]>
Commit | Line | Data |
---|---|---|
599b73f3 ER |
1 | # TODO |
2 | #error: Failed build dependencies: | |
3 | # keyutils-libs-devel is needed by sssd-1.6.1-0.1.src | |
4 | # krb5-devel >= 1.9 is needed by sssd-1.6.1-0.1.src | |
4d07ac90 | 5 | # libcollection-devel is needed by sssd-1.6.1-0.1.src |
6 | # libdhash-devel >= 0.4.2 is needed by sssd-1.6.1-0.1.src | |
7 | # libini_config-devel is needed by sssd-1.6.1-0.1.src | |
599b73f3 ER |
8 | |
9 | %define ldb_version 1.1.0 | |
10 | Summary: System Security Services Daemon | |
11 | Name: sssd | |
12 | Version: 1.6.1 | |
13 | Release: 0.1 | |
14 | License: GPL v3+ | |
15 | Group: Applications/System | |
16 | URL: http://fedorahosted.org/sssd/ | |
17 | Source0: https://fedorahosted.org/released/sssd/%{name}-%{version}.tar.gz | |
18 | BuildRequires: autoconf | |
19 | BuildRequires: automake | |
20 | BuildRequires: bind-utils | |
21 | BuildRequires: c-ares-devel | |
22 | BuildRequires: check-devel | |
23 | BuildRequires: dbus-devel | |
24 | BuildRequires: dbus-libs | |
25 | BuildRequires: docbook-style-xsl | |
26 | BuildRequires: doxygen | |
27 | BuildRequires: gettext-devel | |
4d07ac90 | 28 | BuildRequires: keyutils-libs-devel |
29 | BuildRequires: krb5-devel >= 1.9 | |
599b73f3 | 30 | BuildRequires: libcollection-devel |
4d07ac90 | 31 | BuildRequires: libdhash-devel >= 0.4.2 |
599b73f3 ER |
32 | BuildRequires: libini_config-devel |
33 | BuildRequires: libldb-devel = %{ldb_version} | |
34 | BuildRequires: libnl-devel | |
35 | BuildRequires: libselinux-devel | |
36 | BuildRequires: libsemanage-devel | |
37 | BuildRequires: libtalloc-devel | |
599b73f3 ER |
38 | BuildRequires: libtool |
39 | BuildRequires: libunistring-devel | |
40 | BuildRequires: libxml2 | |
41 | BuildRequires: libxslt | |
42 | BuildRequires: m4 | |
43 | BuildRequires: nscd | |
44 | BuildRequires: nspr-devel | |
45 | BuildRequires: nss-devel | |
46 | BuildRequires: openldap-devel | |
47 | BuildRequires: pam-devel | |
48 | BuildRequires: pcre-devel | |
49 | BuildRequires: popt-devel | |
50 | BuildRequires: python-devel | |
51 | BuildRequires: rpmbuild(macros) >= 1.228 | |
59928269 ER |
52 | BuildRequires: tdb-devel |
53 | BuildRequires: tevent-devel | |
d1d78d42 | 54 | Requires(post,preun): /sbin/chkconfig |
4d07ac90 | 55 | Requires(post,postun): /sbin/ldconfig |
59928269 | 56 | Requires: %{name}-client = %{version}-%{release} |
599b73f3 | 57 | Requires: cyrus-sasl-gssapi |
4d07ac90 | 58 | Requires: krb5-libs >= 1.9 |
59 | Requires: libldb = %{ldb_version} | |
60 | Requires: tdb >= 1.1.3 | |
599b73f3 ER |
61 | BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n) |
62 | ||
63 | %define servicename sssd | |
64 | %define sssdstatedir %{_localstatedir}/lib/sss | |
65 | %define dbpath %{sssdstatedir}/db | |
66 | %define pipepath %{sssdstatedir}/pipes | |
67 | %define pubconfpath %{sssdstatedir}/pubconf | |
68 | ||
69 | # Determine the location of the LDB modules directory | |
70 | %define ldb_modulesdir %(pkg-config --variable=modulesdir ldb) | |
71 | ||
72 | %description | |
73 | Provides a set of daemons to manage access to remote directories and | |
74 | authentication mechanisms. It provides an NSS and PAM interface toward | |
75 | the system and a pluggable backend system to connect to multiple | |
76 | different account sources. It is also the basis to provide client | |
77 | auditing and policy services for projects like FreeIPA. | |
78 | ||
79 | %package client | |
80 | Summary: SSSD Client libraries for NSS and PAM | |
81 | License: LGPLv3+ | |
82 | Group: Applications/System | |
83 | ||
84 | %description client | |
85 | Provides the libraries needed by the PAM and NSS stacks to connect to | |
86 | the SSSD service. | |
87 | ||
88 | %package tools | |
89 | Summary: Userspace tools for use with the SSSD | |
90 | License: GPL v3+ | |
91 | Group: Applications/System | |
92 | Requires: %{name} = %{version}-%{release} | |
93 | ||
94 | %description tools | |
95 | Provides userspace tools for manipulating users, groups, and nested | |
96 | groups in SSSD when using id_provider = local in /etc/sssd/sssd.conf. | |
97 | ||
98 | Also provides a userspace tool for generating an obfuscated LDAP | |
99 | password for use with ldap_default_authtok_type = obfuscated_password. | |
100 | ||
101 | %package -n libipa_hbac | |
102 | Summary: FreeIPA HBAC Evaluator library | |
103 | License: LGPLv3+ | |
104 | Group: Development/Libraries | |
105 | ||
106 | %description -n libipa_hbac | |
107 | Utility library to validate FreeIPA HBAC rules for authorization | |
108 | requests | |
109 | ||
110 | %package -n libipa_hbac-devel | |
111 | Summary: FreeIPA HBAC Evaluator library | |
112 | License: LGPLv3+ | |
113 | Group: Development/Libraries | |
114 | Requires: libipa_hbac = %{version}-%{release} | |
115 | ||
116 | %description -n libipa_hbac-devel | |
117 | Utility library to validate FreeIPA HBAC rules for authorization | |
118 | requests | |
119 | ||
120 | %package -n python-libipa_hbac | |
121 | Summary: Python bindings for the FreeIPA HBAC Evaluator library | |
122 | License: LGPLv3+ | |
123 | Group: Development/Libraries | |
124 | Requires: libipa_hbac = %{version}-%{release} | |
125 | Obsoletes: libipa_hbac-python | |
126 | ||
127 | %description -n python-libipa_hbac | |
128 | This package contains the bindings so that libipa_hbac can be used by | |
129 | Python applications. | |
130 | ||
131 | %prep | |
132 | %setup -q | |
133 | ||
134 | %build | |
4d07ac90 | 135 | autoreconf -ivf |
599b73f3 ER |
136 | %configure \ |
137 | --with-db-path=%{dbpath} \ | |
138 | --with-pipe-path=%{pipepath} \ | |
139 | --with-pubconf-path=%{pubconfpath} \ | |
140 | --with-init-dir=%{_initrddir} \ | |
141 | --enable-nsslibdir=/%{_lib} \ | |
142 | --enable-pammoddir=/%{_lib}/security \ | |
143 | --disable-static \ | |
144 | --disable-rpath \ | |
145 | --with-test-dir=/dev/shm | |
146 | ||
147 | %{__make} | |
148 | ||
149 | %if %{with tests} | |
150 | export CK_TIMEOUT_MULTIPLIER=10 | |
151 | %{__make} check | |
152 | unset CK_TIMEOUT_MULTIPLIER | |
153 | %endif | |
154 | ||
155 | %install | |
156 | rm -rf $RPM_BUILD_ROOT | |
157 | %{__make} install \ | |
158 | DESTDIR=$RPM_BUILD_ROOT | |
159 | ||
160 | # Prepare language files | |
161 | %find_lang %{name} | |
162 | ||
163 | # Copy default sssd.conf file | |
164 | install -d $RPM_BUILD_ROOT%{_sysconfdir}/sssd | |
165 | cp -p src/examples/sssd.conf $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.conf | |
166 | cp -p src/config%{_sysconfdir}/sssd.api.conf $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.api.conf | |
167 | cp -p src/config%{_sysconfdir}/sssd.api.d/* $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.api.d/ | |
168 | ||
169 | # Copy default logrotate file | |
170 | install -d $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d | |
171 | cp -p src/examples/logrotate $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/sssd | |
172 | ||
173 | # Make sure SSSD is able to run on read-only root | |
174 | install -d $RPM_BUILD_ROOT/%{_sysconfdir}/rwtab.d | |
175 | cp -p src/examples/rwtab $RPM_BUILD_ROOT%{_sysconfdir}/rwtab.d/sssd | |
176 | ||
4d07ac90 | 177 | # Remove .la files created by libtool |
178 | %{__rm} \ | |
179 | $RPM_BUILD_ROOT/%{_lib}/libnss_sss.la \ | |
180 | $RPM_BUILD_ROOT/%{_lib}/security/pam_sss.la \ | |
181 | $RPM_BUILD_ROOT/%{ldb_modulesdir}/memberof.la \ | |
182 | $RPM_BUILD_ROOT/%{_libdir}/sssd/libsss_ldap.la \ | |
183 | $RPM_BUILD_ROOT/%{_libdir}/sssd/libsss_proxy.la \ | |
184 | $RPM_BUILD_ROOT/%{_libdir}/sssd/libsss_krb5.la \ | |
185 | $RPM_BUILD_ROOT/%{_libdir}/sssd/libsss_ipa.la \ | |
186 | $RPM_BUILD_ROOT/%{_libdir}/sssd/libsss_simple.la \ | |
187 | $RPM_BUILD_ROOT/%{_libdir}/krb5/plugins/libkrb5/sssd_krb5_locator_plugin.la \ | |
188 | $RPM_BUILD_ROOT/%{_libdir}/libipa_hbac.la \ | |
189 | $RPM_BUILD_ROOT/%{py_sitedir}/pysss.la \ | |
190 | $RPM_BUILD_ROOT/%{py_sitedir}/pyhbac.la | |
599b73f3 ER |
191 | |
192 | touch sssd_tools.lang | |
193 | for man in `find $RPM_BUILD_ROOT/%{_mandir}/??/man?/ -type f | sed -e "s#$RPM_BUILD_ROOT/%{_mandir}/##"`; do | |
194 | lang=`echo $man | cut -c 1-2` | |
195 | case `basename $man` in | |
196 | sss_*) | |
197 | echo \%lang\(${lang}\) \%{_mandir}/${man}\* >> sssd_tools.lang | |
198 | ;; | |
199 | *) | |
200 | echo \%lang\(${lang}\) \%{_mandir}/${man}\* >> sssd.lang | |
201 | ;; | |
202 | esac | |
203 | done | |
204 | ||
205 | %clean | |
206 | rm -rf $RPM_BUILD_ROOT | |
207 | ||
208 | %post | |
209 | /sbin/ldconfig | |
210 | /sbin/chkconfig --add %{name} | |
211 | %service %{name} restart | |
212 | ||
213 | %preun | |
214 | if [ "$1" = "0" ]; then | |
215 | %service -q %{name} stop | |
216 | /sbin/chkconfig --del %{name} | |
217 | fi | |
218 | ||
219 | %post client -p /sbin/ldconfig | |
220 | %postun client -p /sbin/ldconfig | |
221 | ||
222 | %post -n libipa_hbac -p /sbin/ldconfig | |
223 | %postun -n libipa_hbac -p /sbin/ldconfig | |
224 | ||
225 | %files -f sssd.lang | |
226 | %defattr(644,root,root,755) | |
227 | %attr(755,root,root) %{_sbindir}/sssd | |
4d07ac90 | 228 | %{_libexecdir}/%{servicename} |
229 | %{_libdir}/%{name}/ | |
599b73f3 ER |
230 | %attr(755,root,root) %{ldb_modulesdir}/memberof.so |
231 | %dir %{sssdstatedir} | |
232 | %attr(700,root,root) %dir %{dbpath} | |
233 | %dir %{pipepath} | |
234 | %dir %{pubconfpath} | |
235 | %attr(700,root,root) %dir %{pipepath}/private | |
236 | %attr(750,root,root) %dir %{_var}/log/%{name} | |
237 | %attr(700,root,root) %dir %{_sysconfdir}/sssd | |
4d07ac90 | 238 | %config(noreplace) %{_sysconfdir}/sssd/sssd.conf |
599b73f3 ER |
239 | %config(noreplace) /etc/logrotate.d/sssd |
240 | %config(noreplace) %{_sysconfdir}/rwtab.d/sssd | |
241 | %config %{_sysconfdir}/sssd/sssd.api.conf | |
242 | %attr(700,root,root) %dir %{_sysconfdir}/sssd/sssd.api.d | |
4d07ac90 | 243 | %config %{_sysconfdir}/sssd/sssd.api.d/ |
599b73f3 ER |
244 | %{_mandir}/man5/sssd.conf.5* |
245 | %{_mandir}/man5/sssd-ipa.5* | |
246 | %{_mandir}/man5/sssd-krb5.5* | |
247 | %{_mandir}/man5/sssd-ldap.5* | |
248 | %{_mandir}/man5/sssd-simple.5* | |
249 | %{_mandir}/man8/sssd.8* | |
250 | %attr(755,root,root) %{py_sitedir}/pysss.so | |
251 | %{py_sitescriptdir}/*.py[co] | |
252 | ||
253 | %files client -f sssd_tools.lang | |
254 | %defattr(644,root,root,755) | |
255 | %attr(755,root,root) /%{_lib}/libnss_sss.so.2 | |
256 | %attr(755,root,root) /%{_lib}/security/pam_sss.so | |
4d07ac90 | 257 | %attr(755,root,root) %{_libdir}/krb5/plugins/libkrb5/sssd_krb5_locator_plugin.so |
599b73f3 ER |
258 | %{_mandir}/man8/pam_sss.8* |
259 | %{_mandir}/man8/sssd_krb5_locator_plugin.8* | |
260 | ||
261 | %files tools | |
262 | %defattr(644,root,root,755) | |
263 | %attr(755,root,root) %{_sbindir}/sss_useradd | |
264 | %attr(755,root,root) %{_sbindir}/sss_userdel | |
265 | %attr(755,root,root) %{_sbindir}/sss_usermod | |
266 | %attr(755,root,root) %{_sbindir}/sss_groupadd | |
267 | %attr(755,root,root) %{_sbindir}/sss_groupdel | |
268 | %attr(755,root,root) %{_sbindir}/sss_groupmod | |
269 | %attr(755,root,root) %{_sbindir}/sss_groupshow | |
270 | %attr(755,root,root) %{_sbindir}/sss_obfuscate | |
271 | %attr(755,root,root) %{_sbindir}/sss_cache | |
272 | %{_mandir}/man8/sss_groupadd.8* | |
273 | %{_mandir}/man8/sss_groupdel.8* | |
274 | %{_mandir}/man8/sss_groupmod.8* | |
275 | %{_mandir}/man8/sss_groupshow.8* | |
276 | %{_mandir}/man8/sss_useradd.8* | |
277 | %{_mandir}/man8/sss_userdel.8* | |
278 | %{_mandir}/man8/sss_usermod.8* | |
279 | %{_mandir}/man8/sss_obfuscate.8* | |
280 | %{_mandir}/man8/sss_cache.8* | |
281 | ||
282 | %files -n libipa_hbac | |
283 | %defattr(644,root,root,755) | |
4d07ac90 | 284 | %{_libdir}/libipa_hbac.so.* |
599b73f3 ER |
285 | |
286 | %files -n libipa_hbac-devel | |
287 | %defattr(644,root,root,755) | |
288 | %{_includedir}/ipa_hbac.h | |
289 | %{_libdir}/libipa_hbac.so | |
290 | %{_pkgconfigdir}/ipa_hbac.pc | |
291 | ||
292 | %files -n python-libipa_hbac | |
293 | %defattr(644,root,root,755) | |
294 | %{py_sitedir}/pyhbac.so | |
295 | %{py_sitescriptdir}/*.egg-info |