From 66c0dc33988c28139e48e42350e194707be6c65d Mon Sep 17 00:00:00 2001 From: Jakub Bogusz Date: Wed, 29 Jun 2016 21:15:46 +0200 Subject: [PATCH] - updated heimdal patch - added python patch, package python3 modules - adjusted krb5 bcond to control heimdal vs MIT kerberos --- sssd-heimdal.patch | 62 +++++---- sssd-python.patch | 30 +++++ sssd.spec | 317 ++++++++++++++++++++++++++++++++++++--------- 3 files changed, 329 insertions(+), 80 deletions(-) create mode 100644 sssd-python.patch diff --git a/sssd-heimdal.patch b/sssd-heimdal.patch index 5218cf7..0183e87 100644 --- a/sssd-heimdal.patch +++ b/sssd-heimdal.patch @@ -680,11 +680,19 @@ index 0c6b68b..102827e 100644 krb5_free_principal(kcontext, princ); krb5_free_context(kcontext); return ret; -diff --git a/src/util/sss_krb5.c b/src/util/sss_krb5.c -index f8a7e6f..a954d10 100644 ---- a/src/util/sss_krb5.c -+++ b/src/util/sss_krb5.c -@@ -484,7 +484,9 @@ void KRB5_CALLCONV sss_krb5_get_init_cre +--- sssd-1.13.4/src/util/sss_krb5.c.orig 2016-04-13 16:48:41.000000000 +0200 ++++ sssd-1.13.4/src/util/sss_krb5.c 2016-06-28 16:50:29.169609569 +0200 +@@ -20,7 +20,9 @@ + #include + #include + #include ++#ifdef HAVE_PROFILE_H + #include ++#endif + + #include "config.h" + +@@ -485,7 +487,9 @@ void KRB5_CALLCONV sss_krb5_free_unparsed_name(krb5_context context, char *name) { @@ -695,7 +703,7 @@ index f8a7e6f..a954d10 100644 krb5_free_unparsed_name(context, name); #else if (name != NULL) { -@@ -494,6 +496,15 @@ void KRB5_CALLCONV sss_krb5_free_unparse +@@ -495,6 +499,15 @@ #endif } @@ -711,7 +719,7 @@ index f8a7e6f..a954d10 100644 krb5_error_code KRB5_CALLCONV sss_krb5_get_init_creds_opt_set_expire_callback( krb5_context context, -@@ -752,15 +763,16 @@ cleanup: +@@ -753,15 +766,16 @@ #endif /* HAVE_KRB5_UNPARSE_NAME_FLAGS */ } @@ -734,7 +742,7 @@ index f8a7e6f..a954d10 100644 #else DEBUG(SSSDBG_OP_FAILURE, "Kerberos principal canonicalization is not available!\n"); #endif -@@ -1022,7 +1034,7 @@ done: +@@ -1023,7 +1037,7 @@ KRB5_DEBUG(SSSDBG_MINOR_FAILURE, ctx, kerr); } } @@ -743,10 +751,22 @@ index f8a7e6f..a954d10 100644 return ret_ccname; #else -@@ -1069,3 +1081,44 @@ krb5_error_code sss_krb5_kt_have_content - return 0; - #endif - } +@@ -1076,6 +1090,7 @@ + + bool sss_krb5_realm_has_proxy(const char *realm) + { ++#ifdef HAVE_PROFILE_H + krb5_context context = NULL; + krb5_error_code kerr; + struct _profile_t *profile = NULL; +@@ -1128,4 +1143,48 @@ + krb5_free_context(context); + + return res; ++#else ++ return false; ++#endif ++} + +krb5_error_code KRB5_CALLCONV +sss_krb5_unparse_name_ext(krb5_context ctx, @@ -787,7 +807,7 @@ index f8a7e6f..a954d10 100644 + *microseconds = 0; + return 0; +#endif -+} + } --- sssd-1.13.4/src/util/sss_krb5.h~ 2016-05-01 12:23:18.000000000 +0300 +++ sssd-1.13.4/src/util/sss_krb5.h 2016-05-01 12:24:04.615247459 +0300 @@ -70,6 +70,8 @@ void KRB5_CALLCONV sss_krb5_get_init_cre @@ -848,15 +868,13 @@ index f8a7e6f..a954d10 100644 krb5_error_code copy_keytab_into_memory(TALLOC_CTX *mem_ctx, krb5_context kctx, char *inp_keytab_file, char **_mem_name, -#--- sssd-1.11.4/src/external/pac_responder.m4.orig 2014-02-17 19:55:32.000000000 +0100 -#+++ sssd-1.11.4/src/external/pac_responder.m4 2014-03-22 17:59:50.707675270 +0100 -#@@ -21,7 +21,8 @@ +#--- sssd-1.13.4/src/external/pac_responder.m4.orig 2016-04-13 16:48:41.000000000 +0200 +#+++ sssd-1.13.4/src/external/pac_responder.m4 2016-06-28 17:56:26.774836046 +0200 +#@@ -18,6 +18,7 @@ +# AC_MSG_CHECKING(for supported MIT krb5 version) +# KRB5_VERSION="`$KRB5_CONFIG --version`" +# case $KRB5_VERSION in +#+ heimdal\ *) | \ # Kerberos\ 5\ release\ 1.9* | \ # Kerberos\ 5\ release\ 1.10* | \ # Kerberos\ 5\ release\ 1.11* | \ -#- Kerberos\ 5\ release\ 1.12*) -#+ Kerberos\ 5\ release\ 1.12* | \ -#+ heimdal\ *) -# krb5_version_ok=yes -# AC_MSG_RESULT([yes]) -# ;; diff --git a/sssd-python.patch b/sssd-python.patch new file mode 100644 index 0000000..af3801f --- /dev/null +++ b/sssd-python.patch @@ -0,0 +1,30 @@ +--- sssd-1.13.4/Makefile.am.orig 2016-06-28 17:57:00.181321734 +0200 ++++ sssd-1.13.4/Makefile.am 2016-06-28 18:18:06.907792621 +0200 +@@ -3598,11 +3598,13 @@ + cd $(builddir)/src/config; \ + $(PYTHON2) setup.py build --build-base $(abs_builddir)/src/config \ + install $(DISTSETUPOPTS) --prefix=$(PYTHON2_PREFIX) \ ++ --install-purelib=$(python2dir) --optimize=2 \ + --record=$(abs_builddir)/src/config/.files2; \ + else \ + cd $(builddir)/src/config; \ + $(PYTHON2) setup.py build --build-base $(abs_builddir)/src/config \ + install $(DISTSETUPOPTS) --prefix=$(PYTHON2_PREFIX) \ ++ --install-purelib=$(python2dir) --optimize=2 \ + --record=$(abs_builddir)/src/config/.files2 --root=$(DESTDIR); \ + fi + cd $(DESTDIR)$(py2execdir) && \ +@@ -3616,11 +3618,13 @@ + cd $(builddir)/src/config; \ + $(PYTHON3) setup.py build --build-base $(abs_builddir)/src/config \ + install $(DISTSETUPOPTS) --prefix=$(PYTHON3_PREFIX) \ ++ --install-purelib=$(python3dir) --optimize=2 \ + --record=$(abs_builddir)/src/config/.files3; \ + else \ + cd $(builddir)/src/config; \ + $(PYTHON3) setup.py build --build-base $(abs_builddir)/src/config \ + install $(DISTSETUPOPTS) --prefix=$(PYTHON3_PREFIX) \ ++ --install-purelib=$(python3dir) --optimize=2 \ + --record=$(abs_builddir)/src/config/.files3 --root=$(DESTDIR); \ + fi + cd $(DESTDIR)$(py3execdir) && \ diff --git a/sssd.spec b/sssd.spec index 73ef7db..1182261 100644 --- a/sssd.spec +++ b/sssd.spec @@ -1,14 +1,12 @@ # TODO -# - python3 packages -# - pac-responder (currently relies on MIT krb5 >= 1.9) # - fix stripping before rpm: # *** WARNING: no sources found for /usr/lib64/libipa_hbac.so.0.0.0 (stripped without sourcefile information?) # # Conditional build: -%bcond_with tests # build with tests +%bcond_with tests # check target %bcond_without python2 # CPython 2.x module -%bcond_with python3 # CPython 3.x module -%bcond_without krb5 # Build without krb5 support +%bcond_without python3 # CPython 3.x module +%bcond_with krb5 # MIT Kerberos V instead of Heimdal (enables locator plugin, profile support and pac-responder) %define ldb_version 1.1.0 Summary: System Security Services Daemon @@ -21,6 +19,7 @@ Group: Applications/System Source0: https://fedorahosted.org/released/sssd/%{name}-%{version}.tar.gz # Source0-md5: d147e0a4f4719d993693c6a99370b350 Source1: %{name}.init +Patch0: %{name}-python.patch Patch1: %{name}-heimdal.patch Patch2: %{name}-systemd.patch Patch3: %{name}-link.patch @@ -33,52 +32,64 @@ BuildRequires: bind-utils BuildRequires: c-ares-devel BuildRequires: check-devel >= 0.9.5 BuildRequires: cifs-utils-devel -BuildRequires: cmocka-devel +%{?with_tests:BuildRequires: cmocka-devel >= 1.0.0} BuildRequires: cyrus-sasl-devel >= 2 BuildRequires: dbus-devel >= 1.0.0 BuildRequires: docbook-dtd44-xml BuildRequires: docbook-style-xsl BuildRequires: doxygen +%{?with_tests:BuildRequires: fakeroot} BuildRequires: gettext-tools >= 0.14.4 BuildRequires: glib2-devel >= 2.0 -BuildRequires: heimdal-devel +%{!?with_krb5:BuildRequires: heimdal-devel} BuildRequires: keyutils-devel +%{?with_krb5:BuildRequires: krb5-devel >= 1.9} +BuildRequires: ldb-devel >= %{ldb_version} BuildRequires: libcollection-devel >= 0.5.1 BuildRequires: libdhash-devel >= 0.4.2 -BuildRequires: libini_config-devel >= 1.0.0 -BuildRequires: ldb-devel >= %{ldb_version} +BuildRequires: libini_config-devel >= 1.1.0 BuildRequires: libltdl-devel BuildRequires: libnfsidmap-devel BuildRequires: libnl-devel >= 3.2 BuildRequires: libselinux-devel BuildRequires: libsemanage-devel +BuildRequires: libsmbclient-devel BuildRequires: libtool >= 2:2 BuildRequires: libxml2-progs BuildRequires: libxslt-progs BuildRequires: m4 BuildRequires: nspr-devel BuildRequires: nss-devel +%{?with_tests:BuildRequires: nss_wrapper} BuildRequires: openldap-devel BuildRequires: pam-devel BuildRequires: pcre-devel >= 7 BuildRequires: pkgconfig BuildRequires: po4a BuildRequires: popt-devel -BuildRequires: python-devel >= 1:2.4 +%{?with_python2:BuildRequires: python-devel >= 1:2.6} +%{?with_tests:BuildRequires: python-pytest} +%{?with_python3:BuildRequires: python3-devel >= 1:3.3} BuildRequires: rpm-pythonprov -BuildRequires: rpmbuild(macros) >= 1.228 -# pkgconfig(ndr_nbt) +BuildRequires: rpmbuild(macros) >= 1.612 +# pkgconfig(ndr_nbt), pkgconfig(ndr_krb5pac) if with krb5 BuildRequires: samba-devel >= 4 +BuildRequires: systemd-devel >= 1:209 BuildRequires: systemd-units BuildRequires: talloc-devel BuildRequires: tdb-devel >= 1.1.3 BuildRequires: tevent-devel +%{?with_tests:BuildRequires: uid_wrapper} Requires(post): /sbin/ldconfig Requires(post,preun): /sbin/chkconfig Requires: %{name}-client = %{version}-%{release} Requires: cyrus-sasl-gssapi Requires: ldb >= %{ldb_version} +Requires: libcollection >= 0.5.1 +Requires: libdhash >= 0.4.2 +Requires: libini_config >= 1.1.0 Requires: libsss_idmap = %{version}-%{release} +Requires: pcre >= 7 Requires: rc-scripts >= 0.4.0.10 Requires: tdb >= 1.1.3 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n) @@ -110,6 +121,8 @@ Summary: SSSD Client libraries for NSS and PAM Summary(pl.UTF-8): Biblioteki klienckie SSSD dla NSS i PAM License: LGPL v3+ Group: Applications/System +Requires: libsss_idmap = %{version}-%{release} +Requires: libsss_nss_idmap = %{version}-%{release} %description client Provides the libraries needed by the PAM and NSS stacks to connect to @@ -145,6 +158,108 @@ Pakiet zawiera także kilka innych narzędzi administracyjnych: - sss_seed tworzący wpis użytkownika do szybkiego rozruchu, - sss_obfuscate do generowania utajnionego hasła LDAP. +%package -n python-sss +Summary: Python 2 bindings for sssd +Summary(pl.UTF-8): Wiązania Pythona 2 do sssd +License: LGPL v3+ +Group: Libraries/Python +Requires: %{name} = %{version}-%{release} + +%description -n python-sss +Python 2 module for manipulating users, groups, and nested groups in +SSSD when using id_provider = local in /etc/sssd/sssd.conf. + +This module also provides several other useful Python 2 bindings: + - function for retrieving list of groups user belongs to. + - class for obfuscation of passwords + +%description -n python-sss -l pl.UTF-8 +Moduł Pythona 2 do operowania na użytkownikach, grupach i +zagnieżdżonych grupach w SSSD w przypadku używania id_provider = local +w /etc/sssd/sssd.conf. + +Ten moduł dostarcza także kilka innych przydatnych wiązań Pythona 2: + - funkcję do użyskiwania list grup, do których należy użytkownik, + - klasę do ukrywania haseł. + +%package -n python-sss-murmur +Summary: Python 2 bindings for murmur hash function +Summary(pl.UTF-8): Wiązania Pythona 2 do funkcji mieszającej murmur +License: LGPL v3+ +Group: Libraries/Python + +%description -n python-sss-murmur +Python 2 module for calculating the murmur hash version 3. + +%description -n python-sss-murmur -l pl.UTF-8 +Moduł Pythona 2 do obliczania skrótu murmur w wersji 3. + +%package -n python-sssdconfig +Summary: SSSD and IPA configuration file manipulation classes and functions for Python 2 +Summary(pl.UTF-8): Klasy i funkcje Pythona 2 do operowania na plikach konfiguracyjnych SSSD oraz IPA +License: GPL v3+ +Group: Libraries/Python +BuildArch: noarch + +%description -n python-sssdconfig +SSSD and IPA configuration file manipulation classes and functions for +Python 2. + +%description -n python-sssdconfig -l pl.UTF-8 +Klasy i funkcje Pythona 2 do operowania na plikach konfiguracyjnych +SSSD oraz IPA. + +%package -n python3-sss +Summary: Python 3 bindings for sssd +Summary(pl.UTF-8): Wiązania Pythona 3 do sssd +License: LGPL v3+ +Group: Libraries/Python +Requires: %{name} = %{version}-%{release} + +%description -n python3-sss +Python 3 module for manipulating users, groups, and nested groups in +SSSD when using id_provider = local in /etc/sssd/sssd.conf. + +This module also provides several other useful Python 3 bindings: + - function for retrieving list of groups user belongs to. + - class for obfuscation of passwords + +%description -n python3-sss -l pl.UTF-8 +Moduł Pythona 3 do operowania na użytkownikach, grupach i +zagnieżdżonych grupach w SSSD w przypadku używania id_provider = local +w /etc/sssd/sssd.conf. + +Ten moduł dostarcza także kilka innych przydatnych wiązań Pythona 3: + - funkcję do użyskiwania list grup, do których należy użytkownik, + - klasę do ukrywania haseł. + +%package -n python3-sss-murmur +Summary: Python 3 bindings for murmur hash function +Summary(pl.UTF-8): Wiązania Pythona 3 do funkcji mieszającej murmur +License: LGPL v3+ +Group: Libraries/Python + +%description -n python3-sss-murmur +Python 3 module for calculating the murmur hash version 3. + +%description -n python3-sss-murmur -l pl.UTF-8 +Moduł Pythona 3 do obliczania skrótu murmur w wersji 3. + +%package -n python3-sssdconfig +Summary: SSSD and IPA configuration file manipulation classes and functions for Python 3 +Summary(pl.UTF-8): Klasy i funkcje Pythona 3 do operowania na plikach konfiguracyjnych SSSD oraz IPA +License: GPL v3+ +Group: Libraries/Python +BuildArch: noarch + +%description -n python3-sssdconfig +SSSD and IPA configuration file manipulation classes and functions for +Python 3. + +%description -n python3-sssdconfig -l pl.UTF-8 +Klasy i funkcje Pythona 3 do operowania na plikach konfiguracyjnych +SSSD oraz IPA. + %package libwbclient Summary: The SSSD libwbclient implementation Summary(pl.UTF-8): Implementacja libwbclient oparta na SSSD @@ -201,8 +316,8 @@ Development files for FreeIPA HBAC Evaluator library. Pliki programistyczne biblioteki oceniająca FreeIPA HBAC. %package -n python-libipa_hbac -Summary: Python bindings for the FreeIPA HBAC Evaluator library -Summary(pl.UTF-8): Wiązania Pythona do biblioteki oceniającej FreeIPA HBAC +Summary: Python 2 bindings for the FreeIPA HBAC Evaluator library +Summary(pl.UTF-8): Wiązania Pythona 2 do biblioteki oceniającej FreeIPA HBAC License: LGPL v3+ Group: Libraries/Python Requires: libipa_hbac = %{version}-%{release} @@ -210,11 +325,26 @@ Obsoletes: libipa_hbac-python %description -n python-libipa_hbac This package contains the bindings so that libipa_hbac can be used by -Python applications. +Python 2 applications. %description -n python-libipa_hbac -l pl.UTF-8 Ten pakiet zawiera wiązania pozwalające na używanie libipa_hbac w -aplikacjach Pythona. +aplikacjach Pythona 2. + +%package -n python3-libipa_hbac +Summary: Python 3 bindings for the FreeIPA HBAC Evaluator library +Summary(pl.UTF-8): Wiązania Pythona 3 do biblioteki oceniającej FreeIPA HBAC +License: LGPL v3+ +Group: Libraries/Python +Requires: libipa_hbac = %{version}-%{release} + +%description -n python3-libipa_hbac +This package contains the bindings so that libipa_hbac can be used by +Python 3 applications. + +%description -n python3-libipa_hbac -l pl.UTF-8 +Ten pakiet zawiera wiązania pozwalające na używanie libipa_hbac w +aplikacjach Pythona 3. %package -n libsss_idmap Summary: FreeIPA Idmap library @@ -267,19 +397,34 @@ Development files for sss_nss_idmap library. Pliki programistyczne biblioteki sss_nss_idmap. %package -n python-libsss_nss_idmap -Summary: Python bindings for libsss_nss_idmap -Summary(pl.UTF-8): Wiązania Pythona do biblioteki libsss_nss_idmap +Summary: Python 2 bindings for libsss_nss_idmap +Summary(pl.UTF-8): Wiązania Pythona 2 do biblioteki libsss_nss_idmap Group: Libraries/Python License: LGPL v3+ Requires: libsss_nss_idmap = %{version}-%{release} %description -n python-libsss_nss_idmap This package contains the bindings so that libsss_nss_idmap can be -used by Python applications. +used by Python 2 applications. %description -n python-libsss_nss_idmap -l pl.UTF-8 Ten pakiet zawiera wiązania umożliwiające korzystanie z biblioteki -libsss_nss_idmap w aplikacjach Pythona. +libsss_nss_idmap w aplikacjach Pythona 2. + +%package -n python3-libsss_nss_idmap +Summary: Python 3 bindings for libsss_nss_idmap +Summary(pl.UTF-8): Wiązania Pythona 3 do biblioteki libsss_nss_idmap +Group: Libraries/Python +License: LGPL v3+ +Requires: libsss_nss_idmap = %{version}-%{release} + +%description -n python3-libsss_nss_idmap +This package contains the bindings so that libsss_nss_idmap can be +used by Python 3 applications. + +%description -n python3-libsss_nss_idmap -l pl.UTF-8 +Ten pakiet zawiera wiązania umożliwiające korzystanie z biblioteki +libsss_nss_idmap w aplikacjach Pythona 3. %package -n libsss_simpleifp Summary: A library that simplifies work with the InfoPipe responder @@ -310,6 +455,7 @@ Pliki nagłówkowe biblioteki libsss_simpleifp. %prep %setup -q +%patch0 -p1 %patch1 -p1 %patch2 -p1 %patch3 -p1 @@ -317,14 +463,15 @@ Pliki nagłówkowe biblioteki libsss_simpleifp. %build %{__libtoolize} %{__gettextize} -%{__aclocal} -%{__automake} +%{__aclocal} -I m4 %{__autoconf} -#CFLAGS="-Wno-deprecated-declarations" +%{__automake} %configure \ NSCD=/usr/sbin/nscd \ + %{!?with_krb5:--disable-krb5-locator-plugin} \ --enable-nfsidmaplibdir=/%{_lib}/libnfsidmap \ --enable-nsslibdir=/%{_lib} \ + %{!?with_krb5:--disable-pac-responder} \ --enable-pammoddir=/%{_lib}/security \ --disable-rpath \ --with-db-path=%{dbpath} \ @@ -332,12 +479,9 @@ Pliki nagłówkowe biblioteki libsss_simpleifp. --with-initscript=sysv,systemd \ --with-pipe-path=%{pipepath} \ --with-pubconf-path=%{pubconfpath} \ - --with%{!?with_python2:out}-python2-bindings \ - --with%{!?with_python3:out}-python3-bindings \ + --with-python2-bindings%{!?with_python2:=no} \ + --with-python3-bindings%{!?with_python3:=no} \ --with-systemdunitdir=%{systemdunitdir} \ -%if %{without krb5} - --disable-krb5-locator-plugin \ -%endif --with-test-dir=/dev/shm %{__make} @@ -350,8 +494,10 @@ unset CK_TIMEOUT_MULTIPLIER %install rm -rf $RPM_BUILD_ROOT -%{__make} install \ - DESTDIR=$RPM_BUILD_ROOT + +%{__make} -j1 install \ + DESTDIR=$RPM_BUILD_ROOT \ + python3dir=%{py3_sitescriptdir} # Prepare language files %find_lang %{name} @@ -368,12 +514,6 @@ cp -p src/examples/logrotate $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/sssd install -d $RPM_BUILD_ROOT%{_sysconfdir}/rwtab.d cp -p src/examples/rwtab $RPM_BUILD_ROOT%{_sysconfdir}/rwtab.d/sssd -%py_ocomp $RPM_BUILD_ROOT%{py_sitedir} -%py_comp $RPM_BUILD_ROOT%{py_sitedir} -%py_ocomp $RPM_BUILD_ROOT%{py_sitescriptdir} -%py_comp $RPM_BUILD_ROOT%{py_sitescriptdir} -%py_postclean - # Remove .la files created by libtool %{__rm} \ $RPM_BUILD_ROOT/%{_lib}/libnss_sss.la \ @@ -381,11 +521,17 @@ cp -p src/examples/rwtab $RPM_BUILD_ROOT%{_sysconfdir}/rwtab.d/sssd $RPM_BUILD_ROOT/%{_lib}/security/pam_sss.la \ $RPM_BUILD_ROOT%{ldb_modulesdir}/memberof.la \ $RPM_BUILD_ROOT%{_libdir}/cifs-utils/*.la \ - $RPM_BUILD_ROOT%{_libdir}/krb5/plugins/libkrb5/sss*.la \ + %{?with_krb5:$RPM_BUILD_ROOT%{_libdir}/krb5/plugins/libkrb5/sss*.la} \ $RPM_BUILD_ROOT%{_libdir}/sssd/libsss_*.la \ $RPM_BUILD_ROOT%{_libdir}/sssd/modules/lib*.la \ - $RPM_BUILD_ROOT%{_libdir}/lib*.la \ - $RPM_BUILD_ROOT%{py_sitedir}/*.la + $RPM_BUILD_ROOT%{_libdir}/lib*.la +%if %{with python2} +%{__rm} $RPM_BUILD_ROOT%{py_sitedir}/*.la +%py_postclean +%endif +%if %{with python3} +%{__rm} $RPM_BUILD_ROOT%{py3_sitedir}/*.la +%endif install -p %{SOURCE1} $RPM_BUILD_ROOT/etc/rc.d/init.d/%{name} @@ -443,14 +589,16 @@ fi %attr(755,root,root) %{_bindir}/sss_ssh_knownhostsproxy %attr(755,root,root) %{_sbindir}/sss_cache %attr(755,root,root) %{_sbindir}/sssd +# sudo plugin %attr(755,root,root) %{_libdir}/libsss_sudo.so %dir %{_libdir}/sssd # internal shared libraries -%attr(755,root,root) %{_libdir}/sssd/libsss_ad_common.so +%attr(755,root,root) %{_libdir}/sssd/libsss_cert.so %attr(755,root,root) %{_libdir}/sssd/libsss_child.so %attr(755,root,root) %{_libdir}/sssd/libsss_config.so %attr(755,root,root) %{_libdir}/sssd/libsss_crypt.so %attr(755,root,root) %{_libdir}/sssd/libsss_debug.so +%attr(755,root,root) %{_libdir}/sssd/libsss_krb5_common.so %attr(755,root,root) %{_libdir}/sssd/libsss_ldap_common.so %attr(755,root,root) %{_libdir}/sssd/libsss_semanage.so %attr(755,root,root) %{_libdir}/sssd/libsss_util.so @@ -459,7 +607,6 @@ fi %attr(755,root,root) %{_libdir}/sssd/libsss_ad.so %attr(755,root,root) %{_libdir}/sssd/libsss_ipa.so %attr(755,root,root) %{_libdir}/sssd/libsss_krb5.so -%attr(755,root,root) %{_libdir}/sssd/libsss_krb5_common.so %attr(755,root,root) %{_libdir}/sssd/libsss_ldap.so %attr(755,root,root) %{_libdir}/sssd/libsss_proxy.so %dir %{_libdir}/sssd/modules @@ -470,6 +617,7 @@ fi %attr(755,root,root) %{_libexecdir}/sssd/gpo_child %attr(755,root,root) %{_libexecdir}/sssd/krb5_child %attr(755,root,root) %{_libexecdir}/sssd/ldap_child +%attr(755,root,root) %{_libexecdir}/sssd/p11_child %attr(755,root,root) %{_libexecdir}/sssd/proxy_child %attr(755,root,root) %{_libexecdir}/sssd/selinux_child %attr(755,root,root) %{_libexecdir}/sssd/sss_signal @@ -477,6 +625,9 @@ fi %attr(755,root,root) %{_libexecdir}/sssd/sssd_be %attr(755,root,root) %{_libexecdir}/sssd/sssd_ifp %attr(755,root,root) %{_libexecdir}/sssd/sssd_nss +%if %{with krb5} +%attr(755,root,root) %{_libexecdir}/sssd/sssd_pac +%endif %attr(755,root,root) %{_libexecdir}/sssd/sssd_pam %attr(755,root,root) %{_libexecdir}/sssd/sssd_ssh %attr(755,root,root) %{_libexecdir}/sssd/sssd_sudo @@ -519,19 +670,18 @@ fi %{_mandir}/man5/sssd-sudo.5* %{_mandir}/man8/sss_cache.8* %{_mandir}/man8/sssd.8* -%attr(755,root,root) %{py_sitedir}/pysss.so -%attr(755,root,root) %{py_sitedir}/pysss_murmur.so -%dir %{py_sitescriptdir}/SSSDConfig -%{py_sitescriptdir}/SSSDConfig/*.py[co] -%{py_sitescriptdir}/SSSDConfig-%{version}-py*.egg-info %files client -f sssd_client.lang %defattr(644,root,root,755) %attr(755,root,root) /%{_lib}/libnss_sss.so.2 %attr(755,root,root) /%{_lib}/security/pam_sss.so %attr(755,root,root) %{_libdir}/cifs-utils/cifs_idmap_sss.so -# FIXME: is it proper path for heimdal? where to package parent dirs? -#%attr(755,root,root) %{_libdir}/krb5/plugins/libkrb5/sssd_krb5_locator_plugin.so +%if %{with krb5} +# XXX: verify locations +%attr(755,root,root) %{_libdir}/krb5/plugins/libkrb5/sssd_krb5_localauth_plugin.so +%attr(755,root,root) %{_libdir}/krb5/plugins/libkrb5/sssd_krb5_locator_plugin.so +%attr(755,root,root) %{_libdir}/krb5/plugins/libkrb5/sssd_pac_plugin.so +%endif %{_mandir}/man8/pam_sss.8* %{_mandir}/man8/sssd_krb5_locator_plugin.8* @@ -543,6 +693,7 @@ fi %attr(755,root,root) %{_sbindir}/sss_groupmod %attr(755,root,root) %{_sbindir}/sss_groupshow %attr(755,root,root) %{_sbindir}/sss_obfuscate +%attr(755,root,root) %{_sbindir}/sss_override %attr(755,root,root) %{_sbindir}/sss_seed %attr(755,root,root) %{_sbindir}/sss_useradd %attr(755,root,root) %{_sbindir}/sss_userdel @@ -553,11 +704,55 @@ fi %{_mandir}/man8/sss_groupmod.8* %{_mandir}/man8/sss_groupshow.8* %{_mandir}/man8/sss_obfuscate.8* +%{_mandir}/man8/sss_override.8* %{_mandir}/man8/sss_seed.8* %{_mandir}/man8/sss_useradd.8* %{_mandir}/man8/sss_userdel.8* %{_mandir}/man8/sss_usermod.8* +%if %{with python2} +%files -n python-sss +%defattr(644,root,root,755) +%attr(755,root,root) %{py_sitedir}/pysss.so + +%files -n python-sss-murmur +%defattr(644,root,root,755) +%attr(755,root,root) %{py_sitedir}/pysss_murmur.so + +%files -n python-sssdconfig +%defattr(644,root,root,755) +%dir %{py_sitescriptdir}/SSSDConfig +%{py_sitescriptdir}/SSSDConfig/*.py[co] +%{py_sitescriptdir}/SSSDConfig-%{version}-py*.egg-info +%endif + +%if %{with python3} +%files -n python3-sss +%defattr(644,root,root,755) +%attr(755,root,root) %{py3_sitedir}/pysss.so + +%files -n python3-sss-murmur +%defattr(644,root,root,755) +%attr(755,root,root) %{py3_sitedir}/pysss_murmur.so + +%files -n python3-sssdconfig +%defattr(644,root,root,755) +%dir %{py3_sitescriptdir}/SSSDConfig +%{py3_sitescriptdir}/SSSDConfig/*.py +%{py3_sitescriptdir}/SSSDConfig/__pycache__ +%{py3_sitescriptdir}/SSSDConfig-%{version}-py*.egg-info +%endif + +%files libwbclient +%defattr(644,root,root,755) +%attr(755,root,root) %{_libdir}/sssd/modules/libwbclient.so.* + +%files libwbclient-devel +%defattr(644,root,root,755) +%attr(755,root,root) %{_libdir}/sssd/modules/libwbclient.so +%{_includedir}/wbclient_sssd.h +%{_pkgconfigdir}/wbclient_sssd.pc + %files -n libipa_hbac %defattr(644,root,root,755) %attr(755,root,root) %{_libdir}/libipa_hbac.so.*.*.* @@ -569,9 +764,17 @@ fi %{_includedir}/ipa_hbac.h %{_pkgconfigdir}/ipa_hbac.pc +%if %{with python2} %files -n python-libipa_hbac %defattr(644,root,root,755) %attr(755,root,root) %{py_sitedir}/pyhbac.so +%endif + +%if %{with python3} +%files -n python3-libipa_hbac +%defattr(644,root,root,755) +%attr(755,root,root) %{py3_sitedir}/pyhbac.so +%endif %files -n libsss_idmap %defattr(644,root,root,755) @@ -595,9 +798,17 @@ fi %{_includedir}/sss_nss_idmap.h %{_pkgconfigdir}/sss_nss_idmap.pc +%if %{with python2} %files -n python-libsss_nss_idmap %defattr(644,root,root,755) %attr(755,root,root) %{py_sitedir}/pysss_nss_idmap.so +%endif + +%if %{with python3} +%files -n python3-libsss_nss_idmap +%defattr(644,root,root,755) +%attr(755,root,root) %{py3_sitedir}/pysss_nss_idmap.so +%endif %files -n libsss_simpleifp %defattr(644,root,root,755) @@ -610,13 +821,3 @@ fi %{_includedir}/sss_sifp.h %{_includedir}/sss_sifp_dbus.h %{_pkgconfigdir}/sss_simpleifp.pc - -%files libwbclient -%defattr(644,root,root,755) -%attr(755,root,root) %{_libdir}/sssd/modules/libwbclient.so.* - -%files libwbclient-devel -%defattr(644,root,root,755) -%attr(755,root,root) %{_libdir}/sssd/modules/libwbclient.so -%{_includedir}/wbclient_sssd.h -%{_pkgconfigdir}/wbclient_sssd.pc -- 2.43.0