mirror of
https://github.com/bitcoin/bitcoin.git
synced 2025-01-19 05:45:05 +01:00
All files related to my RPM spec file project in one commit
This commit is contained in:
parent
317462123f
commit
146746bbaf
185
contrib/rpm/README.md
Normal file
185
contrib/rpm/README.md
Normal file
@ -0,0 +1,185 @@
|
||||
RPM Spec File Notes
|
||||
-------------------
|
||||
|
||||
The RPM spec file provided here is for Bitcoin-Core 0.12.0 and builds on CentOS
|
||||
7 with either the CentOS provided OpenSSL library or with LibreSSL as packaged
|
||||
at [LibreLAMP.com](https://librelamp.com/). It should hopefully not be too
|
||||
difficult to port the RPM spec file to most RPM based Linux distributions.
|
||||
|
||||
When porting the spec file to build for a particular distribution, there are
|
||||
some important notes.
|
||||
|
||||
## Sources
|
||||
|
||||
It is considered good form for all sources to reference a URL where the source
|
||||
can be downloaded.
|
||||
|
||||
Sources 0-9 should be reserved for source code tarballs. `Source0` should
|
||||
reference the release tarball available from https://bitcoin.org/bin/ and
|
||||
`Source1` should reference the BerkeleyDB source.
|
||||
|
||||
Sources 10-99 are for source files that are maintained in the
|
||||
[Bitcoin git repository](https://github.com/bitcoin/bitcoin) but are not part of
|
||||
the release tarball. Most of these will reside in the `contrib` sub-directory.
|
||||
|
||||
Sources 10-19 should be reserved for miscellaneous configuration files.
|
||||
Currently only `Source10` is used, for the example `bitcoin.conf` file.
|
||||
|
||||
Sources 20-29 should be reserved for man pages. Currently only `Source20`
|
||||
through `Source23` are used.
|
||||
|
||||
Sources 30-39 should be reserved for SELinux related files. Currently only
|
||||
`Source30` through `Source32` are used. Until those files are in a tagged
|
||||
release, the full URL specified in the RPM spec file will not work. You can get
|
||||
them from the git ropository where you retrieved this file.
|
||||
|
||||
Sources 100+ are for files that are not source tarballs and are not maintained
|
||||
in the bitcoin git repository. At present only an SVG version of the Bitcoin
|
||||
icon is used.
|
||||
|
||||
## Patches
|
||||
|
||||
In general, patches should be avoided. When a packager feels a patch is
|
||||
necessary, the packager should bring the problem to the attention of the bitcoin
|
||||
developers so that an official fix to the issue can make it into the next
|
||||
release.
|
||||
|
||||
### Patch0 bitcoin-0.12.0-libressl.patch
|
||||
|
||||
This patch is only needed if building against LibreSSL. LibreSSL is not the
|
||||
standard TLS library on most Linux distributions. The patch will likely not be
|
||||
needed when 0.12.1 is released, a proper fix is already in the Bitcoin git
|
||||
master branch.
|
||||
|
||||
## BuildRequires
|
||||
|
||||
The packages specified in the `BuildRequires` are specified according to the
|
||||
package naming convention currently used in CentOS 7 and EPEL for CentOS 7. You
|
||||
may need to change some of the package names for other distributions. This is
|
||||
most likely to be the case with the Qt packages.
|
||||
|
||||
## BerkeleyDB
|
||||
|
||||
The `build-unix.md` file recommends building against BerkeleyDB 4.8.30. Even if
|
||||
that is the version your Linux distribution ships with, it probably is a good
|
||||
idea to build Bitcoin Core against a static version of that library compiled
|
||||
according to the instructions in the `build-unix.md` file so that any changes
|
||||
the distribution may make in the future will not result in a problem for users.
|
||||
|
||||
The problem that can exist, clients built against different versions of
|
||||
BerkeleyDB may not be able read each other's `wallet.dat` file which can make it
|
||||
difficult for a user to recover from backup in the event of a system failure.
|
||||
|
||||
## Graphical User Interface and Qt Version
|
||||
|
||||
The RPM spec file will by default build the GUI client linked against the Qt5
|
||||
libraries. If you wish instead to link against the Qt4 libraries you need to
|
||||
pass the switch `-D '_use_qt4 1'` at build time to the `rpmbuild` or `mock`
|
||||
command used to build the packages.
|
||||
|
||||
If you would prefer not to build the GUI at all, you can pass the switch
|
||||
`-D '_no_gui 1'` to the `rpmbuild` or `mock` build command.
|
||||
|
||||
## Desktop and KDE Files
|
||||
|
||||
The desktop and KDE meta files are created in the spec file itself with the
|
||||
`cat` command. This is done to allow easy distribution specific changes without
|
||||
needing to use any patches. A specific time stamp is given to the files so that
|
||||
it does not they do not appear to have been updated every time the package is
|
||||
built. If you do make changes to them, you probably should update time stamp
|
||||
assigned to them in the `touch` command that specifies the time stamp.
|
||||
|
||||
## SVG, PNG, and XPM Icons
|
||||
|
||||
The `bitcoin.svg` file is from the source listed as `Source100`. It is used as
|
||||
the source for the PNG and XPM files. The generated PNG and XPM files are given
|
||||
the same time stamp as the source SVG file as a means of indicating they are
|
||||
derived from it.
|
||||
|
||||
## Systemd
|
||||
|
||||
This spec file assumes the target distribution uses systemd. That really only
|
||||
matters for the `bitcoin-server` package. At this point, most RPM based
|
||||
distributions that still receive vendor updates do in fact use systemd.
|
||||
|
||||
The files to control the service are created in the RPM spec file itself using
|
||||
the `cat` command. This is done to make it easy to modify for other
|
||||
distributions that may implement things differently without needing to patch
|
||||
source. A specific time stamp is given to the files so that they do not appear
|
||||
to have been updated every time the package is built. If you do make changes to
|
||||
them, you probably should update the time stamp assigned to them in the `touch`
|
||||
command that specifies the time stamp.
|
||||
|
||||
## SELinux
|
||||
|
||||
The `bitcoin-server` package should have SELinux support. How to properly do
|
||||
that *may* vary by distribution and version of distribution.
|
||||
|
||||
The SELinux stuff in this RPM spec file *should* be correct for CentOS, RHEL,
|
||||
and Fedora but it would be a good idea to review it before building the package
|
||||
on other distributions.
|
||||
|
||||
## Tests
|
||||
|
||||
The `%check` section takes a very long time to run. If your build system has a
|
||||
time limit for package build, you may need to make an exception for this
|
||||
package. On CentOS 7 the `%check` section completes successfully with both
|
||||
OpenSSL and LibreSSL, a failure really does mean something is wrong.
|
||||
|
||||
## LibreSSL Build Notes
|
||||
|
||||
To build against LibreSSL you will need to pass the switch
|
||||
`-D '_use_libressl 1'` to the `rpmbuild` or `mock` command or the spec file will
|
||||
want the OpenSSL development files.
|
||||
|
||||
### LibreSSL and Boost
|
||||
|
||||
LibreSSL (and some newer builds of OpenSSL) do not have support for SSLv3. This
|
||||
can cause issues with the Boost package if the Boost package has not been
|
||||
patched accordingly. On those distributions, you will either need to build
|
||||
Bitcoin-Core against OpenSSL or use a patched version of Boost in the build
|
||||
system.
|
||||
|
||||
As SSLv3 is no longer safe, distributions that have not patched Boost to work
|
||||
with TLS libraries that do not support SSLv3 should have bug reports filed
|
||||
against the Boost package. This bug report has already been filed for RHEL 7 but
|
||||
it may need to be filed for other distributions.
|
||||
|
||||
A patch for Boost: https://github.com/boostorg/asio/pull/23/files
|
||||
|
||||
## ZeroMQ
|
||||
|
||||
At this time, this RPM spec file does not support the ZeroMQ build options. A
|
||||
suitable version of ZeroMQ is not available for the platform this spec file was
|
||||
developed on (CentOS 7).
|
||||
|
||||
## Legacy Credit
|
||||
|
||||
This RPM spec file is largely based upon the work of Michael Hampton at
|
||||
[Ringing Liberty](https://www.ringingliberty.com/bitcoin/). He has been
|
||||
packaging Bitcoin for Fedora at least since 2012.
|
||||
|
||||
Most of the differences between his packaging and this package are stylistic in
|
||||
nature. The major differences:
|
||||
|
||||
1. He builds from a github tagged release rather than a release tarball. This
|
||||
should not result in different source code.
|
||||
|
||||
2. He does not build BerkeleyDB but instead uses the BerkeleyDB provided by the
|
||||
Linux distribution. For the distributions he packages for, they currently all
|
||||
use the same version of BerkeleyDB so that difference is *probably* just
|
||||
academic.
|
||||
|
||||
3. As of his 10.11.2 package he did not allow for building against LibreSSL,
|
||||
specifying a build without the Qt GUI, or specifying which version of the Qt
|
||||
libraries to use.
|
||||
|
||||
4. I renamed the `bitcoin` package that contains the Qt GUI to `bitcoin-core` as
|
||||
that appears to be how the general population refers to it, in contrast to
|
||||
`bitcoin-xt` or `bitcoin-classic`. I wanted to make sure the general population
|
||||
knows what they are getting when installing the GUI package.
|
||||
|
||||
As far as minor differences, I generally prefer to assign the file permissions
|
||||
in the `%files` portion of an RPM spec file rather than specifying the
|
||||
permissions of a file during `%install` and other minor things like that that
|
||||
are largely just cosmetic.
|
24
contrib/rpm/bitcoin-0.12.0-libressl.patch
Normal file
24
contrib/rpm/bitcoin-0.12.0-libressl.patch
Normal file
@ -0,0 +1,24 @@
|
||||
diff -ur bitcoin-0.12.0.orig/src/init.cpp bitcoin-0.12.0/src/init.cpp
|
||||
--- bitcoin-0.12.0.orig/src/init.cpp 2015-12-31 16:00:00.000000000 -0800
|
||||
+++ bitcoin-0.12.0/src/init.cpp 2016-02-23 06:03:47.133227757 -0800
|
||||
@@ -1075,7 +1075,7 @@
|
||||
if (fPrintToDebugLog)
|
||||
OpenDebugLog();
|
||||
|
||||
-#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
|
||||
+#if defined(LIBRESSL_VERSION_NUMBER) || (OPENSSL_VERSION_NUMBER < 0x10100000L)
|
||||
LogPrintf("Using OpenSSL version %s\n", SSLeay_version(SSLEAY_VERSION));
|
||||
#else
|
||||
LogPrintf("Using OpenSSL version %s\n", OpenSSL_version(OPENSSL_VERSION));
|
||||
diff -ur bitcoin-0.12.0.orig/src/qt/rpcconsole.cpp bitcoin-0.12.0/src/qt/rpcconsole.cpp
|
||||
--- bitcoin-0.12.0.orig/src/qt/rpcconsole.cpp 2015-12-31 16:00:00.000000000 -0800
|
||||
+++ bitcoin-0.12.0/src/qt/rpcconsole.cpp 2016-02-23 15:09:42.881126841 -0800
|
||||
@@ -264,7 +264,7 @@
|
||||
|
||||
// set library version labels
|
||||
|
||||
-#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
|
||||
+#if defined(LIBRESSL_VERSION_NUMBER) || (OPENSSL_VERSION_NUMBER < 0x10100000L)
|
||||
ui->openSSLVersion->setText(SSLeay_version(SSLEAY_VERSION));
|
||||
#else
|
||||
ui->openSSLVersion->setText(OpenSSL_version(OPENSSL_VERSION));
|
8
contrib/rpm/bitcoin.fc
Normal file
8
contrib/rpm/bitcoin.fc
Normal file
@ -0,0 +1,8 @@
|
||||
/usr/bin/bitcoin-cli -- gen_context(system_u:object_r:bitcoin_exec_t,s0)
|
||||
/usr/sbin/bitcoind -- gen_context(system_u:object_r:bitcoin_exec_t,s0)
|
||||
/usr/lib(64)?/bitcoin/bitcoind -- gen_context(system_u:object_r:bitcoin_exec_t,s0)
|
||||
|
||||
/etc/bitcoin(/.*)? gen_context(system_u:object_r:bitcoin_conf_t,s0)
|
||||
/var/lib/bitcoin(/.*)? gen_context(system_u:object_r:bitcoin_var_lib_t,s0)
|
||||
|
||||
(/var)?/run/bitcoind(/.*)? gen_context(system_u:object_r:bitcoin_var_run_t,s0)
|
157
contrib/rpm/bitcoin.if
Normal file
157
contrib/rpm/bitcoin.if
Normal file
@ -0,0 +1,157 @@
|
||||
|
||||
## <summary>policy for bitcoin</summary>
|
||||
|
||||
|
||||
########################################
|
||||
## <summary>
|
||||
## Transition to bitcoin.
|
||||
## </summary>
|
||||
## <param name="domain">
|
||||
## <summary>
|
||||
## Domain allowed to transition.
|
||||
## </summary>
|
||||
## </param>
|
||||
#
|
||||
interface(`bitcoin_domtrans',`
|
||||
gen_require(`
|
||||
type bitcoin_t, bitcoin_exec_t;
|
||||
')
|
||||
|
||||
corecmd_search_bin($1)
|
||||
domtrans_pattern($1, bitcoin_exec_t, bitcoin_t)
|
||||
')
|
||||
|
||||
|
||||
########################################
|
||||
## <summary>
|
||||
## Execute bitcoin server in the bitcoin domain.
|
||||
## </summary>
|
||||
## <param name="domain">
|
||||
## <summary>
|
||||
## Domain allowed access.
|
||||
## </summary>
|
||||
## </param>
|
||||
#
|
||||
interface(`bitcoin_initrc_domtrans',`
|
||||
gen_require(`
|
||||
type bitcoin_initrc_exec_t;
|
||||
')
|
||||
|
||||
init_labeled_script_domtrans($1, bitcoin_initrc_exec_t)
|
||||
')
|
||||
|
||||
|
||||
########################################
|
||||
## <summary>
|
||||
## Search bitcoin lib directories.
|
||||
## </summary>
|
||||
## <param name="domain">
|
||||
## <summary>
|
||||
## Domain allowed access.
|
||||
## </summary>
|
||||
## </param>
|
||||
#
|
||||
interface(`bitcoin_search_lib',`
|
||||
gen_require(`
|
||||
type bitcoin_var_lib_t;
|
||||
')
|
||||
|
||||
allow $1 bitcoin_var_lib_t:dir search_dir_perms;
|
||||
files_search_var_lib($1)
|
||||
')
|
||||
|
||||
########################################
|
||||
## <summary>
|
||||
## Read bitcoin lib files.
|
||||
## </summary>
|
||||
## <param name="domain">
|
||||
## <summary>
|
||||
## Domain allowed access.
|
||||
## </summary>
|
||||
## </param>
|
||||
#
|
||||
interface(`bitcoin_read_lib_files',`
|
||||
gen_require(`
|
||||
type bitcoin_var_lib_t;
|
||||
')
|
||||
|
||||
files_search_var_lib($1)
|
||||
read_files_pattern($1, bitcoin_var_lib_t, bitcoin_var_lib_t)
|
||||
')
|
||||
|
||||
########################################
|
||||
## <summary>
|
||||
## Manage bitcoin lib files.
|
||||
## </summary>
|
||||
## <param name="domain">
|
||||
## <summary>
|
||||
## Domain allowed access.
|
||||
## </summary>
|
||||
## </param>
|
||||
#
|
||||
interface(`bitcoin_manage_lib_files',`
|
||||
gen_require(`
|
||||
type bitcoin_var_lib_t;
|
||||
')
|
||||
|
||||
files_search_var_lib($1)
|
||||
manage_files_pattern($1, bitcoin_var_lib_t, bitcoin_var_lib_t)
|
||||
')
|
||||
|
||||
########################################
|
||||
## <summary>
|
||||
## Manage bitcoin lib directories.
|
||||
## </summary>
|
||||
## <param name="domain">
|
||||
## <summary>
|
||||
## Domain allowed access.
|
||||
## </summary>
|
||||
## </param>
|
||||
#
|
||||
interface(`bitcoin_manage_lib_dirs',`
|
||||
gen_require(`
|
||||
type bitcoin_var_lib_t;
|
||||
')
|
||||
|
||||
files_search_var_lib($1)
|
||||
manage_dirs_pattern($1, bitcoin_var_lib_t, bitcoin_var_lib_t)
|
||||
')
|
||||
|
||||
|
||||
########################################
|
||||
## <summary>
|
||||
## All of the rules required to administrate
|
||||
## an bitcoin environment
|
||||
## </summary>
|
||||
## <param name="domain">
|
||||
## <summary>
|
||||
## Domain allowed access.
|
||||
## </summary>
|
||||
## </param>
|
||||
## <param name="role">
|
||||
## <summary>
|
||||
## Role allowed access.
|
||||
## </summary>
|
||||
## </param>
|
||||
## <rolecap/>
|
||||
#
|
||||
interface(`bitcoin_admin',`
|
||||
gen_require(`
|
||||
type bitcoin_t;
|
||||
type bitcoin_initrc_exec_t;
|
||||
type bitcoin_var_lib_t;
|
||||
')
|
||||
|
||||
allow $1 bitcoin_t:process { ptrace signal_perms };
|
||||
ps_process_pattern($1, bitcoin_t)
|
||||
|
||||
bitcoin_initrc_domtrans($1)
|
||||
domain_system_change_exemption($1)
|
||||
role_transition $2 bitcoin_initrc_exec_t system_r;
|
||||
allow $2 system_r;
|
||||
|
||||
files_search_var_lib($1)
|
||||
admin_pattern($1, bitcoin_var_lib_t)
|
||||
|
||||
')
|
||||
|
444
contrib/rpm/bitcoin.spec
Normal file
444
contrib/rpm/bitcoin.spec
Normal file
@ -0,0 +1,444 @@
|
||||
%define bdbv 4.8.30
|
||||
%global selinux_variants mls strict targeted
|
||||
|
||||
%if 0%{?_no_gui:1}
|
||||
%define _buildqt 0
|
||||
%define buildargs --with-gui=no
|
||||
%else
|
||||
%define _buildqt 1
|
||||
%if 0%{?_use_qt4}
|
||||
%define buildargs --with-qrencode --with-gui=qt4
|
||||
%else
|
||||
%define buildargs --with-qrencode --with-gui=qt5
|
||||
%endif
|
||||
%endif
|
||||
|
||||
Name: bitcoin
|
||||
Version: 0.12.0
|
||||
Release: 2%{?dist}
|
||||
Summary: Peer to Peer Cryptographic Currency
|
||||
|
||||
Group: Applications/System
|
||||
License: MIT
|
||||
URL: https://bitcoin.org/
|
||||
Source0: https://bitcoin.org/bin/bitcoin-core-%{version}/bitcoin-%{version}.tar.gz
|
||||
Source1: http://download.oracle.com/berkeley-db/db-%{bdbv}.NC.tar.gz
|
||||
|
||||
Source10: https://raw.githubusercontent.com/bitcoin/bitcoin/v%{version}/contrib/debian/examples/bitcoin.conf
|
||||
|
||||
#man pages
|
||||
Source20: https://raw.githubusercontent.com/bitcoin/bitcoin/v%{version}/contrib/debian/manpages/bitcoind.1
|
||||
Source21: https://raw.githubusercontent.com/bitcoin/bitcoin/v%{version}/contrib/debian/manpages/bitcoin-cli.1
|
||||
Source22: https://raw.githubusercontent.com/bitcoin/bitcoin/v%{version}/contrib/debian/manpages/bitcoin-qt.1
|
||||
Source23: https://raw.githubusercontent.com/bitcoin/bitcoin/v%{version}/contrib/debian/manpages/bitcoin.conf.5
|
||||
|
||||
#selinux
|
||||
Source30: https://raw.githubusercontent.com/bitcoin/bitcoin/v%{version}/contrib/rpm/bitcoin.te
|
||||
# Source31 - what about bitcoin-tx and bench_bitcoin ???
|
||||
Source31: https://raw.githubusercontent.com/bitcoin/bitcoin/v%{version}/contrib/rpm/bitcoin.fc
|
||||
Source32: https://raw.githubusercontent.com/bitcoin/bitcoin/v%{version}/contrib/rpm/bitcoin.if
|
||||
|
||||
Source100: https://upload.wikimedia.org/wikipedia/commons/4/46/Bitcoin.svg
|
||||
|
||||
%if 0%{?_use_libressl:1}
|
||||
BuildRequires: libressl-devel
|
||||
%else
|
||||
BuildRequires: openssl-devel
|
||||
%endif
|
||||
BuildRequires: boost-devel
|
||||
BuildRequires: miniupnpc-devel
|
||||
BuildRequires: autoconf automake libtool
|
||||
BuildRequires: libevent-devel
|
||||
|
||||
|
||||
Patch0: bitcoin-0.12.0-libressl.patch
|
||||
|
||||
|
||||
%description
|
||||
Bitcoin is a digital cryptographic currency that uses peer-to-peer technology to
|
||||
operate with no central authority or banks; managing transactions and the
|
||||
issuing of bitcoins is carried out collectively by the network.
|
||||
|
||||
%if %{_buildqt}
|
||||
%package core
|
||||
Summary: Peer to Peer Cryptographic Currency
|
||||
Group: Applications/System
|
||||
Obsoletes: %{name} < %{version}-%{release}
|
||||
Provides: %{name} = %{version}-%{release}
|
||||
%if 0%{?_use_qt4}
|
||||
BuildRequires: qt-devel
|
||||
%else
|
||||
BuildRequires: qt5-qtbase-devel
|
||||
# for /usr/bin/lrelease-qt5
|
||||
BuildRequires: qt5-linguist
|
||||
%endif
|
||||
BuildRequires: protobuf-devel
|
||||
BuildRequires: qrencode-devel
|
||||
BuildRequires: %{_bindir}/desktop-file-validate
|
||||
# for icon generation from SVG
|
||||
BuildRequires: %{_bindir}/inkscape
|
||||
BuildRequires: %{_bindir}/convert
|
||||
|
||||
%description core
|
||||
Bitcoin is a digital cryptographic currency that uses peer-to-peer technology to
|
||||
operate with no central authority or banks; managing transactions and the
|
||||
issuing of bitcoins is carried out collectively by the network.
|
||||
|
||||
This package contains the Qt based graphical client and node. If you are looking
|
||||
to run a Bitcoin wallet, this is probably the package you want.
|
||||
%endif
|
||||
|
||||
|
||||
%package libs
|
||||
Summary: Bitcoin shared libraries
|
||||
Group: System Environment/Libraries
|
||||
|
||||
%description libs
|
||||
This package provides the bitcoinconsensus shared libraries. These libraries
|
||||
may be used by third party software to provide consensus verification
|
||||
functionality.
|
||||
|
||||
Unless you know need this package, you probably do not.
|
||||
|
||||
%package devel
|
||||
Summary: Development files for bitcoin
|
||||
Group: Development/Libraries
|
||||
Requires: %{name}-libs = %{version}-%{release}
|
||||
|
||||
%description devel
|
||||
This package contains the header files and static library for the
|
||||
bitcoinconsensus shared library. If you are developing or compiling software
|
||||
that wants to link against that library, then you need this package installed.
|
||||
|
||||
Most people do not need this package installed.
|
||||
|
||||
%package server
|
||||
Summary: The bitcoin daemon
|
||||
Group: System Environment/Daemons
|
||||
Requires: bitcoin-utils = %{version}-%{release}
|
||||
Requires: selinux-policy policycoreutils-python
|
||||
Requires(pre): shadow-utils
|
||||
Requires(post): %{_sbindir}/semodule %{_sbindir}/restorecon %{_sbindir}/fixfiles %{_sbindir}/sestatus
|
||||
Requires(postun): %{_sbindir}/semodule %{_sbindir}/restorecon %{_sbindir}/fixfiles %{_sbindir}/sestatus
|
||||
BuildRequires: systemd
|
||||
BuildRequires: checkpolicy
|
||||
BuildRequires: %{_datadir}/selinux/devel/Makefile
|
||||
|
||||
%description server
|
||||
This package provides a stand-alone bitcoin-core daemon. For most users, this
|
||||
package is only needed if they need a full-node without the graphical client.
|
||||
|
||||
Some third party wallet software will want this package to provide the actual
|
||||
bitcoin-core node they use to connect to the network.
|
||||
|
||||
If you use the graphical bitcoin-core client then you almost certainly do not
|
||||
need this package.
|
||||
|
||||
%package utils
|
||||
Summary: Bitcoin utilities
|
||||
Group: Applications/System
|
||||
|
||||
%description utils
|
||||
This package provides several command line utilities for interacting with a
|
||||
bitcoin-core daemon.
|
||||
|
||||
The bitcoin-cli utility allows you to communicate and control a bitcoin daemon
|
||||
over RPC, the bitcoin-tx utility allows you to create a custom transaction, and
|
||||
the bench_bitcoin utility can be used to perform some benchmarks.
|
||||
|
||||
This package contains utilities needed by the bitcoin-server package.
|
||||
|
||||
|
||||
%prep
|
||||
%setup -q
|
||||
%patch0 -p1 -b .libressl
|
||||
cp -p %{SOURCE10} ./bitcoin.conf.example
|
||||
tar -zxf %{SOURCE1}
|
||||
cp -p db-%{bdbv}.NC/LICENSE ./db-%{bdbv}.NC-LICENSE
|
||||
mkdir db4 SELinux
|
||||
cp -p %{SOURCE30} %{SOURCE31} %{SOURCE32} SELinux/
|
||||
|
||||
|
||||
%build
|
||||
CWD=`pwd`
|
||||
cd db-%{bdbv}.NC/build_unix/
|
||||
../dist/configure --enable-cxx --disable-shared --with-pic --prefix=${CWD}/db4
|
||||
make install
|
||||
cd ../..
|
||||
|
||||
./autogen.sh
|
||||
%configure LDFLAGS="-L${CWD}/db4/lib/" CPPFLAGS="-I${CWD}/db4/include/" --with-miniupnpc --enable-glibc-back-compat %{buildargs}
|
||||
make %{?_smp_mflags}
|
||||
|
||||
pushd SELinux
|
||||
for selinuxvariant in %{selinux_variants}; do
|
||||
make NAME=${selinuxvariant} -f %{_datadir}/selinux/devel/Makefile
|
||||
mv bitcoin.pp bitcoin.pp.${selinuxvariant}
|
||||
make NAME=${selinuxvariant} -f %{_datadir}/selinux/devel/Makefile clean
|
||||
done
|
||||
popd
|
||||
|
||||
|
||||
%install
|
||||
make install DESTDIR=%{buildroot}
|
||||
|
||||
mkdir -p -m755 %{buildroot}%{_sbindir}
|
||||
mv %{buildroot}%{_bindir}/bitcoind %{buildroot}%{_sbindir}/bitcoind
|
||||
|
||||
# systemd stuff
|
||||
mkdir -p %{buildroot}%{_tmpfilesdir}
|
||||
cat <<EOF > %{buildroot}%{_tmpfilesdir}/bitcoin.conf
|
||||
d /run/bitcoind 0750 bitcoin bitcoin -
|
||||
EOF
|
||||
touch -a -m -t 201504280000 %{buildroot}%{_tmpfilesdir}/bitcoin.conf
|
||||
|
||||
mkdir -p %{buildroot}%{_sysconfdir}/sysconfig
|
||||
cat <<EOF > %{buildroot}%{_sysconfdir}/sysconfig/bitcoin
|
||||
# Provide options to the bitcoin daemon here, for example
|
||||
# OPTIONS="-testnet -disable-wallet"
|
||||
|
||||
OPTIONS=""
|
||||
|
||||
# System service defaults.
|
||||
# Don't change these unless you know what you're doing.
|
||||
CONFIG_FILE="%{_sysconfdir}/bitcoin/bitcoin.conf"
|
||||
DATA_DIR="%{_localstatedir}/lib/bitcoin"
|
||||
PID_FILE="/run/bitcoind/bitcoind.pid"
|
||||
EOF
|
||||
touch -a -m -t 201504280000 %{buildroot}%{_sysconfdir}/sysconfig/bitcoin
|
||||
|
||||
mkdir -p %{buildroot}%{_unitdir}
|
||||
cat <<EOF > %{buildroot}%{_unitdir}/bitcoin.service
|
||||
[Unit]
|
||||
Description=Bitcoin daemon
|
||||
After=syslog.target network.target
|
||||
|
||||
[Service]
|
||||
Type=forking
|
||||
ExecStart=%{_sbindir}/bitcoind -daemon -conf=\${CONFIG_FILE} -datadir=\${DATA_DIR} -pid=\${PID_FILE} \$OPTIONS
|
||||
EnvironmentFile=%{_sysconfdir}/sysconfig/bitcoin
|
||||
User=bitcoin
|
||||
Group=bitcoin
|
||||
|
||||
Restart=on-failure
|
||||
PrivateTmp=true
|
||||
TimeoutStopSec=120
|
||||
TimeoutStartSec=60
|
||||
StartLimitInterval=240
|
||||
StartLimitBurst=5
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
EOF
|
||||
touch -a -m -t 201504280000 %{buildroot}%{_unitdir}/bitcoin.service
|
||||
#end systemd stuff
|
||||
|
||||
mkdir %{buildroot}%{_sysconfdir}/bitcoin
|
||||
mkdir -p %{buildroot}%{_localstatedir}/lib/bitcoin
|
||||
|
||||
#SELinux
|
||||
for selinuxvariant in %{selinux_variants}; do
|
||||
install -d %{buildroot}%{_datadir}/selinux/${selinuxvariant}
|
||||
install -p -m 644 SELinux/bitcoin.pp.${selinuxvariant} %{buildroot}%{_datadir}/selinux/${selinuxvariant}/bitcoin.pp
|
||||
done
|
||||
|
||||
%if %{_buildqt}
|
||||
# qt icons
|
||||
install -D -p share/pixmaps/bitcoin.ico %{buildroot}%{_datadir}/pixmaps/bitcoin.ico
|
||||
install -p share/pixmaps/nsis-header.bmp %{buildroot}%{_datadir}/pixmaps/
|
||||
install -p share/pixmaps/nsis-wizard.bmp %{buildroot}%{_datadir}/pixmaps/
|
||||
install -p %{SOURCE100} %{buildroot}%{_datadir}/pixmaps/bitcoin.svg
|
||||
%{_bindir}/inkscape %{SOURCE100} --export-png=%{buildroot}%{_datadir}/pixmaps/bitcoin16.png -w16 -h16
|
||||
%{_bindir}/inkscape %{SOURCE100} --export-png=%{buildroot}%{_datadir}/pixmaps/bitcoin32.png -w32 -h32
|
||||
%{_bindir}/inkscape %{SOURCE100} --export-png=%{buildroot}%{_datadir}/pixmaps/bitcoin64.png -w64 -h64
|
||||
%{_bindir}/inkscape %{SOURCE100} --export-png=%{buildroot}%{_datadir}/pixmaps/bitcoin128.png -w128 -h128
|
||||
%{_bindir}/inkscape %{SOURCE100} --export-png=%{buildroot}%{_datadir}/pixmaps/bitcoin256.png -w256 -h256
|
||||
%{_bindir}/convert -resize 16x16 %{buildroot}%{_datadir}/pixmaps/bitcoin256.png %{buildroot}%{_datadir}/pixmaps/bitcoin16.xpm
|
||||
%{_bindir}/convert -resize 32x32 %{buildroot}%{_datadir}/pixmaps/bitcoin256.png %{buildroot}%{_datadir}/pixmaps/bitcoin32.xpm
|
||||
%{_bindir}/convert -resize 64x64 %{buildroot}%{_datadir}/pixmaps/bitcoin256.png %{buildroot}%{_datadir}/pixmaps/bitcoin64.xpm
|
||||
%{_bindir}/convert -resize 128x128 %{buildroot}%{_datadir}/pixmaps/bitcoin256.png %{buildroot}%{_datadir}/pixmaps/bitcoin128.xpm
|
||||
%{_bindir}/convert %{buildroot}%{_datadir}/pixmaps/bitcoin256.png %{buildroot}%{_datadir}/pixmaps/bitcoin256.xpm
|
||||
touch %{buildroot}%{_datadir}/pixmaps/*.png -r %{SOURCE100}
|
||||
touch %{buildroot}%{_datadir}/pixmaps/*.xpm -r %{SOURCE100}
|
||||
|
||||
# Desktop File - change the touch timestamp if modifying
|
||||
mkdir -p %{buildroot}%{_datadir}/applications
|
||||
cat <<EOF > %{buildroot}%{_datadir}/applications/bitcoin-core.desktop
|
||||
[Desktop Entry]
|
||||
Encoding=UTF-8
|
||||
Name=Bitcoin
|
||||
Comment=Bitcoin P2P Cryptocurrency
|
||||
Comment[fr]=Bitcoin, monnaie virtuelle cryptographique pair à pair
|
||||
Comment[tr]=Bitcoin, eşten eşe kriptografik sanal para birimi
|
||||
Exec=bitcoin-qt %u
|
||||
Terminal=false
|
||||
Type=Application
|
||||
Icon=bitcoin128
|
||||
MimeType=x-scheme-handler/bitcoin;
|
||||
Categories=Office;Finance;
|
||||
EOF
|
||||
# change touch date when modifying desktop
|
||||
touch -a -m -t 201511100546 %{buildroot}%{_datadir}/applications/bitcoin-core.desktop
|
||||
%{_bindir}/desktop-file-validate %{buildroot}%{_datadir}/applications/bitcoin-core.desktop
|
||||
|
||||
# KDE protocol - change the touch timestamp if modifying
|
||||
mkdir -p %{buildroot}%{_datadir}/kde4/services
|
||||
cat <<EOF > %{buildroot}%{_datadir}/kde4/services/bitcoin-core.protocol
|
||||
[Protocol]
|
||||
exec=bitcoin-qt '%u'
|
||||
protocol=bitcoin
|
||||
input=none
|
||||
output=none
|
||||
helper=true
|
||||
listing=
|
||||
reading=false
|
||||
writing=false
|
||||
makedir=false
|
||||
deleting=false
|
||||
EOF
|
||||
# change touch date when modifying protocol
|
||||
touch -a -m -t 201511100546 %{buildroot}%{_datadir}/kde4/services/bitcoin-core.protocol
|
||||
%endif
|
||||
|
||||
# man pages
|
||||
install -D -p %{SOURCE20} %{buildroot}%{_mandir}/man1/bitcoind.1
|
||||
install -p %{SOURCE21} %{buildroot}%{_mandir}/man1/bitcoin-cli.1
|
||||
%if %{_buildqt}
|
||||
install -p %{SOURCE22} %{buildroot}%{_mandir}/man1/bitcoin-qt.1
|
||||
%endif
|
||||
install -D -p %{SOURCE23} %{buildroot}%{_mandir}/man5/bitcoin.conf.5
|
||||
|
||||
# nuke these, we do extensive testing of binaries in %%check before packaging
|
||||
rm -f %{buildroot}%{_bindir}/test_*
|
||||
|
||||
%check
|
||||
make check
|
||||
pushd src
|
||||
srcdir=. test/bitcoin-util-test.py
|
||||
popd
|
||||
qa/pull-tester/rpc-tests.py -extended
|
||||
|
||||
%post libs -p /sbin/ldconfig
|
||||
|
||||
%postun libs -p /sbin/ldconfig
|
||||
|
||||
%pre server
|
||||
getent group bitcoin >/dev/null || groupadd -r bitcoin
|
||||
getent passwd bitcoin >/dev/null ||
|
||||
useradd -r -g bitcoin -d /var/lib/bitcoin -s /sbin/nologin \
|
||||
-c "Bitcoin wallet server" bitcoin
|
||||
exit 0
|
||||
|
||||
%post server
|
||||
%systemd_post bitcoin.service
|
||||
# SELinux
|
||||
if [ `%{_sbindir}/sestatus |grep -c "disabled"` -eq 0 ]; then
|
||||
for selinuxvariant in %{selinux_variants}; do
|
||||
%{_sbindir}/semodule -s ${selinuxvariant} -i %{_datadir}/selinux/${selinuxvariant}/bitcoin.pp &> /dev/null || :
|
||||
done
|
||||
%{_sbindir}/semanage port -a -t bitcoin_port_t -p tcp 8332
|
||||
%{_sbindir}/semanage port -a -t bitcoin_port_t -p tcp 8333
|
||||
%{_sbindir}/semanage port -a -t bitcoin_port_t -p tcp 18332
|
||||
%{_sbindir}/semanage port -a -t bitcoin_port_t -p tcp 18333
|
||||
%{_sbindir}/fixfiles -R bitcoin-server restore &> /dev/null || :
|
||||
%{_sbindir}/restorecon -R %{_localstatedir}/lib/bitcoin || :
|
||||
fi
|
||||
|
||||
%posttrans server
|
||||
%{_bindir}/systemd-tmpfiles --create
|
||||
|
||||
%preun server
|
||||
%systemd_preun bitcoin.service
|
||||
|
||||
%postun server
|
||||
%systemd_postun bitcoin.service
|
||||
# SELinux
|
||||
if [ $1 -eq 0 ]; then
|
||||
if [ `%{_sbindir}/sestatus |grep -c "disabled"` -eq 0 ]; then
|
||||
%{_sbindir}/semanage port -d -p tcp 8332
|
||||
%{_sbindir}/semanage port -d -p tcp 8333
|
||||
%{_sbindir}/semanage port -d -p tcp 18332
|
||||
%{_sbindir}/semanage port -d -p tcp 18333
|
||||
for selinuxvariant in %{selinux_variants}; do
|
||||
%{_sbindir}/semodule -s ${selinuxvariant} -r bitcoin &> /dev/null || :
|
||||
done
|
||||
%{_sbindir}/fixfiles -R bitcoin-server restore &> /dev/null || :
|
||||
[ -d %{_localstatedir}/lib/bitcoin ] && \
|
||||
%{_sbindir}/restorecon -R %{_localstatedir}/lib/bitcoin &> /dev/null || :
|
||||
fi
|
||||
fi
|
||||
|
||||
%clean
|
||||
rm -rf %{buildroot}
|
||||
|
||||
%if %{_buildqt}
|
||||
%files core
|
||||
%defattr(-,root,root,-)
|
||||
%license COPYING db-%{bdbv}.NC-LICENSE
|
||||
%doc COPYING bitcoin.conf.example doc/README.md doc/bips.md doc/files.md doc/multiwallet-qt.md doc/reduce-traffic.md doc/release-notes.md doc/tor.md
|
||||
%attr(0755,root,root) %{_bindir}/bitcoin-qt
|
||||
%attr(0644,root,root) %{_datadir}/applications/bitcoin-core.desktop
|
||||
%attr(0644,root,root) %{_datadir}/kde4/services/bitcoin-core.protocol
|
||||
%attr(0644,root,root) %{_datadir}/pixmaps/*.ico
|
||||
%attr(0644,root,root) %{_datadir}/pixmaps/*.bmp
|
||||
%attr(0644,root,root) %{_datadir}/pixmaps/*.svg
|
||||
%attr(0644,root,root) %{_datadir}/pixmaps/*.png
|
||||
%attr(0644,root,root) %{_datadir}/pixmaps/*.xpm
|
||||
%attr(0644,root,root) %{_mandir}/man1/bitcoin-qt.1*
|
||||
%endif
|
||||
|
||||
%files libs
|
||||
%defattr(-,root,root,-)
|
||||
%license COPYING
|
||||
%doc COPYING doc/README.md doc/shared-libraries.md
|
||||
%{_libdir}/lib*.so.*
|
||||
|
||||
%files devel
|
||||
%defattr(-,root,root,-)
|
||||
%license COPYING
|
||||
%doc COPYING doc/README.md doc/developer-notes.md doc/shared-libraries.md
|
||||
%attr(0644,root,root) %{_includedir}/*.h
|
||||
%{_libdir}/*.so
|
||||
%{_libdir}/*.a
|
||||
%{_libdir}/*.la
|
||||
%attr(0644,root,root) %{_libdir}/pkgconfig/*.pc
|
||||
|
||||
%files server
|
||||
%defattr(-,root,root,-)
|
||||
%license COPYING db-%{bdbv}.NC-LICENSE
|
||||
%doc COPYING bitcoin.conf.example doc/README.md doc/REST-interface.md doc/bips.md doc/dnsseed-policy.md doc/files.md doc/reduce-traffic.md doc/release-notes.md doc/tor.md
|
||||
%attr(0755,root,root) %{_sbindir}/bitcoind
|
||||
%attr(0644,root,root) %{_tmpfilesdir}/bitcoin.conf
|
||||
%attr(0644,root,root) %{_unitdir}/bitcoin.service
|
||||
%dir %attr(0750,bitcoin,bitcoin) %{_sysconfdir}/bitcoin
|
||||
%dir %attr(0750,bitcoin,bitcoin) %{_localstatedir}/lib/bitcoin
|
||||
%config(noreplace) %attr(0600,root,root) %{_sysconfdir}/sysconfig/bitcoin
|
||||
%attr(0644,root,root) %{_datadir}/selinux/*/*.pp
|
||||
%attr(0644,root,root) %{_mandir}/man1/bitcoind.1*
|
||||
%attr(0644,root,root) %{_mandir}/man5/bitcoin.conf.5*
|
||||
|
||||
%files utils
|
||||
%defattr(-,root,root,-)
|
||||
%license COPYING
|
||||
%doc COPYING bitcoin.conf.example doc/README.md
|
||||
%attr(0755,root,root) %{_bindir}/bitcoin-cli
|
||||
%attr(0755,root,root) %{_bindir}/bitcoin-tx
|
||||
%attr(0755,root,root) %{_bindir}/bench_bitcoin
|
||||
%attr(0644,root,root) %{_mandir}/man1/bitcoin-cli.1*
|
||||
%attr(0644,root,root) %{_mandir}/man5/bitcoin.conf.5*
|
||||
|
||||
|
||||
|
||||
%changelog
|
||||
* Fri Feb 26 2016 Alice Wonder <buildmaster@librelamp.com> - 0.12.0-2
|
||||
- Rename Qt package from bitcoin to bitcoin-core
|
||||
- Make building of the Qt package optional
|
||||
- When building the Qt package, default to Qt5 but allow building
|
||||
- against Qt4
|
||||
- Only run SELinux stuff in post scripts if it is not set to disabled
|
||||
|
||||
* Wed Feb 24 2016 Alice Wonder <buildmaster@librelamp.com> - 0.12.0-1
|
||||
- Initial spec file for 0.12.0 release
|
||||
|
||||
# This spec file is written from scratch but a lot of the packaging decisions are directly
|
||||
# based upon the 0.11.2 package spec file from https://www.ringingliberty.com/bitcoin/
|
81
contrib/rpm/bitcoin.te
Normal file
81
contrib/rpm/bitcoin.te
Normal file
@ -0,0 +1,81 @@
|
||||
policy_module(bitcoin, 1.100.1)
|
||||
|
||||
########################################
|
||||
#
|
||||
# Declarations
|
||||
#
|
||||
|
||||
type bitcoin_t;
|
||||
type bitcoin_exec_t;
|
||||
init_daemon_domain(bitcoin_t, bitcoin_exec_t)
|
||||
|
||||
permissive bitcoin_t;
|
||||
|
||||
type bitcoin_initrc_exec_t;
|
||||
init_script_file(bitcoin_initrc_exec_t)
|
||||
|
||||
type bitcoin_conf_t;
|
||||
files_type(bitcoin_conf_t)
|
||||
|
||||
type bitcoin_var_lib_t;
|
||||
files_type(bitcoin_var_lib_t)
|
||||
|
||||
type bitcoin_var_run_t;
|
||||
files_type(bitcoin_var_run_t)
|
||||
|
||||
type bitcoin_port_t;
|
||||
corenet_port(bitcoin_port_t)
|
||||
|
||||
########################################
|
||||
#
|
||||
# bitcoin local policy
|
||||
#
|
||||
allow bitcoin_t self:process { fork };
|
||||
|
||||
allow bitcoin_t self:fifo_file rw_fifo_file_perms;
|
||||
allow bitcoin_t self:unix_stream_socket create_stream_socket_perms;
|
||||
|
||||
manage_dirs_pattern(bitcoin_t, bitcoin_conf_t, bitcoin_conf_t)
|
||||
manage_files_pattern(bitcoin_t, bitcoin_conf_t, bitcoin_conf_t)
|
||||
|
||||
manage_dirs_pattern(bitcoin_t, bitcoin_var_lib_t, bitcoin_var_lib_t)
|
||||
manage_files_pattern(bitcoin_t, bitcoin_var_lib_t, bitcoin_var_lib_t)
|
||||
files_var_lib_filetrans(bitcoin_t, bitcoin_var_lib_t, { dir file })
|
||||
|
||||
manage_dirs_pattern(bitcoin_t, bitcoin_var_run_t, bitcoin_var_run_t)
|
||||
manage_files_pattern(bitcoin_t, bitcoin_var_run_t, bitcoin_var_run_t)
|
||||
|
||||
sysnet_dns_name_resolve(bitcoin_t)
|
||||
corenet_all_recvfrom_unlabeled(bitcoin_t)
|
||||
|
||||
allow bitcoin_t self:tcp_socket create_stream_socket_perms;
|
||||
corenet_tcp_sendrecv_generic_if(bitcoin_t)
|
||||
corenet_tcp_sendrecv_generic_node(bitcoin_t)
|
||||
corenet_tcp_sendrecv_all_ports(bitcoin_t)
|
||||
corenet_tcp_bind_generic_node(bitcoin_t)
|
||||
|
||||
gen_require(`
|
||||
type bitcoin_port_t;
|
||||
')
|
||||
allow bitcoin_t bitcoin_port_t:tcp_socket name_bind;
|
||||
|
||||
gen_require(`
|
||||
type bitcoin_port_t;
|
||||
')
|
||||
allow bitcoin_t bitcoin_port_t:tcp_socket name_connect;
|
||||
|
||||
domain_use_interactive_fds(bitcoin_t)
|
||||
|
||||
files_read_etc_files(bitcoin_t)
|
||||
|
||||
miscfiles_read_localization(bitcoin_t)
|
||||
|
||||
sysnet_dns_name_resolve(bitcoin_t)
|
||||
|
||||
allow bitcoin_t bitcoin_exec_t:file execute_no_trans;
|
||||
allow bitcoin_t self:process setsched;
|
||||
corecmd_exec_ls(bitcoin_t)
|
||||
corenet_tcp_connect_http_port(bitcoin_t)
|
||||
dev_read_urand(bitcoin_t)
|
||||
fs_getattr_xattr_fs(bitcoin_t)
|
||||
kernel_read_system_state(bitcoin_t)
|
Loading…
Reference in New Issue
Block a user