From 9f590e670cf5cfe5985dbf66a512bbab2cada100ecf955ac20da08e334c46d4e Mon Sep 17 00:00:00 2001 From: Jan Engelhardt Date: Wed, 27 Jun 2012 12:37:11 +0000 Subject: [PATCH 1/2] sssd-1.8.93 OBS-URL: https://build.opensuse.org/package/show/network:ldap/sssd?expand=0&rev=73 --- ...cide-when-an-expiration-warning-is-w.patch | 33 --------- libdl.diff | 29 -------- sssd-1.8.3.tar.gz | 3 - sssd-1.8.3.tar.gz.asc | 7 -- sssd-1.8.93.tar.xz | 3 + sssd.changes | 16 +++++ sssd.spec | 70 ++++++++++++------- 7 files changed, 62 insertions(+), 99 deletions(-) delete mode 100644 0003-Allow-LDAP-to-decide-when-an-expiration-warning-is-w.patch delete mode 100644 libdl.diff delete mode 100644 sssd-1.8.3.tar.gz delete mode 100644 sssd-1.8.3.tar.gz.asc create mode 100644 sssd-1.8.93.tar.xz diff --git a/0003-Allow-LDAP-to-decide-when-an-expiration-warning-is-w.patch b/0003-Allow-LDAP-to-decide-when-an-expiration-warning-is-w.patch deleted file mode 100644 index 753b96c..0000000 --- a/0003-Allow-LDAP-to-decide-when-an-expiration-warning-is-w.patch +++ /dev/null @@ -1,33 +0,0 @@ -From d0bf20038fddf5ad296287fb16bc80082088b770 Mon Sep 17 00:00:00 2001 -From: Stephen Gallagher -Date: Mon, 1 Aug 2011 10:48:06 -0400 -Subject: Allow LDAP to decide when an expiration warning is warranted - -Previously, we were only displaying expiration warnings if the -password was going to expire within a day. We'll allow LDAP to -make this decision (by whether it passes us the expiration time). - -In the future, we can add an option to clamp this down to a -shorter period if the local admin prefers it. - -diff --git a/src/responder/pam/pamsrv_cmd.c b/src/responder/pam/pamsrv_cmd.c -index 3c9d760..7fcf985 100644 ---- a/src/responder/pam/pamsrv_cmd.c -+++ b/src/responder/pam/pamsrv_cmd.c -@@ -409,9 +409,10 @@ static errno_t filter_responses(struct confdb_ctx *cdb, - } - memcpy(&expire_warn, resp->data + sizeof(uint32_t), - sizeof(uint32_t)); -- if(expire_warn > pam_expiration_warning * (60 * 60 * 24)) { -- resp->do_not_send_to_client = true; -- } -+ /* TODO: Add an option to limit the display of the -+ * expiration warning to a specified number of -+ * days (e.g. 14) -+ */ - break; - default: - DEBUG(7, ("User info type [%d] not filtered.\n")); --- -1.7.3.4 - diff --git a/libdl.diff b/libdl.diff deleted file mode 100644 index e362504..0000000 --- a/libdl.diff +++ /dev/null @@ -1,29 +0,0 @@ -From: Jan Engelhardt -Date: 2012-05-11 19:34:50.087905211 +0200 - -build: resolve link failure - -libtool: link: gcc -Wall -Wshadow -Wstrict-prototypes -Wpointer-arith -Wcast-qual -Wcast-align -Wwrite-strings -Werror-implicit-function-declaration -fno-strict-aliasing -fmessage-length=0 -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -g -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -Wl,--version-script -Wl,./src/providers/sssd_be.exports -o sssd_be src/providers/data_provider_be.o src/providers/data_provider_fo.o src/providers/data_provider_opts.o src/providers/data_provider_callbacks.o src/providers/fail_over.o src/resolv/async_resolv.o -Wl,--export-dynamic -lpam -lcares ./.libs/libsss_util.a -ltevent -ltalloc -lpopt -lldb -ldbus-1 -lpcre -lini_config -lcollection -ldhash -llber -lldap -ltdb -lunistring -lcrypto -/usr/lib64/gcc/x86_64-suse-linux/4.7/../../../../x86_64-suse-linux/bin/ld: src/providers/data_provider_be.o: undefined reference to symbol 'dlsym@@GLIBC_2.2.5' -/usr/lib64/gcc/x86_64-suse-linux/4.7/../../../../x86_64-suse-linux/bin/ld: note: 'dlsym@@GLIBC_2.2.5' is defined in DSO /lib64/libdl.so.2 so try adding it to the linker command line -/lib64/libdl.so.2: could not read symbols: Invalid operation -collect2: error: ld returned 1 exit status -make[2]: *** [sssd_be] Error 1 - ---- - Makefile.am | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -Index: sssd-1.8.3/Makefile.am -=================================================================== ---- sssd-1.8.3.orig/Makefile.am -+++ sssd-1.8.3/Makefile.am -@@ -547,7 +547,7 @@ sssd_be_SOURCES = \ - src/providers/data_provider_callbacks.c \ - $(SSSD_FAILOVER_OBJ) - sssd_be_LDADD = \ -- $(SSSD_LIBS) \ -+ -ldl $(SSSD_LIBS) \ - $(CARES_LIBS) \ - libsss_util.la - sssd_be_LDFLAGS = \ diff --git a/sssd-1.8.3.tar.gz b/sssd-1.8.3.tar.gz deleted file mode 100644 index 6e0f1fa..0000000 --- a/sssd-1.8.3.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:75ca9465db5816804fe58e250450cb08867e1d1d8557c21ca731230cd80747e3 -size 2156262 diff --git a/sssd-1.8.3.tar.gz.asc b/sssd-1.8.3.tar.gz.asc deleted file mode 100644 index 24a7a20..0000000 --- a/sssd-1.8.3.tar.gz.asc +++ /dev/null @@ -1,7 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1.4.12 (GNU/Linux) - -iEYEABECAAYFAk+iz+UACgkQeiVVYja6o6MakgCeJ8poAGhQPPOTFGFQcr3sCHI/ -sv0An2lI/FR2R4+6iltEeaXZCqdvbetY -=iKbt ------END PGP SIGNATURE----- diff --git a/sssd-1.8.93.tar.xz b/sssd-1.8.93.tar.xz new file mode 100644 index 0000000..df18eaf --- /dev/null +++ b/sssd-1.8.93.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:d0577b6f27ea68ba164b701d84628c380bc82275b546fd20a624cfb752fd3e40 +size 1141600 diff --git a/sssd.changes b/sssd.changes index 5cc7db0..0c9366d 100644 --- a/sssd.changes +++ b/sssd.changes @@ -1,3 +1,19 @@ +------------------------------------------------------------------- +Wed Jun 27 12:32:05 UTC 2012 - jengelh@inai.de + +- Update to new upstream release 1.8.93 (1.9.0~beta3) +* Add native support for autofs to the IPA provider +* Support for id mapping when connecting to Active Directory +* Support for handling very large (> 1500 users) groups in + Active Directory +* Add a new fast in-memory cache to speed up lookups of cached data + on repeated requests +* Add support for the Kerberos DIR cache for storing multiple TGTs + automatically +* Add a new PAC responder for dealing with cross-realm Kerberos + trusts +* Terminate idle connections to the NSS and PAM responders + ------------------------------------------------------------------- Thu May 10 04:22:47 UTC 2012 - jengelh@inai.de diff --git a/sssd.spec b/sssd.spec index d399920..2290597 100644 --- a/sssd.spec +++ b/sssd.spec @@ -17,20 +17,19 @@ Name: sssd -Version: 1.8.3 +Version: 1.8.93 Release: 0 Summary: System Security Services Daemon License: GPL-3.0+ and LGPL-3.0+ Group: System/Daemons Url: https://fedorahosted.org/sssd/ -Source: https://fedorahosted.org/released/sssd/%name-%version.tar.gz -Source2: https://fedorahosted.org/released/sssd/%name-%version.tar.gz.asc +#Git-Clone: git://git.fedorahosted.org/sssd +Source: %name-%version.tar.xz Source3: baselibs.conf -Patch3: 0003-Allow-LDAP-to-decide-when-an-expiration-warning-is-w.patch Patch5: 0005-implicit-decl.diff -Patch6: libdl.diff BuildRoot: %{_tmppath}/%{name}-%{version}-build +BuildRequires: xz %define servicename sssd %define sssdstatedir %{_localstatedir}/lib/sss @@ -44,11 +43,16 @@ BuildRoot: %{_tmppath}/%{name}-%{version}-build %define python_sitearch %py_sitedir %endif -### Build Dependencies ### +#BuildRequires: autoconf >= 2.59, automake, libtool +BuildRequires: bind-utils +BuildRequires: docbook-xsl-stylesheets +BuildRequires: krb5-devel +BuildRequires: pkgconfig >= 0.21 %if 0%{?suse_version} >= 1210 BuildRequires: pkgconfig(collection) >= 0.5.1 -BuildRequires: pkgconfig(dbus-1) +BuildRequires: pkgconfig(dbus-1) >= 1.0.0 BuildRequires: pkgconfig(dhash) >= 0.4.2 +BuildRequires: pkgconfig(glib-2.0) BuildRequires: pkgconfig(ini_config) >= 0.6.1 BuildRequires: pkgconfig(ldb) >= 0.9.2 BuildRequires: pkgconfig(libcares) @@ -61,7 +65,8 @@ BuildRequires: pkgconfig(talloc) BuildRequires: pkgconfig(tdb) >= 1.1.3 BuildRequires: pkgconfig(tevent) %else -BuildRequires: dbus-1-devel +BuildRequires: dbus-1-devel >= 1.0.0 +BuildRequires: glib2-devel BuildRequires: libcares-devel BuildRequires: libcollection-devel >= 0.5.1 BuildRequires: libdhash-devel >= 0.4.2 @@ -76,18 +81,6 @@ BuildRequires: pcre-devel >= 7 BuildRequires: popt-devel BuildRequires: python-devel %endif -BuildRequires: autoconf -BuildRequires: automake -BuildRequires: bind-utils -BuildRequires: docbook-xsl-stylesheets -BuildRequires: krb5-devel -BuildRequires: libtool -%if 0%{?suse_version} >= 1140 -BuildRequires: libunistring-devel -%else -# SLES 11 SP2 does not have libunistring -BuildRequires: glib2-devel -%endif %if 0%{?suse_version} >= 1220 BuildRequires: libxml2-tools BuildRequires: libxslt-tools @@ -150,6 +143,23 @@ Requires: libipa_hbac0 = %version Utility library to validate FreeIPA HBAC rules for authorization requests. +%package -n libsss_idmap0 +Summary: FreeIPA ID mapping library +License: LGPL-3.0+ +Group: System/Libraries + +%description -n libsss_idmap0 +A utility library for FreeIPA to map Windows SIDs to Unix user/group IDs. + +%package -n libsss_idmap-devel +Summary: Development files for the FreeIPA idmap library +License: LGPL-3.0+ +Group: Development/Libraries/C and C++ +Requires: libsss_idmap0 = %version + +%description -n libsss_idmap-devel +A utility library for FreeIPA to map Windows SIDs to Unix user/group IDs. + %package -n python-ipa_hbac Summary: Python bindings for the FreeIPA HBAC Evaluator library License: GPL-3.0+ and LGPL-3.0+ @@ -172,10 +182,9 @@ Security Services Daemon (sssd). %prep %setup -q -%patch -P 3 -P 5 -P 6 -p1 +%patch -P 5 -p1 %build -autoreconf %if 0%{?suse_version} < 1210 # pkgconfig file not present export LDB_LIBS="-lldb" @@ -206,7 +215,7 @@ export PATH="$PATH:/usr/sbin" make %{?_smp_mflags} all %install -make install DESTDIR=$RPM_BUILD_ROOT +make install DESTDIR="%buildroot" # Copy default sssd.conf file install -d %{buildroot}%{_mandir}/cs @@ -364,6 +373,16 @@ rm -rf \ %_libdir/libipa_hbac.so %_libdir/pkgconfig/ipa_hbac.pc +%files -n libsss_idmap0 +%defattr(-,root,root) +%_libdir/libsss_idmap.so.0* + +%files -n libsss_idmap-devel +%defattr(-,root,root) +%_includedir/sss_idmap.h +%_libdir/libsss_idmap.so +%_libdir/pkgconfig/sss_idmap.pc + %files -n python-ipa_hbac %defattr(-,root,root) %python_sitearch/pyhbac.so @@ -371,9 +390,6 @@ rm -rf \ %files -n python-sssd-config %defattr(-,root,root) %python_sitearch/pysss.so -%python_sitelib/SSSDConfig*.py* -%python_sitelib/SSSDConfig*.egg-info -%python_sitelib/ipachangeconf.py* -%python_sitelib/sssd_upgrade_config.py* +%python_sitelib/SSSDConfig* %changelog From 44a1157cc46e3518b6ffeb6b769f47aa4eae52efc228d231ece30cdfc5bc3e61 Mon Sep 17 00:00:00 2001 From: Jan Engelhardt Date: Wed, 27 Jun 2012 12:41:44 +0000 Subject: [PATCH 2/2] sssd-1.8.93 OBS-URL: https://build.opensuse.org/package/show/network:ldap/sssd?expand=0&rev=74 --- sssd.spec | 3 --- 1 file changed, 3 deletions(-) diff --git a/sssd.spec b/sssd.spec index 2290597..3585e30 100644 --- a/sssd.spec +++ b/sssd.spec @@ -207,9 +207,6 @@ export PATH="$PATH:/usr/sbin" --with-ldb-lib-dir="$LDB_DIR" \ --with-selinux=no \ --with-os=suse \ -%if 0%{?sles_version} == 11 - --with-unicode-lib=glib2 \ -%endif --with-semanage=no make %{?_smp_mflags} all