From a267b8c3c4c97405fcb937a7617b1de45aa62218 Mon Sep 17 00:00:00 2001 From: Joerg Deckert Date: Mon, 24 Feb 2020 16:57:00 +0100 Subject: [PATCH] privacyidea: add letsencrypt, sudo ssh forward --- privacyidea/Makefile | 2 ++ privacyidea/make.conf | 2 +- privacyidea/package.use | 3 +++ privacyidea/world | 1 + 4 files changed, 7 insertions(+), 1 deletion(-) diff --git a/privacyidea/Makefile b/privacyidea/Makefile index c36b703..10b8f2d 100644 --- a/privacyidea/Makefile +++ b/privacyidea/Makefile @@ -19,6 +19,8 @@ postinstall: base/timesyncd.conf base/firstboot.start cp base/firstboot.start $(CHROOT)/etc/local.d/firstboot.start touch $(CHROOT)/firstboot sed -i 's/# %wheel ALL=(ALL) ALL/%wheel ALL=(ALL) ALL/' $(CHROOT)/etc/sudoers + sed -i 's#^auth.*$$#auth [success=2 default=ignore] pam_ssh_agent_auth.so file=~/.ssh/authorized_keys\nauth include system-auth#' $(CHROOT)/etc/pam.d/sudo + echo "Defaults env_keep += SSH_AUTH_SOCK" > $(CHROOT)/etc/sudoers.d/ssh_auth_sock $(inroot) useradd -m -G users,wheel -s /bin/bash --comment="virtual appliance admin" --uid 2000 admin $(inroot) passwd -d admin; $(inroot) passwd -e admin $(inroot) systemctl enable tmux@root.service diff --git a/privacyidea/make.conf b/privacyidea/make.conf index 3f309f0..b0d50bf 100644 --- a/privacyidea/make.conf +++ b/privacyidea/make.conf @@ -1,6 +1,6 @@ CFLAGS="-O2 -pipe" CXXFLAGS="-O2 -pipe" -USE="hardened justify pie ssp urandom xattr -fortran -jit -orc -pch -pic -prelink -profile -tcc" +USE="hardened justify pie ssp urandom xattr -fortran -pch -pic -prelink -profile -tcc" MAKEOPTS="-j5" PYTHON_TARGETS="python3_6" PYTHON_SINGLE_TARGET="python3_6" diff --git a/privacyidea/package.use b/privacyidea/package.use index 90a1d14..9c35d95 100644 --- a/privacyidea/package.use +++ b/privacyidea/package.use @@ -33,3 +33,6 @@ sci-libs/hdf5 -cxx -fortran -hl # RADIUS (ohne Samba kein rlm_mschap.so) net-dialup/freeradius kerberos ldap mysql -python samba net-fs/samba ads gnutls ldap winbind + +# LDAP +net-nds/openldap overlays perl sasl diff --git a/privacyidea/world b/privacyidea/world index 950a739..ad205d5 100644 --- a/privacyidea/world +++ b/privacyidea/world @@ -8,6 +8,7 @@ net-analyzer/zabbix sys-auth/pam_ssh_agent_auth sys-fs/mdadm sys-power/acpid +app-crypt/certbot-apache dev-db/mariadb www-apps/privacyidea www-apps/privacyideaadm