mhurron/sssd
SHA256
1
0
Fork 0
forked from jengelh/sssd
Code Pull Requests Activity

Accepting request 536206 from home:stroeder:branches:network:ldap

Browse Source 
Update to new upstream release 1.16.0.

Successfully tested with Howard's test scripts on openSUSE Tumbleweed x86_64.

Build of man pages seems broken. But this is not caused by this sssd update because the man pages are already broken in sssd-tools-1.15.2-1.4 package in Tumbleweed.

OBS-URL: https://build.opensuse.org/request/show/536206
OBS-URL: https://build.opensuse.org/package/show/network:ldap/sssd?expand=0&rev=188
This commit is contained in:
Michael Ströder 2017-10-25 11:56:22 +00:00 committed by Git OBS Bridge
parent 63b85c3a82
commit c7db1552cb
6 changed files with 345 additions and 236 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
sssd-1.15.2.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:4cd5fcb314d77a58029a216b7e6001c6cb41c5b784cf570c5761c97d1c12d264
size 5248134

6
sssd-1.15.2.tar.gz.asc
View File

@ -1,6 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iEYEABECAAYFAljJcscACgkQHsardTLnvCVCdwCgj0g3CSbz/gIS37W553d0QI7i
waoAnRN8+lQjwHQS+76q5nz2eSdRLnIG
=4tQo
-----END PGP SIGNATURE-----

3
sssd-1.16.0.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:c581a6e5365cef87fca419c0c9563cf15eadbb682863d648d85ffcded7a3940f
size 5899127

6
sssd-1.16.0.tar.gz.asc Normal file
View File

@ -0,0 +1,6 @@
-----BEGIN PGP SIGNATURE-----
iEYEABECAAYFAlnqDFQACgkQHsardTLnvCU79wCg3b6eA8KEVLV8WECtUpTuFOb4
WtAAoIQpjJYhg/z0wNqa2wh5v7CLpZdP
=MMlI
-----END PGP SIGNATURE-----

71
sssd.changes
View File

@ -1,3 +1,74 @@
-------------------------------------------------------------------
Mon Oct 23 16:31:54 UTC 2017 - michael@stroeder.com
- consequently use curly brackets when referencing variables
- Update to new upstream release 1.16.0
Security fixes
* This release fixes CVE-2017-12173: Unsanitized input when searching in
local cache database. SSSD stores its cached data in an LDAP like local
database file using libldb. To lookup cached data LDAP search filters
like (objectClass=user)(name=user_name) are used. However, in
sysdb_search_user_by_upn_res(), the input was not sanitized and
allowed to manipulate the search filter for cache lookups. This would
allow a logged in user to discover the password hash of a different user.
New Features
* SSSD now supports session recording configuration through tlog. This
feature enables recording of everything specific users see or type
during their sessions on a text terminal. For more information, see
the sssd-session-recording(5) manual page.
* SSSD can act as a client agent to deliver
Fleet Commander <https://wiki.gnome.org/Projects/FleetCommander>
policies defined on an IPA server. Fleet Commander provides a
configuration management interface that is controlled centrally and
that covers desktop, applications and network configuration.
* Several new systemtap <https://sourceware.org/systemtap/> probes
were added into various locations in SSSD code to assist in
troubleshooting and analyzing performance related issues. Please see the
sssd-systemtap(5) manual page for more information.
* A new LDAP provide access control mechanism that allows to restrict
access based on PAM's rhost data field was added. For more details,
please consult the sssd-ldap(5) manual page, in particular the
options ldap_user_authorized_rhost and the rhost value of
ldap_access_filter.
-------------------------------------------------------------------
Tue Jul 25 15:46:23 UTC 2017 - michael@stroeder.com
- Update to new upstream release 1.15.3 (KCM disabled)
New Features
* In a setup where an IPA domain trusts an Active Directory domain,
it is now possible to define the domain resolution order
(see http://www.freeipa.org/page/Releases/4.5.0#AD_User_Short_Names).
* Design page - Shortnames in trusted domains <https://docs.pagure.org/SSSD.sssd/design_pages/shortnames.html>
* SSSD ships with a new service called KCM. This service acts as a
storage for Kerberos tickets when "libkrb5" is configured to use
"KCM:" in "krb5.conf".
* Design page - KCM server for SSSD <https://docs.pagure.org/SSSD.sssd/design_pages/kcm.html>
* NOTE: There are several known issues in the "KCM" responder that
will be handled in the next release.
* Support for user and group resolution through the D-Bus interface and
authentication and/or authorization through the PAM interface even
for setups without UIDs or Windows SIDs present on the LDAP directory
side. This enhancement allows SSSD to be used together with apache
modules <https://github.com/adelton/mod_lookup_identity> to provide
identities for applications
* Design page - Support for non-POSIX users and groups <https://docs.pagure.org/SSSD.sssd/design_pages/non_posix_support.html>
* SSSD ships a new public library called "libsss_certmap" that allows
a flexible and configurable way of mapping a certificate to a user
identity.
* Design page - Matching and Mapping Certificates <https://docs.pagure.org/SSSD.sssd/design_pages/matching_and_mapping_certificates.html>
* The Kerberos locator plugin can be disabled using an environment variable
"SSSD_KRB5_LOCATOR_DISABLE". Please refer to the
"sssd_krb5_locator_plugin" manual page for mode details.
* The "sssctl" command line tool supports a new command "user-checks"
that enables the administrator to check whether a certain user should be
allowed or denied access to a certain PAM service.
* The "secrets" responder now forwards requests to a proxy Custodia
back end over a secure channel.
-------------------------------------------------------------------
Thu Mar 16 13:32:12 UTC 2017 - hguo@suse.com

492
sssd.spec
View File

@ -17,7 +17,7 @@
Name: sssd
Version: 1.15.2
Version: 1.16.0
Release: 0
Summary: System Security Services Daemon
License: GPL-3.0+ and LGPL-3.0+
@ -25,18 +25,18 @@ Group: System/Daemons
Url: https://pagure.io/SSSD/sssd
#Git-Clone: git://git.fedorahosted.org/sssd
Source: http://releases.pagure.org/SSSD/sssd/%name-%version.tar.gz
Source2: http://releases.pagure.org/SSSD/sssd/%name-%version.tar.gz.asc
Source: http://releases.pagure.org/SSSD/sssd/%{name}-%{version}.tar.gz
Source2: http://releases.pagure.org/SSSD/sssd/%{name}-%{version}.tar.gz.asc
Source3: baselibs.conf
Source4: sssd.service
Source5: %name.keyring
Source5: %{name}.keyring
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%define servicename sssd
%define sssdstatedir %_localstatedir/lib/sss
%define dbpath %sssdstatedir/db
%define pipepath %sssdstatedir/pipes
%define pubconfpath %sssdstatedir/pubconf
%define sssdstatedir %{_localstatedir}/lib/sss
%define dbpath %{sssdstatedir}/db
%define pipepath %{sssdstatedir}/pipes
%define pubconfpath %{sssdstatedir}/pubconf
BuildRequires: autoconf >= 2.59
BuildRequires: automake
@ -82,11 +82,11 @@ BuildRequires: pkgconfig(tdb) >= 1.1.3
BuildRequires: pkgconfig(tevent)
BuildRequires: pkgconfig(ndr_krb5pac)
%{?systemd_requires}
Requires: sssd-ldap = %version-%release
Requires: sssd-ldap = %{version}-%{release}
Requires(postun): pam-config
Provides: libsss_sudo = %version-%release
Provides: sssd-client = %version-%release
Obsoletes: libsss_sudo < %version-%release
Provides: libsss_sudo = %{version}-%{release}
Provides: sssd-client = %{version}-%{release}
Obsoletes: libsss_sudo < %{version}-%{release}
%description
Provides a set of daemons to manage access to remote directories and
@ -99,7 +99,7 @@ services for projects like FreeIPA.
Summary: The ActiveDirectory backend plugin for sssd
License: GPL-3.0+
Group: System/Daemons
Requires: %name-krb5-common = %version
Requires: %{name}-krb5-common = %{version}
%description ad
Provides the Active Directory back end that the SSSD can utilize to
@ -110,7 +110,7 @@ server.
Summary: The D-Bus responder of sssd
License: GPL-3.0+
Group: System/Base
Requires: %name = %version
Requires: %{name} = %{version}
%description dbus
Provides the D-Bus responder of sssd, called InfoPipe, which allows
@ -120,10 +120,10 @@ information from sssd to be transmitted over the system bus.
Summary: FreeIPA backend plugin for sssd
License: GPL-3.0+
Group: System/Daemons
Requires: %name = %version
Requires: %name-krb5-common = %version-%release
Obsoletes: %name-ipa-provider < %version-%release
Provides: %name-ipa-provider = %version-%release
Requires: %{name} = %{version}
Requires: %{name}-krb5-common = %{version}-%{release}
Obsoletes: %{name}-ipa-provider < %{version}-%{release}
Provides: %{name}-ipa-provider = %{version}-%{release}
%description ipa
Provides the IPA back end that the SSSD can utilize to fetch identity
@ -133,7 +133,7 @@ data from and authenticate against an IPA server.
Summary: The Kerberos authentication backend plugin for sssd
License: GPL-3.0+
Group: System/Daemons
Requires: %name-krb5-common = %version-%release
Requires: %{name}-krb5-common = %{version}-%{release}
%description krb5
Provides the Kerberos back end that the SSSD can utilize authenticate
@ -153,7 +153,7 @@ use for Kerberos user or host authentication.
Summary: The LDAP backend plugin for sssd
License: GPL-3.0+
Group: System/Daemons
Requires: %name-krb5-common = %version-%release
Requires: %{name}-krb5-common = %{version}-%{release}
%description ldap
Provides the LDAP back end that the SSSD can utilize to fetch
@ -172,8 +172,8 @@ and/or PAM modules to leverage SSSD caching.
Summary: Commandline tools for sssd
License: GPL-3.0+ and LGPL-3.0+
Group: System/Management
Requires: python-sssd-config = %version
Requires: sssd = %version
Requires: python-sssd-config = %{version}
Requires: sssd = %{version}
%py_requires
%description tools
@ -198,7 +198,7 @@ by their POSIX UIDs and GIDs respectively.
Summary: Development files for SSSD winbind
License: LGPL-3.0+
Group: Development/Libraries/C and C++
Requires: %name-wbclient = %version
Requires: %{name}-wbclient = %{version}
%description wbclient-devel
sssd-wbclient implements the libwbclient API for Samba daemons and
@ -214,6 +214,23 @@ Group: System/Libraries
The idmap_sss module provides a way for Winbind to call SSSD to map
UIDs/GIDs and SIDs.
%package -n libsss_certmap0
Summary: FreeIPA ID mapping library
License: LGPL-3.0+
Group: System/Libraries
%description -n libsss_certmap0
A utility library for FreeIPA to map certs.
%package -n libsss_certmap-devel
Summary: Development files for the FreeIPA certmap library
License: LGPL-3.0+
Group: Development/Libraries/C and C++
Requires: libsss_certmap0 = %{version}
%description -n libsss_certmap-devel
A utility library for FreeIPA to map certs.
%package -n libipa_hbac0
Summary: FreeIPA HBAC Evaluator library
License: LGPL-3.0+
@ -227,7 +244,7 @@ requests.
Summary: Development files for the FreeIPA HBAC Evaluator library
License: LGPL-3.0+
Group: Development/Libraries/C and C++
Requires: libipa_hbac0 = %version
Requires: libipa_hbac0 = %{version}
%description -n libipa_hbac-devel
Utility library to validate FreeIPA HBAC rules for authorization
@ -254,7 +271,7 @@ A utility library for FreeIPA to map Windows SIDs to Unix user/group IDs.
Summary: Development files for the FreeIPA idmap library
License: LGPL-3.0+
Group: Development/Libraries/C and C++
Requires: libsss_idmap0 = %version
Requires: libsss_idmap0 = %{version}
%description -n libsss_idmap-devel
A utility library for FreeIPA to map Windows SIDs to Unix user/group IDs.
@ -271,7 +288,7 @@ A utility library for FreeIPA to map Windows SIDs to Unix user/group IDs.
Summary: Development files for the FreeIPA idmap library
License: LGPL-3.0+
Group: Development/Libraries/C and C++
Requires: libsss_nss_idmap0 = %version
Requires: libsss_nss_idmap0 = %{version}
%description -n libsss_nss_idmap-devel
A utility library for FreeIPA to map Windows SIDs to Unix user/group IDs.
@ -289,7 +306,7 @@ the SSSD InfoPipe responder.
Summary: Development files for the SSSD D-Bus responder helper library
License: GPL-3.0+
Group: Development/Libraries/C and C++
Requires: libsss_simpleifp0 = %version
Requires: libsss_simpleifp0 = %{version}
%description -n libsss_simpleifp-devel
This subpackage provides the development files for sssd's simpleifp,
@ -385,7 +402,7 @@ Security Services Daemon (sssd).
# pkgconfig file not present
export LDB_LIBS="-lldb"
export LDB_CFLAGS=" "
export LDB_DIR="%_libdir/ldb"
export LDB_DIR="%{_libdir}/ldb"
%else
export LDB_DIR="$(pkg-config ldb --variable=modulesdir)"
%endif
@ -398,45 +415,45 @@ export CFLAGS="%optflags -fPIE"
export LDFLAGS="-pie"
%configure \
--with-crypto=libcrypto \
--with-db-path="%dbpath" \
--with-pipe-path="%pipepath" \
--with-pubconf-path="%pubconfpath" \
--with-init-dir="%_initrddir" \
--enable-nsslibdir="/%_lib" \
--enable-pammoddir="/%_lib/security" \
--with-db-path="%{dbpath}" \
--with-pipe-path="%{pipepath}" \
--with-pubconf-path="%{pubconfpath}" \
--with-init-dir="%{_initrddir}" \
--enable-nsslibdir="/%{_lib}" \
--enable-pammoddir="/%{_lib}/security" \
--with-ldb-lib-dir="$LDB_DIR" \
--with-selinux=no \
--with-os=suse \
--with-semanage=no \
--disable-ldb-version-check \
--without-kcm \
--without-secrets
make %{?_smp_mflags} all
%install
b="%buildroot"
make install DESTDIR="$b"
make install DESTDIR="%{buildroot}"
# Copy default sssd.conf file
install -d "$b/%_mandir"/{cs,cs/man8,nl,nl/man8,pt,pt/man8,uk,uk/man1} \
"$b/%_mandir"/{uk/man5,uk/man8}
install -d "$b/%_sysconfdir/sssd"
install -m600 src/examples/sssd-example.conf "$b/%_sysconfdir/sssd/sssd.conf"
install -d "$b/%_sysconfdir/sssd/conf.d"
install -d "$b/%_unitdir"
install -m644 %{S:4} "$b/%_unitdir/sssd.service"
rm -Rf "$b/%_initddir"
ln -s service "$b/%_sbindir/rcsssd"
install -d "%{buildroot}/%_mandir"/{cs,cs/man8,nl,nl/man8,pt,pt/man8,uk,uk/man1} \
"%{buildroot}/%_mandir"/{uk/man5,uk/man8}
install -d "%{buildroot}/%{_sysconfdir}/sssd"
install -m600 src/examples/sssd-example.conf "%{buildroot}/%{_sysconfdir}/sssd/sssd.conf"
install -d "%{buildroot}/%{_sysconfdir}/sssd/conf.d"
install -d "%{buildroot}/%{_unitdir}"
install -m644 %{S:4} "%{buildroot}/%{_unitdir}/sssd.service"
rm -Rf "%{buildroot}/%{_initddir}"
ln -s service "%{buildroot}/%{_sbindir}/rcsssd"
mkdir -p "$b/%sssdstatedir/mc"
mkdir -p "$b/%_sysconfdir/ld.so.conf.d"
cat >"$b/%_sysconfdir/ld.so.conf.d/sssd-wbclient.conf" <<-EOF
%_libdir/%name/modules
mkdir -p "%{buildroot}/%{sssdstatedir}/mc"
mkdir -p "%{buildroot}/%{_sysconfdir}/ld.so.conf.d"
cat >"%{buildroot}/%{_sysconfdir}/ld.so.conf.d/sssd-wbclient.conf" <<-EOF
%{_libdir}/%{name}/modules
EOF
find "$b" -type f -name "*.la" -delete
find "%{buildroot}" -type f -name "*.la" -delete
rm -Rf "$b/%_sysconfdir/dbus-1" "$b/%_datadir/dbus-1"
rm -Rf "%{buildroot}/%{_sysconfdir}/dbus-1" "%{buildroot}/%{_datadir}/dbus-1"
%find_lang %name --all-name
%find_lang %{name} --all-name
%check
# sss_config-tests fails
@ -447,7 +464,7 @@ make %{?_smp_mflags} check ||:
%post
# migrate config variable krb5_kdcip to krb5_server (bnc#851048)
/bin/sed -i -e 's,^krb5_kdcip =,krb5_server =,g' %_sysconfdir/sssd/sssd.conf
/bin/sed -i -e 's,^krb5_kdcip =,krb5_server =,g' %{_sysconfdir}/sssd/sssd.conf
/sbin/ldconfig
%service_add_post sssd.service
@ -456,7 +473,7 @@ make %{?_smp_mflags} check ||:
%postun
if [ "$1" = "0" ]; then
"%_sbindir/pam-config" -d --sss || :
"%{_sbindir}/pam-config" -d --sss || :
fi
/sbin/ldconfig
# Clear caches, which may have an incompatible format afterwards
@ -477,243 +494,264 @@ rm -f /var/lib/sss/db/*.ldb
%files -f sssd.lang
%defattr(-,root,root)
%doc COPYING
%_unitdir
%{_unitdir}
%_bindir/sss_ssh_*
%_sbindir/sssctl
%_sbindir/sssd
%_sbindir/rcsssd
%dir %_mandir/??/
%dir %_mandir/??/man[158]/
%_mandir/??/man1/sss_ssh_*
%_mandir/??/man5/sssd-simple.5*
%_mandir/??/man5/sssd-sudo.5*
%_mandir/??/man5/sssd.conf.5*
%_mandir/??/man8/sssd.8*
%_mandir/man1/sss_ssh_*
%_mandir/man8/sssctl.8*
%_mandir/man5/sssd-files.5*
%_mandir/man5/sssd-simple.5*
%_mandir/man5/sssd-sudo.5*
%_mandir/man5/sssd.conf.5*
%_mandir/man8/sssd.8*
%dir %_libdir/%name/
%_libdir/%name/conf/
%_libdir/%name/libsss_child*
%_libdir/%name/libsss_cert*
%_libdir/%name/libsss_crypt*
%_libdir/%name/libsss_debug*
%_libdir/%name/libsss_files*
%_libdir/%name/libsss_semanage*
%_libdir/%name/libsss_simple*
%_libdir/%name/libsss_util*
%dir %_libdir/%name/modules/
%_libdir/%name/modules/libsss_autofs.so
%_libdir/libsss_sudo.so
%dir %_libdir/ldb/
%_libdir/ldb/memberof.so
%dir %_libexecdir/%name/
%_libexecdir/%name/sssd_autofs
%_libexecdir/%name/sssd_be
%_libexecdir/%name/sssd_nss
%_libexecdir/%name/sssd_pam
%_libexecdir/%name/sssd_ssh
%_libexecdir/%name/sssd_sudo
%_libexecdir/%name/sss_signal
%dir %sssdstatedir
%attr(700,root,root) %dir %dbpath/
%attr(755,root,root) %dir %pipepath/
%attr(700,root,root) %dir %pipepath/private/
%attr(755,root,root) %dir %pubconfpath/
%attr(755,root,root) %dir %sssdstatedir/mc/
%attr(700,root,root) %dir %sssdstatedir/keytabs/
%attr(750,root,root) %dir %_localstatedir/log/%name/
%dir %_sysconfdir/sssd/
%config(noreplace) %_sysconfdir/sssd/sssd.conf
%dir %_sysconfdir/sssd/conf.d
%dir %_sysconfdir/pam.d/
%config(noreplace) %_sysconfdir/pam.d/sssd-shadowutils
%dir %_datadir/%name/
%_datadir/%name/cfg_rules.ini
%_datadir/%name/sssd.api.conf
%dir %_datadir/%name/sssd.api.d/
%_datadir/%name/sssd.api.d/sssd-local.conf
%_datadir/%name/sssd.api.d/sssd-simple.conf
%{_sbindir}/sssctl
%{_sbindir}/sssd
%{_sbindir}/rcsssd
%dir %{_mandir}/??/
%dir %{_mandir}/??/man[158]/
%{_mandir}/??/man1/sss_ssh_*
%{_mandir}/??/man5/sssd-simple.5*
%{_mandir}/??/man5/sssd-sudo.5*
#%{_mandir}/??/man5/sssd.conf.5*
%{_mandir}/??/man8/sssd.8*
%{_mandir}/??/man5/sss-certmap.5.gz
%{_mandir}/??/man5/sssd-ad.5.gz
%{_mandir}/??/man5/sssd-files.5.gz
%{_mandir}/??/man5/sssd-secrets.5.gz
%{_mandir}/??/man5/sssd.conf.5.gz
%{_mandir}/??/man8/idmap_sss.8.gz
%{_mandir}/??/man8/sssctl.8.gz
%{_mandir}/??/man8/sssd-kcm.8.gz
%{_mandir}/??/man5/sssd-simple.5*
%{_mandir}/man1/sss_ssh_*
%{_mandir}/man8/sssctl.8*
%{_mandir}/man5/sssd-files.5*
%{_mandir}/man5/sssd-simple.5*
%{_mandir}/man5/sssd-sudo.5*
%{_mandir}/man5/sssd.conf.5*
%{_mandir}/man5/sss-certmap.5.gz
%{_mandir}/man5/sssd-session-recording.5.gz
%{_mandir}/man8/sssd.8*
%dir %{_libdir}/%{name}/
%{_libdir}/%{name}/conf/
%{_libdir}/%{name}/libsss_child*
%{_libdir}/%{name}/libsss_cert*
%{_libdir}/%{name}/libsss_crypt*
%{_libdir}/%{name}/libsss_debug*
%{_libdir}/%{name}/libsss_files*
%{_libdir}/%{name}/libsss_semanage*
%{_libdir}/%{name}/libsss_simple*
%{_libdir}/%{name}/libsss_util*
%dir %{_libdir}/%{name}/modules/
%{_libdir}/%{name}/modules/libsss_autofs.so
%{_libdir}/libsss_sudo.so
%dir %{_libdir}/ldb/
%{_libdir}/ldb/memberof.so
%dir %{_libexecdir}/%{name}/
%{_libexecdir}/%{name}/sssd_autofs
%{_libexecdir}/%{name}/sssd_be
%{_libexecdir}/%{name}/sssd_nss
%{_libexecdir}/%{name}/sssd_pam
%{_libexecdir}/%{name}/sssd_ssh
%{_libexecdir}/%{name}/sssd_sudo
%{_libexecdir}/%{name}/sss_signal
%dir %{sssdstatedir}
%attr(700,root,root) %dir %{dbpath}/
%attr(755,root,root) %dir %{pipepath}/
%attr(700,root,root) %dir %{pipepath}/private/
%attr(755,root,root) %dir %{pubconfpath}/
%attr(755,root,root) %dir %{sssdstatedir}/mc/
%attr(700,root,root) %dir %{sssdstatedir}/keytabs/
%attr(750,root,root) %dir %{_localstatedir}/log/%{name}/
%dir %{_sysconfdir}/sssd/
%config(noreplace) %{_sysconfdir}/sssd/sssd.conf
%dir %{_sysconfdir}/sssd/conf.d
%dir %{_sysconfdir}/pam.d/
%config(noreplace) %{_sysconfdir}/pam.d/sssd-shadowutils
%dir %{_datadir}/%{name}/
%{_datadir}/%{name}/cfg_rules.ini
%{_datadir}/%{name}/sssd.api.conf
%dir %{_datadir}/%{name}/sssd.api.d/
%{_datadir}/%{name}/sssd.api.d/sssd-local.conf
%{_datadir}/%{name}/sssd.api.d/sssd-simple.conf
#
# sssd-client
#
/%_lib/libnss_sss.so.2
/%_lib/security/pam_sss.so
%_libdir/cifs-utils/
%_libdir/krb5/
%_libdir/%name/modules/sssd_krb5_localauth_plugin.so
%_mandir/??/man8/pam_sss.8*
%_mandir/??/man8/sssd_krb5_locator_plugin.8*
%_mandir/man8/pam_sss.8*
%_mandir/man8/sssd_krb5_locator_plugin.8*
/%{_lib}/libnss_sss.so.2
/%{_lib}/security/pam_sss.so
%{_libdir}/cifs-utils/
%{_libdir}/krb5/
%{_libdir}/%{name}/modules/sssd_krb5_localauth_plugin.so
%{_mandir}/??/man8/pam_sss.8*
%{_mandir}/??/man8/sssd_krb5_locator_plugin.8*
%{_mandir}/man8/pam_sss.8*
%{_mandir}/man8/sssd_krb5_locator_plugin.8*
%files ad
%defattr(-,root,root)
%dir %_libdir/%name/
%_libdir/%name/libsss_ad.so
%dir %_libexecdir/%name/
%_libexecdir/%name/sssd_pac
%_libexecdir/%name/gpo_child
%dir %_datadir/%name/
%dir %_datadir/%name/sssd.api.d/
%_datadir/%name/sssd.api.d/sssd-ad.conf
%_mandir/man5/sssd-ad.5*
%dir %_mandir/??/
%dir %_mandir/??/man5/
%dir %{_libdir}/%{name}/
%{_libdir}/%{name}/libsss_ad.so
%dir %{_libexecdir}/%{name}/
%{_libexecdir}/%{name}/sssd_pac
%{_libexecdir}/%{name}/gpo_child
%dir %{_datadir}/%{name}/
%dir %{_datadir}/%{name}/sssd.api.d/
%{_datadir}/%{name}/sssd.api.d/sssd-ad.conf
%{_mandir}/man5/sssd-ad.5*
%dir %{_mandir}/??/
%dir %{_mandir}/??/man5/
%files dbus
%defattr(-,root,root)
%dir %_libexecdir/sssd/
%_libexecdir/sssd/sssd_ifp
%dir %_libdir/sssd/
%_mandir/man5/sssd-ifp.5*
%dir %_mandir/??/
%dir %_mandir/??/man5/
%_mandir/??/man5/sssd-ifp.5*
%dir %{_libexecdir}/sssd/
%{_libexecdir}/sssd/sssd_ifp
%dir %{_libdir}/sssd/
%{_mandir}/man5/sssd-ifp.5*
%dir %{_mandir}/??/
%dir %{_mandir}/??/man5/
%{_mandir}/??/man5/sssd-ifp.5*
%files ipa
%defattr(-,root,root)
%dir %_libdir/%name/
%_libdir/%name/libsss_ipa*
%dir %_datadir/%name/
%dir %_datadir/%name/sssd.api.d
%_datadir/%name/sssd.api.d/sssd-ipa.conf
%_mandir/man5/sssd-ipa.5*
%dir %_mandir/??/
%dir %_mandir/??/man5/
%_mandir/??/man5/sssd-ipa.5*
%dir %{_libdir}/%{name}/
%{_libdir}/%{name}/libsss_ipa*
%dir %{_datadir}/%{name}/
%dir %{_datadir}/%{name}/sssd.api.d
%{_datadir}/%{name}/sssd.api.d/sssd-ipa.conf
%{_mandir}/man5/sssd-ipa.5*
%dir %{_mandir}/??/
%dir %{_mandir}/??/man5/
%{_mandir}/??/man5/sssd-ipa.5*
%files krb5
%defattr(-,root,root)
%dir %_libdir/%name/
%_libdir/%name/libsss_krb5.so
%dir %_datadir/%name/
%dir %_datadir/%name/sssd.api.d/
%_datadir/%name/sssd.api.d/sssd-krb5.conf
%dir %_mandir/??/
%dir %_mandir/??/man5/
%_mandir/man5/sssd-krb5.5*
%_mandir/??/man5/sssd-krb5.5*
%dir %{_libdir}/%{name}/
%{_libdir}/%{name}/libsss_krb5.so
%dir %{_datadir}/%{name}/
%dir %{_datadir}/%{name}/sssd.api.d/
%{_datadir}/%{name}/sssd.api.d/sssd-krb5.conf
%dir %{_mandir}/??/
%dir %{_mandir}/??/man5/
%{_mandir}/man5/sssd-krb5.5*
%{_mandir}/??/man5/sssd-krb5.5*
%files krb5-common
%defattr(-,root,root)
%dir %_libdir/%name/
%_libdir/%name/libsss_krb5_common.so
%dir %_libexecdir/%name/
%_libexecdir/%name/krb5_child
%_libexecdir/%name/ldap_child
%dir %{_libdir}/%{name}/
%{_libdir}/%{name}/libsss_krb5_common.so
%dir %{_libexecdir}/%{name}/
%{_libexecdir}/%{name}/krb5_child
%{_libexecdir}/%{name}/ldap_child
%files ldap
%defattr(-,root,root)
%dir %_libdir/%name/
%_libdir/%name/libsss_ldap*
%dir %_datadir/%name/
%dir %_datadir/%name/sssd.api.d/
%_datadir/%name/sssd.api.d/sssd-ldap.conf
%_mandir/man5/sssd-ldap.5*
%dir %_mandir/??/
%dir %_mandir/??/man5/
%_mandir/??/man5/sssd-ldap.5*
%dir %{_libdir}/%{name}/
%{_libdir}/%{name}/libsss_ldap*
%dir %{_datadir}/%{name}/
%dir %{_datadir}/%{name}/sssd.api.d/
%{_datadir}/%{name}/sssd.api.d/sssd-ldap.conf
%{_mandir}/man5/sssd-ldap.5*
%dir %{_mandir}/??/
%dir %{_mandir}/??/man5/
%{_mandir}/??/man5/sssd-ldap.5*
%files proxy
%defattr(-,root,root)
%dir %_libdir/%name/
%_libdir/%name/libsss_proxy.so
%dir %_libexecdir/%name/
%_libexecdir/%name/proxy_child
%dir %_datadir/%name/
%dir %_datadir/%name/sssd.api.d/
%_datadir/%name/sssd.api.d/sssd-proxy.conf
%dir %{_libdir}/%{name}/
%{_libdir}/%{name}/libsss_proxy.so
%dir %{_libexecdir}/%{name}/
%{_libexecdir}/%{name}/proxy_child
%dir %{_datadir}/%{name}/
%dir %{_datadir}/%{name}/sssd.api.d/
%{_datadir}/%{name}/sssd.api.d/sssd-proxy.conf
%files tools
%defattr(-,root,root)
%_sbindir/sss_cache
%_sbindir/sss_debuglevel
%_sbindir/sss_groupadd
%_sbindir/sss_groupdel
%_sbindir/sss_groupmod
%_sbindir/sss_groupshow
%_sbindir/sss_seed
%_sbindir/sss_obfuscate
%_sbindir/sss_override
%_sbindir/sss_useradd
%_sbindir/sss_userdel
%_sbindir/sss_usermod
%_sbindir/sss_override
%dir %_mandir/??/man8/
%_mandir/??/man8/sss_*.8*
%_mandir/man8/sss_*.8*
%{_sbindir}/sss_cache
%{_sbindir}/sss_debuglevel
%{_sbindir}/sss_groupadd
%{_sbindir}/sss_groupdel
%{_sbindir}/sss_groupmod
%{_sbindir}/sss_groupshow
%{_sbindir}/sss_seed
%{_sbindir}/sss_obfuscate
%{_sbindir}/sss_override
%{_sbindir}/sss_useradd
%{_sbindir}/sss_userdel
%{_sbindir}/sss_usermod
%dir %{_mandir}/??/man8/
%{_mandir}/??/man8/sss_*.8*
%{_mandir}/man8/sss_*.8*
%files wbclient
%defattr(-,root,root)
%config %_sysconfdir/ld.so.conf.d/sssd-wbclient.conf
%dir %_libdir/sssd/
%dir %_libdir/sssd/modules/
%_libdir/sssd/modules/libwbclient.so.*
%config %{_sysconfdir}/ld.so.conf.d/sssd-wbclient.conf
%dir %{_libdir}/sssd/
%dir %{_libdir}/sssd/modules/
%{_libdir}/sssd/modules/libwbclient.so.*
%files wbclient-devel
%defattr(-,root,root)
%_includedir/wbclient_sssd.h
%dir %_libdir/sssd/
%dir %_libdir/sssd/modules/
%_libdir/sssd/modules/libwbclient.so
%_libdir/pkgconfig/wbclient_sssd.pc
%{_includedir}/wbclient_sssd.h
%dir %{_libdir}/sssd/
%dir %{_libdir}/sssd/modules/
%{_libdir}/sssd/modules/libwbclient.so
%{_libdir}/pkgconfig/wbclient_sssd.pc
%files winbind-idmap
%defattr(-,root,root)
%_libdir/samba/
%_mandir/man8/idmap_sss.8*
%{_libdir}/samba/
%{_mandir}/man8/idmap_sss.8*
%files -n libipa_hbac0
%defattr(-,root,root)
%_libdir/libipa_hbac.so.0*
%{_libdir}/libipa_hbac.so.0*
%files -n libipa_hbac-devel
%defattr(-,root,root)
%_includedir/ipa_hbac.h
%_libdir/libipa_hbac.so
%_libdir/pkgconfig/ipa_hbac.pc
%{_includedir}/ipa_hbac.h
%{_libdir}/libipa_hbac.so
%{_libdir}/pkgconfig/ipa_hbac.pc
%files -n libsss_certmap0
%defattr(-,root,root)
%{_libdir}/libsss_certmap.so
%{_libdir}/libsss_certmap.so.0*
%files -n libsss_certmap-devel
%defattr(-,root,root)
%{_includedir}/sss_certmap.h
%{_libdir}/libsss_certmap.so
%{_libdir}/pkgconfig/sss_certmap.pc
%files -n libnfsidmap-sss
%defattr(-,root,root)
%_libdir/libnfsidmap/
%_mandir/man5/sss_rpcidmapd.5*
%dir %_mandir/??/man5/
%_mandir/??/man5/sss_rpcidmapd.5*
%{_libdir}/libnfsidmap/
%{_mandir}/man5/sss_rpcidmapd.5*
%dir %{_mandir}/??/man5/
%{_mandir}/??/man5/sss_rpcidmapd.5*
%files -n libsss_idmap0
%defattr(-,root,root)
%_libdir/libsss_idmap.so.0*
%{_libdir}/libsss_idmap.so.0*
%files -n libsss_idmap-devel
%defattr(-,root,root)
%_includedir/sss_idmap.h
%_libdir/libsss_idmap.so
%_libdir/pkgconfig/sss_idmap.pc
%{_includedir}/sss_idmap.h
%{_libdir}/libsss_idmap.so
%{_libdir}/pkgconfig/sss_idmap.pc
%files -n libsss_nss_idmap0
%defattr(-,root,root)
%_libdir/libsss_nss_idmap.so.0*
%{_libdir}/libsss_nss_idmap.so.0*
%files -n libsss_nss_idmap-devel
%defattr(-,root,root)
%_includedir/sss_nss_idmap.h
%_libdir/libsss_nss_idmap.so
%_libdir/pkgconfig/sss_nss_idmap.pc
%{_includedir}/sss_nss_idmap.h
%{_libdir}/libsss_nss_idmap.so
%{_libdir}/pkgconfig/sss_nss_idmap.pc
%files -n libsss_simpleifp0
%defattr(-,root,root)
%_libdir/libsss_simpleifp.so.0*
%{_libdir}/libsss_simpleifp.so.0*
%files -n libsss_simpleifp-devel
%defattr(-,root,root)
%_includedir/sss_sifp*.h
%_libdir/libsss_simpleifp.so
%_libdir/pkgconfig/sss_simpleifp.pc
%{_includedir}/sss_sifp*.h
%{_libdir}/libsss_simpleifp.so
%{_libdir}/pkgconfig/sss_simpleifp.pc
%files -n python-ipa_hbac
%defattr(-,root,root)