diff --git a/SOURCES/0001-configure-do-not-inherit-DISTRO-from-the-environment.patch b/SOURCES/0001-configure-do-not-inherit-DISTRO-from-the-environment.patch new file mode 100644 index 0000000..0fa9108 --- /dev/null +++ b/SOURCES/0001-configure-do-not-inherit-DISTRO-from-the-environment.patch @@ -0,0 +1,32 @@ +From 506887297ea33339d8ad8b274be643d220bf22f8 Mon Sep 17 00:00:00 2001 +From: Sumit Bose +Date: Thu, 28 Nov 2019 18:51:30 +0100 +Subject: [PATCH] configure: do not inherit DISTRO from the environment + +The argument of the --with-distro configure option is stored in the +variable DISTRO. If DISTRO is already set in the build environment it +should not be used hence DISTRO must be cleared by the configure script +if not set by --with-distro. + +Related to https://bugzilla.redhat.com/show_bug.cgi?id=1638396 +--- + configure.ac | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/configure.ac b/configure.ac +index e335247..a424a49 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -31,7 +31,8 @@ AC_ARG_WITH([distro], + [AS_HELP_STRING([--with-distro], + [Configure for a specific distribution (eg: redhat)] + )], +- [DISTRO=$withval]) ++ [DISTRO=$withval], ++ [DISTRO=]) + + if test -z $DISTRO; then + AC_CHECK_FILE(/etc/redhat-release, [DISTRO="redhat"]) +-- +2.21.0 + diff --git a/SOURCES/0001-doc-Add-short-arguments-like-U-arguments-to-realm-ma.patch b/SOURCES/0001-doc-Add-short-arguments-like-U-arguments-to-realm-ma.patch new file mode 100644 index 0000000..7185206 --- /dev/null +++ b/SOURCES/0001-doc-Add-short-arguments-like-U-arguments-to-realm-ma.patch @@ -0,0 +1,158 @@ +From fee9bde11b42ab39af6397a0c0ce4775443b28ea Mon Sep 17 00:00:00 2001 +From: Stef Walter +Date: Mon, 6 Feb 2017 12:25:52 +0100 +Subject: [PATCH] doc: Add short arguments like -U arguments to realm manual + page + +And clean up the documentation for the various arguments. +--- + doc/manual/realm.xml | 70 +++++++++++++++++++++++--------------------- + 1 file changed, 37 insertions(+), 33 deletions(-) + +diff --git a/doc/manual/realm.xml b/doc/manual/realm.xml +index 6724d80..9d9136a 100644 +--- a/doc/manual/realm.xml ++++ b/doc/manual/realm.xml +@@ -60,7 +60,7 @@ + + + +- ++ , + Run in install mode. This makes realmd + chroot into the specified directory and place files in + appropriate locations for use during an installer. No +@@ -73,7 +73,7 @@ + for input. + + +- ++ , + Display verbose diagnostics while doing + running commands. + +@@ -105,7 +105,7 @@ $ realm discover domain.example.com + + + +- ++ , + Show all discovered realms (in various + configurations). + +@@ -116,6 +116,10 @@ $ realm discover domain.example.com + sssd or + winbind. + ++ ++ , ++ Only show the names of the discovered realms. ++ + + + Only discover realms which run the +@@ -187,10 +191,13 @@ $ realm join --user=admin --computer-ou=OU=Special domain.example.com + in the domain already. + + +- +- The user name to be used to authenticate +- with when joining the machine to the realm. You will +- be prompted for a password. ++ ++ Only join realms for which we can ++ use the given client software. Possible values include ++ sssd or ++ winbind. Not all values are ++ supported for all realms. By default the client software ++ is automatically selected. + + + +@@ -201,6 +208,14 @@ $ realm join --user=admin --computer-ou=OU=Special domain.example.com + DSE portion of distinguished name. This is an Active + Directory specific option. + ++ ++ ++ The software to use when joining to the ++ realm. Possible values include samba or ++ adcli. Not all values are ++ supported for all realms. By default the membership software ++ is automatically selected. ++ + + + Perform the join automatically without +@@ -213,13 +228,16 @@ $ realm join --user=admin --computer-ou=OU=Special domain.example.com + all types of realms. + + +- +- Only join realms for which we can +- use the given client software. Possible values include +- sssd or +- winbind. Not all values are +- supported for all realms. By default the client software +- is automatically selected. ++ ++ The name of the operation system of the ++ client. When joining an AD domain the value is store in ++ the matching AD attribute. ++ ++ ++ ++ The version of the operation system of the ++ client. When joining an AD domain the value is store in ++ the matching AD attribute. + + + +@@ -229,12 +247,10 @@ $ realm join --user=admin --computer-ou=OU=Special domain.example.com + ipa. + + +- +- The software to use when joining to the +- realm. Possible values include samba or +- adcli. Not all values are +- supported for all realms. By default the membership software +- is automatically selected. ++ , ++ The user name to be used to authenticate ++ with when joining the machine to the realm. You will ++ be prompted for a password. + + + +@@ -243,18 +259,6 @@ $ realm join --user=admin --computer-ou=OU=Special domain.example.com + the value for this option, then a principal will be set + in the form of host/shortname@REALM + +- +- +- The name of the operation system of the +- client. When joining an AD domain the value is store in +- the matching AD attribute. +- +- +- +- The version of the operation system of the +- client. When joining an AD domain the value is store in +- the matching AD attribute. +- + + + +@@ -300,7 +304,7 @@ $ realm leave domain.example.com + for a pasword. + + +- ++ , + The user name to be used to authenticate + with when leaving the realm. You will be prompted for a + password. Implies . +-- +2.21.0 + diff --git a/SOURCES/0001-doc-extend-description-of-config-handling.patch b/SOURCES/0001-doc-extend-description-of-config-handling.patch new file mode 100644 index 0000000..b708739 --- /dev/null +++ b/SOURCES/0001-doc-extend-description-of-config-handling.patch @@ -0,0 +1,104 @@ +From 98a69ca00e3441128b181b59c06bb06e8c362360 Mon Sep 17 00:00:00 2001 +From: Sumit Bose +Date: Fri, 29 Nov 2019 21:57:02 +0100 +Subject: [PATCH] doc: extend description of config handling + +Related to https://bugzilla.redhat.com/show_bug.cgi?id=1625005 +--- + doc/manual/Makefile.am | 8 ++++++++ + doc/manual/realmd.conf.xml | 15 +++++++++++---- + doc/privatedir.xml.in | 1 + + 4 files changed, 21 insertions(+), 4 deletions(-) + create mode 100644 doc/privatedir.xml.in + +diff --git a/doc/manual/Makefile.am b/doc/manual/Makefile.am +index 8b33fdd..9812c45 100644 +--- a/doc/manual/Makefile.am ++++ b/doc/manual/Makefile.am +@@ -1,14 +1,20 @@ ++XSLTPROC_FLAGS = --path $(abs_builddir):$(abs_srcdir):$(abs_builddir)/doc + + man8_MANS += \ + doc/manual/realm.8 + man5_MANS += \ + doc/manual/realmd.conf.5 + ++$(man5_MANS): doc/privatedir.xml ++ + MAN_IN_FILES = \ + $(man8_MANS:.8=.xml) \ + $(man5_MANS:.5=.xml) \ + $(NULL) + ++doc/privatedir.xml: doc/privatedir.xml.in ++ $(V_SED) $(MKDIR_P) $(dir $@) && $(SED_SUBST) $< > $@ ++ + MANUAL_DOCBOOK = doc/manual/realmd-docs.xml + + MANUAL_INCLUDES = \ +@@ -41,6 +47,7 @@ MANUAL_XSLT = \ + $(NULL) + + EXTRA_DIST += \ ++ doc/privatedir.xml.in \ + $(MANUAL_DOCBOOK) \ + $(MANUAL_INCLUDES) \ + $(MAN_IN_FILES) \ +@@ -50,6 +57,7 @@ EXTRA_DIST += \ + + CLEANFILES += \ + realmd-org.freedesktop.realmd.generated \ ++ doc/privatedir.xml \ + $(DBUS_DOC_GENERATED) \ + $(DBUS_ESCAPED) \ + $(man8_MANS) \ +diff --git a/doc/manual/realmd.conf.xml b/doc/manual/realmd.conf.xml +index 1592291..9062252 100644 +--- a/doc/manual/realmd.conf.xml ++++ b/doc/manual/realmd.conf.xml +@@ -1,6 +1,9 @@ + + ++ "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" ++[ ++ ++]> + + + +@@ -35,7 +38,9 @@ + to act in specific ways. This is done by placing settings in a + /etc/realmd.conf. This file does not exist by + default. The syntax of this file is the same as an INI file or +- Desktop Entry file. ++ Desktop Entry file. If the file is changed and ++ realmd is running realmd must be ++ restarted to read the new values. + + In general, settings in this file only apply at the point of + joining a domain or realm. Once the realm has been setup the settings +@@ -46,8 +51,10 @@ + + Only specify the settings you wish to override in the + /etc/realmd.conf file. Settings not specified will +- be loaded from their packaged defaults. Only override the settings +- below. You may find other settings if you look through the ++ be loaded from their packaged defaults which can be found in ++ &privatedir;/realmd-defaults.conf and ++ &privatedir;/realmd-distro.conf. Only override the ++ settings below. You may find other settings if you look through the + realmd source code. However these are not guaranteed + to remain stable. + +diff --git a/doc/privatedir.xml.in b/doc/privatedir.xml.in +new file mode 100644 +index 0000000..7f71afe +--- /dev/null ++++ b/doc/privatedir.xml.in +@@ -0,0 +1 @@ ++@privatedir@ +\ No newline at end of file +-- +2.21.0 + diff --git a/SOURCES/0001-doc-extend-user-principal-section.patch b/SOURCES/0001-doc-extend-user-principal-section.patch new file mode 100644 index 0000000..c6e4cdf --- /dev/null +++ b/SOURCES/0001-doc-extend-user-principal-section.patch @@ -0,0 +1,75 @@ +From d6d1ce2f8b1c81903115b018973c61fc71235b7b Mon Sep 17 00:00:00 2001 +From: Sumit Bose +Date: Fri, 29 Nov 2019 18:10:03 +0100 +Subject: [PATCH] doc: extend user-principal section + +Related to https://bugzilla.redhat.com/show_bug.cgi?id=1643814 +--- + doc/manual/realm.xml | 21 +++++++++++++++++++-- + doc/manual/realmd.conf.xml | 15 ++++++++++----- + 2 files changed, 29 insertions(+), 7 deletions(-) + +diff --git a/doc/manual/realm.xml b/doc/manual/realm.xml +index 7b73331..55a7640 100644 +--- a/doc/manual/realm.xml ++++ b/doc/manual/realm.xml +@@ -254,10 +254,27 @@ $ realm join --user=admin --computer-ou=OU=Special domain.example.com + + + +- Set the userPrincipalName field of the ++ Set the ++ field of the + computer account to this kerberos principal. If you omit + the value for this option, then a principal will be set +- in the form of host/shortname@REALM ++ based on the defaults of the membership software. ++ AD makes a distinction between user and service ++ principals. Only with user principals you can request a ++ Kerberos Ticket-Granting-Ticket (TGT), i.e. only user ++ principals can be used with the kinit ++ command. By default the user principal and the canonical ++ principal name of an AD computer account is ++ shortname$@AD.DOMAIN, where shortname is ++ the NetBIOS name which is limited to 15 characters. ++ If there are applications which are not aware of ++ the AD default and are using a hard-coded default ++ principal the can be ++ used to make AD aware of this principal. Please note ++ that is a single ++ value LDAP attribute, i.e. only one alternative user ++ principal besides the AD default user principal can be ++ set. + + + +diff --git a/doc/manual/realmd.conf.xml b/doc/manual/realmd.conf.xml +index f0b0879..a26a60c 100644 +--- a/doc/manual/realmd.conf.xml ++++ b/doc/manual/realmd.conf.xml +@@ -365,12 +365,17 @@ computer-name = SERVER01 + + + +- ++ + +- Set the to yes +- to create attributes for the +- computer account in the realm, in the form +- host/computer@REALM ++ Set the to yes ++ to create attribute for the ++ computer accounts in the realm. The exact value depends on the ++ defaults of the used membership software. To have full control ++ over the value please use the ++ option of the ++ realm command, see ++ realm ++ 8 for details. + + + +-- +2.21.0 + diff --git a/SOURCES/0001-doc-fix-discover-name-only.patch b/SOURCES/0001-doc-fix-discover-name-only.patch new file mode 100644 index 0000000..861f306 --- /dev/null +++ b/SOURCES/0001-doc-fix-discover-name-only.patch @@ -0,0 +1,26 @@ +From 878e40f5a3b50d37a0ed981a4f0872a9d5d99e6b Mon Sep 17 00:00:00 2001 +From: Sumit Bose +Date: Fri, 29 Nov 2019 18:49:15 +0100 +Subject: [PATCH 1/2] doc: fix discover name-only + +Related to https://bugzilla.redhat.com/show_bug.cgi?id=1625001 +--- + doc/manual/realmd.conf.xml | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/doc/manual/realmd.conf.xml b/doc/manual/realmd.conf.xml +index a26a60c..fc6a785 100644 +--- a/doc/manual/realmd.conf.xml ++++ b/doc/manual/realmd.conf.xml +@@ -308,7 +308,7 @@ DOMAIN\user:*:13445:13446:Name:/home/DOMAIN/user:/bin/bash + + + +-$ realm discover --name DOMAIN.example.com ++$ realm discover --name-only DOMAIN.example.com + domain.example.com + ... + +-- +2.21.0 + diff --git a/SOURCES/0001-doc-make-sure-cross-reference-ids-are-predictable.patch b/SOURCES/0001-doc-make-sure-cross-reference-ids-are-predictable.patch new file mode 100644 index 0000000..2cd54ec --- /dev/null +++ b/SOURCES/0001-doc-make-sure-cross-reference-ids-are-predictable.patch @@ -0,0 +1,1500 @@ +From 4f3c02dc14300c0b8e51a55d627c57f73c108f64 Mon Sep 17 00:00:00 2001 +From: Sumit Bose +Date: Fri, 28 Sep 2018 10:36:19 +0200 +Subject: [PATCH] doc: make sure cross-reference ids are predictable + +To make sure the cross-reference ids are predictable in the +auto-generated DBus documentation as well the xsl and css files form the +gtk-doc package are updated as well. +--- + doc/manual/devhelp2.xsl | 173 ++++++++ + doc/manual/gtk-doc.xsl | 436 ++++++++----------- + doc/manual/realm.xml | 14 +- + doc/manual/realmd-guide-active-directory.xml | 4 +- + doc/manual/realmd-guide-ipa.xml | 2 +- + doc/manual/realmd-guide-kerberos.xml | 2 +- + doc/manual/realmd.conf.xml | 4 +- + doc/manual/static/gtk-doc.css | 420 +++++++++++++----- + 8 files changed, 688 insertions(+), 367 deletions(-) + create mode 100644 doc/manual/devhelp2.xsl + +diff --git a/doc/manual/devhelp2.xsl b/doc/manual/devhelp2.xsl +new file mode 100644 +index 0000000..bab6692 +--- /dev/null ++++ b/doc/manual/devhelp2.xsl +@@ -0,0 +1,173 @@ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ book ++ ++ ++ .devhelp2 ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ , ++ ++ ++ ++ ++ +diff --git a/doc/manual/gtk-doc.xsl b/doc/manual/gtk-doc.xsl +index 9c0901b..3471e6c 100644 +--- a/doc/manual/gtk-doc.xsl ++++ b/doc/manual/gtk-doc.xsl +@@ -5,20 +5,19 @@ + version="1.0"> + + +- ++ + ++ + + +- +- ++ ++ + + + ++ + 2 + + book toc +@@ -28,16 +27,17 @@ + part toc + reference toc + ++ 1 + + + + + +- + + + + ++ + + + +@@ -60,6 +60,9 @@ + + + ++ ++ ++ + + + +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- <ANCHOR id=" +- +- " href=" +- +- +- / +- +- +- "> +- +- +- +- +- +- <ONLINE href=" +- +- "> +- ++ ++ + + + +@@ -387,6 +341,15 @@ Get a newer version at http://docbook.sourceforge.net/projects/xsl/ + + + ++ ++ ++ ++ ++ ++ <xsl:copy-of select="$title"/>: <xsl:apply-templates select="$home" mode="object.title.markup"/> ++ ++ ++ + + + +@@ -399,10 +362,10 @@ Get a newer version at http://docbook.sourceforge.net/projects/xsl/ +
+ + +- Generated by GTK-Doc V ++ Generated by GTK-Doc V + + +- Generated by GTK-Doc ++ Generated by GTK-Doc + + + +@@ -451,21 +414,119 @@ Get a newer version at http://docbook.sourceforge.net/projects/xsl/ + + + ++ summary = "Navigation header" cellpadding="2" cellspacing="5"> + ++ + +- ++ + + + +- ++ + + + +- ++ + + + +- ++ + + +- + + + + + +- ++ + + + +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- + + +
+@@ -758,32 +678,32 @@ Get a newer version at http://docbook.sourceforge.net/projects/xsl/ + + +- +@@ -803,6 +723,21 @@ Get a newer version at http://docbook.sourceforge.net/projects/xsl/ + + + ++ ++ ++ ++ ++ ++ em-dash ++ ++ ++ ++ ++ ++ + + + idx +@@ -825,12 +760,12 @@ Get a newer version at http://docbook.sourceforge.net/projects/xsl/ + + + +-  |  ++   |  + + + + +-  ] ++   ] + + + +@@ -861,11 +796,6 @@ Get a newer version at http://docbook.sourceforge.net/projects/xsl/ + + + +- +- + + + +@@ -878,7 +808,7 @@ Get a newer version at http://docbook.sourceforge.net/projects/xsl/ + + + http://foldoc.org/ +- ++ + + + +diff --git a/doc/manual/realm.xml b/doc/manual/realm.xml +index 9d9136a..7b73331 100644 +--- a/doc/manual/realm.xml ++++ b/doc/manual/realm.xml +@@ -49,7 +49,7 @@ + + + +- ++ + Description + realm is a command line tool that + can be used to manage enrollment in kerberos realms, like Active +@@ -81,7 +81,7 @@ + + + +- ++ + Discover + + Discover a realm and its capabilities. +@@ -138,7 +138,7 @@ $ realm discover domain.example.com + + + +- ++ + Join + + Configure the local machine for use with a realm. +@@ -263,7 +263,7 @@ $ realm join --user=admin --computer-ou=OU=Special domain.example.com + + + +- ++ + Leave + + Deconfigure the local machine for use with a realm. +@@ -313,7 +313,7 @@ $ realm leave domain.example.com + + + +- ++ + List + + List all the discovered and configured realms. +@@ -345,7 +345,7 @@ $ realm list + + + +- ++ + Permit + + Permit local login by users of the realm. +@@ -392,7 +392,7 @@ $ realm permit --withdraw user@example.com + + + +- ++ + Deny + + Deny local login by realm accounts. +diff --git a/doc/manual/realmd-guide-active-directory.xml b/doc/manual/realmd-guide-active-directory.xml +index 362cf94..c88e8af 100644 +--- a/doc/manual/realmd-guide-active-directory.xml ++++ b/doc/manual/realmd-guide-active-directory.xml +@@ -69,7 +69,7 @@ $ realm discover --verbose domain.example.com + Winbind. + By default SSSD is used. + +-
++
+ Using SSSD with Active Directory + SSSD + provides client software for various kerberos and/or LDAP +@@ -91,7 +91,7 @@ $ realm join --client-software=sssd domain.example.com + +
+ +-
++
+ Using Winbind with Active Directory + Samba + Winbind +diff --git a/doc/manual/realmd-guide-ipa.xml b/doc/manual/realmd-guide-ipa.xml +index bba6504..c3ad450 100644 +--- a/doc/manual/realmd-guide-ipa.xml ++++ b/doc/manual/realmd-guide-ipa.xml +@@ -13,7 +13,7 @@ + users locally, and log into the local machine with IPA domain + credentials. + +-
++
+ Discovering IPA domains + realmd discovers which domains or + realms it can use or configure. It can discover and identify +diff --git a/doc/manual/realmd-guide-kerberos.xml b/doc/manual/realmd-guide-kerberos.xml +index a57e964..5b9d4b1 100644 +--- a/doc/manual/realmd-guide-kerberos.xml ++++ b/doc/manual/realmd-guide-kerberos.xml +@@ -12,7 +12,7 @@ + Since there is no standard way to enroll a computer against a Kerberos + server, it is not possible to do this with realmd. + +-
++
+ Discovering Kerberos realms + realmd discovers which domains or + realms it can use or configure. It can discover and identify +diff --git a/doc/manual/realmd.conf.xml b/doc/manual/realmd.conf.xml +index a2b577c..f0b0879 100644 +--- a/doc/manual/realmd.conf.xml ++++ b/doc/manual/realmd.conf.xml +@@ -28,7 +28,7 @@ + Tweak behavior of realmd + + +- ++ + Configuration File + + realmd can be tweaked by network administrators +@@ -297,7 +297,7 @@ DOMAIN\user:*:13445:13446:Name:/home/DOMAIN/user:/bin/bash + + + +- ++ + Realm specific settings + These options should go in an section with the same name + as the realm in the /etc/realmd.conf file. +diff --git a/doc/manual/static/gtk-doc.css b/doc/manual/static/gtk-doc.css +index 5618926..af6ce9c 100644 +--- a/doc/manual/static/gtk-doc.css ++++ b/doc/manual/static/gtk-doc.css +@@ -1,15 +1,23 @@ ++body ++{ ++ font-family: cantarell, sans-serif; ++} + .synopsis, .classsynopsis + { + /* tango:aluminium 1/2 */ + background: #eeeeec; +- border: solid 1px #d3d7cf; ++ background: rgba(238, 238, 236, 0.5); ++ border: solid 1px rgb(238, 238, 236); + padding: 0.5em; + } + .programlisting + { + /* tango:sky blue 0/1 */ ++ /* fallback for no rgba support */ + background: #e6f3ff; + border: solid 1px #729fcf; ++ background: rgba(114, 159, 207, 0.1); ++ border: solid 1px rgba(114, 159, 207, 0.2); + padding: 0.5em; + } + .variablelist +@@ -22,86 +30,8 @@ + vertical-align: top; + } + +-@media screen { +- sup a.footnote +- { +- position: relative; +- top: 0em ! important; +- } +- /* this is needed so that the local anchors are displayed below the naviagtion */ +- div.footnote a[name], div.refnamediv a[name], div.refsect1 a[name], div.refsect2 a[name], div.index a[name], div.glossary a[name], div.sect1 a[name] +- { +- display: inline-block; +- position: relative; +- top:-5em; +- } +- /* this seems to be a bug in the xsl style sheets when generating indexes */ +- div.index div.index +- { +- top: 0em; +- } +- /* make space for the fixed navigation bar and add space at the bottom so that +- * link targets appear somewhat close to top +- */ +- body +- { +- padding-top: 3.2em; +- padding-bottom: 20em; +- } +- /* style and size the navigation bar */ +- table.navigation#top +- { +- position: fixed; +- /* tango:scarlet red 0/1 */ +- background: #ffe6e6; +- border: solid 1px #ef2929; +- margin-top: 0; +- margin-bottom: 0; +- top: 0; +- left: 0; +- height: 3em; +- z-index: 10; +- } +- .navigation a, .navigation a:visited +- { +- /* tango:scarlet red 3 */ +- color: #a40000; +- } +- .navigation a:hover +- { +- /* tango:scarlet red 1 */ +- color: #ef2929; +- } +- td.shortcuts +- { +- /* tango:scarlet red 1 */ +- color: #ef2929; +- font-size: 80%; +- white-space: nowrap; +- } +-} +-@media print { +- table.navigation { +- visibility: collapse; +- display: none; +- } +- div.titlepage table.navigation { +- visibility: visible; +- display: table; +- /* tango:scarlet red 0/1 */ +- background: #ffe6e6; +- border: solid 1px #ef2929; +- margin-top: 0; +- margin-bottom: 0; +- top: 0; +- left: 0; +- height: 3em; +- } +-} +- +-.navigation .title +-{ +- font-size: 200%; ++span.nowrap { ++ white-space: nowrap; + } + + div.gallery-float +@@ -131,6 +61,72 @@ a:hover + color: #729fcf; + } + ++div.informaltable table ++{ ++ border-collapse: separate; ++ border-spacing: 1em 0.3em; ++ border: none; ++} ++ ++div.informaltable table td, div.informaltable table th ++{ ++ vertical-align: top; ++} ++ ++.function_type, ++.variable_type, ++.property_type, ++.signal_type, ++.parameter_name, ++.struct_member_name, ++.union_member_name, ++.define_keyword, ++.datatype_keyword, ++.typedef_keyword ++{ ++ text-align: right; ++} ++ ++/* dim non-primary columns */ ++.c_punctuation, ++.function_type, ++.variable_type, ++.property_type, ++.signal_type, ++.define_keyword, ++.datatype_keyword, ++.typedef_keyword, ++.property_flags, ++.signal_flags, ++.parameter_annotations, ++.enum_member_annotations, ++.struct_member_annotations, ++.union_member_annotations ++{ ++ color: #888a85; ++} ++ ++.function_type a, ++.function_type a:visited, ++.function_type a:hover, ++.property_type a, ++.property_type a:visited, ++.property_type a:hover, ++.signal_type a, ++.signal_type a:visited, ++.signal_type a:hover, ++.signal_flags a, ++.signal_flags a:visited, ++.signal_flags a:hover ++{ ++ color: #729fcf; ++} ++ ++td p ++{ ++ margin: 0.25em; ++} ++ + div.table table + { + border-collapse: collapse; +@@ -153,14 +149,44 @@ div.table table th + background-color: #d3d7cf; + } + ++h4 ++{ ++ color: #555753; ++ margin-top: 1em; ++ margin-bottom: 1em; ++} ++ + hr + { +- /* tango:aluminium 3 */ +- color: #babdb6; +- background: #babdb6; ++ /* tango:aluminium 1 */ ++ color: #d3d7cf; ++ background: #d3d7cf; + border: none 0px; + height: 1px; + clear: both; ++ margin: 2.0em 0em 2.0em 0em; ++} ++ ++dl.toc dt ++{ ++ padding-bottom: 0.25em; ++} ++ ++dl.toc > dt ++{ ++ padding-top: 0.25em; ++ padding-bottom: 0.25em; ++ font-weight: bold; ++} ++ ++dl.toc > dl ++{ ++ padding-bottom: 0.5em; ++} ++ ++.parameter ++{ ++ font-style: normal; + } + + .footer +@@ -172,31 +198,70 @@ hr + font-size: 80%; + } + ++.informalfigure, ++.figure ++{ ++ margin: 1em; ++} ++ ++.informalexample, ++.example ++{ ++ margin-top: 1em; ++ margin-bottom: 1em; ++} ++ + .warning + { + /* tango:orange 0/1 */ + background: #ffeed9; ++ background: rgba(252, 175, 62, 0.1); + border-color: #ffb04f; ++ border-color: rgba(252, 175, 62, 0.2); + } + .note + { + /* tango:chameleon 0/0.5 */ + background: #d8ffb2; ++ background: rgba(138, 226, 52, 0.1); + border-color: #abf562; ++ border-color: rgba(138, 226, 52, 0.2); + } +-.note, .warning ++div.blockquote ++{ ++ border-color: #eeeeec; ++} ++.note, .warning, div.blockquote + { + padding: 0.5em; + border-width: 1px; + border-style: solid; ++ margin: 2em; + } +-.note h3, .warning h3 ++.note p, .warning p + { +- margin-top: 0.0em ++ margin: 0; + } +-.note p, .warning p ++ ++div.warning h3.title, ++div.note h3.title ++{ ++ display: none; ++} ++ ++p + div.section ++{ ++ margin-top: 1em; ++} ++ ++div.refnamediv, ++div.refsynopsisdiv, ++div.refsect1, ++div.refsect2, ++div.toc, ++div.section + { +- margin-bottom: 0.0em ++ margin-bottom: 1em; + } + + /* blob links */ +@@ -209,33 +274,52 @@ h2 .extralinks, h3 .extralinks + font-weight: normal; + } + ++.lineart ++{ ++ color: #d3d7cf; ++ font-weight: normal; ++} ++ + .annotation + { + /* tango:aluminium 5 */ + color: #555753; +- font-size: 80%; + font-weight: normal; + } + ++.structfield ++{ ++ font-style: normal; ++ font-weight: normal; ++} ++ ++acronym,abbr ++{ ++ border-bottom: 1px dotted gray; ++} ++ + /* code listings */ + +-.listing_code .programlisting .cbracket { color: #a40000; } /* tango: scarlet red 3 */ +-.listing_code .programlisting .comment { color: #a1a39d; } /* tango: aluminium 4 */ +-.listing_code .programlisting .function { color: #000000; font-weight: bold; } +-.listing_code .programlisting .function a { color: #11326b; font-weight: bold; } /* tango: sky blue 4 */ +-.listing_code .programlisting .keyword { color: #4e9a06; } /* tango: chameleon 3 */ ++.listing_code .programlisting .normal, ++.listing_code .programlisting .normal a, ++.listing_code .programlisting .number, ++.listing_code .programlisting .cbracket, ++.listing_code .programlisting .symbol { color: #555753; } ++.listing_code .programlisting .comment, + .listing_code .programlisting .linenum { color: #babdb6; } /* tango: aluminium 3 */ +-.listing_code .programlisting .normal { color: #000000; } +-.listing_code .programlisting .number { color: #75507b; } /* tango: plum 2 */ ++.listing_code .programlisting .function, ++.listing_code .programlisting .function a, + .listing_code .programlisting .preproc { color: #204a87; } /* tango: sky blue 3 */ +-.listing_code .programlisting .string { color: #c17d11; } /* tango: chocolate 2 */ +-.listing_code .programlisting .type { color: #000000; } +-.listing_code .programlisting .type a { color: #11326b; } /* tango: sky blue 4 */ +-.listing_code .programlisting .symbol { color: #ce5c00; } /* tango: orange 3 */ ++.listing_code .programlisting .string { color: #ad7fa8; } /* tango: plum */ ++.listing_code .programlisting .keyword, ++.listing_code .programlisting .usertype, ++.listing_code .programlisting .type, ++.listing_code .programlisting .type a { color: #4e9a06; } /* tango: chameleon 3 */ + + .listing_frame { + /* tango:sky blue 1 */ + border: solid 1px #729fcf; ++ border: solid 1px rgba(114, 159, 207, 0.2); + padding: 0px; + } + +@@ -247,18 +331,152 @@ h2 .extralinks, h3 .extralinks + .listing_lines { + /* tango:sky blue 0.5 */ + background: #a6c5e3; ++ background: rgba(114, 159, 207, 0.2); + /* tango:aluminium 6 */ + color: #2e3436; + } + .listing_code { + /* tango:sky blue 0 */ + background: #e6f3ff; ++ background: rgba(114, 159, 207, 0.1); + } + .listing_code .programlisting { + /* override from previous */ + border: none 0px; + padding: 0px; ++ background: none; + } + .listing_lines pre, .listing_code pre { + margin: 0px; + } ++ ++@media screen { ++ /* these have a as a first child, but since there are no parent selectors ++ * we can't use that. */ ++ a.footnote ++ { ++ position: relative; ++ top: 0em ! important; ++ } ++ /* this is needed so that the local anchors are displayed below the naviagtion */ ++ div.footnote a[name], div.refnamediv a[name], div.refsect1 a[name], div.refsect2 a[name], div.index a[name], div.glossary a[name], div.sect1 a[name] ++ { ++ display: inline-block; ++ position: relative; ++ top:-5em; ++ } ++ /* this seems to be a bug in the xsl style sheets when generating indexes */ ++ div.index div.index ++ { ++ top: 0em; ++ } ++ /* make space for the fixed navigation bar and add space at the bottom so that ++ * link targets appear somewhat close to top ++ */ ++ body ++ { ++ padding-top: 2.5em; ++ padding-bottom: 500px; ++ max-width: 60em; ++ } ++ p ++ { ++ max-width: 60em; ++ } ++ /* style and size the navigation bar */ ++ table.navigation#top ++ { ++ position: fixed; ++ background: #e2e2e2; ++ border-bottom: solid 1px #babdb6; ++ border-spacing: 5px; ++ margin-top: 0; ++ margin-bottom: 0; ++ top: 0; ++ left: 0; ++ z-index: 10; ++ } ++ table.navigation#top td ++ { ++ padding-left: 6px; ++ padding-right: 6px; ++ } ++ .navigation a, .navigation a:visited ++ { ++ /* tango:sky blue 3 */ ++ color: #204a87; ++ } ++ .navigation a:hover ++ { ++ /* tango:sky blue 2 */ ++ color: #3465a4; ++ } ++ td.shortcuts ++ { ++ /* tango:sky blue 2 */ ++ color: #3465a4; ++ font-size: 80%; ++ white-space: nowrap; ++ } ++ td.shortcuts .dim ++ { ++ color: #babdb6; ++ } ++ .navigation .title ++ { ++ font-size: 80%; ++ max-width: none; ++ margin: 0px; ++ font-weight: normal; ++ } ++} ++@media screen and (min-width: 60em) { ++ /* screen larger than 60em */ ++ body { margin: auto; } ++} ++@media screen and (max-width: 60em) { ++ /* screen less than 60em */ ++ #nav_hierarchy { display: none; } ++ #nav_interfaces { display: none; } ++ #nav_prerequisites { display: none; } ++ #nav_derived_interfaces { display: none; } ++ #nav_implementations { display: none; } ++ #nav_child_properties { display: none; } ++ #nav_style_properties { display: none; } ++ #nav_index { display: none; } ++ #nav_glossary { display: none; } ++ .gallery_image { display: none; } ++ .property_flags { display: none; } ++ .signal_flags { display: none; } ++ .parameter_annotations { display: none; } ++ .enum_member_annotations { display: none; } ++ .struct_member_annotations { display: none; } ++ .union_member_annotations { display: none; } ++ /* now that a column is hidden, optimize space */ ++ col.parameters_name { width: auto; } ++ col.parameters_description { width: auto; } ++ col.struct_members_name { width: auto; } ++ col.struct_members_description { width: auto; } ++ col.enum_members_name { width: auto; } ++ col.enum_members_description { width: auto; } ++ col.union_members_name { width: auto; } ++ col.union_members_description { width: auto; } ++ .listing_lines { display: none; } ++} ++@media print { ++ table.navigation { ++ visibility: collapse; ++ display: none; ++ } ++ div.titlepage table.navigation { ++ visibility: visible; ++ display: table; ++ background: #e2e2e2; ++ border: solid 1px #babdb6; ++ margin-top: 0; ++ margin-bottom: 0; ++ top: 0; ++ left: 0; ++ height: 3em; ++ } ++} +-- +2.21.0 + diff --git a/SOURCES/0001-service-use-kerberos-method-secrets-and-keytab.patch b/SOURCES/0001-service-use-kerberos-method-secrets-and-keytab.patch new file mode 100644 index 0000000..69674e4 --- /dev/null +++ b/SOURCES/0001-service-use-kerberos-method-secrets-and-keytab.patch @@ -0,0 +1,30 @@ +From 517fa766782421302da827278ca17e6b2ad57da3 Mon Sep 17 00:00:00 2001 +From: Sumit Bose +Date: Fri, 21 Feb 2020 14:06:16 +0100 +Subject: [PATCH] service: use "kerberos method" "secrets and keytab" + +When using Samba with Winbind the host password stored in secrets.tdb is +still important so the "secrets and keytab" should be the preferred +"kerberos method". + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1801195 +--- + service/realm-samba.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/service/realm-samba.c b/service/realm-samba.c +index e2a3608..4940b38 100644 +--- a/service/realm-samba.c ++++ b/service/realm-samba.c +@@ -200,7 +200,7 @@ on_join_do_winbind (GObject *source, + "template shell", realm_settings_string ("users", "default-shell"), + "netbios name", computer_name, + "password server", enroll->disco->explicit_server, +- "kerberos method", "system keytab", ++ "kerberos method", "secrets and keytab", + NULL); + } + +-- +2.24.1 + diff --git a/SOURCES/0002-doc-add-see-also-to-man-pages.patch b/SOURCES/0002-doc-add-see-also-to-man-pages.patch new file mode 100644 index 0000000..87d8b26 --- /dev/null +++ b/SOURCES/0002-doc-add-see-also-to-man-pages.patch @@ -0,0 +1,46 @@ +From 799821650c538754aae842d400df75d3bd8864bf Mon Sep 17 00:00:00 2001 +From: Sumit Bose +Date: Fri, 29 Nov 2019 18:49:51 +0100 +Subject: [PATCH 2/2] doc: add see also to man pages + +Related to https://bugzilla.redhat.com/show_bug.cgi?id=1625001 +--- + doc/manual/realm.xml | 7 +++++++ + doc/manual/realmd.conf.xml | 7 +++++++ + 2 files changed, 14 insertions(+) + +diff --git a/doc/manual/realm.xml b/doc/manual/realm.xml +index 55a7640..e5d4608 100644 +--- a/doc/manual/realm.xml ++++ b/doc/manual/realm.xml +@@ -440,4 +440,11 @@ $ realm deny --all + + + ++ ++ SEE ALSO ++ ++ realmd.conf ++ 5 ++ ++ + +diff --git a/doc/manual/realmd.conf.xml b/doc/manual/realmd.conf.xml +index fc6a785..1592291 100644 +--- a/doc/manual/realmd.conf.xml ++++ b/doc/manual/realmd.conf.xml +@@ -471,4 +471,11 @@ fully-qualified-names = no + + + ++ ++ SEE ALSO ++ ++ realm ++ 8 ++ ++ + +-- +2.21.0 + diff --git a/SPECS/realmd.spec b/SPECS/realmd.spec index 3a22ddf..b1c6cf7 100644 --- a/SPECS/realmd.spec +++ b/SPECS/realmd.spec @@ -1,6 +1,6 @@ Name: realmd Version: 0.16.3 -Release: 16%{?dist} +Release: 18%{?dist} Summary: Kerberos realm enrollment service License: LGPLv2+ URL: http://cgit.freedesktop.org/realmd/realmd/ @@ -22,6 +22,24 @@ Patch12: 0001-Change-qualified-names-default-for-IPA.patch Patch13: 0001-IPA-do-not-call-sssd-enable-logins.patch +# rhbz#1747454 - rebuild fails if DISTRO variable is exported +Patch14: 0001-configure-do-not-inherit-DISTRO-from-the-environment.patch + +# rhbz#1747452 - realmd.conf user-principal RFE and clarification (plus dependencies) +Patch15: 0001-doc-Add-short-arguments-like-U-arguments-to-realm-ma.patch +Patch16: 0001-doc-make-sure-cross-reference-ids-are-predictable.patch +Patch17: 0001-doc-extend-user-principal-section.patch + +# rhbz#1747457 - realmd.conf documentation incorrect +Patch18: 0001-doc-fix-discover-name-only.patch +Patch19: 0002-doc-add-see-also-to-man-pages.patch + +# rhbz#1747456 - Document realmd.conf and how realmd reads the configuration +Patch20: 0001-doc-extend-description-of-config-handling.patch + +# rhbz#1801195 +Patch21: 0001-service-use-kerberos-method-secrets-and-keytab.patch + BuildRequires: gcc BuildRequires: automake BuildRequires: autoconf @@ -54,20 +72,7 @@ applications that use %{name}. %define _hardened_build 1 %prep -%setup -q -%patch1 -p1 -%patch2 -p1 -%patch3 -p1 -%patch4 -p1 -%patch5 -p1 -%patch6 -p1 -%patch7 -p1 -%patch8 -p1 -%patch9 -p1 -%patch10 -p1 -%patch11 -p1 -%patch12 -p1 -%patch13 -p1 +%autosetup -p1 %build autoreconf -fi @@ -102,6 +107,20 @@ make install DESTDIR=%{buildroot} %doc ChangeLog %changelog +* Fri Feb 21 2020 Sumit Bose - 0.16.3-18 +- Fix kerberos method + Resolves: rhbz#1801195 + +* Sun Dec 01 2019 Sumit Bose - 0.16.3-17 +- rebuild fails if DISTRO variable is exported + Resolves: rhbz#1747454 +- realmd.conf user-principal RFE and clarification + Resolves: rhbz#1747452 +- realmd.conf documentation incorrect + Resolves: rhbz#1747457 +- Document realmd.conf and how realmd reads the configuration + Resolves: rhbz#1747456 + * Thu Sep 27 2018 Sumit Bose - 0.16.3-16 - Do not call authselect for IPA domains Resolves: rhbz#1633572
+ +- +- +-

+- +- +- +-

+-
+- +-

+- +- +- +- +- +- +- +- +-

+-
+-
+-

++ ++ ++

++ ++ ++ ++

++ ++ ++

++ ++ ++ ++ ++ ++ ++ ++ ++

++
++ ++

+ +

+
++