]>
Commit | Line | Data |
---|---|---|
dacaa562 ER |
1 | # TODO |
2 | # - fix stripping before rpm: | |
3 | # *** WARNING: no sources found for /usr/lib64/libipa_hbac.so.0.0.0 (stripped without sourcefile information?) | |
599b73f3 ER |
4 | %define ldb_version 1.1.0 |
5 | Summary: System Security Services Daemon | |
6 | Name: sssd | |
dacaa562 | 7 | Version: 1.6.2 |
599b73f3 ER |
8 | Release: 0.1 |
9 | License: GPL v3+ | |
10 | Group: Applications/System | |
11 | URL: http://fedorahosted.org/sssd/ | |
12 | Source0: https://fedorahosted.org/released/sssd/%{name}-%{version}.tar.gz | |
dacaa562 ER |
13 | # Source0-md5: 38cf9c8dc8f173e068fcb31b7ee9baf1 |
14 | Source1: %{name}.init | |
2713c68f ER |
15 | Patch0: %{name}-python-config.patch |
16 | Patch1: %{name}-heimdal.patch | |
599b73f3 ER |
17 | BuildRequires: autoconf |
18 | BuildRequires: automake | |
19 | BuildRequires: bind-utils | |
20 | BuildRequires: c-ares-devel | |
21 | BuildRequires: check-devel | |
22 | BuildRequires: dbus-devel | |
23 | BuildRequires: dbus-libs | |
2713c68f | 24 | BuildRequires: docbook-dtd44-xml |
599b73f3 ER |
25 | BuildRequires: docbook-style-xsl |
26 | BuildRequires: doxygen | |
27 | BuildRequires: gettext-devel | |
2713c68f ER |
28 | BuildRequires: heimdal-devel |
29 | BuildRequires: keyutils-devel | |
599b73f3 | 30 | BuildRequires: libcollection-devel |
4d07ac90 | 31 | BuildRequires: libdhash-devel >= 0.4.2 |
599b73f3 ER |
32 | BuildRequires: libini_config-devel |
33 | BuildRequires: libldb-devel = %{ldb_version} | |
34 | BuildRequires: libnl-devel | |
35 | BuildRequires: libselinux-devel | |
36 | BuildRequires: libsemanage-devel | |
37 | BuildRequires: libtalloc-devel | |
599b73f3 | 38 | BuildRequires: libtool |
dacaa562 | 39 | BuildRequires: libtool |
599b73f3 ER |
40 | BuildRequires: libunistring-devel |
41 | BuildRequires: libxml2 | |
42 | BuildRequires: libxslt | |
43 | BuildRequires: m4 | |
44 | BuildRequires: nscd | |
45 | BuildRequires: nspr-devel | |
46 | BuildRequires: nss-devel | |
47 | BuildRequires: openldap-devel | |
48 | BuildRequires: pam-devel | |
49 | BuildRequires: pcre-devel | |
50 | BuildRequires: popt-devel | |
51 | BuildRequires: python-devel | |
52 | BuildRequires: rpmbuild(macros) >= 1.228 | |
59928269 ER |
53 | BuildRequires: tdb-devel |
54 | BuildRequires: tevent-devel | |
4d07ac90 | 55 | Requires(post,postun): /sbin/ldconfig |
2713c68f | 56 | Requires(post,preun): /sbin/chkconfig |
59928269 | 57 | Requires: %{name}-client = %{version}-%{release} |
599b73f3 | 58 | Requires: cyrus-sasl-gssapi |
4d07ac90 | 59 | Requires: krb5-libs >= 1.9 |
60 | Requires: libldb = %{ldb_version} | |
61 | Requires: tdb >= 1.1.3 | |
599b73f3 ER |
62 | BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n) |
63 | ||
64 | %define servicename sssd | |
65 | %define sssdstatedir %{_localstatedir}/lib/sss | |
66 | %define dbpath %{sssdstatedir}/db | |
67 | %define pipepath %{sssdstatedir}/pipes | |
68 | %define pubconfpath %{sssdstatedir}/pubconf | |
69 | ||
70 | # Determine the location of the LDB modules directory | |
71 | %define ldb_modulesdir %(pkg-config --variable=modulesdir ldb) | |
72 | ||
73 | %description | |
74 | Provides a set of daemons to manage access to remote directories and | |
75 | authentication mechanisms. It provides an NSS and PAM interface toward | |
76 | the system and a pluggable backend system to connect to multiple | |
77 | different account sources. It is also the basis to provide client | |
78 | auditing and policy services for projects like FreeIPA. | |
79 | ||
80 | %package client | |
81 | Summary: SSSD Client libraries for NSS and PAM | |
82 | License: LGPLv3+ | |
83 | Group: Applications/System | |
84 | ||
85 | %description client | |
86 | Provides the libraries needed by the PAM and NSS stacks to connect to | |
87 | the SSSD service. | |
88 | ||
89 | %package tools | |
90 | Summary: Userspace tools for use with the SSSD | |
91 | License: GPL v3+ | |
92 | Group: Applications/System | |
93 | Requires: %{name} = %{version}-%{release} | |
94 | ||
95 | %description tools | |
96 | Provides userspace tools for manipulating users, groups, and nested | |
97 | groups in SSSD when using id_provider = local in /etc/sssd/sssd.conf. | |
98 | ||
99 | Also provides a userspace tool for generating an obfuscated LDAP | |
100 | password for use with ldap_default_authtok_type = obfuscated_password. | |
101 | ||
102 | %package -n libipa_hbac | |
103 | Summary: FreeIPA HBAC Evaluator library | |
104 | License: LGPLv3+ | |
105 | Group: Development/Libraries | |
106 | ||
107 | %description -n libipa_hbac | |
108 | Utility library to validate FreeIPA HBAC rules for authorization | |
109 | requests | |
110 | ||
111 | %package -n libipa_hbac-devel | |
112 | Summary: FreeIPA HBAC Evaluator library | |
113 | License: LGPLv3+ | |
114 | Group: Development/Libraries | |
115 | Requires: libipa_hbac = %{version}-%{release} | |
116 | ||
117 | %description -n libipa_hbac-devel | |
118 | Utility library to validate FreeIPA HBAC rules for authorization | |
119 | requests | |
120 | ||
121 | %package -n python-libipa_hbac | |
122 | Summary: Python bindings for the FreeIPA HBAC Evaluator library | |
123 | License: LGPLv3+ | |
124 | Group: Development/Libraries | |
125 | Requires: libipa_hbac = %{version}-%{release} | |
126 | Obsoletes: libipa_hbac-python | |
127 | ||
128 | %description -n python-libipa_hbac | |
129 | This package contains the bindings so that libipa_hbac can be used by | |
130 | Python applications. | |
131 | ||
132 | %prep | |
133 | %setup -q | |
2713c68f ER |
134 | %patch0 -p1 |
135 | %patch1 -p1 | |
599b73f3 ER |
136 | |
137 | %build | |
dacaa562 | 138 | %{__libtoolize} |
2713c68f ER |
139 | %{__gettextize} |
140 | %{__aclocal} | |
141 | %{__automake} | |
142 | %{__autoconf} | |
dacaa562 | 143 | CFLAGS="-Wno-deprecated-declarations" |
599b73f3 ER |
144 | %configure \ |
145 | --with-db-path=%{dbpath} \ | |
146 | --with-pipe-path=%{pipepath} \ | |
147 | --with-pubconf-path=%{pubconfpath} \ | |
148 | --with-init-dir=%{_initrddir} \ | |
149 | --enable-nsslibdir=/%{_lib} \ | |
150 | --enable-pammoddir=/%{_lib}/security \ | |
151 | --disable-static \ | |
152 | --disable-rpath \ | |
153 | --with-test-dir=/dev/shm | |
154 | ||
155 | %{__make} | |
156 | ||
157 | %if %{with tests} | |
158 | export CK_TIMEOUT_MULTIPLIER=10 | |
159 | %{__make} check | |
160 | unset CK_TIMEOUT_MULTIPLIER | |
161 | %endif | |
162 | ||
163 | %install | |
164 | rm -rf $RPM_BUILD_ROOT | |
165 | %{__make} install \ | |
166 | DESTDIR=$RPM_BUILD_ROOT | |
167 | ||
168 | # Prepare language files | |
169 | %find_lang %{name} | |
170 | ||
171 | # Copy default sssd.conf file | |
172 | install -d $RPM_BUILD_ROOT%{_sysconfdir}/sssd | |
173 | cp -p src/examples/sssd.conf $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.conf | |
dacaa562 ER |
174 | cd src/config |
175 | cp -p etc/sssd.api.conf $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.api.conf | |
176 | cp -p etc/sssd.api.d/* $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.api.d | |
177 | cd - | |
599b73f3 ER |
178 | |
179 | # Copy default logrotate file | |
180 | install -d $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d | |
181 | cp -p src/examples/logrotate $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/sssd | |
182 | ||
183 | # Make sure SSSD is able to run on read-only root | |
dacaa562 | 184 | install -d $RPM_BUILD_ROOT%{_sysconfdir}/rwtab.d |
599b73f3 ER |
185 | cp -p src/examples/rwtab $RPM_BUILD_ROOT%{_sysconfdir}/rwtab.d/sssd |
186 | ||
dacaa562 ER |
187 | # change %{py_sitedir} to %{py_sitescriptdir} for 'noarch' packages! |
188 | %py_ocomp $RPM_BUILD_ROOT%{py_sitedir} | |
189 | %py_comp $RPM_BUILD_ROOT%{py_sitedir} | |
190 | %py_postclean | |
191 | ||
4d07ac90 | 192 | # Remove .la files created by libtool |
193 | %{__rm} \ | |
194 | $RPM_BUILD_ROOT/%{_lib}/libnss_sss.la \ | |
195 | $RPM_BUILD_ROOT/%{_lib}/security/pam_sss.la \ | |
dacaa562 ER |
196 | $RPM_BUILD_ROOT%{ldb_modulesdir}/memberof.la \ |
197 | $RPM_BUILD_ROOT%{_libdir}/sssd/libsss_ldap.la \ | |
198 | $RPM_BUILD_ROOT%{_libdir}/sssd/libsss_proxy.la \ | |
199 | $RPM_BUILD_ROOT%{_libdir}/sssd/libsss_krb5.la \ | |
200 | $RPM_BUILD_ROOT%{_libdir}/sssd/libsss_ipa.la \ | |
201 | $RPM_BUILD_ROOT%{_libdir}/sssd/libsss_simple.la \ | |
202 | $RPM_BUILD_ROOT%{_libdir}/libipa_hbac.la \ | |
203 | $RPM_BUILD_ROOT%{py_sitedir}/pysss.la \ | |
204 | $RPM_BUILD_ROOT%{py_sitedir}/pyhbac.la | |
599b73f3 | 205 | |
2713c68f ER |
206 | install -p %{SOURCE1} $RPM_BUILD_ROOT/etc/rc.d/init.d/%{name} |
207 | ||
dacaa562 ER |
208 | > sssd_tools.lang |
209 | for man in $(find $RPM_BUILD_ROOT%{_mandir}/??/man? -type f | sed -e "s#$RPM_BUILD_ROOT%{_mandir}/##"); do | |
210 | lang=$(echo $man | cut -c 1-2) | |
211 | case $(basename $man) in | |
212 | sss_*) | |
213 | echo "%lang(${lang}) %{_mandir}/${man}*" >> sssd_tools.lang | |
214 | ;; | |
215 | *) | |
216 | echo "%lang(${lang}) %{_mandir}/${man}*" >> sssd.lang | |
599b73f3 | 217 | ;; |
599b73f3 ER |
218 | esac |
219 | done | |
220 | ||
221 | %clean | |
222 | rm -rf $RPM_BUILD_ROOT | |
223 | ||
224 | %post | |
225 | /sbin/ldconfig | |
226 | /sbin/chkconfig --add %{name} | |
227 | %service %{name} restart | |
228 | ||
229 | %preun | |
230 | if [ "$1" = "0" ]; then | |
231 | %service -q %{name} stop | |
232 | /sbin/chkconfig --del %{name} | |
233 | fi | |
234 | ||
235 | %post client -p /sbin/ldconfig | |
236 | %postun client -p /sbin/ldconfig | |
237 | ||
238 | %post -n libipa_hbac -p /sbin/ldconfig | |
239 | %postun -n libipa_hbac -p /sbin/ldconfig | |
240 | ||
241 | %files -f sssd.lang | |
242 | %defattr(644,root,root,755) | |
dacaa562 | 243 | %attr(754,root,root) /etc/rc.d/init.d/sssd |
2713c68f | 244 | %defattr(644,root,root,755) |
599b73f3 | 245 | %attr(755,root,root) %{_sbindir}/sssd |
2713c68f ER |
246 | %dir %{_libexecdir}/%{servicename} |
247 | %attr(755,root,root) %{_libexecdir}/%{servicename}/*child | |
248 | %attr(755,root,root) %{_libexecdir}/%{servicename}/sssd_* | |
249 | %attr(755,root,root) %{_libexecdir}/%{servicename}/*.so | |
599b73f3 ER |
250 | %attr(755,root,root) %{ldb_modulesdir}/memberof.so |
251 | %dir %{sssdstatedir} | |
252 | %attr(700,root,root) %dir %{dbpath} | |
253 | %dir %{pipepath} | |
254 | %dir %{pubconfpath} | |
255 | %attr(700,root,root) %dir %{pipepath}/private | |
256 | %attr(750,root,root) %dir %{_var}/log/%{name} | |
257 | %attr(700,root,root) %dir %{_sysconfdir}/sssd | |
2713c68f | 258 | %config(noreplace) %attr(600,root,root) %{_sysconfdir}/sssd/sssd.conf |
599b73f3 ER |
259 | %config(noreplace) /etc/logrotate.d/sssd |
260 | %config(noreplace) %{_sysconfdir}/rwtab.d/sssd | |
261 | %config %{_sysconfdir}/sssd/sssd.api.conf | |
262 | %attr(700,root,root) %dir %{_sysconfdir}/sssd/sssd.api.d | |
2713c68f | 263 | %config %attr(600,root,root) %{_sysconfdir}/sssd/sssd.api.d/* |
599b73f3 ER |
264 | %{_mandir}/man5/sssd.conf.5* |
265 | %{_mandir}/man5/sssd-ipa.5* | |
266 | %{_mandir}/man5/sssd-krb5.5* | |
267 | %{_mandir}/man5/sssd-ldap.5* | |
268 | %{_mandir}/man5/sssd-simple.5* | |
269 | %{_mandir}/man8/sssd.8* | |
270 | %attr(755,root,root) %{py_sitedir}/pysss.so | |
271 | %{py_sitescriptdir}/*.py[co] | |
dacaa562 | 272 | %{py_sitescriptdir}/SSSDConfig-*.egg-info |
599b73f3 ER |
273 | |
274 | %files client -f sssd_tools.lang | |
275 | %defattr(644,root,root,755) | |
276 | %attr(755,root,root) /%{_lib}/libnss_sss.so.2 | |
277 | %attr(755,root,root) /%{_lib}/security/pam_sss.so | |
2713c68f | 278 | #%attr(755,root,root) %{_libdir}/krb5/plugins/libkrb5/sssd_krb5_locator_plugin.so |
599b73f3 ER |
279 | %{_mandir}/man8/pam_sss.8* |
280 | %{_mandir}/man8/sssd_krb5_locator_plugin.8* | |
281 | ||
282 | %files tools | |
283 | %defattr(644,root,root,755) | |
284 | %attr(755,root,root) %{_sbindir}/sss_useradd | |
285 | %attr(755,root,root) %{_sbindir}/sss_userdel | |
286 | %attr(755,root,root) %{_sbindir}/sss_usermod | |
287 | %attr(755,root,root) %{_sbindir}/sss_groupadd | |
288 | %attr(755,root,root) %{_sbindir}/sss_groupdel | |
289 | %attr(755,root,root) %{_sbindir}/sss_groupmod | |
290 | %attr(755,root,root) %{_sbindir}/sss_groupshow | |
291 | %attr(755,root,root) %{_sbindir}/sss_obfuscate | |
292 | %attr(755,root,root) %{_sbindir}/sss_cache | |
293 | %{_mandir}/man8/sss_groupadd.8* | |
294 | %{_mandir}/man8/sss_groupdel.8* | |
295 | %{_mandir}/man8/sss_groupmod.8* | |
296 | %{_mandir}/man8/sss_groupshow.8* | |
297 | %{_mandir}/man8/sss_useradd.8* | |
298 | %{_mandir}/man8/sss_userdel.8* | |
299 | %{_mandir}/man8/sss_usermod.8* | |
300 | %{_mandir}/man8/sss_obfuscate.8* | |
301 | %{_mandir}/man8/sss_cache.8* | |
302 | ||
303 | %files -n libipa_hbac | |
304 | %defattr(644,root,root,755) | |
2713c68f | 305 | %attr(755,root,root) %{_libdir}/libipa_hbac.so.* |
599b73f3 ER |
306 | |
307 | %files -n libipa_hbac-devel | |
308 | %defattr(644,root,root,755) | |
309 | %{_includedir}/ipa_hbac.h | |
310 | %{_libdir}/libipa_hbac.so | |
311 | %{_pkgconfigdir}/ipa_hbac.pc | |
312 | ||
313 | %files -n python-libipa_hbac | |
314 | %defattr(644,root,root,755) | |
315 | %{py_sitedir}/pyhbac.so |