Update ipasam rpm
Overview
Update-ipasam-rpm is a project that facilitates building a custom rpm with just the one file that samba needs to authenticate users to ipa.
Update-ipasam-rpm upstream
Gitlab is the upstream. This is original work.
Reason for existing
The proper ipa-server-trust-ad
rpm has a large number of dependencies which are not necessary merely when using samba with ipa user authentication, so this project copies that file out and builds a small rpm just for the one file. This makes my samba file server need fewer packages installed.
Alternatives
Install ipa-server-trust-ad
with all of its dependencies, which is way more than I want to use when I just need ipasam.so.
Dependencies
For any rpm-based system, but primarily AlmaLinux 8, the server that runs the cron job needs a few things:
- Http/s access to a package mirror
- Https access to copr to initiate builds
- Https access to gitlab to pull ipasam.spec template
- Packages:
copr-cli
,rpmbuild
- Unprivileged user, shown in this documentation as username
copruser
The copr api can be used with a copr user with a generated api key (Reference 1).
Files in the project
~copruser/.config/copr
~copruser/.config/ipasam
~copruser/bin/update-ipasam-rpm.sh
/etc/cron/70_ipasam_cron
-
~copruser/.cache/ipasam.spec
(generated by modifying spec from this repo) -
~copruser/.cache/ipa-server-trust-ad.ver
(generated) -
~copruser/rpmbuild/SRPMS/iapsam*.srpm
(generated)
Usage
- Create user
copruser
or other unprivileged user as desired. - Deploy the non-generated files from this repository to the above locations and inspect the config files.
- Prepare a user on the copr and generate an api key and place in file
~copruser/.config/copr
. -
Run the command manually to see it operate.
~/bin/update-ipasam-rpm.sh
-
Visit your copr project to see the ipasam rpm that you built!
Differences from upstream
N/A
Comments