add patch 0002 too

2009-04-14 21:53:40 +00:00 · 2009-04-14 21:53:40 +00:00 · cb09420cd2
commit cb09420cd2
parent d4c7182341
2 changed files with 142 additions and 0 deletions
--- a/0002-Replace-the-example-sssd.conf-file-with-the-one-used.patch
+++ b/0002-Replace-the-example-sssd.conf-file-with-the-one-used.patch
@ -0,0 +1,140 @@
+From 2f9fb5b8dcf09a3285386b8bade78bcd6867cb24 Mon Sep 17 00:00:00 2001
+From: Stephen Gallagher <sgallagh@redhat.com>
+Date: Tue, 14 Apr 2009 09:30:43 -0400
+Subject: [PATCH] Replace the example sssd.conf file with the one used in Fedora
+
+Also remove the [services/infopipe] section, since we're not
+shipping InfoPipe yet, and that would be confusing.
+---
+ server/examples/sssd.conf |  103 +++++++++++++++++++++++++++++++--------------
+ 1 files changed, 71 insertions(+), 32 deletions(-)
+
+diff --git a/server/examples/sssd.conf b/server/examples/sssd.conf
+index c5fd7e6..b9a421e 100644
+--- a/server/examples/sssd.conf
+++ b/server/examples/sssd.conf
+@@ -1,50 +1,89 @@
+ [services]
+ description = Local Service Configuration
+-activeServices = nss, dp, pam, info
+activeServices = nss, dp, pam
+ 
+ [services/nss]
+ description = NSS Responder Configuration
+-timeout = 10
+-filterGroups = root, foo@TEST
+-filterUsers = root, bar@TEST
+# the following prevents sssd for searching for the root user/group in
+# all domains (you can add here a comma separated list of system accounts are
+# always going to be /etc/passwd users, or that you want to filter out)
+filterGroups = root
+filterUsers = root
+ 
+ [services/dp]
+ description = Data Provider Configuration
+-timeout = 10
+ 
+ [services/pam]
+ description = PAM Responder Configuration
+-timeout = 10
+-
+-[services/info]
+-description = InfoPipe Configuration
+-timeout = 10
+ 
+ [services/monitor]
+ description = Service Monitor Configuration
+-sbusTimeout = 10
+#if a backend is particularly slow you can raise this timeout here
+sbusTimeout = 30
+ 
+ [domains]
+ description = Domains served by SSSD
+-domains = LOCAL
+-
+-[domains/LOCAL]
+-description = Reserved domain for local configurations
+-enumerate = 3
+-minId = 500
+-maxId = 999
+-legacy = TRUE
+-libName = files
+-libPath = /lib64/libnss_files.so.2
+-magicPrivateGroups = FALSE
+-provider = proxy
+-auth-module = proxy
+-pam-target = sssdproxylocal
+-
+-[domains/EXAMPLE.COM]
+-description = Example LDAP domain
+-basedn = dc=example,dc=com
+-command = /usr/libexec/sssd/sssd_be --provider ldap --domain EXAMPLE.COM
+-provider = ldap
+-userSearchBase = ou=user,dc=example,dc=com
+; domains = LOCAL,LDAP
+
+# SSSD will not start if you don't configure any domain.
+# Add new domains condifgurations as [domains/<NAME>] sections.
+# Then add the list of domains (in the order you want them to be
+# queried in the 'domains" attribute above and uncomment it
+
+# Example LOCAL domain that proxies to /etc/passwd and /etc/group files
+# This configuration is meant mostly as a migration path to be able to store
+# additional information about users while still keeping /etc/passwd
+# authoritative.
+
+; [domains/LOCAL]
+; description = LOCAL migration domain
+; enumerate = 3
+; minId = 500
+; magicPrivateGroups = FALSE
+; legacy = TRUE
+;
+; provider = proxy
+; libName = files
+; libPath = libnss_files.so.2
+
+# optionally a file named sssdproxylocal can be place in pam.d configured to
+# check pam_unix only and pam_sss can be used in the normal pam stack
+; auth-module = proxy
+; pam-target = sssdproxylocal
+
+# Example LOCAL domain that stores all users natively in the SSSD internal
+# directory. These local users and groups are not visibile in /etc/passwd, it
+# now contains only root and system accounts.
+
+; [domains/LOCAL]
+; description = LOCAL Users domain
+; enumerate = 3
+; minId = 500
+; maxId = 999
+; legacy = FALSE
+; magicPrivateGroups = TRUE
+
+# Example LDAP domain that uses the proxy backend and the standard nss_ldap
+# and pam_ldap modules (Useful until we have good working native ldap backends).
+# For this to work the /etc/ldap.conf file needs to be correctly configured just
+# like you would do when using nss_ldap in nsswitch.conf, but instead of setting
+# passwd: files ldap, set passwd: files, sss instead there.
+# Also consider using the following setting in /etc/ldap.conf to avoid needless
+# delays if the ldap server is offline:
+# timelimit 10
+# bind_timelimit 5
+# nss_reconnect_maxsleeptime 2
+# nss_reconnect_sleeptime 1
+ 
+; [domains/LDAP]
+; description = Proxy request to our LDAP server
+; enumerate = 0
+; minId = 1000
+; legacy = TRUE
+;
+; provider = proxy
+; libName = ldap
+; libPath = libnss_ldap.so.2
+;
+#if a backend is particularly slow you can raise this timeout here
+; timeout = 60
+-- 
+1.6.0.6
+
--- a/sssd.spec
+++ b/sssd.spec
@ -14,6 +14,7 @@ BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)

 ### Patches ###
 Patch101: 0001-Add-reconnection-code-between-the-NSS-responder-and.patch
+Patch102: 0002-Replace-the-example-sssd.conf-file-with-the-one-used.patch
 Patch103: 0003-Make-reconnection-to-the-Data-Provider-a-global-sett.patch
 Patch104: 0004-Add-common-function-to-retrieve-comma-sep.-lists.patch
 Patch105: 0005-Fixing-memory-issues-in-ini-and-collection.patch
@ -56,6 +57,7 @@ services for projects like FreeIPA.
 %setup -q

 %patch101 -p1 -b .reconnect
+%patch102 -p1 -b .examples
 %patch103 -p1 -b .global_reconnect_option
 %patch104 -p1 -b .fix_filters
 %patch105 -p1 -b .fix_mem_issues