From 0d6e37b199d4ebf871a7b19cd4d95c555aef95f8 Mon Sep 17 00:00:00 2001 From: David Mulder Date: Thu, 24 Oct 2024 13:40:58 -0600 Subject: [PATCH] Add RPM packaging for EL9 Signed-off-by: David Mulder --- Makefile | 14 ++++++++ images/rpm/Dockerfile.rocky9 | 63 ++++++++++++++++++++++++++++++++++ images/ubuntu/Dockerfile.22.04 | 2 +- images/ubuntu/Dockerfile.24.04 | 2 +- src/daemon/Cargo.toml | 28 +++++++++++++++ src/nss/Cargo.toml | 8 +++++ src/pam/Cargo.toml | 8 +++++ src/sshd-config/Cargo.toml | 10 ++++++ 8 files changed, 133 insertions(+), 2 deletions(-) create mode 100644 images/rpm/Dockerfile.rocky9 diff --git a/Makefile b/Makefile index 0b185324..ca870dca 100644 --- a/Makefile +++ b/Makefile @@ -55,6 +55,7 @@ else endif DOCKER := $(shell command -v podman || command -v docker) + deb: git submodule init; git submodule update for v in 22.04 24.04; do \ @@ -64,4 +65,17 @@ deb: mv ./target/debian/*.deb ./target/release/; \ done mv ./target/release/*.deb ./target/debian/ + +rpm: + git submodule init; git submodule update + for v in rocky9; do \ + echo "Building RPM $$v packages"; \ + $(DOCKER) build -t himmelblau-$$v-build -f images/rpm/Dockerfile.$$v .; \ + $(DOCKER) run --rm -it -v ./:/himmelblau himmelblau-$$v-build; \ + mv ./target/generate-rpm/*.rpm ./target/release/; \ + done + mv ./target/release/*.rpm ./target/generate-rpm/ + +package: deb rpm ls ./target/debian/*.deb + ls ./target/generate-rpm/*.rpm diff --git a/images/rpm/Dockerfile.rocky9 b/images/rpm/Dockerfile.rocky9 new file mode 100644 index 00000000..ea50e684 --- /dev/null +++ b/images/rpm/Dockerfile.rocky9 @@ -0,0 +1,63 @@ +# Use the official Rocky Linux 9 image as the base +FROM rockylinux:9 + +# Set environment variables for non-interactive installs +ENV YUM_VERSION=8 + +# Install epel-release (Extra Packages for Enterprise Linux) for utf8proc-devel +#RUN yum update -y && yum install -y epel-release + +# Install essential build dependencies +RUN yum update -y && yum install -y \ + wget \ + git \ + gcc \ + gcc-c++ \ + make \ + openssl-devel \ + dbus-devel \ + libtool \ + pkgconfig \ + autoconf \ + pam-devel \ + systemd-devel \ + libcap-devel \ + krb5-devel \ + pcre2-devel \ + clang \ + gettext \ + sqlite-devel \ + utf8proc \ + && yum clean all + +# Fetch the utf8proc sources, since EL9 doesn't package the headers +RUN if ! rpm -q utf8proc; then \ + echo "utf8proc is not installed."; \ + exit 1; \ + else \ + VERSION=$(rpm -q --queryformat '%{VERSION}' utf8proc); \ + echo "Installed utf8proc version: $VERSION"; \ + wget https://github.com/JuliaStrings/utf8proc/archive/refs/tags/v$VERSION.tar.gz -O utf8proc-$VERSION.tar.gz; \ + fi && \ + mkdir -p utf8proc-rocky9 && \ + tar -xvf utf8proc-$VERSION.tar.gz -C utf8proc-rocky9 --strip-components=1 && \ + cd utf8proc-rocky9 && \ + make && \ + make install + +# Install Rust (latest stable) +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y + +# Set environment for Rust +ENV PATH="/root/.cargo/bin:${PATH}" + +VOLUME /himmelblau + +# Change directory to the repository +WORKDIR /himmelblau + +# Install the cargo-deb tool +RUN cargo install cargo-generate-rpm + +# Build the project and create the .deb package +CMD cargo clean && cargo build --release && strip -s target/release/*.so && strip -s target/release/aad-tool && strip -s target/release/himmelblaud && strip -s target/release/himmelblaud_tasks && strip -s target/release/broker && cargo generate-rpm -p src/daemon && cargo generate-rpm -p src/nss && cargo generate-rpm -p src/pam && cargo generate-rpm -p src/sshd-config diff --git a/images/ubuntu/Dockerfile.22.04 b/images/ubuntu/Dockerfile.22.04 index cc671e16..ced54235 100644 --- a/images/ubuntu/Dockerfile.22.04 +++ b/images/ubuntu/Dockerfile.22.04 @@ -49,4 +49,4 @@ WORKDIR /himmelblau RUN cargo install cargo-deb # Build the project and create the .deb package -CMD cargo deb --deb-revision=ubuntu22.04 -p himmelblaud && cargo deb --deb-revision=ubuntu22.04 -p nss_himmelblau && cargo deb --deb-revision=ubuntu22.04 -p pam_himmelblau && cargo deb --deb-revision=ubuntu22.04 -p sshd-config +CMD cargo clean && cargo deb --deb-revision=ubuntu22.04 -p himmelblaud && cargo deb --deb-revision=ubuntu22.04 -p nss_himmelblau && cargo deb --deb-revision=ubuntu22.04 -p pam_himmelblau && cargo deb --deb-revision=ubuntu22.04 -p sshd-config diff --git a/images/ubuntu/Dockerfile.24.04 b/images/ubuntu/Dockerfile.24.04 index fbef69ce..19201cda 100644 --- a/images/ubuntu/Dockerfile.24.04 +++ b/images/ubuntu/Dockerfile.24.04 @@ -49,4 +49,4 @@ WORKDIR /himmelblau RUN cargo install cargo-deb # Build the project and create the .deb package -CMD cargo deb --deb-revision=ubuntu24.04 -p himmelblaud && cargo deb --deb-revision=ubuntu24.04 -p nss_himmelblau && cargo deb --deb-revision=ubuntu24.04 -p pam_himmelblau && cargo deb --deb-revision=ubuntu24.04 -p sshd-config +CMD cargo clean && cargo deb --deb-revision=ubuntu24.04 -p himmelblaud && cargo deb --deb-revision=ubuntu24.04 -p nss_himmelblau && cargo deb --deb-revision=ubuntu24.04 -p pam_himmelblau && cargo deb --deb-revision=ubuntu24.04 -p sshd-config diff --git a/src/daemon/Cargo.toml b/src/daemon/Cargo.toml index 4a923c99..9fc96a64 100644 --- a/src/daemon/Cargo.toml +++ b/src/daemon/Cargo.toml @@ -60,3 +60,31 @@ assets = [ ["target/release/broker", "usr/sbin/", "755"], ["../../README.md", "usr/share/doc/himmelblau/README", "644"], ] + +[package.metadata.generate-rpm] +name = "himmelblau" +maintainer = "David Mulder " +assets = [ + { source = "../../src/config/himmelblau.conf.example", dest = "/etc/himmelblau/himmelblau.conf", mode = "644" }, + { source = "target/release/aad-tool", dest = "/usr/bin/", mode = "755" }, + { source = "../../platform/opensuse/himmelblaud-tasks.service", dest = "/usr/lib/systemd/system", mode = "644" }, + { source = "../../platform/opensuse/himmelblaud.service", dest = "/usr/lib/systemd/system", mode = "644" }, + { source = "../../platform/opensuse/org.samba.himmelblau.conf", dest = "/usr/share/dbus-1/system.d/", mode = "644" }, + { source = "../../platform/opensuse/com.microsoft.identity.broker1.service", dest = "/usr/share/dbus-1/services/", mode = "644" }, + { source = "target/release/himmelblaud", dest = "/usr/sbin/", mode = "755" }, + { source = "target/release/himmelblaud_tasks", dest = "/usr/sbin/", mode = "755" }, + { source = "target/release/broker", dest = "/usr/sbin/", mode = "755" }, + { source = "../../README.md", dest = "/usr/share/doc/himmelblau/README", mode = "644" }, +] + +[package.metadata.generate-rpm.requires] +openssl-3 = "*" +sqlite3 = "*" + +[package.metadata.generate-rpm.recommends] +nss-himmelblau = "*" +pam-himmelblau = "*" +# These are labeled as recommends so there isn't a hard failure. SUSE uses +# 'libutf8proc3', while EL uses 'utf8proc3'. One of these two is required. +utf8proc3 = "*" +libutf8proc3 = "*" diff --git a/src/nss/Cargo.toml b/src/nss/Cargo.toml index b6ff3c78..4a16f58e 100644 --- a/src/nss/Cargo.toml +++ b/src/nss/Cargo.toml @@ -1,5 +1,6 @@ [package] name = "nss_himmelblau" +description = "Himmelblau NSS Module" version = { workspace = true } authors = { workspace = true } @@ -28,3 +29,10 @@ maintainer = "David Mulder " assets = [ ["target/release/libnss_himmelblau.so", "usr/lib/x86_64-linux-gnu/libnss_himmelblau.so.2", "755"], ] + +[package.metadata.generate-rpm] +name = "nss-himmelblau" +maintainer = "David Mulder " +assets = [ + { source = "target/release/libnss_himmelblau.so", dest = "/usr/lib64/libnss_himmelblau.so.2", mode = "755" }, +] diff --git a/src/pam/Cargo.toml b/src/pam/Cargo.toml index d123d5b0..be05c77d 100644 --- a/src/pam/Cargo.toml +++ b/src/pam/Cargo.toml @@ -1,5 +1,6 @@ [package] name = "pam_himmelblau" +description = "Himmelblau PAM Module" links = "pam" version.workspace = true @@ -33,3 +34,10 @@ assets = [ ["../../platform/debian/apparmor.unix-chkpwd.local", "etc/apparmor.d/local/unix-chkpwd", "644"], ] maintainer-scripts = "../../platform/debian/scripts" + +[package.metadata.generate-rpm] +name = "pam-himmelblau" +maintainer = "David Mulder " +assets = [ + { source = "target/release/libpam_himmelblau.so", dest = "/usr/lib64/security/pam_himmelblau.so", mode = "755" }, +] diff --git a/src/sshd-config/Cargo.toml b/src/sshd-config/Cargo.toml index 8f469d8c..ed30fdfe 100644 --- a/src/sshd-config/Cargo.toml +++ b/src/sshd-config/Cargo.toml @@ -1,5 +1,6 @@ [package] name = "sshd-config" +description = "Himmelblau Required SSHD Configuration" version.workspace = true authors.workspace = true rust-version.workspace = true @@ -17,3 +18,12 @@ depends = ["openssh-server"] assets = [ ["../../platform/debian/sshd_config", "etc/ssh/sshd_config.d/himmelblau.conf", "644"], ] + +[package.metadata.generate-rpm] +name = "himmelblau-sshd-config" +assets = [ + { source = "../../platform/debian/sshd_config", dest = "/etc/ssh/sshd_config.d/himmelblau.conf", mode = "644" }, +] + +[package.metadata.generate-rpm.requires] +sshd = "*"