The Identity, Policy and Audit system
CentOS Sources
2017-08-01 8ec14dc11079a095c5f2874f98023a3508e0d46b
import ipa-4.5.0-21.el7
1 files added
1 files deleted
5 files modified
122 ■■■■ changed files
SOURCES/0204-replica-install-drop-in-IPA-specific-config-to-tmpfi.patch 34 ●●●●● patch | view | raw | blame | history
SOURCES/1001-Change-branding-to-IPA-and-Identity-Management.patch 4 ●●●● patch | view | raw | blame | history
SOURCES/1002-Package-copy-schema-to-ca.py.patch 2 ●●● patch | view | raw | blame | history
SOURCES/1003-Revert-Increased-mod_wsgi-socket-timeout.patch 2 ●●● patch | view | raw | blame | history
SOURCES/1004-Remove-csrgen.patch 2 ●●● patch | view | raw | blame | history
SOURCES/ipa-centos-branding.patch 38 ●●●●● patch | view | raw | blame | history
SPECS/ipa.spec 40 ●●●●● patch | view | raw | blame | history
SOURCES/0204-replica-install-drop-in-IPA-specific-config-to-tmpfi.patch
New file
@@ -0,0 +1,34 @@
From 9c70e00901ed1453767d085ea4c5496b2341c212 Mon Sep 17 00:00:00 2001
From: Martin Babinsky <mbabinsk@redhat.com>
Date: Tue, 11 Jul 2017 12:41:38 +0200
Subject: [PATCH] replica install: drop-in IPA specific config to tmpfiles.d
While server installation and upgrade code configures the IPA specific
tmpfiles location and creates relevant directories, the replica
installer code path is covered incompletely and one step is missing.
https://pagure.io/freeipa/issue/7053
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
---
 ipaserver/install/server/replicainstall.py | 3 +++
 1 file changed, 3 insertions(+)
diff --git a/ipaserver/install/server/replicainstall.py b/ipaserver/install/server/replicainstall.py
index 4f28de25bd0adf958187c19edf90de4ba57dd98e..814925de152809808f726c60ae7f35a24bc32a4a 100644
--- a/ipaserver/install/server/replicainstall.py
+++ b/ipaserver/install/server/replicainstall.py
@@ -1515,6 +1515,9 @@ def install(installer):
         # remove the extracted replica file
         remove_replica_info_dir(installer)
+    # Make sure the files we crated in /var/run are recreated at startup
+    tasks.configure_tmpfiles()
+
     # Everything installed properly, activate ipa service.
     services.knownservices.ipa.enable()
--
2.9.4
SOURCES/1001-Change-branding-to-IPA-and-Identity-Management.patch
@@ -1,4 +1,4 @@
From dd5b62fb629724f7fd96939684abf5a31769118c Mon Sep 17 00:00:00 2001
From f7b0cbd43590be6255d61b55cf6b06ffa3904e79 Mon Sep 17 00:00:00 2001
From: Jan Cholasta <jcholast@redhat.com>
Date: Tue, 14 Mar 2017 15:48:07 +0000
Subject: [PATCH] Change branding to IPA and Identity Management
@@ -982,7 +982,7 @@
     print("This includes:")
     if setup_ca:
diff --git a/ipaserver/install/server/replicainstall.py b/ipaserver/install/server/replicainstall.py
index 4f28de25bd0adf958187c19edf90de4ba57dd98e..3e3be75f09348639ed421cc67ca74ff2a71f9084 100644
index 814925de152809808f726c60ae7f35a24bc32a4a..05f263cd2b1c6a7cd9d21b0d9a076d32d241ab96 100644
--- a/ipaserver/install/server/replicainstall.py
+++ b/ipaserver/install/server/replicainstall.py
@@ -604,7 +604,7 @@ def check_domain_level_is_supported(current):
SOURCES/1002-Package-copy-schema-to-ca.py.patch
@@ -1,4 +1,4 @@
From 09e2d6fd7de45e19a108fd52fe443e1a87f790a5 Mon Sep 17 00:00:00 2001
From 9800e6fcc16455635e2d774a33009d6fb02646db Mon Sep 17 00:00:00 2001
From: Jan Cholasta <jcholast@redhat.com>
Date: Tue, 14 Mar 2017 16:07:15 +0000
Subject: [PATCH] Package copy-schema-to-ca.py
SOURCES/1003-Revert-Increased-mod_wsgi-socket-timeout.patch
@@ -1,4 +1,4 @@
From 9aa845931ac9e4571d5e301fbd262544f21b5196 Mon Sep 17 00:00:00 2001
From 1c88c60dd72621e77fc2605e6bd4d670a3d65b1d Mon Sep 17 00:00:00 2001
From: Jan Cholasta <jcholast@redhat.com>
Date: Wed, 22 Jun 2016 13:53:46 +0200
Subject: [PATCH] Revert "Increased mod_wsgi socket-timeout"
SOURCES/1004-Remove-csrgen.patch
@@ -1,4 +1,4 @@
From 3342ff9534bb477e49c8dbbc233f188fd74af040 Mon Sep 17 00:00:00 2001
From c211f36d3cc765379ff0ae324dfb052d7ce13b99 Mon Sep 17 00:00:00 2001
From: Jan Cholasta <jcholast@redhat.com>
Date: Thu, 16 Mar 2017 09:44:21 +0000
Subject: [PATCH] Remove csrgen
SOURCES/ipa-centos-branding.patch
File was deleted
SPECS/ipa.spec
@@ -68,7 +68,7 @@
Name:           ipa
Version:        %{IPA_VERSION}
Release:        20%{?dist}
Release:        21%{?dist}
Summary:        The Identity, Policy and Audit system
Group:          System Environment/Base
@@ -76,10 +76,10 @@
URL:            http://www.freeipa.org/
Source0:        https://releases.pagure.org/freeipa/freeipa-%{version}.tar.gz
# RHEL spec file only: START: Change branding to IPA and Identity Management
#Source1:        header-logo.png
#Source2:        login-screen-background.jpg
#Source3:        login-screen-logo.png
#Source4:        product-name.png
Source1:        header-logo.png
Source2:        login-screen-background.jpg
Source3:        login-screen-logo.png
Source4:        product-name.png
# RHEL spec file only: END: Change branding to IPA and Identity Management
BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -287,12 +287,12 @@
Patch0201:      0201-ipa-sam-replace-encode_nt_key-with-E_md4hash.patch
Patch0202:      0202-ipa_pwd_extop-do-not-generate-NT-hashes-in-FIPS-mode.patch
Patch0203:      0203-Make-sure-we-check-ccaches-in-all-rpcserver-paths.patch
Patch0204:      0204-replica-install-drop-in-IPA-specific-config-to-tmpfi.patch
Patch1001:      1001-Change-branding-to-IPA-and-Identity-Management.patch
Patch1002:      1002-Package-copy-schema-to-ca.py.patch
Patch1003:      1003-Revert-Increased-mod_wsgi-socket-timeout.patch
Patch1004:      1004-Remove-csrgen.patch
Patch1005:      ipa-centos-branding.patch
# RHEL spec file only: END
BuildRequires:  openldap-devel
@@ -664,11 +664,12 @@
Group: System Environment/Base
BuildArch: noarch
Requires: %{name}-server = %{version}-%{release}
Requires: bind-dyndb-ldap >= 11.1-1
Requires: bind >= 9.9.4-44
Requires: bind-utils >= 9.9.4-44
Requires: bind-pkcs11 >= 9.9.4-44
Requires: bind-pkcs11-utils >= 9.9.4-44
# bumped because of https://bugzilla.redhat.com/show_bug.cgi?id=1469480
Requires: bind-dyndb-ldap >= 11.1-4
Requires: bind >= 9.9.4-51
Requires: bind-utils >= 9.9.4-51
Requires: bind-pkcs11 >= 9.9.4-51
Requires: bind-pkcs11-utils >= 9.9.4-51
Requires: opendnssec >= 1.4.6-4
Provides: %{alt_name}-server-dns = %{version}
@@ -1086,10 +1087,10 @@
%endif # with_python3
# RHEL spec file only: START: Change branding to IPA and Identity Management
#cp %SOURCE1 install/ui/images/header-logo.png
#cp %SOURCE2 install/ui/images/login-screen-background.jpg
#cp %SOURCE3 install/ui/images/login-screen-logo.png
#cp %SOURCE4 install/ui/images/product-name.png
cp %SOURCE1 install/ui/images/header-logo.png
cp %SOURCE2 install/ui/images/login-screen-background.jpg
cp %SOURCE3 install/ui/images/login-screen-logo.png
cp %SOURCE4 install/ui/images/product-name.png
# RHEL spec file only: END: Change branding to IPA and Identity Management
@@ -1837,8 +1838,13 @@
%changelog
* Mon Jul 31 2017 CentOS Sources <bugs@centos.org> - 4.5.0-20.el7.centos
- Roll in CentOS Branding
* Wed Jul 12 2017 Pavel Vomacka <pvomacka@redhat.com> - 4.5.0-21.el7
- Resolves: #1470125 Replica install fails to configure IPA-specific
  temporary files/directories
  - replica install: drop-in IPA specific config to tmpfiles.d
- Resolves: #1469978 bind package is not automatically updated during
  ipa-server upgrade process
  - Bumped Required version of bind-dyndb-ldap and bind package
* Tue Jun 27 2017 Pavel Vomacka <pvomacka@redhat.com> - 4.5.0-20.el7
- Resolves: #1452216 Replica installation grants HTTP principal