diff --git a/nss-config.xml b/nss-config.xml new file mode 100644 index 0000000..f9518c9 --- /dev/null +++ b/nss-config.xml @@ -0,0 +1,132 @@ + + + +]> + + + + + &date; + Network Security Services + nss + &version; + + + + nss-config + 1 + + + + nss-config + Return meta information about nss libraries + + + + + nss-config + + + + + + + + + + + + Description + + nss-config is a shell scrip + tool which can be used to obtain gcc options for building client pacakges of nspt. + + + + + Options + + + + + Returns the top level system directory under which the nss libraries are installed. + + + + + returns the top level system directory under which any nss binaries would be installed. + + + + count + returns the path to the directory were the nss libraries are installed. + + + + + returns the upstream version of nss in the form major_version-minor_version-patch_version. + + + + + returns the compiler linking flags. + + + + + returns the compiler include flags. + + + + + returns the path to the directory were the nss libraries are installed. + + + + + + + Examples + + The following example will query for both include path and linkage flags: + + + /usr/bin/nss-config --cflags --libs + + + + + + + + + Files + + /usr/bin/nss-config + + + + + See also + pkg-config(1) + + + + Authors + The nss liraries were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google. + + Authors: Elio Maldonado <emaldona@redhat.com>. + + + + + + LICENSE + Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/. + + + + + diff --git a/nss.spec b/nss.spec index 3998a4e..ddca02b 100644 --- a/nss.spec +++ b/nss.spec @@ -3,6 +3,7 @@ %global nss_softokn_fips_version 3.12.9 %global nss_softokn_version 3.15 %global unsupported_tools_directory %{_libdir}/nss/unsupported-tools +%global allTools "certutil cmsutil crlutil derdump modutil pk12util pp signtool signver ssltap vfychain vfyserv" # solution taken from icedtea-web.spec %define multilib_arches ppc64 sparc64 x86_64 @@ -19,7 +20,7 @@ Summary: Network Security Services Name: nss Version: 3.15 -Release: 4%{?dist} +Release: 5%{?dist} License: MPLv2.0 URL: http://www.mozilla.org/projects/security/pki/nss/ Group: System Environment/Libraries @@ -74,6 +75,8 @@ Source12: %{name}-pem-20130405.tar.bz2 Source17: TestCA.ca.cert Source18: TestUser50.cert Source19: TestUser51.cert +Source20: nss-config.xml +Source21: setup-nsssysinit.xml Patch2: add-relro-linker-option.patch Patch3: renegotiate-transitional.patch @@ -147,6 +150,7 @@ Requires: nss-util-devel Requires: nss-softokn-devel Requires: nspr-devel >= %{nspr_version} Requires: pkgconfig +BuildRequires: xmlto %description devel Header and Library files for doing development with Network Security Services. @@ -294,6 +298,16 @@ export NSS_BLTEST_NOT_AVAILABLE=1 %{__make} -C ./nss unset NSS_BLTEST_NOT_AVAILABLE +# build the man pages clean +pushd ./nss +%{__make} clean_docs build_docs +popd + +# and copy them here +for m in "%{allTools}"; do + cp ./nss/doc/nroff/${m}.1 . +done + # Set up our package file # The nspr_version and nss_{util|softokn}_version globals used # here match the ones nss has for its Requires. @@ -333,6 +347,16 @@ chmod 755 ./dist/pkgconfig/setup-nsssysinit.sh %{__cp} ./nss/lib/ckfw/nssck.api ./dist/private/nss/ +date +"%e %B %Y" | tr -d '\n' > date.xml +echo -n %{version} > version.xml + +for m in %{SOURCE20} %{SOURCE21}; do + cp ${m} . +done +for m in nss-config.xml setup-nsssysinit.xml; do + xmlto man ${m} +done + %check if [ $DISABLETEST -eq 1 ]; then echo "testing disabled" @@ -437,6 +461,8 @@ echo "test suite completed" %{__mkdir_p} $RPM_BUILD_ROOT/%{unsupported_tools_directory} %{__mkdir_p} $RPM_BUILD_ROOT/%{_libdir}/pkgconfig +mkdir -p $RPM_BUILD_ROOT%{_mandir}/man1 + touch $RPM_BUILD_ROOT%{_libdir}/libnssckbi.so %{__install} -p -m 755 dist/*.OBJ/lib/libnssckbi.so $RPM_BUILD_ROOT/%{_libdir}/nss/libnssckbi.so @@ -492,6 +518,14 @@ done %{__install} -p -m 755 ./dist/pkgconfig/nss-config $RPM_BUILD_ROOT/%{_bindir}/nss-config # Copy the pkcs #11 configuration script %{__install} -p -m 755 ./dist/pkgconfig/setup-nsssysinit.sh $RPM_BUILD_ROOT/%{_bindir}/setup-nsssysinit.sh +# Copy the man pages for scripts +for f in nss-config setup-nsssysinit; do + install -c -m 644 ${f}.1 $RPM_BUILD_ROOT%{_mandir}/man1/${f}.1 +done +# Copy the man pages the nss tools +for f in "%{allTools}"; do + install -c -m 644 ${f}.1 $RPM_BUILD_ROOT%{_mandir}/man1/${f}.1 +done %clean %{__rm} -rf $RPM_BUILD_ROOT @@ -570,6 +604,7 @@ fi %config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/pki/nssdb/key4.db %config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/pki/nssdb/pkcs11.txt %{_bindir}/setup-nsssysinit.sh +%attr(0644,root,root) %doc /usr/share/man/man1/setup-nsssysinit.1.gz %files tools %defattr(-,root,root) @@ -592,12 +627,28 @@ fi %{unsupported_tools_directory}/tstclnt %{unsupported_tools_directory}/vfyserv %{unsupported_tools_directory}/vfychain +# instead of %{_mandir}/man*/* let's list them explicitely +# supported tools +%attr(0644,root,root) %doc /usr/share/man/man1/certutil.1.gz +%attr(0644,root,root) %doc /usr/share/man/man1/cmsutil.1.gz +%attr(0644,root,root) %doc /usr/share/man/man1/crlutil.1.gz +%attr(0644,root,root) %doc /usr/share/man/man1/modutil.1.gz +%attr(0644,root,root) %doc /usr/share/man/man1/pk12util.1.gz +%attr(0644,root,root) %doc /usr/share/man/man1/signtool.1.gz +%attr(0644,root,root) %doc /usr/share/man/man1/signver.1.gz +# unsupported tools +%attr(0644,root,root) %doc /usr/share/man/man1/derdump.1.gz +%attr(0644,root,root) %doc /usr/share/man/man1/pp.1.gz +%attr(0644,root,root) %doc /usr/share/man/man1/ssltap.1.gz +%attr(0644,root,root) %doc /usr/share/man/man1/vfychain.1.gz +%attr(0644,root,root) %doc /usr/share/man/man1/vfyserv.1.gz %files devel %defattr(-,root,root) %{_libdir}/libcrmf.a %{_libdir}/pkgconfig/nss.pc %{_bindir}/nss-config +%attr(0644,root,root) %doc /usr/share/man/man1/nss-config.1.gz %dir %{_includedir}/nss3 %{_includedir}/nss3/cert.h @@ -667,6 +718,10 @@ fi %changelog +* Wed Jun 19 2013 Elio Maldonado - 3.15-5 +- Install man pages for nss-tools and the nss-config and setup-nsssysinit scripts +- Resolves: rhbz#606020 - nss security tools lack man pages + * Tue Jun 18 2013 emaldona - 3.15-4 - Build nss without softoken or util sources in the tree - Resolves: rhbz#689918 diff --git a/setup-nsssysinit.xml b/setup-nsssysinit.xml new file mode 100644 index 0000000..4335d85 --- /dev/null +++ b/setup-nsssysinit.xml @@ -0,0 +1,110 @@ + + + +]> + + + + + &date; + Network Security Services + nss + &version; + + + + setup-nsssysinit + 1 + + + + setup-nsssysinit + Query or enable the nss-sysinit module + + + + + setup-nsssysinit + + + + + + + + + + + + Description + setup-nsssysinit is a shell script to query the status of the nss-sysinit module and when run with root priviledge it can enable or disable it. + Turns on or off the nss-sysinit module db by editing the global PKCS #11 configuration file. Displays the status. This script can be invoked by the user as super user. It is invoked at nss-sysinit post install time with argument on. + + + + + Options + + + + + Turn on nss-sysinit. + + + + + Turn on nss-sysinit. + + + + count + returns whether nss-syinit is enabled or not. + + + + + + + Examples + + The following example will query for the status of nss-sysinit: + + /usr/bin/setup-nsssysinit --status + + + + The following example, when run as superuser, will turn on nss-sysinit: + + /usr/bin/setup-nsssysinit --on + + + + + + + Files + /usr/sbin/setup-nsssysinit + + + + See also + pkg-config(1) + + + + Authors + The nss liraries were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google. + Authors: Elio Maldonado <emaldona@redhat.com>. + + + + + LICENSE + Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/. + + + + +