X-Git-Url: http://git.pld-linux.org/?p=packages%2Fsssd.git;a=blobdiff_plain;f=sssd.spec;h=ab09855ba8031fb43e6af05edc978dd824acefb3;hp=1c246b1463472c5c5d819287074d180a0e78db34;hb=37fed74;hpb=dacaa562df2d01fcc6e8d5a0a103440427f9ac29

diff --git a/sssd.spec b/sssd.spec
index 1c246b1..ab09855 100644
--- a/sssd.spec
+++ b/sssd.spec
@@ -1,68 +1,101 @@
 # TODO
 # - fix stripping before rpm:
 #   *** WARNING: no sources found for /usr/lib64/libipa_hbac.so.0.0.0 (stripped without sourcefile information?)
+# - add info how sssd-heimdal.patch is updated, where is it's origin?
+#
+# Conditional build:
+%bcond_with	tests	# check target
+%bcond_without	python2 # CPython 2.x module
+%bcond_without	python3 # CPython 3.x module
+%bcond_with	krb5	# MIT Kerberos V instead of Heimdal (enables locator plugin, profile support and pac-responder)
+
 %define		ldb_version 1.1.0
 Summary:	System Security Services Daemon
+Summary(pl.UTF-8):	System Security Services Daemon - demon usÅug bezpieczeÅstwa systemu
 Name:		sssd
-Version:	1.6.2
-Release:	0.1
+Version:	1.13.4
+Release:	2
 License:	GPL v3+
 Group:		Applications/System
-URL:		http://fedorahosted.org/sssd/
 Source0:	https://fedorahosted.org/released/sssd/%{name}-%{version}.tar.gz
-# Source0-md5:	38cf9c8dc8f173e068fcb31b7ee9baf1
+# Source0-md5:	d147e0a4f4719d993693c6a99370b350
 Source1:	%{name}.init
-Patch0:		%{name}-python-config.patch
+Patch0:		%{name}-python.patch
 Patch1:		%{name}-heimdal.patch
-BuildRequires:	autoconf
+Patch2:		%{name}-systemd.patch
+Patch3:		%{name}-link.patch
+URL:		https://fedorahosted.org/sssd/
+BuildRequires:	augeas-devel >= 1.0.0
+BuildRequires:	autoconf >= 2.59
 BuildRequires:	automake
+# nsupdate utility
 BuildRequires:	bind-utils
 BuildRequires:	c-ares-devel
-BuildRequires:	check-devel
-BuildRequires:	dbus-devel
-BuildRequires:	dbus-libs
+BuildRequires:	check-devel >= 0.9.5
+BuildRequires:	cifs-utils-devel
+%{?with_tests:BuildRequires:	cmocka-devel >= 1.0.0}
+BuildRequires:	cyrus-sasl-devel >= 2
+BuildRequires:	dbus-devel >= 1.0.0
 BuildRequires:	docbook-dtd44-xml
 BuildRequires:	docbook-style-xsl
 BuildRequires:	doxygen
-BuildRequires:	gettext-devel
-BuildRequires:	heimdal-devel
+%{?with_tests:BuildRequires:	fakeroot}
+BuildRequires:	gettext-tools >= 0.14.4
+BuildRequires:	glib2-devel >= 2.0
+%{!?with_krb5:BuildRequires:	heimdal-devel}
 BuildRequires:	keyutils-devel
-BuildRequires:	libcollection-devel
+%{?with_krb5:BuildRequires:	krb5-devel >= 1.9}
+BuildRequires:	ldb-devel >= %{ldb_version}
+BuildRequires:	libcollection-devel >= 0.5.1
 BuildRequires:	libdhash-devel >= 0.4.2
-BuildRequires:	libini_config-devel
-BuildRequires:	libldb-devel = %{ldb_version}
-BuildRequires:	libnl-devel
+BuildRequires:	libini_config-devel >= 1.1.0
+BuildRequires:	libltdl-devel
+BuildRequires:	libnfsidmap-devel
+BuildRequires:	libnl-devel >= 3.2
 BuildRequires:	libselinux-devel
 BuildRequires:	libsemanage-devel
-BuildRequires:	libtalloc-devel
-BuildRequires:	libtool
-BuildRequires:	libtool
-BuildRequires:	libunistring-devel
-BuildRequires:	libxml2
-BuildRequires:	libxslt
+BuildRequires:	libsmbclient-devel
+BuildRequires:	libtool >= 2:2
+BuildRequires:	libxml2-progs
+BuildRequires:	libxslt-progs
 BuildRequires:	m4
-BuildRequires:	nscd
 BuildRequires:	nspr-devel
 BuildRequires:	nss-devel
+%{?with_tests:BuildRequires:	nss_wrapper}
 BuildRequires:	openldap-devel
 BuildRequires:	pam-devel
-BuildRequires:	pcre-devel
+BuildRequires:	pcre-devel >= 7
+BuildRequires:	pkgconfig
+BuildRequires:	po4a
 BuildRequires:	popt-devel
-BuildRequires:	python-devel
-BuildRequires:	rpmbuild(macros) >= 1.228
-BuildRequires:	tdb-devel
+%{?with_python2:BuildRequires:	python-devel >= 1:2.6}
+%{?with_tests:BuildRequires:	python-pytest}
+%{?with_python3:BuildRequires:	python3-devel >= 1:3.3}
+BuildRequires:	rpm-pythonprov
+BuildRequires:	rpmbuild(macros) >= 1.612
+# pkgconfig(ndr_nbt), pkgconfig(ndr_krb5pac) if with krb5
+BuildRequires:	samba-devel >= 4
+BuildRequires:	systemd-devel >= 1:209
+BuildRequires:	systemd-units
+BuildRequires:	talloc-devel
+BuildRequires:	tdb-devel >= 1.1.3
 BuildRequires:	tevent-devel
-Requires(post,postun):	/sbin/ldconfig
+%{?with_tests:BuildRequires:	uid_wrapper}
+Requires(post):	/sbin/ldconfig
 Requires(post,preun):	/sbin/chkconfig
 Requires:	%{name}-client = %{version}-%{release}
 Requires:	cyrus-sasl-gssapi
-Requires:	krb5-libs >= 1.9
-Requires:	libldb = %{ldb_version}
+Requires:	ldb >= %{ldb_version}
+Requires:	libcollection >= 0.5.1
+Requires:	libdhash >= 0.4.2
+Requires:	libini_config >= 1.1.0
+Requires:	libsss_idmap = %{version}-%{release}
+Requires:	pcre >= 7
+Requires:	rc-scripts >= 0.4.0.10
 Requires:	tdb >= 1.1.3
 BuildRoot:	%{tmpdir}/%{name}-%{version}-root-%(id -u -n)
 
-%define		servicename		sssd
-%define		sssdstatedir	%{_localstatedir}/lib/sss
+%define		sssdstatedir		%{_localstatedir}/lib/sss
 %define		dbpath			%{sssdstatedir}/db
 %define		pipepath		%{sssdstatedir}/pipes
 %define		pubconfpath		%{sssdstatedir}/pubconf
@@ -77,17 +110,32 @@ the system and a pluggable backend system to connect to multiple
 different account sources. It is also the basis to provide client
 auditing and policy services for projects like FreeIPA.
 
+%description -l pl.UTF-8
+Ten pakiet dostarcza zbiÃ³r demonÃ³w do zarzÄdzania dostÄpem do zdalnych
+katalogÃ³w i mechanizmÃ³w uwierzytelniania. UdostÄpnia interfejsy NSS i
+PAM dla systemu oraz system backendu z wtyczkami w celu ÅÄczenia siÄ z
+wieloma rÃ³Å¼nymi ÅºrÃ³dÅami kont. Jest takÅ¼e podstawÄ zapewniajÄcÄ audyt
+klientÃ³w oraz usÅugi polityk dla projektÃ³w takich jak FreeIPA.
+
 %package client
 Summary:	SSSD Client libraries for NSS and PAM
-License:	LGPLv3+
+Summary(pl.UTF-8):	Biblioteki klienckie SSSD dla NSS i PAM
+License:	LGPL v3+
 Group:		Applications/System
+Requires:	libsss_idmap = %{version}-%{release}
+Requires:	libsss_nss_idmap = %{version}-%{release}
 
 %description client
 Provides the libraries needed by the PAM and NSS stacks to connect to
 the SSSD service.
 
+%description client -l pl.UTF-8
+Ten pakiet dostarcza biblioteki wymagane przez stosy PAM i NSS w celu
+ÅÄczenia siÄ z usÅugÄ SSSD.
+
 %package tools
 Summary:	Userspace tools for use with the SSSD
+Summary(pl.UTF-8):	NarzÄdzia przestrzeni uÅ¼ytkownika do uÅ¼ywania z SSSD
 License:	GPL v3+
 Group:		Applications/System
 Requires:	%{name} = %{version}-%{release}
@@ -96,60 +144,345 @@ Requires:	%{name} = %{version}-%{release}
 Provides userspace tools for manipulating users, groups, and nested
 groups in SSSD when using id_provider = local in /etc/sssd/sssd.conf.
 
-Also provides a userspace tool for generating an obfuscated LDAP
-password for use with ldap_default_authtok_type = obfuscated_password.
+Also provides several other administrative tools:
+ - sss_debuglevel to change the debug level on the fly,
+ - sss_seed which pre-creates a user entry for use in kickstarts,
+ - sss_obfuscate for generating an obfuscated LDAP password.
+
+%description tools -l pl.UTF-8
+Ten pakiet dostarcza narzÄdzia przestrzeni poleceÅ do operowania na
+uÅ¼ytkownikach, grupach oraz zagnieÅ¼dÅ¼onych grupach w SSSD w przypadku
+uÅ¼ywania id_provider = local w /etc/sssd/sssd.conf.
+
+Pakiet zawiera takÅ¼e kilka innych narzÄdzi administracyjnych:
+ - sss_debuglevel do zmiany poziomu diagnostyki w locie,
+ - sss_seed tworzÄcy wpis uÅ¼ytkownika do szybkiego rozruchu,
+ - sss_obfuscate do generowania utajnionego hasÅa LDAP.
+
+%package -n python-sss
+Summary:	Python 2 bindings for sssd
+Summary(pl.UTF-8):	WiÄzania Pythona 2 do sssd
+License:	LGPL v3+
+Group:		Libraries/Python
+Requires:	%{name} = %{version}-%{release}
+
+%description -n python-sss
+Python 2 module for manipulating users, groups, and nested groups in
+SSSD when using id_provider = local in /etc/sssd/sssd.conf.
+
+This module also provides several other useful Python 2 bindings:
+ - function for retrieving list of groups user belongs to.
+ - class for obfuscation of passwords
+
+%description -n python-sss -l pl.UTF-8
+ModuÅ Pythona 2 do operowania na uÅ¼ytkownikach, grupach i
+zagnieÅ¼dÅ¼onych grupach w SSSD w przypadku uÅ¼ywania id_provider = local
+w /etc/sssd/sssd.conf.
+
+Ten moduÅ dostarcza takÅ¼e kilka innych przydatnych wiÄzaÅ Pythona 2:
+ - funkcjÄ do uÅ¼yskiwania list grup, do ktÃ³rych naleÅ¼y uÅ¼ytkownik,
+ - klasÄ do ukrywania haseÅ.
+
+%package -n python-sss-murmur
+Summary:	Python 2 bindings for murmur hash function
+Summary(pl.UTF-8):	WiÄzania Pythona 2 do funkcji mieszajÄcej murmur
+License:	LGPL v3+
+Group:		Libraries/Python
+
+%description -n python-sss-murmur
+Python 2 module for calculating the murmur hash version 3.
+
+%description -n python-sss-murmur -l pl.UTF-8
+ModuÅ Pythona 2 do obliczania skrÃ³tu murmur w wersji 3.
+
+%package -n python-sssdconfig
+Summary:	SSSD and IPA configuration file manipulation classes and functions for Python 2
+Summary(pl.UTF-8):	Klasy i funkcje Pythona 2 do operowania na plikach konfiguracyjnych SSSD oraz IPA
+License:	GPL v3+
+Group:		Libraries/Python
+BuildArch:	noarch
+
+%description -n python-sssdconfig
+SSSD and IPA configuration file manipulation classes and functions for
+Python 2.
+
+%description -n python-sssdconfig -l pl.UTF-8
+Klasy i funkcje Pythona 2 do operowania na plikach konfiguracyjnych
+SSSD oraz IPA.
+
+%package -n python3-sss
+Summary:	Python 3 bindings for sssd
+Summary(pl.UTF-8):	WiÄzania Pythona 3 do sssd
+License:	LGPL v3+
+Group:		Libraries/Python
+Requires:	%{name} = %{version}-%{release}
+
+%description -n python3-sss
+Python 3 module for manipulating users, groups, and nested groups in
+SSSD when using id_provider = local in /etc/sssd/sssd.conf.
+
+This module also provides several other useful Python 3 bindings:
+ - function for retrieving list of groups user belongs to.
+ - class for obfuscation of passwords
+
+%description -n python3-sss -l pl.UTF-8
+ModuÅ Pythona 3 do operowania na uÅ¼ytkownikach, grupach i
+zagnieÅ¼dÅ¼onych grupach w SSSD w przypadku uÅ¼ywania id_provider = local
+w /etc/sssd/sssd.conf.
+
+Ten moduÅ dostarcza takÅ¼e kilka innych przydatnych wiÄzaÅ Pythona 3:
+ - funkcjÄ do uÅ¼yskiwania list grup, do ktÃ³rych naleÅ¼y uÅ¼ytkownik,
+ - klasÄ do ukrywania haseÅ.
+
+%package -n python3-sss-murmur
+Summary:	Python 3 bindings for murmur hash function
+Summary(pl.UTF-8):	WiÄzania Pythona 3 do funkcji mieszajÄcej murmur
+License:	LGPL v3+
+Group:		Libraries/Python
+
+%description -n python3-sss-murmur
+Python 3 module for calculating the murmur hash version 3.
+
+%description -n python3-sss-murmur -l pl.UTF-8
+ModuÅ Pythona 3 do obliczania skrÃ³tu murmur w wersji 3.
+
+%package -n python3-sssdconfig
+Summary:	SSSD and IPA configuration file manipulation classes and functions for Python 3
+Summary(pl.UTF-8):	Klasy i funkcje Pythona 3 do operowania na plikach konfiguracyjnych SSSD oraz IPA
+License:	GPL v3+
+Group:		Libraries/Python
+BuildArch:	noarch
+
+%description -n python3-sssdconfig
+SSSD and IPA configuration file manipulation classes and functions for
+Python 3.
+
+%description -n python3-sssdconfig -l pl.UTF-8
+Klasy i funkcje Pythona 3 do operowania na plikach konfiguracyjnych
+SSSD oraz IPA.
+
+%package libwbclient
+Summary:	The SSSD libwbclient implementation
+Summary(pl.UTF-8):	Implementacja libwbclient oparta na SSSD
+Group:		Libraries
+License:	LGPL v3+
+Requires:	libsss_nss_idmap = %{version}-%{release}
+
+%description libwbclient
+The SSSD implementation of Samba wbclient library.
+
+%description libwbclient -l pl.UTF-8
+Implementacja biblioteki Samba wbclient oparta na SSSD.
+
+%package libwbclient-devel
+Summary:	Development files of the SSSD libwbclient implementation
+Summary(pl.UTF-8):	Pliki programistyczne implementacja libwbclient oparta na SSSD
+Group:		Development/Libraries
+License:	LGPL v3+
+Requires:	%{name}-libwbclient = %{version}-%{release}
+
+%description libwbclient-devel
+Development files for the SSSD implementation of Samba wbclient
+library.
+
+%description libwbclient-devel -l pl.UTF-8
+Pliki programistyczne implementacji biblioteki Samba wbclient opartej
+na SSSD.
 
 %package -n libipa_hbac
 Summary:	FreeIPA HBAC Evaluator library
-License:	LGPLv3+
-Group:		Development/Libraries
+Summary(pl.UTF-8):	Biblioteka oceniajÄca FreeIPA HBAC
+License:	LGPL v3+
+Group:		Libraries
 
 %description -n libipa_hbac
 Utility library to validate FreeIPA HBAC rules for authorization
-requests
+requests.
+
+%description -n libipa_hbac
+Biblioteka narzÄdziowa do sprawdzania poprawnoÅci reguÅ FreeIPA HBAC
+dla Å¼ÄdaÅ autoryzacji.
 
 %package -n libipa_hbac-devel
-Summary:	FreeIPA HBAC Evaluator library
-License:	LGPLv3+
+Summary:	Development files for FreeIPA HBAC Evaluator library
+Summary(pl.UTF-8):	Pliki programistyczne biblioteki oceniajÄca FreeIPA HBAC
+License:	LGPL v3+
 Group:		Development/Libraries
 Requires:	libipa_hbac = %{version}-%{release}
 
 %description -n libipa_hbac-devel
-Utility library to validate FreeIPA HBAC rules for authorization
-requests
+Development files for FreeIPA HBAC Evaluator library.
+
+%description -n libipa_hbac-devel -l pl.UTF-8
+Pliki programistyczne biblioteki oceniajÄca FreeIPA HBAC.
 
 %package -n python-libipa_hbac
-Summary:	Python bindings for the FreeIPA HBAC Evaluator library
-License:	LGPLv3+
-Group:		Development/Libraries
+Summary:	Python 2 bindings for the FreeIPA HBAC Evaluator library
+Summary(pl.UTF-8):	WiÄzania Pythona 2 do biblioteki oceniajÄcej FreeIPA HBAC
+License:	LGPL v3+
+Group:		Libraries/Python
 Requires:	libipa_hbac = %{version}-%{release}
 Obsoletes:	libipa_hbac-python
 
 %description -n python-libipa_hbac
 This package contains the bindings so that libipa_hbac can be used by
-Python applications.
+Python 2 applications.
+
+%description -n python-libipa_hbac -l pl.UTF-8
+Ten pakiet zawiera wiÄzania pozwalajÄce na uÅ¼ywanie libipa_hbac w
+aplikacjach Pythona 2.
+
+%package -n python3-libipa_hbac
+Summary:	Python 3 bindings for the FreeIPA HBAC Evaluator library
+Summary(pl.UTF-8):	WiÄzania Pythona 3 do biblioteki oceniajÄcej FreeIPA HBAC
+License:	LGPL v3+
+Group:		Libraries/Python
+Requires:	libipa_hbac = %{version}-%{release}
+
+%description -n python3-libipa_hbac
+This package contains the bindings so that libipa_hbac can be used by
+Python 3 applications.
+
+%description -n python3-libipa_hbac -l pl.UTF-8
+Ten pakiet zawiera wiÄzania pozwalajÄce na uÅ¼ywanie libipa_hbac w
+aplikacjach Pythona 3.
+
+%package -n libsss_idmap
+Summary:	FreeIPA Idmap library
+Summary(pl.UTF-8):	Biblioteka FreeIPA Idmap
+Group:		Libraries
+License:	LGPL v3+
+
+%description -n libsss_idmap
+Utility library to convert SIDs to Unix uids and gids.
+
+%description -n libsss_idmap -l pl.UTF-8
+Biblioteka narzÄdziowa konwertujÄca SID-y na uniksowe uidy i gidy.
+
+%package -n libsss_idmap-devel
+Summary:	Development files for FreeIPA Idmap library
+Summary(pl.UTF-8):	Pliki programistyczne biblioteki FreeIPA Idmap
+Group:		Development/Libraries
+License:	LGPL v3+
+Requires:	libsss_idmap = %{version}-%{release}
+
+%description -n libsss_idmap-devel
+Development files for FreeIPA Idmap library.
+
+%description -n libsss_idmap-devel -l pl.UTF-8
+Pliki programistyczne biblioteki FreeIPA Idmap.
+
+%package -n libsss_nss_idmap
+Summary:	Library for SID based lookups
+Summary(pl.UTF-8):	Biblioteka do wyszukiwaÅ w oparciu o SID
+Group:		Libraries
+License:	LGPL v3+
+
+%description -n libsss_nss_idmap
+Utility library for SID based lookups.
+
+%description -n libsss_nss_idmap -l pl.UTF-8
+Biblioteka do wyszukiwaÅ w oparciu o SID.
+
+%package -n libsss_nss_idmap-devel
+Summary:	Development files for sss_nss_idmap library
+Summary(pl.UTF-8):	Pliki programistyczne biblioteki sss_nss_idmap
+Group:		Development/Libraries
+License:	LGPL v3+
+Requires:	libsss_nss_idmap = %{version}-%{release}
+
+%description -n libsss_nss_idmap-devel
+Development files for sss_nss_idmap library.
+
+%description -n libsss_nss_idmap-devel -l pl.UTF-8
+Pliki programistyczne biblioteki sss_nss_idmap.
+
+%package -n python-libsss_nss_idmap
+Summary:	Python 2 bindings for libsss_nss_idmap
+Summary(pl.UTF-8):	WiÄzania Pythona 2 do biblioteki libsss_nss_idmap
+Group:		Libraries/Python
+License:	LGPL v3+
+Requires:	libsss_nss_idmap = %{version}-%{release}
+
+%description -n python-libsss_nss_idmap
+This package contains the bindings so that libsss_nss_idmap can be
+used by Python 2 applications.
+
+%description -n python-libsss_nss_idmap -l pl.UTF-8
+Ten pakiet zawiera wiÄzania umoÅ¼liwiajÄce korzystanie z biblioteki
+libsss_nss_idmap w aplikacjach Pythona 2.
+
+%package -n python3-libsss_nss_idmap
+Summary:	Python 3 bindings for libsss_nss_idmap
+Summary(pl.UTF-8):	WiÄzania Pythona 3 do biblioteki libsss_nss_idmap
+Group:		Libraries/Python
+License:	LGPL v3+
+Requires:	libsss_nss_idmap = %{version}-%{release}
+
+%description -n python3-libsss_nss_idmap
+This package contains the bindings so that libsss_nss_idmap can be
+used by Python 3 applications.
+
+%description -n python3-libsss_nss_idmap -l pl.UTF-8
+Ten pakiet zawiera wiÄzania umoÅ¼liwiajÄce korzystanie z biblioteki
+libsss_nss_idmap w aplikacjach Pythona 3.
+
+%package -n libsss_simpleifp
+Summary:	A library that simplifies work with the InfoPipe responder
+Summary(pl.UTF-8):	Biblioteka upraszczajÄca pracÄ z responderem InfoPipe
+Group:		Libraries
+Requires:	dbus-libs >= 1.0.0
+Requires:	libdhash >= 0.4.2
+
+%description -n libsss_simpleifp
+A library that simplifies work with the InfoPipe responder.
+
+%description -n libsss_simpleifp -l pl.UTF-8
+Biblioteka upraszczajÄca pracÄ z responderem InfoPipe.
+
+%package -n libsss_simpleifp-devel
+Summary:	Header files for libsss_simpleifp library
+Summary(pl.UTF-8):	Pliki nagÅÃ³wkowe biblioteki libsss_simpleifp
+Group:		Development/Libraries
+Requires:	dbus-devel >= 1.0.0
+Requires:	libdhash-devel >= 0.4.2
+Requires:	libsss_simpleifp = %{version}-%{release}
+
+%description -n libsss_simpleifp-devel
+Header files for libsss_simpleifp library.
+
+%description -n libsss_simpleifp-devel -l pl.UTF-8
+Pliki nagÅÃ³wkowe biblioteki libsss_simpleifp.
 
 %prep
 %setup -q
 %patch0 -p1
 %patch1 -p1
+%patch2 -p1
+%patch3 -p1
 
 %build
 %{__libtoolize}
 %{__gettextize}
-%{__aclocal}
-%{__automake}
+%{__aclocal} -I m4
 %{__autoconf}
-CFLAGS="-Wno-deprecated-declarations"
+%{__automake}
 %configure \
-	--with-db-path=%{dbpath} \
-	--with-pipe-path=%{pipepath} \
-	--with-pubconf-path=%{pubconfpath} \
-	--with-init-dir=%{_initrddir} \
+	NSCD=/usr/sbin/nscd \
+	%{!?with_krb5:--disable-krb5-locator-plugin} \
+	--enable-nfsidmaplibdir=/%{_lib}/libnfsidmap \
 	--enable-nsslibdir=/%{_lib} \
+	%{!?with_krb5:--disable-pac-responder} \
 	--enable-pammoddir=/%{_lib}/security \
-	--disable-static \
 	--disable-rpath \
+	--with-db-path=%{dbpath} \
+	--with-init-dir=/etc/rc.d/init.d \
+	--with-initscript=sysv,systemd \
+	--with-pipe-path=%{pipepath} \
+	--with-pubconf-path=%{pubconfpath} \
+	--with-python2-bindings%{!?with_python2:=no} \
+	--with-python3-bindings%{!?with_python3:=no} \
+	--with-systemdunitdir=%{systemdunitdir} \
 	--with-test-dir=/dev/shm
 
 %{__make}
@@ -162,19 +495,17 @@ unset CK_TIMEOUT_MULTIPLIER
 
 %install
 rm -rf $RPM_BUILD_ROOT
-%{__make} install \
-	DESTDIR=$RPM_BUILD_ROOT
+
+%{__make} -j1 install \
+	DESTDIR=$RPM_BUILD_ROOT \
+	python3dir=%{py3_sitescriptdir}
 
 # Prepare language files
 %find_lang %{name}
 
 # Copy default sssd.conf file
-install -d $RPM_BUILD_ROOT%{_sysconfdir}/sssd
-cp -p src/examples/sssd.conf $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.conf
-cd src/config
-cp -p etc/sssd.api.conf $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.api.conf
-cp -p etc/sssd.api.d/* $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.api.d
-cd -
+install -d $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.api.d
+cp -p src/examples/sssd-example.conf $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.conf
 
 # Copy default logrotate file
 install -d $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d
@@ -182,34 +513,38 @@ cp -p src/examples/logrotate $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/sssd
 
 # Make sure SSSD is able to run on read-only root
 install -d $RPM_BUILD_ROOT%{_sysconfdir}/rwtab.d
-cp -p src/examples/rwtab $RPM_BUILD_ROOT%{_sysconfdir}/rwtab.d/sssd
-
-# change %{py_sitedir} to %{py_sitescriptdir} for 'noarch' packages!
-%py_ocomp $RPM_BUILD_ROOT%{py_sitedir}
-%py_comp $RPM_BUILD_ROOT%{py_sitedir}
-%py_postclean
+#cp -p src/examples/rwtab $RPM_BUILD_ROOT%{_sysconfdir}/rwtab.d/sssd
 
 # Remove .la files created by libtool
 %{__rm} \
-    $RPM_BUILD_ROOT/%{_lib}/libnss_sss.la \
-    $RPM_BUILD_ROOT/%{_lib}/security/pam_sss.la \
-    $RPM_BUILD_ROOT%{ldb_modulesdir}/memberof.la \
-    $RPM_BUILD_ROOT%{_libdir}/sssd/libsss_ldap.la \
-    $RPM_BUILD_ROOT%{_libdir}/sssd/libsss_proxy.la \
-    $RPM_BUILD_ROOT%{_libdir}/sssd/libsss_krb5.la \
-    $RPM_BUILD_ROOT%{_libdir}/sssd/libsss_ipa.la \
-    $RPM_BUILD_ROOT%{_libdir}/sssd/libsss_simple.la \
-    $RPM_BUILD_ROOT%{_libdir}/libipa_hbac.la \
-    $RPM_BUILD_ROOT%{py_sitedir}/pysss.la \
-    $RPM_BUILD_ROOT%{py_sitedir}/pyhbac.la
+	$RPM_BUILD_ROOT/%{_lib}/libnss_sss.la \
+	$RPM_BUILD_ROOT/%{_lib}/libnfsidmap/sss.la \
+	$RPM_BUILD_ROOT/%{_lib}/security/pam_sss.la \
+	$RPM_BUILD_ROOT%{ldb_modulesdir}/memberof.la \
+	$RPM_BUILD_ROOT%{_libdir}/cifs-utils/*.la \
+	%{?with_krb5:$RPM_BUILD_ROOT%{_libdir}/krb5/plugins/libkrb5/sss*.la} \
+	$RPM_BUILD_ROOT%{_libdir}/sssd/libsss_*.la \
+	$RPM_BUILD_ROOT%{_libdir}/sssd/modules/lib*.la \
+	$RPM_BUILD_ROOT%{_libdir}/lib*.la
+%if %{with python2}
+%{__rm} $RPM_BUILD_ROOT%{py_sitedir}/*.la
+%py_postclean
+%endif
+%if %{with python3}
+%{__rm} $RPM_BUILD_ROOT%{py3_sitedir}/*.la
+%endif
 
 install -p %{SOURCE1} $RPM_BUILD_ROOT/etc/rc.d/init.d/%{name}
 
-> sssd_tools.lang
+echo '%%defattr(644,root,root,755)' > sssd_client.lang
+echo '%%defattr(644,root,root,755)' > sssd_tools.lang
 for man in $(find $RPM_BUILD_ROOT%{_mandir}/??/man? -type f | sed -e "s#$RPM_BUILD_ROOT%{_mandir}/##"); do
 	lang=$(echo $man | cut -c 1-2)
 	case $(basename $man) in
-	sss_*)
+	pam_sss.8|sssd_krb5_locator_plugin.8)
+		echo "%lang(${lang}) %{_mandir}/${man}*" >> sssd_client.lang
+		;;
+	sss_debuglevel.8|sss_group*.8|sss_obfuscate.8|sss_seed.8|sss_user*.8)
 		echo "%lang(${lang}) %{_mandir}/${man}*" >> sssd_tools.lang
 		;;
 	*)
@@ -232,21 +567,82 @@ if [ "$1" = "0" ]; then
 	/sbin/chkconfig --del %{name}
 fi
 
+%postun	-p /sbin/ldconfig
+
 %post	client -p /sbin/ldconfig
 %postun	client -p /sbin/ldconfig
 
 %post	-n libipa_hbac -p /sbin/ldconfig
 %postun	-n libipa_hbac -p /sbin/ldconfig
 
+%post	-n libsss_idmap -p /sbin/ldconfig
+%postun	-n libsss_idmap -p /sbin/ldconfig
+
+%post	-n libsss_nss_idmap -p /sbin/ldconfig
+%postun	-n libsss_nss_idmap -p /sbin/ldconfig
+
+%post	-n libsss_simpleifp -p /sbin/ldconfig
+%postun	-n libsss_simpleifp -p /sbin/ldconfig
+
 %files -f sssd.lang
 %defattr(644,root,root,755)
-%attr(754,root,root) /etc/rc.d/init.d/sssd
-%defattr(644,root,root,755)
+%attr(755,root,root) %{_bindir}/sss_ssh_authorizedkeys
+%attr(755,root,root) %{_bindir}/sss_ssh_knownhostsproxy
+%attr(755,root,root) %{_sbindir}/sss_cache
 %attr(755,root,root) %{_sbindir}/sssd
-%dir %{_libexecdir}/%{servicename}
-%attr(755,root,root) %{_libexecdir}/%{servicename}/*child
-%attr(755,root,root) %{_libexecdir}/%{servicename}/sssd_*
-%attr(755,root,root) %{_libexecdir}/%{servicename}/*.so
+# sudo plugin
+%attr(755,root,root) %{_libdir}/libsss_sudo.so
+%dir %{_libdir}/sssd
+# internal shared libraries
+%attr(755,root,root) %{_libdir}/sssd/libsss_cert.so
+%attr(755,root,root) %{_libdir}/sssd/libsss_child.so
+%attr(755,root,root) %{_libdir}/sssd/libsss_config.so
+%attr(755,root,root) %{_libdir}/sssd/libsss_crypt.so
+%attr(755,root,root) %{_libdir}/sssd/libsss_debug.so
+%attr(755,root,root) %{_libdir}/sssd/libsss_krb5_common.so
+%attr(755,root,root) %{_libdir}/sssd/libsss_ldap_common.so
+%attr(755,root,root) %{_libdir}/sssd/libsss_semanage.so
+%attr(755,root,root) %{_libdir}/sssd/libsss_util.so
+# modules
+%attr(755,root,root) %{_libdir}/sssd/libsss_simple.so
+%attr(755,root,root) %{_libdir}/sssd/libsss_ad.so
+%attr(755,root,root) %{_libdir}/sssd/libsss_ipa.so
+%attr(755,root,root) %{_libdir}/sssd/libsss_krb5.so
+%attr(755,root,root) %{_libdir}/sssd/libsss_ldap.so
+%attr(755,root,root) %{_libdir}/sssd/libsss_proxy.so
+%dir %{_libdir}/sssd/modules
+%attr(755,root,root) %{_libdir}/sssd/modules/libsss_autofs.so
+%if "%{_libdir}" != "%{_libexecdir}"
+%dir %{_libexecdir}/sssd
+%endif
+%attr(755,root,root) %{_libexecdir}/sssd/gpo_child
+%attr(755,root,root) %{_libexecdir}/sssd/krb5_child
+%attr(755,root,root) %{_libexecdir}/sssd/ldap_child
+%attr(755,root,root) %{_libexecdir}/sssd/p11_child
+%attr(755,root,root) %{_libexecdir}/sssd/proxy_child
+%attr(755,root,root) %{_libexecdir}/sssd/selinux_child
+%attr(755,root,root) %{_libexecdir}/sssd/sss_signal
+%attr(755,root,root) %{_libexecdir}/sssd/sssd_autofs
+%attr(755,root,root) %{_libexecdir}/sssd/sssd_be
+%attr(755,root,root) %{_libexecdir}/sssd/sssd_ifp
+%attr(755,root,root) %{_libexecdir}/sssd/sssd_nss
+%if %{with krb5}
+%attr(755,root,root) %{_libexecdir}/sssd/sssd_pac
+%endif
+%attr(755,root,root) %{_libexecdir}/sssd/sssd_pam
+%attr(755,root,root) %{_libexecdir}/sssd/sssd_ssh
+%attr(755,root,root) %{_libexecdir}/sssd/sssd_sudo
+%dir %{_datadir}/sssd
+%{_datadir}/sssd/sssd.api.conf
+%dir %{_datadir}/sssd/sssd.api.d
+%{_datadir}/sssd/sssd.api.d/sssd-ad.conf
+%{_datadir}/sssd/sssd.api.d/sssd-ipa.conf
+%{_datadir}/sssd/sssd.api.d/sssd-krb5.conf
+%{_datadir}/sssd/sssd.api.d/sssd-ldap.conf
+%{_datadir}/sssd/sssd.api.d/sssd-local.conf
+%{_datadir}/sssd/sssd.api.d/sssd-proxy.conf
+%{_datadir}/sssd/sssd.api.d/sssd-simple.conf
+%attr(755,root,root) /%{_lib}/libnfsidmap/sss.so
 %attr(755,root,root) %{ldb_modulesdir}/memberof.so
 %dir %{sssdstatedir}
 %attr(700,root,root) %dir %{dbpath}
@@ -255,61 +651,174 @@ fi
 %attr(700,root,root) %dir %{pipepath}/private
 %attr(750,root,root) %dir %{_var}/log/%{name}
 %attr(700,root,root) %dir %{_sysconfdir}/sssd
-%config(noreplace) %attr(600,root,root) %{_sysconfdir}/sssd/sssd.conf
-%config(noreplace) /etc/logrotate.d/sssd
-%config(noreplace) %{_sysconfdir}/rwtab.d/sssd
-%config %{_sysconfdir}/sssd/sssd.api.conf
-%attr(700,root,root) %dir %{_sysconfdir}/sssd/sssd.api.d
-%config %attr(600,root,root) %{_sysconfdir}/sssd/sssd.api.d/*
+%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/sssd/sssd.conf
+%config(noreplace) %verify(not md5 mtime size) /etc/logrotate.d/sssd
+#%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/rwtab.d/sssd
+%attr(754,root,root) /etc/rc.d/init.d/sssd
+%{systemdunitdir}/sssd.service
+/etc/dbus-1/system.d/org.freedesktop.sssd.infopipe.conf
+%{_datadir}/dbus-1/system-services/org.freedesktop.sssd.infopipe.service
+%{_mandir}/man1/sss_ssh_authorizedkeys.1*
+%{_mandir}/man1/sss_ssh_knownhostsproxy.1*
+%{_mandir}/man5/sss_rpcidmapd.5*
 %{_mandir}/man5/sssd.conf.5*
+%{_mandir}/man5/sssd-ad.5*
+%{_mandir}/man5/sssd-ifp.5*
 %{_mandir}/man5/sssd-ipa.5*
 %{_mandir}/man5/sssd-krb5.5*
 %{_mandir}/man5/sssd-ldap.5*
 %{_mandir}/man5/sssd-simple.5*
+%{_mandir}/man5/sssd-sudo.5*
+%{_mandir}/man8/sss_cache.8*
 %{_mandir}/man8/sssd.8*
-%attr(755,root,root) %{py_sitedir}/pysss.so
-%{py_sitescriptdir}/*.py[co]
-%{py_sitescriptdir}/SSSDConfig-*.egg-info
 
-%files client -f sssd_tools.lang
+%files client -f sssd_client.lang
 %defattr(644,root,root,755)
 %attr(755,root,root) /%{_lib}/libnss_sss.so.2
 %attr(755,root,root) /%{_lib}/security/pam_sss.so
-#%attr(755,root,root) %{_libdir}/krb5/plugins/libkrb5/sssd_krb5_locator_plugin.so
+%attr(755,root,root) %{_libdir}/cifs-utils/cifs_idmap_sss.so
+%if %{with krb5}
+# XXX: verify locations
+%attr(755,root,root) %{_libdir}/krb5/plugins/libkrb5/sssd_krb5_localauth_plugin.so
+%attr(755,root,root) %{_libdir}/krb5/plugins/libkrb5/sssd_krb5_locator_plugin.so
+%attr(755,root,root) %{_libdir}/krb5/plugins/libkrb5/sssd_pac_plugin.so
+%endif
 %{_mandir}/man8/pam_sss.8*
 %{_mandir}/man8/sssd_krb5_locator_plugin.8*
 
-%files tools
+%files tools -f sssd_tools.lang
 %defattr(644,root,root,755)
-%attr(755,root,root) %{_sbindir}/sss_useradd
-%attr(755,root,root) %{_sbindir}/sss_userdel
-%attr(755,root,root) %{_sbindir}/sss_usermod
+%attr(755,root,root) %{_sbindir}/sss_debuglevel
 %attr(755,root,root) %{_sbindir}/sss_groupadd
 %attr(755,root,root) %{_sbindir}/sss_groupdel
 %attr(755,root,root) %{_sbindir}/sss_groupmod
 %attr(755,root,root) %{_sbindir}/sss_groupshow
 %attr(755,root,root) %{_sbindir}/sss_obfuscate
-%attr(755,root,root) %{_sbindir}/sss_cache
+%attr(755,root,root) %{_sbindir}/sss_override
+%attr(755,root,root) %{_sbindir}/sss_seed
+%attr(755,root,root) %{_sbindir}/sss_useradd
+%attr(755,root,root) %{_sbindir}/sss_userdel
+%attr(755,root,root) %{_sbindir}/sss_usermod
+%{_mandir}/man8/sss_debuglevel.8*
 %{_mandir}/man8/sss_groupadd.8*
 %{_mandir}/man8/sss_groupdel.8*
 %{_mandir}/man8/sss_groupmod.8*
 %{_mandir}/man8/sss_groupshow.8*
+%{_mandir}/man8/sss_obfuscate.8*
+%{_mandir}/man8/sss_override.8*
+%{_mandir}/man8/sss_seed.8*
 %{_mandir}/man8/sss_useradd.8*
 %{_mandir}/man8/sss_userdel.8*
 %{_mandir}/man8/sss_usermod.8*
-%{_mandir}/man8/sss_obfuscate.8*
-%{_mandir}/man8/sss_cache.8*
+
+%if %{with python2}
+%files -n python-sss
+%defattr(644,root,root,755)
+%attr(755,root,root) %{py_sitedir}/pysss.so
+
+%files -n python-sss-murmur
+%defattr(644,root,root,755)
+%attr(755,root,root) %{py_sitedir}/pysss_murmur.so
+
+%files -n python-sssdconfig
+%defattr(644,root,root,755)
+%dir %{py_sitescriptdir}/SSSDConfig
+%{py_sitescriptdir}/SSSDConfig/*.py[co]
+%{py_sitescriptdir}/SSSDConfig-%{version}-py*.egg-info
+%endif
+
+%if %{with python3}
+%files -n python3-sss
+%defattr(644,root,root,755)
+%attr(755,root,root) %{py3_sitedir}/pysss.so
+
+%files -n python3-sss-murmur
+%defattr(644,root,root,755)
+%attr(755,root,root) %{py3_sitedir}/pysss_murmur.so
+
+%files -n python3-sssdconfig
+%defattr(644,root,root,755)
+%dir %{py3_sitescriptdir}/SSSDConfig
+%{py3_sitescriptdir}/SSSDConfig/*.py
+%{py3_sitescriptdir}/SSSDConfig/__pycache__
+%{py3_sitescriptdir}/SSSDConfig-%{version}-py*.egg-info
+%endif
+
+%files libwbclient
+%defattr(644,root,root,755)
+%attr(755,root,root) %{_libdir}/sssd/modules/libwbclient.so.*
+
+%files libwbclient-devel
+%defattr(644,root,root,755)
+%attr(755,root,root) %{_libdir}/sssd/modules/libwbclient.so
+%{_includedir}/wbclient_sssd.h
+%{_pkgconfigdir}/wbclient_sssd.pc
 
 %files -n libipa_hbac
 %defattr(644,root,root,755)
-%attr(755,root,root) %{_libdir}/libipa_hbac.so.*
+%attr(755,root,root) %{_libdir}/libipa_hbac.so.*.*.*
+%attr(755,root,root) %ghost %{_libdir}/libipa_hbac.so.0
 
 %files -n libipa_hbac-devel
 %defattr(644,root,root,755)
+%attr(755,root,root) %{_libdir}/libipa_hbac.so
 %{_includedir}/ipa_hbac.h
-%{_libdir}/libipa_hbac.so
 %{_pkgconfigdir}/ipa_hbac.pc
 
+%if %{with python2}
 %files -n python-libipa_hbac
 %defattr(644,root,root,755)
-%{py_sitedir}/pyhbac.so
+%attr(755,root,root) %{py_sitedir}/pyhbac.so
+%endif
+
+%if %{with python3}
+%files -n python3-libipa_hbac
+%defattr(644,root,root,755)
+%attr(755,root,root) %{py3_sitedir}/pyhbac.so
+%endif
+
+%files -n libsss_idmap
+%defattr(644,root,root,755)
+%attr(755,root,root) %{_libdir}/libsss_idmap.so.*.*.*
+%attr(755,root,root) %ghost %{_libdir}/libsss_idmap.so.0
+
+%files -n libsss_idmap-devel
+%defattr(644,root,root,755)
+%attr(755,root,root) %{_libdir}/libsss_idmap.so
+%{_includedir}/sss_idmap.h
+%{_pkgconfigdir}/sss_idmap.pc
+
+%files -n libsss_nss_idmap
+%defattr(644,root,root,755)
+%attr(755,root,root) %{_libdir}/libsss_nss_idmap.so.*.*.*
+%attr(755,root,root) %ghost %{_libdir}/libsss_nss_idmap.so.0
+
+%files -n libsss_nss_idmap-devel
+%defattr(644,root,root,755)
+%attr(755,root,root) %{_libdir}/libsss_nss_idmap.so
+%{_includedir}/sss_nss_idmap.h
+%{_pkgconfigdir}/sss_nss_idmap.pc
+
+%if %{with python2}
+%files -n python-libsss_nss_idmap
+%defattr(644,root,root,755)
+%attr(755,root,root) %{py_sitedir}/pysss_nss_idmap.so
+%endif
+
+%if %{with python3}
+%files -n python3-libsss_nss_idmap
+%defattr(644,root,root,755)
+%attr(755,root,root) %{py3_sitedir}/pysss_nss_idmap.so
+%endif
+
+%files -n libsss_simpleifp
+%defattr(644,root,root,755)
+%attr(755,root,root) %{_libdir}/libsss_simpleifp.so.*.*.*
+%attr(755,root,root) %ghost %{_libdir}/libsss_simpleifp.so.0
+
+%files -n libsss_simpleifp-devel
+%defattr(644,root,root,755)
+%attr(755,root,root) %{_libdir}/libsss_simpleifp.so
+%{_includedir}/sss_sifp.h
+%{_includedir}/sss_sifp_dbus.h
+%{_pkgconfigdir}/sss_simpleifp.pc