Overview

File 0028-contrib-sssd-krb5-configuration-snippet.patch of Package sssd.41688

From 7d46f8b54d68cd3822f3d8e4effc23777aa31bc4 Mon Sep 17 00:00:00 2001
From: Iker Pedrosa <ipedrosa@redhat.com>
Date: Mon, 29 Nov 2021 16:16:36 +0100
Subject: [PATCH 1/2] contrib: sssd krb5 configuration snippet
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Add a configuration snippet for krb5 that points to the folder where the
sssd configuration for this service is located. This will enable
passwordless (GSSAPI) ssh to work without any sssd configuration change.

Resolves: https://github.com/SSSD/sssd/issues/5893

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>

Reviewed-by: Tomáš Halman <thalman@redhat.com>
---
 Makefile.am                  | 3 +++
 contrib/enable_sssd_conf_dir | 5 +++++
 contrib/sssd.spec.in         | 9 +++++++++
 3 files changed, 17 insertions(+)
 create mode 100644 contrib/enable_sssd_conf_dir

diff --git a/Makefile.am b/Makefile.am
index e7eb8ac0d..3ab2a3831 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -52,6 +52,7 @@ endif
 sssdconfdir = $(sysconfdir)/sssd
 sssddatadir = $(datadir)/sssd
 sssdapiplugindir = $(sssddatadir)/sssd.api.d
+krb5snippetsdir = $(sssddatadir)/krb5-snippets
 dbuspolicydir = $(sysconfdir)/dbus-1/system.d
 dbusservicedir = $(datadir)/dbus-1/system-services
 sss_statedir = $(localstatedir)/lib/sss
@@ -3303,6 +3304,8 @@ sssd_krb5_localauth_plugin_la_LDFLAGS = \
     -module
 endif
 
+dist_krb5snippets_DATA = contrib/enable_sssd_conf_dir
+
 sssd_pac_plugin_la_SOURCES = \
     src/sss_client/sssd_pac.c \
     src/sss_client/common.c \
diff --git a/contrib/enable_sssd_conf_dir b/contrib/enable_sssd_conf_dir
new file mode 100644
index 000000000..41536579c
--- /dev/null
+++ b/contrib/enable_sssd_conf_dir
@@ -0,0 +1,5 @@
+# This file should normally be installed by your distribution into a
+# directory that is included from the Kerberos configuration file (/etc/krb5.conf)
+# On Fedora/RHEL/CentOS, this is /etc/krb5.conf.d/
+
+includedir /var/lib/sss/pubconf/krb5.include.d/
diff --git a/contrib/sssd.spec.in b/contrib/sssd.spec.in
index c68fd928c..dd2117e6a 100644
--- a/contrib/sssd.spec.in
+++ b/contrib/sssd.spec.in
@@ -602,6 +602,12 @@ install -m644 src/examples/logrotate $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/s
 mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/rwtab.d
 install -m644 src/examples/rwtab $RPM_BUILD_ROOT%{_sysconfdir}/rwtab.d/sssd
 
+mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/krb5.conf.d
+
+# krb5 configuration snippet
+cp $RPM_BUILD_ROOT/%{_datadir}/sssd/krb5-snippets/enable_sssd_conf_dir \
+   $RPM_BUILD_ROOT/%{_sysconfdir}/krb5.conf.d/enable_sssd_conf_dir
+
 # Remove .la files created by libtool
 find $RPM_BUILD_ROOT -name "*.la" -exec rm -f {} \;
 
@@ -772,6 +778,9 @@ rm -rf $RPM_BUILD_ROOT
 %doc COPYING
 %{_libdir}/%{name}/libsss_krb5.so
 %{_mandir}/man5/sssd-krb5.5*
+%config(noreplace) %{_sysconfdir}/krb5.conf.d/enable_sssd_conf_dir
+%dir %{_datadir}/sssd/krb5-snippets
+%{_datadir}/sssd/krb5-snippets/enable_sssd_conf_dir
 
 %files common-pac
 %defattr(-,root,root,-)
-- 
2.51.1
openSUSE Build Service is sponsored by
Places