-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathstatic-subid.spec
More file actions
97 lines (73 loc) · 2.78 KB
/
static-subid.spec
File metadata and controls
97 lines (73 loc) · 2.78 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
Name: static-subid
Version: 0.1.0
Release: %autorelease
# Only the test_framework is CC-PDDC
License: BSD-3-Clause and CC-PDDC
URL: https://github.com/fermitools/%{name}
Source0: %{url}/archive/%{version}/%{name}-%{version}.tar.gz
BuildRequires: redhat-rpm-config systemd-rpm-macros
BuildRequires: cmake >= 3.21
BuildRequires: gcc
BuildRequires: (rubygem-asciidoctor or asciidoc )
Requires: shadow-utils
Summary: Assign deterministic subordinate UID/GID ranges
%description
static-subid is a small utility to generate predictable subordinate UID and GID ranges for Linux users, avoiding the default dynamic allocation behavior used by many systems.
This can be useful when you need consistent UID/GID mappings across multiple systems (for example in identity-mapped rootless containers or reproducible user namespace setups).
Subordinate IDs are used by user namespaces to map container UIDs/GIDs back to host IDs. By making selections deterministic, you avoid unpredictable or overlapping ranges between hosts.
%package systemd
Requires: %{name} = %{version}-%{release}
Requires: systemd
Enhances: %{name}
Summary: Systemd integration for static-subid
BuildArch: noarch
%description systemd
Provides a systemd service to generate subids for a username
%package systemd-user-permit
Requires: %{name}-systemd = %{version}-%{release}
Requires: systemd
Enhances: %{name}-systemd
Summary: Systemd user integration for static-subid
BuildArch: noarch
%description systemd-user-permit
Provides a set of user-scoped systemd services that automatically allow a non-root user to ensure their own subid ranges are correctly configured.
%prep
%autosetup
%build
%cmake -DVERSION=%{version} \
-DBUILD_TESTING=ON \
-DCMAKE_INSTALL_SYSTEMD_UNITDIR=%{_unitdir} \
-DCMAKE_INSTALL_SYSTEMD_USERUNITDIR=%{_userunitdir} \
-DCMAKE_INSTALL_POLKIT_RULESDIR=%{_datarootdir}/polkit-1/rules.d
%cmake_build
%install
%cmake_install
%check
%ctest --output-on-failure
%files
%license LICENSE
%doc %{_mandir}
%config(noreplace) %{_sysconfdir}/%{name}/%{name}.conf
%dir %{_sysconfdir}/%{name}/%{name}.conf.d
%attr(0755,root,root) %{_libexecdir}/%{name}
%files systemd
%doc docs/README.systemd
%{_unitdir}/static-subid@.service
%post systemd
%systemd_post static-subid@.service
%preun systemd
%systemd_preun static-subid@.service
%postun systemd
%systemd_postun_with_restart static-subid@.service
%files systemd-user-permit
%doc docs/README.systemd
%{_userunitdir}/setup-static-subid.service
%{_datarootdir}/polkit-1/rules.d/50-static-subid.rules
%post systemd-user-permit
%systemd_post_user setup-static-subid.service
%preun systemd-user-permit
%systemd_preun_user setup-static-subid.service
%postun systemd-user-permit
%systemd_postun_user setup-static-subid.service
%changelog
%autochangelog