commit: 6b19951c8ee9e8cfbc718e0287ed78d9dbc2170b Author: Sam James <sam <AT> gentoo <DOT> org> AuthorDate: Mon Jan 22 14:01:34 2024 +0000 Commit: Sam James <sam <AT> gentoo <DOT> org> CommitDate: Mon Jan 22 14:01:59 2024 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6b19951c
sys-auth/pambase: wire up sssd Closes: https://bugs.gentoo.org/726050 Signed-off-by: Sam James <sam <AT> gentoo.org> profiles/arch/alpha/package.use.mask | 1 + profiles/arch/amd64/package.use.stable.mask | 1 + profiles/arch/ia64/package.use.mask | 1 + profiles/arch/loong/package.use.mask | 1 + profiles/arch/s390/package.use.mask | 1 + profiles/arch/x86/package.use.stable.mask | 3 ++- profiles/base/package.use.stable.mask | 1 + profiles/features/musl/package.use.mask | 1 + sys-auth/pambase/metadata.xml | 4 ++++ sys-auth/pambase/pambase-20240119.ebuild | 4 +++- sys-auth/pambase/pambase-999999999.ebuild | 4 +++- 11 files changed, 19 insertions(+), 3 deletions(-) diff --git a/profiles/arch/alpha/package.use.mask b/profiles/arch/alpha/package.use.mask index 17d95fde6aba..c6638dd0ea00 100644 --- a/profiles/arch/alpha/package.use.mask +++ b/profiles/arch/alpha/package.use.mask @@ -317,6 +317,7 @@ dev-db/percona-server cjk # Mikle Kolyada <zlog...@gentoo.org> (2018-10-05) # Not keyworded (see bug #540540c#8) app-admin/sudo sssd +sys-auth/pambase sssd # Andreas Sturmlechner <ast...@gentoo.org> (2018-09-30) # Optional dependency blocking security cleanup, bug #627316 diff --git a/profiles/arch/amd64/package.use.stable.mask b/profiles/arch/amd64/package.use.stable.mask index 60c17f53ac61..420f3a193b95 100644 --- a/profiles/arch/amd64/package.use.stable.mask +++ b/profiles/arch/amd64/package.use.stable.mask @@ -105,6 +105,7 @@ media-libs/opencv contribcvv contribhdf contribsfm contribxfeatures2d gflags glo # Mikle Kolyada <zlog...@gentoo.org> (2018-11-07) # unmask sssd for sudo app-admin/sudo -sssd +sys-auth/pambase -sssd # Thomas Deutschmann <whi...@gentoo.org> (2018-06-01) net-analyzer/wireshark -doc diff --git a/profiles/arch/ia64/package.use.mask b/profiles/arch/ia64/package.use.mask index 8cc19146acaf..e89122890252 100644 --- a/profiles/arch/ia64/package.use.mask +++ b/profiles/arch/ia64/package.use.mask @@ -16,6 +16,7 @@ dev-lang/php capstone # David Seifert <s...@gentoo.org> (2023-12-30) # sys-auth/sssd not keyworded here anymore app-admin/sudo sssd +sys-auth/pambase sssd # Mart Raudsepp <l...@gentoo.org> (2023-12-25) # sys-apps/xdg-desktop-portal not keyworded here yet diff --git a/profiles/arch/loong/package.use.mask b/profiles/arch/loong/package.use.mask index d3a86ae2589b..050e85be038b 100644 --- a/profiles/arch/loong/package.use.mask +++ b/profiles/arch/loong/package.use.mask @@ -184,6 +184,7 @@ media-video/ffmpeg libilbc libtesseract # WANG Xuerui <xe...@gentoo.org> (2022-12-05) # sys-auth/sssd isn't keyworded here yet app-admin/sudo sssd +sys-auth/pambase sssd # WANG Xuerui <xe...@gentoo.org> (2022-12-04) # neither app-text/ronn or app-text/ronn-ng can be built with diff --git a/profiles/arch/s390/package.use.mask b/profiles/arch/s390/package.use.mask index 5091c2e592c6..212cdaa36630 100644 --- a/profiles/arch/s390/package.use.mask +++ b/profiles/arch/s390/package.use.mask @@ -123,6 +123,7 @@ app-crypt/pinentry efl # Sam James <s...@gentoo.org> (2022-04-24) # sssd not keyworded here app-admin/sudo sssd +sys-auth/pambase sssd # Sam James <s...@gentoo.org> (2022-04-24) # app-crypt/dieharder and dev-libs/softhsm:2 unkeyworded here diff --git a/profiles/arch/x86/package.use.stable.mask b/profiles/arch/x86/package.use.stable.mask index f2ea6348296f..9410ac3510fd 100644 --- a/profiles/arch/x86/package.use.stable.mask +++ b/profiles/arch/x86/package.use.stable.mask @@ -1,4 +1,4 @@ -# Copyright 1999-2023 Gentoo Authors +# Copyright 1999-2024 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 # When you add an entry to the top of this file, add your name, the date, and @@ -97,6 +97,7 @@ media-libs/opencv contribcvv contribhdf contribsfm contribxfeatures2d gflags glo # Mikle Kolyada <zlog...@gentoo.org> (2018-11-07) # unmask sssd for sudo app-admin/sudo -sssd +sys-auth/pambase -sssd # Thomas Deutschmann <whi...@gentoo.org> (2018-06-01) net-analyzer/wireshark -doc diff --git a/profiles/base/package.use.stable.mask b/profiles/base/package.use.stable.mask index e085e0dbed80..2aaf3a6f944c 100644 --- a/profiles/base/package.use.stable.mask +++ b/profiles/base/package.use.stable.mask @@ -168,6 +168,7 @@ media-plugins/grilo-plugins chromaprint # Mikle Kolyada <zlog...@gentoo.org> (2018-11-07) # sssd is only stable for amd64 and x86 app-admin/sudo sssd +sys-auth/pambase sssd # Thomas Deutschmann <whi...@gentoo.org> (2018-06-01) # Needs dev-ruby/asciidoctor which has a lot of unstable deps diff --git a/profiles/features/musl/package.use.mask b/profiles/features/musl/package.use.mask index e37fc86b0889..c134af6cab69 100644 --- a/profiles/features/musl/package.use.mask +++ b/profiles/features/musl/package.use.mask @@ -52,6 +52,7 @@ dev-scheme/scm readline # Sam James <s...@gentoo.org> (2022-10-04) # sys-auth/sssd is masked on musl app-admin/sudo sssd +sys-auth/pambase sssd # Sam James <s...@gentoo.org> (2022-10-04) # sys-libs/libsmbios is masked on musl diff --git a/sys-auth/pambase/metadata.xml b/sys-auth/pambase/metadata.xml index 45396281fe28..526e8b5c341a 100644 --- a/sys-auth/pambase/metadata.xml +++ b/sys-auth/pambase/metadata.xml @@ -67,6 +67,10 @@ will not be compatible with systems using an earlier glibc version. </flag> + <flag name="sssd"> + Add System Security Services Daemon (<pkg>sys-auth/sssd</pkg>) support + via pam_sss. + </flag> <flag name="yescrypt"> Switch Linux-PAM's pam_unix module to use yescrypt for passwords hashes rather than MD5 </flag> diff --git a/sys-auth/pambase/pambase-20240119.ebuild b/sys-auth/pambase/pambase-20240119.ebuild index f1bcc8c30fab..cad46258f14c 100644 --- a/sys-auth/pambase/pambase-20240119.ebuild +++ b/sys-auth/pambase/pambase-20240119.ebuild @@ -24,7 +24,7 @@ fi LICENSE="MIT" SLOT="0" -IUSE="caps debug elogind gnome-keyring homed minimal mktemp +nullok pam_krb5 pam_ssh +passwdqc pwhistory pwquality securetty selinux +sha512 systemd yescrypt" +IUSE="caps debug elogind gnome-keyring homed minimal mktemp +nullok pam_krb5 pam_ssh +passwdqc pwhistory pwquality securetty selinux +sha512 sssd systemd yescrypt" RESTRICT="binchecks" @@ -57,6 +57,7 @@ RDEPEND=" homed? ( sys-apps/systemd[homed] ) systemd? ( sys-apps/systemd[pam] ) yescrypt? ( sys-libs/libxcrypt[system] ) + sssd? ( sys-auth/sssd ) " BDEPEND=" $(python_gen_any_dep ' @@ -88,6 +89,7 @@ src_configure() { $(usex sha512 '--sha512' '') \ $(usex systemd '--systemd' '') \ $(usex yescrypt '--yescrypt' '') \ + $(usex sssd '--sssd' '') \ || die } diff --git a/sys-auth/pambase/pambase-999999999.ebuild b/sys-auth/pambase/pambase-999999999.ebuild index f1bcc8c30fab..cad46258f14c 100644 --- a/sys-auth/pambase/pambase-999999999.ebuild +++ b/sys-auth/pambase/pambase-999999999.ebuild @@ -24,7 +24,7 @@ fi LICENSE="MIT" SLOT="0" -IUSE="caps debug elogind gnome-keyring homed minimal mktemp +nullok pam_krb5 pam_ssh +passwdqc pwhistory pwquality securetty selinux +sha512 systemd yescrypt" +IUSE="caps debug elogind gnome-keyring homed minimal mktemp +nullok pam_krb5 pam_ssh +passwdqc pwhistory pwquality securetty selinux +sha512 sssd systemd yescrypt" RESTRICT="binchecks" @@ -57,6 +57,7 @@ RDEPEND=" homed? ( sys-apps/systemd[homed] ) systemd? ( sys-apps/systemd[pam] ) yescrypt? ( sys-libs/libxcrypt[system] ) + sssd? ( sys-auth/sssd ) " BDEPEND=" $(python_gen_any_dep ' @@ -88,6 +89,7 @@ src_configure() { $(usex sha512 '--sha512' '') \ $(usex systemd '--systemd' '') \ $(usex yescrypt '--yescrypt' '') \ + $(usex sssd '--sssd' '') \ || die }