diff --git a/security/sssd2/Makefile b/security/sssd2/Makefile index 1e3d0c6d0a7d..447f13ef244f 100644 --- a/security/sssd2/Makefile +++ b/security/sssd2/Makefile @@ -1,148 +1,150 @@ PORTNAME= sssd PORTVERSION= 2.12.0 PORTREVISION= 2 CATEGORIES= security PKGNAMESUFFIX= 2 MAINTAINER= arrowd@FreeBSD.org COMMENT= System Security Services Daemon WWW= https://sssd.io/ LICENSE= GPLv3+ LICENSE_FILE= ${WRKSRC}/COPYING BUILD_DEPENDS= ${PY_SETUPTOOLS} \ bash:shells/bash \ docbook-xsl>=1:textproc/docbook-xsl \ p11-kit:security/p11-kit \ nsupdate:dns/bind-tools \ xmlcatalog:textproc/libxml2 \ xmlcatmgr:textproc/xmlcatmgr \ xsltproc:textproc/libxslt LIB_DEPENDS= libcares.so:dns/c-ares \ libcurl.so:ftp/curl \ libdbus-1.so:devel/dbus \ libdhash.so:devel/ding-libs \ libfido2.so:security/libfido2 \ libinotify.so:devel/libinotify \ libjansson.so:devel/jansson \ libjose.so:net/jose \ libldb.so:${SAMBA_LDB_PORT:U${SAMBA_PORT}} \ libndr-krb5pac.so:${SAMBA_PORT} \ libndr-nbt.so:${SAMBA_PORT} \ libndr-standard.so:${SAMBA_PORT} \ libndr.so:${SAMBA_PORT} \ libp11-kit.so:security/p11-kit \ libpcre2-8.so:devel/pcre2 \ libpopt.so:devel/popt \ libsamba-util.so:${SAMBA_PORT} \ libsasl2.so:security/cyrus-sasl2 \ libsmbclient.so:${SAMBA_PORT} \ libtalloc.so:${SAMBA_TALLOC_PORT} \ libtdb.so:${SAMBA_TDB_PORT} \ libtevent.so:${SAMBA_TEVENT_PORT} \ libunistring.so:devel/libunistring \ libuuid.so:misc/libuuid \ libutf8proc.so:textproc/utf8proc RUN_DEPENDS= adcli:net-mgmt/adcli \ realm:net-mgmt/realmd \ cyrus-sasl-gssapi>0:security/cyrus-sasl2-gssapi \ nsupdate:dns/bind-tools USES= autoreconf cpe gettext gmake gssapi:flags,mit iconv ldap \ libtool localbase:ldflags pathfix pkgconfig python samba:env \ shebangfix ssl USE_LDCONFIG= yes GNU_CONFIGURE= yes INSTALL_TARGET= install-strip TEST_TARGET= check CPE_VENDOR= fedoraproject CONFIGURE_ARGS= --disable-cifs-idmap-plugin \ --disable-linux-caps \ --without-selinux \ --without-autofs \ --enable-pammoddir=${PREFIX}/lib \ --with-db-path=/var/db/sss/db \ --with-pubconf-path=/var/db/sss/pubconf \ --with-pid-path=/var/run \ --with-pipe-path=/var/run/sss/pipes \ --with-mcache-path=/var/db/sss/mc \ --with-adcli-path=${LOCALBASE}/sbin/adcli \ --with-realm-path=${LOCALBASE}/sbin/realm \ --with-environment-file=${LOCALBASE}/etc/sssd \ --with-xml-catalog-path=${LOCALBASE}/share/xml/catalog \ --with-krb5-plugin-path=${LOCALBASE}/lib/krb5/plugins/libkrb5 \ --with-krb5authdata-plugin-path=${LOCALBASE}/lib/krb5/plugins/authdata \ --with-krb5-conf=/etc/krb5.conf \ --with-winbind-plugin-path=${SAMBA_IDMAP_MODULESDIR} \ --with-gpo-cache-path=/var/db/sss/gpo_cache \ --with-secrets-db-path=/var/lib/sss/secrets \ --with-passkey \ --without-nfsv4-idmapd-plugin \ --with-ldb-lib-dir=${SAMBA_LDB_MODULESDIR} \ --with-smb-idmap-interface-version=6 CONFIGURE_ENV= KRB5_CONFIG="${KRB5CONFIG}" \ SOFTHSM2_PATH=${LOCALBASE}/lib/softhsm/libsofthsm2.so LIBS= -lintl PLIST_SUB= PYTHON_VER=${PYTHON_VER} \ SAMBA_IDMAP_MODULESDIR=${SAMBA_IDMAP_MODULESDIR} \ SAMBA_LDB_MODULESDIR=${SAMBA_LDB_MODULESDIR} BINARY_ALIAS= python3=python${PYTHON_VER} SHEBANG_FILES= src/tools/analyzer/sss_analyze \ src/tools/sss_obfuscate \ src/config/SSSDConfigTest.py \ src/tests/*.py \ src/tests/double_semicolon_test \ src/tests/multihost/data/memcachesize.py \ src/tests/whitespace_test \ contrib/vagrant/bootstrap.sh USE_RC_SUBR= ${PORTNAME} USE_GITHUB= yes OPTIONS_DEFINE= NLS TEST OPTIONS_SUB= yes NLS_CONFIGURE_ENABLE= nls TEST_BUILD_DEPENDS= cwrap>0:devel/cwrap \ ${LOCALBASE}/lib/softhsm/libsofthsm2.so:security/softhsm2 TEST_LIB_DEPENDS= libcheck.so:devel/check \ libcmocka.so:sysutils/cmocka .include .if ${OPSYS} == FreeBSD && ${OSVERSION} >= 1500000 CPPFLAGS+= -DHAVE_TIMEZONE=1 .endif post-patch: @${REINPLACE_CMD} -e 's|/usr/bin/|${PREFIX}/bin/|g' \ -e 's|/var/lib/sss/pubconf/|/var/db/sss/pubconf/|g' \ ${WRKSRC}/src/man/po/*.po || true @${REINPLACE_CMD} -e 's|/etc/sssd/|${ETCDIR}/|g' \ -e 's|/etc/openldap/|${LOCALBASE}/etc/openldap/|g' \ ${WRKSRC}/src/man/*xml || true @${CP} ${FILESDIR}/bsdnss.c ${WRKSRC}/src/sss_client/bsdnss.c post-install: ${INSTALL_DATA} ${WRKSRC}/src/examples/sssd-example.conf \ ${STAGEDIR}${ETCDIR}/sssd.conf.sample + ${INSTALL_DATA} ${FILESDIR}/sssd-newsyslog.conf.sample \ + ${STAGEDIR}${LOCALBASE}/etc/newsyslog.conf.d/sssd.conf.sample ${LN} -sf libnss_sss.so.2 ${STAGEDIR}${PREFIX}/lib/nss_sss.so.1 # Skip whitespace tests, see # https://github.com/SSSD/sssd/commit/308bacbd22f2f5a483cb2cef098082b5f9625b8d pre-test: ${RM} -r ${WRKSRC}/.git .include diff --git a/security/sssd2/files/sssd-newsyslog.conf.sample b/security/sssd2/files/sssd-newsyslog.conf.sample new file mode 100644 index 000000000000..fa6b4991183d --- /dev/null +++ b/security/sssd2/files/sssd-newsyslog.conf.sample @@ -0,0 +1 @@ +/var/log/sssd/*.log 600 3 1000 * GJ /var/run/sssd.pid diff --git a/security/sssd2/files/sssd.in b/security/sssd2/files/sssd.in index d2e70aaef597..5f21b36d4976 100644 --- a/security/sssd2/files/sssd.in +++ b/security/sssd2/files/sssd.in @@ -1,40 +1,40 @@ #!/bin/sh # PROVIDE: sssd # REQUIRE: DAEMON # BEFORE: LOGIN # KEYWORD: shutdown # Add the following lines to /etc/rc.conf to enable `sssd': # # sssd_enable="YES" # # See sssd(8) for sssd_flags # . /etc/rc.subr name=sssd rcvar=sssd_enable # read configuration and set defaults load_rc_config "$name" : ${sssd_enable:=NO} : ${sssd_conf="%%PREFIX%%/etc/sssd/sssd.conf"} -: ${sssd_flags="-D"} +: ${sssd_flags="-D --logger=files"} command="%%PREFIX%%/sbin/$name" pidfile="/var/run/$name.pid" required_files="${sssd_conf}" start_precmd=sssd_prestart sssd_prestart() { for i in db/sss/db db/sss/gpo_cache db/sss/keytabs db/sss/mc db/sss/pubconf/krb5.include.d/ db/sss/secrets log/sssd run/sss/pipes/private; do if [ ! -d /var/${i} ]; then mkdir -p /var/${i}; fi done } run_rc_command "$1" diff --git a/security/sssd2/pkg-plist b/security/sssd2/pkg-plist index 242b53ca4a73..e227194a986e 100644 --- a/security/sssd2/pkg-plist +++ b/security/sssd2/pkg-plist @@ -1,197 +1,198 @@ bin/sss_ssh_authorizedkeys bin/sss_ssh_knownhosts bin/sss_ssh_knownhostsproxy etc/pam.d/sssd-shadowutils @comment etc/rc.d/init.d/sssd -%%ETCDIR%%/sssd.conf.sample +@sample %%ETCDIR%%/sssd.conf.sample +@sample etc/newsyslog.conf.d/sssd.conf.sample include/ipa_hbac.h include/sss_certmap.h include/sss_idmap.h include/sss_nss_idmap.h lib/krb5/plugins/authdata/sssd_pac_plugin.so lib/krb5/plugins/libkrb5/sssd_krb5_locator_plugin.so lib/libipa_hbac.so lib/libipa_hbac.so.0 lib/libipa_hbac.so.0.1.0 lib/libnss_sss.so.2 lib/libsss_certmap.so lib/libsss_certmap.so.0 lib/libsss_certmap.so.0.2.0 lib/libsss_idmap.so lib/libsss_idmap.so.0 lib/libsss_idmap.so.0.6.0 lib/libsss_nss_idmap.so lib/libsss_nss_idmap.so.0 lib/libsss_nss_idmap.so.0.6.1 lib/libsss_sudo.so lib/nss_sss.so.1 lib/pam_sss.so lib/pam_sss_gss.so %%PYTHON_SITELIBDIR%%/SSSDConfig-2.12.0-py%%PYTHON_VER%%.egg-info/PKG-INFO %%PYTHON_SITELIBDIR%%/SSSDConfig-2.12.0-py%%PYTHON_VER%%.egg-info/SOURCES.txt %%PYTHON_SITELIBDIR%%/SSSDConfig-2.12.0-py%%PYTHON_VER%%.egg-info/dependency_links.txt %%PYTHON_SITELIBDIR%%/SSSDConfig-2.12.0-py%%PYTHON_VER%%.egg-info/top_level.txt %%PYTHON_SITELIBDIR%%/SSSDConfig/__init__.py %%PYTHON_SITELIBDIR%%/SSSDConfig/__pycache__/__init__%%PYTHON_TAG%%.pyc %%PYTHON_SITELIBDIR%%/SSSDConfig/__pycache__/ipachangeconf%%PYTHON_TAG%%.pyc %%PYTHON_SITELIBDIR%%/SSSDConfig/__pycache__/sssdoptions%%PYTHON_TAG%%.pyc %%PYTHON_SITELIBDIR%%/SSSDConfig/ipachangeconf.py %%PYTHON_SITELIBDIR%%/SSSDConfig/sssdoptions.py %%PYTHON_SITELIBDIR%%/pyhbac.so %%PYTHON_SITELIBDIR%%/pysss.so %%PYTHON_SITELIBDIR%%/pysss_murmur.so %%PYTHON_SITELIBDIR%%/pysss_nss_idmap.so %%PYTHON_SITELIBDIR%%/sssd/__init__.py %%PYTHON_SITELIBDIR%%/sssd/modules/__init__.py %%PYTHON_SITELIBDIR%%/sssd/modules/error.py %%PYTHON_SITELIBDIR%%/sssd/modules/request.py %%PYTHON_SITELIBDIR%%/sssd/parser.py %%PYTHON_SITELIBDIR%%/sssd/source_files.py %%PYTHON_SITELIBDIR%%/sssd/source_journald.py %%PYTHON_SITELIBDIR%%/sssd/source_reader.py %%PYTHON_SITELIBDIR%%/sssd/sss_analyze.py %%PYTHON_SITELIBDIR%%/sssd/util.py %%SAMBA_IDMAP_MODULESDIR%%/sss.so %%SAMBA_LDB_MODULESDIR%%/memberof.so lib/sssd/conf/sssd.conf lib/sssd/libifp_iface.so lib/sssd/libifp_iface_sync.so lib/sssd/libsss_ad.so lib/sssd/libsss_cert.so lib/sssd/libsss_child.so lib/sssd/libsss_crypt.so lib/sssd/libsss_debug.so lib/sssd/libsss_idp.so lib/sssd/libsss_iface.so lib/sssd/libsss_iface_sync.so lib/sssd/libsss_ipa.so lib/sssd/libsss_krb5.so lib/sssd/libsss_krb5_common.so lib/sssd/libsss_ldap.so lib/sssd/libsss_ldap_common.so lib/sssd/libsss_proxy.so lib/sssd/libsss_sbus.so lib/sssd/libsss_sbus_sync.so lib/sssd/libsss_simple.so lib/sssd/libsss_util.so lib/sssd/modules/sssd_krb5_idp_plugin.so lib/sssd/modules/sssd_krb5_localauth_plugin.so lib/sssd/modules/sssd_krb5_passkey_plugin.so libdata/pkgconfig/ipa_hbac.pc libdata/pkgconfig/sss_certmap.pc libdata/pkgconfig/sss_idmap.pc libdata/pkgconfig/sss_nss_idmap.pc libexec/sssd/gpo_child libexec/sssd/krb5_child libexec/sssd/ldap_child libexec/sssd/oidc_child libexec/sssd/p11_child libexec/sssd/passkey_child libexec/sssd/proxy_child libexec/sssd/sss_analyze libexec/sssd/sss_signal libexec/sssd/sssd_be libexec/sssd/sssd_ifp libexec/sssd/sssd_kcm libexec/sssd/sssd_nss libexec/sssd/sssd_pac libexec/sssd/sssd_pam libexec/sssd/sssd_ssh libexec/sssd/sssd_sudo sbin/sss_cache sbin/sss_debuglevel sbin/sss_obfuscate sbin/sss_override sbin/sss_seed sbin/sssctl sbin/sssd share/dbus-1/system-services/org.freedesktop.sssd.infopipe.service share/dbus-1/system.d/org.freedesktop.sssd.infopipe.conf %%NLS%%share/locale/bg/LC_MESSAGES/sssd.mo %%NLS%%share/locale/ca/LC_MESSAGES/sssd.mo %%NLS%%share/locale/cs/LC_MESSAGES/sssd.mo %%NLS%%share/locale/de/LC_MESSAGES/sssd.mo %%NLS%%share/locale/es/LC_MESSAGES/sssd.mo %%NLS%%share/locale/eu/LC_MESSAGES/sssd.mo %%NLS%%share/locale/fi/LC_MESSAGES/sssd.mo %%NLS%%share/locale/fr/LC_MESSAGES/sssd.mo %%NLS%%share/locale/hu/LC_MESSAGES/sssd.mo %%NLS%%share/locale/id/LC_MESSAGES/sssd.mo %%NLS%%share/locale/it/LC_MESSAGES/sssd.mo %%NLS%%share/locale/ja/LC_MESSAGES/sssd.mo %%NLS%%share/locale/ka/LC_MESSAGES/sssd.mo %%NLS%%share/locale/ko/LC_MESSAGES/sssd.mo %%NLS%%share/locale/nb/LC_MESSAGES/sssd.mo %%NLS%%share/locale/nl/LC_MESSAGES/sssd.mo %%NLS%%share/locale/pl/LC_MESSAGES/sssd.mo %%NLS%%share/locale/pt/LC_MESSAGES/sssd.mo %%NLS%%share/locale/pt_BR/LC_MESSAGES/sssd.mo %%NLS%%share/locale/ru/LC_MESSAGES/sssd.mo %%NLS%%share/locale/sv/LC_MESSAGES/sssd.mo %%NLS%%share/locale/tg/LC_MESSAGES/sssd.mo %%NLS%%share/locale/tr/LC_MESSAGES/sssd.mo %%NLS%%share/locale/uk/LC_MESSAGES/sssd.mo %%NLS%%share/locale/zh_CN/LC_MESSAGES/sssd.mo %%NLS%%share/locale/zh_TW/LC_MESSAGES/sssd.mo share/man/man1/sss_ssh_authorizedkeys.1.gz share/man/man1/sss_ssh_knownhosts.1.gz share/man/man5/sss-certmap.5.gz share/man/man5/sssd-ad.5.gz share/man/man5/sssd-idp.5.gz share/man/man5/sssd-ifp.5.gz share/man/man5/sssd-ipa.5.gz share/man/man5/sssd-krb5.5.gz share/man/man5/sssd-ldap-attributes.5.gz share/man/man5/sssd-ldap.5.gz share/man/man5/sssd-session-recording.5.gz share/man/man5/sssd-simple.5.gz share/man/man5/sssd-sudo.5.gz share/man/man5/sssd.conf.5.gz share/man/man8/idmap_sss.8.gz share/man/man8/pam_sss.8.gz share/man/man8/pam_sss_gss.8.gz share/man/man8/sss_cache.8.gz share/man/man8/sss_debuglevel.8.gz share/man/man8/sss_obfuscate.8.gz share/man/man8/sss_override.8.gz share/man/man8/sss_seed.8.gz share/man/man8/sssctl.8.gz share/man/man8/sssd-kcm.8.gz share/man/man8/sssd.8.gz share/man/man8/sssd_krb5_localauth_plugin.8.gz share/man/man8/sssd_krb5_locator_plugin.8.gz share/sssd-kcm/kcm_default_ccache %%DATADIR%%/cfg_rules.ini %%DATADIR%%/krb5-snippets/enable_sssd_conf_dir %%DATADIR%%/krb5-snippets/sssd_enable_idp %%DATADIR%%/krb5-snippets/sssd_enable_passkey %%DATADIR%%/sssd.api.conf %%DATADIR%%/sssd.api.d/sssd-ad.conf %%DATADIR%%/sssd.api.d/sssd-ipa.conf %%DATADIR%%/sssd.api.d/sssd-krb5.conf %%DATADIR%%/sssd.api.d/sssd-ldap.conf %%DATADIR%%/sssd.api.d/sssd-proxy.conf %%DATADIR%%/sssd.api.d/sssd-simple.conf @dir %%ETCDIR%%/conf.d @dir %%ETCDIR%%/pki @dir lib/ldb @dir %%DOCSDIR%%/doc @dir %%DOCSDIR%%/hbac_doc @dir %%DOCSDIR%%/idmap_doc @dir %%DOCSDIR%%/nss_idmap_doc @dir /var/db/sss/db @dir /var/db/sss/deskprofile @dir /var/db/sss/gpo_cache @dir /var/db/sss/keytabs @dir /var/db/sss/mc @dir /var/db/sss/pubconf/krb5.include.d @dir /var/db/sss/pubconf @dir /var/db/sss @dir /var/lib/sss/secrets @dir /var/lib/sss @dir /var/lib @dir /var/log/sssd @dir /var/run/sss/pipes/private @dir /var/run/sss/pipes @dir /var/run/sss @dir /var/run/sssd