kiwi/klara-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: kiwi:9180eb99a8edcf677fbdf1030361690ccc1552ed
Branches Tags
kiwi:main
...
compare: kiwi:c5b73c7c19d8ed069d34baa8f1170c229820b195
Branches Tags
kiwi:main

2 Commits
9180eb99a8 ... c5b73c7c19

Author SHA1 Message Date
Xavier Beaudouin
c5b73c7c19 Backup 2024-05-06 11:01:28 +02:00
Xavier Beaudouin
f9ad20c484 Try USES=samba 2024-05-06 11:00:49 +02:00
4 changed files with 43 additions and 126 deletions
Expand all files Collapse all files

26
security/sssd2.old/files/patch-src_config_cfg__rules.ini
View File

@ -5,21 +5,21 @@
section = session_recording section = session_recording
section_re = ^prompting/password$ section_re = ^prompting/password$
-section_re = ^prompting/password/[^/\@]\+$ -section_re = ^prompting/password/[^/\@]\+$
+section_re = ^prompting/password/[^/\@]+$ +section_re = ^prompting/password/[^/\@]\{1,\}$
section_re = ^prompting/2fa$ section_re = ^prompting/2fa$
-section_re = ^prompting/2fa/[^/\@]\+$ -section_re = ^prompting/2fa/[^/\@]\+$
+section_re = ^prompting/2fa/[^/\@]+$ +section_re = ^prompting/2fa/[^/\@]\{1,\}$
section_re = ^prompting/passkey$ section_re = ^prompting/passkey$
-section_re = ^prompting/passkey/[^/\@]\+$ -section_re = ^prompting/passkey/[^/\@]\+$
-section_re = ^domain/[^/\@]\+$ -section_re = ^domain/[^/\@]\+$
-section_re = ^domain/[^/\@]\+/[^/\@]\+$ -section_re = ^domain/[^/\@]\+/[^/\@]\+$
-section_re = ^application/[^/\@]\+$ -section_re = ^application/[^/\@]\+$
-section_re = ^certmap/[^/\@]\+/[^/\@]\+$ -section_re = ^certmap/[^/\@]\+/[^/\@]\+$
+section_re = ^prompting/passkey/[^/\@]+$ +section_re = ^prompting/passkey/[^/\@]\{1,\}$
+section_re = ^domain/[^/\@]+$ +section_re = ^domain/[^/\@]\{1,\}$
+section_re = ^domain/[^/\@]+/[^/\@]+$ +section_re = ^domain/[^/\@]\{1,\}/[^/\@]\{1,\}$
+section_re = ^application/[^/\@]+$ +section_re = ^application/[^/\@]\{1,\}$
+section_re = ^certmap/[^/\@]+/[^/\@]+$ +section_re = ^certmap/[^/\@]\{1,\}/[^/\@]\{1,\}$
[rule/allowed_sssd_options] [rule/allowed_sssd_options]
@ -28,14 +28,14 @@
[rule/allowed_prompting_password_subsec_options] [rule/allowed_prompting_password_subsec_options]
validator = ini_allowed_options validator = ini_allowed_options
-section_re = ^prompting/password/[^/\@]\+$ -section_re = ^prompting/password/[^/\@]\+$
+section_re = ^prompting/password/[^/\@]+$ +section_re = ^prompting/password/[^/\@]\{1,\}$
option = password_prompt option = password_prompt
[rule/allowed_prompting_2fa_subsec_options] [rule/allowed_prompting_2fa_subsec_options]
validator = ini_allowed_options validator = ini_allowed_options
-section_re = ^prompting/2fa/[^/\@]\+$ -section_re = ^prompting/2fa/[^/\@]\+$
+section_re = ^prompting/2fa/[^/\@]+$ +section_re = ^prompting/2fa/[^/\@]\{1,\}$
option = single_prompt option = single_prompt
option = first_prompt option = first_prompt
@ -44,7 +44,7 @@
[rule/allowed_prompting_passkey_subsec_options] [rule/allowed_prompting_passkey_subsec_options]
validator = ini_allowed_options validator = ini_allowed_options
-section_re = ^prompting/passkey/[^/\@]\+$ -section_re = ^prompting/passkey/[^/\@]\+$
+section_re = ^prompting/passkey/[^/\@]+$ +section_re = ^prompting/passkey/[^/\@]\{1,\}$
option = interactive option = interactive
option = interactive_prompt option = interactive_prompt
@ -53,7 +53,7 @@
[rule/allowed_domain_options] [rule/allowed_domain_options]
validator = ini_allowed_options validator = ini_allowed_options
-section_re = ^\(domain\|application\)/[^/]\+$ -section_re = ^\(domain\|application\)/[^/]\+$
+section_re = ^(domain|application)/[^/]+$ +section_re = ^(domain|application)/[^/]\{1,\}$
option = debug option = debug
option = debug_level option = debug_level
@ -62,7 +62,7 @@
[rule/allowed_subdomain_options] [rule/allowed_subdomain_options]
validator = ini_allowed_options validator = ini_allowed_options
-section_re = ^domain/[^/\@]\+/[^/\@]\+$ -section_re = ^domain/[^/\@]\+/[^/\@]\+$
+section_re = ^domain/[^/\@]+/[^/\@]+$ +section_re = ^domain/[^/\@]+/[^/\@]\{1,\}$
option = ldap_search_base option = ldap_search_base
option = ldap_user_search_base option = ldap_user_search_base
@ -71,7 +71,7 @@
[rule/allowed_certmap_options] [rule/allowed_certmap_options]
validator = ini_allowed_options validator = ini_allowed_options
-section_re = ^certmap/[^/\@]\+/[^/\@]\+$ -section_re = ^certmap/[^/\@]\+/[^/\@]\+$
+section_re = ^certmap/[^/\@]+/[^/\@]+$ +section_re = ^certmap/[^/\@]+/[^/\@]\{1,\}$
option = matchrule option = matchrule
option = maprule option = maprule

54
security/sssd2.old/pkg-plist
View File

@ -92,33 +92,6 @@ libexec/sssd/sssd_pac
libexec/sssd/sssd_pam libexec/sssd/sssd_pam
libexec/sssd/sssd_ssh libexec/sssd/sssd_ssh
libexec/sssd/sssd_sudo libexec/sssd/sssd_sudo
share/man1/sss_ssh_authorizedkeys.1.gz
share/man1/sss_ssh_knownhostsproxy.1.gz
share/man5/sss-certmap.5.gz
share/man5/sssd-ad.5.gz
share/man5/sssd-files.5.gz
share/man5/sssd-ifp.5.gz
share/man5/sssd-ipa.5.gz
share/man5/sssd-krb5.5.gz
share/man5/sssd-ldap-attributes.5.gz
share/man5/sssd-ldap.5.gz
share/man5/sssd-session-recording.5.gz
share/man5/sssd-simple.5.gz
share/man5/sssd-sudo.5.gz
share/man5/sssd.conf.5.gz
share/man8/idmap_sss.8.gz
share/man8/pam_sss.8.gz
share/man8/pam_sss_gss.8.gz
share/man8/sss_cache.8.gz
share/man8/sss_debuglevel.8.gz
share/man8/sss_obfuscate.8.gz
share/man8/sss_override.8.gz
share/man8/sss_seed.8.gz
share/man8/sssctl.8.gz
share/man8/sssd-kcm.8.gz
share/man8/sssd.8.gz
/shareman8/sssd_krb5_localauth_plugin.8.gz
share/man8/sssd_krb5_locator_plugin.8.gz
sbin/sss_cache sbin/sss_cache
sbin/sss_debuglevel sbin/sss_debuglevel
sbin/sss_obfuscate sbin/sss_obfuscate
@ -128,6 +101,33 @@ sbin/sssctl
sbin/sssd sbin/sssd
share/dbus-1/system-services/org.freedesktop.sssd.infopipe.service share/dbus-1/system-services/org.freedesktop.sssd.infopipe.service
share/dbus-1/system.d/org.freedesktop.sssd.infopipe.conf share/dbus-1/system.d/org.freedesktop.sssd.infopipe.conf
share/man/man1/sss_ssh_authorizedkeys.1.gz
share/man/man1/sss_ssh_knownhostsproxy.1.gz
share/man/man5/sss-certmap.5.gz
share/man/man5/sssd-ad.5.gz
share/man/man5/sssd-files.5.gz
share/man/man5/sssd-ifp.5.gz
share/man/man5/sssd-ipa.5.gz
share/man/man5/sssd-krb5.5.gz
share/man/man5/sssd-ldap-attributes.5.gz
share/man/man5/sssd-ldap.5.gz
share/man/man5/sssd-session-recording.5.gz
share/man/man5/sssd-simple.5.gz
share/man/man5/sssd-sudo.5.gz
share/man/man5/sssd.conf.5.gz
share/man/man8/idmap_sss.8.gz
share/man/man8/pam_sss.8.gz
share/man/man8/pam_sss_gss.8.gz
share/man/man8/sss_cache.8.gz
share/man/man8/sss_debuglevel.8.gz
share/man/man8/sss_obfuscate.8.gz
share/man/man8/sss_override.8.gz
share/man/man8/sss_seed.8.gz
share/man/man8/sssctl.8.gz
share/man/man8/sssd-kcm.8.gz
share/man/man8/sssd.8.gz
share/man/man8/sssd_krb5_localauth_plugin.8.gz
share/man/man8/sssd_krb5_locator_plugin.8.gz
%%DATADIR%%/dbus-1/system-services/org.freedesktop.sssd.infopipe.service %%DATADIR%%/dbus-1/system-services/org.freedesktop.sssd.infopipe.service
%%DATADIR%%/dbus-1/system.d/org.freedesktop.sssd.infopipe.conf %%DATADIR%%/dbus-1/system.d/org.freedesktop.sssd.infopipe.conf
%%DATADIR%%/sssd-kcm/kcm_default_ccache %%DATADIR%%/sssd-kcm/kcm_default_ccache

12
security/sssd2/Makefile
View File

@ -1,6 +1,6 @@
PORTNAME= sssd PORTNAME= sssd
PORTVERSION= 2.9.4 PORTVERSION= 2.9.4
PORTREVISION= 7 PORTREVISION= 6
CATEGORIES= security CATEGORIES= security
PKGNAMESUFFIX= 2 PKGNAMESUFFIX= 2
@ -34,20 +34,13 @@ LIB_DEPENDS= libcares.so:dns/c-ares \
libjansson.so:devel/jansson \ libjansson.so:devel/jansson \
libjose.so:net/jose \ libjose.so:net/jose \
libkrb5.so:security/krb5 \ libkrb5.so:security/krb5 \
libldb.so:databases/ldb25 \
libndr-krb5pac.so:net/samba416 \
libndr-nbt.so:net/samba416 \
libndr-standard.so:net/samba416 \
libndr.so:net/samba416 \
libnfs.so:net/libnfs \ libnfs.so:net/libnfs \
libnss3.so:security/nss \ libnss3.so:security/nss \
libp11-kit.so:security/p11-kit \ libp11-kit.so:security/p11-kit \
libpcre2-posix.so:devel/pcre2 \ libpcre2-posix.so:devel/pcre2 \
libplds4.so:devel/nspr \ libplds4.so:devel/nspr \
libpopt.so:devel/popt \ libpopt.so:devel/popt \
libsamba-util.so:net/samba416 \
libsasl2.so:security/cyrus-sasl2 \ libsasl2.so:security/cyrus-sasl2 \
libsmbclient.so:net/samba416 \
libtalloc.so:devel/talloc \ libtalloc.so:devel/talloc \
libtdb.so:databases/tdb \ libtdb.so:databases/tdb \
libtevent.so:devel/tevent \ libtevent.so:devel/tevent \
@ -57,7 +50,8 @@ LIB_DEPENDS= libcares.so:dns/c-ares \
RUN_DEPENDS= cyrus-sasl-gssapi>0:security/cyrus-sasl2-gssapi RUN_DEPENDS= cyrus-sasl-gssapi>0:security/cyrus-sasl2-gssapi
USES= autoreconf cpe gettext gmake gssapi:bootstrap,flags,mit iconv ldap \ USES= autoreconf cpe gettext gmake gssapi:bootstrap,flags,mit iconv ldap \
libtool localbase:ldflags pathfix pkgconfig python:3.9+ shebangfix ssl libtool localbase:ldflags pathfix pkgconfig python:3.9+ shebangfix ssl \
samba
USE_LDCONFIG= yes USE_LDCONFIG= yes
GNU_CONFIGURE= yes GNU_CONFIGURE= yes

77
security/sssd2/files/patch-src_config_cfg__rules.ini
View File

@ -1,77 +0,0 @@
--- src/config/cfg_rules.ini.orig 2024-04-24 13:37:15 UTC
+++ src/config/cfg_rules.ini
@@ -11,15 +11,15 @@ section_re = ^prompting/password$
section = kcm
section = session_recording
section_re = ^prompting/password$
-section_re = ^prompting/password/[^/\@]\+$
+section_re = ^prompting/password/[^/\@]\{1,\}$
section_re = ^prompting/2fa$
-section_re = ^prompting/2fa/[^/\@]\+$
+section_re = ^prompting/2fa/[^/\@]\{1,\}$
section_re = ^prompting/passkey$
-section_re = ^prompting/passkey/[^/\@]\+$
-section_re = ^domain/[^/\@]\+$
-section_re = ^domain/[^/\@]\+/[^/\@]\+$
-section_re = ^application/[^/\@]\+$
-section_re = ^certmap/[^/\@]\+/[^/\@]\+$
+section_re = ^prompting/passkey/[^/\@]\{1,\}$
+section_re = ^domain/[^/\@]\{1,\}$
+section_re = ^domain/[^/\@]\{1,\}/[^/\@]\{1,\}$
+section_re = ^application/[^/\@]\{1,\}$
+section_re = ^certmap/[^/\@]\{1,\}/[^/\@]\{1,\}$
[rule/allowed_sssd_options]
@@ -329,13 +329,13 @@ validator = ini_allowed_options
[rule/allowed_prompting_password_subsec_options]
validator = ini_allowed_options
-section_re = ^prompting/password/[^/\@]\+$
+section_re = ^prompting/password/[^/\@]\{1,\}$
option = password_prompt
[rule/allowed_prompting_2fa_subsec_options]
validator = ini_allowed_options
-section_re = ^prompting/2fa/[^/\@]\+$
+section_re = ^prompting/2fa/[^/\@]\{1,\}$
option = single_prompt
option = first_prompt
@@ -343,7 +343,7 @@ validator = ini_allowed_options
[rule/allowed_prompting_passkey_subsec_options]
validator = ini_allowed_options
-section_re = ^prompting/passkey/[^/\@]\+$
+section_re = ^prompting/passkey/[^/\@]\{1,\}$
option = interactive
option = interactive_prompt
@@ -352,7 +352,7 @@ validator = ini_allowed_options
[rule/allowed_domain_options]
validator = ini_allowed_options
-section_re = ^\(domain\|application\)/[^/]\+$
+section_re = ^(domain|application)/[^/]\{1,\}$
option = debug
option = debug_level
@@ -810,7 +810,7 @@ validator = ini_allowed_options
[rule/allowed_subdomain_options]
validator = ini_allowed_options
-section_re = ^domain/[^/\@]\+/[^/\@]\+$
+section_re = ^domain/[^/\@]+/[^/\@]\{1,\}$
option = ldap_search_base
option = ldap_user_search_base
@@ -832,7 +832,7 @@ validator = ini_allowed_options
[rule/allowed_certmap_options]
validator = ini_allowed_options
-section_re = ^certmap/[^/\@]\+/[^/\@]\+$
+section_re = ^certmap/[^/\@]+/[^/\@]\{1,\}$
option = matchrule
option = maprule