Name: strongswan
Summary: StrongSwan - An OpenSource IPsec-based VPN Solution
Version: 5.5.1
-Release: 2
+Release: 3
Group: Security/Service
License: GPL-2.0+
URL: http://www.strongswan.org/
#BuildRequires: pkgconfig(sqlite3)
#BuildRequires: pkgconfig(cert-svc)
#BuildRequires: pkgconfig(secure-storage)
+BuildRequires: pkgconfig(libcap)
BuildRequires: bison
BuildRequires: gperf
BuildRequires: flex
export CFLAGS="${CFLAGS} -fPIE"
export LDFLAGS="${LDFLAGS} -pie %{?asan:-lpthread}"
-%configure --libexecdir=%{_bindir} --with-ipsecdir=%{_bindir} --with-ipseclibdir=%{_libdir} --with-strongswan-conf=%{_sysconfdir}/strongswan.conf --enable-monolithic --enable-openssl --enable-unity --disable-gmp --disable-pki --disable-stroke --disable-swanctl
+%configure --libexecdir=%{_bindir} --with-ipsecdir=%{_bindir} --with-ipseclibdir=%{_libdir} --with-strongswan-conf=%{_sysconfdir}/strongswan.conf --enable-monolithic --enable-openssl --enable-unity --disable-gmp --disable-pki --disable-stroke --with-capabilities=libcap --with-user=network_fw --with-group=network_fw
make %{?_smp_mflags}
%files
%manifest strongswan.manifest
%license LICENSE
-%defattr(-,root,root)
+%defattr(-,network_fw,network_fw)
%config %{_sysconfdir}/strongswan.conf
-%attr(500,root,root) %{_bindir}/*
-%attr(500,root,root) %{_libdir}/libcharon.so.*
-%attr(500,root,root) %{_libdir}/libstrongswan.so.*
-%attr(500,root,root) %{_libdir}/libvici.so.*
+%attr(500,network_fw,network_fw) %{_bindir}/*
+%attr(500,network_fw,network_fw) %{_libdir}/libcharon.so.*
+%attr(500,network_fw,network_fw) %{_libdir}/libstrongswan.so.*
+%attr(500,network_fw,network_fw) %{_libdir}/libvici.so.*
#%attr(500,root,root) %{_libdir}/libipsec*
#%attr(500,root,root) %{_libdir}/libsimaka*
/usr/sbin/ipsec
/etc/strongswan.d/*
-#/etc/swanctl/swanctl.conf
-#/usr/sbin/swanctl
+%attr(500,network_fw,network_fw) /etc/swanctl/swanctl.conf
+%attr(500,network_fw,network_fw) /usr/sbin/swanctl
%changelog