diff --git a/0005-implicit-decl.diff b/0005-implicit-decl.diff deleted file mode 100644 index 88cf672..0000000 --- a/0005-implicit-decl.diff +++ /dev/null @@ -1,28 +0,0 @@ -From: Jan Engelhardt -Date: 2012-03-11 23:31:50.889566758 +0100 - -build: resolve compiler warnings about implicitly-defined functions - -crypto_sha512crypt.c: In function 'sha512_crypt_r': -crypto_sha512crypt.c:200:9: warning: implicit declaration of - function 'mempcpy' [-Wimplicit-function-declaration] -crypto_sha512crypt.c:200:14: warning: incompatible implicit - declaration of built-in function 'mempcpy' [enabled by default] -crypto_sha512crypt.c:221:14: warning: incompatible implicit - declaration of built-in function 'mempcpy' [enabled by default] ---- - src/util/crypto/libcrypto/crypto_sha512crypt.c | 1 + - 1 file changed, 1 insertion(+) - -Index: sssd-1.9.2/src/util/crypto/libcrypto/crypto_sha512crypt.c -=================================================================== ---- sssd-1.9.2.orig/src/util/crypto/libcrypto/crypto_sha512crypt.c -+++ sssd-1.9.2/src/util/crypto/libcrypto/crypto_sha512crypt.c -@@ -12,6 +12,7 @@ - - #include "config.h" - -+#define _GNU_SOURCE 1 /* mempcpy */ - #include - #include - #include diff --git a/sssd-1.11.2.tar.gz b/sssd-1.11.2.tar.gz new file mode 100644 index 0000000..adc6574 --- /dev/null +++ b/sssd-1.11.2.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:40da555ef1d81f0b73aa4e484719f9ca340dc76b7b549761f2ca775ff90b34bc +size 3442072 diff --git a/sssd-1.11.2.tar.gz.asc b/sssd-1.11.2.tar.gz.asc new file mode 100644 index 0000000..f9f6ccb --- /dev/null +++ b/sssd-1.11.2.tar.gz.asc @@ -0,0 +1,7 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1.4.15 (GNU/Linux) + +iEYEABECAAYFAlJxiVwACgkQHsardTLnvCU4CwCfU1uc5bwo9fTZXh4i0KLGp709 +wL4Anil81EFYHIFhnGsCs0L300OQmbGp +=2QGa +-----END PGP SIGNATURE----- diff --git a/sssd-1.9.5.tar.gz b/sssd-1.9.5.tar.gz deleted file mode 100644 index d7e73fb..0000000 --- a/sssd-1.9.5.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:a377c436901e92d689de811d48e37d88764460e889e47bfddd90626f0a8a015c -size 3106988 diff --git a/sssd-1.9.5.tar.gz.asc b/sssd-1.9.5.tar.gz.asc deleted file mode 100644 index e0c1e92..0000000 --- a/sssd-1.9.5.tar.gz.asc +++ /dev/null @@ -1,7 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1.4.13 (GNU/Linux) - -iEYEABECAAYFAlF2gY4ACgkQHsardTLnvCW6+QCg4VWHi8mlbi6FQufRtUXOTB2j -5OAAniig5/DUZa/mrzUb+8kteg3nanNS -=3VHJ ------END PGP SIGNATURE----- diff --git a/sssd-ldflags.diff b/sssd-ldflags.diff index 4ac562c..3229388 100644 --- a/sssd-ldflags.diff +++ b/sssd-ldflags.diff @@ -1,50 +1,107 @@ +From c9b13c7e032fde96cf07c7d298bb7fa65fad220b Mon Sep 17 00:00:00 2001 From: Jan Engelhardt -Date: 2012-11-10 01:36:37.022064770 +0100 - -build: fix link failure because of wrong use of LDFLAGS - - ld: src/sss_client/sss_ssh_authorizedkeys-common.o: undefined - reference to symbol 'pthread_mutexattr_setrobust@@GLIBC_2.12' - -For the i'th time, -http://stackoverflow.com/questions/4241683/linker-flags-in-wrong-place - -The patch fixes the location of library names, and also adds them -to two program which need them. +Date: Fri, 1 Nov 2013 23:01:09 +0100 +Subject: [PATCH] build: fix ordering of linker flags +Libraries MUST be specified in LDADD/LIBADD, not LDFLAGS, because +LDFLAGS appear earlier in the command line and library order is +significant. --- - Makefile.am | 36 +++++++++++++++++++++--------------- - 1 file changed, 21 insertions(+), 15 deletions(-) + Makefile.am | 66 ++++++++++++++++++++++++++++++------------------------------ + 1 file changed, 34 insertions(+), 32 deletions(-) -Index: sssd-1.9.4/Makefile.am +Index: sssd-1.11.2/Makefile.am =================================================================== ---- sssd-1.9.4.orig/Makefile.am -+++ sssd-1.9.4/Makefile.am -@@ -537,7 +537,8 @@ libipa_hbac_la_SOURCES = \ +--- sssd-1.11.2.orig/Makefile.am ++++ sssd-1.11.2/Makefile.am +@@ -600,9 +600,10 @@ dist_pkgconfig_DATA += src/providers/ipa + libipa_hbac_la_SOURCES = \ src/providers/ipa/hbac_evaluator.c \ src/util/sss_utf8.c - libipa_hbac_la_LDFLAGS = \ +-libipa_hbac_la_LDFLAGS = \ - -version-info 0:1:0 \ -+ -version-info 0:1:0 +libipa_hbac_la_LIBADD = \ $(UNICODE_LIBS) ++libipa_hbac_la_LDFLAGS = \ ++ -version-info 0:1:0 dist_pkgconfig_DATA += src/lib/idmap/sss_idmap.pc -@@ -651,11 +652,11 @@ sssd_be_LDADD = \ - -ldl \ - $(SSSD_LIBS) \ - $(CARES_LIBS) \ -+ $(PAM_LIBS) \ - libsss_util.la - sssd_be_LDFLAGS = \ - -Wl,--version-script,$(srcdir)/src/providers/sssd_be.exports \ -- -export-dynamic \ -- $(PAM_LIBS) -+ -export-dynamic + libsss_idmap_la_SOURCES = \ +@@ -617,8 +618,9 @@ libsss_nss_idmap_la_SOURCES = \ + src/sss_client/idmap/sss_nss_idmap.c \ + src/sss_client/common.c \ + src/util/strtonum.c ++libsss_nss_idmap_la_LIBADD = \ ++ $(CLIENT_LIBS) + libsss_nss_idmap_la_LDFLAGS = \ +- $(CLIENT_LIBS) \ + -version-info 0:1:0 - if BUILD_PYTHON_BINDINGS - sss_obfuscate_pythondir = $(sbindir) -@@ -771,7 +772,7 @@ sss_sudo_cli_SOURCES = \ + include_HEADERS = \ +@@ -771,10 +773,9 @@ sss_userdel_SOURCES = \ + $(SSSD_LCL_TOOLS_OBJ) + sss_userdel_LDADD = \ + $(TOOLS_LIBS) \ +- $(SSSD_INTERNAL_LTLIBS) +-sss_userdel_CFLAGS = $(AM_CFLAGS) +-sss_userdel_LDFLAGS = \ ++ $(SSSD_INTERNAL_LTLIBS) \ + $(CLIENT_LIBS) ++sss_userdel_CFLAGS = $(AM_CFLAGS) + + sss_groupadd_SOURCES = \ + src/tools/sss_groupadd.c \ +@@ -788,30 +789,27 @@ sss_groupdel_SOURCES = \ + $(SSSD_LCL_TOOLS_OBJ) + sss_groupdel_LDADD = \ + $(TOOLS_LIBS) \ +- $(SSSD_INTERNAL_LTLIBS) +-sss_groupdel_CFLAGS = $(AM_CFLAGS) +-sss_groupdel_LDFLAGS = \ ++ $(SSSD_INTERNAL_LTLIBS) \ + $(CLIENT_LIBS) ++sss_groupdel_CFLAGS = $(AM_CFLAGS) + + sss_usermod_SOURCES = \ + src/tools/sss_usermod.c \ + $(SSSD_LCL_TOOLS_OBJ) + sss_usermod_LDADD = \ + $(TOOLS_LIBS) \ +- $(SSSD_INTERNAL_LTLIBS) +-sss_usermod_CFLAGS = $(AM_CFLAGS) +-sss_usermod_LDFLAGS = \ ++ $(SSSD_INTERNAL_LTLIBS) \ + $(CLIENT_LIBS) ++sss_usermod_CFLAGS = $(AM_CFLAGS) + + sss_groupmod_SOURCES = \ + src/tools/sss_groupmod.c \ + $(SSSD_LCL_TOOLS_OBJ) + sss_groupmod_LDADD = \ + $(TOOLS_LIBS) \ +- $(SSSD_INTERNAL_LTLIBS) +-sss_groupmod_CFLAGS = $(AM_CFLAGS) +-sss_groupmod_LDFLAGS = \ ++ $(SSSD_INTERNAL_LTLIBS) \ + $(CLIENT_LIBS) ++sss_groupmod_CFLAGS = $(AM_CFLAGS) + + sss_groupshow_SOURCES = \ + src/tools/sss_groupshow.c \ +@@ -825,10 +823,9 @@ sss_cache_SOURCES = \ + $(SSSD_LCL_TOOLS_OBJ) + sss_cache_LDADD = \ + $(TOOLS_LIBS) \ +- $(SSSD_INTERNAL_LTLIBS) +-sss_cache_CFLAGS = $(AM_CFLAGS) +-sss_cache_LDFLAGS = \ ++ $(SSSD_INTERNAL_LTLIBS) \ + $(CLIENT_LIBS) ++sss_cache_CFLAGS = $(AM_CFLAGS) + + sss_debuglevel_SOURCES = \ + src/tools/sss_debuglevel.c \ +@@ -851,7 +848,7 @@ sss_sudo_cli_SOURCES = \ src/sss_client/sudo/sss_sudo_response.c \ src/sss_client/sudo_testcli/sudo_testcli.c sss_sudo_cli_CFLAGS = $(AM_CFLAGS) @@ -53,27 +110,29 @@ Index: sssd-1.9.4/Makefile.am endif if BUILD_SSH -@@ -781,8 +782,8 @@ sss_ssh_authorizedkeys_SOURCES = \ +@@ -861,8 +858,8 @@ sss_ssh_authorizedkeys_SOURCES = \ src/sss_client/ssh/sss_ssh_authorizedkeys.c sss_ssh_authorizedkeys_CFLAGS = $(AM_CFLAGS) sss_ssh_authorizedkeys_LDADD = \ -+ $(CLIENT_LIBS) \ - libsss_util.la --sss_ssh_authorizedkeys_LDFLAGS = $(CLIENT_LIBS) +- $(SSSD_INTERNAL_LTLIBS) +-sss_ssh_authorizedkeys_LDFLAGS = $(CLIENT_LIBS) $(TALLOC_LIBS) $(POPT_LIBS) ++ $(SSSD_INTERNAL_LTLIBS) \ ++ $(CLIENT_LIBS) $(TALLOC_LIBS) $(POPT_LIBS) sss_ssh_knownhostsproxy_SOURCES = \ src/sss_client/common.c \ -@@ -790,8 +791,8 @@ sss_ssh_knownhostsproxy_SOURCES = \ +@@ -870,8 +867,8 @@ sss_ssh_knownhostsproxy_SOURCES = \ src/sss_client/ssh/sss_ssh_knownhostsproxy.c sss_ssh_knownhostsproxy_CFLAGS = $(AM_CFLAGS) sss_ssh_knownhostsproxy_LDADD = \ -+ $(CLIENT_LIBS) \ - libsss_util.la --sss_ssh_knownhostsproxy_LDFLAGS = $(CLIENT_LIBS) +- $(SSSD_INTERNAL_LTLIBS) +-sss_ssh_knownhostsproxy_LDFLAGS = $(CLIENT_LIBS) $(TALLOC_LIBS) $(POPT_LIBS) ++ $(SSSD_INTERNAL_LTLIBS) \ ++ $(CLIENT_LIBS) $(TALLOC_LIBS) $(POPT_LIBS) endif ################# -@@ -1149,14 +1150,14 @@ noinst_PROGRAMS += autofs_test_client +@@ -1402,7 +1399,7 @@ noinst_PROGRAMS += autofs_test_client endif pam_test_client_SOURCES = src/sss_client/pam_test_client.c @@ -81,44 +140,41 @@ Index: sssd-1.9.4/Makefile.am +pam_test_client_LDADD = -lpam -lpam_misc if BUILD_AUTOFS - autofs_test_client_SOURCES = src/sss_client/autofs/autofs_test_client.c \ - src/sss_client/autofs/sss_autofs.c \ - src/sss_client/common.c + autofs_test_client_SOURCES = \ +@@ -1410,7 +1407,7 @@ autofs_test_client_SOURCES = \ + src/sss_client/autofs/sss_autofs.c \ + src/sss_client/common.c autofs_test_client_CFLAGS = $(AM_CFLAGS) -autofs_test_client_LDFLAGS = -lpopt $(CLIENT_LIBS) +autofs_test_client_LDADD = -lpopt $(CLIENT_LIBS) endif #################### -@@ -1178,10 +1179,11 @@ libnss_sss_la_SOURCES = \ +@@ -1432,8 +1429,9 @@ libnss_sss_la_SOURCES = \ + src/sss_client/nss_mc_passwd.c \ src/sss_client/nss_mc_group.c \ src/sss_client/nss_mc.h ++libnss_sss_la_LIBADD = \ ++ $(CLIENT_LIBS) libnss_sss_la_LDFLAGS = \ - $(CLIENT_LIBS) \ -module \ -version-info 2:0:0 \ -Wl,--version-script,$(srcdir)/src/sss_client/sss_nss.exports -+libnss_sss_la_LIBADD = \ -+ $(CLIENT_LIBS) - - pamlib_LTLIBRARIES = pam_sss.la - pam_sss_la_SOURCES = \ -@@ -1192,11 +1194,12 @@ pam_sss_la_SOURCES = \ +@@ -1446,9 +1444,10 @@ pam_sss_la_SOURCES = \ + src/util/atomic_io.c \ src/sss_client/sss_pam_macros.h - pam_sss_la_LDFLAGS = \ -- $(CLIENT_LIBS) \ +-pam_sss_la_LDFLAGS = \ ++pam_sss_la_LIBADD = \ + $(CLIENT_LIBS) \ - -lpam \ ++ -lpam ++pam_sss_la_LDFLAGS = \ -module \ -avoid-version \ -Wl,--version-script,$(srcdir)/src/sss_client/sss_pam.exports -+pam_sss_la_LIBADD = \ -+ $(CLIENT_LIBS) \ -+ -lpam - - if BUILD_SUDO - -@@ -1207,8 +1210,9 @@ libsss_sudo_la_SOURCES = \ +@@ -1462,8 +1461,9 @@ libsss_sudo_la_SOURCES = \ src/sss_client/sudo/sss_sudo.c \ src/sss_client/sudo/sss_sudo.h \ src/sss_client/sudo/sss_sudo_private.h @@ -129,30 +185,27 @@ Index: sssd-1.9.4/Makefile.am -Wl,--version-script,$(srcdir)/src/sss_client/sss_sudo.exports \ -module \ -avoid-version -@@ -1228,10 +1232,11 @@ libsss_autofs_la_SOURCES = \ +@@ -1480,8 +1480,9 @@ libsss_autofs_la_SOURCES = \ + src/sss_client/autofs/sss_autofs.c \ src/sss_client/autofs/sss_autofs_private.h ++libsss_autofs_la_LIBADD = \ ++ $(CLIENT_LIBS) libsss_autofs_la_LDFLAGS = \ - $(CLIENT_LIBS) \ -module \ -avoid-version \ -Wl,--version-script,$(srcdir)/src/sss_client/autofs/sss_autofs.exports -+libsss_autofs_la_LIBADD = \ -+ $(CLIENT_LIBS) - endif - - dist_noinst_DATA += \ -@@ -1550,10 +1555,11 @@ sssd_pac_plugin_la_CFLAGS = \ +@@ -1831,9 +1832,10 @@ sssd_pac_plugin_la_SOURCES = \ + sssd_pac_plugin_la_CFLAGS = \ $(AM_CFLAGS) \ $(KRB5_CFLAGS) - sssd_pac_plugin_la_LDFLAGS = \ -- $(CLIENT_LIBS) \ +-sssd_pac_plugin_la_LDFLAGS = \ ++sssd_pac_plugin_la_LIBADD = \ + $(CLIENT_LIBS) \ - -lkrb5 \ ++ -lkrb5 ++sssd_pac_plugin_la_LDFLAGS = \ -avoid-version \ -module -+sssd_pac_plugin_la_LIBADD = \ -+ $(CLIENT_LIBS) \ -+ -lkrb5 - if BUILD_PYTHON_BINDINGS - pysss_la_SOURCES = \ diff --git a/sssd-no-ldb-check.diff b/sssd-no-ldb-check.diff deleted file mode 100644 index e216a19..0000000 --- a/sssd-no-ldb-check.diff +++ /dev/null @@ -1,28 +0,0 @@ -From: Jan Engelhardt -Date: 2013-02-21 09:09:59.418801298 +0100 -Upstream: no - -Whenever ldb has a version number update, memberof.so aborts sssd -loading. Arguably, LDB has not made any ABI stability promises -says -http://lists.fedorahosted.org/pipermail/sssd-devel/2013-February/013686.html -but they are at least trying to, by keeping some versioned symbols. -So, let's try this here for openSUSE. - ---- - src/ldb_modules/memberof.c | 3 --- - 1 file changed, 3 deletions(-) - -Index: sssd-1.9.4/src/ldb_modules/memberof.c -=================================================================== ---- sssd-1.9.4.orig/src/ldb_modules/memberof.c -+++ sssd-1.9.4/src/ldb_modules/memberof.c -@@ -4570,8 +4570,5 @@ const struct ldb_module_ops ldb_memberof - - int ldb_init_module(const char *version) - { --#ifdef LDB_MODULE_CHECK_VERSION -- LDB_MODULE_CHECK_VERSION(version); --#endif - return ldb_register_module(&ldb_memberof_module_ops); - } diff --git a/sssd.changes b/sssd.changes index f244907..38cdec5 100644 --- a/sssd.changes +++ b/sssd.changes @@ -1,3 +1,28 @@ +------------------------------------------------------------------- +Fri Nov 1 22:12:03 UTC 2013 - jengelh@inai.de + +- Update to new upstream release 1.11.2 +* A new option ad_access_filter was added. This option allows the + administrator to easily configure LDAP search filter that the users + logging in must match in order to be granted access. +* The Kerberos provider will no longer try to create public + directories when evaluating the krb5_ccachedir option. +- Remove 0005-implicit-decl.diff (merged upstream) + +------------------------------------------------------------------- +Tue Sep 3 21:12:37 UTC 2013 - jengelh@inai.de + +- Update to new upstream release 1.11.0 +* The sudo integration was made more robust. SSSD is now able to + gracefully handle situations where it is not able to resolve the + client host name or sudo rules have multiple name attributes. +* Several nested group membership bugs were fixed +* The PAC responder was made more robust and efficient, modifying + existing cache entries instead of always recreating them. +* The Kerberos provider now supports the new KEYRING ccache type. +- Remove sssd-no-ldb-check.diff, now implemented through a + configure argument --disable-ldb-version-check + ------------------------------------------------------------------- Sun Jun 16 16:11:42 UTC 2013 - jengelh@inai.de diff --git a/sssd.spec b/sssd.spec index cd031f8..90ed7c6 100644 --- a/sssd.spec +++ b/sssd.spec @@ -17,7 +17,7 @@ Name: sssd -Version: 1.9.5 +Version: 1.11.2 Release: 0 Summary: System Security Services Daemon License: GPL-3.0+ and LGPL-3.0+ @@ -28,21 +28,19 @@ Url: https://fedorahosted.org/sssd/ Source: https://fedorahosted.org/released/sssd/sssd-%version.tar.gz Source2: https://fedorahosted.org/released/sssd/sssd-%version.tar.gz.asc Source3: baselibs.conf -Patch1: 0005-implicit-decl.diff -Patch2: sssd-ldflags.diff -Patch3: sssd-no-ldb-check.diff +Patch1: sssd-ldflags.diff BuildRoot: %{_tmppath}/%{name}-%{version}-build -%define servicename sssd -%define sssdstatedir %_localstatedir/lib/sss -%define dbpath %sssdstatedir/db -%define pipepath %sssdstatedir/pipes -%define pubconfpath %sssdstatedir/pubconf +%define servicename sssd +%define sssdstatedir %_localstatedir/lib/sss +%define dbpath %sssdstatedir/db +%define pipepath %sssdstatedir/pipes +%define pubconfpath %sssdstatedir/pubconf -# SLES11 doesn't know the python_* macros %if %suse_version <= 1110 -%define python_sitelib %py_sitedir -%define python_sitearch %py_sitedir +# SLES11 doesn't know the python_* macros +%define python_sitelib %py_sitedir +%define python_sitearch %py_sitedir %endif BuildRequires: autoconf >= 2.59 @@ -63,6 +61,7 @@ BuildRequires: pkgconfig(ldb) >= 0.9.2 BuildRequires: pkgconfig(libcares) BuildRequires: pkgconfig(libnl-1) >= 1.1 BuildRequires: pkgconfig(libpcre) >= 7 +BuildRequires: pkgconfig(ndr_nbt) BuildRequires: pkgconfig(openssl) BuildRequires: pkgconfig(popt) BuildRequires: pkgconfig(python) @@ -85,7 +84,9 @@ BuildRequires: libtevent-devel BuildRequires: pcre-devel >= 7 BuildRequires: popt-devel BuildRequires: python-devel +BuildRequires: samba-devel >= 4 %endif +BuildRequires: samba-libs >= 4 %if 0%{?suse_version} >= 1220 BuildRequires: libxml2-tools BuildRequires: libxslt-tools @@ -104,6 +105,7 @@ BuildRequires: systemd %if %suse_version >= 1230 BuildRequires: gpg-offline %endif +Requires: sssd-ldap = %version-%release Requires(postun): pam-config %description @@ -113,15 +115,67 @@ the system and a pluggable backend system to connect to multiple different account sources. It is also the basis to provide client auditing and policy services for projects like FreeIPA. -%package ipa-provider -Summary: FreeIPA provider plugin for sssd -License: GPL-3.0+ and LGPL-3.0+ +%package ad +Summary: The ActiveDirectory backend plugin for sssd +License: GPL-3.0+ Group: System/Daemons -Requires: sssd = %version +Requires: %name-krb5-common = %version -%description ipa-provider -This package provide the FreeIPA provider plugin for the System Security -Services Daemon (sssd). +%description ad +Provides the Active Directory back end that the SSSD can utilize to +fetch identity data from and authenticate against an Active Directory +server. + +%package ipa +Summary: FreeIPA backend plugin for sssd +License: GPL-3.0+ +Group: System/Daemons +Requires: %name = %version +Requires: %name-krb5-common = %version-%release +Obsoletes: %name-ipa-provider < %version-%release +Provides: %name-ipa-provider = %version-%release + +%description ipa +Provides the IPA back end that the SSSD can utilize to fetch identity +data from and authenticate against an IPA server. + +%package krb5 +Summary: The Kerberos authentication backend plugin for sssd +License: GPL-3.0+ +Group: System/Daemons +Requires: %name-krb5-common = %version-%release + +%description krb5 +Provides the Kerberos back end that the SSSD can utilize authenticate +against a Kerberos server. + +%package krb5-common +Summary: SSSD helpers needed for Kerberos and GSSAPI authentication +License: GPL-3.0+ +Group: System/Daemons + +%description krb5-common +Provides helper processes that the LDAP and Kerberos back ends can +use for Kerberos user or host authentication. + +%package ldap +Summary: The LDAP backend plugin for sssd +License: GPL-3.0+ +Group: System/Daemons +Requires: %name-krb5-common = %version-%release + +%description ldap +Provides the LDAP back end that the SSSD can utilize to fetch +identity data from and authenticate against an LDAP server. + +%package proxy +Summary: The proxy backend plugin for sssd +License: GPL-3.0+ +Group: System/Daemons + +%description proxy +Provides the proxy back end which can be used to wrap an existing NSS +and/or PAM modules to leverage SSSD caching. %package tools Summary: Commandline tools for sssd @@ -169,6 +223,23 @@ Requires: libsss_idmap0 = %version %description -n libsss_idmap-devel A utility library for FreeIPA to map Windows SIDs to Unix user/group IDs. +%package -n libsss_nss_idmap0 +Summary: FreeIPA ID mapping library +License: LGPL-3.0+ +Group: System/Libraries + +%description -n libsss_nss_idmap0 +A utility library for FreeIPA to map Windows SIDs to Unix user/group IDs. + +%package -n libsss_nss_idmap-devel +Summary: Development files for the FreeIPA idmap library +License: LGPL-3.0+ +Group: Development/Libraries/C and C++ +Requires: libsss_nss_idmap0 = %version + +%description -n libsss_nss_idmap-devel +A utility library for FreeIPA to map Windows SIDs to Unix user/group IDs. + %package -n libsss_sudo Summary: A library to allow communication between sudo and SSSD License: LGPL-3.0+ @@ -183,7 +254,7 @@ A utility library to allow communication between sudo and SSSD. %package -n python-ipa_hbac Summary: Python bindings for the FreeIPA HBAC Evaluator library -License: GPL-3.0+ and LGPL-3.0+ +License: LGPL-3.0+ Group: Development/Libraries/Python %py_requires @@ -191,6 +262,16 @@ Group: Development/Libraries/Python The python-ipa_hbac package contains the bindings so that libipa_hbac can be used by Python applications. +%package -n python-sss_nss_idmap +Summary: Python bindings for libsss_nss_idmap +License: LGPL-3.0+ +Group: Development/Libraries/Python +%py_requires + +%description -n python-sss_nss_idmap +The libsss_nss_idmap-python contains the bindings so that +libsss_nss_idmap can be used by Python applications. + %package -n python-sssd-config Summary: Python API for configuring sssd License: GPL-3.0+ and LGPL-3.0+ @@ -204,7 +285,7 @@ Security Services Daemon (sssd). %prep %{?gpg_verify: %gpg_verify %{S:2}} %setup -q -%patch -P 1 -P 2 -P 3 -p1 +%patch -P 1 -p1 %build %if 0%{?suse_version} < 1210 @@ -231,7 +312,9 @@ autoreconf -fi; --with-ldb-lib-dir="$LDB_DIR" \ --with-selinux=no \ --with-os=suse \ - --with-semanage=no + --with-semanage=no \ + --disable-ldb-version-check \ + --disable-pac-responder make %{?_smp_mflags} all @@ -244,12 +327,14 @@ install -d "$b/%_mandir"/{cs,cs/man8,nl,nl/man8,pt,pt/man8,uk,uk/man1} \ "$b/%_mandir"/{uk/man5,uk/man8}; install -d "$b/%_sysconfdir/sssd"; install -m600 src/examples/sssd-example.conf "$b/%_sysconfdir/sssd/sssd.conf"; -install src/sysv/SUSE/sssd "$b/%_sysconfdir/init.d/sssd"; %if 0%{?_unitdir:1} install -d "$b/%_unitdir"; install src/sysv/systemd/sssd.service "$b/%_unitdir/sssd.service"; +rm -Rf "$b/%_initddir" +%else +install src/sysv/SUSE/sssd "$b/%_sysconfdir/init.d/sssd"; +ln -sf ../../etc/init.d/sssd "$b/usr/sbin/rcsssd" %endif -ln -sf ../../etc/init.d/sssd $b/usr/sbin/rcsssd find "$b" -type f -name "*.la" -delete; @@ -293,65 +378,128 @@ fi; %postun -n libipa_hbac0 -p /sbin/ldconfig %post -n libsss_idmap0 -p /sbin/ldconfig %postun -n libsss_idmap0 -p /sbin/ldconfig +%post -n libsss_nss_idmap0 -p /sbin/ldconfig +%postun -n libsss_nss_idmap0 -p /sbin/ldconfig %files -f sssd.lang %defattr(-,root,root) %doc COPYING -%_initrddir/%name %if 0%{?_unitdir:1} %_unitdir +%else +%_initrddir/%name +%_sbindir/rcsssd %endif %_bindir/sss_ssh_* %_sbindir/sssd -%_sbindir/rcsssd -%dir %_libdir/%name -%dir %_libexecdir/%name -%dir %_mandir/cs -%dir %_mandir/cs/man8 -%dir %_mandir/nl -%dir %_mandir/nl/man8 -%dir %_mandir/pt -%dir %_mandir/pt/man8 -%dir %_mandir/uk -%dir %_mandir/uk/man1 -%dir %_mandir/uk/man5 -%dir %_mandir/uk/man8 -%_mandir/??/man?/* +%dir %_mandir/??/ +%dir %_mandir/??/man?/ +%_mandir/??/man1/sss_ssh_* +%_mandir/??/man5/sssd-simple.5* +%_mandir/??/man5/sssd-sudo.5* +%_mandir/??/man5/sssd.conf.5* +%_mandir/??/man8/sssd.8* %_mandir/man1/sss_ssh_* -%_mandir/man5/sssd-ad.5* -%_mandir/man5/sssd-krb5.5* -%_mandir/man5/sssd-ldap.5* %_mandir/man5/sssd-simple.5* %_mandir/man5/sssd-sudo.5* +%_mandir/man5/sssd.conf.5* %_mandir/man8/sssd.8* -%_mandir/man5/sssd.conf.5.gz -%_libexecdir/%name/sss* -%_libexecdir/%name/*_child -%_libdir/%name/libsss_ad.so -%_libdir/%name/libsss_krb5* -%_libdir/%name/libsss_ldap* -%_libdir/%name/libsss_proxy* +%dir %_libdir/%name/ +%_libdir/%name/libsss_child* +%_libdir/%name/libsss_crypt* +%_libdir/%name/libsss_debug* %_libdir/%name/libsss_simple* -%_libdir/%name/modules +%_libdir/%name/libsss_util* +%_libdir/%name/modules/ +%dir %_libdir/ldb/ %_libdir/ldb/memberof.so +%dir %_libexecdir/%name/ +%_libexecdir/%name/sssd_* %dir %sssdstatedir -%attr(700,root,root) %dir %dbpath -%attr(755,root,root) %dir %pipepath -%attr(700,root,root) %dir %pipepath/private -%attr(755,root,root) %dir %pubconfpath -%attr(750,root,root) %dir %_localstatedir/log/%name -%dir %_sysconfdir/sssd +%attr(700,root,root) %dir %dbpath/ +%attr(755,root,root) %dir %pipepath/ +%attr(700,root,root) %dir %pipepath/private/ +%attr(755,root,root) %dir %pubconfpath/ +%attr(750,root,root) %dir %_localstatedir/log/%name/ +%dir %_sysconfdir/sssd/ %config(noreplace) %_sysconfdir/sssd/sssd.conf -%_datadir/sssd -%exclude %_datadir/sssd/sssd.api.d/sssd-ipa.conf +%dir %_datadir/%name/ +%_datadir/%name/sssd.api.conf +%dir %_datadir/%name/sssd.api.d/ +%_datadir/%name/sssd.api.d/sssd-local.conf +%_datadir/%name/sssd.api.d/sssd-simple.conf # -# client side +# sssd-client # /%_lib/libnss_sss.so.2 /%_lib/security/pam_sss.so %_libdir/krb5/plugins/libkrb5/* -%_mandir/man8/pam_sss.8.gz -%_mandir/man8/sssd_krb5_locator_plugin.8.gz +%_mandir/??/man8/pam_sss.8* +%_mandir/??/man8/sssd_krb5_locator_plugin.8* +%_mandir/man8/pam_sss.8* +%_mandir/man8/sssd_krb5_locator_plugin.8* + +%files ad +%defattr(-,root,root) +%dir %_libdir/%name/ +%_libdir/%name/libsss_ad.so +%dir %_datadir/%name/ +%dir %_datadir/%name/sssd.api.d/ +%_datadir/%name/sssd.api.d/sssd-ad.conf +%dir %_mandir/??/man5/ +%_mandir/man5/sssd-ad.5* +%_mandir/??/man5/sssd-ad.5* + +%files ipa +%defattr(-,root,root) +%dir %_libdir/%name/ +%_libdir/%name/libsss_ipa* +%dir %_datadir/%name/ +%dir %_datadir/%name/sssd.api.d +%_datadir/%name/sssd.api.d/sssd-ipa.conf +%dir %_mandir/??/man5/ +%_mandir/man5/sssd-ipa.5* +%_mandir/??/man5/sssd-ipa.5* + +%files krb5 +%defattr(-,root,root) +%dir %_libdir/%name/ +%_libdir/%name/libsss_krb5.so +%dir %_datadir/%name/ +%dir %_datadir/%name/sssd.api.d/ +%_datadir/%name/sssd.api.d/sssd-krb5.conf +%dir %_mandir/??/man5/ +%_mandir/man5/sssd-krb5.5* +%_mandir/??/man5/sssd-krb5.5* + +%files krb5-common +%defattr(-,root,root) +%dir %_libdir/%name/ +%_libdir/%name/libsss_krb5_common.so +%dir %_libexecdir/%name/ +%_libexecdir/%name/krb5_child +%_libexecdir/%name/ldap_child + +%files ldap +%defattr(-,root,root) +%dir %_libdir/%name/ +%_libdir/%name/libsss_ldap* +%dir %_datadir/%name/ +%dir %_datadir/%name/sssd.api.d/ +%_datadir/%name/sssd.api.d/sssd-ldap.conf +%dir %_mandir/??/man5/ +%_mandir/??/man5/sssd-ldap.5* +%_mandir/man5/sssd-ldap.5* + +%files proxy +%defattr(-,root,root) +%dir %_libdir/%name/ +%_libdir/%name/libsss_proxy.so +%dir %_libexecdir/%name/ +%_libexecdir/%name/proxy_child +%dir %_datadir/%name/ +%dir %_datadir/%name/sssd.api.d/ +%_datadir/%name/sssd.api.d/sssd-proxy.conf %files tools %defattr(-,root,root) @@ -362,29 +510,13 @@ fi; %_sbindir/sss_groupmod %_sbindir/sss_groupshow %_sbindir/sss_seed +%_sbindir/sss_obfuscate %_sbindir/sss_useradd %_sbindir/sss_userdel %_sbindir/sss_usermod -%_mandir/man8/sss_groupadd.8* -%_mandir/man8/sss_groupdel.8* -%_mandir/man8/sss_groupmod.8* -%_mandir/man8/sss_groupshow.8* -%_mandir/man8/sss_seed.8* -%_mandir/man8/sss_useradd.8* -%_mandir/man8/sss_userdel.8* -%_mandir/man8/sss_usermod.8* -%_mandir/man8/sss_obfuscate.8* -%_mandir/man8/sss_cache.8* -%_mandir/man8/sss_debuglevel.8* -%attr(0755,root,root) %_sbindir/sss_obfuscate - -%files ipa-provider -%defattr(-,root,root) -%dir %_datadir/sssd -%dir %_datadir/sssd/sssd.api.d -%_datadir/sssd/sssd.api.d/sssd-ipa.conf -%_libdir/sssd/libsss_ipa* -%_mandir/man5/sssd-ipa.* +%dir %_mandir/??/man8/ +%_mandir/??/man8/sss_*.8* +%_mandir/man8/sss_*.8* %files -n libipa_hbac0 %defattr(-,root,root) @@ -406,15 +538,30 @@ fi; %_libdir/libsss_idmap.so %_libdir/pkgconfig/sss_idmap.pc +%files -n libsss_nss_idmap0 +%defattr(-,root,root) +%_libdir/libsss_nss_idmap.so.0* + +%files -n libsss_nss_idmap-devel +%defattr(-,root,root) +%_includedir/sss_nss_idmap.h +%_libdir/libsss_nss_idmap.so +%_libdir/pkgconfig/sss_nss_idmap.pc + %files -n libsss_sudo %defattr(-,root,root) -%_includedir/sss_sudo.h %_libdir/libsss_sudo.so %files -n python-ipa_hbac %defattr(-,root,root) +%dir %python_sitearch %python_sitearch/pyhbac.so +%files -n python-sss_nss_idmap +%defattr(-,root,root) +%dir %python_sitearch +%python_sitearch/pysss_nss_idmap.so + %files -n python-sssd-config %defattr(-,root,root) %python_sitearch/pysss.so