes master. This package is not yet complete.
%files kubernetes -f kubernetes.list
%if %{defined gitcommit}
%package test-assets
Summary: Additional stuff for testing Cockpit
Requires: openssh-clients
%description test-assets
This package contains programs and other files for testing Cockpit, and
pulls in some necessary packages via dependencies.
%files test-assets
%if 0%{?suse_version}
%if 0%{?selinux}
%package selinux-policy
Summary: SELinux policy for Cockpit testing
Requires: %{name} = %{version}-%{release}
Requires: selinux-policy
Requires: selinux-policy-targeted
Requires(post): /usr/sbin/semodule, /sbin/restorecon, /sbin/fixfiles
Requires(postun): /usr/sbin/semodule, /sbin/restorecon, /sbin/fixfiles
BuildArch: noarch
%description selinux-policy
SELinux policy for Cockpit testing.
%files selinux-policy
%post selinux-policy
/usr/sbin/semodule -s targeted -i %{_datadir}/selinux/targeted/cockpit.pp
/sbin/fixfiles -R cockpit restore || :
/sbin/fixfiles -R cockpit-test-assets restore || :
/sbin/restorecon -R %{_localstatedir}/lib/%{name}
%postun selinux-policy
if [ $1 -eq 0 ] ; then
/usr/sbin/semodule -s targeted -r cockpit &> /dev/null || :
/sbin/fixfiles -R cockpit-selinux-policy restore || :
[ -d %{_localstatedir}/lib/%{name} ] && \
/sbin/restorecon -R %{_localstatedir}/lib/%{name} &> /dev/null || :
# Upstream changelog is empty