From 98b18e5f06bea1c37c4630bb29c64fcc4661a52c Mon Sep 17 00:00:00 2001 From: Alexey Tikhonov Date: Wed, 3 Apr 2024 18:22:23 +0200 Subject: [PATCH 1/3] SPEC: use sysusers as additional source This partially reverts 736430aa0ed0f9c9e36315ea97de65908c29f590 The reason is that 'sysusers_create_compat' macro is evaluated after the tar ball is extracted, after SSSD is built and after content of the BUILD and BUILDROOT directories is removed, so otherwise there is no extracted or built data available anymore. See https://github.com/SSSD/sssd/pull/7267#discussion_r1549282574 for details. --- .github/actions/build-sssd-srpm/action.yml | 1 + Makefile.am | 1 + contrib/sssd.spec.in | 5 +++-- 3 files changed, 5 insertions(+), 2 deletions(-) diff --git a/.github/actions/build-sssd-srpm/action.yml b/.github/actions/build-sssd-srpm/action.yml index e298b1168e4..7ef952c2a73 100644 --- a/.github/actions/build-sssd-srpm/action.yml +++ b/.github/actions/build-sssd-srpm/action.yml @@ -49,3 +49,4 @@ runs: with: tarball: ${{ inputs.working-directory }}/sssd-${{ steps.sanitize.outputs.version }}.tar.gz specfile: ${{ inputs.working-directory }}/sssd.spec + sourcefiles: ${{ inputs.working-directory }}/contrib/sssd.sysusers diff --git a/Makefile.am b/Makefile.am index 459241c4477..a4de5049aaa 100644 --- a/Makefile.am +++ b/Makefile.am @@ -5742,6 +5742,7 @@ if GIT_CHECKOUT endif cp $(builddir)/contrib/sssd.spec $(RPMBUILD)/SPECS cp $(distdir).tar.gz $(RPMBUILD)/SOURCES + cp $(srcdir)/contrib/sssd.sysusers $(RPMBUILD)/SOURCES rpms: rpmbrprep cd $(RPMBUILD); \ diff --git a/contrib/sssd.spec.in b/contrib/sssd.spec.in index 70c459333d2..9ed05ad0c3f 100644 --- a/contrib/sssd.spec.in +++ b/contrib/sssd.spec.in @@ -65,6 +65,7 @@ Summary: System Security Services Daemon License: GPLv3+ URL: https://github.com/SSSD/sssd/ Source0: %{url}/archive/%{version}/%{name}-%{version}.tar.gz +Source1: sssd.sysusers ### Patches ### # Place your patches here: @@ -733,7 +734,7 @@ do done %if %{use_sysusers} -install -D -p -m 0644 contrib/sssd.sysusers %{buildroot}%{_sysusersdir}/sssd.conf +install -D -p -m 0644 %{SOURCE1} %{buildroot}%{_sysusersdir}/sssd.conf %endif %files @@ -1047,7 +1048,7 @@ install -D -p -m 0644 contrib/sssd.sysusers %{buildroot}%{_sysusersdir}/sssd.con %if %{use_sssd_user} %pre common %if %{use_sysusers} -%sysusers_create_compat contrib/sssd.sysusers +%sysusers_create_compat %{SOURCE1} %else getent group sssd >/dev/null || groupadd -r sssd getent passwd sssd >/dev/null || useradd -r -g sssd -d / -s /sbin/nologin -c "User for sssd" sssd From 77ae679af0d2f4a9053a89096e57a944e9e3fdd6 Mon Sep 17 00:00:00 2001 From: Alexey Tikhonov Date: Tue, 2 Apr 2024 12:57:22 +0200 Subject: [PATCH 2/3] SPEC: enabled 'sysusers' for f-41+ --- contrib/sssd.spec.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/contrib/sssd.spec.in b/contrib/sssd.spec.in index 9ed05ad0c3f..60c649e63a7 100644 --- a/contrib/sssd.spec.in +++ b/contrib/sssd.spec.in @@ -10,7 +10,7 @@ %endif # sysusers depends on presence of sssd user -%if 0%{?rhel} >= 10 +%if 0%{?fedora} >= 41 || 0%{?rhel} >= 10 %global use_sysusers 1 %else %global use_sysusers 0 From 6a317c5f5f9deb6208ccf860f33b13b14b48c26d Mon Sep 17 00:00:00 2001 From: Alexey Tikhonov Date: Mon, 8 Apr 2024 14:24:18 +0200 Subject: [PATCH 3/3] SPEC: define a home dir for 'sssd' user Set '/run/sssd/' as 'sssd' user home dir. This is required to accomodate for needs of some Samba libraries that create cache while fetching GPO files. --- contrib/sssd.spec.in | 1 - contrib/sssd.sysusers | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/contrib/sssd.spec.in b/contrib/sssd.spec.in index 60c649e63a7..0466fe0961c 100644 --- a/contrib/sssd.spec.in +++ b/contrib/sssd.spec.in @@ -585,7 +585,6 @@ autoreconf -ivf %if %{build_ssh_known_hosts_proxy} --with-ssh-known-hosts-proxy \ %endif - %{nil} %make_build all docs runstatedir=%{_rundir} diff --git a/contrib/sssd.sysusers b/contrib/sssd.sysusers index cbc453d7aac..ee8a05d6ade 100644 --- a/contrib/sssd.sysusers +++ b/contrib/sssd.sysusers @@ -1 +1 @@ -u sssd - "User for sssd" / /sbin/nologin +u sssd - "User for sssd" /run/sssd/ /sbin/nologin