Rebase opendnsec and use systemd-sysusers for user management

- Rebase to stable version 2.1.14
  Resolves: RHEL-75904
- Use systemd-sysusers to create users
  Resolves: RHEL-4896

Signed-off-by: Rafael Guterres Jeffman <rjeffman@redhat.com>

.gitignore

@@ -24,3 +24,5 @@
 /opendnssec-2.1.10.tar.gz
 /opendnssec-2.1.14rc1.tar.gz
 /opendnssec-2.1.14rc1.tar.gz.sig
+/opendnssec-2.1.14.tar.gz
+/opendnssec-2.1.14.tar.gz.sig

opendnssec-sysusers.conf

@@ -0,0 +1 @@
+u ods - "opendnssec daemon account"

opendnssec.spec

@@ -1,14 +1,13 @@
-%global prever rc1
 %global _hardened_build 1
 
 Summary: DNSSEC key and zone management software
 Name: opendnssec
 Version: 2.1.14
-Release: 0.3rc1%{?dist}
+Release: 1%{?dist}
 License: BSD-2-Clause
 Url: http://www.opendnssec.org/
-Source0: http://www.opendnssec.org/files/source/%{?prever:testing/}%{name}-%{version}%{?prever}.tar.gz
-Source10: http://www.opendnssec.org/files/source/%{?prever:testing/}%{name}-%{version}%{?prever}.tar.gz.sig
+Source0: https://dist.opendnssec.org/files/source/%{?prever:testing/}%{name}-%{version}%{?prever}.tar.gz
+Source10: https://dist.opendnssec.org/files/source/%{?prever:testing/}%{name}-%{version}%{?prever}.tar.gz.sig
 Source1: ods-enforcerd.service
 Source2: ods-signerd.service
 Source3: ods.sysconfig
@@ -17,6 +16,7 @@ Source5: tmpfiles-opendnssec.conf
 Source6: opendnssec.cron
 Source7: opendnssec-2.1.sqlite_convert.sql
 Source8: opendnssec-2.1.sqlite_rpmversion.sql
+Source9: %{name}-sysusers.conf
 Patch1: 0001-Pass-right-remaining-buffer-size-in-hsm_hex_unparse-.patch
 Patch2: opendnssec-configure-c99.patch
 Patch3: opendnssec-2.1.14rc1-gcc14.patch
@@ -96,6 +96,7 @@ install -m 0644 %{SOURCE3} %{buildroot}/%{_sysconfdir}/sysconfig/ods
 install -m 0644 %{SOURCE4} %{buildroot}/%{_sysconfdir}/opendnssec/
 mkdir -p %{buildroot}%{_tmpfilesdir}/
 install -m 0644 %{SOURCE5} %{buildroot}%{_tmpfilesdir}/opendnssec.conf
+install -D %{SOURCE9} %{buildroot}%{_sysusersdir}/%{name}.conf
 mkdir -p %{buildroot}%{_localstatedir}/run/opendnssec
 mkdir -p %{buildroot}%{_datadir}/opendnssec/
 cp -a enforcer/utils %{buildroot}%{_datadir}/opendnssec/migration
@@ -131,13 +132,11 @@ sed -i "s:sqlite_convert.sql:%{_datadir}/opendnssec/migration/1.4-2.0_db_convert
 %{_bindir}/*
 %attr(0755,root,root) %dir %{_datadir}/opendnssec
 %{_datadir}/opendnssec/*
+%{_sysusersdir}/%{name}.conf
 
 %pre
-getent group ods >/dev/null || groupadd -r ods
-getent passwd ods >/dev/null || \
-useradd -r -g ods -d /etc/opendnssec -s /sbin/nologin \
--c "opendnssec daemon account" ods
-exit 0
+
+%sysusers_create_package %{name} %{SOURCE9}
 
 %post
 # Initialise a slot on the softhsm on first install
@@ -196,6 +195,12 @@ ods-enforcer update all >/dev/null 2>/dev/null ||:
 %systemd_postun_with_restart ods-signerd.service
 
 %changelog
+* Wed Jan 22 2025 Rafael Jeffman <rjeffman@redhat.com> - 2.1.14-1
+- Rebase to stable version 2.1.14
+  Resolves: RHEL-75904
+- Use systemd-sysusers to create users
+  Resolves: RHEL-4896
+
 * Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 2.1.14-0.3rc1
 - Bump release for October 2024 mass rebuild:
   Resolves: RHEL-64018

sources

@@ -1,2 +1,2 @@
-SHA512 (opendnssec-2.1.14rc1.tar.gz) = 82e86f1146e889328ac702ced686d01ddc4afb05450e03198d32a70409fcca702c59fdcebf93b35458ba9a9f5d34d8cd038291f9de8341a8d42947c271e3ac9e
-SHA512 (opendnssec-2.1.14rc1.tar.gz.sig) = 205dfe315e72d1055df713f6c25b9dda3d233dab23d17e6bc7b4e942365560ad2da822cfad48b6cdd401eeb33a61817e261b35f0d5da03281b4de7479331fb99
+SHA512 (opendnssec-2.1.14.tar.gz) = 406532008b85fbcae765a41e9fba28ce97051d86f6b64f58ded02288ac7a417a83bf93739712588b641c7d782a06448aeeb65415fd5585f70a362211a184593f
+SHA512 (opendnssec-2.1.14.tar.gz.sig) = 45684220fa29e31e7c77a2f5802f5e56edb780a536fe7c81b9fae2b9c41664647f1f321f1f3bea8a82d806dda08d21ac32edc8f3e5ed3bea72729c7fd3b94620