rpms/sssd
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Resolves: RHEL-2319 - Passkey authentication for centrally managed users

Browse Source
This commit is contained in:
Alexey Tikhonov 2023-10-05 14:24:57 +02:00
parent 8083cf0ccf
commit 2f5a668e6a
1 changed files with 25 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
sssd.spec
View File

@ -27,7 +27,7 @@
Name: sssd Name: sssd
Version: 2.9.2 Version: 2.9.2
Release: 1%{?dist} Release: 2%{?dist}
Summary: System Security Services Daemon Summary: System Security Services Daemon
License: GPLv3+ License: GPLv3+
URL: https://github.com/SSSD/sssd/ URL: https://github.com/SSSD/sssd/
@ -84,6 +84,7 @@ BuildRequires: krb5-devel
BuildRequires: krb5-libs >= 1.18.2-11 BuildRequires: krb5-libs >= 1.18.2-11
BuildRequires: libcmocka-devel >= 1.0.0 BuildRequires: libcmocka-devel >= 1.0.0
BuildRequires: libdhash-devel >= 0.4.2 BuildRequires: libdhash-devel >= 0.4.2
BuildRequires: libfido2-devel
BuildRequires: libini_config-devel >= 1.1 BuildRequires: libini_config-devel >= 1.1
BuildRequires: libldb-devel >= %{ldb_version} BuildRequires: libldb-devel >= %{ldb_version}
BuildRequires: libnfsidmap-devel BuildRequires: libnfsidmap-devel
@ -492,6 +493,16 @@ This package provides Kerberos plugins that are required to enable
authentication against external identity providers. Additionally a helper authentication against external identity providers. Additionally a helper
program to handle the OAuth 2.0 Device Authorization Grant is provided. program to handle the OAuth 2.0 Device Authorization Grant is provided.
%package passkey
Summary: SSSD helpers and plugins needed for authentication with passkey token
License: GPLv3+
Requires: sssd-common = %{version}-%{release}
Requires: libfido2
%description passkey
This package provides helper processes and Kerberos plugins that are required to
enable authentication with passkey token.
%prep %prep
%autosetup -p1 %autosetup -p1
@ -568,6 +579,10 @@ cp $RPM_BUILD_ROOT/%{_datadir}/sssd-kcm/kcm_default_ccache \
cp $RPM_BUILD_ROOT/%{_datadir}/sssd/krb5-snippets/sssd_enable_idp \ cp $RPM_BUILD_ROOT/%{_datadir}/sssd/krb5-snippets/sssd_enable_idp \
$RPM_BUILD_ROOT/%{_sysconfdir}/krb5.conf.d/sssd_enable_idp $RPM_BUILD_ROOT/%{_sysconfdir}/krb5.conf.d/sssd_enable_idp
# Enable krb5 passkey plugins by default (when sssd-passkey package is installed)
cp $RPM_BUILD_ROOT/%{_datadir}/sssd/krb5-snippets/sssd_enable_passkey \
$RPM_BUILD_ROOT/%{_sysconfdir}/krb5.conf.d/sssd_enable_passkey
# krb5 configuration snippet # krb5 configuration snippet
cp $RPM_BUILD_ROOT/%{_datadir}/sssd/krb5-snippets/enable_sssd_conf_dir \ cp $RPM_BUILD_ROOT/%{_datadir}/sssd/krb5-snippets/enable_sssd_conf_dir \
$RPM_BUILD_ROOT/%{_sysconfdir}/krb5.conf.d/enable_sssd_conf_dir $RPM_BUILD_ROOT/%{_sysconfdir}/krb5.conf.d/enable_sssd_conf_dir
@ -973,6 +988,12 @@ done
%{_datadir}/sssd/krb5-snippets/sssd_enable_idp %{_datadir}/sssd/krb5-snippets/sssd_enable_idp
%config(noreplace) %{_sysconfdir}/krb5.conf.d/sssd_enable_idp %config(noreplace) %{_sysconfdir}/krb5.conf.d/sssd_enable_idp
%files passkey
%attr(755,%{sssd_user},%{sssd_user}) %{_libexecdir}/%{servicename}/passkey_child
%{_libdir}/%{name}/modules/sssd_krb5_passkey_plugin.so
%{_datadir}/sssd/krb5-snippets/sssd_enable_passkey
%config(noreplace) %{_sysconfdir}/krb5.conf.d/sssd_enable_passkey
%if 0%{?rhel} %if 0%{?rhel}
%pre common %pre common
getent group sssd >/dev/null || groupadd -r sssd getent group sssd >/dev/null || groupadd -r sssd
@ -1062,6 +1083,9 @@ fi
%systemd_postun_with_restart sssd.service %systemd_postun_with_restart sssd.service
%changelog %changelog
* Thu Oct 5 2023 Alexey Tikhonov <atikhono@redhat.com> - 2.9.2-2
- Resolves: RHEL-2319 - Passkey authentication for centrally managed users
* Fri Sep 8 2023 Alexey Tikhonov <atikhono@redhat.com> - 2.9.2-1 * Fri Sep 8 2023 Alexey Tikhonov <atikhono@redhat.com> - 2.9.2-1
- Resolves: RHEL-2632 - Rebase SSSD for RHEL 9.4 - Resolves: RHEL-2632 - Rebase SSSD for RHEL 9.4
- Resolves: RHEL-2319 - Passkey authentication for centrally managed users - Resolves: RHEL-2319 - Passkey authentication for centrally managed users