OBS-URL: https://build.opensuse.org/package/show/network:ldap/sssd?expand=0&rev=242

2021-03-19 14:41:35 +00:00 · 2021-03-19 14:41:35 +00:00 · 6d7788fd0a
commit 6d7788fd0a
parent bf4ece58e7
2 changed files with 35 additions and 1 deletions
--- a/sssd.changes
+++ b/sssd.changes
@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Tue Feb 23 12:43:38 UTC 2021 - Aurelien Aptel <aaptel@suse.com>
+
+- Make cifs-idmap plugin (cifs_idmap_sss.so) use update-alternatives
+  mechanism to be able to switch between cifs-utils and sssd;
+  (bsc#1182682).
+
 -------------------------------------------------------------------
 Fri Feb 19 17:30:58 UTC 2021 - Jan Engelhardt <jengelh@inai.de>

--- a/sssd.spec
+++ b/sssd.spec
@ -37,6 +37,17 @@ Patch1:         krb-noversion.diff
 %define pubconfpath	%sssdstatedir/pubconf
 %define gpocachepath	%sssdstatedir/gpo_cache

+# Both SSSD and cifs-utils provide an idmap plugin for cifs.ko
+# /etc/cifs-utils/idmap-plugin should be a symlink to one of the 2 idmap plugins
+# * cifs-utils one is the default (priority 20)
+# * installing SSSD should NOT switch to SSSD plugin (priority 10)
+%define cifs_idmap_plugin       %{_sysconfdir}/cifs-utils/idmap-plugin
+%define cifs_idmap_lib          %{_libdir}/cifs-utils/cifs_idmap_sss.so
+%define cifs_idmap_name         cifs-idmap-plugin
+%define cifs_idmap_priority     10
+Requires(post): update-alternatives
+Requires(postun): update-alternatives
+
 BuildRequires:  autoconf >= 2.59
 BuildRequires:  automake
 BuildRequires:  bind-utils
@ -410,6 +421,10 @@ mkdir -pv "$b/%sssdstatedir/mc"
 find "$b" -type f -name "*.la" -print -delete
 %find_lang %name --all-name

+# dummy target for cifs-idmap-plugin
+mkdir -p %{buildroot}%{_sysconfdir}/alternatives %{buildroot}%{_sysconfdir}/cifs-utils
+ln -s -f %{_sysconfdir}/alternatives/%{cifs_idmap_name} %{buildroot}%{cifs_idmap_plugin}
+
 %check
 # sss_config-tests fails
 %make_build check || :
@ -424,6 +439,9 @@ find "$b" -type f -name "*.la" -print -delete
 /bin/sed -i -e 's,^krb5_kdcip =,krb5_server =,g' %_sysconfdir/sssd/sssd.conf
 %service_add_post %services

+# install SSSD cifs-idmap plugin as an alternative
+update-alternatives --install %{cifs_idmap_plugin} %{cifs_idmap_name} %{cifs_idmap_lib} %{cifs_idmap_priority}
+
 %preun
 %service_del_preun %services

@ -438,6 +456,10 @@ rm -f /var/lib/sss/db/*.ldb
 # del_postun includes a try-restart
 %service_del_postun %services

+if [ ! -f %{cifs_idmap_lib} ] ; then
+    update-alternatives --remove %{cifs_idmap_name} %{cifs_idmap_lib}
+fi
+
 %post   -n libsss_certmap0 -p /sbin/ldconfig
 %postun -n libsss_certmap0 -p /sbin/ldconfig
 %post   -n libipa_hbac0 -p /sbin/ldconfig
@ -581,7 +603,6 @@ rm -f /var/lib/sss/db/*.ldb
 /%_lib/libnss_sss.so.2
 /%_lib/security/pam_sss.so
 /%_lib/security/pam_sss_gss.so
-%_libdir/cifs-utils/
 %_libdir/krb5/
 %_libdir/%name/modules/sssd_krb5_localauth_plugin.so
 %_mandir/??/man8/sssd_krb5_locator_plugin.8*
@ -589,6 +610,12 @@ rm -f /var/lib/sss/db/*.ldb
 %_mandir/man8/pam_sss.8*
 %_mandir/man8/pam_sss_gss.8*
 %_mandir/man8/sssd_krb5_locator_plugin.8*
+# cifs idmap plugin
+%dir %_sysconfdir/cifs-utils
+%{cifs_idmap_plugin}
+%dir %_libdir/cifs-utils
+%{cifs_idmap_lib}
+%ghost %_sysconfdir/alternatives/%{cifs_idmap_name}

 %files ad
 %dir %_libdir/%name/