%define _hardened_build 1 %global _compldir %{_datadir}/bash-completion/completions %global project_name bitcoin %bcond_with extended_tests Name: bitcoin-core Version: 28.0 Release: 1%{?dist} Summary: Peer to Peer Cryptographic Currency License: MIT URL: https://bitcoincore.org/ # In .gitignore, so no chance to commit to SCM: Source0: https://bitcoincore.org/bin/bitcoin-core-%{version}/%{project_name}-%{version}.tar.gz Source1: https://bitcoincore.org/bin/bitcoin-core-%{version}/SHA256SUMS.asc Source2: https://bitcoincore.org/bin/bitcoin-core-%{version}/SHA256SUMS # Key verificaton process - Make official verify method work offline # - Keys listed to sign the release are listed in SHA256SUMS.asc. # - Keys can be hosted on different key servers. # - Keys used to sign the release might have been revoked or removed. # - Three or more keys is enough to validate the release, but there is no preferred key. # - Verification needs to happen offline. # - We don't want to touch the original SHA256SUM.asc file. Source3: %{project_name}-gpg.sh Source4: %{project_name}-offline-pubring.gpg Source5: %{project_name}-tmpfiles.conf Source6: %{project_name}.sysconfig Source7: %{project_name}.service.system Source8: %{project_name}.service.user Source9: %{project_name}-qt.protocol Source10: %{project_name}-qt.desktop # Documentation Source11: %{project_name}.conf.example Source12: README.gui.redhat Source13: README.utils.redhat Source14: README.server.redhat # Berkeley DB non-strong cryptography variant (NC) Source15: https://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz Source16: db-4.8.30.NC-format-security.patch Source17: db-4.8.30.NC-configure-c99.patch # AppStream metadata Source18: %{project_name}-qt.metainfo.xml # Patch verify script to use local keyring Patch0: %{project_name}-verify-offline.patch BuildRequires: autoconf BuildRequires: automake BuildRequires: boost-devel >= 1.64.0 BuildRequires: checkpolicy BuildRequires: desktop-file-utils BuildRequires: gnupg2 BuildRequires: libappstream-glib BuildRequires: libnatpmp-devel BuildRequires: libtool BuildRequires: miniupnpc-devel BuildRequires: procps-ng %if 0%{?rhel} == 8 BuildRequires: python3.11 %else BuildRequires: python3 %endif BuildRequires: pkgconfig(libevent) >= 2.1.8 BuildRequires: pkgconfig(libevent_pthreads) >= 2.1.8 BuildRequires: pkgconfig(libqrencode) BuildRequires: pkgconfig(libzmq) >= 4 BuildRequires: pkgconfig(sqlite3) >= 3.7.17 BuildRequires: qt5-linguist BuildRequires: qt5-qtbase-devel BuildRequires: systemd %description Bitcoin is a digital cryptographic currency that uses peer-to-peer technology to operate with no central authority or banks; managing transactions and the issuing of bitcoins is carried out collectively by the network. %package desktop Summary: Peer to Peer Cryptographic Currency Conflicts: bitcoin Provides: bundled(leveldb) = 1.22.0 Provides: bundled(libdb) = 4.8.30.NC Provides: bundled(secp256k1) = 0.1 Provides: bundled(univalue) = 1.1.3 %description desktop Bitcoin is a digital cryptographic currency that uses peer-to-peer technology to operate with no central authority or banks; managing transactions and the issuing of bitcoins is carried out collectively by the network. This package contains the Qt based graphical client and node. If you are looking to run a Bitcoin wallet, this is probably the package you want. %package devel Summary: Peer-to-peer digital currency Conflicts: bitcoin-devel Requires: %{name}-libs%{?_isa} = %{version}-%{release} %description devel This package contains the bitcoin utility tool. Most people do not need this package installed. %package utils Summary: Peer-to-peer digital currency Conflicts: bitcoin-utils %description utils Bitcoin is an experimental new digital currency that enables instant payments to anyone, anywhere in the world. Bitcoin uses peer-to-peer technology to operate with no central authority: managing transactions and issuing money are carried out collectively by the network. This package provides bitcoin-cli, a utility to communicate with and control a Bitcoin server via its RPC protocol, and bitcoin-tx, a utility to create custom Bitcoin transactions. %package server Summary: Peer-to-peer digital currency Conflicts: bitcoin-server Requires(pre): shadow-utils Requires: (%{name}-selinux if selinux-policy) Provides: bundled(leveldb) = 1.22.0 Provides: bundled(libdb) = 4.8.30.NC Provides: bundled(secp256k1) = 0.1 Provides: bundled(univalue) = 1.1.3 %description server This package provides a stand-alone bitcoin-core daemon. For most users, this package is only needed if they need a full-node without the graphical client. Some third party wallet software will want this package to provide the actual bitcoin-core node they use to connect to the network. If you use the graphical bitcoin-core client then you almost certainly do not need this package. %prep %autosetup -p1 -n %{project_name}-%{version} # Bundled script to verify release signatures using offline pubring: cp %{SOURCE4} . contrib/verify-binaries/verify.py --min-good-sigs 3 bin %{SOURCE2} %{SOURCE0} # Check the hash of the tarball, not in the same folder where we are now: grep -q $(sha256sum %{SOURCE0}) %{SOURCE2} # No publicly available hash file, check it against what bitcoin-core expects: export BDB_HASH=$(grep sha256_hash depends/packages/bdb.mk | sed -e "s/.*=//g") echo $BDB_HASH %{SOURCE15} | sha256sum -c # Berkeley DB: mkdir db4 tar --strip-components=1 -xzf %{SOURCE15} -C db4 patch -d db4 -p1 -i ../depends/patches/bdb/clang_cxx_11.patch patch -d db4 -p1 -i %{SOURCE16} patch -d db4 -p1 -i %{SOURCE17} # Avoid any modification timestamp based regeneration of the configure # script due to patching above: touch -r db4/dist/configure db4/dist/configure.ac db4/dist/aclocal/*.m4 # Documentation (sources can not be directly reference with doc) cp -p %{SOURCE11} %{SOURCE12} %{SOURCE13} %{SOURCE14} . %build # Build static Berkeley DB reusing all compiler flags / hardening: pushd db4/build_unix %define _configure ../dist/configure %configure \ --disable-shared \ --enable-cxx \ --disable-replication %undefine _configure %make_build make install DESTDIR=%{_builddir}/%{buildsubdir}/db4 popd export BDB_CFLAGS="-I%{_builddir}/%{buildsubdir}/db4%{_includedir}/" export BDB_LIBS="-L%{_builddir}/%{buildsubdir}/db4%{_libdir}/ -ldb_cxx-4.8" autoreconf -vif %configure \ --disable-bench \ --disable-silent-rules \ --disable-static \ --enable-reduce-exports \ --enable-threadlocal \ --with-daemon \ --with-gui=qt5 \ --with-libs \ --with-miniupnpc \ --with-qrencode \ --with-qtdbus \ --with-utils %make_build %install %make_install find %{buildroot} -name "*.la" -delete # TODO: Upstream puts bitcoind in the wrong directory. Need to fix the # upstream Makefiles to install it in the correct place. mkdir -p -m 755 %{buildroot}%{_sbindir} mv %{buildroot}%{_bindir}/bitcoind %{buildroot}%{_sbindir}/bitcoind # Temporary files mkdir -p %{buildroot}%{_tmpfilesdir} install -m 0644 %{SOURCE5} %{buildroot}%{_tmpfilesdir}/%{project_name}.conf # Install ancillary files install -D -m600 -p %{SOURCE6} %{buildroot}%{_sysconfdir}/sysconfig/%{project_name} install -D -m644 -p %{SOURCE7} %{buildroot}%{_unitdir}/%{project_name}.service install -D -m644 -p %{SOURCE8} %{buildroot}%{_userunitdir}/%{project_name}.service install -D -m644 -p %{SOURCE9} %{buildroot}%{_datadir}/kde4/services/%{project_name}-qt.protocol install -d -m750 -p %{buildroot}%{_sharedstatedir}/%{project_name} install -d -m750 -p %{buildroot}%{_sysconfdir}/%{project_name} # Desktop file desktop-file-install --dir=%{buildroot}%{_datadir}/applications %{SOURCE10} # Icons for size in 16 32 64 128 256; do install -p -D -m 644 share/pixmaps/%{project_name}${size}.png \ %{buildroot}%{_datadir}/icons/hicolor/${size}x${size}/apps/%{project_name}.png done rm -f %{buildroot}%{_datadir}/pixmaps/%{project_name}* # Bash completion install -D -m644 -p contrib/completions/bash/%{project_name}-cli.bash %{buildroot}%{_compldir}/%{project_name}-cli install -D -m644 -p contrib/completions/bash/%{project_name}-tx.bash %{buildroot}%{_compldir}/%{project_name}-tx install -D -m644 -p contrib/completions/bash/%{project_name}d.bash %{buildroot}%{_compldir}/%{project_name}d # Server log directory mkdir -p %{buildroot}%{_localstatedir}/log/%{project_name}/ # AppStream metadata install -p -m 644 -D %{SOURCE18} %{buildroot}%{_metainfodir}/%{project_name}-qt.metainfo.xml # Remove test files so that they aren't shipped. Tests have already been run. rm -f %{buildroot}%{_bindir}/test_* %check desktop-file-validate %{buildroot}%{_datadir}/applications/%{project_name}-qt.desktop appstream-util validate-relax --nonet %{buildroot}%{_metainfodir}/%{project_name}-qt.metainfo.xml make check %if %{with extended_tests} test/functional/test_runner.py --tmpdirprefix `pwd` --extended %endif %pre server getent group %{project_name} >/dev/null || groupadd -r %{project_name} getent passwd %{project_name} >/dev/null || useradd -r -g %{project_name} -d /var/lib/%{project_name} -s /sbin/nologin \ -c "Bitcoin wallet server" %{project_name} exit 0 %post server %systemd_post %{project_name}.service %preun server %systemd_preun %{project_name}.service %postun server %systemd_postun_with_restart %{project_name}.service %files desktop %license COPYING %doc %{project_name}.conf.example README.gui.redhat README.md SECURITY.md %doc doc/assets-attribution.md doc/bips.md doc/files.md doc/reduce-traffic.md doc/release-notes.md doc/tor.md %{_bindir}/%{project_name}-qt %{_datadir}/applications/%{project_name}-qt.desktop %{_datadir}/kde4/services/%{project_name}-qt.protocol %{_datadir}/icons/hicolor/*/apps/%{project_name}.png %{_mandir}/man1/%{project_name}-qt.1* %{_metainfodir}/%{project_name}-qt.metainfo.xml %files devel %doc doc/developer-notes.md %{_bindir}/%{project_name}-util %{_mandir}/man1/%{project_name}-util.1* %files utils %license COPYING %doc %{project_name}.conf.example README.utils.redhat SECURITY.md %doc doc/README.md %{_bindir}/%{project_name}-cli %{_bindir}/%{project_name}-tx %{_bindir}/%{project_name}-wallet %{_compldir}/%{project_name}-cli %{_compldir}/%{project_name}-tx %{_mandir}/man1/%{project_name}-cli.1* %{_mandir}/man1/%{project_name}-tx.1* %{_mandir}/man1/%{project_name}-wallet.1* %files server %license COPYING %doc %{project_name}.conf.example README.server.redhat SECURITY.md %doc doc/README.md doc/REST-interface.md doc/bips.md doc/dnsseed-policy.md doc/files.md doc/reduce-traffic.md doc/release-notes.md doc/tor.md doc/zmq.md %dir %attr(750,%{project_name},%{project_name}) %{_sharedstatedir}/%{project_name} %dir %attr(750,%{project_name},%{project_name}) %{_sysconfdir}/%{project_name} %dir %attr(750,%{project_name},%{project_name}) %{_localstatedir}/log/%{project_name} %ghost %{_localstatedir}/log/%{project_name}/debug.log %ghost %dir %{_rundir}/%{project_name}/ %ghost %{_rundir}/%{project_name}.pid %config(noreplace) %attr(644,root,root) %{_sysconfdir}/sysconfig/%{project_name} %{_compldir}/%{project_name}d %{_mandir}/man1/%{project_name}d.1* %{_sbindir}/%{project_name}d %{_tmpfilesdir}/%{project_name}.conf %{_unitdir}/%{project_name}.service %{_userunitdir}/%{project_name}.service %changelog * Tue Oct 08 2024 Simone Caronni - 28.0-1 - Update to 28.0. * Wed Jul 17 2024 Fedora Release Engineering - 27.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild * Sun Jun 23 2024 Simone Caronni - 27.1-1 - Update to 27.1. * Wed May 22 2024 Simone Caronni - 27.0-1 - Update to 27.0. * Wed Apr 24 2024 Simone Caronni - 26.1-1 - Update to 26.1. * Tue Jan 23 2024 Fedora Release Engineering - 26.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Fri Jan 19 2024 Fedora Release Engineering - 26.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Wed Dec 13 2023 Simone Caronni - 26.0-1 - Update to 26.0. * Fri Oct 20 2023 Simone Caronni - 25.1-1 - Update to 25.1. * Fri Aug 11 2023 Simone Caronni - 25.0-3 - Adjust verify script invocation. - Fix build on el8. - Drop unused build requirement. * Wed Jul 19 2023 Fedora Release Engineering - 25.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Tue May 30 2023 Simone Caronni - 25.0-1 - Update to 25.0. - Update verification of signatures to use the new bundled script. * Mon May 22 2023 Simone Caronni - 24.1-1 - Update to 24.1. * Fri Mar 17 2023 Arjun Shankar - 24.0.1-3 - Port bundled Berkeley DB 4.8 configure script to C99 (#2179373) * Fri Mar 17 2023 Arjun Shankar - Fix build failure due to GCC 13 compile error (#2171449) * Wed Jan 18 2023 Fedora Release Engineering - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Mon Dec 12 2022 Simone Caronni - 24.0.1-1 - Update to 24.0.1 * Mon Nov 21 2022 Simone Caronni - 24.0-1 - Update to 24.0. * Wed Jul 20 2022 Fedora Release Engineering - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Tue Apr 26 2022 Simone Caronni - 23.0-1 - Update to 23.0. * Thu Apr 07 2022 Simone Caronni - 22.0-7 - Add AppStream metadata. * Tue Apr 05 2022 Simone Caronni - 22.0-6 - Hide extended tests behind a flag. - Allow to run the full set of extended tests including network when requested, they run fine in mock with network enabled. * Sun Jan 23 2022 Simone Caronni - 22.0-5 - Update GPG verification script (thanks Björn Persson). * Sun Oct 03 2021 Simone Caronni - 22.0-4 - Switch to bundled statically linked Berkeley DB 4.8.30 (NC). * Sat Sep 25 2021 Simone Caronni - 22.0-3 - Remove obsolete scriptlets. - With RHEL/CentOS 7 no longer a target, improve systemd unit security. - Add systemd user unit to start bitcoind in your user session. - Move bitcoin-wallet to utils subpackage for offline wallet manipulation. - Update README files. * Sat Sep 25 2021 Simone Caronni - 22.0-2 - Prepare all keys with a script and verify all keys against the signature file. Add reasoning on the process in the SPEC file. * Wed Sep 22 2021 Simone Caronni - 22.0-1 - Update to 22.0, versioning convention change. - Implement signature verification with a public GPG keyring and at least one valid signature. - Also the relative selinux package has been renamed to bitcoin-core-selinux. - Add bitcoin-util to devel subpackage. - Update docs. - Add SQLite as dependency for descriptor wallets. - Drop RHEL/CentOS 7 support. * Tue Sep 21 2021 Simone Caronni - 0.21.1-2 - Rename package to bitcoin-core. - Conflicts with bitcoin. - Desktop subpackage renamed from "core" to "desktop". * Wed May 12 2021 Simone Caronni - 0.21.1-1 - Update to 0.21.1. * Wed Mar 10 2021 Simone Caronni - 0.21.0-4 - Fix build on RHEL/CentOS 8. - Adjust SELinux requirement for server subpackage. * Wed Mar 10 2021 Simone Caronni - 0.21.0-3 - Remove requirements for utils subpackage in server subpackage. - Separate SELinux package in its own subpackage and use RPM rich booleans on Fedora and RHEL/CentOS 8+ to install the SELinux package if the base policy is installed. - Update server README. * Wed Jan 20 2021 Simone Caronni - 0.21.0-2 - Update to 0.21.0. - Remove java build requirement. - Use local folder for test output. * Fri Jan 15 2021 Simone Caronni - 0.21.0-1 - Update to 0.21.0. * Thu Nov 19 2020 Simone Caronni - 0.20.1-2 - Remove openssl/protobuf from build requirements. * Wed Oct 21 2020 Simone Caronni - 0.20.1-1 - Update to 0.20.1. * Wed Jul 22 2020 Simone Caronni - 0.20.0-7 - Use libdb 5.x instead of deprecated 4.x. Fixes build on RHEL/CentOS 8. * Tue Jul 21 2020 Simone Caronni - 0.20.0-6 - Update systemd unit. - Update configuration options. - Declared bundled libraries/forks. * Tue Jul 21 2020 Simone Caronni - 0.20.0-5 - Use HTTPS for url tag. - Reorganize sources. Add cleaned files from the packaging repository directly; bash completion snippets are now supported in the main sources. - Move check section after install and include desktop file validating in there. * Sun Jul 19 2020 Simone Caronni - 0.20.0-4 - Fix tests on RHEL/CentOS 7. * Sat Jul 18 2020 Simone Caronni - 0.20.0-3 - Add signature verification. - Trim changelog. - Fix typo in the libs description. * Tue Jun 30 2020 Simone Caronni - 0.20.0-2 - Update Source0 URL. - Do not obsolete "bitcoin", just leave the provider for it. - Let the build install the man pages. - Make sure old post scriptlets run only on RHEL/CentOS 7. - Do not install static library and archive. - Be explicit with shared object versions. - Use macros for more directories. - Use GCC 9 and not 7 to build on RHEL/CentOS 7. * Fri Jun 26 2020 Simone Caronni - 0.20.0-1 - Update to 0.20.0. * Mon May 04 2020 Simone Caronni - 0.19.1-1 - Update to 0.19.1. - Fix deprecation message with Python tests. - Trim changelog. * Fri Feb 21 2020 Simone Caronni - 0.19.0.1-2 - Fix dependencies with Python SELinux interfaces. * Tue Nov 19 2019 Simone Caronni - 0.19.0.1-1 - Update to 0.19.0.1. * Sun Nov 17 2019 Simone Caronni - 0.19.0-1 - Update to 0.19.0. * Thu Sep 12 2019 Simone Caronni - 0.18.1-1 - Update to 0.18.1. * Tue May 07 2019 Simone Caronni - 0.18.0-2 - Update systemd unit. * Mon May 06 2019 Simone Caronni - 0.18.0-1 - Update to 0.18.0. - Force C.UTF-8 for tests on Fedora and disable EPEL 7 test run. * Thu Jan 24 2019 Simone Caronni - 0.17.1-1 - Update to 0.17.1.