GNU bug report logs - #77789
[PATCH] gnu: sssd: Update to 2.9.6.

Previous Next

Package: guix-patches;

Reported by: Ian Eure <ian <at> retrospec.tv>

Date: Mon, 14 Apr 2025 01:44:01 UTC

Severity: normal

Tags: patch

Done: Ian Eure <ian <at> retrospec.tv>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Ian Eure <ian <at> retrospec.tv>
To: Maxim Cournoyer <maxim.cournoyer <at> gmail.com>
Cc: 77789 <at> debbugs.gnu.org
Subject: [bug#77789] [PATCH] gnu: sssd: Update to 2.9.6.
Date: Mon, 14 Apr 2025 07:45:00 -0700

Maxim Cournoyer <maxim.cournoyer <at> gmail.com> writes:

> Hi,
>
> Ian Eure <ian <at> retrospec.tv> writes:
>
>> This package has been broken since Samba was updated from 
>> 4.17.x to 4.18.x in
>> 744e973de361fed498cdcf9725fe36aef3d7a73d.  This patch updates 
>> sssd to 2.9.6
>> and fixes the build.
>
> Thanks.
>
>> * gnu/packages/sssd.scm (sssd): Update to 2.9.6.
>> [#:configure-flags]: Point to docbook catalog.
>> [#:phases 'patch-samba-pkgconfig]: Correct library path.
>> [#:phases ‘disable-active-directory-tests]: Disable tests that 
>> require AD
>> running in a VM.
>> [#:inputs]: Update docbook-xml to 4.5.
>>
>> Change-Id: I13effcd34995e2e9c7fdc6d95d0fa2e35cf15bae
>> ---
>>  gnu/packages/sssd.scm | 27 +++++++++++++++++++++++----
>>  1 file changed, 23 insertions(+), 4 deletions(-)
>>
>> diff --git a/gnu/packages/sssd.scm b/gnu/packages/sssd.scm
>> index d0dd0c400a..20107aef8a 100644
>> --- a/gnu/packages/sssd.scm
>> +++ b/gnu/packages/sssd.scm
>> @@ -139,7 +139,7 @@ (define-public ding-libs
>>  (define-public sssd
>>    (package
>>      (name "sssd")
>> -    (version "2.9.4")
>> +    (version "2.9.6")
>>      (source
>>       (origin
>>         (method git-fetch)
>> @@ -148,7 +148,7 @@ (define-public sssd
>>               (commit version)))
>>         (file-name (git-file-name name version))
>>         (sha256
>> -        (base32 
>> "11qchs59f8y8w5ns9mqg16nrv1kglfavzvqway0aj2z6ssfxk5al"))
>> +        (base32 
>> "056l6b067bc5yi3dvlv41kg1a5hl3j3fq2xll3yfwwz4phcx8qd9"))
>>         (patches (search-patches 
>>         "sssd-system-directories.patch"))))
>>      (build-system gnu-build-system)
>>      (arguments
>> @@ -180,9 +180,15 @@ (define-public sssd
>>                               #$output "/etc/init.d")
>>                (string-append "--with-ldb-lib-dir="
>>                               #$output "/lib/ldb/modules/ldb")
>> +              ;; Upstream defaults to /etc/xml/catalog, and 
>> despite the "path"
>> +              ;; name, only expects one file -- so we can't 
>> use
>> +              ;; $XML_CATALOG_FILES, which has docbook-xml and 
>> docbook-xsl
>> +              ;; entries.
>>                (string-append "--with-xml-catalog-path="
>>                               #$(this-package-native-input 
>>                               "docbook-xml")
>> -                             "/xml/dtd/docbook/catalog.xml"))
>> +                             "/xml/docbook/"
>> +                             #$(package-version 
>> (this-package-native-input "docbook-xml"))
>> +                             "/catalog.xml"))
>>        #:modules '((guix build gnu-build-system)
>>                    (guix build utils)
>>                    ((guix build python-build-system)
>> @@ -193,6 +199,13 @@ (define-public sssd
>>        #~(modify-phases %standard-phases
>>            (add-after 'unpack 'ensure-no-mtimes-pre-1980
>>                       ensure-no-mtimes-pre-1980)
>> +          ;; sssd looks in lib/samba, but the Guix package 
>> puts things in lib/
>> +          ;; Patch the path before we autoreconf.
>> +          (add-before 'bootstrap 'patch-samba-pkgconfig
>> +            (lambda _
>> +              (substitute* '("src/external/samba.m4")
>> +                (("(sambalibdir=.*/)samba" _ prefix)
>> +                 prefix))))
>
> Ah, it seems this is caused by the use of '--libdir' in Samba. 
> If this
> breaks common expectation, perhaps we should revert that bit and 
> find a
> better fix for the samba build system not linking correctly to 
> its
> own libraries (thus missing RPATH entries, IIUC).

It’s a bit more complicated than that.  The version in master 
(2.9.4) finds the Samba libs okay, but fails on the Active 
Directory tests, which require AD running in a VM to work[1].  I’m 
not sure exatly what happened here, but I suspect the AD tests 
have some conditionality which prevented them from running on 
Samba 4.17, so we never saw those failures.

On sssd 2.9.5 or 2.9.6, the `configure' phase can’t find the Samba 
libs without the fix I added.  After addressing that, they suffer 
from the same failing AD tests, so I disabled those, based on what 
I read in the sssd developer docs.

I also have a patch to update to 2.10.2 (the latest), and it 
builds, but it likely needs more work.  Its install tries to 
create an additional directory in /var, I pointed this at the 
package output, but suspect it wants to write stuff into it, which 
isn’t going to work.  I opted for 2.9.6 because that seems safer; 
happy to share the 2.10.2 WIP patch if you’d like to finish that 
update.


> Otherwise feel free to push!

I’ll push a bit later today, but this definitely isn’t either/or, 
if we have leverage to make consumers of Samba libs work better, 
that ought to get pursued.  I might be wrong, but I assume other 
packages which depend on Samba libs would need similar changes.

Thanks,

 -- Ian

[1]: https://tests.sssd.io/en/latest/running-tests.html
This bug report was last modified 32 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.