Skip to content

Commit

Permalink
use systemd-sysusers
Browse files Browse the repository at this point in the history
Signed-off-by: Jonathan <[email protected]>
  • Loading branch information
justin-stephenson committed Sep 14, 2023
1 parent e73efe1 commit 6f15b05
Show file tree
Hide file tree
Showing 3 changed files with 28 additions and 0 deletions.
1 change: 1 addition & 0 deletions .github/actions/build-sssd-srpm/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,7 @@ runs:
tar -cvzf "$name.tar.gz" --transform "s,^,$name/," *
cp contrib/sssd.spec.in ./sssd.spec
cp contrib/sssd.sysusers ./sssd.sysusers
sed -iE "s/@PACKAGE_NAME@/sssd/g" ./sssd.spec
sed -iE "s/@PACKAGE_VERSION@/${{ steps.sanitize.outputs.version }}/g" ./sssd.spec
Expand Down
26 changes: 26 additions & 0 deletions contrib/sssd.spec.in
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,12 @@
%global build_passkey 0
%endif

%if 0%{?rhel} >= 10
%global use_sysusers 1
%else
%global use_sysusers 0
%endif

# we don't want to provide private python extension libs
%define __provides_exclude_from %{python3_sitearch}/.*\.so$

Expand All @@ -54,6 +60,9 @@ Summary: System Security Services Daemon
License: GPLv3+
URL: https://github.com/SSSD/sssd/
Source0: %{url}/archive/%{version}/%{name}-%{version}.tar.gz
%if %{use_sysusers}
Source1: sssd.sysusers
%endif

### Patches ###
# Place your patches here:
Expand Down Expand Up @@ -189,8 +198,13 @@ Requires: (sssd-nfs-idmap = %{version}-%{release} if libnfsidmap)
Requires: libsss_idmap = %{version}-%{release}
Requires: libsss_certmap = %{version}-%{release}
%if 0%{?rhel}
%if %{use_sysusers}
BuildRequires: systemd-rpm-macros
%{?sysusers_requires_compat}
%else
Requires(pre): shadow-utils
%endif
%endif
%{?systemd_requires}

### Provides ###
Expand Down Expand Up @@ -702,6 +716,10 @@ do
cat $subpackage.lang
done

%if %{use_sysusers}
install -D -p -m 0644 %{SOURCE1} %{buildroot}%{_sysusersdir}/sssd.conf
%endif

%files
%license COPYING

Expand Down Expand Up @@ -805,6 +823,10 @@ done
%{_datadir}/systemtap/tapset/sssd.stp
%{_datadir}/systemtap/tapset/sssd_functions.stp
%{_mandir}/man5/sssd-systemtap.5*
%if %{use_sysusers}
%{_sysusersdir}/sssd.conf
%endif


%if 0%{?rhel}
%files polkit-rules
Expand Down Expand Up @@ -1004,9 +1026,13 @@ done

%if 0%{?rhel}
%pre common
%if %{use_sysusers}
%sysusers_create_compat %{SOURCE1}
%else
getent group sssd >/dev/null || groupadd -r sssd
getent passwd sssd >/dev/null || useradd -r -g sssd -d / -s /sbin/nologin -c "User for sssd" sssd
%endif
%endif

%post common
%systemd_post sssd.service
Expand Down
1 change: 1 addition & 0 deletions contrib/sssd.sysusers
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
u sssd - "User for sssd" / /sbin/nologin

0 comments on commit 6f15b05

Please sign in to comment.