sssd: fix for ldblibdir and systemd etc

Fix sssd issue for ldblibdir, systemd, pam etc. * fix ldblibdir which is not calculated right for cross compile * create directory /var/log/sssd which is required by sssd daemon * disable building python2 binding * fix pam module path * update systemd configure options and service files Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
author: Kai Kang <kai.kang@windriver.com> 2020-03-02 22:47:37 +0800
committer: Armin Kuster <akuster808@gmail.com> 2020-03-05 08:06:51 -0800
commit: 4375507f39ed4bc62e1304838870be65f3a81460 (patch)
tree: 2eb068e73ddead87d63b1fdeb035ffa06c3c9438 /recipes-security
parent: 15061e3a4e1ade2129c0019c0c62e585a8efcb9a (diff)
download: meta-security-4375507f39ed4bc62e1304838870be65f3a81460.tar.gz
3 files changed, 62 insertions, 7 deletions
diff --git a/recipes-security/sssd/files/fix-ldblibdir.patch b/recipes-security/sssd/files/fix-ldblibdir.patch
new file mode 100644
index 0000000..e350baf
--- /dev/null
+++ b/recipes-security/sssd/files/fix-ldblibdir.patch
@@ -0,0 +1,25 @@
+When calculate value of ldblibdir, it checks whether the directory of
+$ldblibdir exists. If not, it assigns ldblibdir with ${libdir}/ldb. It is not
+suitable for cross compile. Fix it that only re-assign ldblibdir when its value
+is empty.
+Upstream-Status: Inappropriate [cross compile specific]
+Signed-off-by: Kai Kang <kai.kang@windriver.com>
+---
+ src/external/libldb.m4 | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+diff --git a/src/external/libldb.m4 b/src/external/libldb.m4
+index c400add..5e5f06d 100644
+--- a/src/external/libldb.m4
+++ b/src/external/libldb.m4
+@@ -19,7 +19,7 @@ if test x"$with_ldb_lib_dir" != x; then
+     ldblibdir=$with_ldb_lib_dir
+ else
+     ldblibdir="`$PKG_CONFIG --variable=modulesdir ldb`"
+-    if ! test -d $ldblibdir; then
+    if test -z $ldblibdir; then
+         ldblibdir="${libdir}/ldb"
+     fi
+ fi
diff --git a/recipes-security/sssd/files/volatiles.99_sssd b/recipes-security/sssd/files/volatiles.99_sssd
new file mode 100644
index 0000000..2a82413
--- /dev/null
+++ b/recipes-security/sssd/files/volatiles.99_sssd
@@ -0,0 +1 @@
+d root root 0750 /var/log/sssd none
diff --git a/recipes-security/sssd/sssd_1.16.4.bb b/recipes-security/sssd/sssd_1.16.4.bb
index c381c32..22d80d7 100644
--- a/recipes-security/sssd/sssd_1.16.4.bb
+++ b/recipes-security/sssd/sssd_1.16.4.bb
@@ -8,13 +8,16 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504"
 DEPENDS = "openldap cyrus-sasl libtdb ding-libs libpam c-ares krb5 autoconf-archive"
 DEPENDS += "libldb dbus libtalloc libpcre glib-2.0 popt e2fsprogs libtevent"
-SRC_URI = "https://releases.pagure.org/SSSD/${BPN}/${BP}.tar.gz\
+SRC_URI = "https://releases.pagure.org/SSSD/${BPN}/${BP}.tar.gz \
-            file://sssd.conf "
+           file://sssd.conf \
+           file://volatiles.99_sssd \
+           file://fix-ldblibdir.patch \
+           "
 SRC_URI[md5sum] = "757bbb6f15409d8d075f4f06cb678d50"
 SRC_URI[sha256sum] = "6bb212cd6b75b918e945c24e7c3f95a486fb54d7f7d489a9334cfa1a1f3bf959"
-inherit autotools pkgconfig gettext python3-dir features_check
+inherit autotools pkgconfig gettext python3-dir features_check systemd
 REQUIRED_DISTRO_FEATURES = "pam"
@@ -38,11 +41,17 @@ PACKAGECONFIG[nss] = "--with-crypto=nss, ,nss,"
 PACKAGECONFIG[cyrpto] = "--with-crypto=libcrypto, , libcrypto"
 PACKAGECONFIG[nscd] = "--with-nscd=${sbindir}, --with-nscd=no "
 PACKAGECONFIG[nl] = "--with-libnl, --with-libnl=no, libnl"
-PACKAGECONFIG[systemd] = "--with-systemdunitdir=${systemd_unitdir}/system/, --with-systemdunitdir="
+PACKAGECONFIG[systemd] = "--with-initscript=systemd,--with-initscript=sysv"
 PACKAGECONFIG[http] = "--with-secrets, --without-secrets, apache2"
 PACKAGECONFIG[curl] = "--with-secrets --with-kcm, --without-secrets --without-kcm, curl"
-EXTRA_OECONF += "--disable-cifs-idmap-plugin --without-nfsv4-idmapd-plugin --without-ipa-getkeytab"
+EXTRA_OECONF += " \
+    --disable-cifs-idmap-plugin \
+    --without-nfsv4-idmapd-plugin \
+    --without-ipa-getkeytab \
+    --without-python2-bindings \
+    --enable-pammoddir=${base_libdir}/security \
+"
 do_configure_prepend() {
    mkdir -p ${AUTOTOOLS_AUXDIR}/build
@@ -57,6 +66,12 @@ do_install () {
    rmdir --ignore-fail-on-non-empty "${D}/${bindir}"
    install -d ${D}/${sysconfdir}/${BPN}
    install -m 600 ${WORKDIR}/${BPN}.conf ${D}/${sysconfdir}/${BPN}
+    install -D -m 644 ${WORKDIR}/volatiles.99_sssd ${D}/${sysconfdir}/default/volatiles/99_sssd
+    if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then
+        install -d ${D}${sysconfdir}/tmpfiles.d
+        echo "d /var/log/sssd 0750 - - - -" > ${D}${sysconfdir}/tmpfiles.d/sss.conf
+    fi
    # Remove /var/run as it is created on startup
    rm -rf ${D}${localstatedir}/run
@@ -74,10 +89,24 @@ CONFFILES_${PN} = "${sysconfdir}/${BPN}/${BPN}.conf"
 INITSCRIPT_NAME = "sssd"
 INITSCRIPT_PARAMS = "start 02 5 3 2 . stop 20 0 1 6 ."
-SYSTEMD_SERVICE_${PN} = "${BPN}.service"
+SYSTEMD_SERVICE_${PN} = " \
+    sssd-autofs.service \
+    sssd-autofs.socket \
+    sssd-ifp.service \
+    sssd-nss.service \
+    sssd-nss.socket \
+    sssd-pam-priv.socket \
+    sssd-pam.service \
+    sssd-pam.socket \
+    sssd-secrets.service \
+    sssd-secrets.socket \
+    sssd.service \
+    sssd-sudo.service \
+    sssd-sudo.socket \
+"
 SYSTEMD_AUTO_ENABLE = "disable"
-FILES_${PN} += "${libdir} ${datadir} /run ${libdir}/*.so* "
+FILES_${PN} += "${libdir} ${datadir} ${base_libdir}/security/pam_sss.so"
 FILES_${PN}-dev = " ${includedir}/* ${libdir}/*la ${libdir}/*/*la"
 # The package contains symlinks that trip up insane
author	Kai Kang <kai.kang@windriver.com>	2020-03-02 22:47:37 +0800
committer	Armin Kuster <akuster808@gmail.com>	2020-03-05 08:06:51 -0800
commit	4375507f39ed4bc62e1304838870be65f3a81460 (patch)
tree	2eb068e73ddead87d63b1fdeb035ffa06c3c9438 /recipes-security
parent	15061e3a4e1ade2129c0019c0c62e585a8efcb9a (diff)
download	meta-security-4375507f39ed4bc62e1304838870be65f3a81460.tar.gz

diff --git a/recipes-security/sssd/files/fix-ldblibdir.patch b/recipes-security/sssd/files/fix-ldblibdir.patch new file mode 100644 index 0000000..e350baf --- /dev/null +++ b/recipes-security/sssd/files/fix-ldblibdir.patch
@@ -0,0 +1,25 @@
		1	When calculate value of ldblibdir, it checks whether the directory of
		2	$ldblibdir exists. If not, it assigns ldblibdir with ${libdir}/ldb. It is not
		3	suitable for cross compile. Fix it that only re-assign ldblibdir when its value
		4	is empty.
		5
		6	Upstream-Status: Inappropriate [cross compile specific]
		7
		8	Signed-off-by: Kai Kang <kai.kang@windriver.com>
		9	---
		10	src/external/libldb.m4 \| 2 +-
		11	1 file changed, 1 insertion(+), 1 deletion(-)
		12
		13	diff --git a/src/external/libldb.m4 b/src/external/libldb.m4
		14	index c400add..5e5f06d 100644
		15	--- a/src/external/libldb.m4
		16	+++ b/src/external/libldb.m4
		17	@@ -19,7 +19,7 @@ if test x"$with_ldb_lib_dir" != x; then
		18	ldblibdir=$with_ldb_lib_dir
		19	else
		20	ldblibdir="`$PKG_CONFIG --variable=modulesdir ldb`"
		21	- if ! test -d $ldblibdir; then
		22	+ if test -z $ldblibdir; then
		23	ldblibdir="${libdir}/ldb"
		24	fi
		25	fi


diff --git a/recipes-security/sssd/files/volatiles.99_sssd b/recipes-security/sssd/files/volatiles.99_sssd new file mode 100644 index 0000000..2a82413 --- /dev/null +++ b/recipes-security/sssd/files/volatiles.99_sssd
@@ -0,0 +1 @@
			d root root 0750 /var/log/sssd none


diff --git a/recipes-security/sssd/sssd_1.16.4.bb b/recipes-security/sssd/sssd_1.16.4.bb index c381c32..22d80d7 100644 --- a/recipes-security/sssd/sssd_1.16.4.bb +++ b/recipes-security/sssd/sssd_1.16.4.bb
@@ -8,13 +8,16 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504"
8	DEPENDS = "openldap cyrus-sasl libtdb ding-libs libpam c-ares krb5 autoconf-archive"	8	DEPENDS = "openldap cyrus-sasl libtdb ding-libs libpam c-ares krb5 autoconf-archive"
9	DEPENDS += "libldb dbus libtalloc libpcre glib-2.0 popt e2fsprogs libtevent"	9	DEPENDS += "libldb dbus libtalloc libpcre glib-2.0 popt e2fsprogs libtevent"
10		10
11	SRC_URI = "https://releases.pagure.org/SSSD/${BPN}/${BP}.tar.gz\	11	SRC_URI = "https://releases.pagure.org/SSSD/${BPN}/${BP}.tar.gz \
12	file://sssd.conf "	12	file://sssd.conf \
		13	file://volatiles.99_sssd \
		14	file://fix-ldblibdir.patch \
		15	"
13		16
14	SRC_URI[md5sum] = "757bbb6f15409d8d075f4f06cb678d50"	17	SRC_URI[md5sum] = "757bbb6f15409d8d075f4f06cb678d50"
15	SRC_URI[sha256sum] = "6bb212cd6b75b918e945c24e7c3f95a486fb54d7f7d489a9334cfa1a1f3bf959"	18	SRC_URI[sha256sum] = "6bb212cd6b75b918e945c24e7c3f95a486fb54d7f7d489a9334cfa1a1f3bf959"
16		19
17	inherit autotools pkgconfig gettext python3-dir features_check	20	inherit autotools pkgconfig gettext python3-dir features_check systemd
18		21
19	REQUIRED_DISTRO_FEATURES = "pam"	22	REQUIRED_DISTRO_FEATURES = "pam"
20		23
@@ -38,11 +41,17 @@ PACKAGECONFIG[nss] = "--with-crypto=nss, ,nss,"
38	PACKAGECONFIG[cyrpto] = "--with-crypto=libcrypto, , libcrypto"	41	PACKAGECONFIG[cyrpto] = "--with-crypto=libcrypto, , libcrypto"
39	PACKAGECONFIG[nscd] = "--with-nscd=${sbindir}, --with-nscd=no "	42	PACKAGECONFIG[nscd] = "--with-nscd=${sbindir}, --with-nscd=no "
40	PACKAGECONFIG[nl] = "--with-libnl, --with-libnl=no, libnl"	43	PACKAGECONFIG[nl] = "--with-libnl, --with-libnl=no, libnl"
41	PACKAGECONFIG[systemd] = "--with-systemdunitdir=${systemd_unitdir}/system/, --with-systemdunitdir="	44	PACKAGECONFIG[systemd] = "--with-initscript=systemd,--with-initscript=sysv"
42	PACKAGECONFIG[http] = "--with-secrets, --without-secrets, apache2"	45	PACKAGECONFIG[http] = "--with-secrets, --without-secrets, apache2"
43	PACKAGECONFIG[curl] = "--with-secrets --with-kcm, --without-secrets --without-kcm, curl"	46	PACKAGECONFIG[curl] = "--with-secrets --with-kcm, --without-secrets --without-kcm, curl"
44		47
45	EXTRA_OECONF += "--disable-cifs-idmap-plugin --without-nfsv4-idmapd-plugin --without-ipa-getkeytab"	48	EXTRA_OECONF += " \
		49	--disable-cifs-idmap-plugin \
		50	--without-nfsv4-idmapd-plugin \
		51	--without-ipa-getkeytab \
		52	--without-python2-bindings \
		53	--enable-pammoddir=${base_libdir}/security \
		54	"
46		55
47	do_configure_prepend() {	56	do_configure_prepend() {
48	mkdir -p ${AUTOTOOLS_AUXDIR}/build	57	mkdir -p ${AUTOTOOLS_AUXDIR}/build
@@ -57,6 +66,12 @@ do_install () {
57	rmdir --ignore-fail-on-non-empty "${D}/${bindir}"	66	rmdir --ignore-fail-on-non-empty "${D}/${bindir}"
58	install -d ${D}/${sysconfdir}/${BPN}	67	install -d ${D}/${sysconfdir}/${BPN}
59	install -m 600 ${WORKDIR}/${BPN}.conf ${D}/${sysconfdir}/${BPN}	68	install -m 600 ${WORKDIR}/${BPN}.conf ${D}/${sysconfdir}/${BPN}
		69	install -D -m 644 ${WORKDIR}/volatiles.99_sssd ${D}/${sysconfdir}/default/volatiles/99_sssd
		70
		71	if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then
		72	install -d ${D}${sysconfdir}/tmpfiles.d
		73	echo "d /var/log/sssd 0750 - - - -" > ${D}${sysconfdir}/tmpfiles.d/sss.conf
		74	fi
60		75
61	# Remove /var/run as it is created on startup	76	# Remove /var/run as it is created on startup
62	rm -rf ${D}${localstatedir}/run	77	rm -rf ${D}${localstatedir}/run
@@ -74,10 +89,24 @@ CONFFILES_${PN} = "${sysconfdir}/${BPN}/${BPN}.conf"
74		89
75	INITSCRIPT_NAME = "sssd"	90	INITSCRIPT_NAME = "sssd"
76	INITSCRIPT_PARAMS = "start 02 5 3 2 . stop 20 0 1 6 ."	91	INITSCRIPT_PARAMS = "start 02 5 3 2 . stop 20 0 1 6 ."
77	SYSTEMD_SERVICE_${PN} = "${BPN}.service"	92	SYSTEMD_SERVICE_${PN} = " \
		93	sssd-autofs.service \
		94	sssd-autofs.socket \
		95	sssd-ifp.service \
		96	sssd-nss.service \
		97	sssd-nss.socket \
		98	sssd-pam-priv.socket \
		99	sssd-pam.service \
		100	sssd-pam.socket \
		101	sssd-secrets.service \
		102	sssd-secrets.socket \
		103	sssd.service \
		104	sssd-sudo.service \
		105	sssd-sudo.socket \
		106	"
78	SYSTEMD_AUTO_ENABLE = "disable"	107	SYSTEMD_AUTO_ENABLE = "disable"
79		108
80	FILES_${PN} += "${libdir} ${datadir} /run ${libdir}/.so "	109	FILES_${PN} += "${libdir} ${datadir} ${base_libdir}/security/pam_sss.so"
81	FILES_${PN}-dev = " ${includedir}/* ${libdir}/la ${libdir}//*la"	110	FILES_${PN}-dev = " ${includedir}/* ${libdir}/la ${libdir}//*la"
82		111
83	# The package contains symlinks that trip up insane	112	# The package contains symlinks that trip up insane