| 1 | ;;; GNU Guix --- Functional package management for GNU |
| 2 | ;;; Copyright © 2016, 2017 Ricardo Wurmus <rekado@elephly.net> |
| 3 | ;;; Copyright © 2017, 2018 Tobias Geerinckx-Rice <me@tobias.gr> |
| 4 | ;;; Copyright © 2020 Efraim Flashner <efraim@flashner.co.il> |
| 5 | ;;; |
| 6 | ;;; This file is part of GNU Guix. |
| 7 | ;;; |
| 8 | ;;; GNU Guix is free software; you can redistribute it and/or modify it |
| 9 | ;;; under the terms of the GNU General Public License as published by |
| 10 | ;;; the Free Software Foundation; either version 3 of the License, or (at |
| 11 | ;;; your option) any later version. |
| 12 | ;;; |
| 13 | ;;; GNU Guix is distributed in the hope that it will be useful, but |
| 14 | ;;; WITHOUT ANY WARRANTY; without even the implied warranty of |
| 15 | ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 16 | ;;; GNU General Public License for more details. |
| 17 | ;;; |
| 18 | ;;; You should have received a copy of the GNU General Public License |
| 19 | ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. |
| 20 | |
| 21 | (define-module (gnu packages sssd) |
| 22 | #:use-module ((guix licenses) #:prefix license:) |
| 23 | #:use-module (guix packages) |
| 24 | #:use-module (guix download) |
| 25 | #:use-module (guix utils) |
| 26 | #:use-module (guix build-system gnu) |
| 27 | #:use-module (gnu packages) |
| 28 | #:use-module (gnu packages) |
| 29 | #:use-module (gnu packages adns) |
| 30 | #:use-module (gnu packages augeas) |
| 31 | #:use-module (gnu packages check) |
| 32 | #:use-module (gnu packages curl) |
| 33 | #:use-module (gnu packages cyrus-sasl) |
| 34 | #:use-module (gnu packages databases) |
| 35 | #:use-module (gnu packages dns) |
| 36 | #:use-module (gnu packages docbook) |
| 37 | #:use-module (gnu packages documentation) |
| 38 | #:use-module (gnu packages glib) |
| 39 | #:use-module (gnu packages kerberos) |
| 40 | #:use-module (gnu packages libunistring) |
| 41 | #:use-module (gnu packages linux) |
| 42 | #:use-module (gnu packages nss) |
| 43 | #:use-module (gnu packages openldap) |
| 44 | #:use-module (gnu packages tls) |
| 45 | #:use-module (gnu packages pcre) |
| 46 | #:use-module (gnu packages popt) |
| 47 | #:use-module (gnu packages pkg-config) |
| 48 | #:use-module (gnu packages samba) |
| 49 | #:use-module (gnu packages selinux) |
| 50 | #:use-module (gnu packages web) |
| 51 | #:use-module (gnu packages xml)) |
| 52 | |
| 53 | (define-public ding-libs |
| 54 | (package |
| 55 | (name "ding-libs") |
| 56 | (version "0.6.1") |
| 57 | (source (origin |
| 58 | (method url-fetch) |
| 59 | (uri (string-append "https://releases.pagure.org/SSSD/ding-libs/" |
| 60 | "ding-libs-" version ".tar.gz")) |
| 61 | (sha256 |
| 62 | (base32 |
| 63 | "1h97mx2jdv4caiz4r7y8rxfsq78fx0k4jjnfp7x2s7xqvqks66d3")))) |
| 64 | (build-system gnu-build-system) |
| 65 | (home-page "https://pagure.io/SSSD/ding-libs/") |
| 66 | (synopsis "Libraries for SSSD") |
| 67 | (description |
| 68 | "DING-LIBS (DING Is Not Glib) are a set of small, useful libraries that |
| 69 | the @dfn{System Security Services Daemon} (SSSD) uses and makes available to |
| 70 | other projects. They include: libdhash, an implementation of a dynamic hash |
| 71 | table which will dynamically resize to achieve optimal storage and access time |
| 72 | properties; ini_config, a library for parsing and managing @code{INI} files; |
| 73 | path_utils, a library to manage UNIX paths and subsets of paths; collection, a |
| 74 | generic, hierarchical grouping mechanism for complex data sets; ref_array, a |
| 75 | dynamically-growing, reference-counted array; libbasicobjects, a set of |
| 76 | fundamental object types for C.") |
| 77 | (license license:lgpl3+))) |
| 78 | |
| 79 | ;; Note: This package installs modules for ldb and nss. For the former we |
| 80 | ;; need to set LDB_MODULES_PATH. For the latter LD_PRELOAD or LD_LIBRARY_PATH |
| 81 | ;; is needed. |
| 82 | (define-public sssd |
| 83 | (package |
| 84 | (name "sssd") |
| 85 | (version "1.16.5") |
| 86 | (source (origin |
| 87 | (method url-fetch) |
| 88 | (uri (string-append "https://releases.pagure.org/SSSD/sssd/" |
| 89 | "sssd-" version ".tar.gz")) |
| 90 | (sha256 |
| 91 | (base32 |
| 92 | "1h6hwibaf3xa2w6qpzjiiywmfj6zkgbz4r2isf3gd0xm6vq7n6if")) |
| 93 | (patches (search-patches "sssd-fix-samba.patch" |
| 94 | "sssd-system-directories.patch")))) |
| 95 | (build-system gnu-build-system) |
| 96 | (arguments |
| 97 | `(#:make-flags |
| 98 | (list (string-append "DOCBOOK_XSLT=" |
| 99 | (assoc-ref %build-inputs "docbook-xsl") |
| 100 | "/xml/xsl/docbook-xsl-" |
| 101 | ,(package-version docbook-xsl) |
| 102 | "/manpages/docbook.xsl") |
| 103 | ;; Remove "--postvalid" option, because that requires access to |
| 104 | ;; online DTDs. |
| 105 | "XMLLINT_FLAGS = --catalogs --nonet --noent --xinclude --noout") |
| 106 | #:configure-flags |
| 107 | (list "--localstatedir=/var" ;for /var/lib/sss, /var/run/sssd.pid, etc. |
| 108 | "--sysconfdir=/etc" ;/etc/sssd |
| 109 | |
| 110 | "--disable-cifs-idmap-plugin" |
| 111 | "--without-nfsv4-idmapd-plugin" |
| 112 | "--without-python2-bindings" |
| 113 | "--without-python3-bindings" |
| 114 | (string-append "--with-plugin-path=" |
| 115 | (assoc-ref %outputs "out") |
| 116 | "/lib/sssd") |
| 117 | (string-append "--with-krb5-plugin-path=" |
| 118 | (assoc-ref %outputs "out") |
| 119 | "/lib/krb5/plugins/libkrb5") |
| 120 | (string-append "--with-cifs-plugin-path=" |
| 121 | (assoc-ref %outputs "out") |
| 122 | "/lib/cifs-utils") |
| 123 | (string-append "--with-init-dir=" |
| 124 | (assoc-ref %outputs "out") |
| 125 | "/etc/init.d") |
| 126 | (string-append "--with-ldb-lib-dir=" |
| 127 | (assoc-ref %outputs "out") |
| 128 | "/lib/ldb/modules/ldb") |
| 129 | (string-append "--with-xml-catalog-path=" |
| 130 | (assoc-ref %build-inputs "docbook-xml") |
| 131 | "/xml/dtd/docbook/catalog.xml")) |
| 132 | #:phases |
| 133 | (modify-phases %standard-phases |
| 134 | (add-after 'unpack 'disable-failing-test |
| 135 | (lambda _ |
| 136 | (substitute* "src/tests/responder_socket_access-tests.c" |
| 137 | (("tcase_add_test\\(tc_utils, resp_str_to_array_test\\);") "")) |
| 138 | #t))))) |
| 139 | (inputs |
| 140 | `(("augeas" ,augeas) |
| 141 | ("bind" ,isc-bind "utils") |
| 142 | ("c-ares" ,c-ares) |
| 143 | ("curl" ,curl) |
| 144 | ("cyrus-sasl" ,cyrus-sasl) |
| 145 | ("dbus" ,dbus) |
| 146 | ("ding-libs" ,ding-libs) |
| 147 | ("glib" ,glib) |
| 148 | ("gnutls" ,gnutls) |
| 149 | ("http-parser" ,http-parser) |
| 150 | ("jansson" ,jansson) |
| 151 | ("ldb" ,ldb) |
| 152 | ("libselinux" ,libselinux) |
| 153 | ("libsemanage" ,libsemanage) |
| 154 | ("libunistring" ,libunistring) |
| 155 | ("linux-pam" ,linux-pam) |
| 156 | ("mit-krb5" ,mit-krb5) |
| 157 | ("nss" ,nss) |
| 158 | ("openldap" ,openldap) |
| 159 | ("openssl" ,openssl) |
| 160 | ("pcre" ,pcre) |
| 161 | ("popt" ,popt) |
| 162 | ("samba" ,samba) |
| 163 | ("talloc" ,talloc) |
| 164 | ("tdb" ,tdb) |
| 165 | ("tevent" ,tevent))) |
| 166 | (native-inputs |
| 167 | `(("check" ,check-0.14) |
| 168 | ("docbook-xsl" ,docbook-xsl) |
| 169 | ("docbook-xml" ,docbook-xml) |
| 170 | ("libxml2" ,libxml2) ; for xmllint |
| 171 | ("libxslt" ,libxslt) |
| 172 | ("pkg-config" ,pkg-config) |
| 173 | ("util-linux" ,util-linux "lib"))) ;for uuid.h, reqired for KCM |
| 174 | (home-page "https://pagure.io/SSSD/sssd/") |
| 175 | (synopsis "System security services daemon") |
| 176 | (description "SSSD is a system daemon. Its primary function is to provide |
| 177 | access to identity and authentication remote resource through a common |
| 178 | framework that can provide caching and offline support to the system. It |
| 179 | provides PAM and NSS modules, and in the future will support D-BUS based |
| 180 | interfaces for extended user information. It also provides a better database |
| 181 | to store local users as well as extended user data.") |
| 182 | (license license:gpl3+))) |