Accepting request 573238 from home:jengelh:branches:security:Stunnel

- Do not ignore errors from useradd. Ensure nogroup exists beforehand. - Replace old $RPM_ variables. Combine two nested ifs. OBS-URL: https://build.opensuse.org/request/show/573238 OBS-URL: https://build.opensuse.org/package/show/security:Stunnel/stunnel?expand=0&rev=99
2018-02-06 09:19:14 +00:00 · 2018-02-06 09:19:14 +00:00 · a869942b32
commit a869942b32
parent a81d572e7c
2 changed files with 16 additions and 8 deletions
--- a/stunnel.changes
+++ b/stunnel.changes
@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Thu Feb  1 23:07:21 UTC 2018 - jengelh@inai.de
+
+- Do not ignore errors from useradd. Ensure nogroup exists
+  beforehand.
+- Replace old $RPM_ variables. Combine two nested ifs.
+
 -------------------------------------------------------------------
 Wed Jan 24 00:16:02 UTC 2018 - avindra@opensuse.org

--- a/stunnel.spec
+++ b/stunnel.spec
@ -53,6 +53,9 @@ PreReq:         %fillup_prereq
 PreReq:         %{_sbindir}/useradd
 PreReq:         fileutils
 PreReq:         textutils
+%if 0%{?suse_version} >= 1500
+Requires(pre):  group(nogroup)
+%endif

 %description
 The stunnel program is designed to work as an SSL encryption wrapper
@ -77,8 +80,8 @@ This package contains additional documentation for the stunnel program.
 %prep
 %setup -q -n stunnel-%{version}
 %patch0 -p1
-chmod -x $RPM_BUILD_DIR/stunnel-%{version}/tools/ca.*
-chmod -x $RPM_BUILD_DIR/stunnel-%{version}/tools/importCA.*
+chmod -x %{_builddir}/stunnel-%{version}/tools/ca.*
+chmod -x %{_builddir}/stunnel-%{version}/tools/importCA.*

 %build
 sed -i 's/-m 1770 -g nogroup//g' tools/Makefile.in
@ -101,11 +104,11 @@ cp -p %{SOURCE2} README.%{VENDOR}
 mkdir -p %{buildroot}%{_fillupdir}
 cp -p %{SOURCE3} %{buildroot}%{_fillupdir}/
 %if 0%{?has_systemd}
-install -D -m 0644 $RPM_SOURCE_DIR/stunnel.service %{buildroot}/%{_unitdir}/stunnel.service
+install -D -m 0644 %{_sourcedir}/stunnel.service %{buildroot}/%{_unitdir}/stunnel.service
 ln -s service %{buildroot}%{_sbindir}/rcstunnel
 %else
 mkdir -p %{buildroot}%{_initddir}/
-install -m 744 $RPM_SOURCE_DIR/stunnel.rc %{buildroot}%{_initddir}/stunnel
+install -m 744 %{_sourcedir}/stunnel.rc %{buildroot}/%{_initddir}/stunnel
 ln -s ../..%{_initddir}/stunnel %{buildroot}%{_sbindir}/rcstunnel
 %endif
 mv %{buildroot}/%{_sysconfdir}/stunnel/stunnel.conf-sample tools/stunnel.conf-sample
@ -120,7 +123,7 @@ mkdir -p %{buildroot}%{_localstatedir}/lib/stunnel/{bin,etc,dev,%{_lib},sbin,var
 %pre
 if ! %{_bindir}/getent passwd stunnel >/dev/null; then
   %{_sbindir}/useradd -r -c "Daemon user for stunnel (universal SSL tunnel)" -g nogroup -s /bin/false \
-   -d %{_localstatedir}/lib/stunnel stunnel || :
+   -d %{_localstatedir}/lib/stunnel stunnel
 fi

 %if 0%{?has_systemd}
@ -139,11 +142,9 @@ if ! test -s etc/stunnel/stunnel.conf; then
        echo copying default config file to %{_sysconfdir}/stunnel/stunnel.conf
 fi
 # first installation?
-if [ ${FIRST_ARG:-0} = 1 ]; then
-if ! test -f etc/stunnel/stunnel.pem; then
+if [ ${FIRST_ARG:-0} = 1 ] && [ ! -f etc/stunnel/stunnel.pem ]; then
        cat usr/share/doc/packages/stunnel/README.%{VENDOR}
 fi
-fi

 %preun
 %if 0%{?has_systemd}