# TODO
# - fix stripping before rpm:
# *** WARNING: no sources found for /usr/lib64/libipa_hbac.so.0.0.0 (stripped without sourcefile information?)
+# - add info how sssd-heimdal.patch is updated, where is it's origin?
+#
+# Conditional build:
+%bcond_with tests # check target
+%bcond_without python2 # CPython 2.x module
+%bcond_without python3 # CPython 3.x module
+%bcond_with krb5 # MIT Kerberos V instead of Heimdal (enables locator plugin, profile support and pac-responder)
+
%define ldb_version 1.1.0
Summary: System Security Services Daemon
+Summary(pl.UTF-8): System Security Services Daemon - demon usług bezpieczeństwa systemu
Name: sssd
-Version: 1.6.2
-Release: 0.1
+Version: 1.13.4
+Release: 3
License: GPL v3+
Group: Applications/System
-URL: http://fedorahosted.org/sssd/
Source0: https://fedorahosted.org/released/sssd/%{name}-%{version}.tar.gz
-# Source0-md5: 38cf9c8dc8f173e068fcb31b7ee9baf1
+# Source0-md5: d147e0a4f4719d993693c6a99370b350
Source1: %{name}.init
-Patch0: %{name}-python-config.patch
+Patch0: %{name}-python.patch
Patch1: %{name}-heimdal.patch
-BuildRequires: autoconf
+Patch2: %{name}-systemd.patch
+Patch3: %{name}-link.patch
+URL: https://fedorahosted.org/sssd/
+BuildRequires: augeas-devel >= 1.0.0
+BuildRequires: autoconf >= 2.59
BuildRequires: automake
+# nsupdate utility
BuildRequires: bind-utils
BuildRequires: c-ares-devel
-BuildRequires: check-devel
-BuildRequires: dbus-devel
-BuildRequires: dbus-libs
+BuildRequires: check-devel >= 0.9.5
+BuildRequires: cifs-utils-devel
+%{?with_tests:BuildRequires: cmocka-devel >= 1.0.0}
+BuildRequires: cyrus-sasl-devel >= 2
+BuildRequires: dbus-devel >= 1.0.0
BuildRequires: docbook-dtd44-xml
BuildRequires: docbook-style-xsl
BuildRequires: doxygen
-BuildRequires: gettext-devel
-BuildRequires: heimdal-devel
+%{?with_tests:BuildRequires: fakeroot}
+BuildRequires: gettext-tools >= 0.14.4
+BuildRequires: glib2-devel >= 2.0
+%{!?with_krb5:BuildRequires: heimdal-devel}
BuildRequires: keyutils-devel
-BuildRequires: libcollection-devel
+%{?with_krb5:BuildRequires: krb5-devel >= 1.9}
+BuildRequires: ldb-devel >= %{ldb_version}
+BuildRequires: libcollection-devel >= 0.5.1
BuildRequires: libdhash-devel >= 0.4.2
-BuildRequires: libini_config-devel
-BuildRequires: libldb-devel = %{ldb_version}
-BuildRequires: libnl-devel
+BuildRequires: libini_config-devel >= 1.1.0
+BuildRequires: libltdl-devel
+BuildRequires: libnfsidmap-devel
+BuildRequires: libnl-devel >= 3.2
BuildRequires: libselinux-devel
BuildRequires: libsemanage-devel
-BuildRequires: libtalloc-devel
-BuildRequires: libtool
-BuildRequires: libtool
-BuildRequires: libunistring-devel
-BuildRequires: libxml2
-BuildRequires: libxslt
+BuildRequires: libsmbclient-devel
+BuildRequires: libtool >= 2:2
+BuildRequires: libxml2-progs
+BuildRequires: libxslt-progs
BuildRequires: m4
-BuildRequires: nscd
BuildRequires: nspr-devel
BuildRequires: nss-devel
+%{?with_tests:BuildRequires: nss_wrapper}
BuildRequires: openldap-devel
BuildRequires: pam-devel
-BuildRequires: pcre-devel
+BuildRequires: pcre-devel >= 7
+BuildRequires: pkgconfig
+BuildRequires: po4a
BuildRequires: popt-devel
-BuildRequires: python-devel
-BuildRequires: rpmbuild(macros) >= 1.228
-BuildRequires: tdb-devel
+%{?with_python2:BuildRequires: python-devel >= 1:2.6}
+%{?with_tests:BuildRequires: python-pytest}
+%{?with_python3:BuildRequires: python3-devel >= 1:3.3}
+BuildRequires: rpm-pythonprov
+BuildRequires: rpmbuild(macros) >= 1.612
+# pkgconfig(ndr_nbt), pkgconfig(ndr_krb5pac) if with krb5
+BuildRequires: samba-devel >= 4
+BuildRequires: systemd-devel >= 1:209
+BuildRequires: systemd-units
+BuildRequires: talloc-devel
+BuildRequires: tdb-devel >= 1.1.3
BuildRequires: tevent-devel
-Requires(post,postun): /sbin/ldconfig
+%{?with_tests:BuildRequires: uid_wrapper}
+Requires(post): /sbin/ldconfig
Requires(post,preun): /sbin/chkconfig
Requires: %{name}-client = %{version}-%{release}
Requires: cyrus-sasl-gssapi
-Requires: krb5-libs >= 1.9
-Requires: libldb = %{ldb_version}
+Requires: ldb >= %{ldb_version}
+Requires: libcollection >= 0.5.1
+Requires: libdhash >= 0.4.2
+Requires: libini_config >= 1.1.0
+Requires: libsss_idmap = %{version}-%{release}
+Requires: pcre >= 7
+Requires: rc-scripts >= 0.4.0.10
Requires: tdb >= 1.1.3
BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
-%define servicename sssd
-%define sssdstatedir %{_localstatedir}/lib/sss
+%define sssdstatedir %{_localstatedir}/lib/sss
%define dbpath %{sssdstatedir}/db
%define pipepath %{sssdstatedir}/pipes
%define pubconfpath %{sssdstatedir}/pubconf
different account sources. It is also the basis to provide client
auditing and policy services for projects like FreeIPA.
+%description -l pl.UTF-8
+Ten pakiet dostarcza zbiór demonów do zarządzania dostępem do zdalnych
+katalogów i mechanizmów uwierzytelniania. Udostępnia interfejsy NSS i
+PAM dla systemu oraz system backendu z wtyczkami w celu łączenia się z
+wieloma różnymi źródłami kont. Jest także podstawą zapewniającą audyt
+klientów oraz usługi polityk dla projektów takich jak FreeIPA.
+
%package client
Summary: SSSD Client libraries for NSS and PAM
-License: LGPLv3+
+Summary(pl.UTF-8): Biblioteki klienckie SSSD dla NSS i PAM
+License: LGPL v3+
Group: Applications/System
+Requires: libsss_idmap = %{version}-%{release}
+Requires: libsss_nss_idmap = %{version}-%{release}
%description client
Provides the libraries needed by the PAM and NSS stacks to connect to
the SSSD service.
+%description client -l pl.UTF-8
+Ten pakiet dostarcza biblioteki wymagane przez stosy PAM i NSS w celu
+łączenia się z usługą SSSD.
+
%package tools
Summary: Userspace tools for use with the SSSD
+Summary(pl.UTF-8): Narzędzia przestrzeni użytkownika do używania z SSSD
License: GPL v3+
Group: Applications/System
Requires: %{name} = %{version}-%{release}
Provides userspace tools for manipulating users, groups, and nested
groups in SSSD when using id_provider = local in /etc/sssd/sssd.conf.
-Also provides a userspace tool for generating an obfuscated LDAP
-password for use with ldap_default_authtok_type = obfuscated_password.
+Also provides several other administrative tools:
+ - sss_debuglevel to change the debug level on the fly,
+ - sss_seed which pre-creates a user entry for use in kickstarts,
+ - sss_obfuscate for generating an obfuscated LDAP password.
+
+%description tools -l pl.UTF-8
+Ten pakiet dostarcza narzędzia przestrzeni poleceń do operowania na
+użytkownikach, grupach oraz zagnieżdżonych grupach w SSSD w przypadku
+używania id_provider = local w /etc/sssd/sssd.conf.
+
+Pakiet zawiera także kilka innych narzędzi administracyjnych:
+ - sss_debuglevel do zmiany poziomu diagnostyki w locie,
+ - sss_seed tworzący wpis użytkownika do szybkiego rozruchu,
+ - sss_obfuscate do generowania utajnionego hasła LDAP.
+
+%package -n python-sss
+Summary: Python 2 bindings for sssd
+Summary(pl.UTF-8): Wiązania Pythona 2 do sssd
+License: LGPL v3+
+Group: Libraries/Python
+Requires: %{name} = %{version}-%{release}
+
+%description -n python-sss
+Python 2 module for manipulating users, groups, and nested groups in
+SSSD when using id_provider = local in /etc/sssd/sssd.conf.
+
+This module also provides several other useful Python 2 bindings:
+ - function for retrieving list of groups user belongs to.
+ - class for obfuscation of passwords
+
+%description -n python-sss -l pl.UTF-8
+Moduł Pythona 2 do operowania na użytkownikach, grupach i
+zagnieżdżonych grupach w SSSD w przypadku używania id_provider = local
+w /etc/sssd/sssd.conf.
+
+Ten moduł dostarcza także kilka innych przydatnych wiązań Pythona 2:
+ - funkcję do użyskiwania list grup, do których należy użytkownik,
+ - klasę do ukrywania haseł.
+
+%package -n python-sss-murmur
+Summary: Python 2 bindings for murmur hash function
+Summary(pl.UTF-8): Wiązania Pythona 2 do funkcji mieszającej murmur
+License: LGPL v3+
+Group: Libraries/Python
+
+%description -n python-sss-murmur
+Python 2 module for calculating the murmur hash version 3.
+
+%description -n python-sss-murmur -l pl.UTF-8
+Moduł Pythona 2 do obliczania skrótu murmur w wersji 3.
+
+%package -n python-sssdconfig
+Summary: SSSD and IPA configuration file manipulation classes and functions for Python 2
+Summary(pl.UTF-8): Klasy i funkcje Pythona 2 do operowania na plikach konfiguracyjnych SSSD oraz IPA
+License: GPL v3+
+Group: Libraries/Python
+BuildArch: noarch
+
+%description -n python-sssdconfig
+SSSD and IPA configuration file manipulation classes and functions for
+Python 2.
+
+%description -n python-sssdconfig -l pl.UTF-8
+Klasy i funkcje Pythona 2 do operowania na plikach konfiguracyjnych
+SSSD oraz IPA.
+
+%package -n python3-sss
+Summary: Python 3 bindings for sssd
+Summary(pl.UTF-8): Wiązania Pythona 3 do sssd
+License: LGPL v3+
+Group: Libraries/Python
+Requires: %{name} = %{version}-%{release}
+
+%description -n python3-sss
+Python 3 module for manipulating users, groups, and nested groups in
+SSSD when using id_provider = local in /etc/sssd/sssd.conf.
+
+This module also provides several other useful Python 3 bindings:
+ - function for retrieving list of groups user belongs to.
+ - class for obfuscation of passwords
+
+%description -n python3-sss -l pl.UTF-8
+Moduł Pythona 3 do operowania na użytkownikach, grupach i
+zagnieżdżonych grupach w SSSD w przypadku używania id_provider = local
+w /etc/sssd/sssd.conf.
+
+Ten moduł dostarcza także kilka innych przydatnych wiązań Pythona 3:
+ - funkcję do użyskiwania list grup, do których należy użytkownik,
+ - klasę do ukrywania haseł.
+
+%package -n python3-sss-murmur
+Summary: Python 3 bindings for murmur hash function
+Summary(pl.UTF-8): Wiązania Pythona 3 do funkcji mieszającej murmur
+License: LGPL v3+
+Group: Libraries/Python
+
+%description -n python3-sss-murmur
+Python 3 module for calculating the murmur hash version 3.
+
+%description -n python3-sss-murmur -l pl.UTF-8
+Moduł Pythona 3 do obliczania skrótu murmur w wersji 3.
+
+%package -n python3-sssdconfig
+Summary: SSSD and IPA configuration file manipulation classes and functions for Python 3
+Summary(pl.UTF-8): Klasy i funkcje Pythona 3 do operowania na plikach konfiguracyjnych SSSD oraz IPA
+License: GPL v3+
+Group: Libraries/Python
+BuildArch: noarch
+
+%description -n python3-sssdconfig
+SSSD and IPA configuration file manipulation classes and functions for
+Python 3.
+
+%description -n python3-sssdconfig -l pl.UTF-8
+Klasy i funkcje Pythona 3 do operowania na plikach konfiguracyjnych
+SSSD oraz IPA.
+
+%package libwbclient
+Summary: The SSSD libwbclient implementation
+Summary(pl.UTF-8): Implementacja libwbclient oparta na SSSD
+Group: Libraries
+License: LGPL v3+
+Requires: libsss_nss_idmap = %{version}-%{release}
+
+%description libwbclient
+The SSSD implementation of Samba wbclient library.
+
+%description libwbclient -l pl.UTF-8
+Implementacja biblioteki Samba wbclient oparta na SSSD.
+
+%package libwbclient-devel
+Summary: Development files of the SSSD libwbclient implementation
+Summary(pl.UTF-8): Pliki programistyczne implementacja libwbclient oparta na SSSD
+Group: Development/Libraries
+License: LGPL v3+
+Requires: %{name}-libwbclient = %{version}-%{release}
+
+%description libwbclient-devel
+Development files for the SSSD implementation of Samba wbclient
+library.
+
+%description libwbclient-devel -l pl.UTF-8
+Pliki programistyczne implementacji biblioteki Samba wbclient opartej
+na SSSD.
%package -n libipa_hbac
Summary: FreeIPA HBAC Evaluator library
-License: LGPLv3+
-Group: Development/Libraries
+Summary(pl.UTF-8): Biblioteka oceniająca FreeIPA HBAC
+License: LGPL v3+
+Group: Libraries
%description -n libipa_hbac
Utility library to validate FreeIPA HBAC rules for authorization
-requests
+requests.
+
+%description -n libipa_hbac
+Biblioteka narzędziowa do sprawdzania poprawności reguł FreeIPA HBAC
+dla żądań autoryzacji.
%package -n libipa_hbac-devel
-Summary: FreeIPA HBAC Evaluator library
-License: LGPLv3+
+Summary: Development files for FreeIPA HBAC Evaluator library
+Summary(pl.UTF-8): Pliki programistyczne biblioteki oceniająca FreeIPA HBAC
+License: LGPL v3+
Group: Development/Libraries
Requires: libipa_hbac = %{version}-%{release}
%description -n libipa_hbac-devel
-Utility library to validate FreeIPA HBAC rules for authorization
-requests
+Development files for FreeIPA HBAC Evaluator library.
+
+%description -n libipa_hbac-devel -l pl.UTF-8
+Pliki programistyczne biblioteki oceniająca FreeIPA HBAC.
%package -n python-libipa_hbac
-Summary: Python bindings for the FreeIPA HBAC Evaluator library
-License: LGPLv3+
-Group: Development/Libraries
+Summary: Python 2 bindings for the FreeIPA HBAC Evaluator library
+Summary(pl.UTF-8): Wiązania Pythona 2 do biblioteki oceniającej FreeIPA HBAC
+License: LGPL v3+
+Group: Libraries/Python
Requires: libipa_hbac = %{version}-%{release}
Obsoletes: libipa_hbac-python
%description -n python-libipa_hbac
This package contains the bindings so that libipa_hbac can be used by
-Python applications.
+Python 2 applications.
+
+%description -n python-libipa_hbac -l pl.UTF-8
+Ten pakiet zawiera wiązania pozwalające na używanie libipa_hbac w
+aplikacjach Pythona 2.
+
+%package -n python3-libipa_hbac
+Summary: Python 3 bindings for the FreeIPA HBAC Evaluator library
+Summary(pl.UTF-8): Wiązania Pythona 3 do biblioteki oceniającej FreeIPA HBAC
+License: LGPL v3+
+Group: Libraries/Python
+Requires: libipa_hbac = %{version}-%{release}
+
+%description -n python3-libipa_hbac
+This package contains the bindings so that libipa_hbac can be used by
+Python 3 applications.
+
+%description -n python3-libipa_hbac -l pl.UTF-8
+Ten pakiet zawiera wiązania pozwalające na używanie libipa_hbac w
+aplikacjach Pythona 3.
+
+%package -n libsss_idmap
+Summary: FreeIPA Idmap library
+Summary(pl.UTF-8): Biblioteka FreeIPA Idmap
+Group: Libraries
+License: LGPL v3+
+
+%description -n libsss_idmap
+Utility library to convert SIDs to Unix uids and gids.
+
+%description -n libsss_idmap -l pl.UTF-8
+Biblioteka narzędziowa konwertująca SID-y na uniksowe uidy i gidy.
+
+%package -n libsss_idmap-devel
+Summary: Development files for FreeIPA Idmap library
+Summary(pl.UTF-8): Pliki programistyczne biblioteki FreeIPA Idmap
+Group: Development/Libraries
+License: LGPL v3+
+Requires: libsss_idmap = %{version}-%{release}
+
+%description -n libsss_idmap-devel
+Development files for FreeIPA Idmap library.
+
+%description -n libsss_idmap-devel -l pl.UTF-8
+Pliki programistyczne biblioteki FreeIPA Idmap.
+
+%package -n libsss_nss_idmap
+Summary: Library for SID based lookups
+Summary(pl.UTF-8): Biblioteka do wyszukiwań w oparciu o SID
+Group: Libraries
+License: LGPL v3+
+
+%description -n libsss_nss_idmap
+Utility library for SID based lookups.
+
+%description -n libsss_nss_idmap -l pl.UTF-8
+Biblioteka do wyszukiwań w oparciu o SID.
+
+%package -n libsss_nss_idmap-devel
+Summary: Development files for sss_nss_idmap library
+Summary(pl.UTF-8): Pliki programistyczne biblioteki sss_nss_idmap
+Group: Development/Libraries
+License: LGPL v3+
+Requires: libsss_nss_idmap = %{version}-%{release}
+
+%description -n libsss_nss_idmap-devel
+Development files for sss_nss_idmap library.
+
+%description -n libsss_nss_idmap-devel -l pl.UTF-8
+Pliki programistyczne biblioteki sss_nss_idmap.
+
+%package -n python-libsss_nss_idmap
+Summary: Python 2 bindings for libsss_nss_idmap
+Summary(pl.UTF-8): Wiązania Pythona 2 do biblioteki libsss_nss_idmap
+Group: Libraries/Python
+License: LGPL v3+
+Requires: libsss_nss_idmap = %{version}-%{release}
+
+%description -n python-libsss_nss_idmap
+This package contains the bindings so that libsss_nss_idmap can be
+used by Python 2 applications.
+
+%description -n python-libsss_nss_idmap -l pl.UTF-8
+Ten pakiet zawiera wiązania umożliwiające korzystanie z biblioteki
+libsss_nss_idmap w aplikacjach Pythona 2.
+
+%package -n python3-libsss_nss_idmap
+Summary: Python 3 bindings for libsss_nss_idmap
+Summary(pl.UTF-8): Wiązania Pythona 3 do biblioteki libsss_nss_idmap
+Group: Libraries/Python
+License: LGPL v3+
+Requires: libsss_nss_idmap = %{version}-%{release}
+
+%description -n python3-libsss_nss_idmap
+This package contains the bindings so that libsss_nss_idmap can be
+used by Python 3 applications.
+
+%description -n python3-libsss_nss_idmap -l pl.UTF-8
+Ten pakiet zawiera wiązania umożliwiające korzystanie z biblioteki
+libsss_nss_idmap w aplikacjach Pythona 3.
+
+%package -n libsss_simpleifp
+Summary: A library that simplifies work with the InfoPipe responder
+Summary(pl.UTF-8): Biblioteka upraszczająca pracę z responderem InfoPipe
+Group: Libraries
+Requires: dbus-libs >= 1.0.0
+Requires: libdhash >= 0.4.2
+
+%description -n libsss_simpleifp
+A library that simplifies work with the InfoPipe responder.
+
+%description -n libsss_simpleifp -l pl.UTF-8
+Biblioteka upraszczająca pracę z responderem InfoPipe.
+
+%package -n libsss_simpleifp-devel
+Summary: Header files for libsss_simpleifp library
+Summary(pl.UTF-8): Pliki nagłówkowe biblioteki libsss_simpleifp
+Group: Development/Libraries
+Requires: dbus-devel >= 1.0.0
+Requires: libdhash-devel >= 0.4.2
+Requires: libsss_simpleifp = %{version}-%{release}
+
+%description -n libsss_simpleifp-devel
+Header files for libsss_simpleifp library.
+
+%description -n libsss_simpleifp-devel -l pl.UTF-8
+Pliki nagłówkowe biblioteki libsss_simpleifp.
%prep
%setup -q
%patch0 -p1
%patch1 -p1
+%patch2 -p1
+%patch3 -p1
%build
%{__libtoolize}
%{__gettextize}
-%{__aclocal}
-%{__automake}
+%{__aclocal} -I m4
%{__autoconf}
-CFLAGS="-Wno-deprecated-declarations"
+%{__automake}
%configure \
- --with-db-path=%{dbpath} \
- --with-pipe-path=%{pipepath} \
- --with-pubconf-path=%{pubconfpath} \
- --with-init-dir=%{_initrddir} \
+ NSCD=/usr/sbin/nscd \
+ %{!?with_krb5:--disable-krb5-locator-plugin} \
+ --enable-nfsidmaplibdir=/%{_lib}/libnfsidmap \
--enable-nsslibdir=/%{_lib} \
+ %{!?with_krb5:--disable-pac-responder} \
--enable-pammoddir=/%{_lib}/security \
- --disable-static \
--disable-rpath \
+ --with-db-path=%{dbpath} \
+ --with-init-dir=/etc/rc.d/init.d \
+ --with-initscript=sysv,systemd \
+ --with-pipe-path=%{pipepath} \
+ --with-pubconf-path=%{pubconfpath} \
+ --with-python2-bindings%{!?with_python2:=no} \
+ --with-python3-bindings%{!?with_python3:=no} \
+ --with-systemdunitdir=%{systemdunitdir} \
--with-test-dir=/dev/shm
%{__make}
%install
rm -rf $RPM_BUILD_ROOT
-%{__make} install \
- DESTDIR=$RPM_BUILD_ROOT
+
+%{__make} -j1 install \
+ DESTDIR=$RPM_BUILD_ROOT \
+ python3dir=%{py3_sitescriptdir}
# Prepare language files
%find_lang %{name}
# Copy default sssd.conf file
-install -d $RPM_BUILD_ROOT%{_sysconfdir}/sssd
-cp -p src/examples/sssd.conf $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.conf
-cd src/config
-cp -p etc/sssd.api.conf $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.api.conf
-cp -p etc/sssd.api.d/* $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.api.d
-cd -
+install -d $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.api.d
+cp -p src/examples/sssd-example.conf $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.conf
# Copy default logrotate file
install -d $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d
# Make sure SSSD is able to run on read-only root
install -d $RPM_BUILD_ROOT%{_sysconfdir}/rwtab.d
-cp -p src/examples/rwtab $RPM_BUILD_ROOT%{_sysconfdir}/rwtab.d/sssd
-
-# change %{py_sitedir} to %{py_sitescriptdir} for 'noarch' packages!
-%py_ocomp $RPM_BUILD_ROOT%{py_sitedir}
-%py_comp $RPM_BUILD_ROOT%{py_sitedir}
-%py_postclean
+#cp -p src/examples/rwtab $RPM_BUILD_ROOT%{_sysconfdir}/rwtab.d/sssd
# Remove .la files created by libtool
%{__rm} \
- $RPM_BUILD_ROOT/%{_lib}/libnss_sss.la \
- $RPM_BUILD_ROOT/%{_lib}/security/pam_sss.la \
- $RPM_BUILD_ROOT%{ldb_modulesdir}/memberof.la \
- $RPM_BUILD_ROOT%{_libdir}/sssd/libsss_ldap.la \
- $RPM_BUILD_ROOT%{_libdir}/sssd/libsss_proxy.la \
- $RPM_BUILD_ROOT%{_libdir}/sssd/libsss_krb5.la \
- $RPM_BUILD_ROOT%{_libdir}/sssd/libsss_ipa.la \
- $RPM_BUILD_ROOT%{_libdir}/sssd/libsss_simple.la \
- $RPM_BUILD_ROOT%{_libdir}/libipa_hbac.la \
- $RPM_BUILD_ROOT%{py_sitedir}/pysss.la \
- $RPM_BUILD_ROOT%{py_sitedir}/pyhbac.la
+ $RPM_BUILD_ROOT/%{_lib}/libnss_sss.la \
+ $RPM_BUILD_ROOT/%{_lib}/libnfsidmap/sss.la \
+ $RPM_BUILD_ROOT/%{_lib}/security/pam_sss.la \
+ $RPM_BUILD_ROOT%{ldb_modulesdir}/memberof.la \
+ $RPM_BUILD_ROOT%{_libdir}/cifs-utils/*.la \
+ %{?with_krb5:$RPM_BUILD_ROOT%{_libdir}/krb5/plugins/libkrb5/sss*.la} \
+ $RPM_BUILD_ROOT%{_libdir}/sssd/libsss_*.la \
+ $RPM_BUILD_ROOT%{_libdir}/sssd/modules/lib*.la \
+ $RPM_BUILD_ROOT%{_libdir}/lib*.la
+%if %{with python2}
+%{__rm} $RPM_BUILD_ROOT%{py_sitedir}/*.la
+%py_postclean
+%endif
+%if %{with python3}
+%{__rm} $RPM_BUILD_ROOT%{py3_sitedir}/*.la
+%endif
install -p %{SOURCE1} $RPM_BUILD_ROOT/etc/rc.d/init.d/%{name}
-> sssd_tools.lang
+echo '%%defattr(644,root,root,755)' > sssd_client.lang
+echo '%%defattr(644,root,root,755)' > sssd_tools.lang
for man in $(find $RPM_BUILD_ROOT%{_mandir}/??/man? -type f | sed -e "s#$RPM_BUILD_ROOT%{_mandir}/##"); do
lang=$(echo $man | cut -c 1-2)
case $(basename $man) in
- sss_*)
+ pam_sss.8|sssd_krb5_locator_plugin.8)
+ echo "%lang(${lang}) %{_mandir}/${man}*" >> sssd_client.lang
+ ;;
+ sss_debuglevel.8|sss_group*.8|sss_obfuscate.8|sss_seed.8|sss_user*.8)
echo "%lang(${lang}) %{_mandir}/${man}*" >> sssd_tools.lang
;;
*)
/sbin/chkconfig --del %{name}
fi
+%postun -p /sbin/ldconfig
+
%post client -p /sbin/ldconfig
%postun client -p /sbin/ldconfig
%post -n libipa_hbac -p /sbin/ldconfig
%postun -n libipa_hbac -p /sbin/ldconfig
+%post -n libsss_idmap -p /sbin/ldconfig
+%postun -n libsss_idmap -p /sbin/ldconfig
+
+%post -n libsss_nss_idmap -p /sbin/ldconfig
+%postun -n libsss_nss_idmap -p /sbin/ldconfig
+
+%post -n libsss_simpleifp -p /sbin/ldconfig
+%postun -n libsss_simpleifp -p /sbin/ldconfig
+
%files -f sssd.lang
%defattr(644,root,root,755)
-%attr(754,root,root) /etc/rc.d/init.d/sssd
-%defattr(644,root,root,755)
+%attr(755,root,root) %{_bindir}/sss_ssh_authorizedkeys
+%attr(755,root,root) %{_bindir}/sss_ssh_knownhostsproxy
+%attr(755,root,root) %{_sbindir}/sss_cache
%attr(755,root,root) %{_sbindir}/sssd
-%dir %{_libexecdir}/%{servicename}
-%attr(755,root,root) %{_libexecdir}/%{servicename}/*child
-%attr(755,root,root) %{_libexecdir}/%{servicename}/sssd_*
-%attr(755,root,root) %{_libexecdir}/%{servicename}/*.so
+# sudo plugin
+%attr(755,root,root) %{_libdir}/libsss_sudo.so
+%dir %{_libdir}/sssd
+# internal shared libraries
+%attr(755,root,root) %{_libdir}/sssd/libsss_cert.so
+%attr(755,root,root) %{_libdir}/sssd/libsss_child.so
+%attr(755,root,root) %{_libdir}/sssd/libsss_config.so
+%attr(755,root,root) %{_libdir}/sssd/libsss_crypt.so
+%attr(755,root,root) %{_libdir}/sssd/libsss_debug.so
+%attr(755,root,root) %{_libdir}/sssd/libsss_krb5_common.so
+%attr(755,root,root) %{_libdir}/sssd/libsss_ldap_common.so
+%attr(755,root,root) %{_libdir}/sssd/libsss_semanage.so
+%attr(755,root,root) %{_libdir}/sssd/libsss_util.so
+# modules
+%attr(755,root,root) %{_libdir}/sssd/libsss_simple.so
+%attr(755,root,root) %{_libdir}/sssd/libsss_ad.so
+%attr(755,root,root) %{_libdir}/sssd/libsss_ipa.so
+%attr(755,root,root) %{_libdir}/sssd/libsss_krb5.so
+%attr(755,root,root) %{_libdir}/sssd/libsss_ldap.so
+%attr(755,root,root) %{_libdir}/sssd/libsss_proxy.so
+%dir %{_libdir}/sssd/modules
+%attr(755,root,root) %{_libdir}/sssd/modules/libsss_autofs.so
+%if "%{_libdir}" != "%{_libexecdir}"
+%dir %{_libexecdir}/sssd
+%endif
+%attr(755,root,root) %{_libexecdir}/sssd/gpo_child
+%attr(755,root,root) %{_libexecdir}/sssd/krb5_child
+%attr(755,root,root) %{_libexecdir}/sssd/ldap_child
+%attr(755,root,root) %{_libexecdir}/sssd/p11_child
+%attr(755,root,root) %{_libexecdir}/sssd/proxy_child
+%attr(755,root,root) %{_libexecdir}/sssd/selinux_child
+%attr(755,root,root) %{_libexecdir}/sssd/sss_signal
+%attr(755,root,root) %{_libexecdir}/sssd/sssd_autofs
+%attr(755,root,root) %{_libexecdir}/sssd/sssd_be
+%attr(755,root,root) %{_libexecdir}/sssd/sssd_ifp
+%attr(755,root,root) %{_libexecdir}/sssd/sssd_nss
+%if %{with krb5}
+%attr(755,root,root) %{_libexecdir}/sssd/sssd_pac
+%endif
+%attr(755,root,root) %{_libexecdir}/sssd/sssd_pam
+%attr(755,root,root) %{_libexecdir}/sssd/sssd_ssh
+%attr(755,root,root) %{_libexecdir}/sssd/sssd_sudo
+%dir %{_datadir}/sssd
+%{_datadir}/sssd/sssd.api.conf
+%dir %{_datadir}/sssd/sssd.api.d
+%{_datadir}/sssd/sssd.api.d/sssd-ad.conf
+%{_datadir}/sssd/sssd.api.d/sssd-ipa.conf
+%{_datadir}/sssd/sssd.api.d/sssd-krb5.conf
+%{_datadir}/sssd/sssd.api.d/sssd-ldap.conf
+%{_datadir}/sssd/sssd.api.d/sssd-local.conf
+%{_datadir}/sssd/sssd.api.d/sssd-proxy.conf
+%{_datadir}/sssd/sssd.api.d/sssd-simple.conf
+%attr(755,root,root) /%{_lib}/libnfsidmap/sss.so
%attr(755,root,root) %{ldb_modulesdir}/memberof.so
%dir %{sssdstatedir}
%attr(700,root,root) %dir %{dbpath}
%attr(700,root,root) %dir %{pipepath}/private
%attr(750,root,root) %dir %{_var}/log/%{name}
%attr(700,root,root) %dir %{_sysconfdir}/sssd
-%config(noreplace) %attr(600,root,root) %{_sysconfdir}/sssd/sssd.conf
-%config(noreplace) /etc/logrotate.d/sssd
-%config(noreplace) %{_sysconfdir}/rwtab.d/sssd
-%config %{_sysconfdir}/sssd/sssd.api.conf
-%attr(700,root,root) %dir %{_sysconfdir}/sssd/sssd.api.d
-%config %attr(600,root,root) %{_sysconfdir}/sssd/sssd.api.d/*
+%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/sssd/sssd.conf
+%config(noreplace) %verify(not md5 mtime size) /etc/logrotate.d/sssd
+#%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/rwtab.d/sssd
+%attr(754,root,root) /etc/rc.d/init.d/sssd
+%{systemdunitdir}/sssd.service
+/etc/dbus-1/system.d/org.freedesktop.sssd.infopipe.conf
+%{_datadir}/dbus-1/system-services/org.freedesktop.sssd.infopipe.service
+%{_mandir}/man1/sss_ssh_authorizedkeys.1*
+%{_mandir}/man1/sss_ssh_knownhostsproxy.1*
+%{_mandir}/man5/sss_rpcidmapd.5*
%{_mandir}/man5/sssd.conf.5*
+%{_mandir}/man5/sssd-ad.5*
+%{_mandir}/man5/sssd-ifp.5*
%{_mandir}/man5/sssd-ipa.5*
%{_mandir}/man5/sssd-krb5.5*
%{_mandir}/man5/sssd-ldap.5*
%{_mandir}/man5/sssd-simple.5*
+%{_mandir}/man5/sssd-sudo.5*
+%{_mandir}/man8/sss_cache.8*
%{_mandir}/man8/sssd.8*
-%attr(755,root,root) %{py_sitedir}/pysss.so
-%{py_sitescriptdir}/*.py[co]
-%{py_sitescriptdir}/SSSDConfig-*.egg-info
-%files client -f sssd_tools.lang
+%files client -f sssd_client.lang
%defattr(644,root,root,755)
%attr(755,root,root) /%{_lib}/libnss_sss.so.2
%attr(755,root,root) /%{_lib}/security/pam_sss.so
-#%attr(755,root,root) %{_libdir}/krb5/plugins/libkrb5/sssd_krb5_locator_plugin.so
+%attr(755,root,root) %{_libdir}/cifs-utils/cifs_idmap_sss.so
+%if %{with krb5}
+# XXX: verify locations
+%attr(755,root,root) %{_libdir}/krb5/plugins/libkrb5/sssd_krb5_localauth_plugin.so
+%attr(755,root,root) %{_libdir}/krb5/plugins/libkrb5/sssd_krb5_locator_plugin.so
+%attr(755,root,root) %{_libdir}/krb5/plugins/libkrb5/sssd_pac_plugin.so
+%endif
%{_mandir}/man8/pam_sss.8*
%{_mandir}/man8/sssd_krb5_locator_plugin.8*
-%files tools
+%files tools -f sssd_tools.lang
%defattr(644,root,root,755)
-%attr(755,root,root) %{_sbindir}/sss_useradd
-%attr(755,root,root) %{_sbindir}/sss_userdel
-%attr(755,root,root) %{_sbindir}/sss_usermod
+%attr(755,root,root) %{_sbindir}/sss_debuglevel
%attr(755,root,root) %{_sbindir}/sss_groupadd
%attr(755,root,root) %{_sbindir}/sss_groupdel
%attr(755,root,root) %{_sbindir}/sss_groupmod
%attr(755,root,root) %{_sbindir}/sss_groupshow
%attr(755,root,root) %{_sbindir}/sss_obfuscate
-%attr(755,root,root) %{_sbindir}/sss_cache
+%attr(755,root,root) %{_sbindir}/sss_override
+%attr(755,root,root) %{_sbindir}/sss_seed
+%attr(755,root,root) %{_sbindir}/sss_useradd
+%attr(755,root,root) %{_sbindir}/sss_userdel
+%attr(755,root,root) %{_sbindir}/sss_usermod
+%{_mandir}/man8/sss_debuglevel.8*
%{_mandir}/man8/sss_groupadd.8*
%{_mandir}/man8/sss_groupdel.8*
%{_mandir}/man8/sss_groupmod.8*
%{_mandir}/man8/sss_groupshow.8*
+%{_mandir}/man8/sss_obfuscate.8*
+%{_mandir}/man8/sss_override.8*
+%{_mandir}/man8/sss_seed.8*
%{_mandir}/man8/sss_useradd.8*
%{_mandir}/man8/sss_userdel.8*
%{_mandir}/man8/sss_usermod.8*
-%{_mandir}/man8/sss_obfuscate.8*
-%{_mandir}/man8/sss_cache.8*
+
+%if %{with python2}
+%files -n python-sss
+%defattr(644,root,root,755)
+%attr(755,root,root) %{py_sitedir}/pysss.so
+
+%files -n python-sss-murmur
+%defattr(644,root,root,755)
+%attr(755,root,root) %{py_sitedir}/pysss_murmur.so
+
+%files -n python-sssdconfig
+%defattr(644,root,root,755)
+%dir %{py_sitescriptdir}/SSSDConfig
+%{py_sitescriptdir}/SSSDConfig/*.py[co]
+%{py_sitescriptdir}/SSSDConfig-%{version}-py*.egg-info
+%endif
+
+%if %{with python3}
+%files -n python3-sss
+%defattr(644,root,root,755)
+%attr(755,root,root) %{py3_sitedir}/pysss.so
+
+%files -n python3-sss-murmur
+%defattr(644,root,root,755)
+%attr(755,root,root) %{py3_sitedir}/pysss_murmur.so
+
+%files -n python3-sssdconfig
+%defattr(644,root,root,755)
+%dir %{py3_sitescriptdir}/SSSDConfig
+%{py3_sitescriptdir}/SSSDConfig/*.py
+%{py3_sitescriptdir}/SSSDConfig/__pycache__
+%{py3_sitescriptdir}/SSSDConfig-%{version}-py*.egg-info
+%endif
+
+%files libwbclient
+%defattr(644,root,root,755)
+%attr(755,root,root) %{_libdir}/sssd/modules/libwbclient.so.*
+
+%files libwbclient-devel
+%defattr(644,root,root,755)
+%attr(755,root,root) %{_libdir}/sssd/modules/libwbclient.so
+%{_includedir}/wbclient_sssd.h
+%{_pkgconfigdir}/wbclient_sssd.pc
%files -n libipa_hbac
%defattr(644,root,root,755)
-%attr(755,root,root) %{_libdir}/libipa_hbac.so.*
+%attr(755,root,root) %{_libdir}/libipa_hbac.so.*.*.*
+%attr(755,root,root) %ghost %{_libdir}/libipa_hbac.so.0
%files -n libipa_hbac-devel
%defattr(644,root,root,755)
+%attr(755,root,root) %{_libdir}/libipa_hbac.so
%{_includedir}/ipa_hbac.h
-%{_libdir}/libipa_hbac.so
%{_pkgconfigdir}/ipa_hbac.pc
+%if %{with python2}
%files -n python-libipa_hbac
%defattr(644,root,root,755)
-%{py_sitedir}/pyhbac.so
+%attr(755,root,root) %{py_sitedir}/pyhbac.so
+%endif
+
+%if %{with python3}
+%files -n python3-libipa_hbac
+%defattr(644,root,root,755)
+%attr(755,root,root) %{py3_sitedir}/pyhbac.so
+%endif
+
+%files -n libsss_idmap
+%defattr(644,root,root,755)
+%attr(755,root,root) %{_libdir}/libsss_idmap.so.*.*.*
+%attr(755,root,root) %ghost %{_libdir}/libsss_idmap.so.0
+
+%files -n libsss_idmap-devel
+%defattr(644,root,root,755)
+%attr(755,root,root) %{_libdir}/libsss_idmap.so
+%{_includedir}/sss_idmap.h
+%{_pkgconfigdir}/sss_idmap.pc
+
+%files -n libsss_nss_idmap
+%defattr(644,root,root,755)
+%attr(755,root,root) %{_libdir}/libsss_nss_idmap.so.*.*.*
+%attr(755,root,root) %ghost %{_libdir}/libsss_nss_idmap.so.0
+
+%files -n libsss_nss_idmap-devel
+%defattr(644,root,root,755)
+%attr(755,root,root) %{_libdir}/libsss_nss_idmap.so
+%{_includedir}/sss_nss_idmap.h
+%{_pkgconfigdir}/sss_nss_idmap.pc
+
+%if %{with python2}
+%files -n python-libsss_nss_idmap
+%defattr(644,root,root,755)
+%attr(755,root,root) %{py_sitedir}/pysss_nss_idmap.so
+%endif
+
+%if %{with python3}
+%files -n python3-libsss_nss_idmap
+%defattr(644,root,root,755)
+%attr(755,root,root) %{py3_sitedir}/pysss_nss_idmap.so
+%endif
+
+%files -n libsss_simpleifp
+%defattr(644,root,root,755)
+%attr(755,root,root) %{_libdir}/libsss_simpleifp.so.*.*.*
+%attr(755,root,root) %ghost %{_libdir}/libsss_simpleifp.so.0
+
+%files -n libsss_simpleifp-devel
+%defattr(644,root,root,755)
+%attr(755,root,root) %{_libdir}/libsss_simpleifp.so
+%{_includedir}/sss_sifp.h
+%{_includedir}/sss_sifp_dbus.h
+%{_pkgconfigdir}/sss_simpleifp.pc