Andrew Geissler | 517393d | 2023-01-13 08:55:19 -0600 | [diff] [blame] | 1 | SUMMARY = "A network authentication protocol" |
| 2 | DESCRIPTION = "Kerberos is a system for authenticating users and services on a network. \ |
| 3 | Kerberos is a trusted third-party service. That means that there is a \ |
| 4 | third party (the Kerberos server) that is trusted by all the entities on \ |
| 5 | the network (users and services, usually called "principals"). \ |
| 6 | . \ |
| 7 | This is the MIT reference implementation of Kerberos V5. \ |
| 8 | . \ |
| 9 | This package contains the Kerberos key server (KDC). The KDC manages all \ |
| 10 | authentication credentials for a Kerberos realm, holds the master keys \ |
| 11 | for the realm, and responds to authentication requests. This package \ |
| 12 | should be installed on both master and slave KDCs." |
| 13 | |
| 14 | HOMEPAGE = "http://web.mit.edu/Kerberos/" |
| 15 | SECTION = "console/network" |
| 16 | LICENSE = "MIT" |
| 17 | LIC_FILES_CHKSUM = "file://${S}/../NOTICE;md5=1d31018dba5a0ef195eb426a1e61f02e" |
| 18 | |
| 19 | inherit autotools-brokensep binconfig perlnative systemd update-rc.d pkgconfig |
| 20 | |
| 21 | SHRT_VER = "${@oe.utils.trim_version("${PV}", 2)}" |
| 22 | SRC_URI = "http://web.mit.edu/kerberos/dist/${BPN}/${SHRT_VER}/${BP}.tar.gz \ |
| 23 | file://debian-suppress-usr-lib-in-krb5-config.patch;striplevel=2 \ |
| 24 | file://crosscompile_nm.patch \ |
| 25 | file://etc/init.d/krb5-kdc \ |
| 26 | file://etc/init.d/krb5-admin-server \ |
| 27 | file://etc/default/krb5-kdc \ |
| 28 | file://etc/default/krb5-admin-server \ |
| 29 | file://krb5-kdc.service \ |
| 30 | file://krb5-admin-server.service \ |
| 31 | " |
| 32 | SRC_URI[md5sum] = "73f5780e7b587ccd8b8cfc10c965a686" |
| 33 | SRC_URI[sha256sum] = "704aed49b19eb5a7178b34b2873620ec299db08752d6a8574f95d41879ab8851" |
| 34 | |
| 35 | CVE_PRODUCT = "kerberos" |
| 36 | CVE_VERSION = "5-${PV}" |
| 37 | |
| 38 | S = "${WORKDIR}/${BP}/src" |
| 39 | |
| 40 | DEPENDS = "bison-native ncurses util-linux e2fsprogs e2fsprogs-native openssl" |
| 41 | |
| 42 | PACKAGECONFIG ??= "pkinit" |
| 43 | PACKAGECONFIG[libedit] = "--with-libedit,--without-libedit,libedit" |
| 44 | PACKAGECONFIG[openssl] = "--with-crypto-impl=openssl,,openssl" |
| 45 | PACKAGECONFIG[keyutils] = "--with-keyutils,--without-keyutils,keyutils" |
| 46 | PACKAGECONFIG[ldap] = "--with-ldap,--without-ldap,openldap" |
| 47 | PACKAGECONFIG[readline] = "--with-readline,--without-readline,readline" |
| 48 | PACKAGECONFIG[pkinit] = "--enable-pkinit, --disable-pkinit" |
| 49 | |
| 50 | EXTRA_OECONF += "--with-system-et --disable-rpath" |
| 51 | CACHED_CONFIGUREVARS += "krb5_cv_attr_constructor_destructor=yes ac_cv_func_regcomp=yes \ |
| 52 | ac_cv_printf_positional=yes ac_cv_file__etc_environment=yes \ |
| 53 | ac_cv_file__etc_TIMEZONE=no" |
| 54 | |
| 55 | CFLAGS:append = " -fPIC -DDESTRUCTOR_ATTR_WORKS=1 -I${STAGING_INCDIR}/et" |
| 56 | CFLAGS:append:riscv64 = " -D_REENTRANT -pthread" |
| 57 | LDFLAGS:append = " -pthread" |
| 58 | |
| 59 | do_configure() { |
| 60 | gnu-configize --force |
| 61 | autoreconf |
| 62 | oe_runconf |
| 63 | } |
| 64 | |
| 65 | do_install:append() { |
| 66 | rm -rf ${D}/${localstatedir}/run |
| 67 | rm -f ${D}${bindir}/sclient |
| 68 | rm -f ${D}${bindir}/sim_client |
| 69 | rm -f ${D}${bindir}/uuclient |
| 70 | rm -f ${D}${sbindir}/krb5-send-pr |
| 71 | rm -f ${D}${sbindir}/sim_server |
| 72 | rm -f ${D}${sbindir}/sserver |
| 73 | rm -f ${D}${sbindir}/uuserver |
| 74 | |
| 75 | if ${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', 'true', 'false', d)}; then |
| 76 | mkdir -p ${D}/${sysconfdir}/init.d ${D}/${sysconfdir}/default |
| 77 | install -m 0755 ${WORKDIR}/etc/init.d/* ${D}/${sysconfdir}/init.d |
| 78 | install -m 0644 ${WORKDIR}/etc/default/* ${D}/${sysconfdir}/default |
| 79 | |
| 80 | mkdir -p ${D}/${sysconfdir}/default/volatiles |
| 81 | echo "d root root 0755 ${localstatedir}/run/krb5kdc none" \ |
| 82 | > ${D}${sysconfdir}/default/volatiles/87_krb5 |
| 83 | |
| 84 | echo "RUN_KADMIND=true" >> ${D}/${sysconfdir}/default/krb5-admin-server |
| 85 | fi |
| 86 | |
| 87 | if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then |
| 88 | install -d ${D}${sysconfdir}/tmpfiles.d |
| 89 | echo "d /run/krb5kdc - - - -" \ |
| 90 | > ${D}${sysconfdir}/tmpfiles.d/krb5.conf |
| 91 | |
| 92 | mkdir -p ${D}/${sysconfdir}/default |
| 93 | install -m 0644 ${WORKDIR}/etc/default/* ${D}/${sysconfdir}/default |
| 94 | |
| 95 | install -d ${D}${systemd_system_unitdir} |
| 96 | install -m 0644 ${WORKDIR}/krb5-admin-server.service ${D}${systemd_system_unitdir} |
| 97 | install -m 0644 ${WORKDIR}/krb5-kdc.service ${D}${systemd_system_unitdir} |
| 98 | fi |
| 99 | |
| 100 | sed -e 's@[^ ]*-ffile-prefix-map=[^ "]*@@g' \ |
| 101 | -e 's@[^ ]*-fdebug-prefix-map=[^ "]*@@g' \ |
| 102 | -e 's@[^ ]*-fmacro-prefix-map=[^ "]*@@g' \ |
| 103 | -i ${D}${bindir}/krb5-config |
| 104 | } |
| 105 | |
| 106 | PACKAGES =+ "${PN}-admin-server \ |
| 107 | ${PN}-gss-samples \ |
| 108 | ${PN}-k5tls \ |
| 109 | ${PN}-kdc \ |
| 110 | ${PN}-kdc-ldap \ |
| 111 | ${PN}-kpropd \ |
| 112 | ${PN}-otp \ |
| 113 | ${PN}-pkinit \ |
| 114 | ${PN}-spake \ |
| 115 | ${PN}-user \ |
| 116 | libgssapi-krb5 \ |
| 117 | libgssrpc \ |
| 118 | libk5crypto \ |
| 119 | libkadm5clnt-mit \ |
| 120 | libkadm5srv-mit \ |
| 121 | libkdb5 \ |
| 122 | libkrad \ |
| 123 | libkrb5 \ |
| 124 | libkrb5support \ |
| 125 | libverto" |
| 126 | |
| 127 | FILES:${PN} = "${libdir}/krb5/plugins/preauth/test.so" |
| 128 | FILES:${PN}-doc += "${datadir}/examples" |
| 129 | FILES:${PN}-dbg += "${libdir}/krb5/plugins/*/.debug" |
| 130 | |
| 131 | FILES:${PN}-admin-server = "${sbindir}/kadmin.local \ |
| 132 | ${sbindir}/kadmind \ |
| 133 | ${sbindir}/kprop \ |
| 134 | ${sysconfdir}/default/krb5-admin-server \ |
| 135 | ${sysconfdir}/init.d/krb5-admin-server \ |
| 136 | ${systemd_system_unitdir}/krb5-admin-server.service" |
| 137 | |
| 138 | FILES:${PN}-gss-samples = "${bindir}/gss-client \ |
| 139 | ${sbindir}/gss-server" |
| 140 | |
| 141 | FILES:${PN}-k5tls = "${libdir}/krb5/plugins/tls/k5tls.so" |
| 142 | |
| 143 | FILES:${PN}-kdc = "${libdir}/krb5/plugins/kdb/db2.so \ |
| 144 | ${localstatedir}/krb5kdc \ |
| 145 | ${sbindir}/kdb5_util \ |
| 146 | ${sbindir}/kproplog \ |
| 147 | ${sbindir}/krb5kdc \ |
| 148 | ${sysconfdir}/default/krb5-kdc \ |
| 149 | ${sysconfdir}/default/volatiles/87_krb5 \ |
| 150 | ${sysconfdir}/init.d/krb5-kdc \ |
| 151 | ${sysconfdir}/tmpfiles.d/krb5.conf \ |
| 152 | ${systemd_system_unitdir}/krb5-kdc.service" |
| 153 | |
| 154 | FILES:${PN}-kdc-ldap = "${libdir}/krb5/libkdb_ldap${SOLIBS} \ |
| 155 | ${libdir}/krb5/plugins/kdb/kldap.so \ |
| 156 | ${sbindir}/kdb5_ldap_util" |
| 157 | |
| 158 | FILES:${PN}-kpropd = "${sbindir}/kpropd" |
| 159 | FILES:${PN}-otp = "${libdir}/krb5/plugins/preauth/otp.so" |
| 160 | FILES:${PN}-pkinit = "${libdir}/krb5/plugins/preauth/pkinit.so" |
| 161 | FILES:${PN}-spake = "${libdir}/krb5/plugins/preauth/spake.so" |
| 162 | FILES:${PN}-user = "${bindir}/k*" |
| 163 | |
| 164 | FILES:libgssapi-krb5 = "${libdir}/libgssapi_krb5${SOLIBS}" |
| 165 | FILES:libgssrpc = "${libdir}/libgssrpc${SOLIBS}" |
| 166 | FILES:libk5crypto = "${libdir}/libk5crypto${SOLIBS}" |
| 167 | FILES:libkadm5clnt-mit = "${libdir}/libkadm5clnt_mit${SOLIBS}" |
| 168 | FILES:libkadm5srv-mit = "${libdir}/libkadm5srv_mit${SOLIBS}" |
| 169 | FILES:libkdb5 = "${libdir}/libkdb5${SOLIBS}" |
| 170 | FILES:libkrad = "${libdir}/libkrad${SOLIBS}" |
| 171 | FILES:libkrb5 = "${libdir}/libkrb5${SOLIBS} \ |
| 172 | ${libdir}/krb5/plugins/authdata \ |
| 173 | ${libdir}/krb5/plugins/libkrb5" |
| 174 | FILES:libkrb5support = "${libdir}/libkrb5support${SOLIBS}" |
| 175 | FILES:libverto = "${libdir}/libverto${SOLIBS}" |
| 176 | |
| 177 | RDEPENDS:${PN}-kadmin-server = "${PN}-kdc" |
| 178 | RDEPENDS:${PN}-kpropd = "${PN}-kdc" |
| 179 | |
| 180 | INITSCRIPT_PACKAGES = "${PN}-admin-server ${PN}-kdc" |
| 181 | INITSCRIPT_NAME:${PN}-admin-server = "krb5-admin-server" |
| 182 | INITSCRIPT_NAME:${PN}-kdc = "krb5-kdc" |
| 183 | |
| 184 | SYSTEMD_PACKAGES = "${PN}-admin-server ${PN}-kdc" |
| 185 | SYSTEMD_SERVICE:${PN}-admin-server = "krb5-admin-server.service" |
| 186 | SYSTEMD_SERVICE:${PN}-kdc = "krb5-kdc.service" |
| 187 | |
| 188 | pkg_postinst:${PN}-kdc () { |
| 189 | if [ -z "$D" ]; then |
| 190 | if command -v systemd-tmpfiles >/dev/null; then |
| 191 | systemd-tmpfiles --create ${sysconfdir}/tmpfiles.d/krb5.conf |
| 192 | elif [ -e ${sysconfdir}/init.d/populate-volatile.sh ]; then |
| 193 | ${sysconfdir}/init.d/populate-volatile.sh update |
| 194 | fi |
| 195 | fi |
| 196 | } |
| 197 | |
| 198 | BBCLASSEXTEND = "native nativesdk" |