[SCM] Debian packaging for the 2.0 Apache Shibboleth SP branch, debian, updated. upstream/2.2.1+dfsg-120-g4fa234f
Russ Allbery
rra at debian.org
Tue Sep 8 00:57:14 UTC 2009
The following commit has been merged in the debian branch:
commit 359c5fe1d38d23a5a3484219ea62b80da1a5c747
Author: Russ Allbery <rra at debian.org>
Date: Mon Sep 7 14:28:19 2009 -0700
Properly install and document the metagen script
Move metagen.sh out of /etc/shibboleth to /usr/bin/shib-metagen and
install a man page for it.
diff --git a/debian/changelog b/debian/changelog
index ac23b51..aefc8e2 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -6,6 +6,7 @@ shibboleth-sp2 (2.2.1+dfsg-1) UNRELEASED; urgency=low
- SECURITY: Correctly validate the use attribute of KeyDescriptors,
preventing use of a key for signing or for encryption if its use
field says it may not be used for that purpose.
+ - New shib-metagen script for generating Shibboleth SP metadata.
- Support preserving form data across user authentication.
- Support internal server redirection while maintaining protection.
- Fix incompatibility between lazy sessions and servlet containers.
diff --git a/debian/man-pages/shib-metagen.pod b/debian/man-pages/shib-metagen.pod
new file mode 100644
index 0000000..ce87d71
--- /dev/null
+++ b/debian/man-pages/shib-metagen.pod
@@ -0,0 +1,97 @@
+=head1 NAME
+
+shib-metagen - Generate metadata for a Shibboleth SP
+
+=head1 SYNOPSIS
+
+B<shib-metagen> [B<-c> I<cert> [B<-c> I<cert> ...]] [B<-e> I<entity-id>]
+ [B<-h> I<host> [B<-h> I<host> ...]] [B<-n> I<host> [B<-n> I<host> ...]]
+ [B<-o> I<organization>] [B<-a> I<admin> [B<-a> I<admin> ...]]
+ [B<-s> I<support> [B<-s> I<support> ...]]
+ [B<-t> I<tech> [B<-t> I<tech> ...]]
+
+=head1 DESCRIPTION
+
+Generate metadata for a Shibboleth SP. The metadata is printed to
+standard output. Most of the parameters are optional, but at least one of
+B<-h> or B<-n> must be given to specify the hostname to use in
+constructing URLs for the Shibboleth service for the SP. Other metadata
+can be added by using the other command-line parameters. Most parameters
+can be given multiple times.
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<-a> I<admin>
+
+An administrative contact for this Shibboleth SP. This option may be
+omitted, in which case administrative contact metadata is not included, or
+may be given multiple times to list multiple contacts. I<admin> should be
+in the form C<I<first>/I<last>/I<email>> where I<first> is the given name
+and I<last> is the surname.
+
+=item B<-c> I<cert>
+
+Specifies the SSL certificate used to identify this Shibboleth SP. This
+option may be given multiple times to specify multiple certificates. If
+it is not given, the default certificate is F<sp-cert.pem> in the current
+working directory.
+
+=item B<-e> I<entity-id>
+
+The entity ID for this SP. This must be a unique identifier for this SP
+and must be a URL. If B<-o> is given, it is used as the URL for the
+organization running this Shibboleth SP. If it is not specified, it
+defaults to C<https://I<host>/shibboleth> where I<host> is the argument to
+the first B<-h> option.
+
+=item B<-h> I<host>
+
+A hostname for this SP (possibly a virtual host). Either this option or
+B<-n> must be specified at least once. It should be repeated for every
+virtual host that responds to the Shibboleth protocol. B<-h> should be
+used for hostnames or virtual hosts that use SSL.
+
+=item B<-n> I<host>
+
+A hostname for this SP (possibly a virtual host). Either this option or
+B<-h> must be specified at least once. It should be repeated for every
+virtual host that responds to the Shibboleth protocol. B<-n> should be
+used for hostnames or virtual hosts that do not use SSL to protect the
+Shibboleth communication.
+
+=item B<-o> I<organization>
+
+The name of the organization that runs this Shibboleth SP. This option
+may be given only once and may be omitted, in which case organization
+metadata is not included. This is normally not necessary but may be used
+by other software systems for purposes such as displaying lists of
+entities with human-readable names.
+
+=item B<-s> I<support>
+
+A support contact for this Shibboleth SP. This option may be omitted, in
+which case support contact metadata is not included, or may be given
+multiple times to list multiple contacts. I<support> should be in the
+form C<I<first>/I<last>/I<email>> where I<first> is the given name and
+I<last> is the surname.
+
+=item B<-t> I<tech>
+
+A technical contact for this Shibboleth SP. This option may be omitted,
+in which case technical contact metadata is not included, or may be given
+multiple times to list multiple contacts. I<tech> should be in the form
+C<I<first>/I<last>/I<email>> where I<first> is the given name and I<last>
+is the surname.
+
+=head1 AUTHOR
+
+This manual page was written by Russ Allbery for Debian GNU/Linux.
+
+=head1 COPYRIGHT
+
+Copyright 2009 Russ Allbery. This manual page is hereby placed into the
+public domain by its author.
+
+=cut
diff --git a/debian/rules b/debian/rules
index 6c0e73a..fa5e4bb 100755
--- a/debian/rules
+++ b/debian/rules
@@ -95,6 +95,8 @@ install-stamp:
chmod +x $(CURDIR)/debian/tmp/etc/shibboleth/keygen.sh
mv $(CURDIR)/debian/tmp/etc/shibboleth/keygen.sh \
$(CURDIR)/debian/tmp/usr/sbin/shib-keygen
+ mv $(CURDIR)/debian/tmp/etc/shibboleth/metagen.sh \
+ $(CURDIR)/debian/tmp/usr/bin/shib-metagen
mv $(CURDIR)/debian/tmp/etc/shibboleth/shibd-debian \
$(CURDIR)/debian/libapache2-mod-shib2.shibd.init
dh_installdirs -s -i
@@ -107,6 +109,9 @@ install-stamp:
pod2man $(CURDIR)/debian/man-pages/resolvertest.pod --section 1 \
--center 'Shibboleth' --release 2.0 \
$(CURDIR)/debian/libapache2-mod-shib2/usr/share/man/man1/resolvertest.1
+ pod2man $(CURDIR)/debian/man-pages/shib-metagen.pod --section 1 \
+ --center 'Shibboleth' --release 2.0 \
+ $(CURDIR)/debian/libapache2-mod-shib2/usr/share/man/man1/shib-metagen.1
pod2man $(CURDIR)/debian/man-pages/shib-keygen.pod --section 8 \
--center 'Shibboleth' --release 2.0 \
$(CURDIR)/debian/libapache2-mod-shib2/usr/share/man/man8/shib-keygen.8
--
Debian packaging for the 2.0 Apache Shibboleth SP
More information about the Pkg-shibboleth-devel
mailing list