diff --git a/strongswan.spec b/strongswan.spec index e85308949e4f174ec91b09c7f785614256c1a1d2..b7e663ea71df0e80b44766695317e3164344f264 100644 --- a/strongswan.spec +++ b/strongswan.spec @@ -1,6 +1,6 @@ Name: strongswan Version: 5.7.2 -Release: 11 +Release: 12 Summary: An OpenSource IPsec-based VPN and TNC solution License: GPLv2+ URL: http://www.strongswan.org/ @@ -17,7 +17,7 @@ Patch5: CVE-2023-41913.patch BuildRequires: gcc systemd-devel gmp-devel libcurl-devel NetworkManager-libnm-devel openldap-devel BuildRequires: openssl-devel sqlite-devel gettext-devel trousers-devel libxml2-devel pam-devel -BuildRequires: json-c-devel libgcrypt-devel systemd-devel iptables-devel +BuildRequires: json-c-devel libgcrypt-devel systemd-devel iptables-devel chrpath Requires(post): systemd Requires(preun): systemd Requires(postun): systemd @@ -93,13 +93,24 @@ install -d -m 700 %{buildroot}%{_sysconfdir}/strongswan/ipsec.d/{aacerts acerts %delete_la +cd $RPM_BUILD_ROOT/usr +file `find -type f` | grep -w ELF | awk -F":" '{print $1}' | for i in `xargs` +do +chrpath -d $i +done +cd - +mkdir -p %{buildroot}/etc/ld.so.conf.d +echo "%{_libdir}/strongswan" > %{buildroot}/etc/ld.so.conf.d/%{name}-%{_arch}.conf + %preun %systemd_preun strongswan.service %post +/sbin/ldconfig %systemd_post strongswan.service %postun +/sbin/ldconfig %systemd_postun_with_restart strongswan.service %files @@ -123,6 +134,7 @@ install -d -m 700 %{buildroot}%{_sysconfdir}/strongswan/ipsec.d/{aacerts acerts %dir %{_datadir}/strongswan/swidtag %{_datadir}/strongswan/swidtag/*.swidtag %{_sysconfdir}/dbus-1/system.d/nm-strongswan-service.conf +%config(noreplace) /etc/ld.so.conf.d/* %files help %{_mandir}/man1/*1.gz @@ -130,6 +142,9 @@ install -d -m 700 %{buildroot}%{_sysconfdir}/strongswan/ipsec.d/{aacerts acerts %{_mandir}/man8/*8.gz %changelog +* Mon Dec 18 2023 beta - 5.7.2-12 +- fix rpath error + * Thu Dec 14 2023 yaoxin - 5.7.2-11 - Fix CVE-2023-41913