From 29ddd4b3466688b5cc310122c8f4570651b3920a Mon Sep 17 00:00:00 2001
From: Daniel J Walsh <dwalsh@redhat.com>
Date: Fri, 27 Aug 2021 08:15:56 -0400
Subject: [PATCH] Add support for libsubid

This will enable remote access to /etc/subuid and /etc/subgid
information from ldap services, if shadow-utils ships with a libsubid.

[NO TESTS NEEDED] Since we have no way to test this.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
---
 Makefile             |  2 +-
 hack/libsubid_tag.sh | 19 +++++++++++++++++++
 2 files changed, 20 insertions(+), 1 deletion(-)
 create mode 100755 hack/libsubid_tag.sh

diff --git a/Makefile b/Makefile
index b21e9deb8c..3214601b78 100644
--- a/Makefile
+++ b/Makefile
@@ -1,7 +1,7 @@
 export GOPROXY=https://proxy.golang.org
 
 APPARMORTAG := $(shell hack/apparmor_tag.sh)
-STORAGETAGS := $(shell ./btrfs_tag.sh) $(shell ./btrfs_installed_tag.sh) $(shell ./libdm_tag.sh)
+STORAGETAGS := $(shell ./btrfs_tag.sh) $(shell ./btrfs_installed_tag.sh) $(shell ./libdm_tag.sh) $(shell ./hack/libsubid_tag.sh)
 SECURITYTAGS ?= seccomp $(APPARMORTAG)
 TAGS ?= $(SECURITYTAGS) $(STORAGETAGS)
 BUILDTAGS += $(TAGS)
diff --git a/hack/libsubid_tag.sh b/hack/libsubid_tag.sh
new file mode 100755
index 0000000000..ab6af9e30d
--- /dev/null
+++ b/hack/libsubid_tag.sh
@@ -0,0 +1,19 @@
+#!/usr/bin/env bash
+if test $(${GO:-go} env GOOS) != "linux" ; then
+	exit 0
+fi
+tmpdir="$PWD/tmp.$RANDOM"
+mkdir -p "$tmpdir"
+trap 'rm -fr "$tmpdir"' EXIT
+cc -o "$tmpdir"/libsubid_tag -l subid -x c - > /dev/null 2> /dev/null << EOF
+#include <shadow/subid.h>
+int main() {
+	struct subid_range *ranges = NULL;
+	get_subuid_ranges("root", &ranges);
+	free(ranges);
+	return 0;
+}
+EOF
+if test $? -eq 0 ; then
+	echo libsubid
+fi