From 401101f9c8077911929d3f2b60a37098460a5d89 Mon Sep 17 00:00:00 2001
From: V3n3RiX <venerix@koprulu.sector>
Date: Thu, 24 Mar 2022 23:59:54 +0000
Subject: gentoo resync : 25.03.2022
---
sys-auth/AusweisApp2/AusweisApp2-1.22.3.ebuild | 48 ----
sys-auth/AusweisApp2/AusweisApp2-1.22.4.ebuild | 2 +-
sys-auth/AusweisApp2/Manifest | 4 +-
sys-auth/Manifest.gz | Bin 9421 -> 9425 bytes
sys-auth/nss-pam-ldapd/Manifest | 2 +-
.../nss-pam-ldapd/nss-pam-ldapd-0.9.12-r1.ebuild | 171 ++++++++++++
sys-auth/nss-pam-ldapd/nss-pam-ldapd-0.9.12.ebuild | 171 ------------
sys-auth/nss_ldap/Manifest | 2 +-
sys-auth/nss_ldap/nss_ldap-265-r10.ebuild | 148 ----------
sys-auth/nss_ldap/nss_ldap-265-r11.ebuild | 148 ++++++++++
sys-auth/pam_ldap/Manifest | 2 +-
sys-auth/pam_ldap/pam_ldap-186-r3.ebuild | 51 ----
sys-auth/pam_ldap/pam_ldap-186-r4.ebuild | 51 ++++
sys-auth/pam_yubico/Manifest | 2 +-
sys-auth/pam_yubico/pam_yubico-2.26-r1.ebuild | 42 +++
sys-auth/pam_yubico/pam_yubico-2.26.ebuild | 42 ---
sys-auth/sssd/Manifest | 6 +-
sys-auth/sssd/sssd-2.3.1-r2.ebuild | 288 --------------------
sys-auth/sssd/sssd-2.3.1-r3.ebuild | 288 ++++++++++++++++++++
sys-auth/sssd/sssd-2.5.2-r2.ebuild | 303 ---------------------
sys-auth/sssd/sssd-2.5.2-r3.ebuild | 303 +++++++++++++++++++++
sys-auth/sssd/sssd-2.6.0-r1.ebuild | 291 --------------------
sys-auth/sssd/sssd-2.6.0-r2.ebuild | 291 ++++++++++++++++++++
23 files changed, 1303 insertions(+), 1353 deletions(-)
delete mode 100644 sys-auth/AusweisApp2/AusweisApp2-1.22.3.ebuild
create mode 100644 sys-auth/nss-pam-ldapd/nss-pam-ldapd-0.9.12-r1.ebuild
delete mode 100644 sys-auth/nss-pam-ldapd/nss-pam-ldapd-0.9.12.ebuild
delete mode 100644 sys-auth/nss_ldap/nss_ldap-265-r10.ebuild
create mode 100644 sys-auth/nss_ldap/nss_ldap-265-r11.ebuild
delete mode 100644 sys-auth/pam_ldap/pam_ldap-186-r3.ebuild
create mode 100644 sys-auth/pam_ldap/pam_ldap-186-r4.ebuild
create mode 100644 sys-auth/pam_yubico/pam_yubico-2.26-r1.ebuild
delete mode 100644 sys-auth/pam_yubico/pam_yubico-2.26.ebuild
delete mode 100644 sys-auth/sssd/sssd-2.3.1-r2.ebuild
create mode 100644 sys-auth/sssd/sssd-2.3.1-r3.ebuild
delete mode 100644 sys-auth/sssd/sssd-2.5.2-r2.ebuild
create mode 100644 sys-auth/sssd/sssd-2.5.2-r3.ebuild
delete mode 100644 sys-auth/sssd/sssd-2.6.0-r1.ebuild
create mode 100644 sys-auth/sssd/sssd-2.6.0-r2.ebuild
(limited to 'sys-auth')
diff --git a/sys-auth/AusweisApp2/AusweisApp2-1.22.3.ebuild b/sys-auth/AusweisApp2/AusweisApp2-1.22.3.ebuild
deleted file mode 100644
index c73e5792cc88..000000000000
--- a/sys-auth/AusweisApp2/AusweisApp2-1.22.3.ebuild
+++ /dev/null
@@ -1,48 +0,0 @@
-# Copyright 2020-2022 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-inherit cmake xdg-utils
-
-DESCRIPTION="Official authentication app for German ID cards and residence permits"
-HOMEPAGE="https://www.ausweisapp.bund.de/"
-SRC_URI="https://github.com/Governikus/${PN}/archive/${PV}.tar.gz -> ${P}.tar.gz"
-
-LICENSE="EUPL-1.2"
-SLOT="0"
-KEYWORDS="amd64 x86"
-
-BDEPEND="
- dev-qt/linguist-tools:5
- virtual/pkgconfig"
-
-RDEPEND="
- dev-libs/openssl:0=
- dev-qt/qtconcurrent:5
- dev-qt/qtcore:5
- dev-qt/qtdeclarative:5
- dev-qt/qtgui:5
- dev-qt/qtnetwork:5
- dev-qt/qtquickcontrols2:5
- dev-qt/qtsvg:5
- dev-qt/qtwebsockets:5[qml]
- dev-qt/qtwidgets:5
- net-libs/http-parser:0=
- sys-apps/pcsc-lite
- virtual/udev"
-
-DEPEND="${RDEPEND}"
-
-src_configure() {
- local mycmakeargs=( -DBUILD_SHARED_LIBS=OFF )
- cmake_src_configure
-}
-
-pkg_postinst() {
- xdg_icon_cache_update
-}
-
-pkg_postrm() {
- xdg_icon_cache_update
-}
diff --git a/sys-auth/AusweisApp2/AusweisApp2-1.22.4.ebuild b/sys-auth/AusweisApp2/AusweisApp2-1.22.4.ebuild
index fd2f4d5730d0..c73e5792cc88 100644
--- a/sys-auth/AusweisApp2/AusweisApp2-1.22.4.ebuild
+++ b/sys-auth/AusweisApp2/AusweisApp2-1.22.4.ebuild
@@ -11,7 +11,7 @@ SRC_URI="https://github.com/Governikus/${PN}/archive/${PV}.tar.gz -> ${P}.tar.gz
LICENSE="EUPL-1.2"
SLOT="0"
-KEYWORDS="~amd64 ~x86"
+KEYWORDS="amd64 x86"
BDEPEND="
dev-qt/linguist-tools:5
diff --git a/sys-auth/AusweisApp2/Manifest b/sys-auth/AusweisApp2/Manifest
index fca97de86ad6..55dadeb55e1a 100644
--- a/sys-auth/AusweisApp2/Manifest
+++ b/sys-auth/AusweisApp2/Manifest
@@ -1,6 +1,4 @@
-DIST AusweisApp2-1.22.3.tar.gz 10970793 BLAKE2B d6b3b3fb0005715150557f30a45002a90fc303c74706dc5714a1de239fb19a22552905aa9490f8c55cccc2d99eb46d077d424886eadcbb3d2574cdeb3f472ba2 SHA512 a8f654e66a47bb93116dfbe7941917f483c651deb947b8e4d287888d999551bc781e105b1cbf5d4445aa2241af542342f8c0f4edef7a4470a5366561f6f74b7a
DIST AusweisApp2-1.22.4.tar.gz 10972798 BLAKE2B 7d613e9729a9c13fc56945bc432f2daf1a40fbc795829bbb51caaf4c895b3a4b2b8dc5528f68df0f0d60a3ec2d78cd72e767ec5430804da2a4759349fbf4d520 SHA512 88f66873cc1515ab068cfd48ab7f8477c17743cb3f9114a6a1484371d0faeb24492d1f6c0652800d3640cc9b5768568f578de5da1c43691347e32c1a34a49d12
-EBUILD AusweisApp2-1.22.3.ebuild 930 BLAKE2B 3a35bf075945e93c225a1a549db867744cac21a06c84ebd962c44ed80e16ef4ddeda6732d51d3f2164ec726b647097aaaa0e639f8051d61485021a6ebf028be6 SHA512 8db7d6bfd148a053313584f7f13766a018902047816e413ca281fa5d2c3f0dc169139bbdb4dd649d649c7618a9710fcec767d2a80746a89b03713c65a16d18e0
-EBUILD AusweisApp2-1.22.4.ebuild 932 BLAKE2B 788d3c3dd3f87cb286a10625d1cddd2537876a3d78720f81abe770e8a28c767496c1f2a912304c2ae92db4c7ec809e5445e850fa82efa6ebe47637d90a5737fa SHA512 d0a449d2f34d9c671f0f41de39f27159e7a6b73f727177b163b0eff70e302c7aee3e133f3e23b7a6ec90e4d42989b6e90b2881c9c7817df09f414bb38ba81d65
+EBUILD AusweisApp2-1.22.4.ebuild 930 BLAKE2B 3a35bf075945e93c225a1a549db867744cac21a06c84ebd962c44ed80e16ef4ddeda6732d51d3f2164ec726b647097aaaa0e639f8051d61485021a6ebf028be6 SHA512 8db7d6bfd148a053313584f7f13766a018902047816e413ca281fa5d2c3f0dc169139bbdb4dd649d649c7618a9710fcec767d2a80746a89b03713c65a16d18e0
EBUILD AusweisApp2-9999.ebuild 896 BLAKE2B a283585d7f09d304017e9f80f3e081fa96787d702e919aa9f9bcd229078b6d17a9eb3dfeb8782f8011530a6cd8a3ab72be12c88251d4675c1924dea66a77672c SHA512 f361e420657a46e8234517d204548fb69b14bc367be38aa1f85b411bdcd53fdb6dc7a6b3807cf22376f82abc076181965d633b50e4b01a5a7a1032bbf45c0165
MISC metadata.xml 338 BLAKE2B cc2c3169dbe9280f8ab769c2c2c38a691d0af53999169948243cca1200c2a6ef8bb2f97dcc0e8dcbd709f3660fa262bf5279d3acce525baefe91951f91f1eca7 SHA512 db2026e39095afa71c7431290d8032fb6cdf70138beb14ae5cc20f4c5d03a0fa334cd769c14fe1085520b8631947c35c654bbd686ccc2e60a308d19ef6eb9e83
diff --git a/sys-auth/Manifest.gz b/sys-auth/Manifest.gz
index f1536df11dcc..2856319a7889 100644
Binary files a/sys-auth/Manifest.gz and b/sys-auth/Manifest.gz differ
diff --git a/sys-auth/nss-pam-ldapd/Manifest b/sys-auth/nss-pam-ldapd/Manifest
index 50b201da876f..b19f6224f65c 100644
--- a/sys-auth/nss-pam-ldapd/Manifest
+++ b/sys-auth/nss-pam-ldapd/Manifest
@@ -9,5 +9,5 @@ AUX nss-pam-ldapd-0.9.11-use-mkstemp.patch 789 BLAKE2B da9525e66873be615cfe90f6a
AUX nss-pam-ldapd-0.9.4-disable-py3-only-linters.patch 403 BLAKE2B 2e17a92b3650ce4e6627be7ddb2f656cd9ab53e49d7e2b11d078dac0d7a00015d88d861bfdc1378eb25c1b9750ed3811023cc95b04ccf9d028ffc5899dc01cd5 SHA512 c8cccb044a641f673f12db9717bda4c0c4d91bd1933342595d8f3f540449459c5cf14263133487195b223670d450873f608e3ce5b6f1ca775ca7fe0180a9f962
AUX pynslcd.init 515 BLAKE2B 711ba152ea9cc52198171e451889ab42a224581bae7e4378846f480063ed9a672fdb38b153d6941364d3d06e325d9feb95f6fd17885b4e6181d99393cb54de0a SHA512 56334d86cc027e538d8a0bf9a8b87308e3ae6e91be608a4a630f21c57cc41b6cb5dc6fb3220fed1ca555dd4da6a5c7c10b2776f9e49a7b71a96ece21fc65fed7
DIST nss-pam-ldapd-0.9.12.tar.gz 791983 BLAKE2B af580d400230db709f7ac09720edd6127b3b26c6987d1e8f6d6535ad8e68fd8cb5cf2a3319e4456fb2af28aba6528f7a5cdc28463ccfee747dbbf6abc35eee87 SHA512 5eca4851a9bcb2779548d193a363a143d6106bfc6463b8d3f0c2d5d7d227ec1e680861383d4813f40b44d1be2ce5f7ed019d838f7f6796e15f96f7411d3bb8f6
-EBUILD nss-pam-ldapd-0.9.12.ebuild 4484 BLAKE2B 5cfd1eb115e3e25bffcdeef08a8b334896d8f2e492d8de397176fca1bf9ab469d7f1a23080d6cf620f3ba9d0c238805c5d4e1c82668c8608a5d48a318ed8a601 SHA512 fba3cf79f08c1d6c2a6c80320b01d5b9ec5bb4ce0ac17d6175a5fe34fcee698d6b8f87250f36f75edaba24f4e15d632c439ead4bfec14760c343f42e0527d22e
+EBUILD nss-pam-ldapd-0.9.12-r1.ebuild 4486 BLAKE2B 47fd337e4c8954496d395ece1aff0e65b6ebe07b45088cf17284500e2f3e4224d4587961af7fb0b177ff4362ee7611f499f283f5fda61c034c91220330c73938 SHA512 69df8cd7b7987f60006093725307b0839176e6786ca63faa8f3397da42a39a87ce3118b08347c97e09f121e19412323efb54a79738e4407647ac1700995ecf4d
MISC metadata.xml 1170 BLAKE2B 5c121a0afae864d757fda18c8546e494804c9b9d6a7d6fe2ad485b6a7bb2ed291776063407721222fa765251c9ca4d945740e8a0aa53da670747fb35cf1b8f9e SHA512 ba534679ae3b983a9b143530112f6495a4a4b5b82077095b3cc62965c1cf808c7a2d098410c00bee195112c5e7ff3afe4b368fa9a1662ce22cf48634229df7cf
diff --git a/sys-auth/nss-pam-ldapd/nss-pam-ldapd-0.9.12-r1.ebuild b/sys-auth/nss-pam-ldapd/nss-pam-ldapd-0.9.12-r1.ebuild
new file mode 100644
index 000000000000..88f0e013b023
--- /dev/null
+++ b/sys-auth/nss-pam-ldapd/nss-pam-ldapd-0.9.12-r1.ebuild
@@ -0,0 +1,171 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+PYTHON_COMPAT=( python3_{8..10} )
+inherit prefix python-r1 autotools multilib multilib-minimal systemd s6 tmpfiles
+
+DESCRIPTION="NSS module for name lookups using LDAP"
+HOMEPAGE="https://arthurdejong.org/nss-pam-ldapd/"
+SRC_URI="https://arthurdejong.org/${PN}/${P}.tar.gz"
+
+LICENSE="LGPL-2.1"
+SLOT="0"
+KEYWORDS="amd64 x86"
+IUSE="debug kerberos +pam pynslcd sasl test +utils"
+RESTRICT="!test? ( test )"
+
+COMMON_DEP="
+ acct-group/nslcd
+ acct-user/nslcd
+ net-nds/openldap:=[${MULTILIB_USEDEP}]
+ sasl? ( dev-libs/cyrus-sasl[${MULTILIB_USEDEP}] )
+ kerberos? ( virtual/krb5[${MULTILIB_USEDEP}] )
+ sys-libs/pam[${MULTILIB_USEDEP}]
+ utils? ( ${PYTHON_DEPS} )
+ pynslcd? (
+ dev-python/python-ldap[${PYTHON_USEDEP}]
+ dev-python/python-daemon[${PYTHON_USEDEP}]
+ )
+ !sys-auth/nss_ldap
+ !sys-auth/pam_ldap
+"
+RDEPEND="${COMMON_DEP}"
+DEPEND="${COMMON_DEP}
+ test? (
+ ${PYTHON_DEPS}
+ dev-python/pylint[${PYTHON_USEDEP}]
+ )
+"
+BDEPEND="
+ ${PYTHON_DEPS}
+ sys-devel/automake
+"
+
+REQUIRED_USE="
+ utils? ( ${PYTHON_REQUIRED_USE} )
+ test? ( ${PYTHON_REQUIRED_USE} pynslcd )
+"
+
+PATCHES=(
+ "${FILESDIR}/nss-pam-ldapd-0.9.4-disable-py3-only-linters.patch"
+ "${FILESDIR}/nss-pam-ldapd-0.9.11-use-mkstemp.patch"
+ "${FILESDIR}/nss-pam-ldapd-0.9.11-relative-imports.patch"
+ "${FILESDIR}/nss-pam-ldapd-0.9.11-tests.patch"
+ "${FILESDIR}/nss-pam-ldapd-0.9.11-tests-py39.patch"
+)
+
+src_prepare() {
+ default
+ use utils && python_setup
+ touch pynslcd/__init__.py || die "Could not create __init__.py for pynslcd"
+ mv pynslcd/pynslcd.py pynslcd/main.py || die
+
+ eautoreconf
+}
+
+multilib_src_configure() {
+ local -a myconf=(
+ --disable-utils
+ --enable-warnings
+ --with-ldap-lib=openldap
+ --with-ldap-conf-file=/etc/nslcd.conf
+ --with-nslcd-pidfile=/run/nslcd/nslcd.pid
+ --with-nslcd-socket=/run/nslcd/socket
+ --with-nss-flavour=glibc
+ $(use_enable pynslcd)
+ $(use_enable debug)
+ $(use_enable kerberos)
+ $(use_enable pam)
+ $(use_enable sasl)
+ )
+
+ # nss libraries always go in /lib on Gentoo
+ if multilib_is_native_abi ; then
+ myconf+=("--with-pam-seclib-dir=${EPREFIX}/$(get_libdir)/security")
+ myconf+=("--libdir=${EPREFIX}/$(get_libdir)")
+ else
+ myconf+=("--with-pam-seclib-dir=/$(get_libdir)/security")
+ myconf+=("--libdir=/$(get_libdir)")
+ fi
+
+ ECONF_SOURCE="${S}" econf "${myconf[@]}"
+}
+
+multilib_src_test() {
+ pushd "${BUILD_DIR}" >/dev/null || die
+ ln -s ../pynslcd/constants.py utils/constants.py || die
+ python_foreach_impl python_test
+ popd >/dev/null || die
+}
+
+python_test() {
+ cp -l "${S}"/pynslcd/*.py pynslcd/ || die "Could not copy python files for tests"
+ nonfatal emake check || die "tests failed with ${EPYTHON}"
+}
+
+multilib_src_install_all() {
+ local script
+
+ newinitd "${FILESDIR}"/nslcd.init nslcd
+ s6_install_service nslcd "${FILESDIR}"/nslcd.s6
+
+ insinto /usr/share/nss-pam-ldapd
+ doins "${WORKDIR}/${P}/nslcd.conf"
+
+ fperms o-r /etc/nslcd.conf
+
+ if use utils; then
+ python_moduleinto nslcd
+ python_foreach_impl python_domodule utils/*.py
+
+ for script in chsh getent; do
+ python_foreach_impl python_newscript utils/${script}.py ${script}.ldap
+ done
+ fi
+ if use pynslcd; then
+ rm -rf "${D}"/usr/share/pynslcd
+ python_moduleinto pynslcd
+ python_foreach_impl python_domodule pynslcd/*.py
+ python_scriptinto /usr/sbin
+ python_foreach_impl python_newscript pynslcd/main.py pynslcd
+ newinitd "${FILESDIR}"/pynslcd.init pynslcd
+ fi
+
+ newtmpfiles "${FILESDIR}"/nslcd-tmpfiles.conf nslcd.conf
+ systemd_newunit "${FILESDIR}"/nslcd.service nslcd.service
+}
+
+multilib_src_install() {
+ emake DESTDIR="${D}" install
+
+ if use pynslcd; then
+ python_moduleinto pynslcd
+ python_foreach_impl python_domodule pynslcd/*.py
+ fi
+}
+
+pkg_postinst() {
+ tmpfiles_process nslcd.conf
+
+ echo
+ elog "For this to work you must configure /etc/nslcd.conf"
+ elog "This configuration is similar to pam_ldap's /etc/ldap.conf"
+ echo
+ elog "In order to use nss-pam-ldapd, nslcd needs to be running. You can"
+ elog "start it like this:"
+ elog " # /etc/init.d/nslcd start"
+ echo
+ elog "You can add it to the default runlevel like so:"
+ elog " # rc-update add nslcd default"
+ elog
+ elog "If you have >=sys-apps/openrc-0.16.3, you can also use s6"
+ elog "to supervise this service."
+ elog "To do this, emerge sys-apps/s6 then add nslcd-s6"
+ elog "default runlevel instead of nslcd."
+ elog
+ elog "If you are upgrading, keep in mind that /etc/nss-ldapd.conf"
+ elog " is now named /etc/nslcd.conf"
+ echo
+}
diff --git a/sys-auth/nss-pam-ldapd/nss-pam-ldapd-0.9.12.ebuild b/sys-auth/nss-pam-ldapd/nss-pam-ldapd-0.9.12.ebuild
deleted file mode 100644
index ec02a5427df5..000000000000
--- a/sys-auth/nss-pam-ldapd/nss-pam-ldapd-0.9.12.ebuild
+++ /dev/null
@@ -1,171 +0,0 @@
-# Copyright 1999-2022 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-PYTHON_COMPAT=( python3_{8..10} )
-inherit prefix python-r1 autotools multilib multilib-minimal systemd s6 tmpfiles
-
-DESCRIPTION="NSS module for name lookups using LDAP"
-HOMEPAGE="https://arthurdejong.org/nss-pam-ldapd/"
-SRC_URI="https://arthurdejong.org/${PN}/${P}.tar.gz"
-
-LICENSE="LGPL-2.1"
-SLOT="0"
-KEYWORDS="amd64 x86"
-IUSE="debug kerberos +pam pynslcd sasl test +utils"
-RESTRICT="!test? ( test )"
-
-COMMON_DEP="
- acct-group/nslcd
- acct-user/nslcd
- net-nds/openldap[${MULTILIB_USEDEP}]
- sasl? ( dev-libs/cyrus-sasl[${MULTILIB_USEDEP}] )
- kerberos? ( virtual/krb5[${MULTILIB_USEDEP}] )
- sys-libs/pam[${MULTILIB_USEDEP}]
- utils? ( ${PYTHON_DEPS} )
- pynslcd? (
- dev-python/python-ldap[${PYTHON_USEDEP}]
- dev-python/python-daemon[${PYTHON_USEDEP}]
- )
- !sys-auth/nss_ldap
- !sys-auth/pam_ldap
-"
-RDEPEND="${COMMON_DEP}"
-DEPEND="${COMMON_DEP}
- test? (
- ${PYTHON_DEPS}
- dev-python/pylint[${PYTHON_USEDEP}]
- )
-"
-BDEPEND="
- ${PYTHON_DEPS}
- sys-devel/automake
-"
-
-REQUIRED_USE="
- utils? ( ${PYTHON_REQUIRED_USE} )
- test? ( ${PYTHON_REQUIRED_USE} pynslcd )
-"
-
-PATCHES=(
- "${FILESDIR}/nss-pam-ldapd-0.9.4-disable-py3-only-linters.patch"
- "${FILESDIR}/nss-pam-ldapd-0.9.11-use-mkstemp.patch"
- "${FILESDIR}/nss-pam-ldapd-0.9.11-relative-imports.patch"
- "${FILESDIR}/nss-pam-ldapd-0.9.11-tests.patch"
- "${FILESDIR}/nss-pam-ldapd-0.9.11-tests-py39.patch"
-)
-
-src_prepare() {
- default
- use utils && python_setup
- touch pynslcd/__init__.py || die "Could not create __init__.py for pynslcd"
- mv pynslcd/pynslcd.py pynslcd/main.py || die
-
- eautoreconf
-}
-
-multilib_src_configure() {
- local -a myconf=(
- --disable-utils
- --enable-warnings
- --with-ldap-lib=openldap
- --with-ldap-conf-file=/etc/nslcd.conf
- --with-nslcd-pidfile=/run/nslcd/nslcd.pid
- --with-nslcd-socket=/run/nslcd/socket
- --with-nss-flavour=glibc
- $(use_enable pynslcd)
- $(use_enable debug)
- $(use_enable kerberos)
- $(use_enable pam)
- $(use_enable sasl)
- )
-
- # nss libraries always go in /lib on Gentoo
- if multilib_is_native_abi ; then
- myconf+=("--with-pam-seclib-dir=${EPREFIX}/$(get_libdir)/security")
- myconf+=("--libdir=${EPREFIX}/$(get_libdir)")
- else
- myconf+=("--with-pam-seclib-dir=/$(get_libdir)/security")
- myconf+=("--libdir=/$(get_libdir)")
- fi
-
- ECONF_SOURCE="${S}" econf "${myconf[@]}"
-}
-
-multilib_src_test() {
- pushd "${BUILD_DIR}" >/dev/null || die
- ln -s ../pynslcd/constants.py utils/constants.py || die
- python_foreach_impl python_test
- popd >/dev/null || die
-}
-
-python_test() {
- cp -l "${S}"/pynslcd/*.py pynslcd/ || die "Could not copy python files for tests"
- nonfatal emake check || die "tests failed with ${EPYTHON}"
-}
-
-multilib_src_install_all() {
- local script
-
- newinitd "${FILESDIR}"/nslcd.init nslcd
- s6_install_service nslcd "${FILESDIR}"/nslcd.s6
-
- insinto /usr/share/nss-pam-ldapd
- doins "${WORKDIR}/${P}/nslcd.conf"
-
- fperms o-r /etc/nslcd.conf
-
- if use utils; then
- python_moduleinto nslcd
- python_foreach_impl python_domodule utils/*.py
-
- for script in chsh getent; do
- python_foreach_impl python_newscript utils/${script}.py ${script}.ldap
- done
- fi
- if use pynslcd; then
- rm -rf "${D}"/usr/share/pynslcd
- python_moduleinto pynslcd
- python_foreach_impl python_domodule pynslcd/*.py
- python_scriptinto /usr/sbin
- python_foreach_impl python_newscript pynslcd/main.py pynslcd
- newinitd "${FILESDIR}"/pynslcd.init pynslcd
- fi
-
- newtmpfiles "${FILESDIR}"/nslcd-tmpfiles.conf nslcd.conf
- systemd_newunit "${FILESDIR}"/nslcd.service nslcd.service
-}
-
-multilib_src_install() {
- emake DESTDIR="${D}" install
-
- if use pynslcd; then
- python_moduleinto pynslcd
- python_foreach_impl python_domodule pynslcd/*.py
- fi
-}
-
-pkg_postinst() {
- tmpfiles_process nslcd.conf
-
- echo
- elog "For this to work you must configure /etc/nslcd.conf"
- elog "This configuration is similar to pam_ldap's /etc/ldap.conf"
- echo
- elog "In order to use nss-pam-ldapd, nslcd needs to be running. You can"
- elog "start it like this:"
- elog " # /etc/init.d/nslcd start"
- echo
- elog "You can add it to the default runlevel like so:"
- elog " # rc-update add nslcd default"
- elog
- elog "If you have >=sys-apps/openrc-0.16.3, you can also use s6"
- elog "to supervise this service."
- elog "To do this, emerge sys-apps/s6 then add nslcd-s6"
- elog "default runlevel instead of nslcd."
- elog
- elog "If you are upgrading, keep in mind that /etc/nss-ldapd.conf"
- elog " is now named /etc/nslcd.conf"
- echo
-}
diff --git a/sys-auth/nss_ldap/Manifest b/sys-auth/nss_ldap/Manifest
index 561bb36dfd01..c41f663aa0e6 100644
--- a/sys-auth/nss_ldap/Manifest
+++ b/sys-auth/nss_ldap/Manifest
@@ -9,5 +9,5 @@ AUX nss_ldap-265-r10-libdir.patch 1345 BLAKE2B 7187c42328e8778a19cd7aae58ffd35b7
AUX nss_ldap-265-reconnect-timeouts.patch 2806 BLAKE2B b254a9959892a0a8ecb6e53778c4581f5ce8f9f0b90ceaf7fdb3e08cdc029b3914d9f95a7b65f3f9ceedf6669ae5727d8bc41c7229c567667896b4cb8868b227 SHA512 d9767cfaf32b9041d222c7b313c327a72ac2766d26fed7ce19cc1acff56cf2493d4e1e83b33852083505952f983ba64c00409e3cf09dcbf74676390968dd935b
AUX nsswitch.ldap.diff 575 BLAKE2B 9578535ea6cff87ac21fa8f3a0a1b8d727c657a53318b378dd86b4dded15bac950e241af59b15b6898a1ed089d1c481f0615ca7de3ae4e07a231432920af7b52 SHA512 0d08d4dacea0213714cab864300e625158106245eeb34a7d4b983749dd4fa4156d3f36d6c2dd214efdf80cf926c37657eb00651bceb89907286a3310123399a0
DIST nss_ldap-265.tar.gz 280976 BLAKE2B 31b233ef7680204abfb62408141609b9489e133327c787c59afedd9ac41194189bde26d1f3b0a885622f57ec769ddee2bdf7d274b9584d4d5002d1c016c86892 SHA512 c4584682968861dd5880992fe7d11c6005d94f0c17252ab1cda04380fd7a81b419ba7e87d0efa44c24c5ce5bf76b9fd8331034dddb4f1400f132eb2192472077
-EBUILD nss_ldap-265-r10.ebuild 3795 BLAKE2B 8ae636fa54d11bb1b321b05fb88e5ef9bcc6be4d90eff557e88974ae97e0a244f43d5b0812fe702fb8ff7a315455331c44442dc5c5090e21825ca82edaec5c13 SHA512 3966ae01096249cb073617f8d4291208c6abacf4485c77b4784f16240bc539f0be8a96036b87a2f3fac69bb85cee9ce9ca8269c7ea64c08c14c73e339ee67ddc
+EBUILD nss_ldap-265-r11.ebuild 3798 BLAKE2B 069b93eea00ff89083f2b9d83c7a6312ce2567fc24fc555158d0cfbd2192a4efc297968d5877714137f4340b767fc1cff2f80634333ca538fccb6ae75aea152d SHA512 bb20fc4abd3d381b975ca6b1af06914f768ab7e27914d0872a0242f77888882512dd8ab11636adfbfc267eda0343cf3e890bf7e4ea62e94fb6525aed9cb2cdac
MISC metadata.xml 419 BLAKE2B b1708d1b24c5c8162e16d0ade1f51f8ad05f708082136bb5d5a1a269b1fc264204b166d57c8cb6352dc88b531b6b680391779e84c3e753e95484190b81cc28f2 SHA512 f6105b8fd2a389a0bc691af05cfa3e6043bfd1dbf6323f1c135037e03a27bd5bce6a306a6f54259a2039fdf3173ef0d6757575a0a3843a6c86370cb1dc109600
diff --git a/sys-auth/nss_ldap/nss_ldap-265-r10.ebuild b/sys-auth/nss_ldap/nss_ldap-265-r10.ebuild
deleted file mode 100644
index b082f724c054..000000000000
--- a/sys-auth/nss_ldap/nss_ldap-265-r10.ebuild
+++ /dev/null
@@ -1,148 +0,0 @@
-# Copyright 1999-2022 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-inherit autotools fixheadtails multilib-minimal prefix
-
-DESCRIPTION="NSS LDAP Module"
-HOMEPAGE="http://www.padl.com/OSS/nss_ldap.html"
-SRC_URI="http://www.padl.com/download/${P}.tar.gz"
-
-SLOT="0"
-LICENSE="LGPL-2"
-KEYWORDS="~alpha amd64 arm ~hppa ~ia64 ~mips ~ppc ppc64 sparc x86 ~amd64-linux"
-IUSE="debug kerberos ssl sasl split-usr"
-
-DEPEND="
- >=net-nds/openldap-2.4.38-r1[${MULTILIB_USEDEP}]
- sasl? ( >=dev-libs/cyrus-sasl-2.1.26-r3[${MULTILIB_USEDEP}] )
- kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] )
- ssl? ( >=dev-libs/openssl-1.0.1h-r2:0[${MULTILIB_USEDEP}] )
-"
-RDEPEND="
- ${DEPEND}
- !<net-fs/autofs-4.1.3
-"
-
-src_prepare() {
- default
-
- # Patch is for Prefix
- # eprefixify is safe on non-Prefix systems, so go unconditional
- # Note: comment this out or make it conditional on 'use prefix'
- # if needs rebasing. Don't remove.
- eapply "${FILESDIR}"/${P}-r10-libdir.patch
- eprefixify Makefile.am
-
- # bug 438692
- eapply -p0 "${FILESDIR}"/${P}-pthread.patch
-
- eapply -p0 "${FILESDIR}"/nsswitch.ldap.diff
-
- # Applied by upstream
- #eapply "${FILESDIR}"/${PN}-239-tls-security-bug.patch
-
- eapply -p0 "${FILESDIR}"/${PN}-249-sasl-compile.patch
-
- eapply "${FILESDIR}"/${PN}-265-reconnect-timeouts.patch
-
- # Applied by upstream
- #eapply "${FILESDIR}"/${PN}-254-nss_getgrent_skipmembers.patch
-
- eapply "${FILESDIR}"/${PN}-257-nss_max_group_depth.patch
-
- sed -i.orig \
- -e '/^ @(#)\$Id: ldap.conf,v/s,^,#,' \
- "${S}"/ldap.conf \
- || die
-
- # Fix head/tail stuff
- ht_fix_file "${S}"/Makefile.am "${S}"/Makefile.in "${S}"/depcomp
-
- # Fix build borkage
- local i
- for i in Makefile.{in,am}; do
- sed -i.orig \
- -e '/^install-exec-local: nss_ldap.so/s,nss_ldap.so,,g' \
- "${S}"/$i || die
- done
-
- eapply "${FILESDIR}"/${PN}-257.2-gssapi-headers.patch
-
- # Bug #214750, no automagic deps
- eapply "${FILESDIR}"/${PN}-264-disable-automagic.patch
-
- # Upstream forgets the version number sometimes
- #sed -i \
- # -e "/^AM_INIT_AUTOMAKE/s~2..~$PV~" \
- # "${S}"/configure.in || die
-
- # Include an SONAME
- eapply "${FILESDIR}"/${PN}-254-soname.patch
-
- # Fix broken oneshot connections
- eapply "${FILESDIR}/nss_ldap-265-missing-entries-oneshot.patch"
-
- sed -i \
- -e 's, vers_string , PERL5LIB="@top_srcdir@" @top_srcdir@/vers_string ,g' \
- "${S}"/Makefile.am || die
-
- eautoreconf
-}
-
-multilib_src_configure() {
- local myconf=(
- # --enable-schema-mapping
- --with-ldap-lib=openldap
- --with-ldap-conf-file="${EPREFIX}/etc/ldap.conf"
- --enable-paged-results
- --enable-rfc2307bis
- $(use_enable ssl)
- $(use_enable sasl)
- $(use_enable kerberos krb)
- )
-
- use debug && myconf+=( --enable-debugging )
- use kerberos && myconf+=( --enable-configurable-krb5-ccname-gssapi )
-
- # Neede to be careful with changing this
- # bug #581306
- multilib_is_native_abi && myconf+=( --libdir="${EPREFIX}/$(get_libdir)" )
-
- ECONF_SOURCE=${S} econf "${myconf[@]}"
-}
-
-multilib_src_install() {
- emake -j1 DESTDIR="${D}" \
- LIBDIR_UNPREFIXED="$(get_libdir)" \
- INST_UID=${PORTAGE_USER:-root} \
- INST_GID=${PORTAGE_GROUP:-root} \
- install
-}
-
-multilib_src_install_all() {
- use split-usr &&
- dosym ../../$(get_libdir)/libnss_ldap.so.2 /usr/$(get_libdir)/libnss_ldap.so.2
-
- insinto /etc
- doins ldap.conf
-
- # Append two blank lines and some skip entries
- echo >>"${ED}"/etc/ldap.conf || die
- echo >>"${ED}"/etc/ldap.conf || die
- sed -i "${ED}"/etc/ldap.conf \
- -e '$inss_initgroups_ignoreusers ldap,openldap,mysql,syslog,root,postgres' \
- || die
-
- dodoc ldap.conf ANNOUNCE NEWS ChangeLog AUTHORS \
- CVSVersionInfo.txt README nsswitch.ldap certutil
-
- docinto docs
- dodoc -r doc/.
-}
-
-pkg_postinst() {
- elog "If you use a ldaps:// string in the 'uri' setting of"
- elog "your /etc/ldap.conf, you must set 'ssl on'!"
-}
diff --git a/sys-auth/nss_ldap/nss_ldap-265-r11.ebuild b/sys-auth/nss_ldap/nss_ldap-265-r11.ebuild
new file mode 100644
index 000000000000..e844f815d1bd
--- /dev/null
+++ b/sys-auth/nss_ldap/nss_ldap-265-r11.ebuild
@@ -0,0 +1,148 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit autotools fixheadtails multilib-minimal prefix
+
+DESCRIPTION="NSS LDAP Module"
+HOMEPAGE="http://www.padl.com/OSS/nss_ldap.html"
+SRC_URI="http://www.padl.com/download/${P}.tar.gz"
+
+SLOT="0"
+LICENSE="LGPL-2"
+KEYWORDS="~alpha amd64 arm ~hppa ~ia64 ~mips ~ppc ppc64 sparc x86 ~amd64-linux"
+IUSE="debug kerberos ssl sasl split-usr"
+
+DEPEND="
+ >=net-nds/openldap-2.4.38-r1:=[${MULTILIB_USEDEP}]
+ sasl? ( >=dev-libs/cyrus-sasl-2.1.26-r3[${MULTILIB_USEDEP}] )
+ kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] )
+ ssl? ( >=dev-libs/openssl-1.0.1h-r2:0=[${MULTILIB_USEDEP}] )
+"
+RDEPEND="
+ ${DEPEND}
+ !<net-fs/autofs-4.1.3
+"
+
+src_prepare() {
+ default
+
+ # Patch is for Prefix
+ # eprefixify is safe on non-Prefix systems, so go unconditional
+ # Note: comment this out or make it conditional on 'use prefix'
+ # if needs rebasing. Don't remove.
+ eapply "${FILESDIR}"/${P}-r10-libdir.patch
+ eprefixify Makefile.am
+
+ # bug 438692
+ eapply -p0 "${FILESDIR}"/${P}-pthread.patch
+
+ eapply -p0 "${FILESDIR}"/nsswitch.ldap.diff
+
+ # Applied by upstream
+ #eapply "${FILESDIR}"/${PN}-239-tls-security-bug.patch
+
+ eapply -p0 "${FILESDIR}"/${PN}-249-sasl-compile.patch
+
+ eapply "${FILESDIR}"/${PN}-265-reconnect-timeouts.patch
+
+ # Applied by upstream
+ #eapply "${FILESDIR}"/${PN}-254-nss_getgrent_skipmembers.patch
+
+ eapply "${FILESDIR}"/${PN}-257-nss_max_group_depth.patch
+
+ sed -i.orig \
+ -e '/^ @(#)\$Id: ldap.conf,v/s,^,#,' \
+ "${S}"/ldap.conf \
+ || die
+
+ # Fix head/tail stuff
+ ht_fix_file "${S}"/Makefile.am "${S}"/Makefile.in "${S}"/depcomp
+
+ # Fix build borkage
+ local i
+ for i in Makefile.{in,am}; do
+ sed -i.orig \
+ -e '/^install-exec-local: nss_ldap.so/s,nss_ldap.so,,g' \
+ "${S}"/$i || die
+ done
+
+ eapply "${FILESDIR}"/${PN}-257.2-gssapi-headers.patch
+
+ # Bug #214750, no automagic deps
+ eapply "${FILESDIR}"/${PN}-264-disable-automagic.patch
+
+ # Upstream forgets the version number sometimes
+ #sed -i \
+ # -e "/^AM_INIT_AUTOMAKE/s~2..~$PV~" \
+ # "${S}"/configure.in || die
+
+ # Include an SONAME
+ eapply "${FILESDIR}"/${PN}-254-soname.patch
+
+ # Fix broken oneshot connections
+ eapply "${FILESDIR}/nss_ldap-265-missing-entries-oneshot.patch"
+
+ sed -i \
+ -e 's, vers_string , PERL5LIB="@top_srcdir@" @top_srcdir@/vers_string ,g' \
+ "${S}"/Makefile.am || die
+
+ eautoreconf
+}
+
+multilib_src_configure() {
+ local myconf=(
+ # --enable-schema-mapping
+ --with-ldap-lib=openldap
+ --with-ldap-conf-file="${EPREFIX}/etc/ldap.conf"
+ --enable-paged-results
+ --enable-rfc2307bis
+ $(use_enable ssl)
+ $(use_enable sasl)
+ $(use_enable kerberos krb)
+ )
+
+ use debug && myconf+=( --enable-debugging )
+ use kerberos && myconf+=( --enable-configurable-krb5-ccname-gssapi )
+
+ # Neede to be careful with changing this
+ # bug #581306
+ multilib_is_native_abi && myconf+=( --libdir="${EPREFIX}/$(get_libdir)" )
+
+ ECONF_SOURCE=${S} econf "${myconf[@]}"
+}
+
+multilib_src_install() {
+ emake -j1 DESTDIR="${D}" \
+ LIBDIR_UNPREFIXED="$(get_libdir)" \
+ INST_UID=${PORTAGE_USER:-root} \
+ INST_GID=${PORTAGE_GROUP:-root} \
+ install
+}
+
+multilib_src_install_all() {
+ use split-usr &&
+ dosym ../../$(get_libdir)/libnss_ldap.so.2 /usr/$(get_libdir)/libnss_ldap.so.2
+
+ insinto /etc
+ doins ldap.conf
+
+ # Append two blank lines and some skip entries
+ echo >>"${ED}"/etc/ldap.conf || die
+ echo >>"${ED}"/etc/ldap.conf || die
+ sed -i "${ED}"/etc/ldap.conf \
+ -e '$inss_initgroups_ignoreusers ldap,openldap,mysql,syslog,root,postgres' \
+ || die
+
+ dodoc ldap.conf ANNOUNCE NEWS ChangeLog AUTHORS \
+ CVSVersionInfo.txt README nsswitch.ldap certutil
+
+ docinto docs
+ dodoc -r doc/.
+}
+
+pkg_postinst() {
+ elog "If you use a ldaps:// string in the 'uri' setting of"
+ elog "your /etc/ldap.conf, you must set 'ssl on'!"
+}
diff --git a/sys-auth/pam_ldap/Manifest b/sys-auth/pam_ldap/Manifest
index db6d405ef8dc..f7e2c2e1a153 100644
--- a/sys-auth/pam_ldap/Manifest
+++ b/sys-auth/pam_ldap/Manifest
@@ -1,3 +1,3 @@
DIST pam_ldap-186.tar.gz 163437 BLAKE2B 4e917985b78349283c891daca94935792f2316afc08cd694edb7256c89a7ed612a62ba4b53111fc2022f6e11f754103bf58ac0a53a4298b011a5379625c51cdc SHA512 aaa6fbc48150db53bf92dcf600bcb8f0526baa2e6124f46468f59958c8a91495eb003d16a45b659c8cbb2d3481c4732a0d1f5945a2c98c09549ef8a51ed18a3d
-EBUILD pam_ldap-186-r3.ebuild 1120 BLAKE2B 466c82795d9ceb8710caa5b1177cfde657634ef2a63a008f1ad1a14faa8ba900ebc6133fb5a0935ccc4177f47122e11abd6fdd83ff63b32eea3df0c3872aeec1 SHA512 2cc75fad171827066498717b501be6073c489846ba70fc45bad5828935848f9a058bff4562e8360a63877d50d5a475bfdd61c7721ee18c68bb3bb4fae91f34c0
+EBUILD pam_ldap-186-r4.ebuild 1122 BLAKE2B 5b0444474816bea2e93f8b2d00afedcc3d3b64f8266121f50617bef304ed8d6deddb9de61d5b0b2b349f820dfb85aab3513008d9b53f139c6c68b59039a86788 SHA512 7dc100a5c75dfc351a236000c652c97f2fb21073491e6919c7276db51ec5b9ef683a6f6f10e3b61b2f8276429f8f4389d7b4d09bcb3cfa844a77a66e0101fc34
MISC metadata.xml 167 BLAKE2B 868e3b584722eaacf68273db062bb773d8c7e5d7ab2b81ca7e8397643bf7cc106c3a1033594401c99c54f667bb45d6b73f9048fc335580bbd44b4589ad26a832 SHA512 30caadd1496c3b9969136038239a1d8e01f236726b4022c2d7e19ca7575f25f735e556835e581afbf44fbd3e4104c40f2b5ef5fa70118d75c881fdf871962d0a
diff --git a/sys-auth/pam_ldap/pam_ldap-186-r3.ebuild b/sys-auth/pam_ldap/pam_ldap-186-r3.ebuild
deleted file mode 100644
index aebb514b53ba..000000000000
--- a/sys-auth/pam_ldap/pam_ldap-186-r3.ebuild
+++ /dev/null
@@ -1,51 +0,0 @@
-# Copyright 1999-2022 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-inherit multilib-minimal pam
-
-DESCRIPTION="PAM LDAP Module"
-HOMEPAGE="http://www.padl.com/OSS/pam_ldap.html"
-SRC_URI="http://www.padl.com/download/${P}.tar.gz"
-
-LICENSE="|| ( GPL-2 LGPL-2 )"
-SLOT="0"
-KEYWORDS="~alpha amd64 arm ~hppa ~ia64 ~mips ~ppc ppc64 sparc x86"
-IUSE="ssl sasl"
-
-DEPEND="sys-libs/pam[${MULTILIB_USEDEP}]
- >=net-nds/openldap-2.4.38-r1[${MULTILIB_USEDEP}]
- virtual/libcrypt:=[${MULTILIB_USEDEP}]
- sasl? ( >=dev-libs/cyrus-sasl-2.1.26-r3[${MULTILIB_USEDEP}] )"
-
-RDEPEND="${DEPEND}"
-
-multilib_src_configure() {
- local myconf=(
- --with-ldap-lib=openldap
- $(use_enable ssl)
- )
- use sasl || myconf+=( ac_cv_header_sasl_sasl_h=no )
-
- ECONF_SOURCE=${S} \
- econf "${myconf[@]}"
-}
-
-multilib_src_compile() {
- PERL5LIB=${S} \
- emake
-}
-
-multilib_src_install() {
- dopammod pam_ldap.so
-}
-
-multilib_src_install_all() {
- dodoc pam.conf ldap.conf ldapns.schema chsh chfn certutil
- dodoc ChangeLog CVSVersionInfo.txt README AUTHORS ns-pwd-policy.schema
- doman pam_ldap.5
-
- docinto pam.d
- dodoc pam.d/*
-}
diff --git a/sys-auth/pam_ldap/pam_ldap-186-r4.ebuild b/sys-auth/pam_ldap/pam_ldap-186-r4.ebuild
new file mode 100644
index 000000000000..b2cb6a79d121
--- /dev/null
+++ b/sys-auth/pam_ldap/pam_ldap-186-r4.ebuild
@@ -0,0 +1,51 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit multilib-minimal pam
+
+DESCRIPTION="PAM LDAP Module"
+HOMEPAGE="http://www.padl.com/OSS/pam_ldap.html"
+SRC_URI="http://www.padl.com/download/${P}.tar.gz"
+
+LICENSE="|| ( GPL-2 LGPL-2 )"
+SLOT="0"
+KEYWORDS="~alpha amd64 arm ~hppa ~ia64 ~mips ~ppc ppc64 sparc x86"
+IUSE="ssl sasl"
+
+DEPEND="sys-libs/pam[${MULTILIB_USEDEP}]
+ >=net-nds/openldap-2.4.38-r1:=[${MULTILIB_USEDEP}]
+ virtual/libcrypt:=[${MULTILIB_USEDEP}]
+ sasl? ( >=dev-libs/cyrus-sasl-2.1.26-r3[${MULTILIB_USEDEP}] )"
+
+RDEPEND="${DEPEND}"
+
+multilib_src_configure() {
+ local myconf=(
+ --with-ldap-lib=openldap
+ $(use_enable ssl)
+ )
+ use sasl || myconf+=( ac_cv_header_sasl_sasl_h=no )
+
+ ECONF_SOURCE=${S} \
+ econf "${myconf[@]}"
+}
+
+multilib_src_compile() {
+ PERL5LIB=${S} \
+ emake
+}
+
+multilib_src_install() {
+ dopammod pam_ldap.so
+}
+
+multilib_src_install_all() {
+ dodoc pam.conf ldap.conf ldapns.schema chsh chfn certutil
+ dodoc ChangeLog CVSVersionInfo.txt README AUTHORS ns-pwd-policy.schema
+ doman pam_ldap.5
+
+ docinto pam.d
+ dodoc pam.d/*
+}
diff --git a/sys-auth/pam_yubico/Manifest b/sys-auth/pam_yubico/Manifest
index 9a6651042cc1..574b205fe09f 100644
--- a/sys-auth/pam_yubico/Manifest
+++ b/sys-auth/pam_yubico/Manifest
@@ -1,3 +1,3 @@
DIST pam_yubico-2.26.tar.gz 423451 BLAKE2B be65b9726d3b5d353577014c78163d9e092d3d98baf9c22c2a43bbbb5362589c18713712d218fd154cf493211cefd2924158b326db45c2b7dd0aee9aa9080de5 SHA512 4adba37f07e1fe1a2c4b534246ef0e862be76e3b1ce0ed6f11f15436f537cd5963f00abf48f6faa7e65b025ff6924dbaf918db1675b1e2cb89a802d2f2d6a4ec
-EBUILD pam_yubico-2.26.ebuild 904 BLAKE2B f56cbf54d17e5d9eb7027c9eff98603f7b3ccea11b654e92d411f7a51bd0e99e3793c7883ef38646c3fe8a087c8fbf2dafc78ef71491300a02349d39b533e73f SHA512 168007b543dd4d20a1fa858bed84264fd3f82d60c4876fe6b782da84a01c01bff216e78cf31678020fc153c2fba37d05eae06105d3a57f3434d06f8ad37b6698
+EBUILD pam_yubico-2.26-r1.ebuild 906 BLAKE2B 5626b331513510a3a08522b477c07ca6d10bda7ebd0cf7d68c7bed65381a5013767a5c12986b6094bc64f8bcec25c87a1e3ae4bff5fe542358e9f4d652e96eb7 SHA512 b8db00bcbb8748926c4fa3d6f8a29d9fa574ce2aac7d07c6de82d7493c49055437a4428aa11a5eb936c789d4d84e00d24126e2a4f0d6cfd09ac3a4d9a7cca7d4
MISC metadata.xml 340 BLAKE2B e837716f925129355286f7fa7bf703ee5486d87c67a5d06669b7f7a0c35312cb79dcc93eb76e6bdbe2cd627426fe2fab68533e551f6461176422cf5eb037f182 SHA512 66aa57dd3603d6249cc5fd844370cae5dfe9ccc07433aaf31802d6c3c1fe6c8264a3ff67f30fbfb4df1367cfb9ba2ff43e048c4bd673224697d07e26f5fb526f
diff --git a/sys-auth/pam_yubico/pam_yubico-2.26-r1.ebuild b/sys-auth/pam_yubico/pam_yubico-2.26-r1.ebuild
new file mode 100644
index 000000000000..eaf84fc6bbfa
--- /dev/null
+++ b/sys-auth/pam_yubico/pam_yubico-2.26-r1.ebuild
@@ -0,0 +1,42 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit pam
+
+DESCRIPTION="Library for authenticating against PAM with a Yubikey"
+HOMEPAGE="https://github.com/Yubico/yubico-pam"
+SRC_URI="http://opensource.yubico.com/yubico-pam/releases/${P}.tar.gz"
+
+LICENSE="BSD"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="ldap test"
+RESTRICT="!test? ( test )"
+
+RDEPEND="
+ sys-libs/pam
+ sys-auth/libyubikey
+ >=sys-auth/ykclient-2.15
+ >=sys-auth/ykpers-1.6
+ ldap? ( net-nds/openldap:= )"
+DEPEND="${RDEPEND}
+ app-text/asciidoc
+ test? ( dev-perl/Net-LDAP-Server )"
+
+src_configure() {
+ #challenge response could be optional but that seems horribly dangerous to me
+ local myeconfargs=(
+ --with-cr
+ --with-pam-dir="$(getpam_mod_dir)"
+ $(use_with ldap)
+ )
+ econf "${myeconfargs[@]}"
+}
+
+src_install() {
+ default
+ dodoc doc/*
+ find "${D}" -name '*.la' -delete || die
+}
diff --git a/sys-auth/pam_yubico/pam_yubico-2.26.ebuild b/sys-auth/pam_yubico/pam_yubico-2.26.ebuild
deleted file mode 100644
index d02d30e11751..000000000000
--- a/sys-auth/pam_yubico/pam_yubico-2.26.ebuild
+++ /dev/null
@@ -1,42 +0,0 @@
-# Copyright 1999-2019 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=6
-
-inherit pam
-
-DESCRIPTION="Library for authenticating against PAM with a Yubikey"
-HOMEPAGE="https://github.com/Yubico/yubico-pam"
-SRC_URI="http://opensource.yubico.com/yubico-pam/releases/${P}.tar.gz"
-
-LICENSE="BSD"
-SLOT="0"
-KEYWORDS="~amd64 ~x86"
-IUSE="ldap test"
-RESTRICT="!test? ( test )"
-
-RDEPEND="
- sys-libs/pam
- sys-auth/libyubikey
- >=sys-auth/ykclient-2.15
- >=sys-auth/ykpers-1.6
- ldap? ( net-nds/openldap )"
-DEPEND="${RDEPEND}
- app-text/asciidoc
- test? ( dev-perl/Net-LDAP-Server )"
-
-src_configure() {
- #challenge response could be optional but that seems horribly dangerous to me
- local myeconfargs=(
- --with-cr
- --with-pam-dir="$(getpam_mod_dir)"
- $(use_with ldap)
- )
- econf "${myeconfargs[@]}"
-}
-
-src_install() {
- default
- dodoc doc/*
- find "${D}" -name '*.la' -delete || die
-}
diff --git a/sys-auth/sssd/Manifest b/sys-auth/sssd/Manifest
index f0b0c629b36d..b2585b8fc18b 100644
--- a/sys-auth/sssd/Manifest
+++ b/sys-auth/sssd/Manifest
@@ -5,7 +5,7 @@ DIST sssd-2.3.1.tar.gz 7186526 BLAKE2B 6d630fe75b9b426ef54adbe1704fde8e01fc34df7
DIST sssd-2.5.2-CVE-2021-3621.patch.bz2 3155 BLAKE2B c50e331f0f1acbb9ef8e6d54a63219da44df5e565608c24635d85a110fcc024f7d5293c4412bca64831a9a3a14e2c1188be1a802c76575ad6d7a83243d3d89c2 SHA512 650af7c67b3a807935c0875ee877d366facdf818492fb4244757448ad351454a279968ea5414e6b3cd116e873abe4f1aef2ccdaf790a4df0cf7f2a0078a41860
DIST sssd-2.5.2.tar.gz 7579208 BLAKE2B ec5d9aeaf5b5e05b56c01f9137f6f24db05544dbd48458d742285b60e7beb6d48af865f3415e11ce89e187f4643bbecf15bbb321859ec80cfe458eb781cea6c9 SHA512 a9bac7b2cc23022dce3bcda314c9c26a0a0914c448f6d5a51c5ba18670f04c1fd1a94cb20173235b6285df1dcc9251cb6b3f3e71a220037b4eb66668e6f33c48
DIST sssd-2.6.0.tar.gz 7440969 BLAKE2B 6b05fcea09ef10a5b2f373dc6a66032edc4c4f46f65f42fdc9ffb5b676025095e16de4a86b3088351c22746e062829d1d68fa7e960cccb7c5a77d960e6d38e2a SHA512 0b9e169424cbadfa6132a3e5e9789facf82f04cce94cb5344b8ff49370ae8817c2cb16cf21caddf6a7cd42e661d5ff5bf97843d79681683aacff0053ff93f64b
-EBUILD sssd-2.3.1-r2.ebuild 7550 BLAKE2B bb7148a163aafe86d6efbcb29a48829ceed64ddbd328aa68e0d279478dcad70e77027647d4d38a9b56d317d76b024edfeb2d30656f50fd71414cecc25a1f91c9 SHA512 9ebb400f5bf139c18b04501c3b5ae4d74ce6dd4926f76f0b385d8f4b08d1e02b4f0d72cf7765bc30ddcfec50936954812b8522857d7c2b3d3859b12d6db9acb8
-EBUILD sssd-2.5.2-r2.ebuild 7903 BLAKE2B 74629995f904d268381aa14e689153a12957ac7864d2843924462da6cea8df00b40227c722e8a7127da516d95731ac2d39f54baba6a316bf65c3784345fc1fed SHA512 18aa0149a9ce1ab628f6d639e768eb5f73b778163fe613fb0a59e3cda196c3a6ed346543749447f29894884df271631e62c635c5d71f7853f149e4aae2c39704
-EBUILD sssd-2.6.0-r1.ebuild 7564 BLAKE2B e862fff7812168422d58b2f78e9108dc1c437ff26724f2412ef2e2e2b44eaf90e3f61f3064adf606f319aab79cdc4eaebeccd501a68c2f0db81c20af48a93b5b SHA512 60abe45738b916f41960328c12a3bf83cece84af8b1ec576af05d7a660144486e2787ea74dc83b1d290973d7cff0a971ff6bf204f487c61eb51cc786083a26c5
+EBUILD sssd-2.3.1-r3.ebuild 7556 BLAKE2B f418cbc6b37b0399c6b960a30fa2bdb6cf40da997c32d037821d48839a560fa412e8a607778ba7117770b0e3cd55be4707d72959d5e4f9f751c519a770120588 SHA512 1895d436d3848b14afe2e14c4cc53a11ca4415548339c2e4e6c0a7944bb5a4c071c4a0fbb7c6744abcef0d918b4222373c3b46fa85c06eba34ff87f2f4ee81e6
+EBUILD sssd-2.5.2-r3.ebuild 7909 BLAKE2B b8a326c3a96f387ae3c004c3966a296eca8d5794453b5c153e0896e4fee8cd42167f0d7d9fb5cf28c60f30f7a115d47c667198137926874e0c2b0fcf76359664 SHA512 eb06a8cab8790a1b5aa1f8f016427804dac12bb93c4af234cdce2df5fde9ea7ffbb2210cb039c085306238761b51876a6f5f59db6800e8d37f6f5edc4b406780
+EBUILD sssd-2.6.0-r2.ebuild 7568 BLAKE2B 2dfc3194cebfa102162b3be60cbb95c68111463b0c3f014bf04d3f7c0a33366051b4f7c76de0bf07a407a82c161fd6e05552819adc62382065c0c5cb4f39c627 SHA512 2247d943a9997c9335ea35a8a3d7e7464880b5aaa32b39ae61f903f84827b82e983e03eb5e1e25f0898dd1cdb6f297e9723a5afe8879dcf99684d0590a52f855
MISC metadata.xml 1182 BLAKE2B 8667ff4514a6cf81e044c53492760a20b4af07a345f75b48707587ce38903a5b5837e8aea5dec119a5f26cb0a5b7ce4577936cf6d4e666894bc5014ec6fd0c51 SHA512 e375a25d8dc8ccd1ec13e7b4bdf3782441b01ff15a0f0a213dbbb27ff9d30ff455e1efe1711096973b5c814dcb7f269af61cb455290b8948b06451e754b40912
diff --git a/sys-auth/sssd/sssd-2.3.1-r2.ebuild b/sys-auth/sssd/sssd-2.3.1-r2.ebuild
deleted file mode 100644
index 6ecd0e166c35..000000000000
--- a/sys-auth/sssd/sssd-2.3.1-r2.ebuild
+++ /dev/null
@@ -1,288 +0,0 @@
-# Copyright 1999-2021 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-PYTHON_COMPAT=( python3_{7,8,9} )
-
-inherit autotools linux-info multilib-minimal python-single-r1 pam systemd toolchain-funcs
-
-DESCRIPTION="System Security Services Daemon provides access to identity and authentication"
-HOMEPAGE="https://github.com/SSSD/sssd"
-SRC_URI="https://github.com/SSSD/sssd/releases/download/${PN}-${PV//./_}/${P}.tar.gz"
-KEYWORDS="amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sparc x86"
-
-LICENSE="GPL-3"
-SLOT="0"
-IUSE="acl doc +locator +netlink nfsv4 nls +man pac python samba selinux sudo systemd test valgrind"
-RESTRICT="!test? ( test )"
-
-REQUIRED_USE="pac? ( samba )
- python? ( ${PYTHON_REQUIRED_USE} )"
-
-DEPEND="
- >=app-crypt/mit-krb5-1.10.3
- app-crypt/p11-kit
- >=dev-libs/ding-libs-0.2
- dev-libs/glib:2
- >=dev-libs/cyrus-sasl-2.1.25-r3[kerberos]
- >=dev-libs/libpcre-8.30:=
- >=dev-libs/popt-1.16
- >=dev-libs/openssl-1.0.2:0=
- >=net-dns/bind-tools-9.9[gssapi]
- >=net-dns/c-ares-1.7.4
- >=net-nds/openldap-2.4.30[sasl]
- >=sys-apps/dbus-1.6
- >=sys-apps/keyutils-1.5:=
- >=sys-libs/pam-0-r1[${MULTILIB_USEDEP}]
- >=sys-libs/talloc-2.0.7
- >=sys-libs/tdb-1.2.9
- >=sys-libs/tevent-0.9.16
- >=sys-libs/ldb-1.1.17-r1:=
- virtual/libintl
- locator? (
- >=app-crypt/mit-krb5-1.12.2[${MULTILIB_USEDEP}]
- >=net-dns/c-ares-1.10.0-r1[${MULTILIB_USEDEP}]
- )
- acl? ( net-fs/cifs-utils[acl] )
- netlink? ( dev-libs/libnl:3 )
- nfsv4? ( || ( >=net-fs/nfs-utils-2.3.1-r2 net-libs/libnfsidmap ) )
- nls? ( >=sys-devel/gettext-0.18 )
- pac? (
- app-crypt/mit-krb5[${MULTILIB_USEDEP}]
- net-fs/samba
- )
- python? ( ${PYTHON_DEPS} )
- samba? ( >=net-fs/samba-4.10.2[winbind] )
- selinux? (
- >=sys-libs/libselinux-2.1.9
- >=sys-libs/libsemanage-2.1
- )
- systemd? (
- dev-libs/jansson:0=
- net-libs/http-parser:0=
- net-misc/curl:0=
- )"
-RDEPEND="${DEPEND}
- >=sys-libs/glibc-2.17[nscd]
- selinux? ( >=sec-policy/selinux-sssd-2.20120725-r9 )"
-BDEPEND=">=sys-devel/autoconf-2.69-r5
- virtual/pkgconfig
- doc? ( app-doc/doxygen )
- test? (
- dev-libs/check
- dev-libs/softhsm:2
- dev-util/cmocka
- net-libs/gnutls[pkcs11,tools]
- sys-libs/libfaketime
- sys-libs/nss_wrapper
- sys-libs/pam_wrapper
- sys-libs/uid_wrapper
- valgrind? ( dev-util/valgrind )
- )
- man? (
- app-text/docbook-xml-dtd:4.4
- >=dev-libs/libxslt-1.1.26
- nls? ( app-text/po4a )
- )"
-
-CONFIG_CHECK="~KEYS"
-
-MULTILIB_WRAPPED_HEADERS=(
- /usr/include/ipa_hbac.h
- /usr/include/sss_idmap.h
- /usr/include/sss_nss_idmap.h
- # --with-ifp
- /usr/include/sss_sifp.h
- /usr/include/sss_sifp_dbus.h
- # from 1.15.3
- /usr/include/sss_certmap.h
-)
-
-PATCHES=(
- "${FILESDIR}"/${P}-test_ca-Look-for-libsofthsm2.so-in-usr-libdir-sofths.patch
-)
-
-pkg_setup() {
- linux-info_pkg_setup
-}
-
-src_prepare() {
- sed -i 's:/var/run:/run:' \
- "${S}"/src/examples/logrotate || die
-
- default
- eautoreconf
- multilib_copy_sources
- if use python && multilib_is_native_abi; then
- python_setup
- fi
-}
-
-src_configure() {
- local native_dbus_cflags=$($(tc-getPKG_CONFIG) --cflags dbus-1)
-
- multilib-minimal_src_configure
-}
-
-multilib_src_configure() {
- local myconf=()
-
- myconf+=(
- --localstatedir="${EPREFIX}"/var
- --runstatedir="${EPREFIX}"/run
- --with-pid-path="${EPREFIX}"/run
- --with-plugin-path="${EPREFIX}"/usr/$(get_libdir)/sssd
- --enable-pammoddir="${EPREFIX}"/$(getpam_mod_dir)
- --with-ldb-lib-dir="${EPREFIX}"/usr/$(get_libdir)/samba/ldb
- --with-db-path="${EPREFIX}"/var/lib/sss/db
- --with-gpo-cache-path="${EPREFIX}"/var/lib/sss/gpo_cache
- --with-pubconf-path="${EPREFIX}"/var/lib/sss/pubconf
- --with-pipe-path="${EPREFIX}"/var/lib/sss/pipes
- --with-mcache-path="${EPREFIX}"/var/lib/sss/mc
- --with-secrets-db-path="${EPREFIX}"/var/lib/sss/secrets
- --with-log-path="${EPREFIX}"/var/log/sssd
- --with-os=gentoo
- --with-nscd="${EPREFIX}"/usr/sbin/nscd
- --with-unicode-lib="glib2"
- --disable-rpath
- --sbindir=/usr/sbin
- --with-crypto="libcrypto"
- --enable-local-provider
- $(multilib_native_use_with systemd kcm)
- $(multilib_native_use_with systemd secrets)
- $(use_with samba)
- --with-smb-idmap-interface-version=6
- $(multilib_native_use_enable acl cifs-idmap-plugin)
- $(multilib_native_use_with selinux)
- $(multilib_native_use_with selinux semanage)
- $(use_enable locator krb5-locator-plugin)
- $(use_enable pac pac-responder)
- $(multilib_native_use_with nfsv4 nfsv4-idmapd-plugin)
- $(use_enable nls)
- $(multilib_native_use_with netlink libnl)
- $(multilib_native_use_with man manpages)
- $(multilib_native_use_with sudo)
- $(multilib_native_with autofs)
- $(multilib_native_with ssh)
- $(use_enable valgrind)
- --without-python2-bindings
- $(multilib_native_use_with python python3-bindings)
- )
-
- # Annoyingly configure requires that you pick systemd XOR sysv
- if use systemd; then
- myconf+=(
- --with-initscript="systemd"
- --with-systemdunitdir=$(systemd_get_systemunitdir)
- )
- else
- myconf+=(--with-initscript="sysv")
- fi
-
- if ! multilib_is_native_abi; then
- # work-around all the libraries that are used for CLI and server
- myconf+=(
- {POPT,TALLOC,TDB,TEVENT,LDB}_{CFLAGS,LIBS}=' '
- # ldb headers are fine since native needs it
- # ldb lib fails... but it does not seem to bother
- {DHASH,COLLECTION,INI_CONFIG_V{0,1,1_1,1_3}}_{CFLAGS,LIBS}=' '
- {PCRE,CARES,SYSTEMD_LOGIN,SASL,GLIB2,DBUS,CRYPTO,P11_KIT}_{CFLAGS,LIBS}=' '
- {NDR_NBT,SMBCLIENT,NDR_KRB5PAC}_{CFLAGS,LIBS}=' '
-
- # use native include path for dbus (needed for build)
- DBUS_CFLAGS="${native_dbus_cflags}"
-
- # non-pkgconfig checks
- ac_cv_lib_ldap_ldap_search=yes
- --without-secrets
- --without-kcm
- )
- fi
-
- econf "${myconf[@]}"
-}
-
-multilib_src_compile() {
- if multilib_is_native_abi; then
- default
- use doc && emake docs
- if use man || use nls; then
- emake update-po
- fi
- else
- emake libnss_sss.la pam_sss.la
- use locator && emake sssd_krb5_locator_plugin.la
- use pac && emake sssd_pac_plugin.la
- fi
-}
-
-multilib_src_install() {
- if multilib_is_native_abi; then
- emake -j1 DESTDIR="${D}" "${_at_args[@]}" install
- if use python; then
- python_optimize
- python_fix_shebang "${ED}"
- fi
-
- else
- # easier than playing with automake...
- dopammod .libs/pam_sss.so
-
- into /
- dolib.so .libs/libnss_sss.so*
-
- if use locator; then
- exeinto /usr/$(get_libdir)/krb5/plugins/libkrb5
- doexe .libs/sssd_krb5_locator_plugin.so
- fi
-
- if use pac; then
- exeinto /usr/$(get_libdir)/krb5/plugins/authdata
- doexe .libs/sssd_pac_plugin.so
- fi
- fi
-}
-
-multilib_src_install_all() {
- einstalldocs
- find "${ED}" -type f -name '*.la' -delete || die
-
- insinto /etc/sssd
- insopts -m600
- doins "${S}"/src/examples/sssd-example.conf
-
- insinto /etc/logrotate.d
- insopts -m644
- newins "${S}"/src/examples/logrotate sssd
-
- newconfd "${FILESDIR}"/sssd.conf sssd
-
- keepdir /var/lib/sss/db
- keepdir /var/lib/sss/deskprofile
- keepdir /var/lib/sss/gpo_cache
- keepdir /var/lib/sss/keytabs
- keepdir /var/lib/sss/mc
- keepdir /var/lib/sss/pipes/private
- keepdir /var/lib/sss/pubconf/krb5.include.d
- keepdir /var/lib/sss/secrets
- keepdir /var/log/sssd
-
- # strip empty dirs
- if ! use doc ; then
- rm -r "${ED}"/usr/share/doc/"${PF}"/doc || die
- rm -r "${ED}"/usr/share/doc/"${PF}"/{hbac,idmap,nss_idmap,sss_simpleifp}_doc || die
- fi
-
- rm -r "${ED}"/run || die
-}
-
-multilib_src_test() {
- multilib_is_native_abi && emake check
-}
-
-pkg_postinst() {
- elog "You must set up sssd.conf (default installed into /etc/sssd)"
- elog "and (optionally) configuration in /etc/pam.d in order to use SSSD"
- elog "features. Please see howto in https://sssd.io/docs/design_pages/smartcard_authentication_require.html"
-}
diff --git a/sys-auth/sssd/sssd-2.3.1-r3.ebuild b/sys-auth/sssd/sssd-2.3.1-r3.ebuild
new file mode 100644
index 000000000000..fdbe558ed56d
--- /dev/null
+++ b/sys-auth/sssd/sssd-2.3.1-r3.ebuild
@@ -0,0 +1,288 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+PYTHON_COMPAT=( python3_{7,8,9} )
+
+inherit autotools linux-info multilib-minimal python-single-r1 pam systemd toolchain-funcs
+
+DESCRIPTION="System Security Services Daemon provides access to identity and authentication"
+HOMEPAGE="https://github.com/SSSD/sssd"
+SRC_URI="https://github.com/SSSD/sssd/releases/download/${PN}-${PV//./_}/${P}.tar.gz"
+KEYWORDS="amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sparc x86"
+
+LICENSE="GPL-3"
+SLOT="0"
+IUSE="acl doc +locator +netlink nfsv4 nls +man pac python samba selinux sudo systemd test valgrind"
+RESTRICT="!test? ( test )"
+
+REQUIRED_USE="pac? ( samba )
+ python? ( ${PYTHON_REQUIRED_USE} )"
+
+DEPEND="
+ >=app-crypt/mit-krb5-1.10.3
+ app-crypt/p11-kit
+ >=dev-libs/ding-libs-0.2
+ dev-libs/glib:2
+ >=dev-libs/cyrus-sasl-2.1.25-r3[kerberos]
+ >=dev-libs/libpcre-8.30:=
+ >=dev-libs/popt-1.16
+ >=dev-libs/openssl-1.0.2:0=
+ >=net-dns/bind-tools-9.9[gssapi]
+ >=net-dns/c-ares-1.7.4:=
+ >=net-nds/openldap-2.4.30:=[sasl]
+ >=sys-apps/dbus-1.6
+ >=sys-apps/keyutils-1.5:=
+ >=sys-libs/pam-0-r1[${MULTILIB_USEDEP}]
+ >=sys-libs/talloc-2.0.7
+ >=sys-libs/tdb-1.2.9
+ >=sys-libs/tevent-0.9.16
+ >=sys-libs/ldb-1.1.17-r1:=
+ virtual/libintl
+ locator? (
+ >=app-crypt/mit-krb5-1.12.2[${MULTILIB_USEDEP}]
+ >=net-dns/c-ares-1.10.0-r1:=[${MULTILIB_USEDEP}]
+ )
+ acl? ( net-fs/cifs-utils[acl] )
+ netlink? ( dev-libs/libnl:3 )
+ nfsv4? ( || ( >=net-fs/nfs-utils-2.3.1-r2 net-libs/libnfsidmap ) )
+ nls? ( >=sys-devel/gettext-0.18 )
+ pac? (
+ app-crypt/mit-krb5[${MULTILIB_USEDEP}]
+ net-fs/samba
+ )
+ python? ( ${PYTHON_DEPS} )
+ samba? ( >=net-fs/samba-4.10.2[winbind] )
+ selinux? (
+ >=sys-libs/libselinux-2.1.9
+ >=sys-libs/libsemanage-2.1
+ )
+ systemd? (
+ dev-libs/jansson:0=
+ net-libs/http-parser:0=
+ net-misc/curl:0=
+ )"
+RDEPEND="${DEPEND}
+ >=sys-libs/glibc-2.17[nscd]
+ selinux? ( >=sec-policy/selinux-sssd-2.20120725-r9 )"
+BDEPEND=">=sys-devel/autoconf-2.69-r5
+ virtual/pkgconfig
+ doc? ( app-doc/doxygen )
+ test? (
+ dev-libs/check
+ dev-libs/softhsm:2
+ dev-util/cmocka
+ net-libs/gnutls[pkcs11,tools]
+ sys-libs/libfaketime
+ sys-libs/nss_wrapper
+ sys-libs/pam_wrapper
+ sys-libs/uid_wrapper
+ valgrind? ( dev-util/valgrind )
+ )
+ man? (
+ app-text/docbook-xml-dtd:4.4
+ >=dev-libs/libxslt-1.1.26
+ nls? ( app-text/po4a )
+ )"
+
+CONFIG_CHECK="~KEYS"
+
+MULTILIB_WRAPPED_HEADERS=(
+ /usr/include/ipa_hbac.h
+ /usr/include/sss_idmap.h
+ /usr/include/sss_nss_idmap.h
+ # --with-ifp
+ /usr/include/sss_sifp.h
+ /usr/include/sss_sifp_dbus.h
+ # from 1.15.3
+ /usr/include/sss_certmap.h
+)
+
+PATCHES=(
+ "${FILESDIR}"/${P}-test_ca-Look-for-libsofthsm2.so-in-usr-libdir-sofths.patch
+)
+
+pkg_setup() {
+ linux-info_pkg_setup
+}
+
+src_prepare() {
+ sed -i 's:/var/run:/run:' \
+ "${S}"/src/examples/logrotate || die
+
+ default
+ eautoreconf
+ multilib_copy_sources
+ if use python && multilib_is_native_abi; then
+ python_setup
+ fi
+}
+
+src_configure() {
+ local native_dbus_cflags=$($(tc-getPKG_CONFIG) --cflags dbus-1)
+
+ multilib-minimal_src_configure
+}
+
+multilib_src_configure() {
+ local myconf=()
+
+ myconf+=(
+ --localstatedir="${EPREFIX}"/var
+ --runstatedir="${EPREFIX}"/run
+ --with-pid-path="${EPREFIX}"/run
+ --with-plugin-path="${EPREFIX}"/usr/$(get_libdir)/sssd
+ --enable-pammoddir="${EPREFIX}"/$(getpam_mod_dir)
+ --with-ldb-lib-dir="${EPREFIX}"/usr/$(get_libdir)/samba/ldb
+ --with-db-path="${EPREFIX}"/var/lib/sss/db
+ --with-gpo-cache-path="${EPREFIX}"/var/lib/sss/gpo_cache
+ --with-pubconf-path="${EPREFIX}"/var/lib/sss/pubconf
+ --with-pipe-path="${EPREFIX}"/var/lib/sss/pipes
+ --with-mcache-path="${EPREFIX}"/var/lib/sss/mc
+ --with-secrets-db-path="${EPREFIX}"/var/lib/sss/secrets
+ --with-log-path="${EPREFIX}"/var/log/sssd
+ --with-os=gentoo
+ --with-nscd="${EPREFIX}"/usr/sbin/nscd
+ --with-unicode-lib="glib2"
+ --disable-rpath
+ --sbindir=/usr/sbin
+ --with-crypto="libcrypto"
+ --enable-local-provider
+ $(multilib_native_use_with systemd kcm)
+ $(multilib_native_use_with systemd secrets)
+ $(use_with samba)
+ --with-smb-idmap-interface-version=6
+ $(multilib_native_use_enable acl cifs-idmap-plugin)
+ $(multilib_native_use_with selinux)
+ $(multilib_native_use_with selinux semanage)
+ $(use_enable locator krb5-locator-plugin)
+ $(use_enable pac pac-responder)
+ $(multilib_native_use_with nfsv4 nfsv4-idmapd-plugin)
+ $(use_enable nls)
+ $(multilib_native_use_with netlink libnl)
+ $(multilib_native_use_with man manpages)
+ $(multilib_native_use_with sudo)
+ $(multilib_native_with autofs)
+ $(multilib_native_with ssh)
+ $(use_enable valgrind)
+ --without-python2-bindings
+ $(multilib_native_use_with python python3-bindings)
+ )
+
+ # Annoyingly configure requires that you pick systemd XOR sysv
+ if use systemd; then
+ myconf+=(
+ --with-initscript="systemd"
+ --with-systemdunitdir=$(systemd_get_systemunitdir)
+ )
+ else
+ myconf+=(--with-initscript="sysv")
+ fi
+
+ if ! multilib_is_native_abi; then
+ # work-around all the libraries that are used for CLI and server
+ myconf+=(
+ {POPT,TALLOC,TDB,TEVENT,LDB}_{CFLAGS,LIBS}=' '
+ # ldb headers are fine since native needs it
+ # ldb lib fails... but it does not seem to bother
+ {DHASH,COLLECTION,INI_CONFIG_V{0,1,1_1,1_3}}_{CFLAGS,LIBS}=' '
+ {PCRE,CARES,SYSTEMD_LOGIN,SASL,GLIB2,DBUS,CRYPTO,P11_KIT}_{CFLAGS,LIBS}=' '
+ {NDR_NBT,SMBCLIENT,NDR_KRB5PAC}_{CFLAGS,LIBS}=' '
+
+ # use native include path for dbus (needed for build)
+ DBUS_CFLAGS="${native_dbus_cflags}"
+
+ # non-pkgconfig checks
+ ac_cv_lib_ldap_ldap_search=yes
+ --without-secrets
+ --without-kcm
+ )
+ fi
+
+ econf "${myconf[@]}"
+}
+
+multilib_src_compile() {
+ if multilib_is_native_abi; then
+ default
+ use doc && emake docs
+ if use man || use nls; then
+ emake update-po
+ fi
+ else
+ emake libnss_sss.la pam_sss.la
+ use locator && emake sssd_krb5_locator_plugin.la
+ use pac && emake sssd_pac_plugin.la
+ fi
+}
+
+multilib_src_install() {
+ if multilib_is_native_abi; then
+ emake -j1 DESTDIR="${D}" "${_at_args[@]}" install
+ if use python; then
+ python_optimize
+ python_fix_shebang "${ED}"
+ fi
+
+ else
+ # easier than playing with automake...
+ dopammod .libs/pam_sss.so
+
+ into /
+ dolib.so .libs/libnss_sss.so*
+
+ if use locator; then
+ exeinto /usr/$(get_libdir)/krb5/plugins/libkrb5
+ doexe .libs/sssd_krb5_locator_plugin.so
+ fi
+
+ if use pac; then
+ exeinto /usr/$(get_libdir)/krb5/plugins/authdata
+ doexe .libs/sssd_pac_plugin.so
+ fi
+ fi
+}
+
+multilib_src_install_all() {
+ einstalldocs
+ find "${ED}" -type f -name '*.la' -delete || die
+
+ insinto /etc/sssd
+ insopts -m600
+ doins "${S}"/src/examples/sssd-example.conf
+
+ insinto /etc/logrotate.d
+ insopts -m644
+ newins "${S}"/src/examples/logrotate sssd
+
+ newconfd "${FILESDIR}"/sssd.conf sssd
+
+ keepdir /var/lib/sss/db
+ keepdir /var/lib/sss/deskprofile
+ keepdir /var/lib/sss/gpo_cache
+ keepdir /var/lib/sss/keytabs
+ keepdir /var/lib/sss/mc
+ keepdir /var/lib/sss/pipes/private
+ keepdir /var/lib/sss/pubconf/krb5.include.d
+ keepdir /var/lib/sss/secrets
+ keepdir /var/log/sssd
+
+ # strip empty dirs
+ if ! use doc ; then
+ rm -r "${ED}"/usr/share/doc/"${PF}"/doc || die
+ rm -r "${ED}"/usr/share/doc/"${PF}"/{hbac,idmap,nss_idmap,sss_simpleifp}_doc || die
+ fi
+
+ rm -r "${ED}"/run || die
+}
+
+multilib_src_test() {
+ multilib_is_native_abi && emake check
+}
+
+pkg_postinst() {
+ elog "You must set up sssd.conf (default installed into /etc/sssd)"
+ elog "and (optionally) configuration in /etc/pam.d in order to use SSSD"
+ elog "features. Please see howto in https://sssd.io/docs/design_pages/smartcard_authentication_require.html"
+}
diff --git a/sys-auth/sssd/sssd-2.5.2-r2.ebuild b/sys-auth/sssd/sssd-2.5.2-r2.ebuild
deleted file mode 100644
index 8a2687f20563..000000000000
--- a/sys-auth/sssd/sssd-2.5.2-r2.ebuild
+++ /dev/null
@@ -1,303 +0,0 @@
-# Copyright 1999-2021 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-PYTHON_COMPAT=( python3_{8..10} )
-
-inherit autotools linux-info multilib-minimal python-single-r1 pam systemd toolchain-funcs optfeature
-
-DESCRIPTION="System Security Services Daemon provides access to identity and authentication"
-HOMEPAGE="https://github.com/SSSD/sssd"
-SRC_URI="https://github.com/SSSD/sssd/releases/download/${PV}/${P}.tar.gz"
-SRC_URI+=" https://dev.gentoo.org/~sam/distfiles/${CATEGORY}/${PN}/${P}-CVE-2021-3621.patch.bz2"
-
-LICENSE="GPL-3"
-SLOT="0"
-KEYWORDS="amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc x86"
-IUSE="acl doc +locator +netlink nfsv4 nls +man pac python samba selinux sudo systemd systemtap test valgrind"
-RESTRICT="!test? ( test )"
-
-REQUIRED_USE="${PYTHON_REQUIRED_USE}
- pac? ( samba )
- test? ( sudo )
- valgrind? ( test )"
-
-BDEPEND=">=sys-devel/autoconf-2.69-r5
- virtual/pkgconfig
- ${PYTHON_DEPS}
- doc? ( app-doc/doxygen )
- test? (
- dev-libs/check
- dev-libs/softhsm:2
- dev-util/cmocka
- net-libs/gnutls[pkcs11,tools]
- sys-libs/libfaketime
- sys-libs/nss_wrapper
- sys-libs/pam_wrapper
- sys-libs/uid_wrapper
- valgrind? ( dev-util/valgrind )
- )
- man? (
- app-text/docbook-xml-dtd:4.4
- >=dev-libs/libxslt-1.1.26
- nls? ( app-text/po4a )
- )"
-
-DEPEND=">=app-crypt/mit-krb5-1.19.1[${MULTILIB_USEDEP}]
- app-crypt/p11-kit
- >=dev-libs/ding-libs-0.2
- dev-libs/glib:2
- >=dev-libs/cyrus-sasl-2.1.25-r3[kerberos]
- >=dev-libs/libpcre-8.30:=
- >=dev-libs/popt-1.16
- >=dev-libs/openssl-1.0.2:0=
- >=net-dns/bind-tools-9.9[gssapi]
- >=net-dns/c-ares-1.7.4
- >=net-nds/openldap-2.4.30[sasl]
- >=sys-apps/dbus-1.6
- >=sys-apps/keyutils-1.5:=
- >=sys-libs/pam-0-r1[${MULTILIB_USEDEP}]
- >=sys-libs/talloc-2.0.7
- >=sys-libs/tdb-1.2.9
- >=sys-libs/tevent-0.9.16
- >=sys-libs/ldb-1.1.17-r1:=
- virtual/libintl
- locator? (
- >=net-dns/c-ares-1.10.0-r1[${MULTILIB_USEDEP}]
- )
- acl? ( net-fs/cifs-utils[acl] )
- netlink? ( dev-libs/libnl:3 )
- nfsv4? ( || ( >=net-fs/nfs-utils-2.3.1-r2 net-libs/libnfsidmap ) )
- nls? ( >=sys-devel/gettext-0.18 )
- pac? (
- net-fs/samba
- )
- python? ( ${PYTHON_DEPS} )
- samba? ( >=net-fs/samba-4.10.2[winbind] )
- selinux? (
- >=sys-libs/libselinux-2.1.9
- >=sys-libs/libsemanage-2.1
- )
- systemd? (
- dev-libs/jansson:0=
- net-libs/http-parser:0=
- net-misc/curl:0=
- )
- systemtap? ( dev-util/systemtap )"
-RDEPEND="${DEPEND}
- >=sys-libs/glibc-2.17[nscd]
- selinux? ( >=sec-policy/selinux-sssd-2.20120725-r9 )"
-
-CONFIG_CHECK="~KEYS"
-
-MULTILIB_WRAPPED_HEADERS=(
- /usr/include/ipa_hbac.h
- /usr/include/sss_idmap.h
- /usr/include/sss_nss_idmap.h
- # --with-ifp
- /usr/include/sss_sifp.h
- /usr/include/sss_sifp_dbus.h
- # from 1.15.3
- /usr/include/sss_certmap.h
-)
-
-PATCHES=(
- "${WORKDIR}"/${P}-CVE-2021-3621.patch
-)
-
-pkg_setup() {
- linux-info_pkg_setup
- python-single-r1_pkg_setup
-}
-
-src_prepare() {
- default
-
- sed -i \
- -e 's:/var/run:/run:' \
- "${S}"/src/examples/logrotate \
- || die
-
- # disable flaky test, see https://github.com/SSSD/sssd/issues/5631
- sed -i \
- -e '/^\s*pam-srv-tests[ \\]*$/d' \
- "${S}"/Makefile.am \
- || die
-
- eautoreconf
-
- multilib_copy_sources
-}
-
-src_configure() {
- local native_dbus_cflags=$($(tc-getPKG_CONFIG) --cflags dbus-1)
-
- multilib-minimal_src_configure
-}
-
-multilib_src_configure() {
- local myconf=()
-
- myconf+=(
- --localstatedir="${EPREFIX}"/var
- --runstatedir="${EPREFIX}"/run
- --with-pid-path="${EPREFIX}"/run
- --with-plugin-path="${EPREFIX}"/usr/$(get_libdir)/sssd
- --enable-pammoddir="${EPREFIX}"/$(getpam_mod_dir)
- --with-ldb-lib-dir="${EPREFIX}"/usr/$(get_libdir)/samba/ldb
- --with-db-path="${EPREFIX}"/var/lib/sss/db
- --with-gpo-cache-path="${EPREFIX}"/var/lib/sss/gpo_cache
- --with-pubconf-path="${EPREFIX}"/var/lib/sss/pubconf
- --with-pipe-path="${EPREFIX}"/var/lib/sss/pipes
- --with-mcache-path="${EPREFIX}"/var/lib/sss/mc
- --with-secrets-db-path="${EPREFIX}"/var/lib/sss/secrets
- --with-log-path="${EPREFIX}"/var/log/sssd
- --with-os=gentoo
- --with-nscd="${EPREFIX}"/usr/sbin/nscd
- --with-unicode-lib="glib2"
- --disable-rpath
- --disable-static
- --sbindir=/usr/sbin
- --enable-local-provider
- $(multilib_native_use_with systemd kcm)
- $(multilib_native_use_with systemd secrets)
- $(use_with samba)
- --with-smb-idmap-interface-version=6
- $(multilib_native_use_enable acl cifs-idmap-plugin)
- $(multilib_native_use_with selinux)
- $(multilib_native_use_with selinux semanage)
- $(use_enable locator krb5-locator-plugin)
- $(use_enable pac pac-responder)
- $(multilib_native_use_with nfsv4 nfsv4-idmapd-plugin)
- $(use_enable nls)
- $(multilib_native_use_with netlink libnl)
- $(multilib_native_use_with man manpages)
- $(multilib_native_use_with sudo)
- $(multilib_native_with autofs)
- $(multilib_native_with ssh)
- $(use_enable systemtap)
- $(use_enable valgrind)
- --without-python2-bindings
- $(multilib_native_use_with python python3-bindings)
- )
-
- # Annoyingly configure requires that you pick systemd XOR sysv
- if use systemd; then
- myconf+=(
- --with-initscript="systemd"
- --with-systemdunitdir=$(systemd_get_systemunitdir)
- )
- else
- myconf+=(--with-initscript="sysv")
- fi
-
- if ! multilib_is_native_abi; then
- # work-around all the libraries that are used for CLI and server
- myconf+=(
- {POPT,TALLOC,TDB,TEVENT,LDB}_{CFLAGS,LIBS}=' '
- # ldb headers are fine since native needs it
- # ldb lib fails... but it does not seem to bother
- {DHASH,COLLECTION,INI_CONFIG_V{0,1,1_1,1_3}}_{CFLAGS,LIBS}=' '
- {PCRE,CARES,SYSTEMD_LOGIN,SASL,GLIB2,DBUS,CRYPTO,P11_KIT}_{CFLAGS,LIBS}=' '
- {NDR_NBT,SMBCLIENT,NDR_KRB5PAC}_{CFLAGS,LIBS}=' '
-
- # use native include path for dbus (needed for build)
- DBUS_CFLAGS="${native_dbus_cflags}"
-
- # non-pkgconfig checks
- ac_cv_lib_ldap_ldap_search=yes
- --without-secrets
- --without-kcm
- )
- fi
-
- econf "${myconf[@]}"
-}
-
-multilib_src_compile() {
- if multilib_is_native_abi; then
- default
- use doc && emake docs
- if use man || use nls; then
- emake update-po
- fi
- else
- emake libnss_sss.la pam_sss.la
- use locator && emake sssd_krb5_locator_plugin.la
- use pac && emake sssd_pac_plugin.la
- fi
-}
-
-multilib_src_test() {
- if multilib_is_native_abi; then
- local -x CK_TIMEOUT_MULTIPLIER=10
- emake check VERBOSE=yes
- fi
-}
-
-multilib_src_install() {
- if multilib_is_native_abi; then
- emake -j1 DESTDIR="${D}" "${_at_args[@]}" install
- if use python; then
- python_optimize
- python_fix_shebang "${ED}"
- fi
- else
- # easier than playing with automake...
- dopammod .libs/pam_sss.so
-
- into /
- dolib.so .libs/libnss_sss.so*
-
- if use locator; then
- exeinto /usr/$(get_libdir)/krb5/plugins/libkrb5
- doexe .libs/sssd_krb5_locator_plugin.so
- fi
-
- if use pac; then
- exeinto /usr/$(get_libdir)/krb5/plugins/authdata
- doexe .libs/sssd_pac_plugin.so
- fi
- fi
-}
-
-multilib_src_install_all() {
- einstalldocs
- find "${ED}" -type f -name '*.la' -delete || die
-
- insinto /etc/sssd
- insopts -m600
- doins "${S}"/src/examples/sssd-example.conf
-
- insinto /etc/logrotate.d
- insopts -m644
- newins "${S}"/src/examples/logrotate sssd
-
- newconfd "${FILESDIR}"/sssd.conf sssd
-
- keepdir /var/lib/sss/db
- keepdir /var/lib/sss/deskprofile
- keepdir /var/lib/sss/gpo_cache
- keepdir /var/lib/sss/keytabs
- keepdir /var/lib/sss/mc
- keepdir /var/lib/sss/pipes/private
- keepdir /var/lib/sss/pubconf/krb5.include.d
- keepdir /var/lib/sss/secrets
- keepdir /var/log/sssd
-
- # strip empty dirs
- if ! use doc; then
- rm -r "${ED}"/usr/share/doc/"${PF}"/doc || die
- rm -r "${ED}"/usr/share/doc/"${PF}"/{hbac,idmap,nss_idmap,sss_simpleifp}_doc || die
- fi
-
- rm -r "${ED}"/run || die
-}
-
-pkg_postinst() {
- elog "You must set up sssd.conf (default installed into /etc/sssd)"
- elog "and (optionally) configuration in /etc/pam.d in order to use SSSD"
- elog "features. Please see howto in https://sssd.io/docs/design_pages/smartcard_authentication_require.html"
- optfeature "Kerberos keytab renew (see krb5_renew_interval)" app-crypt/adcli
-}
diff --git a/sys-auth/sssd/sssd-2.5.2-r3.ebuild b/sys-auth/sssd/sssd-2.5.2-r3.ebuild
new file mode 100644
index 000000000000..ae761b254289
--- /dev/null
+++ b/sys-auth/sssd/sssd-2.5.2-r3.ebuild
@@ -0,0 +1,303 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+PYTHON_COMPAT=( python3_{8..10} )
+
+inherit autotools linux-info multilib-minimal python-single-r1 pam systemd toolchain-funcs optfeature
+
+DESCRIPTION="System Security Services Daemon provides access to identity and authentication"
+HOMEPAGE="https://github.com/SSSD/sssd"
+SRC_URI="https://github.com/SSSD/sssd/releases/download/${PV}/${P}.tar.gz"
+SRC_URI+=" https://dev.gentoo.org/~sam/distfiles/${CATEGORY}/${PN}/${P}-CVE-2021-3621.patch.bz2"
+
+LICENSE="GPL-3"
+SLOT="0"
+KEYWORDS="amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc x86"
+IUSE="acl doc +locator +netlink nfsv4 nls +man pac python samba selinux sudo systemd systemtap test valgrind"
+RESTRICT="!test? ( test )"
+
+REQUIRED_USE="${PYTHON_REQUIRED_USE}
+ pac? ( samba )
+ test? ( sudo )
+ valgrind? ( test )"
+
+BDEPEND=">=sys-devel/autoconf-2.69-r5
+ virtual/pkgconfig
+ ${PYTHON_DEPS}
+ doc? ( app-doc/doxygen )
+ test? (
+ dev-libs/check
+ dev-libs/softhsm:2
+ dev-util/cmocka
+ net-libs/gnutls[pkcs11,tools]
+ sys-libs/libfaketime
+ sys-libs/nss_wrapper
+ sys-libs/pam_wrapper
+ sys-libs/uid_wrapper
+ valgrind? ( dev-util/valgrind )
+ )
+ man? (
+ app-text/docbook-xml-dtd:4.4
+ >=dev-libs/libxslt-1.1.26
+ nls? ( app-text/po4a )
+ )"
+
+DEPEND=">=app-crypt/mit-krb5-1.19.1[${MULTILIB_USEDEP}]
+ app-crypt/p11-kit
+ >=dev-libs/ding-libs-0.2
+ dev-libs/glib:2
+ >=dev-libs/cyrus-sasl-2.1.25-r3[kerberos]
+ >=dev-libs/libpcre-8.30:=
+ >=dev-libs/popt-1.16
+ >=dev-libs/openssl-1.0.2:0=
+ >=net-dns/bind-tools-9.9[gssapi]
+ >=net-dns/c-ares-1.7.4:=
+ >=net-nds/openldap-2.4.30:=[sasl]
+ >=sys-apps/dbus-1.6
+ >=sys-apps/keyutils-1.5:=
+ >=sys-libs/pam-0-r1[${MULTILIB_USEDEP}]
+ >=sys-libs/talloc-2.0.7
+ >=sys-libs/tdb-1.2.9
+ >=sys-libs/tevent-0.9.16
+ >=sys-libs/ldb-1.1.17-r1:=
+ virtual/libintl
+ locator? (
+ >=net-dns/c-ares-1.10.0-r1:=[${MULTILIB_USEDEP}]
+ )
+ acl? ( net-fs/cifs-utils[acl] )
+ netlink? ( dev-libs/libnl:3 )
+ nfsv4? ( || ( >=net-fs/nfs-utils-2.3.1-r2 net-libs/libnfsidmap ) )
+ nls? ( >=sys-devel/gettext-0.18 )
+ pac? (
+ net-fs/samba
+ )
+ python? ( ${PYTHON_DEPS} )
+ samba? ( >=net-fs/samba-4.10.2[winbind] )
+ selinux? (
+ >=sys-libs/libselinux-2.1.9
+ >=sys-libs/libsemanage-2.1
+ )
+ systemd? (
+ dev-libs/jansson:0=
+ net-libs/http-parser:0=
+ net-misc/curl:0=
+ )
+ systemtap? ( dev-util/systemtap )"
+RDEPEND="${DEPEND}
+ >=sys-libs/glibc-2.17[nscd]
+ selinux? ( >=sec-policy/selinux-sssd-2.20120725-r9 )"
+
+CONFIG_CHECK="~KEYS"
+
+MULTILIB_WRAPPED_HEADERS=(
+ /usr/include/ipa_hbac.h
+ /usr/include/sss_idmap.h
+ /usr/include/sss_nss_idmap.h
+ # --with-ifp
+ /usr/include/sss_sifp.h
+ /usr/include/sss_sifp_dbus.h
+ # from 1.15.3
+ /usr/include/sss_certmap.h
+)
+
+PATCHES=(
+ "${WORKDIR}"/${P}-CVE-2021-3621.patch
+)
+
+pkg_setup() {
+ linux-info_pkg_setup
+ python-single-r1_pkg_setup
+}
+
+src_prepare() {
+ default
+
+ sed -i \
+ -e 's:/var/run:/run:' \
+ "${S}"/src/examples/logrotate \
+ || die
+
+ # disable flaky test, see https://github.com/SSSD/sssd/issues/5631
+ sed -i \
+ -e '/^\s*pam-srv-tests[ \\]*$/d' \
+ "${S}"/Makefile.am \
+ || die
+
+ eautoreconf
+
+ multilib_copy_sources
+}
+
+src_configure() {
+ local native_dbus_cflags=$($(tc-getPKG_CONFIG) --cflags dbus-1)
+
+ multilib-minimal_src_configure
+}
+
+multilib_src_configure() {
+ local myconf=()
+
+ myconf+=(
+ --localstatedir="${EPREFIX}"/var
+ --runstatedir="${EPREFIX}"/run
+ --with-pid-path="${EPREFIX}"/run
+ --with-plugin-path="${EPREFIX}"/usr/$(get_libdir)/sssd
+ --enable-pammoddir="${EPREFIX}"/$(getpam_mod_dir)
+ --with-ldb-lib-dir="${EPREFIX}"/usr/$(get_libdir)/samba/ldb
+ --with-db-path="${EPREFIX}"/var/lib/sss/db
+ --with-gpo-cache-path="${EPREFIX}"/var/lib/sss/gpo_cache
+ --with-pubconf-path="${EPREFIX}"/var/lib/sss/pubconf
+ --with-pipe-path="${EPREFIX}"/var/lib/sss/pipes
+ --with-mcache-path="${EPREFIX}"/var/lib/sss/mc
+ --with-secrets-db-path="${EPREFIX}"/var/lib/sss/secrets
+ --with-log-path="${EPREFIX}"/var/log/sssd
+ --with-os=gentoo
+ --with-nscd="${EPREFIX}"/usr/sbin/nscd
+ --with-unicode-lib="glib2"
+ --disable-rpath
+ --disable-static
+ --sbindir=/usr/sbin
+ --enable-local-provider
+ $(multilib_native_use_with systemd kcm)
+ $(multilib_native_use_with systemd secrets)
+ $(use_with samba)
+ --with-smb-idmap-interface-version=6
+ $(multilib_native_use_enable acl cifs-idmap-plugin)
+ $(multilib_native_use_with selinux)
+ $(multilib_native_use_with selinux semanage)
+ $(use_enable locator krb5-locator-plugin)
+ $(use_enable pac pac-responder)
+ $(multilib_native_use_with nfsv4 nfsv4-idmapd-plugin)
+ $(use_enable nls)
+ $(multilib_native_use_with netlink libnl)
+ $(multilib_native_use_with man manpages)
+ $(multilib_native_use_with sudo)
+ $(multilib_native_with autofs)
+ $(multilib_native_with ssh)
+ $(use_enable systemtap)
+ $(use_enable valgrind)
+ --without-python2-bindings
+ $(multilib_native_use_with python python3-bindings)
+ )
+
+ # Annoyingly configure requires that you pick systemd XOR sysv
+ if use systemd; then
+ myconf+=(
+ --with-initscript="systemd"
+ --with-systemdunitdir=$(systemd_get_systemunitdir)
+ )
+ else
+ myconf+=(--with-initscript="sysv")
+ fi
+
+ if ! multilib_is_native_abi; then
+ # work-around all the libraries that are used for CLI and server
+ myconf+=(
+ {POPT,TALLOC,TDB,TEVENT,LDB}_{CFLAGS,LIBS}=' '
+ # ldb headers are fine since native needs it
+ # ldb lib fails... but it does not seem to bother
+ {DHASH,COLLECTION,INI_CONFIG_V{0,1,1_1,1_3}}_{CFLAGS,LIBS}=' '
+ {PCRE,CARES,SYSTEMD_LOGIN,SASL,GLIB2,DBUS,CRYPTO,P11_KIT}_{CFLAGS,LIBS}=' '
+ {NDR_NBT,SMBCLIENT,NDR_KRB5PAC}_{CFLAGS,LIBS}=' '
+
+ # use native include path for dbus (needed for build)
+ DBUS_CFLAGS="${native_dbus_cflags}"
+
+ # non-pkgconfig checks
+ ac_cv_lib_ldap_ldap_search=yes
+ --without-secrets
+ --without-kcm
+ )
+ fi
+
+ econf "${myconf[@]}"
+}
+
+multilib_src_compile() {
+ if multilib_is_native_abi; then
+ default
+ use doc && emake docs
+ if use man || use nls; then
+ emake update-po
+ fi
+ else
+ emake libnss_sss.la pam_sss.la
+ use locator && emake sssd_krb5_locator_plugin.la
+ use pac && emake sssd_pac_plugin.la
+ fi
+}
+
+multilib_src_test() {
+ if multilib_is_native_abi; then
+ local -x CK_TIMEOUT_MULTIPLIER=10
+ emake check VERBOSE=yes
+ fi
+}
+
+multilib_src_install() {
+ if multilib_is_native_abi; then
+ emake -j1 DESTDIR="${D}" "${_at_args[@]}" install
+ if use python; then
+ python_optimize
+ python_fix_shebang "${ED}"
+ fi
+ else
+ # easier than playing with automake...
+ dopammod .libs/pam_sss.so
+
+ into /
+ dolib.so .libs/libnss_sss.so*
+
+ if use locator; then
+ exeinto /usr/$(get_libdir)/krb5/plugins/libkrb5
+ doexe .libs/sssd_krb5_locator_plugin.so
+ fi
+
+ if use pac; then
+ exeinto /usr/$(get_libdir)/krb5/plugins/authdata
+ doexe .libs/sssd_pac_plugin.so
+ fi
+ fi
+}
+
+multilib_src_install_all() {
+ einstalldocs
+ find "${ED}" -type f -name '*.la' -delete || die
+
+ insinto /etc/sssd
+ insopts -m600
+ doins "${S}"/src/examples/sssd-example.conf
+
+ insinto /etc/logrotate.d
+ insopts -m644
+ newins "${S}"/src/examples/logrotate sssd
+
+ newconfd "${FILESDIR}"/sssd.conf sssd
+
+ keepdir /var/lib/sss/db
+ keepdir /var/lib/sss/deskprofile
+ keepdir /var/lib/sss/gpo_cache
+ keepdir /var/lib/sss/keytabs
+ keepdir /var/lib/sss/mc
+ keepdir /var/lib/sss/pipes/private
+ keepdir /var/lib/sss/pubconf/krb5.include.d
+ keepdir /var/lib/sss/secrets
+ keepdir /var/log/sssd
+
+ # strip empty dirs
+ if ! use doc; then
+ rm -r "${ED}"/usr/share/doc/"${PF}"/doc || die
+ rm -r "${ED}"/usr/share/doc/"${PF}"/{hbac,idmap,nss_idmap,sss_simpleifp}_doc || die
+ fi
+
+ rm -r "${ED}"/run || die
+}
+
+pkg_postinst() {
+ elog "You must set up sssd.conf (default installed into /etc/sssd)"
+ elog "and (optionally) configuration in /etc/pam.d in order to use SSSD"
+ elog "features. Please see howto in https://sssd.io/docs/design_pages/smartcard_authentication_require.html"
+ optfeature "Kerberos keytab renew (see krb5_renew_interval)" app-crypt/adcli
+}
diff --git a/sys-auth/sssd/sssd-2.6.0-r1.ebuild b/sys-auth/sssd/sssd-2.6.0-r1.ebuild
deleted file mode 100644
index 6b13c0aa927a..000000000000
--- a/sys-auth/sssd/sssd-2.6.0-r1.ebuild
+++ /dev/null
@@ -1,291 +0,0 @@
-# Copyright 1999-2021 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-PYTHON_COMPAT=( python3_{8..10} )
-
-inherit autotools linux-info multilib-minimal optfeature python-single-r1 pam systemd toolchain-funcs
-
-DESCRIPTION="System Security Services Daemon provides access to identity and authentication"
-HOMEPAGE="https://github.com/SSSD/sssd"
-SRC_URI="https://github.com/SSSD/sssd/releases/download/${PV}/${P}.tar.gz"
-
-LICENSE="GPL-3"
-SLOT="0"
-KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86"
-IUSE="acl doc +locator +netlink nfsv4 nls +man pac python samba selinux sudo systemd systemtap test valgrind"
-REQUIRED_USE="
- pac? ( samba )
- python? ( ${PYTHON_REQUIRED_USE} )
- test? ( sudo )
- valgrind? ( test )"
-RESTRICT="!test? ( test )"
-
-DEPEND="
- >=app-crypt/mit-krb5-1.19.1[${MULTILIB_USEDEP}]
- app-crypt/p11-kit
- >=dev-libs/ding-libs-0.2
- >=dev-libs/cyrus-sasl-2.1.25-r3[kerberos]
- dev-libs/libpcre2:=
- >=dev-libs/popt-1.16
- >=dev-libs/openssl-1.0.2:=
- dev-libs/libunistring:=
- >=net-dns/bind-tools-9.9[gssapi]
- >=net-dns/c-ares-1.7.4:=
- >=net-nds/openldap-2.4.30[sasl]
- >=sys-apps/dbus-1.6
- >=sys-apps/keyutils-1.5:=
- >=sys-libs/pam-0-r1[${MULTILIB_USEDEP}]
- >=sys-libs/talloc-2.0.7
- >=sys-libs/tdb-1.2.9
- >=sys-libs/tevent-0.9.16
- >=sys-libs/ldb-1.1.17-r1:=
- virtual/libintl
- acl? ( net-fs/cifs-utils[acl] )
- locator? ( >=net-dns/c-ares-1.10.0-r1[${MULTILIB_USEDEP}] )
- netlink? ( dev-libs/libnl:3 )
- nfsv4? (
- || (
- >=net-fs/nfs-utils-2.3.1-r2
- net-libs/libnfsidmap
- )
- )
- pac? ( net-fs/samba )
- python? ( ${PYTHON_DEPS} )
- samba? ( >=net-fs/samba-4.10.2[winbind] )
- selinux? (
- >=sys-libs/libselinux-2.1.9
- >=sys-libs/libsemanage-2.1
- )
- systemd? (
- sys-apps/systemd:=
- sys-apps/util-linux
- )
- systemtap? ( dev-util/systemtap )"
-RDEPEND="${DEPEND}
- >=sys-libs/glibc-2.17[nscd]
- selinux? ( >=sec-policy/selinux-sssd-2.20120725-r9 )"
-BDEPEND="
- virtual/pkgconfig
- ${PYTHON_DEPS}
- doc? ( app-doc/doxygen )
- nls? ( sys-devel/gettext )
- test? (
- dev-libs/check
- dev-libs/softhsm:2
- dev-util/cmocka
- net-libs/gnutls[pkcs11,tools]
- sys-libs/libfaketime
- sys-libs/nss_wrapper
- sys-libs/pam_wrapper
- sys-libs/uid_wrapper
- valgrind? ( dev-util/valgrind )
- )
- man? (
- app-text/docbook-xml-dtd:4.4
- >=dev-libs/libxslt-1.1.26
- nls? ( app-text/po4a )
- )"
-
-CONFIG_CHECK="~KEYS"
-
-PATCHES=( "${FILESDIR}"/${PN}-2.6.0-conditional-python-install.patch )
-
-MULTILIB_WRAPPED_HEADERS=(
- /usr/include/ipa_hbac.h
- /usr/include/sss_idmap.h
- /usr/include/sss_nss_idmap.h
- # --with-ifp
- /usr/include/sss_sifp.h
- /usr/include/sss_sifp_dbus.h
- # from 1.15.3
- /usr/include/sss_certmap.h
-)
-
-pkg_setup() {
- linux-info_pkg_setup
- python-single-r1_pkg_setup
-}
-
-src_prepare() {
- default
-
- sed -i \
- -e 's:/var/run:/run:' \
- src/examples/logrotate \
- || die
-
- # disable flaky test, see https://github.com/SSSD/sssd/issues/5631
- sed -i \
- -e '/^\s*pam-srv-tests[ \\]*$/d' \
- Makefile.am \
- || die
-
- eautoreconf
-
- multilib_copy_sources
-}
-
-src_configure() {
- local native_dbus_cflags=$($(tc-getPKG_CONFIG) --cflags dbus-1 || die)
-
- multilib-minimal_src_configure
-}
-
-multilib_src_configure() {
- local myconf=()
-
- myconf+=(
- --localstatedir="${EPREFIX}"/var
- --runstatedir="${EPREFIX}"/run
- --with-pid-path="${EPREFIX}"/run
- --with-plugin-path="${EPREFIX}"/usr/$(get_libdir)/sssd
- --enable-pammoddir="${EPREFIX}"/$(getpam_mod_dir)
- --with-ldb-lib-dir="${EPREFIX}"/usr/$(get_libdir)/samba/ldb
- --with-db-path="${EPREFIX}"/var/lib/sss/db
- --with-gpo-cache-path="${EPREFIX}"/var/lib/sss/gpo_cache
- --with-pubconf-path="${EPREFIX}"/var/lib/sss/pubconf
- --with-pipe-path="${EPREFIX}"/var/lib/sss/pipes
- --with-mcache-path="${EPREFIX}"/var/lib/sss/mc
- --with-secrets-db-path="${EPREFIX}"/var/lib/sss/secrets
- --with-log-path="${EPREFIX}"/var/log/sssd
- --with-os=gentoo
- --disable-rpath
- --disable-static
- --sbindir="${EPREFIX}"/usr/sbin
- $(multilib_native_use_with systemd kcm)
- $(use_with samba)
- --with-smb-idmap-interface-version=6
- $(multilib_native_use_enable acl cifs-idmap-plugin)
- $(multilib_native_use_with selinux)
- $(multilib_native_use_with selinux semanage)
- $(use_enable locator krb5-locator-plugin)
- $(use_enable pac pac-responder)
- $(multilib_native_use_with nfsv4 nfsv4-idmapd-plugin)
- $(use_enable nls)
- $(multilib_native_use_with netlink libnl)
- $(multilib_native_use_with man manpages)
- $(multilib_native_use_with sudo)
- $(multilib_native_with autofs)
- $(multilib_native_with ssh)
- $(use_enable systemtap)
- $(use_enable valgrind)
- --without-python2-bindings
- $(multilib_native_use_with python python3-bindings)
- # Annoyingly configure requires that you pick systemd XOR sysv
- --with-initscript=$(usex systemd systemd sysv)
- )
-
- use systemd && myconf+=(
- --with-systemdunitdir=$(systemd_get_systemunitdir)
- )
-
- if ! multilib_is_native_abi; then
- # work-around all the libraries that are used for CLI and server
- myconf+=(
- {POPT,TALLOC,TDB,TEVENT,LDB}_{CFLAGS,LIBS}=' '
- # ldb headers are fine since native needs it
- # ldb lib fails... but it does not seem to bother
- {DHASH,COLLECTION,INI_CONFIG_V{0,1,1_1,1_3}}_{CFLAGS,LIBS}=' '
- {PCRE,CARES,SYSTEMD_LOGIN,SASL,GLIB2,DBUS,CRYPTO,P11_KIT}_{CFLAGS,LIBS}=' '
- {NDR_NBT,SMBCLIENT,NDR_KRB5PAC}_{CFLAGS,LIBS}=' '
-
- # use native include path for dbus (needed for build)
- DBUS_CFLAGS="${native_dbus_cflags}"
-
- # non-pkgconfig checks
- ac_cv_lib_ldap_ldap_search=yes
- --without-kcm
- )
- fi
-
- econf "${myconf[@]}"
-}
-
-multilib_src_compile() {
- if multilib_is_native_abi; then
- default
- use doc && emake docs
- if use man || use nls; then
- emake update-po
- fi
- else
- emake libnss_sss.la pam_sss.la
- use locator && emake sssd_krb5_locator_plugin.la
- use pac && emake sssd_pac_plugin.la
- fi
-}
-
-multilib_src_test() {
- if multilib_is_native_abi; then
- local -x CK_TIMEOUT_MULTIPLIER=10
- emake check VERBOSE=yes
- fi
-}
-
-multilib_src_install() {
- if multilib_is_native_abi; then
- emake -j1 DESTDIR="${D}" install
- if use python; then
- python_fix_shebang "${ED}"
- python_optimize
- fi
- else
- # easier than playing with automake...
- dopammod .libs/pam_sss.so
-
- into /
- dolib.so .libs/libnss_sss.so*
-
- if use locator; then
- exeinto /usr/$(get_libdir)/krb5/plugins/libkrb5
- doexe .libs/sssd_krb5_locator_plugin.so
- fi
-
- if use pac; then
- exeinto /usr/$(get_libdir)/krb5/plugins/authdata
- doexe .libs/sssd_pac_plugin.so
- fi
- fi
-}
-
-multilib_src_install_all() {
- einstalldocs
-
- insinto /etc/sssd
- insopts -m600
- doins src/examples/sssd-example.conf
-
- insinto /etc/logrotate.d
- insopts -m644
- newins src/examples/logrotate sssd
-
- newconfd "${FILESDIR}"/sssd.conf sssd
-
- keepdir /var/lib/sss/db
- keepdir /var/lib/sss/deskprofile
- keepdir /var/lib/sss/gpo_cache
- keepdir /var/lib/sss/keytabs
- keepdir /var/lib/sss/mc
- keepdir /var/lib/sss/pipes/private
- keepdir /var/lib/sss/pubconf/krb5.include.d
- keepdir /var/lib/sss/secrets
- keepdir /var/log/sssd
-
- # strip empty dirs
- if ! use doc; then
- rm -r "${ED}"/usr/share/doc/"${PF}"/doc || die
- rm -r "${ED}"/usr/share/doc/"${PF}"/{hbac,idmap,nss_idmap,sss_simpleifp}_doc || die
- fi
-
- rm -r "${ED}"/run || die
- find "${ED}" -type f -name '*.la' -delete || die
-}
-
-pkg_postinst() {
- elog "You must set up sssd.conf (default installed into /etc/sssd)"
- elog "and (optionally) configuration in /etc/pam.d in order to use SSSD"
- elog "features. Please see howto in https://sssd.io/docs/design_pages/smartcard_authentication_require.html"
- optfeature "Kerberos keytab renew (see krb5_renew_interval)" app-crypt/adcli
-}
diff --git a/sys-auth/sssd/sssd-2.6.0-r2.ebuild b/sys-auth/sssd/sssd-2.6.0-r2.ebuild
new file mode 100644
index 000000000000..b659742f8808
--- /dev/null
+++ b/sys-auth/sssd/sssd-2.6.0-r2.ebuild
@@ -0,0 +1,291 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+PYTHON_COMPAT=( python3_{8..10} )
+
+inherit autotools linux-info multilib-minimal optfeature python-single-r1 pam systemd toolchain-funcs
+
+DESCRIPTION="System Security Services Daemon provides access to identity and authentication"
+HOMEPAGE="https://github.com/SSSD/sssd"
+SRC_URI="https://github.com/SSSD/sssd/releases/download/${PV}/${P}.tar.gz"
+
+LICENSE="GPL-3"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86"
+IUSE="acl doc +locator +netlink nfsv4 nls +man pac python samba selinux sudo systemd systemtap test valgrind"
+REQUIRED_USE="
+ pac? ( samba )
+ python? ( ${PYTHON_REQUIRED_USE} )
+ test? ( sudo )
+ valgrind? ( test )"
+RESTRICT="!test? ( test )"
+
+DEPEND="
+ >=app-crypt/mit-krb5-1.19.1[${MULTILIB_USEDEP}]
+ app-crypt/p11-kit
+ >=dev-libs/ding-libs-0.2
+ >=dev-libs/cyrus-sasl-2.1.25-r3[kerberos]
+ dev-libs/libpcre2:=
+ >=dev-libs/popt-1.16
+ >=dev-libs/openssl-1.0.2:=
+ dev-libs/libunistring:=
+ >=net-dns/bind-tools-9.9[gssapi]
+ >=net-dns/c-ares-1.7.4:=
+ >=net-nds/openldap-2.4.30:=[sasl]
+ >=sys-apps/dbus-1.6
+ >=sys-apps/keyutils-1.5:=
+ >=sys-libs/pam-0-r1[${MULTILIB_USEDEP}]
+ >=sys-libs/talloc-2.0.7
+ >=sys-libs/tdb-1.2.9
+ >=sys-libs/tevent-0.9.16
+ >=sys-libs/ldb-1.1.17-r1:=
+ virtual/libintl
+ acl? ( net-fs/cifs-utils[acl] )
+ locator? ( >=net-dns/c-ares-1.10.0-r1:=[${MULTILIB_USEDEP}] )
+ netlink? ( dev-libs/libnl:3 )
+ nfsv4? (
+ || (
+ >=net-fs/nfs-utils-2.3.1-r2
+ net-libs/libnfsidmap
+ )
+ )
+ pac? ( net-fs/samba )
+ python? ( ${PYTHON_DEPS} )
+ samba? ( >=net-fs/samba-4.10.2[winbind] )
+ selinux? (
+ >=sys-libs/libselinux-2.1.9
+ >=sys-libs/libsemanage-2.1
+ )
+ systemd? (
+ sys-apps/systemd:=
+ sys-apps/util-linux
+ )
+ systemtap? ( dev-util/systemtap )"
+RDEPEND="${DEPEND}
+ >=sys-libs/glibc-2.17[nscd]
+ selinux? ( >=sec-policy/selinux-sssd-2.20120725-r9 )"
+BDEPEND="
+ virtual/pkgconfig
+ ${PYTHON_DEPS}
+ doc? ( app-doc/doxygen )
+ nls? ( sys-devel/gettext )
+ test? (
+ dev-libs/check
+ dev-libs/softhsm:2
+ dev-util/cmocka
+ net-libs/gnutls[pkcs11,tools]
+ sys-libs/libfaketime
+ sys-libs/nss_wrapper
+ sys-libs/pam_wrapper
+ sys-libs/uid_wrapper
+ valgrind? ( dev-util/valgrind )
+ )
+ man? (
+ app-text/docbook-xml-dtd:4.4
+ >=dev-libs/libxslt-1.1.26
+ nls? ( app-text/po4a )
+ )"
+
+CONFIG_CHECK="~KEYS"
+
+PATCHES=( "${FILESDIR}"/${PN}-2.6.0-conditional-python-install.patch )
+
+MULTILIB_WRAPPED_HEADERS=(
+ /usr/include/ipa_hbac.h
+ /usr/include/sss_idmap.h
+ /usr/include/sss_nss_idmap.h
+ # --with-ifp
+ /usr/include/sss_sifp.h
+ /usr/include/sss_sifp_dbus.h
+ # from 1.15.3
+ /usr/include/sss_certmap.h
+)
+
+pkg_setup() {
+ linux-info_pkg_setup
+ python-single-r1_pkg_setup
+}
+
+src_prepare() {
+ default
+
+ sed -i \
+ -e 's:/var/run:/run:' \
+ src/examples/logrotate \
+ || die
+
+ # disable flaky test, see https://github.com/SSSD/sssd/issues/5631
+ sed -i \
+ -e '/^\s*pam-srv-tests[ \\]*$/d' \
+ Makefile.am \
+ || die
+
+ eautoreconf
+
+ multilib_copy_sources
+}
+
+src_configure() {
+ local native_dbus_cflags=$($(tc-getPKG_CONFIG) --cflags dbus-1 || die)
+
+ multilib-minimal_src_configure
+}
+
+multilib_src_configure() {
+ local myconf=()
+
+ myconf+=(
+ --localstatedir="${EPREFIX}"/var
+ --runstatedir="${EPREFIX}"/run
+ --with-pid-path="${EPREFIX}"/run
+ --with-plugin-path="${EPREFIX}"/usr/$(get_libdir)/sssd
+ --enable-pammoddir="${EPREFIX}"/$(getpam_mod_dir)
+ --with-ldb-lib-dir="${EPREFIX}"/usr/$(get_libdir)/samba/ldb
+ --with-db-path="${EPREFIX}"/var/lib/sss/db
+ --with-gpo-cache-path="${EPREFIX}"/var/lib/sss/gpo_cache
+ --with-pubconf-path="${EPREFIX}"/var/lib/sss/pubconf
+ --with-pipe-path="${EPREFIX}"/var/lib/sss/pipes
+ --with-mcache-path="${EPREFIX}"/var/lib/sss/mc
+ --with-secrets-db-path="${EPREFIX}"/var/lib/sss/secrets
+ --with-log-path="${EPREFIX}"/var/log/sssd
+ --with-os=gentoo
+ --disable-rpath
+ --disable-static
+ --sbindir="${EPREFIX}"/usr/sbin
+ $(multilib_native_use_with systemd kcm)
+ $(use_with samba)
+ --with-smb-idmap-interface-version=6
+ $(multilib_native_use_enable acl cifs-idmap-plugin)
+ $(multilib_native_use_with selinux)
+ $(multilib_native_use_with selinux semanage)
+ $(use_enable locator krb5-locator-plugin)
+ $(use_enable pac pac-responder)
+ $(multilib_native_use_with nfsv4 nfsv4-idmapd-plugin)
+ $(use_enable nls)
+ $(multilib_native_use_with netlink libnl)
+ $(multilib_native_use_with man manpages)
+ $(multilib_native_use_with sudo)
+ $(multilib_native_with autofs)
+ $(multilib_native_with ssh)
+ $(use_enable systemtap)
+ $(use_enable valgrind)
+ --without-python2-bindings
+ $(multilib_native_use_with python python3-bindings)
+ # Annoyingly configure requires that you pick systemd XOR sysv
+ --with-initscript=$(usex systemd systemd sysv)
+ )
+
+ use systemd && myconf+=(
+ --with-systemdunitdir=$(systemd_get_systemunitdir)
+ )
+
+ if ! multilib_is_native_abi; then
+ # work-around all the libraries that are used for CLI and server
+ myconf+=(
+ {POPT,TALLOC,TDB,TEVENT,LDB}_{CFLAGS,LIBS}=' '
+ # ldb headers are fine since native needs it
+ # ldb lib fails... but it does not seem to bother
+ {DHASH,COLLECTION,INI_CONFIG_V{0,1,1_1,1_3}}_{CFLAGS,LIBS}=' '
+ {PCRE,CARES,SYSTEMD_LOGIN,SASL,GLIB2,DBUS,CRYPTO,P11_KIT}_{CFLAGS,LIBS}=' '
+ {NDR_NBT,SMBCLIENT,NDR_KRB5PAC}_{CFLAGS,LIBS}=' '
+
+ # use native include path for dbus (needed for build)
+ DBUS_CFLAGS="${native_dbus_cflags}"
+
+ # non-pkgconfig checks
+ ac_cv_lib_ldap_ldap_search=yes
+ --without-kcm
+ )
+ fi
+
+ econf "${myconf[@]}"
+}
+
+multilib_src_compile() {
+ if multilib_is_native_abi; then
+ default
+ use doc && emake docs
+ if use man || use nls; then
+ emake update-po
+ fi
+ else
+ emake libnss_sss.la pam_sss.la
+ use locator && emake sssd_krb5_locator_plugin.la
+ use pac && emake sssd_pac_plugin.la
+ fi
+}
+
+multilib_src_test() {
+ if multilib_is_native_abi; then
+ local -x CK_TIMEOUT_MULTIPLIER=10
+ emake check VERBOSE=yes
+ fi
+}
+
+multilib_src_install() {
+ if multilib_is_native_abi; then
+ emake -j1 DESTDIR="${D}" install
+ if use python; then
+ python_fix_shebang "${ED}"
+ python_optimize
+ fi
+ else
+ # easier than playing with automake...
+ dopammod .libs/pam_sss.so
+
+ into /
+ dolib.so .libs/libnss_sss.so*
+
+ if use locator; then
+ exeinto /usr/$(get_libdir)/krb5/plugins/libkrb5
+ doexe .libs/sssd_krb5_locator_plugin.so
+ fi
+
+ if use pac; then
+ exeinto /usr/$(get_libdir)/krb5/plugins/authdata
+ doexe .libs/sssd_pac_plugin.so
+ fi
+ fi
+}
+
+multilib_src_install_all() {
+ einstalldocs
+
+ insinto /etc/sssd
+ insopts -m600
+ doins src/examples/sssd-example.conf
+
+ insinto /etc/logrotate.d
+ insopts -m644
+ newins src/examples/logrotate sssd
+
+ newconfd "${FILESDIR}"/sssd.conf sssd
+
+ keepdir /var/lib/sss/db
+ keepdir /var/lib/sss/deskprofile
+ keepdir /var/lib/sss/gpo_cache
+ keepdir /var/lib/sss/keytabs
+ keepdir /var/lib/sss/mc
+ keepdir /var/lib/sss/pipes/private
+ keepdir /var/lib/sss/pubconf/krb5.include.d
+ keepdir /var/lib/sss/secrets
+ keepdir /var/log/sssd
+
+ # strip empty dirs
+ if ! use doc; then
+ rm -r "${ED}"/usr/share/doc/"${PF}"/doc || die
+ rm -r "${ED}"/usr/share/doc/"${PF}"/{hbac,idmap,nss_idmap,sss_simpleifp}_doc || die
+ fi
+
+ rm -r "${ED}"/run || die
+ find "${ED}" -type f -name '*.la' -delete || die
+}
+
+pkg_postinst() {
+ elog "You must set up sssd.conf (default installed into /etc/sssd)"
+ elog "and (optionally) configuration in /etc/pam.d in order to use SSSD"
+ elog "features. Please see howto in https://sssd.io/docs/design_pages/smartcard_authentication_require.html"
+ optfeature "Kerberos keytab renew (see krb5_renew_interval)" app-crypt/adcli
+}
--
cgit v1.2.3