packages/sssd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

unpack for sssd

Browse Source 
(cherry picked from commit 78583b0f29398518153a7e8fec2f793d82348236)
This commit is contained in:
chendexi 2024-02-29 07:17:05 +00:00 committed by openeuler-sync-bot
parent 1b9944187b
commit 71e6611a87
1 changed files with 590 additions and 244 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

828
sssd.spec
View File

@ -1,74 +1,30 @@
# we don't want to provide private python extension libs
%define __provides_exclude_from %{python3_sitearch}/.*\.so$
# Determine the location of the LDB modules directory
%global ldb_modulesdir %(pkg-config --variable=modulesdir ldb)
%global samba_package_version %(rpm -q samba-devel --queryformat %{version}-%{release})
Name: sssd Name: sssd
Version: 2.9.4 Version: 2.9.4
Release: 1 Release: 2
Summary: System Security Services Daemon Summary: System Security Services Daemon
License: GPLv3+ and LGPLv3+ License: GPL-3.0-or-later
URL: https://pagure.io/SSSD/sssd/ URL: https://github.com/SSSD/sssd/
Source0: https://github.com/SSSD/sssd/releases/download/%{version}/%{name}-%{version}.tar.gz Source0: https://github.com/SSSD/sssd/releases/download/2.9.4/sssd-2.9.4.tar.gz
Requires: sssd-ad = %{version}-%{release}
Requires: python3-sssd = %{version}-%{release} Requires: sssd-common = %{version}-%{release}
Requires: libldb Requires: sssd-ipa = %{version}-%{release}
Requires: cyrus-sasl-gssapi%{?_isa} Requires: sssd-krb5 = %{version}-%{release}
%{?systemd_requires} Requires: sssd-ldap = %{version}-%{release}
Recommends: bind-utils Requires: sssd-proxy = %{version}-%{release}
Recommends: bind-utils Suggests: logrotate
Recommends: adcli Suggests: procps-ng
Suggests: python3-sssdconfig = %{version}-%{release}
Provides: libsss_sudo-devel = %{version}-%{release} Suggests: sssd-dbus = %{version}-%{release}
Provides: sssd-common = %{version}-%{release} Obsoletes: python3-sssd < %{version}-%{release}
Provides: sssd-ldap = %{version}-%{release}
Provides: sssd-krb5 = %{version}-%{release}
Provides: sssd-krb5-common = %{version}-%{release}
Provides: sssd-ipa = %{version}-%{release}
Provides: sssd-ad = %{version}-%{release}
Provides: sssd-client = %{version}-%{release}
Provides: sssd-common-pac = %{version}-%{release}
Provides: sssd-kcm = %{version}-%{release}
Provides: sssd-dbus = %{version}-%{release}
Provides: libsss_sudo = %{version}-%{release}
Provides: sssd-proxy = %{version}-%{release}
Provides: libsss_idmap = %{version}-%{release}
Provides: libipa_hbac = %{version}-%{release}
Provides: libsss_autofs = %{version}-%{release}
Provides: libsss_nss_idmap = %{version}-%{release}
Provides: libsss_simpleifp = %{version}-%{release}
Provides: libsss_certmap = %{version}-%{release}
Provides: sssd-libwbclient = %{version}-%{release}
Provides: sssd-nfs-idmap = %{version}-%{release}
Provides: sssd-winbind-idmap = %{version}-%{release}
Provides: sssd-tools = %{version}-%{release}
Obsoletes: libsss_sudo-devel <= 1.10.0-7%{?dist}.beta1
Obsoletes: sssd-common < %{version}-%{release}
Obsoletes: sssd-ldap < %{version}-%{release}
Obsoletes: sssd-krb5 < %{version}-%{release}
Obsoletes: sssd-krb5-common < %{version}-%{release}
Obsoletes: sssd-ipa < %{version}-%{release}
Obsoletes: sssd-ad < %{version}-%{release}
Obsoletes: sssd-client < %{version}-%{release}
Obsoletes: sssd-common-pac < %{version}-%{release}
Obsoletes: sssd-kcm < %{version}-%{release}
Obsoletes: sssd-dbus < %{version}-%{release}
Obsoletes: libsss_sudo < %{version}-%{release}
Obsoletes: sssd-proxy < %{version}-%{release}
Obsoletes: libsss_idmap < %{version}-%{release}
Obsoletes: libipa_hbac < %{version}-%{release}
Obsoletes: libsss_autofs < %{version}-%{release}
Obsoletes: libsss_nss_idmap < %{version}-%{release}
Obsoletes: libsss_simpleifp < %{version}-%{release}
Obsoletes: libsss_certmap < %{version}-%{release}
Obsoletes: sssd-libwbclient < %{version}-%{release}
Obsoletes: sssd-nfs-idmap < %{version}-%{release}
Obsoletes: sssd-winbind-idmap < %{version}-%{release}
Obsoletes: sssd-tools < %{version}-%{release}
Requires(post): /sbin/ldconfig
Requires(postun): /sbin/ldconfig
Requires(post): /usr/sbin/alternatives
Requires(preun): /usr/sbin/alternatives
%global ldb_modulesdir %(pkg-config --variable=modulesdir ldb)
BuildRequires: libtool popt-devel BuildRequires: libtool popt-devel
BuildRequires: libldb-devel BuildRequires: libldb-devel
@ -86,57 +42,327 @@ BuildRequires: libcurl-devel libjose-devel keyutils-libs-devel krb5-devel
BuildRequires: pcre2-devel libunistring libunistring-devel BuildRequires: pcre2-devel libunistring libunistring-devel
%description %description
SSSD provides a set of daemons to manage access to remote directories Provides a set of daemons to manage access to remote directories and
and authentication mechanisms such as LDAP, Kerberos or FreeIPA. It authentication mechanisms. It provides an NSS and PAM interface toward
provides an NSS and PAM interface toward the system and a pluggable the system and a pluggable back end system to connect to multiple different
backend system to connect to multiple different account sources. account sources. It is also the basis to provide client auditing and policy
services for projects like FreeIPA.
%package devel The sssd subpackage is a meta-package that contains the daemon as well as all
Summary: Development libraries for the SSSD the existing back ends.
License: GPLv3+ and LGPLv3+
Requires: dbus-devel
Requires: sssd = %{version}-%{release}
Provides: libsss_idmap-devel = %{version}-%{release} %package common
Provides: libipa_hbac-devel = %{version}-%{release} Summary: Common files for the SSSD
Provides: libsss_nss_idmap-devel = %{version}-%{release} License: GPL-3.0-or-later
Provides: libsss_simpleifp-devel = %{version}-%{release} Obsoletes: libsss_simpleifp < 2.9.2
Provides: libsss_certmap-devel = %{version}-%{release} Obsoletes: libsss_simpleifp-debuginfo < 2.9.2
Provides: sssd-libwbclient-devel = %{version}-%{release} Requires: libldb
Requires: sssd-client%{?_isa} = %{version}-%{release}
Requires: (libsss_sudo = %{version}-%{release} if sudo)
Requires: (libsss_autofs%{?_isa} = %{version}-%{release} if autofs)
Requires: (sssd-nfs-idmap = %{version}-%{release} if libnfsidmap)
Requires: libsss_idmap = %{version}-%{release}
Requires: libsss_certmap = %{version}-%{release}
%{?systemd_requires}
Provides: libsss_sudo-devel = %{version}-%{release}
Obsoletes: libsss_sudo-devel <= 1.10.0-7%{?dist}.beta1
Obsoletes: libsss_idmap-devel < %{version}-%{release} %description common
Obsoletes: libipa_hbac-devel < %{version}-%{release} Common files for the SSSD. The common package includes all the files needed
Obsoletes: libsss_nss_idmap-devel < %{version}-%{release} to run a particular back end, however, the back ends are packaged in separate
Obsoletes: libsss_simpleifp-devel < %{version}-%{release} subpackages such as sssd-ldap.
Obsoletes: libsss_certmap-devel < %{version}-%{release}
Obsoletes: sssd-libwbclient-devel < %{version}-%{release}
%description devel %package client
Development libraries for the SSSD Summary: SSSD Client libraries for NSS and PAM
License: LGPL-3.0-or-later
Requires: libsss_nss_idmap = %{version}-%{release}
Requires: libsss_idmap = %{version}-%{release}
Requires(post): /usr/sbin/alternatives
Requires(preun): /usr/sbin/alternatives
%package -n python3-sssd %description client
Summary: Python3 bindings for sssd Provides the libraries needed by the PAM and NSS stacks to connect to the SSSD
License: LGPLv3+ service.
Requires: sssd = %{version}-%{release}
Provides: python3-sss = %{version}-%{release} %package -n libsss_sudo
Provides: python3-sssdconfig = %{version}-%{release} Summary: A library to allow communication between SUDO and SSSD
Provides: python3-sss-murmur = %{version}-%{release} License: LGPL-3.0-or-later
provides: python3-libsss_nss_idmap = %{version}-%{release} Conflicts: sssd-common < %{version}-%{release}
Provides: python3-libipa_hbac = %{version}-%{release}
Obsoletes: python3-sss < %{version}-%{release} %description -n libsss_sudo
Obsoletes: python3-sssdconfig < %{version}-%{release} A utility library to allow communication between SUDO and SSSD
Obsoletes: python3-sss-murmur < %{version}-%{release}
Obsoletes: python3-libipa_hbac < %{version}-%{release} %package -n libsss_autofs
Obsoletes: python3-libsss_nss_idmap < %{version}-%{release} Summary: A library to allow communication between Autofs and SSSD
%{?python_provide:%python_provide python3-sssd} License: LGPL-3.0-or-later
%{?python_provide:%python_provide python3-sss} Conflicts: sssd-common < %{version}-%{release}
%description -n libsss_autofs
A utility library to allow communication between Autofs and SSSD
%package tools
Summary: Userspace tools for use with the SSSD
License: GPL-3.0-or-later
Requires: sssd-common = %{version}-%{release}
# required by sss_obfuscate
Requires: python3-sss = %{version}-%{release}
Requires: python3-sssdconfig = %{version}-%{release}
Requires: libsss_certmap = %{version}-%{release}
# for logger=journald support with sss_analyze
Requires: python3-systemd
Requires: sssd-dbus
%description tools
Provides several administrative tools:
* sss_debuglevel to change the debug level on the fly
* sss_seed which pre-creates a user entry for use in kickstarts
* sss_obfuscate for generating an obfuscated LDAP password
* sssctl -- an sssd status and control utility
%package -n python3-sssdconfig
Summary: SSSD and IPA configuration file manipulation classes and functions
License: GPL-3.0-or-later
BuildArch: noarch
%{?python_provide:%python_provide python3-sssdconfig} %{?python_provide:%python_provide python3-sssdconfig}
%description -n python3-sssdconfig
Provides python3 files for manipulation SSSD and IPA configuration files.
%package -n python3-sss
Summary: Python3 bindings for sssd
License: LGPL-3.0-or-later
Requires: sssd-common = %{version}-%{release}
%{?python_provide:%python_provide python3-sss}
%description -n python3-sss
Provides python3 bindings:
* function for retrieving list of groups user belongs to
* class for obfuscation of passwords
%package -n python3-sss-murmur
Summary: Python3 bindings for murmur hash function
License: LGPL-3.0-or-later
%{?python_provide:%python_provide python3-sss-murmur} %{?python_provide:%python_provide python3-sss-murmur}
%description -n python3-sss-murmur
Provides python3 module for calculating the murmur hash version 3
%package ldap
Summary: The LDAP back end of the SSSD
License: GPL-3.0-or-later
Requires: sssd-common = %{version}-%{release}
Requires: sssd-krb5-common = %{version}-%{release}
Requires: libsss_idmap = %{version}-%{release}
Requires: libsss_certmap = %{version}-%{release}
%description ldap
Provides the LDAP back end that the SSSD can utilize to fetch identity data
from and authenticate against an LDAP server.
%package krb5-common
Summary: SSSD helpers needed for Kerberos and GSSAPI authentication
License: GPL-3.0-or-later
Requires: cyrus-sasl-gssapi%{?_isa}
Requires: sssd-common = %{version}-%{release}
%description krb5-common
Provides helper processes that the LDAP and Kerberos back ends can use for
Kerberos user or host authentication.
%package krb5
Summary: The Kerberos authentication back end for the SSSD
License: GPL-3.0-or-later
Requires: sssd-common = %{version}-%{release}
Requires: sssd-krb5-common = %{version}-%{release}
%description krb5
Provides the Kerberos back end that the SSSD can utilize authenticate
against a Kerberos server.
%package common-pac
Summary: Common files needed for supporting PAC processing
License: GPL-3.0-or-later
Requires: sssd-common = %{version}-%{release}
Requires: libsss_idmap = %{version}-%{release}
%description common-pac
Provides common files needed by SSSD providers such as IPA and Active Directory
for handling Kerberos PACs.
%package ipa
Summary: The IPA back end of the SSSD
License: GPL-3.0-or-later
Requires: samba-client-libs >= %{samba_package_version}
Requires: sssd-common = %{version}-%{release}
Requires: sssd-krb5-common = %{version}-%{release}
Requires: libipa_hbac%{?_isa} = %{version}-%{release}
Requires: libsss_certmap = %{version}-%{release}
Recommends: bind-utils
Requires: sssd-common-pac = %{version}-%{release}
Requires: libsss_idmap = %{version}-%{release}
%description ipa
Provides the IPA back end that the SSSD can utilize to fetch identity data
from and authenticate against an IPA server.
%package ad
Summary: The AD back end of the SSSD
License: GPL-3.0-or-later
Requires: samba-client-libs >= %{samba_package_version}
Requires: sssd-common = %{version}-%{release}
Requires: sssd-krb5-common = %{version}-%{release}
Requires: sssd-common-pac = %{version}-%{release}
Requires: libsss_idmap = %{version}-%{release}
Requires: libsss_certmap = %{version}-%{release}
Recommends: bind-utils
Recommends: adcli
Suggests: sssd-winbind-idmap = %{version}-%{release}
%description ad
Provides the Active Directory back end that the SSSD can utilize to fetch
identity data from and authenticate against an Active Directory server.
%package proxy
Summary: The proxy back end of the SSSD
License: GPL-3.0-or-later
Requires: sssd-common = %{version}-%{release}
Requires: libsss_certmap = %{version}-%{release}
%description proxy
Provides the proxy back end which can be used to wrap an existing NSS and/or
PAM modules to leverage SSSD caching.
%package -n libsss_idmap
Summary: FreeIPA Idmap library
License: LGPL-3.0-or-later
%description -n libsss_idmap
Utility library to convert SIDs to Unix uids and gids
%package -n libsss_idmap-devel
Summary: FreeIPA Idmap library
License: LGPL-3.0-or-later
Requires: libsss_idmap = %{version}-%{release}
%description -n libsss_idmap-devel
Utility library to SIDs to Unix uids and gids
%package -n libipa_hbac
Summary: FreeIPA HBAC Evaluator library
License: LGPL-3.0-or-later
%description -n libipa_hbac
Utility library to validate FreeIPA HBAC rules for authorization requests
%package -n libipa_hbac-devel
Summary: FreeIPA HBAC Evaluator library
License: LGPL-3.0-or-later
Requires: libipa_hbac = %{version}-%{release}
%description -n libipa_hbac-devel
Utility library to validate FreeIPA HBAC rules for authorization requests
%package -n python3-libipa_hbac
Summary: Python3 bindings for the FreeIPA HBAC Evaluator library
License: LGPL-3.0-or-later
Requires: libipa_hbac = %{version}-%{release}
%{?python_provide:%python_provide python3-libipa_hbac} %{?python_provide:%python_provide python3-libipa_hbac}
%description -n python3-libipa_hbac
The python3-libipa_hbac contains the bindings so that libipa_hbac can be
used by Python applications.
%package -n libsss_nss_idmap
Summary: Library for SID and certificate based lookups
License: LGPL-3.0-or-later
%description -n libsss_nss_idmap
Utility library for SID and certificate based lookups
%package -n libsss_nss_idmap-devel
Summary: Library for SID and certificate based lookups
License: LGPL-3.0-or-later
Requires: libsss_nss_idmap = %{version}-%{release}
%description -n libsss_nss_idmap-devel
Utility library for SID and certificate based lookups
%package -n python3-libsss_nss_idmap
Summary: Python3 bindings for libsss_nss_idmap
License: LGPL-3.0-or-later
Requires: libsss_nss_idmap = %{version}-%{release}
%{?python_provide:%python_provide python3-libsss_nss_idmap} %{?python_provide:%python_provide python3-libsss_nss_idmap}
%description -n python3-sssd %description -n python3-libsss_nss_idmap
Python3 bindings for sssd The python3-libsss_nss_idmap contains the bindings so that libsss_nss_idmap can
be used by Python applications.
%package dbus
Summary: The D-Bus responder of the SSSD
License: GPL-3.0-or-later
Requires: sssd-common = %{version}-%{release}
%{?systemd_requires}
%description dbus
Provides the D-Bus responder of the SSSD, called the InfoPipe, that allows
the information from the SSSD to be transmitted over the system bus.
%package winbind-idmap
Summary: SSSD's idmap_sss Backend for Winbind
License: GPL-3.0-or-later AND LGPL-3.0-or-later
Requires: libsss_nss_idmap = %{version}-%{release}
Requires: libsss_idmap = %{version}-%{release}
Conflicts: sssd-common < %{version}-%{release}
%description winbind-idmap
The idmap_sss module provides a way for Winbind to call SSSD to map UIDs/GIDs
and SIDs.
%package nfs-idmap
Summary: SSSD plug-in for NFSv4 rpc.idmapd
License: GPL-3.0-or-later
Conflicts: sssd-common < %{version}-%{release}
%description nfs-idmap
The libnfsidmap sssd module provides a way for rpc.idmapd to call SSSD to map
UIDs/GIDs to names and vice versa. It can be also used for mapping principal
(user) name to IDs(UID or GID) or to obtain groups which user are member of.
%package -n libsss_certmap
Summary: SSSD Certificate Mapping Library
License: LGPL-3.0-or-later
Conflicts: sssd-common < %{version}-%{release}
%description -n libsss_certmap
Library to map certificates to users based on rules
%package -n libsss_certmap-devel
Summary: SSSD Certificate Mapping Library
License: LGPL-3.0-or-later
Requires: libsss_certmap = %{version}-%{release}
%description -n libsss_certmap-devel
Library to map certificates to users based on rules
%package kcm
Summary: An implementation of a Kerberos KCM server
License: GPL-3.0-or-later
Requires: sssd-common = %{version}-%{release}
%{?systemd_requires}
%description kcm
An implementation of a Kerberos KCM server. Use this package if you want to
use the KCM: Kerberos credentials cache.
%package idp
Summary: Kerberos plugins and OIDC helper for external identity providers.
License: GPL-3.0-or-later
Requires: sssd-common = %{version}-%{release}
%description idp
This package provides Kerberos plugins that are required to enable
authentication against external identity providers. Additionally a helper
program to handle the OAuth 2.0 Device Authorization Grant is provided.
%package_help %package_help
@ -144,6 +370,7 @@ Python3 bindings for sssd
%autosetup -p1 %autosetup -p1
%build %build
autoreconf -ivf autoreconf -ivf
%configure \ %configure \
@ -186,88 +413,58 @@ export SETUPTOOLS_USE_DISTUTILS=stdlib
sed -i -e 's:/usr/bin/python:/usr/bin/python3:' src/tools/sss_obfuscate sed -i -e 's:/usr/bin/python:/usr/bin/python3:' src/tools/sss_obfuscate
%make_install %make_install
# Prepare language files
/usr/lib/rpm/find-lang.sh $RPM_BUILD_ROOT sssd /usr/lib/rpm/find-lang.sh $RPM_BUILD_ROOT sssd
# install default sssd.conf file # install default sssd.conf file
install -m600 src/examples/sssd-example.conf $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.conf install -m600 src/examples/sssd-example.conf $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.conf
# Copy default logrotate file
mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/logrotate.d mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/logrotate.d
install -m644 src/examples/logrotate $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/sssd install -m644 src/examples/logrotate $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/sssd
# Make sure SSSD is able to run on read-only root
mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/rwtab.d mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/rwtab.d
install -m644 src/examples/rwtab $RPM_BUILD_ROOT%{_sysconfdir}/rwtab.d/sssd install -m644 src/examples/rwtab $RPM_BUILD_ROOT%{_sysconfdir}/rwtab.d/sssd
# Kerberos KCM credential cache by default
mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/krb5.conf.d mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/krb5.conf.d
cp $RPM_BUILD_ROOT/%{_datadir}/sssd-kcm/kcm_default_ccache \ cp $RPM_BUILD_ROOT/%{_datadir}/sssd-kcm/kcm_default_ccache \
$RPM_BUILD_ROOT/%{_sysconfdir}/krb5.conf.d/kcm_default_ccache $RPM_BUILD_ROOT/%{_sysconfdir}/krb5.conf.d/kcm_default_ccache
# Enable krb5 idp plugins by default (when sssd-idp package is installed)
cp $RPM_BUILD_ROOT/%{_datadir}/sssd/krb5-snippets/sssd_enable_idp \
$RPM_BUILD_ROOT/%{_sysconfdir}/krb5.conf.d/sssd_enable_idp
# krb5 configuration snippet
cp $RPM_BUILD_ROOT/%{_datadir}/sssd/krb5-snippets/enable_sssd_conf_dir \ cp $RPM_BUILD_ROOT/%{_datadir}/sssd/krb5-snippets/enable_sssd_conf_dir \
$RPM_BUILD_ROOT/%{_sysconfdir}/krb5.conf.d/enable_sssd_conf_dir $RPM_BUILD_ROOT/%{_sysconfdir}/krb5.conf.d/enable_sssd_conf_dir
# Create directory for cifs-idmap alternative
# Otherwise this directory could not be owned by sssd-client
mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/cifs-utils mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/cifs-utils
# Remove .la files created by libtool
%delete_la %delete_la
for file in `ls $RPM_BUILD_ROOT/%{python3_sitelib}/*.egg-info 2> /dev/null` # Suppress developer-only documentation
#rm -Rf ${RPM_BUILD_ROOT}/%{_docdir}/%{name}
# Older versions of rpmbuild can only handle one -f option
# So we need to append to the sssd*.lang file
for file in `find $RPM_BUILD_ROOT/%{python3_sitelib} -maxdepth 1 -name "*.egg-info" 2> /dev/null`
do do
echo %{python3_sitelib}/`basename $file` >> python3_sssd.lang echo %{python3_sitelib}/`basename $file` >> python3_sssdconfig.lang
done done
touch sssd.lang touch sssd.lang
for subpackage in sssd_ldap sssd_krb5 sssd_ipa sssd_ad sssd_proxy sssd_tools \
chrpath -d $RPM_BUILD_ROOT%{_libexecdir}/sssd/ldap_child sssd_client sssd_dbus sssd_nfs_idmap sssd_winbind_idmap \
chrpath -d $RPM_BUILD_ROOT%{_libexecdir}/sssd/krb5_child libsss_certmap sssd_kcm
do
chrpath -d $RPM_BUILD_ROOT%{_libexecdir}/sssd/sssd_pac touch $subpackage.lang
done
chrpath -d $RPM_BUILD_ROOT%{_libdir}/%{name}/libsss_krb5.so
chrpath -d $RPM_BUILD_ROOT%{ldb_modulesdir}/memberof.so
chrpath -d $RPM_BUILD_ROOT%{_libdir}/%{name}/libsss_simple.so
chrpath -d $RPM_BUILD_ROOT%{_libdir}/%{name}/libsss_child.so
chrpath -d $RPM_BUILD_ROOT%{_libdir}/%{name}/libsss_semanage.so
chrpath -d $RPM_BUILD_ROOT%{_libdir}/%{name}/libsss_krb5_common.so
chrpath -d $RPM_BUILD_ROOT%{_libdir}/%{name}/libifp_iface_sync.so
chrpath -d $RPM_BUILD_ROOT%{_libdir}/%{name}/libsss_iface.so
chrpath -d $RPM_BUILD_ROOT%{_libdir}/%{name}/libsss_cert.so
chrpath -d $RPM_BUILD_ROOT%{_libdir}/%{name}/libsss_iface_sync.so
chrpath -d $RPM_BUILD_ROOT%{_libdir}/%{name}/libsss_util.so
chrpath -d $RPM_BUILD_ROOT%{_libdir}/%{name}/libifp_iface.so
chrpath -d $RPM_BUILD_ROOT%{_libdir}/%{name}/libsss_crypt.so
chrpath -d $RPM_BUILD_ROOT%{_libdir}/%{name}/libsss_ldap_common.so
chrpath -d $RPM_BUILD_ROOT%{_libexecdir}/sssd/sssd_check_socket_activated_responders
chrpath -d $RPM_BUILD_ROOT%{_libexecdir}/sssd/sss_signal
chrpath -d $RPM_BUILD_ROOT%{_libexecdir}/sssd/sssd_pam
chrpath -d $RPM_BUILD_ROOT%{_libexecdir}/sssd/sssd_sudo
chrpath -d $RPM_BUILD_ROOT%{_libexecdir}/sssd/sssd_autofs
chrpath -d $RPM_BUILD_ROOT%{_libexecdir}/sssd/p11_child
chrpath -d $RPM_BUILD_ROOT%{_libexecdir}/sssd/sssd_nss
chrpath -d $RPM_BUILD_ROOT%{_libexecdir}/sssd/oidc_child
chrpath -d $RPM_BUILD_ROOT%{_libexecdir}/sssd/sssd_be
chrpath -d $RPM_BUILD_ROOT%{_libexecdir}/sssd/sssd_ssh
chrpath -d $RPM_BUILD_ROOT%{_bindir}/sss_ssh_authorizedkeys
chrpath -d $RPM_BUILD_ROOT%{_bindir}/sss_ssh_knownhostsproxy
chrpath -d $RPM_BUILD_ROOT%{_sbindir}/sss_cache
chrpath -d $RPM_BUILD_ROOT%{_sbindir}/sssd
chrpath -d $RPM_BUILD_ROOT%{_sbindir}/sssctl
chrpath -d $RPM_BUILD_ROOT%{_sbindir}/sss_override
chrpath -d $RPM_BUILD_ROOT%{_sbindir}/sss_seed
chrpath -d $RPM_BUILD_ROOT%{_libexecdir}/sssd/sssd_ifp
chrpath -d $RPM_BUILD_ROOT%{_libdir}/%{name}/libsss_ipa.so
chrpath -d $RPM_BUILD_ROOT%{_libexecdir}/sssd/selinux_child
chrpath -d $RPM_BUILD_ROOT%{_libexecdir}/sssd/sssd_kcm
chrpath -d $RPM_BUILD_ROOT%{_libdir}/%{name}/libsss_ldap.so
chrpath -d $RPM_BUILD_ROOT%{_libdir}/%{name}/libsss_ad.so
chrpath -d $RPM_BUILD_ROOT%{_libexecdir}/sssd/gpo_child
chrpath -d $RPM_BUILD_ROOT%{_libexecdir}/sssd/proxy_child
chrpath -d $RPM_BUILD_ROOT%{_libdir}/%{name}/libsss_proxy.so
chrpath -d $RPM_BUILD_ROOT%{python3_sitearch}/pysss.so
mkdir -p $RPM_BUILD_ROOT/etc/ld.so.conf.d mkdir -p $RPM_BUILD_ROOT/etc/ld.so.conf.d
echo "/usr/lib64/sssd" > $RPM_BUILD_ROOT/etc/ld.so.conf.d/%{name}-%{_arch}.conf echo "/usr/lib64/sssd" > $RPM_BUILD_ROOT/etc/ld.so.conf.d/%{name}-%{_arch}.conf
@ -275,15 +472,80 @@ for man in `find $RPM_BUILD_ROOT/%{_mandir}/??/man?/ -type f | sed -e "s#$RPM_BU
do do
lang=`echo $man | cut -c 1-2` lang=`echo $man | cut -c 1-2`
case `basename $man` in case `basename $man` in
sss_cache*)
echo \%lang\(${lang}\) \%{_mandir}/${man}\* >> sssd.lang
;;
sss_ssh*)
echo \%lang\(${lang}\) \%{_mandir}/${man}\* >> sssd.lang
;;
sss_rpcidmapd*)
echo \%lang\(${lang}\) \%{_mandir}/${man}\* >> sssd_nfs_idmap.lang
;;
sss_*)
echo \%lang\(${lang}\) \%{_mandir}/${man}\* >> sssd_tools.lang
;;
sssctl*)
echo \%lang\(${lang}\) \%{_mandir}/${man}\* >> sssd_tools.lang
;;
sssd_krb5_*)
echo \%lang\(${lang}\) \%{_mandir}/${man}\* >> sssd_client.lang
;;
pam_sss*)
echo \%lang\(${lang}\) \%{_mandir}/${man}\* >> sssd_client.lang
;;
sssd-ldap*)
echo \%lang\(${lang}\) \%{_mandir}/${man}\* >> sssd_ldap.lang
;;
sssd-krb5*)
echo \%lang\(${lang}\) \%{_mandir}/${man}\* >> sssd_krb5.lang
;;
sssd-ipa*)
echo \%lang\(${lang}\) \%{_mandir}/${man}\* >> sssd_ipa.lang
;;
sssd-ad*)
echo \%lang\(${lang}\) \%{_mandir}/${man}\* >> sssd_ad.lang
;;
sssd-proxy*)
echo \%lang\(${lang}\) \%{_mandir}/${man}\* >> sssd_proxy.lang
;;
sssd-ifp*)
echo \%lang\(${lang}\) \%{_mandir}/${man}\* >> sssd_dbus.lang
;;
sssd-kcm*)
echo \%lang\(${lang}\) \%{_mandir}/${man}\* >> sssd_kcm.lang
;;
idmap_sss*)
echo \%lang\(${lang}\) \%{_mandir}/${man}\* >> sssd_winbind_idmap.lang
;;
sss-certmap*)
echo \%lang\(${lang}\) \%{_mandir}/${man}\* >> libsss_certmap.lang
;;
*) *)
echo \%lang\(${lang}\) \%{_mandir}/${man}\* >> sssd.lang echo \%lang\(${lang}\) \%{_mandir}/${man}\* >> sssd.lang
;; ;;
esac esac
done done
%files -f sssd.lang # Print these to the rpmbuild log
echo "sssd.lang:"
cat sssd.lang
echo "python3_sssdconfig.lang:"
cat python3_sssdconfig.lang
for subpackage in sssd_ldap sssd_krb5 sssd_ipa sssd_ad sssd_proxy sssd_tools \
sssd_client sssd_dbus sssd_nfs_idmap sssd_winbind_idmap \
libsss_certmap sssd_kcm
do
echo "$subpackage.lang:"
cat $subpackage.lang
done
%files
%license COPYING
%files common -f sssd.lang
%license COPYING %license COPYING
%license src/sss_client/COPYING.LESSER
%doc src/examples/sssd-example.conf %doc src/examples/sssd-example.conf
%{_sbindir}/sssd %{_sbindir}/sssd
%{_unitdir}/sssd.service %{_unitdir}/sssd.service
@ -364,8 +626,6 @@ done
%{_libdir}/%{name}/conf/sssd.conf %{_libdir}/%{name}/conf/sssd.conf
%{_datadir}/sssd/cfg_rules.ini %{_datadir}/sssd/cfg_rules.ini
%{_datadir}/sssd/sssd.api.conf
%{_datadir}/sssd/sssd.api.d
%dir %{_datadir}/sssd/systemtap %dir %{_datadir}/sssd/systemtap
%{_datadir}/sssd/systemtap/id_perf.stp %{_datadir}/sssd/systemtap/id_perf.stp
%{_datadir}/sssd/systemtap/nested_group_perf.stp %{_datadir}/sssd/systemtap/nested_group_perf.stp
@ -376,27 +636,54 @@ done
%{_datadir}/systemtap/tapset/sssd.stp %{_datadir}/systemtap/tapset/sssd.stp
%{_datadir}/systemtap/tapset/sssd_functions.stp %{_datadir}/systemtap/tapset/sssd_functions.stp
%{_sbindir}/sss_obfuscate %files ldap -f sssd_ldap.lang
%{_sbindir}/sss_override %license COPYING
%{_sbindir}/sss_debuglevel %{_libdir}/%{name}/libsss_ldap.so
%{_sbindir}/sss_seed
%{_sbindir}/sssctl
%{_libexecdir}/sssd/sss_analyze
%files krb5-common
%license COPYING
%attr(755,root,root) %dir %{_localstatedir}/lib/sss/pubconf/krb5.include.d %attr(755,root,root) %dir %{_localstatedir}/lib/sss/pubconf/krb5.include.d
%{_libexecdir}/sssd/ldap_child %{_libexecdir}/sssd/ldap_child
%{_libexecdir}/sssd/krb5_child %{_libexecdir}/sssd/krb5_child
%{_libdir}/%{name}/libsss_krb5.so
%{_libdir}/%{name}/libsss_ldap.so
%files krb5 -f sssd_krb5.lang
%license COPYING
%{_libdir}/%{name}/libsss_krb5.so
%config(noreplace) %{_sysconfdir}/krb5.conf.d/enable_sssd_conf_dir
%dir %{_datadir}/sssd/krb5-snippets
%{_datadir}/sssd/krb5-snippets/enable_sssd_conf_dir
%files common-pac
%license COPYING
%{_libexecdir}/sssd/sssd_pac
%files ipa -f sssd_ipa.lang
%license COPYING
%attr(700,root,root) %dir %{_localstatedir}/lib/sss/keytabs %attr(700,root,root) %dir %{_localstatedir}/lib/sss/keytabs
%{_libdir}/%{name}/libsss_ipa.so %{_libdir}/%{name}/libsss_ipa.so
%{_libexecdir}/sssd/selinux_child %{_libexecdir}/sssd/selinux_child
%files ad -f sssd_ad.lang
%license COPYING
%{_libdir}/%{name}/libsss_ad.so %{_libdir}/%{name}/libsss_ad.so
%{_libexecdir}/sssd/gpo_child %{_libexecdir}/sssd/gpo_child
%{_libexecdir}/sssd/sssd_pac
%files proxy
%license COPYING
%{_libexecdir}/sssd/proxy_child
%{_libdir}/%{name}/libsss_proxy.so
%files dbus -f sssd_dbus.lang
%license COPYING
%{_libexecdir}/sssd/sssd_ifp
%{_unitdir}/sssd-ifp.service
%{_datadir}/dbus-1/system.d/org.freedesktop.sssd.infopipe.conf
%{_datadir}/dbus-1/system-services/org.freedesktop.sssd.infopipe.service
%files client -f sssd_client.lang
%license src/sss_client/COPYING src/sss_client/COPYING.LESSER
%{_libdir}/libnss_sss.so.2 %{_libdir}/libnss_sss.so.2
%{_libdir}/security/pam_sss_gss.so
%{_libdir}/security/pam_sss.so %{_libdir}/security/pam_sss.so
%{_libdir}/krb5/plugins/libkrb5/sssd_krb5_locator_plugin.so %{_libdir}/krb5/plugins/libkrb5/sssd_krb5_locator_plugin.so
%{_libdir}/krb5/plugins/authdata/sssd_pac_plugin.so %{_libdir}/krb5/plugins/authdata/sssd_pac_plugin.so
@ -407,6 +694,94 @@ done
%dir %{_libdir}/%{name}/modules %dir %{_libdir}/%{name}/modules
%{_libdir}/%{name}/modules/sssd_krb5_localauth_plugin.so %{_libdir}/%{name}/modules/sssd_krb5_localauth_plugin.so
%files -n libsss_sudo
%license src/sss_client/COPYING
%{_libdir}/libsss_sudo.so*
%files -n libsss_autofs
%license src/sss_client/COPYING src/sss_client/COPYING.LESSER
%dir %{_libdir}/%{name}/modules
%{_libdir}/%{name}/modules/libsss_autofs.so
%files tools -f sssd_tools.lang
%license COPYING
%{_sbindir}/sss_obfuscate
%{_sbindir}/sss_override
%{_sbindir}/sss_debuglevel
%{_sbindir}/sss_seed
%{_sbindir}/sssctl
%{_libexecdir}/sssd/sss_analyze
%{python3_sitelib}/sssd/
%files -n python3-sssdconfig -f python3_sssdconfig.lang
%dir %{python3_sitelib}/SSSDConfig
%{python3_sitelib}/SSSDConfig/*.py*
%dir %{python3_sitelib}/SSSDConfig/__pycache__
%{python3_sitelib}/SSSDConfig/__pycache__/*.py*
%dir %{_datadir}/sssd
%{_datadir}/sssd/sssd.api.conf
%{_datadir}/sssd/sssd.api.d
%files -n python3-sss
%{python3_sitearch}/pysss.so
%files -n python3-sss-murmur
%{python3_sitearch}/pysss_murmur.so
%files -n libsss_idmap
%license src/sss_client/COPYING src/sss_client/COPYING.LESSER
%{_libdir}/libsss_idmap.so.*
%files -n libsss_idmap-devel
%doc idmap_doc/html
%{_includedir}/sss_idmap.h
%{_libdir}/libsss_idmap.so
%{_libdir}/pkgconfig/sss_idmap.pc
%files -n libipa_hbac
%license src/sss_client/COPYING src/sss_client/COPYING.LESSER
%{_libdir}/libipa_hbac.so.*
%files -n libipa_hbac-devel
%doc hbac_doc/html
%{_includedir}/ipa_hbac.h
%{_libdir}/libipa_hbac.so
%{_libdir}/pkgconfig/ipa_hbac.pc
%files -n libsss_nss_idmap
%license src/sss_client/COPYING src/sss_client/COPYING.LESSER
%{_libdir}/libsss_nss_idmap.so.*
%files -n libsss_nss_idmap-devel
%doc nss_idmap_doc/html
%{_includedir}/sss_nss_idmap.h
%{_libdir}/libsss_nss_idmap.so
%{_libdir}/pkgconfig/sss_nss_idmap.pc
%files -n python3-libsss_nss_idmap
%{python3_sitearch}/pysss_nss_idmap.so
%files -n python3-libipa_hbac
%{python3_sitearch}/pyhbac.so
%files winbind-idmap -f sssd_winbind_idmap.lang
%dir %{_libdir}/samba/idmap
%{_libdir}/samba/idmap/sss.so
%files nfs-idmap -f sssd_nfs_idmap.lang
%{_libdir}/libnfsidmap/sss.so
%files -n libsss_certmap -f libsss_certmap.lang
%license src/sss_client/COPYING src/sss_client/COPYING.LESSER
%{_libdir}/libsss_certmap.so.*
%files -n libsss_certmap-devel
%doc certmap_doc/html
%{_includedir}/sss_certmap.h
%{_libdir}/libsss_certmap.so
%{_libdir}/pkgconfig/sss_certmap.pc
%files kcm -f sssd_kcm.lang
%{_libexecdir}/sssd/sssd_kcm %{_libexecdir}/sssd/sssd_kcm
%config(noreplace) %{_sysconfdir}/krb5.conf.d/kcm_default_ccache %config(noreplace) %{_sysconfdir}/krb5.conf.d/kcm_default_ccache
%dir %{_datadir}/sssd-kcm %dir %{_datadir}/sssd-kcm
@ -414,56 +789,11 @@ done
%{_unitdir}/sssd-kcm.socket %{_unitdir}/sssd-kcm.socket
%{_unitdir}/sssd-kcm.service %{_unitdir}/sssd-kcm.service
%{_libexecdir}/sssd/sssd_ifp %files idp
%{_unitdir}/sssd-ifp.service
%{_datadir}/dbus-1/system.d/org.freedesktop.sssd.infopipe.conf
%{_datadir}/dbus-1/system-services/org.freedesktop.sssd.infopipe.service
%{_libdir}/libsss_sudo.so*
%{_libexecdir}/sssd/proxy_child
%{_libdir}/%{name}/libsss_proxy.so
%{_libdir}/libsss_idmap.so.*
%{_libdir}/libipa_hbac.so.*
%{_libdir}/%{name}/modules/libsss_autofs.so
%{_libdir}/libsss_nss_idmap.so.*
%{_libdir}/libsss_certmap.so.*
%{_libdir}/libnfsidmap/sss.so
%dir %{_libdir}/samba/idmap
%{_libdir}/samba/idmap/sss.so
%{_libdir}/security/pam_sss_gss.so
%{_libexecdir}/sssd/oidc_child %{_libexecdir}/sssd/oidc_child
%{_libdir}/%{name}/modules/sssd_krb5_idp_plugin.so %{_libdir}/%{name}/modules/sssd_krb5_idp_plugin.so
%{_datadir}/sssd/krb5-snippets/sssd_enable_idp %{_datadir}/sssd/krb5-snippets/sssd_enable_idp
%config(noreplace) %{_sysconfdir}/krb5.conf.d/sssd_enable_idp
%config(noreplace) %{_sysconfdir}/krb5.conf.d/enable_sssd_conf_dir
%dir %{_datadir}/sssd/krb5-snippets
%{_datadir}/sssd/krb5-snippets/enable_sssd_conf_dir
%files devel
%{_includedir}/sss_idmap.h
%{_libdir}/libsss_idmap.so
%{_libdir}/pkgconfig/sss_idmap.pc
%{_includedir}/ipa_hbac.h
%{_libdir}/libipa_hbac.so
%{_libdir}/pkgconfig/ipa_hbac.pc
%{_includedir}/sss_nss_idmap.h
%{_libdir}/libsss_nss_idmap.so
%{_libdir}/pkgconfig/sss_nss_idmap.pc
%{_includedir}/sss_certmap.h
%{_libdir}/libsss_certmap.so
%{_libdir}/pkgconfig/sss_certmap.pc
%files -n python3-sssd -f python3_sssd.lang
%dir %{python3_sitelib}/SSSDConfig
%{python3_sitelib}/SSSDConfig/*.py*
%dir %{python3_sitelib}/SSSDConfig/__pycache__
%{python3_sitelib}/SSSDConfig/__pycache__/*.py*
%{python3_sitelib}/sssd
%{python3_sitearch}/pysss.so
%{python3_sitearch}/pysss_murmur.so
%{python3_sitearch}/pysss_nss_idmap.so
%{python3_sitearch}/pyhbac.so
%files help %files help
%doc %{_pkgdocdir} %doc %{_pkgdocdir}
@ -471,7 +801,7 @@ done
%{_mandir}/man5/* %{_mandir}/man5/*
%{_mandir}/man8/* %{_mandir}/man8/*
%post %post common
%systemd_post sssd.service %systemd_post sssd.service
%systemd_post sssd-autofs.socket %systemd_post sssd-autofs.socket
%systemd_post sssd-nss.socket %systemd_post sssd-nss.socket
@ -480,12 +810,8 @@ done
%systemd_post sssd-pam-priv.socket %systemd_post sssd-pam-priv.socket
%systemd_post sssd-ssh.socket %systemd_post sssd-ssh.socket
%systemd_post sssd-sudo.socket %systemd_post sssd-sudo.socket
%systemd_post sssd-kcm.socket
%systemd_post sssd-ifp.service
/sbin/ldconfig
/usr/sbin/alternatives --install /etc/cifs-utils/idmap-plugin cifs-idmap-plugin %{_libdir}/cifs-utils/cifs_idmap_sss.so 20
%preun %preun common
%systemd_preun sssd.service %systemd_preun sssd.service
%systemd_preun sssd-autofs.socket %systemd_preun sssd-autofs.socket
%systemd_preun sssd-nss.socket %systemd_preun sssd-nss.socket
@ -494,13 +820,8 @@ done
%systemd_preun sssd-pam-priv.socket %systemd_preun sssd-pam-priv.socket
%systemd_preun sssd-ssh.socket %systemd_preun sssd-ssh.socket
%systemd_preun sssd-sudo.socket %systemd_preun sssd-sudo.socket
%systemd_preun sssd-kcm.socket
%systemd_preun sssd-ifp.service
if [ $1 -eq 0 ] ; then
/usr/sbin/alternatives --remove cifs-idmap-plugin %{_libdir}/cifs-utils/cifs_idmap_sss.so
fi
%postun %postun common
%systemd_postun_with_restart sssd-autofs.socket %systemd_postun_with_restart sssd-autofs.socket
%systemd_postun_with_restart sssd-nss.socket %systemd_postun_with_restart sssd-nss.socket
%systemd_postun_with_restart sssd-pac.socket %systemd_postun_with_restart sssd-pac.socket
@ -508,11 +829,7 @@ fi
%systemd_postun_with_restart sssd-pam-priv.socket %systemd_postun_with_restart sssd-pam-priv.socket
%systemd_postun_with_restart sssd-ssh.socket %systemd_postun_with_restart sssd-ssh.socket
%systemd_postun_with_restart sssd-sudo.socket %systemd_postun_with_restart sssd-sudo.socket
%systemd_postun_with_restart sssd-kcm.socket
%systemd_postun_with_restart sssd-kcm.service
%systemd_postun_with_restart sssd-ifp.service
# Services have RefuseManualStart=true, therefore we can't request restart.
%systemd_postun sssd-autofs.service %systemd_postun sssd-autofs.service
%systemd_postun sssd-nss.service %systemd_postun sssd-nss.service
%systemd_postun sssd-pac.service %systemd_postun sssd-pac.service
@ -520,12 +837,40 @@ fi
%systemd_postun sssd-ssh.service %systemd_postun sssd-ssh.service
%systemd_postun sssd-sudo.service %systemd_postun sssd-sudo.service
/sbin/ldconfig %post dbus
%systemd_post sssd-ifp.service
%posttrans %preun dbus
%systemd_preun sssd-ifp.service
%postun dbus
%systemd_postun_with_restart sssd-ifp.service
%post kcm
%systemd_post sssd-kcm.socket
%preun kcm
%systemd_preun sssd-kcm.socket
%postun kcm
%systemd_postun_with_restart sssd-kcm.socket
%systemd_postun_with_restart sssd-kcm.service
%post client
/usr/sbin/alternatives --install /etc/cifs-utils/idmap-plugin cifs-idmap-plugin %{_libdir}/cifs-utils/cifs_idmap_sss.so 20
%preun client
if [ $1 -eq 0 ] ; then
/usr/sbin/alternatives --remove cifs-idmap-plugin %{_libdir}/cifs-utils/cifs_idmap_sss.so
fi
%posttrans common
%systemd_postun_with_restart sssd.service %systemd_postun_with_restart sssd.service
%changelog %changelog
* Thu Feb 29 2024 chendexi <chendexi@kylinos.cn> - 2.9.4-2
- unpack for sssd
* Mon Feb 5 2024 wangcheng <wangcheng156@huawei.com> - 2.9.4-1 * Mon Feb 5 2024 wangcheng <wangcheng156@huawei.com> - 2.9.4-1
- upgrade to 2.9.4 - upgrade to 2.9.4
fix some important bugs fix some important bugs
@ -601,3 +946,4 @@ fi
* Tue Aug 27 2019 openEuler Buildteam <buildteam@openeuler.org> - 2.2.2-1 * Tue Aug 27 2019 openEuler Buildteam <buildteam@openeuler.org> - 2.2.2-1
- Package init - Package init