Search Criteria
Package Details: kanidm-server 1.4.2-2
Package Actions
Git Clone URL: | https://aur.archlinux.org/kanidm.git (read-only, click to copy) |
---|---|
Package Base: | kanidm |
Description: | kanidm server for idendity management, supports RADIUS, ssh key management. |
Upstream URL: | https://github.com/kanidm/kanidm |
Keywords: | authentication iam identity identity-management idm ldap oidc radius rust scim security ssh-authentication webauthn |
Licenses: | MPL-2.0 |
Conflicts: | kanidm-server-git |
Provides: | kanidm-server |
Submitter: | soloturn |
Maintainer: | soloturn (cubi, fossdd, Doridian) |
Last Packager: | Doridian |
Votes: | 5 |
Popularity: | 1.69 |
First Submitted: | 2021-04-02 14:45 (UTC) |
Last Updated: | 2024-11-16 18:18 (UTC) |
Dependencies (3)
- libgit2 (libgit2-gitAUR)
- cargo (rustup-gitAUR, rust-nightly-binAUR, rust-gitAUR, rust-beta-binAUR, rust, rustup) (make)
- systemd (systemd-chromiumosAUR, systemd-selinuxAUR, sysupdated-systemd-gitAUR, systemd-gitAUR, systemd-fmlAUR) (make)
Latest Comments
1 2 Next › Last »
Doridian commented on 2024-11-16 20:14 (UTC) (edited on 2024-11-16 20:15 (UTC) by Doridian)
On some Linux distributions, there is a group called
shadow
. This group is the group of/etc/shadow
, which on those systems is chmod 640This is I think mainly to permit
unix_chkpwd
to verify passwords without being setuid-root (and instead being setgid-shadow). On Arch,unix_chkpwd
is setuid+setgid-root and/etc/shadow
is chmod 600 and owned by user+group rootWhy Arch chose to use setuid-root instead of setgid-shadow, I do not know
soloturn commented on 2024-11-16 20:05 (UTC)
where does shadow come from and what is it for here? resp - why it is different on arch than on others?
Doridian commented on 2024-11-16 18:19 (UTC)
For now I have pushed a new release with a patch to remove
shadow
from the service definition so people upgrading don't have a chance to break their system.I'll read through that GitHub issue, thanks.
soloturn commented on 2024-11-16 09:15 (UTC) (edited on 2024-11-16 09:16 (UTC) by soloturn)
doridian, with pleasure. added you as co maintainer. there is a recent discussion on kanidm github how to build the package so the build does not break so often: https://github.com/kanidm/kanidm/issues/2751.
Doridian commented on 2024-11-15 23:27 (UTC) (edited on 2024-11-16 00:55 (UTC) by Doridian)
Just installed this package and noticed an issue:
/usr/lib/systemd/system/kanidm-unixd.service
refers toshadow
inSupplementaryGroups
. Arch (at least on any of my systems) does not have a group calledshadow
, causing kanidm-unixd to fail to start (well, causing systemd to fail to start it, rather).Likely just a simple patch to remove the group from the service file? For now I did a
groupadd shadow
to bypass the startup failure, and everything else seems to be just fine.Doridian commented on 2024-11-15 20:37 (UTC) (edited on 2024-11-15 23:21 (UTC) by Doridian)
Hey, is any help needed maintaining this package? I'd love to help if that's the case.
I noticed recently 1.4.x released 2 weeks ago and the 1.3.3 version currently released also seems to no longer build for me on current Arch.
For now I have created my own copy of this repo on GitHub with a working 1.4.2 build: https://github.com/Doridian/kanidm-aur/commit/a6e17e49649360fd12eff2e1e2ab5072fbd0859e (they forgot to update their lockfile hence the .patch being needed for specifically 1.4.2 to make --locked work)//EDIT: Updated git hash as I realized I initially broke the server package build due to WebUI updates, fixed and tested that it works this time!
//EDIT2: Just noticed it was updated. Thanks :)
soloturn commented on 2024-07-19 22:25 (UTC) (edited on 2024-07-19 22:37 (UTC) by soloturn)
fossdd, added you as co maintainer, and updated to kanidm-1.2.3.
fossdd commented on 2024-06-06 10:15 (UTC)
hey, i'd like to co-maintain this package as I also maintain the Alpine Linux port of kanidm. I'd upgrade kanidm to 1.2.3 as this would ig. also fix the current build issue.
yaleman commented on 2024-05-06 22:02 (UTC)
Hey folks, this package is failing to build because you're building everything - (ref https://github.com/kanidm/kanidm/issues/2751) can I suggest you build the specific binaries instead of the dev things like Orca?
1 2 Next › Last »