Adding upstream version 2.9.4.upstream/2.9.4

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
author: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-04-19 05:31:45 +0000
committer: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-04-19 05:31:45 +0000
commit: 74aa0bc6779af38018a03fd2cf4419fe85917904 (patch)
tree: 9cb0681aac9a94a49c153d5823e7a55d1513d91f /src/sysv/systemd
parent: Initial commit. (diff)
download: sssd-74aa0bc6779af38018a03fd2cf4419fe85917904.tar.xz
sssd-74aa0bc6779af38018a03fd2cf4419fe85917904.zip
17 files changed, 283 insertions, 0 deletions
diff --git a/src/sysv/systemd/sssd-autofs.service.in b/src/sysv/systemd/sssd-autofs.service.in
new file mode 100644
index 0000000..7f920ad
--- /dev/null
+++ b/src/sysv/systemd/sssd-autofs.service.in
@@ -0,0 +1,19 @@
+[Unit]
+Description=SSSD AutoFS Service responder
+Documentation=man:sssd.conf(5)
+After=sssd.service
+BindsTo=sssd.service
+RefuseManualStart=true
+
+[Install]
+Also=sssd-autofs.socket
+
+[Service]
+Environment=DEBUG_LOGGER=--logger=files
+EnvironmentFile=-@environment_file@
+ExecStartPre=-/bin/chown @SSSD_USER@:@SSSD_USER@ @logpath@/sssd_autofs.log
+ExecStart=@libexecdir@/sssd/sssd_autofs ${DEBUG_LOGGER} --socket-activated
+Restart=on-failure
+User=@SSSD_USER@
+Group=@SSSD_USER@
+PermissionsStartOnly=true
diff --git a/src/sysv/systemd/sssd-autofs.socket.in b/src/sysv/systemd/sssd-autofs.socket.in
new file mode 100644
index 0000000..201b33d
--- /dev/null
+++ b/src/sysv/systemd/sssd-autofs.socket.in
@@ -0,0 +1,16 @@
+[Unit]
+Description=SSSD AutoFS Service responder socket
+Documentation=man:sssd.conf(5)
+After=sssd.service
+BindsTo=sssd.service
+DefaultDependencies=no
+Conflicts=shutdown.target
+
+[Socket]
+ExecStartPre=@libexecdir@/sssd/sssd_check_socket_activated_responders -r autofs
+ListenStream=@pipepath@/autofs
+SocketUser=@SSSD_USER@
+SocketGroup=@SSSD_USER@
+
+[Install]
+WantedBy=sssd.service
diff --git a/src/sysv/systemd/sssd-ifp.service.in b/src/sysv/systemd/sssd-ifp.service.in
new file mode 100644
index 0000000..9095da3
--- /dev/null
+++ b/src/sysv/systemd/sssd-ifp.service.in
@@ -0,0 +1,14 @@
+[Unit]
+Description=SSSD IFP Service responder
+Documentation=man:sssd-ifp(5)
+After=sssd.service
+BindsTo=sssd.service
+
+[Service]
+Environment=DEBUG_LOGGER=--logger=files
+EnvironmentFile=-@environment_file@
+Type=dbus
+BusName=org.freedesktop.sssd.infopipe
+ExecStart=@ifp_exec_cmd@ ${DEBUG_LOGGER}
+CapabilityBoundingSet= @additional_caps@ CAP_IPC_LOCK CAP_CHOWN CAP_DAC_READ_SEARCH CAP_FOWNER CAP_SETGID CAP_SETUID
+@ifp_restart@
diff --git a/src/sysv/systemd/sssd-kcm.service.in b/src/sysv/systemd/sssd-kcm.service.in
new file mode 100644
index 0000000..2ea2e08
--- /dev/null
+++ b/src/sysv/systemd/sssd-kcm.service.in
@@ -0,0 +1,14 @@
+[Unit]
+Description=SSSD Kerberos Cache Manager
+Documentation=man:sssd-kcm(5)
+Requires=sssd-kcm.socket
+After=sssd-kcm.socket
+
+[Install]
+Also=sssd-kcm.socket
+
+[Service]
+Environment=DEBUG_LOGGER=--logger=files
+ExecStartPre=-@sbindir@/sssd --genconf-section=kcm
+ExecStart=@libexecdir@/sssd/sssd_kcm --uid 0 --gid 0 ${DEBUG_LOGGER}
+CapabilityBoundingSet= @additional_caps@ CAP_IPC_LOCK CAP_CHOWN CAP_DAC_READ_SEARCH CAP_FOWNER CAP_SETGID CAP_SETUID
diff --git a/src/sysv/systemd/sssd-kcm.socket.in b/src/sysv/systemd/sssd-kcm.socket.in
new file mode 100644
index 0000000..9066add
--- /dev/null
+++ b/src/sysv/systemd/sssd-kcm.socket.in
@@ -0,0 +1,9 @@
+[Unit]
+Description=SSSD Kerberos Cache Manager responder socket
+Documentation=man:sssd-kcm(8)
+
+[Socket]
+ListenStream=@runstatedir@/.heim_org.h5l.kcm-socket
+
+[Install]
+WantedBy=sockets.target
diff --git a/src/sysv/systemd/sssd-nss.service.in b/src/sysv/systemd/sssd-nss.service.in
new file mode 100644
index 0000000..c671280
--- /dev/null
+++ b/src/sysv/systemd/sssd-nss.service.in
@@ -0,0 +1,15 @@
+[Unit]
+Description=SSSD NSS Service responder
+Documentation=man:sssd.conf(5)
+After=sssd.service
+BindsTo=sssd.service
+RefuseManualStart=true
+
+[Install]
+Also=sssd-nss.socket
+
+[Service]
+Environment=DEBUG_LOGGER=--logger=files
+EnvironmentFile=-@environment_file@
+ExecStart=@libexecdir@/sssd/sssd_nss ${DEBUG_LOGGER} --socket-activated
+Restart=on-failure
diff --git a/src/sysv/systemd/sssd-nss.socket.in b/src/sysv/systemd/sssd-nss.socket.in
new file mode 100644
index 0000000..e5d6eda
--- /dev/null
+++ b/src/sysv/systemd/sssd-nss.socket.in
@@ -0,0 +1,15 @@
+[Unit]
+Description=SSSD NSS Service responder socket
+Documentation=man:sssd.conf(5)
+After=sssd.service
+BindsTo=sssd.service
+Before=sssd-autofs.socket sssd-pac.socket sssd-pam.socket sssd-ssh.socket sssd-sudo.socket
+DefaultDependencies=no
+Conflicts=shutdown.target
+
+[Socket]
+ExecStartPre=@libexecdir@/sssd/sssd_check_socket_activated_responders -r nss
+ListenStream=@pipepath@/nss
+
+[Install]
+WantedBy=sssd.service
diff --git a/src/sysv/systemd/sssd-pac.service.in b/src/sysv/systemd/sssd-pac.service.in
new file mode 100644
index 0000000..590449b
--- /dev/null
+++ b/src/sysv/systemd/sssd-pac.service.in
@@ -0,0 +1,19 @@
+[Unit]
+Description=SSSD PAC Service responder
+Documentation=man:sssd.conf(5)
+After=sssd.service
+BindsTo=sssd.service
+RefuseManualStart=true
+
+[Install]
+Also=sssd-pac.socket
+
+[Service]
+Environment=DEBUG_LOGGER=--logger=files
+EnvironmentFile=-@environment_file@
+ExecStartPre=-/bin/chown @SSSD_USER@:@SSSD_USER@ @logpath@/sssd_pac.log
+ExecStart=@libexecdir@/sssd/sssd_pac ${DEBUG_LOGGER} --socket-activated
+Restart=on-failure
+User=@SSSD_USER@
+Group=@SSSD_USER@
+PermissionsStartOnly=true
diff --git a/src/sysv/systemd/sssd-pac.socket.in b/src/sysv/systemd/sssd-pac.socket.in
new file mode 100644
index 0000000..40dec44
--- /dev/null
+++ b/src/sysv/systemd/sssd-pac.socket.in
@@ -0,0 +1,16 @@
+[Unit]
+Description=SSSD PAC Service responder socket
+Documentation=man:sssd.conf(5)
+After=sssd.service
+BindsTo=sssd.service
+DefaultDependencies=no
+Conflicts=shutdown.target
+
+[Socket]
+ExecStartPre=@libexecdir@/sssd/sssd_check_socket_activated_responders -r pac
+ListenStream=@pipepath@/pac
+SocketUser=@SSSD_USER@
+SocketGroup=@SSSD_USER@
+
+[Install]
+WantedBy=sssd.service
diff --git a/src/sysv/systemd/sssd-pam-priv.socket.in b/src/sysv/systemd/sssd-pam-priv.socket.in
new file mode 100644
index 0000000..27f2cf7
--- /dev/null
+++ b/src/sysv/systemd/sssd-pam-priv.socket.in
@@ -0,0 +1,19 @@
+[Unit]
+Description=SSSD PAM Service responder private socket
+Documentation=man:sssd.conf(5)
+After=sssd.service
+BindsTo=sssd.service
+BindsTo=sssd-pam.socket
+DefaultDependencies=no
+Conflicts=shutdown.target
+
+[Socket]
+ExecStartPre=@libexecdir@/sssd/sssd_check_socket_activated_responders -r pam
+Service=sssd-pam.service
+ListenStream=@pipepath@/private/pam
+SocketUser=root
+SocketGroup=root
+SocketMode=0600
+
+[Install]
+WantedBy=sssd.service
diff --git a/src/sysv/systemd/sssd-pam.service.in b/src/sysv/systemd/sssd-pam.service.in
new file mode 100644
index 0000000..f2e9385
--- /dev/null
+++ b/src/sysv/systemd/sssd-pam.service.in
@@ -0,0 +1,19 @@
+[Unit]
+Description=SSSD PAM Service responder
+Documentation=man:sssd.conf(5)
+After=sssd.service
+BindsTo=sssd.service
+RefuseManualStart=true
+
+[Install]
+Also=sssd-pam.socket sssd-pam-priv.socket
+
+[Service]
+Environment=DEBUG_LOGGER=--logger=files
+EnvironmentFile=-@environment_file@
+ExecStartPre=-/bin/chown @SSSD_USER@:@SSSD_USER@ @logpath@/sssd_pam.log
+ExecStart=@libexecdir@/sssd/sssd_pam ${DEBUG_LOGGER} --socket-activated
+Restart=on-failure
+User=@SSSD_USER@
+Group=@SSSD_USER@
+PermissionsStartOnly=true
diff --git a/src/sysv/systemd/sssd-pam.socket.in b/src/sysv/systemd/sssd-pam.socket.in
new file mode 100644
index 0000000..cbbb762
--- /dev/null
+++ b/src/sysv/systemd/sssd-pam.socket.in
@@ -0,0 +1,17 @@
+[Unit]
+Description=SSSD PAM Service responder socket
+Documentation=man:sssd.conf(5)
+After=sssd.service
+BindsTo=sssd.service
+BindsTo=sssd-pam-priv.socket
+DefaultDependencies=no
+Conflicts=shutdown.target
+
+[Socket]
+ExecStartPre=@libexecdir@/sssd/sssd_check_socket_activated_responders -r pam
+ListenStream=@pipepath@/pam
+SocketUser=root
+SocketGroup=root
+
+[Install]
+WantedBy=sssd.service
diff --git a/src/sysv/systemd/sssd-ssh.service.in b/src/sysv/systemd/sssd-ssh.service.in
new file mode 100644
index 0000000..1c18546
--- /dev/null
+++ b/src/sysv/systemd/sssd-ssh.service.in
@@ -0,0 +1,19 @@
+[Unit]
+Description=SSSD SSH Service responder
+Documentation=man:sssd.conf(5)
+After=sssd.service
+BindsTo=sssd.service
+RefuseManualStart=true
+
+[Install]
+Also=sssd-ssh.socket
+
+[Service]
+Environment=DEBUG_LOGGER=--logger=files
+EnvironmentFile=-@environment_file@
+ExecStartPre=-/bin/chown @SSSD_USER@:@SSSD_USER@ @logpath@/sssd_ssh.log
+ExecStart=@libexecdir@/sssd/sssd_ssh ${DEBUG_LOGGER} --socket-activated
+Restart=on-failure
+User=@SSSD_USER@
+Group=@SSSD_USER@
+PermissionsStartOnly=true
diff --git a/src/sysv/systemd/sssd-ssh.socket.in b/src/sysv/systemd/sssd-ssh.socket.in
new file mode 100644
index 0000000..4772ef3
--- /dev/null
+++ b/src/sysv/systemd/sssd-ssh.socket.in
@@ -0,0 +1,16 @@
+[Unit]
+Description=SSSD SSH Service responder socket
+Documentation=man:sssd.conf(5)
+After=sssd.service
+BindsTo=sssd.service
+DefaultDependencies=no
+Conflicts=shutdown.target
+
+[Socket]
+ExecStartPre=@libexecdir@/sssd/sssd_check_socket_activated_responders -r ssh
+ListenStream=@pipepath@/ssh
+SocketUser=@SSSD_USER@
+SocketGroup=@SSSD_USER@
+
+[Install]
+WantedBy=sssd.service
diff --git a/src/sysv/systemd/sssd-sudo.service.in b/src/sysv/systemd/sssd-sudo.service.in
new file mode 100644
index 0000000..539fd99
--- /dev/null
+++ b/src/sysv/systemd/sssd-sudo.service.in
@@ -0,0 +1,19 @@
+[Unit]
+Description=SSSD Sudo Service responder
+Documentation=man:sssd.conf(5) man:sssd-sudo(5)
+After=sssd.service
+BindsTo=sssd.service
+RefuseManualStart=true
+
+[Install]
+Also=sssd-sudo.socket
+
+[Service]
+Environment=DEBUG_LOGGER=--logger=files
+EnvironmentFile=-@environment_file@
+ExecStartPre=-/bin/chown @SSSD_USER@:@SSSD_USER@ @logpath@/sssd_sudo.log
+ExecStart=@libexecdir@/sssd/sssd_sudo ${DEBUG_LOGGER} --socket-activated
+Restart=on-failure
+User=@SSSD_USER@
+Group=@SSSD_USER@
+PermissionsStartOnly=true
diff --git a/src/sysv/systemd/sssd-sudo.socket.in b/src/sysv/systemd/sssd-sudo.socket.in
new file mode 100644
index 0000000..e94a2f6
--- /dev/null
+++ b/src/sysv/systemd/sssd-sudo.socket.in
@@ -0,0 +1,16 @@
+[Unit]
+Description=SSSD Sudo Service responder socket
+Documentation=man:sssd.conf(5)
+After=sssd.service
+BindsTo=sssd.service
+DefaultDependencies=no
+Conflicts=shutdown.target
+
+[Socket]
+ExecStartPre=@libexecdir@/sssd/sssd_check_socket_activated_responders -r sudo
+ListenStream=@pipepath@/sudo
+SocketUser=@SSSD_USER@
+SocketMode=0660
+
+[Install]
+WantedBy=sssd.service
diff --git a/src/sysv/systemd/sssd.service.in b/src/sysv/systemd/sssd.service.in
new file mode 100644
index 0000000..79bba20
--- /dev/null
+++ b/src/sysv/systemd/sssd.service.in
@@ -0,0 +1,21 @@
+[Unit]
+Description=System Security Services Daemon
+# SSSD must be running before we permit user sessions
+Before=systemd-user-sessions.service nss-user-lookup.target
+Wants=nss-user-lookup.target
+StartLimitIntervalSec=50s
+StartLimitBurst=5
+@condconfigexists@
+
+[Service]
+Environment=DEBUG_LOGGER=--logger=files
+EnvironmentFile=-@environment_file@
+ExecStart=@sbindir@/sssd -i ${DEBUG_LOGGER}
+Type=notify
+NotifyAccess=main
+PIDFile=@pidpath@/sssd.pid
+CapabilityBoundingSet= @additional_caps@ CAP_IPC_LOCK CAP_CHOWN CAP_DAC_READ_SEARCH CAP_KILL CAP_NET_ADMIN CAP_SYS_NICE CAP_FOWNER CAP_SETGID CAP_SETUID CAP_SYS_ADMIN CAP_SYS_RESOURCE CAP_BLOCK_SUSPEND
+Restart=on-abnormal
+
+[Install]
+WantedBy=multi-user.target
author	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-04-19 05:31:45 +0000
committer	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-04-19 05:31:45 +0000
commit	74aa0bc6779af38018a03fd2cf4419fe85917904 (patch)
tree	9cb0681aac9a94a49c153d5823e7a55d1513d91f /src/sysv/systemd
parent	Initial commit. (diff)
download	sssd-74aa0bc6779af38018a03fd2cf4419fe85917904.tar.xz sssd-74aa0bc6779af38018a03fd2cf4419fe85917904.zip