%global selinux_variants mls targeted
%global modulename dist_git
%global installdir /var/lib/dist-git
Name: dist-git
Version: 1.8
Release: 1%{?dist}
Summary: Package source version control system
# upload.cgi uses GPLv1
License: MIT and GPLv1
URL: https://github.com/release-engineering/dist-git
# Source is created by
# git clone https://github.com/release-engineering/dist-git.git
# cd dist-git
# tito build --tgz
Source0: %{name}-%{version}.tar.gz
BuildArch: noarch
BuildRequires: systemd
Requires: httpd
Requires: perl(Sys::Syslog)
Requires: dist-git-selinux
Requires: git
Requires: git-daemon
Requires: mod_ssl
Requires: fedmsg
Requires: crudini
Requires: moreutils
Requires(pre): shadow-utils
%if 0%{?rhel} && 0%{?rhel} < 8
Requires: python-requests
Requires: python-configparser
Requires: python-grokmirror
%else
Requires: python2-requests
Requires: python2-configparser
Recommends: python3-grokmirror
%endif
%description
Dist Git is a remote Git repository specifically designed to hold RPM
package sources.
%package selinux
Summary: SELinux support for dist-git
BuildRequires: checkpolicy
BuildRequires: policycoreutils
BuildRequires: selinux-policy-devel
BuildRequires: hardlink
Requires: %name = %version-%release
%if "%{_selinux_policy_version}" != ""
Requires: selinux-policy >= %{_selinux_policy_version}
%endif
Requires(post): /usr/sbin/semodule, /sbin/restorecon
Requires(postun): /usr/sbin/semodule, /sbin/restorecon
%description selinux
Dist Git is a remote Git repository specifically designed to hold RPM
package sources.
This package includes SELinux support.
%prep
%setup -q
%build
# ------------------------------------------------------------------------------
# SELinux
# ------------------------------------------------------------------------------
cd selinux
for selinuxvariant in %{selinux_variants}
do
make NAME=${selinuxvariant} -f /usr/share/selinux/devel/Makefile
mv %{modulename}.pp %{modulename}.pp.${selinuxvariant}
make NAME=${selinuxvariant} -f /usr/share/selinux/devel/Makefile clean
done
cd -
%pre
# ------------------------------------------------------------------------------
# Users and Groups
# ------------------------------------------------------------------------------
getent group packager > /dev/null || \
groupadd -r packager
exit 0
%install
# ------------------------------------------------------------------------------
# /usr/share/ ........... scripts
# ------------------------------------------------------------------------------
install -d %{buildroot}%{_datadir}/dist-git/
cp -a scripts/dist-git/* %{buildroot}%{_datadir}/dist-git/
# ------------------------------------------------------------------------------
# /etc/ .......... config files
# ------------------------------------------------------------------------------
install -d %{buildroot}%{_sysconfdir}/dist-git
cp -a configs/dist-git/dist-git.conf %{buildroot}%{_sysconfdir}/dist-git/
install -d %{buildroot}%{_sysconfdir}/httpd/conf.d/dist-git
mkdir -p %{buildroot}%{_unitdir}
cp -a configs/httpd/dist-git.conf %{buildroot}%{_sysconfdir}/httpd/conf.d/
cp -a configs/httpd/dist-git/* %{buildroot}%{_sysconfdir}/httpd/conf.d/dist-git/
cp -a configs/systemd/* %{buildroot}%{_unitdir}/
# ------------------------------------------------------------------------------
# /var/lib/ ...... dynamic persistent files
# ------------------------------------------------------------------------------
install -d %{buildroot}%{installdir}
install -d %{buildroot}%{installdir}/git
install -d %{buildroot}%{installdir}/cache
install -d %{buildroot}%{installdir}/cache/lookaside
install -d %{buildroot}%{installdir}/cache/lookaside/pkgs
install -d %{buildroot}%{installdir}/web
cp -a scripts/httpd/upload.cgi %{buildroot}%{installdir}/web/
# ------------------------------------------------------------------------------
# SELinux
# ------------------------------------------------------------------------------
cd selinux
for selinuxvariant in %{selinux_variants}
do
install -d %{buildroot}%{_datadir}/selinux/${selinuxvariant}
install -p -m 644 %{modulename}.pp.${selinuxvariant} \
%{buildroot}%{_datadir}/selinux/${selinuxvariant}/%{modulename}.pp
done
cd -
/usr/sbin/hardlink -cv %{buildroot}%{_datadir}/selinux
%post selinux
for selinuxvariant in %{selinux_variants}
do
/usr/sbin/semodule -s ${selinuxvariant} -i \
%{_datadir}/selinux/${selinuxvariant}/%{modulename}.pp &> /dev/null || :
done
%{_sbindir}/restorecon -v %{installdir}/cache || :
%{_sbindir}/restorecon -v %{installdir}/cache/lookaside || :
%{_sbindir}/restorecon -v %{installdir}/cache/lookaside/pkgs || :
%{_sbindir}/restorecon -v %{installdir}/git || :
%{_sbindir}/restorecon -Rv %{installdir}/web/ || :
%systemd_post dist-git.socket
%preun
%systemd_preun dist-git.socket
%postun selinux
if [ $1 -eq 0 ] ; then
for selinuxvariant in %{selinux_variants}
do
/usr/sbin/semodule -s ${selinuxvariant} -r %{modulename} &> /dev/null || :
done
fi
%systemd_postun dist-git.socket
%files
# ------------------------------------------------------------------------------
# Docs
# ------------------------------------------------------------------------------
%license LICENSE
%doc README.md
# ------------------------------------------------------------------------------
# /etc/ .......... config files
# ------------------------------------------------------------------------------
%dir %{_sysconfdir}/dist-git
%config(noreplace) %{_sysconfdir}/dist-git/dist-git.conf
%dir %{_sysconfdir}/httpd/conf.d/dist-git
%config(noreplace) %{_sysconfdir}/httpd/conf.d/dist-git/*
%config(noreplace) %{_sysconfdir}/httpd/conf.d/dist-git.conf
%{_unitdir}/dist-git@.service
%{_unitdir}/dist-git.socket
# ------------------------------------------------------------------------------
# /var/lib/ ...... dynamic persistent files
# ------------------------------------------------------------------------------
# non-standard-dir-perm:
# - git repositories and their contents must have w permission for their creators
%dir %{installdir}
%attr (2775, -, packager) %{installdir}/git
%dir %{installdir}/web
%attr (755, apache, apache) %{installdir}/web/upload.cgi
%dir %{installdir}/cache
%dir %{installdir}/cache/lookaside
%attr (2775, apache, apache) %{installdir}/cache/lookaside/pkgs
# ------------------------------------------------------------------------------
# /usr/share ...... executable files
# ------------------------------------------------------------------------------
%dir %{_datadir}/dist-git
%attr (775, -, -) %{_datadir}/dist-git/*
%files selinux
%doc selinux/*
%{_datadir}/selinux/*/%{modulename}.pp
%changelog
* Mon Feb 26 2018 clime <clime@redhat.com> 1.7-1
- move 'fedmsgs', 'old_paths', 'nomd5' options to optional upload section
* Mon Feb 19 2018 clime <clime@redhat.com> 1.6-1
- add 'fedmsgs', 'old_paths', and 'default_namespace' config options
- remove domain_read_all_domains_state SELinux rule
- require dist-git-selinux
- give optional map permission to git_system_t on git_user_content_t
- update requires to work for all environments
- make the package completely distribution-agnostic
* Mon Dec 18 2017 clime <clime@redhat.com> 1.5-1
- make selinux policy build on f27+
- add optional map SELinux permission for httpd_t
* Tue Jul 25 2017 clime <clime@redhat.com> 1.4-1
- disable md5 uploading by default
* Mon Jun 26 2017 clime <clime@redhat.com> 1.3-1
- translate '/' to '-' in package name for mailinglist hook
(graybrandon@gmail.com)
* Fri May 26 2017 clime <clime@redhat.com> 1.2-1
- remove mail git hook
- grokmirror support
* Wed May 03 2017 clime <clime@redhat.com> 1.1-1
- fix default config value for email
- fix name/email switch
* Mon Apr 10 2017 clime <clime@redhat.com> 1.0-1
- big redo of the package
- gitolite dropped from the package (but can be installed additionally)
- pkgdb integration dropped
- upload.cgi updated from FedoraInfra state
- git repos are stored one level higher in fs hiearchy (default: /var/lib/dist-git/git/)
- dist-git.conf completely new
- updated setup_git_package, mkbranch, mkbranch_branching
- updated SELinux policy
- configurable paths to cache dir and git repos
* Wed Aug 05 2015 Adam Samalik <asamalik@redhat.com> 0.13-1
- optional cgit_pkg_list.sh parameter (asamalik@redhat.com)
- change mv to cp + rm (asamalik@redhat.com)
- update config to not be Fedora specific (asamalik@redhat.com)
- Change: lookaside dir perms + cgit_pkg_list.sh (asamalik@redhat.com)
* Mon Jul 20 2015 Adam Samalik <asamalik@redhat.com> 0.12-1
- config update (asamalik@redhat.com)
- Upload files to new and old paths + remove email (asamalik@redhat.com)
* Tue May 05 2015 Adam Samalik <asamalik@redhat.com> 0.11-1
- SELinux subpackage
* Mon Apr 27 2015 Adam Samalik <asamalik@redhat.com> 0.10-1
- perl require and files update (asamalik@redhat.com)
* Thu Apr 23 2015 Adam Samalik <asamalik@redhat.com> 0.9-1
- update hook update (asamalik@redhat.com)
* Thu Apr 23 2015 Adam Samalik <asamalik@redhat.com> 0.8-1
- review update (asamalik@redhat.com)
* Wed Apr 22 2015 Adam Samalik <asamalik@redhat.com> 0.7-1
- git hooks permissions (asamalik@redhat.com)
- noreplace configs (asamalik@redhat.com)
- fixes after rpmlint (asamalik@redhat.com)
* Wed Apr 22 2015 Adam Samalik <asamalik@redhat.com> 0.6-1
- license + description (asamalik@redhat.com)
- cron files fix (asamalik@redhat.com)
* Wed Apr 15 2015 Adam Samalik <asamalik@redhat.com> 0.5-1
- git hook: update-block-push-origin (asamalik@redhat.com)
- lookaside-upload config comments (asamalik@redhat.com)
- gen-acls user fix (asamalik@redhat.com)
- ssl httpd configs as examples (asamalik@redhat.com)
* Fri Apr 10 2015 Adam Samalik <asamalik@redhat.com> 0.4-1
- spec and config fix
- systemd services
* Tue Mar 31 2015 Adam Samalik <asamalik@redhat.com> 0.3-1
- alpha package (asamalik@redhat.com)
* Mon Mar 30 2015 Adam Samalik <asamalik@redhat.com> 0.2-1
- new package built with tito