mart-w/kanidm
1
0
Fork 0
mirror of https://github.com/kanidm/kanidm.git synced 2025-02-23 12:37:00 +01:00
Code Issues Actions 16 Packages Projects Releases Wiki Activity

more-merge unixd commands (#1568)

Browse source 
* fixing unix packaging
* stripping out actions-rs/toolchain
* fixing an error in the qrcode def in cargo.toml
This commit is contained in:
James Hodgkinson 2023-04-25 22:36:17 +10:00 committed by GitHub
parent ade1591554
commit ec8e5dfc31
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
14 changed files with 35 additions and 164 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
.github/dependabot.yml vendored
View file

@ -119,4 +119,4 @@ updates:
interval: weekly interval: weekly
time: "06:00" time: "06:00"
timezone: Australia/Brisbane timezone: Australia/Brisbane
open-pull-requests-limit: 99 open-pull-requests-limit: 99

11
.github/workflows/clippy.yml vendored
View file

@ -38,15 +38,6 @@ jobs:
libsqlite3-dev \ libsqlite3-dev \
pkg-config pkg-config
# - name: Install Rust
# uses: actions-rs/toolchain@v1
# with:
# toolchain: stable
# override: true
# default: true
- name: "Run clippy (ignores errors, this is just a check)" - name: "Run clippy (ignores errors, this is just a check)"
uses: actions-rs/cargo@v1 run: cargo clippy
with:
command: clippy
continue-on-error: true continue-on-error: true

6
.github/workflows/debian_package_kanidm.yml vendored
View file

@ -42,11 +42,7 @@ jobs:
curl \ curl \
sudo sudo
- name: Install Rust - name: Install Rust
uses: actions-rs/toolchain@v1 uses: dtolnay/rust-toolchain@stable
with:
toolchain: stable
override: true
default: true
- name: "Doing the package build" - name: "Doing the package build"
run: | run: |
make -f platform/debian/Makefile debs/all make -f platform/debian/Makefile debs/all

69
.github/workflows/kanidm_book.yml vendored
View file

@ -37,7 +37,7 @@ jobs:
matrix: matrix:
# tag: ${{ fromJson(needs.generate_tags.outputs.tags) }} # tag: ${{ fromJson(needs.generate_tags.outputs.tags) }}
tag: tag:
- ${{ needs.generate_tags.outputs.latest}} - ${{ needs.generate_tags.outputs.latest}}
with: with:
tag: ${{ matrix.tag }} tag: ${{ matrix.tag }}
parent_id: ${{ github.ref }} parent_id: ${{ github.ref }}
@ -60,69 +60,10 @@ jobs:
name: docs name: docs
- name: Extract the files - name: Extract the files
run: | run: |
find . -name '*.tar.gz' -exec tar zxf "{}" \; find . -name '*.tar.gz' -exec tar zxf "{}" \;
ls -la docs/ ls -la docs/
cd docs && ln -s ${{ needs.generate_tags.outputs.latest}}/ stable && cd .. cd docs && \
ln -s ${{ needs.generate_tags.outputs.latest}}/ stable && \
cd ..
ls -la docs/ ls -la docs/
# - uses: actions/checkout@v3
# with:
# fetch-depth: 0
# clean: false
# - name: Install deps
# run: |
# sudo apt-get update
# sudo apt-get install -y clang build-essential \
# librust-openssl-dev libssl-dev \
# libsqlite3-dev libudev-dev \
# libpam0g-dev
# - name: Setup deno
# # Documentation: https://github.com/denoland/setup-deno
# uses: denoland/setup-deno@v1
# with:
# deno-version: v1.x
# - name: Test document formatting
# run: |
# make doc/format
# - name: Setup mdBook
# uses: peaceiris/actions-mdbook@v1
# with:
# mdbook-version: "latest"
# - uses: actions-rs/toolchain@v1
# with:
# toolchain: stable
# - uses: actions-rs/cargo@v1
# with:
# command: install
# args: mdbook-template
# - name: Make all the books
# run: ./scripts/build_all_the_docs.sh
# - name: Install python 3.10
# uses: actions/setup-python@v4
# with:
# python-version: "3.10"
# - name: pykanidm docs
# run: |
# python -m pip install poetry
# make docs/pykanidm/build
# mv pykanidm/site ./docs/pykanidm
# - name: Deploy
# uses: peaceiris/actions-gh-pages@v3
# if: ${{ github.ref == 'refs/heads/master' }}
# with:
# github_token: ${{ secrets.GITHUB_TOKEN }}
# publish_dir: ./docs
# destination_dir: ./docs

5
.github/workflows/kanidm_individual_book.yml vendored
View file

@ -43,9 +43,8 @@ jobs:
with: with:
mdbook-version: "latest" mdbook-version: "latest"
- uses: actions-rs/toolchain@v1 - name: Install Rust
with: uses: dtolnay/rust-toolchain@stable
toolchain: stable
- name: Install python 3.10 - name: Install python 3.10
uses: actions/setup-python@v4 uses: actions/setup-python@v4

13
.github/workflows/rust_build.yml vendored
View file

@ -37,14 +37,5 @@ jobs:
libssl-dev \ libssl-dev \
libsqlite3-dev libsqlite3-dev
# - name: Install Rust - name: Run build
# uses: actions-rs/toolchain@v1 run: cargo build --verbose --workspace
# with:
# toolchain: stable
# override: true
# default: true
- name: Run tests
uses: actions-rs/cargo@v1
with:
command: build
args: --verbose

11
.github/workflows/rust_test.yml vendored
View file

@ -36,14 +36,5 @@ jobs:
libssl-dev \ libssl-dev \
libsqlite3-dev libsqlite3-dev
# - name: Install Rust
# uses: actions-rs/toolchain@v1
# with:
# toolchain: stable
# override: true
# default: true
- name: Run tests - name: Run tests
uses: actions-rs/cargo@v1 run: cargo test --release
with:
command: test
args: --release

14
.github/workflows/wasm_test.yml vendored
View file

@ -21,21 +21,11 @@ jobs:
libssl-dev \ libssl-dev \
libsqlite3-dev \ libsqlite3-dev \
pkg-config pkg-config
- name: Install Rust - name: Install Rust
uses: actions-rs/toolchain@v1 uses: dtolnay/rust-toolchain@stable
with:
toolchain: stable
components: cargo
default: true
override: true
# target: wasm32-unknown-unknown
- name: Install wasm-pack - name: Install wasm-pack
uses: actions-rs/cargo@v1 run: cargo install wasm-pack
with:
command: install
args: wasm-pack
# https://github.com/browser-actions/setup-chrome # https://github.com/browser-actions/setup-chrome
- name: Install Chrome Headless - name: Install Chrome Headless

30
.github/workflows/windows_build.yml vendored
View file

@ -18,18 +18,11 @@ jobs:
run: | run: |
vcpkg integrate install vcpkg integrate install
vcpkg install openssl:x64-windows-static-md vcpkg install openssl:x64-windows-static-md
- name: Install latest stable - name: Install Rust
uses: actions-rs/toolchain@v1 uses: dtolnay/rust-toolchain@stable
with:
toolchain: stable
default: true
override: true
components: cargo
- name: build - name: build
uses: actions-rs/cargo@v1 # yamllint disable-line rule:line-length
with: run: cargo build --release -p kanidm_client -p kanidm_tools -p orca -p daemon
command: build
args: --release -p kanidm_client -p kanidm_tools -p orca -p daemon
windows_test_kanidm: windows_test_kanidm:
runs-on: windows-latest runs-on: windows-latest
steps: steps:
@ -38,15 +31,8 @@ jobs:
run: | run: |
vcpkg integrate install vcpkg integrate install
vcpkg install openssl:x64-windows-static-md vcpkg install openssl:x64-windows-static-md
- name: Install latest stable - name: Install Rust
uses: actions-rs/toolchain@v1 uses: dtolnay/rust-toolchain@stable
with:
toolchain: stable
default: true
components: cargo
- name: Run cargo test - name: Run cargo test
uses: actions-rs/cargo@v1 # yamllint disable-line rule:line-length
with: run: cargo test -p kanidm_client -p kanidm_tools -p orca -p daemon -p kanidmd_core
command: test
# yamllint disable-line rule:line-length
args: -p kanidm_client -p kanidm_tools -p orca -p daemon -p kanidmd_core

8
Makefile
View file

@ -227,12 +227,10 @@ release/kanidm-unixd: ## Build the Kanidm UNIX tools - ensure you include the en
release/kanidm-unixd: release/kanidm-unixd:
cargo build -p pam_kanidm --release cargo build -p pam_kanidm --release
cargo build -p nss_kanidm --release cargo build -p nss_kanidm --release
cargo build --release \ cargo build --features unix -p kanidm_unix_int --release \
--bin kanidm_unixd \ --bin kanidm_unixd \
--bin kanidm_unixd_status \
--bin kanidm_unixd_tasks \ --bin kanidm_unixd_tasks \
--bin kanidm_cache_clear \ --bin kanidm_unixd_status
--bin kanidm_cache_invalidate
# cert things # cert things

8
platform/debian/kanidm-unixd/rules
View file

@ -72,14 +72,6 @@ override_dh_auto_install:
-g root -o root \ -g root -o root \
target/release/kanidm_unixd_tasks \ target/release/kanidm_unixd_tasks \
${BINDIR} ${BINDIR}
install \
-g root -o root \
target/release/kanidm_cache_clear \
${BINDIR}
install \
-g root -o root \
target/release/kanidm_cache_invalidate \
${BINDIR}
install \ install \
-g root -o root \ -g root -o root \
target/release/libpam_kanidm.so \ target/release/libpam_kanidm.so \

18
platform/debian/simple_pkg.sh
View file

@ -2,8 +2,8 @@
set -xe set -xe
## NOTE this is based on the Arch Linux PKGBUILD. It combines kanidm_tools, unixd and ssh ## NOTE this is based on the Arch Linux PKGBUILD. It combines kanidm_tools, unixd and ssh
# as well as the systemd services. This is a simple alternative for building a tarball for # as well as the systemd services. This is a simple alternative for building a tarball for
# use on debian based systems (tested on ubuntu 22.04). # use on debian based systems (tested on ubuntu 22.04).
pushd "$( dirname -- "$0"; )/../../" pushd "$( dirname -- "$0"; )/../../"
@ -20,20 +20,20 @@ if [ 1 -eq 0 ]; then
mkdir -p deployment-config mkdir -p deployment-config
# Customize the following heredocs according to the deployment # Customize the following heredocs according to the deployment
cat << EOF > deployment-config/config cat << EOF > deployment-config/config
uri = "https://idm.example.com" uri = "https://idm.example.com"
verify_ca = true verify_ca = true
verify_hostnames = true verify_hostnames = true
EOF EOF
cat << EOF > deployment-config/unixd cat << EOF > deployment-config/unixd
pam_allowed_login_groups = [""] pam_allowed_login_groups = [""]
EOF EOF
install -Dm644 deployment-config/config "${pkgdir}/etc/kanidm/config" install -Dm644 deployment-config/config "${pkgdir}/etc/kanidm/config"
install -Dm644 deployment-config/unixd "${pkgdir}/etc/kanidm/unixd" install -Dm644 deployment-config/unixd "${pkgdir}/etc/kanidm/unixd"
fi fi
# This is for allowing login via PAM. It needs to be enabled using `pam-auth-update` # This is for allowing login via PAM. It needs to be enabled using `pam-auth-update`
install -Dm644 platform/debian/kanidm-unixd/kanidm-unixd.pam "${pkgdir}/usr/share/pam-configs/kanidm-unixd" install -Dm644 platform/debian/kanidm-unixd/kanidm-unixd.pam "${pkgdir}/usr/share/pam-configs/kanidm-unixd"
@ -52,8 +52,6 @@ install -Dm755 target/release/libnss_kanidm.so "${pkgdir}/usr/lib/x86_64-linux-g
install -Dm755 target/release/libpam_kanidm.so "${pkgdir}/usr/lib/x86_64-linux-gnu/security/pam_kanidm.so" install -Dm755 target/release/libpam_kanidm.so "${pkgdir}/usr/lib/x86_64-linux-gnu/security/pam_kanidm.so"
# install kanidm unix utilities # install kanidm unix utilities
install -Dm755 target/release/kanidm_cache_clear "${pkgdir}/usr/local/sbin/kanidm_cache_clear"
install -Dm755 target/release/kanidm_cache_invalidate "${pkgdir}/usr/local/sbin/kanidm_cache_invalidate"
install -Dm755 target/release/kanidm_ssh_authorizedkeys "${pkgdir}/usr/local/sbin/kanidm_ssh_authorizedkeys" install -Dm755 target/release/kanidm_ssh_authorizedkeys "${pkgdir}/usr/local/sbin/kanidm_ssh_authorizedkeys"
install -Dm755 target/release/kanidm_ssh_authorizedkeys_direct "${pkgdir}/usr/local/sbin/kanidm_ssh_authorizedkeys_direct" install -Dm755 target/release/kanidm_ssh_authorizedkeys_direct "${pkgdir}/usr/local/sbin/kanidm_ssh_authorizedkeys_direct"
install -Dm755 target/release/kanidm_unixd "${pkgdir}/usr/local/sbin/kanidm_unixd" install -Dm755 target/release/kanidm_unixd "${pkgdir}/usr/local/sbin/kanidm_unixd"
@ -65,18 +63,16 @@ install -Dm644 target/release/build/completions/_kanidm_ssh_authorizedkeys_direc
install -Dm644 target/release/build/completions/_kanidm_cache_clear "${pkgdir}/usr/share/zsh/site-functions/_kanidm_cache_clear" install -Dm644 target/release/build/completions/_kanidm_cache_clear "${pkgdir}/usr/share/zsh/site-functions/_kanidm_cache_clear"
install -Dm644 target/release/build/completions/_kanidm_cache_invalidate "${pkgdir}/usr/share/zsh/site-functions/_kanidm_cache_invalidate" install -Dm644 target/release/build/completions/_kanidm_cache_invalidate "${pkgdir}/usr/share/zsh/site-functions/_kanidm_cache_invalidate"
install -Dm644 target/release/build/completions/_kanidm_ssh_authorizedkeys "${pkgdir}/usr/share/zsh/site-functions/_kanidm_ssh_authorizedkeys" install -Dm644 target/release/build/completions/_kanidm_ssh_authorizedkeys "${pkgdir}/usr/share/zsh/site-functions/_kanidm_ssh_authorizedkeys"
install -Dm644 target/release/build/completions/_kanidm_unixd_status "${pkgdir}/usr/share/zsh/site-functions/_kanidm_unixd_status"
install -Dm644 target/release/build/completions/kanidm_ssh_authorizedkeys_direct.bash "${pkgdir}/usr/share/bash-completion/completions/kanidm_ssh_authorizedkeys_direct.sh" install -Dm644 target/release/build/completions/kanidm_ssh_authorizedkeys_direct.bash "${pkgdir}/usr/share/bash-completion/completions/kanidm_ssh_authorizedkeys_direct.sh"
install -Dm644 target/release/build/completions/kanidm_cache_clear.bash "${pkgdir}/usr/share/bash-completion/completions/kanidm_cache_clear.sh" install -Dm644 target/release/build/completions/kanidm_cache_clear.bash "${pkgdir}/usr/share/bash-completion/completions/kanidm_cache_clear.sh"
install -Dm644 target/release/build/completions/kanidm_cache_invalidate.bash "${pkgdir}/usr/share/bash-completion/completions/kanidm_cache_invalidate.sh" install -Dm644 target/release/build/completions/kanidm_cache_invalidate.bash "${pkgdir}/usr/share/bash-completion/completions/kanidm_cache_invalidate.sh"
install -Dm644 target/release/build/completions/kanidm_ssh_authorizedkeys.bash "${pkgdir}/usr/share/bash-completion/completions/kanidm_ssh_authorizedkeys.sh" install -Dm644 target/release/build/completions/kanidm_ssh_authorizedkeys.bash "${pkgdir}/usr/share/bash-completion/completions/kanidm_ssh_authorizedkeys.sh"
install -Dm644 target/release/build/completions/kanidm_unixd_status.bash "${pkgdir}/usr/share/bash-completion/completions/kanidm_unixd_status.sh"
tar cvzf "kanidm-client-tools.tar.gz" -C "$pkgdir" . tar cvzf "kanidm-client-tools.tar.gz" -C "$pkgdir" .
# extract the package in root, enable and run the systemd services and then setup nsswitch according to the docs # extract the package in root, enable and run the systemd services and then setup nsswitch according to the docs
# and run pam-auth-update. You may also want to setup the ssh config. It's wise to leave a root console open until # and run pam-auth-update. You may also want to setup the ssh config. It's wise to leave a root console open until
# you've confirmed pam-auth-update worked so you don't lock yourself out. # you've confirmed pam-auth-update worked so you don't lock yourself out.
popd popd

2
tools/cli/Cargo.toml
View file

@ -37,7 +37,7 @@ futures-concurrency.workspace = true
libc.workspace = true libc.workspace = true
kanidm_client.workspace = true kanidm_client.workspace = true
kanidm_proto.workspace = true kanidm_proto.workspace = true
qrcode = { workspace = true, default-features = false } qrcode = { workspace = true }
rpassword.workspace = true rpassword.workspace = true
serde = { workspace = true, features = ["derive"] } serde = { workspace = true, features = ["derive"] }
serde_json.workspace = true serde_json.workspace = true

2
unix_integration/src/tasks_daemon.rs
View file

@ -217,7 +217,7 @@ async fn handle_tasks(stream: UnixStream, cfg: &KanidmUnixdConfig) {
} }
} }
#[tokio::main] #[tokio::main(flavor = "current_thread")]
async fn main() -> ExitCode { async fn main() -> ExitCode {
// let cuid = get_current_uid(); // let cuid = get_current_uid();
// let cgid = get_current_gid(); // let cgid = get_current_gid();