# # spec file for package sssd # # Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # Name: sssd Version: 1.8.2 Release: 0 Summary: System Security Services Daemon License: GPL-3.0+ and LGPL-3.0+ Group: System/Daemons Url: https://fedorahosted.org/sssd/ Source0: %{name}-%{version}.tar.gz Source1: baselibs.conf Patch3: 0003-Allow-LDAP-to-decide-when-an-expiration-warning-is-w.patch Patch4: 0004-avoid-hard-crypto-dep.diff Patch5: 0005-implicit-decl.diff BuildRoot: %{_tmppath}/%{name}-%{version}-build %define servicename sssd %define sssdstatedir %{_localstatedir}/lib/sss %define dbpath %{sssdstatedir}/db %define pipepath %{sssdstatedir}/pipes %define pubconfpath %{sssdstatedir}/pubconf # SLES11 doesn't know the python_* macros %if %suse_version <= 1110 %define python_sitelib %py_sitedir %define python_sitearch %py_sitedir %endif ### Build Dependencies ### %if 0%{?suse_version} >= 1210 BuildRequires: pkgconfig(collection) >= 0.5.1 BuildRequires: pkgconfig(dbus-1) BuildRequires: pkgconfig(dhash) >= 0.4.2 BuildRequires: pkgconfig(ini_config) >= 0.6.1 BuildRequires: pkgconfig(ldb) >= 0.9.2 BuildRequires: pkgconfig(libcares) BuildRequires: pkgconfig(libcrypto) BuildRequires: pkgconfig(libnl-1) >= 1.1 BuildRequires: pkgconfig(libpcre) >= 7 BuildRequires: pkgconfig(popt) BuildRequires: pkgconfig(python) BuildRequires: pkgconfig(talloc) BuildRequires: pkgconfig(tdb) >= 1.1.3 BuildRequires: pkgconfig(tevent) %else BuildRequires: dbus-1-devel BuildRequires: libcares-devel BuildRequires: libcollection-devel >= 0.5.1 BuildRequires: libdhash-devel >= 0.4.2 BuildRequires: libini_config-devel >= 0.6.1 BuildRequires: libldb-devel >= 0.9.2 BuildRequires: libnl-devel >= 1.1 BuildRequires: libopenssl-devel BuildRequires: libtalloc-devel BuildRequires: libtdb-devel >= 1.1.3 BuildRequires: libtevent-devel BuildRequires: pcre-devel >= 7 BuildRequires: popt-devel BuildRequires: python-devel %endif BuildRequires: autoconf BuildRequires: automake BuildRequires: bind-utils BuildRequires: docbook-xsl-stylesheets BuildRequires: krb5-devel BuildRequires: libtool %if 0%{?sles_version} == 11 # SLES 11 SP2 does not have libunistring BuildRequires: glib2-devel %else BuildRequires: libunistring-devel %endif BuildRequires: libxml2 BuildRequires: libxslt BuildRequires: nscd BuildRequires: openldap2-devel BuildRequires: pam-devel BuildRequires: pkg-config %if %suse_version >= 1210 BuildRequires: systemd %{?systemd_requires} %endif %description Provides a set of daemons to manage access to remote directories and authentication mechanisms. It provides an NSS and PAM interface toward the system and a pluggable backend system to connect to multiple different account sources. It is also the basis to provide client auditing and policy services for projects like FreeIPA. %package ipa-provider Summary: FreeIPA provider plugin for sssd License: GPL-3.0+ and LGPL-3.0+ Group: System/Daemons Requires: sssd = %{version} %description ipa-provider This package provide the FreeIPA provider plugin for the System Security Services Daemon (sssd). %package tools Summary: Commandline tools for sssd License: GPL-3.0+ and LGPL-3.0+ Group: System/Management Requires: sssd = %{version} %description tools The packages contains commandline tools for managing users and groups using the "local" id provider of the System Security Services Daemon (sssd). %package -n libipa_hbac0 Summary: FreeIPA HBAC Evaluator library License: LGPL-3.0+ Group: System/Libraries %description -n libipa_hbac0 Utility library to validate FreeIPA HBAC rules for authorization requests. %package -n libipa_hbac-devel Summary: Development files for the FreeIPA HBAC Evaluator library License: LGPL-3.0+ Group: Development/Libraries/C and C++ Requires: libipa_hbac0 = %version %description -n libipa_hbac-devel Utility library to validate FreeIPA HBAC rules for authorization requests. %package -n python-ipa_hbac Summary: Python bindings for the FreeIPA HBAC Evaluator library License: GPL-3.0+ and LGPL-3.0+ Group: Development/Libraries/Python %py_requires %description -n python-ipa_hbac The python-ipa_hbac package contains the bindings so that libipa_hbac can be used by Python applications. %package -n python-sssd-config Summary: Python API for configuring sssd License: GPL-3.0+ and LGPL-3.0+ Group: Development/Libraries/Python %{py_requires} %description -n python-sssd-config Provide python module to access and manage configuration of the System Security Services Daemon (sssd). %prep %setup -q %patch -P 3 -P 4 -P 5 -p1 %build autoreconf %if 0%{?suse_version} < 1210 # pkgconfig file not present export LDB_LIBS="-lldb" export LDB_CFLAGS=" " export LDB_DIR="%_libdir/ldb" %else export LDB_DIR="$(pkg-config ldb --variable=modulesdir)" %endif # help configure find nscd export PATH="$PATH:/usr/sbin" %configure \ --with-db-path=%{dbpath} \ --with-pipe-path=%{pipepath} \ --with-pubconf-path=%{pubconfpath} \ --with-init-dir=%{_initrddir} \ --enable-nsslibdir=/%{_lib} \ --enable-pammoddir=/%{_lib}/security \ --with-ldb-lib-dir="$LDB_DIR" \ --with-selinux=no \ --with-os=suse \ %if 0%{?sles_version} == 11 --with-unicode-lib=glib2 %endif --with-semanage=no make %{?_smp_mflags} all %install make install DESTDIR=$RPM_BUILD_ROOT # Copy default sssd.conf file install -d %{buildroot}%{_mandir}/cs install -d %{buildroot}%{_mandir}/cs/man8 install -d %{buildroot}%{_mandir}/nl install -d %{buildroot}%{_mandir}/nl/man8 install -d %{buildroot}%{_mandir}/pt install -d %{buildroot}%{_mandir}/pt/man8 install -d %{buildroot}%{_mandir}/uk install -d %{buildroot}%{_mandir}/uk/man1 install -d %{buildroot}%{_mandir}/uk/man5 install -d %{buildroot}%{_mandir}/uk/man8 install -d $RPM_BUILD_ROOT/%{_sysconfdir}/sssd install -m600 src/examples/sssd-example.conf $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.conf install src/sysv/SUSE/sssd $RPM_BUILD_ROOT%{_sysconfdir}/init.d/sssd %if 0%{?_unitdir:1} install -d $RPM_BUILD_ROOT/%{_unitdir} install src/sysv/systemd/sssd.service $RPM_BUILD_ROOT/%{_unitdir}/sssd.service %endif ln -sf ../../etc/init.d/sssd $RPM_BUILD_ROOT/usr/sbin/rcsssd # Remove .la files created by libtool find "%buildroot" -type f -name "*.la" -delete; %if %suse_version <= 1110 # remove some unsupported languages, sssd does not contain # translations for these anyway rm -rf \ $RPM_BUILD_ROOT/usr/share/locale/fa_IR \ $RPM_BUILD_ROOT/usr/share/locale/ja_JP \ $RPM_BUILD_ROOT/usr/share/locale/lt_LT \ $RPM_BUILD_ROOT/usr/share/locale/ta_IN \ $RPM_BUILD_ROOT/usr/share/locale/vi_VN %endif %find_lang %{name} --all-name %if 0%{?_unitdir:1} %pre %service_add_pre sssd.service %endif %post /sbin/ldconfig %if 0%{?_unitdir:1} %service_add_post sssd.service %endif %preun %stop_on_removal sssd %if 0%{?_unitdir:1} %service_del_preun sssd.service %endif %postun /sbin/ldconfig %restart_on_update sssd %insserv_cleanup %if 0%{?_unitdir:1} %service_del_postun sssd.service %endif %post -n libipa_hbac0 -p /sbin/ldconfig %postun -n libipa_hbac0 -p /sbin/ldconfig %files -f sssd.lang %defattr(-,root,root,-) %doc COPYING %{_initrddir}/%{name} %if 0%{?_unitdir:1} %{_unitdir}/sssd.service %endif %{_sbindir}/sssd %{_sbindir}/rcsssd %dir %{_libdir}/%{name} %dir %{_libexecdir}/%{name} %dir %{_mandir}/cs %dir %{_mandir}/cs/man8 %dir %{_mandir}/nl %dir %{_mandir}/nl/man8 %dir %{_mandir}/pt %dir %{_mandir}/pt/man8 %dir %{_mandir}/uk %dir %{_mandir}/uk/man1 %dir %{_mandir}/uk/man5 %dir %{_mandir}/uk/man8 %{_mandir}/??/man?/* %{_mandir}/man5/sssd-krb5.5* %{_mandir}/man5/sssd-ldap.5* %{_mandir}/man5/sssd-simple.5* %{_mandir}/man8/sssd.8* %{_mandir}/man5/sssd.conf.5.gz %{_mandir}/man8/pam_sss.8.gz %{_mandir}/man8/sssd_krb5_locator_plugin.8.gz %{_libexecdir}/%{name}/sss* %{_libexecdir}/%{name}/*_child %{_libdir}/%{name}/libsss_krb5* %{_libdir}/%{name}/libsss_ldap* %{_libdir}/%{name}/libsss_proxy* %{_libdir}/%{name}/libsss_simple* %{_libdir}/ldb/memberof.so %{_libdir}/krb5/plugins/libkrb5/* %dir %{sssdstatedir} %attr(700,root,root) %dir %{dbpath} %attr(755,root,root) %dir %{pipepath} %attr(700,root,root) %dir %{pipepath}/private %attr(755,root,root) %dir %{pubconfpath} %attr(750,root,root) %dir %{_var}/log/%{name} %dir %{_sysconfdir}/sssd %config(noreplace) %{_sysconfdir}/sssd/sssd.conf /%{_lib}/libnss_sss.so.2 /%{_lib}/security/pam_sss.so %_datadir/sssd %exclude %_datadir/sssd/sssd.api.d/sssd-ipa.conf %files tools %defattr(-,root,root,-) %{_sbindir}/sss_cache %{_sbindir}/sss_debuglevel %{_sbindir}/sss_useradd %{_sbindir}/sss_userdel %{_sbindir}/sss_usermod %{_sbindir}/sss_groupadd %{_sbindir}/sss_groupdel %{_sbindir}/sss_groupmod %{_sbindir}/sss_groupshow %{_mandir}/man8/sss_groupadd.8* %{_mandir}/man8/sss_groupdel.8* %{_mandir}/man8/sss_groupmod.8* %{_mandir}/man8/sss_groupshow.8* %{_mandir}/man8/sss_useradd.8* %{_mandir}/man8/sss_userdel.8* %{_mandir}/man8/sss_usermod.8* %{_mandir}/man8/sss_obfuscate.8* %{_mandir}/man8/sss_cache.8* %{_mandir}/man8/sss_debuglevel.8* %attr(0755,root,root) %{_sbindir}/sss_obfuscate %files ipa-provider %defattr(-,root,root,-) %dir %_datadir/sssd %dir %_datadir/sssd/sssd.api.d %_datadir/sssd/sssd.api.d/sssd-ipa.conf %{_libdir}/sssd/libsss_ipa* %{_mandir}/man5/sssd-ipa.* %files -n libipa_hbac0 %defattr(-,root,root) %_libdir/libipa_hbac.so.0* %files -n libipa_hbac-devel %defattr(-,root,root) %_includedir/ipa_hbac.h %_libdir/libipa_hbac.so %_libdir/pkgconfig/ipa_hbac.pc %files -n python-ipa_hbac %defattr(-,root,root) %python_sitearch/pyhbac.so %files -n python-sssd-config %defattr(-,root,root) %python_sitearch/pysss.so %python_sitelib/SSSDConfig*.py* %python_sitelib/SSSDConfig*.egg-info %python_sitelib/ipachangeconf.py* %python_sitelib/sssd_upgrade_config.py* %changelog