Hello community,
here is the log from the commit of package squid3.1233 for openSUSE:12.2:Update checked in at 2013-01-23 10:14:36
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:12.2:Update/squid3.1233 (Old)
and /work/SRC/openSUSE:12.2:Update/.squid3.1233.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "squid3.1233", Maintainer is ""
Changes:
--------
New Changes file:
--- /dev/null 2013-01-09 19:40:42.352580873 +0100
+++ /work/SRC/openSUSE:12.2:Update/.squid3.1233.new/squid3.changes 2013-01-23 10:14:37.000000000 +0100
@@ -0,0 +1,1306 @@
+-------------------------------------------------------------------
+Sun Jan 13 21:06:34 UTC 2013 - chris@computersalat.de
+
+- update to 3.1.23
+ fix for bnc#794954, CVE-2012-5643, SQUID:2012-1
+ - Additional fixes for CVE-2012-5643 / SQUID:2012-1
+ * http://www.squid-cache.org/Advisories/SQUID-2012_1.txt
+ * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5643
+- rebase swapdir patch
+
+-------------------------------------------------------------------
+Tue Jun 12 10:22:46 UTC 2012 - chris@computersalat.de
+
+- update to 3.1.20
+ - Regression Bug 3545: FreeBSD dnsserver segfaults
+ - Regression Bug 3504: clientside_tos fails to mark traffic
+ - Bug 3539: CONNECT server connection not closed correctly on errors
+ - Bug 3502: client timeout uses server-side read_timeout, not request_timeout
+ - Bug 3466: Adaptation stuck on last single-byte body piece
+ - Bug 3463: dnsserver fails to compile
+ - Bug 3439: correct external_acl_type documented default for ipv4/ipv6 option
+ - Bug 3390: Proxy auth data visible to scripts
+ - Bug 3263: ssl_crtd: undefined references to squid_curtime
+ - Bug 3233: Invalid URL accepted with url host is white spaces
+ - Bug 3133: Memory leak handling requests for sites that don't exist
+ - Bug 3074: Improper URL handling with empty path (RFC 3986)
+ - Bug 3013: segmentation fault on shutdown commSetCloseOnExec at comm.cc:1889
+ - Regression: snmp/udp address directives not resolving hostname
+ - Better helper-to-Squid buffer size management.
+ - Support CoAP over HTTP (coap:// and coaps:// URLs)
+ - Support for 3.2 error template codes
+- rebase config, swapdir patch
+
+-------------------------------------------------------------------
+Fri Feb 17 16:01:23 UTC 2012 - chris@computersalat.de
+
+- some cleanup
+ * rebase patches (p0), remove version from patch_names
+- add Source signature file
+- add FSF patch (incorrect-fsf-address)
+- add rpmlintrc file
+ * macro-in-comment
+ * no-manual-page-for-binary
+
+-------------------------------------------------------------------
+Wed Feb 15 20:50:59 UTC 2012 - chris@computersalat.de
+
+- update to 3.1.19
+ - Regression Bug 3441: part 2: Prevent further cache size corruption of swap.state
+ - Bug 3473: erase last uses of obsolete auth_user_hash_pointer
+ - Bug 3470: GCC 4.7
+ - Bug 3442: assertion failed: external_acl.cc:908: ch->auth_user_request != NULL
+ - Bug 3441: part 1: Minimize cache size corruption by malformed swap.state
+ - Bug 3440: compile error in Adaptation
+ - Bug 3420: Request body consumption races and !theConsumer exception
+ - Bug 3370: external ACL sometimes skipping
+ - Bug 3085: Crash when parsing esi:include
+ - HTTP/1.1: do not add 110 and 111 Warnings to revalidated responses
+ - Fix SSL library dependency fixes
+- remove obsolete upstream patches
+ * squid-3.1-10415 - ..421
+- add squid source signature file
+
+-------------------------------------------------------------------
+Mon Jan 16 13:49:22 UTC 2012 - chris@computersalat.de
+
+- add upstream patches
+ * 3.1-10419: Bug #3085: Crash when parsing esi:include
+ * 3.1-10420: Bug #3473: erase last uses of obsolete auth_user_hash_pointer
+ * 3.1-10421: Bug #3420: Request body consumption races and !theConsumer
+ exception.
+
+-------------------------------------------------------------------
+Wed Dec 21 12:12:09 UTC 2011 - chris@computersalat.de
+
+- fix for bnc#737905
+ * fix test EXPRESSION in post section
+
+-------------------------------------------------------------------
+Mon Dec 12 12:47:50 UTC 2011 - chris@computersalat.de
+
+- add upstream patches
+ * 3.1-10417: Polish: debug messages on swap.state rename failure
+ * 3.1-10418: Bug #3442: assertion failed: external_acl.cc:908:
+ ch->auth_user_request != NULL
+
+-------------------------------------------------------------------
+Wed Dec 7 22:33:43 UTC 2011 - chris@computersalat.de
+
+- fix build
+ * add upstream patches
+ - 3.1-10415: Portability: SSL library dependency fixes
+ - 3.1-10416: Bug #3440: compile error in Adaptation
+
+-------------------------------------------------------------------
+Mon Dec 5 09:21:26 UTC 2011 - chris@computersalat.de
+
+- update to 3.1.18
+ - Regression: compile error in FTP
+- Changes to squid-3.1.17 (03 Dec 2011):
+ - Bug 3432: Crash logging FTP errors
+ - Bug 3428: Active FTP data channel accepted twice
+ - Bug 3423: access violation in URL parser
+ - Bug 3422: Buffer overflow in recv-announce
+ - Bug 3412: External ACL Uses Invalid Cache Entry
+ - Bug 3408: Wrong header length leads to EFAULTs when creating UFS swap.log.new
+ - Bug 3398: persistent server connection closed after PUT/DELETE
+ - Bug 3299: dnsserver: various undefined references
+ - Bug 3077: '\' in url query strings cause Digest authentication to fail
+ - Bug 2910: MemBuf may grow beyond max_capacity
+ - Bug 2619: Excessive RAM growth due to unlimited adapted body data consumption
+ - Bug 1243: Build overrides configured AR setting
+ - Avoid crashes when processing bad X509 common names (CN).
+ - Support %% in external ACL format
+ - ... and several other compile error fixes
+ - ... and several documentation fixes
+
+-------------------------------------------------------------------
+Wed Nov 30 18:58:11 UTC 2011 - crrodriguez@opensuse.org
+
+- make coolo's bot reviewer happy
+
+-------------------------------------------------------------------
+Wed Nov 30 18:11:27 UTC 2011 - crrodriguez@opensuse.org
+
+- Use service type "simple"
+
+-------------------------------------------------------------------
+Mon Nov 28 20:18:40 UTC 2011 - crrodriguez@opensuse.org
+
+- Support systemd
+
+-------------------------------------------------------------------
+Sun Nov 27 06:56:29 UTC 2011 - coolo@suse.com
+
+- add libtool as buildrequire to avoid implicit dependency
+
+-------------------------------------------------------------------
+Sat Oct 15 14:00:35 UTC 2011 - chris@computersalat.de
+
+- update to 3.1.16
+ - Bug 3373: invalid URL in ERR_CACHE_ACCESS_DENIED
+ - Bug 3368: Unhandled exceptions are not logged (workaround)
+ - Bug 3326: miss_access incorrect default
+ - Bug 3320: miss_access description confusing
+ - Bug 3241: squid_kerb_auth cross compilation fix
+ - Bug 3237: seq fault in free() from rfc1035RRDestroy
+ - Bug 3190: Large HTTP POST stuck after early ICAP 400 error response
+ - db_auth: display available DSN drivers on connect error
+ - Updated OpenSSL 1.0.0 version checks
+ - ... and several documentation fixes
+
+-------------------------------------------------------------------
+Wed Oct 5 00:32:36 UTC 2011 - crrodriguez@opensuse.org
+
+- Build with -DOPENSSL_LOAD_CONF see OPENSSL_config(3) for detail
+
+-------------------------------------------------------------------
+Tue Aug 30 15:44:50 UTC 2011 - chris@computersalat.de
+
+- update to 3.1.15
+ - Regression fix: vhost and defaultsite causing vport to be ignored
+ - Regression Bug 3295: broken escaping in rfc1738_do_escape
+ - Bug #3232: fails to compile with OpenSSL v1.0.0
+ - Bug #3222: cache_peer name is not logging on CONNECT
+ - Bug #3131: fd_table[fd].closing() assert
+ from ConnStateData::noteMoreBodySpaceAvailable()
+ - Bug #3217: "!fd_table[fd].closing()"
+ from ServerStateData::noteMoreBodySpaceAvailable
+ - Bug #3213: https sites (CONNECT) not open when using NTLM
+ - Bug #3114: Memory leak in SSL certificate verify code
+ - Bug #3107: ncsa_auth DES silently truncates passwords to 8 bytes
+ - Bug #2662: cf_gen failure when cross compiling
+ - Bug #2655: passing wrong the username to the url_rewrite_program
+ - Bug #2495: ignore whitespace prefix on config lines
+ - Bug #2051: 'default' cache_peer option does not match documentation
+ - Bug #1842: Optimize order of tests in peerWouldBePinged() and peerHTTPOkay()
+ - Bug #1791: timestampsSet does not validate Date: if server sends very old date
+ - Correct parsing of large Gopher indexes
+ - Enable negative cacheing on unknown or -1 expiry timestamp
+ - Remove hierarchy_stoplist default value
+ - Migrate cf_gen tool from C-style to C++
+ - ... and several documentation and compiler warning fixes
+
+-------------------------------------------------------------------
+Thu Aug 18 04:33:40 UTC 2011 - crrodriguez@opensuse.org
+
+- Disable "ident" lookups, obsolete and dangerous thing
+ to have enabled these days.
+
+-------------------------------------------------------------------
+Sun Jul 24 14:29:24 UTC 2011 - chris@computersalat.de
+
+- fix build for SLE_10
+
+-------------------------------------------------------------------
+Wed Jul 20 04:29:08 UTC 2011 - crrodriguez@opensuse.org
++++ 1109 more lines (skipped)
++++ between /dev/null
++++ and /work/SRC/openSUSE:12.2:Update/.squid3.1233.new/squid3.changes
New:
----
README.kerberos
RELEASENOTES.html
pam.squid
rpmlintrc
squid-3.1.23.tar.bz2
squid-3.1.23.tar.bz2.asc
squid-FSF.patch
squid-config.patch
squid-nobuilddates.patch
squid-swapdir.patch
squid.init
squid.logrotate
squid.permissions
squid.service
squid.sysconfig
squid3.changes
squid3.spec
squid_cache_swap.sh
unsquid.pl
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ squid3.spec ++++++
#
# spec file for package squid3
#
# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
%define squidlibdir %{_libdir}/squid
%define squidconfdir /etc/squid
Name: squid3
Summary: Squid Version 3.1 WWW Proxy Server
License: GPL-2.0+
Group: Productivity/Networking/Web/Proxy
Version: 3.1.23
Release: 0
Url: http://www.squid-cache.org/Versions/v3/3.1
Source0: http://www.squid-cache.org/Versions/v3/3.1/squid-%{version}.tar.bz2
Source1: squid-%{version}.tar.bz2.asc
Source2: RELEASENOTES.html
Source3: squid.init
Source4: squid.sysconfig
Source5: pam.squid
Source6: unsquid.pl
Source7: squid.logrotate
Source9: squid.permissions
Source10: README.kerberos
Source11: squid.service
Source12: squid_cache_swap.sh
#
# the following patches are downloaded directly from the webserver
# don't change the names for easier identification
#
# please read every file if there is interest about what the patch changes
# or just visit: http://www.squid-cache.org/Versions/v3/3.0/changesets/
#
# Bug #3440: compile error in Adaptation
#atch0: http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10415.patch
# Portability: SSL library dependency fixes
#atch1: http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10416.patch
# Polish: debug messages on swap.state rename failure
#atch2: http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10417.patch
# Bug #3442: assertion failed: external_acl.cc:908: ch->auth_user_request != NULL
#atch3: http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10418.patch
# Bug #3085: Crash when parsing esi:include
#atch4: http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10419.patch
# Bug #3473: erase last uses of obsolete auth_user_hash_pointer
#atch5: http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10420.patch
# Bug #3420: Request body consumption races and !theConsumer exception.
#atch6: http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10421.patch
#
# do not show some rpmlint warnings
Source99: rpmlintrc
# some useful defaults for squid
Patch100: squid-config.patch
# FIX SWAPDIR - make it a configure option
Patch101: squid-swapdir.patch
# make build compare happy - remove build dates
Patch102: squid-nobuilddates.patch
# FIX-FOR-UPSTREAM: rpmlint - incorrect-fsf-address
Patch200: squid-FSF.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
PreReq: %fillup_prereq
PreReq: %insserv_prereq
PreReq: /usr/bin/getent
PreReq: permissions
PreReq: pwdutils
BuildRequires: db-devel
# needed by bootstrap.sh
BuildRequires: cyrus-sasl-devel
BuildRequires: ed
BuildRequires: expat
BuildRequires: gcc-c++
BuildRequires: libcap-devel
BuildRequires: libexpat-devel
BuildRequires: libtool
BuildRequires: openldap2-devel
BuildRequires: opensp-devel
BuildRequires: openssl-devel
BuildRequires: pam-devel
BuildRequires: sharutils
#
%if 0%{?sles_version} == 9
BuildRequires: heimdal-devel
%else
BuildRequires: krb5-devel
%endif
#
%if 0%{?suse_version} > 1030 || 0%{?fedora_version} > 8
BuildRequires: fdupes
%endif
#
%if 0%{?suse_version} >= 1130
BuildRequires: pkgconfig(libxml-2.0)
%else
BuildRequires: libxml2-devel
%endif
%if 0%{?suse_version} > 1140
BuildRequires: systemd
%{?systemd_requires}
%define has_systemd 1
%endif
Conflicts: squid squid2 squid23 squid-beta
Obsoletes: squid-beta
Obsoletes: squid2
Requires: logrotate
Provides: http_proxy
%description
Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. It reduces bandwidth and improves response times by caching and reusing frequently-requested web pages. Squid has extensive access controls and makes a great server accelerator.
Squid 3.1 represents a new feature release above 3.0.
The most important of these new features are:
* New Version Numbering System
* Minimal squid.conf improvements
* Native IPv6 Support
* Error Page Localization
* Connection Pinning (for NTLM Auth Passthrough)
* Quality of Service (QoS) Flow support
* SSL Bump (for HTTPS Filtering and Adaptation)
* eCAP Adaptation Module support
* ICAP Bypass and Retry enhancements
* ICY streaming protocol support
* Dynamic SSL Certificate Generation (3.1.13 and later)
First STABLE release Date: 29 Mar 2010
Latest Release: 3.1.23
Latest Release Date: 09 Jan 2013
%prep
%setup -q -n squid-%{version}
cp %{SOURCE10} .
# upstream patches after RELEASE
#
##### other patches
%patch100
%if 0%{?suse_version} > 1010
%patch101
%endif
perl -p -i -e 's|/usr/local/bin/perl|/usr/bin/perl|' `find -name "*.pl"`
chmod a-x CREDITS
%patch102
%patch200
%build
%if 0%{?suse_version} > 1010
./bootstrap.sh
autoreconf -fiv
%endif
export CFLAGS="%{optflags} -fPIE -fPIC -DOPENSSL_LOAD_CONF"
export CXXFLAGS="%{optflags} -fPIE -fPIC -DOPENSSL_LOAD_CONF"
export LDFLAGS='-Wl,-z,relro,-z,now -pie'
./configure --prefix=/usr \
--sysconfdir=%{squidconfdir} \
--bindir=/usr/sbin \
--sbindir=/usr/sbin \
--localstatedir=/var \
--libexecdir=/usr/sbin \
--datadir=/usr/share/squid \
--mandir=%{_mandir} \
--libdir=%{_libdir} \
--sharedstatedir=/var/squid \
--with-logdir=/var/log/squid \
%if 0%{?suse_version} > 1010
--with-swapdir=/var/cache/squid \
%endif
--with-pidfile=/var/run/squid.pid \
--with-dl \
--enable-storeio \
--enable-disk-io=AIO,Blocking,DiskDaemon,DiskThreads \
--enable-removal-policies=heap,lru \
--enable-icmp \
--enable-delay-pools \
--enable-esi \
--enable-icap-client \
--enable-useragent-log \
--enable-referer-log \
--enable-kill-parent-hack \
--enable-arp-acl \
--enable-ssl \
--enable-forw-via-db \
--enable-cache-digests \
--enable-linux-netfilter \
--with-large-files \
--enable-underscores \
--enable-auth=basic,digest,ntlm,negotiate \
--enable-basic-auth-helpers=DB,LDAP,MSNT,NCSA,PAM,POP3,SASL,SMB,YP,getpwnam,multi-domain-NTLM,squid_radius_auth \
--enable-ntlm-auth-helpers=fakeauth,no_check,smb_lm \
--enable-negotiate-auth-helpers=squid_kerb_auth \
--enable-digest-auth-helpers=eDirectory,ldap,password \
--enable-external-acl-helpers=ip_user,ldap_group,session,unix_group,wbinfo_group \
--enable-ntlm-fail-open \
--enable-stacktraces \
--enable-x-accelerator-vary \
--with-default-user=squid \
--disable-ident-lookups \
--enable-follow-x-forwarded-for
## Deprecated
# --enable-poll \
# Deprecated. Automatic checks will enable best I/O loop method available.
#
## changed to default, use --disable-* to build without
# --enable-htcp \
# --enable-snmp \
#####
# problematic options
# --enable-truncate \
# overwrite the number of open filedescriptors of configure to 4096
# to be backward compatible, but numbers above should not be overwritten
if [ `awk '/SQUID_MAXFD/{print $3}' include/autoconf.h` -lt 4096 ]; then
set +x
echo "adapting SQUID_MAXFD to 4096"
set -x
perl -pi -e 's;(\#define SQUID_MAXFD) [0-9]+;$1 4096;' include/autoconf.h
fi
make SAMBAPREFIX=/usr %{?_smp_mflags}
#make DEFAULT_LOG_PREFIX=/var/log/squid \
# DEFAULT_SWAP_DIR=/var/cache/squid \
# DEFAULT_PID_FILE=/var/run/squid.pid \
# SAMBAPREFIX=/usr
%install
/usr/sbin/useradd -r -o -g nogroup -u 31 -s /bin/false -c "WWW-proxy squid" \
-d /var/cache/squid squid 2> /dev/null || :
install -d %{buildroot}%{_localstatedir}/{cache,log}/squid
install -d %{buildroot}%{_prefix}/sbin
make install DESTDIR=%{buildroot} SAMBAPREFIX=/usr
mv %{buildroot}{/etc/squid/,/usr/share/squid/}mime.conf.default
ln -s /etc/squid/mime.conf %{buildroot}%{_datadir}/squid # backward compatible
install -d -m 755 %{buildroot}%{_sysconfdir}/permissions.d
install -m 644 %{SOURCE9} %{buildroot}%{_sysconfdir}/permissions.d/squid
install -d -m 755 %{buildroot}%{_sysconfdir}/logrotate.d
install -m 644 %{SOURCE7} %{buildroot}%{_sysconfdir}/logrotate.d/squid
install -d %{buildroot}%{_mandir}/man8/
#chown squid:root -R %{buildroot}%{_localstatedir}/{cache,log}/squid
chmod 750 %{buildroot}%{_localstatedir}/{cache,log}/squid
install -D %{SOURCE3} %{buildroot}%{_sysconfdir}/init.d/squid
ln -sf %{_sysconfdir}/init.d/squid %{buildroot}%{_sbindir}/rcsquid
install -D -m644 %{SOURCE4} %{buildroot}%{_localstatedir}/adm/fillup-templates/sysconfig.squid
install -D -m 644 doc/squid.8 %{buildroot}/%{_mandir}/man8/
install -m 644 helpers/basic_auth/LDAP/squid_ldap_auth.8 %{buildroot}/%{_mandir}/man8/
install -m 644 helpers/basic_auth/LDAP/squid_ldap_auth.8 %{buildroot}/%{_mandir}/man8/
install -m 644 helpers/basic_auth/PAM/pam_auth.8 %{buildroot}/%{_mandir}/man8/
install -m 644 helpers/external_acl/ldap_group/squid_ldap_group.8 %{buildroot}/%{_mandir}/man8/
gzip -9 %{buildroot}/%{_mandir}/man8/*.8
install -d -m 755 doc/scripts
install scripts/*.pl doc/scripts
cat > doc/scripts/cachemgr.readme <<-EOT
cachemgr.cgi will now be found in %{_libdir}/squid
EOT
install -d -m 755 %{buildroot}/%{_libdir}/squid
mv %{buildroot}%{_sbindir}/cachemgr.cgi %{buildroot}/%{_libdir}/squid
install -d -m 755 doc/contrib
install %{SOURCE6} doc/contrib
install -D -m 644 %{SOURCE5} %{buildroot}%{_sysconfdir}/pam.d/squid
#chown squid:shadow %{buildroot}%{_sbindir}/pam_auth
chmod g+s %{buildroot}%{_sbindir}/pam_auth
#rm %{buildroot}%{_sbindir}/Run*
rm -rf %{buildroot}%{squidconfdir}/errors
for i in errors/*; do
if [ -d $i ]; then
mkdir -p %{buildroot}%{_datadir}/squid/$i
install -m 644 $i/* %{buildroot}%{_datadir}/squid/$i
fi
done
ln -sf /usr/share/squid/errors/de %{buildroot}%{squidconfdir}/errors
# remove unpackaged files
rm -f %{buildroot}%{_prefix}/man/man8/*.8
# fix file duplicates
%if 0%{?suse_version} > 1030
%fdupes -s %{buildroot}%{_prefix}
%endif
%if 0%{?fedora_version} > 8
fdupes -q -n -r %{buildroot}%{_prefix}
%endif
%if 0%{?has_systemd}
install -D -m 644 %{SOURCE11} %{buildroot}%{_unitdir}/squid.service
install -D -m 755 %{SOURCE12} %{buildroot}%{_sbindir}/squid_cache_swap.sh
%endif
%pre
# we need this group for squid (ntlmauth)
# read access to /var/lib/samba/winbindd_privileged
if [ -z "`%{_bindir}/getent group winbind 2>/dev/null`" ]; then
%{_sbindir}/groupadd -r winbind 2>/dev/null
fi
if [ -z "`%{_bindir}/getent passwd squid 2>/dev/null`" ]; then
%{_sbindir}/useradd -c "WWW-proxy squid" -d /var/cache/squid \
-G winbind -g nogroup -o -u 31 -r -s /bin/false \
squid 2>/dev/null
fi
# if squid is not member of winbind, add him
if [ `%{_bindir}/id -nG squid 2>/dev/null | grep -q winbind >/dev/null; echo $?` -ne 0 ]; then
%{_sbindir}/groupmod -A squid winbind 2>/dev/null
fi
%if 0%{?has_systemd}
%service_add_pre squid.service
%endif
%post
%if 0%{?sles_version} == 10
sed -i -e "s,\(^%{_sbindir}/pam_auth.*\)\(2755\),\14755," /etc/permissions.secure
%endif
%run_permissions
# update mode?
if [ "$1" -gt "1" ]; then
if [ -e etc/squid.conf -a ! -L etc/squid.conf -a ! -e etc/squid/squid.conf ]; then
echo "moving /etc/squid.conf to /etc/squid/squid.conf"
mv etc/squid.conf etc/squid/squid.conf
fi
fi
%{fillup_and_insserv -n "squid"}
%if 0%{?has_systemd}
%service_add_post squid.service
%endif
%preun
%stop_on_removal squid
%if 0%{?has_systemd}
%service_del_preun squid.service
%endif
%postun
%if 0%{?has_systemd}
%service_del_postun squid.service
%endif
%restart_on_update squid
%insserv_cleanup
%verifyscript
%verify_permissions -e /usr/sbin/pam_auth
%clean
rm -rf %{buildroot}
%files
%defattr(-,root,root)
%if 0%{?has_systemd}
%{_unitdir}/squid.service
%{_sbindir}/squid_cache_swap.sh
%endif
%attr(750,squid,root) %dir %{_localstatedir}/cache/squid/
%attr(750,squid,root) %dir %{_localstatedir}/log/squid/
%dir %{squidconfdir}
%config(noreplace) %{squidconfdir}/cachemgr.conf
%config(noreplace) %{squidconfdir}/errorpage.css
%config(noreplace) %{squidconfdir}/errors
%config(noreplace) %{_sysconfdir}/logrotate.d/squid
%config(noreplace) %{squidconfdir}/mime.conf
%config(noreplace) %{squidconfdir}/msntauth.conf
%config(noreplace) %{squidconfdir}/squid.conf
%config %{squidconfdir}/cachemgr.conf.default
%config %{squidconfdir}/errorpage.css.default
%config %{squidconfdir}/msntauth.conf.default
%config %{squidconfdir}/squid.conf.default
%config %{squidconfdir}/squid.conf.documented
%config %{_sysconfdir}/pam.d/squid
%config %{_sysconfdir}/init.d/squid
%config %{_sysconfdir}/permissions.d/squid
%dir %{_datadir}/squid
%{_datadir}/squid/errors
%{_datadir}/squid/icons
%config %{_datadir}/squid/mib.txt
%{_sbindir}/diskd
%{_sbindir}/digest_pw_auth
%{_sbindir}/digest_edir_auth
%{_sbindir}/digest_ldap_auth
%{_sbindir}/fakeauth_auth
%{_sbindir}/getpwname_auth
%{_sbindir}/ip_user_check
%{_sbindir}/msnt_auth
%{_sbindir}/ncsa_auth
%{_sbindir}/negotiate_kerb_auth
%{_sbindir}/negotiate_kerb_auth_test
%{_sbindir}/no_check.pl
%{_sbindir}/ntlm_smb_lm_auth
%verify(not mode) %attr(4755,root,shadow) %{_sbindir}/pam_auth
%{_sbindir}/pinger
%{_sbindir}/pop3.pl
%{_sbindir}/rcsquid
%{_sbindir}/sasl_auth
%{_sbindir}/smb_auth
%{_sbindir}/smb_auth.sh
%{_sbindir}/smb_auth.pl
%{_sbindir}/squid
%{_sbindir}/squid_db_auth
%{_sbindir}/squid_kerb_auth
%{_sbindir}/squid_kerb_auth_test
%{_sbindir}/squid_ldap_auth
%{_sbindir}/squid_ldap_group
%{_sbindir}/squid_radius_auth
%{_sbindir}/squid_session
%{_sbindir}/squid_unix_group
%{_sbindir}/squidclient
%{_sbindir}/unlinkd
%{_sbindir}/wbinfo_group.pl
%{_sbindir}/yp_auth
%{_datadir}/squid/mime.conf
%{_datadir}/squid/mime.conf.default
%{_localstatedir}/adm/fillup-templates/sysconfig.squid
%dir %{_libdir}/squid
%{_libdir}/squid/cachemgr.cgi
%doc %{_mandir}/man?/*
%doc CONTRIBUTORS COPYING COPYRIGHT CREDITS ChangeLog
%doc QUICKSTART README RELEASENOTES.html SPONSORS
%doc README.kerberos
%doc doc/contrib doc/scripts
%doc doc/debug-sections.txt src/squid.conf.default
#%doc README.squid_ldapauth CREDITS.squid_ldapauth
#%doc squid_ldapauth.conf
%changelog
++++++ README.kerberos ++++++
This is the README.kerberos file
to have squid negotiate/authenticate via kerberos
any addons are very welcome
comments could be posted to