rpms/sssd
7
0
Fork 0
Code Issues Pull Requests Releases Activity

New upstream release 1.10 beta2

Browse Source 
- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.10.0beta2
- BuildRequire libcmocka-devel in order to run all upstream tests during build
- BuildRequire libnl3 instead of libnl1
- No longer BuildRequire initscripts, we no longer use /sbin/service
- Remove explicit krb5-libs >= 1.10 requires; this platform doensn't carry
  any older krb5-libs version
This commit is contained in:
Jakub Hrozek 2013-06-12 12:05:34 +02:00
parent af82f760d4
commit b9ffc0a290
3 changed files with 209 additions and 95 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -43,3 +43,4 @@ sssd-1.2.91.tar.gz
/sssd-1.9.4.tar.gz /sssd-1.9.4.tar.gz
/sssd-1.10.0alpha1.tar.gz /sssd-1.10.0alpha1.tar.gz
/sssd-1.10.0beta1.tar.gz /sssd-1.10.0beta1.tar.gz
/sssd-1.10.0beta2.tar.gz

2
sources
View File

@ -1 +1 @@
7df7667fb8e544e9f766cef4379b5059 sssd-1.10.0beta1.tar.gz f0abc8589009fa0f265852df29beeaa7 sssd-1.10.0beta2.tar.gz

301
sssd.spec
View File

@ -16,44 +16,25 @@
Name: sssd Name: sssd
Version: 1.10.0 Version: 1.10.0
Release: 7%{?dist}.beta1 Release: 7%{?dist}.beta2
Group: Applications/System Group: Applications/System
Summary: System Security Services Daemon Summary: System Security Services Daemon
License: GPLv3+ License: GPLv3+
URL: http://fedorahosted.org/sssd/ URL: http://fedorahosted.org/sssd/
Source0: https://fedorahosted.org/released/sssd/%{name}-%{version}beta1.tar.gz Source0: https://fedorahosted.org/released/sssd/%{name}-%{version}beta2.tar.gz
BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX) BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
### Patches ### ### Patches ###
Patch0001: 0001-AD-read-flat-name-and-SID-of-the-AD-domain.patch
Patch0002: 0002-Actually-use-the-index-parameter-in-resolv_get_socka.patch
Patch0003: 0003-UTIL-Add-function-sss_names_init_from_args.patch
Patch0004: 0004-SSH-Fix-parsing-of-names-from-client-requests.patch
Patch0005: 0005-SSH-Use-separate-field-for-domain-name-in-client-req.patch
Patch0006: 0006-SSH-Do-not-skip-domains-with-use_fully_qualified_nam.patch
Patch0007: 0007-Always-update-cached-upn-if-enterprise-principals-ar.patch
Patch0008: 0008-Enable-the-AD-dynamic-DNS-updates-by-default.patch
Patch0009: 0009-Fix-segfault-in-AD-Subdomains-Module.patch
Patch0010: 0010-LDAP-Always-initialize-idmap-object.patch
Patch0011: 0011-Re-add-a-useful-DEBUG-message.patch
Patch0501: 0501-FEDORA-Switch-the-default-ccache-location.patch Patch0501: 0501-FEDORA-Switch-the-default-ccache-location.patch
### Dependencies ### ### Dependencies ###
Requires: sssd-common = %{version}-%{release}
Conflicts: selinux-policy < 3.10.0-46 Requires: sssd-ldap = %{version}-%{release}
Requires: libldb%{?_isa} = %{ldb_version} Requires: sssd-krb5 = %{version}-%{release}
Requires: libtdb%{?_isa} >= 1.1.3 Requires: sssd-ipa = %{version}-%{release}
Requires: sssd-client%{?_isa} = %{version}-%{release} Requires: sssd-ad = %{version}-%{release}
Requires: cyrus-sasl-gssapi%{?_isa} Requires: sssd-proxy = %{version}-%{release}
Requires: libipa_hbac%{?_isa} = %{version}-%{release}
Requires: libsss_idmap%{?_isa} = %{version}-%{release}
Requires: python-sssdconfig = %{version}-%{release} Requires: python-sssdconfig = %{version}-%{release}
Requires: krb5-libs%{?_isa} >= 1.10
Requires: libini_config >= 1.0.0.1
Requires(post): systemd-units initscripts chkconfig
Requires(preun): systemd-units initscripts chkconfig
Requires(postun): systemd-units initscripts chkconfig
%global servicename sssd %global servicename sssd
%global sssdstatedir %{_localstatedir}/lib/sss %global sssdstatedir %{_localstatedir}/lib/sss
@ -101,7 +82,7 @@ BuildRequires: libselinux-devel
BuildRequires: libsemanage-devel BuildRequires: libsemanage-devel
BuildRequires: bind-utils BuildRequires: bind-utils
BuildRequires: keyutils-libs-devel BuildRequires: keyutils-libs-devel
BuildRequires: libnl-devel BuildRequires: libnl3-devel
BuildRequires: gettext-devel BuildRequires: gettext-devel
BuildRequires: pkgconfig BuildRequires: pkgconfig
BuildRequires: glib2-devel BuildRequires: glib2-devel
@ -109,6 +90,7 @@ BuildRequires: diffstat
BuildRequires: findutils BuildRequires: findutils
BuildRequires: samba4-devel >= samba4-4.0.0-59beta2 BuildRequires: samba4-devel >= samba4-4.0.0-59beta2
BuildRequires: selinux-policy-targeted BuildRequires: selinux-policy-targeted
BuildRequires: libcmocka-devel
%description %description
Provides a set of daemons to manage access to remote directories and Provides a set of daemons to manage access to remote directories and
@ -117,6 +99,39 @@ the system and a pluggable backend system to connect to multiple different
account sources. It is also the basis to provide client auditing and policy account sources. It is also the basis to provide client auditing and policy
services for projects like FreeIPA. services for projects like FreeIPA.
The sssd subpackage is a meta-package that contains the deamon as well as all
the existing back ends.
%package common
Summary: Common files for the SSSD
Group: Applications/System
License: GPLv3+
# Conflicts
Conflicts: selinux-policy < 3.10.0-46
Conflicts: sssd < %{version}-%{release}
# Requires
Requires: libldb%{?_isa} = %{ldb_version}
Requires: libtdb%{?_isa} >= 1.1.3
Requires: sssd-client%{?_isa} = %{version}-%{release}
Requires: libini_config >= 1.0.0.1
Requires(post): systemd-units chkconfig
Requires(preun): systemd-units chkconfig
Requires(postun): systemd-units chkconfig
### Provides ###
Provides: libsss_sudo = %{version}-%{release}
Obsoletes: libsss_sudo <= 1.10.0-7.beta1
Provides: libsss_sudo-devel = %{version}-%{release}
Obsoletes: libsss_sudo-devel <= 1.9.93
Provides: libsss_autofs = %{version}-%{release}
Obsoletes: libsss_autofs <= 1.10.0-7.beta1
%description common
Common files for the SSSD. The common package includes all the files needed
to run a particular back end, however, the back ends are packaged in separate
subpackages such as sssd-ldap.
%package client %package client
Summary: SSSD Client libraries for NSS and PAM Summary: SSSD Client libraries for NSS and PAM
Group: Applications/System Group: Applications/System
@ -152,6 +167,83 @@ BuildArch: noarch
%description -n python-sssdconfig %description -n python-sssdconfig
Provides python files for manipulation SSSD and IPA configuration files. Provides python files for manipulation SSSD and IPA configuration files.
%package ldap
Summary: The LDAP back end of the SSSD
Group: Applications/System
License: GPLv3+
Conflicts: sssd < %{version}-%{release}
Requires: sssd-common = %{version}-%{release}
Requires: libsss_idmap%{?_isa} = %{version}-%{release}
Requires: sssd-krb5-common = %{version}-%{release}
%description ldap
Provides the LDAP back end that the SSSD can utilize to fetch identity data
from and authenticate against an LDAP server.
%package krb5-common
Summary: SSSD helpers needed for Kerberos and GSSAPI authentication
Group: Applications/System
License: GPLv3+
Conflicts: sssd < %{version}-%{release}
Requires: cyrus-sasl-gssapi%{?_isa}
Requires: sssd-common = %{version}-%{release}
%description krb5-common
Provides helper processes that the LDAP and Kerberos back ends can use for
Kerberos user or host authentication.
%package krb5
Summary: The Kerberos authentication back end for the SSSD
Group: Applications/System
License: GPLv3+
Conflicts: sssd < %{version}-%{release}
Requires: sssd-common = %{version}-%{release}
Requires: sssd-krb5-common = %{version}-%{release}
%description krb5
Provides the Kerberos back end that the SSSD can utilize authenticate
against a Kerberos server.
%package ipa
Summary: The IPA back end of the SSSD
Group: Applications/System
License: GPLv3+
Conflicts: sssd < %{version}-%{release}
Requires: sssd-common = %{version}-%{release}
Requires: sssd-krb5-common = %{version}-%{release}
Requires: libipa_hbac{?_isa} = %{version}-%{release}
Requires: libsss_idmap{?_isa} = %{version}-%{release}
Requires: bind-utils
%description ipa
Provides the IPA back end that the SSSD can utilize to fetch identity data
from and authenticate against an IPA server.
%package ad
Summary: The AD back end of the SSSD
Group: Applications/System
License: GPLv3+
Conflicts: sssd < %{version}-%{release}
Requires: sssd-common = %{version}-%{release}
Requires: sssd-krb5-common = %{version}-%{release}
Requires: libsss_idmap{?_isa} = %{version}-%{release}
Requires: bind-utils
%description ad
Provides the Active Directory back end that the SSSD can utilize to fetch
identity data from and authenticate against an Active Directory server.
%package proxy
Summary: The proxy back end of the SSSD
Group: Applications/System
License: GPLv3+
Conflicts: sssd < %{version}-%{release}
Requires: sssd-common = %{version}-%{release}
%description proxy
Provides the proxy back end which can be used to wrap an existing NSS and/or
PAM modules to leverage SSSD caching.
%package -n libsss_idmap %package -n libsss_idmap
Summary: FreeIPA Idmap library Summary: FreeIPA Idmap library
Group: Development/Libraries Group: Development/Libraries
@ -229,26 +321,6 @@ Requires: libsss_nss_idmap = %{version}-%{release}
The libsss_nss_idmap-python contains the bindings so that libsss_nss_idmap can The libsss_nss_idmap-python contains the bindings so that libsss_nss_idmap can
be used by Python applications. be used by Python applications.
%package -n libsss_sudo
Summary: A library to allow communication between SUDO and SSSD
Group: Development/Libraries
License: LGPLv3+
Requires(post): /sbin/ldconfig
Requires(postun): /sbin/ldconfig
Requires: sssd = %{version}-%{release}
%description -n libsss_sudo
A utility library to allow communication between SUDO and SSSD
%package -n libsss_sudo-devel
Summary: A library to allow communication between SUDO and SSSD
Group: Development/Libraries
License: LGPLv3+
Requires: libsss_sudo = %{version}-%{release}
%description -n libsss_sudo-devel
A utility library to allow communication between SUDO and SSSD
%prep %prep
# Update timestamps on the files touched by a patch, to avoid non-equal # Update timestamps on the files touched by a patch, to avoid non-equal
# .pyc/.pyo files across the multilib peers within a build, where "Level" # .pyc/.pyo files across the multilib peers within a build, where "Level"
@ -265,7 +337,7 @@ UpdateTimestamps() {
done done
} }
%setup -q -n %{name}-1.9.92 %setup -q -n %{name}-1.9.94
for p in %patches ; do for p in %patches ; do
@ -337,6 +409,11 @@ done
touch sssd_tools.lang touch sssd_tools.lang
touch sssd_client.lang touch sssd_client.lang
for provider in ldap krb5 ipa ad proxy
do
touch sssd_$provider.lang
done
for man in `find $RPM_BUILD_ROOT/%{_mandir}/??/man?/ -type f | sed -e "s#$RPM_BUILD_ROOT/%{_mandir}/##"` for man in `find $RPM_BUILD_ROOT/%{_mandir}/??/man?/ -type f | sed -e "s#$RPM_BUILD_ROOT/%{_mandir}/##"`
do do
lang=`echo $man | cut -c 1-2` lang=`echo $man | cut -c 1-2`
@ -353,8 +430,20 @@ do
pam_sss*) pam_sss*)
echo \%lang\(${lang}\) \%{_mandir}/${man}\* >> sssd_client.lang echo \%lang\(${lang}\) \%{_mandir}/${man}\* >> sssd_client.lang
;; ;;
sssd_krb5_locator_plugin*) sssd-ldap*)
echo \%lang\(${lang}\) \%{_mandir}/${man}\* >> sssd_client.lang echo \%lang\(${lang}\) \%{_mandir}/${man}\* >> sssd_ldap.lang
;;
sssd-krb5*)
echo \%lang\(${lang}\) \%{_mandir}/${man}\* >> sssd_krb5.lang
;;
sssd-ipa*)
echo \%lang\(${lang}\) \%{_mandir}/${man}\* >> sssd_ipa.lang
;;
sssd-ad*)
echo \%lang\(${lang}\) \%{_mandir}/${man}\* >> sssd_ad.lang
;;
sssd-proxy*)
echo \%lang\(${lang}\) \%{_mandir}/${man}\* >> sssd_proxy.lang
;; ;;
*) *)
echo \%lang\(${lang}\) \%{_mandir}/${man}\* >> sssd.lang echo \%lang\(${lang}\) \%{_mandir}/${man}\* >> sssd.lang
@ -372,11 +461,21 @@ cat sssd_client.lang
echo "sssd_tools.lang:" echo "sssd_tools.lang:"
cat sssd_tools.lang cat sssd_tools.lang
for provider in ldap krb5 ipa ad proxy
do
echo "sssd_$provider.lang:"
cat sssd_$provider.lang
done
%clean %clean
rm -rf $RPM_BUILD_ROOT rm -rf $RPM_BUILD_ROOT
%files -f sssd.lang %files
%defattr(-,root,root,-)
%doc COPYING
%files common -f sssd.lang
%defattr(-,root,root,-) %defattr(-,root,root,-)
%doc COPYING %doc COPYING
%doc src/examples/sssd-example.conf %doc src/examples/sssd-example.conf
@ -384,33 +483,27 @@ rm -rf $RPM_BUILD_ROOT
%{_sbindir}/sssd %{_sbindir}/sssd
%dir %{_libexecdir}/%{servicename} %dir %{_libexecdir}/%{servicename}
%{_libexecdir}/%{servicename}/krb5_child
%{_libexecdir}/%{servicename}/ldap_child
%{_libexecdir}/%{servicename}/proxy_child
%{_libexecdir}/%{servicename}/sssd_be %{_libexecdir}/%{servicename}/sssd_be
%{_libexecdir}/%{servicename}/sssd_nss %{_libexecdir}/%{servicename}/sssd_nss
%{_libexecdir}/%{servicename}/sssd_pam %{_libexecdir}/%{servicename}/sssd_pam
%{_libexecdir}/%{servicename}/sssd_autofs %{_libexecdir}/%{servicename}/sssd_autofs
%{_libexecdir}/%{servicename}/sssd_ssh %{_libexecdir}/%{servicename}/sssd_ssh
%{_libexecdir}/%{servicename}/sssd_sudo %{_libexecdir}/%{servicename}/sssd_sudo
%{_libexecdir}/%{servicename}/sssd_pac
%dir %{_libdir}/%{name} %dir %{_libdir}/%{name}
%{_libdir}/%{name}/libsss_ipa.so
%{_libdir}/%{name}/libsss_krb5.so
%{_libdir}/%{name}/libsss_ldap.so
%{_libdir}/%{name}/libsss_proxy.so
%{_libdir}/%{name}/libsss_simple.so %{_libdir}/%{name}/libsss_simple.so
%{_libdir}/%{name}/libsss_ad.so
#Internal shared libraries #Internal shared libraries
%{_libdir}/%{name}/libsss_child.so %{_libdir}/%{name}/libsss_child.so
%{_libdir}/%{name}/libsss_crypt.so %{_libdir}/%{name}/libsss_crypt.so
%{_libdir}/%{name}/libsss_debug.so %{_libdir}/%{name}/libsss_debug.so
%{_libdir}/%{name}/libsss_krb5_common.so
%{_libdir}/%{name}/libsss_ldap_common.so %{_libdir}/%{name}/libsss_ldap_common.so
%{_libdir}/%{name}/libsss_util.so %{_libdir}/%{name}/libsss_util.so
# 3rd party application libraries
%{_libdir}/sssd/modules/libsss_autofs.so
%{_libdir}/libsss_sudo.so
%{ldb_modulesdir}/memberof.so %{ldb_modulesdir}/memberof.so
%{_bindir}/sss_ssh_authorizedkeys %{_bindir}/sss_ssh_authorizedkeys
%{_bindir}/sss_ssh_knownhostsproxy %{_bindir}/sss_ssh_knownhostsproxy
@ -424,7 +517,6 @@ rm -rf $RPM_BUILD_ROOT
%ghost %attr(0644,root,root) %verify(not md5 size mtime) %{mcpath}/group %ghost %attr(0644,root,root) %verify(not md5 size mtime) %{mcpath}/group
%attr(755,root,root) %dir %{pipepath} %attr(755,root,root) %dir %{pipepath}
%attr(755,root,root) %dir %{pubconfpath} %attr(755,root,root) %dir %{pubconfpath}
%attr(755,root,root) %dir %{pubconfpath}/krb5.include.d
%attr(700,root,root) %dir %{pipepath}/private %attr(700,root,root) %dir %{pipepath}/private
%attr(750,root,root) %dir %{_var}/log/%{name} %attr(750,root,root) %dir %{_var}/log/%{name}
%attr(700,root,root) %dir %{_sysconfdir}/sssd %attr(700,root,root) %dir %{_sysconfdir}/sssd
@ -437,18 +529,56 @@ rm -rf $RPM_BUILD_ROOT
%{_mandir}/man1/sss_ssh_authorizedkeys.1* %{_mandir}/man1/sss_ssh_authorizedkeys.1*
%{_mandir}/man1/sss_ssh_knownhostsproxy.1* %{_mandir}/man1/sss_ssh_knownhostsproxy.1*
%{_mandir}/man5/sssd.conf.5* %{_mandir}/man5/sssd.conf.5*
%{_mandir}/man5/sssd-ipa.5*
%{_mandir}/man5/sssd-krb5.5*
%{_mandir}/man5/sssd-ldap.5*
%{_mandir}/man5/sssd-simple.5* %{_mandir}/man5/sssd-simple.5*
%{_mandir}/man5/sssd-ad.5*
%{_mandir}/man5/sssd-sudo.5* %{_mandir}/man5/sssd-sudo.5*
%{_mandir}/man8/sssd.8* %{_mandir}/man8/sssd.8*
%{_mandir}/man8/sss_cache.8* %{_mandir}/man8/sss_cache.8*
%{python_sitearch}/pysss.so %{python_sitearch}/pysss.so
%{python_sitearch}/pysss_murmur.so %{python_sitearch}/pysss_murmur.so
%files ldap -f sssd_ldap.lang
%defattr(-,root,root,-)
%doc COPYING
%{_libdir}/%{name}/libsss_ldap.so
%{_mandir}/man5/sssd-ldap.5*
%files krb5-common
%defattr(-,root,root,-)
%doc COPYING
%{_libdir}/%{name}/libsss_krb5_common.so
%{_libexecdir}/%{servicename}/ldap_child
%{_libexecdir}/%{servicename}/krb5_child
%files krb5 -f sssd_krb5.lang
%defattr(-,root,root,-)
%doc COPYING
%{_libdir}/%{name}/libsss_krb5.so
%{_mandir}/man5/sssd-krb5.5*
%files ipa -f sssd_ipa.lang
%defattr(-,root,root,-)
%doc COPYING
# RHEL 5 is too old to support the PAC responder
%if !0%{?is_rhel5}
%{_libexecdir}/%{servicename}/sssd_pac
%endif
%attr(755,root,root) %dir %{pubconfpath}/krb5.include.d
%{_libdir}/%{name}/libsss_ipa.so
%{_mandir}/man5/sssd-ipa.5*
%files ad -f sssd_ad.lang
%defattr(-,root,root,-)
%doc COPYING
%{_libdir}/%{name}/libsss_ad.so
%{_mandir}/man5/sssd-ad.5*
%files proxy
%defattr(-,root,root,-)
%doc COPYING
%{_libexecdir}/%{servicename}/proxy_child
%{_libdir}/%{name}/libsss_proxy.so
%files client -f sssd_client.lang %files client -f sssd_client.lang
%defattr(-,root,root,-) %defattr(-,root,root,-)
%doc src/sss_client/COPYING src/sss_client/COPYING.LESSER %doc src/sss_client/COPYING src/sss_client/COPYING.LESSER
@ -516,28 +646,6 @@ rm -rf $RPM_BUILD_ROOT
%defattr(-,root,root,-) %defattr(-,root,root,-)
%{python_sitearch}/pyhbac.so %{python_sitearch}/pyhbac.so
%package -n libsss_autofs
Summary: A library to allow communication between Autofs and SSSD
Group: Development/Libraries
License: LGPLv3+
%description -n libsss_autofs
A utility library to allow communication between Autofs and SSSD
%files -n libsss_sudo
%defattr(-,root,root,-)
%doc src/sss_client/COPYING src/sss_client/COPYING.LESSER
%{_libdir}/libsss_sudo.so*
%files -n libsss_sudo-devel
%doc libsss_sudo_doc/html
%{_includedir}/sss_sudo.h
%files -n libsss_autofs
%defattr(-,root,root,-)
%doc src/sss_client/COPYING src/sss_client/COPYING.LESSER
%{_libdir}/sssd/modules/libsss_autofs.so*
%files -n libsss_nss_idmap %files -n libsss_nss_idmap
%defattr(-,root,root,-) %defattr(-,root,root,-)
%doc src/sss_client/COPYING src/sss_client/COPYING.LESSER %doc src/sss_client/COPYING src/sss_client/COPYING.LESSER
@ -603,11 +711,16 @@ fi
%postun -n libsss_idmap -p /sbin/ldconfig %postun -n libsss_idmap -p /sbin/ldconfig
%post -n libsss_sudo -p /sbin/ldconfig
%postun -n libsss_sudo -p /sbin/ldconfig
%changelog %changelog
* Wed Jun 12 2013 Jakub Hrozek <jhrozek@redhat.com> - 1.10.0-8.beta2
- New upstream release 1.10 beta2
- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.10.0beta2
- BuildRequire libcmocka-devel in order to run all upstream tests during build
- BuildRequire libnl3 instead of libnl1
- No longer BuildRequire initscripts, we no longer use /sbin/service
- Remove explicit krb5-libs >= 1.10 requires; this platform doensn't carry any
older krb5-libs version
* Fri May 24 2013 Jakub Hrozek <jhrozek@redhat.com> - 1.10.0-7.beta1 * Fri May 24 2013 Jakub Hrozek <jhrozek@redhat.com> - 1.10.0-7.beta1
- Apply a couple of patches from upstream git that resolve crashes when - Apply a couple of patches from upstream git that resolve crashes when
ID mapping object was not initialized properly but needed later ID mapping object was not initialized properly but needed later