#
# spec file for package sssd
#
# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via http://bugs.opensuse.org/
#

Name:           sssd
Version:        1.8.2
Release:        0
Summary:        System Security Services Daemon
License:        GPL-3.0+ and LGPL-3.0+
Group:          System/Daemons
Url:            https://fedorahosted.org/sssd/
Source0:        %{name}-%{version}.tar.gz
#removed bz2
Source1:        baselibs.conf
Patch3:         0003-Allow-LDAP-to-decide-when-an-expiration-warning-is-w.patch
Patch4:         0004-avoid-hard-crypto-dep.diff
Patch5:         0005-implicit-decl.diff
BuildRoot:      %{_tmppath}/%{name}-%{version}-build

%if %suse_version >= 1210
%{?systemd_requires}
%endif

%define servicename sssd
%define sssdstatedir %{_localstatedir}/lib/sss
%define dbpath %{sssdstatedir}/db
%define pipepath %{sssdstatedir}/pipes
%define pubconfpath %{sssdstatedir}/pubconf

# SLES11 doesn't know the python_* macros
%if %suse_version <= 1110
%define python_sitelib %py_sitedir
%define python_sitearch %py_sitedir
%endif

### Build Dependencies ###
%if 0%{?suse_version} >= 1210
BuildRequires:  pkgconfig(collection) >= 0.5.1
BuildRequires:  pkgconfig(dbus-1)
BuildRequires:  pkgconfig(dhash) >= 0.4.2
BuildRequires:  pkgconfig(ini_config) >= 0.6.1
BuildRequires:  pkgconfig(ldb) >= 0.9.2
BuildRequires:  pkgconfig(libcares)
BuildRequires:  pkgconfig(libcrypto)
BuildRequires:  pkgconfig(libnl-1) >= 1.1
BuildRequires:  pkgconfig(libpcre) >= 7
BuildRequires:  pkgconfig(popt)
BuildRequires:  pkgconfig(python)
BuildRequires:  pkgconfig(talloc)
BuildRequires:  pkgconfig(tdb) >= 1.1.3
BuildRequires:  pkgconfig(tevent)
%else
BuildRequires:  dbus-1-devel
BuildRequires:  libcares-devel
BuildRequires:  libcollection-devel >= 0.5.1
BuildRequires:  libdhash-devel >= 0.4.2
BuildRequires:  libini_config-devel >= 0.6.1
BuildRequires:  libldb-devel >= 0.9.2
BuildRequires:  libnl-devel >= 1.1
BuildRequires:  libopenssl-devel
BuildRequires:  libtalloc-devel
BuildRequires:  libtdb-devel >= 1.1.3
BuildRequires:  libtevent-devel
BuildRequires:  pcre-devel >= 7
BuildRequires:  popt-devel
BuildRequires:  python-devel
%endif
BuildRequires:  autoconf
BuildRequires:  automake
BuildRequires:  bind-utils
BuildRequires:  docbook-xsl-stylesheets
BuildRequires:  krb5-devel
BuildRequires:  libtool
%if 0%{?sles_version} == 11
# SLES 11 SP2 does not have libunistring
BuildRequires:  glib2-devel
%else
BuildRequires:  libunistring-devel
%endif
BuildRequires:  libxml2
BuildRequires:  libxslt
BuildRequires:  nscd
BuildRequires:  openldap2-devel
BuildRequires:  pam-devel
BuildRequires:  pkg-config
%if %suse_version >= 1210
BuildRequires:  systemd
%endif

%description
Provides a set of daemons to manage access to remote directories and
authentication mechanisms. It provides an NSS and PAM interface toward
the system and a pluggable backend system to connect to multiple different
account sources. It is also the basis to provide client auditing and policy
services for projects like FreeIPA.

%package ipa-provider
Summary:        FreeIPA provider plugin for sssd
License:        GPL-3.0+ and LGPL-3.0+
Group:          System/Daemons
Requires:       sssd = %{version}

%description ipa-provider
This package provide the FreeIPA provider plugin for the System Security
Services Daemon (sssd).

%package tools
Summary:        Commandline tools for sssd
License:        GPL-3.0+ and LGPL-3.0+
Group:          System/Management
Requires:       sssd = %{version}

%description tools
The packages contains commandline tools for managing users and groups using
the "local" id provider of the System Security Services Daemon (sssd).

%package -n libipa_hbac0
Summary:        FreeIPA HBAC Evaluator library
License:        LGPL-3.0+
Group:          System/Libraries

%description -n libipa_hbac0
Utility library to validate FreeIPA HBAC rules for authorization
requests.

%package -n libipa_hbac-devel
Summary:        Development files for the FreeIPA HBAC Evaluator library
License:        LGPL-3.0+
Group:          Development/Libraries/C and C++
Requires:       libipa_hbac0 = %version

%description -n libipa_hbac-devel
Utility library to validate FreeIPA HBAC rules for authorization
requests.

%package -n python-ipa_hbac
Summary:        Python bindings for the FreeIPA HBAC Evaluator library
License:        GPL-3.0+ and LGPL-3.0+
Group:          Development/Libraries/Python
%py_requires

%description -n python-ipa_hbac
The python-ipa_hbac package contains the bindings so that libipa_hbac
can be used by Python applications.

%package -n python-sssd-config
Summary:        Python API for configuring sssd
License:        GPL-3.0+ and LGPL-3.0+
Group:          Development/Libraries/Python
%{py_requires}

%description -n python-sssd-config
Provide python module to access and manage configuration of the System 
Security Services Daemon (sssd).

%prep
%setup -q
%patch -P 3 -P 4 -P 5 -p1

%build
autoreconf
%if 0%{?suse_version} < 1210
# pkgconfig file not present
export LDB_LIBS="-lldb"
export LDB_CFLAGS=" "
export LDB_DIR="%_libdir/ldb"
%else
export LDB_DIR="$(pkg-config ldb --variable=modulesdir)"
%endif

# help configure find nscd
export PATH="$PATH:/usr/sbin"

%configure \
    --with-db-path=%{dbpath} \
    --with-pipe-path=%{pipepath} \
    --with-pubconf-path=%{pubconfpath} \
    --with-init-dir=%{_initrddir} \
    --enable-nsslibdir=/%{_lib} \
    --enable-pammoddir=/%{_lib}/security \
    --with-ldb-lib-dir="$LDB_DIR" \
    --with-selinux=no \
    --with-os=suse \
%if 0%{?sles_version} == 11
    --with-semanage=no \
    --with-unicode-lib=glib2
%else
    --with-semanage=no
%endif
    
make %{?_smp_mflags} all

%install
make install DESTDIR=$RPM_BUILD_ROOT

# Copy default sssd.conf file
install -d %{buildroot}%{_mandir}/cs
install -d %{buildroot}%{_mandir}/cs/man8
install -d %{buildroot}%{_mandir}/nl
install -d %{buildroot}%{_mandir}/nl/man8
install -d %{buildroot}%{_mandir}/pt
install -d %{buildroot}%{_mandir}/pt/man8
install -d %{buildroot}%{_mandir}/uk
install -d %{buildroot}%{_mandir}/uk/man1
install -d %{buildroot}%{_mandir}/uk/man5
install -d %{buildroot}%{_mandir}/uk/man8
install -d $RPM_BUILD_ROOT/%{_sysconfdir}/sssd
install -m600 src/examples/sssd-example.conf $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.conf
install src/sysv/SUSE/sssd $RPM_BUILD_ROOT%{_sysconfdir}/init.d/sssd
%if %suse_version >= 1210
install -d $RPM_BUILD_ROOT/%{_unitdir}
install src/sysv/systemd/sssd.service $RPM_BUILD_ROOT/%{_unitdir}/sssd.service
%endif
ln -sf ../../etc/init.d/sssd $RPM_BUILD_ROOT/usr/sbin/rcsssd

# Remove .la files created by libtool
find "%buildroot" -type f -name "*.la" -delete;

%if %suse_version <= 1110
# remove some unsupported languages, sssd does not contain
# translations for these anyway
rm -rf \
    $RPM_BUILD_ROOT/usr/share/locale/fa_IR \
    $RPM_BUILD_ROOT/usr/share/locale/ja_JP \
    $RPM_BUILD_ROOT/usr/share/locale/lt_LT \
    $RPM_BUILD_ROOT/usr/share/locale/ta_IN \
    $RPM_BUILD_ROOT/usr/share/locale/vi_VN
%endif

%find_lang %{name} --all-name

%if %suse_version >= 1210

%pre
%service_add_pre sssd.service
%endif

%post
/sbin/ldconfig
%if %suse_version >= 1210
%service_add_post sssd.service
%endif

%preun
%stop_on_removal sssd
%if %suse_version >= 1210
%service_del_preun sssd.service
%endif

%postun
/sbin/ldconfig
%restart_on_update sssd
%insserv_cleanup
%if %suse_version >= 1210
%service_del_postun sssd.service
%endif

%post -n libipa_hbac0 -p /sbin/ldconfig

%postun -n libipa_hbac0 -p /sbin/ldconfig

%files -f sssd.lang
%defattr(-,root,root,-)
%doc COPYING
%{_initrddir}/%{name}
%if %suse_version >= 1210
%{_unitdir}/sssd.service
%endif
%{_sbindir}/sssd
%{_sbindir}/rcsssd
%dir %{_libdir}/%{name}
%dir %{_libexecdir}/%{name}
%dir %{_mandir}/cs
%dir %{_mandir}/cs/man8
%dir %{_mandir}/nl
%dir %{_mandir}/nl/man8
%dir %{_mandir}/pt
%dir %{_mandir}/pt/man8
%dir %{_mandir}/uk
%dir %{_mandir}/uk/man1
%dir %{_mandir}/uk/man5
%dir %{_mandir}/uk/man8
%{_mandir}/??/man?/*
%{_mandir}/man5/sssd-krb5.5*
%{_mandir}/man5/sssd-ldap.5*
%{_mandir}/man5/sssd-simple.5*
%{_mandir}/man8/sssd.8*
%{_mandir}/man5/sssd.conf.5.gz
%{_mandir}/man8/pam_sss.8.gz
%{_mandir}/man8/sssd_krb5_locator_plugin.8.gz
%{_libexecdir}/%{name}/sss*
%{_libexecdir}/%{name}/*_child
%{_libdir}/%{name}/libsss_krb5*
%{_libdir}/%{name}/libsss_ldap*
%{_libdir}/%{name}/libsss_proxy*
%{_libdir}/%{name}/libsss_simple*
%{_libdir}/ldb/memberof.so
%{_libdir}/krb5/plugins/libkrb5/*
%dir %{sssdstatedir}
%attr(700,root,root) %dir %{dbpath}
%attr(755,root,root) %dir %{pipepath}
%attr(700,root,root) %dir %{pipepath}/private
%attr(755,root,root) %dir %{pubconfpath}
%attr(750,root,root) %dir %{_var}/log/%{name}
%dir %{_sysconfdir}/sssd
%config(noreplace) %{_sysconfdir}/sssd/sssd.conf
/%{_lib}/libnss_sss.so.2
/%{_lib}/security/pam_sss.so
%_datadir/sssd
%exclude %_datadir/sssd/sssd.api.d/sssd-ipa.conf

%files tools
%defattr(-,root,root,-)
%{_sbindir}/sss_cache
%{_sbindir}/sss_debuglevel
%{_sbindir}/sss_useradd
%{_sbindir}/sss_userdel
%{_sbindir}/sss_usermod
%{_sbindir}/sss_groupadd
%{_sbindir}/sss_groupdel
%{_sbindir}/sss_groupmod
%{_sbindir}/sss_groupshow
%{_mandir}/man8/sss_groupadd.8*
%{_mandir}/man8/sss_groupdel.8*
%{_mandir}/man8/sss_groupmod.8*
%{_mandir}/man8/sss_groupshow.8*
%{_mandir}/man8/sss_useradd.8*
%{_mandir}/man8/sss_userdel.8*
%{_mandir}/man8/sss_usermod.8*
%{_mandir}/man8/sss_obfuscate.8*
%{_mandir}/man8/sss_cache.8*
%{_mandir}/man8/sss_debuglevel.8*
%attr(0755,root,root) %{_sbindir}/sss_obfuscate

%files ipa-provider
%defattr(-,root,root,-)
%dir %_datadir/sssd
%dir %_datadir/sssd/sssd.api.d
%_datadir/sssd/sssd.api.d/sssd-ipa.conf
%{_libdir}/sssd/libsss_ipa*
%{_mandir}/man5/sssd-ipa.*

%files -n libipa_hbac0
%defattr(-,root,root)
%_libdir/libipa_hbac.so.0*

%files -n libipa_hbac-devel
%defattr(-,root,root)
%_includedir/ipa_hbac.h
%_libdir/libipa_hbac.so
%_libdir/pkgconfig/ipa_hbac.pc

%files -n python-ipa_hbac
%defattr(-,root,root)
%python_sitearch/pyhbac.so

%files -n python-sssd-config
%defattr(-,root,root)
%python_sitearch/pysss.so
%python_sitelib/SSSDConfig*.py*
%python_sitelib/SSSDConfig*.egg-info
%python_sitelib/ipachangeconf.py*
%python_sitelib/sssd_upgrade_config.py*

%changelog