# # spec file for package pam_pkcs11 (Version 0.6.0) # # Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # # norootforbuild Name: pam_pkcs11 Version: 0.6.0 Release: 140 Url: http://www.opensc-project.org/pam_pkcs11/ Group: Productivity/Security License: LGPL v2.1 or later Summary: PKCS #11 PAM Module Source: %{name}-%{version}.tar.bz2 Source1: pam_pkcs11-common-auth-smartcard.pam Source2: secutil.h Patch: %{name}-mapfile-syntax.patch Patch1: %{name}-0.5.3-nss-conf.patch Patch2: %{name}-0.6.0-ms-upn-oid.patch Patch3: %{name}-0.6.0-nss-autoconf.patch Patch4: %{name}-msnickname.patch Patch5: %{name}-implicit-declaration.patch Patch6: %{name}-uninitialized.patch BuildRequires: curl-devel libopenssl-devel libxslt mozilla-nss-devel openldap2-devel openssl-devel pam-devel pcsc-lite-devel pkg-config BuildRoot: %{_tmppath}/%{name}-%{version}-build %description This Linux PAM module allows X.509 a certificate-based user authentication. The certificate and its dedicated private key are thereby accessed by means of an appropriate PKCS #11 module. For the verification of the users' certificates, locally stored CA certificates as well as online or locally accessible CRLs are used. Additionally, the package includes pam_pkcs11-related tools: * pkcs11_eventmgr: Generates actions on card insert, removal, or time-out events * pklogin_finder: Gets the login name that maps to a certificate * pkcs11_inspect: Inspects the contents of a certificate * make_hash_links: Creates hash link directories for storing CAs and CRLs Authors: -------- Mario Strasser Juan Antonio Martinez Antti Tapaninen Timo Sirainen Ludovic Rousseau Andreas Jellinghaus Dominik Fischer Ville Skyttä %prep %setup -q %patch %patch1 -p1 %patch2 -p1 %patch3 -p1 %patch4 -p1 %patch5 %patch6 cp -a %{S:1} common-auth-smartcard cp -a %{S:2} src/common/ %build # LDAP_DEPRECATED required for for ldap_simple_bind_s(), ldap_search_s(), ldap_unbind_s() # -fno-strict-aliasing required for pam_pkcs11-0.6.0: export CFLAGS="$RPM_OPT_FLAGS -DLDAP_DEPRECATED -fno-strict-aliasing" export CPPFLAGS="`pkg-config --cflags xulrunner-xpcom | sed 's: *:/system_wrappers&:g'`" %configure\ --datadir=%{_docdir}\ --with-nss\ --with-curl make %{?jobs:-j%jobs} %install %makeinstall mkdir -p $RPM_BUILD_ROOT/%{_lib} mv $RPM_BUILD_ROOT%{_libdir}/security $RPM_BUILD_ROOT/%{_lib} rm $RPM_BUILD_ROOT%{_libdir}/pam_pkcs11/*.*a #$RPM_BUILD_ROOT/%{_lib}/security/*.*a # Hardcoded defaults... no sysconfdir install -dm 755 $RPM_BUILD_ROOT%{_sysconfdir}/pam_pkcs11/cacerts install -dm 755 $RPM_BUILD_ROOT%{_sysconfdir}/pam_pkcs11/crls cd etc for conf in *.conf.example ; do install -m 644 ${conf} $RPM_BUILD_ROOT%{_sysconfdir}/pam_pkcs11/${conf%.example} done cd .. mkdir -p $RPM_BUILD_ROOT%{_docdir}/%{name} cp -a AUTHORS COPYING ChangeLog ChangeLog.svn NEWS README TODO doc/pam_pkcs11.html doc/mappers_api.html doc/api doc/README.autologin doc/README.mappers $RPM_BUILD_ROOT%{_docdir}/%{name} mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/pam.d cp common-auth-smartcard $RPM_BUILD_ROOT%{_sysconfdir}/pam.d/ %find_lang %{name} %clean rm -rf $RPM_BUILD_ROOT %files -f %{name}.lang %defattr (-, root, root) %doc %{_docdir}/%{name} %{_bindir}/* %{_libdir}/pam_pkcs11 /%{_lib}/security/*.so %doc %{_mandir}/man?/*.* %dir %{_sysconfdir}/pam_pkcs11 %dir %{_sysconfdir}/pam_pkcs11/cacerts %dir %{_sysconfdir}/pam_pkcs11/crls %config(noreplace) %{_sysconfdir}/pam_pkcs11/*.conf %config(noreplace) %{_sysconfdir}/pam.d/common-auth-smartcard %changelog