]>
Commit | Line | Data |
---|---|---|
599b73f3 ER |
1 | %define ldb_version 1.1.0 |
2 | Summary: System Security Services Daemon | |
3 | Name: sssd | |
4 | Version: 1.6.1 | |
5 | Release: 0.1 | |
6 | License: GPL v3+ | |
7 | Group: Applications/System | |
8 | URL: http://fedorahosted.org/sssd/ | |
9 | Source0: https://fedorahosted.org/released/sssd/%{name}-%{version}.tar.gz | |
2713c68f ER |
10 | # Source0-md5: 2da6d0006b70929d4d491e952e808bf5 |
11 | Source1: %{name}.init | |
12 | Patch0: %{name}-python-config.patch | |
13 | Patch1: %{name}-heimdal.patch | |
599b73f3 ER |
14 | BuildRequires: autoconf |
15 | BuildRequires: automake | |
16 | BuildRequires: bind-utils | |
17 | BuildRequires: c-ares-devel | |
18 | BuildRequires: check-devel | |
19 | BuildRequires: dbus-devel | |
20 | BuildRequires: dbus-libs | |
2713c68f | 21 | BuildRequires: docbook-dtd44-xml |
599b73f3 ER |
22 | BuildRequires: docbook-style-xsl |
23 | BuildRequires: doxygen | |
24 | BuildRequires: gettext-devel | |
2713c68f ER |
25 | BuildRequires: heimdal-devel |
26 | BuildRequires: keyutils-devel | |
599b73f3 | 27 | BuildRequires: libcollection-devel |
4d07ac90 | 28 | BuildRequires: libdhash-devel >= 0.4.2 |
599b73f3 ER |
29 | BuildRequires: libini_config-devel |
30 | BuildRequires: libldb-devel = %{ldb_version} | |
31 | BuildRequires: libnl-devel | |
32 | BuildRequires: libselinux-devel | |
33 | BuildRequires: libsemanage-devel | |
34 | BuildRequires: libtalloc-devel | |
599b73f3 ER |
35 | BuildRequires: libtool |
36 | BuildRequires: libunistring-devel | |
37 | BuildRequires: libxml2 | |
38 | BuildRequires: libxslt | |
39 | BuildRequires: m4 | |
40 | BuildRequires: nscd | |
41 | BuildRequires: nspr-devel | |
42 | BuildRequires: nss-devel | |
43 | BuildRequires: openldap-devel | |
44 | BuildRequires: pam-devel | |
45 | BuildRequires: pcre-devel | |
46 | BuildRequires: popt-devel | |
47 | BuildRequires: python-devel | |
48 | BuildRequires: rpmbuild(macros) >= 1.228 | |
59928269 ER |
49 | BuildRequires: tdb-devel |
50 | BuildRequires: tevent-devel | |
4d07ac90 | 51 | Requires(post,postun): /sbin/ldconfig |
2713c68f | 52 | Requires(post,preun): /sbin/chkconfig |
59928269 | 53 | Requires: %{name}-client = %{version}-%{release} |
599b73f3 | 54 | Requires: cyrus-sasl-gssapi |
4d07ac90 | 55 | Requires: krb5-libs >= 1.9 |
56 | Requires: libldb = %{ldb_version} | |
57 | Requires: tdb >= 1.1.3 | |
599b73f3 ER |
58 | BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n) |
59 | ||
60 | %define servicename sssd | |
61 | %define sssdstatedir %{_localstatedir}/lib/sss | |
62 | %define dbpath %{sssdstatedir}/db | |
63 | %define pipepath %{sssdstatedir}/pipes | |
64 | %define pubconfpath %{sssdstatedir}/pubconf | |
65 | ||
66 | # Determine the location of the LDB modules directory | |
67 | %define ldb_modulesdir %(pkg-config --variable=modulesdir ldb) | |
68 | ||
69 | %description | |
70 | Provides a set of daemons to manage access to remote directories and | |
71 | authentication mechanisms. It provides an NSS and PAM interface toward | |
72 | the system and a pluggable backend system to connect to multiple | |
73 | different account sources. It is also the basis to provide client | |
74 | auditing and policy services for projects like FreeIPA. | |
75 | ||
76 | %package client | |
77 | Summary: SSSD Client libraries for NSS and PAM | |
78 | License: LGPLv3+ | |
79 | Group: Applications/System | |
80 | ||
81 | %description client | |
82 | Provides the libraries needed by the PAM and NSS stacks to connect to | |
83 | the SSSD service. | |
84 | ||
85 | %package tools | |
86 | Summary: Userspace tools for use with the SSSD | |
87 | License: GPL v3+ | |
88 | Group: Applications/System | |
89 | Requires: %{name} = %{version}-%{release} | |
90 | ||
91 | %description tools | |
92 | Provides userspace tools for manipulating users, groups, and nested | |
93 | groups in SSSD when using id_provider = local in /etc/sssd/sssd.conf. | |
94 | ||
95 | Also provides a userspace tool for generating an obfuscated LDAP | |
96 | password for use with ldap_default_authtok_type = obfuscated_password. | |
97 | ||
98 | %package -n libipa_hbac | |
99 | Summary: FreeIPA HBAC Evaluator library | |
100 | License: LGPLv3+ | |
101 | Group: Development/Libraries | |
102 | ||
103 | %description -n libipa_hbac | |
104 | Utility library to validate FreeIPA HBAC rules for authorization | |
105 | requests | |
106 | ||
107 | %package -n libipa_hbac-devel | |
108 | Summary: FreeIPA HBAC Evaluator library | |
109 | License: LGPLv3+ | |
110 | Group: Development/Libraries | |
111 | Requires: libipa_hbac = %{version}-%{release} | |
112 | ||
113 | %description -n libipa_hbac-devel | |
114 | Utility library to validate FreeIPA HBAC rules for authorization | |
115 | requests | |
116 | ||
117 | %package -n python-libipa_hbac | |
118 | Summary: Python bindings for the FreeIPA HBAC Evaluator library | |
119 | License: LGPLv3+ | |
120 | Group: Development/Libraries | |
121 | Requires: libipa_hbac = %{version}-%{release} | |
122 | Obsoletes: libipa_hbac-python | |
123 | ||
124 | %description -n python-libipa_hbac | |
125 | This package contains the bindings so that libipa_hbac can be used by | |
126 | Python applications. | |
127 | ||
128 | %prep | |
129 | %setup -q | |
2713c68f ER |
130 | %patch0 -p1 |
131 | %patch1 -p1 | |
599b73f3 ER |
132 | |
133 | %build | |
2713c68f ER |
134 | %{__gettextize} |
135 | %{__aclocal} | |
136 | %{__automake} | |
137 | %{__autoconf} | |
138 | CFLAGS=-Wno-deprecated-declarations | |
139 | export CFLAGS | |
599b73f3 ER |
140 | %configure \ |
141 | --with-db-path=%{dbpath} \ | |
142 | --with-pipe-path=%{pipepath} \ | |
143 | --with-pubconf-path=%{pubconfpath} \ | |
144 | --with-init-dir=%{_initrddir} \ | |
145 | --enable-nsslibdir=/%{_lib} \ | |
146 | --enable-pammoddir=/%{_lib}/security \ | |
147 | --disable-static \ | |
148 | --disable-rpath \ | |
149 | --with-test-dir=/dev/shm | |
150 | ||
151 | %{__make} | |
152 | ||
153 | %if %{with tests} | |
154 | export CK_TIMEOUT_MULTIPLIER=10 | |
155 | %{__make} check | |
156 | unset CK_TIMEOUT_MULTIPLIER | |
157 | %endif | |
158 | ||
159 | %install | |
160 | rm -rf $RPM_BUILD_ROOT | |
161 | %{__make} install \ | |
162 | DESTDIR=$RPM_BUILD_ROOT | |
163 | ||
164 | # Prepare language files | |
165 | %find_lang %{name} | |
166 | ||
167 | # Copy default sssd.conf file | |
168 | install -d $RPM_BUILD_ROOT%{_sysconfdir}/sssd | |
169 | cp -p src/examples/sssd.conf $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.conf | |
170 | cp -p src/config%{_sysconfdir}/sssd.api.conf $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.api.conf | |
171 | cp -p src/config%{_sysconfdir}/sssd.api.d/* $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.api.d/ | |
172 | ||
173 | # Copy default logrotate file | |
174 | install -d $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d | |
175 | cp -p src/examples/logrotate $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/sssd | |
176 | ||
177 | # Make sure SSSD is able to run on read-only root | |
178 | install -d $RPM_BUILD_ROOT/%{_sysconfdir}/rwtab.d | |
179 | cp -p src/examples/rwtab $RPM_BUILD_ROOT%{_sysconfdir}/rwtab.d/sssd | |
180 | ||
4d07ac90 | 181 | # Remove .la files created by libtool |
182 | %{__rm} \ | |
183 | $RPM_BUILD_ROOT/%{_lib}/libnss_sss.la \ | |
184 | $RPM_BUILD_ROOT/%{_lib}/security/pam_sss.la \ | |
185 | $RPM_BUILD_ROOT/%{ldb_modulesdir}/memberof.la \ | |
186 | $RPM_BUILD_ROOT/%{_libdir}/sssd/libsss_ldap.la \ | |
187 | $RPM_BUILD_ROOT/%{_libdir}/sssd/libsss_proxy.la \ | |
188 | $RPM_BUILD_ROOT/%{_libdir}/sssd/libsss_krb5.la \ | |
189 | $RPM_BUILD_ROOT/%{_libdir}/sssd/libsss_ipa.la \ | |
190 | $RPM_BUILD_ROOT/%{_libdir}/sssd/libsss_simple.la \ | |
191 | $RPM_BUILD_ROOT/%{_libdir}/krb5/plugins/libkrb5/sssd_krb5_locator_plugin.la \ | |
192 | $RPM_BUILD_ROOT/%{_libdir}/libipa_hbac.la \ | |
193 | $RPM_BUILD_ROOT/%{py_sitedir}/pysss.la \ | |
194 | $RPM_BUILD_ROOT/%{py_sitedir}/pyhbac.la | |
599b73f3 | 195 | |
2713c68f ER |
196 | install -p %{SOURCE1} $RPM_BUILD_ROOT/etc/rc.d/init.d/%{name} |
197 | ||
599b73f3 ER |
198 | touch sssd_tools.lang |
199 | for man in `find $RPM_BUILD_ROOT/%{_mandir}/??/man?/ -type f | sed -e "s#$RPM_BUILD_ROOT/%{_mandir}/##"`; do | |
200 | lang=`echo $man | cut -c 1-2` | |
201 | case `basename $man` in | |
202 | sss_*) | |
203 | echo \%lang\(${lang}\) \%{_mandir}/${man}\* >> sssd_tools.lang | |
204 | ;; | |
205 | *) | |
206 | echo \%lang\(${lang}\) \%{_mandir}/${man}\* >> sssd.lang | |
207 | ;; | |
208 | esac | |
209 | done | |
210 | ||
211 | %clean | |
212 | rm -rf $RPM_BUILD_ROOT | |
213 | ||
214 | %post | |
215 | /sbin/ldconfig | |
216 | /sbin/chkconfig --add %{name} | |
217 | %service %{name} restart | |
218 | ||
219 | %preun | |
220 | if [ "$1" = "0" ]; then | |
221 | %service -q %{name} stop | |
222 | /sbin/chkconfig --del %{name} | |
223 | fi | |
224 | ||
225 | %post client -p /sbin/ldconfig | |
226 | %postun client -p /sbin/ldconfig | |
227 | ||
228 | %post -n libipa_hbac -p /sbin/ldconfig | |
229 | %postun -n libipa_hbac -p /sbin/ldconfig | |
230 | ||
231 | %files -f sssd.lang | |
232 | %defattr(644,root,root,755) | |
2713c68f ER |
233 | %attr(755,root,root) /etc/rc.d/init.d/sssd |
234 | %defattr(644,root,root,755) | |
599b73f3 | 235 | %attr(755,root,root) %{_sbindir}/sssd |
2713c68f ER |
236 | %dir %{_libexecdir}/%{servicename} |
237 | %attr(755,root,root) %{_libexecdir}/%{servicename}/*child | |
238 | %attr(755,root,root) %{_libexecdir}/%{servicename}/sssd_* | |
239 | %attr(755,root,root) %{_libexecdir}/%{servicename}/*.so | |
599b73f3 ER |
240 | %attr(755,root,root) %{ldb_modulesdir}/memberof.so |
241 | %dir %{sssdstatedir} | |
242 | %attr(700,root,root) %dir %{dbpath} | |
243 | %dir %{pipepath} | |
244 | %dir %{pubconfpath} | |
245 | %attr(700,root,root) %dir %{pipepath}/private | |
246 | %attr(750,root,root) %dir %{_var}/log/%{name} | |
247 | %attr(700,root,root) %dir %{_sysconfdir}/sssd | |
2713c68f | 248 | %config(noreplace) %attr(600,root,root) %{_sysconfdir}/sssd/sssd.conf |
599b73f3 ER |
249 | %config(noreplace) /etc/logrotate.d/sssd |
250 | %config(noreplace) %{_sysconfdir}/rwtab.d/sssd | |
251 | %config %{_sysconfdir}/sssd/sssd.api.conf | |
252 | %attr(700,root,root) %dir %{_sysconfdir}/sssd/sssd.api.d | |
2713c68f | 253 | %config %attr(600,root,root) %{_sysconfdir}/sssd/sssd.api.d/* |
599b73f3 ER |
254 | %{_mandir}/man5/sssd.conf.5* |
255 | %{_mandir}/man5/sssd-ipa.5* | |
256 | %{_mandir}/man5/sssd-krb5.5* | |
257 | %{_mandir}/man5/sssd-ldap.5* | |
258 | %{_mandir}/man5/sssd-simple.5* | |
259 | %{_mandir}/man8/sssd.8* | |
260 | %attr(755,root,root) %{py_sitedir}/pysss.so | |
261 | %{py_sitescriptdir}/*.py[co] | |
262 | ||
263 | %files client -f sssd_tools.lang | |
264 | %defattr(644,root,root,755) | |
265 | %attr(755,root,root) /%{_lib}/libnss_sss.so.2 | |
266 | %attr(755,root,root) /%{_lib}/security/pam_sss.so | |
2713c68f | 267 | #%attr(755,root,root) %{_libdir}/krb5/plugins/libkrb5/sssd_krb5_locator_plugin.so |
599b73f3 ER |
268 | %{_mandir}/man8/pam_sss.8* |
269 | %{_mandir}/man8/sssd_krb5_locator_plugin.8* | |
270 | ||
271 | %files tools | |
272 | %defattr(644,root,root,755) | |
273 | %attr(755,root,root) %{_sbindir}/sss_useradd | |
274 | %attr(755,root,root) %{_sbindir}/sss_userdel | |
275 | %attr(755,root,root) %{_sbindir}/sss_usermod | |
276 | %attr(755,root,root) %{_sbindir}/sss_groupadd | |
277 | %attr(755,root,root) %{_sbindir}/sss_groupdel | |
278 | %attr(755,root,root) %{_sbindir}/sss_groupmod | |
279 | %attr(755,root,root) %{_sbindir}/sss_groupshow | |
280 | %attr(755,root,root) %{_sbindir}/sss_obfuscate | |
281 | %attr(755,root,root) %{_sbindir}/sss_cache | |
282 | %{_mandir}/man8/sss_groupadd.8* | |
283 | %{_mandir}/man8/sss_groupdel.8* | |
284 | %{_mandir}/man8/sss_groupmod.8* | |
285 | %{_mandir}/man8/sss_groupshow.8* | |
286 | %{_mandir}/man8/sss_useradd.8* | |
287 | %{_mandir}/man8/sss_userdel.8* | |
288 | %{_mandir}/man8/sss_usermod.8* | |
289 | %{_mandir}/man8/sss_obfuscate.8* | |
290 | %{_mandir}/man8/sss_cache.8* | |
291 | ||
292 | %files -n libipa_hbac | |
293 | %defattr(644,root,root,755) | |
2713c68f | 294 | %attr(755,root,root) %{_libdir}/libipa_hbac.so.* |
599b73f3 ER |
295 | |
296 | %files -n libipa_hbac-devel | |
297 | %defattr(644,root,root,755) | |
298 | %{_includedir}/ipa_hbac.h | |
299 | %{_libdir}/libipa_hbac.so | |
300 | %{_pkgconfigdir}/ipa_hbac.pc | |
301 | ||
302 | %files -n python-libipa_hbac | |
303 | %defattr(644,root,root,755) | |
304 | %{py_sitedir}/pyhbac.so | |
305 | %{py_sitescriptdir}/*.egg-info |