From: "Sam James" <sam@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] repo/gentoo:master commit in: sys-auth/sssd/
Date: Fri, 6 Dec 2024 11:34:27 +0000 (UTC) [thread overview]
Message-ID: <1733484825.2e0e4a6606067fb77f7235a84df2897a7d3ddab9.sam@gentoo> (raw)
commit: 2e0e4a6606067fb77f7235a84df2897a7d3ddab9
Author: Christopher Byrne <salah.coronya <AT> gmail <DOT> com>
AuthorDate: Thu Dec 5 20:04:42 2024 +0000
Commit: Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Fri Dec 6 11:33:45 2024 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2e0e4a66
sys-auth/sssd: add 2.9.6
The "sudo" USE flag was removed as it did not change dependencies.
Python support optional, so merged python support in.
Subid support is in all shadow packages, so merged support in.
man page are unconditionally built, in line with Gentoo standards.
The corresponding USE flags were dropped. The "passkey" "USE flag
was added and FIDO2 support is available.
Signed-off-by: Christopher Byrne <salah.coronya <AT> gmail.com>
Signed-off-by: Sam James <sam <AT> gentoo.org>
sys-auth/sssd/Manifest | 1 +
sys-auth/sssd/sssd-2.9.6.ebuild | 327 ++++++++++++++++++++++++++++++++++++++++
2 files changed, 328 insertions(+)
diff --git a/sys-auth/sssd/Manifest b/sys-auth/sssd/Manifest
index 257ac8082415..d737cf80f4f9 100644
--- a/sys-auth/sssd/Manifest
+++ b/sys-auth/sssd/Manifest
@@ -1,2 +1,3 @@
DIST sssd-2.10.0.tar.gz 9177851 BLAKE2B 027a1b9c38841427089d93ff9d8e424c7c1bf9433eea0033ce77a8c13fd1ac65de975a0ab747e1f08a6f9c4253599ed12e8cc364f0db442019603ab1c1932128 SHA512 d237ff135fb21bcd1040787d6dfe8fa383290fbae1f15c6917284beb38dd95ecf6418335302e26be40c65e44e8b44135499eec0b98119ea53a38098ac0bc1e2c
DIST sssd-2.9.5.tar.gz 8001964 BLAKE2B e9c839e58fbeac9e8cba83b726f075c5db6ce85059546d745672c222b594f4aa26ad103f0eb3a8ff9e2b364c3502fb93c639fe9e621fefd6fecd2319f5cb499a SHA512 d219f12ffc75af233f0e4ffc62c0442acc6da3cd94ed4eab7102a78821af5257c8e4ba0d06b2c99c08e06502f8d0d0bcc80540d63823dbe0f52eb0432ae7e14d
+DIST sssd-2.9.6.tar.gz 9136447 BLAKE2B 9ba4faa66d56150de58e86588bd0dedb02ff2f155fa118a35cd981885fed6cab5fdf13373f575a41691c87b4d18c586cba717b399e3826675eee1b0f8da967b7 SHA512 d9a35fc12022f0a2aa73be373b396411fc69b2fe5489ab93d17813a4c75b3ec30e598d5748ab202f7588039b465e11d616ce546cd5fe5439fa8edd9ac8cda69a
diff --git a/sys-auth/sssd/sssd-2.9.6.ebuild b/sys-auth/sssd/sssd-2.9.6.ebuild
new file mode 100644
index 000000000000..e2e6bb051024
--- /dev/null
+++ b/sys-auth/sssd/sssd-2.9.6.ebuild
@@ -0,0 +1,327 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+PLOCALES="ca de es fr ja ko pt_BR ru sv tr uk"
+PLOCALES_BIN="${PLOCALES} bg cs eu fi hu id it ka nb nl pl pt tg zh_TW zh_CN"
+PLOCALE_BACKUP="sv"
+PYTHON_COMPAT=( python3_{10..12} )
+
+inherit autotools linux-info multilib-minimal optfeature plocale \
+ python-single-r1 pam systemd udev toolchain-funcs
+
+DESCRIPTION="System Security Services Daemon provides access to identity and authentication"
+HOMEPAGE="https://github.com/SSSD/sssd"
+if [[ ${PV} != 9999 ]]; then
+ SRC_URI="https://github.com/SSSD/sssd/releases/download/${PV}/${P}.tar.gz"
+ KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~m68k ~mips ~ppc ~ppc64 ~riscv ~sparc ~x86"
+else
+ inherit git-r3
+ EGIT_REPO_URI="https://github.com/SSSD/sssd.git"
+ EGIT_BRANCH="master"
+fi
+
+LICENSE="GPL-3"
+SLOT="0"
+IUSE="acl doc +netlink nfsv4 nls passkey samba selinux systemd systemtap test"
+REQUIRED_USE="( ${PYTHON_REQUIRED_USE} )"
+RESTRICT="!test? ( test )"
+
+DEPEND="
+ >=app-crypt/mit-krb5-1.19.1[${MULTILIB_USEDEP}]
+ app-crypt/p11-kit
+ >=dev-libs/ding-libs-0.2
+ >=dev-libs/cyrus-sasl-2.1.25-r3[kerberos]
+ dev-libs/jansson:=
+ dev-libs/libpcre2:=
+ dev-libs/libunistring:=[${MULTILIB_USEDEP}]
+ >=dev-libs/popt-1.16
+ >=dev-libs/openssl-1.0.2:=
+ >=net-dns/bind-tools-9.9[gssapi]
+ >=net-dns/c-ares-1.10.0-r1:=[${MULTILIB_USEDEP}]
+ >=net-nds/openldap-2.4.30:=[sasl,experimental]
+ >=sys-apps/dbus-1.6
+ >=sys-apps/keyutils-1.5:=
+ >=sys-libs/pam-0-r1[${MULTILIB_USEDEP}]
+ >=sys-libs/talloc-2.0.7
+ >=sys-libs/tdb-1.2.9
+ >=sys-libs/tevent-0.9.16
+ virtual/ldb:=
+ virtual/libintl
+ ${PYTHON_DEPS}
+ acl? ( net-fs/cifs-utils[acl] )
+ netlink? ( dev-libs/libnl:3 )
+ nfsv4? ( >=net-fs/nfs-utils-2.3.1-r2 )
+ nls? ( >=sys-devel/gettext-0.18 )
+ passkey? ( dev-libs/libfido2:= )
+ samba? ( >=net-fs/samba-4.10.2[winbind] )
+ selinux? (
+ >=sys-libs/libselinux-2.1.9
+ >=sys-libs/libsemanage-2.1
+ )
+ systemd? (
+ sys-apps/systemd:=
+ sys-apps/util-linux
+ $(python_gen_cond_dep '
+ dev-python/python-systemd[${PYTHON_USEDEP}]
+ ')
+ )
+ systemtap? ( dev-debug/systemtap )"
+RDEPEND="${DEPEND}
+ passkey? ( sys-apps/pcsc-lite[policykit] )
+ selinux? ( >=sec-policy/selinux-sssd-2.20120725-r9 )"
+BDEPEND="
+ virtual/pkgconfig
+ app-text/docbook-xml-dtd:4.4
+ >=dev-libs/libxslt-1.1.26
+ ${PYTHON_DEPS}
+ doc? ( app-text/doxygen )
+ nls? ( sys-devel/gettext
+ app-text/po4a )
+ test? (
+ dev-libs/check
+ dev-libs/softhsm:2
+ dev-util/cmocka
+ net-libs/gnutls[pkcs11,tools]
+ sys-libs/libfaketime
+ sys-libs/nss_wrapper
+ sys-libs/pam_wrapper
+ sys-libs/uid_wrapper
+ )
+"
+
+CONFIG_CHECK="~KEYS"
+
+PATCHES=(
+ "${FILESDIR}/${PN}-2.8.2-krb5_pw_locked.patch"
+)
+
+MULTILIB_WRAPPED_HEADERS=(
+ /usr/include/ipa_hbac.h
+ /usr/include/sss_idmap.h
+ /usr/include/sss_nss_idmap.h
+ # --with-ifp
+ /usr/include/sss_sifp.h
+ /usr/include/sss_sifp_dbus.h
+ # from 1.15.3
+ /usr/include/sss_certmap.h
+)
+
+pkg_setup() {
+ linux-info_pkg_setup
+ python-single-r1_pkg_setup
+}
+
+src_prepare() {
+ default
+
+ plocale_get_locales > src/man/po/LINGUAS || die
+
+ sed -i \
+ -e "/_langs]/ s/ .*//" \
+ src/man/po/po4a.cfg \
+ || die
+ enable_locale() {
+ local locale=${1}
+
+ sed -i \
+ -e "/_langs]/ s/$/ ${locale}/" \
+ src/man/po/po4a.cfg \
+ || die
+ }
+
+ plocale_for_each_locale enable_locale
+
+ PLOCALES="${PLOCALES_BIN}"
+ plocale_get_locales > po/LINGUAS || die
+
+ sed -i \
+ -e 's:/var/run:/run:' \
+ src/examples/logrotate \
+ || die
+
+ # disable flaky test, see https://github.com/SSSD/sssd/issues/5631
+ sed -i \
+ -e '/^\s*pam-srv-tests[ \\]*$/d' \
+ Makefile.am \
+ || die
+
+ eautoreconf
+
+ multilib_copy_sources
+}
+
+src_configure() {
+ local native_dbus_cflags=$($(tc-getPKG_CONFIG) --cflags dbus-1 || die)
+
+ # Workaround for bug #938302
+ if use systemtap && has_version "dev-debug/systemtap[-dtrace-symlink(+)]" ; then
+ export DTRACE="${BROOT}"/usr/bin/stap-dtrace
+ fi
+
+ multilib-minimal_src_configure
+}
+
+multilib_src_configure() {
+ local myconf=()
+
+ myconf+=(
+ --libexecdir="${EPREFIX}"/usr/libexec
+ --localstatedir="${EPREFIX}"/var
+ --runstatedir="${EPREFIX}"/run
+ --sbindir="${EPREFIX}"/usr/sbin
+ --with-pid-path="${EPREFIX}"/run
+ --with-plugin-path="${EPREFIX}"/usr/$(get_libdir)/sssd
+ --enable-pammoddir="${EPREFIX}"/$(getpam_mod_dir)
+ --with-ldb-lib-dir="${EPREFIX}"/usr/$(get_libdir)/samba/ldb
+ --with-db-path="${EPREFIX}"/var/lib/sss/db
+ --with-gpo-cache-path="${EPREFIX}"/var/lib/sss/gpo_cache
+ --with-pubconf-path="${EPREFIX}"/var/lib/sss/pubconf
+ --with-pipe-path="${EPREFIX}"/var/lib/sss/pipes
+ --with-mcache-path="${EPREFIX}"/var/lib/sss/mc
+ --with-secrets-db-path="${EPREFIX}"/var/lib/sss/secrets
+ --with-log-path="${EPREFIX}"/var/log/sssd
+ --with-tmpfilesdir=/usr/lib/tmpfiles.d
+ --with-udevrulesdir="$(get_udevdir)/rules.d"
+ --with-kcm
+ --enable-kcm-renewal
+ --with-os=gentoo
+ --disable-rpath
+ --disable-static
+ # Valgrind is only used for tests
+ --disable-valgrind
+ $(use_with samba)
+ --with-smb-idmap-interface-version=6
+ $(multilib_native_use_enable acl cifs-idmap-plugin)
+ $(multilib_native_use_with selinux)
+ $(multilib_native_use_with selinux semanage)
+ --enable-krb5-locator-plugin
+ $(use_enable samba pac-responder)
+ $(multilib_native_use_with nfsv4 nfsv4-idmapd-plugin)
+ $(use_enable nls)
+ $(multilib_native_use_with netlink libnl)
+ --with-manpages
+ --with-sudo
+ $(multilib_native_with autofs)
+ $(multilib_native_with ssh)
+ --without-oidc-child
+ $(multilib_native_with passkey)
+ --with-subid
+ $(use_enable systemtap)
+ --without-python2-bindings
+ --with-python3-bindings
+ # Annoyingly configure requires that you pick systemd XOR sysv
+ --with-initscript=$(usex systemd systemd sysv)
+ KRB5_CONFIG="${ESYSROOT}"/usr/bin/krb5-config
+ # Needed for Samba 4.21
+ CPPFLAGS="${CPPFLAGS} -I${ESYSROOT}/usr/include/samba-4.0"
+ )
+
+ use systemd && myconf+=(
+ --with-systemdunitdir=$(systemd_get_systemunitdir)
+ )
+
+ if ! multilib_is_native_abi; then
+ # work-around all the libraries that are used for CLI and server
+ myconf+=(
+ {POPT,TALLOC,TDB,TEVENT,LDB}_{CFLAGS,LIBS}=' '
+ # ldb headers are fine since native needs it
+ # ldb lib fails... but it does not seem to bother
+ {DHASH,UNISTRING,INI_CONFIG_V{0,1,1_1,1_3}}_{CFLAGS,LIBS}=' '
+ {PCRE,CARES,SYSTEMD_LOGIN,SASL,DBUS,CRYPTO,P11_KIT}_{CFLAGS,LIBS}=' '
+ {NDR_NBT,SAMBA_UTIL,SMBCLIENT,NDR_KRB5PAC,JANSSON}_{CFLAGS,LIBS}=' '
+
+ # use native include path for dbus (needed for build)
+ DBUS_CFLAGS="${native_dbus_cflags}"
+
+ # non-pkgconfig checks
+ ac_cv_lib_ldap_ldap_search=yes
+ --without-kcm
+ --without-manpages
+ )
+ fi
+
+ econf "${myconf[@]}"
+}
+
+multilib_src_compile() {
+ if multilib_is_native_abi; then
+ default
+ use doc && emake docs
+ else
+ emake libnss_sss.la pam_sss.la pam_sss_gss.la
+ emake sssd_krb5_locator_plugin.la
+ use samba && emake sssd_pac_plugin.la
+ fi
+}
+
+multilib_src_test() {
+ if multilib_is_native_abi; then
+ local -x CK_TIMEOUT_MULTIPLIER=10
+ emake check VERBOSE=yes
+ fi
+}
+
+multilib_src_install() {
+ if multilib_is_native_abi; then
+ emake -j1 DESTDIR="${D}" install
+ python_fix_shebang "${ED}"
+ python_optimize
+ else
+ # easier than playing with automake...
+ dopammod .libs/pam_sss.so
+ dopammod .libs/pam_sss_gss.so
+
+ into /
+ dolib.so .libs/libnss_sss.so*
+
+ exeinto /usr/$(get_libdir)/krb5/plugins/libkrb5
+ doexe .libs/sssd_krb5_locator_plugin.so
+
+ if use samba; then
+ exeinto /usr/$(get_libdir)/krb5/plugins/authdata
+ doexe .libs/sssd_pac_plugin.so
+ fi
+ fi
+}
+
+multilib_src_install_all() {
+ einstalldocs
+
+ insinto /etc/sssd
+ insopts -m600
+ doins src/examples/sssd-example.conf
+
+ insinto /etc/logrotate.d
+ insopts -m644
+ newins src/examples/logrotate sssd
+
+ newconfd "${FILESDIR}"/sssd.conf sssd
+
+ keepdir /var/lib/sss/db
+ keepdir /var/lib/sss/deskprofile
+ keepdir /var/lib/sss/gpo_cache
+ keepdir /var/lib/sss/keytabs
+ keepdir /var/lib/sss/mc
+ keepdir /var/lib/sss/pipes/private
+ keepdir /var/lib/sss/pubconf/krb5.include.d
+ keepdir /var/lib/sss/secrets
+ keepdir /var/log/sssd
+
+ # strip empty dirs
+ if ! use doc; then
+ rm -r "${ED}"/usr/share/doc/"${PF}"/doc || die
+ rm -r "${ED}"/usr/share/doc/"${PF}"/{hbac,idmap,nss_idmap}_doc || die
+ fi
+
+ rm -r "${ED}"/run || die
+ find "${ED}" -type f -name '*.la' -delete || die
+}
+
+pkg_postinst() {
+ elog "You must set up sssd.conf (default installed into /etc/sssd)"
+ elog "and (optionally) configuration in /etc/pam.d in order to use SSSD"
+ elog "features."
+ optfeature "Kerberos keytab renew (see krb5_renew_interval)" app-crypt/adcli
+}
next reply other threads:[~2024-12-06 11:34 UTC|newest]
Thread overview: 115+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-12-06 11:34 Sam James [this message]
-- strict thread matches above, loose matches on Subject: below --
2025-03-28 15:22 [gentoo-commits] repo/gentoo:master commit in: sys-auth/sssd/ Sam James
2025-03-28 15:22 Sam James
2025-02-26 9:01 Sam James
2025-02-26 9:01 Sam James
2025-02-22 8:31 Arthur Zamarin
2025-02-22 8:31 Arthur Zamarin
2025-01-15 11:19 James Le Cuirot
2025-01-15 11:19 James Le Cuirot
2025-01-12 14:49 Sam James
2024-12-11 1:53 Sam James
2024-12-10 5:45 Sam James
2024-12-10 5:45 Sam James
2024-12-08 22:42 Mike Gilbert
2024-12-06 22:23 Sam James
2024-10-27 5:32 Sam James
2024-10-27 5:32 Sam James
2024-10-27 5:32 Sam James
2024-10-27 5:32 Sam James
2024-10-27 5:32 Sam James
2024-10-14 19:10 Ben Kohler
2024-09-11 0:15 Sam James
2024-08-31 2:23 Sam James
2024-08-31 2:23 Sam James
2024-08-06 16:18 James Le Cuirot
2024-07-17 4:56 Sam James
2024-07-17 4:56 Sam James
2024-06-05 20:12 Arthur Zamarin
2024-06-05 20:12 Arthur Zamarin
2024-03-25 8:38 Sam James
2024-03-25 8:38 Sam James
2024-01-23 11:49 David Seifert
2024-01-23 11:44 David Seifert
2024-01-05 14:02 Sam James
2023-10-10 6:14 Joonas Niilola
2023-10-09 1:21 Sam James
2023-09-05 20:15 David Seifert
2023-05-14 0:31 Sam James
2023-05-01 17:55 Sam James
2023-05-01 17:55 Sam James
2023-05-01 17:55 Sam James
2023-03-25 11:03 David Seifert
2022-04-24 1:18 Sam James
2022-03-28 9:36 Jakov Smolić
2022-03-28 9:35 Jakov Smolić
2021-11-07 20:26 David Seifert
2021-11-07 20:24 David Seifert
2021-10-25 8:00 Joonas Niilola
2021-10-22 9:00 Sam James
2021-10-22 9:00 Sam James
2021-10-03 11:28 David Seifert
2021-09-18 23:46 Sam James
2021-09-18 23:46 Sam James
2021-09-18 23:46 Sam James
2021-09-04 17:35 David Seifert
2021-07-20 7:22 Lars Wendler
2021-07-18 13:55 Mikle Kolyada
2021-06-13 18:21 Thomas Deutschmann
2021-05-15 16:13 Thomas Deutschmann
2021-05-15 16:13 Thomas Deutschmann
2021-05-15 16:13 Thomas Deutschmann
2021-05-15 16:13 Thomas Deutschmann
2021-05-15 13:59 David Seifert
2021-05-14 16:12 Thomas Deutschmann
2021-02-21 2:33 Thomas Deutschmann
2021-02-21 2:33 Thomas Deutschmann
2020-10-18 15:29 Mikle Kolyada
2020-10-18 15:29 Mikle Kolyada
2020-10-18 11:18 Mikle Kolyada
2020-10-11 21:55 Matt Turner
2020-10-10 11:36 Mikle Kolyada
2020-09-28 20:43 Sam James
2020-09-23 20:18 Matt Turner
2020-08-25 1:11 Matt Turner
2020-08-24 23:05 Matt Turner
2020-08-16 2:19 Matt Turner
2020-08-15 19:10 Matt Turner
2020-08-15 2:12 Matt Turner
2020-08-14 20:48 Matt Turner
2020-08-14 19:41 Matt Turner
2020-08-14 19:41 Matt Turner
2020-05-18 8:13 Alexey Shvetsov
2020-02-14 13:45 Mikle Kolyada
2019-12-08 18:26 Mikle Kolyada
2019-11-01 7:27 Mikle Kolyada
2019-10-12 18:49 Mikle Kolyada
2019-09-07 17:48 Matt Turner
2019-08-12 21:44 Mikle Kolyada
2019-06-16 10:31 Mikle Kolyada
2019-05-23 9:19 Alexey Shvetsov
2019-04-17 16:25 Mikle Kolyada
2019-03-09 9:02 Mikle Kolyada
2019-03-09 9:02 Mikle Kolyada
2019-03-08 16:55 Mikle Kolyada
2019-03-08 15:10 Mikle Kolyada
2018-10-31 6:33 Alexey Shvetsov
2018-10-05 20:15 Mikle Kolyada
2018-10-05 15:15 Mikle Kolyada
2018-10-05 13:05 Mikle Kolyada
2018-10-05 13:03 Mikle Kolyada
2018-10-05 12:58 Mikle Kolyada
2018-10-05 9:43 Mikle Kolyada
2018-10-05 9:36 Mikle Kolyada
2018-10-05 9:33 Mikle Kolyada
2018-08-28 18:42 Sergei Trofimovich
2018-07-19 15:11 Mikle Kolyada
2018-03-28 1:04 Matt Turner
2017-08-13 11:24 David Seifert
2017-07-12 14:43 Pacho Ramos
2017-06-17 19:15 Sergei Trofimovich
2017-04-20 16:41 David Seifert
2016-06-21 6:04 Aaron Bauman
2015-11-14 8:07 Jeroen Roovers
2015-11-04 21:09 Markos Chandras
2015-08-28 11:50 Lars Wendler
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1733484825.2e0e4a6606067fb77f7235a84df2897a7d3ddab9.sam@gentoo \
--to=sam@gentoo.org \
--cc=gentoo-commits@lists.gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox