From 6d7788fd0a74c899382a027d14b0105a19143461f1a709818037e5f8cccb966d Mon Sep 17 00:00:00 2001 From: Samuel Cabrero Date: Fri, 19 Mar 2021 14:41:35 +0000 Subject: [PATCH 1/4] OBS-URL: https://build.opensuse.org/package/show/network:ldap/sssd?expand=0&rev=242 --- sssd.changes | 7 +++++++ sssd.spec | 29 ++++++++++++++++++++++++++++- 2 files changed, 35 insertions(+), 1 deletion(-) diff --git a/sssd.changes b/sssd.changes index 032eaab..4938709 100644 --- a/sssd.changes +++ b/sssd.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Tue Feb 23 12:43:38 UTC 2021 - Aurelien Aptel + +- Make cifs-idmap plugin (cifs_idmap_sss.so) use update-alternatives + mechanism to be able to switch between cifs-utils and sssd; + (bsc#1182682). + ------------------------------------------------------------------- Fri Feb 19 17:30:58 UTC 2021 - Jan Engelhardt diff --git a/sssd.spec b/sssd.spec index 7ab5828..b38af8d 100644 --- a/sssd.spec +++ b/sssd.spec @@ -37,6 +37,17 @@ Patch1: krb-noversion.diff %define pubconfpath %sssdstatedir/pubconf %define gpocachepath %sssdstatedir/gpo_cache +# Both SSSD and cifs-utils provide an idmap plugin for cifs.ko +# /etc/cifs-utils/idmap-plugin should be a symlink to one of the 2 idmap plugins +# * cifs-utils one is the default (priority 20) +# * installing SSSD should NOT switch to SSSD plugin (priority 10) +%define cifs_idmap_plugin %{_sysconfdir}/cifs-utils/idmap-plugin +%define cifs_idmap_lib %{_libdir}/cifs-utils/cifs_idmap_sss.so +%define cifs_idmap_name cifs-idmap-plugin +%define cifs_idmap_priority 10 +Requires(post): update-alternatives +Requires(postun): update-alternatives + BuildRequires: autoconf >= 2.59 BuildRequires: automake BuildRequires: bind-utils @@ -410,6 +421,10 @@ mkdir -pv "$b/%sssdstatedir/mc" find "$b" -type f -name "*.la" -print -delete %find_lang %name --all-name +# dummy target for cifs-idmap-plugin +mkdir -p %{buildroot}%{_sysconfdir}/alternatives %{buildroot}%{_sysconfdir}/cifs-utils +ln -s -f %{_sysconfdir}/alternatives/%{cifs_idmap_name} %{buildroot}%{cifs_idmap_plugin} + %check # sss_config-tests fails %make_build check || : @@ -424,6 +439,9 @@ find "$b" -type f -name "*.la" -print -delete /bin/sed -i -e 's,^krb5_kdcip =,krb5_server =,g' %_sysconfdir/sssd/sssd.conf %service_add_post %services +# install SSSD cifs-idmap plugin as an alternative +update-alternatives --install %{cifs_idmap_plugin} %{cifs_idmap_name} %{cifs_idmap_lib} %{cifs_idmap_priority} + %preun %service_del_preun %services @@ -438,6 +456,10 @@ rm -f /var/lib/sss/db/*.ldb # del_postun includes a try-restart %service_del_postun %services +if [ ! -f %{cifs_idmap_lib} ] ; then + update-alternatives --remove %{cifs_idmap_name} %{cifs_idmap_lib} +fi + %post -n libsss_certmap0 -p /sbin/ldconfig %postun -n libsss_certmap0 -p /sbin/ldconfig %post -n libipa_hbac0 -p /sbin/ldconfig @@ -581,7 +603,6 @@ rm -f /var/lib/sss/db/*.ldb /%_lib/libnss_sss.so.2 /%_lib/security/pam_sss.so /%_lib/security/pam_sss_gss.so -%_libdir/cifs-utils/ %_libdir/krb5/ %_libdir/%name/modules/sssd_krb5_localauth_plugin.so %_mandir/??/man8/sssd_krb5_locator_plugin.8* @@ -589,6 +610,12 @@ rm -f /var/lib/sss/db/*.ldb %_mandir/man8/pam_sss.8* %_mandir/man8/pam_sss_gss.8* %_mandir/man8/sssd_krb5_locator_plugin.8* +# cifs idmap plugin +%dir %_sysconfdir/cifs-utils +%{cifs_idmap_plugin} +%dir %_libdir/cifs-utils +%{cifs_idmap_lib} +%ghost %_sysconfdir/alternatives/%{cifs_idmap_name} %files ad %dir %_libdir/%name/ From af6004c4ab6e2dc6872886405aff5d0e3bb9293849a6116ebd0714a106b6bea9 Mon Sep 17 00:00:00 2001 From: Jan Engelhardt Date: Thu, 1 Apr 2021 22:35:08 +0000 Subject: [PATCH 2/4] Accepting request 882607 from home:jeff_mahoney:branches:network:ldap - Add missing /var/lib/sss/pubconf/krb5.include.d directory (bsc#1184285). OBS-URL: https://build.opensuse.org/request/show/882607 OBS-URL: https://build.opensuse.org/package/show/network:ldap/sssd?expand=0&rev=243 --- sssd.changes | 5 +++++ sssd.spec | 1 + 2 files changed, 6 insertions(+) diff --git a/sssd.changes b/sssd.changes index 4938709..bf98346 100644 --- a/sssd.changes +++ b/sssd.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Thu Apr 1 15:08:14 UTC 2021 - jeffm@suse.com + +- Add missing /var/lib/sss/pubconf/krb5.include.d directory (bsc#1184285). + ------------------------------------------------------------------- Tue Feb 23 12:43:38 UTC 2021 - Aurelien Aptel diff --git a/sssd.spec b/sssd.spec index b38af8d..de1d61e 100644 --- a/sssd.spec +++ b/sssd.spec @@ -580,6 +580,7 @@ fi %attr(755,root,root) %dir %pipepath/ %attr(700,root,root) %dir %pipepath/private/ %attr(755,root,root) %dir %pubconfpath/ +%attr(755,root,root) %dir %pubconfpath/krb5.include.d %attr(755,root,root) %dir %gpocachepath/ %attr(755,root,root) %dir %sssdstatedir/mc/ %attr(700,root,root) %dir %sssdstatedir/keytabs/ From a632f91ef5f72c48c48c5a2040618fa02804029602e853fbd93221869589c8f2 Mon Sep 17 00:00:00 2001 From: Jan Engelhardt Date: Tue, 13 Apr 2021 10:11:40 +0000 Subject: [PATCH 3/4] Accepting request 883336 from home:scabrero:branches:network:ldap - Move sssctl command from sssd to sssd-tools package; (bsc#1184289); OBS-URL: https://build.opensuse.org/request/show/883336 OBS-URL: https://build.opensuse.org/package/show/network:ldap/sssd?expand=0&rev=244 --- sssd.changes | 5 +++++ sssd.spec | 6 +++--- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/sssd.changes b/sssd.changes index bf98346..e5da03c 100644 --- a/sssd.changes +++ b/sssd.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Tue Apr 6 12:08:29 UTC 2021 - Samuel Cabrero + +- Move sssctl command from sssd to sssd-tools package; (bsc#1184289); + ------------------------------------------------------------------- Thu Apr 1 15:08:14 UTC 2021 - jeffm@suse.com diff --git a/sssd.spec b/sssd.spec index de1d61e..0c645da 100644 --- a/sssd.spec +++ b/sssd.spec @@ -512,7 +512,6 @@ fi %_unitdir/sssd-sudo.socket %_unitdir/sssd-sudo.service %_bindir/sss_ssh_* -%_sbindir/sssctl %_sbindir/sssd #%_sbindir/rcsssd #%_sbindir/rcsssd-autofs @@ -535,7 +534,6 @@ fi %_mandir/??/man5/sssd-systemtap.5* %_mandir/??/man5/sssd.conf.5* %_mandir/??/man8/idmap_sss.8* -%_mandir/??/man8/sssctl.8* %_mandir/??/man8/sssd.8* %_mandir/man1/sss_ssh_* %_mandir/man5/sss-certmap.5* @@ -545,7 +543,6 @@ fi %_mandir/man5/sssd-simple.5* %_mandir/man5/sssd-sudo.5* %_mandir/man5/sssd.conf.5* -%_mandir/man8/sssctl.8* %_mandir/man8/sssd.8* %dir %_libdir/%name/ %_libdir/%name/conf/ @@ -704,13 +701,16 @@ fi %_datadir/%name/sssd.api.d/sssd-proxy.conf %files tools +%_sbindir/sssctl %_sbindir/sss_cache %_sbindir/sss_debuglevel %_sbindir/sss_seed %_sbindir/sss_obfuscate %_sbindir/sss_override %dir %_mandir/??/man8/ +%_mandir/??/man8/sssctl.8* %_mandir/??/man8/sss_*.8* +%_mandir/man8/sssctl.8* %_mandir/man8/sss_*.8* %files winbind-idmap From 0d8eb32bb7427a93052ff6124f25aa61adc1154450ef6afbf6bbfc28d47472c2 Mon Sep 17 00:00:00 2001 From: Jan Engelhardt Date: Tue, 13 Apr 2021 11:24:53 +0000 Subject: [PATCH 4/4] adapt style to rest of file OBS-URL: https://build.opensuse.org/package/show/network:ldap/sssd?expand=0&rev=245 --- sssd.spec | 27 ++++++++++----------------- 1 file changed, 10 insertions(+), 17 deletions(-) diff --git a/sssd.spec b/sssd.spec index 0c645da..91283c0 100644 --- a/sssd.spec +++ b/sssd.spec @@ -41,8 +41,8 @@ Patch1: krb-noversion.diff # /etc/cifs-utils/idmap-plugin should be a symlink to one of the 2 idmap plugins # * cifs-utils one is the default (priority 20) # * installing SSSD should NOT switch to SSSD plugin (priority 10) -%define cifs_idmap_plugin %{_sysconfdir}/cifs-utils/idmap-plugin -%define cifs_idmap_lib %{_libdir}/cifs-utils/cifs_idmap_sss.so +%define cifs_idmap_plugin %_sysconfdir/cifs-utils/idmap-plugin +%define cifs_idmap_lib %_libdir/cifs-utils/cifs_idmap_sss.so %define cifs_idmap_name cifs-idmap-plugin %define cifs_idmap_priority 10 Requires(post): update-alternatives @@ -362,14 +362,7 @@ Security Services Daemon (sssd). %autosetup -p1 %build -%if 0%{?suse_version} < 1210 -# pkgconfig file not present -export LDB_LIBS="-lldb" -export LDB_CFLAGS=" " -export LDB_DIR="%_libdir/ldb" -%else export LDB_DIR="$(pkg-config ldb --variable=modulesdir)" -%endif # help configure find nscd export PATH="$PATH:/usr/sbin" @@ -422,8 +415,8 @@ find "$b" -type f -name "*.la" -print -delete %find_lang %name --all-name # dummy target for cifs-idmap-plugin -mkdir -p %{buildroot}%{_sysconfdir}/alternatives %{buildroot}%{_sysconfdir}/cifs-utils -ln -s -f %{_sysconfdir}/alternatives/%{cifs_idmap_name} %{buildroot}%{cifs_idmap_plugin} +mkdir -p %buildroot/%_sysconfdir/alternatives %buildroot/%_sysconfdir/cifs-utils +ln -sfv %_sysconfdir/alternatives/%cifs_idmap_name %buildroot/%cifs_idmap_plugin %check # sss_config-tests fails @@ -440,7 +433,7 @@ ln -s -f %{_sysconfdir}/alternatives/%{cifs_idmap_name} %{buildroot}%{cifs_idmap %service_add_post %services # install SSSD cifs-idmap plugin as an alternative -update-alternatives --install %{cifs_idmap_plugin} %{cifs_idmap_name} %{cifs_idmap_lib} %{cifs_idmap_priority} +update-alternatives --install %cifs_idmap_plugin %cifs_idmap_name %cifs_idmap_lib %cifs_idmap_priority %preun %service_del_preun %services @@ -456,8 +449,8 @@ rm -f /var/lib/sss/db/*.ldb # del_postun includes a try-restart %service_del_postun %services -if [ ! -f %{cifs_idmap_lib} ] ; then - update-alternatives --remove %{cifs_idmap_name} %{cifs_idmap_lib} +if [ ! -f "%cifs_idmap_lib" ]; then + update-alternatives --remove %cifs_idmap_name %cifs_idmap_lib fi %post -n libsss_certmap0 -p /sbin/ldconfig @@ -610,10 +603,10 @@ fi %_mandir/man8/sssd_krb5_locator_plugin.8* # cifs idmap plugin %dir %_sysconfdir/cifs-utils -%{cifs_idmap_plugin} +%cifs_idmap_plugin %dir %_libdir/cifs-utils -%{cifs_idmap_lib} -%ghost %_sysconfdir/alternatives/%{cifs_idmap_name} +%cifs_idmap_lib +%ghost %_sysconfdir/alternatives/%cifs_idmap_name %files ad %dir %_libdir/%name/