| Port details |
- sssd2 System Security Services Daemon
- 2.9.6_4 security
 =4      2.9.6_3Version of this port present on the latest quarterly branch. - Maintainer: jhixson@FreeBSD.org
- Port Added: 2024-02-12 01:18:46
- Last Update: 2025-06-30 15:00:39
- Commit Hash: 9eb3fb8
- People watching this port, also watch:: openldap26-server, tripwire, monit, softhsm2, nmap
- License: GPLv3+
- WWW:
- https://sssd.io/
- Description:
- This project provides a set of daemons to manage access to remote
directories and authentication mechanisms, it provides an NSS and
PAM interface toward the system and a pluggable backend system to
connect to multiple different account sources. It is also the
basis to provide client auditing and policy services for projects
like FreeIPA. sssd also features caching, which can allow for
offline use to assist laptop users.
  ¦  ¦  ¦  ¦ 
- Manual pages:
-
- pkg-plist: as obtained via:
make generate-plist - Dependency lines:
-
- Conflicts:
- CONFLICTS_INSTALL:
- To install the port:
- cd /usr/ports/security/sssd2/ && make install clean
- To add the package, run one of these commands:
- pkg install security/sssd2
- pkg install sssd2
NOTE: If this package has multiple flavors (see below), then use one of them instead of the name specified above.- PKGNAME: sssd2
- Flavors: there is no flavor information for this port.
- distinfo:
- TIMESTAMP = 1733536931
SHA256 (sssd-sssd-2.9.6_GH0.tar.gz) = 8fc927fe9d627fdbe84b701c94a6b7e739127f48289bd466e18260a567f62244
SIZE (sssd-sssd-2.9.6_GH0.tar.gz) = 6801499
Packages (timestamps in pop-ups are UTC):
- Dependencies
- NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.
- Build dependencies:
-
- py311-setuptools>0 : devel/py-setuptools@py311
- bash : shells/bash
- docbook-xsl>=1 : textproc/docbook-xsl
- p11-kit : security/p11-kit
- nsupdate : dns/bind-tools
- xmlcatalog : textproc/libxml2
- xmlcatmgr : textproc/xmlcatmgr
- xsltproc : textproc/libxslt
- gettext-runtime>=0.22_1 : devel/gettext-runtime
- msgfmt : devel/gettext-tools
- gmake>=4.4.1 : devel/gmake
- libkrb5support.so : security/krb5
- pkgconf>=1.3.0_1 : devel/pkgconf
- python3.11 : lang/python311
- autoconf>=2.72 : devel/autoconf
- automake>=1.17 : devel/automake
- libtoolize : devel/libtool
- Test dependencies:
-
- python3.11 : lang/python311
- Runtime dependencies:
-
- adcli : net-mgmt/adcli
- cyrus-sasl-gssapi>0 : security/cyrus-sasl2-gssapi
- libkrb5support.so : security/krb5
- python3.11 : lang/python311
- Library dependencies:
-
- libcares.so : dns/c-ares
- libcurl.so : ftp/curl
- libdbus-1.so : devel/dbus
- libdhash.so : devel/ding-libs
- libfido2.so : security/libfido2
- libinotify.so : devel/libinotify
- libjansson.so : devel/jansson
- libjose.so : net/jose
- libldb.so : databases/ldb25
- libndr-krb5pac.so : net/samba416
- libndr-nbt.so : net/samba416
- libndr-standard.so : net/samba416
- libndr.so : net/samba416
- libp11-kit.so : security/p11-kit
- libpcre2-8.so : devel/pcre2
- libpopt.so : devel/popt
- libsamba-util.so : net/samba416
- libsasl2.so : security/cyrus-sasl2
- libsmbclient.so : net/samba416
- libtalloc.so : devel/talloc
- libtdb.so : databases/tdb
- libtevent.so : devel/tevent
- libunistring.so : devel/libunistring
- libuuid.so : misc/libuuid
- libintl.so : devel/gettext-runtime
- libldap.so.2 : net/openldap26-client
- There are no ports dependent upon this port
Configuration Options:- No options to configure
- Options name:
- security_sssd2
- USES:
- autoreconf cpe gettext gmake gssapi:flags,mit iconv ldap libtool localbase:ldflags pathfix pkgconfig python:3.9+ samba:env shebangfix ssl
- pkg-message:
- For install:
- ================================================================================
Copy /usr/local/etc/sssd/sssd.conf.sample to /usr/local/etc/sssd/sssd.conf
and edit /usr/local/etc/sssd/sssd.conf (see man sssd.conf for details)
To load sssd at startup, add sssd_enable="YES" to /etc/rc.conf
To enable pam integration, add a line similar to the following to
/etc/pam.d/system:
login auth sufficient /usr/local/lib/pam_sss.so
To enable NSS integration, update /etc/nsswitch.conf as follows:
group: sss files
passwd: sss files
For additional details, please see the man pages for pam.conf and nsswitch.conf
An sssd HOWTO is also available:
https://fedorahosted.org/sssd/wiki/HOWTO_Configure_1_0_2
================================================================================
- Master Sites:
|
| Commit History - (may be incomplete: for full details, see links to repositories near top of page) |
| Commit | Credits | Log message |
|---|
2.9.6_4
30 Jun 2025 15:00:39
 |
Matthias Andree (mandree) |
*/*: Bump PORTREVISION after libuuid/libblkid switch
from e2fsprogs to util-linux, to complete the bump of all users
of either library that started with Alexander's commit titled
'*/*: Switch to misc/libuuid and misc/libblkid'
PR: 251489 |
2.9.6_3
30 Jun 2025 14:57:32
|
Matthias Andree (mandree)
Author: Alexander Shursha |
*/*: Switch to misc/libuuid and misc/libblkid
PR: 221293
PR: 251489
PR: 257070 |
2.9.6_3
19 Jun 2025 20:28:47
|
Charlie Li (vishwin) |
python.mk: rename PYTHON_EXT_SUFFIX to PYTHON_TAG, document, etc
EXT_SUFFIX, according to PEP 3149, refers to the full tag and
extension for compiled extension module objects, eg .cpython-311.so,
.cpython-313t.so, etc. We do not use the correct semantic meaning,
and this usage becomes ambiguous and confusing when tags do not
match between bytecode and compiled extension module objects.
Rename our PYTHON_EXT_SUFFIX to PYTHON_TAG to align with PEP 3147's
specification of a magic tag, which consists of implementation name
and shorthand version only. This is meant for bytecode and other
files containing this tag in their filename that do not depend on
a specific Python ABI for the same version. Chase all existing
consumers.
(Only the first 15 lines of the commit message are shown above  ) |
2.9.6_3
08 Mar 2025 14:05:10
|
Gleb Popov (arrowd) |
*: Bump revisions after dbus update
PR: 285253
Reported by: Martin Birgmeier <d8zNeCFG@aon.at> |
2.9.6_2
06 Feb 2025 05:01:53
|
Yasuhiro Kimura (yasu) |
*/*: Update ports so they use SAMBA_*_PORT variables in LIB_DEPENDS
* Update ports that work with Samba and depend on either of talloc,
tdb and tevent so they use SAMBA_*_PORT variables in LIB_DEPENDS.
* Bump PORTREVISION.
* While here, update WINBIND_CONFIGURE_ON in net/freeradius3/Makefile
so it uses SAMBA_INCLUDEDIR and SAMBA_LIBDIR.
Reviewed by: 0mp, kiwi
Differential Revision: https://reviews.freebsd.org/D48859 |
2.9.6_1
04 Feb 2025 17:59:22
|
Mark Johnston (markj) |
security/sssd2: Fix two bugs in the find_uid patch
The UID check was added in commit 9a40ff81f4ea ("security/sssd2:
Reimplement UID-finding using sysctl") and is supposed to exclude kernel
processes, retaining the behaviour of commit ee81c8e455ef
("security/sssd2: Add patch to enumerate UIDs").
However, it mistakenly skipped over processes with UID 0, which could
cause the lookup to fail. Fix the typo.
Also return success if the caller asked us to populate a table and no
entries were added. This matches the previous behaviour.
PR: 284089
Approved by: jhixson (maintainer timeout)
Reviewed by: arrowd
Sponsored by: Klara, Inc. |
2.9.6
07 Dec 2024 16:59:03
|
John Hixson (jhixson) |
security/sssd2: update to version 2.9.6 |
2.9.5_4
06 Dec 2024 20:48:44
|
John Hixson (jhixson) |
security/sssd2: bump port revision
Added patch for finding UIDs without using procfs
PR: 282469 |
2.9.5_3
06 Dec 2024 20:48:44
|
John Hixson (jhixson)
Author: Mark Johnston |
security/sssd2: Reimplement UID-finding using sysctl
This avoids a dependency on procfs or linprocfs, so makes sssd2
marginally more usable when using the krb5_store_password_if_offline
option.
Sponsored by: Klara, Inc.
Signed-off-by: John Hixson <jhixson@freebsd.org> |
2.9.5_3
16 Oct 2024 17:27:51
|
Gleb Popov (arrowd) |
security/sssd2: Assorted port cleanups
- Simplify depending on Kerberos
- - Do not use gssapi:bootstrap
- - Do not redefine variables already defined by USES
- - Instead of patching, pass the KRB5_CONFIG env var
- Trim unused dependencies
- Remove hunks from the configure.ac patch that aren't needed anymore
- Simplify SHEBANG_FILES
- No need to define LIB_DIRS, DEBUG_FLAGS and STRIP
- Bump PORTREVISION to catch possible regressions
Tested by: arrowd
Approved by: 0mp, jhixson
Pull Request: https://github.com/freebsd/freebsd-ports/pull/272
Sponsored by: Future Crew, LLC |
2.9.5_2
22 Aug 2024 09:28:26
|
Mateusz Piotrowski (0mp)
Author: Mark Johnston |
security/sssd*: Use an absolute path in sssd_prestart()
I believe this script worked by accident before.
PR: 279255
Approved by: maintainer
Sponsored by: Klara, Inc. |
2.9.5_1
21 Aug 2024 17:59:32
|
Mateusz Piotrowski (0mp) |
security/sssd2: Use SAMBA_PORT and SAMBA_LDB_PORT
security/sssd2 can depend on any Samba version we have in the ports
tree. However, having the exact version of Samba hardcoded in *_DEPENDS
variables makes it hard to use a non-default Samba version.
Let the port pick up the default Samba version (and its ldb port) via
samba.mk. Since net/samba416 is still the default, nothing really
changes for sssd2. However, users can now build sssd2 against
net/samba419 if they set DEFAULT_VERSIONS=samba=4.19.
PR: 278839 280774
Approved by: portmgr (infrastructure)
Sponsored by: Klara, Inc.
Co-authored-by: Xavier Beaudouin <kiwi@oav.net> |
2.9.5_1
16 Aug 2024 20:32:03
|
Mateusz Piotrowski (0mp)
Author: Xavier Beaudouin |
security/sssd2: Fix ldb dependency
net/samba416 uses databases/ldb25.
PR: 279401
Approved by: maintainer (jhixson)
Sponsored by: Klara, Inc. |
2.9.5
05 Jul 2024 12:32:24
|
John Hixson (jhixson) |
security/sssd: unbreak the port |
2.9.5
29 Jun 2024 05:02:34
|
Jason E. Hale (jhale) |
*/*: Add ${PY_SETUPTOOLS} to BUILD_DEPENDS
Fix build when setuptools is removed from RUN_DEPENDS in
Mk/Uses/python.mk.
PR: 270510
Approved by: portmgr (blanket) |
2.9.5
24 Jun 2024 15:31:54
|
John Hixson (jhixson) |
security/sssd2: Update to v2.9.5 |
2.9.4_6
24 Jun 2024 14:35:36
|
John Hixson (jhixson) |
security/sssd2: Add patch to enumerate UIDs
The legacy security/sssd port has a patch which lets one set
krb5_store_password_if_offline=True in a IPA provider configuration
block. The patch fixes some code which uses /proc to enumerate the UIDs
of logged-in users. Without the patch, if one has this configuration
variable set, sssd dies with an obscure error. This caused some pain
when a user was updating from sssd to sssd2.
Sponsored by: Serenity Cybersecurity, LLC
PR: 279255
Reported by: markj@freebsd.org, arrowd@freebsd.org
Obtained from: arrowd@freebsd.org |
2.9.4_5
07 Jun 2024 13:13:27
|
Gleb Popov (arrowd) |
security/sssd2: Use proper path to adcli and add RUN_DEPENDS on it
Sponsored by: Serenity Cybersecurity, LLC |
2.9.4_5
21 Mar 2024 20:23:00
|
Nuno Teixeira (eduardo) |
security/sssd2: Move man pages to share/man
Approved by: portmgr (blanket) |
2.9.4_4
28 Feb 2024 17:11:29
|
Renato Botelho (garga) |
security/sssd2: Fix circular dependency with sudo
Re-apply 2f448a87ed31 and remove sudo from the list of dependencies to
fix circular dependency issue when sudo is built with SSSD2 option.
Previous commit was made by dvl@ on now retired sssd-devel port.
PR: 277371
Reported by: Slawomir Wojciech Wojtczak <vermaden@interia.pl>
Sponsored by: Rubicon Communications, LLC ("Netgate") |
2.9.4_3
14 Feb 2024 14:37:27
|
Antoine Brodin (antoine) |
security/sssd2: fix PKGBASE collision |
2.9.4_3
12 Feb 2024 15:03:36
|
John Hixson (jhixson) |
security/sssd2: remove PKGNAMESUFFIX
- Remove "-devel" PKGNAMESUFFIX that I left over after rename |
2.9.4_2
12 Feb 2024 03:41:16
|
John Hixson (jhixson) |
security/sssd2: fix building on current |
2.9.4_1
12 Feb 2024 01:15:27
|
John Hixson (jhixson) |
security/sssd-devel: rename to security/sssd2
- Rename to avoid confusion, port is stable
- Update MOVED
- Update security/sssd/Makefile with name change |
As an Amazon Associate I earn from qualifying purchases.