| 3 |
3 |
|
| 4 |
4 |
EAPI=8
|
| 5 |
5 |
|
| 6 |
|
PLOCALES="ca de es fr ja ko pt_BR ru sv tr uk"
|
|
6 |
# Ukrainian translation causes compile failure, so skip it for now
|
|
7 |
#PLOCALES="ca de es fr ja ko pt_BR ru sv tr uk"
|
|
8 |
PLOCALES="ca de es fr ja ko pt_BR ru sv tr"
|
| 7 |
9 |
PLOCALES_BIN="${PLOCALES} bg cs eu fi hu id it ka nb nl pl pt tg zh_TW zh_CN"
|
| 8 |
10 |
PLOCALE_BACKUP="sv"
|
| 9 |
|
PYTHON_COMPAT=( python3_{10..13} )
|
|
11 |
PYTHON_COMPAT=( python3_{11..14} )
|
| 10 |
12 |
|
| 11 |
13 |
inherit autotools linux-info multilib-minimal optfeature plocale \
|
| 12 |
|
python-single-r1 pam systemd toolchain-funcs
|
|
14 |
python-single-r1 pam systemd tmpfiles udev toolchain-funcs
|
| 13 |
15 |
|
| 14 |
16 |
DESCRIPTION="System Security Services Daemon provides access to identity and authentication"
|
| 15 |
17 |
HOMEPAGE="https://github.com/SSSD/sssd"
|
| 16 |
18 |
if [[ ${PV} != 9999 ]]; then
|
| 17 |
19 |
SRC_URI="https://github.com/SSSD/sssd/releases/download/${PV}/${P}.tar.gz"
|
| 18 |
|
KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~m68k ~mips ~ppc ~ppc64 ~riscv ~sparc ~x86"
|
|
20 |
KEYWORDS=""
|
| 19 |
21 |
else
|
| 20 |
22 |
inherit git-r3
|
| 21 |
23 |
EGIT_REPO_URI="https://github.com/SSSD/sssd.git"
|
| ... | ... | |
| 24 |
26 |
|
| 25 |
27 |
LICENSE="GPL-3"
|
| 26 |
28 |
SLOT="0"
|
| 27 |
|
IUSE="acl doc +netlink nfsv4 nls passkey python samba selinux systemd systemtap test"
|
|
29 |
IUSE="doc +netlink nfsv4 nls passkey python samba selinux systemd systemtap test"
|
| 28 |
30 |
REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"
|
| 29 |
31 |
RESTRICT="!test? ( test )"
|
| 30 |
32 |
|
| ... | ... | |
| 41 |
43 |
>=net-dns/bind-9.9[gssapi]
|
| 42 |
44 |
>=net-dns/c-ares-1.10.0-r1:=[${MULTILIB_USEDEP}]
|
| 43 |
45 |
>=net-nds/openldap-2.4.30:=[sasl,experimental]
|
|
46 |
net-fs/cifs-utils[acl]
|
| 44 |
47 |
>=sys-apps/dbus-1.6
|
| 45 |
48 |
>=sys-apps/keyutils-1.5:=
|
|
49 |
sys-libs/libcap
|
| 46 |
50 |
>=sys-libs/pam-0-r1[${MULTILIB_USEDEP}]
|
| 47 |
51 |
>=sys-libs/talloc-2.0.7
|
| 48 |
52 |
>=sys-libs/tdb-1.2.9
|
| 49 |
53 |
>=sys-libs/tevent-0.9.16
|
| 50 |
54 |
virtual/ldb:=
|
| 51 |
55 |
virtual/libintl
|
| 52 |
|
acl? ( net-fs/cifs-utils[acl] )
|
| 53 |
56 |
netlink? ( dev-libs/libnl:3 )
|
| 54 |
57 |
nfsv4? ( >=net-fs/nfs-utils-2.3.1-r2 )
|
| 55 |
58 |
nls? ( >=sys-devel/gettext-0.18 )
|
| ... | ... | |
| 73 |
76 |
)
|
| 74 |
77 |
systemtap? ( dev-debug/systemtap )"
|
| 75 |
78 |
RDEPEND="${DEPEND}
|
|
79 |
acct-user/sssd
|
|
80 |
acct-group/sssd
|
| 76 |
81 |
passkey? ( sys-apps/pcsc-lite[policykit] )
|
| 77 |
82 |
selinux? ( >=sec-policy/selinux-sssd-2.20120725-r9 )"
|
| 78 |
83 |
DEPEND+="
|
| 79 |
84 |
sys-apps/shadow"
|
| 80 |
85 |
BDEPEND="
|
|
86 |
acct-user/sssd
|
|
87 |
acct-group/sssd
|
|
88 |
sys-libs/libcap
|
| 81 |
89 |
virtual/pkgconfig
|
| 82 |
|
app-text/docbook-xml-dtd:4.4
|
| 83 |
|
>=dev-libs/libxslt-1.1.26
|
| 84 |
90 |
${PYTHON_DEPS}
|
| 85 |
91 |
doc? ( app-text/doxygen )
|
| 86 |
|
nls? ( sys-devel/gettext
|
| 87 |
|
app-text/po4a )
|
|
92 |
nls? ( app-text/po4a
|
|
93 |
sys-devel/gettext )
|
| 88 |
94 |
test? (
|
| 89 |
95 |
dev-libs/check
|
| 90 |
96 |
dev-libs/softhsm:2
|
| ... | ... | |
| 95 |
101 |
sys-libs/pam_wrapper
|
| 96 |
102 |
sys-libs/uid_wrapper
|
| 97 |
103 |
)
|
|
104 |
app-text/docbook-xml-dtd:4.4
|
|
105 |
>=dev-libs/libxslt-1.1.26
|
| 98 |
106 |
"
|
| 99 |
107 |
|
| 100 |
108 |
CONFIG_CHECK="~KEYS"
|
| ... | ... | |
| 102 |
110 |
PATCHES=(
|
| 103 |
111 |
"${FILESDIR}/${PN}-2.8.2-krb5_pw_locked.patch"
|
| 104 |
112 |
"${FILESDIR}/${PN}-2.9.6-conditional-python-install.patch"
|
| 105 |
|
"${FILESDIR}/${PN}-2.9.7-kerberos-1-22.patch"
|
|
113 |
"${FILESDIR}/${PN}-2.10.0_beta2-fix-systemd-systemconfdir.patch"
|
| 106 |
114 |
)
|
| 107 |
115 |
|
| 108 |
116 |
MULTILIB_WRAPPED_HEADERS=(
|
| ... | ... | |
| 116 |
124 |
/usr/include/sss_certmap.h
|
| 117 |
125 |
)
|
| 118 |
126 |
|
|
127 |
sssd_migrate_files() {
|
|
128 |
if has_version "<=sys-auth/sssd-2.9.9999"
|
|
129 |
then
|
|
130 |
einfo "Checking if sssd is running"
|
|
131 |
if [ -f /run/sssd.pid ]
|
|
132 |
then
|
|
133 |
elog "Please stop sssd after installing before"
|
|
134 |
elog "performing the migration process"
|
|
135 |
fi
|
|
136 |
einfo "Checking if /var/lib/sss ownership"
|
|
137 |
if [ -d /var/lib/sss ] && [ $(stat -c "%U:%G" /var/lib/sss) != "sssd:sssd" ]
|
|
138 |
then
|
|
139 |
elog "After installing, please execute"
|
|
140 |
elog "chown -R sssd:sssd /var/lib/sss"
|
|
141 |
fi
|
|
142 |
einfo "Checking if /var/log/sssd ownership"
|
|
143 |
if [ -d /var/log/sssd ] && [ $(stat -c "%U:%G" /var/log/sssd) != "sssd:sssd" ]
|
|
144 |
then
|
|
145 |
elog "After installing, please execute"
|
|
146 |
elog "chown -R sssd:sssd /var/log/sssd"
|
|
147 |
fi
|
|
148 |
einfo "Checking if /etc/sssd ownership"
|
|
149 |
if ! use systemd && [ -d /etc/sssd ] && [ $(stat -c "%U:%G" /etc/sssd) != "root:sssd" ]
|
|
150 |
then
|
|
151 |
elog "After installing, please execute"
|
|
152 |
elog "chown -R root:sssd /etc/sssd"
|
|
153 |
fi
|
|
154 |
fi
|
|
155 |
}
|
|
156 |
|
| 119 |
157 |
pkg_setup() {
|
| 120 |
158 |
linux-info_pkg_setup
|
| 121 |
159 |
python-single-r1_pkg_setup
|
|
160 |
|
|
161 |
sssd_migrate_files
|
| 122 |
162 |
}
|
| 123 |
163 |
|
| 124 |
164 |
src_prepare() {
|
| ... | ... | |
| 155 |
195 |
Makefile.am \
|
| 156 |
196 |
|| die
|
| 157 |
197 |
|
|
198 |
# requires valgrind headers installed, see
|
|
199 |
# https://github.com/SSSD/sssd/pull/7845
|
|
200 |
sed -i \
|
|
201 |
-e '/^\s*test_iobuf[ \\]*$/d' \
|
|
202 |
Makefile.am \
|
|
203 |
|| die
|
|
204 |
|
| 158 |
205 |
eautoreconf
|
| 159 |
206 |
|
| 160 |
207 |
multilib_copy_sources
|
| ... | ... | |
| 163 |
210 |
src_configure() {
|
| 164 |
211 |
local native_dbus_cflags=$($(tc-getPKG_CONFIG) --cflags dbus-1 || die)
|
| 165 |
212 |
|
| 166 |
|
# Workaround for bug #938302
|
| 167 |
|
if use systemtap && has_version "dev-debug/systemtap[-dtrace-symlink(+)]" ; then
|
| 168 |
|
export DTRACE="${BROOT}"/usr/bin/stap-dtrace
|
| 169 |
|
fi
|
| 170 |
|
|
| 171 |
213 |
multilib-minimal_src_configure
|
| 172 |
214 |
}
|
| 173 |
215 |
|
| ... | ... | |
| 179 |
221 |
--localstatedir="${EPREFIX}"/var
|
| 180 |
222 |
--runstatedir="${EPREFIX}"/run
|
| 181 |
223 |
--sbindir="${EPREFIX}"/usr/sbin
|
| 182 |
|
--with-pid-path="${EPREFIX}"/run
|
|
224 |
--with-pid-path="${EPREFIX}"/run/sssd
|
| 183 |
225 |
--with-plugin-path="${EPREFIX}"/usr/$(get_libdir)/sssd
|
| 184 |
|
--enable-pammoddir="${EPREFIX}$(getpam_mod_dir)"
|
|
226 |
--enable-pammoddir="${EPREFIX}"/$(getpam_mod_dir)
|
| 185 |
227 |
--with-ldb-lib-dir="${EPREFIX}"/usr/$(get_libdir)/samba/ldb
|
| 186 |
228 |
--with-db-path="${EPREFIX}"/var/lib/sss/db
|
| 187 |
229 |
--with-gpo-cache-path="${EPREFIX}"/var/lib/sss/gpo_cache
|
| ... | ... | |
| 190 |
232 |
--with-mcache-path="${EPREFIX}"/var/lib/sss/mc
|
| 191 |
233 |
--with-secrets-db-path="${EPREFIX}"/var/lib/sss/secrets
|
| 192 |
234 |
--with-log-path="${EPREFIX}"/var/log/sssd
|
|
235 |
--with-tmpfilesdir=/usr/lib/tmpfiles.d
|
|
236 |
--with-udevrulesdir="$(get_udevdir)/rules.d"
|
| 193 |
237 |
--with-kcm
|
| 194 |
238 |
--enable-kcm-renewal
|
| 195 |
239 |
--with-os=gentoo
|
| ... | ... | |
| 199 |
243 |
--disable-valgrind
|
| 200 |
244 |
$(use_with samba)
|
| 201 |
245 |
--with-smb-idmap-interface-version=6
|
| 202 |
|
$(multilib_native_use_enable acl cifs-idmap-plugin)
|
|
246 |
--enable-cifs-idmap-plugin
|
| 203 |
247 |
$(multilib_native_use_with selinux)
|
| 204 |
|
$(multilib_native_use_with selinux semanage)
|
| 205 |
248 |
--enable-krb5-locator-plugin
|
| 206 |
249 |
$(use_enable samba pac-responder)
|
| 207 |
250 |
$(multilib_native_use_with nfsv4 nfsv4-idmapd-plugin)
|
| ... | ... | |
| 219 |
262 |
$(multilib_native_use_with python python3-bindings)
|
| 220 |
263 |
# Annoyingly configure requires that you pick systemd XOR sysv
|
| 221 |
264 |
--with-initscript=$(usex systemd systemd sysv)
|
|
265 |
--with-sssd-user=sssd
|
| 222 |
266 |
KRB5_CONFIG="${ESYSROOT}"/usr/bin/krb5-config
|
| 223 |
|
# Needed for Samba 4.21
|
| 224 |
267 |
CPPFLAGS="${CPPFLAGS} -I${ESYSROOT}/usr/include/samba-4.0"
|
| 225 |
268 |
)
|
| 226 |
269 |
|
| ... | ... | |
| 316 |
359 |
keepdir /var/lib/sss/pubconf/krb5.include.d
|
| 317 |
360 |
keepdir /var/lib/sss/secrets
|
| 318 |
361 |
keepdir /var/log/sssd
|
|
362 |
keepdir /etc/sssd/conf.d
|
|
363 |
keepdir /etc/sssd/pki
|
| 319 |
364 |
|
| 320 |
365 |
# strip empty dirs
|
| 321 |
366 |
if ! use doc; then
|
| ... | ... | |
| 328 |
373 |
}
|
| 329 |
374 |
|
| 330 |
375 |
pkg_postinst() {
|
|
376 |
tmpfiles_process sssd-tmpfiles.conf
|
|
377 |
echo
|
| 331 |
378 |
elog "You must set up sssd.conf (default installed into /etc/sssd)"
|
| 332 |
379 |
elog "and (optionally) configuration in /etc/pam.d in order to use SSSD"
|
| 333 |
380 |
elog "features."
|
