diff options
author | soloturn | 2021-06-25 07:15:59 +0200 |
---|---|---|
committer | soloturn | 2021-06-25 07:16:26 +0200 |
commit | 0c096937d3df8f108cd7157852b5a086bdc46381 (patch) | |
tree | 78f8db8ca96c8c45aed2c41999c69441f692995d | |
parent | df416a59da04e494c2fc086aa215eedf8682b3d4 (diff) | |
download | aur-0c096937d3df8f108cd7157852b5a086bdc46381.tar.gz |
service files now in src
-rw-r--r-- | .SRCINFO | 3 | ||||
-rw-r--r-- | PKGBUILD | 23 | ||||
-rw-r--r-- | kanidm-unixd-tasks.service | 32 | ||||
-rw-r--r-- | kanidm-unixd.service | 38 | ||||
-rw-r--r-- | kanidmd.service | 31 | ||||
-rw-r--r-- | server.toml | 8 |
6 files changed, 14 insertions, 121 deletions
@@ -1,6 +1,6 @@ pkgbase = kanidm-git pkgdesc = A identity management service and clients. - pkgver = v1.1.0.alpha.4.r0.g0ac5da8 + pkgver = v1.1.0.alpha.4.r55.g9f5d854 pkgrel = 1 url = https://github.com/kanidm/kanidm arch = x86_64 @@ -25,4 +25,3 @@ pkgname = kanidm-git-unixd-clients pkgdesc = kanidm localhost resolver to resolve posix identities to a kanidm instance. provides = kanidm-unixd-clients conflicts = kanidm-unixd-clients - @@ -1,18 +1,18 @@ # kanidm service, the following still needs clarification or work: # -# * kanidm-unixd-tasks should be installed as soon as merged in upstream master # * check the systemd units on their preconditions, especially nptd, ... # as they are a copy of suse service files from https://build.opensuse.org/package/view_file/home:firstyear:kanidm/kanidm:w # * systemd activate and run should be added to package if this is so with other arch packages # # if somebody wants to maintain or contribute, just drop a note, i will add you. +# Maintainer: cubi <coyote_x@gmx.de> # Maintainer: soloturn@gmail.com _basename=kanidm pkgbase=kanidm-git pkgname=($pkgbase-clients $pkgbase-server $pkgbase-unixd-clients) -pkgver=v1.1.0.alpha.4.r0.g0ac5da8 +pkgver=v1.1.0.alpha.4.r55.g9f5d854 pkgrel=1 pkgdesc='A identity management service and clients.' url='https://github.com/kanidm/kanidm' @@ -62,9 +62,9 @@ package_kanidm-git-server () { install -Dm755 target/release/kanidmd "${pkgdir}/usr/bin/kanidmd" install -Dm755 target/release/kanidm_badlist_preprocess "${pkgdir}/usr/bin/kanidm_badlist_preprocess" - install -Dm644 $srcdir/../server.toml "$pkgdir/etc/kanidm/server.toml" + install -Dm644 kanidmd/server.toml "$pkgdir/etc/kanidm/server.toml" - install -Dm644 $srcdir/../kanidmd.service "$pkgdir/usr/lib/systemd/system/kanidmd.service" + install -Dm644 platform/opensuse/kanidmd.service "$pkgdir/usr/lib/systemd/system/kanidmd.service" install -Dm644 target/release/_completions/_kanidmd "${pkgdir}/usr/share/zsh/site-functions/_kanidmd" install -Dm644 target/release/_completions/_kanidm_badlist_preprocess "${pkgdir}/usr/share/zsh/site-functions/_kanidm_badlist_preprocess" @@ -80,8 +80,8 @@ package_kanidm-git-unixd-clients () { cd "$pkgbase" - install -Dm755 target/release/libnss_kanidm.so "${pkgdir}/usr/lib/libnss_kanidm.so" - install -Dm755 target/release/libpam_kanidm.so "${pkgdir}/usr/lib/security/libpam_kanidm.so" + install -Dm755 target/release/libnss_kanidm.so "${pkgdir}/usr/lib/libnss_kanidm.so.2" + install -Dm755 target/release/libpam_kanidm.so "${pkgdir}/usr/lib/security/pam_kanidm.so" install -Dm755 target/release/kanidm_cache_clear "${pkgdir}/usr/bin/kanidm_cache_clear" install -Dm755 target/release/kanidm_cache_invalidate "${pkgdir}/usr/bin/kanidm_cache_invalidate" @@ -89,22 +89,25 @@ package_kanidm-git-unixd-clients () { install -Dm755 target/release/kanidm_ssh_authorizedkeys_direct "${pkgdir}/usr/bin/kanidm_ssh_authorizedkeys_direct" install -Dm755 target/release/kanidm_unixd "${pkgdir}/usr/bin/kanidm_unixd" install -Dm755 target/release/kanidm_unixd_status "${pkgdir}/usr/bin/kanidm_unixd_status" - # as soon as merged into master upstream - # install -Dm755 target/release/kanidm_unixd_status "${pkgdir}/usr/bin/kanidm_unixd_tasks" + install -Dm755 target/release/kanidm_unixd_tasks "${pkgdir}/usr/bin/kanidm_unixd_tasks" - install -Dm644 $srcdir/../kanidm-unixd.service "$pkgdir/usr/lib/systemd/system/kanidm-unixd.service" - install -Dm644 $srcdir/../kanidm-unixd.service "$pkgdir/usr/lib/systemd/system/kanidm-unixd-tasks.service" + install -Dm644 platform/opensuse/kanidm-unixd.service "$pkgdir/usr/lib/systemd/system/kanidm-unixd.service" + install -Dm644 platform/opensuse/kanidm-unixd-tasks.service "$pkgdir/usr/lib/systemd/system/kanidm-unixd-tasks.service" install -Dm644 target/release/_completions/_kanidm_ssh_authorizedkeys_direct "${pkgdir}/usr/share/zsh/site-functions/_kanidm_ssh_authorizedkeys_direct" install -Dm644 target/release/_completions/_kanidm_cache_clear "${pkgdir}/usr/share/zsh/site-functions/_kanidm_cache_clear" install -Dm644 target/release/_completions/_kanidm_cache_invalidate "${pkgdir}/usr/share/zsh/site-functions/_kanidm_cache_invalidate" install -Dm644 target/release/_completions/_kanidm_ssh_authorizedkeys "${pkgdir}/usr/share/zsh/site-functions/_kanidm_ssh_authorizedkeys" install -Dm644 target/release/_completions/_kanidm_unixd_status "${pkgdir}/usr/share/zsh/site-functions/_kanidm_unixd_status" +# TODO as soon its there +# install -Dm644 target/release/_completions/_kanidm_unixd_tasks_status "${pkgdir}/usr/share/zsh/site-functions/_kanidm_unixd_tasks_status" install -Dm644 target/release/_completions/kanidm_ssh_authorizedkeys_direct.bash "${pkgdir}/usr/share/bash-completion/completions/kanidm_ssh_authorizedkeys_direct.sh" install -Dm644 target/release/_completions/kanidm_cache_clear.bash "${pkgdir}/usr/share/bash-completion/completions/kanidm_cache_clear.sh" install -Dm644 target/release/_completions/kanidm_cache_invalidate.bash "${pkgdir}/usr/share/bash-completion/completions/kanidm_cache_invalidate.sh" install -Dm644 target/release/_completions/kanidm_ssh_authorizedkeys.bash "${pkgdir}/usr/share/bash-completion/completions/kanidm_ssh_authorizedkeys.sh" install -Dm644 target/release/_completions/kanidm_unixd_status.bash "${pkgdir}/usr/share/bash-completion/completions/kanidm_unixd_status.sh" +# TODO as soon its there +# install -Dm644 target/release/_completions/kanidm_unixd_tasks_status.bash "${pkgdir}/usr/share/bash-completion/completions/kanidm_unixd_tasks_status.sh" } diff --git a/kanidm-unixd-tasks.service b/kanidm-unixd-tasks.service deleted file mode 100644 index bab721dde042..000000000000 --- a/kanidm-unixd-tasks.service +++ /dev/null @@ -1,32 +0,0 @@ -# You should not need to edit this file. Instead, use a drop-in file: -# systemctl edit kanidm-unixd-tasks.service - -[Unit] -Description=Kanidm Local Tasks -After=chronyd.service ntpd.service network-online.target kanidm-unixd.service - -[Service] -User=root -Type=simple -ExecStart=/usr/bin/kanidm_unixd_tasks - -CapabilityBoundingSet=CAP_CHOWN CAP_FOWNER CAP_DAC_OVERRIDE CAP_DAC_READ_SEARCH -# SystemCallFilter=@aio @basic-io @chown @file-system @io-event @network-io @sync -ProtectSystem=strict -ReadWritePaths=/home /var/run/kanidm-unixd -RestrictAddressFamilies=AF_UNIX -NoNewPrivileges=true -PrivateTmp=true -PrivateDevices=true -PrivateNetwork=true -ProtectHostname=true -ProtectClock=true -ProtectKernelTunables=true -ProtectKernelModules=true -ProtectKernelLogs=true -ProtectControlGroups=true -MemoryDenyWriteExecute=true - -[Install] -WantedBy=multi-user.target - diff --git a/kanidm-unixd.service b/kanidm-unixd.service deleted file mode 100644 index e9b782bf49c0..000000000000 --- a/kanidm-unixd.service +++ /dev/null @@ -1,38 +0,0 @@ -# You should not need to edit this file. Instead, use a drop-in file: -# systemctl edit kanidm-unixd.service - -[Unit] -Description=Kanidm Local Client Resolver -After=chronyd.service ntpd.service network-online.target - -[Service] -DynamicUser=yes -UMask=0027 -CacheDirectory=kanidm-unixd -RuntimeDirectory=kanidm-unixd - -Type=simple -ExecStart=/usr/bin/kanidm_unixd - -# Implied by dynamic user. -# ProtectHome= -# ProtectSystem=strict -# ReadWritePaths=/var/run/kanidm-unixd /var/cache/kanidm-unixd - -# SystemCallFilter=@aio @basic-io @chown @file-system @io-event @network-io @sync -NoNewPrivileges=true -PrivateTmp=true -PrivateDevices=true -ProtectHostname=true -ProtectClock=true -ProtectKernelTunables=true -ProtectKernelModules=true -ProtectKernelLogs=true -ProtectControlGroups=true -MemoryDenyWriteExecute=true - -[Install] -WantedBy=multi-user.target - -# initial version copied from -# https://build.opensuse.org/package/view_file/home:firstyear:kanidm/kanidm diff --git a/kanidmd.service b/kanidmd.service deleted file mode 100644 index 51bad9e4bfa4..000000000000 --- a/kanidmd.service +++ /dev/null @@ -1,31 +0,0 @@ -# You should not need to edit this file. Instead, use a drop-in file as described in: -# /usr/lib/systemd/system/kanidmd.service.d/custom.conf - -[Unit] -Description=Kanidm Identity Server -After=chronyd.service ntpd.service network-online.target -Before=radiusd.service - -[Service] -Type=simple -DynamicUser=yes -UMask=0027 -StateDirectory=kanidmd -ExecStart=/usr/bin/kanidmd server -c /etc/kanidm/server.toml - -NoNewPrivileges=true -PrivateTmp=true -PrivateDevices=true -ProtectHostname=true -ProtectClock=true -ProtectKernelTunables=true -ProtectKernelModules=true -ProtectKernelLogs=true -ProtectControlGroups=true -MemoryDenyWriteExecute=true - -[Install] -WantedBy=multi-user.target - -# initial version copied from -# https://build.opensuse.org/package/view_file/home:firstyear:kanidm/kanidm diff --git a/server.toml b/server.toml deleted file mode 100644 index 4e9e1160e1f2..000000000000 --- a/server.toml +++ /dev/null @@ -1,8 +0,0 @@ -bindaddress = "127.0.0.1:8443" -# ldapbindaddress = "127.0.0.1:3636" -db_path = "/var/lib/kanidmd/kanidm.db" -# tls_ca = "/var/lib/kanidmd/ca.pem" -# tls_cert = "/var/lib/kanidmd/cert.pem" -# tls_key = "/var/lib/kanidmd/key.pem" -# log_level = " - |