diff --git a/sys-auth/sssd/Manifest b/sys-auth/sssd/Manifest
index c6b46c5..b603135 100644
--- a/sys-auth/sssd/Manifest
+++ b/sys-auth/sssd/Manifest
@@ -1 +1,2 @@
-DIST sssd-2.6.3.tar.gz 6062332 BLAKE2B bb2a81ce45200ea933244404743438ea552be3cfb7807b57bdbfdaa33caebee437dbb846efbc779c2db4ede2a049637e6e709117c9797104cdace185520591f2 SHA512 5a8cacac5ead44d31167852b418167a740b31fc9adf2a0fe88e57c3a8ed9e9cfda1ceb57084c5e86f43deb0e96e78dc88f23dae962df3b0a5ae60255cdeff8fc
+DIST sssd-2.7.0.tar.gz 7556843 BLAKE2B 7184050d2a93a557ddcf278d4fcdac9b8a24fc46b531a46fbfe6a0b8fb5d7c96c540bdac879d7882a89e8d92c875562bf1b63c791e49aa3638f5e9301c680e16 SHA512 578ee5b5a0160fce2ea9269d6082a6517ee63cd9ea8ea8a202f1a5d7783ae0f02d18a8a32a48dc8773e1a9d28093c9256d8d26d42a2facf20b57cadf419a854c
+DIST sssd-2.7.0.tar.gz.asc 833 BLAKE2B 11b5cdaa568efa7fe9c5a87c49b137544dff120bc4c511160271292b0eb091f62d866755d90ab3a1488b3f5bb06e3da53a289e7eb4ad4fa88ba43a013fd40e1f SHA512 380976807642a1c3abf1756a2c3dd06abe9f697415587965d43e540b3263bcd92fd42f4c2e1963426e9e7a434ad20c7b17dcf9f56143d59c2cca6e2fe792dddc
diff --git a/sys-auth/sssd/files/sssd-2.7.0-conditional-python-install.patch b/sys-auth/sssd/files/sssd-2.7.0-conditional-python-install.patch
new file mode 100644
index 0000000..63a095b
--- /dev/null
+++ b/sys-auth/sssd/files/sssd-2.7.0-conditional-python-install.patch
@@ -0,0 +1,20 @@
+--- src/tools/analyzer/Makefile.am.old 2022-05-16 00:02:17.122583752 +0200
++++ src/tools/analyzer/Makefile.am 2022-05-16 00:04:29.499238484 +0200
+@@ -1,5 +1,7 @@
+ sss_analyze_pythondir = $(libexecdir)/sssd
++modulesdir = $(pkgpythondir)/modules
+
++if BUILD_PYTHON_BINDINGS
+ dist_sss_analyze_python_SCRIPTS = \
+ sss_analyze \
+ $(NULL)
+@@ -15,8 +17,8 @@
+ sss_analyze.py \
+ $(NULL)
+
+-modulesdir = $(pkgpythondir)/modules
+ dist_modules_DATA = \
+ modules/__init__.py \
+ modules/request.py \
+ $(NULL)
++endif
diff --git a/sys-auth/sssd/metadata.xml b/sys-auth/sssd/metadata.xml
index 1de1487..a6e0a5c 100644
--- a/sys-auth/sssd/metadata.xml
+++ b/sys-auth/sssd/metadata.xml
@@ -15,6 +15,7 @@
Add support for netlink protocol via dev-libs/libnl
Add support for the nfsv4 idmapd plugin provided by net-fs/nfs-utils
Add Privileged Attribute Certificate Support for Kerberos
+ Add support for subordinate uid and gid ranges
Build helper to let app-admin/sudo use sssd provided information
Enable SystemTAP/DTrace tracing
Depend on dev-util/valgrind for test suite
diff --git a/sys-auth/sssd/sssd-2.6.3.ebuild b/sys-auth/sssd/sssd-2.7.0.ebuild
similarity index 92%
rename from sys-auth/sssd/sssd-2.6.3.ebuild
rename to sys-auth/sssd/sssd-2.7.0.ebuild
index 0d250f3..ebd36c1 100644
--- a/sys-auth/sssd/sssd-2.6.3.ebuild
+++ b/sys-auth/sssd/sssd-2.7.0.ebuild
@@ -1,22 +1,24 @@
-# Copyright 1999-2021 Gentoo Authors
+# Copyright 1999-2022 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
-PYTHON_COMPAT=( python3_{8..10} )
PLOCALES="ca cs de es eu fi fr ja ko nl pt pt_BR ru sv tg uk zh_CN"
PLOCALES_BIN="${PLOCALES} bg hu id it nb pl zh_TW"
PLOCALE_BACKUP="de"
+PYTHON_COMPAT=( python3_{8..10} )
+VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/sssd.asc
-inherit autotools linux-info multilib-minimal optfeature plocale python-single-r1 pam systemd toolchain-funcs
+inherit autotools linux-info multilib-minimal optfeature plocale python-single-r1 pam systemd toolchain-funcs verify-sig
DESCRIPTION="System Security Services Daemon provides access to identity and authentication"
HOMEPAGE="https://github.com/SSSD/sssd"
-SRC_URI="https://github.com/SSSD/sssd/archive/refs/tags/${PV}.tar.gz -> ${P}.tar.gz"
+SRC_URI="https://github.com/SSSD/sssd/releases/download/${PV}/${P}.tar.gz"
+SRC_URI+=" verify-sig? ( https://github.com/SSSD/sssd/releases/download/${PV}/${P}.tar.gz.asc )"
LICENSE="GPL-3"
SLOT="0"
-KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86"
+KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~sparc ~x86"
IUSE="acl doc +locator +netlink nfsv4 nls +man pac python samba selinux subid sudo systemd systemtap test valgrind"
REQUIRED_USE="
pac? ( samba )
@@ -30,6 +32,7 @@ DEPEND="
app-crypt/p11-kit
>=dev-libs/ding-libs-0.2
>=dev-libs/cyrus-sasl-2.1.25-r3[kerberos]
+ dev-libs/jansson
dev-libs/libpcre2:=
dev-libs/libunistring:=
>=dev-libs/popt-1.16
@@ -46,7 +49,7 @@ DEPEND="
>=sys-libs/ldb-1.1.17-r1:=
virtual/libintl
acl? ( net-fs/cifs-utils[acl] )
- locator? ( >=net-dns/c-ares-1.10.0-r1[${MULTILIB_USEDEP}] )
+ locator? ( >=net-dns/c-ares-1.10.0-r1:=[${MULTILIB_USEDEP}] )
netlink? ( dev-libs/libnl:3 )
nfsv4? ( >=net-fs/nfs-utils-2.3.1-r2 )
nls? ( >=sys-devel/gettext-0.18 )
@@ -64,6 +67,10 @@ DEPEND="
>=sys-libs/libsemanage-2.1
)
subid? ( >=sys-apps/shadow-4.9 )
+ systemd? (
+ sys-apps/systemd:=
+ sys-apps/util-linux
+ )
systemtap? ( dev-util/systemtap )"
RDEPEND="${DEPEND}
>=sys-libs/glibc-2.17[nscd]
@@ -72,6 +79,11 @@ BDEPEND="
virtual/pkgconfig
${PYTHON_DEPS}
doc? ( app-doc/doxygen )
+ man? (
+ app-text/docbook-xml-dtd:4.4
+ >=dev-libs/libxslt-1.1.26
+ nls? ( app-text/po4a )
+ )
nls? ( sys-devel/gettext )
test? (
dev-libs/check
@@ -84,14 +96,13 @@ BDEPEND="
sys-libs/uid_wrapper
valgrind? ( dev-util/valgrind )
)
- man? (
- app-text/docbook-xml-dtd:4.4
- >=dev-libs/libxslt-1.1.26
- nls? ( app-text/po4a )
- )"
+ verify-sig? ( sec-keys/openpgp-keys-sssd )
+"
CONFIG_CHECK="~KEYS"
+PATCHES=( "${FILESDIR}"/${PN}-2.7.0-conditional-python-install.patch )
+
MULTILIB_WRAPPED_HEADERS=(
/usr/include/ipa_hbac.h
/usr/include/sss_idmap.h
@@ -128,13 +139,6 @@ src_prepare() {
plocale_for_each_locale enable_locale
- # remove locales that will not build
-# sed -i \
-# -e "/_langs]/ s/ br//" \
-# -e "/_langs]/ s/ lv//" \
-# src/man/po/po4a.cfg \
-# || die
-
PLOCALES="${PLOCALES_BIN}"
plocale_get_locales > po/LINGUAS || die
@@ -197,6 +201,7 @@ multilib_src_configure() {
$(multilib_native_use_with sudo)
$(multilib_native_with autofs)
$(multilib_native_with ssh)
+ --without-oidc-child
$(use_with subid)
$(use_enable systemtap)
$(use_enable valgrind)