-
Notifications
You must be signed in to change notification settings - Fork 252
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
use systemd-sysusers in RPMs #6807
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -54,6 +54,7 @@ Summary: System Security Services Daemon | |
License: GPLv3+ | ||
URL: https://github.com/SSSD/sssd/ | ||
Source0: %{url}/archive/%{version}/%{name}-%{version}.tar.gz | ||
Source1: sssd.sysusers | ||
|
||
### Patches ### | ||
# Place your patches here: | ||
|
@@ -188,7 +189,8 @@ Requires: (sssd-nfs-idmap = %{version}-%{release} if libnfsidmap) | |
Requires: libsss_idmap = %{version}-%{release} | ||
Requires: libsss_certmap = %{version}-%{release} | ||
%if 0%{?rhel} | ||
Requires(pre): shadow-utils | ||
BuildRequires: systemd-rpm-macros | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Why is it BuildRequires (and not Requires)? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This, and several of your other concerns, are explained in https://docs.fedoraproject.org/en-US/packaging-guidelines/UsersAndGroups/#_allocation_strategies There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Guide says "add a BuildRequires" but doesn't actually explain. |
||
%{?sysusers_requires_compat} | ||
%endif | ||
%{?systemd_requires} | ||
|
||
|
@@ -701,6 +703,8 @@ do | |
cat $subpackage.lang | ||
done | ||
|
||
install -D -p -m 0644 %{SOURCE1} %{buildroot}%{_sysusersdir}/sssd.conf | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Is this name - 'sssd.conf' - mandated anywhere? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I checked There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Per
|
||
|
||
%files | ||
%license COPYING | ||
|
||
|
@@ -804,6 +808,10 @@ done | |
%{_datadir}/systemtap/tapset/sssd.stp | ||
%{_datadir}/systemtap/tapset/sssd_functions.stp | ||
%{_mandir}/man5/sssd-systemtap.5* | ||
%if 0%{?rhel} >= 9 || 0%{?fedora} | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Either I misunderstand something, or this condition is inconsistent:
Frankly I wouldn't touch RHEL8 and RHEL9 and only bring this to F40+/RHEL10 |
||
%{_sysusersdir}/sssd.conf | ||
%endif | ||
|
||
|
||
%if 0%{?rhel} | ||
%files polkit-rules | ||
|
@@ -1003,8 +1011,7 @@ done | |
|
||
%if 0%{?rhel} | ||
%pre common | ||
getent group sssd >/dev/null || groupadd -r sssd | ||
getent passwd sssd >/dev/null || useradd -r -g sssd -d / -s /sbin/nologin -c "User for sssd" sssd | ||
%sysusers_create_compat %{SOURCE1} | ||
%endif | ||
|
||
%post common | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
u sssd - "User for sssd" / /sbin/nologin | ||
jonathanspw marked this conversation as resolved.
Show resolved
Hide resolved
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. At the beginning of the spec-file we have:
Would it be possible to avoid copy-paste of 'sssd' user name? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is this file has to be maintained in downstream dist-git like spec-file?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, similar to https://src.fedoraproject.org/rpms/munge/c/dd0498ebb79605ee6a18100db30b07fddfaf31e4?branch=rawhide