diff options
Diffstat (limited to 'sys-auth')
| -rw-r--r-- | sys-auth/AusweisApp/AusweisApp-2.3.1.ebuild | 47 | ||||
| -rw-r--r-- | sys-auth/AusweisApp/Manifest | 2 | ||||
| -rw-r--r-- | sys-auth/Manifest.gz | bin | 9256 -> 9254 bytes | |||
| -rw-r--r-- | sys-auth/pambase/Manifest | 2 | ||||
| -rw-r--r-- | sys-auth/pambase/pambase-20250223.ebuild | 2 | ||||
| -rw-r--r-- | sys-auth/polkit/Manifest | 8 | ||||
| -rw-r--r-- | sys-auth/polkit/files/polkit-126-elogind.patch | 37 | ||||
| -rw-r--r-- | sys-auth/polkit/files/polkit-126-musl.patch | 34 | ||||
| -rw-r--r-- | sys-auth/polkit/files/polkit-126-realpath.patch | 133 | ||||
| -rw-r--r-- | sys-auth/polkit/polkit-126-r1.ebuild | 165 | ||||
| -rw-r--r-- | sys-auth/polkit/polkit-126.ebuild | 157 | ||||
| -rw-r--r-- | sys-auth/polkit/polkit-9999.ebuild | 27 | ||||
| -rw-r--r-- | sys-auth/sssd/Manifest | 8 | ||||
| -rw-r--r-- | sys-auth/sssd/files/sssd-2.9.1-conditional-python-install.patch | 19 | ||||
| -rw-r--r-- | sys-auth/sssd/metadata.xml | 2 | ||||
| -rw-r--r-- | sys-auth/sssd/sssd-2.9.5-r2.ebuild | 335 | ||||
| -rw-r--r-- | sys-auth/sssd/sssd-2.9.5.ebuild | 333 | ||||
| -rw-r--r-- | sys-auth/sssd/sssd-2.9.6-r2.ebuild (renamed from sys-auth/sssd/sssd-2.9.6.ebuild) | 37 |
18 files changed, 630 insertions, 718 deletions
diff --git a/sys-auth/AusweisApp/AusweisApp-2.3.1.ebuild b/sys-auth/AusweisApp/AusweisApp-2.3.1.ebuild new file mode 100644 index 000000000000..6c1e58696bbc --- /dev/null +++ b/sys-auth/AusweisApp/AusweisApp-2.3.1.ebuild @@ -0,0 +1,47 @@ +# Copyright 2020-2025 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit cmake xdg-utils + +DESCRIPTION="Official authentication app for German ID cards and residence permits" +HOMEPAGE="https://www.ausweisapp.bund.de/" +SRC_URI="https://github.com/Governikus/${PN}/archive/${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="EUPL-1.2" +SLOT="0" +KEYWORDS="~amd64" + +BDEPEND=" + dev-qt/qtshadertools:6 + dev-qt/qttools:6[linguist] + virtual/pkgconfig" + +RDEPEND=" + dev-libs/openssl:0= + dev-qt/qtbase:6[concurrent,network,widgets] + dev-qt/qtdeclarative:6[widgets] + dev-qt/qtscxml:6[qml] + dev-qt/qtsvg:6 + dev-qt/qtwebsockets:6[qml] + net-libs/http-parser:0= + sys-apps/pcsc-lite + virtual/udev" + +DEPEND="${RDEPEND}" + +src_configure() { + local mycmakeargs=( + -DBUILD_SHARED_LIBS=OFF + ) + cmake_src_configure +} + +pkg_postinst() { + xdg_icon_cache_update +} + +pkg_postrm() { + xdg_icon_cache_update +} diff --git a/sys-auth/AusweisApp/Manifest b/sys-auth/AusweisApp/Manifest index 6ecc9995786c..42e94785e433 100644 --- a/sys-auth/AusweisApp/Manifest +++ b/sys-auth/AusweisApp/Manifest @@ -1,5 +1,7 @@ DIST AusweisApp-2.2.2.tar.gz 5943648 BLAKE2B 3857177c7f54ad807de480345d22e38c8160b57d51851af7c53f46307ccd5e5150d7800ed26f8f527b0ef2ec725ae2c9c1c62fba4f35007c16886184352a6440 SHA512 2e0e101d5623ea97a04710fa8dcfdd9be96df71d80f5f6aa4fbb515a6f7ca4d62df766c16b21ad48720b21eb541f22287213adb71bd1d93cee00f9839c303169 DIST AusweisApp-2.3.0.tar.gz 6144050 BLAKE2B f85bc1f197043b5cc25441388ba22dacceac231fb49b638a8cc5d7da63da4a325515e4bd577fcd30bc49450ca0122c3f897749ca8473634fa02d89a0a0c4240f SHA512 cece9352508010d42a142dcd703a489691907422df619a000d6f849cba637e2d136c866fc76ef8d19cb81f9226322c2c10f566074c937229728e63de0826f747 +DIST AusweisApp-2.3.1.tar.gz 6143361 BLAKE2B abaf82e79036da01fc8e0c549e86c4f61131a24d1c45314ad428aa1855d45a77dc4b1083eefd0f8f0c201ac2bc57d0f6dd910e7a74597e7145ff5f8237d5a919 SHA512 88d58134ea4cd4e6084976880cdaa14cf2db2444081834fd7aea4456589a02cb55d9897921020293e331fd7c92f342505babd5810d1d4b712fa1c2d0e925732f EBUILD AusweisApp-2.2.2.ebuild 910 BLAKE2B d1aaf65386b5339398d7ed38d86b1ec8cbb332eda37e111282266c537db1ad55a8f3380f90b64f6fdc442b849471039ce874d8aebd415363d0c831f3ca749198 SHA512 4a1b6322614a3f646b65e52c0f66e9cd2bb79debbe9dc32df8e8c5549b6bd9aa4ccc63305d930a8b1457a794aeadcf6ecbb8286b7258c9d5c264fb49e1f591c0 EBUILD AusweisApp-2.3.0.ebuild 911 BLAKE2B a354f3fe4841f1f554c1aec4c3839f4451bbb2e993d8e1dc9221f06d90095ee07ca89151c349d05ab07a5bd2afad0b15496f2fc56ad791c5e8d1af0ded60786a SHA512 48ae73024088f0777e9278f189060adeada6c437d409bb49f6ebfc536aa66a575093d87649ebb57679077aa58295860d3e0fca5abb13d553c1b26eef0f9e41ae +EBUILD AusweisApp-2.3.1.ebuild 911 BLAKE2B a354f3fe4841f1f554c1aec4c3839f4451bbb2e993d8e1dc9221f06d90095ee07ca89151c349d05ab07a5bd2afad0b15496f2fc56ad791c5e8d1af0ded60786a SHA512 48ae73024088f0777e9278f189060adeada6c437d409bb49f6ebfc536aa66a575093d87649ebb57679077aa58295860d3e0fca5abb13d553c1b26eef0f9e41ae MISC metadata.xml 337 BLAKE2B cfa80942834326f3877db81df2a01530ebf3a7c13b20f0dee664be8c5f45dc1eebd1f2aff1fd7a6350b14b1d107cff08176e0c46cc853dbf32ff502b0c0a671e SHA512 00b4aeca40869fd8e2490829d6b52f9a7b5520bc78b7eca0dddf287a4028e34b07c4e308b32447541bae342d41f5d08b01f30f4f836551bbf2c17f9bb49a0d58 diff --git a/sys-auth/Manifest.gz b/sys-auth/Manifest.gz Binary files differindex 3f6bdcdda406..57bbacdb2d4d 100644 --- a/sys-auth/Manifest.gz +++ b/sys-auth/Manifest.gz diff --git a/sys-auth/pambase/Manifest b/sys-auth/pambase/Manifest index 9cd6dbd0e575..8d2bd9c0fb86 100644 --- a/sys-auth/pambase/Manifest +++ b/sys-auth/pambase/Manifest @@ -4,7 +4,7 @@ DIST pambase-20250223.tar.bz2 5124 BLAKE2B ea89d43c93d85baafa1a6951ae80c6306c762 DIST pambase-20250228.tar.bz2 5144 BLAKE2B ab4c8e84cc21e25ac12b66a3d9943becb62d4f53c2f9c201c79f2a1f1f1320f4bad2b56a2a76924386d7dbe9656abf5a0bd92bbbedda23088a26128aa743e79f SHA512 e2ccbcd0c3e6f9fb035a2489a79bdfff5f12fe9393517d3b7ddb3bbd7a6a6e5b358663b1423166b0250931d50f608bb81a9f486fc53dbc7126b3980617387c94 EBUILD pambase-20220214.ebuild 2987 BLAKE2B c84777abe92a724258eed8f392d3b3ffe410f849047b453a018c97220c858dbc57ca885afb17d49c92ef1e5f44b5fa81800eb014904875b26d97dd5e2624d3b1 SHA512 bcc44e086d6a6d1ecbc70356b82794d207bca6f95e9850a7ee102ef1e350c5bc012975ad395041ea05ded7455727fe8f7402556a7cdbeb76f28fcc9a4a41a405 EBUILD pambase-20240128.ebuild 3088 BLAKE2B e1e69a42940691e074f695a6630503484d5f61f8e9daa60573ac749ce3e9a12adfe88f225d306733becaf77e46ae564d27fb9881957c24e7a847bf12a33f03b3 SHA512 ccbfa921b72348f8bd2aeb2a8d7644f23a38e5fdd47a03fe6e0b635fcb561fb5ead08d0aeb17818fe23010270a134b9e2c6469033e59124cfb88b818e647b951 -EBUILD pambase-20250223.ebuild 3096 BLAKE2B 2ccf5e952bcd1441794ebad319b08523a491c52e5cb3f17fddcb0f5e0448e5fe87542c8d24af1e22818a4d77772c5e4d35bfaf46afd87c3dc3c4861956fc5c5b SHA512 65b612ef4f47234e6ca010b35faa56cffc413865f5be16915b819d7c8c92a023d5ca8444901673069e6262f9b8b745e9ac60ea495912971d4a6496f88c10b7d8 +EBUILD pambase-20250223.ebuild 3089 BLAKE2B 6f202d565fcd3e96a2b87d0d4f23ea17c913fb5bb0a6e5f9ee2b783cb3d5d5bb538179b33c6b9f6e667243143fe188566b1b228adee0751805d4ae5c3abec485 SHA512 56f9704b88e0866154f5c6263a996054af22d390d1a2bbd41a3b2d0d1516faff7169efcfcf53a8c96f7440afba3917af497e8c5a85682ca26bb175b12830d2bd EBUILD pambase-20250228-r1.ebuild 3104 BLAKE2B a4094376182d4e958559725fcc71610915747d3e7a9fcd6f2f97a9af551be33b333b86b363388db9086e3eb03bae44fc24d851ec54c8431cc663abce6a4c4a3f SHA512 edb5c987a461bdb94fb3eb57ae66977fbd19ae919da6003a470d7b9a352605c2570a0858e4abe7e63318eb3248ee505caa523c3a47852330250d5cf4c203ab24 EBUILD pambase-999999999.ebuild 3104 BLAKE2B a4094376182d4e958559725fcc71610915747d3e7a9fcd6f2f97a9af551be33b333b86b363388db9086e3eb03bae44fc24d851ec54c8431cc663abce6a4c4a3f SHA512 edb5c987a461bdb94fb3eb57ae66977fbd19ae919da6003a470d7b9a352605c2570a0858e4abe7e63318eb3248ee505caa523c3a47852330250d5cf4c203ab24 MISC metadata.xml 4291 BLAKE2B 95b6df4757e44c8e815a00f675c6103e484e673cac2b97165aeb222aa6b049e5665ecf961e03a2bc6cf65fbb1bdc7a5543339bdc7d29c31268494586552a4e86 SHA512 0ac5a7af62ec8df0e8898d5dfe9bcfb3955d3c862db80ad94b8d3596b3f39a9232f789ce5d090d14733d58526cbc35e4dcb8635890c9f738fdaf69b1292eceb5 diff --git a/sys-auth/pambase/pambase-20250223.ebuild b/sys-auth/pambase/pambase-20250223.ebuild index e5b7dbc26b8d..420ed78f1d6f 100644 --- a/sys-auth/pambase/pambase-20250223.ebuild +++ b/sys-auth/pambase/pambase-20250223.ebuild @@ -19,7 +19,7 @@ if [[ ${PV} == *9999 ]]; then else SRC_URI="https://gitweb.gentoo.org/proj/pambase.git/snapshot/${P}.tar.bz2" - KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86" + KEYWORDS="~alpha amd64 arm arm64 ~hppa ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86" fi LICENSE="MIT" diff --git a/sys-auth/polkit/Manifest b/sys-auth/polkit/Manifest index 2ddfa1d1f0b7..5a6e92300d5e 100644 --- a/sys-auth/polkit/Manifest +++ b/sys-auth/polkit/Manifest @@ -5,13 +5,19 @@ AUX polkit-124-c99-fixes.patch 3663 BLAKE2B d3820081c0215e37855045a1e1efe4da77ef AUX polkit-124-systemd-fixup.patch 1571 BLAKE2B e9f03f0239a4af15a05a8a83749f2da50c7457849d5f170556e3ca0e8c47ec9a90359a77a8255932b3843b8d50bedf1e07472cd1e33ba1cc76a7d2b5aa0560fd SHA512 b938ac6f4de8a2e2cc799c3fcaeca7f3d4f62f14868b0281329b3b102f8cc6d7474c96ed9a16e0197ef30db229df53e7287b816ecd16efce5f00fb2783cb049b AUX polkit-124-systemd.patch 2483 BLAKE2B 3323abefac5adff5046d7756ba19d87b9206baecce4937de6b29ca2e12025c173d503e2f6bc9274147f16a333b1dd46a3d089645708d051f7cdb59a52705dcae SHA512 97622cd525e6706e82aad8bb63f8721ae22f3da47727797556b468b9f01417f78a3c52733582c5f40ba5196261faa7a0aff1da4326baf57d9d8d470d88b2a538 AUX polkit-125-musl.patch 1838 BLAKE2B 61615adbbd75e1cae40dfeafdf8f2cdd2423629074ae2fa0218c7b7ff1bd10d00d5649ff25e85ba4df2052245d7f1bc0e6877cbec96fe8dfd8c1fb09957f3b36 SHA512 4e6edca7a993519a4f8ad757f4efa88145f66792bb929241e7a098270478e512623b3eb5d2bf2cc0013f0e512e1d59334d398f19717055c864ed9574dd27b454 +AUX polkit-126-elogind.patch 1135 BLAKE2B 61d9b4521897e798192c91a85601cc932444e07a1bff88466720a00aaaac7b914a1c25ec322a62f9ce60a6b47c4a48fa6171f4208dbc8e6bfc8a0da0f1372fe3 SHA512 f57d71c5e6e5696818e2fbea39558449a07a936d4a81b53f3f951d95e8185b090e5cbaa0bb5cb045a76b9bae5c53831761011516747dcc92783dabe4d564c3c0 +AUX polkit-126-musl.patch 1156 BLAKE2B 67845156dd2fb7790fb805d3f818d7f99ebd12d01d5dd8ac8893d53297e480d4b76a4e24965c9f28a15a3bba0243b6501686b332a6e7c8ab69d29280bbbb5103 SHA512 caa550470397658d6443d01097ea77347b94941bd87c0afefc303b94cf2882d4271a8f5e5db6052d03d9470404ec3c489977ea904c26f68db6bc200483e3ebca +AUX polkit-126-realpath.patch 4896 BLAKE2B c1b055949ce1d27c1b1e0c22e1c9a55546a2ec38e44ce771faf641b3d88def47bebc5b7ccae9a34f2d090f0cab210f361865975737e2b435a6f0314c00d1d4e3 SHA512 8ad97a27e67df9c95e6c4401cf978af70ce646595b6bfc21f3f86be697d3e3ab0db316744afc91adbf0f59370c2dc8eeaaf37c874aaea8dac26bedacca3690ec DIST polkit-123.tar.bz2 707480 BLAKE2B 27d8764606d8156118269fb4cd5eda1cfd0d56df219e4157cd78fd4c2a2d001c474271b7bb31e7e82ca376eacd26411418695058cc888700690606348b4d014a SHA512 4306363d3ed7311243de462832199bd10ddda35e36449104daff0895725d8189b07a4c88340f28607846fdf761c23470da2d43288199c46aa816426384124bb6 DIST polkit-124.tar.bz2 715490 BLAKE2B ecfc1ec73a7e1bbdf7374642ad4e1dbe534149a27e75bb1235eaa446ff912466ee0cdd978c34b7f110bc62a49b25ffddc9011e280686e3f304a234454be85a40 SHA512 db520882b0bedf1c96052570bf4c55d7e966d8172f6d26acf0791d98c4b911fce5ee39e6d830f06122ac8df33c6b43c252cdb7ba3a54523804824ebf355405dc DIST polkit-125.tar.gz 453652 BLAKE2B 068bd4a7c028a0b4e026a0fdc3a60bd323087282a5c5bd7cbc404dbedb997de63893ce2282e8cd5f01f8d98ff0cc1a46200543a832fa397a4f50ef8d6ba2b28b SHA512 64d85c1557355d6de6483beeb855b74a99dbb30cf9968206dc0aaf147156072ca2604bf667533099ee3972b3eed0421ec0a1ff8bea35a1e4c54da7b9688e0953 +DIST polkit-126.tar.gz 456138 BLAKE2B 2e86c8853edf29879d8367b77d210d3a891178297cb5f9eb204a953bfaa66f6ff2307da265f4c3f89265ba8ce32e94641272d654a78d116dfb32a65d402f877a SHA512 dbdbc31b7a231c963788b37cf1a138e30336466fb662225a812faaf58e45439925d9d39346cc8f07e54f22040c2f142435acb9fded315d33e24930e0abc736c7 EBUILD polkit-123-r1.ebuild 3992 BLAKE2B a619bb72c9047a54c8bbc342e43310ca0f5a4f885b7e6b73ae354fbcdc95919bb850ddecc7b54bccfe5bbef3880723ea34765d351ba6d28d41e9fab329e9f600 SHA512 0478d625f3d892655624bce05ff22a5370a4098f7e5585365c1e30c88454546af0da107d9d9ef79707ce34c0e189ee10ef1135fd93deeba97ff21074da164a3a EBUILD polkit-124-r1.ebuild 3906 BLAKE2B 12fe0c0be38f8ab2edc577edaf46a580d46ffcc8f6992b6e06ef368ee81534d058d771cd39b8ba5eab35ab475e5e7d36e16b2bf2c2095db45c908fc370a9a591 SHA512 f799e4ffe69a32c96847e4b4b0862684118144002305cd3f005565e0860d224d073ecb64c7a9d699012185dc4e8434d984f71304461c269dd8c9b64d5874024d EBUILD polkit-125-r1.ebuild 3948 BLAKE2B 6093ffdcdc548752c6f0c0e81b31d821b70ecc6f905bf1f17476a67d5575ad9e971f98b940799d4077150ac222c5ad127598282f7b540e45b31be05813047249 SHA512 ef66cc1c9c50f902befb51d9a60d7148a3dad96626d862d18cf47e158d1f92e125d05804410c87720d32ca716cdeb80e7ac1bb73db87531a1c3bd0ba24e3ad6a EBUILD polkit-125.ebuild 3858 BLAKE2B 0f2abe9840da2f1853a7ad76aa4d318fa6667c63f015d19c5052c38d3b3408c91cc455c57f2eeaecbfa01bcf7bdff0be105a1385c7df5dec2959e9f1d616f3cb SHA512 69815752e060e6a193248cad74168bf334526121ed0beacdf70aacbb86c2b41aae79f8e3342cea92e560db10102b498c2d11c4e3b5e3a80cbcfa1478577a1a65 +EBUILD polkit-126-r1.ebuild 4024 BLAKE2B 7b010e5f6a8c92bbc8c3d6daf7320a4c329f1d93481dc72dc2a1c6a2b7357480733fe80f7c55ef52052c0e21f627b16d67e4387f7885022f0f33ede614cb13f3 SHA512 f570527e56faad74a7032a4062d7c8d0b98c98a52066342cab69a72168b397de7aac28e6a24ad25d463fa573fd011de6af404803757e7ad3fbe305266aa72ba0 +EBUILD polkit-126.ebuild 3894 BLAKE2B df2c0f19f5d4c6a608e9379eba0c375b3724b13a68079a485812b7b7c9fcd721f696793a0cd970b07c0899ad7fb00a57dc77dc5e5059a09d31148ca8e166e72b SHA512 ee4bdd37e0bc7987a863542a739ae9f3f51806952b4e7ab86e58f7520878d22e9350d26e22be5253695cfbf11b944a377662b99543ad73ad0769c5ec4cbc5210 EBUILD polkit-9999-r1.ebuild 4185 BLAKE2B e7bd2cfc49f8b9809d33bcd62b3c6551e18d9c4497eef7700b856521923f900b90d493f8257f1684e64d799287001eec045fb4ae6b0e2b90831e9e00926836dd SHA512 b0c426f426cf4c615bfb7a404e9600eaf6b78db142271c15ef47c1e7e473cf1225c8d8577afc3b7ad56059af3d96f0ddcbee19d8eea7d2fcebe5a6dc2b40d288 -EBUILD polkit-9999.ebuild 3847 BLAKE2B 7c8a8067d037cc33f09473dbae65d0ec798737e6c523c6757fbc233a782f29e495c542e764564e2ac2febb1d42b4e2a75982dca486cfe6c16b32583658939c9d SHA512 98f7a013adf2df67e49ea21e4d05cf8e03a9a38a5fe9299400d813fab7ed3f462813e0ee9592111e09418d1d23c86a53cf278a1fbaf66947ab113c2e1dbe504f +EBUILD polkit-9999.ebuild 4024 BLAKE2B 7b010e5f6a8c92bbc8c3d6daf7320a4c329f1d93481dc72dc2a1c6a2b7357480733fe80f7c55ef52052c0e21f627b16d67e4387f7885022f0f33ede614cb13f3 SHA512 f570527e56faad74a7032a4062d7c8d0b98c98a52066342cab69a72168b397de7aac28e6a24ad25d463fa573fd011de6af404803757e7ad3fbe305266aa72ba0 MISC metadata.xml 605 BLAKE2B 80c7a5d7d4d370123b0ab3d40cbc51e7a606ed45fb29cf201dfb2ebf3dbb47a9c5c3648be971d18afee881bc5fc0402b27a26bcdc4ed29e083b22e8f194d415d SHA512 14f7b54a110db41ddb8ae53a6bd769352bf59b1ac8d519b448aa4a97b1dd6f7d6a315c4aec96f223effb7c84e0525e31076650d1331b17a150f614ee1aee4034 diff --git a/sys-auth/polkit/files/polkit-126-elogind.patch b/sys-auth/polkit/files/polkit-126-elogind.patch new file mode 100644 index 000000000000..41245059c4ee --- /dev/null +++ b/sys-auth/polkit/files/polkit-126-elogind.patch @@ -0,0 +1,37 @@ +https://github.com/polkit-org/polkit/commit/55ee1b70456eca8281dda9612c485c619122f202 + +From 55ee1b70456eca8281dda9612c485c619122f202 Mon Sep 17 00:00:00 2001 +From: Jan Rybar <jrybar@redhat.com> +Date: Tue, 14 Jan 2025 13:47:54 +0100 +Subject: [PATCH] meson: fix unused dependency, fixes elogind FTBFS + +polkit-126 could not be built from source with elogind session service due +to wrong dependencies in meson.build. + +Author: @markhindley +--- + src/polkitbackend/meson.build | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/src/polkitbackend/meson.build b/src/polkitbackend/meson.build +index fc35e195..a807b41b 100644 +--- a/src/polkitbackend/meson.build ++++ b/src/polkitbackend/meson.build +@@ -37,7 +37,6 @@ deps += thread_dep + + if enable_logind + sources += files('polkitbackendsessionmonitor-systemd.c') +- + deps += logind_dep + else + sources += files('polkitbackendsessionmonitor.c') +@@ -73,7 +72,7 @@ executable( + program, + program + '.c', + include_directories: top_inc, +- dependencies: libpolkit_gobject_dep, ++ dependencies: deps, + c_args: c_flags, + link_with: libpolkit_backend, + install: true, + diff --git a/sys-auth/polkit/files/polkit-126-musl.patch b/sys-auth/polkit/files/polkit-126-musl.patch new file mode 100644 index 000000000000..3bc3cc128472 --- /dev/null +++ b/sys-auth/polkit/files/polkit-126-musl.patch @@ -0,0 +1,34 @@ +https://github.com/polkit-org/polkit/commit/074ad836836167190cfe5649f9fc50da2e79a0ab + +From 074ad836836167190cfe5649f9fc50da2e79a0ab Mon Sep 17 00:00:00 2001 +From: Jan Rybar <jrybar@redhat.com> +Date: Wed, 19 Feb 2025 14:20:22 +0100 +Subject: [PATCH] Fix musl compilation error on Alpine + +Disruptions between glibc and musl-(not-)predefined feature-test macros led to +a decision to remove a check for POSIX standards older than 17 years. It makes no +sense to test the existence of a macro that we explicitly define in +meson.build either (shall we test for _GNU_SOURCE). +--- + src/programs/pkexec.c | 6 +----- + 1 file changed, 1 insertion(+), 5 deletions(-) + +diff --git a/src/programs/pkexec.c b/src/programs/pkexec.c +index b439475f..4274c92b 100644 +--- a/src/programs/pkexec.c ++++ b/src/programs/pkexec.c +@@ -674,12 +674,8 @@ main (int argc, char *argv[]) + argv[n] = path_abs; + } + } +-#if _POSIX_C_SOURCE >= 200809L ++ + s = realpath(path, NULL); +-#else +- s = NULL; +-# error We have to deal with realpath(3) PATH_MAX madness +-#endif + if (s != NULL) + { + /* The called program resolved to the canonical location. We don't update + diff --git a/sys-auth/polkit/files/polkit-126-realpath.patch b/sys-auth/polkit/files/polkit-126-realpath.patch new file mode 100644 index 000000000000..3946932fa1ff --- /dev/null +++ b/sys-auth/polkit/files/polkit-126-realpath.patch @@ -0,0 +1,133 @@ +https://github.com/polkit-org/polkit/commit/9aa43e089d870a8ee695e625237c5b731b250678 + +From 9aa43e089d870a8ee695e625237c5b731b250678 Mon Sep 17 00:00:00 2001 +From: Walter Doekes <walter+github@wjd.nu> +Date: Fri, 25 Oct 2024 23:18:16 +0200 +Subject: [PATCH] pkexec: Use realpath when comparing + org.freedesktop.policykit.exec.path + +This changes the pkexec path that is compared from the original supplied +path to the path resolved by realpath(3). + +That means that "/bin/something" might now be matched as +"/usr/bin/something", a review of your + <annotate key="org.freedesktop.policykit.exec.path"> +actions might be in order. + +Fixes: polkit-org/polkit#194 + +See also: systemd/systemd#34714 +--- + src/programs/pkexec.c | 29 +++++++++++++++++++++++++++-- + test/integration/pkexec/test.sh | 23 +++++++++++++++++++++++ + 2 files changed, 50 insertions(+), 2 deletions(-) + +diff --git a/src/programs/pkexec.c b/src/programs/pkexec.c +index 65c13090..b439475f 100644 +--- a/src/programs/pkexec.c ++++ b/src/programs/pkexec.c +@@ -452,6 +452,7 @@ main (int argc, char *argv[]) + gchar *action_id; + gboolean allow_gui; + gchar **exec_argv; ++ gchar *path_abs; + gchar *path; + struct passwd pwstruct; + gchar pwbuf[8192]; +@@ -508,6 +509,7 @@ main (int argc, char *argv[]) + result = NULL; + action_id = NULL; + saved_env = NULL; ++ path_abs = NULL; + path = NULL; + exec_argv = NULL; + command_line = NULL; +@@ -624,6 +626,8 @@ main (int argc, char *argv[]) + * but do check this is the case. + * + * We also try to locate the program in the path if a non-absolute path is given. ++ * ++ * And then we resolve the real path of the program. + */ + g_assert (argv[argc] == NULL); + path = g_strdup (argv[n]); +@@ -647,7 +651,7 @@ main (int argc, char *argv[]) + } + if (path[0] != '/') + { +- /* g_find_program_in_path() is not suspectible to attacks via the environment */ ++ /* g_find_program_in_path() is not susceptible to attacks via the environment */ + s = g_find_program_in_path (path); + if (s == NULL) + { +@@ -662,9 +666,29 @@ main (int argc, char *argv[]) + */ + if (argv[n] != NULL) + { +- argv[n] = path; ++ /* Must copy because we might replace path later on. */ ++ path_abs = g_strdup(path); ++ /* argv[n:] is used as argv arguments to execv(). The called program ++ * sees the original called path, but we make sure it's absolute. */ ++ if (path_abs != NULL) ++ argv[n] = path_abs; + } + } ++#if _POSIX_C_SOURCE >= 200809L ++ s = realpath(path, NULL); ++#else ++ s = NULL; ++# error We have to deal with realpath(3) PATH_MAX madness ++#endif ++ if (s != NULL) ++ { ++ /* The called program resolved to the canonical location. We don't update ++ * argv[n] this time. The called program still sees the original ++ * called path. This is very important for multi-call binaries like ++ * busybox. */ ++ g_free (path); ++ path = s; ++ } + if (access (path, F_OK) != 0) + { + g_printerr ("Error accessing %s: %s\n", path, g_strerror (errno)); +@@ -1084,6 +1108,7 @@ main (int argc, char *argv[]) + } + + g_free (original_cwd); ++ g_free (path_abs); + g_free (path); + g_free (command_line); + g_free (cmdline_short); +diff --git a/test/integration/pkexec/test.sh b/test/integration/pkexec/test.sh +index 4c76687b..e57b948f 100755 +--- a/test/integration/pkexec/test.sh ++++ b/test/integration/pkexec/test.sh +@@ -142,3 +142,26 @@ sudo -u "$TEST_USER" expect "$TMP_DIR/SIGTRAP-on-EOF.exp" | tee "$TMP_DIR/SIGTRA + grep -q "AUTHENTICATION FAILED" "$TMP_DIR/SIGTRAP-on-EOF.log" + grep -q "Not authorized" "$TMP_DIR/SIGTRAP-on-EOF.log" + rm -f "$TMP_DIR/SIGTRAP-on-EOF.log" ++ ++: "Check absolute (but not canonicalized) path" ++BASH_ABS=$(command -v bash) ++ln -s "$BASH_ABS" ./my-bash ++sudo -u "$TEST_USER" expect "$TMP_DIR/basic-auth.exp" "$TEST_USER_PASSWORD" ./my-bash -c true | tee "$TMP_DIR/absolute-path.log" ++grep -Eq "Authentication is needed to run \`/.*/${PWD##*/}/./my-bash -c true' as the super user" "$TMP_DIR/absolute-path.log" ++grep -q "AUTHENTICATION COMPLETE" "$TMP_DIR/absolute-path.log" ++rm -f "$TMP_DIR/absolute-path.log" ++rm -f "./my-bash" ++ ++: "Check canonicalized path" ++if command -v strace; then ++ BASH_ABS=$(command -v bash) ++ ln -s "$BASH_ABS" ./my-bash ++ sudo -u "$TEST_USER" strace -s 512 -o "$TMP_DIR/canonical-path.strace" -feexecve \ ++ expect "$TMP_DIR/basic-auth.exp" "$TEST_USER_PASSWORD" ./my-bash -c true | tee "$TMP_DIR/canonical-path.log" ++ cat "$TMP_DIR/canonical-path.strace" ++ grep -qF "execve(\"$BASH_ABS\", [\"$PWD/./my-bash\"," "$TMP_DIR/canonical-path.strace" ++ grep -q "AUTHENTICATION COMPLETE" "$TMP_DIR/canonical-path.log" ++ rm -f "$TMP_DIR/canonical-path.log" "$TMP_DIR/canonical-path.strace" ++ rm -f "./my-bash" ++ rm -f "$TMP_DIR/preload.c" "$TMP_DIR/preload.so" ++fi + diff --git a/sys-auth/polkit/polkit-126-r1.ebuild b/sys-auth/polkit/polkit-126-r1.ebuild new file mode 100644 index 000000000000..d3d5ee6aac97 --- /dev/null +++ b/sys-auth/polkit/polkit-126-r1.ebuild @@ -0,0 +1,165 @@ +# Copyright 1999-2025 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +PYTHON_COMPAT=( python3_{10..13} ) +inherit meson pam pax-utils python-any-r1 systemd tmpfiles xdg-utils + +DESCRIPTION="Policy framework for controlling privileges for system-wide services" +HOMEPAGE="https://www.freedesktop.org/wiki/Software/polkit https://github.com/polkit-org/polkit" +if [[ ${PV} == 9999 ]] ; then + EGIT_REPO_URI="https://github.com/polkit-org/polkit" + inherit git-r3 +elif [[ ${PV} == *_p* ]] ; then + # Upstream don't make releases very often. Test snapshots throughly + # and review commits, but don't shy away if there's useful stuff there + # we want. + MY_COMMIT="" + SRC_URI="https://github.com/polkit-org/polkit/archive/${MY_COMMIT}.tar.gz -> ${P}.tar.gz" + + S="${WORKDIR}"/${PN}-${MY_COMMIT} +else + SRC_URI="https://github.com/polkit-org/polkit/archive/refs/tags/${PV}.tar.gz -> ${P}.tar.gz" +fi + +LICENSE="LGPL-2" +SLOT="0" +if [[ ${PV} != 9999 ]] ; then + KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~loong ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86" +fi +IUSE="+daemon examples gtk +introspection kde pam nls selinux systemd test" +RESTRICT="!test? ( test )" + +BDEPEND=" + acct-user/polkitd + app-text/docbook-xml-dtd:4.1.2 + app-text/docbook-xsl-stylesheets + >=dev-libs/glib-2.32 + dev-libs/gobject-introspection-common + dev-libs/libxslt + dev-util/glib-utils + virtual/pkgconfig + introspection? ( >=dev-libs/gobject-introspection-0.6.2 ) + nls? ( sys-devel/gettext ) + test? ( + $(python_gen_any_dep ' + dev-python/dbus-python[${PYTHON_USEDEP}] + dev-python/python-dbusmock[${PYTHON_USEDEP}] + ') + ) +" +DEPEND=" + >=dev-libs/glib-2.32:2 + dev-libs/expat + daemon? ( + dev-lang/duktape:= + ) + pam? ( + sys-auth/pambase + sys-libs/pam + ) + !pam? ( virtual/libcrypt:= ) + systemd? ( sys-apps/systemd:0=[policykit] ) + !systemd? ( sys-auth/elogind ) +" +RDEPEND=" + ${DEPEND} + acct-user/polkitd + selinux? ( sec-policy/selinux-policykit ) +" +PDEPEND=" + gtk? ( || ( + >=gnome-extra/polkit-gnome-0.105 + >=lxde-base/lxsession-0.5.2 + ) ) + kde? ( kde-plasma/polkit-kde-agent ) +" + +DOCS=( docs/TODO HACKING.md NEWS.md README.md ) + +QA_MULTILIB_PATHS=" + usr/lib/polkit-1/polkit-agent-helper-1 + usr/lib/polkit-1/polkitd +" + +PATCHES=( + "${FILESDIR}"/${P}-elogind.patch + "${FILESDIR}"/${P}-realpath.patch + "${FILESDIR}"/${P}-musl.patch +) + +python_check_deps() { + python_has_version "dev-python/dbus-python[${PYTHON_USEDEP}]" && + python_has_version "dev-python/python-dbusmock[${PYTHON_USEDEP}]" +} + +pkg_setup() { + use test && python-any-r1_pkg_setup +} + +src_prepare() { + default + + # bug #401513 + sed -i -e 's|unix-group:@PRIVILEGED_GROUP@|unix-user:@PRIVILEGED_GROUP@|' src/polkitbackend/*-default.rules.in || die +} + +src_configure() { + xdg_environment_reset + + local emesonargs=( + --localstatedir="${EPREFIX}"/var + -Dauthfw="$(usex pam pam shadow)" + -Dexamples=false + -Dgtk_doc=false + -Dman=true + -Dos_type=gentoo + -Dpam_module_dir=$(getpam_mod_dir) + -Dprivileged_group=0 + -Dsession_tracking="$(usex systemd logind elogind)" + -Dsystemdsystemunitdir="$(systemd_get_systemunitdir)" + $(meson_use !daemon libs-only) + $(meson_use introspection) + $(meson_use nls gettext) + $(meson_use test tests) + ) + meson_src_configure +} + +src_compile() { + meson_src_compile + + # Required for polkitd on hardened/PaX due to spidermonkey's JIT + pax-mark mr src/polkitbackend/.libs/polkitd test/polkitbackend/.libs/polkitbackendjsauthoritytest +} + +src_install() { + meson_src_install + + # acct-user/polkitd installs its own (albeit with a different filename) + rm -rf "${ED}"/usr/lib/sysusers.d || die + + if use examples ; then + docinto examples + dodoc src/examples/{*.c,*.policy*} + fi + + if use daemon; then + if [[ ${EUID} == 0 ]]; then + diropts -m 0700 -o polkitd + fi + keepdir /etc/polkit-1/rules.d + fi +} + +pkg_postinst() { + if use daemon ; then + tmpfiles_process polkit-tmpfiles.conf + + if [[ ${EUID} == 0 ]]; then + chmod 0700 "${EROOT}"/{etc,usr/share}/polkit-1/rules.d + chown polkitd "${EROOT}"/{etc,usr/share}/polkit-1/rules.d + fi + fi +} diff --git a/sys-auth/polkit/polkit-126.ebuild b/sys-auth/polkit/polkit-126.ebuild new file mode 100644 index 000000000000..6d0de65b2529 --- /dev/null +++ b/sys-auth/polkit/polkit-126.ebuild @@ -0,0 +1,157 @@ +# Copyright 1999-2025 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +PYTHON_COMPAT=( python3_{10..12} ) +inherit meson pam pax-utils python-any-r1 systemd tmpfiles xdg-utils + +DESCRIPTION="Policy framework for controlling privileges for system-wide services" +HOMEPAGE="https://www.freedesktop.org/wiki/Software/polkit https://github.com/polkit-org/polkit" +if [[ ${PV} == 9999 ]] ; then + EGIT_REPO_URI="https://github.com/polkit-org/polkit" + inherit git-r3 +elif [[ ${PV} == *_p* ]] ; then + # Upstream don't make releases very often. Test snapshots throughly + # and review commits, but don't shy away if there's useful stuff there + # we want. + MY_COMMIT="" + SRC_URI="https://github.com/polkit-org/polkit/archive/${MY_COMMIT}.tar.gz -> ${P}.tar.gz" + + S="${WORKDIR}"/${PN}-${MY_COMMIT} +else + SRC_URI="https://github.com/polkit-org/polkit/archive/refs/tags/${PV}.tar.gz -> ${P}.tar.gz" +fi + +LICENSE="LGPL-2" +SLOT="0" +if [[ ${PV} != 9999 ]] ; then + KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~loong ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86" +fi +IUSE="+daemon examples gtk +introspection kde pam nls selinux systemd test" +RESTRICT="!test? ( test )" + +BDEPEND=" + acct-user/polkitd + app-text/docbook-xml-dtd:4.1.2 + app-text/docbook-xsl-stylesheets + >=dev-libs/glib-2.32 + dev-libs/gobject-introspection-common + dev-libs/libxslt + dev-util/glib-utils + virtual/pkgconfig + introspection? ( >=dev-libs/gobject-introspection-0.6.2 ) + nls? ( sys-devel/gettext ) + test? ( + $(python_gen_any_dep ' + dev-python/dbus-python[${PYTHON_USEDEP}] + dev-python/python-dbusmock[${PYTHON_USEDEP}] + ') + ) +" +DEPEND=" + >=dev-libs/glib-2.32:2 + dev-libs/expat + daemon? ( + dev-lang/duktape:= + ) + pam? ( + sys-auth/pambase + sys-libs/pam + ) + !pam? ( virtual/libcrypt:= ) + systemd? ( sys-apps/systemd:0=[policykit] ) + !systemd? ( sys-auth/elogind ) +" +RDEPEND=" + ${DEPEND} + acct-user/polkitd + selinux? ( sec-policy/selinux-policykit ) +" +PDEPEND=" + gtk? ( || ( + >=gnome-extra/polkit-gnome-0.105 + >=lxde-base/lxsession-0.5.2 + ) ) + kde? ( kde-plasma/polkit-kde-agent ) +" + +DOCS=( docs/TODO HACKING.md NEWS.md README.md ) + +QA_MULTILIB_PATHS=" + usr/lib/polkit-1/polkit-agent-helper-1 + usr/lib/polkit-1/polkitd +" + +python_check_deps() { + python_has_version "dev-python/dbus-python[${PYTHON_USEDEP}]" && + python_has_version "dev-python/python-dbusmock[${PYTHON_USEDEP}]" +} + +pkg_setup() { + use test && python-any-r1_pkg_setup +} + +src_prepare() { + default + + # bug #401513 + sed -i -e 's|unix-group:@PRIVILEGED_GROUP@|unix-user:@PRIVILEGED_GROUP@|' src/polkitbackend/*-default.rules.in || die +} + +src_configure() { + xdg_environment_reset + + local emesonargs=( + --localstatedir="${EPREFIX}"/var + -Dauthfw="$(usex pam pam shadow)" + -Dexamples=false + -Dgtk_doc=false + -Dman=true + -Dos_type=gentoo + -Dpam_module_dir=$(getpam_mod_dir) + -Dprivileged_group=0 + -Dsession_tracking="$(usex systemd logind elogind)" + -Dsystemdsystemunitdir="$(systemd_get_systemunitdir)" + $(meson_use !daemon libs-only) + $(meson_use introspection) + $(meson_use nls gettext) + $(meson_use test tests) + ) + meson_src_configure +} + +src_compile() { + meson_src_compile + + # Required for polkitd on hardened/PaX due to spidermonkey's JIT + pax-mark mr src/polkitbackend/.libs/polkitd test/polkitbackend/.libs/polkitbackendjsauthoritytest +} + +src_install() { + meson_src_install + + # acct-user/polkitd installs its own (albeit with a different filename) + rm -rf "${ED}"/usr/lib/sysusers.d || die + + if use examples ; then + docinto examples + dodoc src/examples/{*.c,*.policy*} + fi + + if use daemon; then + if [[ ${EUID} == 0 ]]; then + diropts -m 0700 -o polkitd + fi + keepdir /etc/polkit-1/rules.d + fi +} + +pkg_postinst() { + tmpfiles_process polkit-tmpfiles.conf + + if use daemon && [[ ${EUID} == 0 ]]; then + chmod 0700 "${EROOT}"/{etc,usr/share}/polkit-1/rules.d + chown polkitd "${EROOT}"/{etc,usr/share}/polkit-1/rules.d + fi +} diff --git a/sys-auth/polkit/polkit-9999.ebuild b/sys-auth/polkit/polkit-9999.ebuild index 5ba85f4ecd7e..d3d5ee6aac97 100644 --- a/sys-auth/polkit/polkit-9999.ebuild +++ b/sys-auth/polkit/polkit-9999.ebuild @@ -1,9 +1,9 @@ -# Copyright 1999-2024 Gentoo Authors +# Copyright 1999-2025 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 EAPI=8 -PYTHON_COMPAT=( python3_{10..12} ) +PYTHON_COMPAT=( python3_{10..13} ) inherit meson pam pax-utils python-any-r1 systemd tmpfiles xdg-utils DESCRIPTION="Policy framework for controlling privileges for system-wide services" @@ -28,20 +28,20 @@ SLOT="0" if [[ ${PV} != 9999 ]] ; then KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~loong ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86" fi -IUSE="+daemon examples gtk +introspection kde pam selinux systemd test" +IUSE="+daemon examples gtk +introspection kde pam nls selinux systemd test" RESTRICT="!test? ( test )" BDEPEND=" acct-user/polkitd app-text/docbook-xml-dtd:4.1.2 app-text/docbook-xsl-stylesheets - dev-libs/glib + >=dev-libs/glib-2.32 dev-libs/gobject-introspection-common dev-libs/libxslt dev-util/glib-utils - sys-devel/gettext virtual/pkgconfig introspection? ( >=dev-libs/gobject-introspection-0.6.2 ) + nls? ( sys-devel/gettext ) test? ( $(python_gen_any_dep ' dev-python/dbus-python[${PYTHON_USEDEP}] @@ -83,6 +83,12 @@ QA_MULTILIB_PATHS=" usr/lib/polkit-1/polkitd " +PATCHES=( + "${FILESDIR}"/${P}-elogind.patch + "${FILESDIR}"/${P}-realpath.patch + "${FILESDIR}"/${P}-musl.patch +) + python_check_deps() { python_has_version "dev-python/dbus-python[${PYTHON_USEDEP}]" && python_has_version "dev-python/python-dbusmock[${PYTHON_USEDEP}]" @@ -115,6 +121,7 @@ src_configure() { -Dsystemdsystemunitdir="$(systemd_get_systemunitdir)" $(meson_use !daemon libs-only) $(meson_use introspection) + $(meson_use nls gettext) $(meson_use test tests) ) meson_src_configure @@ -147,10 +154,12 @@ src_install() { } pkg_postinst() { - tmpfiles_process polkit-tmpfiles.conf + if use daemon ; then + tmpfiles_process polkit-tmpfiles.conf - if use daemon && [[ ${EUID} == 0 ]]; then - chmod 0700 "${EROOT}"/{etc,usr/share}/polkit-1/rules.d - chown polkitd "${EROOT}"/{etc,usr/share}/polkit-1/rules.d + if [[ ${EUID} == 0 ]]; then + chmod 0700 "${EROOT}"/{etc,usr/share}/polkit-1/rules.d + chown polkitd "${EROOT}"/{etc,usr/share}/polkit-1/rules.d + fi fi } diff --git a/sys-auth/sssd/Manifest b/sys-auth/sssd/Manifest index c3ac980e721b..b0a051917e7e 100644 --- a/sys-auth/sssd/Manifest +++ b/sys-auth/sssd/Manifest @@ -1,14 +1,10 @@ AUX sssd-2.10.0_beta2-fix-systemd-systemconfdir.patch 920 BLAKE2B cda41cc9f381ad5040153eb6f5393bb7f568a08a036e37ee40a86e442ec8addfb459d01314518eb27e593682effb0186445048c899421d1d0bbe33d37666e8ed SHA512 a6009b99778505633fe2fc7b3f48ae1e87a4fa4ae123020049471d4b2e5e9814d848268ce3d969156d7aa2829c5f020bf669dedd466c7ac2eae0db63bf6e0ad0 AUX sssd-2.8.2-krb5_pw_locked.patch 453 BLAKE2B 7aed1dd32f0743381b704444ac36dcffa76535d58cd39d307d370290b9b5ad634ef9b90f4d076c7b91b41113792b0d24cf04b63bcd1e1220aa3e790f9c9a23c0 SHA512 e3c210032d6f65ebffa14aa7c398ca929b7bb17d9aa9ef30c2a1522311bc0bf278214d008d7dbac47e8565245b35e00f7143f5c7d0d24f99d64a92486ec50e45 -AUX sssd-2.9.1-conditional-python-install.patch 533 BLAKE2B ce076e4e00bd1b3e8a18427fde385b6a65fbbc65f28a542f575d3b77b8e7d277ebc829a7d43fdbced51475b69553de4fd6e564d52d06c6a83edcae7fa8a2a53a SHA512 4348577c16ab96717e0b92dcae00e955e76e9be6c58a6f6c4435f2315c8393336396e7a0ccdd05f50b97233a956ef674fd64589780500159748ac47c65edb623 AUX sssd-2.9.6-conditional-python-install.patch 484 BLAKE2B 7fce3041266d7479ea114ad823f3c63693d0a74547d1d172a67564e62db878f31600f39ff6070f8b6e91f12da5fbfe40e67e90b2f269e049fc3a56f68bf32b9e SHA512 2cb9bf21cdf453d149d5a770e63abbe6aef9c5cd22e805bb8dfa6d0e21f73679c91a1fce071805ae53c6f694d727b1533c0a7618785c00d21934056819a74f5d AUX sssd.conf 124 BLAKE2B b6f9c016a014510f97b036d23d5f50e1e13085220fe82b0e6ef7a3ceeb114e59af935f39e66e4ad60a46f43983930e5d381b16b0ed31ba4349abe38c4b509367 SHA512 f16908c44b213edbf6b0c6e8d49df92e8c06fc623279037074fe51e49b8aca7dc18f5ed83f71909fc8209df80dfc150583edb1687f88e61588bdf9d1fbf6ed5a DIST sssd-2.10.2.tar.gz 9200497 BLAKE2B 76b6e4ab26c326d1075ae2811445e7c4196450af4b9791e3854c087bb82f229cc48a39027248d694943ec6fb9270d915a00d55eec7cd76c38700d4d1f3775360 SHA512 14ad222802e5426b0959ee32602e04ce24b3eb8d3bdd5e188cf29e3c7d32e0631b41c386fdbd129acf281317538460015d35410a688ea48dd546f9ae28522eac -DIST sssd-2.9.5.tar.gz 8001964 BLAKE2B e9c839e58fbeac9e8cba83b726f075c5db6ce85059546d745672c222b594f4aa26ad103f0eb3a8ff9e2b364c3502fb93c639fe9e621fefd6fecd2319f5cb499a SHA512 d219f12ffc75af233f0e4ffc62c0442acc6da3cd94ed4eab7102a78821af5257c8e4ba0d06b2c99c08e06502f8d0d0bcc80540d63823dbe0f52eb0432ae7e14d DIST sssd-2.9.6.tar.gz 9136447 BLAKE2B 9ba4faa66d56150de58e86588bd0dedb02ff2f155fa118a35cd981885fed6cab5fdf13373f575a41691c87b4d18c586cba717b399e3826675eee1b0f8da967b7 SHA512 d9a35fc12022f0a2aa73be373b396411fc69b2fe5489ab93d17813a4c75b3ec30e598d5748ab202f7588039b465e11d616ce546cd5fe5439fa8edd9ac8cda69a EBUILD sssd-2.10.2.ebuild 9779 BLAKE2B 2898f40f38ae1072e903862a1ac2e2b0397f46f4d8182a159c54a4d07d37a46963dbaa81df62d37549a67f737a0bdd226e584707435e471ed49b1ac7aa3a41a6 SHA512 7fa8036d32cd252abe5d425c526b5e7aa84cbbb53f920aca56f1591a7ccf5b440d2fe0966a320de7de7639e67329a4237bd75aa98e28becb64d6514113427d1b -EBUILD sssd-2.9.5-r2.ebuild 8539 BLAKE2B bc11c907352862078b39bf8f83e314864f262074b9fd47ac785835ee0220ade68dfb502cffc9fbedafb7fbd29d20fcff3d9aac179b1bd772d6f2d1b7529ac496 SHA512 fb8615e7ff5c79da4aba30f838976cc24effbcbd706ac6ff21b2060b30dfbe7743fd4da5fe6516097f96749b6bdf29c0bba584be605d1d30c71191281e1912b4 -EBUILD sssd-2.9.5.ebuild 8443 BLAKE2B 4053db31c371e80684619b56fb178e2e9bd391450cb4f5ce1b15cc4ed853119d5d869269ffa55eb2ed48cb6d170b9fcba0cef7c0a88b500445be31d597244828 SHA512 b915e3d8a7ffd2b01a88d845a0a58f2dd0566c8872ed2f15ff22d959e028ae68c7c934165d49f03daaf635cc72fac6dfd54d834c0088d5622f8d293f70492a16 EBUILD sssd-2.9.6-r1.ebuild 8650 BLAKE2B e6a84bb71e03097db02179e1acbd340c8c636aed21acd15f6eee5f5d0e377f4f0779473925c7c93a7a50a9ece5f13ca784fba2fdc58290ba8238155354164e2a SHA512 17a5af58c825751cdb6019e8a4d8645902c8c86da0a686f24de3a93de92c6446194ac24f4f856e00b9d1635b47edd883bbf18a22a5b3d323a7e2064b7ab9bf12 -EBUILD sssd-2.9.6.ebuild 8351 BLAKE2B d34489d09db062d31efe5c356b472796e06ec6592b5fa9dd631f0a78ae5d75ec1750630a1bb58fce6eed4ca530c25e4ee3ebb51b28aad774231eb7de54bd12bf SHA512 b76e904d477768a3b162eb8b48b5caf0bd5c885b36efe8b797f5abe0e4b81041bca4c31093773ecbf33d04028e43d88253bebddb25698b05643690cdf1e99fc9 -MISC metadata.xml 1329 BLAKE2B 7334d67b5d95f8f814adee9e0b73ff6913090eebf5d3f975fba26230323c36840eb1d8b36c868cc27e8b5420affc406817e0b9a43419d6bedb695c3121410a47 SHA512 80beda37620bf5597c4c4b99ae30ba938e45b370fb52f90909ae02d2b88488ae66065d3d61a5d475f5cec0f5c36ce99cc81548302190a9b62ca9d1441ca9f15f +EBUILD sssd-2.9.6-r2.ebuild 8652 BLAKE2B f08451a674a2f8ab120a9d9d1f3644e73b4fd6f4fa17628126a64c5a0dac21149d4f7cca021c8944d88c23f505875194773fc2237afae9d1114f62e037f532c8 SHA512 efeb64c73cedf557270282cab50b2c07ecb75deb6119670b1eb2c36a80b5f93707c340fc5f885ef6d62ae23fe6bd8c3112817649e8831204ad20531a80d40ce0 +MISC metadata.xml 1148 BLAKE2B 1143a55f4d96bde3c86b46a42d784c07125254a3de99c567ebca936de7c7b3c58b1533ee3f6b4e3ce551ecbf1b1574b69ad1302b51e45f7c12e81bb56c3a0e8c SHA512 4549a1ffa78d4448c3ee0a9b43013890418608da34c292e65626c6bc79a15d3a6553af1e8cdf2937b300f03f8f91f505efbe2fb713c6747f35bf4b9ad0d08db1 diff --git a/sys-auth/sssd/files/sssd-2.9.1-conditional-python-install.patch b/sys-auth/sssd/files/sssd-2.9.1-conditional-python-install.patch deleted file mode 100644 index de46b96c82f9..000000000000 --- a/sys-auth/sssd/files/sssd-2.9.1-conditional-python-install.patch +++ /dev/null @@ -1,19 +0,0 @@ -diff --git a/src/tools/analyzer/Makefile.am b/src/tools/analyzer/Makefile.am -index b40043d04..dce6b9d36 100644 ---- a/src/tools/analyzer/Makefile.am -+++ b/src/tools/analyzer/Makefile.am -@@ -5,7 +5,9 @@ dist_sss_analyze_python_SCRIPTS = \ - $(NULL) - - pkgpythondir = $(python3dir)/sssd -+modulesdir = $(pkgpythondir)/modules - -+if BUILD_PYTHON_BINDINGS - dist_pkgpython_DATA = \ - __init__.py \ - source_files.py \ -@@ -20,3 +22,4 @@ dist_modules_DATA = \ - modules/__init__.py \ - modules/request.py \ - $(NULL) -+endif diff --git a/sys-auth/sssd/metadata.xml b/sys-auth/sssd/metadata.xml index 09bfecfe2361..a0489f662775 100644 --- a/sys-auth/sssd/metadata.xml +++ b/sys-auth/sssd/metadata.xml @@ -19,8 +19,6 @@ <flag name="nfsv4">Add support for the nfsv4 idmapd plugin provided by <pkg>net-fs/nfs-utils</pkg></flag> <flag name="passkey">Add support for FIDO2 passkeys"</flag> <flag name="samba">Add Privileged Attribute Certificate Support for Kerberos</flag> - <flag name="subid">Support subordinate uid and gid ranges in FreeIPA</flag> - <flag name="sudo">Build helper to let <pkg>app-admin/sudo</pkg> use sssd provided information</flag> <flag name="systemtap">Enable SystemTap/DTrace tracing</flag> </use> <upstream> diff --git a/sys-auth/sssd/sssd-2.9.5-r2.ebuild b/sys-auth/sssd/sssd-2.9.5-r2.ebuild deleted file mode 100644 index 2df836ab8b1b..000000000000 --- a/sys-auth/sssd/sssd-2.9.5-r2.ebuild +++ /dev/null @@ -1,335 +0,0 @@ -# Copyright 1999-2024 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -PLOCALES="ca de es fr ja ko pt_BR ru sv tr uk" -PLOCALES_BIN="${PLOCALES} bg cs eu fi hu id it ka nb nl pl pt tg zh_TW zh_CN" -PLOCALE_BACKUP="sv" -PYTHON_COMPAT=( python3_{10..12} ) - -inherit autotools linux-info multilib-minimal optfeature plocale \ - python-single-r1 pam systemd toolchain-funcs - -DESCRIPTION="System Security Services Daemon provides access to identity and authentication" -HOMEPAGE="https://github.com/SSSD/sssd" -if [[ ${PV} != 9999 ]]; then - SRC_URI="https://github.com/SSSD/sssd/releases/download/${PV}/${P}.tar.gz" - KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~m68k ~mips ~ppc ~ppc64 ~riscv ~sparc ~x86" -else - inherit git-r3 - EGIT_REPO_URI="https://github.com/SSSD/sssd.git" - EGIT_BRANCH="master" -fi - -LICENSE="GPL-3" -SLOT="0" -IUSE="acl doc +netlink nfsv4 nls +man python samba selinux subid sudo systemd systemtap test" -REQUIRED_USE=" - python? ( ${PYTHON_REQUIRED_USE} ) - test? ( sudo )" -RESTRICT="!test? ( test )" - -DEPEND=" - >=app-crypt/mit-krb5-1.19.1[${MULTILIB_USEDEP}] - app-crypt/p11-kit - >=dev-libs/ding-libs-0.2 - >=dev-libs/cyrus-sasl-2.1.25-r3[kerberos] - dev-libs/jansson:= - dev-libs/libpcre2:= - dev-libs/libunistring:=[${MULTILIB_USEDEP}] - >=dev-libs/popt-1.16 - >=dev-libs/openssl-1.0.2:= - >=net-dns/bind-tools-9.9[gssapi] - >=net-dns/c-ares-1.10.0-r1:=[${MULTILIB_USEDEP}] - >=net-nds/openldap-2.4.30:=[sasl,experimental] - >=sys-apps/dbus-1.6 - >=sys-apps/keyutils-1.5:= - >=sys-libs/pam-0-r1[${MULTILIB_USEDEP}] - >=sys-libs/talloc-2.0.7 - >=sys-libs/tdb-1.2.9 - >=sys-libs/tevent-0.9.16 - virtual/ldb:= - virtual/libintl - acl? ( net-fs/cifs-utils[acl] ) - netlink? ( dev-libs/libnl:3 ) - nfsv4? ( >=net-fs/nfs-utils-2.3.1-r2 ) - nls? ( >=sys-devel/gettext-0.18 ) - python? ( - ${PYTHON_DEPS} - systemd? ( - $(python_gen_cond_dep ' - dev-python/python-systemd[${PYTHON_USEDEP}] - ') - ) - ) - samba? ( >=net-fs/samba-4.10.2[winbind] ) - selinux? ( - >=sys-libs/libselinux-2.1.9 - >=sys-libs/libsemanage-2.1 - ) - subid? ( >=sys-apps/shadow-4.9 ) - systemd? ( - sys-apps/systemd:= - sys-apps/util-linux - ) - systemtap? ( dev-debug/systemtap )" -RDEPEND="${DEPEND} - selinux? ( >=sec-policy/selinux-sssd-2.20120725-r9 )" -BDEPEND=" - virtual/pkgconfig - ${PYTHON_DEPS} - doc? ( app-text/doxygen ) - man? ( - app-text/docbook-xml-dtd:4.4 - >=dev-libs/libxslt-1.1.26 - nls? ( app-text/po4a ) - ) - nls? ( sys-devel/gettext ) - test? ( - dev-libs/check - dev-libs/softhsm:2 - dev-util/cmocka - net-libs/gnutls[pkcs11,tools] - sys-libs/libfaketime - sys-libs/nss_wrapper - sys-libs/pam_wrapper - sys-libs/uid_wrapper - ) -" - -CONFIG_CHECK="~KEYS" - -PATCHES=( - "${FILESDIR}/${PN}-2.8.2-krb5_pw_locked.patch" - "${FILESDIR}/${PN}-2.9.1-conditional-python-install.patch" -) - -MULTILIB_WRAPPED_HEADERS=( - /usr/include/ipa_hbac.h - /usr/include/sss_idmap.h - /usr/include/sss_nss_idmap.h - # --with-ifp - /usr/include/sss_sifp.h - /usr/include/sss_sifp_dbus.h - # from 1.15.3 - /usr/include/sss_certmap.h -) - -pkg_setup() { - linux-info_pkg_setup - python-single-r1_pkg_setup -} - -src_prepare() { - default - - plocale_get_locales > src/man/po/LINGUAS || die - - sed -i \ - -e "/_langs]/ s/ .*//" \ - src/man/po/po4a.cfg \ - || die - enable_locale() { - local locale=${1} - - sed -i \ - -e "/_langs]/ s/$/ ${locale}/" \ - src/man/po/po4a.cfg \ - || die - } - - plocale_for_each_locale enable_locale - - PLOCALES="${PLOCALES_BIN}" - plocale_get_locales > po/LINGUAS || die - - sed -i \ - -e 's:/var/run:/run:' \ - src/examples/logrotate \ - || die - - # disable flaky test, see https://github.com/SSSD/sssd/issues/5631 - sed -i \ - -e '/^\s*pam-srv-tests[ \\]*$/d' \ - Makefile.am \ - || die - - eautoreconf - - multilib_copy_sources -} - -src_configure() { - local native_dbus_cflags=$($(tc-getPKG_CONFIG) --cflags dbus-1 || die) - - # Workaround for bug #938302 - if use systemtap && has_version "dev-debug/systemtap[-dtrace-symlink(+)]" ; then - export DTRACE="${BROOT}"/usr/bin/stap-dtrace - fi - - multilib-minimal_src_configure -} - -multilib_src_configure() { - local myconf=() - - myconf+=( - --libexecdir="${EPREFIX}"/usr/libexec - --localstatedir="${EPREFIX}"/var - --runstatedir="${EPREFIX}"/run - --sbindir="${EPREFIX}"/usr/sbin - --with-pid-path="${EPREFIX}"/run - --with-plugin-path="${EPREFIX}"/usr/$(get_libdir)/sssd - --enable-pammoddir="${EPREFIX}"/$(getpam_mod_dir) - --with-ldb-lib-dir="${EPREFIX}"/usr/$(get_libdir)/samba/ldb - --with-db-path="${EPREFIX}"/var/lib/sss/db - --with-gpo-cache-path="${EPREFIX}"/var/lib/sss/gpo_cache - --with-pubconf-path="${EPREFIX}"/var/lib/sss/pubconf - --with-pipe-path="${EPREFIX}"/var/lib/sss/pipes - --with-mcache-path="${EPREFIX}"/var/lib/sss/mc - --with-secrets-db-path="${EPREFIX}"/var/lib/sss/secrets - --with-log-path="${EPREFIX}"/var/log/sssd - --with-kcm - --enable-kcm-renewal - --with-os=gentoo - --disable-rpath - --disable-static - # Valgrind is only used for tests - --disable-valgrind - $(use_with samba) - --with-smb-idmap-interface-version=6 - $(multilib_native_use_enable acl cifs-idmap-plugin) - $(multilib_native_use_with selinux) - $(multilib_native_use_with selinux semanage) - --enable-krb5-locator-plugin - $(use_enable samba pac-responder) - $(multilib_native_use_with nfsv4 nfsv4-idmapd-plugin) - $(use_enable nls) - $(multilib_native_use_with netlink libnl) - $(multilib_native_use_with man manpages) - $(multilib_native_use_with sudo) - $(multilib_native_with autofs) - $(multilib_native_with ssh) - --without-oidc-child - --without-passkey - $(use_with subid) - $(use_enable systemtap) - --without-python2-bindings - $(multilib_native_use_with python python3-bindings) - # Annoyingly configure requires that you pick systemd XOR sysv - --with-initscript=$(usex systemd systemd sysv) - KRB5_CONFIG="${ESYSROOT}"/usr/bin/krb5-config - # Needed for Samba 4.21 - CPPFLAGS="${CPPFLAGS} -I${ESYSROOT}/usr/include/samba-4.0" - ) - - use systemd && myconf+=( - --with-systemdunitdir=$(systemd_get_systemunitdir) - ) - - if ! multilib_is_native_abi; then - # work-around all the libraries that are used for CLI and server - myconf+=( - {POPT,TALLOC,TDB,TEVENT,LDB}_{CFLAGS,LIBS}=' ' - # ldb headers are fine since native needs it - # ldb lib fails... but it does not seem to bother - {DHASH,UNISTRING,INI_CONFIG_V{0,1,1_1,1_3}}_{CFLAGS,LIBS}=' ' - {PCRE,CARES,SYSTEMD_LOGIN,SASL,DBUS,CRYPTO,P11_KIT}_{CFLAGS,LIBS}=' ' - {NDR_NBT,SAMBA_UTIL,SMBCLIENT,NDR_KRB5PAC,JANSSON}_{CFLAGS,LIBS}=' ' - - # use native include path for dbus (needed for build) - DBUS_CFLAGS="${native_dbus_cflags}" - - # non-pkgconfig checks - ac_cv_lib_ldap_ldap_search=yes - --without-kcm - --without-manpages - ) - fi - - econf "${myconf[@]}" -} - -multilib_src_compile() { - if multilib_is_native_abi; then - default - use doc && emake docs - else - emake libnss_sss.la pam_sss.la pam_sss_gss.la - emake sssd_krb5_locator_plugin.la - use samba && emake sssd_pac_plugin.la - fi -} - -multilib_src_test() { - if multilib_is_native_abi; then - local -x CK_TIMEOUT_MULTIPLIER=10 - emake check VERBOSE=yes - fi -} - -multilib_src_install() { - if multilib_is_native_abi; then - emake -j1 DESTDIR="${D}" install - if use python; then - python_fix_shebang "${ED}" - python_optimize - fi - else - # easier than playing with automake... - dopammod .libs/pam_sss.so - dopammod .libs/pam_sss_gss.so - - into / - dolib.so .libs/libnss_sss.so* - - exeinto /usr/$(get_libdir)/krb5/plugins/libkrb5 - doexe .libs/sssd_krb5_locator_plugin.so - - if use samba; then - exeinto /usr/$(get_libdir)/krb5/plugins/authdata - doexe .libs/sssd_pac_plugin.so - fi - fi -} - -multilib_src_install_all() { - einstalldocs - - insinto /etc/sssd - insopts -m600 - doins src/examples/sssd-example.conf - - insinto /etc/logrotate.d - insopts -m644 - newins src/examples/logrotate sssd - - newconfd "${FILESDIR}"/sssd.conf sssd - - keepdir /var/lib/sss/db - keepdir /var/lib/sss/deskprofile - keepdir /var/lib/sss/gpo_cache - keepdir /var/lib/sss/keytabs - keepdir /var/lib/sss/mc - keepdir /var/lib/sss/pipes/private - keepdir /var/lib/sss/pubconf/krb5.include.d - keepdir /var/lib/sss/secrets - keepdir /var/log/sssd - - # strip empty dirs - if ! use doc; then - rm -r "${ED}"/usr/share/doc/"${PF}"/doc || die - rm -r "${ED}"/usr/share/doc/"${PF}"/{hbac,idmap,nss_idmap}_doc || die - fi - - rm -r "${ED}"/run || die - find "${ED}" -type f -name '*.la' -delete || die -} - -pkg_postinst() { - elog "You must set up sssd.conf (default installed into /etc/sssd)" - elog "and (optionally) configuration in /etc/pam.d in order to use SSSD" - elog "features." - optfeature "Kerberos keytab renew (see krb5_renew_interval)" app-crypt/adcli -} diff --git a/sys-auth/sssd/sssd-2.9.5.ebuild b/sys-auth/sssd/sssd-2.9.5.ebuild deleted file mode 100644 index 995e823a05e9..000000000000 --- a/sys-auth/sssd/sssd-2.9.5.ebuild +++ /dev/null @@ -1,333 +0,0 @@ -# Copyright 1999-2024 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -PLOCALES="ca de es fr ja ko pt_BR ru sv tr uk" -PLOCALES_BIN="${PLOCALES} bg cs eu fi hu id it ka nb nl pl pt tg zh_TW zh_CN" -PLOCALE_BACKUP="sv" -PYTHON_COMPAT=( python3_{10..12} ) - -inherit autotools linux-info multilib-minimal optfeature plocale \ - python-single-r1 pam systemd toolchain-funcs - -DESCRIPTION="System Security Services Daemon provides access to identity and authentication" -HOMEPAGE="https://github.com/SSSD/sssd" -if [[ ${PV} != 9999 ]]; then - SRC_URI="https://github.com/SSSD/sssd/releases/download/${PV}/${P}.tar.gz" - KEYWORDS="amd64 ~arm ~arm64 ~hppa ~m68k ~mips ~ppc ~ppc64 ~riscv ~sparc x86" -else - inherit git-r3 - EGIT_REPO_URI="https://github.com/SSSD/sssd.git" - EGIT_BRANCH="master" -fi - -LICENSE="GPL-3" -SLOT="0" -IUSE="acl doc +netlink nfsv4 nls +man python samba selinux subid sudo systemd systemtap test" -REQUIRED_USE=" - python? ( ${PYTHON_REQUIRED_USE} ) - test? ( sudo )" -RESTRICT="!test? ( test )" - -DEPEND=" - >=app-crypt/mit-krb5-1.19.1[${MULTILIB_USEDEP}] - app-crypt/p11-kit - >=dev-libs/ding-libs-0.2 - >=dev-libs/cyrus-sasl-2.1.25-r3[kerberos] - dev-libs/jansson:= - dev-libs/libpcre2:= - dev-libs/libunistring:= - >=dev-libs/popt-1.16 - >=dev-libs/openssl-1.0.2:= - >=net-dns/bind-tools-9.9[gssapi] - >=net-dns/c-ares-1.10.0-r1:=[${MULTILIB_USEDEP}] - >=net-nds/openldap-2.4.30:=[sasl,experimental] - >=sys-apps/dbus-1.6 - >=sys-apps/keyutils-1.5:= - >=sys-libs/pam-0-r1[${MULTILIB_USEDEP}] - >=sys-libs/talloc-2.0.7 - >=sys-libs/tdb-1.2.9 - >=sys-libs/tevent-0.9.16 - >=sys-libs/ldb-1.1.17-r1:= - virtual/libintl - acl? ( net-fs/cifs-utils[acl] ) - netlink? ( dev-libs/libnl:3 ) - nfsv4? ( >=net-fs/nfs-utils-2.3.1-r2 ) - nls? ( >=sys-devel/gettext-0.18 ) - python? ( - ${PYTHON_DEPS} - systemd? ( - $(python_gen_cond_dep ' - dev-python/python-systemd[${PYTHON_USEDEP}] - ') - ) - ) - samba? ( >=net-fs/samba-4.10.2[winbind] ) - selinux? ( - >=sys-libs/libselinux-2.1.9 - >=sys-libs/libsemanage-2.1 - ) - subid? ( >=sys-apps/shadow-4.9 ) - systemd? ( - sys-apps/systemd:= - sys-apps/util-linux - ) - systemtap? ( dev-debug/systemtap )" -RDEPEND="${DEPEND} - selinux? ( >=sec-policy/selinux-sssd-2.20120725-r9 )" -BDEPEND=" - virtual/pkgconfig - ${PYTHON_DEPS} - doc? ( app-text/doxygen ) - man? ( - app-text/docbook-xml-dtd:4.4 - >=dev-libs/libxslt-1.1.26 - nls? ( app-text/po4a ) - ) - nls? ( sys-devel/gettext ) - test? ( - dev-libs/check - dev-libs/softhsm:2 - dev-util/cmocka - net-libs/gnutls[pkcs11,tools] - sys-libs/libfaketime - sys-libs/nss_wrapper - sys-libs/pam_wrapper - sys-libs/uid_wrapper - ) -" - -CONFIG_CHECK="~KEYS" - -PATCHES=( - "${FILESDIR}/${PN}-2.8.2-krb5_pw_locked.patch" - "${FILESDIR}/${PN}-2.9.1-conditional-python-install.patch" -) - -MULTILIB_WRAPPED_HEADERS=( - /usr/include/ipa_hbac.h - /usr/include/sss_idmap.h - /usr/include/sss_nss_idmap.h - # --with-ifp - /usr/include/sss_sifp.h - /usr/include/sss_sifp_dbus.h - # from 1.15.3 - /usr/include/sss_certmap.h -) - -pkg_setup() { - linux-info_pkg_setup - python-single-r1_pkg_setup -} - -src_prepare() { - default - - plocale_get_locales > src/man/po/LINGUAS || die - - sed -i \ - -e "/_langs]/ s/ .*//" \ - src/man/po/po4a.cfg \ - || die - enable_locale() { - local locale=${1} - - sed -i \ - -e "/_langs]/ s/$/ ${locale}/" \ - src/man/po/po4a.cfg \ - || die - } - - plocale_for_each_locale enable_locale - - PLOCALES="${PLOCALES_BIN}" - plocale_get_locales > po/LINGUAS || die - - sed -i \ - -e 's:/var/run:/run:' \ - src/examples/logrotate \ - || die - - # disable flaky test, see https://github.com/SSSD/sssd/issues/5631 - sed -i \ - -e '/^\s*pam-srv-tests[ \\]*$/d' \ - Makefile.am \ - || die - - eautoreconf - - multilib_copy_sources -} - -src_configure() { - local native_dbus_cflags=$($(tc-getPKG_CONFIG) --cflags dbus-1 || die) - - # Workaround for bug #938302 - if use systemtap && has_version "dev-debug/systemtap[-dtrace-symlink(+)]" ; then - export DTRACE="${BROOT}"/usr/bin/stap-dtrace - fi - - multilib-minimal_src_configure -} - -multilib_src_configure() { - local myconf=() - - myconf+=( - --libexecdir="${EPREFIX}"/usr/libexec - --localstatedir="${EPREFIX}"/var - --runstatedir="${EPREFIX}"/run - --sbindir="${EPREFIX}"/usr/sbin - --with-pid-path="${EPREFIX}"/run - --with-plugin-path="${EPREFIX}"/usr/$(get_libdir)/sssd - --enable-pammoddir="${EPREFIX}"/$(getpam_mod_dir) - --with-ldb-lib-dir="${EPREFIX}"/usr/$(get_libdir)/samba/ldb - --with-db-path="${EPREFIX}"/var/lib/sss/db - --with-gpo-cache-path="${EPREFIX}"/var/lib/sss/gpo_cache - --with-pubconf-path="${EPREFIX}"/var/lib/sss/pubconf - --with-pipe-path="${EPREFIX}"/var/lib/sss/pipes - --with-mcache-path="${EPREFIX}"/var/lib/sss/mc - --with-secrets-db-path="${EPREFIX}"/var/lib/sss/secrets - --with-log-path="${EPREFIX}"/var/log/sssd - --with-kcm - --enable-kcm-renewal - --with-os=gentoo - --disable-rpath - --disable-static - # Valgrind is only used for tests - --disable-valgrind - $(use_with samba) - --with-smb-idmap-interface-version=6 - $(multilib_native_use_enable acl cifs-idmap-plugin) - $(multilib_native_use_with selinux) - $(multilib_native_use_with selinux semanage) - --enable-krb5-locator-plugin - $(use_enable samba pac-responder) - $(multilib_native_use_with nfsv4 nfsv4-idmapd-plugin) - $(use_enable nls) - $(multilib_native_use_with netlink libnl) - $(multilib_native_use_with man manpages) - $(multilib_native_use_with sudo) - $(multilib_native_with autofs) - $(multilib_native_with ssh) - --without-oidc-child - --without-passkey - $(use_with subid) - $(use_enable systemtap) - --without-python2-bindings - $(multilib_native_use_with python python3-bindings) - # Annoyingly configure requires that you pick systemd XOR sysv - --with-initscript=$(usex systemd systemd sysv) - KRB5_CONFIG="${ESYSROOT}"/usr/bin/krb5-config - ) - - use systemd && myconf+=( - --with-systemdunitdir=$(systemd_get_systemunitdir) - ) - - if ! multilib_is_native_abi; then - # work-around all the libraries that are used for CLI and server - myconf+=( - {POPT,TALLOC,TDB,TEVENT,LDB}_{CFLAGS,LIBS}=' ' - # ldb headers are fine since native needs it - # ldb lib fails... but it does not seem to bother - {DHASH,UNISTRING,INI_CONFIG_V{0,1,1_1,1_3}}_{CFLAGS,LIBS}=' ' - {PCRE,CARES,SYSTEMD_LOGIN,SASL,DBUS,CRYPTO,P11_KIT}_{CFLAGS,LIBS}=' ' - {NDR_NBT,SAMBA_UTIL,SMBCLIENT,NDR_KRB5PAC,JANSSON}_{CFLAGS,LIBS}=' ' - - # use native include path for dbus (needed for build) - DBUS_CFLAGS="${native_dbus_cflags}" - - # non-pkgconfig checks - ac_cv_lib_ldap_ldap_search=yes - --without-kcm - --without-manpages - ) - fi - - econf "${myconf[@]}" -} - -multilib_src_compile() { - if multilib_is_native_abi; then - default - use doc && emake docs - else - emake libnss_sss.la pam_sss.la pam_sss_gss.la - emake sssd_krb5_locator_plugin.la - use samba && emake sssd_pac_plugin.la - fi -} - -multilib_src_test() { - if multilib_is_native_abi; then - local -x CK_TIMEOUT_MULTIPLIER=10 - emake check VERBOSE=yes - fi -} - -multilib_src_install() { - if multilib_is_native_abi; then - emake -j1 DESTDIR="${D}" install - if use python; then - python_fix_shebang "${ED}" - python_optimize - fi - else - # easier than playing with automake... - dopammod .libs/pam_sss.so - dopammod .libs/pam_sss_gss.so - - into / - dolib.so .libs/libnss_sss.so* - - exeinto /usr/$(get_libdir)/krb5/plugins/libkrb5 - doexe .libs/sssd_krb5_locator_plugin.so - - if use samba; then - exeinto /usr/$(get_libdir)/krb5/plugins/authdata - doexe .libs/sssd_pac_plugin.so - fi - fi -} - -multilib_src_install_all() { - einstalldocs - - insinto /etc/sssd - insopts -m600 - doins src/examples/sssd-example.conf - - insinto /etc/logrotate.d - insopts -m644 - newins src/examples/logrotate sssd - - newconfd "${FILESDIR}"/sssd.conf sssd - - keepdir /var/lib/sss/db - keepdir /var/lib/sss/deskprofile - keepdir /var/lib/sss/gpo_cache - keepdir /var/lib/sss/keytabs - keepdir /var/lib/sss/mc - keepdir /var/lib/sss/pipes/private - keepdir /var/lib/sss/pubconf/krb5.include.d - keepdir /var/lib/sss/secrets - keepdir /var/log/sssd - - # strip empty dirs - if ! use doc; then - rm -r "${ED}"/usr/share/doc/"${PF}"/doc || die - rm -r "${ED}"/usr/share/doc/"${PF}"/{hbac,idmap,nss_idmap}_doc || die - fi - - rm -r "${ED}"/run || die - find "${ED}" -type f -name '*.la' -delete || die -} - -pkg_postinst() { - elog "You must set up sssd.conf (default installed into /etc/sssd)" - elog "and (optionally) configuration in /etc/pam.d in order to use SSSD" - elog "features." - optfeature "Kerberos keytab renew (see krb5_renew_interval)" app-crypt/adcli -} diff --git a/sys-auth/sssd/sssd-2.9.6.ebuild b/sys-auth/sssd/sssd-2.9.6-r2.ebuild index be94832ca597..5b1d34ca1b66 100644 --- a/sys-auth/sssd/sssd-2.9.6.ebuild +++ b/sys-auth/sssd/sssd-2.9.6-r2.ebuild @@ -6,7 +6,7 @@ EAPI=8 PLOCALES="ca de es fr ja ko pt_BR ru sv tr uk" PLOCALES_BIN="${PLOCALES} bg cs eu fi hu id it ka nb nl pl pt tg zh_TW zh_CN" PLOCALE_BACKUP="sv" -PYTHON_COMPAT=( python3_{10..12} ) +PYTHON_COMPAT=( python3_{10..13} ) inherit autotools linux-info multilib-minimal optfeature plocale \ python-single-r1 pam systemd toolchain-funcs @@ -15,7 +15,7 @@ DESCRIPTION="System Security Services Daemon provides access to identity and aut HOMEPAGE="https://github.com/SSSD/sssd" if [[ ${PV} != 9999 ]]; then SRC_URI="https://github.com/SSSD/sssd/releases/download/${PV}/${P}.tar.gz" - KEYWORDS="amd64 ~arm ~arm64 ~hppa ~m68k ~mips ~ppc ~ppc64 ~riscv ~sparc x86" + KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~m68k ~mips ~ppc ~ppc64 ~riscv ~sparc ~x86" else inherit git-r3 EGIT_REPO_URI="https://github.com/SSSD/sssd.git" @@ -24,8 +24,8 @@ fi LICENSE="GPL-3" SLOT="0" -IUSE="acl doc +netlink nfsv4 nls passkey samba selinux systemd systemtap test" -REQUIRED_USE="( ${PYTHON_REQUIRED_USE} )" +IUSE="acl doc +netlink nfsv4 nls passkey python samba selinux systemd systemtap test" +REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )" RESTRICT="!test? ( test )" DEPEND=" @@ -49,12 +49,19 @@ DEPEND=" >=sys-libs/tevent-0.9.16 virtual/ldb:= virtual/libintl - ${PYTHON_DEPS} acl? ( net-fs/cifs-utils[acl] ) netlink? ( dev-libs/libnl:3 ) nfsv4? ( >=net-fs/nfs-utils-2.3.1-r2 ) nls? ( >=sys-devel/gettext-0.18 ) passkey? ( dev-libs/libfido2:= ) + python? ( + ${PYTHON_DEPS} + systemd? ( + $(python_gen_cond_dep ' + dev-python/python-systemd[${PYTHON_USEDEP}] + ') + ) + ) samba? ( >=net-fs/samba-4.10.2[winbind] ) selinux? ( >=sys-libs/libselinux-2.1.9 @@ -63,14 +70,13 @@ DEPEND=" systemd? ( sys-apps/systemd:= sys-apps/util-linux - $(python_gen_cond_dep ' - dev-python/python-systemd[${PYTHON_USEDEP}] - ') ) systemtap? ( dev-debug/systemtap )" RDEPEND="${DEPEND} passkey? ( sys-apps/pcsc-lite[policykit] ) selinux? ( >=sec-policy/selinux-sssd-2.20120725-r9 )" +DEPEND+=" + sys-apps/shadow" BDEPEND=" virtual/pkgconfig app-text/docbook-xml-dtd:4.4 @@ -95,6 +101,7 @@ CONFIG_CHECK="~KEYS" PATCHES=( "${FILESDIR}/${PN}-2.8.2-krb5_pw_locked.patch" + "${FILESDIR}/${PN}-2.9.6-conditional-python-install.patch" ) MULTILIB_WRAPPED_HEADERS=( @@ -208,7 +215,7 @@ multilib_src_configure() { --with-subid $(use_enable systemtap) --without-python2-bindings - $(multilib_native_with python3-bindings) + $(multilib_native_use_with python python3-bindings) # Annoyingly configure requires that you pick systemd XOR sysv --with-initscript=$(usex systemd systemd sysv) KRB5_CONFIG="${ESYSROOT}"/usr/bin/krb5-config @@ -264,8 +271,10 @@ multilib_src_test() { multilib_src_install() { if multilib_is_native_abi; then emake -j1 DESTDIR="${D}" install - python_fix_shebang "${ED}" - python_optimize + if use python; then + python_fix_shebang "${ED}" + python_optimize + fi else # easier than playing with automake... dopammod .libs/pam_sss.so @@ -321,5 +330,11 @@ pkg_postinst() { elog "You must set up sssd.conf (default installed into /etc/sssd)" elog "and (optionally) configuration in /etc/pam.d in order to use SSSD" elog "features." + echo optfeature "Kerberos keytab renew (see krb5_renew_interval)" app-crypt/adcli + + if ! use python; then + echo + ewarn "sssctl analyze will not work because the python USE flag is disabled." + fi } |