diff options
| -rw-r--r-- | Makefile.am | 21 | ||||
| -rw-r--r-- | contrib/sssd.spec.in | 10 | ||||
| -rw-r--r-- | src/responder/pam/pamsrv.c | 1 | ||||
| -rw-r--r-- | src/sysv/systemd/sssd-pam-priv.socket.in | 15 | ||||
| -rw-r--r-- | src/sysv/systemd/sssd-pam.service.in | 16 | ||||
| -rw-r--r-- | src/sysv/systemd/sssd-pam.socket.in | 13 |
6 files changed, 76 insertions, 0 deletions
diff --git a/Makefile.am b/Makefile.am index fd6f2fa86..844eab9c3 100644 --- a/Makefile.am +++ b/Makefile.am @@ -3938,6 +3938,9 @@ if HAVE_SYSTEMD_UNIT src/sysv/systemd/sssd.service \ src/sysv/systemd/sssd-nss.socket \ src/sysv/systemd/sssd-nss.service \ + src/sysv/systemd/sssd-pam.socket \ + src/sysv/systemd/sssd-pam-priv.socket \ + src/sysv/systemd/sssd-pam.service \ src/sysv/systemd/sssd-secrets.socket \ src/sysv/systemd/sssd-secrets.service \ $(NULL) @@ -4008,6 +4011,9 @@ EXTRA_DIST += \ src/sysv/systemd/journal.conf.in \ src/sysv/systemd/sssd-nss.socket.in \ src/sysv/systemd/sssd-nss.service.in \ + src/sysv/systemd/sssd-pam.socket.in \ + src/sysv/systemd/sssd-pam-priv.socket.in \ + src/sysv/systemd/sssd-pam.service.in \ src/sysv/systemd/sssd-secrets.socket.in \ src/sysv/systemd/sssd-secrets.service.in \ $(NULL) @@ -4041,6 +4047,18 @@ src/sysv/systemd/sssd-nss.service: src/sysv/systemd/sssd-nss.service.in Makefile @$(MKDIR_P) src/sysv/systemd/ $(replace_script) +src/sysv/systemd/sssd-pam.socket: src/sysv/systemd/sssd-pam.socket.in Makefile + @$(MKDIR_P) src/sysv/systemd/ + $(replace_script) + +src/sysv/systemd/sssd-pam-priv.socket: src/sysv/systemd/sssd-pam-priv.socket.in Makefile + @$(MKDIR_P) src/sysv/systemd/ + $(replace_script) + +src/sysv/systemd/sssd-pam.service: src/sysv/systemd/sssd-pam.service.in Makefile + @$(MKDIR_P) src/sysv/systemd/ + $(replace_script) + src/sysv/systemd/sssd-secrets.socket: src/sysv/systemd/sssd-secrets.socket.in Makefile @$(MKDIR_P) src/sysv/systemd/ $(replace_script) @@ -4294,6 +4312,9 @@ endif rm -f $(builddir)/src/sysv/systemd/sssd-nss.service rm -f $(builddir)/src/sysv/systemd/sssd-pac.socket rm -f $(builddir)/src/sysv/systemd/sssd-pac.service + rm -f $(builddir)/src/sysv/systemd/sssd-pam.socket + rm -f $(builddir)/src/sysv/systemd/sssd-pam-priv.socket + rm -f $(builddir)/src/sysv/systemd/sssd-pam.service rm -f $(builddir)/src/sysv/systemd/sssd-secrets.socket rm -f $(builddir)/src/sysv/systemd/sssd-secrets.service rm -f $(builddir)/src/sysv/systemd/journal.conf diff --git a/contrib/sssd.spec.in b/contrib/sssd.spec.in index 965f383a5..72c67124a 100644 --- a/contrib/sssd.spec.in +++ b/contrib/sssd.spec.in @@ -805,6 +805,9 @@ done %{_unitdir}/sssd-nss.service %{_unitdir}/sssd-pac.socket %{_unitdir}/sssd-pac.service +%{_unitdir}/sssd-pam.socket +%{_unitdir}/sssd-pam-priv.socket +%{_unitdir}/sssd-pam.service %{_unitdir}/sssd-secrets.socket %{_unitdir}/sssd-secrets.service %else @@ -1142,6 +1145,8 @@ getent passwd sssd >/dev/null || useradd -r -g sssd -d / -s /sbin/nologin -c "Us %systemd_post sssd-autofs.socket %systemd_post sssd-nss.socket %systemd_post sssd-pac.socket +%systemd_post sssd-pam.socket +%systemd_post sssd-pam-priv.socket %systemd_post sssd-secrets.socket %preun common @@ -1149,6 +1154,8 @@ getent passwd sssd >/dev/null || useradd -r -g sssd -d / -s /sbin/nologin -c "Us %systemd_preun sssd-autofs.socket %systemd_preun sssd-nss.socket %systemd_preun sssd-pac.socket +%systemd_preun sssd-pam.socket +%systemd_preun sssd-pam-priv.socket %systemd_preun sssd-secrets.socket %postun common @@ -1159,6 +1166,9 @@ getent passwd sssd >/dev/null || useradd -r -g sssd -d / -s /sbin/nologin -c "Us %systemd_postun_with_restart sssd-nss.service %systemd_postun_with_restart sssd-pac.socket %systemd_postun_with_restart sssd-pac.service +%systemd_postun_with_restart sssd-pam.socket +%systemd_postun_with_restart sssd-pam-priv.socket +%systemd_postun_with_restart sssd-pam.service %systemd_postun_with_restart sssd-secrets.socket %systemd_postun_with_restart sssd-secrets.service diff --git a/src/responder/pam/pamsrv.c b/src/responder/pam/pamsrv.c index 9ea453603..816f22931 100644 --- a/src/responder/pam/pamsrv.c +++ b/src/responder/pam/pamsrv.c @@ -333,6 +333,7 @@ int main(int argc, const char *argv[]) POPT_AUTOHELP SSSD_MAIN_OPTS SSSD_SERVER_OPTS(uid, gid) + SSSD_RESPONDER_OPTS POPT_TABLEEND }; diff --git a/src/sysv/systemd/sssd-pam-priv.socket.in b/src/sysv/systemd/sssd-pam-priv.socket.in new file mode 100644 index 000000000..84b8caa04 --- /dev/null +++ b/src/sysv/systemd/sssd-pam-priv.socket.in @@ -0,0 +1,15 @@ +[Unit] +Description=SSSD PAM Service responder private socket +Documentation=man:sssd.conf(5) +BindsTo=sssd.service +BindsTo=sssd-pam.socket + +[Socket] +Service=sssd-pam.service +ListenStream=@pipepath@/private/pam +SocketUser=root +SocketGroup=root +SocketMode=0600 + +[Install] +WantedBy=sssd.service diff --git a/src/sysv/systemd/sssd-pam.service.in b/src/sysv/systemd/sssd-pam.service.in new file mode 100644 index 000000000..a7f285c8e --- /dev/null +++ b/src/sysv/systemd/sssd-pam.service.in @@ -0,0 +1,16 @@ +[Unit] +Description=SSSD PAM Service responder +Documentation=man:sssd.conf(5) +After=sssd.service +BindsTo=sssd.service + +[Install] +Also=sssd-pam.socket sssd-pam-priv.socket + +[Service] +ExecStartPre=-/bin/chown @SSSD_USER@:@SSSD_USER@ @logpath@/sssd_pam.log +ExecStart=@libexecdir@/sssd/sssd_pam --debug-to-files --socket-activated +Restart=on-failure +User=@SSSD_USER@ +Group=@SSSD_USER@ +PermissionsStartOnly=true diff --git a/src/sysv/systemd/sssd-pam.socket.in b/src/sysv/systemd/sssd-pam.socket.in new file mode 100644 index 000000000..9554785ca --- /dev/null +++ b/src/sysv/systemd/sssd-pam.socket.in @@ -0,0 +1,13 @@ +[Unit] +Description=SSSD PAM Service responder socket +Documentation=man:sssd.conf(5) +BindsTo=sssd.service +BindsTo=sssd-pam-priv.socket + +[Socket] +ListenStream=@pipepath@/pam +SocketUser=root +SocketGroup=root + +[Install] +WantedBy=sssd.service |