2 # - fix stripping before rpm:
3 # *** WARNING: no sources found for /usr/lib64/libipa_hbac.so.0.0.0 (stripped without sourcefile information?)
4 %define ldb_version 1.1.0
5 Summary: System Security Services Daemon
10 Group: Applications/System
11 URL: http://fedorahosted.org/sssd/
12 Source0: https://fedorahosted.org/released/sssd/%{name}-%{version}.tar.gz
13 # Source0-md5: 38cf9c8dc8f173e068fcb31b7ee9baf1
15 Patch0: %{name}-python-config.patch
16 Patch1: %{name}-heimdal.patch
17 BuildRequires: autoconf
18 BuildRequires: automake
19 BuildRequires: bind-utils
20 BuildRequires: c-ares-devel
21 BuildRequires: check-devel
22 BuildRequires: dbus-devel
23 BuildRequires: dbus-libs
24 BuildRequires: docbook-dtd44-xml
25 BuildRequires: docbook-style-xsl
26 BuildRequires: doxygen
27 BuildRequires: gettext-devel
28 BuildRequires: heimdal-devel
29 BuildRequires: keyutils-devel
30 BuildRequires: libcollection-devel
31 BuildRequires: libdhash-devel >= 0.4.2
32 BuildRequires: libini_config-devel
33 BuildRequires: libldb-devel = %{ldb_version}
34 BuildRequires: libnl-devel
35 BuildRequires: libselinux-devel
36 BuildRequires: libsemanage-devel
37 BuildRequires: libtalloc-devel
38 BuildRequires: libtool
39 BuildRequires: libtool
40 BuildRequires: libunistring-devel
41 BuildRequires: libxml2
42 BuildRequires: libxslt
45 BuildRequires: nspr-devel
46 BuildRequires: nss-devel
47 BuildRequires: openldap-devel
48 BuildRequires: pam-devel
49 BuildRequires: pcre-devel
50 BuildRequires: popt-devel
51 BuildRequires: python-devel
52 BuildRequires: rpmbuild(macros) >= 1.228
53 BuildRequires: tdb-devel
54 BuildRequires: tevent-devel
55 Requires(post,postun): /sbin/ldconfig
56 Requires(post,preun): /sbin/chkconfig
57 Requires: %{name}-client = %{version}-%{release}
58 Requires: cyrus-sasl-gssapi
59 Requires: krb5-libs >= 1.9
60 Requires: libldb = %{ldb_version}
61 Requires: rc-scripts >= 0.4.0.10
62 Requires: tdb >= 1.1.3
63 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
65 %define servicename sssd
66 %define sssdstatedir %{_localstatedir}/lib/sss
67 %define dbpath %{sssdstatedir}/db
68 %define pipepath %{sssdstatedir}/pipes
69 %define pubconfpath %{sssdstatedir}/pubconf
71 # Determine the location of the LDB modules directory
72 %define ldb_modulesdir %(pkg-config --variable=modulesdir ldb)
75 Provides a set of daemons to manage access to remote directories and
76 authentication mechanisms. It provides an NSS and PAM interface toward
77 the system and a pluggable backend system to connect to multiple
78 different account sources. It is also the basis to provide client
79 auditing and policy services for projects like FreeIPA.
82 Summary: SSSD Client libraries for NSS and PAM
84 Group: Applications/System
87 Provides the libraries needed by the PAM and NSS stacks to connect to
91 Summary: Userspace tools for use with the SSSD
93 Group: Applications/System
94 Requires: %{name} = %{version}-%{release}
97 Provides userspace tools for manipulating users, groups, and nested
98 groups in SSSD when using id_provider = local in /etc/sssd/sssd.conf.
100 Also provides a userspace tool for generating an obfuscated LDAP
101 password for use with ldap_default_authtok_type = obfuscated_password.
103 %package -n libipa_hbac
104 Summary: FreeIPA HBAC Evaluator library
106 Group: Development/Libraries
108 %description -n libipa_hbac
109 Utility library to validate FreeIPA HBAC rules for authorization
112 %package -n libipa_hbac-devel
113 Summary: FreeIPA HBAC Evaluator library
115 Group: Development/Libraries
116 Requires: libipa_hbac = %{version}-%{release}
118 %description -n libipa_hbac-devel
119 Utility library to validate FreeIPA HBAC rules for authorization
122 %package -n python-libipa_hbac
123 Summary: Python bindings for the FreeIPA HBAC Evaluator library
125 Group: Development/Libraries
126 Requires: libipa_hbac = %{version}-%{release}
127 Obsoletes: libipa_hbac-python
129 %description -n python-libipa_hbac
130 This package contains the bindings so that libipa_hbac can be used by
144 CFLAGS="-Wno-deprecated-declarations"
146 --with-db-path=%{dbpath} \
147 --with-pipe-path=%{pipepath} \
148 --with-pubconf-path=%{pubconfpath} \
149 --with-init-dir=%{_initrddir} \
150 --enable-nsslibdir=/%{_lib} \
151 --enable-pammoddir=/%{_lib}/security \
154 --with-test-dir=/dev/shm
159 export CK_TIMEOUT_MULTIPLIER=10
161 unset CK_TIMEOUT_MULTIPLIER
165 rm -rf $RPM_BUILD_ROOT
167 DESTDIR=$RPM_BUILD_ROOT
169 # Prepare language files
172 # Copy default sssd.conf file
173 install -d $RPM_BUILD_ROOT%{_sysconfdir}/sssd
174 cp -p src/examples/sssd.conf $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.conf
176 cp -p etc/sssd.api.conf $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.api.conf
177 cp -p etc/sssd.api.d/* $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.api.d
180 # Copy default logrotate file
181 install -d $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d
182 cp -p src/examples/logrotate $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/sssd
184 # Make sure SSSD is able to run on read-only root
185 install -d $RPM_BUILD_ROOT%{_sysconfdir}/rwtab.d
186 cp -p src/examples/rwtab $RPM_BUILD_ROOT%{_sysconfdir}/rwtab.d/sssd
188 # change %{py_sitedir} to %{py_sitescriptdir} for 'noarch' packages!
189 %py_ocomp $RPM_BUILD_ROOT%{py_sitedir}
190 %py_comp $RPM_BUILD_ROOT%{py_sitedir}
193 # Remove .la files created by libtool
195 $RPM_BUILD_ROOT/%{_lib}/libnss_sss.la \
196 $RPM_BUILD_ROOT/%{_lib}/security/pam_sss.la \
197 $RPM_BUILD_ROOT%{ldb_modulesdir}/memberof.la \
198 $RPM_BUILD_ROOT%{_libdir}/sssd/libsss_ldap.la \
199 $RPM_BUILD_ROOT%{_libdir}/sssd/libsss_proxy.la \
200 $RPM_BUILD_ROOT%{_libdir}/sssd/libsss_krb5.la \
201 $RPM_BUILD_ROOT%{_libdir}/sssd/libsss_ipa.la \
202 $RPM_BUILD_ROOT%{_libdir}/sssd/libsss_simple.la \
203 $RPM_BUILD_ROOT%{_libdir}/libipa_hbac.la \
204 $RPM_BUILD_ROOT%{py_sitedir}/pysss.la \
205 $RPM_BUILD_ROOT%{py_sitedir}/pyhbac.la
207 install -p %{SOURCE1} $RPM_BUILD_ROOT/etc/rc.d/init.d/%{name}
210 for man in $(find $RPM_BUILD_ROOT%{_mandir}/??/man? -type f | sed -e "s#$RPM_BUILD_ROOT%{_mandir}/##"); do
211 lang=$(echo $man | cut -c 1-2)
212 case $(basename $man) in
214 echo "%lang(${lang}) %{_mandir}/${man}*" >> sssd_tools.lang
217 echo "%lang(${lang}) %{_mandir}/${man}*" >> sssd.lang
223 rm -rf $RPM_BUILD_ROOT
227 /sbin/chkconfig --add %{name}
228 %service %{name} restart
231 if [ "$1" = "0" ]; then
232 %service -q %{name} stop
233 /sbin/chkconfig --del %{name}
236 %post client -p /sbin/ldconfig
237 %postun client -p /sbin/ldconfig
239 %post -n libipa_hbac -p /sbin/ldconfig
240 %postun -n libipa_hbac -p /sbin/ldconfig
243 %defattr(644,root,root,755)
244 %attr(754,root,root) /etc/rc.d/init.d/sssd
245 %defattr(644,root,root,755)
246 %attr(755,root,root) %{_sbindir}/sssd
247 %dir %{_libexecdir}/%{servicename}
248 %attr(755,root,root) %{_libexecdir}/%{servicename}/*child
249 %attr(755,root,root) %{_libexecdir}/%{servicename}/sssd_*
250 %attr(755,root,root) %{_libexecdir}/%{servicename}/*.so
251 %attr(755,root,root) %{ldb_modulesdir}/memberof.so
253 %attr(700,root,root) %dir %{dbpath}
256 %attr(700,root,root) %dir %{pipepath}/private
257 %attr(750,root,root) %dir %{_var}/log/%{name}
258 %attr(700,root,root) %dir %{_sysconfdir}/sssd
259 %config(noreplace) %attr(600,root,root) %{_sysconfdir}/sssd/sssd.conf
260 %config(noreplace) /etc/logrotate.d/sssd
261 %config(noreplace) %{_sysconfdir}/rwtab.d/sssd
262 %config %{_sysconfdir}/sssd/sssd.api.conf
263 %attr(700,root,root) %dir %{_sysconfdir}/sssd/sssd.api.d
264 %config %attr(600,root,root) %{_sysconfdir}/sssd/sssd.api.d/*
265 %{_mandir}/man5/sssd.conf.5*
266 %{_mandir}/man5/sssd-ipa.5*
267 %{_mandir}/man5/sssd-krb5.5*
268 %{_mandir}/man5/sssd-ldap.5*
269 %{_mandir}/man5/sssd-simple.5*
270 %{_mandir}/man8/sssd.8*
271 %attr(755,root,root) %{py_sitedir}/pysss.so
272 %{py_sitescriptdir}/*.py[co]
273 %{py_sitescriptdir}/SSSDConfig-*.egg-info
275 %files client -f sssd_tools.lang
276 %defattr(644,root,root,755)
277 %attr(755,root,root) /%{_lib}/libnss_sss.so.2
278 %attr(755,root,root) /%{_lib}/security/pam_sss.so
279 #%attr(755,root,root) %{_libdir}/krb5/plugins/libkrb5/sssd_krb5_locator_plugin.so
280 %{_mandir}/man8/pam_sss.8*
281 %{_mandir}/man8/sssd_krb5_locator_plugin.8*
284 %defattr(644,root,root,755)
285 %attr(755,root,root) %{_sbindir}/sss_useradd
286 %attr(755,root,root) %{_sbindir}/sss_userdel
287 %attr(755,root,root) %{_sbindir}/sss_usermod
288 %attr(755,root,root) %{_sbindir}/sss_groupadd
289 %attr(755,root,root) %{_sbindir}/sss_groupdel
290 %attr(755,root,root) %{_sbindir}/sss_groupmod
291 %attr(755,root,root) %{_sbindir}/sss_groupshow
292 %attr(755,root,root) %{_sbindir}/sss_obfuscate
293 %attr(755,root,root) %{_sbindir}/sss_cache
294 %{_mandir}/man8/sss_groupadd.8*
295 %{_mandir}/man8/sss_groupdel.8*
296 %{_mandir}/man8/sss_groupmod.8*
297 %{_mandir}/man8/sss_groupshow.8*
298 %{_mandir}/man8/sss_useradd.8*
299 %{_mandir}/man8/sss_userdel.8*
300 %{_mandir}/man8/sss_usermod.8*
301 %{_mandir}/man8/sss_obfuscate.8*
302 %{_mandir}/man8/sss_cache.8*
304 %files -n libipa_hbac
305 %defattr(644,root,root,755)
306 %attr(755,root,root) %{_libdir}/libipa_hbac.so.*
308 %files -n libipa_hbac-devel
309 %defattr(644,root,root,755)
310 %{_includedir}/ipa_hbac.h
311 %{_libdir}/libipa_hbac.so
312 %{_pkgconfigdir}/ipa_hbac.pc
314 %files -n python-libipa_hbac
315 %defattr(644,root,root,755)
316 %{py_sitedir}/pyhbac.so