# This is tac_plus rpm spec file

%define ver	@VERSION@
%define rel	1
%define prefix	/usr

Summary:	Cisco Tacacs+ Daemon
Name:		tac_plus
Version:	%ver
Release:	%rel
Copyright:	Cisco systems, Inc.
Group:		Networking/Daemons
Source:		http://www.gazi.edu.tr/tacacs/src/tac_plus-%{ver}.tar.gz
Url:		http://www.gazi.edu.tr/tacacs/
Packager:	Jan Kratochvil <short@ucw.cz>
BuildRoot:	/var/tmp/@PACKAGE@-%{ver}-%{rel}-root
#Docdir:		%{prefix}/doc

%define __libtoolize true	# we don't need it, is is otherwise run automatically
				# don't %undefine it, there is expansion bug at least in rpm-4.0-4

%description
TACACS+ daemon using with Cisco's NASs (Or other vendors) for AAA (Authentication , Authorization and Accounting) propose. 


%prep
%setup

%build
# configure script have some options describe below 
# --with-pam  : For PAM support
# --with-db   : If you like to use db feature you must enable it
# --with-mysql: For MySQL database support
# --with-mysql-prefix: If you install MySQL libs other than /usr/lib
# --enable-maxsess: For check concurrent logins (It's uses finger!!) 
# --with-pgsql          With PgSQL Support   
# --with-pgsql-prefix=PREFIX  PgSQL prefix [default=/usr]
# --with-tacuid: If you like to run tac_plus specify UID
# --with-tacgid: If you like to run tac_plus specify GID
# --with-tacplus_pid=PREFIX  Tac_plus pid file location [default=/var/run] 
# --with-libwrap[=PATH]   Compile in libwrap (tcp_wrappers) support

%configure --with-pam --with-db 
make

%install
rm -rf "$RPM_BUILD_ROOT"
%makeinstall
install -d "$RPM_BUILD_ROOT"/%{_sysconfdir}/{tacacs,logrotate.d,pam.d,rc.d/{init.d,rc{0,1,2,3,4,5,6}.d}}
install    -c -m 0755 tac_plus.init   "$RPM_BUILD_ROOT"/etc/rc.d/init.d/tac_plus
install -b -c -m 0644 tac_plus.pam    "$RPM_BUILD_ROOT"/etc/pam.d/pap
install -b -c -m 0644 tac_plus.rotate "$RPM_BUILD_ROOT"/etc/logrotate.d/tac_plus

%clean
rm -rf "$RPM_BUILD_ROOT"

%post
/sbin/chkconfig --add tac_plus

%preun
if [ $1 = 0 ]; then
   if [ -f /var/lock/subsys/tac_plus ]; then
      %{_sysconfdir}/rc.d/init.d/tac_plus stop
   fi
   /sbin/chkconfig --del tac_plus 
fi

%files
%defattr(-, root, root)
%config %{_sysconfdir}/tacacs/tac_plus.cfg
%config %{_sysconfdir}/pam.d/pap
%config %{_sysconfdir}/logrotate.d/tac_plus
%doc users_guide CHANGES convert.pl
%doc README.LDAP README.PAM tac_plus.sql 
%dir %{_sysconfdir}/tacacs
%attr(750,root,root) 		%{_sysconfdir}/rc.d/init.d/tac_plus
%attr(750,root,root) 		%{_bindir}/generate_passwd	
%attr(750,root,root) 		%{_sbindir}/tac_plus	
%attr(644,root,root) 		%{_mandir}/man1/*			

%changelog
* Mon Jul  9 2001 Jan Kratochvil <short@ucw.cz>
- following changes supported by GTS (www.gts.com), cooperation by:
  Pavel Ruzicka <pavel.ruzicka@gtsgroup.cz>
  Michael Macek <michael.macek@gtsgroup.cz>
- multiple "member" keyword memberships supported
- "enlist" keyword supported to specify reverse memberships
- "host" entity unified with "user"/"group" entities
- "when" blocks implemented for NAS host based configuration
- "authorization = recursive" implemented for full recursivity
- line-trailing white spaces removed
- function prototypes cleanup and K&R C compatibility
- maintainer compilation is pedantic now, compiler warnings cleanup
- uncomplete transition from system-name conditions to autoconf style
- all Makefile options moved to configure.in
- Makefile.in rewritten to automake Makefile.am
- autogen script included for easy maintainer rebuilds
- tac_plus.h split to headers for each particular source file
- system regex is now preferred, own regex is just fallback
- several files renamed to prevent auto*/system headers conflicts

* Sun Mar 25 2001 Devrim SERAL<devrim@gazi.edu.tr>
- Added PostgreSQL authentication and accounting function
- Added tcpwrapper feature
- Added LDAP Authentication from Harpes Patrick (patrick.harpes@tudor.lu)
- Added more options to configure script
- Added time_limit function for control user loging time
- And more control for buffer overflow

* Fri Nov 17 2000 Devrim SERAL<devrim@tef.gazi.edu.tr>
- packet.c is pached for overflow problem
- Fix some log files name
- Add new config parameters for database accounting
- MySQL authentication code is functional
- MySQL accounting code ready but not well tested

* Mon Mar 10 2000 Devrim SERAL<devrim@tef.gazi.edu.tr>
- I am add PAM patch from  Max Liccardo <ravel@tiscalinet.it>
- Change PAM code to authorize user
- Add db support from fil@artelecom.ru 
- I am write MySQL authentication code
- MySQL code is still experimental 

* Tue Nov 15 1999 Devrim SERAL<devrim@tef.gazi.edu.tr>
- Take out documentation
- Add more functional parameters tac_plus script 
- Change some code to authenticate with /etc/shadow
- Fix some file permissions (Like accounting logs file)

* Sun Oct 24 1999 D'mon <dimone@ikar.ugol.ru>
- I moved to RedHat 6.0 =)
- changes of the package internals!

* Mon Oct 18 1999 D'mon <dimone@ikar.ugol.ru>
- massive remake to suit RedHat 5.2 standard
- patch for RedHat 5.2

* Wed Aug 4 1999 Erhan Bilgili <erhan@altay.adm.deu.edu.tr>
- fixes for the RPM_OPT_FLAGS
- change the buildroot to /var/tmp/tacacsd

* Wed Aug 4 1999 Devrim SERAL<devrim@tef.gazi.edu.tr>
- I just re-did the spec file
- And added Tacac FAQ