Accepting request 208276 from network:ldap

- Update to new upstream release 1.11.2

OBS-URL: https://build.opensuse.org/request/show/208276
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/sssd?expand=0&rev=49
This commit is contained in:
Stephan Kulow 2013-12-02 14:09:06 +00:00 committed by Git OBS Bridge
parent b6336e2b35
commit 160e975d1a
9 changed files with 393 additions and 224 deletions

View File

@ -1,28 +0,0 @@
From: Jan Engelhardt <jengelh@medozas.de>
Date: 2012-03-11 23:31:50.889566758 +0100
build: resolve compiler warnings about implicitly-defined functions
crypto_sha512crypt.c: In function 'sha512_crypt_r':
crypto_sha512crypt.c:200:9: warning: implicit declaration of
function 'mempcpy' [-Wimplicit-function-declaration]
crypto_sha512crypt.c:200:14: warning: incompatible implicit
declaration of built-in function 'mempcpy' [enabled by default]
crypto_sha512crypt.c:221:14: warning: incompatible implicit
declaration of built-in function 'mempcpy' [enabled by default]
---
src/util/crypto/libcrypto/crypto_sha512crypt.c | 1 +
1 file changed, 1 insertion(+)
Index: sssd-1.9.2/src/util/crypto/libcrypto/crypto_sha512crypt.c
===================================================================
--- sssd-1.9.2.orig/src/util/crypto/libcrypto/crypto_sha512crypt.c
+++ sssd-1.9.2/src/util/crypto/libcrypto/crypto_sha512crypt.c
@@ -12,6 +12,7 @@
#include "config.h"
+#define _GNU_SOURCE 1 /* mempcpy */
#include <endian.h>
#include <errno.h>
#include <limits.h>

3
sssd-1.11.2.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:40da555ef1d81f0b73aa4e484719f9ca340dc76b7b549761f2ca775ff90b34bc
size 3442072

7
sssd-1.11.2.tar.gz.asc Normal file
View File

@ -0,0 +1,7 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)
iEYEABECAAYFAlJxiVwACgkQHsardTLnvCU4CwCfU1uc5bwo9fTZXh4i0KLGp709
wL4Anil81EFYHIFhnGsCs0L300OQmbGp
=2QGa
-----END PGP SIGNATURE-----

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:a377c436901e92d689de811d48e37d88764460e889e47bfddd90626f0a8a015c
size 3106988

View File

@ -1,7 +0,0 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
iEYEABECAAYFAlF2gY4ACgkQHsardTLnvCW6+QCg4VWHi8mlbi6FQufRtUXOTB2j
5OAAniig5/DUZa/mrzUb+8kteg3nanNS
=3VHJ
-----END PGP SIGNATURE-----

View File

@ -1,50 +1,107 @@
From c9b13c7e032fde96cf07c7d298bb7fa65fad220b Mon Sep 17 00:00:00 2001
From: Jan Engelhardt <jengelh@inai.de> From: Jan Engelhardt <jengelh@inai.de>
Date: 2012-11-10 01:36:37.022064770 +0100 Date: Fri, 1 Nov 2013 23:01:09 +0100
Subject: [PATCH] build: fix ordering of linker flags
build: fix link failure because of wrong use of LDFLAGS
ld: src/sss_client/sss_ssh_authorizedkeys-common.o: undefined
reference to symbol 'pthread_mutexattr_setrobust@@GLIBC_2.12'
For the i'th time,
http://stackoverflow.com/questions/4241683/linker-flags-in-wrong-place
The patch fixes the location of library names, and also adds them
to two program which need them.
Libraries MUST be specified in LDADD/LIBADD, not LDFLAGS, because
LDFLAGS appear earlier in the command line and library order is
significant.
--- ---
Makefile.am | 36 +++++++++++++++++++++--------------- Makefile.am | 66 ++++++++++++++++++++++++++++++------------------------------
1 file changed, 21 insertions(+), 15 deletions(-) 1 file changed, 34 insertions(+), 32 deletions(-)
Index: sssd-1.9.4/Makefile.am Index: sssd-1.11.2/Makefile.am
=================================================================== ===================================================================
--- sssd-1.9.4.orig/Makefile.am --- sssd-1.11.2.orig/Makefile.am
+++ sssd-1.9.4/Makefile.am +++ sssd-1.11.2/Makefile.am
@@ -537,7 +537,8 @@ libipa_hbac_la_SOURCES = \ @@ -600,9 +600,10 @@ dist_pkgconfig_DATA += src/providers/ipa
libipa_hbac_la_SOURCES = \
src/providers/ipa/hbac_evaluator.c \ src/providers/ipa/hbac_evaluator.c \
src/util/sss_utf8.c src/util/sss_utf8.c
libipa_hbac_la_LDFLAGS = \ -libipa_hbac_la_LDFLAGS = \
- -version-info 0:1:0 \ - -version-info 0:1:0 \
+ -version-info 0:1:0
+libipa_hbac_la_LIBADD = \ +libipa_hbac_la_LIBADD = \
$(UNICODE_LIBS) $(UNICODE_LIBS)
+libipa_hbac_la_LDFLAGS = \
+ -version-info 0:1:0
dist_pkgconfig_DATA += src/lib/idmap/sss_idmap.pc dist_pkgconfig_DATA += src/lib/idmap/sss_idmap.pc
@@ -651,11 +652,11 @@ sssd_be_LDADD = \ libsss_idmap_la_SOURCES = \
-ldl \ @@ -617,8 +618,9 @@ libsss_nss_idmap_la_SOURCES = \
$(SSSD_LIBS) \ src/sss_client/idmap/sss_nss_idmap.c \
$(CARES_LIBS) \ src/sss_client/common.c \
+ $(PAM_LIBS) \ src/util/strtonum.c
libsss_util.la +libsss_nss_idmap_la_LIBADD = \
sssd_be_LDFLAGS = \ + $(CLIENT_LIBS)
-Wl,--version-script,$(srcdir)/src/providers/sssd_be.exports \ libsss_nss_idmap_la_LDFLAGS = \
- -export-dynamic \ - $(CLIENT_LIBS) \
- $(PAM_LIBS) -version-info 0:1:0
+ -export-dynamic
if BUILD_PYTHON_BINDINGS include_HEADERS = \
sss_obfuscate_pythondir = $(sbindir) @@ -771,10 +773,9 @@ sss_userdel_SOURCES = \
@@ -771,7 +772,7 @@ sss_sudo_cli_SOURCES = \ $(SSSD_LCL_TOOLS_OBJ)
sss_userdel_LDADD = \
$(TOOLS_LIBS) \
- $(SSSD_INTERNAL_LTLIBS)
-sss_userdel_CFLAGS = $(AM_CFLAGS)
-sss_userdel_LDFLAGS = \
+ $(SSSD_INTERNAL_LTLIBS) \
$(CLIENT_LIBS)
+sss_userdel_CFLAGS = $(AM_CFLAGS)
sss_groupadd_SOURCES = \
src/tools/sss_groupadd.c \
@@ -788,30 +789,27 @@ sss_groupdel_SOURCES = \
$(SSSD_LCL_TOOLS_OBJ)
sss_groupdel_LDADD = \
$(TOOLS_LIBS) \
- $(SSSD_INTERNAL_LTLIBS)
-sss_groupdel_CFLAGS = $(AM_CFLAGS)
-sss_groupdel_LDFLAGS = \
+ $(SSSD_INTERNAL_LTLIBS) \
$(CLIENT_LIBS)
+sss_groupdel_CFLAGS = $(AM_CFLAGS)
sss_usermod_SOURCES = \
src/tools/sss_usermod.c \
$(SSSD_LCL_TOOLS_OBJ)
sss_usermod_LDADD = \
$(TOOLS_LIBS) \
- $(SSSD_INTERNAL_LTLIBS)
-sss_usermod_CFLAGS = $(AM_CFLAGS)
-sss_usermod_LDFLAGS = \
+ $(SSSD_INTERNAL_LTLIBS) \
$(CLIENT_LIBS)
+sss_usermod_CFLAGS = $(AM_CFLAGS)
sss_groupmod_SOURCES = \
src/tools/sss_groupmod.c \
$(SSSD_LCL_TOOLS_OBJ)
sss_groupmod_LDADD = \
$(TOOLS_LIBS) \
- $(SSSD_INTERNAL_LTLIBS)
-sss_groupmod_CFLAGS = $(AM_CFLAGS)
-sss_groupmod_LDFLAGS = \
+ $(SSSD_INTERNAL_LTLIBS) \
$(CLIENT_LIBS)
+sss_groupmod_CFLAGS = $(AM_CFLAGS)
sss_groupshow_SOURCES = \
src/tools/sss_groupshow.c \
@@ -825,10 +823,9 @@ sss_cache_SOURCES = \
$(SSSD_LCL_TOOLS_OBJ)
sss_cache_LDADD = \
$(TOOLS_LIBS) \
- $(SSSD_INTERNAL_LTLIBS)
-sss_cache_CFLAGS = $(AM_CFLAGS)
-sss_cache_LDFLAGS = \
+ $(SSSD_INTERNAL_LTLIBS) \
$(CLIENT_LIBS)
+sss_cache_CFLAGS = $(AM_CFLAGS)
sss_debuglevel_SOURCES = \
src/tools/sss_debuglevel.c \
@@ -851,7 +848,7 @@ sss_sudo_cli_SOURCES = \
src/sss_client/sudo/sss_sudo_response.c \ src/sss_client/sudo/sss_sudo_response.c \
src/sss_client/sudo_testcli/sudo_testcli.c src/sss_client/sudo_testcli/sudo_testcli.c
sss_sudo_cli_CFLAGS = $(AM_CFLAGS) sss_sudo_cli_CFLAGS = $(AM_CFLAGS)
@ -53,27 +110,29 @@ Index: sssd-1.9.4/Makefile.am
endif endif
if BUILD_SSH if BUILD_SSH
@@ -781,8 +782,8 @@ sss_ssh_authorizedkeys_SOURCES = \ @@ -861,8 +858,8 @@ sss_ssh_authorizedkeys_SOURCES = \
src/sss_client/ssh/sss_ssh_authorizedkeys.c src/sss_client/ssh/sss_ssh_authorizedkeys.c
sss_ssh_authorizedkeys_CFLAGS = $(AM_CFLAGS) sss_ssh_authorizedkeys_CFLAGS = $(AM_CFLAGS)
sss_ssh_authorizedkeys_LDADD = \ sss_ssh_authorizedkeys_LDADD = \
+ $(CLIENT_LIBS) \ - $(SSSD_INTERNAL_LTLIBS)
libsss_util.la -sss_ssh_authorizedkeys_LDFLAGS = $(CLIENT_LIBS) $(TALLOC_LIBS) $(POPT_LIBS)
-sss_ssh_authorizedkeys_LDFLAGS = $(CLIENT_LIBS) + $(SSSD_INTERNAL_LTLIBS) \
+ $(CLIENT_LIBS) $(TALLOC_LIBS) $(POPT_LIBS)
sss_ssh_knownhostsproxy_SOURCES = \ sss_ssh_knownhostsproxy_SOURCES = \
src/sss_client/common.c \ src/sss_client/common.c \
@@ -790,8 +791,8 @@ sss_ssh_knownhostsproxy_SOURCES = \ @@ -870,8 +867,8 @@ sss_ssh_knownhostsproxy_SOURCES = \
src/sss_client/ssh/sss_ssh_knownhostsproxy.c src/sss_client/ssh/sss_ssh_knownhostsproxy.c
sss_ssh_knownhostsproxy_CFLAGS = $(AM_CFLAGS) sss_ssh_knownhostsproxy_CFLAGS = $(AM_CFLAGS)
sss_ssh_knownhostsproxy_LDADD = \ sss_ssh_knownhostsproxy_LDADD = \
+ $(CLIENT_LIBS) \ - $(SSSD_INTERNAL_LTLIBS)
libsss_util.la -sss_ssh_knownhostsproxy_LDFLAGS = $(CLIENT_LIBS) $(TALLOC_LIBS) $(POPT_LIBS)
-sss_ssh_knownhostsproxy_LDFLAGS = $(CLIENT_LIBS) + $(SSSD_INTERNAL_LTLIBS) \
+ $(CLIENT_LIBS) $(TALLOC_LIBS) $(POPT_LIBS)
endif endif
################# #################
@@ -1149,14 +1150,14 @@ noinst_PROGRAMS += autofs_test_client @@ -1402,7 +1399,7 @@ noinst_PROGRAMS += autofs_test_client
endif endif
pam_test_client_SOURCES = src/sss_client/pam_test_client.c pam_test_client_SOURCES = src/sss_client/pam_test_client.c
@ -81,44 +140,41 @@ Index: sssd-1.9.4/Makefile.am
+pam_test_client_LDADD = -lpam -lpam_misc +pam_test_client_LDADD = -lpam -lpam_misc
if BUILD_AUTOFS if BUILD_AUTOFS
autofs_test_client_SOURCES = src/sss_client/autofs/autofs_test_client.c \ autofs_test_client_SOURCES = \
src/sss_client/autofs/sss_autofs.c \ @@ -1410,7 +1407,7 @@ autofs_test_client_SOURCES = \
src/sss_client/common.c src/sss_client/autofs/sss_autofs.c \
src/sss_client/common.c
autofs_test_client_CFLAGS = $(AM_CFLAGS) autofs_test_client_CFLAGS = $(AM_CFLAGS)
-autofs_test_client_LDFLAGS = -lpopt $(CLIENT_LIBS) -autofs_test_client_LDFLAGS = -lpopt $(CLIENT_LIBS)
+autofs_test_client_LDADD = -lpopt $(CLIENT_LIBS) +autofs_test_client_LDADD = -lpopt $(CLIENT_LIBS)
endif endif
#################### ####################
@@ -1178,10 +1179,11 @@ libnss_sss_la_SOURCES = \ @@ -1432,8 +1429,9 @@ libnss_sss_la_SOURCES = \
src/sss_client/nss_mc_passwd.c \
src/sss_client/nss_mc_group.c \ src/sss_client/nss_mc_group.c \
src/sss_client/nss_mc.h src/sss_client/nss_mc.h
+libnss_sss_la_LIBADD = \
+ $(CLIENT_LIBS)
libnss_sss_la_LDFLAGS = \ libnss_sss_la_LDFLAGS = \
- $(CLIENT_LIBS) \ - $(CLIENT_LIBS) \
-module \ -module \
-version-info 2:0:0 \ -version-info 2:0:0 \
-Wl,--version-script,$(srcdir)/src/sss_client/sss_nss.exports -Wl,--version-script,$(srcdir)/src/sss_client/sss_nss.exports
+libnss_sss_la_LIBADD = \ @@ -1446,9 +1444,10 @@ pam_sss_la_SOURCES = \
+ $(CLIENT_LIBS) src/util/atomic_io.c \
pamlib_LTLIBRARIES = pam_sss.la
pam_sss_la_SOURCES = \
@@ -1192,11 +1194,12 @@ pam_sss_la_SOURCES = \
src/sss_client/sss_pam_macros.h src/sss_client/sss_pam_macros.h
pam_sss_la_LDFLAGS = \ -pam_sss_la_LDFLAGS = \
- $(CLIENT_LIBS) \ +pam_sss_la_LIBADD = \
$(CLIENT_LIBS) \
- -lpam \ - -lpam \
+ -lpam
+pam_sss_la_LDFLAGS = \
-module \ -module \
-avoid-version \ -avoid-version \
-Wl,--version-script,$(srcdir)/src/sss_client/sss_pam.exports -Wl,--version-script,$(srcdir)/src/sss_client/sss_pam.exports
+pam_sss_la_LIBADD = \ @@ -1462,8 +1461,9 @@ libsss_sudo_la_SOURCES = \
+ $(CLIENT_LIBS) \
+ -lpam
if BUILD_SUDO
@@ -1207,8 +1210,9 @@ libsss_sudo_la_SOURCES = \
src/sss_client/sudo/sss_sudo.c \ src/sss_client/sudo/sss_sudo.c \
src/sss_client/sudo/sss_sudo.h \ src/sss_client/sudo/sss_sudo.h \
src/sss_client/sudo/sss_sudo_private.h src/sss_client/sudo/sss_sudo_private.h
@ -129,30 +185,27 @@ Index: sssd-1.9.4/Makefile.am
-Wl,--version-script,$(srcdir)/src/sss_client/sss_sudo.exports \ -Wl,--version-script,$(srcdir)/src/sss_client/sss_sudo.exports \
-module \ -module \
-avoid-version -avoid-version
@@ -1228,10 +1232,11 @@ libsss_autofs_la_SOURCES = \ @@ -1480,8 +1480,9 @@ libsss_autofs_la_SOURCES = \
src/sss_client/autofs/sss_autofs.c \
src/sss_client/autofs/sss_autofs_private.h src/sss_client/autofs/sss_autofs_private.h
+libsss_autofs_la_LIBADD = \
+ $(CLIENT_LIBS)
libsss_autofs_la_LDFLAGS = \ libsss_autofs_la_LDFLAGS = \
- $(CLIENT_LIBS) \ - $(CLIENT_LIBS) \
-module \ -module \
-avoid-version \ -avoid-version \
-Wl,--version-script,$(srcdir)/src/sss_client/autofs/sss_autofs.exports -Wl,--version-script,$(srcdir)/src/sss_client/autofs/sss_autofs.exports
+libsss_autofs_la_LIBADD = \ @@ -1831,9 +1832,10 @@ sssd_pac_plugin_la_SOURCES = \
+ $(CLIENT_LIBS) sssd_pac_plugin_la_CFLAGS = \
endif
dist_noinst_DATA += \
@@ -1550,10 +1555,11 @@ sssd_pac_plugin_la_CFLAGS = \
$(AM_CFLAGS) \ $(AM_CFLAGS) \
$(KRB5_CFLAGS) $(KRB5_CFLAGS)
sssd_pac_plugin_la_LDFLAGS = \ -sssd_pac_plugin_la_LDFLAGS = \
- $(CLIENT_LIBS) \ +sssd_pac_plugin_la_LIBADD = \
$(CLIENT_LIBS) \
- -lkrb5 \ - -lkrb5 \
+ -lkrb5
+sssd_pac_plugin_la_LDFLAGS = \
-avoid-version \ -avoid-version \
-module -module
+sssd_pac_plugin_la_LIBADD = \
+ $(CLIENT_LIBS) \
+ -lkrb5
if BUILD_PYTHON_BINDINGS
pysss_la_SOURCES = \

View File

@ -1,28 +0,0 @@
From: Jan Engelhardt <jengelh@inai.de>
Date: 2013-02-21 09:09:59.418801298 +0100
Upstream: no
Whenever ldb has a version number update, memberof.so aborts sssd
loading. Arguably, LDB has not made any ABI stability promises
says
http://lists.fedorahosted.org/pipermail/sssd-devel/2013-February/013686.html
but they are at least trying to, by keeping some versioned symbols.
So, let's try this here for openSUSE.
---
src/ldb_modules/memberof.c | 3 ---
1 file changed, 3 deletions(-)
Index: sssd-1.9.4/src/ldb_modules/memberof.c
===================================================================
--- sssd-1.9.4.orig/src/ldb_modules/memberof.c
+++ sssd-1.9.4/src/ldb_modules/memberof.c
@@ -4570,8 +4570,5 @@ const struct ldb_module_ops ldb_memberof
int ldb_init_module(const char *version)
{
-#ifdef LDB_MODULE_CHECK_VERSION
- LDB_MODULE_CHECK_VERSION(version);
-#endif
return ldb_register_module(&ldb_memberof_module_ops);
}

View File

@ -1,3 +1,28 @@
-------------------------------------------------------------------
Fri Nov 1 22:12:03 UTC 2013 - jengelh@inai.de
- Update to new upstream release 1.11.2
* A new option ad_access_filter was added. This option allows the
administrator to easily configure LDAP search filter that the users
logging in must match in order to be granted access.
* The Kerberos provider will no longer try to create public
directories when evaluating the krb5_ccachedir option.
- Remove 0005-implicit-decl.diff (merged upstream)
-------------------------------------------------------------------
Tue Sep 3 21:12:37 UTC 2013 - jengelh@inai.de
- Update to new upstream release 1.11.0
* The sudo integration was made more robust. SSSD is now able to
gracefully handle situations where it is not able to resolve the
client host name or sudo rules have multiple name attributes.
* Several nested group membership bugs were fixed
* The PAC responder was made more robust and efficient, modifying
existing cache entries instead of always recreating them.
* The Kerberos provider now supports the new KEYRING ccache type.
- Remove sssd-no-ldb-check.diff, now implemented through a
configure argument --disable-ldb-version-check
------------------------------------------------------------------- -------------------------------------------------------------------
Sun Jun 16 16:11:42 UTC 2013 - jengelh@inai.de Sun Jun 16 16:11:42 UTC 2013 - jengelh@inai.de

311
sssd.spec
View File

@ -17,7 +17,7 @@
Name: sssd Name: sssd
Version: 1.9.5 Version: 1.11.2
Release: 0 Release: 0
Summary: System Security Services Daemon Summary: System Security Services Daemon
License: GPL-3.0+ and LGPL-3.0+ License: GPL-3.0+ and LGPL-3.0+
@ -28,21 +28,19 @@ Url: https://fedorahosted.org/sssd/
Source: https://fedorahosted.org/released/sssd/sssd-%version.tar.gz Source: https://fedorahosted.org/released/sssd/sssd-%version.tar.gz
Source2: https://fedorahosted.org/released/sssd/sssd-%version.tar.gz.asc Source2: https://fedorahosted.org/released/sssd/sssd-%version.tar.gz.asc
Source3: baselibs.conf Source3: baselibs.conf
Patch1: 0005-implicit-decl.diff Patch1: sssd-ldflags.diff
Patch2: sssd-ldflags.diff
Patch3: sssd-no-ldb-check.diff
BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRoot: %{_tmppath}/%{name}-%{version}-build
%define servicename sssd %define servicename sssd
%define sssdstatedir %_localstatedir/lib/sss %define sssdstatedir %_localstatedir/lib/sss
%define dbpath %sssdstatedir/db %define dbpath %sssdstatedir/db
%define pipepath %sssdstatedir/pipes %define pipepath %sssdstatedir/pipes
%define pubconfpath %sssdstatedir/pubconf %define pubconfpath %sssdstatedir/pubconf
# SLES11 doesn't know the python_* macros
%if %suse_version <= 1110 %if %suse_version <= 1110
%define python_sitelib %py_sitedir # SLES11 doesn't know the python_* macros
%define python_sitearch %py_sitedir %define python_sitelib %py_sitedir
%define python_sitearch %py_sitedir
%endif %endif
BuildRequires: autoconf >= 2.59 BuildRequires: autoconf >= 2.59
@ -63,6 +61,7 @@ BuildRequires: pkgconfig(ldb) >= 0.9.2
BuildRequires: pkgconfig(libcares) BuildRequires: pkgconfig(libcares)
BuildRequires: pkgconfig(libnl-1) >= 1.1 BuildRequires: pkgconfig(libnl-1) >= 1.1
BuildRequires: pkgconfig(libpcre) >= 7 BuildRequires: pkgconfig(libpcre) >= 7
BuildRequires: pkgconfig(ndr_nbt)
BuildRequires: pkgconfig(openssl) BuildRequires: pkgconfig(openssl)
BuildRequires: pkgconfig(popt) BuildRequires: pkgconfig(popt)
BuildRequires: pkgconfig(python) BuildRequires: pkgconfig(python)
@ -85,7 +84,9 @@ BuildRequires: libtevent-devel
BuildRequires: pcre-devel >= 7 BuildRequires: pcre-devel >= 7
BuildRequires: popt-devel BuildRequires: popt-devel
BuildRequires: python-devel BuildRequires: python-devel
BuildRequires: samba-devel >= 4
%endif %endif
BuildRequires: samba-libs >= 4
%if 0%{?suse_version} >= 1220 %if 0%{?suse_version} >= 1220
BuildRequires: libxml2-tools BuildRequires: libxml2-tools
BuildRequires: libxslt-tools BuildRequires: libxslt-tools
@ -104,6 +105,7 @@ BuildRequires: systemd
%if %suse_version >= 1230 %if %suse_version >= 1230
BuildRequires: gpg-offline BuildRequires: gpg-offline
%endif %endif
Requires: sssd-ldap = %version-%release
Requires(postun): pam-config Requires(postun): pam-config
%description %description
@ -113,15 +115,67 @@ the system and a pluggable backend system to connect to multiple different
account sources. It is also the basis to provide client auditing and policy account sources. It is also the basis to provide client auditing and policy
services for projects like FreeIPA. services for projects like FreeIPA.
%package ipa-provider %package ad
Summary: FreeIPA provider plugin for sssd Summary: The ActiveDirectory backend plugin for sssd
License: GPL-3.0+ and LGPL-3.0+ License: GPL-3.0+
Group: System/Daemons Group: System/Daemons
Requires: sssd = %version Requires: %name-krb5-common = %version
%description ipa-provider %description ad
This package provide the FreeIPA provider plugin for the System Security Provides the Active Directory back end that the SSSD can utilize to
Services Daemon (sssd). fetch identity data from and authenticate against an Active Directory
server.
%package ipa
Summary: FreeIPA backend plugin for sssd
License: GPL-3.0+
Group: System/Daemons
Requires: %name = %version
Requires: %name-krb5-common = %version-%release
Obsoletes: %name-ipa-provider < %version-%release
Provides: %name-ipa-provider = %version-%release
%description ipa
Provides the IPA back end that the SSSD can utilize to fetch identity
data from and authenticate against an IPA server.
%package krb5
Summary: The Kerberos authentication backend plugin for sssd
License: GPL-3.0+
Group: System/Daemons
Requires: %name-krb5-common = %version-%release
%description krb5
Provides the Kerberos back end that the SSSD can utilize authenticate
against a Kerberos server.
%package krb5-common
Summary: SSSD helpers needed for Kerberos and GSSAPI authentication
License: GPL-3.0+
Group: System/Daemons
%description krb5-common
Provides helper processes that the LDAP and Kerberos back ends can
use for Kerberos user or host authentication.
%package ldap
Summary: The LDAP backend plugin for sssd
License: GPL-3.0+
Group: System/Daemons
Requires: %name-krb5-common = %version-%release
%description ldap
Provides the LDAP back end that the SSSD can utilize to fetch
identity data from and authenticate against an LDAP server.
%package proxy
Summary: The proxy backend plugin for sssd
License: GPL-3.0+
Group: System/Daemons
%description proxy
Provides the proxy back end which can be used to wrap an existing NSS
and/or PAM modules to leverage SSSD caching.
%package tools %package tools
Summary: Commandline tools for sssd Summary: Commandline tools for sssd
@ -169,6 +223,23 @@ Requires: libsss_idmap0 = %version
%description -n libsss_idmap-devel %description -n libsss_idmap-devel
A utility library for FreeIPA to map Windows SIDs to Unix user/group IDs. A utility library for FreeIPA to map Windows SIDs to Unix user/group IDs.
%package -n libsss_nss_idmap0
Summary: FreeIPA ID mapping library
License: LGPL-3.0+
Group: System/Libraries
%description -n libsss_nss_idmap0
A utility library for FreeIPA to map Windows SIDs to Unix user/group IDs.
%package -n libsss_nss_idmap-devel
Summary: Development files for the FreeIPA idmap library
License: LGPL-3.0+
Group: Development/Libraries/C and C++
Requires: libsss_nss_idmap0 = %version
%description -n libsss_nss_idmap-devel
A utility library for FreeIPA to map Windows SIDs to Unix user/group IDs.
%package -n libsss_sudo %package -n libsss_sudo
Summary: A library to allow communication between sudo and SSSD Summary: A library to allow communication between sudo and SSSD
License: LGPL-3.0+ License: LGPL-3.0+
@ -183,7 +254,7 @@ A utility library to allow communication between sudo and SSSD.
%package -n python-ipa_hbac %package -n python-ipa_hbac
Summary: Python bindings for the FreeIPA HBAC Evaluator library Summary: Python bindings for the FreeIPA HBAC Evaluator library
License: GPL-3.0+ and LGPL-3.0+ License: LGPL-3.0+
Group: Development/Libraries/Python Group: Development/Libraries/Python
%py_requires %py_requires
@ -191,6 +262,16 @@ Group: Development/Libraries/Python
The python-ipa_hbac package contains the bindings so that libipa_hbac The python-ipa_hbac package contains the bindings so that libipa_hbac
can be used by Python applications. can be used by Python applications.
%package -n python-sss_nss_idmap
Summary: Python bindings for libsss_nss_idmap
License: LGPL-3.0+
Group: Development/Libraries/Python
%py_requires
%description -n python-sss_nss_idmap
The libsss_nss_idmap-python contains the bindings so that
libsss_nss_idmap can be used by Python applications.
%package -n python-sssd-config %package -n python-sssd-config
Summary: Python API for configuring sssd Summary: Python API for configuring sssd
License: GPL-3.0+ and LGPL-3.0+ License: GPL-3.0+ and LGPL-3.0+
@ -204,7 +285,7 @@ Security Services Daemon (sssd).
%prep %prep
%{?gpg_verify: %gpg_verify %{S:2}} %{?gpg_verify: %gpg_verify %{S:2}}
%setup -q %setup -q
%patch -P 1 -P 2 -P 3 -p1 %patch -P 1 -p1
%build %build
%if 0%{?suse_version} < 1210 %if 0%{?suse_version} < 1210
@ -231,7 +312,9 @@ autoreconf -fi;
--with-ldb-lib-dir="$LDB_DIR" \ --with-ldb-lib-dir="$LDB_DIR" \
--with-selinux=no \ --with-selinux=no \
--with-os=suse \ --with-os=suse \
--with-semanage=no --with-semanage=no \
--disable-ldb-version-check \
--disable-pac-responder
make %{?_smp_mflags} all make %{?_smp_mflags} all
@ -244,12 +327,14 @@ install -d "$b/%_mandir"/{cs,cs/man8,nl,nl/man8,pt,pt/man8,uk,uk/man1} \
"$b/%_mandir"/{uk/man5,uk/man8}; "$b/%_mandir"/{uk/man5,uk/man8};
install -d "$b/%_sysconfdir/sssd"; install -d "$b/%_sysconfdir/sssd";
install -m600 src/examples/sssd-example.conf "$b/%_sysconfdir/sssd/sssd.conf"; install -m600 src/examples/sssd-example.conf "$b/%_sysconfdir/sssd/sssd.conf";
install src/sysv/SUSE/sssd "$b/%_sysconfdir/init.d/sssd";
%if 0%{?_unitdir:1} %if 0%{?_unitdir:1}
install -d "$b/%_unitdir"; install -d "$b/%_unitdir";
install src/sysv/systemd/sssd.service "$b/%_unitdir/sssd.service"; install src/sysv/systemd/sssd.service "$b/%_unitdir/sssd.service";
rm -Rf "$b/%_initddir"
%else
install src/sysv/SUSE/sssd "$b/%_sysconfdir/init.d/sssd";
ln -sf ../../etc/init.d/sssd "$b/usr/sbin/rcsssd"
%endif %endif
ln -sf ../../etc/init.d/sssd $b/usr/sbin/rcsssd
find "$b" -type f -name "*.la" -delete; find "$b" -type f -name "*.la" -delete;
@ -293,65 +378,128 @@ fi;
%postun -n libipa_hbac0 -p /sbin/ldconfig %postun -n libipa_hbac0 -p /sbin/ldconfig
%post -n libsss_idmap0 -p /sbin/ldconfig %post -n libsss_idmap0 -p /sbin/ldconfig
%postun -n libsss_idmap0 -p /sbin/ldconfig %postun -n libsss_idmap0 -p /sbin/ldconfig
%post -n libsss_nss_idmap0 -p /sbin/ldconfig
%postun -n libsss_nss_idmap0 -p /sbin/ldconfig
%files -f sssd.lang %files -f sssd.lang
%defattr(-,root,root) %defattr(-,root,root)
%doc COPYING %doc COPYING
%_initrddir/%name
%if 0%{?_unitdir:1} %if 0%{?_unitdir:1}
%_unitdir %_unitdir
%else
%_initrddir/%name
%_sbindir/rcsssd
%endif %endif
%_bindir/sss_ssh_* %_bindir/sss_ssh_*
%_sbindir/sssd %_sbindir/sssd
%_sbindir/rcsssd %dir %_mandir/??/
%dir %_libdir/%name %dir %_mandir/??/man?/
%dir %_libexecdir/%name %_mandir/??/man1/sss_ssh_*
%dir %_mandir/cs %_mandir/??/man5/sssd-simple.5*
%dir %_mandir/cs/man8 %_mandir/??/man5/sssd-sudo.5*
%dir %_mandir/nl %_mandir/??/man5/sssd.conf.5*
%dir %_mandir/nl/man8 %_mandir/??/man8/sssd.8*
%dir %_mandir/pt
%dir %_mandir/pt/man8
%dir %_mandir/uk
%dir %_mandir/uk/man1
%dir %_mandir/uk/man5
%dir %_mandir/uk/man8
%_mandir/??/man?/*
%_mandir/man1/sss_ssh_* %_mandir/man1/sss_ssh_*
%_mandir/man5/sssd-ad.5*
%_mandir/man5/sssd-krb5.5*
%_mandir/man5/sssd-ldap.5*
%_mandir/man5/sssd-simple.5* %_mandir/man5/sssd-simple.5*
%_mandir/man5/sssd-sudo.5* %_mandir/man5/sssd-sudo.5*
%_mandir/man5/sssd.conf.5*
%_mandir/man8/sssd.8* %_mandir/man8/sssd.8*
%_mandir/man5/sssd.conf.5.gz %dir %_libdir/%name/
%_libexecdir/%name/sss* %_libdir/%name/libsss_child*
%_libexecdir/%name/*_child %_libdir/%name/libsss_crypt*
%_libdir/%name/libsss_ad.so %_libdir/%name/libsss_debug*
%_libdir/%name/libsss_krb5*
%_libdir/%name/libsss_ldap*
%_libdir/%name/libsss_proxy*
%_libdir/%name/libsss_simple* %_libdir/%name/libsss_simple*
%_libdir/%name/modules %_libdir/%name/libsss_util*
%_libdir/%name/modules/
%dir %_libdir/ldb/
%_libdir/ldb/memberof.so %_libdir/ldb/memberof.so
%dir %_libexecdir/%name/
%_libexecdir/%name/sssd_*
%dir %sssdstatedir %dir %sssdstatedir
%attr(700,root,root) %dir %dbpath %attr(700,root,root) %dir %dbpath/
%attr(755,root,root) %dir %pipepath %attr(755,root,root) %dir %pipepath/
%attr(700,root,root) %dir %pipepath/private %attr(700,root,root) %dir %pipepath/private/
%attr(755,root,root) %dir %pubconfpath %attr(755,root,root) %dir %pubconfpath/
%attr(750,root,root) %dir %_localstatedir/log/%name %attr(750,root,root) %dir %_localstatedir/log/%name/
%dir %_sysconfdir/sssd %dir %_sysconfdir/sssd/
%config(noreplace) %_sysconfdir/sssd/sssd.conf %config(noreplace) %_sysconfdir/sssd/sssd.conf
%_datadir/sssd %dir %_datadir/%name/
%exclude %_datadir/sssd/sssd.api.d/sssd-ipa.conf %_datadir/%name/sssd.api.conf
%dir %_datadir/%name/sssd.api.d/
%_datadir/%name/sssd.api.d/sssd-local.conf
%_datadir/%name/sssd.api.d/sssd-simple.conf
# #
# client side # sssd-client
# #
/%_lib/libnss_sss.so.2 /%_lib/libnss_sss.so.2
/%_lib/security/pam_sss.so /%_lib/security/pam_sss.so
%_libdir/krb5/plugins/libkrb5/* %_libdir/krb5/plugins/libkrb5/*
%_mandir/man8/pam_sss.8.gz %_mandir/??/man8/pam_sss.8*
%_mandir/man8/sssd_krb5_locator_plugin.8.gz %_mandir/??/man8/sssd_krb5_locator_plugin.8*
%_mandir/man8/pam_sss.8*
%_mandir/man8/sssd_krb5_locator_plugin.8*
%files ad
%defattr(-,root,root)
%dir %_libdir/%name/
%_libdir/%name/libsss_ad.so
%dir %_datadir/%name/
%dir %_datadir/%name/sssd.api.d/
%_datadir/%name/sssd.api.d/sssd-ad.conf
%dir %_mandir/??/man5/
%_mandir/man5/sssd-ad.5*
%_mandir/??/man5/sssd-ad.5*
%files ipa
%defattr(-,root,root)
%dir %_libdir/%name/
%_libdir/%name/libsss_ipa*
%dir %_datadir/%name/
%dir %_datadir/%name/sssd.api.d
%_datadir/%name/sssd.api.d/sssd-ipa.conf
%dir %_mandir/??/man5/
%_mandir/man5/sssd-ipa.5*
%_mandir/??/man5/sssd-ipa.5*
%files krb5
%defattr(-,root,root)
%dir %_libdir/%name/
%_libdir/%name/libsss_krb5.so
%dir %_datadir/%name/
%dir %_datadir/%name/sssd.api.d/
%_datadir/%name/sssd.api.d/sssd-krb5.conf
%dir %_mandir/??/man5/
%_mandir/man5/sssd-krb5.5*
%_mandir/??/man5/sssd-krb5.5*
%files krb5-common
%defattr(-,root,root)
%dir %_libdir/%name/
%_libdir/%name/libsss_krb5_common.so
%dir %_libexecdir/%name/
%_libexecdir/%name/krb5_child
%_libexecdir/%name/ldap_child
%files ldap
%defattr(-,root,root)
%dir %_libdir/%name/
%_libdir/%name/libsss_ldap*
%dir %_datadir/%name/
%dir %_datadir/%name/sssd.api.d/
%_datadir/%name/sssd.api.d/sssd-ldap.conf
%dir %_mandir/??/man5/
%_mandir/??/man5/sssd-ldap.5*
%_mandir/man5/sssd-ldap.5*
%files proxy
%defattr(-,root,root)
%dir %_libdir/%name/
%_libdir/%name/libsss_proxy.so
%dir %_libexecdir/%name/
%_libexecdir/%name/proxy_child
%dir %_datadir/%name/
%dir %_datadir/%name/sssd.api.d/
%_datadir/%name/sssd.api.d/sssd-proxy.conf
%files tools %files tools
%defattr(-,root,root) %defattr(-,root,root)
@ -362,29 +510,13 @@ fi;
%_sbindir/sss_groupmod %_sbindir/sss_groupmod
%_sbindir/sss_groupshow %_sbindir/sss_groupshow
%_sbindir/sss_seed %_sbindir/sss_seed
%_sbindir/sss_obfuscate
%_sbindir/sss_useradd %_sbindir/sss_useradd
%_sbindir/sss_userdel %_sbindir/sss_userdel
%_sbindir/sss_usermod %_sbindir/sss_usermod
%_mandir/man8/sss_groupadd.8* %dir %_mandir/??/man8/
%_mandir/man8/sss_groupdel.8* %_mandir/??/man8/sss_*.8*
%_mandir/man8/sss_groupmod.8* %_mandir/man8/sss_*.8*
%_mandir/man8/sss_groupshow.8*
%_mandir/man8/sss_seed.8*
%_mandir/man8/sss_useradd.8*
%_mandir/man8/sss_userdel.8*
%_mandir/man8/sss_usermod.8*
%_mandir/man8/sss_obfuscate.8*
%_mandir/man8/sss_cache.8*
%_mandir/man8/sss_debuglevel.8*
%attr(0755,root,root) %_sbindir/sss_obfuscate
%files ipa-provider
%defattr(-,root,root)
%dir %_datadir/sssd
%dir %_datadir/sssd/sssd.api.d
%_datadir/sssd/sssd.api.d/sssd-ipa.conf
%_libdir/sssd/libsss_ipa*
%_mandir/man5/sssd-ipa.*
%files -n libipa_hbac0 %files -n libipa_hbac0
%defattr(-,root,root) %defattr(-,root,root)
@ -406,15 +538,30 @@ fi;
%_libdir/libsss_idmap.so %_libdir/libsss_idmap.so
%_libdir/pkgconfig/sss_idmap.pc %_libdir/pkgconfig/sss_idmap.pc
%files -n libsss_nss_idmap0
%defattr(-,root,root)
%_libdir/libsss_nss_idmap.so.0*
%files -n libsss_nss_idmap-devel
%defattr(-,root,root)
%_includedir/sss_nss_idmap.h
%_libdir/libsss_nss_idmap.so
%_libdir/pkgconfig/sss_nss_idmap.pc
%files -n libsss_sudo %files -n libsss_sudo
%defattr(-,root,root) %defattr(-,root,root)
%_includedir/sss_sudo.h
%_libdir/libsss_sudo.so %_libdir/libsss_sudo.so
%files -n python-ipa_hbac %files -n python-ipa_hbac
%defattr(-,root,root) %defattr(-,root,root)
%dir %python_sitearch
%python_sitearch/pyhbac.so %python_sitearch/pyhbac.so
%files -n python-sss_nss_idmap
%defattr(-,root,root)
%dir %python_sitearch
%python_sitearch/pysss_nss_idmap.so
%files -n python-sssd-config %files -n python-sssd-config
%defattr(-,root,root) %defattr(-,root,root)
%python_sitearch/pysss.so %python_sitearch/pysss.so