sssd.spec

   1 # TODO
   2 #error: Failed build dependencies:
   3 #        keyutils-libs-devel is needed by sssd-1.6.1-0.1.src
   4 #        krb5-devel >= 1.9 is needed by sssd-1.6.1-0.1.src
   5 #        libcollection-devel is needed by sssd-1.6.1-0.1.src
   6 #        libdhash-devel >= 0.4.2 is needed by sssd-1.6.1-0.1.src
   7 #        libini_config-devel is needed by sssd-1.6.1-0.1.src
   8 #        libldb-devel = 1.1.0 is needed by sssd-1.6.1-0.1.src
   9 #        libtdb-devel is needed by sssd-1.6.1-0.1.src
  10 #        libtevent-devel is needed by sssd-1.6.1-0.1.src
  11
  12 %define         ldb_version 1.1.0
  13 Summary:        System Security Services Daemon
  14 Name:           sssd
  15 Version:        1.6.1
  16 Release:        0.1
  17 License:        GPL v3+
  18 Group:          Applications/System
  19 URL:            http://fedorahosted.org/sssd/
  20 Source0:        https://fedorahosted.org/released/sssd/%{name}-%{version}.tar.gz
  21 BuildRequires:  autoconf
  22 BuildRequires:  automake
  23 BuildRequires:  bind-utils
  24 BuildRequires:  c-ares-devel
  25 BuildRequires:  check-devel
  26 BuildRequires:  dbus-devel
  27 BuildRequires:  dbus-libs
  28 BuildRequires:  docbook-style-xsl
  29 BuildRequires:  doxygen
  30 BuildRequires:  gettext-devel
  31 BuildRequires:  keyutils-libs-devel
  32 BuildRequires:  krb5-devel >= 1.9
  33 BuildRequires:  libcollection-devel
  34 BuildRequires:  libdhash-devel >= 0.4.2
  35 BuildRequires:  libini_config-devel
  36 BuildRequires:  libldb-devel = %{ldb_version}
  37 BuildRequires:  libnl-devel
  38 BuildRequires:  libselinux-devel
  39 BuildRequires:  libsemanage-devel
  40 BuildRequires:  libtalloc-devel
  41 BuildRequires:  libtdb-devel
  42 BuildRequires:  libtevent-devel
  43 BuildRequires:  libtool
  44 BuildRequires:  libunistring-devel
  45 BuildRequires:  libxml2
  46 BuildRequires:  libxslt
  47 BuildRequires:  m4
  48 BuildRequires:  nscd
  49 BuildRequires:  nspr-devel
  50 BuildRequires:  nss-devel
  51 BuildRequires:  openldap-devel
  52 BuildRequires:  pam-devel
  53 BuildRequires:  pcre-devel
  54 BuildRequires:  popt-devel
  55 BuildRequires:  python-devel
  56 BuildRequires:  rpmbuild(macros) >= 1.228
  57 Requires(post,preun):   /sbin/chkconfig
  58 Requires(post,postun):  /sbin/ldconfig
  59 Requires:       cyrus-sasl-gssapi
  60 Requires:       krb5-libs >= 1.9
  61 Requires:       libldb = %{ldb_version}
  62 Requires:       libtdb >= 1.1.3
  63 Requires:       %{name}-client = %{version}-%{release}
  64 BuildRoot:      %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
  65
  66 %define         servicename             sssd
  67 %define         sssdstatedir    %{_localstatedir}/lib/sss
  68 %define         dbpath                  %{sssdstatedir}/db
  69 %define         pipepath                %{sssdstatedir}/pipes
  70 %define         pubconfpath             %{sssdstatedir}/pubconf
  71
  72 # Determine the location of the LDB modules directory
  73 %define         ldb_modulesdir  %(pkg-config --variable=modulesdir ldb)
  74
  75 %description
  76 Provides a set of daemons to manage access to remote directories and
  77 authentication mechanisms. It provides an NSS and PAM interface toward
  78 the system and a pluggable backend system to connect to multiple
  79 different account sources. It is also the basis to provide client
  80 auditing and policy services for projects like FreeIPA.
  81
  82 %package client
  83 Summary:        SSSD Client libraries for NSS and PAM
  84 License:        LGPLv3+
  85 Group:          Applications/System
  86
  87 %description client
  88 Provides the libraries needed by the PAM and NSS stacks to connect to
  89 the SSSD service.
  90
  91 %package tools
  92 Summary:        Userspace tools for use with the SSSD
  93 License:        GPL v3+
  94 Group:          Applications/System
  95 Requires:       %{name} = %{version}-%{release}
  96
  97 %description tools
  98 Provides userspace tools for manipulating users, groups, and nested
  99 groups in SSSD when using id_provider = local in /etc/sssd/sssd.conf.
 100
 101 Also provides a userspace tool for generating an obfuscated LDAP
 102 password for use with ldap_default_authtok_type = obfuscated_password.
 103
 104 %package -n libipa_hbac
 105 Summary:        FreeIPA HBAC Evaluator library
 106 License:        LGPLv3+
 107 Group:          Development/Libraries
 108
 109 %description -n libipa_hbac
 110 Utility library to validate FreeIPA HBAC rules for authorization
 111 requests
 112
 113 %package -n libipa_hbac-devel
 114 Summary:        FreeIPA HBAC Evaluator library
 115 License:        LGPLv3+
 116 Group:          Development/Libraries
 117 Requires:       libipa_hbac = %{version}-%{release}
 118
 119 %description -n libipa_hbac-devel
 120 Utility library to validate FreeIPA HBAC rules for authorization
 121 requests
 122
 123 %package -n python-libipa_hbac
 124 Summary:        Python bindings for the FreeIPA HBAC Evaluator library
 125 License:        LGPLv3+
 126 Group:          Development/Libraries
 127 Requires:       libipa_hbac = %{version}-%{release}
 128 Obsoletes:      libipa_hbac-python
 129
 130 %description -n python-libipa_hbac
 131 This package contains the bindings so that libipa_hbac can be used by
 132 Python applications.
 133
 134 %prep
 135 %setup -q
 136
 137 %build
 138 autoreconf -ivf
 139 %configure \
 140         --with-db-path=%{dbpath} \
 141         --with-pipe-path=%{pipepath} \
 142         --with-pubconf-path=%{pubconfpath} \
 143         --with-init-dir=%{_initrddir} \
 144         --enable-nsslibdir=/%{_lib} \
 145         --enable-pammoddir=/%{_lib}/security \
 146         --disable-static \
 147         --disable-rpath \
 148         --with-test-dir=/dev/shm
 149
 150 %{__make}
 151
 152 %if %{with tests}
 153 export CK_TIMEOUT_MULTIPLIER=10
 154 %{__make} check
 155 unset CK_TIMEOUT_MULTIPLIER
 156 %endif
 157
 158 %install
 159 rm -rf $RPM_BUILD_ROOT
 160 %{__make} install \
 161         DESTDIR=$RPM_BUILD_ROOT
 162
 163 # Prepare language files
 164 %find_lang %{name}
 165
 166 # Copy default sssd.conf file
 167 install -d $RPM_BUILD_ROOT%{_sysconfdir}/sssd
 168 cp -p src/examples/sssd.conf $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.conf
 169 cp -p src/config%{_sysconfdir}/sssd.api.conf $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.api.conf
 170 cp -p src/config%{_sysconfdir}/sssd.api.d/* $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.api.d/
 171
 172 # Copy default logrotate file
 173 install -d $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d
 174 cp -p src/examples/logrotate $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/sssd
 175
 176 # Make sure SSSD is able to run on read-only root
 177 install -d $RPM_BUILD_ROOT/%{_sysconfdir}/rwtab.d
 178 cp -p src/examples/rwtab $RPM_BUILD_ROOT%{_sysconfdir}/rwtab.d/sssd
 179
 180 # Remove .la files created by libtool
 181 %{__rm} \
 182     $RPM_BUILD_ROOT/%{_lib}/libnss_sss.la \
 183     $RPM_BUILD_ROOT/%{_lib}/security/pam_sss.la \
 184     $RPM_BUILD_ROOT/%{ldb_modulesdir}/memberof.la \
 185     $RPM_BUILD_ROOT/%{_libdir}/sssd/libsss_ldap.la \
 186     $RPM_BUILD_ROOT/%{_libdir}/sssd/libsss_proxy.la \
 187     $RPM_BUILD_ROOT/%{_libdir}/sssd/libsss_krb5.la \
 188     $RPM_BUILD_ROOT/%{_libdir}/sssd/libsss_ipa.la \
 189     $RPM_BUILD_ROOT/%{_libdir}/sssd/libsss_simple.la \
 190     $RPM_BUILD_ROOT/%{_libdir}/krb5/plugins/libkrb5/sssd_krb5_locator_plugin.la \
 191     $RPM_BUILD_ROOT/%{_libdir}/libipa_hbac.la \
 192     $RPM_BUILD_ROOT/%{py_sitedir}/pysss.la \
 193     $RPM_BUILD_ROOT/%{py_sitedir}/pyhbac.la
 194
 195 touch sssd_tools.lang
 196 for man in `find $RPM_BUILD_ROOT/%{_mandir}/??/man?/ -type f | sed -e "s#$RPM_BUILD_ROOT/%{_mandir}/##"`; do
 197         lang=`echo $man | cut -c 1-2`
 198         case `basename $man` in
 199                 sss_*)
 200                         echo \%lang\(${lang}\) \%{_mandir}/${man}\* >> sssd_tools.lang
 201                 ;;
 202                 *)
 203                         echo \%lang\(${lang}\) \%{_mandir}/${man}\* >> sssd.lang
 204                         ;;
 205         esac
 206 done
 207
 208 %clean
 209 rm -rf $RPM_BUILD_ROOT
 210
 211 %post
 212 /sbin/ldconfig
 213 /sbin/chkconfig --add %{name}
 214 %service %{name} restart
 215
 216 %preun
 217 if [ "$1" = "0" ]; then
 218         %service -q %{name} stop
 219         /sbin/chkconfig --del %{name}
 220 fi
 221
 222 %post   client -p /sbin/ldconfig
 223 %postun client -p /sbin/ldconfig
 224
 225 %post   -n libipa_hbac -p /sbin/ldconfig
 226 %postun -n libipa_hbac -p /sbin/ldconfig
 227
 228 %files -f sssd.lang
 229 %defattr(644,root,root,755)
 230 %attr(755,root,root) %{_sbindir}/sssd
 231 %{_libexecdir}/%{servicename}
 232 %{_libdir}/%{name}/
 233 %attr(755,root,root) %{ldb_modulesdir}/memberof.so
 234 %dir %{sssdstatedir}
 235 %attr(700,root,root) %dir %{dbpath}
 236 %dir %{pipepath}
 237 %dir %{pubconfpath}
 238 %attr(700,root,root) %dir %{pipepath}/private
 239 %attr(750,root,root) %dir %{_var}/log/%{name}
 240 %attr(700,root,root) %dir %{_sysconfdir}/sssd
 241 %config(noreplace) %{_sysconfdir}/sssd/sssd.conf
 242 %config(noreplace) /etc/logrotate.d/sssd
 243 %config(noreplace) %{_sysconfdir}/rwtab.d/sssd
 244 %config %{_sysconfdir}/sssd/sssd.api.conf
 245 %attr(700,root,root) %dir %{_sysconfdir}/sssd/sssd.api.d
 246 %config %{_sysconfdir}/sssd/sssd.api.d/
 247 %{_mandir}/man5/sssd.conf.5*
 248 %{_mandir}/man5/sssd-ipa.5*
 249 %{_mandir}/man5/sssd-krb5.5*
 250 %{_mandir}/man5/sssd-ldap.5*
 251 %{_mandir}/man5/sssd-simple.5*
 252 %{_mandir}/man8/sssd.8*
 253 %attr(755,root,root) %{py_sitedir}/pysss.so
 254 %{py_sitescriptdir}/*.py[co]
 255
 256 %files client -f sssd_tools.lang
 257 %defattr(644,root,root,755)
 258 %attr(755,root,root) /%{_lib}/libnss_sss.so.2
 259 %attr(755,root,root) /%{_lib}/security/pam_sss.so
 260 %attr(755,root,root) %{_libdir}/krb5/plugins/libkrb5/sssd_krb5_locator_plugin.so
 261 %{_mandir}/man8/pam_sss.8*
 262 %{_mandir}/man8/sssd_krb5_locator_plugin.8*
 263
 264 %files tools
 265 %defattr(644,root,root,755)
 266 %attr(755,root,root) %{_sbindir}/sss_useradd
 267 %attr(755,root,root) %{_sbindir}/sss_userdel
 268 %attr(755,root,root) %{_sbindir}/sss_usermod
 269 %attr(755,root,root) %{_sbindir}/sss_groupadd
 270 %attr(755,root,root) %{_sbindir}/sss_groupdel
 271 %attr(755,root,root) %{_sbindir}/sss_groupmod
 272 %attr(755,root,root) %{_sbindir}/sss_groupshow
 273 %attr(755,root,root) %{_sbindir}/sss_obfuscate
 274 %attr(755,root,root) %{_sbindir}/sss_cache
 275 %{_mandir}/man8/sss_groupadd.8*
 276 %{_mandir}/man8/sss_groupdel.8*
 277 %{_mandir}/man8/sss_groupmod.8*
 278 %{_mandir}/man8/sss_groupshow.8*
 279 %{_mandir}/man8/sss_useradd.8*
 280 %{_mandir}/man8/sss_userdel.8*
 281 %{_mandir}/man8/sss_usermod.8*
 282 %{_mandir}/man8/sss_obfuscate.8*
 283 %{_mandir}/man8/sss_cache.8*
 284
 285 %files -n libipa_hbac
 286 %defattr(644,root,root,755)
 287 %{_libdir}/libipa_hbac.so.*
 288
 289 %files -n libipa_hbac-devel
 290 %defattr(644,root,root,755)
 291 %{_includedir}/ipa_hbac.h
 292 %{_libdir}/libipa_hbac.so
 293 %{_pkgconfigdir}/ipa_hbac.pc
 294
 295 %files -n python-libipa_hbac
 296 %defattr(644,root,root,755)
 297 %{py_sitedir}/pyhbac.so
 298 %{py_sitescriptdir}/*.egg-info