Arch Linux User Repository

fossdd, added you as co maintainer, and updated to kanidm-1.2.3.

hey, i'd like to co-maintain this package as I also maintain the Alpine Linux port of kanidm. I'd upgrade kanidm to 1.2.3 as this would ig. also fix the current build issue.

Hey folks, this package is failing to build because you're building everything - (ref https://github.com/kanidm/kanidm/issues/2751) can I suggest you build the specific binaries instead of the dev things like Orca?

@DevPGSV thanks for sharing and the notification. I have updated the PKGBUILD.

I had the need to use:

• kanidm 1.1.0-alpha.12

As I needed to connect to a server with:

• kanidmd 1.1.0-alpha.12

And there is a JWT incompatibility between alpha.11 (current package build) and alpha.12 (latest available version).

I ended up with a working version:

diff --git a/PKGBUILD b/PKGBUILD
index b6c9a4e..74ad4f9 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -16,7 +16,7 @@ pkgname=(
    $_basename-server
    $_basename-unixd-clients
 )
-pkgver=1.1.0_alpha.11
+pkgver=1.1.0_alpha.12
 _realver=${pkgver/_/-}
 pkgrel=1
 pkgdesc='A identity management service and clients.'
@@ -25,13 +25,13 @@ source=("$_basename-$pkgver.tar.gz::https://github.com/$_basename/$_basename/arc
 arch=(x86_64 aarch64)
 license=(MPL-2.0)
 makedepends=(cargo systemd)
-sha256sums=('78c12b14441c554edce8ff3801bd31878e25c474098d64d4bb4d06165c559027')
+sha256sums=('6c1e807278e1f90d2ede930dcc612c0da1b6f9e18ed4046771cbaa125af4d296')


 build () {
   cd ${pkgbase}-$_realver

-  export KANIDM_BUILD_PROFILE="release_suse_x86_64"
+  export KANIDM_BUILD_PROFILE="release_suse_generic"
   cargo build --locked --release --target-dir target
 }

@@ -73,6 +73,7 @@ package_kanidm-server () {
   install -Dm644 platform/opensuse/kanidmd.service "${pkgdir}/usr/lib/systemd/system/kanidmd.service"

   install -Dm755 target/release/kanidmd "${pkgdir}/usr/bin/kanidmd"
+  install -Dm755 target/release/kanidm-ipa-sync "${pkgdir}/usr/bin/kanidm-ipa-sync"

   install -Dm644 target/release/build/completions/_kanidmd "${pkgdir}/usr/share/zsh/site-functions/_kanidmd"

@@ -81,7 +82,7 @@ package_kanidm-server () {

   # add web-ui files
   install -dv "${pkgdir}/usr/share/kanidm/ui/"
-  cp -r kanidmd_web_ui/pkg "${pkgdir}/usr/share/kanidm/ui/"
+  cp -r server/web_ui/pkg "${pkgdir}/usr/share/kanidm/ui/"
 }

 package_kanidm-unixd-clients () {
@@ -99,23 +100,17 @@ package_kanidm-unixd-clients () {
   install -Dm755 target/release/libnss_kanidm.so "${pkgdir}/usr/lib/libnss_kanidm.so.2"
   install -Dm755 target/release/libpam_kanidm.so "${pkgdir}/usr/lib/security/pam_kanidm.so"

-  install -Dm755 target/release/kanidm_cache_clear "${pkgdir}/usr/bin/kanidm_cache_clear"
-  install -Dm755 target/release/kanidm_cache_invalidate "${pkgdir}/usr/bin/kanidm_cache_invalidate"
   install -Dm755 target/release/kanidm_ssh_authorizedkeys "${pkgdir}/usr/bin/kanidm_ssh_authorizedkeys"
   install -Dm755 target/release/kanidm_ssh_authorizedkeys_direct "${pkgdir}/usr/bin/kanidm_ssh_authorizedkeys_direct"
+  install -Dm755 target/release/kanidm-unix "${pkgdir}/usr/bin/kanidm-unix"
   install -Dm755 target/release/kanidm_unixd "${pkgdir}/usr/bin/kanidm_unixd"
-  install -Dm755 target/release/kanidm_unixd_status "${pkgdir}/usr/bin/kanidm_unixd_status"
   install -Dm755 target/release/kanidm_unixd_tasks "${pkgdir}/usr/bin/kanidm_unixd_tasks"

   install -Dm644 target/release/build/completions/_kanidm_ssh_authorizedkeys_direct "${pkgdir}/usr/share/zsh/site-functions/_kanidm_ssh_authorizedkeys_direct"
-  install -Dm644 target/release/build/completions/_kanidm_cache_clear "${pkgdir}/usr/share/zsh/site-functions/_kanidm_cache_clear"
-  install -Dm644 target/release/build/completions/_kanidm_cache_invalidate "${pkgdir}/usr/share/zsh/site-functions/_kanidm_cache_invalidate"
   install -Dm644 target/release/build/completions/_kanidm_ssh_authorizedkeys "${pkgdir}/usr/share/zsh/site-functions/_kanidm_ssh_authorizedkeys"
-  install -Dm644 target/release/build/completions/_kanidm_unixd_status "${pkgdir}/usr/share/zsh/site-functions/_kanidm_unixd_status"
+  install -Dm644 target/release/build/completions/_kanidm_unix "${pkgdir}/usr/share/zsh/site-functions/_kanidm_unix"

   install -Dm644 target/release/build/completions/kanidm_ssh_authorizedkeys_direct.bash "${pkgdir}/usr/share/bash-completion/completions/kanidm_ssh_authorizedkeys_direct.sh"
-  install -Dm644 target/release/build/completions/kanidm_cache_clear.bash "${pkgdir}/usr/share/bash-completion/completions/kanidm_cache_clear.sh"
-  install -Dm644 target/release/build/completions/kanidm_cache_invalidate.bash "${pkgdir}/usr/share/bash-completion/completions/kanidm_cache_invalidate.sh"
   install -Dm644 target/release/build/completions/kanidm_ssh_authorizedkeys.bash "${pkgdir}/usr/share/bash-completion/completions/kanidm_ssh_authorizedkeys.sh"
-  install -Dm644 target/release/build/completions/kanidm_unixd_status.bash "${pkgdir}/usr/share/bash-completion/completions/kanidm_unixd_status.sh"
+  install -Dm644 target/release/build/completions/kanidm_unix.bash "${pkgdir}/usr/share/bash-completion/completions/kanidm_unix.sh"
 }

@cubi, thanks for asking thoughts concerning a metapackage. my reasoning centers around why "metapackage" as such do exist: https://lists.archlinux.org/pipermail/arch-dev-public/2019-January/029435.html. using such a concept for kanidm seems overkill. we only have server and client and a single dependency.

why i like to have 2 versions installed, @cubi? mainly to set the path and try without going through any complication of creating directories, checking out, separate builds etc. just set the path and try one or the other, for typical client apps very practical. python2, python3, java11, java17, swiftlang-5.4.2, swiftlang-5.5, and so on. for kanidm it would not rebuild, but just register the services for one or the other. but - i did not want to do it yet and thus not really missed the feature ... so lets not move and wait until sombody is missing it more :)

Hi @soloturn, sorry missed your post here.

I think the official release version and the git builds should conflict. I already had a case of different server and client versions, which puzzled me a lot. In that case the client was not able to correctly communicate with the Server. Furthermore, as far as I have seen, this is pretty common practice, e.g., paru and makes a lot sense to me as well.

Why would you want to mix/install different versions of kanidm in parallel?

Well, for convenience I created a package that just depends on the server, unixd, clients. Mainly because I wanted to be sure to keep versions in sync. So I can easily update/remove all kanidm related packages. I was think of putting the server as optional. As most install will probably use the client tooling, I guess.

What are your thoughts on that?

thanks cubi for the commit. did you try to create a meta package for kanidm (https://wiki.archlinux.org/title/Meta_package_and_package_group) and if yes, what is the thought process behind?

second, beeing able to install kanidm and kanidm-git in parallel would be quite helpful, therefor i deliberately did not conflict them. they still have overlapping directories though if i am not wrong.