SPEC:

- don't build 'systemtap' support - don't build 'selinux_child' support - don't build subid ranges support - don't build 'passkey' auth support - don't build 'systemd' integration - build '--with-syslog=stderr'
SSSD · Feb 13, 2025 · 85c9d51 · 85c9d51
1 parent 64d47ba
commit 85c9d51
Show file tree

Hide file tree

Showing 4 changed files with 8 additions and 114 deletions.
diff --git a/Makefile.am b/Makefile.am
@@ -5119,15 +5119,6 @@ if BUILD_KCM
         src/sysv/systemd/sssd-kcm.service \
         $(NULL)
 endif
-else
-if HAVE_GENTOO
-    init_SCRIPTS += \
-        src/sysv/gentoo/sssd \
-        src/sysv/gentoo/sssd-kcm
-else
-    init_SCRIPTS += \
-        src/sysv/sssd
-endif
 endif
 
 

diff --git a/contrib/ci/configure.sh b/contrib/ci/configure.sh
@@ -28,7 +28,7 @@ declare -a CONFIGURE_ARG_LIST=(
     "--disable-static"
     "--enable-ldb-version-check"
     "--with-initscript=sysv"
-    "--with-syslog=syslog"
+    "--with-syslog=stderr"
     "--enable-systemtap"
     "--with-subid"
     "--with-passkey"

diff --git a/contrib/fedora/bashrc_sssd b/contrib/fedora/bashrc_sssd
@@ -47,7 +47,7 @@ fedconfig()
         --enable-systemtap \
         --with-krb5-rcache-dir=/var/cache/krb5rcache \
         --with-initscript=systemd \
-        --with-syslog=journald \
+        --with-syslog=stderr \
         --with-test-dir=/dev/shm \
         --cache-file=/tmp/fedconfig.cache \
         --with-passkey \

diff --git a/contrib/sssd.spec.in b/contrib/sssd.spec.in
@@ -16,14 +16,9 @@
 %global sssd_user root
 %endif
 
-# sysusers depends on presence of sssd user
-%if 0%{?fedora} >= 41 || 0%{?rhel} >= 10
-%global use_sysusers 1
-%else
 %global use_sysusers 0
-%endif
 
-%global build_subid 1
+%global build_subid 0
 
 %if 0%{?fedora} >= 34
 %global build_kcm_renewals 1
@@ -35,7 +30,7 @@
 %global build_kcm_renewals 0
 %endif
 
-%global build_passkey 1
+%global build_passkey 0
 
 %if 0%{?fedora} >= 41 || 0%{?rhel} >= 10
 %global build_ssh_known_hosts_proxy 0
@@ -127,8 +122,6 @@ BuildRequires: libini_config-devel >= 1.3
 BuildRequires: libldb-devel >= %{ldb_version}
 BuildRequires: libnfsidmap-devel
 BuildRequires: libnl3-devel
-BuildRequires: libselinux-devel
-BuildRequires: libsemanage-devel
 BuildRequires: libsmbclient-devel
 BuildRequires: libtalloc-devel
 BuildRequires: libtdb-devel
@@ -158,15 +151,9 @@ BuildRequires: python3-setuptools
 BuildRequires: samba-devel
 # required for idmap_sss.so
 BuildRequires: samba-winbind
-BuildRequires: selinux-policy-targeted
 # required for p11_child smartcard tests
 BuildRequires: softhsm >= 2.1.0
 BuildRequires: bc
-BuildRequires: systemd-devel
-BuildRequires: systemtap-sdt-devel
-%if 0%{?fedora} >= 41 || 0%{?rhel} >= 10
-BuildRequires: systemtap-sdt-dtrace
-%endif
 BuildRequires: uid_wrapper
 BuildRequires: po4a
 BuildRequires: valgrind-devel
@@ -214,7 +201,6 @@ Requires(postun): coreutils
 %if %{use_sssd_user}
 Requires(pre): shadow-utils
 %endif
-%{?systemd_requires}
 
 ### Provides ###
 Provides: libsss_sudo-devel = %{version}-%{release}
@@ -261,8 +247,6 @@ Requires: sssd-common = %{version}-%{release}
 Requires: python3-sss = %{version}-%{release}
 Requires: python3-sssdconfig = %{version}-%{release}
 Requires: libsss_certmap = %{version}-%{release}
-# for logger=journald support with sss_analyze
-Requires: python3-systemd
 Requires: sssd-dbus
 
 %description tools
@@ -454,7 +438,6 @@ be used by Python applications.
 Summary: The D-Bus responder of the SSSD
 License: GPL-3.0-or-later
 Requires: sssd-common = %{version}-%{release}
-%{?systemd_requires}
 
 %description dbus
 Provides the D-Bus responder of the SSSD, called the InfoPipe, that allows
@@ -505,7 +488,6 @@ Requires: sssd-common = %{version}-%{release}
 Requires: krb5-libs >= %{krb5_version}
 Requires: sssd-krb5-common = %{version}-%{release}
 %endif
-%{?systemd_requires}
 
 %description kcm
 An implementation of a Kerberos KCM server. Use this package if you want to
@@ -552,17 +534,17 @@ autoreconf -ivf
     --enable-nsslibdir=%{_libdir} \
     --enable-pammoddir=%{_libdir}/security \
     --enable-sss-default-nss-plugin \
-    --enable-systemtap \
+    --disable-systemtap \
     --with-db-path=%{dbpath} \
     --with-gpo-cache-path=%{gpocachepath} \
     --with-init-dir=%{_initrddir} \
-    --with-initscript=systemd \
+    --with-initscript=sysv \
     --with-krb5-rcache-dir=%{_localstatedir}/cache/krb5rcache \
     --with-mcache-path=%{mcpath} \
     --with-pipe-path=%{pipepath} \
     --with-pubconf-path=%{pubconfpath} \
     --with-sssd-user=%{sssd_user} \
-    --with-syslog=journald \
+    --with-syslog=stderr \
     --with-test-dir=/dev/shm \
 %if %{build_subid}
     --with-subid \
@@ -576,6 +558,7 @@ autoreconf -ivf
 %if %{build_ssh_known_hosts_proxy}
     --with-ssh-known-hosts-proxy \
 %endif
+    --without-selinux \
     %{nil}
 
 %make_build all docs runstatedir=%{_rundir}
@@ -737,19 +720,6 @@ install -D -p -m 0644 %{SOURCE1} %{buildroot}%{_sysusersdir}/sssd.conf
 %license COPYING
 %doc src/examples/sssd-example.conf
 %{_sbindir}/sssd
-%{_unitdir}/sssd.service
-%{_unitdir}/sssd-autofs.socket
-%{_unitdir}/sssd-autofs.service
-%{_unitdir}/sssd-nss.socket
-%{_unitdir}/sssd-nss.service
-%{_unitdir}/sssd-pac.socket
-%{_unitdir}/sssd-pac.service
-%{_unitdir}/sssd-pam.socket
-%{_unitdir}/sssd-pam.service
-%{_unitdir}/sssd-ssh.socket
-%{_unitdir}/sssd-ssh.service
-%{_unitdir}/sssd-sudo.socket
-%{_unitdir}/sssd-sudo.service
 
 %{_tmpfilesdir}/%{name}.conf
 
@@ -761,7 +731,6 @@ install -D -p -m 0644 %{SOURCE1} %{buildroot}%{_sysusersdir}/sssd.conf
 %{_libexecdir}/%{servicename}/sssd_ssh
 %{_libexecdir}/%{servicename}/sssd_sudo
 %{_libexecdir}/%{servicename}/p11_child
-%{_libexecdir}/%{servicename}/sssd_check_socket_activated_responders
 
 %dir %{_libdir}/%{name}
 %{_libdir}/%{name}/libsss_simple.so
@@ -825,16 +794,6 @@ install -D -p -m 0644 %{SOURCE1} %{buildroot}%{_sysusersdir}/sssd.conf
 %{_mandir}/man5/sssd-session-recording.5*
 %{_mandir}/man8/sssd.8*
 %{_mandir}/man8/sss_cache.8*
-%dir %{_datadir}/sssd/systemtap
-%{_datadir}/sssd/systemtap/id_perf.stp
-%{_datadir}/sssd/systemtap/nested_group_perf.stp
-%{_datadir}/sssd/systemtap/dp_request.stp
-%{_datadir}/sssd/systemtap/ldap_perf.stp
-%dir %{_datadir}/systemtap
-%dir %{_datadir}/systemtap/tapset
-%{_datadir}/systemtap/tapset/sssd.stp
-%{_datadir}/systemtap/tapset/sssd_functions.stp
-%{_mandir}/man5/sssd-systemtap.5*
 %if %{use_sysusers}
 %{_sysusersdir}/sssd.conf
 %endif
@@ -871,7 +830,6 @@ install -D -p -m 0644 %{SOURCE1} %{buildroot}%{_sysusersdir}/sssd.conf
 %license COPYING
 %attr(770,%{sssd_user},%{sssd_user}) %dir %{keytabdir}
 %{_libdir}/%{name}/libsss_ipa.so
-%attr(0750,root,%{sssd_user}) %caps(cap_setuid,cap_setgid=p) %{_libexecdir}/%{servicename}/selinux_child
 %{_mandir}/man5/sssd-ipa.5*
 
 %files ad -f sssd_ad.lang
@@ -889,7 +847,6 @@ install -D -p -m 0644 %{SOURCE1} %{buildroot}%{_sysusersdir}/sssd.conf
 %license COPYING
 %{_libexecdir}/%{servicename}/sssd_ifp
 %{_mandir}/man5/sssd-ifp.5*
-%{_unitdir}/sssd-ifp.service
 # InfoPipe DBus plumbing
 %{_datadir}/dbus-1/system.d/org.freedesktop.sssd.infopipe.conf
 %{_datadir}/dbus-1/system-services/org.freedesktop.sssd.infopipe.service
@@ -1016,8 +973,6 @@ install -D -p -m 0644 %{SOURCE1} %{buildroot}%{_sysusersdir}/sssd.conf
 %config(noreplace) %{_sysconfdir}/krb5.conf.d/kcm_default_ccache
 %dir %{_datadir}/sssd-kcm
 %{_datadir}/sssd-kcm/kcm_default_ccache
-%{_unitdir}/sssd-kcm.socket
-%{_unitdir}/sssd-kcm.service
 %{_mandir}/man8/sssd-kcm.8*
 
 %files idp
@@ -1049,13 +1004,6 @@ getent passwd sssd >/dev/null || useradd -r -g sssd -d /run/sssd -s /sbin/nologi
 %endif
 
 %post common
-%systemd_post sssd.service
-%systemd_post sssd-autofs.socket
-%systemd_post sssd-nss.socket
-%systemd_post sssd-pac.socket
-%systemd_post sssd-pam.socket
-%systemd_post sssd-ssh.socket
-%systemd_post sssd-sudo.socket
 %__rm -f %{mcpath}/passwd
 %__rm -f %{mcpath}/group
 %__rm -f %{mcpath}/initgroups
@@ -1067,53 +1015,11 @@ getent passwd sssd >/dev/null || useradd -r -g sssd -d /run/sssd -s /sbin/nologi
 %__chown -f %{sssd_user}:%{sssd_user} %{secdbpath}/*.ldb || true
 %__chown -f -R %{sssd_user}:%{sssd_user} %{gpocachepath} || true
 
-%preun common
-%systemd_preun sssd.service
-%systemd_preun sssd-autofs.socket
-%systemd_preun sssd-nss.socket
-%systemd_preun sssd-pac.socket
-%systemd_preun sssd-pam.socket
-%systemd_preun sssd-ssh.socket
-%systemd_preun sssd-sudo.socket
-
 %postun common
 %__rm -f %{mcpath}/passwd
 %__rm -f %{mcpath}/group
 %__rm -f %{mcpath}/initgroups
 %__rm -f %{mcpath}/sid
-%systemd_postun_with_restart sssd-autofs.socket
-%systemd_postun_with_restart sssd-nss.socket
-%systemd_postun_with_restart sssd-pac.socket
-%systemd_postun_with_restart sssd-pam.socket
-%systemd_postun_with_restart sssd-ssh.socket
-%systemd_postun_with_restart sssd-sudo.socket
-
-# Services have RefuseManualStart=true, therefore we can't request restart.
-%systemd_postun sssd-autofs.service
-%systemd_postun sssd-nss.service
-%systemd_postun sssd-pac.service
-%systemd_postun sssd-pam.service
-%systemd_postun sssd-ssh.service
-%systemd_postun sssd-sudo.service
-
-%post dbus
-%systemd_post sssd-ifp.service
-
-%preun dbus
-%systemd_preun sssd-ifp.service
-
-%postun dbus
-%systemd_postun_with_restart sssd-ifp.service
-
-%post kcm
-%systemd_post sssd-kcm.socket
-
-%preun kcm
-%systemd_preun sssd-kcm.socket
-
-%postun kcm
-%systemd_postun_with_restart sssd-kcm.socket
-%systemd_postun_with_restart sssd-kcm.service
 
 %post client
 /usr/sbin/alternatives --install /etc/cifs-utils/idmap-plugin cifs-idmap-plugin %{_libdir}/cifs-utils/cifs_idmap_sss.so 20
@@ -1123,9 +1029,6 @@ if [ $1 -eq 0 ] ; then
         /usr/sbin/alternatives --remove cifs-idmap-plugin %{_libdir}/cifs-utils/cifs_idmap_sss.so || true
 fi
 
-%posttrans common
-%systemd_postun_with_restart sssd.service
-
 %changelog
 * Thu Jan 21 2021 Pavel Březina <pbrezina@redhat.com> - @PACKAGE_NAME@-@PACKAGE_VERSION@-0@PRERELEASE_VERSION@
 - Built from upstream sources.