2 #error: Failed build dependencies:
3 # keyutils-libs-devel is needed by sssd-1.6.1-0.1.src
4 # krb5-devel >= 1.9 is needed by sssd-1.6.1-0.1.src
5 # libcollection-devel is needed by sssd-1.6.1-0.1.src
6 # libdhash-devel >= 0.4.2 is needed by sssd-1.6.1-0.1.src
7 # libini_config-devel is needed by sssd-1.6.1-0.1.src
8 # libldb-devel = 1.1.0 is needed by sssd-1.6.1-0.1.src
9 # libtdb-devel is needed by sssd-1.6.1-0.1.src
10 # libtevent-devel is needed by sssd-1.6.1-0.1.src
12 %define ldb_version 1.1.0
13 Summary: System Security Services Daemon
18 Group: Applications/System
19 URL: http://fedorahosted.org/sssd/
20 Source0: https://fedorahosted.org/released/sssd/%{name}-%{version}.tar.gz
21 BuildRequires: autoconf
22 BuildRequires: automake
23 BuildRequires: bind-utils
24 BuildRequires: c-ares-devel
25 BuildRequires: check-devel
26 BuildRequires: dbus-devel
27 BuildRequires: dbus-libs
28 BuildRequires: docbook-style-xsl
29 BuildRequires: doxygen
30 BuildRequires: gettext-devel
31 BuildRequires: keyutils-libs-devel
32 BuildRequires: krb5-devel >= 1.9
33 BuildRequires: libcollection-devel
34 BuildRequires: libdhash-devel >= 0.4.2
35 BuildRequires: libini_config-devel
36 BuildRequires: libldb-devel = %{ldb_version}
37 BuildRequires: libnl-devel
38 BuildRequires: libselinux-devel
39 BuildRequires: libsemanage-devel
40 BuildRequires: libtalloc-devel
41 BuildRequires: libtdb-devel
42 BuildRequires: libtevent-devel
43 BuildRequires: libtool
44 BuildRequires: libunistring-devel
45 BuildRequires: libxml2
46 BuildRequires: libxslt
49 BuildRequires: nspr-devel
50 BuildRequires: nss-devel
51 BuildRequires: openldap-devel
52 BuildRequires: pam-devel
53 BuildRequires: pcre-devel
54 BuildRequires: popt-devel
55 BuildRequires: python-devel
56 BuildRequires: rpmbuild(macros) >= 1.228
57 Requires(post,preun): /sbin/chkconfig
58 Requires(post,postun): /sbin/ldconfig
59 Requires: cyrus-sasl-gssapi
60 Requires: krb5-libs >= 1.9
61 Requires: libldb = %{ldb_version}
62 Requires: libtdb >= 1.1.3
63 Requires: %{name}-client = %{version}-%{release}
64 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
66 %define servicename sssd
67 %define sssdstatedir %{_localstatedir}/lib/sss
68 %define dbpath %{sssdstatedir}/db
69 %define pipepath %{sssdstatedir}/pipes
70 %define pubconfpath %{sssdstatedir}/pubconf
72 # Determine the location of the LDB modules directory
73 %define ldb_modulesdir %(pkg-config --variable=modulesdir ldb)
76 Provides a set of daemons to manage access to remote directories and
77 authentication mechanisms. It provides an NSS and PAM interface toward
78 the system and a pluggable backend system to connect to multiple
79 different account sources. It is also the basis to provide client
80 auditing and policy services for projects like FreeIPA.
83 Summary: SSSD Client libraries for NSS and PAM
85 Group: Applications/System
88 Provides the libraries needed by the PAM and NSS stacks to connect to
92 Summary: Userspace tools for use with the SSSD
94 Group: Applications/System
95 Requires: %{name} = %{version}-%{release}
98 Provides userspace tools for manipulating users, groups, and nested
99 groups in SSSD when using id_provider = local in /etc/sssd/sssd.conf.
101 Also provides a userspace tool for generating an obfuscated LDAP
102 password for use with ldap_default_authtok_type = obfuscated_password.
104 %package -n libipa_hbac
105 Summary: FreeIPA HBAC Evaluator library
107 Group: Development/Libraries
109 %description -n libipa_hbac
110 Utility library to validate FreeIPA HBAC rules for authorization
113 %package -n libipa_hbac-devel
114 Summary: FreeIPA HBAC Evaluator library
116 Group: Development/Libraries
117 Requires: libipa_hbac = %{version}-%{release}
119 %description -n libipa_hbac-devel
120 Utility library to validate FreeIPA HBAC rules for authorization
123 %package -n python-libipa_hbac
124 Summary: Python bindings for the FreeIPA HBAC Evaluator library
126 Group: Development/Libraries
127 Requires: libipa_hbac = %{version}-%{release}
128 Obsoletes: libipa_hbac-python
130 %description -n python-libipa_hbac
131 This package contains the bindings so that libipa_hbac can be used by
140 --with-db-path=%{dbpath} \
141 --with-pipe-path=%{pipepath} \
142 --with-pubconf-path=%{pubconfpath} \
143 --with-init-dir=%{_initrddir} \
144 --enable-nsslibdir=/%{_lib} \
145 --enable-pammoddir=/%{_lib}/security \
148 --with-test-dir=/dev/shm
153 export CK_TIMEOUT_MULTIPLIER=10
155 unset CK_TIMEOUT_MULTIPLIER
159 rm -rf $RPM_BUILD_ROOT
161 DESTDIR=$RPM_BUILD_ROOT
163 # Prepare language files
166 # Copy default sssd.conf file
167 install -d $RPM_BUILD_ROOT%{_sysconfdir}/sssd
168 cp -p src/examples/sssd.conf $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.conf
169 cp -p src/config%{_sysconfdir}/sssd.api.conf $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.api.conf
170 cp -p src/config%{_sysconfdir}/sssd.api.d/* $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.api.d/
172 # Copy default logrotate file
173 install -d $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d
174 cp -p src/examples/logrotate $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/sssd
176 # Make sure SSSD is able to run on read-only root
177 install -d $RPM_BUILD_ROOT/%{_sysconfdir}/rwtab.d
178 cp -p src/examples/rwtab $RPM_BUILD_ROOT%{_sysconfdir}/rwtab.d/sssd
180 # Remove .la files created by libtool
182 $RPM_BUILD_ROOT/%{_lib}/libnss_sss.la \
183 $RPM_BUILD_ROOT/%{_lib}/security/pam_sss.la \
184 $RPM_BUILD_ROOT/%{ldb_modulesdir}/memberof.la \
185 $RPM_BUILD_ROOT/%{_libdir}/sssd/libsss_ldap.la \
186 $RPM_BUILD_ROOT/%{_libdir}/sssd/libsss_proxy.la \
187 $RPM_BUILD_ROOT/%{_libdir}/sssd/libsss_krb5.la \
188 $RPM_BUILD_ROOT/%{_libdir}/sssd/libsss_ipa.la \
189 $RPM_BUILD_ROOT/%{_libdir}/sssd/libsss_simple.la \
190 $RPM_BUILD_ROOT/%{_libdir}/krb5/plugins/libkrb5/sssd_krb5_locator_plugin.la \
191 $RPM_BUILD_ROOT/%{_libdir}/libipa_hbac.la \
192 $RPM_BUILD_ROOT/%{py_sitedir}/pysss.la \
193 $RPM_BUILD_ROOT/%{py_sitedir}/pyhbac.la
195 touch sssd_tools.lang
196 for man in `find $RPM_BUILD_ROOT/%{_mandir}/??/man?/ -type f | sed -e "s#$RPM_BUILD_ROOT/%{_mandir}/##"`; do
197 lang=`echo $man | cut -c 1-2`
198 case `basename $man` in
200 echo \%lang\(${lang}\) \%{_mandir}/${man}\* >> sssd_tools.lang
203 echo \%lang\(${lang}\) \%{_mandir}/${man}\* >> sssd.lang
209 rm -rf $RPM_BUILD_ROOT
213 /sbin/chkconfig --add %{name}
214 %service %{name} restart
217 if [ "$1" = "0" ]; then
218 %service -q %{name} stop
219 /sbin/chkconfig --del %{name}
222 %post client -p /sbin/ldconfig
223 %postun client -p /sbin/ldconfig
225 %post -n libipa_hbac -p /sbin/ldconfig
226 %postun -n libipa_hbac -p /sbin/ldconfig
229 %defattr(644,root,root,755)
230 %attr(755,root,root) %{_sbindir}/sssd
231 %{_libexecdir}/%{servicename}
233 %attr(755,root,root) %{ldb_modulesdir}/memberof.so
235 %attr(700,root,root) %dir %{dbpath}
238 %attr(700,root,root) %dir %{pipepath}/private
239 %attr(750,root,root) %dir %{_var}/log/%{name}
240 %attr(700,root,root) %dir %{_sysconfdir}/sssd
241 %config(noreplace) %{_sysconfdir}/sssd/sssd.conf
242 %config(noreplace) /etc/logrotate.d/sssd
243 %config(noreplace) %{_sysconfdir}/rwtab.d/sssd
244 %config %{_sysconfdir}/sssd/sssd.api.conf
245 %attr(700,root,root) %dir %{_sysconfdir}/sssd/sssd.api.d
246 %config %{_sysconfdir}/sssd/sssd.api.d/
247 %{_mandir}/man5/sssd.conf.5*
248 %{_mandir}/man5/sssd-ipa.5*
249 %{_mandir}/man5/sssd-krb5.5*
250 %{_mandir}/man5/sssd-ldap.5*
251 %{_mandir}/man5/sssd-simple.5*
252 %{_mandir}/man8/sssd.8*
253 %attr(755,root,root) %{py_sitedir}/pysss.so
254 %{py_sitescriptdir}/*.py[co]
256 %files client -f sssd_tools.lang
257 %defattr(644,root,root,755)
258 %attr(755,root,root) /%{_lib}/libnss_sss.so.2
259 %attr(755,root,root) /%{_lib}/security/pam_sss.so
260 %attr(755,root,root) %{_libdir}/krb5/plugins/libkrb5/sssd_krb5_locator_plugin.so
261 %{_mandir}/man8/pam_sss.8*
262 %{_mandir}/man8/sssd_krb5_locator_plugin.8*
265 %defattr(644,root,root,755)
266 %attr(755,root,root) %{_sbindir}/sss_useradd
267 %attr(755,root,root) %{_sbindir}/sss_userdel
268 %attr(755,root,root) %{_sbindir}/sss_usermod
269 %attr(755,root,root) %{_sbindir}/sss_groupadd
270 %attr(755,root,root) %{_sbindir}/sss_groupdel
271 %attr(755,root,root) %{_sbindir}/sss_groupmod
272 %attr(755,root,root) %{_sbindir}/sss_groupshow
273 %attr(755,root,root) %{_sbindir}/sss_obfuscate
274 %attr(755,root,root) %{_sbindir}/sss_cache
275 %{_mandir}/man8/sss_groupadd.8*
276 %{_mandir}/man8/sss_groupdel.8*
277 %{_mandir}/man8/sss_groupmod.8*
278 %{_mandir}/man8/sss_groupshow.8*
279 %{_mandir}/man8/sss_useradd.8*
280 %{_mandir}/man8/sss_userdel.8*
281 %{_mandir}/man8/sss_usermod.8*
282 %{_mandir}/man8/sss_obfuscate.8*
283 %{_mandir}/man8/sss_cache.8*
285 %files -n libipa_hbac
286 %defattr(644,root,root,755)
287 %{_libdir}/libipa_hbac.so.*
289 %files -n libipa_hbac-devel
290 %defattr(644,root,root,755)
291 %{_includedir}/ipa_hbac.h
292 %{_libdir}/libipa_hbac.so
293 %{_pkgconfigdir}/ipa_hbac.pc
295 %files -n python-libipa_hbac
296 %defattr(644,root,root,755)
297 %{py_sitedir}/pyhbac.so
298 %{py_sitescriptdir}/*.egg-info