[Pkg-sssd-devel] SSSD package in Debian: crypto provider
Timo Aaltonen
tjaalton at debian.org
Tue Jul 14 19:18:03 BST 2020
On 13.7.2020 23.27, Alexey Tikhonov wrote:
> Hi,
>
> SSSD upstream maintainers plan to completely drop support of `libnss`
> as a crypto backend [1]
> Moreover, as of 2.3.0 upstream release the default was already
> switched to use OpenSLL (libcrypto) [2]
>
> Do you have any concerns with this?
>
> I took a look at the content of
> https://salsa.debian.org/sssd-team/sssd/-/tree/debian/2.3.0-1/debian
> but not sure I understand correctly how Debian package is built.
>
> I didn't find `--with-crypto=` configure param to be set explicitly.
> If default (libcrypto) is already used, then I guess everything should
> be fine...
>
>
> [1] https://github.com/SSSD/sssd/issues/1041
> [2] https://sssd.io/docs/users/relnotes/notes_2_3_0.html#new-features
Hi, it is set in debian/rules:
override_dh_auto_configure:
dh_auto_configure -- --enable-krb5-locator-plugin \
--datadir=/usr/share/ \
--with-environment-file=/etc/default/sssd \
--with-ldb-lib-dir=/usr/lib/$(DEB_HOST_MULTIARCH)/ldb/modules/ldb \
--with-krb5-plugin-path=/usr/lib/$(DEB_HOST_MULTIARCH)/krb5/plugins/libkrb5 \
--enable-nsslibdir=/lib/$(DEB_HOST_MULTIARCH) \
--enable-pammoddir=/lib/$(DEB_HOST_MULTIARCH)/security \
--enable-systemtap \
--disable-static \
--disable-rpath \
--with-autofs \
--with-crypto=libcrypto \
--with-ssh \
--with-initscript=systemd \
--with-systemdunitdir=/lib/systemd/system \
--disable-files-domain \
--with-smb-idmap-interface-version=6 \
--without-python2-bindings \
--with-syslog=journald \
--with-pid-path=/run \
--with-sudo
--
t
More information about the Pkg-sssd-devel
mailing list