summaryrefslogtreecommitdiff
blob: 56f00ec57d0c542472759a7790dd7e4e76484cac (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
# Copyright 1999-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2

EAPI=8

PYTHON_COMPAT=( python3_{10..12} )
inherit autotools python-r1 s6 systemd tmpfiles multilib-minimal

DESCRIPTION="NSS module for name lookups using LDAP"
HOMEPAGE="https://arthurdejong.org/nss-pam-ldapd/"
SRC_URI="https://arthurdejong.org/${PN}/${P}.tar.gz"

LICENSE="LGPL-2.1"
SLOT="0"
KEYWORDS="~alpha ~amd64 ~arm ~hppa ~mips ~ppc ~ppc64 ~sparc ~x86"
IUSE="debug kerberos +pam pynslcd sasl selinux test +utils"
REQUIRED_USE="
	${PYTHON_REQUIRED_USE}
	utils? ( ${PYTHON_REQUIRED_USE} )
	kerberos? ( sasl )
	test? ( ${PYTHON_REQUIRED_USE} pynslcd )
"
RESTRICT="!test? ( test )"

RDEPEND="
	acct-group/nslcd
	acct-user/nslcd
	net-nds/openldap:=[${MULTILIB_USEDEP}]
	sasl? ( dev-libs/cyrus-sasl[${MULTILIB_USEDEP}] )
	kerberos? ( virtual/krb5[${MULTILIB_USEDEP}] )
	sys-libs/pam[${MULTILIB_USEDEP}]
	utils? ( ${PYTHON_DEPS} )
	pynslcd? (
		dev-python/python-ldap[${PYTHON_USEDEP}]
		dev-python/python-daemon[${PYTHON_USEDEP}]
	)
	elibc_musl? ( sys-libs/musl-nscd )
	!sys-auth/nss_ldap
	!sys-auth/pam_ldap
"
DEPEND="${RDEPEND}"
BDEPEND="
	${PYTHON_DEPS}
	test? ( dev-python/pylint[${PYTHON_USEDEP}] )
"
RDEPEND+=" selinux? ( sec-policy/selinux-nslcd )"

PATCHES=(
	"${FILESDIR}"/nss-pam-ldapd-0.9.4-disable-py3-only-linters.patch
	"${FILESDIR}"/nss-pam-ldapd-0.9.11-use-mkstemp.patch
	"${FILESDIR}"/nss-pam-ldapd-0.9.11-relative-imports.patch
	"${FILESDIR}"/nss-pam-ldapd-0.9.11-tests.patch
	"${FILESDIR}"/nss-pam-ldapd-0.9.11-tests-py39.patch
	"${FILESDIR}"/nss-pam-ldapd-0.9.12-netdb-defines.patch
	"${FILESDIR}"/nss-pam-ldapd-0.9.12-configure-CFLAGS-decontamination.patch
)

pkg_setup() {
	[[ ${MERGE_TYPE} != binary ]] && python_setup
}

src_prepare() {
	default

	touch pynslcd/__init__.py || die "Could not create __init__.py for pynslcd"
	mv pynslcd/pynslcd.py pynslcd/main.py || die

        find "${S}" -name Makefile.am -exec \
        sed -e '/^AM_CFLAGS/ s/$/ \$(DEBUG_CFLAGS) \$(EXTRA_CFLAGS)/g' \
        -i {} \; || die

	eautoreconf
}

multilib_src_configure() {
	local myconf=(
		--disable-utils
		--enable-warnings
		--with-ldap-lib=openldap
		--with-ldap-conf-file="${EPREFIX}"/etc/nslcd.conf
		--with-nslcd-pidfile=/run/nslcd/nslcd.pid
		--with-nslcd-socket=/run/nslcd/socket
		--with-nss-flavour=glibc
		$(use_enable pynslcd)
		$(use_enable debug)
		$(use_enable kerberos)
		$(use_enable pam)
		$(use_enable sasl)

		# nss libraries always go in /lib on Gentoo
		--with-pam-seclib-dir="${EPREFIX}"/$(get_libdir)/security
		--libdir="${EPREFIX}"/$(get_libdir)
	)
	ECONF_SOURCE="${S}" econf "${myconf[@]}"
}

multilib_src_test() {
	python_test() {
		cp -l "${S}"/pynslcd/*.py pynslcd/ || die "Could not copy python files for tests"
		nonfatal emake check || die "tests failed with ${EPYTHON}"
	}

	pushd "${BUILD_DIR}" >/dev/null || die
	ln -s ../pynslcd/constants.py utils/constants.py || die
	python_foreach_impl python_test
	popd >/dev/null || die
}

multilib_src_install() {
	emake DESTDIR="${D}" install

	if use pynslcd; then
		python_moduleinto pynslcd
		python_foreach_impl python_domodule pynslcd/*.py
	fi
}

multilib_src_install_all() {
	einstalldocs

	newinitd "${FILESDIR}"/nslcd.init nslcd
	s6_install_service nslcd "${FILESDIR}"/nslcd.s6

	insinto /usr/share/nss-pam-ldapd
	doins "${WORKDIR}"/${P}/nslcd.conf

	fperms o-r /etc/nslcd.conf

	if use utils; then
		python_moduleinto nslcd
		python_foreach_impl python_domodule utils/*.py

		local script
		for script in chsh getent; do
			python_foreach_impl python_newscript utils/${script}.py ${script}.ldap
		done
	fi
	if use pynslcd; then
		rm -rf "${ED}"/usr/share/pynslcd || die
		python_moduleinto pynslcd
		python_foreach_impl python_domodule pynslcd/*.py
		python_scriptinto /usr/sbin
		python_foreach_impl python_newscript pynslcd/main.py pynslcd
		newinitd "${FILESDIR}"/pynslcd.init pynslcd
	fi

	newtmpfiles "${FILESDIR}"/nslcd-tmpfiles.conf nslcd.conf
	systemd_newunit "${FILESDIR}"/nslcd.service nslcd.service
}

pkg_postinst() {
	tmpfiles_process nslcd.conf

	elog "For this to work you must configure /etc/nslcd.conf"
	elog "This configuration is similar to pam_ldap's /etc/ldap.conf"
	elog
	elog "In order to use nss-pam-ldapd, nslcd needs to be running. You can"
	elog "start it like this:"
	elog "  # /etc/init.d/nslcd start"
	elog
	elog "You can add it to the default runlevel like so:"
	elog " # rc-update add nslcd default"
	elog
	elog "If you have >=sys-apps/openrc-0.16.3, you can also use s6"
	elog "to supervise this service."
	elog "To do this, emerge sys-apps/s6 then add nslcd-s6"
	elog "default runlevel instead of nslcd."
	elog
	elog "If you are upgrading, keep in mind that /etc/nss-ldapd.conf"
	elog " is now named /etc/nslcd.conf"
}