%if ! (0%{?fedora} > 12 || 0%{?rhel} > 5) %{!?python_sitelib: %global python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print(get_python_lib())")} %{!?python_sitearch: %global python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print(get_python_lib(1))")} %endif %global is_rhel5 %(%{__grep} -c "release 5" /etc/redhat-release) %global rhel5_minor %(%{__grep} -o "5.[0-9]*" /etc/redhat-release |%{__sed} -s 's/5.//') %if 0%{?is_rhel5} > 0 %global with_unicode_lib --with-unicode-lib=glib2 # we don't want to provide private python extension libs %{?filter_setup: %filter_provides_in %{python_sitearch}/.*\.so$ %filter_setup } %else # Fedora and RHEL 6+ # we don't want to provide private python extension libs %define __provides_exclude_from %{python_sitearch}/.*\.so$ %endif %if (0%{?fedora} >= 17) %global with_ccache --with-default-ccache-dir='/run/user/%U' --with-default-ccname-template="DIR:%d/ccdir" %endif %global enable_experimental 1 %if (0%{?enable_experimental} == 1) %global experimental --enable-all-experimental-features %endif # Determine the location of the LDB modules directory %global ldb_modulesdir %(pkg-config --variable=modulesdir ldb) Name: @PACKAGE_NAME@ Version: @PACKAGE_VERSION@ Release: 0@PRERELEASE_VERSION@%{?dist} Group: Applications/System Summary: System Security Services Daemon License: GPLv3+ URL: http://fedorahosted.org/sssd/ Source0: %{name}-%{version}.tar.gz BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX) ### Patches ### ### Dependencies ### Requires: libldb >= 0.9.3 Requires: libtdb >= 1.1.3 Requires: sssd-client%{?_isa} = %{version}-%{release} Requires: libipa_hbac = %{version}-%{release} Requires: libsss_idmap = %{version}-%{release} Requires: cyrus-sasl-gssapi Requires: keyutils-libs Requires(post): initscripts chkconfig /sbin/ldconfig Requires(preun): initscripts chkconfig Requires(postun): initscripts chkconfig /sbin/ldconfig %global servicename sssd %global sssdstatedir %{_localstatedir}/lib/sss %global dbpath %{sssdstatedir}/db %global pipepath %{sssdstatedir}/pipes %global mcpath %{sssdstatedir}/mc %global pubconfpath %{sssdstatedir}/pubconf ### Build Dependencies ### BuildRequires: autoconf BuildRequires: automake BuildRequires: libtool BuildRequires: m4 %{?fedora:BuildRequires: popt-devel} %if 0%{?is_rhel5} > 0 BuildRequires: popt %endif %if 0%{?rhel} >= 6 BuildRequires: popt-devel %endif BuildRequires: libtalloc-devel BuildRequires: libtevent-devel BuildRequires: libtdb-devel BuildRequires: libldb-devel BuildRequires: libdhash-devel >= 0.4.2 BuildRequires: libcollection-devel BuildRequires: libini_config-devel BuildRequires: dbus-devel BuildRequires: dbus-libs %if 0%{?rhel5_minor} >= 7 BuildRequires: openldap24-libs-devel %else BuildRequires: openldap-devel %endif BuildRequires: pam-devel BuildRequires: nss-devel BuildRequires: nspr-devel BuildRequires: pcre-devel BuildRequires: libxslt BuildRequires: libxml2 BuildRequires: docbook-style-xsl BuildRequires: krb5-devel BuildRequires: c-ares-devel BuildRequires: python-devel BuildRequires: check-devel BuildRequires: doxygen BuildRequires: libselinux-devel BuildRequires: libsemanage-devel BuildRequires: bind-utils BuildRequires: keyutils-libs-devel BuildRequires: libnl-devel BuildRequires: gettext-devel BuildRequires: pkgconfig BuildRequires: findutils %if 0%{?is_rhel5} > 0 BuildRequires: glib2-devel %else BuildRequires: libunistring-devel %endif %description Provides a set of daemons to manage access to remote directories and authentication mechanisms. It provides an NSS and PAM interface toward the system and a pluggable backend system to connect to multiple different account sources. It is also the basis to provide client auditing and policy services for projects like FreeIPA. %package client Summary: SSSD Client libraries for NSS and PAM Group: Applications/System License: LGPLv3+ %description client Provides the libraries needed by the PAM and NSS stacks to connect to the SSSD service. %package tools Summary: Userspace tools for use with the SSSD Group: Applications/System License: GPLv3+ Requires: sssd = %{version}-%{release} %description tools Provides userspace tools for manipulating users, groups, and nested groups in SSSD when using id_provider = local in /etc/sssd/sssd.conf. Also provides a userspace tool for generating an obfuscated LDAP password for use with ldap_default_authtok_type = obfuscated_password. %package -n libsss_idmap Summary: FreeIPA Idmap library Group: Development/Libraries License: LGPLv3+ %description -n libsss_idmap Utility library to SIDs to Unix uids and gids %package -n libsss_idmap-devel Summary: FreeIPA Idmap library Group: Development/Libraries License: LGPLv3+ Requires: libsss_idmap = %{version}-%{release} %description -n libsss_idmap-devel Utility library to SIDs to Unix uids and gids %package -n libipa_hbac Summary: FreeIPA HBAC Evaluator library Group: Development/Libraries License: LGPLv3+ %description -n libipa_hbac Utility library to validate FreeIPA HBAC rules for authorization requests %package -n libipa_hbac-devel Summary: FreeIPA HBAC Evaluator library Group: Development/Libraries License: LGPLv3+ Requires: libipa_hbac = %{version}-%{release} %description -n libipa_hbac-devel Utility library to validate FreeIPA HBAC rules for authorization requests %package -n libipa_hbac-python Summary: Python bindings for the FreeIPA HBAC Evaluator library Group: Development/Libraries License: LGPLv3+ Requires: libipa_hbac = %{version}-%{release} %description -n libipa_hbac-python The libipa_hbac-python contains the bindings so that libipa_hbac can be used by Python applications. %if (0%{?enable_experimental} == 1) %package -n libsss_sudo Summary: A library to allow communication between SUDO and SSSD Group: Development/Libraries License: LGPLv3+ %description -n libsss_sudo A utility library to allow communication between SUDO and SSSD %package -n libsss_sudo-devel Summary: A library to allow communication between SUDO and SSSD Group: Development/Libraries License: LGPLv3+ Requires: libsss_sudo = %{version}-%{release} %description -n libsss_sudo-devel A utility library to allow communication between SUDO and SSSD %endif %prep %setup -q %build # RHEL 5 uses an old libtool, so we need to force it to reconfigure # This is safe to do on newer packages too, as it will just # gather the appropriate m4 files from the libtool package for i in libtool.m4 lt~obsolete.m4 ltoptions.m4 ltsugar.m4 ltversion.m4 do find . -name $i -exec rm -f {} \; done autoreconf -ivf %configure \ --with-db-path=%{dbpath} \ --with-mcache-path=%{mcpath} \ --with-pipe-path=%{pipepath} \ --with-pubconf-path=%{pubconfpath} \ --with-init-dir=%{_initrddir} \ --with-krb5-rcache-dir=%{_localstatedir}/cache/krb5rcache \ --enable-nsslibdir=/%{_lib} \ --enable-pammoddir=/%{_lib}/security \ --disable-static \ --disable-rpath \ %{with_unicode_lib} \ %{with_ccache} \ %{experimental} make %{?_smp_mflags} all # Only build docs on recent distros %if 0%{?fedora} make %{?_smp_mflags} docs %endif %if 0%{?rhel} >= 6 make %{?_smp_mflags} docs %endif %check export CK_TIMEOUT_MULTIPLIER=10 make %{?_smp_mflags} check unset CK_TIMEOUT_MULTIPLIER %install rm -rf $RPM_BUILD_ROOT make install DESTDIR=$RPM_BUILD_ROOT # Prepare language files /usr/lib/rpm/find-lang.sh $RPM_BUILD_ROOT sssd # Prepare empty config file (needed for RHEL 5) mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/sssd touch $RPM_BUILD_ROOT/%{_sysconfdir}/sssd/sssd.conf # Copy default logrotate file mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/logrotate.d install -m644 src/examples/logrotate $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/sssd # Make sure SSSD is able to run on read-only root mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/rwtab.d install -m644 src/examples/rwtab $RPM_BUILD_ROOT%{_sysconfdir}/rwtab.d/sssd # Remove .la files created by libtool find $RPM_BUILD_ROOT -name "*.la" -exec rm -f {} \; # Suppress developer-only documentation rm -Rf ${RPM_BUILD_ROOT}/%{_docdir}/%{name} # Older versions of rpmbuild can only handle one -f option # So we need to append to the sssd.lang file for file in `ls $RPM_BUILD_ROOT/%{python_sitelib}/*.egg-info 2> /dev/null` do echo %{python_sitelib}/`basename $file` >> sssd.lang done touch sssd_tools.lang for man in `find $RPM_BUILD_ROOT/%{_mandir}/??/man?/ -type f | sed -e "s#$RPM_BUILD_ROOT/%{_mandir}/##"` do lang=`echo $man | cut -c 1-2` case `basename $man` in sss_*) echo \%lang\(${lang}\) \%{_mandir}/${man}\* >> sssd_tools.lang ;; *) echo \%lang\(${lang}\) \%{_mandir}/${man}\* >> sssd.lang ;; esac done %clean rm -rf $RPM_BUILD_ROOT %files -f sssd.lang %defattr(-,root,root,-) %doc COPYING %doc src/examples/sssd-example.conf %{_initrddir}/%{name} %{_sbindir}/sssd %{_libexecdir}/%{servicename}/krb5_child %{_libexecdir}/%{servicename}/ldap_child %{_libexecdir}/%{servicename}/proxy_child %{_libexecdir}/%{servicename}/sssd_be %{_libexecdir}/%{servicename}/sssd_nss %{_libexecdir}/%{servicename}/sssd_pam %if (0%{?enable_experimental} == 1) %{_libexecdir}/%{servicename}/sssd_autofs %{_libexecdir}/%{servicename}/sssd_ssh %{_libexecdir}/%{servicename}/sssd_sudo %endif %{_libdir}/%{name}/libsss_ipa.so %{_libdir}/%{name}/libsss_krb5.so %{_libdir}/%{name}/libsss_ldap.so %{_libdir}/%{name}/libsss_proxy.so %{_libdir}/%{name}/libsss_simple.so %{ldb_modulesdir}/memberof.so %if (0%{?enable_experimental} == 1) %{_bindir}/sss_ssh_authorizedkeys %{_bindir}/sss_ssh_knownhostsproxy %endif %dir %{sssdstatedir} %dir %{_localstatedir}/cache/krb5rcache %attr(700,root,root) %dir %{dbpath} %attr(755,root,root) %dir %{mcpath} %attr(755,root,root) %dir %{pipepath} %attr(755,root,root) %dir %{pubconfpath} %attr(700,root,root) %dir %{pipepath}/private %attr(750,root,root) %dir %{_var}/log/%{name} %attr(711,root,root) %dir %{_sysconfdir}/sssd %ghost %attr(0600,root,root) %config(noreplace) %{_sysconfdir}/sssd/sssd.conf %config(noreplace) %{_sysconfdir}/logrotate.d/sssd %config(noreplace) %{_sysconfdir}/rwtab.d/sssd %{_datadir}/sssd/sssd.api.conf %{_datadir}/sssd/sssd.api.d %{_mandir}/man5/sssd.conf.5* %{_mandir}/man5/sssd-ipa.5* %{_mandir}/man5/sssd-krb5.5* %{_mandir}/man5/sssd-ldap.5* %{_mandir}/man5/sssd-simple.5* %{_mandir}/man8/sssd.8* %if (0%{?enable_experimental} == 1) %{_mandir}/man1/sss_ssh_authorizedkeys.1* %{_mandir}/man1/sss_ssh_knownhostsproxy.1* %endif %{python_sitearch}/pysss.so %{python_sitelib}/SSSDConfig/*.py* %files client %defattr(-,root,root,-) %doc src/sss_client/COPYING src/sss_client/COPYING.LESSER /%{_lib}/libnss_sss.so.2 /%{_lib}/security/pam_sss.so %{_libdir}/krb5/plugins/libkrb5/sssd_krb5_locator_plugin.so %{_mandir}/man8/pam_sss.8* %{_mandir}/man8/sssd_krb5_locator_plugin.8* %files tools -f sssd_tools.lang %defattr(-,root,root,-) %doc COPYING %{_sbindir}/sss_useradd %{_sbindir}/sss_userdel %{_sbindir}/sss_usermod %{_sbindir}/sss_groupadd %{_sbindir}/sss_groupdel %{_sbindir}/sss_groupmod %{_sbindir}/sss_groupshow %{_sbindir}/sss_obfuscate %{_sbindir}/sss_cache %{_sbindir}/sss_debuglevel %{_mandir}/man8/sss_groupadd.8* %{_mandir}/man8/sss_groupdel.8* %{_mandir}/man8/sss_groupmod.8* %{_mandir}/man8/sss_groupshow.8* %{_mandir}/man8/sss_useradd.8* %{_mandir}/man8/sss_userdel.8* %{_mandir}/man8/sss_usermod.8* %{_mandir}/man8/sss_obfuscate.8* %{_mandir}/man8/sss_cache.8* %{_mandir}/man8/sss_debuglevel.8* %files -n libsss_idmap %defattr(-,root,root,-) %doc src/sss_client/COPYING src/sss_client/COPYING.LESSER %{_libdir}/libsss_idmap.so.* %files -n libsss_idmap-devel %defattr(-,root,root,-) %if 0%{?fedora} %doc idmap_doc/html %endif %if 0%{?rhel} >= 6 %doc idmap_doc/html %endif %{_includedir}/sss_idmap.h %{_libdir}/libsss_idmap.so %{_libdir}/pkgconfig/sss_idmap.pc %files -n libipa_hbac %defattr(-,root,root,-) %doc src/sss_client/COPYING src/sss_client/COPYING.LESSER %{_libdir}/libipa_hbac.so.* %files -n libipa_hbac-devel %defattr(-,root,root,-) %if 0%{?fedora} %doc hbac_doc/html %endif %if 0%{?rhel} >= 6 %doc hbac_doc/html %endif %{_includedir}/ipa_hbac.h %{_libdir}/libipa_hbac.so %{_libdir}/pkgconfig/ipa_hbac.pc %package -n libsss_autofs Summary: A library to allow communication between Autofs and SSSD Group: Development/Libraries License: LGPLv3+ %description -n libsss_autofs A utility library to allow communication between Autofs and SSSD %files -n libipa_hbac-python %defattr(-,root,root,-) %{python_sitearch}/pyhbac.so %if (0%{?enable_experimental} == 1) %files -n libsss_sudo %defattr(-,root,root,-) %doc src/sss_client/COPYING src/sss_client/COPYING.LESSER %{_libdir}/libsss_sudo.so.* %files -n libsss_sudo-devel %if 0%{?fedora} %doc libsss_sudo_doc/html %endif %if 0%{?rhel} >= 6 %doc libsss_sudo_doc/html %endif %{_includedir}/sss_sudo.h %{_libdir}/libsss_sudo.so %{_libdir}/pkgconfig/libsss_sudo.pc %files -n libsss_autofs %defattr(-,root,root,-) %doc src/sss_client/COPYING src/sss_client/COPYING.LESSER %{_libdir}/sssd/modules/libsss_autofs.so* %endif %post /sbin/ldconfig /sbin/chkconfig --add %{servicename} if [ $1 -ge 1 ] ; then /sbin/service %{servicename} condrestart 2>&1 > /dev/null fi %preun if [ $1 = 0 ]; then /sbin/service %{servicename} stop 2>&1 > /dev/null /sbin/chkconfig --del %{servicename} fi %postun -p /sbin/ldconfig %post client -p /sbin/ldconfig %postun client -p /sbin/ldconfig %changelog * Mon Mar 15 2010 Stephen Gallagher - @PACKAGE_VERSION@-0@PRERELEASE_VERSION@ - Automated build of the SSSD