initial support for subpackages
This commit is contained in:
parent
b4f77077e9
commit
ac0e8c9b0b
|
@ -1,5 +1,10 @@
|
|||
# CMakeLists.txt for the Redhat Target Distros.
|
||||
|
||||
#
|
||||
# General strategy is to configure and install all files specific to Apache and Nginx
|
||||
# Then let the rpm specfile sort them into the appropriate sub-package
|
||||
#
|
||||
|
||||
# Display a message to show the RHEL build options are being processed.
|
||||
if(ZM_TARGET_DISTRO MATCHES "^el")
|
||||
message([STATUS] "Starting RHEL Build Options" ...)
|
||||
|
@ -9,33 +14,38 @@ else(ZM_TARGET_DISTRO MATCHES "^el")
|
|||
message([WARNING] "Unknown Build Option Detected" ...)
|
||||
endif(ZM_TARGET_DISTRO MATCHES "^el")
|
||||
|
||||
if((NOT ZM_TARGET_DISTRO MATCHES "^fc") AND (ZM_WEB_USER STREQUAL "nginx"))
|
||||
message([FATAL_ERROR] "Experimental Nginx support is currently only supported on Fedora" ...)
|
||||
endif((NOT ZM_TARGET_DISTRO MATCHES "^fc") AND (ZM_WEB_USER STREQUAL "nginx"))
|
||||
#
|
||||
# CONFIGURE STAGE
|
||||
#
|
||||
|
||||
# Configure the zoneminder service files
|
||||
configure_file(systemd/zoneminder.logrotate.in ${CMAKE_CURRENT_SOURCE_DIR}/zoneminder.logrotate @ONLY)
|
||||
configure_file(nginx/zoneminder.php-fpm.conf.in ${CMAKE_CURRENT_SOURCE_DIR}/zoneminder.php-fpm.conf @ONLY)
|
||||
configure_file(nginx/zoneminder.conf.in ${CMAKE_CURRENT_SOURCE_DIR}/zoneminder.nginx.conf @ONLY)
|
||||
if(ZM_WEB_USER STREQUAL "nginx")
|
||||
configure_file(nginx/zoneminder.service.in ${CMAKE_CURRENT_SOURCE_DIR}/zoneminder.service @ONLY)
|
||||
configure_file(nginx/zoneminder.tmpfiles.in ${CMAKE_CURRENT_SOURCE_DIR}/zoneminder.tmpfiles @ONLY)
|
||||
configure_file(nginx/README.Fedora ${CMAKE_CURRENT_SOURCE_DIR}/readme/README COPYONLY)
|
||||
else(ZM_WEB_USER STREQUAL "nginx")
|
||||
configure_file(systemd/zoneminder.service.in ${CMAKE_CURRENT_SOURCE_DIR}/zoneminder.service @ONLY)
|
||||
configure_file(apache/zoneminder.conf.in ${CMAKE_CURRENT_SOURCE_DIR}/zoneminder.conf @ONLY)
|
||||
configure_file(systemd/zoneminder.tmpfiles.in ${CMAKE_CURRENT_SOURCE_DIR}/zoneminder.tmpfiles @ONLY)
|
||||
if( ZM_TARGET_DISTRO MATCHES "^fc")
|
||||
configure_file(readme/README.Fedora ${CMAKE_CURRENT_SOURCE_DIR}/readme/README COPYONLY)
|
||||
else( ZM_TARGET_DISTRO MATCHES "^fc")
|
||||
configure_file(readme/README.Redhat7 ${CMAKE_CURRENT_SOURCE_DIR}/readme/README COPYONLY)
|
||||
endif( ZM_TARGET_DISTRO MATCHES "^fc")
|
||||
endif(ZM_WEB_USER STREQUAL "nginx")
|
||||
|
||||
# Create several empty folders
|
||||
# Configure the common zoneminder files
|
||||
configure_file(common/zoneminder.logrotate.in ${CMAKE_CURRENT_SOURCE_DIR}/zoneminder.logrotate @ONLY)
|
||||
configure_file(common/zoneminder.service.in ${CMAKE_CURRENT_SOURCE_DIR}/zoneminder.service @ONLY)
|
||||
file(MAKE_DIRECTORY sock swap zoneminder zoneminder-upload events images temp)
|
||||
|
||||
# Install the empty folders
|
||||
# Configure the Apache zoneminder files
|
||||
configure_file(apache/zm-apache.conf.in ${CMAKE_CURRENT_SOURCE_DIR}/zm-apache.conf @ONLY)
|
||||
configure_file(apache/zoneminder.apache.conf.in ${CMAKE_CURRENT_SOURCE_DIR}/zoneminder.apache.conf @ONLY)
|
||||
configure_file(apache/zoneminder.apache.tmpfiles.in ${CMAKE_CURRENT_SOURCE_DIR}/zoneminder.apache.tmpfiles.conf @ONLY)
|
||||
configure_file(apache/com.zoneminder.systemctl.rules.apache.in ${CMAKE_CURRENT_SOURCE_DIR}/com.zoneminder.systemctl.rules.apache @ONLY)
|
||||
|
||||
# Configure the Nginx zoneminder files
|
||||
configure_file(nginx/zm-nginx.conf ${CMAKE_CURRENT_SOURCE_DIR}/zm-nginx.conf COPYONLY)
|
||||
configure_file(nginx/zoneminder.nginx.conf.in ${CMAKE_CURRENT_SOURCE_DIR}/zoneminder.nginx.conf @ONLY)
|
||||
configure_file(nginx/zoneminder.nginx.tmpfiles.in ${CMAKE_CURRENT_SOURCE_DIR}/zoneminder.nginx.tmpfiles.conf @ONLY)
|
||||
configure_file(nginx/zm-web-user.conf ${CMAKE_CURRENT_SOURCE_DIR}/zm-web-user.conf COPYONLY)
|
||||
configure_file(nginx/zoneminder.php-fpm.conf.in ${CMAKE_CURRENT_SOURCE_DIR}/zoneminder.php-fpm.conf @ONLY)
|
||||
configure_file(nginx/com.zoneminder.systemctl.rules.nginx.in ${CMAKE_CURRENT_SOURCE_DIR}/com.zoneminder.systemctl.rules.nginx COPYONLY)
|
||||
|
||||
#
|
||||
# INSTALLATION STAGE
|
||||
#
|
||||
|
||||
|
||||
# Install the common zoneminder files
|
||||
install(FILES zoneminder.logrotate DESTINATION /etc/logrotate.d RENAME zoneminder PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ)
|
||||
install(FILES zoneminder.service DESTINATION /usr/lib/systemd/system PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ)
|
||||
|
||||
install(DIRECTORY sock swap DESTINATION /var/lib/zoneminder DIRECTORY_PERMISSIONS OWNER_WRITE OWNER_READ OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
|
||||
install(DIRECTORY zoneminder DESTINATION /var/log DIRECTORY_PERMISSIONS OWNER_WRITE OWNER_READ OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
|
||||
install(DIRECTORY zoneminder DESTINATION /var/run DIRECTORY_PERMISSIONS OWNER_WRITE OWNER_READ OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
|
||||
|
@ -43,6 +53,22 @@ install(DIRECTORY zoneminder DESTINATION /var/cache DIRECTORY_PERMISSIONS OWNER_
|
|||
install(DIRECTORY zoneminder-upload DESTINATION /var/spool DIRECTORY_PERMISSIONS OWNER_WRITE OWNER_READ OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
|
||||
install(DIRECTORY events images temp DESTINATION /var/lib/zoneminder DIRECTORY_PERMISSIONS OWNER_WRITE OWNER_READ OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
|
||||
|
||||
# Install the Apache zoneminder files
|
||||
install(FILES zm-apache.conf DESTINATION /usr/lib/systemd/system/zoneminder.service.d PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ)
|
||||
install(FILES zoneminder.apache.conf DESTINATION /etc/zm/www PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ)
|
||||
install(FILES zoneminder.apache.tmpfiles.conf DESTINATION /usr/lib/tmpfiles.d PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ)
|
||||
install(FILES com.zoneminder.systemctl.rules.apache DESTINATION /etc/zm/www PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ)
|
||||
|
||||
# Install the Nginx zoneminder files
|
||||
install(FILES zm-nginx.conf DESTINATION /usr/lib/systemd/system/zoneminder.service.d PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ)
|
||||
install(FILES zoneminder.nginx.conf DESTINATION /etc/zm/www PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ)
|
||||
install(FILES zoneminder.nginx.tmpfiles.conf DESTINATION /usr/lib/tmpfiles.d PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ)
|
||||
install(FILES com.zoneminder.systemctl.rules.nginx DESTINATION /etc/zm/www PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ)
|
||||
install(FILES zm-web-user.conf DESTINATION /etc/zm/conf.d PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ)
|
||||
install(FILES zoneminder.php-fpm.conf DESTINATION /etc/php-fpm.d PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ)
|
||||
|
||||
# Miscellaneous
|
||||
|
||||
# Symlink the cake php temp folder to the ZoneMinder temp folder
|
||||
install(CODE "execute_process(COMMAND ln -sf ../../../../../../var/lib/zoneminder/temp \"\$ENV{DESTDIR}${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_DATAROOTDIR}/zoneminder/www/api/app/tmp\")")
|
||||
|
||||
|
@ -50,14 +76,5 @@ install(CODE "execute_process(COMMAND ln -sf ../../../../../../var/lib/zoneminde
|
|||
install(CODE "execute_process(COMMAND ln -sf ../../java/cambozola.jar \"\$ENV{DESTDIR}${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_DATAROOTDIR}/zoneminder/www/cambozola.jar\")")
|
||||
|
||||
# Install auxiliary files
|
||||
install(FILES misc/redalert.wav DESTINATION ${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_DATAROOTDIR}/zoneminder/www/sounds PERMISSIONS OWNER_WRITE OWNER_READ OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
|
||||
|
||||
# Install zoneminder service files
|
||||
install(FILES zoneminder.logrotate DESTINATION /etc/logrotate.d RENAME zoneminder PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ)
|
||||
install(FILES zoneminder.conf DESTINATION /etc/zm/www PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ)
|
||||
install(FILES zoneminder.php-fpm.conf DESTINATION /etc/zm/www PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ)
|
||||
install(FILES zoneminder.nginx.conf DESTINATION /etc/zm/www PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ)
|
||||
|
||||
install(FILES zoneminder.service DESTINATION /usr/lib/systemd/system PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ)
|
||||
install(FILES zoneminder.tmpfiles DESTINATION /usr/lib/tmpfiles.d RENAME zoneminder.conf PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ)
|
||||
install(FILES common/redalert.wav DESTINATION ${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_DATAROOTDIR}/zoneminder/www/sounds PERMISSIONS OWNER_WRITE OWNER_READ OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
|
||||
|
||||
|
|
|
@ -0,0 +1,7 @@
|
|||
polkit.addRule(function(action, subject) {
|
||||
if (action.id == "com.zoneminder.policykit.pkexec.run-zmsystemctl" &&
|
||||
subject.user != "@WEB_USER@") {
|
||||
return polkit.Result.NO;
|
||||
}
|
||||
|
||||
});
|
|
@ -0,0 +1,8 @@
|
|||
# Additional config directions for ZoneMinder with Apache web server
|
||||
|
||||
[Unit]
|
||||
After=httpd.service
|
||||
|
||||
[Service]
|
||||
User=@WEB_USER@
|
||||
Group=@WEB_GROUP@
|
|
@ -1,9 +1,10 @@
|
|||
# ZoneMinder systemd unit file for RedHat distros and clones
|
||||
# See drop-in folder for additional config directives
|
||||
|
||||
[Unit]
|
||||
Description=ZoneMinder CCTV recording and security system
|
||||
After=network.target mariadb.service httpd.service
|
||||
Requires=mariadb.service httpd.service
|
||||
After=network.target mariadb.service
|
||||
Requires=mariadb.service
|
||||
|
||||
[Service]
|
||||
User=@WEB_USER@
|
|
@ -1,125 +0,0 @@
|
|||
module local_zoneminder 1.2;
|
||||
|
||||
require {
|
||||
type afs_ka_port_t;
|
||||
type netsupport_port_t;
|
||||
type port_t;
|
||||
type presence_port_t;
|
||||
type postfix_master_t;
|
||||
type postfix_qmgr_t;
|
||||
type postfix_pickup_t;
|
||||
type httpd_t;
|
||||
type var_lib_t;
|
||||
type ionixnetmon_port_t;
|
||||
type glance_port_t;
|
||||
type mmcc_port_t;
|
||||
type postfix_master_t;
|
||||
type commplex_port_t;
|
||||
type syslogd_port_t;
|
||||
type dcc_port_t;
|
||||
type sip_port_t;
|
||||
type amqp_port_t;
|
||||
type condor_port_t;
|
||||
type afs_fs_port_t;
|
||||
type nodejs_debug_port_t;
|
||||
type httpd_var_lib_t;
|
||||
type websm_port_t;
|
||||
type afs_pt_port_t;
|
||||
type postfix_qmgr_t;
|
||||
type git_port_t;
|
||||
type ipp_port_t;
|
||||
type aol_port_t;
|
||||
type unconfined_t;
|
||||
type kernel_t;
|
||||
type init_t;
|
||||
type auditd_t;
|
||||
type mysqld_t;
|
||||
type httpd_log_t;
|
||||
type syslogd_t;
|
||||
type httpd_t;
|
||||
type initrc_state_t;
|
||||
type initrc_t;
|
||||
type var_lib_t;
|
||||
type udev_t;
|
||||
type mysqld_safe_t;
|
||||
type sshd_t;
|
||||
type crond_t;
|
||||
type getty_t;
|
||||
type httpd_var_lib_t;
|
||||
type initrc_var_run_t;
|
||||
type tmpfs_t;
|
||||
type dhcpc_t;
|
||||
type v4l_device_t;
|
||||
type file_t;
|
||||
class sock_file { write create unlink };
|
||||
class unix_stream_socket { read connectto };
|
||||
class lnk_file { write create getattr read lock unlink };
|
||||
class dir {search getattr };
|
||||
class udp_socket name_bind;
|
||||
class file { write getattr read lock unlink open };
|
||||
class shm { unix_read unix_write associate read write getattr };
|
||||
class chr_file getattr;
|
||||
}
|
||||
|
||||
#============= httpd_t ==============
|
||||
allow httpd_t auditd_t:dir { search getattr };
|
||||
allow httpd_t auditd_t:file { read getattr open };
|
||||
allow httpd_t crond_t:dir { search getattr };
|
||||
allow httpd_t crond_t:file { read getattr open };
|
||||
allow httpd_t dhcpc_t:dir { search getattr };
|
||||
allow httpd_t dhcpc_t:file { read getattr open };
|
||||
allow httpd_t getty_t:dir { search getattr };
|
||||
allow httpd_t getty_t:file { read getattr open };
|
||||
allow httpd_t httpd_log_t:file write;
|
||||
allow httpd_t httpd_var_lib_t:lnk_file { write getattr read lock unlink };
|
||||
allow httpd_t init_t:dir { search getattr };
|
||||
allow httpd_t init_t:file { read getattr open };
|
||||
#!!!! The source type 'httpd_t' can write to a 'file' of the following types:
|
||||
#squirrelmail_spool_t, mirrormanager_var_run_t, dirsrvadmin_config_t, httpd_lock_t, httpd_tmp_t, dirsrv_config_t, dirsrvadmin_tmp_t, httpd_cache_t, httpd_tmpfs_t, httpd_squirrelmail_t, dirsrv_var_run_t, dirsrv_var_log_t, httpd_var_lib_t, httpd_var_run_t, zarafa_var_lib_t, httpd_prewikka_rw_content_t, httpd_mediawiki_rw_content_t, httpd_squid_rw_content_t, passenger_var_run_t, httpd_smokeping_cgi_rw_content_t, httpd_openshift_rw_content_t, httpd_dirsrvadmin_rw_content_t, httpd_w3c_validator_rw_content_t, httpd_collectd_rw_content_t, cluster_var_lib_t, cluster_var_run_t, httpd_user_rw_content_t, httpd_awstats_rw_content_t, httpdcontent, root_t, httpd_cobbler_rw_content_t, httpd_munin_rw_content_t, cluster_conf_t, httpd_bugzilla_rw_content_t, passenger_tmp_t, httpd_cvs_rw_content_t, httpd_git_rw_content_t, httpd_sys_rw_content_t, httpd_sys_rw_content_t, httpd_nagios_rw_content_t, httpd_apcupsd_cgi_rw_content_t, httpd_nutups_cgi_rw_content_t, httpd_dspam_rw_content_t
|
||||
|
||||
allow httpd_t initrc_state_t:file { read write getattr unlink open };
|
||||
allow httpd_t initrc_t:unix_stream_socket connectto;
|
||||
allow httpd_t initrc_t:shm { unix_read unix_write associate read write getattr };
|
||||
allow httpd_t initrc_var_run_t:file { write read lock open };
|
||||
allow httpd_t kernel_t:dir { search getattr };
|
||||
allow httpd_t kernel_t:file { read getattr open };
|
||||
allow httpd_t mysqld_safe_t:dir { search getattr };
|
||||
allow httpd_t mysqld_safe_t:file { read getattr open };
|
||||
allow httpd_t mysqld_t:dir { search getattr };
|
||||
allow httpd_t mysqld_t:file { read getattr open };
|
||||
allow httpd_t sshd_t:dir { search getattr };
|
||||
allow httpd_t sshd_t:file { read getattr open };
|
||||
allow httpd_t syslogd_t:dir { search getattr };
|
||||
allow httpd_t syslogd_t:file { read getattr open };
|
||||
allow httpd_t tmpfs_t:sock_file write;
|
||||
allow httpd_t udev_t:dir { search getattr };
|
||||
allow httpd_t udev_t:file { read getattr open };
|
||||
allow httpd_t unconfined_t:dir { search getattr };
|
||||
allow httpd_t unconfined_t:file { read getattr open };
|
||||
allow httpd_t var_lib_t:lnk_file { write getattr read lock unlink };
|
||||
allow httpd_t var_lib_t:sock_file { write unlink };
|
||||
allow httpd_t v4l_device_t:chr_file getattr;
|
||||
allow httpd_t afs_fs_port_t:udp_socket name_bind;
|
||||
allow httpd_t afs_ka_port_t:udp_socket name_bind;
|
||||
allow httpd_t afs_pt_port_t:udp_socket name_bind;
|
||||
allow httpd_t amqp_port_t:udp_socket name_bind;
|
||||
allow httpd_t aol_port_t:udp_socket name_bind;
|
||||
allow httpd_t commplex_port_t:udp_socket name_bind;
|
||||
allow httpd_t condor_port_t:udp_socket name_bind;
|
||||
allow httpd_t dcc_port_t:udp_socket name_bind;
|
||||
allow httpd_t git_port_t:udp_socket name_bind;
|
||||
allow httpd_t glance_port_t:udp_socket name_bind;
|
||||
allow httpd_t httpd_var_lib_t:lnk_file create;
|
||||
allow httpd_t ionixnetmon_port_t:udp_socket name_bind;
|
||||
allow httpd_t ipp_port_t:udp_socket name_bind;
|
||||
allow httpd_t mmcc_port_t:udp_socket name_bind;
|
||||
allow httpd_t netsupport_port_t:udp_socket name_bind;
|
||||
allow httpd_t nodejs_debug_port_t:udp_socket name_bind;
|
||||
allow httpd_t port_t:udp_socket name_bind;
|
||||
allow httpd_t postfix_master_t:dir { search getattr };
|
||||
allow httpd_t postfix_master_t:file { read getattr open };
|
||||
allow httpd_t postfix_pickup_t:dir { search getattr };
|
||||
allow httpd_t postfix_pickup_t:file { read getattr open };
|
||||
allow httpd_t postfix_qmgr_t:dir { search getattr };
|
||||
allow httpd_t postfix_qmgr_t:file { read getattr open };
|
||||
allow httpd_t presence_port_t:udp_socket name_bind;
|
|
@ -0,0 +1,7 @@
|
|||
polkit.addRule(function(action, subject) {
|
||||
if (action.id == "com.zoneminder.policykit.pkexec.run-zmsystemctl" &&
|
||||
subject.user != "nginx") {
|
||||
return polkit.Result.NO;
|
||||
}
|
||||
|
||||
});
|
|
@ -0,0 +1,9 @@
|
|||
# Additional config directives for ZoneMinder with Nginx web server
|
||||
|
||||
[Unit]
|
||||
After=nginx.service php-fpm.service fcgiwrap.service
|
||||
Requires=php-fpm.service fcgiwrap.service
|
||||
|
||||
[Service]
|
||||
User=nginx
|
||||
Group=nginx
|
|
@ -0,0 +1,3 @@
|
|||
ZM_WEB_USER=nginx
|
||||
ZM_WEB_GROUP=nginx
|
||||
|
|
@ -0,0 +1,8 @@
|
|||
D @ZM_TMPDIR@ 0755 nginx nginx
|
||||
D @ZM_SOCKDIR@ 0755 nginx nginx
|
||||
D @ZM_CACHEDIR@ 0755 nginx nginx
|
||||
d @ZM_DIR_EVENTS@ 0755 nginx nginx
|
||||
D @ZM_DIR_IMAGES@ 0755 nginx nginx
|
||||
D /var/lib/php/session 770 root nginx
|
||||
D /var/lib/php/wsdlcache 770 root nginx
|
||||
|
|
@ -1,22 +0,0 @@
|
|||
# ZoneMinder systemd unit file for Fedora
|
||||
# Replace mariadb with community-mysql if using mysql service instead of mariadb
|
||||
|
||||
[Unit]
|
||||
Description=ZoneMinder CCTV recording and security system
|
||||
After=network.target mariadb.service nginx.service php-fpm.service fcgiwrap.service
|
||||
Requires=mariadb.service nginx.service php-fpm.service fcgiwrap.service
|
||||
|
||||
[Service]
|
||||
User=@WEB_USER@
|
||||
Group=@WEB_GROUP@
|
||||
Type=forking
|
||||
ExecStart=@BINDIR@/zmpkg.pl start
|
||||
ExecReload=@BINDIR@/zmpkg.pl restart
|
||||
ExecStop=@BINDIR@/zmpkg.pl stop
|
||||
PIDFile=@ZM_RUNDIR@/zm.pid
|
||||
Environment=TZ=/etc/localtime
|
||||
RuntimeDirectory=zoneminder
|
||||
RuntimeDirectoryMode=0755
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
|
@ -1,8 +0,0 @@
|
|||
D @ZM_TMPDIR@ 0755 @WEB_USER@ @WEB_GROUP@
|
||||
D @ZM_SOCKDIR@ 0755 @WEB_USER@ @WEB_GROUP@
|
||||
D @ZM_CACHEDIR@ 0755 @WEB_USER@ @WEB_GROUP@
|
||||
d @ZM_DIR_EVENTS@ 0755 @WEB_USER@ @WEB_GROUP@
|
||||
D @ZM_DIR_IMAGES@ 0755 @WEB_USER@ @WEB_GROUP@
|
||||
D /var/lib/php/session 770 root @WEB_GROUP@
|
||||
D /var/lib/php/wsdlcache 770 root @WEB_GROUP@
|
||||
|
|
@ -0,0 +1,29 @@
|
|||
What's New
|
||||
==========
|
||||
|
||||
1. See the ZoneMinder release notes for a list of new features:
|
||||
https://github.com/ZoneMinder/zoneminder/releases
|
||||
|
||||
2. The contents of the ZoneMinder Apache config file have changed. In
|
||||
addition, this ZoneMinder package now requires you to manually symlink the
|
||||
ZoneMinder Apache config file. See new install step 6 and upgrade step 3
|
||||
below for details.
|
||||
|
||||
3. This package has been split into sub-packages to allow compatibility with
|
||||
other web servers. Here is a breakdown of the available packages:
|
||||
|
||||
zoneminder - Meta-package installs zoneminder-common and zoneminder-httpd
|
||||
This exists soley for backwards compaitilibty.
|
||||
zoneminder-common - Common files that do not differ based on the web server
|
||||
zoneminder-httpd - Files needed for compatibility with the Apache web server
|
||||
zoneminder-nginx - Files needed for compatibility with the Nginx web server
|
||||
|
||||
You can switch between different subpackages with dnf/yum. Be advised that,
|
||||
if you modified any of the default config files supplied by the package,
|
||||
rpm may not update the config file to the proper version. This is by design.
|
||||
Use drop-in files instead, to avoid this issue.
|
||||
|
||||
4. Continue on to the next README that corresponds to the chosen webserver:
|
||||
|
||||
README.httpd - Follow these steps when using Apache
|
||||
README.nginx - Follow these steps when using Nginx
|
|
@ -1,3 +1,4 @@
|
|||
# Leaving this to allow one to build zoneminder-http subpackage using arbitrary user account
|
||||
%global zmuid_final apache
|
||||
%global zmgid_final apache
|
||||
|
||||
|
@ -7,10 +8,6 @@
|
|||
# CakePHP-Enum-Behavior is configured as a git submodule
|
||||
%global ceb_version 1.0-zm
|
||||
|
||||
%if "%{zmuid_final}" == "nginx"
|
||||
%global with_nginx 1
|
||||
%endif
|
||||
|
||||
%global sslcert %{_sysconfdir}/pki/tls/certs/localhost.crt
|
||||
%global sslkey %{_sysconfdir}/pki/tls/private/localhost.key
|
||||
|
||||
|
@ -22,11 +19,12 @@
|
|||
%global with_apcu_bc 1
|
||||
%endif
|
||||
|
||||
# The default for everything but el7 these days
|
||||
%global _hardened_build 1
|
||||
|
||||
Name: zoneminder
|
||||
Version: 1.32.2
|
||||
Release: 1%{?dist}
|
||||
Release: 2%{?dist}
|
||||
Summary: A camera monitoring and analysis tool
|
||||
Group: System Environment/Daemons
|
||||
# Mootools is inder the MIT license: http://mootools.net/
|
||||
|
@ -74,6 +72,7 @@ BuildRequires: vlc-devel
|
|||
BuildRequires: libcurl-devel
|
||||
BuildRequires: libv4l-devel
|
||||
BuildRequires: desktop-file-utils
|
||||
BuildRequires: gzip
|
||||
|
||||
# ZoneMinder looks for and records the location of the ffmpeg binary during build
|
||||
BuildRequires: ffmpeg
|
||||
|
@ -83,10 +82,25 @@ BuildRequires: ffmpeg-devel
|
|||
BuildRequires: libmp4v2-devel
|
||||
BuildRequires: x264-devel
|
||||
|
||||
%{?with_nginx:Requires: nginx}
|
||||
%{?with_nginx:Requires: php-fpm}
|
||||
%{!?with_nginx:Requires: httpd}
|
||||
%{!?with_nginx:Requires: php}
|
||||
# Allow existing user base to seamlessly transition to sub-packages
|
||||
Requires: %{name}-common%{?_isa} = %{version}-%{release}
|
||||
Requires: %{name}-httpd%{?_isa} = %{version}-%{release}
|
||||
|
||||
%description
|
||||
ZoneMinder is a set of applications which is intended to provide a complete
|
||||
solution allowing you to capture, analyze, record and monitor any cameras you
|
||||
have attached to a Linux based machine. It is designed to run on kernels which
|
||||
support the Video For Linux (V4L) interface and has been tested with cameras
|
||||
attached to BTTV cards, various USB cameras and IP network cameras. It is
|
||||
designed to support as many cameras as you can attach to your computer without
|
||||
too much degradation of performance.
|
||||
|
||||
This is a meta package for backwards compatibility with the existing
|
||||
ZoneMinder user base.
|
||||
|
||||
%package common
|
||||
Summary: Common files for ZoneMinder, not tied to a specific web server
|
||||
|
||||
Requires: php-mysqli
|
||||
Requires: php-common
|
||||
Requires: php-gd
|
||||
|
@ -111,16 +125,12 @@ Requires: perl(Net::FTP)
|
|||
Requires: perl(LWP::Protocol::https)
|
||||
Requires: ca-certificates
|
||||
Requires: zip
|
||||
|
||||
Requires(post): systemd
|
||||
Requires(post): systemd-sysv
|
||||
Requires(preun): systemd
|
||||
Requires(postun): systemd
|
||||
%{systemd_requires}
|
||||
|
||||
Requires(post): %{_bindir}/gpasswd
|
||||
Requires(post): %{_bindir}/less
|
||||
|
||||
%description
|
||||
%description common
|
||||
ZoneMinder is a set of applications which is intended to provide a complete
|
||||
solution allowing you to capture, analyze, record and monitor any cameras you
|
||||
have attached to a Linux based machine. It is designed to run on kernels which
|
||||
|
@ -129,15 +139,56 @@ attached to BTTV cards, various USB cameras and IP network cameras. It is
|
|||
designed to support as many cameras as you can attach to your computer without
|
||||
too much degradation of performance.
|
||||
|
||||
This is a meta-package that exists solely to allow the existing user base to
|
||||
seamlessly transition to sub-packages.
|
||||
|
||||
%package httpd
|
||||
Summary: ZoneMinder configuration for Apache web server
|
||||
Requires: %{name}-common%{?_isa} = %{version}-%{release}
|
||||
Requires: httpd
|
||||
Requires: php
|
||||
|
||||
Conflicts: %{name}-nginx
|
||||
|
||||
%description httpd
|
||||
ZoneMinder is a set of applications which is intended to provide a complete
|
||||
solution allowing you to capture, analyze, record and monitor any cameras you
|
||||
have attached to a Linux based machine. It is designed to run on kernels which
|
||||
support the Video For Linux (V4L) interface and has been tested with cameras
|
||||
attached to BTTV cards, various USB cameras and IP network cameras. It is
|
||||
designed to support as many cameras as you can attach to your computer without
|
||||
too much degradation of performance.
|
||||
|
||||
This sub-package contains configuration specific to Apache web server
|
||||
|
||||
%package nginx
|
||||
Summary: ZoneMinder configuration for Nginx web server
|
||||
Requires: %{name}-common%{?_isa} = %{version}-%{release}
|
||||
Requires: nginx
|
||||
Requires: php-fpm
|
||||
|
||||
Conflicts: %{name}-httpd
|
||||
|
||||
%description nginx
|
||||
ZoneMinder is a set of applications which is intended to provide a complete
|
||||
solution allowing you to capture, analyze, record and monitor any cameras you
|
||||
have attached to a Linux based machine. It is designed to run on kernels which
|
||||
support the Video For Linux (V4L) interface and has been tested with cameras
|
||||
attached to BTTV cards, various USB cameras and IP network cameras. It is
|
||||
designed to support as many cameras as you can attach to your computer without
|
||||
too much degradation of performance.
|
||||
|
||||
This sub-package contains support for ZoneMinder with the Nginx web server
|
||||
|
||||
%prep
|
||||
%autosetup -p 1 -a 1
|
||||
%{__rm} -rf ./web/api/app/Plugin/Crud
|
||||
%{__mv} -f crud-%{crud_version} ./web/api/app/Plugin/Crud
|
||||
rm -rf ./web/api/app/Plugin/Crud
|
||||
mv -f crud-%{crud_version} ./web/api/app/Plugin/Crud
|
||||
|
||||
# The all powerful autosetup macro does not work after the second source tarball
|
||||
%{__gzip} -dc %{_sourcedir}/cakephp-enum-behavior-%{ceb_version}.tar.gz | tar -xvvf -
|
||||
%{__rm} -rf ./web/api/app/Plugin/CakePHP-Enum-Behavior
|
||||
%{__mv} -f CakePHP-Enum-Behavior-%{ceb_version} ./web/api/app/Plugin/CakePHP-Enum-Behavior
|
||||
gzip -dc %{_sourcedir}/cakephp-enum-behavior-%{ceb_version}.tar.gz | tar -xvvf -
|
||||
rm -rf ./web/api/app/Plugin/CakePHP-Enum-Behavior
|
||||
mv -f CakePHP-Enum-Behavior-%{ceb_version} ./web/api/app/Plugin/CakePHP-Enum-Behavior
|
||||
|
||||
# Change the following default values
|
||||
./utils/zmeditconfigdata.sh ZM_OPT_CAMBOZOLA yes
|
||||
|
@ -150,7 +201,7 @@ too much degradation of performance.
|
|||
%build
|
||||
%cmake \
|
||||
-DZM_WEB_USER="%{zmuid_final}" \
|
||||
-DZM_WEB_GROUP="%{zmuid_final}" \
|
||||
-DZM_WEB_GROUP="%{zmgid_final}" \
|
||||
-DZM_TARGET_DISTRO="%{zmtargetdistro}" \
|
||||
.
|
||||
|
||||
|
@ -172,10 +223,13 @@ find %{buildroot} \( -name .htaccess -or -name .editorconfig -or -name .packlist
|
|||
find %{buildroot}%{_datadir}/zoneminder/www/api \( -name cake -or -name cake.php \) -type f -exec sed -i 's\^#!/usr/bin/env bash$\#!%{_buildshell}\' {} \; -exec %{__chmod} 755 {} \;
|
||||
|
||||
# Use the system cacert file rather then the one bundled with CakePHP
|
||||
%{__rm} -f %{buildroot}%{_datadir}/zoneminder/www/api/lib/Cake/Config/cacert.pem
|
||||
%{__ln_s} ../../../../../../../..%{_sysconfdir}/pki/tls/certs/ca-bundle.crt %{buildroot}%{_datadir}/zoneminder/www/api/lib/Cake/Config/cacert.pem
|
||||
rm -f %{buildroot}%{_datadir}/zoneminder/www/api/lib/Cake/Config/cacert.pem
|
||||
ln -s ../../../../../../../..%{_sysconfdir}/pki/tls/certs/ca-bundle.crt %{buildroot}%{_datadir}/zoneminder/www/api/lib/Cake/Config/cacert.pem
|
||||
|
||||
%post
|
||||
# Handle the polkit file differently for web server agnostic support (see post)
|
||||
rm -f %{buildroot}%{_datadir}/polkit-1/rules.d/com.zoneminder.systemctl.rules
|
||||
|
||||
%post common
|
||||
# Initial installation
|
||||
if [ $1 -eq 1 ] ; then
|
||||
%systemd_post %{name}.service
|
||||
|
@ -183,28 +237,38 @@ fi
|
|||
|
||||
# Upgrade from a previous version of zoneminder
|
||||
if [ $1 -eq 2 ] ; then
|
||||
|
||||
# Add any new PTZ control configurations to the database (will not overwrite)
|
||||
%{_bindir}/zmcamtool.pl --import >/dev/null 2>&1 || :
|
||||
|
||||
# Freshen the database
|
||||
%{_bindir}/zmupdate.pl -f >/dev/null 2>&1 || :
|
||||
|
||||
# We can't run this automatically when new sql account permissions need to
|
||||
# be manually added first
|
||||
# Run zmupdate non-interactively
|
||||
# zmupdate.pl --nointeractive
|
||||
fi
|
||||
|
||||
# Allow zoneminder access to local video sources, serial ports, and x10
|
||||
%{_bindir}/gpasswd -a %{zmuid_final} video >/dev/null 2>&1 || :
|
||||
%{_bindir}/gpasswd -a %{zmuid_final} dialout >/dev/null 2>&1 || :
|
||||
|
||||
# Warn the end user to read the README file
|
||||
echo -e "\nVERY IMPORTANT: Before starting ZoneMinder, you must read the README file\nto finish the installation or upgrade!"
|
||||
echo -e "\nThe README file is located here: %{_pkgdocdir}/README\n"
|
||||
|
||||
%if 0%{?with_nginx}
|
||||
%post httpd
|
||||
ln -s %{_sysconfdir}/zm/www/com.zoneminder.systemctl.rules.apache %{_datadir}/polkit-1/rules.d/com.zoneminder.systemctl.rules
|
||||
# backwards compatibility
|
||||
ln -s %{_sysconfdir}/zm/www/zoneminder.apache.conf %{_sysconfdir}/zm/www/zoneminder.conf
|
||||
|
||||
# Allow zoneminder access to local video sources, serial ports, and x10
|
||||
%{_bindir}/gpasswd -a %{zmuid_final} video >/dev/null 2>&1 || :
|
||||
%{_bindir}/gpasswd -a %{zmuid_final} dialout >/dev/null 2>&1 || :
|
||||
|
||||
%post nginx
|
||||
|
||||
ln -s %{_sysconfdir}/zm/www/com.zoneminder.systemctl.rules.nginx %{_datadir}/polkit-1/rules.d/com.zoneminder.systemctl.rules
|
||||
|
||||
#
|
||||
# TO-DO: configure the README's
|
||||
#
|
||||
|
||||
# Allow zoneminder access to local video sources, serial ports, and x10
|
||||
%{_bindir}/gpasswd -a nginx video >/dev/null 2>&1 || :
|
||||
%{_bindir}/gpasswd -a nginx dialout >/dev/null 2>&1 || :
|
||||
|
||||
# Nginx does not create an SSL certificate like the apache package does so lets do that here
|
||||
if [ -f %{sslkey} -o -f %{sslcert} ]; then
|
||||
exit 0
|
||||
|
@ -230,7 +294,6 @@ SomeOrganizationalUnit
|
|||
${FQDN}
|
||||
root@${FQDN}
|
||||
EOF
|
||||
%endif
|
||||
|
||||
%preun
|
||||
%systemd_preun %{name}.service
|
||||
|
@ -238,17 +301,10 @@ EOF
|
|||
%postun
|
||||
%systemd_postun_with_restart %{name}.service
|
||||
|
||||
%triggerun -- zoneminder < 1.25.0-4
|
||||
# Save the current service runlevel info
|
||||
# User must manually run systemd-sysv-convert --apply zoneminder
|
||||
# to migrate them to systemd targets
|
||||
%{_bindir}/systemd-sysv-convert --save zoneminder >/dev/null 2>&1 ||:
|
||||
|
||||
# Run these because the SysV package being removed won't do them
|
||||
/sbin/chkconfig --del zoneminder >/dev/null 2>&1 || :
|
||||
/bin/systemctl try-restart zoneminder.service >/dev/null 2>&1 || :
|
||||
|
||||
%files
|
||||
# nothing
|
||||
|
||||
%files common
|
||||
%license COPYING
|
||||
%doc AUTHORS README.md distros/redhat/readme/README distros/redhat/readme/README.https
|
||||
|
||||
|
@ -260,18 +316,12 @@ EOF
|
|||
# Config folder contents contain sensitive info
|
||||
# and should not be readable by normal users
|
||||
%{_sysconfdir}/zm/conf.d/README
|
||||
%config(noreplace) %attr(640,root,%{zmgid_final}) %{_sysconfdir}/zm/zm.conf
|
||||
%config(noreplace) %attr(640,root,%{zmgid_final}) %{_sysconfdir}/zm/conf.d/*.conf
|
||||
%ghost %attr(640,root,%{zmgid_final}) %{_sysconfdir}/zm/conf.d/zmcustom.conf
|
||||
|
||||
%config(noreplace) %attr(644,root,root) %{_sysconfdir}/zm/www/zoneminder.conf
|
||||
%config(noreplace) %{_sysconfdir}/zm/www/zoneminder.php-fpm.conf
|
||||
%config(noreplace) %{_sysconfdir}/logrotate.d/zoneminder
|
||||
|
||||
%{_tmpfilesdir}/zoneminder.conf
|
||||
%{_unitdir}/zoneminder.service
|
||||
%{_datadir}/polkit-1/actions/com.zoneminder.systemctl.policy
|
||||
%{_datadir}/polkit-1/rules.d/com.zoneminder.systemctl.rules
|
||||
%{_bindir}/zmsystemctl.pl
|
||||
|
||||
%{_bindir}/zma
|
||||
|
@ -304,6 +354,15 @@ EOF
|
|||
%{_datadir}/zoneminder/
|
||||
%{_datadir}/applications/*zoneminder.desktop
|
||||
|
||||
%files httpd
|
||||
%config(noreplace) %attr(640,root,%{zmgid_final}) %{_sysconfdir}/zm/zm.conf
|
||||
%config(noreplace) %attr(640,root,%{zmgid_final}) %{_sysconfdir}/zm/conf.d/0*.conf
|
||||
%ghost %attr(640,root,%{zmgid_final}) %{_sysconfdir}/zm/conf.d/zmcustom.conf
|
||||
%config(noreplace) %{_sysconfdir}/zm/www/zoneminder.apache.conf
|
||||
%config(noreplace) %{_sysconfdir}/zm/www/com.zoneminder.systemctl.rules.apache
|
||||
%ghost %{_datadir}/polkit-1/rules.d/com.zoneminder.systemctl.rules
|
||||
|
||||
%{_unitdir}/zoneminder.service.d/zm-apache.conf
|
||||
%dir %attr(755,%{zmuid_final},%{zmgid_final}) %{_sharedstatedir}/zoneminder
|
||||
%dir %attr(755,%{zmuid_final},%{zmgid_final}) %{_sharedstatedir}/zoneminder/events
|
||||
%dir %attr(755,%{zmuid_final},%{zmgid_final}) %{_sharedstatedir}/zoneminder/images
|
||||
|
@ -313,9 +372,33 @@ EOF
|
|||
%dir %attr(755,%{zmuid_final},%{zmgid_final}) %{_localstatedir}/cache/zoneminder
|
||||
%dir %attr(755,%{zmuid_final},%{zmgid_final}) %{_localstatedir}/log/zoneminder
|
||||
%dir %attr(755,%{zmuid_final},%{zmgid_final}) %{_localstatedir}/spool/zoneminder-upload
|
||||
%dir %attr(755,%{zmuid_final},%{zmgid_final}) %{_localstatedir}/run/zoneminder
|
||||
|
||||
%files nginx
|
||||
%config(noreplace) %attr(640,root,nginx) %{_sysconfdir}/zm/zm.conf
|
||||
%config(noreplace) %attr(640,root,nginx) %{_sysconfdir}/zm/conf.d/*.conf
|
||||
%ghost %attr(640,root,nginx) %{_sysconfdir}/zm/conf.d/zmcustom.conf
|
||||
%config(noreplace) %{_sysconfdir}/zm/www/zoneminder.nginx.conf
|
||||
%config(noreplace) %{_sysconfdir}/zm/www/com.zoneminder.systemctl.rules.nginx
|
||||
%ghost %{_datadir}/polkit-1/rules.d/com.zoneminder.systemctl.rules
|
||||
|
||||
%config(noreplace) %{_sysconfdir}/php-fpm.d/zoneminder.php-fpm.conf
|
||||
|
||||
|
||||
%{_unitdir}/zoneminder.service.d/zm-nginx.conf
|
||||
%dir %attr(755,nginx,nginx) %{_sharedstatedir}/zoneminder
|
||||
%dir %attr(755,nginx,nginx) %{_sharedstatedir}/zoneminder/events
|
||||
%dir %attr(755,nginx,nginx) %{_sharedstatedir}/zoneminder/images
|
||||
%dir %attr(755,nginx,nginx) %{_sharedstatedir}/zoneminder/sock
|
||||
%dir %attr(755,nginx,nginx) %{_sharedstatedir}/zoneminder/swap
|
||||
%dir %attr(755,nginx,nginx) %{_sharedstatedir}/zoneminder/temp
|
||||
%dir %attr(755,nginx,nginx) %{_localstatedir}/cache/zoneminder
|
||||
%dir %attr(755,nginx,nginx) %{_localstatedir}/log/zoneminder
|
||||
%dir %attr(755,nginx,nginx) %{_localstatedir}/spool/zoneminder-upload
|
||||
|
||||
%changelog
|
||||
* Wed Nov 14 2018 Andrew Bauer <zonexpertconsulting@outlook.com> - 1.32.2-2
|
||||
- Break into sub-packages
|
||||
|
||||
* Sat Oct 13 2018 Andrew Bauer <zonexpertconsulting@outlook.com> - 1.32.2-1
|
||||
- 1.32.2 release
|
||||
- Bug fix release
|
||||
|
|
Loading…
Reference in New Issue