rpms/ipa.git - git.centos.org

parent: 0c092f4e | patch | commit | ignore whitespace

CentOS Sources

2017-08-01 8ec14dc11079a095c5f2874f98023a3508e0d46b

import ipa-4.5.0-21.el7

1 files added

1 files deleted

5 files modified

	SOURCES/0204-replica-install-drop-in-IPA-specific-config-to-tmpfi.patch	34 ●●●●● patch \| view \| raw \| blame \| history
	SOURCES/1001-Change-branding-to-IPA-and-Identity-Management.patch	4 ●●●●● patch \| view \| raw \| blame \| history
	SOURCES/1002-Package-copy-schema-to-ca.py.patch	2 ●●●●● patch \| view \| raw \| blame \| history
	SOURCES/1003-Revert-Increased-mod_wsgi-socket-timeout.patch	2 ●●●●● patch \| view \| raw \| blame \| history
	SOURCES/1004-Remove-csrgen.patch	2 ●●●●● patch \| view \| raw \| blame \| history
	SOURCES/ipa-centos-branding.patch	38 ●●●●● patch \| view \| raw \| blame \| history
	SPECS/ipa.spec	40 ●●●●● patch \| view \| raw \| blame \| history

 SOURCES/0204-replica-install-drop-in-IPA-specific-config-to-tmpfi.patch

New file
@@ -0,0 +1,34 @@
From 9c70e00901ed1453767d085ea4c5496b2341c212 Mon Sep 17 00:00:00 2001
From: Martin Babinsky <mbabinsk@redhat.com>
Date: Tue, 11 Jul 2017 12:41:38 +0200
Subject: [PATCH] replica install: drop-in IPA specific config to tmpfiles.d

While server installation and upgrade code configures the IPA specific
tmpfiles location and creates relevant directories, the replica
installer code path is covered incompletely and one step is missing.

https://pagure.io/freeipa/issue/7053

Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
---
 ipaserver/install/server/replicainstall.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/ipaserver/install/server/replicainstall.py b/ipaserver/install/server/replicainstall.py
index 4f28de25bd0adf958187c19edf90de4ba57dd98e..814925de152809808f726c60ae7f35a24bc32a4a 100644
--- a/ipaserver/install/server/replicainstall.py
+++ b/ipaserver/install/server/replicainstall.py
@@ -1515,6 +1515,9 @@ def install(installer):
         # remove the extracted replica file
         remove_replica_info_dir(installer)
 
+    # Make sure the files we crated in /var/run are recreated at startup
+    tasks.configure_tmpfiles()
+
     # Everything installed properly, activate ipa service.
     services.knownservices.ipa.enable()
 
-- 
2.9.4


 SOURCES/1001-Change-branding-to-IPA-and-Identity-Management.patch

@@ -1,4 +1,4 @@
From dd5b62fb629724f7fd96939684abf5a31769118c Mon Sep 17 00:00:00 2001
From f7b0cbd43590be6255d61b55cf6b06ffa3904e79 Mon Sep 17 00:00:00 2001
From: Jan Cholasta <jcholast@redhat.com>
Date: Tue, 14 Mar 2017 15:48:07 +0000
Subject: [PATCH] Change branding to IPA and Identity Management
@@ -982,7 +982,7 @@
     print("This includes:")
     if setup_ca:
diff --git a/ipaserver/install/server/replicainstall.py b/ipaserver/install/server/replicainstall.py
index 4f28de25bd0adf958187c19edf90de4ba57dd98e..3e3be75f09348639ed421cc67ca74ff2a71f9084 100644
index 814925de152809808f726c60ae7f35a24bc32a4a..05f263cd2b1c6a7cd9d21b0d9a076d32d241ab96 100644
--- a/ipaserver/install/server/replicainstall.py
+++ b/ipaserver/install/server/replicainstall.py
@@ -604,7 +604,7 @@ def check_domain_level_is_supported(current):

 SOURCES/1002-Package-copy-schema-to-ca.py.patch

@@ -1,4 +1,4 @@
From 09e2d6fd7de45e19a108fd52fe443e1a87f790a5 Mon Sep 17 00:00:00 2001
From 9800e6fcc16455635e2d774a33009d6fb02646db Mon Sep 17 00:00:00 2001
From: Jan Cholasta <jcholast@redhat.com>
Date: Tue, 14 Mar 2017 16:07:15 +0000
Subject: [PATCH] Package copy-schema-to-ca.py

 SOURCES/1003-Revert-Increased-mod_wsgi-socket-timeout.patch

@@ -1,4 +1,4 @@
From 9aa845931ac9e4571d5e301fbd262544f21b5196 Mon Sep 17 00:00:00 2001
From 1c88c60dd72621e77fc2605e6bd4d670a3d65b1d Mon Sep 17 00:00:00 2001
From: Jan Cholasta <jcholast@redhat.com>
Date: Wed, 22 Jun 2016 13:53:46 +0200
Subject: [PATCH] Revert "Increased mod_wsgi socket-timeout"

 SOURCES/1004-Remove-csrgen.patch

@@ -1,4 +1,4 @@
From 3342ff9534bb477e49c8dbbc233f188fd74af040 Mon Sep 17 00:00:00 2001
From c211f36d3cc765379ff0ae324dfb052d7ce13b99 Mon Sep 17 00:00:00 2001
From: Jan Cholasta <jcholast@redhat.com>
Date: Thu, 16 Mar 2017 09:44:21 +0000
Subject: [PATCH] Remove csrgen

 SOURCES/ipa-centos-branding.patch

File was deleted

 SPECS/ipa.spec

@@ -68,7 +68,7 @@

Name:           ipa
Version:        %{IPA_VERSION}
Release:        20%{?dist}
Release:        21%{?dist}
Summary:        The Identity, Policy and Audit system

Group:          System Environment/Base
@@ -76,10 +76,10 @@
URL:            http://www.freeipa.org/
Source0:        https://releases.pagure.org/freeipa/freeipa-%{version}.tar.gz
# RHEL spec file only: START: Change branding to IPA and Identity Management
#Source1:        header-logo.png
#Source2:        login-screen-background.jpg
#Source3:        login-screen-logo.png
#Source4:        product-name.png
Source1:        header-logo.png
Source2:        login-screen-background.jpg
Source3:        login-screen-logo.png
Source4:        product-name.png
# RHEL spec file only: END: Change branding to IPA and Identity Management
BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)

@@ -287,12 +287,12 @@
Patch0201:      0201-ipa-sam-replace-encode_nt_key-with-E_md4hash.patch
Patch0202:      0202-ipa_pwd_extop-do-not-generate-NT-hashes-in-FIPS-mode.patch
Patch0203:      0203-Make-sure-we-check-ccaches-in-all-rpcserver-paths.patch
Patch0204:      0204-replica-install-drop-in-IPA-specific-config-to-tmpfi.patch

Patch1001:      1001-Change-branding-to-IPA-and-Identity-Management.patch
Patch1002:      1002-Package-copy-schema-to-ca.py.patch
Patch1003:      1003-Revert-Increased-mod_wsgi-socket-timeout.patch
Patch1004:      1004-Remove-csrgen.patch
Patch1005:      ipa-centos-branding.patch
# RHEL spec file only: END

BuildRequires:  openldap-devel
@@ -664,11 +664,12 @@
Group: System Environment/Base
BuildArch: noarch
Requires: %{name}-server = %{version}-%{release}
Requires: bind-dyndb-ldap >= 11.1-1
Requires: bind >= 9.9.4-44
Requires: bind-utils >= 9.9.4-44
Requires: bind-pkcs11 >= 9.9.4-44
Requires: bind-pkcs11-utils >= 9.9.4-44
# bumped because of https://bugzilla.redhat.com/show_bug.cgi?id=1469480
Requires: bind-dyndb-ldap >= 11.1-4
Requires: bind >= 9.9.4-51
Requires: bind-utils >= 9.9.4-51
Requires: bind-pkcs11 >= 9.9.4-51
Requires: bind-pkcs11-utils >= 9.9.4-51
Requires: opendnssec >= 1.4.6-4

Provides: %{alt_name}-server-dns = %{version}
@@ -1086,10 +1087,10 @@
%endif # with_python3

# RHEL spec file only: START: Change branding to IPA and Identity Management
#cp %SOURCE1 install/ui/images/header-logo.png
#cp %SOURCE2 install/ui/images/login-screen-background.jpg
#cp %SOURCE3 install/ui/images/login-screen-logo.png
#cp %SOURCE4 install/ui/images/product-name.png
cp %SOURCE1 install/ui/images/header-logo.png
cp %SOURCE2 install/ui/images/login-screen-background.jpg
cp %SOURCE3 install/ui/images/login-screen-logo.png
cp %SOURCE4 install/ui/images/product-name.png
# RHEL spec file only: END: Change branding to IPA and Identity Management


@@ -1837,8 +1838,13 @@


%changelog
* Mon Jul 31 2017 CentOS Sources <bugs@centos.org> - 4.5.0-20.el7.centos
- Roll in CentOS Branding
* Wed Jul 12 2017 Pavel Vomacka <pvomacka@redhat.com> - 4.5.0-21.el7
- Resolves: #1470125 Replica install fails to configure IPA-specific
  temporary files/directories
  - replica install: drop-in IPA specific config to tmpfiles.d
- Resolves: #1469978 bind package is not automatically updated during
  ipa-server upgrade process
  - Bumped Required version of bind-dyndb-ldap and bind package

* Tue Jun 27 2017 Pavel Vomacka <pvomacka@redhat.com> - 4.5.0-20.el7
- Resolves: #1452216 Replica installation grants HTTP principal

New file
			@@ -0,0 +1,34 @@
			From 9c70e00901ed1453767d085ea4c5496b2341c212 Mon Sep 17 00:00:00 2001
			From: Martin Babinsky <mbabinsk@redhat.com>
			Date: Tue, 11 Jul 2017 12:41:38 +0200
			Subject: [PATCH] replica install: drop-in IPA specific config to tmpfiles.d

			While server installation and upgrade code configures the IPA specific
			tmpfiles location and creates relevant directories, the replica
			installer code path is covered incompletely and one step is missing.

			https://pagure.io/freeipa/issue/7053

			Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
			Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
			---
			ipaserver/install/server/replicainstall.py \| 3 +++
			1 file changed, 3 insertions(+)

			diff --git a/ipaserver/install/server/replicainstall.py b/ipaserver/install/server/replicainstall.py
			index 4f28de25bd0adf958187c19edf90de4ba57dd98e..814925de152809808f726c60ae7f35a24bc32a4a 100644
			--- a/ipaserver/install/server/replicainstall.py
			+++ b/ipaserver/install/server/replicainstall.py
			@@ -1515,6 +1515,9 @@ def install(installer):
			# remove the extracted replica file
			remove_replica_info_dir(installer)

			+ # Make sure the files we crated in /var/run are recreated at startup
			+ tasks.configure_tmpfiles()
			+
			# Everything installed properly, activate ipa service.
			services.knownservices.ipa.enable()

			--
			2.9.4

			@@ -1,4 +1,4 @@
			From dd5b62fb629724f7fd96939684abf5a31769118c Mon Sep 17 00:00:00 2001
			From f7b0cbd43590be6255d61b55cf6b06ffa3904e79 Mon Sep 17 00:00:00 2001
			From: Jan Cholasta <jcholast@redhat.com>
			Date: Tue, 14 Mar 2017 15:48:07 +0000
			Subject: [PATCH] Change branding to IPA and Identity Management
			@@ -982,7 +982,7 @@
			print("This includes:")
			if setup_ca:
			diff --git a/ipaserver/install/server/replicainstall.py b/ipaserver/install/server/replicainstall.py
			index 4f28de25bd0adf958187c19edf90de4ba57dd98e..3e3be75f09348639ed421cc67ca74ff2a71f9084 100644
			index 814925de152809808f726c60ae7f35a24bc32a4a..05f263cd2b1c6a7cd9d21b0d9a076d32d241ab96 100644
			--- a/ipaserver/install/server/replicainstall.py
			+++ b/ipaserver/install/server/replicainstall.py
			@@ -604,7 +604,7 @@ def check_domain_level_is_supported(current):

			@@ -1,4 +1,4 @@
			From 09e2d6fd7de45e19a108fd52fe443e1a87f790a5 Mon Sep 17 00:00:00 2001
			From 9800e6fcc16455635e2d774a33009d6fb02646db Mon Sep 17 00:00:00 2001
			From: Jan Cholasta <jcholast@redhat.com>
			Date: Tue, 14 Mar 2017 16:07:15 +0000
			Subject: [PATCH] Package copy-schema-to-ca.py

			@@ -1,4 +1,4 @@
			From 9aa845931ac9e4571d5e301fbd262544f21b5196 Mon Sep 17 00:00:00 2001
			From 1c88c60dd72621e77fc2605e6bd4d670a3d65b1d Mon Sep 17 00:00:00 2001
			From: Jan Cholasta <jcholast@redhat.com>
			Date: Wed, 22 Jun 2016 13:53:46 +0200
			Subject: [PATCH] Revert "Increased mod_wsgi socket-timeout"

			@@ -1,4 +1,4 @@
			From 3342ff9534bb477e49c8dbbc233f188fd74af040 Mon Sep 17 00:00:00 2001
			From c211f36d3cc765379ff0ae324dfb052d7ce13b99 Mon Sep 17 00:00:00 2001
			From: Jan Cholasta <jcholast@redhat.com>
			Date: Thu, 16 Mar 2017 09:44:21 +0000
			Subject: [PATCH] Remove csrgen

			@@ -68,7 +68,7 @@

			Name: ipa
			Version: %{IPA_VERSION}
			Release: 20%{?dist}
			Release: 21%{?dist}
			Summary: The Identity, Policy and Audit system

			Group: System Environment/Base
			@@ -76,10 +76,10 @@
			URL: http://www.freeipa.org/
			Source0: https://releases.pagure.org/freeipa/freeipa-%{version}.tar.gz
			# RHEL spec file only: START: Change branding to IPA and Identity Management
			#Source1: header-logo.png
			#Source2: login-screen-background.jpg
			#Source3: login-screen-logo.png
			#Source4: product-name.png
			Source1: header-logo.png
			Source2: login-screen-background.jpg
			Source3: login-screen-logo.png
			Source4: product-name.png
			# RHEL spec file only: END: Change branding to IPA and Identity Management
			BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)

			@@ -287,12 +287,12 @@
			Patch0201: 0201-ipa-sam-replace-encode_nt_key-with-E_md4hash.patch
			Patch0202: 0202-ipa_pwd_extop-do-not-generate-NT-hashes-in-FIPS-mode.patch
			Patch0203: 0203-Make-sure-we-check-ccaches-in-all-rpcserver-paths.patch
			Patch0204: 0204-replica-install-drop-in-IPA-specific-config-to-tmpfi.patch

			Patch1001: 1001-Change-branding-to-IPA-and-Identity-Management.patch
			Patch1002: 1002-Package-copy-schema-to-ca.py.patch
			Patch1003: 1003-Revert-Increased-mod_wsgi-socket-timeout.patch
			Patch1004: 1004-Remove-csrgen.patch
			Patch1005: ipa-centos-branding.patch
			# RHEL spec file only: END

			BuildRequires: openldap-devel
			@@ -664,11 +664,12 @@
			Group: System Environment/Base
			BuildArch: noarch
			Requires: %{name}-server = %{version}-%{release}
			Requires: bind-dyndb-ldap >= 11.1-1
			Requires: bind >= 9.9.4-44
			Requires: bind-utils >= 9.9.4-44
			Requires: bind-pkcs11 >= 9.9.4-44
			Requires: bind-pkcs11-utils >= 9.9.4-44
			# bumped because of https://bugzilla.redhat.com/show_bug.cgi?id=1469480
			Requires: bind-dyndb-ldap >= 11.1-4
			Requires: bind >= 9.9.4-51
			Requires: bind-utils >= 9.9.4-51
			Requires: bind-pkcs11 >= 9.9.4-51
			Requires: bind-pkcs11-utils >= 9.9.4-51
			Requires: opendnssec >= 1.4.6-4

			Provides: %{alt_name}-server-dns = %{version}
			@@ -1086,10 +1087,10 @@
			%endif # with_python3

			# RHEL spec file only: START: Change branding to IPA and Identity Management
			#cp %SOURCE1 install/ui/images/header-logo.png
			#cp %SOURCE2 install/ui/images/login-screen-background.jpg
			#cp %SOURCE3 install/ui/images/login-screen-logo.png
			#cp %SOURCE4 install/ui/images/product-name.png
			cp %SOURCE1 install/ui/images/header-logo.png
			cp %SOURCE2 install/ui/images/login-screen-background.jpg
			cp %SOURCE3 install/ui/images/login-screen-logo.png
			cp %SOURCE4 install/ui/images/product-name.png
			# RHEL spec file only: END: Change branding to IPA and Identity Management


			@@ -1837,8 +1838,13 @@


			%changelog
			* Mon Jul 31 2017 CentOS Sources <bugs@centos.org> - 4.5.0-20.el7.centos
			- Roll in CentOS Branding
			* Wed Jul 12 2017 Pavel Vomacka <pvomacka@redhat.com> - 4.5.0-21.el7
			- Resolves: #1470125 Replica install fails to configure IPA-specific
			temporary files/directories
			- replica install: drop-in IPA specific config to tmpfiles.d
			- Resolves: #1469978 bind package is not automatically updated during
			ipa-server upgrade process
			- Bumped Required version of bind-dyndb-ldap and bind package

			* Tue Jun 27 2017 Pavel Vomacka <pvomacka@redhat.com> - 4.5.0-20.el7
			- Resolves: #1452216 Replica installation grants HTTP principal