From 6d7788fd0a74c899382a027d14b0105a19143461f1a709818037e5f8cccb966d Mon Sep 17 00:00:00 2001 From: Samuel Cabrero Date: Fri, 19 Mar 2021 14:41:35 +0000 Subject: [PATCH] OBS-URL: https://build.opensuse.org/package/show/network:ldap/sssd?expand=0&rev=242 --- sssd.changes | 7 +++++++ sssd.spec | 29 ++++++++++++++++++++++++++++- 2 files changed, 35 insertions(+), 1 deletion(-) diff --git a/sssd.changes b/sssd.changes index 032eaab..4938709 100644 --- a/sssd.changes +++ b/sssd.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Tue Feb 23 12:43:38 UTC 2021 - Aurelien Aptel + +- Make cifs-idmap plugin (cifs_idmap_sss.so) use update-alternatives + mechanism to be able to switch between cifs-utils and sssd; + (bsc#1182682). + ------------------------------------------------------------------- Fri Feb 19 17:30:58 UTC 2021 - Jan Engelhardt diff --git a/sssd.spec b/sssd.spec index 7ab5828..b38af8d 100644 --- a/sssd.spec +++ b/sssd.spec @@ -37,6 +37,17 @@ Patch1: krb-noversion.diff %define pubconfpath %sssdstatedir/pubconf %define gpocachepath %sssdstatedir/gpo_cache +# Both SSSD and cifs-utils provide an idmap plugin for cifs.ko +# /etc/cifs-utils/idmap-plugin should be a symlink to one of the 2 idmap plugins +# * cifs-utils one is the default (priority 20) +# * installing SSSD should NOT switch to SSSD plugin (priority 10) +%define cifs_idmap_plugin %{_sysconfdir}/cifs-utils/idmap-plugin +%define cifs_idmap_lib %{_libdir}/cifs-utils/cifs_idmap_sss.so +%define cifs_idmap_name cifs-idmap-plugin +%define cifs_idmap_priority 10 +Requires(post): update-alternatives +Requires(postun): update-alternatives + BuildRequires: autoconf >= 2.59 BuildRequires: automake BuildRequires: bind-utils @@ -410,6 +421,10 @@ mkdir -pv "$b/%sssdstatedir/mc" find "$b" -type f -name "*.la" -print -delete %find_lang %name --all-name +# dummy target for cifs-idmap-plugin +mkdir -p %{buildroot}%{_sysconfdir}/alternatives %{buildroot}%{_sysconfdir}/cifs-utils +ln -s -f %{_sysconfdir}/alternatives/%{cifs_idmap_name} %{buildroot}%{cifs_idmap_plugin} + %check # sss_config-tests fails %make_build check || : @@ -424,6 +439,9 @@ find "$b" -type f -name "*.la" -print -delete /bin/sed -i -e 's,^krb5_kdcip =,krb5_server =,g' %_sysconfdir/sssd/sssd.conf %service_add_post %services +# install SSSD cifs-idmap plugin as an alternative +update-alternatives --install %{cifs_idmap_plugin} %{cifs_idmap_name} %{cifs_idmap_lib} %{cifs_idmap_priority} + %preun %service_del_preun %services @@ -438,6 +456,10 @@ rm -f /var/lib/sss/db/*.ldb # del_postun includes a try-restart %service_del_postun %services +if [ ! -f %{cifs_idmap_lib} ] ; then + update-alternatives --remove %{cifs_idmap_name} %{cifs_idmap_lib} +fi + %post -n libsss_certmap0 -p /sbin/ldconfig %postun -n libsss_certmap0 -p /sbin/ldconfig %post -n libipa_hbac0 -p /sbin/ldconfig @@ -581,7 +603,6 @@ rm -f /var/lib/sss/db/*.ldb /%_lib/libnss_sss.so.2 /%_lib/security/pam_sss.so /%_lib/security/pam_sss_gss.so -%_libdir/cifs-utils/ %_libdir/krb5/ %_libdir/%name/modules/sssd_krb5_localauth_plugin.so %_mandir/??/man8/sssd_krb5_locator_plugin.8* @@ -589,6 +610,12 @@ rm -f /var/lib/sss/db/*.ldb %_mandir/man8/pam_sss.8* %_mandir/man8/pam_sss_gss.8* %_mandir/man8/sssd_krb5_locator_plugin.8* +# cifs idmap plugin +%dir %_sysconfdir/cifs-utils +%{cifs_idmap_plugin} +%dir %_libdir/cifs-utils +%{cifs_idmap_lib} +%ghost %_sysconfdir/alternatives/%{cifs_idmap_name} %files ad %dir %_libdir/%name/