From 86e7668f301f63da40b99120f569c731360d987db7df1c400f9e4cce7f278b64 Mon Sep 17 00:00:00 2001
From: OBS User unknown <null@suse.de>
Date: Thu, 2 Jan 2025 17:58:20 +0000
Subject: [PATCH] 
 [info=cd05c14a49b9600916b3ace67564befd817f17fbbae208a2197db413e82a7560]

OBS-URL: https://build.opensuse.org/package/show/network:ldap/sssd?expand=0&rev=333
---
 ...OOL-Fix-build-parameter-name-omitted.patch | 85 +++++++++++++++++++
 _scmsync.obsinfo                              |  4 +-
 build.specials.obscpio                        |  2 +-
 sssd.spec                                     | 16 +++-
 4 files changed, 101 insertions(+), 6 deletions(-)
 create mode 100644 0001-TOOL-Fix-build-parameter-name-omitted.patch

diff --git a/0001-TOOL-Fix-build-parameter-name-omitted.patch b/0001-TOOL-Fix-build-parameter-name-omitted.patch
new file mode 100644
index 0000000..6bda949
--- /dev/null
+++ b/0001-TOOL-Fix-build-parameter-name-omitted.patch
@@ -0,0 +1,85 @@
+From b927ca4196f828bda6d5db6c6a6d852389bfede0 Mon Sep 17 00:00:00 2001
+From: Samuel Cabrero <scabrero@suse.de>
+Date: Thu, 2 Jan 2025 14:09:17 +0100
+Subject: [PATCH] TOOL: Fix build, parameter name omitted
+
+Signed-off-by: Samuel Cabrero <scabrero@suse.de>
+---
+ src/tools/sssctl/sssctl_data.c | 8 ++++----
+ src/tools/sssctl/sssctl_logs.c | 6 +++---
+ 2 files changed, 7 insertions(+), 7 deletions(-)
+
+diff --git a/src/tools/sssctl/sssctl_data.c b/src/tools/sssctl/sssctl_data.c
+index b28556e73..a473e7e14 100644
+--- a/src/tools/sssctl/sssctl_data.c
++++ b/src/tools/sssctl/sssctl_data.c
+@@ -125,7 +125,7 @@ static errno_t sssctl_backup(bool force)
+ }
+ 
+ errno_t sssctl_client_data_backup(struct sss_cmdline *cmdline,
+-                                  struct sss_tool_ctx *)
++                                  struct sss_tool_ctx *tool_ctx)
+ {
+     struct sssctl_data_opts opts = {0};
+     errno_t ret;
+@@ -184,7 +184,7 @@ static errno_t sssctl_restore(bool force_start, bool force_restart)
+ }
+ 
+ errno_t sssctl_client_data_restore(struct sss_cmdline *cmdline,
+-                                   struct sss_tool_ctx *)
++                                   struct sss_tool_ctx *tool_ctx)
+ {
+     struct sssctl_data_opts opts = {0};
+     errno_t ret;
+@@ -206,7 +206,7 @@ errno_t sssctl_client_data_restore(struct sss_cmdline *cmdline,
+ }
+ 
+ errno_t sssctl_cache_remove(struct sss_cmdline *cmdline,
+-                            struct sss_tool_ctx *)
++                            struct sss_tool_ctx *tool_ctx)
+ {
+     struct sssctl_data_opts opts = {0};
+     errno_t ret;
+@@ -413,7 +413,7 @@ done:
+ }
+ 
+ errno_t sssctl_cache_index(struct sss_cmdline *cmdline,
+-                           struct sss_tool_ctx *)
++                           struct sss_tool_ctx *tool_ctx)
+ {
+     const char *attr = NULL;
+     const char *action_str = NULL;
+diff --git a/src/tools/sssctl/sssctl_logs.c b/src/tools/sssctl/sssctl_logs.c
+index f8ef9f2c6..8ba18b394 100644
+--- a/src/tools/sssctl/sssctl_logs.c
++++ b/src/tools/sssctl/sssctl_logs.c
+@@ -418,7 +418,7 @@ int parse_debug_level(const char *strlevel)
+ }
+ 
+ errno_t sssctl_logs_remove(struct sss_cmdline *cmdline,
+-                           struct sss_tool_ctx *)
++                           struct sss_tool_ctx *tool_ctx)
+ {
+     struct sssctl_logs_opts opts = {0};
+     errno_t ret;
+@@ -470,7 +470,7 @@ errno_t sssctl_logs_remove(struct sss_cmdline *cmdline,
+ }
+ 
+ errno_t sssctl_logs_fetch(struct sss_cmdline *cmdline,
+-                          struct sss_tool_ctx *)
++                          struct sss_tool_ctx *tool_ctx)
+ {
+     const char *file = NULL;
+     errno_t ret;
+@@ -587,7 +587,7 @@ fini:
+ }
+ 
+ errno_t sssctl_analyze(struct sss_cmdline *cmdline,
+-                       struct sss_tool_ctx *)
++                       struct sss_tool_ctx *tool_ctx)
+ {
+ #ifndef BUILD_CHAIN_ID
+     PRINT("ERROR: Tevent chain ID support missing, log analyzer is unsupported.\n");
+-- 
+2.47.1
+
diff --git a/_scmsync.obsinfo b/_scmsync.obsinfo
index 7cc2a89..9487338 100644
--- a/_scmsync.obsinfo
+++ b/_scmsync.obsinfo
@@ -1,4 +1,4 @@
-mtime: 1734682844
-commit: 1507d9a0944d5e4561b50f5711c11410c6102db2357375f84d4e99c977e11c66
+mtime: 1735824824
+commit: cd05c14a49b9600916b3ace67564befd817f17fbbae208a2197db413e82a7560
 url: https://src.opensuse.org/jengelh/sssd
 revision: master
diff --git a/build.specials.obscpio b/build.specials.obscpio
index 43937e3..8f5594f 100644
--- a/build.specials.obscpio
+++ b/build.specials.obscpio
@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:5cef82fe2efad31ced57e8be6a100bc78b17ba52373d3567d44c87746a418e28
+oid sha256:ad06894f2980a38b30ed36cd59bf7d6590c73c717b8f9f5dd63797ab1bf63284
 size 256
diff --git a/sssd.spec b/sssd.spec
index a79967b..724de9e 100644
--- a/sssd.spec
+++ b/sssd.spec
@@ -28,6 +28,7 @@ Source:         https://github.com/SSSD/sssd/releases/download/%version/%name-%v
 Source2:        https://github.com/SSSD/sssd/releases/download/%version/%name-%version.tar.gz.asc
 Source3:        baselibs.conf
 Source5:        %name.keyring
+Patch1:         0001-TOOL-Fix-build-parameter-name-omitted.patch
 Patch11:        krb-noversion.diff
 Patch12:        harden_sssd-ifp.service.patch
 Patch13:        harden_sssd-kcm.service.patch
@@ -48,6 +49,7 @@ BuildRequires:  libtool
 BuildRequires:  libunistring-devel
 BuildRequires:  libxml2-tools
 BuildRequires:  libxslt-tools
+BuildRequires:  libopenssl-3-devel
 BuildRequires:  nscd
 BuildRequires:  nss_wrapper
 BuildRequires:  openldap2-devel
@@ -121,6 +123,13 @@ Obsoletes:      sssd-common < %version-%release
 %define mcpath		%sssdstatedir/mc
 %define ldbdir %(pkg-config ldb --variable=modulesdir)
 
+
+%if 0%{?suse_version} >= 1600
+%define permissions_path %_datadir/permissions/permissions.d/
+%else
+%define permissions_path %_sysconfdir/permissions.d/
+%endif
+
 # Both SSSD and cifs-utils provide an idmap plugin for cifs.ko
 # %%_sysconfdir/cifs-utils/idmap-plugin should be a symlink to one of the 2 idmap plugins
 # * cifs-utils one is the default (priority 20)
@@ -475,7 +484,7 @@ sed -i '1s@#!.*python.*@#!%_bindir/python3.11@' "$b/%_libexecdir/%name/sss_analy
 %endif
 
 echo 'u sssd - "System Security Services Daemon" /run/sssd /sbin/nologin' >system-user-sssd.conf
-mkdir -p "$b/%_sysusersdir" "$b/etc/permissions.d"
+mkdir -p "$b/%_sysusersdir"
 cp -a system-user-sssd.conf "$b/%_sysusersdir/"
 %sysusers_generate_pre system-user-sssd.conf random system-user-sssd.conf
 install -Dpm 0644 contrib/sssd-tmpfiles.conf "%buildroot/%_tmpfilesdir/%name.conf"
@@ -484,7 +493,8 @@ install -Dpm 0644 contrib/sssd-tmpfiles.conf "%buildroot/%_tmpfilesdir/%name.con
 # https://www.openwall.com/lists/oss-security/2024/12/19/1
 #
 # should match entry from %%files list
-cat >"$b/etc/permissions.d/sssd" <<-EOF
+mkdir -p "$b/%permissions_path"
+cat >"$b/%permissions_path/sssd" <<-EOF
 	%_libexecdir/sssd/sssd_pam root:sssd 0750
 	 +capabilities cap_dac_read_search=p
 	%_libexecdir/sssd/selinux_child root:sssd 0750
@@ -645,7 +655,7 @@ fi
 %_unitdir/sssd-sudo.service
 %_sysusersdir/*sssd*
 %_tmpfilesdir/*sssd*
-%_sysconfdir/permissions.d/*
+%permissions_path/sssd
 %_datadir/polkit-1/
 %_bindir/sss_ssh_*
 %_sbindir/sssd