[Pkg-sssd-devel] sssd: Changes to 'debian-unstable'
Timo Aaltonen
tjaalton-guest at alioth.debian.org
Thu Jun 13 12:09:49 UTC 2013
Rebased ref, commits from common ancestor:
commit ed442c6330654bd81d1d4cf64787bb6f66b1b076
Author: Timo Aaltonen <tjaalton at ubuntu.com>
Date: Thu Jun 13 15:09:27 2013 +0300
change-order-of-libs-in-linking.diff: Fix linking order.
diff --git a/debian/changelog b/debian/changelog
index 9a1b5cf..3580f71 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -59,6 +59,9 @@ sssd (1.10.0~beta2-1) UNRELEASED; urgency=low
* Set CK_DEFAULT_TIMEOUT to 30 so that slower buildds (armhf at least) can
run the tests without hitting the default 4s timeout.
+ [ Timo Aaltonen ]
+ * change-order-of-libs-in-linking.diff: Fix linking order.
+
-- Timo Aaltonen <tjaalton at ubuntu.com> Mon, 13 May 2013 10:42:46 +0300
sssd (1.8.4-2) unstable; urgency=low
diff --git a/debian/patches/change-order-of-libs-in-linking.diff b/debian/patches/change-order-of-libs-in-linking.diff
new file mode 100644
index 0000000..025fd2f
--- /dev/null
+++ b/debian/patches/change-order-of-libs-in-linking.diff
@@ -0,0 +1,26 @@
+commit fd98a28d6e94080e52bbedc789b06606a6019b10
+Author: Lukas Slebodnik <lslebodn at redhat.com>
+Date: Wed Jun 12 13:24:12 2013 +0200
+
+ Change order of libraries in linking process.
+
+ It seems that some linkers have problem with wrong order of libraries.
+ This commit only change order.
+
+diff --git a/Makefile.am b/Makefile.am
+index 93e3a6f..88e29ff 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -577,10 +577,10 @@ endif
+ libsss_util_la_LDFLAGS = -avoid-version
+
+ SSSD_INTERNAL_LTLIBS = \
++ libsss_util.la \
+ libsss_crypt.la \
+ libsss_debug.la \
+- libsss_child.la \
+- libsss_util.la
++ libsss_child.la
+
+ lib_LTLIBRARIES = libipa_hbac.la libsss_idmap.la libsss_nss_idmap.la
+ dist_pkgconfig_DATA += src/providers/ipa/ipa_hbac.pc
diff --git a/debian/patches/series b/debian/patches/series
index a82d1b4..3f10ae3 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1 +1 @@
-#placeholder
+change-order-of-libs-in-linking.diff
commit 4bc0582916bbaecf96f8506685a457b24d163599
Author: Timo Aaltonen <tjaalton at ubuntu.com>
Date: Thu Jun 13 15:08:36 2013 +0300
update the changelog entries due to packaging changes
diff --git a/debian/changelog b/debian/changelog
index 3ca9246..9a1b5cf 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -6,20 +6,21 @@ sssd (1.10.0~beta2-1) UNRELEASED; urgency=low
- Add libsss-idmap0, libsss-idmap-dev packages
- Add sssd Depends on libsss-idmap0
- Add /var/lib/sss/mc directory for the new mmap cache
+ * Split authentication providers to separate packages and make sssd
+ a metapackage.
* control: Drop libunistring-dev from build-depends and add libglib2.0-dev
for unicode support.
- * sssd.install, sssd-tools.install: Add sssd-ad.5*, sssd-sudo.5* to
- sssd.install, and sss_seed{,.8*) to sssd-tools.
+ * sssd-*.install: Install new manpages.
* python-sss.install: py-files got moved under SSSDConfig.
* control, rules: Use default build flags, bump dpkg-dev build-dep to
1.16.1~.
* rules: Install the apparmor profile with -m644.
* python-sss: Add pysss_murmur.so.
- * rules, control, sssd.install: PAC responder support.
+ * rules, control, sssd-common.install: PAC responder support.
- Add libndr-dev, libndr-standard-dev, libsamba-util-dev, samba4-dev,
libdcerpc-dev to build-depends
- Add -I/usr/include/samba-4.0 to CFLAGS
- * control: Mark sssd as Multi-Arch: foreign.
+ * control: Mark sssd-common as Multi-Arch: foreign.
* watch: Add a comment about the upstream git tree.
* Replace perl snippet from libnss-sss.post* with sed, drop perl from
Depends. (Closes: #686237)
@@ -28,9 +29,9 @@ sssd (1.10.0~beta2-1) UNRELEASED; urgency=low
from the rest so that password changes work with pam_cracklib installed.
* compat: Bump compat to 9.
* rules: Set DEB_HOST_MULTIARCH, drop --libdir and remnants of cdbs.
- * sssd.install: Install the support binaries under the multiarch path.
- * rules,sssd.postinst: Move generate-config to /usr/share/sssd.
- * rules, sssd.install: Use the correct install path for the
+ * sssd-common.install: Install the support binaries under the multiarch path.
+ * rules,sssd-common.postinst: Move generate-config to /usr/share/sssd.
+ * rules, sssd-common.install: Use the correct install path for the
krb5_locator plugin.
* libnss-sss.postinst: SSSD doesn't handle shadow maps, so don't pretend
that it would.
@@ -38,7 +39,7 @@ sssd (1.10.0~beta2-1) UNRELEASED; urgency=low
the libsss-sudo, drop -dev package.
* rules: Pass --datadir, so the path in autogenerated python files is
correctly substituted. (LP: #1079938)
- * sssd.dirs: Add krb5 include dir.
+ * sssd-common.dirs: Add krb5 include dir.
* fix-cve-2013-0219*.diff, -0220.diff: Dropped, included upstream.
* libsss-sudo.postrm: Run ldconfig on remove/purge.
* apparmor-profile: Fix the profile to use the multiarch path for it's
@@ -47,8 +48,6 @@ sssd (1.10.0~beta2-1) UNRELEASED; urgency=low
python-libsss-nss-idmap.
* watch: Updated to work with alpha/beta releases.
* control: Migrate to libnl-3 now that it's supported. (Closes: #688174)
- * Split authentication providers to separate packages and make sssd
- a metapackage.
* sssd-common.{preinst,postrm}: Install the apparmor profile in force-complain
mode on install, and remove the profile directory on purge (if empty). Also
migrate from previous setup which installed it as disabled. (Closes: #676140)
commit 7088a75fa05c02792966980d34a4046e85a0ed08
Author: Timo Aaltonen <tjaalton at ubuntu.com>
Date: Thu Jun 13 15:04:03 2013 +0300
really fix apparmor profile removals, add the changelog entry back
diff --git a/debian/changelog b/debian/changelog
index 15799c0..3ca9246 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -49,6 +49,9 @@ sssd (1.10.0~beta2-1) UNRELEASED; urgency=low
* control: Migrate to libnl-3 now that it's supported. (Closes: #688174)
* Split authentication providers to separate packages and make sssd
a metapackage.
+ * sssd-common.{preinst,postrm}: Install the apparmor profile in force-complain
+ mode on install, and remove the profile directory on purge (if empty). Also
+ migrate from previous setup which installed it as disabled. (Closes: #676140)
[ Stéphane Graber ]
* Add postinst/postrm script for libsss-sudo. Those will add a "sudoers"
diff --git a/debian/sssd-common.postrm b/debian/sssd-common.postrm
index 2d2b00e..a8b21e1 100644
--- a/debian/sssd-common.postrm
+++ b/debian/sssd-common.postrm
@@ -41,4 +41,9 @@ esac
#DEBHELPER#
+# work around buggy dh_apparmor which doesn't do this for us
+if [ "$1" = "purge" ]; then
+ rmdir /etc/apparmor.d/force-complain 2>/dev/null || true
+fi
+
exit 0
diff --git a/debian/sssd-common.preinst b/debian/sssd-common.preinst
index 08f369e..765d824 100755
--- a/debian/sssd-common.preinst
+++ b/debian/sssd-common.preinst
@@ -49,7 +49,7 @@ upgrade)
rm_conffile sssd "/etc/sssd/sssd.api.d/sssd-krb5.conf"
rm_conffile sssd "/etc/sssd/sssd.api.d/sssd-ldap.conf"
fi
- if dpkg --compare-versions "$2" lt "1.8.4-2"; then
+ if dpkg --compare-versions "$2" lt "1.10.0~beta2-1"; then
inst_complain_profile
if [ -e "$APP_DISABLE" ]; then
rm -f "$APP_DISABLE"
diff --git a/debian/sssd-common.prerm b/debian/sssd-common.prerm
index f277ac1..3122dd8 100644
--- a/debian/sssd-common.prerm
+++ b/debian/sssd-common.prerm
@@ -5,12 +5,5 @@ invoke_failure() {
return
}
-if [ "$1" = "purge" ]; then
- APP_PROFILE="usr.sbin.sssd"
- rm -f /etc/apparmor.d/force-complain/$APP_PROFILE >/dev/null 2>&1 || true
- rm -f /etc/apparmor.d/disable/$APP_PROFILE >/dev/null 2>&1 || true
- rmdir /etc/apparmor.d/disable >/dev/null 2>&1 || true
-fi
-
#DEBHELPER#
commit 59fc6db68937d192cf8352e884dd46be77023667
Author: Timo Aaltonen <tjaalton at ubuntu.com>
Date: Thu Jun 13 14:39:55 2013 +0300
close a few bugs
diff --git a/debian/changelog b/debian/changelog
index 0cbf97c..15799c0 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,7 +1,7 @@
sssd (1.10.0~beta2-1) UNRELEASED; urgency=low
[ Timo Aaltonen ]
- * New upstream release
+ * New upstream release (Closes: #693054, #705357, #711101)
* Update the packaging for the new version, thanks Esko Järnfors!
- Add libsss-idmap0, libsss-idmap-dev packages
- Add sssd Depends on libsss-idmap0
@@ -46,7 +46,7 @@ sssd (1.10.0~beta2-1) UNRELEASED; urgency=low
* Add packaging for libsss-nss-idmap0, libsss-nss-idmap-dev,
python-libsss-nss-idmap.
* watch: Updated to work with alpha/beta releases.
- * control: Migrate to libnl-3 now that it's supported.
+ * control: Migrate to libnl-3 now that it's supported. (Closes: #688174)
* Split authentication providers to separate packages and make sssd
a metapackage.
commit e8debd838cb4ad363a82d73f3ff51265c73d6f5f
Author: Timo Aaltonen <tjaalton at ubuntu.com>
Date: Thu Jun 13 13:50:16 2013 +0300
packaging changes
- drop libsss-sudo-dev packages
- split authentication providers to separate packages
- make sssd a metapackage.
diff --git a/debian/changelog b/debian/changelog
index 9902fd3..0cbf97c 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -35,8 +35,7 @@ sssd (1.10.0~beta2-1) UNRELEASED; urgency=low
* libnss-sss.postinst: SSSD doesn't handle shadow maps, so don't pretend
that it would.
* libsss-sudo*, control: Remove the soname from the library, move .so to
- the libsss-sudo, Replaces old libsss-sudo-dev. Drop the pkgconfig file
- from the -dev package.
+ the libsss-sudo, drop -dev package.
* rules: Pass --datadir, so the path in autogenerated python files is
correctly substituted. (LP: #1079938)
* sssd.dirs: Add krb5 include dir.
@@ -48,6 +47,8 @@ sssd (1.10.0~beta2-1) UNRELEASED; urgency=low
python-libsss-nss-idmap.
* watch: Updated to work with alpha/beta releases.
* control: Migrate to libnl-3 now that it's supported.
+ * Split authentication providers to separate packages and make sssd
+ a metapackage.
[ Stéphane Graber ]
* Add postinst/postrm script for libsss-sudo. Those will add a "sudoers"
diff --git a/debian/control b/debian/control
index 7d6ecdc..6876c18 100644
--- a/debian/control
+++ b/debian/control
@@ -50,34 +50,140 @@ Homepage: https://fedorahosted.org/sssd/
Package: sssd
Architecture: any
+Depends: ${misc:Depends},
+ sssd-common (= ${binary:Version}),
+ sssd-ad (= ${binary:Version}),
+ sssd-ipa (= ${binary:Version}),
+ sssd-krb5 (= ${binary:Version}),
+ sssd-ldap (= ${binary:Version}),
+ sssd-proxy (= ${binary:Version}),
+ python-sss (= ${binary:Version}),
+Description: System Security Services Daemon -- metapackage
+ Provides a set of daemons to manage access to remote directories and
+ authentication mechanisms. It provides an NSS and PAM interface toward
+ the system and a pluggable backend system to connect to multiple different
+ account sources. It is also the basis to provide client auditing and policy
+ services for projects like FreeIPA.
+ .
+ This package is a metapackage which installs the daemon and existing
+ authentication back ends.
+
+Package: sssd-common
+Architecture: any
Multi-Arch: foreign
-Depends: ${shlibs:Depends}, ${misc:Depends}, python,
+Depends: ${shlibs:Depends}, ${misc:Depends},
+ python,
python-sss,
- libipa-hbac0 (= ${binary:Version}),
- libsss-idmap0 (= ${binary:Version}),
Pre-Depends: ${misc:Pre-Depends}
-Recommends: ldap-utils,
+Recommends:
bind9-host,
libnss-sss,
libpam-sss,
- libsasl2-modules-gssapi-mit | libsasl2-modules-gssapi-heimdal,
- libsasl2-modules-ldap,
+ libsss-sudo,
Suggests:
apparmor,
- sssd-tools,
-Description: System Security Services Daemon
+ sssd-tools
+Breaks: sssd (<< 1.10.0~beta2-1),
+Replaces: sssd (<< 1.10.0~beta2-1),
+Description: System Security Services Daemon -- common files
Provides a set of daemons to manage access to remote directories and
authentication mechanisms. It provides an NSS and PAM interface toward
the system and a pluggable backend system to connect to multiple different
account sources. It is also the basis to provide client auditing and policy
services for projects like FreeIPA.
.
- This package provides the daemon.
+ This package provides the daemon and other common files needed by the
+ authentication back ends.
+
+Package: sssd-ad
+Architecture: any
+Multi-Arch: foreign
+Pre-Depends: ${misc:Pre-Depends}
+Depends: ${shlibs:Depends}, ${misc:Depends},
+ sssd-common (= ${binary:Version}),
+ sssd-krb5-common (= ${binary:Version}),
+ libsss-idmap0 (= ${binary:Version}),
+Breaks: sssd (<< 1.10.0~beta2-1),
+Replaces: sssd (<< 1.10.0~beta2-1),
+Description: System Security Services Daemon -- Active Directory back end
+ Provides the Active Directory back end that the SSSD can utilize to fetch
+ identity data from and authenticate against an Active Directory server.
+
+Package: sssd-ipa
+Architecture: any
+Multi-Arch: foreign
+Pre-Depends: ${misc:Pre-Depends}
+Depends: ${shlibs:Depends}, ${misc:Depends},
+ sssd-common (= ${binary:Version}),
+ sssd-krb5-common (= ${binary:Version}),
+ libipa-hbac0 (= ${binary:Version}),
+ libsss-idmap0 (= ${binary:Version}),
+Breaks: sssd (<< 1.10.0~beta2-1),
+Replaces: sssd (<< 1.10.0~beta2-1),
+Description: System Security Services Daemon -- IPA back end
+ Provides the IPA back end that the SSSD can utilize to fetch identity data
+ from and authenticate against an IPA server.
+
+Package: sssd-krb5
+Architecture: any
+Multi-Arch: foreign
+Pre-Depends: ${misc:Pre-Depends}
+Depends: ${shlibs:Depends}, ${misc:Depends},
+ sssd-common (= ${binary:Version}),
+ sssd-krb5-common (= ${binary:Version}),
+Breaks: sssd (<< 1.10.0~beta2-1),
+Replaces: sssd (<< 1.10.0~beta2-1),
+Description: System Security Services Daemon -- Kerberos back end
+ Provides the Kerberos back end that the SSSD can utilize authenticate
+ against a Kerberos server.
+
+Package: sssd-krb5-common
+Architecture: any
+Multi-Arch: foreign
+Pre-Depends: ${misc:Pre-Depends}
+Depends: ${shlibs:Depends}, ${misc:Depends},
+ sssd-common (= ${binary:Version}),
+Recommends:
+ libsasl2-modules-gssapi-mit | libsasl2-modules-gssapi-heimdal,
+Breaks: sssd (<< 1.10.0~beta2-1),
+Replaces: sssd (<< 1.10.0~beta2-1),
+Description: System Security Services Daemon -- Kerberos helpers
+ Provides helper processes that the LDAP and Kerberos back ends can use for
+ Kerberos user or host authentication.
+
+Package: sssd-ldap
+Architecture: any
+Multi-Arch: foreign
+Pre-Depends: ${misc:Pre-Depends}
+Depends: ${shlibs:Depends}, ${misc:Depends},
+ sssd-common (= ${binary:Version}),
+ sssd-krb5-common (= ${binary:Version}),
+ libsss-idmap0 (= ${binary:Version}),
+Recommends:
+ ldap-utils,
+ libsasl2-modules-ldap,
+Breaks: sssd (<< 1.10.0~beta2-1),
+Replaces: sssd (<< 1.10.0~beta2-1),
+Description: System Security Services Daemon -- LDAP back end
+ Provides the LDAP back end that the SSSD can utilize to fetch identity data
+ from and authenticate against an LDAP server.
+
+Package: sssd-proxy
+Architecture: any
+Multi-Arch: foreign
+Pre-Depends: ${misc:Pre-Depends}
+Depends: ${shlibs:Depends}, ${misc:Depends},
+ sssd-common (= ${binary:Version}),
+Breaks: sssd (<< 1.10.0~beta2-1),
+Replaces: sssd (<< 1.10.0~beta2-1),
+Description: System Security Services Daemon -- proxy back end
+ Provides the proxy back end which can be used to wrap an existing NSS and/or
+ PAM modules to leverage SSSD caching.
Package: sssd-tools
Architecture: any
Depends: ${shlibs:Depends}, ${misc:Depends},
- sssd (= ${binary:Version}),
+ sssd-common (= ${binary:Version}),
python,
Breaks: sssd (<< 1.8.0~beta3-1)
Replaces: sssd (<< 1.8.0~beta3-1)
@@ -196,17 +302,6 @@ Description: Communicator library for sudo
Utility library to allow communication between sudo and SSSD for caching
sudo rules by SSSD.
-Package: libsss-sudo-dev
-Section: libdevel
-Architecture: any
-Depends: ${misc:Depends}, libsss-sudo (= ${binary:Version})
-Description: Communicator library for sudo -- development files
- Utility library to allow communication between sudo and SSSD for caching
- sudo rules by SSSD.
- .
- This package contains the header file to develop programs which will use the
- libsss-sudo library.
-
Package: python-libipa-hbac
Section: python
Architecture: any
diff --git a/debian/libsss-sudo-dev.install b/debian/libsss-sudo-dev.install
deleted file mode 100644
index 9779e8f..0000000
--- a/debian/libsss-sudo-dev.install
+++ /dev/null
@@ -1 +0,0 @@
-usr/include/sss_sudo.h
diff --git a/debian/rules b/debian/rules
index 87e3bb3..8292f0a 100755
--- a/debian/rules
+++ b/debian/rules
@@ -47,9 +47,9 @@ override_dh_install:
install -m644 debian/libpam-sss.pam-auth-update-password \
$(CURDIR)/debian/libpam-sss/usr/share/pam-configs/sss-password
install -m644 -D $(CURDIR)/debian/apparmor-profile \
- $(CURDIR)/debian/sssd/etc/apparmor.d/usr.sbin.sssd
+ $(CURDIR)/debian/sssd-common/etc/apparmor.d/usr.sbin.sssd
- cat $(CURDIR)/debian/sssd.$(INIT).in > $(CURDIR)/debian/sssd.$(INIT)
+ cat $(CURDIR)/debian/sssd-common.sssd.$(INIT).in > $(CURDIR)/debian/sssd-common.sssd.$(INIT)
# remove files we don't want to install
find $(CURDIR)/debian/tmp/ -name '*.la' -exec rm '{}' ';'
@@ -65,12 +65,12 @@ override_dh_python2:
dh_python2 --no-guessing-versions
override_dh_installinit:
- dh_apparmor -psssd --profile-name=usr.sbin.sssd
- dh_installinit --error-handler=invoke_failure
+ dh_apparmor -psssd-common --profile-name=usr.sbin.sssd
+ dh_installinit --name sssd --error-handler=invoke_failure
override_dh_auto_clean:
dh_auto_clean
- rm -f $(CURDIR)/debian/sssd.$(INIT)
+ rm -f $(CURDIR)/debian/sssd-common.$(INIT)
rm -f $(CURDIR)/po/*.gmo
rm -f $(CURDIR)/src/config/*.pyc
rm -f $(CURDIR)/po/stamp-po
diff --git a/debian/sssd-ad.install b/debian/sssd-ad.install
new file mode 100644
index 0000000..ee00c21
--- /dev/null
+++ b/debian/sssd-ad.install
@@ -0,0 +1,2 @@
+usr/lib/*/sssd/libsss_ad.so
+usr/share/man/man5/sssd-ad.5*
diff --git a/debian/sssd-common.dirs b/debian/sssd-common.dirs
new file mode 100644
index 0000000..1bb6965
--- /dev/null
+++ b/debian/sssd-common.dirs
@@ -0,0 +1,9 @@
+etc/sssd
+var/lib/sss
+var/lib/sss/db
+var/lib/sss/mc
+var/lib/sss/pipes
+var/lib/sss/pipes/private
+var/lib/sss/pubconf
+var/lib/sss/pubconf/krb5.include.d
+var/log/sssd
diff --git a/debian/sssd-common.docs b/debian/sssd-common.docs
new file mode 100644
index 0000000..216b1c4
--- /dev/null
+++ b/debian/sssd-common.docs
@@ -0,0 +1 @@
+BUILD.txt
diff --git a/debian/sssd-common.examples b/debian/sssd-common.examples
new file mode 100644
index 0000000..5ab6a19
--- /dev/null
+++ b/debian/sssd-common.examples
@@ -0,0 +1 @@
+src/examples/sssd-example.conf
diff --git a/debian/sssd-common.install b/debian/sssd-common.install
new file mode 100644
index 0000000..ce5d92b
--- /dev/null
+++ b/debian/sssd-common.install
@@ -0,0 +1,23 @@
+usr/bin/sss_ssh_authorizedkeys
+usr/bin/sss_ssh_knownhostsproxy
+usr/lib/*/ldb/modules/ldb/memberof.so
+usr/lib/*/krb5/plugins/krb5/*
+usr/lib/*/krb5/plugins/authdata/*
+usr/lib/*/sssd/libsss_child.so
+usr/lib/*/sssd/libsss_crypt.so
+usr/lib/*/sssd/libsss_debug.so
+usr/lib/*/sssd/libsss_ldap_common.so
+usr/lib/*/sssd/libsss_simple.so
+usr/lib/*/sssd/libsss_util.so
+usr/lib/*/sssd/sssd_*
+usr/lib/*/sssd/modules/libsss_autofs.so
+usr/share/locale/*/LC_MESSAGES/*
+usr/share/sssd/*
+usr/sbin/sssd
+usr/share/man/man1/sss_ssh_authorizedkeys.1*
+usr/share/man/man1/sss_ssh_knownhostsproxy.1*
+usr/share/man/man5/sssd.conf.5*
+usr/share/man/man5/sssd-simple.5*
+usr/share/man/man5/sssd-sudo.5*
+usr/share/man/man8/sssd.8*
+usr/share/man/man8/sssd_krb5_locator_plugin.8*
diff --git a/debian/sssd-common.lintian-overrides b/debian/sssd-common.lintian-overrides
new file mode 100644
index 0000000..383f42d
--- /dev/null
+++ b/debian/sssd-common.lintian-overrides
@@ -0,0 +1 @@
+manpage-has-errors-from-man usr/share/man/man5/sssd-ldap.5.*
diff --git a/debian/sssd-common.logrotate b/debian/sssd-common.logrotate
new file mode 100644
index 0000000..f305c87
--- /dev/null
+++ b/debian/sssd-common.logrotate
@@ -0,0 +1,11 @@
+/var/log/sssd/*.log {
+ rotate 4
+ weekly
+ missingok
+ notifempty
+ compress
+ delaycompress
+ postrotate
+ kill -HUP `cat /var/run/sssd.pid` > /dev/null 2>&1 || true
+ endscript
+}
diff --git a/debian/sssd-common.manpages b/debian/sssd-common.manpages
new file mode 100644
index 0000000..8e3f513
--- /dev/null
+++ b/debian/sssd-common.manpages
@@ -0,0 +1 @@
+usr/share/man/man*/*
diff --git a/debian/sssd-common.postinst b/debian/sssd-common.postinst
new file mode 100644
index 0000000..75a7823
--- /dev/null
+++ b/debian/sssd-common.postinst
@@ -0,0 +1,59 @@
+#!/bin/sh
+# postinst script for sssd
+#
+# see: dh_installdeb(1)
+
+set -e
+
+# summary of how this script can be called:
+# * <postinst> `configure' <most-recently-configured-version>
+# * <old-postinst> `abort-upgrade' <new version>
+# * <conflictor's-postinst> `abort-remove' `in-favour' <package>
+# <new-version>
+# * <postinst> `abort-remove'
+# * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
+# <failed-install-package> <version> `removing'
+# <conflicting-package> <version>
+# for details, see http://www.debian.org/doc/debian-policy/ or
+# the debian-policy package
+
+case "$1" in
+ configure)
+ # Try to autogenerate a configuration file on package install
+ if [ -z "$2" ] && [ ! -e /etc/sssd/sssd.conf ]; then
+ /usr/share/sssd/generate-config > /etc/sssd/sssd.conf.new
+ if [ ! -s /etc/sssd/sssd.conf.new ] ; then
+ rm /etc/sssd/sssd.conf.new
+ else
+ mv /etc/sssd/sssd.conf.new /etc/sssd/sssd.conf
+ chmod 0600 /etc/sssd/sssd.conf
+ fi
+ fi
+ # Fix configuration file on package upgrade
+ if dpkg --compare-versions "$2" lt-nl 1.0.2-0ubuntu1; then
+ /usr/lib/sssd/sssd/upgrade_config.py
+ fi
+ ;;
+
+ abort-upgrade|abort-remove|abort-deconfigure)
+ ;;
+
+ *)
+ echo "postinst called with unknown argument \`$1'" >&2
+ exit 1
+ ;;
+esac
+
+invoke_failure() {
+ # invoke-rc.d failed, likely because of a missing sssd.conf
+ if [ ! -s /etc/sssd/sssd.conf ]; then
+ echo "... because /etc/sssd/sssd.conf is not available yet"
+ fi
+}
+
+# dh_installdeb will replace this with shell code automatically
+# generated by other debhelper scripts.
+
+#DEBHELPER#
+
+exit 0
diff --git a/debian/sssd-common.postrm b/debian/sssd-common.postrm
new file mode 100644
index 0000000..2d2b00e
--- /dev/null
+++ b/debian/sssd-common.postrm
@@ -0,0 +1,44 @@
+#!/bin/sh
+# postrm script for sssd
+#
+# see: dh_installdeb(1)
+
+set -e
+
+# summary of how this script can be called:
+# * <postrm> `remove'
+# * <postrm> `purge'
+# * <old-postrm> `upgrade' <new-version>
+# * <new-postrm> `failed-upgrade' <old-version>
+# * <new-postrm> `abort-install'
+# * <new-postrm> `abort-install' <old-version>
+# * <new-postrm> `abort-upgrade' <old-version>
+# * <disappearer's-postrm> `disappear' <overwriter>
+# <overwriter-version>
+# for details, see http://www.debian.org/doc/debian-policy/ or
+# the debian-policy package
+
+
+case "$1" in
+ purge)
+ rm -f /etc/sssd/sssd.conf
+ if [ -d /etc/sssd ]; then
+ rmdir --ignore-fail-on-non-empty /etc/sssd/
+ fi
+ rm -rf /var/log/sssd/
+ ;;
+ remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
+ ;;
+
+ *)
+ echo "postrm called with unknown argument \`$1'" >&2
+ exit 1
+ ;;
+esac
+
+# dh_installdeb will replace this with shell code automatically
+# generated by other debhelper scripts.
+
+#DEBHELPER#
+
+exit 0
diff --git a/debian/sssd-common.preinst b/debian/sssd-common.preinst
new file mode 100755
index 0000000..08f369e
--- /dev/null
+++ b/debian/sssd-common.preinst
@@ -0,0 +1,61 @@
+#!/bin/sh
+
+set -e
+
+# Remove a no-longer used conffile
+# Copied from http://wiki.debian.org/DpkgConffileHandling
+rm_conffile() {
+ local PKGNAME="$1"
+ local CONFFILE="$2"
+
+ [ -e "$CONFFILE" ] || return 0
+
+ local md5sum="$(md5sum $CONFFILE | sed -e 's/ .*//')"
+ local old_md5sum="$(dpkg-query -W -f='${Conffiles}' $PKGNAME | \
+ sed -n -e "\' $CONFFILE ' { s/ obsolete$//; s/.* //; p }")"
+ if [ "$md5sum" != "$old_md5sum" ]; then
+ echo "Obsolete conffile $CONFFILE has been modified by you."
+ echo "Saving as $CONFFILE.dpkg-bak ..."
+ mv -f "$CONFFILE" "$CONFFILE".dpkg-bak
+ else
+ echo "Removing obsolete conffile $CONFFILE ..."
+ mv -f "$CONFFILE" "$CONFFILE".dpkg-del
+ fi
+}
+
+APP_PROFILE="usr.sbin.sssd"
+APP_CONFFILE="/etc/apparmor.d/$APP_PROFILE"
+APP_COMPLAIN="/etc/apparmor.d/force-complain/$APP_PROFILE"
+APP_DISABLE="/etc/apparmor.d/disable/$APP_PROFILE"
+
+inst_complain_profile() {
+ # Create a symlink to the yet-to-be-unpacked profile
+ mkdir -p `dirname $APP_COMPLAIN` 2>/dev/null || true
+ ln -sf $APP_CONFFILE $APP_COMPLAIN
+}
+
+case "$1" in
+install)
+ # Force the AppArmor profile to complain mode on install
+ inst_complain_profile
+ ;;
+upgrade)
+ if dpkg --compare-versions "$2" le "1.0.5-1"; then
+ rm_conffile sssd "/etc/sssd/sssd.api.conf"
+ rm_conffile sssd "/etc/sssd/sssd.api.d/sssd-proxy.conf"
+ rm_conffile sssd "/etc/sssd/sssd.api.d/sssd-simple.conf"
+ rm_conffile sssd "/etc/sssd/sssd.api.d/sssd-ipa.conf"
+ rm_conffile sssd "/etc/sssd/sssd.api.d/sssd-local.conf"
+ rm_conffile sssd "/etc/sssd/sssd.api.d/sssd-krb5.conf"
+ rm_conffile sssd "/etc/sssd/sssd.api.d/sssd-ldap.conf"
+ fi
+ if dpkg --compare-versions "$2" lt "1.8.4-2"; then
+ inst_complain_profile
+ if [ -e "$APP_DISABLE" ]; then
+ rm -f "$APP_DISABLE"
+ fi
+ fi
+ ;;
+esac
+
+#DEBHELPER#
diff --git a/debian/sssd-common.prerm b/debian/sssd-common.prerm
new file mode 100644
index 0000000..f277ac1
--- /dev/null
+++ b/debian/sssd-common.prerm
@@ -0,0 +1,16 @@
+#! /bin/sh -e
+
+invoke_failure() {
+ # invoke-rc.d failed
+ return
+}
+
+if [ "$1" = "purge" ]; then
+ APP_PROFILE="usr.sbin.sssd"
+ rm -f /etc/apparmor.d/force-complain/$APP_PROFILE >/dev/null 2>&1 || true
+ rm -f /etc/apparmor.d/disable/$APP_PROFILE >/dev/null 2>&1 || true
+ rmdir /etc/apparmor.d/disable >/dev/null 2>&1 || true
+fi
+
+#DEBHELPER#
+
diff --git a/debian/sssd-common.sssd.default b/debian/sssd-common.sssd.default
new file mode 100644
index 0000000..fed8a35
--- /dev/null
+++ b/debian/sssd-common.sssd.default
@@ -0,0 +1,10 @@
+# Defaults for sssd initscript
+# sourced by /etc/init.d/sssd
+# installed at /etc/default/sssd by the maintainer scripts
+
+#
+# This is a POSIX shell fragment
+#
+
+# Additional options that are passed to the Daemon.
+DAEMON_OPTS="-D -f"
diff --git a/debian/sssd-common.sssd.init.in b/debian/sssd-common.sssd.init.in
new file mode 100644
index 0000000..390a6e2
--- /dev/null
+++ b/debian/sssd-common.sssd.init.in
@@ -0,0 +1,86 @@
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides: sssd
+# Required-Start: $remote_fs $syslog
+# Required-Stop: $remote_fs $syslog
+# Should-Start: $named
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: System Security Services Daemon
+# Description: Provides a set of daemons to manage access to
+# remote directories and authentication
+# mechanisms. It provides an NSS and PAM interface
+# toward the system and a pluggable backend system
+# to connect to multiple different account sources.
+### END INIT INFO
+# start on filesystem
+# stop on runlevel [06]
+
+DESCRIPTION="System Security Services Daemon"
+PATH=/bin:/usr/bin:/sbin:/usr/sbin
+NAME=sssd
+DAEMON_OPTS=""
+DAEMON=/usr/sbin/$NAME
+PIDFILE=/var/run/$NAME.pid
+
+# Load the VERBOSE setting and other rcS variables
+. /lib/init/vars.sh
+
+# Define LSB log_* functions.
+# Depend on lsb-base (>= 3.2-14) to ensure that this file is present
+# and status_of_proc is working.
+. /lib/lsb/init-functions
+
+if [ -f /etc/default/sssd ] ; then
+ . /etc/default/sssd
+fi
+
+initdmain() {
+ case "$1" in
+ start)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESCRIPTION" "$NAME"
+ start_daemon -p $PIDFILE $DAEMON $DAEMON_OPTS
+ RC=$?
+ case "$RC" in
+ 0)
+ [ "$VERBOSE" != no ] && log_end_msg $RC
+ ;;
+ *)
+ # Report error also when VERBOSE=no
+ log_daemon_msg "Starting $DESCRIPTION" "$NAME"
+ log_end_msg $RC
+ ;;
+ esac
+ ;;
+ stop)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESCRIPTION" "$NAME"
+ killproc -p $PIDFILE $DAEMON
+ RC=$?
+ case "$RC" in
+ 0)
+ [ "$VERBOSE" != no ] && log_end_msg $RC
+ ;;
+ *)
+ # Report error also when VERBOSE=no
+ log_daemon_msg "Stopping $DESCRIPTION" "$NAME"
+ log_end_msg $RC
+ ;;
+ esac
+ ;;
+ force-reload|restart)
+ $0 stop
+ $0 start
+ ;;
+ status)
+ status_of_proc -p $PIDFILE $DAEMON $NAME && exit 0 || exit $?
+ ;;
+ *)
+ echo "Usage: /etc/init.d/$NAME {start|stop|restart|force-reload|status}"
+ exit 1
+ ;;
+ esac
+}
+
+initdmain $@
+
+exit 0
diff --git a/debian/sssd-common.sssd.upstart.in b/debian/sssd-common.sssd.upstart.in
new file mode 100644
index 0000000..160589f
--- /dev/null
+++ b/debian/sssd-common.sssd.upstart.in
@@ -0,0 +1,28 @@
+# sssd - System Security Services Daemon
+#
+# Provides a set of daemons to manage access to remote directories and
+# authentication mechanisms. It provides an NSS and PAM interface toward
+# the system and a pluggable backend system to connect to multiple different
+# account sources.
+
+description "System Security Services Daemon"
+
+start on (filesystem and net-device-up)
+stop on runlevel [06]
+
+expect fork
+respawn
+
+env DEFAULTFILE=/etc/default/sssd
+
+pre-start script
+ test -f /etc/sssd/sssd.conf || { stop; exit 0; }
+ /lib/init/apparmor-profile-load usr.sbin.sssd
+end script
+
+script
+ if [ -f "$DEFAULTFILE" ]; then
+ . "$DEFAULTFILE"
+ fi
+ exec sssd $DAEMON_OPTS
+end script
diff --git a/debian/sssd-ipa.install b/debian/sssd-ipa.install
new file mode 100644
index 0000000..cf310cc
--- /dev/null
+++ b/debian/sssd-ipa.install
@@ -0,0 +1,3 @@
+usr/lib/*/sssd/libsss_ipa.so
+usr/share/man/man5/sssd-ipa.5*
+
diff --git a/debian/sssd-krb5-common.install b/debian/sssd-krb5-common.install
new file mode 100644
index 0000000..5d93b09
--- /dev/null
+++ b/debian/sssd-krb5-common.install
@@ -0,0 +1,3 @@
+usr/lib/*/sssd/libsss_krb5_common.so
+usr/lib/*/sssd/ldap_child
+usr/lib/*/sssd/krb5_child
diff --git a/debian/sssd-krb5.install b/debian/sssd-krb5.install
new file mode 100644
index 0000000..f65ded9
--- /dev/null
+++ b/debian/sssd-krb5.install
@@ -0,0 +1,3 @@
+usr/lib/*/sssd/libsss_krb5.so
+usr/share/man/man5/sssd-krb5.5*
+
diff --git a/debian/sssd-ldap.install b/debian/sssd-ldap.install
new file mode 100644
index 0000000..3e79869
--- /dev/null
+++ b/debian/sssd-ldap.install
@@ -0,0 +1,3 @@
+usr/lib/*/sssd/libsss_ldap.so
+usr/share/man/man5/sssd-ldap.5*
+
diff --git a/debian/sssd-proxy.install b/debian/sssd-proxy.install
new file mode 100644
index 0000000..543d55b
--- /dev/null
+++ b/debian/sssd-proxy.install
@@ -0,0 +1,2 @@
+usr/lib/*/sssd/libsss_proxy.so
+usr/lib/*/sssd/proxy_child
diff --git a/debian/sssd.default b/debian/sssd.default
deleted file mode 100644
index fed8a35..0000000
--- a/debian/sssd.default
+++ /dev/null
@@ -1,10 +0,0 @@
-# Defaults for sssd initscript
-# sourced by /etc/init.d/sssd
-# installed at /etc/default/sssd by the maintainer scripts
-
-#
-# This is a POSIX shell fragment
-#
-
-# Additional options that are passed to the Daemon.
-DAEMON_OPTS="-D -f"
diff --git a/debian/sssd.dirs b/debian/sssd.dirs
deleted file mode 100644
index 1bb6965..0000000
--- a/debian/sssd.dirs
+++ /dev/null
@@ -1,9 +0,0 @@
-etc/sssd
-var/lib/sss
-var/lib/sss/db
-var/lib/sss/mc
-var/lib/sss/pipes
-var/lib/sss/pipes/private
-var/lib/sss/pubconf
-var/lib/sss/pubconf/krb5.include.d
-var/log/sssd
diff --git a/debian/sssd.docs b/debian/sssd.docs
deleted file mode 100644
index 216b1c4..0000000
--- a/debian/sssd.docs
+++ /dev/null
@@ -1 +0,0 @@
-BUILD.txt
diff --git a/debian/sssd.examples b/debian/sssd.examples
deleted file mode 100644
index 5ab6a19..0000000
--- a/debian/sssd.examples
+++ /dev/null
@@ -1 +0,0 @@
-src/examples/sssd-example.conf
More information about the Pkg-sssd-devel
mailing list