FreeBSD Bugzilla – Attachment 218997 Details for
Bug 241347
security/sssd: Update to 1.16.4
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch to update security/sssd to 1.16.5
sssd-patch-1.11.7_22-to-1.16.5_1-svn (text/plain), 97.11 KB, created by
Richard Frewin
on 2020-10-23 09:44:44 UTC
(
hide
)
Description:
Patch to update security/sssd to 1.16.5
Filename:
MIME Type:
Creator:
Richard Frewin
Created:
2020-10-23 09:44:44 UTC
Size:
97.11 KB
patch
obsolete
>Index: security/sssd/Makefile >=================================================================== >--- security/sssd/Makefile (revision 552996) >+++ security/sssd/Makefile (working copy) >@@ -1,9 +1,11 @@ > # Created by: Lukas Slebodnik <lukas.slebodnik@intrak.sk> > # $FreeBSD$ > >+MAKE_JOBS_UNSAFE=yes >+ > PORTNAME= sssd >-PORTVERSION= 1.11.7 >-PORTREVISION= 22 >+PORTVERSION= 1.16.5 >+PORTREVISION= 1 > CATEGORIES= security > MASTER_SITES= https://releases.pagure.org/SSSD/${PORTNAME}/ > >@@ -13,14 +15,11 @@ > LICENSE= GPLv3+ > LICENSE_FILE= ${WRKSRC}/COPYING > >-DEPRECATED= Uses deprecated version of python >-EXPIRATION_DATE= 2020-09-15 >- > LIB_DEPENDS= libpopt.so:devel/popt \ > libtalloc.so:devel/talloc \ > libtevent.so:devel/tevent \ > libtdb.so:databases/tdb \ >- libldb.so:databases/ldb14 \ >+ libldb.so:databases/ldb15 \ > libcares.so:dns/c-ares \ > libdbus-1.so:devel/dbus \ > libdhash.so:devel/ding-libs \ >@@ -37,24 +36,23 @@ > krb5>=1.10:security/krb5 \ > nsupdate:dns/bind-tools > >-USES= autoreconf cpe gettext gmake iconv libtool pathfix pkgconfig \ >- python:2.7 shebangfix gssapi:mit >- >-USE_LDCONFIG= yes >-USE_OPENLDAP= yes >- > GNU_CONFIGURE= yes >-CONFIGURE_ARGS= --with-selinux=no --with-semanage=no \ >+CONFIGURE_ARGS= --without-selinux --without-semanage \ >+ --without-libnl --without-nfsv4-idmapd-plugin \ >+ --without-autofs --without-secrets --without-kcm \ >+ --without-python2-bindings \ >+ --with-init-dir=no \ >+ --disable-cifs-idmap-plugin \ >+ --with-unicode-lib=libunistring \ > --with-ldb-lib-dir=${LOCALBASE}/lib/shared-modules/ldb \ > --with-xml-catalog-path=${LOCALBASE}/share/xml/catalog \ >- --with-libnl=no --with-init-dir=no --datadir=${DATADIR} \ >- --docdir=${DOCSDIR} --with-pid-path=/var/run \ >- --localstatedir=/var --enable-pammoddir=${PREFIX}/lib \ >- --with-db-path=/var/db/sss --with-pipe-path=/var/run/sss \ >- --with-pubconf-path=/var/run/sss --with-mcache-path=/var/db/sss_mc \ >- --with-unicode-lib=libunistring --with-autofs=no \ >- --disable-cifs-idmap-plugin --disable-config-lib \ >- --with-krb5-conf=/etc/krb5.conf >+ --datadir=${DATADIR} --docdir=${DOCSDIR} --localstatedir=/var \ >+ --with-db-path=/var/db/sss/db --with-mcache-path=/var/db/sss/mc \ >+ --with-pubconf-path=/var/db/sss/pubconf \ >+ --with-gpo-cache-path=/var/db/sss/gpo_cache \ >+ --with-pid-path=/var/run --with-pipe-path=/var/run/sss/pipes \ >+ --with-krb5-conf=/etc/krb5.conf \ >+ --enable-pammoddir=${PREFIX}/lib > CFLAGS+= -fstack-protector-all > PLIST_SUB= PYTHON_VER=${PYTHON_VER} > #DEBUG_FLAGS= -g >@@ -61,9 +59,14 @@ > MAKE_ENV+= LINGUAS="bg de eu es fr hu id it ja nb nl pl pt ru sv tg tr uk zh_CN zh_TW" > SUB_FILES= pkg-message > >+USE_LDCONFIG= yes >+USE_OPENLDAP= yes >+USES= autoreconf cpe gettext gmake iconv libtool pathfix pkgconfig \ >+ python:3.7 shebangfix gssapi:mit > INSTALL_TARGET= install-strip > CPE_VENDOR= fedoraproject > >+BINARY_ALIAS= python3=python${PYTHON_VER} > SHEBANG_FILES= src/tools/sss_obfuscate \ > src/sbus/sbus_codegen > >@@ -73,15 +76,15 @@ > OPTIONS_DEFINE= DOCS SMB > OPTIONS_SUB= yes > >-# If the port fails to package with SMB=on due to some missing files from >-# pkg-plist, check if there was a version bump of security/krb5 and >-# update files/patch-src__external__krb5.m4 accordingly. >-# >-# See: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=244778 >- > SMB_DESC= Install IPA and AD providers (requires Samba4) >-SMB_USES= samba:lib # libndr-krb5pac libndr-nbt libndr libsamba-util >-SMB_CONFIGURE_WITH= samba >+SMB_USES= samba:lib >+SMB_CONFIGURE_WITH= samba smb-idmap-interface-version=6 >+SMB_LIB_DEPENDS= libndr-nbt.so.0:net/samba410 \ >+ libndr-krb5pac.so.0:net/samba410 \ >+ libndr-standard.so.0:net/samba410 \ >+ libndr.so.0:net/samba410 \ >+ libsamba-util.so.0:net/samba410 \ >+ libsmbclient.so.0:net/samba410 > > post-patch: > @${REINPLACE_CMD} -e 's|SIGCLD|SIGCHLD|g' ${WRKSRC}/src/util/signal.c >@@ -108,12 +111,9 @@ > ${INSTALL_DATA} ${WRKSRC}/src/examples/sssd-example.conf \ > ${STAGEDIR}${ETCDIR}/sssd.conf.sample > ${LN} -sf nss_sss.so ${STAGEDIR}${PREFIX}/lib/nss_sss.so.1 >-# clean these up from the install; we create them in rc script start_precmd >-.for d in db/sss db/sss_mc log/sssd run/sss/krb5.include.d run/sss/private run/sss >- @${RMDIR} ${STAGEDIR}/var/${d} >-.endfor >+ > # clean unused man dirs >-.for i in nl/man1 nl/man5 pt/man1 pt/man5 >+.for i in es/man1 nl/man1 nl/man5 pt/man1 pt/man5 sv/man1 > @${RMDIR} ${STAGEDIR}${PREFIX}/man/${i} > .endfor > >Index: security/sssd/distinfo >=================================================================== >--- security/sssd/distinfo (revision 552996) >+++ security/sssd/distinfo (working copy) >@@ -1,2 +1,3 @@ >-SHA256 (sssd-1.11.7.tar.gz) = ff12d5730a6d7d08fe11140aa58e544900b75c63902b7a07bbbc12d6a99cb5b5 >-SIZE (sssd-1.11.7.tar.gz) = 3661227 >+TIMESTAMP = 1587639728 >+SHA256 (sssd-1.16.5.tar.gz) = 2e1a7bf036b583f686d35164f2d79bdf4857b98f51fe8b0d17aa0fa756e4d0c0 >+SIZE (sssd-1.16.5.tar.gz) = 6639917 >Index: security/sssd/files/patch-Makefile.am >=================================================================== >--- security/sssd/files/patch-Makefile.am (revision 552996) >+++ security/sssd/files/patch-Makefile.am (working copy) >@@ -1,22 +1,38 @@ >---- Makefile.am.orig 2020-03-16 18:30:24 UTC >+diff --git Makefile.am Makefile.am >+index be17d6a59..03386d1f8 100644 >+--- Makefile.am > +++ Makefile.am >-@@ -311,6 +311,7 @@ AM_CPPFLAGS = \ >- $(LIBNL_CFLAGS) \ >- $(OPENLDAP_CFLAGS) \ >- $(GLIB2_CFLAGS) \ >-+ -DHOST_NAME_MAX=_POSIX_HOST_NAME_MAX \ >- -DLIBDIR=\"$(libdir)\" \ >- -DVARDIR=\"$(localstatedir)\" \ >- -DSHLIBEXT=\"$(SHLIBEXT)\" \ >-@@ -378,6 +379,7 @@ SSSD_LIBS = \ >- $(DHASH_LIBS) \ >- $(SSS_CRYPT_LIBS) \ >- $(OPENLDAP_LIBS) \ >+@@ -61,7 +61,7 @@ sssdapiplugindir = $(sssddatadir)/sssd.api.d >+ sssdtapscriptdir = $(sssddatadir)/systemtap >+ dbuspolicydir = $(sysconfdir)/dbus-1/system.d >+ dbusservicedir = $(datadir)/dbus-1/system-services >+-sss_statedir = $(localstatedir)/lib/sss >++sss_statedir = $(localstatedir)/db/sss >+ runstatedir = @runstatedir@ >+ localedir = @localedir@ >+ nsslibdir = @nsslibdir@ >+@@ -378,12 +378,6 @@ sssdlib_LTLIBRARIES += \ >+ libsss_ad.la >+ endif >+ >+-if HAVE_INOTIFY >+-sssdlib_LTLIBRARIES += \ >+- libsss_files.la \ >+- $(NULL) >+-endif # HAVE_INOTIFY >+- >+ ldblib_LTLIBRARIES = \ >+ memberof.la >+ >+@@ -610,6 +604,7 @@ SSSD_FAILOVER_OBJ = \ >+ >+ SSSD_LIBS = \ >+ $(TALLOC_LIBS) \ > + $(LTLIBINTL) \ >- $(TDB_LIBS) >- >- PYTHON_BINDINGS_LIBS = \ >-@@ -433,6 +435,7 @@ dist_noinst_HEADERS = \ >+ $(TEVENT_LIBS) \ >+ $(POPT_LIBS) \ >+ $(LDB_LIBS) \ >+@@ -664,6 +659,7 @@ dist_noinst_HEADERS = \ > src/util/sss_ssh.h \ > src/util/sss_ini.h \ > src/util/sss_format.h \ >@@ -24,7 +40,137 @@ > src/util/refcount.h \ > src/util/find_uid.h \ > src/util/user_info_msg.h \ >-@@ -1700,9 +1703,10 @@ endif >+@@ -1358,6 +1354,7 @@ sssd_LDADD = \ >+ $(SSSD_LIBS) \ >+ $(INOTIFY_LIBS) \ >+ $(LIBNL_LIBS) \ >++ $(LTLIBINTL) \ >+ $(KEYUTILS_LIBS) \ >+ $(SYSTEMD_DAEMON_LIBS) \ >+ $(SSSD_INTERNAL_LTLIBS) >+@@ -1381,6 +1378,7 @@ sssd_nss_SOURCES = \ >+ sssd_nss_LDADD = \ >+ $(TDB_LIBS) \ >+ $(SSSD_LIBS) \ >++ $(LTLIBINTL) \ >+ libsss_idmap.la \ >+ libsss_cert.la \ >+ $(SYSTEMD_DAEMON_LIBS) \ >+@@ -1397,6 +1395,7 @@ sssd_pam_SOURCES = \ >+ sssd_pam_LDADD = \ >+ $(TDB_LIBS) \ >+ $(SSSD_LIBS) \ >++ $(LTLIBINTL) \ >+ $(SELINUX_LIBS) \ >+ $(PAM_LIBS) \ >+ $(SYSTEMD_DAEMON_LIBS) \ >+@@ -1414,6 +1413,7 @@ sssd_sudo_SOURCES = \ >+ $(SSSD_RESPONDER_OBJ) >+ sssd_sudo_LDADD = \ >+ $(SSSD_LIBS) \ >++ $(LTLIBINTL) \ >+ $(SYSTEMD_DAEMON_LIBS) \ >+ $(SSSD_INTERNAL_LTLIBS) >+ endif >+@@ -1426,6 +1426,7 @@ sssd_autofs_SOURCES = \ >+ $(SSSD_RESPONDER_OBJ) >+ sssd_autofs_LDADD = \ >+ $(SSSD_LIBS) \ >++ $(LTLIBINTL) \ >+ $(SYSTEMD_DAEMON_LIBS) \ >+ $(SSSD_INTERNAL_LTLIBS) >+ endif >+@@ -1441,6 +1442,7 @@ sssd_ssh_SOURCES = \ >+ $(NULL) >+ sssd_ssh_LDADD = \ >+ $(SSSD_LIBS) \ >++ $(LTLIBINTL) \ >+ $(SSSD_INTERNAL_LTLIBS) \ >+ $(SYSTEMD_DAEMON_LIBS) \ >+ libsss_cert.la \ >+@@ -1481,6 +1483,7 @@ sssd_ifp_CFLAGS = \ >+ $(AM_CFLAGS) >+ sssd_ifp_LDADD = \ >+ $(SSSD_LIBS) \ >++ $(LTLIBINTL) \ >+ $(SYSTEMD_DAEMON_LIBS) \ >+ $(SSSD_INTERNAL_LTLIBS) \ >+ libsss_cert.la \ >+@@ -1604,6 +1607,7 @@ sssd_be_SOURCES = \ >+ sssd_be_LDADD = \ >+ $(LIBADD_DL) \ >+ $(SSSD_LIBS) \ >++ $(LTLIBINTL) \ >+ $(CARES_LIBS) \ >+ $(PAM_LIBS) \ >+ $(SSSD_INTERNAL_LTLIBS) >+@@ -1726,6 +1730,7 @@ sss_signal_SOURCES = \ >+ src/tools/common/sss_process.c >+ $(NULL) >+ sss_signal_LDADD = \ >++ $(LTLIBINTL) \ >+ libsss_debug.la \ >+ $(NULL) >+ >+@@ -2318,6 +2323,7 @@ test_ssh_client_CFLAGS = \ >+ test_ssh_client_LDADD = \ >+ $(SSSD_INTERNAL_LTLIBS) \ >+ $(SSSD_LIBS) \ >++ $(LTLIBINTL) \ >+ $(NULL) >+ >+ if BUILD_DBUS_TESTS >+@@ -2602,6 +2608,7 @@ test_authtok_LDADD = \ >+ $(CMOCKA_LIBS) \ >+ $(DHASH_LIBS) \ >+ $(POPT_LIBS) \ >++ $(LTLIBINTL) \ >+ libsss_test_common.la \ >+ libsss_debug.la \ >+ $(NULL) >+@@ -2622,6 +2629,7 @@ deskprofile_utils_tests_SOURCES = \ >+ deskprofile_utils_tests_CFLAGS = \ >+ $(AM_CFLAGS) >+ deskprofile_utils_tests_LDADD = \ >++ $(LTLIBINTL) \ >+ $(CMOCKA_LIBS) \ >+ $(SSSD_INTERNAL_LTLIBS) \ >+ libsss_test_common.la >+@@ -2654,6 +2662,7 @@ domain_resolution_order_tests_CFLAGS = \ >+ $(AM_CFLAGS) >+ domain_resolution_order_tests_LDADD = \ >+ $(CMOCKA_LIBS) \ >++ $(LTLIBINTL) \ >+ $(SSSD_INTERNAL_LTLIBS) \ >+ libsss_test_common.la >+ >+@@ -2738,6 +2747,7 @@ test_search_bases_LDADD = \ >+ $(CMOCKA_LIBS) \ >+ $(TALLOC_LIBS) \ >+ $(SSSD_INTERNAL_LTLIBS) \ >++ $(LTLIBINTL) \ >+ libsss_ldap_common.la \ >+ libsss_test_common.la \ >+ libdlopen_test_providers.la \ >+@@ -3545,6 +3555,7 @@ test_inotify_LDADD = \ >+ $(CMOCKA_LIBS) \ >+ $(SSSD_LIBS) \ >+ $(SSSD_INTERNAL_LTLIBS) \ >++ $(INOTIFY_LIBS) \ >+ $(LIBADD_DL) \ >+ libsss_test_common.la \ >+ $(NULL) >+@@ -3637,9 +3648,6 @@ endif >+ if BUILD_WITH_LIBCURL >+ noinst_PROGRAMS += tcurl-test-tool >+ endif >+-if BUILD_PAC_RESPONDER >+- noinst_PROGRAMS += sssd_pac_test_client >+-endif >+ >+ if BUILD_AUTOFS >+ autofs_test_client_SOURCES = \ >+@@ -3730,9 +3738,10 @@ intgcheck: > # Client Libraries # > #################### > >@@ -37,9 +183,9 @@ > src/sss_client/nss_passwd.c \ > src/sss_client/nss_group.c \ > src/sss_client/nss_netgroup.c \ >-@@ -1715,9 +1719,9 @@ libnss_sss_la_SOURCES = \ >- src/sss_client/nss_mc_passwd.c \ >+@@ -3748,9 +3757,9 @@ libnss_sss_la_SOURCES = \ > src/sss_client/nss_mc_group.c \ >+ src/sss_client/nss_mc_initgr.c \ > src/sss_client/nss_mc.h > -libnss_sss_la_LIBADD = \ > +nss_sss_la_LIBADD = \ >@@ -49,20 +195,43 @@ > -module \ > -version-info 2:0:0 \ > -Wl,--version-script,$(srcdir)/src/sss_client/sss_nss.exports >-@@ -2086,6 +2090,7 @@ ldap_child_LDADD = \ >- $(POPT_LIBS) \ >+@@ -3908,6 +3917,7 @@ libsss_ldap_common_la_LIBADD = \ > $(OPENLDAP_LIBS) \ > $(DHASH_LIBS) \ >+ $(KRB5_LIBS) \ > + $(LTLIBINTL) \ >- $(KRB5_LIBS) >+ libsss_krb5_common.la \ >+ libsss_idmap.la \ >+ libsss_certmap.la \ >+@@ -4271,6 +4281,7 @@ ldap_child_CFLAGS = \ >+ $(KRB5_CFLAGS) >+ ldap_child_LDADD = \ >+ libsss_debug.la \ >++ $(LTLIBINTL) \ >+ $(TALLOC_LIBS) \ >+ $(POPT_LIBS) \ >+ $(DHASH_LIBS) \ >+@@ -4313,6 +4324,7 @@ gpo_child_CFLAGS = \ >+ $(SMBCLIENT_CFLAGS) >+ gpo_child_LDADD = \ >+ libsss_debug.la \ >++ $(LTLIBINTL) \ >+ $(TALLOC_LIBS) \ >+ $(POPT_LIBS) \ >+ $(DHASH_LIBS) \ >+@@ -4329,6 +4341,7 @@ proxy_child_CFLAGS = \ >+ proxy_child_LDADD = \ >+ $(PAM_LIBS) \ >+ $(SSSD_LIBS) \ >++ $(LTLIBINTL) \ >+ $(SSSD_INTERNAL_LTLIBS) > >- proxy_child_SOURCES = \ >-@@ -2333,7 +2338,7 @@ else >- mkdir -p $(DESTDIR)$(initdir) >- endif >+ p11_child_SOURCES = \ >+@@ -4361,6 +4374,7 @@ endif > >--install-data-hook: >-+notinstall-data-hook: >- rm $(DESTDIR)/$(nsslibdir)/libnss_sss.so.2 \ >- $(DESTDIR)/$(nsslibdir)/libnss_sss.so >- mv $(DESTDIR)/$(nsslibdir)/libnss_sss.so.2.0.0 $(DESTDIR)/$(nsslibdir)/libnss_sss.so.2 >+ p11_child_LDADD = \ >+ libsss_debug.la \ >++ $(LTLIBINTL) \ >+ $(TALLOC_LIBS) \ >+ $(DHASH_LIBS) \ >+ $(POPT_LIBS) \ >Index: security/sssd/files/patch-configure.ac >=================================================================== >--- security/sssd/files/patch-configure.ac (revision 552996) >+++ security/sssd/files/patch-configure.ac (working copy) >@@ -1,20 +1,13 @@ >---- configure.ac.orig 2014-09-17 13:01:37 UTC >+diff --git configure.ac configure.ac >+index 9df463d9c..17d0d9ea7 100644 >+--- configure.ac > +++ configure.ac >-@@ -5,14 +5,14 @@ AC_INIT([sssd], >- VERSION_NUMBER, >- [sssd-devel@lists.fedorahosted.org]) >+@@ -44,8 +44,6 @@ AM_CONDITIONAL([HAVE_GCC], [test "$ac_cv_prog_gcc" = yes]) >+ AC_CHECK_HEADERS(stdint.h dlfcn.h) >+ AC_CONFIG_HEADER(config.h) > >-+AC_CONFIG_SRCDIR([BUILD.txt]) >-+AC_CONFIG_AUX_DIR([build]) >-+ >- m4_ifdef([AC_USE_SYSTEM_EXTENSIONS], >- [AC_USE_SYSTEM_EXTENSIONS], >- [AC_GNU_SOURCE]) >- >- CFLAGS="$CFLAGS -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE" >+-AC_CHECK_TYPES([errno_t], [], [], [[#include <errno.h>]]) > - >--AC_CONFIG_SRCDIR([BUILD.txt]) >--AC_CONFIG_AUX_DIR([build]) >+ m4_include([src/build_macros.m4]) >+ BUILD_WITH_SHARED_BUILD_DIR > >- AM_INIT_AUTOMAKE([-Wall foreign subdir-objects tar-pax]) >- AM_PROG_CC_C_O >Index: security/sssd/files/patch-src-monitor-monitor.c >=================================================================== >--- security/sssd/files/patch-src-monitor-monitor.c (revision 552996) >+++ security/sssd/files/patch-src-monitor-monitor.c (nonexistent) >@@ -1,26 +0,0 @@ >-Backport a887e33fbd from upstream: >-MONITOR: Do not use two configuration databases >- >---- src/monitor/monitor.c.orig 2014-09-17 13:01:37 UTC >-+++ src/monitor/monitor.c >-@@ -2832,6 +2832,20 @@ int main(int argc, const char *argv[]) >- ret = server_setup(MONITOR_NAME, flags, monitor->conf_path, &main_ctx); >- if (ret != EOK) return 2; >- >-+ /* Use confd initialized in server_setup. ldb_tdb module (1.4.0) check PID >-+ * of process which initialized db for locking purposes. >-+ * Failed to unlock db: ../ldb_tdb/ldb_tdb.c:147: >-+ * Reusing ldb opened by pid 28889 in process 28893 >-+ */ >-+ talloc_zfree(monitor->cdb); >-+ monitor->cdb = main_ctx->confdb_ctx; >-+ >-+ ret = confdb_get_domains(monitor->cdb, &monitor->domains); >-+ if (ret != EOK) { >-+ DEBUG(SSSDBG_FATAL_FAILURE, "No domains configured.\n"); >-+ return 4; >-+ } >-+ >- monitor->is_daemon = !opt_interactive; >- monitor->parent_pid = main_ctx->parent_pid; >- monitor->ev = main_ctx->event_ctx; > >Property changes on: security/sssd/files/patch-src-monitor-monitor.c >___________________________________________________________________ >Deleted: fbsd:nokeywords >## -1 +0,0 ## >-yes >\ No newline at end of property >Deleted: svn:eol-style >## -1 +0,0 ## >-native >\ No newline at end of property >Deleted: svn:mime-type >## -1 +0,0 ## >-text/plain >\ No newline at end of property >Index: security/sssd/files/patch-src__confdb__confdb.c >=================================================================== >--- security/sssd/files/patch-src__confdb__confdb.c (revision 552996) >+++ security/sssd/files/patch-src__confdb__confdb.c (working copy) >@@ -1,4 +1,6 @@ >---- src/confdb/confdb.c.orig 2014-09-17 13:01:37 UTC >+diff --git src/confdb/confdb.c src/confdb/confdb.c >+index e55f88e4e..81fd3417a 100644 >+--- src/confdb/confdb.c > +++ src/confdb/confdb.c > @@ -28,6 +28,11 @@ > #include "util/strtonum.h" >Index: security/sssd/files/patch-src__external__inotify.m4 >=================================================================== >--- security/sssd/files/patch-src__external__inotify.m4 (revision 552996) >+++ security/sssd/files/patch-src__external__inotify.m4 (working copy) >@@ -1,4 +1,6 @@ >---- src/external/inotify.m4.orig 2014-09-17 13:01:37 UTC >+diff --git src/external/inotify.m4 src/external/inotify.m4 >+index 3ae5ae314..e88bd3ffc 100644 >+--- src/external/inotify.m4 > +++ src/external/inotify.m4 > @@ -20,10 +20,10 @@ int main () { > AS_IF([test x"$inotify_works" != xyes], >Index: security/sssd/files/patch-src__external__krb5.m4 >=================================================================== >--- security/sssd/files/patch-src__external__krb5.m4 (revision 552996) >+++ security/sssd/files/patch-src__external__krb5.m4 (working copy) >@@ -1,11 +1,13 @@ >---- src/external/krb5.m4.orig 2014-09-17 13:01:37 UTC >+diff --git src/external/krb5.m4 src/external/krb5.m4 >+index b844c2fbe..856ef56fe 100644 >+--- src/external/krb5.m4 > +++ src/external/krb5.m4 > @@ -9,7 +9,7 @@ if test x$KRB5_CFLAGS != x; then > KRB5_PASSED_CFLAGS=$KRB5_CFLAGS > fi > >--AC_PATH_PROG(KRB5_CONFIG, krb5-config) >-+AC_PATH_PROG(KRB5_CONFIG, krb5-config, [], [/usr/local/bin:$PATH]) >+-AC_PATH_TOOL(KRB5_CONFIG, krb5-config) >++AC_PATH_TOOL(KRB5_CONFIG, krb5-config, [], [/usr/local/bin:$PATH]) > AC_MSG_CHECKING(for working krb5-config) > if test -x "$KRB5_CONFIG"; then > KRB5_CFLAGS="`$KRB5_CONFIG --cflags`" >Index: security/sssd/files/patch-src__external__ldap.m4 >=================================================================== >--- security/sssd/files/patch-src__external__ldap.m4 (nonexistent) >+++ security/sssd/files/patch-src__external__ldap.m4 (working copy) >@@ -0,0 +1,24 @@ >+diff --git src/external/ldap.m4 src/external/ldap.m4 >+index cd13fde62..73ca93674 100644 >+--- src/external/ldap.m4 >++++ src/external/ldap.m4 >+@@ -32,8 +32,7 @@ dnl Check for other libraries we need to link with to get the main routines. >+ test "$with_ldap" != "yes" && { AC_CHECK_LIB(ldap, ldap_open, [with_ldap=yes with_ldap_lber=yes], , -llber) } >+ test "$with_ldap" != "yes" && { AC_CHECK_LIB(ldap, ldap_open, [with_ldap=yes with_ldap_lber=yes with_ldap_krb=yes], , -llber -lkrb) } >+ test "$with_ldap" != "yes" && { AC_CHECK_LIB(ldap, ldap_open, [with_ldap=yes with_ldap_lber=yes with_ldap_krb=yes with_ldap_des=yes], , -llber -lkrb -ldes) } >+-CFLAGS=$SAVE_CFLAGS >+-LIBS=$SAVE_LIBS >++ >+ dnl Recently, we need -lber even though the main routines are elsewhere, >+ dnl because otherwise we get link errors w.r.t. ber_pvt_opt_on. So just >+ dnl check for that (it's a variable not a fun but that doesn't seem to >+@@ -42,6 +41,9 @@ dnl stick it in always shouldn't hurt, I don't think) ... #### Someone who >+ dnl #### understands LDAP needs to fix this properly. >+ test "$with_ldap_lber" != "yes" && { AC_CHECK_LIB(lber, ber_pvt_opt_on, with_ldap_lber=yes) } >+ >++CFLAGS=$SAVE_CFLAGS >++LIBS=$SAVE_LIBS >++ >+ if test "$with_ldap" = "yes"; then >+ if test "$with_ldap_des" = "yes" ; then >+ OPENLDAP_LIBS="${OPENLDAP_LIBS} -ldes" > >Property changes on: security/sssd/files/patch-src__external__ldap.m4 >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/sssd/files/patch-src__external__pac_responder.m4 >=================================================================== >--- security/sssd/files/patch-src__external__pac_responder.m4 (nonexistent) >+++ security/sssd/files/patch-src__external__pac_responder.m4 (working copy) >@@ -0,0 +1,13 @@ >+diff --git src/external/pac_responder.m4 src/external/pac_responder.m4 >+index dc986a1b8..09efdb139 100644 >+--- src/external/pac_responder.m4 >++++ src/external/pac_responder.m4 >+@@ -7,7 +7,7 @@ AC_ARG_ENABLE([pac-responder], >+ krb5_version_ok=no >+ if test x$build_pac_responder = xyes >+ then >+- AC_PATH_PROG(KRB5_CONFIG, krb5-config) >++ AC_PATH_TOOL(KRB5_CONFIG, krb5-config, [], [/usr/local/bin:$PATH]) >+ AC_MSG_CHECKING(for supported MIT krb5 version) >+ KRB5_VERSION="`$KRB5_CONFIG --version`" >+ case $KRB5_VERSION in > >Property changes on: security/sssd/files/patch-src__external__pac_responder.m4 >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/sssd/files/patch-src__lib__winbind_idmap_sss__winbind_idmap_sss.h >=================================================================== >--- security/sssd/files/patch-src__lib__winbind_idmap_sss__winbind_idmap_sss.h (nonexistent) >+++ security/sssd/files/patch-src__lib__winbind_idmap_sss__winbind_idmap_sss.h (working copy) >@@ -0,0 +1,13 @@ >+diff --git src/lib/winbind_idmap_sss/winbind_idmap_sss.h src/lib/winbind_idmap_sss/winbind_idmap_sss.h >+index 868049fff..cb1604ef1 100644 >+--- src/lib/winbind_idmap_sss/winbind_idmap_sss.h >++++ src/lib/winbind_idmap_sss/winbind_idmap_sss.h >+@@ -29,6 +29,8 @@ >+ #include <stdbool.h> >+ >+ #include <core/ntstatus.h> >++#include <unistd.h> >++#include <time.h> >+ #include <ndr.h> >+ #include <gen_ndr/security.h> >+ > >Property changes on: security/sssd/files/patch-src__lib__winbind_idmap_sss__winbind_idmap_sss.h >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/sssd/files/patch-src__providers__ad__ad_common.c >=================================================================== >--- security/sssd/files/patch-src__providers__ad__ad_common.c (nonexistent) >+++ security/sssd/files/patch-src__providers__ad__ad_common.c (working copy) >@@ -0,0 +1,31 @@ >+diff --git src/providers/ad/ad_common.c src/providers/ad/ad_common.c >+index 0d154ca57..407d37a37 100644 >+--- src/providers/ad/ad_common.c >++++ src/providers/ad/ad_common.c >+@@ -419,7 +419,7 @@ ad_get_common_options(TALLOC_CTX *mem_ctx, >+ char *server; >+ char *realm; >+ char *ad_hostname; >+- char hostname[HOST_NAME_MAX + 1]; >++ char hostname[_POSIX_HOST_NAME_MAX + 1]; >+ char *case_sensitive_opt; >+ const char *opt_override; >+ >+@@ -458,7 +458,7 @@ ad_get_common_options(TALLOC_CTX *mem_ctx, >+ */ >+ ad_hostname = dp_opt_get_string(opts->basic, AD_HOSTNAME); >+ if (ad_hostname == NULL) { >+- gret = gethostname(hostname, sizeof(hostname)); >++ gret = gethostname(hostname, _POSIX_HOST_NAME_MAX); >+ if (gret != 0) { >+ ret = errno; >+ DEBUG(SSSDBG_FATAL_FAILURE, >+@@ -466,7 +466,7 @@ ad_get_common_options(TALLOC_CTX *mem_ctx, >+ strerror(ret)); >+ goto done; >+ } >+- hostname[HOST_NAME_MAX] = '\0'; >++ hostname[_POSIX_HOST_NAME_MAX] = '\0'; >+ DEBUG(SSSDBG_CONF_SETTINGS, >+ "Setting ad_hostname to [%s].\n", hostname); >+ ret = dp_opt_set_string(opts->basic, AD_HOSTNAME, hostname); > >Property changes on: security/sssd/files/patch-src__providers__ad__ad_common.c >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/sssd/files/patch-src__providers__ad__ad_pac.h >=================================================================== >--- security/sssd/files/patch-src__providers__ad__ad_pac.h (nonexistent) >+++ security/sssd/files/patch-src__providers__ad__ad_pac.h (working copy) >@@ -0,0 +1,13 @@ >+diff --git src/providers/ad/ad_pac.h src/providers/ad/ad_pac.h >+index 34f1e92c7..00a53cccd 100644 >+--- src/providers/ad/ad_pac.h >++++ src/providers/ad/ad_pac.h >+@@ -32,6 +32,8 @@ >+ #ifdef ldb_val >+ #error Please make sure to include ad_pac.h before ldb.h >+ #endif >++#include <unistd.h> >++#include <time.h> >+ #include <ndr.h> >+ #include <gen_ndr/krb5pac.h> >+ #include <gen_ndr/ndr_krb5pac.h> > >Property changes on: security/sssd/files/patch-src__providers__ad__ad_pac.h >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/sssd/files/patch-src__providers__data_provider_fo.c >=================================================================== >--- security/sssd/files/patch-src__providers__data_provider_fo.c (nonexistent) >+++ security/sssd/files/patch-src__providers__data_provider_fo.c (working copy) >@@ -0,0 +1,26 @@ >+diff --git src/providers/data_provider_fo.c src/providers/data_provider_fo.c >+index 473b667e5..63f2dd131 100644 >+--- src/providers/data_provider_fo.c >++++ src/providers/data_provider_fo.c >+@@ -235,18 +235,18 @@ errno_t be_fo_set_dns_srv_lookup_plugin(struct be_ctx *be_ctx, >+ const char *hostname) >+ { >+ struct fo_resolve_srv_dns_ctx *srv_ctx = NULL; >+- char resolved_hostname[HOST_NAME_MAX + 1]; >++ char resolved_hostname[_POSIX_HOST_NAME_MAX + 1]; >+ errno_t ret; >+ >+ if (hostname == NULL) { >+- ret = gethostname(resolved_hostname, sizeof(resolved_hostname)); >++ ret = gethostname(resolved_hostname, _POSIX_HOST_NAME_MAX); >+ if (ret != EOK) { >+ ret = errno; >+ DEBUG(SSSDBG_CRIT_FAILURE, >+ "gethostname() failed: [%d]: %s\n", ret, strerror(ret)); >+ return ret; >+ } >+- resolved_hostname[HOST_NAME_MAX] = '\0'; >++ resolved_hostname[_POSIX_HOST_NAME_MAX] = '\0'; >+ hostname = resolved_hostname; >+ } >+ > >Property changes on: security/sssd/files/patch-src__providers__data_provider_fo.c >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/sssd/files/patch-src__providers__ipa__ipa_common.c >=================================================================== >--- security/sssd/files/patch-src__providers__ipa__ipa_common.c (nonexistent) >+++ security/sssd/files/patch-src__providers__ipa__ipa_common.c (working copy) >@@ -0,0 +1,30 @@ >+diff --git src/providers/ipa/ipa_common.c src/providers/ipa/ipa_common.c >+index 17d14e6b0..681ac8615 100644 >+--- src/providers/ipa/ipa_common.c >++++ src/providers/ipa/ipa_common.c >+@@ -49,7 +49,7 @@ int ipa_get_options(TALLOC_CTX *memctx, >+ char *realm; >+ char *ipa_hostname; >+ int ret; >+- char hostname[HOST_NAME_MAX + 1]; >++ char hostname[_POSIX_HOST_NAME_MAX + 1]; >+ >+ opts = talloc_zero(memctx, struct ipa_options); >+ if (!opts) return ENOMEM; >+@@ -79,14 +79,14 @@ int ipa_get_options(TALLOC_CTX *memctx, >+ >+ ipa_hostname = dp_opt_get_string(opts->basic, IPA_HOSTNAME); >+ if (ipa_hostname == NULL) { >+- ret = gethostname(hostname, sizeof(hostname)); >++ ret = gethostname(hostname, _POSIX_HOST_NAME_MAX); >+ if (ret != EOK) { >+ DEBUG(SSSDBG_CRIT_FAILURE, "gethostname failed [%d][%s].\n", errno, >+ strerror(errno)); >+ ret = errno; >+ goto done; >+ } >+- hostname[HOST_NAME_MAX] = '\0'; >++ hostname[_POSIX_HOST_NAME_MAX] = '\0'; >+ DEBUG(SSSDBG_TRACE_ALL, "Setting ipa_hostname to [%s].\n", hostname); >+ ret = dp_opt_set_string(opts->basic, IPA_HOSTNAME, hostname); >+ if (ret != EOK) { > >Property changes on: security/sssd/files/patch-src__providers__ipa__ipa_common.c >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/sssd/files/patch-src__providers__ipa__ipa_deskprofile_rules_util.c >=================================================================== >--- security/sssd/files/patch-src__providers__ipa__ipa_deskprofile_rules_util.c (nonexistent) >+++ security/sssd/files/patch-src__providers__ipa__ipa_deskprofile_rules_util.c (working copy) >@@ -0,0 +1,13 @@ >+diff --git src/providers/ipa/ipa_deskprofile_rules_util.c src/providers/ipa/ipa_deskprofile_rules_util.c >+index 991c6053d..59483b452 100644 >+--- src/providers/ipa/ipa_deskprofile_rules_util.c >++++ src/providers/ipa/ipa_deskprofile_rules_util.c >+@@ -25,6 +25,8 @@ >+ #include "providers/ipa/ipa_rules_common.h" >+ #include <ctype.h> >+ #include <fcntl.h> >++#include <sys/types.h> >++#include <signal.h> >+ >+ #define DESKPROFILE_GLOBAL_POLICY_MIN_VALUE 1 >+ #define DESKPROFILE_GLOBAL_POLICY_MAX_VALUE 24 > >Property changes on: security/sssd/files/patch-src__providers__ipa__ipa_deskprofile_rules_util.c >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/sssd/files/patch-src__providers__krb5__krb5_delayed_online_authentication.c >=================================================================== >--- security/sssd/files/patch-src__providers__krb5__krb5_delayed_online_authentication.c (revision 552996) >+++ security/sssd/files/patch-src__providers__krb5__krb5_delayed_online_authentication.c (working copy) >@@ -1,6 +1,8 @@ >---- src/providers/krb5/krb5_delayed_online_authentication.c.orig 2014-09-17 13:01:37 UTC >+diff --git src/providers/krb5/krb5_delayed_online_authentication.c src/providers/krb5/krb5_delayed_online_authentication.c >+index 1cb7eade0..4aaeb84b2 100644 >+--- src/providers/krb5/krb5_delayed_online_authentication.c > +++ src/providers/krb5/krb5_delayed_online_authentication.c >-@@ -320,6 +320,7 @@ errno_t init_delayed_online_authentication(struct krb5 >+@@ -328,6 +328,7 @@ errno_t init_delayed_online_authentication(struct krb5_ctx *krb5_ctx, > struct tevent_context *ev) > { > int ret; >@@ -8,7 +10,7 @@ > hash_table_t *tmp_table; > > ret = get_uid_table(krb5_ctx, &tmp_table); >-@@ -339,6 +340,7 @@ errno_t init_delayed_online_authentication(struct krb5 >+@@ -347,6 +348,7 @@ errno_t init_delayed_online_authentication(struct krb5_ctx *krb5_ctx, > "hash_destroy failed [%s].\n", hash_error_string(ret)); > return EFAULT; > } >Index: security/sssd/files/patch-src__providers__ldap__ldap_auth.c >=================================================================== >--- security/sssd/files/patch-src__providers__ldap__ldap_auth.c (revision 552996) >+++ security/sssd/files/patch-src__providers__ldap__ldap_auth.c (working copy) >@@ -1,4 +1,6 @@ >---- src/providers/ldap/ldap_auth.c.orig 2014-09-17 13:01:37 UTC >+diff --git src/providers/ldap/ldap_auth.c src/providers/ldap/ldap_auth.c >+index de22689ae..fdfd67cf4 100644 >+--- src/providers/ldap/ldap_auth.c > +++ src/providers/ldap/ldap_auth.c > @@ -37,7 +37,6 @@ > #include <sys/time.h> >@@ -8,10 +10,10 @@ > #include <security/pam_modules.h> > > #include "util/util.h" >-@@ -56,6 +55,22 @@ enum pwexpire { >- PWEXPIRE_SHADOW >- }; >+@@ -52,6 +51,22 @@ > >+ #define LDAP_PWEXPIRE_WARNING_TIME 0 >+ > +struct spwd > +{ > + char *sp_namp; /* Login name. */ >@@ -31,20 +33,9 @@ > static errno_t add_expired_warning(struct pam_data *pd, long exp_time) > { > int ret; >-@@ -109,6 +124,7 @@ static errno_t check_pwexpire_kerberos(const char *exp >- return EINVAL; >+@@ -97,9 +112,9 @@ static errno_t check_pwexpire_kerberos(const char *expire_date, time_t now, > } > >-+ tzset(); >- expire_time = mktime(&tm); >- if (expire_time == -1) { >- DEBUG(SSSDBG_CRIT_FAILURE, >-@@ -116,12 +132,10 @@ static errno_t check_pwexpire_kerberos(const char *exp >- return EINVAL; >- } >- >-- tzset(); >-- expire_time -= timezone; > DEBUG(SSSDBG_TRACE_ALL, > - "Time info: tzname[0] [%s] tzname[1] [%s] timezone [%ld] " > - "daylight [%d] now [%ld] expire_time [%ld].\n", tzname[0], >@@ -55,7 +46,59 @@ > > if (difftime(now, expire_time) > 0.0) { > DEBUG(SSSDBG_CONF_SETTINGS, "Kerberos password expired.\n"); >-@@ -924,7 +938,7 @@ void sdap_pam_chpass_handler(struct be_req *breq) >+@@ -946,14 +961,14 @@ sdap_pam_auth_handler_send(TALLOC_CTX *mem_ctx, >+ >+ state->pd = pd; >+ state->be_ctx = params->be_ctx; >+- pd->pam_status = PAM_SYSTEM_ERR; >++ pd->pam_status = PAM_SERVICE_ERR; >+ >+ switch (pd->cmd) { >+ case SSS_PAM_AUTHENTICATE: >+ subreq = auth_send(state, params->ev, auth_ctx, >+ pd->user, pd->authtok, false); >+ if (subreq == NULL) { >+- pd->pam_status = PAM_SYSTEM_ERR; >++ pd->pam_status = PAM_SERVICE_ERR; >+ goto immediately; >+ } >+ >+@@ -963,14 +978,14 @@ sdap_pam_auth_handler_send(TALLOC_CTX *mem_ctx, >+ subreq = auth_send(state, params->ev, auth_ctx, >+ pd->user, pd->authtok, true); >+ if (subreq == NULL) { >+- pd->pam_status = PAM_SYSTEM_ERR; >++ pd->pam_status = PAM_SERVICE_ERR; >+ goto immediately; >+ } >+ >+ tevent_req_set_callback(subreq, sdap_pam_auth_handler_done, req); >+ break; >+ case SSS_PAM_CHAUTHTOK: >+- pd->pam_status = PAM_SYSTEM_ERR; >++ pd->pam_status = PAM_SERVICE_ERR; >+ goto immediately; >+ >+ case SSS_PAM_ACCT_MGMT: >+@@ -1015,7 +1030,7 @@ static void sdap_pam_auth_handler_done(struct tevent_req *subreq) >+ state->be_ctx->domain->pwd_expiration_warning); >+ if (ret == EINVAL) { >+ /* Unknown password expiration type. */ >+- state->pd->pam_status = PAM_SYSTEM_ERR; >++ state->pd->pam_status = PAM_SERVICE_ERR; >+ goto done; >+ } >+ } >+@@ -1049,7 +1064,7 @@ static void sdap_pam_auth_handler_done(struct tevent_req *subreq) >+ state->pd->pam_status = PAM_BAD_ITEM; >+ break; >+ default: >+- state->pd->pam_status = PAM_SYSTEM_ERR; >++ state->pd->pam_status = PAM_SERVICE_ERR; >+ break; >+ } >+ >+@@ -1271,7 +1286,7 @@ sdap_pam_chpass_handler_send(TALLOC_CTX *mem_ctx, > DEBUG(SSSDBG_OP_FAILURE, > "starting password change request for user [%s].\n", pd->user); > >@@ -64,16 +107,61 @@ > > if (pd->cmd != SSS_PAM_CHAUTHTOK && pd->cmd != SSS_PAM_CHAUTHTOK_PRELIM) { > DEBUG(SSSDBG_OP_FAILURE, >-@@ -1069,7 +1083,7 @@ static void sdap_auth4chpass_done(struct tevent_req *r >- dp_err = DP_ERR_OFFLINE; >+@@ -1282,7 +1297,7 @@ sdap_pam_chpass_handler_send(TALLOC_CTX *mem_ctx, >+ subreq = auth_send(state, params->ev, auth_ctx, >+ pd->user, pd->authtok, true); >+ if (subreq == NULL) { >+- pd->pam_status = PAM_SYSTEM_ERR; >++ pd->pam_status = PAM_SERVICE_ERR; >+ goto immediately; >+ } >+ >+@@ -1335,7 +1350,7 @@ static void sdap_pam_chpass_handler_auth_done(struct tevent_req *subreq) >+ if (ret == ERR_PASSWORD_EXPIRED) { >+ DEBUG(SSSDBG_CRIT_FAILURE, "LDAP provider cannot change " >+ "kerberos passwords.\n"); >+- state->pd->pam_status = PAM_SYSTEM_ERR; >++ state->pd->pam_status = PAM_SERVICE_ERR; >+ goto done; >+ } >+ break; >+@@ -1344,7 +1359,7 @@ static void sdap_pam_chpass_handler_auth_done(struct tevent_req *subreq) >+ break; >+ default: >+ DEBUG(SSSDBG_CRIT_FAILURE, "Unknown password expiration type.\n"); >+- state->pd->pam_status = PAM_SYSTEM_ERR; >++ state->pd->pam_status = PAM_SERVICE_ERR; >+ goto done; >+ } >+ } >+@@ -1369,7 +1384,7 @@ static void sdap_pam_chpass_handler_auth_done(struct tevent_req *subreq) >+ if (subreq == NULL) { >+ DEBUG(SSSDBG_OP_FAILURE, "Failed to change password for " >+ "%s\n", state->pd->user); >+- state->pd->pam_status = PAM_SYSTEM_ERR; >++ state->pd->pam_status = PAM_SERVICE_ERR; >+ goto done; >+ } >+ >+@@ -1401,7 +1416,7 @@ static void sdap_pam_chpass_handler_auth_done(struct tevent_req *subreq) >+ be_mark_offline(state->be_ctx); >+ break; >+ default: >+- state->pd->pam_status = PAM_SYSTEM_ERR; >++ state->pd->pam_status = PAM_SERVICE_ERR; >+ break; >+ } >+ >+@@ -1437,7 +1452,7 @@ static void sdap_pam_chpass_handler_chpass_done(struct tevent_req *subreq) >+ state->pd->pam_status = PAM_AUTHTOK_ERR; > break; > default: > - state->pd->pam_status = PAM_SYSTEM_ERR; > + state->pd->pam_status = PAM_SERVICE_ERR; >+ break; > } > >- done: >-@@ -1131,7 +1145,7 @@ static void sdap_pam_chpass_done(struct tevent_req *re >+@@ -1463,7 +1478,7 @@ static void sdap_pam_chpass_handler_chpass_done(struct tevent_req *subreq) > state->sh, state->dn, > lastchanged_name); > if (subreq == NULL) { >@@ -82,9 +170,9 @@ > goto done; > } > >-@@ -1152,7 +1166,7 @@ static void sdap_lastchange_done(struct tevent_req *re >+@@ -1489,7 +1504,7 @@ static void sdap_pam_chpass_handler_last_done(struct tevent_req *subreq) >+ talloc_free(subreq); > >- ret = sdap_modify_shadow_lastchange_recv(req); > if (ret != EOK) { > - state->pd->pam_status = PAM_SYSTEM_ERR; > + state->pd->pam_status = PAM_SERVICE_ERR; >@@ -91,21 +179,3 @@ > goto done; > } > >-@@ -1193,7 +1207,7 @@ void sdap_pam_auth_handler(struct be_req *breq) >- goto done; >- } >- >-- pd->pam_status = PAM_SYSTEM_ERR; >-+ pd->pam_status = PAM_SERVICE_ERR; >- >- switch (pd->cmd) { >- case SSS_PAM_AUTHENTICATE: >-@@ -1291,7 +1305,7 @@ static void sdap_pam_auth_done(struct tevent_req *req) >- state->pd->pam_status = PAM_NEW_AUTHTOK_REQD; >- break; >- default: >-- state->pd->pam_status = PAM_SYSTEM_ERR; >-+ state->pd->pam_status = PAM_SERVICE_ERR; >- dp_err = DP_ERR_FATAL; >- } >- >Index: security/sssd/files/patch-src__providers__ldap__ldap_child.c >=================================================================== >--- security/sssd/files/patch-src__providers__ldap__ldap_child.c (nonexistent) >+++ security/sssd/files/patch-src__providers__ldap__ldap_child.c (working copy) >@@ -0,0 +1,22 @@ >+diff --git src/providers/ldap/ldap_child.c src/providers/ldap/ldap_child.c >+index 368bb91e1..1bc86ecb5 100644 >+--- src/providers/ldap/ldap_child.c >++++ src/providers/ldap/ldap_child.c >+@@ -324,14 +324,14 @@ static krb5_error_code ldap_child_get_tgt_sync(TALLOC_CTX *memctx, >+ full_princ = talloc_strdup(tmp_ctx, princ_str); >+ } >+ } else { >+- char hostname[HOST_NAME_MAX + 1]; >++ char hostname[_POSIX_HOST_NAME_MAX + 1]; >+ >+- ret = gethostname(hostname, sizeof(hostname)); >++ ret = gethostname(hostname, _POSIX_HOST_NAME_MAX); >+ if (ret == -1) { >+ krberr = KRB5KRB_ERR_GENERIC; >+ goto done; >+ } >+- hostname[HOST_NAME_MAX] = '\0'; >++ hostname[_POSIX_HOST_NAME_MAX] = '\0'; >+ >+ DEBUG(SSSDBG_TRACE_LIBS, "got hostname: [%s]\n", hostname); >+ > >Property changes on: security/sssd/files/patch-src__providers__ldap__ldap_child.c >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/sssd/files/patch-src__providers__ldap__sdap_access.c >=================================================================== >--- security/sssd/files/patch-src__providers__ldap__sdap_access.c (revision 552996) >+++ security/sssd/files/patch-src__providers__ldap__sdap_access.c (working copy) >@@ -1,19 +1,9 @@ >---- src/providers/ldap/sdap_access.c.orig 2014-09-17 13:01:37 UTC >+diff --git src/providers/ldap/sdap_access.c src/providers/ldap/sdap_access.c >+index dd04ec512..58a3766fc 100644 >+--- src/providers/ldap/sdap_access.c > +++ src/providers/ldap/sdap_access.c >-@@ -499,6 +499,7 @@ static bool nds_check_expired(const char *exp_time_str >- return true; >- } >+@@ -562,9 +562,9 @@ bool nds_check_expired(const char *exp_time_str) > >-+ tzset(); >- expire_time = mktime(&tm); >- if (expire_time == -1) { >- DEBUG(SSSDBG_CRIT_FAILURE, >-@@ -506,13 +507,11 @@ static bool nds_check_expired(const char *exp_time_str >- return true; >- } >- >-- tzset(); >-- expire_time -= timezone; > now = time(NULL); > DEBUG(SSSDBG_TRACE_ALL, > - "Time info: tzname[0] [%s] tzname[1] [%s] timezone [%ld] " >@@ -25,3 +15,27 @@ > > if (difftime(now, expire_time) > 0.0) { > DEBUG(SSSDBG_CONF_SETTINGS, "NDS account expired.\n"); >+@@ -1247,7 +1247,7 @@ static errno_t sdap_access_host(struct ldb_message *user_entry) >+ struct ldb_message_element *el; >+ unsigned int i; >+ char *host; >+- char hostname[HOST_NAME_MAX + 1]; >++ char hostname[_POSIX_HOST_NAME_MAX + 1]; >+ >+ el = ldb_msg_find_element(user_entry, SYSDB_AUTHORIZED_HOST); >+ if (!el || el->num_values == 0) { >+@@ -1255,12 +1255,12 @@ static errno_t sdap_access_host(struct ldb_message *user_entry) >+ return ERR_ACCESS_DENIED; >+ } >+ >+- if (gethostname(hostname, sizeof(hostname)) == -1) { >++ if (gethostname(hostname, _POSIX_HOST_NAME_MAX) == -1) { >+ DEBUG(SSSDBG_CRIT_FAILURE, >+ "Unable to get system hostname. Access denied\n"); >+ return ERR_ACCESS_DENIED; >+ } >+- hostname[HOST_NAME_MAX] = '\0'; >++ hostname[_POSIX_HOST_NAME_MAX] = '\0'; >+ >+ /* FIXME: PADL's pam_ldap also calls gethostbyname() on the hostname >+ * in some attempt to get aliases and/or FQDN for the machine. >Index: security/sssd/files/patch-src__providers__ldap__sdap_async_groups.c >=================================================================== >--- security/sssd/files/patch-src__providers__ldap__sdap_async_groups.c (nonexistent) >+++ security/sssd/files/patch-src__providers__ldap__sdap_async_groups.c (working copy) >@@ -0,0 +1,22 @@ >+diff --git src/providers/ldap/sdap_async_groups.c src/providers/ldap/sdap_async_groups.c >+index 09e15bc3d..c74e4c3ea 100644 >+--- src/providers/ldap/sdap_async_groups.c >++++ src/providers/ldap/sdap_async_groups.c >+@@ -505,6 +505,7 @@ static int sdap_save_group(TALLOC_CTX *memctx, >+ struct sysdb_attrs *group_attrs; >+ const char *group_name = NULL; >+ gid_t gid; >++ id_t temp_id; >+ errno_t ret; >+ char *usn_value = NULL; >+ TALLOC_CTX *tmpctx = NULL; >+@@ -615,7 +616,8 @@ static int sdap_save_group(TALLOC_CTX *memctx, >+ group_name, sid_str); >+ >+ /* Convert the SID into a UNIX group ID */ >+- ret = sdap_idmap_sid_to_unix(opts->idmap_ctx, sid_str, &gid); >++ ret = sdap_idmap_sid_to_unix(opts->idmap_ctx, sid_str, &temp_id); >++ gid = (gid_t) temp_id; >+ if (ret == ENOTSUP) { >+ /* ENOTSUP is returned if built-in SID was provided >+ * => do not store the group, but return EOK */ > >Property changes on: security/sssd/files/patch-src__providers__ldap__sdap_async_groups.c >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/sssd/files/patch-src__providers__ldap__sdap_async_initgroups.c >=================================================================== >--- security/sssd/files/patch-src__providers__ldap__sdap_async_initgroups.c (nonexistent) >+++ security/sssd/files/patch-src__providers__ldap__sdap_async_initgroups.c (working copy) >@@ -0,0 +1,41 @@ >+diff --git src/providers/ldap/sdap_async_initgroups.c src/providers/ldap/sdap_async_initgroups.c >+index 620782b6f..9831ac1d6 100644 >+--- src/providers/ldap/sdap_async_initgroups.c >++++ src/providers/ldap/sdap_async_initgroups.c >+@@ -45,6 +45,7 @@ errno_t sdap_add_incomplete_groups(struct sysdb_ctx *sysdb, >+ const char *uuid = NULL; >+ char **missing; >+ gid_t gid; >++ id_t temp_id; >+ int ret; >+ errno_t sret; >+ bool in_transaction = false; >+@@ -146,7 +147,8 @@ errno_t sdap_add_incomplete_groups(struct sysdb_ctx *sysdb, >+ >+ /* Convert the SID into a UNIX group ID */ >+ ret = sdap_idmap_sid_to_unix(opts->idmap_ctx, sid_str, >+- &gid); >++ &temp_id); >++ gid = (gid_t) temp_id; >+ if (ret == EOK) { >+ DEBUG(SSSDBG_TRACE_INTERNAL, >+ "Group [%s] has mapped gid [%lu]\n", >+@@ -3305,6 +3307,7 @@ static void sdap_get_initgr_done(struct tevent_req *subreq) >+ int ret; >+ TALLOC_CTX *tmp_ctx; >+ gid_t primary_gid; >++ id_t temp_id; >+ char *gid; >+ char *sid_str; >+ char *dom_sid_str; >+@@ -3411,8 +3414,9 @@ static void sdap_get_initgr_done(struct tevent_req *subreq) >+ >+ /* Convert the SID into a UNIX group ID */ >+ ret = sdap_idmap_sid_to_unix(opts->idmap_ctx, group_sid_str, >+- &primary_gid); >++ &temp_id); >+ if (ret != EOK) goto done; >++ primary_gid = (gid_t) temp_id; >+ } else { >+ ret = sysdb_attrs_get_uint32_t(state->orig_user, SYSDB_GIDNUM, >+ &primary_gid); > >Property changes on: security/sssd/files/patch-src__providers__ldap__sdap_async_initgroups.c >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/sssd/files/patch-src__providers__ldap__sdap_async_initgroups_ad.c >=================================================================== >--- security/sssd/files/patch-src__providers__ldap__sdap_async_initgroups_ad.c (nonexistent) >+++ security/sssd/files/patch-src__providers__ldap__sdap_async_initgroups_ad.c (working copy) >@@ -0,0 +1,22 @@ >+diff --git src/providers/ldap/sdap_async_initgroups_ad.c src/providers/ldap/sdap_async_initgroups_ad.c >+index 3c58f5bc4..7e0a5169d 100644 >+--- src/providers/ldap/sdap_async_initgroups_ad.c >++++ src/providers/ldap/sdap_async_initgroups_ad.c >+@@ -851,6 +851,7 @@ errno_t sdap_ad_save_group_membership_with_idmapping(const char *username, >+ size_t i; >+ time_t now; >+ gid_t gid; >++ id_t temp_id; >+ char **groups = NULL; >+ size_t num_groups; >+ errno_t ret; >+@@ -881,7 +882,8 @@ errno_t sdap_ad_save_group_membership_with_idmapping(const char *username, >+ sid = sids[i]; >+ DEBUG(SSSDBG_TRACE_LIBS, "Processing membership SID [%s]\n", sid); >+ >+- ret = sdap_idmap_sid_to_unix(idmap_ctx, sid, &gid); >++ ret = sdap_idmap_sid_to_unix(idmap_ctx, sid, &temp_id); >++ gid = (gid_t) temp_id; >+ if (ret == ENOTSUP) { >+ DEBUG(SSSDBG_TRACE_FUNC, "Skipping built-in object.\n"); >+ continue; > >Property changes on: security/sssd/files/patch-src__providers__ldap__sdap_async_initgroups_ad.c >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/sssd/files/patch-src__providers__ldap__sdap_async_sudo_hostinfo.c >=================================================================== >--- security/sssd/files/patch-src__providers__ldap__sdap_async_sudo_hostinfo.c (nonexistent) >+++ security/sssd/files/patch-src__providers__ldap__sdap_async_sudo_hostinfo.c (working copy) >@@ -0,0 +1,30 @@ >+diff --git src/providers/ldap/sdap_async_sudo_hostinfo.c src/providers/ldap/sdap_async_sudo_hostinfo.c >+index a3c3e1068..f33299304 100644 >+--- src/providers/ldap/sdap_async_sudo_hostinfo.c >++++ src/providers/ldap/sdap_async_sudo_hostinfo.c >+@@ -357,7 +357,7 @@ static struct tevent_req *sdap_sudo_get_hostnames_send(TALLOC_CTX *mem_ctx, >+ struct tevent_req *subreq = NULL; >+ struct sdap_sudo_get_hostnames_state *state = NULL; >+ char *dot = NULL; >+- char hostname[HOST_NAME_MAX + 1]; >++ char hostname[_POSIX_HOST_NAME_MAX + 1]; >+ int ret; >+ >+ req = tevent_req_create(mem_ctx, &state, >+@@ -380,14 +380,14 @@ static struct tevent_req *sdap_sudo_get_hostnames_send(TALLOC_CTX *mem_ctx, >+ /* get hostname */ >+ >+ errno = 0; >+- ret = gethostname(hostname, sizeof(hostname)); >++ ret = gethostname(hostname, _POSIX_HOST_NAME_MAX); >+ if (ret != EOK) { >+ ret = errno; >+ DEBUG(SSSDBG_CRIT_FAILURE, "Unable to retrieve machine hostname " >+ "[%d]: %s\n", ret, strerror(ret)); >+ goto done; >+ } >+- hostname[HOST_NAME_MAX] = '\0'; >++ hostname[_POSIX_HOST_NAME_MAX] = '\0'; >+ >+ state->hostnames[0] = talloc_strdup(state->hostnames, hostname); >+ if (state->hostnames[0] == NULL) { > >Property changes on: security/sssd/files/patch-src__providers__ldap__sdap_async_sudo_hostinfo.c >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/sssd/files/patch-src__providers__ldap__sdap_async_users.c >=================================================================== >--- security/sssd/files/patch-src__providers__ldap__sdap_async_users.c (nonexistent) >+++ security/sssd/files/patch-src__providers__ldap__sdap_async_users.c (working copy) >@@ -0,0 +1,48 @@ >+diff --git src/providers/ldap/sdap_async_users.c src/providers/ldap/sdap_async_users.c >+index 92eeda1d3..8847be79b 100644 >+--- src/providers/ldap/sdap_async_users.c >++++ src/providers/ldap/sdap_async_users.c >+@@ -61,7 +61,8 @@ sdap_get_idmap_primary_gid(struct sdap_options *opts, >+ { >+ errno_t ret; >+ TALLOC_CTX *tmpctx = NULL; >+- gid_t gid, primary_gid; >++ id_t gid; >++ gid_t primary_gid; >+ char *group_sid_str; >+ >+ tmpctx = talloc_new(NULL); >+@@ -108,7 +109,7 @@ sdap_get_idmap_primary_gid(struct sdap_options *opts, >+ if (ret != EOK) goto done; >+ >+ ret = EOK; >+- *_gid = gid; >++ *_gid = (gid_t) gid; >+ done: >+ talloc_free(tmpctx); >+ return ret; >+@@ -188,6 +189,7 @@ int sdap_save_user(TALLOC_CTX *memctx, >+ const char *orig_dn = NULL; >+ uid_t uid = 0; >+ gid_t gid = 0; >++ id_t temp_id; >+ struct sysdb_attrs *user_attrs; >+ char *upn = NULL; >+ size_t i; >+@@ -331,7 +333,7 @@ int sdap_save_user(TALLOC_CTX *memctx, >+ "Mapping user [%s] objectSID [%s] to unix ID\n", user_name, sid_str); >+ >+ /* Convert the SID into a UNIX user ID */ >+- ret = sdap_idmap_sid_to_unix(opts->idmap_ctx, sid_str, &uid); >++ ret = sdap_idmap_sid_to_unix(opts->idmap_ctx, sid_str, &temp_id); >+ if (ret == ENOTSUP) { >+ DEBUG(SSSDBG_TRACE_FUNC, "Skipping built-in object.\n"); >+ ret = EOK; >+@@ -339,6 +341,7 @@ int sdap_save_user(TALLOC_CTX *memctx, >+ } else if (ret != EOK) { >+ goto done; >+ } >++ uid = (uid_t) temp_id; >+ >+ /* Store the UID in the ldap_attrs so it doesn't get >+ * treated as a missing attribute from LDAP and removed. > >Property changes on: security/sssd/files/patch-src__providers__ldap__sdap_async_users.c >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/sssd/files/patch-src__providers__proxy__proxy_init.c >=================================================================== >--- security/sssd/files/patch-src__providers__proxy__proxy_init.c (nonexistent) >+++ security/sssd/files/patch-src__providers__proxy__proxy_init.c (working copy) >@@ -0,0 +1,12 @@ >+--- src/providers/proxy/proxy_init.c-orig 2020-10-22 22:18:17.586438000 +0100 >++++ src/providers/proxy/proxy_init.c 2020-10-22 22:23:58.494971000 +0100 >+@@ -236,6 +236,9 @@ >+ errno_t ret; >+ size_t i; >+ >++/* FreeBSD's nss is still in libc so just return EOK */ >++ return EOK; >++ >+ ret = sss_load_nss_symbols(ops, libname); >+ if (ret != EOK) { >+ return ret; > >Property changes on: security/sssd/files/patch-src__providers__proxy__proxy_init.c >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/sssd/files/patch-src__resolv__async_resolv_utils.c >=================================================================== >--- security/sssd/files/patch-src__resolv__async_resolv_utils.c (nonexistent) >+++ security/sssd/files/patch-src__resolv__async_resolv_utils.c (working copy) >@@ -0,0 +1,30 @@ >+diff --git src/resolv/async_resolv_utils.c src/resolv/async_resolv_utils.c >+index f86181b91..25323cf7a 100644 >+--- src/resolv/async_resolv_utils.c >++++ src/resolv/async_resolv_utils.c >+@@ -45,7 +45,7 @@ resolv_get_domain_send(TALLOC_CTX *mem_ctx, >+ struct resolv_get_domain_state *state = NULL; >+ struct tevent_req *req = NULL; >+ struct tevent_req *subreq = NULL; >+- char system_hostname[HOST_NAME_MAX + 1]; >++ char system_hostname[_POSIX_HOST_NAME_MAX + 1]; >+ errno_t ret; >+ >+ req = tevent_req_create(mem_ctx, &state, >+@@ -57,14 +57,14 @@ resolv_get_domain_send(TALLOC_CTX *mem_ctx, >+ >+ if (hostname == NULL) { >+ /* use system hostname */ >+- ret = gethostname(system_hostname, sizeof(system_hostname)); >++ ret = gethostname(system_hostname, _POSIX_HOST_NAME_MAX); >+ if (ret) { >+ ret = errno; >+ DEBUG(SSSDBG_CRIT_FAILURE, "gethostname() failed: [%d]: %s\n", >+ ret, strerror(ret)); >+ goto immediately; >+ } >+- system_hostname[HOST_NAME_MAX] = '\0'; >++ system_hostname[_POSIX_HOST_NAME_MAX] = '\0'; >+ hostname = system_hostname; >+ } >+ > >Property changes on: security/sssd/files/patch-src__resolv__async_resolv_utils.c >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/sssd/files/patch-src__responder__common__negcache.c >=================================================================== >--- security/sssd/files/patch-src__responder__common__negcache.c (nonexistent) >+++ security/sssd/files/patch-src__responder__common__negcache.c (working copy) >@@ -0,0 +1,12 @@ >+--- src/responder/common/negcache.c-orig 2020-10-22 22:15:45.691782000 +0100 >++++ src/responder/common/negcache.c 2020-10-22 22:24:25.375197000 +0100 >+@@ -71,6 +71,9 @@ >+ errno_t ret; >+ size_t i; >+ >++/* FreeBSD's nss is still in libc so just return EOK */ >++ return EOK; >++ >+ ret = sss_load_nss_symbols(ops, "files"); >+ if (ret != EOK) { >+ return ret; > >Property changes on: security/sssd/files/patch-src__responder__common__negcache.c >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/sssd/files/patch-src__sbus__sbus_codegen >=================================================================== >--- security/sssd/files/patch-src__sbus__sbus_codegen (nonexistent) >+++ security/sssd/files/patch-src__sbus__sbus_codegen (working copy) >@@ -0,0 +1,10 @@ >+diff --git src/sbus/sbus_codegen src/sbus/sbus_codegen >+index a97a92591..fb3b6d9b3 100755 >+--- src/sbus/sbus_codegen >++++ src/sbus/sbus_codegen >+@@ -1,4 +1,4 @@ >+-#!/usr/bin/env python >++#!/usr/bin/env python3 >+ >+ # >+ # Authors: > >Property changes on: security/sssd/files/patch-src__sbus__sbus_codegen >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/sssd/files/patch-src__sss_client__common.c >=================================================================== >--- security/sssd/files/patch-src__sss_client__common.c (revision 552996) >+++ security/sssd/files/patch-src__sss_client__common.c (working copy) >@@ -1,4 +1,6 @@ >---- src/sss_client/common.c.orig 2014-09-17 13:01:37 UTC >+diff --git src/sss_client/common.c src/sss_client/common.c >+index d8effb6dd..edeb4a159 100644 >+--- src/sss_client/common.c > +++ src/sss_client/common.c > @@ -25,6 +25,7 @@ > #include "config.h" >@@ -8,15 +10,15 @@ > #include <security/pam_modules.h> > #include <errno.h> > #include <sys/types.h> >-@@ -43,6 +44,7 @@ >- #include <libintl.h> >+@@ -44,6 +45,7 @@ > #define _(STRING) dgettext (PACKAGE, STRING) > #include "sss_cli.h" >+ #include "common_private.h" > +#include "util/sss_bsd_errno.h" > > #if HAVE_PTHREAD > #include <pthread.h> >-@@ -124,7 +126,6 @@ static enum sss_status sss_cli_send_req(enum sss_cli_c >+@@ -126,7 +128,6 @@ static enum sss_status sss_cli_send_req(enum sss_cli_command cmd, > *errnop = error; > break; > case 0: >@@ -24,7 +26,7 @@ > break; > case 1: > if (pfd.revents & (POLLERR | POLLHUP | POLLNVAL)) { >-@@ -232,7 +233,6 @@ static enum sss_status sss_cli_recv_rep(enum sss_cli_c >+@@ -235,7 +236,6 @@ static enum sss_status sss_cli_recv_rep(enum sss_cli_command cmd, > *errnop = error; > break; > case 0: >@@ -32,7 +34,7 @@ > break; > case 1: > if (pfd.revents & (POLLHUP)) { >-@@ -669,7 +669,6 @@ static enum sss_status sss_cli_check_socket(int *errno >+@@ -679,7 +679,6 @@ static enum sss_status sss_cli_check_socket(int *errnop, > *errnop = error; > break; > case 0: >@@ -40,7 +42,7 @@ > break; > case 1: > if (pfd.revents & (POLLERR | POLLHUP | POLLNVAL)) { >-@@ -719,23 +718,23 @@ enum nss_status sss_nss_make_request(enum sss_cli_comm >+@@ -730,7 +729,7 @@ enum nss_status sss_nss_make_request_timeout(enum sss_cli_command cmd, > /* avoid looping in the nss daemon */ > envval = getenv("_SSS_LOOPS"); > if (envval && strcmp(envval, "NO") == 0) { >@@ -48,13 +50,21 @@ > + return NS_NOTFOUND; > } > >- ret = sss_cli_check_socket(errnop, SSS_NSS_SOCKET_NAME); >- if (ret != SSS_STATUS_SUCCESS) { >+ ret = sss_cli_check_socket(errnop, SSS_NSS_SOCKET_NAME, timeout); >+@@ -738,9 +737,9 @@ enum nss_status sss_nss_make_request_timeout(enum sss_cli_command cmd, >+ #ifdef NONSTANDARD_SSS_NSS_BEHAVIOUR >+ *errnop = 0; >+ errno = 0; >+- return NSS_STATUS_NOTFOUND; >++ return NS_NOTFOUND; >+ #else > - return NSS_STATUS_UNAVAIL; > + return NS_UNAVAIL; >+ #endif > } > >- ret = sss_cli_make_request_nochecks(cmd, rd, repbuf, replen, errnop); >+@@ -765,17 +764,17 @@ enum nss_status sss_nss_make_request_timeout(enum sss_cli_command cmd, >+ } > switch (ret) { > case SSS_STATUS_TRYAGAIN: > - return NSS_STATUS_TRYAGAIN; >@@ -64,37 +74,14 @@ > + return NS_SUCCESS; > case SSS_STATUS_UNAVAIL: > default: >-- return NSS_STATUS_UNAVAIL; >-+ return NS_UNAVAIL; >- } >- } >- >-@@ -750,23 +749,23 @@ int sss_pac_make_request(enum sss_cli_command cmd, >- /* avoid looping in the nss daemon */ >- envval = getenv("_SSS_LOOPS"); >- if (envval && strcmp(envval, "NO") == 0) { >+ #ifdef NONSTANDARD_SSS_NSS_BEHAVIOUR >+ *errnop = 0; >+ errno = 0; > - return NSS_STATUS_NOTFOUND; > + return NS_NOTFOUND; >- } >- >- ret = sss_cli_check_socket(errnop, SSS_PAC_SOCKET_NAME); >- if (ret != SSS_STATUS_SUCCESS) { >+ #else > - return NSS_STATUS_UNAVAIL; > + return NS_UNAVAIL; >+ #endif > } >- >- ret = sss_cli_make_request_nochecks(cmd, rd, repbuf, replen, errnop); >- switch (ret) { >- case SSS_STATUS_TRYAGAIN: >-- return NSS_STATUS_TRYAGAIN; >-+ return NS_TRYAGAIN; >- case SSS_STATUS_SUCCESS: >-- return NSS_STATUS_SUCCESS; >-+ return NS_SUCCESS; >- case SSS_STATUS_UNAVAIL: >- default: >-- return NSS_STATUS_UNAVAIL; >-+ return NS_UNAVAIL; >- } > } >- >Index: security/sssd/files/patch-src__sss_client__nss_group.c >=================================================================== >--- security/sssd/files/patch-src__sss_client__nss_group.c (revision 552996) >+++ security/sssd/files/patch-src__sss_client__nss_group.c (working copy) >@@ -1,6 +1,8 @@ >---- src/sss_client/nss_group.c.orig 2014-09-17 13:01:37 UTC >+diff --git src/sss_client/nss_group.c src/sss_client/nss_group.c >+index 5ab2bdf78..69ba75dcb 100644 >+--- src/sss_client/nss_group.c > +++ src/sss_client/nss_group.c >-@@ -343,6 +343,76 @@ out: >+@@ -390,6 +390,76 @@ out: > } > > >Index: security/sssd/files/patch-src__sss_client__pam_sss.c >=================================================================== >--- security/sssd/files/patch-src__sss_client__pam_sss.c (nonexistent) >+++ security/sssd/files/patch-src__sss_client__pam_sss.c (working copy) >@@ -0,0 +1,16 @@ >+diff --git src/sss_client/pam_sss.c src/sss_client/pam_sss.c >+index f634f7659..1de88fefe 100644 >+--- src/sss_client/pam_sss.c >++++ src/sss_client/pam_sss.c >+@@ -263,9 +263,9 @@ static int do_pam_conversation(pam_handle_t *pamh, const int msg_style, >+ >+ pam_msg->msg_style = msg_style; >+ if (state == SSS_PAM_CONV_REENTER) { >+- pam_msg->msg = reenter_msg; >++ pam_msg->msg = (char *)(intptr_t)reenter_msg; >+ } else { >+- pam_msg->msg = msg; >++ pam_msg->msg = (char *)(intptr_t)msg; >+ } >+ >+ mesg[0] = (const struct pam_message *) pam_msg; > >Property changes on: security/sssd/files/patch-src__sss_client__pam_sss.c >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/sssd/files/patch-src__sss_client__sss_nss.exports >=================================================================== >--- security/sssd/files/patch-src__sss_client__sss_nss.exports (revision 552996) >+++ security/sssd/files/patch-src__sss_client__sss_nss.exports (working copy) >@@ -1,4 +1,6 @@ >---- src/sss_client/sss_nss.exports.orig 2014-09-17 13:01:37 UTC >+diff --git src/sss_client/sss_nss.exports src/sss_client/sss_nss.exports >+index 1eefea8d5..8e85a0541 100644 >+--- src/sss_client/sss_nss.exports > +++ src/sss_client/sss_nss.exports > @@ -3,6 +3,7 @@ EXPORTED { > # public functions >@@ -8,13 +10,13 @@ > _nss_sss_getpwnam_r; > _nss_sss_getpwuid_r; > _nss_sss_setpwent; >-@@ -14,7 +15,24 @@ EXPORTED { >+@@ -14,8 +15,25 @@ EXPORTED { > _nss_sss_setgrent; > _nss_sss_getgrent_r; > _nss_sss_endgrent; > + _nss_sss_getgroupmembership; > _nss_sss_initgroups_dyn; >-+ >+ > + __nss_compat_getgrnam_r; > + __nss_compat_getgrgid_r; > + __nss_compat_getgrent_r; >@@ -30,6 +32,7 @@ > + __nss_compat_gethostbyname; > + __nss_compat_gethostbyname2; > + __nss_compat_gethostbyaddr; >- >++ > #_nss_sss_getaliasbyname_r; > #_nss_sss_setaliasent; >+ #_nss_sss_getaliasent_r; >Index: security/sssd/files/patch-src__tests__cmocka__test_authtok.c >=================================================================== >--- security/sssd/files/patch-src__tests__cmocka__test_authtok.c (nonexistent) >+++ security/sssd/files/patch-src__tests__cmocka__test_authtok.c (working copy) >@@ -0,0 +1,12 @@ >+diff --git src/tests/cmocka/test_authtok.c src/tests/cmocka/test_authtok.c >+index 9422f96bc..8492e186a 100644 >+--- src/tests/cmocka/test_authtok.c >++++ src/tests/cmocka/test_authtok.c >+@@ -28,6 +28,7 @@ >+ #include "tests/cmocka/common_mock.h" >+ >+ #include "util/authtok.h" >++#include "util/sss_endian.h" >+ >+ >+ struct test_state { > >Property changes on: security/sssd/files/patch-src__tests__cmocka__test_authtok.c >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/sssd/files/patch-src__tests__cmocka__test_pam_srv.c >=================================================================== >--- security/sssd/files/patch-src__tests__cmocka__test_pam_srv.c (nonexistent) >+++ security/sssd/files/patch-src__tests__cmocka__test_pam_srv.c (working copy) >@@ -0,0 +1,13 @@ >+diff --git src/tests/cmocka/test_pam_srv.c src/tests/cmocka/test_pam_srv.c >+index 446985d5d..f53f84be2 100644 >+--- src/tests/cmocka/test_pam_srv.c >++++ src/tests/cmocka/test_pam_srv.c >+@@ -1177,7 +1177,7 @@ void test_pam_open_session(void **state) >+ >+ /* make sure pam_status is not touched by setting it to a value which is >+ * not used by SSSD. */ >+- pam_test_ctx->exp_pam_status = _PAM_RETURN_VALUES; >++ pam_test_ctx->exp_pam_status = PAM_NUM_ERRORS; >+ set_cmd_cb(test_pam_simple_check); >+ ret = sss_cmd_execute(pam_test_ctx->cctx, SSS_PAM_OPEN_SESSION, >+ pam_test_ctx->pam_cmds); > >Property changes on: security/sssd/files/patch-src__tests__cmocka__test_pam_srv.c >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/sssd/files/patch-src__tests__cwrap__test_responder_common.c >=================================================================== >--- security/sssd/files/patch-src__tests__cwrap__test_responder_common.c (nonexistent) >+++ security/sssd/files/patch-src__tests__cwrap__test_responder_common.c (working copy) >@@ -0,0 +1,18 @@ >+diff --git src/tests/cwrap/test_responder_common.c src/tests/cwrap/test_responder_common.c >+index 11cc3abd8..191310143 100644 >+--- src/tests/cwrap/test_responder_common.c >++++ src/tests/cwrap/test_responder_common.c >+@@ -136,11 +136,13 @@ void check_sock_properties(struct create_pipe_ctx *ctx, mode_t mode) >+ assert_true(S_ISSOCK(sbuf.st_mode)); >+ assert_true((sbuf.st_mode & ~S_IFMT) == mode); >+ >++#ifdef SO_DOMAIN >+ /* Check it's a UNIX socket */ >+ optlen = sizeof(optval); >+ ret = getsockopt(ctx->fd, SOL_SOCKET, SO_DOMAIN, &optval, &optlen); >+ assert_int_equal(ret, 0); >+ assert_int_equal(optval, AF_UNIX); >++#endif >+ >+ optlen = sizeof(optval); >+ ret = getsockopt(ctx->fd, SOL_SOCKET, SO_TYPE, &optval, &optlen); > >Property changes on: security/sssd/files/patch-src__tests__cwrap__test_responder_common.c >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/sssd/files/patch-src__tests__cwrap__test_server.c >=================================================================== >--- security/sssd/files/patch-src__tests__cwrap__test_server.c (nonexistent) >+++ security/sssd/files/patch-src__tests__cwrap__test_server.c (working copy) >@@ -0,0 +1,12 @@ >+diff --git src/tests/cwrap/test_server.c src/tests/cwrap/test_server.c >+index 85ecb7f74..a2ddc595f 100644 >+--- src/tests/cwrap/test_server.c >++++ src/tests/cwrap/test_server.c >+@@ -23,6 +23,7 @@ >+ #include <sys/types.h> >+ #include <sys/stat.h> >+ #include <fcntl.h> >++#include <signal.h> >+ >+ #include <popt.h> >+ #include "util/util.h" > >Property changes on: security/sssd/files/patch-src__tests__cwrap__test_server.c >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/sssd/files/patch-src__tests__dlopen-tests.c >=================================================================== >--- security/sssd/files/patch-src__tests__dlopen-tests.c (nonexistent) >+++ security/sssd/files/patch-src__tests__dlopen-tests.c (working copy) >@@ -0,0 +1,22 @@ >+diff --git src/tests/dlopen-tests.c src/tests/dlopen-tests.c >+index 9a5d3597f..4b469726b 100644 >+--- src/tests/dlopen-tests.c >++++ src/tests/dlopen-tests.c >+@@ -44,7 +44,7 @@ struct so { >+ { "libipa_hbac.so", { LIBPFX"libipa_hbac.so", NULL } }, >+ { "libsss_idmap.so", { LIBPFX"libsss_idmap.so", NULL } }, >+ { "libsss_nss_idmap.so", { LIBPFX"libsss_nss_idmap.so", NULL } }, >+- { "libnss_sss.so", { LIBPFX"libnss_sss.so", NULL } }, >++ { "nss_sss.so", { LIBPFX"nss_sss.so", NULL } }, >+ { "libsss_certmap.so", { LIBPFX"libsss_certmap.so", NULL } }, >+ { "pam_sss.so", { LIBPFX"pam_sss.so", NULL } }, >+ #ifdef BUILD_LIBWBCLIENT >+@@ -82,8 +82,6 @@ struct so { >+ { "libsss_util.so", { LIBPFX"libsss_util.so", NULL } }, >+ { "libsss_simple.so", { LIBPFX"libdlopen_test_providers.so", >+ LIBPFX"libsss_simple.so", NULL } }, >+- { "libsss_files.so", { LIBPFX"libdlopen_test_providers.so", >+- LIBPFX"libsss_files.so", NULL } }, >+ #ifdef BUILD_SAMBA >+ { "libsss_ad.so", { LIBPFX"libdlopen_test_providers.so", >+ LIBPFX"libsss_ad.so", NULL } }, > >Property changes on: security/sssd/files/patch-src__tests__dlopen-tests.c >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/sssd/files/patch-src__util__crypto__libcrypto__crypto_sha512crypt.c >=================================================================== >--- security/sssd/files/patch-src__util__crypto__libcrypto__crypto_sha512crypt.c (revision 552996) >+++ security/sssd/files/patch-src__util__crypto__libcrypto__crypto_sha512crypt.c (working copy) >@@ -1,15 +1,16 @@ >---- src/util/crypto/libcrypto/crypto_sha512crypt.c.orig 2014-09-17 13:01:37 UTC >+diff --git src/util/crypto/libcrypto/crypto_sha512crypt.c src/util/crypto/libcrypto/crypto_sha512crypt.c >+index 2275ccd96..c1e418917 100644 >+--- src/util/crypto/libcrypto/crypto_sha512crypt.c > +++ src/util/crypto/libcrypto/crypto_sha512crypt.c >-@@ -28,6 +28,12 @@ >- #include <openssl/evp.h> >- #include <openssl/rand.h> >+@@ -30,6 +30,11 @@ > >+ #include "sss_openssl.h" >+ > +void * > +mempcpy (void *dest, const void *src, size_t n) > +{ > + return (char *) memcpy (dest, src, n) + n; > +} >-+ >+ > /* Define our magic string to mark salt for SHA512 "encryption" replacement. */ > const char sha512_salt_prefix[] = "$6$"; >- #define SALT_PREF_SIZE (sizeof(sha512_salt_prefix) - 1) >Index: security/sssd/files/patch-src__util__crypto__nss__nss_sha512crypt.c >=================================================================== >--- security/sssd/files/patch-src__util__crypto__nss__nss_sha512crypt.c (revision 552996) >+++ security/sssd/files/patch-src__util__crypto__nss__nss_sha512crypt.c (working copy) >@@ -1,4 +1,6 @@ >---- src/util/crypto/nss/nss_sha512crypt.c.orig 2014-09-17 13:01:37 UTC >+diff --git src/util/crypto/nss/nss_sha512crypt.c src/util/crypto/nss/nss_sha512crypt.c >+index 4d0594d9f..49801222d 100644 >+--- src/util/crypto/nss/nss_sha512crypt.c > +++ src/util/crypto/nss/nss_sha512crypt.c > @@ -29,6 +29,12 @@ > #include <sechash.h> >Index: security/sssd/files/patch-src__util__find_uid.c >=================================================================== >--- security/sssd/files/patch-src__util__find_uid.c (revision 552996) >+++ security/sssd/files/patch-src__util__find_uid.c (working copy) >@@ -1,6 +1,8 @@ >---- src/util/find_uid.c.orig 2014-09-17 13:01:37 UTC >+diff --git src/util/find_uid.c src/util/find_uid.c >+index 215c0d338..42a1df729 100644 >+--- src/util/find_uid.c > +++ src/util/find_uid.c >-@@ -67,7 +67,7 @@ static errno_t get_uid_from_pid(const pid_t pid, uid_t >+@@ -72,7 +72,7 @@ static errno_t get_uid_from_pid(const pid_t pid, uid_t *uid) > uint32_t num=0; > errno_t error; > >@@ -7,9 +9,9 @@ > - ret = snprintf(path, PATHLEN, "/proc/%d/status", pid); > + ret = snprintf(path, PATHLEN, "/compat/linux/proc/%d/status", pid); > if (ret < 0) { >- DEBUG(SSSDBG_CRIT_FAILURE, "snprintf failed"); >+ DEBUG(SSSDBG_CRIT_FAILURE, "snprintf failed\n"); > return EINVAL; >-@@ -207,12 +207,12 @@ static errno_t get_active_uid_linux(hash_table_t *tabl >+@@ -218,12 +218,12 @@ static errno_t get_active_uid_linux(hash_table_t *table, uid_t search_uid) > struct dirent *dirent; > int ret, err; > pid_t pid = -1; >@@ -24,7 +26,7 @@ > if (proc_dir == NULL) { > ret = errno; > DEBUG(SSSDBG_CRIT_FAILURE, "Cannot open proc dir.\n"); >-@@ -287,9 +287,8 @@ done: >+@@ -298,9 +298,8 @@ done: > > errno_t get_uid_table(TALLOC_CTX *mem_ctx, hash_table_t **table) > { >Index: security/sssd/files/patch-src__util__nss_dl_load.c >=================================================================== >--- security/sssd/files/patch-src__util__nss_dl_load.c (nonexistent) >+++ security/sssd/files/patch-src__util__nss_dl_load.c (working copy) >@@ -0,0 +1,11 @@ >+--- src/util/nss_dl_load.c-orig 2020-10-22 17:57:10.433049000 +0100 >++++ src/util/nss_dl_load.c 2020-10-23 08:50:45.202831000 +0100 >+@@ -24,7 +24,7 @@ >+ #include "util/util_errors.h" >+ #include "util/debug.h" >+ #include "nss_dl_load.h" >+- >++#include "util/sss_bsd_errno.h" >+ >+ #define NSS_FN_NAME "_nss_%s_%s" >+ > >Property changes on: security/sssd/files/patch-src__util__nss_dl_load.c >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/sssd/files/patch-src__util__server.c >=================================================================== >--- security/sssd/files/patch-src__util__server.c (revision 552996) >+++ security/sssd/files/patch-src__util__server.c (working copy) >@@ -1,10 +1,10 @@ >---- src/util/server.c.orig 2014-09-17 13:01:37 UTC >+diff --git src/util/server.c src/util/server.c >+index f34bf49f6..7cb3864af 100644 >+--- src/util/server.c > +++ src/util/server.c >-@@ -322,12 +322,14 @@ static void setup_signals(void) >+@@ -311,10 +311,13 @@ static void setup_signals(void) > BlockSignals(false, SIGTERM); > >- CatchSignal(SIGHUP, sig_hup); >-- > #ifndef HAVE_PRCTL > - /* If prctl is not defined on the system, try to handle > - * some common termination signals gracefully */ >Index: security/sssd/files/patch-src__util__signal.c >=================================================================== >--- security/sssd/files/patch-src__util__signal.c (revision 552996) >+++ security/sssd/files/patch-src__util__signal.c (nonexistent) >@@ -1,71 +0,0 @@ >---- src/util/signal.c.orig 2014-09-17 13:01:37 UTC >-+++ src/util/signal.c >-@@ -28,45 +28,6 @@ >- * @brief Signal handling >- */ >- >--/**************************************************************************** >-- Catch child exits and reap the child zombie status. >--****************************************************************************/ >-- >--static void sig_cld(int signum) >--{ >-- while (waitpid((pid_t)-1,(int *)NULL, WNOHANG) > 0) >-- ; >-- >-- /* >-- * Turns out it's *really* important not to >-- * restore the signal handler here if we have real POSIX >-- * signal handling. If we do, then we get the signal re-delivered >-- * immediately - hey presto - instant loop ! JRA. >-- */ >-- >--#if !defined(HAVE_SIGACTION) >-- CatchSignal(SIGCLD, sig_cld); >--#endif >--} >-- >--/**************************************************************************** >--catch child exits - leave status; >--****************************************************************************/ >-- >--static void sig_cld_leave_status(int signum) >--{ >-- /* >-- * Turns out it's *really* important not to >-- * restore the signal handler here if we have real POSIX >-- * signal handling. If we do, then we get the signal re-delivered >-- * immediately - hey presto - instant loop ! JRA. >-- */ >-- >--#if !defined(HAVE_SIGACTION) >-- CatchSignal(SIGCLD, sig_cld_leave_status); >--#endif >--} >-- >- /** >- Block sigs. >- **/ >-@@ -125,22 +86,4 @@ void (*CatchSignal(int signum,void (*handler)(int )))( >- /* FIXME: need to handle sigvec and systems with broken signal() */ >- return signal(signum, handler); >- #endif >--} >-- >--/** >-- Ignore SIGCLD via whatever means is necessary for this OS. >--**/ >-- >--void CatchChild(void) >--{ >-- CatchSignal(SIGCLD, sig_cld); >--} >-- >--/** >-- Catch SIGCLD but leave the child around so it's status can be reaped. >--**/ >-- >--void CatchChildLeaveStatus(void) >--{ >-- CatchSignal(SIGCLD, sig_cld_leave_status); >- } > >Property changes on: security/sssd/files/patch-src__util__signal.c >___________________________________________________________________ >Deleted: fbsd:nokeywords >## -1 +0,0 ## >-yes >\ No newline at end of property >Deleted: svn:eol-style >## -1 +0,0 ## >-native >\ No newline at end of property >Deleted: svn:mime-type >## -1 +0,0 ## >-text/plain >\ No newline at end of property >Index: security/sssd/files/patch-src__util__sss_endian.h >=================================================================== >--- security/sssd/files/patch-src__util__sss_endian.h (nonexistent) >+++ security/sssd/files/patch-src__util__sss_endian.h (working copy) >@@ -0,0 +1,23 @@ >+diff --git src/util/sss_endian.h src/util/sss_endian.h >+index 834c35980..d0bc1d338 100644 >+--- src/util/sss_endian.h >++++ src/util/sss_endian.h >+@@ -29,6 +29,18 @@ >+ # include <sys/endian.h> >+ #endif /* !HAVE_ENDIAN_H && !HAVE_SYS_ENDIAN_H */ >+ >++#if defined(_BYTE_ORDER) && !defined(__BYTE_ORDER) >++#define __BYTE_ORDER _BYTE_ORDER >++#endif >++ >++#if defined(_LITTLE_ENDIAN) && !defined(__LITTLE_ENDIAN) >++#define __LITTLE_ENDIAN _LITTLE_ENDIAN >++#endif >++ >++#if defined(_BIG_ENDIAN) && !defined(__BIG_ENDIAN) >++#define __BIG_ENDIAN _BIG_ENDIAN >++#endif >++ >+ /* Endianness-compatibility for systems running older versions of glibc */ >+ >+ #ifndef le32toh > >Property changes on: security/sssd/files/patch-src__util__sss_endian.h >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/sssd/files/patch-src__util__sss_krb5.c >=================================================================== >--- security/sssd/files/patch-src__util__sss_krb5.c (nonexistent) >+++ security/sssd/files/patch-src__util__sss_krb5.c (working copy) >@@ -0,0 +1,12 @@ >+diff --git src/util/sss_krb5.c src/util/sss_krb5.c >+index c0cc28a75..88e6e6008 100644 >+--- src/util/sss_krb5.c >++++ src/util/sss_krb5.c >+@@ -28,6 +28,7 @@ >+ #include "util/sss_iobuf.h" >+ #include "util/util.h" >+ #include "util/sss_krb5.h" >++#include "util/sss_endian.h" >+ >+ static char * >+ sss_krb5_get_primary(TALLOC_CTX *mem_ctx, > >Property changes on: security/sssd/files/patch-src__util__sss_krb5.c >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/sssd/files/patch-src__util__sss_ldap.c >=================================================================== >--- security/sssd/files/patch-src__util__sss_ldap.c (revision 552996) >+++ security/sssd/files/patch-src__util__sss_ldap.c (nonexistent) >@@ -1,21 +0,0 @@ >---- src/util/sss_ldap.c.orig 2014-09-17 13:01:37 UTC >-+++ src/util/sss_ldap.c >-@@ -206,6 +206,9 @@ static void sdap_async_sys_connect_done(struct tevent_ >- errno = 0; >- ret = connect(state->fd, (struct sockaddr *) &state->addr, >- state->addr_len); >-+ if (errno == EISCONN) { >-+ ret = EOK; >-+ } >- if (ret != EOK) { >- ret = errno; >- if (ret == EINPROGRESS || ret == EINTR) { >-@@ -346,7 +349,7 @@ struct tevent_req *sss_ldap_init_send(TALLOC_CTX *mem_ >- "Using file descriptor [%d] for LDAP connection.\n", state->sd); >- >- subreq = sdap_async_sys_connect_send(state, ev, state->sd, >-- (struct sockaddr *) addr, addr_len); >-+ (struct sockaddr *) addr, sizeof(struct sockaddr)); >- if (subreq == NULL) { >- ret = ENOMEM; >- DEBUG(SSSDBG_CRIT_FAILURE, "sdap_async_sys_connect_send failed.\n"); > >Property changes on: security/sssd/files/patch-src__util__sss_ldap.c >___________________________________________________________________ >Deleted: fbsd:nokeywords >## -1 +0,0 ## >-yes >\ No newline at end of property >Deleted: svn:eol-style >## -1 +0,0 ## >-native >\ No newline at end of property >Deleted: svn:mime-type >## -1 +0,0 ## >-text/plain >\ No newline at end of property >Index: security/sssd/files/patch-src__util__sss_sockets.c >=================================================================== >--- security/sssd/files/patch-src__util__sss_sockets.c (nonexistent) >+++ security/sssd/files/patch-src__util__sss_sockets.c (working copy) >@@ -0,0 +1,45 @@ >+--- src/util/sss_sockets.c.orig 2020-03-17 13:31:28.000000000 +0000 >++++ src/util/sss_sockets.c 2020-10-22 19:39:46.454834000 +0100 >+@@ -120,14 +120,16 @@ >+ } >+ >+ milli = timeout * 1000; /* timeout in milliseconds */ >+- ret = setsockopt(fd, IPPROTO_TCP, TCP_USER_TIMEOUT, &milli, >+- sizeof(milli)); >+- if (ret != 0) { >+- ret = errno; >+- DEBUG(SSSDBG_FUNC_DATA, >+- "setsockopt TCP_USER_TIMEOUT failed.[%d][%s].\n", ret, >+- strerror(ret)); >+- } >++ /* FreeBSD does not have TCP_USER_TIMEOUT option yet .... >++ * ret = setsockopt(fd, IPPROTO_TCP, TCP_USER_TIMEOUT, &milli, >++ * sizeof(milli)); >++ * if (ret != 0) { >++ * ret = errno; >++ * DEBUG(SSSDBG_FUNC_DATA, >++ * "setsockopt TCP_USER_TIMEOUT failed.[%d][%s].\n", ret, >++ * strerror(ret)); >++ * } >++ */ >+ } >+ >+ return EOK; >+@@ -230,7 +232,7 @@ >+ >+ talloc_zfree(fde); >+ >+- if (ret == EOK) { >++ if (ret == EOK || ret == EISCONN) { >+ tevent_req_done(req); >+ } else { >+ ret = errno; >+@@ -313,7 +315,7 @@ >+ "Using file descriptor [%d] for the connection.\n", state->sd); >+ >+ subreq = sssd_async_connect_send(state, ev, state->sd, >+- (struct sockaddr *) addr, addr_len); >++ (struct sockaddr *) addr, sizeof(struct sockaddr)); >+ if (subreq == NULL) { >+ ret = ENOMEM; >+ DEBUG(SSSDBG_CRIT_FAILURE, "sssd_async_connect_send failed.\n"); > >Property changes on: security/sssd/files/patch-src__util__sss_sockets.c >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/sssd/files/patch-src__util__util.c >=================================================================== >--- security/sssd/files/patch-src__util__util.c (nonexistent) >+++ security/sssd/files/patch-src__util__util.c (working copy) >@@ -0,0 +1,22 @@ >+--- src/util/util.c 2020-10-20 19:31:51.466783000 +0100 >++++ src/util/util.c 2020-10-20 19:33:20.832098000 +0100 >+@@ -830,6 +830,19 @@ >+ return EOK; >+ } >+ >++ >++#ifdef __FreeBSD__ >++int flb_timezone(void) >++{ >++ struct tm tm; >++ time_t t = 0; >++ tzset(); >++ localtime_r(&t, &tm); >++ return -(tm.tm_gmtoff); >++} >++#define timezone (flb_timezone()) >++#endif >++ >+ /* Convert GeneralizedTime (http://en.wikipedia.org/wiki/GeneralizedTime) >+ * to unix time (seconds since epoch). Use UTC time zone. >+ */ > >Property changes on: security/sssd/files/patch-src__util__util.c >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: security/sssd/files/patch-src__util__util.h >=================================================================== >--- security/sssd/files/patch-src__util__util.h (revision 552996) >+++ security/sssd/files/patch-src__util__util.h (working copy) >@@ -1,18 +1,11 @@ >---- src/util/util.h.orig 2014-09-17 13:01:37 UTC >+diff --git src/util/util.h src/util/util.h >+index 1e36bf02a..e883f322f 100644 >+--- src/util/util.h > +++ src/util/util.h >-@@ -227,8 +227,6 @@ void sig_term(int sig); >- #include <signal.h> >- void BlockSignals(bool block, int signum); >- void (*CatchSignal(int signum,void (*handler)(int )))(int); >--void CatchChild(void); >--void CatchChildLeaveStatus(void); >+@@ -733,4 +733,6 @@ errno_t create_preauth_indicator(void); >+ #define N_ELEMENTS(arr) (sizeof(arr) / sizeof(arr[0])) >+ #endif > >- /* from memory.c */ >- typedef int (void_destructor_fn_t)(void *); >-@@ -542,5 +540,6 @@ char * sss_replace_space(TALLOC_CTX *mem_ctx, >- char * sss_reverse_replace_space(TALLOC_CTX *mem_ctx, >- const char *orig_name, >- const char replace_char); > +#include "util/sss_bsd_errno.h" >- >++ > #endif /* __SSSD_UTIL_H__ */ >Index: security/sssd/files/patch-src_external_pac__responder.m4 >=================================================================== >--- security/sssd/files/patch-src_external_pac__responder.m4 (revision 552996) >+++ security/sssd/files/patch-src_external_pac__responder.m4 (nonexistent) >@@ -1,25 +0,0 @@ >---- src/external/pac_responder.m4.orig 2014-09-17 13:01:37 UTC >-+++ src/external/pac_responder.m4 >-@@ -14,14 +14,20 @@ then >- PKG_CHECK_MODULES(NDR_KRB5PAC, ndr_krb5pac, ndr_krb5pac_ok=yes, >- AC_MSG_WARN([Cannot build pac responder without libndr_krb5pac])) >- >-- AC_PATH_PROG(KRB5_CONFIG, krb5-config) >-+ AC_PATH_PROG(KRB5_CONFIG, krb5-config, [], [/usr/local/bin:$PATH]) >- AC_MSG_CHECKING(for supported MIT krb5 version) >- KRB5_VERSION="`$KRB5_CONFIG --version`" >- case $KRB5_VERSION in >- Kerberos\ 5\ release\ 1.9* | \ >- Kerberos\ 5\ release\ 1.10* | \ >- Kerberos\ 5\ release\ 1.11* | \ >-- Kerberos\ 5\ release\ 1.12*) >-+ Kerberos\ 5\ release\ 1.12* | \ >-+ Kerberos\ 5\ release\ 1.13* | \ >-+ Kerberos\ 5\ release\ 1.14* | \ >-+ Kerberos\ 5\ release\ 1.15* | \ >-+ Kerberos\ 5\ release\ 1.16* | \ >-+ Kerberos\ 5\ release\ 1.17* | \ >-+ Kerberos\ 5\ release\ 1.18*) >- krb5_version_ok=yes >- AC_MSG_RESULT([yes]) >- ;; > >Property changes on: security/sssd/files/patch-src_external_pac__responder.m4 >___________________________________________________________________ >Deleted: fbsd:nokeywords >## -1 +0,0 ## >-yes >\ No newline at end of property >Deleted: svn:eol-style >## -1 +0,0 ## >-native >\ No newline at end of property >Deleted: svn:mime-type >## -1 +0,0 ## >-text/plain >\ No newline at end of property >Index: security/sssd/files/pkg-message.in >=================================================================== >--- security/sssd/files/pkg-message.in (revision 552996) >+++ security/sssd/files/pkg-message.in (working copy) >@@ -1,6 +1,4 @@ >-[ >-{ type: install >- message: <<EOM >+================================================================================ > Copy %%PREFIX%%/etc/sssd/sssd.conf.sample to %%PREFIX%%/etc/sssd/sssd.conf > and edit %%PREFIX%%/etc/sssd/sssd.conf (see man sssd.conf for details) > >@@ -20,6 +18,4 @@ > > An sssd HOWTO is also available: > https://fedorahosted.org/sssd/wiki/HOWTO_Configure_1_0_2 >-EOM >-} >-] >+================================================================================ >Index: security/sssd/files/sssd.in >=================================================================== >--- security/sssd/files/sssd.in (revision 552996) >+++ security/sssd/files/sssd.in (working copy) >@@ -34,7 +34,8 @@ > > sssd_prestart() > { >- for i in db/sss db/sss_mc log/sssd run/sss/krb5.include.d run/sss/private run/sss; do >+ >+ for i in db/sss/db db/sss/gpo_cache db/sss/keytabs db/sss/mc db/sss/pubconf/krb5.include.d/ db/sss/secrets log/sssd run/sss/pipes/private; do > if [ ! -d var/${i} ]; then mkdir -p /var/${i}; fi > done > } >Index: security/sssd/pkg-plist >=================================================================== >--- security/sssd/pkg-plist (revision 552996) >+++ security/sssd/pkg-plist (working copy) >@@ -3,19 +3,29 @@ > etc/dbus-1/system.d/org.freedesktop.sssd.infopipe.conf > %%ETCDIR%%/sssd.conf.sample > include/ipa_hbac.h >+include/sss_certmap.h > include/sss_idmap.h > include/sss_nss_idmap.h >+include/sss_sifp.h >+include/sss_sifp_dbus.h >+include/wbclient_sssd.h > %%SMB%%lib/krb5/plugins/authdata/sssd_pac_plugin.so > lib/krb5/plugins/libkrb5/sssd_krb5_locator_plugin.so > lib/libipa_hbac.so > lib/libipa_hbac.so.0 >-lib/libipa_hbac.so.0.0.1 >+lib/libipa_hbac.so.0.1.0 >+lib/libsss_certmap.so >+lib/libsss_certmap.so.0 >+lib/libsss_certmap.so.0.0.0 > lib/libsss_idmap.so > lib/libsss_idmap.so.0 >-lib/libsss_idmap.so.0.4.0 >+lib/libsss_idmap.so.0.5.1 > lib/libsss_nss_idmap.so > lib/libsss_nss_idmap.so.0 >-lib/libsss_nss_idmap.so.0.0.1 >+lib/libsss_nss_idmap.so.0.5.0 >+lib/libsss_simpleifp.so >+lib/libsss_simpleifp.so.0 >+lib/libsss_simpleifp.so.0.1.1 > lib/libsss_sudo.so > lib/nss_sss.so > lib/nss_sss.so.1 >@@ -22,19 +32,20 @@ > lib/nss_sss.so.2 > lib/nss_sss.so.2.0.0 > lib/pam_sss.so >-%%PYTHON_SITELIBDIR%%/SSSDConfig-1.11.7-py%%PYTHON_VER%%.egg-info >+%%PYTHON_SITELIBDIR%%/SSSDConfig-1.16.5-py%%PYTHON_VER%%.egg-info > %%PYTHON_SITELIBDIR%%/SSSDConfig/__init__.py >-%%PYTHON_SITELIBDIR%%/SSSDConfig/__init__.pyc >+%%PYTHON_SITELIBDIR%%/SSSDConfig/__pycache__/__init__.cpython-37.pyc >+%%PYTHON_SITELIBDIR%%/SSSDConfig/__pycache__/ipachangeconf.cpython-37.pyc > %%PYTHON_SITELIBDIR%%/SSSDConfig/ipachangeconf.py >-%%PYTHON_SITELIBDIR%%/SSSDConfig/ipachangeconf.pyc >-%%PYTHON_SITELIBDIR%%/SSSDConfig/sssd_upgrade_config.py >-%%PYTHON_SITELIBDIR%%/SSSDConfig/sssd_upgrade_config.pyc > %%PYTHON_SITELIBDIR%%/pyhbac.so > %%PYTHON_SITELIBDIR%%/pysss.so > %%PYTHON_SITELIBDIR%%/pysss_murmur.so > %%PYTHON_SITELIBDIR%%/pysss_nss_idmap.so >+%%SMB%%lib/samba/idmap/winbind_idmap_sss.so > lib/shared-modules/ldb/memberof.so > %%SMB%%lib/sssd/libsss_ad.so >+lib/sssd/conf/sssd.conf >+lib/sssd/libsss_cert.so > lib/sssd/libsss_child.so > lib/sssd/libsss_crypt.so > lib/sssd/libsss_debug.so >@@ -44,13 +55,23 @@ > lib/sssd/libsss_ldap.so > lib/sssd/libsss_ldap_common.so > lib/sssd/libsss_proxy.so >+lib/sssd/libsss_semanage.so > lib/sssd/libsss_simple.so > lib/sssd/libsss_util.so >+lib/sssd/modules/libwbclient.so >+lib/sssd/modules/libwbclient.so.0 >+lib/sssd/modules/libwbclient.so.0.14.0 >+lib/sssd/modules/sssd_krb5_localauth_plugin.so > libdata/pkgconfig/ipa_hbac.pc >+libdata/pkgconfig/sss_certmap.pc > libdata/pkgconfig/sss_idmap.pc > libdata/pkgconfig/sss_nss_idmap.pc >+libdata/pkgconfig/sss_simpleifp.pc >+libdata/pkgconfig/wbclient_sssd.pc >+%%SMB%%libexec/sssd/gpo_child > libexec/sssd/krb5_child > libexec/sssd/ldap_child >+libexec/sssd/p11_child > libexec/sssd/proxy_child > libexec/sssd/sss_signal > libexec/sssd/sssd_be >@@ -60,15 +81,24 @@ > libexec/sssd/sssd_pam > libexec/sssd/sssd_ssh > libexec/sssd/sssd_sudo >-man/es/man1/sss_ssh_authorizedkeys.1.gz >-man/es/man1/sss_ssh_knownhostsproxy.1.gz >-man/es/man5/sssd-ldap.5.gz >+man/de/man1/sss_ssh_knownhostsproxy.1.gz >+man/de/man5/sssd-ifp.5.gz >+man/de/man5/sssd-krb5.5.gz >+man/de/man5/sssd-ldap.5.gz >+man/de/man5/sssd-simple.5.gz >+man/de/man5/sssd-sudo.5.gz >+man/de/man8/sss_groupadd.8.gz >+man/de/man8/sss_groupdel.8.gz >+man/de/man8/sss_groupmod.8.gz >+man/de/man8/sss_groupshow.8.gz >+man/de/man8/sss_obfuscate.8.gz >+man/de/man8/sss_seed.8.gz >+man/de/man8/sss_useradd.8.gz >+man/de/man8/sss_userdel.8.gz >+man/de/man8/sss_usermod.8.gz >+man/de/man8/sssd.8.gz > man/es/man5/sssd-simple.5.gz > man/es/man5/sssd-sudo.5.gz >-man/es/man5/sssd.conf.5.gz >-man/es/man8/pam_sss.8.gz >-man/es/man8/sss_cache.8.gz >-man/es/man8/sss_debuglevel.8.gz > man/es/man8/sss_groupadd.8.gz > man/es/man8/sss_groupdel.8.gz > man/es/man8/sss_groupmod.8.gz >@@ -79,18 +109,11 @@ > man/es/man8/sss_userdel.8.gz > man/es/man8/sss_usermod.8.gz > man/es/man8/sssd.8.gz >-man/es/man8/sssd_krb5_locator_plugin.8.gz >-man/fr/man1/sss_ssh_authorizedkeys.1.gz > man/fr/man1/sss_ssh_knownhostsproxy.1.gz >-man/fr/man5/sssd-ad.5.gz > man/fr/man5/sssd-krb5.5.gz > man/fr/man5/sssd-ldap.5.gz > man/fr/man5/sssd-simple.5.gz > man/fr/man5/sssd-sudo.5.gz >-man/fr/man5/sssd.conf.5.gz >-man/fr/man8/pam_sss.8.gz >-man/fr/man8/sss_cache.8.gz >-man/fr/man8/sss_debuglevel.8.gz > man/fr/man8/sss_groupadd.8.gz > man/fr/man8/sss_groupdel.8.gz > man/fr/man8/sss_groupmod.8.gz >@@ -101,16 +124,8 @@ > man/fr/man8/sss_userdel.8.gz > man/fr/man8/sss_usermod.8.gz > man/fr/man8/sssd.8.gz >-man/fr/man8/sssd_krb5_locator_plugin.8.gz >-man/ja/man1/sss_ssh_authorizedkeys.1.gz > man/ja/man1/sss_ssh_knownhostsproxy.1.gz >-man/ja/man5/sssd-krb5.5.gz >-man/ja/man5/sssd-ldap.5.gz > man/ja/man5/sssd-simple.5.gz >-man/ja/man5/sssd.conf.5.gz >-man/ja/man8/pam_sss.8.gz >-man/ja/man8/sss_cache.8.gz >-man/ja/man8/sss_debuglevel.8.gz > man/ja/man8/sss_groupadd.8.gz > man/ja/man8/sss_groupdel.8.gz > man/ja/man8/sss_groupmod.8.gz >@@ -120,17 +135,20 @@ > man/ja/man8/sss_userdel.8.gz > man/ja/man8/sss_usermod.8.gz > man/ja/man8/sssd.8.gz >-man/ja/man8/sssd_krb5_locator_plugin.8.gz > man/man1/sss_ssh_authorizedkeys.1.gz > man/man1/sss_ssh_knownhostsproxy.1.gz >-man/man5/sssd-ad.5.gz >+man/man5/sss-certmap.5.gz >+%%SMB%%man/man5/sssd-ad.5.gz >+man/man5/sssd-files.5.gz > man/man5/sssd-ifp.5.gz >-man/man5/sssd-ipa.5.gz >+%%SMB%%man/man5/sssd-ipa.5.gz > man/man5/sssd-krb5.5.gz > man/man5/sssd-ldap.5.gz >+man/man5/sssd-session-recording.5.gz > man/man5/sssd-simple.5.gz > man/man5/sssd-sudo.5.gz > man/man5/sssd.conf.5.gz >+man/man8/idmap_sss.8.gz > man/man8/pam_sss.8.gz > man/man8/sss_cache.8.gz > man/man8/sss_debuglevel.8.gz >@@ -139,24 +157,36 @@ > man/man8/sss_groupmod.8.gz > man/man8/sss_groupshow.8.gz > man/man8/sss_obfuscate.8.gz >+man/man8/sss_override.8.gz > man/man8/sss_seed.8.gz > man/man8/sss_useradd.8.gz > man/man8/sss_userdel.8.gz > man/man8/sss_usermod.8.gz >+man/man8/sssctl.8.gz > man/man8/sssd.8.gz > man/man8/sssd_krb5_locator_plugin.8.gz > man/nl/man8/sss_groupmod.8.gz > man/pt/man8/sss_groupdel.8.gz > man/pt/man8/sss_groupmod.8.gz >+man/sv/man5/sssd.conf.5.gz >+man/sv/man8/sss_groupmod.8.gz > man/uk/man1/sss_ssh_authorizedkeys.1.gz > man/uk/man1/sss_ssh_knownhostsproxy.1.gz >+man/uk/man5/sss-certmap.5.gz >+man/uk/man5/sss_rpcidmapd.5.gz > man/uk/man5/sssd-ad.5.gz >+man/uk/man5/sssd-files.5.gz > man/uk/man5/sssd-ifp.5.gz >+man/uk/man5/sssd-ipa.5.gz > man/uk/man5/sssd-krb5.5.gz > man/uk/man5/sssd-ldap.5.gz >+man/uk/man5/sssd-secrets.5.gz >+man/uk/man5/sssd-session-recording.5.gz > man/uk/man5/sssd-simple.5.gz > man/uk/man5/sssd-sudo.5.gz >+man/uk/man5/sssd-systemtap.5.gz > man/uk/man5/sssd.conf.5.gz >+man/uk/man8/idmap_sss.8.gz > man/uk/man8/pam_sss.8.gz > man/uk/man8/sss_cache.8.gz > man/uk/man8/sss_debuglevel.8.gz >@@ -165,10 +195,13 @@ > man/uk/man8/sss_groupmod.8.gz > man/uk/man8/sss_groupshow.8.gz > man/uk/man8/sss_obfuscate.8.gz >+man/uk/man8/sss_override.8.gz > man/uk/man8/sss_seed.8.gz > man/uk/man8/sss_useradd.8.gz > man/uk/man8/sss_userdel.8.gz > man/uk/man8/sss_usermod.8.gz >+man/uk/man8/sssctl.8.gz >+man/uk/man8/sssd-kcm.8.gz > man/uk/man8/sssd.8.gz > man/uk/man8/sssd_krb5_locator_plugin.8.gz > sbin/sss_cache >@@ -178,19 +211,30 @@ > sbin/sss_groupmod > sbin/sss_groupshow > sbin/sss_obfuscate >+sbin/sss_override > sbin/sss_seed > sbin/sss_useradd > sbin/sss_userdel > sbin/sss_usermod >+sbin/sssctl > sbin/sssd >+@dir %%ETCDIR%%/conf.d >+@dir %%ETCDIR%%/pki > @dir lib/ldb >-@dir lib/sssd/modules > %%PORTDOCS%%@dir %%DOCSDIR%%/doc > %%PORTDOCS%%@dir %%DOCSDIR%%/hbac_doc > %%PORTDOCS%%@dir %%DOCSDIR%%/idmap_doc >-%%PORTDOCS%%@dir %%DOCSDIR%%/libsss_sudo_doc > %%PORTDOCS%%@dir %%DOCSDIR%%/nss_idmap_doc >-@postexec if [ -d %%ETCDIR%% ]; then echo "==> If you are permanently removing this port, you should do a ``rm -rf %%ETCDIR%%`` to remove any configuration files."; fi >-@postexec if [ -d /var/db/sss ]; then echo "==> If you are permanently removing this port, you should do a ``rm -rf /var/db/sss`` to remove any additional files."; fi >-@postexec if [ -d /var/db/sss_mc ]; then echo "==> If you are permanently removing this port, you should do a ``rm -rf /var/db/sss_mc`` to remove any additional files."; fi >-@postexec if [ -d /var/run/sss ]; then echo "==> If you are permanently removing this port, you should do a ``rm -rf /var/run/sss`` to remove any additional files."; fi >+%%PORTDOCS%%@dir %%DOCSDIR%%/sss_simpleifp_doc >+@dir /var/db/sss/db >+@dir /var/db/sss/deskprofile >+@dir /var/db/sss/gpo_cache >+@dir /var/db/sss/keytabs >+@dir /var/db/sss/mc >+@dir /var/db/sss/pubconf/krb5.include.d >+@dir /var/db/sss/pubconf >+@dir /var/db/sss >+@dir /var/log/sssd >+@dir /var/run/sss/pipes/private >+@dir /var/run/sss/pipes >+@dir /var/run/sss
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=218997">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 241347
:
208428
|
210896
|
212458
|
212864
|
218978
|
218997
|
219607