Name: realmd Version: 0.16.3 Release: 23%{?dist} Summary: Kerberos realm enrollment service License: LGPLv2+ URL: http://cgit.freedesktop.org/realmd/realmd/ Source0: http://www.freedesktop.org/software/realmd/releases/realmd-%{version}.tar.gz Patch1: 0001-LDAP-don-t-close-LDAP-socket-twice.patch Patch2: 0001-service-Add-nss-and-pam-sssd.conf-services-after-joi.patch Patch3: 0001-Kerberos-fall-back-to-tcp-SRV-lookup.patch Patch4: 0001-service-Add-pam-and-nss-services-in-realm_sssd_confi.patch Patch5: 0001-switch-to-authselect.patch Patch6: 0001-Fix-man-page-reference-in-systemd-service-file.patch Patch7: 0001-Use-current-idmap-options-for-smb.conf.patch Patch8: 0001-Find-NetBIOS-name-in-keytab-while-leaving.patch Patch9: 0001-tests-run-tests-with-python3.patch Patch10: ipa-packages.patch Patch11: 0001-Fix-issues-found-by-Coverity.patch Patch12: 0001-Change-qualified-names-default-for-IPA.patch Patch13: 0001-IPA-do-not-call-sssd-enable-logins.patch # rhbz#1747454 - rebuild fails if DISTRO variable is exported Patch14: 0001-configure-do-not-inherit-DISTRO-from-the-environment.patch # rhbz#1747452 - realmd.conf user-principal RFE and clarification (plus dependencies) Patch15: 0001-doc-Add-short-arguments-like-U-arguments-to-realm-ma.patch Patch16: 0001-doc-make-sure-cross-reference-ids-are-predictable.patch Patch17: 0001-doc-extend-user-principal-section.patch # rhbz#1747457 - realmd.conf documentation incorrect Patch18: 0001-doc-fix-discover-name-only.patch Patch19: 0002-doc-add-see-also-to-man-pages.patch # rhbz#1747456 - Document realmd.conf and how realmd reads the configuration Patch20: 0001-doc-extend-description-of-config-handling.patch # rhbz#1801195 Patch21: 0001-service-use-kerberos-method-secrets-and-keytab.patch # rhbz#1859503 - Realm join fails with error 'Failed to join domain: failed to # lookup DC info ...' Patch22: 0001-service-use-net-ads-join-with-k-for-user-join-as-wel.patch # rhbz#1867912 - realm command to use option like dnshostname=fqdn Patch23: 0001-service-use-additional-dns-hostnames-with-net-ads-jo.patch # rhbz#1791016 - realmd should handle default_realm in krb5.conf Patch24: 0001-Kerberos-add-default_domain-and-udp_preference_limit.patch # rhbz#1826964 - [RFE] Enable LDAPS functionality in realmd join Patch25: 0001-tools-Update-the-usage-help-text-of-the-realm-comman.patch Patch26: 0001-Use-startTLS-with-FreeIPA.patch Patch27: 0001-service-add-REALM_DBUS_OPTION_USE_LDAPS-and-realm_ge.patch Patch28: 0002-service-allow-to-use-ldaps-for-rootDSE-lookup.patch Patch29: 0003-service-add-ldaps-support-when-using-adcli.patch Patch30: 0004-service-do-not-copy-option-values-to-avoid-memory-le.patch Patch31: 0005-tools-add-use-ldaps-option-for-discover-join-and-lea.patch Patch32: 0006-ldap-generate-proper-ldap-uri-for-IPv6-addresses.patch Patch33: 0001-ldap-setup-TLS-when-using-ldaps.patch Patch34: 0001-service-make-sure-use_ldaps-is-not-only-set-for-auto.patch Patch35: 0002-service-avoid-crash-if-LDAP-connection-fails.patch Patch36: 0003-service-make-TLS-check-more-releaxed.patch Patch37: 0001-doc-add-computer-name-to-realm-man-page.patch Patch38: 0001-build-add-with-vendor-error-message-configure-option.patch BuildRequires: gcc BuildRequires: automake BuildRequires: autoconf BuildRequires: intltool pkgconfig BuildRequires: gettext-devel BuildRequires: glib2-devel >= 2.32.0 BuildRequires: openldap-devel BuildRequires: polkit-devel BuildRequires: krb5-devel BuildRequires: systemd-devel BuildRequires: libxslt BuildRequires: xmlto BuildRequires: %{_bindir}/python3 Requires: authselect Requires: polkit %description realmd is a DBus system service which manages discovery and enrollment in realms and domains like Active Directory or IPA. The control center uses realmd as the back end to 'join' a domain simply and automatically configure things correctly. %package devel-docs Summary: Developer documentation files for %{name} %description devel-docs The %{name}-devel package contains developer documentation for developing applications that use %{name}. %define _hardened_build 1 %prep %autosetup -p1 %build autoreconf -fi %configure --disable-silent-rules \ %if 0%{?rhel} --with-vendor-error-message='Please check\n https://red.ht/support_rhel_ad \nto get help for common issues.' \ %endif %{nil} make %{?_smp_mflags} %check make check %install make install DESTDIR=%{buildroot} %find_lang realmd %post %systemd_post realmd.service %preun %systemd_preun realmd.service %postun %systemd_postun_with_restart realmd.service %files -f realmd.lang %doc AUTHORS COPYING NEWS README %{_sysconfdir}/dbus-1/system.d/org.freedesktop.realmd.conf %{_sbindir}/realm %dir %{_prefix}/lib/realmd %{_prefix}/lib/realmd/realmd %{_prefix}/lib/realmd/realmd-defaults.conf %{_prefix}/lib/realmd/realmd-distro.conf %{_unitdir}/realmd.service %{_datadir}/dbus-1/system-services/org.freedesktop.realmd.service %{_datadir}/polkit-1/actions/org.freedesktop.realmd.policy %{_mandir}/man8/realm.8.gz %{_mandir}/man5/realmd.conf.5.gz %{_localstatedir}/cache/realmd/ %files devel-docs %doc %{_datadir}/doc/realmd/ %doc ChangeLog %changelog * Tue May 11 2021 Sumit Bose - 0.16.3-23 - Add restart macro and vendor message to spec file Resolves: rhbz#1926046 * Thu Dec 03 2020 Sumit Bose - 0.16.3-22 - Add fixes LDAPS functionality Resolves: rhbz#1826964 * Thu Nov 26 2020 Sumit Bose - 0.16.3-21 - Add missing patch for LDAPS functionality Resolves: rhbz#1826964 * Thu Nov 05 2020 Sumit Bose - 0.16.3-20 - realmd should handle default_realm in krb5.conf Resolves: rhbz#1791016 - [RFE] Enable LDAPS functionality in realmd join Resolves: rhbz#1826964 * Thu Aug 13 2020 Sumit Bose - 0.16.3-19 - Realm join fails with error 'Failed to join domain: failed to lookup DC info ...' Resolves: rhbz#1859503 - realm command to use option like dnshostname=fqdn Resolves: rhbz#1867912 * Fri Feb 21 2020 Sumit Bose - 0.16.3-18 - Fix kerberos method Resolves: rhbz#1801195 * Sun Dec 01 2019 Sumit Bose - 0.16.3-17 - rebuild fails if DISTRO variable is exported Resolves: rhbz#1747454 - realmd.conf user-principal RFE and clarification Resolves: rhbz#1747452 - realmd.conf documentation incorrect Resolves: rhbz#1747457 - Document realmd.conf and how realmd reads the configuration Resolves: rhbz#1747456 * Thu Sep 27 2018 Sumit Bose - 0.16.3-16 - Do not call authselect for IPA domains Resolves: rhbz#1633572 * Wed Aug 22 2018 Sumit Bose - 0.16.3-15 - Change IPA defaults Resolves: rhbz#1619162 * Tue Aug 14 2018 Sumit Bose - 0.16.3-14 - Fix python BuildRequires Resolves: rhbz#1615564 - Add RHEL specific patch for IPA Resolves: rhbz#1615320 - Fix issues found by Coverity Resolves: rhbz#1602677 * Wed Jul 04 2018 Sumit Bose - 0.16.3-13 - Add latests patches from RHEL7 - Add polkit runtime dependency Resolves: rhbz#1577179 - Drop python2 build dependency Resolves: rhbz#1595813 - Fix documentation reference in systemd unit file Resolves: rhbz#1596325 * Sun Mar 18 2018 René Genz - 0.16.3-12 - use correct authselect syntax for *-disable-logins to fix rhbz#1558245 - Iryna Shcherbina Update Python 2 dependency declarations to new packaging standards (See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3) * Thu Mar 01 2018 Sumit Bose - 0.16.3-11 - Require authselect instead of authconfig, related: rhbz#1537246 * Tue Feb 20 2018 Sumit Bose - 0.16.3-10 - added BuildRequires gcc - Use authselect instead of authconfig, related: rhbz#1537246 * Fri Feb 09 2018 Fedora Release Engineering - 0.16.3-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Tue Sep 05 2017 Petr Pisar - 0.16.3-8 - Update all m4 macros to prevent from mismatching between Automake versions * Thu Aug 03 2017 Fedora Release Engineering - 0.16.3-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild * Thu Jul 27 2017 Fedora Release Engineering - 0.16.3-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild * Tue Apr 25 2017 Sumit Bose - 0.16.3-5 - Resolves: rhbz#1445017 * Sat Feb 11 2017 Fedora Release Engineering - 0.16.3-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild * Thu Jan 19 2017 Merlin Mathesius - 0.16.3-3 - Add BuildRequires: python to fix FTBFS (BZ#1415000). * Tue Dec 13 2016 Sumit Bose - 0.16.3-2 - Resolves: rhbz#1401605 * Wed Nov 30 2016 Sumit Bose - 0.16.3-1 - Updated to upstream 0.16.3 plus patches from git master * Fri Jun 03 2016 Sumit Bose - 0.16.2-5 - properly apply patch for rhbz#1330766 - Resolves: rhbz#1330766 * Wed May 18 2016 Sumit Bose - 0.16.2-4 - Resolves: rhbz#1330766 * Thu Feb 04 2016 Fedora Release Engineering - 0.16.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild * Fri Sep 11 2015 Stef Walter - 0.16.2-2 - Fixed --computer-ou regression - Show message when installing packages * Fri Jul 31 2015 Stef Walter - 0.16.2-1 - Updated to upstream 0.16.2 - Install to $prefix/lib instead of $libdir - Resolves: rhbz#1246741 * Tue Jul 14 2015 Stef Walter - 0.16.1-1 - Updated to upstream 0.16.1 - Resolves: rhbz#1231128 * Thu Jun 18 2015 Fedora Release Engineering - 0.16.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild * Tue Apr 14 2015 Stef Walter - 0.16.0-1 - Updated to upstream 0.16.0 - Resolves: rhbz#1205753 - Resolves: rhbz#1142190 - Resolves: rhbz#1061091 - Resolves: rhbz#1205752 * Thu Apr 09 2015 Stephen Gallagher - 0.15.2-2 - Resolves: rhbz#1210483 * Mon Oct 06 2014 Stef Walter - 0.15.2-1 - Update to upstream 0.15.2 * Sun Aug 17 2014 Fedora Release Engineering - 0.15.1-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sun Jun 08 2014 Fedora Release Engineering - 0.15.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Sat May 31 2014 Peter Robinson 0.15.1-2 - Move ChangeLog to devel-docs. NEWS is probably riveting enough for users * Fri May 23 2014 Stef Walter - 0.15.1-1 - Update to upstream 0.15.1 - Remove the packagekit patch that's now integrated upstream * Thu Jan 30 2014 Richard Hughes - 0.15.0-2 - Rebuild for libpackagekit-glib soname bump * Tue Jan 07 2014 Stef Walter - 0.15.0-1 - Update to upstream 0.15.0 release, fixing various bugs * Mon Sep 09 2013 Stef Walter - 0.14.6-1 - Update to upstream 0.14.6 point release - Set 'kerberos method = system keytab' in smb.conf properly - Limit Netbios name to 15 chars when joining AD domain * Thu Aug 15 2013 Stef Walter - 0.14.5-1 - Update to upstream 0.14.5 point release - Fix regression conflicting --unattended and -U as in --user args - Pass discovered server address to adcli tool * Wed Aug 07 2013 Stef Walter - 0.14.4-1 - Update to upstream 0.14.4 point release - Fix up the [sssd] section in sssd.conf if it's screwed up - Add an --unattended argument to realm command line client - Clearer 'realm permit' manual page example * Wed Aug 07 2013 Stef Walter - 0.14.3-1 - Update to upstream 0.14.3 point release - Populate LoginFormats correctly [#961442] - Documentation clarifications - Set sssd.conf default_shell per domain - Notify in terminal output when installing packages - If joined via adcli, delete computer with adcli too [#961244] - If input is not a tty, read from stdin without getpass() [#983153] - Configure pam_winbind.conf appropriately [#983153] - Refer to FreeIPA as IPA - Support use of kerberos ccache to join when winbind * Sun Aug 04 2013 Fedora Release Engineering - 0.14.2-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Mon Jul 15 2013 Stef Walter - 0.14.2-4 - Build with verbose automake output * Tue Jun 11 2013 Stef Walter - 0.14.2-3 - Run test suite when building the package - Fix rpmlint errors * Thu Jun 06 2013 Stef Walter - 0.14.2-2 - Install oddjobd and oddjob-mkhomedir when joining domains [#969441] * Mon May 27 2013 Stef Walter - 0.14.2-1 - Update to upstream 0.14.2 version - Discover FreeIPA 3.0 with AD trust correctly [#966148] - Only allow joining one realm by default [#966650] - Enable the oddjobd service after joining a domain [#964971] - Remove sssd.conf allow lists when permitting all [#965760] - Add dependency on authconfig [#964675] - Remove glib-networking dependency now that we no longer use SSL. * Mon May 13 2013 Stef Walter - 0.14.1-1 - Update to upstream 0.14.1 version - Fix crasher/regression using passwords with joins [#961435] - Make second Ctrl-C just quit realm tool [#961325] - Fix critical warning when leaving IPA realm [#961320] - Don't print out journalctl command in obvious situations [#961230] - Document the --all option to 'realm discover' [#961279] - No need to require sssd-tools package [#961254] - Enable services even in install mode [#960887] - Use the AD domain name in sssd.conf directly [#960270] - Fix critical warning when service Release() method [#961385] * Mon May 06 2013 Stef Walter - 0.14.0-1 - Work around broken krb5 with empty passwords [#960001] - Add manual page for realmd.conf [#959357] - Update to upstream 0.14.0 version * Thu May 02 2013 Stef Walter - 0.13.91-1 - Fix regression when using one time password [#958667] - Support for permitting logins by group [#887675] * Mon Apr 29 2013 Stef Walter - 0.13.90-1 - Add option to disable package-kit installs [#953852] - Add option to use unqualified names [#953825] - Better discovery of domains [#953153] - Concept of managing parts of the system [#914892] - Fix problems with cache directory [#913457] - Clearly explain when realm cannot be joined [#878018] - Many other upstream enhancements and fixes * Wed Apr 17 2013 Stef Walter - 0.13.3-2 - Add missing glib-networking dependency, currently used for FreeIPA discovery [#953151] * Wed Apr 17 2013 Stef Walter - 0.13.3-1 - Update for upstream 0.13.3 version - Add dependency on systemd for installing service file * Tue Apr 16 2013 Stef Walter - 0.13.2-2 - Fix problem with sssd not starting after joining * Mon Feb 18 2013 Stef Walter - 0.13.2-1 - Update to upstream 0.13.2 version * Mon Feb 18 2013 Stef Walter - 0.13.1-1 - Update to upstream 0.13.1 version for bug fixes * Thu Feb 14 2013 Fedora Release Engineering - 0.12-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Mon Nov 12 2012 Stef Walter - 0.12-1 - Update to upstream 0.12 version for bug fixes * Tue Oct 30 2012 Stef Walter - 0.11-1 - Update to upstream 0.11 version * Sat Oct 20 2012 Stef Walter - 0.10-1 - Update to upstream 0.10 version * Wed Oct 17 2012 Stef Walter - 0.9-1 - Update to upstream 0.9 version * Wed Sep 19 2012 Stef Walter - 0.8-2 - Add openldap-devel build requirement * Wed Sep 19 2012 Stef Walter - 0.8-1 - Update to upstream 0.8 version - Add support for translations * Mon Aug 20 2012 Stef Walter - 0.7-2 - Build requires gtk-doc * Mon Aug 20 2012 Stef Walter - 0.7-1 - Update to upstream 0.7 version - Remove files no longer present in upstream version - Put documentation in its own realmd-devel-docs subpackage - Update upstream URLs * Mon Aug 6 2012 Stef Walter - 0.6-1 - Update to upstream 0.6 version * Tue Jul 17 2012 Stef Walter - 0.5-2 - Remove missing SssdIpa.service file from the files list. This file will return upstream in 0.6 * Tue Jul 17 2012 Stef Walter - 0.5-1 - Update to upstream 0.5 version * Tue Jun 19 2012 Stef Walter - 0.4-1 - Update to upstream 0.4 version - Cleanup various rpmlint warnings * Tue Jun 19 2012 Stef Walter - 0.3-2 - Add doc files - Own directories - Remove obsolete parts of spec file - Remove explicit dependencies - Updated License line to LGPLv2+ * Tue Jun 19 2012 Stef Walter - 0.3 - Build fixes * Mon Jun 18 2012 Stef Walter - 0.2 - Initial RPM