# Bundling request for bootstrap/patternfly: https://fedorahosted.org/fpc/ticket/483 Name: ipsilon Version: 2.1.0 Release: 5%{?builddate}%{?gittag}%{?dist} Summary: An Identity Provider Server Group: System Environment/Base License: GPLv3+ URL: https://pagure.io/ipsilon/ Source0: http://releases.pagure.org/ipsilon/ipsilon-%{version}.tar.gz Patch0: 0001-Fix-RHBZ-1391445.patch Patch1: 0001-Add-a-cico-template.patch Patch2: 0002-Remove-useless-super-delegations.patch Patch3: 0003-Make-PluginObject-init-match-all-its-child-inits.patch Patch4: 0004-Make-infosssd-save_plugin_config-match-parent.patch Patch5: 0005-Make-add_constraint-argument-names-consistent.patch Patch6: 0006-Rename-storeAssociation-argument-to-match-parent.patch Patch7: 0007-Tell-pylint-that-op-is-actually-callable.patch Patch8: 0008-Tell-pylint-that-getgrouplist-is-callable-if-it-exis.patch Patch9: 0009-Tell-pylint-that-we-can-actually-assign-in-a-dict.patch Patch10: 0010-Use-Fedora-27-s-pylint-in-containerlint.patch Patch11: 0011-Fixed-etcd-backend-and-formed.patch BuildArch: noarch BuildRequires: python-devel BuildRequires: python-setuptools BuildRequires: lasso-python BuildRequires: python-openid, python-openid-cla, python-openid-teams BuildRequires: m2crypto Requires: python-setuptools Requires: python-requests Requires: %{name}-base = %{version}-%{release} %description Ipsilon is a multi-protocol Identity Provider service. Its function is to bridge authentication providers and applications to achieve Single Sign On and Federation. %package base Summary: Ipsilon base IDP server Group: System Environment/Base License: GPLv3+ Requires: httpd Requires: mod_ssl Requires: %{name}-filesystem = %{version}-%{release} Requires: %{name}-provider = %{version}-%{release} Requires: mod_wsgi Requires: python-cherrypy Requires: python-jinja2 Requires: python-lxml Requires: python-sqlalchemy Requires: open-sans-fonts Requires: fontawesome-fonts Requires: pam Requires(pre): shadow-utils Requires(post): %_sbindir/semanage, %_sbindir/restorecon Requires(postun): %_sbindir/semanage %description base The Ipsilon IdP server without installer %package filesystem Summary: Package providing files required by Ipsilon Group: System Environment/Base License: GPLv3+ %description filesystem Package providing basic directory structure required for all Ipsilon parts %package client Summary: Tools for configuring Ipsilon clients Group: System Environment/Base License: GPLv3+ Requires: %{name}-filesystem = %{version}-%{release} Requires: %{name}-saml2-base = %{version}-%{release} Requires: mod_auth_mellon Requires: mod_auth_openidc Requires: mod_ssl Requires: python-requests BuildArch: noarch %description client Client install tools %package tools-ipa summary: IPA helpers Group: System Environment/Base License: GPLv3+ Requires: %{name}-authgssapi = %{version}-%{release} Requires: %{name}-authform = %{version}-%{release} Requires: %{name}-infosssd = %{version}-%{release} %if 0%{?rhel} Requires: ipa-client Requires: ipa-admintools %else Requires: freeipa-client Requires: freeipa-admintools %endif BuildArch: noarch %description tools-ipa Convenience client install tools for IPA support in the Ipsilon identity Provider %package saml2-base Summary: SAML2 base Group: System Environment/Base License: GPLv3+ Requires: lasso-python Requires: python-lxml BuildArch: noarch %description saml2-base Provides core SAML2 utilities %package saml2 Summary: SAML2 provider plugin Group: System Environment/Base License: GPLv3+ Provides: ipsilon-provider = %{version}-%{release} Requires: %{name}-base = %{version}-%{release} Requires: %{name}-saml2-base = %{version}-%{release} BuildArch: noarch %description saml2 Provides a SAML2 provider plugin for the Ipsilon identity Provider %package openid Summary: Openid provider plugin Group: System Environment/Base License: GPLv3+ Provides: ipsilon-provider = %{version}-%{release} Requires: %{name}-base = %{version}-%{release} Requires: python-openid Requires: python-openid-cla Requires: python-openid-teams BuildArch: noarch %description openid Provides an OpenId provider plugin for the Ipsilon identity Provider %package openidc Summary: OpenID Connect provider plugin Group: System Environment/Base License: GPLv3+ Provides: ipsilon-provider = %{version}-%{release} Requires: %{name} = %{version}-%{release} Requires: python-jwcrypto BuildArch: noarch %description openidc Provides an OpenID Connect and OAuth2 provider plugin for the Ipsilon identity Provider %package persona Summary: Persona provider plugin Group: System Environment/Base License: GPLv3+ Provides: ipsilon-provider = %{version}-%{release} Requires: %{name}-base = %{version}-%{release} Requires: m2crypto BuildArch: noarch %description persona Provides a Persona provider plugin for the Ipsilon identity Provider %package authfas Summary: Fedora Authentication System login plugin Group: System Environment/Base License: GPLv3+ Requires: %{name}-base = %{version}-%{release} Requires: %{name}-infofas = %{version}-%{release} Requires: python-fedora BuildArch: noarch %description authfas Provides a login plugin to authenticate against the Fedora Authentication System %package authform Summary: mod_intercept_form_submit login plugin Group: System Environment/Base License: GPLv3+ Requires: %{name}-base = %{version}-%{release} Requires: mod_intercept_form_submit BuildArch: noarch %description authform Provides a login plugin to authenticate with mod_intercept_form_submit %package authpam Summary: PAM based login plugin Group: System Environment/Base License: GPLv3+ Requires: %{name}-base = %{version}-%{release} Requires: python-pam BuildArch: noarch %description authpam Provides a login plugin to authenticate against the local PAM stack %package authgssapi Summary: mod_auth_gssapi based login plugin Group: System Environment/Base License: GPLv3+ Requires: %{name}-base = %{version}-%{release} Requires: mod_auth_gssapi BuildArch: noarch %description authgssapi Provides a login plugin to allow authentication via the mod_auth_gssapi Apache module. %package authldap Summary: LDAP info and login plugin Group: System Environment/Base License: GPLv3+ Requires: %{name}-base = %{version}-%{release} Requires: python-ldap BuildArch: noarch %description authldap Provides a login plugin to allow authentication and info retrieval via LDAP. %package infofas Summary: Fedora Authentication System login plugin Group: System Environment/Base License: GPLv3+ Requires: %{name}-base = %{version}-%{release} Requires: python-fedora BuildArch: noarch %description infofas Provides an info plugin to retrieve info from the Fedora Authentication System %package infosssd Summary: SSSD based identity plugin Group: System Environment/Base License: GPLv3+ Requires: %{name}-base = %{version}-%{release} Requires: libsss_simpleifp Requires: sssd >= 1.12.4 BuildArch: noarch %description infosssd Provides an info plugin to allow retrieval via SSSD. %prep %setup -q %patch0 -p1 %patch1 -p1 %patch2 -p1 %patch3 -p1 %patch4 -p1 %patch5 -p1 %patch6 -p1 %patch7 -p1 %patch8 -p1 %patch9 -p1 %patch11 -p1 %build CFLAGS="%{optflags}" %{__python} setup.py build %install %{__python} setup.py install --skip-build --root %{buildroot} mkdir -p %{buildroot}%{_sbindir} mkdir -p %{buildroot}%{_libexecdir} mkdir -p %{buildroot}%{_defaultdocdir} mkdir -p %{buildroot}%{_localstatedir}/cache/ipsilon # These 0700 permissions are because ipsilon will store private keys here install -d -m 0700 %{buildroot}%{_sharedstatedir}/ipsilon install -d -m 0700 %{buildroot}%{_sysconfdir}/ipsilon mv %{buildroot}/%{_bindir}/ipsilon %{buildroot}/%{_libexecdir} mv %{buildroot}/%{_bindir}/ipsilon-server-install %{buildroot}/%{_sbindir} mv %{buildroot}/%{_bindir}/ipsilon-upgrade-database %{buildroot}/%{_sbindir} mv %{buildroot}%{_defaultdocdir}/%{name} %{buildroot}%{_defaultdocdir}/%{name}-%{version} rm -fr %{buildroot}%{python2_sitelib}/tests ln -s %{_datadir}/fonts %{buildroot}%{_datadir}/ipsilon/ui/fonts mkdir -p %{buildroot}%{_sysconfdir}/pam.d cp %{buildroot}%{_datadir}/ipsilon/templates/install/pam/ipsilon.pamd %{buildroot}%{_sysconfdir}/pam.d/ipsilon #%check # The test suite is not being run because: # 1. The last step of %%install removes the entire test suite # 2. It increases build time a lot # 3. It adds more build dependencies (namely postgresql server and client libraries) %pre base getent group ipsilon >/dev/null || groupadd -r ipsilon getent passwd ipsilon >/dev/null || \ useradd -r -g ipsilon -d %{_sharedstatedir}/ipsilon -s /sbin/nologin \ -c "Ipsilon Server" ipsilon exit 0 %files filesystem %doc COPYING README.md %dir %{_datadir}/ipsilon %dir %{_datadir}/ipsilon/templates %dir %{_datadir}/ipsilon/templates/install %dir %{python2_sitelib}/ipsilon %{python2_sitelib}/ipsilon/__init__.py* %{python2_sitelib}/ipsilon-*.egg-info %dir %{python2_sitelib}/ipsilon/tools %{python2_sitelib}/ipsilon/tools/__init__.py* %{python2_sitelib}/ipsilon/tools/files.py* %files %{_sbindir}/ipsilon-server-install %{_bindir}/ipsilon-db2conf %{_datadir}/ipsilon/templates/install/*.conf %{_datadir}/ipsilon/ui/saml2sp %dir %{python2_sitelib}/ipsilon/helpers %{python2_sitelib}/ipsilon/helpers/common.py* %{python2_sitelib}/ipsilon/helpers/__init__.py* %doc %{_mandir}/man*/ipsilon-server-install.1* %files base %{_defaultdocdir}/%{name}-%{version} %{python2_sitelib}/ipsilon/admin %{python2_sitelib}/ipsilon/authz %{python2_sitelib}/ipsilon/rest %{python2_sitelib}/ipsilon/tools/dbupgrade.py* %dir %{python2_sitelib}/ipsilon/login %{python2_sitelib}/ipsilon/login/__init__* %{python2_sitelib}/ipsilon/login/common* %{python2_sitelib}/ipsilon/login/authtest* %dir %{python2_sitelib}/ipsilon/info %{python2_sitelib}/ipsilon/info/__init__* %{python2_sitelib}/ipsilon/info/common* %{python2_sitelib}/ipsilon/info/infonss* %dir %{python2_sitelib}/ipsilon/providers %{python2_sitelib}/ipsilon/providers/__init__* %{python2_sitelib}/ipsilon/providers/common* %{python2_sitelib}/ipsilon/root.py* %{python2_sitelib}/ipsilon/util %{python2_sitelib}/ipsilon/user %doc %{_mandir}/man*/ipsilon.7* %doc %{_mandir}/man*/ipsilon.conf.5* %{_datadir}/ipsilon/templates/*.html %{_datadir}/ipsilon/templates/admin %{_datadir}/ipsilon/templates/user %dir %{_datadir}/ipsilon/templates/login %{_datadir}/ipsilon/templates/login/index.html %{_datadir}/ipsilon/templates/login/form.html %dir %{_datadir}/ipsilon/ui %{_datadir}/ipsilon/ui/css %{_datadir}/ipsilon/ui/img %{_datadir}/ipsilon/ui/js %{_datadir}/ipsilon/ui/fonts %{_datadir}/ipsilon/ui/fonts-local %{_libexecdir}/ipsilon %{_sbindir}/ipsilon-upgrade-database %dir %attr(0751,root,root) %{_sharedstatedir}/ipsilon %dir %attr(0751,root,root) %{_sysconfdir}/ipsilon %dir %attr(0750,ipsilon,apache) %{_localstatedir}/cache/ipsilon %{_sysconfdir}/pam.d/ipsilon %files client %{_bindir}/ipsilon-client-install %{_datadir}/ipsilon/templates/install/saml2 %{_datadir}/ipsilon/templates/install/openidc %doc %{_mandir}/man*/ipsilon-client-install.1* %files tools-ipa %{python2_sitelib}/ipsilon/helpers/ipa.py* %files saml2-base %{python2_sitelib}/ipsilon/tools/saml2metadata.py* %{python2_sitelib}/ipsilon/tools/certs.py* %files saml2 %{python2_sitelib}/ipsilon/providers/saml2* %{_datadir}/ipsilon/templates/saml2 %files openid %{python2_sitelib}/ipsilon/providers/openidp.py* %{python2_sitelib}/ipsilon/providers/openid/ %{_datadir}/ipsilon/templates/openid %files openidc %{python2_sitelib}/ipsilon/providers/openidcp.py* %{python2_sitelib}/ipsilon/providers/openidc/ %{_datadir}/ipsilon/templates/openidc %files persona %{python2_sitelib}/ipsilon/providers/persona* %{_datadir}/ipsilon/templates/persona %files authfas %{python2_sitelib}/ipsilon/login/authfas* %files authform %{python2_sitelib}/ipsilon/login/authform* %files authpam %{python2_sitelib}/ipsilon/login/authpam* %{_datadir}/ipsilon/templates/install/pam %files authgssapi %{python2_sitelib}/ipsilon/login/authgssapi* %{_datadir}/ipsilon/templates/login/gssapi.html %files authldap %{python2_sitelib}/ipsilon/login/authldap* %{python2_sitelib}/ipsilon/info/infoldap* %files infosssd %{python2_sitelib}/ipsilon/info/infosssd.* %files infofas %{python2_sitelib}/ipsilon/info/infofas.* %changelog * Wed Feb 07 2018 Fedora Release Engineering - 2.1.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Tue Jan 09 2018 Iryna Shcherbina - 2.1.0-2 - Update Python 2 dependency declarations to new packaging standards (See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3) * Wed Nov 15 2017 Patrick Uiterwijk - 2.1.0-1 - Rebase to 2.1.0 * Wed Jul 26 2017 Fedora Release Engineering - 2.0.2-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild * Sat Mar 25 2017 Patrick Uiterwijk - 2.0.2-5 - Removed dependency on mod_lookup_identity * Tue Feb 14 2017 Patrick Uiterwijk - 2.0.2-4 - Added dependency on python-setuptools * Fri Feb 10 2017 Fedora Release Engineering - 2.0.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild * Sun Dec 04 2016 Patrick Uiterwijk - 2.0.2-2 - Add patch to fix RHBZ#1391445 * Thu Nov 24 2016 Patrick Uiterwijk - 2.0.2-1 - Upgrade to 2.0.2 * Mon Oct 31 2016 Patrick Uiterwijk - 2.0.1-1 - New release to enable authz allow on upgrade * Fri Oct 28 2016 Patrick Uiterwijk - 2.0.0-1 - Rebase to Ipsilon 2.0.0 * Wed Aug 31 2016 Patrick Uiterwijk - 1.2.0-7 - Backport ipsilon-upgrade-database fix for configfile * Wed Aug 10 2016 Patrick Uiterwijk - 1.2.0-6 - Move pam file to base package * Tue Jul 19 2016 Fedora Release Engineering - 1.2.0-5 - https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages * Tue May 10 2016 Patrick Uiterwijk - 1.2.0-4 - Backport unicode patches (RHBZ#1334637) * Tue May 10 2016 Patrick Uiterwijk - 1.2.0-3 - Move user creation to -base subpackage (RHBZ#1334583) * Tue May 03 2016 Patrick Uiterwijk - 1.2.0-2 - Install pam file * Mon May 02 2016 Patrick Uiterwijk - 1.2.0-1 - Rebase to upstream 1.2.0 * Thu Feb 04 2016 Fedora Release Engineering - 1.1.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild * Wed Oct 14 2015 Patrick Uiterwijk - 1.1.1-2 - Fix files and requires * Wed Oct 14 2015 Patrick Uiterwijk - 1.1.1-1 - Rebase to upstream 1.1.1 * Tue Sep 08 2015 Patrick Uiterwijk - 1.1.0-1 - Rebased to 1.1.0 release * Fri Aug 21 2015 Patrick Uiterwijk - 1.0.0-5 - Backported some patches - Fix for CVE-2015-5215/CVE-2015-5216/CVE-2015-5217 * Tue Aug 11 2015 Patrick Uiterwijk - 1.0.0-4 - Remove the gpg check * Mon Jun 22 2015 Patrick Uiterwijk - 1.0.0-3 - Add mod_ssl dependency on ipsilon-client * Wed Jun 17 2015 Fedora Release Engineering - 1.0.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild * Mon May 11 2015 Patrick Uiterwijk - 1.0.0-1 - Update to release 1.0.0 * Mon Apr 20 2015 Patrick Uiterwijk - 0.6.0-1 - Update to release 0.6.0 * Mon Mar 30 2015 Patrick Uiterwijk - 0.5.0-1 - Update to release 0.5.0 * Mon Mar 02 2015 Patrick Uiterwijk - 0.4.0-1 - Update to release 0.4.0 * Wed Jan 28 2015 Patrick Uiterwijk - 0.3.0-5 - Split IPA tools * Mon Jan 12 2015 Patrick Uiterwijk - 0.3.0-4 - Add symlink to fonts directory * Tue Dec 16 2014 Patrick Uiterwijk - 0.3.0-3 - Fix typo - Add comments on why the test suite is not in check - The subpackages require the base package - Add link to FPC ticket for bundling exception request * Tue Dec 16 2014 Patrick Uiterwijk - 0.3.0-2 - Fix shebang removal * Tue Dec 16 2014 Patrick Uiterwijk - 0.3.0-1 - Initial packaging