From 1f5d577a008bc1a85810cf83f6ce5c108844d7c4 Mon Sep 17 00:00:00 2001 From: Stefan Schantl Date: Sat, 23 Mar 2013 15:30:30 +0100 Subject: [PATCH] sssd: Add basic configuration and scriptlets. * Add a default configuration to use sssd on the local running LDAP server. * Add systemd scriptlet. * Add scriplet for authconfig to update the system after installation. --- sssd/sssd.conf | 25 ++++++++++++++++++++++++ sssd/sssd.nm | 52 ++++++++++++++++++++++++++++++++++++++++++++++---- 2 files changed, 73 insertions(+), 4 deletions(-) create mode 100644 sssd/sssd.conf diff --git a/sssd/sssd.conf b/sssd/sssd.conf new file mode 100644 index 000000000..0aef9be7a --- /dev/null +++ b/sssd/sssd.conf @@ -0,0 +1,25 @@ +############################################################################### +# IPFire.org - An Open Source Firewall Solution # +# Copyright (C) - IPFire Development Team # +############################################################################### + +[sssd] +domains = LDAP +services = nss, pam +config_file_version = 2 + +[nss] +filter_groups = root +filter_users = root + +[pam] + +[domain/LDAP] +id_provider = ldap +ldap_uri = ldapi:// +ldap_search_base = @SUFFIX@ + +cache_credentials = true + +min_id = 1000 +enumerate = False diff --git a/sssd/sssd.nm b/sssd/sssd.nm index 488beeb29..2f4c6ad0f 100644 --- a/sssd/sssd.nm +++ b/sssd/sssd.nm @@ -5,7 +5,7 @@ name = sssd version = 1.9.4 -release = 1 +release = 2 groups = System/Tools url = http://fedorahosted.org/sssd/ @@ -41,7 +41,7 @@ build libtevent-devel openldap-devel openssl-devel - pam-devel + pam-devel >= 1.1.6 pcre-devel popt-devel python-devel @@ -63,8 +63,9 @@ build --disable-rpath install_cmds - # Prepare empty config file - touch %{BUILDROOT}%{sysconfdir}/sssd/sssd.conf + # Install default config file. + install -m 600 %{DIR_SOURCE}/sssd.conf \ + %{BUILDROOT}%{sysconfdir}/sssd/sssd.conf # Remove old sysVinit stuff. rm -rvf %{BUILDROOT}%{sysconfdir}/rc.d @@ -73,14 +74,46 @@ end packages package %{name} + groups += Base + configfiles %{sysconfdir}/sssd/sssd.conf end + + prerequires += systemd-units + + script postin + systemctl daemon-reload >/dev/null 2>&1 || : + end + + script preun + systemctl --no-reload disable sssd.service >/dev/null 2>&1 || : + systemctl stop sssd.service >/dev/null 2>&1 || : + end + + script postun + systemctl daemon-reload >/dev/null 2>&1 || : + end + + script postup + systemctl daemon-reload >/dev/null 2>&1 || : + systemctl try-restart sssd.service >/dev/null 2>&1 || : + end end package %{name}-client summary = SSSD Client libraries. description = %{summary} + groups += Base + + requires + %{name} = %{thisver} + end + + obsoletes + nss_ldap + pam_ldap + end files %{libdir}/libnss_sss.so.* @@ -89,6 +122,17 @@ packages %{mandir}/man8/pam_sss.8* %{mandir}/man8/sssd_krb5*.8* end + + prerequires += \ + authconfig >= 6.2.5 + + script postin + authconfig --update --enableldap --enablesssd --enablesssdauth + end + + script postun + authconfig --update --disableldap --disablesssd --disablesssdauth + end end package %{name}-tools -- 2.39.5