Package Base Details: kanidm

Git Clone URL: (read-only, click to copy)
Keywords: authentication iam identity identity-management idm ldap oidc radius rust scim security ssh-authentication webauthn
Submitter: soloturn
Maintainer: soloturn (cubi)
Last Packager: cubi
Votes: 3
Popularity: 0.059022
First Submitted: 2021-04-02 14:45 (UTC)
Last Updated: 2024-05-01 09:22 (UTC)

Latest Comments

1 2 Next › Last »

fossdd commented on 2024-06-06 10:15 (UTC)

hey, i'd like to co-maintain this package as I also maintain the Alpine Linux port of kanidm. I'd upgrade kanidm to 1.2.3 as this would ig. also fix the current build issue.

yaleman commented on 2024-05-06 22:02 (UTC)

Hey folks, this package is failing to build because you're building everything - (ref can I suggest you build the specific binaries instead of the dev things like Orca?

cubi commented on 2023-05-10 20:03 (UTC)

@DevPGSV thanks for sharing and the notification. I have updated the PKGBUILD.

DevPGSV commented on 2023-05-09 22:51 (UTC) (edited on 2023-05-09 22:52 (UTC) by DevPGSV)

I had the need to use:

  • kanidm 1.1.0-alpha.12

As I needed to connect to a server with:

  • kanidmd 1.1.0-alpha.12

And there is a JWT incompatibility between alpha.11 (current package build) and alpha.12 (latest available version).

I ended up with a working version:

diff --git a/PKGBUILD b/PKGBUILD
index b6c9a4e..74ad4f9 100644
@@ -16,7 +16,7 @@ pkgname=(
 pkgdesc='A identity management service and clients.'
@@ -25,13 +25,13 @@ source=("$_basename-$pkgver.tar.gz::$_basename/$_basename/arc
 arch=(x86_64 aarch64)
 makedepends=(cargo systemd)

 build () {
   cd ${pkgbase}-$_realver

-  export KANIDM_BUILD_PROFILE="release_suse_x86_64"
+  export KANIDM_BUILD_PROFILE="release_suse_generic"
   cargo build --locked --release --target-dir target

@@ -73,6 +73,7 @@ package_kanidm-server () {
   install -Dm644 platform/opensuse/kanidmd.service "${pkgdir}/usr/lib/systemd/system/kanidmd.service"

   install -Dm755 target/release/kanidmd "${pkgdir}/usr/bin/kanidmd"
+  install -Dm755 target/release/kanidm-ipa-sync "${pkgdir}/usr/bin/kanidm-ipa-sync"

   install -Dm644 target/release/build/completions/_kanidmd "${pkgdir}/usr/share/zsh/site-functions/_kanidmd"

@@ -81,7 +82,7 @@ package_kanidm-server () {

   # add web-ui files
   install -dv "${pkgdir}/usr/share/kanidm/ui/"
-  cp -r kanidmd_web_ui/pkg "${pkgdir}/usr/share/kanidm/ui/"
+  cp -r server/web_ui/pkg "${pkgdir}/usr/share/kanidm/ui/"

 package_kanidm-unixd-clients () {
@@ -99,23 +100,17 @@ package_kanidm-unixd-clients () {
   install -Dm755 target/release/ "${pkgdir}/usr/lib/"
   install -Dm755 target/release/ "${pkgdir}/usr/lib/security/"

-  install -Dm755 target/release/kanidm_cache_clear "${pkgdir}/usr/bin/kanidm_cache_clear"
-  install -Dm755 target/release/kanidm_cache_invalidate "${pkgdir}/usr/bin/kanidm_cache_invalidate"
   install -Dm755 target/release/kanidm_ssh_authorizedkeys "${pkgdir}/usr/bin/kanidm_ssh_authorizedkeys"
   install -Dm755 target/release/kanidm_ssh_authorizedkeys_direct "${pkgdir}/usr/bin/kanidm_ssh_authorizedkeys_direct"
+  install -Dm755 target/release/kanidm-unix "${pkgdir}/usr/bin/kanidm-unix"
   install -Dm755 target/release/kanidm_unixd "${pkgdir}/usr/bin/kanidm_unixd"
-  install -Dm755 target/release/kanidm_unixd_status "${pkgdir}/usr/bin/kanidm_unixd_status"
   install -Dm755 target/release/kanidm_unixd_tasks "${pkgdir}/usr/bin/kanidm_unixd_tasks"

   install -Dm644 target/release/build/completions/_kanidm_ssh_authorizedkeys_direct "${pkgdir}/usr/share/zsh/site-functions/_kanidm_ssh_authorizedkeys_direct"
-  install -Dm644 target/release/build/completions/_kanidm_cache_clear "${pkgdir}/usr/share/zsh/site-functions/_kanidm_cache_clear"
-  install -Dm644 target/release/build/completions/_kanidm_cache_invalidate "${pkgdir}/usr/share/zsh/site-functions/_kanidm_cache_invalidate"
   install -Dm644 target/release/build/completions/_kanidm_ssh_authorizedkeys "${pkgdir}/usr/share/zsh/site-functions/_kanidm_ssh_authorizedkeys"
-  install -Dm644 target/release/build/completions/_kanidm_unixd_status "${pkgdir}/usr/share/zsh/site-functions/_kanidm_unixd_status"
+  install -Dm644 target/release/build/completions/_kanidm_unix "${pkgdir}/usr/share/zsh/site-functions/_kanidm_unix"

   install -Dm644 target/release/build/completions/kanidm_ssh_authorizedkeys_direct.bash "${pkgdir}/usr/share/bash-completion/completions/"
-  install -Dm644 target/release/build/completions/kanidm_cache_clear.bash "${pkgdir}/usr/share/bash-completion/completions/"
-  install -Dm644 target/release/build/completions/kanidm_cache_invalidate.bash "${pkgdir}/usr/share/bash-completion/completions/"
   install -Dm644 target/release/build/completions/kanidm_ssh_authorizedkeys.bash "${pkgdir}/usr/share/bash-completion/completions/"
-  install -Dm644 target/release/build/completions/kanidm_unixd_status.bash "${pkgdir}/usr/share/bash-completion/completions/"
+  install -Dm644 target/release/build/completions/kanidm_unix.bash "${pkgdir}/usr/share/bash-completion/completions/"

soloturn commented on 2021-10-09 04:34 (UTC) (edited on 2021-10-09 04:34 (UTC) by soloturn)

@cubi, thanks for asking thoughts concerning a metapackage. my reasoning centers around why "metapackage" as such do exist: using such a concept for kanidm seems overkill. we only have server and client and a single dependency.

soloturn commented on 2021-10-08 16:32 (UTC) (edited on 2021-10-08 16:35 (UTC) by soloturn)

why i like to have 2 versions installed, @cubi? mainly to set the path and try without going through any complication of creating directories, checking out, separate builds etc. just set the path and try one or the other, for typical client apps very practical. python2, python3, java11, java17, swiftlang-5.4.2, swiftlang-5.5, and so on. for kanidm it would not rebuild, but just register the services for one or the other. but - i did not want to do it yet and thus not really missed the feature ... so lets not move and wait until sombody is missing it more :)

cubi commented on 2021-07-22 17:55 (UTC)

Hi @soloturn, sorry missed your post here.

I think the official release version and the git builds should conflict. I already had a case of different server and client versions, which puzzled me a lot. In that case the client was not able to correctly communicate with the Server. Furthermore, as far as I have seen, this is pretty common practice, e.g., paru and makes a lot sense to me as well.

Why would you want to mix/install different versions of kanidm in parallel?

Well, for convenience I created a package that just depends on the server, unixd, clients. Mainly because I wanted to be sure to keep versions in sync. So I can easily update/remove all kanidm related packages. I was think of putting the server as optional. As most install will probably use the client tooling, I guess.

What are your thoughts on that?

soloturn commented on 2021-07-10 10:49 (UTC) (edited on 2021-07-10 10:51 (UTC) by soloturn)

thanks cubi for the commit. did you try to create a meta package for kanidm ( and if yes, what is the thought process behind?

second, beeing able to install kanidm and kanidm-git in parallel would be quite helpful, therefor i deliberately did not conflict them. they still have overlapping directories though if i am not wrong.

soloturn commented on 2021-06-25 01:38 (UTC)

made you co-maintainer, @cubi, thanks for the patch and hints!