packages: nexus/nexus.spec, nexus/nexus-security-configuration.xml (NEW), n...

Wed May 19 12:16:33 CEST 2010

Author: pawelz                       Date: Wed May 19 10:16:33 2010 GMT
Module: packages                      Tag: HEAD
---- Log message:
- install some default security configuration
- rel 2

---- Files affected:
packages/nexus:
   nexus.spec (1.17 -> 1.18) , nexus-security-configuration.xml (NONE -> 1.1)  (NEW), nexus-security.xml (NONE -> 1.1)  (NEW)

---- Diffs:

================================================================
Index: packages/nexus/nexus.spec
diff -u packages/nexus/nexus.spec:1.17 packages/nexus/nexus.spec:1.18

--- packages/nexus/nexus.spec:1.17	Mon May 17 13:33:57 2010
+++ packages/nexus/nexus.spec	Wed May 19 12:16:27 2010
@@ -4,19 +4,21 @@
 Summary:	Maven Repository Manager
 Name:		nexus
 Version:	1.6.0
-Release:	1
+Release:	2
 License:	GPL v3
 Group:		Networking/Daemons/Java
 Source0:	http://nexus.sonatype.org/downloads/%{name}-webapp-%{version}.war
 # Source0-md5:	248a3c3b2253aa834ccae69237499572
 Source1:	%{name}-context.xml
 Source2:	%{name}-plexus.properties
+Source3:	%{name}-security-configuration.xml
+Source4:	%{name}-security.xml
 URL:		http://nexus.sonatype.org/
 BuildRequires:	rpm-javaprov
 BuildRequires:	rpmbuild(macros) >= 1.300
-Requires:	group(servlet)
 Requires:	jpackage-utils
 Requires:	rc-scripts
+Requires:	tomcat
 BuildArch:	noarch
 BuildRoot:	%{tmpdir}/%{name}-%{version}-root-%(id -u -n)
 
@@ -52,13 +54,16 @@
 # install them as %%ghost %%config, and link to /etc/nexus
 touch $RPM_BUILD_ROOT%{_sharedstatedir}/nexus/conf/log4j.properties
 touch $RPM_BUILD_ROOT%{_sharedstatedir}/nexus/conf/nexus.xml
-touch $RPM_BUILD_ROOT%{_sharedstatedir}/nexus/conf/security.xml
 touch $RPM_BUILD_ROOT%{_sharedstatedir}/nexus/conf/lvo-plugin.xml
 ln -sf %{_sharedstatedir}/nexus/conf/log4j.properties $RPM_BUILD_ROOT%{_sysconfdir}/nexus/log4j.properties
 ln -sf %{_sharedstatedir}/nexus/conf/nexus.xml $RPM_BUILD_ROOT%{_sysconfdir}/nexus/nexus.xml
-ln -sf %{_sharedstatedir}/nexus/conf/security.xml $RPM_BUILD_ROOT%{_sysconfdir}/nexus/security.xml
 ln -sf %{_sharedstatedir}/nexus/conf/lvo-plugin.xml $RPM_BUILD_ROOT%{_sysconfdir}/nexus/lvo-plugin.xml
 
+install %{SOURCE3} $RPM_BUILD_ROOT%{_sharedstatedir}/nexus/conf/security-configuration.xml
+install %{SOURCE4} $RPM_BUILD_ROOT%{_sharedstatedir}/nexus/conf/security.xml
+ln -sf %{_sharedstatedir}/nexus/conf/security-configuration.xml $RPM_BUILD_ROOT%{_sysconfdir}/nexus/security-configuration.xml
+ln -sf %{_sharedstatedir}/nexus/conf/security.xml $RPM_BUILD_ROOT%{_sysconfdir}/nexus/security.xml
+
 # log directory
 ln -s /var/log/nexus $RPM_BUILD_ROOT%{_sharedstatedir}/nexus/logs
 
@@ -80,14 +85,18 @@
 %attr(660,root,servlet) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/nexus/tomcat-context.xml
 %{_sharedstatedir}/tomcat/conf/Catalina/localhost/nexus.xml
 
+# These file must be writeable, that is why it goes to /var
+%config(noreplace) %verify(not md5 mtime size) %{_sharedstatedir}/nexus/conf/security-configuration.xml
+%config(noreplace) %verify(not md5 mtime size) %{_sharedstatedir}/nexus/conf/security.xml
+%{_sysconfdir}/nexus/security-configuration.xml
+%{_sysconfdir}/nexus/security.xml
+
 # These files are created by nexus, but they are config files.
 %ghost %config(noreplace) %verify(not md5 mtime size) %{_sharedstatedir}/nexus/conf/log4j.properties
 %ghost %config(noreplace) %verify(not md5 mtime size) %{_sharedstatedir}/nexus/conf/nexus.xml
-%ghost %config(noreplace) %verify(not md5 mtime size) %{_sharedstatedir}/nexus/conf/security.xml
 %ghost %config(noreplace) %verify(not md5 mtime size) %{_sharedstatedir}/nexus/conf/lvo-plugin.xml
 %{_sysconfdir}/nexus/log4j.properties
 %{_sysconfdir}/nexus/nexus.xml
-%{_sysconfdir}/nexus/security.xml
 %{_sysconfdir}/nexus/lvo-plugin.xml
 
 %define date	%(echo `LC_ALL="C" date +"%a %b %d %Y"`)
@@ -96,6 +105,10 @@
 All persons listed below can be reached at <cvs_login>@pld-linux.org
 
 $Log$
+Revision 1.18  2010/05/19 10:16:27  pawelz
+- install some default security configuration
+- rel 2
+
 Revision 1.17  2010/05/17 11:33:57  pawelz
 - unified files (install tomcat-context into nexus conf dir and symlink to tomcat)
 

================================================================
Index: packages/nexus/nexus-security-configuration.xml
diff -u /dev/null packages/nexus/nexus-security-configuration.xml:1.1
--- /dev/null	Wed May 19 12:16:33 2010
+++ packages/nexus/nexus-security-configuration.xml	Wed May 19 12:16:27 2010
@@ -0,0 +1,16 @@
+<?xml version="1.0"?>
+<security-configuration>
+	<version>2.0.3</version>
+	<!-- Set it to false if you don't need access control. Be aware that
+	   - everey one will have administration permission.
+	   - you can set/change admin password in /etc/nexus/security.xml file.
+	  -->
+	<enabled>true</enabled>
+	<anonymousAccessEnabled>true</anonymousAccessEnabled>
+	<anonymousUsername>anonymous</anonymousUsername>
+	<anonymousPassword>{n82LaatUK/QHQGehaowoiRTBlQRTcc1ZY24vBb+5bLo=}</anonymousPassword>
+	<realms>
+		<realm>XmlAuthenticatingRealm</realm>
+		<realm>XmlAuthorizingRealm</realm>
+	</realms>
+</security-configuration>

================================================================
Index: packages/nexus/nexus-security.xml
diff -u /dev/null packages/nexus/nexus-security.xml:1.1
--- /dev/null	Wed May 19 12:16:33 2010
+++ packages/nexus/nexus-security.xml	Wed May 19 12:16:27 2010
@@ -0,0 +1,69 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- Note: all passwords are sha1sum. You generate new password hashes using
+   - following command:
+   - echo -n 'your new password' | sha1sum
+   -
+   - Default accounts in PLD are:
+   -   login: admin
+   -   passwords: admin
+   -
+   -   login: deployment
+   -   password: deplyment
+   -
+   -   login: anonymous
+   -   password: anonymous
+   -
+   - If you don't need access control at all, you can disable it in
+   - /etc/nexus/security-configuration.xml file.
+  --!>
+<security>
+  <version>2.0.3</version>
+  <users>
+    <user>
+      <id>admin</id>
+      <name>Administrator</name>
+      <password>d033e22ae348aeb5660fc2140aec35850c4da997</password>
+      <status>active</status>
+      <email>changeme at yourcompany.com</email>
+    </user>
+    <user>
+      <id>deployment</id>
+      <name>Deployment User</name>
+      <password>7233fb3683f4098cd0a87413fd8fdef9486ccb14</password>
+      <status>active</status>
+      <email>changeme1 at yourcompany.com</email>
+    </user>
+    <user>
+      <id>anonymous</id>
+      <name>Nexus Anonynmous User</name>
+      <password>0a92fab3230134cca6eadd9898325b9b2ae67998</password>
+      <status>active</status>
+      <email>changeme2 at yourcompany.com</email>
+    </user>
+  </users>
+  <userRoleMappings>
+    <userRoleMapping>
+      <userId>admin</userId>
+      <source>default</source>
+      <roles>
+        <role>admin</role>
+      </roles>
+    </userRoleMapping>
+    <userRoleMapping>
+      <userId>deployment</userId>
+      <source>default</source>
+      <roles>
+        <role>deployment</role>
+        <role>repo-all-full</role>
+      </roles>
+    </userRoleMapping>
+    <userRoleMapping>
+      <userId>anonymous</userId>
+      <source>default</source>
+      <roles>
+        <role>anonymous</role>
+        <role>repo-all-read</role>
+      </roles>
+    </userRoleMapping>
+  </userRoleMappings>
+</security>
================================================================

---- CVS-web:
    http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/nexus/nexus.spec?r1=1.17&r2=1.18&f=u

