| 3 |
3 |
|
| 4 |
4 |
EAPI=8
|
| 5 |
5 |
|
| 6 |
|
PLOCALES="ca de es fr ja ko pt_BR ru sv tr uk"
|
|
6 |
# Ukrainian translation causes compile failure, so skip it for now
|
|
7 |
#PLOCALES="ca de es fr ja ko pt_BR ru sv tr uk"
|
|
8 |
PLOCALES="ca de es fr ja ko pt_BR ru sv tr"
|
| 7 |
9 |
PLOCALES_BIN="${PLOCALES} bg cs eu fi hu id it ka nb nl pl pt tg zh_TW zh_CN"
|
| 8 |
10 |
PLOCALE_BACKUP="sv"
|
| 9 |
|
PYTHON_COMPAT=( python3_{11..13} )
|
|
11 |
PYTHON_COMPAT=( python3_{11..14} )
|
| 10 |
12 |
|
| 11 |
13 |
inherit autotools linux-info multilib-minimal optfeature plocale \
|
| 12 |
|
python-single-r1 pam systemd toolchain-funcs verify-sig
|
|
14 |
python-single-r1 pam systemd tmpfiles udev toolchain-funcs verify-sig
|
| 13 |
15 |
|
| 14 |
16 |
DESCRIPTION="System Security Services Daemon provides access to identity and authentication"
|
| 15 |
17 |
HOMEPAGE="https://github.com/SSSD/sssd"
|
| ... | ... | |
| 25 |
27 |
|
| 26 |
28 |
LICENSE="GPL-3"
|
| 27 |
29 |
SLOT="0"
|
| 28 |
|
IUSE="acl doc +netlink nfsv4 nls passkey python samba selinux systemd systemtap test"
|
|
30 |
IUSE="doc +netlink nfsv4 nls passkey python samba selinux systemd systemtap test"
|
| 29 |
31 |
REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"
|
| 30 |
32 |
RESTRICT="!test? ( test )"
|
| 31 |
33 |
|
| ... | ... | |
| 42 |
44 |
>=net-dns/bind-9.9[gssapi]
|
| 43 |
45 |
>=net-dns/c-ares-1.10.0-r1:=[${MULTILIB_USEDEP}]
|
| 44 |
46 |
>=net-nds/openldap-2.4.30:=[sasl,experimental]
|
|
47 |
net-fs/cifs-utils[acl]
|
| 45 |
48 |
>=sys-apps/dbus-1.6
|
| 46 |
49 |
>=sys-apps/keyutils-1.5:=
|
|
50 |
sys-libs/libcap
|
| 47 |
51 |
>=sys-libs/pam-0-r1[${MULTILIB_USEDEP}]
|
| 48 |
52 |
>=sys-libs/talloc-2.0.7
|
| 49 |
53 |
>=sys-libs/tdb-1.2.9
|
| 50 |
54 |
>=sys-libs/tevent-0.9.16
|
| 51 |
55 |
virtual/ldb:=
|
| 52 |
56 |
virtual/libintl
|
| 53 |
|
acl? ( net-fs/cifs-utils[acl] )
|
| 54 |
57 |
netlink? ( dev-libs/libnl:3 )
|
| 55 |
58 |
nfsv4? ( >=net-fs/nfs-utils-2.3.1-r2 )
|
| 56 |
59 |
nls? ( >=sys-devel/gettext-0.18 )
|
| ... | ... | |
| 74 |
77 |
)
|
| 75 |
78 |
systemtap? ( dev-debug/systemtap )"
|
| 76 |
79 |
RDEPEND="${DEPEND}
|
|
80 |
acct-user/sssd
|
|
81 |
acct-group/sssd
|
| 77 |
82 |
passkey? ( sys-apps/pcsc-lite[policykit] )
|
| 78 |
83 |
selinux? ( >=sec-policy/selinux-sssd-2.20120725-r9 )"
|
| 79 |
84 |
DEPEND+="
|
| 80 |
85 |
sys-apps/shadow"
|
| 81 |
86 |
BDEPEND="
|
|
87 |
acct-user/sssd
|
|
88 |
acct-group/sssd
|
|
89 |
sys-libs/libcap
|
| 82 |
90 |
virtual/pkgconfig
|
| 83 |
|
app-text/docbook-xml-dtd:4.4
|
| 84 |
|
>=dev-libs/libxslt-1.1.26
|
| 85 |
91 |
${PYTHON_DEPS}
|
| 86 |
92 |
doc? ( app-text/doxygen )
|
| 87 |
|
nls? ( sys-devel/gettext
|
| 88 |
|
app-text/po4a )
|
|
93 |
nls? ( app-text/po4a
|
|
94 |
sys-devel/gettext )
|
| 89 |
95 |
test? (
|
| 90 |
96 |
dev-libs/check
|
| 91 |
97 |
dev-libs/softhsm:2
|
| ... | ... | |
| 96 |
102 |
sys-libs/pam_wrapper
|
| 97 |
103 |
sys-libs/uid_wrapper
|
| 98 |
104 |
)
|
|
105 |
app-text/docbook-xml-dtd:4.4
|
|
106 |
>=dev-libs/libxslt-1.1.26
|
| 99 |
107 |
verify-sig? ( sec-keys/openpgp-keys-sssd )
|
| 100 |
108 |
"
|
| 101 |
109 |
|
| ... | ... | |
| 106 |
114 |
PATCHES=(
|
| 107 |
115 |
"${FILESDIR}/${PN}-2.8.2-krb5_pw_locked.patch"
|
| 108 |
116 |
"${FILESDIR}/${PN}-2.9.6-conditional-python-install.patch"
|
| 109 |
|
"${FILESDIR}/${PN}-2.9.7-kerberos-1-22.patch"
|
|
117 |
"${FILESDIR}/${PN}-2.10.0_beta2-fix-systemd-systemconfdir.patch"
|
| 110 |
118 |
)
|
| 111 |
119 |
|
| 112 |
120 |
MULTILIB_WRAPPED_HEADERS=(
|
| ... | ... | |
| 120 |
128 |
/usr/include/sss_certmap.h
|
| 121 |
129 |
)
|
| 122 |
130 |
|
|
131 |
sssd_migrate_files() {
|
|
132 |
if has_version "<=sys-auth/sssd-2.9.9999"
|
|
133 |
then
|
|
134 |
einfo "Checking if sssd is running"
|
|
135 |
if [ -f /run/sssd.pid ]
|
|
136 |
then
|
|
137 |
elog "Please stop sssd after installing before"
|
|
138 |
elog "performing the migration process"
|
|
139 |
fi
|
|
140 |
einfo "Checking if /var/lib/sss ownership"
|
|
141 |
if [ -d /var/lib/sss ] && [ $(stat -c "%U:%G" /var/lib/sss) != "sssd:sssd" ]
|
|
142 |
then
|
|
143 |
elog "After installing, please execute"
|
|
144 |
elog "chown -R sssd:sssd /var/lib/sss"
|
|
145 |
fi
|
|
146 |
einfo "Checking if /var/log/sssd ownership"
|
|
147 |
if [ -d /var/log/sssd ] && [ $(stat -c "%U:%G" /var/log/sssd) != "sssd:sssd" ]
|
|
148 |
then
|
|
149 |
elog "After installing, please execute"
|
|
150 |
elog "chown -R sssd:sssd /var/log/sssd"
|
|
151 |
fi
|
|
152 |
einfo "Checking if /etc/sssd ownership"
|
|
153 |
if ! use systemd && [ -d /etc/sssd ] && [ $(stat -c "%U:%G" /etc/sssd) != "root:sssd" ]
|
|
154 |
then
|
|
155 |
elog "After installing, please execute"
|
|
156 |
elog "chown -R root:sssd /etc/sssd"
|
|
157 |
fi
|
|
158 |
fi
|
|
159 |
}
|
|
160 |
|
| 123 |
161 |
pkg_setup() {
|
| 124 |
162 |
linux-info_pkg_setup
|
| 125 |
163 |
python-single-r1_pkg_setup
|
|
164 |
|
|
165 |
sssd_migrate_files
|
| 126 |
166 |
}
|
| 127 |
167 |
|
| 128 |
168 |
src_prepare() {
|
| ... | ... | |
| 159 |
199 |
Makefile.am \
|
| 160 |
200 |
|| die
|
| 161 |
201 |
|
|
202 |
# requires valgrind headers installed, see
|
|
203 |
# https://github.com/SSSD/sssd/pull/7845
|
|
204 |
sed -i \
|
|
205 |
-e '/^\s*test_iobuf[ \\]*$/d' \
|
|
206 |
Makefile.am \
|
|
207 |
|| die
|
|
208 |
|
| 162 |
209 |
eautoreconf
|
| 163 |
210 |
|
| 164 |
211 |
multilib_copy_sources
|
| ... | ... | |
| 167 |
214 |
src_configure() {
|
| 168 |
215 |
local native_dbus_cflags=$($(tc-getPKG_CONFIG) --cflags dbus-1 || die)
|
| 169 |
216 |
|
| 170 |
|
# Workaround for bug #938302
|
| 171 |
|
if use systemtap && has_version "dev-debug/systemtap[-dtrace-symlink(+)]" ; then
|
| 172 |
|
export DTRACE="${BROOT}"/usr/bin/stap-dtrace
|
| 173 |
|
fi
|
| 174 |
|
|
| 175 |
217 |
multilib-minimal_src_configure
|
| 176 |
218 |
}
|
| 177 |
219 |
|
| ... | ... | |
| 183 |
225 |
--localstatedir="${EPREFIX}"/var
|
| 184 |
226 |
--runstatedir="${EPREFIX}"/run
|
| 185 |
227 |
--sbindir="${EPREFIX}"/usr/sbin
|
| 186 |
|
--with-pid-path="${EPREFIX}"/run
|
|
228 |
--with-pid-path="${EPREFIX}"/run/sssd
|
| 187 |
229 |
--with-plugin-path="${EPREFIX}"/usr/$(get_libdir)/sssd
|
| 188 |
|
--enable-pammoddir="${EPREFIX}$(getpam_mod_dir)"
|
|
230 |
--enable-pammoddir="${EPREFIX}"/$(getpam_mod_dir)
|
| 189 |
231 |
--with-ldb-lib-dir="${EPREFIX}"/usr/$(get_libdir)/samba/ldb
|
| 190 |
232 |
--with-db-path="${EPREFIX}"/var/lib/sss/db
|
| 191 |
233 |
--with-gpo-cache-path="${EPREFIX}"/var/lib/sss/gpo_cache
|
| ... | ... | |
| 194 |
236 |
--with-mcache-path="${EPREFIX}"/var/lib/sss/mc
|
| 195 |
237 |
--with-secrets-db-path="${EPREFIX}"/var/lib/sss/secrets
|
| 196 |
238 |
--with-log-path="${EPREFIX}"/var/log/sssd
|
|
239 |
--with-tmpfilesdir=/usr/lib/tmpfiles.d
|
|
240 |
--with-udevrulesdir="$(get_udevdir)/rules.d"
|
| 197 |
241 |
--with-kcm
|
| 198 |
242 |
--enable-kcm-renewal
|
| 199 |
243 |
--with-os=gentoo
|
| ... | ... | |
| 203 |
247 |
--disable-valgrind
|
| 204 |
248 |
$(use_with samba)
|
| 205 |
249 |
--with-smb-idmap-interface-version=6
|
| 206 |
|
$(multilib_native_use_enable acl cifs-idmap-plugin)
|
|
250 |
--enable-cifs-idmap-plugin
|
| 207 |
251 |
$(multilib_native_use_with selinux)
|
| 208 |
|
$(multilib_native_use_with selinux semanage)
|
| 209 |
252 |
--enable-krb5-locator-plugin
|
| 210 |
253 |
$(use_enable samba pac-responder)
|
| 211 |
254 |
$(multilib_native_use_with nfsv4 nfsv4-idmapd-plugin)
|
| ... | ... | |
| 223 |
266 |
$(multilib_native_use_with python python3-bindings)
|
| 224 |
267 |
# Annoyingly configure requires that you pick systemd XOR sysv
|
| 225 |
268 |
--with-initscript=$(usex systemd systemd sysv)
|
|
269 |
--with-sssd-user=sssd
|
| 226 |
270 |
KRB5_CONFIG="${ESYSROOT}"/usr/bin/krb5-config
|
| 227 |
|
# Needed for Samba 4.21
|
| 228 |
271 |
CPPFLAGS="${CPPFLAGS} -I${ESYSROOT}/usr/include/samba-4.0"
|
| 229 |
272 |
)
|
| 230 |
273 |
|
| ... | ... | |
| 320 |
363 |
keepdir /var/lib/sss/pubconf/krb5.include.d
|
| 321 |
364 |
keepdir /var/lib/sss/secrets
|
| 322 |
365 |
keepdir /var/log/sssd
|
|
366 |
keepdir /etc/sssd/conf.d
|
|
367 |
keepdir /etc/sssd/pki
|
| 323 |
368 |
|
| 324 |
369 |
# strip empty dirs
|
| 325 |
370 |
if ! use doc; then
|
| ... | ... | |
| 332 |
377 |
}
|
| 333 |
378 |
|
| 334 |
379 |
pkg_postinst() {
|
|
380 |
tmpfiles_process sssd-tmpfiles.conf
|
|
381 |
echo
|
| 335 |
382 |
elog "You must set up sssd.conf (default installed into /etc/sssd)"
|
| 336 |
383 |
elog "and (optionally) configuration in /etc/pam.d in order to use SSSD"
|
| 337 |
384 |
elog "features."
|
