|
 |
1657d5 |
%global frrversion 7.5
|
|
|
c0b7e4 |
%global frr_libdir /usr/lib/frr
|
|
|
c0b7e4 |
|
|
|
c0b7e4 |
%global _hardened_build 1
|
|
|
c0b7e4 |
|
|
|
c0b7e4 |
Name: frr
|
|
|
1657d5 |
Version: 7.5
|
|
|
17297e |
Release: 4%{?checkout}%{?dist}.2
|
|
|
c0b7e4 |
Summary: Routing daemon
|
|
|
c0b7e4 |
License: GPLv2+
|
|
|
c0b7e4 |
URL: http://www.frrouting.org
|
|
|
c0b7e4 |
Source0: https://github.com/FRRouting/frr/releases/download/%{name}-%{frrversion}/%{name}-%{frrversion}.tar.gz
|
|
|
1657d5 |
Source1: %{name}-tmpfiles.conf
|
|
|
c0b7e4 |
BuildRequires: perl-generators
|
|
|
c0b7e4 |
BuildRequires: gcc
|
|
|
c0b7e4 |
BuildRequires: net-snmp-devel
|
|
|
1657d5 |
BuildRequires: texinfo libcap-devel autoconf automake libtool patch groff
|
|
|
c0b7e4 |
BuildRequires: readline readline-devel ncurses ncurses-devel
|
|
|
c0b7e4 |
BuildRequires: git pam-devel c-ares-devel
|
|
|
c0b7e4 |
BuildRequires: json-c-devel bison >= 2.7 flex perl-XML-LibXML
|
|
|
c0b7e4 |
BuildRequires: python3-devel python3-sphinx python3-pytest
|
|
|
c0b7e4 |
BuildRequires: systemd systemd-devel
|
|
|
1657d5 |
BuildRequires: libyang-devel >= 1.0.184
|
|
|
c0b7e4 |
Requires: net-snmp ncurses
|
|
|
c0b7e4 |
Requires(post): systemd /sbin/install-info
|
|
|
c0b7e4 |
Requires(preun): systemd /sbin/install-info
|
|
|
c0b7e4 |
Requires(postun): systemd
|
|
|
715177 |
Requires: iproute
|
|
|
715177 |
Requires: initscripts
|
|
|
c0b7e4 |
Provides: routingdaemon = %{version}-%{release}
|
|
|
1657d5 |
Obsoletes: frr-sysvinit quagga frr-contrib
|
|
|
c0b7e4 |
|
|
|
c0b7e4 |
Patch0000: 0000-remove-babeld-and-ldpd.patch
|
|
|
c0b7e4 |
Patch0001: 0001-use-python3.patch
|
|
|
c0b7e4 |
Patch0002: 0002-enable-openssl.patch
|
|
|
c0b7e4 |
Patch0003: 0003-disable-eigrp-crypto.patch
|
|
|
c0b7e4 |
Patch0004: 0004-fips-mode.patch
|
|
|
715177 |
Patch0006: 0006-CVE-2020-12831.patch
|
|
|
1657d5 |
Patch0007: 0007-frrinit.patch
|
|
|
17297e |
Patch0008: 0008-bfd-reload.patch
|
|
|
17297e |
Patch0012: 0012-bfd-peers-crash.patch
|
|
|
c0b7e4 |
|
|
|
c0b7e4 |
%description
|
|
|
c0b7e4 |
FRRouting is free software that manages TCP/IP based routing protocols. It takes
|
|
|
c0b7e4 |
a multi-server and multi-threaded approach to resolve the current complexity
|
|
|
c0b7e4 |
of the Internet.
|
|
|
c0b7e4 |
|
|
|
c0b7e4 |
FRRouting supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD.
|
|
|
c0b7e4 |
|
|
|
c0b7e4 |
FRRouting is a fork of Quagga.
|
|
|
c0b7e4 |
|
|
|
c0b7e4 |
%prep
|
|
|
c0b7e4 |
%autosetup -S git
|
|
|
c0b7e4 |
|
|
|
c0b7e4 |
%build
|
|
|
c0b7e4 |
autoreconf -ivf
|
|
|
c0b7e4 |
|
|
|
c0b7e4 |
%configure \
|
|
|
c0b7e4 |
--sbindir=%{frr_libdir} \
|
|
|
c0b7e4 |
--sysconfdir=%{_sysconfdir}/frr \
|
|
|
c0b7e4 |
--libdir=%{_libdir}/frr \
|
|
|
c0b7e4 |
--libexecdir=%{_libexecdir}/frr \
|
|
|
c0b7e4 |
--localstatedir=%{_localstatedir}/run/frr \
|
|
|
c0b7e4 |
--enable-snmp=agentx \
|
|
|
c0b7e4 |
--enable-multipath=64 \
|
|
|
c0b7e4 |
--enable-vtysh=yes \
|
|
|
c0b7e4 |
--enable-ospfclient=no \
|
|
|
c0b7e4 |
--enable-ospfapi=no \
|
|
|
c0b7e4 |
--enable-user=frr \
|
|
|
c0b7e4 |
--enable-group=frr \
|
|
|
1657d5 |
--enable-vty-group=frrvty \
|
|
|
c0b7e4 |
--enable-rtadv \
|
|
|
c0b7e4 |
--disable-exampledir \
|
|
|
c0b7e4 |
--enable-systemd=yes \
|
|
|
c0b7e4 |
--enable-static=no \
|
|
|
c0b7e4 |
--disable-ldpd \
|
|
|
c0b7e4 |
--disable-babeld \
|
|
|
c0b7e4 |
--with-moduledir=%{_libdir}/frr/modules \
|
|
|
c0b7e4 |
--with-crypto=openssl \
|
|
|
c0b7e4 |
--enable-fpm
|
|
|
c0b7e4 |
|
|
|
c0b7e4 |
%make_build MAKEINFO="makeinfo --no-split" PYTHON=%{__python3}
|
|
|
c0b7e4 |
|
|
|
c0b7e4 |
pushd doc
|
|
|
c0b7e4 |
make info
|
|
|
c0b7e4 |
popd
|
|
|
c0b7e4 |
|
|
|
c0b7e4 |
%install
|
|
|
c0b7e4 |
mkdir -p %{buildroot}/etc/{frr,rc.d/init.d,sysconfig,logrotate.d,pam.d,default} \
|
|
|
c0b7e4 |
%{buildroot}/var/log/frr %{buildroot}%{_infodir} \
|
|
|
c0b7e4 |
%{buildroot}%{_unitdir}
|
|
|
c0b7e4 |
|
|
|
c0b7e4 |
mkdir -p -m 0755 %{buildroot}%{_libdir}/frr
|
|
|
1657d5 |
mkdir -p %{buildroot}%{_tmpfilesdir}
|
|
|
c0b7e4 |
|
|
|
c0b7e4 |
%make_install
|
|
|
c0b7e4 |
|
|
|
c0b7e4 |
# Remove this file, as it is uninstalled and causes errors when building on RH9
|
|
|
c0b7e4 |
rm -rf %{buildroot}/usr/share/info/dir
|
|
|
c0b7e4 |
|
|
|
1657d5 |
install -p -m 644 %{SOURCE1} %{buildroot}%{_tmpfilesdir}/%{name}.conf
|
|
|
1657d5 |
install -p -m 644 %{_builddir}/%{name}-%{frrversion}/tools/etc/frr/daemons %{buildroot}/etc/frr/daemons
|
|
|
1657d5 |
install -p -m 644 %{_builddir}/%{name}-%{frrversion}/tools/frr.service %{buildroot}%{_unitdir}/frr.service
|
|
|
1657d5 |
install -p -m 755 %{_builddir}/%{name}-%{frrversion}/tools/frrinit.sh %{buildroot}%{frr_libdir}/frr
|
|
|
1657d5 |
install -p -m 755 %{_builddir}/%{name}-%{frrversion}/tools/frrcommon.sh %{buildroot}%{frr_libdir}/frrcommon.sh
|
|
|
1657d5 |
install -p -m 755 %{_builddir}/%{name}-%{frrversion}/tools/watchfrr.sh %{buildroot}%{frr_libdir}/watchfrr.sh
|
|
|
1657d5 |
|
|
|
c0b7e4 |
install -p -m 644 %{_builddir}/%{name}-%{frrversion}/redhat/frr.logrotate %{buildroot}/etc/logrotate.d/frr
|
|
|
c0b7e4 |
install -p -m 644 %{_builddir}/%{name}-%{frrversion}/redhat/frr.pam %{buildroot}/etc/pam.d/frr
|
|
|
c0b7e4 |
install -d -m 775 %{buildroot}/run/frr
|
|
|
c0b7e4 |
|
|
|
c0b7e4 |
rm %{buildroot}%{_libdir}/frr/*.la
|
|
|
c0b7e4 |
rm %{buildroot}%{_libdir}/frr/modules/*.la
|
|
|
c0b7e4 |
|
|
|
1657d5 |
#Upstream does not maintain a stable API, these headers from -devel subpackage are no longer needed
|
|
|
1657d5 |
rm %{buildroot}%{_libdir}/frr/*.so
|
|
|
1657d5 |
rm -r %{buildroot}%{_includedir}/frr/
|
|
|
1657d5 |
|
|
|
c0b7e4 |
%pre
|
|
|
1657d5 |
getent group fttvty >/dev/null 2>&1 || groupadd -r frrvty >/dev/null 2>&1 || :
|
|
|
1657d5 |
getent group frr >/dev/null 2>&1 || groupadd -r frr >/dev/null 2>&1 || :
|
|
|
1657d5 |
getent passwd frr >/dev/null 2>&1 || useradd -M -r -g frr -s /sbin/nologin \
|
|
|
c0b7e4 |
-c "FRRouting suite" -d %{_localstatedir}/run/frr frr || :
|
|
|
1657d5 |
usermod -aG frrvty frr
|
|
|
c0b7e4 |
|
|
|
c0b7e4 |
%post
|
|
|
c0b7e4 |
%systemd_post frr.service
|
|
|
c0b7e4 |
|
|
|
c0b7e4 |
if [ -f %{_infodir}/%{name}.inf* ]; then
|
|
|
c0b7e4 |
install-info %{_infodir}/frr.info %{_infodir}/dir || :
|
|
|
c0b7e4 |
fi
|
|
|
c0b7e4 |
|
|
|
c0b7e4 |
# Create dummy files if they don't exist so basic functions can be used.
|
|
|
c0b7e4 |
if [ ! -e %{_sysconfdir}/frr/zebra.conf ]; then
|
|
|
c0b7e4 |
echo "hostname `hostname`" > %{_sysconfdir}/frr/zebra.conf
|
|
|
c0b7e4 |
chown frr:frr %{_sysconfdir}/frr/zebra.conf
|
|
|
c0b7e4 |
chmod 640 %{_sysconfdir}/frr/zebra.conf
|
|
|
c0b7e4 |
fi
|
|
|
c0b7e4 |
|
|
|
c0b7e4 |
if [ ! -e %{_sysconfdir}/frr/vtysh.conf ]; then
|
|
|
1657d5 |
echo 'no service integrated-vtysh-config' > %{_sysconfdir}/frr/vtysh.conf
|
|
|
c0b7e4 |
chmod 640 %{_sysconfdir}/frr/vtysh.conf
|
|
|
1657d5 |
chown frr:frrvty %{_sysconfdir}/frr/vtysh.conf
|
|
|
1657d5 |
fi
|
|
|
1657d5 |
|
|
|
1657d5 |
#Making sure that the old format of config file still works
|
|
|
1657d5 |
#Checking whether .rpmnew conf file is present - in that case I want to change the old config
|
|
|
1657d5 |
if [ -e %{_sysconfdir}/frr/daemons.rpmnew ]; then
|
|
|
1657d5 |
sed -i s'/watchfrr_/#watchfrr_/g' %{_sysconfdir}/frr/daemons
|
|
|
1657d5 |
sed -i s'/zebra=/#zebra=/g' %{_sysconfdir}/frr/daemons
|
|
|
c0b7e4 |
fi
|
|
|
c0b7e4 |
|
|
|
c0b7e4 |
%postun
|
|
|
c0b7e4 |
%systemd_postun_with_restart frr.service
|
|
|
c0b7e4 |
|
|
|
c0b7e4 |
#only when removing the package
|
|
|
c0b7e4 |
if [ $1 -ge 0 ]; then
|
|
|
c0b7e4 |
if [ -f %{_infodir}/%{name}.inf* ]; then
|
|
|
c0b7e4 |
install-info --delete %{_infodir}/frr.info %{_infodir}/dir || :
|
|
|
c0b7e4 |
fi
|
|
|
c0b7e4 |
fi
|
|
|
c0b7e4 |
|
|
|
c0b7e4 |
%preun
|
|
|
c0b7e4 |
%systemd_preun frr.service
|
|
|
c0b7e4 |
|
|
|
c0b7e4 |
%check
|
|
|
c0b7e4 |
make check PYTHON=%{__python3}
|
|
|
c0b7e4 |
|
|
|
c0b7e4 |
%files
|
|
|
c0b7e4 |
%defattr(-,root,root)
|
|
|
c0b7e4 |
%license COPYING
|
|
|
c0b7e4 |
%doc zebra/zebra.conf.sample
|
|
|
c0b7e4 |
%doc isisd/isisd.conf.sample
|
|
|
c0b7e4 |
%doc ripd/ripd.conf.sample
|
|
|
c0b7e4 |
%doc bgpd/bgpd.conf.sample*
|
|
|
c0b7e4 |
%doc ospfd/ospfd.conf.sample
|
|
|
c0b7e4 |
%doc ospf6d/ospf6d.conf.sample
|
|
|
c0b7e4 |
%doc ripngd/ripngd.conf.sample
|
|
|
c0b7e4 |
%doc pimd/pimd.conf.sample
|
|
|
c0b7e4 |
%doc doc/mpls
|
|
|
1657d5 |
%dir %attr(740,frr,frr) %{_sysconfdir}/frr
|
|
|
c0b7e4 |
%dir %attr(755,frr,frr) /var/log/frr
|
|
|
c0b7e4 |
%dir %attr(755,frr,frr) /run/frr
|
|
|
c0b7e4 |
%{_infodir}/*info*
|
|
|
c0b7e4 |
%{_mandir}/man*/*
|
|
|
1657d5 |
%dir %{frr_libdir}/
|
|
|
c0b7e4 |
%{frr_libdir}/*
|
|
|
c0b7e4 |
%{_bindir}/*
|
|
|
c0b7e4 |
%dir %{_libdir}/frr
|
|
|
c0b7e4 |
%{_libdir}/frr/*.so.*
|
|
|
1657d5 |
%dir %{_libdir}/frr/modules/
|
|
|
c0b7e4 |
%{_libdir}/frr/modules/*
|
|
|
c0b7e4 |
%config(noreplace) %attr(644,root,root) /etc/logrotate.d/frr
|
|
|
1657d5 |
%config(noreplace) %attr(644,frr,frr) /etc/frr/daemons
|
|
|
c0b7e4 |
%config(noreplace) /etc/pam.d/frr
|
|
|
c0b7e4 |
%{_unitdir}/*.service
|
|
|
1657d5 |
%dir /usr/share/yang
|
|
|
c0b7e4 |
/usr/share/yang/*.yang
|
|
|
1657d5 |
%{_tmpfilesdir}/%{name}.conf
|
|
|
c0b7e4 |
|
|
|
c0b7e4 |
%changelog
|
|
|
17297e |
* Wed Jan 05 2022 Michal Ruprich <mruprich@redhat.com> - 7.5-4.2
|
|
|
17297e |
- Resolves: #2037200 - Bfdd crash in metallb CI
|
|
|
17297e |
|
|
|
17297e |
* Fri Dec 10 2021 Michal Ruprich <mruprich@redhat.com> - 7.5-4.1
|
|
|
17297e |
- Resolves: #2031077 - FRR reloader generating invalid BFD configurations, exits with error
|
|
|
17297e |
|
|
|
1657d5 |
* Tue Jan 12 2021 root - 7.5-4
|
|
|
1657d5 |
- Related: #1889323 - Fixing start-up with old config file
|
|
|
1657d5 |
|
|
|
1657d5 |
* Mon Jan 11 2021 root - 7.5-3
|
|
|
1657d5 |
- Related: #1889323 - Reverting to non-integrated cofiguration
|
|
|
1657d5 |
|
|
|
1657d5 |
* Thu Jan 07 2021 Michal Ruprich <mruprich@redhat.com> - 7.5-2
|
|
|
1657d5 |
- Related: #1889323 - Obsoleting frr-contrib
|
|
|
1657d5 |
|
|
|
1657d5 |
* Thu Jan 07 2021 Michal Ruprich <mruprich@redhat.com> - 7.5-1
|
|
|
1657d5 |
- Resolves: #1889323 - [RFE] Rebase FRR to 7.5
|
|
|
1657d5 |
|
|
|
715177 |
* Thu Aug 20 2020 Michal Ruprich <mruprich@redhat.com> - 7.0-10
|
|
|
715177 |
- Resolves: #1867793 - FRR does not conform to the source port range specified in RFC5881
|
|
|
715177 |
|
|
|
715177 |
* Thu Aug 20 2020 Michal Ruprich <mruprich@redhat.com> - 7.0-9
|
|
|
715177 |
- Resolves: #1852476 - default permission issue eases information leaks
|
|
|
715177 |
|
|
|
715177 |
* Tue May 05 2020 Michal Ruprich <mruprich@redhat.com> - 7.0-8
|
|
|
715177 |
- Resolves: #1819319 - frr fails to start start if the initscripts package is missing
|
|
|
715177 |
|
|
|
715177 |
* Mon May 04 2020 Michal Ruprich <mruprich@redhat.com> - 7.0-7
|
|
|
715177 |
- Resolves: #1758544 - IGMPv3 queries may lead to DoS
|
|
|
715177 |
|
|
|
715177 |
* Tue Mar 10 2020 Michal Ruprich <mruprich@redhat.com> - 7.0-6
|
|
|
715177 |
- Resolves: #1776342 - frr has missing dependency on iproute
|
|
|
715177 |
|
|
|
c0b7e4 |
* Tue Sep 03 2019 Michal Ruprich <mruprich@redhat.com> - 7.0-5
|
|
|
c0b7e4 |
- Resolves: #1719465 - Removal of component Frr or its crypto
|
|
|
c0b7e4 |
|
|
|
c0b7e4 |
* Wed Jun 19 2019 Michal Ruprich <mruprich@redhat.com> - 7.0-4
|
|
|
c0b7e4 |
- Related: #1657029 - frr-contrib is back, it is breaking the rpmdeplint test
|
|
|
c0b7e4 |
|
|
|
c0b7e4 |
* Wed Jun 19 2019 Michal Ruprich <mruprich@redhat.com> - 7.0-3
|
|
|
c0b7e4 |
- Related: #1657029 - more cleanup, removed frr-contrib, frrvt changed to frrvty
|
|
|
c0b7e4 |
|
|
|
c0b7e4 |
* Wed Jun 19 2019 Michal Ruprich <mruprich@redhat.com> - 7.0-2
|
|
|
c0b7e4 |
- Related: #1657029 - cleaning specfile, adding Requires on libyang-devel
|
|
|
c0b7e4 |
|
|
|
c0b7e4 |
* Wed May 29 2019 Michal Ruprich <mruprich@redhat.com> - 7.0-1
|
|
|
c0b7e4 |
- Resolves: #1657029 - Add FRR as a replacement of Quagga in RHEL 8
|