158 lines
4.4 KiB
RPMSpec
158 lines
4.4 KiB
RPMSpec
%define _hardened_build 1
|
|
|
|
Name: nss-pam-ldapd
|
|
Version: 0.9.12
|
|
Release: 6
|
|
Summary: NSS and PAM libraries for name lookups and authentication using LDAP
|
|
License: LGPLv2+
|
|
URL: http://arthurdejong.org/nss-pam-ldapd/
|
|
Source0: http://arthurdejong.org/%{name}/%{name}-%{version}.tar.gz
|
|
Source1: http://arthurdejong.org/%{name}/%{name}-%{version}.tar.gz.sig
|
|
Source3: nslcd.tmpfiles
|
|
Source4: nslcd.service
|
|
|
|
Patch0: 0001-Disable-pylint-tests.patch
|
|
Patch1: 0002-Watch-for-uint32_t-overflows.patch
|
|
Patch2: backport-Fix-off-by-one-error-in-closing-file-descriptors.patch
|
|
Patch3: backport-Fix-memory-leak-in-config-parsing.patch
|
|
Patch4: backport-Fix-NULL-pointer-deref-on-memory-allocation-failure.patch
|
|
|
|
BuildRequires: gcc, openldap-devel, krb5-devel, autoconf, automake, pam-devel, systemd-units
|
|
%{?systemd_requires}
|
|
|
|
Recommends: nscd
|
|
|
|
Provides: nss-ldapd = %{version}-%{release}
|
|
Provides: nss_ldap = 265-12
|
|
Provides: pam_ldap = 185-15
|
|
|
|
Obsoletes: nss-ldapd < 0.7
|
|
Obsoletes: nss_ldap < 265-11
|
|
Obsoletes: pam_ldap < 185-15
|
|
|
|
%description
|
|
The nss-pam-ldapd package provides a Name Service Switch (NSS, nsswitch) module
|
|
that allows your LDAP server to provide user account, group, host name, alias,
|
|
netgroup, and basically any other information that you would normally get from
|
|
/etc flat files or NIS. It also provides a Pluggable Authentication Module (PAM)
|
|
to do identity and authentication management with an LDAP server on unix systems.
|
|
|
|
%package help
|
|
Summary: The help package for nss-pam-ldapd
|
|
|
|
%description help
|
|
This is the help package of nss-pam-ldapd which includes the man docs.
|
|
|
|
%prep
|
|
%autosetup -p1
|
|
autoreconf -f -i
|
|
|
|
%build
|
|
%configure --libdir=/%{_lib} \
|
|
--disable-utils \
|
|
--with-pam-seclib-dir=/%{_lib}/security
|
|
%make_build
|
|
|
|
%check
|
|
make check
|
|
|
|
%install
|
|
rm -rf $RPM_BUILD_ROOT
|
|
%make_install
|
|
mkdir -p $RPM_BUILD_ROOT/{%{_libdir},%{_unitdir}}
|
|
install -p -m644 %{SOURCE4} $RPM_BUILD_ROOT/%{_unitdir}/
|
|
|
|
ln -s libnss_ldap.so.2 $RPM_BUILD_ROOT/%{_lib}/libnss_ldap.so
|
|
|
|
sed -i -e 's,^uid.*,uid nslcd,g' -e 's,^gid.*,gid ldap,g' \
|
|
$RPM_BUILD_ROOT/%{_sysconfdir}/nslcd.conf
|
|
touch -r nslcd.conf $RPM_BUILD_ROOT/%{_sysconfdir}/nslcd.conf
|
|
mkdir -p -m 0755 $RPM_BUILD_ROOT/run/nslcd
|
|
mkdir -p -m 0755 $RPM_BUILD_ROOT/%{_tmpfilesdir}
|
|
install -p -m 0644 %{SOURCE3} $RPM_BUILD_ROOT/%{_tmpfilesdir}/%{name}.conf
|
|
|
|
%pre
|
|
getent group ldap > /dev/null || \
|
|
/usr/sbin/groupadd -r -g 55 ldap
|
|
getent passwd nslcd > /dev/null || \
|
|
/usr/sbin/useradd -r -g ldap -c 'LDAP Client User' \
|
|
-u 65 -d / -s /sbin/nologin nslcd 2> /dev/null || :
|
|
|
|
%post
|
|
/sbin/ldconfig
|
|
%systemd_post nslcd.service
|
|
|
|
%preun
|
|
%systemd_preun nslcd.service
|
|
|
|
%postun
|
|
/sbin/ldconfig
|
|
%systemd_postun_with_restart nslcd.service
|
|
|
|
%files
|
|
%doc AUTHORS ChangeLog COPYING HACKING NEWS README TODO
|
|
%{_sbindir}/*
|
|
/%{_lib}/*.so*
|
|
/%{_lib}/security/pam_ldap.so
|
|
%attr(0600,root,root) %config(noreplace) %verify(not md5 size mtime) /etc/nslcd.conf
|
|
%attr(0644,root,root) %config(noreplace) %{_tmpfilesdir}/%{name}.conf
|
|
%config(noreplace) %{_unitdir}/nslcd.service
|
|
%attr(0775,nslcd,root) /run/nslcd
|
|
|
|
%files help
|
|
%{_mandir}/*/*
|
|
|
|
%changelog
|
|
* Wed Mar 5 2025 yixiangzhike <yixiangzhike007@163.com> - 0.9.12-6
|
|
- Type:bugfix
|
|
- CVE:NA
|
|
- SUG:NA
|
|
- DESC:Move temporary files from /var/run to /run to delete warning in installing
|
|
|
|
* Thu Oct 24 2024 yixiangzhike <yixiangzhike007@163.com> - 0.9.12-5
|
|
- Type:bugfix
|
|
- CVE:NA
|
|
- SUG:NA
|
|
- DESC:Fix NULL pointer deref on memory allocation failure
|
|
|
|
* Wed Oct 09 2024 yixiangzhike <yixiangzhike007@163.com> - 0.9.12-4
|
|
- Type:bugfix
|
|
- CVE:NA
|
|
- SUG:NA
|
|
- DESC:fix memory leak in config parsing
|
|
|
|
* Wed May 08 2024 lifeifei <lifeifei@kylinos.cn> - 0.9.12-3
|
|
- Type:requirement
|
|
- CVE:NA
|
|
- SUG:NA
|
|
- DESC:add noreplace to /usr/lib/systemd/system/nslcd.service
|
|
|
|
* Wed Oct 19 2022 yixiangzhike <yixiangzhike007@163.com> - 0.9.12-2
|
|
- Type:bugfix
|
|
- ID:NA
|
|
- SUG:restart
|
|
- DESC:fix off-by one error in closing file descriptors
|
|
|
|
* Mon Feb 21 2022 yixiangzhike <yixiangzhike007@163.com> - 0.9.12-1
|
|
- Type:bugfix
|
|
- ID:NA
|
|
- SUG:restart
|
|
- DESC:update to 0.9.12
|
|
|
|
* Mon Jul 27 2020 Liquor <lirui130@huawei.com> - 0.9.11-1
|
|
- Type:bugfix
|
|
- ID:NA
|
|
- SUG:restart
|
|
- DESC:update to 0.9.11
|
|
|
|
* Mon Apr 08 2019 yanghua<yanghua21@huawei.com> - 0.9.9-5
|
|
- Type:bugfix
|
|
- ID:NA
|
|
- SUG:restart
|
|
- DESC:Create /var/run/nslcd/socket after dropping privileges
|
|
Fix crash in chsh.ldap
|
|
|
|
* Fri Mar 01 2019 openEuler Buildteam<buildteam@openeuler.org> - 0.9.9-4
|
|
- Package init
|
|
|