From 401101f9c8077911929d3f2b60a37098460a5d89 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Thu, 24 Mar 2022 23:59:54 +0000 Subject: gentoo resync : 25.03.2022 --- sys-auth/AusweisApp2/AusweisApp2-1.22.3.ebuild | 48 ---- sys-auth/AusweisApp2/AusweisApp2-1.22.4.ebuild | 2 +- sys-auth/AusweisApp2/Manifest | 4 +- sys-auth/Manifest.gz | Bin 9421 -> 9425 bytes sys-auth/nss-pam-ldapd/Manifest | 2 +- .../nss-pam-ldapd/nss-pam-ldapd-0.9.12-r1.ebuild | 171 ++++++++++++ sys-auth/nss-pam-ldapd/nss-pam-ldapd-0.9.12.ebuild | 171 ------------ sys-auth/nss_ldap/Manifest | 2 +- sys-auth/nss_ldap/nss_ldap-265-r10.ebuild | 148 ---------- sys-auth/nss_ldap/nss_ldap-265-r11.ebuild | 148 ++++++++++ sys-auth/pam_ldap/Manifest | 2 +- sys-auth/pam_ldap/pam_ldap-186-r3.ebuild | 51 ---- sys-auth/pam_ldap/pam_ldap-186-r4.ebuild | 51 ++++ sys-auth/pam_yubico/Manifest | 2 +- sys-auth/pam_yubico/pam_yubico-2.26-r1.ebuild | 42 +++ sys-auth/pam_yubico/pam_yubico-2.26.ebuild | 42 --- sys-auth/sssd/Manifest | 6 +- sys-auth/sssd/sssd-2.3.1-r2.ebuild | 288 -------------------- sys-auth/sssd/sssd-2.3.1-r3.ebuild | 288 ++++++++++++++++++++ sys-auth/sssd/sssd-2.5.2-r2.ebuild | 303 --------------------- sys-auth/sssd/sssd-2.5.2-r3.ebuild | 303 +++++++++++++++++++++ sys-auth/sssd/sssd-2.6.0-r1.ebuild | 291 -------------------- sys-auth/sssd/sssd-2.6.0-r2.ebuild | 291 ++++++++++++++++++++ 23 files changed, 1303 insertions(+), 1353 deletions(-) delete mode 100644 sys-auth/AusweisApp2/AusweisApp2-1.22.3.ebuild create mode 100644 sys-auth/nss-pam-ldapd/nss-pam-ldapd-0.9.12-r1.ebuild delete mode 100644 sys-auth/nss-pam-ldapd/nss-pam-ldapd-0.9.12.ebuild delete mode 100644 sys-auth/nss_ldap/nss_ldap-265-r10.ebuild create mode 100644 sys-auth/nss_ldap/nss_ldap-265-r11.ebuild delete mode 100644 sys-auth/pam_ldap/pam_ldap-186-r3.ebuild create mode 100644 sys-auth/pam_ldap/pam_ldap-186-r4.ebuild create mode 100644 sys-auth/pam_yubico/pam_yubico-2.26-r1.ebuild delete mode 100644 sys-auth/pam_yubico/pam_yubico-2.26.ebuild delete mode 100644 sys-auth/sssd/sssd-2.3.1-r2.ebuild create mode 100644 sys-auth/sssd/sssd-2.3.1-r3.ebuild delete mode 100644 sys-auth/sssd/sssd-2.5.2-r2.ebuild create mode 100644 sys-auth/sssd/sssd-2.5.2-r3.ebuild delete mode 100644 sys-auth/sssd/sssd-2.6.0-r1.ebuild create mode 100644 sys-auth/sssd/sssd-2.6.0-r2.ebuild (limited to 'sys-auth') diff --git a/sys-auth/AusweisApp2/AusweisApp2-1.22.3.ebuild b/sys-auth/AusweisApp2/AusweisApp2-1.22.3.ebuild deleted file mode 100644 index c73e5792cc88..000000000000 --- a/sys-auth/AusweisApp2/AusweisApp2-1.22.3.ebuild +++ /dev/null @@ -1,48 +0,0 @@ -# Copyright 2020-2022 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -inherit cmake xdg-utils - -DESCRIPTION="Official authentication app for German ID cards and residence permits" -HOMEPAGE="https://www.ausweisapp.bund.de/" -SRC_URI="https://github.com/Governikus/${PN}/archive/${PV}.tar.gz -> ${P}.tar.gz" - -LICENSE="EUPL-1.2" -SLOT="0" -KEYWORDS="amd64 x86" - -BDEPEND=" - dev-qt/linguist-tools:5 - virtual/pkgconfig" - -RDEPEND=" - dev-libs/openssl:0= - dev-qt/qtconcurrent:5 - dev-qt/qtcore:5 - dev-qt/qtdeclarative:5 - dev-qt/qtgui:5 - dev-qt/qtnetwork:5 - dev-qt/qtquickcontrols2:5 - dev-qt/qtsvg:5 - dev-qt/qtwebsockets:5[qml] - dev-qt/qtwidgets:5 - net-libs/http-parser:0= - sys-apps/pcsc-lite - virtual/udev" - -DEPEND="${RDEPEND}" - -src_configure() { - local mycmakeargs=( -DBUILD_SHARED_LIBS=OFF ) - cmake_src_configure -} - -pkg_postinst() { - xdg_icon_cache_update -} - -pkg_postrm() { - xdg_icon_cache_update -} diff --git a/sys-auth/AusweisApp2/AusweisApp2-1.22.4.ebuild b/sys-auth/AusweisApp2/AusweisApp2-1.22.4.ebuild index fd2f4d5730d0..c73e5792cc88 100644 --- a/sys-auth/AusweisApp2/AusweisApp2-1.22.4.ebuild +++ b/sys-auth/AusweisApp2/AusweisApp2-1.22.4.ebuild @@ -11,7 +11,7 @@ SRC_URI="https://github.com/Governikus/${PN}/archive/${PV}.tar.gz -> ${P}.tar.gz LICENSE="EUPL-1.2" SLOT="0" -KEYWORDS="~amd64 ~x86" +KEYWORDS="amd64 x86" BDEPEND=" dev-qt/linguist-tools:5 diff --git a/sys-auth/AusweisApp2/Manifest b/sys-auth/AusweisApp2/Manifest index fca97de86ad6..55dadeb55e1a 100644 --- a/sys-auth/AusweisApp2/Manifest +++ b/sys-auth/AusweisApp2/Manifest @@ -1,6 +1,4 @@ -DIST AusweisApp2-1.22.3.tar.gz 10970793 BLAKE2B d6b3b3fb0005715150557f30a45002a90fc303c74706dc5714a1de239fb19a22552905aa9490f8c55cccc2d99eb46d077d424886eadcbb3d2574cdeb3f472ba2 SHA512 a8f654e66a47bb93116dfbe7941917f483c651deb947b8e4d287888d999551bc781e105b1cbf5d4445aa2241af542342f8c0f4edef7a4470a5366561f6f74b7a DIST AusweisApp2-1.22.4.tar.gz 10972798 BLAKE2B 7d613e9729a9c13fc56945bc432f2daf1a40fbc795829bbb51caaf4c895b3a4b2b8dc5528f68df0f0d60a3ec2d78cd72e767ec5430804da2a4759349fbf4d520 SHA512 88f66873cc1515ab068cfd48ab7f8477c17743cb3f9114a6a1484371d0faeb24492d1f6c0652800d3640cc9b5768568f578de5da1c43691347e32c1a34a49d12 -EBUILD AusweisApp2-1.22.3.ebuild 930 BLAKE2B 3a35bf075945e93c225a1a549db867744cac21a06c84ebd962c44ed80e16ef4ddeda6732d51d3f2164ec726b647097aaaa0e639f8051d61485021a6ebf028be6 SHA512 8db7d6bfd148a053313584f7f13766a018902047816e413ca281fa5d2c3f0dc169139bbdb4dd649d649c7618a9710fcec767d2a80746a89b03713c65a16d18e0 -EBUILD AusweisApp2-1.22.4.ebuild 932 BLAKE2B 788d3c3dd3f87cb286a10625d1cddd2537876a3d78720f81abe770e8a28c767496c1f2a912304c2ae92db4c7ec809e5445e850fa82efa6ebe47637d90a5737fa SHA512 d0a449d2f34d9c671f0f41de39f27159e7a6b73f727177b163b0eff70e302c7aee3e133f3e23b7a6ec90e4d42989b6e90b2881c9c7817df09f414bb38ba81d65 +EBUILD AusweisApp2-1.22.4.ebuild 930 BLAKE2B 3a35bf075945e93c225a1a549db867744cac21a06c84ebd962c44ed80e16ef4ddeda6732d51d3f2164ec726b647097aaaa0e639f8051d61485021a6ebf028be6 SHA512 8db7d6bfd148a053313584f7f13766a018902047816e413ca281fa5d2c3f0dc169139bbdb4dd649d649c7618a9710fcec767d2a80746a89b03713c65a16d18e0 EBUILD AusweisApp2-9999.ebuild 896 BLAKE2B a283585d7f09d304017e9f80f3e081fa96787d702e919aa9f9bcd229078b6d17a9eb3dfeb8782f8011530a6cd8a3ab72be12c88251d4675c1924dea66a77672c SHA512 f361e420657a46e8234517d204548fb69b14bc367be38aa1f85b411bdcd53fdb6dc7a6b3807cf22376f82abc076181965d633b50e4b01a5a7a1032bbf45c0165 MISC metadata.xml 338 BLAKE2B cc2c3169dbe9280f8ab769c2c2c38a691d0af53999169948243cca1200c2a6ef8bb2f97dcc0e8dcbd709f3660fa262bf5279d3acce525baefe91951f91f1eca7 SHA512 db2026e39095afa71c7431290d8032fb6cdf70138beb14ae5cc20f4c5d03a0fa334cd769c14fe1085520b8631947c35c654bbd686ccc2e60a308d19ef6eb9e83 diff --git a/sys-auth/Manifest.gz b/sys-auth/Manifest.gz index f1536df11dcc..2856319a7889 100644 Binary files a/sys-auth/Manifest.gz and b/sys-auth/Manifest.gz differ diff --git a/sys-auth/nss-pam-ldapd/Manifest b/sys-auth/nss-pam-ldapd/Manifest index 50b201da876f..b19f6224f65c 100644 --- a/sys-auth/nss-pam-ldapd/Manifest +++ b/sys-auth/nss-pam-ldapd/Manifest @@ -9,5 +9,5 @@ AUX nss-pam-ldapd-0.9.11-use-mkstemp.patch 789 BLAKE2B da9525e66873be615cfe90f6a AUX nss-pam-ldapd-0.9.4-disable-py3-only-linters.patch 403 BLAKE2B 2e17a92b3650ce4e6627be7ddb2f656cd9ab53e49d7e2b11d078dac0d7a00015d88d861bfdc1378eb25c1b9750ed3811023cc95b04ccf9d028ffc5899dc01cd5 SHA512 c8cccb044a641f673f12db9717bda4c0c4d91bd1933342595d8f3f540449459c5cf14263133487195b223670d450873f608e3ce5b6f1ca775ca7fe0180a9f962 AUX pynslcd.init 515 BLAKE2B 711ba152ea9cc52198171e451889ab42a224581bae7e4378846f480063ed9a672fdb38b153d6941364d3d06e325d9feb95f6fd17885b4e6181d99393cb54de0a SHA512 56334d86cc027e538d8a0bf9a8b87308e3ae6e91be608a4a630f21c57cc41b6cb5dc6fb3220fed1ca555dd4da6a5c7c10b2776f9e49a7b71a96ece21fc65fed7 DIST nss-pam-ldapd-0.9.12.tar.gz 791983 BLAKE2B af580d400230db709f7ac09720edd6127b3b26c6987d1e8f6d6535ad8e68fd8cb5cf2a3319e4456fb2af28aba6528f7a5cdc28463ccfee747dbbf6abc35eee87 SHA512 5eca4851a9bcb2779548d193a363a143d6106bfc6463b8d3f0c2d5d7d227ec1e680861383d4813f40b44d1be2ce5f7ed019d838f7f6796e15f96f7411d3bb8f6 -EBUILD nss-pam-ldapd-0.9.12.ebuild 4484 BLAKE2B 5cfd1eb115e3e25bffcdeef08a8b334896d8f2e492d8de397176fca1bf9ab469d7f1a23080d6cf620f3ba9d0c238805c5d4e1c82668c8608a5d48a318ed8a601 SHA512 fba3cf79f08c1d6c2a6c80320b01d5b9ec5bb4ce0ac17d6175a5fe34fcee698d6b8f87250f36f75edaba24f4e15d632c439ead4bfec14760c343f42e0527d22e +EBUILD nss-pam-ldapd-0.9.12-r1.ebuild 4486 BLAKE2B 47fd337e4c8954496d395ece1aff0e65b6ebe07b45088cf17284500e2f3e4224d4587961af7fb0b177ff4362ee7611f499f283f5fda61c034c91220330c73938 SHA512 69df8cd7b7987f60006093725307b0839176e6786ca63faa8f3397da42a39a87ce3118b08347c97e09f121e19412323efb54a79738e4407647ac1700995ecf4d MISC metadata.xml 1170 BLAKE2B 5c121a0afae864d757fda18c8546e494804c9b9d6a7d6fe2ad485b6a7bb2ed291776063407721222fa765251c9ca4d945740e8a0aa53da670747fb35cf1b8f9e SHA512 ba534679ae3b983a9b143530112f6495a4a4b5b82077095b3cc62965c1cf808c7a2d098410c00bee195112c5e7ff3afe4b368fa9a1662ce22cf48634229df7cf diff --git a/sys-auth/nss-pam-ldapd/nss-pam-ldapd-0.9.12-r1.ebuild b/sys-auth/nss-pam-ldapd/nss-pam-ldapd-0.9.12-r1.ebuild new file mode 100644 index 000000000000..88f0e013b023 --- /dev/null +++ b/sys-auth/nss-pam-ldapd/nss-pam-ldapd-0.9.12-r1.ebuild @@ -0,0 +1,171 @@ +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +PYTHON_COMPAT=( python3_{8..10} ) +inherit prefix python-r1 autotools multilib multilib-minimal systemd s6 tmpfiles + +DESCRIPTION="NSS module for name lookups using LDAP" +HOMEPAGE="https://arthurdejong.org/nss-pam-ldapd/" +SRC_URI="https://arthurdejong.org/${PN}/${P}.tar.gz" + +LICENSE="LGPL-2.1" +SLOT="0" +KEYWORDS="amd64 x86" +IUSE="debug kerberos +pam pynslcd sasl test +utils" +RESTRICT="!test? ( test )" + +COMMON_DEP=" + acct-group/nslcd + acct-user/nslcd + net-nds/openldap:=[${MULTILIB_USEDEP}] + sasl? ( dev-libs/cyrus-sasl[${MULTILIB_USEDEP}] ) + kerberos? ( virtual/krb5[${MULTILIB_USEDEP}] ) + sys-libs/pam[${MULTILIB_USEDEP}] + utils? ( ${PYTHON_DEPS} ) + pynslcd? ( + dev-python/python-ldap[${PYTHON_USEDEP}] + dev-python/python-daemon[${PYTHON_USEDEP}] + ) + !sys-auth/nss_ldap + !sys-auth/pam_ldap +" +RDEPEND="${COMMON_DEP}" +DEPEND="${COMMON_DEP} + test? ( + ${PYTHON_DEPS} + dev-python/pylint[${PYTHON_USEDEP}] + ) +" +BDEPEND=" + ${PYTHON_DEPS} + sys-devel/automake +" + +REQUIRED_USE=" + utils? ( ${PYTHON_REQUIRED_USE} ) + test? ( ${PYTHON_REQUIRED_USE} pynslcd ) +" + +PATCHES=( + "${FILESDIR}/nss-pam-ldapd-0.9.4-disable-py3-only-linters.patch" + "${FILESDIR}/nss-pam-ldapd-0.9.11-use-mkstemp.patch" + "${FILESDIR}/nss-pam-ldapd-0.9.11-relative-imports.patch" + "${FILESDIR}/nss-pam-ldapd-0.9.11-tests.patch" + "${FILESDIR}/nss-pam-ldapd-0.9.11-tests-py39.patch" +) + +src_prepare() { + default + use utils && python_setup + touch pynslcd/__init__.py || die "Could not create __init__.py for pynslcd" + mv pynslcd/pynslcd.py pynslcd/main.py || die + + eautoreconf +} + +multilib_src_configure() { + local -a myconf=( + --disable-utils + --enable-warnings + --with-ldap-lib=openldap + --with-ldap-conf-file=/etc/nslcd.conf + --with-nslcd-pidfile=/run/nslcd/nslcd.pid + --with-nslcd-socket=/run/nslcd/socket + --with-nss-flavour=glibc + $(use_enable pynslcd) + $(use_enable debug) + $(use_enable kerberos) + $(use_enable pam) + $(use_enable sasl) + ) + + # nss libraries always go in /lib on Gentoo + if multilib_is_native_abi ; then + myconf+=("--with-pam-seclib-dir=${EPREFIX}/$(get_libdir)/security") + myconf+=("--libdir=${EPREFIX}/$(get_libdir)") + else + myconf+=("--with-pam-seclib-dir=/$(get_libdir)/security") + myconf+=("--libdir=/$(get_libdir)") + fi + + ECONF_SOURCE="${S}" econf "${myconf[@]}" +} + +multilib_src_test() { + pushd "${BUILD_DIR}" >/dev/null || die + ln -s ../pynslcd/constants.py utils/constants.py || die + python_foreach_impl python_test + popd >/dev/null || die +} + +python_test() { + cp -l "${S}"/pynslcd/*.py pynslcd/ || die "Could not copy python files for tests" + nonfatal emake check || die "tests failed with ${EPYTHON}" +} + +multilib_src_install_all() { + local script + + newinitd "${FILESDIR}"/nslcd.init nslcd + s6_install_service nslcd "${FILESDIR}"/nslcd.s6 + + insinto /usr/share/nss-pam-ldapd + doins "${WORKDIR}/${P}/nslcd.conf" + + fperms o-r /etc/nslcd.conf + + if use utils; then + python_moduleinto nslcd + python_foreach_impl python_domodule utils/*.py + + for script in chsh getent; do + python_foreach_impl python_newscript utils/${script}.py ${script}.ldap + done + fi + if use pynslcd; then + rm -rf "${D}"/usr/share/pynslcd + python_moduleinto pynslcd + python_foreach_impl python_domodule pynslcd/*.py + python_scriptinto /usr/sbin + python_foreach_impl python_newscript pynslcd/main.py pynslcd + newinitd "${FILESDIR}"/pynslcd.init pynslcd + fi + + newtmpfiles "${FILESDIR}"/nslcd-tmpfiles.conf nslcd.conf + systemd_newunit "${FILESDIR}"/nslcd.service nslcd.service +} + +multilib_src_install() { + emake DESTDIR="${D}" install + + if use pynslcd; then + python_moduleinto pynslcd + python_foreach_impl python_domodule pynslcd/*.py + fi +} + +pkg_postinst() { + tmpfiles_process nslcd.conf + + echo + elog "For this to work you must configure /etc/nslcd.conf" + elog "This configuration is similar to pam_ldap's /etc/ldap.conf" + echo + elog "In order to use nss-pam-ldapd, nslcd needs to be running. You can" + elog "start it like this:" + elog " # /etc/init.d/nslcd start" + echo + elog "You can add it to the default runlevel like so:" + elog " # rc-update add nslcd default" + elog + elog "If you have >=sys-apps/openrc-0.16.3, you can also use s6" + elog "to supervise this service." + elog "To do this, emerge sys-apps/s6 then add nslcd-s6" + elog "default runlevel instead of nslcd." + elog + elog "If you are upgrading, keep in mind that /etc/nss-ldapd.conf" + elog " is now named /etc/nslcd.conf" + echo +} diff --git a/sys-auth/nss-pam-ldapd/nss-pam-ldapd-0.9.12.ebuild b/sys-auth/nss-pam-ldapd/nss-pam-ldapd-0.9.12.ebuild deleted file mode 100644 index ec02a5427df5..000000000000 --- a/sys-auth/nss-pam-ldapd/nss-pam-ldapd-0.9.12.ebuild +++ /dev/null @@ -1,171 +0,0 @@ -# Copyright 1999-2022 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -PYTHON_COMPAT=( python3_{8..10} ) -inherit prefix python-r1 autotools multilib multilib-minimal systemd s6 tmpfiles - -DESCRIPTION="NSS module for name lookups using LDAP" -HOMEPAGE="https://arthurdejong.org/nss-pam-ldapd/" -SRC_URI="https://arthurdejong.org/${PN}/${P}.tar.gz" - -LICENSE="LGPL-2.1" -SLOT="0" -KEYWORDS="amd64 x86" -IUSE="debug kerberos +pam pynslcd sasl test +utils" -RESTRICT="!test? ( test )" - -COMMON_DEP=" - acct-group/nslcd - acct-user/nslcd - net-nds/openldap[${MULTILIB_USEDEP}] - sasl? ( dev-libs/cyrus-sasl[${MULTILIB_USEDEP}] ) - kerberos? ( virtual/krb5[${MULTILIB_USEDEP}] ) - sys-libs/pam[${MULTILIB_USEDEP}] - utils? ( ${PYTHON_DEPS} ) - pynslcd? ( - dev-python/python-ldap[${PYTHON_USEDEP}] - dev-python/python-daemon[${PYTHON_USEDEP}] - ) - !sys-auth/nss_ldap - !sys-auth/pam_ldap -" -RDEPEND="${COMMON_DEP}" -DEPEND="${COMMON_DEP} - test? ( - ${PYTHON_DEPS} - dev-python/pylint[${PYTHON_USEDEP}] - ) -" -BDEPEND=" - ${PYTHON_DEPS} - sys-devel/automake -" - -REQUIRED_USE=" - utils? ( ${PYTHON_REQUIRED_USE} ) - test? ( ${PYTHON_REQUIRED_USE} pynslcd ) -" - -PATCHES=( - "${FILESDIR}/nss-pam-ldapd-0.9.4-disable-py3-only-linters.patch" - "${FILESDIR}/nss-pam-ldapd-0.9.11-use-mkstemp.patch" - "${FILESDIR}/nss-pam-ldapd-0.9.11-relative-imports.patch" - "${FILESDIR}/nss-pam-ldapd-0.9.11-tests.patch" - "${FILESDIR}/nss-pam-ldapd-0.9.11-tests-py39.patch" -) - -src_prepare() { - default - use utils && python_setup - touch pynslcd/__init__.py || die "Could not create __init__.py for pynslcd" - mv pynslcd/pynslcd.py pynslcd/main.py || die - - eautoreconf -} - -multilib_src_configure() { - local -a myconf=( - --disable-utils - --enable-warnings - --with-ldap-lib=openldap - --with-ldap-conf-file=/etc/nslcd.conf - --with-nslcd-pidfile=/run/nslcd/nslcd.pid - --with-nslcd-socket=/run/nslcd/socket - --with-nss-flavour=glibc - $(use_enable pynslcd) - $(use_enable debug) - $(use_enable kerberos) - $(use_enable pam) - $(use_enable sasl) - ) - - # nss libraries always go in /lib on Gentoo - if multilib_is_native_abi ; then - myconf+=("--with-pam-seclib-dir=${EPREFIX}/$(get_libdir)/security") - myconf+=("--libdir=${EPREFIX}/$(get_libdir)") - else - myconf+=("--with-pam-seclib-dir=/$(get_libdir)/security") - myconf+=("--libdir=/$(get_libdir)") - fi - - ECONF_SOURCE="${S}" econf "${myconf[@]}" -} - -multilib_src_test() { - pushd "${BUILD_DIR}" >/dev/null || die - ln -s ../pynslcd/constants.py utils/constants.py || die - python_foreach_impl python_test - popd >/dev/null || die -} - -python_test() { - cp -l "${S}"/pynslcd/*.py pynslcd/ || die "Could not copy python files for tests" - nonfatal emake check || die "tests failed with ${EPYTHON}" -} - -multilib_src_install_all() { - local script - - newinitd "${FILESDIR}"/nslcd.init nslcd - s6_install_service nslcd "${FILESDIR}"/nslcd.s6 - - insinto /usr/share/nss-pam-ldapd - doins "${WORKDIR}/${P}/nslcd.conf" - - fperms o-r /etc/nslcd.conf - - if use utils; then - python_moduleinto nslcd - python_foreach_impl python_domodule utils/*.py - - for script in chsh getent; do - python_foreach_impl python_newscript utils/${script}.py ${script}.ldap - done - fi - if use pynslcd; then - rm -rf "${D}"/usr/share/pynslcd - python_moduleinto pynslcd - python_foreach_impl python_domodule pynslcd/*.py - python_scriptinto /usr/sbin - python_foreach_impl python_newscript pynslcd/main.py pynslcd - newinitd "${FILESDIR}"/pynslcd.init pynslcd - fi - - newtmpfiles "${FILESDIR}"/nslcd-tmpfiles.conf nslcd.conf - systemd_newunit "${FILESDIR}"/nslcd.service nslcd.service -} - -multilib_src_install() { - emake DESTDIR="${D}" install - - if use pynslcd; then - python_moduleinto pynslcd - python_foreach_impl python_domodule pynslcd/*.py - fi -} - -pkg_postinst() { - tmpfiles_process nslcd.conf - - echo - elog "For this to work you must configure /etc/nslcd.conf" - elog "This configuration is similar to pam_ldap's /etc/ldap.conf" - echo - elog "In order to use nss-pam-ldapd, nslcd needs to be running. You can" - elog "start it like this:" - elog " # /etc/init.d/nslcd start" - echo - elog "You can add it to the default runlevel like so:" - elog " # rc-update add nslcd default" - elog - elog "If you have >=sys-apps/openrc-0.16.3, you can also use s6" - elog "to supervise this service." - elog "To do this, emerge sys-apps/s6 then add nslcd-s6" - elog "default runlevel instead of nslcd." - elog - elog "If you are upgrading, keep in mind that /etc/nss-ldapd.conf" - elog " is now named /etc/nslcd.conf" - echo -} diff --git a/sys-auth/nss_ldap/Manifest b/sys-auth/nss_ldap/Manifest index 561bb36dfd01..c41f663aa0e6 100644 --- a/sys-auth/nss_ldap/Manifest +++ b/sys-auth/nss_ldap/Manifest @@ -9,5 +9,5 @@ AUX nss_ldap-265-r10-libdir.patch 1345 BLAKE2B 7187c42328e8778a19cd7aae58ffd35b7 AUX nss_ldap-265-reconnect-timeouts.patch 2806 BLAKE2B b254a9959892a0a8ecb6e53778c4581f5ce8f9f0b90ceaf7fdb3e08cdc029b3914d9f95a7b65f3f9ceedf6669ae5727d8bc41c7229c567667896b4cb8868b227 SHA512 d9767cfaf32b9041d222c7b313c327a72ac2766d26fed7ce19cc1acff56cf2493d4e1e83b33852083505952f983ba64c00409e3cf09dcbf74676390968dd935b AUX nsswitch.ldap.diff 575 BLAKE2B 9578535ea6cff87ac21fa8f3a0a1b8d727c657a53318b378dd86b4dded15bac950e241af59b15b6898a1ed089d1c481f0615ca7de3ae4e07a231432920af7b52 SHA512 0d08d4dacea0213714cab864300e625158106245eeb34a7d4b983749dd4fa4156d3f36d6c2dd214efdf80cf926c37657eb00651bceb89907286a3310123399a0 DIST nss_ldap-265.tar.gz 280976 BLAKE2B 31b233ef7680204abfb62408141609b9489e133327c787c59afedd9ac41194189bde26d1f3b0a885622f57ec769ddee2bdf7d274b9584d4d5002d1c016c86892 SHA512 c4584682968861dd5880992fe7d11c6005d94f0c17252ab1cda04380fd7a81b419ba7e87d0efa44c24c5ce5bf76b9fd8331034dddb4f1400f132eb2192472077 -EBUILD nss_ldap-265-r10.ebuild 3795 BLAKE2B 8ae636fa54d11bb1b321b05fb88e5ef9bcc6be4d90eff557e88974ae97e0a244f43d5b0812fe702fb8ff7a315455331c44442dc5c5090e21825ca82edaec5c13 SHA512 3966ae01096249cb073617f8d4291208c6abacf4485c77b4784f16240bc539f0be8a96036b87a2f3fac69bb85cee9ce9ca8269c7ea64c08c14c73e339ee67ddc +EBUILD nss_ldap-265-r11.ebuild 3798 BLAKE2B 069b93eea00ff89083f2b9d83c7a6312ce2567fc24fc555158d0cfbd2192a4efc297968d5877714137f4340b767fc1cff2f80634333ca538fccb6ae75aea152d SHA512 bb20fc4abd3d381b975ca6b1af06914f768ab7e27914d0872a0242f77888882512dd8ab11636adfbfc267eda0343cf3e890bf7e4ea62e94fb6525aed9cb2cdac MISC metadata.xml 419 BLAKE2B b1708d1b24c5c8162e16d0ade1f51f8ad05f708082136bb5d5a1a269b1fc264204b166d57c8cb6352dc88b531b6b680391779e84c3e753e95484190b81cc28f2 SHA512 f6105b8fd2a389a0bc691af05cfa3e6043bfd1dbf6323f1c135037e03a27bd5bce6a306a6f54259a2039fdf3173ef0d6757575a0a3843a6c86370cb1dc109600 diff --git a/sys-auth/nss_ldap/nss_ldap-265-r10.ebuild b/sys-auth/nss_ldap/nss_ldap-265-r10.ebuild deleted file mode 100644 index b082f724c054..000000000000 --- a/sys-auth/nss_ldap/nss_ldap-265-r10.ebuild +++ /dev/null @@ -1,148 +0,0 @@ -# Copyright 1999-2022 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -inherit autotools fixheadtails multilib-minimal prefix - -DESCRIPTION="NSS LDAP Module" -HOMEPAGE="http://www.padl.com/OSS/nss_ldap.html" -SRC_URI="http://www.padl.com/download/${P}.tar.gz" - -SLOT="0" -LICENSE="LGPL-2" -KEYWORDS="~alpha amd64 arm ~hppa ~ia64 ~mips ~ppc ppc64 sparc x86 ~amd64-linux" -IUSE="debug kerberos ssl sasl split-usr" - -DEPEND=" - >=net-nds/openldap-2.4.38-r1[${MULTILIB_USEDEP}] - sasl? ( >=dev-libs/cyrus-sasl-2.1.26-r3[${MULTILIB_USEDEP}] ) - kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] ) - ssl? ( >=dev-libs/openssl-1.0.1h-r2:0[${MULTILIB_USEDEP}] ) -" -RDEPEND=" - ${DEPEND} - !>"${ED}"/etc/ldap.conf || die - echo >>"${ED}"/etc/ldap.conf || die - sed -i "${ED}"/etc/ldap.conf \ - -e '$inss_initgroups_ignoreusers ldap,openldap,mysql,syslog,root,postgres' \ - || die - - dodoc ldap.conf ANNOUNCE NEWS ChangeLog AUTHORS \ - CVSVersionInfo.txt README nsswitch.ldap certutil - - docinto docs - dodoc -r doc/. -} - -pkg_postinst() { - elog "If you use a ldaps:// string in the 'uri' setting of" - elog "your /etc/ldap.conf, you must set 'ssl on'!" -} diff --git a/sys-auth/nss_ldap/nss_ldap-265-r11.ebuild b/sys-auth/nss_ldap/nss_ldap-265-r11.ebuild new file mode 100644 index 000000000000..e844f815d1bd --- /dev/null +++ b/sys-auth/nss_ldap/nss_ldap-265-r11.ebuild @@ -0,0 +1,148 @@ +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit autotools fixheadtails multilib-minimal prefix + +DESCRIPTION="NSS LDAP Module" +HOMEPAGE="http://www.padl.com/OSS/nss_ldap.html" +SRC_URI="http://www.padl.com/download/${P}.tar.gz" + +SLOT="0" +LICENSE="LGPL-2" +KEYWORDS="~alpha amd64 arm ~hppa ~ia64 ~mips ~ppc ppc64 sparc x86 ~amd64-linux" +IUSE="debug kerberos ssl sasl split-usr" + +DEPEND=" + >=net-nds/openldap-2.4.38-r1:=[${MULTILIB_USEDEP}] + sasl? ( >=dev-libs/cyrus-sasl-2.1.26-r3[${MULTILIB_USEDEP}] ) + kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] ) + ssl? ( >=dev-libs/openssl-1.0.1h-r2:0=[${MULTILIB_USEDEP}] ) +" +RDEPEND=" + ${DEPEND} + !>"${ED}"/etc/ldap.conf || die + echo >>"${ED}"/etc/ldap.conf || die + sed -i "${ED}"/etc/ldap.conf \ + -e '$inss_initgroups_ignoreusers ldap,openldap,mysql,syslog,root,postgres' \ + || die + + dodoc ldap.conf ANNOUNCE NEWS ChangeLog AUTHORS \ + CVSVersionInfo.txt README nsswitch.ldap certutil + + docinto docs + dodoc -r doc/. +} + +pkg_postinst() { + elog "If you use a ldaps:// string in the 'uri' setting of" + elog "your /etc/ldap.conf, you must set 'ssl on'!" +} diff --git a/sys-auth/pam_ldap/Manifest b/sys-auth/pam_ldap/Manifest index db6d405ef8dc..f7e2c2e1a153 100644 --- a/sys-auth/pam_ldap/Manifest +++ b/sys-auth/pam_ldap/Manifest @@ -1,3 +1,3 @@ DIST pam_ldap-186.tar.gz 163437 BLAKE2B 4e917985b78349283c891daca94935792f2316afc08cd694edb7256c89a7ed612a62ba4b53111fc2022f6e11f754103bf58ac0a53a4298b011a5379625c51cdc SHA512 aaa6fbc48150db53bf92dcf600bcb8f0526baa2e6124f46468f59958c8a91495eb003d16a45b659c8cbb2d3481c4732a0d1f5945a2c98c09549ef8a51ed18a3d -EBUILD pam_ldap-186-r3.ebuild 1120 BLAKE2B 466c82795d9ceb8710caa5b1177cfde657634ef2a63a008f1ad1a14faa8ba900ebc6133fb5a0935ccc4177f47122e11abd6fdd83ff63b32eea3df0c3872aeec1 SHA512 2cc75fad171827066498717b501be6073c489846ba70fc45bad5828935848f9a058bff4562e8360a63877d50d5a475bfdd61c7721ee18c68bb3bb4fae91f34c0 +EBUILD pam_ldap-186-r4.ebuild 1122 BLAKE2B 5b0444474816bea2e93f8b2d00afedcc3d3b64f8266121f50617bef304ed8d6deddb9de61d5b0b2b349f820dfb85aab3513008d9b53f139c6c68b59039a86788 SHA512 7dc100a5c75dfc351a236000c652c97f2fb21073491e6919c7276db51ec5b9ef683a6f6f10e3b61b2f8276429f8f4389d7b4d09bcb3cfa844a77a66e0101fc34 MISC metadata.xml 167 BLAKE2B 868e3b584722eaacf68273db062bb773d8c7e5d7ab2b81ca7e8397643bf7cc106c3a1033594401c99c54f667bb45d6b73f9048fc335580bbd44b4589ad26a832 SHA512 30caadd1496c3b9969136038239a1d8e01f236726b4022c2d7e19ca7575f25f735e556835e581afbf44fbd3e4104c40f2b5ef5fa70118d75c881fdf871962d0a diff --git a/sys-auth/pam_ldap/pam_ldap-186-r3.ebuild b/sys-auth/pam_ldap/pam_ldap-186-r3.ebuild deleted file mode 100644 index aebb514b53ba..000000000000 --- a/sys-auth/pam_ldap/pam_ldap-186-r3.ebuild +++ /dev/null @@ -1,51 +0,0 @@ -# Copyright 1999-2022 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -inherit multilib-minimal pam - -DESCRIPTION="PAM LDAP Module" -HOMEPAGE="http://www.padl.com/OSS/pam_ldap.html" -SRC_URI="http://www.padl.com/download/${P}.tar.gz" - -LICENSE="|| ( GPL-2 LGPL-2 )" -SLOT="0" -KEYWORDS="~alpha amd64 arm ~hppa ~ia64 ~mips ~ppc ppc64 sparc x86" -IUSE="ssl sasl" - -DEPEND="sys-libs/pam[${MULTILIB_USEDEP}] - >=net-nds/openldap-2.4.38-r1[${MULTILIB_USEDEP}] - virtual/libcrypt:=[${MULTILIB_USEDEP}] - sasl? ( >=dev-libs/cyrus-sasl-2.1.26-r3[${MULTILIB_USEDEP}] )" - -RDEPEND="${DEPEND}" - -multilib_src_configure() { - local myconf=( - --with-ldap-lib=openldap - $(use_enable ssl) - ) - use sasl || myconf+=( ac_cv_header_sasl_sasl_h=no ) - - ECONF_SOURCE=${S} \ - econf "${myconf[@]}" -} - -multilib_src_compile() { - PERL5LIB=${S} \ - emake -} - -multilib_src_install() { - dopammod pam_ldap.so -} - -multilib_src_install_all() { - dodoc pam.conf ldap.conf ldapns.schema chsh chfn certutil - dodoc ChangeLog CVSVersionInfo.txt README AUTHORS ns-pwd-policy.schema - doman pam_ldap.5 - - docinto pam.d - dodoc pam.d/* -} diff --git a/sys-auth/pam_ldap/pam_ldap-186-r4.ebuild b/sys-auth/pam_ldap/pam_ldap-186-r4.ebuild new file mode 100644 index 000000000000..b2cb6a79d121 --- /dev/null +++ b/sys-auth/pam_ldap/pam_ldap-186-r4.ebuild @@ -0,0 +1,51 @@ +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit multilib-minimal pam + +DESCRIPTION="PAM LDAP Module" +HOMEPAGE="http://www.padl.com/OSS/pam_ldap.html" +SRC_URI="http://www.padl.com/download/${P}.tar.gz" + +LICENSE="|| ( GPL-2 LGPL-2 )" +SLOT="0" +KEYWORDS="~alpha amd64 arm ~hppa ~ia64 ~mips ~ppc ppc64 sparc x86" +IUSE="ssl sasl" + +DEPEND="sys-libs/pam[${MULTILIB_USEDEP}] + >=net-nds/openldap-2.4.38-r1:=[${MULTILIB_USEDEP}] + virtual/libcrypt:=[${MULTILIB_USEDEP}] + sasl? ( >=dev-libs/cyrus-sasl-2.1.26-r3[${MULTILIB_USEDEP}] )" + +RDEPEND="${DEPEND}" + +multilib_src_configure() { + local myconf=( + --with-ldap-lib=openldap + $(use_enable ssl) + ) + use sasl || myconf+=( ac_cv_header_sasl_sasl_h=no ) + + ECONF_SOURCE=${S} \ + econf "${myconf[@]}" +} + +multilib_src_compile() { + PERL5LIB=${S} \ + emake +} + +multilib_src_install() { + dopammod pam_ldap.so +} + +multilib_src_install_all() { + dodoc pam.conf ldap.conf ldapns.schema chsh chfn certutil + dodoc ChangeLog CVSVersionInfo.txt README AUTHORS ns-pwd-policy.schema + doman pam_ldap.5 + + docinto pam.d + dodoc pam.d/* +} diff --git a/sys-auth/pam_yubico/Manifest b/sys-auth/pam_yubico/Manifest index 9a6651042cc1..574b205fe09f 100644 --- a/sys-auth/pam_yubico/Manifest +++ b/sys-auth/pam_yubico/Manifest @@ -1,3 +1,3 @@ DIST pam_yubico-2.26.tar.gz 423451 BLAKE2B be65b9726d3b5d353577014c78163d9e092d3d98baf9c22c2a43bbbb5362589c18713712d218fd154cf493211cefd2924158b326db45c2b7dd0aee9aa9080de5 SHA512 4adba37f07e1fe1a2c4b534246ef0e862be76e3b1ce0ed6f11f15436f537cd5963f00abf48f6faa7e65b025ff6924dbaf918db1675b1e2cb89a802d2f2d6a4ec -EBUILD pam_yubico-2.26.ebuild 904 BLAKE2B f56cbf54d17e5d9eb7027c9eff98603f7b3ccea11b654e92d411f7a51bd0e99e3793c7883ef38646c3fe8a087c8fbf2dafc78ef71491300a02349d39b533e73f SHA512 168007b543dd4d20a1fa858bed84264fd3f82d60c4876fe6b782da84a01c01bff216e78cf31678020fc153c2fba37d05eae06105d3a57f3434d06f8ad37b6698 +EBUILD pam_yubico-2.26-r1.ebuild 906 BLAKE2B 5626b331513510a3a08522b477c07ca6d10bda7ebd0cf7d68c7bed65381a5013767a5c12986b6094bc64f8bcec25c87a1e3ae4bff5fe542358e9f4d652e96eb7 SHA512 b8db00bcbb8748926c4fa3d6f8a29d9fa574ce2aac7d07c6de82d7493c49055437a4428aa11a5eb936c789d4d84e00d24126e2a4f0d6cfd09ac3a4d9a7cca7d4 MISC metadata.xml 340 BLAKE2B e837716f925129355286f7fa7bf703ee5486d87c67a5d06669b7f7a0c35312cb79dcc93eb76e6bdbe2cd627426fe2fab68533e551f6461176422cf5eb037f182 SHA512 66aa57dd3603d6249cc5fd844370cae5dfe9ccc07433aaf31802d6c3c1fe6c8264a3ff67f30fbfb4df1367cfb9ba2ff43e048c4bd673224697d07e26f5fb526f diff --git a/sys-auth/pam_yubico/pam_yubico-2.26-r1.ebuild b/sys-auth/pam_yubico/pam_yubico-2.26-r1.ebuild new file mode 100644 index 000000000000..eaf84fc6bbfa --- /dev/null +++ b/sys-auth/pam_yubico/pam_yubico-2.26-r1.ebuild @@ -0,0 +1,42 @@ +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +inherit pam + +DESCRIPTION="Library for authenticating against PAM with a Yubikey" +HOMEPAGE="https://github.com/Yubico/yubico-pam" +SRC_URI="http://opensource.yubico.com/yubico-pam/releases/${P}.tar.gz" + +LICENSE="BSD" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="ldap test" +RESTRICT="!test? ( test )" + +RDEPEND=" + sys-libs/pam + sys-auth/libyubikey + >=sys-auth/ykclient-2.15 + >=sys-auth/ykpers-1.6 + ldap? ( net-nds/openldap:= )" +DEPEND="${RDEPEND} + app-text/asciidoc + test? ( dev-perl/Net-LDAP-Server )" + +src_configure() { + #challenge response could be optional but that seems horribly dangerous to me + local myeconfargs=( + --with-cr + --with-pam-dir="$(getpam_mod_dir)" + $(use_with ldap) + ) + econf "${myeconfargs[@]}" +} + +src_install() { + default + dodoc doc/* + find "${D}" -name '*.la' -delete || die +} diff --git a/sys-auth/pam_yubico/pam_yubico-2.26.ebuild b/sys-auth/pam_yubico/pam_yubico-2.26.ebuild deleted file mode 100644 index d02d30e11751..000000000000 --- a/sys-auth/pam_yubico/pam_yubico-2.26.ebuild +++ /dev/null @@ -1,42 +0,0 @@ -# Copyright 1999-2019 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=6 - -inherit pam - -DESCRIPTION="Library for authenticating against PAM with a Yubikey" -HOMEPAGE="https://github.com/Yubico/yubico-pam" -SRC_URI="http://opensource.yubico.com/yubico-pam/releases/${P}.tar.gz" - -LICENSE="BSD" -SLOT="0" -KEYWORDS="~amd64 ~x86" -IUSE="ldap test" -RESTRICT="!test? ( test )" - -RDEPEND=" - sys-libs/pam - sys-auth/libyubikey - >=sys-auth/ykclient-2.15 - >=sys-auth/ykpers-1.6 - ldap? ( net-nds/openldap )" -DEPEND="${RDEPEND} - app-text/asciidoc - test? ( dev-perl/Net-LDAP-Server )" - -src_configure() { - #challenge response could be optional but that seems horribly dangerous to me - local myeconfargs=( - --with-cr - --with-pam-dir="$(getpam_mod_dir)" - $(use_with ldap) - ) - econf "${myeconfargs[@]}" -} - -src_install() { - default - dodoc doc/* - find "${D}" -name '*.la' -delete || die -} diff --git a/sys-auth/sssd/Manifest b/sys-auth/sssd/Manifest index f0b0c629b36d..b2585b8fc18b 100644 --- a/sys-auth/sssd/Manifest +++ b/sys-auth/sssd/Manifest @@ -5,7 +5,7 @@ DIST sssd-2.3.1.tar.gz 7186526 BLAKE2B 6d630fe75b9b426ef54adbe1704fde8e01fc34df7 DIST sssd-2.5.2-CVE-2021-3621.patch.bz2 3155 BLAKE2B c50e331f0f1acbb9ef8e6d54a63219da44df5e565608c24635d85a110fcc024f7d5293c4412bca64831a9a3a14e2c1188be1a802c76575ad6d7a83243d3d89c2 SHA512 650af7c67b3a807935c0875ee877d366facdf818492fb4244757448ad351454a279968ea5414e6b3cd116e873abe4f1aef2ccdaf790a4df0cf7f2a0078a41860 DIST sssd-2.5.2.tar.gz 7579208 BLAKE2B ec5d9aeaf5b5e05b56c01f9137f6f24db05544dbd48458d742285b60e7beb6d48af865f3415e11ce89e187f4643bbecf15bbb321859ec80cfe458eb781cea6c9 SHA512 a9bac7b2cc23022dce3bcda314c9c26a0a0914c448f6d5a51c5ba18670f04c1fd1a94cb20173235b6285df1dcc9251cb6b3f3e71a220037b4eb66668e6f33c48 DIST sssd-2.6.0.tar.gz 7440969 BLAKE2B 6b05fcea09ef10a5b2f373dc6a66032edc4c4f46f65f42fdc9ffb5b676025095e16de4a86b3088351c22746e062829d1d68fa7e960cccb7c5a77d960e6d38e2a SHA512 0b9e169424cbadfa6132a3e5e9789facf82f04cce94cb5344b8ff49370ae8817c2cb16cf21caddf6a7cd42e661d5ff5bf97843d79681683aacff0053ff93f64b -EBUILD sssd-2.3.1-r2.ebuild 7550 BLAKE2B bb7148a163aafe86d6efbcb29a48829ceed64ddbd328aa68e0d279478dcad70e77027647d4d38a9b56d317d76b024edfeb2d30656f50fd71414cecc25a1f91c9 SHA512 9ebb400f5bf139c18b04501c3b5ae4d74ce6dd4926f76f0b385d8f4b08d1e02b4f0d72cf7765bc30ddcfec50936954812b8522857d7c2b3d3859b12d6db9acb8 -EBUILD sssd-2.5.2-r2.ebuild 7903 BLAKE2B 74629995f904d268381aa14e689153a12957ac7864d2843924462da6cea8df00b40227c722e8a7127da516d95731ac2d39f54baba6a316bf65c3784345fc1fed SHA512 18aa0149a9ce1ab628f6d639e768eb5f73b778163fe613fb0a59e3cda196c3a6ed346543749447f29894884df271631e62c635c5d71f7853f149e4aae2c39704 -EBUILD sssd-2.6.0-r1.ebuild 7564 BLAKE2B e862fff7812168422d58b2f78e9108dc1c437ff26724f2412ef2e2e2b44eaf90e3f61f3064adf606f319aab79cdc4eaebeccd501a68c2f0db81c20af48a93b5b SHA512 60abe45738b916f41960328c12a3bf83cece84af8b1ec576af05d7a660144486e2787ea74dc83b1d290973d7cff0a971ff6bf204f487c61eb51cc786083a26c5 +EBUILD sssd-2.3.1-r3.ebuild 7556 BLAKE2B f418cbc6b37b0399c6b960a30fa2bdb6cf40da997c32d037821d48839a560fa412e8a607778ba7117770b0e3cd55be4707d72959d5e4f9f751c519a770120588 SHA512 1895d436d3848b14afe2e14c4cc53a11ca4415548339c2e4e6c0a7944bb5a4c071c4a0fbb7c6744abcef0d918b4222373c3b46fa85c06eba34ff87f2f4ee81e6 +EBUILD sssd-2.5.2-r3.ebuild 7909 BLAKE2B b8a326c3a96f387ae3c004c3966a296eca8d5794453b5c153e0896e4fee8cd42167f0d7d9fb5cf28c60f30f7a115d47c667198137926874e0c2b0fcf76359664 SHA512 eb06a8cab8790a1b5aa1f8f016427804dac12bb93c4af234cdce2df5fde9ea7ffbb2210cb039c085306238761b51876a6f5f59db6800e8d37f6f5edc4b406780 +EBUILD sssd-2.6.0-r2.ebuild 7568 BLAKE2B 2dfc3194cebfa102162b3be60cbb95c68111463b0c3f014bf04d3f7c0a33366051b4f7c76de0bf07a407a82c161fd6e05552819adc62382065c0c5cb4f39c627 SHA512 2247d943a9997c9335ea35a8a3d7e7464880b5aaa32b39ae61f903f84827b82e983e03eb5e1e25f0898dd1cdb6f297e9723a5afe8879dcf99684d0590a52f855 MISC metadata.xml 1182 BLAKE2B 8667ff4514a6cf81e044c53492760a20b4af07a345f75b48707587ce38903a5b5837e8aea5dec119a5f26cb0a5b7ce4577936cf6d4e666894bc5014ec6fd0c51 SHA512 e375a25d8dc8ccd1ec13e7b4bdf3782441b01ff15a0f0a213dbbb27ff9d30ff455e1efe1711096973b5c814dcb7f269af61cb455290b8948b06451e754b40912 diff --git a/sys-auth/sssd/sssd-2.3.1-r2.ebuild b/sys-auth/sssd/sssd-2.3.1-r2.ebuild deleted file mode 100644 index 6ecd0e166c35..000000000000 --- a/sys-auth/sssd/sssd-2.3.1-r2.ebuild +++ /dev/null @@ -1,288 +0,0 @@ -# Copyright 1999-2021 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -PYTHON_COMPAT=( python3_{7,8,9} ) - -inherit autotools linux-info multilib-minimal python-single-r1 pam systemd toolchain-funcs - -DESCRIPTION="System Security Services Daemon provides access to identity and authentication" -HOMEPAGE="https://github.com/SSSD/sssd" -SRC_URI="https://github.com/SSSD/sssd/releases/download/${PN}-${PV//./_}/${P}.tar.gz" -KEYWORDS="amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sparc x86" - -LICENSE="GPL-3" -SLOT="0" -IUSE="acl doc +locator +netlink nfsv4 nls +man pac python samba selinux sudo systemd test valgrind" -RESTRICT="!test? ( test )" - -REQUIRED_USE="pac? ( samba ) - python? ( ${PYTHON_REQUIRED_USE} )" - -DEPEND=" - >=app-crypt/mit-krb5-1.10.3 - app-crypt/p11-kit - >=dev-libs/ding-libs-0.2 - dev-libs/glib:2 - >=dev-libs/cyrus-sasl-2.1.25-r3[kerberos] - >=dev-libs/libpcre-8.30:= - >=dev-libs/popt-1.16 - >=dev-libs/openssl-1.0.2:0= - >=net-dns/bind-tools-9.9[gssapi] - >=net-dns/c-ares-1.7.4 - >=net-nds/openldap-2.4.30[sasl] - >=sys-apps/dbus-1.6 - >=sys-apps/keyutils-1.5:= - >=sys-libs/pam-0-r1[${MULTILIB_USEDEP}] - >=sys-libs/talloc-2.0.7 - >=sys-libs/tdb-1.2.9 - >=sys-libs/tevent-0.9.16 - >=sys-libs/ldb-1.1.17-r1:= - virtual/libintl - locator? ( - >=app-crypt/mit-krb5-1.12.2[${MULTILIB_USEDEP}] - >=net-dns/c-ares-1.10.0-r1[${MULTILIB_USEDEP}] - ) - acl? ( net-fs/cifs-utils[acl] ) - netlink? ( dev-libs/libnl:3 ) - nfsv4? ( || ( >=net-fs/nfs-utils-2.3.1-r2 net-libs/libnfsidmap ) ) - nls? ( >=sys-devel/gettext-0.18 ) - pac? ( - app-crypt/mit-krb5[${MULTILIB_USEDEP}] - net-fs/samba - ) - python? ( ${PYTHON_DEPS} ) - samba? ( >=net-fs/samba-4.10.2[winbind] ) - selinux? ( - >=sys-libs/libselinux-2.1.9 - >=sys-libs/libsemanage-2.1 - ) - systemd? ( - dev-libs/jansson:0= - net-libs/http-parser:0= - net-misc/curl:0= - )" -RDEPEND="${DEPEND} - >=sys-libs/glibc-2.17[nscd] - selinux? ( >=sec-policy/selinux-sssd-2.20120725-r9 )" -BDEPEND=">=sys-devel/autoconf-2.69-r5 - virtual/pkgconfig - doc? ( app-doc/doxygen ) - test? ( - dev-libs/check - dev-libs/softhsm:2 - dev-util/cmocka - net-libs/gnutls[pkcs11,tools] - sys-libs/libfaketime - sys-libs/nss_wrapper - sys-libs/pam_wrapper - sys-libs/uid_wrapper - valgrind? ( dev-util/valgrind ) - ) - man? ( - app-text/docbook-xml-dtd:4.4 - >=dev-libs/libxslt-1.1.26 - nls? ( app-text/po4a ) - )" - -CONFIG_CHECK="~KEYS" - -MULTILIB_WRAPPED_HEADERS=( - /usr/include/ipa_hbac.h - /usr/include/sss_idmap.h - /usr/include/sss_nss_idmap.h - # --with-ifp - /usr/include/sss_sifp.h - /usr/include/sss_sifp_dbus.h - # from 1.15.3 - /usr/include/sss_certmap.h -) - -PATCHES=( - "${FILESDIR}"/${P}-test_ca-Look-for-libsofthsm2.so-in-usr-libdir-sofths.patch -) - -pkg_setup() { - linux-info_pkg_setup -} - -src_prepare() { - sed -i 's:/var/run:/run:' \ - "${S}"/src/examples/logrotate || die - - default - eautoreconf - multilib_copy_sources - if use python && multilib_is_native_abi; then - python_setup - fi -} - -src_configure() { - local native_dbus_cflags=$($(tc-getPKG_CONFIG) --cflags dbus-1) - - multilib-minimal_src_configure -} - -multilib_src_configure() { - local myconf=() - - myconf+=( - --localstatedir="${EPREFIX}"/var - --runstatedir="${EPREFIX}"/run - --with-pid-path="${EPREFIX}"/run - --with-plugin-path="${EPREFIX}"/usr/$(get_libdir)/sssd - --enable-pammoddir="${EPREFIX}"/$(getpam_mod_dir) - --with-ldb-lib-dir="${EPREFIX}"/usr/$(get_libdir)/samba/ldb - --with-db-path="${EPREFIX}"/var/lib/sss/db - --with-gpo-cache-path="${EPREFIX}"/var/lib/sss/gpo_cache - --with-pubconf-path="${EPREFIX}"/var/lib/sss/pubconf - --with-pipe-path="${EPREFIX}"/var/lib/sss/pipes - --with-mcache-path="${EPREFIX}"/var/lib/sss/mc - --with-secrets-db-path="${EPREFIX}"/var/lib/sss/secrets - --with-log-path="${EPREFIX}"/var/log/sssd - --with-os=gentoo - --with-nscd="${EPREFIX}"/usr/sbin/nscd - --with-unicode-lib="glib2" - --disable-rpath - --sbindir=/usr/sbin - --with-crypto="libcrypto" - --enable-local-provider - $(multilib_native_use_with systemd kcm) - $(multilib_native_use_with systemd secrets) - $(use_with samba) - --with-smb-idmap-interface-version=6 - $(multilib_native_use_enable acl cifs-idmap-plugin) - $(multilib_native_use_with selinux) - $(multilib_native_use_with selinux semanage) - $(use_enable locator krb5-locator-plugin) - $(use_enable pac pac-responder) - $(multilib_native_use_with nfsv4 nfsv4-idmapd-plugin) - $(use_enable nls) - $(multilib_native_use_with netlink libnl) - $(multilib_native_use_with man manpages) - $(multilib_native_use_with sudo) - $(multilib_native_with autofs) - $(multilib_native_with ssh) - $(use_enable valgrind) - --without-python2-bindings - $(multilib_native_use_with python python3-bindings) - ) - - # Annoyingly configure requires that you pick systemd XOR sysv - if use systemd; then - myconf+=( - --with-initscript="systemd" - --with-systemdunitdir=$(systemd_get_systemunitdir) - ) - else - myconf+=(--with-initscript="sysv") - fi - - if ! multilib_is_native_abi; then - # work-around all the libraries that are used for CLI and server - myconf+=( - {POPT,TALLOC,TDB,TEVENT,LDB}_{CFLAGS,LIBS}=' ' - # ldb headers are fine since native needs it - # ldb lib fails... but it does not seem to bother - {DHASH,COLLECTION,INI_CONFIG_V{0,1,1_1,1_3}}_{CFLAGS,LIBS}=' ' - {PCRE,CARES,SYSTEMD_LOGIN,SASL,GLIB2,DBUS,CRYPTO,P11_KIT}_{CFLAGS,LIBS}=' ' - {NDR_NBT,SMBCLIENT,NDR_KRB5PAC}_{CFLAGS,LIBS}=' ' - - # use native include path for dbus (needed for build) - DBUS_CFLAGS="${native_dbus_cflags}" - - # non-pkgconfig checks - ac_cv_lib_ldap_ldap_search=yes - --without-secrets - --without-kcm - ) - fi - - econf "${myconf[@]}" -} - -multilib_src_compile() { - if multilib_is_native_abi; then - default - use doc && emake docs - if use man || use nls; then - emake update-po - fi - else - emake libnss_sss.la pam_sss.la - use locator && emake sssd_krb5_locator_plugin.la - use pac && emake sssd_pac_plugin.la - fi -} - -multilib_src_install() { - if multilib_is_native_abi; then - emake -j1 DESTDIR="${D}" "${_at_args[@]}" install - if use python; then - python_optimize - python_fix_shebang "${ED}" - fi - - else - # easier than playing with automake... - dopammod .libs/pam_sss.so - - into / - dolib.so .libs/libnss_sss.so* - - if use locator; then - exeinto /usr/$(get_libdir)/krb5/plugins/libkrb5 - doexe .libs/sssd_krb5_locator_plugin.so - fi - - if use pac; then - exeinto /usr/$(get_libdir)/krb5/plugins/authdata - doexe .libs/sssd_pac_plugin.so - fi - fi -} - -multilib_src_install_all() { - einstalldocs - find "${ED}" -type f -name '*.la' -delete || die - - insinto /etc/sssd - insopts -m600 - doins "${S}"/src/examples/sssd-example.conf - - insinto /etc/logrotate.d - insopts -m644 - newins "${S}"/src/examples/logrotate sssd - - newconfd "${FILESDIR}"/sssd.conf sssd - - keepdir /var/lib/sss/db - keepdir /var/lib/sss/deskprofile - keepdir /var/lib/sss/gpo_cache - keepdir /var/lib/sss/keytabs - keepdir /var/lib/sss/mc - keepdir /var/lib/sss/pipes/private - keepdir /var/lib/sss/pubconf/krb5.include.d - keepdir /var/lib/sss/secrets - keepdir /var/log/sssd - - # strip empty dirs - if ! use doc ; then - rm -r "${ED}"/usr/share/doc/"${PF}"/doc || die - rm -r "${ED}"/usr/share/doc/"${PF}"/{hbac,idmap,nss_idmap,sss_simpleifp}_doc || die - fi - - rm -r "${ED}"/run || die -} - -multilib_src_test() { - multilib_is_native_abi && emake check -} - -pkg_postinst() { - elog "You must set up sssd.conf (default installed into /etc/sssd)" - elog "and (optionally) configuration in /etc/pam.d in order to use SSSD" - elog "features. Please see howto in https://sssd.io/docs/design_pages/smartcard_authentication_require.html" -} diff --git a/sys-auth/sssd/sssd-2.3.1-r3.ebuild b/sys-auth/sssd/sssd-2.3.1-r3.ebuild new file mode 100644 index 000000000000..fdbe558ed56d --- /dev/null +++ b/sys-auth/sssd/sssd-2.3.1-r3.ebuild @@ -0,0 +1,288 @@ +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +PYTHON_COMPAT=( python3_{7,8,9} ) + +inherit autotools linux-info multilib-minimal python-single-r1 pam systemd toolchain-funcs + +DESCRIPTION="System Security Services Daemon provides access to identity and authentication" +HOMEPAGE="https://github.com/SSSD/sssd" +SRC_URI="https://github.com/SSSD/sssd/releases/download/${PN}-${PV//./_}/${P}.tar.gz" +KEYWORDS="amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sparc x86" + +LICENSE="GPL-3" +SLOT="0" +IUSE="acl doc +locator +netlink nfsv4 nls +man pac python samba selinux sudo systemd test valgrind" +RESTRICT="!test? ( test )" + +REQUIRED_USE="pac? ( samba ) + python? ( ${PYTHON_REQUIRED_USE} )" + +DEPEND=" + >=app-crypt/mit-krb5-1.10.3 + app-crypt/p11-kit + >=dev-libs/ding-libs-0.2 + dev-libs/glib:2 + >=dev-libs/cyrus-sasl-2.1.25-r3[kerberos] + >=dev-libs/libpcre-8.30:= + >=dev-libs/popt-1.16 + >=dev-libs/openssl-1.0.2:0= + >=net-dns/bind-tools-9.9[gssapi] + >=net-dns/c-ares-1.7.4:= + >=net-nds/openldap-2.4.30:=[sasl] + >=sys-apps/dbus-1.6 + >=sys-apps/keyutils-1.5:= + >=sys-libs/pam-0-r1[${MULTILIB_USEDEP}] + >=sys-libs/talloc-2.0.7 + >=sys-libs/tdb-1.2.9 + >=sys-libs/tevent-0.9.16 + >=sys-libs/ldb-1.1.17-r1:= + virtual/libintl + locator? ( + >=app-crypt/mit-krb5-1.12.2[${MULTILIB_USEDEP}] + >=net-dns/c-ares-1.10.0-r1:=[${MULTILIB_USEDEP}] + ) + acl? ( net-fs/cifs-utils[acl] ) + netlink? ( dev-libs/libnl:3 ) + nfsv4? ( || ( >=net-fs/nfs-utils-2.3.1-r2 net-libs/libnfsidmap ) ) + nls? ( >=sys-devel/gettext-0.18 ) + pac? ( + app-crypt/mit-krb5[${MULTILIB_USEDEP}] + net-fs/samba + ) + python? ( ${PYTHON_DEPS} ) + samba? ( >=net-fs/samba-4.10.2[winbind] ) + selinux? ( + >=sys-libs/libselinux-2.1.9 + >=sys-libs/libsemanage-2.1 + ) + systemd? ( + dev-libs/jansson:0= + net-libs/http-parser:0= + net-misc/curl:0= + )" +RDEPEND="${DEPEND} + >=sys-libs/glibc-2.17[nscd] + selinux? ( >=sec-policy/selinux-sssd-2.20120725-r9 )" +BDEPEND=">=sys-devel/autoconf-2.69-r5 + virtual/pkgconfig + doc? ( app-doc/doxygen ) + test? ( + dev-libs/check + dev-libs/softhsm:2 + dev-util/cmocka + net-libs/gnutls[pkcs11,tools] + sys-libs/libfaketime + sys-libs/nss_wrapper + sys-libs/pam_wrapper + sys-libs/uid_wrapper + valgrind? ( dev-util/valgrind ) + ) + man? ( + app-text/docbook-xml-dtd:4.4 + >=dev-libs/libxslt-1.1.26 + nls? ( app-text/po4a ) + )" + +CONFIG_CHECK="~KEYS" + +MULTILIB_WRAPPED_HEADERS=( + /usr/include/ipa_hbac.h + /usr/include/sss_idmap.h + /usr/include/sss_nss_idmap.h + # --with-ifp + /usr/include/sss_sifp.h + /usr/include/sss_sifp_dbus.h + # from 1.15.3 + /usr/include/sss_certmap.h +) + +PATCHES=( + "${FILESDIR}"/${P}-test_ca-Look-for-libsofthsm2.so-in-usr-libdir-sofths.patch +) + +pkg_setup() { + linux-info_pkg_setup +} + +src_prepare() { + sed -i 's:/var/run:/run:' \ + "${S}"/src/examples/logrotate || die + + default + eautoreconf + multilib_copy_sources + if use python && multilib_is_native_abi; then + python_setup + fi +} + +src_configure() { + local native_dbus_cflags=$($(tc-getPKG_CONFIG) --cflags dbus-1) + + multilib-minimal_src_configure +} + +multilib_src_configure() { + local myconf=() + + myconf+=( + --localstatedir="${EPREFIX}"/var + --runstatedir="${EPREFIX}"/run + --with-pid-path="${EPREFIX}"/run + --with-plugin-path="${EPREFIX}"/usr/$(get_libdir)/sssd + --enable-pammoddir="${EPREFIX}"/$(getpam_mod_dir) + --with-ldb-lib-dir="${EPREFIX}"/usr/$(get_libdir)/samba/ldb + --with-db-path="${EPREFIX}"/var/lib/sss/db + --with-gpo-cache-path="${EPREFIX}"/var/lib/sss/gpo_cache + --with-pubconf-path="${EPREFIX}"/var/lib/sss/pubconf + --with-pipe-path="${EPREFIX}"/var/lib/sss/pipes + --with-mcache-path="${EPREFIX}"/var/lib/sss/mc + --with-secrets-db-path="${EPREFIX}"/var/lib/sss/secrets + --with-log-path="${EPREFIX}"/var/log/sssd + --with-os=gentoo + --with-nscd="${EPREFIX}"/usr/sbin/nscd + --with-unicode-lib="glib2" + --disable-rpath + --sbindir=/usr/sbin + --with-crypto="libcrypto" + --enable-local-provider + $(multilib_native_use_with systemd kcm) + $(multilib_native_use_with systemd secrets) + $(use_with samba) + --with-smb-idmap-interface-version=6 + $(multilib_native_use_enable acl cifs-idmap-plugin) + $(multilib_native_use_with selinux) + $(multilib_native_use_with selinux semanage) + $(use_enable locator krb5-locator-plugin) + $(use_enable pac pac-responder) + $(multilib_native_use_with nfsv4 nfsv4-idmapd-plugin) + $(use_enable nls) + $(multilib_native_use_with netlink libnl) + $(multilib_native_use_with man manpages) + $(multilib_native_use_with sudo) + $(multilib_native_with autofs) + $(multilib_native_with ssh) + $(use_enable valgrind) + --without-python2-bindings + $(multilib_native_use_with python python3-bindings) + ) + + # Annoyingly configure requires that you pick systemd XOR sysv + if use systemd; then + myconf+=( + --with-initscript="systemd" + --with-systemdunitdir=$(systemd_get_systemunitdir) + ) + else + myconf+=(--with-initscript="sysv") + fi + + if ! multilib_is_native_abi; then + # work-around all the libraries that are used for CLI and server + myconf+=( + {POPT,TALLOC,TDB,TEVENT,LDB}_{CFLAGS,LIBS}=' ' + # ldb headers are fine since native needs it + # ldb lib fails... but it does not seem to bother + {DHASH,COLLECTION,INI_CONFIG_V{0,1,1_1,1_3}}_{CFLAGS,LIBS}=' ' + {PCRE,CARES,SYSTEMD_LOGIN,SASL,GLIB2,DBUS,CRYPTO,P11_KIT}_{CFLAGS,LIBS}=' ' + {NDR_NBT,SMBCLIENT,NDR_KRB5PAC}_{CFLAGS,LIBS}=' ' + + # use native include path for dbus (needed for build) + DBUS_CFLAGS="${native_dbus_cflags}" + + # non-pkgconfig checks + ac_cv_lib_ldap_ldap_search=yes + --without-secrets + --without-kcm + ) + fi + + econf "${myconf[@]}" +} + +multilib_src_compile() { + if multilib_is_native_abi; then + default + use doc && emake docs + if use man || use nls; then + emake update-po + fi + else + emake libnss_sss.la pam_sss.la + use locator && emake sssd_krb5_locator_plugin.la + use pac && emake sssd_pac_plugin.la + fi +} + +multilib_src_install() { + if multilib_is_native_abi; then + emake -j1 DESTDIR="${D}" "${_at_args[@]}" install + if use python; then + python_optimize + python_fix_shebang "${ED}" + fi + + else + # easier than playing with automake... + dopammod .libs/pam_sss.so + + into / + dolib.so .libs/libnss_sss.so* + + if use locator; then + exeinto /usr/$(get_libdir)/krb5/plugins/libkrb5 + doexe .libs/sssd_krb5_locator_plugin.so + fi + + if use pac; then + exeinto /usr/$(get_libdir)/krb5/plugins/authdata + doexe .libs/sssd_pac_plugin.so + fi + fi +} + +multilib_src_install_all() { + einstalldocs + find "${ED}" -type f -name '*.la' -delete || die + + insinto /etc/sssd + insopts -m600 + doins "${S}"/src/examples/sssd-example.conf + + insinto /etc/logrotate.d + insopts -m644 + newins "${S}"/src/examples/logrotate sssd + + newconfd "${FILESDIR}"/sssd.conf sssd + + keepdir /var/lib/sss/db + keepdir /var/lib/sss/deskprofile + keepdir /var/lib/sss/gpo_cache + keepdir /var/lib/sss/keytabs + keepdir /var/lib/sss/mc + keepdir /var/lib/sss/pipes/private + keepdir /var/lib/sss/pubconf/krb5.include.d + keepdir /var/lib/sss/secrets + keepdir /var/log/sssd + + # strip empty dirs + if ! use doc ; then + rm -r "${ED}"/usr/share/doc/"${PF}"/doc || die + rm -r "${ED}"/usr/share/doc/"${PF}"/{hbac,idmap,nss_idmap,sss_simpleifp}_doc || die + fi + + rm -r "${ED}"/run || die +} + +multilib_src_test() { + multilib_is_native_abi && emake check +} + +pkg_postinst() { + elog "You must set up sssd.conf (default installed into /etc/sssd)" + elog "and (optionally) configuration in /etc/pam.d in order to use SSSD" + elog "features. Please see howto in https://sssd.io/docs/design_pages/smartcard_authentication_require.html" +} diff --git a/sys-auth/sssd/sssd-2.5.2-r2.ebuild b/sys-auth/sssd/sssd-2.5.2-r2.ebuild deleted file mode 100644 index 8a2687f20563..000000000000 --- a/sys-auth/sssd/sssd-2.5.2-r2.ebuild +++ /dev/null @@ -1,303 +0,0 @@ -# Copyright 1999-2021 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -PYTHON_COMPAT=( python3_{8..10} ) - -inherit autotools linux-info multilib-minimal python-single-r1 pam systemd toolchain-funcs optfeature - -DESCRIPTION="System Security Services Daemon provides access to identity and authentication" -HOMEPAGE="https://github.com/SSSD/sssd" -SRC_URI="https://github.com/SSSD/sssd/releases/download/${PV}/${P}.tar.gz" -SRC_URI+=" https://dev.gentoo.org/~sam/distfiles/${CATEGORY}/${PN}/${P}-CVE-2021-3621.patch.bz2" - -LICENSE="GPL-3" -SLOT="0" -KEYWORDS="amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc x86" -IUSE="acl doc +locator +netlink nfsv4 nls +man pac python samba selinux sudo systemd systemtap test valgrind" -RESTRICT="!test? ( test )" - -REQUIRED_USE="${PYTHON_REQUIRED_USE} - pac? ( samba ) - test? ( sudo ) - valgrind? ( test )" - -BDEPEND=">=sys-devel/autoconf-2.69-r5 - virtual/pkgconfig - ${PYTHON_DEPS} - doc? ( app-doc/doxygen ) - test? ( - dev-libs/check - dev-libs/softhsm:2 - dev-util/cmocka - net-libs/gnutls[pkcs11,tools] - sys-libs/libfaketime - sys-libs/nss_wrapper - sys-libs/pam_wrapper - sys-libs/uid_wrapper - valgrind? ( dev-util/valgrind ) - ) - man? ( - app-text/docbook-xml-dtd:4.4 - >=dev-libs/libxslt-1.1.26 - nls? ( app-text/po4a ) - )" - -DEPEND=">=app-crypt/mit-krb5-1.19.1[${MULTILIB_USEDEP}] - app-crypt/p11-kit - >=dev-libs/ding-libs-0.2 - dev-libs/glib:2 - >=dev-libs/cyrus-sasl-2.1.25-r3[kerberos] - >=dev-libs/libpcre-8.30:= - >=dev-libs/popt-1.16 - >=dev-libs/openssl-1.0.2:0= - >=net-dns/bind-tools-9.9[gssapi] - >=net-dns/c-ares-1.7.4 - >=net-nds/openldap-2.4.30[sasl] - >=sys-apps/dbus-1.6 - >=sys-apps/keyutils-1.5:= - >=sys-libs/pam-0-r1[${MULTILIB_USEDEP}] - >=sys-libs/talloc-2.0.7 - >=sys-libs/tdb-1.2.9 - >=sys-libs/tevent-0.9.16 - >=sys-libs/ldb-1.1.17-r1:= - virtual/libintl - locator? ( - >=net-dns/c-ares-1.10.0-r1[${MULTILIB_USEDEP}] - ) - acl? ( net-fs/cifs-utils[acl] ) - netlink? ( dev-libs/libnl:3 ) - nfsv4? ( || ( >=net-fs/nfs-utils-2.3.1-r2 net-libs/libnfsidmap ) ) - nls? ( >=sys-devel/gettext-0.18 ) - pac? ( - net-fs/samba - ) - python? ( ${PYTHON_DEPS} ) - samba? ( >=net-fs/samba-4.10.2[winbind] ) - selinux? ( - >=sys-libs/libselinux-2.1.9 - >=sys-libs/libsemanage-2.1 - ) - systemd? ( - dev-libs/jansson:0= - net-libs/http-parser:0= - net-misc/curl:0= - ) - systemtap? ( dev-util/systemtap )" -RDEPEND="${DEPEND} - >=sys-libs/glibc-2.17[nscd] - selinux? ( >=sec-policy/selinux-sssd-2.20120725-r9 )" - -CONFIG_CHECK="~KEYS" - -MULTILIB_WRAPPED_HEADERS=( - /usr/include/ipa_hbac.h - /usr/include/sss_idmap.h - /usr/include/sss_nss_idmap.h - # --with-ifp - /usr/include/sss_sifp.h - /usr/include/sss_sifp_dbus.h - # from 1.15.3 - /usr/include/sss_certmap.h -) - -PATCHES=( - "${WORKDIR}"/${P}-CVE-2021-3621.patch -) - -pkg_setup() { - linux-info_pkg_setup - python-single-r1_pkg_setup -} - -src_prepare() { - default - - sed -i \ - -e 's:/var/run:/run:' \ - "${S}"/src/examples/logrotate \ - || die - - # disable flaky test, see https://github.com/SSSD/sssd/issues/5631 - sed -i \ - -e '/^\s*pam-srv-tests[ \\]*$/d' \ - "${S}"/Makefile.am \ - || die - - eautoreconf - - multilib_copy_sources -} - -src_configure() { - local native_dbus_cflags=$($(tc-getPKG_CONFIG) --cflags dbus-1) - - multilib-minimal_src_configure -} - -multilib_src_configure() { - local myconf=() - - myconf+=( - --localstatedir="${EPREFIX}"/var - --runstatedir="${EPREFIX}"/run - --with-pid-path="${EPREFIX}"/run - --with-plugin-path="${EPREFIX}"/usr/$(get_libdir)/sssd - --enable-pammoddir="${EPREFIX}"/$(getpam_mod_dir) - --with-ldb-lib-dir="${EPREFIX}"/usr/$(get_libdir)/samba/ldb - --with-db-path="${EPREFIX}"/var/lib/sss/db - --with-gpo-cache-path="${EPREFIX}"/var/lib/sss/gpo_cache - --with-pubconf-path="${EPREFIX}"/var/lib/sss/pubconf - --with-pipe-path="${EPREFIX}"/var/lib/sss/pipes - --with-mcache-path="${EPREFIX}"/var/lib/sss/mc - --with-secrets-db-path="${EPREFIX}"/var/lib/sss/secrets - --with-log-path="${EPREFIX}"/var/log/sssd - --with-os=gentoo - --with-nscd="${EPREFIX}"/usr/sbin/nscd - --with-unicode-lib="glib2" - --disable-rpath - --disable-static - --sbindir=/usr/sbin - --enable-local-provider - $(multilib_native_use_with systemd kcm) - $(multilib_native_use_with systemd secrets) - $(use_with samba) - --with-smb-idmap-interface-version=6 - $(multilib_native_use_enable acl cifs-idmap-plugin) - $(multilib_native_use_with selinux) - $(multilib_native_use_with selinux semanage) - $(use_enable locator krb5-locator-plugin) - $(use_enable pac pac-responder) - $(multilib_native_use_with nfsv4 nfsv4-idmapd-plugin) - $(use_enable nls) - $(multilib_native_use_with netlink libnl) - $(multilib_native_use_with man manpages) - $(multilib_native_use_with sudo) - $(multilib_native_with autofs) - $(multilib_native_with ssh) - $(use_enable systemtap) - $(use_enable valgrind) - --without-python2-bindings - $(multilib_native_use_with python python3-bindings) - ) - - # Annoyingly configure requires that you pick systemd XOR sysv - if use systemd; then - myconf+=( - --with-initscript="systemd" - --with-systemdunitdir=$(systemd_get_systemunitdir) - ) - else - myconf+=(--with-initscript="sysv") - fi - - if ! multilib_is_native_abi; then - # work-around all the libraries that are used for CLI and server - myconf+=( - {POPT,TALLOC,TDB,TEVENT,LDB}_{CFLAGS,LIBS}=' ' - # ldb headers are fine since native needs it - # ldb lib fails... but it does not seem to bother - {DHASH,COLLECTION,INI_CONFIG_V{0,1,1_1,1_3}}_{CFLAGS,LIBS}=' ' - {PCRE,CARES,SYSTEMD_LOGIN,SASL,GLIB2,DBUS,CRYPTO,P11_KIT}_{CFLAGS,LIBS}=' ' - {NDR_NBT,SMBCLIENT,NDR_KRB5PAC}_{CFLAGS,LIBS}=' ' - - # use native include path for dbus (needed for build) - DBUS_CFLAGS="${native_dbus_cflags}" - - # non-pkgconfig checks - ac_cv_lib_ldap_ldap_search=yes - --without-secrets - --without-kcm - ) - fi - - econf "${myconf[@]}" -} - -multilib_src_compile() { - if multilib_is_native_abi; then - default - use doc && emake docs - if use man || use nls; then - emake update-po - fi - else - emake libnss_sss.la pam_sss.la - use locator && emake sssd_krb5_locator_plugin.la - use pac && emake sssd_pac_plugin.la - fi -} - -multilib_src_test() { - if multilib_is_native_abi; then - local -x CK_TIMEOUT_MULTIPLIER=10 - emake check VERBOSE=yes - fi -} - -multilib_src_install() { - if multilib_is_native_abi; then - emake -j1 DESTDIR="${D}" "${_at_args[@]}" install - if use python; then - python_optimize - python_fix_shebang "${ED}" - fi - else - # easier than playing with automake... - dopammod .libs/pam_sss.so - - into / - dolib.so .libs/libnss_sss.so* - - if use locator; then - exeinto /usr/$(get_libdir)/krb5/plugins/libkrb5 - doexe .libs/sssd_krb5_locator_plugin.so - fi - - if use pac; then - exeinto /usr/$(get_libdir)/krb5/plugins/authdata - doexe .libs/sssd_pac_plugin.so - fi - fi -} - -multilib_src_install_all() { - einstalldocs - find "${ED}" -type f -name '*.la' -delete || die - - insinto /etc/sssd - insopts -m600 - doins "${S}"/src/examples/sssd-example.conf - - insinto /etc/logrotate.d - insopts -m644 - newins "${S}"/src/examples/logrotate sssd - - newconfd "${FILESDIR}"/sssd.conf sssd - - keepdir /var/lib/sss/db - keepdir /var/lib/sss/deskprofile - keepdir /var/lib/sss/gpo_cache - keepdir /var/lib/sss/keytabs - keepdir /var/lib/sss/mc - keepdir /var/lib/sss/pipes/private - keepdir /var/lib/sss/pubconf/krb5.include.d - keepdir /var/lib/sss/secrets - keepdir /var/log/sssd - - # strip empty dirs - if ! use doc; then - rm -r "${ED}"/usr/share/doc/"${PF}"/doc || die - rm -r "${ED}"/usr/share/doc/"${PF}"/{hbac,idmap,nss_idmap,sss_simpleifp}_doc || die - fi - - rm -r "${ED}"/run || die -} - -pkg_postinst() { - elog "You must set up sssd.conf (default installed into /etc/sssd)" - elog "and (optionally) configuration in /etc/pam.d in order to use SSSD" - elog "features. Please see howto in https://sssd.io/docs/design_pages/smartcard_authentication_require.html" - optfeature "Kerberos keytab renew (see krb5_renew_interval)" app-crypt/adcli -} diff --git a/sys-auth/sssd/sssd-2.5.2-r3.ebuild b/sys-auth/sssd/sssd-2.5.2-r3.ebuild new file mode 100644 index 000000000000..ae761b254289 --- /dev/null +++ b/sys-auth/sssd/sssd-2.5.2-r3.ebuild @@ -0,0 +1,303 @@ +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +PYTHON_COMPAT=( python3_{8..10} ) + +inherit autotools linux-info multilib-minimal python-single-r1 pam systemd toolchain-funcs optfeature + +DESCRIPTION="System Security Services Daemon provides access to identity and authentication" +HOMEPAGE="https://github.com/SSSD/sssd" +SRC_URI="https://github.com/SSSD/sssd/releases/download/${PV}/${P}.tar.gz" +SRC_URI+=" https://dev.gentoo.org/~sam/distfiles/${CATEGORY}/${PN}/${P}-CVE-2021-3621.patch.bz2" + +LICENSE="GPL-3" +SLOT="0" +KEYWORDS="amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc x86" +IUSE="acl doc +locator +netlink nfsv4 nls +man pac python samba selinux sudo systemd systemtap test valgrind" +RESTRICT="!test? ( test )" + +REQUIRED_USE="${PYTHON_REQUIRED_USE} + pac? ( samba ) + test? ( sudo ) + valgrind? ( test )" + +BDEPEND=">=sys-devel/autoconf-2.69-r5 + virtual/pkgconfig + ${PYTHON_DEPS} + doc? ( app-doc/doxygen ) + test? ( + dev-libs/check + dev-libs/softhsm:2 + dev-util/cmocka + net-libs/gnutls[pkcs11,tools] + sys-libs/libfaketime + sys-libs/nss_wrapper + sys-libs/pam_wrapper + sys-libs/uid_wrapper + valgrind? ( dev-util/valgrind ) + ) + man? ( + app-text/docbook-xml-dtd:4.4 + >=dev-libs/libxslt-1.1.26 + nls? ( app-text/po4a ) + )" + +DEPEND=">=app-crypt/mit-krb5-1.19.1[${MULTILIB_USEDEP}] + app-crypt/p11-kit + >=dev-libs/ding-libs-0.2 + dev-libs/glib:2 + >=dev-libs/cyrus-sasl-2.1.25-r3[kerberos] + >=dev-libs/libpcre-8.30:= + >=dev-libs/popt-1.16 + >=dev-libs/openssl-1.0.2:0= + >=net-dns/bind-tools-9.9[gssapi] + >=net-dns/c-ares-1.7.4:= + >=net-nds/openldap-2.4.30:=[sasl] + >=sys-apps/dbus-1.6 + >=sys-apps/keyutils-1.5:= + >=sys-libs/pam-0-r1[${MULTILIB_USEDEP}] + >=sys-libs/talloc-2.0.7 + >=sys-libs/tdb-1.2.9 + >=sys-libs/tevent-0.9.16 + >=sys-libs/ldb-1.1.17-r1:= + virtual/libintl + locator? ( + >=net-dns/c-ares-1.10.0-r1:=[${MULTILIB_USEDEP}] + ) + acl? ( net-fs/cifs-utils[acl] ) + netlink? ( dev-libs/libnl:3 ) + nfsv4? ( || ( >=net-fs/nfs-utils-2.3.1-r2 net-libs/libnfsidmap ) ) + nls? ( >=sys-devel/gettext-0.18 ) + pac? ( + net-fs/samba + ) + python? ( ${PYTHON_DEPS} ) + samba? ( >=net-fs/samba-4.10.2[winbind] ) + selinux? ( + >=sys-libs/libselinux-2.1.9 + >=sys-libs/libsemanage-2.1 + ) + systemd? ( + dev-libs/jansson:0= + net-libs/http-parser:0= + net-misc/curl:0= + ) + systemtap? ( dev-util/systemtap )" +RDEPEND="${DEPEND} + >=sys-libs/glibc-2.17[nscd] + selinux? ( >=sec-policy/selinux-sssd-2.20120725-r9 )" + +CONFIG_CHECK="~KEYS" + +MULTILIB_WRAPPED_HEADERS=( + /usr/include/ipa_hbac.h + /usr/include/sss_idmap.h + /usr/include/sss_nss_idmap.h + # --with-ifp + /usr/include/sss_sifp.h + /usr/include/sss_sifp_dbus.h + # from 1.15.3 + /usr/include/sss_certmap.h +) + +PATCHES=( + "${WORKDIR}"/${P}-CVE-2021-3621.patch +) + +pkg_setup() { + linux-info_pkg_setup + python-single-r1_pkg_setup +} + +src_prepare() { + default + + sed -i \ + -e 's:/var/run:/run:' \ + "${S}"/src/examples/logrotate \ + || die + + # disable flaky test, see https://github.com/SSSD/sssd/issues/5631 + sed -i \ + -e '/^\s*pam-srv-tests[ \\]*$/d' \ + "${S}"/Makefile.am \ + || die + + eautoreconf + + multilib_copy_sources +} + +src_configure() { + local native_dbus_cflags=$($(tc-getPKG_CONFIG) --cflags dbus-1) + + multilib-minimal_src_configure +} + +multilib_src_configure() { + local myconf=() + + myconf+=( + --localstatedir="${EPREFIX}"/var + --runstatedir="${EPREFIX}"/run + --with-pid-path="${EPREFIX}"/run + --with-plugin-path="${EPREFIX}"/usr/$(get_libdir)/sssd + --enable-pammoddir="${EPREFIX}"/$(getpam_mod_dir) + --with-ldb-lib-dir="${EPREFIX}"/usr/$(get_libdir)/samba/ldb + --with-db-path="${EPREFIX}"/var/lib/sss/db + --with-gpo-cache-path="${EPREFIX}"/var/lib/sss/gpo_cache + --with-pubconf-path="${EPREFIX}"/var/lib/sss/pubconf + --with-pipe-path="${EPREFIX}"/var/lib/sss/pipes + --with-mcache-path="${EPREFIX}"/var/lib/sss/mc + --with-secrets-db-path="${EPREFIX}"/var/lib/sss/secrets + --with-log-path="${EPREFIX}"/var/log/sssd + --with-os=gentoo + --with-nscd="${EPREFIX}"/usr/sbin/nscd + --with-unicode-lib="glib2" + --disable-rpath + --disable-static + --sbindir=/usr/sbin + --enable-local-provider + $(multilib_native_use_with systemd kcm) + $(multilib_native_use_with systemd secrets) + $(use_with samba) + --with-smb-idmap-interface-version=6 + $(multilib_native_use_enable acl cifs-idmap-plugin) + $(multilib_native_use_with selinux) + $(multilib_native_use_with selinux semanage) + $(use_enable locator krb5-locator-plugin) + $(use_enable pac pac-responder) + $(multilib_native_use_with nfsv4 nfsv4-idmapd-plugin) + $(use_enable nls) + $(multilib_native_use_with netlink libnl) + $(multilib_native_use_with man manpages) + $(multilib_native_use_with sudo) + $(multilib_native_with autofs) + $(multilib_native_with ssh) + $(use_enable systemtap) + $(use_enable valgrind) + --without-python2-bindings + $(multilib_native_use_with python python3-bindings) + ) + + # Annoyingly configure requires that you pick systemd XOR sysv + if use systemd; then + myconf+=( + --with-initscript="systemd" + --with-systemdunitdir=$(systemd_get_systemunitdir) + ) + else + myconf+=(--with-initscript="sysv") + fi + + if ! multilib_is_native_abi; then + # work-around all the libraries that are used for CLI and server + myconf+=( + {POPT,TALLOC,TDB,TEVENT,LDB}_{CFLAGS,LIBS}=' ' + # ldb headers are fine since native needs it + # ldb lib fails... but it does not seem to bother + {DHASH,COLLECTION,INI_CONFIG_V{0,1,1_1,1_3}}_{CFLAGS,LIBS}=' ' + {PCRE,CARES,SYSTEMD_LOGIN,SASL,GLIB2,DBUS,CRYPTO,P11_KIT}_{CFLAGS,LIBS}=' ' + {NDR_NBT,SMBCLIENT,NDR_KRB5PAC}_{CFLAGS,LIBS}=' ' + + # use native include path for dbus (needed for build) + DBUS_CFLAGS="${native_dbus_cflags}" + + # non-pkgconfig checks + ac_cv_lib_ldap_ldap_search=yes + --without-secrets + --without-kcm + ) + fi + + econf "${myconf[@]}" +} + +multilib_src_compile() { + if multilib_is_native_abi; then + default + use doc && emake docs + if use man || use nls; then + emake update-po + fi + else + emake libnss_sss.la pam_sss.la + use locator && emake sssd_krb5_locator_plugin.la + use pac && emake sssd_pac_plugin.la + fi +} + +multilib_src_test() { + if multilib_is_native_abi; then + local -x CK_TIMEOUT_MULTIPLIER=10 + emake check VERBOSE=yes + fi +} + +multilib_src_install() { + if multilib_is_native_abi; then + emake -j1 DESTDIR="${D}" "${_at_args[@]}" install + if use python; then + python_optimize + python_fix_shebang "${ED}" + fi + else + # easier than playing with automake... + dopammod .libs/pam_sss.so + + into / + dolib.so .libs/libnss_sss.so* + + if use locator; then + exeinto /usr/$(get_libdir)/krb5/plugins/libkrb5 + doexe .libs/sssd_krb5_locator_plugin.so + fi + + if use pac; then + exeinto /usr/$(get_libdir)/krb5/plugins/authdata + doexe .libs/sssd_pac_plugin.so + fi + fi +} + +multilib_src_install_all() { + einstalldocs + find "${ED}" -type f -name '*.la' -delete || die + + insinto /etc/sssd + insopts -m600 + doins "${S}"/src/examples/sssd-example.conf + + insinto /etc/logrotate.d + insopts -m644 + newins "${S}"/src/examples/logrotate sssd + + newconfd "${FILESDIR}"/sssd.conf sssd + + keepdir /var/lib/sss/db + keepdir /var/lib/sss/deskprofile + keepdir /var/lib/sss/gpo_cache + keepdir /var/lib/sss/keytabs + keepdir /var/lib/sss/mc + keepdir /var/lib/sss/pipes/private + keepdir /var/lib/sss/pubconf/krb5.include.d + keepdir /var/lib/sss/secrets + keepdir /var/log/sssd + + # strip empty dirs + if ! use doc; then + rm -r "${ED}"/usr/share/doc/"${PF}"/doc || die + rm -r "${ED}"/usr/share/doc/"${PF}"/{hbac,idmap,nss_idmap,sss_simpleifp}_doc || die + fi + + rm -r "${ED}"/run || die +} + +pkg_postinst() { + elog "You must set up sssd.conf (default installed into /etc/sssd)" + elog "and (optionally) configuration in /etc/pam.d in order to use SSSD" + elog "features. Please see howto in https://sssd.io/docs/design_pages/smartcard_authentication_require.html" + optfeature "Kerberos keytab renew (see krb5_renew_interval)" app-crypt/adcli +} diff --git a/sys-auth/sssd/sssd-2.6.0-r1.ebuild b/sys-auth/sssd/sssd-2.6.0-r1.ebuild deleted file mode 100644 index 6b13c0aa927a..000000000000 --- a/sys-auth/sssd/sssd-2.6.0-r1.ebuild +++ /dev/null @@ -1,291 +0,0 @@ -# Copyright 1999-2021 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -PYTHON_COMPAT=( python3_{8..10} ) - -inherit autotools linux-info multilib-minimal optfeature python-single-r1 pam systemd toolchain-funcs - -DESCRIPTION="System Security Services Daemon provides access to identity and authentication" -HOMEPAGE="https://github.com/SSSD/sssd" -SRC_URI="https://github.com/SSSD/sssd/releases/download/${PV}/${P}.tar.gz" - -LICENSE="GPL-3" -SLOT="0" -KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86" -IUSE="acl doc +locator +netlink nfsv4 nls +man pac python samba selinux sudo systemd systemtap test valgrind" -REQUIRED_USE=" - pac? ( samba ) - python? ( ${PYTHON_REQUIRED_USE} ) - test? ( sudo ) - valgrind? ( test )" -RESTRICT="!test? ( test )" - -DEPEND=" - >=app-crypt/mit-krb5-1.19.1[${MULTILIB_USEDEP}] - app-crypt/p11-kit - >=dev-libs/ding-libs-0.2 - >=dev-libs/cyrus-sasl-2.1.25-r3[kerberos] - dev-libs/libpcre2:= - >=dev-libs/popt-1.16 - >=dev-libs/openssl-1.0.2:= - dev-libs/libunistring:= - >=net-dns/bind-tools-9.9[gssapi] - >=net-dns/c-ares-1.7.4:= - >=net-nds/openldap-2.4.30[sasl] - >=sys-apps/dbus-1.6 - >=sys-apps/keyutils-1.5:= - >=sys-libs/pam-0-r1[${MULTILIB_USEDEP}] - >=sys-libs/talloc-2.0.7 - >=sys-libs/tdb-1.2.9 - >=sys-libs/tevent-0.9.16 - >=sys-libs/ldb-1.1.17-r1:= - virtual/libintl - acl? ( net-fs/cifs-utils[acl] ) - locator? ( >=net-dns/c-ares-1.10.0-r1[${MULTILIB_USEDEP}] ) - netlink? ( dev-libs/libnl:3 ) - nfsv4? ( - || ( - >=net-fs/nfs-utils-2.3.1-r2 - net-libs/libnfsidmap - ) - ) - pac? ( net-fs/samba ) - python? ( ${PYTHON_DEPS} ) - samba? ( >=net-fs/samba-4.10.2[winbind] ) - selinux? ( - >=sys-libs/libselinux-2.1.9 - >=sys-libs/libsemanage-2.1 - ) - systemd? ( - sys-apps/systemd:= - sys-apps/util-linux - ) - systemtap? ( dev-util/systemtap )" -RDEPEND="${DEPEND} - >=sys-libs/glibc-2.17[nscd] - selinux? ( >=sec-policy/selinux-sssd-2.20120725-r9 )" -BDEPEND=" - virtual/pkgconfig - ${PYTHON_DEPS} - doc? ( app-doc/doxygen ) - nls? ( sys-devel/gettext ) - test? ( - dev-libs/check - dev-libs/softhsm:2 - dev-util/cmocka - net-libs/gnutls[pkcs11,tools] - sys-libs/libfaketime - sys-libs/nss_wrapper - sys-libs/pam_wrapper - sys-libs/uid_wrapper - valgrind? ( dev-util/valgrind ) - ) - man? ( - app-text/docbook-xml-dtd:4.4 - >=dev-libs/libxslt-1.1.26 - nls? ( app-text/po4a ) - )" - -CONFIG_CHECK="~KEYS" - -PATCHES=( "${FILESDIR}"/${PN}-2.6.0-conditional-python-install.patch ) - -MULTILIB_WRAPPED_HEADERS=( - /usr/include/ipa_hbac.h - /usr/include/sss_idmap.h - /usr/include/sss_nss_idmap.h - # --with-ifp - /usr/include/sss_sifp.h - /usr/include/sss_sifp_dbus.h - # from 1.15.3 - /usr/include/sss_certmap.h -) - -pkg_setup() { - linux-info_pkg_setup - python-single-r1_pkg_setup -} - -src_prepare() { - default - - sed -i \ - -e 's:/var/run:/run:' \ - src/examples/logrotate \ - || die - - # disable flaky test, see https://github.com/SSSD/sssd/issues/5631 - sed -i \ - -e '/^\s*pam-srv-tests[ \\]*$/d' \ - Makefile.am \ - || die - - eautoreconf - - multilib_copy_sources -} - -src_configure() { - local native_dbus_cflags=$($(tc-getPKG_CONFIG) --cflags dbus-1 || die) - - multilib-minimal_src_configure -} - -multilib_src_configure() { - local myconf=() - - myconf+=( - --localstatedir="${EPREFIX}"/var - --runstatedir="${EPREFIX}"/run - --with-pid-path="${EPREFIX}"/run - --with-plugin-path="${EPREFIX}"/usr/$(get_libdir)/sssd - --enable-pammoddir="${EPREFIX}"/$(getpam_mod_dir) - --with-ldb-lib-dir="${EPREFIX}"/usr/$(get_libdir)/samba/ldb - --with-db-path="${EPREFIX}"/var/lib/sss/db - --with-gpo-cache-path="${EPREFIX}"/var/lib/sss/gpo_cache - --with-pubconf-path="${EPREFIX}"/var/lib/sss/pubconf - --with-pipe-path="${EPREFIX}"/var/lib/sss/pipes - --with-mcache-path="${EPREFIX}"/var/lib/sss/mc - --with-secrets-db-path="${EPREFIX}"/var/lib/sss/secrets - --with-log-path="${EPREFIX}"/var/log/sssd - --with-os=gentoo - --disable-rpath - --disable-static - --sbindir="${EPREFIX}"/usr/sbin - $(multilib_native_use_with systemd kcm) - $(use_with samba) - --with-smb-idmap-interface-version=6 - $(multilib_native_use_enable acl cifs-idmap-plugin) - $(multilib_native_use_with selinux) - $(multilib_native_use_with selinux semanage) - $(use_enable locator krb5-locator-plugin) - $(use_enable pac pac-responder) - $(multilib_native_use_with nfsv4 nfsv4-idmapd-plugin) - $(use_enable nls) - $(multilib_native_use_with netlink libnl) - $(multilib_native_use_with man manpages) - $(multilib_native_use_with sudo) - $(multilib_native_with autofs) - $(multilib_native_with ssh) - $(use_enable systemtap) - $(use_enable valgrind) - --without-python2-bindings - $(multilib_native_use_with python python3-bindings) - # Annoyingly configure requires that you pick systemd XOR sysv - --with-initscript=$(usex systemd systemd sysv) - ) - - use systemd && myconf+=( - --with-systemdunitdir=$(systemd_get_systemunitdir) - ) - - if ! multilib_is_native_abi; then - # work-around all the libraries that are used for CLI and server - myconf+=( - {POPT,TALLOC,TDB,TEVENT,LDB}_{CFLAGS,LIBS}=' ' - # ldb headers are fine since native needs it - # ldb lib fails... but it does not seem to bother - {DHASH,COLLECTION,INI_CONFIG_V{0,1,1_1,1_3}}_{CFLAGS,LIBS}=' ' - {PCRE,CARES,SYSTEMD_LOGIN,SASL,GLIB2,DBUS,CRYPTO,P11_KIT}_{CFLAGS,LIBS}=' ' - {NDR_NBT,SMBCLIENT,NDR_KRB5PAC}_{CFLAGS,LIBS}=' ' - - # use native include path for dbus (needed for build) - DBUS_CFLAGS="${native_dbus_cflags}" - - # non-pkgconfig checks - ac_cv_lib_ldap_ldap_search=yes - --without-kcm - ) - fi - - econf "${myconf[@]}" -} - -multilib_src_compile() { - if multilib_is_native_abi; then - default - use doc && emake docs - if use man || use nls; then - emake update-po - fi - else - emake libnss_sss.la pam_sss.la - use locator && emake sssd_krb5_locator_plugin.la - use pac && emake sssd_pac_plugin.la - fi -} - -multilib_src_test() { - if multilib_is_native_abi; then - local -x CK_TIMEOUT_MULTIPLIER=10 - emake check VERBOSE=yes - fi -} - -multilib_src_install() { - if multilib_is_native_abi; then - emake -j1 DESTDIR="${D}" install - if use python; then - python_fix_shebang "${ED}" - python_optimize - fi - else - # easier than playing with automake... - dopammod .libs/pam_sss.so - - into / - dolib.so .libs/libnss_sss.so* - - if use locator; then - exeinto /usr/$(get_libdir)/krb5/plugins/libkrb5 - doexe .libs/sssd_krb5_locator_plugin.so - fi - - if use pac; then - exeinto /usr/$(get_libdir)/krb5/plugins/authdata - doexe .libs/sssd_pac_plugin.so - fi - fi -} - -multilib_src_install_all() { - einstalldocs - - insinto /etc/sssd - insopts -m600 - doins src/examples/sssd-example.conf - - insinto /etc/logrotate.d - insopts -m644 - newins src/examples/logrotate sssd - - newconfd "${FILESDIR}"/sssd.conf sssd - - keepdir /var/lib/sss/db - keepdir /var/lib/sss/deskprofile - keepdir /var/lib/sss/gpo_cache - keepdir /var/lib/sss/keytabs - keepdir /var/lib/sss/mc - keepdir /var/lib/sss/pipes/private - keepdir /var/lib/sss/pubconf/krb5.include.d - keepdir /var/lib/sss/secrets - keepdir /var/log/sssd - - # strip empty dirs - if ! use doc; then - rm -r "${ED}"/usr/share/doc/"${PF}"/doc || die - rm -r "${ED}"/usr/share/doc/"${PF}"/{hbac,idmap,nss_idmap,sss_simpleifp}_doc || die - fi - - rm -r "${ED}"/run || die - find "${ED}" -type f -name '*.la' -delete || die -} - -pkg_postinst() { - elog "You must set up sssd.conf (default installed into /etc/sssd)" - elog "and (optionally) configuration in /etc/pam.d in order to use SSSD" - elog "features. Please see howto in https://sssd.io/docs/design_pages/smartcard_authentication_require.html" - optfeature "Kerberos keytab renew (see krb5_renew_interval)" app-crypt/adcli -} diff --git a/sys-auth/sssd/sssd-2.6.0-r2.ebuild b/sys-auth/sssd/sssd-2.6.0-r2.ebuild new file mode 100644 index 000000000000..b659742f8808 --- /dev/null +++ b/sys-auth/sssd/sssd-2.6.0-r2.ebuild @@ -0,0 +1,291 @@ +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +PYTHON_COMPAT=( python3_{8..10} ) + +inherit autotools linux-info multilib-minimal optfeature python-single-r1 pam systemd toolchain-funcs + +DESCRIPTION="System Security Services Daemon provides access to identity and authentication" +HOMEPAGE="https://github.com/SSSD/sssd" +SRC_URI="https://github.com/SSSD/sssd/releases/download/${PV}/${P}.tar.gz" + +LICENSE="GPL-3" +SLOT="0" +KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86" +IUSE="acl doc +locator +netlink nfsv4 nls +man pac python samba selinux sudo systemd systemtap test valgrind" +REQUIRED_USE=" + pac? ( samba ) + python? ( ${PYTHON_REQUIRED_USE} ) + test? ( sudo ) + valgrind? ( test )" +RESTRICT="!test? ( test )" + +DEPEND=" + >=app-crypt/mit-krb5-1.19.1[${MULTILIB_USEDEP}] + app-crypt/p11-kit + >=dev-libs/ding-libs-0.2 + >=dev-libs/cyrus-sasl-2.1.25-r3[kerberos] + dev-libs/libpcre2:= + >=dev-libs/popt-1.16 + >=dev-libs/openssl-1.0.2:= + dev-libs/libunistring:= + >=net-dns/bind-tools-9.9[gssapi] + >=net-dns/c-ares-1.7.4:= + >=net-nds/openldap-2.4.30:=[sasl] + >=sys-apps/dbus-1.6 + >=sys-apps/keyutils-1.5:= + >=sys-libs/pam-0-r1[${MULTILIB_USEDEP}] + >=sys-libs/talloc-2.0.7 + >=sys-libs/tdb-1.2.9 + >=sys-libs/tevent-0.9.16 + >=sys-libs/ldb-1.1.17-r1:= + virtual/libintl + acl? ( net-fs/cifs-utils[acl] ) + locator? ( >=net-dns/c-ares-1.10.0-r1:=[${MULTILIB_USEDEP}] ) + netlink? ( dev-libs/libnl:3 ) + nfsv4? ( + || ( + >=net-fs/nfs-utils-2.3.1-r2 + net-libs/libnfsidmap + ) + ) + pac? ( net-fs/samba ) + python? ( ${PYTHON_DEPS} ) + samba? ( >=net-fs/samba-4.10.2[winbind] ) + selinux? ( + >=sys-libs/libselinux-2.1.9 + >=sys-libs/libsemanage-2.1 + ) + systemd? ( + sys-apps/systemd:= + sys-apps/util-linux + ) + systemtap? ( dev-util/systemtap )" +RDEPEND="${DEPEND} + >=sys-libs/glibc-2.17[nscd] + selinux? ( >=sec-policy/selinux-sssd-2.20120725-r9 )" +BDEPEND=" + virtual/pkgconfig + ${PYTHON_DEPS} + doc? ( app-doc/doxygen ) + nls? ( sys-devel/gettext ) + test? ( + dev-libs/check + dev-libs/softhsm:2 + dev-util/cmocka + net-libs/gnutls[pkcs11,tools] + sys-libs/libfaketime + sys-libs/nss_wrapper + sys-libs/pam_wrapper + sys-libs/uid_wrapper + valgrind? ( dev-util/valgrind ) + ) + man? ( + app-text/docbook-xml-dtd:4.4 + >=dev-libs/libxslt-1.1.26 + nls? ( app-text/po4a ) + )" + +CONFIG_CHECK="~KEYS" + +PATCHES=( "${FILESDIR}"/${PN}-2.6.0-conditional-python-install.patch ) + +MULTILIB_WRAPPED_HEADERS=( + /usr/include/ipa_hbac.h + /usr/include/sss_idmap.h + /usr/include/sss_nss_idmap.h + # --with-ifp + /usr/include/sss_sifp.h + /usr/include/sss_sifp_dbus.h + # from 1.15.3 + /usr/include/sss_certmap.h +) + +pkg_setup() { + linux-info_pkg_setup + python-single-r1_pkg_setup +} + +src_prepare() { + default + + sed -i \ + -e 's:/var/run:/run:' \ + src/examples/logrotate \ + || die + + # disable flaky test, see https://github.com/SSSD/sssd/issues/5631 + sed -i \ + -e '/^\s*pam-srv-tests[ \\]*$/d' \ + Makefile.am \ + || die + + eautoreconf + + multilib_copy_sources +} + +src_configure() { + local native_dbus_cflags=$($(tc-getPKG_CONFIG) --cflags dbus-1 || die) + + multilib-minimal_src_configure +} + +multilib_src_configure() { + local myconf=() + + myconf+=( + --localstatedir="${EPREFIX}"/var + --runstatedir="${EPREFIX}"/run + --with-pid-path="${EPREFIX}"/run + --with-plugin-path="${EPREFIX}"/usr/$(get_libdir)/sssd + --enable-pammoddir="${EPREFIX}"/$(getpam_mod_dir) + --with-ldb-lib-dir="${EPREFIX}"/usr/$(get_libdir)/samba/ldb + --with-db-path="${EPREFIX}"/var/lib/sss/db + --with-gpo-cache-path="${EPREFIX}"/var/lib/sss/gpo_cache + --with-pubconf-path="${EPREFIX}"/var/lib/sss/pubconf + --with-pipe-path="${EPREFIX}"/var/lib/sss/pipes + --with-mcache-path="${EPREFIX}"/var/lib/sss/mc + --with-secrets-db-path="${EPREFIX}"/var/lib/sss/secrets + --with-log-path="${EPREFIX}"/var/log/sssd + --with-os=gentoo + --disable-rpath + --disable-static + --sbindir="${EPREFIX}"/usr/sbin + $(multilib_native_use_with systemd kcm) + $(use_with samba) + --with-smb-idmap-interface-version=6 + $(multilib_native_use_enable acl cifs-idmap-plugin) + $(multilib_native_use_with selinux) + $(multilib_native_use_with selinux semanage) + $(use_enable locator krb5-locator-plugin) + $(use_enable pac pac-responder) + $(multilib_native_use_with nfsv4 nfsv4-idmapd-plugin) + $(use_enable nls) + $(multilib_native_use_with netlink libnl) + $(multilib_native_use_with man manpages) + $(multilib_native_use_with sudo) + $(multilib_native_with autofs) + $(multilib_native_with ssh) + $(use_enable systemtap) + $(use_enable valgrind) + --without-python2-bindings + $(multilib_native_use_with python python3-bindings) + # Annoyingly configure requires that you pick systemd XOR sysv + --with-initscript=$(usex systemd systemd sysv) + ) + + use systemd && myconf+=( + --with-systemdunitdir=$(systemd_get_systemunitdir) + ) + + if ! multilib_is_native_abi; then + # work-around all the libraries that are used for CLI and server + myconf+=( + {POPT,TALLOC,TDB,TEVENT,LDB}_{CFLAGS,LIBS}=' ' + # ldb headers are fine since native needs it + # ldb lib fails... but it does not seem to bother + {DHASH,COLLECTION,INI_CONFIG_V{0,1,1_1,1_3}}_{CFLAGS,LIBS}=' ' + {PCRE,CARES,SYSTEMD_LOGIN,SASL,GLIB2,DBUS,CRYPTO,P11_KIT}_{CFLAGS,LIBS}=' ' + {NDR_NBT,SMBCLIENT,NDR_KRB5PAC}_{CFLAGS,LIBS}=' ' + + # use native include path for dbus (needed for build) + DBUS_CFLAGS="${native_dbus_cflags}" + + # non-pkgconfig checks + ac_cv_lib_ldap_ldap_search=yes + --without-kcm + ) + fi + + econf "${myconf[@]}" +} + +multilib_src_compile() { + if multilib_is_native_abi; then + default + use doc && emake docs + if use man || use nls; then + emake update-po + fi + else + emake libnss_sss.la pam_sss.la + use locator && emake sssd_krb5_locator_plugin.la + use pac && emake sssd_pac_plugin.la + fi +} + +multilib_src_test() { + if multilib_is_native_abi; then + local -x CK_TIMEOUT_MULTIPLIER=10 + emake check VERBOSE=yes + fi +} + +multilib_src_install() { + if multilib_is_native_abi; then + emake -j1 DESTDIR="${D}" install + if use python; then + python_fix_shebang "${ED}" + python_optimize + fi + else + # easier than playing with automake... + dopammod .libs/pam_sss.so + + into / + dolib.so .libs/libnss_sss.so* + + if use locator; then + exeinto /usr/$(get_libdir)/krb5/plugins/libkrb5 + doexe .libs/sssd_krb5_locator_plugin.so + fi + + if use pac; then + exeinto /usr/$(get_libdir)/krb5/plugins/authdata + doexe .libs/sssd_pac_plugin.so + fi + fi +} + +multilib_src_install_all() { + einstalldocs + + insinto /etc/sssd + insopts -m600 + doins src/examples/sssd-example.conf + + insinto /etc/logrotate.d + insopts -m644 + newins src/examples/logrotate sssd + + newconfd "${FILESDIR}"/sssd.conf sssd + + keepdir /var/lib/sss/db + keepdir /var/lib/sss/deskprofile + keepdir /var/lib/sss/gpo_cache + keepdir /var/lib/sss/keytabs + keepdir /var/lib/sss/mc + keepdir /var/lib/sss/pipes/private + keepdir /var/lib/sss/pubconf/krb5.include.d + keepdir /var/lib/sss/secrets + keepdir /var/log/sssd + + # strip empty dirs + if ! use doc; then + rm -r "${ED}"/usr/share/doc/"${PF}"/doc || die + rm -r "${ED}"/usr/share/doc/"${PF}"/{hbac,idmap,nss_idmap,sss_simpleifp}_doc || die + fi + + rm -r "${ED}"/run || die + find "${ED}" -type f -name '*.la' -delete || die +} + +pkg_postinst() { + elog "You must set up sssd.conf (default installed into /etc/sssd)" + elog "and (optionally) configuration in /etc/pam.d in order to use SSSD" + elog "features. Please see howto in https://sssd.io/docs/design_pages/smartcard_authentication_require.html" + optfeature "Kerberos keytab renew (see krb5_renew_interval)" app-crypt/adcli +} -- cgit v1.2.3