jengelh/sssd
SHA256
1
0
Fork 1
forked from pool/sssd
Code Pull Requests Activity

[info=cd05c14a49b9600916b3ace67564befd817f17fbbae208a2197db413e82a7560]

Browse Source 
OBS-URL: https://build.opensuse.org/package/show/network:ldap/sssd?expand=0&rev=333
This commit is contained in:
OBS User unknown 2025-01-02 17:58:20 +00:00 committed by Git OBS Bridge
parent 1d71044539
commit 86e7668f30
4 changed files with 101 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

85
0001-TOOL-Fix-build-parameter-name-omitted.patch Normal file
View File

@ -0,0 +1,85 @@
From b927ca4196f828bda6d5db6c6a6d852389bfede0 Mon Sep 17 00:00:00 2001
From: Samuel Cabrero <scabrero@suse.de>
Date: Thu, 2 Jan 2025 14:09:17 +0100
Subject: [PATCH] TOOL: Fix build, parameter name omitted
Signed-off-by: Samuel Cabrero <scabrero@suse.de>
---
src/tools/sssctl/sssctl_data.c | 8 ++++----
src/tools/sssctl/sssctl_logs.c | 6 +++---
2 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/src/tools/sssctl/sssctl_data.c b/src/tools/sssctl/sssctl_data.c
index b28556e73..a473e7e14 100644
--- a/src/tools/sssctl/sssctl_data.c
+++ b/src/tools/sssctl/sssctl_data.c
@@ -125,7 +125,7 @@ static errno_t sssctl_backup(bool force)
}
errno_t sssctl_client_data_backup(struct sss_cmdline *cmdline,
- struct sss_tool_ctx *)
+ struct sss_tool_ctx *tool_ctx)
{
struct sssctl_data_opts opts = {0};
errno_t ret;
@@ -184,7 +184,7 @@ static errno_t sssctl_restore(bool force_start, bool force_restart)
}
errno_t sssctl_client_data_restore(struct sss_cmdline *cmdline,
- struct sss_tool_ctx *)
+ struct sss_tool_ctx *tool_ctx)
{
struct sssctl_data_opts opts = {0};
errno_t ret;
@@ -206,7 +206,7 @@ errno_t sssctl_client_data_restore(struct sss_cmdline *cmdline,
}
errno_t sssctl_cache_remove(struct sss_cmdline *cmdline,
- struct sss_tool_ctx *)
+ struct sss_tool_ctx *tool_ctx)
{
struct sssctl_data_opts opts = {0};
errno_t ret;
@@ -413,7 +413,7 @@ done:
}
errno_t sssctl_cache_index(struct sss_cmdline *cmdline,
- struct sss_tool_ctx *)
+ struct sss_tool_ctx *tool_ctx)
{
const char *attr = NULL;
const char *action_str = NULL;
diff --git a/src/tools/sssctl/sssctl_logs.c b/src/tools/sssctl/sssctl_logs.c
index f8ef9f2c6..8ba18b394 100644
--- a/src/tools/sssctl/sssctl_logs.c
+++ b/src/tools/sssctl/sssctl_logs.c
@@ -418,7 +418,7 @@ int parse_debug_level(const char *strlevel)
}
errno_t sssctl_logs_remove(struct sss_cmdline *cmdline,
- struct sss_tool_ctx *)
+ struct sss_tool_ctx *tool_ctx)
{
struct sssctl_logs_opts opts = {0};
errno_t ret;
@@ -470,7 +470,7 @@ errno_t sssctl_logs_remove(struct sss_cmdline *cmdline,
}
errno_t sssctl_logs_fetch(struct sss_cmdline *cmdline,
- struct sss_tool_ctx *)
+ struct sss_tool_ctx *tool_ctx)
{
const char *file = NULL;
errno_t ret;
@@ -587,7 +587,7 @@ fini:
}
errno_t sssctl_analyze(struct sss_cmdline *cmdline,
- struct sss_tool_ctx *)
+ struct sss_tool_ctx *tool_ctx)
{
#ifndef BUILD_CHAIN_ID
PRINT("ERROR: Tevent chain ID support missing, log analyzer is unsupported.\n");
--
2.47.1

4
_scmsync.obsinfo
View File

@ -1,4 +1,4 @@
mtime: 1734682844 mtime: 1735824824
commit: 1507d9a0944d5e4561b50f5711c11410c6102db2357375f84d4e99c977e11c66 commit: cd05c14a49b9600916b3ace67564befd817f17fbbae208a2197db413e82a7560
url: https://src.opensuse.org/jengelh/sssd url: https://src.opensuse.org/jengelh/sssd
revision: master revision: master

2
build.specials.obscpio
View File

@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1 version https://git-lfs.github.com/spec/v1
oid sha256:5cef82fe2efad31ced57e8be6a100bc78b17ba52373d3567d44c87746a418e28 oid sha256:ad06894f2980a38b30ed36cd59bf7d6590c73c717b8f9f5dd63797ab1bf63284
size 256 size 256

16
sssd.spec
View File

@ -28,6 +28,7 @@ Source: https://github.com/SSSD/sssd/releases/download/%version/%name-%v
Source2: https://github.com/SSSD/sssd/releases/download/%version/%name-%version.tar.gz.asc Source2: https://github.com/SSSD/sssd/releases/download/%version/%name-%version.tar.gz.asc
Source3: baselibs.conf Source3: baselibs.conf
Source5: %name.keyring Source5: %name.keyring
Patch1: 0001-TOOL-Fix-build-parameter-name-omitted.patch
Patch11: krb-noversion.diff Patch11: krb-noversion.diff
Patch12: harden_sssd-ifp.service.patch Patch12: harden_sssd-ifp.service.patch
Patch13: harden_sssd-kcm.service.patch Patch13: harden_sssd-kcm.service.patch
@ -48,6 +49,7 @@ BuildRequires: libtool
BuildRequires: libunistring-devel BuildRequires: libunistring-devel
BuildRequires: libxml2-tools BuildRequires: libxml2-tools
BuildRequires: libxslt-tools BuildRequires: libxslt-tools
BuildRequires: libopenssl-3-devel
BuildRequires: nscd BuildRequires: nscd
BuildRequires: nss_wrapper BuildRequires: nss_wrapper
BuildRequires: openldap2-devel BuildRequires: openldap2-devel
@ -121,6 +123,13 @@ Obsoletes: sssd-common < %version-%release
%define mcpath %sssdstatedir/mc %define mcpath %sssdstatedir/mc
%define ldbdir %(pkg-config ldb --variable=modulesdir) %define ldbdir %(pkg-config ldb --variable=modulesdir)
%if 0%{?suse_version} >= 1600
%define permissions_path %_datadir/permissions/permissions.d/
%else
%define permissions_path %_sysconfdir/permissions.d/
%endif
# Both SSSD and cifs-utils provide an idmap plugin for cifs.ko # Both SSSD and cifs-utils provide an idmap plugin for cifs.ko
# %%_sysconfdir/cifs-utils/idmap-plugin should be a symlink to one of the 2 idmap plugins # %%_sysconfdir/cifs-utils/idmap-plugin should be a symlink to one of the 2 idmap plugins
# * cifs-utils one is the default (priority 20) # * cifs-utils one is the default (priority 20)
@ -475,7 +484,7 @@ sed -i '1s@#!.*python.*@#!%_bindir/python3.11@' "$b/%_libexecdir/%name/sss_analy
%endif %endif
echo 'u sssd - "System Security Services Daemon" /run/sssd /sbin/nologin' >system-user-sssd.conf echo 'u sssd - "System Security Services Daemon" /run/sssd /sbin/nologin' >system-user-sssd.conf
mkdir -p "$b/%_sysusersdir" "$b/etc/permissions.d" mkdir -p "$b/%_sysusersdir"
cp -a system-user-sssd.conf "$b/%_sysusersdir/" cp -a system-user-sssd.conf "$b/%_sysusersdir/"
%sysusers_generate_pre system-user-sssd.conf random system-user-sssd.conf %sysusers_generate_pre system-user-sssd.conf random system-user-sssd.conf
install -Dpm 0644 contrib/sssd-tmpfiles.conf "%buildroot/%_tmpfilesdir/%name.conf" install -Dpm 0644 contrib/sssd-tmpfiles.conf "%buildroot/%_tmpfilesdir/%name.conf"
@ -484,7 +493,8 @@ install -Dpm 0644 contrib/sssd-tmpfiles.conf "%buildroot/%_tmpfilesdir/%name.con
# https://www.openwall.com/lists/oss-security/2024/12/19/1 # https://www.openwall.com/lists/oss-security/2024/12/19/1
# #
# should match entry from %%files list # should match entry from %%files list
cat >"$b/etc/permissions.d/sssd" <<-EOF mkdir -p "$b/%permissions_path"
cat >"$b/%permissions_path/sssd" <<-EOF
%_libexecdir/sssd/sssd_pam root:sssd 0750 %_libexecdir/sssd/sssd_pam root:sssd 0750
+capabilities cap_dac_read_search=p +capabilities cap_dac_read_search=p
%_libexecdir/sssd/selinux_child root:sssd 0750 %_libexecdir/sssd/selinux_child root:sssd 0750
@ -645,7 +655,7 @@ fi
%_unitdir/sssd-sudo.service %_unitdir/sssd-sudo.service
%_sysusersdir/*sssd* %_sysusersdir/*sssd*
%_tmpfilesdir/*sssd* %_tmpfilesdir/*sssd*
%_sysconfdir/permissions.d/* %permissions_path/sssd
%_datadir/polkit-1/ %_datadir/polkit-1/
%_bindir/sss_ssh_* %_bindir/sss_ssh_*
%_sbindir/sssd %_sbindir/sssd