search

nginx-shib / nginx-http-shibboleth

Shibboleth auth request module for nginx
https://github.com/nginx-shib/nginx-http-shibboleth/wiki
Other
209 stars 27 forks source link

How to build the Shibboleth binaries #32

Closed cjbottaro closed 6 years ago

cjbottaro commented 6 years ago

Description of Issue/Question

How to build the fastcgi binaries?

Setup

I'm using Docker because I live in 2018.

# docker-compose.yml
version: "3"

services:

  3.0.2:
    image: ${AW_REGISTRY}/shibboleth-sp:3.0.2
    build:
      context: .
      args:
        SHIBBOLETH_SP_VERSION: 3.0.2
        LOG4SHIB_VERSION: 1.0.9
        XERCES_VERSION: 3.2.1
        XML_SECURITY_VERSION: 2.0.1
        XML_TOOLING_VERSION: 3.0.2
        OPEN_SAML_VERSION: 3.0.0

# Dockerfile
FROM ubuntu:16.04 as build

RUN apt-get update
RUN apt-get install -y build-essential libboost-dev libssl-dev libcurl4-openssl-dev pkg-config

ENV PKG_CONFIG_PATH /opt/shibboleth-sp/lib/pkgconfig/

ARG LOG4SHIB_VERSION
ADD log4shib-${LOG4SHIB_VERSION}.tar.gz /
WORKDIR /log4shib-${LOG4SHIB_VERSION}
RUN ./configure --disable-static --disable-doxygen --prefix=/opt/shibboleth-sp
RUN make
RUN make install

ARG XERCES_VERSION
ADD xerces-c-${XERCES_VERSION}.tar.gz /
WORKDIR /xerces-c-${XERCES_VERSION}
RUN ./configure --prefix=/opt/shibboleth-sp --disable-netaccessor-libcurl
RUN make
RUN make install

ARG XML_SECURITY_VERSION
ADD xml-security-c-${XML_SECURITY_VERSION}.tar.gz /
WORKDIR /xml-security-c-${XML_SECURITY_VERSION}
RUN ./configure --without-xalan --disable-static --prefix=/opt/shibboleth-sp
RUN make
RUN make install

ARG XML_TOOLING_VERSION
ADD xmltooling-${XML_TOOLING_VERSION}.tar.gz /
WORKDIR /xmltooling-${XML_TOOLING_VERSION}
RUN ./configure --with-log4shib=/opt/shibboleth-sp --prefix=/opt/shibboleth-sp -C
RUN make
RUN make install

ARG OPEN_SAML_VERSION
ADD opensaml-${OPEN_SAML_VERSION}.tar.gz /
WORKDIR /opensaml-${OPEN_SAML_VERSION}
RUN ./configure --with-log4shib=/opt/shibboleth-sp --prefix=/opt/shibboleth-sp -C
RUN make
RUN make install

ARG SHIBBOLETH_SP_VERSION
ADD shibboleth-sp-${SHIBBOLETH_SP_VERSION}.tar.gz /
WORKDIR /shibboleth-sp-${SHIBBOLETH_SP_VERSION}
RUN apt-get install -y libfcgi-dev
RUN ./configure --with-fastcgi=/opt/shibboleth/bin --with-log4shib=/opt/shibboleth-sp --prefix=/opt/shibboleth-sp
RUN make
RUN make install

Steps to Reproduce Issue

Run docker-compose build. The resulting image doesn't have shibauthorizer or shibresponder.

Versions and Systems

The docker-compose.yml and Dockerfile should provide everything needed.

Addition thoughts

I understand this isn't necessarily an nginx-http-shibboleth issue, but rather a generic Shibboleth build issue... but I can't get into my motives for posting here for fear of violating some Code of Conduct.

davidjb commented 6 years ago

This is out-of-scope for this repo (this is solely for the Nginx plugin), but fwiw, my RPM builds of v3 do build out the shibauthorizer and shibresponder binaries. There's a separate issue at work that breaks the RPM packaging in general (https://issues.shibboleth.net/jira/browse/SSPCPP-834), but the build does compile the FastCGI binaries. I know it isn't the same thing (RPM packaging vs manual build on Ubuntu) but you might be able to glean something out of the build config and spec file.

Otherwise, you'd have to look into the specifics of what happens when you run your Shibboleth configure and make commands to figure out what's going wrong and where.

On a related note, if you're interested, https://github.com/nginx-shib/shibboleth-fastcgi exists and uses Docker to (re)build Shibboleth packages with FastCGI support. It currently supports RPMs only because that's what I use, but PR are welcome if you wanted to contribute something like your Dockerfile above.