1 |
commit: 0f0647d3c7598d1fbecc0acea5832291055cdd54 |
2 |
Author: Thomas Deutschmann <whissi <AT> gentoo <DOT> org> |
3 |
AuthorDate: Fri May 14 15:05:14 2021 +0000 |
4 |
Commit: Thomas Deutschmann <whissi <AT> gentoo <DOT> org> |
5 |
CommitDate: Fri May 14 16:12:04 2021 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0f0647d3 |
7 |
|
8 |
sys-auth/sssd: bump to v2.5.0 |
9 |
|
10 |
- Depend on >=app-crypt/mit-krb5-1.19.1 for new tgt_renewal feature. |
11 |
|
12 |
Package-Manager: Portage-3.0.18, Repoman-3.0.3 |
13 |
Signed-off-by: Thomas Deutschmann <whissi <AT> gentoo.org> |
14 |
|
15 |
sys-auth/sssd/Manifest | 1 + |
16 |
sys-auth/sssd/sssd-2.5.0.ebuild | 283 ++++++++++++++++++++++++++++++++++++++++ |
17 |
2 files changed, 284 insertions(+) |
18 |
|
19 |
diff --git a/sys-auth/sssd/Manifest b/sys-auth/sssd/Manifest |
20 |
index 4ea851c7c56..7756a03ca18 100644 |
21 |
--- a/sys-auth/sssd/Manifest |
22 |
+++ b/sys-auth/sssd/Manifest |
23 |
@@ -1,3 +1,4 @@ |
24 |
DIST sssd-2.2.0.tar.gz 6642715 BLAKE2B e6c16ca69effe59769fc166c02203faee445ebe2bf551c6a1460bdee2474ccbce1a38b3aa59b1ae4a79bb170696a784b800a9299025bf6a58bc9aeb94b946338 SHA512 9ebd8784e1f0c72cb808bbc153c0b0aa9bf507938f78336a260073a89b49350dc2c6172653509738ea7a50bb9da596725e1d6c92f99c7a03308aa42f6378dbbb |
25 |
DIST sssd-2.3.1.tar.gz 7186526 BLAKE2B 6d630fe75b9b426ef54adbe1704fde8e01fc34df7861028c07ce2985db8a151ce743d633061386fea6460fe8eabb89242b816d4bac87975bb9b7b2064ad1d547 SHA512 6aeb52d5222c5992d581296996749327bcaf276e4eb4413a6a32ea6529343432cfe413006aca4245c19b38b515be1c4c2ef88a157c617d889274179253355bc6 |
26 |
DIST sssd-2.4.2.tar.gz 7402483 BLAKE2B e25fce29a7e4d544fed821c6c8238846083bd65caef5abd2944c3ac670f7b404cfcbe5321870ca9ded0c78f93f4503d61e7e5821726d1640d127bde63e2444a7 SHA512 871435cd82db38eef36988bae84a6d28220839ee16b600c3dab17523c18b295e65ff62e86c095ea67e652be661248b45720a5106e01179190ff3852b1c0e7a33 |
27 |
+DIST sssd-2.5.0.tar.gz 7474851 BLAKE2B 835ca53a7910f457666a92be62fe047dbcf52c56560dad60d6c6275dccca917b4349d053586c8c88da49f900d570c890faa7372783be35940ccd49d1fd4ec09d SHA512 80b5e81cedacdf0bbe724af20d69b918bb6cc353976c6c65421afcd5809d1723f523bc3c1be294b9e01cfda9617c2df5c6ceb007837f195eb1abc2abdab9858c |
28 |
|
29 |
diff --git a/sys-auth/sssd/sssd-2.5.0.ebuild b/sys-auth/sssd/sssd-2.5.0.ebuild |
30 |
new file mode 100644 |
31 |
index 00000000000..5589ebcb8df |
32 |
--- /dev/null |
33 |
+++ b/sys-auth/sssd/sssd-2.5.0.ebuild |
34 |
@@ -0,0 +1,283 @@ |
35 |
+# Copyright 1999-2021 Gentoo Authors |
36 |
+# Distributed under the terms of the GNU General Public License v2 |
37 |
+ |
38 |
+EAPI=7 |
39 |
+ |
40 |
+PYTHON_COMPAT=( python3_{7,8,9,10} ) |
41 |
+ |
42 |
+inherit autotools flag-o-matic linux-info multilib-minimal python-single-r1 pam systemd toolchain-funcs |
43 |
+ |
44 |
+DESCRIPTION="System Security Services Daemon provides access to identity and authentication" |
45 |
+HOMEPAGE="https://github.com/SSSD/sssd" |
46 |
+SRC_URI="https://github.com/SSSD/sssd/releases/download/${PV}/${P}.tar.gz" |
47 |
+KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86" |
48 |
+ |
49 |
+LICENSE="GPL-3" |
50 |
+SLOT="0" |
51 |
+IUSE="acl doc +locator +netlink nfsv4 nls +man pac python samba selinux sudo systemd test valgrind" |
52 |
+RESTRICT="!test? ( test )" |
53 |
+ |
54 |
+REQUIRED_USE="pac? ( samba ) |
55 |
+ python? ( ${PYTHON_REQUIRED_USE} ) |
56 |
+ test? ( sudo ) |
57 |
+ valgrind? ( test )" |
58 |
+ |
59 |
+DEPEND=" |
60 |
+ >=app-crypt/mit-krb5-1.19.1[${MULTILIB_USEDEP}] |
61 |
+ app-crypt/p11-kit |
62 |
+ >=dev-libs/ding-libs-0.2 |
63 |
+ dev-libs/glib:2 |
64 |
+ >=dev-libs/cyrus-sasl-2.1.25-r3[kerberos] |
65 |
+ >=dev-libs/libpcre-8.30:= |
66 |
+ >=dev-libs/popt-1.16 |
67 |
+ >=dev-libs/openssl-1.0.2:0= |
68 |
+ >=net-dns/bind-tools-9.9[gssapi] |
69 |
+ >=net-dns/c-ares-1.7.4 |
70 |
+ >=net-nds/openldap-2.4.30[sasl] |
71 |
+ >=sys-apps/dbus-1.6 |
72 |
+ >=sys-apps/keyutils-1.5:= |
73 |
+ >=sys-libs/pam-0-r1[${MULTILIB_USEDEP}] |
74 |
+ >=sys-libs/talloc-2.0.7 |
75 |
+ >=sys-libs/tdb-1.2.9 |
76 |
+ >=sys-libs/tevent-0.9.16 |
77 |
+ >=sys-libs/ldb-1.1.17-r1:= |
78 |
+ virtual/libintl |
79 |
+ locator? ( |
80 |
+ >=net-dns/c-ares-1.10.0-r1[${MULTILIB_USEDEP}] |
81 |
+ ) |
82 |
+ acl? ( net-fs/cifs-utils[acl] ) |
83 |
+ netlink? ( dev-libs/libnl:3 ) |
84 |
+ nfsv4? ( || ( >=net-fs/nfs-utils-2.3.1-r2 net-libs/libnfsidmap ) ) |
85 |
+ nls? ( >=sys-devel/gettext-0.18 ) |
86 |
+ pac? ( |
87 |
+ net-fs/samba |
88 |
+ ) |
89 |
+ python? ( ${PYTHON_DEPS} ) |
90 |
+ samba? ( >=net-fs/samba-4.10.2[winbind] ) |
91 |
+ selinux? ( |
92 |
+ >=sys-libs/libselinux-2.1.9 |
93 |
+ >=sys-libs/libsemanage-2.1 |
94 |
+ ) |
95 |
+ systemd? ( |
96 |
+ dev-libs/jansson:0= |
97 |
+ net-libs/http-parser:0= |
98 |
+ net-misc/curl:0= |
99 |
+ )" |
100 |
+RDEPEND="${DEPEND} |
101 |
+ >=sys-libs/glibc-2.17[nscd] |
102 |
+ selinux? ( >=sec-policy/selinux-sssd-2.20120725-r9 )" |
103 |
+BDEPEND=">=sys-devel/autoconf-2.69-r5 |
104 |
+ virtual/pkgconfig |
105 |
+ doc? ( app-doc/doxygen ) |
106 |
+ test? ( |
107 |
+ dev-libs/check |
108 |
+ dev-libs/softhsm:2 |
109 |
+ dev-util/cmocka |
110 |
+ net-libs/gnutls[pkcs11,tools] |
111 |
+ sys-libs/libfaketime |
112 |
+ sys-libs/nss_wrapper |
113 |
+ sys-libs/pam_wrapper |
114 |
+ sys-libs/uid_wrapper |
115 |
+ valgrind? ( dev-util/valgrind ) |
116 |
+ ) |
117 |
+ man? ( |
118 |
+ app-text/docbook-xml-dtd:4.4 |
119 |
+ >=dev-libs/libxslt-1.1.26 |
120 |
+ nls? ( app-text/po4a ) |
121 |
+ )" |
122 |
+ |
123 |
+CONFIG_CHECK="~KEYS" |
124 |
+ |
125 |
+MULTILIB_WRAPPED_HEADERS=( |
126 |
+ /usr/include/ipa_hbac.h |
127 |
+ /usr/include/sss_idmap.h |
128 |
+ /usr/include/sss_nss_idmap.h |
129 |
+ # --with-ifp |
130 |
+ /usr/include/sss_sifp.h |
131 |
+ /usr/include/sss_sifp_dbus.h |
132 |
+ # from 1.15.3 |
133 |
+ /usr/include/sss_certmap.h |
134 |
+) |
135 |
+ |
136 |
+pkg_setup() { |
137 |
+ linux-info_pkg_setup |
138 |
+} |
139 |
+ |
140 |
+src_prepare() { |
141 |
+ sed -i 's:/var/run:/run:' \ |
142 |
+ "${S}"/src/examples/logrotate || die |
143 |
+ |
144 |
+ default |
145 |
+ eautoreconf |
146 |
+ multilib_copy_sources |
147 |
+ if use python && multilib_is_native_abi; then |
148 |
+ python_setup |
149 |
+ fi |
150 |
+} |
151 |
+ |
152 |
+src_configure() { |
153 |
+ local native_dbus_cflags=$($(tc-getPKG_CONFIG) --cflags dbus-1) |
154 |
+ |
155 |
+ multilib-minimal_src_configure |
156 |
+} |
157 |
+ |
158 |
+multilib_src_configure() { |
159 |
+ local myconf=() |
160 |
+ |
161 |
+ myconf+=( |
162 |
+ --localstatedir="${EPREFIX}"/var |
163 |
+ --runstatedir="${EPREFIX}"/run |
164 |
+ --with-pid-path="${EPREFIX}"/run |
165 |
+ --with-plugin-path="${EPREFIX}"/usr/$(get_libdir)/sssd |
166 |
+ --enable-pammoddir="${EPREFIX}"/$(getpam_mod_dir) |
167 |
+ --with-ldb-lib-dir="${EPREFIX}"/usr/$(get_libdir)/samba/ldb |
168 |
+ --with-db-path="${EPREFIX}"/var/lib/sss/db |
169 |
+ --with-gpo-cache-path="${EPREFIX}"/var/lib/sss/gpo_cache |
170 |
+ --with-pubconf-path="${EPREFIX}"/var/lib/sss/pubconf |
171 |
+ --with-pipe-path="${EPREFIX}"/var/lib/sss/pipes |
172 |
+ --with-mcache-path="${EPREFIX}"/var/lib/sss/mc |
173 |
+ --with-secrets-db-path="${EPREFIX}"/var/lib/sss/secrets |
174 |
+ --with-log-path="${EPREFIX}"/var/log/sssd |
175 |
+ --with-os=gentoo |
176 |
+ --with-nscd="${EPREFIX}"/usr/sbin/nscd |
177 |
+ --with-unicode-lib="glib2" |
178 |
+ --disable-rpath |
179 |
+ --sbindir=/usr/sbin |
180 |
+ --enable-local-provider |
181 |
+ $(multilib_native_use_with systemd kcm) |
182 |
+ $(multilib_native_use_with systemd secrets) |
183 |
+ $(use_with samba) |
184 |
+ --with-smb-idmap-interface-version=6 |
185 |
+ $(multilib_native_use_enable acl cifs-idmap-plugin) |
186 |
+ $(multilib_native_use_with selinux) |
187 |
+ $(multilib_native_use_with selinux semanage) |
188 |
+ $(use_enable locator krb5-locator-plugin) |
189 |
+ $(use_enable pac pac-responder) |
190 |
+ $(multilib_native_use_with nfsv4 nfsv4-idmapd-plugin) |
191 |
+ $(use_enable nls) |
192 |
+ $(multilib_native_use_with netlink libnl) |
193 |
+ $(multilib_native_use_with man manpages) |
194 |
+ $(multilib_native_use_with sudo) |
195 |
+ $(multilib_native_with autofs) |
196 |
+ $(multilib_native_with ssh) |
197 |
+ $(use_enable valgrind) |
198 |
+ --without-python2-bindings |
199 |
+ $(multilib_native_use_with python python3-bindings) |
200 |
+ ) |
201 |
+ |
202 |
+ # Annoyingly configure requires that you pick systemd XOR sysv |
203 |
+ if use systemd; then |
204 |
+ myconf+=( |
205 |
+ --with-initscript="systemd" |
206 |
+ --with-systemdunitdir=$(systemd_get_systemunitdir) |
207 |
+ ) |
208 |
+ else |
209 |
+ myconf+=(--with-initscript="sysv") |
210 |
+ fi |
211 |
+ |
212 |
+ if ! multilib_is_native_abi; then |
213 |
+ # work-around all the libraries that are used for CLI and server |
214 |
+ myconf+=( |
215 |
+ {POPT,TALLOC,TDB,TEVENT,LDB}_{CFLAGS,LIBS}=' ' |
216 |
+ # ldb headers are fine since native needs it |
217 |
+ # ldb lib fails... but it does not seem to bother |
218 |
+ {DHASH,COLLECTION,INI_CONFIG_V{0,1,1_1,1_3}}_{CFLAGS,LIBS}=' ' |
219 |
+ {PCRE,CARES,SYSTEMD_LOGIN,SASL,GLIB2,DBUS,CRYPTO,P11_KIT}_{CFLAGS,LIBS}=' ' |
220 |
+ {NDR_NBT,SMBCLIENT,NDR_KRB5PAC}_{CFLAGS,LIBS}=' ' |
221 |
+ |
222 |
+ # use native include path for dbus (needed for build) |
223 |
+ DBUS_CFLAGS="${native_dbus_cflags}" |
224 |
+ |
225 |
+ # non-pkgconfig checks |
226 |
+ ac_cv_lib_ldap_ldap_search=yes |
227 |
+ --without-secrets |
228 |
+ --without-kcm |
229 |
+ ) |
230 |
+ fi |
231 |
+ |
232 |
+ econf "${myconf[@]}" |
233 |
+} |
234 |
+ |
235 |
+multilib_src_compile() { |
236 |
+ if multilib_is_native_abi; then |
237 |
+ default |
238 |
+ use doc && emake docs |
239 |
+ if use man || use nls; then |
240 |
+ emake update-po |
241 |
+ fi |
242 |
+ else |
243 |
+ emake libnss_sss.la pam_sss.la |
244 |
+ use locator && emake sssd_krb5_locator_plugin.la |
245 |
+ use pac && emake sssd_pac_plugin.la |
246 |
+ fi |
247 |
+} |
248 |
+ |
249 |
+multilib_src_install() { |
250 |
+ if multilib_is_native_abi; then |
251 |
+ emake -j1 DESTDIR="${D}" "${_at_args[@]}" install |
252 |
+ if use python; then |
253 |
+ python_optimize |
254 |
+ python_fix_shebang "${ED}" |
255 |
+ fi |
256 |
+ |
257 |
+ else |
258 |
+ # easier than playing with automake... |
259 |
+ dopammod .libs/pam_sss.so |
260 |
+ |
261 |
+ into / |
262 |
+ dolib.so .libs/libnss_sss.so* |
263 |
+ |
264 |
+ if use locator; then |
265 |
+ exeinto /usr/$(get_libdir)/krb5/plugins/libkrb5 |
266 |
+ doexe .libs/sssd_krb5_locator_plugin.so |
267 |
+ fi |
268 |
+ |
269 |
+ if use pac; then |
270 |
+ exeinto /usr/$(get_libdir)/krb5/plugins/authdata |
271 |
+ doexe .libs/sssd_pac_plugin.so |
272 |
+ fi |
273 |
+ fi |
274 |
+} |
275 |
+ |
276 |
+multilib_src_install_all() { |
277 |
+ einstalldocs |
278 |
+ find "${ED}" -type f -name '*.la' -delete || die |
279 |
+ |
280 |
+ insinto /etc/sssd |
281 |
+ insopts -m600 |
282 |
+ doins "${S}"/src/examples/sssd-example.conf |
283 |
+ |
284 |
+ insinto /etc/logrotate.d |
285 |
+ insopts -m644 |
286 |
+ newins "${S}"/src/examples/logrotate sssd |
287 |
+ |
288 |
+ newconfd "${FILESDIR}"/sssd.conf sssd |
289 |
+ |
290 |
+ keepdir /var/lib/sss/db |
291 |
+ keepdir /var/lib/sss/deskprofile |
292 |
+ keepdir /var/lib/sss/gpo_cache |
293 |
+ keepdir /var/lib/sss/keytabs |
294 |
+ keepdir /var/lib/sss/mc |
295 |
+ keepdir /var/lib/sss/pipes/private |
296 |
+ keepdir /var/lib/sss/pubconf/krb5.include.d |
297 |
+ keepdir /var/lib/sss/secrets |
298 |
+ keepdir /var/log/sssd |
299 |
+ |
300 |
+ # strip empty dirs |
301 |
+ if ! use doc ; then |
302 |
+ rm -r "${ED}"/usr/share/doc/"${PF}"/doc || die |
303 |
+ rm -r "${ED}"/usr/share/doc/"${PF}"/{hbac,idmap,nss_idmap,sss_simpleifp}_doc || die |
304 |
+ fi |
305 |
+ |
306 |
+ rm -r "${ED}"/run || die |
307 |
+} |
308 |
+ |
309 |
+multilib_src_test() { |
310 |
+ multilib_is_native_abi && emake check |
311 |
+} |
312 |
+ |
313 |
+pkg_postinst() { |
314 |
+ elog "You must set up sssd.conf (default installed into /etc/sssd)" |
315 |
+ elog "and (optionally) configuration in /etc/pam.d in order to use SSSD" |
316 |
+ elog "features. Please see howto in https://sssd.io/docs/design_pages/smartcard_authentication_require.html" |
317 |
+} |