1 |
%define major 2 |
2 |
%define libname %mklibname varnish %{major} |
3 |
%define develname %mklibname varnish -d |
4 |
|
5 |
%define __brp_python_bytecompile %{nil} |
6 |
|
7 |
Summary: Varnish is a high-performance HTTP accelerator |
8 |
Name: varnish |
9 |
Version: 6.5.1 |
10 |
Release: %mkrel 5 |
11 |
License: BSD |
12 |
Group: System/Servers |
13 |
URL: https://www.varnish-cache.org/ |
14 |
Source0: https://varnish-cache.org/_downloads/%{name}-%{version}.tgz |
15 |
Source1: varnish.service |
16 |
Source3: varnishncsa.service |
17 |
Source4: varnishlog.service |
18 |
Source5: varnish.logrotate |
19 |
Source6: default.vcl |
20 |
|
21 |
# |
22 |
# Security patches |
23 |
# P100 -> ... |
24 |
# |
25 |
# CVE-2021-36740 |
26 |
Patch100: 82b0a629f60136e76112c6f2c6372cce77b683be.patch |
27 |
# CVE-2022-23959 |
28 |
Patch101: fceaefd4d59a3b5d5a4903a3f420e35eb430d0d4.patch |
29 |
# CVE-2022-39377 |
30 |
Patch102: 515a93df894430767073ccd8265497b6b25b54b5.patch |
31 |
|
32 |
BuildRequires: ncurses-devel |
33 |
BuildRequires: libxslt-proc |
34 |
BuildRequires: pcre-devel |
35 |
BuildRequires: groff |
36 |
BuildRequires: jemalloc-devel |
37 |
BuildRequires: python3dist(docutils) |
38 |
BuildRequires: python3dist(sphinx) |
39 |
BuildRequires: readline-devel |
40 |
# Varnish actually needs gcc installed to work. It uses the C compiler |
41 |
# at runtime to compile the VCL configuration files. This is by design. |
42 |
Requires: gcc |
43 |
Requires(post): systemd >= %{systemd_required_version} |
44 |
Requires(post): util-linux |
45 |
|
46 |
%description |
47 |
This is the Varnish high-performance HTTP accelerator. Documentation wiki and |
48 |
additional information about Varnish is available on the following web site: |
49 |
https://www.varnish-cache.org/ |
50 |
|
51 |
%package -n %{libname} |
52 |
Summary: Shared libraries for varnish |
53 |
Group: System/Libraries |
54 |
|
55 |
%description -n %{libname} |
56 |
Varnish is a high-performance HTTP accelerator. |
57 |
|
58 |
This package provides the shared libraries for varnish. |
59 |
|
60 |
%package -n %{develname} |
61 |
Summary: Development headers and libraries for varnish |
62 |
Group: Development/C |
63 |
Requires: %{libname} = %{version} |
64 |
Provides: %{name}-devel = %{version}-%{release} |
65 |
|
66 |
%description -n %{develname} |
67 |
Varnish is a high-performance HTTP accelerator. |
68 |
|
69 |
This package provides the development files for varnish. |
70 |
|
71 |
%prep |
72 |
%setup -q |
73 |
%autopatch -p1 |
74 |
|
75 |
# Hack to get 32- and 64-bits tests run concurrently on the same build machine |
76 |
case `uname -m` in |
77 |
ppc64 | s390x | x86_64 | sparc64 ) |
78 |
sed -i ' |
79 |
s,9001,9011,g; |
80 |
s,9080,9090,g; |
81 |
s,9081,9091,g; |
82 |
s,9082,9092,g; |
83 |
s,9180,9190,g; |
84 |
' bin/varnishtest/*.c bin/varnishtest/tests/*vtc |
85 |
;; |
86 |
*) |
87 |
;; |
88 |
esac |
89 |
|
90 |
mkdir examples |
91 |
cp etc/*.vcl examples |
92 |
|
93 |
mkdir -p Mageia |
94 |
cp %{SOURCE5} Mageia/varnish.logrotate |
95 |
cp %{SOURCE6} Mageia/default.vcl |
96 |
|
97 |
%build |
98 |
%configure \ |
99 |
--disable-static \ |
100 |
--localstatedir=%{_var}/lib |
101 |
|
102 |
# We have to remove rpath - not allowed in Fedora |
103 |
# (This problem only visible on 64 bit arches) |
104 |
sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g; |
105 |
s|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool |
106 |
|
107 |
%make_build |
108 |
|
109 |
%install |
110 |
|
111 |
%make_install INSTALL="install -p" |
112 |
|
113 |
install -d %{buildroot}%{_sysconfdir}/varnish |
114 |
install -d %{buildroot}%{_sysconfdir}/logrotate.d |
115 |
install -d %{buildroot}%{_var}/lib/varnish |
116 |
install -d %{buildroot}%{_var}/log/varnish |
117 |
|
118 |
mkdir -p %{buildroot}%{_unitdir} |
119 |
install -D -m 0644 %SOURCE1 %{buildroot}%{_unitdir}/varnish.service |
120 |
install -D -m 0644 %SOURCE3 %{buildroot}%{_unitdir}/varnishncsa.service |
121 |
install -D -m 0644 %SOURCE4 %{buildroot}%{_unitdir}/varnishlog.service |
122 |
install -m0644 Mageia/varnish.logrotate %{buildroot}%{_sysconfdir}/logrotate.d/varnish |
123 |
install -m0644 Mageia/default.vcl %{buildroot}%{_sysconfdir}/varnish/default.vcl |
124 |
|
125 |
rm -f %{buildroot}%{_datadir}/varnish/vcl/devicedetect.vcl |
126 |
|
127 |
# cleanup |
128 |
find %{buildroot} -name '*.la' -delete |
129 |
|
130 |
mkdir -p %{buildroot}%{_tmpfilesdir} |
131 |
cat <<EOF > %{buildroot}%{_tmpfilesdir}/%{name}.conf |
132 |
d /run/varnish 0755 varnish varnish |
133 |
EOF |
134 |
|
135 |
# Use the new ld.so.conf.d |
136 |
mkdir -p %{buildroot}%{_sysconfdir}/ld.so.conf.d |
137 |
pushd %{buildroot}%{_sysconfdir}/ld.so.conf.d |
138 |
echo "%{_libdir}/varnish" > %name.conf |
139 |
popd |
140 |
|
141 |
%pre |
142 |
getent group varnish >/dev/null || groupadd -r varnish |
143 |
getent passwd varnish >/dev/null || \ |
144 |
useradd -r -g varnish -d /var/lib/varnish -s /sbin/nologin \ |
145 |
-c "Varnish http accelerator user" varnish |
146 |
exit 0 |
147 |
|
148 |
%post |
149 |
if [ ! -f %{_sysconfdir}/%{name}/secret ]; then |
150 |
uuidgen > %{_sysconfdir}/%{name}/secret |
151 |
chown %{name}:adm %{_sysconfdir}/%{name}/secret |
152 |
chmod 0660 %{_sysconfdir}/%{name}/secret |
153 |
|
154 |
# While not strictly related, we also need to fix storage permissions from |
155 |
# older versions and the lack of a secret file is a good indicator |
156 |
find /var/lib/%{name}/ -uid 0 -exec chown %{name}:%{name} {} \; |
157 |
fi |
158 |
%_tmpfilescreate %{name} |
159 |
%_post_service %{name} %{name} varnishlog varnishncsa |
160 |
|
161 |
%preun |
162 |
%_preun_service %{name} %{name} varnishlog varnishncsa |
163 |
|
164 |
%files |
165 |
%doc README.rst ChangeLog examples/*.vcl etc/builtin.vcl |
166 |
%config(noreplace) %{_sysconfdir}/logrotate.d/varnish |
167 |
%dir %{_sysconfdir}/varnish |
168 |
%config(noreplace) %{_sysconfdir}/varnish/default.vcl |
169 |
%config(noreplace) %{_sysconfdir}/ld.so.conf.d/* |
170 |
%{_unitdir}/varnish.service |
171 |
%{_unitdir}/varnishncsa.service |
172 |
%{_unitdir}/varnishlog.service |
173 |
%{_tmpfilesdir}/%{name}.conf |
174 |
%{_sbindir}/* |
175 |
%{_bindir}/* |
176 |
%attr(0755,varnish,varnish) %dir %{_var}/lib/varnish |
177 |
%attr(0755,varnish,varnish) %dir %{_var}/log/varnish |
178 |
%{_mandir}/man1/*.1* |
179 |
%{_mandir}/man7/*.7* |
180 |
%{_libdir}/varnish/vmods/ |
181 |
%{_mandir}/man3/vmod_{blob,cookie,directors,purge,std,vtc,proxy,unix}.3* |
182 |
|
183 |
%files -n %{libname} |
184 |
%doc LICENSE |
185 |
%{_libdir}/lib*.so.%{major}{,.*} |
186 |
|
187 |
%files -n %{develname} |
188 |
%{_libdir}/lib*.so |
189 |
%{_datadir}/aclocal/varnish*.m4 |
190 |
%{_datadir}/varnish/vmodtool.py |
191 |
%{_datadir}/varnish/vsctool.py |
192 |
%dir %{_includedir}/varnish |
193 |
%dir %{_includedir}/varnish/{cache,common,tbl,vapi,waiter} |
194 |
%{_includedir}/varnish/*.h |
195 |
%{_includedir}/varnish/{cache,common,tbl,vapi,waiter}/*.h |
196 |
%{_libdir}/pkgconfig/*.pc |