SHA256
1
0
forked from jengelh/sssd
Jan Engelhardt 2016-07-08 16:12:31 +00:00 committed by Git OBS Bridge
parent 86273c6d97
commit c1259b7292
7 changed files with 77 additions and 51 deletions

View File

@ -1,27 +0,0 @@
From 303d096f920801f7b06a7ad406ea83b4cd0219da Mon Sep 17 00:00:00 2001
From: David Disseldorp <ddiss@samba.org>
Date: Tue, 6 May 2014 15:56:42 +0200
Subject: [PATCH] build: detect endianness at configure time
WORDS_BIGENDIAN, HAVE_BIG_ENDIAN and HAVE_LITTLE_ENDIAN are needed by
Samba. See Samba's byteorder.h header for an example.
Signed-off-by: David Disseldorp <ddiss@samba.org>
---
configure.ac | 3 +++
1 file changed, 3 insertions(+)
Index: sssd-1.13.3/configure.ac
===================================================================
--- sssd-1.13.3.orig/configure.ac
+++ sssd-1.13.3/configure.ac
@@ -428,6 +428,9 @@ AM_CONDITIONAL([HAVE_DEVSHM], [test -d /
ENABLE_POLKIT_RULES_PATH
AM_CONDITIONAL([HAVE_POLKIT_RULES_D], [test x$HAVE_POLKIT_RULES_D != x])
+AC_C_BIGENDIAN([AC_DEFINE(HAVE_BIG_ENDIAN, [1], [whether platform is big endian])],
+ [AC_DEFINE(HAVE_LITTLE_ENDIAN, [1], [whether platform is little endian])])
+
abs_build_dir=`pwd`
AC_DEFINE_UNQUOTED([ABS_BUILD_DIR], ["$abs_build_dir"], [Absolute path to the build directory])
AC_SUBST([abs_builddir], $abs_build_dir)

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:0a7bba7697088734c5fa1844dbb6de4f1f11afd30df02f0c1dd2579114c0a194
size 4730392

View File

@ -1,7 +0,0 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEABECAAYFAlcPWC0ACgkQHsardTLnvCUN0ACfUaD9ymW6zqntaFMG+xYLChRj
3FUAoItHho7bSsdNziD98BhPQKLPAETj
=CSMb
-----END PGP SIGNATURE-----

3
sssd-1.14.0.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:5c49ed0ecd17461a955bf031b73f257e8c40744d7485cd969976ccce819d624e
size 4915954

7
sssd-1.14.0.tar.gz.asc Normal file
View File

@ -0,0 +1,7 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEABECAAYFAld+lREACgkQHsardTLnvCWq5QCdHBsN7hUU57vQ6nekGFsKbS8t
jYIAn14wL9ZxSlmGY9zAGUAt8A0l0DLQ
=ER1G
-----END PGP SIGNATURE-----

View File

@ -1,3 +1,39 @@
-------------------------------------------------------------------
Fri Jul 8 10:46:59 UTC 2016 - jengelh@inai.de
- Update to new upstream release 1.14.0
* The AD provider is now able to look up users from Active
Directory domains by certificate. This change enables logins for
Active Directory users with the help of a smart card.
* The sss_override tool is now able to add certificates as local
overrides in the SSSD cache. Please note that the certificate
overrides are stored in the local cache, so removing the cache
also removes all the certificates!
* Invalid certificates are skipped instead of aborting the whole
operation when logging in with a smart card using SSH.
* This version allows several OCSP-related options such as the OCSP
responder to be configured during smart card authentication.
* SSSD is now able to determine the name of the user who logs in
from the inserted smart card without having to type in the
username. Note that this functionality must be enabled with the
allow_missing_name pam_sss option.
* The sss_cache command line tool is now able to invalidate SUDO
rules with its new -r/-R switches. Note that the sudo rules ar
not refreshed with the sss_cache tool immediately.
* A new command line tool called sssctl was added. This tool
allows to observe the status of SSSD.
* A new option local_negative_timeout was added. This option
allows the admin to specify the time during which lookups for
users that are not handled by SSSD but are present on the
system (typically in /etc/passwd and /etc/group) and prevents
repeated lookups of local users on the remote server during
initgroups operation.
* An ID-mapping plugin for the winbind deamon was added. With
this plugin, it's possible for winbind to use the same
ID-mapping scheme as SSSD uses, producing consistent ID values.
- Remove 0001-build-detect-endianness-at-configure-time.patch
(included upstream)
-------------------------------------------------------------------
Mon Apr 18 12:24:29 UTC 2016 - hguo@suse.com

View File

@ -17,7 +17,7 @@
Name: sssd
Version: 1.13.4
Version: 1.14.0
Release: 0
Summary: System Security Services Daemon
License: GPL-3.0+ and LGPL-3.0+
@ -31,7 +31,6 @@ Source3: baselibs.conf
Source4: sssd.service
Source5: %name.keyring
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Patch1: 0001-build-detect-endianness-at-configure-time.patch
%define servicename sssd
%define sssdstatedir %_localstatedir/lib/sss
@ -206,6 +205,14 @@ utilities. The main purpose is to map Active Directory users and
groups identified by their SID to POSIX users and groups identified
by their POSIX UIDs and GIDs respectively.
%package winbind-idmap
Summary: idmap backend for Winbind
Group: System/Libraries
%description winbind-idmap
The idmap_sss module provides a way for Winbind to call SSSD to map
UIDs/GIDs and SIDs.
%package -n libipa_hbac0
Summary: FreeIPA HBAC Evaluator library
License: LGPL-3.0+
@ -371,7 +378,6 @@ Security Services Daemon (sssd).
%prep
%setup -q
%patch -P 1 -p1
%build
%if 0%{?suse_version} < 1210
@ -386,7 +392,7 @@ export LDB_DIR="$(pkg-config ldb --variable=modulesdir)"
# help configure find nscd
export PATH="$PATH:/usr/sbin"
autoreconf -fiv;
autoreconf -fiv
export CFLAGS="%optflags -fPIE"
export LDFLAGS="-pie"
%configure \
@ -402,20 +408,20 @@ export LDFLAGS="-pie"
--with-os=suse \
--with-semanage=no \
--disable-ldb-version-check \
--without-secrets
make %{?_smp_mflags} all
%install
b="%buildroot";
b="%buildroot"
make install DESTDIR="$b"
# Copy default sssd.conf file
install -d "$b/%_mandir"/{cs,cs/man8,nl,nl/man8,pt,pt/man8,uk,uk/man1} \
"$b/%_mandir"/{uk/man5,uk/man8};
install -d "$b/%_sysconfdir/sssd";
install -m600 src/examples/sssd-example.conf "$b/%_sysconfdir/sssd/sssd.conf";
install -d "$b/%_unitdir";
install -m644 %{S:4} "$b/%_unitdir/sssd.service";
"$b/%_mandir"/{uk/man5,uk/man8}
install -d "$b/%_sysconfdir/sssd"
install -m600 src/examples/sssd-example.conf "$b/%_sysconfdir/sssd/sssd.conf"
install -d "$b/%_unitdir"
install -m644 %{S:4} "$b/%_unitdir/sssd.service"
rm -Rf "$b/%_initddir"
ln -s service "$b/%_sbindir/rcsssd"
@ -424,7 +430,7 @@ mkdir -p "$b/%_sysconfdir/ld.so.conf.d"
cat >"$b/%_sysconfdir/ld.so.conf.d/sssd-wbclient.conf" <<-EOF
%_libdir/%name/modules
EOF
find "$b" -type f -name "*.la" -delete;
find "$b" -type f -name "*.la" -delete
rm -Rf "$b/%_sysconfdir/dbus-1" "$b/%_datadir/dbus-1"
@ -448,8 +454,8 @@ make %{?_smp_mflags} check ||:
%postun
if [ "$1" = "0" ]; then
"%_sbindir/pam-config" -d --sss || :;
fi;
"%_sbindir/pam-config" -d --sss || :
fi
/sbin/ldconfig
# Clear caches, which may have an incompatible format afterwards
# (especially, downgrades)
@ -472,6 +478,7 @@ rm -f /var/lib/sss/db/*.ldb
%doc COPYING
%_unitdir
%_bindir/sss_ssh_*
%_sbindir/sssctl
%_sbindir/sssd
%_sbindir/rcsssd
%dir %_mandir/??/
@ -482,11 +489,13 @@ rm -f /var/lib/sss/db/*.ldb
%_mandir/??/man5/sssd.conf.5*
%_mandir/??/man8/sssd.8*
%_mandir/man1/sss_ssh_*
%_mandir/man8/sssctl.8*
%_mandir/man5/sssd-simple.5*
%_mandir/man5/sssd-sudo.5*
%_mandir/man5/sssd.conf.5*
%_mandir/man8/sssd.8*
%dir %_libdir/%name/
%_libdir/%name/conf/
%_libdir/%name/libsss_child*
%_libdir/%name/libsss_cert*
%_libdir/%name/libsss_crypt*
@ -517,7 +526,10 @@ rm -f /var/lib/sss/db/*.ldb
%attr(750,root,root) %dir %_localstatedir/log/%name/
%dir %_sysconfdir/sssd/
%config(noreplace) %_sysconfdir/sssd/sssd.conf
%dir %_sysconfdir/pam.d/
%config(noreplace) %_sysconfdir/pam.d/sssd-shadowutils
%dir %_datadir/%name/
%_datadir/%name/cfg_rules.ini
%_datadir/%name/sssd.api.conf
%dir %_datadir/%name/sssd.api.d/
%_datadir/%name/sssd.api.d/sssd-local.conf
@ -649,6 +661,11 @@ rm -f /var/lib/sss/db/*.ldb
%_libdir/sssd/modules/libwbclient.so
%_libdir/pkgconfig/wbclient_sssd.pc
%files winbind-idmap
%defattr(-,root,root)
%_libdir/samba/
%_mandir/man8/idmap_sss.8*
%files -n libipa_hbac0
%defattr(-,root,root)
%_libdir/libipa_hbac.so.0*