|
 |
2d68ff |
From 0d44e959e5bbe822b51137a8e7cf48fa25533805 Mon Sep 17 00:00:00 2001
|
|
|
2d68ff |
From: Rafael Guterres Jeffman <rjeffman@redhat.com>
|
|
|
2d68ff |
Date: Fri, 10 Dec 2021 12:15:36 -0300
|
|
|
2d68ff |
Subject: [PATCH] Revert "freeipa.spec: depend on bind-dnssec-utils"
|
|
|
2d68ff |
|
|
|
2d68ff |
This reverts commit f89d59b6e18b54967682f6a37ce92ae67ab3fcda.
|
|
|
2d68ff |
---
|
|
|
2d68ff |
freeipa.spec.in | 4 +---
|
|
|
2d68ff |
ipaplatform/base/paths.py | 2 +-
|
|
|
2d68ff |
ipaplatform/fedora/paths.py | 1 +
|
|
|
2d68ff |
ipaserver/dnssec/bindmgr.py | 1 -
|
|
|
2d68ff |
4 files changed, 3 insertions(+), 5 deletions(-)
|
|
|
2d68ff |
|
|
|
2d68ff |
diff --git a/freeipa.spec.in b/freeipa.spec.in
|
|
|
2d68ff |
index 8f5c370e5..e20edb7bc 100755
|
|
|
2d68ff |
--- a/freeipa.spec.in
|
|
|
2d68ff |
+++ b/freeipa.spec.in
|
|
|
2d68ff |
@@ -576,11 +576,9 @@ Requires: %{name}-server = %{version}-%{release}
|
|
|
2d68ff |
Requires: bind-dyndb-ldap >= 11.2-2
|
|
|
2d68ff |
Requires: bind >= %{bind_version}
|
|
|
2d68ff |
Requires: bind-utils >= %{bind_version}
|
|
|
2d68ff |
-# bind-dnssec-utils is required by the OpenDNSSec integration
|
|
|
2d68ff |
-# https://pagure.io/freeipa/issue/9026
|
|
|
2d68ff |
-Requires: bind-dnssec-utils >= %{bind_version}
|
|
|
2d68ff |
%if %{with bind_pkcs11}
|
|
|
2d68ff |
Requires: bind-pkcs11 >= %{bind_version}
|
|
|
2d68ff |
+Requires: bind-pkcs11-utils >= %{bind_version}
|
|
|
2d68ff |
%else
|
|
|
2d68ff |
Requires: softhsm >= %{softhsm_version}
|
|
|
2d68ff |
Requires: openssl-pkcs11 >= %{openssl_pkcs11_version}
|
|
|
2d68ff |
diff --git a/ipaplatform/base/paths.py b/ipaplatform/base/paths.py
|
|
|
2d68ff |
index 7d21367ec..42a47f1df 100644
|
|
|
2d68ff |
--- a/ipaplatform/base/paths.py
|
|
|
2d68ff |
+++ b/ipaplatform/base/paths.py
|
|
|
e8c7a2 |
@@ -259,7 +259,6 @@ class BasePathNamespace:
|
|
|
2d68ff |
IPA_PKI_RETRIEVE_KEY = "/usr/libexec/ipa/ipa-pki-retrieve-key"
|
|
|
2d68ff |
IPA_HTTPD_PASSWD_READER = "/usr/libexec/ipa/ipa-httpd-pwdreader"
|
|
|
2d68ff |
IPA_PKI_WAIT_RUNNING = "/usr/libexec/ipa/ipa-pki-wait-running"
|
|
|
2d68ff |
- DNSSEC_KEYFROMLABEL = "/usr/sbin/dnssec-keyfromlabel"
|
|
|
2d68ff |
+ DNSSEC_KEYFROMLABEL = "/usr/sbin/dnssec-keyfromlabel-pkcs11"
|
|
|
e8c7a2 |
- DNSSEC_KEYFROMLABEL_9_17 = "/usr/bin/dnssec-keyfromlabel"
|
|
|
2d68ff |
GETSEBOOL = "/usr/sbin/getsebool"
|
|
|
2d68ff |
GROUPADD = "/usr/sbin/groupadd"
|
|
|
2d68ff |
diff --git a/ipaplatform/fedora/paths.py b/ipaplatform/fedora/paths.py
|
|
|
2d68ff |
index 4e993c063..92a948966 100644
|
|
|
2d68ff |
--- a/ipaplatform/fedora/paths.py
|
|
|
2d68ff |
+++ b/ipaplatform/fedora/paths.py
|
|
|
2d68ff |
@@ -36,6 +36,7 @@ class FedoraPathNamespace(RedHatPathNamespace):
|
|
|
2d68ff |
NAMED_CRYPTO_POLICY_FILE = "/etc/crypto-policies/back-ends/bind.config"
|
|
|
2d68ff |
if HAS_NFS_CONF:
|
|
|
2d68ff |
SYSCONFIG_NFS = '/etc/nfs.conf'
|
|
|
2d68ff |
+ DNSSEC_KEYFROMLABEL = "/usr/sbin/dnssec-keyfromlabel"
|
|
|
e8c7a2 |
|
|
|
e8c7a2 |
|
|
|
2d68ff |
paths = FedoraPathNamespace()
|
|
|
2d68ff |
diff --git a/ipaserver/dnssec/bindmgr.py b/ipaserver/dnssec/bindmgr.py
|
|
|
2d68ff |
index 0c79cc03d..a15c0e601 100644
|
|
|
2d68ff |
--- a/ipaserver/dnssec/bindmgr.py
|
|
|
2d68ff |
+++ b/ipaserver/dnssec/bindmgr.py
|
|
|
2d68ff |
@@ -127,7 +127,6 @@ class BINDMgr:
|
|
|
2d68ff |
)
|
|
|
2d68ff |
cmd = [
|
|
|
2d68ff |
paths.DNSSEC_KEYFROMLABEL,
|
|
|
2d68ff |
- '-E', 'pkcs11',
|
|
|
2d68ff |
'-K', workdir,
|
|
|
2d68ff |
'-a', attrs['idnsSecAlgorithm'][0],
|
|
|
2d68ff |
'-l', uri
|
|
|
e8c7a2 |
--
|
|
|
2d68ff |
2.31.1
|