1 %define ldb_version 1.1.0
2 Summary: System Security Services Daemon
7 Group: Applications/System
8 URL: http://fedorahosted.org/sssd/
9 Source0: https://fedorahosted.org/released/sssd/%{name}-%{version}.tar.gz
10 # Source0-md5: 2da6d0006b70929d4d491e952e808bf5
12 Patch0: %{name}-python-config.patch
13 Patch1: %{name}-heimdal.patch
14 BuildRequires: autoconf
15 BuildRequires: automake
16 BuildRequires: bind-utils
17 BuildRequires: c-ares-devel
18 BuildRequires: check-devel
19 BuildRequires: dbus-devel
20 BuildRequires: dbus-libs
21 BuildRequires: docbook-dtd44-xml
22 BuildRequires: docbook-style-xsl
23 BuildRequires: doxygen
24 BuildRequires: gettext-devel
25 BuildRequires: heimdal-devel
26 BuildRequires: keyutils-devel
27 BuildRequires: libcollection-devel
28 BuildRequires: libdhash-devel >= 0.4.2
29 BuildRequires: libini_config-devel
30 BuildRequires: libldb-devel = %{ldb_version}
31 BuildRequires: libnl-devel
32 BuildRequires: libselinux-devel
33 BuildRequires: libsemanage-devel
34 BuildRequires: libtalloc-devel
35 BuildRequires: libtool
36 BuildRequires: libunistring-devel
37 BuildRequires: libxml2
38 BuildRequires: libxslt
41 BuildRequires: nspr-devel
42 BuildRequires: nss-devel
43 BuildRequires: openldap-devel
44 BuildRequires: pam-devel
45 BuildRequires: pcre-devel
46 BuildRequires: popt-devel
47 BuildRequires: python-devel
48 BuildRequires: rpmbuild(macros) >= 1.228
49 BuildRequires: tdb-devel
50 BuildRequires: tevent-devel
51 Requires(post,postun): /sbin/ldconfig
52 Requires(post,preun): /sbin/chkconfig
53 Requires: %{name}-client = %{version}-%{release}
54 Requires: cyrus-sasl-gssapi
55 Requires: krb5-libs >= 1.9
56 Requires: libldb = %{ldb_version}
57 Requires: tdb >= 1.1.3
58 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
60 %define servicename sssd
61 %define sssdstatedir %{_localstatedir}/lib/sss
62 %define dbpath %{sssdstatedir}/db
63 %define pipepath %{sssdstatedir}/pipes
64 %define pubconfpath %{sssdstatedir}/pubconf
66 # Determine the location of the LDB modules directory
67 %define ldb_modulesdir %(pkg-config --variable=modulesdir ldb)
70 Provides a set of daemons to manage access to remote directories and
71 authentication mechanisms. It provides an NSS and PAM interface toward
72 the system and a pluggable backend system to connect to multiple
73 different account sources. It is also the basis to provide client
74 auditing and policy services for projects like FreeIPA.
77 Summary: SSSD Client libraries for NSS and PAM
79 Group: Applications/System
82 Provides the libraries needed by the PAM and NSS stacks to connect to
86 Summary: Userspace tools for use with the SSSD
88 Group: Applications/System
89 Requires: %{name} = %{version}-%{release}
92 Provides userspace tools for manipulating users, groups, and nested
93 groups in SSSD when using id_provider = local in /etc/sssd/sssd.conf.
95 Also provides a userspace tool for generating an obfuscated LDAP
96 password for use with ldap_default_authtok_type = obfuscated_password.
98 %package -n libipa_hbac
99 Summary: FreeIPA HBAC Evaluator library
101 Group: Development/Libraries
103 %description -n libipa_hbac
104 Utility library to validate FreeIPA HBAC rules for authorization
107 %package -n libipa_hbac-devel
108 Summary: FreeIPA HBAC Evaluator library
110 Group: Development/Libraries
111 Requires: libipa_hbac = %{version}-%{release}
113 %description -n libipa_hbac-devel
114 Utility library to validate FreeIPA HBAC rules for authorization
117 %package -n python-libipa_hbac
118 Summary: Python bindings for the FreeIPA HBAC Evaluator library
120 Group: Development/Libraries
121 Requires: libipa_hbac = %{version}-%{release}
122 Obsoletes: libipa_hbac-python
124 %description -n python-libipa_hbac
125 This package contains the bindings so that libipa_hbac can be used by
138 CFLAGS=-Wno-deprecated-declarations
141 --with-db-path=%{dbpath} \
142 --with-pipe-path=%{pipepath} \
143 --with-pubconf-path=%{pubconfpath} \
144 --with-init-dir=%{_initrddir} \
145 --enable-nsslibdir=/%{_lib} \
146 --enable-pammoddir=/%{_lib}/security \
149 --with-test-dir=/dev/shm
154 export CK_TIMEOUT_MULTIPLIER=10
156 unset CK_TIMEOUT_MULTIPLIER
160 rm -rf $RPM_BUILD_ROOT
162 DESTDIR=$RPM_BUILD_ROOT
164 # Prepare language files
167 # Copy default sssd.conf file
168 install -d $RPM_BUILD_ROOT%{_sysconfdir}/sssd
169 cp -p src/examples/sssd.conf $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.conf
170 cp -p src/config%{_sysconfdir}/sssd.api.conf $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.api.conf
171 cp -p src/config%{_sysconfdir}/sssd.api.d/* $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.api.d/
173 # Copy default logrotate file
174 install -d $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d
175 cp -p src/examples/logrotate $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/sssd
177 # Make sure SSSD is able to run on read-only root
178 install -d $RPM_BUILD_ROOT/%{_sysconfdir}/rwtab.d
179 cp -p src/examples/rwtab $RPM_BUILD_ROOT%{_sysconfdir}/rwtab.d/sssd
181 # Remove .la files created by libtool
183 $RPM_BUILD_ROOT/%{_lib}/libnss_sss.la \
184 $RPM_BUILD_ROOT/%{_lib}/security/pam_sss.la \
185 $RPM_BUILD_ROOT/%{ldb_modulesdir}/memberof.la \
186 $RPM_BUILD_ROOT/%{_libdir}/sssd/libsss_ldap.la \
187 $RPM_BUILD_ROOT/%{_libdir}/sssd/libsss_proxy.la \
188 $RPM_BUILD_ROOT/%{_libdir}/sssd/libsss_krb5.la \
189 $RPM_BUILD_ROOT/%{_libdir}/sssd/libsss_ipa.la \
190 $RPM_BUILD_ROOT/%{_libdir}/sssd/libsss_simple.la \
191 $RPM_BUILD_ROOT/%{_libdir}/krb5/plugins/libkrb5/sssd_krb5_locator_plugin.la \
192 $RPM_BUILD_ROOT/%{_libdir}/libipa_hbac.la \
193 $RPM_BUILD_ROOT/%{py_sitedir}/pysss.la \
194 $RPM_BUILD_ROOT/%{py_sitedir}/pyhbac.la
196 install -p %{SOURCE1} $RPM_BUILD_ROOT/etc/rc.d/init.d/%{name}
198 touch sssd_tools.lang
199 for man in `find $RPM_BUILD_ROOT/%{_mandir}/??/man?/ -type f | sed -e "s#$RPM_BUILD_ROOT/%{_mandir}/##"`; do
200 lang=`echo $man | cut -c 1-2`
201 case `basename $man` in
203 echo \%lang\(${lang}\) \%{_mandir}/${man}\* >> sssd_tools.lang
206 echo \%lang\(${lang}\) \%{_mandir}/${man}\* >> sssd.lang
212 rm -rf $RPM_BUILD_ROOT
216 /sbin/chkconfig --add %{name}
217 %service %{name} restart
220 if [ "$1" = "0" ]; then
221 %service -q %{name} stop
222 /sbin/chkconfig --del %{name}
225 %post client -p /sbin/ldconfig
226 %postun client -p /sbin/ldconfig
228 %post -n libipa_hbac -p /sbin/ldconfig
229 %postun -n libipa_hbac -p /sbin/ldconfig
232 %defattr(644,root,root,755)
233 %attr(755,root,root) /etc/rc.d/init.d/sssd
234 %defattr(644,root,root,755)
235 %attr(755,root,root) %{_sbindir}/sssd
236 %dir %{_libexecdir}/%{servicename}
237 %attr(755,root,root) %{_libexecdir}/%{servicename}/*child
238 %attr(755,root,root) %{_libexecdir}/%{servicename}/sssd_*
239 %attr(755,root,root) %{_libexecdir}/%{servicename}/*.so
240 %attr(755,root,root) %{ldb_modulesdir}/memberof.so
242 %attr(700,root,root) %dir %{dbpath}
245 %attr(700,root,root) %dir %{pipepath}/private
246 %attr(750,root,root) %dir %{_var}/log/%{name}
247 %attr(700,root,root) %dir %{_sysconfdir}/sssd
248 %config(noreplace) %attr(600,root,root) %{_sysconfdir}/sssd/sssd.conf
249 %config(noreplace) /etc/logrotate.d/sssd
250 %config(noreplace) %{_sysconfdir}/rwtab.d/sssd
251 %config %{_sysconfdir}/sssd/sssd.api.conf
252 %attr(700,root,root) %dir %{_sysconfdir}/sssd/sssd.api.d
253 %config %attr(600,root,root) %{_sysconfdir}/sssd/sssd.api.d/*
254 %{_mandir}/man5/sssd.conf.5*
255 %{_mandir}/man5/sssd-ipa.5*
256 %{_mandir}/man5/sssd-krb5.5*
257 %{_mandir}/man5/sssd-ldap.5*
258 %{_mandir}/man5/sssd-simple.5*
259 %{_mandir}/man8/sssd.8*
260 %attr(755,root,root) %{py_sitedir}/pysss.so
261 %{py_sitescriptdir}/*.py[co]
263 %files client -f sssd_tools.lang
264 %defattr(644,root,root,755)
265 %attr(755,root,root) /%{_lib}/libnss_sss.so.2
266 %attr(755,root,root) /%{_lib}/security/pam_sss.so
267 #%attr(755,root,root) %{_libdir}/krb5/plugins/libkrb5/sssd_krb5_locator_plugin.so
268 %{_mandir}/man8/pam_sss.8*
269 %{_mandir}/man8/sssd_krb5_locator_plugin.8*
272 %defattr(644,root,root,755)
273 %attr(755,root,root) %{_sbindir}/sss_useradd
274 %attr(755,root,root) %{_sbindir}/sss_userdel
275 %attr(755,root,root) %{_sbindir}/sss_usermod
276 %attr(755,root,root) %{_sbindir}/sss_groupadd
277 %attr(755,root,root) %{_sbindir}/sss_groupdel
278 %attr(755,root,root) %{_sbindir}/sss_groupmod
279 %attr(755,root,root) %{_sbindir}/sss_groupshow
280 %attr(755,root,root) %{_sbindir}/sss_obfuscate
281 %attr(755,root,root) %{_sbindir}/sss_cache
282 %{_mandir}/man8/sss_groupadd.8*
283 %{_mandir}/man8/sss_groupdel.8*
284 %{_mandir}/man8/sss_groupmod.8*
285 %{_mandir}/man8/sss_groupshow.8*
286 %{_mandir}/man8/sss_useradd.8*
287 %{_mandir}/man8/sss_userdel.8*
288 %{_mandir}/man8/sss_usermod.8*
289 %{_mandir}/man8/sss_obfuscate.8*
290 %{_mandir}/man8/sss_cache.8*
292 %files -n libipa_hbac
293 %defattr(644,root,root,755)
294 %attr(755,root,root) %{_libdir}/libipa_hbac.so.*
296 %files -n libipa_hbac-devel
297 %defattr(644,root,root,755)
298 %{_includedir}/ipa_hbac.h
299 %{_libdir}/libipa_hbac.so
300 %{_pkgconfigdir}/ipa_hbac.pc
302 %files -n python-libipa_hbac
303 %defattr(644,root,root,755)
304 %{py_sitedir}/pyhbac.so
305 %{py_sitescriptdir}/*.egg-info