Overview

File 0061-contrib-sssd-krb5-configuration-snippet.patch of Package sssd.41685

From 19bc74e0e0aa9d201754ad3f499799212bdff674 Mon Sep 17 00:00:00 2001
From: Iker Pedrosa <ipedrosa@redhat.com>
Date: Mon, 29 Nov 2021 16:16:36 +0100
Subject: [PATCH] contrib: sssd krb5 configuration snippet
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Add a configuration snippet for krb5 that points to the folder where the
sssd configuration for this service is located. This will enable
passwordless (GSSAPI) ssh to work without any sssd configuration change.

Resolves: https://github.com/SSSD/sssd/issues/5893

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>

Reviewed-by: Tomáš Halman <thalman@redhat.com>
---
 Makefile.am                  | 3 +++
 contrib/enable_sssd_conf_dir | 5 +++++
 contrib/sssd.spec.in         | 9 +++++++++
 3 files changed, 17 insertions(+)
 create mode 100644 contrib/enable_sssd_conf_dir

diff --git a/Makefile.am b/Makefile.am
index b82129eae..0a9799340 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -59,6 +59,7 @@ sssdconfdir = $(sysconfdir)/sssd
 sssddatadir = $(datadir)/sssd
 sssdapiplugindir = $(sssddatadir)/sssd.api.d
 sssdtapscriptdir = $(sssddatadir)/systemtap
+krb5snippetsdir = $(sssddatadir)/krb5-snippets
 dbuspolicydir = $(sysconfdir)/dbus-1/system.d
 dbusservicedir = $(datadir)/dbus-1/system-services
 sss_statedir = $(localstatedir)/lib/sss
@@ -4332,6 +4333,8 @@ sssd_krb5_localauth_plugin_la_LDFLAGS = \
     -module
 endif
 
+dist_krb5snippets_DATA = contrib/enable_sssd_conf_dir
+
 sssd_pac_plugin_la_SOURCES = \
     src/sss_client/sssd_pac.c \
     src/sss_client/common.c \
diff --git a/contrib/enable_sssd_conf_dir b/contrib/enable_sssd_conf_dir
new file mode 100644
index 000000000..41536579c
--- /dev/null
+++ b/contrib/enable_sssd_conf_dir
@@ -0,0 +1,5 @@
+# This file should normally be installed by your distribution into a
+# directory that is included from the Kerberos configuration file (/etc/krb5.conf)
+# On Fedora/RHEL/CentOS, this is /etc/krb5.conf.d/
+
+includedir /var/lib/sss/pubconf/krb5.include.d/
diff --git a/contrib/sssd.spec.in b/contrib/sssd.spec.in
index 651bc5ecd..0375fdf38 100644
--- a/contrib/sssd.spec.in
+++ b/contrib/sssd.spec.in
@@ -796,6 +796,12 @@ install -m644 src/examples/rwtab $RPM_BUILD_ROOT%{_sysconfdir}/rwtab.d/sssd
 mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/cifs-utils
 %endif
 
+mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/krb5.conf.d
+
+# krb5 configuration snippet
+cp $RPM_BUILD_ROOT/%{_datadir}/sssd/krb5-snippets/enable_sssd_conf_dir \
+   $RPM_BUILD_ROOT/%{_sysconfdir}/krb5.conf.d/enable_sssd_conf_dir
+
 # Remove .la files created by libtool
 find $RPM_BUILD_ROOT -name "*.la" -exec rm -f {} \;
 
@@ -1052,6 +1058,9 @@ done
 %license COPYING
 %{_libdir}/%{name}/libsss_krb5.so
 %{_mandir}/man5/sssd-krb5.5*
+%config(noreplace) %{_sysconfdir}/krb5.conf.d/enable_sssd_conf_dir
+%dir %{_datadir}/sssd/krb5-snippets
+%{_datadir}/sssd/krb5-snippets/enable_sssd_conf_dir
 
 %files common-pac
 %defattr(-,root,root,-)
-- 
2.51.1
openSUSE Build Service is sponsored by
Places