Summary: Open source remote desktop protocol (RDP) server Name: xrdp Epoch: 1 Version: 0.9.4 Release: %mkrel 1 License: ASL 2.0 Group: Networking/Remote access URL: http://www.xrdp.org/ Source0: https://github.com/neutrinolabs/xrdp/releases/download/v%{version}/xrdp-%{version}.tar.gz Source1: xrdp-sesman.pamd Source2: xrdp.sysconfig Source3: xrdp.logrotate Source4: openssl.conf Patch0: xrdp-0.9.2-sesman.patch Patch1: xrdp-0.9.2-xrdp-ini.patch Patch2: xrdp-0.9.4-service.patch Patch3: xrdp-0.9.2-setpriv.patch Patch4: xrdp-0.9.2-scripts-libexec.patch Patch5: xrdp-0.9.4-CVE-2017-16927.patch BuildRequires: pkgconfig(x11) BuildRequires: pkgconfig(xfixes) BuildRequires: pkgconfig(xrandr) BuildRequires: openssl BuildRequires: pam-devel BuildRequires: pkgconfig(fuse) BuildRequires: pkgconfig(openssl) BuildRequires: pkgconfig(pixman-1) BuildRequires: pkgconfig(systemd) BuildRequires: pkgconfig(glib-2.0) BuildRequires: nasm # tigervnc-server-minimal provides Xvnc (default for now) Requires: tigervnc-server Requires: xinitrc Requires(post): rpm-helper >= %{rpmhelper_required_version} Requires(preun): rpm-helper >= %{rpmhelper_required_version} Requires(posttrans): openssl %description xrdp provides a fully functional RDP server compatible with a wide range of RDP clients, including FreeRDP and Microsoft RDP client. %package devel Summary: Headers and pkg-config files needed to compile xrdp backends %description devel This package contains headers necessary for developing xrdp backends that talk to xrdp. %prep %autosetup -p1 # create 'bash -l' based startwm, to pick up PATH etc. echo '#!/bin/bash -l . %{_libexecdir}/xrdp/startwm.sh' > sesman/startwm-bash.sh %build %configure2_5x --enable-fuse --enable-pixman --enable-painter %make_build %install %make_install #remove .la and .a files find %{buildroot} -name '*.a' -exec rm {} \; find %{buildroot} -name '*.la' -exec rm {} \; # remove libpainter devel files rm -f %{buildroot}%{_includedir}/painter.h %{buildroot}%{_libdir}/libpainter.* %{buildroot}%{_libdir}/pkgconfig/libpainter.pc # remove .so files for non-modules rm -f %{buildroot}%{_libdir}/xrdp/libcommon.so %{buildroot}%{_libdir}/xrdp/libscp.so %{buildroot}%{_libdir}/xrdp/libxrdp.so %{buildroot}%{_libdir}/xrdp/libxrdpapi.so #install sesman pam config /etc/pam.d/xrdp-sesman %{__install} -Dp -m 644 %{SOURCE1} %{buildroot}%{_sysconfdir}/pam.d/xrdp-sesman #install xrdp sysconfig /etc/sysconfig/xrdp %{__install} -Dp -m 644 %{SOURCE2} %{buildroot}%{_sysconfdir}/sysconfig/xrdp #install logrotate /etc/logrotate.d/xrdp %{__install} -Dp -m 644 %{SOURCE3} %{buildroot}%{_sysconfdir}/logrotate.d/xrdp #install openssl.conf /etc/xrdp %{__install} -Dp -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/xrdp/openssl.conf #install 'bash -l' startwm script %{__install} -Dp -m 755 sesman/startwm-bash.sh %{buildroot}%{_libexecdir}/xrdp/startwm-bash.sh #move startwm and reconnectwm scripts to libexec %{__mv} -f %{buildroot}%{_sysconfdir}/xrdp/startwm.sh %{buildroot}%{_libexecdir}/xrdp/ %{__mv} -f %{buildroot}%{_sysconfdir}/xrdp/reconnectwm.sh %{buildroot}%{_libexecdir}/xrdp/ %post %_create_ssl_certificate %{name} %_post_service %{name} %preun %_preun_service %{name} %posttrans if [ ! -s %{_sysconfdir}/xrdp/rsakeys.ini ]; then (umask 377; %{_bindir}/xrdp-keygen xrdp %{_sysconfdir}/xrdp/rsakeys.ini >/dev/null) fi chmod 400 %{_sysconfdir}/xrdp/rsakeys.ini if [ ! -s %{_sysconfdir}/xrdp/cert.pem ]; then (umask 377; openssl req -x509 -newkey rsa:2048 -sha256 -nodes -days 3652 \ -keyout %{_sysconfdir}/xrdp/key.pem \ -out %{_sysconfdir}/xrdp/cert.pem \ -config %{_sysconfdir}/xrdp/openssl.conf >/dev/null 2>&1) fi chmod 400 %{_sysconfdir}/xrdp/cert.pem chmod 400 %{_sysconfdir}/xrdp/key.pem %files %doc COPYING *.txt %dir %{_libdir}/xrdp %dir %{_sysconfdir}/xrdp %dir %{_sysconfdir}/xrdp/pulse %dir %{_datadir}/xrdp %dir %{_libexecdir}/xrdp %config(noreplace) %{_sysconfdir}/xrdp/xrdp.ini %config(noreplace) %{_sysconfdir}/pam.d/xrdp-sesman %config(noreplace) %{_sysconfdir}/logrotate.d/xrdp %config(noreplace) %{_sysconfdir}/sysconfig/xrdp %config(noreplace) %{_sysconfdir}/xrdp/sesman.ini %exclude %{_sysconfdir}/xrdp/xrdp.sh %exclude %ghost %{_sysconfdir}/xrdp/*.pem %exclude %ghost %{_sysconfdir}/xrdp/rsakeys.ini %{_sysconfdir}/xrdp/km*.ini %{_sysconfdir}/xrdp/openssl.conf %{_sysconfdir}/xrdp/xrdp_keyboard.ini %{_libexecdir}/xrdp/startwm*.sh %{_libexecdir}/xrdp/reconnectwm.sh %{_bindir}/xrdp-genkeymap %{_bindir}/xrdp-sesadmin %{_bindir}/xrdp-keygen %{_bindir}/xrdp-sesrun %{_bindir}/xrdp-dis %{_sbindir}/xrdp-chansrv %{_sbindir}/xrdp %{_sbindir}/xrdp-sesman %{_datadir}/xrdp/ad256.bmp %{_datadir}/xrdp/cursor0.cur %{_datadir}/xrdp/cursor1.cur %{_datadir}/xrdp/xrdp256.bmp %{_datadir}/xrdp/sans-10.fv1 %{_datadir}/xrdp/ad24b.bmp %{_datadir}/xrdp/xrdp24b.bmp %{_datadir}/xrdp/xrdp_logo.bmp %{_mandir}/man5/* %{_mandir}/man8/* %{_mandir}/man1/* %{_libdir}/lib*.so.* %exclude %{_libdir}/librfxencode.so %{_libdir}/xrdp/lib*.so.* %exclude %{_libdir}/xrdp/libcommon.so %{_libdir}/xrdp/libmc.so %exclude %{_libdir}/xrdp/libscp.so %{_libdir}/xrdp/libvnc.so %exclude %{_libdir}/xrdp/libxrdp.so %{_libdir}/xrdp/libxup.so %exclude %{_libdir}/xrdp/libxrdpapi.so %{_sysconfdir}/xrdp/pulse/default.pa %{_unitdir}/xrdp-sesman.service %{_unitdir}/xrdp.service %ghost %{_localstatedir}/log/xrdp.log %ghost %{_localstatedir}/log/xrdp-sesman.log %attr(0600,root,root) %verify(not size md5 mtime) %{_sysconfdir}/xrdp/rsakeys.ini %files devel %{_includedir}/xrdp* %{_includedir}/rfxcodec_*.h %{_libdir}/pkgconfig/xrdp.pc %{_libdir}/pkgconfig/rfxcodec.pc %changelog * Thu Dec 14 2017 ns80 <ns80> 1:0.9.4-1.mga6 + Revision: 1182548 - new version updated and resynced with Fedora for CVE-2017-16927 (mga#22076) * Tue Apr 25 2017 neoclust <neoclust> 1:0.9.1-3.mga6 + Revision: 1097336 - Add P4 - Fixes CVE-2017-6967 (mga#20518) + luigiwalser <luigiwalser> - comment out references to X11rdp - sync with fedora as of 2017-03-14 - split out xrdp-devel - generate certificate for TLS authentication on package install - add fastpath hotfix - enable libpainter for compatibility with "noorders" clients - fix log file rotation - move key/cert generation to posttrans stage - require xinitrc, as Xsession is called from startwm.sh - exclude *.so files for non-modules - remove duplicate files from files list * Sat Dec 31 2016 luigiwalser <luigiwalser> 1:0.9.1-1.mga6 + Revision: 1078928 - 0.9.1 (resync with fedora) * Thu Mar 03 2016 umeabot <umeabot> 1:0.9.0-4.mga6 + Revision: 984775 - Rebuild for openssl * Wed Jan 20 2016 daviddavid <daviddavid> 1:0.9.0-3.mga6 + Revision: 926008 - switch to %%configure2_5x to fix build + luigiwalser <luigiwalser> - disable root login by default * Wed Aug 05 2015 luigiwalser <luigiwalser> 1:0.9.0-1.mga6 + Revision: 861430 - xrdp 0.9.0 (imported from fedora) - add patch to fix linking errors - add two bugfix patches from upstream - adapt PAM config for Mageia - adapt spec file for Mageia - create SSL certificates for xrdp service - imported package xrdp * Mon Jul 20 2015 Bojan Smojver <bojan@rexursive.com> - 1:0.9.0-4 - own /etc/xrdp/pulse directory * Fri Jul 17 2015 Bojan Smojver <bojan@rexursive.com> - 1:0.9.0-3 - service files fixes and dependencies - sesman default configuration * Wed Jul 15 2015 Dan Horák <dan[at]danny.cz> - 1:0.9.0-2 - install epoch back to keep clean upgrade path * Tue Jul 14 2015 Itamar Reis Peixoto <itamar@ispbrasil.com.br> - 0.9.0-1 - upgrade to 0.9.0 * Fri Jun 19 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1:0.6.1-11 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild * Thu Jun 4 2015 Bojan Smojver <bojan@rexursive.com> - 1:0.6.1-10 - remove -ac from X server calls: bug #1105202 - put other sesman.ini changes into a patch * Fri May 15 2015 Bojan Smojver <bojan@rexursive.com> - 1:0.6.1-9 - hopefully better service dependencies * Thu Apr 23 2015 Dan Horák <dan[at]danny.cz> - 1:0.6.1-8 - fix upgrade path after the 0.8 bump in 2014-09 by adding Epoch * Mon Dec 22 2014 Bojan Smojver <bojan@rexursive.com> - 0.6.1-7 - add a delay loop when connecting to VNC back end * Mon Dec 8 2014 Bojan Smojver <bojan@rexursive.com> - 0.6.1-6 - use systemd rpm macros: bug #850374 * Thu Aug 21 2014 Kevin Fenzi <kevin@scrye.com> - 0.6.1-5 - Rebuild for rpm bug 1131960 * Mon Aug 18 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.6.1-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sun Jun 08 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.6.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Tue Apr 1 2014 Bojan Smojver <bojan@rexursive.com> - 0.6.1-2 - try a bump to official 0.6.1 - provide format for syslog() call - fix memset() call - fix implicit declarations * Sun Aug 04 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.6.0-0.8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Tue Jan 29 2013 Dan Horák <dan[at]danny.cz> - 0.6.0-0.7 - fix check for big endian arches (#905411) * Sun Jul 22 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.6.0-0.6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Mon May 28 2012 Bojan Smojver <bojan@rexursive.com> - 0.6.0-0.5 - bind xrdp-sesman.service to xrdp.service, so that restarts work - do not use forking style, but run services in the foreground instead - dispense with ExecStop, systemd will do that for us * Sat May 26 2012 Bojan Smojver <bojan@rexursive.com> - 0.6.0-0.4 - do explicit stop/start in order to get xrdp-sesman.service up too * Sat May 26 2012 Bojan Smojver <bojan@rexursive.com> - 0.6.0-0.3 - also attempt to restart xrdp-sesman.service (just xrdp.service won't do it) - stop xrdp-sesman.service when not needed by xrdp.service * Fri May 25 2012 Bojan Smojver <bojan@rexursive.com> - 0.6.0-0.2 - bump release for rebuild with the correct e-mail address * Fri May 25 2012 Bojan Smojver <bojan@rexursive.com> - 0.6.0-0.1 - more work on systemd support - remove xrdp-dis for now, current HEAD is broken (explicit rpaths) * Wed May 23 2012 Itamar Reis Peixoto <itamar@ispbrasil.com.br> - 0.6.0-0.1 - include patch's from Bojan Smojver bz#821569 , bz#611669 * Sat Feb 04 2012 Itamar Reis Peixoto <itamar@ispbrasil.com.br> - 0.5.0-0.16 - add support for systemd * Sat Jan 14 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.5.0-0.15 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.5.0-0.14 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild * Thu Nov 18 2010 Itamar Reis Peixoto <itamar@ispbrasil.com.br> - 0.5.0-0.13 - up to git tag a9cfc235211a49c69c3cce3f98ee5976ff8103a4 * Thu Nov 18 2010 Itamar Reis Peixoto <itamar@ispbrasil.com.br> - 0.5.0-0.12.03172010 - fix logrotate to not restart xrdp and drop all open connections * Mon Oct 04 2010 Itamar Reis Peixoto <itamar@ispbrasil.com.br> - 0.5.0-0.11.03172010 - Load a default keymap when current keymap doesnt exist * Thu Jul 08 2010 Itamar Reis Peixoto <itamar@ispbrasil.com.br> - 0.5.0-0.10.03172010 - fix rhbz #611669 (load environment variables) * Thu Mar 18 2010 Itamar Reis Peixoto <itamar@ispbrasil.com.br> - 0.5.0-0.9.03172010 - buildrequires libXfixes-devel * Thu Mar 18 2010 Itamar Reis Peixoto <itamar@ispbrasil.com.br> - 0.5.0-0.8.03172010 - buildrequires libX11-devel * Thu Mar 18 2010 Itamar Reis Peixoto <itamar@ispbrasil.com.br> - 0.5.0-0.7.03172010 - sync with last xrdp cvs * Wed Sep 16 2009 Tomas Mraz <tmraz@redhat.com> - 0.5.0-0.6.20090811cvs - use password-auth instead of system-auth * Tue Sep 08 2009 Itamar Reis Peixoto <itamar@ispbrasil.com.br> - 0.5.0-0.5.20090811cvs - fix xrdp-sesman pam.d to uses system-auth * Fri Sep 04 2009 Itamar Reis Peixoto <itamar@ispbrasil.com.br> - 0.5.0-0.4.20090811cvs - increase encryption to 128 bit's - include system-auth into /etc/pam.d/xrdp-sesman * Wed Aug 26 2009 Tomas Mraz <tmraz@redhat.com> - 0.5.0-0.3.20090811cvs - rebuild with new openssl * Thu Aug 13 2009 Itamar Reis Peixoto <itamar@ispbrasil.com.br> - 0.5.0-0.2.20090811cvs - more changes to spec file https://bugzilla.redhat.com/show_bug.cgi?id=516364#c10 * Wed Aug 12 2009 Itamar Reis Peixoto <itamar@ispbrasil.com.br> - 0.5.0-0.1.20090811cvs - change versioning schema - improve initscript - fix some macros * Tue Aug 11 2009 Itamar Reis Peixoto <itamar@ispbrasil.com.br> - 0.5.0-2.20090811cvs - changes from BZ#516364 comment 2 from Mamoru Tasaka - changed license to "GPLv2+ with exceptions" - dropped -libs subpackage - use cvs version - remove a patch and use sed instead - remove attr's * Thu Apr 02 2009 Itamar Reis Peixoto <itamar@ispbrasil.com.br> 0.5.0-1 - Initial RPM release