diff options
Diffstat (limited to 'sys-auth')
| -rw-r--r-- | sys-auth/Manifest.gz | bin | 9095 -> 9095 bytes | |||
| -rw-r--r-- | sys-auth/sssd/Manifest | 7 | ||||
| -rw-r--r-- | sys-auth/sssd/files/sssd-2.10.0-build-remove-superfluous-WITH_IFP-leftover.patch | 33 | ||||
| -rw-r--r-- | sys-auth/sssd/files/sssd-2.10.0-build-stop-overriding-CFLAGS.patch | 136 | ||||
| -rw-r--r-- | sys-auth/sssd/files/sssd-2.10.0_beta2-fix-systemd-systemconfdir.patch | 22 | ||||
| -rw-r--r-- | sys-auth/sssd/metadata.xml | 1 | ||||
| -rw-r--r-- | sys-auth/sssd/sssd-2.10.0.ebuild | 371 |
7 files changed, 569 insertions, 1 deletions
diff --git a/sys-auth/Manifest.gz b/sys-auth/Manifest.gz Binary files differindex 58da54f97d6c..349990fc6f6a 100644 --- a/sys-auth/Manifest.gz +++ b/sys-auth/Manifest.gz diff --git a/sys-auth/sssd/Manifest b/sys-auth/sssd/Manifest index 0bd75c714793..ea8c21b70ae3 100644 --- a/sys-auth/sssd/Manifest +++ b/sys-auth/sssd/Manifest @@ -1,7 +1,12 @@ +AUX sssd-2.10.0-build-remove-superfluous-WITH_IFP-leftover.patch 714 BLAKE2B 713faf83cc99f39462c5a46cf6d07161d2a35bcb4c637cb9ce6c4995efb389a8948593eed15502c6056b7143c078451025a41e87ed509934a2b59d599328444b SHA512 d3c8c000bccd3d12f778944b241a5b053d0bc2e2712cffb45728c9a8b2413bcda3fb64ef53a56b75300027359905666e5462580006e850121d8796d63321f378 +AUX sssd-2.10.0-build-stop-overriding-CFLAGS.patch 4984 BLAKE2B 8a2ac35712d03fc1f34b0e0536c698d6bdfbb3916180854b9ecdb927aa8dd8ecfce56d6f6d1cd1e2c4295ce2d77de673478c2f082a704ed182a3af8cf502443c SHA512 5a9d5245f668cb8da63ea6a68ad5decdf6f8b4c1c61dc6e3d754aa4471a76c0e375b003ca28890b1b7d42d6dd08d8104b06851dd137d1b5532de271ec1423f11 +AUX sssd-2.10.0_beta2-fix-systemd-systemconfdir.patch 920 BLAKE2B cda41cc9f381ad5040153eb6f5393bb7f568a08a036e37ee40a86e442ec8addfb459d01314518eb27e593682effb0186445048c899421d1d0bbe33d37666e8ed SHA512 a6009b99778505633fe2fc7b3f48ae1e87a4fa4ae123020049471d4b2e5e9814d848268ce3d969156d7aa2829c5f020bf669dedd466c7ac2eae0db63bf6e0ad0 AUX sssd-2.8.2-krb5_pw_locked.patch 453 BLAKE2B 7aed1dd32f0743381b704444ac36dcffa76535d58cd39d307d370290b9b5ad634ef9b90f4d076c7b91b41113792b0d24cf04b63bcd1e1220aa3e790f9c9a23c0 SHA512 e3c210032d6f65ebffa14aa7c398ca929b7bb17d9aa9ef30c2a1522311bc0bf278214d008d7dbac47e8565245b35e00f7143f5c7d0d24f99d64a92486ec50e45 AUX sssd-2.9.1-conditional-python-install.patch 533 BLAKE2B ce076e4e00bd1b3e8a18427fde385b6a65fbbc65f28a542f575d3b77b8e7d277ebc829a7d43fdbced51475b69553de4fd6e564d52d06c6a83edcae7fa8a2a53a SHA512 4348577c16ab96717e0b92dcae00e955e76e9be6c58a6f6c4435f2315c8393336396e7a0ccdd05f50b97233a956ef674fd64589780500159748ac47c65edb623 AUX sssd.conf 124 BLAKE2B b6f9c016a014510f97b036d23d5f50e1e13085220fe82b0e6ef7a3ceeb114e59af935f39e66e4ad60a46f43983930e5d381b16b0ed31ba4349abe38c4b509367 SHA512 f16908c44b213edbf6b0c6e8d49df92e8c06fc623279037074fe51e49b8aca7dc18f5ed83f71909fc8209df80dfc150583edb1687f88e61588bdf9d1fbf6ed5a +DIST sssd-2.10.0.tar.gz 9177851 BLAKE2B 027a1b9c38841427089d93ff9d8e424c7c1bf9433eea0033ce77a8c13fd1ac65de975a0ab747e1f08a6f9c4253599ed12e8cc364f0db442019603ab1c1932128 SHA512 d237ff135fb21bcd1040787d6dfe8fa383290fbae1f15c6917284beb38dd95ecf6418335302e26be40c65e44e8b44135499eec0b98119ea53a38098ac0bc1e2c DIST sssd-2.9.5.tar.gz 8001964 BLAKE2B e9c839e58fbeac9e8cba83b726f075c5db6ce85059546d745672c222b594f4aa26ad103f0eb3a8ff9e2b364c3502fb93c639fe9e621fefd6fecd2319f5cb499a SHA512 d219f12ffc75af233f0e4ffc62c0442acc6da3cd94ed4eab7102a78821af5257c8e4ba0d06b2c99c08e06502f8d0d0bcc80540d63823dbe0f52eb0432ae7e14d +EBUILD sssd-2.10.0.ebuild 9509 BLAKE2B 3726e4cc113743ea609f15a391c794a190174c4a696e97fd342de730b1e4ce9c602395e5125b9d91498c6cd0c4af2a1473c3f0c9a02a5cecc898efe597071c94 SHA512 3e6182f066cc1a50e5b5ac6938c005431cd5f9830a248e79322fa1c460c58f62711744db117eb125720888bf012d62df251e39688607feef14ab349119b541f3 EBUILD sssd-2.9.5-r2.ebuild 8539 BLAKE2B bc11c907352862078b39bf8f83e314864f262074b9fd47ac785835ee0220ade68dfb502cffc9fbedafb7fbd29d20fcff3d9aac179b1bd772d6f2d1b7529ac496 SHA512 fb8615e7ff5c79da4aba30f838976cc24effbcbd706ac6ff21b2060b30dfbe7743fd4da5fe6516097f96749b6bdf29c0bba584be605d1d30c71191281e1912b4 EBUILD sssd-2.9.5.ebuild 8443 BLAKE2B 4053db31c371e80684619b56fb178e2e9bd391450cb4f5ce1b15cc4ed853119d5d869269ffa55eb2ed48cb6d170b9fcba0cef7c0a88b500445be31d597244828 SHA512 b915e3d8a7ffd2b01a88d845a0a58f2dd0566c8872ed2f15ff22d959e028ae68c7c934165d49f03daaf635cc72fac6dfd54d834c0088d5622f8d293f70492a16 -MISC metadata.xml 1267 BLAKE2B 6476e67ddb1c7c8153faba317331499bc918393b02ce7c6e91685e29b514f8ea28836928e3faf1095896577b9b29045fe1b3191a7790495d0080d33288a42b5a SHA512 54a8cd9fb1c3c57b20deb779dfb9fa9377986d8c9ecda4f009b1643210683163456aa6562ed5f9a58232b90bed5cefbeeb4ee762d32a5ee5e3db0d95c3e0d37c +MISC metadata.xml 1329 BLAKE2B 7334d67b5d95f8f814adee9e0b73ff6913090eebf5d3f975fba26230323c36840eb1d8b36c868cc27e8b5420affc406817e0b9a43419d6bedb695c3121410a47 SHA512 80beda37620bf5597c4c4b99ae30ba938e45b370fb52f90909ae02d2b88488ae66065d3d61a5d475f5cec0f5c36ce99cc81548302190a9b62ca9d1441ca9f15f diff --git a/sys-auth/sssd/files/sssd-2.10.0-build-remove-superfluous-WITH_IFP-leftover.patch b/sys-auth/sssd/files/sssd-2.10.0-build-remove-superfluous-WITH_IFP-leftover.patch new file mode 100644 index 000000000000..d38fa1989d29 --- /dev/null +++ b/sys-auth/sssd/files/sssd-2.10.0-build-remove-superfluous-WITH_IFP-leftover.patch @@ -0,0 +1,33 @@ +From 3476355e8368358f6bc17ec93fb057b739094c3a Mon Sep 17 00:00:00 2001 +From: Jan Engelhardt <jengelh@inai.de> +Date: Fri, 18 Oct 2024 12:37:01 +0200 +Subject: [PATCH 1/2] build: remove superfluous WITH_IFP leftover + +``` +$ autoreconf && configure +... +./configure: line 18674: WITH_IFP: command not found +``` + +Fixes: 2.10.0-beta2-63-ge5140ab08 + +Reviewed-by: Alexey Tikhonov <atikhono@redhat.com> +--- + configure.ac | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/configure.ac b/configure.ac +index 380c16ba8..b5222ae97 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -187,7 +187,6 @@ WITH_SUBID_LIB_PATH + WITH_PASSKEY + WITH_SSH + WITH_SSH_KNOWN_HOSTS_PROXY +-WITH_IFP + WITH_LIBSIFP + WITH_SYSLOG + WITH_SAMBA +-- +2.45.2 + diff --git a/sys-auth/sssd/files/sssd-2.10.0-build-stop-overriding-CFLAGS.patch b/sys-auth/sssd/files/sssd-2.10.0-build-stop-overriding-CFLAGS.patch new file mode 100644 index 000000000000..4545ed20f840 --- /dev/null +++ b/sys-auth/sssd/files/sssd-2.10.0-build-stop-overriding-CFLAGS.patch @@ -0,0 +1,136 @@ +From c0b28db6f9ca33ebe11434c84c37e34ddb047280 Mon Sep 17 00:00:00 2001 +From: Jan Engelhardt <jengelh@inai.de> +Date: Fri, 18 Oct 2024 12:46:28 +0200 +Subject: [PATCH 2/2] build: stop overriding CFLAGS +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +CFLAGS is reserved for the user. configure must finish in an +idempotent state and not touch it, pursuant to automake.info §3.6 +"Variables reserved for the user". + +Observed: + +``` +$ ./configure && make CFLAGS=-O1 +… +libtool: compile: gcc -DHAVE_CONFIG_H -I. -Wall -I.. +-I./src/sss_client -I./src -I. -I/usr/include/samba-4.0 +-I/usr/include/dbus-1.0 -I/usr/lib64/dbus-1.0/include +-I/usr/include/libnl3 -DLIBDIR=\"/usr/local/lib\" +-DVARDIR=\"/usr/local/var\" -DRUNDIR=\"/usr/local/var/run\" +-DSSS_STATEDIR=\"/usr/local/var/lib/sss\" +-DSYSCONFDIR=\"/usr/local/etc\" -DSHLIBEXT=\"\" +-DSSSDDATADIR=\"/usr/local/share/sssd\" +-DSSSD_LIBEXEC_PATH=\"/usr/local/libexec/sssd\" +-DSSSD_CONF_DIR=\"/usr/local/etc/sssd\" +-DSSS_NSS_MCACHE_DIR=\"/usr/local/var/lib/sss/mc\" +-DSSS_NSS_SOCKET_NAME=\"/usr/local/var/lib/sss/pipes/nss\" +-DSSS_PAM_SOCKET_NAME=\"/usr/local/var/lib/sss/pipes/pam\" +-DSSS_PAC_SOCKET_NAME=\"/usr/local/var/lib/sss/pipes/pac\" +-DSSS_SUDO_SOCKET_NAME=\"/usr/local/var/lib/sss/pipes/sudo\" +-DSSS_AUTOFS_SOCKET_NAME=\"/usr/local/var/lib/sss/pipes/autofs\" +-DSSS_SSH_SOCKET_NAME=\"/usr/local/var/lib/sss/pipes/ssh\" +-DLOCALEDIR=\"/usr/local/share/locale\" +-DBASE_FILE_STEM=\"libsss_util_la-sysdb_ops\" -Wall -Wshadow +-Wstrict-prototypes -Wpointer-arith -Wcast-qual -Wcast-align +-Wwrite-strings -Wundef -Werror-implicit-function-declaration +-Winit-self -Wmissing-include-dirs -fno-strict-aliasing -std=gnu99 +-O1 -MT src/db/libsss_util_la-sysdb_ops.lo -MD -MP -MF +src/db/.deps/libsss_util_la-sysdb_ops.Tpo -c src/db/sysdb_ops.c -fPIC +-DPIC -o src/db/.libs/libsss_util_la-sysdb_ops.o +``` + +Expected: + +``` +libtool: compile: gcc -DHAVE_CONFIG_H -I. -Wall -I.. +-I./src/sss_client -I./src -I. -I/usr/include/samba-4.0 +-I/usr/include/dbus-1.0 -I/usr/lib64/dbus-1.0/include +-I/usr/include/libnl3 -DLIBDIR=\"/usr/local/lib\" +-DVARDIR=\"/usr/local/var\" -DRUNDIR=\"/usr/local/var/run\" +-DSSS_STATEDIR=\"/usr/local/var/lib/sss\" +-DSYSCONFDIR=\"/usr/local/etc\" -DSHLIBEXT=\"\" +-DSSSDDATADIR=\"/usr/local/share/sssd\" +-DSSSD_LIBEXEC_PATH=\"/usr/local/libexec/sssd\" +-DSSSD_CONF_DIR=\"/usr/local/etc/sssd\" +-DSSS_NSS_MCACHE_DIR=\"/usr/local/var/lib/sss/mc\" +-DSSS_NSS_SOCKET_NAME=\"/usr/local/var/lib/sss/pipes/nss\" +-DSSS_PAM_SOCKET_NAME=\"/usr/local/var/lib/sss/pipes/pam\" +-DSSS_PAC_SOCKET_NAME=\"/usr/local/var/lib/sss/pipes/pac\" +-DSSS_SUDO_SOCKET_NAME=\"/usr/local/var/lib/sss/pipes/sudo\" +-DSSS_AUTOFS_SOCKET_NAME=\"/usr/local/var/lib/sss/pipes/autofs\" +-DSSS_SSH_SOCKET_NAME=\"/usr/local/var/lib/sss/pipes/ssh\" +-DLOCALEDIR=\"/usr/local/share/locale\" +-DBASE_FILE_STEM=\"libsss_util_la-sysdb_ops\" -Wall -Wshadow +-Wstrict-prototypes -Wpointer-arith -Wcast-qual -Wcast-align +-Wwrite-strings -Wundef -Werror-implicit-function-declaration +-Winit-self -Wmissing-include-dirs -fno-strict-aliasing -std=gnu99 +-O1 -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE +-MT src/db/libsss_util_la-sysdb_ops.lo -MD -MP -MF +src/db/.deps/libsss_util_la-sysdb_ops.Tpo -c +``` + +Fixes: sssd-1_3_0-3-g551aa6c36 + +Reviewed-by: Iker Pedrosa <ipedrosa@redhat.com> +Reviewed-by: Pavel Březina <pbrezina@redhat.com> +--- + Makefile.am | 2 +- + configure.ac | 3 ++- + src/tests/cwrap/Makefile.am | 1 + + src/tests/intg/Makefile.am | 1 + + 4 files changed, 5 insertions(+), 2 deletions(-) + +diff --git a/Makefile.am b/Makefile.am +index 839b25eae..93c7ce088 100644 +--- a/Makefile.am ++++ b/Makefile.am +@@ -137,7 +137,7 @@ ifp_non_root_owner_policy = + endif + + +-AM_CFLAGS = ++AM_CFLAGS = $(my_CFLAGS) + if WANT_AUX_INFO + AM_CFLAGS += -aux-info $@.X + endif +diff --git a/configure.ac b/configure.ac +index b5222ae97..bf172e2ec 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -11,7 +11,8 @@ m4_ifdef([AC_USE_SYSTEM_EXTENSIONS], + [AC_USE_SYSTEM_EXTENSIONS], + [AC_GNU_SOURCE]) + +-CFLAGS="$CFLAGS -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE" ++my_CFLAGS="-D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE" ++AC_SUBST([my_CFLAGS]) + + + AM_INIT_AUTOMAKE([-Wall -Wno-portability foreign subdir-objects tar-pax +diff --git a/src/tests/cwrap/Makefile.am b/src/tests/cwrap/Makefile.am +index 797d9e640..653687d24 100644 +--- a/src/tests/cwrap/Makefile.am ++++ b/src/tests/cwrap/Makefile.am +@@ -22,6 +22,7 @@ AM_CPPFLAGS = \ + $(OPENLDAP_CFLAGS) \ + $(GLIB2_CFLAGS) \ + $(NULL) ++AM_CFLAGS = $(my_CFLAGS) + + TESTS_ENVIRONMENT = \ + CWRAP_TEST_SRCDIR=$(abs_srcdir) \ +diff --git a/src/tests/intg/Makefile.am b/src/tests/intg/Makefile.am +index 802cbe18b..e2f8066a8 100644 +--- a/src/tests/intg/Makefile.am ++++ b/src/tests/intg/Makefile.am +@@ -1,3 +1,4 @@ ++AM_CFLAGS = $(my_CFLAGS) + dist_noinst_DATA = \ + __init__.py \ + config.py.m4 \ +-- +2.45.2 + diff --git a/sys-auth/sssd/files/sssd-2.10.0_beta2-fix-systemd-systemconfdir.patch b/sys-auth/sssd/files/sssd-2.10.0_beta2-fix-systemd-systemconfdir.patch new file mode 100644 index 000000000000..9959199d223b --- /dev/null +++ b/sys-auth/sssd/files/sssd-2.10.0_beta2-fix-systemd-systemconfdir.patch @@ -0,0 +1,22 @@ +diff --git a/src/conf_macros.m4 b/src/conf_macros.m4 +index c0efc3ad1..07fef0c1a 100644 +--- a/src/conf_macros.m4 ++++ b/src/conf_macros.m4 +@@ -227,14 +227,14 @@ AC_DEFUN([WITH_SYSTEMD_CONF_DIR], + if test x"$with_systemdconfdir" != x; then + systemdconfdir=$with_systemdconfdir + else +- pkgconfigdir=${prefix}$($PKG_CONFIG --variable=systemdsystemconfdir systemd) ++ pkgconfigdir=$($PKG_CONFIG --variable=systemdsystemconfdir systemd) + if test x"$pkgconfigdir" = x; then + AC_MSG_ERROR([Could not detect systemd config directory]) + fi +- if test "${pkgconfigdir:0:${#prefix}}" = "${prefix}"; then ++ if test "${pkgconfigdir:0:${#sysconfdir}}" = "${sysconfdir}"; then + systemdconfdir=${pkgconfigdir} + else +- systemdconfdir=${prefix}${pkgconfigdir} ++ systemdconfdir=${sysconfdir}${pkgconfigdir} + fi + fi + AC_SUBST(systemdconfdir, [$systemdconfdir/sssd.service.d]) diff --git a/sys-auth/sssd/metadata.xml b/sys-auth/sssd/metadata.xml index f1d1125d52ca..09bfecfe2361 100644 --- a/sys-auth/sssd/metadata.xml +++ b/sys-auth/sssd/metadata.xml @@ -17,6 +17,7 @@ <flag name="acl"> Build and use the cifsidmap plugin</flag> <flag name="netlink">Add support for netlink protocol via <pkg>dev-libs/libnl</pkg></flag> <flag name="nfsv4">Add support for the nfsv4 idmapd plugin provided by <pkg>net-fs/nfs-utils</pkg></flag> + <flag name="passkey">Add support for FIDO2 passkeys"</flag> <flag name="samba">Add Privileged Attribute Certificate Support for Kerberos</flag> <flag name="subid">Support subordinate uid and gid ranges in FreeIPA</flag> <flag name="sudo">Build helper to let <pkg>app-admin/sudo</pkg> use sssd provided information</flag> diff --git a/sys-auth/sssd/sssd-2.10.0.ebuild b/sys-auth/sssd/sssd-2.10.0.ebuild new file mode 100644 index 000000000000..b885b50db19b --- /dev/null +++ b/sys-auth/sssd/sssd-2.10.0.ebuild @@ -0,0 +1,371 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +PLOCALES="ca de es fr ja ko pt_BR ru sv tr uk" +PLOCALES_BIN="${PLOCALES} bg cs eu fi hu id it ka nb nl pl pt tg zh_TW zh_CN" +PLOCALE_BACKUP="sv" +PYTHON_COMPAT=( python3_{10..12} ) + +inherit autotools linux-info multilib-minimal optfeature plocale \ + python-single-r1 pam systemd tmpfiles udev toolchain-funcs + +DESCRIPTION="System Security Services Daemon provides access to identity and authentication" +HOMEPAGE="https://github.com/SSSD/sssd" +if [[ ${PV} != 9999 ]]; then + SRC_URI="https://github.com/SSSD/sssd/releases/download/${PV}/${P}.tar.gz" +else + inherit git-r3 + EGIT_REPO_URI="https://github.com/SSSD/sssd.git" + EGIT_BRANCH="master" +fi + +LICENSE="GPL-3" +SLOT="0" +IUSE="doc +netlink nfsv4 nls passkey samba selinux systemd systemtap test" +REQUIRED_USE=" ( ${PYTHON_REQUIRED_USE} ) " +RESTRICT="!test? ( test )" + +DEPEND=" + >=app-crypt/mit-krb5-1.19.1[${MULTILIB_USEDEP}] + app-crypt/p11-kit + >=dev-libs/ding-libs-0.2 + >=dev-libs/cyrus-sasl-2.1.25-r3[kerberos] + dev-libs/jansson:= + dev-libs/libpcre2:= + dev-libs/libunistring:=[${MULTILIB_USEDEP}] + >=dev-libs/popt-1.16 + >=dev-libs/openssl-1.0.2:= + >=net-dns/bind-tools-9.9[gssapi] + >=net-dns/c-ares-1.10.0-r1:=[${MULTILIB_USEDEP}] + >=net-nds/openldap-2.4.30:=[sasl,experimental] + net-fs/cifs-utils[acl] + >=sys-apps/dbus-1.6 + >=sys-apps/keyutils-1.5:= + sys-libs/libcap + >=sys-libs/pam-0-r1[${MULTILIB_USEDEP}] + >=sys-libs/talloc-2.0.7 + >=sys-libs/tdb-1.2.9 + >=sys-libs/tevent-0.9.16 + virtual/ldb:= + virtual/libintl + netlink? ( dev-libs/libnl:3 ) + nfsv4? ( >=net-fs/nfs-utils-2.3.1-r2 ) + nls? ( >=sys-devel/gettext-0.18 ) + passkey? ( dev-libs/libfido2:= ) + ${PYTHON_DEPS} + systemd? ( + $(python_gen_cond_dep ' + dev-python/python-systemd[${PYTHON_USEDEP}] + ') + ) + samba? ( >=net-fs/samba-4.10.2[winbind] ) + selinux? ( + >=sys-libs/libselinux-2.1.9 + >=sys-libs/libsemanage-2.1 + ) + systemd? ( + sys-apps/systemd:= + sys-apps/util-linux + ) + systemtap? ( dev-debug/systemtap )" +RDEPEND="${DEPEND} + acct-user/sssd + acct-group/sssd + passkey? ( sys-apps/pcsc-lite[policykit] ) + selinux? ( >=sec-policy/selinux-sssd-2.20120725-r9 )" +BDEPEND=" + acct-user/sssd + acct-group/sssd + sys-libs/libcap + virtual/pkgconfig + ${PYTHON_DEPS} + doc? ( app-text/doxygen ) + nls? ( app-text/po4a + sys-devel/gettext ) + test? ( + dev-libs/check + dev-libs/softhsm:2 + dev-util/cmocka + net-libs/gnutls[pkcs11,tools] + sys-libs/libfaketime + sys-libs/nss_wrapper + sys-libs/pam_wrapper + sys-libs/uid_wrapper + ) + app-text/docbook-xml-dtd:4.4 + >=dev-libs/libxslt-1.1.26 +" + +CONFIG_CHECK="~KEYS" + +PATCHES=( + "${FILESDIR}/${PN}-2.8.2-krb5_pw_locked.patch" + "${FILESDIR}/${PN}-2.10.0_beta2-fix-systemd-systemconfdir.patch" + "${FILESDIR}/${PN}-2.10.0-build-remove-superfluous-WITH_IFP-leftover.patch" + "${FILESDIR}/${PN}-2.10.0-build-stop-overriding-CFLAGS.patch" +) + +MULTILIB_WRAPPED_HEADERS=( + /usr/include/ipa_hbac.h + /usr/include/sss_idmap.h + /usr/include/sss_nss_idmap.h + # --with-ifp + /usr/include/sss_sifp.h + /usr/include/sss_sifp_dbus.h + # from 1.15.3 + /usr/include/sss_certmap.h +) + +sssd_migrate_files() { + if has_version "<=sys-auth/sssd-2.9.9999" + then + einfo "Checking if sssd is running" + if [ -f /run/sssd.pid ] + then + elog "Please stop sssd after installing before" + elog "performing the migration process" + fi + einfo "Checking if /var/lib/sss ownership" + if [ -d /var/lib/sss ] && [ $(stat -c "%U:%G" /var/lib/sss) != "sssd:sssd" ] + then + elog "After installing, please execute" + elog "chown -R sssd:sssd /var/lib/sss" + fi + einfo "Checking if /var/log/sssd ownership" + if [ -d /var/log/sssd ] && [ $(stat -c "%U:%G" /var/log/sssd) != "sssd:sssd" ] + then + elog "After installing, please execute" + elog "chown -R sssd:sssd /var/log/sssd" + fi + einfo "Checking if /etc/sssd ownership" + if ! use systemd && [ -d /etc/sssd ] && [ $(stat -c "%U:%G" /etc/sssd) != "root:sssd" ] + then + elog "After installing, please execute" + elog "chown -R root:sssd /etc/sssd" + fi + fi +} + +pkg_setup() { + linux-info_pkg_setup + python-single-r1_pkg_setup + + sssd_migrate_files +} + +src_prepare() { + default + + plocale_get_locales > src/man/po/LINGUAS || die + + sed -i \ + -e "/_langs]/ s/ .*//" \ + src/man/po/po4a.cfg \ + || die + enable_locale() { + local locale=${1} + + sed -i \ + -e "/_langs]/ s/$/ ${locale}/" \ + src/man/po/po4a.cfg \ + || die + } + + plocale_for_each_locale enable_locale + + PLOCALES="${PLOCALES_BIN}" + plocale_get_locales > po/LINGUAS || die + + sed -i \ + -e 's:/var/run:/run:' \ + src/examples/logrotate \ + || die + + # disable flaky test, see https://github.com/SSSD/sssd/issues/5631 + sed -i \ + -e '/^\s*pam-srv-tests[ \\]*$/d' \ + Makefile.am \ + || die + + # requires valgrind headers installed + sed -i \ + -e '/^\s*test-iobuf[ \\]*$/d' \ + Makefile.am \ + || die + + eautoreconf + + multilib_copy_sources +} + +src_configure() { + local native_dbus_cflags=$($(tc-getPKG_CONFIG) --cflags dbus-1 || die) + + multilib-minimal_src_configure +} + +multilib_src_configure() { + local myconf=() + + myconf+=( + --libexecdir="${EPREFIX}"/usr/libexec + --localstatedir="${EPREFIX}"/var + --runstatedir="${EPREFIX}"/run + --sbindir="${EPREFIX}"/usr/sbin + --with-pid-path="${EPREFIX}"/run/sssd + --with-plugin-path="${EPREFIX}"/usr/$(get_libdir)/sssd + --enable-pammoddir="${EPREFIX}"/$(getpam_mod_dir) + --with-ldb-lib-dir="${EPREFIX}"/usr/$(get_libdir)/samba/ldb + --with-db-path="${EPREFIX}"/var/lib/sss/db + --with-gpo-cache-path="${EPREFIX}"/var/lib/sss/gpo_cache + --with-pubconf-path="${EPREFIX}"/var/lib/sss/pubconf + --with-pipe-path="${EPREFIX}"/var/lib/sss/pipes + --with-mcache-path="${EPREFIX}"/var/lib/sss/mc + --with-secrets-db-path="${EPREFIX}"/var/lib/sss/secrets + --with-log-path="${EPREFIX}"/var/log/sssd + --with-tmpfilesdir=/usr/lib/tmpfiles.d + --with-udevrulesdir="$(get_udevdir)/rules.d" + --with-kcm + --enable-kcm-renewal + --with-os=gentoo + --disable-rpath + --disable-static + # Valgrind is only used for tests + --disable-valgrind + $(use_with samba) + --with-smb-idmap-interface-version=6 + --enable-cifs-idmap-plugin + $(multilib_native_use_with selinux) + --enable-krb5-locator-plugin + $(use_enable samba pac-responder) + $(multilib_native_use_with nfsv4 nfsv4-idmapd-plugin) + $(use_enable nls) + $(multilib_native_use_with netlink libnl) + --with-manpages + --with-sudo + $(multilib_native_with autofs) + $(multilib_native_with ssh) + --without-oidc-child + $(multilib_native_with passkey) + --with-subid + $(use_enable systemtap) + --without-python2-bindings + --with-python3-bindings + # Annoyingly configure requires that you pick systemd XOR sysv + --with-initscript=$(usex systemd systemd sysv) + --with-sssd-user=sssd + CPPFLAGS="${CPPFLAGS} -I/usr/include/samba-4.0" + ) + + use systemd && myconf+=( + --with-systemdunitdir=$(systemd_get_systemunitdir) + ) + + if ! multilib_is_native_abi; then + # work-around all the libraries that are used for CLI and server + myconf+=( + {POPT,TALLOC,TDB,TEVENT,LDB}_{CFLAGS,LIBS}=' ' + # ldb headers are fine since native needs it + # ldb lib fails... but it does not seem to bother + {DHASH,UNISTRING,INI_CONFIG_V{0,1,1_1,1_3}}_{CFLAGS,LIBS}=' ' + {PCRE,CARES,SYSTEMD_LOGIN,SASL,DBUS,CRYPTO,P11_KIT}_{CFLAGS,LIBS}=' ' + {NDR_NBT,SAMBA_UTIL,SMBCLIENT,NDR_KRB5PAC,JANSSON}_{CFLAGS,LIBS}=' ' + + # use native include path for dbus (needed for build) + DBUS_CFLAGS="${native_dbus_cflags}" + + # non-pkgconfig checks + ac_cv_lib_ldap_ldap_search=yes + --without-kcm + --without-manpages + ) + fi + + econf "${myconf[@]}" +} + +multilib_src_compile() { + if multilib_is_native_abi; then + default + use doc && emake docs + else + emake libnss_sss.la pam_sss.la pam_sss_gss.la + emake sssd_krb5_locator_plugin.la + use samba && emake sssd_pac_plugin.la + fi +} + +multilib_src_test() { + if multilib_is_native_abi; then + local -x CK_TIMEOUT_MULTIPLIER=10 + emake check VERBOSE=yes + fi +} + +multilib_src_install() { + if multilib_is_native_abi; then + emake -j1 DESTDIR="${D}" install + python_fix_shebang "${ED}" + python_optimize + else + # easier than playing with automake... + dopammod .libs/pam_sss.so + dopammod .libs/pam_sss_gss.so + + into / + dolib.so .libs/libnss_sss.so* + + exeinto /usr/$(get_libdir)/krb5/plugins/libkrb5 + doexe .libs/sssd_krb5_locator_plugin.so + + if use samba; then + exeinto /usr/$(get_libdir)/krb5/plugins/authdata + doexe .libs/sssd_pac_plugin.so + fi + fi +} + +multilib_src_install_all() { + einstalldocs + + insinto /etc/sssd + insopts -m600 + doins src/examples/sssd-example.conf + + insinto /etc/logrotate.d + insopts -m644 + newins src/examples/logrotate sssd + + newconfd "${FILESDIR}"/sssd.conf sssd + + keepdir /var/lib/sss/db + keepdir /var/lib/sss/deskprofile + keepdir /var/lib/sss/gpo_cache + keepdir /var/lib/sss/keytabs + keepdir /var/lib/sss/mc + keepdir /var/lib/sss/pipes/private + keepdir /var/lib/sss/pubconf/krb5.include.d + keepdir /var/lib/sss/secrets + keepdir /var/log/sssd + keepdir /etc/sssd/conf.d + keepdir /etc/sssd/pki + + # strip empty dirs + if ! use doc; then + rm -r "${ED}"/usr/share/doc/"${PF}"/doc || die + rm -r "${ED}"/usr/share/doc/"${PF}"/{hbac,idmap,nss_idmap}_doc || die + fi + + rm -r "${ED}"/run || die + find "${ED}" -type f -name '*.la' -delete || die +} + +pkg_postinst() { + tmpfiles_process sssd-tmpfiles.conf + elog "You must set up sssd.conf (default installed into /etc/sssd)" + elog "and (optionally) configuration in /etc/pam.d in order to use SSSD" + elog "features." + optfeature "Kerberos keytab renew (see krb5_renew_interval)" app-crypt/adcli +} |