SHA256
1
0
forked from jengelh/sssd

Accepting request 244504 from network:ldap

- Update to new upstream release 1.12.0

OBS-URL: https://build.opensuse.org/request/show/244504
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/sssd?expand=0&rev=57
This commit is contained in:
Ludwig Nussel 2014-08-15 07:58:17 +00:00 committed by Git OBS Bridge
commit 6b34bea91e
7 changed files with 128 additions and 72 deletions

View File

@ -1,48 +0,0 @@
From 7fc27c7a3ccbb6aecb8cf4a4a5f91962028cb897 Mon Sep 17 00:00:00 2001
From: Lukas Slebodnik <lslebodn@redhat.com>
Date: Mon, 17 Mar 2014 09:07:56 +0100
Subject: [PATCH] BUILD: Link libsss_ldap_common.so to libsss_idmap.so
Library libsss_ldap.so does not directly use functions from library
libsss_idmap.so. It only call function sdap_idmap_init (from file sdap_idmap.c)
which is in library libsss_ldap_common.so
sh-4.2$ nm -D --undefined-only /usr/lib64/sssd/libsss_ldap.so | grep idmap
U sdap_idmap_init
On the other hand, libsss_ldap_common.so uses functions from libsss_idmap
but it was not linked to libsss_idmap.so.
sh-4.2$ objdump -p /usr/lib64/sssd/libsss_ldap_common.so | grep idmap
sh-4.2$ echo $?
1
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
---
Makefile.am | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
Index: sssd-1.11.5.1/Makefile.am
===================================================================
--- sssd-1.11.5.1.orig/Makefile.am
+++ sssd-1.11.5.1/Makefile.am
@@ -1618,6 +1618,8 @@ libsss_ldap_common_la_SOURCES = \
src/providers/ldap/sdap_dyndns.c \
src/providers/ldap/sdap_refresh.c \
src/providers/ldap/sdap.c
+libsss_ldap_common_la_LIBADD = \
+ libsss_idmap.la
libsss_ldap_common_la_LDFLAGS = \
-avoid-version
@@ -1675,8 +1677,7 @@ libsss_ldap_la_LIBADD = \
$(OPENLDAP_LIBS) \
$(DHASH_LIBS) \
$(KRB5_LIBS) \
- libsss_ldap_common.la \
- libsss_idmap.la
+ libsss_ldap_common.la
libsss_ldap_la_LDFLAGS = \
-avoid-version \
-module

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:5bf0d564de5193df0fc28df5e156109b32a7a66bc68f0366e06c00bcd68fea1b
size 3511029

View File

@ -1,7 +0,0 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEABECAAYFAlNIGEUACgkQHsardTLnvCU6hwCg0pveLQy2nicOicGbNg1d7ANp
4PEAn0v0uCRsJLsuANezjLMM2C/uaf6Z
=HFIZ
-----END PGP SIGNATURE-----

3
sssd-1.12.0.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:d536471fbc4d4b9948adfb751b7a9df3405ddfbc58274d73adc0c997c91c6472
size 3968855

7
sssd-1.12.0.tar.gz.asc Normal file
View File

@ -0,0 +1,7 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEABECAAYFAlO9gK0ACgkQHsardTLnvCVxmACg1tRelGxCTMeHLjDkHAonfQzG
bz4AoL7RQa1oHlGtazWSzoMrambqy621
=noRD
-----END PGP SIGNATURE-----

View File

@ -1,3 +1,35 @@
-------------------------------------------------------------------
Sun Aug 10 12:20:50 UTC 2014 - jengelh@inai.de
- Update to new upstream release 1.12.0
* A new responder, called InfoPipe was added. This responder
provides a public D-Bus interface accessible over the system bus.
In this release, methods for retrieving user attributes and list
of groups were added as well as objects representing SSSD domains
and processes. (The next 1.12.x releases will publish objects
representing users and groups, too.)
* SSSD provides an ID-mapping plugin for cifs-utils so that Windows
SIDs can be mapped onto POSIX IDs and/or names without requiring
Winbind and using the same code as the SSSD uses for identity
information.
* First phase of Group Policy-based access control for the AD
provider was added. At the moment, the gpo-ldap component that
downloads the list of GPOs that apply for the specific client has
been implemented as well as the gpo-smb component that retrieves
the group policy files and determines the access control check
results based on those files. Future improvements will focus on
storing the GPO policies as local files and mapping the Windows
logon rights onto Linux PAM services.
* Added a new library called sss_sifp that provides a simple
synchronous API for communication with our new InfoPipe responder
over the system bus.
- Remove 0001-BUILD-Link-libsss_ldap_common.so-to-libsss_idmap.so.patch
(merged upstream)
- Provide "rcsssd" in systemd environments
- Ensure sssd is always startable by removing /var/lib/sss/db/*.ldb
on package installation so as to avoid potentially cache
format incompatibility which would cause sssd to exit
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Jun 12 14:18:30 UTC 2014 - ckornacker@suse.com Thu Jun 12 14:18:30 UTC 2014 - ckornacker@suse.com

100
sssd.spec
View File

@ -17,7 +17,7 @@
Name: sssd Name: sssd
Version: 1.11.5.1 Version: 1.12.0
Release: 0 Release: 0
Summary: System Security Services Daemon Summary: System Security Services Daemon
License: GPL-3.0+ and LGPL-3.0+ License: GPL-3.0+ and LGPL-3.0+
@ -32,7 +32,6 @@ Source4: sssd.service
Source5: %name.keyring Source5: %name.keyring
BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRoot: %{_tmppath}/%{name}-%{version}-build
Patch1: 0001-build-detect-endianness-at-configure-time.patch Patch1: 0001-build-detect-endianness-at-configure-time.patch
Patch2: 0001-BUILD-Link-libsss_ldap_common.so-to-libsss_idmap.so.patch
%define servicename sssd %define servicename sssd
%define sssdstatedir %_localstatedir/lib/sss %define sssdstatedir %_localstatedir/lib/sss
@ -49,17 +48,20 @@ Patch2: 0001-BUILD-Link-libsss_ldap_common.so-to-libsss_idmap.so.patch
BuildRequires: autoconf >= 2.59 BuildRequires: autoconf >= 2.59
BuildRequires: automake BuildRequires: automake
BuildRequires: bind-utils BuildRequires: bind-utils
BuildRequires: cifs-utils-devel
BuildRequires: cyrus-sasl-devel BuildRequires: cyrus-sasl-devel
BuildRequires: docbook-xsl-stylesheets BuildRequires: docbook-xsl-stylesheets
BuildRequires: krb5-devel BuildRequires: krb5-devel
BuildRequires: libsmbclient-devel
BuildRequires: libtool BuildRequires: libtool
BuildRequires: pkgconfig >= 0.21 BuildRequires: pkgconfig >= 0.21
%if 0%{?suse_version} >= 1210 %if 0%{?suse_version} >= 1210
BuildRequires: pkgconfig(augeas) >= 1.0.0
BuildRequires: pkgconfig(collection) >= 0.5.1 BuildRequires: pkgconfig(collection) >= 0.5.1
BuildRequires: pkgconfig(dbus-1) >= 1.0.0 BuildRequires: pkgconfig(dbus-1) >= 1.0.0
BuildRequires: pkgconfig(dhash) >= 0.4.2 BuildRequires: pkgconfig(dhash) >= 0.4.2
BuildRequires: pkgconfig(glib-2.0) BuildRequires: pkgconfig(glib-2.0)
BuildRequires: pkgconfig(ini_config) >= 0.6.1 BuildRequires: pkgconfig(ini_config) >= 1.1.0
BuildRequires: pkgconfig(ldb) >= 0.9.2 BuildRequires: pkgconfig(ldb) >= 0.9.2
BuildRequires: pkgconfig(libcares) BuildRequires: pkgconfig(libcares)
BuildRequires: pkgconfig(libnl-3.0) >= 3.0 BuildRequires: pkgconfig(libnl-3.0) >= 3.0
@ -73,12 +75,13 @@ BuildRequires: pkgconfig(talloc)
BuildRequires: pkgconfig(tdb) >= 1.1.3 BuildRequires: pkgconfig(tdb) >= 1.1.3
BuildRequires: pkgconfig(tevent) BuildRequires: pkgconfig(tevent)
%else %else
BuildRequires: augeas-devel
BuildRequires: dbus-1-devel >= 1.0.0 BuildRequires: dbus-1-devel >= 1.0.0
BuildRequires: glib2-devel BuildRequires: glib2-devel
BuildRequires: libcares-devel BuildRequires: libcares-devel
BuildRequires: libcollection-devel >= 0.5.1 BuildRequires: libcollection-devel >= 0.5.1
BuildRequires: libdhash-devel >= 0.4.2 BuildRequires: libdhash-devel >= 0.4.2
BuildRequires: libini_config-devel >= 0.6.1 BuildRequires: libini_config-devel >= 1.1.0
BuildRequires: libldb-devel >= 0.9.2 BuildRequires: libldb-devel >= 0.9.2
BuildRequires: libnl-devel >= 1.1 BuildRequires: libnl-devel >= 1.1
BuildRequires: libopenssl-devel BuildRequires: libopenssl-devel
@ -103,12 +106,10 @@ BuildRequires: openldap2-devel
BuildRequires: pam-devel BuildRequires: pam-devel
BuildRequires: pkg-config BuildRequires: pkg-config
%if %suse_version >= 1210 %if %suse_version >= 1210
BuildRequires: systemd BuildRequires: systemd-rpm-macros
BuildRequires: pkgconfig(libsystemd-login)
%{?systemd_requires} %{?systemd_requires}
%endif %endif
%if %suse_version >= 1230
BuildRequires: gpg-offline
%endif
Requires: sssd-ldap = %version-%release Requires: sssd-ldap = %version-%release
Requires(postun): pam-config Requires(postun): pam-config
@ -130,6 +131,16 @@ Provides the Active Directory back end that the SSSD can utilize to
fetch identity data from and authenticate against an Active Directory fetch identity data from and authenticate against an Active Directory
server. server.
%package dbus
Summary: The D-Bus responder of sssd
License: GPL-3.0+
Group: System/Base
Requires: %name = %version
%description dbus
Provides the D-Bus responder of sssd, called InfoPipe, which allows
information from sssd to be transmitted over the system bus.
%package ipa %package ipa
Summary: FreeIPA backend plugin for sssd Summary: FreeIPA backend plugin for sssd
License: GPL-3.0+ License: GPL-3.0+
@ -244,6 +255,26 @@ Requires: libsss_nss_idmap0 = %version
%description -n libsss_nss_idmap-devel %description -n libsss_nss_idmap-devel
A utility library for FreeIPA to map Windows SIDs to Unix user/group IDs. A utility library for FreeIPA to map Windows SIDs to Unix user/group IDs.
%package -n libsss_simpleifp0
Summary: The SSSD D-Bus responder helper library
License: GPL-3.0+
Group: System/Libraries
%description -n libsss_simpleifp0
This subpackage provides a library that simplifies the D-Bus API for
the SSSD InfoPipe responder.
%package -n libsss_simpleifp-devel
Summary: Development files for the SSSD D-Bus responder helper library
License: GPL-3.0+
Group: Development/Libraries/C and C++
Requires: libsss_simpleifp0 = %version
%description -n libsss_simpleifp-devel
This subpackage provides the development files for sssd's simpleifp,
a library that simplifies the D-Bus API for the SSSD InfoPipe
responder.
%package -n libsss_sudo %package -n libsss_sudo
Summary: A library to allow communication between sudo and SSSD Summary: A library to allow communication between sudo and SSSD
License: LGPL-3.0+ License: LGPL-3.0+
@ -287,9 +318,8 @@ Provide python module to access and manage configuration of the System
Security Services Daemon (sssd). Security Services Daemon (sssd).
%prep %prep
%{?gpg_verify: %gpg_verify %{S:2}}
%setup -q %setup -q
%patch -P 1 -P 2 -p1 %patch -P 1 -p1
%build %build
%if 0%{?suse_version} < 1210 %if 0%{?suse_version} < 1210
@ -337,6 +367,7 @@ install -d "$b/%_unitdir";
#install src/sysv/systemd/sssd.service "$b/%_unitdir/sssd.service"; #install src/sysv/systemd/sssd.service "$b/%_unitdir/sssd.service";
install -m644 %{S:4} "$b/%_unitdir/sssd.service"; install -m644 %{S:4} "$b/%_unitdir/sssd.service";
rm -Rf "$b/%_initddir" rm -Rf "$b/%_initddir"
ln -s service "$b/%_sbindir/rcsssd"
%else %else
install src/sysv/SUSE/sssd "$b/%_sysconfdir/init.d/sssd"; install src/sysv/SUSE/sssd "$b/%_sysconfdir/init.d/sssd";
ln -sf ../../etc/init.d/sssd "$b/usr/sbin/rcsssd" ln -sf ../../etc/init.d/sssd "$b/usr/sbin/rcsssd"
@ -350,6 +381,8 @@ find "$b" -type f -name "*.la" -delete;
rm -Rf "$b/usr/share/locale"/{fa_IR,ja_JP,lt_LT,ta_IN,vi_VN} rm -Rf "$b/usr/share/locale"/{fa_IR,ja_JP,lt_LT,ta_IN,vi_VN}
%endif %endif
rm -Rf "$b/%_sysconfdir/dbus-1" "$b/%_datadir/dbus-1"
%find_lang %name --all-name %find_lang %name --all-name
%if 0%{?_unitdir:1} %if 0%{?_unitdir:1}
@ -360,7 +393,6 @@ rm -Rf "$b/usr/share/locale"/{fa_IR,ja_JP,lt_LT,ta_IN,vi_VN}
%post %post
# migrate config variable krb5_kdcip to krb5_server (bnc#851048) # migrate config variable krb5_kdcip to krb5_server (bnc#851048)
/bin/sed -i -e 's,^krb5_kdcip =,krb5_server =,g' %_sysconfdir/sssd/sssd.conf /bin/sed -i -e 's,^krb5_kdcip =,krb5_server =,g' %_sysconfdir/sssd/sssd.conf
/sbin/ldconfig /sbin/ldconfig
%if 0%{?_unitdir:1} %if 0%{?_unitdir:1}
%service_add_post sssd.service %service_add_post sssd.service
@ -377,8 +409,15 @@ if [ "$1" == "0" ]; then
fi; fi;
/sbin/ldconfig /sbin/ldconfig
%if 0%{?_unitdir:1} %if 0%{?_unitdir:1}
# Clear caches, which may have an incompatible format afterwards
# (especially, downgrades)
rm -f /var/lib/sss/db/*.ldb
# del_postun includes a try-restart
%service_del_postun sssd.service %service_del_postun sssd.service
%else
%restart_on_update sssd
%endif %endif
%insserv_cleanup
%post -n libipa_hbac0 -p /sbin/ldconfig %post -n libipa_hbac0 -p /sbin/ldconfig
%postun -n libipa_hbac0 -p /sbin/ldconfig %postun -n libipa_hbac0 -p /sbin/ldconfig
@ -386,6 +425,8 @@ fi;
%postun -n libsss_idmap0 -p /sbin/ldconfig %postun -n libsss_idmap0 -p /sbin/ldconfig
%post -n libsss_nss_idmap0 -p /sbin/ldconfig %post -n libsss_nss_idmap0 -p /sbin/ldconfig
%postun -n libsss_nss_idmap0 -p /sbin/ldconfig %postun -n libsss_nss_idmap0 -p /sbin/ldconfig
%post -n libsss_simpleifp0 -p /sbin/ldconfig
%postun -n libsss_simpleifp0 -p /sbin/ldconfig
%files -f sssd.lang %files -f sssd.lang
%defattr(-,root,root) %defattr(-,root,root)
@ -394,10 +435,10 @@ fi;
%_unitdir %_unitdir
%else %else
%_initrddir/%name %_initrddir/%name
%_sbindir/rcsssd
%endif %endif
%_bindir/sss_ssh_* %_bindir/sss_ssh_*
%_sbindir/sssd %_sbindir/sssd
%_sbindir/rcsssd
%dir %_mandir/??/ %dir %_mandir/??/
%dir %_mandir/??/man?/ %dir %_mandir/??/man?/
%_mandir/??/man1/sss_ssh_* %_mandir/??/man1/sss_ssh_*
@ -420,7 +461,13 @@ fi;
%dir %_libdir/ldb/ %dir %_libdir/ldb/
%_libdir/ldb/memberof.so %_libdir/ldb/memberof.so
%dir %_libexecdir/%name/ %dir %_libexecdir/%name/
%_libexecdir/%name/sssd_* %_libexecdir/%name/sssd_autofs
%_libexecdir/%name/sssd_be
%_libexecdir/%name/sssd_nss
%_libexecdir/%name/sssd_pam
%_libexecdir/%name/sssd_ssh
%_libexecdir/%name/sssd_sudo
%_libexecdir/%name/sss_signal
%dir %sssdstatedir %dir %sssdstatedir
%attr(700,root,root) %dir %dbpath/ %attr(700,root,root) %dir %dbpath/
%attr(755,root,root) %dir %pipepath/ %attr(755,root,root) %dir %pipepath/
@ -439,7 +486,8 @@ fi;
# #
/%_lib/libnss_sss.so.2 /%_lib/libnss_sss.so.2
/%_lib/security/pam_sss.so /%_lib/security/pam_sss.so
%_libdir/krb5/plugins/libkrb5/* %_libdir/cifs-utils/
%_libdir/krb5/
%_mandir/??/man8/pam_sss.8* %_mandir/??/man8/pam_sss.8*
%_mandir/??/man8/sssd_krb5_locator_plugin.8* %_mandir/??/man8/sssd_krb5_locator_plugin.8*
%_mandir/man8/pam_sss.8* %_mandir/man8/pam_sss.8*
@ -449,6 +497,9 @@ fi;
%defattr(-,root,root) %defattr(-,root,root)
%dir %_libdir/%name/ %dir %_libdir/%name/
%_libdir/%name/libsss_ad.so %_libdir/%name/libsss_ad.so
%_libdir/%name/libsss_ad_common.so
%dir %_libexecdir/%name/
%_libexecdir/%name/gpo_child
%dir %_datadir/%name/ %dir %_datadir/%name/
%dir %_datadir/%name/sssd.api.d/ %dir %_datadir/%name/sssd.api.d/
%_datadir/%name/sssd.api.d/sssd-ad.conf %_datadir/%name/sssd.api.d/sssd-ad.conf
@ -456,6 +507,17 @@ fi;
%_mandir/man5/sssd-ad.5* %_mandir/man5/sssd-ad.5*
%_mandir/??/man5/sssd-ad.5* %_mandir/??/man5/sssd-ad.5*
%files dbus
%defattr(-,root,root)
%dir %_libexecdir/sssd/
%_libexecdir/sssd/sssd_ifp
%dir %_libdir/sssd/
%_libdir/sssd/libsss_config.so
%_mandir/man5/sssd-ifp.5*
%_mandir/??/man5/sssd-ifp.5*
#%_sysconfdir/dbus-1/system.d/org.freedesktop.sssd.infopipe.conf
#%_datadir/dbus-1/system-services/org.freedesktop.sssd.infopipe.service
%files ipa %files ipa
%defattr(-,root,root) %defattr(-,root,root)
%dir %_libdir/%name/ %dir %_libdir/%name/
@ -554,6 +616,16 @@ fi;
%_libdir/libsss_nss_idmap.so %_libdir/libsss_nss_idmap.so
%_libdir/pkgconfig/sss_nss_idmap.pc %_libdir/pkgconfig/sss_nss_idmap.pc
%files -n libsss_simpleifp0
%defattr(-,root,root)
%_libdir/libsss_simpleifp.so.0*
%files -n libsss_simpleifp-devel
%defattr(-,root,root)
%_includedir/sss_sifp*.h
%_libdir/libsss_simpleifp.so
%_libdir/pkgconfig/sss_simpleifp.pc
%files -n libsss_sudo %files -n libsss_sudo
%defattr(-,root,root) %defattr(-,root,root)
%_libdir/libsss_sudo.so %_libdir/libsss_sudo.so