[autobackport: sssd-2-9-4] Use macro rather than shell expansion for string processing in spec file

[sssd-bot]

This is an automatic backport of PR#8511 Use macro rather than shell expansion for string processing in spec file to branch sssd-2-9-4, created by @nforro.

Caution

@nforro The patches did not apply cleanly. It is necessary to resolve conflicts before merging this pull request. Commits that introduced conflict are marked with CONFLICT!.

You can push changes to this pull request

git remote add sssd-bot git@github.com:sssd-bot/sssd.git
git fetch sssd-bot refs/heads/SSSD-sssd-backport-pr8511-to-sssd-2-9-4
git checkout SSSD-sssd-backport-pr8511-to-sssd-2-9-4
git push sssd-bot SSSD-sssd-backport-pr8511-to-sssd-2-9-4 --force

---

Original commits
f9697d4 - Use macro rather than shell expansion for string processing in spec file
caa0ec2 - Add a default for %samba_package_version

Backported commits

• 5249a0c - CONFLICT! Use macro rather than shell expansion for string processing in spec file
• 51dcdec - Add a default for %samba_package_version

Conflicting Files Information (check for deleted and re-added files)

• CONFLICT! Use macro rather than shell expansion for string processing in spec file

On branch SSSD-sssd-backport-pr8511-to-sssd-2-9-4
You are currently cherry-picking commit f9697d4ff.
  (fix conflicts and run "git cherry-pick --continue")
  (use "git cherry-pick --skip" to skip this patch)
  (use "git cherry-pick --abort" to cancel the cherry-pick operation)

Unmerged paths:
  (use "git add <file>..." to mark resolution)
	both modified:   contrib/sssd.spec.in

no changes added to commit (use "git add" and/or "git commit -a")

---

Original Pull Request Body

We've hardened security in Packit Service and shell expansions in spec files are now rejected as they can be used to execute arbitrary code. There is no need to use shell expansion for string processing, there is an existing macro for this very purpose.

[gemini-code-assist]

Code Review

The pull request aims to replace shell expansions with macros for string processing and adds a default for samba_package_version. The addition of the conditional block for samba_package_version is a good step towards robustness. However, the pull request contains an unresolved merge conflict in contrib/sssd.spec.in which needs to be addressed before merging.

[gemini-code-assist]

The file contrib/sssd.spec.in contains an unresolved merge conflict around the Version: definition. This conflict must be resolved before the pull request can be merged. Based on the pull request description, the intention is to replace shell expansion with a macro, so Version: %{gsub @PACKAGE_VERSION@ - ~} should be chosen.

Version: %{gsub @PACKAGE_VERSION@ - ~}