rpms/sssd
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
d6e2c70de2
sssd/sssd.spec
Stephen Gallagher d6e2c70de2 Dmitri Pal (10): 
COLLECTION Adding item comparison and sorting
COLLECTION Realigning collection code
COLLECTION Making iterations pinnable
COLLECTION Enhancing hashing and iteration functions
ELAPI Event resolver
ELAPI Resolving message attribute
ELAPI Fixing warnings in the example
ELAPI Rename variables and functions not to use word template
ELAPI Fixed the host name resolution
ELAPI Compatibility code for getifaddr()
Jakub Hrozek (3):
Fix python sync operations and mem hierarchy
Fix error messages in tools
User home directories management
Martin Nagy (7):
Use correct talloc context in sss_names_init()
Fix potential memory leaks in the data provider
Use talloc_get_type() for type safety
Use talloc to copy data from c-ares
Add a new set of helpful common functions for tests
Various improvements to the resolv test suite
Delete sssd-i18n.h and put it's old contents into util.h
Piotr Dr?g (1):
Update polish translation for 0.6.0
Ralf Haferkamp (2):
LDAP provider needs to link against krb libraries
SUSE specific init script
Simo Sorce (21):
Tighten up permission.
Initial implementation of sasl bind support
Fix tools sync operations and mem hierarchy
Fix long timeout on ldap operation
Make dp requests more robust
Differentiate between search and network timeouts
Remove DP process
Start responders predictably after providers
Remove magicPrivateGroups option
Fix services startup when only LOCAL is configured
Make options parser available to all providers
Move ldap provider configuration into its own file
Fix offline authentication
Return the dp error from the providers
Move all ldap provider init functions
Move all krb5 provider init functions
Add first basic IPA provider
Always list inputs before outputs
Start implementing ipa specific options.
Better offline/enumeration behavior
Fix setting the schema in the ipa provider
Stephen Gallagher (24):
Update version to 0.6.0
Fix infinite loop with empty group enumeration
Updating release script to use the VERSION file
Change requirement on libldb to libldb >= 0.9.3
INI Add config_from_fd() to ini_config
Remove unused btreemap code
Add new SSSDConfig python API
Add plugin configuration schema for proxy provider
Package SSSDConfig API
Clean up warnings in pysss.c
Remove warnings caused by 5e2301b8a75d10e5cbbe11e26e5192b894af6ad7
Remove two unused functions.
Fix segfault when using SSS tools with no local provider
Do not allow setting auth, access or chpass providers for LOCAL
Add krb5_common.h to the list of headers to 'make dist'
Use Python 3-compatible sitearch and sitelib
Better detect installed language files
Clean up rpmlint errors and warnings in sssd-client package
Set the Default-Stop LSB option for the SSSD sysv init script
Fix RPM builds on older versions of rpmbuild
Bring SSSDConfig API options up-to-date
Add pam_ctx (similar to nss_ctx) for storing global PAM config
Add support for offline auth cache timeout
Update version to 0.7.0
Sumit Bose (28):
update sysdb tests to new config file version
add utility call check_and_open_readonly
more documentation and test for sssd.conf
handle expired password during authentication
move password handling into subroutines
ask for new password if password is expired
remove redundant talloc_free
add description of chpass_provider option to sssd.conf man page
add support for server side LDAP password policies
add syslog message similar to pam_unix
use the correct kerberos context for each target
fix a wrong argument to unpack_buffer
add -Werror-implicit-function-declaration to default gcc flags
add a replacement if ldap_control_create is missing
use PYTHON_PREFIX to install SSSDConfig python API
add missing %defattr to the filelist of the client package
make sdap_id_connect_* independent of sdap_id_ctx
send a message if a backend target is not configured
use old password if available during password change
set chpass_provider implicit if not set explicit
more implicit provider target settings
enable debugging of krb5_child
Check for expired passwords in LDAP provider
added generic LDAP search sdap_get_generic_send/_recv
add store/search/delete interface for custom sysdb objects
update krb5 option handling to new option scheme
update ipa auth options to new option scheme
fix a compiler warning about redefinition of DEBUG
2009-10-23 19:52:18 +00:00

278 lines
8.6 KiB
RPMSpec
Raw Blame History

%{!?python_sitearch: %global python_sitearch %(%{__python} -c "from distutils.sysconfig import *; import sys; sys.stdout.write(get_python_lib(1))")}
%{!?python_sitelib: %global python_sitelib %(%{__python} -c "from distutils.sysconfig import *; import sys; sys.stdout.write(get_python_lib())")}
Name: sssd
Version: 0.7.0
Release: 1%{?dist}
Group: Applications/System
Summary: System Security Services Daemon
# The entire source code is GPLv3+ except replace/ which is LGPLv3+
License: GPLv3+ and LGPLv3+
URL: http://fedorahosted.org/sssd
Source: https://fedorahosted.org/released/sssd/sssd-%{version}.tar.gz
Source1: sssd.conf.default
BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
### Patches ###
### Dependencies ###
Requires: libldb >= 0.9.3
Requires: libtdb >= 1.1.3
Requires: sssd-client = 0.7.0
Requires(post): python
Requires(preun): initscripts chkconfig
Requires(postun): /sbin/service
%define servicename sssd
%define sssdstatedir %{_localstatedir}/lib/sss
%define dbpath %{sssdstatedir}/db
%define pipepath %{sssdstatedir}/pipes
### Build Dependencies ###
BuildRequires: autoconf
BuildRequires: automake
BuildRequires: libtool
BuildRequires: m4
%{?fedora:BuildRequires: popt-devel}
%{?rhel:BuildRequires: popt}
BuildRequires: libtalloc-devel
BuildRequires: libtevent-devel
BuildRequires: libtdb-devel
BuildRequires: libldb-devel
BuildRequires: dbus-devel
BuildRequires: dbus-libs
BuildRequires: openldap-devel
BuildRequires: pam-devel
BuildRequires: nss-devel
BuildRequires: nspr-devel
BuildRequires: pcre-devel
BuildRequires: libxslt
BuildRequires: libxml2
BuildRequires: docbook-style-xsl
BuildRequires: krb5-devel
BuildRequires: c-ares-devel
BuildRequires: python-devel
%description
Provides a set of daemons to manage access to remote directories and
authentication mechanisms. It provides an NSS and PAM interface toward
the system and a pluggable backend system to connect to multiple different
account sources. It is also the basis to provide client auditing and policy
services for projects like FreeIPA.
%package client
Summary: SSSD Client libraries for NSS and PAM
Group: Applications/System
%description client
Provides the libraries needed by the PAM and NSS stacks to connect to the SSSD
service.
%prep
%setup -q
%build
%configure \
--without-tests \
--with-db-path=%{dbpath} \
--with-pipe-path=%{pipepath} \
--with-init-dir=%{_initrddir} \
--enable-nsslibdir=/%{_lib}
make %{?_smp_mflags}
%install
rm -rf $RPM_BUILD_ROOT
make install DESTDIR=$RPM_BUILD_ROOT
# Prepare language files
/usr/lib/rpm/find-lang.sh $RPM_BUILD_ROOT sss_daemon
/usr/lib/rpm/find-lang.sh $RPM_BUILD_ROOT sss_client
mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/sssd
install -m600 %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.conf
install -m400 server/config/etc/sssd.api.conf $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.api.conf
install -m400 server/config/etc/sssd.api.d/* $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.api.d/
# Remove .la files created by libtool
rm -f \
$RPM_BUILD_ROOT/%{_lib}/libnss_sss.la \
$RPM_BUILD_ROOT/%{_lib}/security/pam_sss.la \
$RPM_BUILD_ROOT/%{_libdir}/ldb/memberof.la \
$RPM_BUILD_ROOT/%{_libdir}/sssd/libsss_ldap.la \
$RPM_BUILD_ROOT/%{_libdir}/sssd/libsss_proxy.la \
$RPM_BUILD_ROOT/%{_libdir}/sssd/libsss_krb5.la \
$RPM_BUILD_ROOT/%{_libdir}/krb5/plugins/libkrb5/sssd_krb5_locator_plugin.la \
$RPM_BUILD_ROOT/%{python_sitearch}/pysss.la
if test -e $RPM_BUILD_ROOT/%{_libdir}/krb5/plugins/libkrb5/sssd_krb5_locator_plugin.so
then
# Apppend this file to the sss_daemon.lang
# Older versions of rpmbuild can only handle one -f option
echo %{_libdir}/krb5/plugins/libkrb5/sssd_krb5_locator_plugin.so >> sss_daemon.lang
fi
%clean
rm -rf $RPM_BUILD_ROOT
%files -f sss_daemon.lang
%defattr(-,root,root,-)
%doc COPYING
%attr(755,root,root) %{_initrddir}/%{name}
%{_sbindir}/sssd
%{_sbindir}/sss_useradd
%{_sbindir}/sss_userdel
%{_sbindir}/sss_usermod
%{_sbindir}/sss_groupadd
%{_sbindir}/sss_groupdel
%{_sbindir}/sss_groupmod
%{_libexecdir}/%{servicename}/
%{_libdir}/%{name}/
%{_libdir}/ldb/memberof.so
%dir %{sssdstatedir}
%attr(700,root,root) %dir %{dbpath}
%attr(755,root,root) %dir %{pipepath}
%attr(700,root,root) %dir %{pipepath}/private
%attr(750,root,root) %dir %{_var}/log/%{name}
%attr(700,root,root) %dir %{_sysconfdir}/sssd
%config(noreplace) %{_sysconfdir}/sssd/sssd.conf
%config %{_sysconfdir}/sssd/sssd.api.conf
%attr(700,root,root) %dir %{_sysconfdir}/sssd/sssd.api.d
%config %{_sysconfdir}/sssd/sssd.api.d/
%{_mandir}/man5/sssd.conf.5*
%{_mandir}/man5/sssd-ipa.5*
%{_mandir}/man5/sssd-krb5.5*
%{_mandir}/man5/sssd-ldap.5*
%{_mandir}/man8/sssd.8*
%{_mandir}/man8/sss_groupadd.8*
%{_mandir}/man8/sss_groupdel.8*
%{_mandir}/man8/sss_groupmod.8*
%{_mandir}/man8/sss_useradd.8*
%{_mandir}/man8/sss_userdel.8*
%{_mandir}/man8/sss_usermod.8*
%{_mandir}/man8/sssd_krb5_locator_plugin.8*
%{python_sitearch}/pysss.so
%{python_sitelib}/*.py*
%{?fedora:%{python_sitelib}/*.egg-info}
%files client -f sss_client.lang
%defattr(-,root,root,-)
/%{_lib}/libnss_sss.so.2
/%{_lib}/security/pam_sss.so
%{_mandir}/man8/pam_sss.8*
%post
/sbin/ldconfig
/sbin/chkconfig --add %{servicename}
if [ $1 -ge 2 ] ; then
# a one-time upgrade from confdb v1 to v2, only if upgrading
python %{_libexecdir}/%{servicename}/upgrade_config.py
fi
%preun
if [ $1 = 0 ]; then
/sbin/service %{servicename} stop 2>&1 > /dev/null
/sbin/chkconfig --del %{servicename}
fi
%postun
/sbin/ldconfig
if [ $1 -ge 1 ] ; then
/sbin/service %{servicename} condrestart 2>&1 > /dev/null
fi
%post client -p /sbin/ldconfig
%postun client -p /sbin/ldconfig
%changelog
* Fri Oct 23 2009 Stephen Gallagher <sgallagh@redhat.com> - 0.7.0-1
- New upstream release 0.7.0
* Thu Oct 15 2009 Stephen Gallagher <sgallagh@redhat.com> - 0.6.1-2
- Fix missing file permissions for sssd-clients
* Tue Oct 13 2009 Stephen Gallagher <sgallagh@redhat.com> - 0.6.1-1
- Add SSSDConfig API
- Update polish translation for 0.6.0
- Fix long timeout on ldap operation
- Make dp requests more robust
* Tue Sep 29 2009 Stephen Gallagher <sgallagh@redhat.com> - 0.6.0-1
- Ensure that the configuration upgrade script always writes the config
file with 0600 permissions
- Eliminate an infinite loop in group enumerations
* Mon Sep 28 2009 Sumit Bose <sbose@redhat.com> - 0.6.0-0
- New upstream release 0.6.0
* Mon Aug 24 2009 Simo Sorce <ssorce@redhat.com> - 0.5.0-0
- New upstream release 0.5.0
* Wed Jul 29 2009 Jakub Hrozek <jhrozek@redhat.com> - 0.4.1-4
- Fix for CVE-2009-2410 - Native SSSD users with no password set could log in
without a password. (Patch by Stephen Gallagher)
* Sun Jul 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.4.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Mon Jun 22 2009 Simo Sorce <ssorce@redhat.com> - 0.4.1-2
- Fix a couple of segfaults that may happen on reload
* Thu Jun 11 2009 Simo Sorce <ssorce@redhat.com> - 0.4.1-1
- add missing configure check that broke stopping the daemon
- also fix default config to add a missing required option
* Mon Jun 8 2009 Simo Sorce <ssorce@redhat.com> - 0.4.1-0
- latest upstream release.
- also add a patch that fixes debugging output (potential segfault)
* Mon Apr 20 2009 Simo Sorce <ssorce@redhat.com> - 0.3.2-2
- release out of the official 0.3.2 tarball
* Mon Apr 20 2009 Jakub Hrozek <jhrozek@redhat.com> - 0.3.2-1
- bugfix release 0.3.2
- includes previous release patches
- change permissions of the /etc/sssd/sssd.conf to 0600
* Tue Apr 14 2009 Simo Sorce <ssorce@redhat.com> - 0.3.1-2
- Add last minute bug fixes, found in testing the package
* Mon Apr 13 2009 Simo Sorce <ssorce@redhat.com> - 0.3.1-1
- Version 0.3.1
- includes previous release patches
* Mon Apr 13 2009 Simo Sorce <ssorce@redhat.com> - 0.3.0-2
- Try to fix build adding automake as an explicit BuildRequire
- Add also a couple of last minute patches from upstream
* Mon Apr 13 2009 Simo Sorce <ssorce@redhat.com> - 0.3.0-1
- Version 0.3.0
- Provides file based configuration and lots of improvements
* Tue Mar 10 2009 Simo Sorce <ssorce@redhat.com> - 0.2.1-1
- Version 0.2.1
* Tue Mar 10 2009 Simo Sorce <ssorce@redhat.com> - 0.2.0-1
- Version 0.2.0
* Sun Mar 08 2009 Jakub Hrozek <jhrozek@redhat.com> - 0.1.0-5.20090309git691c9b3
- package git snapshot
* Fri Mar 06 2009 Jakub Hrozek <jhrozek@redhat.com> - 0.1.0-4
- fixed items found during review
- added initscript
* Thu Mar 05 2009 Sumit Bose <sbose@redhat.com> - 0.1.0-3
- added sss_client
* Mon Feb 23 2009 Jakub Hrozek <jhrozek@redhat.com> - 0.1.0-2
- Small cleanup and fixes in the spec file
* Thu Feb 12 2009 Stephen Gallagher <sgallagh@redhat.com> - 0.1.0-1
- Initial release (based on version 0.1.0 upstream code)
Reference in New Issue View Git Blame Copy Permalink