pool/kanidm
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: pool:factory
Branches Tags
pool:factory
pool:devel
rpm:factory
rpm:devel
..
compare: rpm:factory
Branches Tags
rpm:factory
rpm:devel
pool:factory
pool:devel

No commits in common. "factory" and "factory" have entirely different histories.
factory ... factory

7 changed files with 18 additions and 428 deletions
Show Stats Expand all files Collapse all files

2
_service
View File

@ -3,7 +3,7 @@
<param name="url">https://github.com/kanidm/kanidm.git</param>
<param name="versionformat">@PARENT_TAG@~git@TAG_OFFSET@.%h</param>
<param name="scm">git</param>
<param name="revision">1.5.0</param>
<param name="revision">1.3.0</param>
<param name="match-tag">v*</param>
<param name="versionrewrite-pattern">v(\d+\.\d+\.\d+)</param>
<param name="versionrewrite-replacement">\1</param>

2
_servicedata
View File

@ -1,4 +1,4 @@
<servicedata>
<service name="tar_scm">
<param name="url">https://github.com/kanidm/kanidm.git</param>
<param name="changesrevision">0fa57fcf49a5e3cff55d10f84cbf77c89ce971ce</param></service></servicedata>
<param name="changesrevision">f075d13e165f0587054e2c91bc9175b7b1f2a806</param></service></servicedata>

3
kanidm-1.3.3~git0.f075d13.tar.zst Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:ea1ecccc0cb1ac71c30ee3b5442b271222e4c2b607f609a07b4cfeab371a44af
size 11628892

3
kanidm-1.5.0~git1.0fa57fc.tar.zst
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:0f88596a5b14dd93fa51ac05f0d56519c6f2473dfe2977c1fca535a760112391
size 6864273

398
kanidm.changes
View File

@ -1,401 +1,3 @@
-------------------------------------------------------------------
Fri Feb 21 23:57:44 UTC 2025 - William Brown <william.brown@suse.com>
- Enable aarch64 for Fedora/Centos
-------------------------------------------------------------------
Sat Feb 15 03:46:27 UTC 2025 - William Brown <william.brown@suse.com>
- Fix building on CentOS_9
-------------------------------------------------------------------
Tue Feb 11 06:37:21 UTC 2025 - william.brown@suse.com
- Update to version 1.5.0~git1.0fa57fc:
* Update makefile for docker
* Release 1.5.0
* 20250209 pre release (#3409)
* 20250206 freebsd ports (#3404)
* Resolve kanidm-unix auth-test bug (#3405)
* chore: Remove empty scopemaps (#3170)
* Feat: Allowing spn query with non-spn structured data in LDAP (#3400)
* SSH Keys in Credentials Update (#3027)
* 20250205 3369 firefox pin (#3403)
* Correctly return that uuid2spn changed on domain rename (#3402)
* Fix the password reset form and possible resolver issue (#3398)
* Add handle_group_error to cli client (#3399)
* Improve spans in unixd (#3397)
* Allow OAuth2 with empty state parameter (#3396)
* #3387 - RADIUS Startup fixin's (#3388)
* Allow POST on oauth userinfo (#3395)
* OpenBSD support (#3381)
* Bump openssl from 0.10.69 to 0.10.70 in the cargo group (#3391)
* Add /.well-known/change-password endpoint (#3382)
* Bump the all group across 1 directory with 7 updates (#3385)
* extend oauth2 examples with gitea (#3351)
* Bump the all group with 22 updates (#3376)
* Book: Added small section on primary cred fallback (#3365)
* Added shell.nix to create dev environment (#3362)
* fix(ci): Add setup-oras step to include ORAS CLI for container builds on ubuntu-24.04. (#3368)
* 20250114 3325 SCIM access control (#3359)
* Small UI updates. (#3361)
* Bump the all group in /pykanidm with 2 updates (#3366)
* Repair systemd reload notifications (#3355)
* fix: unrecoverable error page doesn't include logo or domain name (#3352)
* Bump jinja2 from 3.1.4 to 3.1.5 in /pykanidm in the pip group (#3358)
* Bump the all group in /pykanidm with 4 updates (#3356)
* 20250110 eo fixes (#3353)
* fix(server/config): reduce string allocations (#3350)
* Add ssh_publickeys as a claim for oauth2 (#3346)
* Allow modification of password minimum length (#3345)
* Add OAuth2 `response_mode=fragment` (#3335)
* Resolve passkey regression (#3343)
* Renaming "TOTP" in the login flow (#3338)
* Bump the all group in /pykanidm with 3 updates (#3339)
* Bump actions/checkout from 2 to 4 in the all group (#3341)
* Add support for prefers-color-scheme using Bootstrap classes. (#3327)
* Fix /var/run/kanidm-unixd permission (#3342)
* Javascript linting (#3329)
* Ignore anonymous in oauth2 read allow access (#3336)
* cookies don't clear unless you set domain (#3332)
* 20250102 freebsd client (#3333)
* fix: PAM on Debian, enable use_first_pass by default (#3326)
* Bump the all group with 6 updates (#3324)
* Bump the all group in /pykanidm with 2 updates (#3323)
* Bump the all group with 3 updates (#3317)
* Bump the all group in /pykanidm with 7 updates (#3316)
* nss/pam resolver should reauth faster (#3309)
* Update to latest webauthn-rs/time (#3315)
* kanidm-unixd example config enfixening (#3314)
* Further SCIM sync testing, minor fixes (#3305)
* book: explain how to use fido-mds-tool (#3231)
* client: read attestation CA list JSON from file (#3232)
* Automatically trigger passkeys on login view (#3307)
* Re-add enrol another device flow
* Improved Cookie Removal
* Allow opt-in of easter eggs (#3308)
* Allow reseting account policy values to defaults (#3306)
* Incorrect member name in groups (#3302)
* SCIM Sync Missing Annotation (#3300)
* Ignore system users for UPG synthesiseation (#3297)
* Limit OAuth2 resumption to session (#3296)
* Use specific errors for intent token revoked (#3291)
* Autocomplete password during reauth with TOTP (#3290)
* Bump the all group with 6 updates (#3294)
* Bump mozilla-actions/sccache-action from 0.0.6 to 0.0.7 in the all group (#3295)
* Bump the all group in /pykanidm with 2 updates (#3293)
* remove unused webauthn features. (#3286)
* Add CORS headers to jwks and userinfo (#3283)
* Cleanup webauthn features (#3285)
* Minor tweaks to cred reset ui (#3284)
* Bump the all group across 1 directory with 6 updates (#3280)
* Allow group managers to modify entry-managed-by (#3272)
* pykanidm: Make a little dry. (#3281)
* Bump the all group with 5 updates (#3278)
* pykanidm: Add retrieving credential reset token for a person. (#3279)
* Cleanup of println and other outputs (#3266)
* Canonicalize path for user shell check (#3265)
* Check DNS on replication loop start not at task start (#3243)
* Work around systemd race condition (#3262)
* fix(docstrings): minor lack of formatting breaking things (#3260)
* Devcontainertainertainer (#3251)
* grafana: update example to work with strict redirect uri checking (#3259)
* Bump the all group in /pykanidm with 5 updates (#3257)
* Bump the all group with 6 updates (#3258)
* 20240927 SCIM put (#3151)
* Clear invalid tokens from unix resolver (#3256)
* Clippy Lints (#3255)
* Allow OAuth2 loopback redirects if the path matches (#3252)
* Correctly display domain name on login (#3254)
* Display account_id during success/deny paths in unixd (#3253)
* s/idm_people_self_write_mail/idm_people_self_mail_write/g (#3250)
* handle missing map_group setting in config (#3242)
* owncloud: Add SameSite=Lax config for cross-domain auth (#3245)
* Bump the all group across 1 directory with 7 updates (#3238)
* Yaleman/issue3229 (#3239)
* Bump the all group across 1 directory with 12 updates (#3235)
* Update to latest fido-mds-tool (#3230)
* Warn when v2 options are used in v1 unixd config (#3228)
* Bump aiohttp from 3.10.10 to 3.10.11 in /pykanidm in the pip group (#3223)
* Resolve UI Auth Loop with OAuth2 (#3226)
* Harden transport in pam unixd (#3227)
* Improve warning around invalid JWT deserialisation (#3224)
* Update and fix server config files in examples. (#3225)
* Change CLI oauth2 command from set-display-name to set-displayname for consistency. (#3212)
* Add docs on customising Kanidm. (#3209)
* Correct spelling of occurred (#3222)
* Bump the all group across 1 directory with 13 updates (#3202)
* UI/Feature polish (#3191)
* Prevent Invalid MFA Reg States (#3194)
* Change CSS for applications so SVG scales nicely in Firefox. (#3200)
* 20241109 3185 max age (#3196)
* Hoist max_age to prevent incorrect deserialisation (#3190)
* Use correct oauth2 manage acp (#3186)
* Re-migrate all acps to force updating (#3184)
* Bump the all group across 1 directory with 2 updates (#3180)
* security - low - fault in migrations (#3182)
* fix(kanidmd): Print replication cert to stdout (#3179)
* Correct missing CSP header (#3177)
* Resolve pam services not always having a tty (#3176)
* Resolve incorrect handling of rhost in pam (#3171)
* chore: Made oauth2 scopes required in CLI (#3165)
* More "choosing a domain" revision (#3161)
* Bump jsonschema from 0.21.0 to 0.26.0 in the all group (#3157)
* Update missing inputmode numeric when adding a new TOTP. (#3160)
* Improve OAuth2 authorisation ux (#3158)
* Fix attribute scim sync attribute naming (#3159)
* Change to text input and use numeric mode for TOTP prompts. (#3154)
* Bump the all group in /pykanidm with 3 updates (#3156)
* Fix release note date and typos (#3153)
* Begin 1.5.0 Development Cycle (#3150)
-------------------------------------------------------------------
Tue Feb 11 06:35:23 UTC 2025 - william.brown@suse.com
- Update to version 1.4.6~git1.3f47d7f:
* fix: PAM on Debian, enable use_first_pass by default (#3326)
-------------------------------------------------------------------
Thu Jan 23 23:42:52 UTC 2025 - william.brown@suse.com
- Update to version 1.4.6~git0.3ce4e0f:
* Release 1.4.6
* Small UI updates. (#3361)
* Allow modification of password minimum length (#3345)
* Ignore anonymous in oauth2 read allow access (#3336)
* Resolve passkey regression (#3343)
* Renaming "TOTP" in the login flow (#3338)
* cookies don't clear unless you set domain (#3332)
-------------------------------------------------------------------
Sat Dec 21 07:57:16 UTC 2024 - william.brown@suse.com
- Update to version 1.4.5~git0.a7fabde:
* Release 1.4.5
* nss/pam resolver should reauth faster (#3309)
* Further SCIM sync testing, minor fixes (#3305)
* Automatically trigger passkeys on login view (#3307)
* Re-add enrol another device flow
* Improved Cookie Removal
* Allow reseting account policy values to defaults (#3306)
* Incorrect member name in groups (#3302)
* SCIM Sync Missing Annotation (#3300)
* Ignore system users for UPG synthesiseation (#3297)
* Limit OAuth2 resumption to session (#3296)
* Use specific errors for intent token revoked (#3291)
* Autocomplete password during reauth with TOTP (#3290)
* Add CORS headers to jwks and userinfo (#3283)
-------------------------------------------------------------------
Wed Dec 11 03:12:47 UTC 2024 - William Brown <william.brown@suse.com>
- Require system-user-nobody to prevent install ordering issue with
invalid rpc/statd users
-------------------------------------------------------------------
Tue Dec 03 05:55:52 UTC 2024 - william.brown@suse.com
- Update to version 1.4.4~git0.c3dbf83:
* Release 1.4.4
* Check DNS on replication loop start not at task start (#3243)
* Work around systemd race condition (#3262)
* Clear invalid tokens from unix resolver (#3256)
* Allow OAuth2 loopback redirects if the path matches (#3252)
* Correctly display domain name on login (#3254)
* Display account_id during success/deny paths in unixd (#3253)
* s/idm_people_self_write_mail/idm_people_self_mail_write/g (#3250)
* handle missing map_group setting in config (#3242)
* owncloud: Add SameSite=Lax config for cross-domain auth (#3245)
* Yaleman/issue3229 (#3239)
-------------------------------------------------------------------
Fri Nov 22 07:08:34 UTC 2024 - william.brown@suse.com
- Update to version 1.4.3~git1.078625c:
* Update to latest fido-mds-tool (#3230)
-------------------------------------------------------------------
Fri Nov 22 06:52:53 UTC 2024 - william.brown@suse.com
- Update to version 1.4.3~git0.fb00176:
* Release 1.4.3
* Warn when v2 options are used in v1 unixd config (#3228)
* Resolve UI Auth Loop with OAuth2 (#3226)
* Harden transport in pam unixd (#3227)
* Improve warning around invalid JWT deserialisation (#3224)
* Update and fix server config files in examples. (#3225)
* Change CLI oauth2 command from set-display-name to set-displayname for consistency. (#3212)
* Add docs on customising Kanidm. (#3209)
* Correct spelling of occurred (#3222)
* UI/Feature polish (#3191)
* Prevent Invalid MFA Reg States (#3194)
* Change CSS for applications so SVG scales nicely in Firefox. (#3200)
* 20241109 3185 max age (#3196)
* Hoist max_age to prevent incorrect deserialisation (#3190)
* Release 1.4.2
* Re-migrate all acps to force updating (#3184)
* security - low - fault in migrations (#3182)
-------------------------------------------------------------------
Tue Nov 05 05:13:11 UTC 2024 - william.brown@suse.com
- Update to version 1.4.1~git0.ad93202:
* Release 1.4.1
* Correct missing CSP header (#3177)
* Resolve pam services not always having a tty (#3176)
-------------------------------------------------------------------
Sun Nov 03 00:17:17 UTC 2024 - william.brown@suse.com
- Update to version 1.4.0~git2.770efa8:
* Resolve incorrect handling of rhost in pam (#3171)
-------------------------------------------------------------------
Fri Nov 01 02:24:42 UTC 2024 - william.brown@suse.com
- Update to version 1.4.0~git1.c297c3f:
* Docker makefile latest
* Release 1.4.0
* chore: Made oauth2 scopes required in CLI (#3165)
* More "choosing a domain" revision (#3161)
* Update missing inputmode numeric when adding a new TOTP. (#3160)
* Improve OAuth2 authorisation ux (#3158)
* Fix attribute scim sync attribute naming (#3159)
* Change to text input and use numeric mode for TOTP prompts. (#3154)
* Fix release note date and typos (#3153)
* Release 1.4.0-pre
* Release Notes (#3149)
* Remove WASM (#3148)
* Rewrite "choosing a domain", add other considerations (#3147)
* Harmonize UI and remove unused css (#3033)
* ripping out some extra packages (#3146)
* OAuth2 Device flow foundations (#3098)
* htmx by default (#3145)
* Support reloading via systemd (#3144)
* Chore: Refactor Groups to be more generic (#3136)
* 20241024 1271 cert reload on SIGHUP (#3140)
* Update docs, improve locking (#3141)
* 2856 - use tags for containers on build (#3139)
* Fix image when too smol (#3138)
* yale's rabbit-hole-chasing-htmx-fixing-megapatch (#3135)
* ipinfo should be single value (#3137)
* Tidy the reauth ui (#3130)
* Add missing schemas to get OpenAPI validation to pass. (#3129)
* Change some OperationError into HTTP Bad Request (400). (#3125)
* Bump the all group with 11 updates (#3127)
* Bump the all group in /pykanidm with 5 updates (#3128)
* Fill in some Swagger API docs for a few v1 endpoints. (#3126)
* Diagram Improvements in Book (#3124)
* Fix passkey auth flow redirects (#3123)
* Improve handling of inaccesible shadow file (#3122)
* Log HTTP Not Found (404) as info log level. (#3119)
* more errors for the people (#3121)
* 20241017 unixd home (#3113)
* 20241017 3107 token ttl (#3114)
* docs: Update kanidm_ppa instructions for new repo logic (#3117)
* fix(lint) minor lint fix for unnecessary match use (#3118)
* Totp input changes (#3115)
* Add the strict flag on client creates for developers (#3111)
* Working scim entry get for person (#3088)
* Add nss testframework and fallback when daemon offline (#3093)
* Improve deb packaging, add aarch64 (#3083)
* Cache buster buster (#3091)
* fix(http): status content type should be JSON (#3096)
* Bump the all group across 1 directory with 7 updates (#3106)
* Bump the all group across 1 directory with 10 updates (#3103)
* 20241012 attr name SCIM fix (#3102)
* Scim add EntryReference (#3079)
* Bump the all group across 1 directory with 3 updates (#3094)
* Fix Increment Replication Post Upgrade (#3089)
* Remove white background from square logo (#3087)
* Add support for group extension (#3081)
* 20240921 ssh keys and unix password in credential update session (#3056)
* Fix landing and redirect URLs for GitLab, add some useful links (#3055)
* [htmx] Make it harder to miss the save button on the cred update page (#3013)
* Add example Outline config (#3076)
* 20240925 cleanups (#3060)
* Add instructions for unlinking Homebrew Rust on macOS (#3085)
* Don't reprompt for login when no session exists in cli (#3082)
* Make good on some TechDebt (#3084)
* Feat: Adding POSIX Password fallback (#3067)
* Bump the all group across 1 directory with 13 updates (#3080)
* Complete the implementation of the posix account cache (#3041)
* 20240926 tech debt (#3066)
* Fix migration of last mod cid (#3065)
* Increase totp secret size (#3061)
* Bump mozilla-actions/sccache-action from 0.0.5 to 0.0.6 in the all group (#3075)
* Improve pipe handling on linux (#3069)
* reformat oauth2 URL list, highlight legacy bits (#3062)
* scim_proto: fix incorrect language tag (#3064)
* Add ownCloud example config (#3059)
* Add example config for JetBrains Hub / YouTrack (#3058)
* Bump the all group with 8 updates (#3053)
* Bump the all group in /pykanidm with 3 updates (#3054)
* Document basic authenticating GitLab to Kanidm (#3050)
* fix(doc): updating docker container ref (#3049)
* Resolve incorrect SCIM Sync serialisation (#3047)
* CLI image error nicening (#3037)
* Add rfc7009 and rfc7662 metadata to oidc discovery (#3046)
* More openapi tweaks (#3038)
* Bump the all group with 6 updates (#3044)
* Bump the all group in /pykanidm with 3 updates (#3043)
* fix(docs): make it clearer that bearer auth is a thing (#3031)
* implements additional traits for filter types (#3036)
* 20240810 SCIM entry basic (#3032)
* CreatedAt/ModifiedAt fix (#3034)
* Pykanidm fixes (#3030)
* 20240906 Attribute as an Enum Type (#3025)
* Bump the all group with 9 updates (#3029)
* Bump the all group in /pykanidm with 4 updates (#3028)
* Credentials page/Self cred update flow UI improvements (#3012)
* 20240828 Support Larger Images, Allow Custom Domain Icons (#3016)
* MemberOf in search implies DirectMemberOf (#3024)
* fix(kanidm): don't allow empty string fields on CLI (#3018)
* Bump cryptography from 42.0.4 to 43.0.1 in /pykanidm in the pip group (#3023)
* generate completions for elvish and fish (#3015)
* Bump the all group with 4 updates (#3021)
* Bump the all group in /pykanidm with 3 updates (#3022)
* 20240820 SCIM value (#2992)
* fix(daemon): handling IPv6 addresses in healthcheck (#3004)
* fix(webui): Javascript errors after server-side update blocking login. Fixed after cache invalidating (#3011)
* OAuth2 Token Type (#3008)
* Bump the all group in /pykanidm with 4 updates (#3007)
* Bump the all group with 8 updates (#3006)
* Spattering of oauth2 stuff (#3000)
* Doc multi instance (#2997)
* Expose group rename (#2999)
* feat: self cred update flow (#2995)
* Better Error Message (#2998)
* Add missing group for application admin (#2991)
* enforcen den clippen (#2990)
* 20240817 group mail acp (#2982)
* 20240810 application passwords (#2968)
* Bump the all group with 17 updates (#2986)
* Bump the all group in /pykanidm with 3 updates (#2985)
* Mail substr index (#2981)
* Doc format, add api-token section (#2975)
* [HTMX] small profile improvements (#2974)
* Foundations of pam/nss multi resolver
* TLS, no seriously. (#2963)
* Update suse.md to avoid Authentication token manipulation error (#2973)
* Add Alpine Linux installation instructions (#2871)
* Bump the all group across 1 directory with 10 updates (#2966)
* [HTMX] User settings (#2929)
* Bump the all group in /pykanidm with 2 updates (#2965)
* Docs updates (#2961)
* Bump aiohttp from 3.10.0 to 3.10.2 in /pykanidm in the pip group (#2962)
* Prevent bug in pam (#2960)
* Improve migration error message (#2959)
* Fix incorrect logic in cred update flow (#2956)
* Docker-and-docs-fixes (#2954)
* Bump the all group in /pykanidm with 5 updates (#2952)
* Bump the all group with 10 updates (#2953)
* Added orca flag to extend privileged authentication expiry (#2949)
* In honour of SebaT, error on db lock acq timeout (#2947)
* Add measurement of lock acquisition (#2946)
* [htmx] Credential Update page (#2897)
* Update to 1.4.0-dev (#2943)
-------------------------------------------------------------------
Thu Sep 12 00:23:51 UTC 2024 - William Brown <william.brown@suse.com>

34
kanidm.spec
View File

@ -1,7 +1,7 @@
#
# spec file for package kanidm
#
# Copyright (c) 2025 SUSE LLC
# Copyright (c) 2024 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@ -20,7 +20,7 @@
%define configdir %{_sysconfdir}/kanidm
Name: kanidm
Version: 1.5.0~git1.0fa57fc
Version: 1.3.3~git0.f075d13
Release: 0
Summary: A identity management service and clients.
License: ( Apache-2.0 OR BSL-1.0 ) AND ( Apache-2.0 OR ISC OR MIT ) AND ( Apache-2.0 OR MIT ) AND ( Apache-2.0 WITH LLVM-exception OR Apache-2.0 OR MIT ) AND ( CC0-1.0 OR Apache-2.0 ) AND ( MIT OR Apache-2.0 OR Zlib ) AND ( Unlicense OR MIT ) AND ( Zlib OR Apache-2.0 OR MIT ) AND Apache-2.0 AND BSD-2-Clause AND BSD-3-Clause AND CC0-1.0 AND ISC AND MIT AND MPL-2.0 AND MPL-2.0+
@ -29,12 +29,12 @@ Source: kanidm-%{version}.tar.zst
Source1: vendor.tar.zst
BuildRequires: cargo
%if 0%{?is_opensuse}
BuildRequires: cargo-packaging
%if 0%{?is_opensuse}
BuildRequires: llvm-clang >= 13
%else
BuildRequires: clang >= 13
BuildRequires: lld >= 13
# Sle is missing these provides.
BuildRequires: clang15
%endif
BuildRequires: libselinux-devel
BuildRequires: libudev-devel
@ -59,11 +59,7 @@ BuildRequires: libopenssl-3-devel
Requires: %{name}-clients
Requires: %{name}-unixd-clients
%if 0%{?is_opensuse}
ExclusiveArch: %{rust_tier1_arches}
%else
ExclusiveArch: x86_64 aarch64
%endif
%description
An identity management platform written in rust that supports RADIUS, SSH Key management
@ -94,9 +90,6 @@ Requires: tpm2-tss
%else
Requires: system-user-tss
Requires: tpm2.0-tools
# progress.o.o #170107 - prevent an error for installing system-user-nobody due to invalid /etc/passwd
# configuration of the statd and rpc users.
Requires: system-user-nobody
%endif
%description unixd-clients
@ -124,15 +117,10 @@ export KANIDM_BUILD_PROFILE=%{kanidm_profile}
# export RUSTC_LOG='rustc_codegen_ssa::back::link=info'
# Dump the target features of this cpu.
rustc --print target-cpus
%if 0%{?is_opensuse}
# Override buildflags, we want to use clang + lld here. It's much better/faster than bfd.
%define build_rustflags -C linker=clang -C link-arg=-fuse-ld=/usr/lib/rustlib/%{_arch}-unknown-linux-gnu/bin/gcc-ld/ld.lld
%define build_rustflags -C linker=clang -C link-arg=-fuse-ld=/usr/lib/rustlib/%{_arch}-unknown-linux-gnu/bin/gcc-ld/ld.lld -C debuginfo=2 -C incremental=false
%{cargo_build} --features=kanidm_unix_int/tpm,kanidm_unix_int/selinux
%else
CARGO_INCREMENTAL=0 CARGO_FEATURE_VENDORED=1 RUSTFLAGS="-Clink-arg=-Wl,-z,relro,-z,now -C debuginfo=2 -C strip=none -C linker=clang -C link-arg=-fuse-ld=lld" cargo build --release --features=kanidm_unix_int/selinux
%endif
%install
install -D -d -m 0755 %{buildroot}%{_sysconfdir}
@ -187,7 +175,7 @@ install -m 0755 %{_builddir}/kanidm-%{version}/target/release/build/completions/
install -m 0755 %{_builddir}/kanidm-%{version}/target/release/build/completions/kanidm_ssh_authorizedkeys.bash %{buildroot}%{_sysconfdir}/bash_completion.d/kanidm_ssh_authorizedkeys.sh
cp -r %{_builddir}/kanidm-%{version}/book/src/ %{buildroot}%{_datadir}/kanidm/docs/
cp -r %{_builddir}/kanidm-%{version}/server/core/static %{buildroot}%{_datadir}/kanidm/ui/hpkg
cp -r %{_builddir}/kanidm-%{version}/server/web_ui/pkg %{buildroot}%{_datadir}/kanidm/ui/pkg
## End install
@ -276,10 +264,10 @@ cp -r %{_builddir}/kanidm-%{version}/server/core/static %{buildroot}%{_datadir}/
%{_unitdir}/kanidm-ipa-sync.service
%dir %{_datadir}/kanidm
%dir %{_datadir}/kanidm/ui
%dir %{_datadir}/kanidm/ui/hpkg
%dir %{_datadir}/kanidm/ui/hpkg/external
%{_datadir}/kanidm/ui/hpkg/*
%{_datadir}/kanidm/ui/hpkg/external/*
%dir %{_datadir}/kanidm/ui/pkg
%dir %{_datadir}/kanidm/ui/pkg/external
%{_datadir}/kanidm/ui/pkg/*
%{_datadir}/kanidm/ui/pkg/external/*
%dir %{configdir}
%config(noreplace) %{configdir}/server.toml
%dir %{_sysconfdir}/zsh_completion.d

4
vendor.tar.zst
View File

@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:05428f574f79d690fd606394ec17e25c96ae9cf66e6233893f62e9b7b53a9e97
size 68777550
oid sha256:59dc51d23d78ff8cb7d6fce2810142e7d03bb3523ce5fa6cb2306f0e0c6f5ede
size 69311053