rpms/sssd/devel .cvsignore, 1.9, 1.10 sources, 1.10, 1.11 sssd.conf.default, 1.4, 1.5 sssd.spec, 1.18, 1.19

Mon Sep 28 08:51:25 UTC 2009

Author: sbose

Update of /cvs/pkgs/rpms/sssd/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv15048

Modified Files:
	.cvsignore sources sssd.conf.default sssd.spec 
Log Message:
New upstream release 0.6.0



Index: .cvsignore
===================================================================
RCS file: /cvs/pkgs/rpms/sssd/devel/.cvsignore,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -p -r1.9 -r1.10

--- .cvsignore	24 Aug 2009 18:56:24 -0000	1.9
+++ .cvsignore	28 Sep 2009 08:51:23 -0000	1.10
@@ -1 +1 @@
-sssd-0.5.0.tar.gz
+sssd-0.6.0.tar.gz


Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/sssd/devel/sources,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -p -r1.10 -r1.11
--- sources	24 Aug 2009 18:56:24 -0000	1.10
+++ sources	28 Sep 2009 08:51:24 -0000	1.11
@@ -1 +1 @@
-7566dcac75e7248ca99b4dd0bb49c1ee  sssd-0.5.0.tar.gz
+2a2e118d9f29dda15dd4b8202b9cac62  sssd-0.6.0.tar.gz


Index: sssd.conf.default
===================================================================
RCS file: /cvs/pkgs/rpms/sssd/devel/sssd.conf.default,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -p -r1.4 -r1.5
--- sssd.conf.default	11 Jun 2009 14:13:16 -0000	1.4
+++ sssd.conf.default	28 Sep 2009 08:51:24 -0000	1.5
@@ -1,90 +1,57 @@
-[services]
-description = Local Service Configuration
-activeServices = nss, dp, pam
+[sssd]
+config_file_version = 2
+# Number of times services should attempt to reconnect in the
+# event of a crash or restart before they give up
+reconnection_retries = 3
+# if a backend is particularly slow you can raise this timeout here
+sbus_timeout = 30
+services = nss, dp, pam
+; domains = LOCAL,LDAP
+# SSSD will not start if you don't configure any domain.
+# Add new domains condifgurations as [domain/<NAME>] sections.
+# Then add the list of domains (in the order you want them to be
+# queried in the 'domains" attribute above and uncomment it
 
-[services/nss]
-description = NSS Responder Configuration
+
+[nss]
 # the following prevents sssd for searching for the root user/group in
 # all domains (you can add here a comma separated list of system accounts are
 # always going to be /etc/passwd users, or that you want to filter out)
-filterGroups = root
-filterUsers = root
-
-[services/dp]
-description = Data Provider Configuration
-
-[services/pam]
-description = PAM Responder Configuration
+filter_groups = root
+filter_users = root
+reconnection_retries = 3
+
+# The EntryCacheTimeout indicates the number of seconds to retain before
+# an entry in cache is considered stale and must block to refresh.
+# The EntryCacheNoWaitRefreshTimeout indicates the number of seconds to
+# wait before updating the cache out-of-band. (NSS requests will still
+# be returned from cache until the full EntryCacheTimeout). Setting this
+# value to 0 turns this feature off (default)
+; entry_cache_timeout = 600
+; entry_cache_nowait_timeout = 300
 
-[services/monitor]
-description = Service Monitor Configuration
-#if a backend is particularly slow you can raise this timeout here
-sbusTimeout = 30
+[pam]
+reconnection_retries = 3
 
-[domains]
-description = Domains served by SSSD
-; domains = LOCAL,LDAP
-
-# SSSD will not start if you don't configure any domain.
-# Add new domains condifgurations as [domains/<NAME>] sections.
-# Then add the list of domains (in the order you want them to be
-# queried in the 'domains" attribute above and uncomment it
-
-# Example LOCAL domain that proxies to /etc/passwd and /etc/group files
-# This configuration is meant mostly as a migration path to be able to store
-# additional information about users while still keeping /etc/passwd
-# authoritative.
-
-; [domains/LOCAL]
-; description = LOCAL migration domain
-; enumerate = 3
-; minId = 500
-; magicPrivateGroups = FALSE
-; legacy = TRUE
-;
-; provider = proxy
-; libName = files
-; libPath = libnss_files.so.2
-
-# optionally a file named sssdproxylocal can be place in pam.d configured to
-# check pam_unix only and pam_sss can be used in the normal pam stack
-; auth-module = proxy
-; pam-target = sssdproxylocal
+[dp]
+reconnection_retries = 3
 
 # Example LOCAL domain that stores all users natively in the SSSD internal
 # directory. These local users and groups are not visibile in /etc/passwd, it
 # now contains only root and system accounts.
-
-; [domains/LOCAL]
+; [domain/LOCAL]
 ; description = LOCAL Users domain
-; enumerate = 3
-; minId = 500
-; maxId = 999
-; legacy = FALSE
-; magicPrivateGroups = TRUE
-; provider = local
-
-# Example LDAP domain that uses the proxy backend and the standard nss_ldap
-# and pam_ldap modules (Useful until we have good working native ldap backends).
-# For this to work the /etc/ldap.conf file needs to be correctly configured just
-# like you would do when using nss_ldap in nsswitch.conf, but instead of setting
-# passwd: files ldap, set passwd: files, sss instead there.
-# Also consider using the following setting in /etc/ldap.conf to avoid needless
-# delays if the ldap server is offline:
-# timelimit 10
-# bind_timelimit 5
-# nss_reconnect_maxsleeptime 2
-# nss_reconnect_sleeptime 1
-
-; [domains/LDAP]
-; description = Proxy request to our LDAP server
-; enumerate = 0
-; minId = 1000
-; legacy = TRUE
-;
-; provider = proxy
-; libName = ldap
-; libPath = libnss_ldap.so.2
-;
-#if a backend is particularly slow you can raise this timeout here
-; timeout = 60
+; id_provider = local
+; enumerate = true
+; min_id = 500
+; max_id = 999
+
+# Example native LDAP domain
+; [domain/LDAP]
+; id_provider = ldap
+; auth_provider = ldap
+; ldap_uri = ldap://ldap.mydomain.org
+; ldap_user_search_base = dc=mydomain,dc=org
+; ldap_tls_reqcert = demand
+; cache_credentials = true
+; enumerate = true


Index: sssd.spec
===================================================================
RCS file: /cvs/pkgs/rpms/sssd/devel/sssd.spec,v
retrieving revision 1.18
retrieving revision 1.19
diff -u -p -r1.18 -r1.19
--- sssd.spec	24 Aug 2009 18:56:24 -0000	1.18
+++ sssd.spec	28 Sep 2009 08:51:24 -0000	1.19
@@ -1,5 +1,7 @@
+%{!?python_sitearch: %global python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")}
+
 Name: sssd
-Version: 0.5.0
+Version: 0.6.0
 Release: 0%{?dist}
 Group: Applications/System
 Summary: System Security Services Daemon
@@ -18,6 +20,8 @@ BuildRoot: %(mktemp -ud %{_tmppath}/%{na
 Requires: libldb >= 0.9.3
 Requires: libtdb >= 1.1.3
 
+Requires: sssd-client = 0.6.0
+Requires(post): python
 Requires(preun):  initscripts chkconfig
 Requires(postun): /sbin/service
 
@@ -32,7 +36,8 @@ BuildRequires: autoconf
 BuildRequires: automake
 BuildRequires: libtool
 BuildRequires: m4
-BuildRequires: popt-devel
+%{?fedora:BuildRequires: popt-devel}
+%{?rhel:BuildRequires: popt}
 BuildRequires: libtalloc-devel
 BuildRequires: libtevent-devel
 BuildRequires: libtdb-devel
@@ -49,6 +54,7 @@ BuildRequires: libxml2
 BuildRequires: docbook-style-xsl
 BuildRequires: krb5-devel
 BuildRequires: c-ares-devel
+BuildRequires: python-devel
 
 %description
 Provides a set of daemons to manage access to remote directories and
@@ -57,6 +63,14 @@ the system and a pluggable backend syste
 account sources. It is also the basis to provide client auditing and policy
 services for projects like FreeIPA.
 
+%package client
+Summary: SSSD Client libraries for NSS and PAM
+Group: Applications/System
+
+%description client
+Provides the libraries needed by the PAM and NSS stacks to connect to the SSSD
+service.
+
 %prep
 %setup -q
 
@@ -83,15 +97,22 @@ rm -f \
     $RPM_BUILD_ROOT/%{_libdir}/sssd/libsss_ldap.la \
     $RPM_BUILD_ROOT/%{_libdir}/sssd/libsss_proxy.la \
     $RPM_BUILD_ROOT/%{_libdir}/sssd/libsss_krb5.la \
-    $RPM_BUILD_ROOT/%{_libdir}/krb5/plugins/libkrb5/sssd_krb5_locator_plugin.la
+    $RPM_BUILD_ROOT/%{_libdir}/krb5/plugins/libkrb5/sssd_krb5_locator_plugin.la \
+    $RPM_BUILD_ROOT/%{python_sitearch}/pysss.la
 
 mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/sssd
 install -m600 %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.conf
 
+touch locator.filelist
+if test -e $RPM_BUILD_ROOT/%{_libdir}/krb5/plugins/libkrb5/sssd_krb5_locator_plugin.so
+then
+    echo %{_libdir}/krb5/plugins/libkrb5/sssd_krb5_locator_plugin.so > locator.filelist
+fi
+
 %clean
 rm -rf $RPM_BUILD_ROOT
 
-%files
+%files -f locator.filelist
 %defattr(-,root,root,-)
 %doc COPYING
 %attr(755,root,root) %{_initrddir}/%{name}
@@ -105,23 +126,40 @@ rm -rf $RPM_BUILD_ROOT
 %{_libexecdir}/%{servicename}/
 %{_libdir}/%{name}/
 %{_libdir}/ldb/memberof.so
-%{_libdir}/krb5/plugins/libkrb5/*
 %dir %{sssdstatedir}
 %attr(700,root,root) %dir %{dbpath}
 %attr(755,root,root) %dir %{pipepath}
 %attr(700,root,root) %dir %{pipepath}/private
+%attr(750,root,root) %dir %{_var}/log/%{name}
 %dir %{_sysconfdir}/sssd
 %config(noreplace) %{_sysconfdir}/sssd/sssd.conf
-/%{_lib}/libnss_sss.so.2
-/%{_lib}/security/pam_sss.so
-%{_mandir}/man5/*
-%{_mandir}/man8/*
+%{_mandir}/man5/sssd.conf.5*
+%{_mandir}/man5/sssd-krb5.5*
+%{_mandir}/man5/sssd-ldap.5*
+%{_mandir}/man8/sssd.8*
+%{_mandir}/man8/sss_groupadd.8*
+%{_mandir}/man8/sss_groupdel.8*
+%{_mandir}/man8/sss_groupmod.8*
+%{_mandir}/man8/sss_useradd.8*
+%{_mandir}/man8/sss_userdel.8*
+%{_mandir}/man8/sss_usermod.8*
+%{_mandir}/man8/sssd_krb5_locator_plugin.8*
 %{_datadir}/locale/*/LC_MESSAGES/sss_client.mo
 %{_datadir}/locale/*/LC_MESSAGES/sss_daemon.mo
+%{python_sitearch}/pysss.so
+
+%files client
+/%{_lib}/libnss_sss.so.2
+/%{_lib}/security/pam_sss.so
+%{_mandir}/man8/pam_sss.8*
 
 %post
 /sbin/ldconfig
 /sbin/chkconfig --add %{servicename}
+if [ $1 -ge 2 ] ; then
+# a one-time upgrade from confdb v1 to v2, only if upgrading
+    python %{_libexecdir}/%{servicename}/upgrade_config.py
+fi
 
 %preun
 if [ $1 = 0 ]; then
@@ -136,6 +174,9 @@ if [ $1 -ge 1 ] ; then
 fi
 
 %changelog
+* Mon Sep 28 2009 Sumit Bose <sbose at redhat.com> - 0.6.0-0
+- New upstream release 0.6.0
+
 * Mon Aug 24 2009 Simo Sorce <ssorce at redhat.com> - 0.5.0-0
 - New upstream release 0.5.0
 


