# TODO
+# - python3 packages
# - pac-responder (currently relies on MIT krb5 >= 1.9)
# - fix stripping before rpm:
# *** WARNING: no sources found for /usr/lib64/libipa_hbac.so.0.0.0 (stripped without sourcefile information?)
+#
+# Conditional build:
+%bcond_without python2 # CPython 2.x module
+%bcond_with python3 # CPython 3.x module
+
%define ldb_version 1.1.0
Summary: System Security Services Daemon
Summary(pl.UTF-8): System Security Services Daemon - demon usług bezpieczeństwa systemu
Name: sssd
-Version: 1.11.6
+Version: 1.13.4
Release: 0.1
License: GPL v3+
Group: Applications/System
Source0: https://fedorahosted.org/released/sssd/%{name}-%{version}.tar.gz
-# Source0-md5: e4684e81171a8799fe4839b697c7e740
+# Source0-md5: d147e0a4f4719d993693c6a99370b350
Source1: %{name}.init
-Patch0: %{name}-python-config.patch
Patch1: %{name}-heimdal.patch
Patch2: %{name}-systemd.patch
+Patch3: %{name}-link.patch
URL: https://fedorahosted.org/sssd/
+BuildRequires: augeas-devel >= 1.0.0
BuildRequires: autoconf >= 2.59
BuildRequires: automake
# nsupdate utility
BuildRequires: bind-utils
BuildRequires: c-ares-devel
BuildRequires: check-devel >= 0.9.5
+BuildRequires: cifs-utils-devel
BuildRequires: cmocka-devel
BuildRequires: cyrus-sasl-devel >= 2
BuildRequires: dbus-devel >= 1.0.0
BuildRequires: docbook-dtd44-xml
BuildRequires: docbook-style-xsl
BuildRequires: doxygen
-BuildRequires: gettext-devel >= 0.14
+BuildRequires: gettext-tools >= 0.14.4
BuildRequires: glib2-devel >= 2.0
BuildRequires: heimdal-devel
BuildRequires: keyutils-devel
BuildRequires: libdhash-devel >= 0.4.2
BuildRequires: libini_config-devel >= 1.0.0
BuildRequires: ldb-devel >= %{ldb_version}
+BuildRequires: libltdl-devel
+BuildRequires: libnfsidmap-devel
BuildRequires: libnl-devel >= 3.2
BuildRequires: libselinux-devel
BuildRequires: libsemanage-devel
-BuildRequires: libtool
+BuildRequires: libtool >= 2:2
BuildRequires: libxml2-progs
BuildRequires: libxslt-progs
BuildRequires: m4
BuildRequires: openldap-devel
BuildRequires: pam-devel
BuildRequires: pcre-devel >= 7
+BuildRequires: pkgconfig
BuildRequires: po4a
BuildRequires: popt-devel
-BuildRequires: python-devel >= 2.4
+BuildRequires: python-devel >= 1:2.4
+BuildRequires: rpm-pythonprov
BuildRequires: rpmbuild(macros) >= 1.228
# pkgconfig(ndr_nbt)
BuildRequires: samba-devel >= 4
- sss_seed tworzący wpis użytkownika do szybkiego rozruchu,
- sss_obfuscate do generowania utajnionego hasła LDAP.
+%package libwbclient
+Summary: The SSSD libwbclient implementation
+Summary(pl.UTF-8): Implementacja libwbclient oparta na SSSD
+Group: Libraries
+License: LGPL v3+
+Requires: libsss_nss_idmap = %{version}-%{release}
+
+%description libwbclient
+The SSSD implementation of Samba wbclient library.
+
+%description libwbclient -l pl.UTF-8
+Implementacja biblioteki Samba wbclient oparta na SSSD.
+
+%package libwbclient-devel
+Summary: Development files of the SSSD libwbclient implementation
+Summary(pl.UTF-8): Pliki programistyczne implementacja libwbclient oparta na SSSD
+Group: Development/Libraries
+License: LGPL v3+
+Requires: %{name}-libwbclient = %{version}-%{release}
+
+%description libwbclient-devel
+Development files for the SSSD implementation of Samba wbclient
+library.
+
+%description libwbclient-devel -l pl.UTF-8
+Pliki programistyczne implementacji biblioteki Samba wbclient opartej
+na SSSD.
+
%package -n libipa_hbac
Summary: FreeIPA HBAC Evaluator library
Summary(pl.UTF-8): Biblioteka oceniająca FreeIPA HBAC
Ten pakiet zawiera wiązania umożliwiające korzystanie z biblioteki
libsss_nss_idmap w aplikacjach Pythona.
+%package -n libsss_simpleifp
+Summary: A library that simplifies work with the InfoPipe responder
+Summary(pl.UTF-8): Biblioteka upraszczająca pracę z responderem InfoPipe
+Group: Libraries
+Requires: dbus-libs >= 1.0.0
+Requires: libdhash >= 0.4.2
+
+%description -n libsss_simpleifp
+A library that simplifies work with the InfoPipe responder.
+
+%description -n libsss_simpleifp -l pl.UTF-8
+Biblioteka upraszczająca pracę z responderem InfoPipe.
+
+%package -n libsss_simpleifp-devel
+Summary: Header files for libsss_simpleifp library
+Summary(pl.UTF-8): Pliki nagłówkowe biblioteki libsss_simpleifp
+Group: Development/Libraries
+Requires: dbus-devel >= 1.0.0
+Requires: libdhash-devel >= 0.4.2
+Requires: libsss_simpleifp = %{version}-%{release}
+
+%description -n libsss_simpleifp-devel
+Header files for libsss_simpleifp library.
+
+%description -n libsss_simpleifp-devel -l pl.UTF-8
+Pliki nagłówkowe biblioteki libsss_simpleifp.
+
%prep
%setup -q
-%patch0 -p1
%patch1 -p1
%patch2 -p1
+%patch3 -p1
%build
%{__libtoolize}
#CFLAGS="-Wno-deprecated-declarations"
%configure \
NSCD=/usr/sbin/nscd \
+ --enable-nfsidmaplibdir=/%{_lib}/libnfsidmap \
+ --enable-nsslibdir=/%{_lib} \
+ --enable-pammoddir=/%{_lib}/security \
+ --disable-rpath \
--with-db-path=%{dbpath} \
+ --with-init-dir=/etc/rc.d/init.d \
--with-initscript=sysv,systemd \
--with-pipe-path=%{pipepath} \
--with-pubconf-path=%{pubconfpath} \
- --with-init-dir=/etc/rc.d/init.d \
- --enable-nsslibdir=/%{_lib} \
- --enable-pammoddir=/%{_lib}/security \
- --disable-rpath \
+ --with%{!?with_python2:out}-python2-bindings \
+ --with%{!?with_python3:out}-python3-bindings \
--with-systemdunitdir=%{systemdunitdir} \
--with-test-dir=/dev/shm
# Remove .la files created by libtool
%{__rm} \
$RPM_BUILD_ROOT/%{_lib}/libnss_sss.la \
+ $RPM_BUILD_ROOT/%{_lib}/libnfsidmap/sss.la \
$RPM_BUILD_ROOT/%{_lib}/security/pam_sss.la \
$RPM_BUILD_ROOT%{ldb_modulesdir}/memberof.la \
+ $RPM_BUILD_ROOT%{_libdir}/cifs-utils/*.la \
$RPM_BUILD_ROOT%{_libdir}/krb5/plugins/libkrb5/sss*.la \
$RPM_BUILD_ROOT%{_libdir}/sssd/libsss_*.la \
- $RPM_BUILD_ROOT%{_libdir}/sssd/modules/libsss_*.la \
+ $RPM_BUILD_ROOT%{_libdir}/sssd/modules/lib*.la \
$RPM_BUILD_ROOT%{_libdir}/lib*.la \
$RPM_BUILD_ROOT%{py_sitedir}/*.la
%post -n libsss_nss_idmap -p /sbin/ldconfig
%postun -n libsss_nss_idmap -p /sbin/ldconfig
+%post -n libsss_simpleifp -p /sbin/ldconfig
+%postun -n libsss_simpleifp -p /sbin/ldconfig
+
%files -f sssd.lang
%defattr(644,root,root,755)
%attr(755,root,root) %{_bindir}/sss_ssh_authorizedkeys
%attr(755,root,root) %{_libdir}/libsss_sudo.so
%dir %{_libdir}/sssd
# internal shared libraries
+%attr(755,root,root) %{_libdir}/sssd/libsss_ad_common.so
%attr(755,root,root) %{_libdir}/sssd/libsss_child.so
+%attr(755,root,root) %{_libdir}/sssd/libsss_config.so
%attr(755,root,root) %{_libdir}/sssd/libsss_crypt.so
%attr(755,root,root) %{_libdir}/sssd/libsss_debug.so
%attr(755,root,root) %{_libdir}/sssd/libsss_ldap_common.so
+%attr(755,root,root) %{_libdir}/sssd/libsss_semanage.so
%attr(755,root,root) %{_libdir}/sssd/libsss_util.so
# modules
%attr(755,root,root) %{_libdir}/sssd/libsss_simple.so
%if "%{_libdir}" != "%{_libexecdir}"
%dir %{_libexecdir}/sssd
%endif
+%attr(755,root,root) %{_libexecdir}/sssd/gpo_child
%attr(755,root,root) %{_libexecdir}/sssd/krb5_child
%attr(755,root,root) %{_libexecdir}/sssd/ldap_child
%attr(755,root,root) %{_libexecdir}/sssd/proxy_child
+%attr(755,root,root) %{_libexecdir}/sssd/selinux_child
+%attr(755,root,root) %{_libexecdir}/sssd/sss_signal
%attr(755,root,root) %{_libexecdir}/sssd/sssd_autofs
%attr(755,root,root) %{_libexecdir}/sssd/sssd_be
%attr(755,root,root) %{_libexecdir}/sssd/sssd_ifp
%{_datadir}/sssd/sssd.api.d/sssd-local.conf
%{_datadir}/sssd/sssd.api.d/sssd-proxy.conf
%{_datadir}/sssd/sssd.api.d/sssd-simple.conf
+%attr(755,root,root) /%{_lib}/libnfsidmap/sss.so
%attr(755,root,root) %{ldb_modulesdir}/memberof.so
%dir %{sssdstatedir}
%attr(700,root,root) %dir %{dbpath}
%attr(754,root,root) /etc/rc.d/init.d/sssd
%{systemdunitdir}/sssd.service
/etc/dbus-1/system.d/org.freedesktop.sssd.infopipe.conf
+%{_datadir}/dbus-1/system-services/org.freedesktop.sssd.infopipe.service
%{_mandir}/man1/sss_ssh_authorizedkeys.1*
%{_mandir}/man1/sss_ssh_knownhostsproxy.1*
+%{_mandir}/man5/sss_rpcidmapd.5*
%{_mandir}/man5/sssd.conf.5*
%{_mandir}/man5/sssd-ad.5*
%{_mandir}/man5/sssd-ifp.5*
%defattr(644,root,root,755)
%attr(755,root,root) /%{_lib}/libnss_sss.so.2
%attr(755,root,root) /%{_lib}/security/pam_sss.so
+%attr(755,root,root) %{_libdir}/cifs-utils/cifs_idmap_sss.so
# FIXME: is it proper path for heimdal? where to package parent dirs?
#%attr(755,root,root) %{_libdir}/krb5/plugins/libkrb5/sssd_krb5_locator_plugin.so
%{_mandir}/man8/pam_sss.8*
%files -n python-libsss_nss_idmap
%defattr(644,root,root,755)
%attr(755,root,root) %{py_sitedir}/pysss_nss_idmap.so
+
+%files -n libsss_simpleifp
+%defattr(644,root,root,755)
+%attr(755,root,root) %{_libdir}/libsss_simpleifp.so.*.*.*
+%attr(755,root,root) %ghost %{_libdir}/libsss_simpleifp.so.0
+
+%files -n libsss_simpleifp-devel
+%defattr(644,root,root,755)
+%attr(755,root,root) %{_libdir}/libsss_simpleifp.so
+%{_includedir}/sss_sifp.h
+%{_includedir}/sss_sifp_dbus.h
+%{_pkgconfigdir}/sss_simpleifp.pc
+
+%files libwbclient
+%defattr(644,root,root,755)
+%attr(755,root,root) %{_libdir}/sssd/modules/libwbclient.so.*
+
+%files libwbclient-devel
+%defattr(644,root,root,755)
+%attr(755,root,root) %{_libdir}/sssd/modules/libwbclient.so
+%{_includedir}/wbclient_sssd.h
+%{_pkgconfigdir}/wbclient_sssd.pc